Add new socket ioctls SIOC[SG]TUNFIB to set FIB number of encapsulated

packets on tunnel interfaces. Add support of these ioctls to gre(4), gif(4) and me(4) interfaces. For incoming packets M_SETFIB() should use if_fib value from ifnet structure, use proper value in gre(4) and me(4). Differential Revision: https://reviews.freebsd.org/D2462 No objection from: #network MFC after: 2 weeks Sponsored by: Yandex LLC
2015-05-12 07:37:27 +00:00 · 2015-05-12 07:37:27 +00:00 · eccfe69a5c
commit eccfe69a5c
parent 0a23444a57
6 changed files with 78 additions and 12 deletions
--- a/sbin/ifconfig/ifconfig.8
+++ b/sbin/ifconfig/ifconfig.8
@ -316,6 +316,14 @@ using the
 kernel configuration option, or the
 .Va net.fibs
 tunable.
+.It Cm tunnelfib Ar fib_number
+Specify tunnel FIB.
+A FIB
+.Ar fib_number
+is assigned to all packets encapsulated by tunnel interface, e.g.,
+.Xr gif 4
+and
+.Xr gre 4 .
 .It Cm maclabel Ar label
 If Mandatory Access Control support is enabled in the kernel,
 set the MAC label to
--- a/sbin/ifconfig/iffib.c
+++ b/sbin/ifconfig/iffib.c
@ -50,15 +50,15 @@ fib_status(int s)

 	memset(&ifr, 0, sizeof(ifr));
 	strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name));
+	if (ioctl(s, SIOCGIFFIB, (caddr_t)&ifr) == 0 &&
+	    ifr.ifr_fib != RT_DEFAULT_FIB)
+		printf("\tfib: %u\n", ifr.ifr_fib);

-	if (ioctl(s, SIOCGIFFIB, (caddr_t)&ifr) < 0)
-		return;
-
-	/* Ignore if it is the default. */
-	if (ifr.ifr_fib == 0)
-		return;
-
-	printf("\tfib: %u\n", ifr.ifr_fib);
+	memset(&ifr, 0, sizeof(ifr));
+	strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name));
+	if (ioctl(s, SIOCGTUNFIB, (caddr_t)&ifr) == 0 &&
+	    ifr.ifr_fib != RT_DEFAULT_FIB)
+		printf("\ttunnelfib: %u\n", ifr.ifr_fib);
 }

 static void
@ -80,8 +80,28 @@ setiffib(const char *val, int dummy __unused, int s,
 		warn("ioctl (SIOCSIFFIB)");
 }

+static void
+settunfib(const char *val, int dummy __unused, int s,
+    const struct afswtch *afp)
+{
+	unsigned long fib;
+	char *ep;
+
+	fib = strtoul(val, &ep, 0);
+	if (*ep != '\0' || fib > UINT_MAX) {
+		warn("fib %s not valid", val);
+		return;
+	}
+
+	strncpy(ifr.ifr_name, name, sizeof (ifr.ifr_name));
+	ifr.ifr_fib = fib;
+	if (ioctl(s, SIOCSTUNFIB, (caddr_t)&ifr) < 0)
+		warn("ioctl (SIOCSTUNFIB)");
+}
+
 static struct cmd fib_cmds[] = {
 	DEF_CMD_ARG("fib", setiffib),
+	DEF_CMD_ARG("tunnelfib", settunfib),
 };

 static struct afswtch af_fib = {
--- a/sys/net/if_gif.c
+++ b/sys/net/if_gif.c
@ -920,6 +920,17 @@ gif_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
 #endif
 		}
 		break;
+	case SIOCGTUNFIB:
+		ifr->ifr_fib = sc->gif_fibnum;
+		break;
+	case SIOCSTUNFIB:
+		if ((error = priv_check(curthread, PRIV_NET_GIF)) != 0)
+			break;
+		if (ifr->ifr_fib >= rt_numfibs)
+			error = EINVAL;
+		else
+			sc->gif_fibnum = ifr->ifr_fib;
+		break;
 	case GIFGOPTS:
 		options = sc->gif_options;
 		error = copyout(&options, ifr->ifr_data, sizeof(options));
@ -935,7 +946,6 @@ gif_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
 		else
 			sc->gif_options = options;
 		break;
-
 	default:
 		error = EINVAL;
 		break;
--- a/sys/net/if_gre.c
+++ b/sys/net/if_gre.c
@ -64,6 +64,7 @@ __FBSDID("$FreeBSD$");
 #include <net/if_types.h>
 #include <net/netisr.h>
 #include <net/vnet.h>
+#include <net/route.h>

 #include <netinet/in.h>
 #ifdef INET
@ -441,6 +442,17 @@ gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
 #endif
 		}
 		break;
+	case SIOCGTUNFIB:
+		ifr->ifr_fib = sc->gre_fibnum;
+		break;
+	case SIOCSTUNFIB:
+		if ((error = priv_check(curthread, PRIV_NET_GRE)) != 0)
+			break;
+		if (ifr->ifr_fib >= rt_numfibs)
+			error = EINVAL;
+		else
+			sc->gre_fibnum = ifr->ifr_fib;
+		break;
 	case GRESKEY:
 		if ((error = priv_check(curthread, PRIV_NET_GRE)) != 0)
 			break;
@ -454,7 +466,8 @@ gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
 		}
 		break;
 	case GREGKEY:
-		error = copyout(&sc->gre_key, ifr->ifr_data, sizeof(sc->gre_key));
+		error = copyout(&sc->gre_key, ifr->ifr_data,
+		    sizeof(sc->gre_key));
 		break;
 	case GRESOPTS:
 		if ((error = priv_check(curthread, PRIV_NET_GRE)) != 0)
@ -725,7 +738,7 @@ gre_input(struct mbuf **mp, int *offp, int proto)
 	m_adj(m, *offp + hlen);
 	m_clrprotoflags(m);
 	m->m_pkthdr.rcvif = ifp;
-	M_SETFIB(m, sc->gre_fibnum);
+	M_SETFIB(m, ifp->if_fib);
 #ifdef MAC
 	mac_ifnet_create_mbuf(ifp, m);
 #endif
--- a/sys/net/if_me.c
+++ b/sys/net/if_me.c
@ -54,6 +54,7 @@ __FBSDID("$FreeBSD$");
 #include <net/if_types.h>
 #include <net/netisr.h>
 #include <net/vnet.h>
+#include <net/route.h>

 #include <netinet/in.h>
 #include <netinet/in_systm.h>
@ -297,6 +298,17 @@ me_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
 		if (error != 0)
 			memset(src, 0, sizeof(*src));
 		break;
+	case SIOCGTUNFIB:
+		ifr->ifr_fib = sc->me_fibnum;
+		break;
+	case SIOCSTUNFIB:
+		if ((error = priv_check(curthread, PRIV_NET_GRE)) != 0)
+			break;
+		if (ifr->ifr_fib >= rt_numfibs)
+			error = EINVAL;
+		else
+			sc->me_fibnum = ifr->ifr_fib;
+		break;
 	default:
 		error = EINVAL;
 		break;
@ -453,7 +465,7 @@ me_input(struct mbuf **mp, int *offp, int proto)
 	m_clrprotoflags(m);
 	m->m_pkthdr.rcvif = ifp;
 	m->m_pkthdr.csum_flags |= (CSUM_IP_CHECKED | CSUM_IP_VALID);
-	M_SETFIB(m, sc->me_fibnum);
+	M_SETFIB(m, ifp->if_fib);
 	hlen = AF_INET;
 	BPF_MTAP2(ifp, &hlen, sizeof(hlen), m);
 	if_inc_counter(ifp, IFCOUNTER_IPACKETS, 1);
--- a/sys/sys/sockio.h
+++ b/sys/sys/sockio.h
@ -114,6 +114,9 @@
 #define	SIOCGIFFIB	_IOWR('i', 92, struct ifreq)	/* get IF fib */
 #define	SIOCSIFFIB	 _IOW('i', 93, struct ifreq)	/* set IF fib */

+#define	SIOCGTUNFIB	_IOWR('i', 94, struct ifreq)	/* get tunnel fib */
+#define	SIOCSTUNFIB	 _IOW('i', 95, struct ifreq)	/* set tunnel fib */
+
 #define	SIOCSDRVSPEC	_IOW('i', 123, struct ifdrv)	/* set driver-specific
 								  parameters */
 #define	SIOCGDRVSPEC	_IOWR('i', 123, struct ifdrv)	/* get driver-specific