1 /* $NetBSD: udp6_usrreq.c,v 1.156 2024/10/08 02:30:05 riastradh Exp $ */ 2 /* $KAME: udp6_usrreq.c,v 1.86 2001/05/27 17:33:00 itojun Exp $ */ 3 /* $KAME: udp6_output.c,v 1.43 2001/10/15 09:19:52 itojun Exp $ */ 4 5 /* 6 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the project nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 /* 35 * Copyright (c) 1982, 1986, 1989, 1993 36 * The Regents of the University of California. All rights reserved. 37 * 38 * Redistribution and use in source and binary forms, with or without 39 * modification, are permitted provided that the following conditions 40 * are met: 41 * 1. Redistributions of source code must retain the above copyright 42 * notice, this list of conditions and the following disclaimer. 43 * 2. Redistributions in binary form must reproduce the above copyright 44 * notice, this list of conditions and the following disclaimer in the 45 * documentation and/or other materials provided with the distribution. 46 * 3. Neither the name of the University nor the names of its contributors 47 * may be used to endorse or promote products derived from this software 48 * without specific prior written permission. 49 * 50 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 51 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 52 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 53 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 54 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 55 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 56 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 57 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 58 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 59 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 60 * SUCH DAMAGE. 61 * 62 * @(#)udp_var.h 8.1 (Berkeley) 6/10/93 63 */ 64 65 #include <sys/cdefs.h> 66 __KERNEL_RCSID(0, "$NetBSD: udp6_usrreq.c,v 1.156 2024/10/08 02:30:05 riastradh Exp $"); 67 68 #ifdef _KERNEL_OPT 69 #include "opt_inet.h" 70 #include "opt_inet_csum.h" 71 #include "opt_ipsec.h" 72 #include "opt_net_mpsafe.h" 73 #endif 74 75 #include <sys/param.h> 76 #include <sys/mbuf.h> 77 #include <sys/protosw.h> 78 #include <sys/socket.h> 79 #include <sys/socketvar.h> 80 #include <sys/systm.h> 81 #include <sys/proc.h> 82 #include <sys/syslog.h> 83 #include <sys/domain.h> 84 #include <sys/sysctl.h> 85 86 #include <net/if.h> 87 #include <net/if_types.h> 88 89 #include <netinet/in.h> 90 #include <netinet/in_var.h> 91 #include <netinet/in_systm.h> 92 #include <netinet/in_offload.h> 93 #include <netinet/ip.h> 94 #include <netinet/ip_var.h> 95 #include <netinet/in_pcb.h> 96 #include <netinet/udp.h> 97 #include <netinet/udp_var.h> 98 #include <netinet/udp_private.h> 99 100 #include <netinet/ip6.h> 101 #include <netinet/icmp6.h> 102 #include <netinet6/ip6_var.h> 103 #include <netinet6/ip6_private.h> 104 #include <netinet6/in6_pcb.h> 105 #include <netinet6/udp6_var.h> 106 #include <netinet6/udp6_private.h> 107 #include <netinet6/ip6protosw.h> 108 #include <netinet6/scope6_var.h> 109 110 #ifdef IPSEC 111 #include <netipsec/ipsec.h> 112 #include <netipsec/esp.h> 113 #ifdef INET6 114 #include <netipsec/ipsec6.h> 115 #endif 116 #endif 117 118 #include "faith.h" 119 #if defined(NFAITH) && NFAITH > 0 120 #include <net/if_faith.h> 121 #endif 122 123 /* 124 * UDP protocol implementation. 125 * Per RFC 768, August, 1980. 126 */ 127 128 extern struct inpcbtable udbtable; 129 130 percpu_t *udp6stat_percpu; 131 132 /* UDP on IP6 parameters */ 133 static int udp6_sendspace = 9216; /* really max datagram size */ 134 static int udp6_recvspace = 40 * (1024 + sizeof(struct sockaddr_in6)); 135 /* 40 1K datagrams */ 136 137 static void udp6_notify(struct inpcb *, int); 138 static void sysctl_net_inet6_udp6_setup(struct sysctllog **); 139 #ifdef IPSEC 140 static int udp6_espinudp(struct mbuf **, int); 141 #endif 142 143 #ifdef UDP_CSUM_COUNTERS 144 #include <sys/device.h> 145 struct evcnt udp6_hwcsum_bad = EVCNT_INITIALIZER(EVCNT_TYPE_MISC, 146 NULL, "udp6", "hwcsum bad"); 147 struct evcnt udp6_hwcsum_ok = EVCNT_INITIALIZER(EVCNT_TYPE_MISC, 148 NULL, "udp6", "hwcsum ok"); 149 struct evcnt udp6_hwcsum_data = EVCNT_INITIALIZER(EVCNT_TYPE_MISC, 150 NULL, "udp6", "hwcsum data"); 151 struct evcnt udp6_swcsum = EVCNT_INITIALIZER(EVCNT_TYPE_MISC, 152 NULL, "udp6", "swcsum"); 153 154 EVCNT_ATTACH_STATIC(udp6_hwcsum_bad); 155 EVCNT_ATTACH_STATIC(udp6_hwcsum_ok); 156 EVCNT_ATTACH_STATIC(udp6_hwcsum_data); 157 EVCNT_ATTACH_STATIC(udp6_swcsum); 158 159 #define UDP_CSUM_COUNTER_INCR(ev) (ev)->ev_count++ 160 #else 161 #define UDP_CSUM_COUNTER_INCR(ev) /* nothing */ 162 #endif 163 164 void 165 udp6_init(void) 166 { 167 sysctl_net_inet6_udp6_setup(NULL); 168 udp6stat_percpu = percpu_alloc(sizeof(uint64_t) * UDP6_NSTATS); 169 170 udp_init_common(); 171 } 172 173 /* 174 * Notify a udp user of an asynchronous error; 175 * just wake up so that he can collect error status. 176 */ 177 static void 178 udp6_notify(struct inpcb *inp, int errno) 179 { 180 inp->inp_socket->so_error = errno; 181 sorwakeup(inp->inp_socket); 182 sowwakeup(inp->inp_socket); 183 } 184 185 void * 186 udp6_ctlinput(int cmd, const struct sockaddr *sa, void *d) 187 { 188 struct udphdr uh; 189 struct ip6_hdr *ip6; 190 const struct sockaddr_in6 *sa6 = (const struct sockaddr_in6 *)sa; 191 struct mbuf *m; 192 int off; 193 void *cmdarg; 194 struct ip6ctlparam *ip6cp = NULL; 195 const struct sockaddr_in6 *sa6_src = NULL; 196 void (*notify)(struct inpcb *, int) = udp6_notify; 197 struct udp_portonly { 198 u_int16_t uh_sport; 199 u_int16_t uh_dport; 200 } *uhp; 201 202 if (sa->sa_family != AF_INET6 || 203 sa->sa_len != sizeof(struct sockaddr_in6)) 204 return NULL; 205 206 if ((unsigned)cmd >= PRC_NCMDS) 207 return NULL; 208 if (PRC_IS_REDIRECT(cmd)) 209 notify = in6pcb_rtchange, d = NULL; 210 else if (cmd == PRC_HOSTDEAD) 211 d = NULL; 212 else if (cmd == PRC_MSGSIZE) { 213 /* special code is present, see below */ 214 notify = in6pcb_rtchange; 215 } 216 else if (inet6ctlerrmap[cmd] == 0) 217 return NULL; 218 219 /* if the parameter is from icmp6, decode it. */ 220 if (d != NULL) { 221 ip6cp = (struct ip6ctlparam *)d; 222 m = ip6cp->ip6c_m; 223 ip6 = ip6cp->ip6c_ip6; 224 off = ip6cp->ip6c_off; 225 cmdarg = ip6cp->ip6c_cmdarg; 226 sa6_src = ip6cp->ip6c_src; 227 } else { 228 m = NULL; 229 ip6 = NULL; 230 cmdarg = NULL; 231 sa6_src = &sa6_any; 232 off = 0; 233 } 234 235 if (ip6) { 236 /* check if we can safely examine src and dst ports */ 237 if (m->m_pkthdr.len < off + sizeof(*uhp)) { 238 if (cmd == PRC_MSGSIZE) 239 icmp6_mtudisc_update((struct ip6ctlparam *)d, 0); 240 return NULL; 241 } 242 243 memset(&uh, 0, sizeof(uh)); 244 m_copydata(m, off, sizeof(*uhp), (void *)&uh); 245 246 if (cmd == PRC_MSGSIZE) { 247 int valid = 0; 248 249 /* 250 * Check to see if we have a valid UDP socket 251 * corresponding to the address in the ICMPv6 message 252 * payload. 253 */ 254 if (in6pcb_lookup(&udbtable, &sa6->sin6_addr, 255 uh.uh_dport, (const struct in6_addr *)&sa6_src->sin6_addr, 256 uh.uh_sport, 0, 0)) 257 valid++; 258 #if 0 259 /* 260 * As the use of sendto(2) is fairly popular, 261 * we may want to allow non-connected pcb too. 262 * But it could be too weak against attacks... 263 * We should at least check if the local address (= s) 264 * is really ours. 265 */ 266 else if (in6pcb_lookup_bound(&udbtable, &sa6->sin6_addr, 267 uh.uh_dport, 0)) 268 valid++; 269 #endif 270 271 /* 272 * Depending on the value of "valid" and routing table 273 * size (mtudisc_{hi,lo}wat), we will: 274 * - recalculate the new MTU and create the 275 * corresponding routing entry, or 276 * - ignore the MTU change notification. 277 */ 278 icmp6_mtudisc_update((struct ip6ctlparam *)d, valid); 279 280 /* 281 * regardless of if we called 282 * icmp6_mtudisc_update(), we need to call 283 * in6pcb_notify(), to notify path MTU change 284 * to the userland (RFC3542), because some 285 * unconnected sockets may share the same 286 * destination and want to know the path MTU. 287 */ 288 } 289 290 (void)in6pcb_notify(&udbtable, sa, uh.uh_dport, 291 sin6tocsa(sa6_src), uh.uh_sport, cmd, cmdarg, 292 notify); 293 } else { 294 (void)in6pcb_notify(&udbtable, sa, 0, 295 sin6tocsa(sa6_src), 0, cmd, cmdarg, notify); 296 } 297 return NULL; 298 } 299 300 int 301 udp6_ctloutput(int op, struct socket *so, struct sockopt *sopt) 302 { 303 int s; 304 int error = 0; 305 struct inpcb *inp; 306 int family; 307 int optval; 308 309 family = so->so_proto->pr_domain->dom_family; 310 311 s = splsoftnet(); 312 switch (family) { 313 #ifdef INET 314 case PF_INET: 315 if (sopt->sopt_level != IPPROTO_UDP) { 316 error = ip_ctloutput(op, so, sopt); 317 goto end; 318 } 319 break; 320 #endif 321 #ifdef INET6 322 case PF_INET6: 323 if (sopt->sopt_level != IPPROTO_UDP) { 324 error = ip6_ctloutput(op, so, sopt); 325 goto end; 326 } 327 break; 328 #endif 329 default: 330 error = EAFNOSUPPORT; 331 goto end; 332 } 333 334 switch (op) { 335 case PRCO_SETOPT: 336 inp = sotoinpcb(so); 337 338 switch (sopt->sopt_name) { 339 case UDP_ENCAP: 340 error = sockopt_getint(sopt, &optval); 341 if (error) 342 break; 343 344 switch(optval) { 345 case 0: 346 inp->inp_flags &= ~IN6P_ESPINUDP; 347 break; 348 349 case UDP_ENCAP_ESPINUDP: 350 inp->inp_flags |= IN6P_ESPINUDP; 351 break; 352 353 default: 354 error = EINVAL; 355 break; 356 } 357 break; 358 359 default: 360 error = ENOPROTOOPT; 361 break; 362 } 363 break; 364 365 default: 366 error = EINVAL; 367 break; 368 } 369 370 end: 371 splx(s); 372 return error; 373 } 374 375 static void 376 udp6_sendup(struct mbuf *m, int off /* offset of data portion */, 377 struct sockaddr *src, struct socket *so) 378 { 379 struct mbuf *opts = NULL; 380 struct mbuf *n; 381 struct inpcb *inp; 382 383 KASSERT(so != NULL); 384 KASSERT(so->so_proto->pr_domain->dom_family == AF_INET6); 385 inp = sotoinpcb(so); 386 KASSERT(inp != NULL); 387 388 #if defined(IPSEC) 389 if (ipsec_used && ipsec_in_reject(m, inp)) { 390 if ((n = m_copypacket(m, M_DONTWAIT)) != NULL) 391 icmp6_error(n, ICMP6_DST_UNREACH, 392 ICMP6_DST_UNREACH_ADMIN, 0); 393 return; 394 } 395 #endif 396 397 if ((n = m_copypacket(m, M_DONTWAIT)) != NULL) { 398 if (inp->inp_flags & IN6P_CONTROLOPTS || 399 SOOPT_TIMESTAMP(inp->inp_socket->so_options)) { 400 struct ip6_hdr *ip6 = mtod(n, struct ip6_hdr *); 401 ip6_savecontrol(inp, &opts, ip6, n); 402 } 403 404 m_adj(n, off); 405 if (sbappendaddr(&so->so_rcv, src, n, opts) == 0) { 406 m_freem(n); 407 m_freem(opts); 408 UDP6_STATINC(UDP6_STAT_FULLSOCK); 409 soroverflow(so); 410 } else 411 sorwakeup(so); 412 } 413 } 414 415 int 416 udp6_realinput(int af, struct sockaddr_in6 *src, struct sockaddr_in6 *dst, 417 struct mbuf **mp, int off) 418 { 419 u_int16_t sport, dport; 420 int rcvcnt; 421 struct in6_addr src6, *dst6; 422 const struct in_addr *dst4; 423 struct inpcb *inp; 424 struct mbuf *m = *mp; 425 426 rcvcnt = 0; 427 off += sizeof(struct udphdr); /* now, offset of payload */ 428 429 if (af != AF_INET && af != AF_INET6) 430 goto bad; 431 if (src->sin6_family != AF_INET6 || dst->sin6_family != AF_INET6) 432 goto bad; 433 434 src6 = src->sin6_addr; 435 if (sa6_recoverscope(src) != 0) { 436 /* XXX: should be impossible. */ 437 goto bad; 438 } 439 sport = src->sin6_port; 440 441 dport = dst->sin6_port; 442 dst4 = (struct in_addr *)&dst->sin6_addr.s6_addr[12]; 443 dst6 = &dst->sin6_addr; 444 445 if (IN6_IS_ADDR_MULTICAST(dst6) || 446 (af == AF_INET && IN_MULTICAST(dst4->s_addr))) { 447 /* 448 * Deliver a multicast or broadcast datagram to *all* sockets 449 * for which the local and remote addresses and ports match 450 * those of the incoming datagram. This allows more than 451 * one process to receive multi/broadcasts on the same port. 452 * (This really ought to be done for unicast datagrams as 453 * well, but that would cause problems with existing 454 * applications that open both address-specific sockets and 455 * a wildcard socket listening to the same port -- they would 456 * end up receiving duplicates of every unicast datagram. 457 * Those applications open the multiple sockets to overcome an 458 * inadequacy of the UDP socket interface, but for backwards 459 * compatibility we avoid the problem here rather than 460 * fixing the interface. Maybe 4.5BSD will remedy this?) 461 */ 462 463 /* 464 * KAME note: traditionally we dropped udpiphdr from mbuf here. 465 * we need udpiphdr for IPsec processing so we do that later. 466 */ 467 /* 468 * Locate pcb(s) for datagram. 469 */ 470 TAILQ_FOREACH(inp, &udbtable.inpt_queue, inp_queue) { 471 if (inp->inp_af != AF_INET6) 472 continue; 473 474 if (inp->inp_lport != dport) 475 continue; 476 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p_laddr(inp))) { 477 if (!IN6_ARE_ADDR_EQUAL(&in6p_laddr(inp), 478 dst6)) 479 continue; 480 } else { 481 if (IN6_IS_ADDR_V4MAPPED(dst6) && 482 (inp->inp_flags & IN6P_IPV6_V6ONLY)) 483 continue; 484 } 485 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p_faddr(inp))) { 486 if (!IN6_ARE_ADDR_EQUAL(&in6p_faddr(inp), 487 &src6) || inp->inp_fport != sport) 488 continue; 489 } else { 490 if (IN6_IS_ADDR_V4MAPPED(&src6) && 491 (inp->inp_flags & IN6P_IPV6_V6ONLY)) 492 continue; 493 } 494 495 udp6_sendup(m, off, sin6tosa(src), inp->inp_socket); 496 rcvcnt++; 497 498 /* 499 * Don't look for additional matches if this one does 500 * not have either the SO_REUSEPORT or SO_REUSEADDR 501 * socket options set. This heuristic avoids searching 502 * through all pcbs in the common case of a non-shared 503 * port. It assumes that an application will never 504 * clear these options after setting them. 505 */ 506 if ((inp->inp_socket->so_options & 507 (SO_REUSEPORT|SO_REUSEADDR)) == 0) 508 break; 509 } 510 } else { 511 /* 512 * Locate pcb for datagram. 513 */ 514 inp = in6pcb_lookup(&udbtable, &src6, sport, dst6, 515 dport, 0, 0); 516 if (inp == NULL) { 517 UDP_STATINC(UDP_STAT_PCBHASHMISS); 518 inp = in6pcb_lookup_bound(&udbtable, dst6, dport, 0); 519 if (inp == NULL) 520 return rcvcnt; 521 } 522 523 #ifdef IPSEC 524 /* Handle ESP over UDP */ 525 if (inp->inp_flags & IN6P_ESPINUDP) { 526 switch (udp6_espinudp(mp, off)) { 527 case -1: /* Error, m was freed */ 528 KASSERT(*mp == NULL); 529 rcvcnt = -1; 530 goto bad; 531 532 case 1: /* ESP over UDP */ 533 KASSERT(*mp == NULL); 534 rcvcnt++; 535 goto bad; 536 537 case 0: /* plain UDP */ 538 default: /* Unexpected */ 539 /* 540 * Normal UDP processing will take place, 541 * m may have changed. 542 */ 543 m = *mp; 544 break; 545 } 546 } 547 #endif 548 549 if (inp->inp_overudp_cb != NULL) { 550 int ret; 551 ret = inp->inp_overudp_cb(mp, off, inp->inp_socket, 552 sin6tosa(src), inp->inp_overudp_arg); 553 switch (ret) { 554 case -1: /* Error, m was freed */ 555 KASSERT(*mp == NULL); 556 rcvcnt = -1; 557 goto bad; 558 559 case 1: /* Foo over UDP */ 560 KASSERT(*mp == NULL); 561 rcvcnt++; 562 goto bad; 563 564 case 0: /* plain UDP */ 565 default: /* Unexpected */ 566 /* 567 * Normal UDP processing will take place, 568 * m may have changed. 569 */ 570 m = *mp; 571 break; 572 } 573 } 574 575 udp6_sendup(m, off, sin6tosa(src), inp->inp_socket); 576 rcvcnt++; 577 } 578 579 bad: 580 return rcvcnt; 581 } 582 583 int 584 udp6_input_checksum(struct mbuf *m, const struct udphdr *uh, int off, int len) 585 { 586 587 /* 588 * XXX it's better to record and check if this mbuf is 589 * already checked. 590 */ 591 592 if (__predict_false((m->m_flags & M_LOOP) && !udp_do_loopback_cksum)) { 593 goto good; 594 } 595 if (uh->uh_sum == 0) { 596 UDP6_STATINC(UDP6_STAT_NOSUM); 597 goto bad; 598 } 599 600 switch (m->m_pkthdr.csum_flags & 601 ((m_get_rcvif_NOMPSAFE(m)->if_csum_flags_rx & M_CSUM_UDPv6) | 602 M_CSUM_TCP_UDP_BAD | M_CSUM_DATA)) { 603 case M_CSUM_UDPv6|M_CSUM_TCP_UDP_BAD: 604 UDP_CSUM_COUNTER_INCR(&udp6_hwcsum_bad); 605 UDP6_STATINC(UDP6_STAT_BADSUM); 606 goto bad; 607 608 #if 0 /* notyet */ 609 case M_CSUM_UDPv6|M_CSUM_DATA: 610 #endif 611 612 case M_CSUM_UDPv6: 613 /* Checksum was okay. */ 614 UDP_CSUM_COUNTER_INCR(&udp6_hwcsum_ok); 615 break; 616 617 default: 618 /* 619 * Need to compute it ourselves. Maybe skip checksum 620 * on loopback interfaces. 621 */ 622 UDP_CSUM_COUNTER_INCR(&udp6_swcsum); 623 if (in6_cksum(m, IPPROTO_UDP, off, len) != 0) { 624 UDP6_STATINC(UDP6_STAT_BADSUM); 625 goto bad; 626 } 627 } 628 629 good: 630 return 0; 631 bad: 632 return -1; 633 } 634 635 int 636 udp6_input(struct mbuf **mp, int *offp, int proto) 637 { 638 struct mbuf *m = *mp; 639 int off = *offp; 640 struct sockaddr_in6 src, dst; 641 struct ip6_hdr *ip6; 642 struct udphdr *uh; 643 u_int32_t plen, ulen; 644 645 ip6 = mtod(m, struct ip6_hdr *); 646 647 #if defined(NFAITH) && 0 < NFAITH 648 if (faithprefix(&ip6->ip6_dst)) { 649 /* send icmp6 host unreach? */ 650 m_freem(m); 651 return IPPROTO_DONE; 652 } 653 #endif 654 655 UDP6_STATINC(UDP6_STAT_IPACKETS); 656 657 /* Check for jumbogram is done in ip6_input. We can trust pkthdr.len. */ 658 plen = m->m_pkthdr.len - off; 659 IP6_EXTHDR_GET(uh, struct udphdr *, m, off, sizeof(struct udphdr)); 660 if (uh == NULL) { 661 IP6_STATINC(IP6_STAT_TOOSHORT); 662 return IPPROTO_DONE; 663 } 664 665 /* 666 * Enforce alignment requirements that are violated in 667 * some cases, see kern/50766 for details. 668 */ 669 if (ACCESSIBLE_POINTER(uh, struct udphdr) == 0) { 670 m = m_copyup(m, off + sizeof(struct udphdr), 0); 671 if (m == NULL) { 672 IP6_STATINC(IP6_STAT_TOOSHORT); 673 return IPPROTO_DONE; 674 } 675 ip6 = mtod(m, struct ip6_hdr *); 676 uh = (struct udphdr *)(mtod(m, char *) + off); 677 } 678 KASSERT(ACCESSIBLE_POINTER(uh, struct udphdr)); 679 ulen = ntohs((u_short)uh->uh_ulen); 680 681 /* 682 * RFC2675 section 4: jumbograms will have 0 in the UDP header field, 683 * iff payload length > 0xffff. 684 */ 685 if (ulen == 0 && plen > 0xffff) 686 ulen = plen; 687 688 if (plen != ulen) { 689 UDP6_STATINC(UDP6_STAT_BADLEN); 690 goto bad; 691 } 692 693 /* destination port of 0 is illegal, based on RFC768. */ 694 if (uh->uh_dport == 0) 695 goto bad; 696 697 /* 698 * Checksum extended UDP header and data. Maybe skip checksum 699 * on loopback interfaces. 700 */ 701 if (udp6_input_checksum(m, uh, off, ulen)) 702 goto bad; 703 704 /* 705 * Construct source and dst sockaddrs. 706 */ 707 memset(&src, 0, sizeof(src)); 708 src.sin6_family = AF_INET6; 709 src.sin6_len = sizeof(struct sockaddr_in6); 710 src.sin6_addr = ip6->ip6_src; 711 src.sin6_port = uh->uh_sport; 712 memset(&dst, 0, sizeof(dst)); 713 dst.sin6_family = AF_INET6; 714 dst.sin6_len = sizeof(struct sockaddr_in6); 715 dst.sin6_addr = ip6->ip6_dst; 716 dst.sin6_port = uh->uh_dport; 717 718 if (udp6_realinput(AF_INET6, &src, &dst, &m, off) == 0) { 719 if (m->m_flags & M_MCAST) { 720 UDP6_STATINC(UDP6_STAT_NOPORTMCAST); 721 goto bad; 722 } 723 UDP6_STATINC(UDP6_STAT_NOPORT); 724 icmp6_error(m, ICMP6_DST_UNREACH, ICMP6_DST_UNREACH_NOPORT, 0); 725 m = NULL; 726 } 727 728 bad: 729 m_freem(m); 730 return IPPROTO_DONE; 731 } 732 733 int 734 udp6_output(struct inpcb * const inp, struct mbuf *m, 735 struct sockaddr_in6 * const addr6, struct mbuf * const control, 736 struct lwp * const l) 737 { 738 u_int32_t ulen = m->m_pkthdr.len; 739 u_int32_t plen = sizeof(struct udphdr) + ulen; 740 struct ip6_hdr *ip6; 741 struct udphdr *udp6; 742 struct in6_addr _laddr, *laddr, *faddr; 743 struct in6_addr laddr_mapped; /* XXX ugly */ 744 struct sockaddr_in6 *sin6 = NULL; 745 struct ifnet *oifp = NULL; 746 int scope_ambiguous = 0; 747 u_int16_t fport; 748 int error = 0; 749 struct ip6_pktopts *optp = NULL; 750 struct ip6_pktopts opt; 751 int af = AF_INET6, hlen = sizeof(struct ip6_hdr); 752 #ifdef INET 753 struct ip *ip; 754 struct udpiphdr *ui; 755 int flags = 0; 756 #endif 757 struct sockaddr_in6 tmp; 758 759 if (addr6) { 760 sin6 = addr6; 761 if (sin6->sin6_len != sizeof(*sin6)) { 762 error = EINVAL; 763 goto release; 764 } 765 if (sin6->sin6_family != AF_INET6) { 766 error = EAFNOSUPPORT; 767 goto release; 768 } 769 770 /* protect *sin6 from overwrites */ 771 tmp = *sin6; 772 sin6 = &tmp; 773 774 /* 775 * Application should provide a proper zone ID or the use of 776 * default zone IDs should be enabled. Unfortunately, some 777 * applications do not behave as it should, so we need a 778 * workaround. Even if an appropriate ID is not determined, 779 * we'll see if we can determine the outgoing interface. If we 780 * can, determine the zone ID based on the interface below. 781 */ 782 if (sin6->sin6_scope_id == 0 && !ip6_use_defzone) 783 scope_ambiguous = 1; 784 if ((error = sa6_embedscope(sin6, ip6_use_defzone)) != 0) 785 goto release; 786 } 787 788 if (control) { 789 if (__predict_false(l == NULL)) { 790 panic("%s: control but no lwp", __func__); 791 } 792 if ((error = ip6_setpktopts(control, &opt, 793 in6p_outputopts(inp), l->l_cred, IPPROTO_UDP)) != 0) 794 goto release; 795 optp = &opt; 796 } else 797 optp = in6p_outputopts(inp); 798 799 800 if (sin6) { 801 /* 802 * Slightly different than v4 version in that we call 803 * in6_selectsrc and in6pcb_set_port to fill in the local 804 * address and port rather than inpcb_connect. inpcb_connect 805 * sets inp_faddr which causes EISCONN below to be hit on 806 * subsequent sendto. 807 */ 808 if (sin6->sin6_port == 0) { 809 error = EADDRNOTAVAIL; 810 goto release; 811 } 812 813 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p_faddr(inp))) { 814 /* how about ::ffff:0.0.0.0 case? */ 815 error = EISCONN; 816 goto release; 817 } 818 819 faddr = &sin6->sin6_addr; 820 fport = sin6->sin6_port; /* allow 0 port */ 821 822 if (IN6_IS_ADDR_V4MAPPED(faddr)) { 823 if ((inp->inp_flags & IN6P_IPV6_V6ONLY)) { 824 /* 825 * I believe we should explicitly discard the 826 * packet when mapped addresses are disabled, 827 * rather than send the packet as an IPv6 one. 828 * If we chose the latter approach, the packet 829 * might be sent out on the wire based on the 830 * default route, the situation which we'd 831 * probably want to avoid. 832 * (20010421 jinmei@kame.net) 833 */ 834 error = EINVAL; 835 goto release; 836 } 837 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p_laddr(inp)) && 838 !IN6_IS_ADDR_V4MAPPED(&in6p_laddr(inp))) { 839 /* 840 * when remote addr is an IPv4-mapped address, 841 * local addr should not be an IPv6 address, 842 * since you cannot determine how to map IPv6 843 * source address to IPv4. 844 */ 845 error = EINVAL; 846 goto release; 847 } 848 849 af = AF_INET; 850 } 851 852 if (!IN6_IS_ADDR_V4MAPPED(faddr)) { 853 struct psref psref; 854 int bound = curlwp_bind(); 855 856 error = in6_selectsrc(sin6, optp, 857 in6p_moptions(inp), 858 &inp->inp_route, 859 &in6p_laddr(inp), &oifp, &psref, &_laddr); 860 if (error) 861 laddr = NULL; 862 else 863 laddr = &_laddr; 864 if (oifp && scope_ambiguous && 865 (error = in6_setscope(&sin6->sin6_addr, 866 oifp, NULL))) { 867 if_put(oifp, &psref); 868 curlwp_bindx(bound); 869 goto release; 870 } 871 if_put(oifp, &psref); 872 curlwp_bindx(bound); 873 } else { 874 /* 875 * XXX: freebsd[34] does not have in_selectsrc, but 876 * we can omit the whole part because freebsd4 calls 877 * udp_output() directly in this case, and thus we'll 878 * never see this path. 879 */ 880 if (IN6_IS_ADDR_UNSPECIFIED(&in6p_laddr(inp))) { 881 struct sockaddr_in sin_dst; 882 struct in_addr ina; 883 struct in_ifaddr *ia4; 884 struct psref _psref; 885 int bound; 886 887 memcpy(&ina, &faddr->s6_addr[12], sizeof(ina)); 888 sockaddr_in_init(&sin_dst, &ina, 0); 889 bound = curlwp_bind(); 890 ia4 = in_selectsrc(&sin_dst, &inp->inp_route, 891 inp->inp_socket->so_options, NULL, 892 &error, &_psref); 893 if (ia4 == NULL) { 894 curlwp_bindx(bound); 895 if (error == 0) 896 error = EADDRNOTAVAIL; 897 goto release; 898 } 899 memset(&laddr_mapped, 0, sizeof(laddr_mapped)); 900 laddr_mapped.s6_addr16[5] = 0xffff; /* ugly */ 901 memcpy(&laddr_mapped.s6_addr[12], 902 &IA_SIN(ia4)->sin_addr, 903 sizeof(IA_SIN(ia4)->sin_addr)); 904 ia4_release(ia4, &_psref); 905 curlwp_bindx(bound); 906 laddr = &laddr_mapped; 907 } else 908 { 909 laddr = &in6p_laddr(inp); /* XXX */ 910 } 911 } 912 if (laddr == NULL) { 913 if (error == 0) 914 error = EADDRNOTAVAIL; 915 goto release; 916 } 917 if (inp->inp_lport == 0) { 918 /* 919 * Craft a sockaddr_in6 for the local endpoint. Use the 920 * "any" as a base, set the address, and recover the 921 * scope. 922 */ 923 struct sockaddr_in6 lsin6 = 924 *((const struct sockaddr_in6 *)inp->inp_socket->so_proto->pr_domain->dom_sa_any); 925 lsin6.sin6_addr = *laddr; 926 error = sa6_recoverscope(&lsin6); 927 if (error) 928 goto release; 929 930 error = in6pcb_set_port(&lsin6, inp, l); 931 932 if (error) { 933 in6p_laddr(inp) = in6addr_any; 934 goto release; 935 } 936 } 937 } else { 938 if (IN6_IS_ADDR_UNSPECIFIED(&in6p_faddr(inp))) { 939 error = ENOTCONN; 940 goto release; 941 } 942 if (IN6_IS_ADDR_V4MAPPED(&in6p_faddr(inp))) { 943 if ((inp->inp_flags & IN6P_IPV6_V6ONLY)) 944 { 945 /* 946 * XXX: this case would happen when the 947 * application sets the V6ONLY flag after 948 * connecting the foreign address. 949 * Such applications should be fixed, 950 * so we bark here. 951 */ 952 log(LOG_INFO, "udp6_output: IPV6_V6ONLY " 953 "option was set for a connected socket\n"); 954 error = EINVAL; 955 goto release; 956 } else 957 af = AF_INET; 958 } 959 laddr = &in6p_laddr(inp); 960 faddr = &in6p_faddr(inp); 961 fport = inp->inp_fport; 962 } 963 964 if (af == AF_INET) 965 hlen = sizeof(struct ip); 966 967 /* 968 * Calculate data length and get a mbuf 969 * for UDP and IP6 headers. 970 */ 971 M_PREPEND(m, hlen + sizeof(struct udphdr), M_DONTWAIT); 972 if (m == NULL) { 973 error = ENOBUFS; 974 goto release; 975 } 976 977 /* 978 * Stuff checksum and output datagram. 979 */ 980 udp6 = (struct udphdr *)(mtod(m, char *) + hlen); 981 udp6->uh_sport = inp->inp_lport; /* lport is always set in the PCB */ 982 udp6->uh_dport = fport; 983 if (plen <= 0xffff) 984 udp6->uh_ulen = htons((u_int16_t)plen); 985 else 986 udp6->uh_ulen = 0; 987 udp6->uh_sum = 0; 988 989 switch (af) { 990 case AF_INET6: 991 ip6 = mtod(m, struct ip6_hdr *); 992 ip6->ip6_flow = in6p_flowinfo(inp) & IPV6_FLOWINFO_MASK; 993 ip6->ip6_vfc &= ~IPV6_VERSION_MASK; 994 ip6->ip6_vfc |= IPV6_VERSION; 995 #if 0 /* ip6_plen will be filled in ip6_output. */ 996 ip6->ip6_plen = htons((u_int16_t)plen); 997 #endif 998 ip6->ip6_nxt = IPPROTO_UDP; 999 ip6->ip6_hlim = in6pcb_selecthlim_rt(inp); 1000 ip6->ip6_src = *laddr; 1001 ip6->ip6_dst = *faddr; 1002 1003 udp6->uh_sum = in6_cksum_phdr(laddr, faddr, 1004 htonl(plen), htonl(IPPROTO_UDP)); 1005 m->m_pkthdr.csum_flags = M_CSUM_UDPv6; 1006 m->m_pkthdr.csum_data = offsetof(struct udphdr, uh_sum); 1007 1008 UDP6_STATINC(UDP6_STAT_OPACKETS); 1009 error = ip6_output(m, optp, &inp->inp_route, 0, 1010 in6p_moptions(inp), inp, NULL); 1011 break; 1012 case AF_INET: 1013 #ifdef INET 1014 /* can't transmit jumbogram over IPv4 */ 1015 if (plen > 0xffff) { 1016 error = EMSGSIZE; 1017 goto release; 1018 } 1019 1020 ip = mtod(m, struct ip *); 1021 ui = (struct udpiphdr *)ip; 1022 memset(ui->ui_x1, 0, sizeof(ui->ui_x1)); 1023 ui->ui_pr = IPPROTO_UDP; 1024 ui->ui_len = htons(plen); 1025 memcpy(&ui->ui_src, &laddr->s6_addr[12], sizeof(ui->ui_src)); 1026 ui->ui_ulen = ui->ui_len; 1027 1028 flags = (inp->inp_socket->so_options & 1029 (SO_DONTROUTE | SO_BROADCAST)); 1030 memcpy(&ui->ui_dst, &faddr->s6_addr[12], sizeof(ui->ui_dst)); 1031 1032 udp6->uh_sum = in_cksum(m, hlen + plen); 1033 if (udp6->uh_sum == 0) 1034 udp6->uh_sum = 0xffff; 1035 1036 ip->ip_len = htons(hlen + plen); 1037 ip->ip_ttl = in6pcb_selecthlim(inp, NULL); /* XXX */ 1038 ip->ip_tos = 0; /* XXX */ 1039 1040 UDP_STATINC(UDP_STAT_OPACKETS); 1041 error = ip_output(m, NULL, &inp->inp_route, flags /* XXX */, 1042 inp->inp_moptions, NULL); 1043 break; 1044 #else 1045 error = EAFNOSUPPORT; 1046 goto release; 1047 #endif 1048 } 1049 goto releaseopt; 1050 1051 release: 1052 m_freem(m); 1053 1054 releaseopt: 1055 if (control) { 1056 if (optp == &opt) 1057 ip6_clearpktopts(&opt, -1); 1058 m_freem(control); 1059 } 1060 return (error); 1061 } 1062 1063 static int 1064 udp6_attach(struct socket *so, int proto) 1065 { 1066 struct inpcb *inp; 1067 int s, error; 1068 1069 KASSERT(sotoinpcb(so) == NULL); 1070 sosetlock(so); 1071 1072 error = soreserve(so, udp6_sendspace, udp6_recvspace); 1073 if (error) { 1074 return error; 1075 } 1076 1077 /* 1078 * MAPPED_ADDR implementation spec: 1079 * Always attach for IPv6, and only when necessary for IPv4. 1080 */ 1081 s = splsoftnet(); 1082 error = inpcb_create(so, &udbtable); 1083 splx(s); 1084 if (error) { 1085 return error; 1086 } 1087 1088 inp = sotoinpcb(so); 1089 in6p_cksum(inp) = -1; /* just to be sure */ 1090 1091 KASSERT(solocked(so)); 1092 return 0; 1093 } 1094 1095 static void 1096 udp6_detach(struct socket *so) 1097 { 1098 struct inpcb *inp = sotoinpcb(so); 1099 int s; 1100 1101 KASSERT(solocked(so)); 1102 KASSERT(inp != NULL); 1103 1104 s = splsoftnet(); 1105 inpcb_destroy(inp); 1106 splx(s); 1107 } 1108 1109 static int 1110 udp6_accept(struct socket *so, struct sockaddr *nam) 1111 { 1112 KASSERT(solocked(so)); 1113 1114 return EOPNOTSUPP; 1115 } 1116 1117 static int 1118 udp6_bind(struct socket *so, struct sockaddr *nam, struct lwp *l) 1119 { 1120 struct inpcb *inp = sotoinpcb(so); 1121 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam; 1122 int error = 0; 1123 int s; 1124 1125 KASSERT(solocked(so)); 1126 KASSERT(inp != NULL); 1127 1128 s = splsoftnet(); 1129 error = in6pcb_bind(inp, sin6, l); 1130 splx(s); 1131 return error; 1132 } 1133 1134 static int 1135 udp6_listen(struct socket *so, struct lwp *l) 1136 { 1137 KASSERT(solocked(so)); 1138 1139 return EOPNOTSUPP; 1140 } 1141 1142 static int 1143 udp6_connect(struct socket *so, struct sockaddr *nam, struct lwp *l) 1144 { 1145 struct inpcb *inp = sotoinpcb(so); 1146 int error = 0; 1147 int s; 1148 1149 KASSERT(solocked(so)); 1150 KASSERT(inp != NULL); 1151 1152 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p_faddr(inp))) 1153 return EISCONN; 1154 s = splsoftnet(); 1155 error = in6pcb_connect(inp, (struct sockaddr_in6 *)nam, l); 1156 splx(s); 1157 if (error == 0) 1158 soisconnected(so); 1159 1160 return error; 1161 } 1162 1163 static int 1164 udp6_connect2(struct socket *so, struct socket *so2) 1165 { 1166 KASSERT(solocked(so)); 1167 1168 return EOPNOTSUPP; 1169 } 1170 1171 static int 1172 udp6_disconnect(struct socket *so) 1173 { 1174 struct inpcb *inp = sotoinpcb(so); 1175 int s; 1176 1177 KASSERT(solocked(so)); 1178 KASSERT(inp != NULL); 1179 1180 if (IN6_IS_ADDR_UNSPECIFIED(&in6p_faddr(inp))) 1181 return ENOTCONN; 1182 1183 s = splsoftnet(); 1184 in6pcb_disconnect(inp); 1185 memset((void *)&in6p_laddr(inp), 0, sizeof(in6p_laddr(inp))); 1186 splx(s); 1187 1188 so->so_state &= ~SS_ISCONNECTED; /* XXX */ 1189 in6pcb_set_state(inp, INP_BOUND); /* XXX */ 1190 return 0; 1191 } 1192 1193 static int 1194 udp6_shutdown(struct socket *so) 1195 { 1196 int s; 1197 1198 s = splsoftnet(); 1199 socantsendmore(so); 1200 splx(s); 1201 1202 return 0; 1203 } 1204 1205 static int 1206 udp6_abort(struct socket *so) 1207 { 1208 int s; 1209 1210 KASSERT(solocked(so)); 1211 KASSERT(sotoinpcb(so) != NULL); 1212 1213 s = splsoftnet(); 1214 soisdisconnected(so); 1215 inpcb_destroy(sotoinpcb(so)); 1216 splx(s); 1217 1218 return 0; 1219 } 1220 1221 static int 1222 udp6_ioctl(struct socket *so, u_long cmd, void *addr6, struct ifnet *ifp) 1223 { 1224 /* 1225 * MAPPED_ADDR implementation info: 1226 * Mapped addr support for PRU_CONTROL is not necessary. 1227 * Because typical user of PRU_CONTROL is such as ifconfig, 1228 * and they don't associate any addr to their socket. Then 1229 * socket family is only hint about the PRU_CONTROL'ed address 1230 * family, especially when getting addrs from kernel. 1231 * So AF_INET socket need to be used to control AF_INET addrs, 1232 * and AF_INET6 socket for AF_INET6 addrs. 1233 */ 1234 return in6_control(so, cmd, addr6, ifp); 1235 } 1236 1237 static int 1238 udp6_stat(struct socket *so, struct stat *ub) 1239 { 1240 KASSERT(solocked(so)); 1241 1242 /* stat: don't bother with a blocksize */ 1243 return 0; 1244 } 1245 1246 static int 1247 udp6_peeraddr(struct socket *so, struct sockaddr *nam) 1248 { 1249 KASSERT(solocked(so)); 1250 KASSERT(sotoinpcb(so) != NULL); 1251 KASSERT(nam != NULL); 1252 1253 in6pcb_fetch_peeraddr(sotoinpcb(so), (struct sockaddr_in6 *)nam); 1254 return 0; 1255 } 1256 1257 static int 1258 udp6_sockaddr(struct socket *so, struct sockaddr *nam) 1259 { 1260 KASSERT(solocked(so)); 1261 KASSERT(sotoinpcb(so) != NULL); 1262 KASSERT(nam != NULL); 1263 1264 in6pcb_fetch_sockaddr(sotoinpcb(so), (struct sockaddr_in6 *)nam); 1265 return 0; 1266 } 1267 1268 static int 1269 udp6_rcvd(struct socket *so, int flags, struct lwp *l) 1270 { 1271 KASSERT(solocked(so)); 1272 1273 return EOPNOTSUPP; 1274 } 1275 1276 static int 1277 udp6_recvoob(struct socket *so, struct mbuf *m, int flags) 1278 { 1279 KASSERT(solocked(so)); 1280 1281 return EOPNOTSUPP; 1282 } 1283 1284 static int 1285 udp6_send(struct socket *so, struct mbuf *m, struct sockaddr *nam, 1286 struct mbuf *control, struct lwp *l) 1287 { 1288 struct inpcb *inp = sotoinpcb(so); 1289 int error = 0; 1290 int s; 1291 1292 KASSERT(solocked(so)); 1293 KASSERT(inp != NULL); 1294 KASSERT(m != NULL); 1295 1296 s = splsoftnet(); 1297 error = udp6_output(inp, m, (struct sockaddr_in6 *)nam, control, l); 1298 splx(s); 1299 1300 return error; 1301 } 1302 1303 static int 1304 udp6_sendoob(struct socket *so, struct mbuf *m, struct mbuf *control) 1305 { 1306 KASSERT(solocked(so)); 1307 1308 m_freem(m); 1309 m_freem(control); 1310 1311 return EOPNOTSUPP; 1312 } 1313 1314 static int 1315 udp6_purgeif(struct socket *so, struct ifnet *ifp) 1316 { 1317 1318 mutex_enter(softnet_lock); 1319 in6pcb_purgeif0(&udbtable, ifp); 1320 #ifdef NET_MPSAFE 1321 mutex_exit(softnet_lock); 1322 #endif 1323 in6_purgeif(ifp); 1324 #ifdef NET_MPSAFE 1325 mutex_enter(softnet_lock); 1326 #endif 1327 in6pcb_purgeif(&udbtable, ifp); 1328 mutex_exit(softnet_lock); 1329 1330 return 0; 1331 } 1332 1333 static int 1334 sysctl_net_inet6_udp6_stats(SYSCTLFN_ARGS) 1335 { 1336 1337 return (NETSTAT_SYSCTL(udp6stat_percpu, UDP6_NSTATS)); 1338 } 1339 1340 static void 1341 sysctl_net_inet6_udp6_setup(struct sysctllog **clog) 1342 { 1343 1344 sysctl_createv(clog, 0, NULL, NULL, 1345 CTLFLAG_PERMANENT, 1346 CTLTYPE_NODE, "inet6", NULL, 1347 NULL, 0, NULL, 0, 1348 CTL_NET, PF_INET6, CTL_EOL); 1349 sysctl_createv(clog, 0, NULL, NULL, 1350 CTLFLAG_PERMANENT, 1351 CTLTYPE_NODE, "udp6", 1352 SYSCTL_DESCR("UDPv6 related settings"), 1353 NULL, 0, NULL, 0, 1354 CTL_NET, PF_INET6, IPPROTO_UDP, CTL_EOL); 1355 1356 sysctl_createv(clog, 0, NULL, NULL, 1357 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1358 CTLTYPE_INT, "sendspace", 1359 SYSCTL_DESCR("Default UDP send buffer size"), 1360 NULL, 0, &udp6_sendspace, 0, 1361 CTL_NET, PF_INET6, IPPROTO_UDP, UDP6CTL_SENDSPACE, 1362 CTL_EOL); 1363 sysctl_createv(clog, 0, NULL, NULL, 1364 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1365 CTLTYPE_INT, "recvspace", 1366 SYSCTL_DESCR("Default UDP receive buffer size"), 1367 NULL, 0, &udp6_recvspace, 0, 1368 CTL_NET, PF_INET6, IPPROTO_UDP, UDP6CTL_RECVSPACE, 1369 CTL_EOL); 1370 sysctl_createv(clog, 0, NULL, NULL, 1371 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1372 CTLTYPE_INT, "do_loopback_cksum", 1373 SYSCTL_DESCR("Perform UDP checksum on loopback"), 1374 NULL, 0, &udp_do_loopback_cksum, 0, 1375 CTL_NET, PF_INET6, IPPROTO_UDP, UDP6CTL_LOOPBACKCKSUM, 1376 CTL_EOL); 1377 sysctl_createv(clog, 0, NULL, NULL, 1378 CTLFLAG_PERMANENT, 1379 CTLTYPE_STRUCT, "pcblist", 1380 SYSCTL_DESCR("UDP protocol control block list"), 1381 sysctl_inpcblist, 0, &udbtable, 0, 1382 CTL_NET, PF_INET6, IPPROTO_UDP, CTL_CREATE, 1383 CTL_EOL); 1384 sysctl_createv(clog, 0, NULL, NULL, 1385 CTLFLAG_PERMANENT, 1386 CTLTYPE_STRUCT, "stats", 1387 SYSCTL_DESCR("UDPv6 statistics"), 1388 sysctl_net_inet6_udp6_stats, 0, NULL, 0, 1389 CTL_NET, PF_INET6, IPPROTO_UDP, UDP6CTL_STATS, 1390 CTL_EOL); 1391 } 1392 1393 void 1394 udp6_statinc(u_int stat) 1395 { 1396 1397 KASSERT(stat < UDP6_NSTATS); 1398 UDP6_STATINC(stat); 1399 } 1400 1401 #ifdef IPSEC 1402 /* 1403 * Returns: 1404 * 1 if the packet was processed 1405 * 0 if normal UDP processing should take place 1406 * -1 if an error occurred and m was freed 1407 */ 1408 static int 1409 udp6_espinudp(struct mbuf **mp, int off) 1410 { 1411 const size_t skip = sizeof(struct udphdr); 1412 size_t len; 1413 void *data; 1414 size_t minlen; 1415 int ip6hdrlen; 1416 struct ip6_hdr *ip6; 1417 struct m_tag *tag; 1418 struct udphdr *udphdr; 1419 u_int16_t sport, dport; 1420 struct mbuf *m = *mp; 1421 uint32_t *marker; 1422 1423 /* 1424 * Collapse the mbuf chain if the first mbuf is too short 1425 * The longest case is: UDP + non ESP marker + ESP 1426 */ 1427 minlen = off + sizeof(u_int64_t) + sizeof(struct esp); 1428 if (minlen > m->m_pkthdr.len) 1429 minlen = m->m_pkthdr.len; 1430 1431 if (m->m_len < minlen) { 1432 if ((*mp = m_pullup(m, minlen)) == NULL) { 1433 return -1; /* dropped */ 1434 } 1435 m = *mp; 1436 } 1437 1438 len = m->m_len - off; 1439 data = mtod(m, char *) + off; 1440 1441 /* Ignore keepalive packets */ 1442 if ((len == 1) && (*(unsigned char *)data == 0xff)) { 1443 m_freem(m); 1444 *mp = NULL; /* avoid any further processing by caller ... */ 1445 return 1; /* consumed */ 1446 } 1447 1448 /* Handle Non-ESP marker (32bit). If zero, then IKE. */ 1449 marker = (uint32_t *)data; 1450 if (len <= sizeof(uint32_t)) 1451 return 0; /* passthrough */ 1452 if (marker[0] == 0) 1453 return 0; /* passthrough */ 1454 1455 /* 1456 * Get the UDP ports. They are handled in network 1457 * order everywhere in IPSEC_NAT_T code. 1458 */ 1459 udphdr = (struct udphdr *)((char *)data - skip); 1460 sport = udphdr->uh_sport; 1461 dport = udphdr->uh_dport; 1462 1463 /* 1464 * Remove the UDP header (and possibly the non ESP marker) 1465 * IPv6 header length is ip6hdrlen 1466 * Before: 1467 * <---- off ---> 1468 * +-----+------+-----+ 1469 * | IP6 | UDP | ESP | 1470 * +-----+------+-----+ 1471 * <-skip-> 1472 * After: 1473 * +-----+-----+ 1474 * | IP6 | ESP | 1475 * +-----+-----+ 1476 * <-skip-> 1477 */ 1478 ip6hdrlen = off - sizeof(struct udphdr); 1479 memmove(mtod(m, char *) + skip, mtod(m, void *), ip6hdrlen); 1480 m_adj(m, skip); 1481 1482 ip6 = mtod(m, struct ip6_hdr *); 1483 ip6->ip6_plen = htons(ntohs(ip6->ip6_plen) - skip); 1484 ip6->ip6_nxt = IPPROTO_ESP; 1485 1486 /* 1487 * We have modified the packet - it is now ESP, so we should not 1488 * return to UDP processing ... 1489 * 1490 * Add a PACKET_TAG_IPSEC_NAT_T_PORT tag to remember 1491 * the source UDP port. This is required if we want 1492 * to select the right SPD for multiple hosts behind 1493 * same NAT 1494 */ 1495 if ((tag = m_tag_get(PACKET_TAG_IPSEC_NAT_T_PORTS, 1496 sizeof(sport) + sizeof(dport), M_DONTWAIT)) == NULL) { 1497 m_freem(m); 1498 *mp = NULL; 1499 return -1; /* dropped */ 1500 } 1501 ((u_int16_t *)(tag + 1))[0] = sport; 1502 ((u_int16_t *)(tag + 1))[1] = dport; 1503 m_tag_prepend(m, tag); 1504 1505 if (ipsec_used) 1506 ipsec6_common_input(&m, &ip6hdrlen, IPPROTO_ESP); 1507 else 1508 m_freem(m); 1509 1510 /* We handled it, it shouldn't be handled by UDP */ 1511 *mp = NULL; /* avoid free by caller ... */ 1512 return 1; /* consumed */ 1513 } 1514 #endif /* IPSEC */ 1515 1516 PR_WRAP_USRREQS(udp6) 1517 #define udp6_attach udp6_attach_wrapper 1518 #define udp6_detach udp6_detach_wrapper 1519 #define udp6_accept udp6_accept_wrapper 1520 #define udp6_bind udp6_bind_wrapper 1521 #define udp6_listen udp6_listen_wrapper 1522 #define udp6_connect udp6_connect_wrapper 1523 #define udp6_connect2 udp6_connect2_wrapper 1524 #define udp6_disconnect udp6_disconnect_wrapper 1525 #define udp6_shutdown udp6_shutdown_wrapper 1526 #define udp6_abort udp6_abort_wrapper 1527 #define udp6_ioctl udp6_ioctl_wrapper 1528 #define udp6_stat udp6_stat_wrapper 1529 #define udp6_peeraddr udp6_peeraddr_wrapper 1530 #define udp6_sockaddr udp6_sockaddr_wrapper 1531 #define udp6_rcvd udp6_rcvd_wrapper 1532 #define udp6_recvoob udp6_recvoob_wrapper 1533 #define udp6_send udp6_send_wrapper 1534 #define udp6_sendoob udp6_sendoob_wrapper 1535 #define udp6_purgeif udp6_purgeif_wrapper 1536 1537 const struct pr_usrreqs udp6_usrreqs = { 1538 .pr_attach = udp6_attach, 1539 .pr_detach = udp6_detach, 1540 .pr_accept = udp6_accept, 1541 .pr_bind = udp6_bind, 1542 .pr_listen = udp6_listen, 1543 .pr_connect = udp6_connect, 1544 .pr_connect2 = udp6_connect2, 1545 .pr_disconnect = udp6_disconnect, 1546 .pr_shutdown = udp6_shutdown, 1547 .pr_abort = udp6_abort, 1548 .pr_ioctl = udp6_ioctl, 1549 .pr_stat = udp6_stat, 1550 .pr_peeraddr = udp6_peeraddr, 1551 .pr_sockaddr = udp6_sockaddr, 1552 .pr_rcvd = udp6_rcvd, 1553 .pr_recvoob = udp6_recvoob, 1554 .pr_send = udp6_send, 1555 .pr_sendoob = udp6_sendoob, 1556 .pr_purgeif = udp6_purgeif, 1557 }; 1558