1 /* $NetBSD: in.c,v 1.238 2020/08/29 17:41:14 christos Exp $ */ 2 3 /* 4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the project nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 /*- 33 * Copyright (c) 1998 The NetBSD Foundation, Inc. 34 * All rights reserved. 35 * 36 * This code is derived from software contributed to The NetBSD Foundation 37 * by Public Access Networks Corporation ("Panix"). It was developed under 38 * contract to Panix by Eric Haszlakiewicz and Thor Lancelot Simon. 39 * 40 * Redistribution and use in source and binary forms, with or without 41 * modification, are permitted provided that the following conditions 42 * are met: 43 * 1. Redistributions of source code must retain the above copyright 44 * notice, this list of conditions and the following disclaimer. 45 * 2. Redistributions in binary form must reproduce the above copyright 46 * notice, this list of conditions and the following disclaimer in the 47 * documentation and/or other materials provided with the distribution. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 50 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 51 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 52 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 53 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 54 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 55 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 56 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 57 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 58 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 59 * POSSIBILITY OF SUCH DAMAGE. 60 */ 61 62 /* 63 * Copyright (c) 1982, 1986, 1991, 1993 64 * The Regents of the University of California. All rights reserved. 65 * 66 * Redistribution and use in source and binary forms, with or without 67 * modification, are permitted provided that the following conditions 68 * are met: 69 * 1. Redistributions of source code must retain the above copyright 70 * notice, this list of conditions and the following disclaimer. 71 * 2. Redistributions in binary form must reproduce the above copyright 72 * notice, this list of conditions and the following disclaimer in the 73 * documentation and/or other materials provided with the distribution. 74 * 3. Neither the name of the University nor the names of its contributors 75 * may be used to endorse or promote products derived from this software 76 * without specific prior written permission. 77 * 78 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 79 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 80 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 81 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 82 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 83 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 84 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 85 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 86 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 87 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 88 * SUCH DAMAGE. 89 * 90 * @(#)in.c 8.4 (Berkeley) 1/9/95 91 */ 92 93 #include <sys/cdefs.h> 94 __KERNEL_RCSID(0, "$NetBSD: in.c,v 1.238 2020/08/29 17:41:14 christos Exp $"); 95 96 #include "arp.h" 97 98 #ifdef _KERNEL_OPT 99 #include "opt_inet.h" 100 #include "opt_inet_conf.h" 101 #include "opt_mrouting.h" 102 #include "opt_net_mpsafe.h" 103 #endif 104 105 #include <sys/param.h> 106 #include <sys/ioctl.h> 107 #include <sys/errno.h> 108 #include <sys/kernel.h> 109 #include <sys/malloc.h> 110 #include <sys/socket.h> 111 #include <sys/socketvar.h> 112 #include <sys/sysctl.h> 113 #include <sys/systm.h> 114 #include <sys/proc.h> 115 #include <sys/syslog.h> 116 #include <sys/kauth.h> 117 #include <sys/kmem.h> 118 119 #include <sys/cprng.h> 120 121 #include <net/if.h> 122 #include <net/route.h> 123 #include <net/pfil.h> 124 125 #include <net/if_arp.h> 126 #include <net/if_ether.h> 127 #include <net/if_types.h> 128 #include <net/if_llatbl.h> 129 #include <net/if_dl.h> 130 131 #include <netinet/in_systm.h> 132 #include <netinet/in.h> 133 #include <netinet/in_var.h> 134 #include <netinet/ip.h> 135 #include <netinet/ip_var.h> 136 #include <netinet/in_ifattach.h> 137 #include <netinet/in_pcb.h> 138 #include <netinet/in_selsrc.h> 139 #include <netinet/if_inarp.h> 140 #include <netinet/ip_mroute.h> 141 #include <netinet/igmp_var.h> 142 143 #ifdef IPSELSRC 144 #include <netinet/in_selsrc.h> 145 #endif 146 147 static u_int in_mask2len(struct in_addr *); 148 static int in_lifaddr_ioctl(struct socket *, u_long, void *, 149 struct ifnet *); 150 151 static void in_addrhash_insert_locked(struct in_ifaddr *); 152 static void in_addrhash_remove_locked(struct in_ifaddr *); 153 154 static int in_addprefix(struct in_ifaddr *, int); 155 static void in_scrubaddr(struct in_ifaddr *); 156 static int in_scrubprefix(struct in_ifaddr *); 157 static void in_sysctl_init(struct sysctllog **); 158 159 #ifndef SUBNETSARELOCAL 160 #define SUBNETSARELOCAL 1 161 #endif 162 163 #ifndef HOSTZEROBROADCAST 164 #define HOSTZEROBROADCAST 0 165 #endif 166 167 /* Note: 61, 127, 251, 509, 1021, 2039 are good. */ 168 #ifndef IN_MULTI_HASH_SIZE 169 #define IN_MULTI_HASH_SIZE 509 170 #endif 171 172 static int subnetsarelocal = SUBNETSARELOCAL; 173 static int hostzeroisbroadcast = HOSTZEROBROADCAST; 174 175 /* 176 * This list is used to keep track of in_multi chains which belong to 177 * deleted interface addresses. We use in_ifaddr so that a chain head 178 * won't be deallocated until all multicast address record are deleted. 179 */ 180 181 LIST_HEAD(in_multihashhead, in_multi); /* Type of the hash head */ 182 183 static struct pool inmulti_pool; 184 static u_int in_multientries; 185 static struct in_multihashhead *in_multihashtbl; 186 static u_long in_multihash; 187 static krwlock_t in_multilock; 188 189 #define IN_MULTI_HASH(x, ifp) \ 190 (in_multihashtbl[(u_long)((x) ^ (ifp->if_index)) % IN_MULTI_HASH_SIZE]) 191 192 /* XXX DEPRECATED. Keep them to avoid breaking kvm(3) users. */ 193 struct in_ifaddrhashhead * in_ifaddrhashtbl; 194 u_long in_ifaddrhash; 195 struct in_ifaddrhead in_ifaddrhead; 196 static kmutex_t in_ifaddr_lock; 197 198 pserialize_t in_ifaddrhash_psz; 199 struct pslist_head * in_ifaddrhashtbl_pslist; 200 u_long in_ifaddrhash_pslist; 201 struct pslist_head in_ifaddrhead_pslist; 202 203 void 204 in_init(void) 205 { 206 pool_init(&inmulti_pool, sizeof(struct in_multi), 0, 0, 0, "inmltpl", 207 NULL, IPL_SOFTNET); 208 TAILQ_INIT(&in_ifaddrhead); 209 PSLIST_INIT(&in_ifaddrhead_pslist); 210 211 in_ifaddrhashtbl = hashinit(IN_IFADDR_HASH_SIZE, HASH_LIST, true, 212 &in_ifaddrhash); 213 214 in_ifaddrhash_psz = pserialize_create(); 215 in_ifaddrhashtbl_pslist = hashinit(IN_IFADDR_HASH_SIZE, HASH_PSLIST, 216 true, &in_ifaddrhash_pslist); 217 mutex_init(&in_ifaddr_lock, MUTEX_DEFAULT, IPL_NONE); 218 219 in_multihashtbl = hashinit(IN_IFADDR_HASH_SIZE, HASH_LIST, true, 220 &in_multihash); 221 rw_init(&in_multilock); 222 223 in_sysctl_init(NULL); 224 } 225 226 /* 227 * Return 1 if an internet address is for a ``local'' host 228 * (one to which we have a connection). If subnetsarelocal 229 * is true, this includes other subnets of the local net. 230 * Otherwise, it includes only the directly-connected (sub)nets. 231 */ 232 int 233 in_localaddr(struct in_addr in) 234 { 235 struct in_ifaddr *ia; 236 int localaddr = 0; 237 int s = pserialize_read_enter(); 238 239 if (subnetsarelocal) { 240 IN_ADDRLIST_READER_FOREACH(ia) { 241 if ((in.s_addr & ia->ia_netmask) == ia->ia_net) { 242 localaddr = 1; 243 break; 244 } 245 } 246 } else { 247 IN_ADDRLIST_READER_FOREACH(ia) { 248 if ((in.s_addr & ia->ia_subnetmask) == ia->ia_subnet) { 249 localaddr = 1; 250 break; 251 } 252 } 253 } 254 pserialize_read_exit(s); 255 256 return localaddr; 257 } 258 259 /* 260 * like in_localaddr() but can specify ifp. 261 */ 262 int 263 in_direct(struct in_addr in, struct ifnet *ifp) 264 { 265 struct ifaddr *ifa; 266 int localaddr = 0; 267 int s; 268 269 KASSERT(ifp != NULL); 270 271 #define ia (ifatoia(ifa)) 272 s = pserialize_read_enter(); 273 if (subnetsarelocal) { 274 IFADDR_READER_FOREACH(ifa, ifp) { 275 if (ifa->ifa_addr->sa_family == AF_INET && 276 ((in.s_addr & ia->ia_netmask) == ia->ia_net)) { 277 localaddr = 1; 278 break; 279 } 280 } 281 } else { 282 IFADDR_READER_FOREACH(ifa, ifp) { 283 if (ifa->ifa_addr->sa_family == AF_INET && 284 (in.s_addr & ia->ia_subnetmask) == ia->ia_subnet) { 285 localaddr = 1; 286 break; 287 } 288 } 289 } 290 pserialize_read_exit(s); 291 292 return localaddr; 293 #undef ia 294 } 295 296 /* 297 * Determine whether an IP address is in a reserved set of addresses 298 * that may not be forwarded, or whether datagrams to that destination 299 * may be forwarded. 300 */ 301 int 302 in_canforward(struct in_addr in) 303 { 304 u_int32_t net; 305 306 if (IN_EXPERIMENTAL(in.s_addr) || IN_MULTICAST(in.s_addr)) 307 return (0); 308 if (IN_CLASSA(in.s_addr)) { 309 net = in.s_addr & IN_CLASSA_NET; 310 if (net == 0 || net == htonl(IN_LOOPBACKNET << IN_CLASSA_NSHIFT)) 311 return (0); 312 } 313 return (1); 314 } 315 316 /* 317 * Trim a mask in a sockaddr 318 */ 319 void 320 in_socktrim(struct sockaddr_in *ap) 321 { 322 char *cplim = (char *) &ap->sin_addr; 323 char *cp = (char *) (&ap->sin_addr + 1); 324 325 ap->sin_len = 0; 326 while (--cp >= cplim) 327 if (*cp) { 328 (ap)->sin_len = cp - (char *) (ap) + 1; 329 break; 330 } 331 } 332 333 /* 334 * Maintain the "in_maxmtu" variable, which is the largest 335 * mtu for non-local interfaces with AF_INET addresses assigned 336 * to them that are up. 337 */ 338 unsigned long in_maxmtu; 339 340 void 341 in_setmaxmtu(void) 342 { 343 struct in_ifaddr *ia; 344 struct ifnet *ifp; 345 unsigned long maxmtu = 0; 346 int s = pserialize_read_enter(); 347 348 IN_ADDRLIST_READER_FOREACH(ia) { 349 if ((ifp = ia->ia_ifp) == 0) 350 continue; 351 if ((ifp->if_flags & (IFF_UP|IFF_LOOPBACK)) != IFF_UP) 352 continue; 353 if (ifp->if_mtu > maxmtu) 354 maxmtu = ifp->if_mtu; 355 } 356 if (maxmtu) 357 in_maxmtu = maxmtu; 358 pserialize_read_exit(s); 359 } 360 361 static u_int 362 in_mask2len(struct in_addr *mask) 363 { 364 u_int x, y; 365 u_char *p; 366 367 p = (u_char *)mask; 368 for (x = 0; x < sizeof(*mask); x++) { 369 if (p[x] != 0xff) 370 break; 371 } 372 y = 0; 373 if (x < sizeof(*mask)) { 374 for (y = 0; y < NBBY; y++) { 375 if ((p[x] & (0x80 >> y)) == 0) 376 break; 377 } 378 } 379 return x * NBBY + y; 380 } 381 382 void 383 in_len2mask(struct in_addr *mask, u_int len) 384 { 385 u_int i; 386 u_char *p; 387 388 p = (u_char *)mask; 389 memset(mask, 0, sizeof(*mask)); 390 for (i = 0; i < len / NBBY; i++) 391 p[i] = 0xff; 392 if (len % NBBY) 393 p[i] = (0xff00 >> (len % NBBY)) & 0xff; 394 } 395 396 /* 397 * Generic internet control operations (ioctl's). 398 * Ifp is 0 if not an interface-specific ioctl. 399 */ 400 /* ARGSUSED */ 401 static int 402 in_control0(struct socket *so, u_long cmd, void *data, struct ifnet *ifp) 403 { 404 struct ifreq *ifr = (struct ifreq *)data; 405 struct in_ifaddr *ia = NULL; 406 struct in_aliasreq *ifra = (struct in_aliasreq *)data; 407 struct sockaddr_in oldaddr, *new_dstaddr; 408 int error, hostIsNew, maskIsNew; 409 int newifaddr = 0; 410 bool run_hook = false; 411 bool need_reinsert = false; 412 struct psref psref; 413 int bound; 414 415 switch (cmd) { 416 case SIOCALIFADDR: 417 case SIOCDLIFADDR: 418 case SIOCGLIFADDR: 419 if (ifp == NULL) 420 return EINVAL; 421 return in_lifaddr_ioctl(so, cmd, data, ifp); 422 case SIOCGIFADDRPREF: 423 case SIOCSIFADDRPREF: 424 if (ifp == NULL) 425 return EINVAL; 426 return ifaddrpref_ioctl(so, cmd, data, ifp); 427 } 428 429 bound = curlwp_bind(); 430 /* 431 * Find address for this interface, if it exists. 432 */ 433 if (ifp != NULL) 434 ia = in_get_ia_from_ifp_psref(ifp, &psref); 435 436 hostIsNew = 1; /* moved here to appease gcc */ 437 switch (cmd) { 438 case SIOCAIFADDR: 439 case SIOCDIFADDR: 440 case SIOCGIFALIAS: 441 case SIOCGIFAFLAG_IN: 442 if (ifra->ifra_addr.sin_family == AF_INET) { 443 int s; 444 445 if (ia != NULL) 446 ia4_release(ia, &psref); 447 s = pserialize_read_enter(); 448 IN_ADDRHASH_READER_FOREACH(ia, 449 ifra->ifra_addr.sin_addr.s_addr) { 450 if (ia->ia_ifp == ifp && 451 in_hosteq(ia->ia_addr.sin_addr, 452 ifra->ifra_addr.sin_addr)) 453 break; 454 } 455 if (ia != NULL) 456 ia4_acquire(ia, &psref); 457 pserialize_read_exit(s); 458 } 459 if ((cmd == SIOCDIFADDR || 460 cmd == SIOCGIFALIAS || 461 cmd == SIOCGIFAFLAG_IN) && 462 ia == NULL) { 463 error = EADDRNOTAVAIL; 464 goto out; 465 } 466 467 if (cmd == SIOCDIFADDR && 468 ifra->ifra_addr.sin_family == AF_UNSPEC) { 469 ifra->ifra_addr.sin_family = AF_INET; 470 } 471 /* FALLTHROUGH */ 472 case SIOCSIFADDR: 473 if (ia == NULL || ia->ia_addr.sin_family != AF_INET) 474 ; 475 else if (ifra->ifra_addr.sin_len == 0) { 476 ifra->ifra_addr = ia->ia_addr; 477 hostIsNew = 0; 478 } else if (in_hosteq(ia->ia_addr.sin_addr, 479 ifra->ifra_addr.sin_addr)) 480 hostIsNew = 0; 481 if (ifra->ifra_addr.sin_family != AF_INET) { 482 error = EAFNOSUPPORT; 483 goto out; 484 } 485 /* FALLTHROUGH */ 486 case SIOCSIFDSTADDR: 487 if (cmd == SIOCSIFDSTADDR && 488 ifreq_getaddr(cmd, ifr)->sa_family != AF_INET) { 489 error = EAFNOSUPPORT; 490 goto out; 491 } 492 /* FALLTHROUGH */ 493 case SIOCSIFNETMASK: 494 if (ifp == NULL) 495 panic("in_control"); 496 497 if (cmd == SIOCGIFALIAS || cmd == SIOCGIFAFLAG_IN) 498 break; 499 500 if (ia == NULL && 501 (cmd == SIOCSIFNETMASK || cmd == SIOCSIFDSTADDR)) { 502 error = EADDRNOTAVAIL; 503 goto out; 504 } 505 506 if (kauth_authorize_network(curlwp->l_cred, KAUTH_NETWORK_INTERFACE, 507 KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, (void *)cmd, 508 NULL) != 0) { 509 error = EPERM; 510 goto out; 511 } 512 513 if (ia == NULL) { 514 ia = malloc(sizeof(*ia), M_IFADDR, M_WAITOK|M_ZERO); 515 if (ia == NULL) { 516 error = ENOBUFS; 517 goto out; 518 } 519 ia->ia_ifa.ifa_addr = sintosa(&ia->ia_addr); 520 ia->ia_ifa.ifa_dstaddr = sintosa(&ia->ia_dstaddr); 521 ia->ia_ifa.ifa_netmask = sintosa(&ia->ia_sockmask); 522 #ifdef IPSELSRC 523 ia->ia_ifa.ifa_getifa = in_getifa; 524 #else /* IPSELSRC */ 525 ia->ia_ifa.ifa_getifa = NULL; 526 #endif /* IPSELSRC */ 527 ia->ia_sockmask.sin_len = 8; 528 ia->ia_sockmask.sin_family = AF_INET; 529 if (ifp->if_flags & IFF_BROADCAST) { 530 ia->ia_broadaddr.sin_len = sizeof(ia->ia_addr); 531 ia->ia_broadaddr.sin_family = AF_INET; 532 } 533 ia->ia_ifp = ifp; 534 ia->ia_idsalt = cprng_fast32() % 65535; 535 LIST_INIT(&ia->ia_multiaddrs); 536 IN_ADDRHASH_ENTRY_INIT(ia); 537 IN_ADDRLIST_ENTRY_INIT(ia); 538 ifa_psref_init(&ia->ia_ifa); 539 /* 540 * We need a reference to make ia survive over in_ifinit 541 * that does ifaref and ifafree. 542 */ 543 ifaref(&ia->ia_ifa); 544 545 newifaddr = 1; 546 } 547 break; 548 549 case SIOCSIFBRDADDR: 550 if (kauth_authorize_network(curlwp->l_cred, KAUTH_NETWORK_INTERFACE, 551 KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, (void *)cmd, 552 NULL) != 0) { 553 error = EPERM; 554 goto out; 555 } 556 /* FALLTHROUGH */ 557 558 case SIOCGIFADDR: 559 case SIOCGIFNETMASK: 560 case SIOCGIFDSTADDR: 561 case SIOCGIFBRDADDR: 562 if (ia == NULL) { 563 error = EADDRNOTAVAIL; 564 goto out; 565 } 566 break; 567 } 568 error = 0; 569 switch (cmd) { 570 571 case SIOCGIFADDR: 572 ifreq_setaddr(cmd, ifr, sintocsa(&ia->ia_addr)); 573 break; 574 575 case SIOCGIFBRDADDR: 576 if ((ifp->if_flags & IFF_BROADCAST) == 0) { 577 error = EINVAL; 578 goto out; 579 } 580 ifreq_setdstaddr(cmd, ifr, sintocsa(&ia->ia_broadaddr)); 581 break; 582 583 case SIOCGIFDSTADDR: 584 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) { 585 error = EINVAL; 586 goto out; 587 } 588 ifreq_setdstaddr(cmd, ifr, sintocsa(&ia->ia_dstaddr)); 589 break; 590 591 case SIOCGIFNETMASK: 592 /* 593 * We keep the number of trailing zero bytes the sin_len field 594 * of ia_sockmask, so we fix this before we pass it back to 595 * userland. 596 */ 597 oldaddr = ia->ia_sockmask; 598 oldaddr.sin_len = sizeof(struct sockaddr_in); 599 ifreq_setaddr(cmd, ifr, (const void *)&oldaddr); 600 break; 601 602 case SIOCSIFDSTADDR: 603 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) { 604 error = EINVAL; 605 goto out; 606 } 607 oldaddr = ia->ia_dstaddr; 608 ia->ia_dstaddr = *satocsin(ifreq_getdstaddr(cmd, ifr)); 609 if ((error = if_addr_init(ifp, &ia->ia_ifa, false)) != 0) { 610 ia->ia_dstaddr = oldaddr; 611 goto out; 612 } 613 if (ia->ia_flags & IFA_ROUTE) { 614 ia->ia_ifa.ifa_dstaddr = sintosa(&oldaddr); 615 rtinit(&ia->ia_ifa, RTM_DELETE, RTF_HOST); 616 ia->ia_ifa.ifa_dstaddr = sintosa(&ia->ia_dstaddr); 617 rtinit(&ia->ia_ifa, RTM_ADD, RTF_HOST|RTF_UP); 618 } 619 break; 620 621 case SIOCSIFBRDADDR: 622 if ((ifp->if_flags & IFF_BROADCAST) == 0) { 623 error = EINVAL; 624 goto out; 625 } 626 ia->ia_broadaddr = *satocsin(ifreq_getbroadaddr(cmd, ifr)); 627 break; 628 629 case SIOCSIFADDR: 630 if (!newifaddr) { 631 in_addrhash_remove(ia); 632 need_reinsert = true; 633 } 634 error = in_ifinit(ifp, ia, satocsin(ifreq_getaddr(cmd, ifr)), 635 NULL, 1); 636 637 run_hook = true; 638 break; 639 640 case SIOCSIFNETMASK: 641 in_scrubprefix(ia); 642 ia->ia_sockmask = *satocsin(ifreq_getaddr(cmd, ifr)); 643 ia->ia_subnetmask = ia->ia_sockmask.sin_addr.s_addr; 644 if (!newifaddr) { 645 in_addrhash_remove(ia); 646 need_reinsert = true; 647 } 648 error = in_ifinit(ifp, ia, NULL, NULL, 0); 649 break; 650 651 case SIOCAIFADDR: 652 maskIsNew = 0; 653 if (ifra->ifra_mask.sin_len) { 654 in_scrubprefix(ia); 655 ia->ia_sockmask = ifra->ifra_mask; 656 ia->ia_subnetmask = ia->ia_sockmask.sin_addr.s_addr; 657 maskIsNew = 1; 658 } 659 if ((ifp->if_flags & IFF_POINTOPOINT) && 660 (ifra->ifra_dstaddr.sin_family == AF_INET)) { 661 new_dstaddr = &ifra->ifra_dstaddr; 662 maskIsNew = 1; /* We lie; but the effect's the same */ 663 } else 664 new_dstaddr = NULL; 665 if (ifra->ifra_addr.sin_family == AF_INET && 666 (hostIsNew || maskIsNew)) { 667 if (!newifaddr) { 668 in_addrhash_remove(ia); 669 need_reinsert = true; 670 } 671 error = in_ifinit(ifp, ia, &ifra->ifra_addr, 672 new_dstaddr, 0); 673 } 674 if ((ifp->if_flags & IFF_BROADCAST) && 675 (ifra->ifra_broadaddr.sin_family == AF_INET)) 676 ia->ia_broadaddr = ifra->ifra_broadaddr; 677 run_hook = true; 678 break; 679 680 case SIOCGIFALIAS: 681 ifra->ifra_mask = ia->ia_sockmask; 682 if ((ifp->if_flags & IFF_POINTOPOINT) && 683 (ia->ia_dstaddr.sin_family == AF_INET)) 684 ifra->ifra_dstaddr = ia->ia_dstaddr; 685 else if ((ifp->if_flags & IFF_BROADCAST) && 686 (ia->ia_broadaddr.sin_family == AF_INET)) 687 ifra->ifra_broadaddr = ia->ia_broadaddr; 688 else 689 memset(&ifra->ifra_broadaddr, 0, 690 sizeof(ifra->ifra_broadaddr)); 691 break; 692 693 case SIOCGIFAFLAG_IN: 694 ifr->ifr_addrflags = ia->ia4_flags; 695 break; 696 697 case SIOCDIFADDR: 698 ia4_release(ia, &psref); 699 ifaref(&ia->ia_ifa); 700 in_purgeaddr(&ia->ia_ifa); 701 pfil_run_addrhooks(if_pfil, cmd, &ia->ia_ifa); 702 ifafree(&ia->ia_ifa); 703 ia = NULL; 704 break; 705 706 #ifdef MROUTING 707 case SIOCGETVIFCNT: 708 case SIOCGETSGCNT: 709 error = mrt_ioctl(so, cmd, data); 710 break; 711 #endif /* MROUTING */ 712 713 default: 714 error = ENOTTY; 715 goto out; 716 } 717 718 /* 719 * XXX insert regardless of error to make in_purgeaddr below work. 720 * Need to improve. 721 */ 722 if (newifaddr) { 723 ifaref(&ia->ia_ifa); 724 ifa_insert(ifp, &ia->ia_ifa); 725 726 mutex_enter(&in_ifaddr_lock); 727 TAILQ_INSERT_TAIL(&in_ifaddrhead, ia, ia_list); 728 IN_ADDRLIST_WRITER_INSERT_TAIL(ia); 729 in_addrhash_insert_locked(ia); 730 /* Release a reference that is held just after creation. */ 731 ifafree(&ia->ia_ifa); 732 mutex_exit(&in_ifaddr_lock); 733 } else if (need_reinsert) { 734 in_addrhash_insert(ia); 735 } 736 737 if (error == 0) { 738 if (run_hook) 739 pfil_run_addrhooks(if_pfil, cmd, &ia->ia_ifa); 740 } else if (newifaddr) { 741 KASSERT(ia != NULL); 742 in_purgeaddr(&ia->ia_ifa); 743 ia = NULL; 744 } 745 746 out: 747 if (!newifaddr && ia != NULL) 748 ia4_release(ia, &psref); 749 curlwp_bindx(bound); 750 return error; 751 } 752 753 int 754 in_control(struct socket *so, u_long cmd, void *data, struct ifnet *ifp) 755 { 756 int error; 757 758 #ifndef NET_MPSAFE 759 KASSERT(KERNEL_LOCKED_P()); 760 #endif 761 error = in_control0(so, cmd, data, ifp); 762 763 return error; 764 } 765 766 /* Add ownaddr as loopback rtentry. */ 767 static void 768 in_ifaddlocal(struct ifaddr *ifa) 769 { 770 struct in_ifaddr *ia; 771 772 ia = (struct in_ifaddr *)ifa; 773 if (ia->ia_addr.sin_addr.s_addr == INADDR_ANY || 774 (ia->ia_ifp->if_flags & IFF_POINTOPOINT && 775 in_hosteq(ia->ia_dstaddr.sin_addr, ia->ia_addr.sin_addr))) 776 { 777 rt_addrmsg(RTM_NEWADDR, ifa); 778 return; 779 } 780 781 rt_ifa_addlocal(ifa); 782 } 783 784 /* Remove loopback entry of ownaddr */ 785 static void 786 in_ifremlocal(struct ifaddr *ifa) 787 { 788 struct in_ifaddr *ia, *p; 789 struct ifaddr *alt_ifa = NULL; 790 int ia_count = 0; 791 int s; 792 struct psref psref; 793 int bound = curlwp_bind(); 794 795 ia = (struct in_ifaddr *)ifa; 796 /* Delete the entry if exactly one ifaddr matches the 797 * address, ifa->ifa_addr. */ 798 s = pserialize_read_enter(); 799 IN_ADDRLIST_READER_FOREACH(p) { 800 if (!in_hosteq(p->ia_addr.sin_addr, ia->ia_addr.sin_addr)) 801 continue; 802 if (p->ia_ifp != ia->ia_ifp) 803 alt_ifa = &p->ia_ifa; 804 if (++ia_count > 1 && alt_ifa != NULL) 805 break; 806 } 807 if (alt_ifa != NULL && ia_count > 1) 808 ifa_acquire(alt_ifa, &psref); 809 pserialize_read_exit(s); 810 811 if (ia_count == 0) 812 goto out; 813 814 rt_ifa_remlocal(ifa, ia_count == 1 ? NULL : alt_ifa); 815 if (alt_ifa != NULL && ia_count > 1) 816 ifa_release(alt_ifa, &psref); 817 out: 818 curlwp_bindx(bound); 819 } 820 821 static void 822 in_scrubaddr(struct in_ifaddr *ia) 823 { 824 825 /* stop DAD processing */ 826 if (ia->ia_dad_stop != NULL) 827 ia->ia_dad_stop(&ia->ia_ifa); 828 829 in_scrubprefix(ia); 830 in_ifremlocal(&ia->ia_ifa); 831 832 mutex_enter(&in_ifaddr_lock); 833 if (ia->ia_allhosts != NULL) { 834 in_delmulti(ia->ia_allhosts); 835 ia->ia_allhosts = NULL; 836 } 837 mutex_exit(&in_ifaddr_lock); 838 } 839 840 /* 841 * Depends on it isn't called in concurrent. It should be guaranteed 842 * by ifa->ifa_ifp's ioctl lock. The possible callers are in_control 843 * and if_purgeaddrs; the former is called iva ifa->ifa_ifp's ioctl 844 * and the latter is called via ifa->ifa_ifp's if_detach. The functions 845 * never be executed in concurrent. 846 */ 847 void 848 in_purgeaddr(struct ifaddr *ifa) 849 { 850 struct in_ifaddr *ia = (void *) ifa; 851 struct ifnet *ifp = ifa->ifa_ifp; 852 853 /* KASSERT(!ifa_held(ifa)); XXX need ifa_not_held (psref_not_held) */ 854 855 ifa->ifa_flags |= IFA_DESTROYING; 856 in_scrubaddr(ia); 857 858 mutex_enter(&in_ifaddr_lock); 859 in_addrhash_remove_locked(ia); 860 TAILQ_REMOVE(&in_ifaddrhead, ia, ia_list); 861 IN_ADDRLIST_WRITER_REMOVE(ia); 862 ifa_remove(ifp, &ia->ia_ifa); 863 /* Assume ifa_remove called pserialize_perform and psref_destroy */ 864 mutex_exit(&in_ifaddr_lock); 865 IN_ADDRHASH_ENTRY_DESTROY(ia); 866 IN_ADDRLIST_ENTRY_DESTROY(ia); 867 ifafree(&ia->ia_ifa); 868 in_setmaxmtu(); 869 } 870 871 static void 872 in_addrhash_insert_locked(struct in_ifaddr *ia) 873 { 874 875 KASSERT(mutex_owned(&in_ifaddr_lock)); 876 877 LIST_INSERT_HEAD(&IN_IFADDR_HASH(ia->ia_addr.sin_addr.s_addr), ia, 878 ia_hash); 879 IN_ADDRHASH_ENTRY_INIT(ia); 880 IN_ADDRHASH_WRITER_INSERT_HEAD(ia); 881 } 882 883 void 884 in_addrhash_insert(struct in_ifaddr *ia) 885 { 886 887 mutex_enter(&in_ifaddr_lock); 888 in_addrhash_insert_locked(ia); 889 mutex_exit(&in_ifaddr_lock); 890 } 891 892 static void 893 in_addrhash_remove_locked(struct in_ifaddr *ia) 894 { 895 896 KASSERT(mutex_owned(&in_ifaddr_lock)); 897 898 LIST_REMOVE(ia, ia_hash); 899 IN_ADDRHASH_WRITER_REMOVE(ia); 900 } 901 902 void 903 in_addrhash_remove(struct in_ifaddr *ia) 904 { 905 906 mutex_enter(&in_ifaddr_lock); 907 in_addrhash_remove_locked(ia); 908 #ifdef NET_MPSAFE 909 pserialize_perform(in_ifaddrhash_psz); 910 #endif 911 mutex_exit(&in_ifaddr_lock); 912 IN_ADDRHASH_ENTRY_DESTROY(ia); 913 } 914 915 void 916 in_purgeif(struct ifnet *ifp) /* MUST be called at splsoftnet() */ 917 { 918 919 IFNET_LOCK(ifp); 920 if_purgeaddrs(ifp, AF_INET, in_purgeaddr); 921 igmp_purgeif(ifp); /* manipulates pools */ 922 #ifdef MROUTING 923 ip_mrouter_detach(ifp); 924 #endif 925 IFNET_UNLOCK(ifp); 926 } 927 928 /* 929 * SIOC[GAD]LIFADDR. 930 * SIOCGLIFADDR: get first address. (???) 931 * SIOCGLIFADDR with IFLR_PREFIX: 932 * get first address that matches the specified prefix. 933 * SIOCALIFADDR: add the specified address. 934 * SIOCALIFADDR with IFLR_PREFIX: 935 * EINVAL since we can't deduce hostid part of the address. 936 * SIOCDLIFADDR: delete the specified address. 937 * SIOCDLIFADDR with IFLR_PREFIX: 938 * delete the first address that matches the specified prefix. 939 * return values: 940 * EINVAL on invalid parameters 941 * EADDRNOTAVAIL on prefix match failed/specified address not found 942 * other values may be returned from in_ioctl() 943 */ 944 static int 945 in_lifaddr_ioctl(struct socket *so, u_long cmd, void *data, 946 struct ifnet *ifp) 947 { 948 struct if_laddrreq *iflr = (struct if_laddrreq *)data; 949 struct ifaddr *ifa; 950 struct sockaddr *sa; 951 952 /* sanity checks */ 953 if (data == NULL || ifp == NULL) { 954 panic("invalid argument to in_lifaddr_ioctl"); 955 /*NOTRECHED*/ 956 } 957 958 switch (cmd) { 959 case SIOCGLIFADDR: 960 /* address must be specified on GET with IFLR_PREFIX */ 961 if ((iflr->flags & IFLR_PREFIX) == 0) 962 break; 963 /*FALLTHROUGH*/ 964 case SIOCALIFADDR: 965 case SIOCDLIFADDR: 966 /* address must be specified on ADD and DELETE */ 967 sa = (struct sockaddr *)&iflr->addr; 968 if (sa->sa_family != AF_INET) 969 return EINVAL; 970 if (sa->sa_len != sizeof(struct sockaddr_in)) 971 return EINVAL; 972 /* XXX need improvement */ 973 sa = (struct sockaddr *)&iflr->dstaddr; 974 if (sa->sa_family != AF_UNSPEC && sa->sa_family != AF_INET) 975 return EINVAL; 976 if (sa->sa_len != 0 && sa->sa_len != sizeof(struct sockaddr_in)) 977 return EINVAL; 978 break; 979 default: /*shouldn't happen*/ 980 #if 0 981 panic("invalid cmd to in_lifaddr_ioctl"); 982 /*NOTREACHED*/ 983 #else 984 return EOPNOTSUPP; 985 #endif 986 } 987 if (sizeof(struct in_addr) * NBBY < iflr->prefixlen) 988 return EINVAL; 989 990 switch (cmd) { 991 case SIOCALIFADDR: 992 { 993 struct in_aliasreq ifra; 994 995 if (iflr->flags & IFLR_PREFIX) 996 return EINVAL; 997 998 /* copy args to in_aliasreq, perform ioctl(SIOCAIFADDR). */ 999 memset(&ifra, 0, sizeof(ifra)); 1000 memcpy(ifra.ifra_name, iflr->iflr_name, 1001 sizeof(ifra.ifra_name)); 1002 1003 memcpy(&ifra.ifra_addr, &iflr->addr, 1004 ((struct sockaddr *)&iflr->addr)->sa_len); 1005 1006 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /*XXX*/ 1007 memcpy(&ifra.ifra_dstaddr, &iflr->dstaddr, 1008 ((struct sockaddr *)&iflr->dstaddr)->sa_len); 1009 } 1010 1011 ifra.ifra_mask.sin_family = AF_INET; 1012 ifra.ifra_mask.sin_len = sizeof(struct sockaddr_in); 1013 in_len2mask(&ifra.ifra_mask.sin_addr, iflr->prefixlen); 1014 1015 return in_control(so, SIOCAIFADDR, &ifra, ifp); 1016 } 1017 case SIOCGLIFADDR: 1018 case SIOCDLIFADDR: 1019 { 1020 struct in_ifaddr *ia; 1021 struct in_addr mask, candidate, match; 1022 struct sockaddr_in *sin; 1023 int cmp, s; 1024 1025 memset(&mask, 0, sizeof(mask)); 1026 memset(&match, 0, sizeof(match)); /* XXX gcc */ 1027 if (iflr->flags & IFLR_PREFIX) { 1028 /* lookup a prefix rather than address. */ 1029 in_len2mask(&mask, iflr->prefixlen); 1030 1031 sin = (struct sockaddr_in *)&iflr->addr; 1032 match.s_addr = sin->sin_addr.s_addr; 1033 match.s_addr &= mask.s_addr; 1034 1035 /* if you set extra bits, that's wrong */ 1036 if (match.s_addr != sin->sin_addr.s_addr) 1037 return EINVAL; 1038 1039 cmp = 1; 1040 } else { 1041 if (cmd == SIOCGLIFADDR) { 1042 /* on getting an address, take the 1st match */ 1043 cmp = 0; /*XXX*/ 1044 } else { 1045 /* on deleting an address, do exact match */ 1046 in_len2mask(&mask, 32); 1047 sin = (struct sockaddr_in *)&iflr->addr; 1048 match.s_addr = sin->sin_addr.s_addr; 1049 1050 cmp = 1; 1051 } 1052 } 1053 1054 s = pserialize_read_enter(); 1055 IFADDR_READER_FOREACH(ifa, ifp) { 1056 if (ifa->ifa_addr->sa_family != AF_INET) 1057 continue; 1058 if (cmp == 0) 1059 break; 1060 candidate.s_addr = ((struct sockaddr_in *)ifa->ifa_addr)->sin_addr.s_addr; 1061 candidate.s_addr &= mask.s_addr; 1062 if (candidate.s_addr == match.s_addr) 1063 break; 1064 } 1065 if (ifa == NULL) { 1066 pserialize_read_exit(s); 1067 return EADDRNOTAVAIL; 1068 } 1069 ia = (struct in_ifaddr *)ifa; 1070 1071 if (cmd == SIOCGLIFADDR) { 1072 /* fill in the if_laddrreq structure */ 1073 memcpy(&iflr->addr, &ia->ia_addr, ia->ia_addr.sin_len); 1074 1075 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1076 memcpy(&iflr->dstaddr, &ia->ia_dstaddr, 1077 ia->ia_dstaddr.sin_len); 1078 } else 1079 memset(&iflr->dstaddr, 0, sizeof(iflr->dstaddr)); 1080 1081 iflr->prefixlen = 1082 in_mask2len(&ia->ia_sockmask.sin_addr); 1083 1084 iflr->flags = 0; /*XXX*/ 1085 pserialize_read_exit(s); 1086 1087 return 0; 1088 } else { 1089 struct in_aliasreq ifra; 1090 1091 /* fill in_aliasreq and do ioctl(SIOCDIFADDR) */ 1092 memset(&ifra, 0, sizeof(ifra)); 1093 memcpy(ifra.ifra_name, iflr->iflr_name, 1094 sizeof(ifra.ifra_name)); 1095 1096 memcpy(&ifra.ifra_addr, &ia->ia_addr, 1097 ia->ia_addr.sin_len); 1098 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1099 memcpy(&ifra.ifra_dstaddr, &ia->ia_dstaddr, 1100 ia->ia_dstaddr.sin_len); 1101 } 1102 memcpy(&ifra.ifra_dstaddr, &ia->ia_sockmask, 1103 ia->ia_sockmask.sin_len); 1104 pserialize_read_exit(s); 1105 1106 return in_control(so, SIOCDIFADDR, &ifra, ifp); 1107 } 1108 } 1109 } 1110 1111 return EOPNOTSUPP; /*just for safety*/ 1112 } 1113 1114 /* 1115 * Initialize an interface's internet address 1116 * and routing table entry. 1117 */ 1118 int 1119 in_ifinit(struct ifnet *ifp, struct in_ifaddr *ia, 1120 const struct sockaddr_in *sin, const struct sockaddr_in *dst, int scrub) 1121 { 1122 u_int32_t i; 1123 struct sockaddr_in oldaddr, olddst; 1124 int s, oldflags, flags = RTF_UP, error, hostIsNew; 1125 1126 if (sin == NULL) 1127 sin = &ia->ia_addr; 1128 if (dst == NULL) 1129 dst = &ia->ia_dstaddr; 1130 1131 /* 1132 * Set up new addresses. 1133 */ 1134 oldaddr = ia->ia_addr; 1135 olddst = ia->ia_dstaddr; 1136 oldflags = ia->ia4_flags; 1137 ia->ia_addr = *sin; 1138 ia->ia_dstaddr = *dst; 1139 hostIsNew = oldaddr.sin_family != AF_INET || 1140 !in_hosteq(ia->ia_addr.sin_addr, oldaddr.sin_addr); 1141 if (!scrub) 1142 scrub = oldaddr.sin_family != ia->ia_dstaddr.sin_family || 1143 !in_hosteq(ia->ia_dstaddr.sin_addr, olddst.sin_addr); 1144 1145 /* 1146 * Configure address flags. 1147 * We need to do this early because they may be adjusted 1148 * by if_addr_init depending on the address. 1149 */ 1150 if (ia->ia4_flags & IN_IFF_DUPLICATED) { 1151 ia->ia4_flags &= ~IN_IFF_DUPLICATED; 1152 hostIsNew = 1; 1153 } 1154 if (ifp->if_link_state == LINK_STATE_DOWN) { 1155 ia->ia4_flags |= IN_IFF_DETACHED; 1156 ia->ia4_flags &= ~IN_IFF_TENTATIVE; 1157 } else if (hostIsNew && if_do_dad(ifp) && ip_dad_enabled()) 1158 ia->ia4_flags |= IN_IFF_TRYTENTATIVE; 1159 1160 /* 1161 * Give the interface a chance to initialize 1162 * if this is its first address, 1163 * and to validate the address if necessary. 1164 */ 1165 s = splsoftnet(); 1166 error = if_addr_init(ifp, &ia->ia_ifa, true); 1167 splx(s); 1168 /* Now clear the try tentative flag, its job is done. */ 1169 ia->ia4_flags &= ~IN_IFF_TRYTENTATIVE; 1170 if (error != 0) { 1171 ia->ia_addr = oldaddr; 1172 ia->ia_dstaddr = olddst; 1173 ia->ia4_flags = oldflags; 1174 return error; 1175 } 1176 1177 if (scrub || hostIsNew) { 1178 int newflags = ia->ia4_flags; 1179 1180 ia->ia_ifa.ifa_addr = sintosa(&oldaddr); 1181 ia->ia_ifa.ifa_dstaddr = sintosa(&olddst); 1182 ia->ia4_flags = oldflags; 1183 if (hostIsNew) 1184 in_scrubaddr(ia); 1185 else if (scrub) 1186 in_scrubprefix(ia); 1187 ia->ia_ifa.ifa_addr = sintosa(&ia->ia_addr); 1188 ia->ia_ifa.ifa_dstaddr = sintosa(&ia->ia_dstaddr); 1189 ia->ia4_flags = newflags; 1190 } 1191 1192 i = ia->ia_addr.sin_addr.s_addr; 1193 if (ifp->if_flags & IFF_POINTOPOINT) 1194 ia->ia_netmask = INADDR_BROADCAST; /* default to /32 */ 1195 else if (IN_CLASSA(i)) 1196 ia->ia_netmask = IN_CLASSA_NET; 1197 else if (IN_CLASSB(i)) 1198 ia->ia_netmask = IN_CLASSB_NET; 1199 else 1200 ia->ia_netmask = IN_CLASSC_NET; 1201 /* 1202 * The subnet mask usually includes at least the standard network part, 1203 * but may may be smaller in the case of supernetting. 1204 * If it is set, we believe it. 1205 */ 1206 if (ia->ia_subnetmask == 0) { 1207 ia->ia_subnetmask = ia->ia_netmask; 1208 ia->ia_sockmask.sin_addr.s_addr = ia->ia_subnetmask; 1209 } else 1210 ia->ia_netmask &= ia->ia_subnetmask; 1211 1212 ia->ia_net = i & ia->ia_netmask; 1213 ia->ia_subnet = i & ia->ia_subnetmask; 1214 in_socktrim(&ia->ia_sockmask); 1215 1216 /* re-calculate the "in_maxmtu" value */ 1217 in_setmaxmtu(); 1218 1219 ia->ia_ifa.ifa_metric = ifp->if_metric; 1220 if (ifp->if_flags & IFF_BROADCAST) { 1221 if (ia->ia_subnetmask == IN_RFC3021_MASK) { 1222 ia->ia_broadaddr.sin_addr.s_addr = INADDR_BROADCAST; 1223 ia->ia_netbroadcast.s_addr = INADDR_BROADCAST; 1224 } else { 1225 ia->ia_broadaddr.sin_addr.s_addr = 1226 ia->ia_subnet | ~ia->ia_subnetmask; 1227 ia->ia_netbroadcast.s_addr = 1228 ia->ia_net | ~ia->ia_netmask; 1229 } 1230 } else if (ifp->if_flags & IFF_LOOPBACK) { 1231 ia->ia_dstaddr = ia->ia_addr; 1232 flags |= RTF_HOST; 1233 } else if (ifp->if_flags & IFF_POINTOPOINT) { 1234 if (ia->ia_dstaddr.sin_family != AF_INET) 1235 return (0); 1236 flags |= RTF_HOST; 1237 } 1238 1239 /* Add the local route to the address */ 1240 in_ifaddlocal(&ia->ia_ifa); 1241 1242 /* Add the prefix route for the address */ 1243 error = in_addprefix(ia, flags); 1244 1245 /* 1246 * If the interface supports multicast, join the "all hosts" 1247 * multicast group on that interface. 1248 */ 1249 mutex_enter(&in_ifaddr_lock); 1250 if ((ifp->if_flags & IFF_MULTICAST) != 0 && ia->ia_allhosts == NULL) { 1251 struct in_addr addr; 1252 1253 addr.s_addr = INADDR_ALLHOSTS_GROUP; 1254 ia->ia_allhosts = in_addmulti(&addr, ifp); 1255 } 1256 mutex_exit(&in_ifaddr_lock); 1257 1258 if (hostIsNew && 1259 ia->ia4_flags & IN_IFF_TENTATIVE && 1260 if_do_dad(ifp)) 1261 ia->ia_dad_start((struct ifaddr *)ia); 1262 1263 return error; 1264 } 1265 1266 #define rtinitflags(x) \ 1267 ((((x)->ia_ifp->if_flags & (IFF_LOOPBACK | IFF_POINTOPOINT)) != 0) \ 1268 ? RTF_HOST : 0) 1269 1270 /* 1271 * add a route to prefix ("connected route" in cisco terminology). 1272 * does nothing if there's some interface address with the same prefix already. 1273 */ 1274 static int 1275 in_addprefix(struct in_ifaddr *target, int flags) 1276 { 1277 struct in_ifaddr *ia; 1278 struct in_addr prefix, mask, p; 1279 int error; 1280 int s; 1281 1282 if ((flags & RTF_HOST) != 0) 1283 prefix = target->ia_dstaddr.sin_addr; 1284 else { 1285 prefix = target->ia_addr.sin_addr; 1286 mask = target->ia_sockmask.sin_addr; 1287 prefix.s_addr &= mask.s_addr; 1288 } 1289 1290 s = pserialize_read_enter(); 1291 IN_ADDRLIST_READER_FOREACH(ia) { 1292 if (rtinitflags(ia)) 1293 p = ia->ia_dstaddr.sin_addr; 1294 else { 1295 p = ia->ia_addr.sin_addr; 1296 p.s_addr &= ia->ia_sockmask.sin_addr.s_addr; 1297 } 1298 1299 if (prefix.s_addr != p.s_addr) 1300 continue; 1301 1302 /* 1303 * if we got a matching prefix route inserted by other 1304 * interface address, we don't need to bother 1305 * 1306 * XXX RADIX_MPATH implications here? -dyoung 1307 */ 1308 if (ia->ia_flags & IFA_ROUTE) { 1309 pserialize_read_exit(s); 1310 return 0; 1311 } 1312 } 1313 pserialize_read_exit(s); 1314 1315 /* 1316 * noone seem to have prefix route. insert it. 1317 */ 1318 error = rtinit(&target->ia_ifa, RTM_ADD, flags); 1319 if (error == 0) 1320 target->ia_flags |= IFA_ROUTE; 1321 else if (error == EEXIST) { 1322 /* 1323 * the fact the route already exists is not an error. 1324 */ 1325 error = 0; 1326 } 1327 return error; 1328 } 1329 1330 /* 1331 * remove a route to prefix ("connected route" in cisco terminology). 1332 * re-installs the route by using another interface address, if there's one 1333 * with the same prefix (otherwise we lose the route mistakenly). 1334 */ 1335 static int 1336 in_scrubprefix(struct in_ifaddr *target) 1337 { 1338 struct in_ifaddr *ia; 1339 struct in_addr prefix, mask, p; 1340 int error; 1341 int s; 1342 1343 /* If we don't have IFA_ROUTE we have nothing to do */ 1344 if ((target->ia_flags & IFA_ROUTE) == 0) 1345 return 0; 1346 1347 if (rtinitflags(target)) 1348 prefix = target->ia_dstaddr.sin_addr; 1349 else { 1350 prefix = target->ia_addr.sin_addr; 1351 mask = target->ia_sockmask.sin_addr; 1352 prefix.s_addr &= mask.s_addr; 1353 } 1354 1355 s = pserialize_read_enter(); 1356 IN_ADDRLIST_READER_FOREACH(ia) { 1357 if (rtinitflags(ia)) 1358 p = ia->ia_dstaddr.sin_addr; 1359 else { 1360 p = ia->ia_addr.sin_addr; 1361 p.s_addr &= ia->ia_sockmask.sin_addr.s_addr; 1362 } 1363 1364 if (prefix.s_addr != p.s_addr) 1365 continue; 1366 1367 /* 1368 * if we got a matching prefix route, move IFA_ROUTE to him 1369 */ 1370 if ((ia->ia_flags & IFA_ROUTE) == 0) { 1371 struct psref psref; 1372 int bound = curlwp_bind(); 1373 1374 ia4_acquire(ia, &psref); 1375 pserialize_read_exit(s); 1376 1377 rtinit(&target->ia_ifa, RTM_DELETE, 1378 rtinitflags(target)); 1379 target->ia_flags &= ~IFA_ROUTE; 1380 1381 error = rtinit(&ia->ia_ifa, RTM_ADD, 1382 rtinitflags(ia) | RTF_UP); 1383 if (error == 0) 1384 ia->ia_flags |= IFA_ROUTE; 1385 1386 ia4_release(ia, &psref); 1387 curlwp_bindx(bound); 1388 1389 return error; 1390 } 1391 } 1392 pserialize_read_exit(s); 1393 1394 /* 1395 * noone seem to have prefix route. remove it. 1396 */ 1397 rtinit(&target->ia_ifa, RTM_DELETE, rtinitflags(target)); 1398 target->ia_flags &= ~IFA_ROUTE; 1399 return 0; 1400 } 1401 1402 #undef rtinitflags 1403 1404 /* 1405 * Return 1 if the address might be a local broadcast address. 1406 */ 1407 int 1408 in_broadcast(struct in_addr in, struct ifnet *ifp) 1409 { 1410 struct ifaddr *ifa; 1411 int s; 1412 1413 KASSERT(ifp != NULL); 1414 1415 if (in.s_addr == INADDR_BROADCAST || 1416 in_nullhost(in)) 1417 return 1; 1418 if ((ifp->if_flags & IFF_BROADCAST) == 0) 1419 return 0; 1420 /* 1421 * Look through the list of addresses for a match 1422 * with a broadcast address. 1423 */ 1424 #define ia (ifatoia(ifa)) 1425 s = pserialize_read_enter(); 1426 IFADDR_READER_FOREACH(ifa, ifp) { 1427 if (ifa->ifa_addr->sa_family == AF_INET && 1428 !in_hosteq(in, ia->ia_addr.sin_addr) && 1429 (in_hosteq(in, ia->ia_broadaddr.sin_addr) || 1430 in_hosteq(in, ia->ia_netbroadcast) || 1431 (hostzeroisbroadcast && 1432 /* 1433 * Check for old-style (host 0) broadcast, but 1434 * taking into account that RFC 3021 obsoletes it. 1435 */ 1436 ia->ia_subnetmask != IN_RFC3021_MASK && 1437 (in.s_addr == ia->ia_subnet || 1438 in.s_addr == ia->ia_net)))) { 1439 pserialize_read_exit(s); 1440 return 1; 1441 } 1442 } 1443 pserialize_read_exit(s); 1444 return (0); 1445 #undef ia 1446 } 1447 1448 /* 1449 * perform DAD when interface becomes IFF_UP. 1450 */ 1451 void 1452 in_if_link_up(struct ifnet *ifp) 1453 { 1454 struct ifaddr *ifa; 1455 struct in_ifaddr *ia; 1456 int s, bound; 1457 1458 /* Ensure it's sane to run DAD */ 1459 if (ifp->if_link_state == LINK_STATE_DOWN) 1460 return; 1461 if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) != (IFF_UP|IFF_RUNNING)) 1462 return; 1463 1464 bound = curlwp_bind(); 1465 s = pserialize_read_enter(); 1466 IFADDR_READER_FOREACH(ifa, ifp) { 1467 struct psref psref; 1468 1469 if (ifa->ifa_addr->sa_family != AF_INET) 1470 continue; 1471 ifa_acquire(ifa, &psref); 1472 pserialize_read_exit(s); 1473 1474 ia = (struct in_ifaddr *)ifa; 1475 1476 /* If detached then mark as tentative */ 1477 if (ia->ia4_flags & IN_IFF_DETACHED) { 1478 ia->ia4_flags &= ~IN_IFF_DETACHED; 1479 if (ip_dad_enabled() && if_do_dad(ifp) && 1480 ia->ia_dad_start != NULL) 1481 ia->ia4_flags |= IN_IFF_TENTATIVE; 1482 else if ((ia->ia4_flags & IN_IFF_TENTATIVE) == 0) 1483 rt_addrmsg(RTM_NEWADDR, ifa); 1484 } 1485 1486 if (ia->ia4_flags & IN_IFF_TENTATIVE) { 1487 /* Clear the duplicated flag as we're starting DAD. */ 1488 ia->ia4_flags &= ~IN_IFF_DUPLICATED; 1489 ia->ia_dad_start(ifa); 1490 } 1491 1492 s = pserialize_read_enter(); 1493 ifa_release(ifa, &psref); 1494 } 1495 pserialize_read_exit(s); 1496 curlwp_bindx(bound); 1497 } 1498 1499 void 1500 in_if_up(struct ifnet *ifp) 1501 { 1502 1503 /* interface may not support link state, so bring it up also */ 1504 in_if_link_up(ifp); 1505 } 1506 1507 /* 1508 * Mark all addresses as detached. 1509 */ 1510 void 1511 in_if_link_down(struct ifnet *ifp) 1512 { 1513 struct ifaddr *ifa; 1514 struct in_ifaddr *ia; 1515 int s, bound; 1516 1517 bound = curlwp_bind(); 1518 s = pserialize_read_enter(); 1519 IFADDR_READER_FOREACH(ifa, ifp) { 1520 struct psref psref; 1521 1522 if (ifa->ifa_addr->sa_family != AF_INET) 1523 continue; 1524 ifa_acquire(ifa, &psref); 1525 pserialize_read_exit(s); 1526 1527 ia = (struct in_ifaddr *)ifa; 1528 1529 /* Stop DAD processing */ 1530 if (ia->ia_dad_stop != NULL) 1531 ia->ia_dad_stop(ifa); 1532 1533 /* 1534 * Mark the address as detached. 1535 */ 1536 if (!(ia->ia4_flags & IN_IFF_DETACHED)) { 1537 ia->ia4_flags |= IN_IFF_DETACHED; 1538 ia->ia4_flags &= 1539 ~(IN_IFF_TENTATIVE | IN_IFF_DUPLICATED); 1540 rt_addrmsg(RTM_NEWADDR, ifa); 1541 } 1542 1543 s = pserialize_read_enter(); 1544 ifa_release(ifa, &psref); 1545 } 1546 pserialize_read_exit(s); 1547 curlwp_bindx(bound); 1548 } 1549 1550 void 1551 in_if_down(struct ifnet *ifp) 1552 { 1553 1554 in_if_link_down(ifp); 1555 #if NARP > 0 1556 lltable_purge_entries(LLTABLE(ifp)); 1557 #endif 1558 } 1559 1560 void 1561 in_if_link_state_change(struct ifnet *ifp, int link_state) 1562 { 1563 1564 switch (link_state) { 1565 case LINK_STATE_DOWN: 1566 in_if_link_down(ifp); 1567 break; 1568 case LINK_STATE_UP: 1569 in_if_link_up(ifp); 1570 break; 1571 } 1572 } 1573 1574 /* 1575 * in_lookup_multi: look up the in_multi record for a given IP 1576 * multicast address on a given interface. If no matching record is 1577 * found, return NULL. 1578 */ 1579 struct in_multi * 1580 in_lookup_multi(struct in_addr addr, ifnet_t *ifp) 1581 { 1582 struct in_multi *inm; 1583 1584 KASSERT(rw_lock_held(&in_multilock)); 1585 1586 LIST_FOREACH(inm, &IN_MULTI_HASH(addr.s_addr, ifp), inm_list) { 1587 if (in_hosteq(inm->inm_addr, addr) && inm->inm_ifp == ifp) 1588 break; 1589 } 1590 return inm; 1591 } 1592 1593 /* 1594 * in_multi_group: check whether the address belongs to an IP multicast 1595 * group we are joined on this interface. Returns true or false. 1596 */ 1597 bool 1598 in_multi_group(struct in_addr addr, ifnet_t *ifp, int flags) 1599 { 1600 bool ingroup; 1601 1602 if (__predict_true(flags & IP_IGMP_MCAST) == 0) { 1603 rw_enter(&in_multilock, RW_READER); 1604 ingroup = in_lookup_multi(addr, ifp) != NULL; 1605 rw_exit(&in_multilock); 1606 } else { 1607 /* XXX Recursive call from ip_output(). */ 1608 KASSERT(rw_lock_held(&in_multilock)); 1609 ingroup = in_lookup_multi(addr, ifp) != NULL; 1610 } 1611 return ingroup; 1612 } 1613 1614 /* 1615 * Add an address to the list of IP multicast addresses for a given interface. 1616 */ 1617 struct in_multi * 1618 in_addmulti(struct in_addr *ap, ifnet_t *ifp) 1619 { 1620 struct sockaddr_in sin; 1621 struct in_multi *inm; 1622 1623 /* 1624 * See if address already in list. 1625 */ 1626 rw_enter(&in_multilock, RW_WRITER); 1627 inm = in_lookup_multi(*ap, ifp); 1628 if (inm != NULL) { 1629 /* 1630 * Found it; just increment the reference count. 1631 */ 1632 inm->inm_refcount++; 1633 rw_exit(&in_multilock); 1634 return inm; 1635 } 1636 1637 /* 1638 * New address; allocate a new multicast record. 1639 */ 1640 inm = pool_get(&inmulti_pool, PR_NOWAIT); 1641 if (inm == NULL) { 1642 rw_exit(&in_multilock); 1643 return NULL; 1644 } 1645 inm->inm_addr = *ap; 1646 inm->inm_ifp = ifp; 1647 inm->inm_refcount = 1; 1648 1649 /* 1650 * Ask the network driver to update its multicast reception 1651 * filter appropriately for the new address. 1652 */ 1653 sockaddr_in_init(&sin, ap, 0); 1654 if (if_mcast_op(ifp, SIOCADDMULTI, sintosa(&sin)) != 0) { 1655 rw_exit(&in_multilock); 1656 pool_put(&inmulti_pool, inm); 1657 return NULL; 1658 } 1659 1660 /* 1661 * Let IGMP know that we have joined a new IP multicast group. 1662 */ 1663 if (igmp_joingroup(inm) != 0) { 1664 rw_exit(&in_multilock); 1665 pool_put(&inmulti_pool, inm); 1666 return NULL; 1667 } 1668 LIST_INSERT_HEAD( 1669 &IN_MULTI_HASH(inm->inm_addr.s_addr, ifp), 1670 inm, inm_list); 1671 in_multientries++; 1672 rw_exit(&in_multilock); 1673 1674 return inm; 1675 } 1676 1677 /* 1678 * Delete a multicast address record. 1679 */ 1680 void 1681 in_delmulti(struct in_multi *inm) 1682 { 1683 struct sockaddr_in sin; 1684 1685 rw_enter(&in_multilock, RW_WRITER); 1686 if (--inm->inm_refcount > 0) { 1687 rw_exit(&in_multilock); 1688 return; 1689 } 1690 1691 /* 1692 * No remaining claims to this record; let IGMP know that 1693 * we are leaving the multicast group. 1694 */ 1695 igmp_leavegroup(inm); 1696 1697 /* 1698 * Notify the network driver to update its multicast reception 1699 * filter. 1700 */ 1701 sockaddr_in_init(&sin, &inm->inm_addr, 0); 1702 if_mcast_op(inm->inm_ifp, SIOCDELMULTI, sintosa(&sin)); 1703 1704 /* 1705 * Unlink from list. 1706 */ 1707 LIST_REMOVE(inm, inm_list); 1708 in_multientries--; 1709 rw_exit(&in_multilock); 1710 1711 pool_put(&inmulti_pool, inm); 1712 } 1713 1714 /* 1715 * in_next_multi: step through all of the in_multi records, one at a time. 1716 * The current position is remembered in "step", which the caller must 1717 * provide. in_first_multi(), below, must be called to initialize "step" 1718 * and get the first record. Both macros return a NULL "inm" when there 1719 * are no remaining records. 1720 */ 1721 struct in_multi * 1722 in_next_multi(struct in_multistep *step) 1723 { 1724 struct in_multi *inm; 1725 1726 KASSERT(rw_lock_held(&in_multilock)); 1727 1728 while (step->i_inm == NULL && step->i_n < IN_MULTI_HASH_SIZE) { 1729 step->i_inm = LIST_FIRST(&in_multihashtbl[++step->i_n]); 1730 } 1731 if ((inm = step->i_inm) != NULL) { 1732 step->i_inm = LIST_NEXT(inm, inm_list); 1733 } 1734 return inm; 1735 } 1736 1737 struct in_multi * 1738 in_first_multi(struct in_multistep *step) 1739 { 1740 KASSERT(rw_lock_held(&in_multilock)); 1741 1742 step->i_n = 0; 1743 step->i_inm = LIST_FIRST(&in_multihashtbl[0]); 1744 return in_next_multi(step); 1745 } 1746 1747 void 1748 in_multi_lock(int op) 1749 { 1750 rw_enter(&in_multilock, op); 1751 } 1752 1753 void 1754 in_multi_unlock(void) 1755 { 1756 rw_exit(&in_multilock); 1757 } 1758 1759 int 1760 in_multi_lock_held(void) 1761 { 1762 return rw_lock_held(&in_multilock); 1763 } 1764 1765 struct in_ifaddr * 1766 in_selectsrc(struct sockaddr_in *sin, struct route *ro, 1767 int soopts, struct ip_moptions *mopts, int *errorp, struct psref *psref) 1768 { 1769 struct rtentry *rt = NULL; 1770 struct in_ifaddr *ia = NULL; 1771 1772 KASSERT(ISSET(curlwp->l_pflag, LP_BOUND)); 1773 /* 1774 * If route is known or can be allocated now, take the 1775 * source address from the interface. Otherwise, punt. 1776 */ 1777 if ((soopts & SO_DONTROUTE) != 0) 1778 rtcache_free(ro); 1779 else { 1780 union { 1781 struct sockaddr dst; 1782 struct sockaddr_in dst4; 1783 } u; 1784 1785 sockaddr_in_init(&u.dst4, &sin->sin_addr, 0); 1786 rt = rtcache_lookup(ro, &u.dst); 1787 } 1788 /* 1789 * If we found a route, use the address 1790 * corresponding to the outgoing interface 1791 * unless it is the loopback (in case a route 1792 * to our address on another net goes to loopback). 1793 * 1794 * XXX Is this still true? Do we care? 1795 */ 1796 if (rt != NULL && (rt->rt_ifp->if_flags & IFF_LOOPBACK) == 0) { 1797 int s; 1798 struct ifaddr *ifa; 1799 /* 1800 * Just in case. May not need to do this workaround. 1801 * Revisit when working on rtentry MP-ification. 1802 */ 1803 s = pserialize_read_enter(); 1804 IFADDR_READER_FOREACH(ifa, rt->rt_ifp) { 1805 if (ifa == rt->rt_ifa) 1806 break; 1807 } 1808 if (ifa != NULL) 1809 ifa_acquire(ifa, psref); 1810 pserialize_read_exit(s); 1811 1812 ia = ifatoia(ifa); 1813 } 1814 if (ia == NULL) { 1815 u_int16_t fport = sin->sin_port; 1816 struct ifaddr *ifa; 1817 int s; 1818 1819 sin->sin_port = 0; 1820 ifa = ifa_ifwithladdr_psref(sintosa(sin), psref); 1821 sin->sin_port = fport; 1822 if (ifa == NULL) { 1823 /* Find 1st non-loopback AF_INET address */ 1824 s = pserialize_read_enter(); 1825 IN_ADDRLIST_READER_FOREACH(ia) { 1826 if (!(ia->ia_ifp->if_flags & IFF_LOOPBACK)) 1827 break; 1828 } 1829 if (ia != NULL) 1830 ia4_acquire(ia, psref); 1831 pserialize_read_exit(s); 1832 } else { 1833 /* ia is already referenced by psref */ 1834 ia = ifatoia(ifa); 1835 } 1836 if (ia == NULL) { 1837 *errorp = EADDRNOTAVAIL; 1838 goto out; 1839 } 1840 } 1841 /* 1842 * If the destination address is multicast and an outgoing 1843 * interface has been set as a multicast option, use the 1844 * address of that interface as our source address. 1845 */ 1846 if (IN_MULTICAST(sin->sin_addr.s_addr) && mopts != NULL) { 1847 struct ip_moptions *imo; 1848 1849 imo = mopts; 1850 if (imo->imo_multicast_if_index != 0) { 1851 struct ifnet *ifp; 1852 int s; 1853 1854 if (ia != NULL) 1855 ia4_release(ia, psref); 1856 s = pserialize_read_enter(); 1857 ifp = if_byindex(imo->imo_multicast_if_index); 1858 if (ifp != NULL) { 1859 /* XXX */ 1860 ia = in_get_ia_from_ifp_psref(ifp, psref); 1861 } else 1862 ia = NULL; 1863 if (ia == NULL || ia->ia4_flags & IN_IFF_NOTREADY) { 1864 pserialize_read_exit(s); 1865 if (ia != NULL) 1866 ia4_release(ia, psref); 1867 *errorp = EADDRNOTAVAIL; 1868 ia = NULL; 1869 goto out; 1870 } 1871 pserialize_read_exit(s); 1872 } 1873 } 1874 if (ia->ia_ifa.ifa_getifa != NULL) { 1875 ia = ifatoia((*ia->ia_ifa.ifa_getifa)(&ia->ia_ifa, 1876 sintosa(sin))); 1877 if (ia == NULL) { 1878 *errorp = EADDRNOTAVAIL; 1879 goto out; 1880 } 1881 /* FIXME NOMPSAFE */ 1882 ia4_acquire(ia, psref); 1883 } 1884 #ifdef GETIFA_DEBUG 1885 else 1886 printf("%s: missing ifa_getifa\n", __func__); 1887 #endif 1888 out: 1889 rtcache_unref(rt, ro); 1890 return ia; 1891 } 1892 1893 int 1894 in_tunnel_validate(const struct ip *ip, struct in_addr src, struct in_addr dst) 1895 { 1896 struct in_ifaddr *ia4; 1897 int s; 1898 1899 /* check for address match */ 1900 if (src.s_addr != ip->ip_dst.s_addr || 1901 dst.s_addr != ip->ip_src.s_addr) 1902 return 0; 1903 1904 /* martian filters on outer source - NOT done in ip_input! */ 1905 if (IN_MULTICAST(ip->ip_src.s_addr)) 1906 return 0; 1907 switch ((ntohl(ip->ip_src.s_addr) & 0xff000000) >> 24) { 1908 case 0: 1909 case 127: 1910 case 255: 1911 return 0; 1912 } 1913 /* reject packets with broadcast on source */ 1914 s = pserialize_read_enter(); 1915 IN_ADDRLIST_READER_FOREACH(ia4) { 1916 if ((ia4->ia_ifa.ifa_ifp->if_flags & IFF_BROADCAST) == 0) 1917 continue; 1918 if (ip->ip_src.s_addr == ia4->ia_broadaddr.sin_addr.s_addr) { 1919 pserialize_read_exit(s); 1920 return 0; 1921 } 1922 } 1923 pserialize_read_exit(s); 1924 1925 /* NOTE: packet may dropped by uRPF */ 1926 1927 /* return valid bytes length */ 1928 return sizeof(src) + sizeof(dst); 1929 } 1930 1931 #if NARP > 0 1932 1933 #define IN_LLTBL_DEFAULT_HSIZE 32 1934 #define IN_LLTBL_HASH(k, h) \ 1935 (((((((k >> 8) ^ k) >> 8) ^ k) >> 8) ^ k) & ((h) - 1)) 1936 1937 /* 1938 * Do actual deallocation of @lle. 1939 * Called by LLE_FREE_LOCKED when number of references 1940 * drops to zero. 1941 */ 1942 static void 1943 in_lltable_destroy_lle(struct llentry *lle) 1944 { 1945 1946 KASSERTMSG(lle->la_numheld == 0, "la_numheld=%d", lle->la_numheld); 1947 1948 LLE_WUNLOCK(lle); 1949 LLE_LOCK_DESTROY(lle); 1950 llentry_pool_put(lle); 1951 } 1952 1953 static struct llentry * 1954 in_lltable_new(struct in_addr addr4, u_int flags) 1955 { 1956 struct llentry *lle; 1957 1958 lle = llentry_pool_get(PR_NOWAIT); 1959 if (lle == NULL) /* NB: caller generates msg */ 1960 return NULL; 1961 1962 /* 1963 * For IPv4 this will trigger "arpresolve" to generate 1964 * an ARP request. 1965 */ 1966 lle->la_expire = time_uptime; /* mark expired */ 1967 lle->r_l3addr.addr4 = addr4; 1968 lle->lle_refcnt = 1; 1969 lle->lle_free = in_lltable_destroy_lle; 1970 LLE_LOCK_INIT(lle); 1971 callout_init(&lle->la_timer, CALLOUT_MPSAFE); 1972 1973 return lle; 1974 } 1975 1976 #define IN_ARE_MASKED_ADDR_EQUAL(d, a, m) ( \ 1977 (((ntohl((d).s_addr) ^ (a)->sin_addr.s_addr) & (m)->sin_addr.s_addr)) == 0 ) 1978 1979 static int 1980 in_lltable_match_prefix(const struct sockaddr *prefix, 1981 const struct sockaddr *mask, u_int flags, struct llentry *lle) 1982 { 1983 const struct sockaddr_in *pfx = (const struct sockaddr_in *)prefix; 1984 const struct sockaddr_in *msk = (const struct sockaddr_in *)mask; 1985 struct in_addr lle_addr; 1986 1987 lle_addr.s_addr = ntohl(lle->r_l3addr.addr4.s_addr); 1988 1989 /* 1990 * (flags & LLE_STATIC) means deleting all entries 1991 * including static ARP entries. 1992 */ 1993 if (IN_ARE_MASKED_ADDR_EQUAL(lle_addr, pfx, msk) && 1994 ((flags & LLE_STATIC) || !(lle->la_flags & LLE_STATIC))) 1995 return (1); 1996 1997 return (0); 1998 } 1999 2000 static void 2001 in_lltable_free_entry(struct lltable *llt, struct llentry *lle) 2002 { 2003 size_t pkts_dropped; 2004 2005 LLE_WLOCK_ASSERT(lle); 2006 KASSERT(llt != NULL); 2007 2008 pkts_dropped = llentry_free(lle); 2009 arp_stat_add(ARP_STAT_DFRDROPPED, (uint64_t)pkts_dropped); 2010 } 2011 2012 static int 2013 in_lltable_rtcheck(struct ifnet *ifp, u_int flags, const struct sockaddr *l3addr, 2014 const struct rtentry *rt) 2015 { 2016 int error = EINVAL; 2017 2018 if (rt == NULL) 2019 return error; 2020 2021 /* 2022 * If the gateway for an existing host route matches the target L3 2023 * address, which is a special route inserted by some implementation 2024 * such as MANET, and the interface is of the correct type, then 2025 * allow for ARP to proceed. 2026 */ 2027 if (rt->rt_flags & RTF_GATEWAY) { 2028 if (!(rt->rt_flags & RTF_HOST) || !rt->rt_ifp || 2029 rt->rt_ifp->if_type != IFT_ETHER || 2030 (rt->rt_ifp->if_flags & IFF_NOARP) != 0 || 2031 memcmp(rt->rt_gateway->sa_data, l3addr->sa_data, 2032 sizeof(in_addr_t)) != 0) { 2033 goto error; 2034 } 2035 } 2036 2037 /* 2038 * Make sure that at least the destination address is covered 2039 * by the route. This is for handling the case where 2 or more 2040 * interfaces have the same prefix. An incoming packet arrives 2041 * on one interface and the corresponding outgoing packet leaves 2042 * another interface. 2043 */ 2044 if (!(rt->rt_flags & RTF_HOST) && rt->rt_ifp != ifp) { 2045 const char *sa, *mask, *addr, *lim; 2046 int len; 2047 2048 mask = (const char *)rt_mask(rt); 2049 /* 2050 * Just being extra cautious to avoid some custom 2051 * code getting into trouble. 2052 */ 2053 if (mask == NULL) 2054 goto error; 2055 2056 sa = (const char *)rt_getkey(rt); 2057 addr = (const char *)l3addr; 2058 len = ((const struct sockaddr_in *)l3addr)->sin_len; 2059 lim = addr + len; 2060 2061 for ( ; addr < lim; sa++, mask++, addr++) { 2062 if ((*sa ^ *addr) & *mask) { 2063 #ifdef DIAGNOSTIC 2064 log(LOG_INFO, "IPv4 address: \"%s\" is not on the network\n", 2065 inet_ntoa(((const struct sockaddr_in *)l3addr)->sin_addr)); 2066 #endif 2067 goto error; 2068 } 2069 } 2070 } 2071 2072 error = 0; 2073 error: 2074 return error; 2075 } 2076 2077 static inline uint32_t 2078 in_lltable_hash_dst(const struct in_addr dst, uint32_t hsize) 2079 { 2080 2081 return (IN_LLTBL_HASH(dst.s_addr, hsize)); 2082 } 2083 2084 static uint32_t 2085 in_lltable_hash(const struct llentry *lle, uint32_t hsize) 2086 { 2087 2088 return (in_lltable_hash_dst(lle->r_l3addr.addr4, hsize)); 2089 } 2090 2091 static void 2092 in_lltable_fill_sa_entry(const struct llentry *lle, struct sockaddr *sa) 2093 { 2094 struct sockaddr_in *sin; 2095 2096 sin = (struct sockaddr_in *)sa; 2097 memset(sin, 0, sizeof(*sin)); 2098 sin->sin_family = AF_INET; 2099 sin->sin_len = sizeof(*sin); 2100 sin->sin_addr = lle->r_l3addr.addr4; 2101 } 2102 2103 static inline struct llentry * 2104 in_lltable_find_dst(struct lltable *llt, struct in_addr dst) 2105 { 2106 struct llentry *lle; 2107 struct llentries *lleh; 2108 u_int hashidx; 2109 2110 hashidx = in_lltable_hash_dst(dst, llt->llt_hsize); 2111 lleh = &llt->lle_head[hashidx]; 2112 LIST_FOREACH(lle, lleh, lle_next) { 2113 if (lle->la_flags & LLE_DELETED) 2114 continue; 2115 if (lle->r_l3addr.addr4.s_addr == dst.s_addr) 2116 break; 2117 } 2118 2119 return (lle); 2120 } 2121 2122 static int 2123 in_lltable_delete(struct lltable *llt, u_int flags, 2124 const struct sockaddr *l3addr) 2125 { 2126 const struct sockaddr_in *sin = (const struct sockaddr_in *)l3addr; 2127 struct ifnet *ifp __diagused = llt->llt_ifp; 2128 struct llentry *lle; 2129 2130 IF_AFDATA_WLOCK_ASSERT(ifp); 2131 KASSERTMSG(l3addr->sa_family == AF_INET, 2132 "sin_family %d", l3addr->sa_family); 2133 2134 lle = in_lltable_find_dst(llt, sin->sin_addr); 2135 if (lle == NULL) { 2136 #ifdef LLTABLE_DEBUG 2137 char buf[64]; 2138 sockaddr_format(l3addr, buf, sizeof(buf)); 2139 log(LOG_INFO, "%s: cache for %s is not found\n", 2140 __func__, buf); 2141 #endif 2142 return (ENOENT); 2143 } 2144 2145 LLE_WLOCK(lle); 2146 #ifdef LLTABLE_DEBUG 2147 { 2148 char buf[64]; 2149 sockaddr_format(l3addr, buf, sizeof(buf)); 2150 log(LOG_INFO, "%s: cache for %s (%p) is deleted\n", 2151 __func__, buf, lle); 2152 } 2153 #endif 2154 llentry_free(lle); 2155 2156 return (0); 2157 } 2158 2159 static struct llentry * 2160 in_lltable_create(struct lltable *llt, u_int flags, const struct sockaddr *l3addr, 2161 const struct rtentry *rt) 2162 { 2163 const struct sockaddr_in *sin = (const struct sockaddr_in *)l3addr; 2164 struct ifnet *ifp = llt->llt_ifp; 2165 struct llentry *lle; 2166 2167 IF_AFDATA_WLOCK_ASSERT(ifp); 2168 KASSERTMSG(l3addr->sa_family == AF_INET, 2169 "sin_family %d", l3addr->sa_family); 2170 2171 lle = in_lltable_find_dst(llt, sin->sin_addr); 2172 2173 if (lle != NULL) { 2174 LLE_WLOCK(lle); 2175 return (lle); 2176 } 2177 2178 /* no existing record, we need to create new one */ 2179 2180 /* 2181 * A route that covers the given address must have 2182 * been installed 1st because we are doing a resolution, 2183 * verify this. 2184 */ 2185 if (!(flags & LLE_IFADDR) && 2186 in_lltable_rtcheck(ifp, flags, l3addr, rt) != 0) 2187 return (NULL); 2188 2189 lle = in_lltable_new(sin->sin_addr, flags); 2190 if (lle == NULL) { 2191 log(LOG_INFO, "lla_lookup: new lle malloc failed\n"); 2192 return (NULL); 2193 } 2194 lle->la_flags = flags; 2195 if ((flags & LLE_IFADDR) == LLE_IFADDR) { 2196 memcpy(&lle->ll_addr, CLLADDR(ifp->if_sadl), ifp->if_addrlen); 2197 lle->la_flags |= (LLE_VALID | LLE_STATIC); 2198 } 2199 2200 lltable_link_entry(llt, lle); 2201 LLE_WLOCK(lle); 2202 2203 return (lle); 2204 } 2205 2206 /* 2207 * Return NULL if not found or marked for deletion. 2208 * If found return lle read locked. 2209 */ 2210 static struct llentry * 2211 in_lltable_lookup(struct lltable *llt, u_int flags, const struct sockaddr *l3addr) 2212 { 2213 const struct sockaddr_in *sin = (const struct sockaddr_in *)l3addr; 2214 struct llentry *lle; 2215 2216 IF_AFDATA_LOCK_ASSERT(llt->llt_ifp); 2217 KASSERTMSG(l3addr->sa_family == AF_INET, 2218 "sin_family %d", l3addr->sa_family); 2219 2220 lle = in_lltable_find_dst(llt, sin->sin_addr); 2221 2222 if (lle == NULL) 2223 return NULL; 2224 2225 if (flags & LLE_EXCLUSIVE) 2226 LLE_WLOCK(lle); 2227 else 2228 LLE_RLOCK(lle); 2229 2230 return lle; 2231 } 2232 2233 static int 2234 in_lltable_dump_entry(struct lltable *llt, struct llentry *lle, 2235 struct rt_walkarg *w) 2236 { 2237 struct sockaddr_in sin; 2238 2239 LLTABLE_LOCK_ASSERT(); 2240 2241 /* skip deleted entries */ 2242 if (lle->la_flags & LLE_DELETED) 2243 return 0; 2244 2245 sockaddr_in_init(&sin, &lle->r_l3addr.addr4, 0); 2246 2247 return lltable_dump_entry(llt, lle, w, sintosa(&sin)); 2248 } 2249 2250 #endif /* NARP > 0 */ 2251 2252 static int 2253 in_multicast_sysctl(SYSCTLFN_ARGS) 2254 { 2255 struct ifnet *ifp; 2256 struct ifaddr *ifa; 2257 struct in_ifaddr *ifa4; 2258 struct in_multi *inm; 2259 uint32_t tmp; 2260 int error; 2261 size_t written; 2262 struct psref psref; 2263 int bound; 2264 2265 if (namelen != 1) 2266 return EINVAL; 2267 2268 bound = curlwp_bind(); 2269 ifp = if_get_byindex(name[0], &psref); 2270 if (ifp == NULL) { 2271 curlwp_bindx(bound); 2272 return ENODEV; 2273 } 2274 2275 if (oldp == NULL) { 2276 *oldlenp = 0; 2277 IFADDR_FOREACH(ifa, ifp) { 2278 if (ifa->ifa_addr->sa_family != AF_INET) 2279 continue; 2280 ifa4 = (void *)ifa; 2281 LIST_FOREACH(inm, &ifa4->ia_multiaddrs, inm_list) { 2282 *oldlenp += 2 * sizeof(struct in_addr) + 2283 sizeof(uint32_t); 2284 } 2285 } 2286 if_put(ifp, &psref); 2287 curlwp_bindx(bound); 2288 return 0; 2289 } 2290 2291 error = 0; 2292 written = 0; 2293 IFADDR_FOREACH(ifa, ifp) { 2294 if (ifa->ifa_addr->sa_family != AF_INET) 2295 continue; 2296 ifa4 = (void *)ifa; 2297 LIST_FOREACH(inm, &ifa4->ia_multiaddrs, inm_list) { 2298 if (written + 2 * sizeof(struct in_addr) + 2299 sizeof(uint32_t) > *oldlenp) 2300 goto done; 2301 error = sysctl_copyout(l, &ifa4->ia_addr.sin_addr, 2302 oldp, sizeof(struct in_addr)); 2303 if (error) 2304 goto done; 2305 oldp = (char *)oldp + sizeof(struct in_addr); 2306 written += sizeof(struct in_addr); 2307 error = sysctl_copyout(l, &inm->inm_addr, 2308 oldp, sizeof(struct in_addr)); 2309 if (error) 2310 goto done; 2311 oldp = (char *)oldp + sizeof(struct in_addr); 2312 written += sizeof(struct in_addr); 2313 tmp = inm->inm_refcount; 2314 error = sysctl_copyout(l, &tmp, oldp, sizeof(tmp)); 2315 if (error) 2316 goto done; 2317 oldp = (char *)oldp + sizeof(tmp); 2318 written += sizeof(tmp); 2319 } 2320 } 2321 done: 2322 if_put(ifp, &psref); 2323 curlwp_bindx(bound); 2324 *oldlenp = written; 2325 return error; 2326 } 2327 2328 static void 2329 in_sysctl_init(struct sysctllog **clog) 2330 { 2331 sysctl_createv(clog, 0, NULL, NULL, 2332 CTLFLAG_PERMANENT, 2333 CTLTYPE_NODE, "inet", 2334 SYSCTL_DESCR("PF_INET related settings"), 2335 NULL, 0, NULL, 0, 2336 CTL_NET, PF_INET, CTL_EOL); 2337 sysctl_createv(clog, 0, NULL, NULL, 2338 CTLFLAG_PERMANENT, 2339 CTLTYPE_NODE, "multicast", 2340 SYSCTL_DESCR("Multicast information"), 2341 in_multicast_sysctl, 0, NULL, 0, 2342 CTL_NET, PF_INET, CTL_CREATE, CTL_EOL); 2343 sysctl_createv(clog, 0, NULL, NULL, 2344 CTLFLAG_PERMANENT, 2345 CTLTYPE_NODE, "ip", 2346 SYSCTL_DESCR("IPv4 related settings"), 2347 NULL, 0, NULL, 0, 2348 CTL_NET, PF_INET, IPPROTO_IP, CTL_EOL); 2349 2350 sysctl_createv(clog, 0, NULL, NULL, 2351 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2352 CTLTYPE_INT, "subnetsarelocal", 2353 SYSCTL_DESCR("Whether logical subnets are considered " 2354 "local"), 2355 NULL, 0, &subnetsarelocal, 0, 2356 CTL_NET, PF_INET, IPPROTO_IP, 2357 IPCTL_SUBNETSARELOCAL, CTL_EOL); 2358 sysctl_createv(clog, 0, NULL, NULL, 2359 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2360 CTLTYPE_INT, "hostzerobroadcast", 2361 SYSCTL_DESCR("All zeroes address is broadcast address"), 2362 NULL, 0, &hostzeroisbroadcast, 0, 2363 CTL_NET, PF_INET, IPPROTO_IP, 2364 IPCTL_HOSTZEROBROADCAST, CTL_EOL); 2365 } 2366 2367 #if NARP > 0 2368 2369 static struct lltable * 2370 in_lltattach(struct ifnet *ifp) 2371 { 2372 struct lltable *llt; 2373 2374 llt = lltable_allocate_htbl(IN_LLTBL_DEFAULT_HSIZE); 2375 llt->llt_af = AF_INET; 2376 llt->llt_ifp = ifp; 2377 2378 llt->llt_lookup = in_lltable_lookup; 2379 llt->llt_create = in_lltable_create; 2380 llt->llt_delete = in_lltable_delete; 2381 llt->llt_dump_entry = in_lltable_dump_entry; 2382 llt->llt_hash = in_lltable_hash; 2383 llt->llt_fill_sa_entry = in_lltable_fill_sa_entry; 2384 llt->llt_free_entry = in_lltable_free_entry; 2385 llt->llt_match_prefix = in_lltable_match_prefix; 2386 lltable_link(llt); 2387 2388 return (llt); 2389 } 2390 2391 #endif /* NARP > 0 */ 2392 2393 void * 2394 in_domifattach(struct ifnet *ifp) 2395 { 2396 struct in_ifinfo *ii; 2397 2398 ii = kmem_zalloc(sizeof(struct in_ifinfo), KM_SLEEP); 2399 2400 #if NARP > 0 2401 ii->ii_llt = in_lltattach(ifp); 2402 #endif 2403 2404 #ifdef IPSELSRC 2405 ii->ii_selsrc = in_selsrc_domifattach(ifp); 2406 KASSERT(ii->ii_selsrc != NULL); 2407 #endif 2408 2409 return ii; 2410 } 2411 2412 void 2413 in_domifdetach(struct ifnet *ifp, void *aux) 2414 { 2415 struct in_ifinfo *ii = aux; 2416 2417 #ifdef IPSELSRC 2418 in_selsrc_domifdetach(ifp, ii->ii_selsrc); 2419 #endif 2420 #if NARP > 0 2421 lltable_free(ii->ii_llt); 2422 #endif 2423 kmem_free(ii, sizeof(struct in_ifinfo)); 2424 } 2425