1 /* $NetBSD: in6.c,v 1.90 2004/07/26 13:44:35 yamt Exp $ */ 2 /* $KAME: in6.c,v 1.198 2001/07/18 09:12:38 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1991, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 * 61 * @(#)in.c 8.2 (Berkeley) 11/15/93 62 */ 63 64 #include <sys/cdefs.h> 65 __KERNEL_RCSID(0, "$NetBSD: in6.c,v 1.90 2004/07/26 13:44:35 yamt Exp $"); 66 67 #include "opt_inet.h" 68 #include "opt_pfil_hooks.h" 69 70 #include <sys/param.h> 71 #include <sys/ioctl.h> 72 #include <sys/errno.h> 73 #include <sys/malloc.h> 74 #include <sys/socket.h> 75 #include <sys/socketvar.h> 76 #include <sys/sockio.h> 77 #include <sys/systm.h> 78 #include <sys/proc.h> 79 #include <sys/time.h> 80 #include <sys/kernel.h> 81 #include <sys/syslog.h> 82 83 #include <net/if.h> 84 #include <net/if_types.h> 85 #include <net/route.h> 86 #include <net/if_dl.h> 87 88 #include <netinet/in.h> 89 #include <netinet/in_var.h> 90 #include <net/if_ether.h> 91 92 #include <netinet/ip6.h> 93 #include <netinet6/ip6_var.h> 94 #include <netinet6/nd6.h> 95 #include <netinet6/mld6_var.h> 96 #include <netinet6/ip6_mroute.h> 97 #include <netinet6/in6_ifattach.h> 98 99 #include <net/net_osdep.h> 100 101 #ifdef PFIL_HOOKS 102 #include <net/pfil.h> 103 #endif 104 105 MALLOC_DEFINE(M_IP6OPT, "ip6_options", "IPv6 options"); 106 107 /* enable backward compatibility code for obsoleted ioctls */ 108 #define COMPAT_IN6IFIOCTL 109 110 /* 111 * Definitions of some constant IP6 addresses. 112 */ 113 const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT; 114 const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT; 115 const struct in6_addr in6addr_nodelocal_allnodes = 116 IN6ADDR_NODELOCAL_ALLNODES_INIT; 117 const struct in6_addr in6addr_linklocal_allnodes = 118 IN6ADDR_LINKLOCAL_ALLNODES_INIT; 119 const struct in6_addr in6addr_linklocal_allrouters = 120 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT; 121 122 const struct in6_addr in6mask0 = IN6MASK0; 123 const struct in6_addr in6mask32 = IN6MASK32; 124 const struct in6_addr in6mask64 = IN6MASK64; 125 const struct in6_addr in6mask96 = IN6MASK96; 126 const struct in6_addr in6mask128 = IN6MASK128; 127 128 const struct sockaddr_in6 sa6_any = {sizeof(sa6_any), AF_INET6, 129 0, 0, IN6ADDR_ANY_INIT, 0}; 130 131 static int in6_lifaddr_ioctl __P((struct socket *, u_long, caddr_t, 132 struct ifnet *, struct proc *)); 133 static int in6_ifinit __P((struct ifnet *, struct in6_ifaddr *, 134 struct sockaddr_in6 *, int)); 135 static void in6_unlink_ifa __P((struct in6_ifaddr *, struct ifnet *)); 136 137 /* 138 * This structure is used to keep track of in6_multi chains which belong to 139 * deleted interface addresses. 140 */ 141 static LIST_HEAD(, multi6_kludge) in6_mk; /* XXX BSS initialization */ 142 143 struct multi6_kludge { 144 LIST_ENTRY(multi6_kludge) mk_entry; 145 struct ifnet *mk_ifp; 146 struct in6_multihead mk_head; 147 }; 148 149 /* 150 * Subroutine for in6_ifaddloop() and in6_ifremloop(). 151 * This routine does actual work. 152 */ 153 static void 154 in6_ifloop_request(int cmd, struct ifaddr *ifa) 155 { 156 struct sockaddr_in6 lo_sa; 157 struct sockaddr_in6 all1_sa; 158 struct rtentry *nrt = NULL; 159 int e; 160 161 bzero(&lo_sa, sizeof(lo_sa)); 162 bzero(&all1_sa, sizeof(all1_sa)); 163 lo_sa.sin6_family = all1_sa.sin6_family = AF_INET6; 164 lo_sa.sin6_len = all1_sa.sin6_len = sizeof(struct sockaddr_in6); 165 lo_sa.sin6_addr = in6addr_loopback; 166 all1_sa.sin6_addr = in6mask128; 167 168 /* 169 * We specify the address itself as the gateway, and set the 170 * RTF_LLINFO flag, so that the corresponding host route would have 171 * the flag, and thus applications that assume traditional behavior 172 * would be happy. Note that we assume the caller of the function 173 * (probably implicitly) set nd6_rtrequest() to ifa->ifa_rtrequest, 174 * which changes the outgoing interface to the loopback interface. 175 */ 176 e = rtrequest(cmd, ifa->ifa_addr, ifa->ifa_addr, 177 (struct sockaddr *)&all1_sa, RTF_UP|RTF_HOST|RTF_LLINFO, &nrt); 178 if (e != 0) { 179 log(LOG_ERR, "in6_ifloop_request: " 180 "%s operation failed for %s (errno=%d)\n", 181 cmd == RTM_ADD ? "ADD" : "DELETE", 182 ip6_sprintf(&((struct in6_ifaddr *)ifa)->ia_addr.sin6_addr), 183 e); 184 } 185 186 /* 187 * Make sure rt_ifa be equal to IFA, the second argument of the 188 * function. 189 * We need this because when we refer to rt_ifa->ia6_flags in 190 * ip6_input, we assume that the rt_ifa points to the address instead 191 * of the loopback address. 192 */ 193 if (cmd == RTM_ADD && nrt && ifa != nrt->rt_ifa) { 194 IFAFREE(nrt->rt_ifa); 195 IFAREF(ifa); 196 nrt->rt_ifa = ifa; 197 } 198 199 /* 200 * Report the addition/removal of the address to the routing socket. 201 * XXX: since we called rtinit for a p2p interface with a destination, 202 * we end up reporting twice in such a case. Should we rather 203 * omit the second report? 204 */ 205 if (nrt) { 206 rt_newaddrmsg(cmd, ifa, e, nrt); 207 if (cmd == RTM_DELETE) { 208 if (nrt->rt_refcnt <= 0) { 209 /* XXX: we should free the entry ourselves. */ 210 nrt->rt_refcnt++; 211 rtfree(nrt); 212 } 213 } else { 214 /* the cmd must be RTM_ADD here */ 215 nrt->rt_refcnt--; 216 } 217 } 218 } 219 220 /* 221 * Add ownaddr as loopback rtentry. We previously add the route only if 222 * necessary (ex. on a p2p link). However, since we now manage addresses 223 * separately from prefixes, we should always add the route. We can't 224 * rely on the cloning mechanism from the corresponding interface route 225 * any more. 226 */ 227 static void 228 in6_ifaddloop(struct ifaddr *ifa) 229 { 230 struct rtentry *rt; 231 232 /* If there is no loopback entry, allocate one. */ 233 rt = rtalloc1(ifa->ifa_addr, 0); 234 if (rt == NULL || (rt->rt_flags & RTF_HOST) == 0 || 235 (rt->rt_ifp->if_flags & IFF_LOOPBACK) == 0) 236 in6_ifloop_request(RTM_ADD, ifa); 237 if (rt) 238 rt->rt_refcnt--; 239 } 240 241 /* 242 * Remove loopback rtentry of ownaddr generated by in6_ifaddloop(), 243 * if it exists. 244 */ 245 static void 246 in6_ifremloop(struct ifaddr *ifa) 247 { 248 struct in6_ifaddr *ia; 249 struct rtentry *rt; 250 int ia_count = 0; 251 252 /* 253 * Some of BSD variants do not remove cloned routes 254 * from an interface direct route, when removing the direct route 255 * (see comments in net/net_osdep.h). Even for variants that do remove 256 * cloned routes, they could fail to remove the cloned routes when 257 * we handle multple addresses that share a common prefix. 258 * So, we should remove the route corresponding to the deleted address. 259 */ 260 261 /* 262 * Delete the entry only if exact one ifa exists. More than one ifa 263 * can exist if we assign a same single address to multiple 264 * (probably p2p) interfaces. 265 * XXX: we should avoid such a configuration in IPv6... 266 */ 267 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 268 if (IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &ia->ia_addr.sin6_addr)) { 269 ia_count++; 270 if (ia_count > 1) 271 break; 272 } 273 } 274 275 if (ia_count == 1) { 276 /* 277 * Before deleting, check if a corresponding loopbacked host 278 * route surely exists. With this check, we can avoid to 279 * delete an interface direct route whose destination is same 280 * as the address being removed. This can happen when removing 281 * a subnet-router anycast address on an interface attahced 282 * to a shared medium. 283 */ 284 rt = rtalloc1(ifa->ifa_addr, 0); 285 if (rt != NULL && (rt->rt_flags & RTF_HOST) != 0 && 286 (rt->rt_ifp->if_flags & IFF_LOOPBACK) != 0) { 287 rt->rt_refcnt--; 288 in6_ifloop_request(RTM_DELETE, ifa); 289 } 290 } 291 } 292 293 int 294 in6_ifindex2scopeid(idx) 295 int idx; 296 { 297 struct ifnet *ifp; 298 struct ifaddr *ifa; 299 struct sockaddr_in6 *sin6; 300 301 if (idx < 0 || if_indexlim <= idx) 302 return -1; 303 ifp = ifindex2ifnet[idx]; 304 if (!ifp) 305 return -1; 306 307 for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa->ifa_list.tqe_next) 308 { 309 if (ifa->ifa_addr->sa_family != AF_INET6) 310 continue; 311 sin6 = (struct sockaddr_in6 *)ifa->ifa_addr; 312 if (IN6_IS_ADDR_SITELOCAL(&sin6->sin6_addr)) 313 return sin6->sin6_scope_id & 0xffff; 314 } 315 316 return -1; 317 } 318 319 int 320 in6_mask2len(mask, lim0) 321 struct in6_addr *mask; 322 u_char *lim0; 323 { 324 int x = 0, y; 325 u_char *lim = lim0, *p; 326 327 /* ignore the scope_id part */ 328 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask)) 329 lim = (u_char *)mask + sizeof(*mask); 330 for (p = (u_char *)mask; p < lim; x++, p++) { 331 if (*p != 0xff) 332 break; 333 } 334 y = 0; 335 if (p < lim) { 336 for (y = 0; y < 8; y++) { 337 if ((*p & (0x80 >> y)) == 0) 338 break; 339 } 340 } 341 342 /* 343 * when the limit pointer is given, do a stricter check on the 344 * remaining bits. 345 */ 346 if (p < lim) { 347 if (y != 0 && (*p & (0x00ff >> y)) != 0) 348 return (-1); 349 for (p = p + 1; p < lim; p++) 350 if (*p != 0) 351 return (-1); 352 } 353 354 return x * 8 + y; 355 } 356 357 #define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa)) 358 #define ia62ifa(ia6) (&((ia6)->ia_ifa)) 359 360 int 361 in6_control(so, cmd, data, ifp, p) 362 struct socket *so; 363 u_long cmd; 364 caddr_t data; 365 struct ifnet *ifp; 366 struct proc *p; 367 { 368 struct in6_ifreq *ifr = (struct in6_ifreq *)data; 369 struct in6_ifaddr *ia = NULL; 370 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data; 371 struct sockaddr_in6 *sa6; 372 int privileged; 373 374 privileged = 0; 375 if (p && !suser(p->p_ucred, &p->p_acflag)) 376 privileged++; 377 378 switch (cmd) { 379 case SIOCGETSGCNT_IN6: 380 case SIOCGETMIFCNT_IN6: 381 return (mrt6_ioctl(cmd, data)); 382 } 383 384 if (ifp == NULL) 385 return (EOPNOTSUPP); 386 387 switch (cmd) { 388 case SIOCSNDFLUSH_IN6: 389 case SIOCSPFXFLUSH_IN6: 390 case SIOCSRTRFLUSH_IN6: 391 case SIOCSDEFIFACE_IN6: 392 case SIOCSIFINFO_FLAGS: 393 if (!privileged) 394 return (EPERM); 395 /* FALLTHROUGH */ 396 case OSIOCGIFINFO_IN6: 397 case SIOCGIFINFO_IN6: 398 case SIOCGDRLST_IN6: 399 case SIOCGPRLST_IN6: 400 case SIOCGNBRINFO_IN6: 401 case SIOCGDEFIFACE_IN6: 402 return (nd6_ioctl(cmd, data, ifp)); 403 } 404 405 switch (cmd) { 406 case SIOCSIFPREFIX_IN6: 407 case SIOCDIFPREFIX_IN6: 408 case SIOCAIFPREFIX_IN6: 409 case SIOCCIFPREFIX_IN6: 410 case SIOCSGIFPREFIX_IN6: 411 case SIOCGIFPREFIX_IN6: 412 log(LOG_NOTICE, 413 "prefix ioctls are now invalidated. " 414 "please use ifconfig.\n"); 415 return (EOPNOTSUPP); 416 } 417 418 switch (cmd) { 419 case SIOCALIFADDR: 420 case SIOCDLIFADDR: 421 if (!privileged) 422 return (EPERM); 423 /* FALLTHROUGH */ 424 case SIOCGLIFADDR: 425 return in6_lifaddr_ioctl(so, cmd, data, ifp, p); 426 } 427 428 /* 429 * Find address for this interface, if it exists. 430 * 431 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation 432 * only, and used the first interface address as the target of other 433 * operations (without checking ifra_addr). This was because netinet 434 * code/API assumed at most 1 interface address per interface. 435 * Since IPv6 allows a node to assign multiple addresses 436 * on a single interface, we almost always look and check the 437 * presence of ifra_addr, and reject invalid ones here. 438 * It also decreases duplicated code among SIOC*_IN6 operations. 439 */ 440 switch (cmd) { 441 case SIOCAIFADDR_IN6: 442 case SIOCSIFPHYADDR_IN6: 443 sa6 = &ifra->ifra_addr; 444 break; 445 case SIOCSIFADDR_IN6: 446 case SIOCGIFADDR_IN6: 447 case SIOCSIFDSTADDR_IN6: 448 case SIOCSIFNETMASK_IN6: 449 case SIOCGIFDSTADDR_IN6: 450 case SIOCGIFNETMASK_IN6: 451 case SIOCDIFADDR_IN6: 452 case SIOCGIFPSRCADDR_IN6: 453 case SIOCGIFPDSTADDR_IN6: 454 case SIOCGIFAFLAG_IN6: 455 case SIOCSNDFLUSH_IN6: 456 case SIOCSPFXFLUSH_IN6: 457 case SIOCSRTRFLUSH_IN6: 458 case SIOCGIFALIFETIME_IN6: 459 case SIOCSIFALIFETIME_IN6: 460 case SIOCGIFSTAT_IN6: 461 case SIOCGIFSTAT_ICMP6: 462 sa6 = &ifr->ifr_addr; 463 break; 464 default: 465 sa6 = NULL; 466 break; 467 } 468 if (sa6 && sa6->sin6_family == AF_INET6) { 469 if (IN6_IS_ADDR_LINKLOCAL(&sa6->sin6_addr)) { 470 if (sa6->sin6_addr.s6_addr16[1] == 0) { 471 /* link ID is not embedded by the user */ 472 sa6->sin6_addr.s6_addr16[1] = 473 htons(ifp->if_index); 474 } else if (sa6->sin6_addr.s6_addr16[1] != 475 htons(ifp->if_index)) { 476 return (EINVAL); /* link ID contradicts */ 477 } 478 if (sa6->sin6_scope_id) { 479 if (sa6->sin6_scope_id != 480 (u_int32_t)ifp->if_index) 481 return (EINVAL); 482 sa6->sin6_scope_id = 0; /* XXX: good way? */ 483 } 484 } 485 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr); 486 } else 487 ia = NULL; 488 489 switch (cmd) { 490 case SIOCSIFADDR_IN6: 491 case SIOCSIFDSTADDR_IN6: 492 case SIOCSIFNETMASK_IN6: 493 /* 494 * Since IPv6 allows a node to assign multiple addresses 495 * on a single interface, SIOCSIFxxx ioctls are deprecated. 496 */ 497 return (EINVAL); 498 499 case SIOCDIFADDR_IN6: 500 /* 501 * for IPv4, we look for existing in_ifaddr here to allow 502 * "ifconfig if0 delete" to remove the first IPv4 address on 503 * the interface. For IPv6, as the spec allows multiple 504 * interface address from the day one, we consider "remove the 505 * first one" semantics to be not preferable. 506 */ 507 if (ia == NULL) 508 return (EADDRNOTAVAIL); 509 /* FALLTHROUGH */ 510 case SIOCAIFADDR_IN6: 511 /* 512 * We always require users to specify a valid IPv6 address for 513 * the corresponding operation. 514 */ 515 if (ifra->ifra_addr.sin6_family != AF_INET6 || 516 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) 517 return (EAFNOSUPPORT); 518 if (!privileged) 519 return (EPERM); 520 521 break; 522 523 case SIOCGIFADDR_IN6: 524 /* This interface is basically deprecated. use SIOCGIFCONF. */ 525 /* FALLTHROUGH */ 526 case SIOCGIFAFLAG_IN6: 527 case SIOCGIFNETMASK_IN6: 528 case SIOCGIFDSTADDR_IN6: 529 case SIOCGIFALIFETIME_IN6: 530 /* must think again about its semantics */ 531 if (ia == NULL) 532 return (EADDRNOTAVAIL); 533 break; 534 case SIOCSIFALIFETIME_IN6: 535 { 536 struct in6_addrlifetime *lt; 537 538 if (!privileged) 539 return (EPERM); 540 if (ia == NULL) 541 return (EADDRNOTAVAIL); 542 /* sanity for overflow - beware unsigned */ 543 lt = &ifr->ifr_ifru.ifru_lifetime; 544 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME 545 && lt->ia6t_vltime + time.tv_sec < time.tv_sec) { 546 return EINVAL; 547 } 548 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME 549 && lt->ia6t_pltime + time.tv_sec < time.tv_sec) { 550 return EINVAL; 551 } 552 break; 553 } 554 } 555 556 switch (cmd) { 557 558 case SIOCGIFADDR_IN6: 559 ifr->ifr_addr = ia->ia_addr; 560 break; 561 562 case SIOCGIFDSTADDR_IN6: 563 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) 564 return (EINVAL); 565 /* 566 * XXX: should we check if ifa_dstaddr is NULL and return 567 * an error? 568 */ 569 ifr->ifr_dstaddr = ia->ia_dstaddr; 570 break; 571 572 case SIOCGIFNETMASK_IN6: 573 ifr->ifr_addr = ia->ia_prefixmask; 574 break; 575 576 case SIOCGIFAFLAG_IN6: 577 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags; 578 break; 579 580 case SIOCGIFSTAT_IN6: 581 if (ifp == NULL) 582 return EINVAL; 583 bzero(&ifr->ifr_ifru.ifru_stat, 584 sizeof(ifr->ifr_ifru.ifru_stat)); 585 ifr->ifr_ifru.ifru_stat = 586 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat; 587 break; 588 589 case SIOCGIFSTAT_ICMP6: 590 if (ifp == NULL) 591 return EINVAL; 592 bzero(&ifr->ifr_ifru.ifru_stat, 593 sizeof(ifr->ifr_ifru.ifru_icmp6stat)); 594 ifr->ifr_ifru.ifru_icmp6stat = 595 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat; 596 break; 597 598 case SIOCGIFALIFETIME_IN6: 599 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime; 600 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 601 time_t maxexpire; 602 struct in6_addrlifetime *retlt = 603 &ifr->ifr_ifru.ifru_lifetime; 604 605 /* 606 * XXX: adjust expiration time assuming time_t is 607 * signed. 608 */ 609 maxexpire = (-1) & 610 ~(1 << ((sizeof(maxexpire) * 8) - 1)); 611 if (ia->ia6_lifetime.ia6t_vltime < 612 maxexpire - ia->ia6_updatetime) { 613 retlt->ia6t_expire = ia->ia6_updatetime + 614 ia->ia6_lifetime.ia6t_vltime; 615 } else 616 retlt->ia6t_expire = maxexpire; 617 } 618 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 619 time_t maxexpire; 620 struct in6_addrlifetime *retlt = 621 &ifr->ifr_ifru.ifru_lifetime; 622 623 /* 624 * XXX: adjust expiration time assuming time_t is 625 * signed. 626 */ 627 maxexpire = (-1) & 628 ~(1 << ((sizeof(maxexpire) * 8) - 1)); 629 if (ia->ia6_lifetime.ia6t_pltime < 630 maxexpire - ia->ia6_updatetime) { 631 retlt->ia6t_preferred = ia->ia6_updatetime + 632 ia->ia6_lifetime.ia6t_pltime; 633 } else 634 retlt->ia6t_preferred = maxexpire; 635 } 636 break; 637 638 case SIOCSIFALIFETIME_IN6: 639 ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime; 640 /* for sanity */ 641 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 642 ia->ia6_lifetime.ia6t_expire = 643 time.tv_sec + ia->ia6_lifetime.ia6t_vltime; 644 } else 645 ia->ia6_lifetime.ia6t_expire = 0; 646 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 647 ia->ia6_lifetime.ia6t_preferred = 648 time.tv_sec + ia->ia6_lifetime.ia6t_pltime; 649 } else 650 ia->ia6_lifetime.ia6t_preferred = 0; 651 break; 652 653 case SIOCAIFADDR_IN6: 654 { 655 int i, error = 0; 656 struct nd_prefix pr0, *pr; 657 658 /* reject read-only flags */ 659 if ((ifra->ifra_flags & IN6_IFF_DUPLICATED) != 0 || 660 (ifra->ifra_flags & IN6_IFF_DETACHED) != 0 || 661 (ifra->ifra_flags & IN6_IFF_NODAD) != 0 || 662 (ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0) { 663 return (EINVAL); 664 } 665 /* 666 * first, make or update the interface address structure, 667 * and link it to the list. 668 */ 669 if ((error = in6_update_ifa(ifp, ifra, ia)) != 0) 670 return (error); 671 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr)) 672 == NULL) { 673 /* 674 * this can happen when the user specify the 0 valid 675 * lifetime. 676 */ 677 break; 678 } 679 680 /* 681 * then, make the prefix on-link on the interface. 682 * XXX: we'd rather create the prefix before the address, but 683 * we need at least one address to install the corresponding 684 * interface route, so we configure the address first. 685 */ 686 687 /* 688 * convert mask to prefix length (prefixmask has already 689 * been validated in in6_update_ifa(). 690 */ 691 bzero(&pr0, sizeof(pr0)); 692 pr0.ndpr_ifp = ifp; 693 pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 694 NULL); 695 if (pr0.ndpr_plen == 128) { 696 break; /* we don't need to install a host route. */ 697 } 698 pr0.ndpr_prefix = ifra->ifra_addr; 699 pr0.ndpr_mask = ifra->ifra_prefixmask.sin6_addr; 700 /* apply the mask for safety. */ 701 for (i = 0; i < 4; i++) { 702 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &= 703 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i]; 704 } 705 /* 706 * XXX: since we don't have an API to set prefix (not address) 707 * lifetimes, we just use the same lifetimes as addresses. 708 * The (temporarily) installed lifetimes can be overridden by 709 * later advertised RAs (when accept_rtadv is non 0), which is 710 * an intended behavior. 711 */ 712 pr0.ndpr_raf_onlink = 1; /* should be configurable? */ 713 pr0.ndpr_raf_auto = 714 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0); 715 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime; 716 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime; 717 718 /* add the prefix if not yet. */ 719 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) { 720 /* 721 * nd6_prelist_add will install the corresponding 722 * interface route. 723 */ 724 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) 725 return (error); 726 if (pr == NULL) { 727 log(LOG_ERR, "nd6_prelist_add succeeded but " 728 "no prefix\n"); 729 return (EINVAL); /* XXX panic here? */ 730 } 731 } 732 733 /* relate the address to the prefix */ 734 if (ia->ia6_ndpr == NULL) { 735 ia->ia6_ndpr = pr; 736 pr->ndpr_refcnt++; 737 } 738 739 /* 740 * this might affect the status of autoconfigured addresses, 741 * that is, this address might make other addresses detached. 742 */ 743 pfxlist_onlink_check(); 744 745 #ifdef PFIL_HOOKS 746 (void)pfil_run_hooks(&if_pfil, (struct mbuf **)SIOCAIFADDR_IN6, 747 ifp, PFIL_IFADDR); 748 #endif 749 750 break; 751 } 752 753 case SIOCDIFADDR_IN6: 754 { 755 int i = 0, purgeprefix = 0; 756 struct nd_prefix pr0, *pr = NULL; 757 758 /* 759 * If the address being deleted is the only one that owns 760 * the corresponding prefix, expire the prefix as well. 761 * XXX: theoretically, we don't have to worry about such 762 * relationship, since we separate the address management 763 * and the prefix management. We do this, however, to provide 764 * as much backward compatibility as possible in terms of 765 * the ioctl operation. 766 */ 767 bzero(&pr0, sizeof(pr0)); 768 pr0.ndpr_ifp = ifp; 769 pr0.ndpr_plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, 770 NULL); 771 if (pr0.ndpr_plen == 128) 772 goto purgeaddr; 773 pr0.ndpr_prefix = ia->ia_addr; 774 pr0.ndpr_mask = ia->ia_prefixmask.sin6_addr; 775 for (i = 0; i < 4; i++) { 776 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &= 777 ia->ia_prefixmask.sin6_addr.s6_addr32[i]; 778 } 779 if ((pr = nd6_prefix_lookup(&pr0)) != NULL && 780 pr == ia->ia6_ndpr) { 781 pr->ndpr_refcnt--; 782 if (pr->ndpr_refcnt == 0) 783 purgeprefix = 1; 784 } 785 786 purgeaddr: 787 in6_purgeaddr(&ia->ia_ifa); 788 if (pr && purgeprefix) 789 prelist_remove(pr); 790 #ifdef PFIL_HOOKS 791 (void)pfil_run_hooks(&if_pfil, (struct mbuf **)SIOCDIFADDR_IN6, 792 ifp, PFIL_IFADDR); 793 #endif 794 break; 795 } 796 797 default: 798 if (ifp == NULL || ifp->if_ioctl == 0) 799 return (EOPNOTSUPP); 800 return ((*ifp->if_ioctl)(ifp, cmd, data)); 801 } 802 803 return (0); 804 } 805 806 /* 807 * Update parameters of an IPv6 interface address. 808 * If necessary, a new entry is created and linked into address chains. 809 * This function is separated from in6_control(). 810 * XXX: should this be performed under splnet()? 811 */ 812 int 813 in6_update_ifa(ifp, ifra, ia) 814 struct ifnet *ifp; 815 struct in6_aliasreq *ifra; 816 struct in6_ifaddr *ia; 817 { 818 int error = 0, hostIsNew = 0, plen = -1; 819 struct in6_ifaddr *oia; 820 struct sockaddr_in6 dst6; 821 struct in6_addrlifetime *lt; 822 struct in6_multi_mship *imm; 823 struct rtentry *rt; 824 825 /* Validate parameters */ 826 if (ifp == NULL || ifra == NULL) /* this maybe redundant */ 827 return (EINVAL); 828 829 /* 830 * The destination address for a p2p link must have a family 831 * of AF_UNSPEC or AF_INET6. 832 */ 833 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && 834 ifra->ifra_dstaddr.sin6_family != AF_INET6 && 835 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC) 836 return (EAFNOSUPPORT); 837 /* 838 * validate ifra_prefixmask. don't check sin6_family, netmask 839 * does not carry fields other than sin6_len. 840 */ 841 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6)) 842 return (EINVAL); 843 /* 844 * Because the IPv6 address architecture is classless, we require 845 * users to specify a (non 0) prefix length (mask) for a new address. 846 * We also require the prefix (when specified) mask is valid, and thus 847 * reject a non-consecutive mask. 848 */ 849 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0) 850 return (EINVAL); 851 if (ifra->ifra_prefixmask.sin6_len != 0) { 852 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 853 (u_char *)&ifra->ifra_prefixmask + 854 ifra->ifra_prefixmask.sin6_len); 855 if (plen <= 0) 856 return (EINVAL); 857 } else { 858 /* 859 * In this case, ia must not be NULL. We just use its prefix 860 * length. 861 */ 862 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 863 } 864 /* 865 * If the destination address on a p2p interface is specified, 866 * and the address is a scoped one, validate/set the scope 867 * zone identifier. 868 */ 869 dst6 = ifra->ifra_dstaddr; 870 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 && 871 (dst6.sin6_family == AF_INET6)) { 872 /* link-local index check: should be a separate function? */ 873 if (IN6_IS_ADDR_LINKLOCAL(&dst6.sin6_addr)) { 874 if (dst6.sin6_addr.s6_addr16[1] == 0) { 875 /* 876 * interface ID is not embedded by 877 * the user 878 */ 879 dst6.sin6_addr.s6_addr16[1] = 880 htons(ifp->if_index); 881 } else if (dst6.sin6_addr.s6_addr16[1] != 882 htons(ifp->if_index)) { 883 return (EINVAL); /* ifid contradicts */ 884 } 885 } 886 } 887 /* 888 * The destination address can be specified only for a p2p or a 889 * loopback interface. If specified, the corresponding prefix length 890 * must be 128. 891 */ 892 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) { 893 #ifdef FORCE_P2PPLEN 894 int i; 895 #endif 896 897 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) { 898 /* XXX: noisy message */ 899 nd6log((LOG_INFO, "in6_update_ifa: a destination can " 900 "be specified for a p2p or a loopback IF only\n")); 901 return (EINVAL); 902 } 903 if (plen != 128) { 904 nd6log((LOG_INFO, "in6_update_ifa: prefixlen should " 905 "be 128 when dstaddr is specified\n")); 906 #ifdef FORCE_P2PPLEN 907 /* 908 * To be compatible with old configurations, 909 * such as ifconfig gif0 inet6 2001::1 2001::2 910 * prefixlen 126, we override the specified 911 * prefixmask as if the prefix length was 128. 912 */ 913 ifra->ifra_prefixmask.sin6_len = 914 sizeof(struct sockaddr_in6); 915 for (i = 0; i < 4; i++) 916 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i] = 917 0xffffffff; 918 plen = 128; 919 #else 920 return (EINVAL); 921 #endif 922 } 923 } 924 /* lifetime consistency check */ 925 lt = &ifra->ifra_lifetime; 926 if (lt->ia6t_pltime > lt->ia6t_vltime) 927 return (EINVAL); 928 if (lt->ia6t_vltime == 0) { 929 /* 930 * the following log might be noisy, but this is a typical 931 * configuration mistake or a tool's bug. 932 */ 933 nd6log((LOG_INFO, 934 "in6_update_ifa: valid lifetime is 0 for %s\n", 935 ip6_sprintf(&ifra->ifra_addr.sin6_addr))); 936 937 if (ia == NULL) 938 return (0); /* there's nothing to do */ 939 } 940 941 /* 942 * If this is a new address, allocate a new ifaddr and link it 943 * into chains. 944 */ 945 if (ia == NULL) { 946 hostIsNew = 1; 947 /* 948 * When in6_update_ifa() is called in a process of a received 949 * RA, it is called under an interrupt context. So, we should 950 * call malloc with M_NOWAIT. 951 */ 952 ia = (struct in6_ifaddr *) malloc(sizeof(*ia), M_IFADDR, 953 M_NOWAIT); 954 if (ia == NULL) 955 return (ENOBUFS); 956 bzero((caddr_t)ia, sizeof(*ia)); 957 LIST_INIT(&ia->ia6_memberships); 958 /* Initialize the address and masks, and put time stamp */ 959 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr; 960 ia->ia_addr.sin6_family = AF_INET6; 961 ia->ia_addr.sin6_len = sizeof(ia->ia_addr); 962 ia->ia6_createtime = ia->ia6_updatetime = time.tv_sec; 963 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) { 964 /* 965 * XXX: some functions expect that ifa_dstaddr is not 966 * NULL for p2p interfaces. 967 */ 968 ia->ia_ifa.ifa_dstaddr = 969 (struct sockaddr *)&ia->ia_dstaddr; 970 } else { 971 ia->ia_ifa.ifa_dstaddr = NULL; 972 } 973 ia->ia_ifa.ifa_netmask = 974 (struct sockaddr *)&ia->ia_prefixmask; 975 976 ia->ia_ifp = ifp; 977 if ((oia = in6_ifaddr) != NULL) { 978 for ( ; oia->ia_next; oia = oia->ia_next) 979 continue; 980 oia->ia_next = ia; 981 } else 982 in6_ifaddr = ia; 983 /* gain a refcnt for the link from in6_ifaddr */ 984 IFAREF(&ia->ia_ifa); 985 986 TAILQ_INSERT_TAIL(&ifp->if_addrlist, &ia->ia_ifa, 987 ifa_list); 988 /* gain another refcnt for the link from if_addrlist */ 989 IFAREF(&ia->ia_ifa); 990 } 991 992 /* set prefix mask */ 993 if (ifra->ifra_prefixmask.sin6_len) { 994 /* 995 * We prohibit changing the prefix length of an existing 996 * address, because 997 * + such an operation should be rare in IPv6, and 998 * + the operation would confuse prefix management. 999 */ 1000 if (ia->ia_prefixmask.sin6_len && 1001 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) { 1002 nd6log((LOG_INFO, "in6_update_ifa: the prefix length of an" 1003 " existing (%s) address should not be changed\n", 1004 ip6_sprintf(&ia->ia_addr.sin6_addr))); 1005 error = EINVAL; 1006 goto unlink; 1007 } 1008 ia->ia_prefixmask = ifra->ifra_prefixmask; 1009 } 1010 1011 /* 1012 * If a new destination address is specified, scrub the old one and 1013 * install the new destination. Note that the interface must be 1014 * p2p or loopback (see the check above.) 1015 */ 1016 if (dst6.sin6_family == AF_INET6 && 1017 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, &ia->ia_dstaddr.sin6_addr)) { 1018 if ((ia->ia_flags & IFA_ROUTE) != 0 && 1019 rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST) != 0) { 1020 nd6log((LOG_ERR, "in6_update_ifa: failed to remove " 1021 "a route to the old destination: %s\n", 1022 ip6_sprintf(&ia->ia_addr.sin6_addr))); 1023 /* proceed anyway... */ 1024 } else 1025 ia->ia_flags &= ~IFA_ROUTE; 1026 ia->ia_dstaddr = dst6; 1027 } 1028 1029 /* 1030 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred 1031 * to see if the address is deprecated or invalidated, but initialize 1032 * these members for applications. 1033 */ 1034 ia->ia6_lifetime = ifra->ifra_lifetime; 1035 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 1036 ia->ia6_lifetime.ia6t_expire = 1037 time.tv_sec + ia->ia6_lifetime.ia6t_vltime; 1038 } else 1039 ia->ia6_lifetime.ia6t_expire = 0; 1040 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 1041 ia->ia6_lifetime.ia6t_preferred = 1042 time.tv_sec + ia->ia6_lifetime.ia6t_pltime; 1043 } else 1044 ia->ia6_lifetime.ia6t_preferred = 0; 1045 1046 /* reset the interface and routing table appropriately. */ 1047 if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0) 1048 goto unlink; 1049 1050 /* 1051 * configure address flags. 1052 */ 1053 ia->ia6_flags = ifra->ifra_flags; 1054 /* 1055 * backward compatibility - if IN6_IFF_DEPRECATED is set from the 1056 * userland, make it deprecated. 1057 */ 1058 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) { 1059 ia->ia6_lifetime.ia6t_pltime = 0; 1060 ia->ia6_lifetime.ia6t_preferred = time.tv_sec; 1061 } 1062 /* 1063 * Make the address tentative before joining multicast addresses, 1064 * so that corresponding MLD responses would not have a tentative 1065 * source address. 1066 */ 1067 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */ 1068 if (hostIsNew && in6if_do_dad(ifp)) 1069 ia->ia6_flags |= IN6_IFF_TENTATIVE; 1070 1071 /* 1072 * We are done if we have simply modified an existing address. 1073 */ 1074 if (!hostIsNew) 1075 return (error); 1076 1077 /* 1078 * Beyond this point, we should call in6_purgeaddr upon an error, 1079 * not just go to unlink. 1080 */ 1081 1082 /* join necessary multiast groups */ 1083 if ((ifp->if_flags & IFF_MULTICAST) != 0) { 1084 struct sockaddr_in6 mltaddr, mltmask; 1085 #ifndef SCOPEDROUTING 1086 u_int32_t zoneid = 0; 1087 #endif 1088 1089 /* join solicited multicast addr for new host id */ 1090 struct sockaddr_in6 llsol; 1091 1092 bzero(&llsol, sizeof(llsol)); 1093 llsol.sin6_family = AF_INET6; 1094 llsol.sin6_len = sizeof(llsol); 1095 llsol.sin6_addr.s6_addr16[0] = htons(0xff02); 1096 llsol.sin6_addr.s6_addr16[1] = htons(ifp->if_index); 1097 llsol.sin6_addr.s6_addr32[1] = 0; 1098 llsol.sin6_addr.s6_addr32[2] = htonl(1); 1099 llsol.sin6_addr.s6_addr32[3] = 1100 ifra->ifra_addr.sin6_addr.s6_addr32[3]; 1101 llsol.sin6_addr.s6_addr8[12] = 0xff; 1102 imm = in6_joingroup(ifp, &llsol.sin6_addr, &error); 1103 if (!imm) { 1104 nd6log((LOG_ERR, 1105 "in6_update_ifa: addmulti " 1106 "failed for %s on %s (errno=%d)\n", 1107 ip6_sprintf(&llsol.sin6_addr), 1108 if_name(ifp), error)); 1109 goto cleanup; 1110 } 1111 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1112 1113 bzero(&mltmask, sizeof(mltmask)); 1114 mltmask.sin6_len = sizeof(struct sockaddr_in6); 1115 mltmask.sin6_family = AF_INET6; 1116 mltmask.sin6_addr = in6mask32; 1117 1118 /* 1119 * join link-local all-nodes address 1120 */ 1121 bzero(&mltaddr, sizeof(mltaddr)); 1122 mltaddr.sin6_len = sizeof(struct sockaddr_in6); 1123 mltaddr.sin6_family = AF_INET6; 1124 mltaddr.sin6_addr = in6addr_linklocal_allnodes; 1125 mltaddr.sin6_addr.s6_addr16[1] = htons(ifp->if_index); 1126 1127 /* 1128 * XXX: do we really need this automatic routes? 1129 * We should probably reconsider this stuff. Most applications 1130 * actually do not need the routes, since they usually specify 1131 * the outgoing interface. 1132 */ 1133 rt = rtalloc1((struct sockaddr *)&mltaddr, 0); 1134 if (rt) { 1135 /* 1136 * 32bit came from "mltmask" 1137 * XXX: only works in !SCOPEDROUTING case. 1138 */ 1139 if (memcmp(&mltaddr.sin6_addr, 1140 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 1141 32 / 8)) { 1142 RTFREE(rt); 1143 rt = NULL; 1144 } 1145 } 1146 if (!rt) { 1147 struct rt_addrinfo info; 1148 1149 bzero(&info, sizeof(info)); 1150 info.rti_info[RTAX_DST] = (struct sockaddr *)&mltaddr; 1151 info.rti_info[RTAX_GATEWAY] = 1152 (struct sockaddr *)&ia->ia_addr; 1153 info.rti_info[RTAX_NETMASK] = 1154 (struct sockaddr *)&mltmask; 1155 info.rti_info[RTAX_IFA] = 1156 (struct sockaddr *)&ia->ia_addr; 1157 /* XXX: we need RTF_CLONING to fake nd6_rtrequest */ 1158 info.rti_flags = RTF_UP | RTF_CLONING; 1159 error = rtrequest1(RTM_ADD, &info, NULL); 1160 if (error) 1161 goto cleanup; 1162 } else { 1163 RTFREE(rt); 1164 } 1165 #ifndef SCOPEDROUTING 1166 mltaddr.sin6_scope_id = zoneid; /* XXX */ 1167 #endif 1168 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error); 1169 if (!imm) { 1170 nd6log((LOG_WARNING, 1171 "in6_update_ifa: addmulti failed for " 1172 "%s on %s (errno=%d)\n", 1173 ip6_sprintf(&mltaddr.sin6_addr), 1174 if_name(ifp), error)); 1175 goto cleanup; 1176 } 1177 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1178 1179 /* 1180 * join node information group address 1181 */ 1182 if (in6_nigroup(ifp, hostname, hostnamelen, &mltaddr) == 0) { 1183 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error); 1184 if (!imm) { 1185 nd6log((LOG_WARNING, "in6_update_ifa: " 1186 "addmulti failed for %s on %s (errno=%d)\n", 1187 ip6_sprintf(&mltaddr.sin6_addr), 1188 if_name(ifp), error)); 1189 /* XXX not very fatal, go on... */ 1190 } else { 1191 LIST_INSERT_HEAD(&ia->ia6_memberships, 1192 imm, i6mm_chain); 1193 } 1194 } 1195 1196 if (ifp->if_flags & IFF_LOOPBACK) { 1197 /* 1198 * join node-local all-nodes address, on loopback. 1199 * (ff01::1%ifN, and ff01::%ifN/32) 1200 */ 1201 mltaddr.sin6_addr = in6addr_nodelocal_allnodes; 1202 1203 /* XXX: again, do we really need the route? */ 1204 rt = rtalloc1((struct sockaddr *)&mltaddr, 0); 1205 if (rt) { 1206 /* 32bit came from "mltmask" */ 1207 if (memcmp(&mltaddr.sin6_addr, 1208 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 1209 32 / 8)) { 1210 RTFREE(rt); 1211 rt = NULL; 1212 } 1213 } 1214 if (!rt) { 1215 struct rt_addrinfo info; 1216 1217 bzero(&info, sizeof(info)); 1218 info.rti_info[RTAX_DST] = (struct sockaddr *)&mltaddr; 1219 info.rti_info[RTAX_GATEWAY] = 1220 (struct sockaddr *)&ia->ia_addr; 1221 info.rti_info[RTAX_NETMASK] = 1222 (struct sockaddr *)&mltmask; 1223 info.rti_info[RTAX_IFA] = 1224 (struct sockaddr *)&ia->ia_addr; 1225 info.rti_flags = RTF_UP | RTF_CLONING; 1226 error = rtrequest1(RTM_ADD, &info, NULL); 1227 if (error) 1228 goto cleanup; 1229 } else { 1230 RTFREE(rt); 1231 } 1232 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error); 1233 if (!imm) { 1234 nd6log((LOG_WARNING, "in6_update_ifa: " 1235 "addmulti failed for %s on %s (errno=%d)\n", 1236 ip6_sprintf(&mltaddr.sin6_addr), 1237 if_name(ifp), error)); 1238 goto cleanup; 1239 } 1240 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1241 } 1242 } 1243 1244 /* 1245 * Perform DAD, if needed. 1246 * XXX It may be of use, if we can administratively 1247 * disable DAD. 1248 */ 1249 if (hostIsNew && in6if_do_dad(ifp) && 1250 (ifra->ifra_flags & IN6_IFF_NODAD) == 0) 1251 { 1252 nd6_dad_start((struct ifaddr *)ia, NULL); 1253 } 1254 1255 return (error); 1256 1257 unlink: 1258 /* 1259 * XXX: if a change of an existing address failed, keep the entry 1260 * anyway. 1261 */ 1262 if (hostIsNew) 1263 in6_unlink_ifa(ia, ifp); 1264 return (error); 1265 1266 cleanup: 1267 in6_purgeaddr(&ia->ia_ifa); 1268 return error; 1269 } 1270 1271 void 1272 in6_purgeaddr(ifa) 1273 struct ifaddr *ifa; 1274 { 1275 struct ifnet *ifp = ifa->ifa_ifp; 1276 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa; 1277 struct in6_multi_mship *imm; 1278 1279 /* stop DAD processing */ 1280 nd6_dad_stop(ifa); 1281 1282 /* 1283 * delete route to the destination of the address being purged. 1284 * The interface must be p2p or loopback in this case. 1285 */ 1286 if ((ia->ia_flags & IFA_ROUTE) != 0 && ia->ia_dstaddr.sin6_len != 0) { 1287 int e; 1288 1289 if ((e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) 1290 != 0) { 1291 log(LOG_ERR, "in6_purgeaddr: failed to remove " 1292 "a route to the p2p destination: %s on %s, " 1293 "errno=%d\n", 1294 ip6_sprintf(&ia->ia_addr.sin6_addr), if_name(ifp), 1295 e); 1296 /* proceed anyway... */ 1297 } else 1298 ia->ia_flags &= ~IFA_ROUTE; 1299 } 1300 1301 /* Remove ownaddr's loopback rtentry, if it exists. */ 1302 in6_ifremloop(&(ia->ia_ifa)); 1303 1304 /* 1305 * leave from multicast groups we have joined for the interface 1306 */ 1307 while ((imm = ia->ia6_memberships.lh_first) != NULL) { 1308 LIST_REMOVE(imm, i6mm_chain); 1309 in6_leavegroup(imm); 1310 } 1311 1312 in6_unlink_ifa(ia, ifp); 1313 } 1314 1315 static void 1316 in6_unlink_ifa(ia, ifp) 1317 struct in6_ifaddr *ia; 1318 struct ifnet *ifp; 1319 { 1320 struct in6_ifaddr *oia; 1321 int s = splnet(); 1322 1323 TAILQ_REMOVE(&ifp->if_addrlist, &ia->ia_ifa, ifa_list); 1324 /* release a refcnt for the link from if_addrlist */ 1325 IFAFREE(&ia->ia_ifa); 1326 1327 oia = ia; 1328 if (oia == (ia = in6_ifaddr)) 1329 in6_ifaddr = ia->ia_next; 1330 else { 1331 while (ia->ia_next && (ia->ia_next != oia)) 1332 ia = ia->ia_next; 1333 if (ia->ia_next) 1334 ia->ia_next = oia->ia_next; 1335 else { 1336 /* search failed */ 1337 printf("Couldn't unlink in6_ifaddr from in6_ifaddr\n"); 1338 } 1339 } 1340 1341 if (oia->ia6_multiaddrs.lh_first != NULL) { 1342 /* 1343 * XXX thorpej@NetBSD.org -- if the interface is going 1344 * XXX away, don't save the multicast entries, delete them! 1345 */ 1346 if (oia->ia_ifa.ifa_ifp->if_output == if_nulloutput) { 1347 struct in6_multi *in6m; 1348 1349 while ((in6m = 1350 LIST_FIRST(&oia->ia6_multiaddrs)) != NULL) 1351 in6_delmulti(in6m); 1352 } else 1353 in6_savemkludge(oia); 1354 } 1355 1356 /* 1357 * When an autoconfigured address is being removed, release the 1358 * reference to the base prefix. Also, since the release might 1359 * affect the status of other (detached) addresses, call 1360 * pfxlist_onlink_check(). 1361 */ 1362 if ((oia->ia6_flags & IN6_IFF_AUTOCONF) != 0) { 1363 if (oia->ia6_ndpr == NULL) { 1364 log(LOG_NOTICE, "in6_unlink_ifa: autoconf'ed address " 1365 "%p has no prefix\n", oia); 1366 } else { 1367 oia->ia6_ndpr->ndpr_refcnt--; 1368 oia->ia6_flags &= ~IN6_IFF_AUTOCONF; 1369 oia->ia6_ndpr = NULL; 1370 } 1371 1372 pfxlist_onlink_check(); 1373 } 1374 1375 /* 1376 * release another refcnt for the link from in6_ifaddr. 1377 * Note that we should decrement the refcnt at least once for all *BSD. 1378 */ 1379 IFAFREE(&oia->ia_ifa); 1380 1381 splx(s); 1382 } 1383 1384 void 1385 in6_purgeif(ifp) 1386 struct ifnet *ifp; 1387 { 1388 struct ifaddr *ifa, *nifa; 1389 1390 for (ifa = TAILQ_FIRST(&ifp->if_addrlist); ifa != NULL; ifa = nifa) 1391 { 1392 nifa = TAILQ_NEXT(ifa, ifa_list); 1393 if (ifa->ifa_addr->sa_family != AF_INET6) 1394 continue; 1395 in6_purgeaddr(ifa); 1396 } 1397 1398 in6_ifdetach(ifp); 1399 } 1400 1401 /* 1402 * SIOC[GAD]LIFADDR. 1403 * SIOCGLIFADDR: get first address. (?) 1404 * SIOCGLIFADDR with IFLR_PREFIX: 1405 * get first address that matches the specified prefix. 1406 * SIOCALIFADDR: add the specified address. 1407 * SIOCALIFADDR with IFLR_PREFIX: 1408 * add the specified prefix, filling hostid part from 1409 * the first link-local address. prefixlen must be <= 64. 1410 * SIOCDLIFADDR: delete the specified address. 1411 * SIOCDLIFADDR with IFLR_PREFIX: 1412 * delete the first address that matches the specified prefix. 1413 * return values: 1414 * EINVAL on invalid parameters 1415 * EADDRNOTAVAIL on prefix match failed/specified address not found 1416 * other values may be returned from in6_ioctl() 1417 * 1418 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64. 1419 * this is to accomodate address naming scheme other than RFC2374, 1420 * in the future. 1421 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374 1422 * address encoding scheme. (see figure on page 8) 1423 */ 1424 static int 1425 in6_lifaddr_ioctl(so, cmd, data, ifp, p) 1426 struct socket *so; 1427 u_long cmd; 1428 caddr_t data; 1429 struct ifnet *ifp; 1430 struct proc *p; 1431 { 1432 struct if_laddrreq *iflr = (struct if_laddrreq *)data; 1433 struct ifaddr *ifa; 1434 struct sockaddr *sa; 1435 1436 /* sanity checks */ 1437 if (!data || !ifp) { 1438 panic("invalid argument to in6_lifaddr_ioctl"); 1439 /* NOTREACHED */ 1440 } 1441 1442 switch (cmd) { 1443 case SIOCGLIFADDR: 1444 /* address must be specified on GET with IFLR_PREFIX */ 1445 if ((iflr->flags & IFLR_PREFIX) == 0) 1446 break; 1447 /* FALLTHROUGH */ 1448 case SIOCALIFADDR: 1449 case SIOCDLIFADDR: 1450 /* address must be specified on ADD and DELETE */ 1451 sa = (struct sockaddr *)&iflr->addr; 1452 if (sa->sa_family != AF_INET6) 1453 return EINVAL; 1454 if (sa->sa_len != sizeof(struct sockaddr_in6)) 1455 return EINVAL; 1456 /* XXX need improvement */ 1457 sa = (struct sockaddr *)&iflr->dstaddr; 1458 if (sa->sa_family && sa->sa_family != AF_INET6) 1459 return EINVAL; 1460 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6)) 1461 return EINVAL; 1462 break; 1463 default: /* shouldn't happen */ 1464 #if 0 1465 panic("invalid cmd to in6_lifaddr_ioctl"); 1466 /* NOTREACHED */ 1467 #else 1468 return EOPNOTSUPP; 1469 #endif 1470 } 1471 if (sizeof(struct in6_addr) * 8 < iflr->prefixlen) 1472 return EINVAL; 1473 1474 switch (cmd) { 1475 case SIOCALIFADDR: 1476 { 1477 struct in6_aliasreq ifra; 1478 struct in6_addr *hostid = NULL; 1479 int prefixlen; 1480 1481 if ((iflr->flags & IFLR_PREFIX) != 0) { 1482 struct sockaddr_in6 *sin6; 1483 1484 /* 1485 * hostid is to fill in the hostid part of the 1486 * address. hostid points to the first link-local 1487 * address attached to the interface. 1488 */ 1489 ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 0); 1490 if (!ifa) 1491 return EADDRNOTAVAIL; 1492 hostid = IFA_IN6(ifa); 1493 1494 /* prefixlen must be <= 64. */ 1495 if (64 < iflr->prefixlen) 1496 return EINVAL; 1497 prefixlen = iflr->prefixlen; 1498 1499 /* hostid part must be zero. */ 1500 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1501 if (sin6->sin6_addr.s6_addr32[2] != 0 1502 || sin6->sin6_addr.s6_addr32[3] != 0) { 1503 return EINVAL; 1504 } 1505 } else 1506 prefixlen = iflr->prefixlen; 1507 1508 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */ 1509 bzero(&ifra, sizeof(ifra)); 1510 bcopy(iflr->iflr_name, ifra.ifra_name, sizeof(ifra.ifra_name)); 1511 1512 bcopy(&iflr->addr, &ifra.ifra_addr, 1513 ((struct sockaddr *)&iflr->addr)->sa_len); 1514 if (hostid) { 1515 /* fill in hostid part */ 1516 ifra.ifra_addr.sin6_addr.s6_addr32[2] = 1517 hostid->s6_addr32[2]; 1518 ifra.ifra_addr.sin6_addr.s6_addr32[3] = 1519 hostid->s6_addr32[3]; 1520 } 1521 1522 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /* XXX */ 1523 bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr, 1524 ((struct sockaddr *)&iflr->dstaddr)->sa_len); 1525 if (hostid) { 1526 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] = 1527 hostid->s6_addr32[2]; 1528 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] = 1529 hostid->s6_addr32[3]; 1530 } 1531 } 1532 1533 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6); 1534 in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen); 1535 1536 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX; 1537 return in6_control(so, SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp, p); 1538 } 1539 case SIOCGLIFADDR: 1540 case SIOCDLIFADDR: 1541 { 1542 struct in6_ifaddr *ia; 1543 struct in6_addr mask, candidate, match; 1544 struct sockaddr_in6 *sin6; 1545 int cmp; 1546 1547 bzero(&mask, sizeof(mask)); 1548 if (iflr->flags & IFLR_PREFIX) { 1549 /* lookup a prefix rather than address. */ 1550 in6_prefixlen2mask(&mask, iflr->prefixlen); 1551 1552 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1553 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1554 match.s6_addr32[0] &= mask.s6_addr32[0]; 1555 match.s6_addr32[1] &= mask.s6_addr32[1]; 1556 match.s6_addr32[2] &= mask.s6_addr32[2]; 1557 match.s6_addr32[3] &= mask.s6_addr32[3]; 1558 1559 /* if you set extra bits, that's wrong */ 1560 if (bcmp(&match, &sin6->sin6_addr, sizeof(match))) 1561 return EINVAL; 1562 1563 cmp = 1; 1564 } else { 1565 if (cmd == SIOCGLIFADDR) { 1566 /* on getting an address, take the 1st match */ 1567 cmp = 0; /* XXX */ 1568 } else { 1569 /* on deleting an address, do exact match */ 1570 in6_prefixlen2mask(&mask, 128); 1571 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1572 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1573 1574 cmp = 1; 1575 } 1576 } 1577 1578 for (ifa = ifp->if_addrlist.tqh_first; 1579 ifa; 1580 ifa = ifa->ifa_list.tqe_next) 1581 { 1582 if (ifa->ifa_addr->sa_family != AF_INET6) 1583 continue; 1584 if (!cmp) 1585 break; 1586 1587 bcopy(IFA_IN6(ifa), &candidate, sizeof(candidate)); 1588 candidate.s6_addr32[0] &= mask.s6_addr32[0]; 1589 candidate.s6_addr32[1] &= mask.s6_addr32[1]; 1590 candidate.s6_addr32[2] &= mask.s6_addr32[2]; 1591 candidate.s6_addr32[3] &= mask.s6_addr32[3]; 1592 if (IN6_ARE_ADDR_EQUAL(&candidate, &match)) 1593 break; 1594 } 1595 if (!ifa) 1596 return EADDRNOTAVAIL; 1597 ia = ifa2ia6(ifa); 1598 1599 if (cmd == SIOCGLIFADDR) { 1600 /* fill in the if_laddrreq structure */ 1601 bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin6_len); 1602 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1603 bcopy(&ia->ia_dstaddr, &iflr->dstaddr, 1604 ia->ia_dstaddr.sin6_len); 1605 } else 1606 bzero(&iflr->dstaddr, sizeof(iflr->dstaddr)); 1607 1608 iflr->prefixlen = 1609 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 1610 1611 iflr->flags = ia->ia6_flags; /* XXX */ 1612 1613 return 0; 1614 } else { 1615 struct in6_aliasreq ifra; 1616 1617 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */ 1618 bzero(&ifra, sizeof(ifra)); 1619 bcopy(iflr->iflr_name, ifra.ifra_name, 1620 sizeof(ifra.ifra_name)); 1621 1622 bcopy(&ia->ia_addr, &ifra.ifra_addr, 1623 ia->ia_addr.sin6_len); 1624 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1625 bcopy(&ia->ia_dstaddr, &ifra.ifra_dstaddr, 1626 ia->ia_dstaddr.sin6_len); 1627 } else { 1628 bzero(&ifra.ifra_dstaddr, 1629 sizeof(ifra.ifra_dstaddr)); 1630 } 1631 bcopy(&ia->ia_prefixmask, &ifra.ifra_dstaddr, 1632 ia->ia_prefixmask.sin6_len); 1633 1634 ifra.ifra_flags = ia->ia6_flags; 1635 return in6_control(so, SIOCDIFADDR_IN6, (caddr_t)&ifra, 1636 ifp, p); 1637 } 1638 } 1639 } 1640 1641 return EOPNOTSUPP; /* just for safety */ 1642 } 1643 1644 /* 1645 * Initialize an interface's intetnet6 address 1646 * and routing table entry. 1647 */ 1648 static int 1649 in6_ifinit(ifp, ia, sin6, newhost) 1650 struct ifnet *ifp; 1651 struct in6_ifaddr *ia; 1652 struct sockaddr_in6 *sin6; 1653 int newhost; 1654 { 1655 int error = 0, plen, ifacount = 0; 1656 int s = splnet(); 1657 struct ifaddr *ifa; 1658 1659 /* 1660 * Give the interface a chance to initialize 1661 * if this is its first address, 1662 * and to validate the address if necessary. 1663 */ 1664 for (ifa = ifp->if_addrlist.tqh_first; ifa; 1665 ifa = ifa->ifa_list.tqe_next) 1666 { 1667 if (ifa->ifa_addr == NULL) 1668 continue; /* just for safety */ 1669 if (ifa->ifa_addr->sa_family != AF_INET6) 1670 continue; 1671 ifacount++; 1672 } 1673 1674 ia->ia_addr = *sin6; 1675 1676 if (ifacount <= 1 && ifp->if_ioctl && 1677 (error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia))) { 1678 splx(s); 1679 return (error); 1680 } 1681 splx(s); 1682 1683 ia->ia_ifa.ifa_metric = ifp->if_metric; 1684 1685 /* we could do in(6)_socktrim here, but just omit it at this moment. */ 1686 1687 /* 1688 * Special case: 1689 * If the destination address is specified for a point-to-point 1690 * interface, install a route to the destination as an interface 1691 * direct route. 1692 */ 1693 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ 1694 if (plen == 128 && ia->ia_dstaddr.sin6_family == AF_INET6) { 1695 if ((error = rtinit(&(ia->ia_ifa), (int)RTM_ADD, 1696 RTF_UP | RTF_HOST)) != 0) 1697 return (error); 1698 ia->ia_flags |= IFA_ROUTE; 1699 } 1700 1701 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */ 1702 if (newhost) { 1703 /* set the rtrequest function to create llinfo */ 1704 ia->ia_ifa.ifa_rtrequest = nd6_rtrequest; 1705 in6_ifaddloop(&(ia->ia_ifa)); 1706 } 1707 1708 if (ifp->if_flags & IFF_MULTICAST) 1709 in6_restoremkludge(ia, ifp); 1710 1711 return (error); 1712 } 1713 1714 /* 1715 * Multicast address kludge: 1716 * If there were any multicast addresses attached to this interface address, 1717 * either move them to another address on this interface, or save them until 1718 * such time as this interface is reconfigured for IPv6. 1719 */ 1720 void 1721 in6_savemkludge(oia) 1722 struct in6_ifaddr *oia; 1723 { 1724 struct in6_ifaddr *ia; 1725 struct in6_multi *in6m, *next; 1726 1727 IFP_TO_IA6(oia->ia_ifp, ia); 1728 if (ia) { /* there is another address */ 1729 for (in6m = oia->ia6_multiaddrs.lh_first; in6m; in6m = next){ 1730 next = in6m->in6m_entry.le_next; 1731 IFAFREE(&in6m->in6m_ia->ia_ifa); 1732 IFAREF(&ia->ia_ifa); 1733 in6m->in6m_ia = ia; 1734 LIST_INSERT_HEAD(&ia->ia6_multiaddrs, in6m, in6m_entry); 1735 } 1736 } else { /* last address on this if deleted, save */ 1737 struct multi6_kludge *mk; 1738 1739 for (mk = in6_mk.lh_first; mk; mk = mk->mk_entry.le_next) { 1740 if (mk->mk_ifp == oia->ia_ifp) 1741 break; 1742 } 1743 if (mk == NULL) /* this should not happen! */ 1744 panic("in6_savemkludge: no kludge space"); 1745 1746 for (in6m = oia->ia6_multiaddrs.lh_first; in6m; in6m = next){ 1747 next = in6m->in6m_entry.le_next; 1748 IFAFREE(&in6m->in6m_ia->ia_ifa); /* release reference */ 1749 in6m->in6m_ia = NULL; 1750 LIST_INSERT_HEAD(&mk->mk_head, in6m, in6m_entry); 1751 } 1752 } 1753 } 1754 1755 /* 1756 * Continuation of multicast address hack: 1757 * If there was a multicast group list previously saved for this interface, 1758 * then we re-attach it to the first address configured on the i/f. 1759 */ 1760 void 1761 in6_restoremkludge(ia, ifp) 1762 struct in6_ifaddr *ia; 1763 struct ifnet *ifp; 1764 { 1765 struct multi6_kludge *mk; 1766 1767 for (mk = in6_mk.lh_first; mk; mk = mk->mk_entry.le_next) { 1768 if (mk->mk_ifp == ifp) { 1769 struct in6_multi *in6m, *next; 1770 1771 for (in6m = mk->mk_head.lh_first; in6m; in6m = next) { 1772 next = in6m->in6m_entry.le_next; 1773 in6m->in6m_ia = ia; 1774 IFAREF(&ia->ia_ifa); 1775 LIST_INSERT_HEAD(&ia->ia6_multiaddrs, 1776 in6m, in6m_entry); 1777 } 1778 LIST_INIT(&mk->mk_head); 1779 break; 1780 } 1781 } 1782 } 1783 1784 /* 1785 * Allocate space for the kludge at interface initialization time. 1786 * Formerly, we dynamically allocated the space in in6_savemkludge() with 1787 * malloc(M_WAITOK). However, it was wrong since the function could be called 1788 * under an interrupt context (software timer on address lifetime expiration). 1789 * Also, we cannot just give up allocating the strucutre, since the group 1790 * membership structure is very complex and we need to keep it anyway. 1791 * Of course, this function MUST NOT be called under an interrupt context. 1792 * Specifically, it is expected to be called only from in6_ifattach(), though 1793 * it is a global function. 1794 */ 1795 void 1796 in6_createmkludge(ifp) 1797 struct ifnet *ifp; 1798 { 1799 struct multi6_kludge *mk; 1800 1801 for (mk = in6_mk.lh_first; mk; mk = mk->mk_entry.le_next) { 1802 /* If we've already had one, do not allocate. */ 1803 if (mk->mk_ifp == ifp) 1804 return; 1805 } 1806 1807 mk = malloc(sizeof(*mk), M_IPMADDR, M_WAITOK); 1808 1809 bzero(mk, sizeof(*mk)); 1810 LIST_INIT(&mk->mk_head); 1811 mk->mk_ifp = ifp; 1812 LIST_INSERT_HEAD(&in6_mk, mk, mk_entry); 1813 } 1814 1815 void 1816 in6_purgemkludge(ifp) 1817 struct ifnet *ifp; 1818 { 1819 struct multi6_kludge *mk; 1820 struct in6_multi *in6m; 1821 1822 for (mk = in6_mk.lh_first; mk; mk = mk->mk_entry.le_next) { 1823 if (mk->mk_ifp != ifp) 1824 continue; 1825 1826 /* leave from all multicast groups joined */ 1827 while ((in6m = LIST_FIRST(&mk->mk_head)) != NULL) 1828 in6_delmulti(in6m); 1829 LIST_REMOVE(mk, mk_entry); 1830 free(mk, M_IPMADDR); 1831 break; 1832 } 1833 } 1834 1835 /* 1836 * Add an address to the list of IP6 multicast addresses for a 1837 * given interface. 1838 */ 1839 struct in6_multi * 1840 in6_addmulti(maddr6, ifp, errorp) 1841 struct in6_addr *maddr6; 1842 struct ifnet *ifp; 1843 int *errorp; 1844 { 1845 struct in6_ifaddr *ia; 1846 struct in6_ifreq ifr; 1847 struct in6_multi *in6m; 1848 int s = splsoftnet(); 1849 1850 *errorp = 0; 1851 /* 1852 * See if address already in list. 1853 */ 1854 IN6_LOOKUP_MULTI(*maddr6, ifp, in6m); 1855 if (in6m != NULL) { 1856 /* 1857 * Found it; just increment the refrence count. 1858 */ 1859 in6m->in6m_refcount++; 1860 } else { 1861 /* 1862 * New address; allocate a new multicast record 1863 * and link it into the interface's multicast list. 1864 */ 1865 in6m = (struct in6_multi *) 1866 malloc(sizeof(*in6m), M_IPMADDR, M_NOWAIT); 1867 if (in6m == NULL) { 1868 splx(s); 1869 *errorp = ENOBUFS; 1870 return (NULL); 1871 } 1872 in6m->in6m_addr = *maddr6; 1873 in6m->in6m_ifp = ifp; 1874 in6m->in6m_refcount = 1; 1875 IFP_TO_IA6(ifp, ia); 1876 if (ia == NULL) { 1877 free(in6m, M_IPMADDR); 1878 splx(s); 1879 *errorp = EADDRNOTAVAIL; /* appropriate? */ 1880 return (NULL); 1881 } 1882 in6m->in6m_ia = ia; 1883 IFAREF(&ia->ia_ifa); /* gain a reference */ 1884 LIST_INSERT_HEAD(&ia->ia6_multiaddrs, in6m, in6m_entry); 1885 1886 /* 1887 * Ask the network driver to update its multicast reception 1888 * filter appropriately for the new address. 1889 */ 1890 bzero(&ifr.ifr_addr, sizeof(struct sockaddr_in6)); 1891 ifr.ifr_addr.sin6_len = sizeof(struct sockaddr_in6); 1892 ifr.ifr_addr.sin6_family = AF_INET6; 1893 ifr.ifr_addr.sin6_addr = *maddr6; 1894 if (ifp->if_ioctl == NULL) 1895 *errorp = ENXIO; /* XXX: appropriate? */ 1896 else 1897 *errorp = (*ifp->if_ioctl)(ifp, SIOCADDMULTI, 1898 (caddr_t)&ifr); 1899 if (*errorp) { 1900 LIST_REMOVE(in6m, in6m_entry); 1901 free(in6m, M_IPMADDR); 1902 IFAFREE(&ia->ia_ifa); 1903 splx(s); 1904 return (NULL); 1905 } 1906 /* 1907 * Let MLD6 know that we have joined a new IP6 multicast 1908 * group. 1909 */ 1910 mld6_start_listening(in6m); 1911 } 1912 splx(s); 1913 return (in6m); 1914 } 1915 1916 /* 1917 * Delete a multicast address record. 1918 */ 1919 void 1920 in6_delmulti(in6m) 1921 struct in6_multi *in6m; 1922 { 1923 struct in6_ifreq ifr; 1924 struct in6_ifaddr *ia; 1925 int s = splsoftnet(); 1926 1927 if (--in6m->in6m_refcount == 0) { 1928 /* 1929 * No remaining claims to this record; let MLD6 know 1930 * that we are leaving the multicast group. 1931 */ 1932 mld6_stop_listening(in6m); 1933 1934 /* 1935 * Unlink from list. 1936 */ 1937 LIST_REMOVE(in6m, in6m_entry); 1938 if (in6m->in6m_ia) { 1939 IFAFREE(&in6m->in6m_ia->ia_ifa); /* release reference */ 1940 } 1941 /* 1942 * Delete all references of this multicasting group from 1943 * the membership arrays 1944 */ 1945 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 1946 struct in6_multi_mship *imm; 1947 LIST_FOREACH(imm, &ia->ia6_memberships, 1948 i6mm_chain) { 1949 if (imm->i6mm_maddr == in6m) 1950 imm->i6mm_maddr = NULL; 1951 } 1952 } 1953 1954 /* 1955 * Notify the network driver to update its multicast 1956 * reception filter. 1957 */ 1958 bzero(&ifr.ifr_addr, sizeof(struct sockaddr_in6)); 1959 ifr.ifr_addr.sin6_len = sizeof(struct sockaddr_in6); 1960 ifr.ifr_addr.sin6_family = AF_INET6; 1961 ifr.ifr_addr.sin6_addr = in6m->in6m_addr; 1962 (*in6m->in6m_ifp->if_ioctl)(in6m->in6m_ifp, 1963 SIOCDELMULTI, (caddr_t)&ifr); 1964 free(in6m, M_IPMADDR); 1965 } 1966 splx(s); 1967 } 1968 1969 struct in6_multi_mship * 1970 in6_joingroup(ifp, addr, errorp) 1971 struct ifnet *ifp; 1972 struct in6_addr *addr; 1973 int *errorp; 1974 { 1975 struct in6_multi_mship *imm; 1976 1977 imm = malloc(sizeof(*imm), M_IPMADDR, M_NOWAIT); 1978 if (!imm) { 1979 *errorp = ENOBUFS; 1980 return NULL; 1981 } 1982 imm->i6mm_maddr = in6_addmulti(addr, ifp, errorp); 1983 if (!imm->i6mm_maddr) { 1984 /* *errorp is alrady set */ 1985 free(imm, M_IPMADDR); 1986 return NULL; 1987 } 1988 return imm; 1989 } 1990 1991 int 1992 in6_leavegroup(imm) 1993 struct in6_multi_mship *imm; 1994 { 1995 1996 if (imm->i6mm_maddr) 1997 in6_delmulti(imm->i6mm_maddr); 1998 free(imm, M_IPMADDR); 1999 return 0; 2000 } 2001 2002 /* 2003 * Find an IPv6 interface link-local address specific to an interface. 2004 */ 2005 struct in6_ifaddr * 2006 in6ifa_ifpforlinklocal(ifp, ignoreflags) 2007 struct ifnet *ifp; 2008 int ignoreflags; 2009 { 2010 struct ifaddr *ifa; 2011 2012 for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa->ifa_list.tqe_next) 2013 { 2014 if (ifa->ifa_addr == NULL) 2015 continue; /* just for safety */ 2016 if (ifa->ifa_addr->sa_family != AF_INET6) 2017 continue; 2018 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) { 2019 if ((((struct in6_ifaddr *)ifa)->ia6_flags & 2020 ignoreflags) != 0) 2021 continue; 2022 break; 2023 } 2024 } 2025 2026 return ((struct in6_ifaddr *)ifa); 2027 } 2028 2029 2030 /* 2031 * find the internet address corresponding to a given interface and address. 2032 */ 2033 struct in6_ifaddr * 2034 in6ifa_ifpwithaddr(ifp, addr) 2035 struct ifnet *ifp; 2036 struct in6_addr *addr; 2037 { 2038 struct ifaddr *ifa; 2039 2040 for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa->ifa_list.tqe_next) 2041 { 2042 if (ifa->ifa_addr == NULL) 2043 continue; /* just for safety */ 2044 if (ifa->ifa_addr->sa_family != AF_INET6) 2045 continue; 2046 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) 2047 break; 2048 } 2049 2050 return ((struct in6_ifaddr *)ifa); 2051 } 2052 2053 /* 2054 * Convert IP6 address to printable (loggable) representation. 2055 */ 2056 static char digits[] = "0123456789abcdef"; 2057 static int ip6round = 0; 2058 char * 2059 ip6_sprintf(addr) 2060 const struct in6_addr *addr; 2061 { 2062 static char ip6buf[8][48]; 2063 int i; 2064 char *cp; 2065 const u_int16_t *a = (const u_int16_t *)addr; 2066 const u_int8_t *d; 2067 int dcolon = 0; 2068 2069 ip6round = (ip6round + 1) & 7; 2070 cp = ip6buf[ip6round]; 2071 2072 for (i = 0; i < 8; i++) { 2073 if (dcolon == 1) { 2074 if (*a == 0) { 2075 if (i == 7) 2076 *cp++ = ':'; 2077 a++; 2078 continue; 2079 } else 2080 dcolon = 2; 2081 } 2082 if (*a == 0) { 2083 if (dcolon == 0 && *(a + 1) == 0) { 2084 if (i == 0) 2085 *cp++ = ':'; 2086 *cp++ = ':'; 2087 dcolon = 1; 2088 } else { 2089 *cp++ = '0'; 2090 *cp++ = ':'; 2091 } 2092 a++; 2093 continue; 2094 } 2095 d = (const u_char *)a; 2096 *cp++ = digits[*d >> 4]; 2097 *cp++ = digits[*d++ & 0xf]; 2098 *cp++ = digits[*d >> 4]; 2099 *cp++ = digits[*d & 0xf]; 2100 *cp++ = ':'; 2101 a++; 2102 } 2103 *--cp = 0; 2104 return (ip6buf[ip6round]); 2105 } 2106 2107 /* 2108 * Determine if an address is on a local network. 2109 */ 2110 int 2111 in6_localaddr(in6) 2112 struct in6_addr *in6; 2113 { 2114 struct in6_ifaddr *ia; 2115 2116 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6)) 2117 return (1); 2118 2119 for (ia = in6_ifaddr; ia; ia = ia->ia_next) 2120 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr, 2121 &ia->ia_prefixmask.sin6_addr)) 2122 return (1); 2123 2124 return (0); 2125 } 2126 2127 /* 2128 * Get a scope of the address. Node-local, link-local, site-local or global. 2129 */ 2130 int 2131 in6_addrscope (addr) 2132 struct in6_addr *addr; 2133 { 2134 int scope; 2135 2136 if (addr->s6_addr8[0] == 0xfe) { 2137 scope = addr->s6_addr8[1] & 0xc0; 2138 2139 switch (scope) { 2140 case 0x80: 2141 return IPV6_ADDR_SCOPE_LINKLOCAL; 2142 case 0xc0: 2143 return IPV6_ADDR_SCOPE_SITELOCAL; 2144 default: 2145 return IPV6_ADDR_SCOPE_GLOBAL; /* just in case */ 2146 } 2147 } 2148 2149 2150 if (addr->s6_addr8[0] == 0xff) { 2151 scope = addr->s6_addr8[1] & 0x0f; 2152 2153 /* 2154 * due to other scope such as reserved, 2155 * return scope doesn't work. 2156 */ 2157 switch (scope) { 2158 case IPV6_ADDR_SCOPE_NODELOCAL: 2159 return IPV6_ADDR_SCOPE_NODELOCAL; 2160 case IPV6_ADDR_SCOPE_LINKLOCAL: 2161 return IPV6_ADDR_SCOPE_LINKLOCAL; 2162 case IPV6_ADDR_SCOPE_SITELOCAL: 2163 return IPV6_ADDR_SCOPE_SITELOCAL; 2164 default: 2165 return IPV6_ADDR_SCOPE_GLOBAL; 2166 } 2167 } 2168 2169 if (bcmp(&in6addr_loopback, addr, sizeof(*addr) - 1) == 0) { 2170 if (addr->s6_addr8[15] == 1) /* loopback */ 2171 return IPV6_ADDR_SCOPE_NODELOCAL; 2172 if (addr->s6_addr8[15] == 0) /* unspecified */ 2173 return IPV6_ADDR_SCOPE_LINKLOCAL; 2174 } 2175 2176 return IPV6_ADDR_SCOPE_GLOBAL; 2177 } 2178 2179 int 2180 in6_addr2scopeid(ifp, addr) 2181 struct ifnet *ifp; /* must not be NULL */ 2182 struct in6_addr *addr; /* must not be NULL */ 2183 { 2184 int scope = in6_addrscope(addr); 2185 2186 switch (scope) { 2187 case IPV6_ADDR_SCOPE_NODELOCAL: 2188 return (-1); /* XXX: is this an appropriate value? */ 2189 2190 case IPV6_ADDR_SCOPE_LINKLOCAL: 2191 /* XXX: we do not distinguish between a link and an I/F. */ 2192 return (ifp->if_index); 2193 2194 case IPV6_ADDR_SCOPE_SITELOCAL: 2195 return (0); /* XXX: invalid. */ 2196 2197 default: 2198 return (0); /* XXX: treat as global. */ 2199 } 2200 } 2201 2202 int 2203 in6_is_addr_deprecated(sa6) 2204 struct sockaddr_in6 *sa6; 2205 { 2206 struct in6_ifaddr *ia; 2207 2208 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 2209 if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, 2210 &sa6->sin6_addr) && 2211 #ifdef SCOPEDROUTING 2212 ia->ia_addr.sin6_scope_id == sa6->sin6_scope_id && 2213 #endif 2214 (ia->ia6_flags & IN6_IFF_DEPRECATED) != 0) 2215 return (1); /* true */ 2216 2217 /* XXX: do we still have to go thru the rest of the list? */ 2218 } 2219 2220 return (0); /* false */ 2221 } 2222 2223 /* 2224 * return length of part which dst and src are equal 2225 * hard coding... 2226 */ 2227 int 2228 in6_matchlen(src, dst) 2229 struct in6_addr *src, *dst; 2230 { 2231 int match = 0; 2232 u_char *s = (u_char *)src, *d = (u_char *)dst; 2233 u_char *lim = s + 16, r; 2234 2235 while (s < lim) 2236 if ((r = (*d++ ^ *s++)) != 0) { 2237 while (r < 128) { 2238 match++; 2239 r <<= 1; 2240 } 2241 break; 2242 } else 2243 match += 8; 2244 return match; 2245 } 2246 2247 /* XXX: to be scope conscious */ 2248 int 2249 in6_are_prefix_equal(p1, p2, len) 2250 struct in6_addr *p1, *p2; 2251 int len; 2252 { 2253 int bytelen, bitlen; 2254 2255 /* sanity check */ 2256 if (0 > len || len > 128) { 2257 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n", 2258 len); 2259 return (0); 2260 } 2261 2262 bytelen = len / 8; 2263 bitlen = len % 8; 2264 2265 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen)) 2266 return (0); 2267 if (bitlen != 0 && 2268 p1->s6_addr[bytelen] >> (8 - bitlen) != 2269 p2->s6_addr[bytelen] >> (8 - bitlen)) 2270 return (0); 2271 2272 return (1); 2273 } 2274 2275 void 2276 in6_prefixlen2mask(maskp, len) 2277 struct in6_addr *maskp; 2278 int len; 2279 { 2280 static const u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff}; 2281 int bytelen, bitlen, i; 2282 2283 /* sanity check */ 2284 if (0 > len || len > 128) { 2285 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n", 2286 len); 2287 return; 2288 } 2289 2290 bzero(maskp, sizeof(*maskp)); 2291 bytelen = len / 8; 2292 bitlen = len % 8; 2293 for (i = 0; i < bytelen; i++) 2294 maskp->s6_addr[i] = 0xff; 2295 if (bitlen) 2296 maskp->s6_addr[bytelen] = maskarray[bitlen - 1]; 2297 } 2298 2299 /* 2300 * return the best address out of the same scope 2301 */ 2302 struct in6_ifaddr * 2303 in6_ifawithscope(oifp, dst) 2304 struct ifnet *oifp; 2305 struct in6_addr *dst; 2306 { 2307 int dst_scope = in6_addrscope(dst), src_scope, best_scope = 0; 2308 int blen = -1; 2309 struct ifaddr *ifa; 2310 struct ifnet *ifp; 2311 struct in6_ifaddr *ifa_best = NULL; 2312 2313 if (oifp == NULL) { 2314 printf("in6_ifawithscope: output interface is not specified\n"); 2315 return (NULL); 2316 } 2317 2318 /* 2319 * We search for all addresses on all interfaces from the beginning. 2320 * Comparing an interface with the outgoing interface will be done 2321 * only at the final stage of tiebreaking. 2322 */ 2323 for (ifp = TAILQ_FIRST(&ifnet); ifp; ifp = TAILQ_NEXT(ifp, if_list)) 2324 { 2325 /* 2326 * We can never take an address that breaks the scope zone 2327 * of the destination. 2328 */ 2329 if (in6_addr2scopeid(ifp, dst) != in6_addr2scopeid(oifp, dst)) 2330 continue; 2331 2332 for (ifa = ifp->if_addrlist.tqh_first; ifa; 2333 ifa = ifa->ifa_list.tqe_next) 2334 { 2335 int tlen = -1, dscopecmp, bscopecmp, matchcmp; 2336 2337 if (ifa->ifa_addr->sa_family != AF_INET6) 2338 continue; 2339 2340 src_scope = in6_addrscope(IFA_IN6(ifa)); 2341 2342 #ifdef ADDRSELECT_DEBUG /* should be removed after stabilization */ 2343 dscopecmp = IN6_ARE_SCOPE_CMP(src_scope, dst_scope); 2344 printf("in6_ifawithscope: dst=%s bestaddr=%s, " 2345 "newaddr=%s, scope=%x, dcmp=%d, bcmp=%d, " 2346 "matchlen=%d, flgs=%x\n", 2347 ip6_sprintf(dst), 2348 ifa_best ? ip6_sprintf(&ifa_best->ia_addr.sin6_addr) : "none", 2349 ip6_sprintf(IFA_IN6(ifa)), src_scope, 2350 dscopecmp, 2351 ifa_best ? IN6_ARE_SCOPE_CMP(src_scope, best_scope) : -1, 2352 in6_matchlen(IFA_IN6(ifa), dst), 2353 ((struct in6_ifaddr *)ifa)->ia6_flags); 2354 #endif 2355 2356 /* 2357 * Don't use an address before completing DAD 2358 * nor a duplicated address. 2359 */ 2360 if (((struct in6_ifaddr *)ifa)->ia6_flags & 2361 IN6_IFF_NOTREADY) 2362 continue; 2363 2364 /* XXX: is there any case to allow anycasts? */ 2365 if (((struct in6_ifaddr *)ifa)->ia6_flags & 2366 IN6_IFF_ANYCAST) 2367 continue; 2368 2369 if (((struct in6_ifaddr *)ifa)->ia6_flags & 2370 IN6_IFF_DETACHED) 2371 continue; 2372 2373 /* 2374 * If this is the first address we find, 2375 * keep it anyway. 2376 */ 2377 if (ifa_best == NULL) 2378 goto replace; 2379 2380 /* 2381 * ifa_best is never NULL beyond this line except 2382 * within the block labeled "replace". 2383 */ 2384 2385 /* 2386 * If ifa_best has a smaller scope than dst and 2387 * the current address has a larger one than 2388 * (or equal to) dst, always replace ifa_best. 2389 * Also, if the current address has a smaller scope 2390 * than dst, ignore it unless ifa_best also has a 2391 * smaller scope. 2392 */ 2393 if (IN6_ARE_SCOPE_CMP(best_scope, dst_scope) < 0 && 2394 IN6_ARE_SCOPE_CMP(src_scope, dst_scope) >= 0) 2395 goto replace; 2396 if (IN6_ARE_SCOPE_CMP(src_scope, dst_scope) < 0 && 2397 IN6_ARE_SCOPE_CMP(best_scope, dst_scope) >= 0) 2398 continue; 2399 2400 /* 2401 * A deprecated address SHOULD NOT be used in new 2402 * communications if an alternate (non-deprecated) 2403 * address is available and has sufficient scope. 2404 * RFC 2462, Section 5.5.4. 2405 */ 2406 if (((struct in6_ifaddr *)ifa)->ia6_flags & 2407 IN6_IFF_DEPRECATED) { 2408 /* 2409 * Ignore any deprecated addresses if 2410 * specified by configuration. 2411 */ 2412 if (!ip6_use_deprecated) 2413 continue; 2414 2415 /* 2416 * If we have already found a non-deprecated 2417 * candidate, just ignore deprecated addresses. 2418 */ 2419 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) 2420 == 0) 2421 continue; 2422 } 2423 2424 /* 2425 * A non-deprecated address is always preferred 2426 * to a deprecated one regardless of scopes and 2427 * address matching. 2428 */ 2429 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) && 2430 (((struct in6_ifaddr *)ifa)->ia6_flags & 2431 IN6_IFF_DEPRECATED) == 0) 2432 goto replace; 2433 2434 /* 2435 * At this point, we have two cases: 2436 * 1. we are looking at a non-deprecated address, 2437 * and ifa_best is also non-deprecated. 2438 * 2. we are looking at a deprecated address, 2439 * and ifa_best is also deprecated. 2440 * Also, we do not have to consider a case where 2441 * the scope of if_best is larger(smaller) than dst and 2442 * the scope of the current address is smaller(larger) 2443 * than dst. Such a case has already been covered. 2444 * Tiebreaking is done according to the following 2445 * items: 2446 * - the scope comparison between the address and 2447 * dst (dscopecmp) 2448 * - the scope comparison between the address and 2449 * ifa_best (bscopecmp) 2450 * - if the address match dst longer than ifa_best 2451 * (matchcmp) 2452 * - if the address is on the outgoing I/F (outI/F) 2453 * 2454 * Roughly speaking, the selection policy is 2455 * - the most important item is scope. The same scope 2456 * is best. Then search for a larger scope. 2457 * Smaller scopes are the last resort. 2458 * - A deprecated address is chosen only when we have 2459 * no address that has an enough scope, but is 2460 * prefered to any addresses of smaller scopes. 2461 * - Longest address match against dst is considered 2462 * only for addresses that has the same scope of dst. 2463 * - If there is no other reasons to choose one, 2464 * addresses on the outgoing I/F are preferred. 2465 * 2466 * The precise decision table is as follows: 2467 * dscopecmp bscopecmp matchcmp outI/F | replace? 2468 * !equal equal N/A Yes | Yes (1) 2469 * !equal equal N/A No | No (2) 2470 * larger larger N/A N/A | No (3) 2471 * larger smaller N/A N/A | Yes (4) 2472 * smaller larger N/A N/A | Yes (5) 2473 * smaller smaller N/A N/A | No (6) 2474 * equal smaller N/A N/A | Yes (7) 2475 * equal larger (already done) 2476 * equal equal larger N/A | Yes (8) 2477 * equal equal smaller N/A | No (9) 2478 * equal equal equal Yes | Yes (a) 2479 * eaual eqaul equal No | No (b) 2480 */ 2481 dscopecmp = IN6_ARE_SCOPE_CMP(src_scope, dst_scope); 2482 bscopecmp = IN6_ARE_SCOPE_CMP(src_scope, best_scope); 2483 2484 if (dscopecmp && bscopecmp == 0) { 2485 if (oifp == ifp) /* (1) */ 2486 goto replace; 2487 continue; /* (2) */ 2488 } 2489 if (dscopecmp > 0) { 2490 if (bscopecmp > 0) /* (3) */ 2491 continue; 2492 goto replace; /* (4) */ 2493 } 2494 if (dscopecmp < 0) { 2495 if (bscopecmp > 0) /* (5) */ 2496 goto replace; 2497 continue; /* (6) */ 2498 } 2499 2500 /* now dscopecmp must be 0 */ 2501 if (bscopecmp < 0) 2502 goto replace; /* (7) */ 2503 2504 /* 2505 * At last both dscopecmp and bscopecmp must be 0. 2506 * We need address matching against dst for 2507 * tiebreaking. 2508 */ 2509 tlen = in6_matchlen(IFA_IN6(ifa), dst); 2510 matchcmp = tlen - blen; 2511 if (matchcmp > 0) /* (8) */ 2512 goto replace; 2513 if (matchcmp < 0) /* (9) */ 2514 continue; 2515 if (oifp == ifp) /* (a) */ 2516 goto replace; 2517 continue; /* (b) */ 2518 2519 replace: 2520 ifa_best = (struct in6_ifaddr *)ifa; 2521 blen = tlen >= 0 ? tlen : 2522 in6_matchlen(IFA_IN6(ifa), dst); 2523 best_scope = in6_addrscope(&ifa_best->ia_addr.sin6_addr); 2524 } 2525 } 2526 2527 /* count statistics for future improvements */ 2528 if (ifa_best == NULL) 2529 ip6stat.ip6s_sources_none++; 2530 else { 2531 if (oifp == ifa_best->ia_ifp) 2532 ip6stat.ip6s_sources_sameif[best_scope]++; 2533 else 2534 ip6stat.ip6s_sources_otherif[best_scope]++; 2535 2536 if (best_scope == dst_scope) 2537 ip6stat.ip6s_sources_samescope[best_scope]++; 2538 else 2539 ip6stat.ip6s_sources_otherscope[best_scope]++; 2540 2541 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) != 0) 2542 ip6stat.ip6s_sources_deprecated[best_scope]++; 2543 } 2544 2545 return (ifa_best); 2546 } 2547 2548 /* 2549 * return the best address out of the same scope. if no address was 2550 * found, return the first valid address from designated IF. 2551 */ 2552 struct in6_ifaddr * 2553 in6_ifawithifp(ifp, dst) 2554 struct ifnet *ifp; 2555 struct in6_addr *dst; 2556 { 2557 int dst_scope = in6_addrscope(dst), blen = -1, tlen; 2558 struct ifaddr *ifa; 2559 struct in6_ifaddr *besta = 0; 2560 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */ 2561 2562 dep[0] = dep[1] = NULL; 2563 2564 /* 2565 * We first look for addresses in the same scope. 2566 * If there is one, return it. 2567 * If two or more, return one which matches the dst longest. 2568 * If none, return one of global addresses assigned other ifs. 2569 */ 2570 for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa->ifa_list.tqe_next) 2571 { 2572 if (ifa->ifa_addr->sa_family != AF_INET6) 2573 continue; 2574 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2575 continue; /* XXX: is there any case to allow anycast? */ 2576 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2577 continue; /* don't use this interface */ 2578 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2579 continue; 2580 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2581 if (ip6_use_deprecated) 2582 dep[0] = (struct in6_ifaddr *)ifa; 2583 continue; 2584 } 2585 2586 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) { 2587 /* 2588 * call in6_matchlen() as few as possible 2589 */ 2590 if (besta) { 2591 if (blen == -1) 2592 blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst); 2593 tlen = in6_matchlen(IFA_IN6(ifa), dst); 2594 if (tlen > blen) { 2595 blen = tlen; 2596 besta = (struct in6_ifaddr *)ifa; 2597 } 2598 } else 2599 besta = (struct in6_ifaddr *)ifa; 2600 } 2601 } 2602 if (besta) 2603 return (besta); 2604 2605 for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa->ifa_list.tqe_next) 2606 { 2607 if (ifa->ifa_addr->sa_family != AF_INET6) 2608 continue; 2609 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2610 continue; /* XXX: is there any case to allow anycast? */ 2611 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2612 continue; /* don't use this interface */ 2613 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2614 continue; 2615 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2616 if (ip6_use_deprecated) 2617 dep[1] = (struct in6_ifaddr *)ifa; 2618 continue; 2619 } 2620 2621 return (struct in6_ifaddr *)ifa; 2622 } 2623 2624 /* use the last-resort values, that are, deprecated addresses */ 2625 if (dep[0]) 2626 return dep[0]; 2627 if (dep[1]) 2628 return dep[1]; 2629 2630 return NULL; 2631 } 2632 2633 /* 2634 * perform DAD when interface becomes IFF_UP. 2635 */ 2636 void 2637 in6_if_up(ifp) 2638 struct ifnet *ifp; 2639 { 2640 struct ifaddr *ifa; 2641 struct in6_ifaddr *ia; 2642 int dad_delay; /* delay ticks before DAD output */ 2643 2644 /* 2645 * special cases, like 6to4, are handled in in6_ifattach 2646 */ 2647 in6_ifattach(ifp, NULL); 2648 2649 dad_delay = 0; 2650 for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa->ifa_list.tqe_next) 2651 { 2652 if (ifa->ifa_addr->sa_family != AF_INET6) 2653 continue; 2654 ia = (struct in6_ifaddr *)ifa; 2655 if (ia->ia6_flags & IN6_IFF_TENTATIVE) 2656 nd6_dad_start(ifa, &dad_delay); 2657 } 2658 } 2659 2660 int 2661 in6if_do_dad(ifp) 2662 struct ifnet *ifp; 2663 { 2664 if ((ifp->if_flags & IFF_LOOPBACK) != 0) 2665 return (0); 2666 2667 switch (ifp->if_type) { 2668 case IFT_FAITH: 2669 /* 2670 * These interfaces do not have the IFF_LOOPBACK flag, 2671 * but loop packets back. We do not have to do DAD on such 2672 * interfaces. We should even omit it, because loop-backed 2673 * NS would confuse the DAD procedure. 2674 */ 2675 return (0); 2676 default: 2677 /* 2678 * Our DAD routine requires the interface up and running. 2679 * However, some interfaces can be up before the RUNNING 2680 * status. Additionaly, users may try to assign addresses 2681 * before the interface becomes up (or running). 2682 * We simply skip DAD in such a case as a work around. 2683 * XXX: we should rather mark "tentative" on such addresses, 2684 * and do DAD after the interface becomes ready. 2685 */ 2686 if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) != 2687 (IFF_UP|IFF_RUNNING)) 2688 return (0); 2689 2690 return (1); 2691 } 2692 } 2693 2694 /* 2695 * Calculate max IPv6 MTU through all the interfaces and store it 2696 * to in6_maxmtu. 2697 */ 2698 void 2699 in6_setmaxmtu() 2700 { 2701 unsigned long maxmtu = 0; 2702 struct ifnet *ifp; 2703 2704 for (ifp = TAILQ_FIRST(&ifnet); ifp; ifp = TAILQ_NEXT(ifp, if_list)) 2705 { 2706 /* this function can be called during ifnet initialization */ 2707 if (!ifp->if_afdata[AF_INET6]) 2708 continue; 2709 if ((ifp->if_flags & IFF_LOOPBACK) == 0 && 2710 IN6_LINKMTU(ifp) > maxmtu) 2711 maxmtu = IN6_LINKMTU(ifp); 2712 } 2713 if (maxmtu) /* update only when maxmtu is positive */ 2714 in6_maxmtu = maxmtu; 2715 } 2716 2717 void * 2718 in6_domifattach(ifp) 2719 struct ifnet *ifp; 2720 { 2721 struct in6_ifextra *ext; 2722 2723 ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK); 2724 bzero(ext, sizeof(*ext)); 2725 2726 ext->in6_ifstat = (struct in6_ifstat *)malloc(sizeof(struct in6_ifstat), 2727 M_IFADDR, M_WAITOK); 2728 bzero(ext->in6_ifstat, sizeof(*ext->in6_ifstat)); 2729 2730 ext->icmp6_ifstat = 2731 (struct icmp6_ifstat *)malloc(sizeof(struct icmp6_ifstat), 2732 M_IFADDR, M_WAITOK); 2733 bzero(ext->icmp6_ifstat, sizeof(*ext->icmp6_ifstat)); 2734 2735 ext->nd_ifinfo = nd6_ifattach(ifp); 2736 return ext; 2737 } 2738 2739 void 2740 in6_domifdetach(ifp, aux) 2741 struct ifnet *ifp; 2742 void *aux; 2743 { 2744 struct in6_ifextra *ext = (struct in6_ifextra *)aux; 2745 2746 nd6_ifdetach(ext->nd_ifinfo); 2747 free(ext->in6_ifstat, M_IFADDR); 2748 free(ext->icmp6_ifstat, M_IFADDR); 2749 free(ext, M_IFADDR); 2750 } 2751