1 /* $NetBSD: in6.c,v 1.86 2004/03/28 08:28:06 christos Exp $ */ 2 /* $KAME: in6.c,v 1.198 2001/07/18 09:12:38 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1991, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 * 61 * @(#)in.c 8.2 (Berkeley) 11/15/93 62 */ 63 64 #include <sys/cdefs.h> 65 __KERNEL_RCSID(0, "$NetBSD: in6.c,v 1.86 2004/03/28 08:28:06 christos Exp $"); 66 67 #include "opt_inet.h" 68 69 #include <sys/param.h> 70 #include <sys/ioctl.h> 71 #include <sys/errno.h> 72 #include <sys/malloc.h> 73 #include <sys/socket.h> 74 #include <sys/socketvar.h> 75 #include <sys/sockio.h> 76 #include <sys/systm.h> 77 #include <sys/proc.h> 78 #include <sys/time.h> 79 #include <sys/kernel.h> 80 #include <sys/syslog.h> 81 82 #include <net/if.h> 83 #include <net/if_types.h> 84 #include <net/route.h> 85 #include <net/if_dl.h> 86 87 #include <netinet/in.h> 88 #include <netinet/in_var.h> 89 #include <net/if_ether.h> 90 91 #include <netinet/ip6.h> 92 #include <netinet6/ip6_var.h> 93 #include <netinet6/nd6.h> 94 #include <netinet6/mld6_var.h> 95 #include <netinet6/ip6_mroute.h> 96 #include <netinet6/in6_ifattach.h> 97 98 #include <net/net_osdep.h> 99 100 MALLOC_DEFINE(M_IP6OPT, "ip6_options", "IPv6 options"); 101 102 /* enable backward compatibility code for obsoleted ioctls */ 103 #define COMPAT_IN6IFIOCTL 104 105 /* 106 * Definitions of some constant IP6 addresses. 107 */ 108 const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT; 109 const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT; 110 const struct in6_addr in6addr_nodelocal_allnodes = 111 IN6ADDR_NODELOCAL_ALLNODES_INIT; 112 const struct in6_addr in6addr_linklocal_allnodes = 113 IN6ADDR_LINKLOCAL_ALLNODES_INIT; 114 const struct in6_addr in6addr_linklocal_allrouters = 115 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT; 116 117 const struct in6_addr in6mask0 = IN6MASK0; 118 const struct in6_addr in6mask32 = IN6MASK32; 119 const struct in6_addr in6mask64 = IN6MASK64; 120 const struct in6_addr in6mask96 = IN6MASK96; 121 const struct in6_addr in6mask128 = IN6MASK128; 122 123 const struct sockaddr_in6 sa6_any = {sizeof(sa6_any), AF_INET6, 124 0, 0, IN6ADDR_ANY_INIT, 0}; 125 126 static int in6_lifaddr_ioctl __P((struct socket *, u_long, caddr_t, 127 struct ifnet *, struct proc *)); 128 static int in6_ifinit __P((struct ifnet *, struct in6_ifaddr *, 129 struct sockaddr_in6 *, int)); 130 static void in6_unlink_ifa __P((struct in6_ifaddr *, struct ifnet *)); 131 132 /* 133 * This structure is used to keep track of in6_multi chains which belong to 134 * deleted interface addresses. 135 */ 136 static LIST_HEAD(, multi6_kludge) in6_mk; /* XXX BSS initialization */ 137 138 struct multi6_kludge { 139 LIST_ENTRY(multi6_kludge) mk_entry; 140 struct ifnet *mk_ifp; 141 struct in6_multihead mk_head; 142 }; 143 144 /* 145 * Subroutine for in6_ifaddloop() and in6_ifremloop(). 146 * This routine does actual work. 147 */ 148 static void 149 in6_ifloop_request(int cmd, struct ifaddr *ifa) 150 { 151 struct sockaddr_in6 lo_sa; 152 struct sockaddr_in6 all1_sa; 153 struct rtentry *nrt = NULL; 154 int e; 155 156 bzero(&lo_sa, sizeof(lo_sa)); 157 bzero(&all1_sa, sizeof(all1_sa)); 158 lo_sa.sin6_family = all1_sa.sin6_family = AF_INET6; 159 lo_sa.sin6_len = all1_sa.sin6_len = sizeof(struct sockaddr_in6); 160 lo_sa.sin6_addr = in6addr_loopback; 161 all1_sa.sin6_addr = in6mask128; 162 163 /* 164 * We specify the address itself as the gateway, and set the 165 * RTF_LLINFO flag, so that the corresponding host route would have 166 * the flag, and thus applications that assume traditional behavior 167 * would be happy. Note that we assume the caller of the function 168 * (probably implicitly) set nd6_rtrequest() to ifa->ifa_rtrequest, 169 * which changes the outgoing interface to the loopback interface. 170 */ 171 e = rtrequest(cmd, ifa->ifa_addr, ifa->ifa_addr, 172 (struct sockaddr *)&all1_sa, RTF_UP|RTF_HOST|RTF_LLINFO, &nrt); 173 if (e != 0) { 174 log(LOG_ERR, "in6_ifloop_request: " 175 "%s operation failed for %s (errno=%d)\n", 176 cmd == RTM_ADD ? "ADD" : "DELETE", 177 ip6_sprintf(&((struct in6_ifaddr *)ifa)->ia_addr.sin6_addr), 178 e); 179 } 180 181 /* 182 * Make sure rt_ifa be equal to IFA, the second argument of the 183 * function. 184 * We need this because when we refer to rt_ifa->ia6_flags in 185 * ip6_input, we assume that the rt_ifa points to the address instead 186 * of the loopback address. 187 */ 188 if (cmd == RTM_ADD && nrt && ifa != nrt->rt_ifa) { 189 IFAFREE(nrt->rt_ifa); 190 IFAREF(ifa); 191 nrt->rt_ifa = ifa; 192 } 193 194 /* 195 * Report the addition/removal of the address to the routing socket. 196 * XXX: since we called rtinit for a p2p interface with a destination, 197 * we end up reporting twice in such a case. Should we rather 198 * omit the second report? 199 */ 200 if (nrt) { 201 rt_newaddrmsg(cmd, ifa, e, nrt); 202 if (cmd == RTM_DELETE) { 203 if (nrt->rt_refcnt <= 0) { 204 /* XXX: we should free the entry ourselves. */ 205 nrt->rt_refcnt++; 206 rtfree(nrt); 207 } 208 } else { 209 /* the cmd must be RTM_ADD here */ 210 nrt->rt_refcnt--; 211 } 212 } 213 } 214 215 /* 216 * Add ownaddr as loopback rtentry. We previously add the route only if 217 * necessary (ex. on a p2p link). However, since we now manage addresses 218 * separately from prefixes, we should always add the route. We can't 219 * rely on the cloning mechanism from the corresponding interface route 220 * any more. 221 */ 222 static void 223 in6_ifaddloop(struct ifaddr *ifa) 224 { 225 struct rtentry *rt; 226 227 /* If there is no loopback entry, allocate one. */ 228 rt = rtalloc1(ifa->ifa_addr, 0); 229 if (rt == NULL || (rt->rt_flags & RTF_HOST) == 0 || 230 (rt->rt_ifp->if_flags & IFF_LOOPBACK) == 0) 231 in6_ifloop_request(RTM_ADD, ifa); 232 if (rt) 233 rt->rt_refcnt--; 234 } 235 236 /* 237 * Remove loopback rtentry of ownaddr generated by in6_ifaddloop(), 238 * if it exists. 239 */ 240 static void 241 in6_ifremloop(struct ifaddr *ifa) 242 { 243 struct in6_ifaddr *ia; 244 struct rtentry *rt; 245 int ia_count = 0; 246 247 /* 248 * Some of BSD variants do not remove cloned routes 249 * from an interface direct route, when removing the direct route 250 * (see comments in net/net_osdep.h). Even for variants that do remove 251 * cloned routes, they could fail to remove the cloned routes when 252 * we handle multple addresses that share a common prefix. 253 * So, we should remove the route corresponding to the deleted address. 254 */ 255 256 /* 257 * Delete the entry only if exact one ifa exists. More than one ifa 258 * can exist if we assign a same single address to multiple 259 * (probably p2p) interfaces. 260 * XXX: we should avoid such a configuration in IPv6... 261 */ 262 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 263 if (IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &ia->ia_addr.sin6_addr)) { 264 ia_count++; 265 if (ia_count > 1) 266 break; 267 } 268 } 269 270 if (ia_count == 1) { 271 /* 272 * Before deleting, check if a corresponding loopbacked host 273 * route surely exists. With this check, we can avoid to 274 * delete an interface direct route whose destination is same 275 * as the address being removed. This can happen when removing 276 * a subnet-router anycast address on an interface attahced 277 * to a shared medium. 278 */ 279 rt = rtalloc1(ifa->ifa_addr, 0); 280 if (rt != NULL && (rt->rt_flags & RTF_HOST) != 0 && 281 (rt->rt_ifp->if_flags & IFF_LOOPBACK) != 0) { 282 rt->rt_refcnt--; 283 in6_ifloop_request(RTM_DELETE, ifa); 284 } 285 } 286 } 287 288 int 289 in6_ifindex2scopeid(idx) 290 int idx; 291 { 292 struct ifnet *ifp; 293 struct ifaddr *ifa; 294 struct sockaddr_in6 *sin6; 295 296 if (idx < 0 || if_indexlim <= idx) 297 return -1; 298 ifp = ifindex2ifnet[idx]; 299 if (!ifp) 300 return -1; 301 302 for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa->ifa_list.tqe_next) 303 { 304 if (ifa->ifa_addr->sa_family != AF_INET6) 305 continue; 306 sin6 = (struct sockaddr_in6 *)ifa->ifa_addr; 307 if (IN6_IS_ADDR_SITELOCAL(&sin6->sin6_addr)) 308 return sin6->sin6_scope_id & 0xffff; 309 } 310 311 return -1; 312 } 313 314 int 315 in6_mask2len(mask, lim0) 316 struct in6_addr *mask; 317 u_char *lim0; 318 { 319 int x = 0, y; 320 u_char *lim = lim0, *p; 321 322 /* ignore the scope_id part */ 323 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask)) 324 lim = (u_char *)mask + sizeof(*mask); 325 for (p = (u_char *)mask; p < lim; x++, p++) { 326 if (*p != 0xff) 327 break; 328 } 329 y = 0; 330 if (p < lim) { 331 for (y = 0; y < 8; y++) { 332 if ((*p & (0x80 >> y)) == 0) 333 break; 334 } 335 } 336 337 /* 338 * when the limit pointer is given, do a stricter check on the 339 * remaining bits. 340 */ 341 if (p < lim) { 342 if (y != 0 && (*p & (0x00ff >> y)) != 0) 343 return (-1); 344 for (p = p + 1; p < lim; p++) 345 if (*p != 0) 346 return (-1); 347 } 348 349 return x * 8 + y; 350 } 351 352 #define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa)) 353 #define ia62ifa(ia6) (&((ia6)->ia_ifa)) 354 355 int 356 in6_control(so, cmd, data, ifp, p) 357 struct socket *so; 358 u_long cmd; 359 caddr_t data; 360 struct ifnet *ifp; 361 struct proc *p; 362 { 363 struct in6_ifreq *ifr = (struct in6_ifreq *)data; 364 struct in6_ifaddr *ia = NULL; 365 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data; 366 struct sockaddr_in6 *sa6; 367 int privileged; 368 369 privileged = 0; 370 if (p && !suser(p->p_ucred, &p->p_acflag)) 371 privileged++; 372 373 switch (cmd) { 374 case SIOCGETSGCNT_IN6: 375 case SIOCGETMIFCNT_IN6: 376 return (mrt6_ioctl(cmd, data)); 377 } 378 379 if (ifp == NULL) 380 return (EOPNOTSUPP); 381 382 switch (cmd) { 383 case SIOCSNDFLUSH_IN6: 384 case SIOCSPFXFLUSH_IN6: 385 case SIOCSRTRFLUSH_IN6: 386 case SIOCSDEFIFACE_IN6: 387 case SIOCSIFINFO_FLAGS: 388 if (!privileged) 389 return (EPERM); 390 /* FALLTHROUGH */ 391 case OSIOCGIFINFO_IN6: 392 case SIOCGIFINFO_IN6: 393 case SIOCGDRLST_IN6: 394 case SIOCGPRLST_IN6: 395 case SIOCGNBRINFO_IN6: 396 case SIOCGDEFIFACE_IN6: 397 return (nd6_ioctl(cmd, data, ifp)); 398 } 399 400 switch (cmd) { 401 case SIOCSIFPREFIX_IN6: 402 case SIOCDIFPREFIX_IN6: 403 case SIOCAIFPREFIX_IN6: 404 case SIOCCIFPREFIX_IN6: 405 case SIOCSGIFPREFIX_IN6: 406 case SIOCGIFPREFIX_IN6: 407 log(LOG_NOTICE, 408 "prefix ioctls are now invalidated. " 409 "please use ifconfig.\n"); 410 return (EOPNOTSUPP); 411 } 412 413 switch (cmd) { 414 case SIOCALIFADDR: 415 case SIOCDLIFADDR: 416 if (!privileged) 417 return (EPERM); 418 /* FALLTHROUGH */ 419 case SIOCGLIFADDR: 420 return in6_lifaddr_ioctl(so, cmd, data, ifp, p); 421 } 422 423 /* 424 * Find address for this interface, if it exists. 425 * 426 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation 427 * only, and used the first interface address as the target of other 428 * operations (without checking ifra_addr). This was because netinet 429 * code/API assumed at most 1 interface address per interface. 430 * Since IPv6 allows a node to assign multiple addresses 431 * on a single interface, we almost always look and check the 432 * presence of ifra_addr, and reject invalid ones here. 433 * It also decreases duplicated code among SIOC*_IN6 operations. 434 */ 435 switch (cmd) { 436 case SIOCAIFADDR_IN6: 437 case SIOCSIFPHYADDR_IN6: 438 sa6 = &ifra->ifra_addr; 439 break; 440 case SIOCSIFADDR_IN6: 441 case SIOCGIFADDR_IN6: 442 case SIOCSIFDSTADDR_IN6: 443 case SIOCSIFNETMASK_IN6: 444 case SIOCGIFDSTADDR_IN6: 445 case SIOCGIFNETMASK_IN6: 446 case SIOCDIFADDR_IN6: 447 case SIOCGIFPSRCADDR_IN6: 448 case SIOCGIFPDSTADDR_IN6: 449 case SIOCGIFAFLAG_IN6: 450 case SIOCSNDFLUSH_IN6: 451 case SIOCSPFXFLUSH_IN6: 452 case SIOCSRTRFLUSH_IN6: 453 case SIOCGIFALIFETIME_IN6: 454 case SIOCSIFALIFETIME_IN6: 455 case SIOCGIFSTAT_IN6: 456 case SIOCGIFSTAT_ICMP6: 457 sa6 = &ifr->ifr_addr; 458 break; 459 default: 460 sa6 = NULL; 461 break; 462 } 463 if (sa6 && sa6->sin6_family == AF_INET6) { 464 if (IN6_IS_ADDR_LINKLOCAL(&sa6->sin6_addr)) { 465 if (sa6->sin6_addr.s6_addr16[1] == 0) { 466 /* link ID is not embedded by the user */ 467 sa6->sin6_addr.s6_addr16[1] = 468 htons(ifp->if_index); 469 } else if (sa6->sin6_addr.s6_addr16[1] != 470 htons(ifp->if_index)) { 471 return (EINVAL); /* link ID contradicts */ 472 } 473 if (sa6->sin6_scope_id) { 474 if (sa6->sin6_scope_id != 475 (u_int32_t)ifp->if_index) 476 return (EINVAL); 477 sa6->sin6_scope_id = 0; /* XXX: good way? */ 478 } 479 } 480 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr); 481 } else 482 ia = NULL; 483 484 switch (cmd) { 485 case SIOCSIFADDR_IN6: 486 case SIOCSIFDSTADDR_IN6: 487 case SIOCSIFNETMASK_IN6: 488 /* 489 * Since IPv6 allows a node to assign multiple addresses 490 * on a single interface, SIOCSIFxxx ioctls are deprecated. 491 */ 492 return (EINVAL); 493 494 case SIOCDIFADDR_IN6: 495 /* 496 * for IPv4, we look for existing in_ifaddr here to allow 497 * "ifconfig if0 delete" to remove the first IPv4 address on 498 * the interface. For IPv6, as the spec allows multiple 499 * interface address from the day one, we consider "remove the 500 * first one" semantics to be not preferable. 501 */ 502 if (ia == NULL) 503 return (EADDRNOTAVAIL); 504 /* FALLTHROUGH */ 505 case SIOCAIFADDR_IN6: 506 /* 507 * We always require users to specify a valid IPv6 address for 508 * the corresponding operation. 509 */ 510 if (ifra->ifra_addr.sin6_family != AF_INET6 || 511 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) 512 return (EAFNOSUPPORT); 513 if (!privileged) 514 return (EPERM); 515 516 break; 517 518 case SIOCGIFADDR_IN6: 519 /* This interface is basically deprecated. use SIOCGIFCONF. */ 520 /* FALLTHROUGH */ 521 case SIOCGIFAFLAG_IN6: 522 case SIOCGIFNETMASK_IN6: 523 case SIOCGIFDSTADDR_IN6: 524 case SIOCGIFALIFETIME_IN6: 525 /* must think again about its semantics */ 526 if (ia == NULL) 527 return (EADDRNOTAVAIL); 528 break; 529 case SIOCSIFALIFETIME_IN6: 530 { 531 struct in6_addrlifetime *lt; 532 533 if (!privileged) 534 return (EPERM); 535 if (ia == NULL) 536 return (EADDRNOTAVAIL); 537 /* sanity for overflow - beware unsigned */ 538 lt = &ifr->ifr_ifru.ifru_lifetime; 539 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME 540 && lt->ia6t_vltime + time.tv_sec < time.tv_sec) { 541 return EINVAL; 542 } 543 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME 544 && lt->ia6t_pltime + time.tv_sec < time.tv_sec) { 545 return EINVAL; 546 } 547 break; 548 } 549 } 550 551 switch (cmd) { 552 553 case SIOCGIFADDR_IN6: 554 ifr->ifr_addr = ia->ia_addr; 555 break; 556 557 case SIOCGIFDSTADDR_IN6: 558 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) 559 return (EINVAL); 560 /* 561 * XXX: should we check if ifa_dstaddr is NULL and return 562 * an error? 563 */ 564 ifr->ifr_dstaddr = ia->ia_dstaddr; 565 break; 566 567 case SIOCGIFNETMASK_IN6: 568 ifr->ifr_addr = ia->ia_prefixmask; 569 break; 570 571 case SIOCGIFAFLAG_IN6: 572 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags; 573 break; 574 575 case SIOCGIFSTAT_IN6: 576 if (ifp == NULL) 577 return EINVAL; 578 bzero(&ifr->ifr_ifru.ifru_stat, 579 sizeof(ifr->ifr_ifru.ifru_stat)); 580 ifr->ifr_ifru.ifru_stat = 581 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat; 582 break; 583 584 case SIOCGIFSTAT_ICMP6: 585 if (ifp == NULL) 586 return EINVAL; 587 bzero(&ifr->ifr_ifru.ifru_stat, 588 sizeof(ifr->ifr_ifru.ifru_icmp6stat)); 589 ifr->ifr_ifru.ifru_icmp6stat = 590 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat; 591 break; 592 593 case SIOCGIFALIFETIME_IN6: 594 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime; 595 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 596 time_t maxexpire; 597 struct in6_addrlifetime *retlt = 598 &ifr->ifr_ifru.ifru_lifetime; 599 600 /* 601 * XXX: adjust expiration time assuming time_t is 602 * signed. 603 */ 604 maxexpire = (-1) & 605 ~(1 << ((sizeof(maxexpire) * 8) - 1)); 606 if (ia->ia6_lifetime.ia6t_vltime < 607 maxexpire - ia->ia6_updatetime) { 608 retlt->ia6t_expire = ia->ia6_updatetime + 609 ia->ia6_lifetime.ia6t_vltime; 610 } else 611 retlt->ia6t_expire = maxexpire; 612 } 613 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 614 time_t maxexpire; 615 struct in6_addrlifetime *retlt = 616 &ifr->ifr_ifru.ifru_lifetime; 617 618 /* 619 * XXX: adjust expiration time assuming time_t is 620 * signed. 621 */ 622 maxexpire = (-1) & 623 ~(1 << ((sizeof(maxexpire) * 8) - 1)); 624 if (ia->ia6_lifetime.ia6t_pltime < 625 maxexpire - ia->ia6_updatetime) { 626 retlt->ia6t_preferred = ia->ia6_updatetime + 627 ia->ia6_lifetime.ia6t_pltime; 628 } else 629 retlt->ia6t_preferred = maxexpire; 630 } 631 break; 632 633 case SIOCSIFALIFETIME_IN6: 634 ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime; 635 /* for sanity */ 636 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 637 ia->ia6_lifetime.ia6t_expire = 638 time.tv_sec + ia->ia6_lifetime.ia6t_vltime; 639 } else 640 ia->ia6_lifetime.ia6t_expire = 0; 641 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 642 ia->ia6_lifetime.ia6t_preferred = 643 time.tv_sec + ia->ia6_lifetime.ia6t_pltime; 644 } else 645 ia->ia6_lifetime.ia6t_preferred = 0; 646 break; 647 648 case SIOCAIFADDR_IN6: 649 { 650 int i, error = 0; 651 struct nd_prefix pr0, *pr; 652 653 /* reject read-only flags */ 654 if ((ifra->ifra_flags & IN6_IFF_DUPLICATED) != 0 || 655 (ifra->ifra_flags & IN6_IFF_DETACHED) != 0 || 656 (ifra->ifra_flags & IN6_IFF_NODAD) != 0 || 657 (ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0) { 658 return (EINVAL); 659 } 660 /* 661 * first, make or update the interface address structure, 662 * and link it to the list. 663 */ 664 if ((error = in6_update_ifa(ifp, ifra, ia)) != 0) 665 return (error); 666 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr)) 667 == NULL) { 668 /* 669 * this can happen when the user specify the 0 valid 670 * lifetime. 671 */ 672 break; 673 } 674 675 /* 676 * then, make the prefix on-link on the interface. 677 * XXX: we'd rather create the prefix before the address, but 678 * we need at least one address to install the corresponding 679 * interface route, so we configure the address first. 680 */ 681 682 /* 683 * convert mask to prefix length (prefixmask has already 684 * been validated in in6_update_ifa(). 685 */ 686 bzero(&pr0, sizeof(pr0)); 687 pr0.ndpr_ifp = ifp; 688 pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 689 NULL); 690 if (pr0.ndpr_plen == 128) { 691 break; /* we don't need to install a host route. */ 692 } 693 pr0.ndpr_prefix = ifra->ifra_addr; 694 pr0.ndpr_mask = ifra->ifra_prefixmask.sin6_addr; 695 /* apply the mask for safety. */ 696 for (i = 0; i < 4; i++) { 697 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &= 698 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i]; 699 } 700 /* 701 * XXX: since we don't have an API to set prefix (not address) 702 * lifetimes, we just use the same lifetimes as addresses. 703 * The (temporarily) installed lifetimes can be overridden by 704 * later advertised RAs (when accept_rtadv is non 0), which is 705 * an intended behavior. 706 */ 707 pr0.ndpr_raf_onlink = 1; /* should be configurable? */ 708 pr0.ndpr_raf_auto = 709 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0); 710 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime; 711 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime; 712 713 /* add the prefix if not yet. */ 714 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) { 715 /* 716 * nd6_prelist_add will install the corresponding 717 * interface route. 718 */ 719 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) 720 return (error); 721 if (pr == NULL) { 722 log(LOG_ERR, "nd6_prelist_add succeeded but " 723 "no prefix\n"); 724 return (EINVAL); /* XXX panic here? */ 725 } 726 } 727 728 /* relate the address to the prefix */ 729 if (ia->ia6_ndpr == NULL) { 730 ia->ia6_ndpr = pr; 731 pr->ndpr_refcnt++; 732 } 733 734 /* 735 * this might affect the status of autoconfigured addresses, 736 * that is, this address might make other addresses detached. 737 */ 738 pfxlist_onlink_check(); 739 740 break; 741 } 742 743 case SIOCDIFADDR_IN6: 744 { 745 int i = 0, purgeprefix = 0; 746 struct nd_prefix pr0, *pr = NULL; 747 748 /* 749 * If the address being deleted is the only one that owns 750 * the corresponding prefix, expire the prefix as well. 751 * XXX: theoretically, we don't have to worry about such 752 * relationship, since we separate the address management 753 * and the prefix management. We do this, however, to provide 754 * as much backward compatibility as possible in terms of 755 * the ioctl operation. 756 */ 757 bzero(&pr0, sizeof(pr0)); 758 pr0.ndpr_ifp = ifp; 759 pr0.ndpr_plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, 760 NULL); 761 if (pr0.ndpr_plen == 128) 762 goto purgeaddr; 763 pr0.ndpr_prefix = ia->ia_addr; 764 pr0.ndpr_mask = ia->ia_prefixmask.sin6_addr; 765 for (i = 0; i < 4; i++) { 766 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &= 767 ia->ia_prefixmask.sin6_addr.s6_addr32[i]; 768 } 769 if ((pr = nd6_prefix_lookup(&pr0)) != NULL && 770 pr == ia->ia6_ndpr) { 771 pr->ndpr_refcnt--; 772 if (pr->ndpr_refcnt == 0) 773 purgeprefix = 1; 774 } 775 776 purgeaddr: 777 in6_purgeaddr(&ia->ia_ifa); 778 if (pr && purgeprefix) 779 prelist_remove(pr); 780 break; 781 } 782 783 default: 784 if (ifp == NULL || ifp->if_ioctl == 0) 785 return (EOPNOTSUPP); 786 return ((*ifp->if_ioctl)(ifp, cmd, data)); 787 } 788 789 return (0); 790 } 791 792 /* 793 * Update parameters of an IPv6 interface address. 794 * If necessary, a new entry is created and linked into address chains. 795 * This function is separated from in6_control(). 796 * XXX: should this be performed under splnet()? 797 */ 798 int 799 in6_update_ifa(ifp, ifra, ia) 800 struct ifnet *ifp; 801 struct in6_aliasreq *ifra; 802 struct in6_ifaddr *ia; 803 { 804 int error = 0, hostIsNew = 0, plen = -1; 805 struct in6_ifaddr *oia; 806 struct sockaddr_in6 dst6; 807 struct in6_addrlifetime *lt; 808 struct in6_multi_mship *imm; 809 struct rtentry *rt; 810 811 /* Validate parameters */ 812 if (ifp == NULL || ifra == NULL) /* this maybe redundant */ 813 return (EINVAL); 814 815 /* 816 * The destination address for a p2p link must have a family 817 * of AF_UNSPEC or AF_INET6. 818 */ 819 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && 820 ifra->ifra_dstaddr.sin6_family != AF_INET6 && 821 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC) 822 return (EAFNOSUPPORT); 823 /* 824 * validate ifra_prefixmask. don't check sin6_family, netmask 825 * does not carry fields other than sin6_len. 826 */ 827 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6)) 828 return (EINVAL); 829 /* 830 * Because the IPv6 address architecture is classless, we require 831 * users to specify a (non 0) prefix length (mask) for a new address. 832 * We also require the prefix (when specified) mask is valid, and thus 833 * reject a non-consecutive mask. 834 */ 835 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0) 836 return (EINVAL); 837 if (ifra->ifra_prefixmask.sin6_len != 0) { 838 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 839 (u_char *)&ifra->ifra_prefixmask + 840 ifra->ifra_prefixmask.sin6_len); 841 if (plen <= 0) 842 return (EINVAL); 843 } else { 844 /* 845 * In this case, ia must not be NULL. We just use its prefix 846 * length. 847 */ 848 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 849 } 850 /* 851 * If the destination address on a p2p interface is specified, 852 * and the address is a scoped one, validate/set the scope 853 * zone identifier. 854 */ 855 dst6 = ifra->ifra_dstaddr; 856 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 && 857 (dst6.sin6_family == AF_INET6)) { 858 /* link-local index check: should be a separate function? */ 859 if (IN6_IS_ADDR_LINKLOCAL(&dst6.sin6_addr)) { 860 if (dst6.sin6_addr.s6_addr16[1] == 0) { 861 /* 862 * interface ID is not embedded by 863 * the user 864 */ 865 dst6.sin6_addr.s6_addr16[1] = 866 htons(ifp->if_index); 867 } else if (dst6.sin6_addr.s6_addr16[1] != 868 htons(ifp->if_index)) { 869 return (EINVAL); /* ifid contradicts */ 870 } 871 } 872 } 873 /* 874 * The destination address can be specified only for a p2p or a 875 * loopback interface. If specified, the corresponding prefix length 876 * must be 128. 877 */ 878 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) { 879 #ifdef FORCE_P2PPLEN 880 int i; 881 #endif 882 883 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) { 884 /* XXX: noisy message */ 885 nd6log((LOG_INFO, "in6_update_ifa: a destination can " 886 "be specified for a p2p or a loopback IF only\n")); 887 return (EINVAL); 888 } 889 if (plen != 128) { 890 nd6log((LOG_INFO, "in6_update_ifa: prefixlen should " 891 "be 128 when dstaddr is specified\n")); 892 #ifdef FORCE_P2PPLEN 893 /* 894 * To be compatible with old configurations, 895 * such as ifconfig gif0 inet6 2001::1 2001::2 896 * prefixlen 126, we override the specified 897 * prefixmask as if the prefix length was 128. 898 */ 899 ifra->ifra_prefixmask.sin6_len = 900 sizeof(struct sockaddr_in6); 901 for (i = 0; i < 4; i++) 902 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i] = 903 0xffffffff; 904 plen = 128; 905 #else 906 return (EINVAL); 907 #endif 908 } 909 } 910 /* lifetime consistency check */ 911 lt = &ifra->ifra_lifetime; 912 if (lt->ia6t_pltime > lt->ia6t_vltime) 913 return (EINVAL); 914 if (lt->ia6t_vltime == 0) { 915 /* 916 * the following log might be noisy, but this is a typical 917 * configuration mistake or a tool's bug. 918 */ 919 nd6log((LOG_INFO, 920 "in6_update_ifa: valid lifetime is 0 for %s\n", 921 ip6_sprintf(&ifra->ifra_addr.sin6_addr))); 922 923 if (ia == NULL) 924 return (0); /* there's nothing to do */ 925 } 926 927 /* 928 * If this is a new address, allocate a new ifaddr and link it 929 * into chains. 930 */ 931 if (ia == NULL) { 932 hostIsNew = 1; 933 /* 934 * When in6_update_ifa() is called in a process of a received 935 * RA, it is called under an interrupt context. So, we should 936 * call malloc with M_NOWAIT. 937 */ 938 ia = (struct in6_ifaddr *) malloc(sizeof(*ia), M_IFADDR, 939 M_NOWAIT); 940 if (ia == NULL) 941 return (ENOBUFS); 942 bzero((caddr_t)ia, sizeof(*ia)); 943 LIST_INIT(&ia->ia6_memberships); 944 /* Initialize the address and masks, and put time stamp */ 945 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr; 946 ia->ia_addr.sin6_family = AF_INET6; 947 ia->ia_addr.sin6_len = sizeof(ia->ia_addr); 948 ia->ia6_createtime = ia->ia6_updatetime = time.tv_sec; 949 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) { 950 /* 951 * XXX: some functions expect that ifa_dstaddr is not 952 * NULL for p2p interfaces. 953 */ 954 ia->ia_ifa.ifa_dstaddr = 955 (struct sockaddr *)&ia->ia_dstaddr; 956 } else { 957 ia->ia_ifa.ifa_dstaddr = NULL; 958 } 959 ia->ia_ifa.ifa_netmask = 960 (struct sockaddr *)&ia->ia_prefixmask; 961 962 ia->ia_ifp = ifp; 963 if ((oia = in6_ifaddr) != NULL) { 964 for ( ; oia->ia_next; oia = oia->ia_next) 965 continue; 966 oia->ia_next = ia; 967 } else 968 in6_ifaddr = ia; 969 /* gain a refcnt for the link from in6_ifaddr */ 970 IFAREF(&ia->ia_ifa); 971 972 TAILQ_INSERT_TAIL(&ifp->if_addrlist, &ia->ia_ifa, 973 ifa_list); 974 /* gain another refcnt for the link from if_addrlist */ 975 IFAREF(&ia->ia_ifa); 976 } 977 978 /* set prefix mask */ 979 if (ifra->ifra_prefixmask.sin6_len) { 980 /* 981 * We prohibit changing the prefix length of an existing 982 * address, because 983 * + such an operation should be rare in IPv6, and 984 * + the operation would confuse prefix management. 985 */ 986 if (ia->ia_prefixmask.sin6_len && 987 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) { 988 nd6log((LOG_INFO, "in6_update_ifa: the prefix length of an" 989 " existing (%s) address should not be changed\n", 990 ip6_sprintf(&ia->ia_addr.sin6_addr))); 991 error = EINVAL; 992 goto unlink; 993 } 994 ia->ia_prefixmask = ifra->ifra_prefixmask; 995 } 996 997 /* 998 * If a new destination address is specified, scrub the old one and 999 * install the new destination. Note that the interface must be 1000 * p2p or loopback (see the check above.) 1001 */ 1002 if (dst6.sin6_family == AF_INET6 && 1003 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, &ia->ia_dstaddr.sin6_addr)) { 1004 if ((ia->ia_flags & IFA_ROUTE) != 0 && 1005 rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST) != 0) { 1006 nd6log((LOG_ERR, "in6_update_ifa: failed to remove " 1007 "a route to the old destination: %s\n", 1008 ip6_sprintf(&ia->ia_addr.sin6_addr))); 1009 /* proceed anyway... */ 1010 } else 1011 ia->ia_flags &= ~IFA_ROUTE; 1012 ia->ia_dstaddr = dst6; 1013 } 1014 1015 /* 1016 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred 1017 * to see if the address is deprecated or invalidated, but initialize 1018 * these members for applications. 1019 */ 1020 ia->ia6_lifetime = ifra->ifra_lifetime; 1021 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 1022 ia->ia6_lifetime.ia6t_expire = 1023 time.tv_sec + ia->ia6_lifetime.ia6t_vltime; 1024 } else 1025 ia->ia6_lifetime.ia6t_expire = 0; 1026 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 1027 ia->ia6_lifetime.ia6t_preferred = 1028 time.tv_sec + ia->ia6_lifetime.ia6t_pltime; 1029 } else 1030 ia->ia6_lifetime.ia6t_preferred = 0; 1031 1032 /* reset the interface and routing table appropriately. */ 1033 if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0) 1034 goto unlink; 1035 1036 /* 1037 * configure address flags. 1038 */ 1039 ia->ia6_flags = ifra->ifra_flags; 1040 /* 1041 * backward compatibility - if IN6_IFF_DEPRECATED is set from the 1042 * userland, make it deprecated. 1043 */ 1044 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) { 1045 ia->ia6_lifetime.ia6t_pltime = 0; 1046 ia->ia6_lifetime.ia6t_preferred = time.tv_sec; 1047 } 1048 /* 1049 * Make the address tentative before joining multicast addresses, 1050 * so that corresponding MLD responses would not have a tentative 1051 * source address. 1052 */ 1053 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */ 1054 if (hostIsNew && in6if_do_dad(ifp)) 1055 ia->ia6_flags |= IN6_IFF_TENTATIVE; 1056 1057 /* 1058 * Beyond this point, we should call in6_purgeaddr upon an error, 1059 * not just go to unlink. 1060 */ 1061 1062 if ((ifp->if_flags & IFF_MULTICAST) != 0) { 1063 struct sockaddr_in6 mltaddr, mltmask; 1064 #ifndef SCOPEDROUTING 1065 u_int32_t zoneid = 0; 1066 #endif 1067 1068 if (hostIsNew) { 1069 /* join solicited multicast addr for new host id */ 1070 struct sockaddr_in6 llsol; 1071 1072 bzero(&llsol, sizeof(llsol)); 1073 llsol.sin6_family = AF_INET6; 1074 llsol.sin6_len = sizeof(llsol); 1075 llsol.sin6_addr.s6_addr16[0] = htons(0xff02); 1076 llsol.sin6_addr.s6_addr16[1] = htons(ifp->if_index); 1077 llsol.sin6_addr.s6_addr32[1] = 0; 1078 llsol.sin6_addr.s6_addr32[2] = htonl(1); 1079 llsol.sin6_addr.s6_addr32[3] = 1080 ifra->ifra_addr.sin6_addr.s6_addr32[3]; 1081 llsol.sin6_addr.s6_addr8[12] = 0xff; 1082 imm = in6_joingroup(ifp, &llsol.sin6_addr, &error); 1083 if (imm) { 1084 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, 1085 i6mm_chain); 1086 } else { 1087 nd6log((LOG_ERR, "in6_update_ifa: addmulti " 1088 "failed for %s on %s (errno=%d)\n", 1089 ip6_sprintf(&llsol.sin6_addr), 1090 if_name(ifp), error)); 1091 goto cleanup; 1092 } 1093 } 1094 1095 bzero(&mltmask, sizeof(mltmask)); 1096 mltmask.sin6_len = sizeof(struct sockaddr_in6); 1097 mltmask.sin6_family = AF_INET6; 1098 mltmask.sin6_addr = in6mask32; 1099 1100 /* 1101 * join link-local all-nodes address 1102 */ 1103 bzero(&mltaddr, sizeof(mltaddr)); 1104 mltaddr.sin6_len = sizeof(struct sockaddr_in6); 1105 mltaddr.sin6_family = AF_INET6; 1106 mltaddr.sin6_addr = in6addr_linklocal_allnodes; 1107 mltaddr.sin6_addr.s6_addr16[1] = htons(ifp->if_index); 1108 1109 /* 1110 * XXX: do we really need this automatic routes? 1111 * We should probably reconsider this stuff. Most applications 1112 * actually do not need the routes, since they usually specify 1113 * the outgoing interface. 1114 */ 1115 rt = rtalloc1((struct sockaddr *)&mltaddr, 0); 1116 if (rt) { 1117 /* 1118 * 32bit came from "mltmask" 1119 * XXX: only works in !SCOPEDROUTING case. 1120 */ 1121 if (memcmp(&mltaddr.sin6_addr, 1122 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 1123 32 / 8)) { 1124 RTFREE(rt); 1125 rt = NULL; 1126 } 1127 } 1128 if (!rt) { 1129 struct rt_addrinfo info; 1130 1131 bzero(&info, sizeof(info)); 1132 info.rti_info[RTAX_DST] = (struct sockaddr *)&mltaddr; 1133 info.rti_info[RTAX_GATEWAY] = 1134 (struct sockaddr *)&ia->ia_addr; 1135 info.rti_info[RTAX_NETMASK] = 1136 (struct sockaddr *)&mltmask; 1137 info.rti_info[RTAX_IFA] = 1138 (struct sockaddr *)&ia->ia_addr; 1139 /* XXX: we need RTF_CLONING to fake nd6_rtrequest */ 1140 info.rti_flags = RTF_UP | RTF_CLONING; 1141 error = rtrequest1(RTM_ADD, &info, NULL); 1142 if (error) 1143 goto cleanup; 1144 } else { 1145 RTFREE(rt); 1146 } 1147 #ifndef SCOPEDROUTING 1148 mltaddr.sin6_scope_id = zoneid; /* XXX */ 1149 #endif 1150 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error); 1151 if (imm) { 1152 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, 1153 i6mm_chain); 1154 } else { 1155 nd6log((LOG_WARNING, 1156 "in6_update_ifa: addmulti failed for " 1157 "%s on %s (errno=%d)\n", 1158 ip6_sprintf(&mltaddr.sin6_addr), 1159 if_name(ifp), error)); 1160 goto cleanup; 1161 } 1162 1163 /* 1164 * join node information group address 1165 */ 1166 if (in6_nigroup(ifp, hostname, hostnamelen, &mltaddr) == 0) { 1167 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error); 1168 if (imm) { 1169 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, 1170 i6mm_chain); 1171 } else { 1172 nd6log((LOG_WARNING, "in6_update_ifa: " 1173 "addmulti failed for %s on %s (errno=%d)\n", 1174 ip6_sprintf(&mltaddr.sin6_addr), 1175 if_name(ifp), error)); 1176 /* XXX not very fatal, go on... */ 1177 } 1178 } 1179 1180 if (ifp->if_flags & IFF_LOOPBACK) { 1181 /* 1182 * join node-local all-nodes address, on loopback. 1183 * (ff01::1%ifN, and ff01::%ifN/32) 1184 */ 1185 mltaddr.sin6_addr = in6addr_nodelocal_allnodes; 1186 1187 /* XXX: again, do we really need the route? */ 1188 rt = rtalloc1((struct sockaddr *)&mltaddr, 0); 1189 if (rt) { 1190 /* 32bit came from "mltmask" */ 1191 if (memcmp(&mltaddr.sin6_addr, 1192 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 1193 32 / 8)) { 1194 RTFREE(rt); 1195 rt = NULL; 1196 } 1197 } 1198 if (!rt) { 1199 struct rt_addrinfo info; 1200 1201 bzero(&info, sizeof(info)); 1202 info.rti_info[RTAX_DST] = (struct sockaddr *)&mltaddr; 1203 info.rti_info[RTAX_GATEWAY] = 1204 (struct sockaddr *)&ia->ia_addr; 1205 info.rti_info[RTAX_NETMASK] = 1206 (struct sockaddr *)&mltmask; 1207 info.rti_info[RTAX_IFA] = 1208 (struct sockaddr *)&ia->ia_addr; 1209 info.rti_flags = RTF_UP | RTF_CLONING; 1210 error = rtrequest1(RTM_ADD, &info, NULL); 1211 if (error) 1212 goto cleanup; 1213 } else { 1214 RTFREE(rt); 1215 } 1216 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error); 1217 if (imm) { 1218 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, 1219 i6mm_chain); 1220 } else { 1221 nd6log((LOG_WARNING, "in6_update_ifa: " 1222 "addmulti failed for %s on %s " 1223 "(errno=%d)\n", 1224 ip6_sprintf(&mltaddr.sin6_addr), 1225 if_name(ifp), error)); 1226 goto cleanup; 1227 } 1228 } 1229 } 1230 1231 /* 1232 * Perform DAD, if needed. 1233 * XXX It may be of use, if we can administratively 1234 * disable DAD. 1235 */ 1236 if (hostIsNew && in6if_do_dad(ifp) && 1237 (ifra->ifra_flags & IN6_IFF_NODAD) == 0) 1238 { 1239 nd6_dad_start((struct ifaddr *)ia, NULL); 1240 } 1241 1242 return (error); 1243 1244 unlink: 1245 /* 1246 * XXX: if a change of an existing address failed, keep the entry 1247 * anyway. 1248 */ 1249 if (hostIsNew) 1250 in6_unlink_ifa(ia, ifp); 1251 return (error); 1252 1253 cleanup: 1254 in6_purgeaddr(&ia->ia_ifa); 1255 return error; 1256 } 1257 1258 void 1259 in6_purgeaddr(ifa) 1260 struct ifaddr *ifa; 1261 { 1262 struct ifnet *ifp = ifa->ifa_ifp; 1263 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa; 1264 struct in6_multi_mship *imm; 1265 1266 /* stop DAD processing */ 1267 nd6_dad_stop(ifa); 1268 1269 /* 1270 * delete route to the destination of the address being purged. 1271 * The interface must be p2p or loopback in this case. 1272 */ 1273 if ((ia->ia_flags & IFA_ROUTE) != 0 && ia->ia_dstaddr.sin6_len != 0) { 1274 int e; 1275 1276 if ((e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) 1277 != 0) { 1278 log(LOG_ERR, "in6_purgeaddr: failed to remove " 1279 "a route to the p2p destination: %s on %s, " 1280 "errno=%d\n", 1281 ip6_sprintf(&ia->ia_addr.sin6_addr), if_name(ifp), 1282 e); 1283 /* proceed anyway... */ 1284 } else 1285 ia->ia_flags &= ~IFA_ROUTE; 1286 } 1287 1288 /* Remove ownaddr's loopback rtentry, if it exists. */ 1289 in6_ifremloop(&(ia->ia_ifa)); 1290 1291 /* 1292 * leave from multicast groups we have joined for the interface 1293 */ 1294 while ((imm = ia->ia6_memberships.lh_first) != NULL) { 1295 LIST_REMOVE(imm, i6mm_chain); 1296 in6_leavegroup(imm); 1297 } 1298 1299 in6_unlink_ifa(ia, ifp); 1300 } 1301 1302 static void 1303 in6_unlink_ifa(ia, ifp) 1304 struct in6_ifaddr *ia; 1305 struct ifnet *ifp; 1306 { 1307 struct in6_ifaddr *oia; 1308 int s = splnet(); 1309 1310 TAILQ_REMOVE(&ifp->if_addrlist, &ia->ia_ifa, ifa_list); 1311 /* release a refcnt for the link from if_addrlist */ 1312 IFAFREE(&ia->ia_ifa); 1313 1314 oia = ia; 1315 if (oia == (ia = in6_ifaddr)) 1316 in6_ifaddr = ia->ia_next; 1317 else { 1318 while (ia->ia_next && (ia->ia_next != oia)) 1319 ia = ia->ia_next; 1320 if (ia->ia_next) 1321 ia->ia_next = oia->ia_next; 1322 else { 1323 /* search failed */ 1324 printf("Couldn't unlink in6_ifaddr from in6_ifaddr\n"); 1325 } 1326 } 1327 1328 if (oia->ia6_multiaddrs.lh_first != NULL) { 1329 /* 1330 * XXX thorpej@NetBSD.org -- if the interface is going 1331 * XXX away, don't save the multicast entries, delete them! 1332 */ 1333 if (oia->ia_ifa.ifa_ifp->if_output == if_nulloutput) { 1334 struct in6_multi *in6m; 1335 1336 while ((in6m = 1337 LIST_FIRST(&oia->ia6_multiaddrs)) != NULL) 1338 in6_delmulti(in6m); 1339 } else 1340 in6_savemkludge(oia); 1341 } 1342 1343 /* 1344 * When an autoconfigured address is being removed, release the 1345 * reference to the base prefix. Also, since the release might 1346 * affect the status of other (detached) addresses, call 1347 * pfxlist_onlink_check(). 1348 */ 1349 if ((oia->ia6_flags & IN6_IFF_AUTOCONF) != 0) { 1350 if (oia->ia6_ndpr == NULL) { 1351 log(LOG_NOTICE, "in6_unlink_ifa: autoconf'ed address " 1352 "%p has no prefix\n", oia); 1353 } else { 1354 oia->ia6_ndpr->ndpr_refcnt--; 1355 oia->ia6_flags &= ~IN6_IFF_AUTOCONF; 1356 oia->ia6_ndpr = NULL; 1357 } 1358 1359 pfxlist_onlink_check(); 1360 } 1361 1362 /* 1363 * release another refcnt for the link from in6_ifaddr. 1364 * Note that we should decrement the refcnt at least once for all *BSD. 1365 */ 1366 IFAFREE(&oia->ia_ifa); 1367 1368 splx(s); 1369 } 1370 1371 void 1372 in6_purgeif(ifp) 1373 struct ifnet *ifp; 1374 { 1375 struct ifaddr *ifa, *nifa; 1376 1377 for (ifa = TAILQ_FIRST(&ifp->if_addrlist); ifa != NULL; ifa = nifa) 1378 { 1379 nifa = TAILQ_NEXT(ifa, ifa_list); 1380 if (ifa->ifa_addr->sa_family != AF_INET6) 1381 continue; 1382 in6_purgeaddr(ifa); 1383 } 1384 1385 in6_ifdetach(ifp); 1386 } 1387 1388 /* 1389 * SIOC[GAD]LIFADDR. 1390 * SIOCGLIFADDR: get first address. (?) 1391 * SIOCGLIFADDR with IFLR_PREFIX: 1392 * get first address that matches the specified prefix. 1393 * SIOCALIFADDR: add the specified address. 1394 * SIOCALIFADDR with IFLR_PREFIX: 1395 * add the specified prefix, filling hostid part from 1396 * the first link-local address. prefixlen must be <= 64. 1397 * SIOCDLIFADDR: delete the specified address. 1398 * SIOCDLIFADDR with IFLR_PREFIX: 1399 * delete the first address that matches the specified prefix. 1400 * return values: 1401 * EINVAL on invalid parameters 1402 * EADDRNOTAVAIL on prefix match failed/specified address not found 1403 * other values may be returned from in6_ioctl() 1404 * 1405 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64. 1406 * this is to accomodate address naming scheme other than RFC2374, 1407 * in the future. 1408 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374 1409 * address encoding scheme. (see figure on page 8) 1410 */ 1411 static int 1412 in6_lifaddr_ioctl(so, cmd, data, ifp, p) 1413 struct socket *so; 1414 u_long cmd; 1415 caddr_t data; 1416 struct ifnet *ifp; 1417 struct proc *p; 1418 { 1419 struct if_laddrreq *iflr = (struct if_laddrreq *)data; 1420 struct ifaddr *ifa; 1421 struct sockaddr *sa; 1422 1423 /* sanity checks */ 1424 if (!data || !ifp) { 1425 panic("invalid argument to in6_lifaddr_ioctl"); 1426 /* NOTREACHED */ 1427 } 1428 1429 switch (cmd) { 1430 case SIOCGLIFADDR: 1431 /* address must be specified on GET with IFLR_PREFIX */ 1432 if ((iflr->flags & IFLR_PREFIX) == 0) 1433 break; 1434 /* FALLTHROUGH */ 1435 case SIOCALIFADDR: 1436 case SIOCDLIFADDR: 1437 /* address must be specified on ADD and DELETE */ 1438 sa = (struct sockaddr *)&iflr->addr; 1439 if (sa->sa_family != AF_INET6) 1440 return EINVAL; 1441 if (sa->sa_len != sizeof(struct sockaddr_in6)) 1442 return EINVAL; 1443 /* XXX need improvement */ 1444 sa = (struct sockaddr *)&iflr->dstaddr; 1445 if (sa->sa_family && sa->sa_family != AF_INET6) 1446 return EINVAL; 1447 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6)) 1448 return EINVAL; 1449 break; 1450 default: /* shouldn't happen */ 1451 #if 0 1452 panic("invalid cmd to in6_lifaddr_ioctl"); 1453 /* NOTREACHED */ 1454 #else 1455 return EOPNOTSUPP; 1456 #endif 1457 } 1458 if (sizeof(struct in6_addr) * 8 < iflr->prefixlen) 1459 return EINVAL; 1460 1461 switch (cmd) { 1462 case SIOCALIFADDR: 1463 { 1464 struct in6_aliasreq ifra; 1465 struct in6_addr *hostid = NULL; 1466 int prefixlen; 1467 1468 if ((iflr->flags & IFLR_PREFIX) != 0) { 1469 struct sockaddr_in6 *sin6; 1470 1471 /* 1472 * hostid is to fill in the hostid part of the 1473 * address. hostid points to the first link-local 1474 * address attached to the interface. 1475 */ 1476 ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 0); 1477 if (!ifa) 1478 return EADDRNOTAVAIL; 1479 hostid = IFA_IN6(ifa); 1480 1481 /* prefixlen must be <= 64. */ 1482 if (64 < iflr->prefixlen) 1483 return EINVAL; 1484 prefixlen = iflr->prefixlen; 1485 1486 /* hostid part must be zero. */ 1487 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1488 if (sin6->sin6_addr.s6_addr32[2] != 0 1489 || sin6->sin6_addr.s6_addr32[3] != 0) { 1490 return EINVAL; 1491 } 1492 } else 1493 prefixlen = iflr->prefixlen; 1494 1495 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */ 1496 bzero(&ifra, sizeof(ifra)); 1497 bcopy(iflr->iflr_name, ifra.ifra_name, sizeof(ifra.ifra_name)); 1498 1499 bcopy(&iflr->addr, &ifra.ifra_addr, 1500 ((struct sockaddr *)&iflr->addr)->sa_len); 1501 if (hostid) { 1502 /* fill in hostid part */ 1503 ifra.ifra_addr.sin6_addr.s6_addr32[2] = 1504 hostid->s6_addr32[2]; 1505 ifra.ifra_addr.sin6_addr.s6_addr32[3] = 1506 hostid->s6_addr32[3]; 1507 } 1508 1509 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /* XXX */ 1510 bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr, 1511 ((struct sockaddr *)&iflr->dstaddr)->sa_len); 1512 if (hostid) { 1513 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] = 1514 hostid->s6_addr32[2]; 1515 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] = 1516 hostid->s6_addr32[3]; 1517 } 1518 } 1519 1520 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6); 1521 in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen); 1522 1523 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX; 1524 return in6_control(so, SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp, p); 1525 } 1526 case SIOCGLIFADDR: 1527 case SIOCDLIFADDR: 1528 { 1529 struct in6_ifaddr *ia; 1530 struct in6_addr mask, candidate, match; 1531 struct sockaddr_in6 *sin6; 1532 int cmp; 1533 1534 bzero(&mask, sizeof(mask)); 1535 if (iflr->flags & IFLR_PREFIX) { 1536 /* lookup a prefix rather than address. */ 1537 in6_prefixlen2mask(&mask, iflr->prefixlen); 1538 1539 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1540 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1541 match.s6_addr32[0] &= mask.s6_addr32[0]; 1542 match.s6_addr32[1] &= mask.s6_addr32[1]; 1543 match.s6_addr32[2] &= mask.s6_addr32[2]; 1544 match.s6_addr32[3] &= mask.s6_addr32[3]; 1545 1546 /* if you set extra bits, that's wrong */ 1547 if (bcmp(&match, &sin6->sin6_addr, sizeof(match))) 1548 return EINVAL; 1549 1550 cmp = 1; 1551 } else { 1552 if (cmd == SIOCGLIFADDR) { 1553 /* on getting an address, take the 1st match */ 1554 cmp = 0; /* XXX */ 1555 } else { 1556 /* on deleting an address, do exact match */ 1557 in6_prefixlen2mask(&mask, 128); 1558 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1559 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1560 1561 cmp = 1; 1562 } 1563 } 1564 1565 for (ifa = ifp->if_addrlist.tqh_first; 1566 ifa; 1567 ifa = ifa->ifa_list.tqe_next) 1568 { 1569 if (ifa->ifa_addr->sa_family != AF_INET6) 1570 continue; 1571 if (!cmp) 1572 break; 1573 1574 bcopy(IFA_IN6(ifa), &candidate, sizeof(candidate)); 1575 candidate.s6_addr32[0] &= mask.s6_addr32[0]; 1576 candidate.s6_addr32[1] &= mask.s6_addr32[1]; 1577 candidate.s6_addr32[2] &= mask.s6_addr32[2]; 1578 candidate.s6_addr32[3] &= mask.s6_addr32[3]; 1579 if (IN6_ARE_ADDR_EQUAL(&candidate, &match)) 1580 break; 1581 } 1582 if (!ifa) 1583 return EADDRNOTAVAIL; 1584 ia = ifa2ia6(ifa); 1585 1586 if (cmd == SIOCGLIFADDR) { 1587 /* fill in the if_laddrreq structure */ 1588 bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin6_len); 1589 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1590 bcopy(&ia->ia_dstaddr, &iflr->dstaddr, 1591 ia->ia_dstaddr.sin6_len); 1592 } else 1593 bzero(&iflr->dstaddr, sizeof(iflr->dstaddr)); 1594 1595 iflr->prefixlen = 1596 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 1597 1598 iflr->flags = ia->ia6_flags; /* XXX */ 1599 1600 return 0; 1601 } else { 1602 struct in6_aliasreq ifra; 1603 1604 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */ 1605 bzero(&ifra, sizeof(ifra)); 1606 bcopy(iflr->iflr_name, ifra.ifra_name, 1607 sizeof(ifra.ifra_name)); 1608 1609 bcopy(&ia->ia_addr, &ifra.ifra_addr, 1610 ia->ia_addr.sin6_len); 1611 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1612 bcopy(&ia->ia_dstaddr, &ifra.ifra_dstaddr, 1613 ia->ia_dstaddr.sin6_len); 1614 } else { 1615 bzero(&ifra.ifra_dstaddr, 1616 sizeof(ifra.ifra_dstaddr)); 1617 } 1618 bcopy(&ia->ia_prefixmask, &ifra.ifra_dstaddr, 1619 ia->ia_prefixmask.sin6_len); 1620 1621 ifra.ifra_flags = ia->ia6_flags; 1622 return in6_control(so, SIOCDIFADDR_IN6, (caddr_t)&ifra, 1623 ifp, p); 1624 } 1625 } 1626 } 1627 1628 return EOPNOTSUPP; /* just for safety */ 1629 } 1630 1631 /* 1632 * Initialize an interface's intetnet6 address 1633 * and routing table entry. 1634 */ 1635 static int 1636 in6_ifinit(ifp, ia, sin6, newhost) 1637 struct ifnet *ifp; 1638 struct in6_ifaddr *ia; 1639 struct sockaddr_in6 *sin6; 1640 int newhost; 1641 { 1642 int error = 0, plen, ifacount = 0; 1643 int s = splnet(); 1644 struct ifaddr *ifa; 1645 1646 /* 1647 * Give the interface a chance to initialize 1648 * if this is its first address, 1649 * and to validate the address if necessary. 1650 */ 1651 for (ifa = ifp->if_addrlist.tqh_first; ifa; 1652 ifa = ifa->ifa_list.tqe_next) 1653 { 1654 if (ifa->ifa_addr == NULL) 1655 continue; /* just for safety */ 1656 if (ifa->ifa_addr->sa_family != AF_INET6) 1657 continue; 1658 ifacount++; 1659 } 1660 1661 ia->ia_addr = *sin6; 1662 1663 if (ifacount <= 1 && ifp->if_ioctl && 1664 (error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia))) { 1665 splx(s); 1666 return (error); 1667 } 1668 splx(s); 1669 1670 ia->ia_ifa.ifa_metric = ifp->if_metric; 1671 1672 /* we could do in(6)_socktrim here, but just omit it at this moment. */ 1673 1674 /* 1675 * Special case: 1676 * If the destination address is specified for a point-to-point 1677 * interface, install a route to the destination as an interface 1678 * direct route. 1679 */ 1680 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ 1681 if (plen == 128 && ia->ia_dstaddr.sin6_family == AF_INET6) { 1682 if ((error = rtinit(&(ia->ia_ifa), (int)RTM_ADD, 1683 RTF_UP | RTF_HOST)) != 0) 1684 return (error); 1685 ia->ia_flags |= IFA_ROUTE; 1686 } 1687 1688 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */ 1689 if (newhost) { 1690 /* set the rtrequest function to create llinfo */ 1691 ia->ia_ifa.ifa_rtrequest = nd6_rtrequest; 1692 in6_ifaddloop(&(ia->ia_ifa)); 1693 } 1694 1695 if (ifp->if_flags & IFF_MULTICAST) 1696 in6_restoremkludge(ia, ifp); 1697 1698 return (error); 1699 } 1700 1701 /* 1702 * Multicast address kludge: 1703 * If there were any multicast addresses attached to this interface address, 1704 * either move them to another address on this interface, or save them until 1705 * such time as this interface is reconfigured for IPv6. 1706 */ 1707 void 1708 in6_savemkludge(oia) 1709 struct in6_ifaddr *oia; 1710 { 1711 struct in6_ifaddr *ia; 1712 struct in6_multi *in6m, *next; 1713 1714 IFP_TO_IA6(oia->ia_ifp, ia); 1715 if (ia) { /* there is another address */ 1716 for (in6m = oia->ia6_multiaddrs.lh_first; in6m; in6m = next){ 1717 next = in6m->in6m_entry.le_next; 1718 IFAFREE(&in6m->in6m_ia->ia_ifa); 1719 IFAREF(&ia->ia_ifa); 1720 in6m->in6m_ia = ia; 1721 LIST_INSERT_HEAD(&ia->ia6_multiaddrs, in6m, in6m_entry); 1722 } 1723 } else { /* last address on this if deleted, save */ 1724 struct multi6_kludge *mk; 1725 1726 for (mk = in6_mk.lh_first; mk; mk = mk->mk_entry.le_next) { 1727 if (mk->mk_ifp == oia->ia_ifp) 1728 break; 1729 } 1730 if (mk == NULL) /* this should not happen! */ 1731 panic("in6_savemkludge: no kludge space"); 1732 1733 for (in6m = oia->ia6_multiaddrs.lh_first; in6m; in6m = next){ 1734 next = in6m->in6m_entry.le_next; 1735 IFAFREE(&in6m->in6m_ia->ia_ifa); /* release reference */ 1736 in6m->in6m_ia = NULL; 1737 LIST_INSERT_HEAD(&mk->mk_head, in6m, in6m_entry); 1738 } 1739 } 1740 } 1741 1742 /* 1743 * Continuation of multicast address hack: 1744 * If there was a multicast group list previously saved for this interface, 1745 * then we re-attach it to the first address configured on the i/f. 1746 */ 1747 void 1748 in6_restoremkludge(ia, ifp) 1749 struct in6_ifaddr *ia; 1750 struct ifnet *ifp; 1751 { 1752 struct multi6_kludge *mk; 1753 1754 for (mk = in6_mk.lh_first; mk; mk = mk->mk_entry.le_next) { 1755 if (mk->mk_ifp == ifp) { 1756 struct in6_multi *in6m, *next; 1757 1758 for (in6m = mk->mk_head.lh_first; in6m; in6m = next) { 1759 next = in6m->in6m_entry.le_next; 1760 in6m->in6m_ia = ia; 1761 IFAREF(&ia->ia_ifa); 1762 LIST_INSERT_HEAD(&ia->ia6_multiaddrs, 1763 in6m, in6m_entry); 1764 } 1765 LIST_INIT(&mk->mk_head); 1766 break; 1767 } 1768 } 1769 } 1770 1771 /* 1772 * Allocate space for the kludge at interface initialization time. 1773 * Formerly, we dynamically allocated the space in in6_savemkludge() with 1774 * malloc(M_WAITOK). However, it was wrong since the function could be called 1775 * under an interrupt context (software timer on address lifetime expiration). 1776 * Also, we cannot just give up allocating the strucutre, since the group 1777 * membership structure is very complex and we need to keep it anyway. 1778 * Of course, this function MUST NOT be called under an interrupt context. 1779 * Specifically, it is expected to be called only from in6_ifattach(), though 1780 * it is a global function. 1781 */ 1782 void 1783 in6_createmkludge(ifp) 1784 struct ifnet *ifp; 1785 { 1786 struct multi6_kludge *mk; 1787 1788 for (mk = in6_mk.lh_first; mk; mk = mk->mk_entry.le_next) { 1789 /* If we've already had one, do not allocate. */ 1790 if (mk->mk_ifp == ifp) 1791 return; 1792 } 1793 1794 mk = malloc(sizeof(*mk), M_IPMADDR, M_WAITOK); 1795 1796 bzero(mk, sizeof(*mk)); 1797 LIST_INIT(&mk->mk_head); 1798 mk->mk_ifp = ifp; 1799 LIST_INSERT_HEAD(&in6_mk, mk, mk_entry); 1800 } 1801 1802 void 1803 in6_purgemkludge(ifp) 1804 struct ifnet *ifp; 1805 { 1806 struct multi6_kludge *mk; 1807 struct in6_multi *in6m; 1808 1809 for (mk = in6_mk.lh_first; mk; mk = mk->mk_entry.le_next) { 1810 if (mk->mk_ifp != ifp) 1811 continue; 1812 1813 /* leave from all multicast groups joined */ 1814 while ((in6m = LIST_FIRST(&mk->mk_head)) != NULL) 1815 in6_delmulti(in6m); 1816 LIST_REMOVE(mk, mk_entry); 1817 free(mk, M_IPMADDR); 1818 break; 1819 } 1820 } 1821 1822 /* 1823 * Add an address to the list of IP6 multicast addresses for a 1824 * given interface. 1825 */ 1826 struct in6_multi * 1827 in6_addmulti(maddr6, ifp, errorp) 1828 struct in6_addr *maddr6; 1829 struct ifnet *ifp; 1830 int *errorp; 1831 { 1832 struct in6_ifaddr *ia; 1833 struct in6_ifreq ifr; 1834 struct in6_multi *in6m; 1835 int s = splsoftnet(); 1836 1837 *errorp = 0; 1838 /* 1839 * See if address already in list. 1840 */ 1841 IN6_LOOKUP_MULTI(*maddr6, ifp, in6m); 1842 if (in6m != NULL) { 1843 /* 1844 * Found it; just increment the refrence count. 1845 */ 1846 in6m->in6m_refcount++; 1847 } else { 1848 /* 1849 * New address; allocate a new multicast record 1850 * and link it into the interface's multicast list. 1851 */ 1852 in6m = (struct in6_multi *) 1853 malloc(sizeof(*in6m), M_IPMADDR, M_NOWAIT); 1854 if (in6m == NULL) { 1855 splx(s); 1856 *errorp = ENOBUFS; 1857 return (NULL); 1858 } 1859 in6m->in6m_addr = *maddr6; 1860 in6m->in6m_ifp = ifp; 1861 in6m->in6m_refcount = 1; 1862 IFP_TO_IA6(ifp, ia); 1863 if (ia == NULL) { 1864 free(in6m, M_IPMADDR); 1865 splx(s); 1866 *errorp = EADDRNOTAVAIL; /* appropriate? */ 1867 return (NULL); 1868 } 1869 in6m->in6m_ia = ia; 1870 IFAREF(&ia->ia_ifa); /* gain a reference */ 1871 LIST_INSERT_HEAD(&ia->ia6_multiaddrs, in6m, in6m_entry); 1872 1873 /* 1874 * Ask the network driver to update its multicast reception 1875 * filter appropriately for the new address. 1876 */ 1877 bzero(&ifr.ifr_addr, sizeof(struct sockaddr_in6)); 1878 ifr.ifr_addr.sin6_len = sizeof(struct sockaddr_in6); 1879 ifr.ifr_addr.sin6_family = AF_INET6; 1880 ifr.ifr_addr.sin6_addr = *maddr6; 1881 if (ifp->if_ioctl == NULL) 1882 *errorp = ENXIO; /* XXX: appropriate? */ 1883 else 1884 *errorp = (*ifp->if_ioctl)(ifp, SIOCADDMULTI, 1885 (caddr_t)&ifr); 1886 if (*errorp) { 1887 LIST_REMOVE(in6m, in6m_entry); 1888 free(in6m, M_IPMADDR); 1889 IFAFREE(&ia->ia_ifa); 1890 splx(s); 1891 return (NULL); 1892 } 1893 /* 1894 * Let MLD6 know that we have joined a new IP6 multicast 1895 * group. 1896 */ 1897 mld6_start_listening(in6m); 1898 } 1899 splx(s); 1900 return (in6m); 1901 } 1902 1903 /* 1904 * Delete a multicast address record. 1905 */ 1906 void 1907 in6_delmulti(in6m) 1908 struct in6_multi *in6m; 1909 { 1910 struct in6_ifreq ifr; 1911 struct in6_ifaddr *ia; 1912 int s = splsoftnet(); 1913 1914 if (--in6m->in6m_refcount == 0) { 1915 /* 1916 * No remaining claims to this record; let MLD6 know 1917 * that we are leaving the multicast group. 1918 */ 1919 mld6_stop_listening(in6m); 1920 1921 /* 1922 * Unlink from list. 1923 */ 1924 LIST_REMOVE(in6m, in6m_entry); 1925 if (in6m->in6m_ia) { 1926 IFAFREE(&in6m->in6m_ia->ia_ifa); /* release reference */ 1927 } 1928 /* 1929 * Delete all references of this multicasting group from 1930 * the membership arrays 1931 */ 1932 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 1933 struct in6_multi_mship *imm; 1934 LIST_FOREACH(imm, &ia->ia6_memberships, 1935 i6mm_chain) { 1936 if (imm->i6mm_maddr == in6m) 1937 imm->i6mm_maddr = NULL; 1938 } 1939 } 1940 1941 /* 1942 * Notify the network driver to update its multicast 1943 * reception filter. 1944 */ 1945 bzero(&ifr.ifr_addr, sizeof(struct sockaddr_in6)); 1946 ifr.ifr_addr.sin6_len = sizeof(struct sockaddr_in6); 1947 ifr.ifr_addr.sin6_family = AF_INET6; 1948 ifr.ifr_addr.sin6_addr = in6m->in6m_addr; 1949 (*in6m->in6m_ifp->if_ioctl)(in6m->in6m_ifp, 1950 SIOCDELMULTI, (caddr_t)&ifr); 1951 free(in6m, M_IPMADDR); 1952 } 1953 splx(s); 1954 } 1955 1956 struct in6_multi_mship * 1957 in6_joingroup(ifp, addr, errorp) 1958 struct ifnet *ifp; 1959 struct in6_addr *addr; 1960 int *errorp; 1961 { 1962 struct in6_multi_mship *imm; 1963 1964 imm = malloc(sizeof(*imm), M_IPMADDR, M_NOWAIT); 1965 if (!imm) { 1966 *errorp = ENOBUFS; 1967 return NULL; 1968 } 1969 imm->i6mm_maddr = in6_addmulti(addr, ifp, errorp); 1970 if (!imm->i6mm_maddr) { 1971 /* *errorp is alrady set */ 1972 free(imm, M_IPMADDR); 1973 return NULL; 1974 } 1975 return imm; 1976 } 1977 1978 int 1979 in6_leavegroup(imm) 1980 struct in6_multi_mship *imm; 1981 { 1982 1983 if (imm->i6mm_maddr) 1984 in6_delmulti(imm->i6mm_maddr); 1985 free(imm, M_IPMADDR); 1986 return 0; 1987 } 1988 1989 /* 1990 * Find an IPv6 interface link-local address specific to an interface. 1991 */ 1992 struct in6_ifaddr * 1993 in6ifa_ifpforlinklocal(ifp, ignoreflags) 1994 struct ifnet *ifp; 1995 int ignoreflags; 1996 { 1997 struct ifaddr *ifa; 1998 1999 for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa->ifa_list.tqe_next) 2000 { 2001 if (ifa->ifa_addr == NULL) 2002 continue; /* just for safety */ 2003 if (ifa->ifa_addr->sa_family != AF_INET6) 2004 continue; 2005 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) { 2006 if ((((struct in6_ifaddr *)ifa)->ia6_flags & 2007 ignoreflags) != 0) 2008 continue; 2009 break; 2010 } 2011 } 2012 2013 return ((struct in6_ifaddr *)ifa); 2014 } 2015 2016 2017 /* 2018 * find the internet address corresponding to a given interface and address. 2019 */ 2020 struct in6_ifaddr * 2021 in6ifa_ifpwithaddr(ifp, addr) 2022 struct ifnet *ifp; 2023 struct in6_addr *addr; 2024 { 2025 struct ifaddr *ifa; 2026 2027 for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa->ifa_list.tqe_next) 2028 { 2029 if (ifa->ifa_addr == NULL) 2030 continue; /* just for safety */ 2031 if (ifa->ifa_addr->sa_family != AF_INET6) 2032 continue; 2033 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) 2034 break; 2035 } 2036 2037 return ((struct in6_ifaddr *)ifa); 2038 } 2039 2040 /* 2041 * Convert IP6 address to printable (loggable) representation. 2042 */ 2043 static char digits[] = "0123456789abcdef"; 2044 static int ip6round = 0; 2045 char * 2046 ip6_sprintf(addr) 2047 const struct in6_addr *addr; 2048 { 2049 static char ip6buf[8][48]; 2050 int i; 2051 char *cp; 2052 const u_int16_t *a = (const u_int16_t *)addr; 2053 const u_int8_t *d; 2054 int dcolon = 0; 2055 2056 ip6round = (ip6round + 1) & 7; 2057 cp = ip6buf[ip6round]; 2058 2059 for (i = 0; i < 8; i++) { 2060 if (dcolon == 1) { 2061 if (*a == 0) { 2062 if (i == 7) 2063 *cp++ = ':'; 2064 a++; 2065 continue; 2066 } else 2067 dcolon = 2; 2068 } 2069 if (*a == 0) { 2070 if (dcolon == 0 && *(a + 1) == 0) { 2071 if (i == 0) 2072 *cp++ = ':'; 2073 *cp++ = ':'; 2074 dcolon = 1; 2075 } else { 2076 *cp++ = '0'; 2077 *cp++ = ':'; 2078 } 2079 a++; 2080 continue; 2081 } 2082 d = (const u_char *)a; 2083 *cp++ = digits[*d >> 4]; 2084 *cp++ = digits[*d++ & 0xf]; 2085 *cp++ = digits[*d >> 4]; 2086 *cp++ = digits[*d & 0xf]; 2087 *cp++ = ':'; 2088 a++; 2089 } 2090 *--cp = 0; 2091 return (ip6buf[ip6round]); 2092 } 2093 2094 /* 2095 * Determine if an address is on a local network. 2096 */ 2097 int 2098 in6_localaddr(in6) 2099 struct in6_addr *in6; 2100 { 2101 struct in6_ifaddr *ia; 2102 2103 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6)) 2104 return (1); 2105 2106 for (ia = in6_ifaddr; ia; ia = ia->ia_next) 2107 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr, 2108 &ia->ia_prefixmask.sin6_addr)) 2109 return (1); 2110 2111 return (0); 2112 } 2113 2114 /* 2115 * Get a scope of the address. Node-local, link-local, site-local or global. 2116 */ 2117 int 2118 in6_addrscope (addr) 2119 struct in6_addr *addr; 2120 { 2121 int scope; 2122 2123 if (addr->s6_addr8[0] == 0xfe) { 2124 scope = addr->s6_addr8[1] & 0xc0; 2125 2126 switch (scope) { 2127 case 0x80: 2128 return IPV6_ADDR_SCOPE_LINKLOCAL; 2129 case 0xc0: 2130 return IPV6_ADDR_SCOPE_SITELOCAL; 2131 default: 2132 return IPV6_ADDR_SCOPE_GLOBAL; /* just in case */ 2133 } 2134 } 2135 2136 2137 if (addr->s6_addr8[0] == 0xff) { 2138 scope = addr->s6_addr8[1] & 0x0f; 2139 2140 /* 2141 * due to other scope such as reserved, 2142 * return scope doesn't work. 2143 */ 2144 switch (scope) { 2145 case IPV6_ADDR_SCOPE_NODELOCAL: 2146 return IPV6_ADDR_SCOPE_NODELOCAL; 2147 case IPV6_ADDR_SCOPE_LINKLOCAL: 2148 return IPV6_ADDR_SCOPE_LINKLOCAL; 2149 case IPV6_ADDR_SCOPE_SITELOCAL: 2150 return IPV6_ADDR_SCOPE_SITELOCAL; 2151 default: 2152 return IPV6_ADDR_SCOPE_GLOBAL; 2153 } 2154 } 2155 2156 if (bcmp(&in6addr_loopback, addr, sizeof(*addr) - 1) == 0) { 2157 if (addr->s6_addr8[15] == 1) /* loopback */ 2158 return IPV6_ADDR_SCOPE_NODELOCAL; 2159 if (addr->s6_addr8[15] == 0) /* unspecified */ 2160 return IPV6_ADDR_SCOPE_LINKLOCAL; 2161 } 2162 2163 return IPV6_ADDR_SCOPE_GLOBAL; 2164 } 2165 2166 int 2167 in6_addr2scopeid(ifp, addr) 2168 struct ifnet *ifp; /* must not be NULL */ 2169 struct in6_addr *addr; /* must not be NULL */ 2170 { 2171 int scope = in6_addrscope(addr); 2172 2173 switch (scope) { 2174 case IPV6_ADDR_SCOPE_NODELOCAL: 2175 return (-1); /* XXX: is this an appropriate value? */ 2176 2177 case IPV6_ADDR_SCOPE_LINKLOCAL: 2178 /* XXX: we do not distinguish between a link and an I/F. */ 2179 return (ifp->if_index); 2180 2181 case IPV6_ADDR_SCOPE_SITELOCAL: 2182 return (0); /* XXX: invalid. */ 2183 2184 default: 2185 return (0); /* XXX: treat as global. */ 2186 } 2187 } 2188 2189 int 2190 in6_is_addr_deprecated(sa6) 2191 struct sockaddr_in6 *sa6; 2192 { 2193 struct in6_ifaddr *ia; 2194 2195 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 2196 if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, 2197 &sa6->sin6_addr) && 2198 #ifdef SCOPEDROUTING 2199 ia->ia_addr.sin6_scope_id == sa6->sin6_scope_id && 2200 #endif 2201 (ia->ia6_flags & IN6_IFF_DEPRECATED) != 0) 2202 return (1); /* true */ 2203 2204 /* XXX: do we still have to go thru the rest of the list? */ 2205 } 2206 2207 return (0); /* false */ 2208 } 2209 2210 /* 2211 * return length of part which dst and src are equal 2212 * hard coding... 2213 */ 2214 int 2215 in6_matchlen(src, dst) 2216 struct in6_addr *src, *dst; 2217 { 2218 int match = 0; 2219 u_char *s = (u_char *)src, *d = (u_char *)dst; 2220 u_char *lim = s + 16, r; 2221 2222 while (s < lim) 2223 if ((r = (*d++ ^ *s++)) != 0) { 2224 while (r < 128) { 2225 match++; 2226 r <<= 1; 2227 } 2228 break; 2229 } else 2230 match += 8; 2231 return match; 2232 } 2233 2234 /* XXX: to be scope conscious */ 2235 int 2236 in6_are_prefix_equal(p1, p2, len) 2237 struct in6_addr *p1, *p2; 2238 int len; 2239 { 2240 int bytelen, bitlen; 2241 2242 /* sanity check */ 2243 if (0 > len || len > 128) { 2244 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n", 2245 len); 2246 return (0); 2247 } 2248 2249 bytelen = len / 8; 2250 bitlen = len % 8; 2251 2252 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen)) 2253 return (0); 2254 if (bitlen != 0 && 2255 p1->s6_addr[bytelen] >> (8 - bitlen) != 2256 p2->s6_addr[bytelen] >> (8 - bitlen)) 2257 return (0); 2258 2259 return (1); 2260 } 2261 2262 void 2263 in6_prefixlen2mask(maskp, len) 2264 struct in6_addr *maskp; 2265 int len; 2266 { 2267 static const u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff}; 2268 int bytelen, bitlen, i; 2269 2270 /* sanity check */ 2271 if (0 > len || len > 128) { 2272 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n", 2273 len); 2274 return; 2275 } 2276 2277 bzero(maskp, sizeof(*maskp)); 2278 bytelen = len / 8; 2279 bitlen = len % 8; 2280 for (i = 0; i < bytelen; i++) 2281 maskp->s6_addr[i] = 0xff; 2282 if (bitlen) 2283 maskp->s6_addr[bytelen] = maskarray[bitlen - 1]; 2284 } 2285 2286 /* 2287 * return the best address out of the same scope 2288 */ 2289 struct in6_ifaddr * 2290 in6_ifawithscope(oifp, dst) 2291 struct ifnet *oifp; 2292 struct in6_addr *dst; 2293 { 2294 int dst_scope = in6_addrscope(dst), src_scope, best_scope = 0; 2295 int blen = -1; 2296 struct ifaddr *ifa; 2297 struct ifnet *ifp; 2298 struct in6_ifaddr *ifa_best = NULL; 2299 2300 if (oifp == NULL) { 2301 printf("in6_ifawithscope: output interface is not specified\n"); 2302 return (NULL); 2303 } 2304 2305 /* 2306 * We search for all addresses on all interfaces from the beginning. 2307 * Comparing an interface with the outgoing interface will be done 2308 * only at the final stage of tiebreaking. 2309 */ 2310 for (ifp = TAILQ_FIRST(&ifnet); ifp; ifp = TAILQ_NEXT(ifp, if_list)) 2311 { 2312 /* 2313 * We can never take an address that breaks the scope zone 2314 * of the destination. 2315 */ 2316 if (in6_addr2scopeid(ifp, dst) != in6_addr2scopeid(oifp, dst)) 2317 continue; 2318 2319 for (ifa = ifp->if_addrlist.tqh_first; ifa; 2320 ifa = ifa->ifa_list.tqe_next) 2321 { 2322 int tlen = -1, dscopecmp, bscopecmp, matchcmp; 2323 2324 if (ifa->ifa_addr->sa_family != AF_INET6) 2325 continue; 2326 2327 src_scope = in6_addrscope(IFA_IN6(ifa)); 2328 2329 #ifdef ADDRSELECT_DEBUG /* should be removed after stabilization */ 2330 dscopecmp = IN6_ARE_SCOPE_CMP(src_scope, dst_scope); 2331 printf("in6_ifawithscope: dst=%s bestaddr=%s, " 2332 "newaddr=%s, scope=%x, dcmp=%d, bcmp=%d, " 2333 "matchlen=%d, flgs=%x\n", 2334 ip6_sprintf(dst), 2335 ifa_best ? ip6_sprintf(&ifa_best->ia_addr.sin6_addr) : "none", 2336 ip6_sprintf(IFA_IN6(ifa)), src_scope, 2337 dscopecmp, 2338 ifa_best ? IN6_ARE_SCOPE_CMP(src_scope, best_scope) : -1, 2339 in6_matchlen(IFA_IN6(ifa), dst), 2340 ((struct in6_ifaddr *)ifa)->ia6_flags); 2341 #endif 2342 2343 /* 2344 * Don't use an address before completing DAD 2345 * nor a duplicated address. 2346 */ 2347 if (((struct in6_ifaddr *)ifa)->ia6_flags & 2348 IN6_IFF_NOTREADY) 2349 continue; 2350 2351 /* XXX: is there any case to allow anycasts? */ 2352 if (((struct in6_ifaddr *)ifa)->ia6_flags & 2353 IN6_IFF_ANYCAST) 2354 continue; 2355 2356 if (((struct in6_ifaddr *)ifa)->ia6_flags & 2357 IN6_IFF_DETACHED) 2358 continue; 2359 2360 /* 2361 * If this is the first address we find, 2362 * keep it anyway. 2363 */ 2364 if (ifa_best == NULL) 2365 goto replace; 2366 2367 /* 2368 * ifa_best is never NULL beyond this line except 2369 * within the block labeled "replace". 2370 */ 2371 2372 /* 2373 * If ifa_best has a smaller scope than dst and 2374 * the current address has a larger one than 2375 * (or equal to) dst, always replace ifa_best. 2376 * Also, if the current address has a smaller scope 2377 * than dst, ignore it unless ifa_best also has a 2378 * smaller scope. 2379 */ 2380 if (IN6_ARE_SCOPE_CMP(best_scope, dst_scope) < 0 && 2381 IN6_ARE_SCOPE_CMP(src_scope, dst_scope) >= 0) 2382 goto replace; 2383 if (IN6_ARE_SCOPE_CMP(src_scope, dst_scope) < 0 && 2384 IN6_ARE_SCOPE_CMP(best_scope, dst_scope) >= 0) 2385 continue; 2386 2387 /* 2388 * A deprecated address SHOULD NOT be used in new 2389 * communications if an alternate (non-deprecated) 2390 * address is available and has sufficient scope. 2391 * RFC 2462, Section 5.5.4. 2392 */ 2393 if (((struct in6_ifaddr *)ifa)->ia6_flags & 2394 IN6_IFF_DEPRECATED) { 2395 /* 2396 * Ignore any deprecated addresses if 2397 * specified by configuration. 2398 */ 2399 if (!ip6_use_deprecated) 2400 continue; 2401 2402 /* 2403 * If we have already found a non-deprecated 2404 * candidate, just ignore deprecated addresses. 2405 */ 2406 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) 2407 == 0) 2408 continue; 2409 } 2410 2411 /* 2412 * A non-deprecated address is always preferred 2413 * to a deprecated one regardless of scopes and 2414 * address matching. 2415 */ 2416 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) && 2417 (((struct in6_ifaddr *)ifa)->ia6_flags & 2418 IN6_IFF_DEPRECATED) == 0) 2419 goto replace; 2420 2421 /* 2422 * At this point, we have two cases: 2423 * 1. we are looking at a non-deprecated address, 2424 * and ifa_best is also non-deprecated. 2425 * 2. we are looking at a deprecated address, 2426 * and ifa_best is also deprecated. 2427 * Also, we do not have to consider a case where 2428 * the scope of if_best is larger(smaller) than dst and 2429 * the scope of the current address is smaller(larger) 2430 * than dst. Such a case has already been covered. 2431 * Tiebreaking is done according to the following 2432 * items: 2433 * - the scope comparison between the address and 2434 * dst (dscopecmp) 2435 * - the scope comparison between the address and 2436 * ifa_best (bscopecmp) 2437 * - if the address match dst longer than ifa_best 2438 * (matchcmp) 2439 * - if the address is on the outgoing I/F (outI/F) 2440 * 2441 * Roughly speaking, the selection policy is 2442 * - the most important item is scope. The same scope 2443 * is best. Then search for a larger scope. 2444 * Smaller scopes are the last resort. 2445 * - A deprecated address is chosen only when we have 2446 * no address that has an enough scope, but is 2447 * prefered to any addresses of smaller scopes. 2448 * - Longest address match against dst is considered 2449 * only for addresses that has the same scope of dst. 2450 * - If there is no other reasons to choose one, 2451 * addresses on the outgoing I/F are preferred. 2452 * 2453 * The precise decision table is as follows: 2454 * dscopecmp bscopecmp matchcmp outI/F | replace? 2455 * !equal equal N/A Yes | Yes (1) 2456 * !equal equal N/A No | No (2) 2457 * larger larger N/A N/A | No (3) 2458 * larger smaller N/A N/A | Yes (4) 2459 * smaller larger N/A N/A | Yes (5) 2460 * smaller smaller N/A N/A | No (6) 2461 * equal smaller N/A N/A | Yes (7) 2462 * equal larger (already done) 2463 * equal equal larger N/A | Yes (8) 2464 * equal equal smaller N/A | No (9) 2465 * equal equal equal Yes | Yes (a) 2466 * eaual eqaul equal No | No (b) 2467 */ 2468 dscopecmp = IN6_ARE_SCOPE_CMP(src_scope, dst_scope); 2469 bscopecmp = IN6_ARE_SCOPE_CMP(src_scope, best_scope); 2470 2471 if (dscopecmp && bscopecmp == 0) { 2472 if (oifp == ifp) /* (1) */ 2473 goto replace; 2474 continue; /* (2) */ 2475 } 2476 if (dscopecmp > 0) { 2477 if (bscopecmp > 0) /* (3) */ 2478 continue; 2479 goto replace; /* (4) */ 2480 } 2481 if (dscopecmp < 0) { 2482 if (bscopecmp > 0) /* (5) */ 2483 goto replace; 2484 continue; /* (6) */ 2485 } 2486 2487 /* now dscopecmp must be 0 */ 2488 if (bscopecmp < 0) 2489 goto replace; /* (7) */ 2490 2491 /* 2492 * At last both dscopecmp and bscopecmp must be 0. 2493 * We need address matching against dst for 2494 * tiebreaking. 2495 */ 2496 tlen = in6_matchlen(IFA_IN6(ifa), dst); 2497 matchcmp = tlen - blen; 2498 if (matchcmp > 0) /* (8) */ 2499 goto replace; 2500 if (matchcmp < 0) /* (9) */ 2501 continue; 2502 if (oifp == ifp) /* (a) */ 2503 goto replace; 2504 continue; /* (b) */ 2505 2506 replace: 2507 ifa_best = (struct in6_ifaddr *)ifa; 2508 blen = tlen >= 0 ? tlen : 2509 in6_matchlen(IFA_IN6(ifa), dst); 2510 best_scope = in6_addrscope(&ifa_best->ia_addr.sin6_addr); 2511 } 2512 } 2513 2514 /* count statistics for future improvements */ 2515 if (ifa_best == NULL) 2516 ip6stat.ip6s_sources_none++; 2517 else { 2518 if (oifp == ifa_best->ia_ifp) 2519 ip6stat.ip6s_sources_sameif[best_scope]++; 2520 else 2521 ip6stat.ip6s_sources_otherif[best_scope]++; 2522 2523 if (best_scope == dst_scope) 2524 ip6stat.ip6s_sources_samescope[best_scope]++; 2525 else 2526 ip6stat.ip6s_sources_otherscope[best_scope]++; 2527 2528 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) != 0) 2529 ip6stat.ip6s_sources_deprecated[best_scope]++; 2530 } 2531 2532 return (ifa_best); 2533 } 2534 2535 /* 2536 * return the best address out of the same scope. if no address was 2537 * found, return the first valid address from designated IF. 2538 */ 2539 struct in6_ifaddr * 2540 in6_ifawithifp(ifp, dst) 2541 struct ifnet *ifp; 2542 struct in6_addr *dst; 2543 { 2544 int dst_scope = in6_addrscope(dst), blen = -1, tlen; 2545 struct ifaddr *ifa; 2546 struct in6_ifaddr *besta = 0; 2547 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */ 2548 2549 dep[0] = dep[1] = NULL; 2550 2551 /* 2552 * We first look for addresses in the same scope. 2553 * If there is one, return it. 2554 * If two or more, return one which matches the dst longest. 2555 * If none, return one of global addresses assigned other ifs. 2556 */ 2557 for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa->ifa_list.tqe_next) 2558 { 2559 if (ifa->ifa_addr->sa_family != AF_INET6) 2560 continue; 2561 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2562 continue; /* XXX: is there any case to allow anycast? */ 2563 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2564 continue; /* don't use this interface */ 2565 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2566 continue; 2567 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2568 if (ip6_use_deprecated) 2569 dep[0] = (struct in6_ifaddr *)ifa; 2570 continue; 2571 } 2572 2573 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) { 2574 /* 2575 * call in6_matchlen() as few as possible 2576 */ 2577 if (besta) { 2578 if (blen == -1) 2579 blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst); 2580 tlen = in6_matchlen(IFA_IN6(ifa), dst); 2581 if (tlen > blen) { 2582 blen = tlen; 2583 besta = (struct in6_ifaddr *)ifa; 2584 } 2585 } else 2586 besta = (struct in6_ifaddr *)ifa; 2587 } 2588 } 2589 if (besta) 2590 return (besta); 2591 2592 for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa->ifa_list.tqe_next) 2593 { 2594 if (ifa->ifa_addr->sa_family != AF_INET6) 2595 continue; 2596 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2597 continue; /* XXX: is there any case to allow anycast? */ 2598 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2599 continue; /* don't use this interface */ 2600 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2601 continue; 2602 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2603 if (ip6_use_deprecated) 2604 dep[1] = (struct in6_ifaddr *)ifa; 2605 continue; 2606 } 2607 2608 return (struct in6_ifaddr *)ifa; 2609 } 2610 2611 /* use the last-resort values, that are, deprecated addresses */ 2612 if (dep[0]) 2613 return dep[0]; 2614 if (dep[1]) 2615 return dep[1]; 2616 2617 return NULL; 2618 } 2619 2620 /* 2621 * perform DAD when interface becomes IFF_UP. 2622 */ 2623 void 2624 in6_if_up(ifp) 2625 struct ifnet *ifp; 2626 { 2627 struct ifaddr *ifa; 2628 struct in6_ifaddr *ia; 2629 int dad_delay; /* delay ticks before DAD output */ 2630 2631 /* 2632 * special cases, like 6to4, are handled in in6_ifattach 2633 */ 2634 in6_ifattach(ifp, NULL); 2635 2636 dad_delay = 0; 2637 for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa->ifa_list.tqe_next) 2638 { 2639 if (ifa->ifa_addr->sa_family != AF_INET6) 2640 continue; 2641 ia = (struct in6_ifaddr *)ifa; 2642 if (ia->ia6_flags & IN6_IFF_TENTATIVE) 2643 nd6_dad_start(ifa, &dad_delay); 2644 } 2645 } 2646 2647 int 2648 in6if_do_dad(ifp) 2649 struct ifnet *ifp; 2650 { 2651 if ((ifp->if_flags & IFF_LOOPBACK) != 0) 2652 return (0); 2653 2654 switch (ifp->if_type) { 2655 case IFT_FAITH: 2656 /* 2657 * These interfaces do not have the IFF_LOOPBACK flag, 2658 * but loop packets back. We do not have to do DAD on such 2659 * interfaces. We should even omit it, because loop-backed 2660 * NS would confuse the DAD procedure. 2661 */ 2662 return (0); 2663 default: 2664 /* 2665 * Our DAD routine requires the interface up and running. 2666 * However, some interfaces can be up before the RUNNING 2667 * status. Additionaly, users may try to assign addresses 2668 * before the interface becomes up (or running). 2669 * We simply skip DAD in such a case as a work around. 2670 * XXX: we should rather mark "tentative" on such addresses, 2671 * and do DAD after the interface becomes ready. 2672 */ 2673 if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) != 2674 (IFF_UP|IFF_RUNNING)) 2675 return (0); 2676 2677 return (1); 2678 } 2679 } 2680 2681 /* 2682 * Calculate max IPv6 MTU through all the interfaces and store it 2683 * to in6_maxmtu. 2684 */ 2685 void 2686 in6_setmaxmtu() 2687 { 2688 unsigned long maxmtu = 0; 2689 struct ifnet *ifp; 2690 2691 for (ifp = TAILQ_FIRST(&ifnet); ifp; ifp = TAILQ_NEXT(ifp, if_list)) 2692 { 2693 /* this function can be called during ifnet initialization */ 2694 if (!ifp->if_afdata[AF_INET6]) 2695 continue; 2696 if ((ifp->if_flags & IFF_LOOPBACK) == 0 && 2697 IN6_LINKMTU(ifp) > maxmtu) 2698 maxmtu = IN6_LINKMTU(ifp); 2699 } 2700 if (maxmtu) /* update only when maxmtu is positive */ 2701 in6_maxmtu = maxmtu; 2702 } 2703 2704 void * 2705 in6_domifattach(ifp) 2706 struct ifnet *ifp; 2707 { 2708 struct in6_ifextra *ext; 2709 2710 ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK); 2711 bzero(ext, sizeof(*ext)); 2712 2713 ext->in6_ifstat = (struct in6_ifstat *)malloc(sizeof(struct in6_ifstat), 2714 M_IFADDR, M_WAITOK); 2715 bzero(ext->in6_ifstat, sizeof(*ext->in6_ifstat)); 2716 2717 ext->icmp6_ifstat = 2718 (struct icmp6_ifstat *)malloc(sizeof(struct icmp6_ifstat), 2719 M_IFADDR, M_WAITOK); 2720 bzero(ext->icmp6_ifstat, sizeof(*ext->icmp6_ifstat)); 2721 2722 ext->nd_ifinfo = nd6_ifattach(ifp); 2723 return ext; 2724 } 2725 2726 void 2727 in6_domifdetach(ifp, aux) 2728 struct ifnet *ifp; 2729 void *aux; 2730 { 2731 struct in6_ifextra *ext = (struct in6_ifextra *)aux; 2732 2733 nd6_ifdetach(ext->nd_ifinfo); 2734 free(ext->in6_ifstat, M_IFADDR); 2735 free(ext->icmp6_ifstat, M_IFADDR); 2736 free(ext, M_IFADDR); 2737 } 2738