1 /* $NetBSD: in6.c,v 1.194 2015/12/12 23:34:25 christos Exp $ */ 2 /* $KAME: in6.c,v 1.198 2001/07/18 09:12:38 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1991, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 * 61 * @(#)in.c 8.2 (Berkeley) 11/15/93 62 */ 63 64 #include <sys/cdefs.h> 65 __KERNEL_RCSID(0, "$NetBSD: in6.c,v 1.194 2015/12/12 23:34:25 christos Exp $"); 66 67 #ifdef _KERNEL_OPT 68 #include "opt_inet.h" 69 #include "opt_compat_netbsd.h" 70 #endif 71 72 #include <sys/param.h> 73 #include <sys/ioctl.h> 74 #include <sys/errno.h> 75 #include <sys/malloc.h> 76 #include <sys/socket.h> 77 #include <sys/socketvar.h> 78 #include <sys/sockio.h> 79 #include <sys/systm.h> 80 #include <sys/proc.h> 81 #include <sys/time.h> 82 #include <sys/kernel.h> 83 #include <sys/syslog.h> 84 #include <sys/kauth.h> 85 #include <sys/cprng.h> 86 #include <sys/kmem.h> 87 88 #include <net/if.h> 89 #include <net/if_types.h> 90 #include <net/if_llatbl.h> 91 #include <net/if_ether.h> 92 #include <net/if_dl.h> 93 #include <net/pfil.h> 94 #include <net/route.h> 95 96 #include <netinet/in.h> 97 #include <netinet/in_var.h> 98 99 #include <netinet/ip6.h> 100 #include <netinet6/ip6_var.h> 101 #include <netinet6/nd6.h> 102 #include <netinet6/mld6_var.h> 103 #include <netinet6/ip6_mroute.h> 104 #include <netinet6/in6_ifattach.h> 105 #include <netinet6/scope6_var.h> 106 107 #include <net/net_osdep.h> 108 109 #ifdef COMPAT_50 110 #include <compat/netinet6/in6_var.h> 111 #endif 112 113 MALLOC_DEFINE(M_IP6OPT, "ip6_options", "IPv6 options"); 114 115 /* enable backward compatibility code for obsoleted ioctls */ 116 #define COMPAT_IN6IFIOCTL 117 118 #ifdef IN6_DEBUG 119 #define IN6_DPRINTF(__fmt, ...) printf(__fmt, __VA_ARGS__) 120 #else 121 #define IN6_DPRINTF(__fmt, ...) do { } while (/*CONSTCOND*/0) 122 #endif /* IN6_DEBUG */ 123 124 /* 125 * Definitions of some constant IP6 addresses. 126 */ 127 const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT; 128 const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT; 129 const struct in6_addr in6addr_nodelocal_allnodes = 130 IN6ADDR_NODELOCAL_ALLNODES_INIT; 131 const struct in6_addr in6addr_linklocal_allnodes = 132 IN6ADDR_LINKLOCAL_ALLNODES_INIT; 133 const struct in6_addr in6addr_linklocal_allrouters = 134 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT; 135 136 const struct in6_addr in6mask0 = IN6MASK0; 137 const struct in6_addr in6mask32 = IN6MASK32; 138 const struct in6_addr in6mask64 = IN6MASK64; 139 const struct in6_addr in6mask96 = IN6MASK96; 140 const struct in6_addr in6mask128 = IN6MASK128; 141 142 const struct sockaddr_in6 sa6_any = {sizeof(sa6_any), AF_INET6, 143 0, 0, IN6ADDR_ANY_INIT, 0}; 144 145 static int in6_lifaddr_ioctl(struct socket *, u_long, void *, 146 struct ifnet *); 147 static int in6_ifinit(struct ifnet *, struct in6_ifaddr *, 148 const struct sockaddr_in6 *, int); 149 static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *); 150 151 /* 152 * Add ownaddr as loopback rtentry. We previously add the route only if 153 * necessary (ex. on a p2p link). However, since we now manage addresses 154 * separately from prefixes, we should always add the route. We can't 155 * rely on the cloning mechanism from the corresponding interface route 156 * any more. 157 */ 158 void 159 in6_ifaddlocal(struct ifaddr *ifa) 160 { 161 162 if (IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &in6addr_any) || 163 (ifa->ifa_ifp->if_flags & IFF_POINTOPOINT && 164 IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), IFA_DSTIN6(ifa)))) 165 { 166 rt_newaddrmsg(RTM_NEWADDR, ifa, 0, NULL); 167 return; 168 } 169 170 rt_ifa_addlocal(ifa); 171 } 172 173 /* 174 * Remove loopback rtentry of ownaddr generated by in6_ifaddlocal(), 175 * if it exists. 176 */ 177 void 178 in6_ifremlocal(struct ifaddr *ifa) 179 { 180 struct in6_ifaddr *ia; 181 struct ifaddr *alt_ifa = NULL; 182 int ia_count = 0; 183 184 /* 185 * Some of BSD variants do not remove cloned routes 186 * from an interface direct route, when removing the direct route 187 * (see comments in net/net_osdep.h). Even for variants that do remove 188 * cloned routes, they could fail to remove the cloned routes when 189 * we handle multple addresses that share a common prefix. 190 * So, we should remove the route corresponding to the deleted address. 191 */ 192 193 /* 194 * Delete the entry only if exactly one ifaddr matches the 195 * address, ifa->ifa_addr. 196 * 197 * If more than one ifaddr matches, replace the ifaddr in 198 * the routing table, rt_ifa, with a different ifaddr than 199 * the one we are purging, ifa. It is important to do 200 * this, or else the routing table can accumulate dangling 201 * pointers rt->rt_ifa->ifa_ifp to destroyed interfaces, 202 * which will lead to crashes, later. (More than one ifaddr 203 * can match if we assign the same address to multiple---probably 204 * p2p---interfaces.) 205 * 206 * XXX An old comment at this place said, "we should avoid 207 * XXX such a configuration [i.e., interfaces with the same 208 * XXX addressed assigned --ed.] in IPv6...". I do not 209 * XXX agree, especially now that I have fixed the dangling 210 * XXX ifp-pointers bug. 211 */ 212 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 213 if (!IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &ia->ia_addr.sin6_addr)) 214 continue; 215 if (ia->ia_ifp != ifa->ifa_ifp) 216 alt_ifa = &ia->ia_ifa; 217 if (++ia_count > 1 && alt_ifa != NULL) 218 break; 219 } 220 221 if (ia_count == 0) 222 return; 223 224 rt_ifa_remlocal(ifa, ia_count == 1 ? NULL : alt_ifa); 225 } 226 227 int 228 in6_mask2len(struct in6_addr *mask, u_char *lim0) 229 { 230 int x = 0, y; 231 u_char *lim = lim0, *p; 232 233 /* ignore the scope_id part */ 234 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask)) 235 lim = (u_char *)mask + sizeof(*mask); 236 for (p = (u_char *)mask; p < lim; x++, p++) { 237 if (*p != 0xff) 238 break; 239 } 240 y = 0; 241 if (p < lim) { 242 for (y = 0; y < NBBY; y++) { 243 if ((*p & (0x80 >> y)) == 0) 244 break; 245 } 246 } 247 248 /* 249 * when the limit pointer is given, do a stricter check on the 250 * remaining bits. 251 */ 252 if (p < lim) { 253 if (y != 0 && (*p & (0x00ff >> y)) != 0) 254 return -1; 255 for (p = p + 1; p < lim; p++) 256 if (*p != 0) 257 return -1; 258 } 259 260 return x * NBBY + y; 261 } 262 263 #define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa)) 264 #define ia62ifa(ia6) (&((ia6)->ia_ifa)) 265 266 static int 267 in6_control1(struct socket *so, u_long cmd, void *data, struct ifnet *ifp) 268 { 269 struct in6_ifreq *ifr = (struct in6_ifreq *)data; 270 struct in6_ifaddr *ia = NULL; 271 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data; 272 struct sockaddr_in6 *sa6; 273 int error; 274 275 switch (cmd) { 276 case SIOCAADDRCTL_POLICY: 277 case SIOCDADDRCTL_POLICY: 278 /* Privileged. */ 279 return in6_src_ioctl(cmd, data); 280 /* 281 * XXX: Fix me, once we fix SIOCSIFADDR, SIOCIFDSTADDR, etc. 282 */ 283 case SIOCSIFADDR: 284 case SIOCSIFDSTADDR: 285 case SIOCSIFBRDADDR: 286 case SIOCSIFNETMASK: 287 return EOPNOTSUPP; 288 case SIOCGETSGCNT_IN6: 289 case SIOCGETMIFCNT_IN6: 290 return mrt6_ioctl(cmd, data); 291 case SIOCGIFADDRPREF: 292 case SIOCSIFADDRPREF: 293 if (ifp == NULL) 294 return EINVAL; 295 return ifaddrpref_ioctl(so, cmd, data, ifp); 296 } 297 298 if (ifp == NULL) 299 return EOPNOTSUPP; 300 301 switch (cmd) { 302 case SIOCSNDFLUSH_IN6: 303 case SIOCSPFXFLUSH_IN6: 304 case SIOCSRTRFLUSH_IN6: 305 case SIOCSDEFIFACE_IN6: 306 case SIOCSIFINFO_FLAGS: 307 case SIOCSIFINFO_IN6: 308 /* Privileged. */ 309 /* FALLTHROUGH */ 310 case OSIOCGIFINFO_IN6: 311 case SIOCGIFINFO_IN6: 312 case SIOCGDRLST_IN6: 313 case SIOCGPRLST_IN6: 314 case SIOCGNBRINFO_IN6: 315 case SIOCGDEFIFACE_IN6: 316 return nd6_ioctl(cmd, data, ifp); 317 } 318 319 switch (cmd) { 320 case SIOCSIFPREFIX_IN6: 321 case SIOCDIFPREFIX_IN6: 322 case SIOCAIFPREFIX_IN6: 323 case SIOCCIFPREFIX_IN6: 324 case SIOCSGIFPREFIX_IN6: 325 case SIOCGIFPREFIX_IN6: 326 log(LOG_NOTICE, 327 "prefix ioctls are now invalidated. " 328 "please use ifconfig.\n"); 329 return EOPNOTSUPP; 330 } 331 332 switch (cmd) { 333 case SIOCALIFADDR: 334 case SIOCDLIFADDR: 335 /* Privileged. */ 336 /* FALLTHROUGH */ 337 case SIOCGLIFADDR: 338 return in6_lifaddr_ioctl(so, cmd, data, ifp); 339 } 340 341 /* 342 * Find address for this interface, if it exists. 343 * 344 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation 345 * only, and used the first interface address as the target of other 346 * operations (without checking ifra_addr). This was because netinet 347 * code/API assumed at most 1 interface address per interface. 348 * Since IPv6 allows a node to assign multiple addresses 349 * on a single interface, we almost always look and check the 350 * presence of ifra_addr, and reject invalid ones here. 351 * It also decreases duplicated code among SIOC*_IN6 operations. 352 */ 353 switch (cmd) { 354 case SIOCAIFADDR_IN6: 355 #ifdef OSIOCAIFADDR_IN6 356 case OSIOCAIFADDR_IN6: 357 #endif 358 #ifdef OSIOCSIFPHYADDR_IN6 359 case OSIOCSIFPHYADDR_IN6: 360 #endif 361 case SIOCSIFPHYADDR_IN6: 362 sa6 = &ifra->ifra_addr; 363 break; 364 case SIOCSIFADDR_IN6: 365 case SIOCGIFADDR_IN6: 366 case SIOCSIFDSTADDR_IN6: 367 case SIOCSIFNETMASK_IN6: 368 case SIOCGIFDSTADDR_IN6: 369 case SIOCGIFNETMASK_IN6: 370 case SIOCDIFADDR_IN6: 371 case SIOCGIFPSRCADDR_IN6: 372 case SIOCGIFPDSTADDR_IN6: 373 case SIOCGIFAFLAG_IN6: 374 case SIOCSNDFLUSH_IN6: 375 case SIOCSPFXFLUSH_IN6: 376 case SIOCSRTRFLUSH_IN6: 377 case SIOCGIFALIFETIME_IN6: 378 #ifdef OSIOCGIFALIFETIME_IN6 379 case OSIOCGIFALIFETIME_IN6: 380 #endif 381 case SIOCGIFSTAT_IN6: 382 case SIOCGIFSTAT_ICMP6: 383 sa6 = &ifr->ifr_addr; 384 break; 385 default: 386 sa6 = NULL; 387 break; 388 } 389 if (sa6 && sa6->sin6_family == AF_INET6) { 390 if (sa6->sin6_scope_id != 0) 391 error = sa6_embedscope(sa6, 0); 392 else 393 error = in6_setscope(&sa6->sin6_addr, ifp, NULL); 394 if (error != 0) 395 return error; 396 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr); 397 } else 398 ia = NULL; 399 400 switch (cmd) { 401 case SIOCSIFADDR_IN6: 402 case SIOCSIFDSTADDR_IN6: 403 case SIOCSIFNETMASK_IN6: 404 /* 405 * Since IPv6 allows a node to assign multiple addresses 406 * on a single interface, SIOCSIFxxx ioctls are deprecated. 407 */ 408 return EINVAL; 409 410 case SIOCDIFADDR_IN6: 411 /* 412 * for IPv4, we look for existing in_ifaddr here to allow 413 * "ifconfig if0 delete" to remove the first IPv4 address on 414 * the interface. For IPv6, as the spec allows multiple 415 * interface address from the day one, we consider "remove the 416 * first one" semantics to be not preferable. 417 */ 418 if (ia == NULL) 419 return EADDRNOTAVAIL; 420 /* FALLTHROUGH */ 421 #ifdef OSIOCAIFADDR_IN6 422 case OSIOCAIFADDR_IN6: 423 #endif 424 case SIOCAIFADDR_IN6: 425 /* 426 * We always require users to specify a valid IPv6 address for 427 * the corresponding operation. 428 */ 429 if (ifra->ifra_addr.sin6_family != AF_INET6 || 430 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) 431 return EAFNOSUPPORT; 432 /* Privileged. */ 433 434 break; 435 436 case SIOCGIFADDR_IN6: 437 /* This interface is basically deprecated. use SIOCGIFCONF. */ 438 /* FALLTHROUGH */ 439 case SIOCGIFAFLAG_IN6: 440 case SIOCGIFNETMASK_IN6: 441 case SIOCGIFDSTADDR_IN6: 442 case SIOCGIFALIFETIME_IN6: 443 #ifdef OSIOCGIFALIFETIME_IN6 444 case OSIOCGIFALIFETIME_IN6: 445 #endif 446 /* must think again about its semantics */ 447 if (ia == NULL) 448 return EADDRNOTAVAIL; 449 break; 450 } 451 452 switch (cmd) { 453 454 case SIOCGIFADDR_IN6: 455 ifr->ifr_addr = ia->ia_addr; 456 if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0) 457 return error; 458 break; 459 460 case SIOCGIFDSTADDR_IN6: 461 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) 462 return EINVAL; 463 /* 464 * XXX: should we check if ifa_dstaddr is NULL and return 465 * an error? 466 */ 467 ifr->ifr_dstaddr = ia->ia_dstaddr; 468 if ((error = sa6_recoverscope(&ifr->ifr_dstaddr)) != 0) 469 return error; 470 break; 471 472 case SIOCGIFNETMASK_IN6: 473 ifr->ifr_addr = ia->ia_prefixmask; 474 break; 475 476 case SIOCGIFAFLAG_IN6: 477 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags; 478 break; 479 480 case SIOCGIFSTAT_IN6: 481 if (ifp == NULL) 482 return EINVAL; 483 memset(&ifr->ifr_ifru.ifru_stat, 0, 484 sizeof(ifr->ifr_ifru.ifru_stat)); 485 ifr->ifr_ifru.ifru_stat = 486 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat; 487 break; 488 489 case SIOCGIFSTAT_ICMP6: 490 if (ifp == NULL) 491 return EINVAL; 492 memset(&ifr->ifr_ifru.ifru_icmp6stat, 0, 493 sizeof(ifr->ifr_ifru.ifru_icmp6stat)); 494 ifr->ifr_ifru.ifru_icmp6stat = 495 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat; 496 break; 497 498 #ifdef OSIOCGIFALIFETIME_IN6 499 case OSIOCGIFALIFETIME_IN6: 500 #endif 501 case SIOCGIFALIFETIME_IN6: 502 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime; 503 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 504 time_t maxexpire; 505 struct in6_addrlifetime *retlt = 506 &ifr->ifr_ifru.ifru_lifetime; 507 508 /* 509 * XXX: adjust expiration time assuming time_t is 510 * signed. 511 */ 512 maxexpire = ((time_t)~0) & 513 ~((time_t)1 << ((sizeof(maxexpire) * NBBY) - 1)); 514 if (ia->ia6_lifetime.ia6t_vltime < 515 maxexpire - ia->ia6_updatetime) { 516 retlt->ia6t_expire = ia->ia6_updatetime + 517 ia->ia6_lifetime.ia6t_vltime; 518 retlt->ia6t_expire = retlt->ia6t_expire ? 519 time_mono_to_wall(retlt->ia6t_expire) : 520 0; 521 } else 522 retlt->ia6t_expire = maxexpire; 523 } 524 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 525 time_t maxexpire; 526 struct in6_addrlifetime *retlt = 527 &ifr->ifr_ifru.ifru_lifetime; 528 529 /* 530 * XXX: adjust expiration time assuming time_t is 531 * signed. 532 */ 533 maxexpire = ((time_t)~0) & 534 ~((time_t)1 << ((sizeof(maxexpire) * NBBY) - 1)); 535 if (ia->ia6_lifetime.ia6t_pltime < 536 maxexpire - ia->ia6_updatetime) { 537 retlt->ia6t_preferred = ia->ia6_updatetime + 538 ia->ia6_lifetime.ia6t_pltime; 539 retlt->ia6t_preferred = retlt->ia6t_preferred ? 540 time_mono_to_wall(retlt->ia6t_preferred) : 541 0; 542 } else 543 retlt->ia6t_preferred = maxexpire; 544 } 545 #ifdef OSIOCFIFALIFETIME_IN6 546 if (cmd == OSIOCFIFALIFETIME_IN6) 547 in6_addrlifetime_to_in6_addrlifetime50( 548 &ifr->ifru.ifru_lifetime); 549 #endif 550 break; 551 552 #ifdef OSIOCAIFADDR_IN6 553 case OSIOCAIFADDR_IN6: 554 in6_aliasreq50_to_in6_aliasreq(ifra); 555 /*FALLTHROUGH*/ 556 #endif 557 case SIOCAIFADDR_IN6: 558 { 559 int i; 560 struct nd_prefixctl prc0; 561 struct nd_prefix *pr; 562 struct in6_addrlifetime *lt; 563 564 /* reject read-only flags */ 565 if ((ifra->ifra_flags & IN6_IFF_DUPLICATED) != 0 || 566 (ifra->ifra_flags & IN6_IFF_DETACHED) != 0 || 567 (ifra->ifra_flags & IN6_IFF_TENTATIVE) != 0 || 568 (ifra->ifra_flags & IN6_IFF_NODAD) != 0 || 569 (ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0) { 570 return EINVAL; 571 } 572 /* 573 * ia6t_expire and ia6t_preferred won't be used for now, 574 * so just in case. 575 */ 576 lt = &ifra->ifra_lifetime; 577 if (lt->ia6t_expire != 0) 578 lt->ia6t_expire = time_wall_to_mono(lt->ia6t_expire); 579 if (lt->ia6t_preferred != 0) 580 lt->ia6t_preferred = 581 time_wall_to_mono(lt->ia6t_preferred); 582 /* 583 * first, make or update the interface address structure, 584 * and link it to the list. 585 */ 586 if ((error = in6_update_ifa(ifp, ifra, ia, 0)) != 0) 587 return error; 588 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr)) 589 == NULL) { 590 /* 591 * this can happen when the user specify the 0 valid 592 * lifetime. 593 */ 594 break; 595 } 596 597 /* 598 * then, make the prefix on-link on the interface. 599 * XXX: we'd rather create the prefix before the address, but 600 * we need at least one address to install the corresponding 601 * interface route, so we configure the address first. 602 */ 603 604 /* 605 * convert mask to prefix length (prefixmask has already 606 * been validated in in6_update_ifa(). 607 */ 608 memset(&prc0, 0, sizeof(prc0)); 609 prc0.ndprc_ifp = ifp; 610 prc0.ndprc_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 611 NULL); 612 if (prc0.ndprc_plen == 128) { 613 break; /* we don't need to install a host route. */ 614 } 615 prc0.ndprc_prefix = ifra->ifra_addr; 616 /* apply the mask for safety. */ 617 for (i = 0; i < 4; i++) { 618 prc0.ndprc_prefix.sin6_addr.s6_addr32[i] &= 619 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i]; 620 } 621 /* 622 * XXX: since we don't have an API to set prefix (not address) 623 * lifetimes, we just use the same lifetimes as addresses. 624 * The (temporarily) installed lifetimes can be overridden by 625 * later advertised RAs (when accept_rtadv is non 0), which is 626 * an intended behavior. 627 */ 628 prc0.ndprc_raf_onlink = 1; /* should be configurable? */ 629 prc0.ndprc_raf_auto = 630 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0); 631 prc0.ndprc_vltime = ifra->ifra_lifetime.ia6t_vltime; 632 prc0.ndprc_pltime = ifra->ifra_lifetime.ia6t_pltime; 633 634 /* add the prefix if not yet. */ 635 if ((pr = nd6_prefix_lookup(&prc0)) == NULL) { 636 /* 637 * nd6_prelist_add will install the corresponding 638 * interface route. 639 */ 640 if ((error = nd6_prelist_add(&prc0, NULL, &pr)) != 0) 641 return error; 642 if (pr == NULL) { 643 log(LOG_ERR, "nd6_prelist_add succeeded but " 644 "no prefix\n"); 645 return EINVAL; /* XXX panic here? */ 646 } 647 } 648 649 /* relate the address to the prefix */ 650 if (ia->ia6_ndpr == NULL) { 651 ia->ia6_ndpr = pr; 652 pr->ndpr_refcnt++; 653 654 /* 655 * If this is the first autoconf address from the 656 * prefix, create a temporary address as well 657 * (when required). 658 */ 659 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) && 660 ip6_use_tempaddr && pr->ndpr_refcnt == 1) { 661 int e; 662 if ((e = in6_tmpifadd(ia, 1, 0)) != 0) { 663 log(LOG_NOTICE, "in6_control: failed " 664 "to create a temporary address, " 665 "errno=%d\n", e); 666 } 667 } 668 } 669 670 /* 671 * this might affect the status of autoconfigured addresses, 672 * that is, this address might make other addresses detached. 673 */ 674 pfxlist_onlink_check(); 675 676 (void)pfil_run_hooks(if_pfil, (struct mbuf **)SIOCAIFADDR_IN6, 677 ifp, PFIL_IFADDR); 678 break; 679 } 680 681 case SIOCDIFADDR_IN6: 682 { 683 struct nd_prefix *pr; 684 685 /* 686 * If the address being deleted is the only one that owns 687 * the corresponding prefix, expire the prefix as well. 688 * XXX: theoretically, we don't have to worry about such 689 * relationship, since we separate the address management 690 * and the prefix management. We do this, however, to provide 691 * as much backward compatibility as possible in terms of 692 * the ioctl operation. 693 * Note that in6_purgeaddr() will decrement ndpr_refcnt. 694 */ 695 pr = ia->ia6_ndpr; 696 in6_purgeaddr(&ia->ia_ifa); 697 if (pr && pr->ndpr_refcnt == 0) 698 prelist_remove(pr); 699 (void)pfil_run_hooks(if_pfil, (struct mbuf **)SIOCDIFADDR_IN6, 700 ifp, PFIL_IFADDR); 701 break; 702 } 703 704 default: 705 return ENOTTY; 706 } 707 708 return 0; 709 } 710 711 int 712 in6_control(struct socket *so, u_long cmd, void *data, struct ifnet *ifp) 713 { 714 int error, s; 715 716 switch (cmd) { 717 case SIOCSNDFLUSH_IN6: 718 case SIOCSPFXFLUSH_IN6: 719 case SIOCSRTRFLUSH_IN6: 720 case SIOCSDEFIFACE_IN6: 721 case SIOCSIFINFO_FLAGS: 722 case SIOCSIFINFO_IN6: 723 724 case SIOCALIFADDR: 725 case SIOCDLIFADDR: 726 727 case SIOCDIFADDR_IN6: 728 #ifdef OSIOCAIFADDR_IN6 729 case OSIOCAIFADDR_IN6: 730 #endif 731 case SIOCAIFADDR_IN6: 732 733 case SIOCAADDRCTL_POLICY: 734 case SIOCDADDRCTL_POLICY: 735 736 if (kauth_authorize_network(curlwp->l_cred, 737 KAUTH_NETWORK_SOCKET, 738 KAUTH_REQ_NETWORK_SOCKET_SETPRIV, 739 so, NULL, NULL)) 740 return EPERM; 741 break; 742 } 743 744 s = splnet(); 745 error = in6_control1(so , cmd, data, ifp); 746 splx(s); 747 return error; 748 } 749 750 /* 751 * Update parameters of an IPv6 interface address. 752 * If necessary, a new entry is created and linked into address chains. 753 * This function is separated from in6_control(). 754 * XXX: should this be performed under splnet()? 755 */ 756 static int 757 in6_update_ifa1(struct ifnet *ifp, struct in6_aliasreq *ifra, 758 struct in6_ifaddr *ia, int flags) 759 { 760 int error = 0, hostIsNew = 0, plen = -1; 761 struct in6_ifaddr *oia; 762 struct sockaddr_in6 dst6; 763 struct in6_addrlifetime *lt; 764 struct in6_multi_mship *imm; 765 struct in6_multi *in6m_sol; 766 struct rtentry *rt; 767 int dad_delay, was_tentative; 768 769 in6m_sol = NULL; 770 771 /* Validate parameters */ 772 if (ifp == NULL || ifra == NULL) /* this maybe redundant */ 773 return EINVAL; 774 775 /* 776 * The destination address for a p2p link must have a family 777 * of AF_UNSPEC or AF_INET6. 778 */ 779 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && 780 ifra->ifra_dstaddr.sin6_family != AF_INET6 && 781 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC) 782 return EAFNOSUPPORT; 783 /* 784 * validate ifra_prefixmask. don't check sin6_family, netmask 785 * does not carry fields other than sin6_len. 786 */ 787 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6)) 788 return EINVAL; 789 /* 790 * Because the IPv6 address architecture is classless, we require 791 * users to specify a (non 0) prefix length (mask) for a new address. 792 * We also require the prefix (when specified) mask is valid, and thus 793 * reject a non-consecutive mask. 794 */ 795 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0) 796 return EINVAL; 797 if (ifra->ifra_prefixmask.sin6_len != 0) { 798 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 799 (u_char *)&ifra->ifra_prefixmask + 800 ifra->ifra_prefixmask.sin6_len); 801 if (plen <= 0) 802 return EINVAL; 803 } else { 804 /* 805 * In this case, ia must not be NULL. We just use its prefix 806 * length. 807 */ 808 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 809 } 810 /* 811 * If the destination address on a p2p interface is specified, 812 * and the address is a scoped one, validate/set the scope 813 * zone identifier. 814 */ 815 dst6 = ifra->ifra_dstaddr; 816 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 && 817 (dst6.sin6_family == AF_INET6)) { 818 struct in6_addr in6_tmp; 819 u_int32_t zoneid; 820 821 in6_tmp = dst6.sin6_addr; 822 if (in6_setscope(&in6_tmp, ifp, &zoneid)) 823 return EINVAL; /* XXX: should be impossible */ 824 825 if (dst6.sin6_scope_id != 0) { 826 if (dst6.sin6_scope_id != zoneid) 827 return EINVAL; 828 } else /* user omit to specify the ID. */ 829 dst6.sin6_scope_id = zoneid; 830 831 /* convert into the internal form */ 832 if (sa6_embedscope(&dst6, 0)) 833 return EINVAL; /* XXX: should be impossible */ 834 } 835 /* 836 * The destination address can be specified only for a p2p or a 837 * loopback interface. If specified, the corresponding prefix length 838 * must be 128. 839 */ 840 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) { 841 #ifdef FORCE_P2PPLEN 842 int i; 843 #endif 844 845 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) { 846 /* XXX: noisy message */ 847 nd6log((LOG_INFO, "in6_update_ifa: a destination can " 848 "be specified for a p2p or a loopback IF only\n")); 849 return EINVAL; 850 } 851 if (plen != 128) { 852 nd6log((LOG_INFO, "in6_update_ifa: prefixlen should " 853 "be 128 when dstaddr is specified\n")); 854 #ifdef FORCE_P2PPLEN 855 /* 856 * To be compatible with old configurations, 857 * such as ifconfig gif0 inet6 2001::1 2001::2 858 * prefixlen 126, we override the specified 859 * prefixmask as if the prefix length was 128. 860 */ 861 ifra->ifra_prefixmask.sin6_len = 862 sizeof(struct sockaddr_in6); 863 for (i = 0; i < 4; i++) 864 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i] = 865 0xffffffff; 866 plen = 128; 867 #else 868 return EINVAL; 869 #endif 870 } 871 } 872 /* lifetime consistency check */ 873 lt = &ifra->ifra_lifetime; 874 if (lt->ia6t_pltime > lt->ia6t_vltime) 875 return EINVAL; 876 if (lt->ia6t_vltime == 0) { 877 /* 878 * the following log might be noisy, but this is a typical 879 * configuration mistake or a tool's bug. 880 */ 881 nd6log((LOG_INFO, 882 "in6_update_ifa: valid lifetime is 0 for %s\n", 883 ip6_sprintf(&ifra->ifra_addr.sin6_addr))); 884 885 if (ia == NULL) 886 return 0; /* there's nothing to do */ 887 } 888 889 /* 890 * If this is a new address, allocate a new ifaddr and link it 891 * into chains. 892 */ 893 if (ia == NULL) { 894 hostIsNew = 1; 895 /* 896 * When in6_update_ifa() is called in a process of a received 897 * RA, it is called under an interrupt context. So, we should 898 * call malloc with M_NOWAIT. 899 */ 900 ia = (struct in6_ifaddr *) malloc(sizeof(*ia), M_IFADDR, 901 M_NOWAIT); 902 if (ia == NULL) 903 return ENOBUFS; 904 memset(ia, 0, sizeof(*ia)); 905 LIST_INIT(&ia->ia6_memberships); 906 /* Initialize the address and masks, and put time stamp */ 907 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr; 908 ia->ia_addr.sin6_family = AF_INET6; 909 ia->ia_addr.sin6_len = sizeof(ia->ia_addr); 910 ia->ia6_createtime = time_uptime; 911 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) { 912 /* 913 * XXX: some functions expect that ifa_dstaddr is not 914 * NULL for p2p interfaces. 915 */ 916 ia->ia_ifa.ifa_dstaddr = 917 (struct sockaddr *)&ia->ia_dstaddr; 918 } else { 919 ia->ia_ifa.ifa_dstaddr = NULL; 920 } 921 ia->ia_ifa.ifa_netmask = 922 (struct sockaddr *)&ia->ia_prefixmask; 923 924 ia->ia_ifp = ifp; 925 if ((oia = in6_ifaddr) != NULL) { 926 for ( ; oia->ia_next; oia = oia->ia_next) 927 continue; 928 oia->ia_next = ia; 929 } else 930 in6_ifaddr = ia; 931 /* gain a refcnt for the link from in6_ifaddr */ 932 ifaref(&ia->ia_ifa); 933 934 ifa_insert(ifp, &ia->ia_ifa); 935 } 936 937 /* update timestamp */ 938 ia->ia6_updatetime = time_uptime; 939 940 /* set prefix mask */ 941 if (ifra->ifra_prefixmask.sin6_len) { 942 /* 943 * We prohibit changing the prefix length of an existing 944 * address, because 945 * + such an operation should be rare in IPv6, and 946 * + the operation would confuse prefix management. 947 */ 948 if (ia->ia_prefixmask.sin6_len && 949 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) { 950 nd6log((LOG_INFO, "in6_update_ifa: the prefix length of an" 951 " existing (%s) address should not be changed\n", 952 ip6_sprintf(&ia->ia_addr.sin6_addr))); 953 error = EINVAL; 954 goto unlink; 955 } 956 ia->ia_prefixmask = ifra->ifra_prefixmask; 957 } 958 959 /* 960 * If a new destination address is specified, scrub the old one and 961 * install the new destination. Note that the interface must be 962 * p2p or loopback (see the check above.) 963 */ 964 if (dst6.sin6_family == AF_INET6 && 965 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, &ia->ia_dstaddr.sin6_addr)) { 966 if ((ia->ia_flags & IFA_ROUTE) != 0 && 967 rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST) != 0) { 968 nd6log((LOG_ERR, "in6_update_ifa: failed to remove " 969 "a route to the old destination: %s\n", 970 ip6_sprintf(&ia->ia_addr.sin6_addr))); 971 /* proceed anyway... */ 972 } else 973 ia->ia_flags &= ~IFA_ROUTE; 974 ia->ia_dstaddr = dst6; 975 } 976 977 /* 978 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred 979 * to see if the address is deprecated or invalidated, but initialize 980 * these members for applications. 981 */ 982 ia->ia6_lifetime = ifra->ifra_lifetime; 983 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 984 ia->ia6_lifetime.ia6t_expire = 985 time_uptime + ia->ia6_lifetime.ia6t_vltime; 986 } else 987 ia->ia6_lifetime.ia6t_expire = 0; 988 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 989 ia->ia6_lifetime.ia6t_preferred = 990 time_uptime + ia->ia6_lifetime.ia6t_pltime; 991 } else 992 ia->ia6_lifetime.ia6t_preferred = 0; 993 994 /* 995 * configure address flags. 996 * We need to preserve tentative state so DAD works if 997 * something adds the same address before DAD finishes. 998 */ 999 was_tentative = ia->ia6_flags & (IN6_IFF_TENTATIVE|IN6_IFF_DUPLICATED); 1000 ia->ia6_flags = ifra->ifra_flags; 1001 1002 /* 1003 * Make the address tentative before joining multicast addresses, 1004 * so that corresponding MLD responses would not have a tentative 1005 * source address. 1006 */ 1007 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */ 1008 if (ifp->if_link_state == LINK_STATE_DOWN) { 1009 ia->ia6_flags |= IN6_IFF_DETACHED; 1010 ia->ia6_flags &= ~IN6_IFF_TENTATIVE; 1011 } else if ((hostIsNew || was_tentative) && if_do_dad(ifp)) 1012 ia->ia6_flags |= IN6_IFF_TENTATIVE; 1013 1014 /* 1015 * backward compatibility - if IN6_IFF_DEPRECATED is set from the 1016 * userland, make it deprecated. 1017 */ 1018 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) { 1019 ia->ia6_lifetime.ia6t_pltime = 0; 1020 ia->ia6_lifetime.ia6t_preferred = time_uptime; 1021 } 1022 1023 /* reset the interface and routing table appropriately. */ 1024 if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0) 1025 goto unlink; 1026 /* 1027 * We are done if we have simply modified an existing address. 1028 */ 1029 if (!hostIsNew) 1030 return error; 1031 1032 /* 1033 * Beyond this point, we should call in6_purgeaddr upon an error, 1034 * not just go to unlink. 1035 */ 1036 1037 /* join necessary multicast groups */ 1038 if ((ifp->if_flags & IFF_MULTICAST) != 0) { 1039 struct sockaddr_in6 mltaddr, mltmask; 1040 struct in6_addr llsol; 1041 1042 /* join solicited multicast addr for new host id */ 1043 memset(&llsol, 0, sizeof(struct in6_addr)); 1044 llsol.s6_addr16[0] = htons(0xff02); 1045 llsol.s6_addr32[1] = 0; 1046 llsol.s6_addr32[2] = htonl(1); 1047 llsol.s6_addr32[3] = ifra->ifra_addr.sin6_addr.s6_addr32[3]; 1048 llsol.s6_addr8[12] = 0xff; 1049 if ((error = in6_setscope(&llsol, ifp, NULL)) != 0) { 1050 /* XXX: should not happen */ 1051 log(LOG_ERR, "in6_update_ifa: " 1052 "in6_setscope failed\n"); 1053 goto cleanup; 1054 } 1055 dad_delay = 0; 1056 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1057 /* 1058 * We need a random delay for DAD on the address 1059 * being configured. It also means delaying 1060 * transmission of the corresponding MLD report to 1061 * avoid report collision. 1062 * [draft-ietf-ipv6-rfc2462bis-02.txt] 1063 */ 1064 dad_delay = cprng_fast32() % 1065 (MAX_RTR_SOLICITATION_DELAY * hz); 1066 } 1067 1068 #define MLTMASK_LEN 4 /* mltmask's masklen (=32bit=4octet) */ 1069 /* join solicited multicast addr for new host id */ 1070 imm = in6_joingroup(ifp, &llsol, &error, dad_delay); 1071 if (!imm) { 1072 nd6log((LOG_ERR, 1073 "in6_update_ifa: addmulti " 1074 "failed for %s on %s (errno=%d)\n", 1075 ip6_sprintf(&llsol), if_name(ifp), error)); 1076 goto cleanup; 1077 } 1078 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1079 in6m_sol = imm->i6mm_maddr; 1080 1081 sockaddr_in6_init(&mltmask, &in6mask32, 0, 0, 0); 1082 1083 /* 1084 * join link-local all-nodes address 1085 */ 1086 sockaddr_in6_init(&mltaddr, &in6addr_linklocal_allnodes, 1087 0, 0, 0); 1088 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0) 1089 goto cleanup; /* XXX: should not fail */ 1090 1091 /* 1092 * XXX: do we really need this automatic routes? 1093 * We should probably reconsider this stuff. Most applications 1094 * actually do not need the routes, since they usually specify 1095 * the outgoing interface. 1096 */ 1097 rt = rtalloc1((struct sockaddr *)&mltaddr, 0); 1098 if (rt) { 1099 if (memcmp(&mltaddr.sin6_addr, 1100 &satocsin6(rt_getkey(rt))->sin6_addr, 1101 MLTMASK_LEN)) { 1102 rtfree(rt); 1103 rt = NULL; 1104 } else if (rt->rt_ifp != ifp) { 1105 IN6_DPRINTF("%s: rt_ifp %p -> %p (%s) " 1106 "network %04x:%04x::/32 = %04x:%04x::/32\n", 1107 __func__, rt->rt_ifp, ifp, ifp->if_xname, 1108 ntohs(mltaddr.sin6_addr.s6_addr16[0]), 1109 ntohs(mltaddr.sin6_addr.s6_addr16[1]), 1110 satocsin6(rt_getkey(rt))->sin6_addr.s6_addr16[0], 1111 satocsin6(rt_getkey(rt))->sin6_addr.s6_addr16[1]); 1112 rt_replace_ifa(rt, &ia->ia_ifa); 1113 rt->rt_ifp = ifp; 1114 } 1115 } 1116 if (!rt) { 1117 struct rt_addrinfo info; 1118 1119 memset(&info, 0, sizeof(info)); 1120 info.rti_info[RTAX_DST] = (struct sockaddr *)&mltaddr; 1121 info.rti_info[RTAX_GATEWAY] = 1122 (struct sockaddr *)&ia->ia_addr; 1123 info.rti_info[RTAX_NETMASK] = 1124 (struct sockaddr *)&mltmask; 1125 info.rti_info[RTAX_IFA] = 1126 (struct sockaddr *)&ia->ia_addr; 1127 /* XXX: we need RTF_CLONING to fake nd6_rtrequest */ 1128 info.rti_flags = RTF_UP | RTF_CLONING; 1129 error = rtrequest1(RTM_ADD, &info, NULL); 1130 if (error) 1131 goto cleanup; 1132 } else { 1133 rtfree(rt); 1134 } 1135 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0); 1136 if (!imm) { 1137 nd6log((LOG_WARNING, 1138 "in6_update_ifa: addmulti failed for " 1139 "%s on %s (errno=%d)\n", 1140 ip6_sprintf(&mltaddr.sin6_addr), 1141 if_name(ifp), error)); 1142 goto cleanup; 1143 } 1144 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1145 1146 /* 1147 * join node information group address 1148 */ 1149 dad_delay = 0; 1150 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1151 /* 1152 * The spec doesn't say anything about delay for this 1153 * group, but the same logic should apply. 1154 */ 1155 dad_delay = cprng_fast32() % 1156 (MAX_RTR_SOLICITATION_DELAY * hz); 1157 } 1158 if (in6_nigroup(ifp, hostname, hostnamelen, &mltaddr) != 0) 1159 ; 1160 else if ((imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 1161 dad_delay)) == NULL) { /* XXX jinmei */ 1162 nd6log((LOG_WARNING, "in6_update_ifa: " 1163 "addmulti failed for %s on %s (errno=%d)\n", 1164 ip6_sprintf(&mltaddr.sin6_addr), 1165 if_name(ifp), error)); 1166 /* XXX not very fatal, go on... */ 1167 } else { 1168 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1169 } 1170 1171 1172 /* 1173 * join interface-local all-nodes address. 1174 * (ff01::1%ifN, and ff01::%ifN/32) 1175 */ 1176 mltaddr.sin6_addr = in6addr_nodelocal_allnodes; 1177 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0) 1178 goto cleanup; /* XXX: should not fail */ 1179 1180 /* XXX: again, do we really need the route? */ 1181 rt = rtalloc1((struct sockaddr *)&mltaddr, 0); 1182 if (rt) { 1183 /* 32bit came from "mltmask" */ 1184 if (memcmp(&mltaddr.sin6_addr, 1185 &satocsin6(rt_getkey(rt))->sin6_addr, 1186 32 / NBBY)) { 1187 rtfree(rt); 1188 rt = NULL; 1189 } else if (rt->rt_ifp != ifp) { 1190 IN6_DPRINTF("%s: rt_ifp %p -> %p (%s) " 1191 "network %04x:%04x::/32 = %04x:%04x::/32\n", 1192 __func__, rt->rt_ifp, ifp, ifp->if_xname, 1193 ntohs(mltaddr.sin6_addr.s6_addr16[0]), 1194 ntohs(mltaddr.sin6_addr.s6_addr16[1]), 1195 satocsin6(rt_getkey(rt))->sin6_addr.s6_addr16[0], 1196 satocsin6(rt_getkey(rt))->sin6_addr.s6_addr16[1]); 1197 rt_replace_ifa(rt, &ia->ia_ifa); 1198 rt->rt_ifp = ifp; 1199 } 1200 } 1201 if (!rt) { 1202 struct rt_addrinfo info; 1203 1204 memset(&info, 0, sizeof(info)); 1205 info.rti_info[RTAX_DST] = (struct sockaddr *)&mltaddr; 1206 info.rti_info[RTAX_GATEWAY] = 1207 (struct sockaddr *)&ia->ia_addr; 1208 info.rti_info[RTAX_NETMASK] = 1209 (struct sockaddr *)&mltmask; 1210 info.rti_info[RTAX_IFA] = 1211 (struct sockaddr *)&ia->ia_addr; 1212 info.rti_flags = RTF_UP | RTF_CLONING; 1213 error = rtrequest1(RTM_ADD, &info, NULL); 1214 if (error) 1215 goto cleanup; 1216 #undef MLTMASK_LEN 1217 } else { 1218 rtfree(rt); 1219 } 1220 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0); 1221 if (!imm) { 1222 nd6log((LOG_WARNING, "in6_update_ifa: " 1223 "addmulti failed for %s on %s (errno=%d)\n", 1224 ip6_sprintf(&mltaddr.sin6_addr), 1225 if_name(ifp), error)); 1226 goto cleanup; 1227 } else { 1228 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1229 } 1230 } 1231 1232 /* 1233 * Perform DAD, if needed. 1234 * XXX It may be of use, if we can administratively 1235 * disable DAD. 1236 */ 1237 if (hostIsNew && if_do_dad(ifp) && 1238 ((ifra->ifra_flags & IN6_IFF_NODAD) == 0) && 1239 (ia->ia6_flags & IN6_IFF_TENTATIVE)) 1240 { 1241 int mindelay, maxdelay; 1242 1243 dad_delay = 0; 1244 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1245 /* 1246 * We need to impose a delay before sending an NS 1247 * for DAD. Check if we also needed a delay for the 1248 * corresponding MLD message. If we did, the delay 1249 * should be larger than the MLD delay (this could be 1250 * relaxed a bit, but this simple logic is at least 1251 * safe). 1252 */ 1253 mindelay = 0; 1254 if (in6m_sol != NULL && 1255 in6m_sol->in6m_state == MLD_REPORTPENDING) { 1256 mindelay = in6m_sol->in6m_timer; 1257 } 1258 maxdelay = MAX_RTR_SOLICITATION_DELAY * hz; 1259 if (maxdelay - mindelay == 0) 1260 dad_delay = 0; 1261 else { 1262 dad_delay = 1263 (cprng_fast32() % (maxdelay - mindelay)) + 1264 mindelay; 1265 } 1266 } 1267 /* +1 ensures callout is always used */ 1268 nd6_dad_start(&ia->ia_ifa, dad_delay + 1); 1269 } 1270 1271 return error; 1272 1273 unlink: 1274 /* 1275 * XXX: if a change of an existing address failed, keep the entry 1276 * anyway. 1277 */ 1278 if (hostIsNew) 1279 in6_unlink_ifa(ia, ifp); 1280 return error; 1281 1282 cleanup: 1283 in6_purgeaddr(&ia->ia_ifa); 1284 return error; 1285 } 1286 1287 int 1288 in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, 1289 struct in6_ifaddr *ia, int flags) 1290 { 1291 int rc, s; 1292 1293 s = splnet(); 1294 rc = in6_update_ifa1(ifp, ifra, ia, flags); 1295 splx(s); 1296 return rc; 1297 } 1298 1299 void 1300 in6_purgeaddr(struct ifaddr *ifa) 1301 { 1302 struct ifnet *ifp = ifa->ifa_ifp; 1303 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa; 1304 struct in6_multi_mship *imm; 1305 1306 /* stop DAD processing */ 1307 nd6_dad_stop(ifa); 1308 1309 /* 1310 * delete route to the destination of the address being purged. 1311 * The interface must be p2p or loopback in this case. 1312 */ 1313 if ((ia->ia_flags & IFA_ROUTE) != 0 && ia->ia_dstaddr.sin6_len != 0) { 1314 int e; 1315 1316 if ((e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) 1317 != 0) { 1318 log(LOG_ERR, "in6_purgeaddr: failed to remove " 1319 "a route to the p2p destination: %s on %s, " 1320 "errno=%d\n", 1321 ip6_sprintf(&ia->ia_addr.sin6_addr), if_name(ifp), 1322 e); 1323 /* proceed anyway... */ 1324 } else 1325 ia->ia_flags &= ~IFA_ROUTE; 1326 } 1327 1328 /* Remove ownaddr's loopback rtentry, if it exists. */ 1329 in6_ifremlocal(&(ia->ia_ifa)); 1330 1331 /* 1332 * leave from multicast groups we have joined for the interface 1333 */ 1334 while ((imm = LIST_FIRST(&ia->ia6_memberships)) != NULL) { 1335 LIST_REMOVE(imm, i6mm_chain); 1336 in6_leavegroup(imm); 1337 } 1338 1339 in6_unlink_ifa(ia, ifp); 1340 } 1341 1342 static void 1343 in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp) 1344 { 1345 struct in6_ifaddr *oia; 1346 int s = splnet(); 1347 1348 ifa_remove(ifp, &ia->ia_ifa); 1349 1350 oia = ia; 1351 if (oia == (ia = in6_ifaddr)) 1352 in6_ifaddr = ia->ia_next; 1353 else { 1354 while (ia->ia_next && (ia->ia_next != oia)) 1355 ia = ia->ia_next; 1356 if (ia->ia_next) 1357 ia->ia_next = oia->ia_next; 1358 else { 1359 /* search failed */ 1360 printf("Couldn't unlink in6_ifaddr from in6_ifaddr\n"); 1361 } 1362 } 1363 1364 /* 1365 * XXX thorpej@NetBSD.org -- if the interface is going 1366 * XXX away, don't save the multicast entries, delete them! 1367 */ 1368 if (LIST_EMPTY(&oia->ia6_multiaddrs)) 1369 ; 1370 else if (oia->ia_ifa.ifa_ifp->if_output == if_nulloutput) { 1371 struct in6_multi *in6m, *next; 1372 1373 for (in6m = LIST_FIRST(&oia->ia6_multiaddrs); in6m != NULL; 1374 in6m = next) { 1375 next = LIST_NEXT(in6m, in6m_entry); 1376 in6_delmulti(in6m); 1377 } 1378 } else 1379 in6_savemkludge(oia); 1380 1381 /* 1382 * Release the reference to the base prefix. There should be a 1383 * positive reference. 1384 */ 1385 if (oia->ia6_ndpr == NULL) { 1386 nd6log((LOG_NOTICE, "in6_unlink_ifa: autoconf'ed address " 1387 "%p has no prefix\n", oia)); 1388 } else { 1389 oia->ia6_ndpr->ndpr_refcnt--; 1390 oia->ia6_ndpr = NULL; 1391 } 1392 1393 /* 1394 * Also, if the address being removed is autoconf'ed, call 1395 * pfxlist_onlink_check() since the release might affect the status of 1396 * other (detached) addresses. 1397 */ 1398 if ((oia->ia6_flags & IN6_IFF_AUTOCONF) != 0) 1399 pfxlist_onlink_check(); 1400 1401 /* 1402 * release another refcnt for the link from in6_ifaddr. 1403 * Note that we should decrement the refcnt at least once for all *BSD. 1404 */ 1405 ifafree(&oia->ia_ifa); 1406 1407 splx(s); 1408 } 1409 1410 void 1411 in6_purgeif(struct ifnet *ifp) 1412 { 1413 if_purgeaddrs(ifp, AF_INET6, in6_purgeaddr); 1414 1415 in6_ifdetach(ifp); 1416 } 1417 1418 /* 1419 * SIOC[GAD]LIFADDR. 1420 * SIOCGLIFADDR: get first address. (?) 1421 * SIOCGLIFADDR with IFLR_PREFIX: 1422 * get first address that matches the specified prefix. 1423 * SIOCALIFADDR: add the specified address. 1424 * SIOCALIFADDR with IFLR_PREFIX: 1425 * add the specified prefix, filling hostid part from 1426 * the first link-local address. prefixlen must be <= 64. 1427 * SIOCDLIFADDR: delete the specified address. 1428 * SIOCDLIFADDR with IFLR_PREFIX: 1429 * delete the first address that matches the specified prefix. 1430 * return values: 1431 * EINVAL on invalid parameters 1432 * EADDRNOTAVAIL on prefix match failed/specified address not found 1433 * other values may be returned from in6_ioctl() 1434 * 1435 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64. 1436 * this is to accommodate address naming scheme other than RFC2374, 1437 * in the future. 1438 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374 1439 * address encoding scheme. (see figure on page 8) 1440 */ 1441 static int 1442 in6_lifaddr_ioctl(struct socket *so, u_long cmd, void *data, 1443 struct ifnet *ifp) 1444 { 1445 struct in6_ifaddr *ia; 1446 struct if_laddrreq *iflr = (struct if_laddrreq *)data; 1447 struct ifaddr *ifa; 1448 struct sockaddr *sa; 1449 1450 /* sanity checks */ 1451 if (!data || !ifp) { 1452 panic("invalid argument to in6_lifaddr_ioctl"); 1453 /* NOTREACHED */ 1454 } 1455 1456 switch (cmd) { 1457 case SIOCGLIFADDR: 1458 /* address must be specified on GET with IFLR_PREFIX */ 1459 if ((iflr->flags & IFLR_PREFIX) == 0) 1460 break; 1461 /* FALLTHROUGH */ 1462 case SIOCALIFADDR: 1463 case SIOCDLIFADDR: 1464 /* address must be specified on ADD and DELETE */ 1465 sa = (struct sockaddr *)&iflr->addr; 1466 if (sa->sa_family != AF_INET6) 1467 return EINVAL; 1468 if (sa->sa_len != sizeof(struct sockaddr_in6)) 1469 return EINVAL; 1470 /* XXX need improvement */ 1471 sa = (struct sockaddr *)&iflr->dstaddr; 1472 if (sa->sa_family && sa->sa_family != AF_INET6) 1473 return EINVAL; 1474 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6)) 1475 return EINVAL; 1476 break; 1477 default: /* shouldn't happen */ 1478 #if 0 1479 panic("invalid cmd to in6_lifaddr_ioctl"); 1480 /* NOTREACHED */ 1481 #else 1482 return EOPNOTSUPP; 1483 #endif 1484 } 1485 if (sizeof(struct in6_addr) * NBBY < iflr->prefixlen) 1486 return EINVAL; 1487 1488 switch (cmd) { 1489 case SIOCALIFADDR: 1490 { 1491 struct in6_aliasreq ifra; 1492 struct in6_addr *xhostid = NULL; 1493 int prefixlen; 1494 1495 if ((iflr->flags & IFLR_PREFIX) != 0) { 1496 struct sockaddr_in6 *sin6; 1497 1498 /* 1499 * xhostid is to fill in the hostid part of the 1500 * address. xhostid points to the first link-local 1501 * address attached to the interface. 1502 */ 1503 ia = in6ifa_ifpforlinklocal(ifp, 0); 1504 if (ia == NULL) 1505 return EADDRNOTAVAIL; 1506 xhostid = IFA_IN6(&ia->ia_ifa); 1507 1508 /* prefixlen must be <= 64. */ 1509 if (64 < iflr->prefixlen) 1510 return EINVAL; 1511 prefixlen = iflr->prefixlen; 1512 1513 /* hostid part must be zero. */ 1514 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1515 if (sin6->sin6_addr.s6_addr32[2] != 0 1516 || sin6->sin6_addr.s6_addr32[3] != 0) { 1517 return EINVAL; 1518 } 1519 } else 1520 prefixlen = iflr->prefixlen; 1521 1522 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */ 1523 memset(&ifra, 0, sizeof(ifra)); 1524 memcpy(ifra.ifra_name, iflr->iflr_name, sizeof(ifra.ifra_name)); 1525 1526 memcpy(&ifra.ifra_addr, &iflr->addr, 1527 ((struct sockaddr *)&iflr->addr)->sa_len); 1528 if (xhostid) { 1529 /* fill in hostid part */ 1530 ifra.ifra_addr.sin6_addr.s6_addr32[2] = 1531 xhostid->s6_addr32[2]; 1532 ifra.ifra_addr.sin6_addr.s6_addr32[3] = 1533 xhostid->s6_addr32[3]; 1534 } 1535 1536 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /* XXX */ 1537 memcpy(&ifra.ifra_dstaddr, &iflr->dstaddr, 1538 ((struct sockaddr *)&iflr->dstaddr)->sa_len); 1539 if (xhostid) { 1540 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] = 1541 xhostid->s6_addr32[2]; 1542 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] = 1543 xhostid->s6_addr32[3]; 1544 } 1545 } 1546 1547 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6); 1548 in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen); 1549 1550 ifra.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME; 1551 ifra.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME; 1552 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX; 1553 return in6_control(so, SIOCAIFADDR_IN6, &ifra, ifp); 1554 } 1555 case SIOCGLIFADDR: 1556 case SIOCDLIFADDR: 1557 { 1558 struct in6_addr mask, candidate, match; 1559 struct sockaddr_in6 *sin6; 1560 int cmp; 1561 1562 memset(&mask, 0, sizeof(mask)); 1563 if (iflr->flags & IFLR_PREFIX) { 1564 /* lookup a prefix rather than address. */ 1565 in6_prefixlen2mask(&mask, iflr->prefixlen); 1566 1567 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1568 memcpy(&match, &sin6->sin6_addr, sizeof(match)); 1569 match.s6_addr32[0] &= mask.s6_addr32[0]; 1570 match.s6_addr32[1] &= mask.s6_addr32[1]; 1571 match.s6_addr32[2] &= mask.s6_addr32[2]; 1572 match.s6_addr32[3] &= mask.s6_addr32[3]; 1573 1574 /* if you set extra bits, that's wrong */ 1575 if (memcmp(&match, &sin6->sin6_addr, sizeof(match))) 1576 return EINVAL; 1577 1578 cmp = 1; 1579 } else { 1580 if (cmd == SIOCGLIFADDR) { 1581 /* on getting an address, take the 1st match */ 1582 cmp = 0; /* XXX */ 1583 } else { 1584 /* on deleting an address, do exact match */ 1585 in6_prefixlen2mask(&mask, 128); 1586 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1587 memcpy(&match, &sin6->sin6_addr, sizeof(match)); 1588 1589 cmp = 1; 1590 } 1591 } 1592 1593 IFADDR_FOREACH(ifa, ifp) { 1594 if (ifa->ifa_addr->sa_family != AF_INET6) 1595 continue; 1596 if (!cmp) 1597 break; 1598 1599 /* 1600 * XXX: this is adhoc, but is necessary to allow 1601 * a user to specify fe80::/64 (not /10) for a 1602 * link-local address. 1603 */ 1604 memcpy(&candidate, IFA_IN6(ifa), sizeof(candidate)); 1605 in6_clearscope(&candidate); 1606 candidate.s6_addr32[0] &= mask.s6_addr32[0]; 1607 candidate.s6_addr32[1] &= mask.s6_addr32[1]; 1608 candidate.s6_addr32[2] &= mask.s6_addr32[2]; 1609 candidate.s6_addr32[3] &= mask.s6_addr32[3]; 1610 if (IN6_ARE_ADDR_EQUAL(&candidate, &match)) 1611 break; 1612 } 1613 if (!ifa) 1614 return EADDRNOTAVAIL; 1615 ia = ifa2ia6(ifa); 1616 1617 if (cmd == SIOCGLIFADDR) { 1618 int error; 1619 1620 /* fill in the if_laddrreq structure */ 1621 memcpy(&iflr->addr, &ia->ia_addr, ia->ia_addr.sin6_len); 1622 error = sa6_recoverscope( 1623 (struct sockaddr_in6 *)&iflr->addr); 1624 if (error != 0) 1625 return error; 1626 1627 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1628 memcpy(&iflr->dstaddr, &ia->ia_dstaddr, 1629 ia->ia_dstaddr.sin6_len); 1630 error = sa6_recoverscope( 1631 (struct sockaddr_in6 *)&iflr->dstaddr); 1632 if (error != 0) 1633 return error; 1634 } else 1635 memset(&iflr->dstaddr, 0, sizeof(iflr->dstaddr)); 1636 1637 iflr->prefixlen = 1638 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 1639 1640 iflr->flags = ia->ia6_flags; /* XXX */ 1641 1642 return 0; 1643 } else { 1644 struct in6_aliasreq ifra; 1645 1646 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */ 1647 memset(&ifra, 0, sizeof(ifra)); 1648 memcpy(ifra.ifra_name, iflr->iflr_name, 1649 sizeof(ifra.ifra_name)); 1650 1651 memcpy(&ifra.ifra_addr, &ia->ia_addr, 1652 ia->ia_addr.sin6_len); 1653 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1654 memcpy(&ifra.ifra_dstaddr, &ia->ia_dstaddr, 1655 ia->ia_dstaddr.sin6_len); 1656 } else { 1657 memset(&ifra.ifra_dstaddr, 0, 1658 sizeof(ifra.ifra_dstaddr)); 1659 } 1660 memcpy(&ifra.ifra_dstaddr, &ia->ia_prefixmask, 1661 ia->ia_prefixmask.sin6_len); 1662 1663 ifra.ifra_flags = ia->ia6_flags; 1664 return in6_control(so, SIOCDIFADDR_IN6, &ifra, ifp); 1665 } 1666 } 1667 } 1668 1669 return EOPNOTSUPP; /* just for safety */ 1670 } 1671 1672 /* 1673 * Initialize an interface's internet6 address 1674 * and routing table entry. 1675 */ 1676 static int 1677 in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia, 1678 const struct sockaddr_in6 *sin6, int newhost) 1679 { 1680 int error = 0, plen, ifacount = 0; 1681 int s = splnet(); 1682 struct ifaddr *ifa; 1683 1684 /* 1685 * Give the interface a chance to initialize 1686 * if this is its first address, 1687 * and to validate the address if necessary. 1688 */ 1689 IFADDR_FOREACH(ifa, ifp) { 1690 if (ifa->ifa_addr == NULL) 1691 continue; /* just for safety */ 1692 if (ifa->ifa_addr->sa_family != AF_INET6) 1693 continue; 1694 ifacount++; 1695 } 1696 1697 ia->ia_addr = *sin6; 1698 1699 if (ifacount <= 1 && 1700 (error = if_addr_init(ifp, &ia->ia_ifa, true)) != 0) { 1701 splx(s); 1702 return error; 1703 } 1704 splx(s); 1705 1706 ia->ia_ifa.ifa_metric = ifp->if_metric; 1707 1708 /* we could do in(6)_socktrim here, but just omit it at this moment. */ 1709 1710 /* 1711 * Special case: 1712 * If the destination address is specified for a point-to-point 1713 * interface, install a route to the destination as an interface 1714 * direct route. 1715 */ 1716 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ 1717 if (plen == 128 && ia->ia_dstaddr.sin6_family == AF_INET6) { 1718 if ((error = rtinit(&ia->ia_ifa, RTM_ADD, 1719 RTF_UP | RTF_HOST)) != 0) 1720 return error; 1721 ia->ia_flags |= IFA_ROUTE; 1722 } 1723 1724 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */ 1725 if (newhost) { 1726 /* set the rtrequest function to create llinfo */ 1727 if (ifp->if_flags & IFF_POINTOPOINT) 1728 ia->ia_ifa.ifa_rtrequest = p2p_rtrequest; 1729 else if ((ifp->if_flags & IFF_LOOPBACK) == 0) 1730 ia->ia_ifa.ifa_rtrequest = nd6_rtrequest; 1731 in6_ifaddlocal(&ia->ia_ifa); 1732 } else { 1733 /* Inform the routing socket of new flags/timings */ 1734 rt_newaddrmsg(RTM_NEWADDR, &ia->ia_ifa, 0, NULL); 1735 } 1736 1737 if (ifp->if_flags & IFF_MULTICAST) 1738 in6_restoremkludge(ia, ifp); 1739 1740 return error; 1741 } 1742 1743 static struct ifaddr * 1744 bestifa(struct ifaddr *best_ifa, struct ifaddr *ifa) 1745 { 1746 if (best_ifa == NULL || best_ifa->ifa_preference < ifa->ifa_preference) 1747 return ifa; 1748 return best_ifa; 1749 } 1750 1751 /* 1752 * Find an IPv6 interface link-local address specific to an interface. 1753 */ 1754 struct in6_ifaddr * 1755 in6ifa_ifpforlinklocal(const struct ifnet *ifp, const int ignoreflags) 1756 { 1757 struct ifaddr *best_ifa = NULL, *ifa; 1758 1759 IFADDR_FOREACH(ifa, ifp) { 1760 if (ifa->ifa_addr == NULL) 1761 continue; /* just for safety */ 1762 if (ifa->ifa_addr->sa_family != AF_INET6) 1763 continue; 1764 if (!IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) 1765 continue; 1766 if ((((struct in6_ifaddr *)ifa)->ia6_flags & ignoreflags) != 0) 1767 continue; 1768 best_ifa = bestifa(best_ifa, ifa); 1769 } 1770 1771 return (struct in6_ifaddr *)best_ifa; 1772 } 1773 1774 /* 1775 * find the internet address corresponding to a given address. 1776 * ifaddr is returned referenced. 1777 */ 1778 struct in6_ifaddr * 1779 in6ifa_ifwithaddr(const struct in6_addr *addr, uint32_t zoneid) 1780 { 1781 struct in6_ifaddr *ia; 1782 1783 #ifdef __FreeBSD__ 1784 IN6_IFADDR_RLOCK(); 1785 LIST_FOREACH(ia, IN6ADDR_HASH(addr), ia6_hash) { 1786 #else 1787 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 1788 #endif 1789 if (IN6_ARE_ADDR_EQUAL(IA6_IN6(ia), addr)) { 1790 if (zoneid != 0 && 1791 zoneid != ia->ia_addr.sin6_scope_id) 1792 continue; 1793 ifaref(&ia->ia_ifa); 1794 break; 1795 } 1796 } 1797 #ifdef __FreeBSD__ 1798 IN6_IFADDR_RUNLOCK(); 1799 #endif 1800 return ia; 1801 } 1802 1803 /* 1804 * find the internet address corresponding to a given interface and address. 1805 */ 1806 struct in6_ifaddr * 1807 in6ifa_ifpwithaddr(const struct ifnet *ifp, const struct in6_addr *addr) 1808 { 1809 struct ifaddr *best_ifa = NULL, *ifa; 1810 1811 IFADDR_FOREACH(ifa, ifp) { 1812 if (ifa->ifa_addr == NULL) 1813 continue; /* just for safety */ 1814 if (ifa->ifa_addr->sa_family != AF_INET6) 1815 continue; 1816 if (!IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) 1817 continue; 1818 best_ifa = bestifa(best_ifa, ifa); 1819 } 1820 1821 return (struct in6_ifaddr *)best_ifa; 1822 } 1823 1824 static struct in6_ifaddr * 1825 bestia(struct in6_ifaddr *best_ia, struct in6_ifaddr *ia) 1826 { 1827 if (best_ia == NULL || 1828 best_ia->ia_ifa.ifa_preference < ia->ia_ifa.ifa_preference) 1829 return ia; 1830 return best_ia; 1831 } 1832 1833 /* 1834 * Convert IP6 address to printable (loggable) representation. 1835 */ 1836 char * 1837 ip6_sprintf(const struct in6_addr *addr) 1838 { 1839 static int ip6round = 0; 1840 static char ip6buf[8][INET6_ADDRSTRLEN]; 1841 char *cp = ip6buf[ip6round++ & 7]; 1842 1843 in6_print(cp, INET6_ADDRSTRLEN, addr); 1844 return cp; 1845 } 1846 1847 /* 1848 * Determine if an address is on a local network. 1849 */ 1850 int 1851 in6_localaddr(const struct in6_addr *in6) 1852 { 1853 struct in6_ifaddr *ia; 1854 1855 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6)) 1856 return 1; 1857 1858 for (ia = in6_ifaddr; ia; ia = ia->ia_next) 1859 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr, 1860 &ia->ia_prefixmask.sin6_addr)) 1861 return 1; 1862 1863 return 0; 1864 } 1865 1866 int 1867 in6_is_addr_deprecated(struct sockaddr_in6 *sa6) 1868 { 1869 struct in6_ifaddr *ia; 1870 1871 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 1872 if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, 1873 &sa6->sin6_addr) && 1874 #ifdef SCOPEDROUTING 1875 ia->ia_addr.sin6_scope_id == sa6->sin6_scope_id && 1876 #endif 1877 (ia->ia6_flags & IN6_IFF_DEPRECATED) != 0) 1878 return 1; /* true */ 1879 1880 /* XXX: do we still have to go thru the rest of the list? */ 1881 } 1882 1883 return 0; /* false */ 1884 } 1885 1886 /* 1887 * return length of part which dst and src are equal 1888 * hard coding... 1889 */ 1890 int 1891 in6_matchlen(struct in6_addr *src, struct in6_addr *dst) 1892 { 1893 int match = 0; 1894 u_char *s = (u_char *)src, *d = (u_char *)dst; 1895 u_char *lim = s + 16, r; 1896 1897 while (s < lim) 1898 if ((r = (*d++ ^ *s++)) != 0) { 1899 while (r < 128) { 1900 match++; 1901 r <<= 1; 1902 } 1903 break; 1904 } else 1905 match += NBBY; 1906 return match; 1907 } 1908 1909 /* XXX: to be scope conscious */ 1910 int 1911 in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len) 1912 { 1913 int bytelen, bitlen; 1914 1915 /* sanity check */ 1916 if (len < 0 || len > 128) { 1917 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n", 1918 len); 1919 return 0; 1920 } 1921 1922 bytelen = len / NBBY; 1923 bitlen = len % NBBY; 1924 1925 if (memcmp(&p1->s6_addr, &p2->s6_addr, bytelen)) 1926 return 0; 1927 if (bitlen != 0 && 1928 p1->s6_addr[bytelen] >> (NBBY - bitlen) != 1929 p2->s6_addr[bytelen] >> (NBBY - bitlen)) 1930 return 0; 1931 1932 return 1; 1933 } 1934 1935 void 1936 in6_prefixlen2mask(struct in6_addr *maskp, int len) 1937 { 1938 static const u_char maskarray[NBBY] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff}; 1939 int bytelen, bitlen, i; 1940 1941 /* sanity check */ 1942 if (len < 0 || len > 128) { 1943 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n", 1944 len); 1945 return; 1946 } 1947 1948 memset(maskp, 0, sizeof(*maskp)); 1949 bytelen = len / NBBY; 1950 bitlen = len % NBBY; 1951 for (i = 0; i < bytelen; i++) 1952 maskp->s6_addr[i] = 0xff; 1953 if (bitlen) 1954 maskp->s6_addr[bytelen] = maskarray[bitlen - 1]; 1955 } 1956 1957 /* 1958 * return the best address out of the same scope. if no address was 1959 * found, return the first valid address from designated IF. 1960 */ 1961 struct in6_ifaddr * 1962 in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst) 1963 { 1964 int dst_scope = in6_addrscope(dst), blen = -1, tlen; 1965 struct ifaddr *ifa; 1966 struct in6_ifaddr *best_ia = NULL, *ia; 1967 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */ 1968 1969 dep[0] = dep[1] = NULL; 1970 1971 /* 1972 * We first look for addresses in the same scope. 1973 * If there is one, return it. 1974 * If two or more, return one which matches the dst longest. 1975 * If none, return one of global addresses assigned other ifs. 1976 */ 1977 IFADDR_FOREACH(ifa, ifp) { 1978 if (ifa->ifa_addr->sa_family != AF_INET6) 1979 continue; 1980 ia = (struct in6_ifaddr *)ifa; 1981 if (ia->ia6_flags & IN6_IFF_ANYCAST) 1982 continue; /* XXX: is there any case to allow anycast? */ 1983 if (ia->ia6_flags & IN6_IFF_NOTREADY) 1984 continue; /* don't use this interface */ 1985 if (ia->ia6_flags & IN6_IFF_DETACHED) 1986 continue; 1987 if (ia->ia6_flags & IN6_IFF_DEPRECATED) { 1988 if (ip6_use_deprecated) 1989 dep[0] = ia; 1990 continue; 1991 } 1992 1993 if (dst_scope != in6_addrscope(IFA_IN6(ifa))) 1994 continue; 1995 /* 1996 * call in6_matchlen() as few as possible 1997 */ 1998 if (best_ia == NULL) { 1999 best_ia = ia; 2000 continue; 2001 } 2002 if (blen == -1) 2003 blen = in6_matchlen(&best_ia->ia_addr.sin6_addr, dst); 2004 tlen = in6_matchlen(IFA_IN6(ifa), dst); 2005 if (tlen > blen) { 2006 blen = tlen; 2007 best_ia = ia; 2008 } else if (tlen == blen) 2009 best_ia = bestia(best_ia, ia); 2010 } 2011 if (best_ia != NULL) 2012 return best_ia; 2013 2014 IFADDR_FOREACH(ifa, ifp) { 2015 if (ifa->ifa_addr->sa_family != AF_INET6) 2016 continue; 2017 ia = (struct in6_ifaddr *)ifa; 2018 if (ia->ia6_flags & IN6_IFF_ANYCAST) 2019 continue; /* XXX: is there any case to allow anycast? */ 2020 if (ia->ia6_flags & IN6_IFF_NOTREADY) 2021 continue; /* don't use this interface */ 2022 if (ia->ia6_flags & IN6_IFF_DETACHED) 2023 continue; 2024 if (ia->ia6_flags & IN6_IFF_DEPRECATED) { 2025 if (ip6_use_deprecated) 2026 dep[1] = (struct in6_ifaddr *)ifa; 2027 continue; 2028 } 2029 2030 best_ia = bestia(best_ia, ia); 2031 } 2032 if (best_ia != NULL) 2033 return best_ia; 2034 2035 /* use the last-resort values, that are, deprecated addresses */ 2036 if (dep[0]) 2037 return dep[0]; 2038 if (dep[1]) 2039 return dep[1]; 2040 2041 return NULL; 2042 } 2043 2044 /* 2045 * perform DAD when interface becomes IFF_UP. 2046 */ 2047 void 2048 in6_if_link_up(struct ifnet *ifp) 2049 { 2050 struct ifaddr *ifa; 2051 struct in6_ifaddr *ia; 2052 2053 /* Ensure it's sane to run DAD */ 2054 if (ifp->if_link_state == LINK_STATE_DOWN) 2055 return; 2056 if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) != (IFF_UP|IFF_RUNNING)) 2057 return; 2058 2059 IFADDR_FOREACH(ifa, ifp) { 2060 if (ifa->ifa_addr->sa_family != AF_INET6) 2061 continue; 2062 ia = (struct in6_ifaddr *)ifa; 2063 2064 /* If detached then mark as tentative */ 2065 if (ia->ia6_flags & IN6_IFF_DETACHED) { 2066 ia->ia6_flags &= ~IN6_IFF_DETACHED; 2067 if (if_do_dad(ifp)) { 2068 ia->ia6_flags |= IN6_IFF_TENTATIVE; 2069 nd6log((LOG_ERR, "in6_if_up: " 2070 "%s marked tentative\n", 2071 ip6_sprintf(&ia->ia_addr.sin6_addr))); 2072 } else if ((ia->ia6_flags & IN6_IFF_TENTATIVE) == 0) 2073 rt_newaddrmsg(RTM_NEWADDR, ifa, 0, NULL); 2074 } 2075 2076 if (ia->ia6_flags & IN6_IFF_TENTATIVE) { 2077 int rand_delay; 2078 2079 /* Clear the duplicated flag as we're starting DAD. */ 2080 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; 2081 2082 /* 2083 * The TENTATIVE flag was likely set by hand 2084 * beforehand, implicitly indicating the need for DAD. 2085 * We may be able to skip the random delay in this 2086 * case, but we impose delays just in case. 2087 */ 2088 rand_delay = cprng_fast32() % 2089 (MAX_RTR_SOLICITATION_DELAY * hz); 2090 /* +1 ensures callout is always used */ 2091 nd6_dad_start(ifa, rand_delay + 1); 2092 } 2093 } 2094 2095 /* Restore any detached prefixes */ 2096 pfxlist_onlink_check(); 2097 } 2098 2099 void 2100 in6_if_up(struct ifnet *ifp) 2101 { 2102 2103 /* 2104 * special cases, like 6to4, are handled in in6_ifattach 2105 */ 2106 in6_ifattach(ifp, NULL); 2107 2108 /* interface may not support link state, so bring it up also */ 2109 in6_if_link_up(ifp); 2110 } 2111 2112 /* 2113 * Mark all addresses as detached. 2114 */ 2115 void 2116 in6_if_link_down(struct ifnet *ifp) 2117 { 2118 struct ifaddr *ifa; 2119 struct in6_ifaddr *ia; 2120 2121 /* Any prefixes on this interface should be detached as well */ 2122 pfxlist_onlink_check(); 2123 2124 IFADDR_FOREACH(ifa, ifp) { 2125 if (ifa->ifa_addr->sa_family != AF_INET6) 2126 continue; 2127 ia = (struct in6_ifaddr *)ifa; 2128 2129 /* Stop DAD processing */ 2130 nd6_dad_stop(ifa); 2131 2132 /* 2133 * Mark the address as detached. 2134 * This satisfies RFC4862 Section 5.3, but we should apply 2135 * this logic to all addresses to be a good citizen and 2136 * avoid potential duplicated addresses. 2137 * When the interface comes up again, detached addresses 2138 * are marked tentative and DAD commences. 2139 */ 2140 if (!(ia->ia6_flags & IN6_IFF_DETACHED)) { 2141 nd6log((LOG_DEBUG, "in6_if_down: " 2142 "%s marked detached\n", 2143 ip6_sprintf(&ia->ia_addr.sin6_addr))); 2144 ia->ia6_flags |= IN6_IFF_DETACHED; 2145 ia->ia6_flags &= 2146 ~(IN6_IFF_TENTATIVE | IN6_IFF_DUPLICATED); 2147 rt_newaddrmsg(RTM_NEWADDR, ifa, 0, NULL); 2148 } 2149 } 2150 } 2151 2152 void 2153 in6_if_down(struct ifnet *ifp) 2154 { 2155 2156 in6_if_link_down(ifp); 2157 } 2158 2159 void 2160 in6_if_link_state_change(struct ifnet *ifp, int link_state) 2161 { 2162 2163 switch (link_state) { 2164 case LINK_STATE_DOWN: 2165 in6_if_link_down(ifp); 2166 break; 2167 case LINK_STATE_UP: 2168 in6_if_link_up(ifp); 2169 break; 2170 } 2171 } 2172 2173 /* 2174 * Calculate max IPv6 MTU through all the interfaces and store it 2175 * to in6_maxmtu. 2176 */ 2177 void 2178 in6_setmaxmtu(void) 2179 { 2180 unsigned long maxmtu = 0; 2181 struct ifnet *ifp; 2182 2183 IFNET_FOREACH(ifp) { 2184 /* this function can be called during ifnet initialization */ 2185 if (!ifp->if_afdata[AF_INET6]) 2186 continue; 2187 if ((ifp->if_flags & IFF_LOOPBACK) == 0 && 2188 IN6_LINKMTU(ifp) > maxmtu) 2189 maxmtu = IN6_LINKMTU(ifp); 2190 } 2191 if (maxmtu) /* update only when maxmtu is positive */ 2192 in6_maxmtu = maxmtu; 2193 } 2194 2195 /* 2196 * Provide the length of interface identifiers to be used for the link attached 2197 * to the given interface. The length should be defined in "IPv6 over 2198 * xxx-link" document. Note that address architecture might also define 2199 * the length for a particular set of address prefixes, regardless of the 2200 * link type. As clarified in rfc2462bis, those two definitions should be 2201 * consistent, and those really are as of August 2004. 2202 */ 2203 int 2204 in6_if2idlen(struct ifnet *ifp) 2205 { 2206 switch (ifp->if_type) { 2207 case IFT_ETHER: /* RFC2464 */ 2208 case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */ 2209 case IFT_L2VLAN: /* ditto */ 2210 case IFT_IEEE80211: /* ditto */ 2211 case IFT_FDDI: /* RFC2467 */ 2212 case IFT_ISO88025: /* RFC2470 (IPv6 over Token Ring) */ 2213 case IFT_PPP: /* RFC2472 */ 2214 case IFT_ARCNET: /* RFC2497 */ 2215 case IFT_FRELAY: /* RFC2590 */ 2216 case IFT_IEEE1394: /* RFC3146 */ 2217 case IFT_GIF: /* draft-ietf-v6ops-mech-v2-07 */ 2218 case IFT_LOOP: /* XXX: is this really correct? */ 2219 return 64; 2220 default: 2221 /* 2222 * Unknown link type: 2223 * It might be controversial to use the today's common constant 2224 * of 64 for these cases unconditionally. For full compliance, 2225 * we should return an error in this case. On the other hand, 2226 * if we simply miss the standard for the link type or a new 2227 * standard is defined for a new link type, the IFID length 2228 * is very likely to be the common constant. As a compromise, 2229 * we always use the constant, but make an explicit notice 2230 * indicating the "unknown" case. 2231 */ 2232 printf("in6_if2idlen: unknown link type (%d)\n", ifp->if_type); 2233 return 64; 2234 } 2235 } 2236 2237 struct in6_llentry { 2238 struct llentry base; 2239 }; 2240 2241 #define IN6_LLTBL_DEFAULT_HSIZE 32 2242 #define IN6_LLTBL_HASH(k, h) \ 2243 (((((((k >> 8) ^ k) >> 8) ^ k) >> 8) ^ k) & ((h) - 1)) 2244 2245 /* 2246 * Do actual deallocation of @lle. 2247 * Called by LLE_FREE_LOCKED when number of references 2248 * drops to zero. 2249 */ 2250 static void 2251 in6_lltable_destroy_lle(struct llentry *lle) 2252 { 2253 2254 LLE_WUNLOCK(lle); 2255 LLE_LOCK_DESTROY(lle); 2256 kmem_intr_free(lle, sizeof(struct in6_llentry)); 2257 } 2258 2259 static struct llentry * 2260 in6_lltable_new(const struct in6_addr *addr6, u_int flags) 2261 { 2262 struct in6_llentry *lle; 2263 2264 lle = kmem_intr_zalloc(sizeof(struct in6_llentry), KM_NOSLEEP); 2265 if (lle == NULL) /* NB: caller generates msg */ 2266 return NULL; 2267 2268 lle->base.r_l3addr.addr6 = *addr6; 2269 lle->base.lle_refcnt = 1; 2270 lle->base.lle_free = in6_lltable_destroy_lle; 2271 LLE_LOCK_INIT(&lle->base); 2272 callout_init(&lle->base.lle_timer, CALLOUT_MPSAFE); 2273 2274 return &lle->base; 2275 } 2276 2277 static int 2278 in6_lltable_match_prefix(const struct sockaddr *prefix, 2279 const struct sockaddr *mask, u_int flags, struct llentry *lle) 2280 { 2281 const struct sockaddr_in6 *pfx = (const struct sockaddr_in6 *)prefix; 2282 const struct sockaddr_in6 *msk = (const struct sockaddr_in6 *)mask; 2283 2284 if (IN6_ARE_MASKED_ADDR_EQUAL(&lle->r_l3addr.addr6, 2285 &pfx->sin6_addr, &msk->sin6_addr) && 2286 ((flags & LLE_STATIC) || !(lle->la_flags & LLE_STATIC))) 2287 return 1; 2288 2289 return 0; 2290 } 2291 2292 static void 2293 in6_lltable_free_entry(struct lltable *llt, struct llentry *lle) 2294 { 2295 struct ifnet *ifp __diagused; 2296 2297 LLE_WLOCK_ASSERT(lle); 2298 KASSERT(llt != NULL); 2299 2300 /* Unlink entry from table */ 2301 if ((lle->la_flags & LLE_LINKED) != 0) { 2302 2303 ifp = llt->llt_ifp; 2304 IF_AFDATA_WLOCK_ASSERT(ifp); 2305 lltable_unlink_entry(llt, lle); 2306 } 2307 2308 KASSERT(mutex_owned(softnet_lock)); 2309 callout_halt(&lle->lle_timer, softnet_lock); 2310 LLE_REMREF(lle); 2311 2312 llentry_free(lle); 2313 } 2314 2315 static int 2316 in6_lltable_rtcheck(struct ifnet *ifp, 2317 u_int flags, 2318 const struct sockaddr *l3addr) 2319 { 2320 struct rtentry *rt; 2321 2322 KASSERTMSG(l3addr->sa_family == AF_INET6, 2323 "sin_family %d", l3addr->sa_family); 2324 2325 rt = rtalloc1(l3addr, 0); 2326 if (rt == NULL || (rt->rt_flags & RTF_GATEWAY) || rt->rt_ifp != ifp) { 2327 struct ifaddr *ifa; 2328 /* 2329 * Create an ND6 cache for an IPv6 neighbor 2330 * that is not covered by our own prefix. 2331 */ 2332 /* XXX ifaof_ifpforaddr should take a const param */ 2333 ifa = ifaof_ifpforaddr(l3addr, ifp); 2334 if (ifa != NULL) { 2335 ifafree(ifa); 2336 if (rt != NULL) 2337 rtfree(rt); 2338 return 0; 2339 } 2340 log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n", 2341 ip6_sprintf(&((const struct sockaddr_in6 *)l3addr)->sin6_addr)); 2342 if (rt != NULL) 2343 rtfree(rt); 2344 return EINVAL; 2345 } 2346 rtfree(rt); 2347 return 0; 2348 } 2349 2350 static inline uint32_t 2351 in6_lltable_hash_dst(const struct in6_addr *dst, uint32_t hsize) 2352 { 2353 2354 return IN6_LLTBL_HASH(dst->s6_addr32[3], hsize); 2355 } 2356 2357 static uint32_t 2358 in6_lltable_hash(const struct llentry *lle, uint32_t hsize) 2359 { 2360 2361 return in6_lltable_hash_dst(&lle->r_l3addr.addr6, hsize); 2362 } 2363 2364 static void 2365 in6_lltable_fill_sa_entry(const struct llentry *lle, struct sockaddr *sa) 2366 { 2367 struct sockaddr_in6 *sin6; 2368 2369 sin6 = (struct sockaddr_in6 *)sa; 2370 bzero(sin6, sizeof(*sin6)); 2371 sin6->sin6_family = AF_INET6; 2372 sin6->sin6_len = sizeof(*sin6); 2373 sin6->sin6_addr = lle->r_l3addr.addr6; 2374 } 2375 2376 static inline struct llentry * 2377 in6_lltable_find_dst(struct lltable *llt, const struct in6_addr *dst) 2378 { 2379 struct llentry *lle; 2380 struct llentries *lleh; 2381 u_int hashidx; 2382 2383 hashidx = in6_lltable_hash_dst(dst, llt->llt_hsize); 2384 lleh = &llt->lle_head[hashidx]; 2385 LIST_FOREACH(lle, lleh, lle_next) { 2386 if (lle->la_flags & LLE_DELETED) 2387 continue; 2388 if (IN6_ARE_ADDR_EQUAL(&lle->r_l3addr.addr6, dst)) 2389 break; 2390 } 2391 2392 return lle; 2393 } 2394 2395 static int 2396 in6_lltable_delete(struct lltable *llt, u_int flags, 2397 const struct sockaddr *l3addr) 2398 { 2399 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr; 2400 struct llentry *lle; 2401 2402 IF_AFDATA_WLOCK_ASSERT(llt->llt_ifp); 2403 KASSERTMSG(l3addr->sa_family == AF_INET6, 2404 "sin_family %d", l3addr->sa_family); 2405 2406 lle = in6_lltable_find_dst(llt, &sin6->sin6_addr); 2407 2408 if (lle == NULL) 2409 return ENOENT; 2410 2411 if (!(lle->la_flags & LLE_IFADDR) || (flags & LLE_IFADDR)) { 2412 LLE_WLOCK(lle); 2413 lle->la_flags |= LLE_DELETED; 2414 #ifdef DIAGNOSTIC 2415 log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle); 2416 #endif 2417 if ((lle->la_flags & (LLE_STATIC | LLE_IFADDR)) == LLE_STATIC) 2418 llentry_free(lle); 2419 else 2420 LLE_WUNLOCK(lle); 2421 } 2422 2423 return 0; 2424 } 2425 2426 static struct llentry * 2427 in6_lltable_create(struct lltable *llt, u_int flags, 2428 const struct sockaddr *l3addr) 2429 { 2430 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr; 2431 struct ifnet *ifp = llt->llt_ifp; 2432 struct llentry *lle; 2433 2434 IF_AFDATA_WLOCK_ASSERT(ifp); 2435 KASSERTMSG(l3addr->sa_family == AF_INET6, 2436 "sin_family %d", l3addr->sa_family); 2437 2438 lle = in6_lltable_find_dst(llt, &sin6->sin6_addr); 2439 2440 if (lle != NULL) { 2441 LLE_WLOCK(lle); 2442 return lle; 2443 } 2444 2445 /* 2446 * A route that covers the given address must have 2447 * been installed 1st because we are doing a resolution, 2448 * verify this. 2449 */ 2450 if (!(flags & LLE_IFADDR) && 2451 in6_lltable_rtcheck(ifp, flags, l3addr) != 0) 2452 return NULL; 2453 2454 lle = in6_lltable_new(&sin6->sin6_addr, flags); 2455 if (lle == NULL) { 2456 log(LOG_INFO, "lla_lookup: new lle malloc failed\n"); 2457 return NULL; 2458 } 2459 lle->la_flags = flags; 2460 if ((flags & LLE_IFADDR) == LLE_IFADDR) { 2461 memcpy(&lle->ll_addr, CLLADDR(ifp->if_sadl), ifp->if_addrlen); 2462 lle->la_flags |= (LLE_VALID | LLE_STATIC); 2463 } 2464 2465 lltable_link_entry(llt, lle); 2466 LLE_WLOCK(lle); 2467 2468 return lle; 2469 } 2470 2471 static struct llentry * 2472 in6_lltable_lookup(struct lltable *llt, u_int flags, 2473 const struct sockaddr *l3addr) 2474 { 2475 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr; 2476 struct llentry *lle; 2477 2478 IF_AFDATA_LOCK_ASSERT(llt->llt_ifp); 2479 KASSERTMSG(l3addr->sa_family == AF_INET6, 2480 "sin_family %d", l3addr->sa_family); 2481 2482 lle = in6_lltable_find_dst(llt, &sin6->sin6_addr); 2483 2484 if (lle == NULL) 2485 return NULL; 2486 2487 if (flags & LLE_EXCLUSIVE) 2488 LLE_WLOCK(lle); 2489 else 2490 LLE_RLOCK(lle); 2491 return lle; 2492 } 2493 2494 static struct lltable * 2495 in6_lltattach(struct ifnet *ifp) 2496 { 2497 struct lltable *llt; 2498 2499 llt = lltable_allocate_htbl(IN6_LLTBL_DEFAULT_HSIZE); 2500 llt->llt_af = AF_INET6; 2501 llt->llt_ifp = ifp; 2502 2503 llt->llt_lookup = in6_lltable_lookup; 2504 llt->llt_create = in6_lltable_create; 2505 llt->llt_delete = in6_lltable_delete; 2506 #if notyet 2507 llt->llt_dump_entry = in6_lltable_dump_entry; 2508 #endif 2509 llt->llt_hash = in6_lltable_hash; 2510 llt->llt_fill_sa_entry = in6_lltable_fill_sa_entry; 2511 llt->llt_free_entry = in6_lltable_free_entry; 2512 llt->llt_match_prefix = in6_lltable_match_prefix; 2513 lltable_link(llt); 2514 2515 return llt; 2516 } 2517 2518 void * 2519 in6_domifattach(struct ifnet *ifp) 2520 { 2521 struct in6_ifextra *ext; 2522 2523 ext = malloc(sizeof(*ext), M_IFADDR, M_WAITOK|M_ZERO); 2524 2525 ext->in6_ifstat = malloc(sizeof(struct in6_ifstat), 2526 M_IFADDR, M_WAITOK|M_ZERO); 2527 2528 ext->icmp6_ifstat = malloc(sizeof(struct icmp6_ifstat), 2529 M_IFADDR, M_WAITOK|M_ZERO); 2530 2531 ext->nd_ifinfo = nd6_ifattach(ifp); 2532 ext->scope6_id = scope6_ifattach(ifp); 2533 ext->nprefixes = 0; 2534 ext->ndefrouters = 0; 2535 2536 ext->lltable = in6_lltattach(ifp); 2537 2538 return ext; 2539 } 2540 2541 void 2542 in6_domifdetach(struct ifnet *ifp, void *aux) 2543 { 2544 struct in6_ifextra *ext = (struct in6_ifextra *)aux; 2545 2546 lltable_free(ext->lltable); 2547 ext->lltable = NULL; 2548 nd6_ifdetach(ifp, ext); 2549 free(ext->in6_ifstat, M_IFADDR); 2550 free(ext->icmp6_ifstat, M_IFADDR); 2551 scope6_ifdetach(ext->scope6_id); 2552 free(ext, M_IFADDR); 2553 } 2554 2555 /* 2556 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be 2557 * v4 mapped addr or v4 compat addr 2558 */ 2559 void 2560 in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2561 { 2562 memset(sin, 0, sizeof(*sin)); 2563 sin->sin_len = sizeof(struct sockaddr_in); 2564 sin->sin_family = AF_INET; 2565 sin->sin_port = sin6->sin6_port; 2566 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3]; 2567 } 2568 2569 /* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */ 2570 void 2571 in6_sin_2_v4mapsin6(const struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2572 { 2573 memset(sin6, 0, sizeof(*sin6)); 2574 sin6->sin6_len = sizeof(struct sockaddr_in6); 2575 sin6->sin6_family = AF_INET6; 2576 sin6->sin6_port = sin->sin_port; 2577 sin6->sin6_addr.s6_addr32[0] = 0; 2578 sin6->sin6_addr.s6_addr32[1] = 0; 2579 sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP; 2580 sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr; 2581 } 2582 2583 /* Convert sockaddr_in6 into sockaddr_in. */ 2584 void 2585 in6_sin6_2_sin_in_sock(struct sockaddr *nam) 2586 { 2587 struct sockaddr_in *sin_p; 2588 struct sockaddr_in6 sin6; 2589 2590 /* 2591 * Save original sockaddr_in6 addr and convert it 2592 * to sockaddr_in. 2593 */ 2594 sin6 = *(struct sockaddr_in6 *)nam; 2595 sin_p = (struct sockaddr_in *)nam; 2596 in6_sin6_2_sin(sin_p, &sin6); 2597 } 2598 2599 /* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */ 2600 void 2601 in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam) 2602 { 2603 struct sockaddr_in *sin_p; 2604 struct sockaddr_in6 *sin6_p; 2605 2606 sin6_p = malloc(sizeof(*sin6_p), M_SONAME, M_WAITOK); 2607 sin_p = (struct sockaddr_in *)*nam; 2608 in6_sin_2_v4mapsin6(sin_p, sin6_p); 2609 free(*nam, M_SONAME); 2610 *nam = (struct sockaddr *)sin6_p; 2611 } 2612