1 /* $NetBSD: in6.c,v 1.231 2017/01/10 05:42:34 ozaki-r Exp $ */ 2 /* $KAME: in6.c,v 1.198 2001/07/18 09:12:38 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1991, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 * 61 * @(#)in.c 8.2 (Berkeley) 11/15/93 62 */ 63 64 #include <sys/cdefs.h> 65 __KERNEL_RCSID(0, "$NetBSD: in6.c,v 1.231 2017/01/10 05:42:34 ozaki-r Exp $"); 66 67 #ifdef _KERNEL_OPT 68 #include "opt_inet.h" 69 #include "opt_compat_netbsd.h" 70 #include "opt_net_mpsafe.h" 71 #endif 72 73 #include <sys/param.h> 74 #include <sys/ioctl.h> 75 #include <sys/errno.h> 76 #include <sys/malloc.h> 77 #include <sys/socket.h> 78 #include <sys/socketvar.h> 79 #include <sys/sockio.h> 80 #include <sys/systm.h> 81 #include <sys/proc.h> 82 #include <sys/time.h> 83 #include <sys/kernel.h> 84 #include <sys/syslog.h> 85 #include <sys/kauth.h> 86 #include <sys/cprng.h> 87 #include <sys/kmem.h> 88 89 #include <net/if.h> 90 #include <net/if_types.h> 91 #include <net/if_llatbl.h> 92 #include <net/if_ether.h> 93 #include <net/if_dl.h> 94 #include <net/pfil.h> 95 #include <net/route.h> 96 97 #include <netinet/in.h> 98 #include <netinet/in_var.h> 99 100 #include <netinet/ip6.h> 101 #include <netinet6/ip6_var.h> 102 #include <netinet6/nd6.h> 103 #include <netinet6/mld6_var.h> 104 #include <netinet6/ip6_mroute.h> 105 #include <netinet6/in6_ifattach.h> 106 #include <netinet6/scope6_var.h> 107 108 #include <net/net_osdep.h> 109 110 #ifdef COMPAT_50 111 #include <compat/netinet6/in6_var.h> 112 #endif 113 114 MALLOC_DEFINE(M_IP6OPT, "ip6_options", "IPv6 options"); 115 116 /* enable backward compatibility code for obsoleted ioctls */ 117 #define COMPAT_IN6IFIOCTL 118 119 #ifdef IN6_DEBUG 120 #define IN6_DPRINTF(__fmt, ...) printf(__fmt, __VA_ARGS__) 121 #else 122 #define IN6_DPRINTF(__fmt, ...) do { } while (/*CONSTCOND*/0) 123 #endif /* IN6_DEBUG */ 124 125 /* 126 * Definitions of some constant IP6 addresses. 127 */ 128 const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT; 129 const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT; 130 const struct in6_addr in6addr_nodelocal_allnodes = 131 IN6ADDR_NODELOCAL_ALLNODES_INIT; 132 const struct in6_addr in6addr_linklocal_allnodes = 133 IN6ADDR_LINKLOCAL_ALLNODES_INIT; 134 const struct in6_addr in6addr_linklocal_allrouters = 135 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT; 136 137 const struct in6_addr in6mask0 = IN6MASK0; 138 const struct in6_addr in6mask32 = IN6MASK32; 139 const struct in6_addr in6mask64 = IN6MASK64; 140 const struct in6_addr in6mask96 = IN6MASK96; 141 const struct in6_addr in6mask128 = IN6MASK128; 142 143 const struct sockaddr_in6 sa6_any = {sizeof(sa6_any), AF_INET6, 144 0, 0, IN6ADDR_ANY_INIT, 0}; 145 146 struct pslist_head in6_ifaddr_list; 147 kmutex_t in6_ifaddr_lock; 148 149 static int in6_lifaddr_ioctl(struct socket *, u_long, void *, 150 struct ifnet *); 151 static int in6_ifaddprefix(struct in6_ifaddr *); 152 static int in6_ifremprefix(struct in6_ifaddr *); 153 static int in6_ifinit(struct ifnet *, struct in6_ifaddr *, 154 const struct sockaddr_in6 *, int); 155 static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *); 156 static int in6_update_ifa1(struct ifnet *, struct in6_aliasreq *, 157 struct in6_ifaddr **, struct psref *, int); 158 159 void 160 in6_init(void) 161 { 162 163 PSLIST_INIT(&in6_ifaddr_list); 164 mutex_init(&in6_ifaddr_lock, MUTEX_DEFAULT, IPL_NONE); 165 166 in6_sysctl_multicast_setup(NULL); 167 } 168 169 /* 170 * Add ownaddr as loopback rtentry. We previously add the route only if 171 * necessary (ex. on a p2p link). However, since we now manage addresses 172 * separately from prefixes, we should always add the route. We can't 173 * rely on the cloning mechanism from the corresponding interface route 174 * any more. 175 */ 176 void 177 in6_ifaddlocal(struct ifaddr *ifa) 178 { 179 180 if (IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &in6addr_any) || 181 (ifa->ifa_ifp->if_flags & IFF_POINTOPOINT && 182 IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), IFA_DSTIN6(ifa)))) 183 { 184 rt_newaddrmsg(RTM_NEWADDR, ifa, 0, NULL); 185 return; 186 } 187 188 rt_ifa_addlocal(ifa); 189 } 190 191 /* 192 * Remove loopback rtentry of ownaddr generated by in6_ifaddlocal(), 193 * if it exists. 194 */ 195 void 196 in6_ifremlocal(struct ifaddr *ifa) 197 { 198 struct in6_ifaddr *ia; 199 struct ifaddr *alt_ifa = NULL; 200 int ia_count = 0; 201 struct psref psref; 202 int s; 203 204 /* 205 * Some of BSD variants do not remove cloned routes 206 * from an interface direct route, when removing the direct route 207 * (see comments in net/net_osdep.h). Even for variants that do remove 208 * cloned routes, they could fail to remove the cloned routes when 209 * we handle multple addresses that share a common prefix. 210 * So, we should remove the route corresponding to the deleted address. 211 */ 212 213 /* 214 * Delete the entry only if exactly one ifaddr matches the 215 * address, ifa->ifa_addr. 216 * 217 * If more than one ifaddr matches, replace the ifaddr in 218 * the routing table, rt_ifa, with a different ifaddr than 219 * the one we are purging, ifa. It is important to do 220 * this, or else the routing table can accumulate dangling 221 * pointers rt->rt_ifa->ifa_ifp to destroyed interfaces, 222 * which will lead to crashes, later. (More than one ifaddr 223 * can match if we assign the same address to multiple---probably 224 * p2p---interfaces.) 225 * 226 * XXX An old comment at this place said, "we should avoid 227 * XXX such a configuration [i.e., interfaces with the same 228 * XXX addressed assigned --ed.] in IPv6...". I do not 229 * XXX agree, especially now that I have fixed the dangling 230 * XXX ifp-pointers bug. 231 */ 232 s = pserialize_read_enter(); 233 IN6_ADDRLIST_READER_FOREACH(ia) { 234 if (!IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &ia->ia_addr.sin6_addr)) 235 continue; 236 if (ia->ia_ifp != ifa->ifa_ifp) 237 alt_ifa = &ia->ia_ifa; 238 if (++ia_count > 1 && alt_ifa != NULL) 239 break; 240 } 241 if (ia_count > 1 && alt_ifa != NULL) 242 ifa_acquire(alt_ifa, &psref); 243 pserialize_read_exit(s); 244 245 if (ia_count == 0) 246 return; 247 248 rt_ifa_remlocal(ifa, ia_count == 1 ? NULL : alt_ifa); 249 250 if (ia_count > 1 && alt_ifa != NULL) 251 ifa_release(alt_ifa, &psref); 252 } 253 254 /* Add prefix route for the network. */ 255 static int 256 in6_ifaddprefix(struct in6_ifaddr *ia) 257 { 258 int error, flags = 0; 259 260 if (in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) == 128) { 261 if (ia->ia_dstaddr.sin6_family != AF_INET6) 262 /* We don't need to install a host route. */ 263 return 0; 264 flags |= RTF_HOST; 265 } 266 267 /* Is this a connected route for neighbour discovery? */ 268 if (nd6_need_cache(ia->ia_ifp)) 269 flags |= RTF_CONNECTED; 270 271 if ((error = rtinit(&ia->ia_ifa, RTM_ADD, RTF_UP | flags)) == 0) 272 ia->ia_flags |= IFA_ROUTE; 273 else if (error == EEXIST) 274 /* Existance of the route is not an error. */ 275 error = 0; 276 277 return error; 278 } 279 280 /* Delete network prefix route if present. 281 * Re-add it to another address if the prefix matches. */ 282 static int 283 in6_ifremprefix(struct in6_ifaddr *target) 284 { 285 int error, s; 286 struct in6_ifaddr *ia; 287 288 if ((target->ia_flags & IFA_ROUTE) == 0) 289 return 0; 290 291 s = pserialize_read_enter(); 292 IN6_ADDRLIST_READER_FOREACH(ia) { 293 if (target->ia_dstaddr.sin6_len) { 294 if (ia->ia_dstaddr.sin6_len == 0 || 295 !IN6_ARE_ADDR_EQUAL(&ia->ia_dstaddr.sin6_addr, 296 &target->ia_dstaddr.sin6_addr)) 297 continue; 298 } else { 299 if (!IN6_ARE_MASKED_ADDR_EQUAL(&ia->ia_addr.sin6_addr, 300 &target->ia_addr.sin6_addr, 301 &target->ia_prefixmask.sin6_addr)) 302 continue; 303 } 304 305 /* 306 * if we got a matching prefix route, move IFA_ROUTE to him 307 */ 308 if ((ia->ia_flags & IFA_ROUTE) == 0) { 309 struct psref psref; 310 int bound = curlwp_bind(); 311 312 ia6_acquire(ia, &psref); 313 pserialize_read_exit(s); 314 315 rtinit(&target->ia_ifa, RTM_DELETE, 0); 316 target->ia_flags &= ~IFA_ROUTE; 317 318 error = in6_ifaddprefix(ia); 319 320 ia6_release(ia, &psref); 321 curlwp_bindx(bound); 322 323 return error; 324 } 325 } 326 pserialize_read_exit(s); 327 328 /* 329 * noone seem to have prefix route. remove it. 330 */ 331 rtinit(&target->ia_ifa, RTM_DELETE, 0); 332 target->ia_flags &= ~IFA_ROUTE; 333 return 0; 334 } 335 336 int 337 in6_mask2len(struct in6_addr *mask, u_char *lim0) 338 { 339 int x = 0, y; 340 u_char *lim = lim0, *p; 341 342 /* ignore the scope_id part */ 343 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask)) 344 lim = (u_char *)mask + sizeof(*mask); 345 for (p = (u_char *)mask; p < lim; x++, p++) { 346 if (*p != 0xff) 347 break; 348 } 349 y = 0; 350 if (p < lim) { 351 for (y = 0; y < NBBY; y++) { 352 if ((*p & (0x80 >> y)) == 0) 353 break; 354 } 355 } 356 357 /* 358 * when the limit pointer is given, do a stricter check on the 359 * remaining bits. 360 */ 361 if (p < lim) { 362 if (y != 0 && (*p & (0x00ff >> y)) != 0) 363 return -1; 364 for (p = p + 1; p < lim; p++) 365 if (*p != 0) 366 return -1; 367 } 368 369 return x * NBBY + y; 370 } 371 372 #define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa)) 373 #define ia62ifa(ia6) (&((ia6)->ia_ifa)) 374 375 static int 376 in6_control1(struct socket *so, u_long cmd, void *data, struct ifnet *ifp) 377 { 378 struct in6_ifreq *ifr = (struct in6_ifreq *)data; 379 struct in6_ifaddr *ia = NULL; 380 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data; 381 struct sockaddr_in6 *sa6; 382 int error, bound; 383 struct psref psref; 384 385 switch (cmd) { 386 case SIOCAADDRCTL_POLICY: 387 case SIOCDADDRCTL_POLICY: 388 /* Privileged. */ 389 return in6_src_ioctl(cmd, data); 390 /* 391 * XXX: Fix me, once we fix SIOCSIFADDR, SIOCIFDSTADDR, etc. 392 */ 393 case SIOCSIFADDR: 394 case SIOCSIFDSTADDR: 395 case SIOCSIFBRDADDR: 396 case SIOCSIFNETMASK: 397 return EOPNOTSUPP; 398 case SIOCGETSGCNT_IN6: 399 case SIOCGETMIFCNT_IN6: 400 return mrt6_ioctl(cmd, data); 401 case SIOCGIFADDRPREF: 402 case SIOCSIFADDRPREF: 403 if (ifp == NULL) 404 return EINVAL; 405 return ifaddrpref_ioctl(so, cmd, data, ifp); 406 } 407 408 if (ifp == NULL) 409 return EOPNOTSUPP; 410 411 switch (cmd) { 412 case SIOCSNDFLUSH_IN6: 413 case SIOCSPFXFLUSH_IN6: 414 case SIOCSRTRFLUSH_IN6: 415 case SIOCSDEFIFACE_IN6: 416 case SIOCSIFINFO_FLAGS: 417 case SIOCSIFINFO_IN6: 418 /* Privileged. */ 419 /* FALLTHROUGH */ 420 case OSIOCGIFINFO_IN6: 421 case SIOCGIFINFO_IN6: 422 case SIOCGDRLST_IN6: 423 case SIOCGPRLST_IN6: 424 case SIOCGNBRINFO_IN6: 425 case SIOCGDEFIFACE_IN6: 426 return nd6_ioctl(cmd, data, ifp); 427 } 428 429 switch (cmd) { 430 case SIOCSIFPREFIX_IN6: 431 case SIOCDIFPREFIX_IN6: 432 case SIOCAIFPREFIX_IN6: 433 case SIOCCIFPREFIX_IN6: 434 case SIOCSGIFPREFIX_IN6: 435 case SIOCGIFPREFIX_IN6: 436 log(LOG_NOTICE, 437 "prefix ioctls are now invalidated. " 438 "please use ifconfig.\n"); 439 return EOPNOTSUPP; 440 } 441 442 switch (cmd) { 443 case SIOCALIFADDR: 444 case SIOCDLIFADDR: 445 /* Privileged. */ 446 /* FALLTHROUGH */ 447 case SIOCGLIFADDR: 448 return in6_lifaddr_ioctl(so, cmd, data, ifp); 449 } 450 451 /* 452 * Find address for this interface, if it exists. 453 * 454 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation 455 * only, and used the first interface address as the target of other 456 * operations (without checking ifra_addr). This was because netinet 457 * code/API assumed at most 1 interface address per interface. 458 * Since IPv6 allows a node to assign multiple addresses 459 * on a single interface, we almost always look and check the 460 * presence of ifra_addr, and reject invalid ones here. 461 * It also decreases duplicated code among SIOC*_IN6 operations. 462 */ 463 switch (cmd) { 464 case SIOCAIFADDR_IN6: 465 #ifdef OSIOCAIFADDR_IN6 466 case OSIOCAIFADDR_IN6: 467 #endif 468 #ifdef OSIOCSIFPHYADDR_IN6 469 case OSIOCSIFPHYADDR_IN6: 470 #endif 471 case SIOCSIFPHYADDR_IN6: 472 sa6 = &ifra->ifra_addr; 473 break; 474 case SIOCSIFADDR_IN6: 475 case SIOCGIFADDR_IN6: 476 case SIOCSIFDSTADDR_IN6: 477 case SIOCSIFNETMASK_IN6: 478 case SIOCGIFDSTADDR_IN6: 479 case SIOCGIFNETMASK_IN6: 480 case SIOCDIFADDR_IN6: 481 case SIOCGIFPSRCADDR_IN6: 482 case SIOCGIFPDSTADDR_IN6: 483 case SIOCGIFAFLAG_IN6: 484 case SIOCSNDFLUSH_IN6: 485 case SIOCSPFXFLUSH_IN6: 486 case SIOCSRTRFLUSH_IN6: 487 case SIOCGIFALIFETIME_IN6: 488 #ifdef OSIOCGIFALIFETIME_IN6 489 case OSIOCGIFALIFETIME_IN6: 490 #endif 491 case SIOCGIFSTAT_IN6: 492 case SIOCGIFSTAT_ICMP6: 493 sa6 = &ifr->ifr_addr; 494 break; 495 default: 496 sa6 = NULL; 497 break; 498 } 499 500 error = 0; 501 bound = curlwp_bind(); 502 if (sa6 && sa6->sin6_family == AF_INET6) { 503 if (sa6->sin6_scope_id != 0) 504 error = sa6_embedscope(sa6, 0); 505 else 506 error = in6_setscope(&sa6->sin6_addr, ifp, NULL); 507 if (error != 0) 508 goto out; 509 ia = in6ifa_ifpwithaddr_psref(ifp, &sa6->sin6_addr, &psref); 510 } else 511 ia = NULL; 512 513 switch (cmd) { 514 case SIOCSIFADDR_IN6: 515 case SIOCSIFDSTADDR_IN6: 516 case SIOCSIFNETMASK_IN6: 517 /* 518 * Since IPv6 allows a node to assign multiple addresses 519 * on a single interface, SIOCSIFxxx ioctls are deprecated. 520 */ 521 error = EINVAL; 522 goto release; 523 524 case SIOCDIFADDR_IN6: 525 /* 526 * for IPv4, we look for existing in_ifaddr here to allow 527 * "ifconfig if0 delete" to remove the first IPv4 address on 528 * the interface. For IPv6, as the spec allows multiple 529 * interface address from the day one, we consider "remove the 530 * first one" semantics to be not preferable. 531 */ 532 if (ia == NULL) { 533 error = EADDRNOTAVAIL; 534 goto out; 535 } 536 /* FALLTHROUGH */ 537 #ifdef OSIOCAIFADDR_IN6 538 case OSIOCAIFADDR_IN6: 539 #endif 540 case SIOCAIFADDR_IN6: 541 /* 542 * We always require users to specify a valid IPv6 address for 543 * the corresponding operation. 544 */ 545 if (ifra->ifra_addr.sin6_family != AF_INET6 || 546 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) { 547 error = EAFNOSUPPORT; 548 goto release; 549 } 550 /* Privileged. */ 551 552 break; 553 554 case SIOCGIFADDR_IN6: 555 /* This interface is basically deprecated. use SIOCGIFCONF. */ 556 /* FALLTHROUGH */ 557 case SIOCGIFAFLAG_IN6: 558 case SIOCGIFNETMASK_IN6: 559 case SIOCGIFDSTADDR_IN6: 560 case SIOCGIFALIFETIME_IN6: 561 #ifdef OSIOCGIFALIFETIME_IN6 562 case OSIOCGIFALIFETIME_IN6: 563 #endif 564 /* must think again about its semantics */ 565 if (ia == NULL) { 566 error = EADDRNOTAVAIL; 567 goto out; 568 } 569 break; 570 } 571 572 switch (cmd) { 573 574 case SIOCGIFADDR_IN6: 575 ifr->ifr_addr = ia->ia_addr; 576 error = sa6_recoverscope(&ifr->ifr_addr); 577 break; 578 579 case SIOCGIFDSTADDR_IN6: 580 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) { 581 error = EINVAL; 582 break; 583 } 584 /* 585 * XXX: should we check if ifa_dstaddr is NULL and return 586 * an error? 587 */ 588 ifr->ifr_dstaddr = ia->ia_dstaddr; 589 error = sa6_recoverscope(&ifr->ifr_dstaddr); 590 break; 591 592 case SIOCGIFNETMASK_IN6: 593 ifr->ifr_addr = ia->ia_prefixmask; 594 break; 595 596 case SIOCGIFAFLAG_IN6: 597 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags; 598 break; 599 600 case SIOCGIFSTAT_IN6: 601 if (ifp == NULL) { 602 error = EINVAL; 603 break; 604 } 605 memset(&ifr->ifr_ifru.ifru_stat, 0, 606 sizeof(ifr->ifr_ifru.ifru_stat)); 607 ifr->ifr_ifru.ifru_stat = 608 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat; 609 break; 610 611 case SIOCGIFSTAT_ICMP6: 612 if (ifp == NULL) { 613 error = EINVAL; 614 break; 615 } 616 memset(&ifr->ifr_ifru.ifru_icmp6stat, 0, 617 sizeof(ifr->ifr_ifru.ifru_icmp6stat)); 618 ifr->ifr_ifru.ifru_icmp6stat = 619 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat; 620 break; 621 622 #ifdef OSIOCGIFALIFETIME_IN6 623 case OSIOCGIFALIFETIME_IN6: 624 #endif 625 case SIOCGIFALIFETIME_IN6: 626 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime; 627 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 628 time_t maxexpire; 629 struct in6_addrlifetime *retlt = 630 &ifr->ifr_ifru.ifru_lifetime; 631 632 /* 633 * XXX: adjust expiration time assuming time_t is 634 * signed. 635 */ 636 maxexpire = ((time_t)~0) & 637 ~((time_t)1 << ((sizeof(maxexpire) * NBBY) - 1)); 638 if (ia->ia6_lifetime.ia6t_vltime < 639 maxexpire - ia->ia6_updatetime) { 640 retlt->ia6t_expire = ia->ia6_updatetime + 641 ia->ia6_lifetime.ia6t_vltime; 642 retlt->ia6t_expire = retlt->ia6t_expire ? 643 time_mono_to_wall(retlt->ia6t_expire) : 644 0; 645 } else 646 retlt->ia6t_expire = maxexpire; 647 } 648 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 649 time_t maxexpire; 650 struct in6_addrlifetime *retlt = 651 &ifr->ifr_ifru.ifru_lifetime; 652 653 /* 654 * XXX: adjust expiration time assuming time_t is 655 * signed. 656 */ 657 maxexpire = ((time_t)~0) & 658 ~((time_t)1 << ((sizeof(maxexpire) * NBBY) - 1)); 659 if (ia->ia6_lifetime.ia6t_pltime < 660 maxexpire - ia->ia6_updatetime) { 661 retlt->ia6t_preferred = ia->ia6_updatetime + 662 ia->ia6_lifetime.ia6t_pltime; 663 retlt->ia6t_preferred = retlt->ia6t_preferred ? 664 time_mono_to_wall(retlt->ia6t_preferred) : 665 0; 666 } else 667 retlt->ia6t_preferred = maxexpire; 668 } 669 #ifdef OSIOCFIFALIFETIME_IN6 670 if (cmd == OSIOCFIFALIFETIME_IN6) 671 in6_addrlifetime_to_in6_addrlifetime50( 672 &ifr->ifru.ifru_lifetime); 673 #endif 674 break; 675 676 #ifdef OSIOCAIFADDR_IN6 677 case OSIOCAIFADDR_IN6: 678 in6_aliasreq50_to_in6_aliasreq(ifra); 679 /*FALLTHROUGH*/ 680 #endif 681 case SIOCAIFADDR_IN6: 682 { 683 struct in6_addrlifetime *lt; 684 685 /* reject read-only flags */ 686 if ((ifra->ifra_flags & IN6_IFF_DUPLICATED) != 0 || 687 (ifra->ifra_flags & IN6_IFF_DETACHED) != 0 || 688 (ifra->ifra_flags & IN6_IFF_TENTATIVE) != 0 || 689 (ifra->ifra_flags & IN6_IFF_NODAD) != 0 || 690 (ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0) { 691 error = EINVAL; 692 break; 693 } 694 /* 695 * ia6t_expire and ia6t_preferred won't be used for now, 696 * so just in case. 697 */ 698 lt = &ifra->ifra_lifetime; 699 if (lt->ia6t_expire != 0) 700 lt->ia6t_expire = time_wall_to_mono(lt->ia6t_expire); 701 if (lt->ia6t_preferred != 0) 702 lt->ia6t_preferred = 703 time_wall_to_mono(lt->ia6t_preferred); 704 /* 705 * make (ia == NULL) or update (ia != NULL) the interface 706 * address structure, and link it to the list. 707 */ 708 int s = splnet(); 709 error = in6_update_ifa1(ifp, ifra, &ia, &psref, 0); 710 splx(s); 711 if (error) 712 break; 713 pfil_run_addrhooks(if_pfil, cmd, &ia->ia_ifa); 714 break; 715 } 716 717 case SIOCDIFADDR_IN6: 718 ia6_release(ia, &psref); 719 ifaref(&ia->ia_ifa); 720 in6_purgeaddr(&ia->ia_ifa); 721 pfil_run_addrhooks(if_pfil, cmd, &ia->ia_ifa); 722 ifafree(&ia->ia_ifa); 723 ia = NULL; 724 break; 725 726 default: 727 error = ENOTTY; 728 } 729 release: 730 ia6_release(ia, &psref); 731 out: 732 curlwp_bindx(bound); 733 return error; 734 } 735 736 int 737 in6_control(struct socket *so, u_long cmd, void *data, struct ifnet *ifp) 738 { 739 int error, s; 740 741 switch (cmd) { 742 case SIOCSNDFLUSH_IN6: 743 case SIOCSPFXFLUSH_IN6: 744 case SIOCSRTRFLUSH_IN6: 745 case SIOCSDEFIFACE_IN6: 746 case SIOCSIFINFO_FLAGS: 747 case SIOCSIFINFO_IN6: 748 749 case SIOCALIFADDR: 750 case SIOCDLIFADDR: 751 752 case SIOCDIFADDR_IN6: 753 #ifdef OSIOCAIFADDR_IN6 754 case OSIOCAIFADDR_IN6: 755 #endif 756 case SIOCAIFADDR_IN6: 757 758 case SIOCAADDRCTL_POLICY: 759 case SIOCDADDRCTL_POLICY: 760 761 if (kauth_authorize_network(curlwp->l_cred, 762 KAUTH_NETWORK_SOCKET, 763 KAUTH_REQ_NETWORK_SOCKET_SETPRIV, 764 so, NULL, NULL)) 765 return EPERM; 766 break; 767 } 768 769 s = splnet(); 770 #ifndef NET_MPSAFE 771 mutex_enter(softnet_lock); 772 #endif 773 error = in6_control1(so , cmd, data, ifp); 774 #ifndef NET_MPSAFE 775 mutex_exit(softnet_lock); 776 #endif 777 splx(s); 778 return error; 779 } 780 781 /* 782 * Update parameters of an IPv6 interface address. 783 * If necessary, a new entry is created and linked into address chains. 784 * This function is separated from in6_control(). 785 * XXX: should this be performed under splnet()? 786 */ 787 static int 788 in6_update_ifa1(struct ifnet *ifp, struct in6_aliasreq *ifra, 789 struct in6_ifaddr **iap, struct psref *psref, int flags) 790 { 791 int error = 0, hostIsNew = 0, plen = -1; 792 struct sockaddr_in6 dst6; 793 struct in6_addrlifetime *lt; 794 struct in6_multi_mship *imm; 795 struct in6_multi *in6m_sol; 796 struct rtentry *rt; 797 int dad_delay, was_tentative; 798 struct in6_ifaddr *ia = iap ? *iap : NULL; 799 800 in6m_sol = NULL; 801 802 /* Validate parameters */ 803 if (ifp == NULL || ifra == NULL) /* this maybe redundant */ 804 return EINVAL; 805 806 /* 807 * The destination address for a p2p link must have a family 808 * of AF_UNSPEC or AF_INET6. 809 */ 810 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && 811 ifra->ifra_dstaddr.sin6_family != AF_INET6 && 812 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC) 813 return EAFNOSUPPORT; 814 /* 815 * validate ifra_prefixmask. don't check sin6_family, netmask 816 * does not carry fields other than sin6_len. 817 */ 818 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6)) 819 return EINVAL; 820 /* 821 * Because the IPv6 address architecture is classless, we require 822 * users to specify a (non 0) prefix length (mask) for a new address. 823 * We also require the prefix (when specified) mask is valid, and thus 824 * reject a non-consecutive mask. 825 */ 826 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0) 827 return EINVAL; 828 if (ifra->ifra_prefixmask.sin6_len != 0) { 829 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 830 (u_char *)&ifra->ifra_prefixmask + 831 ifra->ifra_prefixmask.sin6_len); 832 if (plen <= 0) 833 return EINVAL; 834 } else { 835 /* 836 * In this case, ia must not be NULL. We just use its prefix 837 * length. 838 */ 839 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 840 } 841 /* 842 * If the destination address on a p2p interface is specified, 843 * and the address is a scoped one, validate/set the scope 844 * zone identifier. 845 */ 846 dst6 = ifra->ifra_dstaddr; 847 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 && 848 (dst6.sin6_family == AF_INET6)) { 849 struct in6_addr in6_tmp; 850 u_int32_t zoneid; 851 852 in6_tmp = dst6.sin6_addr; 853 if (in6_setscope(&in6_tmp, ifp, &zoneid)) 854 return EINVAL; /* XXX: should be impossible */ 855 856 if (dst6.sin6_scope_id != 0) { 857 if (dst6.sin6_scope_id != zoneid) 858 return EINVAL; 859 } else /* user omit to specify the ID. */ 860 dst6.sin6_scope_id = zoneid; 861 862 /* convert into the internal form */ 863 if (sa6_embedscope(&dst6, 0)) 864 return EINVAL; /* XXX: should be impossible */ 865 } 866 /* 867 * The destination address can be specified only for a p2p or a 868 * loopback interface. If specified, the corresponding prefix length 869 * must be 128. 870 */ 871 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) { 872 #ifdef FORCE_P2PPLEN 873 int i; 874 #endif 875 876 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) { 877 /* XXX: noisy message */ 878 nd6log(LOG_INFO, "a destination can " 879 "be specified for a p2p or a loopback IF only\n"); 880 return EINVAL; 881 } 882 if (plen != 128) { 883 nd6log(LOG_INFO, "prefixlen should " 884 "be 128 when dstaddr is specified\n"); 885 #ifdef FORCE_P2PPLEN 886 /* 887 * To be compatible with old configurations, 888 * such as ifconfig gif0 inet6 2001::1 2001::2 889 * prefixlen 126, we override the specified 890 * prefixmask as if the prefix length was 128. 891 */ 892 ifra->ifra_prefixmask.sin6_len = 893 sizeof(struct sockaddr_in6); 894 for (i = 0; i < 4; i++) 895 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i] = 896 0xffffffff; 897 plen = 128; 898 #else 899 return EINVAL; 900 #endif 901 } 902 } 903 /* lifetime consistency check */ 904 lt = &ifra->ifra_lifetime; 905 if (lt->ia6t_pltime > lt->ia6t_vltime) 906 return EINVAL; 907 if (lt->ia6t_vltime == 0) { 908 /* 909 * the following log might be noisy, but this is a typical 910 * configuration mistake or a tool's bug. 911 */ 912 nd6log(LOG_INFO, "valid lifetime is 0 for %s\n", 913 ip6_sprintf(&ifra->ifra_addr.sin6_addr)); 914 915 if (ia == NULL) 916 return 0; /* there's nothing to do */ 917 } 918 919 /* 920 * If this is a new address, allocate a new ifaddr and link it 921 * into chains. 922 */ 923 if (ia == NULL) { 924 hostIsNew = 1; 925 /* 926 * When in6_update_ifa() is called in a process of a received 927 * RA, it is called under an interrupt context. So, we should 928 * call malloc with M_NOWAIT. 929 */ 930 ia = malloc(sizeof(*ia), M_IFADDR, M_NOWAIT|M_ZERO); 931 if (ia == NULL) 932 return ENOBUFS; 933 LIST_INIT(&ia->ia6_memberships); 934 /* Initialize the address and masks, and put time stamp */ 935 ia->ia_ifa.ifa_addr = sin6tosa(&ia->ia_addr); 936 ia->ia_addr.sin6_family = AF_INET6; 937 ia->ia_addr.sin6_len = sizeof(ia->ia_addr); 938 ia->ia6_createtime = time_uptime; 939 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) { 940 /* 941 * XXX: some functions expect that ifa_dstaddr is not 942 * NULL for p2p interfaces. 943 */ 944 ia->ia_ifa.ifa_dstaddr = sin6tosa(&ia->ia_dstaddr); 945 } else { 946 ia->ia_ifa.ifa_dstaddr = NULL; 947 } 948 ia->ia_ifa.ifa_netmask = sin6tosa(&ia->ia_prefixmask); 949 950 ia->ia_ifp = ifp; 951 IN6_ADDRLIST_ENTRY_INIT(ia); 952 ifa_psref_init(&ia->ia_ifa); 953 if (psref) 954 ia6_acquire(ia, psref); 955 } 956 957 /* update timestamp */ 958 ia->ia6_updatetime = time_uptime; 959 960 /* set prefix mask */ 961 if (ifra->ifra_prefixmask.sin6_len) { 962 if (ia->ia_prefixmask.sin6_len) { 963 /* 964 * We prohibit changing the prefix length of an 965 * existing autoconf address, because the operation 966 * would confuse prefix management. 967 */ 968 if (ia->ia6_ndpr != NULL && 969 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != 970 plen) 971 { 972 nd6log(LOG_INFO, "the prefix length of an" 973 " existing (%s) autoconf address should" 974 " not be changed\n", 975 ip6_sprintf(&ia->ia_addr.sin6_addr)); 976 error = EINVAL; 977 if (hostIsNew) 978 free(ia, M_IFADDR); 979 goto exit; 980 } 981 982 if (!IN6_ARE_ADDR_EQUAL(&ia->ia_prefixmask.sin6_addr, 983 &ifra->ifra_prefixmask.sin6_addr)) 984 in6_ifremprefix(ia); 985 } 986 ia->ia_prefixmask = ifra->ifra_prefixmask; 987 } 988 989 /* Set destination address. */ 990 if (dst6.sin6_family == AF_INET6) { 991 if (!IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, 992 &ia->ia_dstaddr.sin6_addr)) 993 in6_ifremprefix(ia); 994 ia->ia_dstaddr = dst6; 995 } 996 997 /* 998 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred 999 * to see if the address is deprecated or invalidated, but initialize 1000 * these members for applications. 1001 */ 1002 ia->ia6_lifetime = ifra->ifra_lifetime; 1003 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 1004 ia->ia6_lifetime.ia6t_expire = 1005 time_uptime + ia->ia6_lifetime.ia6t_vltime; 1006 } else 1007 ia->ia6_lifetime.ia6t_expire = 0; 1008 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 1009 ia->ia6_lifetime.ia6t_preferred = 1010 time_uptime + ia->ia6_lifetime.ia6t_pltime; 1011 } else 1012 ia->ia6_lifetime.ia6t_preferred = 0; 1013 1014 /* 1015 * configure address flags. 1016 * We need to preserve tentative state so DAD works if 1017 * something adds the same address before DAD finishes. 1018 */ 1019 was_tentative = ia->ia6_flags & (IN6_IFF_TENTATIVE|IN6_IFF_DUPLICATED); 1020 ia->ia6_flags = ifra->ifra_flags; 1021 1022 /* 1023 * Make the address tentative before joining multicast addresses, 1024 * so that corresponding MLD responses would not have a tentative 1025 * source address. 1026 */ 1027 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */ 1028 if (ifp->if_link_state == LINK_STATE_DOWN) { 1029 ia->ia6_flags |= IN6_IFF_DETACHED; 1030 ia->ia6_flags &= ~IN6_IFF_TENTATIVE; 1031 } else if ((hostIsNew || was_tentative) && if_do_dad(ifp)) 1032 ia->ia6_flags |= IN6_IFF_TENTATIVE; 1033 1034 /* 1035 * backward compatibility - if IN6_IFF_DEPRECATED is set from the 1036 * userland, make it deprecated. 1037 */ 1038 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) { 1039 ia->ia6_lifetime.ia6t_pltime = 0; 1040 ia->ia6_lifetime.ia6t_preferred = time_uptime; 1041 } 1042 1043 /* reset the interface and routing table appropriately. */ 1044 error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew); 1045 if (error != 0) { 1046 if (hostIsNew) 1047 free(ia, M_IFADDR); 1048 goto exit; 1049 } 1050 1051 /* 1052 * We are done if we have simply modified an existing address. 1053 */ 1054 if (!hostIsNew) 1055 return error; 1056 1057 /* 1058 * Insert ia to the global list and ifa to the interface's list. 1059 */ 1060 mutex_enter(&in6_ifaddr_lock); 1061 IN6_ADDRLIST_WRITER_INSERT_TAIL(ia); 1062 mutex_exit(&in6_ifaddr_lock); 1063 1064 /* gain a refcnt for the link from in6_ifaddr */ 1065 ifaref(&ia->ia_ifa); 1066 ifa_insert(ifp, &ia->ia_ifa); 1067 1068 /* 1069 * Beyond this point, we should call in6_purgeaddr upon an error, 1070 * not just go to unlink. 1071 */ 1072 1073 /* join necessary multicast groups */ 1074 if ((ifp->if_flags & IFF_MULTICAST) != 0) { 1075 struct sockaddr_in6 mltaddr, mltmask; 1076 struct in6_addr llsol; 1077 1078 /* join solicited multicast addr for new host id */ 1079 memset(&llsol, 0, sizeof(struct in6_addr)); 1080 llsol.s6_addr16[0] = htons(0xff02); 1081 llsol.s6_addr32[1] = 0; 1082 llsol.s6_addr32[2] = htonl(1); 1083 llsol.s6_addr32[3] = ifra->ifra_addr.sin6_addr.s6_addr32[3]; 1084 llsol.s6_addr8[12] = 0xff; 1085 if ((error = in6_setscope(&llsol, ifp, NULL)) != 0) { 1086 /* XXX: should not happen */ 1087 log(LOG_ERR, "%s: in6_setscope failed\n", __func__); 1088 goto cleanup; 1089 } 1090 dad_delay = 0; 1091 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1092 /* 1093 * We need a random delay for DAD on the address 1094 * being configured. It also means delaying 1095 * transmission of the corresponding MLD report to 1096 * avoid report collision. 1097 * [draft-ietf-ipv6-rfc2462bis-02.txt] 1098 */ 1099 dad_delay = cprng_fast32() % 1100 (MAX_RTR_SOLICITATION_DELAY * hz); 1101 } 1102 1103 #define MLTMASK_LEN 4 /* mltmask's masklen (=32bit=4octet) */ 1104 /* join solicited multicast addr for new host id */ 1105 imm = in6_joingroup(ifp, &llsol, &error, dad_delay); 1106 if (!imm) { 1107 nd6log(LOG_ERR, 1108 "addmulti failed for %s on %s (errno=%d)\n", 1109 ip6_sprintf(&llsol), if_name(ifp), error); 1110 goto cleanup; 1111 } 1112 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1113 in6m_sol = imm->i6mm_maddr; 1114 1115 sockaddr_in6_init(&mltmask, &in6mask32, 0, 0, 0); 1116 1117 /* 1118 * join link-local all-nodes address 1119 */ 1120 sockaddr_in6_init(&mltaddr, &in6addr_linklocal_allnodes, 1121 0, 0, 0); 1122 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0) 1123 goto cleanup; /* XXX: should not fail */ 1124 1125 /* 1126 * XXX: do we really need this automatic routes? 1127 * We should probably reconsider this stuff. Most applications 1128 * actually do not need the routes, since they usually specify 1129 * the outgoing interface. 1130 */ 1131 rt = rtalloc1(sin6tosa(&mltaddr), 0); 1132 if (rt) { 1133 if (memcmp(&mltaddr.sin6_addr, 1134 &satocsin6(rt_getkey(rt))->sin6_addr, 1135 MLTMASK_LEN)) { 1136 rt_unref(rt); 1137 rt = NULL; 1138 } else if (rt->rt_ifp != ifp) { 1139 IN6_DPRINTF("%s: rt_ifp %p -> %p (%s) " 1140 "network %04x:%04x::/32 = %04x:%04x::/32\n", 1141 __func__, rt->rt_ifp, ifp, ifp->if_xname, 1142 ntohs(mltaddr.sin6_addr.s6_addr16[0]), 1143 ntohs(mltaddr.sin6_addr.s6_addr16[1]), 1144 satocsin6(rt_getkey(rt))->sin6_addr.s6_addr16[0], 1145 satocsin6(rt_getkey(rt))->sin6_addr.s6_addr16[1]); 1146 rt_replace_ifa(rt, &ia->ia_ifa); 1147 rt->rt_ifp = ifp; 1148 } 1149 } 1150 if (!rt) { 1151 struct rt_addrinfo info; 1152 1153 memset(&info, 0, sizeof(info)); 1154 info.rti_info[RTAX_DST] = sin6tosa(&mltaddr); 1155 info.rti_info[RTAX_GATEWAY] = sin6tosa(&ia->ia_addr); 1156 info.rti_info[RTAX_NETMASK] = sin6tosa(&mltmask); 1157 info.rti_info[RTAX_IFA] = sin6tosa(&ia->ia_addr); 1158 /* XXX: we need RTF_CONNECTED to fake nd6_rtrequest */ 1159 info.rti_flags = RTF_UP | RTF_CONNECTED; 1160 error = rtrequest1(RTM_ADD, &info, NULL); 1161 if (error) 1162 goto cleanup; 1163 } else { 1164 rt_unref(rt); 1165 } 1166 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0); 1167 if (!imm) { 1168 nd6log(LOG_WARNING, 1169 "addmulti failed for %s on %s (errno=%d)\n", 1170 ip6_sprintf(&mltaddr.sin6_addr), 1171 if_name(ifp), error); 1172 goto cleanup; 1173 } 1174 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1175 1176 /* 1177 * join node information group address 1178 */ 1179 dad_delay = 0; 1180 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1181 /* 1182 * The spec doesn't say anything about delay for this 1183 * group, but the same logic should apply. 1184 */ 1185 dad_delay = cprng_fast32() % 1186 (MAX_RTR_SOLICITATION_DELAY * hz); 1187 } 1188 if (in6_nigroup(ifp, hostname, hostnamelen, &mltaddr) != 0) 1189 ; 1190 else if ((imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 1191 dad_delay)) == NULL) { /* XXX jinmei */ 1192 nd6log(LOG_WARNING, 1193 "addmulti failed for %s on %s (errno=%d)\n", 1194 ip6_sprintf(&mltaddr.sin6_addr), 1195 if_name(ifp), error); 1196 /* XXX not very fatal, go on... */ 1197 } else { 1198 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1199 } 1200 1201 1202 /* 1203 * join interface-local all-nodes address. 1204 * (ff01::1%ifN, and ff01::%ifN/32) 1205 */ 1206 mltaddr.sin6_addr = in6addr_nodelocal_allnodes; 1207 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0) 1208 goto cleanup; /* XXX: should not fail */ 1209 1210 /* XXX: again, do we really need the route? */ 1211 rt = rtalloc1(sin6tosa(&mltaddr), 0); 1212 if (rt) { 1213 /* 32bit came from "mltmask" */ 1214 if (memcmp(&mltaddr.sin6_addr, 1215 &satocsin6(rt_getkey(rt))->sin6_addr, 1216 32 / NBBY)) { 1217 rt_unref(rt); 1218 rt = NULL; 1219 } else if (rt->rt_ifp != ifp) { 1220 IN6_DPRINTF("%s: rt_ifp %p -> %p (%s) " 1221 "network %04x:%04x::/32 = %04x:%04x::/32\n", 1222 __func__, rt->rt_ifp, ifp, ifp->if_xname, 1223 ntohs(mltaddr.sin6_addr.s6_addr16[0]), 1224 ntohs(mltaddr.sin6_addr.s6_addr16[1]), 1225 satocsin6(rt_getkey(rt))->sin6_addr.s6_addr16[0], 1226 satocsin6(rt_getkey(rt))->sin6_addr.s6_addr16[1]); 1227 rt_replace_ifa(rt, &ia->ia_ifa); 1228 rt->rt_ifp = ifp; 1229 } 1230 } 1231 if (!rt) { 1232 struct rt_addrinfo info; 1233 1234 memset(&info, 0, sizeof(info)); 1235 info.rti_info[RTAX_DST] = sin6tosa(&mltaddr); 1236 info.rti_info[RTAX_GATEWAY] = sin6tosa(&ia->ia_addr); 1237 info.rti_info[RTAX_NETMASK] = sin6tosa(&mltmask); 1238 info.rti_info[RTAX_IFA] = sin6tosa(&ia->ia_addr); 1239 info.rti_flags = RTF_UP | RTF_CONNECTED; 1240 error = rtrequest1(RTM_ADD, &info, NULL); 1241 if (error) 1242 goto cleanup; 1243 #undef MLTMASK_LEN 1244 } else { 1245 rt_unref(rt); 1246 } 1247 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0); 1248 if (!imm) { 1249 nd6log(LOG_WARNING, 1250 "addmulti failed for %s on %s (errno=%d)\n", 1251 ip6_sprintf(&mltaddr.sin6_addr), 1252 if_name(ifp), error); 1253 goto cleanup; 1254 } else { 1255 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1256 } 1257 } 1258 1259 /* Add local address to lltable, if necessary (ex. on p2p link). */ 1260 error = nd6_add_ifa_lle(ia); 1261 if (error != 0) 1262 goto cleanup; 1263 1264 /* 1265 * Perform DAD, if needed. 1266 * XXX It may be of use, if we can administratively 1267 * disable DAD. 1268 */ 1269 if (hostIsNew && if_do_dad(ifp) && 1270 ((ifra->ifra_flags & IN6_IFF_NODAD) == 0) && 1271 (ia->ia6_flags & IN6_IFF_TENTATIVE)) 1272 { 1273 int mindelay, maxdelay; 1274 1275 dad_delay = 0; 1276 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1277 /* 1278 * We need to impose a delay before sending an NS 1279 * for DAD. Check if we also needed a delay for the 1280 * corresponding MLD message. If we did, the delay 1281 * should be larger than the MLD delay (this could be 1282 * relaxed a bit, but this simple logic is at least 1283 * safe). 1284 */ 1285 mindelay = 0; 1286 if (in6m_sol != NULL && 1287 in6m_sol->in6m_state == MLD_REPORTPENDING) { 1288 mindelay = in6m_sol->in6m_timer; 1289 } 1290 maxdelay = MAX_RTR_SOLICITATION_DELAY * hz; 1291 if (maxdelay - mindelay == 0) 1292 dad_delay = 0; 1293 else { 1294 dad_delay = 1295 (cprng_fast32() % (maxdelay - mindelay)) + 1296 mindelay; 1297 } 1298 } 1299 /* +1 ensures callout is always used */ 1300 nd6_dad_start(&ia->ia_ifa, dad_delay + 1); 1301 } 1302 1303 if (iap) 1304 *iap = ia; 1305 1306 return 0; 1307 1308 cleanup: 1309 in6_purgeaddr(&ia->ia_ifa); 1310 exit: 1311 return error; 1312 } 1313 1314 int 1315 in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, int flags) 1316 { 1317 int rc, s; 1318 1319 s = splnet(); 1320 rc = in6_update_ifa1(ifp, ifra, NULL, NULL, flags); 1321 splx(s); 1322 return rc; 1323 } 1324 1325 void 1326 in6_purgeaddr(struct ifaddr *ifa) 1327 { 1328 struct ifnet *ifp = ifa->ifa_ifp; 1329 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa; 1330 struct in6_multi_mship *imm; 1331 1332 KASSERT(!ifa_held(ifa)); 1333 1334 ifa->ifa_flags |= IFA_DESTROYING; 1335 1336 /* stop DAD processing */ 1337 nd6_dad_stop(ifa); 1338 1339 /* Delete any network route. */ 1340 in6_ifremprefix(ia); 1341 1342 /* Remove ownaddr's loopback rtentry, if it exists. */ 1343 in6_ifremlocal(&(ia->ia_ifa)); 1344 1345 /* 1346 * leave from multicast groups we have joined for the interface 1347 */ 1348 while ((imm = LIST_FIRST(&ia->ia6_memberships)) != NULL) { 1349 LIST_REMOVE(imm, i6mm_chain); 1350 in6_leavegroup(imm); 1351 } 1352 1353 in6_unlink_ifa(ia, ifp); 1354 } 1355 1356 static void 1357 in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp) 1358 { 1359 int s = splnet(); 1360 1361 mutex_enter(&in6_ifaddr_lock); 1362 IN6_ADDRLIST_WRITER_REMOVE(ia); 1363 ifa_remove(ifp, &ia->ia_ifa); 1364 mutex_exit(&in6_ifaddr_lock); 1365 1366 /* 1367 * XXX thorpej@NetBSD.org -- if the interface is going 1368 * XXX away, don't save the multicast entries, delete them! 1369 */ 1370 if (LIST_EMPTY(&ia->ia6_multiaddrs)) 1371 ; 1372 else if (if_is_deactivated(ia->ia_ifa.ifa_ifp)) { 1373 struct in6_multi *in6m, *next; 1374 1375 for (in6m = LIST_FIRST(&ia->ia6_multiaddrs); in6m != NULL; 1376 in6m = next) { 1377 next = LIST_NEXT(in6m, in6m_entry); 1378 in6_delmulti(in6m); 1379 } 1380 } else 1381 in6_savemkludge(ia); 1382 1383 /* 1384 * Release the reference to the ND prefix. 1385 */ 1386 if (ia->ia6_ndpr != NULL) { 1387 nd6_prefix_unref(ia->ia6_ndpr); 1388 ia->ia6_ndpr = NULL; 1389 } 1390 1391 /* 1392 * Also, if the address being removed is autoconf'ed, call 1393 * nd6_pfxlist_onlink_check() since the release might affect the status of 1394 * other (detached) addresses. 1395 */ 1396 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) != 0) { 1397 ND6_WLOCK(); 1398 nd6_pfxlist_onlink_check(); 1399 ND6_UNLOCK(); 1400 } 1401 1402 IN6_ADDRLIST_ENTRY_DESTROY(ia); 1403 1404 /* 1405 * release another refcnt for the link from in6_ifaddr. 1406 * Note that we should decrement the refcnt at least once for all *BSD. 1407 */ 1408 ifafree(&ia->ia_ifa); 1409 1410 splx(s); 1411 } 1412 1413 void 1414 in6_purgeif(struct ifnet *ifp) 1415 { 1416 1417 in6_ifdetach(ifp); 1418 } 1419 1420 /* 1421 * SIOC[GAD]LIFADDR. 1422 * SIOCGLIFADDR: get first address. (?) 1423 * SIOCGLIFADDR with IFLR_PREFIX: 1424 * get first address that matches the specified prefix. 1425 * SIOCALIFADDR: add the specified address. 1426 * SIOCALIFADDR with IFLR_PREFIX: 1427 * add the specified prefix, filling hostid part from 1428 * the first link-local address. prefixlen must be <= 64. 1429 * SIOCDLIFADDR: delete the specified address. 1430 * SIOCDLIFADDR with IFLR_PREFIX: 1431 * delete the first address that matches the specified prefix. 1432 * return values: 1433 * EINVAL on invalid parameters 1434 * EADDRNOTAVAIL on prefix match failed/specified address not found 1435 * other values may be returned from in6_ioctl() 1436 * 1437 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64. 1438 * this is to accommodate address naming scheme other than RFC2374, 1439 * in the future. 1440 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374 1441 * address encoding scheme. (see figure on page 8) 1442 */ 1443 static int 1444 in6_lifaddr_ioctl(struct socket *so, u_long cmd, void *data, 1445 struct ifnet *ifp) 1446 { 1447 struct in6_ifaddr *ia = NULL; /* XXX gcc 4.8 maybe-uninitialized */ 1448 struct if_laddrreq *iflr = (struct if_laddrreq *)data; 1449 struct ifaddr *ifa; 1450 struct sockaddr *sa; 1451 1452 /* sanity checks */ 1453 if (!data || !ifp) { 1454 panic("invalid argument to in6_lifaddr_ioctl"); 1455 /* NOTREACHED */ 1456 } 1457 1458 switch (cmd) { 1459 case SIOCGLIFADDR: 1460 /* address must be specified on GET with IFLR_PREFIX */ 1461 if ((iflr->flags & IFLR_PREFIX) == 0) 1462 break; 1463 /* FALLTHROUGH */ 1464 case SIOCALIFADDR: 1465 case SIOCDLIFADDR: 1466 /* address must be specified on ADD and DELETE */ 1467 sa = (struct sockaddr *)&iflr->addr; 1468 if (sa->sa_family != AF_INET6) 1469 return EINVAL; 1470 if (sa->sa_len != sizeof(struct sockaddr_in6)) 1471 return EINVAL; 1472 /* XXX need improvement */ 1473 sa = (struct sockaddr *)&iflr->dstaddr; 1474 if (sa->sa_family && sa->sa_family != AF_INET6) 1475 return EINVAL; 1476 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6)) 1477 return EINVAL; 1478 break; 1479 default: /* shouldn't happen */ 1480 #if 0 1481 panic("invalid cmd to in6_lifaddr_ioctl"); 1482 /* NOTREACHED */ 1483 #else 1484 return EOPNOTSUPP; 1485 #endif 1486 } 1487 if (sizeof(struct in6_addr) * NBBY < iflr->prefixlen) 1488 return EINVAL; 1489 1490 switch (cmd) { 1491 case SIOCALIFADDR: 1492 { 1493 struct in6_aliasreq ifra; 1494 struct in6_addr *xhostid = NULL; 1495 int prefixlen; 1496 int bound = curlwp_bind(); 1497 struct psref psref; 1498 1499 if ((iflr->flags & IFLR_PREFIX) != 0) { 1500 struct sockaddr_in6 *sin6; 1501 1502 /* 1503 * xhostid is to fill in the hostid part of the 1504 * address. xhostid points to the first link-local 1505 * address attached to the interface. 1506 */ 1507 ia = in6ifa_ifpforlinklocal_psref(ifp, 0, &psref); 1508 if (ia == NULL) { 1509 curlwp_bindx(bound); 1510 return EADDRNOTAVAIL; 1511 } 1512 xhostid = IFA_IN6(&ia->ia_ifa); 1513 1514 /* prefixlen must be <= 64. */ 1515 if (64 < iflr->prefixlen) { 1516 ia6_release(ia, &psref); 1517 curlwp_bindx(bound); 1518 return EINVAL; 1519 } 1520 prefixlen = iflr->prefixlen; 1521 1522 /* hostid part must be zero. */ 1523 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1524 if (sin6->sin6_addr.s6_addr32[2] != 0 1525 || sin6->sin6_addr.s6_addr32[3] != 0) { 1526 ia6_release(ia, &psref); 1527 curlwp_bindx(bound); 1528 return EINVAL; 1529 } 1530 } else 1531 prefixlen = iflr->prefixlen; 1532 1533 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */ 1534 memset(&ifra, 0, sizeof(ifra)); 1535 memcpy(ifra.ifra_name, iflr->iflr_name, sizeof(ifra.ifra_name)); 1536 1537 memcpy(&ifra.ifra_addr, &iflr->addr, 1538 ((struct sockaddr *)&iflr->addr)->sa_len); 1539 if (xhostid) { 1540 /* fill in hostid part */ 1541 ifra.ifra_addr.sin6_addr.s6_addr32[2] = 1542 xhostid->s6_addr32[2]; 1543 ifra.ifra_addr.sin6_addr.s6_addr32[3] = 1544 xhostid->s6_addr32[3]; 1545 } 1546 1547 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /* XXX */ 1548 memcpy(&ifra.ifra_dstaddr, &iflr->dstaddr, 1549 ((struct sockaddr *)&iflr->dstaddr)->sa_len); 1550 if (xhostid) { 1551 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] = 1552 xhostid->s6_addr32[2]; 1553 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] = 1554 xhostid->s6_addr32[3]; 1555 } 1556 } 1557 if (xhostid) { 1558 ia6_release(ia, &psref); 1559 ia = NULL; 1560 } 1561 curlwp_bindx(bound); 1562 1563 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6); 1564 in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen); 1565 1566 ifra.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME; 1567 ifra.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME; 1568 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX; 1569 return in6_control(so, SIOCAIFADDR_IN6, &ifra, ifp); 1570 } 1571 case SIOCGLIFADDR: 1572 case SIOCDLIFADDR: 1573 { 1574 struct in6_addr mask, candidate, match; 1575 struct sockaddr_in6 *sin6; 1576 int cmp; 1577 int error, s; 1578 1579 memset(&mask, 0, sizeof(mask)); 1580 if (iflr->flags & IFLR_PREFIX) { 1581 /* lookup a prefix rather than address. */ 1582 in6_prefixlen2mask(&mask, iflr->prefixlen); 1583 1584 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1585 memcpy(&match, &sin6->sin6_addr, sizeof(match)); 1586 match.s6_addr32[0] &= mask.s6_addr32[0]; 1587 match.s6_addr32[1] &= mask.s6_addr32[1]; 1588 match.s6_addr32[2] &= mask.s6_addr32[2]; 1589 match.s6_addr32[3] &= mask.s6_addr32[3]; 1590 1591 /* if you set extra bits, that's wrong */ 1592 if (memcmp(&match, &sin6->sin6_addr, sizeof(match))) 1593 return EINVAL; 1594 1595 cmp = 1; 1596 } else { 1597 if (cmd == SIOCGLIFADDR) { 1598 /* on getting an address, take the 1st match */ 1599 cmp = 0; /* XXX */ 1600 } else { 1601 /* on deleting an address, do exact match */ 1602 in6_prefixlen2mask(&mask, 128); 1603 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1604 memcpy(&match, &sin6->sin6_addr, sizeof(match)); 1605 1606 cmp = 1; 1607 } 1608 } 1609 1610 s = pserialize_read_enter(); 1611 IFADDR_READER_FOREACH(ifa, ifp) { 1612 if (ifa->ifa_addr->sa_family != AF_INET6) 1613 continue; 1614 if (!cmp) 1615 break; 1616 1617 /* 1618 * XXX: this is adhoc, but is necessary to allow 1619 * a user to specify fe80::/64 (not /10) for a 1620 * link-local address. 1621 */ 1622 memcpy(&candidate, IFA_IN6(ifa), sizeof(candidate)); 1623 in6_clearscope(&candidate); 1624 candidate.s6_addr32[0] &= mask.s6_addr32[0]; 1625 candidate.s6_addr32[1] &= mask.s6_addr32[1]; 1626 candidate.s6_addr32[2] &= mask.s6_addr32[2]; 1627 candidate.s6_addr32[3] &= mask.s6_addr32[3]; 1628 if (IN6_ARE_ADDR_EQUAL(&candidate, &match)) 1629 break; 1630 } 1631 if (!ifa) { 1632 error = EADDRNOTAVAIL; 1633 goto error; 1634 } 1635 ia = ifa2ia6(ifa); 1636 1637 if (cmd == SIOCGLIFADDR) { 1638 /* fill in the if_laddrreq structure */ 1639 memcpy(&iflr->addr, &ia->ia_addr, ia->ia_addr.sin6_len); 1640 error = sa6_recoverscope( 1641 (struct sockaddr_in6 *)&iflr->addr); 1642 if (error != 0) 1643 goto error; 1644 1645 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1646 memcpy(&iflr->dstaddr, &ia->ia_dstaddr, 1647 ia->ia_dstaddr.sin6_len); 1648 error = sa6_recoverscope( 1649 (struct sockaddr_in6 *)&iflr->dstaddr); 1650 if (error != 0) 1651 goto error; 1652 } else 1653 memset(&iflr->dstaddr, 0, sizeof(iflr->dstaddr)); 1654 1655 iflr->prefixlen = 1656 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 1657 1658 iflr->flags = ia->ia6_flags; /* XXX */ 1659 1660 error = 0; 1661 } else { 1662 struct in6_aliasreq ifra; 1663 1664 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */ 1665 memset(&ifra, 0, sizeof(ifra)); 1666 memcpy(ifra.ifra_name, iflr->iflr_name, 1667 sizeof(ifra.ifra_name)); 1668 1669 memcpy(&ifra.ifra_addr, &ia->ia_addr, 1670 ia->ia_addr.sin6_len); 1671 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1672 memcpy(&ifra.ifra_dstaddr, &ia->ia_dstaddr, 1673 ia->ia_dstaddr.sin6_len); 1674 } else { 1675 memset(&ifra.ifra_dstaddr, 0, 1676 sizeof(ifra.ifra_dstaddr)); 1677 } 1678 memcpy(&ifra.ifra_dstaddr, &ia->ia_prefixmask, 1679 ia->ia_prefixmask.sin6_len); 1680 1681 ifra.ifra_flags = ia->ia6_flags; 1682 pserialize_read_exit(s); 1683 1684 return in6_control(so, SIOCDIFADDR_IN6, &ifra, ifp); 1685 } 1686 error: 1687 pserialize_read_exit(s); 1688 return error; 1689 } 1690 } 1691 1692 return EOPNOTSUPP; /* just for safety */ 1693 } 1694 1695 /* 1696 * Initialize an interface's internet6 address 1697 * and routing table entry. 1698 */ 1699 static int 1700 in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia, 1701 const struct sockaddr_in6 *sin6, int newhost) 1702 { 1703 int error = 0, ifacount = 0; 1704 int s = splnet(); 1705 struct ifaddr *ifa; 1706 1707 /* 1708 * Give the interface a chance to initialize 1709 * if this is its first address, 1710 * and to validate the address if necessary. 1711 */ 1712 IFADDR_READER_FOREACH(ifa, ifp) { 1713 if (ifa->ifa_addr->sa_family != AF_INET6) 1714 continue; 1715 ifacount++; 1716 } 1717 1718 ia->ia_addr = *sin6; 1719 1720 if (ifacount <= 0 && 1721 (error = if_addr_init(ifp, &ia->ia_ifa, true)) != 0) { 1722 splx(s); 1723 return error; 1724 } 1725 splx(s); 1726 1727 ia->ia_ifa.ifa_metric = ifp->if_metric; 1728 1729 /* we could do in(6)_socktrim here, but just omit it at this moment. */ 1730 1731 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */ 1732 if (newhost) { 1733 /* set the rtrequest function to create llinfo */ 1734 if (ifp->if_flags & IFF_POINTOPOINT) 1735 ia->ia_ifa.ifa_rtrequest = p2p_rtrequest; 1736 else if ((ifp->if_flags & IFF_LOOPBACK) == 0) 1737 ia->ia_ifa.ifa_rtrequest = nd6_rtrequest; 1738 in6_ifaddlocal(&ia->ia_ifa); 1739 } else { 1740 /* Inform the routing socket of new flags/timings */ 1741 rt_newaddrmsg(RTM_NEWADDR, &ia->ia_ifa, 0, NULL); 1742 } 1743 1744 /* Add the network prefix route. */ 1745 if ((error = in6_ifaddprefix(ia)) != 0) { 1746 if (newhost) 1747 in6_ifremlocal(&ia->ia_ifa); 1748 return error; 1749 } 1750 1751 if (ifp->if_flags & IFF_MULTICAST) 1752 in6_restoremkludge(ia, ifp); 1753 1754 return error; 1755 } 1756 1757 static struct ifaddr * 1758 bestifa(struct ifaddr *best_ifa, struct ifaddr *ifa) 1759 { 1760 if (best_ifa == NULL || best_ifa->ifa_preference < ifa->ifa_preference) 1761 return ifa; 1762 return best_ifa; 1763 } 1764 1765 /* 1766 * Find an IPv6 interface link-local address specific to an interface. 1767 */ 1768 struct in6_ifaddr * 1769 in6ifa_ifpforlinklocal(const struct ifnet *ifp, const int ignoreflags) 1770 { 1771 struct ifaddr *best_ifa = NULL, *ifa; 1772 1773 IFADDR_READER_FOREACH(ifa, ifp) { 1774 if (ifa->ifa_addr->sa_family != AF_INET6) 1775 continue; 1776 if (!IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) 1777 continue; 1778 if ((((struct in6_ifaddr *)ifa)->ia6_flags & ignoreflags) != 0) 1779 continue; 1780 best_ifa = bestifa(best_ifa, ifa); 1781 } 1782 1783 return (struct in6_ifaddr *)best_ifa; 1784 } 1785 1786 struct in6_ifaddr * 1787 in6ifa_ifpforlinklocal_psref(const struct ifnet *ifp, const int ignoreflags, 1788 struct psref *psref) 1789 { 1790 struct in6_ifaddr *ia; 1791 int s = pserialize_read_enter(); 1792 1793 ia = in6ifa_ifpforlinklocal(ifp, ignoreflags); 1794 if (ia != NULL) 1795 ia6_acquire(ia, psref); 1796 pserialize_read_exit(s); 1797 1798 return ia; 1799 } 1800 1801 /* 1802 * find the internet address corresponding to a given address. 1803 * ifaddr is returned referenced. 1804 */ 1805 struct in6_ifaddr * 1806 in6ifa_ifwithaddr(const struct in6_addr *addr, uint32_t zoneid) 1807 { 1808 struct in6_ifaddr *ia; 1809 int s; 1810 1811 s = pserialize_read_enter(); 1812 IN6_ADDRLIST_READER_FOREACH(ia) { 1813 if (IN6_ARE_ADDR_EQUAL(IA6_IN6(ia), addr)) { 1814 if (zoneid != 0 && 1815 zoneid != ia->ia_addr.sin6_scope_id) 1816 continue; 1817 ifaref(&ia->ia_ifa); 1818 break; 1819 } 1820 } 1821 pserialize_read_exit(s); 1822 1823 return ia; 1824 } 1825 1826 /* 1827 * find the internet address corresponding to a given interface and address. 1828 */ 1829 struct in6_ifaddr * 1830 in6ifa_ifpwithaddr(const struct ifnet *ifp, const struct in6_addr *addr) 1831 { 1832 struct ifaddr *best_ifa = NULL, *ifa; 1833 1834 IFADDR_READER_FOREACH(ifa, ifp) { 1835 if (ifa->ifa_addr->sa_family != AF_INET6) 1836 continue; 1837 if (!IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) 1838 continue; 1839 best_ifa = bestifa(best_ifa, ifa); 1840 } 1841 1842 return (struct in6_ifaddr *)best_ifa; 1843 } 1844 1845 struct in6_ifaddr * 1846 in6ifa_ifpwithaddr_psref(const struct ifnet *ifp, const struct in6_addr *addr, 1847 struct psref *psref) 1848 { 1849 struct in6_ifaddr *ia; 1850 int s = pserialize_read_enter(); 1851 1852 ia = in6ifa_ifpwithaddr(ifp, addr); 1853 if (ia != NULL) 1854 ia6_acquire(ia, psref); 1855 pserialize_read_exit(s); 1856 1857 return ia; 1858 } 1859 1860 static struct in6_ifaddr * 1861 bestia(struct in6_ifaddr *best_ia, struct in6_ifaddr *ia) 1862 { 1863 if (best_ia == NULL || 1864 best_ia->ia_ifa.ifa_preference < ia->ia_ifa.ifa_preference) 1865 return ia; 1866 return best_ia; 1867 } 1868 1869 /* 1870 * Convert IP6 address to printable (loggable) representation. 1871 */ 1872 char * 1873 ip6_sprintf(const struct in6_addr *addr) 1874 { 1875 static int ip6round = 0; 1876 static char ip6buf[8][INET6_ADDRSTRLEN]; 1877 char *cp = ip6buf[ip6round++ & 7]; 1878 1879 in6_print(cp, INET6_ADDRSTRLEN, addr); 1880 return cp; 1881 } 1882 1883 /* 1884 * Determine if an address is on a local network. 1885 */ 1886 int 1887 in6_localaddr(const struct in6_addr *in6) 1888 { 1889 struct in6_ifaddr *ia; 1890 int s; 1891 1892 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6)) 1893 return 1; 1894 1895 s = pserialize_read_enter(); 1896 IN6_ADDRLIST_READER_FOREACH(ia) { 1897 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr, 1898 &ia->ia_prefixmask.sin6_addr)) { 1899 pserialize_read_exit(s); 1900 return 1; 1901 } 1902 } 1903 pserialize_read_exit(s); 1904 1905 return 0; 1906 } 1907 1908 int 1909 in6_is_addr_deprecated(struct sockaddr_in6 *sa6) 1910 { 1911 struct in6_ifaddr *ia; 1912 int s; 1913 1914 s = pserialize_read_enter(); 1915 IN6_ADDRLIST_READER_FOREACH(ia) { 1916 if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, 1917 &sa6->sin6_addr) && 1918 #ifdef SCOPEDROUTING 1919 ia->ia_addr.sin6_scope_id == sa6->sin6_scope_id && 1920 #endif 1921 (ia->ia6_flags & IN6_IFF_DEPRECATED) != 0) { 1922 pserialize_read_exit(s); 1923 return 1; /* true */ 1924 } 1925 1926 /* XXX: do we still have to go thru the rest of the list? */ 1927 } 1928 pserialize_read_exit(s); 1929 1930 return 0; /* false */ 1931 } 1932 1933 /* 1934 * return length of part which dst and src are equal 1935 * hard coding... 1936 */ 1937 int 1938 in6_matchlen(struct in6_addr *src, struct in6_addr *dst) 1939 { 1940 int match = 0; 1941 u_char *s = (u_char *)src, *d = (u_char *)dst; 1942 u_char *lim = s + 16, r; 1943 1944 while (s < lim) 1945 if ((r = (*d++ ^ *s++)) != 0) { 1946 while (r < 128) { 1947 match++; 1948 r <<= 1; 1949 } 1950 break; 1951 } else 1952 match += NBBY; 1953 return match; 1954 } 1955 1956 /* XXX: to be scope conscious */ 1957 int 1958 in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len) 1959 { 1960 int bytelen, bitlen; 1961 1962 /* sanity check */ 1963 if (len < 0 || len > 128) { 1964 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n", 1965 len); 1966 return 0; 1967 } 1968 1969 bytelen = len / NBBY; 1970 bitlen = len % NBBY; 1971 1972 if (memcmp(&p1->s6_addr, &p2->s6_addr, bytelen)) 1973 return 0; 1974 if (bitlen != 0 && 1975 p1->s6_addr[bytelen] >> (NBBY - bitlen) != 1976 p2->s6_addr[bytelen] >> (NBBY - bitlen)) 1977 return 0; 1978 1979 return 1; 1980 } 1981 1982 void 1983 in6_prefixlen2mask(struct in6_addr *maskp, int len) 1984 { 1985 static const u_char maskarray[NBBY] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff}; 1986 int bytelen, bitlen, i; 1987 1988 /* sanity check */ 1989 if (len < 0 || len > 128) { 1990 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n", 1991 len); 1992 return; 1993 } 1994 1995 memset(maskp, 0, sizeof(*maskp)); 1996 bytelen = len / NBBY; 1997 bitlen = len % NBBY; 1998 for (i = 0; i < bytelen; i++) 1999 maskp->s6_addr[i] = 0xff; 2000 if (bitlen) 2001 maskp->s6_addr[bytelen] = maskarray[bitlen - 1]; 2002 } 2003 2004 /* 2005 * return the best address out of the same scope. if no address was 2006 * found, return the first valid address from designated IF. 2007 */ 2008 struct in6_ifaddr * 2009 in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst) 2010 { 2011 int dst_scope = in6_addrscope(dst), blen = -1, tlen; 2012 struct ifaddr *ifa; 2013 struct in6_ifaddr *best_ia = NULL, *ia; 2014 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */ 2015 2016 dep[0] = dep[1] = NULL; 2017 2018 /* 2019 * We first look for addresses in the same scope. 2020 * If there is one, return it. 2021 * If two or more, return one which matches the dst longest. 2022 * If none, return one of global addresses assigned other ifs. 2023 */ 2024 IFADDR_READER_FOREACH(ifa, ifp) { 2025 if (ifa->ifa_addr->sa_family != AF_INET6) 2026 continue; 2027 ia = (struct in6_ifaddr *)ifa; 2028 if (ia->ia6_flags & IN6_IFF_ANYCAST) 2029 continue; /* XXX: is there any case to allow anycast? */ 2030 if (ia->ia6_flags & IN6_IFF_NOTREADY) 2031 continue; /* don't use this interface */ 2032 if (ia->ia6_flags & IN6_IFF_DETACHED) 2033 continue; 2034 if (ia->ia6_flags & IN6_IFF_DEPRECATED) { 2035 if (ip6_use_deprecated) 2036 dep[0] = ia; 2037 continue; 2038 } 2039 2040 if (dst_scope != in6_addrscope(IFA_IN6(ifa))) 2041 continue; 2042 /* 2043 * call in6_matchlen() as few as possible 2044 */ 2045 if (best_ia == NULL) { 2046 best_ia = ia; 2047 continue; 2048 } 2049 if (blen == -1) 2050 blen = in6_matchlen(&best_ia->ia_addr.sin6_addr, dst); 2051 tlen = in6_matchlen(IFA_IN6(ifa), dst); 2052 if (tlen > blen) { 2053 blen = tlen; 2054 best_ia = ia; 2055 } else if (tlen == blen) 2056 best_ia = bestia(best_ia, ia); 2057 } 2058 if (best_ia != NULL) 2059 return best_ia; 2060 2061 IFADDR_READER_FOREACH(ifa, ifp) { 2062 if (ifa->ifa_addr->sa_family != AF_INET6) 2063 continue; 2064 ia = (struct in6_ifaddr *)ifa; 2065 if (ia->ia6_flags & IN6_IFF_ANYCAST) 2066 continue; /* XXX: is there any case to allow anycast? */ 2067 if (ia->ia6_flags & IN6_IFF_NOTREADY) 2068 continue; /* don't use this interface */ 2069 if (ia->ia6_flags & IN6_IFF_DETACHED) 2070 continue; 2071 if (ia->ia6_flags & IN6_IFF_DEPRECATED) { 2072 if (ip6_use_deprecated) 2073 dep[1] = (struct in6_ifaddr *)ifa; 2074 continue; 2075 } 2076 2077 best_ia = bestia(best_ia, ia); 2078 } 2079 if (best_ia != NULL) 2080 return best_ia; 2081 2082 /* use the last-resort values, that are, deprecated addresses */ 2083 if (dep[0]) 2084 return dep[0]; 2085 if (dep[1]) 2086 return dep[1]; 2087 2088 return NULL; 2089 } 2090 2091 /* 2092 * perform DAD when interface becomes IFF_UP. 2093 */ 2094 void 2095 in6_if_link_up(struct ifnet *ifp) 2096 { 2097 struct ifaddr *ifa; 2098 struct in6_ifaddr *ia; 2099 int s, bound; 2100 2101 /* Ensure it's sane to run DAD */ 2102 if (ifp->if_link_state == LINK_STATE_DOWN) 2103 return; 2104 if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) != (IFF_UP|IFF_RUNNING)) 2105 return; 2106 2107 bound = curlwp_bind(); 2108 s = pserialize_read_enter(); 2109 IFADDR_READER_FOREACH(ifa, ifp) { 2110 struct psref psref; 2111 2112 if (ifa->ifa_addr->sa_family != AF_INET6) 2113 continue; 2114 2115 ifa_acquire(ifa, &psref); 2116 pserialize_read_exit(s); 2117 ia = (struct in6_ifaddr *)ifa; 2118 2119 /* If detached then mark as tentative */ 2120 if (ia->ia6_flags & IN6_IFF_DETACHED) { 2121 ia->ia6_flags &= ~IN6_IFF_DETACHED; 2122 if (if_do_dad(ifp)) { 2123 ia->ia6_flags |= IN6_IFF_TENTATIVE; 2124 nd6log(LOG_ERR, "%s marked tentative\n", 2125 ip6_sprintf(&ia->ia_addr.sin6_addr)); 2126 } else if ((ia->ia6_flags & IN6_IFF_TENTATIVE) == 0) 2127 rt_newaddrmsg(RTM_NEWADDR, ifa, 0, NULL); 2128 } 2129 2130 if (ia->ia6_flags & IN6_IFF_TENTATIVE) { 2131 int rand_delay; 2132 2133 /* Clear the duplicated flag as we're starting DAD. */ 2134 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; 2135 2136 /* 2137 * The TENTATIVE flag was likely set by hand 2138 * beforehand, implicitly indicating the need for DAD. 2139 * We may be able to skip the random delay in this 2140 * case, but we impose delays just in case. 2141 */ 2142 rand_delay = cprng_fast32() % 2143 (MAX_RTR_SOLICITATION_DELAY * hz); 2144 /* +1 ensures callout is always used */ 2145 nd6_dad_start(ifa, rand_delay + 1); 2146 } 2147 2148 s = pserialize_read_enter(); 2149 ifa_release(ifa, &psref); 2150 } 2151 pserialize_read_exit(s); 2152 curlwp_bindx(bound); 2153 2154 /* Restore any detached prefixes */ 2155 ND6_WLOCK(); 2156 nd6_pfxlist_onlink_check(); 2157 ND6_UNLOCK(); 2158 } 2159 2160 void 2161 in6_if_up(struct ifnet *ifp) 2162 { 2163 2164 /* 2165 * special cases, like 6to4, are handled in in6_ifattach 2166 */ 2167 in6_ifattach(ifp, NULL); 2168 2169 /* interface may not support link state, so bring it up also */ 2170 in6_if_link_up(ifp); 2171 } 2172 2173 /* 2174 * Mark all addresses as detached. 2175 */ 2176 void 2177 in6_if_link_down(struct ifnet *ifp) 2178 { 2179 struct ifaddr *ifa; 2180 struct in6_ifaddr *ia; 2181 int s, bound; 2182 2183 /* Any prefixes on this interface should be detached as well */ 2184 ND6_WLOCK(); 2185 nd6_pfxlist_onlink_check(); 2186 ND6_UNLOCK(); 2187 2188 bound = curlwp_bind(); 2189 s = pserialize_read_enter(); 2190 IFADDR_READER_FOREACH(ifa, ifp) { 2191 struct psref psref; 2192 2193 if (ifa->ifa_addr->sa_family != AF_INET6) 2194 continue; 2195 2196 ifa_acquire(ifa, &psref); 2197 pserialize_read_exit(s); 2198 ia = (struct in6_ifaddr *)ifa; 2199 2200 /* Stop DAD processing */ 2201 nd6_dad_stop(ifa); 2202 2203 /* 2204 * Mark the address as detached. 2205 * This satisfies RFC4862 Section 5.3, but we should apply 2206 * this logic to all addresses to be a good citizen and 2207 * avoid potential duplicated addresses. 2208 * When the interface comes up again, detached addresses 2209 * are marked tentative and DAD commences. 2210 */ 2211 if (!(ia->ia6_flags & IN6_IFF_DETACHED)) { 2212 nd6log(LOG_DEBUG, "%s marked detached\n", 2213 ip6_sprintf(&ia->ia_addr.sin6_addr)); 2214 ia->ia6_flags |= IN6_IFF_DETACHED; 2215 ia->ia6_flags &= 2216 ~(IN6_IFF_TENTATIVE | IN6_IFF_DUPLICATED); 2217 rt_newaddrmsg(RTM_NEWADDR, ifa, 0, NULL); 2218 } 2219 2220 s = pserialize_read_enter(); 2221 ifa_release(ifa, &psref); 2222 } 2223 pserialize_read_exit(s); 2224 curlwp_bindx(bound); 2225 } 2226 2227 void 2228 in6_if_down(struct ifnet *ifp) 2229 { 2230 2231 in6_if_link_down(ifp); 2232 } 2233 2234 void 2235 in6_if_link_state_change(struct ifnet *ifp, int link_state) 2236 { 2237 2238 switch (link_state) { 2239 case LINK_STATE_DOWN: 2240 in6_if_link_down(ifp); 2241 break; 2242 case LINK_STATE_UP: 2243 in6_if_link_up(ifp); 2244 break; 2245 } 2246 } 2247 2248 /* 2249 * Calculate max IPv6 MTU through all the interfaces and store it 2250 * to in6_maxmtu. 2251 */ 2252 void 2253 in6_setmaxmtu(void) 2254 { 2255 unsigned long maxmtu = 0; 2256 struct ifnet *ifp; 2257 int s; 2258 2259 s = pserialize_read_enter(); 2260 IFNET_READER_FOREACH(ifp) { 2261 /* this function can be called during ifnet initialization */ 2262 if (!ifp->if_afdata[AF_INET6]) 2263 continue; 2264 if ((ifp->if_flags & IFF_LOOPBACK) == 0 && 2265 IN6_LINKMTU(ifp) > maxmtu) 2266 maxmtu = IN6_LINKMTU(ifp); 2267 } 2268 pserialize_read_exit(s); 2269 if (maxmtu) /* update only when maxmtu is positive */ 2270 in6_maxmtu = maxmtu; 2271 } 2272 2273 /* 2274 * Provide the length of interface identifiers to be used for the link attached 2275 * to the given interface. The length should be defined in "IPv6 over 2276 * xxx-link" document. Note that address architecture might also define 2277 * the length for a particular set of address prefixes, regardless of the 2278 * link type. As clarified in rfc2462bis, those two definitions should be 2279 * consistent, and those really are as of August 2004. 2280 */ 2281 int 2282 in6_if2idlen(struct ifnet *ifp) 2283 { 2284 switch (ifp->if_type) { 2285 case IFT_ETHER: /* RFC2464 */ 2286 case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */ 2287 case IFT_L2VLAN: /* ditto */ 2288 case IFT_IEEE80211: /* ditto */ 2289 case IFT_FDDI: /* RFC2467 */ 2290 case IFT_ISO88025: /* RFC2470 (IPv6 over Token Ring) */ 2291 case IFT_PPP: /* RFC2472 */ 2292 case IFT_ARCNET: /* RFC2497 */ 2293 case IFT_FRELAY: /* RFC2590 */ 2294 case IFT_IEEE1394: /* RFC3146 */ 2295 case IFT_GIF: /* draft-ietf-v6ops-mech-v2-07 */ 2296 case IFT_LOOP: /* XXX: is this really correct? */ 2297 return 64; 2298 default: 2299 /* 2300 * Unknown link type: 2301 * It might be controversial to use the today's common constant 2302 * of 64 for these cases unconditionally. For full compliance, 2303 * we should return an error in this case. On the other hand, 2304 * if we simply miss the standard for the link type or a new 2305 * standard is defined for a new link type, the IFID length 2306 * is very likely to be the common constant. As a compromise, 2307 * we always use the constant, but make an explicit notice 2308 * indicating the "unknown" case. 2309 */ 2310 printf("in6_if2idlen: unknown link type (%d)\n", ifp->if_type); 2311 return 64; 2312 } 2313 } 2314 2315 struct in6_llentry { 2316 struct llentry base; 2317 }; 2318 2319 #define IN6_LLTBL_DEFAULT_HSIZE 32 2320 #define IN6_LLTBL_HASH(k, h) \ 2321 (((((((k >> 8) ^ k) >> 8) ^ k) >> 8) ^ k) & ((h) - 1)) 2322 2323 /* 2324 * Do actual deallocation of @lle. 2325 * Called by LLE_FREE_LOCKED when number of references 2326 * drops to zero. 2327 */ 2328 static void 2329 in6_lltable_destroy_lle(struct llentry *lle) 2330 { 2331 2332 LLE_WUNLOCK(lle); 2333 LLE_LOCK_DESTROY(lle); 2334 kmem_intr_free(lle, sizeof(struct in6_llentry)); 2335 } 2336 2337 static struct llentry * 2338 in6_lltable_new(const struct in6_addr *addr6, u_int flags) 2339 { 2340 struct in6_llentry *lle; 2341 2342 lle = kmem_intr_zalloc(sizeof(struct in6_llentry), KM_NOSLEEP); 2343 if (lle == NULL) /* NB: caller generates msg */ 2344 return NULL; 2345 2346 lle->base.r_l3addr.addr6 = *addr6; 2347 lle->base.lle_refcnt = 1; 2348 lle->base.lle_free = in6_lltable_destroy_lle; 2349 LLE_LOCK_INIT(&lle->base); 2350 callout_init(&lle->base.lle_timer, CALLOUT_MPSAFE); 2351 2352 return &lle->base; 2353 } 2354 2355 static int 2356 in6_lltable_match_prefix(const struct sockaddr *prefix, 2357 const struct sockaddr *mask, u_int flags, struct llentry *lle) 2358 { 2359 const struct sockaddr_in6 *pfx = (const struct sockaddr_in6 *)prefix; 2360 const struct sockaddr_in6 *msk = (const struct sockaddr_in6 *)mask; 2361 2362 if (IN6_ARE_MASKED_ADDR_EQUAL(&lle->r_l3addr.addr6, 2363 &pfx->sin6_addr, &msk->sin6_addr) && 2364 ((flags & LLE_STATIC) || !(lle->la_flags & LLE_STATIC))) 2365 return 1; 2366 2367 return 0; 2368 } 2369 2370 static void 2371 in6_lltable_free_entry(struct lltable *llt, struct llentry *lle) 2372 { 2373 struct ifnet *ifp = llt->llt_ifp; 2374 2375 IF_AFDATA_WLOCK_ASSERT(ifp); 2376 LLE_WLOCK_ASSERT(lle); 2377 2378 /* Unlink entry from table */ 2379 if ((lle->la_flags & LLE_LINKED) != 0) { 2380 2381 lltable_unlink_entry(llt, lle); 2382 KASSERT((lle->la_flags & LLE_LINKED) == 0); 2383 } 2384 /* 2385 * We need to release the lock here to lle_timer proceeds; 2386 * lle_timer should stop immediately if LLE_LINKED isn't set. 2387 * Note that we cannot pass lle->lle_lock to callout_halt 2388 * because it's a rwlock. 2389 */ 2390 LLE_ADDREF(lle); 2391 LLE_WUNLOCK(lle); 2392 IF_AFDATA_WUNLOCK(ifp); 2393 2394 #ifdef NET_MPSAFE 2395 callout_halt(&lle->lle_timer, NULL); 2396 #else 2397 if (mutex_owned(softnet_lock)) 2398 callout_halt(&lle->lle_timer, softnet_lock); 2399 else 2400 callout_halt(&lle->lle_timer, NULL); 2401 #endif 2402 LLE_WLOCK(lle); 2403 LLE_REMREF(lle); 2404 2405 lltable_drop_entry_queue(lle); 2406 LLE_FREE_LOCKED(lle); 2407 2408 IF_AFDATA_WLOCK(ifp); 2409 } 2410 2411 static int 2412 in6_lltable_rtcheck(struct ifnet *ifp, 2413 u_int flags, 2414 const struct sockaddr *l3addr) 2415 { 2416 struct rtentry *rt; 2417 2418 KASSERTMSG(l3addr->sa_family == AF_INET6, 2419 "sin_family %d", l3addr->sa_family); 2420 2421 rt = rtalloc1(l3addr, 0); 2422 if (rt == NULL || (rt->rt_flags & RTF_GATEWAY) || rt->rt_ifp != ifp) { 2423 int s; 2424 struct ifaddr *ifa; 2425 /* 2426 * Create an ND6 cache for an IPv6 neighbor 2427 * that is not covered by our own prefix. 2428 */ 2429 /* XXX ifaof_ifpforaddr should take a const param */ 2430 s = pserialize_read_enter(); 2431 ifa = ifaof_ifpforaddr(l3addr, ifp); 2432 if (ifa != NULL) { 2433 pserialize_read_exit(s); 2434 if (rt != NULL) 2435 rt_unref(rt); 2436 return 0; 2437 } 2438 pserialize_read_exit(s); 2439 log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n", 2440 ip6_sprintf(&((const struct sockaddr_in6 *)l3addr)->sin6_addr)); 2441 if (rt != NULL) 2442 rt_unref(rt); 2443 return EINVAL; 2444 } 2445 rt_unref(rt); 2446 return 0; 2447 } 2448 2449 static inline uint32_t 2450 in6_lltable_hash_dst(const struct in6_addr *dst, uint32_t hsize) 2451 { 2452 2453 return IN6_LLTBL_HASH(dst->s6_addr32[3], hsize); 2454 } 2455 2456 static uint32_t 2457 in6_lltable_hash(const struct llentry *lle, uint32_t hsize) 2458 { 2459 2460 return in6_lltable_hash_dst(&lle->r_l3addr.addr6, hsize); 2461 } 2462 2463 static void 2464 in6_lltable_fill_sa_entry(const struct llentry *lle, struct sockaddr *sa) 2465 { 2466 struct sockaddr_in6 *sin6; 2467 2468 sin6 = (struct sockaddr_in6 *)sa; 2469 bzero(sin6, sizeof(*sin6)); 2470 sin6->sin6_family = AF_INET6; 2471 sin6->sin6_len = sizeof(*sin6); 2472 sin6->sin6_addr = lle->r_l3addr.addr6; 2473 } 2474 2475 static inline struct llentry * 2476 in6_lltable_find_dst(struct lltable *llt, const struct in6_addr *dst) 2477 { 2478 struct llentry *lle; 2479 struct llentries *lleh; 2480 u_int hashidx; 2481 2482 hashidx = in6_lltable_hash_dst(dst, llt->llt_hsize); 2483 lleh = &llt->lle_head[hashidx]; 2484 LIST_FOREACH(lle, lleh, lle_next) { 2485 if (lle->la_flags & LLE_DELETED) 2486 continue; 2487 if (IN6_ARE_ADDR_EQUAL(&lle->r_l3addr.addr6, dst)) 2488 break; 2489 } 2490 2491 return lle; 2492 } 2493 2494 static int 2495 in6_lltable_delete(struct lltable *llt, u_int flags, 2496 const struct sockaddr *l3addr) 2497 { 2498 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr; 2499 struct llentry *lle; 2500 2501 IF_AFDATA_WLOCK_ASSERT(llt->llt_ifp); 2502 KASSERTMSG(l3addr->sa_family == AF_INET6, 2503 "sin_family %d", l3addr->sa_family); 2504 2505 lle = in6_lltable_find_dst(llt, &sin6->sin6_addr); 2506 2507 if (lle == NULL) 2508 return ENOENT; 2509 2510 LLE_WLOCK(lle); 2511 lle->la_flags |= LLE_DELETED; 2512 #ifdef DIAGNOSTIC 2513 log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle); 2514 #endif 2515 if ((lle->la_flags & (LLE_STATIC | LLE_IFADDR)) == LLE_STATIC) 2516 llentry_free(lle); 2517 else 2518 LLE_WUNLOCK(lle); 2519 2520 return 0; 2521 } 2522 2523 static struct llentry * 2524 in6_lltable_create(struct lltable *llt, u_int flags, 2525 const struct sockaddr *l3addr) 2526 { 2527 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr; 2528 struct ifnet *ifp = llt->llt_ifp; 2529 struct llentry *lle; 2530 2531 IF_AFDATA_WLOCK_ASSERT(ifp); 2532 KASSERTMSG(l3addr->sa_family == AF_INET6, 2533 "sin_family %d", l3addr->sa_family); 2534 2535 lle = in6_lltable_find_dst(llt, &sin6->sin6_addr); 2536 2537 if (lle != NULL) { 2538 LLE_WLOCK(lle); 2539 return lle; 2540 } 2541 2542 /* 2543 * A route that covers the given address must have 2544 * been installed 1st because we are doing a resolution, 2545 * verify this. 2546 */ 2547 if (!(flags & LLE_IFADDR) && 2548 in6_lltable_rtcheck(ifp, flags, l3addr) != 0) 2549 return NULL; 2550 2551 lle = in6_lltable_new(&sin6->sin6_addr, flags); 2552 if (lle == NULL) { 2553 log(LOG_INFO, "lla_lookup: new lle malloc failed\n"); 2554 return NULL; 2555 } 2556 lle->la_flags = flags; 2557 if ((flags & LLE_IFADDR) == LLE_IFADDR) { 2558 memcpy(&lle->ll_addr, CLLADDR(ifp->if_sadl), ifp->if_addrlen); 2559 lle->la_flags |= LLE_VALID; 2560 } 2561 2562 lltable_link_entry(llt, lle); 2563 LLE_WLOCK(lle); 2564 2565 return lle; 2566 } 2567 2568 static struct llentry * 2569 in6_lltable_lookup(struct lltable *llt, u_int flags, 2570 const struct sockaddr *l3addr) 2571 { 2572 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr; 2573 struct llentry *lle; 2574 2575 IF_AFDATA_LOCK_ASSERT(llt->llt_ifp); 2576 KASSERTMSG(l3addr->sa_family == AF_INET6, 2577 "sin_family %d", l3addr->sa_family); 2578 2579 lle = in6_lltable_find_dst(llt, &sin6->sin6_addr); 2580 2581 if (lle == NULL) 2582 return NULL; 2583 2584 if (flags & LLE_EXCLUSIVE) 2585 LLE_WLOCK(lle); 2586 else 2587 LLE_RLOCK(lle); 2588 return lle; 2589 } 2590 2591 static int 2592 in6_lltable_dump_entry(struct lltable *llt, struct llentry *lle, 2593 struct rt_walkarg *w) 2594 { 2595 struct sockaddr_in6 sin6; 2596 2597 LLTABLE_LOCK_ASSERT(); 2598 2599 /* skip deleted entries */ 2600 if (lle->la_flags & LLE_DELETED) 2601 return 0; 2602 2603 sockaddr_in6_init(&sin6, &lle->r_l3addr.addr6, 0, 0, 0); 2604 2605 return lltable_dump_entry(llt, lle, w, sin6tosa(&sin6)); 2606 } 2607 2608 static struct lltable * 2609 in6_lltattach(struct ifnet *ifp) 2610 { 2611 struct lltable *llt; 2612 2613 llt = lltable_allocate_htbl(IN6_LLTBL_DEFAULT_HSIZE); 2614 llt->llt_af = AF_INET6; 2615 llt->llt_ifp = ifp; 2616 2617 llt->llt_lookup = in6_lltable_lookup; 2618 llt->llt_create = in6_lltable_create; 2619 llt->llt_delete = in6_lltable_delete; 2620 llt->llt_dump_entry = in6_lltable_dump_entry; 2621 llt->llt_hash = in6_lltable_hash; 2622 llt->llt_fill_sa_entry = in6_lltable_fill_sa_entry; 2623 llt->llt_free_entry = in6_lltable_free_entry; 2624 llt->llt_match_prefix = in6_lltable_match_prefix; 2625 lltable_link(llt); 2626 2627 return llt; 2628 } 2629 2630 void * 2631 in6_domifattach(struct ifnet *ifp) 2632 { 2633 struct in6_ifextra *ext; 2634 2635 ext = malloc(sizeof(*ext), M_IFADDR, M_WAITOK|M_ZERO); 2636 2637 ext->in6_ifstat = malloc(sizeof(struct in6_ifstat), 2638 M_IFADDR, M_WAITOK|M_ZERO); 2639 2640 ext->icmp6_ifstat = malloc(sizeof(struct icmp6_ifstat), 2641 M_IFADDR, M_WAITOK|M_ZERO); 2642 2643 ext->nd_ifinfo = nd6_ifattach(ifp); 2644 ext->scope6_id = scope6_ifattach(ifp); 2645 ext->nprefixes = 0; 2646 ext->ndefrouters = 0; 2647 2648 ext->lltable = in6_lltattach(ifp); 2649 2650 return ext; 2651 } 2652 2653 void 2654 in6_domifdetach(struct ifnet *ifp, void *aux) 2655 { 2656 struct in6_ifextra *ext = (struct in6_ifextra *)aux; 2657 2658 lltable_free(ext->lltable); 2659 ext->lltable = NULL; 2660 nd6_ifdetach(ifp, ext); 2661 free(ext->in6_ifstat, M_IFADDR); 2662 free(ext->icmp6_ifstat, M_IFADDR); 2663 scope6_ifdetach(ext->scope6_id); 2664 free(ext, M_IFADDR); 2665 } 2666 2667 /* 2668 * Convert IPv4 address stored in struct in_addr to IPv4-Mapped IPv6 address 2669 * stored in struct in6_addr as defined in RFC 4921 section 2.5.5.2. 2670 */ 2671 void 2672 in6_in_2_v4mapin6(const struct in_addr *in, struct in6_addr *in6) 2673 { 2674 in6->s6_addr32[0] = 0; 2675 in6->s6_addr32[1] = 0; 2676 in6->s6_addr32[2] = IPV6_ADDR_INT32_SMP; 2677 in6->s6_addr32[3] = in->s_addr; 2678 } 2679 2680 /* 2681 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be 2682 * v4 mapped addr or v4 compat addr 2683 */ 2684 void 2685 in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2686 { 2687 memset(sin, 0, sizeof(*sin)); 2688 sin->sin_len = sizeof(struct sockaddr_in); 2689 sin->sin_family = AF_INET; 2690 sin->sin_port = sin6->sin6_port; 2691 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3]; 2692 } 2693 2694 /* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */ 2695 void 2696 in6_sin_2_v4mapsin6(const struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2697 { 2698 memset(sin6, 0, sizeof(*sin6)); 2699 sin6->sin6_len = sizeof(struct sockaddr_in6); 2700 sin6->sin6_family = AF_INET6; 2701 sin6->sin6_port = sin->sin_port; 2702 in6_in_2_v4mapin6(&sin->sin_addr, &sin6->sin6_addr); 2703 } 2704 2705 /* Convert sockaddr_in6 into sockaddr_in. */ 2706 void 2707 in6_sin6_2_sin_in_sock(struct sockaddr *nam) 2708 { 2709 struct sockaddr_in *sin_p; 2710 struct sockaddr_in6 sin6; 2711 2712 /* 2713 * Save original sockaddr_in6 addr and convert it 2714 * to sockaddr_in. 2715 */ 2716 sin6 = *(struct sockaddr_in6 *)nam; 2717 sin_p = (struct sockaddr_in *)nam; 2718 in6_sin6_2_sin(sin_p, &sin6); 2719 } 2720 2721 /* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */ 2722 void 2723 in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam) 2724 { 2725 struct sockaddr_in *sin_p; 2726 struct sockaddr_in6 *sin6_p; 2727 2728 sin6_p = malloc(sizeof(*sin6_p), M_SONAME, M_WAITOK); 2729 sin_p = (struct sockaddr_in *)*nam; 2730 in6_sin_2_v4mapsin6(sin_p, sin6_p); 2731 free(*nam, M_SONAME); 2732 *nam = sin6tosa(sin6_p); 2733 } 2734