1 /* $NetBSD: in6.c,v 1.199 2016/05/12 02:24:17 ozaki-r Exp $ */ 2 /* $KAME: in6.c,v 1.198 2001/07/18 09:12:38 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1991, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 * 61 * @(#)in.c 8.2 (Berkeley) 11/15/93 62 */ 63 64 #include <sys/cdefs.h> 65 __KERNEL_RCSID(0, "$NetBSD: in6.c,v 1.199 2016/05/12 02:24:17 ozaki-r Exp $"); 66 67 #ifdef _KERNEL_OPT 68 #include "opt_inet.h" 69 #include "opt_compat_netbsd.h" 70 #endif 71 72 #include <sys/param.h> 73 #include <sys/ioctl.h> 74 #include <sys/errno.h> 75 #include <sys/malloc.h> 76 #include <sys/socket.h> 77 #include <sys/socketvar.h> 78 #include <sys/sockio.h> 79 #include <sys/systm.h> 80 #include <sys/proc.h> 81 #include <sys/time.h> 82 #include <sys/kernel.h> 83 #include <sys/syslog.h> 84 #include <sys/kauth.h> 85 #include <sys/cprng.h> 86 #include <sys/kmem.h> 87 88 #include <net/if.h> 89 #include <net/if_types.h> 90 #include <net/if_llatbl.h> 91 #include <net/if_ether.h> 92 #include <net/if_dl.h> 93 #include <net/pfil.h> 94 #include <net/route.h> 95 96 #include <netinet/in.h> 97 #include <netinet/in_var.h> 98 99 #include <netinet/ip6.h> 100 #include <netinet6/ip6_var.h> 101 #include <netinet6/nd6.h> 102 #include <netinet6/mld6_var.h> 103 #include <netinet6/ip6_mroute.h> 104 #include <netinet6/in6_ifattach.h> 105 #include <netinet6/scope6_var.h> 106 107 #include <net/net_osdep.h> 108 109 #ifdef COMPAT_50 110 #include <compat/netinet6/in6_var.h> 111 #endif 112 113 MALLOC_DEFINE(M_IP6OPT, "ip6_options", "IPv6 options"); 114 115 /* enable backward compatibility code for obsoleted ioctls */ 116 #define COMPAT_IN6IFIOCTL 117 118 #ifdef IN6_DEBUG 119 #define IN6_DPRINTF(__fmt, ...) printf(__fmt, __VA_ARGS__) 120 #else 121 #define IN6_DPRINTF(__fmt, ...) do { } while (/*CONSTCOND*/0) 122 #endif /* IN6_DEBUG */ 123 124 /* 125 * Definitions of some constant IP6 addresses. 126 */ 127 const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT; 128 const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT; 129 const struct in6_addr in6addr_nodelocal_allnodes = 130 IN6ADDR_NODELOCAL_ALLNODES_INIT; 131 const struct in6_addr in6addr_linklocal_allnodes = 132 IN6ADDR_LINKLOCAL_ALLNODES_INIT; 133 const struct in6_addr in6addr_linklocal_allrouters = 134 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT; 135 136 const struct in6_addr in6mask0 = IN6MASK0; 137 const struct in6_addr in6mask32 = IN6MASK32; 138 const struct in6_addr in6mask64 = IN6MASK64; 139 const struct in6_addr in6mask96 = IN6MASK96; 140 const struct in6_addr in6mask128 = IN6MASK128; 141 142 const struct sockaddr_in6 sa6_any = {sizeof(sa6_any), AF_INET6, 143 0, 0, IN6ADDR_ANY_INIT, 0}; 144 145 static int in6_lifaddr_ioctl(struct socket *, u_long, void *, 146 struct ifnet *); 147 static int in6_ifinit(struct ifnet *, struct in6_ifaddr *, 148 const struct sockaddr_in6 *, int); 149 static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *); 150 151 /* 152 * Add ownaddr as loopback rtentry. We previously add the route only if 153 * necessary (ex. on a p2p link). However, since we now manage addresses 154 * separately from prefixes, we should always add the route. We can't 155 * rely on the cloning mechanism from the corresponding interface route 156 * any more. 157 */ 158 void 159 in6_ifaddlocal(struct ifaddr *ifa) 160 { 161 162 if (IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &in6addr_any) || 163 (ifa->ifa_ifp->if_flags & IFF_POINTOPOINT && 164 IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), IFA_DSTIN6(ifa)))) 165 { 166 rt_newaddrmsg(RTM_NEWADDR, ifa, 0, NULL); 167 return; 168 } 169 170 rt_ifa_addlocal(ifa); 171 } 172 173 /* 174 * Remove loopback rtentry of ownaddr generated by in6_ifaddlocal(), 175 * if it exists. 176 */ 177 void 178 in6_ifremlocal(struct ifaddr *ifa) 179 { 180 struct in6_ifaddr *ia; 181 struct ifaddr *alt_ifa = NULL; 182 int ia_count = 0; 183 184 /* 185 * Some of BSD variants do not remove cloned routes 186 * from an interface direct route, when removing the direct route 187 * (see comments in net/net_osdep.h). Even for variants that do remove 188 * cloned routes, they could fail to remove the cloned routes when 189 * we handle multple addresses that share a common prefix. 190 * So, we should remove the route corresponding to the deleted address. 191 */ 192 193 /* 194 * Delete the entry only if exactly one ifaddr matches the 195 * address, ifa->ifa_addr. 196 * 197 * If more than one ifaddr matches, replace the ifaddr in 198 * the routing table, rt_ifa, with a different ifaddr than 199 * the one we are purging, ifa. It is important to do 200 * this, or else the routing table can accumulate dangling 201 * pointers rt->rt_ifa->ifa_ifp to destroyed interfaces, 202 * which will lead to crashes, later. (More than one ifaddr 203 * can match if we assign the same address to multiple---probably 204 * p2p---interfaces.) 205 * 206 * XXX An old comment at this place said, "we should avoid 207 * XXX such a configuration [i.e., interfaces with the same 208 * XXX addressed assigned --ed.] in IPv6...". I do not 209 * XXX agree, especially now that I have fixed the dangling 210 * XXX ifp-pointers bug. 211 */ 212 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 213 if (!IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &ia->ia_addr.sin6_addr)) 214 continue; 215 if (ia->ia_ifp != ifa->ifa_ifp) 216 alt_ifa = &ia->ia_ifa; 217 if (++ia_count > 1 && alt_ifa != NULL) 218 break; 219 } 220 221 if (ia_count == 0) 222 return; 223 224 rt_ifa_remlocal(ifa, ia_count == 1 ? NULL : alt_ifa); 225 } 226 227 int 228 in6_mask2len(struct in6_addr *mask, u_char *lim0) 229 { 230 int x = 0, y; 231 u_char *lim = lim0, *p; 232 233 /* ignore the scope_id part */ 234 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask)) 235 lim = (u_char *)mask + sizeof(*mask); 236 for (p = (u_char *)mask; p < lim; x++, p++) { 237 if (*p != 0xff) 238 break; 239 } 240 y = 0; 241 if (p < lim) { 242 for (y = 0; y < NBBY; y++) { 243 if ((*p & (0x80 >> y)) == 0) 244 break; 245 } 246 } 247 248 /* 249 * when the limit pointer is given, do a stricter check on the 250 * remaining bits. 251 */ 252 if (p < lim) { 253 if (y != 0 && (*p & (0x00ff >> y)) != 0) 254 return -1; 255 for (p = p + 1; p < lim; p++) 256 if (*p != 0) 257 return -1; 258 } 259 260 return x * NBBY + y; 261 } 262 263 #define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa)) 264 #define ia62ifa(ia6) (&((ia6)->ia_ifa)) 265 266 static int 267 in6_control1(struct socket *so, u_long cmd, void *data, struct ifnet *ifp) 268 { 269 struct in6_ifreq *ifr = (struct in6_ifreq *)data; 270 struct in6_ifaddr *ia = NULL; 271 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data; 272 struct sockaddr_in6 *sa6; 273 int error; 274 275 switch (cmd) { 276 case SIOCAADDRCTL_POLICY: 277 case SIOCDADDRCTL_POLICY: 278 /* Privileged. */ 279 return in6_src_ioctl(cmd, data); 280 /* 281 * XXX: Fix me, once we fix SIOCSIFADDR, SIOCIFDSTADDR, etc. 282 */ 283 case SIOCSIFADDR: 284 case SIOCSIFDSTADDR: 285 case SIOCSIFBRDADDR: 286 case SIOCSIFNETMASK: 287 return EOPNOTSUPP; 288 case SIOCGETSGCNT_IN6: 289 case SIOCGETMIFCNT_IN6: 290 return mrt6_ioctl(cmd, data); 291 case SIOCGIFADDRPREF: 292 case SIOCSIFADDRPREF: 293 if (ifp == NULL) 294 return EINVAL; 295 return ifaddrpref_ioctl(so, cmd, data, ifp); 296 } 297 298 if (ifp == NULL) 299 return EOPNOTSUPP; 300 301 switch (cmd) { 302 case SIOCSNDFLUSH_IN6: 303 case SIOCSPFXFLUSH_IN6: 304 case SIOCSRTRFLUSH_IN6: 305 case SIOCSDEFIFACE_IN6: 306 case SIOCSIFINFO_FLAGS: 307 case SIOCSIFINFO_IN6: 308 /* Privileged. */ 309 /* FALLTHROUGH */ 310 case OSIOCGIFINFO_IN6: 311 case SIOCGIFINFO_IN6: 312 case SIOCGDRLST_IN6: 313 case SIOCGPRLST_IN6: 314 case SIOCGNBRINFO_IN6: 315 case SIOCGDEFIFACE_IN6: 316 return nd6_ioctl(cmd, data, ifp); 317 } 318 319 switch (cmd) { 320 case SIOCSIFPREFIX_IN6: 321 case SIOCDIFPREFIX_IN6: 322 case SIOCAIFPREFIX_IN6: 323 case SIOCCIFPREFIX_IN6: 324 case SIOCSGIFPREFIX_IN6: 325 case SIOCGIFPREFIX_IN6: 326 log(LOG_NOTICE, 327 "prefix ioctls are now invalidated. " 328 "please use ifconfig.\n"); 329 return EOPNOTSUPP; 330 } 331 332 switch (cmd) { 333 case SIOCALIFADDR: 334 case SIOCDLIFADDR: 335 /* Privileged. */ 336 /* FALLTHROUGH */ 337 case SIOCGLIFADDR: 338 return in6_lifaddr_ioctl(so, cmd, data, ifp); 339 } 340 341 /* 342 * Find address for this interface, if it exists. 343 * 344 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation 345 * only, and used the first interface address as the target of other 346 * operations (without checking ifra_addr). This was because netinet 347 * code/API assumed at most 1 interface address per interface. 348 * Since IPv6 allows a node to assign multiple addresses 349 * on a single interface, we almost always look and check the 350 * presence of ifra_addr, and reject invalid ones here. 351 * It also decreases duplicated code among SIOC*_IN6 operations. 352 */ 353 switch (cmd) { 354 case SIOCAIFADDR_IN6: 355 #ifdef OSIOCAIFADDR_IN6 356 case OSIOCAIFADDR_IN6: 357 #endif 358 #ifdef OSIOCSIFPHYADDR_IN6 359 case OSIOCSIFPHYADDR_IN6: 360 #endif 361 case SIOCSIFPHYADDR_IN6: 362 sa6 = &ifra->ifra_addr; 363 break; 364 case SIOCSIFADDR_IN6: 365 case SIOCGIFADDR_IN6: 366 case SIOCSIFDSTADDR_IN6: 367 case SIOCSIFNETMASK_IN6: 368 case SIOCGIFDSTADDR_IN6: 369 case SIOCGIFNETMASK_IN6: 370 case SIOCDIFADDR_IN6: 371 case SIOCGIFPSRCADDR_IN6: 372 case SIOCGIFPDSTADDR_IN6: 373 case SIOCGIFAFLAG_IN6: 374 case SIOCSNDFLUSH_IN6: 375 case SIOCSPFXFLUSH_IN6: 376 case SIOCSRTRFLUSH_IN6: 377 case SIOCGIFALIFETIME_IN6: 378 #ifdef OSIOCGIFALIFETIME_IN6 379 case OSIOCGIFALIFETIME_IN6: 380 #endif 381 case SIOCGIFSTAT_IN6: 382 case SIOCGIFSTAT_ICMP6: 383 sa6 = &ifr->ifr_addr; 384 break; 385 default: 386 sa6 = NULL; 387 break; 388 } 389 if (sa6 && sa6->sin6_family == AF_INET6) { 390 if (sa6->sin6_scope_id != 0) 391 error = sa6_embedscope(sa6, 0); 392 else 393 error = in6_setscope(&sa6->sin6_addr, ifp, NULL); 394 if (error != 0) 395 return error; 396 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr); 397 } else 398 ia = NULL; 399 400 switch (cmd) { 401 case SIOCSIFADDR_IN6: 402 case SIOCSIFDSTADDR_IN6: 403 case SIOCSIFNETMASK_IN6: 404 /* 405 * Since IPv6 allows a node to assign multiple addresses 406 * on a single interface, SIOCSIFxxx ioctls are deprecated. 407 */ 408 return EINVAL; 409 410 case SIOCDIFADDR_IN6: 411 /* 412 * for IPv4, we look for existing in_ifaddr here to allow 413 * "ifconfig if0 delete" to remove the first IPv4 address on 414 * the interface. For IPv6, as the spec allows multiple 415 * interface address from the day one, we consider "remove the 416 * first one" semantics to be not preferable. 417 */ 418 if (ia == NULL) 419 return EADDRNOTAVAIL; 420 /* FALLTHROUGH */ 421 #ifdef OSIOCAIFADDR_IN6 422 case OSIOCAIFADDR_IN6: 423 #endif 424 case SIOCAIFADDR_IN6: 425 /* 426 * We always require users to specify a valid IPv6 address for 427 * the corresponding operation. 428 */ 429 if (ifra->ifra_addr.sin6_family != AF_INET6 || 430 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) 431 return EAFNOSUPPORT; 432 /* Privileged. */ 433 434 break; 435 436 case SIOCGIFADDR_IN6: 437 /* This interface is basically deprecated. use SIOCGIFCONF. */ 438 /* FALLTHROUGH */ 439 case SIOCGIFAFLAG_IN6: 440 case SIOCGIFNETMASK_IN6: 441 case SIOCGIFDSTADDR_IN6: 442 case SIOCGIFALIFETIME_IN6: 443 #ifdef OSIOCGIFALIFETIME_IN6 444 case OSIOCGIFALIFETIME_IN6: 445 #endif 446 /* must think again about its semantics */ 447 if (ia == NULL) 448 return EADDRNOTAVAIL; 449 break; 450 } 451 452 switch (cmd) { 453 454 case SIOCGIFADDR_IN6: 455 ifr->ifr_addr = ia->ia_addr; 456 if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0) 457 return error; 458 break; 459 460 case SIOCGIFDSTADDR_IN6: 461 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) 462 return EINVAL; 463 /* 464 * XXX: should we check if ifa_dstaddr is NULL and return 465 * an error? 466 */ 467 ifr->ifr_dstaddr = ia->ia_dstaddr; 468 if ((error = sa6_recoverscope(&ifr->ifr_dstaddr)) != 0) 469 return error; 470 break; 471 472 case SIOCGIFNETMASK_IN6: 473 ifr->ifr_addr = ia->ia_prefixmask; 474 break; 475 476 case SIOCGIFAFLAG_IN6: 477 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags; 478 break; 479 480 case SIOCGIFSTAT_IN6: 481 if (ifp == NULL) 482 return EINVAL; 483 memset(&ifr->ifr_ifru.ifru_stat, 0, 484 sizeof(ifr->ifr_ifru.ifru_stat)); 485 ifr->ifr_ifru.ifru_stat = 486 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat; 487 break; 488 489 case SIOCGIFSTAT_ICMP6: 490 if (ifp == NULL) 491 return EINVAL; 492 memset(&ifr->ifr_ifru.ifru_icmp6stat, 0, 493 sizeof(ifr->ifr_ifru.ifru_icmp6stat)); 494 ifr->ifr_ifru.ifru_icmp6stat = 495 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat; 496 break; 497 498 #ifdef OSIOCGIFALIFETIME_IN6 499 case OSIOCGIFALIFETIME_IN6: 500 #endif 501 case SIOCGIFALIFETIME_IN6: 502 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime; 503 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 504 time_t maxexpire; 505 struct in6_addrlifetime *retlt = 506 &ifr->ifr_ifru.ifru_lifetime; 507 508 /* 509 * XXX: adjust expiration time assuming time_t is 510 * signed. 511 */ 512 maxexpire = ((time_t)~0) & 513 ~((time_t)1 << ((sizeof(maxexpire) * NBBY) - 1)); 514 if (ia->ia6_lifetime.ia6t_vltime < 515 maxexpire - ia->ia6_updatetime) { 516 retlt->ia6t_expire = ia->ia6_updatetime + 517 ia->ia6_lifetime.ia6t_vltime; 518 retlt->ia6t_expire = retlt->ia6t_expire ? 519 time_mono_to_wall(retlt->ia6t_expire) : 520 0; 521 } else 522 retlt->ia6t_expire = maxexpire; 523 } 524 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 525 time_t maxexpire; 526 struct in6_addrlifetime *retlt = 527 &ifr->ifr_ifru.ifru_lifetime; 528 529 /* 530 * XXX: adjust expiration time assuming time_t is 531 * signed. 532 */ 533 maxexpire = ((time_t)~0) & 534 ~((time_t)1 << ((sizeof(maxexpire) * NBBY) - 1)); 535 if (ia->ia6_lifetime.ia6t_pltime < 536 maxexpire - ia->ia6_updatetime) { 537 retlt->ia6t_preferred = ia->ia6_updatetime + 538 ia->ia6_lifetime.ia6t_pltime; 539 retlt->ia6t_preferred = retlt->ia6t_preferred ? 540 time_mono_to_wall(retlt->ia6t_preferred) : 541 0; 542 } else 543 retlt->ia6t_preferred = maxexpire; 544 } 545 #ifdef OSIOCFIFALIFETIME_IN6 546 if (cmd == OSIOCFIFALIFETIME_IN6) 547 in6_addrlifetime_to_in6_addrlifetime50( 548 &ifr->ifru.ifru_lifetime); 549 #endif 550 break; 551 552 #ifdef OSIOCAIFADDR_IN6 553 case OSIOCAIFADDR_IN6: 554 in6_aliasreq50_to_in6_aliasreq(ifra); 555 /*FALLTHROUGH*/ 556 #endif 557 case SIOCAIFADDR_IN6: 558 { 559 int i; 560 struct nd_prefixctl prc0; 561 struct nd_prefix *pr; 562 struct in6_addrlifetime *lt; 563 564 /* reject read-only flags */ 565 if ((ifra->ifra_flags & IN6_IFF_DUPLICATED) != 0 || 566 (ifra->ifra_flags & IN6_IFF_DETACHED) != 0 || 567 (ifra->ifra_flags & IN6_IFF_TENTATIVE) != 0 || 568 (ifra->ifra_flags & IN6_IFF_NODAD) != 0 || 569 (ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0) { 570 return EINVAL; 571 } 572 /* 573 * ia6t_expire and ia6t_preferred won't be used for now, 574 * so just in case. 575 */ 576 lt = &ifra->ifra_lifetime; 577 if (lt->ia6t_expire != 0) 578 lt->ia6t_expire = time_wall_to_mono(lt->ia6t_expire); 579 if (lt->ia6t_preferred != 0) 580 lt->ia6t_preferred = 581 time_wall_to_mono(lt->ia6t_preferred); 582 /* 583 * first, make or update the interface address structure, 584 * and link it to the list. 585 */ 586 if ((error = in6_update_ifa(ifp, ifra, ia, 0)) != 0) 587 return error; 588 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr)) 589 == NULL) { 590 /* 591 * this can happen when the user specify the 0 valid 592 * lifetime. 593 */ 594 break; 595 } 596 597 /* 598 * then, make the prefix on-link on the interface. 599 * XXX: we'd rather create the prefix before the address, but 600 * we need at least one address to install the corresponding 601 * interface route, so we configure the address first. 602 */ 603 604 /* 605 * convert mask to prefix length (prefixmask has already 606 * been validated in in6_update_ifa(). 607 */ 608 memset(&prc0, 0, sizeof(prc0)); 609 prc0.ndprc_ifp = ifp; 610 prc0.ndprc_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 611 NULL); 612 if (prc0.ndprc_plen == 128) { 613 break; /* we don't need to install a host route. */ 614 } 615 prc0.ndprc_prefix = ifra->ifra_addr; 616 /* apply the mask for safety. */ 617 for (i = 0; i < 4; i++) { 618 prc0.ndprc_prefix.sin6_addr.s6_addr32[i] &= 619 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i]; 620 } 621 /* 622 * XXX: since we don't have an API to set prefix (not address) 623 * lifetimes, we just use the same lifetimes as addresses. 624 * The (temporarily) installed lifetimes can be overridden by 625 * later advertised RAs (when accept_rtadv is non 0), which is 626 * an intended behavior. 627 */ 628 prc0.ndprc_raf_onlink = 1; /* should be configurable? */ 629 prc0.ndprc_raf_auto = 630 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0); 631 prc0.ndprc_vltime = ifra->ifra_lifetime.ia6t_vltime; 632 prc0.ndprc_pltime = ifra->ifra_lifetime.ia6t_pltime; 633 634 /* add the prefix if not yet. */ 635 if ((pr = nd6_prefix_lookup(&prc0)) == NULL) { 636 /* 637 * nd6_prelist_add will install the corresponding 638 * interface route. 639 */ 640 if ((error = nd6_prelist_add(&prc0, NULL, &pr)) != 0) 641 return error; 642 if (pr == NULL) { 643 log(LOG_ERR, "nd6_prelist_add succeeded but " 644 "no prefix\n"); 645 return EINVAL; /* XXX panic here? */ 646 } 647 } 648 649 /* relate the address to the prefix */ 650 if (ia->ia6_ndpr == NULL) { 651 ia->ia6_ndpr = pr; 652 pr->ndpr_refcnt++; 653 654 /* 655 * If this is the first autoconf address from the 656 * prefix, create a temporary address as well 657 * (when required). 658 */ 659 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) && 660 ip6_use_tempaddr && pr->ndpr_refcnt == 1) { 661 int e; 662 if ((e = in6_tmpifadd(ia, 1, 0)) != 0) { 663 log(LOG_NOTICE, "in6_control: failed " 664 "to create a temporary address, " 665 "errno=%d\n", e); 666 } 667 } 668 } 669 670 /* 671 * this might affect the status of autoconfigured addresses, 672 * that is, this address might make other addresses detached. 673 */ 674 pfxlist_onlink_check(); 675 676 (void)pfil_run_hooks(if_pfil, (struct mbuf **)SIOCAIFADDR_IN6, 677 ifp, PFIL_IFADDR); 678 break; 679 } 680 681 case SIOCDIFADDR_IN6: 682 { 683 struct nd_prefix *pr; 684 685 /* 686 * If the address being deleted is the only one that owns 687 * the corresponding prefix, expire the prefix as well. 688 * XXX: theoretically, we don't have to worry about such 689 * relationship, since we separate the address management 690 * and the prefix management. We do this, however, to provide 691 * as much backward compatibility as possible in terms of 692 * the ioctl operation. 693 * Note that in6_purgeaddr() will decrement ndpr_refcnt. 694 */ 695 pr = ia->ia6_ndpr; 696 in6_purgeaddr(&ia->ia_ifa); 697 if (pr && pr->ndpr_refcnt == 0) 698 prelist_remove(pr); 699 (void)pfil_run_hooks(if_pfil, (struct mbuf **)SIOCDIFADDR_IN6, 700 ifp, PFIL_IFADDR); 701 break; 702 } 703 704 default: 705 return ENOTTY; 706 } 707 708 return 0; 709 } 710 711 int 712 in6_control(struct socket *so, u_long cmd, void *data, struct ifnet *ifp) 713 { 714 int error, s; 715 716 switch (cmd) { 717 case SIOCSNDFLUSH_IN6: 718 case SIOCSPFXFLUSH_IN6: 719 case SIOCSRTRFLUSH_IN6: 720 case SIOCSDEFIFACE_IN6: 721 case SIOCSIFINFO_FLAGS: 722 case SIOCSIFINFO_IN6: 723 724 case SIOCALIFADDR: 725 case SIOCDLIFADDR: 726 727 case SIOCDIFADDR_IN6: 728 #ifdef OSIOCAIFADDR_IN6 729 case OSIOCAIFADDR_IN6: 730 #endif 731 case SIOCAIFADDR_IN6: 732 733 case SIOCAADDRCTL_POLICY: 734 case SIOCDADDRCTL_POLICY: 735 736 if (kauth_authorize_network(curlwp->l_cred, 737 KAUTH_NETWORK_SOCKET, 738 KAUTH_REQ_NETWORK_SOCKET_SETPRIV, 739 so, NULL, NULL)) 740 return EPERM; 741 break; 742 } 743 744 s = splnet(); 745 error = in6_control1(so , cmd, data, ifp); 746 splx(s); 747 return error; 748 } 749 750 /* 751 * Update parameters of an IPv6 interface address. 752 * If necessary, a new entry is created and linked into address chains. 753 * This function is separated from in6_control(). 754 * XXX: should this be performed under splnet()? 755 */ 756 static int 757 in6_update_ifa1(struct ifnet *ifp, struct in6_aliasreq *ifra, 758 struct in6_ifaddr *ia, int flags) 759 { 760 int error = 0, hostIsNew = 0, plen = -1; 761 struct in6_ifaddr *oia; 762 struct sockaddr_in6 dst6; 763 struct in6_addrlifetime *lt; 764 struct in6_multi_mship *imm; 765 struct in6_multi *in6m_sol; 766 struct rtentry *rt; 767 int dad_delay, was_tentative; 768 769 in6m_sol = NULL; 770 771 /* Validate parameters */ 772 if (ifp == NULL || ifra == NULL) /* this maybe redundant */ 773 return EINVAL; 774 775 /* 776 * The destination address for a p2p link must have a family 777 * of AF_UNSPEC or AF_INET6. 778 */ 779 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && 780 ifra->ifra_dstaddr.sin6_family != AF_INET6 && 781 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC) 782 return EAFNOSUPPORT; 783 /* 784 * validate ifra_prefixmask. don't check sin6_family, netmask 785 * does not carry fields other than sin6_len. 786 */ 787 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6)) 788 return EINVAL; 789 /* 790 * Because the IPv6 address architecture is classless, we require 791 * users to specify a (non 0) prefix length (mask) for a new address. 792 * We also require the prefix (when specified) mask is valid, and thus 793 * reject a non-consecutive mask. 794 */ 795 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0) 796 return EINVAL; 797 if (ifra->ifra_prefixmask.sin6_len != 0) { 798 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 799 (u_char *)&ifra->ifra_prefixmask + 800 ifra->ifra_prefixmask.sin6_len); 801 if (plen <= 0) 802 return EINVAL; 803 } else { 804 /* 805 * In this case, ia must not be NULL. We just use its prefix 806 * length. 807 */ 808 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 809 } 810 /* 811 * If the destination address on a p2p interface is specified, 812 * and the address is a scoped one, validate/set the scope 813 * zone identifier. 814 */ 815 dst6 = ifra->ifra_dstaddr; 816 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 && 817 (dst6.sin6_family == AF_INET6)) { 818 struct in6_addr in6_tmp; 819 u_int32_t zoneid; 820 821 in6_tmp = dst6.sin6_addr; 822 if (in6_setscope(&in6_tmp, ifp, &zoneid)) 823 return EINVAL; /* XXX: should be impossible */ 824 825 if (dst6.sin6_scope_id != 0) { 826 if (dst6.sin6_scope_id != zoneid) 827 return EINVAL; 828 } else /* user omit to specify the ID. */ 829 dst6.sin6_scope_id = zoneid; 830 831 /* convert into the internal form */ 832 if (sa6_embedscope(&dst6, 0)) 833 return EINVAL; /* XXX: should be impossible */ 834 } 835 /* 836 * The destination address can be specified only for a p2p or a 837 * loopback interface. If specified, the corresponding prefix length 838 * must be 128. 839 */ 840 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) { 841 #ifdef FORCE_P2PPLEN 842 int i; 843 #endif 844 845 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) { 846 /* XXX: noisy message */ 847 nd6log(LOG_INFO, "a destination can " 848 "be specified for a p2p or a loopback IF only\n"); 849 return EINVAL; 850 } 851 if (plen != 128) { 852 nd6log(LOG_INFO, "prefixlen should " 853 "be 128 when dstaddr is specified\n"); 854 #ifdef FORCE_P2PPLEN 855 /* 856 * To be compatible with old configurations, 857 * such as ifconfig gif0 inet6 2001::1 2001::2 858 * prefixlen 126, we override the specified 859 * prefixmask as if the prefix length was 128. 860 */ 861 ifra->ifra_prefixmask.sin6_len = 862 sizeof(struct sockaddr_in6); 863 for (i = 0; i < 4; i++) 864 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i] = 865 0xffffffff; 866 plen = 128; 867 #else 868 return EINVAL; 869 #endif 870 } 871 } 872 /* lifetime consistency check */ 873 lt = &ifra->ifra_lifetime; 874 if (lt->ia6t_pltime > lt->ia6t_vltime) 875 return EINVAL; 876 if (lt->ia6t_vltime == 0) { 877 /* 878 * the following log might be noisy, but this is a typical 879 * configuration mistake or a tool's bug. 880 */ 881 nd6log(LOG_INFO, "valid lifetime is 0 for %s\n", 882 ip6_sprintf(&ifra->ifra_addr.sin6_addr)); 883 884 if (ia == NULL) 885 return 0; /* there's nothing to do */ 886 } 887 888 /* 889 * If this is a new address, allocate a new ifaddr and link it 890 * into chains. 891 */ 892 if (ia == NULL) { 893 hostIsNew = 1; 894 /* 895 * When in6_update_ifa() is called in a process of a received 896 * RA, it is called under an interrupt context. So, we should 897 * call malloc with M_NOWAIT. 898 */ 899 ia = (struct in6_ifaddr *) malloc(sizeof(*ia), M_IFADDR, 900 M_NOWAIT); 901 if (ia == NULL) 902 return ENOBUFS; 903 memset(ia, 0, sizeof(*ia)); 904 LIST_INIT(&ia->ia6_memberships); 905 /* Initialize the address and masks, and put time stamp */ 906 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr; 907 ia->ia_addr.sin6_family = AF_INET6; 908 ia->ia_addr.sin6_len = sizeof(ia->ia_addr); 909 ia->ia6_createtime = time_uptime; 910 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) { 911 /* 912 * XXX: some functions expect that ifa_dstaddr is not 913 * NULL for p2p interfaces. 914 */ 915 ia->ia_ifa.ifa_dstaddr = 916 (struct sockaddr *)&ia->ia_dstaddr; 917 } else { 918 ia->ia_ifa.ifa_dstaddr = NULL; 919 } 920 ia->ia_ifa.ifa_netmask = 921 (struct sockaddr *)&ia->ia_prefixmask; 922 923 ia->ia_ifp = ifp; 924 if ((oia = in6_ifaddr) != NULL) { 925 for ( ; oia->ia_next; oia = oia->ia_next) 926 continue; 927 oia->ia_next = ia; 928 } else 929 in6_ifaddr = ia; 930 /* gain a refcnt for the link from in6_ifaddr */ 931 ifaref(&ia->ia_ifa); 932 933 ifa_insert(ifp, &ia->ia_ifa); 934 } 935 936 /* update timestamp */ 937 ia->ia6_updatetime = time_uptime; 938 939 /* set prefix mask */ 940 if (ifra->ifra_prefixmask.sin6_len) { 941 /* 942 * We prohibit changing the prefix length of an existing 943 * address, because 944 * + such an operation should be rare in IPv6, and 945 * + the operation would confuse prefix management. 946 */ 947 if (ia->ia_prefixmask.sin6_len && 948 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) { 949 nd6log(LOG_INFO, "the prefix length of an" 950 " existing (%s) address should not be changed\n", 951 ip6_sprintf(&ia->ia_addr.sin6_addr)); 952 error = EINVAL; 953 goto unlink; 954 } 955 ia->ia_prefixmask = ifra->ifra_prefixmask; 956 } 957 958 /* 959 * If a new destination address is specified, scrub the old one and 960 * install the new destination. Note that the interface must be 961 * p2p or loopback (see the check above.) 962 */ 963 if (dst6.sin6_family == AF_INET6 && 964 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, &ia->ia_dstaddr.sin6_addr)) { 965 if ((ia->ia_flags & IFA_ROUTE) != 0 && 966 rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST) != 0) { 967 nd6log(LOG_ERR, "failed to remove " 968 "a route to the old destination: %s\n", 969 ip6_sprintf(&ia->ia_addr.sin6_addr)); 970 /* proceed anyway... */ 971 } else 972 ia->ia_flags &= ~IFA_ROUTE; 973 ia->ia_dstaddr = dst6; 974 } 975 976 /* 977 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred 978 * to see if the address is deprecated or invalidated, but initialize 979 * these members for applications. 980 */ 981 ia->ia6_lifetime = ifra->ifra_lifetime; 982 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 983 ia->ia6_lifetime.ia6t_expire = 984 time_uptime + ia->ia6_lifetime.ia6t_vltime; 985 } else 986 ia->ia6_lifetime.ia6t_expire = 0; 987 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 988 ia->ia6_lifetime.ia6t_preferred = 989 time_uptime + ia->ia6_lifetime.ia6t_pltime; 990 } else 991 ia->ia6_lifetime.ia6t_preferred = 0; 992 993 /* 994 * configure address flags. 995 * We need to preserve tentative state so DAD works if 996 * something adds the same address before DAD finishes. 997 */ 998 was_tentative = ia->ia6_flags & (IN6_IFF_TENTATIVE|IN6_IFF_DUPLICATED); 999 ia->ia6_flags = ifra->ifra_flags; 1000 1001 /* 1002 * Make the address tentative before joining multicast addresses, 1003 * so that corresponding MLD responses would not have a tentative 1004 * source address. 1005 */ 1006 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */ 1007 if (ifp->if_link_state == LINK_STATE_DOWN) { 1008 ia->ia6_flags |= IN6_IFF_DETACHED; 1009 ia->ia6_flags &= ~IN6_IFF_TENTATIVE; 1010 } else if ((hostIsNew || was_tentative) && if_do_dad(ifp)) 1011 ia->ia6_flags |= IN6_IFF_TENTATIVE; 1012 1013 /* 1014 * backward compatibility - if IN6_IFF_DEPRECATED is set from the 1015 * userland, make it deprecated. 1016 */ 1017 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) { 1018 ia->ia6_lifetime.ia6t_pltime = 0; 1019 ia->ia6_lifetime.ia6t_preferred = time_uptime; 1020 } 1021 1022 /* reset the interface and routing table appropriately. */ 1023 if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0) 1024 goto unlink; 1025 /* 1026 * We are done if we have simply modified an existing address. 1027 */ 1028 if (!hostIsNew) 1029 return error; 1030 1031 /* 1032 * Beyond this point, we should call in6_purgeaddr upon an error, 1033 * not just go to unlink. 1034 */ 1035 1036 /* join necessary multicast groups */ 1037 if ((ifp->if_flags & IFF_MULTICAST) != 0) { 1038 struct sockaddr_in6 mltaddr, mltmask; 1039 struct in6_addr llsol; 1040 1041 /* join solicited multicast addr for new host id */ 1042 memset(&llsol, 0, sizeof(struct in6_addr)); 1043 llsol.s6_addr16[0] = htons(0xff02); 1044 llsol.s6_addr32[1] = 0; 1045 llsol.s6_addr32[2] = htonl(1); 1046 llsol.s6_addr32[3] = ifra->ifra_addr.sin6_addr.s6_addr32[3]; 1047 llsol.s6_addr8[12] = 0xff; 1048 if ((error = in6_setscope(&llsol, ifp, NULL)) != 0) { 1049 /* XXX: should not happen */ 1050 log(LOG_ERR, "%s: in6_setscope failed\n", __func__); 1051 goto cleanup; 1052 } 1053 dad_delay = 0; 1054 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1055 /* 1056 * We need a random delay for DAD on the address 1057 * being configured. It also means delaying 1058 * transmission of the corresponding MLD report to 1059 * avoid report collision. 1060 * [draft-ietf-ipv6-rfc2462bis-02.txt] 1061 */ 1062 dad_delay = cprng_fast32() % 1063 (MAX_RTR_SOLICITATION_DELAY * hz); 1064 } 1065 1066 #define MLTMASK_LEN 4 /* mltmask's masklen (=32bit=4octet) */ 1067 /* join solicited multicast addr for new host id */ 1068 imm = in6_joingroup(ifp, &llsol, &error, dad_delay); 1069 if (!imm) { 1070 nd6log(LOG_ERR, 1071 "addmulti failed for %s on %s (errno=%d)\n", 1072 ip6_sprintf(&llsol), if_name(ifp), error); 1073 goto cleanup; 1074 } 1075 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1076 in6m_sol = imm->i6mm_maddr; 1077 1078 sockaddr_in6_init(&mltmask, &in6mask32, 0, 0, 0); 1079 1080 /* 1081 * join link-local all-nodes address 1082 */ 1083 sockaddr_in6_init(&mltaddr, &in6addr_linklocal_allnodes, 1084 0, 0, 0); 1085 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0) 1086 goto cleanup; /* XXX: should not fail */ 1087 1088 /* 1089 * XXX: do we really need this automatic routes? 1090 * We should probably reconsider this stuff. Most applications 1091 * actually do not need the routes, since they usually specify 1092 * the outgoing interface. 1093 */ 1094 rt = rtalloc1((struct sockaddr *)&mltaddr, 0); 1095 if (rt) { 1096 if (memcmp(&mltaddr.sin6_addr, 1097 &satocsin6(rt_getkey(rt))->sin6_addr, 1098 MLTMASK_LEN)) { 1099 rtfree(rt); 1100 rt = NULL; 1101 } else if (rt->rt_ifp != ifp) { 1102 IN6_DPRINTF("%s: rt_ifp %p -> %p (%s) " 1103 "network %04x:%04x::/32 = %04x:%04x::/32\n", 1104 __func__, rt->rt_ifp, ifp, ifp->if_xname, 1105 ntohs(mltaddr.sin6_addr.s6_addr16[0]), 1106 ntohs(mltaddr.sin6_addr.s6_addr16[1]), 1107 satocsin6(rt_getkey(rt))->sin6_addr.s6_addr16[0], 1108 satocsin6(rt_getkey(rt))->sin6_addr.s6_addr16[1]); 1109 rt_replace_ifa(rt, &ia->ia_ifa); 1110 rt->rt_ifp = ifp; 1111 } 1112 } 1113 if (!rt) { 1114 struct rt_addrinfo info; 1115 1116 memset(&info, 0, sizeof(info)); 1117 info.rti_info[RTAX_DST] = (struct sockaddr *)&mltaddr; 1118 info.rti_info[RTAX_GATEWAY] = 1119 (struct sockaddr *)&ia->ia_addr; 1120 info.rti_info[RTAX_NETMASK] = 1121 (struct sockaddr *)&mltmask; 1122 info.rti_info[RTAX_IFA] = 1123 (struct sockaddr *)&ia->ia_addr; 1124 /* XXX: we need RTF_CONNECTED to fake nd6_rtrequest */ 1125 info.rti_flags = RTF_UP | RTF_CONNECTED; 1126 error = rtrequest1(RTM_ADD, &info, NULL); 1127 if (error) 1128 goto cleanup; 1129 } else { 1130 rtfree(rt); 1131 } 1132 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0); 1133 if (!imm) { 1134 nd6log(LOG_WARNING, 1135 "addmulti failed for %s on %s (errno=%d)\n", 1136 ip6_sprintf(&mltaddr.sin6_addr), 1137 if_name(ifp), error); 1138 goto cleanup; 1139 } 1140 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1141 1142 /* 1143 * join node information group address 1144 */ 1145 dad_delay = 0; 1146 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1147 /* 1148 * The spec doesn't say anything about delay for this 1149 * group, but the same logic should apply. 1150 */ 1151 dad_delay = cprng_fast32() % 1152 (MAX_RTR_SOLICITATION_DELAY * hz); 1153 } 1154 if (in6_nigroup(ifp, hostname, hostnamelen, &mltaddr) != 0) 1155 ; 1156 else if ((imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 1157 dad_delay)) == NULL) { /* XXX jinmei */ 1158 nd6log(LOG_WARNING, 1159 "addmulti failed for %s on %s (errno=%d)\n", 1160 ip6_sprintf(&mltaddr.sin6_addr), 1161 if_name(ifp), error); 1162 /* XXX not very fatal, go on... */ 1163 } else { 1164 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1165 } 1166 1167 1168 /* 1169 * join interface-local all-nodes address. 1170 * (ff01::1%ifN, and ff01::%ifN/32) 1171 */ 1172 mltaddr.sin6_addr = in6addr_nodelocal_allnodes; 1173 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0) 1174 goto cleanup; /* XXX: should not fail */ 1175 1176 /* XXX: again, do we really need the route? */ 1177 rt = rtalloc1((struct sockaddr *)&mltaddr, 0); 1178 if (rt) { 1179 /* 32bit came from "mltmask" */ 1180 if (memcmp(&mltaddr.sin6_addr, 1181 &satocsin6(rt_getkey(rt))->sin6_addr, 1182 32 / NBBY)) { 1183 rtfree(rt); 1184 rt = NULL; 1185 } else if (rt->rt_ifp != ifp) { 1186 IN6_DPRINTF("%s: rt_ifp %p -> %p (%s) " 1187 "network %04x:%04x::/32 = %04x:%04x::/32\n", 1188 __func__, rt->rt_ifp, ifp, ifp->if_xname, 1189 ntohs(mltaddr.sin6_addr.s6_addr16[0]), 1190 ntohs(mltaddr.sin6_addr.s6_addr16[1]), 1191 satocsin6(rt_getkey(rt))->sin6_addr.s6_addr16[0], 1192 satocsin6(rt_getkey(rt))->sin6_addr.s6_addr16[1]); 1193 rt_replace_ifa(rt, &ia->ia_ifa); 1194 rt->rt_ifp = ifp; 1195 } 1196 } 1197 if (!rt) { 1198 struct rt_addrinfo info; 1199 1200 memset(&info, 0, sizeof(info)); 1201 info.rti_info[RTAX_DST] = (struct sockaddr *)&mltaddr; 1202 info.rti_info[RTAX_GATEWAY] = 1203 (struct sockaddr *)&ia->ia_addr; 1204 info.rti_info[RTAX_NETMASK] = 1205 (struct sockaddr *)&mltmask; 1206 info.rti_info[RTAX_IFA] = 1207 (struct sockaddr *)&ia->ia_addr; 1208 info.rti_flags = RTF_UP | RTF_CONNECTED; 1209 error = rtrequest1(RTM_ADD, &info, NULL); 1210 if (error) 1211 goto cleanup; 1212 #undef MLTMASK_LEN 1213 } else { 1214 rtfree(rt); 1215 } 1216 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0); 1217 if (!imm) { 1218 nd6log(LOG_WARNING, 1219 "addmulti failed for %s on %s (errno=%d)\n", 1220 ip6_sprintf(&mltaddr.sin6_addr), 1221 if_name(ifp), error); 1222 goto cleanup; 1223 } else { 1224 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1225 } 1226 } 1227 1228 /* Add local address to lltable, if necessary (ex. on p2p link). */ 1229 error = nd6_add_ifa_lle(ia); 1230 if (error != 0) 1231 goto cleanup; 1232 1233 /* 1234 * Perform DAD, if needed. 1235 * XXX It may be of use, if we can administratively 1236 * disable DAD. 1237 */ 1238 if (hostIsNew && if_do_dad(ifp) && 1239 ((ifra->ifra_flags & IN6_IFF_NODAD) == 0) && 1240 (ia->ia6_flags & IN6_IFF_TENTATIVE)) 1241 { 1242 int mindelay, maxdelay; 1243 1244 dad_delay = 0; 1245 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1246 /* 1247 * We need to impose a delay before sending an NS 1248 * for DAD. Check if we also needed a delay for the 1249 * corresponding MLD message. If we did, the delay 1250 * should be larger than the MLD delay (this could be 1251 * relaxed a bit, but this simple logic is at least 1252 * safe). 1253 */ 1254 mindelay = 0; 1255 if (in6m_sol != NULL && 1256 in6m_sol->in6m_state == MLD_REPORTPENDING) { 1257 mindelay = in6m_sol->in6m_timer; 1258 } 1259 maxdelay = MAX_RTR_SOLICITATION_DELAY * hz; 1260 if (maxdelay - mindelay == 0) 1261 dad_delay = 0; 1262 else { 1263 dad_delay = 1264 (cprng_fast32() % (maxdelay - mindelay)) + 1265 mindelay; 1266 } 1267 } 1268 /* +1 ensures callout is always used */ 1269 nd6_dad_start(&ia->ia_ifa, dad_delay + 1); 1270 } 1271 1272 return error; 1273 1274 unlink: 1275 /* 1276 * XXX: if a change of an existing address failed, keep the entry 1277 * anyway. 1278 */ 1279 if (hostIsNew) 1280 in6_unlink_ifa(ia, ifp); 1281 return error; 1282 1283 cleanup: 1284 in6_purgeaddr(&ia->ia_ifa); 1285 return error; 1286 } 1287 1288 int 1289 in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, 1290 struct in6_ifaddr *ia, int flags) 1291 { 1292 int rc, s; 1293 1294 s = splnet(); 1295 rc = in6_update_ifa1(ifp, ifra, ia, flags); 1296 splx(s); 1297 return rc; 1298 } 1299 1300 void 1301 in6_purgeaddr(struct ifaddr *ifa) 1302 { 1303 struct ifnet *ifp = ifa->ifa_ifp; 1304 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa; 1305 struct in6_multi_mship *imm; 1306 1307 /* stop DAD processing */ 1308 nd6_dad_stop(ifa); 1309 1310 /* 1311 * delete route to the destination of the address being purged. 1312 * The interface must be p2p or loopback in this case. 1313 */ 1314 if ((ia->ia_flags & IFA_ROUTE) != 0 && ia->ia_dstaddr.sin6_len != 0) { 1315 int e; 1316 1317 if ((e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) 1318 != 0) { 1319 log(LOG_ERR, "in6_purgeaddr: failed to remove " 1320 "a route to the p2p destination: %s on %s, " 1321 "errno=%d\n", 1322 ip6_sprintf(&ia->ia_addr.sin6_addr), if_name(ifp), 1323 e); 1324 /* proceed anyway... */ 1325 } else 1326 ia->ia_flags &= ~IFA_ROUTE; 1327 } 1328 1329 /* Remove ownaddr's loopback rtentry, if it exists. */ 1330 in6_ifremlocal(&(ia->ia_ifa)); 1331 1332 /* 1333 * leave from multicast groups we have joined for the interface 1334 */ 1335 while ((imm = LIST_FIRST(&ia->ia6_memberships)) != NULL) { 1336 LIST_REMOVE(imm, i6mm_chain); 1337 in6_leavegroup(imm); 1338 } 1339 1340 in6_unlink_ifa(ia, ifp); 1341 } 1342 1343 static void 1344 in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp) 1345 { 1346 struct in6_ifaddr *oia; 1347 int s = splnet(); 1348 1349 ifa_remove(ifp, &ia->ia_ifa); 1350 1351 oia = ia; 1352 if (oia == (ia = in6_ifaddr)) 1353 in6_ifaddr = ia->ia_next; 1354 else { 1355 while (ia->ia_next && (ia->ia_next != oia)) 1356 ia = ia->ia_next; 1357 if (ia->ia_next) 1358 ia->ia_next = oia->ia_next; 1359 else { 1360 /* search failed */ 1361 printf("Couldn't unlink in6_ifaddr from in6_ifaddr\n"); 1362 } 1363 } 1364 1365 /* 1366 * XXX thorpej@NetBSD.org -- if the interface is going 1367 * XXX away, don't save the multicast entries, delete them! 1368 */ 1369 if (LIST_EMPTY(&oia->ia6_multiaddrs)) 1370 ; 1371 else if (oia->ia_ifa.ifa_ifp->if_output == if_nulloutput) { 1372 struct in6_multi *in6m, *next; 1373 1374 for (in6m = LIST_FIRST(&oia->ia6_multiaddrs); in6m != NULL; 1375 in6m = next) { 1376 next = LIST_NEXT(in6m, in6m_entry); 1377 in6_delmulti(in6m); 1378 } 1379 } else 1380 in6_savemkludge(oia); 1381 1382 /* 1383 * Release the reference to the base prefix. There should be a 1384 * positive reference. 1385 */ 1386 if (oia->ia6_ndpr == NULL) { 1387 nd6log(LOG_NOTICE, "autoconf'ed address %p has no prefix\n", 1388 oia); 1389 } else { 1390 oia->ia6_ndpr->ndpr_refcnt--; 1391 oia->ia6_ndpr = NULL; 1392 } 1393 1394 /* 1395 * Also, if the address being removed is autoconf'ed, call 1396 * pfxlist_onlink_check() since the release might affect the status of 1397 * other (detached) addresses. 1398 */ 1399 if ((oia->ia6_flags & IN6_IFF_AUTOCONF) != 0) 1400 pfxlist_onlink_check(); 1401 1402 /* 1403 * release another refcnt for the link from in6_ifaddr. 1404 * Note that we should decrement the refcnt at least once for all *BSD. 1405 */ 1406 ifafree(&oia->ia_ifa); 1407 1408 splx(s); 1409 } 1410 1411 void 1412 in6_purgeif(struct ifnet *ifp) 1413 { 1414 if_purgeaddrs(ifp, AF_INET6, in6_purgeaddr); 1415 1416 in6_ifdetach(ifp); 1417 } 1418 1419 /* 1420 * SIOC[GAD]LIFADDR. 1421 * SIOCGLIFADDR: get first address. (?) 1422 * SIOCGLIFADDR with IFLR_PREFIX: 1423 * get first address that matches the specified prefix. 1424 * SIOCALIFADDR: add the specified address. 1425 * SIOCALIFADDR with IFLR_PREFIX: 1426 * add the specified prefix, filling hostid part from 1427 * the first link-local address. prefixlen must be <= 64. 1428 * SIOCDLIFADDR: delete the specified address. 1429 * SIOCDLIFADDR with IFLR_PREFIX: 1430 * delete the first address that matches the specified prefix. 1431 * return values: 1432 * EINVAL on invalid parameters 1433 * EADDRNOTAVAIL on prefix match failed/specified address not found 1434 * other values may be returned from in6_ioctl() 1435 * 1436 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64. 1437 * this is to accommodate address naming scheme other than RFC2374, 1438 * in the future. 1439 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374 1440 * address encoding scheme. (see figure on page 8) 1441 */ 1442 static int 1443 in6_lifaddr_ioctl(struct socket *so, u_long cmd, void *data, 1444 struct ifnet *ifp) 1445 { 1446 struct in6_ifaddr *ia; 1447 struct if_laddrreq *iflr = (struct if_laddrreq *)data; 1448 struct ifaddr *ifa; 1449 struct sockaddr *sa; 1450 1451 /* sanity checks */ 1452 if (!data || !ifp) { 1453 panic("invalid argument to in6_lifaddr_ioctl"); 1454 /* NOTREACHED */ 1455 } 1456 1457 switch (cmd) { 1458 case SIOCGLIFADDR: 1459 /* address must be specified on GET with IFLR_PREFIX */ 1460 if ((iflr->flags & IFLR_PREFIX) == 0) 1461 break; 1462 /* FALLTHROUGH */ 1463 case SIOCALIFADDR: 1464 case SIOCDLIFADDR: 1465 /* address must be specified on ADD and DELETE */ 1466 sa = (struct sockaddr *)&iflr->addr; 1467 if (sa->sa_family != AF_INET6) 1468 return EINVAL; 1469 if (sa->sa_len != sizeof(struct sockaddr_in6)) 1470 return EINVAL; 1471 /* XXX need improvement */ 1472 sa = (struct sockaddr *)&iflr->dstaddr; 1473 if (sa->sa_family && sa->sa_family != AF_INET6) 1474 return EINVAL; 1475 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6)) 1476 return EINVAL; 1477 break; 1478 default: /* shouldn't happen */ 1479 #if 0 1480 panic("invalid cmd to in6_lifaddr_ioctl"); 1481 /* NOTREACHED */ 1482 #else 1483 return EOPNOTSUPP; 1484 #endif 1485 } 1486 if (sizeof(struct in6_addr) * NBBY < iflr->prefixlen) 1487 return EINVAL; 1488 1489 switch (cmd) { 1490 case SIOCALIFADDR: 1491 { 1492 struct in6_aliasreq ifra; 1493 struct in6_addr *xhostid = NULL; 1494 int prefixlen; 1495 1496 if ((iflr->flags & IFLR_PREFIX) != 0) { 1497 struct sockaddr_in6 *sin6; 1498 1499 /* 1500 * xhostid is to fill in the hostid part of the 1501 * address. xhostid points to the first link-local 1502 * address attached to the interface. 1503 */ 1504 ia = in6ifa_ifpforlinklocal(ifp, 0); 1505 if (ia == NULL) 1506 return EADDRNOTAVAIL; 1507 xhostid = IFA_IN6(&ia->ia_ifa); 1508 1509 /* prefixlen must be <= 64. */ 1510 if (64 < iflr->prefixlen) 1511 return EINVAL; 1512 prefixlen = iflr->prefixlen; 1513 1514 /* hostid part must be zero. */ 1515 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1516 if (sin6->sin6_addr.s6_addr32[2] != 0 1517 || sin6->sin6_addr.s6_addr32[3] != 0) { 1518 return EINVAL; 1519 } 1520 } else 1521 prefixlen = iflr->prefixlen; 1522 1523 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */ 1524 memset(&ifra, 0, sizeof(ifra)); 1525 memcpy(ifra.ifra_name, iflr->iflr_name, sizeof(ifra.ifra_name)); 1526 1527 memcpy(&ifra.ifra_addr, &iflr->addr, 1528 ((struct sockaddr *)&iflr->addr)->sa_len); 1529 if (xhostid) { 1530 /* fill in hostid part */ 1531 ifra.ifra_addr.sin6_addr.s6_addr32[2] = 1532 xhostid->s6_addr32[2]; 1533 ifra.ifra_addr.sin6_addr.s6_addr32[3] = 1534 xhostid->s6_addr32[3]; 1535 } 1536 1537 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /* XXX */ 1538 memcpy(&ifra.ifra_dstaddr, &iflr->dstaddr, 1539 ((struct sockaddr *)&iflr->dstaddr)->sa_len); 1540 if (xhostid) { 1541 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] = 1542 xhostid->s6_addr32[2]; 1543 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] = 1544 xhostid->s6_addr32[3]; 1545 } 1546 } 1547 1548 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6); 1549 in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen); 1550 1551 ifra.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME; 1552 ifra.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME; 1553 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX; 1554 return in6_control(so, SIOCAIFADDR_IN6, &ifra, ifp); 1555 } 1556 case SIOCGLIFADDR: 1557 case SIOCDLIFADDR: 1558 { 1559 struct in6_addr mask, candidate, match; 1560 struct sockaddr_in6 *sin6; 1561 int cmp; 1562 1563 memset(&mask, 0, sizeof(mask)); 1564 if (iflr->flags & IFLR_PREFIX) { 1565 /* lookup a prefix rather than address. */ 1566 in6_prefixlen2mask(&mask, iflr->prefixlen); 1567 1568 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1569 memcpy(&match, &sin6->sin6_addr, sizeof(match)); 1570 match.s6_addr32[0] &= mask.s6_addr32[0]; 1571 match.s6_addr32[1] &= mask.s6_addr32[1]; 1572 match.s6_addr32[2] &= mask.s6_addr32[2]; 1573 match.s6_addr32[3] &= mask.s6_addr32[3]; 1574 1575 /* if you set extra bits, that's wrong */ 1576 if (memcmp(&match, &sin6->sin6_addr, sizeof(match))) 1577 return EINVAL; 1578 1579 cmp = 1; 1580 } else { 1581 if (cmd == SIOCGLIFADDR) { 1582 /* on getting an address, take the 1st match */ 1583 cmp = 0; /* XXX */ 1584 } else { 1585 /* on deleting an address, do exact match */ 1586 in6_prefixlen2mask(&mask, 128); 1587 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1588 memcpy(&match, &sin6->sin6_addr, sizeof(match)); 1589 1590 cmp = 1; 1591 } 1592 } 1593 1594 IFADDR_FOREACH(ifa, ifp) { 1595 if (ifa->ifa_addr->sa_family != AF_INET6) 1596 continue; 1597 if (!cmp) 1598 break; 1599 1600 /* 1601 * XXX: this is adhoc, but is necessary to allow 1602 * a user to specify fe80::/64 (not /10) for a 1603 * link-local address. 1604 */ 1605 memcpy(&candidate, IFA_IN6(ifa), sizeof(candidate)); 1606 in6_clearscope(&candidate); 1607 candidate.s6_addr32[0] &= mask.s6_addr32[0]; 1608 candidate.s6_addr32[1] &= mask.s6_addr32[1]; 1609 candidate.s6_addr32[2] &= mask.s6_addr32[2]; 1610 candidate.s6_addr32[3] &= mask.s6_addr32[3]; 1611 if (IN6_ARE_ADDR_EQUAL(&candidate, &match)) 1612 break; 1613 } 1614 if (!ifa) 1615 return EADDRNOTAVAIL; 1616 ia = ifa2ia6(ifa); 1617 1618 if (cmd == SIOCGLIFADDR) { 1619 int error; 1620 1621 /* fill in the if_laddrreq structure */ 1622 memcpy(&iflr->addr, &ia->ia_addr, ia->ia_addr.sin6_len); 1623 error = sa6_recoverscope( 1624 (struct sockaddr_in6 *)&iflr->addr); 1625 if (error != 0) 1626 return error; 1627 1628 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1629 memcpy(&iflr->dstaddr, &ia->ia_dstaddr, 1630 ia->ia_dstaddr.sin6_len); 1631 error = sa6_recoverscope( 1632 (struct sockaddr_in6 *)&iflr->dstaddr); 1633 if (error != 0) 1634 return error; 1635 } else 1636 memset(&iflr->dstaddr, 0, sizeof(iflr->dstaddr)); 1637 1638 iflr->prefixlen = 1639 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 1640 1641 iflr->flags = ia->ia6_flags; /* XXX */ 1642 1643 return 0; 1644 } else { 1645 struct in6_aliasreq ifra; 1646 1647 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */ 1648 memset(&ifra, 0, sizeof(ifra)); 1649 memcpy(ifra.ifra_name, iflr->iflr_name, 1650 sizeof(ifra.ifra_name)); 1651 1652 memcpy(&ifra.ifra_addr, &ia->ia_addr, 1653 ia->ia_addr.sin6_len); 1654 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1655 memcpy(&ifra.ifra_dstaddr, &ia->ia_dstaddr, 1656 ia->ia_dstaddr.sin6_len); 1657 } else { 1658 memset(&ifra.ifra_dstaddr, 0, 1659 sizeof(ifra.ifra_dstaddr)); 1660 } 1661 memcpy(&ifra.ifra_dstaddr, &ia->ia_prefixmask, 1662 ia->ia_prefixmask.sin6_len); 1663 1664 ifra.ifra_flags = ia->ia6_flags; 1665 return in6_control(so, SIOCDIFADDR_IN6, &ifra, ifp); 1666 } 1667 } 1668 } 1669 1670 return EOPNOTSUPP; /* just for safety */ 1671 } 1672 1673 /* 1674 * Initialize an interface's internet6 address 1675 * and routing table entry. 1676 */ 1677 static int 1678 in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia, 1679 const struct sockaddr_in6 *sin6, int newhost) 1680 { 1681 int error = 0, plen, ifacount = 0; 1682 int s = splnet(); 1683 struct ifaddr *ifa; 1684 1685 /* 1686 * Give the interface a chance to initialize 1687 * if this is its first address, 1688 * and to validate the address if necessary. 1689 */ 1690 IFADDR_FOREACH(ifa, ifp) { 1691 if (ifa->ifa_addr == NULL) 1692 continue; /* just for safety */ 1693 if (ifa->ifa_addr->sa_family != AF_INET6) 1694 continue; 1695 ifacount++; 1696 } 1697 1698 ia->ia_addr = *sin6; 1699 1700 if (ifacount <= 1 && 1701 (error = if_addr_init(ifp, &ia->ia_ifa, true)) != 0) { 1702 splx(s); 1703 return error; 1704 } 1705 splx(s); 1706 1707 ia->ia_ifa.ifa_metric = ifp->if_metric; 1708 1709 /* we could do in(6)_socktrim here, but just omit it at this moment. */ 1710 1711 /* 1712 * Special case: 1713 * If the destination address is specified for a point-to-point 1714 * interface, install a route to the destination as an interface 1715 * direct route. 1716 */ 1717 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ 1718 if (plen == 128 && ia->ia_dstaddr.sin6_family == AF_INET6) { 1719 if ((error = rtinit(&ia->ia_ifa, RTM_ADD, 1720 RTF_UP | RTF_HOST)) != 0) 1721 return error; 1722 ia->ia_flags |= IFA_ROUTE; 1723 } 1724 1725 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */ 1726 if (newhost) { 1727 /* set the rtrequest function to create llinfo */ 1728 if (ifp->if_flags & IFF_POINTOPOINT) 1729 ia->ia_ifa.ifa_rtrequest = p2p_rtrequest; 1730 else if ((ifp->if_flags & IFF_LOOPBACK) == 0) 1731 ia->ia_ifa.ifa_rtrequest = nd6_rtrequest; 1732 in6_ifaddlocal(&ia->ia_ifa); 1733 } else { 1734 /* Inform the routing socket of new flags/timings */ 1735 rt_newaddrmsg(RTM_NEWADDR, &ia->ia_ifa, 0, NULL); 1736 } 1737 1738 if (ifp->if_flags & IFF_MULTICAST) 1739 in6_restoremkludge(ia, ifp); 1740 1741 return error; 1742 } 1743 1744 static struct ifaddr * 1745 bestifa(struct ifaddr *best_ifa, struct ifaddr *ifa) 1746 { 1747 if (best_ifa == NULL || best_ifa->ifa_preference < ifa->ifa_preference) 1748 return ifa; 1749 return best_ifa; 1750 } 1751 1752 /* 1753 * Find an IPv6 interface link-local address specific to an interface. 1754 */ 1755 struct in6_ifaddr * 1756 in6ifa_ifpforlinklocal(const struct ifnet *ifp, const int ignoreflags) 1757 { 1758 struct ifaddr *best_ifa = NULL, *ifa; 1759 1760 IFADDR_FOREACH(ifa, ifp) { 1761 if (ifa->ifa_addr == NULL) 1762 continue; /* just for safety */ 1763 if (ifa->ifa_addr->sa_family != AF_INET6) 1764 continue; 1765 if (!IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) 1766 continue; 1767 if ((((struct in6_ifaddr *)ifa)->ia6_flags & ignoreflags) != 0) 1768 continue; 1769 best_ifa = bestifa(best_ifa, ifa); 1770 } 1771 1772 return (struct in6_ifaddr *)best_ifa; 1773 } 1774 1775 /* 1776 * find the internet address corresponding to a given address. 1777 * ifaddr is returned referenced. 1778 */ 1779 struct in6_ifaddr * 1780 in6ifa_ifwithaddr(const struct in6_addr *addr, uint32_t zoneid) 1781 { 1782 struct in6_ifaddr *ia; 1783 1784 #ifdef __FreeBSD__ 1785 IN6_IFADDR_RLOCK(); 1786 LIST_FOREACH(ia, IN6ADDR_HASH(addr), ia6_hash) { 1787 #else 1788 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 1789 #endif 1790 if (IN6_ARE_ADDR_EQUAL(IA6_IN6(ia), addr)) { 1791 if (zoneid != 0 && 1792 zoneid != ia->ia_addr.sin6_scope_id) 1793 continue; 1794 ifaref(&ia->ia_ifa); 1795 break; 1796 } 1797 } 1798 #ifdef __FreeBSD__ 1799 IN6_IFADDR_RUNLOCK(); 1800 #endif 1801 return ia; 1802 } 1803 1804 /* 1805 * find the internet address corresponding to a given interface and address. 1806 */ 1807 struct in6_ifaddr * 1808 in6ifa_ifpwithaddr(const struct ifnet *ifp, const struct in6_addr *addr) 1809 { 1810 struct ifaddr *best_ifa = NULL, *ifa; 1811 1812 IFADDR_FOREACH(ifa, ifp) { 1813 if (ifa->ifa_addr == NULL) 1814 continue; /* just for safety */ 1815 if (ifa->ifa_addr->sa_family != AF_INET6) 1816 continue; 1817 if (!IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) 1818 continue; 1819 best_ifa = bestifa(best_ifa, ifa); 1820 } 1821 1822 return (struct in6_ifaddr *)best_ifa; 1823 } 1824 1825 static struct in6_ifaddr * 1826 bestia(struct in6_ifaddr *best_ia, struct in6_ifaddr *ia) 1827 { 1828 if (best_ia == NULL || 1829 best_ia->ia_ifa.ifa_preference < ia->ia_ifa.ifa_preference) 1830 return ia; 1831 return best_ia; 1832 } 1833 1834 /* 1835 * Convert IP6 address to printable (loggable) representation. 1836 */ 1837 char * 1838 ip6_sprintf(const struct in6_addr *addr) 1839 { 1840 static int ip6round = 0; 1841 static char ip6buf[8][INET6_ADDRSTRLEN]; 1842 char *cp = ip6buf[ip6round++ & 7]; 1843 1844 in6_print(cp, INET6_ADDRSTRLEN, addr); 1845 return cp; 1846 } 1847 1848 /* 1849 * Determine if an address is on a local network. 1850 */ 1851 int 1852 in6_localaddr(const struct in6_addr *in6) 1853 { 1854 struct in6_ifaddr *ia; 1855 1856 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6)) 1857 return 1; 1858 1859 for (ia = in6_ifaddr; ia; ia = ia->ia_next) 1860 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr, 1861 &ia->ia_prefixmask.sin6_addr)) 1862 return 1; 1863 1864 return 0; 1865 } 1866 1867 int 1868 in6_is_addr_deprecated(struct sockaddr_in6 *sa6) 1869 { 1870 struct in6_ifaddr *ia; 1871 1872 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 1873 if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, 1874 &sa6->sin6_addr) && 1875 #ifdef SCOPEDROUTING 1876 ia->ia_addr.sin6_scope_id == sa6->sin6_scope_id && 1877 #endif 1878 (ia->ia6_flags & IN6_IFF_DEPRECATED) != 0) 1879 return 1; /* true */ 1880 1881 /* XXX: do we still have to go thru the rest of the list? */ 1882 } 1883 1884 return 0; /* false */ 1885 } 1886 1887 /* 1888 * return length of part which dst and src are equal 1889 * hard coding... 1890 */ 1891 int 1892 in6_matchlen(struct in6_addr *src, struct in6_addr *dst) 1893 { 1894 int match = 0; 1895 u_char *s = (u_char *)src, *d = (u_char *)dst; 1896 u_char *lim = s + 16, r; 1897 1898 while (s < lim) 1899 if ((r = (*d++ ^ *s++)) != 0) { 1900 while (r < 128) { 1901 match++; 1902 r <<= 1; 1903 } 1904 break; 1905 } else 1906 match += NBBY; 1907 return match; 1908 } 1909 1910 /* XXX: to be scope conscious */ 1911 int 1912 in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len) 1913 { 1914 int bytelen, bitlen; 1915 1916 /* sanity check */ 1917 if (len < 0 || len > 128) { 1918 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n", 1919 len); 1920 return 0; 1921 } 1922 1923 bytelen = len / NBBY; 1924 bitlen = len % NBBY; 1925 1926 if (memcmp(&p1->s6_addr, &p2->s6_addr, bytelen)) 1927 return 0; 1928 if (bitlen != 0 && 1929 p1->s6_addr[bytelen] >> (NBBY - bitlen) != 1930 p2->s6_addr[bytelen] >> (NBBY - bitlen)) 1931 return 0; 1932 1933 return 1; 1934 } 1935 1936 void 1937 in6_prefixlen2mask(struct in6_addr *maskp, int len) 1938 { 1939 static const u_char maskarray[NBBY] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff}; 1940 int bytelen, bitlen, i; 1941 1942 /* sanity check */ 1943 if (len < 0 || len > 128) { 1944 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n", 1945 len); 1946 return; 1947 } 1948 1949 memset(maskp, 0, sizeof(*maskp)); 1950 bytelen = len / NBBY; 1951 bitlen = len % NBBY; 1952 for (i = 0; i < bytelen; i++) 1953 maskp->s6_addr[i] = 0xff; 1954 if (bitlen) 1955 maskp->s6_addr[bytelen] = maskarray[bitlen - 1]; 1956 } 1957 1958 /* 1959 * return the best address out of the same scope. if no address was 1960 * found, return the first valid address from designated IF. 1961 */ 1962 struct in6_ifaddr * 1963 in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst) 1964 { 1965 int dst_scope = in6_addrscope(dst), blen = -1, tlen; 1966 struct ifaddr *ifa; 1967 struct in6_ifaddr *best_ia = NULL, *ia; 1968 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */ 1969 1970 dep[0] = dep[1] = NULL; 1971 1972 /* 1973 * We first look for addresses in the same scope. 1974 * If there is one, return it. 1975 * If two or more, return one which matches the dst longest. 1976 * If none, return one of global addresses assigned other ifs. 1977 */ 1978 IFADDR_FOREACH(ifa, ifp) { 1979 if (ifa->ifa_addr->sa_family != AF_INET6) 1980 continue; 1981 ia = (struct in6_ifaddr *)ifa; 1982 if (ia->ia6_flags & IN6_IFF_ANYCAST) 1983 continue; /* XXX: is there any case to allow anycast? */ 1984 if (ia->ia6_flags & IN6_IFF_NOTREADY) 1985 continue; /* don't use this interface */ 1986 if (ia->ia6_flags & IN6_IFF_DETACHED) 1987 continue; 1988 if (ia->ia6_flags & IN6_IFF_DEPRECATED) { 1989 if (ip6_use_deprecated) 1990 dep[0] = ia; 1991 continue; 1992 } 1993 1994 if (dst_scope != in6_addrscope(IFA_IN6(ifa))) 1995 continue; 1996 /* 1997 * call in6_matchlen() as few as possible 1998 */ 1999 if (best_ia == NULL) { 2000 best_ia = ia; 2001 continue; 2002 } 2003 if (blen == -1) 2004 blen = in6_matchlen(&best_ia->ia_addr.sin6_addr, dst); 2005 tlen = in6_matchlen(IFA_IN6(ifa), dst); 2006 if (tlen > blen) { 2007 blen = tlen; 2008 best_ia = ia; 2009 } else if (tlen == blen) 2010 best_ia = bestia(best_ia, ia); 2011 } 2012 if (best_ia != NULL) 2013 return best_ia; 2014 2015 IFADDR_FOREACH(ifa, ifp) { 2016 if (ifa->ifa_addr->sa_family != AF_INET6) 2017 continue; 2018 ia = (struct in6_ifaddr *)ifa; 2019 if (ia->ia6_flags & IN6_IFF_ANYCAST) 2020 continue; /* XXX: is there any case to allow anycast? */ 2021 if (ia->ia6_flags & IN6_IFF_NOTREADY) 2022 continue; /* don't use this interface */ 2023 if (ia->ia6_flags & IN6_IFF_DETACHED) 2024 continue; 2025 if (ia->ia6_flags & IN6_IFF_DEPRECATED) { 2026 if (ip6_use_deprecated) 2027 dep[1] = (struct in6_ifaddr *)ifa; 2028 continue; 2029 } 2030 2031 best_ia = bestia(best_ia, ia); 2032 } 2033 if (best_ia != NULL) 2034 return best_ia; 2035 2036 /* use the last-resort values, that are, deprecated addresses */ 2037 if (dep[0]) 2038 return dep[0]; 2039 if (dep[1]) 2040 return dep[1]; 2041 2042 return NULL; 2043 } 2044 2045 /* 2046 * perform DAD when interface becomes IFF_UP. 2047 */ 2048 void 2049 in6_if_link_up(struct ifnet *ifp) 2050 { 2051 struct ifaddr *ifa; 2052 struct in6_ifaddr *ia; 2053 2054 /* Ensure it's sane to run DAD */ 2055 if (ifp->if_link_state == LINK_STATE_DOWN) 2056 return; 2057 if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) != (IFF_UP|IFF_RUNNING)) 2058 return; 2059 2060 IFADDR_FOREACH(ifa, ifp) { 2061 if (ifa->ifa_addr->sa_family != AF_INET6) 2062 continue; 2063 ia = (struct in6_ifaddr *)ifa; 2064 2065 /* If detached then mark as tentative */ 2066 if (ia->ia6_flags & IN6_IFF_DETACHED) { 2067 ia->ia6_flags &= ~IN6_IFF_DETACHED; 2068 if (if_do_dad(ifp)) { 2069 ia->ia6_flags |= IN6_IFF_TENTATIVE; 2070 nd6log(LOG_ERR, "%s marked tentative\n", 2071 ip6_sprintf(&ia->ia_addr.sin6_addr)); 2072 } else if ((ia->ia6_flags & IN6_IFF_TENTATIVE) == 0) 2073 rt_newaddrmsg(RTM_NEWADDR, ifa, 0, NULL); 2074 } 2075 2076 if (ia->ia6_flags & IN6_IFF_TENTATIVE) { 2077 int rand_delay; 2078 2079 /* Clear the duplicated flag as we're starting DAD. */ 2080 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; 2081 2082 /* 2083 * The TENTATIVE flag was likely set by hand 2084 * beforehand, implicitly indicating the need for DAD. 2085 * We may be able to skip the random delay in this 2086 * case, but we impose delays just in case. 2087 */ 2088 rand_delay = cprng_fast32() % 2089 (MAX_RTR_SOLICITATION_DELAY * hz); 2090 /* +1 ensures callout is always used */ 2091 nd6_dad_start(ifa, rand_delay + 1); 2092 } 2093 } 2094 2095 /* Restore any detached prefixes */ 2096 pfxlist_onlink_check(); 2097 } 2098 2099 void 2100 in6_if_up(struct ifnet *ifp) 2101 { 2102 2103 /* 2104 * special cases, like 6to4, are handled in in6_ifattach 2105 */ 2106 in6_ifattach(ifp, NULL); 2107 2108 /* interface may not support link state, so bring it up also */ 2109 in6_if_link_up(ifp); 2110 } 2111 2112 /* 2113 * Mark all addresses as detached. 2114 */ 2115 void 2116 in6_if_link_down(struct ifnet *ifp) 2117 { 2118 struct ifaddr *ifa; 2119 struct in6_ifaddr *ia; 2120 2121 /* Any prefixes on this interface should be detached as well */ 2122 pfxlist_onlink_check(); 2123 2124 IFADDR_FOREACH(ifa, ifp) { 2125 if (ifa->ifa_addr->sa_family != AF_INET6) 2126 continue; 2127 ia = (struct in6_ifaddr *)ifa; 2128 2129 /* Stop DAD processing */ 2130 nd6_dad_stop(ifa); 2131 2132 /* 2133 * Mark the address as detached. 2134 * This satisfies RFC4862 Section 5.3, but we should apply 2135 * this logic to all addresses to be a good citizen and 2136 * avoid potential duplicated addresses. 2137 * When the interface comes up again, detached addresses 2138 * are marked tentative and DAD commences. 2139 */ 2140 if (!(ia->ia6_flags & IN6_IFF_DETACHED)) { 2141 nd6log(LOG_DEBUG, "%s marked detached\n", 2142 ip6_sprintf(&ia->ia_addr.sin6_addr)); 2143 ia->ia6_flags |= IN6_IFF_DETACHED; 2144 ia->ia6_flags &= 2145 ~(IN6_IFF_TENTATIVE | IN6_IFF_DUPLICATED); 2146 rt_newaddrmsg(RTM_NEWADDR, ifa, 0, NULL); 2147 } 2148 } 2149 } 2150 2151 void 2152 in6_if_down(struct ifnet *ifp) 2153 { 2154 2155 in6_if_link_down(ifp); 2156 } 2157 2158 void 2159 in6_if_link_state_change(struct ifnet *ifp, int link_state) 2160 { 2161 2162 switch (link_state) { 2163 case LINK_STATE_DOWN: 2164 in6_if_link_down(ifp); 2165 break; 2166 case LINK_STATE_UP: 2167 in6_if_link_up(ifp); 2168 break; 2169 } 2170 } 2171 2172 /* 2173 * Calculate max IPv6 MTU through all the interfaces and store it 2174 * to in6_maxmtu. 2175 */ 2176 void 2177 in6_setmaxmtu(void) 2178 { 2179 unsigned long maxmtu = 0; 2180 struct ifnet *ifp; 2181 int s; 2182 2183 s = pserialize_read_enter(); 2184 IFNET_READER_FOREACH(ifp) { 2185 /* this function can be called during ifnet initialization */ 2186 if (!ifp->if_afdata[AF_INET6]) 2187 continue; 2188 if ((ifp->if_flags & IFF_LOOPBACK) == 0 && 2189 IN6_LINKMTU(ifp) > maxmtu) 2190 maxmtu = IN6_LINKMTU(ifp); 2191 } 2192 pserialize_read_exit(s); 2193 if (maxmtu) /* update only when maxmtu is positive */ 2194 in6_maxmtu = maxmtu; 2195 } 2196 2197 /* 2198 * Provide the length of interface identifiers to be used for the link attached 2199 * to the given interface. The length should be defined in "IPv6 over 2200 * xxx-link" document. Note that address architecture might also define 2201 * the length for a particular set of address prefixes, regardless of the 2202 * link type. As clarified in rfc2462bis, those two definitions should be 2203 * consistent, and those really are as of August 2004. 2204 */ 2205 int 2206 in6_if2idlen(struct ifnet *ifp) 2207 { 2208 switch (ifp->if_type) { 2209 case IFT_ETHER: /* RFC2464 */ 2210 case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */ 2211 case IFT_L2VLAN: /* ditto */ 2212 case IFT_IEEE80211: /* ditto */ 2213 case IFT_FDDI: /* RFC2467 */ 2214 case IFT_ISO88025: /* RFC2470 (IPv6 over Token Ring) */ 2215 case IFT_PPP: /* RFC2472 */ 2216 case IFT_ARCNET: /* RFC2497 */ 2217 case IFT_FRELAY: /* RFC2590 */ 2218 case IFT_IEEE1394: /* RFC3146 */ 2219 case IFT_GIF: /* draft-ietf-v6ops-mech-v2-07 */ 2220 case IFT_LOOP: /* XXX: is this really correct? */ 2221 return 64; 2222 default: 2223 /* 2224 * Unknown link type: 2225 * It might be controversial to use the today's common constant 2226 * of 64 for these cases unconditionally. For full compliance, 2227 * we should return an error in this case. On the other hand, 2228 * if we simply miss the standard for the link type or a new 2229 * standard is defined for a new link type, the IFID length 2230 * is very likely to be the common constant. As a compromise, 2231 * we always use the constant, but make an explicit notice 2232 * indicating the "unknown" case. 2233 */ 2234 printf("in6_if2idlen: unknown link type (%d)\n", ifp->if_type); 2235 return 64; 2236 } 2237 } 2238 2239 struct in6_llentry { 2240 struct llentry base; 2241 }; 2242 2243 #define IN6_LLTBL_DEFAULT_HSIZE 32 2244 #define IN6_LLTBL_HASH(k, h) \ 2245 (((((((k >> 8) ^ k) >> 8) ^ k) >> 8) ^ k) & ((h) - 1)) 2246 2247 /* 2248 * Do actual deallocation of @lle. 2249 * Called by LLE_FREE_LOCKED when number of references 2250 * drops to zero. 2251 */ 2252 static void 2253 in6_lltable_destroy_lle(struct llentry *lle) 2254 { 2255 2256 LLE_WUNLOCK(lle); 2257 LLE_LOCK_DESTROY(lle); 2258 kmem_intr_free(lle, sizeof(struct in6_llentry)); 2259 } 2260 2261 static struct llentry * 2262 in6_lltable_new(const struct in6_addr *addr6, u_int flags) 2263 { 2264 struct in6_llentry *lle; 2265 2266 lle = kmem_intr_zalloc(sizeof(struct in6_llentry), KM_NOSLEEP); 2267 if (lle == NULL) /* NB: caller generates msg */ 2268 return NULL; 2269 2270 lle->base.r_l3addr.addr6 = *addr6; 2271 lle->base.lle_refcnt = 1; 2272 lle->base.lle_free = in6_lltable_destroy_lle; 2273 LLE_LOCK_INIT(&lle->base); 2274 callout_init(&lle->base.lle_timer, CALLOUT_MPSAFE); 2275 2276 return &lle->base; 2277 } 2278 2279 static int 2280 in6_lltable_match_prefix(const struct sockaddr *prefix, 2281 const struct sockaddr *mask, u_int flags, struct llentry *lle) 2282 { 2283 const struct sockaddr_in6 *pfx = (const struct sockaddr_in6 *)prefix; 2284 const struct sockaddr_in6 *msk = (const struct sockaddr_in6 *)mask; 2285 2286 if (IN6_ARE_MASKED_ADDR_EQUAL(&lle->r_l3addr.addr6, 2287 &pfx->sin6_addr, &msk->sin6_addr) && 2288 ((flags & LLE_STATIC) || !(lle->la_flags & LLE_STATIC))) 2289 return 1; 2290 2291 return 0; 2292 } 2293 2294 static void 2295 in6_lltable_free_entry(struct lltable *llt, struct llentry *lle) 2296 { 2297 struct ifnet *ifp __diagused; 2298 2299 LLE_WLOCK_ASSERT(lle); 2300 KASSERT(llt != NULL); 2301 2302 /* Unlink entry from table */ 2303 if ((lle->la_flags & LLE_LINKED) != 0) { 2304 2305 ifp = llt->llt_ifp; 2306 IF_AFDATA_WLOCK_ASSERT(ifp); 2307 lltable_unlink_entry(llt, lle); 2308 } 2309 2310 KASSERT(mutex_owned(softnet_lock)); 2311 callout_halt(&lle->lle_timer, softnet_lock); 2312 LLE_REMREF(lle); 2313 2314 llentry_free(lle); 2315 } 2316 2317 static int 2318 in6_lltable_rtcheck(struct ifnet *ifp, 2319 u_int flags, 2320 const struct sockaddr *l3addr) 2321 { 2322 struct rtentry *rt; 2323 2324 KASSERTMSG(l3addr->sa_family == AF_INET6, 2325 "sin_family %d", l3addr->sa_family); 2326 2327 rt = rtalloc1(l3addr, 0); 2328 if (rt == NULL || (rt->rt_flags & RTF_GATEWAY) || rt->rt_ifp != ifp) { 2329 struct ifaddr *ifa; 2330 /* 2331 * Create an ND6 cache for an IPv6 neighbor 2332 * that is not covered by our own prefix. 2333 */ 2334 /* XXX ifaof_ifpforaddr should take a const param */ 2335 ifa = ifaof_ifpforaddr(l3addr, ifp); 2336 if (ifa != NULL) { 2337 ifafree(ifa); 2338 if (rt != NULL) 2339 rtfree(rt); 2340 return 0; 2341 } 2342 log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n", 2343 ip6_sprintf(&((const struct sockaddr_in6 *)l3addr)->sin6_addr)); 2344 if (rt != NULL) 2345 rtfree(rt); 2346 return EINVAL; 2347 } 2348 rtfree(rt); 2349 return 0; 2350 } 2351 2352 static inline uint32_t 2353 in6_lltable_hash_dst(const struct in6_addr *dst, uint32_t hsize) 2354 { 2355 2356 return IN6_LLTBL_HASH(dst->s6_addr32[3], hsize); 2357 } 2358 2359 static uint32_t 2360 in6_lltable_hash(const struct llentry *lle, uint32_t hsize) 2361 { 2362 2363 return in6_lltable_hash_dst(&lle->r_l3addr.addr6, hsize); 2364 } 2365 2366 static void 2367 in6_lltable_fill_sa_entry(const struct llentry *lle, struct sockaddr *sa) 2368 { 2369 struct sockaddr_in6 *sin6; 2370 2371 sin6 = (struct sockaddr_in6 *)sa; 2372 bzero(sin6, sizeof(*sin6)); 2373 sin6->sin6_family = AF_INET6; 2374 sin6->sin6_len = sizeof(*sin6); 2375 sin6->sin6_addr = lle->r_l3addr.addr6; 2376 } 2377 2378 static inline struct llentry * 2379 in6_lltable_find_dst(struct lltable *llt, const struct in6_addr *dst) 2380 { 2381 struct llentry *lle; 2382 struct llentries *lleh; 2383 u_int hashidx; 2384 2385 hashidx = in6_lltable_hash_dst(dst, llt->llt_hsize); 2386 lleh = &llt->lle_head[hashidx]; 2387 LIST_FOREACH(lle, lleh, lle_next) { 2388 if (lle->la_flags & LLE_DELETED) 2389 continue; 2390 if (IN6_ARE_ADDR_EQUAL(&lle->r_l3addr.addr6, dst)) 2391 break; 2392 } 2393 2394 return lle; 2395 } 2396 2397 static int 2398 in6_lltable_delete(struct lltable *llt, u_int flags, 2399 const struct sockaddr *l3addr) 2400 { 2401 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr; 2402 struct llentry *lle; 2403 2404 IF_AFDATA_WLOCK_ASSERT(llt->llt_ifp); 2405 KASSERTMSG(l3addr->sa_family == AF_INET6, 2406 "sin_family %d", l3addr->sa_family); 2407 2408 lle = in6_lltable_find_dst(llt, &sin6->sin6_addr); 2409 2410 if (lle == NULL) 2411 return ENOENT; 2412 2413 LLE_WLOCK(lle); 2414 lle->la_flags |= LLE_DELETED; 2415 #ifdef DIAGNOSTIC 2416 log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle); 2417 #endif 2418 if ((lle->la_flags & (LLE_STATIC | LLE_IFADDR)) == LLE_STATIC) 2419 llentry_free(lle); 2420 else 2421 LLE_WUNLOCK(lle); 2422 2423 return 0; 2424 } 2425 2426 static struct llentry * 2427 in6_lltable_create(struct lltable *llt, u_int flags, 2428 const struct sockaddr *l3addr) 2429 { 2430 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr; 2431 struct ifnet *ifp = llt->llt_ifp; 2432 struct llentry *lle; 2433 2434 IF_AFDATA_WLOCK_ASSERT(ifp); 2435 KASSERTMSG(l3addr->sa_family == AF_INET6, 2436 "sin_family %d", l3addr->sa_family); 2437 2438 lle = in6_lltable_find_dst(llt, &sin6->sin6_addr); 2439 2440 if (lle != NULL) { 2441 LLE_WLOCK(lle); 2442 return lle; 2443 } 2444 2445 /* 2446 * A route that covers the given address must have 2447 * been installed 1st because we are doing a resolution, 2448 * verify this. 2449 */ 2450 if (!(flags & LLE_IFADDR) && 2451 in6_lltable_rtcheck(ifp, flags, l3addr) != 0) 2452 return NULL; 2453 2454 lle = in6_lltable_new(&sin6->sin6_addr, flags); 2455 if (lle == NULL) { 2456 log(LOG_INFO, "lla_lookup: new lle malloc failed\n"); 2457 return NULL; 2458 } 2459 lle->la_flags = flags; 2460 if ((flags & LLE_IFADDR) == LLE_IFADDR) { 2461 memcpy(&lle->ll_addr, CLLADDR(ifp->if_sadl), ifp->if_addrlen); 2462 lle->la_flags |= LLE_VALID; 2463 } 2464 2465 lltable_link_entry(llt, lle); 2466 LLE_WLOCK(lle); 2467 2468 return lle; 2469 } 2470 2471 static struct llentry * 2472 in6_lltable_lookup(struct lltable *llt, u_int flags, 2473 const struct sockaddr *l3addr) 2474 { 2475 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr; 2476 struct llentry *lle; 2477 2478 IF_AFDATA_LOCK_ASSERT(llt->llt_ifp); 2479 KASSERTMSG(l3addr->sa_family == AF_INET6, 2480 "sin_family %d", l3addr->sa_family); 2481 2482 lle = in6_lltable_find_dst(llt, &sin6->sin6_addr); 2483 2484 if (lle == NULL) 2485 return NULL; 2486 2487 if (flags & LLE_EXCLUSIVE) 2488 LLE_WLOCK(lle); 2489 else 2490 LLE_RLOCK(lle); 2491 return lle; 2492 } 2493 2494 static int 2495 in6_lltable_dump_entry(struct lltable *llt, struct llentry *lle, 2496 struct rt_walkarg *w) 2497 { 2498 struct sockaddr_in6 sin6; 2499 2500 LLTABLE_LOCK_ASSERT(); 2501 2502 /* skip deleted entries */ 2503 if (lle->la_flags & LLE_DELETED) 2504 return 0; 2505 2506 sockaddr_in6_init(&sin6, &lle->r_l3addr.addr6, 0, 0, 0); 2507 2508 return lltable_dump_entry(llt, lle, w, sin6tosa(&sin6)); 2509 } 2510 2511 static struct lltable * 2512 in6_lltattach(struct ifnet *ifp) 2513 { 2514 struct lltable *llt; 2515 2516 llt = lltable_allocate_htbl(IN6_LLTBL_DEFAULT_HSIZE); 2517 llt->llt_af = AF_INET6; 2518 llt->llt_ifp = ifp; 2519 2520 llt->llt_lookup = in6_lltable_lookup; 2521 llt->llt_create = in6_lltable_create; 2522 llt->llt_delete = in6_lltable_delete; 2523 llt->llt_dump_entry = in6_lltable_dump_entry; 2524 llt->llt_hash = in6_lltable_hash; 2525 llt->llt_fill_sa_entry = in6_lltable_fill_sa_entry; 2526 llt->llt_free_entry = in6_lltable_free_entry; 2527 llt->llt_match_prefix = in6_lltable_match_prefix; 2528 lltable_link(llt); 2529 2530 return llt; 2531 } 2532 2533 void * 2534 in6_domifattach(struct ifnet *ifp) 2535 { 2536 struct in6_ifextra *ext; 2537 2538 ext = malloc(sizeof(*ext), M_IFADDR, M_WAITOK|M_ZERO); 2539 2540 ext->in6_ifstat = malloc(sizeof(struct in6_ifstat), 2541 M_IFADDR, M_WAITOK|M_ZERO); 2542 2543 ext->icmp6_ifstat = malloc(sizeof(struct icmp6_ifstat), 2544 M_IFADDR, M_WAITOK|M_ZERO); 2545 2546 ext->nd_ifinfo = nd6_ifattach(ifp); 2547 ext->scope6_id = scope6_ifattach(ifp); 2548 ext->nprefixes = 0; 2549 ext->ndefrouters = 0; 2550 2551 ext->lltable = in6_lltattach(ifp); 2552 2553 return ext; 2554 } 2555 2556 void 2557 in6_domifdetach(struct ifnet *ifp, void *aux) 2558 { 2559 struct in6_ifextra *ext = (struct in6_ifextra *)aux; 2560 2561 lltable_free(ext->lltable); 2562 ext->lltable = NULL; 2563 nd6_ifdetach(ifp, ext); 2564 free(ext->in6_ifstat, M_IFADDR); 2565 free(ext->icmp6_ifstat, M_IFADDR); 2566 scope6_ifdetach(ext->scope6_id); 2567 free(ext, M_IFADDR); 2568 } 2569 2570 /* 2571 * Convert IPv4 address stored in struct in_addr to IPv4-Mapped IPv6 address 2572 * stored in struct in6_addr as defined in RFC 4921 section 2.5.5.2. 2573 */ 2574 void 2575 in6_in_2_v4mapin6(const struct in_addr *in, struct in6_addr *in6) 2576 { 2577 in6->s6_addr32[0] = 0; 2578 in6->s6_addr32[1] = 0; 2579 in6->s6_addr32[2] = IPV6_ADDR_INT32_SMP; 2580 in6->s6_addr32[3] = in->s_addr; 2581 } 2582 2583 /* 2584 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be 2585 * v4 mapped addr or v4 compat addr 2586 */ 2587 void 2588 in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2589 { 2590 memset(sin, 0, sizeof(*sin)); 2591 sin->sin_len = sizeof(struct sockaddr_in); 2592 sin->sin_family = AF_INET; 2593 sin->sin_port = sin6->sin6_port; 2594 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3]; 2595 } 2596 2597 /* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */ 2598 void 2599 in6_sin_2_v4mapsin6(const struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2600 { 2601 memset(sin6, 0, sizeof(*sin6)); 2602 sin6->sin6_len = sizeof(struct sockaddr_in6); 2603 sin6->sin6_family = AF_INET6; 2604 sin6->sin6_port = sin->sin_port; 2605 in6_in_2_v4mapin6(&sin->sin_addr, &sin6->sin6_addr); 2606 } 2607 2608 /* Convert sockaddr_in6 into sockaddr_in. */ 2609 void 2610 in6_sin6_2_sin_in_sock(struct sockaddr *nam) 2611 { 2612 struct sockaddr_in *sin_p; 2613 struct sockaddr_in6 sin6; 2614 2615 /* 2616 * Save original sockaddr_in6 addr and convert it 2617 * to sockaddr_in. 2618 */ 2619 sin6 = *(struct sockaddr_in6 *)nam; 2620 sin_p = (struct sockaddr_in *)nam; 2621 in6_sin6_2_sin(sin_p, &sin6); 2622 } 2623 2624 /* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */ 2625 void 2626 in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam) 2627 { 2628 struct sockaddr_in *sin_p; 2629 struct sockaddr_in6 *sin6_p; 2630 2631 sin6_p = malloc(sizeof(*sin6_p), M_SONAME, M_WAITOK); 2632 sin_p = (struct sockaddr_in *)*nam; 2633 in6_sin_2_v4mapsin6(sin_p, sin6_p); 2634 free(*nam, M_SONAME); 2635 *nam = (struct sockaddr *)sin6_p; 2636 } 2637