1 /* $NetBSD: in6.c,v 1.94 2005/12/11 12:25:02 christos Exp $ */ 2 /* $KAME: in6.c,v 1.198 2001/07/18 09:12:38 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1991, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 * 61 * @(#)in.c 8.2 (Berkeley) 11/15/93 62 */ 63 64 #include <sys/cdefs.h> 65 __KERNEL_RCSID(0, "$NetBSD: in6.c,v 1.94 2005/12/11 12:25:02 christos Exp $"); 66 67 #include "opt_inet.h" 68 #include "opt_pfil_hooks.h" 69 70 #include <sys/param.h> 71 #include <sys/ioctl.h> 72 #include <sys/errno.h> 73 #include <sys/malloc.h> 74 #include <sys/socket.h> 75 #include <sys/socketvar.h> 76 #include <sys/sockio.h> 77 #include <sys/systm.h> 78 #include <sys/proc.h> 79 #include <sys/time.h> 80 #include <sys/kernel.h> 81 #include <sys/syslog.h> 82 83 #include <net/if.h> 84 #include <net/if_types.h> 85 #include <net/route.h> 86 #include <net/if_dl.h> 87 88 #include <netinet/in.h> 89 #include <netinet/in_var.h> 90 #include <net/if_ether.h> 91 92 #include <netinet/ip6.h> 93 #include <netinet6/ip6_var.h> 94 #include <netinet6/nd6.h> 95 #include <netinet6/mld6_var.h> 96 #include <netinet6/ip6_mroute.h> 97 #include <netinet6/in6_ifattach.h> 98 99 #include <net/net_osdep.h> 100 101 #ifdef PFIL_HOOKS 102 #include <net/pfil.h> 103 #endif 104 105 MALLOC_DEFINE(M_IP6OPT, "ip6_options", "IPv6 options"); 106 107 /* enable backward compatibility code for obsoleted ioctls */ 108 #define COMPAT_IN6IFIOCTL 109 110 /* 111 * Definitions of some constant IP6 addresses. 112 */ 113 const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT; 114 const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT; 115 const struct in6_addr in6addr_nodelocal_allnodes = 116 IN6ADDR_NODELOCAL_ALLNODES_INIT; 117 const struct in6_addr in6addr_linklocal_allnodes = 118 IN6ADDR_LINKLOCAL_ALLNODES_INIT; 119 const struct in6_addr in6addr_linklocal_allrouters = 120 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT; 121 122 const struct in6_addr in6mask0 = IN6MASK0; 123 const struct in6_addr in6mask32 = IN6MASK32; 124 const struct in6_addr in6mask64 = IN6MASK64; 125 const struct in6_addr in6mask96 = IN6MASK96; 126 const struct in6_addr in6mask128 = IN6MASK128; 127 128 const struct sockaddr_in6 sa6_any = {sizeof(sa6_any), AF_INET6, 129 0, 0, IN6ADDR_ANY_INIT, 0}; 130 131 static int in6_lifaddr_ioctl __P((struct socket *, u_long, caddr_t, 132 struct ifnet *, struct proc *)); 133 static int in6_ifinit __P((struct ifnet *, struct in6_ifaddr *, 134 struct sockaddr_in6 *, int)); 135 static void in6_unlink_ifa __P((struct in6_ifaddr *, struct ifnet *)); 136 137 /* 138 * This structure is used to keep track of in6_multi chains which belong to 139 * deleted interface addresses. 140 */ 141 static LIST_HEAD(, multi6_kludge) in6_mk; /* XXX BSS initialization */ 142 143 struct multi6_kludge { 144 LIST_ENTRY(multi6_kludge) mk_entry; 145 struct ifnet *mk_ifp; 146 struct in6_multihead mk_head; 147 }; 148 149 /* 150 * Subroutine for in6_ifaddloop() and in6_ifremloop(). 151 * This routine does actual work. 152 */ 153 static void 154 in6_ifloop_request(int cmd, struct ifaddr *ifa) 155 { 156 struct sockaddr_in6 lo_sa; 157 struct sockaddr_in6 all1_sa; 158 struct rtentry *nrt = NULL; 159 int e; 160 161 bzero(&lo_sa, sizeof(lo_sa)); 162 bzero(&all1_sa, sizeof(all1_sa)); 163 lo_sa.sin6_family = all1_sa.sin6_family = AF_INET6; 164 lo_sa.sin6_len = all1_sa.sin6_len = sizeof(struct sockaddr_in6); 165 lo_sa.sin6_addr = in6addr_loopback; 166 all1_sa.sin6_addr = in6mask128; 167 168 /* 169 * We specify the address itself as the gateway, and set the 170 * RTF_LLINFO flag, so that the corresponding host route would have 171 * the flag, and thus applications that assume traditional behavior 172 * would be happy. Note that we assume the caller of the function 173 * (probably implicitly) set nd6_rtrequest() to ifa->ifa_rtrequest, 174 * which changes the outgoing interface to the loopback interface. 175 */ 176 e = rtrequest(cmd, ifa->ifa_addr, ifa->ifa_addr, 177 (struct sockaddr *)&all1_sa, RTF_UP|RTF_HOST|RTF_LLINFO, &nrt); 178 if (e != 0) { 179 log(LOG_ERR, "in6_ifloop_request: " 180 "%s operation failed for %s (errno=%d)\n", 181 cmd == RTM_ADD ? "ADD" : "DELETE", 182 ip6_sprintf(&((struct in6_ifaddr *)ifa)->ia_addr.sin6_addr), 183 e); 184 } 185 186 /* 187 * Make sure rt_ifa be equal to IFA, the second argument of the 188 * function. 189 * We need this because when we refer to rt_ifa->ia6_flags in 190 * ip6_input, we assume that the rt_ifa points to the address instead 191 * of the loopback address. 192 */ 193 if (cmd == RTM_ADD && nrt && ifa != nrt->rt_ifa) { 194 IFAFREE(nrt->rt_ifa); 195 IFAREF(ifa); 196 nrt->rt_ifa = ifa; 197 } 198 199 /* 200 * Report the addition/removal of the address to the routing socket. 201 * XXX: since we called rtinit for a p2p interface with a destination, 202 * we end up reporting twice in such a case. Should we rather 203 * omit the second report? 204 */ 205 if (nrt) { 206 rt_newaddrmsg(cmd, ifa, e, nrt); 207 if (cmd == RTM_DELETE) { 208 if (nrt->rt_refcnt <= 0) { 209 /* XXX: we should free the entry ourselves. */ 210 nrt->rt_refcnt++; 211 rtfree(nrt); 212 } 213 } else { 214 /* the cmd must be RTM_ADD here */ 215 nrt->rt_refcnt--; 216 } 217 } 218 } 219 220 /* 221 * Add ownaddr as loopback rtentry. We previously add the route only if 222 * necessary (ex. on a p2p link). However, since we now manage addresses 223 * separately from prefixes, we should always add the route. We can't 224 * rely on the cloning mechanism from the corresponding interface route 225 * any more. 226 */ 227 static void 228 in6_ifaddloop(struct ifaddr *ifa) 229 { 230 struct rtentry *rt; 231 232 /* If there is no loopback entry, allocate one. */ 233 rt = rtalloc1(ifa->ifa_addr, 0); 234 if (rt == NULL || (rt->rt_flags & RTF_HOST) == 0 || 235 (rt->rt_ifp->if_flags & IFF_LOOPBACK) == 0) 236 in6_ifloop_request(RTM_ADD, ifa); 237 if (rt) 238 rt->rt_refcnt--; 239 } 240 241 /* 242 * Remove loopback rtentry of ownaddr generated by in6_ifaddloop(), 243 * if it exists. 244 */ 245 static void 246 in6_ifremloop(struct ifaddr *ifa) 247 { 248 struct in6_ifaddr *ia; 249 struct rtentry *rt; 250 int ia_count = 0; 251 252 /* 253 * Some of BSD variants do not remove cloned routes 254 * from an interface direct route, when removing the direct route 255 * (see comments in net/net_osdep.h). Even for variants that do remove 256 * cloned routes, they could fail to remove the cloned routes when 257 * we handle multple addresses that share a common prefix. 258 * So, we should remove the route corresponding to the deleted address. 259 */ 260 261 /* 262 * Delete the entry only if exact one ifa exists. More than one ifa 263 * can exist if we assign a same single address to multiple 264 * (probably p2p) interfaces. 265 * XXX: we should avoid such a configuration in IPv6... 266 */ 267 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 268 if (IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &ia->ia_addr.sin6_addr)) { 269 ia_count++; 270 if (ia_count > 1) 271 break; 272 } 273 } 274 275 if (ia_count == 1) { 276 /* 277 * Before deleting, check if a corresponding loopbacked host 278 * route surely exists. With this check, we can avoid to 279 * delete an interface direct route whose destination is same 280 * as the address being removed. This can happen when removing 281 * a subnet-router anycast address on an interface attahced 282 * to a shared medium. 283 */ 284 rt = rtalloc1(ifa->ifa_addr, 0); 285 if (rt != NULL && (rt->rt_flags & RTF_HOST) != 0 && 286 (rt->rt_ifp->if_flags & IFF_LOOPBACK) != 0) { 287 rt->rt_refcnt--; 288 in6_ifloop_request(RTM_DELETE, ifa); 289 } 290 } 291 } 292 293 int 294 in6_mask2len(mask, lim0) 295 struct in6_addr *mask; 296 u_char *lim0; 297 { 298 int x = 0, y; 299 u_char *lim = lim0, *p; 300 301 /* ignore the scope_id part */ 302 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask)) 303 lim = (u_char *)mask + sizeof(*mask); 304 for (p = (u_char *)mask; p < lim; x++, p++) { 305 if (*p != 0xff) 306 break; 307 } 308 y = 0; 309 if (p < lim) { 310 for (y = 0; y < 8; y++) { 311 if ((*p & (0x80 >> y)) == 0) 312 break; 313 } 314 } 315 316 /* 317 * when the limit pointer is given, do a stricter check on the 318 * remaining bits. 319 */ 320 if (p < lim) { 321 if (y != 0 && (*p & (0x00ff >> y)) != 0) 322 return (-1); 323 for (p = p + 1; p < lim; p++) 324 if (*p != 0) 325 return (-1); 326 } 327 328 return x * 8 + y; 329 } 330 331 #define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa)) 332 #define ia62ifa(ia6) (&((ia6)->ia_ifa)) 333 334 int 335 in6_control(so, cmd, data, ifp, p) 336 struct socket *so; 337 u_long cmd; 338 caddr_t data; 339 struct ifnet *ifp; 340 struct proc *p; 341 { 342 struct in6_ifreq *ifr = (struct in6_ifreq *)data; 343 struct in6_ifaddr *ia = NULL; 344 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data; 345 struct sockaddr_in6 *sa6; 346 int privileged; 347 348 privileged = 0; 349 if (p && !suser(p->p_ucred, &p->p_acflag)) 350 privileged++; 351 352 switch (cmd) { 353 case SIOCGETSGCNT_IN6: 354 case SIOCGETMIFCNT_IN6: 355 return (mrt6_ioctl(cmd, data)); 356 } 357 358 if (ifp == NULL) 359 return (EOPNOTSUPP); 360 361 switch (cmd) { 362 case SIOCSNDFLUSH_IN6: 363 case SIOCSPFXFLUSH_IN6: 364 case SIOCSRTRFLUSH_IN6: 365 case SIOCSDEFIFACE_IN6: 366 case SIOCSIFINFO_FLAGS: 367 if (!privileged) 368 return (EPERM); 369 /* FALLTHROUGH */ 370 case OSIOCGIFINFO_IN6: 371 case SIOCGIFINFO_IN6: 372 case SIOCGDRLST_IN6: 373 case SIOCGPRLST_IN6: 374 case SIOCGNBRINFO_IN6: 375 case SIOCGDEFIFACE_IN6: 376 return (nd6_ioctl(cmd, data, ifp)); 377 } 378 379 switch (cmd) { 380 case SIOCSIFPREFIX_IN6: 381 case SIOCDIFPREFIX_IN6: 382 case SIOCAIFPREFIX_IN6: 383 case SIOCCIFPREFIX_IN6: 384 case SIOCSGIFPREFIX_IN6: 385 case SIOCGIFPREFIX_IN6: 386 log(LOG_NOTICE, 387 "prefix ioctls are now invalidated. " 388 "please use ifconfig.\n"); 389 return (EOPNOTSUPP); 390 } 391 392 switch (cmd) { 393 case SIOCALIFADDR: 394 case SIOCDLIFADDR: 395 if (!privileged) 396 return (EPERM); 397 /* FALLTHROUGH */ 398 case SIOCGLIFADDR: 399 return in6_lifaddr_ioctl(so, cmd, data, ifp, p); 400 } 401 402 /* 403 * Find address for this interface, if it exists. 404 * 405 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation 406 * only, and used the first interface address as the target of other 407 * operations (without checking ifra_addr). This was because netinet 408 * code/API assumed at most 1 interface address per interface. 409 * Since IPv6 allows a node to assign multiple addresses 410 * on a single interface, we almost always look and check the 411 * presence of ifra_addr, and reject invalid ones here. 412 * It also decreases duplicated code among SIOC*_IN6 operations. 413 */ 414 switch (cmd) { 415 case SIOCAIFADDR_IN6: 416 case SIOCSIFPHYADDR_IN6: 417 sa6 = &ifra->ifra_addr; 418 break; 419 case SIOCSIFADDR_IN6: 420 case SIOCGIFADDR_IN6: 421 case SIOCSIFDSTADDR_IN6: 422 case SIOCSIFNETMASK_IN6: 423 case SIOCGIFDSTADDR_IN6: 424 case SIOCGIFNETMASK_IN6: 425 case SIOCDIFADDR_IN6: 426 case SIOCGIFPSRCADDR_IN6: 427 case SIOCGIFPDSTADDR_IN6: 428 case SIOCGIFAFLAG_IN6: 429 case SIOCSNDFLUSH_IN6: 430 case SIOCSPFXFLUSH_IN6: 431 case SIOCSRTRFLUSH_IN6: 432 case SIOCGIFALIFETIME_IN6: 433 case SIOCSIFALIFETIME_IN6: 434 case SIOCGIFSTAT_IN6: 435 case SIOCGIFSTAT_ICMP6: 436 sa6 = &ifr->ifr_addr; 437 break; 438 default: 439 sa6 = NULL; 440 break; 441 } 442 if (sa6 && sa6->sin6_family == AF_INET6) { 443 if (IN6_IS_ADDR_LINKLOCAL(&sa6->sin6_addr)) { 444 if (sa6->sin6_addr.s6_addr16[1] == 0) { 445 /* link ID is not embedded by the user */ 446 sa6->sin6_addr.s6_addr16[1] = 447 htons(ifp->if_index); 448 } else if (sa6->sin6_addr.s6_addr16[1] != 449 htons(ifp->if_index)) { 450 return (EINVAL); /* link ID contradicts */ 451 } 452 if (sa6->sin6_scope_id) { 453 if (sa6->sin6_scope_id != 454 (u_int32_t)ifp->if_index) 455 return (EINVAL); 456 sa6->sin6_scope_id = 0; /* XXX: good way? */ 457 } 458 } 459 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr); 460 } else 461 ia = NULL; 462 463 switch (cmd) { 464 case SIOCSIFADDR_IN6: 465 case SIOCSIFDSTADDR_IN6: 466 case SIOCSIFNETMASK_IN6: 467 /* 468 * Since IPv6 allows a node to assign multiple addresses 469 * on a single interface, SIOCSIFxxx ioctls are deprecated. 470 */ 471 return (EINVAL); 472 473 case SIOCDIFADDR_IN6: 474 /* 475 * for IPv4, we look for existing in_ifaddr here to allow 476 * "ifconfig if0 delete" to remove the first IPv4 address on 477 * the interface. For IPv6, as the spec allows multiple 478 * interface address from the day one, we consider "remove the 479 * first one" semantics to be not preferable. 480 */ 481 if (ia == NULL) 482 return (EADDRNOTAVAIL); 483 /* FALLTHROUGH */ 484 case SIOCAIFADDR_IN6: 485 /* 486 * We always require users to specify a valid IPv6 address for 487 * the corresponding operation. 488 */ 489 if (ifra->ifra_addr.sin6_family != AF_INET6 || 490 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) 491 return (EAFNOSUPPORT); 492 if (!privileged) 493 return (EPERM); 494 495 break; 496 497 case SIOCGIFADDR_IN6: 498 /* This interface is basically deprecated. use SIOCGIFCONF. */ 499 /* FALLTHROUGH */ 500 case SIOCGIFAFLAG_IN6: 501 case SIOCGIFNETMASK_IN6: 502 case SIOCGIFDSTADDR_IN6: 503 case SIOCGIFALIFETIME_IN6: 504 /* must think again about its semantics */ 505 if (ia == NULL) 506 return (EADDRNOTAVAIL); 507 break; 508 case SIOCSIFALIFETIME_IN6: 509 { 510 struct in6_addrlifetime *lt; 511 512 if (!privileged) 513 return (EPERM); 514 if (ia == NULL) 515 return (EADDRNOTAVAIL); 516 /* sanity for overflow - beware unsigned */ 517 lt = &ifr->ifr_ifru.ifru_lifetime; 518 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME 519 && lt->ia6t_vltime + time.tv_sec < time.tv_sec) { 520 return EINVAL; 521 } 522 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME 523 && lt->ia6t_pltime + time.tv_sec < time.tv_sec) { 524 return EINVAL; 525 } 526 break; 527 } 528 } 529 530 switch (cmd) { 531 532 case SIOCGIFADDR_IN6: 533 ifr->ifr_addr = ia->ia_addr; 534 break; 535 536 case SIOCGIFDSTADDR_IN6: 537 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) 538 return (EINVAL); 539 /* 540 * XXX: should we check if ifa_dstaddr is NULL and return 541 * an error? 542 */ 543 ifr->ifr_dstaddr = ia->ia_dstaddr; 544 break; 545 546 case SIOCGIFNETMASK_IN6: 547 ifr->ifr_addr = ia->ia_prefixmask; 548 break; 549 550 case SIOCGIFAFLAG_IN6: 551 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags; 552 break; 553 554 case SIOCGIFSTAT_IN6: 555 if (ifp == NULL) 556 return EINVAL; 557 bzero(&ifr->ifr_ifru.ifru_stat, 558 sizeof(ifr->ifr_ifru.ifru_stat)); 559 ifr->ifr_ifru.ifru_stat = 560 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat; 561 break; 562 563 case SIOCGIFSTAT_ICMP6: 564 if (ifp == NULL) 565 return EINVAL; 566 bzero(&ifr->ifr_ifru.ifru_stat, 567 sizeof(ifr->ifr_ifru.ifru_icmp6stat)); 568 ifr->ifr_ifru.ifru_icmp6stat = 569 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat; 570 break; 571 572 case SIOCGIFALIFETIME_IN6: 573 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime; 574 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 575 time_t maxexpire; 576 struct in6_addrlifetime *retlt = 577 &ifr->ifr_ifru.ifru_lifetime; 578 579 /* 580 * XXX: adjust expiration time assuming time_t is 581 * signed. 582 */ 583 maxexpire = (-1) & 584 ~(1 << ((sizeof(maxexpire) * 8) - 1)); 585 if (ia->ia6_lifetime.ia6t_vltime < 586 maxexpire - ia->ia6_updatetime) { 587 retlt->ia6t_expire = ia->ia6_updatetime + 588 ia->ia6_lifetime.ia6t_vltime; 589 } else 590 retlt->ia6t_expire = maxexpire; 591 } 592 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 593 time_t maxexpire; 594 struct in6_addrlifetime *retlt = 595 &ifr->ifr_ifru.ifru_lifetime; 596 597 /* 598 * XXX: adjust expiration time assuming time_t is 599 * signed. 600 */ 601 maxexpire = (-1) & 602 ~(1 << ((sizeof(maxexpire) * 8) - 1)); 603 if (ia->ia6_lifetime.ia6t_pltime < 604 maxexpire - ia->ia6_updatetime) { 605 retlt->ia6t_preferred = ia->ia6_updatetime + 606 ia->ia6_lifetime.ia6t_pltime; 607 } else 608 retlt->ia6t_preferred = maxexpire; 609 } 610 break; 611 612 case SIOCSIFALIFETIME_IN6: 613 ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime; 614 /* for sanity */ 615 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 616 ia->ia6_lifetime.ia6t_expire = 617 time.tv_sec + ia->ia6_lifetime.ia6t_vltime; 618 } else 619 ia->ia6_lifetime.ia6t_expire = 0; 620 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 621 ia->ia6_lifetime.ia6t_preferred = 622 time.tv_sec + ia->ia6_lifetime.ia6t_pltime; 623 } else 624 ia->ia6_lifetime.ia6t_preferred = 0; 625 break; 626 627 case SIOCAIFADDR_IN6: 628 { 629 int i, error = 0; 630 struct nd_prefix pr0, *pr; 631 632 /* reject read-only flags */ 633 if ((ifra->ifra_flags & IN6_IFF_DUPLICATED) != 0 || 634 (ifra->ifra_flags & IN6_IFF_DETACHED) != 0 || 635 (ifra->ifra_flags & IN6_IFF_NODAD) != 0 || 636 (ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0) { 637 return (EINVAL); 638 } 639 /* 640 * first, make or update the interface address structure, 641 * and link it to the list. 642 */ 643 if ((error = in6_update_ifa(ifp, ifra, ia)) != 0) 644 return (error); 645 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr)) 646 == NULL) { 647 /* 648 * this can happen when the user specify the 0 valid 649 * lifetime. 650 */ 651 break; 652 } 653 654 /* 655 * then, make the prefix on-link on the interface. 656 * XXX: we'd rather create the prefix before the address, but 657 * we need at least one address to install the corresponding 658 * interface route, so we configure the address first. 659 */ 660 661 /* 662 * convert mask to prefix length (prefixmask has already 663 * been validated in in6_update_ifa(). 664 */ 665 bzero(&pr0, sizeof(pr0)); 666 pr0.ndpr_ifp = ifp; 667 pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 668 NULL); 669 if (pr0.ndpr_plen == 128) { 670 break; /* we don't need to install a host route. */ 671 } 672 pr0.ndpr_prefix = ifra->ifra_addr; 673 pr0.ndpr_mask = ifra->ifra_prefixmask.sin6_addr; 674 /* apply the mask for safety. */ 675 for (i = 0; i < 4; i++) { 676 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &= 677 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i]; 678 } 679 /* 680 * XXX: since we don't have an API to set prefix (not address) 681 * lifetimes, we just use the same lifetimes as addresses. 682 * The (temporarily) installed lifetimes can be overridden by 683 * later advertised RAs (when accept_rtadv is non 0), which is 684 * an intended behavior. 685 */ 686 pr0.ndpr_raf_onlink = 1; /* should be configurable? */ 687 pr0.ndpr_raf_auto = 688 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0); 689 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime; 690 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime; 691 692 /* add the prefix if not yet. */ 693 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) { 694 /* 695 * nd6_prelist_add will install the corresponding 696 * interface route. 697 */ 698 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) 699 return (error); 700 if (pr == NULL) { 701 log(LOG_ERR, "nd6_prelist_add succeeded but " 702 "no prefix\n"); 703 return (EINVAL); /* XXX panic here? */ 704 } 705 } 706 707 /* relate the address to the prefix */ 708 if (ia->ia6_ndpr == NULL) { 709 ia->ia6_ndpr = pr; 710 pr->ndpr_refcnt++; 711 } 712 713 /* 714 * this might affect the status of autoconfigured addresses, 715 * that is, this address might make other addresses detached. 716 */ 717 pfxlist_onlink_check(); 718 719 #ifdef PFIL_HOOKS 720 (void)pfil_run_hooks(&if_pfil, (struct mbuf **)SIOCAIFADDR_IN6, 721 ifp, PFIL_IFADDR); 722 #endif 723 724 break; 725 } 726 727 case SIOCDIFADDR_IN6: 728 { 729 int i = 0, purgeprefix = 0; 730 struct nd_prefix pr0, *pr = NULL; 731 732 /* 733 * If the address being deleted is the only one that owns 734 * the corresponding prefix, expire the prefix as well. 735 * XXX: theoretically, we don't have to worry about such 736 * relationship, since we separate the address management 737 * and the prefix management. We do this, however, to provide 738 * as much backward compatibility as possible in terms of 739 * the ioctl operation. 740 */ 741 bzero(&pr0, sizeof(pr0)); 742 pr0.ndpr_ifp = ifp; 743 pr0.ndpr_plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, 744 NULL); 745 if (pr0.ndpr_plen == 128) 746 goto purgeaddr; 747 pr0.ndpr_prefix = ia->ia_addr; 748 pr0.ndpr_mask = ia->ia_prefixmask.sin6_addr; 749 for (i = 0; i < 4; i++) { 750 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &= 751 ia->ia_prefixmask.sin6_addr.s6_addr32[i]; 752 } 753 if ((pr = nd6_prefix_lookup(&pr0)) != NULL && 754 pr == ia->ia6_ndpr) { 755 pr->ndpr_refcnt--; 756 if (pr->ndpr_refcnt == 0) 757 purgeprefix = 1; 758 } 759 760 purgeaddr: 761 in6_purgeaddr(&ia->ia_ifa); 762 if (pr && purgeprefix) 763 prelist_remove(pr); 764 #ifdef PFIL_HOOKS 765 (void)pfil_run_hooks(&if_pfil, (struct mbuf **)SIOCDIFADDR_IN6, 766 ifp, PFIL_IFADDR); 767 #endif 768 break; 769 } 770 771 default: 772 if (ifp == NULL || ifp->if_ioctl == 0) 773 return (EOPNOTSUPP); 774 return ((*ifp->if_ioctl)(ifp, cmd, data)); 775 } 776 777 return (0); 778 } 779 780 /* 781 * Update parameters of an IPv6 interface address. 782 * If necessary, a new entry is created and linked into address chains. 783 * This function is separated from in6_control(). 784 * XXX: should this be performed under splnet()? 785 */ 786 int 787 in6_update_ifa(ifp, ifra, ia) 788 struct ifnet *ifp; 789 struct in6_aliasreq *ifra; 790 struct in6_ifaddr *ia; 791 { 792 int error = 0, hostIsNew = 0, plen = -1; 793 struct in6_ifaddr *oia; 794 struct sockaddr_in6 dst6; 795 struct in6_addrlifetime *lt; 796 struct in6_multi_mship *imm; 797 struct rtentry *rt; 798 799 /* Validate parameters */ 800 if (ifp == NULL || ifra == NULL) /* this maybe redundant */ 801 return (EINVAL); 802 803 /* 804 * The destination address for a p2p link must have a family 805 * of AF_UNSPEC or AF_INET6. 806 */ 807 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && 808 ifra->ifra_dstaddr.sin6_family != AF_INET6 && 809 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC) 810 return (EAFNOSUPPORT); 811 /* 812 * validate ifra_prefixmask. don't check sin6_family, netmask 813 * does not carry fields other than sin6_len. 814 */ 815 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6)) 816 return (EINVAL); 817 /* 818 * Because the IPv6 address architecture is classless, we require 819 * users to specify a (non 0) prefix length (mask) for a new address. 820 * We also require the prefix (when specified) mask is valid, and thus 821 * reject a non-consecutive mask. 822 */ 823 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0) 824 return (EINVAL); 825 if (ifra->ifra_prefixmask.sin6_len != 0) { 826 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 827 (u_char *)&ifra->ifra_prefixmask + 828 ifra->ifra_prefixmask.sin6_len); 829 if (plen <= 0) 830 return (EINVAL); 831 } else { 832 /* 833 * In this case, ia must not be NULL. We just use its prefix 834 * length. 835 */ 836 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 837 } 838 /* 839 * If the destination address on a p2p interface is specified, 840 * and the address is a scoped one, validate/set the scope 841 * zone identifier. 842 */ 843 dst6 = ifra->ifra_dstaddr; 844 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 && 845 (dst6.sin6_family == AF_INET6)) { 846 /* link-local index check: should be a separate function? */ 847 if (IN6_IS_ADDR_LINKLOCAL(&dst6.sin6_addr)) { 848 if (dst6.sin6_addr.s6_addr16[1] == 0) { 849 /* 850 * interface ID is not embedded by 851 * the user 852 */ 853 dst6.sin6_addr.s6_addr16[1] = 854 htons(ifp->if_index); 855 } else if (dst6.sin6_addr.s6_addr16[1] != 856 htons(ifp->if_index)) { 857 return (EINVAL); /* ifid contradicts */ 858 } 859 } 860 } 861 /* 862 * The destination address can be specified only for a p2p or a 863 * loopback interface. If specified, the corresponding prefix length 864 * must be 128. 865 */ 866 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) { 867 #ifdef FORCE_P2PPLEN 868 int i; 869 #endif 870 871 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) { 872 /* XXX: noisy message */ 873 nd6log((LOG_INFO, "in6_update_ifa: a destination can " 874 "be specified for a p2p or a loopback IF only\n")); 875 return (EINVAL); 876 } 877 if (plen != 128) { 878 nd6log((LOG_INFO, "in6_update_ifa: prefixlen should " 879 "be 128 when dstaddr is specified\n")); 880 #ifdef FORCE_P2PPLEN 881 /* 882 * To be compatible with old configurations, 883 * such as ifconfig gif0 inet6 2001::1 2001::2 884 * prefixlen 126, we override the specified 885 * prefixmask as if the prefix length was 128. 886 */ 887 ifra->ifra_prefixmask.sin6_len = 888 sizeof(struct sockaddr_in6); 889 for (i = 0; i < 4; i++) 890 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i] = 891 0xffffffff; 892 plen = 128; 893 #else 894 return (EINVAL); 895 #endif 896 } 897 } 898 /* lifetime consistency check */ 899 lt = &ifra->ifra_lifetime; 900 if (lt->ia6t_pltime > lt->ia6t_vltime) 901 return (EINVAL); 902 if (lt->ia6t_vltime == 0) { 903 /* 904 * the following log might be noisy, but this is a typical 905 * configuration mistake or a tool's bug. 906 */ 907 nd6log((LOG_INFO, 908 "in6_update_ifa: valid lifetime is 0 for %s\n", 909 ip6_sprintf(&ifra->ifra_addr.sin6_addr))); 910 911 if (ia == NULL) 912 return (0); /* there's nothing to do */ 913 } 914 915 /* 916 * If this is a new address, allocate a new ifaddr and link it 917 * into chains. 918 */ 919 if (ia == NULL) { 920 hostIsNew = 1; 921 /* 922 * When in6_update_ifa() is called in a process of a received 923 * RA, it is called under an interrupt context. So, we should 924 * call malloc with M_NOWAIT. 925 */ 926 ia = (struct in6_ifaddr *) malloc(sizeof(*ia), M_IFADDR, 927 M_NOWAIT); 928 if (ia == NULL) 929 return (ENOBUFS); 930 bzero((caddr_t)ia, sizeof(*ia)); 931 LIST_INIT(&ia->ia6_memberships); 932 /* Initialize the address and masks, and put time stamp */ 933 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr; 934 ia->ia_addr.sin6_family = AF_INET6; 935 ia->ia_addr.sin6_len = sizeof(ia->ia_addr); 936 ia->ia6_createtime = ia->ia6_updatetime = time.tv_sec; 937 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) { 938 /* 939 * XXX: some functions expect that ifa_dstaddr is not 940 * NULL for p2p interfaces. 941 */ 942 ia->ia_ifa.ifa_dstaddr = 943 (struct sockaddr *)&ia->ia_dstaddr; 944 } else { 945 ia->ia_ifa.ifa_dstaddr = NULL; 946 } 947 ia->ia_ifa.ifa_netmask = 948 (struct sockaddr *)&ia->ia_prefixmask; 949 950 ia->ia_ifp = ifp; 951 if ((oia = in6_ifaddr) != NULL) { 952 for ( ; oia->ia_next; oia = oia->ia_next) 953 continue; 954 oia->ia_next = ia; 955 } else 956 in6_ifaddr = ia; 957 /* gain a refcnt for the link from in6_ifaddr */ 958 IFAREF(&ia->ia_ifa); 959 960 TAILQ_INSERT_TAIL(&ifp->if_addrlist, &ia->ia_ifa, 961 ifa_list); 962 /* gain another refcnt for the link from if_addrlist */ 963 IFAREF(&ia->ia_ifa); 964 } 965 966 /* set prefix mask */ 967 if (ifra->ifra_prefixmask.sin6_len) { 968 /* 969 * We prohibit changing the prefix length of an existing 970 * address, because 971 * + such an operation should be rare in IPv6, and 972 * + the operation would confuse prefix management. 973 */ 974 if (ia->ia_prefixmask.sin6_len && 975 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) { 976 nd6log((LOG_INFO, "in6_update_ifa: the prefix length of an" 977 " existing (%s) address should not be changed\n", 978 ip6_sprintf(&ia->ia_addr.sin6_addr))); 979 error = EINVAL; 980 goto unlink; 981 } 982 ia->ia_prefixmask = ifra->ifra_prefixmask; 983 } 984 985 /* 986 * If a new destination address is specified, scrub the old one and 987 * install the new destination. Note that the interface must be 988 * p2p or loopback (see the check above.) 989 */ 990 if (dst6.sin6_family == AF_INET6 && 991 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, &ia->ia_dstaddr.sin6_addr)) { 992 if ((ia->ia_flags & IFA_ROUTE) != 0 && 993 rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST) != 0) { 994 nd6log((LOG_ERR, "in6_update_ifa: failed to remove " 995 "a route to the old destination: %s\n", 996 ip6_sprintf(&ia->ia_addr.sin6_addr))); 997 /* proceed anyway... */ 998 } else 999 ia->ia_flags &= ~IFA_ROUTE; 1000 ia->ia_dstaddr = dst6; 1001 } 1002 1003 /* 1004 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred 1005 * to see if the address is deprecated or invalidated, but initialize 1006 * these members for applications. 1007 */ 1008 ia->ia6_lifetime = ifra->ifra_lifetime; 1009 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 1010 ia->ia6_lifetime.ia6t_expire = 1011 time.tv_sec + ia->ia6_lifetime.ia6t_vltime; 1012 } else 1013 ia->ia6_lifetime.ia6t_expire = 0; 1014 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 1015 ia->ia6_lifetime.ia6t_preferred = 1016 time.tv_sec + ia->ia6_lifetime.ia6t_pltime; 1017 } else 1018 ia->ia6_lifetime.ia6t_preferred = 0; 1019 1020 /* reset the interface and routing table appropriately. */ 1021 if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0) 1022 goto unlink; 1023 1024 /* 1025 * configure address flags. 1026 */ 1027 ia->ia6_flags = ifra->ifra_flags; 1028 /* 1029 * backward compatibility - if IN6_IFF_DEPRECATED is set from the 1030 * userland, make it deprecated. 1031 */ 1032 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) { 1033 ia->ia6_lifetime.ia6t_pltime = 0; 1034 ia->ia6_lifetime.ia6t_preferred = time.tv_sec; 1035 } 1036 /* 1037 * Make the address tentative before joining multicast addresses, 1038 * so that corresponding MLD responses would not have a tentative 1039 * source address. 1040 */ 1041 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */ 1042 if (hostIsNew && in6if_do_dad(ifp)) 1043 ia->ia6_flags |= IN6_IFF_TENTATIVE; 1044 1045 /* 1046 * We are done if we have simply modified an existing address. 1047 */ 1048 if (!hostIsNew) 1049 return (error); 1050 1051 /* 1052 * Beyond this point, we should call in6_purgeaddr upon an error, 1053 * not just go to unlink. 1054 */ 1055 1056 /* join necessary multiast groups */ 1057 if ((ifp->if_flags & IFF_MULTICAST) != 0) { 1058 struct sockaddr_in6 mltaddr, mltmask; 1059 #ifndef SCOPEDROUTING 1060 u_int32_t zoneid = 0; 1061 #endif 1062 1063 /* join solicited multicast addr for new host id */ 1064 struct sockaddr_in6 llsol; 1065 1066 bzero(&llsol, sizeof(llsol)); 1067 llsol.sin6_family = AF_INET6; 1068 llsol.sin6_len = sizeof(llsol); 1069 llsol.sin6_addr.s6_addr16[0] = htons(0xff02); 1070 llsol.sin6_addr.s6_addr16[1] = htons(ifp->if_index); 1071 llsol.sin6_addr.s6_addr32[1] = 0; 1072 llsol.sin6_addr.s6_addr32[2] = htonl(1); 1073 llsol.sin6_addr.s6_addr32[3] = 1074 ifra->ifra_addr.sin6_addr.s6_addr32[3]; 1075 llsol.sin6_addr.s6_addr8[12] = 0xff; 1076 imm = in6_joingroup(ifp, &llsol.sin6_addr, &error); 1077 if (!imm) { 1078 nd6log((LOG_ERR, 1079 "in6_update_ifa: addmulti " 1080 "failed for %s on %s (errno=%d)\n", 1081 ip6_sprintf(&llsol.sin6_addr), 1082 if_name(ifp), error)); 1083 goto cleanup; 1084 } 1085 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1086 1087 bzero(&mltmask, sizeof(mltmask)); 1088 mltmask.sin6_len = sizeof(struct sockaddr_in6); 1089 mltmask.sin6_family = AF_INET6; 1090 mltmask.sin6_addr = in6mask32; 1091 1092 /* 1093 * join link-local all-nodes address 1094 */ 1095 bzero(&mltaddr, sizeof(mltaddr)); 1096 mltaddr.sin6_len = sizeof(struct sockaddr_in6); 1097 mltaddr.sin6_family = AF_INET6; 1098 mltaddr.sin6_addr = in6addr_linklocal_allnodes; 1099 mltaddr.sin6_addr.s6_addr16[1] = htons(ifp->if_index); 1100 1101 /* 1102 * XXX: do we really need this automatic routes? 1103 * We should probably reconsider this stuff. Most applications 1104 * actually do not need the routes, since they usually specify 1105 * the outgoing interface. 1106 */ 1107 rt = rtalloc1((struct sockaddr *)&mltaddr, 0); 1108 if (rt) { 1109 /* 1110 * 32bit came from "mltmask" 1111 * XXX: only works in !SCOPEDROUTING case. 1112 */ 1113 if (memcmp(&mltaddr.sin6_addr, 1114 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 1115 32 / 8)) { 1116 RTFREE(rt); 1117 rt = NULL; 1118 } 1119 } 1120 if (!rt) { 1121 struct rt_addrinfo info; 1122 1123 bzero(&info, sizeof(info)); 1124 info.rti_info[RTAX_DST] = (struct sockaddr *)&mltaddr; 1125 info.rti_info[RTAX_GATEWAY] = 1126 (struct sockaddr *)&ia->ia_addr; 1127 info.rti_info[RTAX_NETMASK] = 1128 (struct sockaddr *)&mltmask; 1129 info.rti_info[RTAX_IFA] = 1130 (struct sockaddr *)&ia->ia_addr; 1131 /* XXX: we need RTF_CLONING to fake nd6_rtrequest */ 1132 info.rti_flags = RTF_UP | RTF_CLONING; 1133 error = rtrequest1(RTM_ADD, &info, NULL); 1134 if (error) 1135 goto cleanup; 1136 } else { 1137 RTFREE(rt); 1138 } 1139 #ifndef SCOPEDROUTING 1140 mltaddr.sin6_scope_id = zoneid; /* XXX */ 1141 #endif 1142 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error); 1143 if (!imm) { 1144 nd6log((LOG_WARNING, 1145 "in6_update_ifa: addmulti failed for " 1146 "%s on %s (errno=%d)\n", 1147 ip6_sprintf(&mltaddr.sin6_addr), 1148 if_name(ifp), error)); 1149 goto cleanup; 1150 } 1151 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1152 1153 /* 1154 * join node information group address 1155 */ 1156 if (in6_nigroup(ifp, hostname, hostnamelen, &mltaddr) == 0) { 1157 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error); 1158 if (!imm) { 1159 nd6log((LOG_WARNING, "in6_update_ifa: " 1160 "addmulti failed for %s on %s (errno=%d)\n", 1161 ip6_sprintf(&mltaddr.sin6_addr), 1162 if_name(ifp), error)); 1163 /* XXX not very fatal, go on... */ 1164 } else { 1165 LIST_INSERT_HEAD(&ia->ia6_memberships, 1166 imm, i6mm_chain); 1167 } 1168 } 1169 1170 if (ifp->if_flags & IFF_LOOPBACK) { 1171 /* 1172 * join node-local all-nodes address, on loopback. 1173 * (ff01::1%ifN, and ff01::%ifN/32) 1174 */ 1175 mltaddr.sin6_addr = in6addr_nodelocal_allnodes; 1176 1177 /* XXX: again, do we really need the route? */ 1178 rt = rtalloc1((struct sockaddr *)&mltaddr, 0); 1179 if (rt) { 1180 /* 32bit came from "mltmask" */ 1181 if (memcmp(&mltaddr.sin6_addr, 1182 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 1183 32 / 8)) { 1184 RTFREE(rt); 1185 rt = NULL; 1186 } 1187 } 1188 if (!rt) { 1189 struct rt_addrinfo info; 1190 1191 bzero(&info, sizeof(info)); 1192 info.rti_info[RTAX_DST] = (struct sockaddr *)&mltaddr; 1193 info.rti_info[RTAX_GATEWAY] = 1194 (struct sockaddr *)&ia->ia_addr; 1195 info.rti_info[RTAX_NETMASK] = 1196 (struct sockaddr *)&mltmask; 1197 info.rti_info[RTAX_IFA] = 1198 (struct sockaddr *)&ia->ia_addr; 1199 info.rti_flags = RTF_UP | RTF_CLONING; 1200 error = rtrequest1(RTM_ADD, &info, NULL); 1201 if (error) 1202 goto cleanup; 1203 } else { 1204 RTFREE(rt); 1205 } 1206 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error); 1207 if (!imm) { 1208 nd6log((LOG_WARNING, "in6_update_ifa: " 1209 "addmulti failed for %s on %s (errno=%d)\n", 1210 ip6_sprintf(&mltaddr.sin6_addr), 1211 if_name(ifp), error)); 1212 goto cleanup; 1213 } 1214 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1215 } 1216 } 1217 1218 /* 1219 * Perform DAD, if needed. 1220 * XXX It may be of use, if we can administratively 1221 * disable DAD. 1222 */ 1223 if (hostIsNew && in6if_do_dad(ifp) && 1224 (ifra->ifra_flags & IN6_IFF_NODAD) == 0) 1225 { 1226 nd6_dad_start((struct ifaddr *)ia, NULL); 1227 } 1228 1229 return (error); 1230 1231 unlink: 1232 /* 1233 * XXX: if a change of an existing address failed, keep the entry 1234 * anyway. 1235 */ 1236 if (hostIsNew) 1237 in6_unlink_ifa(ia, ifp); 1238 return (error); 1239 1240 cleanup: 1241 in6_purgeaddr(&ia->ia_ifa); 1242 return error; 1243 } 1244 1245 void 1246 in6_purgeaddr(ifa) 1247 struct ifaddr *ifa; 1248 { 1249 struct ifnet *ifp = ifa->ifa_ifp; 1250 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa; 1251 struct in6_multi_mship *imm; 1252 1253 /* stop DAD processing */ 1254 nd6_dad_stop(ifa); 1255 1256 /* 1257 * delete route to the destination of the address being purged. 1258 * The interface must be p2p or loopback in this case. 1259 */ 1260 if ((ia->ia_flags & IFA_ROUTE) != 0 && ia->ia_dstaddr.sin6_len != 0) { 1261 int e; 1262 1263 if ((e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) 1264 != 0) { 1265 log(LOG_ERR, "in6_purgeaddr: failed to remove " 1266 "a route to the p2p destination: %s on %s, " 1267 "errno=%d\n", 1268 ip6_sprintf(&ia->ia_addr.sin6_addr), if_name(ifp), 1269 e); 1270 /* proceed anyway... */ 1271 } else 1272 ia->ia_flags &= ~IFA_ROUTE; 1273 } 1274 1275 /* Remove ownaddr's loopback rtentry, if it exists. */ 1276 in6_ifremloop(&(ia->ia_ifa)); 1277 1278 /* 1279 * leave from multicast groups we have joined for the interface 1280 */ 1281 while ((imm = ia->ia6_memberships.lh_first) != NULL) { 1282 LIST_REMOVE(imm, i6mm_chain); 1283 in6_leavegroup(imm); 1284 } 1285 1286 in6_unlink_ifa(ia, ifp); 1287 } 1288 1289 static void 1290 in6_unlink_ifa(ia, ifp) 1291 struct in6_ifaddr *ia; 1292 struct ifnet *ifp; 1293 { 1294 struct in6_ifaddr *oia; 1295 int s = splnet(); 1296 1297 TAILQ_REMOVE(&ifp->if_addrlist, &ia->ia_ifa, ifa_list); 1298 /* release a refcnt for the link from if_addrlist */ 1299 IFAFREE(&ia->ia_ifa); 1300 1301 oia = ia; 1302 if (oia == (ia = in6_ifaddr)) 1303 in6_ifaddr = ia->ia_next; 1304 else { 1305 while (ia->ia_next && (ia->ia_next != oia)) 1306 ia = ia->ia_next; 1307 if (ia->ia_next) 1308 ia->ia_next = oia->ia_next; 1309 else { 1310 /* search failed */ 1311 printf("Couldn't unlink in6_ifaddr from in6_ifaddr\n"); 1312 } 1313 } 1314 1315 if (oia->ia6_multiaddrs.lh_first != NULL) { 1316 /* 1317 * XXX thorpej@NetBSD.org -- if the interface is going 1318 * XXX away, don't save the multicast entries, delete them! 1319 */ 1320 if (oia->ia_ifa.ifa_ifp->if_output == if_nulloutput) { 1321 struct in6_multi *in6m; 1322 1323 while ((in6m = 1324 LIST_FIRST(&oia->ia6_multiaddrs)) != NULL) 1325 in6_delmulti(in6m); 1326 } else 1327 in6_savemkludge(oia); 1328 } 1329 1330 /* 1331 * When an autoconfigured address is being removed, release the 1332 * reference to the base prefix. Also, since the release might 1333 * affect the status of other (detached) addresses, call 1334 * pfxlist_onlink_check(). 1335 */ 1336 if ((oia->ia6_flags & IN6_IFF_AUTOCONF) != 0) { 1337 if (oia->ia6_ndpr == NULL) { 1338 log(LOG_NOTICE, "in6_unlink_ifa: autoconf'ed address " 1339 "%p has no prefix\n", oia); 1340 } else { 1341 oia->ia6_ndpr->ndpr_refcnt--; 1342 oia->ia6_flags &= ~IN6_IFF_AUTOCONF; 1343 oia->ia6_ndpr = NULL; 1344 } 1345 1346 pfxlist_onlink_check(); 1347 } 1348 1349 /* 1350 * release another refcnt for the link from in6_ifaddr. 1351 * Note that we should decrement the refcnt at least once for all *BSD. 1352 */ 1353 IFAFREE(&oia->ia_ifa); 1354 1355 splx(s); 1356 } 1357 1358 void 1359 in6_purgeif(ifp) 1360 struct ifnet *ifp; 1361 { 1362 struct ifaddr *ifa, *nifa; 1363 1364 for (ifa = TAILQ_FIRST(&ifp->if_addrlist); ifa != NULL; ifa = nifa) 1365 { 1366 nifa = TAILQ_NEXT(ifa, ifa_list); 1367 if (ifa->ifa_addr->sa_family != AF_INET6) 1368 continue; 1369 in6_purgeaddr(ifa); 1370 } 1371 1372 in6_ifdetach(ifp); 1373 } 1374 1375 /* 1376 * SIOC[GAD]LIFADDR. 1377 * SIOCGLIFADDR: get first address. (?) 1378 * SIOCGLIFADDR with IFLR_PREFIX: 1379 * get first address that matches the specified prefix. 1380 * SIOCALIFADDR: add the specified address. 1381 * SIOCALIFADDR with IFLR_PREFIX: 1382 * add the specified prefix, filling hostid part from 1383 * the first link-local address. prefixlen must be <= 64. 1384 * SIOCDLIFADDR: delete the specified address. 1385 * SIOCDLIFADDR with IFLR_PREFIX: 1386 * delete the first address that matches the specified prefix. 1387 * return values: 1388 * EINVAL on invalid parameters 1389 * EADDRNOTAVAIL on prefix match failed/specified address not found 1390 * other values may be returned from in6_ioctl() 1391 * 1392 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64. 1393 * this is to accomodate address naming scheme other than RFC2374, 1394 * in the future. 1395 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374 1396 * address encoding scheme. (see figure on page 8) 1397 */ 1398 static int 1399 in6_lifaddr_ioctl(so, cmd, data, ifp, p) 1400 struct socket *so; 1401 u_long cmd; 1402 caddr_t data; 1403 struct ifnet *ifp; 1404 struct proc *p; 1405 { 1406 struct if_laddrreq *iflr = (struct if_laddrreq *)data; 1407 struct ifaddr *ifa; 1408 struct sockaddr *sa; 1409 1410 /* sanity checks */ 1411 if (!data || !ifp) { 1412 panic("invalid argument to in6_lifaddr_ioctl"); 1413 /* NOTREACHED */ 1414 } 1415 1416 switch (cmd) { 1417 case SIOCGLIFADDR: 1418 /* address must be specified on GET with IFLR_PREFIX */ 1419 if ((iflr->flags & IFLR_PREFIX) == 0) 1420 break; 1421 /* FALLTHROUGH */ 1422 case SIOCALIFADDR: 1423 case SIOCDLIFADDR: 1424 /* address must be specified on ADD and DELETE */ 1425 sa = (struct sockaddr *)&iflr->addr; 1426 if (sa->sa_family != AF_INET6) 1427 return EINVAL; 1428 if (sa->sa_len != sizeof(struct sockaddr_in6)) 1429 return EINVAL; 1430 /* XXX need improvement */ 1431 sa = (struct sockaddr *)&iflr->dstaddr; 1432 if (sa->sa_family && sa->sa_family != AF_INET6) 1433 return EINVAL; 1434 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6)) 1435 return EINVAL; 1436 break; 1437 default: /* shouldn't happen */ 1438 #if 0 1439 panic("invalid cmd to in6_lifaddr_ioctl"); 1440 /* NOTREACHED */ 1441 #else 1442 return EOPNOTSUPP; 1443 #endif 1444 } 1445 if (sizeof(struct in6_addr) * 8 < iflr->prefixlen) 1446 return EINVAL; 1447 1448 switch (cmd) { 1449 case SIOCALIFADDR: 1450 { 1451 struct in6_aliasreq ifra; 1452 struct in6_addr *xhostid = NULL; 1453 int prefixlen; 1454 1455 if ((iflr->flags & IFLR_PREFIX) != 0) { 1456 struct sockaddr_in6 *sin6; 1457 1458 /* 1459 * xhostid is to fill in the hostid part of the 1460 * address. xhostid points to the first link-local 1461 * address attached to the interface. 1462 */ 1463 ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 0); 1464 if (!ifa) 1465 return EADDRNOTAVAIL; 1466 xhostid = IFA_IN6(ifa); 1467 1468 /* prefixlen must be <= 64. */ 1469 if (64 < iflr->prefixlen) 1470 return EINVAL; 1471 prefixlen = iflr->prefixlen; 1472 1473 /* hostid part must be zero. */ 1474 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1475 if (sin6->sin6_addr.s6_addr32[2] != 0 1476 || sin6->sin6_addr.s6_addr32[3] != 0) { 1477 return EINVAL; 1478 } 1479 } else 1480 prefixlen = iflr->prefixlen; 1481 1482 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */ 1483 bzero(&ifra, sizeof(ifra)); 1484 bcopy(iflr->iflr_name, ifra.ifra_name, sizeof(ifra.ifra_name)); 1485 1486 bcopy(&iflr->addr, &ifra.ifra_addr, 1487 ((struct sockaddr *)&iflr->addr)->sa_len); 1488 if (xhostid) { 1489 /* fill in hostid part */ 1490 ifra.ifra_addr.sin6_addr.s6_addr32[2] = 1491 xhostid->s6_addr32[2]; 1492 ifra.ifra_addr.sin6_addr.s6_addr32[3] = 1493 xhostid->s6_addr32[3]; 1494 } 1495 1496 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /* XXX */ 1497 bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr, 1498 ((struct sockaddr *)&iflr->dstaddr)->sa_len); 1499 if (xhostid) { 1500 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] = 1501 xhostid->s6_addr32[2]; 1502 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] = 1503 xhostid->s6_addr32[3]; 1504 } 1505 } 1506 1507 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6); 1508 in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen); 1509 1510 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX; 1511 return in6_control(so, SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp, p); 1512 } 1513 case SIOCGLIFADDR: 1514 case SIOCDLIFADDR: 1515 { 1516 struct in6_ifaddr *ia; 1517 struct in6_addr mask, candidate, match; 1518 struct sockaddr_in6 *sin6; 1519 int cmp; 1520 1521 bzero(&mask, sizeof(mask)); 1522 if (iflr->flags & IFLR_PREFIX) { 1523 /* lookup a prefix rather than address. */ 1524 in6_prefixlen2mask(&mask, iflr->prefixlen); 1525 1526 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1527 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1528 match.s6_addr32[0] &= mask.s6_addr32[0]; 1529 match.s6_addr32[1] &= mask.s6_addr32[1]; 1530 match.s6_addr32[2] &= mask.s6_addr32[2]; 1531 match.s6_addr32[3] &= mask.s6_addr32[3]; 1532 1533 /* if you set extra bits, that's wrong */ 1534 if (bcmp(&match, &sin6->sin6_addr, sizeof(match))) 1535 return EINVAL; 1536 1537 cmp = 1; 1538 } else { 1539 if (cmd == SIOCGLIFADDR) { 1540 /* on getting an address, take the 1st match */ 1541 cmp = 0; /* XXX */ 1542 } else { 1543 /* on deleting an address, do exact match */ 1544 in6_prefixlen2mask(&mask, 128); 1545 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1546 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1547 1548 cmp = 1; 1549 } 1550 } 1551 1552 for (ifa = ifp->if_addrlist.tqh_first; 1553 ifa; 1554 ifa = ifa->ifa_list.tqe_next) 1555 { 1556 if (ifa->ifa_addr->sa_family != AF_INET6) 1557 continue; 1558 if (!cmp) 1559 break; 1560 1561 bcopy(IFA_IN6(ifa), &candidate, sizeof(candidate)); 1562 candidate.s6_addr32[0] &= mask.s6_addr32[0]; 1563 candidate.s6_addr32[1] &= mask.s6_addr32[1]; 1564 candidate.s6_addr32[2] &= mask.s6_addr32[2]; 1565 candidate.s6_addr32[3] &= mask.s6_addr32[3]; 1566 if (IN6_ARE_ADDR_EQUAL(&candidate, &match)) 1567 break; 1568 } 1569 if (!ifa) 1570 return EADDRNOTAVAIL; 1571 ia = ifa2ia6(ifa); 1572 1573 if (cmd == SIOCGLIFADDR) { 1574 /* fill in the if_laddrreq structure */ 1575 bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin6_len); 1576 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1577 bcopy(&ia->ia_dstaddr, &iflr->dstaddr, 1578 ia->ia_dstaddr.sin6_len); 1579 } else 1580 bzero(&iflr->dstaddr, sizeof(iflr->dstaddr)); 1581 1582 iflr->prefixlen = 1583 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 1584 1585 iflr->flags = ia->ia6_flags; /* XXX */ 1586 1587 return 0; 1588 } else { 1589 struct in6_aliasreq ifra; 1590 1591 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */ 1592 bzero(&ifra, sizeof(ifra)); 1593 bcopy(iflr->iflr_name, ifra.ifra_name, 1594 sizeof(ifra.ifra_name)); 1595 1596 bcopy(&ia->ia_addr, &ifra.ifra_addr, 1597 ia->ia_addr.sin6_len); 1598 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1599 bcopy(&ia->ia_dstaddr, &ifra.ifra_dstaddr, 1600 ia->ia_dstaddr.sin6_len); 1601 } else { 1602 bzero(&ifra.ifra_dstaddr, 1603 sizeof(ifra.ifra_dstaddr)); 1604 } 1605 bcopy(&ia->ia_prefixmask, &ifra.ifra_dstaddr, 1606 ia->ia_prefixmask.sin6_len); 1607 1608 ifra.ifra_flags = ia->ia6_flags; 1609 return in6_control(so, SIOCDIFADDR_IN6, (caddr_t)&ifra, 1610 ifp, p); 1611 } 1612 } 1613 } 1614 1615 return EOPNOTSUPP; /* just for safety */ 1616 } 1617 1618 /* 1619 * Initialize an interface's intetnet6 address 1620 * and routing table entry. 1621 */ 1622 static int 1623 in6_ifinit(ifp, ia, sin6, newhost) 1624 struct ifnet *ifp; 1625 struct in6_ifaddr *ia; 1626 struct sockaddr_in6 *sin6; 1627 int newhost; 1628 { 1629 int error = 0, plen, ifacount = 0; 1630 int s = splnet(); 1631 struct ifaddr *ifa; 1632 1633 /* 1634 * Give the interface a chance to initialize 1635 * if this is its first address, 1636 * and to validate the address if necessary. 1637 */ 1638 for (ifa = ifp->if_addrlist.tqh_first; ifa; 1639 ifa = ifa->ifa_list.tqe_next) 1640 { 1641 if (ifa->ifa_addr == NULL) 1642 continue; /* just for safety */ 1643 if (ifa->ifa_addr->sa_family != AF_INET6) 1644 continue; 1645 ifacount++; 1646 } 1647 1648 ia->ia_addr = *sin6; 1649 1650 if (ifacount <= 1 && ifp->if_ioctl && 1651 (error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia))) { 1652 splx(s); 1653 return (error); 1654 } 1655 splx(s); 1656 1657 ia->ia_ifa.ifa_metric = ifp->if_metric; 1658 1659 /* we could do in(6)_socktrim here, but just omit it at this moment. */ 1660 1661 /* 1662 * Special case: 1663 * If the destination address is specified for a point-to-point 1664 * interface, install a route to the destination as an interface 1665 * direct route. 1666 */ 1667 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ 1668 if (plen == 128 && ia->ia_dstaddr.sin6_family == AF_INET6) { 1669 if ((error = rtinit(&(ia->ia_ifa), (int)RTM_ADD, 1670 RTF_UP | RTF_HOST)) != 0) 1671 return (error); 1672 ia->ia_flags |= IFA_ROUTE; 1673 } 1674 1675 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */ 1676 if (newhost) { 1677 /* set the rtrequest function to create llinfo */ 1678 ia->ia_ifa.ifa_rtrequest = nd6_rtrequest; 1679 in6_ifaddloop(&(ia->ia_ifa)); 1680 } 1681 1682 if (ifp->if_flags & IFF_MULTICAST) 1683 in6_restoremkludge(ia, ifp); 1684 1685 return (error); 1686 } 1687 1688 /* 1689 * Multicast address kludge: 1690 * If there were any multicast addresses attached to this interface address, 1691 * either move them to another address on this interface, or save them until 1692 * such time as this interface is reconfigured for IPv6. 1693 */ 1694 void 1695 in6_savemkludge(oia) 1696 struct in6_ifaddr *oia; 1697 { 1698 struct in6_ifaddr *ia; 1699 struct in6_multi *in6m, *next; 1700 1701 IFP_TO_IA6(oia->ia_ifp, ia); 1702 if (ia) { /* there is another address */ 1703 for (in6m = oia->ia6_multiaddrs.lh_first; in6m; in6m = next){ 1704 next = in6m->in6m_entry.le_next; 1705 IFAFREE(&in6m->in6m_ia->ia_ifa); 1706 IFAREF(&ia->ia_ifa); 1707 in6m->in6m_ia = ia; 1708 LIST_INSERT_HEAD(&ia->ia6_multiaddrs, in6m, in6m_entry); 1709 } 1710 } else { /* last address on this if deleted, save */ 1711 struct multi6_kludge *mk; 1712 1713 for (mk = in6_mk.lh_first; mk; mk = mk->mk_entry.le_next) { 1714 if (mk->mk_ifp == oia->ia_ifp) 1715 break; 1716 } 1717 if (mk == NULL) /* this should not happen! */ 1718 panic("in6_savemkludge: no kludge space"); 1719 1720 for (in6m = oia->ia6_multiaddrs.lh_first; in6m; in6m = next){ 1721 next = in6m->in6m_entry.le_next; 1722 IFAFREE(&in6m->in6m_ia->ia_ifa); /* release reference */ 1723 in6m->in6m_ia = NULL; 1724 LIST_INSERT_HEAD(&mk->mk_head, in6m, in6m_entry); 1725 } 1726 } 1727 } 1728 1729 /* 1730 * Continuation of multicast address hack: 1731 * If there was a multicast group list previously saved for this interface, 1732 * then we re-attach it to the first address configured on the i/f. 1733 */ 1734 void 1735 in6_restoremkludge(ia, ifp) 1736 struct in6_ifaddr *ia; 1737 struct ifnet *ifp; 1738 { 1739 struct multi6_kludge *mk; 1740 1741 for (mk = in6_mk.lh_first; mk; mk = mk->mk_entry.le_next) { 1742 if (mk->mk_ifp == ifp) { 1743 struct in6_multi *in6m, *next; 1744 1745 for (in6m = mk->mk_head.lh_first; in6m; in6m = next) { 1746 next = in6m->in6m_entry.le_next; 1747 in6m->in6m_ia = ia; 1748 IFAREF(&ia->ia_ifa); 1749 LIST_INSERT_HEAD(&ia->ia6_multiaddrs, 1750 in6m, in6m_entry); 1751 } 1752 LIST_INIT(&mk->mk_head); 1753 break; 1754 } 1755 } 1756 } 1757 1758 /* 1759 * Allocate space for the kludge at interface initialization time. 1760 * Formerly, we dynamically allocated the space in in6_savemkludge() with 1761 * malloc(M_WAITOK). However, it was wrong since the function could be called 1762 * under an interrupt context (software timer on address lifetime expiration). 1763 * Also, we cannot just give up allocating the strucutre, since the group 1764 * membership structure is very complex and we need to keep it anyway. 1765 * Of course, this function MUST NOT be called under an interrupt context. 1766 * Specifically, it is expected to be called only from in6_ifattach(), though 1767 * it is a global function. 1768 */ 1769 void 1770 in6_createmkludge(ifp) 1771 struct ifnet *ifp; 1772 { 1773 struct multi6_kludge *mk; 1774 1775 for (mk = in6_mk.lh_first; mk; mk = mk->mk_entry.le_next) { 1776 /* If we've already had one, do not allocate. */ 1777 if (mk->mk_ifp == ifp) 1778 return; 1779 } 1780 1781 mk = malloc(sizeof(*mk), M_IPMADDR, M_WAITOK); 1782 1783 bzero(mk, sizeof(*mk)); 1784 LIST_INIT(&mk->mk_head); 1785 mk->mk_ifp = ifp; 1786 LIST_INSERT_HEAD(&in6_mk, mk, mk_entry); 1787 } 1788 1789 void 1790 in6_purgemkludge(ifp) 1791 struct ifnet *ifp; 1792 { 1793 struct multi6_kludge *mk; 1794 struct in6_multi *in6m; 1795 1796 for (mk = in6_mk.lh_first; mk; mk = mk->mk_entry.le_next) { 1797 if (mk->mk_ifp != ifp) 1798 continue; 1799 1800 /* leave from all multicast groups joined */ 1801 while ((in6m = LIST_FIRST(&mk->mk_head)) != NULL) 1802 in6_delmulti(in6m); 1803 LIST_REMOVE(mk, mk_entry); 1804 free(mk, M_IPMADDR); 1805 break; 1806 } 1807 } 1808 1809 /* 1810 * Add an address to the list of IP6 multicast addresses for a 1811 * given interface. 1812 */ 1813 struct in6_multi * 1814 in6_addmulti(maddr6, ifp, errorp) 1815 struct in6_addr *maddr6; 1816 struct ifnet *ifp; 1817 int *errorp; 1818 { 1819 struct in6_ifaddr *ia; 1820 struct in6_ifreq ifr; 1821 struct in6_multi *in6m; 1822 int s = splsoftnet(); 1823 1824 *errorp = 0; 1825 /* 1826 * See if address already in list. 1827 */ 1828 IN6_LOOKUP_MULTI(*maddr6, ifp, in6m); 1829 if (in6m != NULL) { 1830 /* 1831 * Found it; just increment the refrence count. 1832 */ 1833 in6m->in6m_refcount++; 1834 } else { 1835 /* 1836 * New address; allocate a new multicast record 1837 * and link it into the interface's multicast list. 1838 */ 1839 in6m = (struct in6_multi *) 1840 malloc(sizeof(*in6m), M_IPMADDR, M_NOWAIT); 1841 if (in6m == NULL) { 1842 splx(s); 1843 *errorp = ENOBUFS; 1844 return (NULL); 1845 } 1846 in6m->in6m_addr = *maddr6; 1847 in6m->in6m_ifp = ifp; 1848 in6m->in6m_refcount = 1; 1849 IFP_TO_IA6(ifp, ia); 1850 if (ia == NULL) { 1851 free(in6m, M_IPMADDR); 1852 splx(s); 1853 *errorp = EADDRNOTAVAIL; /* appropriate? */ 1854 return (NULL); 1855 } 1856 in6m->in6m_ia = ia; 1857 IFAREF(&ia->ia_ifa); /* gain a reference */ 1858 LIST_INSERT_HEAD(&ia->ia6_multiaddrs, in6m, in6m_entry); 1859 1860 /* 1861 * Ask the network driver to update its multicast reception 1862 * filter appropriately for the new address. 1863 */ 1864 bzero(&ifr.ifr_addr, sizeof(struct sockaddr_in6)); 1865 ifr.ifr_addr.sin6_len = sizeof(struct sockaddr_in6); 1866 ifr.ifr_addr.sin6_family = AF_INET6; 1867 ifr.ifr_addr.sin6_addr = *maddr6; 1868 if (ifp->if_ioctl == NULL) 1869 *errorp = ENXIO; /* XXX: appropriate? */ 1870 else 1871 *errorp = (*ifp->if_ioctl)(ifp, SIOCADDMULTI, 1872 (caddr_t)&ifr); 1873 if (*errorp) { 1874 LIST_REMOVE(in6m, in6m_entry); 1875 free(in6m, M_IPMADDR); 1876 IFAFREE(&ia->ia_ifa); 1877 splx(s); 1878 return (NULL); 1879 } 1880 /* 1881 * Let MLD6 know that we have joined a new IP6 multicast 1882 * group. 1883 */ 1884 mld6_start_listening(in6m); 1885 } 1886 splx(s); 1887 return (in6m); 1888 } 1889 1890 /* 1891 * Delete a multicast address record. 1892 */ 1893 void 1894 in6_delmulti(in6m) 1895 struct in6_multi *in6m; 1896 { 1897 struct in6_ifreq ifr; 1898 struct in6_ifaddr *ia; 1899 int s = splsoftnet(); 1900 1901 if (--in6m->in6m_refcount == 0) { 1902 /* 1903 * No remaining claims to this record; let MLD6 know 1904 * that we are leaving the multicast group. 1905 */ 1906 mld6_stop_listening(in6m); 1907 1908 /* 1909 * Unlink from list. 1910 */ 1911 LIST_REMOVE(in6m, in6m_entry); 1912 if (in6m->in6m_ia) { 1913 IFAFREE(&in6m->in6m_ia->ia_ifa); /* release reference */ 1914 } 1915 /* 1916 * Delete all references of this multicasting group from 1917 * the membership arrays 1918 */ 1919 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 1920 struct in6_multi_mship *imm; 1921 LIST_FOREACH(imm, &ia->ia6_memberships, 1922 i6mm_chain) { 1923 if (imm->i6mm_maddr == in6m) 1924 imm->i6mm_maddr = NULL; 1925 } 1926 } 1927 1928 /* 1929 * Notify the network driver to update its multicast 1930 * reception filter. 1931 */ 1932 bzero(&ifr.ifr_addr, sizeof(struct sockaddr_in6)); 1933 ifr.ifr_addr.sin6_len = sizeof(struct sockaddr_in6); 1934 ifr.ifr_addr.sin6_family = AF_INET6; 1935 ifr.ifr_addr.sin6_addr = in6m->in6m_addr; 1936 (*in6m->in6m_ifp->if_ioctl)(in6m->in6m_ifp, 1937 SIOCDELMULTI, (caddr_t)&ifr); 1938 free(in6m, M_IPMADDR); 1939 } 1940 splx(s); 1941 } 1942 1943 struct in6_multi_mship * 1944 in6_joingroup(ifp, addr, errorp) 1945 struct ifnet *ifp; 1946 struct in6_addr *addr; 1947 int *errorp; 1948 { 1949 struct in6_multi_mship *imm; 1950 1951 imm = malloc(sizeof(*imm), M_IPMADDR, M_NOWAIT); 1952 if (!imm) { 1953 *errorp = ENOBUFS; 1954 return NULL; 1955 } 1956 imm->i6mm_maddr = in6_addmulti(addr, ifp, errorp); 1957 if (!imm->i6mm_maddr) { 1958 /* *errorp is alrady set */ 1959 free(imm, M_IPMADDR); 1960 return NULL; 1961 } 1962 return imm; 1963 } 1964 1965 int 1966 in6_leavegroup(imm) 1967 struct in6_multi_mship *imm; 1968 { 1969 1970 if (imm->i6mm_maddr) 1971 in6_delmulti(imm->i6mm_maddr); 1972 free(imm, M_IPMADDR); 1973 return 0; 1974 } 1975 1976 /* 1977 * Find an IPv6 interface link-local address specific to an interface. 1978 */ 1979 struct in6_ifaddr * 1980 in6ifa_ifpforlinklocal(ifp, ignoreflags) 1981 struct ifnet *ifp; 1982 int ignoreflags; 1983 { 1984 struct ifaddr *ifa; 1985 1986 for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa->ifa_list.tqe_next) 1987 { 1988 if (ifa->ifa_addr == NULL) 1989 continue; /* just for safety */ 1990 if (ifa->ifa_addr->sa_family != AF_INET6) 1991 continue; 1992 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) { 1993 if ((((struct in6_ifaddr *)ifa)->ia6_flags & 1994 ignoreflags) != 0) 1995 continue; 1996 break; 1997 } 1998 } 1999 2000 return ((struct in6_ifaddr *)ifa); 2001 } 2002 2003 2004 /* 2005 * find the internet address corresponding to a given interface and address. 2006 */ 2007 struct in6_ifaddr * 2008 in6ifa_ifpwithaddr(ifp, addr) 2009 struct ifnet *ifp; 2010 struct in6_addr *addr; 2011 { 2012 struct ifaddr *ifa; 2013 2014 for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa->ifa_list.tqe_next) 2015 { 2016 if (ifa->ifa_addr == NULL) 2017 continue; /* just for safety */ 2018 if (ifa->ifa_addr->sa_family != AF_INET6) 2019 continue; 2020 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) 2021 break; 2022 } 2023 2024 return ((struct in6_ifaddr *)ifa); 2025 } 2026 2027 /* 2028 * Convert IP6 address to printable (loggable) representation. 2029 */ 2030 static int ip6round = 0; 2031 char * 2032 ip6_sprintf(addr) 2033 const struct in6_addr *addr; 2034 { 2035 static char ip6buf[8][48]; 2036 int i; 2037 char *cp; 2038 const u_int16_t *a = (const u_int16_t *)addr; 2039 const u_int8_t *d; 2040 int dcolon = 0; 2041 2042 ip6round = (ip6round + 1) & 7; 2043 cp = ip6buf[ip6round]; 2044 2045 for (i = 0; i < 8; i++) { 2046 if (dcolon == 1) { 2047 if (*a == 0) { 2048 if (i == 7) 2049 *cp++ = ':'; 2050 a++; 2051 continue; 2052 } else 2053 dcolon = 2; 2054 } 2055 if (*a == 0) { 2056 if (dcolon == 0 && *(a + 1) == 0) { 2057 if (i == 0) 2058 *cp++ = ':'; 2059 *cp++ = ':'; 2060 dcolon = 1; 2061 } else { 2062 *cp++ = '0'; 2063 *cp++ = ':'; 2064 } 2065 a++; 2066 continue; 2067 } 2068 d = (const u_char *)a; 2069 *cp++ = hexdigits[*d >> 4]; 2070 *cp++ = hexdigits[*d++ & 0xf]; 2071 *cp++ = hexdigits[*d >> 4]; 2072 *cp++ = hexdigits[*d & 0xf]; 2073 *cp++ = ':'; 2074 a++; 2075 } 2076 *--cp = 0; 2077 return (ip6buf[ip6round]); 2078 } 2079 2080 /* 2081 * Determine if an address is on a local network. 2082 */ 2083 int 2084 in6_localaddr(in6) 2085 struct in6_addr *in6; 2086 { 2087 struct in6_ifaddr *ia; 2088 2089 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6)) 2090 return (1); 2091 2092 for (ia = in6_ifaddr; ia; ia = ia->ia_next) 2093 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr, 2094 &ia->ia_prefixmask.sin6_addr)) 2095 return (1); 2096 2097 return (0); 2098 } 2099 2100 /* 2101 * Get a scope of the address. Node-local, link-local, site-local or global. 2102 */ 2103 int 2104 in6_addrscope (addr) 2105 struct in6_addr *addr; 2106 { 2107 int scope; 2108 2109 if (addr->s6_addr8[0] == 0xfe) { 2110 scope = addr->s6_addr8[1] & 0xc0; 2111 2112 switch (scope) { 2113 case 0x80: 2114 return IPV6_ADDR_SCOPE_LINKLOCAL; 2115 case 0xc0: 2116 return IPV6_ADDR_SCOPE_SITELOCAL; 2117 default: 2118 return IPV6_ADDR_SCOPE_GLOBAL; /* just in case */ 2119 } 2120 } 2121 2122 2123 if (addr->s6_addr8[0] == 0xff) { 2124 scope = addr->s6_addr8[1] & 0x0f; 2125 2126 /* 2127 * due to other scope such as reserved, 2128 * return scope doesn't work. 2129 */ 2130 switch (scope) { 2131 case IPV6_ADDR_SCOPE_NODELOCAL: 2132 return IPV6_ADDR_SCOPE_NODELOCAL; 2133 case IPV6_ADDR_SCOPE_LINKLOCAL: 2134 return IPV6_ADDR_SCOPE_LINKLOCAL; 2135 case IPV6_ADDR_SCOPE_SITELOCAL: 2136 return IPV6_ADDR_SCOPE_SITELOCAL; 2137 default: 2138 return IPV6_ADDR_SCOPE_GLOBAL; 2139 } 2140 } 2141 2142 if (bcmp(&in6addr_loopback, addr, sizeof(*addr) - 1) == 0) { 2143 if (addr->s6_addr8[15] == 1) /* loopback */ 2144 return IPV6_ADDR_SCOPE_NODELOCAL; 2145 if (addr->s6_addr8[15] == 0) /* unspecified */ 2146 return IPV6_ADDR_SCOPE_LINKLOCAL; 2147 } 2148 2149 return IPV6_ADDR_SCOPE_GLOBAL; 2150 } 2151 2152 int 2153 in6_addr2scopeid(ifp, addr) 2154 struct ifnet *ifp; /* must not be NULL */ 2155 struct in6_addr *addr; /* must not be NULL */ 2156 { 2157 int scope = in6_addrscope(addr); 2158 2159 switch (scope) { 2160 case IPV6_ADDR_SCOPE_NODELOCAL: 2161 return (-1); /* XXX: is this an appropriate value? */ 2162 2163 case IPV6_ADDR_SCOPE_LINKLOCAL: 2164 /* XXX: we do not distinguish between a link and an I/F. */ 2165 return (ifp->if_index); 2166 2167 case IPV6_ADDR_SCOPE_SITELOCAL: 2168 return (0); /* XXX: invalid. */ 2169 2170 default: 2171 return (0); /* XXX: treat as global. */ 2172 } 2173 } 2174 2175 int 2176 in6_is_addr_deprecated(sa6) 2177 struct sockaddr_in6 *sa6; 2178 { 2179 struct in6_ifaddr *ia; 2180 2181 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 2182 if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, 2183 &sa6->sin6_addr) && 2184 #ifdef SCOPEDROUTING 2185 ia->ia_addr.sin6_scope_id == sa6->sin6_scope_id && 2186 #endif 2187 (ia->ia6_flags & IN6_IFF_DEPRECATED) != 0) 2188 return (1); /* true */ 2189 2190 /* XXX: do we still have to go thru the rest of the list? */ 2191 } 2192 2193 return (0); /* false */ 2194 } 2195 2196 /* 2197 * return length of part which dst and src are equal 2198 * hard coding... 2199 */ 2200 int 2201 in6_matchlen(src, dst) 2202 struct in6_addr *src, *dst; 2203 { 2204 int match = 0; 2205 u_char *s = (u_char *)src, *d = (u_char *)dst; 2206 u_char *lim = s + 16, r; 2207 2208 while (s < lim) 2209 if ((r = (*d++ ^ *s++)) != 0) { 2210 while (r < 128) { 2211 match++; 2212 r <<= 1; 2213 } 2214 break; 2215 } else 2216 match += 8; 2217 return match; 2218 } 2219 2220 /* XXX: to be scope conscious */ 2221 int 2222 in6_are_prefix_equal(p1, p2, len) 2223 struct in6_addr *p1, *p2; 2224 int len; 2225 { 2226 int bytelen, bitlen; 2227 2228 /* sanity check */ 2229 if (0 > len || len > 128) { 2230 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n", 2231 len); 2232 return (0); 2233 } 2234 2235 bytelen = len / 8; 2236 bitlen = len % 8; 2237 2238 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen)) 2239 return (0); 2240 if (bitlen != 0 && 2241 p1->s6_addr[bytelen] >> (8 - bitlen) != 2242 p2->s6_addr[bytelen] >> (8 - bitlen)) 2243 return (0); 2244 2245 return (1); 2246 } 2247 2248 void 2249 in6_prefixlen2mask(maskp, len) 2250 struct in6_addr *maskp; 2251 int len; 2252 { 2253 static const u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff}; 2254 int bytelen, bitlen, i; 2255 2256 /* sanity check */ 2257 if (0 > len || len > 128) { 2258 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n", 2259 len); 2260 return; 2261 } 2262 2263 bzero(maskp, sizeof(*maskp)); 2264 bytelen = len / 8; 2265 bitlen = len % 8; 2266 for (i = 0; i < bytelen; i++) 2267 maskp->s6_addr[i] = 0xff; 2268 if (bitlen) 2269 maskp->s6_addr[bytelen] = maskarray[bitlen - 1]; 2270 } 2271 2272 /* 2273 * return the best address out of the same scope 2274 */ 2275 struct in6_ifaddr * 2276 in6_ifawithscope(oifp, dst) 2277 struct ifnet *oifp; 2278 struct in6_addr *dst; 2279 { 2280 int dst_scope = in6_addrscope(dst), src_scope, best_scope = 0; 2281 int blen = -1; 2282 struct ifaddr *ifa; 2283 struct ifnet *ifp; 2284 struct in6_ifaddr *ifa_best = NULL; 2285 2286 if (oifp == NULL) { 2287 printf("in6_ifawithscope: output interface is not specified\n"); 2288 return (NULL); 2289 } 2290 2291 /* 2292 * We search for all addresses on all interfaces from the beginning. 2293 * Comparing an interface with the outgoing interface will be done 2294 * only at the final stage of tiebreaking. 2295 */ 2296 for (ifp = TAILQ_FIRST(&ifnet); ifp; ifp = TAILQ_NEXT(ifp, if_list)) 2297 { 2298 /* 2299 * We can never take an address that breaks the scope zone 2300 * of the destination. 2301 */ 2302 if (in6_addr2scopeid(ifp, dst) != in6_addr2scopeid(oifp, dst)) 2303 continue; 2304 2305 for (ifa = ifp->if_addrlist.tqh_first; ifa; 2306 ifa = ifa->ifa_list.tqe_next) 2307 { 2308 int tlen = -1, dscopecmp, bscopecmp, matchcmp; 2309 2310 if (ifa->ifa_addr->sa_family != AF_INET6) 2311 continue; 2312 2313 src_scope = in6_addrscope(IFA_IN6(ifa)); 2314 2315 #ifdef ADDRSELECT_DEBUG /* should be removed after stabilization */ 2316 dscopecmp = IN6_ARE_SCOPE_CMP(src_scope, dst_scope); 2317 printf("in6_ifawithscope: dst=%s bestaddr=%s, " 2318 "newaddr=%s, scope=%x, dcmp=%d, bcmp=%d, " 2319 "matchlen=%d, flgs=%x\n", 2320 ip6_sprintf(dst), 2321 ifa_best ? ip6_sprintf(&ifa_best->ia_addr.sin6_addr) : "none", 2322 ip6_sprintf(IFA_IN6(ifa)), src_scope, 2323 dscopecmp, 2324 ifa_best ? IN6_ARE_SCOPE_CMP(src_scope, best_scope) : -1, 2325 in6_matchlen(IFA_IN6(ifa), dst), 2326 ((struct in6_ifaddr *)ifa)->ia6_flags); 2327 #endif 2328 2329 /* 2330 * Don't use an address before completing DAD 2331 * nor a duplicated address. 2332 */ 2333 if (((struct in6_ifaddr *)ifa)->ia6_flags & 2334 IN6_IFF_NOTREADY) 2335 continue; 2336 2337 /* XXX: is there any case to allow anycasts? */ 2338 if (((struct in6_ifaddr *)ifa)->ia6_flags & 2339 IN6_IFF_ANYCAST) 2340 continue; 2341 2342 if (((struct in6_ifaddr *)ifa)->ia6_flags & 2343 IN6_IFF_DETACHED) 2344 continue; 2345 2346 /* 2347 * If this is the first address we find, 2348 * keep it anyway. 2349 */ 2350 if (ifa_best == NULL) 2351 goto replace; 2352 2353 /* 2354 * ifa_best is never NULL beyond this line except 2355 * within the block labeled "replace". 2356 */ 2357 2358 /* 2359 * If ifa_best has a smaller scope than dst and 2360 * the current address has a larger one than 2361 * (or equal to) dst, always replace ifa_best. 2362 * Also, if the current address has a smaller scope 2363 * than dst, ignore it unless ifa_best also has a 2364 * smaller scope. 2365 */ 2366 if (IN6_ARE_SCOPE_CMP(best_scope, dst_scope) < 0 && 2367 IN6_ARE_SCOPE_CMP(src_scope, dst_scope) >= 0) 2368 goto replace; 2369 if (IN6_ARE_SCOPE_CMP(src_scope, dst_scope) < 0 && 2370 IN6_ARE_SCOPE_CMP(best_scope, dst_scope) >= 0) 2371 continue; 2372 2373 /* 2374 * A deprecated address SHOULD NOT be used in new 2375 * communications if an alternate (non-deprecated) 2376 * address is available and has sufficient scope. 2377 * RFC 2462, Section 5.5.4. 2378 */ 2379 if (((struct in6_ifaddr *)ifa)->ia6_flags & 2380 IN6_IFF_DEPRECATED) { 2381 /* 2382 * Ignore any deprecated addresses if 2383 * specified by configuration. 2384 */ 2385 if (!ip6_use_deprecated) 2386 continue; 2387 2388 /* 2389 * If we have already found a non-deprecated 2390 * candidate, just ignore deprecated addresses. 2391 */ 2392 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) 2393 == 0) 2394 continue; 2395 } 2396 2397 /* 2398 * A non-deprecated address is always preferred 2399 * to a deprecated one regardless of scopes and 2400 * address matching. 2401 */ 2402 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) && 2403 (((struct in6_ifaddr *)ifa)->ia6_flags & 2404 IN6_IFF_DEPRECATED) == 0) 2405 goto replace; 2406 2407 /* 2408 * At this point, we have two cases: 2409 * 1. we are looking at a non-deprecated address, 2410 * and ifa_best is also non-deprecated. 2411 * 2. we are looking at a deprecated address, 2412 * and ifa_best is also deprecated. 2413 * Also, we do not have to consider a case where 2414 * the scope of if_best is larger(smaller) than dst and 2415 * the scope of the current address is smaller(larger) 2416 * than dst. Such a case has already been covered. 2417 * Tiebreaking is done according to the following 2418 * items: 2419 * - the scope comparison between the address and 2420 * dst (dscopecmp) 2421 * - the scope comparison between the address and 2422 * ifa_best (bscopecmp) 2423 * - if the address match dst longer than ifa_best 2424 * (matchcmp) 2425 * - if the address is on the outgoing I/F (outI/F) 2426 * 2427 * Roughly speaking, the selection policy is 2428 * - the most important item is scope. The same scope 2429 * is best. Then search for a larger scope. 2430 * Smaller scopes are the last resort. 2431 * - A deprecated address is chosen only when we have 2432 * no address that has an enough scope, but is 2433 * prefered to any addresses of smaller scopes. 2434 * - Longest address match against dst is considered 2435 * only for addresses that has the same scope of dst. 2436 * - If there is no other reasons to choose one, 2437 * addresses on the outgoing I/F are preferred. 2438 * 2439 * The precise decision table is as follows: 2440 * dscopecmp bscopecmp matchcmp outI/F | replace? 2441 * !equal equal N/A Yes | Yes (1) 2442 * !equal equal N/A No | No (2) 2443 * larger larger N/A N/A | No (3) 2444 * larger smaller N/A N/A | Yes (4) 2445 * smaller larger N/A N/A | Yes (5) 2446 * smaller smaller N/A N/A | No (6) 2447 * equal smaller N/A N/A | Yes (7) 2448 * equal larger (already done) 2449 * equal equal larger N/A | Yes (8) 2450 * equal equal smaller N/A | No (9) 2451 * equal equal equal Yes | Yes (a) 2452 * eaual eqaul equal No | No (b) 2453 */ 2454 dscopecmp = IN6_ARE_SCOPE_CMP(src_scope, dst_scope); 2455 bscopecmp = IN6_ARE_SCOPE_CMP(src_scope, best_scope); 2456 2457 if (dscopecmp && bscopecmp == 0) { 2458 if (oifp == ifp) /* (1) */ 2459 goto replace; 2460 continue; /* (2) */ 2461 } 2462 if (dscopecmp > 0) { 2463 if (bscopecmp > 0) /* (3) */ 2464 continue; 2465 goto replace; /* (4) */ 2466 } 2467 if (dscopecmp < 0) { 2468 if (bscopecmp > 0) /* (5) */ 2469 goto replace; 2470 continue; /* (6) */ 2471 } 2472 2473 /* now dscopecmp must be 0 */ 2474 if (bscopecmp < 0) 2475 goto replace; /* (7) */ 2476 2477 /* 2478 * At last both dscopecmp and bscopecmp must be 0. 2479 * We need address matching against dst for 2480 * tiebreaking. 2481 */ 2482 tlen = in6_matchlen(IFA_IN6(ifa), dst); 2483 matchcmp = tlen - blen; 2484 if (matchcmp > 0) /* (8) */ 2485 goto replace; 2486 if (matchcmp < 0) /* (9) */ 2487 continue; 2488 if (oifp == ifp) /* (a) */ 2489 goto replace; 2490 continue; /* (b) */ 2491 2492 replace: 2493 ifa_best = (struct in6_ifaddr *)ifa; 2494 blen = tlen >= 0 ? tlen : 2495 in6_matchlen(IFA_IN6(ifa), dst); 2496 best_scope = in6_addrscope(&ifa_best->ia_addr.sin6_addr); 2497 } 2498 } 2499 2500 /* count statistics for future improvements */ 2501 if (ifa_best == NULL) 2502 ip6stat.ip6s_sources_none++; 2503 else { 2504 if (oifp == ifa_best->ia_ifp) 2505 ip6stat.ip6s_sources_sameif[best_scope]++; 2506 else 2507 ip6stat.ip6s_sources_otherif[best_scope]++; 2508 2509 if (best_scope == dst_scope) 2510 ip6stat.ip6s_sources_samescope[best_scope]++; 2511 else 2512 ip6stat.ip6s_sources_otherscope[best_scope]++; 2513 2514 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) != 0) 2515 ip6stat.ip6s_sources_deprecated[best_scope]++; 2516 } 2517 2518 return (ifa_best); 2519 } 2520 2521 /* 2522 * return the best address out of the same scope. if no address was 2523 * found, return the first valid address from designated IF. 2524 */ 2525 struct in6_ifaddr * 2526 in6_ifawithifp(ifp, dst) 2527 struct ifnet *ifp; 2528 struct in6_addr *dst; 2529 { 2530 int dst_scope = in6_addrscope(dst), blen = -1, tlen; 2531 struct ifaddr *ifa; 2532 struct in6_ifaddr *besta = 0; 2533 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */ 2534 2535 dep[0] = dep[1] = NULL; 2536 2537 /* 2538 * We first look for addresses in the same scope. 2539 * If there is one, return it. 2540 * If two or more, return one which matches the dst longest. 2541 * If none, return one of global addresses assigned other ifs. 2542 */ 2543 for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa->ifa_list.tqe_next) 2544 { 2545 if (ifa->ifa_addr->sa_family != AF_INET6) 2546 continue; 2547 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2548 continue; /* XXX: is there any case to allow anycast? */ 2549 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2550 continue; /* don't use this interface */ 2551 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2552 continue; 2553 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2554 if (ip6_use_deprecated) 2555 dep[0] = (struct in6_ifaddr *)ifa; 2556 continue; 2557 } 2558 2559 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) { 2560 /* 2561 * call in6_matchlen() as few as possible 2562 */ 2563 if (besta) { 2564 if (blen == -1) 2565 blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst); 2566 tlen = in6_matchlen(IFA_IN6(ifa), dst); 2567 if (tlen > blen) { 2568 blen = tlen; 2569 besta = (struct in6_ifaddr *)ifa; 2570 } 2571 } else 2572 besta = (struct in6_ifaddr *)ifa; 2573 } 2574 } 2575 if (besta) 2576 return (besta); 2577 2578 for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa->ifa_list.tqe_next) 2579 { 2580 if (ifa->ifa_addr->sa_family != AF_INET6) 2581 continue; 2582 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2583 continue; /* XXX: is there any case to allow anycast? */ 2584 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2585 continue; /* don't use this interface */ 2586 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2587 continue; 2588 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2589 if (ip6_use_deprecated) 2590 dep[1] = (struct in6_ifaddr *)ifa; 2591 continue; 2592 } 2593 2594 return (struct in6_ifaddr *)ifa; 2595 } 2596 2597 /* use the last-resort values, that are, deprecated addresses */ 2598 if (dep[0]) 2599 return dep[0]; 2600 if (dep[1]) 2601 return dep[1]; 2602 2603 return NULL; 2604 } 2605 2606 /* 2607 * perform DAD when interface becomes IFF_UP. 2608 */ 2609 void 2610 in6_if_up(ifp) 2611 struct ifnet *ifp; 2612 { 2613 struct ifaddr *ifa; 2614 struct in6_ifaddr *ia; 2615 int dad_delay; /* delay ticks before DAD output */ 2616 2617 /* 2618 * special cases, like 6to4, are handled in in6_ifattach 2619 */ 2620 in6_ifattach(ifp, NULL); 2621 2622 dad_delay = 0; 2623 for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa->ifa_list.tqe_next) 2624 { 2625 if (ifa->ifa_addr->sa_family != AF_INET6) 2626 continue; 2627 ia = (struct in6_ifaddr *)ifa; 2628 if (ia->ia6_flags & IN6_IFF_TENTATIVE) 2629 nd6_dad_start(ifa, &dad_delay); 2630 } 2631 } 2632 2633 int 2634 in6if_do_dad(ifp) 2635 struct ifnet *ifp; 2636 { 2637 if ((ifp->if_flags & IFF_LOOPBACK) != 0) 2638 return (0); 2639 2640 switch (ifp->if_type) { 2641 case IFT_FAITH: 2642 /* 2643 * These interfaces do not have the IFF_LOOPBACK flag, 2644 * but loop packets back. We do not have to do DAD on such 2645 * interfaces. We should even omit it, because loop-backed 2646 * NS would confuse the DAD procedure. 2647 */ 2648 return (0); 2649 default: 2650 /* 2651 * Our DAD routine requires the interface up and running. 2652 * However, some interfaces can be up before the RUNNING 2653 * status. Additionaly, users may try to assign addresses 2654 * before the interface becomes up (or running). 2655 * We simply skip DAD in such a case as a work around. 2656 * XXX: we should rather mark "tentative" on such addresses, 2657 * and do DAD after the interface becomes ready. 2658 */ 2659 if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) != 2660 (IFF_UP|IFF_RUNNING)) 2661 return (0); 2662 2663 return (1); 2664 } 2665 } 2666 2667 /* 2668 * Calculate max IPv6 MTU through all the interfaces and store it 2669 * to in6_maxmtu. 2670 */ 2671 void 2672 in6_setmaxmtu() 2673 { 2674 unsigned long maxmtu = 0; 2675 struct ifnet *ifp; 2676 2677 for (ifp = TAILQ_FIRST(&ifnet); ifp; ifp = TAILQ_NEXT(ifp, if_list)) 2678 { 2679 /* this function can be called during ifnet initialization */ 2680 if (!ifp->if_afdata[AF_INET6]) 2681 continue; 2682 if ((ifp->if_flags & IFF_LOOPBACK) == 0 && 2683 IN6_LINKMTU(ifp) > maxmtu) 2684 maxmtu = IN6_LINKMTU(ifp); 2685 } 2686 if (maxmtu) /* update only when maxmtu is positive */ 2687 in6_maxmtu = maxmtu; 2688 } 2689 2690 void * 2691 in6_domifattach(ifp) 2692 struct ifnet *ifp; 2693 { 2694 struct in6_ifextra *ext; 2695 2696 ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK); 2697 bzero(ext, sizeof(*ext)); 2698 2699 ext->in6_ifstat = (struct in6_ifstat *)malloc(sizeof(struct in6_ifstat), 2700 M_IFADDR, M_WAITOK); 2701 bzero(ext->in6_ifstat, sizeof(*ext->in6_ifstat)); 2702 2703 ext->icmp6_ifstat = 2704 (struct icmp6_ifstat *)malloc(sizeof(struct icmp6_ifstat), 2705 M_IFADDR, M_WAITOK); 2706 bzero(ext->icmp6_ifstat, sizeof(*ext->icmp6_ifstat)); 2707 2708 ext->nd_ifinfo = nd6_ifattach(ifp); 2709 return ext; 2710 } 2711 2712 void 2713 in6_domifdetach(ifp, aux) 2714 struct ifnet *ifp; 2715 void *aux; 2716 { 2717 struct in6_ifextra *ext = (struct in6_ifextra *)aux; 2718 2719 nd6_ifdetach(ext->nd_ifinfo); 2720 free(ext->in6_ifstat, M_IFADDR); 2721 free(ext->icmp6_ifstat, M_IFADDR); 2722 free(ext, M_IFADDR); 2723 } 2724