1 /* $NetBSD: raw_ip6.c,v 1.183 2023/03/22 03:17:18 ozaki-r Exp $ */ 2 /* $KAME: raw_ip6.c,v 1.82 2001/07/23 18:57:56 jinmei Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1988, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 * 61 * @(#)raw_ip.c 8.2 (Berkeley) 1/4/94 62 */ 63 64 #include <sys/cdefs.h> 65 __KERNEL_RCSID(0, "$NetBSD: raw_ip6.c,v 1.183 2023/03/22 03:17:18 ozaki-r Exp $"); 66 67 #ifdef _KERNEL_OPT 68 #include "opt_ipsec.h" 69 #include "opt_net_mpsafe.h" 70 #endif 71 72 #include <sys/param.h> 73 #include <sys/sysctl.h> 74 #include <sys/mbuf.h> 75 #include <sys/socket.h> 76 #include <sys/protosw.h> 77 #include <sys/socketvar.h> 78 #include <sys/systm.h> 79 #include <sys/proc.h> 80 #include <sys/kauth.h> 81 #include <sys/kmem.h> 82 83 #include <net/if.h> 84 #include <net/if_types.h> 85 #include <net/net_stats.h> 86 87 #include <netinet/in.h> 88 #include <netinet/in_var.h> 89 #include <netinet/ip6.h> 90 #include <netinet6/ip6_var.h> 91 #include <netinet6/ip6_private.h> 92 #include <netinet6/ip6_mroute.h> 93 #include <netinet/icmp6.h> 94 #include <netinet6/icmp6_private.h> 95 #include <netinet6/in6_pcb.h> 96 #include <netinet6/ip6protosw.h> 97 #include <netinet6/scope6_var.h> 98 #include <netinet6/raw_ip6.h> 99 100 #ifdef IPSEC 101 #include <netipsec/ipsec.h> 102 #include <netipsec/ipsec6.h> 103 #endif 104 105 #include "faith.h" 106 #if defined(NFAITH) && 0 < NFAITH 107 #include <net/if_faith.h> 108 #endif 109 110 extern struct inpcbtable rawcbtable; 111 struct inpcbtable raw6cbtable; 112 #define ifatoia6(ifa) ((struct in6_ifaddr *)(ifa)) 113 114 /* 115 * Raw interface to IP6 protocol. 116 */ 117 118 static percpu_t *rip6stat_percpu; 119 120 #define RIP6_STATINC(x) _NET_STATINC(rip6stat_percpu, x) 121 122 static void sysctl_net_inet6_raw6_setup(struct sysctllog **); 123 124 /* 125 * Initialize raw connection block queue. 126 */ 127 void 128 rip6_init(void) 129 { 130 131 sysctl_net_inet6_raw6_setup(NULL); 132 in6pcb_init(&raw6cbtable, 1, 1); 133 134 rip6stat_percpu = percpu_alloc(sizeof(uint64_t) * RIP6_NSTATS); 135 } 136 137 static void 138 rip6_sbappendaddr(struct inpcb *last, struct ip6_hdr *ip6, 139 const struct sockaddr *sa, int hlen, struct mbuf *n) 140 { 141 struct mbuf *opts = NULL; 142 143 if (last->inp_flags & IN6P_CONTROLOPTS) 144 ip6_savecontrol(last, &opts, ip6, n); 145 146 m_adj(n, hlen); 147 148 if (sbappendaddr(&last->inp_socket->so_rcv, sa, n, opts) == 0) { 149 soroverflow(last->inp_socket); 150 m_freem(n); 151 if (opts) 152 m_freem(opts); 153 RIP6_STATINC(RIP6_STAT_FULLSOCK); 154 } else { 155 sorwakeup(last->inp_socket); 156 } 157 } 158 159 /* 160 * Setup generic address and protocol structures 161 * for raw_input routine, then pass them along with 162 * mbuf chain. 163 */ 164 int 165 rip6_input(struct mbuf **mp, int *offp, int proto) 166 { 167 struct mbuf *m = *mp; 168 struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); 169 struct inpcb *inp; 170 struct inpcb *last = NULL; 171 struct sockaddr_in6 rip6src; 172 struct mbuf *n; 173 174 RIP6_STATINC(RIP6_STAT_IPACKETS); 175 176 #if defined(NFAITH) && 0 < NFAITH 177 if (faithprefix(&ip6->ip6_dst)) { 178 /* send icmp6 host unreach? */ 179 m_freem(m); 180 return IPPROTO_DONE; 181 } 182 #endif 183 184 sockaddr_in6_init(&rip6src, &ip6->ip6_src, 0, 0, 0); 185 if (sa6_recoverscope(&rip6src) != 0) { 186 /* XXX: should be impossible. */ 187 m_freem(m); 188 return IPPROTO_DONE; 189 } 190 191 TAILQ_FOREACH(inp, &raw6cbtable.inpt_queue, inp_queue) { 192 if (inp->inp_af != AF_INET6) 193 continue; 194 if (in6p_ip6(inp).ip6_nxt && 195 in6p_ip6(inp).ip6_nxt != proto) 196 continue; 197 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p_laddr(inp)) && 198 !IN6_ARE_ADDR_EQUAL(&in6p_laddr(inp), &ip6->ip6_dst)) 199 continue; 200 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p_faddr(inp)) && 201 !IN6_ARE_ADDR_EQUAL(&in6p_faddr(inp), &ip6->ip6_src)) 202 continue; 203 if (in6p_cksum(inp) != -1) { 204 RIP6_STATINC(RIP6_STAT_ISUM); 205 /* 206 * Although in6_cksum() does not need the position of 207 * the checksum field for verification, enforce that it 208 * is located within the packet. Userland has given 209 * a checksum offset, a packet too short for that is 210 * invalid. Avoid overflow with user supplied offset. 211 */ 212 if (m->m_pkthdr.len < *offp + 2 || 213 m->m_pkthdr.len - *offp - 2 < in6p_cksum(inp) || 214 in6_cksum(m, proto, *offp, 215 m->m_pkthdr.len - *offp)) { 216 RIP6_STATINC(RIP6_STAT_BADSUM); 217 continue; 218 } 219 } 220 221 if (last == NULL) { 222 ; 223 } 224 #ifdef IPSEC 225 else if (ipsec_used && ipsec_in_reject(m, last)) { 226 /* do not inject data into pcb */ 227 } 228 #endif 229 else if ((n = m_copypacket(m, M_DONTWAIT)) != NULL) { 230 rip6_sbappendaddr(last, ip6, sin6tosa(&rip6src), 231 *offp, n); 232 } 233 234 last = inp; 235 } 236 237 #ifdef IPSEC 238 if (ipsec_used && last && ipsec_in_reject(m, last)) { 239 m_freem(m); 240 IP6_STATDEC(IP6_STAT_DELIVERED); 241 /* do not inject data into pcb */ 242 } else 243 #endif 244 if (last != NULL) { 245 rip6_sbappendaddr(last, ip6, sin6tosa(&rip6src), *offp, m); 246 } else { 247 RIP6_STATINC(RIP6_STAT_NOSOCK); 248 if (m->m_flags & M_MCAST) 249 RIP6_STATINC(RIP6_STAT_NOSOCKMCAST); 250 if (proto == IPPROTO_NONE) 251 m_freem(m); 252 else { 253 int s; 254 struct ifnet *rcvif = m_get_rcvif(m, &s); 255 const int prvnxt = ip6_get_prevhdr(m, *offp); 256 in6_ifstat_inc(rcvif, ifs6_in_protounknown); 257 m_put_rcvif(rcvif, &s); 258 icmp6_error(m, ICMP6_PARAM_PROB, 259 ICMP6_PARAMPROB_NEXTHEADER, 260 prvnxt); 261 } 262 IP6_STATDEC(IP6_STAT_DELIVERED); 263 } 264 return IPPROTO_DONE; 265 } 266 267 void * 268 rip6_ctlinput(int cmd, const struct sockaddr *sa, void *d) 269 { 270 struct ip6_hdr *ip6; 271 struct ip6ctlparam *ip6cp = NULL; 272 const struct sockaddr_in6 *sa6_src = NULL; 273 void *cmdarg; 274 void (*notify)(struct inpcb *, int) = in6pcb_rtchange; 275 int nxt; 276 277 if (sa->sa_family != AF_INET6 || 278 sa->sa_len != sizeof(struct sockaddr_in6)) 279 return NULL; 280 281 if ((unsigned)cmd >= PRC_NCMDS) 282 return NULL; 283 if (PRC_IS_REDIRECT(cmd)) 284 notify = in6pcb_rtchange, d = NULL; 285 else if (cmd == PRC_HOSTDEAD) 286 d = NULL; 287 else if (cmd == PRC_MSGSIZE) 288 ; /* special code is present, see below */ 289 else if (inet6ctlerrmap[cmd] == 0) 290 return NULL; 291 292 /* if the parameter is from icmp6, decode it. */ 293 if (d != NULL) { 294 ip6cp = (struct ip6ctlparam *)d; 295 ip6 = ip6cp->ip6c_ip6; 296 cmdarg = ip6cp->ip6c_cmdarg; 297 sa6_src = ip6cp->ip6c_src; 298 nxt = ip6cp->ip6c_nxt; 299 } else { 300 ip6 = NULL; 301 cmdarg = NULL; 302 sa6_src = &sa6_any; 303 nxt = -1; 304 } 305 306 if (ip6 && cmd == PRC_MSGSIZE) { 307 const struct sockaddr_in6 *sa6 = (const struct sockaddr_in6 *)sa; 308 int valid = 0; 309 struct inpcb *inp; 310 311 /* 312 * Check to see if we have a valid raw IPv6 socket 313 * corresponding to the address in the ICMPv6 message 314 * payload, and the protocol (ip6_nxt) meets the socket. 315 * XXX chase extension headers, or pass final nxt value 316 * from icmp6_notify_error() 317 */ 318 inp = NULL; 319 inp = in6pcb_lookup(&raw6cbtable, &sa6->sin6_addr, 0, 320 (const struct in6_addr *)&sa6_src->sin6_addr, 0, 0, 0); 321 #if 0 322 if (!inp) { 323 /* 324 * As the use of sendto(2) is fairly popular, 325 * we may want to allow non-connected pcb too. 326 * But it could be too weak against attacks... 327 * We should at least check if the local 328 * address (= s) is really ours. 329 */ 330 inp = in6pcb_lookup_bound(&raw6cbtable, 331 &sa6->sin6_addr, 0, 0); 332 } 333 #endif 334 335 if (inp && in6p_ip6(inp).ip6_nxt && 336 in6p_ip6(inp).ip6_nxt == nxt) 337 valid++; 338 339 /* 340 * Depending on the value of "valid" and routing table 341 * size (mtudisc_{hi,lo}wat), we will: 342 * - recalculate the new MTU and create the 343 * corresponding routing entry, or 344 * - ignore the MTU change notification. 345 */ 346 icmp6_mtudisc_update((struct ip6ctlparam *)d, valid); 347 348 /* 349 * regardless of if we called icmp6_mtudisc_update(), 350 * we need to call in6pcb_notify(), to notify path MTU 351 * change to the userland (RFC3542), because some 352 * unconnected sockets may share the same destination 353 * and want to know the path MTU. 354 */ 355 } 356 357 (void) in6pcb_notify(&raw6cbtable, sa, 0, 358 sin6tocsa(sa6_src), 0, cmd, cmdarg, notify); 359 return NULL; 360 } 361 362 /* 363 * Generate IPv6 header and pass packet to ip6_output. 364 * Tack on options user may have setup with control call. 365 */ 366 int 367 rip6_output(struct mbuf *m, struct socket * const so, 368 struct sockaddr_in6 * const dstsock, struct mbuf * const control) 369 { 370 struct in6_addr *dst; 371 struct ip6_hdr *ip6; 372 struct inpcb *inp; 373 u_int plen = m->m_pkthdr.len; 374 int error = 0; 375 struct ip6_pktopts opt, *optp = NULL; 376 struct ifnet *oifp = NULL; 377 int type, code; /* for ICMPv6 output statistics only */ 378 int scope_ambiguous = 0; 379 int bound = curlwp_bind(); 380 struct psref psref; 381 382 inp = sotoinpcb(so); 383 384 dst = &dstsock->sin6_addr; 385 if (control) { 386 if ((error = ip6_setpktopts(control, &opt, 387 in6p_outputopts(inp), 388 kauth_cred_get(), so->so_proto->pr_protocol)) != 0) { 389 goto bad; 390 } 391 optp = &opt; 392 } else 393 optp = in6p_outputopts(inp); 394 395 /* 396 * Check and convert scope zone ID into internal form. 397 * XXX: we may still need to determine the zone later. 398 */ 399 if (!(so->so_state & SS_ISCONNECTED)) { 400 if (dstsock->sin6_scope_id == 0 && !ip6_use_defzone) 401 scope_ambiguous = 1; 402 if ((error = sa6_embedscope(dstsock, ip6_use_defzone)) != 0) 403 goto bad; 404 } 405 406 /* 407 * For an ICMPv6 packet, we should know its type and code 408 * to update statistics. 409 */ 410 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) { 411 struct icmp6_hdr *icmp6; 412 if (m->m_len < sizeof(struct icmp6_hdr) && 413 (m = m_pullup(m, sizeof(struct icmp6_hdr))) == NULL) { 414 error = ENOBUFS; 415 goto bad; 416 } 417 icmp6 = mtod(m, struct icmp6_hdr *); 418 type = icmp6->icmp6_type; 419 code = icmp6->icmp6_code; 420 } else { 421 type = 0; 422 code = 0; 423 } 424 425 M_PREPEND(m, sizeof(*ip6), M_DONTWAIT); 426 if (!m) { 427 error = ENOBUFS; 428 goto bad; 429 } 430 ip6 = mtod(m, struct ip6_hdr *); 431 432 /* 433 * Next header might not be ICMP6 but use its pseudo header anyway. 434 */ 435 ip6->ip6_dst = *dst; 436 437 /* 438 * Source address selection. 439 */ 440 error = in6_selectsrc(dstsock, optp, in6p_moptions(inp), 441 &inp->inp_route, &in6p_laddr(inp), &oifp, &psref, &ip6->ip6_src); 442 if (error != 0) 443 goto bad; 444 445 if (oifp && scope_ambiguous) { 446 /* 447 * Application should provide a proper zone ID or the use of 448 * default zone IDs should be enabled. Unfortunately, some 449 * applications do not behave as it should, so we need a 450 * workaround. Even if an appropriate ID is not determined 451 * (when it's required), if we can determine the outgoing 452 * interface. determine the zone ID based on the interface. 453 */ 454 error = in6_setscope(&dstsock->sin6_addr, oifp, NULL); 455 if (error != 0) 456 goto bad; 457 } 458 ip6->ip6_dst = dstsock->sin6_addr; 459 460 /* fill in the rest of the IPv6 header fields */ 461 ip6->ip6_flow = in6p_flowinfo(inp) & IPV6_FLOWINFO_MASK; 462 ip6->ip6_vfc &= ~IPV6_VERSION_MASK; 463 ip6->ip6_vfc |= IPV6_VERSION; 464 /* ip6_plen will be filled in ip6_output, so not fill it here. */ 465 ip6->ip6_nxt = in6p_ip6(inp).ip6_nxt; 466 ip6->ip6_hlim = in6pcb_selecthlim(inp, oifp); 467 468 if_put(oifp, &psref); 469 oifp = NULL; 470 471 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6 || 472 in6p_cksum(inp) != -1) { 473 const uint8_t nxt = ip6->ip6_nxt; 474 int off; 475 u_int16_t sum; 476 477 /* compute checksum */ 478 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) 479 off = offsetof(struct icmp6_hdr, icmp6_cksum); 480 else 481 off = in6p_cksum(inp); 482 if (plen < 2 || plen - 2 < off) { 483 error = EINVAL; 484 goto bad; 485 } 486 off += sizeof(struct ip6_hdr); 487 488 sum = 0; 489 m = m_copyback_cow(m, off, sizeof(sum), (void *)&sum, 490 M_DONTWAIT); 491 if (m == NULL) { 492 error = ENOBUFS; 493 goto bad; 494 } 495 sum = in6_cksum(m, nxt, sizeof(*ip6), plen); 496 m = m_copyback_cow(m, off, sizeof(sum), (void *)&sum, 497 M_DONTWAIT); 498 if (m == NULL) { 499 error = ENOBUFS; 500 goto bad; 501 } 502 } 503 504 { 505 struct ifnet *ret_oifp = NULL; 506 507 error = ip6_output(m, optp, &inp->inp_route, 0, 508 in6p_moptions(inp), inp, &ret_oifp); 509 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) { 510 if (ret_oifp) 511 icmp6_ifoutstat_inc(ret_oifp, type, code); 512 ICMP6_STATINC(ICMP6_STAT_OUTHIST + type); 513 } else 514 RIP6_STATINC(RIP6_STAT_OPACKETS); 515 } 516 517 goto freectl; 518 519 bad: 520 if (m) 521 m_freem(m); 522 523 freectl: 524 if (control) { 525 ip6_clearpktopts(&opt, -1); 526 m_freem(control); 527 } 528 if_put(oifp, &psref); 529 curlwp_bindx(bound); 530 return error; 531 } 532 533 /* 534 * Raw IPv6 socket option processing. 535 */ 536 int 537 rip6_ctloutput(int op, struct socket *so, struct sockopt *sopt) 538 { 539 int error = 0; 540 541 if (sopt->sopt_level == SOL_SOCKET && sopt->sopt_name == SO_NOHEADER) { 542 int optval; 543 544 /* need to fiddle w/ opt(IPPROTO_IPV6, IPV6_CHECKSUM)? */ 545 if (op == PRCO_GETOPT) { 546 optval = 1; 547 error = sockopt_set(sopt, &optval, sizeof(optval)); 548 } else if (op == PRCO_SETOPT) { 549 error = sockopt_getint(sopt, &optval); 550 if (error) 551 goto out; 552 if (optval == 0) 553 error = EINVAL; 554 } 555 556 goto out; 557 } else if (sopt->sopt_level != IPPROTO_IPV6) 558 return ip6_ctloutput(op, so, sopt); 559 560 switch (sopt->sopt_name) { 561 case MRT6_INIT: 562 case MRT6_DONE: 563 case MRT6_ADD_MIF: 564 case MRT6_DEL_MIF: 565 case MRT6_ADD_MFC: 566 case MRT6_DEL_MFC: 567 case MRT6_PIM: 568 if (op == PRCO_SETOPT) 569 error = ip6_mrouter_set(so, sopt); 570 else if (op == PRCO_GETOPT) 571 error = ip6_mrouter_get(so, sopt); 572 else 573 error = EINVAL; 574 break; 575 case IPV6_CHECKSUM: 576 return ip6_raw_ctloutput(op, so, sopt); 577 default: 578 return ip6_ctloutput(op, so, sopt); 579 } 580 out: 581 return error; 582 } 583 584 extern u_long rip6_sendspace; 585 extern u_long rip6_recvspace; 586 587 int 588 rip6_attach(struct socket *so, int proto) 589 { 590 struct inpcb *inp; 591 int s, error; 592 593 KASSERT(sotoinpcb(so) == NULL); 594 sosetlock(so); 595 596 error = kauth_authorize_network(kauth_cred_get(), 597 KAUTH_NETWORK_SOCKET, KAUTH_REQ_NETWORK_SOCKET_RAWSOCK, 598 KAUTH_ARG(AF_INET6), 599 KAUTH_ARG(SOCK_RAW), 600 KAUTH_ARG(so->so_proto->pr_protocol)); 601 if (error) { 602 return error; 603 } 604 s = splsoftnet(); 605 error = soreserve(so, rip6_sendspace, rip6_recvspace); 606 if (error) { 607 splx(s); 608 return error; 609 } 610 if ((error = inpcb_create(so, &raw6cbtable)) != 0) { 611 splx(s); 612 return error; 613 } 614 splx(s); 615 inp = sotoinpcb(so); 616 in6p_ip6(inp).ip6_nxt = proto; 617 in6p_cksum(inp) = -1; 618 619 in6p_icmp6filt(inp) = kmem_alloc(sizeof(struct icmp6_filter), KM_SLEEP); 620 ICMP6_FILTER_SETPASSALL(in6p_icmp6filt(inp)); 621 KASSERT(solocked(so)); 622 return error; 623 } 624 625 static void 626 rip6_detach(struct socket *so) 627 { 628 struct inpcb *inp = sotoinpcb(so); 629 630 KASSERT(solocked(so)); 631 KASSERT(inp != NULL); 632 633 if (so == ip6_mrouter) { 634 ip6_mrouter_done(); 635 } 636 /* xxx: RSVP */ 637 if (in6p_icmp6filt(inp) != NULL) { 638 kmem_free(in6p_icmp6filt(inp), sizeof(struct icmp6_filter)); 639 in6p_icmp6filt(inp) = NULL; 640 } 641 inpcb_destroy(inp); 642 } 643 644 static int 645 rip6_accept(struct socket *so, struct sockaddr *nam) 646 { 647 KASSERT(solocked(so)); 648 649 return EOPNOTSUPP; 650 } 651 652 static int 653 rip6_bind(struct socket *so, struct sockaddr *nam, struct lwp *l) 654 { 655 struct inpcb *inp = sotoinpcb(so); 656 struct sockaddr_in6 *addr = (struct sockaddr_in6 *)nam; 657 struct ifaddr *ifa = NULL; 658 int error = 0; 659 int s; 660 661 KASSERT(solocked(so)); 662 KASSERT(inp != NULL); 663 KASSERT(nam != NULL); 664 665 if (addr->sin6_len != sizeof(*addr)) 666 return EINVAL; 667 if (IFNET_READER_EMPTY() || addr->sin6_family != AF_INET6) 668 return EADDRNOTAVAIL; 669 670 if ((error = sa6_embedscope(addr, ip6_use_defzone)) != 0) 671 return error; 672 673 /* 674 * we don't support mapped address here, it would confuse 675 * users so reject it 676 */ 677 if (IN6_IS_ADDR_V4MAPPED(&addr->sin6_addr)) 678 return EADDRNOTAVAIL; 679 s = pserialize_read_enter(); 680 if (!IN6_IS_ADDR_UNSPECIFIED(&addr->sin6_addr) && 681 (ifa = ifa_ifwithaddr(sin6tosa(addr))) == NULL) { 682 error = EADDRNOTAVAIL; 683 goto out; 684 } 685 if (ifa && (ifatoia6(ifa))->ia6_flags & 686 (IN6_IFF_ANYCAST | IN6_IFF_DUPLICATED)) { 687 error = EADDRNOTAVAIL; 688 goto out; 689 } 690 691 in6p_laddr(inp) = addr->sin6_addr; 692 error = 0; 693 out: 694 pserialize_read_exit(s); 695 return error; 696 } 697 698 static int 699 rip6_listen(struct socket *so, struct lwp *l) 700 { 701 KASSERT(solocked(so)); 702 703 return EOPNOTSUPP; 704 } 705 706 static int 707 rip6_connect(struct socket *so, struct sockaddr *nam, struct lwp *l) 708 { 709 struct inpcb *inp = sotoinpcb(so); 710 struct sockaddr_in6 *addr = (struct sockaddr_in6 *)nam; 711 struct in6_addr in6a; 712 struct ifnet *ifp = NULL; 713 int scope_ambiguous = 0; 714 int error = 0; 715 struct psref psref; 716 int bound; 717 718 KASSERT(solocked(so)); 719 KASSERT(inp != NULL); 720 KASSERT(nam != NULL); 721 722 if (IFNET_READER_EMPTY()) 723 return EADDRNOTAVAIL; 724 if (addr->sin6_family != AF_INET6) 725 return EAFNOSUPPORT; 726 if (addr->sin6_len != sizeof(*addr)) 727 return EINVAL; 728 729 /* 730 * Application should provide a proper zone ID or the use of 731 * default zone IDs should be enabled. Unfortunately, some 732 * applications do not behave as it should, so we need a 733 * workaround. Even if an appropriate ID is not determined, 734 * we'll see if we can determine the outgoing interface. If we 735 * can, determine the zone ID based on the interface below. 736 */ 737 if (addr->sin6_scope_id == 0 && !ip6_use_defzone) 738 scope_ambiguous = 1; 739 if ((error = sa6_embedscope(addr, ip6_use_defzone)) != 0) 740 return error; 741 742 bound = curlwp_bind(); 743 /* Source address selection. XXX: need pcblookup? */ 744 error = in6_selectsrc(addr, in6p_outputopts(inp), 745 in6p_moptions(inp), &inp->inp_route, 746 &in6p_laddr(inp), &ifp, &psref, &in6a); 747 if (error != 0) 748 goto out; 749 /* XXX: see above */ 750 if (ifp && scope_ambiguous && 751 (error = in6_setscope(&addr->sin6_addr, ifp, NULL)) != 0) { 752 goto out; 753 } 754 in6p_laddr(inp) = in6a; 755 in6p_faddr(inp) = addr->sin6_addr; 756 soisconnected(so); 757 out: 758 if_put(ifp, &psref); 759 curlwp_bindx(bound); 760 return error; 761 } 762 763 static int 764 rip6_connect2(struct socket *so, struct socket *so2) 765 { 766 KASSERT(solocked(so)); 767 768 return EOPNOTSUPP; 769 } 770 771 static int 772 rip6_disconnect(struct socket *so) 773 { 774 struct inpcb *inp = sotoinpcb(so); 775 776 KASSERT(solocked(so)); 777 KASSERT(inp != NULL); 778 779 if ((so->so_state & SS_ISCONNECTED) == 0) 780 return ENOTCONN; 781 782 in6p_faddr(inp) = in6addr_any; 783 so->so_state &= ~SS_ISCONNECTED; /* XXX */ 784 return 0; 785 } 786 787 static int 788 rip6_shutdown(struct socket *so) 789 { 790 KASSERT(solocked(so)); 791 792 /* 793 * Mark the connection as being incapable of further input. 794 */ 795 socantsendmore(so); 796 return 0; 797 } 798 799 static int 800 rip6_abort(struct socket *so) 801 { 802 KASSERT(solocked(so)); 803 804 soisdisconnected(so); 805 rip6_detach(so); 806 return 0; 807 } 808 809 static int 810 rip6_ioctl(struct socket *so, u_long cmd, void *nam, struct ifnet *ifp) 811 { 812 return in6_control(so, cmd, nam, ifp); 813 } 814 815 static int 816 rip6_stat(struct socket *so, struct stat *ub) 817 { 818 KASSERT(solocked(so)); 819 820 /* stat: don't bother with a blocksize */ 821 return 0; 822 } 823 824 static int 825 rip6_peeraddr(struct socket *so, struct sockaddr *nam) 826 { 827 KASSERT(solocked(so)); 828 KASSERT(sotoinpcb(so) != NULL); 829 KASSERT(nam != NULL); 830 831 in6pcb_fetch_peeraddr(sotoinpcb(so), (struct sockaddr_in6 *)nam); 832 return 0; 833 } 834 835 static int 836 rip6_sockaddr(struct socket *so, struct sockaddr *nam) 837 { 838 KASSERT(solocked(so)); 839 KASSERT(sotoinpcb(so) != NULL); 840 KASSERT(nam != NULL); 841 842 in6pcb_fetch_sockaddr(sotoinpcb(so), (struct sockaddr_in6 *)nam); 843 return 0; 844 } 845 846 static int 847 rip6_rcvd(struct socket *so, int flags, struct lwp *l) 848 { 849 KASSERT(solocked(so)); 850 851 return EOPNOTSUPP; 852 } 853 854 static int 855 rip6_recvoob(struct socket *so, struct mbuf *m, int flags) 856 { 857 KASSERT(solocked(so)); 858 859 return EOPNOTSUPP; 860 } 861 862 static int 863 rip6_send(struct socket *so, struct mbuf *m, struct sockaddr *nam, 864 struct mbuf *control, struct lwp *l) 865 { 866 struct inpcb *inp = sotoinpcb(so); 867 struct sockaddr_in6 tmp; 868 struct sockaddr_in6 *dst; 869 int error = 0; 870 871 KASSERT(solocked(so)); 872 KASSERT(inp != NULL); 873 KASSERT(m != NULL); 874 875 /* 876 * Ship a packet out. The appropriate raw output 877 * routine handles any messaging necessary. 878 */ 879 880 /* always copy sockaddr to avoid overwrites */ 881 if (so->so_state & SS_ISCONNECTED) { 882 if (nam) { 883 error = EISCONN; 884 goto release; 885 } 886 /* XXX */ 887 sockaddr_in6_init(&tmp, &in6p_faddr(inp), 0, 0, 0); 888 dst = &tmp; 889 } else { 890 if (nam == NULL) { 891 error = ENOTCONN; 892 goto release; 893 } 894 tmp = *(struct sockaddr_in6 *)nam; 895 dst = &tmp; 896 897 if (dst->sin6_family != AF_INET6) { 898 error = EAFNOSUPPORT; 899 goto release; 900 } 901 if (dst->sin6_len != sizeof(*dst)) { 902 error = EINVAL; 903 goto release; 904 } 905 } 906 error = rip6_output(m, so, dst, control); 907 m = NULL; 908 909 release: 910 if (m) 911 m_freem(m); 912 913 return error; 914 } 915 916 static int 917 rip6_sendoob(struct socket *so, struct mbuf *m, struct mbuf *control) 918 { 919 KASSERT(solocked(so)); 920 921 m_freem(m); 922 m_freem(control); 923 924 return EOPNOTSUPP; 925 } 926 927 static int 928 rip6_purgeif(struct socket *so, struct ifnet *ifp) 929 { 930 931 mutex_enter(softnet_lock); 932 in6pcb_purgeif0(&raw6cbtable, ifp); 933 #ifdef NET_MPSAFE 934 mutex_exit(softnet_lock); 935 #endif 936 in6_purgeif(ifp); 937 #ifdef NET_MPSAFE 938 mutex_enter(softnet_lock); 939 #endif 940 in6pcb_purgeif(&raw6cbtable, ifp); 941 mutex_exit(softnet_lock); 942 943 return 0; 944 } 945 946 static int 947 sysctl_net_inet6_raw6_stats(SYSCTLFN_ARGS) 948 { 949 950 return (NETSTAT_SYSCTL(rip6stat_percpu, RIP6_NSTATS)); 951 } 952 953 static void 954 sysctl_net_inet6_raw6_setup(struct sysctllog **clog) 955 { 956 957 sysctl_createv(clog, 0, NULL, NULL, 958 CTLFLAG_PERMANENT, 959 CTLTYPE_NODE, "inet6", NULL, 960 NULL, 0, NULL, 0, 961 CTL_NET, PF_INET6, CTL_EOL); 962 sysctl_createv(clog, 0, NULL, NULL, 963 CTLFLAG_PERMANENT, 964 CTLTYPE_NODE, "raw6", 965 SYSCTL_DESCR("Raw IPv6 settings"), 966 NULL, 0, NULL, 0, 967 CTL_NET, PF_INET6, IPPROTO_RAW, CTL_EOL); 968 969 sysctl_createv(clog, 0, NULL, NULL, 970 CTLFLAG_PERMANENT, 971 CTLTYPE_STRUCT, "pcblist", 972 SYSCTL_DESCR("Raw IPv6 control block list"), 973 sysctl_inpcblist, 0, &raw6cbtable, 0, 974 CTL_NET, PF_INET6, IPPROTO_RAW, 975 CTL_CREATE, CTL_EOL); 976 sysctl_createv(clog, 0, NULL, NULL, 977 CTLFLAG_PERMANENT, 978 CTLTYPE_STRUCT, "stats", 979 SYSCTL_DESCR("Raw IPv6 statistics"), 980 sysctl_net_inet6_raw6_stats, 0, NULL, 0, 981 CTL_NET, PF_INET6, IPPROTO_RAW, RAW6CTL_STATS, 982 CTL_EOL); 983 } 984 985 PR_WRAP_USRREQS(rip6) 986 #define rip6_attach rip6_attach_wrapper 987 #define rip6_detach rip6_detach_wrapper 988 #define rip6_accept rip6_accept_wrapper 989 #define rip6_bind rip6_bind_wrapper 990 #define rip6_listen rip6_listen_wrapper 991 #define rip6_connect rip6_connect_wrapper 992 #define rip6_connect2 rip6_connect2_wrapper 993 #define rip6_disconnect rip6_disconnect_wrapper 994 #define rip6_shutdown rip6_shutdown_wrapper 995 #define rip6_abort rip6_abort_wrapper 996 #define rip6_ioctl rip6_ioctl_wrapper 997 #define rip6_stat rip6_stat_wrapper 998 #define rip6_peeraddr rip6_peeraddr_wrapper 999 #define rip6_sockaddr rip6_sockaddr_wrapper 1000 #define rip6_rcvd rip6_rcvd_wrapper 1001 #define rip6_recvoob rip6_recvoob_wrapper 1002 #define rip6_send rip6_send_wrapper 1003 #define rip6_sendoob rip6_sendoob_wrapper 1004 #define rip6_purgeif rip6_purgeif_wrapper 1005 1006 const struct pr_usrreqs rip6_usrreqs = { 1007 .pr_attach = rip6_attach, 1008 .pr_detach = rip6_detach, 1009 .pr_accept = rip6_accept, 1010 .pr_bind = rip6_bind, 1011 .pr_listen = rip6_listen, 1012 .pr_connect = rip6_connect, 1013 .pr_connect2 = rip6_connect2, 1014 .pr_disconnect = rip6_disconnect, 1015 .pr_shutdown = rip6_shutdown, 1016 .pr_abort = rip6_abort, 1017 .pr_ioctl = rip6_ioctl, 1018 .pr_stat = rip6_stat, 1019 .pr_peeraddr = rip6_peeraddr, 1020 .pr_sockaddr = rip6_sockaddr, 1021 .pr_rcvd = rip6_rcvd, 1022 .pr_recvoob = rip6_recvoob, 1023 .pr_send = rip6_send, 1024 .pr_sendoob = rip6_sendoob, 1025 .pr_purgeif = rip6_purgeif, 1026 }; 1027