1 /* $NetBSD: raw_ip6.c,v 1.185 2024/07/05 04:31:54 rin Exp $ */ 2 /* $KAME: raw_ip6.c,v 1.82 2001/07/23 18:57:56 jinmei Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1988, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 * 61 * @(#)raw_ip.c 8.2 (Berkeley) 1/4/94 62 */ 63 64 #include <sys/cdefs.h> 65 __KERNEL_RCSID(0, "$NetBSD: raw_ip6.c,v 1.185 2024/07/05 04:31:54 rin Exp $"); 66 67 #ifdef _KERNEL_OPT 68 #include "opt_ipsec.h" 69 #include "opt_net_mpsafe.h" 70 #endif 71 72 #include <sys/param.h> 73 #include <sys/sysctl.h> 74 #include <sys/mbuf.h> 75 #include <sys/socket.h> 76 #include <sys/protosw.h> 77 #include <sys/socketvar.h> 78 #include <sys/systm.h> 79 #include <sys/proc.h> 80 #include <sys/kauth.h> 81 #include <sys/kmem.h> 82 83 #include <net/if.h> 84 #include <net/if_types.h> 85 #include <net/net_stats.h> 86 87 #include <netinet/in.h> 88 #include <netinet/in_var.h> 89 #include <netinet/ip6.h> 90 #include <netinet6/ip6_var.h> 91 #include <netinet6/ip6_private.h> 92 #include <netinet6/ip6_mroute.h> 93 #include <netinet/icmp6.h> 94 #include <netinet6/icmp6_private.h> 95 #include <netinet6/in6_pcb.h> 96 #include <netinet6/ip6protosw.h> 97 #include <netinet6/scope6_var.h> 98 #include <netinet6/raw_ip6.h> 99 100 #ifdef IPSEC 101 #include <netipsec/ipsec.h> 102 #include <netipsec/ipsec6.h> 103 #endif 104 105 #include "faith.h" 106 #if defined(NFAITH) && 0 < NFAITH 107 #include <net/if_faith.h> 108 #endif 109 110 extern struct inpcbtable rawcbtable; 111 struct inpcbtable raw6cbtable; 112 #define ifatoia6(ifa) ((struct in6_ifaddr *)(ifa)) 113 114 /* 115 * Raw interface to IP6 protocol. 116 */ 117 118 static percpu_t *rip6stat_percpu; 119 120 #define RIP6_STATINC(x) _NET_STATINC(rip6stat_percpu, x) 121 122 static void sysctl_net_inet6_raw6_setup(struct sysctllog **); 123 124 /* 125 * Initialize raw connection block queue. 126 */ 127 void 128 rip6_init(void) 129 { 130 131 sysctl_net_inet6_raw6_setup(NULL); 132 in6pcb_init(&raw6cbtable, 1, 1); 133 134 rip6stat_percpu = percpu_alloc(sizeof(uint64_t) * RIP6_NSTATS); 135 } 136 137 static void 138 rip6_sbappendaddr(struct inpcb *last, struct ip6_hdr *ip6, 139 const struct sockaddr *sa, int hlen, struct mbuf *n) 140 { 141 struct mbuf *opts = NULL; 142 143 if (last->inp_flags & IN6P_CONTROLOPTS || 144 SOOPT_TIMESTAMP(last->inp_socket->so_options)) 145 ip6_savecontrol(last, &opts, ip6, n); 146 147 m_adj(n, hlen); 148 149 if (sbappendaddr(&last->inp_socket->so_rcv, sa, n, opts) == 0) { 150 soroverflow(last->inp_socket); 151 m_freem(n); 152 m_freem(opts); 153 RIP6_STATINC(RIP6_STAT_FULLSOCK); 154 } else { 155 sorwakeup(last->inp_socket); 156 } 157 } 158 159 /* 160 * Setup generic address and protocol structures 161 * for raw_input routine, then pass them along with 162 * mbuf chain. 163 */ 164 int 165 rip6_input(struct mbuf **mp, int *offp, int proto) 166 { 167 struct mbuf *m = *mp; 168 struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); 169 struct inpcb *inp; 170 struct inpcb *last = NULL; 171 struct sockaddr_in6 rip6src; 172 struct mbuf *n; 173 174 RIP6_STATINC(RIP6_STAT_IPACKETS); 175 176 #if defined(NFAITH) && 0 < NFAITH 177 if (faithprefix(&ip6->ip6_dst)) { 178 /* send icmp6 host unreach? */ 179 m_freem(m); 180 return IPPROTO_DONE; 181 } 182 #endif 183 184 sockaddr_in6_init(&rip6src, &ip6->ip6_src, 0, 0, 0); 185 if (sa6_recoverscope(&rip6src) != 0) { 186 /* XXX: should be impossible. */ 187 m_freem(m); 188 return IPPROTO_DONE; 189 } 190 191 TAILQ_FOREACH(inp, &raw6cbtable.inpt_queue, inp_queue) { 192 if (inp->inp_af != AF_INET6) 193 continue; 194 if (in6p_ip6(inp).ip6_nxt && 195 in6p_ip6(inp).ip6_nxt != proto) 196 continue; 197 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p_laddr(inp)) && 198 !IN6_ARE_ADDR_EQUAL(&in6p_laddr(inp), &ip6->ip6_dst)) 199 continue; 200 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p_faddr(inp)) && 201 !IN6_ARE_ADDR_EQUAL(&in6p_faddr(inp), &ip6->ip6_src)) 202 continue; 203 if (in6p_cksum(inp) != -1) { 204 RIP6_STATINC(RIP6_STAT_ISUM); 205 /* 206 * Although in6_cksum() does not need the position of 207 * the checksum field for verification, enforce that it 208 * is located within the packet. Userland has given 209 * a checksum offset, a packet too short for that is 210 * invalid. Avoid overflow with user supplied offset. 211 */ 212 if (m->m_pkthdr.len < *offp + 2 || 213 m->m_pkthdr.len - *offp - 2 < in6p_cksum(inp) || 214 in6_cksum(m, proto, *offp, 215 m->m_pkthdr.len - *offp)) { 216 RIP6_STATINC(RIP6_STAT_BADSUM); 217 continue; 218 } 219 } 220 221 if (last == NULL) { 222 ; 223 } 224 #ifdef IPSEC 225 else if (ipsec_used && ipsec_in_reject(m, last)) { 226 /* do not inject data into pcb */ 227 } 228 #endif 229 else if ((n = m_copypacket(m, M_DONTWAIT)) != NULL) { 230 rip6_sbappendaddr(last, ip6, sin6tosa(&rip6src), 231 *offp, n); 232 } 233 234 last = inp; 235 } 236 237 #ifdef IPSEC 238 if (ipsec_used && last && ipsec_in_reject(m, last)) { 239 m_freem(m); 240 IP6_STATDEC(IP6_STAT_DELIVERED); 241 /* do not inject data into pcb */ 242 } else 243 #endif 244 if (last != NULL) { 245 rip6_sbappendaddr(last, ip6, sin6tosa(&rip6src), *offp, m); 246 } else { 247 RIP6_STATINC(RIP6_STAT_NOSOCK); 248 if (m->m_flags & M_MCAST) 249 RIP6_STATINC(RIP6_STAT_NOSOCKMCAST); 250 if (proto == IPPROTO_NONE) 251 m_freem(m); 252 else { 253 int s; 254 struct ifnet *rcvif = m_get_rcvif(m, &s); 255 const int prvnxt = ip6_get_prevhdr(m, *offp); 256 in6_ifstat_inc(rcvif, ifs6_in_protounknown); 257 m_put_rcvif(rcvif, &s); 258 icmp6_error(m, ICMP6_PARAM_PROB, 259 ICMP6_PARAMPROB_NEXTHEADER, 260 prvnxt); 261 } 262 IP6_STATDEC(IP6_STAT_DELIVERED); 263 } 264 return IPPROTO_DONE; 265 } 266 267 void * 268 rip6_ctlinput(int cmd, const struct sockaddr *sa, void *d) 269 { 270 struct ip6_hdr *ip6; 271 struct ip6ctlparam *ip6cp = NULL; 272 const struct sockaddr_in6 *sa6_src = NULL; 273 void *cmdarg; 274 void (*notify)(struct inpcb *, int) = in6pcb_rtchange; 275 int nxt; 276 277 if (sa->sa_family != AF_INET6 || 278 sa->sa_len != sizeof(struct sockaddr_in6)) 279 return NULL; 280 281 if ((unsigned)cmd >= PRC_NCMDS) 282 return NULL; 283 if (PRC_IS_REDIRECT(cmd)) 284 notify = in6pcb_rtchange, d = NULL; 285 else if (cmd == PRC_HOSTDEAD) 286 d = NULL; 287 else if (cmd == PRC_MSGSIZE) 288 ; /* special code is present, see below */ 289 else if (inet6ctlerrmap[cmd] == 0) 290 return NULL; 291 292 /* if the parameter is from icmp6, decode it. */ 293 if (d != NULL) { 294 ip6cp = (struct ip6ctlparam *)d; 295 ip6 = ip6cp->ip6c_ip6; 296 cmdarg = ip6cp->ip6c_cmdarg; 297 sa6_src = ip6cp->ip6c_src; 298 nxt = ip6cp->ip6c_nxt; 299 } else { 300 ip6 = NULL; 301 cmdarg = NULL; 302 sa6_src = &sa6_any; 303 nxt = -1; 304 } 305 306 if (ip6 && cmd == PRC_MSGSIZE) { 307 const struct sockaddr_in6 *sa6 = (const struct sockaddr_in6 *)sa; 308 int valid = 0; 309 struct inpcb *inp; 310 311 /* 312 * Check to see if we have a valid raw IPv6 socket 313 * corresponding to the address in the ICMPv6 message 314 * payload, and the protocol (ip6_nxt) meets the socket. 315 * XXX chase extension headers, or pass final nxt value 316 * from icmp6_notify_error() 317 */ 318 inp = NULL; 319 inp = in6pcb_lookup(&raw6cbtable, &sa6->sin6_addr, 0, 320 (const struct in6_addr *)&sa6_src->sin6_addr, 0, 0, 0); 321 #if 0 322 if (!inp) { 323 /* 324 * As the use of sendto(2) is fairly popular, 325 * we may want to allow non-connected pcb too. 326 * But it could be too weak against attacks... 327 * We should at least check if the local 328 * address (= s) is really ours. 329 */ 330 inp = in6pcb_lookup_bound(&raw6cbtable, 331 &sa6->sin6_addr, 0, 0); 332 } 333 #endif 334 335 if (inp && in6p_ip6(inp).ip6_nxt && 336 in6p_ip6(inp).ip6_nxt == nxt) 337 valid++; 338 339 /* 340 * Depending on the value of "valid" and routing table 341 * size (mtudisc_{hi,lo}wat), we will: 342 * - recalculate the new MTU and create the 343 * corresponding routing entry, or 344 * - ignore the MTU change notification. 345 */ 346 icmp6_mtudisc_update((struct ip6ctlparam *)d, valid); 347 348 /* 349 * regardless of if we called icmp6_mtudisc_update(), 350 * we need to call in6pcb_notify(), to notify path MTU 351 * change to the userland (RFC3542), because some 352 * unconnected sockets may share the same destination 353 * and want to know the path MTU. 354 */ 355 } 356 357 (void) in6pcb_notify(&raw6cbtable, sa, 0, 358 sin6tocsa(sa6_src), 0, cmd, cmdarg, notify); 359 return NULL; 360 } 361 362 /* 363 * Generate IPv6 header and pass packet to ip6_output. 364 * Tack on options user may have setup with control call. 365 */ 366 int 367 rip6_output(struct mbuf *m, struct socket * const so, 368 struct sockaddr_in6 * const dstsock, struct mbuf * const control) 369 { 370 struct in6_addr *dst; 371 struct ip6_hdr *ip6; 372 struct inpcb *inp; 373 u_int plen = m->m_pkthdr.len; 374 int error = 0; 375 struct ip6_pktopts opt, *optp = NULL; 376 struct ifnet *oifp = NULL; 377 int type, code; /* for ICMPv6 output statistics only */ 378 int scope_ambiguous = 0; 379 int bound = curlwp_bind(); 380 struct psref psref; 381 382 inp = sotoinpcb(so); 383 384 dst = &dstsock->sin6_addr; 385 if (control) { 386 if ((error = ip6_setpktopts(control, &opt, 387 in6p_outputopts(inp), 388 kauth_cred_get(), so->so_proto->pr_protocol)) != 0) { 389 goto bad; 390 } 391 optp = &opt; 392 } else 393 optp = in6p_outputopts(inp); 394 395 /* 396 * Check and convert scope zone ID into internal form. 397 * XXX: we may still need to determine the zone later. 398 */ 399 if (!(so->so_state & SS_ISCONNECTED)) { 400 if (dstsock->sin6_scope_id == 0 && !ip6_use_defzone) 401 scope_ambiguous = 1; 402 if ((error = sa6_embedscope(dstsock, ip6_use_defzone)) != 0) 403 goto bad; 404 } 405 406 /* 407 * For an ICMPv6 packet, we should know its type and code 408 * to update statistics. 409 */ 410 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) { 411 struct icmp6_hdr *icmp6; 412 if (m->m_len < sizeof(struct icmp6_hdr) && 413 (m = m_pullup(m, sizeof(struct icmp6_hdr))) == NULL) { 414 error = ENOBUFS; 415 goto bad; 416 } 417 icmp6 = mtod(m, struct icmp6_hdr *); 418 type = icmp6->icmp6_type; 419 code = icmp6->icmp6_code; 420 } else { 421 type = 0; 422 code = 0; 423 } 424 425 M_PREPEND(m, sizeof(*ip6), M_DONTWAIT); 426 if (!m) { 427 error = ENOBUFS; 428 goto bad; 429 } 430 ip6 = mtod(m, struct ip6_hdr *); 431 432 /* 433 * Next header might not be ICMP6 but use its pseudo header anyway. 434 */ 435 ip6->ip6_dst = *dst; 436 437 /* 438 * Source address selection. 439 */ 440 error = in6_selectsrc(dstsock, optp, in6p_moptions(inp), 441 &inp->inp_route, &in6p_laddr(inp), &oifp, &psref, &ip6->ip6_src); 442 if (error != 0) 443 goto bad; 444 445 if (oifp && scope_ambiguous) { 446 /* 447 * Application should provide a proper zone ID or the use of 448 * default zone IDs should be enabled. Unfortunately, some 449 * applications do not behave as it should, so we need a 450 * workaround. Even if an appropriate ID is not determined 451 * (when it's required), if we can determine the outgoing 452 * interface. determine the zone ID based on the interface. 453 */ 454 error = in6_setscope(&dstsock->sin6_addr, oifp, NULL); 455 if (error != 0) 456 goto bad; 457 } 458 ip6->ip6_dst = dstsock->sin6_addr; 459 460 /* fill in the rest of the IPv6 header fields */ 461 ip6->ip6_flow = in6p_flowinfo(inp) & IPV6_FLOWINFO_MASK; 462 ip6->ip6_vfc &= ~IPV6_VERSION_MASK; 463 ip6->ip6_vfc |= IPV6_VERSION; 464 /* ip6_plen will be filled in ip6_output, so not fill it here. */ 465 ip6->ip6_nxt = in6p_ip6(inp).ip6_nxt; 466 ip6->ip6_hlim = in6pcb_selecthlim(inp, oifp); 467 468 if_put(oifp, &psref); 469 oifp = NULL; 470 471 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6 || 472 in6p_cksum(inp) != -1) { 473 const uint8_t nxt = ip6->ip6_nxt; 474 int off; 475 u_int16_t sum; 476 477 /* compute checksum */ 478 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) 479 off = offsetof(struct icmp6_hdr, icmp6_cksum); 480 else 481 off = in6p_cksum(inp); 482 if (plen < 2 || plen - 2 < off) { 483 error = EINVAL; 484 goto bad; 485 } 486 off += sizeof(struct ip6_hdr); 487 488 sum = 0; 489 m = m_copyback_cow(m, off, sizeof(sum), (void *)&sum, 490 M_DONTWAIT); 491 if (m == NULL) { 492 error = ENOBUFS; 493 goto bad; 494 } 495 sum = in6_cksum(m, nxt, sizeof(*ip6), plen); 496 m = m_copyback_cow(m, off, sizeof(sum), (void *)&sum, 497 M_DONTWAIT); 498 if (m == NULL) { 499 error = ENOBUFS; 500 goto bad; 501 } 502 } 503 504 { 505 struct ifnet *ret_oifp = NULL; 506 507 error = ip6_output(m, optp, &inp->inp_route, 0, 508 in6p_moptions(inp), inp, &ret_oifp); 509 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) { 510 if (ret_oifp) 511 icmp6_ifoutstat_inc(ret_oifp, type, code); 512 ICMP6_STATINC(ICMP6_STAT_OUTHIST + type); 513 } else 514 RIP6_STATINC(RIP6_STAT_OPACKETS); 515 } 516 517 goto freectl; 518 519 bad: 520 m_freem(m); 521 522 freectl: 523 if (control) { 524 ip6_clearpktopts(&opt, -1); 525 m_freem(control); 526 } 527 if_put(oifp, &psref); 528 curlwp_bindx(bound); 529 return error; 530 } 531 532 /* 533 * Raw IPv6 socket option processing. 534 */ 535 int 536 rip6_ctloutput(int op, struct socket *so, struct sockopt *sopt) 537 { 538 int error = 0; 539 540 if (sopt->sopt_level == SOL_SOCKET && sopt->sopt_name == SO_NOHEADER) { 541 int optval; 542 543 /* need to fiddle w/ opt(IPPROTO_IPV6, IPV6_CHECKSUM)? */ 544 if (op == PRCO_GETOPT) { 545 optval = 1; 546 error = sockopt_set(sopt, &optval, sizeof(optval)); 547 } else if (op == PRCO_SETOPT) { 548 error = sockopt_getint(sopt, &optval); 549 if (error) 550 goto out; 551 if (optval == 0) 552 error = EINVAL; 553 } 554 555 goto out; 556 } else if (sopt->sopt_level != IPPROTO_IPV6) 557 return ip6_ctloutput(op, so, sopt); 558 559 switch (sopt->sopt_name) { 560 case MRT6_INIT: 561 case MRT6_DONE: 562 case MRT6_ADD_MIF: 563 case MRT6_DEL_MIF: 564 case MRT6_ADD_MFC: 565 case MRT6_DEL_MFC: 566 case MRT6_PIM: 567 if (op == PRCO_SETOPT) 568 error = ip6_mrouter_set(so, sopt); 569 else if (op == PRCO_GETOPT) 570 error = ip6_mrouter_get(so, sopt); 571 else 572 error = EINVAL; 573 break; 574 case IPV6_CHECKSUM: 575 return ip6_raw_ctloutput(op, so, sopt); 576 default: 577 return ip6_ctloutput(op, so, sopt); 578 } 579 out: 580 return error; 581 } 582 583 extern u_long rip6_sendspace; 584 extern u_long rip6_recvspace; 585 586 int 587 rip6_attach(struct socket *so, int proto) 588 { 589 struct inpcb *inp; 590 int s, error; 591 592 KASSERT(sotoinpcb(so) == NULL); 593 sosetlock(so); 594 595 error = kauth_authorize_network(kauth_cred_get(), 596 KAUTH_NETWORK_SOCKET, KAUTH_REQ_NETWORK_SOCKET_RAWSOCK, 597 KAUTH_ARG(AF_INET6), 598 KAUTH_ARG(SOCK_RAW), 599 KAUTH_ARG(so->so_proto->pr_protocol)); 600 if (error) { 601 return error; 602 } 603 s = splsoftnet(); 604 error = soreserve(so, rip6_sendspace, rip6_recvspace); 605 if (error) { 606 splx(s); 607 return error; 608 } 609 if ((error = inpcb_create(so, &raw6cbtable)) != 0) { 610 splx(s); 611 return error; 612 } 613 splx(s); 614 inp = sotoinpcb(so); 615 in6p_ip6(inp).ip6_nxt = proto; 616 in6p_cksum(inp) = -1; 617 618 in6p_icmp6filt(inp) = kmem_alloc(sizeof(struct icmp6_filter), KM_SLEEP); 619 ICMP6_FILTER_SETPASSALL(in6p_icmp6filt(inp)); 620 KASSERT(solocked(so)); 621 return error; 622 } 623 624 static void 625 rip6_detach(struct socket *so) 626 { 627 struct inpcb *inp = sotoinpcb(so); 628 629 KASSERT(solocked(so)); 630 KASSERT(inp != NULL); 631 632 if (so == ip6_mrouter) { 633 ip6_mrouter_done(); 634 } 635 /* xxx: RSVP */ 636 if (in6p_icmp6filt(inp) != NULL) { 637 kmem_free(in6p_icmp6filt(inp), sizeof(struct icmp6_filter)); 638 in6p_icmp6filt(inp) = NULL; 639 } 640 inpcb_destroy(inp); 641 } 642 643 static int 644 rip6_accept(struct socket *so, struct sockaddr *nam) 645 { 646 KASSERT(solocked(so)); 647 648 return EOPNOTSUPP; 649 } 650 651 static int 652 rip6_bind(struct socket *so, struct sockaddr *nam, struct lwp *l) 653 { 654 struct inpcb *inp = sotoinpcb(so); 655 struct sockaddr_in6 *addr = (struct sockaddr_in6 *)nam; 656 struct ifaddr *ifa = NULL; 657 int error = 0; 658 int s; 659 660 KASSERT(solocked(so)); 661 KASSERT(inp != NULL); 662 KASSERT(nam != NULL); 663 664 if (addr->sin6_len != sizeof(*addr)) 665 return EINVAL; 666 if (IFNET_READER_EMPTY() || addr->sin6_family != AF_INET6) 667 return EADDRNOTAVAIL; 668 669 if ((error = sa6_embedscope(addr, ip6_use_defzone)) != 0) 670 return error; 671 672 /* 673 * we don't support mapped address here, it would confuse 674 * users so reject it 675 */ 676 if (IN6_IS_ADDR_V4MAPPED(&addr->sin6_addr)) 677 return EADDRNOTAVAIL; 678 s = pserialize_read_enter(); 679 if (!IN6_IS_ADDR_UNSPECIFIED(&addr->sin6_addr) && 680 (ifa = ifa_ifwithaddr(sin6tosa(addr))) == NULL) { 681 error = EADDRNOTAVAIL; 682 goto out; 683 } 684 if (ifa && (ifatoia6(ifa))->ia6_flags & 685 (IN6_IFF_ANYCAST | IN6_IFF_DUPLICATED)) { 686 error = EADDRNOTAVAIL; 687 goto out; 688 } 689 690 in6p_laddr(inp) = addr->sin6_addr; 691 error = 0; 692 out: 693 pserialize_read_exit(s); 694 return error; 695 } 696 697 static int 698 rip6_listen(struct socket *so, struct lwp *l) 699 { 700 KASSERT(solocked(so)); 701 702 return EOPNOTSUPP; 703 } 704 705 static int 706 rip6_connect(struct socket *so, struct sockaddr *nam, struct lwp *l) 707 { 708 struct inpcb *inp = sotoinpcb(so); 709 struct sockaddr_in6 *addr = (struct sockaddr_in6 *)nam; 710 struct in6_addr in6a; 711 struct ifnet *ifp = NULL; 712 int scope_ambiguous = 0; 713 int error = 0; 714 struct psref psref; 715 int bound; 716 717 KASSERT(solocked(so)); 718 KASSERT(inp != NULL); 719 KASSERT(nam != NULL); 720 721 if (IFNET_READER_EMPTY()) 722 return EADDRNOTAVAIL; 723 if (addr->sin6_family != AF_INET6) 724 return EAFNOSUPPORT; 725 if (addr->sin6_len != sizeof(*addr)) 726 return EINVAL; 727 728 /* 729 * Application should provide a proper zone ID or the use of 730 * default zone IDs should be enabled. Unfortunately, some 731 * applications do not behave as it should, so we need a 732 * workaround. Even if an appropriate ID is not determined, 733 * we'll see if we can determine the outgoing interface. If we 734 * can, determine the zone ID based on the interface below. 735 */ 736 if (addr->sin6_scope_id == 0 && !ip6_use_defzone) 737 scope_ambiguous = 1; 738 if ((error = sa6_embedscope(addr, ip6_use_defzone)) != 0) 739 return error; 740 741 bound = curlwp_bind(); 742 /* Source address selection. XXX: need pcblookup? */ 743 error = in6_selectsrc(addr, in6p_outputopts(inp), 744 in6p_moptions(inp), &inp->inp_route, 745 &in6p_laddr(inp), &ifp, &psref, &in6a); 746 if (error != 0) 747 goto out; 748 /* XXX: see above */ 749 if (ifp && scope_ambiguous && 750 (error = in6_setscope(&addr->sin6_addr, ifp, NULL)) != 0) { 751 goto out; 752 } 753 in6p_laddr(inp) = in6a; 754 in6p_faddr(inp) = addr->sin6_addr; 755 soisconnected(so); 756 out: 757 if_put(ifp, &psref); 758 curlwp_bindx(bound); 759 return error; 760 } 761 762 static int 763 rip6_connect2(struct socket *so, struct socket *so2) 764 { 765 KASSERT(solocked(so)); 766 767 return EOPNOTSUPP; 768 } 769 770 static int 771 rip6_disconnect(struct socket *so) 772 { 773 struct inpcb *inp = sotoinpcb(so); 774 775 KASSERT(solocked(so)); 776 KASSERT(inp != NULL); 777 778 if ((so->so_state & SS_ISCONNECTED) == 0) 779 return ENOTCONN; 780 781 in6p_faddr(inp) = in6addr_any; 782 so->so_state &= ~SS_ISCONNECTED; /* XXX */ 783 return 0; 784 } 785 786 static int 787 rip6_shutdown(struct socket *so) 788 { 789 KASSERT(solocked(so)); 790 791 /* 792 * Mark the connection as being incapable of further input. 793 */ 794 socantsendmore(so); 795 return 0; 796 } 797 798 static int 799 rip6_abort(struct socket *so) 800 { 801 KASSERT(solocked(so)); 802 803 soisdisconnected(so); 804 rip6_detach(so); 805 return 0; 806 } 807 808 static int 809 rip6_ioctl(struct socket *so, u_long cmd, void *nam, struct ifnet *ifp) 810 { 811 return in6_control(so, cmd, nam, ifp); 812 } 813 814 static int 815 rip6_stat(struct socket *so, struct stat *ub) 816 { 817 KASSERT(solocked(so)); 818 819 /* stat: don't bother with a blocksize */ 820 return 0; 821 } 822 823 static int 824 rip6_peeraddr(struct socket *so, struct sockaddr *nam) 825 { 826 KASSERT(solocked(so)); 827 KASSERT(sotoinpcb(so) != NULL); 828 KASSERT(nam != NULL); 829 830 in6pcb_fetch_peeraddr(sotoinpcb(so), (struct sockaddr_in6 *)nam); 831 return 0; 832 } 833 834 static int 835 rip6_sockaddr(struct socket *so, struct sockaddr *nam) 836 { 837 KASSERT(solocked(so)); 838 KASSERT(sotoinpcb(so) != NULL); 839 KASSERT(nam != NULL); 840 841 in6pcb_fetch_sockaddr(sotoinpcb(so), (struct sockaddr_in6 *)nam); 842 return 0; 843 } 844 845 static int 846 rip6_rcvd(struct socket *so, int flags, struct lwp *l) 847 { 848 KASSERT(solocked(so)); 849 850 return EOPNOTSUPP; 851 } 852 853 static int 854 rip6_recvoob(struct socket *so, struct mbuf *m, int flags) 855 { 856 KASSERT(solocked(so)); 857 858 return EOPNOTSUPP; 859 } 860 861 static int 862 rip6_send(struct socket *so, struct mbuf *m, struct sockaddr *nam, 863 struct mbuf *control, struct lwp *l) 864 { 865 struct inpcb *inp = sotoinpcb(so); 866 struct sockaddr_in6 tmp; 867 struct sockaddr_in6 *dst; 868 int error = 0; 869 870 KASSERT(solocked(so)); 871 KASSERT(inp != NULL); 872 KASSERT(m != NULL); 873 874 /* 875 * Ship a packet out. The appropriate raw output 876 * routine handles any messaging necessary. 877 */ 878 879 /* always copy sockaddr to avoid overwrites */ 880 if (so->so_state & SS_ISCONNECTED) { 881 if (nam) { 882 error = EISCONN; 883 goto release; 884 } 885 /* XXX */ 886 sockaddr_in6_init(&tmp, &in6p_faddr(inp), 0, 0, 0); 887 dst = &tmp; 888 } else { 889 if (nam == NULL) { 890 error = ENOTCONN; 891 goto release; 892 } 893 tmp = *(struct sockaddr_in6 *)nam; 894 dst = &tmp; 895 896 if (dst->sin6_family != AF_INET6) { 897 error = EAFNOSUPPORT; 898 goto release; 899 } 900 if (dst->sin6_len != sizeof(*dst)) { 901 error = EINVAL; 902 goto release; 903 } 904 } 905 error = rip6_output(m, so, dst, control); 906 m = NULL; 907 908 release: 909 m_freem(m); 910 911 return error; 912 } 913 914 static int 915 rip6_sendoob(struct socket *so, struct mbuf *m, struct mbuf *control) 916 { 917 KASSERT(solocked(so)); 918 919 m_freem(m); 920 m_freem(control); 921 922 return EOPNOTSUPP; 923 } 924 925 static int 926 rip6_purgeif(struct socket *so, struct ifnet *ifp) 927 { 928 929 mutex_enter(softnet_lock); 930 in6pcb_purgeif0(&raw6cbtable, ifp); 931 #ifdef NET_MPSAFE 932 mutex_exit(softnet_lock); 933 #endif 934 in6_purgeif(ifp); 935 #ifdef NET_MPSAFE 936 mutex_enter(softnet_lock); 937 #endif 938 in6pcb_purgeif(&raw6cbtable, ifp); 939 mutex_exit(softnet_lock); 940 941 return 0; 942 } 943 944 static int 945 sysctl_net_inet6_raw6_stats(SYSCTLFN_ARGS) 946 { 947 948 return (NETSTAT_SYSCTL(rip6stat_percpu, RIP6_NSTATS)); 949 } 950 951 static void 952 sysctl_net_inet6_raw6_setup(struct sysctllog **clog) 953 { 954 955 sysctl_createv(clog, 0, NULL, NULL, 956 CTLFLAG_PERMANENT, 957 CTLTYPE_NODE, "inet6", NULL, 958 NULL, 0, NULL, 0, 959 CTL_NET, PF_INET6, CTL_EOL); 960 sysctl_createv(clog, 0, NULL, NULL, 961 CTLFLAG_PERMANENT, 962 CTLTYPE_NODE, "raw6", 963 SYSCTL_DESCR("Raw IPv6 settings"), 964 NULL, 0, NULL, 0, 965 CTL_NET, PF_INET6, IPPROTO_RAW, CTL_EOL); 966 967 sysctl_createv(clog, 0, NULL, NULL, 968 CTLFLAG_PERMANENT, 969 CTLTYPE_STRUCT, "pcblist", 970 SYSCTL_DESCR("Raw IPv6 control block list"), 971 sysctl_inpcblist, 0, &raw6cbtable, 0, 972 CTL_NET, PF_INET6, IPPROTO_RAW, 973 CTL_CREATE, CTL_EOL); 974 sysctl_createv(clog, 0, NULL, NULL, 975 CTLFLAG_PERMANENT, 976 CTLTYPE_STRUCT, "stats", 977 SYSCTL_DESCR("Raw IPv6 statistics"), 978 sysctl_net_inet6_raw6_stats, 0, NULL, 0, 979 CTL_NET, PF_INET6, IPPROTO_RAW, RAW6CTL_STATS, 980 CTL_EOL); 981 } 982 983 PR_WRAP_USRREQS(rip6) 984 #define rip6_attach rip6_attach_wrapper 985 #define rip6_detach rip6_detach_wrapper 986 #define rip6_accept rip6_accept_wrapper 987 #define rip6_bind rip6_bind_wrapper 988 #define rip6_listen rip6_listen_wrapper 989 #define rip6_connect rip6_connect_wrapper 990 #define rip6_connect2 rip6_connect2_wrapper 991 #define rip6_disconnect rip6_disconnect_wrapper 992 #define rip6_shutdown rip6_shutdown_wrapper 993 #define rip6_abort rip6_abort_wrapper 994 #define rip6_ioctl rip6_ioctl_wrapper 995 #define rip6_stat rip6_stat_wrapper 996 #define rip6_peeraddr rip6_peeraddr_wrapper 997 #define rip6_sockaddr rip6_sockaddr_wrapper 998 #define rip6_rcvd rip6_rcvd_wrapper 999 #define rip6_recvoob rip6_recvoob_wrapper 1000 #define rip6_send rip6_send_wrapper 1001 #define rip6_sendoob rip6_sendoob_wrapper 1002 #define rip6_purgeif rip6_purgeif_wrapper 1003 1004 const struct pr_usrreqs rip6_usrreqs = { 1005 .pr_attach = rip6_attach, 1006 .pr_detach = rip6_detach, 1007 .pr_accept = rip6_accept, 1008 .pr_bind = rip6_bind, 1009 .pr_listen = rip6_listen, 1010 .pr_connect = rip6_connect, 1011 .pr_connect2 = rip6_connect2, 1012 .pr_disconnect = rip6_disconnect, 1013 .pr_shutdown = rip6_shutdown, 1014 .pr_abort = rip6_abort, 1015 .pr_ioctl = rip6_ioctl, 1016 .pr_stat = rip6_stat, 1017 .pr_peeraddr = rip6_peeraddr, 1018 .pr_sockaddr = rip6_sockaddr, 1019 .pr_rcvd = rip6_rcvd, 1020 .pr_recvoob = rip6_recvoob, 1021 .pr_send = rip6_send, 1022 .pr_sendoob = rip6_sendoob, 1023 .pr_purgeif = rip6_purgeif, 1024 }; 1025