1 /* $NetBSD: udp6_usrreq.c,v 1.155 2024/07/05 04:31:54 rin Exp $ */ 2 /* $KAME: udp6_usrreq.c,v 1.86 2001/05/27 17:33:00 itojun Exp $ */ 3 /* $KAME: udp6_output.c,v 1.43 2001/10/15 09:19:52 itojun Exp $ */ 4 5 /* 6 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the project nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 /* 35 * Copyright (c) 1982, 1986, 1989, 1993 36 * The Regents of the University of California. All rights reserved. 37 * 38 * Redistribution and use in source and binary forms, with or without 39 * modification, are permitted provided that the following conditions 40 * are met: 41 * 1. Redistributions of source code must retain the above copyright 42 * notice, this list of conditions and the following disclaimer. 43 * 2. Redistributions in binary form must reproduce the above copyright 44 * notice, this list of conditions and the following disclaimer in the 45 * documentation and/or other materials provided with the distribution. 46 * 3. Neither the name of the University nor the names of its contributors 47 * may be used to endorse or promote products derived from this software 48 * without specific prior written permission. 49 * 50 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 51 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 52 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 53 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 54 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 55 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 56 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 57 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 58 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 59 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 60 * SUCH DAMAGE. 61 * 62 * @(#)udp_var.h 8.1 (Berkeley) 6/10/93 63 */ 64 65 #include <sys/cdefs.h> 66 __KERNEL_RCSID(0, "$NetBSD: udp6_usrreq.c,v 1.155 2024/07/05 04:31:54 rin Exp $"); 67 68 #ifdef _KERNEL_OPT 69 #include "opt_inet.h" 70 #include "opt_inet_csum.h" 71 #include "opt_ipsec.h" 72 #include "opt_net_mpsafe.h" 73 #endif 74 75 #include <sys/param.h> 76 #include <sys/mbuf.h> 77 #include <sys/protosw.h> 78 #include <sys/socket.h> 79 #include <sys/socketvar.h> 80 #include <sys/systm.h> 81 #include <sys/proc.h> 82 #include <sys/syslog.h> 83 #include <sys/domain.h> 84 #include <sys/sysctl.h> 85 86 #include <net/if.h> 87 #include <net/if_types.h> 88 89 #include <netinet/in.h> 90 #include <netinet/in_var.h> 91 #include <netinet/in_systm.h> 92 #include <netinet/in_offload.h> 93 #include <netinet/ip.h> 94 #include <netinet/ip_var.h> 95 #include <netinet/in_pcb.h> 96 #include <netinet/udp.h> 97 #include <netinet/udp_var.h> 98 #include <netinet/udp_private.h> 99 100 #include <netinet/ip6.h> 101 #include <netinet/icmp6.h> 102 #include <netinet6/ip6_var.h> 103 #include <netinet6/ip6_private.h> 104 #include <netinet6/in6_pcb.h> 105 #include <netinet6/udp6_var.h> 106 #include <netinet6/udp6_private.h> 107 #include <netinet6/ip6protosw.h> 108 #include <netinet6/scope6_var.h> 109 110 #ifdef IPSEC 111 #include <netipsec/ipsec.h> 112 #include <netipsec/esp.h> 113 #ifdef INET6 114 #include <netipsec/ipsec6.h> 115 #endif 116 #endif 117 118 #include "faith.h" 119 #if defined(NFAITH) && NFAITH > 0 120 #include <net/if_faith.h> 121 #endif 122 123 /* 124 * UDP protocol implementation. 125 * Per RFC 768, August, 1980. 126 */ 127 128 extern struct inpcbtable udbtable; 129 130 percpu_t *udp6stat_percpu; 131 132 /* UDP on IP6 parameters */ 133 static int udp6_sendspace = 9216; /* really max datagram size */ 134 static int udp6_recvspace = 40 * (1024 + sizeof(struct sockaddr_in6)); 135 /* 40 1K datagrams */ 136 137 static void udp6_notify(struct inpcb *, int); 138 static void sysctl_net_inet6_udp6_setup(struct sysctllog **); 139 #ifdef IPSEC 140 static int udp6_espinudp(struct mbuf **, int); 141 #endif 142 143 #ifdef UDP_CSUM_COUNTERS 144 #include <sys/device.h> 145 struct evcnt udp6_hwcsum_bad = EVCNT_INITIALIZER(EVCNT_TYPE_MISC, 146 NULL, "udp6", "hwcsum bad"); 147 struct evcnt udp6_hwcsum_ok = EVCNT_INITIALIZER(EVCNT_TYPE_MISC, 148 NULL, "udp6", "hwcsum ok"); 149 struct evcnt udp6_hwcsum_data = EVCNT_INITIALIZER(EVCNT_TYPE_MISC, 150 NULL, "udp6", "hwcsum data"); 151 struct evcnt udp6_swcsum = EVCNT_INITIALIZER(EVCNT_TYPE_MISC, 152 NULL, "udp6", "swcsum"); 153 154 EVCNT_ATTACH_STATIC(udp6_hwcsum_bad); 155 EVCNT_ATTACH_STATIC(udp6_hwcsum_ok); 156 EVCNT_ATTACH_STATIC(udp6_hwcsum_data); 157 EVCNT_ATTACH_STATIC(udp6_swcsum); 158 159 #define UDP_CSUM_COUNTER_INCR(ev) (ev)->ev_count++ 160 #else 161 #define UDP_CSUM_COUNTER_INCR(ev) /* nothing */ 162 #endif 163 164 void 165 udp6_init(void) 166 { 167 sysctl_net_inet6_udp6_setup(NULL); 168 udp6stat_percpu = percpu_alloc(sizeof(uint64_t) * UDP6_NSTATS); 169 170 udp_init_common(); 171 } 172 173 /* 174 * Notify a udp user of an asynchronous error; 175 * just wake up so that he can collect error status. 176 */ 177 static void 178 udp6_notify(struct inpcb *inp, int errno) 179 { 180 inp->inp_socket->so_error = errno; 181 sorwakeup(inp->inp_socket); 182 sowwakeup(inp->inp_socket); 183 } 184 185 void * 186 udp6_ctlinput(int cmd, const struct sockaddr *sa, void *d) 187 { 188 struct udphdr uh; 189 struct ip6_hdr *ip6; 190 const struct sockaddr_in6 *sa6 = (const struct sockaddr_in6 *)sa; 191 struct mbuf *m; 192 int off; 193 void *cmdarg; 194 struct ip6ctlparam *ip6cp = NULL; 195 const struct sockaddr_in6 *sa6_src = NULL; 196 void (*notify)(struct inpcb *, int) = udp6_notify; 197 struct udp_portonly { 198 u_int16_t uh_sport; 199 u_int16_t uh_dport; 200 } *uhp; 201 202 if (sa->sa_family != AF_INET6 || 203 sa->sa_len != sizeof(struct sockaddr_in6)) 204 return NULL; 205 206 if ((unsigned)cmd >= PRC_NCMDS) 207 return NULL; 208 if (PRC_IS_REDIRECT(cmd)) 209 notify = in6pcb_rtchange, d = NULL; 210 else if (cmd == PRC_HOSTDEAD) 211 d = NULL; 212 else if (cmd == PRC_MSGSIZE) { 213 /* special code is present, see below */ 214 notify = in6pcb_rtchange; 215 } 216 else if (inet6ctlerrmap[cmd] == 0) 217 return NULL; 218 219 /* if the parameter is from icmp6, decode it. */ 220 if (d != NULL) { 221 ip6cp = (struct ip6ctlparam *)d; 222 m = ip6cp->ip6c_m; 223 ip6 = ip6cp->ip6c_ip6; 224 off = ip6cp->ip6c_off; 225 cmdarg = ip6cp->ip6c_cmdarg; 226 sa6_src = ip6cp->ip6c_src; 227 } else { 228 m = NULL; 229 ip6 = NULL; 230 cmdarg = NULL; 231 sa6_src = &sa6_any; 232 off = 0; 233 } 234 235 if (ip6) { 236 /* check if we can safely examine src and dst ports */ 237 if (m->m_pkthdr.len < off + sizeof(*uhp)) { 238 if (cmd == PRC_MSGSIZE) 239 icmp6_mtudisc_update((struct ip6ctlparam *)d, 0); 240 return NULL; 241 } 242 243 memset(&uh, 0, sizeof(uh)); 244 m_copydata(m, off, sizeof(*uhp), (void *)&uh); 245 246 if (cmd == PRC_MSGSIZE) { 247 int valid = 0; 248 249 /* 250 * Check to see if we have a valid UDP socket 251 * corresponding to the address in the ICMPv6 message 252 * payload. 253 */ 254 if (in6pcb_lookup(&udbtable, &sa6->sin6_addr, 255 uh.uh_dport, (const struct in6_addr *)&sa6_src->sin6_addr, 256 uh.uh_sport, 0, 0)) 257 valid++; 258 #if 0 259 /* 260 * As the use of sendto(2) is fairly popular, 261 * we may want to allow non-connected pcb too. 262 * But it could be too weak against attacks... 263 * We should at least check if the local address (= s) 264 * is really ours. 265 */ 266 else if (in6pcb_lookup_bound(&udbtable, &sa6->sin6_addr, 267 uh.uh_dport, 0)) 268 valid++; 269 #endif 270 271 /* 272 * Depending on the value of "valid" and routing table 273 * size (mtudisc_{hi,lo}wat), we will: 274 * - recalculate the new MTU and create the 275 * corresponding routing entry, or 276 * - ignore the MTU change notification. 277 */ 278 icmp6_mtudisc_update((struct ip6ctlparam *)d, valid); 279 280 /* 281 * regardless of if we called 282 * icmp6_mtudisc_update(), we need to call 283 * in6pcb_notify(), to notify path MTU change 284 * to the userland (RFC3542), because some 285 * unconnected sockets may share the same 286 * destination and want to know the path MTU. 287 */ 288 } 289 290 (void)in6pcb_notify(&udbtable, sa, uh.uh_dport, 291 sin6tocsa(sa6_src), uh.uh_sport, cmd, cmdarg, 292 notify); 293 } else { 294 (void)in6pcb_notify(&udbtable, sa, 0, 295 sin6tocsa(sa6_src), 0, cmd, cmdarg, notify); 296 } 297 return NULL; 298 } 299 300 int 301 udp6_ctloutput(int op, struct socket *so, struct sockopt *sopt) 302 { 303 int s; 304 int error = 0; 305 struct inpcb *inp; 306 int family; 307 int optval; 308 309 family = so->so_proto->pr_domain->dom_family; 310 311 s = splsoftnet(); 312 switch (family) { 313 #ifdef INET 314 case PF_INET: 315 if (sopt->sopt_level != IPPROTO_UDP) { 316 error = ip_ctloutput(op, so, sopt); 317 goto end; 318 } 319 break; 320 #endif 321 #ifdef INET6 322 case PF_INET6: 323 if (sopt->sopt_level != IPPROTO_UDP) { 324 error = ip6_ctloutput(op, so, sopt); 325 goto end; 326 } 327 break; 328 #endif 329 default: 330 error = EAFNOSUPPORT; 331 goto end; 332 } 333 334 switch (op) { 335 case PRCO_SETOPT: 336 inp = sotoinpcb(so); 337 338 switch (sopt->sopt_name) { 339 case UDP_ENCAP: 340 error = sockopt_getint(sopt, &optval); 341 if (error) 342 break; 343 344 switch(optval) { 345 case 0: 346 inp->inp_flags &= ~IN6P_ESPINUDP; 347 break; 348 349 case UDP_ENCAP_ESPINUDP: 350 inp->inp_flags |= IN6P_ESPINUDP; 351 break; 352 353 default: 354 error = EINVAL; 355 break; 356 } 357 break; 358 359 default: 360 error = ENOPROTOOPT; 361 break; 362 } 363 break; 364 365 default: 366 error = EINVAL; 367 break; 368 } 369 370 end: 371 splx(s); 372 return error; 373 } 374 375 static void 376 udp6_sendup(struct mbuf *m, int off /* offset of data portion */, 377 struct sockaddr *src, struct socket *so) 378 { 379 struct mbuf *opts = NULL; 380 struct mbuf *n; 381 struct inpcb *inp; 382 383 KASSERT(so != NULL); 384 KASSERT(so->so_proto->pr_domain->dom_family == AF_INET6); 385 inp = sotoinpcb(so); 386 KASSERT(inp != NULL); 387 388 #if defined(IPSEC) 389 if (ipsec_used && ipsec_in_reject(m, inp)) { 390 if ((n = m_copypacket(m, M_DONTWAIT)) != NULL) 391 icmp6_error(n, ICMP6_DST_UNREACH, 392 ICMP6_DST_UNREACH_ADMIN, 0); 393 return; 394 } 395 #endif 396 397 if ((n = m_copypacket(m, M_DONTWAIT)) != NULL) { 398 if (inp->inp_flags & IN6P_CONTROLOPTS || 399 SOOPT_TIMESTAMP(inp->inp_socket->so_options)) { 400 struct ip6_hdr *ip6 = mtod(n, struct ip6_hdr *); 401 ip6_savecontrol(inp, &opts, ip6, n); 402 } 403 404 m_adj(n, off); 405 if (sbappendaddr(&so->so_rcv, src, n, opts) == 0) { 406 m_freem(n); 407 m_freem(opts); 408 UDP6_STATINC(UDP6_STAT_FULLSOCK); 409 soroverflow(so); 410 } else 411 sorwakeup(so); 412 } 413 } 414 415 int 416 udp6_realinput(int af, struct sockaddr_in6 *src, struct sockaddr_in6 *dst, 417 struct mbuf **mp, int off) 418 { 419 u_int16_t sport, dport; 420 int rcvcnt; 421 struct in6_addr src6, *dst6; 422 const struct in_addr *dst4; 423 struct inpcb *inp; 424 struct mbuf *m = *mp; 425 426 rcvcnt = 0; 427 off += sizeof(struct udphdr); /* now, offset of payload */ 428 429 if (af != AF_INET && af != AF_INET6) 430 goto bad; 431 if (src->sin6_family != AF_INET6 || dst->sin6_family != AF_INET6) 432 goto bad; 433 434 src6 = src->sin6_addr; 435 if (sa6_recoverscope(src) != 0) { 436 /* XXX: should be impossible. */ 437 goto bad; 438 } 439 sport = src->sin6_port; 440 441 dport = dst->sin6_port; 442 dst4 = (struct in_addr *)&dst->sin6_addr.s6_addr[12]; 443 dst6 = &dst->sin6_addr; 444 445 if (IN6_IS_ADDR_MULTICAST(dst6) || 446 (af == AF_INET && IN_MULTICAST(dst4->s_addr))) { 447 /* 448 * Deliver a multicast or broadcast datagram to *all* sockets 449 * for which the local and remote addresses and ports match 450 * those of the incoming datagram. This allows more than 451 * one process to receive multi/broadcasts on the same port. 452 * (This really ought to be done for unicast datagrams as 453 * well, but that would cause problems with existing 454 * applications that open both address-specific sockets and 455 * a wildcard socket listening to the same port -- they would 456 * end up receiving duplicates of every unicast datagram. 457 * Those applications open the multiple sockets to overcome an 458 * inadequacy of the UDP socket interface, but for backwards 459 * compatibility we avoid the problem here rather than 460 * fixing the interface. Maybe 4.5BSD will remedy this?) 461 */ 462 463 /* 464 * KAME note: traditionally we dropped udpiphdr from mbuf here. 465 * we need udpiphdr for IPsec processing so we do that later. 466 */ 467 /* 468 * Locate pcb(s) for datagram. 469 */ 470 TAILQ_FOREACH(inp, &udbtable.inpt_queue, inp_queue) { 471 if (inp->inp_af != AF_INET6) 472 continue; 473 474 if (inp->inp_lport != dport) 475 continue; 476 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p_laddr(inp))) { 477 if (!IN6_ARE_ADDR_EQUAL(&in6p_laddr(inp), 478 dst6)) 479 continue; 480 } else { 481 if (IN6_IS_ADDR_V4MAPPED(dst6) && 482 (inp->inp_flags & IN6P_IPV6_V6ONLY)) 483 continue; 484 } 485 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p_faddr(inp))) { 486 if (!IN6_ARE_ADDR_EQUAL(&in6p_faddr(inp), 487 &src6) || inp->inp_fport != sport) 488 continue; 489 } else { 490 if (IN6_IS_ADDR_V4MAPPED(&src6) && 491 (inp->inp_flags & IN6P_IPV6_V6ONLY)) 492 continue; 493 } 494 495 udp6_sendup(m, off, sin6tosa(src), inp->inp_socket); 496 rcvcnt++; 497 498 /* 499 * Don't look for additional matches if this one does 500 * not have either the SO_REUSEPORT or SO_REUSEADDR 501 * socket options set. This heuristic avoids searching 502 * through all pcbs in the common case of a non-shared 503 * port. It assumes that an application will never 504 * clear these options after setting them. 505 */ 506 if ((inp->inp_socket->so_options & 507 (SO_REUSEPORT|SO_REUSEADDR)) == 0) 508 break; 509 } 510 } else { 511 /* 512 * Locate pcb for datagram. 513 */ 514 inp = in6pcb_lookup(&udbtable, &src6, sport, dst6, 515 dport, 0, 0); 516 if (inp == NULL) { 517 UDP_STATINC(UDP_STAT_PCBHASHMISS); 518 inp = in6pcb_lookup_bound(&udbtable, dst6, dport, 0); 519 if (inp == NULL) 520 return rcvcnt; 521 } 522 523 #ifdef IPSEC 524 /* Handle ESP over UDP */ 525 if (inp->inp_flags & IN6P_ESPINUDP) { 526 switch (udp6_espinudp(mp, off)) { 527 case -1: /* Error, m was freed */ 528 rcvcnt = -1; 529 goto bad; 530 531 case 1: /* ESP over UDP */ 532 rcvcnt++; 533 goto bad; 534 535 case 0: /* plain UDP */ 536 default: /* Unexpected */ 537 /* 538 * Normal UDP processing will take place, 539 * m may have changed. 540 */ 541 m = *mp; 542 break; 543 } 544 } 545 #endif 546 547 if (inp->inp_overudp_cb != NULL) { 548 int ret; 549 ret = inp->inp_overudp_cb(mp, off, inp->inp_socket, 550 sin6tosa(src), inp->inp_overudp_arg); 551 switch (ret) { 552 case -1: /* Error, m was freed */ 553 rcvcnt = -1; 554 goto bad; 555 556 case 1: /* Foo over UDP */ 557 KASSERT(*mp == NULL); 558 rcvcnt++; 559 goto bad; 560 561 case 0: /* plain UDP */ 562 default: /* Unexpected */ 563 /* 564 * Normal UDP processing will take place, 565 * m may have changed. 566 */ 567 break; 568 } 569 } 570 571 udp6_sendup(m, off, sin6tosa(src), inp->inp_socket); 572 rcvcnt++; 573 } 574 575 bad: 576 return rcvcnt; 577 } 578 579 int 580 udp6_input_checksum(struct mbuf *m, const struct udphdr *uh, int off, int len) 581 { 582 583 /* 584 * XXX it's better to record and check if this mbuf is 585 * already checked. 586 */ 587 588 if (__predict_false((m->m_flags & M_LOOP) && !udp_do_loopback_cksum)) { 589 goto good; 590 } 591 if (uh->uh_sum == 0) { 592 UDP6_STATINC(UDP6_STAT_NOSUM); 593 goto bad; 594 } 595 596 switch (m->m_pkthdr.csum_flags & 597 ((m_get_rcvif_NOMPSAFE(m)->if_csum_flags_rx & M_CSUM_UDPv6) | 598 M_CSUM_TCP_UDP_BAD | M_CSUM_DATA)) { 599 case M_CSUM_UDPv6|M_CSUM_TCP_UDP_BAD: 600 UDP_CSUM_COUNTER_INCR(&udp6_hwcsum_bad); 601 UDP6_STATINC(UDP6_STAT_BADSUM); 602 goto bad; 603 604 #if 0 /* notyet */ 605 case M_CSUM_UDPv6|M_CSUM_DATA: 606 #endif 607 608 case M_CSUM_UDPv6: 609 /* Checksum was okay. */ 610 UDP_CSUM_COUNTER_INCR(&udp6_hwcsum_ok); 611 break; 612 613 default: 614 /* 615 * Need to compute it ourselves. Maybe skip checksum 616 * on loopback interfaces. 617 */ 618 UDP_CSUM_COUNTER_INCR(&udp6_swcsum); 619 if (in6_cksum(m, IPPROTO_UDP, off, len) != 0) { 620 UDP6_STATINC(UDP6_STAT_BADSUM); 621 goto bad; 622 } 623 } 624 625 good: 626 return 0; 627 bad: 628 return -1; 629 } 630 631 int 632 udp6_input(struct mbuf **mp, int *offp, int proto) 633 { 634 struct mbuf *m = *mp; 635 int off = *offp; 636 struct sockaddr_in6 src, dst; 637 struct ip6_hdr *ip6; 638 struct udphdr *uh; 639 u_int32_t plen, ulen; 640 641 ip6 = mtod(m, struct ip6_hdr *); 642 643 #if defined(NFAITH) && 0 < NFAITH 644 if (faithprefix(&ip6->ip6_dst)) { 645 /* send icmp6 host unreach? */ 646 m_freem(m); 647 return IPPROTO_DONE; 648 } 649 #endif 650 651 UDP6_STATINC(UDP6_STAT_IPACKETS); 652 653 /* Check for jumbogram is done in ip6_input. We can trust pkthdr.len. */ 654 plen = m->m_pkthdr.len - off; 655 IP6_EXTHDR_GET(uh, struct udphdr *, m, off, sizeof(struct udphdr)); 656 if (uh == NULL) { 657 IP6_STATINC(IP6_STAT_TOOSHORT); 658 return IPPROTO_DONE; 659 } 660 661 /* 662 * Enforce alignment requirements that are violated in 663 * some cases, see kern/50766 for details. 664 */ 665 if (ACCESSIBLE_POINTER(uh, struct udphdr) == 0) { 666 m = m_copyup(m, off + sizeof(struct udphdr), 0); 667 if (m == NULL) { 668 IP6_STATINC(IP6_STAT_TOOSHORT); 669 return IPPROTO_DONE; 670 } 671 ip6 = mtod(m, struct ip6_hdr *); 672 uh = (struct udphdr *)(mtod(m, char *) + off); 673 } 674 KASSERT(ACCESSIBLE_POINTER(uh, struct udphdr)); 675 ulen = ntohs((u_short)uh->uh_ulen); 676 677 /* 678 * RFC2675 section 4: jumbograms will have 0 in the UDP header field, 679 * iff payload length > 0xffff. 680 */ 681 if (ulen == 0 && plen > 0xffff) 682 ulen = plen; 683 684 if (plen != ulen) { 685 UDP6_STATINC(UDP6_STAT_BADLEN); 686 goto bad; 687 } 688 689 /* destination port of 0 is illegal, based on RFC768. */ 690 if (uh->uh_dport == 0) 691 goto bad; 692 693 /* 694 * Checksum extended UDP header and data. Maybe skip checksum 695 * on loopback interfaces. 696 */ 697 if (udp6_input_checksum(m, uh, off, ulen)) 698 goto bad; 699 700 /* 701 * Construct source and dst sockaddrs. 702 */ 703 memset(&src, 0, sizeof(src)); 704 src.sin6_family = AF_INET6; 705 src.sin6_len = sizeof(struct sockaddr_in6); 706 src.sin6_addr = ip6->ip6_src; 707 src.sin6_port = uh->uh_sport; 708 memset(&dst, 0, sizeof(dst)); 709 dst.sin6_family = AF_INET6; 710 dst.sin6_len = sizeof(struct sockaddr_in6); 711 dst.sin6_addr = ip6->ip6_dst; 712 dst.sin6_port = uh->uh_dport; 713 714 if (udp6_realinput(AF_INET6, &src, &dst, &m, off) == 0) { 715 if (m->m_flags & M_MCAST) { 716 UDP6_STATINC(UDP6_STAT_NOPORTMCAST); 717 goto bad; 718 } 719 UDP6_STATINC(UDP6_STAT_NOPORT); 720 icmp6_error(m, ICMP6_DST_UNREACH, ICMP6_DST_UNREACH_NOPORT, 0); 721 m = NULL; 722 } 723 724 bad: 725 m_freem(m); 726 return IPPROTO_DONE; 727 } 728 729 int 730 udp6_output(struct inpcb * const inp, struct mbuf *m, 731 struct sockaddr_in6 * const addr6, struct mbuf * const control, 732 struct lwp * const l) 733 { 734 u_int32_t ulen = m->m_pkthdr.len; 735 u_int32_t plen = sizeof(struct udphdr) + ulen; 736 struct ip6_hdr *ip6; 737 struct udphdr *udp6; 738 struct in6_addr _laddr, *laddr, *faddr; 739 struct in6_addr laddr_mapped; /* XXX ugly */ 740 struct sockaddr_in6 *sin6 = NULL; 741 struct ifnet *oifp = NULL; 742 int scope_ambiguous = 0; 743 u_int16_t fport; 744 int error = 0; 745 struct ip6_pktopts *optp = NULL; 746 struct ip6_pktopts opt; 747 int af = AF_INET6, hlen = sizeof(struct ip6_hdr); 748 #ifdef INET 749 struct ip *ip; 750 struct udpiphdr *ui; 751 int flags = 0; 752 #endif 753 struct sockaddr_in6 tmp; 754 755 if (addr6) { 756 sin6 = addr6; 757 if (sin6->sin6_len != sizeof(*sin6)) { 758 error = EINVAL; 759 goto release; 760 } 761 if (sin6->sin6_family != AF_INET6) { 762 error = EAFNOSUPPORT; 763 goto release; 764 } 765 766 /* protect *sin6 from overwrites */ 767 tmp = *sin6; 768 sin6 = &tmp; 769 770 /* 771 * Application should provide a proper zone ID or the use of 772 * default zone IDs should be enabled. Unfortunately, some 773 * applications do not behave as it should, so we need a 774 * workaround. Even if an appropriate ID is not determined, 775 * we'll see if we can determine the outgoing interface. If we 776 * can, determine the zone ID based on the interface below. 777 */ 778 if (sin6->sin6_scope_id == 0 && !ip6_use_defzone) 779 scope_ambiguous = 1; 780 if ((error = sa6_embedscope(sin6, ip6_use_defzone)) != 0) 781 goto release; 782 } 783 784 if (control) { 785 if (__predict_false(l == NULL)) { 786 panic("%s: control but no lwp", __func__); 787 } 788 if ((error = ip6_setpktopts(control, &opt, 789 in6p_outputopts(inp), l->l_cred, IPPROTO_UDP)) != 0) 790 goto release; 791 optp = &opt; 792 } else 793 optp = in6p_outputopts(inp); 794 795 796 if (sin6) { 797 /* 798 * Slightly different than v4 version in that we call 799 * in6_selectsrc and in6pcb_set_port to fill in the local 800 * address and port rather than inpcb_connect. inpcb_connect 801 * sets inp_faddr which causes EISCONN below to be hit on 802 * subsequent sendto. 803 */ 804 if (sin6->sin6_port == 0) { 805 error = EADDRNOTAVAIL; 806 goto release; 807 } 808 809 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p_faddr(inp))) { 810 /* how about ::ffff:0.0.0.0 case? */ 811 error = EISCONN; 812 goto release; 813 } 814 815 faddr = &sin6->sin6_addr; 816 fport = sin6->sin6_port; /* allow 0 port */ 817 818 if (IN6_IS_ADDR_V4MAPPED(faddr)) { 819 if ((inp->inp_flags & IN6P_IPV6_V6ONLY)) { 820 /* 821 * I believe we should explicitly discard the 822 * packet when mapped addresses are disabled, 823 * rather than send the packet as an IPv6 one. 824 * If we chose the latter approach, the packet 825 * might be sent out on the wire based on the 826 * default route, the situation which we'd 827 * probably want to avoid. 828 * (20010421 jinmei@kame.net) 829 */ 830 error = EINVAL; 831 goto release; 832 } 833 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p_laddr(inp)) && 834 !IN6_IS_ADDR_V4MAPPED(&in6p_laddr(inp))) { 835 /* 836 * when remote addr is an IPv4-mapped address, 837 * local addr should not be an IPv6 address, 838 * since you cannot determine how to map IPv6 839 * source address to IPv4. 840 */ 841 error = EINVAL; 842 goto release; 843 } 844 845 af = AF_INET; 846 } 847 848 if (!IN6_IS_ADDR_V4MAPPED(faddr)) { 849 struct psref psref; 850 int bound = curlwp_bind(); 851 852 error = in6_selectsrc(sin6, optp, 853 in6p_moptions(inp), 854 &inp->inp_route, 855 &in6p_laddr(inp), &oifp, &psref, &_laddr); 856 if (error) 857 laddr = NULL; 858 else 859 laddr = &_laddr; 860 if (oifp && scope_ambiguous && 861 (error = in6_setscope(&sin6->sin6_addr, 862 oifp, NULL))) { 863 if_put(oifp, &psref); 864 curlwp_bindx(bound); 865 goto release; 866 } 867 if_put(oifp, &psref); 868 curlwp_bindx(bound); 869 } else { 870 /* 871 * XXX: freebsd[34] does not have in_selectsrc, but 872 * we can omit the whole part because freebsd4 calls 873 * udp_output() directly in this case, and thus we'll 874 * never see this path. 875 */ 876 if (IN6_IS_ADDR_UNSPECIFIED(&in6p_laddr(inp))) { 877 struct sockaddr_in sin_dst; 878 struct in_addr ina; 879 struct in_ifaddr *ia4; 880 struct psref _psref; 881 int bound; 882 883 memcpy(&ina, &faddr->s6_addr[12], sizeof(ina)); 884 sockaddr_in_init(&sin_dst, &ina, 0); 885 bound = curlwp_bind(); 886 ia4 = in_selectsrc(&sin_dst, &inp->inp_route, 887 inp->inp_socket->so_options, NULL, 888 &error, &_psref); 889 if (ia4 == NULL) { 890 curlwp_bindx(bound); 891 if (error == 0) 892 error = EADDRNOTAVAIL; 893 goto release; 894 } 895 memset(&laddr_mapped, 0, sizeof(laddr_mapped)); 896 laddr_mapped.s6_addr16[5] = 0xffff; /* ugly */ 897 memcpy(&laddr_mapped.s6_addr[12], 898 &IA_SIN(ia4)->sin_addr, 899 sizeof(IA_SIN(ia4)->sin_addr)); 900 ia4_release(ia4, &_psref); 901 curlwp_bindx(bound); 902 laddr = &laddr_mapped; 903 } else 904 { 905 laddr = &in6p_laddr(inp); /* XXX */ 906 } 907 } 908 if (laddr == NULL) { 909 if (error == 0) 910 error = EADDRNOTAVAIL; 911 goto release; 912 } 913 if (inp->inp_lport == 0) { 914 /* 915 * Craft a sockaddr_in6 for the local endpoint. Use the 916 * "any" as a base, set the address, and recover the 917 * scope. 918 */ 919 struct sockaddr_in6 lsin6 = 920 *((const struct sockaddr_in6 *)inp->inp_socket->so_proto->pr_domain->dom_sa_any); 921 lsin6.sin6_addr = *laddr; 922 error = sa6_recoverscope(&lsin6); 923 if (error) 924 goto release; 925 926 error = in6pcb_set_port(&lsin6, inp, l); 927 928 if (error) { 929 in6p_laddr(inp) = in6addr_any; 930 goto release; 931 } 932 } 933 } else { 934 if (IN6_IS_ADDR_UNSPECIFIED(&in6p_faddr(inp))) { 935 error = ENOTCONN; 936 goto release; 937 } 938 if (IN6_IS_ADDR_V4MAPPED(&in6p_faddr(inp))) { 939 if ((inp->inp_flags & IN6P_IPV6_V6ONLY)) 940 { 941 /* 942 * XXX: this case would happen when the 943 * application sets the V6ONLY flag after 944 * connecting the foreign address. 945 * Such applications should be fixed, 946 * so we bark here. 947 */ 948 log(LOG_INFO, "udp6_output: IPV6_V6ONLY " 949 "option was set for a connected socket\n"); 950 error = EINVAL; 951 goto release; 952 } else 953 af = AF_INET; 954 } 955 laddr = &in6p_laddr(inp); 956 faddr = &in6p_faddr(inp); 957 fport = inp->inp_fport; 958 } 959 960 if (af == AF_INET) 961 hlen = sizeof(struct ip); 962 963 /* 964 * Calculate data length and get a mbuf 965 * for UDP and IP6 headers. 966 */ 967 M_PREPEND(m, hlen + sizeof(struct udphdr), M_DONTWAIT); 968 if (m == NULL) { 969 error = ENOBUFS; 970 goto release; 971 } 972 973 /* 974 * Stuff checksum and output datagram. 975 */ 976 udp6 = (struct udphdr *)(mtod(m, char *) + hlen); 977 udp6->uh_sport = inp->inp_lport; /* lport is always set in the PCB */ 978 udp6->uh_dport = fport; 979 if (plen <= 0xffff) 980 udp6->uh_ulen = htons((u_int16_t)plen); 981 else 982 udp6->uh_ulen = 0; 983 udp6->uh_sum = 0; 984 985 switch (af) { 986 case AF_INET6: 987 ip6 = mtod(m, struct ip6_hdr *); 988 ip6->ip6_flow = in6p_flowinfo(inp) & IPV6_FLOWINFO_MASK; 989 ip6->ip6_vfc &= ~IPV6_VERSION_MASK; 990 ip6->ip6_vfc |= IPV6_VERSION; 991 #if 0 /* ip6_plen will be filled in ip6_output. */ 992 ip6->ip6_plen = htons((u_int16_t)plen); 993 #endif 994 ip6->ip6_nxt = IPPROTO_UDP; 995 ip6->ip6_hlim = in6pcb_selecthlim_rt(inp); 996 ip6->ip6_src = *laddr; 997 ip6->ip6_dst = *faddr; 998 999 udp6->uh_sum = in6_cksum_phdr(laddr, faddr, 1000 htonl(plen), htonl(IPPROTO_UDP)); 1001 m->m_pkthdr.csum_flags = M_CSUM_UDPv6; 1002 m->m_pkthdr.csum_data = offsetof(struct udphdr, uh_sum); 1003 1004 UDP6_STATINC(UDP6_STAT_OPACKETS); 1005 error = ip6_output(m, optp, &inp->inp_route, 0, 1006 in6p_moptions(inp), inp, NULL); 1007 break; 1008 case AF_INET: 1009 #ifdef INET 1010 /* can't transmit jumbogram over IPv4 */ 1011 if (plen > 0xffff) { 1012 error = EMSGSIZE; 1013 goto release; 1014 } 1015 1016 ip = mtod(m, struct ip *); 1017 ui = (struct udpiphdr *)ip; 1018 memset(ui->ui_x1, 0, sizeof(ui->ui_x1)); 1019 ui->ui_pr = IPPROTO_UDP; 1020 ui->ui_len = htons(plen); 1021 memcpy(&ui->ui_src, &laddr->s6_addr[12], sizeof(ui->ui_src)); 1022 ui->ui_ulen = ui->ui_len; 1023 1024 flags = (inp->inp_socket->so_options & 1025 (SO_DONTROUTE | SO_BROADCAST)); 1026 memcpy(&ui->ui_dst, &faddr->s6_addr[12], sizeof(ui->ui_dst)); 1027 1028 udp6->uh_sum = in_cksum(m, hlen + plen); 1029 if (udp6->uh_sum == 0) 1030 udp6->uh_sum = 0xffff; 1031 1032 ip->ip_len = htons(hlen + plen); 1033 ip->ip_ttl = in6pcb_selecthlim(inp, NULL); /* XXX */ 1034 ip->ip_tos = 0; /* XXX */ 1035 1036 UDP_STATINC(UDP_STAT_OPACKETS); 1037 error = ip_output(m, NULL, &inp->inp_route, flags /* XXX */, 1038 inp->inp_moptions, NULL); 1039 break; 1040 #else 1041 error = EAFNOSUPPORT; 1042 goto release; 1043 #endif 1044 } 1045 goto releaseopt; 1046 1047 release: 1048 m_freem(m); 1049 1050 releaseopt: 1051 if (control) { 1052 if (optp == &opt) 1053 ip6_clearpktopts(&opt, -1); 1054 m_freem(control); 1055 } 1056 return (error); 1057 } 1058 1059 static int 1060 udp6_attach(struct socket *so, int proto) 1061 { 1062 struct inpcb *inp; 1063 int s, error; 1064 1065 KASSERT(sotoinpcb(so) == NULL); 1066 sosetlock(so); 1067 1068 error = soreserve(so, udp6_sendspace, udp6_recvspace); 1069 if (error) { 1070 return error; 1071 } 1072 1073 /* 1074 * MAPPED_ADDR implementation spec: 1075 * Always attach for IPv6, and only when necessary for IPv4. 1076 */ 1077 s = splsoftnet(); 1078 error = inpcb_create(so, &udbtable); 1079 splx(s); 1080 if (error) { 1081 return error; 1082 } 1083 1084 inp = sotoinpcb(so); 1085 in6p_cksum(inp) = -1; /* just to be sure */ 1086 1087 KASSERT(solocked(so)); 1088 return 0; 1089 } 1090 1091 static void 1092 udp6_detach(struct socket *so) 1093 { 1094 struct inpcb *inp = sotoinpcb(so); 1095 int s; 1096 1097 KASSERT(solocked(so)); 1098 KASSERT(inp != NULL); 1099 1100 s = splsoftnet(); 1101 inpcb_destroy(inp); 1102 splx(s); 1103 } 1104 1105 static int 1106 udp6_accept(struct socket *so, struct sockaddr *nam) 1107 { 1108 KASSERT(solocked(so)); 1109 1110 return EOPNOTSUPP; 1111 } 1112 1113 static int 1114 udp6_bind(struct socket *so, struct sockaddr *nam, struct lwp *l) 1115 { 1116 struct inpcb *inp = sotoinpcb(so); 1117 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam; 1118 int error = 0; 1119 int s; 1120 1121 KASSERT(solocked(so)); 1122 KASSERT(inp != NULL); 1123 1124 s = splsoftnet(); 1125 error = in6pcb_bind(inp, sin6, l); 1126 splx(s); 1127 return error; 1128 } 1129 1130 static int 1131 udp6_listen(struct socket *so, struct lwp *l) 1132 { 1133 KASSERT(solocked(so)); 1134 1135 return EOPNOTSUPP; 1136 } 1137 1138 static int 1139 udp6_connect(struct socket *so, struct sockaddr *nam, struct lwp *l) 1140 { 1141 struct inpcb *inp = sotoinpcb(so); 1142 int error = 0; 1143 int s; 1144 1145 KASSERT(solocked(so)); 1146 KASSERT(inp != NULL); 1147 1148 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p_faddr(inp))) 1149 return EISCONN; 1150 s = splsoftnet(); 1151 error = in6pcb_connect(inp, (struct sockaddr_in6 *)nam, l); 1152 splx(s); 1153 if (error == 0) 1154 soisconnected(so); 1155 1156 return error; 1157 } 1158 1159 static int 1160 udp6_connect2(struct socket *so, struct socket *so2) 1161 { 1162 KASSERT(solocked(so)); 1163 1164 return EOPNOTSUPP; 1165 } 1166 1167 static int 1168 udp6_disconnect(struct socket *so) 1169 { 1170 struct inpcb *inp = sotoinpcb(so); 1171 int s; 1172 1173 KASSERT(solocked(so)); 1174 KASSERT(inp != NULL); 1175 1176 if (IN6_IS_ADDR_UNSPECIFIED(&in6p_faddr(inp))) 1177 return ENOTCONN; 1178 1179 s = splsoftnet(); 1180 in6pcb_disconnect(inp); 1181 memset((void *)&in6p_laddr(inp), 0, sizeof(in6p_laddr(inp))); 1182 splx(s); 1183 1184 so->so_state &= ~SS_ISCONNECTED; /* XXX */ 1185 in6pcb_set_state(inp, INP_BOUND); /* XXX */ 1186 return 0; 1187 } 1188 1189 static int 1190 udp6_shutdown(struct socket *so) 1191 { 1192 int s; 1193 1194 s = splsoftnet(); 1195 socantsendmore(so); 1196 splx(s); 1197 1198 return 0; 1199 } 1200 1201 static int 1202 udp6_abort(struct socket *so) 1203 { 1204 int s; 1205 1206 KASSERT(solocked(so)); 1207 KASSERT(sotoinpcb(so) != NULL); 1208 1209 s = splsoftnet(); 1210 soisdisconnected(so); 1211 inpcb_destroy(sotoinpcb(so)); 1212 splx(s); 1213 1214 return 0; 1215 } 1216 1217 static int 1218 udp6_ioctl(struct socket *so, u_long cmd, void *addr6, struct ifnet *ifp) 1219 { 1220 /* 1221 * MAPPED_ADDR implementation info: 1222 * Mapped addr support for PRU_CONTROL is not necessary. 1223 * Because typical user of PRU_CONTROL is such as ifconfig, 1224 * and they don't associate any addr to their socket. Then 1225 * socket family is only hint about the PRU_CONTROL'ed address 1226 * family, especially when getting addrs from kernel. 1227 * So AF_INET socket need to be used to control AF_INET addrs, 1228 * and AF_INET6 socket for AF_INET6 addrs. 1229 */ 1230 return in6_control(so, cmd, addr6, ifp); 1231 } 1232 1233 static int 1234 udp6_stat(struct socket *so, struct stat *ub) 1235 { 1236 KASSERT(solocked(so)); 1237 1238 /* stat: don't bother with a blocksize */ 1239 return 0; 1240 } 1241 1242 static int 1243 udp6_peeraddr(struct socket *so, struct sockaddr *nam) 1244 { 1245 KASSERT(solocked(so)); 1246 KASSERT(sotoinpcb(so) != NULL); 1247 KASSERT(nam != NULL); 1248 1249 in6pcb_fetch_peeraddr(sotoinpcb(so), (struct sockaddr_in6 *)nam); 1250 return 0; 1251 } 1252 1253 static int 1254 udp6_sockaddr(struct socket *so, struct sockaddr *nam) 1255 { 1256 KASSERT(solocked(so)); 1257 KASSERT(sotoinpcb(so) != NULL); 1258 KASSERT(nam != NULL); 1259 1260 in6pcb_fetch_sockaddr(sotoinpcb(so), (struct sockaddr_in6 *)nam); 1261 return 0; 1262 } 1263 1264 static int 1265 udp6_rcvd(struct socket *so, int flags, struct lwp *l) 1266 { 1267 KASSERT(solocked(so)); 1268 1269 return EOPNOTSUPP; 1270 } 1271 1272 static int 1273 udp6_recvoob(struct socket *so, struct mbuf *m, int flags) 1274 { 1275 KASSERT(solocked(so)); 1276 1277 return EOPNOTSUPP; 1278 } 1279 1280 static int 1281 udp6_send(struct socket *so, struct mbuf *m, struct sockaddr *nam, 1282 struct mbuf *control, struct lwp *l) 1283 { 1284 struct inpcb *inp = sotoinpcb(so); 1285 int error = 0; 1286 int s; 1287 1288 KASSERT(solocked(so)); 1289 KASSERT(inp != NULL); 1290 KASSERT(m != NULL); 1291 1292 s = splsoftnet(); 1293 error = udp6_output(inp, m, (struct sockaddr_in6 *)nam, control, l); 1294 splx(s); 1295 1296 return error; 1297 } 1298 1299 static int 1300 udp6_sendoob(struct socket *so, struct mbuf *m, struct mbuf *control) 1301 { 1302 KASSERT(solocked(so)); 1303 1304 m_freem(m); 1305 m_freem(control); 1306 1307 return EOPNOTSUPP; 1308 } 1309 1310 static int 1311 udp6_purgeif(struct socket *so, struct ifnet *ifp) 1312 { 1313 1314 mutex_enter(softnet_lock); 1315 in6pcb_purgeif0(&udbtable, ifp); 1316 #ifdef NET_MPSAFE 1317 mutex_exit(softnet_lock); 1318 #endif 1319 in6_purgeif(ifp); 1320 #ifdef NET_MPSAFE 1321 mutex_enter(softnet_lock); 1322 #endif 1323 in6pcb_purgeif(&udbtable, ifp); 1324 mutex_exit(softnet_lock); 1325 1326 return 0; 1327 } 1328 1329 static int 1330 sysctl_net_inet6_udp6_stats(SYSCTLFN_ARGS) 1331 { 1332 1333 return (NETSTAT_SYSCTL(udp6stat_percpu, UDP6_NSTATS)); 1334 } 1335 1336 static void 1337 sysctl_net_inet6_udp6_setup(struct sysctllog **clog) 1338 { 1339 1340 sysctl_createv(clog, 0, NULL, NULL, 1341 CTLFLAG_PERMANENT, 1342 CTLTYPE_NODE, "inet6", NULL, 1343 NULL, 0, NULL, 0, 1344 CTL_NET, PF_INET6, CTL_EOL); 1345 sysctl_createv(clog, 0, NULL, NULL, 1346 CTLFLAG_PERMANENT, 1347 CTLTYPE_NODE, "udp6", 1348 SYSCTL_DESCR("UDPv6 related settings"), 1349 NULL, 0, NULL, 0, 1350 CTL_NET, PF_INET6, IPPROTO_UDP, CTL_EOL); 1351 1352 sysctl_createv(clog, 0, NULL, NULL, 1353 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1354 CTLTYPE_INT, "sendspace", 1355 SYSCTL_DESCR("Default UDP send buffer size"), 1356 NULL, 0, &udp6_sendspace, 0, 1357 CTL_NET, PF_INET6, IPPROTO_UDP, UDP6CTL_SENDSPACE, 1358 CTL_EOL); 1359 sysctl_createv(clog, 0, NULL, NULL, 1360 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1361 CTLTYPE_INT, "recvspace", 1362 SYSCTL_DESCR("Default UDP receive buffer size"), 1363 NULL, 0, &udp6_recvspace, 0, 1364 CTL_NET, PF_INET6, IPPROTO_UDP, UDP6CTL_RECVSPACE, 1365 CTL_EOL); 1366 sysctl_createv(clog, 0, NULL, NULL, 1367 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1368 CTLTYPE_INT, "do_loopback_cksum", 1369 SYSCTL_DESCR("Perform UDP checksum on loopback"), 1370 NULL, 0, &udp_do_loopback_cksum, 0, 1371 CTL_NET, PF_INET6, IPPROTO_UDP, UDP6CTL_LOOPBACKCKSUM, 1372 CTL_EOL); 1373 sysctl_createv(clog, 0, NULL, NULL, 1374 CTLFLAG_PERMANENT, 1375 CTLTYPE_STRUCT, "pcblist", 1376 SYSCTL_DESCR("UDP protocol control block list"), 1377 sysctl_inpcblist, 0, &udbtable, 0, 1378 CTL_NET, PF_INET6, IPPROTO_UDP, CTL_CREATE, 1379 CTL_EOL); 1380 sysctl_createv(clog, 0, NULL, NULL, 1381 CTLFLAG_PERMANENT, 1382 CTLTYPE_STRUCT, "stats", 1383 SYSCTL_DESCR("UDPv6 statistics"), 1384 sysctl_net_inet6_udp6_stats, 0, NULL, 0, 1385 CTL_NET, PF_INET6, IPPROTO_UDP, UDP6CTL_STATS, 1386 CTL_EOL); 1387 } 1388 1389 void 1390 udp6_statinc(u_int stat) 1391 { 1392 1393 KASSERT(stat < UDP6_NSTATS); 1394 UDP6_STATINC(stat); 1395 } 1396 1397 #ifdef IPSEC 1398 /* 1399 * Returns: 1400 * 1 if the packet was processed 1401 * 0 if normal UDP processing should take place 1402 * -1 if an error occurred and m was freed 1403 */ 1404 static int 1405 udp6_espinudp(struct mbuf **mp, int off) 1406 { 1407 const size_t skip = sizeof(struct udphdr); 1408 size_t len; 1409 void *data; 1410 size_t minlen; 1411 int ip6hdrlen; 1412 struct ip6_hdr *ip6; 1413 struct m_tag *tag; 1414 struct udphdr *udphdr; 1415 u_int16_t sport, dport; 1416 struct mbuf *m = *mp; 1417 uint32_t *marker; 1418 1419 /* 1420 * Collapse the mbuf chain if the first mbuf is too short 1421 * The longest case is: UDP + non ESP marker + ESP 1422 */ 1423 minlen = off + sizeof(u_int64_t) + sizeof(struct esp); 1424 if (minlen > m->m_pkthdr.len) 1425 minlen = m->m_pkthdr.len; 1426 1427 if (m->m_len < minlen) { 1428 if ((*mp = m_pullup(m, minlen)) == NULL) { 1429 return -1; 1430 } 1431 m = *mp; 1432 } 1433 1434 len = m->m_len - off; 1435 data = mtod(m, char *) + off; 1436 1437 /* Ignore keepalive packets */ 1438 if ((len == 1) && (*(unsigned char *)data == 0xff)) { 1439 m_freem(m); 1440 *mp = NULL; /* avoid any further processing by caller ... */ 1441 return 1; 1442 } 1443 1444 /* Handle Non-ESP marker (32bit). If zero, then IKE. */ 1445 marker = (uint32_t *)data; 1446 if (len <= sizeof(uint32_t)) 1447 return 0; 1448 if (marker[0] == 0) 1449 return 0; 1450 1451 /* 1452 * Get the UDP ports. They are handled in network 1453 * order everywhere in IPSEC_NAT_T code. 1454 */ 1455 udphdr = (struct udphdr *)((char *)data - skip); 1456 sport = udphdr->uh_sport; 1457 dport = udphdr->uh_dport; 1458 1459 /* 1460 * Remove the UDP header (and possibly the non ESP marker) 1461 * IPv6 header length is ip6hdrlen 1462 * Before: 1463 * <---- off ---> 1464 * +-----+------+-----+ 1465 * | IP6 | UDP | ESP | 1466 * +-----+------+-----+ 1467 * <-skip-> 1468 * After: 1469 * +-----+-----+ 1470 * | IP6 | ESP | 1471 * +-----+-----+ 1472 * <-skip-> 1473 */ 1474 ip6hdrlen = off - sizeof(struct udphdr); 1475 memmove(mtod(m, char *) + skip, mtod(m, void *), ip6hdrlen); 1476 m_adj(m, skip); 1477 1478 ip6 = mtod(m, struct ip6_hdr *); 1479 ip6->ip6_plen = htons(ntohs(ip6->ip6_plen) - skip); 1480 ip6->ip6_nxt = IPPROTO_ESP; 1481 1482 /* 1483 * We have modified the packet - it is now ESP, so we should not 1484 * return to UDP processing ... 1485 * 1486 * Add a PACKET_TAG_IPSEC_NAT_T_PORT tag to remember 1487 * the source UDP port. This is required if we want 1488 * to select the right SPD for multiple hosts behind 1489 * same NAT 1490 */ 1491 if ((tag = m_tag_get(PACKET_TAG_IPSEC_NAT_T_PORTS, 1492 sizeof(sport) + sizeof(dport), M_DONTWAIT)) == NULL) { 1493 m_freem(m); 1494 return -1; 1495 } 1496 ((u_int16_t *)(tag + 1))[0] = sport; 1497 ((u_int16_t *)(tag + 1))[1] = dport; 1498 m_tag_prepend(m, tag); 1499 1500 if (ipsec_used) 1501 ipsec6_common_input(&m, &ip6hdrlen, IPPROTO_ESP); 1502 else 1503 m_freem(m); 1504 1505 /* We handled it, it shouldn't be handled by UDP */ 1506 *mp = NULL; /* avoid free by caller ... */ 1507 return 1; 1508 } 1509 #endif /* IPSEC */ 1510 1511 PR_WRAP_USRREQS(udp6) 1512 #define udp6_attach udp6_attach_wrapper 1513 #define udp6_detach udp6_detach_wrapper 1514 #define udp6_accept udp6_accept_wrapper 1515 #define udp6_bind udp6_bind_wrapper 1516 #define udp6_listen udp6_listen_wrapper 1517 #define udp6_connect udp6_connect_wrapper 1518 #define udp6_connect2 udp6_connect2_wrapper 1519 #define udp6_disconnect udp6_disconnect_wrapper 1520 #define udp6_shutdown udp6_shutdown_wrapper 1521 #define udp6_abort udp6_abort_wrapper 1522 #define udp6_ioctl udp6_ioctl_wrapper 1523 #define udp6_stat udp6_stat_wrapper 1524 #define udp6_peeraddr udp6_peeraddr_wrapper 1525 #define udp6_sockaddr udp6_sockaddr_wrapper 1526 #define udp6_rcvd udp6_rcvd_wrapper 1527 #define udp6_recvoob udp6_recvoob_wrapper 1528 #define udp6_send udp6_send_wrapper 1529 #define udp6_sendoob udp6_sendoob_wrapper 1530 #define udp6_purgeif udp6_purgeif_wrapper 1531 1532 const struct pr_usrreqs udp6_usrreqs = { 1533 .pr_attach = udp6_attach, 1534 .pr_detach = udp6_detach, 1535 .pr_accept = udp6_accept, 1536 .pr_bind = udp6_bind, 1537 .pr_listen = udp6_listen, 1538 .pr_connect = udp6_connect, 1539 .pr_connect2 = udp6_connect2, 1540 .pr_disconnect = udp6_disconnect, 1541 .pr_shutdown = udp6_shutdown, 1542 .pr_abort = udp6_abort, 1543 .pr_ioctl = udp6_ioctl, 1544 .pr_stat = udp6_stat, 1545 .pr_peeraddr = udp6_peeraddr, 1546 .pr_sockaddr = udp6_sockaddr, 1547 .pr_rcvd = udp6_rcvd, 1548 .pr_recvoob = udp6_recvoob, 1549 .pr_send = udp6_send, 1550 .pr_sendoob = udp6_sendoob, 1551 .pr_purgeif = udp6_purgeif, 1552 }; 1553