1 /* $OpenBSD: in6.c,v 1.97 2012/07/08 18:01:25 bluhm Exp $ */ 2 /* $KAME: in6.c,v 1.372 2004/06/14 08:14:21 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1991, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 * 61 * @(#)in.c 8.2 (Berkeley) 11/15/93 62 */ 63 64 #include "bridge.h" 65 #include "carp.h" 66 67 #include <sys/param.h> 68 #include <sys/ioctl.h> 69 #include <sys/errno.h> 70 #include <sys/malloc.h> 71 #include <sys/socket.h> 72 #include <sys/socketvar.h> 73 #include <sys/sockio.h> 74 #include <sys/systm.h> 75 #include <sys/proc.h> 76 #include <sys/time.h> 77 #include <sys/kernel.h> 78 #include <sys/syslog.h> 79 80 #include <net/if.h> 81 #include <net/if_types.h> 82 #include <net/route.h> 83 #include <net/if_dl.h> 84 85 #include <netinet/in.h> 86 #include <netinet/in_var.h> 87 #include <netinet/if_ether.h> 88 89 #include <netinet/ip6.h> 90 #include <netinet6/ip6_var.h> 91 #include <netinet6/nd6.h> 92 #include <netinet6/mld6_var.h> 93 #ifdef MROUTING 94 #include <netinet6/ip6_mroute.h> 95 #endif 96 #include <netinet6/in6_ifattach.h> 97 98 /* backward compatibility for a while... */ 99 #define COMPAT_IN6IFIOCTL 100 101 /* 102 * Definitions of some constant IP6 addresses. 103 */ 104 const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT; 105 const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT; 106 const struct in6_addr in6addr_intfacelocal_allnodes = 107 IN6ADDR_INTFACELOCAL_ALLNODES_INIT; 108 const struct in6_addr in6addr_linklocal_allnodes = 109 IN6ADDR_LINKLOCAL_ALLNODES_INIT; 110 111 const struct in6_addr in6mask0 = IN6MASK0; 112 const struct in6_addr in6mask32 = IN6MASK32; 113 const struct in6_addr in6mask64 = IN6MASK64; 114 const struct in6_addr in6mask96 = IN6MASK96; 115 const struct in6_addr in6mask128 = IN6MASK128; 116 117 int in6_lifaddr_ioctl(struct socket *, u_long, caddr_t, struct ifnet *, 118 struct proc *); 119 int in6_ifinit(struct ifnet *, struct in6_ifaddr *, int); 120 void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *); 121 void in6_ifloop_request(int, struct ifaddr *); 122 123 const struct sockaddr_in6 sa6_any = { 124 sizeof(sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0 125 }; 126 127 /* 128 * This structure is used to keep track of in6_multi chains which belong to 129 * deleted interface addresses. 130 */ 131 static LIST_HEAD(, multi6_kludge) in6_mk; /* XXX BSS initialization */ 132 133 struct multi6_kludge { 134 LIST_ENTRY(multi6_kludge) mk_entry; 135 struct ifnet *mk_ifp; 136 struct in6_multihead mk_head; 137 }; 138 139 /* 140 * Subroutine for in6_ifaddloop() and in6_ifremloop(). 141 * This routine does actual work. 142 */ 143 void 144 in6_ifloop_request(int cmd, struct ifaddr *ifa) 145 { 146 struct rt_addrinfo info; 147 struct sockaddr_in6 lo_sa; 148 struct sockaddr_in6 all1_sa; 149 struct rtentry *nrt = NULL; 150 int e; 151 152 bzero(&lo_sa, sizeof(lo_sa)); 153 bzero(&all1_sa, sizeof(all1_sa)); 154 lo_sa.sin6_family = all1_sa.sin6_family = AF_INET6; 155 lo_sa.sin6_len = all1_sa.sin6_len = sizeof(struct sockaddr_in6); 156 lo_sa.sin6_addr = in6addr_loopback; 157 all1_sa.sin6_addr = in6mask128; 158 159 /* 160 * We specify the address itself as the gateway, and set the 161 * RTF_LLINFO flag, so that the corresponding host route would have 162 * the flag, and thus applications that assume traditional behavior 163 * would be happy. Note that we assume the caller of the function 164 * (probably implicitly) set nd6_rtrequest() to ifa->ifa_rtrequest, 165 * which changes the outgoing interface to the loopback interface. 166 * XXX only table 0 for now 167 */ 168 bzero(&info, sizeof(info)); 169 info.rti_flags = RTF_UP | RTF_HOST | RTF_LLINFO; 170 info.rti_info[RTAX_DST] = ifa->ifa_addr; 171 if (cmd != RTM_DELETE) 172 info.rti_info[RTAX_GATEWAY] = ifa->ifa_addr; 173 info.rti_info[RTAX_NETMASK] = (struct sockaddr *)&all1_sa; 174 e = rtrequest1(cmd, &info, RTP_CONNECTED, &nrt, 175 ifa->ifa_ifp->if_rdomain); 176 if (e != 0) { 177 log(LOG_ERR, "in6_ifloop_request: " 178 "%s operation failed for %s (errno=%d)\n", 179 cmd == RTM_ADD ? "ADD" : "DELETE", 180 ip6_sprintf(&ifatoia6(ifa)->ia_addr.sin6_addr), e); 181 } 182 183 /* 184 * Make sure rt_ifa be equal to IFA, the second argument of the 185 * function. 186 * We need this because when we refer to rt_ifa->ia6_flags in 187 * ip6_input, we assume that the rt_ifa points to the address instead 188 * of the loopback address. 189 */ 190 if (cmd == RTM_ADD && nrt && ifa != nrt->rt_ifa) { 191 IFAFREE(nrt->rt_ifa); 192 ifa->ifa_refcnt++; 193 nrt->rt_ifa = ifa; 194 } 195 196 /* 197 * Report the addition/removal of the address to the routing socket. 198 * XXX: since we called rtinit for a p2p interface with a destination, 199 * we end up reporting twice in such a case. Should we rather 200 * omit the second report? 201 */ 202 if (nrt) { 203 rt_newaddrmsg(cmd, ifa, e, nrt); 204 if (cmd == RTM_DELETE) { 205 if (nrt->rt_refcnt <= 0) { 206 /* XXX: we should free the entry ourselves. */ 207 nrt->rt_refcnt++; 208 rtfree(nrt); 209 } 210 } else { 211 /* the cmd must be RTM_ADD here */ 212 nrt->rt_refcnt--; 213 } 214 } 215 } 216 217 /* 218 * Add ownaddr as loopback rtentry. We previously add the route only if 219 * necessary (ex. on a p2p link). However, since we now manage addresses 220 * separately from prefixes, we should always add the route. We can't 221 * rely on the cloning mechanism from the corresponding interface route 222 * any more. 223 */ 224 void 225 in6_ifaddloop(struct ifaddr *ifa) 226 { 227 struct rtentry *rt; 228 229 /* If there is no loopback entry, allocate one. */ 230 rt = rtalloc1(ifa->ifa_addr, 0, ifa->ifa_ifp->if_rdomain); 231 if (rt == NULL || (rt->rt_flags & RTF_HOST) == 0 || 232 (rt->rt_ifp->if_flags & IFF_LOOPBACK) == 0) 233 in6_ifloop_request(RTM_ADD, ifa); 234 if (rt) 235 rt->rt_refcnt--; 236 } 237 238 /* 239 * Remove loopback rtentry of ownaddr generated by in6_ifaddloop(), 240 * if it exists. 241 */ 242 void 243 in6_ifremloop(struct ifaddr *ifa) 244 { 245 struct in6_ifaddr *ia; 246 struct rtentry *rt; 247 int ia_count = 0; 248 249 /* 250 * Some of BSD variants do not remove cloned routes 251 * from an interface direct route, when removing the direct route 252 * (see comments in net/net_osdep.h). Even for variants that do remove 253 * cloned routes, they could fail to remove the cloned routes when 254 * we handle multple addresses that share a common prefix. 255 * So, we should remove the route corresponding to the deleted address. 256 */ 257 258 /* 259 * Delete the entry only if exact one ifa exists. More than one ifa 260 * can exist if we assign a same single address to multiple 261 * (probably p2p) interfaces. 262 * XXX: we should avoid such a configuration in IPv6... 263 */ 264 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 265 if (IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &ia->ia_addr.sin6_addr)) { 266 ia_count++; 267 if (ia_count > 1) 268 break; 269 } 270 } 271 272 if (ia_count == 1) { 273 /* 274 * Before deleting, check if a corresponding loopbacked host 275 * route surely exists. With this check, we can avoid to 276 * delete an interface direct route whose destination is same 277 * as the address being removed. This can happen when removing 278 * a subnet-router anycast address on an interface attached 279 * to a shared medium. 280 */ 281 rt = rtalloc1(ifa->ifa_addr, 0, 0); 282 if (rt != NULL && (rt->rt_flags & RTF_HOST) != 0 && 283 (rt->rt_ifp->if_flags & IFF_LOOPBACK) != 0) { 284 rt->rt_refcnt--; 285 in6_ifloop_request(RTM_DELETE, ifa); 286 } 287 } 288 } 289 290 int 291 in6_mask2len(struct in6_addr *mask, u_char *lim0) 292 { 293 int x = 0, y; 294 u_char *lim = lim0, *p; 295 296 /* ignore the scope_id part */ 297 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask)) 298 lim = (u_char *)mask + sizeof(*mask); 299 for (p = (u_char *)mask; p < lim; x++, p++) { 300 if (*p != 0xff) 301 break; 302 } 303 y = 0; 304 if (p < lim) { 305 for (y = 0; y < 8; y++) { 306 if ((*p & (0x80 >> y)) == 0) 307 break; 308 } 309 } 310 311 /* 312 * when the limit pointer is given, do a stricter check on the 313 * remaining bits. 314 */ 315 if (p < lim) { 316 if (y != 0 && (*p & (0x00ff >> y)) != 0) 317 return (-1); 318 for (p = p + 1; p < lim; p++) 319 if (*p != 0) 320 return (-1); 321 } 322 323 return x * 8 + y; 324 } 325 326 int 327 in6_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp, 328 struct proc *p) 329 { 330 struct in6_ifreq *ifr = (struct in6_ifreq *)data; 331 struct in6_ifaddr *ia = NULL; 332 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data; 333 struct sockaddr_in6 *sa6; 334 int privileged; 335 336 privileged = 0; 337 if ((so->so_state & SS_PRIV) != 0) 338 privileged++; 339 340 #ifdef MROUTING 341 switch (cmd) { 342 case SIOCGETSGCNT_IN6: 343 case SIOCGETMIFCNT_IN6: 344 return (mrt6_ioctl(cmd, data)); 345 } 346 #endif 347 348 if (ifp == NULL) 349 return (EOPNOTSUPP); 350 351 switch (cmd) { 352 case SIOCSNDFLUSH_IN6: 353 case SIOCSPFXFLUSH_IN6: 354 case SIOCSRTRFLUSH_IN6: 355 case SIOCSDEFIFACE_IN6: 356 case SIOCSIFINFO_FLAGS: 357 if (!privileged) 358 return (EPERM); 359 /* FALLTHROUGH */ 360 case OSIOCGIFINFO_IN6: 361 case SIOCGIFINFO_IN6: 362 case SIOCGDRLST_IN6: 363 case SIOCGPRLST_IN6: 364 case SIOCGNBRINFO_IN6: 365 case SIOCGDEFIFACE_IN6: 366 return (nd6_ioctl(cmd, data, ifp)); 367 } 368 369 switch (cmd) { 370 case SIOCSIFPREFIX_IN6: 371 case SIOCDIFPREFIX_IN6: 372 case SIOCAIFPREFIX_IN6: 373 case SIOCCIFPREFIX_IN6: 374 case SIOCSGIFPREFIX_IN6: 375 case SIOCGIFPREFIX_IN6: 376 log(LOG_NOTICE, 377 "prefix ioctls are now invalidated. " 378 "please use ifconfig.\n"); 379 return (EOPNOTSUPP); 380 } 381 382 switch (cmd) { 383 case SIOCALIFADDR: 384 case SIOCDLIFADDR: 385 if (!privileged) 386 return (EPERM); 387 /* FALLTHROUGH */ 388 case SIOCGLIFADDR: 389 return in6_lifaddr_ioctl(so, cmd, data, ifp, p); 390 } 391 392 /* 393 * Find address for this interface, if it exists. 394 * 395 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation 396 * only, and used the first interface address as the target of other 397 * operations (without checking ifra_addr). This was because netinet 398 * code/API assumed at most 1 interface address per interface. 399 * Since IPv6 allows a node to assign multiple addresses 400 * on a single interface, we almost always look and check the 401 * presence of ifra_addr, and reject invalid ones here. 402 * It also decreases duplicated code among SIOC*_IN6 operations. 403 */ 404 switch (cmd) { 405 case SIOCAIFADDR_IN6: 406 case SIOCSIFPHYADDR_IN6: 407 sa6 = &ifra->ifra_addr; 408 break; 409 case SIOCSIFADDR_IN6: 410 case SIOCGIFADDR_IN6: 411 case SIOCSIFDSTADDR_IN6: 412 case SIOCSIFNETMASK_IN6: 413 case SIOCGIFDSTADDR_IN6: 414 case SIOCGIFNETMASK_IN6: 415 case SIOCDIFADDR_IN6: 416 case SIOCGIFPSRCADDR_IN6: 417 case SIOCGIFPDSTADDR_IN6: 418 case SIOCGIFAFLAG_IN6: 419 case SIOCSNDFLUSH_IN6: 420 case SIOCSPFXFLUSH_IN6: 421 case SIOCSRTRFLUSH_IN6: 422 case SIOCGIFALIFETIME_IN6: 423 case SIOCSIFALIFETIME_IN6: 424 case SIOCGIFSTAT_IN6: 425 case SIOCGIFSTAT_ICMP6: 426 sa6 = &ifr->ifr_addr; 427 break; 428 default: 429 sa6 = NULL; 430 break; 431 } 432 if (sa6 && sa6->sin6_family == AF_INET6) { 433 if (IN6_IS_ADDR_LINKLOCAL(&sa6->sin6_addr)) { 434 if (sa6->sin6_addr.s6_addr16[1] == 0) { 435 /* link ID is not embedded by the user */ 436 sa6->sin6_addr.s6_addr16[1] = 437 htons(ifp->if_index); 438 } else if (sa6->sin6_addr.s6_addr16[1] != 439 htons(ifp->if_index)) { 440 return (EINVAL); /* link ID contradicts */ 441 } 442 if (sa6->sin6_scope_id) { 443 if (sa6->sin6_scope_id != 444 (u_int32_t)ifp->if_index) 445 return (EINVAL); 446 sa6->sin6_scope_id = 0; /* XXX: good way? */ 447 } 448 } 449 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr); 450 } else 451 ia = NULL; 452 453 switch (cmd) { 454 case SIOCSIFADDR_IN6: 455 case SIOCSIFDSTADDR_IN6: 456 case SIOCSIFNETMASK_IN6: 457 /* 458 * Since IPv6 allows a node to assign multiple addresses 459 * on a single interface, SIOCSIFxxx ioctls are deprecated. 460 */ 461 return (EINVAL); 462 463 case SIOCDIFADDR_IN6: 464 /* 465 * for IPv4, we look for existing in_ifaddr here to allow 466 * "ifconfig if0 delete" to remove the first IPv4 address on 467 * the interface. For IPv6, as the spec allows multiple 468 * interface address from the day one, we consider "remove the 469 * first one" semantics to be not preferable. 470 */ 471 if (ia == NULL) 472 return (EADDRNOTAVAIL); 473 /* FALLTHROUGH */ 474 case SIOCAIFADDR_IN6: 475 /* 476 * We always require users to specify a valid IPv6 address for 477 * the corresponding operation. 478 */ 479 if (ifra->ifra_addr.sin6_family != AF_INET6 || 480 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) 481 return (EAFNOSUPPORT); 482 if (!privileged) 483 return (EPERM); 484 485 break; 486 487 case SIOCGIFADDR_IN6: 488 /* This interface is basically deprecated. use SIOCGIFCONF. */ 489 /* FALLTHROUGH */ 490 case SIOCGIFAFLAG_IN6: 491 case SIOCGIFNETMASK_IN6: 492 case SIOCGIFDSTADDR_IN6: 493 case SIOCGIFALIFETIME_IN6: 494 /* must think again about its semantics */ 495 if (ia == NULL) 496 return (EADDRNOTAVAIL); 497 break; 498 case SIOCSIFALIFETIME_IN6: 499 { 500 struct in6_addrlifetime *lt; 501 502 if (!privileged) 503 return (EPERM); 504 if (ia == NULL) 505 return (EADDRNOTAVAIL); 506 /* sanity for overflow - beware unsigned */ 507 lt = &ifr->ifr_ifru.ifru_lifetime; 508 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME 509 && lt->ia6t_vltime + time_second < time_second) { 510 return EINVAL; 511 } 512 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME 513 && lt->ia6t_pltime + time_second < time_second) { 514 return EINVAL; 515 } 516 break; 517 } 518 } 519 520 switch (cmd) { 521 522 case SIOCGIFADDR_IN6: 523 ifr->ifr_addr = ia->ia_addr; 524 break; 525 526 case SIOCGIFDSTADDR_IN6: 527 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) 528 return (EINVAL); 529 /* 530 * XXX: should we check if ifa_dstaddr is NULL and return 531 * an error? 532 */ 533 ifr->ifr_dstaddr = ia->ia_dstaddr; 534 break; 535 536 case SIOCGIFNETMASK_IN6: 537 ifr->ifr_addr = ia->ia_prefixmask; 538 break; 539 540 case SIOCGIFAFLAG_IN6: 541 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags; 542 break; 543 544 case SIOCGIFSTAT_IN6: 545 if (ifp == NULL) 546 return EINVAL; 547 bzero(&ifr->ifr_ifru.ifru_stat, 548 sizeof(ifr->ifr_ifru.ifru_stat)); 549 ifr->ifr_ifru.ifru_stat = 550 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat; 551 break; 552 553 case SIOCGIFSTAT_ICMP6: 554 if (ifp == NULL) 555 return EINVAL; 556 bzero(&ifr->ifr_ifru.ifru_icmp6stat, 557 sizeof(ifr->ifr_ifru.ifru_icmp6stat)); 558 ifr->ifr_ifru.ifru_icmp6stat = 559 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat; 560 break; 561 562 case SIOCGIFALIFETIME_IN6: 563 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime; 564 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 565 time_t maxexpire; 566 struct in6_addrlifetime *retlt = 567 &ifr->ifr_ifru.ifru_lifetime; 568 569 /* 570 * XXX: adjust expiration time assuming time_t is 571 * signed. 572 */ 573 maxexpire = (-1) & 574 ~(1 << ((sizeof(maxexpire) * 8) - 1)); 575 if (ia->ia6_lifetime.ia6t_vltime < 576 maxexpire - ia->ia6_updatetime) { 577 retlt->ia6t_expire = ia->ia6_updatetime + 578 ia->ia6_lifetime.ia6t_vltime; 579 } else 580 retlt->ia6t_expire = maxexpire; 581 } 582 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 583 time_t maxexpire; 584 struct in6_addrlifetime *retlt = 585 &ifr->ifr_ifru.ifru_lifetime; 586 587 /* 588 * XXX: adjust expiration time assuming time_t is 589 * signed. 590 */ 591 maxexpire = (-1) & 592 ~(1 << ((sizeof(maxexpire) * 8) - 1)); 593 if (ia->ia6_lifetime.ia6t_pltime < 594 maxexpire - ia->ia6_updatetime) { 595 retlt->ia6t_preferred = ia->ia6_updatetime + 596 ia->ia6_lifetime.ia6t_pltime; 597 } else 598 retlt->ia6t_preferred = maxexpire; 599 } 600 break; 601 602 case SIOCSIFALIFETIME_IN6: 603 ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime; 604 /* for sanity */ 605 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 606 ia->ia6_lifetime.ia6t_expire = 607 time_second + ia->ia6_lifetime.ia6t_vltime; 608 } else 609 ia->ia6_lifetime.ia6t_expire = 0; 610 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 611 ia->ia6_lifetime.ia6t_preferred = 612 time_second + ia->ia6_lifetime.ia6t_pltime; 613 } else 614 ia->ia6_lifetime.ia6t_preferred = 0; 615 break; 616 617 case SIOCAIFADDR_IN6: 618 { 619 int i, error = 0; 620 struct nd_prefix pr0, *pr; 621 int s; 622 623 /* reject read-only flags */ 624 if ((ifra->ifra_flags & IN6_IFF_DUPLICATED) != 0 || 625 (ifra->ifra_flags & IN6_IFF_DETACHED) != 0 || 626 (ifra->ifra_flags & IN6_IFF_NODAD) != 0 || 627 (ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0) { 628 return (EINVAL); 629 } 630 /* 631 * first, make or update the interface address structure, 632 * and link it to the list. 633 */ 634 s = splsoftnet(); 635 error = in6_update_ifa(ifp, ifra, ia); 636 splx(s); 637 if (error != 0) 638 return (error); 639 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr)) 640 == NULL) { 641 /* 642 * this can happen when the user specify the 0 valid 643 * lifetime. 644 */ 645 break; 646 } 647 648 /* 649 * then, make the prefix on-link on the interface. 650 * XXX: we'd rather create the prefix before the address, but 651 * we need at least one address to install the corresponding 652 * interface route, so we configure the address first. 653 */ 654 655 /* 656 * convert mask to prefix length (prefixmask has already 657 * been validated in in6_update_ifa(). 658 */ 659 bzero(&pr0, sizeof(pr0)); 660 pr0.ndpr_ifp = ifp; 661 pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 662 NULL); 663 if (pr0.ndpr_plen == 128) { 664 dohooks(ifp->if_addrhooks, 0); 665 break; /* we don't need to install a host route. */ 666 } 667 pr0.ndpr_prefix = ifra->ifra_addr; 668 pr0.ndpr_mask = ifra->ifra_prefixmask.sin6_addr; 669 /* apply the mask for safety. */ 670 for (i = 0; i < 4; i++) { 671 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &= 672 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i]; 673 } 674 /* 675 * XXX: since we don't have an API to set prefix (not address) 676 * lifetimes, we just use the same lifetimes as addresses. 677 * The (temporarily) installed lifetimes can be overridden by 678 * later advertised RAs (when accept_rtadv is non 0), which is 679 * an intended behavior. 680 */ 681 pr0.ndpr_raf_onlink = 1; /* should be configurable? */ 682 pr0.ndpr_raf_auto = 683 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0); 684 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime; 685 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime; 686 687 /* add the prefix if not yet. */ 688 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) { 689 /* 690 * nd6_prelist_add will install the corresponding 691 * interface route. 692 */ 693 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) 694 return (error); 695 if (pr == NULL) { 696 log(LOG_ERR, "nd6_prelist_add succeeded but " 697 "no prefix\n"); 698 return (EINVAL); /* XXX panic here? */ 699 } 700 } 701 702 /* relate the address to the prefix */ 703 if (ia->ia6_ndpr == NULL) { 704 ia->ia6_ndpr = pr; 705 pr->ndpr_refcnt++; 706 } 707 708 /* 709 * this might affect the status of autoconfigured addresses, 710 * that is, this address might make other addresses detached. 711 */ 712 pfxlist_onlink_check(); 713 714 dohooks(ifp->if_addrhooks, 0); 715 break; 716 } 717 718 case SIOCDIFADDR_IN6: 719 { 720 int i = 0, purgeprefix = 0; 721 struct nd_prefix pr0, *pr = NULL; 722 723 /* 724 * If the address being deleted is the only one that owns 725 * the corresponding prefix, expire the prefix as well. 726 * XXX: theoretically, we don't have to worry about such 727 * relationship, since we separate the address management 728 * and the prefix management. We do this, however, to provide 729 * as much backward compatibility as possible in terms of 730 * the ioctl operation. 731 */ 732 bzero(&pr0, sizeof(pr0)); 733 pr0.ndpr_ifp = ifp; 734 pr0.ndpr_plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, 735 NULL); 736 if (pr0.ndpr_plen == 128) 737 goto purgeaddr; 738 pr0.ndpr_prefix = ia->ia_addr; 739 pr0.ndpr_mask = ia->ia_prefixmask.sin6_addr; 740 for (i = 0; i < 4; i++) { 741 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &= 742 ia->ia_prefixmask.sin6_addr.s6_addr32[i]; 743 } 744 if ((pr = nd6_prefix_lookup(&pr0)) != NULL && 745 pr == ia->ia6_ndpr) { 746 pr->ndpr_refcnt--; 747 if (pr->ndpr_refcnt == 0) 748 purgeprefix = 1; 749 } 750 751 purgeaddr: 752 in6_purgeaddr(&ia->ia_ifa); 753 if (pr && purgeprefix) 754 prelist_remove(pr); 755 dohooks(ifp->if_addrhooks, 0); 756 break; 757 } 758 759 default: 760 if (ifp == NULL || ifp->if_ioctl == 0) 761 return (EOPNOTSUPP); 762 return ((*ifp->if_ioctl)(ifp, cmd, data)); 763 } 764 765 return (0); 766 } 767 768 /* 769 * Update parameters of an IPv6 interface address. 770 * If necessary, a new entry is created and linked into address chains. 771 * This function is separated from in6_control(). 772 */ 773 int 774 in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, 775 struct in6_ifaddr *ia) 776 { 777 int error = 0, hostIsNew = 0, plen = -1; 778 struct in6_ifaddr *oia; 779 struct sockaddr_in6 dst6; 780 struct in6_addrlifetime *lt; 781 struct in6_multi_mship *imm; 782 struct rtentry *rt; 783 784 splsoftassert(IPL_SOFTNET); 785 786 /* Validate parameters */ 787 if (ifp == NULL || ifra == NULL) /* this maybe redundant */ 788 return (EINVAL); 789 790 /* 791 * The destination address for a p2p link must have a family 792 * of AF_UNSPEC or AF_INET6. 793 */ 794 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && 795 ifra->ifra_dstaddr.sin6_family != AF_INET6 && 796 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC) 797 return (EAFNOSUPPORT); 798 799 /* must have link-local */ 800 if (ifp->if_xflags & IFXF_NOINET6) 801 return (EAFNOSUPPORT); 802 803 /* 804 * validate ifra_prefixmask. don't check sin6_family, netmask 805 * does not carry fields other than sin6_len. 806 */ 807 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6)) 808 return (EINVAL); 809 /* 810 * Because the IPv6 address architecture is classless, we require 811 * users to specify a (non 0) prefix length (mask) for a new address. 812 * We also require the prefix (when specified) mask is valid, and thus 813 * reject a non-consecutive mask. 814 */ 815 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0) 816 return (EINVAL); 817 if (ifra->ifra_prefixmask.sin6_len != 0) { 818 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 819 (u_char *)&ifra->ifra_prefixmask + 820 ifra->ifra_prefixmask.sin6_len); 821 if (plen <= 0) 822 return (EINVAL); 823 } else { 824 /* 825 * In this case, ia must not be NULL. We just use its prefix 826 * length. 827 */ 828 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 829 } 830 /* 831 * If the destination address on a p2p interface is specified, 832 * and the address is a scoped one, validate/set the scope 833 * zone identifier. 834 */ 835 dst6 = ifra->ifra_dstaddr; 836 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 && 837 (dst6.sin6_family == AF_INET6)) { 838 /* link-local index check: should be a separate function? */ 839 if (IN6_IS_ADDR_LINKLOCAL(&dst6.sin6_addr)) { 840 if (dst6.sin6_addr.s6_addr16[1] == 0) { 841 /* 842 * interface ID is not embedded by 843 * the user 844 */ 845 dst6.sin6_addr.s6_addr16[1] = 846 htons(ifp->if_index); 847 } else if (dst6.sin6_addr.s6_addr16[1] != 848 htons(ifp->if_index)) { 849 return (EINVAL); /* ifid contradicts */ 850 } 851 } 852 } 853 /* 854 * The destination address can be specified only for a p2p or a 855 * loopback interface. If specified, the corresponding prefix length 856 * must be 128. 857 */ 858 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) { 859 #ifdef FORCE_P2PPLEN 860 int i; 861 #endif 862 863 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) { 864 /* XXX: noisy message */ 865 nd6log((LOG_INFO, "in6_update_ifa: a destination can " 866 "be specified for a p2p or a loopback IF only\n")); 867 return (EINVAL); 868 } 869 if (plen != 128) { 870 nd6log((LOG_INFO, "in6_update_ifa: prefixlen should " 871 "be 128 when dstaddr is specified\n")); 872 #ifdef FORCE_P2PPLEN 873 /* 874 * To be compatible with old configurations, 875 * such as ifconfig gif0 inet6 2001::1 2001::2 876 * prefixlen 126, we override the specified 877 * prefixmask as if the prefix length was 128. 878 */ 879 ifra->ifra_prefixmask.sin6_len = 880 sizeof(struct sockaddr_in6); 881 for (i = 0; i < 4; i++) 882 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i] = 883 0xffffffff; 884 plen = 128; 885 #else 886 return (EINVAL); 887 #endif 888 } 889 } 890 /* lifetime consistency check */ 891 lt = &ifra->ifra_lifetime; 892 if (lt->ia6t_pltime > lt->ia6t_vltime) 893 return (EINVAL); 894 if (lt->ia6t_vltime == 0) { 895 /* 896 * the following log might be noisy, but this is a typical 897 * configuration mistake or a tool's bug. 898 */ 899 nd6log((LOG_INFO, 900 "in6_update_ifa: valid lifetime is 0 for %s\n", 901 ip6_sprintf(&ifra->ifra_addr.sin6_addr))); 902 903 if (ia == NULL) 904 return (0); /* there's nothing to do */ 905 } 906 907 /* 908 * If this is a new address, allocate a new ifaddr and link it 909 * into chains. 910 */ 911 if (ia == NULL) { 912 hostIsNew = 1; 913 ia = malloc(sizeof(*ia), M_IFADDR, M_WAITOK | M_ZERO); 914 LIST_INIT(&ia->ia6_memberships); 915 /* Initialize the address and masks, and put time stamp */ 916 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr; 917 ia->ia_addr.sin6_family = AF_INET6; 918 ia->ia_addr.sin6_len = sizeof(ia->ia_addr); 919 ia->ia6_createtime = ia->ia6_updatetime = time_second; 920 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) { 921 /* 922 * XXX: some functions expect that ifa_dstaddr is not 923 * NULL for p2p interfaces. 924 */ 925 ia->ia_ifa.ifa_dstaddr = 926 (struct sockaddr *)&ia->ia_dstaddr; 927 } else { 928 ia->ia_ifa.ifa_dstaddr = NULL; 929 } 930 ia->ia_ifa.ifa_netmask = 931 (struct sockaddr *)&ia->ia_prefixmask; 932 933 ia->ia_ifp = ifp; 934 if ((oia = in6_ifaddr) != NULL) { 935 for ( ; oia->ia_next; oia = oia->ia_next) 936 continue; 937 oia->ia_next = ia; 938 } else 939 in6_ifaddr = ia; 940 ia->ia_addr = ifra->ifra_addr; 941 ifa_add(ifp, &ia->ia_ifa); 942 } 943 944 /* set prefix mask */ 945 if (ifra->ifra_prefixmask.sin6_len) { 946 /* 947 * We prohibit changing the prefix length of an existing 948 * address, because 949 * + such an operation should be rare in IPv6, and 950 * + the operation would confuse prefix management. 951 */ 952 if (ia->ia_prefixmask.sin6_len && 953 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) { 954 nd6log((LOG_INFO, "in6_update_ifa: the prefix length of an" 955 " existing (%s) address should not be changed\n", 956 ip6_sprintf(&ia->ia_addr.sin6_addr))); 957 error = EINVAL; 958 goto unlink; 959 } 960 ia->ia_prefixmask = ifra->ifra_prefixmask; 961 } 962 963 /* 964 * If a new destination address is specified, scrub the old one and 965 * install the new destination. Note that the interface must be 966 * p2p or loopback (see the check above.) 967 */ 968 if (dst6.sin6_family == AF_INET6 && 969 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, &ia->ia_dstaddr.sin6_addr)) { 970 int e; 971 972 if ((ia->ia_flags & IFA_ROUTE) != 0 && 973 (e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) != 0) { 974 nd6log((LOG_ERR, "in6_update_ifa: failed to remove " 975 "a route to the old destination: %s\n", 976 ip6_sprintf(&ia->ia_addr.sin6_addr))); 977 /* proceed anyway... */ 978 } else 979 ia->ia_flags &= ~IFA_ROUTE; 980 ia->ia_dstaddr = dst6; 981 } 982 983 /* 984 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred 985 * to see if the address is deprecated or invalidated, but initialize 986 * these members for applications. 987 */ 988 ia->ia6_lifetime = ifra->ifra_lifetime; 989 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 990 ia->ia6_lifetime.ia6t_expire = 991 time_second + ia->ia6_lifetime.ia6t_vltime; 992 } else 993 ia->ia6_lifetime.ia6t_expire = 0; 994 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 995 ia->ia6_lifetime.ia6t_preferred = 996 time_second + ia->ia6_lifetime.ia6t_pltime; 997 } else 998 ia->ia6_lifetime.ia6t_preferred = 0; 999 1000 /* reset the interface and routing table appropriately. */ 1001 if ((error = in6_ifinit(ifp, ia, hostIsNew)) != 0) 1002 goto unlink; 1003 1004 /* 1005 * configure address flags. 1006 */ 1007 ia->ia6_flags = ifra->ifra_flags; 1008 /* 1009 * backward compatibility - if IN6_IFF_DEPRECATED is set from the 1010 * userland, make it deprecated. 1011 */ 1012 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) { 1013 ia->ia6_lifetime.ia6t_pltime = 0; 1014 ia->ia6_lifetime.ia6t_preferred = time_second; 1015 } 1016 /* 1017 * Make the address tentative before joining multicast addresses, 1018 * so that corresponding MLD responses would not have a tentative 1019 * source address. 1020 */ 1021 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */ 1022 if (hostIsNew && in6if_do_dad(ifp)) 1023 ia->ia6_flags |= IN6_IFF_TENTATIVE; 1024 1025 /* 1026 * We are done if we have simply modified an existing address. 1027 */ 1028 if (!hostIsNew) 1029 return (error); 1030 1031 /* 1032 * Beyond this point, we should call in6_purgeaddr upon an error, 1033 * not just go to unlink. 1034 */ 1035 1036 /* join necessary multiast groups */ 1037 if ((ifp->if_flags & IFF_MULTICAST) != 0) { 1038 struct sockaddr_in6 mltaddr, mltmask; 1039 1040 /* join solicited multicast addr for new host id */ 1041 struct sockaddr_in6 llsol; 1042 1043 bzero(&llsol, sizeof(llsol)); 1044 llsol.sin6_family = AF_INET6; 1045 llsol.sin6_len = sizeof(llsol); 1046 llsol.sin6_addr.s6_addr16[0] = htons(0xff02); 1047 llsol.sin6_addr.s6_addr16[1] = htons(ifp->if_index); 1048 llsol.sin6_addr.s6_addr32[1] = 0; 1049 llsol.sin6_addr.s6_addr32[2] = htonl(1); 1050 llsol.sin6_addr.s6_addr32[3] = 1051 ifra->ifra_addr.sin6_addr.s6_addr32[3]; 1052 llsol.sin6_addr.s6_addr8[12] = 0xff; 1053 imm = in6_joingroup(ifp, &llsol.sin6_addr, &error); 1054 if (!imm) { 1055 nd6log((LOG_ERR, "in6_update_ifa: " 1056 "addmulti failed for %s on %s (errno=%d)\n", 1057 ip6_sprintf(&llsol.sin6_addr), 1058 ifp->if_xname, error)); 1059 goto cleanup; 1060 } 1061 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1062 1063 bzero(&mltmask, sizeof(mltmask)); 1064 mltmask.sin6_len = sizeof(struct sockaddr_in6); 1065 mltmask.sin6_family = AF_INET6; 1066 mltmask.sin6_addr = in6mask32; 1067 1068 /* 1069 * join link-local all-nodes address 1070 */ 1071 bzero(&mltaddr, sizeof(mltaddr)); 1072 mltaddr.sin6_len = sizeof(struct sockaddr_in6); 1073 mltaddr.sin6_family = AF_INET6; 1074 mltaddr.sin6_addr = in6addr_linklocal_allnodes; 1075 mltaddr.sin6_addr.s6_addr16[1] = htons(ifp->if_index); 1076 mltaddr.sin6_scope_id = 0; 1077 1078 /* 1079 * XXX: do we really need this automatic routes? 1080 * We should probably reconsider this stuff. Most applications 1081 * actually do not need the routes, since they usually specify 1082 * the outgoing interface. 1083 */ 1084 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, ifp->if_rdomain); 1085 if (rt) { 1086 /* 1087 * 32bit came from "mltmask" 1088 */ 1089 if (memcmp(&mltaddr.sin6_addr, 1090 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 1091 32 / 8)) { 1092 RTFREE(rt); 1093 rt = NULL; 1094 } 1095 } 1096 if (!rt) { 1097 struct rt_addrinfo info; 1098 1099 bzero(&info, sizeof(info)); 1100 info.rti_info[RTAX_DST] = (struct sockaddr *)&mltaddr; 1101 info.rti_info[RTAX_GATEWAY] = 1102 (struct sockaddr *)&ia->ia_addr; 1103 info.rti_info[RTAX_NETMASK] = 1104 (struct sockaddr *)&mltmask; 1105 info.rti_info[RTAX_IFA] = 1106 (struct sockaddr *)&ia->ia_addr; 1107 /* XXX: we need RTF_CLONING to fake nd6_rtrequest */ 1108 info.rti_flags = RTF_UP | RTF_CLONING; 1109 error = rtrequest1(RTM_ADD, &info, RTP_CONNECTED, NULL, 1110 ifp->if_rdomain); 1111 if (error) 1112 goto cleanup; 1113 } else { 1114 RTFREE(rt); 1115 } 1116 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error); 1117 if (!imm) { 1118 nd6log((LOG_WARNING, 1119 "in6_update_ifa: addmulti failed for " 1120 "%s on %s (errno=%d)\n", 1121 ip6_sprintf(&mltaddr.sin6_addr), 1122 ifp->if_xname, error)); 1123 goto cleanup; 1124 } 1125 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1126 1127 /* 1128 * join node information group address 1129 */ 1130 if (in6_nigroup(ifp, hostname, hostnamelen, &mltaddr) == 0) { 1131 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error); 1132 if (!imm) { 1133 nd6log((LOG_WARNING, "in6_update_ifa: " 1134 "addmulti failed for %s on %s (errno=%d)\n", 1135 ip6_sprintf(&mltaddr.sin6_addr), 1136 ifp->if_xname, error)); 1137 /* XXX not very fatal, go on... */ 1138 } else { 1139 LIST_INSERT_HEAD(&ia->ia6_memberships, 1140 imm, i6mm_chain); 1141 } 1142 } 1143 1144 /* 1145 * join interface-local all-nodes address. 1146 * (ff01::1%ifN, and ff01::%ifN/32) 1147 */ 1148 bzero(&mltaddr.sin6_addr, sizeof(mltaddr.sin6_addr)); 1149 mltaddr.sin6_len = sizeof(struct sockaddr_in6); 1150 mltaddr.sin6_family = AF_INET6; 1151 mltaddr.sin6_addr = in6addr_intfacelocal_allnodes; 1152 mltaddr.sin6_addr.s6_addr16[1] = htons(ifp->if_index); 1153 mltaddr.sin6_scope_id = 0; 1154 1155 /* XXX: again, do we really need the route? */ 1156 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, ifp->if_rdomain); 1157 if (rt) { 1158 /* 32bit came from "mltmask" */ 1159 if (memcmp(&mltaddr.sin6_addr, 1160 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 1161 32 / 8)) { 1162 RTFREE(rt); 1163 rt = NULL; 1164 } 1165 } 1166 if (!rt) { 1167 struct rt_addrinfo info; 1168 1169 bzero(&info, sizeof(info)); 1170 info.rti_info[RTAX_DST] = (struct sockaddr *)&mltaddr; 1171 info.rti_info[RTAX_GATEWAY] = 1172 (struct sockaddr *)&ia->ia_addr; 1173 info.rti_info[RTAX_NETMASK] = 1174 (struct sockaddr *)&mltmask; 1175 info.rti_info[RTAX_IFA] = 1176 (struct sockaddr *)&ia->ia_addr; 1177 info.rti_flags = RTF_UP | RTF_CLONING; 1178 error = rtrequest1(RTM_ADD, &info, RTP_CONNECTED, 1179 NULL, ifp->if_rdomain); 1180 if (error) 1181 goto cleanup; 1182 } else { 1183 RTFREE(rt); 1184 } 1185 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error); 1186 if (!imm) { 1187 nd6log((LOG_WARNING, "in6_update_ifa: " 1188 "addmulti failed for %s on %s (errno=%d)\n", 1189 ip6_sprintf(&mltaddr.sin6_addr), 1190 ifp->if_xname, error)); 1191 goto cleanup; 1192 } 1193 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1194 } 1195 1196 /* 1197 * Perform DAD, if needed. 1198 * XXX It may be of use, if we can administratively 1199 * disable DAD. 1200 */ 1201 if (hostIsNew && in6if_do_dad(ifp) && 1202 (ifra->ifra_flags & IN6_IFF_NODAD) == 0) 1203 { 1204 nd6_dad_start(&ia->ia_ifa, NULL); 1205 } 1206 1207 return (error); 1208 1209 unlink: 1210 /* 1211 * XXX: if a change of an existing address failed, keep the entry 1212 * anyway. 1213 */ 1214 if (hostIsNew) 1215 in6_unlink_ifa(ia, ifp); 1216 return (error); 1217 1218 cleanup: 1219 in6_purgeaddr(&ia->ia_ifa); 1220 return error; 1221 } 1222 1223 void 1224 in6_purgeaddr(struct ifaddr *ifa) 1225 { 1226 struct ifnet *ifp = ifa->ifa_ifp; 1227 struct in6_ifaddr *ia = ifatoia6(ifa); 1228 struct in6_multi_mship *imm; 1229 1230 /* stop DAD processing */ 1231 nd6_dad_stop(ifa); 1232 1233 /* 1234 * delete route to the destination of the address being purged. 1235 * The interface must be p2p or loopback in this case. 1236 */ 1237 if ((ia->ia_flags & IFA_ROUTE) != 0 && ia->ia_dstaddr.sin6_len != 0) { 1238 int e; 1239 1240 if ((e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) 1241 != 0) { 1242 log(LOG_ERR, "in6_purgeaddr: failed to remove " 1243 "a route to the p2p destination: %s on %s, " 1244 "errno=%d\n", 1245 ip6_sprintf(&ia->ia_addr.sin6_addr), ifp->if_xname, 1246 e); 1247 /* proceed anyway... */ 1248 } else 1249 ia->ia_flags &= ~IFA_ROUTE; 1250 } 1251 1252 /* Remove ownaddr's loopback rtentry, if it exists. */ 1253 in6_ifremloop(&(ia->ia_ifa)); 1254 1255 /* 1256 * leave from multicast groups we have joined for the interface 1257 */ 1258 while (!LIST_EMPTY(&ia->ia6_memberships)) { 1259 imm = LIST_FIRST(&ia->ia6_memberships); 1260 LIST_REMOVE(imm, i6mm_chain); 1261 in6_leavegroup(imm); 1262 } 1263 1264 in6_unlink_ifa(ia, ifp); 1265 } 1266 1267 void 1268 in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp) 1269 { 1270 struct in6_ifaddr *oia; 1271 int s = splnet(); 1272 1273 ifa_del(ifp, &ia->ia_ifa); 1274 1275 oia = ia; 1276 if (oia == (ia = in6_ifaddr)) 1277 in6_ifaddr = ia->ia_next; 1278 else { 1279 while (ia->ia_next && (ia->ia_next != oia)) 1280 ia = ia->ia_next; 1281 if (ia->ia_next) 1282 ia->ia_next = oia->ia_next; 1283 else { 1284 /* search failed */ 1285 printf("Couldn't unlink in6_ifaddr from in6_ifaddr\n"); 1286 } 1287 } 1288 1289 if (!LIST_EMPTY(&oia->ia6_multiaddrs)) { 1290 in6_savemkludge(oia); 1291 } 1292 1293 /* 1294 * When an autoconfigured address is being removed, release the 1295 * reference to the base prefix. Also, since the release might 1296 * affect the status of other (detached) addresses, call 1297 * pfxlist_onlink_check(). 1298 */ 1299 if ((oia->ia6_flags & IN6_IFF_AUTOCONF) != 0) { 1300 if (oia->ia6_ndpr == NULL) { 1301 log(LOG_NOTICE, "in6_unlink_ifa: autoconf'ed address " 1302 "%p has no prefix\n", oia); 1303 } else { 1304 oia->ia6_ndpr->ndpr_refcnt--; 1305 oia->ia6_flags &= ~IN6_IFF_AUTOCONF; 1306 oia->ia6_ndpr = NULL; 1307 } 1308 1309 pfxlist_onlink_check(); 1310 } 1311 1312 /* 1313 * release another refcnt for the link from in6_ifaddr. 1314 * Note that we should decrement the refcnt at least once for all *BSD. 1315 */ 1316 IFAFREE(&oia->ia_ifa); 1317 1318 splx(s); 1319 } 1320 1321 /* 1322 * SIOC[GAD]LIFADDR. 1323 * SIOCGLIFADDR: get first address. (?) 1324 * SIOCGLIFADDR with IFLR_PREFIX: 1325 * get first address that matches the specified prefix. 1326 * SIOCALIFADDR: add the specified address. 1327 * SIOCALIFADDR with IFLR_PREFIX: 1328 * add the specified prefix, filling hostid part from 1329 * the first link-local address. prefixlen must be <= 64. 1330 * SIOCDLIFADDR: delete the specified address. 1331 * SIOCDLIFADDR with IFLR_PREFIX: 1332 * delete the first address that matches the specified prefix. 1333 * return values: 1334 * EINVAL on invalid parameters 1335 * EADDRNOTAVAIL on prefix match failed/specified address not found 1336 * other values may be returned from in6_ioctl() 1337 * 1338 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64. 1339 * this is to accommodate address naming scheme other than RFC2374, 1340 * in the future. 1341 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374 1342 * address encoding scheme. (see figure on page 8) 1343 */ 1344 int 1345 in6_lifaddr_ioctl(struct socket *so, u_long cmd, caddr_t data, 1346 struct ifnet *ifp, struct proc *p) 1347 { 1348 struct if_laddrreq *iflr = (struct if_laddrreq *)data; 1349 struct ifaddr *ifa; 1350 struct sockaddr *sa; 1351 1352 /* sanity checks */ 1353 if (!data || !ifp) { 1354 panic("invalid argument to in6_lifaddr_ioctl"); 1355 /* NOTREACHED */ 1356 } 1357 1358 switch (cmd) { 1359 case SIOCGLIFADDR: 1360 /* address must be specified on GET with IFLR_PREFIX */ 1361 if ((iflr->flags & IFLR_PREFIX) == 0) 1362 break; 1363 /* FALLTHROUGH */ 1364 case SIOCALIFADDR: 1365 case SIOCDLIFADDR: 1366 /* address must be specified on ADD and DELETE */ 1367 sa = (struct sockaddr *)&iflr->addr; 1368 if (sa->sa_family != AF_INET6) 1369 return EINVAL; 1370 if (sa->sa_len != sizeof(struct sockaddr_in6)) 1371 return EINVAL; 1372 /* XXX need improvement */ 1373 sa = (struct sockaddr *)&iflr->dstaddr; 1374 if (sa->sa_family && sa->sa_family != AF_INET6) 1375 return EINVAL; 1376 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6)) 1377 return EINVAL; 1378 break; 1379 default: /* shouldn't happen */ 1380 #if 0 1381 panic("invalid cmd to in6_lifaddr_ioctl"); 1382 /* NOTREACHED */ 1383 #else 1384 return EOPNOTSUPP; 1385 #endif 1386 } 1387 if (sizeof(struct in6_addr) * 8 < iflr->prefixlen) 1388 return EINVAL; 1389 1390 switch (cmd) { 1391 case SIOCALIFADDR: 1392 { 1393 struct in6_aliasreq ifra; 1394 struct in6_addr *hostid = NULL; 1395 int prefixlen; 1396 1397 if ((iflr->flags & IFLR_PREFIX) != 0) { 1398 struct sockaddr_in6 *sin6; 1399 1400 /* 1401 * hostid is to fill in the hostid part of the 1402 * address. hostid points to the first link-local 1403 * address attached to the interface. 1404 */ 1405 ifa = &in6ifa_ifpforlinklocal(ifp, 0)->ia_ifa; 1406 if (!ifa) 1407 return EADDRNOTAVAIL; 1408 hostid = IFA_IN6(ifa); 1409 1410 /* prefixlen must be <= 64. */ 1411 if (64 < iflr->prefixlen) 1412 return EINVAL; 1413 prefixlen = iflr->prefixlen; 1414 1415 /* hostid part must be zero. */ 1416 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1417 if (sin6->sin6_addr.s6_addr32[2] != 0 1418 || sin6->sin6_addr.s6_addr32[3] != 0) { 1419 return EINVAL; 1420 } 1421 } else 1422 prefixlen = iflr->prefixlen; 1423 1424 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */ 1425 bzero(&ifra, sizeof(ifra)); 1426 bcopy(iflr->iflr_name, ifra.ifra_name, sizeof(ifra.ifra_name)); 1427 1428 bcopy(&iflr->addr, &ifra.ifra_addr, 1429 ((struct sockaddr *)&iflr->addr)->sa_len); 1430 if (hostid) { 1431 /* fill in hostid part */ 1432 ifra.ifra_addr.sin6_addr.s6_addr32[2] = 1433 hostid->s6_addr32[2]; 1434 ifra.ifra_addr.sin6_addr.s6_addr32[3] = 1435 hostid->s6_addr32[3]; 1436 } 1437 1438 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /*XXX*/ 1439 bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr, 1440 ((struct sockaddr *)&iflr->dstaddr)->sa_len); 1441 if (hostid) { 1442 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] = 1443 hostid->s6_addr32[2]; 1444 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] = 1445 hostid->s6_addr32[3]; 1446 } 1447 } 1448 1449 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6); 1450 in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen); 1451 1452 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX; 1453 return in6_control(so, SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp, p); 1454 } 1455 case SIOCGLIFADDR: 1456 case SIOCDLIFADDR: 1457 { 1458 struct in6_ifaddr *ia; 1459 struct in6_addr mask, candidate, match; 1460 struct sockaddr_in6 *sin6; 1461 int cmp; 1462 1463 bzero(&mask, sizeof(mask)); 1464 if (iflr->flags & IFLR_PREFIX) { 1465 /* lookup a prefix rather than address. */ 1466 in6_prefixlen2mask(&mask, iflr->prefixlen); 1467 1468 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1469 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1470 match.s6_addr32[0] &= mask.s6_addr32[0]; 1471 match.s6_addr32[1] &= mask.s6_addr32[1]; 1472 match.s6_addr32[2] &= mask.s6_addr32[2]; 1473 match.s6_addr32[3] &= mask.s6_addr32[3]; 1474 1475 /* if you set extra bits, that's wrong */ 1476 if (bcmp(&match, &sin6->sin6_addr, sizeof(match))) 1477 return EINVAL; 1478 1479 cmp = 1; 1480 } else { 1481 if (cmd == SIOCGLIFADDR) { 1482 /* on getting an address, take the 1st match */ 1483 cmp = 0; /* XXX */ 1484 } else { 1485 /* on deleting an address, do exact match */ 1486 in6_prefixlen2mask(&mask, 128); 1487 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1488 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1489 1490 cmp = 1; 1491 } 1492 } 1493 1494 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 1495 if (ifa->ifa_addr->sa_family != AF_INET6) 1496 continue; 1497 if (!cmp) 1498 break; 1499 1500 bcopy(IFA_IN6(ifa), &candidate, sizeof(candidate)); 1501 candidate.s6_addr32[0] &= mask.s6_addr32[0]; 1502 candidate.s6_addr32[1] &= mask.s6_addr32[1]; 1503 candidate.s6_addr32[2] &= mask.s6_addr32[2]; 1504 candidate.s6_addr32[3] &= mask.s6_addr32[3]; 1505 if (IN6_ARE_ADDR_EQUAL(&candidate, &match)) 1506 break; 1507 } 1508 if (!ifa) 1509 return EADDRNOTAVAIL; 1510 ia = ifatoia6(ifa); 1511 1512 if (cmd == SIOCGLIFADDR) { 1513 /* fill in the if_laddrreq structure */ 1514 bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin6_len); 1515 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1516 bcopy(&ia->ia_dstaddr, &iflr->dstaddr, 1517 ia->ia_dstaddr.sin6_len); 1518 } else 1519 bzero(&iflr->dstaddr, sizeof(iflr->dstaddr)); 1520 1521 iflr->prefixlen = 1522 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 1523 1524 iflr->flags = ia->ia6_flags; /*XXX*/ 1525 1526 return 0; 1527 } else { 1528 struct in6_aliasreq ifra; 1529 1530 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */ 1531 bzero(&ifra, sizeof(ifra)); 1532 bcopy(iflr->iflr_name, ifra.ifra_name, 1533 sizeof(ifra.ifra_name)); 1534 1535 bcopy(&ia->ia_addr, &ifra.ifra_addr, 1536 ia->ia_addr.sin6_len); 1537 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1538 bcopy(&ia->ia_dstaddr, &ifra.ifra_dstaddr, 1539 ia->ia_dstaddr.sin6_len); 1540 } else { 1541 bzero(&ifra.ifra_dstaddr, 1542 sizeof(ifra.ifra_dstaddr)); 1543 } 1544 bcopy(&ia->ia_prefixmask, &ifra.ifra_dstaddr, 1545 ia->ia_prefixmask.sin6_len); 1546 1547 ifra.ifra_flags = ia->ia6_flags; 1548 return in6_control(so, SIOCDIFADDR_IN6, (caddr_t)&ifra, 1549 ifp, p); 1550 } 1551 } 1552 } 1553 1554 return EOPNOTSUPP; /* just for safety */ 1555 } 1556 1557 /* 1558 * Initialize an interface's intetnet6 address 1559 * and routing table entry. 1560 */ 1561 int 1562 in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia, int newhost) 1563 { 1564 int error = 0, plen, ifacount = 0; 1565 int s = splnet(); 1566 struct ifaddr *ifa; 1567 1568 /* 1569 * Give the interface a chance to initialize 1570 * if this is its first address (or it is a CARP interface) 1571 * and to validate the address if necessary. 1572 */ 1573 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 1574 if (ifa->ifa_addr == NULL) 1575 continue; /* just for safety */ 1576 if (ifa->ifa_addr->sa_family != AF_INET6) 1577 continue; 1578 ifacount++; 1579 } 1580 1581 if ((ifacount <= 1 || ifp->if_type == IFT_CARP) && ifp->if_ioctl && 1582 (error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia))) { 1583 splx(s); 1584 return (error); 1585 } 1586 splx(s); 1587 1588 ia->ia_ifa.ifa_metric = ifp->if_metric; 1589 1590 /* we could do in(6)_socktrim here, but just omit it at this moment. */ 1591 1592 /* 1593 * Special case: 1594 * If the destination address is specified for a point-to-point 1595 * interface, install a route to the destination as an interface 1596 * direct route. 1597 */ 1598 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ 1599 if (plen == 128 && ia->ia_dstaddr.sin6_family == AF_INET6) { 1600 if ((error = rtinit(&(ia->ia_ifa), (int)RTM_ADD, 1601 RTF_UP | RTF_HOST)) != 0) 1602 return (error); 1603 ia->ia_flags |= IFA_ROUTE; 1604 } 1605 1606 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */ 1607 if (newhost) { 1608 /* set the rtrequest function to create llinfo */ 1609 ia->ia_ifa.ifa_rtrequest = nd6_rtrequest; 1610 in6_ifaddloop(&(ia->ia_ifa)); 1611 } 1612 1613 if (ifp->if_flags & IFF_MULTICAST) 1614 in6_restoremkludge(ia, ifp); 1615 1616 return (error); 1617 } 1618 1619 /* 1620 * Multicast address kludge: 1621 * If there were any multicast addresses attached to this interface address, 1622 * either move them to another address on this interface, or save them until 1623 * such time as this interface is reconfigured for IPv6. 1624 */ 1625 void 1626 in6_savemkludge(struct in6_ifaddr *oia) 1627 { 1628 struct in6_ifaddr *ia; 1629 struct in6_multi *in6m, *next; 1630 1631 IFP_TO_IA6(oia->ia_ifp, ia); 1632 if (ia) { /* there is another address */ 1633 for (in6m = LIST_FIRST(&oia->ia6_multiaddrs); 1634 in6m != LIST_END(&oia->ia6_multiaddrs); in6m = next) { 1635 next = LIST_NEXT(in6m, in6m_entry); 1636 IFAFREE(&in6m->in6m_ia->ia_ifa); 1637 ia->ia_ifa.ifa_refcnt++; 1638 in6m->in6m_ia = ia; 1639 LIST_INSERT_HEAD(&ia->ia6_multiaddrs, in6m, in6m_entry); 1640 } 1641 } else { /* last address on this if deleted, save */ 1642 struct multi6_kludge *mk; 1643 1644 LIST_FOREACH(mk, &in6_mk, mk_entry) { 1645 if (mk->mk_ifp == oia->ia_ifp) 1646 break; 1647 } 1648 if (mk == NULL) /* this should not happen! */ 1649 panic("in6_savemkludge: no kludge space"); 1650 1651 for (in6m = LIST_FIRST(&oia->ia6_multiaddrs); 1652 in6m != LIST_END(&oia->ia6_multiaddrs); in6m = next) { 1653 next = LIST_NEXT(in6m, in6m_entry); 1654 IFAFREE(&in6m->in6m_ia->ia_ifa); /* release reference */ 1655 in6m->in6m_ia = NULL; 1656 LIST_INSERT_HEAD(&mk->mk_head, in6m, in6m_entry); 1657 } 1658 } 1659 } 1660 1661 /* 1662 * Continuation of multicast address hack: 1663 * If there was a multicast group list previously saved for this interface, 1664 * then we re-attach it to the first address configured on the i/f. 1665 */ 1666 void 1667 in6_restoremkludge(struct in6_ifaddr *ia, struct ifnet *ifp) 1668 { 1669 struct multi6_kludge *mk; 1670 1671 LIST_FOREACH(mk, &in6_mk, mk_entry) { 1672 if (mk->mk_ifp == ifp) { 1673 struct in6_multi *in6m, *next; 1674 1675 for (in6m = LIST_FIRST(&mk->mk_head); 1676 in6m != LIST_END(&mk->mk_head); 1677 in6m = next) { 1678 next = LIST_NEXT(in6m, in6m_entry); 1679 in6m->in6m_ia = ia; 1680 ia->ia_ifa.ifa_refcnt++; 1681 LIST_INSERT_HEAD(&ia->ia6_multiaddrs, 1682 in6m, in6m_entry); 1683 } 1684 LIST_INIT(&mk->mk_head); 1685 break; 1686 } 1687 } 1688 } 1689 1690 /* 1691 * Allocate space for the kludge at interface initialization time. 1692 * Formerly, we dynamically allocated the space in in6_savemkludge() with 1693 * malloc(M_WAITOK). However, it was wrong since the function could be called 1694 * under an interrupt context (software timer on address lifetime expiration). 1695 * Also, we cannot just give up allocating the strucutre, since the group 1696 * membership structure is very complex and we need to keep it anyway. 1697 * Of course, this function MUST NOT be called under an interrupt context. 1698 * Specifically, it is expected to be called only from in6_ifattach(), though 1699 * it is a global function. 1700 */ 1701 void 1702 in6_createmkludge(struct ifnet *ifp) 1703 { 1704 struct multi6_kludge *mk; 1705 1706 LIST_FOREACH(mk, &in6_mk, mk_entry) { 1707 /* If we've already had one, do not allocate. */ 1708 if (mk->mk_ifp == ifp) 1709 return; 1710 } 1711 1712 mk = malloc(sizeof(*mk), M_IPMADDR, M_WAITOK | M_ZERO); 1713 1714 LIST_INIT(&mk->mk_head); 1715 mk->mk_ifp = ifp; 1716 LIST_INSERT_HEAD(&in6_mk, mk, mk_entry); 1717 } 1718 1719 void 1720 in6_purgemkludge(struct ifnet *ifp) 1721 { 1722 struct multi6_kludge *mk; 1723 struct in6_multi *in6m; 1724 1725 LIST_FOREACH(mk, &in6_mk, mk_entry) { 1726 if (mk->mk_ifp != ifp) 1727 continue; 1728 1729 /* leave from all multicast groups joined */ 1730 while ((in6m = LIST_FIRST(&mk->mk_head)) != NULL) 1731 in6_delmulti(in6m); 1732 LIST_REMOVE(mk, mk_entry); 1733 free(mk, M_IPMADDR); 1734 break; 1735 } 1736 } 1737 1738 /* 1739 * Add an address to the list of IP6 multicast addresses for a 1740 * given interface. 1741 */ 1742 struct in6_multi * 1743 in6_addmulti(struct in6_addr *maddr6, struct ifnet *ifp, int *errorp) 1744 { 1745 struct in6_ifaddr *ia; 1746 struct in6_ifreq ifr; 1747 struct in6_multi *in6m; 1748 int s = splsoftnet(); 1749 1750 *errorp = 0; 1751 /* 1752 * See if address already in list. 1753 */ 1754 IN6_LOOKUP_MULTI(*maddr6, ifp, in6m); 1755 if (in6m != NULL) { 1756 /* 1757 * Found it; just increment the refrence count. 1758 */ 1759 in6m->in6m_refcount++; 1760 } else { 1761 /* 1762 * New address; allocate a new multicast record 1763 * and link it into the interface's multicast list. 1764 */ 1765 in6m = (struct in6_multi *) 1766 malloc(sizeof(*in6m), M_IPMADDR, M_NOWAIT); 1767 if (in6m == NULL) { 1768 splx(s); 1769 *errorp = ENOBUFS; 1770 return (NULL); 1771 } 1772 in6m->in6m_addr = *maddr6; 1773 in6m->in6m_ifp = ifp; 1774 in6m->in6m_refcount = 1; 1775 IFP_TO_IA6(ifp, ia); 1776 if (ia == NULL) { 1777 free(in6m, M_IPMADDR); 1778 splx(s); 1779 *errorp = EADDRNOTAVAIL; /* appropriate? */ 1780 return (NULL); 1781 } 1782 in6m->in6m_ia = ia; 1783 ia->ia_ifa.ifa_refcnt++; /* gain a reference */ 1784 LIST_INSERT_HEAD(&ia->ia6_multiaddrs, in6m, in6m_entry); 1785 1786 /* 1787 * Ask the network driver to update its multicast reception 1788 * filter appropriately for the new address. 1789 */ 1790 bzero(&ifr.ifr_addr, sizeof(struct sockaddr_in6)); 1791 ifr.ifr_addr.sin6_len = sizeof(struct sockaddr_in6); 1792 ifr.ifr_addr.sin6_family = AF_INET6; 1793 ifr.ifr_addr.sin6_addr = *maddr6; 1794 if (ifp->if_ioctl == NULL) 1795 *errorp = ENXIO; /* XXX: appropriate? */ 1796 else 1797 *errorp = (*ifp->if_ioctl)(ifp, SIOCADDMULTI, 1798 (caddr_t)&ifr); 1799 if (*errorp) { 1800 LIST_REMOVE(in6m, in6m_entry); 1801 free(in6m, M_IPMADDR); 1802 IFAFREE(&ia->ia_ifa); 1803 splx(s); 1804 return (NULL); 1805 } 1806 /* 1807 * Let MLD6 know that we have joined a new IP6 multicast 1808 * group. 1809 */ 1810 mld6_start_listening(in6m); 1811 } 1812 splx(s); 1813 return (in6m); 1814 } 1815 1816 /* 1817 * Delete a multicast address record. 1818 */ 1819 void 1820 in6_delmulti(struct in6_multi *in6m) 1821 { 1822 struct in6_ifreq ifr; 1823 int s = splsoftnet(); 1824 1825 if (--in6m->in6m_refcount == 0) { 1826 /* 1827 * No remaining claims to this record; let MLD6 know 1828 * that we are leaving the multicast group. 1829 */ 1830 mld6_stop_listening(in6m); 1831 1832 /* 1833 * Unlink from list. 1834 */ 1835 LIST_REMOVE(in6m, in6m_entry); 1836 if (in6m->in6m_ia) { 1837 IFAFREE(&in6m->in6m_ia->ia_ifa); /* release reference */ 1838 } 1839 1840 /* 1841 * Notify the network driver to update its multicast 1842 * reception filter. 1843 */ 1844 bzero(&ifr.ifr_addr, sizeof(struct sockaddr_in6)); 1845 ifr.ifr_addr.sin6_len = sizeof(struct sockaddr_in6); 1846 ifr.ifr_addr.sin6_family = AF_INET6; 1847 ifr.ifr_addr.sin6_addr = in6m->in6m_addr; 1848 (*in6m->in6m_ifp->if_ioctl)(in6m->in6m_ifp, 1849 SIOCDELMULTI, (caddr_t)&ifr); 1850 free(in6m, M_IPMADDR); 1851 } 1852 splx(s); 1853 } 1854 1855 struct in6_multi_mship * 1856 in6_joingroup(struct ifnet *ifp, struct in6_addr *addr, int *errorp) 1857 { 1858 struct in6_multi_mship *imm; 1859 1860 imm = malloc(sizeof(*imm), M_IPMADDR, M_NOWAIT); 1861 if (!imm) { 1862 *errorp = ENOBUFS; 1863 return NULL; 1864 } 1865 imm->i6mm_maddr = in6_addmulti(addr, ifp, errorp); 1866 if (!imm->i6mm_maddr) { 1867 /* *errorp is alrady set */ 1868 free(imm, M_IPMADDR); 1869 return NULL; 1870 } 1871 return imm; 1872 } 1873 1874 int 1875 in6_leavegroup(struct in6_multi_mship *imm) 1876 { 1877 1878 if (imm->i6mm_maddr) 1879 in6_delmulti(imm->i6mm_maddr); 1880 free(imm, M_IPMADDR); 1881 return 0; 1882 } 1883 1884 /* 1885 * Find an IPv6 interface link-local address specific to an interface. 1886 */ 1887 struct in6_ifaddr * 1888 in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags) 1889 { 1890 struct ifaddr *ifa; 1891 1892 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 1893 if (ifa->ifa_addr == NULL) 1894 continue; /* just for safety */ 1895 if (ifa->ifa_addr->sa_family != AF_INET6) 1896 continue; 1897 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) { 1898 if ((ifatoia6(ifa)->ia6_flags & ignoreflags) != 0) 1899 continue; 1900 break; 1901 } 1902 } 1903 1904 return ((struct in6_ifaddr *)ifa); 1905 } 1906 1907 1908 /* 1909 * find the internet address corresponding to a given interface and address. 1910 */ 1911 struct in6_ifaddr * 1912 in6ifa_ifpwithaddr(struct ifnet *ifp, struct in6_addr *addr) 1913 { 1914 struct ifaddr *ifa; 1915 1916 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 1917 if (ifa->ifa_addr == NULL) 1918 continue; /* just for safety */ 1919 if (ifa->ifa_addr->sa_family != AF_INET6) 1920 continue; 1921 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) 1922 break; 1923 } 1924 1925 return ((struct in6_ifaddr *)ifa); 1926 } 1927 1928 /* 1929 * Check wether an interface has a prefix by looking up the cloning route. 1930 */ 1931 int 1932 in6_ifpprefix(const struct ifnet *ifp, const struct in6_addr *addr) 1933 { 1934 struct sockaddr_in6 dst; 1935 struct rtentry *rt; 1936 u_int tableid = ifp->if_rdomain; 1937 1938 bzero(&dst, sizeof(dst)); 1939 dst.sin6_len = sizeof(struct sockaddr_in6); 1940 dst.sin6_family = AF_INET6; 1941 dst.sin6_addr = *addr; 1942 rt = rtalloc1((struct sockaddr *)&dst, RT_NOCLONING, tableid); 1943 1944 if (rt == NULL) 1945 return (0); 1946 if ((rt->rt_flags & (RTF_CLONING | RTF_CLONED)) == 0 || 1947 (rt->rt_ifp != ifp && 1948 #if NBRIDGE > 0 1949 (rt->rt_ifp->if_bridge == NULL || ifp->if_bridge == NULL || 1950 rt->rt_ifp->if_bridge != ifp->if_bridge) && 1951 #endif 1952 #if NCARP > 0 1953 (ifp->if_type != IFT_CARP || rt->rt_ifp != ifp->if_carpdev) && 1954 (rt->rt_ifp->if_type != IFT_CARP || rt->rt_ifp->if_carpdev != ifp)&& 1955 (ifp->if_type != IFT_CARP || rt->rt_ifp->if_type != IFT_CARP || 1956 rt->rt_ifp->if_carpdev != ifp->if_carpdev) && 1957 #endif 1958 1)) { 1959 RTFREE(rt); 1960 return (0); 1961 } 1962 1963 RTFREE(rt); 1964 return (1); 1965 } 1966 1967 /* 1968 * Convert IP6 address to printable (loggable) representation. 1969 */ 1970 static char digits[] = "0123456789abcdef"; 1971 static int ip6round = 0; 1972 char * 1973 ip6_sprintf(struct in6_addr *addr) 1974 { 1975 static char ip6buf[8][48]; 1976 int i; 1977 char *cp; 1978 u_short *a = (u_short *)addr; 1979 u_char *d; 1980 int dcolon = 0; 1981 1982 ip6round = (ip6round + 1) & 7; 1983 cp = ip6buf[ip6round]; 1984 1985 for (i = 0; i < 8; i++) { 1986 if (dcolon == 1) { 1987 if (*a == 0) { 1988 if (i == 7) 1989 *cp++ = ':'; 1990 a++; 1991 continue; 1992 } else 1993 dcolon = 2; 1994 } 1995 if (*a == 0) { 1996 if (dcolon == 0 && *(a + 1) == 0) { 1997 if (i == 0) 1998 *cp++ = ':'; 1999 *cp++ = ':'; 2000 dcolon = 1; 2001 } else { 2002 *cp++ = '0'; 2003 *cp++ = ':'; 2004 } 2005 a++; 2006 continue; 2007 } 2008 d = (u_char *)a; 2009 *cp++ = digits[*d >> 4]; 2010 *cp++ = digits[*d++ & 0xf]; 2011 *cp++ = digits[*d >> 4]; 2012 *cp++ = digits[*d & 0xf]; 2013 *cp++ = ':'; 2014 a++; 2015 } 2016 *--cp = 0; 2017 return (ip6buf[ip6round]); 2018 } 2019 2020 /* 2021 * Get a scope of the address. Node-local, link-local, site-local or global. 2022 */ 2023 int 2024 in6_addrscope(struct in6_addr *addr) 2025 { 2026 int scope; 2027 2028 if (addr->s6_addr8[0] == 0xfe) { 2029 scope = addr->s6_addr8[1] & 0xc0; 2030 2031 switch (scope) { 2032 case 0x80: 2033 return IPV6_ADDR_SCOPE_LINKLOCAL; 2034 break; 2035 case 0xc0: 2036 return IPV6_ADDR_SCOPE_SITELOCAL; 2037 break; 2038 default: 2039 return IPV6_ADDR_SCOPE_GLOBAL; /* just in case */ 2040 break; 2041 } 2042 } 2043 2044 2045 if (addr->s6_addr8[0] == 0xff) { 2046 scope = addr->s6_addr8[1] & 0x0f; 2047 2048 /* 2049 * due to other scope such as reserved, 2050 * return scope doesn't work. 2051 */ 2052 switch (scope) { 2053 case IPV6_ADDR_SCOPE_INTFACELOCAL: 2054 return IPV6_ADDR_SCOPE_INTFACELOCAL; 2055 break; 2056 case IPV6_ADDR_SCOPE_LINKLOCAL: 2057 return IPV6_ADDR_SCOPE_LINKLOCAL; 2058 break; 2059 case IPV6_ADDR_SCOPE_SITELOCAL: 2060 return IPV6_ADDR_SCOPE_SITELOCAL; 2061 break; 2062 default: 2063 return IPV6_ADDR_SCOPE_GLOBAL; 2064 break; 2065 } 2066 } 2067 2068 if (bcmp(&in6addr_loopback, addr, sizeof(*addr) - 1) == 0) { 2069 if (addr->s6_addr8[15] == 1) /* loopback */ 2070 return IPV6_ADDR_SCOPE_INTFACELOCAL; 2071 if (addr->s6_addr8[15] == 0) /* unspecified */ 2072 return IPV6_ADDR_SCOPE_LINKLOCAL; 2073 } 2074 2075 return IPV6_ADDR_SCOPE_GLOBAL; 2076 } 2077 2078 /* 2079 * ifp - must not be NULL 2080 * addr - must not be NULL 2081 */ 2082 2083 int 2084 in6_addr2scopeid(struct ifnet *ifp, struct in6_addr *addr) 2085 { 2086 int scope = in6_addrscope(addr); 2087 2088 switch(scope) { 2089 case IPV6_ADDR_SCOPE_INTFACELOCAL: 2090 case IPV6_ADDR_SCOPE_LINKLOCAL: 2091 /* XXX: we do not distinguish between a link and an I/F. */ 2092 return (ifp->if_index); 2093 2094 case IPV6_ADDR_SCOPE_SITELOCAL: 2095 return (0); /* XXX: invalid. */ 2096 2097 default: 2098 return (0); /* XXX: treat as global. */ 2099 } 2100 } 2101 2102 /* 2103 * return length of part which dst and src are equal 2104 * hard coding... 2105 */ 2106 int 2107 in6_matchlen(struct in6_addr *src, struct in6_addr *dst) 2108 { 2109 int match = 0; 2110 u_char *s = (u_char *)src, *d = (u_char *)dst; 2111 u_char *lim = s + 16, r; 2112 2113 while (s < lim) 2114 if ((r = (*d++ ^ *s++)) != 0) { 2115 while (r < 128) { 2116 match++; 2117 r <<= 1; 2118 } 2119 break; 2120 } else 2121 match += 8; 2122 return match; 2123 } 2124 2125 int 2126 in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len) 2127 { 2128 int bytelen, bitlen; 2129 2130 /* sanity check */ 2131 if (0 > len || len > 128) { 2132 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n", 2133 len); 2134 return (0); 2135 } 2136 2137 bytelen = len / 8; 2138 bitlen = len % 8; 2139 2140 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen)) 2141 return (0); 2142 /* len == 128 is ok because bitlen == 0 then */ 2143 if (bitlen != 0 && 2144 p1->s6_addr[bytelen] >> (8 - bitlen) != 2145 p2->s6_addr[bytelen] >> (8 - bitlen)) 2146 return (0); 2147 2148 return (1); 2149 } 2150 2151 void 2152 in6_prefixlen2mask(struct in6_addr *maskp, int len) 2153 { 2154 u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff}; 2155 int bytelen, bitlen, i; 2156 2157 /* sanity check */ 2158 if (0 > len || len > 128) { 2159 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n", 2160 len); 2161 return; 2162 } 2163 2164 bzero(maskp, sizeof(*maskp)); 2165 bytelen = len / 8; 2166 bitlen = len % 8; 2167 for (i = 0; i < bytelen; i++) 2168 maskp->s6_addr[i] = 0xff; 2169 /* len == 128 is ok because bitlen == 0 then */ 2170 if (bitlen) 2171 maskp->s6_addr[bytelen] = maskarray[bitlen - 1]; 2172 } 2173 2174 /* 2175 * return the best address out of the same scope 2176 */ 2177 struct in6_ifaddr * 2178 in6_ifawithscope(struct ifnet *oifp, struct in6_addr *dst, u_int rdomain) 2179 { 2180 int dst_scope = in6_addrscope(dst), src_scope, best_scope = 0; 2181 int blen = -1; 2182 struct ifaddr *ifa; 2183 struct ifnet *ifp; 2184 struct in6_ifaddr *ifa_best = NULL; 2185 2186 if (oifp == NULL) { 2187 printf("in6_ifawithscope: output interface is not specified\n"); 2188 return (NULL); 2189 } 2190 2191 /* 2192 * We search for all addresses on all interfaces from the beginning. 2193 * Comparing an interface with the outgoing interface will be done 2194 * only at the final stage of tiebreaking. 2195 */ 2196 for (ifp = TAILQ_FIRST(&ifnet); ifp; ifp = TAILQ_NEXT(ifp, if_list)) 2197 { 2198 if (ifp->if_rdomain != rdomain) 2199 continue; 2200 2201 /* 2202 * We can never take an address that breaks the scope zone 2203 * of the destination. 2204 */ 2205 if (in6_addr2scopeid(ifp, dst) != in6_addr2scopeid(oifp, dst)) 2206 continue; 2207 2208 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 2209 int tlen = -1, dscopecmp, bscopecmp, matchcmp; 2210 2211 if (ifa->ifa_addr->sa_family != AF_INET6) 2212 continue; 2213 2214 src_scope = in6_addrscope(IFA_IN6(ifa)); 2215 2216 #ifdef ADDRSELECT_DEBUG /* should be removed after stabilization */ 2217 dscopecmp = IN6_ARE_SCOPE_CMP(src_scope, dst_scope); 2218 printf("in6_ifawithscope: dst=%s bestaddr=%s, " 2219 "newaddr=%s, scope=%x, dcmp=%d, bcmp=%d, " 2220 "matchlen=%d, flgs=%x\n", 2221 ip6_sprintf(dst), 2222 ifa_best ? ip6_sprintf(&ifa_best->ia_addr.sin6_addr) : "none", 2223 ip6_sprintf(IFA_IN6(ifa)), src_scope, 2224 dscopecmp, 2225 ifa_best ? IN6_ARE_SCOPE_CMP(src_scope, best_scope) : -1, 2226 in6_matchlen(IFA_IN6(ifa), dst), 2227 ((struct in6_ifaddr *)ifa)->ia6_flags); 2228 #endif 2229 2230 /* 2231 * Don't use an address before completing DAD 2232 * nor a duplicated address. 2233 */ 2234 if (ifatoia6(ifa)->ia6_flags & IN6_IFF_NOTREADY) 2235 continue; 2236 2237 /* XXX: is there any case to allow anycasts? */ 2238 if (ifatoia6(ifa)->ia6_flags & IN6_IFF_ANYCAST) 2239 continue; 2240 2241 if (ifatoia6(ifa)->ia6_flags & IN6_IFF_DETACHED) 2242 continue; 2243 2244 /* 2245 * If this is the first address we find, 2246 * keep it anyway. 2247 */ 2248 if (ifa_best == NULL) 2249 goto replace; 2250 2251 /* 2252 * ifa_best is never NULL beyond this line except 2253 * within the block labeled "replace". 2254 */ 2255 2256 /* 2257 * If ifa_best has a smaller scope than dst and 2258 * the current address has a larger one than 2259 * (or equal to) dst, always replace ifa_best. 2260 * Also, if the current address has a smaller scope 2261 * than dst, ignore it unless ifa_best also has a 2262 * smaller scope. 2263 */ 2264 if (IN6_ARE_SCOPE_CMP(best_scope, dst_scope) < 0 && 2265 IN6_ARE_SCOPE_CMP(src_scope, dst_scope) >= 0) 2266 goto replace; 2267 if (IN6_ARE_SCOPE_CMP(src_scope, dst_scope) < 0 && 2268 IN6_ARE_SCOPE_CMP(best_scope, dst_scope) >= 0) 2269 continue; 2270 2271 /* 2272 * A deprecated address SHOULD NOT be used in new 2273 * communications if an alternate (non-deprecated) 2274 * address is available and has sufficient scope. 2275 * RFC 2462, Section 5.5.4. 2276 */ 2277 if (ifatoia6(ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2278 /* 2279 * Ignore any deprecated addresses if 2280 * specified by configuration. 2281 */ 2282 if (!ip6_use_deprecated) 2283 continue; 2284 2285 /* 2286 * If we have already found a non-deprecated 2287 * candidate, just ignore deprecated addresses. 2288 */ 2289 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) 2290 == 0) 2291 continue; 2292 } 2293 2294 /* 2295 * A non-deprecated address is always preferred 2296 * to a deprecated one regardless of scopes and 2297 * address matching. 2298 */ 2299 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) && 2300 (ifatoia6(ifa)->ia6_flags & 2301 IN6_IFF_DEPRECATED) == 0) 2302 goto replace; 2303 2304 /* 2305 * At this point, we have two cases: 2306 * 1. we are looking at a non-deprecated address, 2307 * and ifa_best is also non-deprecated. 2308 * 2. we are looking at a deprecated address, 2309 * and ifa_best is also deprecated. 2310 * Also, we do not have to consider a case where 2311 * the scope of if_best is larger(smaller) than dst and 2312 * the scope of the current address is smaller(larger) 2313 * than dst. Such a case has already been covered. 2314 * Tiebreaking is done according to the following 2315 * items: 2316 * - the scope comparison between the address and 2317 * dst (dscopecmp) 2318 * - the scope comparison between the address and 2319 * ifa_best (bscopecmp) 2320 * - if the address match dst longer than ifa_best 2321 * (matchcmp) 2322 * - if the address is on the outgoing I/F (outI/F) 2323 * 2324 * Roughly speaking, the selection policy is 2325 * - the most important item is scope. The same scope 2326 * is best. Then search for a larger scope. 2327 * Smaller scopes are the last resort. 2328 * - A deprecated address is chosen only when we have 2329 * no address that has an enough scope, but is 2330 * prefered to any addresses of smaller scopes. 2331 * - Longest address match against dst is considered 2332 * only for addresses that has the same scope of dst. 2333 * - If there is no other reasons to choose one, 2334 * addresses on the outgoing I/F are preferred. 2335 * 2336 * The precise decision table is as follows: 2337 * dscopecmp bscopecmp matchcmp outI/F | replace? 2338 * !equal equal N/A Yes | Yes (1) 2339 * !equal equal N/A No | No (2) 2340 * larger larger N/A N/A | No (3) 2341 * larger smaller N/A N/A | Yes (4) 2342 * smaller larger N/A N/A | Yes (5) 2343 * smaller smaller N/A N/A | No (6) 2344 * equal smaller N/A N/A | Yes (7) 2345 * equal larger (already done) 2346 * equal equal larger N/A | Yes (8) 2347 * equal equal smaller N/A | No (9) 2348 * equal equal equal Yes | Yes (a) 2349 * equal equal equal No | No (b) 2350 */ 2351 dscopecmp = IN6_ARE_SCOPE_CMP(src_scope, dst_scope); 2352 bscopecmp = IN6_ARE_SCOPE_CMP(src_scope, best_scope); 2353 2354 if (dscopecmp && bscopecmp == 0) { 2355 if (oifp == ifp) /* (1) */ 2356 goto replace; 2357 continue; /* (2) */ 2358 } 2359 if (dscopecmp > 0) { 2360 if (bscopecmp > 0) /* (3) */ 2361 continue; 2362 goto replace; /* (4) */ 2363 } 2364 if (dscopecmp < 0) { 2365 if (bscopecmp > 0) /* (5) */ 2366 goto replace; 2367 continue; /* (6) */ 2368 } 2369 2370 /* now dscopecmp must be 0 */ 2371 if (bscopecmp < 0) 2372 goto replace; /* (7) */ 2373 2374 /* 2375 * At last both dscopecmp and bscopecmp must be 0. 2376 * We need address matching against dst for 2377 * tiebreaking. 2378 * Privacy addresses are preferred over public 2379 * addresses (RFC3484 requires a config knob for 2380 * this which we don't provide). 2381 */ 2382 if (oifp == ifp) { 2383 /* Do not replace temporary autoconf addresses 2384 * with non-temporary addresses. */ 2385 if ((ifa_best->ia6_flags & IN6_IFF_PRIVACY) && 2386 !(ifatoia6(ifa)->ia6_flags & 2387 IN6_IFF_PRIVACY)) 2388 continue; 2389 2390 /* Replace non-temporary autoconf addresses 2391 * with temporary addresses. */ 2392 if (!(ifa_best->ia6_flags & IN6_IFF_PRIVACY) && 2393 (ifatoia6(ifa)->ia6_flags & 2394 IN6_IFF_PRIVACY)) 2395 goto replace; 2396 } 2397 tlen = in6_matchlen(IFA_IN6(ifa), dst); 2398 matchcmp = tlen - blen; 2399 if (matchcmp > 0) /* (8) */ 2400 goto replace; 2401 if (matchcmp < 0) /* (9) */ 2402 continue; 2403 if (oifp == ifp) /* (a) */ 2404 goto replace; 2405 continue; /* (b) */ 2406 2407 replace: 2408 ifa_best = (struct in6_ifaddr *)ifa; 2409 blen = tlen >= 0 ? tlen : 2410 in6_matchlen(IFA_IN6(ifa), dst); 2411 best_scope = in6_addrscope(&ifa_best->ia_addr.sin6_addr); 2412 } 2413 } 2414 2415 /* count statistics for future improvements */ 2416 if (ifa_best == NULL) 2417 ip6stat.ip6s_sources_none++; 2418 else { 2419 if (oifp == ifa_best->ia_ifp) 2420 ip6stat.ip6s_sources_sameif[best_scope]++; 2421 else 2422 ip6stat.ip6s_sources_otherif[best_scope]++; 2423 2424 if (best_scope == dst_scope) 2425 ip6stat.ip6s_sources_samescope[best_scope]++; 2426 else 2427 ip6stat.ip6s_sources_otherscope[best_scope]++; 2428 2429 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) != 0) 2430 ip6stat.ip6s_sources_deprecated[best_scope]++; 2431 } 2432 2433 return (ifa_best); 2434 } 2435 2436 /* 2437 * perform DAD when interface becomes IFF_UP. 2438 */ 2439 void 2440 in6_if_up(struct ifnet *ifp) 2441 { 2442 struct ifaddr *ifa; 2443 struct in6_ifaddr *ia; 2444 int dad_delay; /* delay ticks before DAD output */ 2445 2446 /* 2447 * special cases, like 6to4, are handled in in6_ifattach 2448 */ 2449 in6_ifattach(ifp, NULL); 2450 2451 dad_delay = 0; 2452 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 2453 if (ifa->ifa_addr->sa_family != AF_INET6) 2454 continue; 2455 ia = ifatoia6(ifa); 2456 if (ia->ia6_flags & IN6_IFF_TENTATIVE) 2457 nd6_dad_start(ifa, &dad_delay); 2458 } 2459 } 2460 2461 int 2462 in6if_do_dad(struct ifnet *ifp) 2463 { 2464 if ((ifp->if_flags & IFF_LOOPBACK) != 0) 2465 return (0); 2466 2467 switch (ifp->if_type) { 2468 case IFT_FAITH: 2469 /* 2470 * These interfaces do not have the IFF_LOOPBACK flag, 2471 * but loop packets back. We do not have to do DAD on such 2472 * interfaces. We should even omit it, because loop-backed 2473 * NS would confuse the DAD procedure. 2474 */ 2475 return (0); 2476 default: 2477 /* 2478 * Our DAD routine requires the interface up and running. 2479 * However, some interfaces can be up before the RUNNING 2480 * status. Additionaly, users may try to assign addresses 2481 * before the interface becomes up (or running). 2482 * We simply skip DAD in such a case as a work around. 2483 * XXX: we should rather mark "tentative" on such addresses, 2484 * and do DAD after the interface becomes ready. 2485 */ 2486 if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) != 2487 (IFF_UP|IFF_RUNNING)) 2488 return (0); 2489 2490 return (1); 2491 } 2492 } 2493 2494 /* 2495 * Calculate max IPv6 MTU through all the interfaces and store it 2496 * to in6_maxmtu. 2497 */ 2498 void 2499 in6_setmaxmtu(void) 2500 { 2501 unsigned long maxmtu = 0; 2502 struct ifnet *ifp; 2503 2504 for (ifp = TAILQ_FIRST(&ifnet); ifp; ifp = TAILQ_NEXT(ifp, if_list)) 2505 { 2506 /* this function can be called during ifnet initialization */ 2507 if (!ifp->if_afdata[AF_INET6]) 2508 continue; 2509 if ((ifp->if_flags & IFF_LOOPBACK) == 0 && 2510 IN6_LINKMTU(ifp) > maxmtu) 2511 maxmtu = IN6_LINKMTU(ifp); 2512 } 2513 if (maxmtu) /* update only when maxmtu is positive */ 2514 in6_maxmtu = maxmtu; 2515 } 2516 2517 void * 2518 in6_domifattach(struct ifnet *ifp) 2519 { 2520 struct in6_ifextra *ext; 2521 2522 ext = malloc(sizeof(*ext), M_IFADDR, M_WAITOK | M_ZERO); 2523 2524 ext->in6_ifstat = malloc(sizeof(*ext->in6_ifstat), M_IFADDR, 2525 M_WAITOK | M_ZERO); 2526 2527 ext->icmp6_ifstat = malloc(sizeof(*ext->icmp6_ifstat), M_IFADDR, 2528 M_WAITOK | M_ZERO); 2529 2530 ext->nd_ifinfo = nd6_ifattach(ifp); 2531 ext->nprefixes = 0; 2532 ext->ndefrouters = 0; 2533 return ext; 2534 } 2535 2536 void 2537 in6_domifdetach(struct ifnet *ifp, void *aux) 2538 { 2539 struct in6_ifextra *ext = (struct in6_ifextra *)aux; 2540 2541 nd6_ifdetach(ext->nd_ifinfo); 2542 free(ext->in6_ifstat, M_IFADDR); 2543 free(ext->icmp6_ifstat, M_IFADDR); 2544 free(ext, M_IFADDR); 2545 } 2546