1 /* $OpenBSD: in6_pcb.c,v 1.123 2022/09/03 22:43:38 mvs Exp $ */ 2 3 /* 4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the project nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 /* 33 * @(#)COPYRIGHT 1.1 (NRL) 17 January 1995 34 * 35 * NRL grants permission for redistribution and use in source and binary 36 * forms, with or without modification, of the software and documentation 37 * created at NRL provided that the following conditions are met: 38 * 39 * 1. Redistributions of source code must retain the above copyright 40 * notice, this list of conditions and the following disclaimer. 41 * 2. Redistributions in binary form must reproduce the above copyright 42 * notice, this list of conditions and the following disclaimer in the 43 * documentation and/or other materials provided with the distribution. 44 * 3. All advertising materials mentioning features or use of this software 45 * must display the following acknowledgements: 46 * This product includes software developed by the University of 47 * California, Berkeley and its contributors. 48 * This product includes software developed at the Information 49 * Technology Division, US Naval Research Laboratory. 50 * 4. Neither the name of the NRL nor the names of its contributors 51 * may be used to endorse or promote products derived from this software 52 * without specific prior written permission. 53 * 54 * THE SOFTWARE PROVIDED BY NRL IS PROVIDED BY NRL AND CONTRIBUTORS ``AS 55 * IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 56 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A 57 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL NRL OR 58 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 59 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 60 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 61 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 62 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 63 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 64 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 65 * 66 * The views and conclusions contained in the software and documentation 67 * are those of the authors and should not be interpreted as representing 68 * official policies, either expressed or implied, of the US Naval 69 * Research Laboratory (NRL). 70 */ 71 72 /* 73 * Copyright (c) 1982, 1986, 1990, 1993, 1995 74 * Regents of the University of California. All rights reserved. 75 * 76 * Redistribution and use in source and binary forms, with or without 77 * modification, are permitted provided that the following conditions 78 * are met: 79 * 1. Redistributions of source code must retain the above copyright 80 * notice, this list of conditions and the following disclaimer. 81 * 2. Redistributions in binary form must reproduce the above copyright 82 * notice, this list of conditions and the following disclaimer in the 83 * documentation and/or other materials provided with the distribution. 84 * 3. Neither the name of the University nor the names of its contributors 85 * may be used to endorse or promote products derived from this software 86 * without specific prior written permission. 87 * 88 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 89 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 90 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 91 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 92 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 93 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 94 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 95 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 96 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 97 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 98 * SUCH DAMAGE. 99 * 100 */ 101 102 #include "pf.h" 103 #include "stoeplitz.h" 104 105 #include <sys/param.h> 106 #include <sys/systm.h> 107 #include <sys/mbuf.h> 108 #include <sys/protosw.h> 109 #include <sys/socket.h> 110 #include <sys/socketvar.h> 111 112 #include <net/if.h> 113 #include <net/if_var.h> 114 #include <net/pfvar.h> 115 116 #include <netinet/in.h> 117 #include <netinet/ip.h> 118 #include <netinet/ip_var.h> 119 #include <netinet/in_pcb.h> 120 121 #include <netinet6/in6_var.h> 122 123 #if NSTOEPLITZ > 0 124 #include <net/toeplitz.h> 125 #endif 126 127 const struct in6_addr zeroin6_addr; 128 129 struct inpcb *in6_pcbhash_lookup(struct inpcbtable *, u_int, 130 const struct in6_addr *, u_short, const struct in6_addr *, u_short); 131 132 struct inpcbhead * 133 in6_pcbhash(struct inpcbtable *table, u_int rdomain, 134 const struct in6_addr *faddr, u_short fport, 135 const struct in6_addr *laddr, u_short lport) 136 { 137 SIPHASH_CTX ctx; 138 u_int32_t nrdom = htonl(rdomain); 139 140 SipHash24_Init(&ctx, &table->inpt_key); 141 SipHash24_Update(&ctx, &nrdom, sizeof(nrdom)); 142 SipHash24_Update(&ctx, faddr, sizeof(*faddr)); 143 SipHash24_Update(&ctx, &fport, sizeof(fport)); 144 SipHash24_Update(&ctx, laddr, sizeof(*laddr)); 145 SipHash24_Update(&ctx, &lport, sizeof(lport)); 146 147 return (&table->inpt_hashtbl[SipHash24_End(&ctx) & table->inpt_mask]); 148 } 149 150 int 151 in6_pcbaddrisavail(struct inpcb *inp, struct sockaddr_in6 *sin6, int wild, 152 struct proc *p) 153 { 154 struct socket *so = inp->inp_socket; 155 struct inpcbtable *table = inp->inp_table; 156 u_short lport = sin6->sin6_port; 157 int reuseport = (so->so_options & SO_REUSEPORT); 158 159 wild |= INPLOOKUP_IPV6; 160 /* KAME hack: embed scopeid */ 161 if (in6_embedscope(&sin6->sin6_addr, sin6, inp) != 0) 162 return (EINVAL); 163 /* this must be cleared for ifa_ifwithaddr() */ 164 sin6->sin6_scope_id = 0; 165 /* reject IPv4 mapped address, we have no support for it */ 166 if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) 167 return (EADDRNOTAVAIL); 168 169 if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) { 170 /* 171 * Treat SO_REUSEADDR as SO_REUSEPORT for multicast; 172 * allow complete duplication of binding if 173 * SO_REUSEPORT is set, or if SO_REUSEADDR is set 174 * and a multicast address is bound on both 175 * new and duplicated sockets. 176 */ 177 if (so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) 178 reuseport = SO_REUSEADDR | SO_REUSEPORT; 179 } else if (!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 180 struct ifaddr *ifa = NULL; 181 182 sin6->sin6_port = 0; /* 183 * Yechhhh, because of upcoming 184 * call to ifa_ifwithaddr(), which 185 * does bcmp's over the PORTS as 186 * well. (What about flow?) 187 */ 188 sin6->sin6_flowinfo = 0; 189 if (!(so->so_options & SO_BINDANY) && 190 (ifa = ifa_ifwithaddr(sin6tosa(sin6), 191 inp->inp_rtableid)) == NULL) 192 return (EADDRNOTAVAIL); 193 sin6->sin6_port = lport; 194 195 /* 196 * bind to an anycast address might accidentally 197 * cause sending a packet with an anycast source 198 * address, so we forbid it. 199 * 200 * We should allow to bind to a deprecated address, 201 * since the application dare to use it. 202 * But, can we assume that they are careful enough 203 * to check if the address is deprecated or not? 204 * Maybe, as a safeguard, we should have a setsockopt 205 * flag to control the bind(2) behavior against 206 * deprecated addresses (default: forbid bind(2)). 207 */ 208 if (ifa && ifatoia6(ifa)->ia6_flags & (IN6_IFF_ANYCAST| 209 IN6_IFF_TENTATIVE|IN6_IFF_DUPLICATED|IN6_IFF_DETACHED)) 210 return (EADDRNOTAVAIL); 211 } 212 if (lport) { 213 struct inpcb *t; 214 int error = 0; 215 216 if (so->so_euid && !IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) { 217 t = in_pcblookup_local(table, &sin6->sin6_addr, lport, 218 INPLOOKUP_WILDCARD | INPLOOKUP_IPV6, 219 inp->inp_rtableid); 220 if (t && (so->so_euid != t->inp_socket->so_euid)) 221 error = EADDRINUSE; 222 in_pcbunref(t); 223 if (error) 224 return (error); 225 } 226 t = in_pcblookup_local(table, &sin6->sin6_addr, lport, 227 wild, inp->inp_rtableid); 228 if (t && (reuseport & t->inp_socket->so_options) == 0) 229 error = EADDRINUSE; 230 in_pcbunref(t); 231 if (error) 232 return (error); 233 } 234 return (0); 235 } 236 237 /* 238 * Connect from a socket to a specified address. 239 * Both address and port must be specified in argument sin6. 240 * Eventually, flow labels will have to be dealt with here, as well. 241 * 242 * If don't have a local address for this socket yet, 243 * then pick one. 244 */ 245 int 246 in6_pcbconnect(struct inpcb *inp, struct mbuf *nam) 247 { 248 struct in6_addr *in6a = NULL; 249 struct sockaddr_in6 *sin6; 250 struct inpcb *t; 251 int error; 252 struct sockaddr_in6 tmp; 253 254 KASSERT(inp->inp_flags & INP_IPV6); 255 256 if ((error = in6_nam2sin6(nam, &sin6))) 257 return (error); 258 if (sin6->sin6_port == 0) 259 return (EADDRNOTAVAIL); 260 /* reject IPv4 mapped address, we have no support for it */ 261 if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) 262 return (EADDRNOTAVAIL); 263 264 /* protect *sin6 from overwrites */ 265 tmp = *sin6; 266 sin6 = &tmp; 267 268 /* KAME hack: embed scopeid */ 269 if (in6_embedscope(&sin6->sin6_addr, sin6, inp) != 0) 270 return EINVAL; 271 /* this must be cleared for ifa_ifwithaddr() */ 272 sin6->sin6_scope_id = 0; 273 274 /* Source address selection. */ 275 /* 276 * XXX: in6_selectsrc might replace the bound local address 277 * with the address specified by setsockopt(IPV6_PKTINFO). 278 * Is it the intended behavior? 279 */ 280 error = in6_pcbselsrc(&in6a, sin6, inp, inp->inp_outputopts6); 281 if (error) 282 return (error); 283 284 inp->inp_ipv6.ip6_hlim = (u_int8_t)in6_selecthlim(inp); 285 286 t = in6_pcblookup(inp->inp_table, &sin6->sin6_addr, sin6->sin6_port, 287 IN6_IS_ADDR_UNSPECIFIED(&inp->inp_laddr6) ? in6a : &inp->inp_laddr6, 288 inp->inp_lport, inp->inp_rtableid); 289 if (t != NULL) { 290 in_pcbunref(t); 291 return (EADDRINUSE); 292 } 293 294 KASSERT(IN6_IS_ADDR_UNSPECIFIED(&inp->inp_laddr6) || inp->inp_lport); 295 296 if (IN6_IS_ADDR_UNSPECIFIED(&inp->inp_laddr6)) { 297 if (inp->inp_lport == 0) { 298 error = in_pcbbind(inp, NULL, curproc); 299 if (error) 300 return (error); 301 t = in6_pcblookup(inp->inp_table, &sin6->sin6_addr, 302 sin6->sin6_port, in6a, inp->inp_lport, 303 inp->inp_rtableid); 304 if (t != NULL) { 305 inp->inp_lport = 0; 306 in_pcbunref(t); 307 return (EADDRINUSE); 308 } 309 } 310 inp->inp_laddr6 = *in6a; 311 } 312 inp->inp_faddr6 = sin6->sin6_addr; 313 inp->inp_fport = sin6->sin6_port; 314 inp->inp_flowinfo &= ~IPV6_FLOWLABEL_MASK; 315 if (ip6_auto_flowlabel) 316 inp->inp_flowinfo |= 317 (htonl(ip6_randomflowlabel()) & IPV6_FLOWLABEL_MASK); 318 #if NSTOEPLITZ > 0 319 inp->inp_flowid = stoeplitz_ip6port(&inp->inp_faddr6, 320 &inp->inp_laddr6, inp->inp_fport, inp->inp_lport); 321 #endif 322 in_pcbrehash(inp); 323 return (0); 324 } 325 326 /* 327 * Get the local address/port, and put it in a sockaddr_in6. 328 * This services the getsockname(2) call. 329 */ 330 void 331 in6_setsockaddr(struct inpcb *inp, struct mbuf *nam) 332 { 333 struct sockaddr_in6 *sin6; 334 335 nam->m_len = sizeof(struct sockaddr_in6); 336 sin6 = mtod(nam,struct sockaddr_in6 *); 337 338 bzero ((caddr_t)sin6,sizeof(struct sockaddr_in6)); 339 sin6->sin6_family = AF_INET6; 340 sin6->sin6_len = sizeof(struct sockaddr_in6); 341 sin6->sin6_port = inp->inp_lport; 342 sin6->sin6_addr = inp->inp_laddr6; 343 /* KAME hack: recover scopeid */ 344 in6_recoverscope(sin6, &inp->inp_laddr6); 345 } 346 347 /* 348 * Get the foreign address/port, and put it in a sockaddr_in6. 349 * This services the getpeername(2) call. 350 */ 351 void 352 in6_setpeeraddr(struct inpcb *inp, struct mbuf *nam) 353 { 354 struct sockaddr_in6 *sin6; 355 356 nam->m_len = sizeof(struct sockaddr_in6); 357 sin6 = mtod(nam,struct sockaddr_in6 *); 358 359 bzero ((caddr_t)sin6,sizeof(struct sockaddr_in6)); 360 sin6->sin6_family = AF_INET6; 361 sin6->sin6_len = sizeof(struct sockaddr_in6); 362 sin6->sin6_port = inp->inp_fport; 363 sin6->sin6_addr = inp->inp_faddr6; 364 /* KAME hack: recover scopeid */ 365 in6_recoverscope(sin6, &inp->inp_faddr6); 366 } 367 368 int 369 in6_sockaddr(struct socket *so, struct mbuf *nam) 370 { 371 struct inpcb *in6p; 372 373 in6p = sotoinpcb(so); 374 in6_setsockaddr(in6p, nam); 375 376 return (0); 377 } 378 379 int 380 in6_peeraddr(struct socket *so, struct mbuf *nam) 381 { 382 struct inpcb *in6p; 383 384 in6p = sotoinpcb(so); 385 in6_setpeeraddr(in6p, nam); 386 387 return (0); 388 } 389 390 /* 391 * Pass some notification to all connections of a protocol 392 * associated with address dst. The local address and/or port numbers 393 * may be specified to limit the search. The "usual action" will be 394 * taken, depending on the ctlinput cmd. The caller must filter any 395 * cmds that are uninteresting (e.g., no error in the map). 396 * Call the protocol specific routine (if any) to report 397 * any errors for each matching socket. 398 * 399 * Also perform input-side security policy check 400 * once PCB to be notified has been located. 401 */ 402 void 403 in6_pcbnotify(struct inpcbtable *table, struct sockaddr_in6 *dst, 404 uint fport_arg, const struct sockaddr_in6 *src, uint lport_arg, 405 u_int rtable, int cmd, void *cmdarg, void (*notify)(struct inpcb *, int)) 406 { 407 SIMPLEQ_HEAD(, inpcb) inpcblist; 408 struct inpcb *inp; 409 u_short fport = fport_arg, lport = lport_arg; 410 struct sockaddr_in6 sa6_src; 411 int errno; 412 u_int32_t flowinfo; 413 u_int rdomain; 414 415 if ((unsigned)cmd >= PRC_NCMDS) 416 return; 417 418 if (IN6_IS_ADDR_UNSPECIFIED(&dst->sin6_addr)) 419 return; 420 if (IN6_IS_ADDR_V4MAPPED(&dst->sin6_addr)) { 421 #ifdef DIAGNOSTIC 422 printf("%s: Huh? Thought we never got " 423 "called with mapped!\n", __func__); 424 #endif 425 return; 426 } 427 428 /* 429 * note that src can be NULL when we get notify by local fragmentation. 430 */ 431 sa6_src = (src == NULL) ? sa6_any : *src; 432 flowinfo = sa6_src.sin6_flowinfo; 433 434 /* 435 * Redirects go to all references to the destination, 436 * and use in_rtchange to invalidate the route cache. 437 * Dead host indications: also use in_rtchange to invalidate 438 * the cache, and deliver the error to all the sockets. 439 * Otherwise, if we have knowledge of the local port and address, 440 * deliver only to that socket. 441 */ 442 if (PRC_IS_REDIRECT(cmd) || cmd == PRC_HOSTDEAD) { 443 fport = 0; 444 lport = 0; 445 sa6_src.sin6_addr = in6addr_any; 446 447 if (cmd != PRC_HOSTDEAD) 448 notify = in_rtchange; 449 } 450 errno = inet6ctlerrmap[cmd]; 451 if (notify == NULL) 452 return; 453 454 SIMPLEQ_INIT(&inpcblist); 455 rdomain = rtable_l2(rtable); 456 rw_enter_write(&table->inpt_notify); 457 mtx_enter(&table->inpt_mtx); 458 TAILQ_FOREACH(inp, &table->inpt_queue, inp_queue) { 459 if ((inp->inp_flags & INP_IPV6) == 0) 460 continue; 461 462 /* 463 * Under the following condition, notify of redirects 464 * to the pcb, without making address matches against inpcb. 465 * - redirect notification is arrived. 466 * - the inpcb is unconnected. 467 * - the inpcb is caching !RTF_HOST routing entry. 468 * - the ICMPv6 notification is from the gateway cached in the 469 * inpcb. i.e. ICMPv6 notification is from nexthop gateway 470 * the inpcb used very recently. 471 * 472 * This is to improve interaction between netbsd/openbsd 473 * redirect handling code, and inpcb route cache code. 474 * without the clause, !RTF_HOST routing entry (which carries 475 * gateway used by inpcb right before the ICMPv6 redirect) 476 * will be cached forever in unconnected inpcb. 477 * 478 * There still is a question regarding to what is TRT: 479 * - On bsdi/freebsd, RTF_HOST (cloned) routing entry will be 480 * generated on packet output. inpcb will always cache 481 * RTF_HOST routing entry so there's no need for the clause 482 * (ICMPv6 redirect will update RTF_HOST routing entry, 483 * and inpcb is caching it already). 484 * However, bsdi/freebsd are vulnerable to local DoS attacks 485 * due to the cloned routing entries. 486 * - Specwise, "destination cache" is mentioned in RFC2461. 487 * Jinmei says that it implies bsdi/freebsd behavior, itojun 488 * is not really convinced. 489 * - Having hiwat/lowat on # of cloned host route (redirect/ 490 * pmtud) may be a good idea. netbsd/openbsd has it. see 491 * icmp6_mtudisc_update(). 492 */ 493 if ((PRC_IS_REDIRECT(cmd) || cmd == PRC_HOSTDEAD) && 494 IN6_IS_ADDR_UNSPECIFIED(&inp->inp_laddr6) && 495 inp->inp_route.ro_rt && 496 !(inp->inp_route.ro_rt->rt_flags & RTF_HOST)) { 497 struct sockaddr_in6 *dst6; 498 499 dst6 = satosin6(&inp->inp_route.ro_dst); 500 if (IN6_ARE_ADDR_EQUAL(&dst6->sin6_addr, 501 &dst->sin6_addr)) 502 goto do_notify; 503 } 504 505 /* 506 * Detect if we should notify the error. If no source and 507 * destination ports are specified, but non-zero flowinfo and 508 * local address match, notify the error. This is the case 509 * when the error is delivered with an encrypted buffer 510 * by ESP. Otherwise, just compare addresses and ports 511 * as usual. 512 */ 513 if (lport == 0 && fport == 0 && flowinfo && 514 inp->inp_socket != NULL && 515 flowinfo == (inp->inp_flowinfo & IPV6_FLOWLABEL_MASK) && 516 IN6_ARE_ADDR_EQUAL(&inp->inp_laddr6, &sa6_src.sin6_addr)) 517 goto do_notify; 518 else if (!IN6_ARE_ADDR_EQUAL(&inp->inp_faddr6, 519 &dst->sin6_addr) || 520 rtable_l2(inp->inp_rtableid) != rdomain || 521 inp->inp_socket == NULL || 522 (lport && inp->inp_lport != lport) || 523 (!IN6_IS_ADDR_UNSPECIFIED(&sa6_src.sin6_addr) && 524 !IN6_ARE_ADDR_EQUAL(&inp->inp_laddr6, 525 &sa6_src.sin6_addr)) || 526 (fport && inp->inp_fport != fport)) { 527 continue; 528 } 529 do_notify: 530 in_pcbref(inp); 531 SIMPLEQ_INSERT_TAIL(&inpcblist, inp, inp_notify); 532 } 533 mtx_leave(&table->inpt_mtx); 534 535 while ((inp = SIMPLEQ_FIRST(&inpcblist)) != NULL) { 536 SIMPLEQ_REMOVE_HEAD(&inpcblist, inp_notify); 537 (*notify)(inp, errno); 538 in_pcbunref(inp); 539 } 540 rw_exit_write(&table->inpt_notify); 541 } 542 543 struct inpcb * 544 in6_pcbhash_lookup(struct inpcbtable *table, u_int rdomain, 545 const struct in6_addr *faddr, u_short fport, 546 const struct in6_addr *laddr, u_short lport) 547 { 548 struct inpcbhead *head; 549 struct inpcb *inp; 550 551 NET_ASSERT_LOCKED(); 552 MUTEX_ASSERT_LOCKED(&table->inpt_mtx); 553 554 head = in6_pcbhash(table, rdomain, faddr, fport, laddr, lport); 555 LIST_FOREACH(inp, head, inp_hash) { 556 if (!ISSET(inp->inp_flags, INP_IPV6)) 557 continue; 558 if (inp->inp_fport == fport && inp->inp_lport == lport && 559 IN6_ARE_ADDR_EQUAL(&inp->inp_faddr6, faddr) && 560 IN6_ARE_ADDR_EQUAL(&inp->inp_laddr6, laddr) && 561 rtable_l2(inp->inp_rtableid) == rdomain) { 562 break; 563 } 564 } 565 if (inp != NULL) { 566 /* 567 * Move this PCB to the head of hash chain so that 568 * repeated accesses are quicker. This is analogous to 569 * the historic single-entry PCB cache. 570 */ 571 if (inp != LIST_FIRST(head)) { 572 LIST_REMOVE(inp, inp_hash); 573 LIST_INSERT_HEAD(head, inp, inp_hash); 574 } 575 } 576 return (inp); 577 } 578 579 struct inpcb * 580 in6_pcblookup(struct inpcbtable *table, const struct in6_addr *faddr, 581 u_int fport, const struct in6_addr *laddr, u_int lport, u_int rtable) 582 { 583 struct inpcb *inp; 584 u_int rdomain; 585 586 rdomain = rtable_l2(rtable); 587 mtx_enter(&table->inpt_mtx); 588 inp = in6_pcbhash_lookup(table, rdomain, faddr, fport, laddr, lport); 589 in_pcbref(inp); 590 mtx_leave(&table->inpt_mtx); 591 #ifdef DIAGNOSTIC 592 if (inp == NULL && in_pcbnotifymiss) { 593 printf("%s: faddr= fport=%d laddr= lport=%d rdom=%u\n", 594 __func__, ntohs(fport), ntohs(lport), rdomain); 595 } 596 #endif 597 return (inp); 598 } 599 600 struct inpcb * 601 in6_pcblookup_listen(struct inpcbtable *table, struct in6_addr *laddr, 602 u_int lport, struct mbuf *m, u_int rtable) 603 { 604 const struct in6_addr *key1, *key2; 605 struct inpcb *inp; 606 u_int rdomain; 607 608 key1 = laddr; 609 key2 = &zeroin6_addr; 610 #if NPF > 0 611 if (m && m->m_pkthdr.pf.flags & PF_TAG_DIVERTED) { 612 struct pf_divert *divert; 613 614 divert = pf_find_divert(m); 615 KASSERT(divert != NULL); 616 switch (divert->type) { 617 case PF_DIVERT_TO: 618 key1 = key2 = &divert->addr.v6; 619 lport = divert->port; 620 break; 621 case PF_DIVERT_REPLY: 622 return (NULL); 623 default: 624 panic("%s: unknown divert type %d, mbuf %p, divert %p", 625 __func__, divert->type, m, divert); 626 } 627 } else if (m && m->m_pkthdr.pf.flags & PF_TAG_TRANSLATE_LOCALHOST) { 628 /* 629 * Redirected connections should not be treated the same 630 * as connections directed to ::1 since localhost 631 * can only be accessed from the host itself. 632 */ 633 key1 = &zeroin6_addr; 634 key2 = laddr; 635 } 636 #endif 637 638 rdomain = rtable_l2(rtable); 639 mtx_enter(&table->inpt_mtx); 640 inp = in6_pcbhash_lookup(table, rdomain, &zeroin6_addr, 0, key1, lport); 641 if (inp == NULL && ! IN6_ARE_ADDR_EQUAL(key1, key2)) { 642 inp = in6_pcbhash_lookup(table, rdomain, 643 &zeroin6_addr, 0, key2, lport); 644 } 645 in_pcbref(inp); 646 mtx_leave(&table->inpt_mtx); 647 #ifdef DIAGNOSTIC 648 if (inp == NULL && in_pcbnotifymiss) { 649 printf("%s: laddr= lport=%d rdom=%u\n", 650 __func__, ntohs(lport), rdomain); 651 } 652 #endif 653 return (inp); 654 } 655