FreeBSD/Linux Kernel Cross Reference
sys/netinet6/in6.c
1 /*-
2 * SPDX-License-Identifier: BSD-3-Clause
3 *
4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the project nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 *
31 * $KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $
32 */
33
34 /*-
35 * Copyright (c) 1982, 1986, 1991, 1993
36 * The Regents of the University of California. All rights reserved.
37 *
38 * Redistribution and use in source and binary forms, with or without
39 * modification, are permitted provided that the following conditions
40 * are met:
41 * 1. Redistributions of source code must retain the above copyright
42 * notice, this list of conditions and the following disclaimer.
43 * 2. Redistributions in binary form must reproduce the above copyright
44 * notice, this list of conditions and the following disclaimer in the
45 * documentation and/or other materials provided with the distribution.
46 * 3. Neither the name of the University nor the names of its contributors
47 * may be used to endorse or promote products derived from this software
48 * without specific prior written permission.
49 *
50 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
51 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
52 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
53 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
54 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
55 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
56 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
57 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
58 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
59 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
60 * SUCH DAMAGE.
61 *
62 * @(#)in.c 8.2 (Berkeley) 11/15/93
63 */
64
65 #include <sys/cdefs.h>
66 __FBSDID("$FreeBSD$");
67
68 #include "opt_inet.h"
69 #include "opt_inet6.h"
70
71 #include <sys/param.h>
72 #include <sys/eventhandler.h>
73 #include <sys/errno.h>
74 #include <sys/jail.h>
75 #include <sys/malloc.h>
76 #include <sys/socket.h>
77 #include <sys/socketvar.h>
78 #include <sys/sockio.h>
79 #include <sys/systm.h>
80 #include <sys/priv.h>
81 #include <sys/proc.h>
82 #include <sys/protosw.h>
83 #include <sys/time.h>
84 #include <sys/kernel.h>
85 #include <sys/lock.h>
86 #include <sys/rmlock.h>
87 #include <sys/sysctl.h>
88 #include <sys/syslog.h>
89
90 #include <net/if.h>
91 #include <net/if_var.h>
92 #include <net/if_types.h>
93 #include <net/route.h>
94 #include <net/route/route_ctl.h>
95 #include <net/route/nhop.h>
96 #include <net/if_dl.h>
97 #include <net/vnet.h>
98
99 #include <netinet/in.h>
100 #include <netinet/in_var.h>
101 #include <net/if_llatbl.h>
102 #include <netinet/if_ether.h>
103 #include <netinet/in_systm.h>
104 #include <netinet/ip.h>
105 #include <netinet/in_pcb.h>
106 #include <netinet/ip_carp.h>
107
108 #include <netinet/ip6.h>
109 #include <netinet6/ip6_var.h>
110 #include <netinet6/nd6.h>
111 #include <netinet6/mld6_var.h>
112 #include <netinet6/ip6_mroute.h>
113 #include <netinet6/in6_ifattach.h>
114 #include <netinet6/scope6_var.h>
115 #include <netinet6/in6_fib.h>
116 #include <netinet6/in6_pcb.h>
117
118 /*
119 * struct in6_ifreq and struct ifreq must be type punnable for common members
120 * of ifr_ifru to allow accessors to be shared.
121 */
122 _Static_assert(offsetof(struct in6_ifreq, ifr_ifru) ==
123 offsetof(struct ifreq, ifr_ifru),
124 "struct in6_ifreq and struct ifreq are not type punnable");
125
126 VNET_DECLARE(int, icmp6_nodeinfo_oldmcprefix);
127 #define V_icmp6_nodeinfo_oldmcprefix VNET(icmp6_nodeinfo_oldmcprefix)
128
129 /*
130 * Definitions of some costant IP6 addresses.
131 */
132 const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT;
133 const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT;
134 const struct in6_addr in6addr_nodelocal_allnodes =
135 IN6ADDR_NODELOCAL_ALLNODES_INIT;
136 const struct in6_addr in6addr_linklocal_allnodes =
137 IN6ADDR_LINKLOCAL_ALLNODES_INIT;
138 const struct in6_addr in6addr_linklocal_allrouters =
139 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT;
140 const struct in6_addr in6addr_linklocal_allv2routers =
141 IN6ADDR_LINKLOCAL_ALLV2ROUTERS_INIT;
142
143 const struct in6_addr in6mask0 = IN6MASK0;
144 const struct in6_addr in6mask32 = IN6MASK32;
145 const struct in6_addr in6mask64 = IN6MASK64;
146 const struct in6_addr in6mask96 = IN6MASK96;
147 const struct in6_addr in6mask128 = IN6MASK128;
148
149 const struct sockaddr_in6 sa6_any =
150 { sizeof(sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0 };
151
152 static int in6_notify_ifa(struct ifnet *, struct in6_ifaddr *,
153 struct in6_aliasreq *, int);
154 static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *);
155
156 static int in6_validate_ifra(struct ifnet *, struct in6_aliasreq *,
157 struct in6_ifaddr *, int);
158 static struct in6_ifaddr *in6_alloc_ifa(struct ifnet *,
159 struct in6_aliasreq *, int flags);
160 static int in6_update_ifa_internal(struct ifnet *, struct in6_aliasreq *,
161 struct in6_ifaddr *, int, int);
162 static int in6_broadcast_ifa(struct ifnet *, struct in6_aliasreq *,
163 struct in6_ifaddr *, int);
164
165 #define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa))
166 #define ia62ifa(ia6) (&((ia6)->ia_ifa))
167
168 void
169 in6_newaddrmsg(struct in6_ifaddr *ia, int cmd)
170 {
171 struct rt_addrinfo info;
172 struct ifaddr *ifa;
173 struct sockaddr_dl gateway;
174 int fibnum;
175
176 ifa = &ia->ia_ifa;
177
178 /*
179 * Prepare info data for the host route.
180 * This code mimics one from ifa_maintain_loopback_route().
181 */
182 bzero(&info, sizeof(struct rt_addrinfo));
183 info.rti_flags = ifa->ifa_flags | RTF_HOST | RTF_STATIC | RTF_PINNED;
184 info.rti_info[RTAX_DST] = ifa->ifa_addr;
185 info.rti_info[RTAX_GATEWAY] = (struct sockaddr *)&gateway;
186 link_init_sdl(ifa->ifa_ifp, (struct sockaddr *)&gateway, ifa->ifa_ifp->if_type);
187 if (cmd != RTM_DELETE)
188 info.rti_ifp = V_loif;
189
190 fibnum = ia62ifa(ia)->ifa_ifp->if_fib;
191
192 if (cmd == RTM_ADD) {
193 rt_addrmsg(cmd, &ia->ia_ifa, fibnum);
194 rt_routemsg_info(cmd, &info, fibnum);
195 } else if (cmd == RTM_DELETE) {
196 rt_routemsg_info(cmd, &info, fibnum);
197 rt_addrmsg(cmd, &ia->ia_ifa, fibnum);
198 }
199 }
200
201 int
202 in6_mask2len(struct in6_addr *mask, u_char *lim0)
203 {
204 int x = 0, y;
205 u_char *lim = lim0, *p;
206
207 /* ignore the scope_id part */
208 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask))
209 lim = (u_char *)mask + sizeof(*mask);
210 for (p = (u_char *)mask; p < lim; x++, p++) {
211 if (*p != 0xff)
212 break;
213 }
214 y = 0;
215 if (p < lim) {
216 for (y = 0; y < 8; y++) {
217 if ((*p & (0x80 >> y)) == 0)
218 break;
219 }
220 }
221
222 /*
223 * when the limit pointer is given, do a stricter check on the
224 * remaining bits.
225 */
226 if (p < lim) {
227 if (y != 0 && (*p & (0x00ff >> y)) != 0)
228 return (-1);
229 for (p = p + 1; p < lim; p++)
230 if (*p != 0)
231 return (-1);
232 }
233
234 return x * 8 + y;
235 }
236
237 #ifdef COMPAT_FREEBSD32
238 struct in6_ndifreq32 {
239 char ifname[IFNAMSIZ];
240 uint32_t ifindex;
241 };
242 #define SIOCGDEFIFACE32_IN6 _IOWR('i', 86, struct in6_ndifreq32)
243 #endif
244
245 int
246 in6_control(struct socket *so, u_long cmd, caddr_t data,
247 struct ifnet *ifp, struct thread *td)
248 {
249 struct in6_ifreq *ifr = (struct in6_ifreq *)data;
250 struct in6_ifaddr *ia = NULL;
251 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data;
252 struct sockaddr_in6 *sa6;
253 int carp_attached = 0;
254 int error;
255 u_long ocmd = cmd;
256
257 /*
258 * Compat to make pre-10.x ifconfig(8) operable.
259 */
260 if (cmd == OSIOCAIFADDR_IN6)
261 cmd = SIOCAIFADDR_IN6;
262
263 switch (cmd) {
264 case SIOCGETSGCNT_IN6:
265 case SIOCGETMIFCNT_IN6:
266 /*
267 * XXX mrt_ioctl has a 3rd, unused, FIB argument in route.c.
268 * We cannot see how that would be needed, so do not adjust the
269 * KPI blindly; more likely should clean up the IPv4 variant.
270 */
271 return (mrt6_ioctl ? mrt6_ioctl(cmd, data) : EOPNOTSUPP);
272 }
273
274 switch (cmd) {
275 case SIOCAADDRCTL_POLICY:
276 case SIOCDADDRCTL_POLICY:
277 if (td != NULL) {
278 error = priv_check(td, PRIV_NETINET_ADDRCTRL6);
279 if (error)
280 return (error);
281 }
282 return (in6_src_ioctl(cmd, data));
283 }
284
285 if (ifp == NULL)
286 return (EOPNOTSUPP);
287
288 switch (cmd) {
289 case SIOCSNDFLUSH_IN6:
290 case SIOCSPFXFLUSH_IN6:
291 case SIOCSRTRFLUSH_IN6:
292 case SIOCSDEFIFACE_IN6:
293 case SIOCSIFINFO_FLAGS:
294 case SIOCSIFINFO_IN6:
295 if (td != NULL) {
296 error = priv_check(td, PRIV_NETINET_ND6);
297 if (error)
298 return (error);
299 }
300 /* FALLTHROUGH */
301 case OSIOCGIFINFO_IN6:
302 case SIOCGIFINFO_IN6:
303 case SIOCGNBRINFO_IN6:
304 case SIOCGDEFIFACE_IN6:
305 return (nd6_ioctl(cmd, data, ifp));
306
307 #ifdef COMPAT_FREEBSD32
308 case SIOCGDEFIFACE32_IN6:
309 {
310 struct in6_ndifreq ndif;
311 struct in6_ndifreq32 *ndif32;
312
313 error = nd6_ioctl(SIOCGDEFIFACE_IN6, (caddr_t)&ndif,
314 ifp);
315 if (error)
316 return (error);
317 ndif32 = (struct in6_ndifreq32 *)data;
318 ndif32->ifindex = ndif.ifindex;
319 return (0);
320 }
321 #endif
322 }
323
324 switch (cmd) {
325 case SIOCSIFPREFIX_IN6:
326 case SIOCDIFPREFIX_IN6:
327 case SIOCAIFPREFIX_IN6:
328 case SIOCCIFPREFIX_IN6:
329 case SIOCSGIFPREFIX_IN6:
330 case SIOCGIFPREFIX_IN6:
331 log(LOG_NOTICE,
332 "prefix ioctls are now invalidated. "
333 "please use ifconfig.\n");
334 return (EOPNOTSUPP);
335 }
336
337 switch (cmd) {
338 case SIOCSSCOPE6:
339 if (td != NULL) {
340 error = priv_check(td, PRIV_NETINET_SCOPE6);
341 if (error)
342 return (error);
343 }
344 /* FALLTHROUGH */
345 case SIOCGSCOPE6:
346 case SIOCGSCOPE6DEF:
347 return (scope6_ioctl(cmd, data, ifp));
348 }
349
350 /*
351 * Find address for this interface, if it exists.
352 *
353 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation
354 * only, and used the first interface address as the target of other
355 * operations (without checking ifra_addr). This was because netinet
356 * code/API assumed at most 1 interface address per interface.
357 * Since IPv6 allows a node to assign multiple addresses
358 * on a single interface, we almost always look and check the
359 * presence of ifra_addr, and reject invalid ones here.
360 * It also decreases duplicated code among SIOC*_IN6 operations.
361 */
362 switch (cmd) {
363 case SIOCAIFADDR_IN6:
364 case SIOCSIFPHYADDR_IN6:
365 sa6 = &ifra->ifra_addr;
366 break;
367 case SIOCSIFADDR_IN6:
368 case SIOCGIFADDR_IN6:
369 case SIOCSIFDSTADDR_IN6:
370 case SIOCSIFNETMASK_IN6:
371 case SIOCGIFDSTADDR_IN6:
372 case SIOCGIFNETMASK_IN6:
373 case SIOCDIFADDR_IN6:
374 case SIOCGIFPSRCADDR_IN6:
375 case SIOCGIFPDSTADDR_IN6:
376 case SIOCGIFAFLAG_IN6:
377 case SIOCSNDFLUSH_IN6:
378 case SIOCSPFXFLUSH_IN6:
379 case SIOCSRTRFLUSH_IN6:
380 case SIOCGIFALIFETIME_IN6:
381 case SIOCGIFSTAT_IN6:
382 case SIOCGIFSTAT_ICMP6:
383 sa6 = &ifr->ifr_addr;
384 break;
385 case SIOCSIFADDR:
386 case SIOCSIFBRDADDR:
387 case SIOCSIFDSTADDR:
388 case SIOCSIFNETMASK:
389 /*
390 * Although we should pass any non-INET6 ioctl requests
391 * down to driver, we filter some legacy INET requests.
392 * Drivers trust SIOCSIFADDR et al to come from an already
393 * privileged layer, and do not perform any credentials
394 * checks or input validation.
395 */
396 return (EINVAL);
397 default:
398 sa6 = NULL;
399 break;
400 }
401 if (sa6 && sa6->sin6_family == AF_INET6) {
402 if (sa6->sin6_scope_id != 0)
403 error = sa6_embedscope(sa6, 0);
404 else
405 error = in6_setscope(&sa6->sin6_addr, ifp, NULL);
406 if (error != 0)
407 return (error);
408 if (td != NULL && (error = prison_check_ip6(td->td_ucred,
409 &sa6->sin6_addr)) != 0)
410 return (error);
411 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr);
412 } else
413 ia = NULL;
414
415 switch (cmd) {
416 case SIOCSIFADDR_IN6:
417 case SIOCSIFDSTADDR_IN6:
418 case SIOCSIFNETMASK_IN6:
419 /*
420 * Since IPv6 allows a node to assign multiple addresses
421 * on a single interface, SIOCSIFxxx ioctls are deprecated.
422 */
423 /* we decided to obsolete this command (20000704) */
424 error = EINVAL;
425 goto out;
426
427 case SIOCDIFADDR_IN6:
428 /*
429 * for IPv4, we look for existing in_ifaddr here to allow
430 * "ifconfig if0 delete" to remove the first IPv4 address on
431 * the interface. For IPv6, as the spec allows multiple
432 * interface address from the day one, we consider "remove the
433 * first one" semantics to be not preferable.
434 */
435 if (ia == NULL) {
436 error = EADDRNOTAVAIL;
437 goto out;
438 }
439 /* FALLTHROUGH */
440 case SIOCAIFADDR_IN6:
441 /*
442 * We always require users to specify a valid IPv6 address for
443 * the corresponding operation.
444 */
445 if (ifra->ifra_addr.sin6_family != AF_INET6 ||
446 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) {
447 error = EAFNOSUPPORT;
448 goto out;
449 }
450
451 if (td != NULL) {
452 error = priv_check(td, (cmd == SIOCDIFADDR_IN6) ?
453 PRIV_NET_DELIFADDR : PRIV_NET_ADDIFADDR);
454 if (error)
455 goto out;
456 }
457 /* FALLTHROUGH */
458 case SIOCGIFSTAT_IN6:
459 case SIOCGIFSTAT_ICMP6:
460 if (ifp->if_afdata[AF_INET6] == NULL) {
461 error = EPFNOSUPPORT;
462 goto out;
463 }
464 break;
465
466 case SIOCGIFADDR_IN6:
467 /* This interface is basically deprecated. use SIOCGIFCONF. */
468 /* FALLTHROUGH */
469 case SIOCGIFAFLAG_IN6:
470 case SIOCGIFNETMASK_IN6:
471 case SIOCGIFDSTADDR_IN6:
472 case SIOCGIFALIFETIME_IN6:
473 /* must think again about its semantics */
474 if (ia == NULL) {
475 error = EADDRNOTAVAIL;
476 goto out;
477 }
478 break;
479 }
480
481 switch (cmd) {
482 case SIOCGIFADDR_IN6:
483 ifr->ifr_addr = ia->ia_addr;
484 if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0)
485 goto out;
486 break;
487
488 case SIOCGIFDSTADDR_IN6:
489 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) {
490 error = EINVAL;
491 goto out;
492 }
493 ifr->ifr_dstaddr = ia->ia_dstaddr;
494 if ((error = sa6_recoverscope(&ifr->ifr_dstaddr)) != 0)
495 goto out;
496 break;
497
498 case SIOCGIFNETMASK_IN6:
499 ifr->ifr_addr = ia->ia_prefixmask;
500 break;
501
502 case SIOCGIFAFLAG_IN6:
503 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags;
504 break;
505
506 case SIOCGIFSTAT_IN6:
507 COUNTER_ARRAY_COPY(((struct in6_ifextra *)
508 ifp->if_afdata[AF_INET6])->in6_ifstat,
509 &ifr->ifr_ifru.ifru_stat,
510 sizeof(struct in6_ifstat) / sizeof(uint64_t));
511 break;
512
513 case SIOCGIFSTAT_ICMP6:
514 COUNTER_ARRAY_COPY(((struct in6_ifextra *)
515 ifp->if_afdata[AF_INET6])->icmp6_ifstat,
516 &ifr->ifr_ifru.ifru_icmp6stat,
517 sizeof(struct icmp6_ifstat) / sizeof(uint64_t));
518 break;
519
520 case SIOCGIFALIFETIME_IN6:
521 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime;
522 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
523 time_t maxexpire;
524 struct in6_addrlifetime *retlt =
525 &ifr->ifr_ifru.ifru_lifetime;
526
527 /*
528 * XXX: adjust expiration time assuming time_t is
529 * signed.
530 */
531 maxexpire = (-1) &
532 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
533 if (ia->ia6_lifetime.ia6t_vltime <
534 maxexpire - ia->ia6_updatetime) {
535 retlt->ia6t_expire = ia->ia6_updatetime +
536 ia->ia6_lifetime.ia6t_vltime;
537 } else
538 retlt->ia6t_expire = maxexpire;
539 }
540 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
541 time_t maxexpire;
542 struct in6_addrlifetime *retlt =
543 &ifr->ifr_ifru.ifru_lifetime;
544
545 /*
546 * XXX: adjust expiration time assuming time_t is
547 * signed.
548 */
549 maxexpire = (-1) &
550 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
551 if (ia->ia6_lifetime.ia6t_pltime <
552 maxexpire - ia->ia6_updatetime) {
553 retlt->ia6t_preferred = ia->ia6_updatetime +
554 ia->ia6_lifetime.ia6t_pltime;
555 } else
556 retlt->ia6t_preferred = maxexpire;
557 }
558 break;
559
560 case SIOCAIFADDR_IN6:
561 {
562 struct nd_prefixctl pr0;
563 struct nd_prefix *pr;
564
565 /*
566 * first, make or update the interface address structure,
567 * and link it to the list.
568 */
569 if ((error = in6_update_ifa(ifp, ifra, ia, 0)) != 0)
570 goto out;
571 if (ia != NULL) {
572 if (ia->ia_ifa.ifa_carp)
573 (*carp_detach_p)(&ia->ia_ifa, true);
574 ifa_free(&ia->ia_ifa);
575 }
576 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr))
577 == NULL) {
578 /*
579 * this can happen when the user specify the 0 valid
580 * lifetime.
581 */
582 break;
583 }
584
585 if (cmd == ocmd && ifra->ifra_vhid > 0) {
586 if (carp_attach_p != NULL)
587 error = (*carp_attach_p)(&ia->ia_ifa,
588 ifra->ifra_vhid);
589 else
590 error = EPROTONOSUPPORT;
591 if (error)
592 goto out;
593 else
594 carp_attached = 1;
595 }
596
597 /*
598 * then, make the prefix on-link on the interface.
599 * XXX: we'd rather create the prefix before the address, but
600 * we need at least one address to install the corresponding
601 * interface route, so we configure the address first.
602 */
603
604 /*
605 * convert mask to prefix length (prefixmask has already
606 * been validated in in6_update_ifa().
607 */
608 bzero(&pr0, sizeof(pr0));
609 pr0.ndpr_ifp = ifp;
610 pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
611 NULL);
612 if (pr0.ndpr_plen == 128) {
613 /* we don't need to install a host route. */
614 goto aifaddr_out;
615 }
616 pr0.ndpr_prefix = ifra->ifra_addr;
617 /* apply the mask for safety. */
618 IN6_MASK_ADDR(&pr0.ndpr_prefix.sin6_addr,
619 &ifra->ifra_prefixmask.sin6_addr);
620
621 /*
622 * XXX: since we don't have an API to set prefix (not address)
623 * lifetimes, we just use the same lifetimes as addresses.
624 * The (temporarily) installed lifetimes can be overridden by
625 * later advertised RAs (when accept_rtadv is non 0), which is
626 * an intended behavior.
627 */
628 pr0.ndpr_raf_onlink = 1; /* should be configurable? */
629 pr0.ndpr_raf_auto =
630 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0);
631 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime;
632 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime;
633
634 /* add the prefix if not yet. */
635 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) {
636 /*
637 * nd6_prelist_add will install the corresponding
638 * interface route.
639 */
640 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) {
641 if (carp_attached)
642 (*carp_detach_p)(&ia->ia_ifa, false);
643 goto out;
644 }
645 }
646
647 /* relate the address to the prefix */
648 if (ia->ia6_ndpr == NULL) {
649 ia->ia6_ndpr = pr;
650 pr->ndpr_addrcnt++;
651
652 /*
653 * If this is the first autoconf address from the
654 * prefix, create a temporary address as well
655 * (when required).
656 */
657 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) &&
658 V_ip6_use_tempaddr && pr->ndpr_addrcnt == 1) {
659 int e;
660 if ((e = in6_tmpifadd(ia, 1, 0)) != 0) {
661 log(LOG_NOTICE, "in6_control: failed "
662 "to create a temporary address, "
663 "errno=%d\n", e);
664 }
665 }
666 }
667 nd6_prefix_rele(pr);
668
669 /*
670 * this might affect the status of autoconfigured addresses,
671 * that is, this address might make other addresses detached.
672 */
673 pfxlist_onlink_check();
674
675 aifaddr_out:
676 /*
677 * Try to clear the flag when a new IPv6 address is added
678 * onto an IFDISABLED interface and it succeeds.
679 */
680 if (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED) {
681 struct in6_ndireq nd;
682
683 memset(&nd, 0, sizeof(nd));
684 nd.ndi.flags = ND_IFINFO(ifp)->flags;
685 nd.ndi.flags &= ~ND6_IFF_IFDISABLED;
686 if (nd6_ioctl(SIOCSIFINFO_FLAGS, (caddr_t)&nd, ifp) < 0)
687 log(LOG_NOTICE, "SIOCAIFADDR_IN6: "
688 "SIOCSIFINFO_FLAGS for -ifdisabled "
689 "failed.");
690 /*
691 * Ignore failure of clearing the flag intentionally.
692 * The failure means address duplication was detected.
693 */
694 }
695 break;
696 }
697
698 case SIOCDIFADDR_IN6:
699 in6_purgeifaddr(ia);
700 EVENTHANDLER_INVOKE(ifaddr_event_ext, ifp, &ia->ia_ifa,
701 IFADDR_EVENT_DEL);
702 break;
703
704 default:
705 if (ifp->if_ioctl == NULL) {
706 error = EOPNOTSUPP;
707 goto out;
708 }
709 error = (*ifp->if_ioctl)(ifp, cmd, data);
710 goto out;
711 }
712
713 error = 0;
714 out:
715 if (ia != NULL)
716 ifa_free(&ia->ia_ifa);
717 return (error);
718 }
719
720 static struct in6_multi_mship *
721 in6_joingroup_legacy(struct ifnet *ifp, const struct in6_addr *mcaddr,
722 int *errorp, int delay)
723 {
724 struct in6_multi_mship *imm;
725 int error;
726
727 imm = malloc(sizeof(*imm), M_IP6MADDR, M_NOWAIT);
728 if (imm == NULL) {
729 *errorp = ENOBUFS;
730 return (NULL);
731 }
732
733 delay = (delay * PR_FASTHZ) / hz;
734
735 error = in6_joingroup(ifp, mcaddr, NULL, &imm->i6mm_maddr, delay);
736 if (error) {
737 *errorp = error;
738 free(imm, M_IP6MADDR);
739 return (NULL);
740 }
741
742 return (imm);
743 }
744 /*
745 * Join necessary multicast groups. Factored out from in6_update_ifa().
746 * This entire work should only be done once, for the default FIB.
747 */
748 static int
749 in6_update_ifa_join_mc(struct ifnet *ifp, struct in6_aliasreq *ifra,
750 struct in6_ifaddr *ia, int flags, struct in6_multi **in6m_sol)
751 {
752 char ip6buf[INET6_ADDRSTRLEN];
753 struct in6_addr mltaddr;
754 struct in6_multi_mship *imm;
755 int delay, error;
756
757 KASSERT(in6m_sol != NULL, ("%s: in6m_sol is NULL", __func__));
758
759 /* Join solicited multicast addr for new host id. */
760 bzero(&mltaddr, sizeof(struct in6_addr));
761 mltaddr.s6_addr32[0] = IPV6_ADDR_INT32_MLL;
762 mltaddr.s6_addr32[2] = htonl(1);
763 mltaddr.s6_addr32[3] = ifra->ifra_addr.sin6_addr.s6_addr32[3];
764 mltaddr.s6_addr8[12] = 0xff;
765 if ((error = in6_setscope(&mltaddr, ifp, NULL)) != 0) {
766 /* XXX: should not happen */
767 log(LOG_ERR, "%s: in6_setscope failed\n", __func__);
768 goto cleanup;
769 }
770 delay = error = 0;
771 if ((flags & IN6_IFAUPDATE_DADDELAY)) {
772 /*
773 * We need a random delay for DAD on the address being
774 * configured. It also means delaying transmission of the
775 * corresponding MLD report to avoid report collision.
776 * [RFC 4861, Section 6.3.7]
777 */
778 delay = arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz);
779 }
780 imm = in6_joingroup_legacy(ifp, &mltaddr, &error, delay);
781 if (imm == NULL) {
782 nd6log((LOG_WARNING, "%s: in6_joingroup failed for %s on %s "
783 "(errno=%d)\n", __func__, ip6_sprintf(ip6buf, &mltaddr),
784 if_name(ifp), error));
785 goto cleanup;
786 }
787 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
788 *in6m_sol = imm->i6mm_maddr;
789
790 /*
791 * Join link-local all-nodes address.
792 */
793 mltaddr = in6addr_linklocal_allnodes;
794 if ((error = in6_setscope(&mltaddr, ifp, NULL)) != 0)
795 goto cleanup; /* XXX: should not fail */
796
797 imm = in6_joingroup_legacy(ifp, &mltaddr, &error, 0);
798 if (imm == NULL) {
799 nd6log((LOG_WARNING, "%s: in6_joingroup failed for %s on %s "
800 "(errno=%d)\n", __func__, ip6_sprintf(ip6buf, &mltaddr),
801 if_name(ifp), error));
802 goto cleanup;
803 }
804 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
805
806 /*
807 * Join node information group address.
808 */
809 delay = 0;
810 if ((flags & IN6_IFAUPDATE_DADDELAY)) {
811 /*
812 * The spec does not say anything about delay for this group,
813 * but the same logic should apply.
814 */
815 delay = arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz);
816 }
817 if (in6_nigroup(ifp, NULL, -1, &mltaddr) == 0) {
818 /* XXX jinmei */
819 imm = in6_joingroup_legacy(ifp, &mltaddr, &error, delay);
820 if (imm == NULL)
821 nd6log((LOG_WARNING,
822 "%s: in6_joingroup failed for %s on %s "
823 "(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
824 &mltaddr), if_name(ifp), error));
825 /* XXX not very fatal, go on... */
826 else
827 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
828 }
829 if (V_icmp6_nodeinfo_oldmcprefix &&
830 in6_nigroup_oldmcprefix(ifp, NULL, -1, &mltaddr) == 0) {
831 imm = in6_joingroup_legacy(ifp, &mltaddr, &error, delay);
832 if (imm == NULL)
833 nd6log((LOG_WARNING,
834 "%s: in6_joingroup failed for %s on %s "
835 "(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
836 &mltaddr), if_name(ifp), error));
837 /* XXX not very fatal, go on... */
838 else
839 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
840 }
841
842 /*
843 * Join interface-local all-nodes address.
844 * (ff01::1%ifN, and ff01::%ifN/32)
845 */
846 mltaddr = in6addr_nodelocal_allnodes;
847 if ((error = in6_setscope(&mltaddr, ifp, NULL)) != 0)
848 goto cleanup; /* XXX: should not fail */
849
850 imm = in6_joingroup_legacy(ifp, &mltaddr, &error, 0);
851 if (imm == NULL) {
852 nd6log((LOG_WARNING, "%s: in6_joingroup failed for %s on %s "
853 "(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
854 &mltaddr), if_name(ifp), error));
855 goto cleanup;
856 }
857 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
858
859 cleanup:
860 return (error);
861 }
862
863 /*
864 * Update parameters of an IPv6 interface address.
865 * If necessary, a new entry is created and linked into address chains.
866 * This function is separated from in6_control().
867 */
868 int
869 in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra,
870 struct in6_ifaddr *ia, int flags)
871 {
872 int error, hostIsNew = 0;
873
874 if ((error = in6_validate_ifra(ifp, ifra, ia, flags)) != 0)
875 return (error);
876
877 if (ia == NULL) {
878 hostIsNew = 1;
879 if ((ia = in6_alloc_ifa(ifp, ifra, flags)) == NULL)
880 return (ENOBUFS);
881 }
882
883 error = in6_update_ifa_internal(ifp, ifra, ia, hostIsNew, flags);
884 if (error != 0) {
885 if (hostIsNew != 0) {
886 in6_unlink_ifa(ia, ifp);
887 ifa_free(&ia->ia_ifa);
888 }
889 return (error);
890 }
891
892 if (hostIsNew)
893 error = in6_broadcast_ifa(ifp, ifra, ia, flags);
894
895 return (error);
896 }
897
898 /*
899 * Fill in basic IPv6 address request info.
900 */
901 void
902 in6_prepare_ifra(struct in6_aliasreq *ifra, const struct in6_addr *addr,
903 const struct in6_addr *mask)
904 {
905
906 memset(ifra, 0, sizeof(struct in6_aliasreq));
907
908 ifra->ifra_addr.sin6_family = AF_INET6;
909 ifra->ifra_addr.sin6_len = sizeof(struct sockaddr_in6);
910 if (addr != NULL)
911 ifra->ifra_addr.sin6_addr = *addr;
912
913 ifra->ifra_prefixmask.sin6_family = AF_INET6;
914 ifra->ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6);
915 if (mask != NULL)
916 ifra->ifra_prefixmask.sin6_addr = *mask;
917 }
918
919 static int
920 in6_validate_ifra(struct ifnet *ifp, struct in6_aliasreq *ifra,
921 struct in6_ifaddr *ia, int flags)
922 {
923 int plen = -1;
924 struct sockaddr_in6 dst6;
925 struct in6_addrlifetime *lt;
926 char ip6buf[INET6_ADDRSTRLEN];
927
928 /* Validate parameters */
929 if (ifp == NULL || ifra == NULL) /* this maybe redundant */
930 return (EINVAL);
931
932 /*
933 * The destination address for a p2p link must have a family
934 * of AF_UNSPEC or AF_INET6.
935 */
936 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 &&
937 ifra->ifra_dstaddr.sin6_family != AF_INET6 &&
938 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC)
939 return (EAFNOSUPPORT);
940
941 /*
942 * Validate address
943 */
944 if (ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6) ||
945 ifra->ifra_addr.sin6_family != AF_INET6)
946 return (EINVAL);
947
948 /*
949 * validate ifra_prefixmask. don't check sin6_family, netmask
950 * does not carry fields other than sin6_len.
951 */
952 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6))
953 return (EINVAL);
954 /*
955 * Because the IPv6 address architecture is classless, we require
956 * users to specify a (non 0) prefix length (mask) for a new address.
957 * We also require the prefix (when specified) mask is valid, and thus
958 * reject a non-consecutive mask.
959 */
960 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0)
961 return (EINVAL);
962 if (ifra->ifra_prefixmask.sin6_len != 0) {
963 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
964 (u_char *)&ifra->ifra_prefixmask +
965 ifra->ifra_prefixmask.sin6_len);
966 if (plen <= 0)
967 return (EINVAL);
968 } else {
969 /*
970 * In this case, ia must not be NULL. We just use its prefix
971 * length.
972 */
973 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL);
974 }
975 /*
976 * If the destination address on a p2p interface is specified,
977 * and the address is a scoped one, validate/set the scope
978 * zone identifier.
979 */
980 dst6 = ifra->ifra_dstaddr;
981 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 &&
982 (dst6.sin6_family == AF_INET6)) {
983 struct in6_addr in6_tmp;
984 u_int32_t zoneid;
985
986 in6_tmp = dst6.sin6_addr;
987 if (in6_setscope(&in6_tmp, ifp, &zoneid))
988 return (EINVAL); /* XXX: should be impossible */
989
990 if (dst6.sin6_scope_id != 0) {
991 if (dst6.sin6_scope_id != zoneid)
992 return (EINVAL);
993 } else /* user omit to specify the ID. */
994 dst6.sin6_scope_id = zoneid;
995
996 /* convert into the internal form */
997 if (sa6_embedscope(&dst6, 0))
998 return (EINVAL); /* XXX: should be impossible */
999 }
1000 /* Modify original ifra_dstaddr to reflect changes */
1001 ifra->ifra_dstaddr = dst6;
1002
1003 /*
1004 * The destination address can be specified only for a p2p or a
1005 * loopback interface. If specified, the corresponding prefix length
1006 * must be 128.
1007 */
1008 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) {
1009 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) {
1010 /* XXX: noisy message */
1011 nd6log((LOG_INFO, "in6_update_ifa: a destination can "
1012 "be specified for a p2p or a loopback IF only\n"));
1013 return (EINVAL);
1014 }
1015 if (plen != 128) {
1016 nd6log((LOG_INFO, "in6_update_ifa: prefixlen should "
1017 "be 128 when dstaddr is specified\n"));
1018 return (EINVAL);
1019 }
1020 }
1021 /* lifetime consistency check */
1022 lt = &ifra->ifra_lifetime;
1023 if (lt->ia6t_pltime > lt->ia6t_vltime)
1024 return (EINVAL);
1025 if (lt->ia6t_vltime == 0) {
1026 /*
1027 * the following log might be noisy, but this is a typical
1028 * configuration mistake or a tool's bug.
1029 */
1030 nd6log((LOG_INFO,
1031 "in6_update_ifa: valid lifetime is 0 for %s\n",
1032 ip6_sprintf(ip6buf, &ifra->ifra_addr.sin6_addr)));
1033
1034 if (ia == NULL)
1035 return (0); /* there's nothing to do */
1036 }
1037
1038 /* Check prefix mask */
1039 if (ia != NULL && ifra->ifra_prefixmask.sin6_len != 0) {
1040 /*
1041 * We prohibit changing the prefix length of an existing
1042 * address, because
1043 * + such an operation should be rare in IPv6, and
1044 * + the operation would confuse prefix management.
1045 */
1046 if (ia->ia_prefixmask.sin6_len != 0 &&
1047 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) {
1048 nd6log((LOG_INFO, "in6_validate_ifa: the prefix length "
1049 "of an existing %s address should not be changed\n",
1050 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
1051
1052 return (EINVAL);
1053 }
1054 }
1055
1056 return (0);
1057 }
1058
1059 /*
1060 * Allocate a new ifaddr and link it into chains.
1061 */
1062 static struct in6_ifaddr *
1063 in6_alloc_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, int flags)
1064 {
1065 struct in6_ifaddr *ia;
1066
1067 /*
1068 * When in6_alloc_ifa() is called in a process of a received
1069 * RA, it is called under an interrupt context. So, we should
1070 * call malloc with M_NOWAIT.
1071 */
1072 ia = (struct in6_ifaddr *)ifa_alloc(sizeof(*ia), M_NOWAIT);
1073 if (ia == NULL)
1074 return (NULL);
1075 LIST_INIT(&ia->ia6_memberships);
1076 /* Initialize the address and masks, and put time stamp */
1077 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr;
1078 ia->ia_addr.sin6_family = AF_INET6;
1079 ia->ia_addr.sin6_len = sizeof(ia->ia_addr);
1080 /* XXX: Can we assign ,sin6_addr and skip the rest? */
1081 ia->ia_addr = ifra->ifra_addr;
1082 ia->ia6_createtime = time_uptime;
1083 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) {
1084 /*
1085 * Some functions expect that ifa_dstaddr is not
1086 * NULL for p2p interfaces.
1087 */
1088 ia->ia_ifa.ifa_dstaddr =
1089 (struct sockaddr *)&ia->ia_dstaddr;
1090 } else {
1091 ia->ia_ifa.ifa_dstaddr = NULL;
1092 }
1093
1094 /* set prefix mask if any */
1095 ia->ia_ifa.ifa_netmask = (struct sockaddr *)&ia->ia_prefixmask;
1096 if (ifra->ifra_prefixmask.sin6_len != 0) {
1097 ia->ia_prefixmask.sin6_family = AF_INET6;
1098 ia->ia_prefixmask.sin6_len = ifra->ifra_prefixmask.sin6_len;
1099 ia->ia_prefixmask.sin6_addr = ifra->ifra_prefixmask.sin6_addr;
1100 }
1101
1102 ia->ia_ifp = ifp;
1103 ifa_ref(&ia->ia_ifa); /* if_addrhead */
1104 IF_ADDR_WLOCK(ifp);
1105 CK_STAILQ_INSERT_TAIL(&ifp->if_addrhead, &ia->ia_ifa, ifa_link);
1106 IF_ADDR_WUNLOCK(ifp);
1107
1108 ifa_ref(&ia->ia_ifa); /* in6_ifaddrhead */
1109 IN6_IFADDR_WLOCK();
1110 CK_STAILQ_INSERT_TAIL(&V_in6_ifaddrhead, ia, ia_link);
1111 CK_LIST_INSERT_HEAD(IN6ADDR_HASH(&ia->ia_addr.sin6_addr), ia, ia6_hash);
1112 IN6_IFADDR_WUNLOCK();
1113
1114 return (ia);
1115 }
1116
1117 /*
1118 * Update/configure interface address parameters:
1119 *
1120 * 1) Update lifetime
1121 * 2) Update interface metric ad flags
1122 * 3) Notify other subsystems
1123 */
1124 static int
1125 in6_update_ifa_internal(struct ifnet *ifp, struct in6_aliasreq *ifra,
1126 struct in6_ifaddr *ia, int hostIsNew, int flags)
1127 {
1128 int error;
1129
1130 /* update timestamp */
1131 ia->ia6_updatetime = time_uptime;
1132
1133 /*
1134 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred
1135 * to see if the address is deprecated or invalidated, but initialize
1136 * these members for applications.
1137 */
1138 ia->ia6_lifetime = ifra->ifra_lifetime;
1139 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
1140 ia->ia6_lifetime.ia6t_expire =
1141 time_uptime + ia->ia6_lifetime.ia6t_vltime;
1142 } else
1143 ia->ia6_lifetime.ia6t_expire = 0;
1144 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
1145 ia->ia6_lifetime.ia6t_preferred =
1146 time_uptime + ia->ia6_lifetime.ia6t_pltime;
1147 } else
1148 ia->ia6_lifetime.ia6t_preferred = 0;
1149
1150 /*
1151 * backward compatibility - if IN6_IFF_DEPRECATED is set from the
1152 * userland, make it deprecated.
1153 */
1154 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) {
1155 ia->ia6_lifetime.ia6t_pltime = 0;
1156 ia->ia6_lifetime.ia6t_preferred = time_uptime;
1157 }
1158
1159 /*
1160 * configure address flags.
1161 */
1162 ia->ia6_flags = ifra->ifra_flags;
1163
1164 /*
1165 * Make the address tentative before joining multicast addresses,
1166 * so that corresponding MLD responses would not have a tentative
1167 * source address.
1168 */
1169 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */
1170
1171 /*
1172 * DAD should be performed for an new address or addresses on
1173 * an interface with ND6_IFF_IFDISABLED.
1174 */
1175 if (in6if_do_dad(ifp) &&
1176 (hostIsNew || (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED)))
1177 ia->ia6_flags |= IN6_IFF_TENTATIVE;
1178
1179 /* notify other subsystems */
1180 error = in6_notify_ifa(ifp, ia, ifra, hostIsNew);
1181
1182 return (error);
1183 }
1184
1185 /*
1186 * Do link-level ifa job:
1187 * 1) Add lle entry for added address
1188 * 2) Notifies routing socket users about new address
1189 * 3) join appropriate multicast group
1190 * 4) start DAD if enabled
1191 */
1192 static int
1193 in6_broadcast_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra,
1194 struct in6_ifaddr *ia, int flags)
1195 {
1196 struct in6_multi *in6m_sol;
1197 int error = 0;
1198
1199 /* Add local address to lltable, if necessary (ex. on p2p link). */
1200 if ((error = nd6_add_ifa_lle(ia)) != 0) {
1201 in6_purgeaddr(&ia->ia_ifa);
1202 ifa_free(&ia->ia_ifa);
1203 return (error);
1204 }
1205
1206 /* Join necessary multicast groups. */
1207 in6m_sol = NULL;
1208 if ((ifp->if_flags & IFF_MULTICAST) != 0) {
1209 error = in6_update_ifa_join_mc(ifp, ifra, ia, flags, &in6m_sol);
1210 if (error != 0) {
1211 in6_purgeaddr(&ia->ia_ifa);
1212 ifa_free(&ia->ia_ifa);
1213 return (error);
1214 }
1215 }
1216
1217 /* Perform DAD, if the address is TENTATIVE. */
1218 if ((ia->ia6_flags & IN6_IFF_TENTATIVE)) {
1219 int delay, mindelay, maxdelay;
1220
1221 delay = 0;
1222 if ((flags & IN6_IFAUPDATE_DADDELAY)) {
1223 /*
1224 * We need to impose a delay before sending an NS
1225 * for DAD. Check if we also needed a delay for the
1226 * corresponding MLD message. If we did, the delay
1227 * should be larger than the MLD delay (this could be
1228 * relaxed a bit, but this simple logic is at least
1229 * safe).
1230 * XXX: Break data hiding guidelines and look at
1231 * state for the solicited multicast group.
1232 */
1233 mindelay = 0;
1234 if (in6m_sol != NULL &&
1235 in6m_sol->in6m_state == MLD_REPORTING_MEMBER) {
1236 mindelay = in6m_sol->in6m_timer;
1237 }
1238 maxdelay = MAX_RTR_SOLICITATION_DELAY * hz;
1239 if (maxdelay - mindelay == 0)
1240 delay = 0;
1241 else {
1242 delay =
1243 (arc4random() % (maxdelay - mindelay)) +
1244 mindelay;
1245 }
1246 }
1247 nd6_dad_start((struct ifaddr *)ia, delay);
1248 }
1249
1250 in6_newaddrmsg(ia, RTM_ADD);
1251 ifa_free(&ia->ia_ifa);
1252 return (error);
1253 }
1254
1255 /*
1256 * Adds or deletes interface route for p2p ifa.
1257 * Returns 0 on success or errno.
1258 */
1259 static int
1260 in6_handle_dstaddr_rtrequest(int cmd, struct in6_ifaddr *ia)
1261 {
1262 struct epoch_tracker et;
1263 struct ifaddr *ifa = &ia->ia_ifa;
1264 int error;
1265
1266 /* Prepare gateway */
1267 struct sockaddr_dl_short sdl = {
1268 .sdl_family = AF_LINK,
1269 .sdl_len = sizeof(struct sockaddr_dl_short),
1270 .sdl_type = ifa->ifa_ifp->if_type,
1271 .sdl_index = ifa->ifa_ifp->if_index,
1272 };
1273
1274 struct sockaddr_in6 dst = {
1275 .sin6_family = AF_INET6,
1276 .sin6_len = sizeof(struct sockaddr_in6),
1277 .sin6_addr = ia->ia_dstaddr.sin6_addr,
1278 };
1279
1280 struct rt_addrinfo info = {
1281 .rti_ifa = ifa,
1282 .rti_ifp = ifa->ifa_ifp,
1283 .rti_flags = RTF_PINNED | RTF_HOST,
1284 .rti_info = {
1285 [RTAX_DST] = (struct sockaddr *)&dst,
1286 [RTAX_GATEWAY] = (struct sockaddr *)&sdl,
1287 },
1288 };
1289 /* Don't set additional per-gw filters on removal */
1290
1291 NET_EPOCH_ENTER(et);
1292 error = rib_handle_ifaddr_info(ifa->ifa_ifp->if_fib, cmd, &info);
1293 NET_EPOCH_EXIT(et);
1294
1295 return (error);
1296 }
1297
1298 static bool
1299 ifa_is_p2p(struct in6_ifaddr *ia)
1300 {
1301 int plen;
1302
1303 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */
1304
1305 if ((plen == 128) && (ia->ia_dstaddr.sin6_family == AF_INET6) &&
1306 !IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, &ia->ia_dstaddr.sin6_addr))
1307 return (true);
1308
1309 return (false);
1310 }
1311
1312 void
1313 in6_purgeaddr(struct ifaddr *ifa)
1314 {
1315 struct ifnet *ifp = ifa->ifa_ifp;
1316 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa;
1317 struct in6_multi_mship *imm;
1318 int error;
1319
1320 if (ifa->ifa_carp)
1321 (*carp_detach_p)(ifa, false);
1322
1323 /*
1324 * Remove the loopback route to the interface address.
1325 * The check for the current setting of "nd6_useloopback"
1326 * is not needed.
1327 */
1328 if (ia->ia_flags & IFA_RTSELF) {
1329 error = ifa_del_loopback_route((struct ifaddr *)ia,
1330 (struct sockaddr *)&ia->ia_addr);
1331 if (error == 0)
1332 ia->ia_flags &= ~IFA_RTSELF;
1333 }
1334
1335 /* stop DAD processing */
1336 nd6_dad_stop(ifa);
1337
1338 /* Leave multicast groups. */
1339 while ((imm = LIST_FIRST(&ia->ia6_memberships)) != NULL) {
1340 LIST_REMOVE(imm, i6mm_chain);
1341 if (imm->i6mm_maddr != NULL)
1342 in6_leavegroup(imm->i6mm_maddr, NULL);
1343 free(imm, M_IP6MADDR);
1344 }
1345 /* Check if we need to remove p2p route */
1346 if ((ia->ia_flags & IFA_ROUTE) && ifa_is_p2p(ia)) {
1347 error = in6_handle_dstaddr_rtrequest(RTM_DELETE, ia);
1348 if (error != 0)
1349 log(LOG_INFO, "%s: err=%d, destination address delete "
1350 "failed\n", __func__, error);
1351 ia->ia_flags &= ~IFA_ROUTE;
1352 }
1353
1354 in6_newaddrmsg(ia, RTM_DELETE);
1355 in6_unlink_ifa(ia, ifp);
1356 }
1357
1358 /*
1359 * Removes @ia from the corresponding interfaces and unlinks corresponding
1360 * prefix if no addresses are using it anymore.
1361 */
1362 void
1363 in6_purgeifaddr(struct in6_ifaddr *ia)
1364 {
1365 struct nd_prefix *pr;
1366
1367 /*
1368 * If the address being deleted is the only one that owns
1369 * the corresponding prefix, expire the prefix as well.
1370 * XXX: theoretically, we don't have to worry about such
1371 * relationship, since we separate the address management
1372 * and the prefix management. We do this, however, to provide
1373 * as much backward compatibility as possible in terms of
1374 * the ioctl operation.
1375 * Note that in6_purgeaddr() will decrement ndpr_addrcnt.
1376 */
1377 pr = ia->ia6_ndpr;
1378 in6_purgeaddr(&ia->ia_ifa);
1379 if (pr != NULL && pr->ndpr_addrcnt == 0) {
1380 ND6_WLOCK();
1381 nd6_prefix_unlink(pr, NULL);
1382 ND6_WUNLOCK();
1383 nd6_prefix_del(pr);
1384 }
1385 }
1386
1387
1388 static void
1389 in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp)
1390 {
1391 char ip6buf[INET6_ADDRSTRLEN];
1392 int remove_lle;
1393
1394 IF_ADDR_WLOCK(ifp);
1395 CK_STAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifaddr, ifa_link);
1396 IF_ADDR_WUNLOCK(ifp);
1397 ifa_free(&ia->ia_ifa); /* if_addrhead */
1398
1399 /*
1400 * Defer the release of what might be the last reference to the
1401 * in6_ifaddr so that it can't be freed before the remainder of the
1402 * cleanup.
1403 */
1404 IN6_IFADDR_WLOCK();
1405 CK_STAILQ_REMOVE(&V_in6_ifaddrhead, ia, in6_ifaddr, ia_link);
1406 CK_LIST_REMOVE(ia, ia6_hash);
1407 IN6_IFADDR_WUNLOCK();
1408
1409 /*
1410 * Release the reference to the base prefix. There should be a
1411 * positive reference.
1412 */
1413 remove_lle = 0;
1414 if (ia->ia6_ndpr == NULL) {
1415 nd6log((LOG_NOTICE,
1416 "in6_unlink_ifa: autoconf'ed address "
1417 "%s has no prefix\n", ip6_sprintf(ip6buf, IA6_IN6(ia))));
1418 } else {
1419 ia->ia6_ndpr->ndpr_addrcnt--;
1420 /* Do not delete lles within prefix if refcont != 0 */
1421 if (ia->ia6_ndpr->ndpr_addrcnt == 0)
1422 remove_lle = 1;
1423 ia->ia6_ndpr = NULL;
1424 }
1425
1426 nd6_rem_ifa_lle(ia, remove_lle);
1427
1428 /*
1429 * Also, if the address being removed is autoconf'ed, call
1430 * pfxlist_onlink_check() since the release might affect the status of
1431 * other (detached) addresses.
1432 */
1433 if ((ia->ia6_flags & IN6_IFF_AUTOCONF)) {
1434 pfxlist_onlink_check();
1435 }
1436 ifa_free(&ia->ia_ifa); /* in6_ifaddrhead */
1437 }
1438
1439 /*
1440 * Notifies other subsystems about address change/arrival:
1441 * 1) Notifies device handler on the first IPv6 address assignment
1442 * 2) Handle routing table changes for P2P links and route
1443 * 3) Handle routing table changes for address host route
1444 */
1445 static int
1446 in6_notify_ifa(struct ifnet *ifp, struct in6_ifaddr *ia,
1447 struct in6_aliasreq *ifra, int hostIsNew)
1448 {
1449 int error = 0, ifacount = 0;
1450 struct ifaddr *ifa;
1451 struct sockaddr_in6 *pdst;
1452 char ip6buf[INET6_ADDRSTRLEN];
1453
1454 /*
1455 * Give the interface a chance to initialize
1456 * if this is its first address,
1457 */
1458 if (hostIsNew != 0) {
1459 struct epoch_tracker et;
1460
1461 NET_EPOCH_ENTER(et);
1462 CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1463 if (ifa->ifa_addr->sa_family != AF_INET6)
1464 continue;
1465 ifacount++;
1466 }
1467 NET_EPOCH_EXIT(et);
1468 }
1469
1470 if (ifacount <= 1 && ifp->if_ioctl) {
1471 error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia);
1472 if (error)
1473 goto done;
1474 }
1475
1476 /*
1477 * If a new destination address is specified, scrub the old one and
1478 * install the new destination. Note that the interface must be
1479 * p2p or loopback.
1480 */
1481 pdst = &ifra->ifra_dstaddr;
1482 if (pdst->sin6_family == AF_INET6 &&
1483 !IN6_ARE_ADDR_EQUAL(&pdst->sin6_addr, &ia->ia_dstaddr.sin6_addr)) {
1484 if ((ia->ia_flags & IFA_ROUTE) != 0 &&
1485 (in6_handle_dstaddr_rtrequest(RTM_DELETE, ia) != 0)) {
1486 nd6log((LOG_ERR, "in6_update_ifa_internal: failed to "
1487 "remove a route to the old destination: %s\n",
1488 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
1489 /* proceed anyway... */
1490 } else
1491 ia->ia_flags &= ~IFA_ROUTE;
1492 ia->ia_dstaddr = *pdst;
1493 }
1494
1495 /*
1496 * If a new destination address is specified for a point-to-point
1497 * interface, install a route to the destination as an interface
1498 * direct route.
1499 * XXX: the logic below rejects assigning multiple addresses on a p2p
1500 * interface that share the same destination.
1501 */
1502 if (!(ia->ia_flags & IFA_ROUTE) && ifa_is_p2p(ia)) {
1503 error = in6_handle_dstaddr_rtrequest(RTM_ADD, ia);
1504 if (error)
1505 goto done;
1506 ia->ia_flags |= IFA_ROUTE;
1507 }
1508
1509 /*
1510 * add a loopback route to self if not exists
1511 */
1512 if (!(ia->ia_flags & IFA_RTSELF) && V_nd6_useloopback) {
1513 error = ifa_add_loopback_route((struct ifaddr *)ia,
1514 (struct sockaddr *)&ia->ia_addr);
1515 if (error == 0)
1516 ia->ia_flags |= IFA_RTSELF;
1517 }
1518 done:
1519 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
1520 "Invoking IPv6 network device address event may sleep");
1521
1522 ifa_ref(&ia->ia_ifa);
1523 EVENTHANDLER_INVOKE(ifaddr_event_ext, ifp, &ia->ia_ifa,
1524 IFADDR_EVENT_ADD);
1525 ifa_free(&ia->ia_ifa);
1526
1527 return (error);
1528 }
1529
1530 /*
1531 * Find an IPv6 interface link-local address specific to an interface.
1532 * ifaddr is returned referenced.
1533 */
1534 struct in6_ifaddr *
1535 in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags)
1536 {
1537 struct ifaddr *ifa;
1538
1539 NET_EPOCH_ASSERT();
1540
1541 CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1542 if (ifa->ifa_addr->sa_family != AF_INET6)
1543 continue;
1544 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) {
1545 if ((((struct in6_ifaddr *)ifa)->ia6_flags &
1546 ignoreflags) != 0)
1547 continue;
1548 ifa_ref(ifa);
1549 break;
1550 }
1551 }
1552
1553 return ((struct in6_ifaddr *)ifa);
1554 }
1555
1556 /*
1557 * find the interface address corresponding to a given IPv6 address.
1558 * ifaddr is returned referenced if @referenced flag is set.
1559 */
1560 struct in6_ifaddr *
1561 in6ifa_ifwithaddr(const struct in6_addr *addr, uint32_t zoneid, bool referenced)
1562 {
1563 struct rm_priotracker in6_ifa_tracker;
1564 struct in6_ifaddr *ia;
1565
1566 IN6_IFADDR_RLOCK(&in6_ifa_tracker);
1567 CK_LIST_FOREACH(ia, IN6ADDR_HASH(addr), ia6_hash) {
1568 if (IN6_ARE_ADDR_EQUAL(IA6_IN6(ia), addr)) {
1569 if (zoneid != 0 &&
1570 zoneid != ia->ia_addr.sin6_scope_id)
1571 continue;
1572 if (referenced)
1573 ifa_ref(&ia->ia_ifa);
1574 break;
1575 }
1576 }
1577 IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
1578 return (ia);
1579 }
1580
1581 /*
1582 * find the internet address corresponding to a given interface and address.
1583 * ifaddr is returned referenced.
1584 */
1585 struct in6_ifaddr *
1586 in6ifa_ifpwithaddr(struct ifnet *ifp, const struct in6_addr *addr)
1587 {
1588 struct epoch_tracker et;
1589 struct ifaddr *ifa;
1590
1591 NET_EPOCH_ENTER(et);
1592 CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1593 if (ifa->ifa_addr->sa_family != AF_INET6)
1594 continue;
1595 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) {
1596 ifa_ref(ifa);
1597 break;
1598 }
1599 }
1600 NET_EPOCH_EXIT(et);
1601
1602 return ((struct in6_ifaddr *)ifa);
1603 }
1604
1605 /*
1606 * Find a link-local scoped address on ifp and return it if any.
1607 */
1608 struct in6_ifaddr *
1609 in6ifa_llaonifp(struct ifnet *ifp)
1610 {
1611 struct epoch_tracker et;
1612 struct sockaddr_in6 *sin6;
1613 struct ifaddr *ifa;
1614
1615 if (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED)
1616 return (NULL);
1617 NET_EPOCH_ENTER(et);
1618 CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1619 if (ifa->ifa_addr->sa_family != AF_INET6)
1620 continue;
1621 sin6 = (struct sockaddr_in6 *)ifa->ifa_addr;
1622 if (IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr) ||
1623 IN6_IS_ADDR_MC_INTFACELOCAL(&sin6->sin6_addr) ||
1624 IN6_IS_ADDR_MC_NODELOCAL(&sin6->sin6_addr))
1625 break;
1626 }
1627 NET_EPOCH_EXIT(et);
1628
1629 return ((struct in6_ifaddr *)ifa);
1630 }
1631
1632 /*
1633 * Convert IP6 address to printable (loggable) representation. Caller
1634 * has to make sure that ip6buf is at least INET6_ADDRSTRLEN long.
1635 */
1636 static char digits[] = "0123456789abcdef";
1637 char *
1638 ip6_sprintf(char *ip6buf, const struct in6_addr *addr)
1639 {
1640 int i, cnt = 0, maxcnt = 0, idx = 0, index = 0;
1641 char *cp;
1642 const u_int16_t *a = (const u_int16_t *)addr;
1643 const u_int8_t *d;
1644 int dcolon = 0, zero = 0;
1645
1646 cp = ip6buf;
1647
1648 for (i = 0; i < 8; i++) {
1649 if (*(a + i) == 0) {
1650 cnt++;
1651 if (cnt == 1)
1652 idx = i;
1653 }
1654 else if (maxcnt < cnt) {
1655 maxcnt = cnt;
1656 index = idx;
1657 cnt = 0;
1658 }
1659 }
1660 if (maxcnt < cnt) {
1661 maxcnt = cnt;
1662 index = idx;
1663 }
1664
1665 for (i = 0; i < 8; i++) {
1666 if (dcolon == 1) {
1667 if (*a == 0) {
1668 if (i == 7)
1669 *cp++ = ':';
1670 a++;
1671 continue;
1672 } else
1673 dcolon = 2;
1674 }
1675 if (*a == 0) {
1676 if (dcolon == 0 && *(a + 1) == 0 && i == index) {
1677 if (i == 0)
1678 *cp++ = ':';
1679 *cp++ = ':';
1680 dcolon = 1;
1681 } else {
1682 *cp++ = '';
1683 *cp++ = ':';
1684 }
1685 a++;
1686 continue;
1687 }
1688 d = (const u_char *)a;
1689 /* Try to eliminate leading zeros in printout like in :0001. */
1690 zero = 1;
1691 *cp = digits[*d >> 4];
1692 if (*cp != '') {
1693 zero = 0;
1694 cp++;
1695 }
1696 *cp = digits[*d++ & 0xf];
1697 if (zero == 0 || (*cp != '')) {
1698 zero = 0;
1699 cp++;
1700 }
1701 *cp = digits[*d >> 4];
1702 if (zero == 0 || (*cp != '')) {
1703 zero = 0;
1704 cp++;
1705 }
1706 *cp++ = digits[*d & 0xf];
1707 *cp++ = ':';
1708 a++;
1709 }
1710 *--cp = '\0';
1711 return (ip6buf);
1712 }
1713
1714 int
1715 in6_localaddr(struct in6_addr *in6)
1716 {
1717 struct rm_priotracker in6_ifa_tracker;
1718 struct in6_ifaddr *ia;
1719
1720 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6))
1721 return 1;
1722
1723 IN6_IFADDR_RLOCK(&in6_ifa_tracker);
1724 CK_STAILQ_FOREACH(ia, &V_in6_ifaddrhead, ia_link) {
1725 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr,
1726 &ia->ia_prefixmask.sin6_addr)) {
1727 IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
1728 return 1;
1729 }
1730 }
1731 IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
1732
1733 return (0);
1734 }
1735
1736 /*
1737 * Return 1 if an internet address is for the local host and configured
1738 * on one of its interfaces.
1739 */
1740 int
1741 in6_localip(struct in6_addr *in6)
1742 {
1743 struct rm_priotracker in6_ifa_tracker;
1744 struct in6_ifaddr *ia;
1745
1746 IN6_IFADDR_RLOCK(&in6_ifa_tracker);
1747 CK_LIST_FOREACH(ia, IN6ADDR_HASH(in6), ia6_hash) {
1748 if (IN6_ARE_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr)) {
1749 IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
1750 return (1);
1751 }
1752 }
1753 IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
1754 return (0);
1755 }
1756
1757 /*
1758 * Return 1 if an internet address is configured on an interface.
1759 */
1760 int
1761 in6_ifhasaddr(struct ifnet *ifp, struct in6_addr *addr)
1762 {
1763 struct in6_addr in6;
1764 struct ifaddr *ifa;
1765 struct in6_ifaddr *ia6;
1766
1767 NET_EPOCH_ASSERT();
1768
1769 in6 = *addr;
1770 if (in6_clearscope(&in6))
1771 return (0);
1772 in6_setscope(&in6, ifp, NULL);
1773
1774 CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1775 if (ifa->ifa_addr->sa_family != AF_INET6)
1776 continue;
1777 ia6 = (struct in6_ifaddr *)ifa;
1778 if (IN6_ARE_ADDR_EQUAL(&ia6->ia_addr.sin6_addr, &in6))
1779 return (1);
1780 }
1781
1782 return (0);
1783 }
1784
1785 int
1786 in6_is_addr_deprecated(struct sockaddr_in6 *sa6)
1787 {
1788 struct rm_priotracker in6_ifa_tracker;
1789 struct in6_ifaddr *ia;
1790
1791 IN6_IFADDR_RLOCK(&in6_ifa_tracker);
1792 CK_LIST_FOREACH(ia, IN6ADDR_HASH(&sa6->sin6_addr), ia6_hash) {
1793 if (IN6_ARE_ADDR_EQUAL(IA6_IN6(ia), &sa6->sin6_addr)) {
1794 if (ia->ia6_flags & IN6_IFF_DEPRECATED) {
1795 IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
1796 return (1); /* true */
1797 }
1798 break;
1799 }
1800 }
1801 IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
1802
1803 return (0); /* false */
1804 }
1805
1806 /*
1807 * return length of part which dst and src are equal
1808 * hard coding...
1809 */
1810 int
1811 in6_matchlen(struct in6_addr *src, struct in6_addr *dst)
1812 {
1813 int match = 0;
1814 u_char *s = (u_char *)src, *d = (u_char *)dst;
1815 u_char *lim = s + 16, r;
1816
1817 while (s < lim)
1818 if ((r = (*d++ ^ *s++)) != 0) {
1819 while (r < 128) {
1820 match++;
1821 r <<= 1;
1822 }
1823 break;
1824 } else
1825 match += 8;
1826 return match;
1827 }
1828
1829 /* XXX: to be scope conscious */
1830 int
1831 in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len)
1832 {
1833 int bytelen, bitlen;
1834
1835 /* sanity check */
1836 if (0 > len || len > 128) {
1837 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n",
1838 len);
1839 return (0);
1840 }
1841
1842 bytelen = len / 8;
1843 bitlen = len % 8;
1844
1845 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen))
1846 return (0);
1847 if (bitlen != 0 &&
1848 p1->s6_addr[bytelen] >> (8 - bitlen) !=
1849 p2->s6_addr[bytelen] >> (8 - bitlen))
1850 return (0);
1851
1852 return (1);
1853 }
1854
1855 void
1856 in6_prefixlen2mask(struct in6_addr *maskp, int len)
1857 {
1858 u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff};
1859 int bytelen, bitlen, i;
1860
1861 /* sanity check */
1862 if (0 > len || len > 128) {
1863 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n",
1864 len);
1865 return;
1866 }
1867
1868 bzero(maskp, sizeof(*maskp));
1869 bytelen = len / 8;
1870 bitlen = len % 8;
1871 for (i = 0; i < bytelen; i++)
1872 maskp->s6_addr[i] = 0xff;
1873 if (bitlen)
1874 maskp->s6_addr[bytelen] = maskarray[bitlen - 1];
1875 }
1876
1877 /*
1878 * return the best address out of the same scope. if no address was
1879 * found, return the first valid address from designated IF.
1880 */
1881 struct in6_ifaddr *
1882 in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst)
1883 {
1884 int dst_scope = in6_addrscope(dst), blen = -1, tlen;
1885 struct ifaddr *ifa;
1886 struct in6_ifaddr *besta = NULL;
1887 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */
1888
1889 NET_EPOCH_ASSERT();
1890
1891 dep[0] = dep[1] = NULL;
1892
1893 /*
1894 * We first look for addresses in the same scope.
1895 * If there is one, return it.
1896 * If two or more, return one which matches the dst longest.
1897 * If none, return one of global addresses assigned other ifs.
1898 */
1899 CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1900 if (ifa->ifa_addr->sa_family != AF_INET6)
1901 continue;
1902 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
1903 continue; /* XXX: is there any case to allow anycast? */
1904 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
1905 continue; /* don't use this interface */
1906 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
1907 continue;
1908 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
1909 if (V_ip6_use_deprecated)
1910 dep[0] = (struct in6_ifaddr *)ifa;
1911 continue;
1912 }
1913
1914 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) {
1915 /*
1916 * call in6_matchlen() as few as possible
1917 */
1918 if (besta) {
1919 if (blen == -1)
1920 blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst);
1921 tlen = in6_matchlen(IFA_IN6(ifa), dst);
1922 if (tlen > blen) {
1923 blen = tlen;
1924 besta = (struct in6_ifaddr *)ifa;
1925 }
1926 } else
1927 besta = (struct in6_ifaddr *)ifa;
1928 }
1929 }
1930 if (besta)
1931 return (besta);
1932
1933 CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1934 if (ifa->ifa_addr->sa_family != AF_INET6)
1935 continue;
1936 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
1937 continue; /* XXX: is there any case to allow anycast? */
1938 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
1939 continue; /* don't use this interface */
1940 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
1941 continue;
1942 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
1943 if (V_ip6_use_deprecated)
1944 dep[1] = (struct in6_ifaddr *)ifa;
1945 continue;
1946 }
1947
1948 return (struct in6_ifaddr *)ifa;
1949 }
1950
1951 /* use the last-resort values, that are, deprecated addresses */
1952 if (dep[0])
1953 return dep[0];
1954 if (dep[1])
1955 return dep[1];
1956
1957 return NULL;
1958 }
1959
1960 /*
1961 * perform DAD when interface becomes IFF_UP.
1962 */
1963 void
1964 in6_if_up(struct ifnet *ifp)
1965 {
1966 struct epoch_tracker et;
1967 struct ifaddr *ifa;
1968 struct in6_ifaddr *ia;
1969
1970 NET_EPOCH_ENTER(et);
1971 CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1972 if (ifa->ifa_addr->sa_family != AF_INET6)
1973 continue;
1974 ia = (struct in6_ifaddr *)ifa;
1975 if (ia->ia6_flags & IN6_IFF_TENTATIVE) {
1976 /*
1977 * The TENTATIVE flag was likely set by hand
1978 * beforehand, implicitly indicating the need for DAD.
1979 * We may be able to skip the random delay in this
1980 * case, but we impose delays just in case.
1981 */
1982 nd6_dad_start(ifa,
1983 arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz));
1984 }
1985 }
1986 NET_EPOCH_EXIT(et);
1987
1988 /*
1989 * special cases, like 6to4, are handled in in6_ifattach
1990 */
1991 in6_ifattach(ifp, NULL);
1992 }
1993
1994 int
1995 in6if_do_dad(struct ifnet *ifp)
1996 {
1997
1998 if ((ifp->if_flags & IFF_LOOPBACK) != 0)
1999 return (0);
2000 if ((ifp->if_flags & IFF_MULTICAST) == 0)
2001 return (0);
2002 if ((ND_IFINFO(ifp)->flags &
2003 (ND6_IFF_IFDISABLED | ND6_IFF_NO_DAD)) != 0)
2004 return (0);
2005 return (1);
2006 }
2007
2008 /*
2009 * Calculate max IPv6 MTU through all the interfaces and store it
2010 * to in6_maxmtu.
2011 */
2012 void
2013 in6_setmaxmtu(void)
2014 {
2015 struct epoch_tracker et;
2016 unsigned long maxmtu = 0;
2017 struct ifnet *ifp;
2018
2019 NET_EPOCH_ENTER(et);
2020 CK_STAILQ_FOREACH(ifp, &V_ifnet, if_link) {
2021 /* this function can be called during ifnet initialization */
2022 if (!ifp->if_afdata[AF_INET6])
2023 continue;
2024 if ((ifp->if_flags & IFF_LOOPBACK) == 0 &&
2025 IN6_LINKMTU(ifp) > maxmtu)
2026 maxmtu = IN6_LINKMTU(ifp);
2027 }
2028 NET_EPOCH_EXIT(et);
2029 if (maxmtu) /* update only when maxmtu is positive */
2030 V_in6_maxmtu = maxmtu;
2031 }
2032
2033 /*
2034 * Provide the length of interface identifiers to be used for the link attached
2035 * to the given interface. The length should be defined in "IPv6 over
2036 * xxx-link" document. Note that address architecture might also define
2037 * the length for a particular set of address prefixes, regardless of the
2038 * link type. As clarified in rfc2462bis, those two definitions should be
2039 * consistent, and those really are as of August 2004.
2040 */
2041 int
2042 in6_if2idlen(struct ifnet *ifp)
2043 {
2044 switch (ifp->if_type) {
2045 case IFT_ETHER: /* RFC2464 */
2046 case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */
2047 case IFT_L2VLAN: /* ditto */
2048 case IFT_BRIDGE: /* bridge(4) only does Ethernet-like links */
2049 case IFT_INFINIBAND:
2050 return (64);
2051 case IFT_PPP: /* RFC2472 */
2052 return (64);
2053 case IFT_FRELAY: /* RFC2590 */
2054 return (64);
2055 case IFT_IEEE1394: /* RFC3146 */
2056 return (64);
2057 case IFT_GIF:
2058 return (64); /* draft-ietf-v6ops-mech-v2-07 */
2059 case IFT_LOOP:
2060 return (64); /* XXX: is this really correct? */
2061 default:
2062 /*
2063 * Unknown link type:
2064 * It might be controversial to use the today's common constant
2065 * of 64 for these cases unconditionally. For full compliance,
2066 * we should return an error in this case. On the other hand,
2067 * if we simply miss the standard for the link type or a new
2068 * standard is defined for a new link type, the IFID length
2069 * is very likely to be the common constant. As a compromise,
2070 * we always use the constant, but make an explicit notice
2071 * indicating the "unknown" case.
2072 */
2073 printf("in6_if2idlen: unknown link type (%d)\n", ifp->if_type);
2074 return (64);
2075 }
2076 }
2077
2078 struct in6_llentry {
2079 struct llentry base;
2080 };
2081
2082 #define IN6_LLTBL_DEFAULT_HSIZE 32
2083 #define IN6_LLTBL_HASH(k, h) \
2084 (((((((k >> 8) ^ k) >> 8) ^ k) >> 8) ^ k) & ((h) - 1))
2085
2086 /*
2087 * Do actual deallocation of @lle.
2088 */
2089 static void
2090 in6_lltable_destroy_lle_unlocked(epoch_context_t ctx)
2091 {
2092 struct llentry *lle;
2093
2094 lle = __containerof(ctx, struct llentry, lle_epoch_ctx);
2095 LLE_LOCK_DESTROY(lle);
2096 LLE_REQ_DESTROY(lle);
2097 free(lle, M_LLTABLE);
2098 }
2099
2100 /*
2101 * Called by LLE_FREE_LOCKED when number of references
2102 * drops to zero.
2103 */
2104 static void
2105 in6_lltable_destroy_lle(struct llentry *lle)
2106 {
2107
2108 LLE_WUNLOCK(lle);
2109 NET_EPOCH_CALL(in6_lltable_destroy_lle_unlocked, &lle->lle_epoch_ctx);
2110 }
2111
2112 static struct llentry *
2113 in6_lltable_new(const struct in6_addr *addr6, u_int flags)
2114 {
2115 struct in6_llentry *lle;
2116
2117 lle = malloc(sizeof(struct in6_llentry), M_LLTABLE, M_NOWAIT | M_ZERO);
2118 if (lle == NULL) /* NB: caller generates msg */
2119 return NULL;
2120
2121 lle->base.r_l3addr.addr6 = *addr6;
2122 lle->base.lle_refcnt = 1;
2123 lle->base.lle_free = in6_lltable_destroy_lle;
2124 LLE_LOCK_INIT(&lle->base);
2125 LLE_REQ_INIT(&lle->base);
2126 callout_init(&lle->base.lle_timer, 1);
2127
2128 return (&lle->base);
2129 }
2130
2131 static int
2132 in6_lltable_match_prefix(const struct sockaddr *saddr,
2133 const struct sockaddr *smask, u_int flags, struct llentry *lle)
2134 {
2135 const struct in6_addr *addr, *mask, *lle_addr;
2136
2137 addr = &((const struct sockaddr_in6 *)saddr)->sin6_addr;
2138 mask = &((const struct sockaddr_in6 *)smask)->sin6_addr;
2139 lle_addr = &lle->r_l3addr.addr6;
2140
2141 if (IN6_ARE_MASKED_ADDR_EQUAL(lle_addr, addr, mask) == 0)
2142 return (0);
2143
2144 if (lle->la_flags & LLE_IFADDR) {
2145 /*
2146 * Delete LLE_IFADDR records IFF address & flag matches.
2147 * Note that addr is the interface address within prefix
2148 * being matched.
2149 */
2150 if (IN6_ARE_ADDR_EQUAL(addr, lle_addr) &&
2151 (flags & LLE_STATIC) != 0)
2152 return (1);
2153 return (0);
2154 }
2155
2156 /* flags & LLE_STATIC means deleting both dynamic and static entries */
2157 if ((flags & LLE_STATIC) || !(lle->la_flags & LLE_STATIC))
2158 return (1);
2159
2160 return (0);
2161 }
2162
2163 static void
2164 in6_lltable_free_entry(struct lltable *llt, struct llentry *lle)
2165 {
2166 struct ifnet *ifp;
2167
2168 LLE_WLOCK_ASSERT(lle);
2169 KASSERT(llt != NULL, ("lltable is NULL"));
2170
2171 /* Unlink entry from table */
2172 if ((lle->la_flags & LLE_LINKED) != 0) {
2173 ifp = llt->llt_ifp;
2174 IF_AFDATA_WLOCK_ASSERT(ifp);
2175 lltable_unlink_entry(llt, lle);
2176 }
2177
2178 llentry_free(lle);
2179 }
2180
2181 static int
2182 in6_lltable_rtcheck(struct ifnet *ifp,
2183 u_int flags,
2184 const struct sockaddr *l3addr)
2185 {
2186 const struct sockaddr_in6 *sin6;
2187 struct nhop_object *nh;
2188 struct in6_addr dst;
2189 uint32_t scopeid;
2190 char ip6buf[INET6_ADDRSTRLEN];
2191 int fibnum;
2192
2193 NET_EPOCH_ASSERT();
2194 KASSERT(l3addr->sa_family == AF_INET6,
2195 ("sin_family %d", l3addr->sa_family));
2196
2197 sin6 = (const struct sockaddr_in6 *)l3addr;
2198 in6_splitscope(&sin6->sin6_addr, &dst, &scopeid);
2199 fibnum = V_rt_add_addr_allfibs ? RT_DEFAULT_FIB : ifp->if_fib;
2200 nh = fib6_lookup(fibnum, &dst, scopeid, NHR_NONE, 0);
2201 if (nh && ((nh->nh_flags & NHF_GATEWAY) || nh->nh_ifp != ifp)) {
2202 struct ifaddr *ifa;
2203 /*
2204 * Create an ND6 cache for an IPv6 neighbor
2205 * that is not covered by our own prefix.
2206 */
2207 ifa = ifaof_ifpforaddr(l3addr, ifp);
2208 if (ifa != NULL) {
2209 return 0;
2210 }
2211 log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n",
2212 ip6_sprintf(ip6buf, &sin6->sin6_addr));
2213 return EINVAL;
2214 }
2215 return 0;
2216 }
2217
2218 static inline uint32_t
2219 in6_lltable_hash_dst(const struct in6_addr *dst, uint32_t hsize)
2220 {
2221
2222 return (IN6_LLTBL_HASH(dst->s6_addr32[3], hsize));
2223 }
2224
2225 static uint32_t
2226 in6_lltable_hash(const struct llentry *lle, uint32_t hsize)
2227 {
2228
2229 return (in6_lltable_hash_dst(&lle->r_l3addr.addr6, hsize));
2230 }
2231
2232 static void
2233 in6_lltable_fill_sa_entry(const struct llentry *lle, struct sockaddr *sa)
2234 {
2235 struct sockaddr_in6 *sin6;
2236
2237 sin6 = (struct sockaddr_in6 *)sa;
2238 bzero(sin6, sizeof(*sin6));
2239 sin6->sin6_family = AF_INET6;
2240 sin6->sin6_len = sizeof(*sin6);
2241 sin6->sin6_addr = lle->r_l3addr.addr6;
2242 }
2243
2244 static inline struct llentry *
2245 in6_lltable_find_dst(struct lltable *llt, const struct in6_addr *dst)
2246 {
2247 struct llentry *lle;
2248 struct llentries *lleh;
2249 u_int hashidx;
2250
2251 hashidx = in6_lltable_hash_dst(dst, llt->llt_hsize);
2252 lleh = &llt->lle_head[hashidx];
2253 CK_LIST_FOREACH(lle, lleh, lle_next) {
2254 if (lle->la_flags & LLE_DELETED)
2255 continue;
2256 if (IN6_ARE_ADDR_EQUAL(&lle->r_l3addr.addr6, dst))
2257 break;
2258 }
2259
2260 return (lle);
2261 }
2262
2263 static void
2264 in6_lltable_delete_entry(struct lltable *llt, struct llentry *lle)
2265 {
2266
2267 lle->la_flags |= LLE_DELETED;
2268 EVENTHANDLER_INVOKE(lle_event, lle, LLENTRY_DELETED);
2269 #ifdef DIAGNOSTIC
2270 log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle);
2271 #endif
2272 llentry_free(lle);
2273 }
2274
2275 static struct llentry *
2276 in6_lltable_alloc(struct lltable *llt, u_int flags,
2277 const struct sockaddr *l3addr)
2278 {
2279 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr;
2280 struct ifnet *ifp = llt->llt_ifp;
2281 struct llentry *lle;
2282 char linkhdr[LLE_MAX_LINKHDR];
2283 size_t linkhdrsize;
2284 int lladdr_off;
2285
2286 KASSERT(l3addr->sa_family == AF_INET6,
2287 ("sin_family %d", l3addr->sa_family));
2288
2289 /*
2290 * A route that covers the given address must have
2291 * been installed 1st because we are doing a resolution,
2292 * verify this.
2293 */
2294 if (!(flags & LLE_IFADDR) &&
2295 in6_lltable_rtcheck(ifp, flags, l3addr) != 0)
2296 return (NULL);
2297
2298 lle = in6_lltable_new(&sin6->sin6_addr, flags);
2299 if (lle == NULL) {
2300 log(LOG_INFO, "lla_lookup: new lle malloc failed\n");
2301 return (NULL);
2302 }
2303 lle->la_flags = flags;
2304 if ((flags & LLE_IFADDR) == LLE_IFADDR) {
2305 linkhdrsize = LLE_MAX_LINKHDR;
2306 if (lltable_calc_llheader(ifp, AF_INET6, IF_LLADDR(ifp),
2307 linkhdr, &linkhdrsize, &lladdr_off) != 0) {
2308 in6_lltable_free_entry(llt, lle);
2309 return (NULL);
2310 }
2311 lltable_set_entry_addr(ifp, lle, linkhdr, linkhdrsize,
2312 lladdr_off);
2313 lle->la_flags |= LLE_STATIC;
2314 }
2315
2316 if ((lle->la_flags & LLE_STATIC) != 0)
2317 lle->ln_state = ND6_LLINFO_REACHABLE;
2318
2319 return (lle);
2320 }
2321
2322 static struct llentry *
2323 in6_lltable_lookup(struct lltable *llt, u_int flags,
2324 const struct sockaddr *l3addr)
2325 {
2326 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr;
2327 int family = flags >> 16;
2328 struct llentry *lle;
2329
2330 IF_AFDATA_LOCK_ASSERT(llt->llt_ifp);
2331 KASSERT(l3addr->sa_family == AF_INET6,
2332 ("sin_family %d", l3addr->sa_family));
2333 KASSERT((flags & (LLE_UNLOCKED | LLE_EXCLUSIVE)) !=
2334 (LLE_UNLOCKED | LLE_EXCLUSIVE),
2335 ("wrong lle request flags: %#x", flags));
2336
2337 lle = in6_lltable_find_dst(llt, &sin6->sin6_addr);
2338
2339 if (__predict_false(family != AF_INET6))
2340 lle = llentry_lookup_family(lle, family);
2341
2342 if (lle == NULL)
2343 return (NULL);
2344
2345 if (flags & LLE_UNLOCKED)
2346 return (lle);
2347
2348 if (flags & LLE_EXCLUSIVE)
2349 LLE_WLOCK(lle);
2350 else
2351 LLE_RLOCK(lle);
2352
2353 /*
2354 * If the afdata lock is not held, the LLE may have been unlinked while
2355 * we were blocked on the LLE lock. Check for this case.
2356 */
2357 if (__predict_false((lle->la_flags & LLE_LINKED) == 0)) {
2358 if (flags & LLE_EXCLUSIVE)
2359 LLE_WUNLOCK(lle);
2360 else
2361 LLE_RUNLOCK(lle);
2362 return (NULL);
2363 }
2364 return (lle);
2365 }
2366
2367 static int
2368 in6_lltable_dump_entry(struct lltable *llt, struct llentry *lle,
2369 struct sysctl_req *wr)
2370 {
2371 struct ifnet *ifp = llt->llt_ifp;
2372 /* XXX stack use */
2373 struct {
2374 struct rt_msghdr rtm;
2375 struct sockaddr_in6 sin6;
2376 /*
2377 * ndp.c assumes that sdl is word aligned
2378 */
2379 #ifdef __LP64__
2380 uint32_t pad;
2381 #endif
2382 struct sockaddr_dl sdl;
2383 } ndpc;
2384 struct sockaddr_dl *sdl;
2385 int error;
2386
2387 bzero(&ndpc, sizeof(ndpc));
2388 /* skip deleted entries */
2389 if ((lle->la_flags & LLE_DELETED) == LLE_DELETED)
2390 return (0);
2391 /* Skip if jailed and not a valid IP of the prison. */
2392 lltable_fill_sa_entry(lle, (struct sockaddr *)&ndpc.sin6);
2393 if (prison_if(wr->td->td_ucred, (struct sockaddr *)&ndpc.sin6) != 0)
2394 return (0);
2395 /*
2396 * produce a msg made of:
2397 * struct rt_msghdr;
2398 * struct sockaddr_in6 (IPv6)
2399 * struct sockaddr_dl;
2400 */
2401 ndpc.rtm.rtm_msglen = sizeof(ndpc);
2402 ndpc.rtm.rtm_version = RTM_VERSION;
2403 ndpc.rtm.rtm_type = RTM_GET;
2404 ndpc.rtm.rtm_flags = RTF_UP;
2405 ndpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY;
2406 sa6_recoverscope(&ndpc.sin6);
2407
2408 /* publish */
2409 if (lle->la_flags & LLE_PUB)
2410 ndpc.rtm.rtm_flags |= RTF_ANNOUNCE;
2411
2412 sdl = &ndpc.sdl;
2413 sdl->sdl_family = AF_LINK;
2414 sdl->sdl_len = sizeof(*sdl);
2415 sdl->sdl_index = ifp->if_index;
2416 sdl->sdl_type = ifp->if_type;
2417 if ((lle->la_flags & LLE_VALID) == LLE_VALID) {
2418 sdl->sdl_alen = ifp->if_addrlen;
2419 bcopy(lle->ll_addr, LLADDR(sdl), ifp->if_addrlen);
2420 } else {
2421 sdl->sdl_alen = 0;
2422 bzero(LLADDR(sdl), ifp->if_addrlen);
2423 }
2424 if (lle->la_expire != 0)
2425 ndpc.rtm.rtm_rmx.rmx_expire = lle->la_expire +
2426 lle->lle_remtime / hz + time_second - time_uptime;
2427 ndpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA);
2428 if (lle->la_flags & LLE_STATIC)
2429 ndpc.rtm.rtm_flags |= RTF_STATIC;
2430 if (lle->la_flags & LLE_IFADDR)
2431 ndpc.rtm.rtm_flags |= RTF_PINNED;
2432 if (lle->ln_router != 0)
2433 ndpc.rtm.rtm_flags |= RTF_GATEWAY;
2434 ndpc.rtm.rtm_rmx.rmx_pksent = lle->la_asked;
2435 /* Store state in rmx_weight value */
2436 ndpc.rtm.rtm_rmx.rmx_state = lle->ln_state;
2437 ndpc.rtm.rtm_index = ifp->if_index;
2438 error = SYSCTL_OUT(wr, &ndpc, sizeof(ndpc));
2439
2440 return (error);
2441 }
2442
2443 static struct lltable *
2444 in6_lltattach(struct ifnet *ifp)
2445 {
2446 struct lltable *llt;
2447
2448 llt = lltable_allocate_htbl(IN6_LLTBL_DEFAULT_HSIZE);
2449 llt->llt_af = AF_INET6;
2450 llt->llt_ifp = ifp;
2451
2452 llt->llt_lookup = in6_lltable_lookup;
2453 llt->llt_alloc_entry = in6_lltable_alloc;
2454 llt->llt_delete_entry = in6_lltable_delete_entry;
2455 llt->llt_dump_entry = in6_lltable_dump_entry;
2456 llt->llt_hash = in6_lltable_hash;
2457 llt->llt_fill_sa_entry = in6_lltable_fill_sa_entry;
2458 llt->llt_free_entry = in6_lltable_free_entry;
2459 llt->llt_match_prefix = in6_lltable_match_prefix;
2460 llt->llt_mark_used = llentry_mark_used;
2461 lltable_link(llt);
2462
2463 return (llt);
2464 }
2465
2466 struct lltable *
2467 in6_lltable_get(struct ifnet *ifp)
2468 {
2469 struct lltable *llt = NULL;
2470
2471 void *afdata_ptr = ifp->if_afdata[AF_INET6];
2472 if (afdata_ptr != NULL)
2473 llt = ((struct in6_ifextra *)afdata_ptr)->lltable;
2474 return (llt);
2475 }
2476
2477 void *
2478 in6_domifattach(struct ifnet *ifp)
2479 {
2480 struct in6_ifextra *ext;
2481
2482 /* There are not IPv6-capable interfaces. */
2483 switch (ifp->if_type) {
2484 case IFT_PFLOG:
2485 case IFT_PFSYNC:
2486 case IFT_USB:
2487 return (NULL);
2488 }
2489 ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK);
2490 bzero(ext, sizeof(*ext));
2491
2492 ext->in6_ifstat = malloc(sizeof(counter_u64_t) *
2493 sizeof(struct in6_ifstat) / sizeof(uint64_t), M_IFADDR, M_WAITOK);
2494 COUNTER_ARRAY_ALLOC(ext->in6_ifstat,
2495 sizeof(struct in6_ifstat) / sizeof(uint64_t), M_WAITOK);
2496
2497 ext->icmp6_ifstat = malloc(sizeof(counter_u64_t) *
2498 sizeof(struct icmp6_ifstat) / sizeof(uint64_t), M_IFADDR,
2499 M_WAITOK);
2500 COUNTER_ARRAY_ALLOC(ext->icmp6_ifstat,
2501 sizeof(struct icmp6_ifstat) / sizeof(uint64_t), M_WAITOK);
2502
2503 ext->nd_ifinfo = nd6_ifattach(ifp);
2504 ext->scope6_id = scope6_ifattach(ifp);
2505 ext->lltable = in6_lltattach(ifp);
2506
2507 ext->mld_ifinfo = mld_domifattach(ifp);
2508
2509 return ext;
2510 }
2511
2512 int
2513 in6_domifmtu(struct ifnet *ifp)
2514 {
2515 if (ifp->if_afdata[AF_INET6] == NULL)
2516 return ifp->if_mtu;
2517
2518 return (IN6_LINKMTU(ifp));
2519 }
2520
2521 void
2522 in6_domifdetach(struct ifnet *ifp, void *aux)
2523 {
2524 struct in6_ifextra *ext = (struct in6_ifextra *)aux;
2525
2526 mld_domifdetach(ifp);
2527 scope6_ifdetach(ext->scope6_id);
2528 nd6_ifdetach(ifp, ext->nd_ifinfo);
2529 lltable_free(ext->lltable);
2530 COUNTER_ARRAY_FREE(ext->in6_ifstat,
2531 sizeof(struct in6_ifstat) / sizeof(uint64_t));
2532 free(ext->in6_ifstat, M_IFADDR);
2533 COUNTER_ARRAY_FREE(ext->icmp6_ifstat,
2534 sizeof(struct icmp6_ifstat) / sizeof(uint64_t));
2535 free(ext->icmp6_ifstat, M_IFADDR);
2536 free(ext, M_IFADDR);
2537 }
2538
2539 /*
2540 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be
2541 * v4 mapped addr or v4 compat addr
2542 */
2543 void
2544 in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
2545 {
2546
2547 bzero(sin, sizeof(*sin));
2548 sin->sin_len = sizeof(struct sockaddr_in);
2549 sin->sin_family = AF_INET;
2550 sin->sin_port = sin6->sin6_port;
2551 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3];
2552 }
2553
2554 /* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */
2555 void
2556 in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
2557 {
2558 bzero(sin6, sizeof(*sin6));
2559 sin6->sin6_len = sizeof(struct sockaddr_in6);
2560 sin6->sin6_family = AF_INET6;
2561 sin6->sin6_port = sin->sin_port;
2562 sin6->sin6_addr.s6_addr32[0] = 0;
2563 sin6->sin6_addr.s6_addr32[1] = 0;
2564 sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP;
2565 sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr;
2566 }
2567
2568 /* Convert sockaddr_in6 into sockaddr_in. */
2569 void
2570 in6_sin6_2_sin_in_sock(struct sockaddr *nam)
2571 {
2572 struct sockaddr_in *sin_p;
2573 struct sockaddr_in6 sin6;
2574
2575 /*
2576 * Save original sockaddr_in6 addr and convert it
2577 * to sockaddr_in.
2578 */
2579 sin6 = *(struct sockaddr_in6 *)nam;
2580 sin_p = (struct sockaddr_in *)nam;
2581 in6_sin6_2_sin(sin_p, &sin6);
2582 }
2583
2584 /* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */
2585 void
2586 in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam)
2587 {
2588 struct sockaddr_in *sin_p;
2589 struct sockaddr_in6 *sin6_p;
2590
2591 sin6_p = malloc(sizeof *sin6_p, M_SONAME, M_WAITOK);
2592 sin_p = (struct sockaddr_in *)*nam;
2593 in6_sin_2_v4mapsin6(sin_p, sin6_p);
2594 free(*nam, M_SONAME);
2595 *nam = (struct sockaddr *)sin6_p;
2596 }
Cache object: c873f8b7c826f50373486f42cb4c6e6b
|