FreeBSD/Linux Kernel Cross Reference
sys/netinet6/in6.c
1 /*-
2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. Neither the name of the project nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 *
29 * $KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $
30 */
31
32 /*-
33 * Copyright (c) 1982, 1986, 1991, 1993
34 * The Regents of the University of California. All rights reserved.
35 *
36 * Redistribution and use in source and binary forms, with or without
37 * modification, are permitted provided that the following conditions
38 * are met:
39 * 1. Redistributions of source code must retain the above copyright
40 * notice, this list of conditions and the following disclaimer.
41 * 2. Redistributions in binary form must reproduce the above copyright
42 * notice, this list of conditions and the following disclaimer in the
43 * documentation and/or other materials provided with the distribution.
44 * 4. Neither the name of the University nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
47 *
48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
58 * SUCH DAMAGE.
59 *
60 * @(#)in.c 8.2 (Berkeley) 11/15/93
61 */
62
63 #include <sys/cdefs.h>
64 __FBSDID("$FreeBSD: releng/8.3/sys/netinet6/in6.c 255446 2013-09-10 10:13:14Z des $");
65
66 #include "opt_compat.h"
67 #include "opt_inet.h"
68 #include "opt_inet6.h"
69
70 #include <sys/param.h>
71 #include <sys/errno.h>
72 #include <sys/jail.h>
73 #include <sys/malloc.h>
74 #include <sys/socket.h>
75 #include <sys/socketvar.h>
76 #include <sys/sockio.h>
77 #include <sys/systm.h>
78 #include <sys/priv.h>
79 #include <sys/proc.h>
80 #include <sys/time.h>
81 #include <sys/kernel.h>
82 #include <sys/syslog.h>
83
84 #include <net/if.h>
85 #include <net/if_var.h>
86 #include <net/if_types.h>
87 #include <net/route.h>
88 #include <net/if_dl.h>
89 #include <net/vnet.h>
90
91 #include <netinet/in.h>
92 #include <netinet/in_var.h>
93 #include <net/if_llatbl.h>
94 #include <netinet/if_ether.h>
95 #include <netinet/in_systm.h>
96 #include <netinet/ip.h>
97 #include <netinet/in_pcb.h>
98
99 #include <netinet/ip6.h>
100 #include <netinet6/ip6_var.h>
101 #include <netinet6/nd6.h>
102 #include <netinet6/mld6_var.h>
103 #include <netinet6/ip6_mroute.h>
104 #include <netinet6/in6_ifattach.h>
105 #include <netinet6/scope6_var.h>
106 #include <netinet6/in6_pcb.h>
107
108 /*
109 * Definitions of some costant IP6 addresses.
110 */
111 const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT;
112 const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT;
113 const struct in6_addr in6addr_nodelocal_allnodes =
114 IN6ADDR_NODELOCAL_ALLNODES_INIT;
115 const struct in6_addr in6addr_linklocal_allnodes =
116 IN6ADDR_LINKLOCAL_ALLNODES_INIT;
117 const struct in6_addr in6addr_linklocal_allrouters =
118 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT;
119 const struct in6_addr in6addr_linklocal_allv2routers =
120 IN6ADDR_LINKLOCAL_ALLV2ROUTERS_INIT;
121
122 const struct in6_addr in6mask0 = IN6MASK0;
123 const struct in6_addr in6mask32 = IN6MASK32;
124 const struct in6_addr in6mask64 = IN6MASK64;
125 const struct in6_addr in6mask96 = IN6MASK96;
126 const struct in6_addr in6mask128 = IN6MASK128;
127
128 const struct sockaddr_in6 sa6_any =
129 { sizeof(sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0 };
130
131 static int in6_lifaddr_ioctl __P((struct socket *, u_long, caddr_t,
132 struct ifnet *, struct thread *));
133 static int in6_ifinit __P((struct ifnet *, struct in6_ifaddr *,
134 struct sockaddr_in6 *, int));
135 static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *);
136
137 int (*faithprefix_p)(struct in6_addr *);
138
139
140
141 int
142 in6_mask2len(struct in6_addr *mask, u_char *lim0)
143 {
144 int x = 0, y;
145 u_char *lim = lim0, *p;
146
147 /* ignore the scope_id part */
148 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask))
149 lim = (u_char *)mask + sizeof(*mask);
150 for (p = (u_char *)mask; p < lim; x++, p++) {
151 if (*p != 0xff)
152 break;
153 }
154 y = 0;
155 if (p < lim) {
156 for (y = 0; y < 8; y++) {
157 if ((*p & (0x80 >> y)) == 0)
158 break;
159 }
160 }
161
162 /*
163 * when the limit pointer is given, do a stricter check on the
164 * remaining bits.
165 */
166 if (p < lim) {
167 if (y != 0 && (*p & (0x00ff >> y)) != 0)
168 return (-1);
169 for (p = p + 1; p < lim; p++)
170 if (*p != 0)
171 return (-1);
172 }
173
174 return x * 8 + y;
175 }
176
177 #define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa))
178 #define ia62ifa(ia6) (&((ia6)->ia_ifa))
179
180 #ifdef COMPAT_FREEBSD32
181 struct in6_ndifreq32 {
182 char ifname[IFNAMSIZ];
183 uint32_t ifindex;
184 };
185 #define SIOCGDEFIFACE32_IN6 _IOWR('i', 86, struct in6_ndifreq32)
186 #endif
187
188 int
189 in6_control(struct socket *so, u_long cmd, caddr_t data,
190 struct ifnet *ifp, struct thread *td)
191 {
192 struct in6_ifreq *ifr = (struct in6_ifreq *)data;
193 struct in6_ifaddr *ia = NULL;
194 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data;
195 struct sockaddr_in6 *sa6;
196 int error;
197
198 switch (cmd) {
199 case SIOCGETSGCNT_IN6:
200 case SIOCGETMIFCNT_IN6:
201 return (mrt6_ioctl ? mrt6_ioctl(cmd, data) : EOPNOTSUPP);
202 }
203
204 switch(cmd) {
205 case SIOCAADDRCTL_POLICY:
206 case SIOCDADDRCTL_POLICY:
207 if (td != NULL) {
208 error = priv_check(td, PRIV_NETINET_ADDRCTRL6);
209 if (error)
210 return (error);
211 }
212 return (in6_src_ioctl(cmd, data));
213 }
214
215 if (ifp == NULL)
216 return (EOPNOTSUPP);
217
218 switch (cmd) {
219 case SIOCSNDFLUSH_IN6:
220 case SIOCSPFXFLUSH_IN6:
221 case SIOCSRTRFLUSH_IN6:
222 case SIOCSDEFIFACE_IN6:
223 case SIOCSIFINFO_FLAGS:
224 case SIOCSIFINFO_IN6:
225 if (td != NULL) {
226 error = priv_check(td, PRIV_NETINET_ND6);
227 if (error)
228 return (error);
229 }
230 /* FALLTHROUGH */
231 case OSIOCGIFINFO_IN6:
232 case SIOCGIFINFO_IN6:
233 case SIOCGDRLST_IN6:
234 case SIOCGPRLST_IN6:
235 case SIOCGNBRINFO_IN6:
236 case SIOCGDEFIFACE_IN6:
237 return (nd6_ioctl(cmd, data, ifp));
238
239 #ifdef COMPAT_FREEBSD32
240 case SIOCGDEFIFACE32_IN6:
241 {
242 struct in6_ndifreq ndif;
243 struct in6_ndifreq32 *ndif32;
244
245 error = nd6_ioctl(SIOCGDEFIFACE_IN6, (caddr_t)&ndif,
246 ifp);
247 if (error)
248 return (error);
249 ndif32 = (struct in6_ndifreq32 *)data;
250 ndif32->ifindex = ndif.ifindex;
251 return (0);
252 }
253 #endif
254 }
255
256 switch (cmd) {
257 case SIOCSIFPREFIX_IN6:
258 case SIOCDIFPREFIX_IN6:
259 case SIOCAIFPREFIX_IN6:
260 case SIOCCIFPREFIX_IN6:
261 case SIOCSGIFPREFIX_IN6:
262 case SIOCGIFPREFIX_IN6:
263 log(LOG_NOTICE,
264 "prefix ioctls are now invalidated. "
265 "please use ifconfig.\n");
266 return (EOPNOTSUPP);
267 }
268
269 switch (cmd) {
270 case SIOCSSCOPE6:
271 if (td != NULL) {
272 error = priv_check(td, PRIV_NETINET_SCOPE6);
273 if (error)
274 return (error);
275 }
276 return (scope6_set(ifp,
277 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id));
278 case SIOCGSCOPE6:
279 return (scope6_get(ifp,
280 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id));
281 case SIOCGSCOPE6DEF:
282 return (scope6_get_default((struct scope6_id *)
283 ifr->ifr_ifru.ifru_scope_id));
284 }
285
286 switch (cmd) {
287 case SIOCALIFADDR:
288 if (td != NULL) {
289 error = priv_check(td, PRIV_NET_ADDIFADDR);
290 if (error)
291 return (error);
292 }
293 return in6_lifaddr_ioctl(so, cmd, data, ifp, td);
294
295 case SIOCDLIFADDR:
296 if (td != NULL) {
297 error = priv_check(td, PRIV_NET_DELIFADDR);
298 if (error)
299 return (error);
300 }
301 /* FALLTHROUGH */
302 case SIOCGLIFADDR:
303 return in6_lifaddr_ioctl(so, cmd, data, ifp, td);
304 }
305
306 /*
307 * Find address for this interface, if it exists.
308 *
309 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation
310 * only, and used the first interface address as the target of other
311 * operations (without checking ifra_addr). This was because netinet
312 * code/API assumed at most 1 interface address per interface.
313 * Since IPv6 allows a node to assign multiple addresses
314 * on a single interface, we almost always look and check the
315 * presence of ifra_addr, and reject invalid ones here.
316 * It also decreases duplicated code among SIOC*_IN6 operations.
317 */
318 switch (cmd) {
319 case SIOCAIFADDR_IN6:
320 case SIOCSIFPHYADDR_IN6:
321 sa6 = &ifra->ifra_addr;
322 break;
323 case SIOCSIFADDR_IN6:
324 case SIOCGIFADDR_IN6:
325 case SIOCSIFDSTADDR_IN6:
326 case SIOCSIFNETMASK_IN6:
327 case SIOCGIFDSTADDR_IN6:
328 case SIOCGIFNETMASK_IN6:
329 case SIOCDIFADDR_IN6:
330 case SIOCGIFPSRCADDR_IN6:
331 case SIOCGIFPDSTADDR_IN6:
332 case SIOCGIFAFLAG_IN6:
333 case SIOCSNDFLUSH_IN6:
334 case SIOCSPFXFLUSH_IN6:
335 case SIOCSRTRFLUSH_IN6:
336 case SIOCGIFALIFETIME_IN6:
337 case SIOCSIFALIFETIME_IN6:
338 case SIOCGIFSTAT_IN6:
339 case SIOCGIFSTAT_ICMP6:
340 sa6 = &ifr->ifr_addr;
341 break;
342 case SIOCSIFADDR:
343 case SIOCSIFBRDADDR:
344 case SIOCSIFDSTADDR:
345 case SIOCSIFNETMASK:
346 /*
347 * Although we should pass any non-INET6 ioctl requests
348 * down to driver, we filter some legacy INET requests.
349 * Drivers trust SIOCSIFADDR et al to come from an already
350 * privileged layer, and do not perform any credentials
351 * checks or input validation.
352 */
353 return (EINVAL);
354 default:
355 sa6 = NULL;
356 break;
357 }
358 if (sa6 && sa6->sin6_family == AF_INET6) {
359 if (sa6->sin6_scope_id != 0)
360 error = sa6_embedscope(sa6, 0);
361 else
362 error = in6_setscope(&sa6->sin6_addr, ifp, NULL);
363 if (error != 0)
364 return (error);
365 if (td != NULL && (error = prison_check_ip6(td->td_ucred,
366 &sa6->sin6_addr)) != 0)
367 return (error);
368 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr);
369 } else
370 ia = NULL;
371
372 switch (cmd) {
373 case SIOCSIFADDR_IN6:
374 case SIOCSIFDSTADDR_IN6:
375 case SIOCSIFNETMASK_IN6:
376 /*
377 * Since IPv6 allows a node to assign multiple addresses
378 * on a single interface, SIOCSIFxxx ioctls are deprecated.
379 */
380 /* we decided to obsolete this command (20000704) */
381 error = EINVAL;
382 goto out;
383
384 case SIOCDIFADDR_IN6:
385 /*
386 * for IPv4, we look for existing in_ifaddr here to allow
387 * "ifconfig if0 delete" to remove the first IPv4 address on
388 * the interface. For IPv6, as the spec allows multiple
389 * interface address from the day one, we consider "remove the
390 * first one" semantics to be not preferable.
391 */
392 if (ia == NULL) {
393 error = EADDRNOTAVAIL;
394 goto out;
395 }
396 /* FALLTHROUGH */
397 case SIOCAIFADDR_IN6:
398 /*
399 * We always require users to specify a valid IPv6 address for
400 * the corresponding operation.
401 */
402 if (ifra->ifra_addr.sin6_family != AF_INET6 ||
403 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) {
404 error = EAFNOSUPPORT;
405 goto out;
406 }
407
408 if (td != NULL) {
409 error = priv_check(td, (cmd == SIOCDIFADDR_IN6) ?
410 PRIV_NET_DELIFADDR : PRIV_NET_ADDIFADDR);
411 if (error)
412 goto out;
413 }
414 break;
415
416 case SIOCGIFADDR_IN6:
417 /* This interface is basically deprecated. use SIOCGIFCONF. */
418 /* FALLTHROUGH */
419 case SIOCGIFAFLAG_IN6:
420 case SIOCGIFNETMASK_IN6:
421 case SIOCGIFDSTADDR_IN6:
422 case SIOCGIFALIFETIME_IN6:
423 /* must think again about its semantics */
424 if (ia == NULL) {
425 error = EADDRNOTAVAIL;
426 goto out;
427 }
428 break;
429
430 case SIOCSIFALIFETIME_IN6:
431 {
432 struct in6_addrlifetime *lt;
433
434 if (td != NULL) {
435 error = priv_check(td, PRIV_NETINET_ALIFETIME6);
436 if (error)
437 goto out;
438 }
439 if (ia == NULL) {
440 error = EADDRNOTAVAIL;
441 goto out;
442 }
443 /* sanity for overflow - beware unsigned */
444 lt = &ifr->ifr_ifru.ifru_lifetime;
445 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME &&
446 lt->ia6t_vltime + time_second < time_second) {
447 error = EINVAL;
448 goto out;
449 }
450 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME &&
451 lt->ia6t_pltime + time_second < time_second) {
452 error = EINVAL;
453 goto out;
454 }
455 break;
456 }
457 }
458
459 switch (cmd) {
460 case SIOCGIFADDR_IN6:
461 ifr->ifr_addr = ia->ia_addr;
462 if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0)
463 goto out;
464 break;
465
466 case SIOCGIFDSTADDR_IN6:
467 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) {
468 error = EINVAL;
469 goto out;
470 }
471 /*
472 * XXX: should we check if ifa_dstaddr is NULL and return
473 * an error?
474 */
475 ifr->ifr_dstaddr = ia->ia_dstaddr;
476 if ((error = sa6_recoverscope(&ifr->ifr_dstaddr)) != 0)
477 goto out;
478 break;
479
480 case SIOCGIFNETMASK_IN6:
481 ifr->ifr_addr = ia->ia_prefixmask;
482 break;
483
484 case SIOCGIFAFLAG_IN6:
485 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags;
486 break;
487
488 case SIOCGIFSTAT_IN6:
489 if (ifp == NULL) {
490 error = EINVAL;
491 goto out;
492 }
493 bzero(&ifr->ifr_ifru.ifru_stat,
494 sizeof(ifr->ifr_ifru.ifru_stat));
495 ifr->ifr_ifru.ifru_stat =
496 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat;
497 break;
498
499 case SIOCGIFSTAT_ICMP6:
500 if (ifp == NULL) {
501 error = EINVAL;
502 goto out;
503 }
504 bzero(&ifr->ifr_ifru.ifru_icmp6stat,
505 sizeof(ifr->ifr_ifru.ifru_icmp6stat));
506 ifr->ifr_ifru.ifru_icmp6stat =
507 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat;
508 break;
509
510 case SIOCGIFALIFETIME_IN6:
511 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime;
512 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
513 time_t maxexpire;
514 struct in6_addrlifetime *retlt =
515 &ifr->ifr_ifru.ifru_lifetime;
516
517 /*
518 * XXX: adjust expiration time assuming time_t is
519 * signed.
520 */
521 maxexpire = (-1) &
522 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
523 if (ia->ia6_lifetime.ia6t_vltime <
524 maxexpire - ia->ia6_updatetime) {
525 retlt->ia6t_expire = ia->ia6_updatetime +
526 ia->ia6_lifetime.ia6t_vltime;
527 } else
528 retlt->ia6t_expire = maxexpire;
529 }
530 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
531 time_t maxexpire;
532 struct in6_addrlifetime *retlt =
533 &ifr->ifr_ifru.ifru_lifetime;
534
535 /*
536 * XXX: adjust expiration time assuming time_t is
537 * signed.
538 */
539 maxexpire = (-1) &
540 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
541 if (ia->ia6_lifetime.ia6t_pltime <
542 maxexpire - ia->ia6_updatetime) {
543 retlt->ia6t_preferred = ia->ia6_updatetime +
544 ia->ia6_lifetime.ia6t_pltime;
545 } else
546 retlt->ia6t_preferred = maxexpire;
547 }
548 break;
549
550 case SIOCSIFALIFETIME_IN6:
551 ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime;
552 /* for sanity */
553 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
554 ia->ia6_lifetime.ia6t_expire =
555 time_second + ia->ia6_lifetime.ia6t_vltime;
556 } else
557 ia->ia6_lifetime.ia6t_expire = 0;
558 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
559 ia->ia6_lifetime.ia6t_preferred =
560 time_second + ia->ia6_lifetime.ia6t_pltime;
561 } else
562 ia->ia6_lifetime.ia6t_preferred = 0;
563 break;
564
565 case SIOCAIFADDR_IN6:
566 {
567 int i;
568 struct nd_prefixctl pr0;
569 struct nd_prefix *pr;
570
571 /*
572 * first, make or update the interface address structure,
573 * and link it to the list.
574 */
575 if ((error = in6_update_ifa(ifp, ifra, ia, 0)) != 0)
576 goto out;
577 if (ia != NULL)
578 ifa_free(&ia->ia_ifa);
579 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr))
580 == NULL) {
581 /*
582 * this can happen when the user specify the 0 valid
583 * lifetime.
584 */
585 break;
586 }
587
588 /*
589 * then, make the prefix on-link on the interface.
590 * XXX: we'd rather create the prefix before the address, but
591 * we need at least one address to install the corresponding
592 * interface route, so we configure the address first.
593 */
594
595 /*
596 * convert mask to prefix length (prefixmask has already
597 * been validated in in6_update_ifa().
598 */
599 bzero(&pr0, sizeof(pr0));
600 pr0.ndpr_ifp = ifp;
601 pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
602 NULL);
603 if (pr0.ndpr_plen == 128) {
604 break; /* we don't need to install a host route. */
605 }
606 pr0.ndpr_prefix = ifra->ifra_addr;
607 /* apply the mask for safety. */
608 for (i = 0; i < 4; i++) {
609 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &=
610 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i];
611 }
612 /*
613 * XXX: since we don't have an API to set prefix (not address)
614 * lifetimes, we just use the same lifetimes as addresses.
615 * The (temporarily) installed lifetimes can be overridden by
616 * later advertised RAs (when accept_rtadv is non 0), which is
617 * an intended behavior.
618 */
619 pr0.ndpr_raf_onlink = 1; /* should be configurable? */
620 pr0.ndpr_raf_auto =
621 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0);
622 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime;
623 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime;
624
625 /* add the prefix if not yet. */
626 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) {
627 /*
628 * nd6_prelist_add will install the corresponding
629 * interface route.
630 */
631 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0)
632 goto out;
633 if (pr == NULL) {
634 log(LOG_ERR, "nd6_prelist_add succeeded but "
635 "no prefix\n");
636 error = EINVAL;
637 goto out;
638 }
639 }
640
641 /* relate the address to the prefix */
642 if (ia->ia6_ndpr == NULL) {
643 ia->ia6_ndpr = pr;
644 pr->ndpr_refcnt++;
645
646 /*
647 * If this is the first autoconf address from the
648 * prefix, create a temporary address as well
649 * (when required).
650 */
651 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) &&
652 V_ip6_use_tempaddr && pr->ndpr_refcnt == 1) {
653 int e;
654 if ((e = in6_tmpifadd(ia, 1, 0)) != 0) {
655 log(LOG_NOTICE, "in6_control: failed "
656 "to create a temporary address, "
657 "errno=%d\n", e);
658 }
659 }
660 }
661
662 /*
663 * this might affect the status of autoconfigured addresses,
664 * that is, this address might make other addresses detached.
665 */
666 pfxlist_onlink_check();
667 if (error == 0 && ia)
668 EVENTHANDLER_INVOKE(ifaddr_event, ifp);
669 break;
670 }
671
672 case SIOCDIFADDR_IN6:
673 {
674 struct nd_prefix *pr;
675
676 /*
677 * If the address being deleted is the only one that owns
678 * the corresponding prefix, expire the prefix as well.
679 * XXX: theoretically, we don't have to worry about such
680 * relationship, since we separate the address management
681 * and the prefix management. We do this, however, to provide
682 * as much backward compatibility as possible in terms of
683 * the ioctl operation.
684 * Note that in6_purgeaddr() will decrement ndpr_refcnt.
685 */
686 pr = ia->ia6_ndpr;
687 in6_purgeaddr(&ia->ia_ifa);
688 if (pr && pr->ndpr_refcnt == 0)
689 prelist_remove(pr);
690 EVENTHANDLER_INVOKE(ifaddr_event, ifp);
691 break;
692 }
693
694 default:
695 if (ifp == NULL || ifp->if_ioctl == 0) {
696 error = EOPNOTSUPP;
697 goto out;
698 }
699 error = (*ifp->if_ioctl)(ifp, cmd, data);
700 goto out;
701 }
702
703 error = 0;
704 out:
705 if (ia != NULL)
706 ifa_free(&ia->ia_ifa);
707 return (error);
708 }
709
710 /*
711 * Update parameters of an IPv6 interface address.
712 * If necessary, a new entry is created and linked into address chains.
713 * This function is separated from in6_control().
714 * XXX: should this be performed under splnet()?
715 */
716 int
717 in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra,
718 struct in6_ifaddr *ia, int flags)
719 {
720 int error = 0, hostIsNew = 0, plen = -1;
721 struct sockaddr_in6 dst6;
722 struct in6_addrlifetime *lt;
723 struct in6_multi_mship *imm;
724 struct in6_multi *in6m_sol;
725 struct rtentry *rt;
726 int delay;
727 char ip6buf[INET6_ADDRSTRLEN];
728
729 /* Validate parameters */
730 if (ifp == NULL || ifra == NULL) /* this maybe redundant */
731 return (EINVAL);
732
733 /*
734 * The destination address for a p2p link must have a family
735 * of AF_UNSPEC or AF_INET6.
736 */
737 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 &&
738 ifra->ifra_dstaddr.sin6_family != AF_INET6 &&
739 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC)
740 return (EAFNOSUPPORT);
741 /*
742 * validate ifra_prefixmask. don't check sin6_family, netmask
743 * does not carry fields other than sin6_len.
744 */
745 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6))
746 return (EINVAL);
747 /*
748 * Because the IPv6 address architecture is classless, we require
749 * users to specify a (non 0) prefix length (mask) for a new address.
750 * We also require the prefix (when specified) mask is valid, and thus
751 * reject a non-consecutive mask.
752 */
753 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0)
754 return (EINVAL);
755 if (ifra->ifra_prefixmask.sin6_len != 0) {
756 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
757 (u_char *)&ifra->ifra_prefixmask +
758 ifra->ifra_prefixmask.sin6_len);
759 if (plen <= 0)
760 return (EINVAL);
761 } else {
762 /*
763 * In this case, ia must not be NULL. We just use its prefix
764 * length.
765 */
766 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL);
767 }
768 /*
769 * If the destination address on a p2p interface is specified,
770 * and the address is a scoped one, validate/set the scope
771 * zone identifier.
772 */
773 dst6 = ifra->ifra_dstaddr;
774 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 &&
775 (dst6.sin6_family == AF_INET6)) {
776 struct in6_addr in6_tmp;
777 u_int32_t zoneid;
778
779 in6_tmp = dst6.sin6_addr;
780 if (in6_setscope(&in6_tmp, ifp, &zoneid))
781 return (EINVAL); /* XXX: should be impossible */
782
783 if (dst6.sin6_scope_id != 0) {
784 if (dst6.sin6_scope_id != zoneid)
785 return (EINVAL);
786 } else /* user omit to specify the ID. */
787 dst6.sin6_scope_id = zoneid;
788
789 /* convert into the internal form */
790 if (sa6_embedscope(&dst6, 0))
791 return (EINVAL); /* XXX: should be impossible */
792 }
793 /*
794 * The destination address can be specified only for a p2p or a
795 * loopback interface. If specified, the corresponding prefix length
796 * must be 128.
797 */
798 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) {
799 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) {
800 /* XXX: noisy message */
801 nd6log((LOG_INFO, "in6_update_ifa: a destination can "
802 "be specified for a p2p or a loopback IF only\n"));
803 return (EINVAL);
804 }
805 if (plen != 128) {
806 nd6log((LOG_INFO, "in6_update_ifa: prefixlen should "
807 "be 128 when dstaddr is specified\n"));
808 return (EINVAL);
809 }
810 }
811 /* lifetime consistency check */
812 lt = &ifra->ifra_lifetime;
813 if (lt->ia6t_pltime > lt->ia6t_vltime)
814 return (EINVAL);
815 if (lt->ia6t_vltime == 0) {
816 /*
817 * the following log might be noisy, but this is a typical
818 * configuration mistake or a tool's bug.
819 */
820 nd6log((LOG_INFO,
821 "in6_update_ifa: valid lifetime is 0 for %s\n",
822 ip6_sprintf(ip6buf, &ifra->ifra_addr.sin6_addr)));
823
824 if (ia == NULL)
825 return (0); /* there's nothing to do */
826 }
827
828 /*
829 * If this is a new address, allocate a new ifaddr and link it
830 * into chains.
831 */
832 if (ia == NULL) {
833 hostIsNew = 1;
834 /*
835 * When in6_update_ifa() is called in a process of a received
836 * RA, it is called under an interrupt context. So, we should
837 * call malloc with M_NOWAIT.
838 */
839 ia = (struct in6_ifaddr *) malloc(sizeof(*ia), M_IFADDR,
840 M_NOWAIT);
841 if (ia == NULL)
842 return (ENOBUFS);
843 bzero((caddr_t)ia, sizeof(*ia));
844 ifa_init(&ia->ia_ifa);
845 LIST_INIT(&ia->ia6_memberships);
846 /* Initialize the address and masks, and put time stamp */
847 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr;
848 ia->ia_addr.sin6_family = AF_INET6;
849 ia->ia_addr.sin6_len = sizeof(ia->ia_addr);
850 ia->ia6_createtime = time_second;
851 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) {
852 /*
853 * XXX: some functions expect that ifa_dstaddr is not
854 * NULL for p2p interfaces.
855 */
856 ia->ia_ifa.ifa_dstaddr =
857 (struct sockaddr *)&ia->ia_dstaddr;
858 } else {
859 ia->ia_ifa.ifa_dstaddr = NULL;
860 }
861 ia->ia_ifa.ifa_netmask = (struct sockaddr *)&ia->ia_prefixmask;
862 ia->ia_ifp = ifp;
863 ifa_ref(&ia->ia_ifa); /* if_addrhead */
864 IF_ADDR_LOCK(ifp);
865 TAILQ_INSERT_TAIL(&ifp->if_addrhead, &ia->ia_ifa, ifa_link);
866 IF_ADDR_UNLOCK(ifp);
867
868 ifa_ref(&ia->ia_ifa); /* in6_ifaddrhead */
869 IN6_IFADDR_WLOCK();
870 TAILQ_INSERT_TAIL(&V_in6_ifaddrhead, ia, ia_link);
871 IN6_IFADDR_WUNLOCK();
872 }
873
874 /* update timestamp */
875 ia->ia6_updatetime = time_second;
876
877 /* set prefix mask */
878 if (ifra->ifra_prefixmask.sin6_len) {
879 /*
880 * We prohibit changing the prefix length of an existing
881 * address, because
882 * + such an operation should be rare in IPv6, and
883 * + the operation would confuse prefix management.
884 */
885 if (ia->ia_prefixmask.sin6_len &&
886 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) {
887 nd6log((LOG_INFO, "in6_update_ifa: the prefix length of an"
888 " existing (%s) address should not be changed\n",
889 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
890 error = EINVAL;
891 goto unlink;
892 }
893 ia->ia_prefixmask = ifra->ifra_prefixmask;
894 }
895
896 /*
897 * If a new destination address is specified, scrub the old one and
898 * install the new destination. Note that the interface must be
899 * p2p or loopback (see the check above.)
900 */
901 if (dst6.sin6_family == AF_INET6 &&
902 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, &ia->ia_dstaddr.sin6_addr)) {
903 int e;
904
905 if ((ia->ia_flags & IFA_ROUTE) != 0 &&
906 (e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) != 0) {
907 nd6log((LOG_ERR, "in6_update_ifa: failed to remove "
908 "a route to the old destination: %s\n",
909 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
910 /* proceed anyway... */
911 } else
912 ia->ia_flags &= ~IFA_ROUTE;
913 ia->ia_dstaddr = dst6;
914 }
915
916 /*
917 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred
918 * to see if the address is deprecated or invalidated, but initialize
919 * these members for applications.
920 */
921 ia->ia6_lifetime = ifra->ifra_lifetime;
922 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
923 ia->ia6_lifetime.ia6t_expire =
924 time_second + ia->ia6_lifetime.ia6t_vltime;
925 } else
926 ia->ia6_lifetime.ia6t_expire = 0;
927 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
928 ia->ia6_lifetime.ia6t_preferred =
929 time_second + ia->ia6_lifetime.ia6t_pltime;
930 } else
931 ia->ia6_lifetime.ia6t_preferred = 0;
932
933 /* reset the interface and routing table appropriately. */
934 if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0)
935 goto unlink;
936
937 /*
938 * configure address flags.
939 */
940 ia->ia6_flags = ifra->ifra_flags;
941 /*
942 * backward compatibility - if IN6_IFF_DEPRECATED is set from the
943 * userland, make it deprecated.
944 */
945 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) {
946 ia->ia6_lifetime.ia6t_pltime = 0;
947 ia->ia6_lifetime.ia6t_preferred = time_second;
948 }
949 /*
950 * Make the address tentative before joining multicast addresses,
951 * so that corresponding MLD responses would not have a tentative
952 * source address.
953 */
954 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */
955 if (hostIsNew && in6if_do_dad(ifp))
956 ia->ia6_flags |= IN6_IFF_TENTATIVE;
957
958 /*
959 * We are done if we have simply modified an existing address.
960 */
961 if (!hostIsNew)
962 return (error);
963
964 /*
965 * Beyond this point, we should call in6_purgeaddr upon an error,
966 * not just go to unlink.
967 */
968
969 /* Join necessary multicast groups */
970 in6m_sol = NULL;
971 if ((ifp->if_flags & IFF_MULTICAST) != 0) {
972 struct sockaddr_in6 mltaddr, mltmask;
973 struct in6_addr llsol;
974
975 /* join solicited multicast addr for new host id */
976 bzero(&llsol, sizeof(struct in6_addr));
977 llsol.s6_addr32[0] = IPV6_ADDR_INT32_MLL;
978 llsol.s6_addr32[1] = 0;
979 llsol.s6_addr32[2] = htonl(1);
980 llsol.s6_addr32[3] = ifra->ifra_addr.sin6_addr.s6_addr32[3];
981 llsol.s6_addr8[12] = 0xff;
982 if ((error = in6_setscope(&llsol, ifp, NULL)) != 0) {
983 /* XXX: should not happen */
984 log(LOG_ERR, "in6_update_ifa: "
985 "in6_setscope failed\n");
986 goto cleanup;
987 }
988 delay = 0;
989 if ((flags & IN6_IFAUPDATE_DADDELAY)) {
990 /*
991 * We need a random delay for DAD on the address
992 * being configured. It also means delaying
993 * transmission of the corresponding MLD report to
994 * avoid report collision.
995 * [draft-ietf-ipv6-rfc2462bis-02.txt]
996 */
997 delay = arc4random() %
998 (MAX_RTR_SOLICITATION_DELAY * hz);
999 }
1000 imm = in6_joingroup(ifp, &llsol, &error, delay);
1001 if (imm == NULL) {
1002 nd6log((LOG_WARNING,
1003 "in6_update_ifa: addmulti failed for "
1004 "%s on %s (errno=%d)\n",
1005 ip6_sprintf(ip6buf, &llsol), if_name(ifp),
1006 error));
1007 goto cleanup;
1008 }
1009 LIST_INSERT_HEAD(&ia->ia6_memberships,
1010 imm, i6mm_chain);
1011 in6m_sol = imm->i6mm_maddr;
1012
1013 bzero(&mltmask, sizeof(mltmask));
1014 mltmask.sin6_len = sizeof(struct sockaddr_in6);
1015 mltmask.sin6_family = AF_INET6;
1016 mltmask.sin6_addr = in6mask32;
1017 #define MLTMASK_LEN 4 /* mltmask's masklen (=32bit=4octet) */
1018
1019 /*
1020 * join link-local all-nodes address
1021 */
1022 bzero(&mltaddr, sizeof(mltaddr));
1023 mltaddr.sin6_len = sizeof(struct sockaddr_in6);
1024 mltaddr.sin6_family = AF_INET6;
1025 mltaddr.sin6_addr = in6addr_linklocal_allnodes;
1026 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) !=
1027 0)
1028 goto cleanup; /* XXX: should not fail */
1029
1030 /*
1031 * XXX: do we really need this automatic routes?
1032 * We should probably reconsider this stuff. Most applications
1033 * actually do not need the routes, since they usually specify
1034 * the outgoing interface.
1035 */
1036 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL);
1037 if (rt) {
1038 /* XXX: only works in !SCOPEDROUTING case. */
1039 if (memcmp(&mltaddr.sin6_addr,
1040 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr,
1041 MLTMASK_LEN)) {
1042 RTFREE_LOCKED(rt);
1043 rt = NULL;
1044 }
1045 }
1046 if (!rt) {
1047 error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr,
1048 (struct sockaddr *)&ia->ia_addr,
1049 (struct sockaddr *)&mltmask, RTF_UP,
1050 (struct rtentry **)0);
1051 if (error)
1052 goto cleanup;
1053 } else {
1054 RTFREE_LOCKED(rt);
1055 }
1056
1057 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0);
1058 if (!imm) {
1059 nd6log((LOG_WARNING,
1060 "in6_update_ifa: addmulti failed for "
1061 "%s on %s (errno=%d)\n",
1062 ip6_sprintf(ip6buf, &mltaddr.sin6_addr),
1063 if_name(ifp), error));
1064 goto cleanup;
1065 }
1066 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
1067
1068 /*
1069 * join node information group address
1070 */
1071 delay = 0;
1072 if ((flags & IN6_IFAUPDATE_DADDELAY)) {
1073 /*
1074 * The spec doesn't say anything about delay for this
1075 * group, but the same logic should apply.
1076 */
1077 delay = arc4random() %
1078 (MAX_RTR_SOLICITATION_DELAY * hz);
1079 }
1080 if (in6_nigroup(ifp, NULL, -1, &mltaddr.sin6_addr) == 0) {
1081 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error,
1082 delay); /* XXX jinmei */
1083 if (!imm) {
1084 nd6log((LOG_WARNING, "in6_update_ifa: "
1085 "addmulti failed for %s on %s "
1086 "(errno=%d)\n",
1087 ip6_sprintf(ip6buf, &mltaddr.sin6_addr),
1088 if_name(ifp), error));
1089 /* XXX not very fatal, go on... */
1090 } else {
1091 LIST_INSERT_HEAD(&ia->ia6_memberships,
1092 imm, i6mm_chain);
1093 }
1094 }
1095
1096 /*
1097 * join interface-local all-nodes address.
1098 * (ff01::1%ifN, and ff01::%ifN/32)
1099 */
1100 mltaddr.sin6_addr = in6addr_nodelocal_allnodes;
1101 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL))
1102 != 0)
1103 goto cleanup; /* XXX: should not fail */
1104 /* XXX: again, do we really need the route? */
1105 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL);
1106 if (rt) {
1107 if (memcmp(&mltaddr.sin6_addr,
1108 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr,
1109 MLTMASK_LEN)) {
1110 RTFREE_LOCKED(rt);
1111 rt = NULL;
1112 }
1113 }
1114 if (!rt) {
1115 error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr,
1116 (struct sockaddr *)&ia->ia_addr,
1117 (struct sockaddr *)&mltmask, RTF_UP,
1118 (struct rtentry **)0);
1119 if (error)
1120 goto cleanup;
1121 } else
1122 RTFREE_LOCKED(rt);
1123
1124 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0);
1125 if (!imm) {
1126 nd6log((LOG_WARNING, "in6_update_ifa: "
1127 "addmulti failed for %s on %s "
1128 "(errno=%d)\n",
1129 ip6_sprintf(ip6buf, &mltaddr.sin6_addr),
1130 if_name(ifp), error));
1131 goto cleanup;
1132 }
1133 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
1134 #undef MLTMASK_LEN
1135 }
1136
1137 /*
1138 * Perform DAD, if needed.
1139 * XXX It may be of use, if we can administratively
1140 * disable DAD.
1141 */
1142 if (in6if_do_dad(ifp) && ((ifra->ifra_flags & IN6_IFF_NODAD) == 0) &&
1143 (ia->ia6_flags & IN6_IFF_TENTATIVE))
1144 {
1145 int mindelay, maxdelay;
1146
1147 delay = 0;
1148 if ((flags & IN6_IFAUPDATE_DADDELAY)) {
1149 /*
1150 * We need to impose a delay before sending an NS
1151 * for DAD. Check if we also needed a delay for the
1152 * corresponding MLD message. If we did, the delay
1153 * should be larger than the MLD delay (this could be
1154 * relaxed a bit, but this simple logic is at least
1155 * safe).
1156 * XXX: Break data hiding guidelines and look at
1157 * state for the solicited multicast group.
1158 */
1159 mindelay = 0;
1160 if (in6m_sol != NULL &&
1161 in6m_sol->in6m_state == MLD_REPORTING_MEMBER) {
1162 mindelay = in6m_sol->in6m_timer;
1163 }
1164 maxdelay = MAX_RTR_SOLICITATION_DELAY * hz;
1165 if (maxdelay - mindelay == 0)
1166 delay = 0;
1167 else {
1168 delay =
1169 (arc4random() % (maxdelay - mindelay)) +
1170 mindelay;
1171 }
1172 }
1173 nd6_dad_start((struct ifaddr *)ia, delay);
1174 }
1175
1176 KASSERT(hostIsNew, ("in6_update_ifa: !hostIsNew"));
1177 ifa_free(&ia->ia_ifa);
1178 return (error);
1179
1180 unlink:
1181 /*
1182 * XXX: if a change of an existing address failed, keep the entry
1183 * anyway.
1184 */
1185 if (hostIsNew) {
1186 in6_unlink_ifa(ia, ifp);
1187 ifa_free(&ia->ia_ifa);
1188 }
1189 return (error);
1190
1191 cleanup:
1192 KASSERT(hostIsNew, ("in6_update_ifa: cleanup: !hostIsNew"));
1193 ifa_free(&ia->ia_ifa);
1194 in6_purgeaddr(&ia->ia_ifa);
1195 return error;
1196 }
1197
1198 void
1199 in6_purgeaddr(struct ifaddr *ifa)
1200 {
1201 struct ifnet *ifp = ifa->ifa_ifp;
1202 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa;
1203 struct in6_multi_mship *imm;
1204 struct sockaddr_in6 mltaddr, mltmask;
1205 struct rtentry rt0;
1206 struct sockaddr_dl gateway;
1207 struct sockaddr_in6 mask, addr;
1208 int plen, error;
1209 struct rtentry *rt;
1210 struct ifaddr *ifa0;
1211
1212 /*
1213 * find another IPv6 address as the gateway for the
1214 * link-local and node-local all-nodes multicast
1215 * address routes
1216 */
1217 IF_ADDR_LOCK(ifp);
1218 TAILQ_FOREACH(ifa0, &ifp->if_addrhead, ifa_link) {
1219 if ((ifa0->ifa_addr->sa_family != AF_INET6) ||
1220 memcmp(&satosin6(ifa0->ifa_addr)->sin6_addr,
1221 &ia->ia_addr.sin6_addr,
1222 sizeof(struct in6_addr)) == 0)
1223 continue;
1224 else
1225 break;
1226 }
1227 if (ifa0 != NULL)
1228 ifa_ref(ifa0);
1229 IF_ADDR_UNLOCK(ifp);
1230
1231 /*
1232 * Remove the loopback route to the interface address.
1233 * The check for the current setting of "nd6_useloopback"
1234 * is not needed.
1235 */
1236 if (ia->ia_flags & IFA_RTSELF) {
1237 error = ifa_del_loopback_route((struct ifaddr *)ia,
1238 (struct sockaddr *)&ia->ia_addr);
1239 if (error == 0)
1240 ia->ia_flags &= ~IFA_RTSELF;
1241 }
1242
1243 /* stop DAD processing */
1244 nd6_dad_stop(ifa);
1245
1246 IF_AFDATA_LOCK(ifp);
1247 lla_lookup(LLTABLE6(ifp), (LLE_DELETE | LLE_IFADDR),
1248 (struct sockaddr *)&ia->ia_addr);
1249 IF_AFDATA_UNLOCK(ifp);
1250
1251 /*
1252 * initialize for rtmsg generation
1253 */
1254 bzero(&gateway, sizeof(gateway));
1255 gateway.sdl_len = sizeof(gateway);
1256 gateway.sdl_family = AF_LINK;
1257 gateway.sdl_nlen = 0;
1258 gateway.sdl_alen = ifp->if_addrlen;
1259 /* */
1260 bzero(&rt0, sizeof(rt0));
1261 rt0.rt_gateway = (struct sockaddr *)&gateway;
1262 memcpy(&mask, &ia->ia_prefixmask, sizeof(ia->ia_prefixmask));
1263 memcpy(&addr, &ia->ia_addr, sizeof(ia->ia_addr));
1264 rt_mask(&rt0) = (struct sockaddr *)&mask;
1265 rt_key(&rt0) = (struct sockaddr *)&addr;
1266 rt0.rt_flags = RTF_HOST | RTF_STATIC;
1267 rt_newaddrmsg(RTM_DELETE, ifa, 0, &rt0);
1268
1269 /*
1270 * leave from multicast groups we have joined for the interface
1271 */
1272 while ((imm = ia->ia6_memberships.lh_first) != NULL) {
1273 LIST_REMOVE(imm, i6mm_chain);
1274 in6_leavegroup(imm);
1275 }
1276
1277 /*
1278 * remove the link-local all-nodes address
1279 */
1280 bzero(&mltmask, sizeof(mltmask));
1281 mltmask.sin6_len = sizeof(struct sockaddr_in6);
1282 mltmask.sin6_family = AF_INET6;
1283 mltmask.sin6_addr = in6mask32;
1284
1285 bzero(&mltaddr, sizeof(mltaddr));
1286 mltaddr.sin6_len = sizeof(struct sockaddr_in6);
1287 mltaddr.sin6_family = AF_INET6;
1288 mltaddr.sin6_addr = in6addr_linklocal_allnodes;
1289
1290 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0)
1291 goto cleanup;
1292
1293 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL);
1294 if (rt != NULL && rt->rt_gateway != NULL &&
1295 (memcmp(&satosin6(rt->rt_gateway)->sin6_addr,
1296 &ia->ia_addr.sin6_addr,
1297 sizeof(ia->ia_addr.sin6_addr)) == 0)) {
1298 /*
1299 * if no more IPv6 address exists on this interface
1300 * then remove the multicast address route
1301 */
1302 if (ifa0 == NULL) {
1303 memcpy(&mltaddr.sin6_addr, &satosin6(rt_key(rt))->sin6_addr,
1304 sizeof(mltaddr.sin6_addr));
1305 RTFREE_LOCKED(rt);
1306 error = rtrequest(RTM_DELETE, (struct sockaddr *)&mltaddr,
1307 (struct sockaddr *)&ia->ia_addr,
1308 (struct sockaddr *)&mltmask, RTF_UP,
1309 (struct rtentry **)0);
1310 if (error)
1311 log(LOG_INFO, "in6_purgeaddr: link-local all-nodes"
1312 "multicast address deletion error\n");
1313 } else {
1314 /*
1315 * replace the gateway of the route
1316 */
1317 struct sockaddr_in6 sa;
1318
1319 bzero(&sa, sizeof(sa));
1320 sa.sin6_len = sizeof(struct sockaddr_in6);
1321 sa.sin6_family = AF_INET6;
1322 memcpy(&sa.sin6_addr, &satosin6(ifa0->ifa_addr)->sin6_addr,
1323 sizeof(sa.sin6_addr));
1324 in6_setscope(&sa.sin6_addr, ifa0->ifa_ifp, NULL);
1325 memcpy(rt->rt_gateway, &sa, sizeof(sa));
1326 RTFREE_LOCKED(rt);
1327 }
1328 } else {
1329 if (rt != NULL)
1330 RTFREE_LOCKED(rt);
1331 }
1332
1333 /*
1334 * remove the node-local all-nodes address
1335 */
1336 mltaddr.sin6_addr = in6addr_nodelocal_allnodes;
1337 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) !=
1338 0)
1339 goto cleanup;
1340
1341 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL);
1342 if (rt != NULL && rt->rt_gateway != NULL &&
1343 (memcmp(&satosin6(rt->rt_gateway)->sin6_addr,
1344 &ia->ia_addr.sin6_addr,
1345 sizeof(ia->ia_addr.sin6_addr)) == 0)) {
1346 /*
1347 * if no more IPv6 address exists on this interface
1348 * then remove the multicast address route
1349 */
1350 if (ifa0 == NULL) {
1351 memcpy(&mltaddr.sin6_addr, &satosin6(rt_key(rt))->sin6_addr,
1352 sizeof(mltaddr.sin6_addr));
1353
1354 RTFREE_LOCKED(rt);
1355 error = rtrequest(RTM_DELETE, (struct sockaddr *)&mltaddr,
1356 (struct sockaddr *)&ia->ia_addr,
1357 (struct sockaddr *)&mltmask, RTF_UP,
1358 (struct rtentry **)0);
1359
1360 if (error)
1361 log(LOG_INFO, "in6_purgeaddr: node-local all-nodes"
1362 "multicast address deletion error\n");
1363 } else {
1364 /*
1365 * replace the gateway of the route
1366 */
1367 struct sockaddr_in6 sa;
1368
1369 bzero(&sa, sizeof(sa));
1370 sa.sin6_len = sizeof(struct sockaddr_in6);
1371 sa.sin6_family = AF_INET6;
1372 memcpy(&sa.sin6_addr, &satosin6(ifa0->ifa_addr)->sin6_addr,
1373 sizeof(sa.sin6_addr));
1374 in6_setscope(&sa.sin6_addr, ifa0->ifa_ifp, NULL);
1375 memcpy(rt->rt_gateway, &sa, sizeof(sa));
1376 RTFREE_LOCKED(rt);
1377 }
1378 } else {
1379 if (rt != NULL)
1380 RTFREE_LOCKED(rt);
1381 }
1382
1383 cleanup:
1384 if (ifa0 != NULL)
1385 ifa_free(ifa0);
1386
1387 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */
1388 if ((ia->ia_flags & IFA_ROUTE) && plen == 128) {
1389 int error;
1390 struct sockaddr *dstaddr;
1391
1392 /*
1393 * use the interface address if configuring an
1394 * interface address with a /128 prefix len
1395 */
1396 if (ia->ia_dstaddr.sin6_family == AF_INET6)
1397 dstaddr = (struct sockaddr *)&ia->ia_dstaddr;
1398 else
1399 dstaddr = (struct sockaddr *)&ia->ia_addr;
1400
1401 error = rtrequest(RTM_DELETE,
1402 (struct sockaddr *)dstaddr,
1403 (struct sockaddr *)&ia->ia_addr,
1404 (struct sockaddr *)&ia->ia_prefixmask,
1405 ia->ia_flags | RTF_HOST, NULL);
1406 if (error != 0)
1407 return;
1408 ia->ia_flags &= ~IFA_ROUTE;
1409 }
1410
1411 in6_unlink_ifa(ia, ifp);
1412 }
1413
1414 static void
1415 in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp)
1416 {
1417 int s = splnet();
1418
1419 IF_ADDR_LOCK(ifp);
1420 TAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifa_link);
1421 IF_ADDR_UNLOCK(ifp);
1422 ifa_free(&ia->ia_ifa); /* if_addrhead */
1423
1424 /*
1425 * Defer the release of what might be the last reference to the
1426 * in6_ifaddr so that it can't be freed before the remainder of the
1427 * cleanup.
1428 */
1429 IN6_IFADDR_WLOCK();
1430 TAILQ_REMOVE(&V_in6_ifaddrhead, ia, ia_link);
1431 IN6_IFADDR_WUNLOCK();
1432
1433 /*
1434 * Release the reference to the base prefix. There should be a
1435 * positive reference.
1436 */
1437 if (ia->ia6_ndpr == NULL) {
1438 nd6log((LOG_NOTICE,
1439 "in6_unlink_ifa: autoconf'ed address "
1440 "%p has no prefix\n", ia));
1441 } else {
1442 ia->ia6_ndpr->ndpr_refcnt--;
1443 ia->ia6_ndpr = NULL;
1444 }
1445
1446 /*
1447 * Also, if the address being removed is autoconf'ed, call
1448 * pfxlist_onlink_check() since the release might affect the status of
1449 * other (detached) addresses.
1450 */
1451 if ((ia->ia6_flags & IN6_IFF_AUTOCONF)) {
1452 pfxlist_onlink_check();
1453 }
1454 ifa_free(&ia->ia_ifa); /* in6_ifaddrhead */
1455 splx(s);
1456 }
1457
1458 void
1459 in6_purgeif(struct ifnet *ifp)
1460 {
1461 struct ifaddr *ifa, *nifa;
1462
1463 TAILQ_FOREACH_SAFE(ifa, &ifp->if_addrhead, ifa_link, nifa) {
1464 if (ifa->ifa_addr->sa_family != AF_INET6)
1465 continue;
1466 in6_purgeaddr(ifa);
1467 }
1468
1469 in6_ifdetach(ifp);
1470 }
1471
1472 /*
1473 * SIOC[GAD]LIFADDR.
1474 * SIOCGLIFADDR: get first address. (?)
1475 * SIOCGLIFADDR with IFLR_PREFIX:
1476 * get first address that matches the specified prefix.
1477 * SIOCALIFADDR: add the specified address.
1478 * SIOCALIFADDR with IFLR_PREFIX:
1479 * add the specified prefix, filling hostid part from
1480 * the first link-local address. prefixlen must be <= 64.
1481 * SIOCDLIFADDR: delete the specified address.
1482 * SIOCDLIFADDR with IFLR_PREFIX:
1483 * delete the first address that matches the specified prefix.
1484 * return values:
1485 * EINVAL on invalid parameters
1486 * EADDRNOTAVAIL on prefix match failed/specified address not found
1487 * other values may be returned from in6_ioctl()
1488 *
1489 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64.
1490 * this is to accomodate address naming scheme other than RFC2374,
1491 * in the future.
1492 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374
1493 * address encoding scheme. (see figure on page 8)
1494 */
1495 static int
1496 in6_lifaddr_ioctl(struct socket *so, u_long cmd, caddr_t data,
1497 struct ifnet *ifp, struct thread *td)
1498 {
1499 struct if_laddrreq *iflr = (struct if_laddrreq *)data;
1500 struct ifaddr *ifa;
1501 struct sockaddr *sa;
1502
1503 /* sanity checks */
1504 if (!data || !ifp) {
1505 panic("invalid argument to in6_lifaddr_ioctl");
1506 /* NOTREACHED */
1507 }
1508
1509 switch (cmd) {
1510 case SIOCGLIFADDR:
1511 /* address must be specified on GET with IFLR_PREFIX */
1512 if ((iflr->flags & IFLR_PREFIX) == 0)
1513 break;
1514 /* FALLTHROUGH */
1515 case SIOCALIFADDR:
1516 case SIOCDLIFADDR:
1517 /* address must be specified on ADD and DELETE */
1518 sa = (struct sockaddr *)&iflr->addr;
1519 if (sa->sa_family != AF_INET6)
1520 return EINVAL;
1521 if (sa->sa_len != sizeof(struct sockaddr_in6))
1522 return EINVAL;
1523 /* XXX need improvement */
1524 sa = (struct sockaddr *)&iflr->dstaddr;
1525 if (sa->sa_family && sa->sa_family != AF_INET6)
1526 return EINVAL;
1527 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6))
1528 return EINVAL;
1529 break;
1530 default: /* shouldn't happen */
1531 #if 0
1532 panic("invalid cmd to in6_lifaddr_ioctl");
1533 /* NOTREACHED */
1534 #else
1535 return EOPNOTSUPP;
1536 #endif
1537 }
1538 if (sizeof(struct in6_addr) * 8 < iflr->prefixlen)
1539 return EINVAL;
1540
1541 switch (cmd) {
1542 case SIOCALIFADDR:
1543 {
1544 struct in6_aliasreq ifra;
1545 struct in6_addr *hostid = NULL;
1546 int prefixlen;
1547
1548 ifa = NULL;
1549 if ((iflr->flags & IFLR_PREFIX) != 0) {
1550 struct sockaddr_in6 *sin6;
1551
1552 /*
1553 * hostid is to fill in the hostid part of the
1554 * address. hostid points to the first link-local
1555 * address attached to the interface.
1556 */
1557 ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 0);
1558 if (!ifa)
1559 return EADDRNOTAVAIL;
1560 hostid = IFA_IN6(ifa);
1561
1562 /* prefixlen must be <= 64. */
1563 if (64 < iflr->prefixlen) {
1564 if (ifa != NULL)
1565 ifa_free(ifa);
1566 return EINVAL;
1567 }
1568 prefixlen = iflr->prefixlen;
1569
1570 /* hostid part must be zero. */
1571 sin6 = (struct sockaddr_in6 *)&iflr->addr;
1572 if (sin6->sin6_addr.s6_addr32[2] != 0 ||
1573 sin6->sin6_addr.s6_addr32[3] != 0) {
1574 if (ifa != NULL)
1575 ifa_free(ifa);
1576 return EINVAL;
1577 }
1578 } else
1579 prefixlen = iflr->prefixlen;
1580
1581 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */
1582 bzero(&ifra, sizeof(ifra));
1583 bcopy(iflr->iflr_name, ifra.ifra_name, sizeof(ifra.ifra_name));
1584
1585 bcopy(&iflr->addr, &ifra.ifra_addr,
1586 ((struct sockaddr *)&iflr->addr)->sa_len);
1587 if (hostid) {
1588 /* fill in hostid part */
1589 ifra.ifra_addr.sin6_addr.s6_addr32[2] =
1590 hostid->s6_addr32[2];
1591 ifra.ifra_addr.sin6_addr.s6_addr32[3] =
1592 hostid->s6_addr32[3];
1593 }
1594
1595 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /* XXX */
1596 bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr,
1597 ((struct sockaddr *)&iflr->dstaddr)->sa_len);
1598 if (hostid) {
1599 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] =
1600 hostid->s6_addr32[2];
1601 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] =
1602 hostid->s6_addr32[3];
1603 }
1604 }
1605 if (ifa != NULL)
1606 ifa_free(ifa);
1607
1608 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6);
1609 in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen);
1610
1611 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX;
1612 return in6_control(so, SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp, td);
1613 }
1614 case SIOCGLIFADDR:
1615 case SIOCDLIFADDR:
1616 {
1617 struct in6_ifaddr *ia;
1618 struct in6_addr mask, candidate, match;
1619 struct sockaddr_in6 *sin6;
1620 int cmp;
1621
1622 bzero(&mask, sizeof(mask));
1623 if (iflr->flags & IFLR_PREFIX) {
1624 /* lookup a prefix rather than address. */
1625 in6_prefixlen2mask(&mask, iflr->prefixlen);
1626
1627 sin6 = (struct sockaddr_in6 *)&iflr->addr;
1628 bcopy(&sin6->sin6_addr, &match, sizeof(match));
1629 match.s6_addr32[0] &= mask.s6_addr32[0];
1630 match.s6_addr32[1] &= mask.s6_addr32[1];
1631 match.s6_addr32[2] &= mask.s6_addr32[2];
1632 match.s6_addr32[3] &= mask.s6_addr32[3];
1633
1634 /* if you set extra bits, that's wrong */
1635 if (bcmp(&match, &sin6->sin6_addr, sizeof(match)))
1636 return EINVAL;
1637
1638 cmp = 1;
1639 } else {
1640 if (cmd == SIOCGLIFADDR) {
1641 /* on getting an address, take the 1st match */
1642 cmp = 0; /* XXX */
1643 } else {
1644 /* on deleting an address, do exact match */
1645 in6_prefixlen2mask(&mask, 128);
1646 sin6 = (struct sockaddr_in6 *)&iflr->addr;
1647 bcopy(&sin6->sin6_addr, &match, sizeof(match));
1648
1649 cmp = 1;
1650 }
1651 }
1652
1653 IF_ADDR_LOCK(ifp);
1654 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1655 if (ifa->ifa_addr->sa_family != AF_INET6)
1656 continue;
1657 if (!cmp)
1658 break;
1659
1660 /*
1661 * XXX: this is adhoc, but is necessary to allow
1662 * a user to specify fe80::/64 (not /10) for a
1663 * link-local address.
1664 */
1665 bcopy(IFA_IN6(ifa), &candidate, sizeof(candidate));
1666 in6_clearscope(&candidate);
1667 candidate.s6_addr32[0] &= mask.s6_addr32[0];
1668 candidate.s6_addr32[1] &= mask.s6_addr32[1];
1669 candidate.s6_addr32[2] &= mask.s6_addr32[2];
1670 candidate.s6_addr32[3] &= mask.s6_addr32[3];
1671 if (IN6_ARE_ADDR_EQUAL(&candidate, &match))
1672 break;
1673 }
1674 if (ifa != NULL)
1675 ifa_ref(ifa);
1676 IF_ADDR_UNLOCK(ifp);
1677 if (!ifa)
1678 return EADDRNOTAVAIL;
1679 ia = ifa2ia6(ifa);
1680
1681 if (cmd == SIOCGLIFADDR) {
1682 int error;
1683
1684 /* fill in the if_laddrreq structure */
1685 bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin6_len);
1686 error = sa6_recoverscope(
1687 (struct sockaddr_in6 *)&iflr->addr);
1688 if (error != 0) {
1689 ifa_free(ifa);
1690 return (error);
1691 }
1692
1693 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) {
1694 bcopy(&ia->ia_dstaddr, &iflr->dstaddr,
1695 ia->ia_dstaddr.sin6_len);
1696 error = sa6_recoverscope(
1697 (struct sockaddr_in6 *)&iflr->dstaddr);
1698 if (error != 0) {
1699 ifa_free(ifa);
1700 return (error);
1701 }
1702 } else
1703 bzero(&iflr->dstaddr, sizeof(iflr->dstaddr));
1704
1705 iflr->prefixlen =
1706 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL);
1707
1708 iflr->flags = ia->ia6_flags; /* XXX */
1709 ifa_free(ifa);
1710
1711 return 0;
1712 } else {
1713 struct in6_aliasreq ifra;
1714
1715 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */
1716 bzero(&ifra, sizeof(ifra));
1717 bcopy(iflr->iflr_name, ifra.ifra_name,
1718 sizeof(ifra.ifra_name));
1719
1720 bcopy(&ia->ia_addr, &ifra.ifra_addr,
1721 ia->ia_addr.sin6_len);
1722 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) {
1723 bcopy(&ia->ia_dstaddr, &ifra.ifra_dstaddr,
1724 ia->ia_dstaddr.sin6_len);
1725 } else {
1726 bzero(&ifra.ifra_dstaddr,
1727 sizeof(ifra.ifra_dstaddr));
1728 }
1729 bcopy(&ia->ia_prefixmask, &ifra.ifra_dstaddr,
1730 ia->ia_prefixmask.sin6_len);
1731
1732 ifra.ifra_flags = ia->ia6_flags;
1733 ifa_free(ifa);
1734 return in6_control(so, SIOCDIFADDR_IN6, (caddr_t)&ifra,
1735 ifp, td);
1736 }
1737 }
1738 }
1739
1740 return EOPNOTSUPP; /* just for safety */
1741 }
1742
1743 /*
1744 * Initialize an interface's intetnet6 address
1745 * and routing table entry.
1746 */
1747 static int
1748 in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia,
1749 struct sockaddr_in6 *sin6, int newhost)
1750 {
1751 int error = 0, plen, ifacount = 0;
1752 int s = splimp();
1753 struct ifaddr *ifa;
1754
1755 /*
1756 * Give the interface a chance to initialize
1757 * if this is its first address,
1758 * and to validate the address if necessary.
1759 */
1760 IF_ADDR_LOCK(ifp);
1761 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1762 if (ifa->ifa_addr->sa_family != AF_INET6)
1763 continue;
1764 ifacount++;
1765 }
1766 IF_ADDR_UNLOCK(ifp);
1767
1768 ia->ia_addr = *sin6;
1769
1770 if (ifacount <= 1 && ifp->if_ioctl) {
1771 error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia);
1772 if (error) {
1773 splx(s);
1774 return (error);
1775 }
1776 }
1777 splx(s);
1778
1779 ia->ia_ifa.ifa_metric = ifp->if_metric;
1780
1781 /* we could do in(6)_socktrim here, but just omit it at this moment. */
1782
1783 /*
1784 * Special case:
1785 * If a new destination address is specified for a point-to-point
1786 * interface, install a route to the destination as an interface
1787 * direct route.
1788 * XXX: the logic below rejects assigning multiple addresses on a p2p
1789 * interface that share the same destination.
1790 */
1791 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */
1792 if (!(ia->ia_flags & IFA_ROUTE) && plen == 128 &&
1793 ia->ia_dstaddr.sin6_family == AF_INET6) {
1794 int rtflags = RTF_UP | RTF_HOST;
1795
1796 error = rtrequest(RTM_ADD,
1797 (struct sockaddr *)&ia->ia_dstaddr,
1798 (struct sockaddr *)&ia->ia_addr,
1799 (struct sockaddr *)&ia->ia_prefixmask,
1800 ia->ia_flags | rtflags, NULL);
1801 if (error != 0)
1802 return (error);
1803 ia->ia_flags |= IFA_ROUTE;
1804 /*
1805 * Handle the case for ::1 .
1806 */
1807 if (ifp->if_flags & IFF_LOOPBACK)
1808 ia->ia_flags |= IFA_RTSELF;
1809 }
1810
1811 /*
1812 * add a loopback route to self
1813 */
1814 if (!(ia->ia_flags & IFA_RTSELF) && V_nd6_useloopback) {
1815 error = ifa_add_loopback_route((struct ifaddr *)ia,
1816 (struct sockaddr *)&ia->ia_addr);
1817 if (error == 0)
1818 ia->ia_flags |= IFA_RTSELF;
1819 }
1820
1821 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */
1822 if (newhost) {
1823 struct llentry *ln;
1824 struct rtentry rt;
1825 struct sockaddr_dl gateway;
1826 struct sockaddr_in6 mask, addr;
1827
1828 IF_AFDATA_LOCK(ifp);
1829 ia->ia_ifa.ifa_rtrequest = nd6_rtrequest;
1830 ln = lla_lookup(LLTABLE6(ifp), (LLE_CREATE | LLE_IFADDR | LLE_EXCLUSIVE),
1831 (struct sockaddr *)&ia->ia_addr);
1832 IF_AFDATA_UNLOCK(ifp);
1833 if (ln != NULL) {
1834 ln->la_expire = 0; /* for IPv6 this means permanent */
1835 ln->ln_state = ND6_LLINFO_REACHABLE;
1836 /*
1837 * initialize for rtmsg generation
1838 */
1839 bzero(&gateway, sizeof(gateway));
1840 gateway.sdl_len = sizeof(gateway);
1841 gateway.sdl_family = AF_LINK;
1842 gateway.sdl_nlen = 0;
1843 gateway.sdl_alen = 6;
1844 memcpy(gateway.sdl_data, &ln->ll_addr.mac_aligned, sizeof(ln->ll_addr));
1845 /* */
1846 LLE_WUNLOCK(ln);
1847 }
1848
1849 bzero(&rt, sizeof(rt));
1850 rt.rt_gateway = (struct sockaddr *)&gateway;
1851 memcpy(&mask, &ia->ia_prefixmask, sizeof(ia->ia_prefixmask));
1852 memcpy(&addr, &ia->ia_addr, sizeof(ia->ia_addr));
1853 rt_mask(&rt) = (struct sockaddr *)&mask;
1854 rt_key(&rt) = (struct sockaddr *)&addr;
1855 rt.rt_flags = RTF_UP | RTF_HOST | RTF_STATIC;
1856 rt_newaddrmsg(RTM_ADD, &ia->ia_ifa, 0, &rt);
1857 }
1858
1859 return (error);
1860 }
1861
1862 /*
1863 * Find an IPv6 interface link-local address specific to an interface.
1864 * ifaddr is returned referenced.
1865 */
1866 struct in6_ifaddr *
1867 in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags)
1868 {
1869 struct ifaddr *ifa;
1870
1871 IF_ADDR_LOCK(ifp);
1872 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1873 if (ifa->ifa_addr->sa_family != AF_INET6)
1874 continue;
1875 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) {
1876 if ((((struct in6_ifaddr *)ifa)->ia6_flags &
1877 ignoreflags) != 0)
1878 continue;
1879 ifa_ref(ifa);
1880 break;
1881 }
1882 }
1883 IF_ADDR_UNLOCK(ifp);
1884
1885 return ((struct in6_ifaddr *)ifa);
1886 }
1887
1888
1889 /*
1890 * find the internet address corresponding to a given interface and address.
1891 * ifaddr is returned referenced.
1892 */
1893 struct in6_ifaddr *
1894 in6ifa_ifpwithaddr(struct ifnet *ifp, struct in6_addr *addr)
1895 {
1896 struct ifaddr *ifa;
1897
1898 IF_ADDR_LOCK(ifp);
1899 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1900 if (ifa->ifa_addr->sa_family != AF_INET6)
1901 continue;
1902 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) {
1903 ifa_ref(ifa);
1904 break;
1905 }
1906 }
1907 IF_ADDR_UNLOCK(ifp);
1908
1909 return ((struct in6_ifaddr *)ifa);
1910 }
1911
1912 /*
1913 * Convert IP6 address to printable (loggable) representation. Caller
1914 * has to make sure that ip6buf is at least INET6_ADDRSTRLEN long.
1915 */
1916 static char digits[] = "0123456789abcdef";
1917 char *
1918 ip6_sprintf(char *ip6buf, const struct in6_addr *addr)
1919 {
1920 int i;
1921 char *cp;
1922 const u_int16_t *a = (const u_int16_t *)addr;
1923 const u_int8_t *d;
1924 int dcolon = 0, zero = 0;
1925
1926 cp = ip6buf;
1927
1928 for (i = 0; i < 8; i++) {
1929 if (dcolon == 1) {
1930 if (*a == 0) {
1931 if (i == 7)
1932 *cp++ = ':';
1933 a++;
1934 continue;
1935 } else
1936 dcolon = 2;
1937 }
1938 if (*a == 0) {
1939 if (dcolon == 0 && *(a + 1) == 0) {
1940 if (i == 0)
1941 *cp++ = ':';
1942 *cp++ = ':';
1943 dcolon = 1;
1944 } else {
1945 *cp++ = '';
1946 *cp++ = ':';
1947 }
1948 a++;
1949 continue;
1950 }
1951 d = (const u_char *)a;
1952 /* Try to eliminate leading zeros in printout like in :0001. */
1953 zero = 1;
1954 *cp = digits[*d >> 4];
1955 if (*cp != '') {
1956 zero = 0;
1957 cp++;
1958 }
1959 *cp = digits[*d++ & 0xf];
1960 if (zero == 0 || (*cp != '')) {
1961 zero = 0;
1962 cp++;
1963 }
1964 *cp = digits[*d >> 4];
1965 if (zero == 0 || (*cp != '')) {
1966 zero = 0;
1967 cp++;
1968 }
1969 *cp++ = digits[*d & 0xf];
1970 *cp++ = ':';
1971 a++;
1972 }
1973 *--cp = '\0';
1974 return (ip6buf);
1975 }
1976
1977 int
1978 in6_localaddr(struct in6_addr *in6)
1979 {
1980 struct in6_ifaddr *ia;
1981
1982 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6))
1983 return 1;
1984
1985 IN6_IFADDR_RLOCK();
1986 TAILQ_FOREACH(ia, &V_in6_ifaddrhead, ia_link) {
1987 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr,
1988 &ia->ia_prefixmask.sin6_addr)) {
1989 IN6_IFADDR_RUNLOCK();
1990 return 1;
1991 }
1992 }
1993 IN6_IFADDR_RUNLOCK();
1994
1995 return (0);
1996 }
1997
1998 int
1999 in6_is_addr_deprecated(struct sockaddr_in6 *sa6)
2000 {
2001 struct in6_ifaddr *ia;
2002
2003 IN6_IFADDR_RLOCK();
2004 TAILQ_FOREACH(ia, &V_in6_ifaddrhead, ia_link) {
2005 if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr,
2006 &sa6->sin6_addr) &&
2007 (ia->ia6_flags & IN6_IFF_DEPRECATED) != 0) {
2008 IN6_IFADDR_RUNLOCK();
2009 return (1); /* true */
2010 }
2011
2012 /* XXX: do we still have to go thru the rest of the list? */
2013 }
2014 IN6_IFADDR_RUNLOCK();
2015
2016 return (0); /* false */
2017 }
2018
2019 /*
2020 * return length of part which dst and src are equal
2021 * hard coding...
2022 */
2023 int
2024 in6_matchlen(struct in6_addr *src, struct in6_addr *dst)
2025 {
2026 int match = 0;
2027 u_char *s = (u_char *)src, *d = (u_char *)dst;
2028 u_char *lim = s + 16, r;
2029
2030 while (s < lim)
2031 if ((r = (*d++ ^ *s++)) != 0) {
2032 while (r < 128) {
2033 match++;
2034 r <<= 1;
2035 }
2036 break;
2037 } else
2038 match += 8;
2039 return match;
2040 }
2041
2042 /* XXX: to be scope conscious */
2043 int
2044 in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len)
2045 {
2046 int bytelen, bitlen;
2047
2048 /* sanity check */
2049 if (0 > len || len > 128) {
2050 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n",
2051 len);
2052 return (0);
2053 }
2054
2055 bytelen = len / 8;
2056 bitlen = len % 8;
2057
2058 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen))
2059 return (0);
2060 if (bitlen != 0 &&
2061 p1->s6_addr[bytelen] >> (8 - bitlen) !=
2062 p2->s6_addr[bytelen] >> (8 - bitlen))
2063 return (0);
2064
2065 return (1);
2066 }
2067
2068 void
2069 in6_prefixlen2mask(struct in6_addr *maskp, int len)
2070 {
2071 u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff};
2072 int bytelen, bitlen, i;
2073
2074 /* sanity check */
2075 if (0 > len || len > 128) {
2076 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n",
2077 len);
2078 return;
2079 }
2080
2081 bzero(maskp, sizeof(*maskp));
2082 bytelen = len / 8;
2083 bitlen = len % 8;
2084 for (i = 0; i < bytelen; i++)
2085 maskp->s6_addr[i] = 0xff;
2086 if (bitlen)
2087 maskp->s6_addr[bytelen] = maskarray[bitlen - 1];
2088 }
2089
2090 /*
2091 * return the best address out of the same scope. if no address was
2092 * found, return the first valid address from designated IF.
2093 */
2094 struct in6_ifaddr *
2095 in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst)
2096 {
2097 int dst_scope = in6_addrscope(dst), blen = -1, tlen;
2098 struct ifaddr *ifa;
2099 struct in6_ifaddr *besta = 0;
2100 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */
2101
2102 dep[0] = dep[1] = NULL;
2103
2104 /*
2105 * We first look for addresses in the same scope.
2106 * If there is one, return it.
2107 * If two or more, return one which matches the dst longest.
2108 * If none, return one of global addresses assigned other ifs.
2109 */
2110 IF_ADDR_LOCK(ifp);
2111 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2112 if (ifa->ifa_addr->sa_family != AF_INET6)
2113 continue;
2114 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
2115 continue; /* XXX: is there any case to allow anycast? */
2116 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
2117 continue; /* don't use this interface */
2118 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
2119 continue;
2120 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
2121 if (V_ip6_use_deprecated)
2122 dep[0] = (struct in6_ifaddr *)ifa;
2123 continue;
2124 }
2125
2126 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) {
2127 /*
2128 * call in6_matchlen() as few as possible
2129 */
2130 if (besta) {
2131 if (blen == -1)
2132 blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst);
2133 tlen = in6_matchlen(IFA_IN6(ifa), dst);
2134 if (tlen > blen) {
2135 blen = tlen;
2136 besta = (struct in6_ifaddr *)ifa;
2137 }
2138 } else
2139 besta = (struct in6_ifaddr *)ifa;
2140 }
2141 }
2142 if (besta) {
2143 ifa_ref(&besta->ia_ifa);
2144 IF_ADDR_UNLOCK(ifp);
2145 return (besta);
2146 }
2147
2148 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2149 if (ifa->ifa_addr->sa_family != AF_INET6)
2150 continue;
2151 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
2152 continue; /* XXX: is there any case to allow anycast? */
2153 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
2154 continue; /* don't use this interface */
2155 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
2156 continue;
2157 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
2158 if (V_ip6_use_deprecated)
2159 dep[1] = (struct in6_ifaddr *)ifa;
2160 continue;
2161 }
2162
2163 if (ifa != NULL)
2164 ifa_ref(ifa);
2165 IF_ADDR_UNLOCK(ifp);
2166 return (struct in6_ifaddr *)ifa;
2167 }
2168
2169 /* use the last-resort values, that are, deprecated addresses */
2170 if (dep[0]) {
2171 ifa_ref((struct ifaddr *)dep[0]);
2172 IF_ADDR_UNLOCK(ifp);
2173 return dep[0];
2174 }
2175 if (dep[1]) {
2176 ifa_ref((struct ifaddr *)dep[1]);
2177 IF_ADDR_UNLOCK(ifp);
2178 return dep[1];
2179 }
2180
2181 IF_ADDR_UNLOCK(ifp);
2182 return NULL;
2183 }
2184
2185 /*
2186 * perform DAD when interface becomes IFF_UP.
2187 */
2188 void
2189 in6_if_up(struct ifnet *ifp)
2190 {
2191 struct ifaddr *ifa;
2192 struct in6_ifaddr *ia;
2193
2194 IF_ADDR_LOCK(ifp);
2195 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2196 if (ifa->ifa_addr->sa_family != AF_INET6)
2197 continue;
2198 ia = (struct in6_ifaddr *)ifa;
2199 if (ia->ia6_flags & IN6_IFF_TENTATIVE) {
2200 /*
2201 * The TENTATIVE flag was likely set by hand
2202 * beforehand, implicitly indicating the need for DAD.
2203 * We may be able to skip the random delay in this
2204 * case, but we impose delays just in case.
2205 */
2206 nd6_dad_start(ifa,
2207 arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz));
2208 }
2209 }
2210 IF_ADDR_UNLOCK(ifp);
2211
2212 /*
2213 * special cases, like 6to4, are handled in in6_ifattach
2214 */
2215 in6_ifattach(ifp, NULL);
2216 }
2217
2218 int
2219 in6if_do_dad(struct ifnet *ifp)
2220 {
2221 if ((ifp->if_flags & IFF_LOOPBACK) != 0)
2222 return (0);
2223
2224 switch (ifp->if_type) {
2225 #ifdef IFT_DUMMY
2226 case IFT_DUMMY:
2227 #endif
2228 case IFT_FAITH:
2229 /*
2230 * These interfaces do not have the IFF_LOOPBACK flag,
2231 * but loop packets back. We do not have to do DAD on such
2232 * interfaces. We should even omit it, because loop-backed
2233 * NS would confuse the DAD procedure.
2234 */
2235 return (0);
2236 default:
2237 /*
2238 * Our DAD routine requires the interface up and running.
2239 * However, some interfaces can be up before the RUNNING
2240 * status. Additionaly, users may try to assign addresses
2241 * before the interface becomes up (or running).
2242 * We simply skip DAD in such a case as a work around.
2243 * XXX: we should rather mark "tentative" on such addresses,
2244 * and do DAD after the interface becomes ready.
2245 */
2246 if (!((ifp->if_flags & IFF_UP) &&
2247 (ifp->if_drv_flags & IFF_DRV_RUNNING)))
2248 return (0);
2249
2250 return (1);
2251 }
2252 }
2253
2254 /*
2255 * Calculate max IPv6 MTU through all the interfaces and store it
2256 * to in6_maxmtu.
2257 */
2258 void
2259 in6_setmaxmtu(void)
2260 {
2261 unsigned long maxmtu = 0;
2262 struct ifnet *ifp;
2263
2264 IFNET_RLOCK_NOSLEEP();
2265 for (ifp = TAILQ_FIRST(&V_ifnet); ifp;
2266 ifp = TAILQ_NEXT(ifp, if_list)) {
2267 /* this function can be called during ifnet initialization */
2268 if (!ifp->if_afdata[AF_INET6])
2269 continue;
2270 if ((ifp->if_flags & IFF_LOOPBACK) == 0 &&
2271 IN6_LINKMTU(ifp) > maxmtu)
2272 maxmtu = IN6_LINKMTU(ifp);
2273 }
2274 IFNET_RUNLOCK_NOSLEEP();
2275 if (maxmtu) /* update only when maxmtu is positive */
2276 V_in6_maxmtu = maxmtu;
2277 }
2278
2279 /*
2280 * Provide the length of interface identifiers to be used for the link attached
2281 * to the given interface. The length should be defined in "IPv6 over
2282 * xxx-link" document. Note that address architecture might also define
2283 * the length for a particular set of address prefixes, regardless of the
2284 * link type. As clarified in rfc2462bis, those two definitions should be
2285 * consistent, and those really are as of August 2004.
2286 */
2287 int
2288 in6_if2idlen(struct ifnet *ifp)
2289 {
2290 switch (ifp->if_type) {
2291 case IFT_ETHER: /* RFC2464 */
2292 #ifdef IFT_PROPVIRTUAL
2293 case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */
2294 #endif
2295 #ifdef IFT_L2VLAN
2296 case IFT_L2VLAN: /* ditto */
2297 #endif
2298 #ifdef IFT_IEEE80211
2299 case IFT_IEEE80211: /* ditto */
2300 #endif
2301 #ifdef IFT_MIP
2302 case IFT_MIP: /* ditto */
2303 #endif
2304 return (64);
2305 case IFT_FDDI: /* RFC2467 */
2306 return (64);
2307 case IFT_ISO88025: /* RFC2470 (IPv6 over Token Ring) */
2308 return (64);
2309 case IFT_PPP: /* RFC2472 */
2310 return (64);
2311 case IFT_ARCNET: /* RFC2497 */
2312 return (64);
2313 case IFT_FRELAY: /* RFC2590 */
2314 return (64);
2315 case IFT_IEEE1394: /* RFC3146 */
2316 return (64);
2317 case IFT_GIF:
2318 return (64); /* draft-ietf-v6ops-mech-v2-07 */
2319 case IFT_LOOP:
2320 return (64); /* XXX: is this really correct? */
2321 default:
2322 /*
2323 * Unknown link type:
2324 * It might be controversial to use the today's common constant
2325 * of 64 for these cases unconditionally. For full compliance,
2326 * we should return an error in this case. On the other hand,
2327 * if we simply miss the standard for the link type or a new
2328 * standard is defined for a new link type, the IFID length
2329 * is very likely to be the common constant. As a compromise,
2330 * we always use the constant, but make an explicit notice
2331 * indicating the "unknown" case.
2332 */
2333 printf("in6_if2idlen: unknown link type (%d)\n", ifp->if_type);
2334 return (64);
2335 }
2336 }
2337
2338 #include <sys/sysctl.h>
2339
2340 struct in6_llentry {
2341 struct llentry base;
2342 struct sockaddr_in6 l3_addr6;
2343 };
2344
2345 static struct llentry *
2346 in6_lltable_new(const struct sockaddr *l3addr, u_int flags)
2347 {
2348 struct in6_llentry *lle;
2349
2350 lle = malloc(sizeof(struct in6_llentry), M_LLTABLE,
2351 M_DONTWAIT | M_ZERO);
2352 if (lle == NULL) /* NB: caller generates msg */
2353 return NULL;
2354
2355 lle->l3_addr6 = *(const struct sockaddr_in6 *)l3addr;
2356 lle->base.lle_refcnt = 1;
2357 LLE_LOCK_INIT(&lle->base);
2358 callout_init_rw(&lle->base.ln_timer_ch, &lle->base.lle_lock,
2359 CALLOUT_RETURNUNLOCKED);
2360
2361 return &lle->base;
2362 }
2363
2364 /*
2365 * Deletes an address from the address table.
2366 * This function is called by the timer functions
2367 * such as arptimer() and nd6_llinfo_timer(), and
2368 * the caller does the locking.
2369 */
2370 static void
2371 in6_lltable_free(struct lltable *llt, struct llentry *lle)
2372 {
2373 LLE_WUNLOCK(lle);
2374 LLE_LOCK_DESTROY(lle);
2375 free(lle, M_LLTABLE);
2376 }
2377
2378 static void
2379 in6_lltable_prefix_free(struct lltable *llt,
2380 const struct sockaddr *prefix,
2381 const struct sockaddr *mask,
2382 u_int flags)
2383 {
2384 const struct sockaddr_in6 *pfx = (const struct sockaddr_in6 *)prefix;
2385 const struct sockaddr_in6 *msk = (const struct sockaddr_in6 *)mask;
2386 struct llentry *lle, *next;
2387 register int i;
2388
2389 /*
2390 * (flags & LLE_STATIC) means deleting all entries
2391 * including static ND6 entries
2392 */
2393 for (i=0; i < LLTBL_HASHTBL_SIZE; i++) {
2394 LIST_FOREACH_SAFE(lle, &llt->lle_head[i], lle_next, next) {
2395 if (IN6_ARE_MASKED_ADDR_EQUAL(
2396 &((struct sockaddr_in6 *)L3_ADDR(lle))->sin6_addr,
2397 &pfx->sin6_addr,
2398 &msk->sin6_addr) &&
2399 ((flags & LLE_STATIC) || !(lle->la_flags & LLE_STATIC))) {
2400 int canceled;
2401
2402 canceled = callout_drain(&lle->la_timer);
2403 LLE_WLOCK(lle);
2404 if (canceled)
2405 LLE_REMREF(lle);
2406 llentry_free(lle);
2407 }
2408 }
2409 }
2410 }
2411
2412 static int
2413 in6_lltable_rtcheck(struct ifnet *ifp,
2414 u_int flags,
2415 const struct sockaddr *l3addr)
2416 {
2417 struct rtentry *rt;
2418 char ip6buf[INET6_ADDRSTRLEN];
2419
2420 KASSERT(l3addr->sa_family == AF_INET6,
2421 ("sin_family %d", l3addr->sa_family));
2422
2423 /* XXX rtalloc1 should take a const param */
2424 rt = rtalloc1(__DECONST(struct sockaddr *, l3addr), 0, 0);
2425 if (rt == NULL || (rt->rt_flags & RTF_GATEWAY) || rt->rt_ifp != ifp) {
2426 struct ifaddr *ifa;
2427 /*
2428 * Create an ND6 cache for an IPv6 neighbor
2429 * that is not covered by our own prefix.
2430 */
2431 /* XXX ifaof_ifpforaddr should take a const param */
2432 ifa = ifaof_ifpforaddr(__DECONST(struct sockaddr *, l3addr), ifp);
2433 if (ifa != NULL) {
2434 ifa_free(ifa);
2435 if (rt != NULL)
2436 RTFREE_LOCKED(rt);
2437 return 0;
2438 }
2439 log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n",
2440 ip6_sprintf(ip6buf, &((const struct sockaddr_in6 *)l3addr)->sin6_addr));
2441 if (rt != NULL)
2442 RTFREE_LOCKED(rt);
2443 return EINVAL;
2444 }
2445 RTFREE_LOCKED(rt);
2446 return 0;
2447 }
2448
2449 static struct llentry *
2450 in6_lltable_lookup(struct lltable *llt, u_int flags,
2451 const struct sockaddr *l3addr)
2452 {
2453 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr;
2454 struct ifnet *ifp = llt->llt_ifp;
2455 struct llentry *lle;
2456 struct llentries *lleh;
2457 u_int hashkey;
2458
2459 IF_AFDATA_LOCK_ASSERT(ifp);
2460 KASSERT(l3addr->sa_family == AF_INET6,
2461 ("sin_family %d", l3addr->sa_family));
2462
2463 hashkey = sin6->sin6_addr.s6_addr32[3];
2464 lleh = &llt->lle_head[LLATBL_HASH(hashkey, LLTBL_HASHMASK)];
2465 LIST_FOREACH(lle, lleh, lle_next) {
2466 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)L3_ADDR(lle);
2467 if (lle->la_flags & LLE_DELETED)
2468 continue;
2469 if (bcmp(&sa6->sin6_addr, &sin6->sin6_addr,
2470 sizeof(struct in6_addr)) == 0)
2471 break;
2472 }
2473
2474 if (lle == NULL) {
2475 if (!(flags & LLE_CREATE))
2476 return (NULL);
2477 /*
2478 * A route that covers the given address must have
2479 * been installed 1st because we are doing a resolution,
2480 * verify this.
2481 */
2482 if (!(flags & LLE_IFADDR) &&
2483 in6_lltable_rtcheck(ifp, flags, l3addr) != 0)
2484 return NULL;
2485
2486 lle = in6_lltable_new(l3addr, flags);
2487 if (lle == NULL) {
2488 log(LOG_INFO, "lla_lookup: new lle malloc failed\n");
2489 return NULL;
2490 }
2491 lle->la_flags = flags & ~LLE_CREATE;
2492 if ((flags & (LLE_CREATE | LLE_IFADDR)) == (LLE_CREATE | LLE_IFADDR)) {
2493 bcopy(IF_LLADDR(ifp), &lle->ll_addr, ifp->if_addrlen);
2494 lle->la_flags |= (LLE_VALID | LLE_STATIC);
2495 }
2496
2497 lle->lle_tbl = llt;
2498 lle->lle_head = lleh;
2499 LIST_INSERT_HEAD(lleh, lle, lle_next);
2500 } else if (flags & LLE_DELETE) {
2501 if (!(lle->la_flags & LLE_IFADDR) || (flags & LLE_IFADDR)) {
2502 LLE_WLOCK(lle);
2503 lle->la_flags = LLE_DELETED;
2504 LLE_WUNLOCK(lle);
2505 #ifdef DIAGNOSTIC
2506 log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle);
2507 #endif
2508 }
2509 lle = (void *)-1;
2510 }
2511 if (LLE_IS_VALID(lle)) {
2512 if (flags & LLE_EXCLUSIVE)
2513 LLE_WLOCK(lle);
2514 else
2515 LLE_RLOCK(lle);
2516 }
2517 return (lle);
2518 }
2519
2520 static int
2521 in6_lltable_dump(struct lltable *llt, struct sysctl_req *wr)
2522 {
2523 struct ifnet *ifp = llt->llt_ifp;
2524 struct llentry *lle;
2525 /* XXX stack use */
2526 struct {
2527 struct rt_msghdr rtm;
2528 struct sockaddr_in6 sin6;
2529 /*
2530 * ndp.c assumes that sdl is word aligned
2531 */
2532 #ifdef __LP64__
2533 uint32_t pad;
2534 #endif
2535 struct sockaddr_dl sdl;
2536 } ndpc;
2537 int i, error;
2538
2539 if (ifp->if_flags & IFF_LOOPBACK)
2540 return 0;
2541
2542 LLTABLE_LOCK_ASSERT();
2543
2544 error = 0;
2545 for (i = 0; i < LLTBL_HASHTBL_SIZE; i++) {
2546 LIST_FOREACH(lle, &llt->lle_head[i], lle_next) {
2547 struct sockaddr_dl *sdl;
2548
2549 /* skip deleted or invalid entries */
2550 if ((lle->la_flags & (LLE_DELETED|LLE_VALID)) != LLE_VALID)
2551 continue;
2552 /* Skip if jailed and not a valid IP of the prison. */
2553 if (prison_if(wr->td->td_ucred, L3_ADDR(lle)) != 0)
2554 continue;
2555 /*
2556 * produce a msg made of:
2557 * struct rt_msghdr;
2558 * struct sockaddr_in6 (IPv6)
2559 * struct sockaddr_dl;
2560 */
2561 bzero(&ndpc, sizeof(ndpc));
2562 ndpc.rtm.rtm_msglen = sizeof(ndpc);
2563 ndpc.rtm.rtm_version = RTM_VERSION;
2564 ndpc.rtm.rtm_type = RTM_GET;
2565 ndpc.rtm.rtm_flags = RTF_UP;
2566 ndpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY;
2567 ndpc.sin6.sin6_family = AF_INET6;
2568 ndpc.sin6.sin6_len = sizeof(ndpc.sin6);
2569 bcopy(L3_ADDR(lle), &ndpc.sin6, L3_ADDR_LEN(lle));
2570
2571 /* publish */
2572 if (lle->la_flags & LLE_PUB)
2573 ndpc.rtm.rtm_flags |= RTF_ANNOUNCE;
2574
2575 sdl = &ndpc.sdl;
2576 sdl->sdl_family = AF_LINK;
2577 sdl->sdl_len = sizeof(*sdl);
2578 sdl->sdl_alen = ifp->if_addrlen;
2579 sdl->sdl_index = ifp->if_index;
2580 sdl->sdl_type = ifp->if_type;
2581 bcopy(&lle->ll_addr, LLADDR(sdl), ifp->if_addrlen);
2582 ndpc.rtm.rtm_rmx.rmx_expire =
2583 lle->la_flags & LLE_STATIC ? 0 : lle->la_expire;
2584 ndpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA);
2585 if (lle->la_flags & LLE_STATIC)
2586 ndpc.rtm.rtm_flags |= RTF_STATIC;
2587 ndpc.rtm.rtm_index = ifp->if_index;
2588 error = SYSCTL_OUT(wr, &ndpc, sizeof(ndpc));
2589 if (error)
2590 break;
2591 }
2592 }
2593 return error;
2594 }
2595
2596 void *
2597 in6_domifattach(struct ifnet *ifp)
2598 {
2599 struct in6_ifextra *ext;
2600
2601 ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK);
2602 bzero(ext, sizeof(*ext));
2603
2604 ext->in6_ifstat = (struct in6_ifstat *)malloc(sizeof(struct in6_ifstat),
2605 M_IFADDR, M_WAITOK);
2606 bzero(ext->in6_ifstat, sizeof(*ext->in6_ifstat));
2607
2608 ext->icmp6_ifstat =
2609 (struct icmp6_ifstat *)malloc(sizeof(struct icmp6_ifstat),
2610 M_IFADDR, M_WAITOK);
2611 bzero(ext->icmp6_ifstat, sizeof(*ext->icmp6_ifstat));
2612
2613 ext->nd_ifinfo = nd6_ifattach(ifp);
2614 ext->scope6_id = scope6_ifattach(ifp);
2615 ext->lltable = lltable_init(ifp, AF_INET6);
2616 if (ext->lltable != NULL) {
2617 ext->lltable->llt_free = in6_lltable_free;
2618 ext->lltable->llt_prefix_free = in6_lltable_prefix_free;
2619 ext->lltable->llt_lookup = in6_lltable_lookup;
2620 ext->lltable->llt_dump = in6_lltable_dump;
2621 }
2622
2623 ext->mld_ifinfo = mld_domifattach(ifp);
2624
2625 return ext;
2626 }
2627
2628 void
2629 in6_domifdetach(struct ifnet *ifp, void *aux)
2630 {
2631 struct in6_ifextra *ext = (struct in6_ifextra *)aux;
2632
2633 mld_domifdetach(ifp);
2634 scope6_ifdetach(ext->scope6_id);
2635 nd6_ifdetach(ext->nd_ifinfo);
2636 lltable_free(ext->lltable);
2637 free(ext->in6_ifstat, M_IFADDR);
2638 free(ext->icmp6_ifstat, M_IFADDR);
2639 free(ext, M_IFADDR);
2640 }
2641
2642 /*
2643 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be
2644 * v4 mapped addr or v4 compat addr
2645 */
2646 void
2647 in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
2648 {
2649
2650 bzero(sin, sizeof(*sin));
2651 sin->sin_len = sizeof(struct sockaddr_in);
2652 sin->sin_family = AF_INET;
2653 sin->sin_port = sin6->sin6_port;
2654 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3];
2655 }
2656
2657 /* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */
2658 void
2659 in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
2660 {
2661 bzero(sin6, sizeof(*sin6));
2662 sin6->sin6_len = sizeof(struct sockaddr_in6);
2663 sin6->sin6_family = AF_INET6;
2664 sin6->sin6_port = sin->sin_port;
2665 sin6->sin6_addr.s6_addr32[0] = 0;
2666 sin6->sin6_addr.s6_addr32[1] = 0;
2667 sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP;
2668 sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr;
2669 }
2670
2671 /* Convert sockaddr_in6 into sockaddr_in. */
2672 void
2673 in6_sin6_2_sin_in_sock(struct sockaddr *nam)
2674 {
2675 struct sockaddr_in *sin_p;
2676 struct sockaddr_in6 sin6;
2677
2678 /*
2679 * Save original sockaddr_in6 addr and convert it
2680 * to sockaddr_in.
2681 */
2682 sin6 = *(struct sockaddr_in6 *)nam;
2683 sin_p = (struct sockaddr_in *)nam;
2684 in6_sin6_2_sin(sin_p, &sin6);
2685 }
2686
2687 /* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */
2688 void
2689 in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam)
2690 {
2691 struct sockaddr_in *sin_p;
2692 struct sockaddr_in6 *sin6_p;
2693
2694 sin6_p = malloc(sizeof *sin6_p, M_SONAME,
2695 M_WAITOK);
2696 sin_p = (struct sockaddr_in *)*nam;
2697 in6_sin_2_v4mapsin6(sin_p, sin6_p);
2698 free(*nam, M_SONAME);
2699 *nam = (struct sockaddr *)sin6_p;
2700 }
Cache object: 0704d0861e27bbc2378562f6e843cf43
|