Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/netinet6/in6.c
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /*- 2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the project nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * $KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $ 30 */ 31 32 /*- 33 * Copyright (c) 1982, 1986, 1991, 1993 34 * The Regents of the University of California. All rights reserved. 35 * 36 * Redistribution and use in source and binary forms, with or without 37 * modification, are permitted provided that the following conditions 38 * are met: 39 * 1. Redistributions of source code must retain the above copyright 40 * notice, this list of conditions and the following disclaimer. 41 * 2. Redistributions in binary form must reproduce the above copyright 42 * notice, this list of conditions and the following disclaimer in the 43 * documentation and/or other materials provided with the distribution. 44 * 4. Neither the name of the University nor the names of its contributors 45 * may be used to endorse or promote products derived from this software 46 * without specific prior written permission. 47 * 48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 58 * SUCH DAMAGE. 59 * 60 * @(#)in.c 8.2 (Berkeley) 11/15/93 61 */ 62 63 #include <sys/cdefs.h> 64 __FBSDID("$FreeBSD: releng/8.3/sys/netinet6/in6.c 255446 2013-09-10 10:13:14Z des $"); 65 66 #include "opt_compat.h" 67 #include "opt_inet.h" 68 #include "opt_inet6.h" 69 70 #include <sys/param.h> 71 #include <sys/errno.h> 72 #include <sys/jail.h> 73 #include <sys/malloc.h> 74 #include <sys/socket.h> 75 #include <sys/socketvar.h> 76 #include <sys/sockio.h> 77 #include <sys/systm.h> 78 #include <sys/priv.h> 79 #include <sys/proc.h> 80 #include <sys/time.h> 81 #include <sys/kernel.h> 82 #include <sys/syslog.h> 83 84 #include <net/if.h> 85 #include <net/if_var.h> 86 #include <net/if_types.h> 87 #include <net/route.h> 88 #include <net/if_dl.h> 89 #include <net/vnet.h> 90 91 #include <netinet/in.h> 92 #include <netinet/in_var.h> 93 #include <net/if_llatbl.h> 94 #include <netinet/if_ether.h> 95 #include <netinet/in_systm.h> 96 #include <netinet/ip.h> 97 #include <netinet/in_pcb.h> 98 99 #include <netinet/ip6.h> 100 #include <netinet6/ip6_var.h> 101 #include <netinet6/nd6.h> 102 #include <netinet6/mld6_var.h> 103 #include <netinet6/ip6_mroute.h> 104 #include <netinet6/in6_ifattach.h> 105 #include <netinet6/scope6_var.h> 106 #include <netinet6/in6_pcb.h> 107 108 /* 109 * Definitions of some costant IP6 addresses. 110 */ 111 const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT; 112 const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT; 113 const struct in6_addr in6addr_nodelocal_allnodes = 114 IN6ADDR_NODELOCAL_ALLNODES_INIT; 115 const struct in6_addr in6addr_linklocal_allnodes = 116 IN6ADDR_LINKLOCAL_ALLNODES_INIT; 117 const struct in6_addr in6addr_linklocal_allrouters = 118 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT; 119 const struct in6_addr in6addr_linklocal_allv2routers = 120 IN6ADDR_LINKLOCAL_ALLV2ROUTERS_INIT; 121 122 const struct in6_addr in6mask0 = IN6MASK0; 123 const struct in6_addr in6mask32 = IN6MASK32; 124 const struct in6_addr in6mask64 = IN6MASK64; 125 const struct in6_addr in6mask96 = IN6MASK96; 126 const struct in6_addr in6mask128 = IN6MASK128; 127 128 const struct sockaddr_in6 sa6_any = 129 { sizeof(sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0 }; 130 131 static int in6_lifaddr_ioctl __P((struct socket *, u_long, caddr_t, 132 struct ifnet *, struct thread *)); 133 static int in6_ifinit __P((struct ifnet *, struct in6_ifaddr *, 134 struct sockaddr_in6 *, int)); 135 static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *); 136 137 int (*faithprefix_p)(struct in6_addr *); 138 139 140 141 int 142 in6_mask2len(struct in6_addr *mask, u_char *lim0) 143 { 144 int x = 0, y; 145 u_char *lim = lim0, *p; 146 147 /* ignore the scope_id part */ 148 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask)) 149 lim = (u_char *)mask + sizeof(*mask); 150 for (p = (u_char *)mask; p < lim; x++, p++) { 151 if (*p != 0xff) 152 break; 153 } 154 y = 0; 155 if (p < lim) { 156 for (y = 0; y < 8; y++) { 157 if ((*p & (0x80 >> y)) == 0) 158 break; 159 } 160 } 161 162 /* 163 * when the limit pointer is given, do a stricter check on the 164 * remaining bits. 165 */ 166 if (p < lim) { 167 if (y != 0 && (*p & (0x00ff >> y)) != 0) 168 return (-1); 169 for (p = p + 1; p < lim; p++) 170 if (*p != 0) 171 return (-1); 172 } 173 174 return x * 8 + y; 175 } 176 177 #define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa)) 178 #define ia62ifa(ia6) (&((ia6)->ia_ifa)) 179 180 #ifdef COMPAT_FREEBSD32 181 struct in6_ndifreq32 { 182 char ifname[IFNAMSIZ]; 183 uint32_t ifindex; 184 }; 185 #define SIOCGDEFIFACE32_IN6 _IOWR('i', 86, struct in6_ndifreq32) 186 #endif 187 188 int 189 in6_control(struct socket *so, u_long cmd, caddr_t data, 190 struct ifnet *ifp, struct thread *td) 191 { 192 struct in6_ifreq *ifr = (struct in6_ifreq *)data; 193 struct in6_ifaddr *ia = NULL; 194 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data; 195 struct sockaddr_in6 *sa6; 196 int error; 197 198 switch (cmd) { 199 case SIOCGETSGCNT_IN6: 200 case SIOCGETMIFCNT_IN6: 201 return (mrt6_ioctl ? mrt6_ioctl(cmd, data) : EOPNOTSUPP); 202 } 203 204 switch(cmd) { 205 case SIOCAADDRCTL_POLICY: 206 case SIOCDADDRCTL_POLICY: 207 if (td != NULL) { 208 error = priv_check(td, PRIV_NETINET_ADDRCTRL6); 209 if (error) 210 return (error); 211 } 212 return (in6_src_ioctl(cmd, data)); 213 } 214 215 if (ifp == NULL) 216 return (EOPNOTSUPP); 217 218 switch (cmd) { 219 case SIOCSNDFLUSH_IN6: 220 case SIOCSPFXFLUSH_IN6: 221 case SIOCSRTRFLUSH_IN6: 222 case SIOCSDEFIFACE_IN6: 223 case SIOCSIFINFO_FLAGS: 224 case SIOCSIFINFO_IN6: 225 if (td != NULL) { 226 error = priv_check(td, PRIV_NETINET_ND6); 227 if (error) 228 return (error); 229 } 230 /* FALLTHROUGH */ 231 case OSIOCGIFINFO_IN6: 232 case SIOCGIFINFO_IN6: 233 case SIOCGDRLST_IN6: 234 case SIOCGPRLST_IN6: 235 case SIOCGNBRINFO_IN6: 236 case SIOCGDEFIFACE_IN6: 237 return (nd6_ioctl(cmd, data, ifp)); 238 239 #ifdef COMPAT_FREEBSD32 240 case SIOCGDEFIFACE32_IN6: 241 { 242 struct in6_ndifreq ndif; 243 struct in6_ndifreq32 *ndif32; 244 245 error = nd6_ioctl(SIOCGDEFIFACE_IN6, (caddr_t)&ndif, 246 ifp); 247 if (error) 248 return (error); 249 ndif32 = (struct in6_ndifreq32 *)data; 250 ndif32->ifindex = ndif.ifindex; 251 return (0); 252 } 253 #endif 254 } 255 256 switch (cmd) { 257 case SIOCSIFPREFIX_IN6: 258 case SIOCDIFPREFIX_IN6: 259 case SIOCAIFPREFIX_IN6: 260 case SIOCCIFPREFIX_IN6: 261 case SIOCSGIFPREFIX_IN6: 262 case SIOCGIFPREFIX_IN6: 263 log(LOG_NOTICE, 264 "prefix ioctls are now invalidated. " 265 "please use ifconfig.\n"); 266 return (EOPNOTSUPP); 267 } 268 269 switch (cmd) { 270 case SIOCSSCOPE6: 271 if (td != NULL) { 272 error = priv_check(td, PRIV_NETINET_SCOPE6); 273 if (error) 274 return (error); 275 } 276 return (scope6_set(ifp, 277 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id)); 278 case SIOCGSCOPE6: 279 return (scope6_get(ifp, 280 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id)); 281 case SIOCGSCOPE6DEF: 282 return (scope6_get_default((struct scope6_id *) 283 ifr->ifr_ifru.ifru_scope_id)); 284 } 285 286 switch (cmd) { 287 case SIOCALIFADDR: 288 if (td != NULL) { 289 error = priv_check(td, PRIV_NET_ADDIFADDR); 290 if (error) 291 return (error); 292 } 293 return in6_lifaddr_ioctl(so, cmd, data, ifp, td); 294 295 case SIOCDLIFADDR: 296 if (td != NULL) { 297 error = priv_check(td, PRIV_NET_DELIFADDR); 298 if (error) 299 return (error); 300 } 301 /* FALLTHROUGH */ 302 case SIOCGLIFADDR: 303 return in6_lifaddr_ioctl(so, cmd, data, ifp, td); 304 } 305 306 /* 307 * Find address for this interface, if it exists. 308 * 309 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation 310 * only, and used the first interface address as the target of other 311 * operations (without checking ifra_addr). This was because netinet 312 * code/API assumed at most 1 interface address per interface. 313 * Since IPv6 allows a node to assign multiple addresses 314 * on a single interface, we almost always look and check the 315 * presence of ifra_addr, and reject invalid ones here. 316 * It also decreases duplicated code among SIOC*_IN6 operations. 317 */ 318 switch (cmd) { 319 case SIOCAIFADDR_IN6: 320 case SIOCSIFPHYADDR_IN6: 321 sa6 = &ifra->ifra_addr; 322 break; 323 case SIOCSIFADDR_IN6: 324 case SIOCGIFADDR_IN6: 325 case SIOCSIFDSTADDR_IN6: 326 case SIOCSIFNETMASK_IN6: 327 case SIOCGIFDSTADDR_IN6: 328 case SIOCGIFNETMASK_IN6: 329 case SIOCDIFADDR_IN6: 330 case SIOCGIFPSRCADDR_IN6: 331 case SIOCGIFPDSTADDR_IN6: 332 case SIOCGIFAFLAG_IN6: 333 case SIOCSNDFLUSH_IN6: 334 case SIOCSPFXFLUSH_IN6: 335 case SIOCSRTRFLUSH_IN6: 336 case SIOCGIFALIFETIME_IN6: 337 case SIOCSIFALIFETIME_IN6: 338 case SIOCGIFSTAT_IN6: 339 case SIOCGIFSTAT_ICMP6: 340 sa6 = &ifr->ifr_addr; 341 break; 342 case SIOCSIFADDR: 343 case SIOCSIFBRDADDR: 344 case SIOCSIFDSTADDR: 345 case SIOCSIFNETMASK: 346 /* 347 * Although we should pass any non-INET6 ioctl requests 348 * down to driver, we filter some legacy INET requests. 349 * Drivers trust SIOCSIFADDR et al to come from an already 350 * privileged layer, and do not perform any credentials 351 * checks or input validation. 352 */ 353 return (EINVAL); 354 default: 355 sa6 = NULL; 356 break; 357 } 358 if (sa6 && sa6->sin6_family == AF_INET6) { 359 if (sa6->sin6_scope_id != 0) 360 error = sa6_embedscope(sa6, 0); 361 else 362 error = in6_setscope(&sa6->sin6_addr, ifp, NULL); 363 if (error != 0) 364 return (error); 365 if (td != NULL && (error = prison_check_ip6(td->td_ucred, 366 &sa6->sin6_addr)) != 0) 367 return (error); 368 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr); 369 } else 370 ia = NULL; 371 372 switch (cmd) { 373 case SIOCSIFADDR_IN6: 374 case SIOCSIFDSTADDR_IN6: 375 case SIOCSIFNETMASK_IN6: 376 /* 377 * Since IPv6 allows a node to assign multiple addresses 378 * on a single interface, SIOCSIFxxx ioctls are deprecated. 379 */ 380 /* we decided to obsolete this command (20000704) */ 381 error = EINVAL; 382 goto out; 383 384 case SIOCDIFADDR_IN6: 385 /* 386 * for IPv4, we look for existing in_ifaddr here to allow 387 * "ifconfig if0 delete" to remove the first IPv4 address on 388 * the interface. For IPv6, as the spec allows multiple 389 * interface address from the day one, we consider "remove the 390 * first one" semantics to be not preferable. 391 */ 392 if (ia == NULL) { 393 error = EADDRNOTAVAIL; 394 goto out; 395 } 396 /* FALLTHROUGH */ 397 case SIOCAIFADDR_IN6: 398 /* 399 * We always require users to specify a valid IPv6 address for 400 * the corresponding operation. 401 */ 402 if (ifra->ifra_addr.sin6_family != AF_INET6 || 403 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) { 404 error = EAFNOSUPPORT; 405 goto out; 406 } 407 408 if (td != NULL) { 409 error = priv_check(td, (cmd == SIOCDIFADDR_IN6) ? 410 PRIV_NET_DELIFADDR : PRIV_NET_ADDIFADDR); 411 if (error) 412 goto out; 413 } 414 break; 415 416 case SIOCGIFADDR_IN6: 417 /* This interface is basically deprecated. use SIOCGIFCONF. */ 418 /* FALLTHROUGH */ 419 case SIOCGIFAFLAG_IN6: 420 case SIOCGIFNETMASK_IN6: 421 case SIOCGIFDSTADDR_IN6: 422 case SIOCGIFALIFETIME_IN6: 423 /* must think again about its semantics */ 424 if (ia == NULL) { 425 error = EADDRNOTAVAIL; 426 goto out; 427 } 428 break; 429 430 case SIOCSIFALIFETIME_IN6: 431 { 432 struct in6_addrlifetime *lt; 433 434 if (td != NULL) { 435 error = priv_check(td, PRIV_NETINET_ALIFETIME6); 436 if (error) 437 goto out; 438 } 439 if (ia == NULL) { 440 error = EADDRNOTAVAIL; 441 goto out; 442 } 443 /* sanity for overflow - beware unsigned */ 444 lt = &ifr->ifr_ifru.ifru_lifetime; 445 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME && 446 lt->ia6t_vltime + time_second < time_second) { 447 error = EINVAL; 448 goto out; 449 } 450 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME && 451 lt->ia6t_pltime + time_second < time_second) { 452 error = EINVAL; 453 goto out; 454 } 455 break; 456 } 457 } 458 459 switch (cmd) { 460 case SIOCGIFADDR_IN6: 461 ifr->ifr_addr = ia->ia_addr; 462 if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0) 463 goto out; 464 break; 465 466 case SIOCGIFDSTADDR_IN6: 467 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) { 468 error = EINVAL; 469 goto out; 470 } 471 /* 472 * XXX: should we check if ifa_dstaddr is NULL and return 473 * an error? 474 */ 475 ifr->ifr_dstaddr = ia->ia_dstaddr; 476 if ((error = sa6_recoverscope(&ifr->ifr_dstaddr)) != 0) 477 goto out; 478 break; 479 480 case SIOCGIFNETMASK_IN6: 481 ifr->ifr_addr = ia->ia_prefixmask; 482 break; 483 484 case SIOCGIFAFLAG_IN6: 485 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags; 486 break; 487 488 case SIOCGIFSTAT_IN6: 489 if (ifp == NULL) { 490 error = EINVAL; 491 goto out; 492 } 493 bzero(&ifr->ifr_ifru.ifru_stat, 494 sizeof(ifr->ifr_ifru.ifru_stat)); 495 ifr->ifr_ifru.ifru_stat = 496 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat; 497 break; 498 499 case SIOCGIFSTAT_ICMP6: 500 if (ifp == NULL) { 501 error = EINVAL; 502 goto out; 503 } 504 bzero(&ifr->ifr_ifru.ifru_icmp6stat, 505 sizeof(ifr->ifr_ifru.ifru_icmp6stat)); 506 ifr->ifr_ifru.ifru_icmp6stat = 507 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat; 508 break; 509 510 case SIOCGIFALIFETIME_IN6: 511 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime; 512 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 513 time_t maxexpire; 514 struct in6_addrlifetime *retlt = 515 &ifr->ifr_ifru.ifru_lifetime; 516 517 /* 518 * XXX: adjust expiration time assuming time_t is 519 * signed. 520 */ 521 maxexpire = (-1) & 522 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1)); 523 if (ia->ia6_lifetime.ia6t_vltime < 524 maxexpire - ia->ia6_updatetime) { 525 retlt->ia6t_expire = ia->ia6_updatetime + 526 ia->ia6_lifetime.ia6t_vltime; 527 } else 528 retlt->ia6t_expire = maxexpire; 529 } 530 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 531 time_t maxexpire; 532 struct in6_addrlifetime *retlt = 533 &ifr->ifr_ifru.ifru_lifetime; 534 535 /* 536 * XXX: adjust expiration time assuming time_t is 537 * signed. 538 */ 539 maxexpire = (-1) & 540 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1)); 541 if (ia->ia6_lifetime.ia6t_pltime < 542 maxexpire - ia->ia6_updatetime) { 543 retlt->ia6t_preferred = ia->ia6_updatetime + 544 ia->ia6_lifetime.ia6t_pltime; 545 } else 546 retlt->ia6t_preferred = maxexpire; 547 } 548 break; 549 550 case SIOCSIFALIFETIME_IN6: 551 ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime; 552 /* for sanity */ 553 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 554 ia->ia6_lifetime.ia6t_expire = 555 time_second + ia->ia6_lifetime.ia6t_vltime; 556 } else 557 ia->ia6_lifetime.ia6t_expire = 0; 558 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 559 ia->ia6_lifetime.ia6t_preferred = 560 time_second + ia->ia6_lifetime.ia6t_pltime; 561 } else 562 ia->ia6_lifetime.ia6t_preferred = 0; 563 break; 564 565 case SIOCAIFADDR_IN6: 566 { 567 int i; 568 struct nd_prefixctl pr0; 569 struct nd_prefix *pr; 570 571 /* 572 * first, make or update the interface address structure, 573 * and link it to the list. 574 */ 575 if ((error = in6_update_ifa(ifp, ifra, ia, 0)) != 0) 576 goto out; 577 if (ia != NULL) 578 ifa_free(&ia->ia_ifa); 579 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr)) 580 == NULL) { 581 /* 582 * this can happen when the user specify the 0 valid 583 * lifetime. 584 */ 585 break; 586 } 587 588 /* 589 * then, make the prefix on-link on the interface. 590 * XXX: we'd rather create the prefix before the address, but 591 * we need at least one address to install the corresponding 592 * interface route, so we configure the address first. 593 */ 594 595 /* 596 * convert mask to prefix length (prefixmask has already 597 * been validated in in6_update_ifa(). 598 */ 599 bzero(&pr0, sizeof(pr0)); 600 pr0.ndpr_ifp = ifp; 601 pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 602 NULL); 603 if (pr0.ndpr_plen == 128) { 604 break; /* we don't need to install a host route. */ 605 } 606 pr0.ndpr_prefix = ifra->ifra_addr; 607 /* apply the mask for safety. */ 608 for (i = 0; i < 4; i++) { 609 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &= 610 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i]; 611 } 612 /* 613 * XXX: since we don't have an API to set prefix (not address) 614 * lifetimes, we just use the same lifetimes as addresses. 615 * The (temporarily) installed lifetimes can be overridden by 616 * later advertised RAs (when accept_rtadv is non 0), which is 617 * an intended behavior. 618 */ 619 pr0.ndpr_raf_onlink = 1; /* should be configurable? */ 620 pr0.ndpr_raf_auto = 621 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0); 622 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime; 623 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime; 624 625 /* add the prefix if not yet. */ 626 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) { 627 /* 628 * nd6_prelist_add will install the corresponding 629 * interface route. 630 */ 631 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) 632 goto out; 633 if (pr == NULL) { 634 log(LOG_ERR, "nd6_prelist_add succeeded but " 635 "no prefix\n"); 636 error = EINVAL; 637 goto out; 638 } 639 } 640 641 /* relate the address to the prefix */ 642 if (ia->ia6_ndpr == NULL) { 643 ia->ia6_ndpr = pr; 644 pr->ndpr_refcnt++; 645 646 /* 647 * If this is the first autoconf address from the 648 * prefix, create a temporary address as well 649 * (when required). 650 */ 651 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) && 652 V_ip6_use_tempaddr && pr->ndpr_refcnt == 1) { 653 int e; 654 if ((e = in6_tmpifadd(ia, 1, 0)) != 0) { 655 log(LOG_NOTICE, "in6_control: failed " 656 "to create a temporary address, " 657 "errno=%d\n", e); 658 } 659 } 660 } 661 662 /* 663 * this might affect the status of autoconfigured addresses, 664 * that is, this address might make other addresses detached. 665 */ 666 pfxlist_onlink_check(); 667 if (error == 0 && ia) 668 EVENTHANDLER_INVOKE(ifaddr_event, ifp); 669 break; 670 } 671 672 case SIOCDIFADDR_IN6: 673 { 674 struct nd_prefix *pr; 675 676 /* 677 * If the address being deleted is the only one that owns 678 * the corresponding prefix, expire the prefix as well. 679 * XXX: theoretically, we don't have to worry about such 680 * relationship, since we separate the address management 681 * and the prefix management. We do this, however, to provide 682 * as much backward compatibility as possible in terms of 683 * the ioctl operation. 684 * Note that in6_purgeaddr() will decrement ndpr_refcnt. 685 */ 686 pr = ia->ia6_ndpr; 687 in6_purgeaddr(&ia->ia_ifa); 688 if (pr && pr->ndpr_refcnt == 0) 689 prelist_remove(pr); 690 EVENTHANDLER_INVOKE(ifaddr_event, ifp); 691 break; 692 } 693 694 default: 695 if (ifp == NULL || ifp->if_ioctl == 0) { 696 error = EOPNOTSUPP; 697 goto out; 698 } 699 error = (*ifp->if_ioctl)(ifp, cmd, data); 700 goto out; 701 } 702 703 error = 0; 704 out: 705 if (ia != NULL) 706 ifa_free(&ia->ia_ifa); 707 return (error); 708 } 709 710 /* 711 * Update parameters of an IPv6 interface address. 712 * If necessary, a new entry is created and linked into address chains. 713 * This function is separated from in6_control(). 714 * XXX: should this be performed under splnet()? 715 */ 716 int 717 in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, 718 struct in6_ifaddr *ia, int flags) 719 { 720 int error = 0, hostIsNew = 0, plen = -1; 721 struct sockaddr_in6 dst6; 722 struct in6_addrlifetime *lt; 723 struct in6_multi_mship *imm; 724 struct in6_multi *in6m_sol; 725 struct rtentry *rt; 726 int delay; 727 char ip6buf[INET6_ADDRSTRLEN]; 728 729 /* Validate parameters */ 730 if (ifp == NULL || ifra == NULL) /* this maybe redundant */ 731 return (EINVAL); 732 733 /* 734 * The destination address for a p2p link must have a family 735 * of AF_UNSPEC or AF_INET6. 736 */ 737 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && 738 ifra->ifra_dstaddr.sin6_family != AF_INET6 && 739 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC) 740 return (EAFNOSUPPORT); 741 /* 742 * validate ifra_prefixmask. don't check sin6_family, netmask 743 * does not carry fields other than sin6_len. 744 */ 745 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6)) 746 return (EINVAL); 747 /* 748 * Because the IPv6 address architecture is classless, we require 749 * users to specify a (non 0) prefix length (mask) for a new address. 750 * We also require the prefix (when specified) mask is valid, and thus 751 * reject a non-consecutive mask. 752 */ 753 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0) 754 return (EINVAL); 755 if (ifra->ifra_prefixmask.sin6_len != 0) { 756 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 757 (u_char *)&ifra->ifra_prefixmask + 758 ifra->ifra_prefixmask.sin6_len); 759 if (plen <= 0) 760 return (EINVAL); 761 } else { 762 /* 763 * In this case, ia must not be NULL. We just use its prefix 764 * length. 765 */ 766 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 767 } 768 /* 769 * If the destination address on a p2p interface is specified, 770 * and the address is a scoped one, validate/set the scope 771 * zone identifier. 772 */ 773 dst6 = ifra->ifra_dstaddr; 774 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 && 775 (dst6.sin6_family == AF_INET6)) { 776 struct in6_addr in6_tmp; 777 u_int32_t zoneid; 778 779 in6_tmp = dst6.sin6_addr; 780 if (in6_setscope(&in6_tmp, ifp, &zoneid)) 781 return (EINVAL); /* XXX: should be impossible */ 782 783 if (dst6.sin6_scope_id != 0) { 784 if (dst6.sin6_scope_id != zoneid) 785 return (EINVAL); 786 } else /* user omit to specify the ID. */ 787 dst6.sin6_scope_id = zoneid; 788 789 /* convert into the internal form */ 790 if (sa6_embedscope(&dst6, 0)) 791 return (EINVAL); /* XXX: should be impossible */ 792 } 793 /* 794 * The destination address can be specified only for a p2p or a 795 * loopback interface. If specified, the corresponding prefix length 796 * must be 128. 797 */ 798 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) { 799 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) { 800 /* XXX: noisy message */ 801 nd6log((LOG_INFO, "in6_update_ifa: a destination can " 802 "be specified for a p2p or a loopback IF only\n")); 803 return (EINVAL); 804 } 805 if (plen != 128) { 806 nd6log((LOG_INFO, "in6_update_ifa: prefixlen should " 807 "be 128 when dstaddr is specified\n")); 808 return (EINVAL); 809 } 810 } 811 /* lifetime consistency check */ 812 lt = &ifra->ifra_lifetime; 813 if (lt->ia6t_pltime > lt->ia6t_vltime) 814 return (EINVAL); 815 if (lt->ia6t_vltime == 0) { 816 /* 817 * the following log might be noisy, but this is a typical 818 * configuration mistake or a tool's bug. 819 */ 820 nd6log((LOG_INFO, 821 "in6_update_ifa: valid lifetime is 0 for %s\n", 822 ip6_sprintf(ip6buf, &ifra->ifra_addr.sin6_addr))); 823 824 if (ia == NULL) 825 return (0); /* there's nothing to do */ 826 } 827 828 /* 829 * If this is a new address, allocate a new ifaddr and link it 830 * into chains. 831 */ 832 if (ia == NULL) { 833 hostIsNew = 1; 834 /* 835 * When in6_update_ifa() is called in a process of a received 836 * RA, it is called under an interrupt context. So, we should 837 * call malloc with M_NOWAIT. 838 */ 839 ia = (struct in6_ifaddr *) malloc(sizeof(*ia), M_IFADDR, 840 M_NOWAIT); 841 if (ia == NULL) 842 return (ENOBUFS); 843 bzero((caddr_t)ia, sizeof(*ia)); 844 ifa_init(&ia->ia_ifa); 845 LIST_INIT(&ia->ia6_memberships); 846 /* Initialize the address and masks, and put time stamp */ 847 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr; 848 ia->ia_addr.sin6_family = AF_INET6; 849 ia->ia_addr.sin6_len = sizeof(ia->ia_addr); 850 ia->ia6_createtime = time_second; 851 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) { 852 /* 853 * XXX: some functions expect that ifa_dstaddr is not 854 * NULL for p2p interfaces. 855 */ 856 ia->ia_ifa.ifa_dstaddr = 857 (struct sockaddr *)&ia->ia_dstaddr; 858 } else { 859 ia->ia_ifa.ifa_dstaddr = NULL; 860 } 861 ia->ia_ifa.ifa_netmask = (struct sockaddr *)&ia->ia_prefixmask; 862 ia->ia_ifp = ifp; 863 ifa_ref(&ia->ia_ifa); /* if_addrhead */ 864 IF_ADDR_LOCK(ifp); 865 TAILQ_INSERT_TAIL(&ifp->if_addrhead, &ia->ia_ifa, ifa_link); 866 IF_ADDR_UNLOCK(ifp); 867 868 ifa_ref(&ia->ia_ifa); /* in6_ifaddrhead */ 869 IN6_IFADDR_WLOCK(); 870 TAILQ_INSERT_TAIL(&V_in6_ifaddrhead, ia, ia_link); 871 IN6_IFADDR_WUNLOCK(); 872 } 873 874 /* update timestamp */ 875 ia->ia6_updatetime = time_second; 876 877 /* set prefix mask */ 878 if (ifra->ifra_prefixmask.sin6_len) { 879 /* 880 * We prohibit changing the prefix length of an existing 881 * address, because 882 * + such an operation should be rare in IPv6, and 883 * + the operation would confuse prefix management. 884 */ 885 if (ia->ia_prefixmask.sin6_len && 886 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) { 887 nd6log((LOG_INFO, "in6_update_ifa: the prefix length of an" 888 " existing (%s) address should not be changed\n", 889 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr))); 890 error = EINVAL; 891 goto unlink; 892 } 893 ia->ia_prefixmask = ifra->ifra_prefixmask; 894 } 895 896 /* 897 * If a new destination address is specified, scrub the old one and 898 * install the new destination. Note that the interface must be 899 * p2p or loopback (see the check above.) 900 */ 901 if (dst6.sin6_family == AF_INET6 && 902 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, &ia->ia_dstaddr.sin6_addr)) { 903 int e; 904 905 if ((ia->ia_flags & IFA_ROUTE) != 0 && 906 (e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) != 0) { 907 nd6log((LOG_ERR, "in6_update_ifa: failed to remove " 908 "a route to the old destination: %s\n", 909 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr))); 910 /* proceed anyway... */ 911 } else 912 ia->ia_flags &= ~IFA_ROUTE; 913 ia->ia_dstaddr = dst6; 914 } 915 916 /* 917 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred 918 * to see if the address is deprecated or invalidated, but initialize 919 * these members for applications. 920 */ 921 ia->ia6_lifetime = ifra->ifra_lifetime; 922 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 923 ia->ia6_lifetime.ia6t_expire = 924 time_second + ia->ia6_lifetime.ia6t_vltime; 925 } else 926 ia->ia6_lifetime.ia6t_expire = 0; 927 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 928 ia->ia6_lifetime.ia6t_preferred = 929 time_second + ia->ia6_lifetime.ia6t_pltime; 930 } else 931 ia->ia6_lifetime.ia6t_preferred = 0; 932 933 /* reset the interface and routing table appropriately. */ 934 if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0) 935 goto unlink; 936 937 /* 938 * configure address flags. 939 */ 940 ia->ia6_flags = ifra->ifra_flags; 941 /* 942 * backward compatibility - if IN6_IFF_DEPRECATED is set from the 943 * userland, make it deprecated. 944 */ 945 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) { 946 ia->ia6_lifetime.ia6t_pltime = 0; 947 ia->ia6_lifetime.ia6t_preferred = time_second; 948 } 949 /* 950 * Make the address tentative before joining multicast addresses, 951 * so that corresponding MLD responses would not have a tentative 952 * source address. 953 */ 954 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */ 955 if (hostIsNew && in6if_do_dad(ifp)) 956 ia->ia6_flags |= IN6_IFF_TENTATIVE; 957 958 /* 959 * We are done if we have simply modified an existing address. 960 */ 961 if (!hostIsNew) 962 return (error); 963 964 /* 965 * Beyond this point, we should call in6_purgeaddr upon an error, 966 * not just go to unlink. 967 */ 968 969 /* Join necessary multicast groups */ 970 in6m_sol = NULL; 971 if ((ifp->if_flags & IFF_MULTICAST) != 0) { 972 struct sockaddr_in6 mltaddr, mltmask; 973 struct in6_addr llsol; 974 975 /* join solicited multicast addr for new host id */ 976 bzero(&llsol, sizeof(struct in6_addr)); 977 llsol.s6_addr32[0] = IPV6_ADDR_INT32_MLL; 978 llsol.s6_addr32[1] = 0; 979 llsol.s6_addr32[2] = htonl(1); 980 llsol.s6_addr32[3] = ifra->ifra_addr.sin6_addr.s6_addr32[3]; 981 llsol.s6_addr8[12] = 0xff; 982 if ((error = in6_setscope(&llsol, ifp, NULL)) != 0) { 983 /* XXX: should not happen */ 984 log(LOG_ERR, "in6_update_ifa: " 985 "in6_setscope failed\n"); 986 goto cleanup; 987 } 988 delay = 0; 989 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 990 /* 991 * We need a random delay for DAD on the address 992 * being configured. It also means delaying 993 * transmission of the corresponding MLD report to 994 * avoid report collision. 995 * [draft-ietf-ipv6-rfc2462bis-02.txt] 996 */ 997 delay = arc4random() % 998 (MAX_RTR_SOLICITATION_DELAY * hz); 999 } 1000 imm = in6_joingroup(ifp, &llsol, &error, delay); 1001 if (imm == NULL) { 1002 nd6log((LOG_WARNING, 1003 "in6_update_ifa: addmulti failed for " 1004 "%s on %s (errno=%d)\n", 1005 ip6_sprintf(ip6buf, &llsol), if_name(ifp), 1006 error)); 1007 goto cleanup; 1008 } 1009 LIST_INSERT_HEAD(&ia->ia6_memberships, 1010 imm, i6mm_chain); 1011 in6m_sol = imm->i6mm_maddr; 1012 1013 bzero(&mltmask, sizeof(mltmask)); 1014 mltmask.sin6_len = sizeof(struct sockaddr_in6); 1015 mltmask.sin6_family = AF_INET6; 1016 mltmask.sin6_addr = in6mask32; 1017 #define MLTMASK_LEN 4 /* mltmask's masklen (=32bit=4octet) */ 1018 1019 /* 1020 * join link-local all-nodes address 1021 */ 1022 bzero(&mltaddr, sizeof(mltaddr)); 1023 mltaddr.sin6_len = sizeof(struct sockaddr_in6); 1024 mltaddr.sin6_family = AF_INET6; 1025 mltaddr.sin6_addr = in6addr_linklocal_allnodes; 1026 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 1027 0) 1028 goto cleanup; /* XXX: should not fail */ 1029 1030 /* 1031 * XXX: do we really need this automatic routes? 1032 * We should probably reconsider this stuff. Most applications 1033 * actually do not need the routes, since they usually specify 1034 * the outgoing interface. 1035 */ 1036 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 1037 if (rt) { 1038 /* XXX: only works in !SCOPEDROUTING case. */ 1039 if (memcmp(&mltaddr.sin6_addr, 1040 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 1041 MLTMASK_LEN)) { 1042 RTFREE_LOCKED(rt); 1043 rt = NULL; 1044 } 1045 } 1046 if (!rt) { 1047 error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr, 1048 (struct sockaddr *)&ia->ia_addr, 1049 (struct sockaddr *)&mltmask, RTF_UP, 1050 (struct rtentry **)0); 1051 if (error) 1052 goto cleanup; 1053 } else { 1054 RTFREE_LOCKED(rt); 1055 } 1056 1057 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0); 1058 if (!imm) { 1059 nd6log((LOG_WARNING, 1060 "in6_update_ifa: addmulti failed for " 1061 "%s on %s (errno=%d)\n", 1062 ip6_sprintf(ip6buf, &mltaddr.sin6_addr), 1063 if_name(ifp), error)); 1064 goto cleanup; 1065 } 1066 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1067 1068 /* 1069 * join node information group address 1070 */ 1071 delay = 0; 1072 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1073 /* 1074 * The spec doesn't say anything about delay for this 1075 * group, but the same logic should apply. 1076 */ 1077 delay = arc4random() % 1078 (MAX_RTR_SOLICITATION_DELAY * hz); 1079 } 1080 if (in6_nigroup(ifp, NULL, -1, &mltaddr.sin6_addr) == 0) { 1081 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 1082 delay); /* XXX jinmei */ 1083 if (!imm) { 1084 nd6log((LOG_WARNING, "in6_update_ifa: " 1085 "addmulti failed for %s on %s " 1086 "(errno=%d)\n", 1087 ip6_sprintf(ip6buf, &mltaddr.sin6_addr), 1088 if_name(ifp), error)); 1089 /* XXX not very fatal, go on... */ 1090 } else { 1091 LIST_INSERT_HEAD(&ia->ia6_memberships, 1092 imm, i6mm_chain); 1093 } 1094 } 1095 1096 /* 1097 * join interface-local all-nodes address. 1098 * (ff01::1%ifN, and ff01::%ifN/32) 1099 */ 1100 mltaddr.sin6_addr = in6addr_nodelocal_allnodes; 1101 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) 1102 != 0) 1103 goto cleanup; /* XXX: should not fail */ 1104 /* XXX: again, do we really need the route? */ 1105 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 1106 if (rt) { 1107 if (memcmp(&mltaddr.sin6_addr, 1108 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 1109 MLTMASK_LEN)) { 1110 RTFREE_LOCKED(rt); 1111 rt = NULL; 1112 } 1113 } 1114 if (!rt) { 1115 error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr, 1116 (struct sockaddr *)&ia->ia_addr, 1117 (struct sockaddr *)&mltmask, RTF_UP, 1118 (struct rtentry **)0); 1119 if (error) 1120 goto cleanup; 1121 } else 1122 RTFREE_LOCKED(rt); 1123 1124 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0); 1125 if (!imm) { 1126 nd6log((LOG_WARNING, "in6_update_ifa: " 1127 "addmulti failed for %s on %s " 1128 "(errno=%d)\n", 1129 ip6_sprintf(ip6buf, &mltaddr.sin6_addr), 1130 if_name(ifp), error)); 1131 goto cleanup; 1132 } 1133 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1134 #undef MLTMASK_LEN 1135 } 1136 1137 /* 1138 * Perform DAD, if needed. 1139 * XXX It may be of use, if we can administratively 1140 * disable DAD. 1141 */ 1142 if (in6if_do_dad(ifp) && ((ifra->ifra_flags & IN6_IFF_NODAD) == 0) && 1143 (ia->ia6_flags & IN6_IFF_TENTATIVE)) 1144 { 1145 int mindelay, maxdelay; 1146 1147 delay = 0; 1148 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1149 /* 1150 * We need to impose a delay before sending an NS 1151 * for DAD. Check if we also needed a delay for the 1152 * corresponding MLD message. If we did, the delay 1153 * should be larger than the MLD delay (this could be 1154 * relaxed a bit, but this simple logic is at least 1155 * safe). 1156 * XXX: Break data hiding guidelines and look at 1157 * state for the solicited multicast group. 1158 */ 1159 mindelay = 0; 1160 if (in6m_sol != NULL && 1161 in6m_sol->in6m_state == MLD_REPORTING_MEMBER) { 1162 mindelay = in6m_sol->in6m_timer; 1163 } 1164 maxdelay = MAX_RTR_SOLICITATION_DELAY * hz; 1165 if (maxdelay - mindelay == 0) 1166 delay = 0; 1167 else { 1168 delay = 1169 (arc4random() % (maxdelay - mindelay)) + 1170 mindelay; 1171 } 1172 } 1173 nd6_dad_start((struct ifaddr *)ia, delay); 1174 } 1175 1176 KASSERT(hostIsNew, ("in6_update_ifa: !hostIsNew")); 1177 ifa_free(&ia->ia_ifa); 1178 return (error); 1179 1180 unlink: 1181 /* 1182 * XXX: if a change of an existing address failed, keep the entry 1183 * anyway. 1184 */ 1185 if (hostIsNew) { 1186 in6_unlink_ifa(ia, ifp); 1187 ifa_free(&ia->ia_ifa); 1188 } 1189 return (error); 1190 1191 cleanup: 1192 KASSERT(hostIsNew, ("in6_update_ifa: cleanup: !hostIsNew")); 1193 ifa_free(&ia->ia_ifa); 1194 in6_purgeaddr(&ia->ia_ifa); 1195 return error; 1196 } 1197 1198 void 1199 in6_purgeaddr(struct ifaddr *ifa) 1200 { 1201 struct ifnet *ifp = ifa->ifa_ifp; 1202 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa; 1203 struct in6_multi_mship *imm; 1204 struct sockaddr_in6 mltaddr, mltmask; 1205 struct rtentry rt0; 1206 struct sockaddr_dl gateway; 1207 struct sockaddr_in6 mask, addr; 1208 int plen, error; 1209 struct rtentry *rt; 1210 struct ifaddr *ifa0; 1211 1212 /* 1213 * find another IPv6 address as the gateway for the 1214 * link-local and node-local all-nodes multicast 1215 * address routes 1216 */ 1217 IF_ADDR_LOCK(ifp); 1218 TAILQ_FOREACH(ifa0, &ifp->if_addrhead, ifa_link) { 1219 if ((ifa0->ifa_addr->sa_family != AF_INET6) || 1220 memcmp(&satosin6(ifa0->ifa_addr)->sin6_addr, 1221 &ia->ia_addr.sin6_addr, 1222 sizeof(struct in6_addr)) == 0) 1223 continue; 1224 else 1225 break; 1226 } 1227 if (ifa0 != NULL) 1228 ifa_ref(ifa0); 1229 IF_ADDR_UNLOCK(ifp); 1230 1231 /* 1232 * Remove the loopback route to the interface address. 1233 * The check for the current setting of "nd6_useloopback" 1234 * is not needed. 1235 */ 1236 if (ia->ia_flags & IFA_RTSELF) { 1237 error = ifa_del_loopback_route((struct ifaddr *)ia, 1238 (struct sockaddr *)&ia->ia_addr); 1239 if (error == 0) 1240 ia->ia_flags &= ~IFA_RTSELF; 1241 } 1242 1243 /* stop DAD processing */ 1244 nd6_dad_stop(ifa); 1245 1246 IF_AFDATA_LOCK(ifp); 1247 lla_lookup(LLTABLE6(ifp), (LLE_DELETE | LLE_IFADDR), 1248 (struct sockaddr *)&ia->ia_addr); 1249 IF_AFDATA_UNLOCK(ifp); 1250 1251 /* 1252 * initialize for rtmsg generation 1253 */ 1254 bzero(&gateway, sizeof(gateway)); 1255 gateway.sdl_len = sizeof(gateway); 1256 gateway.sdl_family = AF_LINK; 1257 gateway.sdl_nlen = 0; 1258 gateway.sdl_alen = ifp->if_addrlen; 1259 /* */ 1260 bzero(&rt0, sizeof(rt0)); 1261 rt0.rt_gateway = (struct sockaddr *)&gateway; 1262 memcpy(&mask, &ia->ia_prefixmask, sizeof(ia->ia_prefixmask)); 1263 memcpy(&addr, &ia->ia_addr, sizeof(ia->ia_addr)); 1264 rt_mask(&rt0) = (struct sockaddr *)&mask; 1265 rt_key(&rt0) = (struct sockaddr *)&addr; 1266 rt0.rt_flags = RTF_HOST | RTF_STATIC; 1267 rt_newaddrmsg(RTM_DELETE, ifa, 0, &rt0); 1268 1269 /* 1270 * leave from multicast groups we have joined for the interface 1271 */ 1272 while ((imm = ia->ia6_memberships.lh_first) != NULL) { 1273 LIST_REMOVE(imm, i6mm_chain); 1274 in6_leavegroup(imm); 1275 } 1276 1277 /* 1278 * remove the link-local all-nodes address 1279 */ 1280 bzero(&mltmask, sizeof(mltmask)); 1281 mltmask.sin6_len = sizeof(struct sockaddr_in6); 1282 mltmask.sin6_family = AF_INET6; 1283 mltmask.sin6_addr = in6mask32; 1284 1285 bzero(&mltaddr, sizeof(mltaddr)); 1286 mltaddr.sin6_len = sizeof(struct sockaddr_in6); 1287 mltaddr.sin6_family = AF_INET6; 1288 mltaddr.sin6_addr = in6addr_linklocal_allnodes; 1289 1290 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0) 1291 goto cleanup; 1292 1293 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 1294 if (rt != NULL && rt->rt_gateway != NULL && 1295 (memcmp(&satosin6(rt->rt_gateway)->sin6_addr, 1296 &ia->ia_addr.sin6_addr, 1297 sizeof(ia->ia_addr.sin6_addr)) == 0)) { 1298 /* 1299 * if no more IPv6 address exists on this interface 1300 * then remove the multicast address route 1301 */ 1302 if (ifa0 == NULL) { 1303 memcpy(&mltaddr.sin6_addr, &satosin6(rt_key(rt))->sin6_addr, 1304 sizeof(mltaddr.sin6_addr)); 1305 RTFREE_LOCKED(rt); 1306 error = rtrequest(RTM_DELETE, (struct sockaddr *)&mltaddr, 1307 (struct sockaddr *)&ia->ia_addr, 1308 (struct sockaddr *)&mltmask, RTF_UP, 1309 (struct rtentry **)0); 1310 if (error) 1311 log(LOG_INFO, "in6_purgeaddr: link-local all-nodes" 1312 "multicast address deletion error\n"); 1313 } else { 1314 /* 1315 * replace the gateway of the route 1316 */ 1317 struct sockaddr_in6 sa; 1318 1319 bzero(&sa, sizeof(sa)); 1320 sa.sin6_len = sizeof(struct sockaddr_in6); 1321 sa.sin6_family = AF_INET6; 1322 memcpy(&sa.sin6_addr, &satosin6(ifa0->ifa_addr)->sin6_addr, 1323 sizeof(sa.sin6_addr)); 1324 in6_setscope(&sa.sin6_addr, ifa0->ifa_ifp, NULL); 1325 memcpy(rt->rt_gateway, &sa, sizeof(sa)); 1326 RTFREE_LOCKED(rt); 1327 } 1328 } else { 1329 if (rt != NULL) 1330 RTFREE_LOCKED(rt); 1331 } 1332 1333 /* 1334 * remove the node-local all-nodes address 1335 */ 1336 mltaddr.sin6_addr = in6addr_nodelocal_allnodes; 1337 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 1338 0) 1339 goto cleanup; 1340 1341 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 1342 if (rt != NULL && rt->rt_gateway != NULL && 1343 (memcmp(&satosin6(rt->rt_gateway)->sin6_addr, 1344 &ia->ia_addr.sin6_addr, 1345 sizeof(ia->ia_addr.sin6_addr)) == 0)) { 1346 /* 1347 * if no more IPv6 address exists on this interface 1348 * then remove the multicast address route 1349 */ 1350 if (ifa0 == NULL) { 1351 memcpy(&mltaddr.sin6_addr, &satosin6(rt_key(rt))->sin6_addr, 1352 sizeof(mltaddr.sin6_addr)); 1353 1354 RTFREE_LOCKED(rt); 1355 error = rtrequest(RTM_DELETE, (struct sockaddr *)&mltaddr, 1356 (struct sockaddr *)&ia->ia_addr, 1357 (struct sockaddr *)&mltmask, RTF_UP, 1358 (struct rtentry **)0); 1359 1360 if (error) 1361 log(LOG_INFO, "in6_purgeaddr: node-local all-nodes" 1362 "multicast address deletion error\n"); 1363 } else { 1364 /* 1365 * replace the gateway of the route 1366 */ 1367 struct sockaddr_in6 sa; 1368 1369 bzero(&sa, sizeof(sa)); 1370 sa.sin6_len = sizeof(struct sockaddr_in6); 1371 sa.sin6_family = AF_INET6; 1372 memcpy(&sa.sin6_addr, &satosin6(ifa0->ifa_addr)->sin6_addr, 1373 sizeof(sa.sin6_addr)); 1374 in6_setscope(&sa.sin6_addr, ifa0->ifa_ifp, NULL); 1375 memcpy(rt->rt_gateway, &sa, sizeof(sa)); 1376 RTFREE_LOCKED(rt); 1377 } 1378 } else { 1379 if (rt != NULL) 1380 RTFREE_LOCKED(rt); 1381 } 1382 1383 cleanup: 1384 if (ifa0 != NULL) 1385 ifa_free(ifa0); 1386 1387 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ 1388 if ((ia->ia_flags & IFA_ROUTE) && plen == 128) { 1389 int error; 1390 struct sockaddr *dstaddr; 1391 1392 /* 1393 * use the interface address if configuring an 1394 * interface address with a /128 prefix len 1395 */ 1396 if (ia->ia_dstaddr.sin6_family == AF_INET6) 1397 dstaddr = (struct sockaddr *)&ia->ia_dstaddr; 1398 else 1399 dstaddr = (struct sockaddr *)&ia->ia_addr; 1400 1401 error = rtrequest(RTM_DELETE, 1402 (struct sockaddr *)dstaddr, 1403 (struct sockaddr *)&ia->ia_addr, 1404 (struct sockaddr *)&ia->ia_prefixmask, 1405 ia->ia_flags | RTF_HOST, NULL); 1406 if (error != 0) 1407 return; 1408 ia->ia_flags &= ~IFA_ROUTE; 1409 } 1410 1411 in6_unlink_ifa(ia, ifp); 1412 } 1413 1414 static void 1415 in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp) 1416 { 1417 int s = splnet(); 1418 1419 IF_ADDR_LOCK(ifp); 1420 TAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifa_link); 1421 IF_ADDR_UNLOCK(ifp); 1422 ifa_free(&ia->ia_ifa); /* if_addrhead */ 1423 1424 /* 1425 * Defer the release of what might be the last reference to the 1426 * in6_ifaddr so that it can't be freed before the remainder of the 1427 * cleanup. 1428 */ 1429 IN6_IFADDR_WLOCK(); 1430 TAILQ_REMOVE(&V_in6_ifaddrhead, ia, ia_link); 1431 IN6_IFADDR_WUNLOCK(); 1432 1433 /* 1434 * Release the reference to the base prefix. There should be a 1435 * positive reference. 1436 */ 1437 if (ia->ia6_ndpr == NULL) { 1438 nd6log((LOG_NOTICE, 1439 "in6_unlink_ifa: autoconf'ed address " 1440 "%p has no prefix\n", ia)); 1441 } else { 1442 ia->ia6_ndpr->ndpr_refcnt--; 1443 ia->ia6_ndpr = NULL; 1444 } 1445 1446 /* 1447 * Also, if the address being removed is autoconf'ed, call 1448 * pfxlist_onlink_check() since the release might affect the status of 1449 * other (detached) addresses. 1450 */ 1451 if ((ia->ia6_flags & IN6_IFF_AUTOCONF)) { 1452 pfxlist_onlink_check(); 1453 } 1454 ifa_free(&ia->ia_ifa); /* in6_ifaddrhead */ 1455 splx(s); 1456 } 1457 1458 void 1459 in6_purgeif(struct ifnet *ifp) 1460 { 1461 struct ifaddr *ifa, *nifa; 1462 1463 TAILQ_FOREACH_SAFE(ifa, &ifp->if_addrhead, ifa_link, nifa) { 1464 if (ifa->ifa_addr->sa_family != AF_INET6) 1465 continue; 1466 in6_purgeaddr(ifa); 1467 } 1468 1469 in6_ifdetach(ifp); 1470 } 1471 1472 /* 1473 * SIOC[GAD]LIFADDR. 1474 * SIOCGLIFADDR: get first address. (?) 1475 * SIOCGLIFADDR with IFLR_PREFIX: 1476 * get first address that matches the specified prefix. 1477 * SIOCALIFADDR: add the specified address. 1478 * SIOCALIFADDR with IFLR_PREFIX: 1479 * add the specified prefix, filling hostid part from 1480 * the first link-local address. prefixlen must be <= 64. 1481 * SIOCDLIFADDR: delete the specified address. 1482 * SIOCDLIFADDR with IFLR_PREFIX: 1483 * delete the first address that matches the specified prefix. 1484 * return values: 1485 * EINVAL on invalid parameters 1486 * EADDRNOTAVAIL on prefix match failed/specified address not found 1487 * other values may be returned from in6_ioctl() 1488 * 1489 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64. 1490 * this is to accomodate address naming scheme other than RFC2374, 1491 * in the future. 1492 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374 1493 * address encoding scheme. (see figure on page 8) 1494 */ 1495 static int 1496 in6_lifaddr_ioctl(struct socket *so, u_long cmd, caddr_t data, 1497 struct ifnet *ifp, struct thread *td) 1498 { 1499 struct if_laddrreq *iflr = (struct if_laddrreq *)data; 1500 struct ifaddr *ifa; 1501 struct sockaddr *sa; 1502 1503 /* sanity checks */ 1504 if (!data || !ifp) { 1505 panic("invalid argument to in6_lifaddr_ioctl"); 1506 /* NOTREACHED */ 1507 } 1508 1509 switch (cmd) { 1510 case SIOCGLIFADDR: 1511 /* address must be specified on GET with IFLR_PREFIX */ 1512 if ((iflr->flags & IFLR_PREFIX) == 0) 1513 break; 1514 /* FALLTHROUGH */ 1515 case SIOCALIFADDR: 1516 case SIOCDLIFADDR: 1517 /* address must be specified on ADD and DELETE */ 1518 sa = (struct sockaddr *)&iflr->addr; 1519 if (sa->sa_family != AF_INET6) 1520 return EINVAL; 1521 if (sa->sa_len != sizeof(struct sockaddr_in6)) 1522 return EINVAL; 1523 /* XXX need improvement */ 1524 sa = (struct sockaddr *)&iflr->dstaddr; 1525 if (sa->sa_family && sa->sa_family != AF_INET6) 1526 return EINVAL; 1527 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6)) 1528 return EINVAL; 1529 break; 1530 default: /* shouldn't happen */ 1531 #if 0 1532 panic("invalid cmd to in6_lifaddr_ioctl"); 1533 /* NOTREACHED */ 1534 #else 1535 return EOPNOTSUPP; 1536 #endif 1537 } 1538 if (sizeof(struct in6_addr) * 8 < iflr->prefixlen) 1539 return EINVAL; 1540 1541 switch (cmd) { 1542 case SIOCALIFADDR: 1543 { 1544 struct in6_aliasreq ifra; 1545 struct in6_addr *hostid = NULL; 1546 int prefixlen; 1547 1548 ifa = NULL; 1549 if ((iflr->flags & IFLR_PREFIX) != 0) { 1550 struct sockaddr_in6 *sin6; 1551 1552 /* 1553 * hostid is to fill in the hostid part of the 1554 * address. hostid points to the first link-local 1555 * address attached to the interface. 1556 */ 1557 ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 0); 1558 if (!ifa) 1559 return EADDRNOTAVAIL; 1560 hostid = IFA_IN6(ifa); 1561 1562 /* prefixlen must be <= 64. */ 1563 if (64 < iflr->prefixlen) { 1564 if (ifa != NULL) 1565 ifa_free(ifa); 1566 return EINVAL; 1567 } 1568 prefixlen = iflr->prefixlen; 1569 1570 /* hostid part must be zero. */ 1571 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1572 if (sin6->sin6_addr.s6_addr32[2] != 0 || 1573 sin6->sin6_addr.s6_addr32[3] != 0) { 1574 if (ifa != NULL) 1575 ifa_free(ifa); 1576 return EINVAL; 1577 } 1578 } else 1579 prefixlen = iflr->prefixlen; 1580 1581 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */ 1582 bzero(&ifra, sizeof(ifra)); 1583 bcopy(iflr->iflr_name, ifra.ifra_name, sizeof(ifra.ifra_name)); 1584 1585 bcopy(&iflr->addr, &ifra.ifra_addr, 1586 ((struct sockaddr *)&iflr->addr)->sa_len); 1587 if (hostid) { 1588 /* fill in hostid part */ 1589 ifra.ifra_addr.sin6_addr.s6_addr32[2] = 1590 hostid->s6_addr32[2]; 1591 ifra.ifra_addr.sin6_addr.s6_addr32[3] = 1592 hostid->s6_addr32[3]; 1593 } 1594 1595 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /* XXX */ 1596 bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr, 1597 ((struct sockaddr *)&iflr->dstaddr)->sa_len); 1598 if (hostid) { 1599 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] = 1600 hostid->s6_addr32[2]; 1601 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] = 1602 hostid->s6_addr32[3]; 1603 } 1604 } 1605 if (ifa != NULL) 1606 ifa_free(ifa); 1607 1608 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6); 1609 in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen); 1610 1611 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX; 1612 return in6_control(so, SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp, td); 1613 } 1614 case SIOCGLIFADDR: 1615 case SIOCDLIFADDR: 1616 { 1617 struct in6_ifaddr *ia; 1618 struct in6_addr mask, candidate, match; 1619 struct sockaddr_in6 *sin6; 1620 int cmp; 1621 1622 bzero(&mask, sizeof(mask)); 1623 if (iflr->flags & IFLR_PREFIX) { 1624 /* lookup a prefix rather than address. */ 1625 in6_prefixlen2mask(&mask, iflr->prefixlen); 1626 1627 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1628 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1629 match.s6_addr32[0] &= mask.s6_addr32[0]; 1630 match.s6_addr32[1] &= mask.s6_addr32[1]; 1631 match.s6_addr32[2] &= mask.s6_addr32[2]; 1632 match.s6_addr32[3] &= mask.s6_addr32[3]; 1633 1634 /* if you set extra bits, that's wrong */ 1635 if (bcmp(&match, &sin6->sin6_addr, sizeof(match))) 1636 return EINVAL; 1637 1638 cmp = 1; 1639 } else { 1640 if (cmd == SIOCGLIFADDR) { 1641 /* on getting an address, take the 1st match */ 1642 cmp = 0; /* XXX */ 1643 } else { 1644 /* on deleting an address, do exact match */ 1645 in6_prefixlen2mask(&mask, 128); 1646 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1647 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1648 1649 cmp = 1; 1650 } 1651 } 1652 1653 IF_ADDR_LOCK(ifp); 1654 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1655 if (ifa->ifa_addr->sa_family != AF_INET6) 1656 continue; 1657 if (!cmp) 1658 break; 1659 1660 /* 1661 * XXX: this is adhoc, but is necessary to allow 1662 * a user to specify fe80::/64 (not /10) for a 1663 * link-local address. 1664 */ 1665 bcopy(IFA_IN6(ifa), &candidate, sizeof(candidate)); 1666 in6_clearscope(&candidate); 1667 candidate.s6_addr32[0] &= mask.s6_addr32[0]; 1668 candidate.s6_addr32[1] &= mask.s6_addr32[1]; 1669 candidate.s6_addr32[2] &= mask.s6_addr32[2]; 1670 candidate.s6_addr32[3] &= mask.s6_addr32[3]; 1671 if (IN6_ARE_ADDR_EQUAL(&candidate, &match)) 1672 break; 1673 } 1674 if (ifa != NULL) 1675 ifa_ref(ifa); 1676 IF_ADDR_UNLOCK(ifp); 1677 if (!ifa) 1678 return EADDRNOTAVAIL; 1679 ia = ifa2ia6(ifa); 1680 1681 if (cmd == SIOCGLIFADDR) { 1682 int error; 1683 1684 /* fill in the if_laddrreq structure */ 1685 bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin6_len); 1686 error = sa6_recoverscope( 1687 (struct sockaddr_in6 *)&iflr->addr); 1688 if (error != 0) { 1689 ifa_free(ifa); 1690 return (error); 1691 } 1692 1693 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1694 bcopy(&ia->ia_dstaddr, &iflr->dstaddr, 1695 ia->ia_dstaddr.sin6_len); 1696 error = sa6_recoverscope( 1697 (struct sockaddr_in6 *)&iflr->dstaddr); 1698 if (error != 0) { 1699 ifa_free(ifa); 1700 return (error); 1701 } 1702 } else 1703 bzero(&iflr->dstaddr, sizeof(iflr->dstaddr)); 1704 1705 iflr->prefixlen = 1706 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 1707 1708 iflr->flags = ia->ia6_flags; /* XXX */ 1709 ifa_free(ifa); 1710 1711 return 0; 1712 } else { 1713 struct in6_aliasreq ifra; 1714 1715 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */ 1716 bzero(&ifra, sizeof(ifra)); 1717 bcopy(iflr->iflr_name, ifra.ifra_name, 1718 sizeof(ifra.ifra_name)); 1719 1720 bcopy(&ia->ia_addr, &ifra.ifra_addr, 1721 ia->ia_addr.sin6_len); 1722 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1723 bcopy(&ia->ia_dstaddr, &ifra.ifra_dstaddr, 1724 ia->ia_dstaddr.sin6_len); 1725 } else { 1726 bzero(&ifra.ifra_dstaddr, 1727 sizeof(ifra.ifra_dstaddr)); 1728 } 1729 bcopy(&ia->ia_prefixmask, &ifra.ifra_dstaddr, 1730 ia->ia_prefixmask.sin6_len); 1731 1732 ifra.ifra_flags = ia->ia6_flags; 1733 ifa_free(ifa); 1734 return in6_control(so, SIOCDIFADDR_IN6, (caddr_t)&ifra, 1735 ifp, td); 1736 } 1737 } 1738 } 1739 1740 return EOPNOTSUPP; /* just for safety */ 1741 } 1742 1743 /* 1744 * Initialize an interface's intetnet6 address 1745 * and routing table entry. 1746 */ 1747 static int 1748 in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia, 1749 struct sockaddr_in6 *sin6, int newhost) 1750 { 1751 int error = 0, plen, ifacount = 0; 1752 int s = splimp(); 1753 struct ifaddr *ifa; 1754 1755 /* 1756 * Give the interface a chance to initialize 1757 * if this is its first address, 1758 * and to validate the address if necessary. 1759 */ 1760 IF_ADDR_LOCK(ifp); 1761 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1762 if (ifa->ifa_addr->sa_family != AF_INET6) 1763 continue; 1764 ifacount++; 1765 } 1766 IF_ADDR_UNLOCK(ifp); 1767 1768 ia->ia_addr = *sin6; 1769 1770 if (ifacount <= 1 && ifp->if_ioctl) { 1771 error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia); 1772 if (error) { 1773 splx(s); 1774 return (error); 1775 } 1776 } 1777 splx(s); 1778 1779 ia->ia_ifa.ifa_metric = ifp->if_metric; 1780 1781 /* we could do in(6)_socktrim here, but just omit it at this moment. */ 1782 1783 /* 1784 * Special case: 1785 * If a new destination address is specified for a point-to-point 1786 * interface, install a route to the destination as an interface 1787 * direct route. 1788 * XXX: the logic below rejects assigning multiple addresses on a p2p 1789 * interface that share the same destination. 1790 */ 1791 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ 1792 if (!(ia->ia_flags & IFA_ROUTE) && plen == 128 && 1793 ia->ia_dstaddr.sin6_family == AF_INET6) { 1794 int rtflags = RTF_UP | RTF_HOST; 1795 1796 error = rtrequest(RTM_ADD, 1797 (struct sockaddr *)&ia->ia_dstaddr, 1798 (struct sockaddr *)&ia->ia_addr, 1799 (struct sockaddr *)&ia->ia_prefixmask, 1800 ia->ia_flags | rtflags, NULL); 1801 if (error != 0) 1802 return (error); 1803 ia->ia_flags |= IFA_ROUTE; 1804 /* 1805 * Handle the case for ::1 . 1806 */ 1807 if (ifp->if_flags & IFF_LOOPBACK) 1808 ia->ia_flags |= IFA_RTSELF; 1809 } 1810 1811 /* 1812 * add a loopback route to self 1813 */ 1814 if (!(ia->ia_flags & IFA_RTSELF) && V_nd6_useloopback) { 1815 error = ifa_add_loopback_route((struct ifaddr *)ia, 1816 (struct sockaddr *)&ia->ia_addr); 1817 if (error == 0) 1818 ia->ia_flags |= IFA_RTSELF; 1819 } 1820 1821 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */ 1822 if (newhost) { 1823 struct llentry *ln; 1824 struct rtentry rt; 1825 struct sockaddr_dl gateway; 1826 struct sockaddr_in6 mask, addr; 1827 1828 IF_AFDATA_LOCK(ifp); 1829 ia->ia_ifa.ifa_rtrequest = nd6_rtrequest; 1830 ln = lla_lookup(LLTABLE6(ifp), (LLE_CREATE | LLE_IFADDR | LLE_EXCLUSIVE), 1831 (struct sockaddr *)&ia->ia_addr); 1832 IF_AFDATA_UNLOCK(ifp); 1833 if (ln != NULL) { 1834 ln->la_expire = 0; /* for IPv6 this means permanent */ 1835 ln->ln_state = ND6_LLINFO_REACHABLE; 1836 /* 1837 * initialize for rtmsg generation 1838 */ 1839 bzero(&gateway, sizeof(gateway)); 1840 gateway.sdl_len = sizeof(gateway); 1841 gateway.sdl_family = AF_LINK; 1842 gateway.sdl_nlen = 0; 1843 gateway.sdl_alen = 6; 1844 memcpy(gateway.sdl_data, &ln->ll_addr.mac_aligned, sizeof(ln->ll_addr)); 1845 /* */ 1846 LLE_WUNLOCK(ln); 1847 } 1848 1849 bzero(&rt, sizeof(rt)); 1850 rt.rt_gateway = (struct sockaddr *)&gateway; 1851 memcpy(&mask, &ia->ia_prefixmask, sizeof(ia->ia_prefixmask)); 1852 memcpy(&addr, &ia->ia_addr, sizeof(ia->ia_addr)); 1853 rt_mask(&rt) = (struct sockaddr *)&mask; 1854 rt_key(&rt) = (struct sockaddr *)&addr; 1855 rt.rt_flags = RTF_UP | RTF_HOST | RTF_STATIC; 1856 rt_newaddrmsg(RTM_ADD, &ia->ia_ifa, 0, &rt); 1857 } 1858 1859 return (error); 1860 } 1861 1862 /* 1863 * Find an IPv6 interface link-local address specific to an interface. 1864 * ifaddr is returned referenced. 1865 */ 1866 struct in6_ifaddr * 1867 in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags) 1868 { 1869 struct ifaddr *ifa; 1870 1871 IF_ADDR_LOCK(ifp); 1872 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1873 if (ifa->ifa_addr->sa_family != AF_INET6) 1874 continue; 1875 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) { 1876 if ((((struct in6_ifaddr *)ifa)->ia6_flags & 1877 ignoreflags) != 0) 1878 continue; 1879 ifa_ref(ifa); 1880 break; 1881 } 1882 } 1883 IF_ADDR_UNLOCK(ifp); 1884 1885 return ((struct in6_ifaddr *)ifa); 1886 } 1887 1888 1889 /* 1890 * find the internet address corresponding to a given interface and address. 1891 * ifaddr is returned referenced. 1892 */ 1893 struct in6_ifaddr * 1894 in6ifa_ifpwithaddr(struct ifnet *ifp, struct in6_addr *addr) 1895 { 1896 struct ifaddr *ifa; 1897 1898 IF_ADDR_LOCK(ifp); 1899 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1900 if (ifa->ifa_addr->sa_family != AF_INET6) 1901 continue; 1902 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) { 1903 ifa_ref(ifa); 1904 break; 1905 } 1906 } 1907 IF_ADDR_UNLOCK(ifp); 1908 1909 return ((struct in6_ifaddr *)ifa); 1910 } 1911 1912 /* 1913 * Convert IP6 address to printable (loggable) representation. Caller 1914 * has to make sure that ip6buf is at least INET6_ADDRSTRLEN long. 1915 */ 1916 static char digits[] = "0123456789abcdef"; 1917 char * 1918 ip6_sprintf(char *ip6buf, const struct in6_addr *addr) 1919 { 1920 int i; 1921 char *cp; 1922 const u_int16_t *a = (const u_int16_t *)addr; 1923 const u_int8_t *d; 1924 int dcolon = 0, zero = 0; 1925 1926 cp = ip6buf; 1927 1928 for (i = 0; i < 8; i++) { 1929 if (dcolon == 1) { 1930 if (*a == 0) { 1931 if (i == 7) 1932 *cp++ = ':'; 1933 a++; 1934 continue; 1935 } else 1936 dcolon = 2; 1937 } 1938 if (*a == 0) { 1939 if (dcolon == 0 && *(a + 1) == 0) { 1940 if (i == 0) 1941 *cp++ = ':'; 1942 *cp++ = ':'; 1943 dcolon = 1; 1944 } else { 1945 *cp++ = ''; 1946 *cp++ = ':'; 1947 } 1948 a++; 1949 continue; 1950 } 1951 d = (const u_char *)a; 1952 /* Try to eliminate leading zeros in printout like in :0001. */ 1953 zero = 1; 1954 *cp = digits[*d >> 4]; 1955 if (*cp != '') { 1956 zero = 0; 1957 cp++; 1958 } 1959 *cp = digits[*d++ & 0xf]; 1960 if (zero == 0 || (*cp != '')) { 1961 zero = 0; 1962 cp++; 1963 } 1964 *cp = digits[*d >> 4]; 1965 if (zero == 0 || (*cp != '')) { 1966 zero = 0; 1967 cp++; 1968 } 1969 *cp++ = digits[*d & 0xf]; 1970 *cp++ = ':'; 1971 a++; 1972 } 1973 *--cp = '\0'; 1974 return (ip6buf); 1975 } 1976 1977 int 1978 in6_localaddr(struct in6_addr *in6) 1979 { 1980 struct in6_ifaddr *ia; 1981 1982 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6)) 1983 return 1; 1984 1985 IN6_IFADDR_RLOCK(); 1986 TAILQ_FOREACH(ia, &V_in6_ifaddrhead, ia_link) { 1987 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr, 1988 &ia->ia_prefixmask.sin6_addr)) { 1989 IN6_IFADDR_RUNLOCK(); 1990 return 1; 1991 } 1992 } 1993 IN6_IFADDR_RUNLOCK(); 1994 1995 return (0); 1996 } 1997 1998 int 1999 in6_is_addr_deprecated(struct sockaddr_in6 *sa6) 2000 { 2001 struct in6_ifaddr *ia; 2002 2003 IN6_IFADDR_RLOCK(); 2004 TAILQ_FOREACH(ia, &V_in6_ifaddrhead, ia_link) { 2005 if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, 2006 &sa6->sin6_addr) && 2007 (ia->ia6_flags & IN6_IFF_DEPRECATED) != 0) { 2008 IN6_IFADDR_RUNLOCK(); 2009 return (1); /* true */ 2010 } 2011 2012 /* XXX: do we still have to go thru the rest of the list? */ 2013 } 2014 IN6_IFADDR_RUNLOCK(); 2015 2016 return (0); /* false */ 2017 } 2018 2019 /* 2020 * return length of part which dst and src are equal 2021 * hard coding... 2022 */ 2023 int 2024 in6_matchlen(struct in6_addr *src, struct in6_addr *dst) 2025 { 2026 int match = 0; 2027 u_char *s = (u_char *)src, *d = (u_char *)dst; 2028 u_char *lim = s + 16, r; 2029 2030 while (s < lim) 2031 if ((r = (*d++ ^ *s++)) != 0) { 2032 while (r < 128) { 2033 match++; 2034 r <<= 1; 2035 } 2036 break; 2037 } else 2038 match += 8; 2039 return match; 2040 } 2041 2042 /* XXX: to be scope conscious */ 2043 int 2044 in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len) 2045 { 2046 int bytelen, bitlen; 2047 2048 /* sanity check */ 2049 if (0 > len || len > 128) { 2050 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n", 2051 len); 2052 return (0); 2053 } 2054 2055 bytelen = len / 8; 2056 bitlen = len % 8; 2057 2058 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen)) 2059 return (0); 2060 if (bitlen != 0 && 2061 p1->s6_addr[bytelen] >> (8 - bitlen) != 2062 p2->s6_addr[bytelen] >> (8 - bitlen)) 2063 return (0); 2064 2065 return (1); 2066 } 2067 2068 void 2069 in6_prefixlen2mask(struct in6_addr *maskp, int len) 2070 { 2071 u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff}; 2072 int bytelen, bitlen, i; 2073 2074 /* sanity check */ 2075 if (0 > len || len > 128) { 2076 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n", 2077 len); 2078 return; 2079 } 2080 2081 bzero(maskp, sizeof(*maskp)); 2082 bytelen = len / 8; 2083 bitlen = len % 8; 2084 for (i = 0; i < bytelen; i++) 2085 maskp->s6_addr[i] = 0xff; 2086 if (bitlen) 2087 maskp->s6_addr[bytelen] = maskarray[bitlen - 1]; 2088 } 2089 2090 /* 2091 * return the best address out of the same scope. if no address was 2092 * found, return the first valid address from designated IF. 2093 */ 2094 struct in6_ifaddr * 2095 in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst) 2096 { 2097 int dst_scope = in6_addrscope(dst), blen = -1, tlen; 2098 struct ifaddr *ifa; 2099 struct in6_ifaddr *besta = 0; 2100 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */ 2101 2102 dep[0] = dep[1] = NULL; 2103 2104 /* 2105 * We first look for addresses in the same scope. 2106 * If there is one, return it. 2107 * If two or more, return one which matches the dst longest. 2108 * If none, return one of global addresses assigned other ifs. 2109 */ 2110 IF_ADDR_LOCK(ifp); 2111 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 2112 if (ifa->ifa_addr->sa_family != AF_INET6) 2113 continue; 2114 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2115 continue; /* XXX: is there any case to allow anycast? */ 2116 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2117 continue; /* don't use this interface */ 2118 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2119 continue; 2120 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2121 if (V_ip6_use_deprecated) 2122 dep[0] = (struct in6_ifaddr *)ifa; 2123 continue; 2124 } 2125 2126 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) { 2127 /* 2128 * call in6_matchlen() as few as possible 2129 */ 2130 if (besta) { 2131 if (blen == -1) 2132 blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst); 2133 tlen = in6_matchlen(IFA_IN6(ifa), dst); 2134 if (tlen > blen) { 2135 blen = tlen; 2136 besta = (struct in6_ifaddr *)ifa; 2137 } 2138 } else 2139 besta = (struct in6_ifaddr *)ifa; 2140 } 2141 } 2142 if (besta) { 2143 ifa_ref(&besta->ia_ifa); 2144 IF_ADDR_UNLOCK(ifp); 2145 return (besta); 2146 } 2147 2148 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 2149 if (ifa->ifa_addr->sa_family != AF_INET6) 2150 continue; 2151 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2152 continue; /* XXX: is there any case to allow anycast? */ 2153 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2154 continue; /* don't use this interface */ 2155 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2156 continue; 2157 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2158 if (V_ip6_use_deprecated) 2159 dep[1] = (struct in6_ifaddr *)ifa; 2160 continue; 2161 } 2162 2163 if (ifa != NULL) 2164 ifa_ref(ifa); 2165 IF_ADDR_UNLOCK(ifp); 2166 return (struct in6_ifaddr *)ifa; 2167 } 2168 2169 /* use the last-resort values, that are, deprecated addresses */ 2170 if (dep[0]) { 2171 ifa_ref((struct ifaddr *)dep[0]); 2172 IF_ADDR_UNLOCK(ifp); 2173 return dep[0]; 2174 } 2175 if (dep[1]) { 2176 ifa_ref((struct ifaddr *)dep[1]); 2177 IF_ADDR_UNLOCK(ifp); 2178 return dep[1]; 2179 } 2180 2181 IF_ADDR_UNLOCK(ifp); 2182 return NULL; 2183 } 2184 2185 /* 2186 * perform DAD when interface becomes IFF_UP. 2187 */ 2188 void 2189 in6_if_up(struct ifnet *ifp) 2190 { 2191 struct ifaddr *ifa; 2192 struct in6_ifaddr *ia; 2193 2194 IF_ADDR_LOCK(ifp); 2195 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 2196 if (ifa->ifa_addr->sa_family != AF_INET6) 2197 continue; 2198 ia = (struct in6_ifaddr *)ifa; 2199 if (ia->ia6_flags & IN6_IFF_TENTATIVE) { 2200 /* 2201 * The TENTATIVE flag was likely set by hand 2202 * beforehand, implicitly indicating the need for DAD. 2203 * We may be able to skip the random delay in this 2204 * case, but we impose delays just in case. 2205 */ 2206 nd6_dad_start(ifa, 2207 arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz)); 2208 } 2209 } 2210 IF_ADDR_UNLOCK(ifp); 2211 2212 /* 2213 * special cases, like 6to4, are handled in in6_ifattach 2214 */ 2215 in6_ifattach(ifp, NULL); 2216 } 2217 2218 int 2219 in6if_do_dad(struct ifnet *ifp) 2220 { 2221 if ((ifp->if_flags & IFF_LOOPBACK) != 0) 2222 return (0); 2223 2224 switch (ifp->if_type) { 2225 #ifdef IFT_DUMMY 2226 case IFT_DUMMY: 2227 #endif 2228 case IFT_FAITH: 2229 /* 2230 * These interfaces do not have the IFF_LOOPBACK flag, 2231 * but loop packets back. We do not have to do DAD on such 2232 * interfaces. We should even omit it, because loop-backed 2233 * NS would confuse the DAD procedure. 2234 */ 2235 return (0); 2236 default: 2237 /* 2238 * Our DAD routine requires the interface up and running. 2239 * However, some interfaces can be up before the RUNNING 2240 * status. Additionaly, users may try to assign addresses 2241 * before the interface becomes up (or running). 2242 * We simply skip DAD in such a case as a work around. 2243 * XXX: we should rather mark "tentative" on such addresses, 2244 * and do DAD after the interface becomes ready. 2245 */ 2246 if (!((ifp->if_flags & IFF_UP) && 2247 (ifp->if_drv_flags & IFF_DRV_RUNNING))) 2248 return (0); 2249 2250 return (1); 2251 } 2252 } 2253 2254 /* 2255 * Calculate max IPv6 MTU through all the interfaces and store it 2256 * to in6_maxmtu. 2257 */ 2258 void 2259 in6_setmaxmtu(void) 2260 { 2261 unsigned long maxmtu = 0; 2262 struct ifnet *ifp; 2263 2264 IFNET_RLOCK_NOSLEEP(); 2265 for (ifp = TAILQ_FIRST(&V_ifnet); ifp; 2266 ifp = TAILQ_NEXT(ifp, if_list)) { 2267 /* this function can be called during ifnet initialization */ 2268 if (!ifp->if_afdata[AF_INET6]) 2269 continue; 2270 if ((ifp->if_flags & IFF_LOOPBACK) == 0 && 2271 IN6_LINKMTU(ifp) > maxmtu) 2272 maxmtu = IN6_LINKMTU(ifp); 2273 } 2274 IFNET_RUNLOCK_NOSLEEP(); 2275 if (maxmtu) /* update only when maxmtu is positive */ 2276 V_in6_maxmtu = maxmtu; 2277 } 2278 2279 /* 2280 * Provide the length of interface identifiers to be used for the link attached 2281 * to the given interface. The length should be defined in "IPv6 over 2282 * xxx-link" document. Note that address architecture might also define 2283 * the length for a particular set of address prefixes, regardless of the 2284 * link type. As clarified in rfc2462bis, those two definitions should be 2285 * consistent, and those really are as of August 2004. 2286 */ 2287 int 2288 in6_if2idlen(struct ifnet *ifp) 2289 { 2290 switch (ifp->if_type) { 2291 case IFT_ETHER: /* RFC2464 */ 2292 #ifdef IFT_PROPVIRTUAL 2293 case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */ 2294 #endif 2295 #ifdef IFT_L2VLAN 2296 case IFT_L2VLAN: /* ditto */ 2297 #endif 2298 #ifdef IFT_IEEE80211 2299 case IFT_IEEE80211: /* ditto */ 2300 #endif 2301 #ifdef IFT_MIP 2302 case IFT_MIP: /* ditto */ 2303 #endif 2304 return (64); 2305 case IFT_FDDI: /* RFC2467 */ 2306 return (64); 2307 case IFT_ISO88025: /* RFC2470 (IPv6 over Token Ring) */ 2308 return (64); 2309 case IFT_PPP: /* RFC2472 */ 2310 return (64); 2311 case IFT_ARCNET: /* RFC2497 */ 2312 return (64); 2313 case IFT_FRELAY: /* RFC2590 */ 2314 return (64); 2315 case IFT_IEEE1394: /* RFC3146 */ 2316 return (64); 2317 case IFT_GIF: 2318 return (64); /* draft-ietf-v6ops-mech-v2-07 */ 2319 case IFT_LOOP: 2320 return (64); /* XXX: is this really correct? */ 2321 default: 2322 /* 2323 * Unknown link type: 2324 * It might be controversial to use the today's common constant 2325 * of 64 for these cases unconditionally. For full compliance, 2326 * we should return an error in this case. On the other hand, 2327 * if we simply miss the standard for the link type or a new 2328 * standard is defined for a new link type, the IFID length 2329 * is very likely to be the common constant. As a compromise, 2330 * we always use the constant, but make an explicit notice 2331 * indicating the "unknown" case. 2332 */ 2333 printf("in6_if2idlen: unknown link type (%d)\n", ifp->if_type); 2334 return (64); 2335 } 2336 } 2337 2338 #include <sys/sysctl.h> 2339 2340 struct in6_llentry { 2341 struct llentry base; 2342 struct sockaddr_in6 l3_addr6; 2343 }; 2344 2345 static struct llentry * 2346 in6_lltable_new(const struct sockaddr *l3addr, u_int flags) 2347 { 2348 struct in6_llentry *lle; 2349 2350 lle = malloc(sizeof(struct in6_llentry), M_LLTABLE, 2351 M_DONTWAIT | M_ZERO); 2352 if (lle == NULL) /* NB: caller generates msg */ 2353 return NULL; 2354 2355 lle->l3_addr6 = *(const struct sockaddr_in6 *)l3addr; 2356 lle->base.lle_refcnt = 1; 2357 LLE_LOCK_INIT(&lle->base); 2358 callout_init_rw(&lle->base.ln_timer_ch, &lle->base.lle_lock, 2359 CALLOUT_RETURNUNLOCKED); 2360 2361 return &lle->base; 2362 } 2363 2364 /* 2365 * Deletes an address from the address table. 2366 * This function is called by the timer functions 2367 * such as arptimer() and nd6_llinfo_timer(), and 2368 * the caller does the locking. 2369 */ 2370 static void 2371 in6_lltable_free(struct lltable *llt, struct llentry *lle) 2372 { 2373 LLE_WUNLOCK(lle); 2374 LLE_LOCK_DESTROY(lle); 2375 free(lle, M_LLTABLE); 2376 } 2377 2378 static void 2379 in6_lltable_prefix_free(struct lltable *llt, 2380 const struct sockaddr *prefix, 2381 const struct sockaddr *mask, 2382 u_int flags) 2383 { 2384 const struct sockaddr_in6 *pfx = (const struct sockaddr_in6 *)prefix; 2385 const struct sockaddr_in6 *msk = (const struct sockaddr_in6 *)mask; 2386 struct llentry *lle, *next; 2387 register int i; 2388 2389 /* 2390 * (flags & LLE_STATIC) means deleting all entries 2391 * including static ND6 entries 2392 */ 2393 for (i=0; i < LLTBL_HASHTBL_SIZE; i++) { 2394 LIST_FOREACH_SAFE(lle, &llt->lle_head[i], lle_next, next) { 2395 if (IN6_ARE_MASKED_ADDR_EQUAL( 2396 &((struct sockaddr_in6 *)L3_ADDR(lle))->sin6_addr, 2397 &pfx->sin6_addr, 2398 &msk->sin6_addr) && 2399 ((flags & LLE_STATIC) || !(lle->la_flags & LLE_STATIC))) { 2400 int canceled; 2401 2402 canceled = callout_drain(&lle->la_timer); 2403 LLE_WLOCK(lle); 2404 if (canceled) 2405 LLE_REMREF(lle); 2406 llentry_free(lle); 2407 } 2408 } 2409 } 2410 } 2411 2412 static int 2413 in6_lltable_rtcheck(struct ifnet *ifp, 2414 u_int flags, 2415 const struct sockaddr *l3addr) 2416 { 2417 struct rtentry *rt; 2418 char ip6buf[INET6_ADDRSTRLEN]; 2419 2420 KASSERT(l3addr->sa_family == AF_INET6, 2421 ("sin_family %d", l3addr->sa_family)); 2422 2423 /* XXX rtalloc1 should take a const param */ 2424 rt = rtalloc1(__DECONST(struct sockaddr *, l3addr), 0, 0); 2425 if (rt == NULL || (rt->rt_flags & RTF_GATEWAY) || rt->rt_ifp != ifp) { 2426 struct ifaddr *ifa; 2427 /* 2428 * Create an ND6 cache for an IPv6 neighbor 2429 * that is not covered by our own prefix. 2430 */ 2431 /* XXX ifaof_ifpforaddr should take a const param */ 2432 ifa = ifaof_ifpforaddr(__DECONST(struct sockaddr *, l3addr), ifp); 2433 if (ifa != NULL) { 2434 ifa_free(ifa); 2435 if (rt != NULL) 2436 RTFREE_LOCKED(rt); 2437 return 0; 2438 } 2439 log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n", 2440 ip6_sprintf(ip6buf, &((const struct sockaddr_in6 *)l3addr)->sin6_addr)); 2441 if (rt != NULL) 2442 RTFREE_LOCKED(rt); 2443 return EINVAL; 2444 } 2445 RTFREE_LOCKED(rt); 2446 return 0; 2447 } 2448 2449 static struct llentry * 2450 in6_lltable_lookup(struct lltable *llt, u_int flags, 2451 const struct sockaddr *l3addr) 2452 { 2453 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr; 2454 struct ifnet *ifp = llt->llt_ifp; 2455 struct llentry *lle; 2456 struct llentries *lleh; 2457 u_int hashkey; 2458 2459 IF_AFDATA_LOCK_ASSERT(ifp); 2460 KASSERT(l3addr->sa_family == AF_INET6, 2461 ("sin_family %d", l3addr->sa_family)); 2462 2463 hashkey = sin6->sin6_addr.s6_addr32[3]; 2464 lleh = &llt->lle_head[LLATBL_HASH(hashkey, LLTBL_HASHMASK)]; 2465 LIST_FOREACH(lle, lleh, lle_next) { 2466 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)L3_ADDR(lle); 2467 if (lle->la_flags & LLE_DELETED) 2468 continue; 2469 if (bcmp(&sa6->sin6_addr, &sin6->sin6_addr, 2470 sizeof(struct in6_addr)) == 0) 2471 break; 2472 } 2473 2474 if (lle == NULL) { 2475 if (!(flags & LLE_CREATE)) 2476 return (NULL); 2477 /* 2478 * A route that covers the given address must have 2479 * been installed 1st because we are doing a resolution, 2480 * verify this. 2481 */ 2482 if (!(flags & LLE_IFADDR) && 2483 in6_lltable_rtcheck(ifp, flags, l3addr) != 0) 2484 return NULL; 2485 2486 lle = in6_lltable_new(l3addr, flags); 2487 if (lle == NULL) { 2488 log(LOG_INFO, "lla_lookup: new lle malloc failed\n"); 2489 return NULL; 2490 } 2491 lle->la_flags = flags & ~LLE_CREATE; 2492 if ((flags & (LLE_CREATE | LLE_IFADDR)) == (LLE_CREATE | LLE_IFADDR)) { 2493 bcopy(IF_LLADDR(ifp), &lle->ll_addr, ifp->if_addrlen); 2494 lle->la_flags |= (LLE_VALID | LLE_STATIC); 2495 } 2496 2497 lle->lle_tbl = llt; 2498 lle->lle_head = lleh; 2499 LIST_INSERT_HEAD(lleh, lle, lle_next); 2500 } else if (flags & LLE_DELETE) { 2501 if (!(lle->la_flags & LLE_IFADDR) || (flags & LLE_IFADDR)) { 2502 LLE_WLOCK(lle); 2503 lle->la_flags = LLE_DELETED; 2504 LLE_WUNLOCK(lle); 2505 #ifdef DIAGNOSTIC 2506 log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle); 2507 #endif 2508 } 2509 lle = (void *)-1; 2510 } 2511 if (LLE_IS_VALID(lle)) { 2512 if (flags & LLE_EXCLUSIVE) 2513 LLE_WLOCK(lle); 2514 else 2515 LLE_RLOCK(lle); 2516 } 2517 return (lle); 2518 } 2519 2520 static int 2521 in6_lltable_dump(struct lltable *llt, struct sysctl_req *wr) 2522 { 2523 struct ifnet *ifp = llt->llt_ifp; 2524 struct llentry *lle; 2525 /* XXX stack use */ 2526 struct { 2527 struct rt_msghdr rtm; 2528 struct sockaddr_in6 sin6; 2529 /* 2530 * ndp.c assumes that sdl is word aligned 2531 */ 2532 #ifdef __LP64__ 2533 uint32_t pad; 2534 #endif 2535 struct sockaddr_dl sdl; 2536 } ndpc; 2537 int i, error; 2538 2539 if (ifp->if_flags & IFF_LOOPBACK) 2540 return 0; 2541 2542 LLTABLE_LOCK_ASSERT(); 2543 2544 error = 0; 2545 for (i = 0; i < LLTBL_HASHTBL_SIZE; i++) { 2546 LIST_FOREACH(lle, &llt->lle_head[i], lle_next) { 2547 struct sockaddr_dl *sdl; 2548 2549 /* skip deleted or invalid entries */ 2550 if ((lle->la_flags & (LLE_DELETED|LLE_VALID)) != LLE_VALID) 2551 continue; 2552 /* Skip if jailed and not a valid IP of the prison. */ 2553 if (prison_if(wr->td->td_ucred, L3_ADDR(lle)) != 0) 2554 continue; 2555 /* 2556 * produce a msg made of: 2557 * struct rt_msghdr; 2558 * struct sockaddr_in6 (IPv6) 2559 * struct sockaddr_dl; 2560 */ 2561 bzero(&ndpc, sizeof(ndpc)); 2562 ndpc.rtm.rtm_msglen = sizeof(ndpc); 2563 ndpc.rtm.rtm_version = RTM_VERSION; 2564 ndpc.rtm.rtm_type = RTM_GET; 2565 ndpc.rtm.rtm_flags = RTF_UP; 2566 ndpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY; 2567 ndpc.sin6.sin6_family = AF_INET6; 2568 ndpc.sin6.sin6_len = sizeof(ndpc.sin6); 2569 bcopy(L3_ADDR(lle), &ndpc.sin6, L3_ADDR_LEN(lle)); 2570 2571 /* publish */ 2572 if (lle->la_flags & LLE_PUB) 2573 ndpc.rtm.rtm_flags |= RTF_ANNOUNCE; 2574 2575 sdl = &ndpc.sdl; 2576 sdl->sdl_family = AF_LINK; 2577 sdl->sdl_len = sizeof(*sdl); 2578 sdl->sdl_alen = ifp->if_addrlen; 2579 sdl->sdl_index = ifp->if_index; 2580 sdl->sdl_type = ifp->if_type; 2581 bcopy(&lle->ll_addr, LLADDR(sdl), ifp->if_addrlen); 2582 ndpc.rtm.rtm_rmx.rmx_expire = 2583 lle->la_flags & LLE_STATIC ? 0 : lle->la_expire; 2584 ndpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA); 2585 if (lle->la_flags & LLE_STATIC) 2586 ndpc.rtm.rtm_flags |= RTF_STATIC; 2587 ndpc.rtm.rtm_index = ifp->if_index; 2588 error = SYSCTL_OUT(wr, &ndpc, sizeof(ndpc)); 2589 if (error) 2590 break; 2591 } 2592 } 2593 return error; 2594 } 2595 2596 void * 2597 in6_domifattach(struct ifnet *ifp) 2598 { 2599 struct in6_ifextra *ext; 2600 2601 ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK); 2602 bzero(ext, sizeof(*ext)); 2603 2604 ext->in6_ifstat = (struct in6_ifstat *)malloc(sizeof(struct in6_ifstat), 2605 M_IFADDR, M_WAITOK); 2606 bzero(ext->in6_ifstat, sizeof(*ext->in6_ifstat)); 2607 2608 ext->icmp6_ifstat = 2609 (struct icmp6_ifstat *)malloc(sizeof(struct icmp6_ifstat), 2610 M_IFADDR, M_WAITOK); 2611 bzero(ext->icmp6_ifstat, sizeof(*ext->icmp6_ifstat)); 2612 2613 ext->nd_ifinfo = nd6_ifattach(ifp); 2614 ext->scope6_id = scope6_ifattach(ifp); 2615 ext->lltable = lltable_init(ifp, AF_INET6); 2616 if (ext->lltable != NULL) { 2617 ext->lltable->llt_free = in6_lltable_free; 2618 ext->lltable->llt_prefix_free = in6_lltable_prefix_free; 2619 ext->lltable->llt_lookup = in6_lltable_lookup; 2620 ext->lltable->llt_dump = in6_lltable_dump; 2621 } 2622 2623 ext->mld_ifinfo = mld_domifattach(ifp); 2624 2625 return ext; 2626 } 2627 2628 void 2629 in6_domifdetach(struct ifnet *ifp, void *aux) 2630 { 2631 struct in6_ifextra *ext = (struct in6_ifextra *)aux; 2632 2633 mld_domifdetach(ifp); 2634 scope6_ifdetach(ext->scope6_id); 2635 nd6_ifdetach(ext->nd_ifinfo); 2636 lltable_free(ext->lltable); 2637 free(ext->in6_ifstat, M_IFADDR); 2638 free(ext->icmp6_ifstat, M_IFADDR); 2639 free(ext, M_IFADDR); 2640 } 2641 2642 /* 2643 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be 2644 * v4 mapped addr or v4 compat addr 2645 */ 2646 void 2647 in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2648 { 2649 2650 bzero(sin, sizeof(*sin)); 2651 sin->sin_len = sizeof(struct sockaddr_in); 2652 sin->sin_family = AF_INET; 2653 sin->sin_port = sin6->sin6_port; 2654 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3]; 2655 } 2656 2657 /* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */ 2658 void 2659 in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2660 { 2661 bzero(sin6, sizeof(*sin6)); 2662 sin6->sin6_len = sizeof(struct sockaddr_in6); 2663 sin6->sin6_family = AF_INET6; 2664 sin6->sin6_port = sin->sin_port; 2665 sin6->sin6_addr.s6_addr32[0] = 0; 2666 sin6->sin6_addr.s6_addr32[1] = 0; 2667 sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP; 2668 sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr; 2669 } 2670 2671 /* Convert sockaddr_in6 into sockaddr_in. */ 2672 void 2673 in6_sin6_2_sin_in_sock(struct sockaddr *nam) 2674 { 2675 struct sockaddr_in *sin_p; 2676 struct sockaddr_in6 sin6; 2677 2678 /* 2679 * Save original sockaddr_in6 addr and convert it 2680 * to sockaddr_in. 2681 */ 2682 sin6 = *(struct sockaddr_in6 *)nam; 2683 sin_p = (struct sockaddr_in *)nam; 2684 in6_sin6_2_sin(sin_p, &sin6); 2685 } 2686 2687 /* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */ 2688 void 2689 in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam) 2690 { 2691 struct sockaddr_in *sin_p; 2692 struct sockaddr_in6 *sin6_p; 2693 2694 sin6_p = malloc(sizeof *sin6_p, M_SONAME, 2695 M_WAITOK); 2696 sin_p = (struct sockaddr_in *)*nam; 2697 in6_sin_2_v4mapsin6(sin_p, sin6_p); 2698 free(*nam, M_SONAME); 2699 *nam = (struct sockaddr *)sin6_p; 2700 }
Cache object: 0704d0861e27bbc2378562f6e843cf43
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]