1 /*-
2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. Neither the name of the project nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 *
29 * $KAME: in6_src.c,v 1.132 2003/08/26 04:42:27 keiichi Exp $
30 */
31
32 /*-
33 * Copyright (c) 1982, 1986, 1991, 1993
34 * The Regents of the University of California. All rights reserved.
35 *
36 * Redistribution and use in source and binary forms, with or without
37 * modification, are permitted provided that the following conditions
38 * are met:
39 * 1. Redistributions of source code must retain the above copyright
40 * notice, this list of conditions and the following disclaimer.
41 * 2. Redistributions in binary form must reproduce the above copyright
42 * notice, this list of conditions and the following disclaimer in the
43 * documentation and/or other materials provided with the distribution.
44 * 4. Neither the name of the University nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
47 *
48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
58 * SUCH DAMAGE.
59 *
60 * @(#)in_pcb.c 8.2 (Berkeley) 1/4/94
61 */
62
63 #include <sys/cdefs.h>
64 __FBSDID("$FreeBSD$");
65
66 #include "opt_inet.h"
67 #include "opt_inet6.h"
68
69 #include <sys/param.h>
70 #include <sys/systm.h>
71 #include <sys/lock.h>
72 #include <sys/malloc.h>
73 #include <sys/mbuf.h>
74 #include <sys/priv.h>
75 #include <sys/protosw.h>
76 #include <sys/socket.h>
77 #include <sys/socketvar.h>
78 #include <sys/sockio.h>
79 #include <sys/sysctl.h>
80 #include <sys/errno.h>
81 #include <sys/time.h>
82 #include <sys/jail.h>
83 #include <sys/kernel.h>
84 #include <sys/sx.h>
85
86 #include <net/if.h>
87 #include <net/route.h>
88
89 #include <netinet/in.h>
90 #include <netinet/in_var.h>
91 #include <netinet/in_systm.h>
92 #include <netinet/ip.h>
93 #include <netinet/in_pcb.h>
94 #include <netinet/ip_var.h>
95 #include <netinet/udp.h>
96 #include <netinet/udp_var.h>
97 #include <netinet6/in6_var.h>
98 #include <netinet/ip6.h>
99 #include <netinet6/in6_pcb.h>
100 #include <netinet6/ip6_var.h>
101 #include <netinet6/scope6_var.h>
102 #include <netinet6/nd6.h>
103
104 static struct mtx addrsel_lock;
105 #define ADDRSEL_LOCK_INIT() mtx_init(&addrsel_lock, "addrsel_lock", NULL, MTX_DEF)
106 #define ADDRSEL_LOCK() mtx_lock(&addrsel_lock)
107 #define ADDRSEL_UNLOCK() mtx_unlock(&addrsel_lock)
108 #define ADDRSEL_LOCK_ASSERT() mtx_assert(&addrsel_lock, MA_OWNED)
109
110 static struct sx addrsel_sxlock;
111 #define ADDRSEL_SXLOCK_INIT() sx_init(&addrsel_sxlock, "addrsel_sxlock")
112 #define ADDRSEL_SLOCK() sx_slock(&addrsel_sxlock)
113 #define ADDRSEL_SUNLOCK() sx_sunlock(&addrsel_sxlock)
114 #define ADDRSEL_XLOCK() sx_xlock(&addrsel_sxlock)
115 #define ADDRSEL_XUNLOCK() sx_xunlock(&addrsel_sxlock)
116
117 #define ADDR_LABEL_NOTAPP (-1)
118 struct in6_addrpolicy defaultaddrpolicy;
119
120 int ip6_prefer_tempaddr = 0;
121
122 static int selectroute __P((struct sockaddr_in6 *, struct ip6_pktopts *,
123 struct ip6_moptions *, struct route_in6 *, struct ifnet **,
124 struct rtentry **, int, int));
125 static int in6_selectif __P((struct sockaddr_in6 *, struct ip6_pktopts *,
126 struct ip6_moptions *, struct route_in6 *ro, struct ifnet **));
127
128 static struct in6_addrpolicy *lookup_addrsel_policy(struct sockaddr_in6 *);
129
130 static void init_policy_queue(void);
131 static int add_addrsel_policyent(struct in6_addrpolicy *);
132 static int delete_addrsel_policyent(struct in6_addrpolicy *);
133 static int walk_addrsel_policy __P((int (*)(struct in6_addrpolicy *, void *),
134 void *));
135 static int dump_addrsel_policyent(struct in6_addrpolicy *, void *);
136 static struct in6_addrpolicy *match_addrsel_policy(struct sockaddr_in6 *);
137
138 /*
139 * Return an IPv6 address, which is the most appropriate for a given
140 * destination and user specified options.
141 * If necessary, this function lookups the routing table and returns
142 * an entry to the caller for later use.
143 */
144 #define REPLACE(r) do {\
145 if ((r) < sizeof(ip6stat.ip6s_sources_rule) / \
146 sizeof(ip6stat.ip6s_sources_rule[0])) /* check for safety */ \
147 ip6stat.ip6s_sources_rule[(r)]++; \
148 /* { \
149 char ip6buf[INET6_ADDRSTRLEN], ip6b[INET6_ADDRSTRLEN]; \
150 printf("in6_selectsrc: replace %s with %s by %d\n", ia_best ? ip6_sprintf(ip6buf, &ia_best->ia_addr.sin6_addr) : "none", ip6_sprintf(ip6b, &ia->ia_addr.sin6_addr), (r)); \
151 } */ \
152 goto replace; \
153 } while(0)
154 #define NEXT(r) do {\
155 if ((r) < sizeof(ip6stat.ip6s_sources_rule) / \
156 sizeof(ip6stat.ip6s_sources_rule[0])) /* check for safety */ \
157 ip6stat.ip6s_sources_rule[(r)]++; \
158 /* { \
159 char ip6buf[INET6_ADDRSTRLEN], ip6b[INET6_ADDRSTRLEN]; \
160 printf("in6_selectsrc: keep %s against %s by %d\n", ia_best ? ip6_sprintf(ip6buf, &ia_best->ia_addr.sin6_addr) : "none", ip6_sprintf(ip6b, &ia->ia_addr.sin6_addr), (r)); \
161 } */ \
162 goto next; /* XXX: we can't use 'continue' here */ \
163 } while(0)
164 #define BREAK(r) do { \
165 if ((r) < sizeof(ip6stat.ip6s_sources_rule) / \
166 sizeof(ip6stat.ip6s_sources_rule[0])) /* check for safety */ \
167 ip6stat.ip6s_sources_rule[(r)]++; \
168 goto out; /* XXX: we can't use 'break' here */ \
169 } while(0)
170
171 int
172 in6_selectsrc(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts,
173 struct inpcb *inp, struct route_in6 *ro, struct ucred *cred,
174 struct ifnet **ifpp, struct in6_addr *srcp)
175 {
176 struct in6_addr dst;
177 struct ifnet *ifp = NULL;
178 struct in6_ifaddr *ia = NULL, *ia_best = NULL;
179 struct in6_pktinfo *pi = NULL;
180 int dst_scope = -1, best_scope = -1, best_matchlen = -1;
181 struct in6_addrpolicy *dst_policy = NULL, *best_policy = NULL;
182 u_int32_t odstzone;
183 int prefer_tempaddr;
184 int error;
185 struct ip6_moptions *mopts;
186
187 KASSERT(srcp != NULL, ("%s: srcp is NULL", __func__));
188
189 dst = dstsock->sin6_addr; /* make a copy for local operation */
190 if (ifpp)
191 *ifpp = NULL;
192
193 if (inp != NULL) {
194 INP_LOCK_ASSERT(inp);
195 mopts = inp->in6p_moptions;
196 } else {
197 mopts = NULL;
198 }
199
200 /*
201 * If the source address is explicitly specified by the caller,
202 * check if the requested source address is indeed a unicast address
203 * assigned to the node, and can be used as the packet's source
204 * address. If everything is okay, use the address as source.
205 */
206 if (opts && (pi = opts->ip6po_pktinfo) &&
207 !IN6_IS_ADDR_UNSPECIFIED(&pi->ipi6_addr)) {
208 struct sockaddr_in6 srcsock;
209 struct in6_ifaddr *ia6;
210
211 /* get the outgoing interface */
212 if ((error = in6_selectif(dstsock, opts, mopts, ro, &ifp)) != 0)
213 return (error);
214
215 /*
216 * determine the appropriate zone id of the source based on
217 * the zone of the destination and the outgoing interface.
218 * If the specified address is ambiguous wrt the scope zone,
219 * the interface must be specified; otherwise, ifa_ifwithaddr()
220 * will fail matching the address.
221 */
222 bzero(&srcsock, sizeof(srcsock));
223 srcsock.sin6_family = AF_INET6;
224 srcsock.sin6_len = sizeof(srcsock);
225 srcsock.sin6_addr = pi->ipi6_addr;
226 if (ifp) {
227 error = in6_setscope(&srcsock.sin6_addr, ifp, NULL);
228 if (error)
229 return (error);
230 }
231 if (cred != NULL && (error = prison_local_ip6(cred,
232 &srcsock.sin6_addr, (inp != NULL &&
233 (inp->inp_flags & IN6P_IPV6_V6ONLY) != 0))) != 0)
234 return (error);
235
236 ia6 = (struct in6_ifaddr *)ifa_ifwithaddr((struct sockaddr *)(&srcsock));
237 if (ia6 == NULL ||
238 (ia6->ia6_flags & (IN6_IFF_ANYCAST | IN6_IFF_NOTREADY))) {
239 return (EADDRNOTAVAIL);
240 }
241 pi->ipi6_addr = srcsock.sin6_addr; /* XXX: this overrides pi */
242 if (ifpp)
243 *ifpp = ifp;
244 bcopy(&ia6->ia_addr.sin6_addr, srcp, sizeof(*srcp));
245 return (0);
246 }
247
248 /*
249 * Otherwise, if the socket has already bound the source, just use it.
250 */
251 if (inp != NULL && !IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) {
252 if (cred != NULL &&
253 (error = prison_local_ip6(cred, &inp->in6p_laddr,
254 ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0))) != 0)
255 return (error);
256 bcopy(&inp->in6p_laddr, srcp, sizeof(*srcp));
257 return (0);
258 }
259
260 /*
261 * Bypass source address selection and use the primary jail IP
262 * if requested.
263 */
264 if (cred != NULL && !prison_saddrsel_ip6(cred, srcp))
265 return (0);
266
267 /*
268 * If the address is not specified, choose the best one based on
269 * the outgoing interface and the destination address.
270 */
271 /* get the outgoing interface */
272 if ((error = in6_selectif(dstsock, opts, mopts, ro, &ifp)) != 0)
273 return (error);
274
275 #ifdef DIAGNOSTIC
276 if (ifp == NULL) /* this should not happen */
277 panic("in6_selectsrc: NULL ifp");
278 #endif
279 error = in6_setscope(&dst, ifp, &odstzone);
280 if (error)
281 return (error);
282
283 for (ia = in6_ifaddr; ia; ia = ia->ia_next) {
284 int new_scope = -1, new_matchlen = -1;
285 struct in6_addrpolicy *new_policy = NULL;
286 u_int32_t srczone, osrczone, dstzone;
287 struct in6_addr src;
288 struct ifnet *ifp1 = ia->ia_ifp;
289
290 /*
291 * We'll never take an address that breaks the scope zone
292 * of the destination. We also skip an address if its zone
293 * does not contain the outgoing interface.
294 * XXX: we should probably use sin6_scope_id here.
295 */
296 if (in6_setscope(&dst, ifp1, &dstzone) ||
297 odstzone != dstzone) {
298 continue;
299 }
300 src = ia->ia_addr.sin6_addr;
301 if (in6_setscope(&src, ifp, &osrczone) ||
302 in6_setscope(&src, ifp1, &srczone) ||
303 osrczone != srczone) {
304 continue;
305 }
306
307 /* avoid unusable addresses */
308 if ((ia->ia6_flags &
309 (IN6_IFF_NOTREADY | IN6_IFF_ANYCAST | IN6_IFF_DETACHED))) {
310 continue;
311 }
312 if (!ip6_use_deprecated && IFA6_IS_DEPRECATED(ia))
313 continue;
314
315 if (cred != NULL &&
316 prison_local_ip6(cred, &ia->ia_addr.sin6_addr,
317 (inp != NULL &&
318 (inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)) != 0)
319 continue;
320
321 /* Rule 1: Prefer same address */
322 if (IN6_ARE_ADDR_EQUAL(&dst, &ia->ia_addr.sin6_addr)) {
323 ia_best = ia;
324 BREAK(1); /* there should be no better candidate */
325 }
326
327 if (ia_best == NULL)
328 REPLACE(0);
329
330 /* Rule 2: Prefer appropriate scope */
331 if (dst_scope < 0)
332 dst_scope = in6_addrscope(&dst);
333 new_scope = in6_addrscope(&ia->ia_addr.sin6_addr);
334 if (IN6_ARE_SCOPE_CMP(best_scope, new_scope) < 0) {
335 if (IN6_ARE_SCOPE_CMP(best_scope, dst_scope) < 0)
336 REPLACE(2);
337 NEXT(2);
338 } else if (IN6_ARE_SCOPE_CMP(new_scope, best_scope) < 0) {
339 if (IN6_ARE_SCOPE_CMP(new_scope, dst_scope) < 0)
340 NEXT(2);
341 REPLACE(2);
342 }
343
344 /*
345 * Rule 3: Avoid deprecated addresses. Note that the case of
346 * !ip6_use_deprecated is already rejected above.
347 */
348 if (!IFA6_IS_DEPRECATED(ia_best) && IFA6_IS_DEPRECATED(ia))
349 NEXT(3);
350 if (IFA6_IS_DEPRECATED(ia_best) && !IFA6_IS_DEPRECATED(ia))
351 REPLACE(3);
352
353 /* Rule 4: Prefer home addresses */
354 /*
355 * XXX: This is a TODO. We should probably merge the MIP6
356 * case above.
357 */
358
359 /* Rule 5: Prefer outgoing interface */
360 if (ia_best->ia_ifp == ifp && ia->ia_ifp != ifp)
361 NEXT(5);
362 if (ia_best->ia_ifp != ifp && ia->ia_ifp == ifp)
363 REPLACE(5);
364
365 /*
366 * Rule 6: Prefer matching label
367 * Note that best_policy should be non-NULL here.
368 */
369 if (dst_policy == NULL)
370 dst_policy = lookup_addrsel_policy(dstsock);
371 if (dst_policy->label != ADDR_LABEL_NOTAPP) {
372 new_policy = lookup_addrsel_policy(&ia->ia_addr);
373 if (dst_policy->label == best_policy->label &&
374 dst_policy->label != new_policy->label)
375 NEXT(6);
376 if (dst_policy->label != best_policy->label &&
377 dst_policy->label == new_policy->label)
378 REPLACE(6);
379 }
380
381 /*
382 * Rule 7: Prefer public addresses.
383 * We allow users to reverse the logic by configuring
384 * a sysctl variable, so that privacy conscious users can
385 * always prefer temporary addresses.
386 */
387 if (opts == NULL ||
388 opts->ip6po_prefer_tempaddr == IP6PO_TEMPADDR_SYSTEM) {
389 prefer_tempaddr = ip6_prefer_tempaddr;
390 } else if (opts->ip6po_prefer_tempaddr ==
391 IP6PO_TEMPADDR_NOTPREFER) {
392 prefer_tempaddr = 0;
393 } else
394 prefer_tempaddr = 1;
395 if (!(ia_best->ia6_flags & IN6_IFF_TEMPORARY) &&
396 (ia->ia6_flags & IN6_IFF_TEMPORARY)) {
397 if (prefer_tempaddr)
398 REPLACE(7);
399 else
400 NEXT(7);
401 }
402 if ((ia_best->ia6_flags & IN6_IFF_TEMPORARY) &&
403 !(ia->ia6_flags & IN6_IFF_TEMPORARY)) {
404 if (prefer_tempaddr)
405 NEXT(7);
406 else
407 REPLACE(7);
408 }
409
410 /*
411 * Rule 8: prefer addresses on alive interfaces.
412 * This is a KAME specific rule.
413 */
414 if ((ia_best->ia_ifp->if_flags & IFF_UP) &&
415 !(ia->ia_ifp->if_flags & IFF_UP))
416 NEXT(8);
417 if (!(ia_best->ia_ifp->if_flags & IFF_UP) &&
418 (ia->ia_ifp->if_flags & IFF_UP))
419 REPLACE(8);
420
421 /*
422 * Rule 14: Use longest matching prefix.
423 * Note: in the address selection draft, this rule is
424 * documented as "Rule 8". However, since it is also
425 * documented that this rule can be overridden, we assign
426 * a large number so that it is easy to assign smaller numbers
427 * to more preferred rules.
428 */
429 new_matchlen = in6_matchlen(&ia->ia_addr.sin6_addr, &dst);
430 if (best_matchlen < new_matchlen)
431 REPLACE(14);
432 if (new_matchlen < best_matchlen)
433 NEXT(14);
434
435 /* Rule 15 is reserved. */
436
437 /*
438 * Last resort: just keep the current candidate.
439 * Or, do we need more rules?
440 */
441 continue;
442
443 replace:
444 ia_best = ia;
445 best_scope = (new_scope >= 0 ? new_scope :
446 in6_addrscope(&ia_best->ia_addr.sin6_addr));
447 best_policy = (new_policy ? new_policy :
448 lookup_addrsel_policy(&ia_best->ia_addr));
449 best_matchlen = (new_matchlen >= 0 ? new_matchlen :
450 in6_matchlen(&ia_best->ia_addr.sin6_addr,
451 &dst));
452
453 next:
454 continue;
455
456 out:
457 break;
458 }
459
460 if ((ia = ia_best) == NULL)
461 return (EADDRNOTAVAIL);
462
463 if (ifpp)
464 *ifpp = ifp;
465
466 bcopy(&ia->ia_addr.sin6_addr, srcp, sizeof(*srcp));
467 return (0);
468 }
469
470 /*
471 * clone - meaningful only for bsdi and freebsd
472 */
473 static int
474 selectroute(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts,
475 struct ip6_moptions *mopts, struct route_in6 *ro,
476 struct ifnet **retifp, struct rtentry **retrt, int clone,
477 int norouteok)
478 {
479 int error = 0;
480 struct ifnet *ifp = NULL;
481 struct rtentry *rt = NULL;
482 struct sockaddr_in6 *sin6_next;
483 struct in6_pktinfo *pi = NULL;
484 struct in6_addr *dst = &dstsock->sin6_addr;
485 #if 0
486 char ip6buf[INET6_ADDRSTRLEN];
487
488 if (dstsock->sin6_addr.s6_addr32[0] == 0 &&
489 dstsock->sin6_addr.s6_addr32[1] == 0 &&
490 !IN6_IS_ADDR_LOOPBACK(&dstsock->sin6_addr)) {
491 printf("in6_selectroute: strange destination %s\n",
492 ip6_sprintf(ip6buf, &dstsock->sin6_addr));
493 } else {
494 printf("in6_selectroute: destination = %s%%%d\n",
495 ip6_sprintf(ip6buf, &dstsock->sin6_addr),
496 dstsock->sin6_scope_id); /* for debug */
497 }
498 #endif
499
500 /* If the caller specify the outgoing interface explicitly, use it. */
501 if (opts && (pi = opts->ip6po_pktinfo) != NULL && pi->ipi6_ifindex) {
502 /* XXX boundary check is assumed to be already done. */
503 ifp = ifnet_byindex(pi->ipi6_ifindex);
504 if (ifp != NULL &&
505 (norouteok || retrt == NULL ||
506 IN6_IS_ADDR_MULTICAST(dst))) {
507 /*
508 * we do not have to check or get the route for
509 * multicast.
510 */
511 goto done;
512 } else
513 goto getroute;
514 }
515
516 /*
517 * If the destination address is a multicast address and the outgoing
518 * interface for the address is specified by the caller, use it.
519 */
520 if (IN6_IS_ADDR_MULTICAST(dst) &&
521 mopts != NULL && (ifp = mopts->im6o_multicast_ifp) != NULL) {
522 goto done; /* we do not need a route for multicast. */
523 }
524
525 getroute:
526 /*
527 * If the next hop address for the packet is specified by the caller,
528 * use it as the gateway.
529 */
530 if (opts && opts->ip6po_nexthop) {
531 struct route_in6 *ron;
532
533 sin6_next = satosin6(opts->ip6po_nexthop);
534
535 /* at this moment, we only support AF_INET6 next hops */
536 if (sin6_next->sin6_family != AF_INET6) {
537 error = EAFNOSUPPORT; /* or should we proceed? */
538 goto done;
539 }
540
541 /*
542 * If the next hop is an IPv6 address, then the node identified
543 * by that address must be a neighbor of the sending host.
544 */
545 ron = &opts->ip6po_nextroute;
546 if ((ron->ro_rt &&
547 (ron->ro_rt->rt_flags & (RTF_UP | RTF_LLINFO)) !=
548 (RTF_UP | RTF_LLINFO)) ||
549 !IN6_ARE_ADDR_EQUAL(&satosin6(&ron->ro_dst)->sin6_addr,
550 &sin6_next->sin6_addr)) {
551 if (ron->ro_rt) {
552 RTFREE(ron->ro_rt);
553 ron->ro_rt = NULL;
554 }
555 *satosin6(&ron->ro_dst) = *sin6_next;
556 }
557 if (ron->ro_rt == NULL) {
558 rtalloc((struct route *)ron); /* multi path case? */
559 if (ron->ro_rt == NULL ||
560 !(ron->ro_rt->rt_flags & RTF_LLINFO)) {
561 if (ron->ro_rt) {
562 RTFREE(ron->ro_rt);
563 ron->ro_rt = NULL;
564 }
565 error = EHOSTUNREACH;
566 goto done;
567 }
568 }
569 rt = ron->ro_rt;
570 ifp = rt->rt_ifp;
571
572 /*
573 * When cloning is required, try to allocate a route to the
574 * destination so that the caller can store path MTU
575 * information.
576 */
577 if (!clone)
578 goto done;
579 }
580
581 /*
582 * Use a cached route if it exists and is valid, else try to allocate
583 * a new one. Note that we should check the address family of the
584 * cached destination, in case of sharing the cache with IPv4.
585 */
586 if (ro) {
587 if (ro->ro_rt &&
588 (!(ro->ro_rt->rt_flags & RTF_UP) ||
589 ((struct sockaddr *)(&ro->ro_dst))->sa_family != AF_INET6 ||
590 !IN6_ARE_ADDR_EQUAL(&satosin6(&ro->ro_dst)->sin6_addr,
591 dst))) {
592 RTFREE(ro->ro_rt);
593 ro->ro_rt = (struct rtentry *)NULL;
594 }
595 if (ro->ro_rt == (struct rtentry *)NULL) {
596 struct sockaddr_in6 *sa6;
597
598 /* No route yet, so try to acquire one */
599 bzero(&ro->ro_dst, sizeof(struct sockaddr_in6));
600 sa6 = (struct sockaddr_in6 *)&ro->ro_dst;
601 *sa6 = *dstsock;
602 sa6->sin6_scope_id = 0;
603
604 if (clone) {
605 rtalloc((struct route *)ro);
606 } else {
607 ro->ro_rt = rtalloc1(&((struct route *)ro)
608 ->ro_dst, 0, 0UL);
609 if (ro->ro_rt)
610 RT_UNLOCK(ro->ro_rt);
611 }
612 }
613
614 /*
615 * do not care about the result if we have the nexthop
616 * explicitly specified.
617 */
618 if (opts && opts->ip6po_nexthop)
619 goto done;
620
621 if (ro->ro_rt) {
622 ifp = ro->ro_rt->rt_ifp;
623
624 if (ifp == NULL) { /* can this really happen? */
625 RTFREE(ro->ro_rt);
626 ro->ro_rt = NULL;
627 }
628 }
629 if (ro->ro_rt == NULL)
630 error = EHOSTUNREACH;
631 rt = ro->ro_rt;
632
633 /*
634 * Check if the outgoing interface conflicts with
635 * the interface specified by ipi6_ifindex (if specified).
636 * Note that loopback interface is always okay.
637 * (this may happen when we are sending a packet to one of
638 * our own addresses.)
639 */
640 if (ifp && opts && opts->ip6po_pktinfo &&
641 opts->ip6po_pktinfo->ipi6_ifindex) {
642 if (!(ifp->if_flags & IFF_LOOPBACK) &&
643 ifp->if_index !=
644 opts->ip6po_pktinfo->ipi6_ifindex) {
645 error = EHOSTUNREACH;
646 goto done;
647 }
648 }
649 }
650
651 done:
652 if (ifp == NULL && rt == NULL) {
653 /*
654 * This can happen if the caller did not pass a cached route
655 * nor any other hints. We treat this case an error.
656 */
657 error = EHOSTUNREACH;
658 }
659 if (error == EHOSTUNREACH)
660 ip6stat.ip6s_noroute++;
661
662 if (retifp != NULL)
663 *retifp = ifp;
664 if (retrt != NULL)
665 *retrt = rt; /* rt may be NULL */
666
667 return (error);
668 }
669
670 static int
671 in6_selectif(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts,
672 struct ip6_moptions *mopts, struct route_in6 *ro, struct ifnet **retifp)
673 {
674 int error;
675 struct route_in6 sro;
676 struct rtentry *rt = NULL;
677
678 if (ro == NULL) {
679 bzero(&sro, sizeof(sro));
680 ro = &sro;
681 }
682
683 if ((error = selectroute(dstsock, opts, mopts, ro, retifp,
684 &rt, 0, 1)) != 0) {
685 if (ro == &sro && rt && rt == sro.ro_rt)
686 RTFREE(rt);
687 return (error);
688 }
689
690 /*
691 * do not use a rejected or black hole route.
692 * XXX: this check should be done in the L2 output routine.
693 * However, if we skipped this check here, we'd see the following
694 * scenario:
695 * - install a rejected route for a scoped address prefix
696 * (like fe80::/10)
697 * - send a packet to a destination that matches the scoped prefix,
698 * with ambiguity about the scope zone.
699 * - pick the outgoing interface from the route, and disambiguate the
700 * scope zone with the interface.
701 * - ip6_output() would try to get another route with the "new"
702 * destination, which may be valid.
703 * - we'd see no error on output.
704 * Although this may not be very harmful, it should still be confusing.
705 * We thus reject the case here.
706 */
707 if (rt && (rt->rt_flags & (RTF_REJECT | RTF_BLACKHOLE))) {
708 int flags = (rt->rt_flags & RTF_HOST ? EHOSTUNREACH : ENETUNREACH);
709
710 if (ro == &sro && rt && rt == sro.ro_rt)
711 RTFREE(rt);
712 return (flags);
713 }
714
715 /*
716 * Adjust the "outgoing" interface. If we're going to loop the packet
717 * back to ourselves, the ifp would be the loopback interface.
718 * However, we'd rather know the interface associated to the
719 * destination address (which should probably be one of our own
720 * addresses.)
721 */
722 if (rt && rt->rt_ifa && rt->rt_ifa->ifa_ifp)
723 *retifp = rt->rt_ifa->ifa_ifp;
724
725 if (ro == &sro && rt && rt == sro.ro_rt)
726 RTFREE(rt);
727 return (0);
728 }
729
730 /*
731 * clone - meaningful only for bsdi and freebsd
732 */
733 int
734 in6_selectroute(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts,
735 struct ip6_moptions *mopts, struct route_in6 *ro,
736 struct ifnet **retifp, struct rtentry **retrt, int clone)
737 {
738
739 return (selectroute(dstsock, opts, mopts, ro, retifp,
740 retrt, clone, 0));
741 }
742
743 /*
744 * Default hop limit selection. The precedence is as follows:
745 * 1. Hoplimit value specified via ioctl.
746 * 2. (If the outgoing interface is detected) the current
747 * hop limit of the interface specified by router advertisement.
748 * 3. The system default hoplimit.
749 */
750 int
751 in6_selecthlim(struct inpcb *in6p, struct ifnet *ifp)
752 {
753
754 if (in6p && in6p->in6p_hops >= 0)
755 return (in6p->in6p_hops);
756 else if (ifp)
757 return (ND_IFINFO(ifp)->chlim);
758 else if (in6p && !IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) {
759 struct route_in6 ro6;
760 struct ifnet *lifp;
761
762 bzero(&ro6, sizeof(ro6));
763 ro6.ro_dst.sin6_family = AF_INET6;
764 ro6.ro_dst.sin6_len = sizeof(struct sockaddr_in6);
765 ro6.ro_dst.sin6_addr = in6p->in6p_faddr;
766 rtalloc((struct route *)&ro6);
767 if (ro6.ro_rt) {
768 lifp = ro6.ro_rt->rt_ifp;
769 RTFREE(ro6.ro_rt);
770 if (lifp)
771 return (ND_IFINFO(lifp)->chlim);
772 } else
773 return (ip6_defhlim);
774 }
775 return (ip6_defhlim);
776 }
777
778 /*
779 * XXX: this is borrowed from in6_pcbbind(). If possible, we should
780 * share this function by all *bsd*...
781 */
782 int
783 in6_pcbsetport(struct in6_addr *laddr, struct inpcb *inp, struct ucred *cred)
784 {
785 struct socket *so = inp->inp_socket;
786 u_int16_t lport = 0;
787 int error, wild = 0;
788 #ifdef INVARIANTS
789 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo;
790 #endif
791
792 INP_INFO_WLOCK_ASSERT(pcbinfo);
793 INP_WLOCK_ASSERT(inp);
794
795 error = prison_local_ip6(cred, laddr,
796 ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0));
797 if (error)
798 return(error);
799
800 /* XXX: this is redundant when called from in6_pcbbind */
801 if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0)
802 wild = INPLOOKUP_WILDCARD;
803
804 inp->inp_flags |= INP_ANONPORT;
805
806 error = in_pcb_lport(inp, NULL, &lport, cred, wild);
807 if (error != 0)
808 return (error);
809
810 inp->inp_lport = lport;
811 if (in_pcbinshash(inp) != 0) {
812 inp->in6p_laddr = in6addr_any;
813 inp->inp_lport = 0;
814 return (EAGAIN);
815 }
816
817 return (0);
818 }
819
820 void
821 addrsel_policy_init(void)
822 {
823 ADDRSEL_LOCK_INIT();
824 ADDRSEL_SXLOCK_INIT();
825
826 init_policy_queue();
827
828 /* initialize the "last resort" policy */
829 bzero(&defaultaddrpolicy, sizeof(defaultaddrpolicy));
830 defaultaddrpolicy.label = ADDR_LABEL_NOTAPP;
831 }
832
833 static struct in6_addrpolicy *
834 lookup_addrsel_policy(struct sockaddr_in6 *key)
835 {
836 struct in6_addrpolicy *match = NULL;
837
838 ADDRSEL_LOCK();
839 match = match_addrsel_policy(key);
840
841 if (match == NULL)
842 match = &defaultaddrpolicy;
843 else
844 match->use++;
845 ADDRSEL_UNLOCK();
846
847 return (match);
848 }
849
850 /*
851 * Subroutines to manage the address selection policy table via sysctl.
852 */
853 struct walkarg {
854 struct sysctl_req *w_req;
855 };
856
857 static int in6_src_sysctl(SYSCTL_HANDLER_ARGS);
858 SYSCTL_DECL(_net_inet6_ip6);
859 SYSCTL_NODE(_net_inet6_ip6, IPV6CTL_ADDRCTLPOLICY, addrctlpolicy,
860 CTLFLAG_RD, in6_src_sysctl, "");
861
862 static int
863 in6_src_sysctl(SYSCTL_HANDLER_ARGS)
864 {
865 struct walkarg w;
866
867 if (req->newptr)
868 return EPERM;
869
870 bzero(&w, sizeof(w));
871 w.w_req = req;
872
873 return (walk_addrsel_policy(dump_addrsel_policyent, &w));
874 }
875
876 int
877 in6_src_ioctl(u_long cmd, caddr_t data)
878 {
879 int i;
880 struct in6_addrpolicy ent0;
881
882 if (cmd != SIOCAADDRCTL_POLICY && cmd != SIOCDADDRCTL_POLICY)
883 return (EOPNOTSUPP); /* check for safety */
884
885 ent0 = *(struct in6_addrpolicy *)data;
886
887 if (ent0.label == ADDR_LABEL_NOTAPP)
888 return (EINVAL);
889 /* check if the prefix mask is consecutive. */
890 if (in6_mask2len(&ent0.addrmask.sin6_addr, NULL) < 0)
891 return (EINVAL);
892 /* clear trailing garbages (if any) of the prefix address. */
893 for (i = 0; i < 4; i++) {
894 ent0.addr.sin6_addr.s6_addr32[i] &=
895 ent0.addrmask.sin6_addr.s6_addr32[i];
896 }
897 ent0.use = 0;
898
899 switch (cmd) {
900 case SIOCAADDRCTL_POLICY:
901 return (add_addrsel_policyent(&ent0));
902 case SIOCDADDRCTL_POLICY:
903 return (delete_addrsel_policyent(&ent0));
904 }
905
906 return (0); /* XXX: compromise compilers */
907 }
908
909 /*
910 * The followings are implementation of the policy table using a
911 * simple tail queue.
912 * XXX such details should be hidden.
913 * XXX implementation using binary tree should be more efficient.
914 */
915 struct addrsel_policyent {
916 TAILQ_ENTRY(addrsel_policyent) ape_entry;
917 struct in6_addrpolicy ape_policy;
918 };
919
920 TAILQ_HEAD(addrsel_policyhead, addrsel_policyent);
921
922 struct addrsel_policyhead addrsel_policytab;
923
924 static void
925 init_policy_queue(void)
926 {
927
928 TAILQ_INIT(&addrsel_policytab);
929 }
930
931 static int
932 add_addrsel_policyent(struct in6_addrpolicy *newpolicy)
933 {
934 struct addrsel_policyent *new, *pol;
935
936 MALLOC(new, struct addrsel_policyent *, sizeof(*new), M_IFADDR,
937 M_WAITOK);
938 ADDRSEL_XLOCK();
939 ADDRSEL_LOCK();
940
941 /* duplication check */
942 TAILQ_FOREACH(pol, &addrsel_policytab, ape_entry) {
943 if (IN6_ARE_ADDR_EQUAL(&newpolicy->addr.sin6_addr,
944 &pol->ape_policy.addr.sin6_addr) &&
945 IN6_ARE_ADDR_EQUAL(&newpolicy->addrmask.sin6_addr,
946 &pol->ape_policy.addrmask.sin6_addr)) {
947 ADDRSEL_UNLOCK();
948 ADDRSEL_XUNLOCK();
949 FREE(new, M_IFADDR);
950 return (EEXIST); /* or override it? */
951 }
952 }
953
954 bzero(new, sizeof(*new));
955
956 /* XXX: should validate entry */
957 new->ape_policy = *newpolicy;
958
959 TAILQ_INSERT_TAIL(&addrsel_policytab, new, ape_entry);
960 ADDRSEL_UNLOCK();
961 ADDRSEL_XUNLOCK();
962
963 return (0);
964 }
965
966 static int
967 delete_addrsel_policyent(struct in6_addrpolicy *key)
968 {
969 struct addrsel_policyent *pol;
970
971 ADDRSEL_XLOCK();
972 ADDRSEL_LOCK();
973
974 /* search for the entry in the table */
975 TAILQ_FOREACH(pol, &addrsel_policytab, ape_entry) {
976 if (IN6_ARE_ADDR_EQUAL(&key->addr.sin6_addr,
977 &pol->ape_policy.addr.sin6_addr) &&
978 IN6_ARE_ADDR_EQUAL(&key->addrmask.sin6_addr,
979 &pol->ape_policy.addrmask.sin6_addr)) {
980 break;
981 }
982 }
983 if (pol == NULL) {
984 ADDRSEL_UNLOCK();
985 ADDRSEL_XUNLOCK();
986 return (ESRCH);
987 }
988
989 TAILQ_REMOVE(&addrsel_policytab, pol, ape_entry);
990 ADDRSEL_UNLOCK();
991 ADDRSEL_XUNLOCK();
992
993 return (0);
994 }
995
996 static int
997 walk_addrsel_policy(int (*callback)(struct in6_addrpolicy *, void *),
998 void *w)
999 {
1000 struct addrsel_policyent *pol;
1001 int error = 0;
1002
1003 ADDRSEL_SLOCK();
1004 TAILQ_FOREACH(pol, &addrsel_policytab, ape_entry) {
1005 if ((error = (*callback)(&pol->ape_policy, w)) != 0) {
1006 ADDRSEL_SUNLOCK();
1007 return (error);
1008 }
1009 }
1010 ADDRSEL_SUNLOCK();
1011 return (error);
1012 }
1013
1014 static int
1015 dump_addrsel_policyent(struct in6_addrpolicy *pol, void *arg)
1016 {
1017 int error = 0;
1018 struct walkarg *w = arg;
1019
1020 error = SYSCTL_OUT(w->w_req, pol, sizeof(*pol));
1021
1022 return (error);
1023 }
1024
1025 static struct in6_addrpolicy *
1026 match_addrsel_policy(struct sockaddr_in6 *key)
1027 {
1028 struct addrsel_policyent *pent;
1029 struct in6_addrpolicy *bestpol = NULL, *pol;
1030 int matchlen, bestmatchlen = -1;
1031 u_char *mp, *ep, *k, *p, m;
1032
1033 TAILQ_FOREACH(pent, &addrsel_policytab, ape_entry) {
1034 matchlen = 0;
1035
1036 pol = &pent->ape_policy;
1037 mp = (u_char *)&pol->addrmask.sin6_addr;
1038 ep = mp + 16; /* XXX: scope field? */
1039 k = (u_char *)&key->sin6_addr;
1040 p = (u_char *)&pol->addr.sin6_addr;
1041 for (; mp < ep && *mp; mp++, k++, p++) {
1042 m = *mp;
1043 if ((*k & m) != *p)
1044 goto next; /* not match */
1045 if (m == 0xff) /* short cut for a typical case */
1046 matchlen += 8;
1047 else {
1048 while (m >= 0x80) {
1049 matchlen++;
1050 m <<= 1;
1051 }
1052 }
1053 }
1054
1055 /* matched. check if this is better than the current best. */
1056 if (bestpol == NULL ||
1057 matchlen > bestmatchlen) {
1058 bestpol = pol;
1059 bestmatchlen = matchlen;
1060 }
1061
1062 next:
1063 continue;
1064 }
1065
1066 return (bestpol);
1067 }
Cache object: 802025e7c4e947238ddcd4f3cf498cce
|