1 /*-
2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. Neither the name of the project nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 *
29 * $KAME: in6_src.c,v 1.132 2003/08/26 04:42:27 keiichi Exp $
30 */
31
32 /*-
33 * Copyright (c) 1982, 1986, 1991, 1993
34 * The Regents of the University of California. All rights reserved.
35 *
36 * Redistribution and use in source and binary forms, with or without
37 * modification, are permitted provided that the following conditions
38 * are met:
39 * 1. Redistributions of source code must retain the above copyright
40 * notice, this list of conditions and the following disclaimer.
41 * 2. Redistributions in binary form must reproduce the above copyright
42 * notice, this list of conditions and the following disclaimer in the
43 * documentation and/or other materials provided with the distribution.
44 * 4. Neither the name of the University nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
47 *
48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
58 * SUCH DAMAGE.
59 *
60 * @(#)in_pcb.c 8.2 (Berkeley) 1/4/94
61 */
62
63 #include <sys/cdefs.h>
64 __FBSDID("$FreeBSD: releng/8.0/sys/netinet6/in6_src.c 196869 2009-09-05 17:40:27Z qingli $");
65
66 #include "opt_inet.h"
67 #include "opt_inet6.h"
68 #include "opt_mpath.h"
69
70 #include <sys/param.h>
71 #include <sys/systm.h>
72 #include <sys/lock.h>
73 #include <sys/malloc.h>
74 #include <sys/mbuf.h>
75 #include <sys/priv.h>
76 #include <sys/protosw.h>
77 #include <sys/socket.h>
78 #include <sys/socketvar.h>
79 #include <sys/sockio.h>
80 #include <sys/sysctl.h>
81 #include <sys/errno.h>
82 #include <sys/time.h>
83 #include <sys/jail.h>
84 #include <sys/kernel.h>
85 #include <sys/sx.h>
86
87 #include <net/if.h>
88 #include <net/if_dl.h>
89 #include <net/route.h>
90 #include <net/if_llatbl.h>
91 #ifdef RADIX_MPATH
92 #include <net/radix_mpath.h>
93 #endif
94
95 #include <netinet/in.h>
96 #include <netinet/in_var.h>
97 #include <netinet/in_systm.h>
98 #include <netinet/ip.h>
99 #include <netinet/in_pcb.h>
100 #include <netinet/ip_var.h>
101 #include <netinet/udp.h>
102 #include <netinet/udp_var.h>
103
104 #include <netinet6/in6_var.h>
105 #include <netinet/ip6.h>
106 #include <netinet6/in6_pcb.h>
107 #include <netinet6/ip6_var.h>
108 #include <netinet6/scope6_var.h>
109 #include <netinet6/nd6.h>
110
111 static struct mtx addrsel_lock;
112 #define ADDRSEL_LOCK_INIT() mtx_init(&addrsel_lock, "addrsel_lock", NULL, MTX_DEF)
113 #define ADDRSEL_LOCK() mtx_lock(&addrsel_lock)
114 #define ADDRSEL_UNLOCK() mtx_unlock(&addrsel_lock)
115 #define ADDRSEL_LOCK_ASSERT() mtx_assert(&addrsel_lock, MA_OWNED)
116
117 static struct sx addrsel_sxlock;
118 #define ADDRSEL_SXLOCK_INIT() sx_init(&addrsel_sxlock, "addrsel_sxlock")
119 #define ADDRSEL_SLOCK() sx_slock(&addrsel_sxlock)
120 #define ADDRSEL_SUNLOCK() sx_sunlock(&addrsel_sxlock)
121 #define ADDRSEL_XLOCK() sx_xlock(&addrsel_sxlock)
122 #define ADDRSEL_XUNLOCK() sx_xunlock(&addrsel_sxlock)
123
124 #define ADDR_LABEL_NOTAPP (-1)
125
126 static VNET_DEFINE(struct in6_addrpolicy, defaultaddrpolicy);
127 VNET_DEFINE(int, ip6_prefer_tempaddr);
128
129 #define V_defaultaddrpolicy VNET(defaultaddrpolicy)
130
131 static int selectroute __P((struct sockaddr_in6 *, struct ip6_pktopts *,
132 struct ip6_moptions *, struct route_in6 *, struct ifnet **,
133 struct rtentry **, int));
134 static int in6_selectif __P((struct sockaddr_in6 *, struct ip6_pktopts *,
135 struct ip6_moptions *, struct route_in6 *ro, struct ifnet **));
136
137 static struct in6_addrpolicy *lookup_addrsel_policy(struct sockaddr_in6 *);
138
139 static void init_policy_queue(void);
140 static int add_addrsel_policyent(struct in6_addrpolicy *);
141 static int delete_addrsel_policyent(struct in6_addrpolicy *);
142 static int walk_addrsel_policy __P((int (*)(struct in6_addrpolicy *, void *),
143 void *));
144 static int dump_addrsel_policyent(struct in6_addrpolicy *, void *);
145 static struct in6_addrpolicy *match_addrsel_policy(struct sockaddr_in6 *);
146
147 /*
148 * Return an IPv6 address, which is the most appropriate for a given
149 * destination and user specified options.
150 * If necessary, this function lookups the routing table and returns
151 * an entry to the caller for later use.
152 */
153 #define REPLACE(r) do {\
154 if ((r) < sizeof(V_ip6stat.ip6s_sources_rule) / \
155 sizeof(V_ip6stat.ip6s_sources_rule[0])) /* check for safety */ \
156 V_ip6stat.ip6s_sources_rule[(r)]++; \
157 /* { \
158 char ip6buf[INET6_ADDRSTRLEN], ip6b[INET6_ADDRSTRLEN]; \
159 printf("in6_selectsrc: replace %s with %s by %d\n", ia_best ? ip6_sprintf(ip6buf, &ia_best->ia_addr.sin6_addr) : "none", ip6_sprintf(ip6b, &ia->ia_addr.sin6_addr), (r)); \
160 } */ \
161 goto replace; \
162 } while(0)
163 #define NEXT(r) do {\
164 if ((r) < sizeof(V_ip6stat.ip6s_sources_rule) / \
165 sizeof(V_ip6stat.ip6s_sources_rule[0])) /* check for safety */ \
166 V_ip6stat.ip6s_sources_rule[(r)]++; \
167 /* { \
168 char ip6buf[INET6_ADDRSTRLEN], ip6b[INET6_ADDRSTRLEN]; \
169 printf("in6_selectsrc: keep %s against %s by %d\n", ia_best ? ip6_sprintf(ip6buf, &ia_best->ia_addr.sin6_addr) : "none", ip6_sprintf(ip6b, &ia->ia_addr.sin6_addr), (r)); \
170 } */ \
171 goto next; /* XXX: we can't use 'continue' here */ \
172 } while(0)
173 #define BREAK(r) do { \
174 if ((r) < sizeof(V_ip6stat.ip6s_sources_rule) / \
175 sizeof(V_ip6stat.ip6s_sources_rule[0])) /* check for safety */ \
176 V_ip6stat.ip6s_sources_rule[(r)]++; \
177 goto out; /* XXX: we can't use 'break' here */ \
178 } while(0)
179
180 int
181 in6_selectsrc(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts,
182 struct inpcb *inp, struct route_in6 *ro, struct ucred *cred,
183 struct ifnet **ifpp, struct in6_addr *srcp)
184 {
185 struct in6_addr dst;
186 struct ifnet *ifp = NULL;
187 struct in6_ifaddr *ia = NULL, *ia_best = NULL;
188 struct in6_pktinfo *pi = NULL;
189 int dst_scope = -1, best_scope = -1, best_matchlen = -1;
190 struct in6_addrpolicy *dst_policy = NULL, *best_policy = NULL;
191 u_int32_t odstzone;
192 int prefer_tempaddr;
193 int error;
194 struct ip6_moptions *mopts;
195
196 KASSERT(srcp != NULL, ("%s: srcp is NULL", __func__));
197
198 dst = dstsock->sin6_addr; /* make a copy for local operation */
199 if (ifpp)
200 *ifpp = NULL;
201
202 if (inp != NULL) {
203 INP_LOCK_ASSERT(inp);
204 mopts = inp->in6p_moptions;
205 } else {
206 mopts = NULL;
207 }
208
209 /*
210 * If the source address is explicitly specified by the caller,
211 * check if the requested source address is indeed a unicast address
212 * assigned to the node, and can be used as the packet's source
213 * address. If everything is okay, use the address as source.
214 */
215 if (opts && (pi = opts->ip6po_pktinfo) &&
216 !IN6_IS_ADDR_UNSPECIFIED(&pi->ipi6_addr)) {
217 struct sockaddr_in6 srcsock;
218 struct in6_ifaddr *ia6;
219
220 /* get the outgoing interface */
221 if ((error = in6_selectif(dstsock, opts, mopts, ro, &ifp)) != 0)
222 return (error);
223
224 /*
225 * determine the appropriate zone id of the source based on
226 * the zone of the destination and the outgoing interface.
227 * If the specified address is ambiguous wrt the scope zone,
228 * the interface must be specified; otherwise, ifa_ifwithaddr()
229 * will fail matching the address.
230 */
231 bzero(&srcsock, sizeof(srcsock));
232 srcsock.sin6_family = AF_INET6;
233 srcsock.sin6_len = sizeof(srcsock);
234 srcsock.sin6_addr = pi->ipi6_addr;
235 if (ifp) {
236 error = in6_setscope(&srcsock.sin6_addr, ifp, NULL);
237 if (error)
238 return (error);
239 }
240 if (cred != NULL && (error = prison_local_ip6(cred,
241 &srcsock.sin6_addr, (inp != NULL &&
242 (inp->inp_flags & IN6P_IPV6_V6ONLY) != 0))) != 0)
243 return (error);
244
245 ia6 = (struct in6_ifaddr *)ifa_ifwithaddr(
246 (struct sockaddr *)&srcsock);
247 if (ia6 == NULL ||
248 (ia6->ia6_flags & (IN6_IFF_ANYCAST | IN6_IFF_NOTREADY))) {
249 if (ia6 != NULL)
250 ifa_free(&ia6->ia_ifa);
251 return (EADDRNOTAVAIL);
252 }
253 pi->ipi6_addr = srcsock.sin6_addr; /* XXX: this overrides pi */
254 if (ifpp)
255 *ifpp = ifp;
256 bcopy(&ia6->ia_addr.sin6_addr, srcp, sizeof(*srcp));
257 ifa_free(&ia6->ia_ifa);
258 return (0);
259 }
260
261 /*
262 * Otherwise, if the socket has already bound the source, just use it.
263 */
264 if (inp != NULL && !IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) {
265 if (cred != NULL &&
266 (error = prison_local_ip6(cred, &inp->in6p_laddr,
267 ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0))) != 0)
268 return (error);
269 bcopy(&inp->in6p_laddr, srcp, sizeof(*srcp));
270 return (0);
271 }
272
273 /*
274 * If the address is not specified, choose the best one based on
275 * the outgoing interface and the destination address.
276 */
277 /* get the outgoing interface */
278 if ((error = in6_selectif(dstsock, opts, mopts, ro, &ifp)) != 0)
279 return (error);
280
281 #ifdef DIAGNOSTIC
282 if (ifp == NULL) /* this should not happen */
283 panic("in6_selectsrc: NULL ifp");
284 #endif
285 error = in6_setscope(&dst, ifp, &odstzone);
286 if (error)
287 return (error);
288
289 IN6_IFADDR_RLOCK();
290 TAILQ_FOREACH(ia, &V_in6_ifaddrhead, ia_link) {
291 int new_scope = -1, new_matchlen = -1;
292 struct in6_addrpolicy *new_policy = NULL;
293 u_int32_t srczone, osrczone, dstzone;
294 struct in6_addr src;
295 struct ifnet *ifp1 = ia->ia_ifp;
296
297 /*
298 * We'll never take an address that breaks the scope zone
299 * of the destination. We also skip an address if its zone
300 * does not contain the outgoing interface.
301 * XXX: we should probably use sin6_scope_id here.
302 */
303 if (in6_setscope(&dst, ifp1, &dstzone) ||
304 odstzone != dstzone) {
305 continue;
306 }
307 src = ia->ia_addr.sin6_addr;
308 if (in6_setscope(&src, ifp, &osrczone) ||
309 in6_setscope(&src, ifp1, &srczone) ||
310 osrczone != srczone) {
311 continue;
312 }
313
314 /* avoid unusable addresses */
315 if ((ia->ia6_flags &
316 (IN6_IFF_NOTREADY | IN6_IFF_ANYCAST | IN6_IFF_DETACHED))) {
317 continue;
318 }
319 if (!V_ip6_use_deprecated && IFA6_IS_DEPRECATED(ia))
320 continue;
321
322 if (cred != NULL &&
323 prison_local_ip6(cred, &ia->ia_addr.sin6_addr,
324 (inp != NULL &&
325 (inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)) != 0)
326 continue;
327
328 /* Rule 1: Prefer same address */
329 if (IN6_ARE_ADDR_EQUAL(&dst, &ia->ia_addr.sin6_addr)) {
330 ia_best = ia;
331 BREAK(1); /* there should be no better candidate */
332 }
333
334 if (ia_best == NULL)
335 REPLACE(0);
336
337 /* Rule 2: Prefer appropriate scope */
338 if (dst_scope < 0)
339 dst_scope = in6_addrscope(&dst);
340 new_scope = in6_addrscope(&ia->ia_addr.sin6_addr);
341 if (IN6_ARE_SCOPE_CMP(best_scope, new_scope) < 0) {
342 if (IN6_ARE_SCOPE_CMP(best_scope, dst_scope) < 0)
343 REPLACE(2);
344 NEXT(2);
345 } else if (IN6_ARE_SCOPE_CMP(new_scope, best_scope) < 0) {
346 if (IN6_ARE_SCOPE_CMP(new_scope, dst_scope) < 0)
347 NEXT(2);
348 REPLACE(2);
349 }
350
351 /*
352 * Rule 3: Avoid deprecated addresses. Note that the case of
353 * !ip6_use_deprecated is already rejected above.
354 */
355 if (!IFA6_IS_DEPRECATED(ia_best) && IFA6_IS_DEPRECATED(ia))
356 NEXT(3);
357 if (IFA6_IS_DEPRECATED(ia_best) && !IFA6_IS_DEPRECATED(ia))
358 REPLACE(3);
359
360 /* Rule 4: Prefer home addresses */
361 /*
362 * XXX: This is a TODO. We should probably merge the MIP6
363 * case above.
364 */
365
366 /* Rule 5: Prefer outgoing interface */
367 if (ia_best->ia_ifp == ifp && ia->ia_ifp != ifp)
368 NEXT(5);
369 if (ia_best->ia_ifp != ifp && ia->ia_ifp == ifp)
370 REPLACE(5);
371
372 /*
373 * Rule 6: Prefer matching label
374 * Note that best_policy should be non-NULL here.
375 */
376 if (dst_policy == NULL)
377 dst_policy = lookup_addrsel_policy(dstsock);
378 if (dst_policy->label != ADDR_LABEL_NOTAPP) {
379 new_policy = lookup_addrsel_policy(&ia->ia_addr);
380 if (dst_policy->label == best_policy->label &&
381 dst_policy->label != new_policy->label)
382 NEXT(6);
383 if (dst_policy->label != best_policy->label &&
384 dst_policy->label == new_policy->label)
385 REPLACE(6);
386 }
387
388 /*
389 * Rule 7: Prefer public addresses.
390 * We allow users to reverse the logic by configuring
391 * a sysctl variable, so that privacy conscious users can
392 * always prefer temporary addresses.
393 */
394 if (opts == NULL ||
395 opts->ip6po_prefer_tempaddr == IP6PO_TEMPADDR_SYSTEM) {
396 prefer_tempaddr = V_ip6_prefer_tempaddr;
397 } else if (opts->ip6po_prefer_tempaddr ==
398 IP6PO_TEMPADDR_NOTPREFER) {
399 prefer_tempaddr = 0;
400 } else
401 prefer_tempaddr = 1;
402 if (!(ia_best->ia6_flags & IN6_IFF_TEMPORARY) &&
403 (ia->ia6_flags & IN6_IFF_TEMPORARY)) {
404 if (prefer_tempaddr)
405 REPLACE(7);
406 else
407 NEXT(7);
408 }
409 if ((ia_best->ia6_flags & IN6_IFF_TEMPORARY) &&
410 !(ia->ia6_flags & IN6_IFF_TEMPORARY)) {
411 if (prefer_tempaddr)
412 NEXT(7);
413 else
414 REPLACE(7);
415 }
416
417 /*
418 * Rule 8: prefer addresses on alive interfaces.
419 * This is a KAME specific rule.
420 */
421 if ((ia_best->ia_ifp->if_flags & IFF_UP) &&
422 !(ia->ia_ifp->if_flags & IFF_UP))
423 NEXT(8);
424 if (!(ia_best->ia_ifp->if_flags & IFF_UP) &&
425 (ia->ia_ifp->if_flags & IFF_UP))
426 REPLACE(8);
427
428 /*
429 * Rule 14: Use longest matching prefix.
430 * Note: in the address selection draft, this rule is
431 * documented as "Rule 8". However, since it is also
432 * documented that this rule can be overridden, we assign
433 * a large number so that it is easy to assign smaller numbers
434 * to more preferred rules.
435 */
436 new_matchlen = in6_matchlen(&ia->ia_addr.sin6_addr, &dst);
437 if (best_matchlen < new_matchlen)
438 REPLACE(14);
439 if (new_matchlen < best_matchlen)
440 NEXT(14);
441
442 /* Rule 15 is reserved. */
443
444 /*
445 * Last resort: just keep the current candidate.
446 * Or, do we need more rules?
447 */
448 continue;
449
450 replace:
451 ia_best = ia;
452 best_scope = (new_scope >= 0 ? new_scope :
453 in6_addrscope(&ia_best->ia_addr.sin6_addr));
454 best_policy = (new_policy ? new_policy :
455 lookup_addrsel_policy(&ia_best->ia_addr));
456 best_matchlen = (new_matchlen >= 0 ? new_matchlen :
457 in6_matchlen(&ia_best->ia_addr.sin6_addr,
458 &dst));
459
460 next:
461 continue;
462
463 out:
464 break;
465 }
466
467 if ((ia = ia_best) == NULL) {
468 IN6_IFADDR_RUNLOCK();
469 return (EADDRNOTAVAIL);
470 }
471
472 if (ifpp)
473 *ifpp = ifp;
474
475 bcopy(&ia->ia_addr.sin6_addr, srcp, sizeof(*srcp));
476 IN6_IFADDR_RUNLOCK();
477 return (0);
478 }
479
480 /*
481 * clone - meaningful only for bsdi and freebsd
482 */
483 static int
484 selectroute(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts,
485 struct ip6_moptions *mopts, struct route_in6 *ro,
486 struct ifnet **retifp, struct rtentry **retrt, int norouteok)
487 {
488 int error = 0;
489 struct ifnet *ifp = NULL;
490 struct rtentry *rt = NULL;
491 struct sockaddr_in6 *sin6_next;
492 struct in6_pktinfo *pi = NULL;
493 struct in6_addr *dst = &dstsock->sin6_addr;
494 #if 0
495 char ip6buf[INET6_ADDRSTRLEN];
496
497 if (dstsock->sin6_addr.s6_addr32[0] == 0 &&
498 dstsock->sin6_addr.s6_addr32[1] == 0 &&
499 !IN6_IS_ADDR_LOOPBACK(&dstsock->sin6_addr)) {
500 printf("in6_selectroute: strange destination %s\n",
501 ip6_sprintf(ip6buf, &dstsock->sin6_addr));
502 } else {
503 printf("in6_selectroute: destination = %s%%%d\n",
504 ip6_sprintf(ip6buf, &dstsock->sin6_addr),
505 dstsock->sin6_scope_id); /* for debug */
506 }
507 #endif
508
509 /* If the caller specify the outgoing interface explicitly, use it. */
510 if (opts && (pi = opts->ip6po_pktinfo) != NULL && pi->ipi6_ifindex) {
511 /* XXX boundary check is assumed to be already done. */
512 ifp = ifnet_byindex(pi->ipi6_ifindex);
513 if (ifp != NULL &&
514 (norouteok || retrt == NULL ||
515 IN6_IS_ADDR_MULTICAST(dst))) {
516 /*
517 * we do not have to check or get the route for
518 * multicast.
519 */
520 goto done;
521 } else
522 goto getroute;
523 }
524
525 /*
526 * If the destination address is a multicast address and the outgoing
527 * interface for the address is specified by the caller, use it.
528 */
529 if (IN6_IS_ADDR_MULTICAST(dst) &&
530 mopts != NULL && (ifp = mopts->im6o_multicast_ifp) != NULL) {
531 goto done; /* we do not need a route for multicast. */
532 }
533
534 getroute:
535 /*
536 * If the next hop address for the packet is specified by the caller,
537 * use it as the gateway.
538 */
539 if (opts && opts->ip6po_nexthop) {
540 struct route_in6 *ron;
541 struct llentry *la;
542
543 sin6_next = satosin6(opts->ip6po_nexthop);
544
545 /* at this moment, we only support AF_INET6 next hops */
546 if (sin6_next->sin6_family != AF_INET6) {
547 error = EAFNOSUPPORT; /* or should we proceed? */
548 goto done;
549 }
550
551 /*
552 * If the next hop is an IPv6 address, then the node identified
553 * by that address must be a neighbor of the sending host.
554 */
555 ron = &opts->ip6po_nextroute;
556 /*
557 * XXX what do we do here?
558 * PLZ to be fixing
559 */
560
561
562 if (ron->ro_rt == NULL) {
563 rtalloc((struct route *)ron); /* multi path case? */
564 if (ron->ro_rt == NULL) {
565 if (ron->ro_rt) {
566 RTFREE(ron->ro_rt);
567 ron->ro_rt = NULL;
568 }
569 error = EHOSTUNREACH;
570 goto done;
571 }
572 }
573
574 rt = ron->ro_rt;
575 ifp = rt->rt_ifp;
576 IF_AFDATA_LOCK(ifp);
577 la = lla_lookup(LLTABLE6(ifp), 0, (struct sockaddr *)&sin6_next->sin6_addr);
578 IF_AFDATA_UNLOCK(ifp);
579 if (la != NULL)
580 LLE_RUNLOCK(la);
581 else {
582 error = EHOSTUNREACH;
583 goto done;
584 }
585 #if 0
586 if ((ron->ro_rt &&
587 (ron->ro_rt->rt_flags & (RTF_UP | RTF_LLINFO)) !=
588 (RTF_UP | RTF_LLINFO)) ||
589 !IN6_ARE_ADDR_EQUAL(&satosin6(&ron->ro_dst)->sin6_addr,
590 &sin6_next->sin6_addr)) {
591 if (ron->ro_rt) {
592 RTFREE(ron->ro_rt);
593 ron->ro_rt = NULL;
594 }
595 *satosin6(&ron->ro_dst) = *sin6_next;
596 }
597 if (ron->ro_rt == NULL) {
598 rtalloc((struct route *)ron); /* multi path case? */
599 if (ron->ro_rt == NULL ||
600 !(ron->ro_rt->rt_flags & RTF_LLINFO)) {
601 if (ron->ro_rt) {
602 RTFREE(ron->ro_rt);
603 ron->ro_rt = NULL;
604 }
605 error = EHOSTUNREACH;
606 goto done;
607 }
608 }
609 #endif
610
611 /*
612 * When cloning is required, try to allocate a route to the
613 * destination so that the caller can store path MTU
614 * information.
615 */
616 goto done;
617 }
618
619 /*
620 * Use a cached route if it exists and is valid, else try to allocate
621 * a new one. Note that we should check the address family of the
622 * cached destination, in case of sharing the cache with IPv4.
623 */
624 if (ro) {
625 if (ro->ro_rt &&
626 (!(ro->ro_rt->rt_flags & RTF_UP) ||
627 ((struct sockaddr *)(&ro->ro_dst))->sa_family != AF_INET6 ||
628 !IN6_ARE_ADDR_EQUAL(&satosin6(&ro->ro_dst)->sin6_addr,
629 dst))) {
630 RTFREE(ro->ro_rt);
631 ro->ro_rt = (struct rtentry *)NULL;
632 }
633 if (ro->ro_rt == (struct rtentry *)NULL) {
634 struct sockaddr_in6 *sa6;
635
636 /* No route yet, so try to acquire one */
637 bzero(&ro->ro_dst, sizeof(struct sockaddr_in6));
638 sa6 = (struct sockaddr_in6 *)&ro->ro_dst;
639 *sa6 = *dstsock;
640 sa6->sin6_scope_id = 0;
641
642 #ifdef RADIX_MPATH
643 rtalloc_mpath((struct route *)ro,
644 ntohl(sa6->sin6_addr.s6_addr32[3]));
645 #else
646 ro->ro_rt = rtalloc1(&((struct route *)ro)
647 ->ro_dst, 0, 0UL);
648 if (ro->ro_rt)
649 RT_UNLOCK(ro->ro_rt);
650 #endif
651 }
652
653 /*
654 * do not care about the result if we have the nexthop
655 * explicitly specified.
656 */
657 if (opts && opts->ip6po_nexthop)
658 goto done;
659
660 if (ro->ro_rt) {
661 ifp = ro->ro_rt->rt_ifp;
662
663 if (ifp == NULL) { /* can this really happen? */
664 RTFREE(ro->ro_rt);
665 ro->ro_rt = NULL;
666 }
667 }
668 if (ro->ro_rt == NULL)
669 error = EHOSTUNREACH;
670 rt = ro->ro_rt;
671
672 /*
673 * Check if the outgoing interface conflicts with
674 * the interface specified by ipi6_ifindex (if specified).
675 * Note that loopback interface is always okay.
676 * (this may happen when we are sending a packet to one of
677 * our own addresses.)
678 */
679 if (ifp && opts && opts->ip6po_pktinfo &&
680 opts->ip6po_pktinfo->ipi6_ifindex) {
681 if (!(ifp->if_flags & IFF_LOOPBACK) &&
682 ifp->if_index !=
683 opts->ip6po_pktinfo->ipi6_ifindex) {
684 error = EHOSTUNREACH;
685 goto done;
686 }
687 }
688 }
689
690 done:
691 if (ifp == NULL && rt == NULL) {
692 /*
693 * This can happen if the caller did not pass a cached route
694 * nor any other hints. We treat this case an error.
695 */
696 error = EHOSTUNREACH;
697 }
698 if (error == EHOSTUNREACH)
699 V_ip6stat.ip6s_noroute++;
700
701 if (retifp != NULL) {
702 *retifp = ifp;
703
704 /*
705 * Adjust the "outgoing" interface. If we're going to loop
706 * the packet back to ourselves, the ifp would be the loopback
707 * interface. However, we'd rather know the interface associated
708 * to the destination address (which should probably be one of
709 * our own addresses.)
710 */
711 if (rt) {
712 if ((rt->rt_ifp->if_flags & IFF_LOOPBACK) &&
713 (rt->rt_gateway->sa_family == AF_LINK))
714 *retifp =
715 ifnet_byindex(((struct sockaddr_dl *)
716 rt->rt_gateway)->sdl_index);
717 }
718 }
719
720 if (retrt != NULL)
721 *retrt = rt; /* rt may be NULL */
722
723 return (error);
724 }
725
726 static int
727 in6_selectif(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts,
728 struct ip6_moptions *mopts, struct route_in6 *ro, struct ifnet **retifp)
729 {
730 int error;
731 struct route_in6 sro;
732 struct rtentry *rt = NULL;
733
734 if (ro == NULL) {
735 bzero(&sro, sizeof(sro));
736 ro = &sro;
737 }
738
739 if ((error = selectroute(dstsock, opts, mopts, ro, retifp,
740 &rt, 1)) != 0) {
741 if (ro == &sro && rt && rt == sro.ro_rt)
742 RTFREE(rt);
743 return (error);
744 }
745
746 /*
747 * do not use a rejected or black hole route.
748 * XXX: this check should be done in the L2 output routine.
749 * However, if we skipped this check here, we'd see the following
750 * scenario:
751 * - install a rejected route for a scoped address prefix
752 * (like fe80::/10)
753 * - send a packet to a destination that matches the scoped prefix,
754 * with ambiguity about the scope zone.
755 * - pick the outgoing interface from the route, and disambiguate the
756 * scope zone with the interface.
757 * - ip6_output() would try to get another route with the "new"
758 * destination, which may be valid.
759 * - we'd see no error on output.
760 * Although this may not be very harmful, it should still be confusing.
761 * We thus reject the case here.
762 */
763 if (rt && (rt->rt_flags & (RTF_REJECT | RTF_BLACKHOLE))) {
764 int flags = (rt->rt_flags & RTF_HOST ? EHOSTUNREACH : ENETUNREACH);
765
766 if (ro == &sro && rt && rt == sro.ro_rt)
767 RTFREE(rt);
768 return (flags);
769 }
770
771 if (ro == &sro && rt && rt == sro.ro_rt)
772 RTFREE(rt);
773 return (0);
774 }
775
776 /*
777 * clone - meaningful only for bsdi and freebsd
778 */
779 int
780 in6_selectroute(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts,
781 struct ip6_moptions *mopts, struct route_in6 *ro,
782 struct ifnet **retifp, struct rtentry **retrt)
783 {
784
785 return (selectroute(dstsock, opts, mopts, ro, retifp,
786 retrt, 0));
787 }
788
789 /*
790 * Default hop limit selection. The precedence is as follows:
791 * 1. Hoplimit value specified via ioctl.
792 * 2. (If the outgoing interface is detected) the current
793 * hop limit of the interface specified by router advertisement.
794 * 3. The system default hoplimit.
795 */
796 int
797 in6_selecthlim(struct inpcb *in6p, struct ifnet *ifp)
798 {
799
800 if (in6p && in6p->in6p_hops >= 0)
801 return (in6p->in6p_hops);
802 else if (ifp)
803 return (ND_IFINFO(ifp)->chlim);
804 else if (in6p && !IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) {
805 struct route_in6 ro6;
806 struct ifnet *lifp;
807
808 bzero(&ro6, sizeof(ro6));
809 ro6.ro_dst.sin6_family = AF_INET6;
810 ro6.ro_dst.sin6_len = sizeof(struct sockaddr_in6);
811 ro6.ro_dst.sin6_addr = in6p->in6p_faddr;
812 rtalloc((struct route *)&ro6);
813 if (ro6.ro_rt) {
814 lifp = ro6.ro_rt->rt_ifp;
815 RTFREE(ro6.ro_rt);
816 if (lifp)
817 return (ND_IFINFO(lifp)->chlim);
818 } else
819 return (V_ip6_defhlim);
820 }
821 return (V_ip6_defhlim);
822 }
823
824 /*
825 * XXX: this is borrowed from in6_pcbbind(). If possible, we should
826 * share this function by all *bsd*...
827 */
828 int
829 in6_pcbsetport(struct in6_addr *laddr, struct inpcb *inp, struct ucred *cred)
830 {
831 struct socket *so = inp->inp_socket;
832 u_int16_t lport = 0, first, last, *lastport;
833 int count, error, wild = 0, dorandom;
834 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo;
835
836 INP_INFO_WLOCK_ASSERT(pcbinfo);
837 INP_WLOCK_ASSERT(inp);
838
839 error = prison_local_ip6(cred, laddr,
840 ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0));
841 if (error)
842 return(error);
843
844 /* XXX: this is redundant when called from in6_pcbbind */
845 if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0)
846 wild = INPLOOKUP_WILDCARD;
847
848 inp->inp_flags |= INP_ANONPORT;
849
850 if (inp->inp_flags & INP_HIGHPORT) {
851 first = V_ipport_hifirstauto; /* sysctl */
852 last = V_ipport_hilastauto;
853 lastport = &pcbinfo->ipi_lasthi;
854 } else if (inp->inp_flags & INP_LOWPORT) {
855 error = priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT, 0);
856 if (error)
857 return error;
858 first = V_ipport_lowfirstauto; /* 1023 */
859 last = V_ipport_lowlastauto; /* 600 */
860 lastport = &pcbinfo->ipi_lastlow;
861 } else {
862 first = V_ipport_firstauto; /* sysctl */
863 last = V_ipport_lastauto;
864 lastport = &pcbinfo->ipi_lastport;
865 }
866
867 /*
868 * For UDP, use random port allocation as long as the user
869 * allows it. For TCP (and as of yet unknown) connections,
870 * use random port allocation only if the user allows it AND
871 * ipport_tick() allows it.
872 */
873 if (V_ipport_randomized &&
874 (!V_ipport_stoprandom || pcbinfo == &V_udbinfo))
875 dorandom = 1;
876 else
877 dorandom = 0;
878 /*
879 * It makes no sense to do random port allocation if
880 * we have the only port available.
881 */
882 if (first == last)
883 dorandom = 0;
884 /* Make sure to not include UDP packets in the count. */
885 if (pcbinfo != &V_udbinfo)
886 V_ipport_tcpallocs++;
887
888 /*
889 * Instead of having two loops further down counting up or down
890 * make sure that first is always <= last and go with only one
891 * code path implementing all logic.
892 */
893 if (first > last) {
894 u_int16_t aux;
895
896 aux = first;
897 first = last;
898 last = aux;
899 }
900
901 if (dorandom)
902 *lastport = first + (arc4random() % (last - first));
903
904 count = last - first;
905
906 do {
907 if (count-- < 0) { /* completely used? */
908 /* Undo an address bind that may have occurred. */
909 inp->in6p_laddr = in6addr_any;
910 return (EADDRNOTAVAIL);
911 }
912 ++*lastport;
913 if (*lastport < first || *lastport > last)
914 *lastport = first;
915 lport = htons(*lastport);
916 } while (in6_pcblookup_local(pcbinfo, &inp->in6p_laddr,
917 lport, wild, cred));
918
919 inp->inp_lport = lport;
920 if (in_pcbinshash(inp) != 0) {
921 inp->in6p_laddr = in6addr_any;
922 inp->inp_lport = 0;
923 return (EAGAIN);
924 }
925
926 return (0);
927 }
928
929 void
930 addrsel_policy_init(void)
931 {
932
933 V_ip6_prefer_tempaddr = 0;
934
935 init_policy_queue();
936
937 /* initialize the "last resort" policy */
938 bzero(&V_defaultaddrpolicy, sizeof(V_defaultaddrpolicy));
939 V_defaultaddrpolicy.label = ADDR_LABEL_NOTAPP;
940
941 if (!IS_DEFAULT_VNET(curvnet))
942 return;
943
944 ADDRSEL_LOCK_INIT();
945 ADDRSEL_SXLOCK_INIT();
946 }
947
948 static struct in6_addrpolicy *
949 lookup_addrsel_policy(struct sockaddr_in6 *key)
950 {
951 struct in6_addrpolicy *match = NULL;
952
953 ADDRSEL_LOCK();
954 match = match_addrsel_policy(key);
955
956 if (match == NULL)
957 match = &V_defaultaddrpolicy;
958 else
959 match->use++;
960 ADDRSEL_UNLOCK();
961
962 return (match);
963 }
964
965 /*
966 * Subroutines to manage the address selection policy table via sysctl.
967 */
968 struct walkarg {
969 struct sysctl_req *w_req;
970 };
971
972 static int in6_src_sysctl(SYSCTL_HANDLER_ARGS);
973 SYSCTL_DECL(_net_inet6_ip6);
974 SYSCTL_NODE(_net_inet6_ip6, IPV6CTL_ADDRCTLPOLICY, addrctlpolicy,
975 CTLFLAG_RD, in6_src_sysctl, "");
976
977 static int
978 in6_src_sysctl(SYSCTL_HANDLER_ARGS)
979 {
980 struct walkarg w;
981
982 if (req->newptr)
983 return EPERM;
984
985 bzero(&w, sizeof(w));
986 w.w_req = req;
987
988 return (walk_addrsel_policy(dump_addrsel_policyent, &w));
989 }
990
991 int
992 in6_src_ioctl(u_long cmd, caddr_t data)
993 {
994 int i;
995 struct in6_addrpolicy ent0;
996
997 if (cmd != SIOCAADDRCTL_POLICY && cmd != SIOCDADDRCTL_POLICY)
998 return (EOPNOTSUPP); /* check for safety */
999
1000 ent0 = *(struct in6_addrpolicy *)data;
1001
1002 if (ent0.label == ADDR_LABEL_NOTAPP)
1003 return (EINVAL);
1004 /* check if the prefix mask is consecutive. */
1005 if (in6_mask2len(&ent0.addrmask.sin6_addr, NULL) < 0)
1006 return (EINVAL);
1007 /* clear trailing garbages (if any) of the prefix address. */
1008 for (i = 0; i < 4; i++) {
1009 ent0.addr.sin6_addr.s6_addr32[i] &=
1010 ent0.addrmask.sin6_addr.s6_addr32[i];
1011 }
1012 ent0.use = 0;
1013
1014 switch (cmd) {
1015 case SIOCAADDRCTL_POLICY:
1016 return (add_addrsel_policyent(&ent0));
1017 case SIOCDADDRCTL_POLICY:
1018 return (delete_addrsel_policyent(&ent0));
1019 }
1020
1021 return (0); /* XXX: compromise compilers */
1022 }
1023
1024 /*
1025 * The followings are implementation of the policy table using a
1026 * simple tail queue.
1027 * XXX such details should be hidden.
1028 * XXX implementation using binary tree should be more efficient.
1029 */
1030 struct addrsel_policyent {
1031 TAILQ_ENTRY(addrsel_policyent) ape_entry;
1032 struct in6_addrpolicy ape_policy;
1033 };
1034
1035 TAILQ_HEAD(addrsel_policyhead, addrsel_policyent);
1036
1037 static VNET_DEFINE(struct addrsel_policyhead, addrsel_policytab);
1038 #define V_addrsel_policytab VNET(addrsel_policytab)
1039
1040 static void
1041 init_policy_queue(void)
1042 {
1043
1044 TAILQ_INIT(&V_addrsel_policytab);
1045 }
1046
1047 static int
1048 add_addrsel_policyent(struct in6_addrpolicy *newpolicy)
1049 {
1050 struct addrsel_policyent *new, *pol;
1051
1052 new = malloc(sizeof(*new), M_IFADDR,
1053 M_WAITOK);
1054 ADDRSEL_XLOCK();
1055 ADDRSEL_LOCK();
1056
1057 /* duplication check */
1058 TAILQ_FOREACH(pol, &V_addrsel_policytab, ape_entry) {
1059 if (IN6_ARE_ADDR_EQUAL(&newpolicy->addr.sin6_addr,
1060 &pol->ape_policy.addr.sin6_addr) &&
1061 IN6_ARE_ADDR_EQUAL(&newpolicy->addrmask.sin6_addr,
1062 &pol->ape_policy.addrmask.sin6_addr)) {
1063 ADDRSEL_UNLOCK();
1064 ADDRSEL_XUNLOCK();
1065 free(new, M_IFADDR);
1066 return (EEXIST); /* or override it? */
1067 }
1068 }
1069
1070 bzero(new, sizeof(*new));
1071
1072 /* XXX: should validate entry */
1073 new->ape_policy = *newpolicy;
1074
1075 TAILQ_INSERT_TAIL(&V_addrsel_policytab, new, ape_entry);
1076 ADDRSEL_UNLOCK();
1077 ADDRSEL_XUNLOCK();
1078
1079 return (0);
1080 }
1081
1082 static int
1083 delete_addrsel_policyent(struct in6_addrpolicy *key)
1084 {
1085 struct addrsel_policyent *pol;
1086
1087 ADDRSEL_XLOCK();
1088 ADDRSEL_LOCK();
1089
1090 /* search for the entry in the table */
1091 TAILQ_FOREACH(pol, &V_addrsel_policytab, ape_entry) {
1092 if (IN6_ARE_ADDR_EQUAL(&key->addr.sin6_addr,
1093 &pol->ape_policy.addr.sin6_addr) &&
1094 IN6_ARE_ADDR_EQUAL(&key->addrmask.sin6_addr,
1095 &pol->ape_policy.addrmask.sin6_addr)) {
1096 break;
1097 }
1098 }
1099 if (pol == NULL) {
1100 ADDRSEL_UNLOCK();
1101 ADDRSEL_XUNLOCK();
1102 return (ESRCH);
1103 }
1104
1105 TAILQ_REMOVE(&V_addrsel_policytab, pol, ape_entry);
1106 ADDRSEL_UNLOCK();
1107 ADDRSEL_XUNLOCK();
1108
1109 return (0);
1110 }
1111
1112 static int
1113 walk_addrsel_policy(int (*callback)(struct in6_addrpolicy *, void *),
1114 void *w)
1115 {
1116 struct addrsel_policyent *pol;
1117 int error = 0;
1118
1119 ADDRSEL_SLOCK();
1120 TAILQ_FOREACH(pol, &V_addrsel_policytab, ape_entry) {
1121 if ((error = (*callback)(&pol->ape_policy, w)) != 0) {
1122 ADDRSEL_SUNLOCK();
1123 return (error);
1124 }
1125 }
1126 ADDRSEL_SUNLOCK();
1127 return (error);
1128 }
1129
1130 static int
1131 dump_addrsel_policyent(struct in6_addrpolicy *pol, void *arg)
1132 {
1133 int error = 0;
1134 struct walkarg *w = arg;
1135
1136 error = SYSCTL_OUT(w->w_req, pol, sizeof(*pol));
1137
1138 return (error);
1139 }
1140
1141 static struct in6_addrpolicy *
1142 match_addrsel_policy(struct sockaddr_in6 *key)
1143 {
1144 struct addrsel_policyent *pent;
1145 struct in6_addrpolicy *bestpol = NULL, *pol;
1146 int matchlen, bestmatchlen = -1;
1147 u_char *mp, *ep, *k, *p, m;
1148
1149 TAILQ_FOREACH(pent, &V_addrsel_policytab, ape_entry) {
1150 matchlen = 0;
1151
1152 pol = &pent->ape_policy;
1153 mp = (u_char *)&pol->addrmask.sin6_addr;
1154 ep = mp + 16; /* XXX: scope field? */
1155 k = (u_char *)&key->sin6_addr;
1156 p = (u_char *)&pol->addr.sin6_addr;
1157 for (; mp < ep && *mp; mp++, k++, p++) {
1158 m = *mp;
1159 if ((*k & m) != *p)
1160 goto next; /* not match */
1161 if (m == 0xff) /* short cut for a typical case */
1162 matchlen += 8;
1163 else {
1164 while (m >= 0x80) {
1165 matchlen++;
1166 m <<= 1;
1167 }
1168 }
1169 }
1170
1171 /* matched. check if this is better than the current best. */
1172 if (bestpol == NULL ||
1173 matchlen > bestmatchlen) {
1174 bestpol = pol;
1175 bestmatchlen = matchlen;
1176 }
1177
1178 next:
1179 continue;
1180 }
1181
1182 return (bestpol);
1183 }
Cache object: 5d15d6216d18feaf95e602538adab858
|