The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/netinet6/ip6_mroute.c

Version: -  FREEBSD  -  FREEBSD-13-STABLE  -  FREEBSD-13-0  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  l41  -  OPENBSD  -  linux-2.6  -  MK84  -  PLAN9  -  xnu-8792 
SearchContext: -  none  -  3  -  10 

    1 /*-
    2  * Copyright (C) 1998 WIDE Project.
    3  * All rights reserved.
    4  *
    5  * Redistribution and use in source and binary forms, with or without
    6  * modification, are permitted provided that the following conditions
    7  * are met:
    8  * 1. Redistributions of source code must retain the above copyright
    9  *    notice, this list of conditions and the following disclaimer.
   10  * 2. Redistributions in binary form must reproduce the above copyright
   11  *    notice, this list of conditions and the following disclaimer in the
   12  *    documentation and/or other materials provided with the distribution.
   13  * 3. Neither the name of the project nor the names of its contributors
   14  *    may be used to endorse or promote products derived from this software
   15  *    without specific prior written permission.
   16  *
   17  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
   18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   20  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
   21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   27  * SUCH DAMAGE.
   28  *
   29  *      $KAME: ip6_mroute.c,v 1.58 2001/12/18 02:36:31 itojun Exp $
   30  */
   31 
   32 /*-
   33  * Copyright (c) 1989 Stephen Deering
   34  * Copyright (c) 1992, 1993
   35  *      The Regents of the University of California.  All rights reserved.
   36  *
   37  * This code is derived from software contributed to Berkeley by
   38  * Stephen Deering of Stanford University.
   39  *
   40  * Redistribution and use in source and binary forms, with or without
   41  * modification, are permitted provided that the following conditions
   42  * are met:
   43  * 1. Redistributions of source code must retain the above copyright
   44  *    notice, this list of conditions and the following disclaimer.
   45  * 2. Redistributions in binary form must reproduce the above copyright
   46  *    notice, this list of conditions and the following disclaimer in the
   47  *    documentation and/or other materials provided with the distribution.
   48  * 4. Neither the name of the University nor the names of its contributors
   49  *    may be used to endorse or promote products derived from this software
   50  *    without specific prior written permission.
   51  *
   52  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
   53  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   54  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   55  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
   56  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   57  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   58  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   59  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   60  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   61  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   62  * SUCH DAMAGE.
   63  *
   64  *      @(#)ip_mroute.c 8.2 (Berkeley) 11/15/93
   65  *      BSDI ip_mroute.c,v 2.10 1996/11/14 00:29:52 jch Exp
   66  */
   67 
   68 /*
   69  * IP multicast forwarding procedures
   70  *
   71  * Written by David Waitzman, BBN Labs, August 1988.
   72  * Modified by Steve Deering, Stanford, February 1989.
   73  * Modified by Mark J. Steiglitz, Stanford, May, 1991
   74  * Modified by Van Jacobson, LBL, January 1993
   75  * Modified by Ajit Thyagarajan, PARC, August 1993
   76  * Modified by Bill Fenner, PARC, April 1994
   77  *
   78  * MROUTING Revision: 3.5.1.2 + PIM-SMv2 (pimd) Support
   79  */
   80 
   81 #include <sys/cdefs.h>
   82 __FBSDID("$FreeBSD: releng/11.1/sys/netinet6/ip6_mroute.c 302054 2016-06-21 13:48:49Z bz $");
   83 
   84 #include "opt_inet6.h"
   85 
   86 #include <sys/param.h>
   87 #include <sys/callout.h>
   88 #include <sys/errno.h>
   89 #include <sys/kernel.h>
   90 #include <sys/lock.h>
   91 #include <sys/malloc.h>
   92 #include <sys/mbuf.h>
   93 #include <sys/module.h>
   94 #include <sys/domain.h>
   95 #include <sys/protosw.h>
   96 #include <sys/sdt.h>
   97 #include <sys/signalvar.h>
   98 #include <sys/socket.h>
   99 #include <sys/socketvar.h>
  100 #include <sys/sockio.h>
  101 #include <sys/sx.h>
  102 #include <sys/sysctl.h>
  103 #include <sys/syslog.h>
  104 #include <sys/systm.h>
  105 #include <sys/time.h>
  106 
  107 #include <net/if.h>
  108 #include <net/if_var.h>
  109 #include <net/if_types.h>
  110 #include <net/raw_cb.h>
  111 #include <net/vnet.h>
  112 
  113 #include <netinet/in.h>
  114 #include <netinet/in_var.h>
  115 #include <netinet/icmp6.h>
  116 #include <netinet/ip_encap.h>
  117 
  118 #include <netinet/ip6.h>
  119 #include <netinet/in_kdtrace.h>
  120 #include <netinet6/ip6_var.h>
  121 #include <netinet6/scope6_var.h>
  122 #include <netinet6/nd6.h>
  123 #include <netinet6/ip6_mroute.h>
  124 #include <netinet6/pim6.h>
  125 #include <netinet6/pim6_var.h>
  126 
  127 static MALLOC_DEFINE(M_MRTABLE6, "mf6c", "multicast forwarding cache entry");
  128 
  129 static int      ip6_mdq(struct mbuf *, struct ifnet *, struct mf6c *);
  130 static void     phyint_send(struct ip6_hdr *, struct mif6 *, struct mbuf *);
  131 static int      register_send(struct ip6_hdr *, struct mif6 *, struct mbuf *);
  132 static int      set_pim6(int *);
  133 static int      socket_send(struct socket *, struct mbuf *,
  134                     struct sockaddr_in6 *);
  135 
  136 extern int in6_mcast_loop;
  137 extern struct domain inet6domain;
  138 
  139 static const struct encaptab *pim6_encap_cookie;
  140 static const struct protosw in6_pim_protosw = {
  141         .pr_type =              SOCK_RAW,
  142         .pr_domain =            &inet6domain,
  143         .pr_protocol =          IPPROTO_PIM,
  144         .pr_flags =             PR_ATOMIC|PR_ADDR|PR_LASTHDR,
  145         .pr_input =             pim6_input,
  146         .pr_output =            rip6_output,
  147         .pr_ctloutput =         rip6_ctloutput,
  148         .pr_usrreqs =           &rip6_usrreqs
  149 };
  150 static int pim6_encapcheck(const struct mbuf *, int, int, void *);
  151 
  152 static VNET_DEFINE(int, ip6_mrouter_ver) = 0;
  153 #define V_ip6_mrouter_ver       VNET(ip6_mrouter_ver)
  154 
  155 SYSCTL_DECL(_net_inet6);
  156 SYSCTL_DECL(_net_inet6_ip6);
  157 static SYSCTL_NODE(_net_inet6, IPPROTO_PIM, pim, CTLFLAG_RW, 0, "PIM");
  158 
  159 static struct mrt6stat mrt6stat;
  160 SYSCTL_STRUCT(_net_inet6_ip6, OID_AUTO, mrt6stat, CTLFLAG_RW,
  161     &mrt6stat, mrt6stat,
  162     "Multicast Routing Statistics (struct mrt6stat, netinet6/ip6_mroute.h)");
  163 
  164 #define MRT6STAT_INC(name)      mrt6stat.name += 1
  165 #define NO_RTE_FOUND    0x1
  166 #define RTE_FOUND       0x2
  167 
  168 static struct mtx mrouter6_mtx;
  169 #define MROUTER6_LOCK()         mtx_lock(&mrouter6_mtx)
  170 #define MROUTER6_UNLOCK()       mtx_unlock(&mrouter6_mtx)
  171 #define MROUTER6_LOCK_ASSERT()  do {                                    \
  172         mtx_assert(&mrouter6_mtx, MA_OWNED);                            \
  173         NET_ASSERT_GIANT();                                             \
  174 } while (0)
  175 #define MROUTER6_LOCK_INIT()    \
  176         mtx_init(&mrouter6_mtx, "IPv6 multicast forwarding", NULL, MTX_DEF)
  177 #define MROUTER6_LOCK_DESTROY() mtx_destroy(&mrouter6_mtx)
  178 
  179 static struct mf6c *mf6ctable[MF6CTBLSIZ];
  180 SYSCTL_OPAQUE(_net_inet6_ip6, OID_AUTO, mf6ctable, CTLFLAG_RD,
  181     &mf6ctable, sizeof(mf6ctable), "S,*mf6ctable[MF6CTBLSIZ]",
  182     "IPv6 Multicast Forwarding Table (struct *mf6ctable[MF6CTBLSIZ], "
  183     "netinet6/ip6_mroute.h)");
  184 
  185 static struct mtx mfc6_mtx;
  186 #define MFC6_LOCK()             mtx_lock(&mfc6_mtx)
  187 #define MFC6_UNLOCK()           mtx_unlock(&mfc6_mtx)
  188 #define MFC6_LOCK_ASSERT()      do {                                    \
  189         mtx_assert(&mfc6_mtx, MA_OWNED);                                \
  190         NET_ASSERT_GIANT();                                             \
  191 } while (0)
  192 #define MFC6_LOCK_INIT()                \
  193         mtx_init(&mfc6_mtx, "IPv6 multicast forwarding cache", NULL, MTX_DEF)
  194 #define MFC6_LOCK_DESTROY()     mtx_destroy(&mfc6_mtx)
  195 
  196 static u_char n6expire[MF6CTBLSIZ];
  197 
  198 static struct mif6 mif6table[MAXMIFS];
  199 static int
  200 sysctl_mif6table(SYSCTL_HANDLER_ARGS)
  201 {
  202         struct mif6_sctl *out;
  203         int error;
  204 
  205         out = malloc(sizeof(struct mif6_sctl) * MAXMIFS, M_TEMP, M_WAITOK);
  206         for (int i = 0; i < MAXMIFS; i++) {
  207                 out[i].m6_flags         = mif6table[i].m6_flags;
  208                 out[i].m6_rate_limit    = mif6table[i].m6_rate_limit;
  209                 out[i].m6_lcl_addr      = mif6table[i].m6_lcl_addr;
  210                 if (mif6table[i].m6_ifp != NULL)
  211                         out[i].m6_ifp   = mif6table[i].m6_ifp->if_index;
  212                 else
  213                         out[i].m6_ifp   = 0;
  214                 out[i].m6_pkt_in        = mif6table[i].m6_pkt_in;
  215                 out[i].m6_pkt_out       = mif6table[i].m6_pkt_out;
  216                 out[i].m6_bytes_in      = mif6table[i].m6_bytes_in;
  217                 out[i].m6_bytes_out     = mif6table[i].m6_bytes_out;
  218         }
  219         error = SYSCTL_OUT(req, out, sizeof(struct mif6_sctl) * MAXMIFS);
  220         free(out, M_TEMP);
  221         return (error);
  222 }
  223 SYSCTL_PROC(_net_inet6_ip6, OID_AUTO, mif6table, CTLTYPE_OPAQUE | CTLFLAG_RD,
  224     NULL, 0, sysctl_mif6table, "S,mif6_sctl[MAXMIFS]",
  225     "IPv6 Multicast Interfaces (struct mif6_sctl[MAXMIFS], "
  226     "netinet6/ip6_mroute.h)");
  227 
  228 static struct mtx mif6_mtx;
  229 #define MIF6_LOCK()             mtx_lock(&mif6_mtx)
  230 #define MIF6_UNLOCK()           mtx_unlock(&mif6_mtx)
  231 #define MIF6_LOCK_ASSERT()      mtx_assert(&mif6_mtx, MA_OWNED)
  232 #define MIF6_LOCK_INIT()        \
  233         mtx_init(&mif6_mtx, "IPv6 multicast interfaces", NULL, MTX_DEF)
  234 #define MIF6_LOCK_DESTROY()     mtx_destroy(&mif6_mtx)
  235 
  236 #ifdef MRT6DEBUG
  237 static VNET_DEFINE(u_int, mrt6debug) = 0;       /* debug level */
  238 #define V_mrt6debug             VNET(mrt6debug)
  239 #define DEBUG_MFC       0x02
  240 #define DEBUG_FORWARD   0x04
  241 #define DEBUG_EXPIRE    0x08
  242 #define DEBUG_XMIT      0x10
  243 #define DEBUG_REG       0x20
  244 #define DEBUG_PIM       0x40
  245 #define DEBUG_ERR       0x80
  246 #define DEBUG_ANY       0x7f
  247 #define MRT6_DLOG(m, fmt, ...)  \
  248         if (V_mrt6debug & (m))  \
  249                 log(((m) & DEBUG_ERR) ? LOG_ERR: LOG_DEBUG, \
  250                     "%s: " fmt "\n", __func__, ##__VA_ARGS__)
  251 #else
  252 #define MRT6_DLOG(m, fmt, ...)
  253 #endif
  254 
  255 static void     expire_upcalls(void *);
  256 #define EXPIRE_TIMEOUT  (hz / 4)        /* 4x / second */
  257 #define UPCALL_EXPIRE   6               /* number of timeouts */
  258 
  259 /*
  260  * XXX TODO: maintain a count to if_allmulti() calls in struct ifnet.
  261  */
  262 
  263 /*
  264  * 'Interfaces' associated with decapsulator (so we can tell
  265  * packets that went through it from ones that get reflected
  266  * by a broken gateway).  Different from IPv4 register_if,
  267  * these interfaces are linked into the system ifnet list,
  268  * because per-interface IPv6 statistics are maintained in
  269  * ifp->if_afdata.  But it does not have any routes point
  270  * to them.  I.e., packets can't be sent this way.  They
  271  * only exist as a placeholder for multicast source
  272  * verification.
  273  */
  274 static struct ifnet *multicast_register_if6;
  275 
  276 #define ENCAP_HOPS 64
  277 
  278 /*
  279  * Private variables.
  280  */
  281 static mifi_t nummifs = 0;
  282 static mifi_t reg_mif_num = (mifi_t)-1;
  283 
  284 static struct pim6stat pim6stat;
  285 SYSCTL_STRUCT(_net_inet6_pim, PIM6CTL_STATS, stats, CTLFLAG_RW,
  286     &pim6stat, pim6stat,
  287     "PIM Statistics (struct pim6stat, netinet6/pim6_var.h)");
  288 
  289 #define PIM6STAT_INC(name)      pim6stat.name += 1
  290 static VNET_DEFINE(int, pim6);
  291 #define V_pim6          VNET(pim6)
  292 
  293 /*
  294  * Hash function for a source, group entry
  295  */
  296 #define MF6CHASH(a, g) MF6CHASHMOD((a).s6_addr32[0] ^ (a).s6_addr32[1] ^ \
  297                                    (a).s6_addr32[2] ^ (a).s6_addr32[3] ^ \
  298                                    (g).s6_addr32[0] ^ (g).s6_addr32[1] ^ \
  299                                    (g).s6_addr32[2] ^ (g).s6_addr32[3])
  300 
  301 /*
  302  * Find a route for a given origin IPv6 address and Multicast group address.
  303  */
  304 #define MF6CFIND(o, g, rt) do { \
  305         struct mf6c *_rt = mf6ctable[MF6CHASH(o,g)]; \
  306         rt = NULL; \
  307         while (_rt) { \
  308                 if (IN6_ARE_ADDR_EQUAL(&_rt->mf6c_origin.sin6_addr, &(o)) && \
  309                     IN6_ARE_ADDR_EQUAL(&_rt->mf6c_mcastgrp.sin6_addr, &(g)) && \
  310                     (_rt->mf6c_stall == NULL)) { \
  311                         rt = _rt; \
  312                         break; \
  313                 } \
  314                 _rt = _rt->mf6c_next; \
  315         } \
  316         if (rt == NULL) { \
  317                 MRT6STAT_INC(mrt6s_mfc_misses); \
  318         } \
  319 } while (/*CONSTCOND*/ 0)
  320 
  321 /*
  322  * Macros to compute elapsed time efficiently
  323  * Borrowed from Van Jacobson's scheduling code
  324  * XXX: replace with timersub() ?
  325  */
  326 #define TV_DELTA(a, b, delta) do { \
  327             int xxs; \
  328                 \
  329             delta = (a).tv_usec - (b).tv_usec; \
  330             if ((xxs = (a).tv_sec - (b).tv_sec)) { \
  331                switch (xxs) { \
  332                       case 2: \
  333                           delta += 1000000; \
  334                               /* FALLTHROUGH */ \
  335                       case 1: \
  336                           delta += 1000000; \
  337                           break; \
  338                       default: \
  339                           delta += (1000000 * xxs); \
  340                } \
  341             } \
  342 } while (/*CONSTCOND*/ 0)
  343 
  344 /* XXX: replace with timercmp(a, b, <) ? */
  345 #define TV_LT(a, b) (((a).tv_usec < (b).tv_usec && \
  346               (a).tv_sec <= (b).tv_sec) || (a).tv_sec < (b).tv_sec)
  347 
  348 #ifdef UPCALL_TIMING
  349 #define UPCALL_MAX      50
  350 static u_long upcall_data[UPCALL_MAX + 1];
  351 static void collate();
  352 #endif /* UPCALL_TIMING */
  353 
  354 static int ip6_mrouter_init(struct socket *, int, int);
  355 static int add_m6fc(struct mf6cctl *);
  356 static int add_m6if(struct mif6ctl *);
  357 static int del_m6fc(struct mf6cctl *);
  358 static int del_m6if(mifi_t *);
  359 static int del_m6if_locked(mifi_t *);
  360 static int get_mif6_cnt(struct sioc_mif_req6 *);
  361 static int get_sg_cnt(struct sioc_sg_req6 *);
  362 
  363 static struct callout expire_upcalls_ch;
  364 
  365 int X_ip6_mforward(struct ip6_hdr *, struct ifnet *, struct mbuf *);
  366 int X_ip6_mrouter_done(void);
  367 int X_ip6_mrouter_set(struct socket *, struct sockopt *);
  368 int X_ip6_mrouter_get(struct socket *, struct sockopt *);
  369 int X_mrt6_ioctl(u_long, caddr_t);
  370 
  371 /*
  372  * Handle MRT setsockopt commands to modify the multicast routing tables.
  373  */
  374 int
  375 X_ip6_mrouter_set(struct socket *so, struct sockopt *sopt)
  376 {
  377         int error = 0;
  378         int optval;
  379         struct mif6ctl mifc;
  380         struct mf6cctl mfcc;
  381         mifi_t mifi;
  382 
  383         if (so != V_ip6_mrouter && sopt->sopt_name != MRT6_INIT)
  384                 return (EPERM);
  385 
  386         switch (sopt->sopt_name) {
  387         case MRT6_INIT:
  388 #ifdef MRT6_OINIT
  389         case MRT6_OINIT:
  390 #endif
  391                 error = sooptcopyin(sopt, &optval, sizeof(optval),
  392                     sizeof(optval));
  393                 if (error)
  394                         break;
  395                 error = ip6_mrouter_init(so, optval, sopt->sopt_name);
  396                 break;
  397         case MRT6_DONE:
  398                 error = X_ip6_mrouter_done();
  399                 break;
  400         case MRT6_ADD_MIF:
  401                 error = sooptcopyin(sopt, &mifc, sizeof(mifc), sizeof(mifc));
  402                 if (error)
  403                         break;
  404                 error = add_m6if(&mifc);
  405                 break;
  406         case MRT6_ADD_MFC:
  407                 error = sooptcopyin(sopt, &mfcc, sizeof(mfcc), sizeof(mfcc));
  408                 if (error)
  409                         break;
  410                 error = add_m6fc(&mfcc);
  411                 break;
  412         case MRT6_DEL_MFC:
  413                 error = sooptcopyin(sopt, &mfcc, sizeof(mfcc), sizeof(mfcc));
  414                 if (error)
  415                         break;
  416                 error = del_m6fc(&mfcc);
  417                 break;
  418         case MRT6_DEL_MIF:
  419                 error = sooptcopyin(sopt, &mifi, sizeof(mifi), sizeof(mifi));
  420                 if (error)
  421                         break;
  422                 error = del_m6if(&mifi);
  423                 break;
  424         case MRT6_PIM:
  425                 error = sooptcopyin(sopt, &optval, sizeof(optval),
  426                     sizeof(optval));
  427                 if (error)
  428                         break;
  429                 error = set_pim6(&optval);
  430                 break;
  431         default:
  432                 error = EOPNOTSUPP;
  433                 break;
  434         }
  435 
  436         return (error);
  437 }
  438 
  439 /*
  440  * Handle MRT getsockopt commands
  441  */
  442 int
  443 X_ip6_mrouter_get(struct socket *so, struct sockopt *sopt)
  444 {
  445         int error = 0;
  446 
  447         if (so != V_ip6_mrouter)
  448                 return (EACCES);
  449 
  450         switch (sopt->sopt_name) {
  451                 case MRT6_PIM:
  452                         error = sooptcopyout(sopt, &V_pim6, sizeof(V_pim6));
  453                         break;
  454         }
  455         return (error);
  456 }
  457 
  458 /*
  459  * Handle ioctl commands to obtain information from the cache
  460  */
  461 int
  462 X_mrt6_ioctl(u_long cmd, caddr_t data)
  463 {
  464         int ret;
  465 
  466         ret = EINVAL;
  467 
  468         switch (cmd) {
  469         case SIOCGETSGCNT_IN6:
  470                 ret = get_sg_cnt((struct sioc_sg_req6 *)data);
  471                 break;
  472 
  473         case SIOCGETMIFCNT_IN6:
  474                 ret = get_mif6_cnt((struct sioc_mif_req6 *)data);
  475                 break;
  476 
  477         default:
  478                 break;
  479         }
  480 
  481         return (ret);
  482 }
  483 
  484 /*
  485  * returns the packet, byte, rpf-failure count for the source group provided
  486  */
  487 static int
  488 get_sg_cnt(struct sioc_sg_req6 *req)
  489 {
  490         struct mf6c *rt;
  491         int ret;
  492 
  493         ret = 0;
  494 
  495         MFC6_LOCK();
  496 
  497         MF6CFIND(req->src.sin6_addr, req->grp.sin6_addr, rt);
  498         if (rt == NULL) {
  499                 ret = ESRCH;
  500         } else {
  501                 req->pktcnt = rt->mf6c_pkt_cnt;
  502                 req->bytecnt = rt->mf6c_byte_cnt;
  503                 req->wrong_if = rt->mf6c_wrong_if;
  504         }
  505 
  506         MFC6_UNLOCK();
  507 
  508         return (ret);
  509 }
  510 
  511 /*
  512  * returns the input and output packet and byte counts on the mif provided
  513  */
  514 static int
  515 get_mif6_cnt(struct sioc_mif_req6 *req)
  516 {
  517         mifi_t mifi;
  518         int ret;
  519 
  520         ret = 0;
  521         mifi = req->mifi;
  522 
  523         MIF6_LOCK();
  524 
  525         if (mifi >= nummifs) {
  526                 ret = EINVAL;
  527         } else {
  528                 req->icount = mif6table[mifi].m6_pkt_in;
  529                 req->ocount = mif6table[mifi].m6_pkt_out;
  530                 req->ibytes = mif6table[mifi].m6_bytes_in;
  531                 req->obytes = mif6table[mifi].m6_bytes_out;
  532         }
  533 
  534         MIF6_UNLOCK();
  535 
  536         return (ret);
  537 }
  538 
  539 static int
  540 set_pim6(int *i)
  541 {
  542         if ((*i != 1) && (*i != 0))
  543                 return (EINVAL);
  544 
  545         V_pim6 = *i;
  546 
  547         return (0);
  548 }
  549 
  550 /*
  551  * Enable multicast routing
  552  */
  553 static int
  554 ip6_mrouter_init(struct socket *so, int v, int cmd)
  555 {
  556 
  557         MRT6_DLOG(DEBUG_ANY, "so_type = %d, pr_protocol = %d",
  558             so->so_type, so->so_proto->pr_protocol);
  559 
  560         if (so->so_type != SOCK_RAW ||
  561             so->so_proto->pr_protocol != IPPROTO_ICMPV6)
  562                 return (EOPNOTSUPP);
  563 
  564         if (v != 1)
  565                 return (ENOPROTOOPT);
  566 
  567         MROUTER6_LOCK();
  568 
  569         if (V_ip6_mrouter != NULL) {
  570                 MROUTER6_UNLOCK();
  571                 return (EADDRINUSE);
  572         }
  573 
  574         V_ip6_mrouter = so;
  575         V_ip6_mrouter_ver = cmd;
  576 
  577         bzero((caddr_t)mf6ctable, sizeof(mf6ctable));
  578         bzero((caddr_t)n6expire, sizeof(n6expire));
  579 
  580         V_pim6 = 0;/* used for stubbing out/in pim stuff */
  581 
  582         callout_init(&expire_upcalls_ch, 0);
  583         callout_reset(&expire_upcalls_ch, EXPIRE_TIMEOUT,
  584             expire_upcalls, NULL);
  585 
  586         MROUTER6_UNLOCK();
  587         MRT6_DLOG(DEBUG_ANY, "finished");
  588 
  589         return (0);
  590 }
  591 
  592 /*
  593  * Disable IPv6 multicast forwarding.
  594  */
  595 int
  596 X_ip6_mrouter_done(void)
  597 {
  598         mifi_t mifi;
  599         u_long i;
  600         struct mf6c *rt;
  601         struct rtdetq *rte;
  602 
  603         MROUTER6_LOCK();
  604 
  605         if (V_ip6_mrouter == NULL) {
  606                 MROUTER6_UNLOCK();
  607                 return (EINVAL);
  608         }
  609 
  610         /*
  611          * For each phyint in use, disable promiscuous reception of all IPv6
  612          * multicasts.
  613          */
  614         for (mifi = 0; mifi < nummifs; mifi++) {
  615                 if (mif6table[mifi].m6_ifp &&
  616                     !(mif6table[mifi].m6_flags & MIFF_REGISTER)) {
  617                         if_allmulti(mif6table[mifi].m6_ifp, 0);
  618                 }
  619         }
  620         bzero((caddr_t)mif6table, sizeof(mif6table));
  621         nummifs = 0;
  622 
  623         V_pim6 = 0; /* used to stub out/in pim specific code */
  624 
  625         callout_stop(&expire_upcalls_ch);
  626 
  627         /*
  628          * Free all multicast forwarding cache entries.
  629          */
  630         MFC6_LOCK();
  631         for (i = 0; i < MF6CTBLSIZ; i++) {
  632                 rt = mf6ctable[i];
  633                 while (rt) {
  634                         struct mf6c *frt;
  635 
  636                         for (rte = rt->mf6c_stall; rte != NULL; ) {
  637                                 struct rtdetq *n = rte->next;
  638 
  639                                 m_freem(rte->m);
  640                                 free(rte, M_MRTABLE6);
  641                                 rte = n;
  642                         }
  643                         frt = rt;
  644                         rt = rt->mf6c_next;
  645                         free(frt, M_MRTABLE6);
  646                 }
  647         }
  648         bzero((caddr_t)mf6ctable, sizeof(mf6ctable));
  649         MFC6_UNLOCK();
  650 
  651         /*
  652          * Reset register interface
  653          */
  654         if (reg_mif_num != (mifi_t)-1 && multicast_register_if6 != NULL) {
  655                 if_detach(multicast_register_if6);
  656                 if_free(multicast_register_if6);
  657                 reg_mif_num = (mifi_t)-1;
  658                 multicast_register_if6 = NULL;
  659         }
  660 
  661         V_ip6_mrouter = NULL;
  662         V_ip6_mrouter_ver = 0;
  663 
  664         MROUTER6_UNLOCK();
  665         MRT6_DLOG(DEBUG_ANY, "finished");
  666 
  667         return (0);
  668 }
  669 
  670 static struct sockaddr_in6 sin6 = { sizeof(sin6), AF_INET6 };
  671 
  672 /*
  673  * Add a mif to the mif table
  674  */
  675 static int
  676 add_m6if(struct mif6ctl *mifcp)
  677 {
  678         struct mif6 *mifp;
  679         struct ifnet *ifp;
  680         int error;
  681 
  682         MIF6_LOCK();
  683 
  684         if (mifcp->mif6c_mifi >= MAXMIFS) {
  685                 MIF6_UNLOCK();
  686                 return (EINVAL);
  687         }
  688         mifp = mif6table + mifcp->mif6c_mifi;
  689         if (mifp->m6_ifp != NULL) {
  690                 MIF6_UNLOCK();
  691                 return (EADDRINUSE); /* XXX: is it appropriate? */
  692         }
  693         if (mifcp->mif6c_pifi == 0 || mifcp->mif6c_pifi > V_if_index) {
  694                 MIF6_UNLOCK();
  695                 return (ENXIO);
  696         }
  697 
  698         ifp = ifnet_byindex(mifcp->mif6c_pifi);
  699 
  700         if (mifcp->mif6c_flags & MIFF_REGISTER) {
  701                 if (reg_mif_num == (mifi_t)-1) {
  702                         ifp = if_alloc(IFT_OTHER);
  703 
  704                         if_initname(ifp, "register_mif", 0);
  705                         ifp->if_flags |= IFF_LOOPBACK;
  706                         if_attach(ifp);
  707                         multicast_register_if6 = ifp;
  708                         reg_mif_num = mifcp->mif6c_mifi;
  709                         /*
  710                          * it is impossible to guess the ifindex of the
  711                          * register interface.  So mif6c_pifi is automatically
  712                          * calculated.
  713                          */
  714                         mifcp->mif6c_pifi = ifp->if_index;
  715                 } else {
  716                         ifp = multicast_register_if6;
  717                 }
  718         } else {
  719                 /* Make sure the interface supports multicast */
  720                 if ((ifp->if_flags & IFF_MULTICAST) == 0) {
  721                         MIF6_UNLOCK();
  722                         return (EOPNOTSUPP);
  723                 }
  724 
  725                 error = if_allmulti(ifp, 1);
  726                 if (error) {
  727                         MIF6_UNLOCK();
  728                         return (error);
  729                 }
  730         }
  731 
  732         mifp->m6_flags     = mifcp->mif6c_flags;
  733         mifp->m6_ifp       = ifp;
  734 
  735         /* initialize per mif pkt counters */
  736         mifp->m6_pkt_in    = 0;
  737         mifp->m6_pkt_out   = 0;
  738         mifp->m6_bytes_in  = 0;
  739         mifp->m6_bytes_out = 0;
  740 
  741         /* Adjust nummifs up if the mifi is higher than nummifs */
  742         if (nummifs <= mifcp->mif6c_mifi)
  743                 nummifs = mifcp->mif6c_mifi + 1;
  744 
  745         MIF6_UNLOCK();
  746         MRT6_DLOG(DEBUG_ANY, "mif #%d, phyint %s", mifcp->mif6c_mifi,
  747             if_name(ifp));
  748 
  749         return (0);
  750 }
  751 
  752 /*
  753  * Delete a mif from the mif table
  754  */
  755 static int
  756 del_m6if_locked(mifi_t *mifip)
  757 {
  758         struct mif6 *mifp = mif6table + *mifip;
  759         mifi_t mifi;
  760         struct ifnet *ifp;
  761 
  762         MIF6_LOCK_ASSERT();
  763 
  764         if (*mifip >= nummifs)
  765                 return (EINVAL);
  766         if (mifp->m6_ifp == NULL)
  767                 return (EINVAL);
  768 
  769         if (!(mifp->m6_flags & MIFF_REGISTER)) {
  770                 /* XXX: TODO: Maintain an ALLMULTI refcount in struct ifnet. */
  771                 ifp = mifp->m6_ifp;
  772                 if_allmulti(ifp, 0);
  773         } else {
  774                 if (reg_mif_num != (mifi_t)-1 &&
  775                     multicast_register_if6 != NULL) {
  776                         if_detach(multicast_register_if6);
  777                         if_free(multicast_register_if6);
  778                         reg_mif_num = (mifi_t)-1;
  779                         multicast_register_if6 = NULL;
  780                 }
  781         }
  782 
  783         bzero((caddr_t)mifp, sizeof(*mifp));
  784 
  785         /* Adjust nummifs down */
  786         for (mifi = nummifs; mifi > 0; mifi--)
  787                 if (mif6table[mifi - 1].m6_ifp)
  788                         break;
  789         nummifs = mifi;
  790         MRT6_DLOG(DEBUG_ANY, "mif %d, nummifs %d", *mifip, nummifs);
  791 
  792         return (0);
  793 }
  794 
  795 static int
  796 del_m6if(mifi_t *mifip)
  797 {
  798         int cc;
  799 
  800         MIF6_LOCK();
  801         cc = del_m6if_locked(mifip);
  802         MIF6_UNLOCK();
  803 
  804         return (cc);
  805 }
  806 
  807 /*
  808  * Add an mfc entry
  809  */
  810 static int
  811 add_m6fc(struct mf6cctl *mfccp)
  812 {
  813         struct mf6c *rt;
  814         u_long hash;
  815         struct rtdetq *rte;
  816         u_short nstl;
  817         char ip6bufo[INET6_ADDRSTRLEN], ip6bufg[INET6_ADDRSTRLEN];
  818 
  819         MFC6_LOCK();
  820 
  821         MF6CFIND(mfccp->mf6cc_origin.sin6_addr,
  822                  mfccp->mf6cc_mcastgrp.sin6_addr, rt);
  823 
  824         /* If an entry already exists, just update the fields */
  825         if (rt) {
  826                 MRT6_DLOG(DEBUG_MFC, "no upcall o %s g %s p %x",
  827                     ip6_sprintf(ip6bufo, &mfccp->mf6cc_origin.sin6_addr),
  828                     ip6_sprintf(ip6bufg, &mfccp->mf6cc_mcastgrp.sin6_addr),
  829                     mfccp->mf6cc_parent);
  830 
  831                 rt->mf6c_parent = mfccp->mf6cc_parent;
  832                 rt->mf6c_ifset = mfccp->mf6cc_ifset;
  833 
  834                 MFC6_UNLOCK();
  835                 return (0);
  836         }
  837 
  838         /*
  839          * Find the entry for which the upcall was made and update
  840          */
  841         hash = MF6CHASH(mfccp->mf6cc_origin.sin6_addr,
  842                         mfccp->mf6cc_mcastgrp.sin6_addr);
  843         for (rt = mf6ctable[hash], nstl = 0; rt; rt = rt->mf6c_next) {
  844                 if (IN6_ARE_ADDR_EQUAL(&rt->mf6c_origin.sin6_addr,
  845                                        &mfccp->mf6cc_origin.sin6_addr) &&
  846                     IN6_ARE_ADDR_EQUAL(&rt->mf6c_mcastgrp.sin6_addr,
  847                                        &mfccp->mf6cc_mcastgrp.sin6_addr) &&
  848                     (rt->mf6c_stall != NULL)) {
  849 
  850                         if (nstl++)
  851                                 log(LOG_ERR,
  852                                     "add_m6fc: %s o %s g %s p %x dbx %p\n",
  853                                     "multiple kernel entries",
  854                                     ip6_sprintf(ip6bufo,
  855                                             &mfccp->mf6cc_origin.sin6_addr),
  856                                     ip6_sprintf(ip6bufg,
  857                                             &mfccp->mf6cc_mcastgrp.sin6_addr),
  858                                     mfccp->mf6cc_parent, rt->mf6c_stall);
  859 
  860                         MRT6_DLOG(DEBUG_MFC, "o %s g %s p %x dbg %p",
  861                             ip6_sprintf(ip6bufo,
  862                             &mfccp->mf6cc_origin.sin6_addr),
  863                             ip6_sprintf(ip6bufg,
  864                                 &mfccp->mf6cc_mcastgrp.sin6_addr),
  865                             mfccp->mf6cc_parent, rt->mf6c_stall);
  866 
  867                         rt->mf6c_origin     = mfccp->mf6cc_origin;
  868                         rt->mf6c_mcastgrp   = mfccp->mf6cc_mcastgrp;
  869                         rt->mf6c_parent     = mfccp->mf6cc_parent;
  870                         rt->mf6c_ifset      = mfccp->mf6cc_ifset;
  871                         /* initialize pkt counters per src-grp */
  872                         rt->mf6c_pkt_cnt    = 0;
  873                         rt->mf6c_byte_cnt   = 0;
  874                         rt->mf6c_wrong_if   = 0;
  875 
  876                         rt->mf6c_expire = 0;    /* Don't clean this guy up */
  877                         n6expire[hash]--;
  878 
  879                         /* free packets Qed at the end of this entry */
  880                         for (rte = rt->mf6c_stall; rte != NULL; ) {
  881                                 struct rtdetq *n = rte->next;
  882                                 ip6_mdq(rte->m, rte->ifp, rt);
  883                                 m_freem(rte->m);
  884 #ifdef UPCALL_TIMING
  885                                 collate(&(rte->t));
  886 #endif /* UPCALL_TIMING */
  887                                 free(rte, M_MRTABLE6);
  888                                 rte = n;
  889                         }
  890                         rt->mf6c_stall = NULL;
  891                 }
  892         }
  893 
  894         /*
  895          * It is possible that an entry is being inserted without an upcall
  896          */
  897         if (nstl == 0) {
  898                 MRT6_DLOG(DEBUG_MFC, "no upcall h %lu o %s g %s p %x", hash,
  899                     ip6_sprintf(ip6bufo, &mfccp->mf6cc_origin.sin6_addr),
  900                     ip6_sprintf(ip6bufg, &mfccp->mf6cc_mcastgrp.sin6_addr),
  901                     mfccp->mf6cc_parent);
  902 
  903                 for (rt = mf6ctable[hash]; rt; rt = rt->mf6c_next) {
  904 
  905                         if (IN6_ARE_ADDR_EQUAL(&rt->mf6c_origin.sin6_addr,
  906                                                &mfccp->mf6cc_origin.sin6_addr)&&
  907                             IN6_ARE_ADDR_EQUAL(&rt->mf6c_mcastgrp.sin6_addr,
  908                                                &mfccp->mf6cc_mcastgrp.sin6_addr)) {
  909 
  910                                 rt->mf6c_origin     = mfccp->mf6cc_origin;
  911                                 rt->mf6c_mcastgrp   = mfccp->mf6cc_mcastgrp;
  912                                 rt->mf6c_parent     = mfccp->mf6cc_parent;
  913                                 rt->mf6c_ifset      = mfccp->mf6cc_ifset;
  914                                 /* initialize pkt counters per src-grp */
  915                                 rt->mf6c_pkt_cnt    = 0;
  916                                 rt->mf6c_byte_cnt   = 0;
  917                                 rt->mf6c_wrong_if   = 0;
  918 
  919                                 if (rt->mf6c_expire)
  920                                         n6expire[hash]--;
  921                                 rt->mf6c_expire    = 0;
  922                         }
  923                 }
  924                 if (rt == NULL) {
  925                         /* no upcall, so make a new entry */
  926                         rt = (struct mf6c *)malloc(sizeof(*rt), M_MRTABLE6,
  927                                                   M_NOWAIT);
  928                         if (rt == NULL) {
  929                                 MFC6_UNLOCK();
  930                                 return (ENOBUFS);
  931                         }
  932 
  933                         /* insert new entry at head of hash chain */
  934                         rt->mf6c_origin     = mfccp->mf6cc_origin;
  935                         rt->mf6c_mcastgrp   = mfccp->mf6cc_mcastgrp;
  936                         rt->mf6c_parent     = mfccp->mf6cc_parent;
  937                         rt->mf6c_ifset      = mfccp->mf6cc_ifset;
  938                         /* initialize pkt counters per src-grp */
  939                         rt->mf6c_pkt_cnt    = 0;
  940                         rt->mf6c_byte_cnt   = 0;
  941                         rt->mf6c_wrong_if   = 0;
  942                         rt->mf6c_expire     = 0;
  943                         rt->mf6c_stall = NULL;
  944 
  945                         /* link into table */
  946                         rt->mf6c_next  = mf6ctable[hash];
  947                         mf6ctable[hash] = rt;
  948                 }
  949         }
  950 
  951         MFC6_UNLOCK();
  952         return (0);
  953 }
  954 
  955 #ifdef UPCALL_TIMING
  956 /*
  957  * collect delay statistics on the upcalls
  958  */
  959 static void
  960 collate(struct timeval *t)
  961 {
  962         u_long d;
  963         struct timeval tp;
  964         u_long delta;
  965 
  966         GET_TIME(tp);
  967 
  968         if (TV_LT(*t, tp))
  969         {
  970                 TV_DELTA(tp, *t, delta);
  971 
  972                 d = delta >> 10;
  973                 if (d > UPCALL_MAX)
  974                         d = UPCALL_MAX;
  975 
  976                 ++upcall_data[d];
  977         }
  978 }
  979 #endif /* UPCALL_TIMING */
  980 
  981 /*
  982  * Delete an mfc entry
  983  */
  984 static int
  985 del_m6fc(struct mf6cctl *mfccp)
  986 {
  987 #ifdef MRT6DEBUG
  988         char ip6bufo[INET6_ADDRSTRLEN], ip6bufg[INET6_ADDRSTRLEN];
  989 #endif
  990         struct sockaddr_in6     origin;
  991         struct sockaddr_in6     mcastgrp;
  992         struct mf6c             *rt;
  993         struct mf6c             **nptr;
  994         u_long          hash;
  995 
  996         origin = mfccp->mf6cc_origin;
  997         mcastgrp = mfccp->mf6cc_mcastgrp;
  998         hash = MF6CHASH(origin.sin6_addr, mcastgrp.sin6_addr);
  999 
 1000         MRT6_DLOG(DEBUG_MFC, "orig %s mcastgrp %s",
 1001             ip6_sprintf(ip6bufo, &origin.sin6_addr),
 1002             ip6_sprintf(ip6bufg, &mcastgrp.sin6_addr));
 1003 
 1004         MFC6_LOCK();
 1005 
 1006         nptr = &mf6ctable[hash];
 1007         while ((rt = *nptr) != NULL) {
 1008                 if (IN6_ARE_ADDR_EQUAL(&origin.sin6_addr,
 1009                                        &rt->mf6c_origin.sin6_addr) &&
 1010                     IN6_ARE_ADDR_EQUAL(&mcastgrp.sin6_addr,
 1011                                        &rt->mf6c_mcastgrp.sin6_addr) &&
 1012                     rt->mf6c_stall == NULL)
 1013                         break;
 1014 
 1015                 nptr = &rt->mf6c_next;
 1016         }
 1017         if (rt == NULL) {
 1018                 MFC6_UNLOCK();
 1019                 return (EADDRNOTAVAIL);
 1020         }
 1021 
 1022         *nptr = rt->mf6c_next;
 1023         free(rt, M_MRTABLE6);
 1024 
 1025         MFC6_UNLOCK();
 1026 
 1027         return (0);
 1028 }
 1029 
 1030 static int
 1031 socket_send(struct socket *s, struct mbuf *mm, struct sockaddr_in6 *src)
 1032 {
 1033 
 1034         if (s) {
 1035                 if (sbappendaddr(&s->so_rcv,
 1036                                  (struct sockaddr *)src,
 1037                                  mm, (struct mbuf *)0) != 0) {
 1038                         sorwakeup(s);
 1039                         return (0);
 1040                 }
 1041         }
 1042         m_freem(mm);
 1043         return (-1);
 1044 }
 1045 
 1046 /*
 1047  * IPv6 multicast forwarding function. This function assumes that the packet
 1048  * pointed to by "ip6" has arrived on (or is about to be sent to) the interface
 1049  * pointed to by "ifp", and the packet is to be relayed to other networks
 1050  * that have members of the packet's destination IPv6 multicast group.
 1051  *
 1052  * The packet is returned unscathed to the caller, unless it is
 1053  * erroneous, in which case a non-zero return value tells the caller to
 1054  * discard it.
 1055  *
 1056  * NOTE: this implementation assumes that m->m_pkthdr.rcvif is NULL iff
 1057  * this function is called in the originating context (i.e., not when
 1058  * forwarding a packet from other node).  ip6_output(), which is currently the
 1059  * only function that calls this function is called in the originating context,
 1060  * explicitly ensures this condition.  It is caller's responsibility to ensure
 1061  * that if this function is called from somewhere else in the originating
 1062  * context in the future.
 1063  */
 1064 int
 1065 X_ip6_mforward(struct ip6_hdr *ip6, struct ifnet *ifp, struct mbuf *m)
 1066 {
 1067         struct rtdetq *rte;
 1068         struct mbuf *mb0;
 1069         struct mf6c *rt;
 1070         struct mif6 *mifp;
 1071         struct mbuf *mm;
 1072         u_long hash;
 1073         mifi_t mifi;
 1074         char ip6bufs[INET6_ADDRSTRLEN], ip6bufd[INET6_ADDRSTRLEN];
 1075 #ifdef UPCALL_TIMING
 1076         struct timeval tp;
 1077 
 1078         GET_TIME(tp);
 1079 #endif /* UPCALL_TIMING */
 1080 
 1081         MRT6_DLOG(DEBUG_FORWARD, "src %s, dst %s, ifindex %d",
 1082             ip6_sprintf(ip6bufs, &ip6->ip6_src),
 1083             ip6_sprintf(ip6bufd, &ip6->ip6_dst), ifp->if_index);
 1084 
 1085         /*
 1086          * Don't forward a packet with Hop limit of zero or one,
 1087          * or a packet destined to a local-only group.
 1088          */
 1089         if (ip6->ip6_hlim <= 1 || IN6_IS_ADDR_MC_INTFACELOCAL(&ip6->ip6_dst) ||
 1090             IN6_IS_ADDR_MC_LINKLOCAL(&ip6->ip6_dst))
 1091                 return (0);
 1092         ip6->ip6_hlim--;
 1093 
 1094         /*
 1095          * Source address check: do not forward packets with unspecified
 1096          * source. It was discussed in July 2000, on ipngwg mailing list.
 1097          * This is rather more serious than unicast cases, because some
 1098          * MLD packets can be sent with the unspecified source address
 1099          * (although such packets must normally set 1 to the hop limit field).
 1100          */
 1101         if (IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_src)) {
 1102                 IP6STAT_INC(ip6s_cantforward);
 1103                 if (V_ip6_log_time + V_ip6_log_interval < time_uptime) {
 1104                         V_ip6_log_time = time_uptime;
 1105                         log(LOG_DEBUG,
 1106                             "cannot forward "
 1107                             "from %s to %s nxt %d received on %s\n",
 1108                             ip6_sprintf(ip6bufs, &ip6->ip6_src),
 1109                             ip6_sprintf(ip6bufd, &ip6->ip6_dst),
 1110                             ip6->ip6_nxt,
 1111                             if_name(m->m_pkthdr.rcvif));
 1112                 }
 1113                 return (0);
 1114         }
 1115 
 1116         MFC6_LOCK();
 1117 
 1118         /*
 1119          * Determine forwarding mifs from the forwarding cache table
 1120          */
 1121         MF6CFIND(ip6->ip6_src, ip6->ip6_dst, rt);
 1122         MRT6STAT_INC(mrt6s_mfc_lookups);
 1123 
 1124         /* Entry exists, so forward if necessary */
 1125         if (rt) {
 1126                 MFC6_UNLOCK();
 1127                 return (ip6_mdq(m, ifp, rt));
 1128         }
 1129 
 1130         /*
 1131          * If we don't have a route for packet's origin,
 1132          * Make a copy of the packet & send message to routing daemon.
 1133          */
 1134         MRT6STAT_INC(mrt6s_no_route);
 1135         MRT6_DLOG(DEBUG_FORWARD | DEBUG_MFC, "no rte s %s g %s",
 1136             ip6_sprintf(ip6bufs, &ip6->ip6_src),
 1137             ip6_sprintf(ip6bufd, &ip6->ip6_dst));
 1138 
 1139         /*
 1140          * Allocate mbufs early so that we don't do extra work if we
 1141          * are just going to fail anyway.
 1142          */
 1143         rte = (struct rtdetq *)malloc(sizeof(*rte), M_MRTABLE6, M_NOWAIT);
 1144         if (rte == NULL) {
 1145                 MFC6_UNLOCK();
 1146                 return (ENOBUFS);
 1147         }
 1148         mb0 = m_copy(m, 0, M_COPYALL);
 1149         /*
 1150          * Pullup packet header if needed before storing it,
 1151          * as other references may modify it in the meantime.
 1152          */
 1153         if (mb0 && (!M_WRITABLE(mb0) || mb0->m_len < sizeof(struct ip6_hdr)))
 1154                 mb0 = m_pullup(mb0, sizeof(struct ip6_hdr));
 1155         if (mb0 == NULL) {
 1156                 free(rte, M_MRTABLE6);
 1157                 MFC6_UNLOCK();
 1158                 return (ENOBUFS);
 1159         }
 1160 
 1161         /* is there an upcall waiting for this packet? */
 1162         hash = MF6CHASH(ip6->ip6_src, ip6->ip6_dst);
 1163         for (rt = mf6ctable[hash]; rt; rt = rt->mf6c_next) {
 1164                 if (IN6_ARE_ADDR_EQUAL(&ip6->ip6_src,
 1165                     &rt->mf6c_origin.sin6_addr) &&
 1166                     IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst,
 1167                     &rt->mf6c_mcastgrp.sin6_addr) && (rt->mf6c_stall != NULL))
 1168                         break;
 1169         }
 1170 
 1171         if (rt == NULL) {
 1172                 struct mrt6msg *im;
 1173 #ifdef MRT6_OINIT
 1174                 struct omrt6msg *oim;
 1175 #endif
 1176                 /* no upcall, so make a new entry */
 1177                 rt = (struct mf6c *)malloc(sizeof(*rt), M_MRTABLE6, M_NOWAIT);
 1178                 if (rt == NULL) {
 1179                         free(rte, M_MRTABLE6);
 1180                         m_freem(mb0);
 1181                         MFC6_UNLOCK();
 1182                         return (ENOBUFS);
 1183                 }
 1184                 /*
 1185                  * Make a copy of the header to send to the user
 1186                  * level process
 1187                  */
 1188                 mm = m_copy(mb0, 0, sizeof(struct ip6_hdr));
 1189                 if (mm == NULL) {
 1190                         free(rte, M_MRTABLE6);
 1191                         m_freem(mb0);
 1192                         free(rt, M_MRTABLE6);
 1193                         MFC6_UNLOCK();
 1194                         return (ENOBUFS);
 1195                 }
 1196 
 1197                 /*
 1198                  * Send message to routing daemon
 1199                  */
 1200                 sin6.sin6_addr = ip6->ip6_src;
 1201                 im = NULL;
 1202 #ifdef MRT6_OINIT
 1203                 oim = NULL;
 1204 #endif
 1205                 switch (V_ip6_mrouter_ver) {
 1206 #ifdef MRT6_OINIT
 1207                 case MRT6_OINIT:
 1208                         oim = mtod(mm, struct omrt6msg *);
 1209                         oim->im6_msgtype = MRT6MSG_NOCACHE;
 1210                         oim->im6_mbz = 0;
 1211                         break;
 1212 #endif
 1213                 case MRT6_INIT:
 1214                         im = mtod(mm, struct mrt6msg *);
 1215                         im->im6_msgtype = MRT6MSG_NOCACHE;
 1216                         im->im6_mbz = 0;
 1217                         break;
 1218                 default:
 1219                         free(rte, M_MRTABLE6);
 1220                         m_freem(mb0);
 1221                         free(rt, M_MRTABLE6);
 1222                         MFC6_UNLOCK();
 1223                         return (EINVAL);
 1224                 }
 1225 
 1226                 MRT6_DLOG(DEBUG_FORWARD, "getting the iif info in the kernel");
 1227                 for (mifp = mif6table, mifi = 0;
 1228                     mifi < nummifs && mifp->m6_ifp != ifp; mifp++, mifi++)
 1229                                 ;
 1230 
 1231                 switch (V_ip6_mrouter_ver) {
 1232 #ifdef MRT6_OINIT
 1233                 case MRT6_OINIT:
 1234                         oim->im6_mif = mifi;
 1235                         break;
 1236 #endif
 1237                 case MRT6_INIT:
 1238                         im->im6_mif = mifi;
 1239                         break;
 1240                 }
 1241 
 1242                 if (socket_send(V_ip6_mrouter, mm, &sin6) < 0) {
 1243                         log(LOG_WARNING, "ip6_mforward: ip6_mrouter "
 1244                             "socket queue full\n");
 1245                         MRT6STAT_INC(mrt6s_upq_sockfull);
 1246                         free(rte, M_MRTABLE6);
 1247                         m_freem(mb0);
 1248                         free(rt, M_MRTABLE6);
 1249                         MFC6_UNLOCK();
 1250                         return (ENOBUFS);
 1251                 }
 1252 
 1253                 MRT6STAT_INC(mrt6s_upcalls);
 1254 
 1255                 /* insert new entry at head of hash chain */
 1256                 bzero(rt, sizeof(*rt));
 1257                 rt->mf6c_origin.sin6_family = AF_INET6;
 1258                 rt->mf6c_origin.sin6_len = sizeof(struct sockaddr_in6);
 1259                 rt->mf6c_origin.sin6_addr = ip6->ip6_src;
 1260                 rt->mf6c_mcastgrp.sin6_family = AF_INET6;
 1261                 rt->mf6c_mcastgrp.sin6_len = sizeof(struct sockaddr_in6);
 1262                 rt->mf6c_mcastgrp.sin6_addr = ip6->ip6_dst;
 1263                 rt->mf6c_expire = UPCALL_EXPIRE;
 1264                 n6expire[hash]++;
 1265                 rt->mf6c_parent = MF6C_INCOMPLETE_PARENT;
 1266 
 1267                 /* link into table */
 1268                 rt->mf6c_next  = mf6ctable[hash];
 1269                 mf6ctable[hash] = rt;
 1270                 /* Add this entry to the end of the queue */
 1271                 rt->mf6c_stall = rte;
 1272         } else {
 1273                 /* determine if q has overflowed */
 1274                 struct rtdetq **p;
 1275                 int npkts = 0;
 1276 
 1277                 for (p = &rt->mf6c_stall; *p != NULL; p = &(*p)->next)
 1278                         if (++npkts > MAX_UPQ6) {
 1279                                 MRT6STAT_INC(mrt6s_upq_ovflw);
 1280                                 free(rte, M_MRTABLE6);
 1281                                 m_freem(mb0);
 1282                                 MFC6_UNLOCK();
 1283                                 return (0);
 1284                         }
 1285 
 1286                 /* Add this entry to the end of the queue */
 1287                 *p = rte;
 1288         }
 1289 
 1290         rte->next = NULL;
 1291         rte->m = mb0;
 1292         rte->ifp = ifp;
 1293 #ifdef UPCALL_TIMING
 1294         rte->t = tp;
 1295 #endif /* UPCALL_TIMING */
 1296 
 1297         MFC6_UNLOCK();
 1298 
 1299         return (0);
 1300 }
 1301 
 1302 /*
 1303  * Clean up cache entries if upcalls are not serviced
 1304  * Call from the Slow Timeout mechanism, every half second.
 1305  */
 1306 static void
 1307 expire_upcalls(void *unused)
 1308 {
 1309 #ifdef MRT6DEBUG
 1310         char ip6bufo[INET6_ADDRSTRLEN], ip6bufg[INET6_ADDRSTRLEN];
 1311 #endif
 1312         struct rtdetq *rte;
 1313         struct mf6c *mfc, **nptr;
 1314         u_long i;
 1315 
 1316         MFC6_LOCK();
 1317         for (i = 0; i < MF6CTBLSIZ; i++) {
 1318                 if (n6expire[i] == 0)
 1319                         continue;
 1320                 nptr = &mf6ctable[i];
 1321                 while ((mfc = *nptr) != NULL) {
 1322                         rte = mfc->mf6c_stall;
 1323                         /*
 1324                          * Skip real cache entries
 1325                          * Make sure it wasn't marked to not expire (shouldn't happen)
 1326                          * If it expires now
 1327                          */
 1328                         if (rte != NULL &&
 1329                             mfc->mf6c_expire != 0 &&
 1330                             --mfc->mf6c_expire == 0) {
 1331                                 MRT6_DLOG(DEBUG_EXPIRE, "expiring (%s %s)",
 1332                                     ip6_sprintf(ip6bufo, &mfc->mf6c_origin.sin6_addr),
 1333                                     ip6_sprintf(ip6bufg, &mfc->mf6c_mcastgrp.sin6_addr));
 1334                                 /*
 1335                                  * drop all the packets
 1336                                  * free the mbuf with the pkt, if, timing info
 1337                                  */
 1338                                 do {
 1339                                         struct rtdetq *n = rte->next;
 1340                                         m_freem(rte->m);
 1341                                         free(rte, M_MRTABLE6);
 1342                                         rte = n;
 1343                                 } while (rte != NULL);
 1344                                 MRT6STAT_INC(mrt6s_cache_cleanups);
 1345                                 n6expire[i]--;
 1346 
 1347                                 *nptr = mfc->mf6c_next;
 1348                                 free(mfc, M_MRTABLE6);
 1349                         } else {
 1350                                 nptr = &mfc->mf6c_next;
 1351                         }
 1352                 }
 1353         }
 1354         MFC6_UNLOCK();
 1355         callout_reset(&expire_upcalls_ch, EXPIRE_TIMEOUT,
 1356             expire_upcalls, NULL);
 1357 }
 1358 
 1359 /*
 1360  * Packet forwarding routine once entry in the cache is made
 1361  */
 1362 static int
 1363 ip6_mdq(struct mbuf *m, struct ifnet *ifp, struct mf6c *rt)
 1364 {
 1365         struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
 1366         mifi_t mifi, iif;
 1367         struct mif6 *mifp;
 1368         int plen = m->m_pkthdr.len;
 1369         struct in6_addr src0, dst0; /* copies for local work */
 1370         u_int32_t iszone, idzone, oszone, odzone;
 1371         int error = 0;
 1372 
 1373 /*
 1374  * Macro to send packet on mif.  Since RSVP packets don't get counted on
 1375  * input, they shouldn't get counted on output, so statistics keeping is
 1376  * separate.
 1377  */
 1378 
 1379 #define MC6_SEND(ip6, mifp, m) do {                             \
 1380         if ((mifp)->m6_flags & MIFF_REGISTER)                   \
 1381                 register_send((ip6), (mifp), (m));              \
 1382         else                                                    \
 1383                 phyint_send((ip6), (mifp), (m));                \
 1384 } while (/*CONSTCOND*/ 0)
 1385 
 1386         /*
 1387          * Don't forward if it didn't arrive from the parent mif
 1388          * for its origin.
 1389          */
 1390         mifi = rt->mf6c_parent;
 1391         if ((mifi >= nummifs) || (mif6table[mifi].m6_ifp != ifp)) {
 1392                 /* came in the wrong interface */
 1393                 MRT6_DLOG(DEBUG_FORWARD,
 1394                     "wrong if: ifid %d mifi %d mififid %x", ifp->if_index,
 1395                     mifi, mif6table[mifi].m6_ifp->if_index);
 1396                 MRT6STAT_INC(mrt6s_wrong_if);
 1397                 rt->mf6c_wrong_if++;
 1398                 /*
 1399                  * If we are doing PIM processing, and we are forwarding
 1400                  * packets on this interface, send a message to the
 1401                  * routing daemon.
 1402                  */
 1403                 /* have to make sure this is a valid mif */
 1404                 if (mifi < nummifs && mif6table[mifi].m6_ifp)
 1405                         if (V_pim6 && (m->m_flags & M_LOOP) == 0) {
 1406                                 /*
 1407                                  * Check the M_LOOP flag to avoid an
 1408                                  * unnecessary PIM assert.
 1409                                  * XXX: M_LOOP is an ad-hoc hack...
 1410                                  */
 1411                                 static struct sockaddr_in6 sin6 =
 1412                                 { sizeof(sin6), AF_INET6 };
 1413 
 1414                                 struct mbuf *mm;
 1415                                 struct mrt6msg *im;
 1416 #ifdef MRT6_OINIT
 1417                                 struct omrt6msg *oim;
 1418 #endif
 1419 
 1420                                 mm = m_copy(m, 0, sizeof(struct ip6_hdr));
 1421                                 if (mm &&
 1422                                     (!M_WRITABLE(mm) ||
 1423                                      mm->m_len < sizeof(struct ip6_hdr)))
 1424                                         mm = m_pullup(mm, sizeof(struct ip6_hdr));
 1425                                 if (mm == NULL)
 1426                                         return (ENOBUFS);
 1427 
 1428 #ifdef MRT6_OINIT
 1429                                 oim = NULL;
 1430 #endif
 1431                                 im = NULL;
 1432                                 switch (V_ip6_mrouter_ver) {
 1433 #ifdef MRT6_OINIT
 1434                                 case MRT6_OINIT:
 1435                                         oim = mtod(mm, struct omrt6msg *);
 1436                                         oim->im6_msgtype = MRT6MSG_WRONGMIF;
 1437                                         oim->im6_mbz = 0;
 1438                                         break;
 1439 #endif
 1440                                 case MRT6_INIT:
 1441                                         im = mtod(mm, struct mrt6msg *);
 1442                                         im->im6_msgtype = MRT6MSG_WRONGMIF;
 1443                                         im->im6_mbz = 0;
 1444                                         break;
 1445                                 default:
 1446                                         m_freem(mm);
 1447                                         return (EINVAL);
 1448                                 }
 1449 
 1450                                 for (mifp = mif6table, iif = 0;
 1451                                      iif < nummifs && mifp &&
 1452                                              mifp->m6_ifp != ifp;
 1453                                      mifp++, iif++)
 1454                                         ;
 1455 
 1456                                 switch (V_ip6_mrouter_ver) {
 1457 #ifdef MRT6_OINIT
 1458                                 case MRT6_OINIT:
 1459                                         oim->im6_mif = iif;
 1460                                         sin6.sin6_addr = oim->im6_src;
 1461                                         break;
 1462 #endif
 1463                                 case MRT6_INIT:
 1464                                         im->im6_mif = iif;
 1465                                         sin6.sin6_addr = im->im6_src;
 1466                                         break;
 1467                                 }
 1468 
 1469                                 MRT6STAT_INC(mrt6s_upcalls);
 1470 
 1471                                 if (socket_send(V_ip6_mrouter, mm, &sin6) < 0) {
 1472                                         MRT6_DLOG(DEBUG_ANY,
 1473                                             "ip6_mrouter socket queue full");
 1474                                         MRT6STAT_INC(mrt6s_upq_sockfull);
 1475                                         return (ENOBUFS);
 1476                                 }       /* if socket Q full */
 1477                         }               /* if PIM */
 1478                 return (0);
 1479         }                       /* if wrong iif */
 1480 
 1481         /* If I sourced this packet, it counts as output, else it was input. */
 1482         if (m->m_pkthdr.rcvif == NULL) {
 1483                 /* XXX: is rcvif really NULL when output?? */
 1484                 mif6table[mifi].m6_pkt_out++;
 1485                 mif6table[mifi].m6_bytes_out += plen;
 1486         } else {
 1487                 mif6table[mifi].m6_pkt_in++;
 1488                 mif6table[mifi].m6_bytes_in += plen;
 1489         }
 1490         rt->mf6c_pkt_cnt++;
 1491         rt->mf6c_byte_cnt += plen;
 1492 
 1493         /*
 1494          * For each mif, forward a copy of the packet if there are group
 1495          * members downstream on the interface.
 1496          */
 1497         src0 = ip6->ip6_src;
 1498         dst0 = ip6->ip6_dst;
 1499         if ((error = in6_setscope(&src0, ifp, &iszone)) != 0 ||
 1500             (error = in6_setscope(&dst0, ifp, &idzone)) != 0) {
 1501                 IP6STAT_INC(ip6s_badscope);
 1502                 return (error);
 1503         }
 1504         for (mifp = mif6table, mifi = 0; mifi < nummifs; mifp++, mifi++) {
 1505                 if (IF_ISSET(mifi, &rt->mf6c_ifset)) {
 1506                         /*
 1507                          * check if the outgoing packet is going to break
 1508                          * a scope boundary.
 1509                          * XXX For packets through PIM register tunnel
 1510                          * interface, we believe a routing daemon.
 1511                          */
 1512                         if (!(mif6table[rt->mf6c_parent].m6_flags &
 1513                               MIFF_REGISTER) &&
 1514                             !(mif6table[mifi].m6_flags & MIFF_REGISTER)) {
 1515                                 if (in6_setscope(&src0, mif6table[mifi].m6_ifp,
 1516                                     &oszone) ||
 1517                                     in6_setscope(&dst0, mif6table[mifi].m6_ifp,
 1518                                     &odzone) ||
 1519                                     iszone != oszone ||
 1520                                     idzone != odzone) {
 1521                                         IP6STAT_INC(ip6s_badscope);
 1522                                         continue;
 1523                                 }
 1524                         }
 1525 
 1526                         mifp->m6_pkt_out++;
 1527                         mifp->m6_bytes_out += plen;
 1528                         MC6_SEND(ip6, mifp, m);
 1529                 }
 1530         }
 1531         return (0);
 1532 }
 1533 
 1534 static void
 1535 phyint_send(struct ip6_hdr *ip6, struct mif6 *mifp, struct mbuf *m)
 1536 {
 1537 #ifdef MRT6DEBUG
 1538         char ip6bufs[INET6_ADDRSTRLEN], ip6bufd[INET6_ADDRSTRLEN];
 1539 #endif
 1540         struct mbuf *mb_copy;
 1541         struct ifnet *ifp = mifp->m6_ifp;
 1542         int error = 0;
 1543         u_long linkmtu;
 1544 
 1545         /*
 1546          * Make a new reference to the packet; make sure that
 1547          * the IPv6 header is actually copied, not just referenced,
 1548          * so that ip6_output() only scribbles on the copy.
 1549          */
 1550         mb_copy = m_copy(m, 0, M_COPYALL);
 1551         if (mb_copy &&
 1552             (!M_WRITABLE(mb_copy) || mb_copy->m_len < sizeof(struct ip6_hdr)))
 1553                 mb_copy = m_pullup(mb_copy, sizeof(struct ip6_hdr));
 1554         if (mb_copy == NULL) {
 1555                 return;
 1556         }
 1557         /* set MCAST flag to the outgoing packet */
 1558         mb_copy->m_flags |= M_MCAST;
 1559 
 1560         /*
 1561          * If we sourced the packet, call ip6_output since we may devide
 1562          * the packet into fragments when the packet is too big for the
 1563          * outgoing interface.
 1564          * Otherwise, we can simply send the packet to the interface
 1565          * sending queue.
 1566          */
 1567         if (m->m_pkthdr.rcvif == NULL) {
 1568                 struct ip6_moptions im6o;
 1569 
 1570                 im6o.im6o_multicast_ifp = ifp;
 1571                 /* XXX: ip6_output will override ip6->ip6_hlim */
 1572                 im6o.im6o_multicast_hlim = ip6->ip6_hlim;
 1573                 im6o.im6o_multicast_loop = 1;
 1574                 error = ip6_output(mb_copy, NULL, NULL, IPV6_FORWARDING, &im6o,
 1575                     NULL, NULL);
 1576 
 1577                 MRT6_DLOG(DEBUG_XMIT, "mif %u err %d",
 1578                     (uint16_t)(mifp - mif6table), error);
 1579                 return;
 1580         }
 1581 
 1582         /*
 1583          * If configured to loop back multicasts by default,
 1584          * loop back a copy now.
 1585          */
 1586         if (in6_mcast_loop)
 1587                 ip6_mloopback(ifp, m);
 1588 
 1589         /*
 1590          * Put the packet into the sending queue of the outgoing interface
 1591          * if it would fit in the MTU of the interface.
 1592          */
 1593         linkmtu = IN6_LINKMTU(ifp);
 1594         if (mb_copy->m_pkthdr.len <= linkmtu || linkmtu < IPV6_MMTU) {
 1595                 struct sockaddr_in6 dst6;
 1596 
 1597                 bzero(&dst6, sizeof(dst6));
 1598                 dst6.sin6_len = sizeof(struct sockaddr_in6);
 1599                 dst6.sin6_family = AF_INET6;
 1600                 dst6.sin6_addr = ip6->ip6_dst;
 1601 
 1602                 IP_PROBE(send, NULL, NULL, ip6, ifp, NULL, ip6);
 1603                 /*
 1604                  * We just call if_output instead of nd6_output here, since
 1605                  * we need no ND for a multicast forwarded packet...right?
 1606                  */
 1607                 m_clrprotoflags(m);     /* Avoid confusing lower layers. */
 1608                 error = (*ifp->if_output)(ifp, mb_copy,
 1609                     (struct sockaddr *)&dst6, NULL);
 1610                 MRT6_DLOG(DEBUG_XMIT, "mif %u err %d",
 1611                     (uint16_t)(mifp - mif6table), error);
 1612         } else {
 1613                 /*
 1614                  * pMTU discovery is intentionally disabled by default, since
 1615                  * various router may notify pMTU in multicast, which can be
 1616                  * a DDoS to a router
 1617                  */
 1618                 if (V_ip6_mcast_pmtu)
 1619                         icmp6_error(mb_copy, ICMP6_PACKET_TOO_BIG, 0, linkmtu);
 1620                 else {
 1621                         MRT6_DLOG(DEBUG_XMIT, " packet too big on %s o %s "
 1622                             "g %s size %d (discarded)", if_name(ifp),
 1623                             ip6_sprintf(ip6bufs, &ip6->ip6_src),
 1624                             ip6_sprintf(ip6bufd, &ip6->ip6_dst),
 1625                             mb_copy->m_pkthdr.len);
 1626                         m_freem(mb_copy); /* simply discard the packet */
 1627                 }
 1628         }
 1629 }
 1630 
 1631 static int
 1632 register_send(struct ip6_hdr *ip6, struct mif6 *mif, struct mbuf *m)
 1633 {
 1634 #ifdef MRT6DEBUG
 1635         char ip6bufs[INET6_ADDRSTRLEN], ip6bufd[INET6_ADDRSTRLEN];
 1636 #endif
 1637         struct mbuf *mm;
 1638         int i, len = m->m_pkthdr.len;
 1639         static struct sockaddr_in6 sin6 = { sizeof(sin6), AF_INET6 };
 1640         struct mrt6msg *im6;
 1641 
 1642         MRT6_DLOG(DEBUG_ANY, "src %s dst %s",
 1643             ip6_sprintf(ip6bufs, &ip6->ip6_src),
 1644             ip6_sprintf(ip6bufd, &ip6->ip6_dst));
 1645         PIM6STAT_INC(pim6s_snd_registers);
 1646 
 1647         /* Make a copy of the packet to send to the user level process. */
 1648         mm = m_gethdr(M_NOWAIT, MT_DATA);
 1649         if (mm == NULL)
 1650                 return (ENOBUFS);
 1651         mm->m_data += max_linkhdr;
 1652         mm->m_len = sizeof(struct ip6_hdr);
 1653 
 1654         if ((mm->m_next = m_copy(m, 0, M_COPYALL)) == NULL) {
 1655                 m_freem(mm);
 1656                 return (ENOBUFS);
 1657         }
 1658         i = MHLEN - M_LEADINGSPACE(mm);
 1659         if (i > len)
 1660                 i = len;
 1661         mm = m_pullup(mm, i);
 1662         if (mm == NULL)
 1663                 return (ENOBUFS);
 1664 /* TODO: check it! */
 1665         mm->m_pkthdr.len = len + sizeof(struct ip6_hdr);
 1666 
 1667         /*
 1668          * Send message to routing daemon
 1669          */
 1670         sin6.sin6_addr = ip6->ip6_src;
 1671 
 1672         im6 = mtod(mm, struct mrt6msg *);
 1673         im6->im6_msgtype      = MRT6MSG_WHOLEPKT;
 1674         im6->im6_mbz          = 0;
 1675 
 1676         im6->im6_mif = mif - mif6table;
 1677 
 1678         /* iif info is not given for reg. encap.n */
 1679         MRT6STAT_INC(mrt6s_upcalls);
 1680 
 1681         if (socket_send(V_ip6_mrouter, mm, &sin6) < 0) {
 1682                 MRT6_DLOG(DEBUG_ANY, "ip6_mrouter socket queue full");
 1683                 MRT6STAT_INC(mrt6s_upq_sockfull);
 1684                 return (ENOBUFS);
 1685         }
 1686         return (0);
 1687 }
 1688 
 1689 /*
 1690  * pim6_encapcheck() is called by the encap6_input() path at runtime to
 1691  * determine if a packet is for PIM; allowing PIM to be dynamically loaded
 1692  * into the kernel.
 1693  */
 1694 static int
 1695 pim6_encapcheck(const struct mbuf *m, int off, int proto, void *arg)
 1696 {
 1697 
 1698 #ifdef DIAGNOSTIC
 1699     KASSERT(proto == IPPROTO_PIM, ("not for IPPROTO_PIM"));
 1700 #endif
 1701     if (proto != IPPROTO_PIM)
 1702         return 0;       /* not for us; reject the datagram. */
 1703 
 1704     return 64;          /* claim the datagram. */
 1705 }
 1706 
 1707 /*
 1708  * PIM sparse mode hook
 1709  * Receives the pim control messages, and passes them up to the listening
 1710  * socket, using rip6_input.
 1711  * The only message processed is the REGISTER pim message; the pim header
 1712  * is stripped off, and the inner packet is passed to register_mforward.
 1713  */
 1714 int
 1715 pim6_input(struct mbuf **mp, int *offp, int proto)
 1716 {
 1717         struct pim *pim; /* pointer to a pim struct */
 1718         struct ip6_hdr *ip6;
 1719         int pimlen;
 1720         struct mbuf *m = *mp;
 1721         int minlen;
 1722         int off = *offp;
 1723 
 1724         PIM6STAT_INC(pim6s_rcv_total);
 1725 
 1726         ip6 = mtod(m, struct ip6_hdr *);
 1727         pimlen = m->m_pkthdr.len - *offp;
 1728 
 1729         /*
 1730          * Validate lengths
 1731          */
 1732         if (pimlen < PIM_MINLEN) {
 1733                 PIM6STAT_INC(pim6s_rcv_tooshort);
 1734                 MRT6_DLOG(DEBUG_PIM, "PIM packet too short");
 1735                 m_freem(m);
 1736                 return (IPPROTO_DONE);
 1737         }
 1738 
 1739         /*
 1740          * if the packet is at least as big as a REGISTER, go ahead
 1741          * and grab the PIM REGISTER header size, to avoid another
 1742          * possible m_pullup() later.
 1743          *
 1744          * PIM_MINLEN       == pimhdr + u_int32 == 8
 1745          * PIM6_REG_MINLEN   == pimhdr + reghdr + eip6hdr == 4 + 4 + 40
 1746          */
 1747         minlen = (pimlen >= PIM6_REG_MINLEN) ? PIM6_REG_MINLEN : PIM_MINLEN;
 1748 
 1749         /*
 1750          * Make sure that the IP6 and PIM headers in contiguous memory, and
 1751          * possibly the PIM REGISTER header
 1752          */
 1753 #ifndef PULLDOWN_TEST
 1754         IP6_EXTHDR_CHECK(m, off, minlen, IPPROTO_DONE);
 1755         /* adjust pointer */
 1756         ip6 = mtod(m, struct ip6_hdr *);
 1757 
 1758         /* adjust mbuf to point to the PIM header */
 1759         pim = (struct pim *)((caddr_t)ip6 + off);
 1760 #else
 1761         IP6_EXTHDR_GET(pim, struct pim *, m, off, minlen);
 1762         if (pim == NULL) {
 1763                 PIM6STAT_INC(pim6s_rcv_tooshort);
 1764                 return (IPPROTO_DONE);
 1765         }
 1766 #endif
 1767 
 1768 #define PIM6_CHECKSUM
 1769 #ifdef PIM6_CHECKSUM
 1770         {
 1771                 int cksumlen;
 1772 
 1773                 /*
 1774                  * Validate checksum.
 1775                  * If PIM REGISTER, exclude the data packet
 1776                  */
 1777                 if (pim->pim_type == PIM_REGISTER)
 1778                         cksumlen = PIM_MINLEN;
 1779                 else
 1780                         cksumlen = pimlen;
 1781 
 1782                 if (in6_cksum(m, IPPROTO_PIM, off, cksumlen)) {
 1783                         PIM6STAT_INC(pim6s_rcv_badsum);
 1784                         MRT6_DLOG(DEBUG_PIM, "invalid checksum");
 1785                         m_freem(m);
 1786                         return (IPPROTO_DONE);
 1787                 }
 1788         }
 1789 #endif /* PIM_CHECKSUM */
 1790 
 1791         /* PIM version check */
 1792         if (pim->pim_ver != PIM_VERSION) {
 1793                 PIM6STAT_INC(pim6s_rcv_badversion);
 1794                 MRT6_DLOG(DEBUG_ANY | DEBUG_ERR,
 1795                     "incorrect version %d, expecting %d",
 1796                     pim->pim_ver, PIM_VERSION);
 1797                 m_freem(m);
 1798                 return (IPPROTO_DONE);
 1799         }
 1800 
 1801         if (pim->pim_type == PIM_REGISTER) {
 1802                 /*
 1803                  * since this is a REGISTER, we'll make a copy of the register
 1804                  * headers ip6+pim+u_int32_t+encap_ip6, to be passed up to the
 1805                  * routing daemon.
 1806                  */
 1807                 static struct sockaddr_in6 dst = { sizeof(dst), AF_INET6 };
 1808 
 1809                 struct mbuf *mcp;
 1810                 struct ip6_hdr *eip6;
 1811                 u_int32_t *reghdr;
 1812                 int rc;
 1813 #ifdef MRT6DEBUG
 1814                 char ip6bufs[INET6_ADDRSTRLEN], ip6bufd[INET6_ADDRSTRLEN];
 1815 #endif
 1816 
 1817                 PIM6STAT_INC(pim6s_rcv_registers);
 1818 
 1819                 if ((reg_mif_num >= nummifs) || (reg_mif_num == (mifi_t) -1)) {
 1820                         MRT6_DLOG(DEBUG_PIM, "register mif not set: %d",
 1821                             reg_mif_num);
 1822                         m_freem(m);
 1823                         return (IPPROTO_DONE);
 1824                 }
 1825 
 1826                 reghdr = (u_int32_t *)(pim + 1);
 1827 
 1828                 if ((ntohl(*reghdr) & PIM_NULL_REGISTER))
 1829                         goto pim6_input_to_daemon;
 1830 
 1831                 /*
 1832                  * Validate length
 1833                  */
 1834                 if (pimlen < PIM6_REG_MINLEN) {
 1835                         PIM6STAT_INC(pim6s_rcv_tooshort);
 1836                         PIM6STAT_INC(pim6s_rcv_badregisters);
 1837                         MRT6_DLOG(DEBUG_ANY | DEBUG_ERR, "register packet "
 1838                             "size too small %d from %s",
 1839                             pimlen, ip6_sprintf(ip6bufs, &ip6->ip6_src));
 1840                         m_freem(m);
 1841                         return (IPPROTO_DONE);
 1842                 }
 1843 
 1844                 eip6 = (struct ip6_hdr *) (reghdr + 1);
 1845                 MRT6_DLOG(DEBUG_PIM, "eip6: %s -> %s, eip6 plen %d",
 1846                     ip6_sprintf(ip6bufs, &eip6->ip6_src),
 1847                     ip6_sprintf(ip6bufd, &eip6->ip6_dst),
 1848                     ntohs(eip6->ip6_plen));
 1849 
 1850                 /* verify the version number of the inner packet */
 1851                 if ((eip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) {
 1852                         PIM6STAT_INC(pim6s_rcv_badregisters);
 1853                         MRT6_DLOG(DEBUG_ANY, "invalid IP version (%d) "
 1854                             "of the inner packet",
 1855                             (eip6->ip6_vfc & IPV6_VERSION));
 1856                         m_freem(m);
 1857                         return (IPPROTO_NONE);
 1858                 }
 1859 
 1860                 /* verify the inner packet is destined to a mcast group */
 1861                 if (!IN6_IS_ADDR_MULTICAST(&eip6->ip6_dst)) {
 1862                         PIM6STAT_INC(pim6s_rcv_badregisters);
 1863                         MRT6_DLOG(DEBUG_PIM, "inner packet of register "
 1864                             "is not multicast %s",
 1865                             ip6_sprintf(ip6bufd, &eip6->ip6_dst));
 1866                         m_freem(m);
 1867                         return (IPPROTO_DONE);
 1868                 }
 1869 
 1870                 /*
 1871                  * make a copy of the whole header to pass to the daemon later.
 1872                  */
 1873                 mcp = m_copy(m, 0, off + PIM6_REG_MINLEN);
 1874                 if (mcp == NULL) {
 1875                         MRT6_DLOG(DEBUG_ANY | DEBUG_ERR, "pim register: "
 1876                             "could not copy register head");
 1877                         m_freem(m);
 1878                         return (IPPROTO_DONE);
 1879                 }
 1880 
 1881                 /*
 1882                  * forward the inner ip6 packet; point m_data at the inner ip6.
 1883                  */
 1884                 m_adj(m, off + PIM_MINLEN);
 1885                 MRT6_DLOG(DEBUG_PIM, "forwarding decapsulated register: "
 1886                     "src %s, dst %s, mif %d",
 1887                     ip6_sprintf(ip6bufs, &eip6->ip6_src),
 1888                     ip6_sprintf(ip6bufd, &eip6->ip6_dst), reg_mif_num);
 1889 
 1890                 rc = if_simloop(mif6table[reg_mif_num].m6_ifp, m,
 1891                                 dst.sin6_family, 0);
 1892 
 1893                 /* prepare the register head to send to the mrouting daemon */
 1894                 m = mcp;
 1895         }
 1896 
 1897         /*
 1898          * Pass the PIM message up to the daemon; if it is a register message
 1899          * pass the 'head' only up to the daemon. This includes the
 1900          * encapsulator ip6 header, pim header, register header and the
 1901          * encapsulated ip6 header.
 1902          */
 1903   pim6_input_to_daemon:
 1904         rip6_input(&m, offp, proto);
 1905         return (IPPROTO_DONE);
 1906 }
 1907 
 1908 static int
 1909 ip6_mroute_modevent(module_t mod, int type, void *unused)
 1910 {
 1911 
 1912         switch (type) {
 1913         case MOD_LOAD:
 1914                 MROUTER6_LOCK_INIT();
 1915                 MFC6_LOCK_INIT();
 1916                 MIF6_LOCK_INIT();
 1917 
 1918                 pim6_encap_cookie = encap_attach_func(AF_INET6, IPPROTO_PIM,
 1919                         pim6_encapcheck,
 1920                         (const struct protosw *)&in6_pim_protosw, NULL);
 1921                 if (pim6_encap_cookie == NULL) {
 1922                         printf("ip6_mroute: unable to attach pim6 encap\n");
 1923                         MIF6_LOCK_DESTROY();
 1924                         MFC6_LOCK_DESTROY();
 1925                         MROUTER6_LOCK_DESTROY();
 1926                         return (EINVAL);
 1927                 }
 1928 
 1929                 ip6_mforward = X_ip6_mforward;
 1930                 ip6_mrouter_done = X_ip6_mrouter_done;
 1931                 ip6_mrouter_get = X_ip6_mrouter_get;
 1932                 ip6_mrouter_set = X_ip6_mrouter_set;
 1933                 mrt6_ioctl = X_mrt6_ioctl;
 1934                 break;
 1935 
 1936         case MOD_UNLOAD:
 1937                 if (V_ip6_mrouter != NULL)
 1938                         return EINVAL;
 1939 
 1940                 if (pim6_encap_cookie) {
 1941                         encap_detach(pim6_encap_cookie);
 1942                         pim6_encap_cookie = NULL;
 1943                 }
 1944                 X_ip6_mrouter_done();
 1945                 ip6_mforward = NULL;
 1946                 ip6_mrouter_done = NULL;
 1947                 ip6_mrouter_get = NULL;
 1948                 ip6_mrouter_set = NULL;
 1949                 mrt6_ioctl = NULL;
 1950 
 1951                 MIF6_LOCK_DESTROY();
 1952                 MFC6_LOCK_DESTROY();
 1953                 MROUTER6_LOCK_DESTROY();
 1954                 break;
 1955 
 1956         default:
 1957                 return (EOPNOTSUPP);
 1958         }
 1959 
 1960         return (0);
 1961 }
 1962 
 1963 static moduledata_t ip6_mroutemod = {
 1964         "ip6_mroute",
 1965         ip6_mroute_modevent,
 1966         0
 1967 };
 1968 
 1969 DECLARE_MODULE(ip6_mroute, ip6_mroutemod, SI_SUB_PROTO_MC, SI_ORDER_ANY);

Cache object: fd1e224ddf07bac3b37657ec8d378984


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.