Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/netinet6/ip6_output.c
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the project nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 * $KAME: ip6_output.c,v 1.279 2002/01/26 06:12:30 jinmei Exp $ 32 */ 33 34 /*- 35 * Copyright (c) 1982, 1986, 1988, 1990, 1993 36 * The Regents of the University of California. All rights reserved. 37 * 38 * Redistribution and use in source and binary forms, with or without 39 * modification, are permitted provided that the following conditions 40 * are met: 41 * 1. Redistributions of source code must retain the above copyright 42 * notice, this list of conditions and the following disclaimer. 43 * 2. Redistributions in binary form must reproduce the above copyright 44 * notice, this list of conditions and the following disclaimer in the 45 * documentation and/or other materials provided with the distribution. 46 * 3. Neither the name of the University nor the names of its contributors 47 * may be used to endorse or promote products derived from this software 48 * without specific prior written permission. 49 * 50 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 51 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 52 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 53 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 54 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 55 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 56 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 57 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 58 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 59 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 60 * SUCH DAMAGE. 61 * 62 * @(#)ip_output.c 8.3 (Berkeley) 1/21/94 63 */ 64 65 #include <sys/cdefs.h> 66 __FBSDID("$FreeBSD$"); 67 68 #include "opt_inet.h" 69 #include "opt_inet6.h" 70 #include "opt_ipsec.h" 71 #include "opt_kern_tls.h" 72 #include "opt_ratelimit.h" 73 #include "opt_route.h" 74 #include "opt_rss.h" 75 #include "opt_sctp.h" 76 77 #include <sys/param.h> 78 #include <sys/kernel.h> 79 #include <sys/ktls.h> 80 #include <sys/malloc.h> 81 #include <sys/mbuf.h> 82 #include <sys/errno.h> 83 #include <sys/priv.h> 84 #include <sys/proc.h> 85 #include <sys/protosw.h> 86 #include <sys/socket.h> 87 #include <sys/socketvar.h> 88 #include <sys/syslog.h> 89 #include <sys/ucred.h> 90 91 #include <machine/in_cksum.h> 92 93 #include <net/if.h> 94 #include <net/if_var.h> 95 #include <net/if_vlan_var.h> 96 #include <net/if_llatbl.h> 97 #include <net/ethernet.h> 98 #include <net/netisr.h> 99 #include <net/route.h> 100 #include <net/route/nhop.h> 101 #include <net/pfil.h> 102 #include <net/rss_config.h> 103 #include <net/vnet.h> 104 105 #include <netinet/in.h> 106 #include <netinet/in_var.h> 107 #include <netinet/ip_var.h> 108 #include <netinet6/in6_fib.h> 109 #include <netinet6/in6_var.h> 110 #include <netinet/ip6.h> 111 #include <netinet/icmp6.h> 112 #include <netinet6/ip6_var.h> 113 #include <netinet/in_pcb.h> 114 #include <netinet/tcp_var.h> 115 #include <netinet6/nd6.h> 116 #include <netinet6/in6_rss.h> 117 118 #include <netipsec/ipsec_support.h> 119 #if defined(SCTP) || defined(SCTP_SUPPORT) 120 #include <netinet/sctp.h> 121 #include <netinet/sctp_crc32.h> 122 #endif 123 124 #include <netinet6/scope6_var.h> 125 126 extern int in6_mcast_loop; 127 128 struct ip6_exthdrs { 129 struct mbuf *ip6e_ip6; 130 struct mbuf *ip6e_hbh; 131 struct mbuf *ip6e_dest1; 132 struct mbuf *ip6e_rthdr; 133 struct mbuf *ip6e_dest2; 134 }; 135 136 static MALLOC_DEFINE(M_IP6OPT, "ip6opt", "IPv6 options"); 137 138 static int ip6_pcbopt(int, u_char *, int, struct ip6_pktopts **, 139 struct ucred *, int); 140 static int ip6_pcbopts(struct ip6_pktopts **, struct mbuf *, 141 struct socket *, struct sockopt *); 142 static int ip6_getpcbopt(struct inpcb *, int, struct sockopt *); 143 static int ip6_setpktopt(int, u_char *, int, struct ip6_pktopts *, 144 struct ucred *, int, int, int); 145 146 static int ip6_copyexthdr(struct mbuf **, caddr_t, int); 147 static int ip6_insertfraghdr(struct mbuf *, struct mbuf *, int, 148 struct ip6_frag **); 149 static int ip6_insert_jumboopt(struct ip6_exthdrs *, u_int32_t); 150 static int ip6_splithdr(struct mbuf *, struct ip6_exthdrs *); 151 static int ip6_getpmtu(struct route_in6 *, int, 152 struct ifnet *, const struct in6_addr *, u_long *, int *, u_int, 153 u_int); 154 static int ip6_calcmtu(struct ifnet *, const struct in6_addr *, u_long, 155 u_long *, int *, u_int); 156 static int ip6_getpmtu_ctl(u_int, const struct in6_addr *, u_long *); 157 static int copypktopts(struct ip6_pktopts *, struct ip6_pktopts *, int); 158 159 /* 160 * Make an extension header from option data. hp is the source, 161 * mp is the destination, and _ol is the optlen. 162 */ 163 #define MAKE_EXTHDR(hp, mp, _ol) \ 164 do { \ 165 if (hp) { \ 166 struct ip6_ext *eh = (struct ip6_ext *)(hp); \ 167 error = ip6_copyexthdr((mp), (caddr_t)(hp), \ 168 ((eh)->ip6e_len + 1) << 3); \ 169 if (error) \ 170 goto freehdrs; \ 171 (_ol) += (*(mp))->m_len; \ 172 } \ 173 } while (/*CONSTCOND*/ 0) 174 175 /* 176 * Form a chain of extension headers. 177 * m is the extension header mbuf 178 * mp is the previous mbuf in the chain 179 * p is the next header 180 * i is the type of option. 181 */ 182 #define MAKE_CHAIN(m, mp, p, i)\ 183 do {\ 184 if (m) {\ 185 if (!hdrsplit) \ 186 panic("%s:%d: assumption failed: "\ 187 "hdr not split: hdrsplit %d exthdrs %p",\ 188 __func__, __LINE__, hdrsplit, &exthdrs);\ 189 *mtod((m), u_char *) = *(p);\ 190 *(p) = (i);\ 191 p = mtod((m), u_char *);\ 192 (m)->m_next = (mp)->m_next;\ 193 (mp)->m_next = (m);\ 194 (mp) = (m);\ 195 }\ 196 } while (/*CONSTCOND*/ 0) 197 198 void 199 in6_delayed_cksum(struct mbuf *m, uint32_t plen, u_short offset) 200 { 201 u_short csum; 202 203 csum = in_cksum_skip(m, offset + plen, offset); 204 if (m->m_pkthdr.csum_flags & CSUM_UDP_IPV6 && csum == 0) 205 csum = 0xffff; 206 offset += m->m_pkthdr.csum_data; /* checksum offset */ 207 208 if (offset + sizeof(csum) > m->m_len) 209 m_copyback(m, offset, sizeof(csum), (caddr_t)&csum); 210 else 211 *(u_short *)mtodo(m, offset) = csum; 212 } 213 214 static void 215 ip6_output_delayed_csum(struct mbuf *m, struct ifnet *ifp, int csum_flags, 216 int plen, int optlen) 217 { 218 219 KASSERT((plen >= optlen), ("%s:%d: plen %d < optlen %d, m %p, ifp %p " 220 "csum_flags %#x", 221 __func__, __LINE__, plen, optlen, m, ifp, csum_flags)); 222 223 if (csum_flags & CSUM_DELAY_DATA_IPV6) { 224 in6_delayed_cksum(m, plen - optlen, 225 sizeof(struct ip6_hdr) + optlen); 226 m->m_pkthdr.csum_flags &= ~CSUM_DELAY_DATA_IPV6; 227 } 228 #if defined(SCTP) || defined(SCTP_SUPPORT) 229 if (csum_flags & CSUM_SCTP_IPV6) { 230 sctp_delayed_cksum(m, sizeof(struct ip6_hdr) + optlen); 231 m->m_pkthdr.csum_flags &= ~CSUM_SCTP_IPV6; 232 } 233 #endif 234 } 235 236 int 237 ip6_fragment(struct ifnet *ifp, struct mbuf *m0, int hlen, u_char nextproto, 238 int fraglen , uint32_t id) 239 { 240 struct mbuf *m, **mnext, *m_frgpart; 241 struct ip6_hdr *ip6, *mhip6; 242 struct ip6_frag *ip6f; 243 int off; 244 int error; 245 int tlen = m0->m_pkthdr.len; 246 247 KASSERT((fraglen % 8 == 0), ("Fragment length must be a multiple of 8")); 248 249 m = m0; 250 ip6 = mtod(m, struct ip6_hdr *); 251 mnext = &m->m_nextpkt; 252 253 for (off = hlen; off < tlen; off += fraglen) { 254 m = m_gethdr(M_NOWAIT, MT_DATA); 255 if (!m) { 256 IP6STAT_INC(ip6s_odropped); 257 return (ENOBUFS); 258 } 259 260 /* 261 * Make sure the complete packet header gets copied 262 * from the originating mbuf to the newly created 263 * mbuf. This also ensures that existing firewall 264 * classification(s), VLAN tags and so on get copied 265 * to the resulting fragmented packet(s): 266 */ 267 if (m_dup_pkthdr(m, m0, M_NOWAIT) == 0) { 268 m_free(m); 269 IP6STAT_INC(ip6s_odropped); 270 return (ENOBUFS); 271 } 272 273 *mnext = m; 274 mnext = &m->m_nextpkt; 275 m->m_data += max_linkhdr; 276 mhip6 = mtod(m, struct ip6_hdr *); 277 *mhip6 = *ip6; 278 m->m_len = sizeof(*mhip6); 279 error = ip6_insertfraghdr(m0, m, hlen, &ip6f); 280 if (error) { 281 IP6STAT_INC(ip6s_odropped); 282 return (error); 283 } 284 ip6f->ip6f_offlg = htons((u_short)((off - hlen) & ~7)); 285 if (off + fraglen >= tlen) 286 fraglen = tlen - off; 287 else 288 ip6f->ip6f_offlg |= IP6F_MORE_FRAG; 289 mhip6->ip6_plen = htons((u_short)(fraglen + hlen + 290 sizeof(*ip6f) - sizeof(struct ip6_hdr))); 291 if ((m_frgpart = m_copym(m0, off, fraglen, M_NOWAIT)) == NULL) { 292 IP6STAT_INC(ip6s_odropped); 293 return (ENOBUFS); 294 } 295 m_cat(m, m_frgpart); 296 m->m_pkthdr.len = fraglen + hlen + sizeof(*ip6f); 297 ip6f->ip6f_reserved = 0; 298 ip6f->ip6f_ident = id; 299 ip6f->ip6f_nxt = nextproto; 300 IP6STAT_INC(ip6s_ofragments); 301 in6_ifstat_inc(ifp, ifs6_out_fragcreat); 302 } 303 304 return (0); 305 } 306 307 static int 308 ip6_output_send(struct inpcb *inp, struct ifnet *ifp, struct ifnet *origifp, 309 struct mbuf *m, struct sockaddr_in6 *dst, struct route_in6 *ro, 310 bool stamp_tag) 311 { 312 #ifdef KERN_TLS 313 struct ktls_session *tls = NULL; 314 #endif 315 struct m_snd_tag *mst; 316 int error; 317 318 MPASS((m->m_pkthdr.csum_flags & CSUM_SND_TAG) == 0); 319 mst = NULL; 320 321 #ifdef KERN_TLS 322 /* 323 * If this is an unencrypted TLS record, save a reference to 324 * the record. This local reference is used to call 325 * ktls_output_eagain after the mbuf has been freed (thus 326 * dropping the mbuf's reference) in if_output. 327 */ 328 if (m->m_next != NULL && mbuf_has_tls_session(m->m_next)) { 329 tls = ktls_hold(m->m_next->m_epg_tls); 330 mst = tls->snd_tag; 331 332 /* 333 * If a TLS session doesn't have a valid tag, it must 334 * have had an earlier ifp mismatch, so drop this 335 * packet. 336 */ 337 if (mst == NULL) { 338 m_freem(m); 339 error = EAGAIN; 340 goto done; 341 } 342 /* 343 * Always stamp tags that include NIC ktls. 344 */ 345 stamp_tag = true; 346 } 347 #endif 348 #ifdef RATELIMIT 349 if (inp != NULL && mst == NULL) { 350 if ((inp->inp_flags2 & INP_RATE_LIMIT_CHANGED) != 0 || 351 (inp->inp_snd_tag != NULL && 352 inp->inp_snd_tag->ifp != ifp)) 353 in_pcboutput_txrtlmt(inp, ifp, m); 354 355 if (inp->inp_snd_tag != NULL) 356 mst = inp->inp_snd_tag; 357 } 358 #endif 359 if (stamp_tag && mst != NULL) { 360 KASSERT(m->m_pkthdr.rcvif == NULL, 361 ("trying to add a send tag to a forwarded packet")); 362 if (mst->ifp != ifp) { 363 m_freem(m); 364 error = EAGAIN; 365 goto done; 366 } 367 368 /* stamp send tag on mbuf */ 369 m->m_pkthdr.snd_tag = m_snd_tag_ref(mst); 370 m->m_pkthdr.csum_flags |= CSUM_SND_TAG; 371 } 372 373 error = nd6_output_ifp(ifp, origifp, m, dst, (struct route *)ro); 374 375 done: 376 /* Check for route change invalidating send tags. */ 377 #ifdef KERN_TLS 378 if (tls != NULL) { 379 if (error == EAGAIN) 380 error = ktls_output_eagain(inp, tls); 381 ktls_free(tls); 382 } 383 #endif 384 #ifdef RATELIMIT 385 if (error == EAGAIN) 386 in_pcboutput_eagain(inp); 387 #endif 388 return (error); 389 } 390 391 /* 392 * IP6 output. 393 * The packet in mbuf chain m contains a skeletal IP6 header (with pri, len, 394 * nxt, hlim, src, dst). 395 * This function may modify ver and hlim only. 396 * The mbuf chain containing the packet will be freed. 397 * The mbuf opt, if present, will not be freed. 398 * If route_in6 ro is present and has ro_nh initialized, route lookup would be 399 * skipped and ro->ro_nh would be used. If ro is present but ro->ro_nh is NULL, 400 * then result of route lookup is stored in ro->ro_nh. 401 * 402 * Type of "mtu": rt_mtu is u_long, ifnet.ifr_mtu is int, and nd_ifinfo.linkmtu 403 * is uint32_t. So we use u_long to hold largest one, which is rt_mtu. 404 * 405 * ifpp - XXX: just for statistics 406 */ 407 int 408 ip6_output(struct mbuf *m0, struct ip6_pktopts *opt, 409 struct route_in6 *ro, int flags, struct ip6_moptions *im6o, 410 struct ifnet **ifpp, struct inpcb *inp) 411 { 412 struct ip6_hdr *ip6; 413 struct ifnet *ifp, *origifp; 414 struct mbuf *m = m0; 415 struct mbuf *mprev; 416 struct route_in6 *ro_pmtu; 417 struct nhop_object *nh; 418 struct sockaddr_in6 *dst, sin6, src_sa, dst_sa; 419 struct in6_addr odst; 420 u_char *nexthdrp; 421 int tlen, len; 422 int error = 0; 423 int vlan_pcp = -1; 424 struct in6_ifaddr *ia = NULL; 425 u_long mtu; 426 int alwaysfrag, dontfrag; 427 u_int32_t optlen, plen = 0, unfragpartlen; 428 struct ip6_exthdrs exthdrs; 429 struct in6_addr src0, dst0; 430 u_int32_t zone; 431 bool hdrsplit; 432 int sw_csum, tso; 433 int needfiblookup; 434 uint32_t fibnum; 435 struct m_tag *fwd_tag = NULL; 436 uint32_t id; 437 438 NET_EPOCH_ASSERT(); 439 440 if (inp != NULL) { 441 INP_LOCK_ASSERT(inp); 442 M_SETFIB(m, inp->inp_inc.inc_fibnum); 443 if ((flags & IP_NODEFAULTFLOWID) == 0) { 444 /* Unconditionally set flowid. */ 445 m->m_pkthdr.flowid = inp->inp_flowid; 446 M_HASHTYPE_SET(m, inp->inp_flowtype); 447 } 448 if ((inp->inp_flags2 & INP_2PCP_SET) != 0) 449 vlan_pcp = (inp->inp_flags2 & INP_2PCP_MASK) >> 450 INP_2PCP_SHIFT; 451 #ifdef NUMA 452 m->m_pkthdr.numa_domain = inp->inp_numa_domain; 453 #endif 454 } 455 456 #if defined(IPSEC) || defined(IPSEC_SUPPORT) 457 /* 458 * IPSec checking which handles several cases. 459 * FAST IPSEC: We re-injected the packet. 460 * XXX: need scope argument. 461 */ 462 if (IPSEC_ENABLED(ipv6)) { 463 if ((error = IPSEC_OUTPUT(ipv6, m, inp)) != 0) { 464 if (error == EINPROGRESS) 465 error = 0; 466 goto done; 467 } 468 } 469 #endif /* IPSEC */ 470 471 /* Source address validation. */ 472 ip6 = mtod(m, struct ip6_hdr *); 473 if (IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_src) && 474 (flags & IPV6_UNSPECSRC) == 0) { 475 error = EOPNOTSUPP; 476 IP6STAT_INC(ip6s_badscope); 477 goto bad; 478 } 479 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_src)) { 480 error = EOPNOTSUPP; 481 IP6STAT_INC(ip6s_badscope); 482 goto bad; 483 } 484 485 /* 486 * If we are given packet options to add extension headers prepare them. 487 * Calculate the total length of the extension header chain. 488 * Keep the length of the unfragmentable part for fragmentation. 489 */ 490 bzero(&exthdrs, sizeof(exthdrs)); 491 optlen = 0; 492 unfragpartlen = sizeof(struct ip6_hdr); 493 if (opt) { 494 /* Hop-by-Hop options header. */ 495 MAKE_EXTHDR(opt->ip6po_hbh, &exthdrs.ip6e_hbh, optlen); 496 497 /* Destination options header (1st part). */ 498 if (opt->ip6po_rthdr) { 499 #ifndef RTHDR_SUPPORT_IMPLEMENTED 500 /* 501 * If there is a routing header, discard the packet 502 * right away here. RH0/1 are obsolete and we do not 503 * currently support RH2/3/4. 504 * People trying to use RH253/254 may want to disable 505 * this check. 506 * The moment we do support any routing header (again) 507 * this block should check the routing type more 508 * selectively. 509 */ 510 error = EINVAL; 511 goto bad; 512 #endif 513 514 /* 515 * Destination options header (1st part). 516 * This only makes sense with a routing header. 517 * See Section 9.2 of RFC 3542. 518 * Disabling this part just for MIP6 convenience is 519 * a bad idea. We need to think carefully about a 520 * way to make the advanced API coexist with MIP6 521 * options, which might automatically be inserted in 522 * the kernel. 523 */ 524 MAKE_EXTHDR(opt->ip6po_dest1, &exthdrs.ip6e_dest1, 525 optlen); 526 } 527 /* Routing header. */ 528 MAKE_EXTHDR(opt->ip6po_rthdr, &exthdrs.ip6e_rthdr, optlen); 529 530 unfragpartlen += optlen; 531 532 /* 533 * NOTE: we don't add AH/ESP length here (done in 534 * ip6_ipsec_output()). 535 */ 536 537 /* Destination options header (2nd part). */ 538 MAKE_EXTHDR(opt->ip6po_dest2, &exthdrs.ip6e_dest2, optlen); 539 } 540 541 /* 542 * If there is at least one extension header, 543 * separate IP6 header from the payload. 544 */ 545 hdrsplit = false; 546 if (optlen) { 547 if ((error = ip6_splithdr(m, &exthdrs)) != 0) { 548 m = NULL; 549 goto freehdrs; 550 } 551 m = exthdrs.ip6e_ip6; 552 ip6 = mtod(m, struct ip6_hdr *); 553 hdrsplit = true; 554 } 555 556 /* Adjust mbuf packet header length. */ 557 m->m_pkthdr.len += optlen; 558 plen = m->m_pkthdr.len - sizeof(*ip6); 559 560 /* If this is a jumbo payload, insert a jumbo payload option. */ 561 if (plen > IPV6_MAXPACKET) { 562 if (!hdrsplit) { 563 if ((error = ip6_splithdr(m, &exthdrs)) != 0) { 564 m = NULL; 565 goto freehdrs; 566 } 567 m = exthdrs.ip6e_ip6; 568 ip6 = mtod(m, struct ip6_hdr *); 569 hdrsplit = true; 570 } 571 if ((error = ip6_insert_jumboopt(&exthdrs, plen)) != 0) 572 goto freehdrs; 573 ip6->ip6_plen = 0; 574 } else 575 ip6->ip6_plen = htons(plen); 576 nexthdrp = &ip6->ip6_nxt; 577 578 if (optlen) { 579 /* 580 * Concatenate headers and fill in next header fields. 581 * Here we have, on "m" 582 * IPv6 payload 583 * and we insert headers accordingly. 584 * Finally, we should be getting: 585 * IPv6 hbh dest1 rthdr ah* [esp* dest2 payload]. 586 * 587 * During the header composing process "m" points to IPv6 588 * header. "mprev" points to an extension header prior to esp. 589 */ 590 mprev = m; 591 592 /* 593 * We treat dest2 specially. This makes IPsec processing 594 * much easier. The goal here is to make mprev point the 595 * mbuf prior to dest2. 596 * 597 * Result: IPv6 dest2 payload. 598 * m and mprev will point to IPv6 header. 599 */ 600 if (exthdrs.ip6e_dest2) { 601 if (!hdrsplit) 602 panic("%s:%d: assumption failed: " 603 "hdr not split: hdrsplit %d exthdrs %p", 604 __func__, __LINE__, hdrsplit, &exthdrs); 605 exthdrs.ip6e_dest2->m_next = m->m_next; 606 m->m_next = exthdrs.ip6e_dest2; 607 *mtod(exthdrs.ip6e_dest2, u_char *) = ip6->ip6_nxt; 608 ip6->ip6_nxt = IPPROTO_DSTOPTS; 609 } 610 611 /* 612 * Result: IPv6 hbh dest1 rthdr dest2 payload. 613 * m will point to IPv6 header. mprev will point to the 614 * extension header prior to dest2 (rthdr in the above case). 615 */ 616 MAKE_CHAIN(exthdrs.ip6e_hbh, mprev, nexthdrp, IPPROTO_HOPOPTS); 617 MAKE_CHAIN(exthdrs.ip6e_dest1, mprev, nexthdrp, 618 IPPROTO_DSTOPTS); 619 MAKE_CHAIN(exthdrs.ip6e_rthdr, mprev, nexthdrp, 620 IPPROTO_ROUTING); 621 } 622 623 IP6STAT_INC(ip6s_localout); 624 625 /* Route packet. */ 626 ro_pmtu = ro; 627 if (opt && opt->ip6po_rthdr) 628 ro = &opt->ip6po_route; 629 if (ro != NULL) 630 dst = (struct sockaddr_in6 *)&ro->ro_dst; 631 else 632 dst = &sin6; 633 fibnum = (inp != NULL) ? inp->inp_inc.inc_fibnum : M_GETFIB(m); 634 635 again: 636 /* 637 * If specified, try to fill in the traffic class field. 638 * Do not override if a non-zero value is already set. 639 * We check the diffserv field and the ECN field separately. 640 */ 641 if (opt && opt->ip6po_tclass >= 0) { 642 int mask = 0; 643 644 if (IPV6_DSCP(ip6) == 0) 645 mask |= 0xfc; 646 if (IPV6_ECN(ip6) == 0) 647 mask |= 0x03; 648 if (mask != 0) 649 ip6->ip6_flow |= htonl((opt->ip6po_tclass & mask) << 20); 650 } 651 652 /* Fill in or override the hop limit field, if necessary. */ 653 if (opt && opt->ip6po_hlim != -1) 654 ip6->ip6_hlim = opt->ip6po_hlim & 0xff; 655 else if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) { 656 if (im6o != NULL) 657 ip6->ip6_hlim = im6o->im6o_multicast_hlim; 658 else 659 ip6->ip6_hlim = V_ip6_defmcasthlim; 660 } 661 662 if (ro == NULL || ro->ro_nh == NULL) { 663 bzero(dst, sizeof(*dst)); 664 dst->sin6_family = AF_INET6; 665 dst->sin6_len = sizeof(*dst); 666 dst->sin6_addr = ip6->ip6_dst; 667 } 668 /* 669 * Validate route against routing table changes. 670 * Make sure that the address family is set in route. 671 */ 672 nh = NULL; 673 ifp = NULL; 674 mtu = 0; 675 if (ro != NULL) { 676 if (ro->ro_nh != NULL && inp != NULL) { 677 ro->ro_dst.sin6_family = AF_INET6; /* XXX KASSERT? */ 678 NH_VALIDATE((struct route *)ro, &inp->inp_rt_cookie, 679 fibnum); 680 } 681 if (ro->ro_nh != NULL && fwd_tag == NULL && 682 (!NH_IS_VALID(ro->ro_nh) || 683 ro->ro_dst.sin6_family != AF_INET6 || 684 !IN6_ARE_ADDR_EQUAL(&ro->ro_dst.sin6_addr, &ip6->ip6_dst))) 685 RO_INVALIDATE_CACHE(ro); 686 687 if (ro->ro_nh != NULL && fwd_tag == NULL && 688 ro->ro_dst.sin6_family == AF_INET6 && 689 IN6_ARE_ADDR_EQUAL(&ro->ro_dst.sin6_addr, &ip6->ip6_dst)) { 690 /* Nexthop is valid and contains valid ifp */ 691 nh = ro->ro_nh; 692 } else { 693 if (ro->ro_lle) 694 LLE_FREE(ro->ro_lle); /* zeros ro_lle */ 695 ro->ro_lle = NULL; 696 if (fwd_tag == NULL) { 697 bzero(&dst_sa, sizeof(dst_sa)); 698 dst_sa.sin6_family = AF_INET6; 699 dst_sa.sin6_len = sizeof(dst_sa); 700 dst_sa.sin6_addr = ip6->ip6_dst; 701 } 702 error = in6_selectroute(&dst_sa, opt, im6o, ro, &ifp, 703 &nh, fibnum, m->m_pkthdr.flowid); 704 if (error != 0) { 705 IP6STAT_INC(ip6s_noroute); 706 if (ifp != NULL) 707 in6_ifstat_inc(ifp, ifs6_out_discard); 708 goto bad; 709 } 710 /* 711 * At this point at least @ifp is not NULL 712 * Can be the case when dst is multicast, link-local or 713 * interface is explicitly specificed by the caller. 714 */ 715 } 716 if (nh == NULL) { 717 /* 718 * If in6_selectroute() does not return a nexthop 719 * dst may not have been updated. 720 */ 721 *dst = dst_sa; /* XXX */ 722 origifp = ifp; 723 mtu = ifp->if_mtu; 724 } else { 725 ifp = nh->nh_ifp; 726 origifp = nh->nh_aifp; 727 ia = (struct in6_ifaddr *)(nh->nh_ifa); 728 counter_u64_add(nh->nh_pksent, 1); 729 } 730 } else { 731 struct nhop_object *nh; 732 struct in6_addr kdst; 733 uint32_t scopeid; 734 735 if (fwd_tag == NULL) { 736 bzero(&dst_sa, sizeof(dst_sa)); 737 dst_sa.sin6_family = AF_INET6; 738 dst_sa.sin6_len = sizeof(dst_sa); 739 dst_sa.sin6_addr = ip6->ip6_dst; 740 } 741 742 if (IN6_IS_ADDR_MULTICAST(&dst_sa.sin6_addr) && 743 im6o != NULL && 744 (ifp = im6o->im6o_multicast_ifp) != NULL) { 745 /* We do not need a route lookup. */ 746 *dst = dst_sa; /* XXX */ 747 origifp = ifp; 748 goto nonh6lookup; 749 } 750 751 in6_splitscope(&dst_sa.sin6_addr, &kdst, &scopeid); 752 753 if (IN6_IS_ADDR_MC_LINKLOCAL(&dst_sa.sin6_addr) || 754 IN6_IS_ADDR_MC_NODELOCAL(&dst_sa.sin6_addr)) { 755 if (scopeid > 0) { 756 ifp = in6_getlinkifnet(scopeid); 757 if (ifp == NULL) { 758 error = EHOSTUNREACH; 759 goto bad; 760 } 761 *dst = dst_sa; /* XXX */ 762 origifp = ifp; 763 goto nonh6lookup; 764 } 765 } 766 767 nh = fib6_lookup(fibnum, &kdst, scopeid, NHR_NONE, 768 m->m_pkthdr.flowid); 769 if (nh == NULL) { 770 IP6STAT_INC(ip6s_noroute); 771 /* No ifp in6_ifstat_inc(ifp, ifs6_out_discard); */ 772 error = EHOSTUNREACH; 773 goto bad; 774 } 775 776 ifp = nh->nh_ifp; 777 origifp = nh->nh_aifp; 778 ia = ifatoia6(nh->nh_ifa); 779 if (nh->nh_flags & NHF_GATEWAY) 780 dst->sin6_addr = nh->gw6_sa.sin6_addr; 781 else if (fwd_tag != NULL) 782 dst->sin6_addr = dst_sa.sin6_addr; 783 nonh6lookup: 784 ; 785 } 786 /* 787 * At this point ifp MUST be pointing to the valid transmit ifp. 788 * origifp MUST be valid and pointing to either the same ifp or, 789 * in case of loopback output, to the interface which ip6_src 790 * belongs to. 791 * Examples: 792 * fe80::1%em0 -> fe80::2%em0 -> ifp=em0, origifp=em0 793 * fe80::1%em0 -> fe80::1%em0 -> ifp=lo0, origifp=em0 794 * ::1 -> ::1 -> ifp=lo0, origifp=lo0 795 * 796 * mtu can be 0 and will be refined later. 797 */ 798 KASSERT((ifp != NULL), ("output interface must not be NULL")); 799 KASSERT((origifp != NULL), ("output address interface must not be NULL")); 800 801 if ((flags & IPV6_FORWARDING) == 0) { 802 /* XXX: the FORWARDING flag can be set for mrouting. */ 803 in6_ifstat_inc(ifp, ifs6_out_request); 804 } 805 806 /* Setup data structures for scope ID checks. */ 807 src0 = ip6->ip6_src; 808 bzero(&src_sa, sizeof(src_sa)); 809 src_sa.sin6_family = AF_INET6; 810 src_sa.sin6_len = sizeof(src_sa); 811 src_sa.sin6_addr = ip6->ip6_src; 812 813 dst0 = ip6->ip6_dst; 814 /* Re-initialize to be sure. */ 815 bzero(&dst_sa, sizeof(dst_sa)); 816 dst_sa.sin6_family = AF_INET6; 817 dst_sa.sin6_len = sizeof(dst_sa); 818 dst_sa.sin6_addr = ip6->ip6_dst; 819 820 /* Check for valid scope ID. */ 821 if (in6_setscope(&src0, origifp, &zone) == 0 && 822 sa6_recoverscope(&src_sa) == 0 && zone == src_sa.sin6_scope_id && 823 in6_setscope(&dst0, origifp, &zone) == 0 && 824 sa6_recoverscope(&dst_sa) == 0 && zone == dst_sa.sin6_scope_id) { 825 /* 826 * The outgoing interface is in the zone of the source 827 * and destination addresses. 828 * 829 */ 830 } else if ((origifp->if_flags & IFF_LOOPBACK) == 0 || 831 sa6_recoverscope(&src_sa) != 0 || 832 sa6_recoverscope(&dst_sa) != 0 || 833 dst_sa.sin6_scope_id == 0 || 834 (src_sa.sin6_scope_id != 0 && 835 src_sa.sin6_scope_id != dst_sa.sin6_scope_id) || 836 ifnet_byindex(dst_sa.sin6_scope_id) == NULL) { 837 /* 838 * If the destination network interface is not a 839 * loopback interface, or the destination network 840 * address has no scope ID, or the source address has 841 * a scope ID set which is different from the 842 * destination address one, or there is no network 843 * interface representing this scope ID, the address 844 * pair is considered invalid. 845 */ 846 IP6STAT_INC(ip6s_badscope); 847 in6_ifstat_inc(origifp, ifs6_out_discard); 848 if (error == 0) 849 error = EHOSTUNREACH; /* XXX */ 850 goto bad; 851 } 852 /* All scope ID checks are successful. */ 853 854 if (nh && !IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) { 855 if (opt && opt->ip6po_nextroute.ro_nh) { 856 /* 857 * The nexthop is explicitly specified by the 858 * application. We assume the next hop is an IPv6 859 * address. 860 */ 861 dst = (struct sockaddr_in6 *)opt->ip6po_nexthop; 862 } 863 else if ((nh->nh_flags & NHF_GATEWAY)) 864 dst = &nh->gw6_sa; 865 } 866 867 if (!IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) { 868 m->m_flags &= ~(M_BCAST | M_MCAST); /* Just in case. */ 869 } else { 870 m->m_flags = (m->m_flags & ~M_BCAST) | M_MCAST; 871 in6_ifstat_inc(ifp, ifs6_out_mcast); 872 873 /* Confirm that the outgoing interface supports multicast. */ 874 if (!(ifp->if_flags & IFF_MULTICAST)) { 875 IP6STAT_INC(ip6s_noroute); 876 in6_ifstat_inc(ifp, ifs6_out_discard); 877 error = ENETUNREACH; 878 goto bad; 879 } 880 if ((im6o == NULL && in6_mcast_loop) || 881 (im6o && im6o->im6o_multicast_loop)) { 882 /* 883 * Loop back multicast datagram if not expressly 884 * forbidden to do so, even if we have not joined 885 * the address; protocols will filter it later, 886 * thus deferring a hash lookup and lock acquisition 887 * at the expense of an m_copym(). 888 */ 889 ip6_mloopback(ifp, m); 890 } else { 891 /* 892 * If we are acting as a multicast router, perform 893 * multicast forwarding as if the packet had just 894 * arrived on the interface to which we are about 895 * to send. The multicast forwarding function 896 * recursively calls this function, using the 897 * IPV6_FORWARDING flag to prevent infinite recursion. 898 * 899 * Multicasts that are looped back by ip6_mloopback(), 900 * above, will be forwarded by the ip6_input() routine, 901 * if necessary. 902 */ 903 if (V_ip6_mrouter && (flags & IPV6_FORWARDING) == 0) { 904 /* 905 * XXX: ip6_mforward expects that rcvif is NULL 906 * when it is called from the originating path. 907 * However, it may not always be the case. 908 */ 909 m->m_pkthdr.rcvif = NULL; 910 if (ip6_mforward(ip6, ifp, m) != 0) { 911 m_freem(m); 912 goto done; 913 } 914 } 915 } 916 /* 917 * Multicasts with a hoplimit of zero may be looped back, 918 * above, but must not be transmitted on a network. 919 * Also, multicasts addressed to the loopback interface 920 * are not sent -- the above call to ip6_mloopback() will 921 * loop back a copy if this host actually belongs to the 922 * destination group on the loopback interface. 923 */ 924 if (ip6->ip6_hlim == 0 || (ifp->if_flags & IFF_LOOPBACK) || 925 IN6_IS_ADDR_MC_INTFACELOCAL(&ip6->ip6_dst)) { 926 m_freem(m); 927 goto done; 928 } 929 } 930 931 /* 932 * Fill the outgoing inteface to tell the upper layer 933 * to increment per-interface statistics. 934 */ 935 if (ifpp) 936 *ifpp = ifp; 937 938 /* Determine path MTU. */ 939 if ((error = ip6_getpmtu(ro_pmtu, ro != ro_pmtu, ifp, &ip6->ip6_dst, 940 &mtu, &alwaysfrag, fibnum, *nexthdrp)) != 0) 941 goto bad; 942 KASSERT(mtu > 0, ("%s:%d: mtu %ld, ro_pmtu %p ro %p ifp %p " 943 "alwaysfrag %d fibnum %u\n", __func__, __LINE__, mtu, ro_pmtu, ro, 944 ifp, alwaysfrag, fibnum)); 945 946 /* 947 * The caller of this function may specify to use the minimum MTU 948 * in some cases. 949 * An advanced API option (IPV6_USE_MIN_MTU) can also override MTU 950 * setting. The logic is a bit complicated; by default, unicast 951 * packets will follow path MTU while multicast packets will be sent at 952 * the minimum MTU. If IP6PO_MINMTU_ALL is specified, all packets 953 * including unicast ones will be sent at the minimum MTU. Multicast 954 * packets will always be sent at the minimum MTU unless 955 * IP6PO_MINMTU_DISABLE is explicitly specified. 956 * See RFC 3542 for more details. 957 */ 958 if (mtu > IPV6_MMTU) { 959 if ((flags & IPV6_MINMTU)) 960 mtu = IPV6_MMTU; 961 else if (opt && opt->ip6po_minmtu == IP6PO_MINMTU_ALL) 962 mtu = IPV6_MMTU; 963 else if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) && 964 (opt == NULL || 965 opt->ip6po_minmtu != IP6PO_MINMTU_DISABLE)) { 966 mtu = IPV6_MMTU; 967 } 968 } 969 970 /* 971 * Clear embedded scope identifiers if necessary. 972 * in6_clearscope() will touch the addresses only when necessary. 973 */ 974 in6_clearscope(&ip6->ip6_src); 975 in6_clearscope(&ip6->ip6_dst); 976 977 /* 978 * If the outgoing packet contains a hop-by-hop options header, 979 * it must be examined and processed even by the source node. 980 * (RFC 2460, section 4.) 981 */ 982 if (exthdrs.ip6e_hbh) { 983 struct ip6_hbh *hbh = mtod(exthdrs.ip6e_hbh, struct ip6_hbh *); 984 u_int32_t dummy; /* XXX unused */ 985 u_int32_t plen = 0; /* XXX: ip6_process will check the value */ 986 987 #ifdef DIAGNOSTIC 988 if ((hbh->ip6h_len + 1) << 3 > exthdrs.ip6e_hbh->m_len) 989 panic("ip6e_hbh is not contiguous"); 990 #endif 991 /* 992 * XXX: if we have to send an ICMPv6 error to the sender, 993 * we need the M_LOOP flag since icmp6_error() expects 994 * the IPv6 and the hop-by-hop options header are 995 * contiguous unless the flag is set. 996 */ 997 m->m_flags |= M_LOOP; 998 m->m_pkthdr.rcvif = ifp; 999 if (ip6_process_hopopts(m, (u_int8_t *)(hbh + 1), 1000 ((hbh->ip6h_len + 1) << 3) - sizeof(struct ip6_hbh), 1001 &dummy, &plen) < 0) { 1002 /* m was already freed at this point. */ 1003 error = EINVAL;/* better error? */ 1004 goto done; 1005 } 1006 m->m_flags &= ~M_LOOP; /* XXX */ 1007 m->m_pkthdr.rcvif = NULL; 1008 } 1009 1010 /* Jump over all PFIL processing if hooks are not active. */ 1011 if (!PFIL_HOOKED_OUT(V_inet6_pfil_head)) 1012 goto passout; 1013 1014 odst = ip6->ip6_dst; 1015 /* Run through list of hooks for output packets. */ 1016 switch (pfil_mbuf_out(V_inet6_pfil_head, &m, ifp, inp)) { 1017 case PFIL_PASS: 1018 ip6 = mtod(m, struct ip6_hdr *); 1019 break; 1020 case PFIL_DROPPED: 1021 error = EACCES; 1022 /* FALLTHROUGH */ 1023 case PFIL_CONSUMED: 1024 goto done; 1025 } 1026 1027 needfiblookup = 0; 1028 /* See if destination IP address was changed by packet filter. */ 1029 if (!IN6_ARE_ADDR_EQUAL(&odst, &ip6->ip6_dst)) { 1030 m->m_flags |= M_SKIP_FIREWALL; 1031 /* If destination is now ourself drop to ip6_input(). */ 1032 if (in6_localip(&ip6->ip6_dst)) { 1033 m->m_flags |= M_FASTFWD_OURS; 1034 if (m->m_pkthdr.rcvif == NULL) 1035 m->m_pkthdr.rcvif = V_loif; 1036 if (m->m_pkthdr.csum_flags & CSUM_DELAY_DATA_IPV6) { 1037 m->m_pkthdr.csum_flags |= 1038 CSUM_DATA_VALID_IPV6 | CSUM_PSEUDO_HDR; 1039 m->m_pkthdr.csum_data = 0xffff; 1040 } 1041 #if defined(SCTP) || defined(SCTP_SUPPORT) 1042 if (m->m_pkthdr.csum_flags & CSUM_SCTP_IPV6) 1043 m->m_pkthdr.csum_flags |= CSUM_SCTP_VALID; 1044 #endif 1045 error = netisr_queue(NETISR_IPV6, m); 1046 goto done; 1047 } else { 1048 if (ro != NULL) 1049 RO_INVALIDATE_CACHE(ro); 1050 needfiblookup = 1; /* Redo the routing table lookup. */ 1051 } 1052 } 1053 /* See if fib was changed by packet filter. */ 1054 if (fibnum != M_GETFIB(m)) { 1055 m->m_flags |= M_SKIP_FIREWALL; 1056 fibnum = M_GETFIB(m); 1057 if (ro != NULL) 1058 RO_INVALIDATE_CACHE(ro); 1059 needfiblookup = 1; 1060 } 1061 if (needfiblookup) 1062 goto again; 1063 1064 /* See if local, if yes, send it to netisr. */ 1065 if (m->m_flags & M_FASTFWD_OURS) { 1066 if (m->m_pkthdr.rcvif == NULL) 1067 m->m_pkthdr.rcvif = V_loif; 1068 if (m->m_pkthdr.csum_flags & CSUM_DELAY_DATA_IPV6) { 1069 m->m_pkthdr.csum_flags |= 1070 CSUM_DATA_VALID_IPV6 | CSUM_PSEUDO_HDR; 1071 m->m_pkthdr.csum_data = 0xffff; 1072 } 1073 #if defined(SCTP) || defined(SCTP_SUPPORT) 1074 if (m->m_pkthdr.csum_flags & CSUM_SCTP_IPV6) 1075 m->m_pkthdr.csum_flags |= CSUM_SCTP_VALID; 1076 #endif 1077 error = netisr_queue(NETISR_IPV6, m); 1078 goto done; 1079 } 1080 /* Or forward to some other address? */ 1081 if ((m->m_flags & M_IP6_NEXTHOP) && 1082 (fwd_tag = m_tag_find(m, PACKET_TAG_IPFORWARD, NULL)) != NULL) { 1083 if (ro != NULL) 1084 dst = (struct sockaddr_in6 *)&ro->ro_dst; 1085 else 1086 dst = &sin6; 1087 bcopy((fwd_tag+1), &dst_sa, sizeof(struct sockaddr_in6)); 1088 m->m_flags |= M_SKIP_FIREWALL; 1089 m->m_flags &= ~M_IP6_NEXTHOP; 1090 m_tag_delete(m, fwd_tag); 1091 goto again; 1092 } 1093 1094 passout: 1095 if (vlan_pcp > -1) 1096 EVL_APPLY_PRI(m, vlan_pcp); 1097 1098 /* Ensure the packet data is mapped if the interface requires it. */ 1099 if ((ifp->if_capenable & IFCAP_MEXTPG) == 0) { 1100 m = mb_unmapped_to_ext(m); 1101 if (m == NULL) { 1102 IP6STAT_INC(ip6s_odropped); 1103 return (ENOBUFS); 1104 } 1105 } 1106 1107 /* 1108 * Send the packet to the outgoing interface. 1109 * If necessary, do IPv6 fragmentation before sending. 1110 * 1111 * The logic here is rather complex: 1112 * 1: normal case (dontfrag == 0, alwaysfrag == 0) 1113 * 1-a: send as is if tlen <= path mtu 1114 * 1-b: fragment if tlen > path mtu 1115 * 1116 * 2: if user asks us not to fragment (dontfrag == 1) 1117 * 2-a: send as is if tlen <= interface mtu 1118 * 2-b: error if tlen > interface mtu 1119 * 1120 * 3: if we always need to attach fragment header (alwaysfrag == 1) 1121 * always fragment 1122 * 1123 * 4: if dontfrag == 1 && alwaysfrag == 1 1124 * error, as we cannot handle this conflicting request. 1125 */ 1126 sw_csum = m->m_pkthdr.csum_flags; 1127 if (!hdrsplit) { 1128 tso = ((sw_csum & ifp->if_hwassist & 1129 (CSUM_TSO | CSUM_INNER_TSO)) != 0) ? 1 : 0; 1130 sw_csum &= ~ifp->if_hwassist; 1131 } else 1132 tso = 0; 1133 /* 1134 * If we added extension headers, we will not do TSO and calculate the 1135 * checksums ourselves for now. 1136 * XXX-BZ Need a framework to know when the NIC can handle it, even 1137 * with ext. hdrs. 1138 */ 1139 ip6_output_delayed_csum(m, ifp, sw_csum, plen, optlen); 1140 /* XXX-BZ m->m_pkthdr.csum_flags &= ~ifp->if_hwassist; */ 1141 tlen = m->m_pkthdr.len; 1142 1143 if ((opt && (opt->ip6po_flags & IP6PO_DONTFRAG)) || tso) 1144 dontfrag = 1; 1145 else 1146 dontfrag = 0; 1147 if (dontfrag && alwaysfrag) { /* Case 4. */ 1148 /* Conflicting request - can't transmit. */ 1149 error = EMSGSIZE; 1150 goto bad; 1151 } 1152 if (dontfrag && tlen > IN6_LINKMTU(ifp) && !tso) { /* Case 2-b. */ 1153 /* 1154 * Even if the DONTFRAG option is specified, we cannot send the 1155 * packet when the data length is larger than the MTU of the 1156 * outgoing interface. 1157 * Notify the error by sending IPV6_PATHMTU ancillary data if 1158 * application wanted to know the MTU value. Also return an 1159 * error code (this is not described in the API spec). 1160 */ 1161 if (inp != NULL) 1162 ip6_notify_pmtu(inp, &dst_sa, (u_int32_t)mtu); 1163 error = EMSGSIZE; 1164 goto bad; 1165 } 1166 1167 /* Transmit packet without fragmentation. */ 1168 if (dontfrag || (!alwaysfrag && tlen <= mtu)) { /* Cases 1-a and 2-a. */ 1169 struct in6_ifaddr *ia6; 1170 1171 ip6 = mtod(m, struct ip6_hdr *); 1172 ia6 = in6_ifawithifp(ifp, &ip6->ip6_src); 1173 if (ia6) { 1174 /* Record statistics for this interface address. */ 1175 counter_u64_add(ia6->ia_ifa.ifa_opackets, 1); 1176 counter_u64_add(ia6->ia_ifa.ifa_obytes, 1177 m->m_pkthdr.len); 1178 } 1179 error = ip6_output_send(inp, ifp, origifp, m, dst, ro, 1180 (flags & IP_NO_SND_TAG_RL) ? false : true); 1181 goto done; 1182 } 1183 1184 /* Try to fragment the packet. Cases 1-b and 3. */ 1185 if (mtu < IPV6_MMTU) { 1186 /* Path MTU cannot be less than IPV6_MMTU. */ 1187 error = EMSGSIZE; 1188 in6_ifstat_inc(ifp, ifs6_out_fragfail); 1189 goto bad; 1190 } else if (ip6->ip6_plen == 0) { 1191 /* Jumbo payload cannot be fragmented. */ 1192 error = EMSGSIZE; 1193 in6_ifstat_inc(ifp, ifs6_out_fragfail); 1194 goto bad; 1195 } else { 1196 u_char nextproto; 1197 1198 /* 1199 * Too large for the destination or interface; 1200 * fragment if possible. 1201 * Must be able to put at least 8 bytes per fragment. 1202 */ 1203 if (mtu > IPV6_MAXPACKET) 1204 mtu = IPV6_MAXPACKET; 1205 1206 len = (mtu - unfragpartlen - sizeof(struct ip6_frag)) & ~7; 1207 if (len < 8) { 1208 error = EMSGSIZE; 1209 in6_ifstat_inc(ifp, ifs6_out_fragfail); 1210 goto bad; 1211 } 1212 1213 /* 1214 * If the interface will not calculate checksums on 1215 * fragmented packets, then do it here. 1216 * XXX-BZ handle the hw offloading case. Need flags. 1217 */ 1218 ip6_output_delayed_csum(m, ifp, m->m_pkthdr.csum_flags, plen, 1219 optlen); 1220 1221 /* 1222 * Change the next header field of the last header in the 1223 * unfragmentable part. 1224 */ 1225 if (exthdrs.ip6e_rthdr) { 1226 nextproto = *mtod(exthdrs.ip6e_rthdr, u_char *); 1227 *mtod(exthdrs.ip6e_rthdr, u_char *) = IPPROTO_FRAGMENT; 1228 } else if (exthdrs.ip6e_dest1) { 1229 nextproto = *mtod(exthdrs.ip6e_dest1, u_char *); 1230 *mtod(exthdrs.ip6e_dest1, u_char *) = IPPROTO_FRAGMENT; 1231 } else if (exthdrs.ip6e_hbh) { 1232 nextproto = *mtod(exthdrs.ip6e_hbh, u_char *); 1233 *mtod(exthdrs.ip6e_hbh, u_char *) = IPPROTO_FRAGMENT; 1234 } else { 1235 ip6 = mtod(m, struct ip6_hdr *); 1236 nextproto = ip6->ip6_nxt; 1237 ip6->ip6_nxt = IPPROTO_FRAGMENT; 1238 } 1239 1240 /* 1241 * Loop through length of segment after first fragment, 1242 * make new header and copy data of each part and link onto 1243 * chain. 1244 */ 1245 m0 = m; 1246 id = htonl(ip6_randomid()); 1247 error = ip6_fragment(ifp, m, unfragpartlen, nextproto,len, id); 1248 if (error != 0) 1249 goto sendorfree; 1250 1251 in6_ifstat_inc(ifp, ifs6_out_fragok); 1252 } 1253 1254 /* Remove leading garbage. */ 1255 sendorfree: 1256 m = m0->m_nextpkt; 1257 m0->m_nextpkt = 0; 1258 m_freem(m0); 1259 for (; m; m = m0) { 1260 m0 = m->m_nextpkt; 1261 m->m_nextpkt = 0; 1262 if (error == 0) { 1263 /* Record statistics for this interface address. */ 1264 if (ia) { 1265 counter_u64_add(ia->ia_ifa.ifa_opackets, 1); 1266 counter_u64_add(ia->ia_ifa.ifa_obytes, 1267 m->m_pkthdr.len); 1268 } 1269 if (vlan_pcp > -1) 1270 EVL_APPLY_PRI(m, vlan_pcp); 1271 error = ip6_output_send(inp, ifp, origifp, m, dst, ro, 1272 true); 1273 } else 1274 m_freem(m); 1275 } 1276 1277 if (error == 0) 1278 IP6STAT_INC(ip6s_fragmented); 1279 1280 done: 1281 return (error); 1282 1283 freehdrs: 1284 m_freem(exthdrs.ip6e_hbh); /* m_freem() checks if mbuf is NULL. */ 1285 m_freem(exthdrs.ip6e_dest1); 1286 m_freem(exthdrs.ip6e_rthdr); 1287 m_freem(exthdrs.ip6e_dest2); 1288 /* FALLTHROUGH */ 1289 bad: 1290 if (m) 1291 m_freem(m); 1292 goto done; 1293 } 1294 1295 static int 1296 ip6_copyexthdr(struct mbuf **mp, caddr_t hdr, int hlen) 1297 { 1298 struct mbuf *m; 1299 1300 if (hlen > MCLBYTES) 1301 return (ENOBUFS); /* XXX */ 1302 1303 if (hlen > MLEN) 1304 m = m_getcl(M_NOWAIT, MT_DATA, 0); 1305 else 1306 m = m_get(M_NOWAIT, MT_DATA); 1307 if (m == NULL) 1308 return (ENOBUFS); 1309 m->m_len = hlen; 1310 if (hdr) 1311 bcopy(hdr, mtod(m, caddr_t), hlen); 1312 1313 *mp = m; 1314 return (0); 1315 } 1316 1317 /* 1318 * Insert jumbo payload option. 1319 */ 1320 static int 1321 ip6_insert_jumboopt(struct ip6_exthdrs *exthdrs, u_int32_t plen) 1322 { 1323 struct mbuf *mopt; 1324 u_char *optbuf; 1325 u_int32_t v; 1326 1327 #define JUMBOOPTLEN 8 /* length of jumbo payload option and padding */ 1328 1329 /* 1330 * If there is no hop-by-hop options header, allocate new one. 1331 * If there is one but it doesn't have enough space to store the 1332 * jumbo payload option, allocate a cluster to store the whole options. 1333 * Otherwise, use it to store the options. 1334 */ 1335 if (exthdrs->ip6e_hbh == NULL) { 1336 mopt = m_get(M_NOWAIT, MT_DATA); 1337 if (mopt == NULL) 1338 return (ENOBUFS); 1339 mopt->m_len = JUMBOOPTLEN; 1340 optbuf = mtod(mopt, u_char *); 1341 optbuf[1] = 0; /* = ((JUMBOOPTLEN) >> 3) - 1 */ 1342 exthdrs->ip6e_hbh = mopt; 1343 } else { 1344 struct ip6_hbh *hbh; 1345 1346 mopt = exthdrs->ip6e_hbh; 1347 if (M_TRAILINGSPACE(mopt) < JUMBOOPTLEN) { 1348 /* 1349 * XXX assumption: 1350 * - exthdrs->ip6e_hbh is not referenced from places 1351 * other than exthdrs. 1352 * - exthdrs->ip6e_hbh is not an mbuf chain. 1353 */ 1354 int oldoptlen = mopt->m_len; 1355 struct mbuf *n; 1356 1357 /* 1358 * XXX: give up if the whole (new) hbh header does 1359 * not fit even in an mbuf cluster. 1360 */ 1361 if (oldoptlen + JUMBOOPTLEN > MCLBYTES) 1362 return (ENOBUFS); 1363 1364 /* 1365 * As a consequence, we must always prepare a cluster 1366 * at this point. 1367 */ 1368 n = m_getcl(M_NOWAIT, MT_DATA, 0); 1369 if (n == NULL) 1370 return (ENOBUFS); 1371 n->m_len = oldoptlen + JUMBOOPTLEN; 1372 bcopy(mtod(mopt, caddr_t), mtod(n, caddr_t), 1373 oldoptlen); 1374 optbuf = mtod(n, caddr_t) + oldoptlen; 1375 m_freem(mopt); 1376 mopt = exthdrs->ip6e_hbh = n; 1377 } else { 1378 optbuf = mtod(mopt, u_char *) + mopt->m_len; 1379 mopt->m_len += JUMBOOPTLEN; 1380 } 1381 optbuf[0] = IP6OPT_PADN; 1382 optbuf[1] = 1; 1383 1384 /* 1385 * Adjust the header length according to the pad and 1386 * the jumbo payload option. 1387 */ 1388 hbh = mtod(mopt, struct ip6_hbh *); 1389 hbh->ip6h_len += (JUMBOOPTLEN >> 3); 1390 } 1391 1392 /* fill in the option. */ 1393 optbuf[2] = IP6OPT_JUMBO; 1394 optbuf[3] = 4; 1395 v = (u_int32_t)htonl(plen + JUMBOOPTLEN); 1396 bcopy(&v, &optbuf[4], sizeof(u_int32_t)); 1397 1398 /* finally, adjust the packet header length */ 1399 exthdrs->ip6e_ip6->m_pkthdr.len += JUMBOOPTLEN; 1400 1401 return (0); 1402 #undef JUMBOOPTLEN 1403 } 1404 1405 /* 1406 * Insert fragment header and copy unfragmentable header portions. 1407 */ 1408 static int 1409 ip6_insertfraghdr(struct mbuf *m0, struct mbuf *m, int hlen, 1410 struct ip6_frag **frghdrp) 1411 { 1412 struct mbuf *n, *mlast; 1413 1414 if (hlen > sizeof(struct ip6_hdr)) { 1415 n = m_copym(m0, sizeof(struct ip6_hdr), 1416 hlen - sizeof(struct ip6_hdr), M_NOWAIT); 1417 if (n == NULL) 1418 return (ENOBUFS); 1419 m->m_next = n; 1420 } else 1421 n = m; 1422 1423 /* Search for the last mbuf of unfragmentable part. */ 1424 for (mlast = n; mlast->m_next; mlast = mlast->m_next) 1425 ; 1426 1427 if (M_WRITABLE(mlast) && 1428 M_TRAILINGSPACE(mlast) >= sizeof(struct ip6_frag)) { 1429 /* use the trailing space of the last mbuf for the fragment hdr */ 1430 *frghdrp = (struct ip6_frag *)(mtod(mlast, caddr_t) + 1431 mlast->m_len); 1432 mlast->m_len += sizeof(struct ip6_frag); 1433 m->m_pkthdr.len += sizeof(struct ip6_frag); 1434 } else { 1435 /* allocate a new mbuf for the fragment header */ 1436 struct mbuf *mfrg; 1437 1438 mfrg = m_get(M_NOWAIT, MT_DATA); 1439 if (mfrg == NULL) 1440 return (ENOBUFS); 1441 mfrg->m_len = sizeof(struct ip6_frag); 1442 *frghdrp = mtod(mfrg, struct ip6_frag *); 1443 mlast->m_next = mfrg; 1444 } 1445 1446 return (0); 1447 } 1448 1449 /* 1450 * Calculates IPv6 path mtu for destination @dst. 1451 * Resulting MTU is stored in @mtup. 1452 * 1453 * Returns 0 on success. 1454 */ 1455 static int 1456 ip6_getpmtu_ctl(u_int fibnum, const struct in6_addr *dst, u_long *mtup) 1457 { 1458 struct epoch_tracker et; 1459 struct nhop_object *nh; 1460 struct in6_addr kdst; 1461 uint32_t scopeid; 1462 int error; 1463 1464 in6_splitscope(dst, &kdst, &scopeid); 1465 1466 NET_EPOCH_ENTER(et); 1467 nh = fib6_lookup(fibnum, &kdst, scopeid, NHR_NONE, 0); 1468 if (nh != NULL) 1469 error = ip6_calcmtu(nh->nh_ifp, dst, nh->nh_mtu, mtup, NULL, 0); 1470 else 1471 error = EHOSTUNREACH; 1472 NET_EPOCH_EXIT(et); 1473 1474 return (error); 1475 } 1476 1477 /* 1478 * Calculates IPv6 path MTU for @dst based on transmit @ifp, 1479 * and cached data in @ro_pmtu. 1480 * MTU from (successful) route lookup is saved (along with dst) 1481 * inside @ro_pmtu to avoid subsequent route lookups after packet 1482 * filter processing. 1483 * 1484 * Stores mtu and always-frag value into @mtup and @alwaysfragp. 1485 * Returns 0 on success. 1486 */ 1487 static int 1488 ip6_getpmtu(struct route_in6 *ro_pmtu, int do_lookup, 1489 struct ifnet *ifp, const struct in6_addr *dst, u_long *mtup, 1490 int *alwaysfragp, u_int fibnum, u_int proto) 1491 { 1492 struct nhop_object *nh; 1493 struct in6_addr kdst; 1494 uint32_t scopeid; 1495 struct sockaddr_in6 *sa6_dst, sin6; 1496 u_long mtu; 1497 1498 NET_EPOCH_ASSERT(); 1499 1500 mtu = 0; 1501 if (ro_pmtu == NULL || do_lookup) { 1502 /* 1503 * Here ro_pmtu has final destination address, while 1504 * ro might represent immediate destination. 1505 * Use ro_pmtu destination since mtu might differ. 1506 */ 1507 if (ro_pmtu != NULL) { 1508 sa6_dst = (struct sockaddr_in6 *)&ro_pmtu->ro_dst; 1509 if (!IN6_ARE_ADDR_EQUAL(&sa6_dst->sin6_addr, dst)) 1510 ro_pmtu->ro_mtu = 0; 1511 } else 1512 sa6_dst = &sin6; 1513 1514 if (ro_pmtu == NULL || ro_pmtu->ro_mtu == 0) { 1515 bzero(sa6_dst, sizeof(*sa6_dst)); 1516 sa6_dst->sin6_family = AF_INET6; 1517 sa6_dst->sin6_len = sizeof(struct sockaddr_in6); 1518 sa6_dst->sin6_addr = *dst; 1519 1520 in6_splitscope(dst, &kdst, &scopeid); 1521 nh = fib6_lookup(fibnum, &kdst, scopeid, NHR_NONE, 0); 1522 if (nh != NULL) { 1523 mtu = nh->nh_mtu; 1524 if (ro_pmtu != NULL) 1525 ro_pmtu->ro_mtu = mtu; 1526 } 1527 } else 1528 mtu = ro_pmtu->ro_mtu; 1529 } 1530 1531 if (ro_pmtu != NULL && ro_pmtu->ro_nh != NULL) 1532 mtu = ro_pmtu->ro_nh->nh_mtu; 1533 1534 return (ip6_calcmtu(ifp, dst, mtu, mtup, alwaysfragp, proto)); 1535 } 1536 1537 /* 1538 * Calculate MTU based on transmit @ifp, route mtu @rt_mtu and 1539 * hostcache data for @dst. 1540 * Stores mtu and always-frag value into @mtup and @alwaysfragp. 1541 * 1542 * Returns 0 on success. 1543 */ 1544 static int 1545 ip6_calcmtu(struct ifnet *ifp, const struct in6_addr *dst, u_long rt_mtu, 1546 u_long *mtup, int *alwaysfragp, u_int proto) 1547 { 1548 u_long mtu = 0; 1549 int alwaysfrag = 0; 1550 int error = 0; 1551 1552 if (rt_mtu > 0) { 1553 u_int32_t ifmtu; 1554 struct in_conninfo inc; 1555 1556 bzero(&inc, sizeof(inc)); 1557 inc.inc_flags |= INC_ISIPV6; 1558 inc.inc6_faddr = *dst; 1559 1560 ifmtu = IN6_LINKMTU(ifp); 1561 1562 /* TCP is known to react to pmtu changes so skip hc */ 1563 if (proto != IPPROTO_TCP) 1564 mtu = tcp_hc_getmtu(&inc); 1565 1566 if (mtu) 1567 mtu = min(mtu, rt_mtu); 1568 else 1569 mtu = rt_mtu; 1570 if (mtu == 0) 1571 mtu = ifmtu; 1572 else if (mtu < IPV6_MMTU) { 1573 /* 1574 * RFC2460 section 5, last paragraph: 1575 * if we record ICMPv6 too big message with 1576 * mtu < IPV6_MMTU, transmit packets sized IPV6_MMTU 1577 * or smaller, with framgent header attached. 1578 * (fragment header is needed regardless from the 1579 * packet size, for translators to identify packets) 1580 */ 1581 alwaysfrag = 1; 1582 mtu = IPV6_MMTU; 1583 } 1584 } else if (ifp) { 1585 mtu = IN6_LINKMTU(ifp); 1586 } else 1587 error = EHOSTUNREACH; /* XXX */ 1588 1589 *mtup = mtu; 1590 if (alwaysfragp) 1591 *alwaysfragp = alwaysfrag; 1592 return (error); 1593 } 1594 1595 /* 1596 * IP6 socket option processing. 1597 */ 1598 int 1599 ip6_ctloutput(struct socket *so, struct sockopt *sopt) 1600 { 1601 int optdatalen, uproto; 1602 void *optdata; 1603 struct inpcb *inp = sotoinpcb(so); 1604 int error, optval; 1605 int level, op, optname; 1606 int optlen; 1607 struct thread *td; 1608 #ifdef RSS 1609 uint32_t rss_bucket; 1610 int retval; 1611 #endif 1612 1613 /* 1614 * Don't use more than a quarter of mbuf clusters. N.B.: 1615 * nmbclusters is an int, but nmbclusters * MCLBYTES may overflow 1616 * on LP64 architectures, so cast to u_long to avoid undefined 1617 * behavior. ILP32 architectures cannot have nmbclusters 1618 * large enough to overflow for other reasons. 1619 */ 1620 #define IPV6_PKTOPTIONS_MBUF_LIMIT ((u_long)nmbclusters * MCLBYTES / 4) 1621 1622 level = sopt->sopt_level; 1623 op = sopt->sopt_dir; 1624 optname = sopt->sopt_name; 1625 optlen = sopt->sopt_valsize; 1626 td = sopt->sopt_td; 1627 error = 0; 1628 optval = 0; 1629 uproto = (int)so->so_proto->pr_protocol; 1630 1631 if (level != IPPROTO_IPV6) { 1632 error = EINVAL; 1633 1634 if (sopt->sopt_level == SOL_SOCKET && 1635 sopt->sopt_dir == SOPT_SET) { 1636 switch (sopt->sopt_name) { 1637 case SO_REUSEADDR: 1638 INP_WLOCK(inp); 1639 if ((so->so_options & SO_REUSEADDR) != 0) 1640 inp->inp_flags2 |= INP_REUSEADDR; 1641 else 1642 inp->inp_flags2 &= ~INP_REUSEADDR; 1643 INP_WUNLOCK(inp); 1644 error = 0; 1645 break; 1646 case SO_REUSEPORT: 1647 INP_WLOCK(inp); 1648 if ((so->so_options & SO_REUSEPORT) != 0) 1649 inp->inp_flags2 |= INP_REUSEPORT; 1650 else 1651 inp->inp_flags2 &= ~INP_REUSEPORT; 1652 INP_WUNLOCK(inp); 1653 error = 0; 1654 break; 1655 case SO_REUSEPORT_LB: 1656 INP_WLOCK(inp); 1657 if ((so->so_options & SO_REUSEPORT_LB) != 0) 1658 inp->inp_flags2 |= INP_REUSEPORT_LB; 1659 else 1660 inp->inp_flags2 &= ~INP_REUSEPORT_LB; 1661 INP_WUNLOCK(inp); 1662 error = 0; 1663 break; 1664 case SO_SETFIB: 1665 INP_WLOCK(inp); 1666 inp->inp_inc.inc_fibnum = so->so_fibnum; 1667 INP_WUNLOCK(inp); 1668 error = 0; 1669 break; 1670 case SO_MAX_PACING_RATE: 1671 #ifdef RATELIMIT 1672 INP_WLOCK(inp); 1673 inp->inp_flags2 |= INP_RATE_LIMIT_CHANGED; 1674 INP_WUNLOCK(inp); 1675 error = 0; 1676 #else 1677 error = EOPNOTSUPP; 1678 #endif 1679 break; 1680 default: 1681 break; 1682 } 1683 } 1684 } else { /* level == IPPROTO_IPV6 */ 1685 switch (op) { 1686 case SOPT_SET: 1687 switch (optname) { 1688 case IPV6_2292PKTOPTIONS: 1689 #ifdef IPV6_PKTOPTIONS 1690 case IPV6_PKTOPTIONS: 1691 #endif 1692 { 1693 struct mbuf *m; 1694 1695 if (optlen > IPV6_PKTOPTIONS_MBUF_LIMIT) { 1696 printf("ip6_ctloutput: mbuf limit hit\n"); 1697 error = ENOBUFS; 1698 break; 1699 } 1700 1701 error = soopt_getm(sopt, &m); /* XXX */ 1702 if (error != 0) 1703 break; 1704 error = soopt_mcopyin(sopt, m); /* XXX */ 1705 if (error != 0) 1706 break; 1707 INP_WLOCK(inp); 1708 error = ip6_pcbopts(&inp->in6p_outputopts, m, 1709 so, sopt); 1710 INP_WUNLOCK(inp); 1711 m_freem(m); /* XXX */ 1712 break; 1713 } 1714 1715 /* 1716 * Use of some Hop-by-Hop options or some 1717 * Destination options, might require special 1718 * privilege. That is, normal applications 1719 * (without special privilege) might be forbidden 1720 * from setting certain options in outgoing packets, 1721 * and might never see certain options in received 1722 * packets. [RFC 2292 Section 6] 1723 * KAME specific note: 1724 * KAME prevents non-privileged users from sending or 1725 * receiving ANY hbh/dst options in order to avoid 1726 * overhead of parsing options in the kernel. 1727 */ 1728 case IPV6_RECVHOPOPTS: 1729 case IPV6_RECVDSTOPTS: 1730 case IPV6_RECVRTHDRDSTOPTS: 1731 if (td != NULL) { 1732 error = priv_check(td, 1733 PRIV_NETINET_SETHDROPTS); 1734 if (error) 1735 break; 1736 } 1737 /* FALLTHROUGH */ 1738 case IPV6_UNICAST_HOPS: 1739 case IPV6_HOPLIMIT: 1740 1741 case IPV6_RECVPKTINFO: 1742 case IPV6_RECVHOPLIMIT: 1743 case IPV6_RECVRTHDR: 1744 case IPV6_RECVPATHMTU: 1745 case IPV6_RECVTCLASS: 1746 case IPV6_RECVFLOWID: 1747 #ifdef RSS 1748 case IPV6_RECVRSSBUCKETID: 1749 #endif 1750 case IPV6_V6ONLY: 1751 case IPV6_AUTOFLOWLABEL: 1752 case IPV6_ORIGDSTADDR: 1753 case IPV6_BINDANY: 1754 case IPV6_BINDMULTI: 1755 #ifdef RSS 1756 case IPV6_RSS_LISTEN_BUCKET: 1757 #endif 1758 case IPV6_VLAN_PCP: 1759 if (optname == IPV6_BINDANY && td != NULL) { 1760 error = priv_check(td, 1761 PRIV_NETINET_BINDANY); 1762 if (error) 1763 break; 1764 } 1765 1766 if (optlen != sizeof(int)) { 1767 error = EINVAL; 1768 break; 1769 } 1770 error = sooptcopyin(sopt, &optval, 1771 sizeof optval, sizeof optval); 1772 if (error) 1773 break; 1774 switch (optname) { 1775 case IPV6_UNICAST_HOPS: 1776 if (optval < -1 || optval >= 256) 1777 error = EINVAL; 1778 else { 1779 /* -1 = kernel default */ 1780 inp->in6p_hops = optval; 1781 if ((inp->inp_vflag & 1782 INP_IPV4) != 0) 1783 inp->inp_ip_ttl = optval; 1784 } 1785 break; 1786 #define OPTSET(bit) \ 1787 do { \ 1788 INP_WLOCK(inp); \ 1789 if (optval) \ 1790 inp->inp_flags |= (bit); \ 1791 else \ 1792 inp->inp_flags &= ~(bit); \ 1793 INP_WUNLOCK(inp); \ 1794 } while (/*CONSTCOND*/ 0) 1795 #define OPTSET2292(bit) \ 1796 do { \ 1797 INP_WLOCK(inp); \ 1798 inp->inp_flags |= IN6P_RFC2292; \ 1799 if (optval) \ 1800 inp->inp_flags |= (bit); \ 1801 else \ 1802 inp->inp_flags &= ~(bit); \ 1803 INP_WUNLOCK(inp); \ 1804 } while (/*CONSTCOND*/ 0) 1805 #define OPTBIT(bit) (inp->inp_flags & (bit) ? 1 : 0) 1806 1807 #define OPTSET2_N(bit, val) do { \ 1808 if (val) \ 1809 inp->inp_flags2 |= bit; \ 1810 else \ 1811 inp->inp_flags2 &= ~bit; \ 1812 } while (0) 1813 #define OPTSET2(bit, val) do { \ 1814 INP_WLOCK(inp); \ 1815 OPTSET2_N(bit, val); \ 1816 INP_WUNLOCK(inp); \ 1817 } while (0) 1818 #define OPTBIT2(bit) (inp->inp_flags2 & (bit) ? 1 : 0) 1819 #define OPTSET2292_EXCLUSIVE(bit) \ 1820 do { \ 1821 INP_WLOCK(inp); \ 1822 if (OPTBIT(IN6P_RFC2292)) { \ 1823 error = EINVAL; \ 1824 } else { \ 1825 if (optval) \ 1826 inp->inp_flags |= (bit); \ 1827 else \ 1828 inp->inp_flags &= ~(bit); \ 1829 } \ 1830 INP_WUNLOCK(inp); \ 1831 } while (/*CONSTCOND*/ 0) 1832 1833 case IPV6_RECVPKTINFO: 1834 OPTSET2292_EXCLUSIVE(IN6P_PKTINFO); 1835 break; 1836 1837 case IPV6_HOPLIMIT: 1838 { 1839 struct ip6_pktopts **optp; 1840 1841 /* cannot mix with RFC2292 */ 1842 if (OPTBIT(IN6P_RFC2292)) { 1843 error = EINVAL; 1844 break; 1845 } 1846 INP_WLOCK(inp); 1847 if (inp->inp_flags & INP_DROPPED) { 1848 INP_WUNLOCK(inp); 1849 return (ECONNRESET); 1850 } 1851 optp = &inp->in6p_outputopts; 1852 error = ip6_pcbopt(IPV6_HOPLIMIT, 1853 (u_char *)&optval, sizeof(optval), 1854 optp, (td != NULL) ? td->td_ucred : 1855 NULL, uproto); 1856 INP_WUNLOCK(inp); 1857 break; 1858 } 1859 1860 case IPV6_RECVHOPLIMIT: 1861 OPTSET2292_EXCLUSIVE(IN6P_HOPLIMIT); 1862 break; 1863 1864 case IPV6_RECVHOPOPTS: 1865 OPTSET2292_EXCLUSIVE(IN6P_HOPOPTS); 1866 break; 1867 1868 case IPV6_RECVDSTOPTS: 1869 OPTSET2292_EXCLUSIVE(IN6P_DSTOPTS); 1870 break; 1871 1872 case IPV6_RECVRTHDRDSTOPTS: 1873 OPTSET2292_EXCLUSIVE(IN6P_RTHDRDSTOPTS); 1874 break; 1875 1876 case IPV6_RECVRTHDR: 1877 OPTSET2292_EXCLUSIVE(IN6P_RTHDR); 1878 break; 1879 1880 case IPV6_RECVPATHMTU: 1881 /* 1882 * We ignore this option for TCP 1883 * sockets. 1884 * (RFC3542 leaves this case 1885 * unspecified.) 1886 */ 1887 if (uproto != IPPROTO_TCP) 1888 OPTSET(IN6P_MTU); 1889 break; 1890 1891 case IPV6_RECVFLOWID: 1892 OPTSET2(INP_RECVFLOWID, optval); 1893 break; 1894 1895 #ifdef RSS 1896 case IPV6_RECVRSSBUCKETID: 1897 OPTSET2(INP_RECVRSSBUCKETID, optval); 1898 break; 1899 #endif 1900 1901 case IPV6_V6ONLY: 1902 INP_WLOCK(inp); 1903 if (inp->inp_lport || 1904 !IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { 1905 /* 1906 * The socket is already bound. 1907 */ 1908 INP_WUNLOCK(inp); 1909 error = EINVAL; 1910 break; 1911 } 1912 if (optval) { 1913 inp->inp_flags |= IN6P_IPV6_V6ONLY; 1914 inp->inp_vflag &= ~INP_IPV4; 1915 } else { 1916 inp->inp_flags &= ~IN6P_IPV6_V6ONLY; 1917 inp->inp_vflag |= INP_IPV4; 1918 } 1919 INP_WUNLOCK(inp); 1920 break; 1921 case IPV6_RECVTCLASS: 1922 /* cannot mix with RFC2292 XXX */ 1923 OPTSET2292_EXCLUSIVE(IN6P_TCLASS); 1924 break; 1925 case IPV6_AUTOFLOWLABEL: 1926 OPTSET(IN6P_AUTOFLOWLABEL); 1927 break; 1928 1929 case IPV6_ORIGDSTADDR: 1930 OPTSET2(INP_ORIGDSTADDR, optval); 1931 break; 1932 case IPV6_BINDANY: 1933 OPTSET(INP_BINDANY); 1934 break; 1935 1936 case IPV6_BINDMULTI: 1937 OPTSET2(INP_BINDMULTI, optval); 1938 break; 1939 #ifdef RSS 1940 case IPV6_RSS_LISTEN_BUCKET: 1941 if ((optval >= 0) && 1942 (optval < rss_getnumbuckets())) { 1943 INP_WLOCK(inp); 1944 inp->inp_rss_listen_bucket = optval; 1945 OPTSET2_N(INP_RSS_BUCKET_SET, 1); 1946 INP_WUNLOCK(inp); 1947 } else { 1948 error = EINVAL; 1949 } 1950 break; 1951 #endif 1952 case IPV6_VLAN_PCP: 1953 if ((optval >= -1) && (optval <= 1954 (INP_2PCP_MASK >> INP_2PCP_SHIFT))) { 1955 if (optval == -1) { 1956 INP_WLOCK(inp); 1957 inp->inp_flags2 &= 1958 ~(INP_2PCP_SET | 1959 INP_2PCP_MASK); 1960 INP_WUNLOCK(inp); 1961 } else { 1962 INP_WLOCK(inp); 1963 inp->inp_flags2 |= 1964 INP_2PCP_SET; 1965 inp->inp_flags2 &= 1966 ~INP_2PCP_MASK; 1967 inp->inp_flags2 |= 1968 optval << 1969 INP_2PCP_SHIFT; 1970 INP_WUNLOCK(inp); 1971 } 1972 } else 1973 error = EINVAL; 1974 break; 1975 } 1976 break; 1977 1978 case IPV6_TCLASS: 1979 case IPV6_DONTFRAG: 1980 case IPV6_USE_MIN_MTU: 1981 case IPV6_PREFER_TEMPADDR: 1982 if (optlen != sizeof(optval)) { 1983 error = EINVAL; 1984 break; 1985 } 1986 error = sooptcopyin(sopt, &optval, 1987 sizeof optval, sizeof optval); 1988 if (error) 1989 break; 1990 { 1991 struct ip6_pktopts **optp; 1992 INP_WLOCK(inp); 1993 if (inp->inp_flags & INP_DROPPED) { 1994 INP_WUNLOCK(inp); 1995 return (ECONNRESET); 1996 } 1997 optp = &inp->in6p_outputopts; 1998 error = ip6_pcbopt(optname, 1999 (u_char *)&optval, sizeof(optval), 2000 optp, (td != NULL) ? td->td_ucred : 2001 NULL, uproto); 2002 INP_WUNLOCK(inp); 2003 break; 2004 } 2005 2006 case IPV6_2292PKTINFO: 2007 case IPV6_2292HOPLIMIT: 2008 case IPV6_2292HOPOPTS: 2009 case IPV6_2292DSTOPTS: 2010 case IPV6_2292RTHDR: 2011 /* RFC 2292 */ 2012 if (optlen != sizeof(int)) { 2013 error = EINVAL; 2014 break; 2015 } 2016 error = sooptcopyin(sopt, &optval, 2017 sizeof optval, sizeof optval); 2018 if (error) 2019 break; 2020 switch (optname) { 2021 case IPV6_2292PKTINFO: 2022 OPTSET2292(IN6P_PKTINFO); 2023 break; 2024 case IPV6_2292HOPLIMIT: 2025 OPTSET2292(IN6P_HOPLIMIT); 2026 break; 2027 case IPV6_2292HOPOPTS: 2028 /* 2029 * Check super-user privilege. 2030 * See comments for IPV6_RECVHOPOPTS. 2031 */ 2032 if (td != NULL) { 2033 error = priv_check(td, 2034 PRIV_NETINET_SETHDROPTS); 2035 if (error) 2036 return (error); 2037 } 2038 OPTSET2292(IN6P_HOPOPTS); 2039 break; 2040 case IPV6_2292DSTOPTS: 2041 if (td != NULL) { 2042 error = priv_check(td, 2043 PRIV_NETINET_SETHDROPTS); 2044 if (error) 2045 return (error); 2046 } 2047 OPTSET2292(IN6P_DSTOPTS|IN6P_RTHDRDSTOPTS); /* XXX */ 2048 break; 2049 case IPV6_2292RTHDR: 2050 OPTSET2292(IN6P_RTHDR); 2051 break; 2052 } 2053 break; 2054 case IPV6_PKTINFO: 2055 case IPV6_HOPOPTS: 2056 case IPV6_RTHDR: 2057 case IPV6_DSTOPTS: 2058 case IPV6_RTHDRDSTOPTS: 2059 case IPV6_NEXTHOP: 2060 { 2061 /* new advanced API (RFC3542) */ 2062 u_char *optbuf; 2063 u_char optbuf_storage[MCLBYTES]; 2064 int optlen; 2065 struct ip6_pktopts **optp; 2066 2067 /* cannot mix with RFC2292 */ 2068 if (OPTBIT(IN6P_RFC2292)) { 2069 error = EINVAL; 2070 break; 2071 } 2072 2073 /* 2074 * We only ensure valsize is not too large 2075 * here. Further validation will be done 2076 * later. 2077 */ 2078 error = sooptcopyin(sopt, optbuf_storage, 2079 sizeof(optbuf_storage), 0); 2080 if (error) 2081 break; 2082 optlen = sopt->sopt_valsize; 2083 optbuf = optbuf_storage; 2084 INP_WLOCK(inp); 2085 if (inp->inp_flags & INP_DROPPED) { 2086 INP_WUNLOCK(inp); 2087 return (ECONNRESET); 2088 } 2089 optp = &inp->in6p_outputopts; 2090 error = ip6_pcbopt(optname, optbuf, optlen, 2091 optp, (td != NULL) ? td->td_ucred : NULL, 2092 uproto); 2093 INP_WUNLOCK(inp); 2094 break; 2095 } 2096 #undef OPTSET 2097 2098 case IPV6_MULTICAST_IF: 2099 case IPV6_MULTICAST_HOPS: 2100 case IPV6_MULTICAST_LOOP: 2101 case IPV6_JOIN_GROUP: 2102 case IPV6_LEAVE_GROUP: 2103 case IPV6_MSFILTER: 2104 case MCAST_BLOCK_SOURCE: 2105 case MCAST_UNBLOCK_SOURCE: 2106 case MCAST_JOIN_GROUP: 2107 case MCAST_LEAVE_GROUP: 2108 case MCAST_JOIN_SOURCE_GROUP: 2109 case MCAST_LEAVE_SOURCE_GROUP: 2110 error = ip6_setmoptions(inp, sopt); 2111 break; 2112 2113 case IPV6_PORTRANGE: 2114 error = sooptcopyin(sopt, &optval, 2115 sizeof optval, sizeof optval); 2116 if (error) 2117 break; 2118 2119 INP_WLOCK(inp); 2120 switch (optval) { 2121 case IPV6_PORTRANGE_DEFAULT: 2122 inp->inp_flags &= ~(INP_LOWPORT); 2123 inp->inp_flags &= ~(INP_HIGHPORT); 2124 break; 2125 2126 case IPV6_PORTRANGE_HIGH: 2127 inp->inp_flags &= ~(INP_LOWPORT); 2128 inp->inp_flags |= INP_HIGHPORT; 2129 break; 2130 2131 case IPV6_PORTRANGE_LOW: 2132 inp->inp_flags &= ~(INP_HIGHPORT); 2133 inp->inp_flags |= INP_LOWPORT; 2134 break; 2135 2136 default: 2137 error = EINVAL; 2138 break; 2139 } 2140 INP_WUNLOCK(inp); 2141 break; 2142 2143 #if defined(IPSEC) || defined(IPSEC_SUPPORT) 2144 case IPV6_IPSEC_POLICY: 2145 if (IPSEC_ENABLED(ipv6)) { 2146 error = IPSEC_PCBCTL(ipv6, inp, sopt); 2147 break; 2148 } 2149 /* FALLTHROUGH */ 2150 #endif /* IPSEC */ 2151 2152 default: 2153 error = ENOPROTOOPT; 2154 break; 2155 } 2156 break; 2157 2158 case SOPT_GET: 2159 switch (optname) { 2160 case IPV6_2292PKTOPTIONS: 2161 #ifdef IPV6_PKTOPTIONS 2162 case IPV6_PKTOPTIONS: 2163 #endif 2164 /* 2165 * RFC3542 (effectively) deprecated the 2166 * semantics of the 2292-style pktoptions. 2167 * Since it was not reliable in nature (i.e., 2168 * applications had to expect the lack of some 2169 * information after all), it would make sense 2170 * to simplify this part by always returning 2171 * empty data. 2172 */ 2173 sopt->sopt_valsize = 0; 2174 break; 2175 2176 case IPV6_RECVHOPOPTS: 2177 case IPV6_RECVDSTOPTS: 2178 case IPV6_RECVRTHDRDSTOPTS: 2179 case IPV6_UNICAST_HOPS: 2180 case IPV6_RECVPKTINFO: 2181 case IPV6_RECVHOPLIMIT: 2182 case IPV6_RECVRTHDR: 2183 case IPV6_RECVPATHMTU: 2184 2185 case IPV6_V6ONLY: 2186 case IPV6_PORTRANGE: 2187 case IPV6_RECVTCLASS: 2188 case IPV6_AUTOFLOWLABEL: 2189 case IPV6_BINDANY: 2190 case IPV6_FLOWID: 2191 case IPV6_FLOWTYPE: 2192 case IPV6_RECVFLOWID: 2193 #ifdef RSS 2194 case IPV6_RSSBUCKETID: 2195 case IPV6_RECVRSSBUCKETID: 2196 #endif 2197 case IPV6_BINDMULTI: 2198 case IPV6_VLAN_PCP: 2199 switch (optname) { 2200 case IPV6_RECVHOPOPTS: 2201 optval = OPTBIT(IN6P_HOPOPTS); 2202 break; 2203 2204 case IPV6_RECVDSTOPTS: 2205 optval = OPTBIT(IN6P_DSTOPTS); 2206 break; 2207 2208 case IPV6_RECVRTHDRDSTOPTS: 2209 optval = OPTBIT(IN6P_RTHDRDSTOPTS); 2210 break; 2211 2212 case IPV6_UNICAST_HOPS: 2213 optval = inp->in6p_hops; 2214 break; 2215 2216 case IPV6_RECVPKTINFO: 2217 optval = OPTBIT(IN6P_PKTINFO); 2218 break; 2219 2220 case IPV6_RECVHOPLIMIT: 2221 optval = OPTBIT(IN6P_HOPLIMIT); 2222 break; 2223 2224 case IPV6_RECVRTHDR: 2225 optval = OPTBIT(IN6P_RTHDR); 2226 break; 2227 2228 case IPV6_RECVPATHMTU: 2229 optval = OPTBIT(IN6P_MTU); 2230 break; 2231 2232 case IPV6_V6ONLY: 2233 optval = OPTBIT(IN6P_IPV6_V6ONLY); 2234 break; 2235 2236 case IPV6_PORTRANGE: 2237 { 2238 int flags; 2239 flags = inp->inp_flags; 2240 if (flags & INP_HIGHPORT) 2241 optval = IPV6_PORTRANGE_HIGH; 2242 else if (flags & INP_LOWPORT) 2243 optval = IPV6_PORTRANGE_LOW; 2244 else 2245 optval = 0; 2246 break; 2247 } 2248 case IPV6_RECVTCLASS: 2249 optval = OPTBIT(IN6P_TCLASS); 2250 break; 2251 2252 case IPV6_AUTOFLOWLABEL: 2253 optval = OPTBIT(IN6P_AUTOFLOWLABEL); 2254 break; 2255 2256 case IPV6_ORIGDSTADDR: 2257 optval = OPTBIT2(INP_ORIGDSTADDR); 2258 break; 2259 2260 case IPV6_BINDANY: 2261 optval = OPTBIT(INP_BINDANY); 2262 break; 2263 2264 case IPV6_FLOWID: 2265 optval = inp->inp_flowid; 2266 break; 2267 2268 case IPV6_FLOWTYPE: 2269 optval = inp->inp_flowtype; 2270 break; 2271 2272 case IPV6_RECVFLOWID: 2273 optval = OPTBIT2(INP_RECVFLOWID); 2274 break; 2275 #ifdef RSS 2276 case IPV6_RSSBUCKETID: 2277 retval = 2278 rss_hash2bucket(inp->inp_flowid, 2279 inp->inp_flowtype, 2280 &rss_bucket); 2281 if (retval == 0) 2282 optval = rss_bucket; 2283 else 2284 error = EINVAL; 2285 break; 2286 2287 case IPV6_RECVRSSBUCKETID: 2288 optval = OPTBIT2(INP_RECVRSSBUCKETID); 2289 break; 2290 #endif 2291 2292 case IPV6_BINDMULTI: 2293 optval = OPTBIT2(INP_BINDMULTI); 2294 break; 2295 2296 case IPV6_VLAN_PCP: 2297 if (OPTBIT2(INP_2PCP_SET)) { 2298 optval = (inp->inp_flags2 & 2299 INP_2PCP_MASK) >> 2300 INP_2PCP_SHIFT; 2301 } else { 2302 optval = -1; 2303 } 2304 break; 2305 } 2306 2307 if (error) 2308 break; 2309 error = sooptcopyout(sopt, &optval, 2310 sizeof optval); 2311 break; 2312 2313 case IPV6_PATHMTU: 2314 { 2315 u_long pmtu = 0; 2316 struct ip6_mtuinfo mtuinfo; 2317 struct in6_addr addr; 2318 2319 if (!(so->so_state & SS_ISCONNECTED)) 2320 return (ENOTCONN); 2321 /* 2322 * XXX: we dot not consider the case of source 2323 * routing, or optional information to specify 2324 * the outgoing interface. 2325 * Copy faddr out of inp to avoid holding lock 2326 * on inp during route lookup. 2327 */ 2328 INP_RLOCK(inp); 2329 bcopy(&inp->in6p_faddr, &addr, sizeof(addr)); 2330 INP_RUNLOCK(inp); 2331 error = ip6_getpmtu_ctl(so->so_fibnum, 2332 &addr, &pmtu); 2333 if (error) 2334 break; 2335 if (pmtu > IPV6_MAXPACKET) 2336 pmtu = IPV6_MAXPACKET; 2337 2338 bzero(&mtuinfo, sizeof(mtuinfo)); 2339 mtuinfo.ip6m_mtu = (u_int32_t)pmtu; 2340 optdata = (void *)&mtuinfo; 2341 optdatalen = sizeof(mtuinfo); 2342 error = sooptcopyout(sopt, optdata, 2343 optdatalen); 2344 break; 2345 } 2346 2347 case IPV6_2292PKTINFO: 2348 case IPV6_2292HOPLIMIT: 2349 case IPV6_2292HOPOPTS: 2350 case IPV6_2292RTHDR: 2351 case IPV6_2292DSTOPTS: 2352 switch (optname) { 2353 case IPV6_2292PKTINFO: 2354 optval = OPTBIT(IN6P_PKTINFO); 2355 break; 2356 case IPV6_2292HOPLIMIT: 2357 optval = OPTBIT(IN6P_HOPLIMIT); 2358 break; 2359 case IPV6_2292HOPOPTS: 2360 optval = OPTBIT(IN6P_HOPOPTS); 2361 break; 2362 case IPV6_2292RTHDR: 2363 optval = OPTBIT(IN6P_RTHDR); 2364 break; 2365 case IPV6_2292DSTOPTS: 2366 optval = OPTBIT(IN6P_DSTOPTS|IN6P_RTHDRDSTOPTS); 2367 break; 2368 } 2369 error = sooptcopyout(sopt, &optval, 2370 sizeof optval); 2371 break; 2372 case IPV6_PKTINFO: 2373 case IPV6_HOPOPTS: 2374 case IPV6_RTHDR: 2375 case IPV6_DSTOPTS: 2376 case IPV6_RTHDRDSTOPTS: 2377 case IPV6_NEXTHOP: 2378 case IPV6_TCLASS: 2379 case IPV6_DONTFRAG: 2380 case IPV6_USE_MIN_MTU: 2381 case IPV6_PREFER_TEMPADDR: 2382 error = ip6_getpcbopt(inp, optname, sopt); 2383 break; 2384 2385 case IPV6_MULTICAST_IF: 2386 case IPV6_MULTICAST_HOPS: 2387 case IPV6_MULTICAST_LOOP: 2388 case IPV6_MSFILTER: 2389 error = ip6_getmoptions(inp, sopt); 2390 break; 2391 2392 #if defined(IPSEC) || defined(IPSEC_SUPPORT) 2393 case IPV6_IPSEC_POLICY: 2394 if (IPSEC_ENABLED(ipv6)) { 2395 error = IPSEC_PCBCTL(ipv6, inp, sopt); 2396 break; 2397 } 2398 /* FALLTHROUGH */ 2399 #endif /* IPSEC */ 2400 default: 2401 error = ENOPROTOOPT; 2402 break; 2403 } 2404 break; 2405 } 2406 } 2407 return (error); 2408 } 2409 2410 int 2411 ip6_raw_ctloutput(struct socket *so, struct sockopt *sopt) 2412 { 2413 int error = 0, optval, optlen; 2414 const int icmp6off = offsetof(struct icmp6_hdr, icmp6_cksum); 2415 struct inpcb *inp = sotoinpcb(so); 2416 int level, op, optname; 2417 2418 level = sopt->sopt_level; 2419 op = sopt->sopt_dir; 2420 optname = sopt->sopt_name; 2421 optlen = sopt->sopt_valsize; 2422 2423 if (level != IPPROTO_IPV6) { 2424 return (EINVAL); 2425 } 2426 2427 switch (optname) { 2428 case IPV6_CHECKSUM: 2429 /* 2430 * For ICMPv6 sockets, no modification allowed for checksum 2431 * offset, permit "no change" values to help existing apps. 2432 * 2433 * RFC3542 says: "An attempt to set IPV6_CHECKSUM 2434 * for an ICMPv6 socket will fail." 2435 * The current behavior does not meet RFC3542. 2436 */ 2437 switch (op) { 2438 case SOPT_SET: 2439 if (optlen != sizeof(int)) { 2440 error = EINVAL; 2441 break; 2442 } 2443 error = sooptcopyin(sopt, &optval, sizeof(optval), 2444 sizeof(optval)); 2445 if (error) 2446 break; 2447 if (optval < -1 || (optval % 2) != 0) { 2448 /* 2449 * The API assumes non-negative even offset 2450 * values or -1 as a special value. 2451 */ 2452 error = EINVAL; 2453 } else if (inp->inp_ip_p == IPPROTO_ICMPV6) { 2454 if (optval != icmp6off) 2455 error = EINVAL; 2456 } else 2457 inp->in6p_cksum = optval; 2458 break; 2459 2460 case SOPT_GET: 2461 if (inp->inp_ip_p == IPPROTO_ICMPV6) 2462 optval = icmp6off; 2463 else 2464 optval = inp->in6p_cksum; 2465 2466 error = sooptcopyout(sopt, &optval, sizeof(optval)); 2467 break; 2468 2469 default: 2470 error = EINVAL; 2471 break; 2472 } 2473 break; 2474 2475 default: 2476 error = ENOPROTOOPT; 2477 break; 2478 } 2479 2480 return (error); 2481 } 2482 2483 /* 2484 * Set up IP6 options in pcb for insertion in output packets or 2485 * specifying behavior of outgoing packets. 2486 */ 2487 static int 2488 ip6_pcbopts(struct ip6_pktopts **pktopt, struct mbuf *m, 2489 struct socket *so, struct sockopt *sopt) 2490 { 2491 struct ip6_pktopts *opt = *pktopt; 2492 int error = 0; 2493 struct thread *td = sopt->sopt_td; 2494 struct epoch_tracker et; 2495 2496 /* turn off any old options. */ 2497 if (opt) { 2498 #ifdef DIAGNOSTIC 2499 if (opt->ip6po_pktinfo || opt->ip6po_nexthop || 2500 opt->ip6po_hbh || opt->ip6po_dest1 || opt->ip6po_dest2 || 2501 opt->ip6po_rhinfo.ip6po_rhi_rthdr) 2502 printf("ip6_pcbopts: all specified options are cleared.\n"); 2503 #endif 2504 ip6_clearpktopts(opt, -1); 2505 } else { 2506 opt = malloc(sizeof(*opt), M_IP6OPT, M_NOWAIT); 2507 if (opt == NULL) 2508 return (ENOMEM); 2509 } 2510 *pktopt = NULL; 2511 2512 if (!m || m->m_len == 0) { 2513 /* 2514 * Only turning off any previous options, regardless of 2515 * whether the opt is just created or given. 2516 */ 2517 free(opt, M_IP6OPT); 2518 return (0); 2519 } 2520 2521 /* set options specified by user. */ 2522 NET_EPOCH_ENTER(et); 2523 if ((error = ip6_setpktopts(m, opt, NULL, (td != NULL) ? 2524 td->td_ucred : NULL, so->so_proto->pr_protocol)) != 0) { 2525 ip6_clearpktopts(opt, -1); /* XXX: discard all options */ 2526 free(opt, M_IP6OPT); 2527 NET_EPOCH_EXIT(et); 2528 return (error); 2529 } 2530 NET_EPOCH_EXIT(et); 2531 *pktopt = opt; 2532 return (0); 2533 } 2534 2535 /* 2536 * initialize ip6_pktopts. beware that there are non-zero default values in 2537 * the struct. 2538 */ 2539 void 2540 ip6_initpktopts(struct ip6_pktopts *opt) 2541 { 2542 2543 bzero(opt, sizeof(*opt)); 2544 opt->ip6po_hlim = -1; /* -1 means default hop limit */ 2545 opt->ip6po_tclass = -1; /* -1 means default traffic class */ 2546 opt->ip6po_minmtu = IP6PO_MINMTU_MCASTONLY; 2547 opt->ip6po_prefer_tempaddr = IP6PO_TEMPADDR_SYSTEM; 2548 } 2549 2550 static int 2551 ip6_pcbopt(int optname, u_char *buf, int len, struct ip6_pktopts **pktopt, 2552 struct ucred *cred, int uproto) 2553 { 2554 struct epoch_tracker et; 2555 struct ip6_pktopts *opt; 2556 int ret; 2557 2558 if (*pktopt == NULL) { 2559 *pktopt = malloc(sizeof(struct ip6_pktopts), M_IP6OPT, 2560 M_NOWAIT); 2561 if (*pktopt == NULL) 2562 return (ENOBUFS); 2563 ip6_initpktopts(*pktopt); 2564 } 2565 opt = *pktopt; 2566 2567 NET_EPOCH_ENTER(et); 2568 ret = ip6_setpktopt(optname, buf, len, opt, cred, 1, 0, uproto); 2569 NET_EPOCH_EXIT(et); 2570 2571 return (ret); 2572 } 2573 2574 #define GET_PKTOPT_VAR(field, lenexpr) do { \ 2575 if (pktopt && pktopt->field) { \ 2576 INP_RUNLOCK(inp); \ 2577 optdata = malloc(sopt->sopt_valsize, M_TEMP, M_WAITOK); \ 2578 malloc_optdata = true; \ 2579 INP_RLOCK(inp); \ 2580 if (inp->inp_flags & INP_DROPPED) { \ 2581 INP_RUNLOCK(inp); \ 2582 free(optdata, M_TEMP); \ 2583 return (ECONNRESET); \ 2584 } \ 2585 pktopt = inp->in6p_outputopts; \ 2586 if (pktopt && pktopt->field) { \ 2587 optdatalen = min(lenexpr, sopt->sopt_valsize); \ 2588 bcopy(pktopt->field, optdata, optdatalen); \ 2589 } else { \ 2590 free(optdata, M_TEMP); \ 2591 optdata = NULL; \ 2592 malloc_optdata = false; \ 2593 } \ 2594 } \ 2595 } while(0) 2596 2597 #define GET_PKTOPT_EXT_HDR(field) GET_PKTOPT_VAR(field, \ 2598 (((struct ip6_ext *)pktopt->field)->ip6e_len + 1) << 3) 2599 2600 #define GET_PKTOPT_SOCKADDR(field) GET_PKTOPT_VAR(field, \ 2601 pktopt->field->sa_len) 2602 2603 static int 2604 ip6_getpcbopt(struct inpcb *inp, int optname, struct sockopt *sopt) 2605 { 2606 void *optdata = NULL; 2607 bool malloc_optdata = false; 2608 int optdatalen = 0; 2609 int error = 0; 2610 struct in6_pktinfo null_pktinfo; 2611 int deftclass = 0, on; 2612 int defminmtu = IP6PO_MINMTU_MCASTONLY; 2613 int defpreftemp = IP6PO_TEMPADDR_SYSTEM; 2614 struct ip6_pktopts *pktopt; 2615 2616 INP_RLOCK(inp); 2617 pktopt = inp->in6p_outputopts; 2618 2619 switch (optname) { 2620 case IPV6_PKTINFO: 2621 optdata = (void *)&null_pktinfo; 2622 if (pktopt && pktopt->ip6po_pktinfo) { 2623 bcopy(pktopt->ip6po_pktinfo, &null_pktinfo, 2624 sizeof(null_pktinfo)); 2625 in6_clearscope(&null_pktinfo.ipi6_addr); 2626 } else { 2627 /* XXX: we don't have to do this every time... */ 2628 bzero(&null_pktinfo, sizeof(null_pktinfo)); 2629 } 2630 optdatalen = sizeof(struct in6_pktinfo); 2631 break; 2632 case IPV6_TCLASS: 2633 if (pktopt && pktopt->ip6po_tclass >= 0) 2634 deftclass = pktopt->ip6po_tclass; 2635 optdata = (void *)&deftclass; 2636 optdatalen = sizeof(int); 2637 break; 2638 case IPV6_HOPOPTS: 2639 GET_PKTOPT_EXT_HDR(ip6po_hbh); 2640 break; 2641 case IPV6_RTHDR: 2642 GET_PKTOPT_EXT_HDR(ip6po_rthdr); 2643 break; 2644 case IPV6_RTHDRDSTOPTS: 2645 GET_PKTOPT_EXT_HDR(ip6po_dest1); 2646 break; 2647 case IPV6_DSTOPTS: 2648 GET_PKTOPT_EXT_HDR(ip6po_dest2); 2649 break; 2650 case IPV6_NEXTHOP: 2651 GET_PKTOPT_SOCKADDR(ip6po_nexthop); 2652 break; 2653 case IPV6_USE_MIN_MTU: 2654 if (pktopt) 2655 defminmtu = pktopt->ip6po_minmtu; 2656 optdata = (void *)&defminmtu; 2657 optdatalen = sizeof(int); 2658 break; 2659 case IPV6_DONTFRAG: 2660 if (pktopt && ((pktopt->ip6po_flags) & IP6PO_DONTFRAG)) 2661 on = 1; 2662 else 2663 on = 0; 2664 optdata = (void *)&on; 2665 optdatalen = sizeof(on); 2666 break; 2667 case IPV6_PREFER_TEMPADDR: 2668 if (pktopt) 2669 defpreftemp = pktopt->ip6po_prefer_tempaddr; 2670 optdata = (void *)&defpreftemp; 2671 optdatalen = sizeof(int); 2672 break; 2673 default: /* should not happen */ 2674 #ifdef DIAGNOSTIC 2675 panic("ip6_getpcbopt: unexpected option\n"); 2676 #endif 2677 INP_RUNLOCK(inp); 2678 return (ENOPROTOOPT); 2679 } 2680 INP_RUNLOCK(inp); 2681 2682 error = sooptcopyout(sopt, optdata, optdatalen); 2683 if (malloc_optdata) 2684 free(optdata, M_TEMP); 2685 2686 return (error); 2687 } 2688 2689 void 2690 ip6_clearpktopts(struct ip6_pktopts *pktopt, int optname) 2691 { 2692 if (pktopt == NULL) 2693 return; 2694 2695 if (optname == -1 || optname == IPV6_PKTINFO) { 2696 if (pktopt->ip6po_pktinfo) 2697 free(pktopt->ip6po_pktinfo, M_IP6OPT); 2698 pktopt->ip6po_pktinfo = NULL; 2699 } 2700 if (optname == -1 || optname == IPV6_HOPLIMIT) 2701 pktopt->ip6po_hlim = -1; 2702 if (optname == -1 || optname == IPV6_TCLASS) 2703 pktopt->ip6po_tclass = -1; 2704 if (optname == -1 || optname == IPV6_NEXTHOP) { 2705 if (pktopt->ip6po_nextroute.ro_nh) { 2706 NH_FREE(pktopt->ip6po_nextroute.ro_nh); 2707 pktopt->ip6po_nextroute.ro_nh = NULL; 2708 } 2709 if (pktopt->ip6po_nexthop) 2710 free(pktopt->ip6po_nexthop, M_IP6OPT); 2711 pktopt->ip6po_nexthop = NULL; 2712 } 2713 if (optname == -1 || optname == IPV6_HOPOPTS) { 2714 if (pktopt->ip6po_hbh) 2715 free(pktopt->ip6po_hbh, M_IP6OPT); 2716 pktopt->ip6po_hbh = NULL; 2717 } 2718 if (optname == -1 || optname == IPV6_RTHDRDSTOPTS) { 2719 if (pktopt->ip6po_dest1) 2720 free(pktopt->ip6po_dest1, M_IP6OPT); 2721 pktopt->ip6po_dest1 = NULL; 2722 } 2723 if (optname == -1 || optname == IPV6_RTHDR) { 2724 if (pktopt->ip6po_rhinfo.ip6po_rhi_rthdr) 2725 free(pktopt->ip6po_rhinfo.ip6po_rhi_rthdr, M_IP6OPT); 2726 pktopt->ip6po_rhinfo.ip6po_rhi_rthdr = NULL; 2727 if (pktopt->ip6po_route.ro_nh) { 2728 NH_FREE(pktopt->ip6po_route.ro_nh); 2729 pktopt->ip6po_route.ro_nh = NULL; 2730 } 2731 } 2732 if (optname == -1 || optname == IPV6_DSTOPTS) { 2733 if (pktopt->ip6po_dest2) 2734 free(pktopt->ip6po_dest2, M_IP6OPT); 2735 pktopt->ip6po_dest2 = NULL; 2736 } 2737 } 2738 2739 #define PKTOPT_EXTHDRCPY(type) \ 2740 do {\ 2741 if (src->type) {\ 2742 int hlen = (((struct ip6_ext *)src->type)->ip6e_len + 1) << 3;\ 2743 dst->type = malloc(hlen, M_IP6OPT, canwait);\ 2744 if (dst->type == NULL)\ 2745 goto bad;\ 2746 bcopy(src->type, dst->type, hlen);\ 2747 }\ 2748 } while (/*CONSTCOND*/ 0) 2749 2750 static int 2751 copypktopts(struct ip6_pktopts *dst, struct ip6_pktopts *src, int canwait) 2752 { 2753 if (dst == NULL || src == NULL) { 2754 printf("ip6_clearpktopts: invalid argument\n"); 2755 return (EINVAL); 2756 } 2757 2758 dst->ip6po_hlim = src->ip6po_hlim; 2759 dst->ip6po_tclass = src->ip6po_tclass; 2760 dst->ip6po_flags = src->ip6po_flags; 2761 dst->ip6po_minmtu = src->ip6po_minmtu; 2762 dst->ip6po_prefer_tempaddr = src->ip6po_prefer_tempaddr; 2763 if (src->ip6po_pktinfo) { 2764 dst->ip6po_pktinfo = malloc(sizeof(*dst->ip6po_pktinfo), 2765 M_IP6OPT, canwait); 2766 if (dst->ip6po_pktinfo == NULL) 2767 goto bad; 2768 *dst->ip6po_pktinfo = *src->ip6po_pktinfo; 2769 } 2770 if (src->ip6po_nexthop) { 2771 dst->ip6po_nexthop = malloc(src->ip6po_nexthop->sa_len, 2772 M_IP6OPT, canwait); 2773 if (dst->ip6po_nexthop == NULL) 2774 goto bad; 2775 bcopy(src->ip6po_nexthop, dst->ip6po_nexthop, 2776 src->ip6po_nexthop->sa_len); 2777 } 2778 PKTOPT_EXTHDRCPY(ip6po_hbh); 2779 PKTOPT_EXTHDRCPY(ip6po_dest1); 2780 PKTOPT_EXTHDRCPY(ip6po_dest2); 2781 PKTOPT_EXTHDRCPY(ip6po_rthdr); /* not copy the cached route */ 2782 return (0); 2783 2784 bad: 2785 ip6_clearpktopts(dst, -1); 2786 return (ENOBUFS); 2787 } 2788 #undef PKTOPT_EXTHDRCPY 2789 2790 struct ip6_pktopts * 2791 ip6_copypktopts(struct ip6_pktopts *src, int canwait) 2792 { 2793 int error; 2794 struct ip6_pktopts *dst; 2795 2796 dst = malloc(sizeof(*dst), M_IP6OPT, canwait); 2797 if (dst == NULL) 2798 return (NULL); 2799 ip6_initpktopts(dst); 2800 2801 if ((error = copypktopts(dst, src, canwait)) != 0) { 2802 free(dst, M_IP6OPT); 2803 return (NULL); 2804 } 2805 2806 return (dst); 2807 } 2808 2809 void 2810 ip6_freepcbopts(struct ip6_pktopts *pktopt) 2811 { 2812 if (pktopt == NULL) 2813 return; 2814 2815 ip6_clearpktopts(pktopt, -1); 2816 2817 free(pktopt, M_IP6OPT); 2818 } 2819 2820 /* 2821 * Set IPv6 outgoing packet options based on advanced API. 2822 */ 2823 int 2824 ip6_setpktopts(struct mbuf *control, struct ip6_pktopts *opt, 2825 struct ip6_pktopts *stickyopt, struct ucred *cred, int uproto) 2826 { 2827 struct cmsghdr *cm = NULL; 2828 2829 if (control == NULL || opt == NULL) 2830 return (EINVAL); 2831 2832 /* 2833 * ip6_setpktopt can call ifnet_byindex(), so it's imperative that we 2834 * are in the network epoch here. 2835 */ 2836 NET_EPOCH_ASSERT(); 2837 2838 ip6_initpktopts(opt); 2839 if (stickyopt) { 2840 int error; 2841 2842 /* 2843 * If stickyopt is provided, make a local copy of the options 2844 * for this particular packet, then override them by ancillary 2845 * objects. 2846 * XXX: copypktopts() does not copy the cached route to a next 2847 * hop (if any). This is not very good in terms of efficiency, 2848 * but we can allow this since this option should be rarely 2849 * used. 2850 */ 2851 if ((error = copypktopts(opt, stickyopt, M_NOWAIT)) != 0) 2852 return (error); 2853 } 2854 2855 /* 2856 * XXX: Currently, we assume all the optional information is stored 2857 * in a single mbuf. 2858 */ 2859 if (control->m_next) 2860 return (EINVAL); 2861 2862 for (; control->m_len > 0; control->m_data += CMSG_ALIGN(cm->cmsg_len), 2863 control->m_len -= CMSG_ALIGN(cm->cmsg_len)) { 2864 int error; 2865 2866 if (control->m_len < CMSG_LEN(0)) 2867 return (EINVAL); 2868 2869 cm = mtod(control, struct cmsghdr *); 2870 if (cm->cmsg_len == 0 || cm->cmsg_len > control->m_len) 2871 return (EINVAL); 2872 if (cm->cmsg_level != IPPROTO_IPV6) 2873 continue; 2874 2875 error = ip6_setpktopt(cm->cmsg_type, CMSG_DATA(cm), 2876 cm->cmsg_len - CMSG_LEN(0), opt, cred, 0, 1, uproto); 2877 if (error) 2878 return (error); 2879 } 2880 2881 return (0); 2882 } 2883 2884 /* 2885 * Set a particular packet option, as a sticky option or an ancillary data 2886 * item. "len" can be 0 only when it's a sticky option. 2887 * We have 4 cases of combination of "sticky" and "cmsg": 2888 * "sticky=0, cmsg=0": impossible 2889 * "sticky=0, cmsg=1": RFC2292 or RFC3542 ancillary data 2890 * "sticky=1, cmsg=0": RFC3542 socket option 2891 * "sticky=1, cmsg=1": RFC2292 socket option 2892 */ 2893 static int 2894 ip6_setpktopt(int optname, u_char *buf, int len, struct ip6_pktopts *opt, 2895 struct ucred *cred, int sticky, int cmsg, int uproto) 2896 { 2897 int minmtupolicy, preftemp; 2898 int error; 2899 2900 NET_EPOCH_ASSERT(); 2901 2902 if (!sticky && !cmsg) { 2903 #ifdef DIAGNOSTIC 2904 printf("ip6_setpktopt: impossible case\n"); 2905 #endif 2906 return (EINVAL); 2907 } 2908 2909 /* 2910 * IPV6_2292xxx is for backward compatibility to RFC2292, and should 2911 * not be specified in the context of RFC3542. Conversely, 2912 * RFC3542 types should not be specified in the context of RFC2292. 2913 */ 2914 if (!cmsg) { 2915 switch (optname) { 2916 case IPV6_2292PKTINFO: 2917 case IPV6_2292HOPLIMIT: 2918 case IPV6_2292NEXTHOP: 2919 case IPV6_2292HOPOPTS: 2920 case IPV6_2292DSTOPTS: 2921 case IPV6_2292RTHDR: 2922 case IPV6_2292PKTOPTIONS: 2923 return (ENOPROTOOPT); 2924 } 2925 } 2926 if (sticky && cmsg) { 2927 switch (optname) { 2928 case IPV6_PKTINFO: 2929 case IPV6_HOPLIMIT: 2930 case IPV6_NEXTHOP: 2931 case IPV6_HOPOPTS: 2932 case IPV6_DSTOPTS: 2933 case IPV6_RTHDRDSTOPTS: 2934 case IPV6_RTHDR: 2935 case IPV6_USE_MIN_MTU: 2936 case IPV6_DONTFRAG: 2937 case IPV6_TCLASS: 2938 case IPV6_PREFER_TEMPADDR: /* XXX: not an RFC3542 option */ 2939 return (ENOPROTOOPT); 2940 } 2941 } 2942 2943 switch (optname) { 2944 case IPV6_2292PKTINFO: 2945 case IPV6_PKTINFO: 2946 { 2947 struct ifnet *ifp = NULL; 2948 struct in6_pktinfo *pktinfo; 2949 2950 if (len != sizeof(struct in6_pktinfo)) 2951 return (EINVAL); 2952 2953 pktinfo = (struct in6_pktinfo *)buf; 2954 2955 /* 2956 * An application can clear any sticky IPV6_PKTINFO option by 2957 * doing a "regular" setsockopt with ipi6_addr being 2958 * in6addr_any and ipi6_ifindex being zero. 2959 * [RFC 3542, Section 6] 2960 */ 2961 if (optname == IPV6_PKTINFO && opt->ip6po_pktinfo && 2962 pktinfo->ipi6_ifindex == 0 && 2963 IN6_IS_ADDR_UNSPECIFIED(&pktinfo->ipi6_addr)) { 2964 ip6_clearpktopts(opt, optname); 2965 break; 2966 } 2967 2968 if (uproto == IPPROTO_TCP && optname == IPV6_PKTINFO && 2969 sticky && !IN6_IS_ADDR_UNSPECIFIED(&pktinfo->ipi6_addr)) { 2970 return (EINVAL); 2971 } 2972 if (IN6_IS_ADDR_MULTICAST(&pktinfo->ipi6_addr)) 2973 return (EINVAL); 2974 /* validate the interface index if specified. */ 2975 if (pktinfo->ipi6_ifindex) { 2976 ifp = ifnet_byindex(pktinfo->ipi6_ifindex); 2977 if (ifp == NULL) 2978 return (ENXIO); 2979 } 2980 if (ifp != NULL && (ifp->if_afdata[AF_INET6] == NULL || 2981 (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED) != 0)) 2982 return (ENETDOWN); 2983 2984 if (ifp != NULL && 2985 !IN6_IS_ADDR_UNSPECIFIED(&pktinfo->ipi6_addr)) { 2986 struct in6_ifaddr *ia; 2987 2988 in6_setscope(&pktinfo->ipi6_addr, ifp, NULL); 2989 ia = in6ifa_ifpwithaddr(ifp, &pktinfo->ipi6_addr); 2990 if (ia == NULL) 2991 return (EADDRNOTAVAIL); 2992 ifa_free(&ia->ia_ifa); 2993 } 2994 /* 2995 * We store the address anyway, and let in6_selectsrc() 2996 * validate the specified address. This is because ipi6_addr 2997 * may not have enough information about its scope zone, and 2998 * we may need additional information (such as outgoing 2999 * interface or the scope zone of a destination address) to 3000 * disambiguate the scope. 3001 * XXX: the delay of the validation may confuse the 3002 * application when it is used as a sticky option. 3003 */ 3004 if (opt->ip6po_pktinfo == NULL) { 3005 opt->ip6po_pktinfo = malloc(sizeof(*pktinfo), 3006 M_IP6OPT, M_NOWAIT); 3007 if (opt->ip6po_pktinfo == NULL) 3008 return (ENOBUFS); 3009 } 3010 bcopy(pktinfo, opt->ip6po_pktinfo, sizeof(*pktinfo)); 3011 break; 3012 } 3013 3014 case IPV6_2292HOPLIMIT: 3015 case IPV6_HOPLIMIT: 3016 { 3017 int *hlimp; 3018 3019 /* 3020 * RFC 3542 deprecated the usage of sticky IPV6_HOPLIMIT 3021 * to simplify the ordering among hoplimit options. 3022 */ 3023 if (optname == IPV6_HOPLIMIT && sticky) 3024 return (ENOPROTOOPT); 3025 3026 if (len != sizeof(int)) 3027 return (EINVAL); 3028 hlimp = (int *)buf; 3029 if (*hlimp < -1 || *hlimp > 255) 3030 return (EINVAL); 3031 3032 opt->ip6po_hlim = *hlimp; 3033 break; 3034 } 3035 3036 case IPV6_TCLASS: 3037 { 3038 int tclass; 3039 3040 if (len != sizeof(int)) 3041 return (EINVAL); 3042 tclass = *(int *)buf; 3043 if (tclass < -1 || tclass > 255) 3044 return (EINVAL); 3045 3046 opt->ip6po_tclass = tclass; 3047 break; 3048 } 3049 3050 case IPV6_2292NEXTHOP: 3051 case IPV6_NEXTHOP: 3052 if (cred != NULL) { 3053 error = priv_check_cred(cred, PRIV_NETINET_SETHDROPTS); 3054 if (error) 3055 return (error); 3056 } 3057 3058 if (len == 0) { /* just remove the option */ 3059 ip6_clearpktopts(opt, IPV6_NEXTHOP); 3060 break; 3061 } 3062 3063 /* check if cmsg_len is large enough for sa_len */ 3064 if (len < sizeof(struct sockaddr) || len < *buf) 3065 return (EINVAL); 3066 3067 switch (((struct sockaddr *)buf)->sa_family) { 3068 case AF_INET6: 3069 { 3070 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)buf; 3071 int error; 3072 3073 if (sa6->sin6_len != sizeof(struct sockaddr_in6)) 3074 return (EINVAL); 3075 3076 if (IN6_IS_ADDR_UNSPECIFIED(&sa6->sin6_addr) || 3077 IN6_IS_ADDR_MULTICAST(&sa6->sin6_addr)) { 3078 return (EINVAL); 3079 } 3080 if ((error = sa6_embedscope(sa6, V_ip6_use_defzone)) 3081 != 0) { 3082 return (error); 3083 } 3084 break; 3085 } 3086 case AF_LINK: /* should eventually be supported */ 3087 default: 3088 return (EAFNOSUPPORT); 3089 } 3090 3091 /* turn off the previous option, then set the new option. */ 3092 ip6_clearpktopts(opt, IPV6_NEXTHOP); 3093 opt->ip6po_nexthop = malloc(*buf, M_IP6OPT, M_NOWAIT); 3094 if (opt->ip6po_nexthop == NULL) 3095 return (ENOBUFS); 3096 bcopy(buf, opt->ip6po_nexthop, *buf); 3097 break; 3098 3099 case IPV6_2292HOPOPTS: 3100 case IPV6_HOPOPTS: 3101 { 3102 struct ip6_hbh *hbh; 3103 int hbhlen; 3104 3105 /* 3106 * XXX: We don't allow a non-privileged user to set ANY HbH 3107 * options, since per-option restriction has too much 3108 * overhead. 3109 */ 3110 if (cred != NULL) { 3111 error = priv_check_cred(cred, PRIV_NETINET_SETHDROPTS); 3112 if (error) 3113 return (error); 3114 } 3115 3116 if (len == 0) { 3117 ip6_clearpktopts(opt, IPV6_HOPOPTS); 3118 break; /* just remove the option */ 3119 } 3120 3121 /* message length validation */ 3122 if (len < sizeof(struct ip6_hbh)) 3123 return (EINVAL); 3124 hbh = (struct ip6_hbh *)buf; 3125 hbhlen = (hbh->ip6h_len + 1) << 3; 3126 if (len != hbhlen) 3127 return (EINVAL); 3128 3129 /* turn off the previous option, then set the new option. */ 3130 ip6_clearpktopts(opt, IPV6_HOPOPTS); 3131 opt->ip6po_hbh = malloc(hbhlen, M_IP6OPT, M_NOWAIT); 3132 if (opt->ip6po_hbh == NULL) 3133 return (ENOBUFS); 3134 bcopy(hbh, opt->ip6po_hbh, hbhlen); 3135 3136 break; 3137 } 3138 3139 case IPV6_2292DSTOPTS: 3140 case IPV6_DSTOPTS: 3141 case IPV6_RTHDRDSTOPTS: 3142 { 3143 struct ip6_dest *dest, **newdest = NULL; 3144 int destlen; 3145 3146 if (cred != NULL) { /* XXX: see the comment for IPV6_HOPOPTS */ 3147 error = priv_check_cred(cred, PRIV_NETINET_SETHDROPTS); 3148 if (error) 3149 return (error); 3150 } 3151 3152 if (len == 0) { 3153 ip6_clearpktopts(opt, optname); 3154 break; /* just remove the option */ 3155 } 3156 3157 /* message length validation */ 3158 if (len < sizeof(struct ip6_dest)) 3159 return (EINVAL); 3160 dest = (struct ip6_dest *)buf; 3161 destlen = (dest->ip6d_len + 1) << 3; 3162 if (len != destlen) 3163 return (EINVAL); 3164 3165 /* 3166 * Determine the position that the destination options header 3167 * should be inserted; before or after the routing header. 3168 */ 3169 switch (optname) { 3170 case IPV6_2292DSTOPTS: 3171 /* 3172 * The old advacned API is ambiguous on this point. 3173 * Our approach is to determine the position based 3174 * according to the existence of a routing header. 3175 * Note, however, that this depends on the order of the 3176 * extension headers in the ancillary data; the 1st 3177 * part of the destination options header must appear 3178 * before the routing header in the ancillary data, 3179 * too. 3180 * RFC3542 solved the ambiguity by introducing 3181 * separate ancillary data or option types. 3182 */ 3183 if (opt->ip6po_rthdr == NULL) 3184 newdest = &opt->ip6po_dest1; 3185 else 3186 newdest = &opt->ip6po_dest2; 3187 break; 3188 case IPV6_RTHDRDSTOPTS: 3189 newdest = &opt->ip6po_dest1; 3190 break; 3191 case IPV6_DSTOPTS: 3192 newdest = &opt->ip6po_dest2; 3193 break; 3194 } 3195 3196 /* turn off the previous option, then set the new option. */ 3197 ip6_clearpktopts(opt, optname); 3198 *newdest = malloc(destlen, M_IP6OPT, M_NOWAIT); 3199 if (*newdest == NULL) 3200 return (ENOBUFS); 3201 bcopy(dest, *newdest, destlen); 3202 3203 break; 3204 } 3205 3206 case IPV6_2292RTHDR: 3207 case IPV6_RTHDR: 3208 { 3209 struct ip6_rthdr *rth; 3210 int rthlen; 3211 3212 if (len == 0) { 3213 ip6_clearpktopts(opt, IPV6_RTHDR); 3214 break; /* just remove the option */ 3215 } 3216 3217 /* message length validation */ 3218 if (len < sizeof(struct ip6_rthdr)) 3219 return (EINVAL); 3220 rth = (struct ip6_rthdr *)buf; 3221 rthlen = (rth->ip6r_len + 1) << 3; 3222 if (len != rthlen) 3223 return (EINVAL); 3224 3225 switch (rth->ip6r_type) { 3226 case IPV6_RTHDR_TYPE_0: 3227 if (rth->ip6r_len == 0) /* must contain one addr */ 3228 return (EINVAL); 3229 if (rth->ip6r_len % 2) /* length must be even */ 3230 return (EINVAL); 3231 if (rth->ip6r_len / 2 != rth->ip6r_segleft) 3232 return (EINVAL); 3233 break; 3234 default: 3235 return (EINVAL); /* not supported */ 3236 } 3237 3238 /* turn off the previous option */ 3239 ip6_clearpktopts(opt, IPV6_RTHDR); 3240 opt->ip6po_rthdr = malloc(rthlen, M_IP6OPT, M_NOWAIT); 3241 if (opt->ip6po_rthdr == NULL) 3242 return (ENOBUFS); 3243 bcopy(rth, opt->ip6po_rthdr, rthlen); 3244 3245 break; 3246 } 3247 3248 case IPV6_USE_MIN_MTU: 3249 if (len != sizeof(int)) 3250 return (EINVAL); 3251 minmtupolicy = *(int *)buf; 3252 if (minmtupolicy != IP6PO_MINMTU_MCASTONLY && 3253 minmtupolicy != IP6PO_MINMTU_DISABLE && 3254 minmtupolicy != IP6PO_MINMTU_ALL) { 3255 return (EINVAL); 3256 } 3257 opt->ip6po_minmtu = minmtupolicy; 3258 break; 3259 3260 case IPV6_DONTFRAG: 3261 if (len != sizeof(int)) 3262 return (EINVAL); 3263 3264 if (uproto == IPPROTO_TCP || *(int *)buf == 0) { 3265 /* 3266 * we ignore this option for TCP sockets. 3267 * (RFC3542 leaves this case unspecified.) 3268 */ 3269 opt->ip6po_flags &= ~IP6PO_DONTFRAG; 3270 } else 3271 opt->ip6po_flags |= IP6PO_DONTFRAG; 3272 break; 3273 3274 case IPV6_PREFER_TEMPADDR: 3275 if (len != sizeof(int)) 3276 return (EINVAL); 3277 preftemp = *(int *)buf; 3278 if (preftemp != IP6PO_TEMPADDR_SYSTEM && 3279 preftemp != IP6PO_TEMPADDR_NOTPREFER && 3280 preftemp != IP6PO_TEMPADDR_PREFER) { 3281 return (EINVAL); 3282 } 3283 opt->ip6po_prefer_tempaddr = preftemp; 3284 break; 3285 3286 default: 3287 return (ENOPROTOOPT); 3288 } /* end of switch */ 3289 3290 return (0); 3291 } 3292 3293 /* 3294 * Routine called from ip6_output() to loop back a copy of an IP6 multicast 3295 * packet to the input queue of a specified interface. Note that this 3296 * calls the output routine of the loopback "driver", but with an interface 3297 * pointer that might NOT be &loif -- easier than replicating that code here. 3298 */ 3299 void 3300 ip6_mloopback(struct ifnet *ifp, struct mbuf *m) 3301 { 3302 struct mbuf *copym; 3303 struct ip6_hdr *ip6; 3304 3305 copym = m_copym(m, 0, M_COPYALL, M_NOWAIT); 3306 if (copym == NULL) 3307 return; 3308 3309 /* 3310 * Make sure to deep-copy IPv6 header portion in case the data 3311 * is in an mbuf cluster, so that we can safely override the IPv6 3312 * header portion later. 3313 */ 3314 if (!M_WRITABLE(copym) || 3315 copym->m_len < sizeof(struct ip6_hdr)) { 3316 copym = m_pullup(copym, sizeof(struct ip6_hdr)); 3317 if (copym == NULL) 3318 return; 3319 } 3320 ip6 = mtod(copym, struct ip6_hdr *); 3321 /* 3322 * clear embedded scope identifiers if necessary. 3323 * in6_clearscope will touch the addresses only when necessary. 3324 */ 3325 in6_clearscope(&ip6->ip6_src); 3326 in6_clearscope(&ip6->ip6_dst); 3327 if (copym->m_pkthdr.csum_flags & CSUM_DELAY_DATA_IPV6) { 3328 copym->m_pkthdr.csum_flags |= CSUM_DATA_VALID_IPV6 | 3329 CSUM_PSEUDO_HDR; 3330 copym->m_pkthdr.csum_data = 0xffff; 3331 } 3332 if_simloop(ifp, copym, AF_INET6, 0); 3333 } 3334 3335 /* 3336 * Chop IPv6 header off from the payload. 3337 */ 3338 static int 3339 ip6_splithdr(struct mbuf *m, struct ip6_exthdrs *exthdrs) 3340 { 3341 struct mbuf *mh; 3342 struct ip6_hdr *ip6; 3343 3344 ip6 = mtod(m, struct ip6_hdr *); 3345 if (m->m_len > sizeof(*ip6)) { 3346 mh = m_gethdr(M_NOWAIT, MT_DATA); 3347 if (mh == NULL) { 3348 m_freem(m); 3349 return ENOBUFS; 3350 } 3351 m_move_pkthdr(mh, m); 3352 M_ALIGN(mh, sizeof(*ip6)); 3353 m->m_len -= sizeof(*ip6); 3354 m->m_data += sizeof(*ip6); 3355 mh->m_next = m; 3356 m = mh; 3357 m->m_len = sizeof(*ip6); 3358 bcopy((caddr_t)ip6, mtod(m, caddr_t), sizeof(*ip6)); 3359 } 3360 exthdrs->ip6e_ip6 = m; 3361 return 0; 3362 } 3363 3364 /* 3365 * Compute IPv6 extension header length. 3366 */ 3367 int 3368 ip6_optlen(struct inpcb *inp) 3369 { 3370 int len; 3371 3372 if (!inp->in6p_outputopts) 3373 return 0; 3374 3375 len = 0; 3376 #define elen(x) \ 3377 (((struct ip6_ext *)(x)) ? (((struct ip6_ext *)(x))->ip6e_len + 1) << 3 : 0) 3378 3379 len += elen(inp->in6p_outputopts->ip6po_hbh); 3380 if (inp->in6p_outputopts->ip6po_rthdr) 3381 /* dest1 is valid with rthdr only */ 3382 len += elen(inp->in6p_outputopts->ip6po_dest1); 3383 len += elen(inp->in6p_outputopts->ip6po_rthdr); 3384 len += elen(inp->in6p_outputopts->ip6po_dest2); 3385 return len; 3386 #undef elen 3387 }
Cache object: 39d82a62d53f00b668cc27ff4df89faf
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]