1 /*-
2 * SPDX-License-Identifier: BSD-3-Clause
3 *
4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the project nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 *
31 * $KAME: ip6_output.c,v 1.279 2002/01/26 06:12:30 jinmei Exp $
32 */
33
34 /*-
35 * Copyright (c) 1982, 1986, 1988, 1990, 1993
36 * The Regents of the University of California. All rights reserved.
37 *
38 * Redistribution and use in source and binary forms, with or without
39 * modification, are permitted provided that the following conditions
40 * are met:
41 * 1. Redistributions of source code must retain the above copyright
42 * notice, this list of conditions and the following disclaimer.
43 * 2. Redistributions in binary form must reproduce the above copyright
44 * notice, this list of conditions and the following disclaimer in the
45 * documentation and/or other materials provided with the distribution.
46 * 3. Neither the name of the University nor the names of its contributors
47 * may be used to endorse or promote products derived from this software
48 * without specific prior written permission.
49 *
50 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
51 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
52 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
53 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
54 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
55 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
56 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
57 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
58 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
59 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
60 * SUCH DAMAGE.
61 *
62 * @(#)ip_output.c 8.3 (Berkeley) 1/21/94
63 */
64
65 #include <sys/cdefs.h>
66 __FBSDID("$FreeBSD$");
67
68 #include "opt_inet.h"
69 #include "opt_inet6.h"
70 #include "opt_ratelimit.h"
71 #include "opt_ipsec.h"
72 #include "opt_sctp.h"
73 #include "opt_route.h"
74 #include "opt_rss.h"
75
76 #include <sys/param.h>
77 #include <sys/kernel.h>
78 #include <sys/malloc.h>
79 #include <sys/mbuf.h>
80 #include <sys/errno.h>
81 #include <sys/priv.h>
82 #include <sys/proc.h>
83 #include <sys/protosw.h>
84 #include <sys/socket.h>
85 #include <sys/socketvar.h>
86 #include <sys/syslog.h>
87 #include <sys/ucred.h>
88
89 #include <machine/in_cksum.h>
90
91 #include <net/if.h>
92 #include <net/if_var.h>
93 #include <net/if_vlan_var.h>
94 #include <net/if_llatbl.h>
95 #include <net/ethernet.h>
96 #include <net/netisr.h>
97 #include <net/route.h>
98 #include <net/pfil.h>
99 #include <net/rss_config.h>
100 #include <net/vnet.h>
101
102 #include <netinet/in.h>
103 #include <netinet/in_var.h>
104 #include <netinet/ip_var.h>
105 #include <netinet6/in6_fib.h>
106 #include <netinet6/in6_var.h>
107 #include <netinet/ip6.h>
108 #include <netinet/icmp6.h>
109 #include <netinet6/ip6_var.h>
110 #include <netinet/in_pcb.h>
111 #include <netinet/tcp_var.h>
112 #include <netinet6/nd6.h>
113 #include <netinet6/in6_rss.h>
114
115 #include <netipsec/ipsec_support.h>
116 #if defined(SCTP) || defined(SCTP_SUPPORT)
117 #include <netinet/sctp.h>
118 #include <netinet/sctp_crc32.h>
119 #endif
120
121 #include <netinet6/ip6protosw.h>
122 #include <netinet6/scope6_var.h>
123
124 extern int in6_mcast_loop;
125
126 struct ip6_exthdrs {
127 struct mbuf *ip6e_ip6;
128 struct mbuf *ip6e_hbh;
129 struct mbuf *ip6e_dest1;
130 struct mbuf *ip6e_rthdr;
131 struct mbuf *ip6e_dest2;
132 };
133
134 static MALLOC_DEFINE(M_IP6OPT, "ip6opt", "IPv6 options");
135
136 static int ip6_pcbopt(int, u_char *, int, struct ip6_pktopts **,
137 struct ucred *, int);
138 static int ip6_pcbopts(struct ip6_pktopts **, struct mbuf *,
139 struct socket *, struct sockopt *);
140 static int ip6_getpcbopt(struct inpcb *, int, struct sockopt *);
141 static int ip6_setpktopt(int, u_char *, int, struct ip6_pktopts *,
142 struct ucred *, int, int, int);
143
144 static int ip6_copyexthdr(struct mbuf **, caddr_t, int);
145 static int ip6_insertfraghdr(struct mbuf *, struct mbuf *, int,
146 struct ip6_frag **);
147 static int ip6_insert_jumboopt(struct ip6_exthdrs *, u_int32_t);
148 static int ip6_splithdr(struct mbuf *, struct ip6_exthdrs *);
149 static int ip6_getpmtu(struct route_in6 *, int,
150 struct ifnet *, const struct in6_addr *, u_long *, int *, u_int,
151 u_int);
152 static int ip6_calcmtu(struct ifnet *, const struct in6_addr *, u_long,
153 u_long *, int *, u_int);
154 static int ip6_getpmtu_ctl(u_int, const struct in6_addr *, u_long *);
155 static int copypktopts(struct ip6_pktopts *, struct ip6_pktopts *, int);
156
157
158 /*
159 * Make an extension header from option data. hp is the source,
160 * mp is the destination, and _ol is the optlen.
161 */
162 #define MAKE_EXTHDR(hp, mp, _ol) \
163 do { \
164 if (hp) { \
165 struct ip6_ext *eh = (struct ip6_ext *)(hp); \
166 error = ip6_copyexthdr((mp), (caddr_t)(hp), \
167 ((eh)->ip6e_len + 1) << 3); \
168 if (error) \
169 goto freehdrs; \
170 (_ol) += (*(mp))->m_len; \
171 } \
172 } while (/*CONSTCOND*/ 0)
173
174 /*
175 * Form a chain of extension headers.
176 * m is the extension header mbuf
177 * mp is the previous mbuf in the chain
178 * p is the next header
179 * i is the type of option.
180 */
181 #define MAKE_CHAIN(m, mp, p, i)\
182 do {\
183 if (m) {\
184 if (!hdrsplit) \
185 panic("%s:%d: assumption failed: "\
186 "hdr not split: hdrsplit %d exthdrs %p",\
187 __func__, __LINE__, hdrsplit, &exthdrs);\
188 *mtod((m), u_char *) = *(p);\
189 *(p) = (i);\
190 p = mtod((m), u_char *);\
191 (m)->m_next = (mp)->m_next;\
192 (mp)->m_next = (m);\
193 (mp) = (m);\
194 }\
195 } while (/*CONSTCOND*/ 0)
196
197 void
198 in6_delayed_cksum(struct mbuf *m, uint32_t plen, u_short offset)
199 {
200 u_short csum;
201
202 csum = in_cksum_skip(m, offset + plen, offset);
203 if (m->m_pkthdr.csum_flags & CSUM_UDP_IPV6 && csum == 0)
204 csum = 0xffff;
205 offset += m->m_pkthdr.csum_data; /* checksum offset */
206
207 if (offset + sizeof(csum) > m->m_len)
208 m_copyback(m, offset, sizeof(csum), (caddr_t)&csum);
209 else
210 *(u_short *)mtodo(m, offset) = csum;
211 }
212
213 static int
214 ip6_output_delayed_csum(struct mbuf *m, struct ifnet *ifp, int csum_flags,
215 int plen, int optlen, bool frag __unused)
216 {
217
218 KASSERT((plen >= optlen), ("%s:%d: plen %d < optlen %d, m %p, ifp %p "
219 "csum_flags %#x frag %d\n",
220 __func__, __LINE__, plen, optlen, m, ifp, csum_flags, frag));
221
222 if ((csum_flags & CSUM_DELAY_DATA_IPV6) ||
223 #if defined(SCTP) || defined(SCTP_SUPPORT)
224 (csum_flags & CSUM_SCTP_IPV6) ||
225 #endif
226 false) {
227 if (csum_flags & CSUM_DELAY_DATA_IPV6) {
228 in6_delayed_cksum(m, plen - optlen,
229 sizeof(struct ip6_hdr) + optlen);
230 m->m_pkthdr.csum_flags &= ~CSUM_DELAY_DATA_IPV6;
231 }
232 #if defined(SCTP) || defined(SCTP_SUPPORT)
233 if (csum_flags & CSUM_SCTP_IPV6) {
234 sctp_delayed_cksum(m, sizeof(struct ip6_hdr) + optlen);
235 m->m_pkthdr.csum_flags &= ~CSUM_SCTP_IPV6;
236 }
237 #endif
238 }
239
240 return (0);
241 }
242
243 int
244 ip6_fragment(struct ifnet *ifp, struct mbuf *m0, int hlen, u_char nextproto,
245 int fraglen , uint32_t id)
246 {
247 struct mbuf *m, **mnext, *m_frgpart;
248 struct ip6_hdr *ip6, *mhip6;
249 struct ip6_frag *ip6f;
250 int off;
251 int error;
252 int tlen = m0->m_pkthdr.len;
253
254 KASSERT((fraglen % 8 == 0), ("Fragment length must be a multiple of 8"));
255
256 m = m0;
257 ip6 = mtod(m, struct ip6_hdr *);
258 mnext = &m->m_nextpkt;
259
260 for (off = hlen; off < tlen; off += fraglen) {
261 m = m_gethdr(M_NOWAIT, MT_DATA);
262 if (!m) {
263 IP6STAT_INC(ip6s_odropped);
264 return (ENOBUFS);
265 }
266
267 /*
268 * Make sure the complete packet header gets copied
269 * from the originating mbuf to the newly created
270 * mbuf. This also ensures that existing firewall
271 * classification(s), VLAN tags and so on get copied
272 * to the resulting fragmented packet(s):
273 */
274 if (m_dup_pkthdr(m, m0, M_NOWAIT) == 0) {
275 m_free(m);
276 IP6STAT_INC(ip6s_odropped);
277 return (ENOBUFS);
278 }
279
280 *mnext = m;
281 mnext = &m->m_nextpkt;
282 m->m_data += max_linkhdr;
283 mhip6 = mtod(m, struct ip6_hdr *);
284 *mhip6 = *ip6;
285 m->m_len = sizeof(*mhip6);
286 error = ip6_insertfraghdr(m0, m, hlen, &ip6f);
287 if (error) {
288 IP6STAT_INC(ip6s_odropped);
289 return (error);
290 }
291 ip6f->ip6f_offlg = htons((u_short)((off - hlen) & ~7));
292 if (off + fraglen >= tlen)
293 fraglen = tlen - off;
294 else
295 ip6f->ip6f_offlg |= IP6F_MORE_FRAG;
296 mhip6->ip6_plen = htons((u_short)(fraglen + hlen +
297 sizeof(*ip6f) - sizeof(struct ip6_hdr)));
298 if ((m_frgpart = m_copym(m0, off, fraglen, M_NOWAIT)) == NULL) {
299 IP6STAT_INC(ip6s_odropped);
300 return (ENOBUFS);
301 }
302 m_cat(m, m_frgpart);
303 m->m_pkthdr.len = fraglen + hlen + sizeof(*ip6f);
304 ip6f->ip6f_reserved = 0;
305 ip6f->ip6f_ident = id;
306 ip6f->ip6f_nxt = nextproto;
307 IP6STAT_INC(ip6s_ofragments);
308 in6_ifstat_inc(ifp, ifs6_out_fragcreat);
309 }
310
311 return (0);
312 }
313
314 /*
315 * IP6 output.
316 * The packet in mbuf chain m contains a skeletal IP6 header (with pri, len,
317 * nxt, hlim, src, dst).
318 * This function may modify ver and hlim only.
319 * The mbuf chain containing the packet will be freed.
320 * The mbuf opt, if present, will not be freed.
321 * If route_in6 ro is present and has ro_rt initialized, route lookup would be
322 * skipped and ro->ro_rt would be used. If ro is present but ro->ro_rt is NULL,
323 * then result of route lookup is stored in ro->ro_rt.
324 *
325 * Type of "mtu": rt_mtu is u_long, ifnet.ifr_mtu is int, and nd_ifinfo.linkmtu
326 * is uint32_t. So we use u_long to hold largest one, which is rt_mtu.
327 *
328 * ifpp - XXX: just for statistics
329 */
330 /*
331 * XXX TODO: no flowid is assigned for outbound flows?
332 */
333 int
334 ip6_output(struct mbuf *m0, struct ip6_pktopts *opt,
335 struct route_in6 *ro, int flags, struct ip6_moptions *im6o,
336 struct ifnet **ifpp, struct inpcb *inp)
337 {
338 struct ip6_hdr *ip6;
339 struct ifnet *ifp, *origifp;
340 struct mbuf *m = m0;
341 struct mbuf *mprev;
342 int tlen, len;
343 struct route_in6 ip6route;
344 struct rtentry *rt = NULL;
345 struct sockaddr_in6 *dst, src_sa, dst_sa;
346 struct in6_addr odst;
347 u_char *nexthdrp;
348 int error = 0;
349 int vlan_pcp = -1;
350 struct in6_ifaddr *ia = NULL;
351 u_long mtu;
352 int alwaysfrag, dontfrag;
353 u_int32_t optlen, plen = 0, unfragpartlen;
354 struct ip6_exthdrs exthdrs;
355 struct in6_addr src0, dst0;
356 u_int32_t zone;
357 struct route_in6 *ro_pmtu = NULL;
358 bool hdrsplit;
359 int sw_csum, tso;
360 int needfiblookup;
361 uint32_t fibnum;
362 struct m_tag *fwd_tag = NULL;
363 uint32_t id;
364
365 if (inp != NULL) {
366 INP_LOCK_ASSERT(inp);
367 M_SETFIB(m, inp->inp_inc.inc_fibnum);
368 if ((flags & IP_NODEFAULTFLOWID) == 0) {
369 /* Unconditionally set flowid. */
370 m->m_pkthdr.flowid = inp->inp_flowid;
371 M_HASHTYPE_SET(m, inp->inp_flowtype);
372 }
373 if ((inp->inp_flags2 & INP_2PCP_SET) != 0)
374 vlan_pcp = (inp->inp_flags2 & INP_2PCP_MASK) >>
375 INP_2PCP_SHIFT;
376 }
377
378 #if defined(IPSEC) || defined(IPSEC_SUPPORT)
379 /*
380 * IPSec checking which handles several cases.
381 * FAST IPSEC: We re-injected the packet.
382 * XXX: need scope argument.
383 */
384 if (IPSEC_ENABLED(ipv6)) {
385 if ((error = IPSEC_OUTPUT(ipv6, m, inp)) != 0) {
386 if (error == EINPROGRESS)
387 error = 0;
388 goto done;
389 }
390 }
391 #endif /* IPSEC */
392
393 /* Source address validation. */
394 ip6 = mtod(m, struct ip6_hdr *);
395 if (IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_src) &&
396 (flags & IPV6_UNSPECSRC) == 0) {
397 error = EOPNOTSUPP;
398 IP6STAT_INC(ip6s_badscope);
399 goto bad;
400 }
401 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_src)) {
402 error = EOPNOTSUPP;
403 IP6STAT_INC(ip6s_badscope);
404 goto bad;
405 }
406
407 /*
408 * If we are given packet options to add extension headers prepare them.
409 * Calculate the total length of the extension header chain.
410 * Keep the length of the unfragmentable part for fragmentation.
411 */
412 bzero(&exthdrs, sizeof(exthdrs));
413 optlen = 0;
414 unfragpartlen = sizeof(struct ip6_hdr);
415 if (opt) {
416 /* Hop-by-Hop options header. */
417 MAKE_EXTHDR(opt->ip6po_hbh, &exthdrs.ip6e_hbh, optlen);
418
419 /* Destination options header (1st part). */
420 if (opt->ip6po_rthdr) {
421 #ifndef RTHDR_SUPPORT_IMPLEMENTED
422 /*
423 * If there is a routing header, discard the packet
424 * right away here. RH0/1 are obsolete and we do not
425 * currently support RH2/3/4.
426 * People trying to use RH253/254 may want to disable
427 * this check.
428 * The moment we do support any routing header (again)
429 * this block should check the routing type more
430 * selectively.
431 */
432 error = EINVAL;
433 goto bad;
434 #endif
435
436 /*
437 * Destination options header (1st part).
438 * This only makes sense with a routing header.
439 * See Section 9.2 of RFC 3542.
440 * Disabling this part just for MIP6 convenience is
441 * a bad idea. We need to think carefully about a
442 * way to make the advanced API coexist with MIP6
443 * options, which might automatically be inserted in
444 * the kernel.
445 */
446 MAKE_EXTHDR(opt->ip6po_dest1, &exthdrs.ip6e_dest1,
447 optlen);
448 }
449 /* Routing header. */
450 MAKE_EXTHDR(opt->ip6po_rthdr, &exthdrs.ip6e_rthdr, optlen);
451
452 unfragpartlen += optlen;
453
454 /*
455 * NOTE: we don't add AH/ESP length here (done in
456 * ip6_ipsec_output()).
457 */
458
459 /* Destination options header (2nd part). */
460 MAKE_EXTHDR(opt->ip6po_dest2, &exthdrs.ip6e_dest2, optlen);
461 }
462
463 /*
464 * If there is at least one extension header,
465 * separate IP6 header from the payload.
466 */
467 hdrsplit = false;
468 if (optlen) {
469 if ((error = ip6_splithdr(m, &exthdrs)) != 0) {
470 m = NULL;
471 goto freehdrs;
472 }
473 m = exthdrs.ip6e_ip6;
474 ip6 = mtod(m, struct ip6_hdr *);
475 hdrsplit = true;
476 }
477
478 /* Adjust mbuf packet header length. */
479 m->m_pkthdr.len += optlen;
480 plen = m->m_pkthdr.len - sizeof(*ip6);
481
482 /* If this is a jumbo payload, insert a jumbo payload option. */
483 if (plen > IPV6_MAXPACKET) {
484 if (!hdrsplit) {
485 if ((error = ip6_splithdr(m, &exthdrs)) != 0) {
486 m = NULL;
487 goto freehdrs;
488 }
489 m = exthdrs.ip6e_ip6;
490 ip6 = mtod(m, struct ip6_hdr *);
491 hdrsplit = true;
492 }
493 if ((error = ip6_insert_jumboopt(&exthdrs, plen)) != 0)
494 goto freehdrs;
495 ip6->ip6_plen = 0;
496 } else
497 ip6->ip6_plen = htons(plen);
498 nexthdrp = &ip6->ip6_nxt;
499
500 if (optlen) {
501 /*
502 * Concatenate headers and fill in next header fields.
503 * Here we have, on "m"
504 * IPv6 payload
505 * and we insert headers accordingly.
506 * Finally, we should be getting:
507 * IPv6 hbh dest1 rthdr ah* [esp* dest2 payload].
508 *
509 * During the header composing process "m" points to IPv6
510 * header. "mprev" points to an extension header prior to esp.
511 */
512 mprev = m;
513
514 /*
515 * We treat dest2 specially. This makes IPsec processing
516 * much easier. The goal here is to make mprev point the
517 * mbuf prior to dest2.
518 *
519 * Result: IPv6 dest2 payload.
520 * m and mprev will point to IPv6 header.
521 */
522 if (exthdrs.ip6e_dest2) {
523 if (!hdrsplit)
524 panic("%s:%d: assumption failed: "
525 "hdr not split: hdrsplit %d exthdrs %p",
526 __func__, __LINE__, hdrsplit, &exthdrs);
527 exthdrs.ip6e_dest2->m_next = m->m_next;
528 m->m_next = exthdrs.ip6e_dest2;
529 *mtod(exthdrs.ip6e_dest2, u_char *) = ip6->ip6_nxt;
530 ip6->ip6_nxt = IPPROTO_DSTOPTS;
531 }
532
533 /*
534 * Result: IPv6 hbh dest1 rthdr dest2 payload.
535 * m will point to IPv6 header. mprev will point to the
536 * extension header prior to dest2 (rthdr in the above case).
537 */
538 MAKE_CHAIN(exthdrs.ip6e_hbh, mprev, nexthdrp, IPPROTO_HOPOPTS);
539 MAKE_CHAIN(exthdrs.ip6e_dest1, mprev, nexthdrp,
540 IPPROTO_DSTOPTS);
541 MAKE_CHAIN(exthdrs.ip6e_rthdr, mprev, nexthdrp,
542 IPPROTO_ROUTING);
543 }
544
545 IP6STAT_INC(ip6s_localout);
546
547 /* Route packet. */
548 if (ro == NULL) {
549 ro = &ip6route;
550 bzero((caddr_t)ro, sizeof(*ro));
551 }
552 ro_pmtu = ro;
553 if (opt && opt->ip6po_rthdr)
554 ro = &opt->ip6po_route;
555 dst = (struct sockaddr_in6 *)&ro->ro_dst;
556 fibnum = (inp != NULL) ? inp->inp_inc.inc_fibnum : M_GETFIB(m);
557 again:
558 /*
559 * If specified, try to fill in the traffic class field.
560 * Do not override if a non-zero value is already set.
561 * We check the diffserv field and the ECN field separately.
562 */
563 if (opt && opt->ip6po_tclass >= 0) {
564 int mask = 0;
565
566 if ((ip6->ip6_flow & htonl(0xfc << 20)) == 0)
567 mask |= 0xfc;
568 if ((ip6->ip6_flow & htonl(0x03 << 20)) == 0)
569 mask |= 0x03;
570 if (mask != 0)
571 ip6->ip6_flow |= htonl((opt->ip6po_tclass & mask) << 20);
572 }
573
574 /* Fill in or override the hop limit field, if necessary. */
575 if (opt && opt->ip6po_hlim != -1)
576 ip6->ip6_hlim = opt->ip6po_hlim & 0xff;
577 else if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
578 if (im6o != NULL)
579 ip6->ip6_hlim = im6o->im6o_multicast_hlim;
580 else
581 ip6->ip6_hlim = V_ip6_defmcasthlim;
582 }
583 /*
584 * Validate route against routing table additions;
585 * a better/more specific route might have been added.
586 * Make sure that the address family is set in route.
587 */
588 if (inp) {
589 ro->ro_dst.sin6_family = AF_INET6;
590 RT_VALIDATE((struct route *)ro, &inp->inp_rt_cookie, fibnum);
591 }
592 if (ro->ro_rt && fwd_tag == NULL && (ro->ro_rt->rt_flags & RTF_UP) &&
593 ro->ro_dst.sin6_family == AF_INET6 &&
594 IN6_ARE_ADDR_EQUAL(&ro->ro_dst.sin6_addr, &ip6->ip6_dst)) {
595 rt = ro->ro_rt;
596 ifp = ro->ro_rt->rt_ifp;
597 } else {
598 if (ro->ro_lle)
599 LLE_FREE(ro->ro_lle); /* zeros ro_lle */
600 ro->ro_lle = NULL;
601 if (fwd_tag == NULL) {
602 bzero(&dst_sa, sizeof(dst_sa));
603 dst_sa.sin6_family = AF_INET6;
604 dst_sa.sin6_len = sizeof(dst_sa);
605 dst_sa.sin6_addr = ip6->ip6_dst;
606 }
607 error = in6_selectroute_fib(&dst_sa, opt, im6o, ro, &ifp,
608 &rt, fibnum);
609 if (error != 0) {
610 if (ifp != NULL)
611 in6_ifstat_inc(ifp, ifs6_out_discard);
612 goto bad;
613 }
614 }
615 if (rt == NULL) {
616 /*
617 * If in6_selectroute() does not return a route entry
618 * dst may not have been updated.
619 */
620 *dst = dst_sa; /* XXX */
621 }
622
623 /* Then rt (for unicast) and ifp must be non-NULL valid values. */
624 if ((flags & IPV6_FORWARDING) == 0) {
625 /* XXX: the FORWARDING flag can be set for mrouting. */
626 in6_ifstat_inc(ifp, ifs6_out_request);
627 }
628 if (rt != NULL) {
629 ia = (struct in6_ifaddr *)(rt->rt_ifa);
630 counter_u64_add(rt->rt_pksent, 1);
631 }
632
633 /* Setup data structures for scope ID checks. */
634 src0 = ip6->ip6_src;
635 bzero(&src_sa, sizeof(src_sa));
636 src_sa.sin6_family = AF_INET6;
637 src_sa.sin6_len = sizeof(src_sa);
638 src_sa.sin6_addr = ip6->ip6_src;
639
640 dst0 = ip6->ip6_dst;
641 /* Re-initialize to be sure. */
642 bzero(&dst_sa, sizeof(dst_sa));
643 dst_sa.sin6_family = AF_INET6;
644 dst_sa.sin6_len = sizeof(dst_sa);
645 dst_sa.sin6_addr = ip6->ip6_dst;
646
647 /* Check for valid scope ID. */
648 if (in6_setscope(&src0, ifp, &zone) == 0 &&
649 sa6_recoverscope(&src_sa) == 0 && zone == src_sa.sin6_scope_id &&
650 in6_setscope(&dst0, ifp, &zone) == 0 &&
651 sa6_recoverscope(&dst_sa) == 0 && zone == dst_sa.sin6_scope_id) {
652 /*
653 * The outgoing interface is in the zone of the source
654 * and destination addresses.
655 *
656 * Because the loopback interface cannot receive
657 * packets with a different scope ID than its own,
658 * there is a trick to pretend the outgoing packet
659 * was received by the real network interface, by
660 * setting "origifp" different from "ifp". This is
661 * only allowed when "ifp" is a loopback network
662 * interface. Refer to code in nd6_output_ifp() for
663 * more details.
664 */
665 origifp = ifp;
666
667 /*
668 * We should use ia_ifp to support the case of sending
669 * packets to an address of our own.
670 */
671 if (ia != NULL && ia->ia_ifp)
672 ifp = ia->ia_ifp;
673
674 } else if ((ifp->if_flags & IFF_LOOPBACK) == 0 ||
675 sa6_recoverscope(&src_sa) != 0 ||
676 sa6_recoverscope(&dst_sa) != 0 ||
677 dst_sa.sin6_scope_id == 0 ||
678 (src_sa.sin6_scope_id != 0 &&
679 src_sa.sin6_scope_id != dst_sa.sin6_scope_id) ||
680 (origifp = ifnet_byindex(dst_sa.sin6_scope_id)) == NULL) {
681 /*
682 * If the destination network interface is not a
683 * loopback interface, or the destination network
684 * address has no scope ID, or the source address has
685 * a scope ID set which is different from the
686 * destination address one, or there is no network
687 * interface representing this scope ID, the address
688 * pair is considered invalid.
689 */
690 IP6STAT_INC(ip6s_badscope);
691 in6_ifstat_inc(ifp, ifs6_out_discard);
692 if (error == 0)
693 error = EHOSTUNREACH; /* XXX */
694 goto bad;
695 }
696 /* All scope ID checks are successful. */
697
698 if (rt && !IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
699 if (opt && opt->ip6po_nextroute.ro_rt) {
700 /*
701 * The nexthop is explicitly specified by the
702 * application. We assume the next hop is an IPv6
703 * address.
704 */
705 dst = (struct sockaddr_in6 *)opt->ip6po_nexthop;
706 }
707 else if ((rt->rt_flags & RTF_GATEWAY))
708 dst = (struct sockaddr_in6 *)rt->rt_gateway;
709 }
710
711 if (!IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
712 m->m_flags &= ~(M_BCAST | M_MCAST); /* Just in case. */
713 } else {
714 m->m_flags = (m->m_flags & ~M_BCAST) | M_MCAST;
715 in6_ifstat_inc(ifp, ifs6_out_mcast);
716
717 /* Confirm that the outgoing interface supports multicast. */
718 if (!(ifp->if_flags & IFF_MULTICAST)) {
719 IP6STAT_INC(ip6s_noroute);
720 in6_ifstat_inc(ifp, ifs6_out_discard);
721 error = ENETUNREACH;
722 goto bad;
723 }
724 if ((im6o == NULL && in6_mcast_loop) ||
725 (im6o && im6o->im6o_multicast_loop)) {
726 /*
727 * Loop back multicast datagram if not expressly
728 * forbidden to do so, even if we have not joined
729 * the address; protocols will filter it later,
730 * thus deferring a hash lookup and lock acquisition
731 * at the expense of an m_copym().
732 */
733 ip6_mloopback(ifp, m);
734 } else {
735 /*
736 * If we are acting as a multicast router, perform
737 * multicast forwarding as if the packet had just
738 * arrived on the interface to which we are about
739 * to send. The multicast forwarding function
740 * recursively calls this function, using the
741 * IPV6_FORWARDING flag to prevent infinite recursion.
742 *
743 * Multicasts that are looped back by ip6_mloopback(),
744 * above, will be forwarded by the ip6_input() routine,
745 * if necessary.
746 */
747 if (V_ip6_mrouter && (flags & IPV6_FORWARDING) == 0) {
748 /*
749 * XXX: ip6_mforward expects that rcvif is NULL
750 * when it is called from the originating path.
751 * However, it may not always be the case.
752 */
753 m->m_pkthdr.rcvif = NULL;
754 if (ip6_mforward(ip6, ifp, m) != 0) {
755 m_freem(m);
756 goto done;
757 }
758 }
759 }
760 /*
761 * Multicasts with a hoplimit of zero may be looped back,
762 * above, but must not be transmitted on a network.
763 * Also, multicasts addressed to the loopback interface
764 * are not sent -- the above call to ip6_mloopback() will
765 * loop back a copy if this host actually belongs to the
766 * destination group on the loopback interface.
767 */
768 if (ip6->ip6_hlim == 0 || (ifp->if_flags & IFF_LOOPBACK) ||
769 IN6_IS_ADDR_MC_INTFACELOCAL(&ip6->ip6_dst)) {
770 m_freem(m);
771 goto done;
772 }
773 }
774
775 /*
776 * Fill the outgoing inteface to tell the upper layer
777 * to increment per-interface statistics.
778 */
779 if (ifpp)
780 *ifpp = ifp;
781
782 /* Determine path MTU. */
783 if ((error = ip6_getpmtu(ro_pmtu, ro != ro_pmtu, ifp, &ip6->ip6_dst,
784 &mtu, &alwaysfrag, fibnum, *nexthdrp)) != 0)
785 goto bad;
786
787 /*
788 * The caller of this function may specify to use the minimum MTU
789 * in some cases.
790 * An advanced API option (IPV6_USE_MIN_MTU) can also override MTU
791 * setting. The logic is a bit complicated; by default, unicast
792 * packets will follow path MTU while multicast packets will be sent at
793 * the minimum MTU. If IP6PO_MINMTU_ALL is specified, all packets
794 * including unicast ones will be sent at the minimum MTU. Multicast
795 * packets will always be sent at the minimum MTU unless
796 * IP6PO_MINMTU_DISABLE is explicitly specified.
797 * See RFC 3542 for more details.
798 */
799 if (mtu > IPV6_MMTU) {
800 if ((flags & IPV6_MINMTU))
801 mtu = IPV6_MMTU;
802 else if (opt && opt->ip6po_minmtu == IP6PO_MINMTU_ALL)
803 mtu = IPV6_MMTU;
804 else if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) &&
805 (opt == NULL ||
806 opt->ip6po_minmtu != IP6PO_MINMTU_DISABLE)) {
807 mtu = IPV6_MMTU;
808 }
809 }
810
811 /*
812 * Clear embedded scope identifiers if necessary.
813 * in6_clearscope() will touch the addresses only when necessary.
814 */
815 in6_clearscope(&ip6->ip6_src);
816 in6_clearscope(&ip6->ip6_dst);
817
818 /*
819 * If the outgoing packet contains a hop-by-hop options header,
820 * it must be examined and processed even by the source node.
821 * (RFC 2460, section 4.)
822 */
823 if (exthdrs.ip6e_hbh) {
824 struct ip6_hbh *hbh = mtod(exthdrs.ip6e_hbh, struct ip6_hbh *);
825 u_int32_t dummy; /* XXX unused */
826 u_int32_t plen = 0; /* XXX: ip6_process will check the value */
827
828 #ifdef DIAGNOSTIC
829 if ((hbh->ip6h_len + 1) << 3 > exthdrs.ip6e_hbh->m_len)
830 panic("ip6e_hbh is not contiguous");
831 #endif
832 /*
833 * XXX: if we have to send an ICMPv6 error to the sender,
834 * we need the M_LOOP flag since icmp6_error() expects
835 * the IPv6 and the hop-by-hop options header are
836 * contiguous unless the flag is set.
837 */
838 m->m_flags |= M_LOOP;
839 m->m_pkthdr.rcvif = ifp;
840 if (ip6_process_hopopts(m, (u_int8_t *)(hbh + 1),
841 ((hbh->ip6h_len + 1) << 3) - sizeof(struct ip6_hbh),
842 &dummy, &plen) < 0) {
843 /* m was already freed at this point. */
844 error = EINVAL;/* better error? */
845 goto done;
846 }
847 m->m_flags &= ~M_LOOP; /* XXX */
848 m->m_pkthdr.rcvif = NULL;
849 }
850
851 /* Jump over all PFIL processing if hooks are not active. */
852 if (!PFIL_HOOKED(&V_inet6_pfil_hook))
853 goto passout;
854
855 odst = ip6->ip6_dst;
856 /* Run through list of hooks for output packets. */
857 error = pfil_run_hooks(&V_inet6_pfil_hook, &m, ifp, PFIL_OUT, 0, inp);
858 if (error != 0 || m == NULL)
859 goto done;
860 /* adjust pointer */
861 ip6 = mtod(m, struct ip6_hdr *);
862
863 needfiblookup = 0;
864 /* See if destination IP address was changed by packet filter. */
865 if (!IN6_ARE_ADDR_EQUAL(&odst, &ip6->ip6_dst)) {
866 m->m_flags |= M_SKIP_FIREWALL;
867 /* If destination is now ourself drop to ip6_input(). */
868 if (in6_localip(&ip6->ip6_dst)) {
869 m->m_flags |= M_FASTFWD_OURS;
870 if (m->m_pkthdr.rcvif == NULL)
871 m->m_pkthdr.rcvif = V_loif;
872 if (m->m_pkthdr.csum_flags & CSUM_DELAY_DATA_IPV6) {
873 m->m_pkthdr.csum_flags |=
874 CSUM_DATA_VALID_IPV6 | CSUM_PSEUDO_HDR;
875 m->m_pkthdr.csum_data = 0xffff;
876 }
877 #if defined(SCTP) || defined(SCTP_SUPPORT)
878 if (m->m_pkthdr.csum_flags & CSUM_SCTP_IPV6)
879 m->m_pkthdr.csum_flags |= CSUM_SCTP_VALID;
880 #endif
881 error = netisr_queue(NETISR_IPV6, m);
882 goto done;
883 } else {
884 RO_INVALIDATE_CACHE(ro);
885 needfiblookup = 1; /* Redo the routing table lookup. */
886 }
887 }
888 /* See if fib was changed by packet filter. */
889 if (fibnum != M_GETFIB(m)) {
890 m->m_flags |= M_SKIP_FIREWALL;
891 fibnum = M_GETFIB(m);
892 RO_INVALIDATE_CACHE(ro);
893 needfiblookup = 1;
894 }
895 if (needfiblookup)
896 goto again;
897
898 /* See if local, if yes, send it to netisr. */
899 if (m->m_flags & M_FASTFWD_OURS) {
900 if (m->m_pkthdr.rcvif == NULL)
901 m->m_pkthdr.rcvif = V_loif;
902 if (m->m_pkthdr.csum_flags & CSUM_DELAY_DATA_IPV6) {
903 m->m_pkthdr.csum_flags |=
904 CSUM_DATA_VALID_IPV6 | CSUM_PSEUDO_HDR;
905 m->m_pkthdr.csum_data = 0xffff;
906 }
907 #if defined(SCTP) || defined(SCTP_SUPPORT)
908 if (m->m_pkthdr.csum_flags & CSUM_SCTP_IPV6)
909 m->m_pkthdr.csum_flags |= CSUM_SCTP_VALID;
910 #endif
911 error = netisr_queue(NETISR_IPV6, m);
912 goto done;
913 }
914 /* Or forward to some other address? */
915 if ((m->m_flags & M_IP6_NEXTHOP) &&
916 (fwd_tag = m_tag_find(m, PACKET_TAG_IPFORWARD, NULL)) != NULL) {
917 dst = (struct sockaddr_in6 *)&ro->ro_dst;
918 bcopy((fwd_tag+1), &dst_sa, sizeof(struct sockaddr_in6));
919 m->m_flags |= M_SKIP_FIREWALL;
920 m->m_flags &= ~M_IP6_NEXTHOP;
921 m_tag_delete(m, fwd_tag);
922 goto again;
923 }
924
925 passout:
926 if (vlan_pcp > -1)
927 EVL_APPLY_PRI(m, vlan_pcp);
928 /*
929 * Send the packet to the outgoing interface.
930 * If necessary, do IPv6 fragmentation before sending.
931 *
932 * The logic here is rather complex:
933 * 1: normal case (dontfrag == 0, alwaysfrag == 0)
934 * 1-a: send as is if tlen <= path mtu
935 * 1-b: fragment if tlen > path mtu
936 *
937 * 2: if user asks us not to fragment (dontfrag == 1)
938 * 2-a: send as is if tlen <= interface mtu
939 * 2-b: error if tlen > interface mtu
940 *
941 * 3: if we always need to attach fragment header (alwaysfrag == 1)
942 * always fragment
943 *
944 * 4: if dontfrag == 1 && alwaysfrag == 1
945 * error, as we cannot handle this conflicting request.
946 */
947 sw_csum = m->m_pkthdr.csum_flags;
948 if (!hdrsplit) {
949 tso = ((sw_csum & ifp->if_hwassist & CSUM_TSO) != 0) ? 1 : 0;
950 sw_csum &= ~ifp->if_hwassist;
951 } else
952 tso = 0;
953 /*
954 * If we added extension headers, we will not do TSO and calculate the
955 * checksums ourselves for now.
956 * XXX-BZ Need a framework to know when the NIC can handle it, even
957 * with ext. hdrs.
958 */
959 error = ip6_output_delayed_csum(m, ifp, sw_csum, plen, optlen, false);
960 if (error != 0)
961 goto bad;
962 /* XXX-BZ m->m_pkthdr.csum_flags &= ~ifp->if_hwassist; */
963 tlen = m->m_pkthdr.len;
964
965 if ((opt && (opt->ip6po_flags & IP6PO_DONTFRAG)) || tso)
966 dontfrag = 1;
967 else
968 dontfrag = 0;
969 if (dontfrag && alwaysfrag) { /* Case 4. */
970 /* Conflicting request - can't transmit. */
971 error = EMSGSIZE;
972 goto bad;
973 }
974 if (dontfrag && tlen > IN6_LINKMTU(ifp) && !tso) { /* Case 2-b. */
975 /*
976 * Even if the DONTFRAG option is specified, we cannot send the
977 * packet when the data length is larger than the MTU of the
978 * outgoing interface.
979 * Notify the error by sending IPV6_PATHMTU ancillary data if
980 * application wanted to know the MTU value. Also return an
981 * error code (this is not described in the API spec).
982 */
983 if (inp != NULL)
984 ip6_notify_pmtu(inp, &dst_sa, (u_int32_t)mtu);
985 error = EMSGSIZE;
986 goto bad;
987 }
988
989 /* Transmit packet without fragmentation. */
990 if (dontfrag || (!alwaysfrag && tlen <= mtu)) { /* Cases 1-a and 2-a. */
991 struct in6_ifaddr *ia6;
992
993 ip6 = mtod(m, struct ip6_hdr *);
994 ia6 = in6_ifawithifp(ifp, &ip6->ip6_src);
995 if (ia6) {
996 /* Record statistics for this interface address. */
997 counter_u64_add(ia6->ia_ifa.ifa_opackets, 1);
998 counter_u64_add(ia6->ia_ifa.ifa_obytes,
999 m->m_pkthdr.len);
1000 ifa_free(&ia6->ia_ifa);
1001 }
1002 #ifdef RATELIMIT
1003 if (inp != NULL) {
1004 if (inp->inp_flags2 & INP_RATE_LIMIT_CHANGED)
1005 in_pcboutput_txrtlmt(inp, ifp, m);
1006 /* stamp send tag on mbuf */
1007 m->m_pkthdr.snd_tag = inp->inp_snd_tag;
1008 m->m_pkthdr.csum_flags |= CSUM_SND_TAG;
1009 } else {
1010 m->m_pkthdr.snd_tag = NULL;
1011 }
1012 #endif
1013 error = nd6_output_ifp(ifp, origifp, m, dst,
1014 (struct route *)ro);
1015 #ifdef RATELIMIT
1016 /* check for route change */
1017 if (error == EAGAIN)
1018 in_pcboutput_eagain(inp);
1019 #endif
1020 goto done;
1021 }
1022
1023 /* Try to fragment the packet. Cases 1-b and 3. */
1024 if (mtu < IPV6_MMTU) {
1025 /* Path MTU cannot be less than IPV6_MMTU. */
1026 error = EMSGSIZE;
1027 in6_ifstat_inc(ifp, ifs6_out_fragfail);
1028 goto bad;
1029 } else if (ip6->ip6_plen == 0) {
1030 /* Jumbo payload cannot be fragmented. */
1031 error = EMSGSIZE;
1032 in6_ifstat_inc(ifp, ifs6_out_fragfail);
1033 goto bad;
1034 } else {
1035 u_char nextproto;
1036
1037 /*
1038 * Too large for the destination or interface;
1039 * fragment if possible.
1040 * Must be able to put at least 8 bytes per fragment.
1041 */
1042 if (mtu > IPV6_MAXPACKET)
1043 mtu = IPV6_MAXPACKET;
1044
1045 len = (mtu - unfragpartlen - sizeof(struct ip6_frag)) & ~7;
1046 if (len < 8) {
1047 error = EMSGSIZE;
1048 in6_ifstat_inc(ifp, ifs6_out_fragfail);
1049 goto bad;
1050 }
1051
1052 /*
1053 * If the interface will not calculate checksums on
1054 * fragmented packets, then do it here.
1055 * XXX-BZ handle the hw offloading case. Need flags.
1056 */
1057 error = ip6_output_delayed_csum(m, ifp, m->m_pkthdr.csum_flags,
1058 plen, optlen, true);
1059 if (error != 0)
1060 goto bad;
1061
1062 /*
1063 * Change the next header field of the last header in the
1064 * unfragmentable part.
1065 */
1066 if (exthdrs.ip6e_rthdr) {
1067 nextproto = *mtod(exthdrs.ip6e_rthdr, u_char *);
1068 *mtod(exthdrs.ip6e_rthdr, u_char *) = IPPROTO_FRAGMENT;
1069 } else if (exthdrs.ip6e_dest1) {
1070 nextproto = *mtod(exthdrs.ip6e_dest1, u_char *);
1071 *mtod(exthdrs.ip6e_dest1, u_char *) = IPPROTO_FRAGMENT;
1072 } else if (exthdrs.ip6e_hbh) {
1073 nextproto = *mtod(exthdrs.ip6e_hbh, u_char *);
1074 *mtod(exthdrs.ip6e_hbh, u_char *) = IPPROTO_FRAGMENT;
1075 } else {
1076 ip6 = mtod(m, struct ip6_hdr *);
1077 nextproto = ip6->ip6_nxt;
1078 ip6->ip6_nxt = IPPROTO_FRAGMENT;
1079 }
1080
1081 /*
1082 * Loop through length of segment after first fragment,
1083 * make new header and copy data of each part and link onto
1084 * chain.
1085 */
1086 m0 = m;
1087 id = htonl(ip6_randomid());
1088 error = ip6_fragment(ifp, m, unfragpartlen, nextproto,len, id);
1089 if (error != 0)
1090 goto sendorfree;
1091
1092 in6_ifstat_inc(ifp, ifs6_out_fragok);
1093 }
1094
1095 /* Remove leading garbage. */
1096 sendorfree:
1097 m = m0->m_nextpkt;
1098 m0->m_nextpkt = 0;
1099 m_freem(m0);
1100 for (; m; m = m0) {
1101 m0 = m->m_nextpkt;
1102 m->m_nextpkt = 0;
1103 if (error == 0) {
1104 /* Record statistics for this interface address. */
1105 if (ia) {
1106 counter_u64_add(ia->ia_ifa.ifa_opackets, 1);
1107 counter_u64_add(ia->ia_ifa.ifa_obytes,
1108 m->m_pkthdr.len);
1109 }
1110 #ifdef RATELIMIT
1111 if (inp != NULL) {
1112 if (inp->inp_flags2 & INP_RATE_LIMIT_CHANGED)
1113 in_pcboutput_txrtlmt(inp, ifp, m);
1114 /* stamp send tag on mbuf */
1115 m->m_pkthdr.snd_tag = inp->inp_snd_tag;
1116 m->m_pkthdr.csum_flags |= CSUM_SND_TAG;
1117 } else {
1118 m->m_pkthdr.snd_tag = NULL;
1119 }
1120 #endif
1121 if (vlan_pcp > -1)
1122 EVL_APPLY_PRI(m, vlan_pcp);
1123 error = nd6_output_ifp(ifp, origifp, m, dst,
1124 (struct route *)ro);
1125 #ifdef RATELIMIT
1126 /* check for route change */
1127 if (error == EAGAIN)
1128 in_pcboutput_eagain(inp);
1129 #endif
1130 } else
1131 m_freem(m);
1132 }
1133
1134 if (error == 0)
1135 IP6STAT_INC(ip6s_fragmented);
1136
1137 done:
1138 if (ro == &ip6route)
1139 RO_RTFREE(ro);
1140 return (error);
1141
1142 freehdrs:
1143 m_freem(exthdrs.ip6e_hbh); /* m_freem() checks if mbuf is NULL. */
1144 m_freem(exthdrs.ip6e_dest1);
1145 m_freem(exthdrs.ip6e_rthdr);
1146 m_freem(exthdrs.ip6e_dest2);
1147 /* FALLTHROUGH */
1148 bad:
1149 if (m)
1150 m_freem(m);
1151 goto done;
1152 }
1153
1154 static int
1155 ip6_copyexthdr(struct mbuf **mp, caddr_t hdr, int hlen)
1156 {
1157 struct mbuf *m;
1158
1159 if (hlen > MCLBYTES)
1160 return (ENOBUFS); /* XXX */
1161
1162 if (hlen > MLEN)
1163 m = m_getcl(M_NOWAIT, MT_DATA, 0);
1164 else
1165 m = m_get(M_NOWAIT, MT_DATA);
1166 if (m == NULL)
1167 return (ENOBUFS);
1168 m->m_len = hlen;
1169 if (hdr)
1170 bcopy(hdr, mtod(m, caddr_t), hlen);
1171
1172 *mp = m;
1173 return (0);
1174 }
1175
1176 /*
1177 * Insert jumbo payload option.
1178 */
1179 static int
1180 ip6_insert_jumboopt(struct ip6_exthdrs *exthdrs, u_int32_t plen)
1181 {
1182 struct mbuf *mopt;
1183 u_char *optbuf;
1184 u_int32_t v;
1185
1186 #define JUMBOOPTLEN 8 /* length of jumbo payload option and padding */
1187
1188 /*
1189 * If there is no hop-by-hop options header, allocate new one.
1190 * If there is one but it doesn't have enough space to store the
1191 * jumbo payload option, allocate a cluster to store the whole options.
1192 * Otherwise, use it to store the options.
1193 */
1194 if (exthdrs->ip6e_hbh == NULL) {
1195 mopt = m_get(M_NOWAIT, MT_DATA);
1196 if (mopt == NULL)
1197 return (ENOBUFS);
1198 mopt->m_len = JUMBOOPTLEN;
1199 optbuf = mtod(mopt, u_char *);
1200 optbuf[1] = 0; /* = ((JUMBOOPTLEN) >> 3) - 1 */
1201 exthdrs->ip6e_hbh = mopt;
1202 } else {
1203 struct ip6_hbh *hbh;
1204
1205 mopt = exthdrs->ip6e_hbh;
1206 if (M_TRAILINGSPACE(mopt) < JUMBOOPTLEN) {
1207 /*
1208 * XXX assumption:
1209 * - exthdrs->ip6e_hbh is not referenced from places
1210 * other than exthdrs.
1211 * - exthdrs->ip6e_hbh is not an mbuf chain.
1212 */
1213 int oldoptlen = mopt->m_len;
1214 struct mbuf *n;
1215
1216 /*
1217 * XXX: give up if the whole (new) hbh header does
1218 * not fit even in an mbuf cluster.
1219 */
1220 if (oldoptlen + JUMBOOPTLEN > MCLBYTES)
1221 return (ENOBUFS);
1222
1223 /*
1224 * As a consequence, we must always prepare a cluster
1225 * at this point.
1226 */
1227 n = m_getcl(M_NOWAIT, MT_DATA, 0);
1228 if (n == NULL)
1229 return (ENOBUFS);
1230 n->m_len = oldoptlen + JUMBOOPTLEN;
1231 bcopy(mtod(mopt, caddr_t), mtod(n, caddr_t),
1232 oldoptlen);
1233 optbuf = mtod(n, caddr_t) + oldoptlen;
1234 m_freem(mopt);
1235 mopt = exthdrs->ip6e_hbh = n;
1236 } else {
1237 optbuf = mtod(mopt, u_char *) + mopt->m_len;
1238 mopt->m_len += JUMBOOPTLEN;
1239 }
1240 optbuf[0] = IP6OPT_PADN;
1241 optbuf[1] = 1;
1242
1243 /*
1244 * Adjust the header length according to the pad and
1245 * the jumbo payload option.
1246 */
1247 hbh = mtod(mopt, struct ip6_hbh *);
1248 hbh->ip6h_len += (JUMBOOPTLEN >> 3);
1249 }
1250
1251 /* fill in the option. */
1252 optbuf[2] = IP6OPT_JUMBO;
1253 optbuf[3] = 4;
1254 v = (u_int32_t)htonl(plen + JUMBOOPTLEN);
1255 bcopy(&v, &optbuf[4], sizeof(u_int32_t));
1256
1257 /* finally, adjust the packet header length */
1258 exthdrs->ip6e_ip6->m_pkthdr.len += JUMBOOPTLEN;
1259
1260 return (0);
1261 #undef JUMBOOPTLEN
1262 }
1263
1264 /*
1265 * Insert fragment header and copy unfragmentable header portions.
1266 */
1267 static int
1268 ip6_insertfraghdr(struct mbuf *m0, struct mbuf *m, int hlen,
1269 struct ip6_frag **frghdrp)
1270 {
1271 struct mbuf *n, *mlast;
1272
1273 if (hlen > sizeof(struct ip6_hdr)) {
1274 n = m_copym(m0, sizeof(struct ip6_hdr),
1275 hlen - sizeof(struct ip6_hdr), M_NOWAIT);
1276 if (n == NULL)
1277 return (ENOBUFS);
1278 m->m_next = n;
1279 } else
1280 n = m;
1281
1282 /* Search for the last mbuf of unfragmentable part. */
1283 for (mlast = n; mlast->m_next; mlast = mlast->m_next)
1284 ;
1285
1286 if (M_WRITABLE(mlast) &&
1287 M_TRAILINGSPACE(mlast) >= sizeof(struct ip6_frag)) {
1288 /* use the trailing space of the last mbuf for the fragment hdr */
1289 *frghdrp = (struct ip6_frag *)(mtod(mlast, caddr_t) +
1290 mlast->m_len);
1291 mlast->m_len += sizeof(struct ip6_frag);
1292 m->m_pkthdr.len += sizeof(struct ip6_frag);
1293 } else {
1294 /* allocate a new mbuf for the fragment header */
1295 struct mbuf *mfrg;
1296
1297 mfrg = m_get(M_NOWAIT, MT_DATA);
1298 if (mfrg == NULL)
1299 return (ENOBUFS);
1300 mfrg->m_len = sizeof(struct ip6_frag);
1301 *frghdrp = mtod(mfrg, struct ip6_frag *);
1302 mlast->m_next = mfrg;
1303 }
1304
1305 return (0);
1306 }
1307
1308 /*
1309 * Calculates IPv6 path mtu for destination @dst.
1310 * Resulting MTU is stored in @mtup.
1311 *
1312 * Returns 0 on success.
1313 */
1314 static int
1315 ip6_getpmtu_ctl(u_int fibnum, const struct in6_addr *dst, u_long *mtup)
1316 {
1317 struct nhop6_extended nh6;
1318 struct in6_addr kdst;
1319 uint32_t scopeid;
1320 struct ifnet *ifp;
1321 u_long mtu;
1322 int error;
1323
1324 in6_splitscope(dst, &kdst, &scopeid);
1325 if (fib6_lookup_nh_ext(fibnum, &kdst, scopeid, NHR_REF, 0, &nh6) != 0)
1326 return (EHOSTUNREACH);
1327
1328 ifp = nh6.nh_ifp;
1329 mtu = nh6.nh_mtu;
1330
1331 error = ip6_calcmtu(ifp, dst, mtu, mtup, NULL, 0);
1332 fib6_free_nh_ext(fibnum, &nh6);
1333
1334 return (error);
1335 }
1336
1337 /*
1338 * Calculates IPv6 path MTU for @dst based on transmit @ifp,
1339 * and cached data in @ro_pmtu.
1340 * MTU from (successful) route lookup is saved (along with dst)
1341 * inside @ro_pmtu to avoid subsequent route lookups after packet
1342 * filter processing.
1343 *
1344 * Stores mtu and always-frag value into @mtup and @alwaysfragp.
1345 * Returns 0 on success.
1346 */
1347 static int
1348 ip6_getpmtu(struct route_in6 *ro_pmtu, int do_lookup,
1349 struct ifnet *ifp, const struct in6_addr *dst, u_long *mtup,
1350 int *alwaysfragp, u_int fibnum, u_int proto)
1351 {
1352 struct nhop6_basic nh6;
1353 struct in6_addr kdst;
1354 uint32_t scopeid;
1355 struct sockaddr_in6 *sa6_dst;
1356 u_long mtu;
1357
1358 mtu = 0;
1359 if (do_lookup) {
1360
1361 /*
1362 * Here ro_pmtu has final destination address, while
1363 * ro might represent immediate destination.
1364 * Use ro_pmtu destination since mtu might differ.
1365 */
1366 sa6_dst = (struct sockaddr_in6 *)&ro_pmtu->ro_dst;
1367 if (!IN6_ARE_ADDR_EQUAL(&sa6_dst->sin6_addr, dst))
1368 ro_pmtu->ro_mtu = 0;
1369
1370 if (ro_pmtu->ro_mtu == 0) {
1371 bzero(sa6_dst, sizeof(*sa6_dst));
1372 sa6_dst->sin6_family = AF_INET6;
1373 sa6_dst->sin6_len = sizeof(struct sockaddr_in6);
1374 sa6_dst->sin6_addr = *dst;
1375
1376 in6_splitscope(dst, &kdst, &scopeid);
1377 if (fib6_lookup_nh_basic(fibnum, &kdst, scopeid, 0, 0,
1378 &nh6) == 0)
1379 ro_pmtu->ro_mtu = nh6.nh_mtu;
1380 }
1381
1382 mtu = ro_pmtu->ro_mtu;
1383 }
1384
1385 if (ro_pmtu->ro_rt)
1386 mtu = ro_pmtu->ro_rt->rt_mtu;
1387
1388 return (ip6_calcmtu(ifp, dst, mtu, mtup, alwaysfragp, proto));
1389 }
1390
1391 /*
1392 * Calculate MTU based on transmit @ifp, route mtu @rt_mtu and
1393 * hostcache data for @dst.
1394 * Stores mtu and always-frag value into @mtup and @alwaysfragp.
1395 *
1396 * Returns 0 on success.
1397 */
1398 static int
1399 ip6_calcmtu(struct ifnet *ifp, const struct in6_addr *dst, u_long rt_mtu,
1400 u_long *mtup, int *alwaysfragp, u_int proto)
1401 {
1402 u_long mtu = 0;
1403 int alwaysfrag = 0;
1404 int error = 0;
1405
1406 if (rt_mtu > 0) {
1407 u_int32_t ifmtu;
1408 struct in_conninfo inc;
1409
1410 bzero(&inc, sizeof(inc));
1411 inc.inc_flags |= INC_ISIPV6;
1412 inc.inc6_faddr = *dst;
1413
1414 ifmtu = IN6_LINKMTU(ifp);
1415
1416 /* TCP is known to react to pmtu changes so skip hc */
1417 if (proto != IPPROTO_TCP)
1418 mtu = tcp_hc_getmtu(&inc);
1419
1420 if (mtu)
1421 mtu = min(mtu, rt_mtu);
1422 else
1423 mtu = rt_mtu;
1424 if (mtu == 0)
1425 mtu = ifmtu;
1426 else if (mtu < IPV6_MMTU) {
1427 /*
1428 * RFC2460 section 5, last paragraph:
1429 * if we record ICMPv6 too big message with
1430 * mtu < IPV6_MMTU, transmit packets sized IPV6_MMTU
1431 * or smaller, with framgent header attached.
1432 * (fragment header is needed regardless from the
1433 * packet size, for translators to identify packets)
1434 */
1435 alwaysfrag = 1;
1436 mtu = IPV6_MMTU;
1437 }
1438 } else if (ifp) {
1439 mtu = IN6_LINKMTU(ifp);
1440 } else
1441 error = EHOSTUNREACH; /* XXX */
1442
1443 *mtup = mtu;
1444 if (alwaysfragp)
1445 *alwaysfragp = alwaysfrag;
1446 return (error);
1447 }
1448
1449 /*
1450 * IP6 socket option processing.
1451 */
1452 int
1453 ip6_ctloutput(struct socket *so, struct sockopt *sopt)
1454 {
1455 int optdatalen, uproto;
1456 void *optdata;
1457 struct inpcb *inp = sotoinpcb(so);
1458 int error, optval;
1459 int level, op, optname;
1460 int optlen;
1461 struct thread *td;
1462 #ifdef RSS
1463 uint32_t rss_bucket;
1464 int retval;
1465 #endif
1466
1467 /*
1468 * Don't use more than a quarter of mbuf clusters. N.B.:
1469 * nmbclusters is an int, but nmbclusters * MCLBYTES may overflow
1470 * on LP64 architectures, so cast to u_long to avoid undefined
1471 * behavior. ILP32 architectures cannot have nmbclusters
1472 * large enough to overflow for other reasons.
1473 */
1474 #define IPV6_PKTOPTIONS_MBUF_LIMIT ((u_long)nmbclusters * MCLBYTES / 4)
1475
1476 level = sopt->sopt_level;
1477 op = sopt->sopt_dir;
1478 optname = sopt->sopt_name;
1479 optlen = sopt->sopt_valsize;
1480 td = sopt->sopt_td;
1481 error = 0;
1482 optval = 0;
1483 uproto = (int)so->so_proto->pr_protocol;
1484
1485 if (level != IPPROTO_IPV6) {
1486 error = EINVAL;
1487
1488 if (sopt->sopt_level == SOL_SOCKET &&
1489 sopt->sopt_dir == SOPT_SET) {
1490 switch (sopt->sopt_name) {
1491 case SO_REUSEADDR:
1492 INP_WLOCK(inp);
1493 if ((so->so_options & SO_REUSEADDR) != 0)
1494 inp->inp_flags2 |= INP_REUSEADDR;
1495 else
1496 inp->inp_flags2 &= ~INP_REUSEADDR;
1497 INP_WUNLOCK(inp);
1498 error = 0;
1499 break;
1500 case SO_REUSEPORT:
1501 INP_WLOCK(inp);
1502 if ((so->so_options & SO_REUSEPORT) != 0)
1503 inp->inp_flags2 |= INP_REUSEPORT;
1504 else
1505 inp->inp_flags2 &= ~INP_REUSEPORT;
1506 INP_WUNLOCK(inp);
1507 error = 0;
1508 break;
1509 case SO_REUSEPORT_LB:
1510 INP_WLOCK(inp);
1511 if ((so->so_options & SO_REUSEPORT_LB) != 0)
1512 inp->inp_flags2 |= INP_REUSEPORT_LB;
1513 else
1514 inp->inp_flags2 &= ~INP_REUSEPORT_LB;
1515 INP_WUNLOCK(inp);
1516 error = 0;
1517 break;
1518 case SO_SETFIB:
1519 INP_WLOCK(inp);
1520 inp->inp_inc.inc_fibnum = so->so_fibnum;
1521 INP_WUNLOCK(inp);
1522 error = 0;
1523 break;
1524 case SO_MAX_PACING_RATE:
1525 #ifdef RATELIMIT
1526 INP_WLOCK(inp);
1527 inp->inp_flags2 |= INP_RATE_LIMIT_CHANGED;
1528 INP_WUNLOCK(inp);
1529 error = 0;
1530 #else
1531 error = EOPNOTSUPP;
1532 #endif
1533 break;
1534 default:
1535 break;
1536 }
1537 }
1538 } else { /* level == IPPROTO_IPV6 */
1539 switch (op) {
1540
1541 case SOPT_SET:
1542 switch (optname) {
1543 case IPV6_2292PKTOPTIONS:
1544 #ifdef IPV6_PKTOPTIONS
1545 case IPV6_PKTOPTIONS:
1546 #endif
1547 {
1548 struct mbuf *m;
1549
1550 if (optlen > IPV6_PKTOPTIONS_MBUF_LIMIT) {
1551 printf("ip6_ctloutput: mbuf limit hit\n");
1552 error = ENOBUFS;
1553 break;
1554 }
1555
1556 error = soopt_getm(sopt, &m); /* XXX */
1557 if (error != 0)
1558 break;
1559 error = soopt_mcopyin(sopt, m); /* XXX */
1560 if (error != 0)
1561 break;
1562 INP_WLOCK(inp);
1563 error = ip6_pcbopts(&inp->in6p_outputopts, m,
1564 so, sopt);
1565 INP_WUNLOCK(inp);
1566 m_freem(m); /* XXX */
1567 break;
1568 }
1569
1570 /*
1571 * Use of some Hop-by-Hop options or some
1572 * Destination options, might require special
1573 * privilege. That is, normal applications
1574 * (without special privilege) might be forbidden
1575 * from setting certain options in outgoing packets,
1576 * and might never see certain options in received
1577 * packets. [RFC 2292 Section 6]
1578 * KAME specific note:
1579 * KAME prevents non-privileged users from sending or
1580 * receiving ANY hbh/dst options in order to avoid
1581 * overhead of parsing options in the kernel.
1582 */
1583 case IPV6_RECVHOPOPTS:
1584 case IPV6_RECVDSTOPTS:
1585 case IPV6_RECVRTHDRDSTOPTS:
1586 if (td != NULL) {
1587 error = priv_check(td,
1588 PRIV_NETINET_SETHDROPTS);
1589 if (error)
1590 break;
1591 }
1592 /* FALLTHROUGH */
1593 case IPV6_UNICAST_HOPS:
1594 case IPV6_HOPLIMIT:
1595
1596 case IPV6_RECVPKTINFO:
1597 case IPV6_RECVHOPLIMIT:
1598 case IPV6_RECVRTHDR:
1599 case IPV6_RECVPATHMTU:
1600 case IPV6_RECVTCLASS:
1601 case IPV6_RECVFLOWID:
1602 #ifdef RSS
1603 case IPV6_RECVRSSBUCKETID:
1604 #endif
1605 case IPV6_V6ONLY:
1606 case IPV6_AUTOFLOWLABEL:
1607 case IPV6_ORIGDSTADDR:
1608 case IPV6_BINDANY:
1609 case IPV6_BINDMULTI:
1610 #ifdef RSS
1611 case IPV6_RSS_LISTEN_BUCKET:
1612 #endif
1613 case IPV6_VLAN_PCP:
1614 if (optname == IPV6_BINDANY && td != NULL) {
1615 error = priv_check(td,
1616 PRIV_NETINET_BINDANY);
1617 if (error)
1618 break;
1619 }
1620
1621 if (optlen != sizeof(int)) {
1622 error = EINVAL;
1623 break;
1624 }
1625 error = sooptcopyin(sopt, &optval,
1626 sizeof optval, sizeof optval);
1627 if (error)
1628 break;
1629 switch (optname) {
1630
1631 case IPV6_UNICAST_HOPS:
1632 if (optval < -1 || optval >= 256)
1633 error = EINVAL;
1634 else {
1635 /* -1 = kernel default */
1636 inp->in6p_hops = optval;
1637 if ((inp->inp_vflag &
1638 INP_IPV4) != 0)
1639 inp->inp_ip_ttl = optval;
1640 }
1641 break;
1642 #define OPTSET(bit) \
1643 do { \
1644 INP_WLOCK(inp); \
1645 if (optval) \
1646 inp->inp_flags |= (bit); \
1647 else \
1648 inp->inp_flags &= ~(bit); \
1649 INP_WUNLOCK(inp); \
1650 } while (/*CONSTCOND*/ 0)
1651 #define OPTSET2292(bit) \
1652 do { \
1653 INP_WLOCK(inp); \
1654 inp->inp_flags |= IN6P_RFC2292; \
1655 if (optval) \
1656 inp->inp_flags |= (bit); \
1657 else \
1658 inp->inp_flags &= ~(bit); \
1659 INP_WUNLOCK(inp); \
1660 } while (/*CONSTCOND*/ 0)
1661 #define OPTBIT(bit) (inp->inp_flags & (bit) ? 1 : 0)
1662
1663 #define OPTSET2_N(bit, val) do { \
1664 if (val) \
1665 inp->inp_flags2 |= bit; \
1666 else \
1667 inp->inp_flags2 &= ~bit; \
1668 } while (0)
1669 #define OPTSET2(bit, val) do { \
1670 INP_WLOCK(inp); \
1671 OPTSET2_N(bit, val); \
1672 INP_WUNLOCK(inp); \
1673 } while (0)
1674 #define OPTBIT2(bit) (inp->inp_flags2 & (bit) ? 1 : 0)
1675 #define OPTSET2292_EXCLUSIVE(bit) \
1676 do { \
1677 INP_WLOCK(inp); \
1678 if (OPTBIT(IN6P_RFC2292)) { \
1679 error = EINVAL; \
1680 } else { \
1681 if (optval) \
1682 inp->inp_flags |= (bit); \
1683 else \
1684 inp->inp_flags &= ~(bit); \
1685 } \
1686 INP_WUNLOCK(inp); \
1687 } while (/*CONSTCOND*/ 0)
1688
1689 case IPV6_RECVPKTINFO:
1690 OPTSET2292_EXCLUSIVE(IN6P_PKTINFO);
1691 break;
1692
1693 case IPV6_HOPLIMIT:
1694 {
1695 struct ip6_pktopts **optp;
1696
1697 /* cannot mix with RFC2292 */
1698 if (OPTBIT(IN6P_RFC2292)) {
1699 error = EINVAL;
1700 break;
1701 }
1702 INP_WLOCK(inp);
1703 if (inp->inp_flags & (INP_TIMEWAIT | INP_DROPPED)) {
1704 INP_WUNLOCK(inp);
1705 return (ECONNRESET);
1706 }
1707 optp = &inp->in6p_outputopts;
1708 error = ip6_pcbopt(IPV6_HOPLIMIT,
1709 (u_char *)&optval, sizeof(optval),
1710 optp, (td != NULL) ? td->td_ucred :
1711 NULL, uproto);
1712 INP_WUNLOCK(inp);
1713 break;
1714 }
1715
1716 case IPV6_RECVHOPLIMIT:
1717 OPTSET2292_EXCLUSIVE(IN6P_HOPLIMIT);
1718 break;
1719
1720 case IPV6_RECVHOPOPTS:
1721 OPTSET2292_EXCLUSIVE(IN6P_HOPOPTS);
1722 break;
1723
1724 case IPV6_RECVDSTOPTS:
1725 OPTSET2292_EXCLUSIVE(IN6P_DSTOPTS);
1726 break;
1727
1728 case IPV6_RECVRTHDRDSTOPTS:
1729 OPTSET2292_EXCLUSIVE(IN6P_RTHDRDSTOPTS);
1730 break;
1731
1732 case IPV6_RECVRTHDR:
1733 OPTSET2292_EXCLUSIVE(IN6P_RTHDR);
1734 break;
1735
1736 case IPV6_RECVPATHMTU:
1737 /*
1738 * We ignore this option for TCP
1739 * sockets.
1740 * (RFC3542 leaves this case
1741 * unspecified.)
1742 */
1743 if (uproto != IPPROTO_TCP)
1744 OPTSET(IN6P_MTU);
1745 break;
1746
1747 case IPV6_RECVFLOWID:
1748 OPTSET2(INP_RECVFLOWID, optval);
1749 break;
1750
1751 #ifdef RSS
1752 case IPV6_RECVRSSBUCKETID:
1753 OPTSET2(INP_RECVRSSBUCKETID, optval);
1754 break;
1755 #endif
1756
1757 case IPV6_V6ONLY:
1758 /*
1759 * make setsockopt(IPV6_V6ONLY)
1760 * available only prior to bind(2).
1761 * see ipng mailing list, Jun 22 2001.
1762 */
1763 if (inp->inp_lport ||
1764 !IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) {
1765 error = EINVAL;
1766 break;
1767 }
1768 OPTSET(IN6P_IPV6_V6ONLY);
1769 if (optval)
1770 inp->inp_vflag &= ~INP_IPV4;
1771 else
1772 inp->inp_vflag |= INP_IPV4;
1773 break;
1774 case IPV6_RECVTCLASS:
1775 /* cannot mix with RFC2292 XXX */
1776 OPTSET2292_EXCLUSIVE(IN6P_TCLASS);
1777 break;
1778 case IPV6_AUTOFLOWLABEL:
1779 OPTSET(IN6P_AUTOFLOWLABEL);
1780 break;
1781
1782 case IPV6_ORIGDSTADDR:
1783 OPTSET2(INP_ORIGDSTADDR, optval);
1784 break;
1785 case IPV6_BINDANY:
1786 OPTSET(INP_BINDANY);
1787 break;
1788
1789 case IPV6_BINDMULTI:
1790 OPTSET2(INP_BINDMULTI, optval);
1791 break;
1792 #ifdef RSS
1793 case IPV6_RSS_LISTEN_BUCKET:
1794 if ((optval >= 0) &&
1795 (optval < rss_getnumbuckets())) {
1796 INP_WLOCK(inp);
1797 inp->inp_rss_listen_bucket = optval;
1798 OPTSET2_N(INP_RSS_BUCKET_SET, 1);
1799 INP_WUNLOCK(inp);
1800 } else {
1801 error = EINVAL;
1802 }
1803 break;
1804 #endif
1805 case IPV6_VLAN_PCP:
1806 if ((optval >= -1) && (optval <=
1807 (INP_2PCP_MASK >> INP_2PCP_SHIFT))) {
1808 if (optval == -1) {
1809 INP_WLOCK(inp);
1810 inp->inp_flags2 &=
1811 ~(INP_2PCP_SET |
1812 INP_2PCP_MASK);
1813 INP_WUNLOCK(inp);
1814 } else {
1815 INP_WLOCK(inp);
1816 inp->inp_flags2 |=
1817 INP_2PCP_SET;
1818 inp->inp_flags2 &=
1819 ~INP_2PCP_MASK;
1820 inp->inp_flags2 |=
1821 optval <<
1822 INP_2PCP_SHIFT;
1823 INP_WUNLOCK(inp);
1824 }
1825 } else
1826 error = EINVAL;
1827 break;
1828 }
1829 break;
1830
1831 case IPV6_TCLASS:
1832 case IPV6_DONTFRAG:
1833 case IPV6_USE_MIN_MTU:
1834 case IPV6_PREFER_TEMPADDR:
1835 if (optlen != sizeof(optval)) {
1836 error = EINVAL;
1837 break;
1838 }
1839 error = sooptcopyin(sopt, &optval,
1840 sizeof optval, sizeof optval);
1841 if (error)
1842 break;
1843 {
1844 struct ip6_pktopts **optp;
1845 INP_WLOCK(inp);
1846 if (inp->inp_flags & (INP_TIMEWAIT | INP_DROPPED)) {
1847 INP_WUNLOCK(inp);
1848 return (ECONNRESET);
1849 }
1850 optp = &inp->in6p_outputopts;
1851 error = ip6_pcbopt(optname,
1852 (u_char *)&optval, sizeof(optval),
1853 optp, (td != NULL) ? td->td_ucred :
1854 NULL, uproto);
1855 INP_WUNLOCK(inp);
1856 break;
1857 }
1858
1859 case IPV6_2292PKTINFO:
1860 case IPV6_2292HOPLIMIT:
1861 case IPV6_2292HOPOPTS:
1862 case IPV6_2292DSTOPTS:
1863 case IPV6_2292RTHDR:
1864 /* RFC 2292 */
1865 if (optlen != sizeof(int)) {
1866 error = EINVAL;
1867 break;
1868 }
1869 error = sooptcopyin(sopt, &optval,
1870 sizeof optval, sizeof optval);
1871 if (error)
1872 break;
1873 switch (optname) {
1874 case IPV6_2292PKTINFO:
1875 OPTSET2292(IN6P_PKTINFO);
1876 break;
1877 case IPV6_2292HOPLIMIT:
1878 OPTSET2292(IN6P_HOPLIMIT);
1879 break;
1880 case IPV6_2292HOPOPTS:
1881 /*
1882 * Check super-user privilege.
1883 * See comments for IPV6_RECVHOPOPTS.
1884 */
1885 if (td != NULL) {
1886 error = priv_check(td,
1887 PRIV_NETINET_SETHDROPTS);
1888 if (error)
1889 return (error);
1890 }
1891 OPTSET2292(IN6P_HOPOPTS);
1892 break;
1893 case IPV6_2292DSTOPTS:
1894 if (td != NULL) {
1895 error = priv_check(td,
1896 PRIV_NETINET_SETHDROPTS);
1897 if (error)
1898 return (error);
1899 }
1900 OPTSET2292(IN6P_DSTOPTS|IN6P_RTHDRDSTOPTS); /* XXX */
1901 break;
1902 case IPV6_2292RTHDR:
1903 OPTSET2292(IN6P_RTHDR);
1904 break;
1905 }
1906 break;
1907 case IPV6_PKTINFO:
1908 case IPV6_HOPOPTS:
1909 case IPV6_RTHDR:
1910 case IPV6_DSTOPTS:
1911 case IPV6_RTHDRDSTOPTS:
1912 case IPV6_NEXTHOP:
1913 {
1914 /* new advanced API (RFC3542) */
1915 u_char *optbuf;
1916 u_char optbuf_storage[MCLBYTES];
1917 int optlen;
1918 struct ip6_pktopts **optp;
1919
1920 /* cannot mix with RFC2292 */
1921 if (OPTBIT(IN6P_RFC2292)) {
1922 error = EINVAL;
1923 break;
1924 }
1925
1926 /*
1927 * We only ensure valsize is not too large
1928 * here. Further validation will be done
1929 * later.
1930 */
1931 error = sooptcopyin(sopt, optbuf_storage,
1932 sizeof(optbuf_storage), 0);
1933 if (error)
1934 break;
1935 optlen = sopt->sopt_valsize;
1936 optbuf = optbuf_storage;
1937 INP_WLOCK(inp);
1938 if (inp->inp_flags & (INP_TIMEWAIT | INP_DROPPED)) {
1939 INP_WUNLOCK(inp);
1940 return (ECONNRESET);
1941 }
1942 optp = &inp->in6p_outputopts;
1943 error = ip6_pcbopt(optname, optbuf, optlen,
1944 optp, (td != NULL) ? td->td_ucred : NULL,
1945 uproto);
1946 INP_WUNLOCK(inp);
1947 break;
1948 }
1949 #undef OPTSET
1950
1951 case IPV6_MULTICAST_IF:
1952 case IPV6_MULTICAST_HOPS:
1953 case IPV6_MULTICAST_LOOP:
1954 case IPV6_JOIN_GROUP:
1955 case IPV6_LEAVE_GROUP:
1956 case IPV6_MSFILTER:
1957 case MCAST_BLOCK_SOURCE:
1958 case MCAST_UNBLOCK_SOURCE:
1959 case MCAST_JOIN_GROUP:
1960 case MCAST_LEAVE_GROUP:
1961 case MCAST_JOIN_SOURCE_GROUP:
1962 case MCAST_LEAVE_SOURCE_GROUP:
1963 error = ip6_setmoptions(inp, sopt);
1964 break;
1965
1966 case IPV6_PORTRANGE:
1967 error = sooptcopyin(sopt, &optval,
1968 sizeof optval, sizeof optval);
1969 if (error)
1970 break;
1971
1972 INP_WLOCK(inp);
1973 switch (optval) {
1974 case IPV6_PORTRANGE_DEFAULT:
1975 inp->inp_flags &= ~(INP_LOWPORT);
1976 inp->inp_flags &= ~(INP_HIGHPORT);
1977 break;
1978
1979 case IPV6_PORTRANGE_HIGH:
1980 inp->inp_flags &= ~(INP_LOWPORT);
1981 inp->inp_flags |= INP_HIGHPORT;
1982 break;
1983
1984 case IPV6_PORTRANGE_LOW:
1985 inp->inp_flags &= ~(INP_HIGHPORT);
1986 inp->inp_flags |= INP_LOWPORT;
1987 break;
1988
1989 default:
1990 error = EINVAL;
1991 break;
1992 }
1993 INP_WUNLOCK(inp);
1994 break;
1995
1996 #if defined(IPSEC) || defined(IPSEC_SUPPORT)
1997 case IPV6_IPSEC_POLICY:
1998 if (IPSEC_ENABLED(ipv6)) {
1999 error = IPSEC_PCBCTL(ipv6, inp, sopt);
2000 break;
2001 }
2002 /* FALLTHROUGH */
2003 #endif /* IPSEC */
2004
2005 default:
2006 error = ENOPROTOOPT;
2007 break;
2008 }
2009 break;
2010
2011 case SOPT_GET:
2012 switch (optname) {
2013
2014 case IPV6_2292PKTOPTIONS:
2015 #ifdef IPV6_PKTOPTIONS
2016 case IPV6_PKTOPTIONS:
2017 #endif
2018 /*
2019 * RFC3542 (effectively) deprecated the
2020 * semantics of the 2292-style pktoptions.
2021 * Since it was not reliable in nature (i.e.,
2022 * applications had to expect the lack of some
2023 * information after all), it would make sense
2024 * to simplify this part by always returning
2025 * empty data.
2026 */
2027 sopt->sopt_valsize = 0;
2028 break;
2029
2030 case IPV6_RECVHOPOPTS:
2031 case IPV6_RECVDSTOPTS:
2032 case IPV6_RECVRTHDRDSTOPTS:
2033 case IPV6_UNICAST_HOPS:
2034 case IPV6_RECVPKTINFO:
2035 case IPV6_RECVHOPLIMIT:
2036 case IPV6_RECVRTHDR:
2037 case IPV6_RECVPATHMTU:
2038
2039 case IPV6_V6ONLY:
2040 case IPV6_PORTRANGE:
2041 case IPV6_RECVTCLASS:
2042 case IPV6_AUTOFLOWLABEL:
2043 case IPV6_BINDANY:
2044 case IPV6_FLOWID:
2045 case IPV6_FLOWTYPE:
2046 case IPV6_RECVFLOWID:
2047 #ifdef RSS
2048 case IPV6_RSSBUCKETID:
2049 case IPV6_RECVRSSBUCKETID:
2050 #endif
2051 case IPV6_BINDMULTI:
2052 case IPV6_VLAN_PCP:
2053 switch (optname) {
2054
2055 case IPV6_RECVHOPOPTS:
2056 optval = OPTBIT(IN6P_HOPOPTS);
2057 break;
2058
2059 case IPV6_RECVDSTOPTS:
2060 optval = OPTBIT(IN6P_DSTOPTS);
2061 break;
2062
2063 case IPV6_RECVRTHDRDSTOPTS:
2064 optval = OPTBIT(IN6P_RTHDRDSTOPTS);
2065 break;
2066
2067 case IPV6_UNICAST_HOPS:
2068 optval = inp->in6p_hops;
2069 break;
2070
2071 case IPV6_RECVPKTINFO:
2072 optval = OPTBIT(IN6P_PKTINFO);
2073 break;
2074
2075 case IPV6_RECVHOPLIMIT:
2076 optval = OPTBIT(IN6P_HOPLIMIT);
2077 break;
2078
2079 case IPV6_RECVRTHDR:
2080 optval = OPTBIT(IN6P_RTHDR);
2081 break;
2082
2083 case IPV6_RECVPATHMTU:
2084 optval = OPTBIT(IN6P_MTU);
2085 break;
2086
2087 case IPV6_V6ONLY:
2088 optval = OPTBIT(IN6P_IPV6_V6ONLY);
2089 break;
2090
2091 case IPV6_PORTRANGE:
2092 {
2093 int flags;
2094 flags = inp->inp_flags;
2095 if (flags & INP_HIGHPORT)
2096 optval = IPV6_PORTRANGE_HIGH;
2097 else if (flags & INP_LOWPORT)
2098 optval = IPV6_PORTRANGE_LOW;
2099 else
2100 optval = 0;
2101 break;
2102 }
2103 case IPV6_RECVTCLASS:
2104 optval = OPTBIT(IN6P_TCLASS);
2105 break;
2106
2107 case IPV6_AUTOFLOWLABEL:
2108 optval = OPTBIT(IN6P_AUTOFLOWLABEL);
2109 break;
2110
2111 case IPV6_ORIGDSTADDR:
2112 optval = OPTBIT2(INP_ORIGDSTADDR);
2113 break;
2114
2115 case IPV6_BINDANY:
2116 optval = OPTBIT(INP_BINDANY);
2117 break;
2118
2119 case IPV6_FLOWID:
2120 optval = inp->inp_flowid;
2121 break;
2122
2123 case IPV6_FLOWTYPE:
2124 optval = inp->inp_flowtype;
2125 break;
2126
2127 case IPV6_RECVFLOWID:
2128 optval = OPTBIT2(INP_RECVFLOWID);
2129 break;
2130 #ifdef RSS
2131 case IPV6_RSSBUCKETID:
2132 retval =
2133 rss_hash2bucket(inp->inp_flowid,
2134 inp->inp_flowtype,
2135 &rss_bucket);
2136 if (retval == 0)
2137 optval = rss_bucket;
2138 else
2139 error = EINVAL;
2140 break;
2141
2142 case IPV6_RECVRSSBUCKETID:
2143 optval = OPTBIT2(INP_RECVRSSBUCKETID);
2144 break;
2145 #endif
2146
2147 case IPV6_BINDMULTI:
2148 optval = OPTBIT2(INP_BINDMULTI);
2149 break;
2150
2151 case IPV6_VLAN_PCP:
2152 if (OPTBIT2(INP_2PCP_SET)) {
2153 optval = (inp->inp_flags2 &
2154 INP_2PCP_MASK) >>
2155 INP_2PCP_SHIFT;
2156 } else {
2157 optval = -1;
2158 }
2159 break;
2160 }
2161
2162 if (error)
2163 break;
2164 error = sooptcopyout(sopt, &optval,
2165 sizeof optval);
2166 break;
2167
2168 case IPV6_PATHMTU:
2169 {
2170 u_long pmtu = 0;
2171 struct ip6_mtuinfo mtuinfo;
2172 struct in6_addr addr;
2173
2174 if (!(so->so_state & SS_ISCONNECTED))
2175 return (ENOTCONN);
2176 /*
2177 * XXX: we dot not consider the case of source
2178 * routing, or optional information to specify
2179 * the outgoing interface.
2180 * Copy faddr out of inp to avoid holding lock
2181 * on inp during route lookup.
2182 */
2183 INP_RLOCK(inp);
2184 bcopy(&inp->in6p_faddr, &addr, sizeof(addr));
2185 INP_RUNLOCK(inp);
2186 error = ip6_getpmtu_ctl(so->so_fibnum,
2187 &addr, &pmtu);
2188 if (error)
2189 break;
2190 if (pmtu > IPV6_MAXPACKET)
2191 pmtu = IPV6_MAXPACKET;
2192
2193 bzero(&mtuinfo, sizeof(mtuinfo));
2194 mtuinfo.ip6m_mtu = (u_int32_t)pmtu;
2195 optdata = (void *)&mtuinfo;
2196 optdatalen = sizeof(mtuinfo);
2197 error = sooptcopyout(sopt, optdata,
2198 optdatalen);
2199 break;
2200 }
2201
2202 case IPV6_2292PKTINFO:
2203 case IPV6_2292HOPLIMIT:
2204 case IPV6_2292HOPOPTS:
2205 case IPV6_2292RTHDR:
2206 case IPV6_2292DSTOPTS:
2207 switch (optname) {
2208 case IPV6_2292PKTINFO:
2209 optval = OPTBIT(IN6P_PKTINFO);
2210 break;
2211 case IPV6_2292HOPLIMIT:
2212 optval = OPTBIT(IN6P_HOPLIMIT);
2213 break;
2214 case IPV6_2292HOPOPTS:
2215 optval = OPTBIT(IN6P_HOPOPTS);
2216 break;
2217 case IPV6_2292RTHDR:
2218 optval = OPTBIT(IN6P_RTHDR);
2219 break;
2220 case IPV6_2292DSTOPTS:
2221 optval = OPTBIT(IN6P_DSTOPTS|IN6P_RTHDRDSTOPTS);
2222 break;
2223 }
2224 error = sooptcopyout(sopt, &optval,
2225 sizeof optval);
2226 break;
2227 case IPV6_PKTINFO:
2228 case IPV6_HOPOPTS:
2229 case IPV6_RTHDR:
2230 case IPV6_DSTOPTS:
2231 case IPV6_RTHDRDSTOPTS:
2232 case IPV6_NEXTHOP:
2233 case IPV6_TCLASS:
2234 case IPV6_DONTFRAG:
2235 case IPV6_USE_MIN_MTU:
2236 case IPV6_PREFER_TEMPADDR:
2237 error = ip6_getpcbopt(inp, optname, sopt);
2238 break;
2239
2240 case IPV6_MULTICAST_IF:
2241 case IPV6_MULTICAST_HOPS:
2242 case IPV6_MULTICAST_LOOP:
2243 case IPV6_MSFILTER:
2244 error = ip6_getmoptions(inp, sopt);
2245 break;
2246
2247 #if defined(IPSEC) || defined(IPSEC_SUPPORT)
2248 case IPV6_IPSEC_POLICY:
2249 if (IPSEC_ENABLED(ipv6)) {
2250 error = IPSEC_PCBCTL(ipv6, inp, sopt);
2251 break;
2252 }
2253 /* FALLTHROUGH */
2254 #endif /* IPSEC */
2255 default:
2256 error = ENOPROTOOPT;
2257 break;
2258 }
2259 break;
2260 }
2261 }
2262 return (error);
2263 }
2264
2265 int
2266 ip6_raw_ctloutput(struct socket *so, struct sockopt *sopt)
2267 {
2268 int error = 0, optval, optlen;
2269 const int icmp6off = offsetof(struct icmp6_hdr, icmp6_cksum);
2270 struct inpcb *inp = sotoinpcb(so);
2271 int level, op, optname;
2272
2273 level = sopt->sopt_level;
2274 op = sopt->sopt_dir;
2275 optname = sopt->sopt_name;
2276 optlen = sopt->sopt_valsize;
2277
2278 if (level != IPPROTO_IPV6) {
2279 return (EINVAL);
2280 }
2281
2282 switch (optname) {
2283 case IPV6_CHECKSUM:
2284 /*
2285 * For ICMPv6 sockets, no modification allowed for checksum
2286 * offset, permit "no change" values to help existing apps.
2287 *
2288 * RFC3542 says: "An attempt to set IPV6_CHECKSUM
2289 * for an ICMPv6 socket will fail."
2290 * The current behavior does not meet RFC3542.
2291 */
2292 switch (op) {
2293 case SOPT_SET:
2294 if (optlen != sizeof(int)) {
2295 error = EINVAL;
2296 break;
2297 }
2298 error = sooptcopyin(sopt, &optval, sizeof(optval),
2299 sizeof(optval));
2300 if (error)
2301 break;
2302 if (optval < -1 || (optval % 2) != 0) {
2303 /*
2304 * The API assumes non-negative even offset
2305 * values or -1 as a special value.
2306 */
2307 error = EINVAL;
2308 } else if (so->so_proto->pr_protocol ==
2309 IPPROTO_ICMPV6) {
2310 if (optval != icmp6off)
2311 error = EINVAL;
2312 } else
2313 inp->in6p_cksum = optval;
2314 break;
2315
2316 case SOPT_GET:
2317 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6)
2318 optval = icmp6off;
2319 else
2320 optval = inp->in6p_cksum;
2321
2322 error = sooptcopyout(sopt, &optval, sizeof(optval));
2323 break;
2324
2325 default:
2326 error = EINVAL;
2327 break;
2328 }
2329 break;
2330
2331 default:
2332 error = ENOPROTOOPT;
2333 break;
2334 }
2335
2336 return (error);
2337 }
2338
2339 /*
2340 * Set up IP6 options in pcb for insertion in output packets or
2341 * specifying behavior of outgoing packets.
2342 */
2343 static int
2344 ip6_pcbopts(struct ip6_pktopts **pktopt, struct mbuf *m,
2345 struct socket *so, struct sockopt *sopt)
2346 {
2347 struct ip6_pktopts *opt = *pktopt;
2348 int error = 0;
2349 struct thread *td = sopt->sopt_td;
2350
2351 /* turn off any old options. */
2352 if (opt) {
2353 #ifdef DIAGNOSTIC
2354 if (opt->ip6po_pktinfo || opt->ip6po_nexthop ||
2355 opt->ip6po_hbh || opt->ip6po_dest1 || opt->ip6po_dest2 ||
2356 opt->ip6po_rhinfo.ip6po_rhi_rthdr)
2357 printf("ip6_pcbopts: all specified options are cleared.\n");
2358 #endif
2359 ip6_clearpktopts(opt, -1);
2360 } else {
2361 opt = malloc(sizeof(*opt), M_IP6OPT, M_NOWAIT);
2362 if (opt == NULL)
2363 return (ENOMEM);
2364 }
2365 *pktopt = NULL;
2366
2367 if (!m || m->m_len == 0) {
2368 /*
2369 * Only turning off any previous options, regardless of
2370 * whether the opt is just created or given.
2371 */
2372 free(opt, M_IP6OPT);
2373 return (0);
2374 }
2375
2376 /* set options specified by user. */
2377 if ((error = ip6_setpktopts(m, opt, NULL, (td != NULL) ?
2378 td->td_ucred : NULL, so->so_proto->pr_protocol)) != 0) {
2379 ip6_clearpktopts(opt, -1); /* XXX: discard all options */
2380 free(opt, M_IP6OPT);
2381 return (error);
2382 }
2383 *pktopt = opt;
2384 return (0);
2385 }
2386
2387 /*
2388 * initialize ip6_pktopts. beware that there are non-zero default values in
2389 * the struct.
2390 */
2391 void
2392 ip6_initpktopts(struct ip6_pktopts *opt)
2393 {
2394
2395 bzero(opt, sizeof(*opt));
2396 opt->ip6po_hlim = -1; /* -1 means default hop limit */
2397 opt->ip6po_tclass = -1; /* -1 means default traffic class */
2398 opt->ip6po_minmtu = IP6PO_MINMTU_MCASTONLY;
2399 opt->ip6po_prefer_tempaddr = IP6PO_TEMPADDR_SYSTEM;
2400 }
2401
2402 static int
2403 ip6_pcbopt(int optname, u_char *buf, int len, struct ip6_pktopts **pktopt,
2404 struct ucred *cred, int uproto)
2405 {
2406 struct ip6_pktopts *opt;
2407
2408 if (*pktopt == NULL) {
2409 *pktopt = malloc(sizeof(struct ip6_pktopts), M_IP6OPT,
2410 M_NOWAIT);
2411 if (*pktopt == NULL)
2412 return (ENOBUFS);
2413 ip6_initpktopts(*pktopt);
2414 }
2415 opt = *pktopt;
2416
2417 return (ip6_setpktopt(optname, buf, len, opt, cred, 1, 0, uproto));
2418 }
2419
2420 #define GET_PKTOPT_VAR(field, lenexpr) do { \
2421 if (pktopt && pktopt->field) { \
2422 INP_RUNLOCK(inp); \
2423 optdata = malloc(sopt->sopt_valsize, M_TEMP, M_WAITOK); \
2424 malloc_optdata = true; \
2425 INP_RLOCK(inp); \
2426 if (inp->inp_flags & (INP_TIMEWAIT | INP_DROPPED)) { \
2427 INP_RUNLOCK(inp); \
2428 free(optdata, M_TEMP); \
2429 return (ECONNRESET); \
2430 } \
2431 pktopt = inp->in6p_outputopts; \
2432 if (pktopt && pktopt->field) { \
2433 optdatalen = min(lenexpr, sopt->sopt_valsize); \
2434 bcopy(&pktopt->field, optdata, optdatalen); \
2435 } else { \
2436 free(optdata, M_TEMP); \
2437 optdata = NULL; \
2438 malloc_optdata = false; \
2439 } \
2440 } \
2441 } while(0)
2442
2443 #define GET_PKTOPT_EXT_HDR(field) GET_PKTOPT_VAR(field, \
2444 (((struct ip6_ext *)pktopt->field)->ip6e_len + 1) << 3)
2445
2446 #define GET_PKTOPT_SOCKADDR(field) GET_PKTOPT_VAR(field, \
2447 pktopt->field->sa_len)
2448
2449 static int
2450 ip6_getpcbopt(struct inpcb *inp, int optname, struct sockopt *sopt)
2451 {
2452 void *optdata = NULL;
2453 bool malloc_optdata = false;
2454 int optdatalen = 0;
2455 int error = 0;
2456 struct in6_pktinfo null_pktinfo;
2457 int deftclass = 0, on;
2458 int defminmtu = IP6PO_MINMTU_MCASTONLY;
2459 int defpreftemp = IP6PO_TEMPADDR_SYSTEM;
2460 struct ip6_pktopts *pktopt;
2461
2462 INP_RLOCK(inp);
2463 pktopt = inp->in6p_outputopts;
2464
2465 switch (optname) {
2466 case IPV6_PKTINFO:
2467 optdata = (void *)&null_pktinfo;
2468 if (pktopt && pktopt->ip6po_pktinfo) {
2469 bcopy(pktopt->ip6po_pktinfo, &null_pktinfo,
2470 sizeof(null_pktinfo));
2471 in6_clearscope(&null_pktinfo.ipi6_addr);
2472 } else {
2473 /* XXX: we don't have to do this every time... */
2474 bzero(&null_pktinfo, sizeof(null_pktinfo));
2475 }
2476 optdatalen = sizeof(struct in6_pktinfo);
2477 break;
2478 case IPV6_TCLASS:
2479 if (pktopt && pktopt->ip6po_tclass >= 0)
2480 deftclass = pktopt->ip6po_tclass;
2481 optdata = (void *)&deftclass;
2482 optdatalen = sizeof(int);
2483 break;
2484 case IPV6_HOPOPTS:
2485 GET_PKTOPT_EXT_HDR(ip6po_hbh);
2486 break;
2487 case IPV6_RTHDR:
2488 GET_PKTOPT_EXT_HDR(ip6po_rthdr);
2489 break;
2490 case IPV6_RTHDRDSTOPTS:
2491 GET_PKTOPT_EXT_HDR(ip6po_dest1);
2492 break;
2493 case IPV6_DSTOPTS:
2494 GET_PKTOPT_EXT_HDR(ip6po_dest2);
2495 break;
2496 case IPV6_NEXTHOP:
2497 GET_PKTOPT_SOCKADDR(ip6po_nexthop);
2498 break;
2499 case IPV6_USE_MIN_MTU:
2500 if (pktopt)
2501 defminmtu = pktopt->ip6po_minmtu;
2502 optdata = (void *)&defminmtu;
2503 optdatalen = sizeof(int);
2504 break;
2505 case IPV6_DONTFRAG:
2506 if (pktopt && ((pktopt->ip6po_flags) & IP6PO_DONTFRAG))
2507 on = 1;
2508 else
2509 on = 0;
2510 optdata = (void *)&on;
2511 optdatalen = sizeof(on);
2512 break;
2513 case IPV6_PREFER_TEMPADDR:
2514 if (pktopt)
2515 defpreftemp = pktopt->ip6po_prefer_tempaddr;
2516 optdata = (void *)&defpreftemp;
2517 optdatalen = sizeof(int);
2518 break;
2519 default: /* should not happen */
2520 #ifdef DIAGNOSTIC
2521 panic("ip6_getpcbopt: unexpected option\n");
2522 #endif
2523 INP_RUNLOCK(inp);
2524 return (ENOPROTOOPT);
2525 }
2526 INP_RUNLOCK(inp);
2527
2528 error = sooptcopyout(sopt, optdata, optdatalen);
2529 if (malloc_optdata)
2530 free(optdata, M_TEMP);
2531
2532 return (error);
2533 }
2534
2535 void
2536 ip6_clearpktopts(struct ip6_pktopts *pktopt, int optname)
2537 {
2538 if (pktopt == NULL)
2539 return;
2540
2541 if (optname == -1 || optname == IPV6_PKTINFO) {
2542 if (pktopt->ip6po_pktinfo)
2543 free(pktopt->ip6po_pktinfo, M_IP6OPT);
2544 pktopt->ip6po_pktinfo = NULL;
2545 }
2546 if (optname == -1 || optname == IPV6_HOPLIMIT)
2547 pktopt->ip6po_hlim = -1;
2548 if (optname == -1 || optname == IPV6_TCLASS)
2549 pktopt->ip6po_tclass = -1;
2550 if (optname == -1 || optname == IPV6_NEXTHOP) {
2551 if (pktopt->ip6po_nextroute.ro_rt) {
2552 RTFREE(pktopt->ip6po_nextroute.ro_rt);
2553 pktopt->ip6po_nextroute.ro_rt = NULL;
2554 }
2555 if (pktopt->ip6po_nexthop)
2556 free(pktopt->ip6po_nexthop, M_IP6OPT);
2557 pktopt->ip6po_nexthop = NULL;
2558 }
2559 if (optname == -1 || optname == IPV6_HOPOPTS) {
2560 if (pktopt->ip6po_hbh)
2561 free(pktopt->ip6po_hbh, M_IP6OPT);
2562 pktopt->ip6po_hbh = NULL;
2563 }
2564 if (optname == -1 || optname == IPV6_RTHDRDSTOPTS) {
2565 if (pktopt->ip6po_dest1)
2566 free(pktopt->ip6po_dest1, M_IP6OPT);
2567 pktopt->ip6po_dest1 = NULL;
2568 }
2569 if (optname == -1 || optname == IPV6_RTHDR) {
2570 if (pktopt->ip6po_rhinfo.ip6po_rhi_rthdr)
2571 free(pktopt->ip6po_rhinfo.ip6po_rhi_rthdr, M_IP6OPT);
2572 pktopt->ip6po_rhinfo.ip6po_rhi_rthdr = NULL;
2573 if (pktopt->ip6po_route.ro_rt) {
2574 RTFREE(pktopt->ip6po_route.ro_rt);
2575 pktopt->ip6po_route.ro_rt = NULL;
2576 }
2577 }
2578 if (optname == -1 || optname == IPV6_DSTOPTS) {
2579 if (pktopt->ip6po_dest2)
2580 free(pktopt->ip6po_dest2, M_IP6OPT);
2581 pktopt->ip6po_dest2 = NULL;
2582 }
2583 }
2584
2585 #define PKTOPT_EXTHDRCPY(type) \
2586 do {\
2587 if (src->type) {\
2588 int hlen = (((struct ip6_ext *)src->type)->ip6e_len + 1) << 3;\
2589 dst->type = malloc(hlen, M_IP6OPT, canwait);\
2590 if (dst->type == NULL)\
2591 goto bad;\
2592 bcopy(src->type, dst->type, hlen);\
2593 }\
2594 } while (/*CONSTCOND*/ 0)
2595
2596 static int
2597 copypktopts(struct ip6_pktopts *dst, struct ip6_pktopts *src, int canwait)
2598 {
2599 if (dst == NULL || src == NULL) {
2600 printf("ip6_clearpktopts: invalid argument\n");
2601 return (EINVAL);
2602 }
2603
2604 dst->ip6po_hlim = src->ip6po_hlim;
2605 dst->ip6po_tclass = src->ip6po_tclass;
2606 dst->ip6po_flags = src->ip6po_flags;
2607 dst->ip6po_minmtu = src->ip6po_minmtu;
2608 dst->ip6po_prefer_tempaddr = src->ip6po_prefer_tempaddr;
2609 if (src->ip6po_pktinfo) {
2610 dst->ip6po_pktinfo = malloc(sizeof(*dst->ip6po_pktinfo),
2611 M_IP6OPT, canwait);
2612 if (dst->ip6po_pktinfo == NULL)
2613 goto bad;
2614 *dst->ip6po_pktinfo = *src->ip6po_pktinfo;
2615 }
2616 if (src->ip6po_nexthop) {
2617 dst->ip6po_nexthop = malloc(src->ip6po_nexthop->sa_len,
2618 M_IP6OPT, canwait);
2619 if (dst->ip6po_nexthop == NULL)
2620 goto bad;
2621 bcopy(src->ip6po_nexthop, dst->ip6po_nexthop,
2622 src->ip6po_nexthop->sa_len);
2623 }
2624 PKTOPT_EXTHDRCPY(ip6po_hbh);
2625 PKTOPT_EXTHDRCPY(ip6po_dest1);
2626 PKTOPT_EXTHDRCPY(ip6po_dest2);
2627 PKTOPT_EXTHDRCPY(ip6po_rthdr); /* not copy the cached route */
2628 return (0);
2629
2630 bad:
2631 ip6_clearpktopts(dst, -1);
2632 return (ENOBUFS);
2633 }
2634 #undef PKTOPT_EXTHDRCPY
2635
2636 struct ip6_pktopts *
2637 ip6_copypktopts(struct ip6_pktopts *src, int canwait)
2638 {
2639 int error;
2640 struct ip6_pktopts *dst;
2641
2642 dst = malloc(sizeof(*dst), M_IP6OPT, canwait);
2643 if (dst == NULL)
2644 return (NULL);
2645 ip6_initpktopts(dst);
2646
2647 if ((error = copypktopts(dst, src, canwait)) != 0) {
2648 free(dst, M_IP6OPT);
2649 return (NULL);
2650 }
2651
2652 return (dst);
2653 }
2654
2655 void
2656 ip6_freepcbopts(struct ip6_pktopts *pktopt)
2657 {
2658 if (pktopt == NULL)
2659 return;
2660
2661 ip6_clearpktopts(pktopt, -1);
2662
2663 free(pktopt, M_IP6OPT);
2664 }
2665
2666 /*
2667 * Set IPv6 outgoing packet options based on advanced API.
2668 */
2669 int
2670 ip6_setpktopts(struct mbuf *control, struct ip6_pktopts *opt,
2671 struct ip6_pktopts *stickyopt, struct ucred *cred, int uproto)
2672 {
2673 struct cmsghdr *cm = NULL;
2674
2675 if (control == NULL || opt == NULL)
2676 return (EINVAL);
2677
2678 ip6_initpktopts(opt);
2679 if (stickyopt) {
2680 int error;
2681
2682 /*
2683 * If stickyopt is provided, make a local copy of the options
2684 * for this particular packet, then override them by ancillary
2685 * objects.
2686 * XXX: copypktopts() does not copy the cached route to a next
2687 * hop (if any). This is not very good in terms of efficiency,
2688 * but we can allow this since this option should be rarely
2689 * used.
2690 */
2691 if ((error = copypktopts(opt, stickyopt, M_NOWAIT)) != 0)
2692 return (error);
2693 }
2694
2695 /*
2696 * XXX: Currently, we assume all the optional information is stored
2697 * in a single mbuf.
2698 */
2699 if (control->m_next)
2700 return (EINVAL);
2701
2702 for (; control->m_len > 0; control->m_data += CMSG_ALIGN(cm->cmsg_len),
2703 control->m_len -= CMSG_ALIGN(cm->cmsg_len)) {
2704 int error;
2705
2706 if (control->m_len < CMSG_LEN(0))
2707 return (EINVAL);
2708
2709 cm = mtod(control, struct cmsghdr *);
2710 if (cm->cmsg_len == 0 || cm->cmsg_len > control->m_len)
2711 return (EINVAL);
2712 if (cm->cmsg_level != IPPROTO_IPV6)
2713 continue;
2714
2715 error = ip6_setpktopt(cm->cmsg_type, CMSG_DATA(cm),
2716 cm->cmsg_len - CMSG_LEN(0), opt, cred, 0, 1, uproto);
2717 if (error)
2718 return (error);
2719 }
2720
2721 return (0);
2722 }
2723
2724 /*
2725 * Set a particular packet option, as a sticky option or an ancillary data
2726 * item. "len" can be 0 only when it's a sticky option.
2727 * We have 4 cases of combination of "sticky" and "cmsg":
2728 * "sticky=0, cmsg=0": impossible
2729 * "sticky=0, cmsg=1": RFC2292 or RFC3542 ancillary data
2730 * "sticky=1, cmsg=0": RFC3542 socket option
2731 * "sticky=1, cmsg=1": RFC2292 socket option
2732 */
2733 static int
2734 ip6_setpktopt(int optname, u_char *buf, int len, struct ip6_pktopts *opt,
2735 struct ucred *cred, int sticky, int cmsg, int uproto)
2736 {
2737 int minmtupolicy, preftemp;
2738 int error;
2739
2740 if (!sticky && !cmsg) {
2741 #ifdef DIAGNOSTIC
2742 printf("ip6_setpktopt: impossible case\n");
2743 #endif
2744 return (EINVAL);
2745 }
2746
2747 /*
2748 * IPV6_2292xxx is for backward compatibility to RFC2292, and should
2749 * not be specified in the context of RFC3542. Conversely,
2750 * RFC3542 types should not be specified in the context of RFC2292.
2751 */
2752 if (!cmsg) {
2753 switch (optname) {
2754 case IPV6_2292PKTINFO:
2755 case IPV6_2292HOPLIMIT:
2756 case IPV6_2292NEXTHOP:
2757 case IPV6_2292HOPOPTS:
2758 case IPV6_2292DSTOPTS:
2759 case IPV6_2292RTHDR:
2760 case IPV6_2292PKTOPTIONS:
2761 return (ENOPROTOOPT);
2762 }
2763 }
2764 if (sticky && cmsg) {
2765 switch (optname) {
2766 case IPV6_PKTINFO:
2767 case IPV6_HOPLIMIT:
2768 case IPV6_NEXTHOP:
2769 case IPV6_HOPOPTS:
2770 case IPV6_DSTOPTS:
2771 case IPV6_RTHDRDSTOPTS:
2772 case IPV6_RTHDR:
2773 case IPV6_USE_MIN_MTU:
2774 case IPV6_DONTFRAG:
2775 case IPV6_TCLASS:
2776 case IPV6_PREFER_TEMPADDR: /* XXX: not an RFC3542 option */
2777 return (ENOPROTOOPT);
2778 }
2779 }
2780
2781 switch (optname) {
2782 case IPV6_2292PKTINFO:
2783 case IPV6_PKTINFO:
2784 {
2785 struct ifnet *ifp = NULL;
2786 struct in6_pktinfo *pktinfo;
2787
2788 if (len != sizeof(struct in6_pktinfo))
2789 return (EINVAL);
2790
2791 pktinfo = (struct in6_pktinfo *)buf;
2792
2793 /*
2794 * An application can clear any sticky IPV6_PKTINFO option by
2795 * doing a "regular" setsockopt with ipi6_addr being
2796 * in6addr_any and ipi6_ifindex being zero.
2797 * [RFC 3542, Section 6]
2798 */
2799 if (optname == IPV6_PKTINFO && opt->ip6po_pktinfo &&
2800 pktinfo->ipi6_ifindex == 0 &&
2801 IN6_IS_ADDR_UNSPECIFIED(&pktinfo->ipi6_addr)) {
2802 ip6_clearpktopts(opt, optname);
2803 break;
2804 }
2805
2806 if (uproto == IPPROTO_TCP && optname == IPV6_PKTINFO &&
2807 sticky && !IN6_IS_ADDR_UNSPECIFIED(&pktinfo->ipi6_addr)) {
2808 return (EINVAL);
2809 }
2810 if (IN6_IS_ADDR_MULTICAST(&pktinfo->ipi6_addr))
2811 return (EINVAL);
2812 /* validate the interface index if specified. */
2813 if (pktinfo->ipi6_ifindex > V_if_index)
2814 return (ENXIO);
2815 if (pktinfo->ipi6_ifindex) {
2816 ifp = ifnet_byindex(pktinfo->ipi6_ifindex);
2817 if (ifp == NULL)
2818 return (ENXIO);
2819 }
2820 if (ifp != NULL && (ifp->if_afdata[AF_INET6] == NULL ||
2821 (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED) != 0))
2822 return (ENETDOWN);
2823
2824 if (ifp != NULL &&
2825 !IN6_IS_ADDR_UNSPECIFIED(&pktinfo->ipi6_addr)) {
2826 struct in6_ifaddr *ia;
2827
2828 in6_setscope(&pktinfo->ipi6_addr, ifp, NULL);
2829 ia = in6ifa_ifpwithaddr(ifp, &pktinfo->ipi6_addr);
2830 if (ia == NULL)
2831 return (EADDRNOTAVAIL);
2832 ifa_free(&ia->ia_ifa);
2833 }
2834 /*
2835 * We store the address anyway, and let in6_selectsrc()
2836 * validate the specified address. This is because ipi6_addr
2837 * may not have enough information about its scope zone, and
2838 * we may need additional information (such as outgoing
2839 * interface or the scope zone of a destination address) to
2840 * disambiguate the scope.
2841 * XXX: the delay of the validation may confuse the
2842 * application when it is used as a sticky option.
2843 */
2844 if (opt->ip6po_pktinfo == NULL) {
2845 opt->ip6po_pktinfo = malloc(sizeof(*pktinfo),
2846 M_IP6OPT, M_NOWAIT);
2847 if (opt->ip6po_pktinfo == NULL)
2848 return (ENOBUFS);
2849 }
2850 bcopy(pktinfo, opt->ip6po_pktinfo, sizeof(*pktinfo));
2851 break;
2852 }
2853
2854 case IPV6_2292HOPLIMIT:
2855 case IPV6_HOPLIMIT:
2856 {
2857 int *hlimp;
2858
2859 /*
2860 * RFC 3542 deprecated the usage of sticky IPV6_HOPLIMIT
2861 * to simplify the ordering among hoplimit options.
2862 */
2863 if (optname == IPV6_HOPLIMIT && sticky)
2864 return (ENOPROTOOPT);
2865
2866 if (len != sizeof(int))
2867 return (EINVAL);
2868 hlimp = (int *)buf;
2869 if (*hlimp < -1 || *hlimp > 255)
2870 return (EINVAL);
2871
2872 opt->ip6po_hlim = *hlimp;
2873 break;
2874 }
2875
2876 case IPV6_TCLASS:
2877 {
2878 int tclass;
2879
2880 if (len != sizeof(int))
2881 return (EINVAL);
2882 tclass = *(int *)buf;
2883 if (tclass < -1 || tclass > 255)
2884 return (EINVAL);
2885
2886 opt->ip6po_tclass = tclass;
2887 break;
2888 }
2889
2890 case IPV6_2292NEXTHOP:
2891 case IPV6_NEXTHOP:
2892 if (cred != NULL) {
2893 error = priv_check_cred(cred,
2894 PRIV_NETINET_SETHDROPTS, 0);
2895 if (error)
2896 return (error);
2897 }
2898
2899 if (len == 0) { /* just remove the option */
2900 ip6_clearpktopts(opt, IPV6_NEXTHOP);
2901 break;
2902 }
2903
2904 /* check if cmsg_len is large enough for sa_len */
2905 if (len < sizeof(struct sockaddr) || len < *buf)
2906 return (EINVAL);
2907
2908 switch (((struct sockaddr *)buf)->sa_family) {
2909 case AF_INET6:
2910 {
2911 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)buf;
2912 int error;
2913
2914 if (sa6->sin6_len != sizeof(struct sockaddr_in6))
2915 return (EINVAL);
2916
2917 if (IN6_IS_ADDR_UNSPECIFIED(&sa6->sin6_addr) ||
2918 IN6_IS_ADDR_MULTICAST(&sa6->sin6_addr)) {
2919 return (EINVAL);
2920 }
2921 if ((error = sa6_embedscope(sa6, V_ip6_use_defzone))
2922 != 0) {
2923 return (error);
2924 }
2925 break;
2926 }
2927 case AF_LINK: /* should eventually be supported */
2928 default:
2929 return (EAFNOSUPPORT);
2930 }
2931
2932 /* turn off the previous option, then set the new option. */
2933 ip6_clearpktopts(opt, IPV6_NEXTHOP);
2934 opt->ip6po_nexthop = malloc(*buf, M_IP6OPT, M_NOWAIT);
2935 if (opt->ip6po_nexthop == NULL)
2936 return (ENOBUFS);
2937 bcopy(buf, opt->ip6po_nexthop, *buf);
2938 break;
2939
2940 case IPV6_2292HOPOPTS:
2941 case IPV6_HOPOPTS:
2942 {
2943 struct ip6_hbh *hbh;
2944 int hbhlen;
2945
2946 /*
2947 * XXX: We don't allow a non-privileged user to set ANY HbH
2948 * options, since per-option restriction has too much
2949 * overhead.
2950 */
2951 if (cred != NULL) {
2952 error = priv_check_cred(cred,
2953 PRIV_NETINET_SETHDROPTS, 0);
2954 if (error)
2955 return (error);
2956 }
2957
2958 if (len == 0) {
2959 ip6_clearpktopts(opt, IPV6_HOPOPTS);
2960 break; /* just remove the option */
2961 }
2962
2963 /* message length validation */
2964 if (len < sizeof(struct ip6_hbh))
2965 return (EINVAL);
2966 hbh = (struct ip6_hbh *)buf;
2967 hbhlen = (hbh->ip6h_len + 1) << 3;
2968 if (len != hbhlen)
2969 return (EINVAL);
2970
2971 /* turn off the previous option, then set the new option. */
2972 ip6_clearpktopts(opt, IPV6_HOPOPTS);
2973 opt->ip6po_hbh = malloc(hbhlen, M_IP6OPT, M_NOWAIT);
2974 if (opt->ip6po_hbh == NULL)
2975 return (ENOBUFS);
2976 bcopy(hbh, opt->ip6po_hbh, hbhlen);
2977
2978 break;
2979 }
2980
2981 case IPV6_2292DSTOPTS:
2982 case IPV6_DSTOPTS:
2983 case IPV6_RTHDRDSTOPTS:
2984 {
2985 struct ip6_dest *dest, **newdest = NULL;
2986 int destlen;
2987
2988 if (cred != NULL) { /* XXX: see the comment for IPV6_HOPOPTS */
2989 error = priv_check_cred(cred,
2990 PRIV_NETINET_SETHDROPTS, 0);
2991 if (error)
2992 return (error);
2993 }
2994
2995 if (len == 0) {
2996 ip6_clearpktopts(opt, optname);
2997 break; /* just remove the option */
2998 }
2999
3000 /* message length validation */
3001 if (len < sizeof(struct ip6_dest))
3002 return (EINVAL);
3003 dest = (struct ip6_dest *)buf;
3004 destlen = (dest->ip6d_len + 1) << 3;
3005 if (len != destlen)
3006 return (EINVAL);
3007
3008 /*
3009 * Determine the position that the destination options header
3010 * should be inserted; before or after the routing header.
3011 */
3012 switch (optname) {
3013 case IPV6_2292DSTOPTS:
3014 /*
3015 * The old advacned API is ambiguous on this point.
3016 * Our approach is to determine the position based
3017 * according to the existence of a routing header.
3018 * Note, however, that this depends on the order of the
3019 * extension headers in the ancillary data; the 1st
3020 * part of the destination options header must appear
3021 * before the routing header in the ancillary data,
3022 * too.
3023 * RFC3542 solved the ambiguity by introducing
3024 * separate ancillary data or option types.
3025 */
3026 if (opt->ip6po_rthdr == NULL)
3027 newdest = &opt->ip6po_dest1;
3028 else
3029 newdest = &opt->ip6po_dest2;
3030 break;
3031 case IPV6_RTHDRDSTOPTS:
3032 newdest = &opt->ip6po_dest1;
3033 break;
3034 case IPV6_DSTOPTS:
3035 newdest = &opt->ip6po_dest2;
3036 break;
3037 }
3038
3039 /* turn off the previous option, then set the new option. */
3040 ip6_clearpktopts(opt, optname);
3041 *newdest = malloc(destlen, M_IP6OPT, M_NOWAIT);
3042 if (*newdest == NULL)
3043 return (ENOBUFS);
3044 bcopy(dest, *newdest, destlen);
3045
3046 break;
3047 }
3048
3049 case IPV6_2292RTHDR:
3050 case IPV6_RTHDR:
3051 {
3052 struct ip6_rthdr *rth;
3053 int rthlen;
3054
3055 if (len == 0) {
3056 ip6_clearpktopts(opt, IPV6_RTHDR);
3057 break; /* just remove the option */
3058 }
3059
3060 /* message length validation */
3061 if (len < sizeof(struct ip6_rthdr))
3062 return (EINVAL);
3063 rth = (struct ip6_rthdr *)buf;
3064 rthlen = (rth->ip6r_len + 1) << 3;
3065 if (len != rthlen)
3066 return (EINVAL);
3067
3068 switch (rth->ip6r_type) {
3069 case IPV6_RTHDR_TYPE_0:
3070 if (rth->ip6r_len == 0) /* must contain one addr */
3071 return (EINVAL);
3072 if (rth->ip6r_len % 2) /* length must be even */
3073 return (EINVAL);
3074 if (rth->ip6r_len / 2 != rth->ip6r_segleft)
3075 return (EINVAL);
3076 break;
3077 default:
3078 return (EINVAL); /* not supported */
3079 }
3080
3081 /* turn off the previous option */
3082 ip6_clearpktopts(opt, IPV6_RTHDR);
3083 opt->ip6po_rthdr = malloc(rthlen, M_IP6OPT, M_NOWAIT);
3084 if (opt->ip6po_rthdr == NULL)
3085 return (ENOBUFS);
3086 bcopy(rth, opt->ip6po_rthdr, rthlen);
3087
3088 break;
3089 }
3090
3091 case IPV6_USE_MIN_MTU:
3092 if (len != sizeof(int))
3093 return (EINVAL);
3094 minmtupolicy = *(int *)buf;
3095 if (minmtupolicy != IP6PO_MINMTU_MCASTONLY &&
3096 minmtupolicy != IP6PO_MINMTU_DISABLE &&
3097 minmtupolicy != IP6PO_MINMTU_ALL) {
3098 return (EINVAL);
3099 }
3100 opt->ip6po_minmtu = minmtupolicy;
3101 break;
3102
3103 case IPV6_DONTFRAG:
3104 if (len != sizeof(int))
3105 return (EINVAL);
3106
3107 if (uproto == IPPROTO_TCP || *(int *)buf == 0) {
3108 /*
3109 * we ignore this option for TCP sockets.
3110 * (RFC3542 leaves this case unspecified.)
3111 */
3112 opt->ip6po_flags &= ~IP6PO_DONTFRAG;
3113 } else
3114 opt->ip6po_flags |= IP6PO_DONTFRAG;
3115 break;
3116
3117 case IPV6_PREFER_TEMPADDR:
3118 if (len != sizeof(int))
3119 return (EINVAL);
3120 preftemp = *(int *)buf;
3121 if (preftemp != IP6PO_TEMPADDR_SYSTEM &&
3122 preftemp != IP6PO_TEMPADDR_NOTPREFER &&
3123 preftemp != IP6PO_TEMPADDR_PREFER) {
3124 return (EINVAL);
3125 }
3126 opt->ip6po_prefer_tempaddr = preftemp;
3127 break;
3128
3129 default:
3130 return (ENOPROTOOPT);
3131 } /* end of switch */
3132
3133 return (0);
3134 }
3135
3136 /*
3137 * Routine called from ip6_output() to loop back a copy of an IP6 multicast
3138 * packet to the input queue of a specified interface. Note that this
3139 * calls the output routine of the loopback "driver", but with an interface
3140 * pointer that might NOT be &loif -- easier than replicating that code here.
3141 */
3142 void
3143 ip6_mloopback(struct ifnet *ifp, struct mbuf *m)
3144 {
3145 struct mbuf *copym;
3146 struct ip6_hdr *ip6;
3147
3148 copym = m_copym(m, 0, M_COPYALL, M_NOWAIT);
3149 if (copym == NULL)
3150 return;
3151
3152 /*
3153 * Make sure to deep-copy IPv6 header portion in case the data
3154 * is in an mbuf cluster, so that we can safely override the IPv6
3155 * header portion later.
3156 */
3157 if (!M_WRITABLE(copym) ||
3158 copym->m_len < sizeof(struct ip6_hdr)) {
3159 copym = m_pullup(copym, sizeof(struct ip6_hdr));
3160 if (copym == NULL)
3161 return;
3162 }
3163 ip6 = mtod(copym, struct ip6_hdr *);
3164 /*
3165 * clear embedded scope identifiers if necessary.
3166 * in6_clearscope will touch the addresses only when necessary.
3167 */
3168 in6_clearscope(&ip6->ip6_src);
3169 in6_clearscope(&ip6->ip6_dst);
3170 if (copym->m_pkthdr.csum_flags & CSUM_DELAY_DATA_IPV6) {
3171 copym->m_pkthdr.csum_flags |= CSUM_DATA_VALID_IPV6 |
3172 CSUM_PSEUDO_HDR;
3173 copym->m_pkthdr.csum_data = 0xffff;
3174 }
3175 if_simloop(ifp, copym, AF_INET6, 0);
3176 }
3177
3178 /*
3179 * Chop IPv6 header off from the payload.
3180 */
3181 static int
3182 ip6_splithdr(struct mbuf *m, struct ip6_exthdrs *exthdrs)
3183 {
3184 struct mbuf *mh;
3185 struct ip6_hdr *ip6;
3186
3187 ip6 = mtod(m, struct ip6_hdr *);
3188 if (m->m_len > sizeof(*ip6)) {
3189 mh = m_gethdr(M_NOWAIT, MT_DATA);
3190 if (mh == NULL) {
3191 m_freem(m);
3192 return ENOBUFS;
3193 }
3194 m_move_pkthdr(mh, m);
3195 M_ALIGN(mh, sizeof(*ip6));
3196 m->m_len -= sizeof(*ip6);
3197 m->m_data += sizeof(*ip6);
3198 mh->m_next = m;
3199 m = mh;
3200 m->m_len = sizeof(*ip6);
3201 bcopy((caddr_t)ip6, mtod(m, caddr_t), sizeof(*ip6));
3202 }
3203 exthdrs->ip6e_ip6 = m;
3204 return 0;
3205 }
3206
3207 /*
3208 * Compute IPv6 extension header length.
3209 */
3210 int
3211 ip6_optlen(struct inpcb *inp)
3212 {
3213 int len;
3214
3215 if (!inp->in6p_outputopts)
3216 return 0;
3217
3218 len = 0;
3219 #define elen(x) \
3220 (((struct ip6_ext *)(x)) ? (((struct ip6_ext *)(x))->ip6e_len + 1) << 3 : 0)
3221
3222 len += elen(inp->in6p_outputopts->ip6po_hbh);
3223 if (inp->in6p_outputopts->ip6po_rthdr)
3224 /* dest1 is valid with rthdr only */
3225 len += elen(inp->in6p_outputopts->ip6po_dest1);
3226 len += elen(inp->in6p_outputopts->ip6po_rthdr);
3227 len += elen(inp->in6p_outputopts->ip6po_dest2);
3228 return len;
3229 #undef elen
3230 }
Cache object: 16634558659b4d8b2163e606fedb8a68
|