Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/netinet6/nd6.c
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /* $NetBSD: nd6.c,v 1.91.10.1 2005/04/07 17:06:56 jmc Exp $ */ 2 /* $KAME: nd6.c,v 1.279 2002/06/08 11:16:51 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 #include <sys/cdefs.h> 34 __KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.91.10.1 2005/04/07 17:06:56 jmc Exp $"); 35 36 #include "opt_ipsec.h" 37 38 #include <sys/param.h> 39 #include <sys/systm.h> 40 #include <sys/callout.h> 41 #include <sys/malloc.h> 42 #include <sys/mbuf.h> 43 #include <sys/socket.h> 44 #include <sys/sockio.h> 45 #include <sys/time.h> 46 #include <sys/kernel.h> 47 #include <sys/protosw.h> 48 #include <sys/errno.h> 49 #include <sys/ioctl.h> 50 #include <sys/syslog.h> 51 #include <sys/queue.h> 52 53 #include <net/if.h> 54 #include <net/if_dl.h> 55 #include <net/if_types.h> 56 #include <net/route.h> 57 #include <net/if_ether.h> 58 #include <net/if_fddi.h> 59 #include <net/if_arc.h> 60 61 #include <netinet/in.h> 62 #include <netinet6/in6_var.h> 63 #include <netinet/ip6.h> 64 #include <netinet6/ip6_var.h> 65 #include <netinet6/nd6.h> 66 #include <netinet/icmp6.h> 67 68 #ifdef IPSEC 69 #include <netinet6/ipsec.h> 70 #endif 71 72 #include <net/net_osdep.h> 73 74 #define ND6_SLOWTIMER_INTERVAL (60 * 60) /* 1 hour */ 75 #define ND6_RECALC_REACHTM_INTERVAL (60 * 120) /* 2 hours */ 76 77 #define SIN6(s) ((struct sockaddr_in6 *)s) 78 #define SDL(s) ((struct sockaddr_dl *)s) 79 80 /* timer values */ 81 int nd6_prune = 1; /* walk list every 1 seconds */ 82 int nd6_delay = 5; /* delay first probe time 5 second */ 83 int nd6_umaxtries = 3; /* maximum unicast query */ 84 int nd6_mmaxtries = 3; /* maximum multicast query */ 85 int nd6_useloopback = 1; /* use loopback interface for local traffic */ 86 int nd6_gctimer = (60 * 60 * 24); /* 1 day: garbage collection timer */ 87 88 /* preventing too many loops in ND option parsing */ 89 int nd6_maxndopt = 10; /* max # of ND options allowed */ 90 91 int nd6_maxnudhint = 0; /* max # of subsequent upper layer hints */ 92 93 #ifdef ND6_DEBUG 94 int nd6_debug = 1; 95 #else 96 int nd6_debug = 0; 97 #endif 98 99 /* for debugging? */ 100 static int nd6_inuse, nd6_allocated; 101 102 struct llinfo_nd6 llinfo_nd6 = {&llinfo_nd6, &llinfo_nd6}; 103 struct nd_drhead nd_defrouter; 104 struct nd_prhead nd_prefix = { 0 }; 105 106 int nd6_recalc_reachtm_interval = ND6_RECALC_REACHTM_INTERVAL; 107 static struct sockaddr_in6 all1_sa; 108 109 static void nd6_setmtu0 __P((struct ifnet *, struct nd_ifinfo *)); 110 static void nd6_slowtimo __P((void *)); 111 static struct llinfo_nd6 *nd6_free __P((struct rtentry *, int)); 112 static void nd6_llinfo_timer __P((void *)); 113 114 struct callout nd6_slowtimo_ch = CALLOUT_INITIALIZER; 115 struct callout nd6_timer_ch = CALLOUT_INITIALIZER; 116 117 static int fill_drlist __P((void *, size_t *, size_t)); 118 static int fill_prlist __P((void *, size_t *, size_t)); 119 120 MALLOC_DEFINE(M_IP6NDP, "NDP", "IPv6 Neighbour Discovery"); 121 122 void 123 nd6_init() 124 { 125 static int nd6_init_done = 0; 126 int i; 127 128 if (nd6_init_done) { 129 log(LOG_NOTICE, "nd6_init called more than once(ignored)\n"); 130 return; 131 } 132 133 all1_sa.sin6_family = AF_INET6; 134 all1_sa.sin6_len = sizeof(struct sockaddr_in6); 135 for (i = 0; i < sizeof(all1_sa.sin6_addr); i++) 136 all1_sa.sin6_addr.s6_addr[i] = 0xff; 137 138 /* initialization of the default router list */ 139 TAILQ_INIT(&nd_defrouter); 140 141 nd6_init_done = 1; 142 143 /* start timer */ 144 callout_reset(&nd6_slowtimo_ch, ND6_SLOWTIMER_INTERVAL * hz, 145 nd6_slowtimo, NULL); 146 } 147 148 struct nd_ifinfo * 149 nd6_ifattach(ifp) 150 struct ifnet *ifp; 151 { 152 struct nd_ifinfo *nd; 153 154 nd = (struct nd_ifinfo *)malloc(sizeof(*nd), M_IP6NDP, M_WAITOK); 155 bzero(nd, sizeof(*nd)); 156 157 nd->initialized = 1; 158 159 nd->chlim = IPV6_DEFHLIM; 160 nd->basereachable = REACHABLE_TIME; 161 nd->reachable = ND_COMPUTE_RTIME(nd->basereachable); 162 nd->retrans = RETRANS_TIMER; 163 /* 164 * Note that the default value of ip6_accept_rtadv is 0, which means 165 * we won't accept RAs by default even if we set ND6_IFF_ACCEPT_RTADV 166 * here. 167 */ 168 nd->flags = (ND6_IFF_PERFORMNUD | ND6_IFF_ACCEPT_RTADV); 169 170 /* XXX: we cannot call nd6_setmtu since ifp is not fully initialized */ 171 nd6_setmtu0(ifp, nd); 172 173 return nd; 174 } 175 176 void 177 nd6_ifdetach(nd) 178 struct nd_ifinfo *nd; 179 { 180 181 free(nd, M_IP6NDP); 182 } 183 184 void 185 nd6_setmtu(ifp) 186 struct ifnet *ifp; 187 { 188 nd6_setmtu0(ifp, ND_IFINFO(ifp)); 189 } 190 191 void 192 nd6_setmtu0(ifp, ndi) 193 struct ifnet *ifp; 194 struct nd_ifinfo *ndi; 195 { 196 u_int32_t omaxmtu; 197 198 omaxmtu = ndi->maxmtu; 199 200 switch (ifp->if_type) { 201 case IFT_ARCNET: 202 ndi->maxmtu = MIN(ARC_PHDS_MAXMTU, ifp->if_mtu); /* RFC2497 */ 203 break; 204 case IFT_FDDI: 205 ndi->maxmtu = MIN(FDDIIPMTU, ifp->if_mtu); 206 break; 207 default: 208 ndi->maxmtu = ifp->if_mtu; 209 break; 210 } 211 212 /* 213 * Decreasing the interface MTU under IPV6 minimum MTU may cause 214 * undesirable situation. We thus notify the operator of the change 215 * explicitly. The check for omaxmtu is necessary to restrict the 216 * log to the case of changing the MTU, not initializing it. 217 */ 218 if (omaxmtu >= IPV6_MMTU && ndi->maxmtu < IPV6_MMTU) { 219 log(LOG_NOTICE, "nd6_setmtu0: new link MTU on %s (%lu) is too" 220 " small for IPv6 which needs %lu\n", 221 if_name(ifp), (unsigned long)ndi->maxmtu, (unsigned long) 222 IPV6_MMTU); 223 } 224 225 if (ndi->maxmtu > in6_maxmtu) 226 in6_setmaxmtu(); /* check all interfaces just in case */ 227 } 228 229 void 230 nd6_option_init(opt, icmp6len, ndopts) 231 void *opt; 232 int icmp6len; 233 union nd_opts *ndopts; 234 { 235 236 bzero(ndopts, sizeof(*ndopts)); 237 ndopts->nd_opts_search = (struct nd_opt_hdr *)opt; 238 ndopts->nd_opts_last 239 = (struct nd_opt_hdr *)(((u_char *)opt) + icmp6len); 240 241 if (icmp6len == 0) { 242 ndopts->nd_opts_done = 1; 243 ndopts->nd_opts_search = NULL; 244 } 245 } 246 247 /* 248 * Take one ND option. 249 */ 250 struct nd_opt_hdr * 251 nd6_option(ndopts) 252 union nd_opts *ndopts; 253 { 254 struct nd_opt_hdr *nd_opt; 255 int olen; 256 257 if (!ndopts) 258 panic("ndopts == NULL in nd6_option"); 259 if (!ndopts->nd_opts_last) 260 panic("uninitialized ndopts in nd6_option"); 261 if (!ndopts->nd_opts_search) 262 return NULL; 263 if (ndopts->nd_opts_done) 264 return NULL; 265 266 nd_opt = ndopts->nd_opts_search; 267 268 /* make sure nd_opt_len is inside the buffer */ 269 if ((caddr_t)&nd_opt->nd_opt_len >= (caddr_t)ndopts->nd_opts_last) { 270 bzero(ndopts, sizeof(*ndopts)); 271 return NULL; 272 } 273 274 olen = nd_opt->nd_opt_len << 3; 275 if (olen == 0) { 276 /* 277 * Message validation requires that all included 278 * options have a length that is greater than zero. 279 */ 280 bzero(ndopts, sizeof(*ndopts)); 281 return NULL; 282 } 283 284 ndopts->nd_opts_search = (struct nd_opt_hdr *)((caddr_t)nd_opt + olen); 285 if (ndopts->nd_opts_search > ndopts->nd_opts_last) { 286 /* option overruns the end of buffer, invalid */ 287 bzero(ndopts, sizeof(*ndopts)); 288 return NULL; 289 } else if (ndopts->nd_opts_search == ndopts->nd_opts_last) { 290 /* reached the end of options chain */ 291 ndopts->nd_opts_done = 1; 292 ndopts->nd_opts_search = NULL; 293 } 294 return nd_opt; 295 } 296 297 /* 298 * Parse multiple ND options. 299 * This function is much easier to use, for ND routines that do not need 300 * multiple options of the same type. 301 */ 302 int 303 nd6_options(ndopts) 304 union nd_opts *ndopts; 305 { 306 struct nd_opt_hdr *nd_opt; 307 int i = 0; 308 309 if (!ndopts) 310 panic("ndopts == NULL in nd6_options"); 311 if (!ndopts->nd_opts_last) 312 panic("uninitialized ndopts in nd6_options"); 313 if (!ndopts->nd_opts_search) 314 return 0; 315 316 while (1) { 317 nd_opt = nd6_option(ndopts); 318 if (!nd_opt && !ndopts->nd_opts_last) { 319 /* 320 * Message validation requires that all included 321 * options have a length that is greater than zero. 322 */ 323 icmp6stat.icp6s_nd_badopt++; 324 bzero(ndopts, sizeof(*ndopts)); 325 return -1; 326 } 327 328 if (!nd_opt) 329 goto skip1; 330 331 switch (nd_opt->nd_opt_type) { 332 case ND_OPT_SOURCE_LINKADDR: 333 case ND_OPT_TARGET_LINKADDR: 334 case ND_OPT_MTU: 335 case ND_OPT_REDIRECTED_HEADER: 336 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) { 337 nd6log((LOG_INFO, 338 "duplicated ND6 option found (type=%d)\n", 339 nd_opt->nd_opt_type)); 340 /* XXX bark? */ 341 } else { 342 ndopts->nd_opt_array[nd_opt->nd_opt_type] 343 = nd_opt; 344 } 345 break; 346 case ND_OPT_PREFIX_INFORMATION: 347 if (ndopts->nd_opt_array[nd_opt->nd_opt_type] == 0) { 348 ndopts->nd_opt_array[nd_opt->nd_opt_type] 349 = nd_opt; 350 } 351 ndopts->nd_opts_pi_end = 352 (struct nd_opt_prefix_info *)nd_opt; 353 break; 354 default: 355 /* 356 * Unknown options must be silently ignored, 357 * to accomodate future extension to the protocol. 358 */ 359 nd6log((LOG_DEBUG, 360 "nd6_options: unsupported option %d - " 361 "option ignored\n", nd_opt->nd_opt_type)); 362 } 363 364 skip1: 365 i++; 366 if (i > nd6_maxndopt) { 367 icmp6stat.icp6s_nd_toomanyopt++; 368 nd6log((LOG_INFO, "too many loop in nd opt\n")); 369 break; 370 } 371 372 if (ndopts->nd_opts_done) 373 break; 374 } 375 376 return 0; 377 } 378 379 /* 380 * ND6 timer routine to handle ND6 entries 381 */ 382 void 383 nd6_llinfo_settimer(ln, tick) 384 struct llinfo_nd6 *ln; 385 long tick; 386 { 387 int s; 388 389 s = splsoftnet(); 390 391 if (tick < 0) { 392 ln->ln_expire = 0; 393 ln->ln_ntick = 0; 394 callout_stop(&ln->ln_timer_ch); 395 } else { 396 ln->ln_expire = time.tv_sec + tick / hz; 397 if (tick > INT_MAX) { 398 ln->ln_ntick = tick - INT_MAX; 399 callout_reset(&ln->ln_timer_ch, INT_MAX, 400 nd6_llinfo_timer, ln); 401 } else { 402 ln->ln_ntick = 0; 403 callout_reset(&ln->ln_timer_ch, tick, 404 nd6_llinfo_timer, ln); 405 } 406 } 407 408 splx(s); 409 } 410 411 static void 412 nd6_llinfo_timer(arg) 413 void *arg; 414 { 415 int s; 416 struct llinfo_nd6 *ln; 417 struct rtentry *rt; 418 const struct sockaddr_in6 *dst; 419 struct ifnet *ifp; 420 struct nd_ifinfo *ndi = NULL; 421 422 s = splsoftnet(); 423 424 ln = (struct llinfo_nd6 *)arg; 425 426 if (ln->ln_ntick > 0) { 427 if (ln->ln_ntick > INT_MAX) { 428 ln->ln_ntick -= INT_MAX; 429 nd6_llinfo_settimer(ln, INT_MAX); 430 } else { 431 ln->ln_ntick = 0; 432 nd6_llinfo_settimer(ln, ln->ln_ntick); 433 } 434 splx(s); 435 return; 436 } 437 438 if ((rt = ln->ln_rt) == NULL) 439 panic("ln->ln_rt == NULL"); 440 if ((ifp = rt->rt_ifp) == NULL) 441 panic("ln->ln_rt->rt_ifp == NULL"); 442 ndi = ND_IFINFO(ifp); 443 dst = (struct sockaddr_in6 *)rt_key(rt); 444 445 /* sanity check */ 446 if (rt->rt_llinfo && (struct llinfo_nd6 *)rt->rt_llinfo != ln) 447 panic("rt_llinfo(%p) is not equal to ln(%p)", 448 rt->rt_llinfo, ln); 449 if (!dst) 450 panic("dst=0 in nd6_timer(ln=%p)", ln); 451 452 switch (ln->ln_state) { 453 case ND6_LLINFO_INCOMPLETE: 454 if (ln->ln_asked < nd6_mmaxtries) { 455 ln->ln_asked++; 456 nd6_llinfo_settimer(ln, (long)ndi->retrans * hz / 1000); 457 nd6_ns_output(ifp, NULL, &dst->sin6_addr, ln, 0); 458 } else { 459 struct mbuf *m = ln->ln_hold; 460 if (m) { 461 ln->ln_hold = NULL; 462 /* 463 * Fake rcvif to make the ICMP error 464 * more helpful in diagnosing for the 465 * receiver. 466 * XXX: should we consider 467 * older rcvif? 468 */ 469 m->m_pkthdr.rcvif = rt->rt_ifp; 470 471 icmp6_error(m, ICMP6_DST_UNREACH, 472 ICMP6_DST_UNREACH_ADDR, 0); 473 } 474 (void)nd6_free(rt, 0); 475 ln = NULL; 476 } 477 break; 478 case ND6_LLINFO_REACHABLE: 479 if (!ND6_LLINFO_PERMANENT(ln)) { 480 ln->ln_state = ND6_LLINFO_STALE; 481 nd6_llinfo_settimer(ln, (long)nd6_gctimer * hz); 482 } 483 break; 484 485 case ND6_LLINFO_STALE: 486 /* Garbage Collection(RFC 2461 5.3) */ 487 if (!ND6_LLINFO_PERMANENT(ln)) { 488 (void)nd6_free(rt, 1); 489 ln = NULL; 490 } 491 break; 492 493 case ND6_LLINFO_DELAY: 494 if (ndi && (ndi->flags & ND6_IFF_PERFORMNUD) != 0) { 495 /* We need NUD */ 496 ln->ln_asked = 1; 497 ln->ln_state = ND6_LLINFO_PROBE; 498 nd6_llinfo_settimer(ln, (long)ndi->retrans * hz / 1000); 499 nd6_ns_output(ifp, &dst->sin6_addr, 500 &dst->sin6_addr, ln, 0); 501 } else { 502 ln->ln_state = ND6_LLINFO_STALE; /* XXX */ 503 nd6_llinfo_settimer(ln, (long)nd6_gctimer * hz); 504 } 505 break; 506 case ND6_LLINFO_PROBE: 507 if (ln->ln_asked < nd6_umaxtries) { 508 ln->ln_asked++; 509 nd6_llinfo_settimer(ln, (long)ndi->retrans * hz / 1000); 510 nd6_ns_output(ifp, &dst->sin6_addr, 511 &dst->sin6_addr, ln, 0); 512 } else { 513 (void)nd6_free(rt, 0); 514 ln = NULL; 515 } 516 break; 517 } 518 519 splx(s); 520 } 521 522 /* 523 * ND6 timer routine to expire default route list and prefix list 524 */ 525 void 526 nd6_timer(ignored_arg) 527 void *ignored_arg; 528 { 529 int s; 530 struct nd_defrouter *dr; 531 struct nd_prefix *pr; 532 struct in6_ifaddr *ia6, *nia6; 533 534 s = splsoftnet(); 535 callout_reset(&nd6_timer_ch, nd6_prune * hz, 536 nd6_timer, NULL); 537 538 /* expire default router list */ 539 dr = TAILQ_FIRST(&nd_defrouter); 540 while (dr) { 541 if (dr->expire && dr->expire < time.tv_sec) { 542 struct nd_defrouter *t; 543 t = TAILQ_NEXT(dr, dr_entry); 544 defrtrlist_del(dr); 545 dr = t; 546 } else { 547 dr = TAILQ_NEXT(dr, dr_entry); 548 } 549 } 550 551 /* 552 * expire interface addresses. 553 * in the past the loop was inside prefix expiry processing. 554 * However, from a stricter speci-confrmance standpoint, we should 555 * rather separate address lifetimes and prefix lifetimes. 556 */ 557 for (ia6 = in6_ifaddr; ia6; ia6 = nia6) { 558 nia6 = ia6->ia_next; 559 /* check address lifetime */ 560 if (IFA6_IS_INVALID(ia6)) { 561 in6_purgeaddr(&ia6->ia_ifa); 562 } 563 if (IFA6_IS_DEPRECATED(ia6)) { 564 ia6->ia6_flags |= IN6_IFF_DEPRECATED; 565 } else { 566 /* 567 * A new RA might have made a deprecated address 568 * preferred. 569 */ 570 ia6->ia6_flags &= ~IN6_IFF_DEPRECATED; 571 } 572 } 573 574 /* expire prefix list */ 575 pr = nd_prefix.lh_first; 576 while (pr) { 577 /* 578 * check prefix lifetime. 579 * since pltime is just for autoconf, pltime processing for 580 * prefix is not necessary. 581 */ 582 if (pr->ndpr_vltime != ND6_INFINITE_LIFETIME && 583 time.tv_sec - pr->ndpr_lastupdate > pr->ndpr_vltime) { 584 struct nd_prefix *t; 585 t = pr->ndpr_next; 586 587 /* 588 * address expiration and prefix expiration are 589 * separate. NEVER perform in6_purgeaddr here. 590 */ 591 592 prelist_remove(pr); 593 pr = t; 594 } else 595 pr = pr->ndpr_next; 596 } 597 splx(s); 598 } 599 600 /* 601 * Nuke neighbor cache/prefix/default router management table, right before 602 * ifp goes away. 603 */ 604 void 605 nd6_purge(ifp) 606 struct ifnet *ifp; 607 { 608 struct llinfo_nd6 *ln, *nln; 609 struct nd_defrouter *dr, *ndr; 610 struct nd_prefix *pr, *npr; 611 612 /* 613 * Nuke default router list entries toward ifp. 614 * We defer removal of default router list entries that is installed 615 * in the routing table, in order to keep additional side effects as 616 * small as possible. 617 */ 618 for (dr = TAILQ_FIRST(&nd_defrouter); dr; dr = ndr) { 619 ndr = TAILQ_NEXT(dr, dr_entry); 620 if (dr->installed) 621 continue; 622 623 if (dr->ifp == ifp) 624 defrtrlist_del(dr); 625 } 626 for (dr = TAILQ_FIRST(&nd_defrouter); dr; dr = ndr) { 627 ndr = TAILQ_NEXT(dr, dr_entry); 628 if (!dr->installed) 629 continue; 630 631 if (dr->ifp == ifp) 632 defrtrlist_del(dr); 633 } 634 635 /* Nuke prefix list entries toward ifp */ 636 for (pr = nd_prefix.lh_first; pr; pr = npr) { 637 npr = pr->ndpr_next; 638 if (pr->ndpr_ifp == ifp) { 639 /* 640 * Because if_detach() does *not* release prefixes 641 * while purging addresses the reference count will 642 * still be above zero. We therefore reset it to 643 * make sure that the prefix really gets purged. 644 */ 645 pr->ndpr_refcnt = 0; 646 /* 647 * Previously, pr->ndpr_addr is removed as well, 648 * but I strongly believe we don't have to do it. 649 * nd6_purge() is only called from in6_ifdetach(), 650 * which removes all the associated interface addresses 651 * by itself. 652 * (jinmei@kame.net 20010129) 653 */ 654 prelist_remove(pr); 655 } 656 } 657 658 /* cancel default outgoing interface setting */ 659 if (nd6_defifindex == ifp->if_index) 660 nd6_setdefaultiface(0); 661 662 if (!ip6_forwarding && ip6_accept_rtadv) { /* XXX: too restrictive? */ 663 /* refresh default router list */ 664 defrouter_select(); 665 } 666 667 /* 668 * Nuke neighbor cache entries for the ifp. 669 * Note that rt->rt_ifp may not be the same as ifp, 670 * due to KAME goto ours hack. See RTM_RESOLVE case in 671 * nd6_rtrequest(), and ip6_input(). 672 */ 673 ln = llinfo_nd6.ln_next; 674 while (ln && ln != &llinfo_nd6) { 675 struct rtentry *rt; 676 struct sockaddr_dl *sdl; 677 678 nln = ln->ln_next; 679 rt = ln->ln_rt; 680 if (rt && rt->rt_gateway && 681 rt->rt_gateway->sa_family == AF_LINK) { 682 sdl = (struct sockaddr_dl *)rt->rt_gateway; 683 if (sdl->sdl_index == ifp->if_index) 684 nln = nd6_free(rt, 0); 685 } 686 ln = nln; 687 } 688 } 689 690 struct rtentry * 691 nd6_lookup(addr6, create, ifp) 692 struct in6_addr *addr6; 693 int create; 694 struct ifnet *ifp; 695 { 696 struct rtentry *rt; 697 struct sockaddr_in6 sin6; 698 699 bzero(&sin6, sizeof(sin6)); 700 sin6.sin6_len = sizeof(struct sockaddr_in6); 701 sin6.sin6_family = AF_INET6; 702 sin6.sin6_addr = *addr6; 703 rt = rtalloc1((struct sockaddr *)&sin6, create); 704 if (rt && (rt->rt_flags & RTF_LLINFO) == 0) { 705 /* 706 * This is the case for the default route. 707 * If we want to create a neighbor cache for the address, we 708 * should free the route for the destination and allocate an 709 * interface route. 710 */ 711 if (create) { 712 RTFREE(rt); 713 rt = 0; 714 } 715 } 716 if (!rt) { 717 if (create && ifp) { 718 int e; 719 720 /* 721 * If no route is available and create is set, 722 * we allocate a host route for the destination 723 * and treat it like an interface route. 724 * This hack is necessary for a neighbor which can't 725 * be covered by our own prefix. 726 */ 727 struct ifaddr *ifa = 728 ifaof_ifpforaddr((struct sockaddr *)&sin6, ifp); 729 if (ifa == NULL) 730 return (NULL); 731 732 /* 733 * Create a new route. RTF_LLINFO is necessary 734 * to create a Neighbor Cache entry for the 735 * destination in nd6_rtrequest which will be 736 * called in rtrequest via ifa->ifa_rtrequest. 737 */ 738 if ((e = rtrequest(RTM_ADD, (struct sockaddr *)&sin6, 739 ifa->ifa_addr, (struct sockaddr *)&all1_sa, 740 (ifa->ifa_flags | RTF_HOST | RTF_LLINFO) & 741 ~RTF_CLONING, &rt)) != 0) { 742 #if 0 743 log(LOG_ERR, 744 "nd6_lookup: failed to add route for a " 745 "neighbor(%s), errno=%d\n", 746 ip6_sprintf(addr6), e); 747 #endif 748 return (NULL); 749 } 750 if (rt == NULL) 751 return (NULL); 752 if (rt->rt_llinfo) { 753 struct llinfo_nd6 *ln = 754 (struct llinfo_nd6 *)rt->rt_llinfo; 755 ln->ln_state = ND6_LLINFO_NOSTATE; 756 } 757 } else 758 return (NULL); 759 } 760 rt->rt_refcnt--; 761 /* 762 * Validation for the entry. 763 * Note that the check for rt_llinfo is necessary because a cloned 764 * route from a parent route that has the L flag (e.g. the default 765 * route to a p2p interface) may have the flag, too, while the 766 * destination is not actually a neighbor. 767 * XXX: we can't use rt->rt_ifp to check for the interface, since 768 * it might be the loopback interface if the entry is for our 769 * own address on a non-loopback interface. Instead, we should 770 * use rt->rt_ifa->ifa_ifp, which would specify the REAL 771 * interface. 772 */ 773 if ((rt->rt_flags & RTF_GATEWAY) || (rt->rt_flags & RTF_LLINFO) == 0 || 774 rt->rt_gateway->sa_family != AF_LINK || rt->rt_llinfo == NULL || 775 (ifp && rt->rt_ifa->ifa_ifp != ifp)) { 776 if (create) { 777 nd6log((LOG_DEBUG, 778 "nd6_lookup: failed to lookup %s (if = %s)\n", 779 ip6_sprintf(addr6), 780 ifp ? if_name(ifp) : "unspec")); 781 } 782 return (NULL); 783 } 784 return (rt); 785 } 786 787 /* 788 * Detect if a given IPv6 address identifies a neighbor on a given link. 789 * XXX: should take care of the destination of a p2p link? 790 */ 791 int 792 nd6_is_addr_neighbor(addr, ifp) 793 struct sockaddr_in6 *addr; 794 struct ifnet *ifp; 795 { 796 struct nd_prefix *pr; 797 798 /* 799 * A link-local address is always a neighbor. 800 * XXX: we should use the sin6_scope_id field rather than the embedded 801 * interface index. 802 * XXX: a link does not necessarily specify a single interface. 803 */ 804 if (IN6_IS_ADDR_LINKLOCAL(&addr->sin6_addr) && 805 ntohs(addr->sin6_addr.s6_addr16[1]) == ifp->if_index) 806 return (1); 807 808 /* 809 * If the address matches one of our on-link prefixes, it should be a 810 * neighbor. 811 */ 812 for (pr = nd_prefix.lh_first; pr; pr = pr->ndpr_next) { 813 if (pr->ndpr_ifp != ifp) 814 continue; 815 816 if (!(pr->ndpr_stateflags & NDPRF_ONLINK)) 817 continue; 818 819 if (IN6_ARE_MASKED_ADDR_EQUAL(&pr->ndpr_prefix.sin6_addr, 820 &addr->sin6_addr, &pr->ndpr_mask)) 821 return (1); 822 } 823 824 /* 825 * If the default router list is empty, all addresses are regarded 826 * as on-link, and thus, as a neighbor. 827 * XXX: we restrict the condition to hosts, because routers usually do 828 * not have the "default router list". 829 */ 830 if (!ip6_forwarding && TAILQ_FIRST(&nd_defrouter) == NULL && 831 nd6_defifindex == ifp->if_index) { 832 return (1); 833 } 834 835 /* 836 * Even if the address matches none of our addresses, it might be 837 * in the neighbor cache. 838 */ 839 if (nd6_lookup(&addr->sin6_addr, 0, ifp) != NULL) 840 return (1); 841 842 return (0); 843 } 844 845 /* 846 * Free an nd6 llinfo entry. 847 * Since the function would cause significant changes in the kernel, DO NOT 848 * make it global, unless you have a strong reason for the change, and are sure 849 * that the change is safe. 850 */ 851 static struct llinfo_nd6 * 852 nd6_free(rt, gc) 853 struct rtentry *rt; 854 int gc; 855 { 856 struct llinfo_nd6 *ln = (struct llinfo_nd6 *)rt->rt_llinfo, *next; 857 struct in6_addr in6 = ((struct sockaddr_in6 *)rt_key(rt))->sin6_addr; 858 struct nd_defrouter *dr; 859 860 /* 861 * we used to have pfctlinput(PRC_HOSTDEAD) here. 862 * even though it is not harmful, it was not really necessary. 863 */ 864 865 /* cancel timer */ 866 nd6_llinfo_settimer(ln, -1); 867 868 if (!ip6_forwarding) { 869 int s; 870 s = splsoftnet(); 871 dr = defrouter_lookup(&((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 872 rt->rt_ifp); 873 874 if (dr != NULL && dr->expire && 875 ln->ln_state == ND6_LLINFO_STALE && gc) { 876 /* 877 * If the reason for the deletion is just garbage 878 * collection, and the neighbor is an active default 879 * router, do not delete it. Instead, reset the GC 880 * timer using the router's lifetime. 881 * Simply deleting the entry would affect default 882 * router selection, which is not necessarily a good 883 * thing, especially when we're using router preference 884 * values. 885 * XXX: the check for ln_state would be redundant, 886 * but we intentionally keep it just in case. 887 */ 888 if (dr->expire > time.tv_sec * hz) 889 nd6_llinfo_settimer(ln, 890 dr->expire - time.tv_sec * hz); 891 else 892 nd6_llinfo_settimer(ln, (long)nd6_gctimer * hz); 893 splx(s); 894 return (ln->ln_next); 895 } 896 897 if (ln->ln_router || dr) { 898 /* 899 * rt6_flush must be called whether or not the neighbor 900 * is in the Default Router List. 901 * See a corresponding comment in nd6_na_input(). 902 */ 903 rt6_flush(&in6, rt->rt_ifp); 904 } 905 906 if (dr) { 907 /* 908 * Unreachablity of a router might affect the default 909 * router selection and on-link detection of advertised 910 * prefixes. 911 */ 912 913 /* 914 * Temporarily fake the state to choose a new default 915 * router and to perform on-link determination of 916 * prefixes correctly. 917 * Below the state will be set correctly, 918 * or the entry itself will be deleted. 919 */ 920 ln->ln_state = ND6_LLINFO_INCOMPLETE; 921 922 /* 923 * Since defrouter_select() does not affect the 924 * on-link determination and MIP6 needs the check 925 * before the default router selection, we perform 926 * the check now. 927 */ 928 pfxlist_onlink_check(); 929 930 /* 931 * refresh default router list 932 */ 933 defrouter_select(); 934 } 935 splx(s); 936 } 937 938 /* 939 * Before deleting the entry, remember the next entry as the 940 * return value. We need this because pfxlist_onlink_check() above 941 * might have freed other entries (particularly the old next entry) as 942 * a side effect (XXX). 943 */ 944 next = ln->ln_next; 945 946 /* 947 * Detach the route from the routing tree and the list of neighbor 948 * caches, and disable the route entry not to be used in already 949 * cached routes. 950 */ 951 rtrequest(RTM_DELETE, rt_key(rt), (struct sockaddr *)0, 952 rt_mask(rt), 0, (struct rtentry **)0); 953 954 return (next); 955 } 956 957 /* 958 * Upper-layer reachability hint for Neighbor Unreachability Detection. 959 * 960 * XXX cost-effective metods? 961 */ 962 void 963 nd6_nud_hint(rt, dst6, force) 964 struct rtentry *rt; 965 struct in6_addr *dst6; 966 int force; 967 { 968 struct llinfo_nd6 *ln; 969 970 /* 971 * If the caller specified "rt", use that. Otherwise, resolve the 972 * routing table by supplied "dst6". 973 */ 974 if (!rt) { 975 if (!dst6) 976 return; 977 if (!(rt = nd6_lookup(dst6, 0, NULL))) 978 return; 979 } 980 981 if ((rt->rt_flags & RTF_GATEWAY) != 0 || 982 (rt->rt_flags & RTF_LLINFO) == 0 || 983 !rt->rt_llinfo || !rt->rt_gateway || 984 rt->rt_gateway->sa_family != AF_LINK) { 985 /* This is not a host route. */ 986 return; 987 } 988 989 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 990 if (ln->ln_state < ND6_LLINFO_REACHABLE) 991 return; 992 993 /* 994 * if we get upper-layer reachability confirmation many times, 995 * it is possible we have false information. 996 */ 997 if (!force) { 998 ln->ln_byhint++; 999 if (ln->ln_byhint > nd6_maxnudhint) 1000 return; 1001 } 1002 1003 ln->ln_state = ND6_LLINFO_REACHABLE; 1004 if (!ND6_LLINFO_PERMANENT(ln)) { 1005 nd6_llinfo_settimer(ln, 1006 (long)ND_IFINFO(rt->rt_ifp)->reachable * hz); 1007 } 1008 } 1009 1010 void 1011 nd6_rtrequest(req, rt, info) 1012 int req; 1013 struct rtentry *rt; 1014 struct rt_addrinfo *info; /* xxx unused */ 1015 { 1016 struct sockaddr *gate = rt->rt_gateway; 1017 struct llinfo_nd6 *ln = (struct llinfo_nd6 *)rt->rt_llinfo; 1018 static struct sockaddr_dl null_sdl = {sizeof(null_sdl), AF_LINK}; 1019 struct ifnet *ifp = rt->rt_ifp; 1020 struct ifaddr *ifa; 1021 1022 if ((rt->rt_flags & RTF_GATEWAY) != 0) 1023 return; 1024 1025 if (nd6_need_cache(ifp) == 0 && (rt->rt_flags & RTF_HOST) == 0) { 1026 /* 1027 * This is probably an interface direct route for a link 1028 * which does not need neighbor caches (e.g. fe80::%lo0/64). 1029 * We do not need special treatment below for such a route. 1030 * Moreover, the RTF_LLINFO flag which would be set below 1031 * would annoy the ndp(8) command. 1032 */ 1033 return; 1034 } 1035 1036 if (req == RTM_RESOLVE && 1037 (nd6_need_cache(ifp) == 0 || /* stf case */ 1038 !nd6_is_addr_neighbor((struct sockaddr_in6 *)rt_key(rt), ifp))) { 1039 /* 1040 * FreeBSD and BSD/OS often make a cloned host route based 1041 * on a less-specific route (e.g. the default route). 1042 * If the less specific route does not have a "gateway" 1043 * (this is the case when the route just goes to a p2p or an 1044 * stf interface), we'll mistakenly make a neighbor cache for 1045 * the host route, and will see strange neighbor solicitation 1046 * for the corresponding destination. In order to avoid the 1047 * confusion, we check if the destination of the route is 1048 * a neighbor in terms of neighbor discovery, and stop the 1049 * process if not. Additionally, we remove the LLINFO flag 1050 * so that ndp(8) will not try to get the neighbor information 1051 * of the destination. 1052 */ 1053 rt->rt_flags &= ~RTF_LLINFO; 1054 return; 1055 } 1056 1057 switch (req) { 1058 case RTM_ADD: 1059 /* 1060 * There is no backward compatibility :) 1061 * 1062 * if ((rt->rt_flags & RTF_HOST) == 0 && 1063 * SIN(rt_mask(rt))->sin_addr.s_addr != 0xffffffff) 1064 * rt->rt_flags |= RTF_CLONING; 1065 */ 1066 if ((rt->rt_flags & RTF_CLONING) || 1067 ((rt->rt_flags & RTF_LLINFO) && !ln)) { 1068 /* 1069 * Case 1: This route should come from a route to 1070 * interface (RTF_CLONING case) or the route should be 1071 * treated as on-link but is currently not 1072 * (RTF_LLINFO && !ln case). 1073 */ 1074 rt_setgate(rt, rt_key(rt), 1075 (struct sockaddr *)&null_sdl); 1076 gate = rt->rt_gateway; 1077 SDL(gate)->sdl_type = ifp->if_type; 1078 SDL(gate)->sdl_index = ifp->if_index; 1079 if (ln) 1080 nd6_llinfo_settimer(ln, 0); 1081 if ((rt->rt_flags & RTF_CLONING) != 0) 1082 break; 1083 } 1084 /* 1085 * In IPv4 code, we try to annonuce new RTF_ANNOUNCE entry here. 1086 * We don't do that here since llinfo is not ready yet. 1087 * 1088 * There are also couple of other things to be discussed: 1089 * - unsolicited NA code needs improvement beforehand 1090 * - RFC2461 says we MAY send multicast unsolicited NA 1091 * (7.2.6 paragraph 4), however, it also says that we 1092 * SHOULD provide a mechanism to prevent multicast NA storm. 1093 * we don't have anything like it right now. 1094 * note that the mechanism needs a mutual agreement 1095 * between proxies, which means that we need to implement 1096 * a new protocol, or a new kludge. 1097 * - from RFC2461 6.2.4, host MUST NOT send an unsolicited NA. 1098 * we need to check ip6forwarding before sending it. 1099 * (or should we allow proxy ND configuration only for 1100 * routers? there's no mention about proxy ND from hosts) 1101 */ 1102 #if 0 1103 /* XXX it does not work */ 1104 if (rt->rt_flags & RTF_ANNOUNCE) 1105 nd6_na_output(ifp, 1106 &SIN6(rt_key(rt))->sin6_addr, 1107 &SIN6(rt_key(rt))->sin6_addr, 1108 ip6_forwarding ? ND_NA_FLAG_ROUTER : 0, 1109 1, NULL); 1110 #endif 1111 /* FALLTHROUGH */ 1112 case RTM_RESOLVE: 1113 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) == 0) { 1114 /* 1115 * Address resolution isn't necessary for a point to 1116 * point link, so we can skip this test for a p2p link. 1117 */ 1118 if (gate->sa_family != AF_LINK || 1119 gate->sa_len < sizeof(null_sdl)) { 1120 log(LOG_DEBUG, 1121 "nd6_rtrequest: bad gateway value: %s\n", 1122 if_name(ifp)); 1123 break; 1124 } 1125 SDL(gate)->sdl_type = ifp->if_type; 1126 SDL(gate)->sdl_index = ifp->if_index; 1127 } 1128 if (ln != NULL) 1129 break; /* This happens on a route change */ 1130 /* 1131 * Case 2: This route may come from cloning, or a manual route 1132 * add with a LL address. 1133 */ 1134 R_Malloc(ln, struct llinfo_nd6 *, sizeof(*ln)); 1135 rt->rt_llinfo = (caddr_t)ln; 1136 if (!ln) { 1137 log(LOG_DEBUG, "nd6_rtrequest: malloc failed\n"); 1138 break; 1139 } 1140 nd6_inuse++; 1141 nd6_allocated++; 1142 Bzero(ln, sizeof(*ln)); 1143 ln->ln_rt = rt; 1144 callout_init(&ln->ln_timer_ch); 1145 /* this is required for "ndp" command. - shin */ 1146 if (req == RTM_ADD) { 1147 /* 1148 * gate should have some valid AF_LINK entry, 1149 * and ln->ln_expire should have some lifetime 1150 * which is specified by ndp command. 1151 */ 1152 ln->ln_state = ND6_LLINFO_REACHABLE; 1153 ln->ln_byhint = 0; 1154 } else { 1155 /* 1156 * When req == RTM_RESOLVE, rt is created and 1157 * initialized in rtrequest(), so rt_expire is 0. 1158 */ 1159 ln->ln_state = ND6_LLINFO_NOSTATE; 1160 nd6_llinfo_settimer(ln, 0); 1161 } 1162 rt->rt_flags |= RTF_LLINFO; 1163 ln->ln_next = llinfo_nd6.ln_next; 1164 llinfo_nd6.ln_next = ln; 1165 ln->ln_prev = &llinfo_nd6; 1166 ln->ln_next->ln_prev = ln; 1167 1168 /* 1169 * check if rt_key(rt) is one of my address assigned 1170 * to the interface. 1171 */ 1172 ifa = (struct ifaddr *)in6ifa_ifpwithaddr(rt->rt_ifp, 1173 &SIN6(rt_key(rt))->sin6_addr); 1174 if (ifa) { 1175 caddr_t macp = nd6_ifptomac(ifp); 1176 nd6_llinfo_settimer(ln, -1); 1177 ln->ln_state = ND6_LLINFO_REACHABLE; 1178 ln->ln_byhint = 0; 1179 if (macp) { 1180 Bcopy(macp, LLADDR(SDL(gate)), ifp->if_addrlen); 1181 SDL(gate)->sdl_alen = ifp->if_addrlen; 1182 } 1183 if (nd6_useloopback) { 1184 rt->rt_ifp = lo0ifp; /* XXX */ 1185 /* 1186 * Make sure rt_ifa be equal to the ifaddr 1187 * corresponding to the address. 1188 * We need this because when we refer 1189 * rt_ifa->ia6_flags in ip6_input, we assume 1190 * that the rt_ifa points to the address instead 1191 * of the loopback address. 1192 */ 1193 if (ifa != rt->rt_ifa) { 1194 IFAFREE(rt->rt_ifa); 1195 IFAREF(ifa); 1196 rt->rt_ifa = ifa; 1197 } 1198 } 1199 } else if (rt->rt_flags & RTF_ANNOUNCE) { 1200 nd6_llinfo_settimer(ln, -1); 1201 ln->ln_state = ND6_LLINFO_REACHABLE; 1202 ln->ln_byhint = 0; 1203 1204 /* join solicited node multicast for proxy ND */ 1205 if (ifp->if_flags & IFF_MULTICAST) { 1206 struct in6_addr llsol; 1207 int error; 1208 1209 llsol = SIN6(rt_key(rt))->sin6_addr; 1210 llsol.s6_addr16[0] = htons(0xff02); 1211 llsol.s6_addr16[1] = htons(ifp->if_index); 1212 llsol.s6_addr32[1] = 0; 1213 llsol.s6_addr32[2] = htonl(1); 1214 llsol.s6_addr8[12] = 0xff; 1215 1216 if (!in6_addmulti(&llsol, ifp, &error)) { 1217 nd6log((LOG_ERR, "%s: failed to join " 1218 "%s (errno=%d)\n", if_name(ifp), 1219 ip6_sprintf(&llsol), error)); 1220 } 1221 } 1222 } 1223 break; 1224 1225 case RTM_DELETE: 1226 if (!ln) 1227 break; 1228 /* leave from solicited node multicast for proxy ND */ 1229 if ((rt->rt_flags & RTF_ANNOUNCE) != 0 && 1230 (ifp->if_flags & IFF_MULTICAST) != 0) { 1231 struct in6_addr llsol; 1232 struct in6_multi *in6m; 1233 1234 llsol = SIN6(rt_key(rt))->sin6_addr; 1235 llsol.s6_addr16[0] = htons(0xff02); 1236 llsol.s6_addr16[1] = htons(ifp->if_index); 1237 llsol.s6_addr32[1] = 0; 1238 llsol.s6_addr32[2] = htonl(1); 1239 llsol.s6_addr8[12] = 0xff; 1240 1241 IN6_LOOKUP_MULTI(llsol, ifp, in6m); 1242 if (in6m) 1243 in6_delmulti(in6m); 1244 } 1245 nd6_inuse--; 1246 ln->ln_next->ln_prev = ln->ln_prev; 1247 ln->ln_prev->ln_next = ln->ln_next; 1248 ln->ln_prev = NULL; 1249 nd6_llinfo_settimer(ln, -1); 1250 rt->rt_llinfo = 0; 1251 rt->rt_flags &= ~RTF_LLINFO; 1252 if (ln->ln_hold) 1253 m_freem(ln->ln_hold); 1254 Free((caddr_t)ln); 1255 } 1256 } 1257 1258 int 1259 nd6_ioctl(cmd, data, ifp) 1260 u_long cmd; 1261 caddr_t data; 1262 struct ifnet *ifp; 1263 { 1264 struct in6_drlist *drl = (struct in6_drlist *)data; 1265 struct in6_oprlist *oprl = (struct in6_oprlist *)data; 1266 struct in6_ndireq *ndi = (struct in6_ndireq *)data; 1267 struct in6_nbrinfo *nbi = (struct in6_nbrinfo *)data; 1268 struct in6_ndifreq *ndif = (struct in6_ndifreq *)data; 1269 struct nd_defrouter *dr; 1270 struct nd_prefix *pr; 1271 struct rtentry *rt; 1272 int i = 0, error = 0; 1273 int s; 1274 1275 switch (cmd) { 1276 case SIOCGDRLST_IN6: 1277 /* 1278 * obsolete API, use sysctl under net.inet6.icmp6 1279 */ 1280 bzero(drl, sizeof(*drl)); 1281 s = splsoftnet(); 1282 dr = TAILQ_FIRST(&nd_defrouter); 1283 while (dr && i < DRLSTSIZ) { 1284 drl->defrouter[i].rtaddr = dr->rtaddr; 1285 if (IN6_IS_ADDR_LINKLOCAL(&drl->defrouter[i].rtaddr)) { 1286 /* XXX: need to this hack for KAME stack */ 1287 drl->defrouter[i].rtaddr.s6_addr16[1] = 0; 1288 } else 1289 log(LOG_ERR, 1290 "default router list contains a " 1291 "non-linklocal address(%s)\n", 1292 ip6_sprintf(&drl->defrouter[i].rtaddr)); 1293 1294 drl->defrouter[i].flags = dr->flags; 1295 drl->defrouter[i].rtlifetime = dr->rtlifetime; 1296 drl->defrouter[i].expire = dr->expire; 1297 drl->defrouter[i].if_index = dr->ifp->if_index; 1298 i++; 1299 dr = TAILQ_NEXT(dr, dr_entry); 1300 } 1301 splx(s); 1302 break; 1303 case SIOCGPRLST_IN6: 1304 /* 1305 * obsolete API, use sysctl under net.inet6.icmp6 1306 * 1307 * XXX the structure in6_prlist was changed in backward- 1308 * incompatible manner. in6_oprlist is used for SIOCGPRLST_IN6, 1309 * in6_prlist is used for nd6_sysctl() - fill_prlist(). 1310 */ 1311 /* 1312 * XXX meaning of fields, especialy "raflags", is very 1313 * differnet between RA prefix list and RR/static prefix list. 1314 * how about separating ioctls into two? 1315 */ 1316 bzero(oprl, sizeof(*oprl)); 1317 s = splsoftnet(); 1318 pr = nd_prefix.lh_first; 1319 while (pr && i < PRLSTSIZ) { 1320 struct nd_pfxrouter *pfr; 1321 int j; 1322 1323 oprl->prefix[i].prefix = pr->ndpr_prefix.sin6_addr; 1324 oprl->prefix[i].raflags = pr->ndpr_raf; 1325 oprl->prefix[i].prefixlen = pr->ndpr_plen; 1326 oprl->prefix[i].vltime = pr->ndpr_vltime; 1327 oprl->prefix[i].pltime = pr->ndpr_pltime; 1328 oprl->prefix[i].if_index = pr->ndpr_ifp->if_index; 1329 oprl->prefix[i].expire = pr->ndpr_expire; 1330 1331 pfr = pr->ndpr_advrtrs.lh_first; 1332 j = 0; 1333 while (pfr) { 1334 if (j < DRLSTSIZ) { 1335 #define RTRADDR oprl->prefix[i].advrtr[j] 1336 RTRADDR = pfr->router->rtaddr; 1337 if (IN6_IS_ADDR_LINKLOCAL(&RTRADDR)) { 1338 /* XXX: hack for KAME */ 1339 RTRADDR.s6_addr16[1] = 0; 1340 } else 1341 log(LOG_ERR, 1342 "a router(%s) advertises " 1343 "a prefix with " 1344 "non-link local address\n", 1345 ip6_sprintf(&RTRADDR)); 1346 #undef RTRADDR 1347 } 1348 j++; 1349 pfr = pfr->pfr_next; 1350 } 1351 oprl->prefix[i].advrtrs = j; 1352 oprl->prefix[i].origin = PR_ORIG_RA; 1353 1354 i++; 1355 pr = pr->ndpr_next; 1356 } 1357 splx(s); 1358 1359 break; 1360 case OSIOCGIFINFO_IN6: 1361 /* XXX: old ndp(8) assumes a positive value for linkmtu. */ 1362 bzero(&ndi->ndi, sizeof(ndi->ndi)); 1363 ndi->ndi.linkmtu = IN6_LINKMTU(ifp); 1364 ndi->ndi.maxmtu = ND_IFINFO(ifp)->maxmtu; 1365 ndi->ndi.basereachable = ND_IFINFO(ifp)->basereachable; 1366 ndi->ndi.reachable = ND_IFINFO(ifp)->reachable; 1367 ndi->ndi.retrans = ND_IFINFO(ifp)->retrans; 1368 ndi->ndi.flags = ND_IFINFO(ifp)->flags; 1369 ndi->ndi.recalctm = ND_IFINFO(ifp)->recalctm; 1370 ndi->ndi.chlim = ND_IFINFO(ifp)->chlim; 1371 break; 1372 case SIOCGIFINFO_IN6: 1373 ndi->ndi = *ND_IFINFO(ifp); 1374 break; 1375 case SIOCSIFINFO_FLAGS: 1376 ND_IFINFO(ifp)->flags = ndi->ndi.flags; 1377 break; 1378 case SIOCSNDFLUSH_IN6: /* XXX: the ioctl name is confusing... */ 1379 /* sync kernel routing table with the default router list */ 1380 defrouter_reset(); 1381 defrouter_select(); 1382 break; 1383 case SIOCSPFXFLUSH_IN6: 1384 { 1385 /* flush all the prefix advertised by routers */ 1386 struct nd_prefix *pr, *next; 1387 1388 s = splsoftnet(); 1389 for (pr = nd_prefix.lh_first; pr; pr = next) { 1390 struct in6_ifaddr *ia, *ia_next; 1391 1392 next = pr->ndpr_next; 1393 1394 if (IN6_IS_ADDR_LINKLOCAL(&pr->ndpr_prefix.sin6_addr)) 1395 continue; /* XXX */ 1396 1397 /* do we really have to remove addresses as well? */ 1398 for (ia = in6_ifaddr; ia; ia = ia_next) { 1399 /* ia might be removed. keep the next ptr. */ 1400 ia_next = ia->ia_next; 1401 1402 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) == 0) 1403 continue; 1404 1405 if (ia->ia6_ndpr == pr) 1406 in6_purgeaddr(&ia->ia_ifa); 1407 } 1408 prelist_remove(pr); 1409 } 1410 splx(s); 1411 break; 1412 } 1413 case SIOCSRTRFLUSH_IN6: 1414 { 1415 /* flush all the default routers */ 1416 struct nd_defrouter *dr, *next; 1417 1418 s = splsoftnet(); 1419 defrouter_reset(); 1420 for (dr = TAILQ_FIRST(&nd_defrouter); dr; dr = next) { 1421 next = TAILQ_NEXT(dr, dr_entry); 1422 defrtrlist_del(dr); 1423 } 1424 defrouter_select(); 1425 splx(s); 1426 break; 1427 } 1428 case SIOCGNBRINFO_IN6: 1429 { 1430 struct llinfo_nd6 *ln; 1431 struct in6_addr nb_addr = nbi->addr; /* make local for safety */ 1432 1433 /* 1434 * XXX: KAME specific hack for scoped addresses 1435 * XXXX: for other scopes than link-local? 1436 */ 1437 if (IN6_IS_ADDR_LINKLOCAL(&nbi->addr) || 1438 IN6_IS_ADDR_MC_LINKLOCAL(&nbi->addr)) { 1439 u_int16_t *idp = (u_int16_t *)&nb_addr.s6_addr[2]; 1440 1441 if (*idp == 0) 1442 *idp = htons(ifp->if_index); 1443 } 1444 1445 s = splsoftnet(); 1446 if ((rt = nd6_lookup(&nb_addr, 0, ifp)) == NULL || 1447 (ln = (struct llinfo_nd6 *)rt->rt_llinfo) == NULL) { 1448 error = EINVAL; 1449 splx(s); 1450 break; 1451 } 1452 nbi->state = ln->ln_state; 1453 nbi->asked = ln->ln_asked; 1454 nbi->isrouter = ln->ln_router; 1455 nbi->expire = ln->ln_expire; 1456 splx(s); 1457 1458 break; 1459 } 1460 case SIOCGDEFIFACE_IN6: /* XXX: should be implemented as a sysctl? */ 1461 ndif->ifindex = nd6_defifindex; 1462 break; 1463 case SIOCSDEFIFACE_IN6: /* XXX: should be implemented as a sysctl? */ 1464 return (nd6_setdefaultiface(ndif->ifindex)); 1465 } 1466 return (error); 1467 } 1468 1469 /* 1470 * Create neighbor cache entry and cache link-layer address, 1471 * on reception of inbound ND6 packets. (RS/RA/NS/redirect) 1472 */ 1473 struct rtentry * 1474 nd6_cache_lladdr(ifp, from, lladdr, lladdrlen, type, code) 1475 struct ifnet *ifp; 1476 struct in6_addr *from; 1477 char *lladdr; 1478 int lladdrlen; 1479 int type; /* ICMP6 type */ 1480 int code; /* type dependent information */ 1481 { 1482 struct rtentry *rt = NULL; 1483 struct llinfo_nd6 *ln = NULL; 1484 int is_newentry; 1485 struct sockaddr_dl *sdl = NULL; 1486 int do_update; 1487 int olladdr; 1488 int llchange; 1489 int newstate = 0; 1490 1491 if (!ifp) 1492 panic("ifp == NULL in nd6_cache_lladdr"); 1493 if (!from) 1494 panic("from == NULL in nd6_cache_lladdr"); 1495 1496 /* nothing must be updated for unspecified address */ 1497 if (IN6_IS_ADDR_UNSPECIFIED(from)) 1498 return NULL; 1499 1500 /* 1501 * Validation about ifp->if_addrlen and lladdrlen must be done in 1502 * the caller. 1503 * 1504 * XXX If the link does not have link-layer adderss, what should 1505 * we do? (ifp->if_addrlen == 0) 1506 * Spec says nothing in sections for RA, RS and NA. There's small 1507 * description on it in NS section (RFC 2461 7.2.3). 1508 */ 1509 1510 rt = nd6_lookup(from, 0, ifp); 1511 if (!rt) { 1512 #if 0 1513 /* nothing must be done if there's no lladdr */ 1514 if (!lladdr || !lladdrlen) 1515 return NULL; 1516 #endif 1517 1518 rt = nd6_lookup(from, 1, ifp); 1519 is_newentry = 1; 1520 } else { 1521 /* do nothing if static ndp is set */ 1522 if (rt->rt_flags & RTF_STATIC) 1523 return NULL; 1524 is_newentry = 0; 1525 } 1526 1527 if (!rt) 1528 return NULL; 1529 if ((rt->rt_flags & (RTF_GATEWAY | RTF_LLINFO)) != RTF_LLINFO) { 1530 fail: 1531 (void)nd6_free(rt, 0); 1532 return NULL; 1533 } 1534 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 1535 if (!ln) 1536 goto fail; 1537 if (!rt->rt_gateway) 1538 goto fail; 1539 if (rt->rt_gateway->sa_family != AF_LINK) 1540 goto fail; 1541 sdl = SDL(rt->rt_gateway); 1542 1543 olladdr = (sdl->sdl_alen) ? 1 : 0; 1544 if (olladdr && lladdr) { 1545 if (bcmp(lladdr, LLADDR(sdl), ifp->if_addrlen)) 1546 llchange = 1; 1547 else 1548 llchange = 0; 1549 } else 1550 llchange = 0; 1551 1552 /* 1553 * newentry olladdr lladdr llchange (*=record) 1554 * 0 n n -- (1) 1555 * 0 y n -- (2) 1556 * 0 n y -- (3) * STALE 1557 * 0 y y n (4) * 1558 * 0 y y y (5) * STALE 1559 * 1 -- n -- (6) NOSTATE(= PASSIVE) 1560 * 1 -- y -- (7) * STALE 1561 */ 1562 1563 if (lladdr) { /* (3-5) and (7) */ 1564 /* 1565 * Record source link-layer address 1566 * XXX is it dependent to ifp->if_type? 1567 */ 1568 sdl->sdl_alen = ifp->if_addrlen; 1569 bcopy(lladdr, LLADDR(sdl), ifp->if_addrlen); 1570 } 1571 1572 if (!is_newentry) { 1573 if ((!olladdr && lladdr) || /* (3) */ 1574 (olladdr && lladdr && llchange)) { /* (5) */ 1575 do_update = 1; 1576 newstate = ND6_LLINFO_STALE; 1577 } else /* (1-2,4) */ 1578 do_update = 0; 1579 } else { 1580 do_update = 1; 1581 if (!lladdr) /* (6) */ 1582 newstate = ND6_LLINFO_NOSTATE; 1583 else /* (7) */ 1584 newstate = ND6_LLINFO_STALE; 1585 } 1586 1587 if (do_update) { 1588 /* 1589 * Update the state of the neighbor cache. 1590 */ 1591 ln->ln_state = newstate; 1592 1593 if (ln->ln_state == ND6_LLINFO_STALE) { 1594 /* 1595 * XXX: since nd6_output() below will cause 1596 * state tansition to DELAY and reset the timer, 1597 * we must set the timer now, although it is actually 1598 * meaningless. 1599 */ 1600 nd6_llinfo_settimer(ln, (long)nd6_gctimer * hz); 1601 1602 if (ln->ln_hold) { 1603 /* 1604 * we assume ifp is not a p2p here, so just 1605 * set the 2nd argument as the 1st one. 1606 */ 1607 nd6_output(ifp, ifp, ln->ln_hold, 1608 (struct sockaddr_in6 *)rt_key(rt), rt); 1609 ln->ln_hold = NULL; 1610 } 1611 } else if (ln->ln_state == ND6_LLINFO_INCOMPLETE) { 1612 /* probe right away */ 1613 nd6_llinfo_settimer((void *)ln, 0); 1614 } 1615 } 1616 1617 /* 1618 * ICMP6 type dependent behavior. 1619 * 1620 * NS: clear IsRouter if new entry 1621 * RS: clear IsRouter 1622 * RA: set IsRouter if there's lladdr 1623 * redir: clear IsRouter if new entry 1624 * 1625 * RA case, (1): 1626 * The spec says that we must set IsRouter in the following cases: 1627 * - If lladdr exist, set IsRouter. This means (1-5). 1628 * - If it is old entry (!newentry), set IsRouter. This means (7). 1629 * So, based on the spec, in (1-5) and (7) cases we must set IsRouter. 1630 * A quetion arises for (1) case. (1) case has no lladdr in the 1631 * neighbor cache, this is similar to (6). 1632 * This case is rare but we figured that we MUST NOT set IsRouter. 1633 * 1634 * newentry olladdr lladdr llchange NS RS RA redir 1635 * D R 1636 * 0 n n -- (1) c ? s 1637 * 0 y n -- (2) c s s 1638 * 0 n y -- (3) c s s 1639 * 0 y y n (4) c s s 1640 * 0 y y y (5) c s s 1641 * 1 -- n -- (6) c c c s 1642 * 1 -- y -- (7) c c s c s 1643 * 1644 * (c=clear s=set) 1645 */ 1646 switch (type & 0xff) { 1647 case ND_NEIGHBOR_SOLICIT: 1648 /* 1649 * New entry must have is_router flag cleared. 1650 */ 1651 if (is_newentry) /* (6-7) */ 1652 ln->ln_router = 0; 1653 break; 1654 case ND_REDIRECT: 1655 /* 1656 * If the icmp is a redirect to a better router, always set the 1657 * is_router flag. Otherwise, if the entry is newly created, 1658 * clear the flag. [RFC 2461, sec 8.3] 1659 */ 1660 if (code == ND_REDIRECT_ROUTER) 1661 ln->ln_router = 1; 1662 else if (is_newentry) /* (6-7) */ 1663 ln->ln_router = 0; 1664 break; 1665 case ND_ROUTER_SOLICIT: 1666 /* 1667 * is_router flag must always be cleared. 1668 */ 1669 ln->ln_router = 0; 1670 break; 1671 case ND_ROUTER_ADVERT: 1672 /* 1673 * Mark an entry with lladdr as a router. 1674 */ 1675 if ((!is_newentry && (olladdr || lladdr)) || /* (2-5) */ 1676 (is_newentry && lladdr)) { /* (7) */ 1677 ln->ln_router = 1; 1678 } 1679 break; 1680 } 1681 1682 /* 1683 * When the link-layer address of a router changes, select the 1684 * best router again. In particular, when the neighbor entry is newly 1685 * created, it might affect the selection policy. 1686 * Question: can we restrict the first condition to the "is_newentry" 1687 * case? 1688 * XXX: when we hear an RA from a new router with the link-layer 1689 * address option, defrouter_select() is called twice, since 1690 * defrtrlist_update called the function as well. However, I believe 1691 * we can compromise the overhead, since it only happens the first 1692 * time. 1693 * XXX: although defrouter_select() should not have a bad effect 1694 * for those are not autoconfigured hosts, we explicitly avoid such 1695 * cases for safety. 1696 */ 1697 if (do_update && ln->ln_router && !ip6_forwarding && ip6_accept_rtadv) 1698 defrouter_select(); 1699 1700 return rt; 1701 } 1702 1703 static void 1704 nd6_slowtimo(ignored_arg) 1705 void *ignored_arg; 1706 { 1707 int s = splsoftnet(); 1708 struct nd_ifinfo *nd6if; 1709 struct ifnet *ifp; 1710 1711 callout_reset(&nd6_slowtimo_ch, ND6_SLOWTIMER_INTERVAL * hz, 1712 nd6_slowtimo, NULL); 1713 for (ifp = TAILQ_FIRST(&ifnet); ifp; ifp = TAILQ_NEXT(ifp, if_list)) 1714 { 1715 nd6if = ND_IFINFO(ifp); 1716 if (nd6if->basereachable && /* already initialized */ 1717 (nd6if->recalctm -= ND6_SLOWTIMER_INTERVAL) <= 0) { 1718 /* 1719 * Since reachable time rarely changes by router 1720 * advertisements, we SHOULD insure that a new random 1721 * value gets recomputed at least once every few hours. 1722 * (RFC 2461, 6.3.4) 1723 */ 1724 nd6if->recalctm = nd6_recalc_reachtm_interval; 1725 nd6if->reachable = ND_COMPUTE_RTIME(nd6if->basereachable); 1726 } 1727 } 1728 splx(s); 1729 } 1730 1731 #define senderr(e) { error = (e); goto bad;} 1732 int 1733 nd6_output(ifp, origifp, m0, dst, rt0) 1734 struct ifnet *ifp; 1735 struct ifnet *origifp; 1736 struct mbuf *m0; 1737 struct sockaddr_in6 *dst; 1738 struct rtentry *rt0; 1739 { 1740 struct mbuf *m = m0; 1741 struct rtentry *rt = rt0; 1742 struct sockaddr_in6 *gw6 = NULL; 1743 struct llinfo_nd6 *ln = NULL; 1744 int error = 0; 1745 1746 if (IN6_IS_ADDR_MULTICAST(&dst->sin6_addr)) 1747 goto sendpkt; 1748 1749 if (nd6_need_cache(ifp) == 0) 1750 goto sendpkt; 1751 1752 /* 1753 * next hop determination. This routine is derived from ether_outpout. 1754 */ 1755 if (rt) { 1756 if ((rt->rt_flags & RTF_UP) == 0) { 1757 if ((rt0 = rt = rtalloc1((struct sockaddr *)dst, 1758 1)) != NULL) 1759 { 1760 rt->rt_refcnt--; 1761 if (rt->rt_ifp != ifp) 1762 senderr(EHOSTUNREACH); 1763 } else 1764 senderr(EHOSTUNREACH); 1765 } 1766 1767 if (rt->rt_flags & RTF_GATEWAY) { 1768 gw6 = (struct sockaddr_in6 *)rt->rt_gateway; 1769 1770 /* 1771 * We skip link-layer address resolution and NUD 1772 * if the gateway is not a neighbor from ND point 1773 * of view, regardless of the value of nd_ifinfo.flags. 1774 * The second condition is a bit tricky; we skip 1775 * if the gateway is our own address, which is 1776 * sometimes used to install a route to a p2p link. 1777 */ 1778 if (!nd6_is_addr_neighbor(gw6, ifp) || 1779 in6ifa_ifpwithaddr(ifp, &gw6->sin6_addr)) { 1780 /* 1781 * We allow this kind of tricky route only 1782 * when the outgoing interface is p2p. 1783 * XXX: we may need a more generic rule here. 1784 */ 1785 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) 1786 senderr(EHOSTUNREACH); 1787 1788 goto sendpkt; 1789 } 1790 1791 if (rt->rt_gwroute == 0) 1792 goto lookup; 1793 if (((rt = rt->rt_gwroute)->rt_flags & RTF_UP) == 0) { 1794 rtfree(rt); rt = rt0; 1795 lookup: 1796 rt->rt_gwroute = rtalloc1(rt->rt_gateway, 1); 1797 if ((rt = rt->rt_gwroute) == 0) 1798 senderr(EHOSTUNREACH); 1799 /* the "G" test below also prevents rt == rt0 */ 1800 if ((rt->rt_flags & RTF_GATEWAY) || 1801 (rt->rt_ifp != ifp)) { 1802 rt->rt_refcnt--; 1803 rt0->rt_gwroute = 0; 1804 senderr(EHOSTUNREACH); 1805 } 1806 } 1807 } 1808 } 1809 1810 /* 1811 * Address resolution or Neighbor Unreachability Detection 1812 * for the next hop. 1813 * At this point, the destination of the packet must be a unicast 1814 * or an anycast address(i.e. not a multicast). 1815 */ 1816 1817 /* Look up the neighbor cache for the nexthop */ 1818 if (rt && (rt->rt_flags & RTF_LLINFO) != 0) 1819 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 1820 else { 1821 /* 1822 * Since nd6_is_addr_neighbor() internally calls nd6_lookup(), 1823 * the condition below is not very efficient. But we believe 1824 * it is tolerable, because this should be a rare case. 1825 */ 1826 if (nd6_is_addr_neighbor(dst, ifp) && 1827 (rt = nd6_lookup(&dst->sin6_addr, 1, ifp)) != NULL) 1828 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 1829 } 1830 if (!ln || !rt) { 1831 if ((ifp->if_flags & IFF_POINTOPOINT) == 0 && 1832 !(ND_IFINFO(ifp)->flags & ND6_IFF_PERFORMNUD)) { 1833 log(LOG_DEBUG, 1834 "nd6_output: can't allocate llinfo for %s " 1835 "(ln=%p, rt=%p)\n", 1836 ip6_sprintf(&dst->sin6_addr), ln, rt); 1837 senderr(EIO); /* XXX: good error? */ 1838 } 1839 1840 goto sendpkt; /* send anyway */ 1841 } 1842 1843 /* We don't have to do link-layer address resolution on a p2p link. */ 1844 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && 1845 ln->ln_state < ND6_LLINFO_REACHABLE) { 1846 ln->ln_state = ND6_LLINFO_STALE; 1847 nd6_llinfo_settimer(ln, (long)nd6_gctimer * hz); 1848 } 1849 1850 /* 1851 * The first time we send a packet to a neighbor whose entry is 1852 * STALE, we have to change the state to DELAY and a sets a timer to 1853 * expire in DELAY_FIRST_PROBE_TIME seconds to ensure do 1854 * neighbor unreachability detection on expiration. 1855 * (RFC 2461 7.3.3) 1856 */ 1857 if (ln->ln_state == ND6_LLINFO_STALE) { 1858 ln->ln_asked = 0; 1859 ln->ln_state = ND6_LLINFO_DELAY; 1860 nd6_llinfo_settimer(ln, nd6_delay * hz); 1861 } 1862 1863 /* 1864 * If the neighbor cache entry has a state other than INCOMPLETE 1865 * (i.e. its link-layer address is already resolved), just 1866 * send the packet. 1867 */ 1868 if (ln->ln_state > ND6_LLINFO_INCOMPLETE) 1869 goto sendpkt; 1870 1871 /* 1872 * There is a neighbor cache entry, but no ethernet address 1873 * response yet. Replace the held mbuf (if any) with this 1874 * latest one. 1875 */ 1876 if (ln->ln_state == ND6_LLINFO_NOSTATE) 1877 ln->ln_state = ND6_LLINFO_INCOMPLETE; 1878 if (ln->ln_hold) 1879 m_freem(ln->ln_hold); 1880 ln->ln_hold = m; 1881 /* 1882 * If there has been no NS for the neighbor after entering the 1883 * INCOMPLETE state, send the first solicitation. 1884 */ 1885 if (!ND6_LLINFO_PERMANENT(ln) && ln->ln_asked == 0) { 1886 ln->ln_asked++; 1887 nd6_llinfo_settimer(ln, 1888 (long)ND_IFINFO(ifp)->retrans * hz / 1000); 1889 nd6_ns_output(ifp, NULL, &dst->sin6_addr, ln, 0); 1890 } 1891 return (0); 1892 1893 sendpkt: 1894 1895 #ifdef IPSEC 1896 /* clean ipsec history once it goes out of the node */ 1897 ipsec_delaux(m); 1898 #endif 1899 if ((ifp->if_flags & IFF_LOOPBACK) != 0) { 1900 return ((*ifp->if_output)(origifp, m, (struct sockaddr *)dst, 1901 rt)); 1902 } 1903 return ((*ifp->if_output)(ifp, m, (struct sockaddr *)dst, rt)); 1904 1905 bad: 1906 if (m) 1907 m_freem(m); 1908 return (error); 1909 } 1910 #undef senderr 1911 1912 int 1913 nd6_need_cache(ifp) 1914 struct ifnet *ifp; 1915 { 1916 /* 1917 * XXX: we currently do not make neighbor cache on any interface 1918 * other than ARCnet, Ethernet, FDDI and GIF. 1919 * 1920 * RFC2893 says: 1921 * - unidirectional tunnels needs no ND 1922 */ 1923 switch (ifp->if_type) { 1924 case IFT_ARCNET: 1925 case IFT_ETHER: 1926 case IFT_FDDI: 1927 case IFT_IEEE1394: 1928 case IFT_GIF: /* XXX need more cases? */ 1929 return (1); 1930 default: 1931 return (0); 1932 } 1933 } 1934 1935 int 1936 nd6_storelladdr(ifp, rt, m, dst, desten) 1937 struct ifnet *ifp; 1938 struct rtentry *rt; 1939 struct mbuf *m; 1940 struct sockaddr *dst; 1941 u_char *desten; 1942 { 1943 struct sockaddr_dl *sdl; 1944 1945 if (m->m_flags & M_MCAST) { 1946 switch (ifp->if_type) { 1947 case IFT_ETHER: 1948 case IFT_FDDI: 1949 ETHER_MAP_IPV6_MULTICAST(&SIN6(dst)->sin6_addr, 1950 desten); 1951 return (1); 1952 case IFT_IEEE1394: 1953 bcopy(ifp->if_broadcastaddr, desten, ifp->if_addrlen); 1954 return (1); 1955 case IFT_ARCNET: 1956 *desten = 0; 1957 return (1); 1958 default: 1959 m_freem(m); 1960 return (0); 1961 } 1962 } 1963 1964 if (rt == NULL) { 1965 /* this could happen, if we could not allocate memory */ 1966 m_freem(m); 1967 return (0); 1968 } 1969 if (rt->rt_gateway->sa_family != AF_LINK) { 1970 printf("nd6_storelladdr: something odd happens\n"); 1971 m_freem(m); 1972 return (0); 1973 } 1974 sdl = SDL(rt->rt_gateway); 1975 if (sdl->sdl_alen == 0) { 1976 /* this should be impossible, but we bark here for debugging */ 1977 printf("nd6_storelladdr: sdl_alen == 0, dst=%s, if=%s\n", 1978 ip6_sprintf(&SIN6(dst)->sin6_addr), if_name(ifp)); 1979 m_freem(m); 1980 return (0); 1981 } 1982 1983 bcopy(LLADDR(sdl), desten, sdl->sdl_alen); 1984 return (1); 1985 } 1986 1987 int 1988 nd6_sysctl(name, oldp, oldlenp, newp, newlen) 1989 int name; 1990 void *oldp; /* syscall arg, need copyout */ 1991 size_t *oldlenp; 1992 void *newp; /* syscall arg, need copyin */ 1993 size_t newlen; 1994 { 1995 void *p; 1996 size_t ol; 1997 int error; 1998 1999 error = 0; 2000 2001 if (newp) 2002 return EPERM; 2003 if (oldp && !oldlenp) 2004 return EINVAL; 2005 ol = oldlenp ? *oldlenp : 0; 2006 2007 if (oldp) { 2008 p = malloc(*oldlenp, M_TEMP, M_WAITOK); 2009 if (!p) 2010 return ENOMEM; 2011 } else 2012 p = NULL; 2013 switch (name) { 2014 case ICMPV6CTL_ND6_DRLIST: 2015 error = fill_drlist(p, oldlenp, ol); 2016 if (!error && p && oldp) 2017 error = copyout(p, oldp, *oldlenp); 2018 break; 2019 2020 case ICMPV6CTL_ND6_PRLIST: 2021 error = fill_prlist(p, oldlenp, ol); 2022 if (!error && p && oldp) 2023 error = copyout(p, oldp, *oldlenp); 2024 break; 2025 2026 default: 2027 error = ENOPROTOOPT; 2028 break; 2029 } 2030 if (p) 2031 free(p, M_TEMP); 2032 2033 return (error); 2034 } 2035 2036 static int 2037 fill_drlist(oldp, oldlenp, ol) 2038 void *oldp; 2039 size_t *oldlenp, ol; 2040 { 2041 int error = 0, s; 2042 struct in6_defrouter *d = NULL, *de = NULL; 2043 struct nd_defrouter *dr; 2044 size_t l; 2045 2046 s = splsoftnet(); 2047 2048 if (oldp) { 2049 d = (struct in6_defrouter *)oldp; 2050 de = (struct in6_defrouter *)((caddr_t)oldp + *oldlenp); 2051 } 2052 l = 0; 2053 2054 for (dr = TAILQ_FIRST(&nd_defrouter); dr; 2055 dr = TAILQ_NEXT(dr, dr_entry)) { 2056 2057 if (oldp && d + 1 <= de) { 2058 bzero(d, sizeof(*d)); 2059 d->rtaddr.sin6_family = AF_INET6; 2060 d->rtaddr.sin6_len = sizeof(struct sockaddr_in6); 2061 d->rtaddr.sin6_addr = dr->rtaddr; 2062 in6_recoverscope(&d->rtaddr, &d->rtaddr.sin6_addr, 2063 dr->ifp); 2064 d->flags = dr->flags; 2065 d->rtlifetime = dr->rtlifetime; 2066 d->expire = dr->expire; 2067 d->if_index = dr->ifp->if_index; 2068 } 2069 2070 l += sizeof(*d); 2071 if (d) 2072 d++; 2073 } 2074 2075 if (oldp) { 2076 *oldlenp = l; /* (caddr_t)d - (caddr_t)oldp */ 2077 if (l > ol) 2078 error = ENOMEM; 2079 } else 2080 *oldlenp = l; 2081 2082 splx(s); 2083 2084 return (error); 2085 } 2086 2087 static int 2088 fill_prlist(oldp, oldlenp, ol) 2089 void *oldp; 2090 size_t *oldlenp, ol; 2091 { 2092 int error = 0, s; 2093 struct nd_prefix *pr; 2094 struct in6_prefix *p = NULL; 2095 struct in6_prefix *pe = NULL; 2096 size_t l; 2097 2098 s = splsoftnet(); 2099 2100 if (oldp) { 2101 p = (struct in6_prefix *)oldp; 2102 pe = (struct in6_prefix *)((caddr_t)oldp + *oldlenp); 2103 } 2104 l = 0; 2105 2106 for (pr = nd_prefix.lh_first; pr; pr = pr->ndpr_next) { 2107 u_short advrtrs; 2108 size_t advance; 2109 struct sockaddr_in6 *sin6; 2110 struct sockaddr_in6 *s6; 2111 struct nd_pfxrouter *pfr; 2112 2113 if (oldp && p + 1 <= pe) 2114 { 2115 bzero(p, sizeof(*p)); 2116 sin6 = (struct sockaddr_in6 *)(p + 1); 2117 2118 p->prefix = pr->ndpr_prefix; 2119 if (in6_recoverscope(&p->prefix, 2120 &p->prefix.sin6_addr, pr->ndpr_ifp) != 0) 2121 log(LOG_ERR, 2122 "scope error in prefix list (%s)\n", 2123 ip6_sprintf(&p->prefix.sin6_addr)); 2124 p->raflags = pr->ndpr_raf; 2125 p->prefixlen = pr->ndpr_plen; 2126 p->vltime = pr->ndpr_vltime; 2127 p->pltime = pr->ndpr_pltime; 2128 p->if_index = pr->ndpr_ifp->if_index; 2129 if (pr->ndpr_vltime == ND6_INFINITE_LIFETIME) 2130 p->expire = 0; 2131 else { 2132 time_t maxexpire; 2133 2134 /* XXX: we assume time_t is signed. */ 2135 maxexpire = (-1) & 2136 ~(1 << ((sizeof(maxexpire) * 8) - 1)); 2137 if (pr->ndpr_vltime < 2138 maxexpire - pr->ndpr_lastupdate) { 2139 p->expire = pr->ndpr_lastupdate + 2140 pr->ndpr_vltime; 2141 } else 2142 p->expire = maxexpire; 2143 } 2144 p->refcnt = pr->ndpr_refcnt; 2145 p->flags = pr->ndpr_stateflags; 2146 p->origin = PR_ORIG_RA; 2147 advrtrs = 0; 2148 for (pfr = pr->ndpr_advrtrs.lh_first; pfr; 2149 pfr = pfr->pfr_next) { 2150 if ((void *)&sin6[advrtrs + 1] > (void *)pe) { 2151 advrtrs++; 2152 continue; 2153 } 2154 s6 = &sin6[advrtrs]; 2155 s6->sin6_family = AF_INET6; 2156 s6->sin6_len = sizeof(struct sockaddr_in6); 2157 s6->sin6_addr = pfr->router->rtaddr; 2158 in6_recoverscope(s6, &s6->sin6_addr, 2159 pfr->router->ifp); 2160 advrtrs++; 2161 } 2162 p->advrtrs = advrtrs; 2163 } 2164 else { 2165 advrtrs = 0; 2166 for (pfr = pr->ndpr_advrtrs.lh_first; pfr; 2167 pfr = pfr->pfr_next) 2168 advrtrs++; 2169 } 2170 2171 advance = sizeof(*p) + sizeof(*sin6) * advrtrs; 2172 l += advance; 2173 if (p) 2174 p = (struct in6_prefix *)((caddr_t)p + advance); 2175 } 2176 2177 if (oldp) { 2178 *oldlenp = l; /* (caddr_t)d - (caddr_t)oldp */ 2179 if (l > ol) 2180 error = ENOMEM; 2181 } else 2182 *oldlenp = l; 2183 2184 splx(s); 2185 2186 return (error); 2187 }
Cache object: 5bcb953354328902adf1da8b3b4f20b4
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]