The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/netinet6/raw_ip6.c

Version: -  FREEBSD  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-2  -  FREEBSD-11-1  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-4  -  FREEBSD-10-3  -  FREEBSD-10-2  -  FREEBSD-10-1  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-3  -  FREEBSD-9-2  -  FREEBSD-9-1  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-4  -  FREEBSD-8-3  -  FREEBSD-8-2  -  FREEBSD-8-1  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-4  -  FREEBSD-7-3  -  FREEBSD-7-2  -  FREEBSD-7-1  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-4  -  FREEBSD-6-3  -  FREEBSD-6-2  -  FREEBSD-6-1  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-5  -  FREEBSD-5-4  -  FREEBSD-5-3  -  FREEBSD-5-2  -  FREEBSD-5-1  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  linux-2.6  -  linux-2.4.22  -  MK83  -  MK84  -  PLAN9  -  DFBSD  -  NETBSD  -  NETBSD5  -  NETBSD4  -  NETBSD3  -  NETBSD20  -  OPENBSD  -  xnu-517  -  xnu-792  -  xnu-792.6.70  -  xnu-1228  -  xnu-1456.1.26  -  xnu-1699.24.8  -  xnu-2050.18.24  -  OPENSOLARIS  -  minix-3-1-1 
SearchContext: -  none  -  3  -  10 

    1 /*-
    2  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
    3  * All rights reserved.
    4  *
    5  * Redistribution and use in source and binary forms, with or without
    6  * modification, are permitted provided that the following conditions
    7  * are met:
    8  * 1. Redistributions of source code must retain the above copyright
    9  *    notice, this list of conditions and the following disclaimer.
   10  * 2. Redistributions in binary form must reproduce the above copyright
   11  *    notice, this list of conditions and the following disclaimer in the
   12  *    documentation and/or other materials provided with the distribution.
   13  * 3. Neither the name of the project nor the names of its contributors
   14  *    may be used to endorse or promote products derived from this software
   15  *    without specific prior written permission.
   16  *
   17  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
   18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   20  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
   21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   27  * SUCH DAMAGE.
   28  */
   29 
   30 /*-
   31  * Copyright (c) 1982, 1986, 1988, 1993
   32  *      The Regents of the University of California.
   33  * All rights reserved.
   34  *
   35  * Redistribution and use in source and binary forms, with or without
   36  * modification, are permitted provided that the following conditions
   37  * are met:
   38  * 1. Redistributions of source code must retain the above copyright
   39  *    notice, this list of conditions and the following disclaimer.
   40  * 2. Redistributions in binary form must reproduce the above copyright
   41  *    notice, this list of conditions and the following disclaimer in the
   42  *    documentation and/or other materials provided with the distribution.
   43  * 4. Neither the name of the University nor the names of its contributors
   44  *    may be used to endorse or promote products derived from this software
   45  *    without specific prior written permission.
   46  *
   47  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
   48  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   49  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   50  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
   51  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   52  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   53  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   54  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   55  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   56  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   57  * SUCH DAMAGE.
   58  *
   59  *      @(#)raw_ip.c    8.2 (Berkeley) 1/4/94
   60  */
   61 
   62 #include <sys/cdefs.h>
   63 __FBSDID("$FreeBSD: stable/11/sys/netinet6/raw_ip6.c 331722 2018-03-29 02:50:57Z eadler $");
   64 
   65 #include "opt_ipsec.h"
   66 #include "opt_inet6.h"
   67 
   68 #include <sys/param.h>
   69 #include <sys/errno.h>
   70 #include <sys/jail.h>
   71 #include <sys/kernel.h>
   72 #include <sys/lock.h>
   73 #include <sys/malloc.h>
   74 #include <sys/mbuf.h>
   75 #include <sys/priv.h>
   76 #include <sys/proc.h>
   77 #include <sys/protosw.h>
   78 #include <sys/signalvar.h>
   79 #include <sys/socket.h>
   80 #include <sys/socketvar.h>
   81 #include <sys/sx.h>
   82 #include <sys/syslog.h>
   83 
   84 #include <net/if.h>
   85 #include <net/if_var.h>
   86 #include <net/if_types.h>
   87 #include <net/route.h>
   88 #include <net/vnet.h>
   89 
   90 #include <netinet/in.h>
   91 #include <netinet/in_var.h>
   92 #include <netinet/in_systm.h>
   93 #include <netinet/in_pcb.h>
   94 
   95 #include <netinet/icmp6.h>
   96 #include <netinet/ip6.h>
   97 #include <netinet/ip_var.h>
   98 #include <netinet6/ip6protosw.h>
   99 #include <netinet6/ip6_mroute.h>
  100 #include <netinet6/in6_pcb.h>
  101 #include <netinet6/ip6_var.h>
  102 #include <netinet6/nd6.h>
  103 #include <netinet6/raw_ip6.h>
  104 #include <netinet6/scope6_var.h>
  105 #include <netinet6/send.h>
  106 
  107 #include <netipsec/ipsec_support.h>
  108 
  109 #include <machine/stdarg.h>
  110 
  111 #define satosin6(sa)    ((struct sockaddr_in6 *)(sa))
  112 #define ifatoia6(ifa)   ((struct in6_ifaddr *)(ifa))
  113 
  114 /*
  115  * Raw interface to IP6 protocol.
  116  */
  117 
  118 VNET_DECLARE(struct inpcbhead, ripcb);
  119 VNET_DECLARE(struct inpcbinfo, ripcbinfo);
  120 #define V_ripcb                         VNET(ripcb)
  121 #define V_ripcbinfo                     VNET(ripcbinfo)
  122 
  123 extern u_long   rip_sendspace;
  124 extern u_long   rip_recvspace;
  125 
  126 VNET_PCPUSTAT_DEFINE(struct rip6stat, rip6stat);
  127 VNET_PCPUSTAT_SYSINIT(rip6stat);
  128 
  129 #ifdef VIMAGE
  130 VNET_PCPUSTAT_SYSUNINIT(rip6stat);
  131 #endif /* VIMAGE */
  132 
  133 /*
  134  * Hooks for multicast routing. They all default to NULL, so leave them not
  135  * initialized and rely on BSS being set to 0.
  136  */
  137 
  138 /*
  139  * The socket used to communicate with the multicast routing daemon.
  140  */
  141 VNET_DEFINE(struct socket *, ip6_mrouter);
  142 
  143 /*
  144  * The various mrouter functions.
  145  */
  146 int (*ip6_mrouter_set)(struct socket *, struct sockopt *);
  147 int (*ip6_mrouter_get)(struct socket *, struct sockopt *);
  148 int (*ip6_mrouter_done)(void);
  149 int (*ip6_mforward)(struct ip6_hdr *, struct ifnet *, struct mbuf *);
  150 int (*mrt6_ioctl)(u_long, caddr_t);
  151 
  152 /*
  153  * Setup generic address and protocol structures for raw_input routine, then
  154  * pass them along with mbuf chain.
  155  */
  156 int
  157 rip6_input(struct mbuf **mp, int *offp, int proto)
  158 {
  159         struct ifnet *ifp;
  160         struct mbuf *m = *mp;
  161         struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
  162         struct inpcb *in6p;
  163         struct inpcb *last = NULL;
  164         struct mbuf *opts = NULL;
  165         struct sockaddr_in6 fromsa;
  166 
  167         RIP6STAT_INC(rip6s_ipackets);
  168 
  169         init_sin6(&fromsa, m); /* general init */
  170 
  171         ifp = m->m_pkthdr.rcvif;
  172 
  173         INP_INFO_RLOCK(&V_ripcbinfo);
  174         LIST_FOREACH(in6p, &V_ripcb, inp_list) {
  175                 /* XXX inp locking */
  176                 if ((in6p->inp_vflag & INP_IPV6) == 0)
  177                         continue;
  178                 if (in6p->inp_ip_p &&
  179                     in6p->inp_ip_p != proto)
  180                         continue;
  181                 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) &&
  182                     !IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &ip6->ip6_dst))
  183                         continue;
  184                 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr) &&
  185                     !IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, &ip6->ip6_src))
  186                         continue;
  187                 if (jailed_without_vnet(in6p->inp_cred)) {
  188                         /*
  189                          * Allow raw socket in jail to receive multicast;
  190                          * assume process had PRIV_NETINET_RAW at attach,
  191                          * and fall through into normal filter path if so.
  192                          */
  193                         if (!IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) &&
  194                             prison_check_ip6(in6p->inp_cred,
  195                             &ip6->ip6_dst) != 0)
  196                                 continue;
  197                 }
  198                 INP_RLOCK(in6p);
  199                 if (in6p->in6p_cksum != -1) {
  200                         RIP6STAT_INC(rip6s_isum);
  201                         if (in6_cksum(m, proto, *offp,
  202                             m->m_pkthdr.len - *offp)) {
  203                                 INP_RUNLOCK(in6p);
  204                                 RIP6STAT_INC(rip6s_badsum);
  205                                 continue;
  206                         }
  207                 }
  208                 /*
  209                  * If this raw socket has multicast state, and we
  210                  * have received a multicast, check if this socket
  211                  * should receive it, as multicast filtering is now
  212                  * the responsibility of the transport layer.
  213                  */
  214                 if (in6p->in6p_moptions &&
  215                     IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
  216                         /*
  217                          * If the incoming datagram is for MLD, allow it
  218                          * through unconditionally to the raw socket.
  219                          *
  220                          * Use the M_RTALERT_MLD flag to check for MLD
  221                          * traffic without having to inspect the mbuf chain
  222                          * more deeply, as all MLDv1/v2 host messages MUST
  223                          * contain the Router Alert option.
  224                          *
  225                          * In the case of MLDv1, we may not have explicitly
  226                          * joined the group, and may have set IFF_ALLMULTI
  227                          * on the interface. im6o_mc_filter() may discard
  228                          * control traffic we actually need to see.
  229                          *
  230                          * Userland multicast routing daemons should continue
  231                          * filter the control traffic appropriately.
  232                          */
  233                         int blocked;
  234 
  235                         blocked = MCAST_PASS;
  236                         if ((m->m_flags & M_RTALERT_MLD) == 0) {
  237                                 struct sockaddr_in6 mcaddr;
  238 
  239                                 bzero(&mcaddr, sizeof(struct sockaddr_in6));
  240                                 mcaddr.sin6_len = sizeof(struct sockaddr_in6);
  241                                 mcaddr.sin6_family = AF_INET6;
  242                                 mcaddr.sin6_addr = ip6->ip6_dst;
  243 
  244                                 blocked = im6o_mc_filter(in6p->in6p_moptions,
  245                                     ifp,
  246                                     (struct sockaddr *)&mcaddr,
  247                                     (struct sockaddr *)&fromsa);
  248                         }
  249                         if (blocked != MCAST_PASS) {
  250                                 IP6STAT_INC(ip6s_notmember);
  251                                 INP_RUNLOCK(in6p);
  252                                 continue;
  253                         }
  254                 }
  255                 if (last != NULL) {
  256                         struct mbuf *n = m_copy(m, 0, (int)M_COPYALL);
  257 
  258 #if defined(IPSEC) || defined(IPSEC_SUPPORT)
  259                         /*
  260                          * Check AH/ESP integrity.
  261                          */
  262                         if (IPSEC_ENABLED(ipv6)) {
  263                                 if (n != NULL &&
  264                                     IPSEC_CHECK_POLICY(ipv6, n, last) != 0) {
  265                                         m_freem(n);
  266                                         /* Do not inject data into pcb. */
  267                                         n = NULL;
  268                                 }
  269                         }
  270 #endif /* IPSEC */
  271                         if (n) {
  272                                 if (last->inp_flags & INP_CONTROLOPTS ||
  273                                     last->inp_socket->so_options & SO_TIMESTAMP)
  274                                         ip6_savecontrol(last, n, &opts);
  275                                 /* strip intermediate headers */
  276                                 m_adj(n, *offp);
  277                                 if (sbappendaddr(&last->inp_socket->so_rcv,
  278                                                 (struct sockaddr *)&fromsa,
  279                                                  n, opts) == 0) {
  280                                         m_freem(n);
  281                                         if (opts)
  282                                                 m_freem(opts);
  283                                         RIP6STAT_INC(rip6s_fullsock);
  284                                 } else
  285                                         sorwakeup(last->inp_socket);
  286                                 opts = NULL;
  287                         }
  288                         INP_RUNLOCK(last);
  289                 }
  290                 last = in6p;
  291         }
  292         INP_INFO_RUNLOCK(&V_ripcbinfo);
  293 #if defined(IPSEC) || defined(IPSEC_SUPPORT)
  294         /*
  295          * Check AH/ESP integrity.
  296          */
  297         if (IPSEC_ENABLED(ipv6) && last != NULL &&
  298             IPSEC_CHECK_POLICY(ipv6, m, last) != 0) {
  299                 m_freem(m);
  300                 IP6STAT_DEC(ip6s_delivered);
  301                 /* Do not inject data into pcb. */
  302                 INP_RUNLOCK(last);
  303         } else
  304 #endif /* IPSEC */
  305         if (last != NULL) {
  306                 if (last->inp_flags & INP_CONTROLOPTS ||
  307                     last->inp_socket->so_options & SO_TIMESTAMP)
  308                         ip6_savecontrol(last, m, &opts);
  309                 /* Strip intermediate headers. */
  310                 m_adj(m, *offp);
  311                 if (sbappendaddr(&last->inp_socket->so_rcv,
  312                     (struct sockaddr *)&fromsa, m, opts) == 0) {
  313                         m_freem(m);
  314                         if (opts)
  315                                 m_freem(opts);
  316                         RIP6STAT_INC(rip6s_fullsock);
  317                 } else
  318                         sorwakeup(last->inp_socket);
  319                 INP_RUNLOCK(last);
  320         } else {
  321                 RIP6STAT_INC(rip6s_nosock);
  322                 if (m->m_flags & M_MCAST)
  323                         RIP6STAT_INC(rip6s_nosockmcast);
  324                 if (proto == IPPROTO_NONE)
  325                         m_freem(m);
  326                 else
  327                         icmp6_error(m, ICMP6_PARAM_PROB,
  328                             ICMP6_PARAMPROB_NEXTHEADER,
  329                             ip6_get_prevhdr(m, *offp));
  330                 IP6STAT_DEC(ip6s_delivered);
  331         }
  332         return (IPPROTO_DONE);
  333 }
  334 
  335 void
  336 rip6_ctlinput(int cmd, struct sockaddr *sa, void *d)
  337 {
  338         struct ip6_hdr *ip6;
  339         struct mbuf *m;
  340         int off = 0;
  341         struct ip6ctlparam *ip6cp = NULL;
  342         const struct sockaddr_in6 *sa6_src = NULL;
  343         void *cmdarg;
  344         struct inpcb *(*notify)(struct inpcb *, int) = in6_rtchange;
  345 
  346         if (sa->sa_family != AF_INET6 ||
  347             sa->sa_len != sizeof(struct sockaddr_in6))
  348                 return;
  349 
  350         if ((unsigned)cmd >= PRC_NCMDS)
  351                 return;
  352         if (PRC_IS_REDIRECT(cmd))
  353                 notify = in6_rtchange, d = NULL;
  354         else if (cmd == PRC_HOSTDEAD)
  355                 d = NULL;
  356         else if (inet6ctlerrmap[cmd] == 0)
  357                 return;
  358 
  359         /*
  360          * If the parameter is from icmp6, decode it.
  361          */
  362         if (d != NULL) {
  363                 ip6cp = (struct ip6ctlparam *)d;
  364                 m = ip6cp->ip6c_m;
  365                 ip6 = ip6cp->ip6c_ip6;
  366                 off = ip6cp->ip6c_off;
  367                 cmdarg = ip6cp->ip6c_cmdarg;
  368                 sa6_src = ip6cp->ip6c_src;
  369         } else {
  370                 m = NULL;
  371                 ip6 = NULL;
  372                 cmdarg = NULL;
  373                 sa6_src = &sa6_any;
  374         }
  375 
  376         (void) in6_pcbnotify(&V_ripcbinfo, sa, 0,
  377             (const struct sockaddr *)sa6_src, 0, cmd, cmdarg, notify);
  378 }
  379 
  380 /*
  381  * Generate IPv6 header and pass packet to ip6_output.  Tack on options user
  382  * may have setup with control call.
  383  */
  384 int
  385 rip6_output(struct mbuf *m, struct socket *so, ...)
  386 {
  387         struct mbuf *control;
  388         struct m_tag *mtag;
  389         struct sockaddr_in6 *dstsock;
  390         struct in6_addr *dst;
  391         struct ip6_hdr *ip6;
  392         struct inpcb *in6p;
  393         u_int   plen = m->m_pkthdr.len;
  394         int error = 0;
  395         struct ip6_pktopts opt, *optp;
  396         struct ifnet *oifp = NULL;
  397         int type = 0, code = 0;         /* for ICMPv6 output statistics only */
  398         int scope_ambiguous = 0;
  399         int use_defzone = 0;
  400         int hlim = 0;
  401         struct in6_addr in6a;
  402         va_list ap;
  403 
  404         va_start(ap, so);
  405         dstsock = va_arg(ap, struct sockaddr_in6 *);
  406         control = va_arg(ap, struct mbuf *);
  407         va_end(ap);
  408 
  409         in6p = sotoinpcb(so);
  410         INP_WLOCK(in6p);
  411 
  412         dst = &dstsock->sin6_addr;
  413         if (control != NULL) {
  414                 if ((error = ip6_setpktopts(control, &opt,
  415                     in6p->in6p_outputopts, so->so_cred,
  416                     so->so_proto->pr_protocol)) != 0) {
  417                         goto bad;
  418                 }
  419                 optp = &opt;
  420         } else
  421                 optp = in6p->in6p_outputopts;
  422 
  423         /*
  424          * Check and convert scope zone ID into internal form.
  425          *
  426          * XXX: we may still need to determine the zone later.
  427          */
  428         if (!(so->so_state & SS_ISCONNECTED)) {
  429                 if (!optp || !optp->ip6po_pktinfo ||
  430                     !optp->ip6po_pktinfo->ipi6_ifindex)
  431                         use_defzone = V_ip6_use_defzone;
  432                 if (dstsock->sin6_scope_id == 0 && !use_defzone)
  433                         scope_ambiguous = 1;
  434                 if ((error = sa6_embedscope(dstsock, use_defzone)) != 0)
  435                         goto bad;
  436         }
  437 
  438         /*
  439          * For an ICMPv6 packet, we should know its type and code to update
  440          * statistics.
  441          */
  442         if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) {
  443                 struct icmp6_hdr *icmp6;
  444                 if (m->m_len < sizeof(struct icmp6_hdr) &&
  445                     (m = m_pullup(m, sizeof(struct icmp6_hdr))) == NULL) {
  446                         error = ENOBUFS;
  447                         goto bad;
  448                 }
  449                 icmp6 = mtod(m, struct icmp6_hdr *);
  450                 type = icmp6->icmp6_type;
  451                 code = icmp6->icmp6_code;
  452         }
  453 
  454         M_PREPEND(m, sizeof(*ip6), M_NOWAIT);
  455         if (m == NULL) {
  456                 error = ENOBUFS;
  457                 goto bad;
  458         }
  459         ip6 = mtod(m, struct ip6_hdr *);
  460 
  461         /*
  462          * Source address selection.
  463          */
  464         error = in6_selectsrc_socket(dstsock, optp, in6p, so->so_cred,
  465             scope_ambiguous, &in6a, &hlim);
  466 
  467         if (error)
  468                 goto bad;
  469         error = prison_check_ip6(in6p->inp_cred, &in6a);
  470         if (error != 0)
  471                 goto bad;
  472         ip6->ip6_src = in6a;
  473 
  474         ip6->ip6_dst = dstsock->sin6_addr;
  475 
  476         /*
  477          * Fill in the rest of the IPv6 header fields.
  478          */
  479         ip6->ip6_flow = (ip6->ip6_flow & ~IPV6_FLOWINFO_MASK) |
  480             (in6p->inp_flow & IPV6_FLOWINFO_MASK);
  481         ip6->ip6_vfc = (ip6->ip6_vfc & ~IPV6_VERSION_MASK) |
  482             (IPV6_VERSION & IPV6_VERSION_MASK);
  483 
  484         /*
  485          * ip6_plen will be filled in ip6_output, so not fill it here.
  486          */
  487         ip6->ip6_nxt = in6p->inp_ip_p;
  488         ip6->ip6_hlim = hlim;
  489 
  490         if (so->so_proto->pr_protocol == IPPROTO_ICMPV6 ||
  491             in6p->in6p_cksum != -1) {
  492                 struct mbuf *n;
  493                 int off;
  494                 u_int16_t *p;
  495 
  496                 /* Compute checksum. */
  497                 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6)
  498                         off = offsetof(struct icmp6_hdr, icmp6_cksum);
  499                 else
  500                         off = in6p->in6p_cksum;
  501                 if (plen < off + 1) {
  502                         error = EINVAL;
  503                         goto bad;
  504                 }
  505                 off += sizeof(struct ip6_hdr);
  506 
  507                 n = m;
  508                 while (n && n->m_len <= off) {
  509                         off -= n->m_len;
  510                         n = n->m_next;
  511                 }
  512                 if (!n)
  513                         goto bad;
  514                 p = (u_int16_t *)(mtod(n, caddr_t) + off);
  515                 *p = 0;
  516                 *p = in6_cksum(m, ip6->ip6_nxt, sizeof(*ip6), plen);
  517         }
  518 
  519         /*
  520          * Send RA/RS messages to user land for protection, before sending
  521          * them to rtadvd/rtsol.
  522          */
  523         if ((send_sendso_input_hook != NULL) &&
  524             so->so_proto->pr_protocol == IPPROTO_ICMPV6) {
  525                 switch (type) {
  526                 case ND_ROUTER_ADVERT:
  527                 case ND_ROUTER_SOLICIT:
  528                         mtag = m_tag_get(PACKET_TAG_ND_OUTGOING,
  529                                 sizeof(unsigned short), M_NOWAIT);
  530                         if (mtag == NULL)
  531                                 goto bad;
  532                         m_tag_prepend(m, mtag);
  533                 }
  534         }
  535 
  536         error = ip6_output(m, optp, NULL, 0, in6p->in6p_moptions, &oifp, in6p);
  537         if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) {
  538                 if (oifp)
  539                         icmp6_ifoutstat_inc(oifp, type, code);
  540                 ICMP6STAT_INC(icp6s_outhist[type]);
  541         } else
  542                 RIP6STAT_INC(rip6s_opackets);
  543 
  544         goto freectl;
  545 
  546  bad:
  547         if (m)
  548                 m_freem(m);
  549 
  550  freectl:
  551         if (control != NULL) {
  552                 ip6_clearpktopts(&opt, -1);
  553                 m_freem(control);
  554         }
  555         INP_WUNLOCK(in6p);
  556         return (error);
  557 }
  558 
  559 /*
  560  * Raw IPv6 socket option processing.
  561  */
  562 int
  563 rip6_ctloutput(struct socket *so, struct sockopt *sopt)
  564 {
  565         struct inpcb *inp;
  566         int error;
  567 
  568         if (sopt->sopt_level == IPPROTO_ICMPV6)
  569                 /*
  570                  * XXX: is it better to call icmp6_ctloutput() directly
  571                  * from protosw?
  572                  */
  573                 return (icmp6_ctloutput(so, sopt));
  574         else if (sopt->sopt_level != IPPROTO_IPV6) {
  575                 if (sopt->sopt_level == SOL_SOCKET &&
  576                     sopt->sopt_name == SO_SETFIB) {
  577                         inp = sotoinpcb(so);
  578                         INP_WLOCK(inp);
  579                         inp->inp_inc.inc_fibnum = so->so_fibnum;
  580                         INP_WUNLOCK(inp);
  581                         return (0);
  582                 }
  583                 return (EINVAL);
  584         }
  585 
  586         error = 0;
  587 
  588         switch (sopt->sopt_dir) {
  589         case SOPT_GET:
  590                 switch (sopt->sopt_name) {
  591                 case MRT6_INIT:
  592                 case MRT6_DONE:
  593                 case MRT6_ADD_MIF:
  594                 case MRT6_DEL_MIF:
  595                 case MRT6_ADD_MFC:
  596                 case MRT6_DEL_MFC:
  597                 case MRT6_PIM:
  598                         error = ip6_mrouter_get ?  ip6_mrouter_get(so, sopt) :
  599                             EOPNOTSUPP;
  600                         break;
  601                 case IPV6_CHECKSUM:
  602                         error = ip6_raw_ctloutput(so, sopt);
  603                         break;
  604                 default:
  605                         error = ip6_ctloutput(so, sopt);
  606                         break;
  607                 }
  608                 break;
  609 
  610         case SOPT_SET:
  611                 switch (sopt->sopt_name) {
  612                 case MRT6_INIT:
  613                 case MRT6_DONE:
  614                 case MRT6_ADD_MIF:
  615                 case MRT6_DEL_MIF:
  616                 case MRT6_ADD_MFC:
  617                 case MRT6_DEL_MFC:
  618                 case MRT6_PIM:
  619                         error = ip6_mrouter_set ?  ip6_mrouter_set(so, sopt) :
  620                             EOPNOTSUPP;
  621                         break;
  622                 case IPV6_CHECKSUM:
  623                         error = ip6_raw_ctloutput(so, sopt);
  624                         break;
  625                 default:
  626                         error = ip6_ctloutput(so, sopt);
  627                         break;
  628                 }
  629                 break;
  630         }
  631 
  632         return (error);
  633 }
  634 
  635 static int
  636 rip6_attach(struct socket *so, int proto, struct thread *td)
  637 {
  638         struct inpcb *inp;
  639         struct icmp6_filter *filter;
  640         int error;
  641 
  642         inp = sotoinpcb(so);
  643         KASSERT(inp == NULL, ("rip6_attach: inp != NULL"));
  644 
  645         error = priv_check(td, PRIV_NETINET_RAW);
  646         if (error)
  647                 return (error);
  648         error = soreserve(so, rip_sendspace, rip_recvspace);
  649         if (error)
  650                 return (error);
  651         filter = malloc(sizeof(struct icmp6_filter), M_PCB, M_NOWAIT);
  652         if (filter == NULL)
  653                 return (ENOMEM);
  654         INP_INFO_WLOCK(&V_ripcbinfo);
  655         error = in_pcballoc(so, &V_ripcbinfo);
  656         if (error) {
  657                 INP_INFO_WUNLOCK(&V_ripcbinfo);
  658                 free(filter, M_PCB);
  659                 return (error);
  660         }
  661         inp = (struct inpcb *)so->so_pcb;
  662         INP_INFO_WUNLOCK(&V_ripcbinfo);
  663         inp->inp_vflag |= INP_IPV6;
  664         inp->inp_ip_p = (long)proto;
  665         inp->in6p_hops = -1;    /* use kernel default */
  666         inp->in6p_cksum = -1;
  667         inp->in6p_icmp6filt = filter;
  668         ICMP6_FILTER_SETPASSALL(inp->in6p_icmp6filt);
  669         INP_WUNLOCK(inp);
  670         return (0);
  671 }
  672 
  673 static void
  674 rip6_detach(struct socket *so)
  675 {
  676         struct inpcb *inp;
  677 
  678         inp = sotoinpcb(so);
  679         KASSERT(inp != NULL, ("rip6_detach: inp == NULL"));
  680 
  681         if (so == V_ip6_mrouter && ip6_mrouter_done)
  682                 ip6_mrouter_done();
  683         /* xxx: RSVP */
  684         INP_INFO_WLOCK(&V_ripcbinfo);
  685         INP_WLOCK(inp);
  686         free(inp->in6p_icmp6filt, M_PCB);
  687         in_pcbdetach(inp);
  688         in_pcbfree(inp);
  689         INP_INFO_WUNLOCK(&V_ripcbinfo);
  690 }
  691 
  692 /* XXXRW: This can't ever be called. */
  693 static void
  694 rip6_abort(struct socket *so)
  695 {
  696         struct inpcb *inp;
  697 
  698         inp = sotoinpcb(so);
  699         KASSERT(inp != NULL, ("rip6_abort: inp == NULL"));
  700 
  701         soisdisconnected(so);
  702 }
  703 
  704 static void
  705 rip6_close(struct socket *so)
  706 {
  707         struct inpcb *inp;
  708 
  709         inp = sotoinpcb(so);
  710         KASSERT(inp != NULL, ("rip6_close: inp == NULL"));
  711 
  712         soisdisconnected(so);
  713 }
  714 
  715 static int
  716 rip6_disconnect(struct socket *so)
  717 {
  718         struct inpcb *inp;
  719 
  720         inp = sotoinpcb(so);
  721         KASSERT(inp != NULL, ("rip6_disconnect: inp == NULL"));
  722 
  723         if ((so->so_state & SS_ISCONNECTED) == 0)
  724                 return (ENOTCONN);
  725         inp->in6p_faddr = in6addr_any;
  726         rip6_abort(so);
  727         return (0);
  728 }
  729 
  730 static int
  731 rip6_bind(struct socket *so, struct sockaddr *nam, struct thread *td)
  732 {
  733         struct inpcb *inp;
  734         struct sockaddr_in6 *addr = (struct sockaddr_in6 *)nam;
  735         struct ifaddr *ifa = NULL;
  736         int error = 0;
  737 
  738         inp = sotoinpcb(so);
  739         KASSERT(inp != NULL, ("rip6_bind: inp == NULL"));
  740 
  741         if (nam->sa_len != sizeof(*addr))
  742                 return (EINVAL);
  743         if ((error = prison_check_ip6(td->td_ucred, &addr->sin6_addr)) != 0)
  744                 return (error);
  745         if (TAILQ_EMPTY(&V_ifnet) || addr->sin6_family != AF_INET6)
  746                 return (EADDRNOTAVAIL);
  747         if ((error = sa6_embedscope(addr, V_ip6_use_defzone)) != 0)
  748                 return (error);
  749 
  750         if (!IN6_IS_ADDR_UNSPECIFIED(&addr->sin6_addr) &&
  751             (ifa = ifa_ifwithaddr((struct sockaddr *)addr)) == NULL)
  752                 return (EADDRNOTAVAIL);
  753         if (ifa != NULL &&
  754             ((struct in6_ifaddr *)ifa)->ia6_flags &
  755             (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY|
  756              IN6_IFF_DETACHED|IN6_IFF_DEPRECATED)) {
  757                 ifa_free(ifa);
  758                 return (EADDRNOTAVAIL);
  759         }
  760         if (ifa != NULL)
  761                 ifa_free(ifa);
  762         INP_INFO_WLOCK(&V_ripcbinfo);
  763         INP_WLOCK(inp);
  764         inp->in6p_laddr = addr->sin6_addr;
  765         INP_WUNLOCK(inp);
  766         INP_INFO_WUNLOCK(&V_ripcbinfo);
  767         return (0);
  768 }
  769 
  770 static int
  771 rip6_connect(struct socket *so, struct sockaddr *nam, struct thread *td)
  772 {
  773         struct inpcb *inp;
  774         struct sockaddr_in6 *addr = (struct sockaddr_in6 *)nam;
  775         struct in6_addr in6a;
  776         int error = 0, scope_ambiguous = 0;
  777 
  778         inp = sotoinpcb(so);
  779         KASSERT(inp != NULL, ("rip6_connect: inp == NULL"));
  780 
  781         if (nam->sa_len != sizeof(*addr))
  782                 return (EINVAL);
  783         if (TAILQ_EMPTY(&V_ifnet))
  784                 return (EADDRNOTAVAIL);
  785         if (addr->sin6_family != AF_INET6)
  786                 return (EAFNOSUPPORT);
  787 
  788         /*
  789          * Application should provide a proper zone ID or the use of default
  790          * zone IDs should be enabled.  Unfortunately, some applications do
  791          * not behave as it should, so we need a workaround.  Even if an
  792          * appropriate ID is not determined, we'll see if we can determine
  793          * the outgoing interface.  If we can, determine the zone ID based on
  794          * the interface below.
  795          */
  796         if (addr->sin6_scope_id == 0 && !V_ip6_use_defzone)
  797                 scope_ambiguous = 1;
  798         if ((error = sa6_embedscope(addr, V_ip6_use_defzone)) != 0)
  799                 return (error);
  800 
  801         INP_INFO_WLOCK(&V_ripcbinfo);
  802         INP_WLOCK(inp);
  803         /* Source address selection. XXX: need pcblookup? */
  804         error = in6_selectsrc_socket(addr, inp->in6p_outputopts,
  805             inp, so->so_cred, scope_ambiguous, &in6a, NULL);
  806         if (error) {
  807                 INP_WUNLOCK(inp);
  808                 INP_INFO_WUNLOCK(&V_ripcbinfo);
  809                 return (error);
  810         }
  811 
  812         inp->in6p_faddr = addr->sin6_addr;
  813         inp->in6p_laddr = in6a;
  814         soisconnected(so);
  815         INP_WUNLOCK(inp);
  816         INP_INFO_WUNLOCK(&V_ripcbinfo);
  817         return (0);
  818 }
  819 
  820 static int
  821 rip6_shutdown(struct socket *so)
  822 {
  823         struct inpcb *inp;
  824 
  825         inp = sotoinpcb(so);
  826         KASSERT(inp != NULL, ("rip6_shutdown: inp == NULL"));
  827 
  828         INP_WLOCK(inp);
  829         socantsendmore(so);
  830         INP_WUNLOCK(inp);
  831         return (0);
  832 }
  833 
  834 static int
  835 rip6_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam,
  836     struct mbuf *control, struct thread *td)
  837 {
  838         struct inpcb *inp;
  839         struct sockaddr_in6 tmp;
  840         struct sockaddr_in6 *dst;
  841         int ret;
  842 
  843         inp = sotoinpcb(so);
  844         KASSERT(inp != NULL, ("rip6_send: inp == NULL"));
  845 
  846         /* Always copy sockaddr to avoid overwrites. */
  847         /* Unlocked read. */
  848         if (so->so_state & SS_ISCONNECTED) {
  849                 if (nam) {
  850                         m_freem(m);
  851                         return (EISCONN);
  852                 }
  853                 /* XXX */
  854                 bzero(&tmp, sizeof(tmp));
  855                 tmp.sin6_family = AF_INET6;
  856                 tmp.sin6_len = sizeof(struct sockaddr_in6);
  857                 INP_RLOCK(inp);
  858                 bcopy(&inp->in6p_faddr, &tmp.sin6_addr,
  859                     sizeof(struct in6_addr));
  860                 INP_RUNLOCK(inp);
  861                 dst = &tmp;
  862         } else {
  863                 if (nam == NULL) {
  864                         m_freem(m);
  865                         return (ENOTCONN);
  866                 }
  867                 if (nam->sa_len != sizeof(struct sockaddr_in6)) {
  868                         m_freem(m);
  869                         return (EINVAL);
  870                 }
  871                 tmp = *(struct sockaddr_in6 *)nam;
  872                 dst = &tmp;
  873 
  874                 if (dst->sin6_family == AF_UNSPEC) {
  875                         /*
  876                          * XXX: we allow this case for backward
  877                          * compatibility to buggy applications that
  878                          * rely on old (and wrong) kernel behavior.
  879                          */
  880                         log(LOG_INFO, "rip6 SEND: address family is "
  881                             "unspec. Assume AF_INET6\n");
  882                         dst->sin6_family = AF_INET6;
  883                 } else if (dst->sin6_family != AF_INET6) {
  884                         m_freem(m);
  885                         return(EAFNOSUPPORT);
  886                 }
  887         }
  888         ret = rip6_output(m, so, dst, control);
  889         return (ret);
  890 }
  891 
  892 struct pr_usrreqs rip6_usrreqs = {
  893         .pru_abort =            rip6_abort,
  894         .pru_attach =           rip6_attach,
  895         .pru_bind =             rip6_bind,
  896         .pru_connect =          rip6_connect,
  897         .pru_control =          in6_control,
  898         .pru_detach =           rip6_detach,
  899         .pru_disconnect =       rip6_disconnect,
  900         .pru_peeraddr =         in6_getpeeraddr,
  901         .pru_send =             rip6_send,
  902         .pru_shutdown =         rip6_shutdown,
  903         .pru_sockaddr =         in6_getsockaddr,
  904         .pru_close =            rip6_close,
  905 };

Cache object: 635e507d47f7d7d4a693ea4186f0d2c0


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.