1 /*-
2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. Neither the name of the project nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 *
29 * $KAME: udp6_usrreq.c,v 1.27 2001/05/21 05:45:10 jinmei Exp $
30 * $KAME: udp6_output.c,v 1.31 2001/05/21 16:39:15 jinmei Exp $
31 */
32
33 /*-
34 * Copyright (c) 1982, 1986, 1988, 1990, 1993, 1995
35 * The Regents of the University of California.
36 * All rights reserved.
37 *
38 * Redistribution and use in source and binary forms, with or without
39 * modification, are permitted provided that the following conditions
40 * are met:
41 * 1. Redistributions of source code must retain the above copyright
42 * notice, this list of conditions and the following disclaimer.
43 * 2. Redistributions in binary form must reproduce the above copyright
44 * notice, this list of conditions and the following disclaimer in the
45 * documentation and/or other materials provided with the distribution.
46 * 4. Neither the name of the University nor the names of its contributors
47 * may be used to endorse or promote products derived from this software
48 * without specific prior written permission.
49 *
50 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
51 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
52 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
53 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
54 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
55 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
56 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
57 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
58 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
59 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
60 * SUCH DAMAGE.
61 *
62 * @(#)udp_usrreq.c 8.6 (Berkeley) 5/23/95
63 */
64
65 #include <sys/cdefs.h>
66 __FBSDID("$FreeBSD$");
67
68 #include "opt_inet.h"
69 #include "opt_inet6.h"
70 #include "opt_ipsec.h"
71 #include "opt_mac.h"
72
73 #include <sys/param.h>
74 #include <sys/kernel.h>
75 #include <sys/lock.h>
76 #include <sys/mbuf.h>
77 #include <sys/priv.h>
78 #include <sys/proc.h>
79 #include <sys/protosw.h>
80 #include <sys/signalvar.h>
81 #include <sys/socket.h>
82 #include <sys/socketvar.h>
83 #include <sys/sx.h>
84 #include <sys/sysctl.h>
85 #include <sys/syslog.h>
86 #include <sys/systm.h>
87
88 #include <net/if.h>
89 #include <net/if_types.h>
90 #include <net/route.h>
91
92 #include <netinet/in.h>
93 #include <netinet/in_pcb.h>
94 #include <netinet/in_systm.h>
95 #include <netinet/in_var.h>
96 #include <netinet/ip.h>
97 #include <netinet/ip_icmp.h>
98 #include <netinet/ip6.h>
99 #include <netinet/icmp_var.h>
100 #include <netinet/icmp6.h>
101 #include <netinet/ip_var.h>
102 #include <netinet/udp.h>
103 #include <netinet/udp_var.h>
104 #include <netinet6/ip6protosw.h>
105 #include <netinet6/ip6_var.h>
106 #include <netinet6/in6_pcb.h>
107 #include <netinet6/udp6_var.h>
108 #include <netinet6/scope6_var.h>
109
110 #ifdef IPSEC
111 #include <netipsec/ipsec.h>
112 #include <netipsec/ipsec6.h>
113 #endif /* IPSEC */
114
115 #include <security/mac/mac_framework.h>
116
117 /*
118 * UDP protocol implementation.
119 * Per RFC 768, August, 1980.
120 */
121
122 extern struct protosw inetsw[];
123 static void udp6_detach(struct socket *so);
124
125 static void
126 udp6_append(struct inpcb *inp, struct mbuf *n, int off,
127 struct sockaddr_in6 *fromsa)
128 {
129 struct socket *so;
130 struct mbuf *opts;
131
132 INP_LOCK_ASSERT(inp);
133
134 #ifdef IPSEC
135 /* Check AH/ESP integrity. */
136 if (ipsec6_in_reject(n, inp)) {
137 m_freem(n);
138 ipsec6stat.in_polvio++;
139 return;
140 }
141 #endif /* IPSEC */
142 #ifdef MAC
143 if (mac_check_inpcb_deliver(inp, n) != 0) {
144 m_freem(n);
145 return;
146 }
147 #endif
148 opts = NULL;
149 if (inp->in6p_flags & IN6P_CONTROLOPTS ||
150 inp->inp_socket->so_options & SO_TIMESTAMP)
151 ip6_savecontrol(inp, n, &opts);
152 m_adj(n, off + sizeof(struct udphdr));
153
154 so = inp->inp_socket;
155 SOCKBUF_LOCK(&so->so_rcv);
156 if (sbappendaddr_locked(&so->so_rcv, (struct sockaddr *)fromsa, n,
157 opts) == 0) {
158 SOCKBUF_UNLOCK(&so->so_rcv);
159 m_freem(n);
160 if (opts)
161 m_freem(opts);
162 udpstat.udps_fullsock++;
163 } else
164 sorwakeup_locked(so);
165 }
166
167 int
168 udp6_input(struct mbuf **mp, int *offp, int proto)
169 {
170 struct mbuf *m = *mp;
171 struct ip6_hdr *ip6;
172 struct udphdr *uh;
173 struct inpcb *inp;
174 int off = *offp;
175 int plen, ulen;
176 struct sockaddr_in6 fromsa;
177
178 ip6 = mtod(m, struct ip6_hdr *);
179
180 if (faithprefix_p != NULL && (*faithprefix_p)(&ip6->ip6_dst)) {
181 /* XXX send icmp6 host/port unreach? */
182 m_freem(m);
183 return (IPPROTO_DONE);
184 }
185
186 #ifndef PULLDOWN_TEST
187 IP6_EXTHDR_CHECK(m, off, sizeof(struct udphdr), IPPROTO_DONE);
188 ip6 = mtod(m, struct ip6_hdr *);
189 uh = (struct udphdr *)((caddr_t)ip6 + off);
190 #else
191 IP6_EXTHDR_GET(uh, struct udphdr *, m, off, sizeof(*uh));
192 if (!uh)
193 return (IPPROTO_DONE);
194 #endif
195
196 udpstat.udps_ipackets++;
197
198 /*
199 * Destination port of 0 is illegal, based on RFC768.
200 */
201 if (uh->uh_dport == 0)
202 goto badunlocked;
203
204 plen = ntohs(ip6->ip6_plen) - off + sizeof(*ip6);
205 ulen = ntohs((u_short)uh->uh_ulen);
206
207 if (plen != ulen) {
208 udpstat.udps_badlen++;
209 goto badunlocked;
210 }
211
212 /*
213 * Checksum extended UDP header and data.
214 */
215 if (uh->uh_sum == 0) {
216 udpstat.udps_nosum++;
217 goto badunlocked;
218 }
219 if (in6_cksum(m, IPPROTO_UDP, off, ulen) != 0) {
220 udpstat.udps_badsum++;
221 goto badunlocked;
222 }
223
224 /*
225 * Construct sockaddr format source address.
226 */
227 init_sin6(&fromsa, m);
228 fromsa.sin6_port = uh->uh_sport;
229
230 INP_INFO_RLOCK(&udbinfo);
231 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
232 struct inpcb *last;
233
234 /*
235 * In the event that laddr should be set to the link-local
236 * address (this happens in RIPng), the multicast address
237 * specified in the received packet will not match laddr. To
238 * handle this situation, matching is relaxed if the
239 * receiving interface is the same as one specified in the
240 * socket and if the destination multicast address matches
241 * one of the multicast groups specified in the socket.
242 */
243
244 /*
245 * KAME note: traditionally we dropped udpiphdr from mbuf
246 * here. We need udphdr for IPsec processing so we do that
247 * later.
248 */
249 last = NULL;
250 LIST_FOREACH(inp, &udb, inp_list) {
251 if ((inp->inp_vflag & INP_IPV6) == 0)
252 continue;
253 if (inp->in6p_lport != uh->uh_dport)
254 continue;
255 /*
256 * XXX: Do not check source port of incoming datagram
257 * unless inp_connect() has been called to bind the
258 * fport part of the 4-tuple; the source could be
259 * trying to talk to us with an ephemeral port.
260 */
261 if (inp->inp_fport != 0 &&
262 inp->inp_fport != uh->uh_sport)
263 continue;
264 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) {
265 if (!IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr,
266 &ip6->ip6_dst))
267 continue;
268 }
269 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr)) {
270 if (!IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr,
271 &ip6->ip6_src) ||
272 inp->in6p_fport != uh->uh_sport)
273 continue;
274 }
275
276 if (last != NULL) {
277 struct mbuf *n;
278
279 if ((n = m_copy(m, 0, M_COPYALL)) != NULL) {
280 INP_RLOCK(last);
281 udp6_append(last, n, off, &fromsa);
282 INP_RUNLOCK(last);
283 }
284 }
285 last = inp;
286 /*
287 * Don't look for additional matches if this one does
288 * not have either the SO_REUSEPORT or SO_REUSEADDR
289 * socket options set. This heuristic avoids
290 * searching through all pcbs in the common case of a
291 * non-shared port. It assumes that an application
292 * will never clear these options after setting them.
293 */
294 if ((last->inp_socket->so_options &
295 (SO_REUSEPORT|SO_REUSEADDR)) == 0)
296 break;
297 }
298
299 if (last == NULL) {
300 /*
301 * No matching pcb found; discard datagram. (No need
302 * to send an ICMP Port Unreachable for a broadcast
303 * or multicast datgram.)
304 */
305 udpstat.udps_noport++;
306 udpstat.udps_noportmcast++;
307 goto badheadlocked;
308 }
309 INP_RLOCK(last);
310 INP_INFO_RUNLOCK(&udbinfo);
311 udp6_append(last, m, off, &fromsa);
312 INP_RUNLOCK(last);
313 return (IPPROTO_DONE);
314 }
315 /*
316 * Locate pcb for datagram.
317 */
318 inp = in6_pcblookup_hash(&udbinfo, &ip6->ip6_src, uh->uh_sport,
319 &ip6->ip6_dst, uh->uh_dport, 1, m->m_pkthdr.rcvif);
320 if (inp == NULL) {
321 if (udp_log_in_vain) {
322 char ip6bufs[INET6_ADDRSTRLEN];
323 char ip6bufd[INET6_ADDRSTRLEN];
324
325 log(LOG_INFO,
326 "Connection attempt to UDP [%s]:%d from [%s]:%d\n",
327 ip6_sprintf(ip6bufd, &ip6->ip6_dst),
328 ntohs(uh->uh_dport),
329 ip6_sprintf(ip6bufs, &ip6->ip6_src),
330 ntohs(uh->uh_sport));
331 }
332 udpstat.udps_noport++;
333 if (m->m_flags & M_MCAST) {
334 printf("UDP6: M_MCAST is set in a unicast packet.\n");
335 udpstat.udps_noportmcast++;
336 goto badheadlocked;
337 }
338 INP_INFO_RUNLOCK(&udbinfo);
339 if (udp_blackhole)
340 goto badunlocked;
341 if (badport_bandlim(BANDLIM_ICMP6_UNREACH) < 0)
342 goto badunlocked;
343 icmp6_error(m, ICMP6_DST_UNREACH, ICMP6_DST_UNREACH_NOPORT, 0);
344 return (IPPROTO_DONE);
345 }
346 INP_RLOCK(inp);
347 INP_INFO_RUNLOCK(&udbinfo);
348 udp6_append(inp, m, off, &fromsa);
349 INP_RUNLOCK(inp);
350 return (IPPROTO_DONE);
351
352 badheadlocked:
353 INP_INFO_RUNLOCK(&udbinfo);
354 badunlocked:
355 if (m)
356 m_freem(m);
357 return (IPPROTO_DONE);
358 }
359
360 void
361 udp6_ctlinput(int cmd, struct sockaddr *sa, void *d)
362 {
363 struct udphdr uh;
364 struct ip6_hdr *ip6;
365 struct mbuf *m;
366 int off = 0;
367 struct ip6ctlparam *ip6cp = NULL;
368 const struct sockaddr_in6 *sa6_src = NULL;
369 void *cmdarg;
370 struct inpcb *(*notify)(struct inpcb *, int) = udp_notify;
371 struct udp_portonly {
372 u_int16_t uh_sport;
373 u_int16_t uh_dport;
374 } *uhp;
375
376 if (sa->sa_family != AF_INET6 ||
377 sa->sa_len != sizeof(struct sockaddr_in6))
378 return;
379
380 if ((unsigned)cmd >= PRC_NCMDS)
381 return;
382 if (PRC_IS_REDIRECT(cmd))
383 notify = in6_rtchange, d = NULL;
384 else if (cmd == PRC_HOSTDEAD)
385 d = NULL;
386 else if (inet6ctlerrmap[cmd] == 0)
387 return;
388
389 /* if the parameter is from icmp6, decode it. */
390 if (d != NULL) {
391 ip6cp = (struct ip6ctlparam *)d;
392 m = ip6cp->ip6c_m;
393 ip6 = ip6cp->ip6c_ip6;
394 off = ip6cp->ip6c_off;
395 cmdarg = ip6cp->ip6c_cmdarg;
396 sa6_src = ip6cp->ip6c_src;
397 } else {
398 m = NULL;
399 ip6 = NULL;
400 cmdarg = NULL;
401 sa6_src = &sa6_any;
402 }
403
404 if (ip6) {
405 /*
406 * XXX: We assume that when IPV6 is non NULL,
407 * M and OFF are valid.
408 */
409
410 /* Check if we can safely examine src and dst ports. */
411 if (m->m_pkthdr.len < off + sizeof(*uhp))
412 return;
413
414 bzero(&uh, sizeof(uh));
415 m_copydata(m, off, sizeof(*uhp), (caddr_t)&uh);
416
417 (void) in6_pcbnotify(&udbinfo, sa, uh.uh_dport,
418 (struct sockaddr *)ip6cp->ip6c_src, uh.uh_sport, cmd,
419 cmdarg, notify);
420 } else
421 (void) in6_pcbnotify(&udbinfo, sa, 0,
422 (const struct sockaddr *)sa6_src, 0, cmd, cmdarg, notify);
423 }
424
425 static int
426 udp6_getcred(SYSCTL_HANDLER_ARGS)
427 {
428 struct xucred xuc;
429 struct sockaddr_in6 addrs[2];
430 struct inpcb *inp;
431 int error;
432
433 error = priv_check(req->td, PRIV_NETINET_GETCRED);
434 if (error)
435 return (error);
436
437 if (req->newlen != sizeof(addrs))
438 return (EINVAL);
439 if (req->oldlen != sizeof(struct xucred))
440 return (EINVAL);
441 error = SYSCTL_IN(req, addrs, sizeof(addrs));
442 if (error)
443 return (error);
444 if ((error = sa6_embedscope(&addrs[0], ip6_use_defzone)) != 0 ||
445 (error = sa6_embedscope(&addrs[1], ip6_use_defzone)) != 0) {
446 return (error);
447 }
448 INP_INFO_RLOCK(&udbinfo);
449 inp = in6_pcblookup_hash(&udbinfo, &addrs[1].sin6_addr,
450 addrs[1].sin6_port, &addrs[0].sin6_addr, addrs[0].sin6_port, 1,
451 NULL);
452 if (inp != NULL) {
453 INP_RLOCK(inp);
454 INP_INFO_RUNLOCK(&udbinfo);
455 if (inp->inp_socket == NULL)
456 error = ENOENT;
457 if (error == 0)
458 error = cr_canseesocket(req->td->td_ucred,
459 inp->inp_socket);
460 if (error == 0)
461 cru2x(inp->inp_cred, &xuc);
462 INP_RUNLOCK(inp);
463 } else {
464 INP_INFO_RUNLOCK(&udbinfo);
465 error = ENOENT;
466 }
467 if (error == 0)
468 error = SYSCTL_OUT(req, &xuc, sizeof(struct xucred));
469 return (error);
470 }
471
472 SYSCTL_PROC(_net_inet6_udp6, OID_AUTO, getcred, CTLTYPE_OPAQUE|CTLFLAG_RW, 0,
473 0, udp6_getcred, "S,xucred", "Get the xucred of a UDP6 connection");
474
475 static int
476 udp6_output(struct inpcb *inp, struct mbuf *m, struct sockaddr *addr6,
477 struct mbuf *control, struct thread *td)
478 {
479 u_int32_t ulen = m->m_pkthdr.len;
480 u_int32_t plen = sizeof(struct udphdr) + ulen;
481 struct ip6_hdr *ip6;
482 struct udphdr *udp6;
483 struct in6_addr *laddr, *faddr;
484 struct sockaddr_in6 *sin6 = NULL;
485 struct ifnet *oifp = NULL;
486 int scope_ambiguous = 0;
487 u_short fport;
488 int error = 0;
489 struct ip6_pktopts *optp, opt;
490 int af = AF_INET6, hlen = sizeof(struct ip6_hdr);
491 int flags;
492 struct sockaddr_in6 tmp;
493
494 INP_WLOCK_ASSERT(inp);
495
496 if (addr6) {
497 /* addr6 has been validated in udp6_send(). */
498 sin6 = (struct sockaddr_in6 *)addr6;
499
500 /* protect *sin6 from overwrites */
501 tmp = *sin6;
502 sin6 = &tmp;
503
504 /*
505 * Application should provide a proper zone ID or the use of
506 * default zone IDs should be enabled. Unfortunately, some
507 * applications do not behave as it should, so we need a
508 * workaround. Even if an appropriate ID is not determined,
509 * we'll see if we can determine the outgoing interface. If we
510 * can, determine the zone ID based on the interface below.
511 */
512 if (sin6->sin6_scope_id == 0 && !ip6_use_defzone)
513 scope_ambiguous = 1;
514 if ((error = sa6_embedscope(sin6, ip6_use_defzone)) != 0)
515 return (error);
516 }
517
518 if (control) {
519 if ((error = ip6_setpktopts(control, &opt,
520 inp->in6p_outputopts, td->td_ucred, IPPROTO_UDP)) != 0)
521 goto release;
522 optp = &opt;
523 } else
524 optp = inp->in6p_outputopts;
525
526 if (sin6) {
527 faddr = &sin6->sin6_addr;
528
529 /*
530 * IPv4 version of udp_output calls in_pcbconnect in this case,
531 * which needs splnet and affects performance.
532 * Since we saw no essential reason for calling in_pcbconnect,
533 * we get rid of such kind of logic, and call in6_selectsrc
534 * and in6_pcbsetport in order to fill in the local address
535 * and the local port.
536 */
537 if (sin6->sin6_port == 0) {
538 error = EADDRNOTAVAIL;
539 goto release;
540 }
541
542 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr)) {
543 /* how about ::ffff:0.0.0.0 case? */
544 error = EISCONN;
545 goto release;
546 }
547
548 fport = sin6->sin6_port; /* allow 0 port */
549
550 if (IN6_IS_ADDR_V4MAPPED(faddr)) {
551 if ((inp->in6p_flags & IN6P_IPV6_V6ONLY)) {
552 /*
553 * I believe we should explicitly discard the
554 * packet when mapped addresses are disabled,
555 * rather than send the packet as an IPv6 one.
556 * If we chose the latter approach, the packet
557 * might be sent out on the wire based on the
558 * default route, the situation which we'd
559 * probably want to avoid.
560 * (20010421 jinmei@kame.net)
561 */
562 error = EINVAL;
563 goto release;
564 }
565 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr) &&
566 !IN6_IS_ADDR_V4MAPPED(&inp->in6p_laddr)) {
567 /*
568 * when remote addr is an IPv4-mapped address,
569 * local addr should not be an IPv6 address,
570 * since you cannot determine how to map IPv6
571 * source address to IPv4.
572 */
573 error = EINVAL;
574 goto release;
575 }
576
577 af = AF_INET;
578 }
579
580 if (!IN6_IS_ADDR_V4MAPPED(faddr)) {
581 laddr = in6_selectsrc(sin6, optp, inp, NULL,
582 td->td_ucred, &oifp, &error);
583 if (oifp && scope_ambiguous &&
584 (error = in6_setscope(&sin6->sin6_addr,
585 oifp, NULL))) {
586 goto release;
587 }
588 } else
589 laddr = &inp->in6p_laddr; /* XXX */
590 if (laddr == NULL) {
591 if (error == 0)
592 error = EADDRNOTAVAIL;
593 goto release;
594 }
595 if (inp->in6p_lport == 0 &&
596 (error = in6_pcbsetport(laddr, inp, td->td_ucred)) != 0)
597 goto release;
598 } else {
599 if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr)) {
600 error = ENOTCONN;
601 goto release;
602 }
603 if (IN6_IS_ADDR_V4MAPPED(&inp->in6p_faddr)) {
604 if ((inp->in6p_flags & IN6P_IPV6_V6ONLY)) {
605 /*
606 * XXX: this case would happen when the
607 * application sets the V6ONLY flag after
608 * connecting the foreign address.
609 * Such applications should be fixed,
610 * so we bark here.
611 */
612 log(LOG_INFO, "udp6_output: IPV6_V6ONLY "
613 "option was set for a connected socket\n");
614 error = EINVAL;
615 goto release;
616 } else
617 af = AF_INET;
618 }
619 laddr = &inp->in6p_laddr;
620 faddr = &inp->in6p_faddr;
621 fport = inp->in6p_fport;
622 }
623
624 if (af == AF_INET)
625 hlen = sizeof(struct ip);
626
627 /*
628 * Calculate data length and get a mbuf
629 * for UDP and IP6 headers.
630 */
631 M_PREPEND(m, hlen + sizeof(struct udphdr), M_DONTWAIT);
632 if (m == 0) {
633 error = ENOBUFS;
634 goto release;
635 }
636
637 /*
638 * Stuff checksum and output datagram.
639 */
640 udp6 = (struct udphdr *)(mtod(m, caddr_t) + hlen);
641 udp6->uh_sport = inp->in6p_lport; /* lport is always set in the PCB */
642 udp6->uh_dport = fport;
643 if (plen <= 0xffff)
644 udp6->uh_ulen = htons((u_short)plen);
645 else
646 udp6->uh_ulen = 0;
647 udp6->uh_sum = 0;
648
649 switch (af) {
650 case AF_INET6:
651 ip6 = mtod(m, struct ip6_hdr *);
652 ip6->ip6_flow = inp->in6p_flowinfo & IPV6_FLOWINFO_MASK;
653 ip6->ip6_vfc &= ~IPV6_VERSION_MASK;
654 ip6->ip6_vfc |= IPV6_VERSION;
655 #if 0 /* ip6_plen will be filled in ip6_output. */
656 ip6->ip6_plen = htons((u_short)plen);
657 #endif
658 ip6->ip6_nxt = IPPROTO_UDP;
659 ip6->ip6_hlim = in6_selecthlim(inp, NULL);
660 ip6->ip6_src = *laddr;
661 ip6->ip6_dst = *faddr;
662
663 if ((udp6->uh_sum = in6_cksum(m, IPPROTO_UDP,
664 sizeof(struct ip6_hdr), plen)) == 0) {
665 udp6->uh_sum = 0xffff;
666 }
667
668 flags = 0;
669
670 udpstat.udps_opackets++;
671 error = ip6_output(m, optp, NULL, flags, inp->in6p_moptions,
672 NULL, inp);
673 break;
674 case AF_INET:
675 error = EAFNOSUPPORT;
676 goto release;
677 }
678 goto releaseopt;
679
680 release:
681 m_freem(m);
682
683 releaseopt:
684 if (control) {
685 ip6_clearpktopts(&opt, -1);
686 m_freem(control);
687 }
688 return (error);
689 }
690
691 static void
692 udp6_abort(struct socket *so)
693 {
694 struct inpcb *inp;
695
696 inp = sotoinpcb(so);
697 KASSERT(inp != NULL, ("udp6_abort: inp == NULL"));
698
699 #ifdef INET
700 if (inp->inp_vflag & INP_IPV4) {
701 struct pr_usrreqs *pru;
702
703 pru = inetsw[ip_protox[IPPROTO_UDP]].pr_usrreqs;
704 (*pru->pru_abort)(so);
705 return;
706 }
707 #endif
708
709 INP_INFO_WLOCK(&udbinfo);
710 INP_WLOCK(inp);
711 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr)) {
712 in6_pcbdisconnect(inp);
713 inp->in6p_laddr = in6addr_any;
714 soisdisconnected(so);
715 }
716 INP_WUNLOCK(inp);
717 INP_INFO_WUNLOCK(&udbinfo);
718 }
719
720 static int
721 udp6_attach(struct socket *so, int proto, struct thread *td)
722 {
723 struct inpcb *inp;
724 int error;
725
726 inp = sotoinpcb(so);
727 KASSERT(inp == NULL, ("udp6_attach: inp != NULL"));
728
729 if (so->so_snd.sb_hiwat == 0 || so->so_rcv.sb_hiwat == 0) {
730 error = soreserve(so, udp_sendspace, udp_recvspace);
731 if (error)
732 return (error);
733 }
734 INP_INFO_WLOCK(&udbinfo);
735 error = in_pcballoc(so, &udbinfo);
736 if (error) {
737 INP_INFO_WUNLOCK(&udbinfo);
738 return (error);
739 }
740 inp = (struct inpcb *)so->so_pcb;
741 INP_INFO_WUNLOCK(&udbinfo);
742 inp->inp_vflag |= INP_IPV6;
743 if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0)
744 inp->inp_vflag |= INP_IPV4;
745 inp->in6p_hops = -1; /* use kernel default */
746 inp->in6p_cksum = -1; /* just to be sure */
747 /*
748 * XXX: ugly!!
749 * IPv4 TTL initialization is necessary for an IPv6 socket as well,
750 * because the socket may be bound to an IPv6 wildcard address,
751 * which may match an IPv4-mapped IPv6 address.
752 */
753 inp->inp_ip_ttl = ip_defttl;
754 INP_WUNLOCK(inp);
755 return (0);
756 }
757
758 static int
759 udp6_bind(struct socket *so, struct sockaddr *nam, struct thread *td)
760 {
761 struct inpcb *inp;
762 int error;
763
764 inp = sotoinpcb(so);
765 KASSERT(inp != NULL, ("udp6_bind: inp == NULL"));
766
767 INP_INFO_WLOCK(&udbinfo);
768 INP_WLOCK(inp);
769 inp->inp_vflag &= ~INP_IPV4;
770 inp->inp_vflag |= INP_IPV6;
771 if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0) {
772 struct sockaddr_in6 *sin6_p;
773
774 sin6_p = (struct sockaddr_in6 *)nam;
775
776 if (IN6_IS_ADDR_UNSPECIFIED(&sin6_p->sin6_addr))
777 inp->inp_vflag |= INP_IPV4;
778 else if (IN6_IS_ADDR_V4MAPPED(&sin6_p->sin6_addr)) {
779 struct sockaddr_in sin;
780
781 in6_sin6_2_sin(&sin, sin6_p);
782 inp->inp_vflag |= INP_IPV4;
783 inp->inp_vflag &= ~INP_IPV6;
784 error = in_pcbbind(inp, (struct sockaddr *)&sin,
785 td->td_ucred);
786 goto out;
787 }
788 }
789
790 error = in6_pcbbind(inp, nam, td->td_ucred);
791 out:
792 INP_WUNLOCK(inp);
793 INP_INFO_WUNLOCK(&udbinfo);
794 return (error);
795 }
796
797 static void
798 udp6_close(struct socket *so)
799 {
800 struct inpcb *inp;
801
802 inp = sotoinpcb(so);
803 KASSERT(inp != NULL, ("udp6_close: inp == NULL"));
804
805 #ifdef INET
806 if (inp->inp_vflag & INP_IPV4) {
807 struct pr_usrreqs *pru;
808
809 pru = inetsw[ip_protox[IPPROTO_UDP]].pr_usrreqs;
810 (*pru->pru_disconnect)(so);
811 return;
812 }
813 #endif
814 INP_INFO_WLOCK(&udbinfo);
815 INP_WLOCK(inp);
816 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr)) {
817 in6_pcbdisconnect(inp);
818 inp->in6p_laddr = in6addr_any;
819 soisdisconnected(so);
820 }
821 INP_WUNLOCK(inp);
822 INP_INFO_WUNLOCK(&udbinfo);
823 }
824
825 static int
826 udp6_connect(struct socket *so, struct sockaddr *nam, struct thread *td)
827 {
828 struct inpcb *inp;
829 int error;
830
831 inp = sotoinpcb(so);
832 KASSERT(inp != NULL, ("udp6_connect: inp == NULL"));
833
834 INP_INFO_WLOCK(&udbinfo);
835 INP_WLOCK(inp);
836 if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0) {
837 struct sockaddr_in6 *sin6_p;
838
839 sin6_p = (struct sockaddr_in6 *)nam;
840 if (IN6_IS_ADDR_V4MAPPED(&sin6_p->sin6_addr)) {
841 struct sockaddr_in sin;
842
843 if (inp->inp_faddr.s_addr != INADDR_ANY) {
844 error = EISCONN;
845 goto out;
846 }
847 in6_sin6_2_sin(&sin, sin6_p);
848 error = in_pcbconnect(inp, (struct sockaddr *)&sin,
849 td->td_ucred);
850 if (error == 0) {
851 inp->inp_vflag |= INP_IPV4;
852 inp->inp_vflag &= ~INP_IPV6;
853 soisconnected(so);
854 }
855 goto out;
856 }
857 }
858 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr)) {
859 error = EISCONN;
860 goto out;
861 }
862 error = in6_pcbconnect(inp, nam, td->td_ucred);
863 if (error == 0) {
864 if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0) {
865 /* should be non mapped addr */
866 inp->inp_vflag &= ~INP_IPV4;
867 inp->inp_vflag |= INP_IPV6;
868 }
869 soisconnected(so);
870 }
871 out:
872 INP_WUNLOCK(inp);
873 INP_INFO_WUNLOCK(&udbinfo);
874 return (error);
875 }
876
877 static void
878 udp6_detach(struct socket *so)
879 {
880 struct inpcb *inp;
881
882 inp = sotoinpcb(so);
883 KASSERT(inp != NULL, ("udp6_detach: inp == NULL"));
884
885 INP_INFO_WLOCK(&udbinfo);
886 INP_WLOCK(inp);
887 in6_pcbdetach(inp);
888 in6_pcbfree(inp);
889 INP_INFO_WUNLOCK(&udbinfo);
890 }
891
892 static int
893 udp6_disconnect(struct socket *so)
894 {
895 struct inpcb *inp;
896 int error;
897
898 inp = sotoinpcb(so);
899 KASSERT(inp != NULL, ("udp6_disconnect: inp == NULL"));
900
901 INP_INFO_WLOCK(&udbinfo);
902 INP_WLOCK(inp);
903
904 #ifdef INET
905 if (inp->inp_vflag & INP_IPV4) {
906 struct pr_usrreqs *pru;
907
908 pru = inetsw[ip_protox[IPPROTO_UDP]].pr_usrreqs;
909 error = (*pru->pru_disconnect)(so);
910 goto out;
911 }
912 #endif
913
914 if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr)) {
915 error = ENOTCONN;
916 goto out;
917 }
918
919 in6_pcbdisconnect(inp);
920 inp->in6p_laddr = in6addr_any;
921 SOCK_LOCK(so);
922 so->so_state &= ~SS_ISCONNECTED; /* XXX */
923 SOCK_UNLOCK(so);
924 out:
925 INP_WUNLOCK(inp);
926 INP_INFO_WUNLOCK(&udbinfo);
927 return (0);
928 }
929
930 static int
931 udp6_send(struct socket *so, int flags, struct mbuf *m,
932 struct sockaddr *addr, struct mbuf *control, struct thread *td)
933 {
934 struct inpcb *inp;
935 int error = 0;
936
937 inp = sotoinpcb(so);
938 KASSERT(inp != NULL, ("udp6_send: inp == NULL"));
939
940 INP_INFO_WLOCK(&udbinfo);
941 INP_WLOCK(inp);
942 if (addr) {
943 if (addr->sa_len != sizeof(struct sockaddr_in6)) {
944 error = EINVAL;
945 goto bad;
946 }
947 if (addr->sa_family != AF_INET6) {
948 error = EAFNOSUPPORT;
949 goto bad;
950 }
951 }
952
953 #ifdef INET
954 if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0) {
955 int hasv4addr;
956 struct sockaddr_in6 *sin6 = 0;
957
958 if (addr == 0)
959 hasv4addr = (inp->inp_vflag & INP_IPV4);
960 else {
961 sin6 = (struct sockaddr_in6 *)addr;
962 hasv4addr = IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)
963 ? 1 : 0;
964 }
965 if (hasv4addr) {
966 struct pr_usrreqs *pru;
967
968 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr) &&
969 !IN6_IS_ADDR_V4MAPPED(&inp->in6p_laddr)) {
970 /*
971 * When remote addr is IPv4-mapped address,
972 * local addr should not be an IPv6 address;
973 * since you cannot determine how to map IPv6
974 * source address to IPv4.
975 */
976 error = EINVAL;
977 goto out;
978 }
979
980 /*
981 * XXXRW: We release UDP-layer locks before calling
982 * udp_send() in order to avoid recursion. However,
983 * this does mean there is a short window where inp's
984 * fields are unstable. Could this lead to a
985 * potential race in which the factors causing us to
986 * select the UDPv4 output routine are invalidated?
987 */
988 INP_WUNLOCK(inp);
989 INP_INFO_WUNLOCK(&udbinfo);
990 if (sin6)
991 in6_sin6_2_sin_in_sock(addr);
992 pru = inetsw[ip_protox[IPPROTO_UDP]].pr_usrreqs;
993 /* addr will just be freed in sendit(). */
994 return ((*pru->pru_send)(so, flags, m, addr, control,
995 td));
996 }
997 }
998 #endif
999 #ifdef MAC
1000 mac_create_mbuf_from_inpcb(inp, m);
1001 #endif
1002 error = udp6_output(inp, m, addr, control, td);
1003 out:
1004 INP_WUNLOCK(inp);
1005 INP_INFO_WUNLOCK(&udbinfo);
1006 return (error);
1007
1008 bad:
1009 INP_WUNLOCK(inp);
1010 INP_INFO_WUNLOCK(&udbinfo);
1011 m_freem(m);
1012 return (error);
1013 }
1014
1015 struct pr_usrreqs udp6_usrreqs = {
1016 .pru_abort = udp6_abort,
1017 .pru_attach = udp6_attach,
1018 .pru_bind = udp6_bind,
1019 .pru_connect = udp6_connect,
1020 .pru_control = in6_control,
1021 .pru_detach = udp6_detach,
1022 .pru_disconnect = udp6_disconnect,
1023 .pru_peeraddr = in6_mapped_peeraddr,
1024 .pru_send = udp6_send,
1025 .pru_shutdown = udp_shutdown,
1026 .pru_sockaddr = in6_mapped_sockaddr,
1027 .pru_sosend = sosend_dgram,
1028 .pru_sosetlabel = in_pcbsosetlabel,
1029 .pru_close = udp6_close
1030 };
Cache object: 265296eea05fd6d92b9905ec6efd3b42
|