1/*-
2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. Neither the name of the project nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 */
29
30/*-
31 * Copyright (c) 1982, 1986, 1988, 1993
32 * The Regents of the University of California.
33 * All rights reserved.
34 *
35 * Redistribution and use in source and binary forms, with or without
36 * modification, are permitted provided that the following conditions
37 * are met:
38 * 1. Redistributions of source code must retain the above copyright
39 * notice, this list of conditions and the following disclaimer.
40 * 2. Redistributions in binary form must reproduce the above copyright
41 * notice, this list of conditions and the following disclaimer in the
42 * documentation and/or other materials provided with the distribution.
43 * 4. Neither the name of the University nor the names of its contributors
44 * may be used to endorse or promote products derived from this software
45 * without specific prior written permission.
46 *
47 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
48 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
49 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
50 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
51 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
52 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
53 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
54 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
55 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
56 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
57 * SUCH DAMAGE.
58 *
59 * @(#)raw_ip.c 8.2 (Berkeley) 1/4/94
60 */
61
62#include <sys/cdefs.h>
63__FBSDID("$FreeBSD: head/sys/netinet6/raw_ip6.c 188144 2009-02-05 14:06:09Z jamie $");
64
65#include "opt_ipsec.h"
66#include "opt_inet6.h"
67
68#include <sys/param.h>
69#include <sys/errno.h>
70#include <sys/jail.h>
71#include <sys/lock.h>
72#include <sys/malloc.h>
73#include <sys/mbuf.h>
74#include <sys/priv.h>
75#include <sys/proc.h>
76#include <sys/protosw.h>
77#include <sys/signalvar.h>
78#include <sys/socket.h>
79#include <sys/socketvar.h>
80#include <sys/sx.h>
81#include <sys/syslog.h>
82#include <sys/vimage.h>
83
84#include <net/if.h>
85#include <net/if_types.h>
86#include <net/route.h>
87#include <net/vnet.h>
88
89#include <netinet/in.h>
90#include <netinet/in_var.h>
91#include <netinet/in_systm.h>
92#include <netinet/in_pcb.h>
93#include <netinet/vinet.h>
94
95#include <netinet/icmp6.h>
96#include <netinet/ip6.h>
97#include <netinet6/ip6protosw.h>
98#include <netinet6/ip6_mroute.h>
99#include <netinet6/in6_pcb.h>
100#include <netinet6/ip6_var.h>
101#include <netinet6/nd6.h>
102#include <netinet6/raw_ip6.h>
103#include <netinet6/scope6_var.h>
104#include <netinet6/vinet6.h>
105
106#ifdef IPSEC
107#include <netipsec/ipsec.h>
108#include <netipsec/ipsec6.h>
109#endif /* IPSEC */
110
111#include <machine/stdarg.h>
112
113#define satosin6(sa) ((struct sockaddr_in6 *)(sa))
114#define ifatoia6(ifa) ((struct in6_ifaddr *)(ifa))
115
116/*
117 * Raw interface to IP6 protocol.
118 */
119
120#ifdef VIMAGE_GLOBALS
121extern struct inpcbhead ripcb;
122extern struct inpcbinfo ripcbinfo;
123struct rip6stat rip6stat;
124#endif
125
126extern u_long rip_sendspace;
127extern u_long rip_recvspace;
128
129/*
130 * Hooks for multicast forwarding.
131 */
132struct socket *ip6_mrouter = NULL;
133int (*ip6_mrouter_set)(struct socket *, struct sockopt *);
134int (*ip6_mrouter_get)(struct socket *, struct sockopt *);
135int (*ip6_mrouter_done)(void);
136int (*ip6_mforward)(struct ip6_hdr *, struct ifnet *, struct mbuf *);
137int (*mrt6_ioctl)(int, caddr_t);
138
139/*
140 * Setup generic address and protocol structures for raw_input routine, then
141 * pass them along with mbuf chain.
142 */
143int
144rip6_input(struct mbuf **mp, int *offp, int proto)
145{
146 INIT_VNET_INET(curvnet);
147 INIT_VNET_INET6(curvnet);
148#ifdef IPSEC
149 INIT_VNET_IPSEC(curvnet);
150#endif
151 struct mbuf *m = *mp;
152 register struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
153 register struct inpcb *in6p;
154 struct inpcb *last = 0;
155 struct mbuf *opts = NULL;
156 struct sockaddr_in6 fromsa;
157
158 V_rip6stat.rip6s_ipackets++;
159
160 if (faithprefix_p != NULL && (*faithprefix_p)(&ip6->ip6_dst)) {
161 /* XXX Send icmp6 host/port unreach? */
162 m_freem(m);
163 return (IPPROTO_DONE);
164 }
165
166 init_sin6(&fromsa, m); /* general init */
167
168 INP_INFO_RLOCK(&V_ripcbinfo);
169 LIST_FOREACH(in6p, &V_ripcb, inp_list) {
170 /* XXX inp locking */
171 if ((in6p->inp_vflag & INP_IPV6) == 0)
172 continue;
173 if (in6p->inp_ip_p &&
174 in6p->inp_ip_p != proto)
175 continue;
176 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) &&
177 !IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &ip6->ip6_dst))
178 continue;
179 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr) &&
180 !IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, &ip6->ip6_src))
181 continue;
182 if (prison_check_ip6(in6p->inp_cred, &ip6->ip6_dst) != 0)
183 continue;
184 INP_RLOCK(in6p);
185 if (in6p->in6p_cksum != -1) {
186 V_rip6stat.rip6s_isum++;
187 if (in6_cksum(m, proto, *offp,
188 m->m_pkthdr.len - *offp)) {
189 INP_RUNLOCK(in6p);
190 V_rip6stat.rip6s_badsum++;
191 continue;
192 }
193 }
194 if (last != NULL) {
195 struct mbuf *n = m_copy(m, 0, (int)M_COPYALL);
196
197#ifdef IPSEC
198 /*
199 * Check AH/ESP integrity.
200 */
201 if (n && ipsec6_in_reject(n, last)) {
202 m_freem(n);
203 V_ipsec6stat.in_polvio++;
204 /* Do not inject data into pcb. */
205 } else
206#endif /* IPSEC */
207 if (n) {
208 if (last->inp_flags & INP_CONTROLOPTS ||
209 last->inp_socket->so_options & SO_TIMESTAMP)
210 ip6_savecontrol(last, n, &opts);
211 /* strip intermediate headers */
212 m_adj(n, *offp);
213 if (sbappendaddr(&last->inp_socket->so_rcv,
214 (struct sockaddr *)&fromsa,
215 n, opts) == 0) {
216 m_freem(n);
217 if (opts)
218 m_freem(opts);
219 V_rip6stat.rip6s_fullsock++;
220 } else
221 sorwakeup(last->inp_socket);
222 opts = NULL;
223 }
224 INP_RUNLOCK(last);
225 }
226 last = in6p;
227 }
228 INP_INFO_RUNLOCK(&V_ripcbinfo);
229#ifdef IPSEC
230 /*
231 * Check AH/ESP integrity.
232 */
233 if ((last != NULL) && ipsec6_in_reject(m, last)) {
234 m_freem(m);
235 V_ipsec6stat.in_polvio++;
236 V_ip6stat.ip6s_delivered--;
237 /* Do not inject data into pcb. */
238 INP_RUNLOCK(last);
239 } else
240#endif /* IPSEC */
241 if (last != NULL) {
242 if (last->inp_flags & INP_CONTROLOPTS ||
243 last->inp_socket->so_options & SO_TIMESTAMP)
244 ip6_savecontrol(last, m, &opts);
245 /* Strip intermediate headers. */
246 m_adj(m, *offp);
247 if (sbappendaddr(&last->inp_socket->so_rcv,
248 (struct sockaddr *)&fromsa, m, opts) == 0) {
249 m_freem(m);
250 if (opts)
251 m_freem(opts);
252 V_rip6stat.rip6s_fullsock++;
253 } else
254 sorwakeup(last->inp_socket);
255 INP_RUNLOCK(last);
256 } else {
257 V_rip6stat.rip6s_nosock++;
258 if (m->m_flags & M_MCAST)
259 V_rip6stat.rip6s_nosockmcast++;
260 if (proto == IPPROTO_NONE)
261 m_freem(m);
262 else {
263 char *prvnxtp = ip6_get_prevhdr(m, *offp); /* XXX */
264 icmp6_error(m, ICMP6_PARAM_PROB,
265 ICMP6_PARAMPROB_NEXTHEADER,
266 prvnxtp - mtod(m, char *));
267 }
268 V_ip6stat.ip6s_delivered--;
269 }
270 return (IPPROTO_DONE);
271}
272
273void
274rip6_ctlinput(int cmd, struct sockaddr *sa, void *d)
275{
276 INIT_VNET_INET(curvnet);
277 struct ip6_hdr *ip6;
278 struct mbuf *m;
279 int off = 0;
280 struct ip6ctlparam *ip6cp = NULL;
281 const struct sockaddr_in6 *sa6_src = NULL;
282 void *cmdarg;
283 struct inpcb *(*notify)(struct inpcb *, int) = in6_rtchange;
284
285 if (sa->sa_family != AF_INET6 ||
286 sa->sa_len != sizeof(struct sockaddr_in6))
287 return;
288
289 if ((unsigned)cmd >= PRC_NCMDS)
290 return;
291 if (PRC_IS_REDIRECT(cmd))
292 notify = in6_rtchange, d = NULL;
293 else if (cmd == PRC_HOSTDEAD)
294 d = NULL;
295 else if (inet6ctlerrmap[cmd] == 0)
296 return;
297
298 /*
299 * If the parameter is from icmp6, decode it.
300 */
301 if (d != NULL) {
302 ip6cp = (struct ip6ctlparam *)d;
303 m = ip6cp->ip6c_m;
304 ip6 = ip6cp->ip6c_ip6;
305 off = ip6cp->ip6c_off;
306 cmdarg = ip6cp->ip6c_cmdarg;
307 sa6_src = ip6cp->ip6c_src;
308 } else {
309 m = NULL;
310 ip6 = NULL;
311 cmdarg = NULL;
312 sa6_src = &sa6_any;
313 }
314
315 (void) in6_pcbnotify(&V_ripcbinfo, sa, 0,
316 (const struct sockaddr *)sa6_src, 0, cmd, cmdarg, notify);
317}
318
319/*
320 * Generate IPv6 header and pass packet to ip6_output. Tack on options user
321 * may have setup with control call.
322 */
323int
324#if __STDC__
325rip6_output(struct mbuf *m, ...)
326#else
327rip6_output(m, va_alist)
328 struct mbuf *m;
329 va_dcl
330#endif
331{
332 INIT_VNET_INET6(curvnet);
333 struct mbuf *control;
334 struct socket *so;
335 struct sockaddr_in6 *dstsock;
336 struct in6_addr *dst;
337 struct ip6_hdr *ip6;
338 struct inpcb *in6p;
339 u_int plen = m->m_pkthdr.len;
340 int error = 0;
341 struct ip6_pktopts opt, *optp;
342 struct ifnet *oifp = NULL;
343 int type = 0, code = 0; /* for ICMPv6 output statistics only */
344 int scope_ambiguous = 0;
345 struct in6_addr *in6a;
346 va_list ap;
347
348 va_start(ap, m);
349 so = va_arg(ap, struct socket *);
350 dstsock = va_arg(ap, struct sockaddr_in6 *);
351 control = va_arg(ap, struct mbuf *);
352 va_end(ap);
353
354 in6p = sotoinpcb(so);
355 INP_WLOCK(in6p);
356
357 dst = &dstsock->sin6_addr;
358 if (control != NULL) {
359 if ((error = ip6_setpktopts(control, &opt,
360 in6p->in6p_outputopts, so->so_cred,
361 so->so_proto->pr_protocol)) != 0) {
362 goto bad;
363 }
364 optp = &opt;
365 } else
366 optp = in6p->in6p_outputopts;
367
368 /*
369 * Check and convert scope zone ID into internal form.
370 *
371 * XXX: we may still need to determine the zone later.
372 */
373 if (!(so->so_state & SS_ISCONNECTED)) {
374 if (dstsock->sin6_scope_id == 0 && !V_ip6_use_defzone)
375 scope_ambiguous = 1;
376 if ((error = sa6_embedscope(dstsock, V_ip6_use_defzone)) != 0)
377 goto bad;
378 }
379
380 /*
381 * For an ICMPv6 packet, we should know its type and code to update
382 * statistics.
383 */
384 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) {
385 struct icmp6_hdr *icmp6;
386 if (m->m_len < sizeof(struct icmp6_hdr) &&
387 (m = m_pullup(m, sizeof(struct icmp6_hdr))) == NULL) {
388 error = ENOBUFS;
389 goto bad;
390 }
391 icmp6 = mtod(m, struct icmp6_hdr *);
392 type = icmp6->icmp6_type;
393 code = icmp6->icmp6_code;
394 }
395
396 M_PREPEND(m, sizeof(*ip6), M_DONTWAIT);
397 if (m == NULL) {
398 error = ENOBUFS;
399 goto bad;
400 }
401 ip6 = mtod(m, struct ip6_hdr *);
402
403 /*
404 * Source address selection.
405 */
406 if ((in6a = in6_selectsrc(dstsock, optp, in6p, NULL, so->so_cred,
407 &oifp, &error)) == NULL) {
408 if (error == 0)
409 error = EADDRNOTAVAIL;
410 goto bad;
411 }
412 error = prison_get_ip6(in6p->inp_cred, in6a);
413 if (error != 0)
414 goto bad;
415 ip6->ip6_src = *in6a;
416
417 if (oifp && scope_ambiguous) {
418 /*
419 * Application should provide a proper zone ID or the use of
420 * default zone IDs should be enabled. Unfortunately, some
421 * applications do not behave as it should, so we need a
422 * workaround. Even if an appropriate ID is not determined
423 * (when it's required), if we can determine the outgoing
424 * interface. determine the zone ID based on the interface.
425 */
426 error = in6_setscope(&dstsock->sin6_addr, oifp, NULL);
427 if (error != 0)
428 goto bad;
429 }
430 ip6->ip6_dst = dstsock->sin6_addr;
431
432 /*
433 * Fill in the rest of the IPv6 header fields.
434 */
435 ip6->ip6_flow = (ip6->ip6_flow & ~IPV6_FLOWINFO_MASK) |
436 (in6p->inp_flow & IPV6_FLOWINFO_MASK);
437 ip6->ip6_vfc = (ip6->ip6_vfc & ~IPV6_VERSION_MASK) |
438 (IPV6_VERSION & IPV6_VERSION_MASK);
439
440 /*
441 * ip6_plen will be filled in ip6_output, so not fill it here.
442 */
443 ip6->ip6_nxt = in6p->inp_ip_p;
444 ip6->ip6_hlim = in6_selecthlim(in6p, oifp);
445
446 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6 ||
447 in6p->in6p_cksum != -1) {
448 struct mbuf *n;
449 int off;
450 u_int16_t *p;
451
452 /* Compute checksum. */
453 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6)
454 off = offsetof(struct icmp6_hdr, icmp6_cksum);
455 else
456 off = in6p->in6p_cksum;
457 if (plen < off + 1) {
458 error = EINVAL;
459 goto bad;
460 }
461 off += sizeof(struct ip6_hdr);
462
463 n = m;
464 while (n && n->m_len <= off) {
465 off -= n->m_len;
466 n = n->m_next;
467 }
468 if (!n)
469 goto bad;
470 p = (u_int16_t *)(mtod(n, caddr_t) + off);
471 *p = 0;
472 *p = in6_cksum(m, ip6->ip6_nxt, sizeof(*ip6), plen);
473 }
474
475 error = ip6_output(m, optp, NULL, 0, in6p->in6p_moptions, &oifp, in6p);
476 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) {
477 if (oifp)
478 icmp6_ifoutstat_inc(oifp, type, code);
479 V_icmp6stat.icp6s_outhist[type]++;
480 } else
481 V_rip6stat.rip6s_opackets++;
482
483 goto freectl;
484
485 bad:
486 if (m)
487 m_freem(m);
488
489 freectl:
490 if (control != NULL) {
491 ip6_clearpktopts(&opt, -1);
492 m_freem(control);
493 }
494 INP_WUNLOCK(in6p);
495 return (error);
496}
497
498/*
499 * Raw IPv6 socket option processing.
500 */
501int
502rip6_ctloutput(struct socket *so, struct sockopt *sopt)
503{
504 int error;
505
506 if (sopt->sopt_level == IPPROTO_ICMPV6)
507 /*
508 * XXX: is it better to call icmp6_ctloutput() directly
509 * from protosw?
510 */
511 return (icmp6_ctloutput(so, sopt));
512 else if (sopt->sopt_level != IPPROTO_IPV6)
513 return (EINVAL);
514
515 error = 0;
516
517 switch (sopt->sopt_dir) {
518 case SOPT_GET:
519 switch (sopt->sopt_name) {
520 case MRT6_INIT:
521 case MRT6_DONE:
522 case MRT6_ADD_MIF:
523 case MRT6_DEL_MIF:
524 case MRT6_ADD_MFC:
525 case MRT6_DEL_MFC:
526 case MRT6_PIM:
527 error = ip6_mrouter_get ? ip6_mrouter_get(so, sopt) :
528 EOPNOTSUPP;
529 break;
530 case IPV6_CHECKSUM:
531 error = ip6_raw_ctloutput(so, sopt);
532 break;
533 default:
534 error = ip6_ctloutput(so, sopt);
535 break;
536 }
537 break;
538
539 case SOPT_SET:
540 switch (sopt->sopt_name) {
541 case MRT6_INIT:
542 case MRT6_DONE:
543 case MRT6_ADD_MIF:
544 case MRT6_DEL_MIF:
545 case MRT6_ADD_MFC:
546 case MRT6_DEL_MFC:
547 case MRT6_PIM:
548 error = ip6_mrouter_set ? ip6_mrouter_set(so, sopt) :
549 EOPNOTSUPP;
550 break;
551 case IPV6_CHECKSUM:
552 error = ip6_raw_ctloutput(so, sopt);
553 break;
554 default:
555 error = ip6_ctloutput(so, sopt);
556 break;
557 }
558 break;
559 }
560
561 return (error);
562}
563
564static int
565rip6_attach(struct socket *so, int proto, struct thread *td)
566{
567 INIT_VNET_INET(so->so_vnet);
568 struct inpcb *inp;
569 struct icmp6_filter *filter;
570 int error;
571
572 inp = sotoinpcb(so);
573 KASSERT(inp == NULL, ("rip6_attach: inp != NULL"));
574
575 error = priv_check(td, PRIV_NETINET_RAW);
576 if (error)
577 return (error);
578 error = soreserve(so, rip_sendspace, rip_recvspace);
579 if (error)
580 return (error);
581 filter = malloc(sizeof(struct icmp6_filter), M_PCB, M_NOWAIT);
582 if (filter == NULL)
583 return (ENOMEM);
584 INP_INFO_WLOCK(&V_ripcbinfo);
585 error = in_pcballoc(so, &V_ripcbinfo);
586 if (error) {
587 INP_INFO_WUNLOCK(&V_ripcbinfo);
588 free(filter, M_PCB);
589 return (error);
590 }
591 inp = (struct inpcb *)so->so_pcb;
592 INP_INFO_WUNLOCK(&V_ripcbinfo);
593 inp->inp_vflag |= INP_IPV6;
594 inp->inp_ip_p = (long)proto;
595 inp->in6p_hops = -1; /* use kernel default */
596 inp->in6p_cksum = -1;
597 inp->in6p_icmp6filt = filter;
598 ICMP6_FILTER_SETPASSALL(inp->in6p_icmp6filt);
599 INP_WUNLOCK(inp);
600 return (0);
601}
602
603static void
604rip6_detach(struct socket *so)
605{
606 INIT_VNET_INET(so->so_vnet);
607 struct inpcb *inp;
608
609 inp = sotoinpcb(so);
610 KASSERT(inp != NULL, ("rip6_detach: inp == NULL"));
611
612 if (so == ip6_mrouter && ip6_mrouter_done)
613 ip6_mrouter_done();
614 /* xxx: RSVP */
615 INP_INFO_WLOCK(&V_ripcbinfo);
616 INP_WLOCK(inp);
617 free(inp->in6p_icmp6filt, M_PCB);
618 in_pcbdetach(inp);
619 in_pcbfree(inp);
620 INP_INFO_WUNLOCK(&V_ripcbinfo);
621}
622
623/* XXXRW: This can't ever be called. */
624static void
625rip6_abort(struct socket *so)
626{
627 struct inpcb *inp;
628
629 inp = sotoinpcb(so);
630 KASSERT(inp != NULL, ("rip6_abort: inp == NULL"));
631
632 soisdisconnected(so);
633}
634
635static void
636rip6_close(struct socket *so)
637{
638 struct inpcb *inp;
639
640 inp = sotoinpcb(so);
641 KASSERT(inp != NULL, ("rip6_close: inp == NULL"));
642
643 soisdisconnected(so);
644}
645
646static int
647rip6_disconnect(struct socket *so)
648{
649 struct inpcb *inp;
650
651 inp = sotoinpcb(so);
652 KASSERT(inp != NULL, ("rip6_disconnect: inp == NULL"));
653
654 if ((so->so_state & SS_ISCONNECTED) == 0)
655 return (ENOTCONN);
656 inp->in6p_faddr = in6addr_any;
657 rip6_abort(so);
658 return (0);
659}
660
661static int
662rip6_bind(struct socket *so, struct sockaddr *nam, struct thread *td)
663{
664 INIT_VNET_NET(so->so_vnet);
665 INIT_VNET_INET(so->so_vnet);
666 INIT_VNET_INET6(so->so_vnet);
667 struct inpcb *inp;
668 struct sockaddr_in6 *addr = (struct sockaddr_in6 *)nam;
669 struct ifaddr *ia = NULL;
670 int error = 0;
671
672 inp = sotoinpcb(so);
673 KASSERT(inp != NULL, ("rip6_bind: inp == NULL"));
674
675 if (nam->sa_len != sizeof(*addr))
676 return (EINVAL);
677 if ((error = prison_check_ip6(td->td_ucred, &addr->sin6_addr)) != 0)
678 return (error);
679 if (TAILQ_EMPTY(&V_ifnet) || addr->sin6_family != AF_INET6)
680 return (EADDRNOTAVAIL);
681 if ((error = sa6_embedscope(addr, V_ip6_use_defzone)) != 0)
682 return (error);
683
684 if (!IN6_IS_ADDR_UNSPECIFIED(&addr->sin6_addr) &&
685 (ia = ifa_ifwithaddr((struct sockaddr *)addr)) == 0)
686 return (EADDRNOTAVAIL);
687 if (ia &&
688 ((struct in6_ifaddr *)ia)->ia6_flags &
689 (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY|
690 IN6_IFF_DETACHED|IN6_IFF_DEPRECATED)) {
691 return (EADDRNOTAVAIL);
692 }
693 INP_INFO_WLOCK(&V_ripcbinfo);
694 INP_WLOCK(inp);
695 inp->in6p_laddr = addr->sin6_addr;
696 INP_WUNLOCK(inp);
697 INP_INFO_WUNLOCK(&V_ripcbinfo);
698 return (0);
699}
700
701static int
702rip6_connect(struct socket *so, struct sockaddr *nam, struct thread *td)
703{
704 INIT_VNET_NET(so->so_vnet);
705 INIT_VNET_INET(so->so_vnet);
706 INIT_VNET_INET6(so->so_vnet);
707 struct inpcb *inp;
708 struct sockaddr_in6 *addr = (struct sockaddr_in6 *)nam;
709 struct in6_addr *in6a = NULL;
710 struct ifnet *ifp = NULL;
711 int error = 0, scope_ambiguous = 0;
712
713 inp = sotoinpcb(so);
714 KASSERT(inp != NULL, ("rip6_connect: inp == NULL"));
715
716 if (nam->sa_len != sizeof(*addr))
717 return (EINVAL);
718 if (TAILQ_EMPTY(&V_ifnet))
719 return (EADDRNOTAVAIL);
720 if (addr->sin6_family != AF_INET6)
721 return (EAFNOSUPPORT);
722
723 /*
724 * Application should provide a proper zone ID or the use of default
725 * zone IDs should be enabled. Unfortunately, some applications do
726 * not behave as it should, so we need a workaround. Even if an
727 * appropriate ID is not determined, we'll see if we can determine
728 * the outgoing interface. If we can, determine the zone ID based on
729 * the interface below.
730 */
731 if (addr->sin6_scope_id == 0 && !V_ip6_use_defzone)
732 scope_ambiguous = 1;
733 if ((error = sa6_embedscope(addr, V_ip6_use_defzone)) != 0)
734 return (error);
735
736 INP_INFO_WLOCK(&V_ripcbinfo);
737 INP_WLOCK(inp);
738 /* Source address selection. XXX: need pcblookup? */
739 in6a = in6_selectsrc(addr, inp->in6p_outputopts,
740 inp, NULL, so->so_cred,
741 &ifp, &error);
742 if (in6a == NULL) {
743 INP_WUNLOCK(inp);
744 INP_INFO_WUNLOCK(&V_ripcbinfo);
745 return (error ? error : EADDRNOTAVAIL);
746 }
747
748 /* XXX: see above */
749 if (ifp && scope_ambiguous &&
750 (error = in6_setscope(&addr->sin6_addr, ifp, NULL)) != 0) {
751 INP_WUNLOCK(inp);
752 INP_INFO_WUNLOCK(&V_ripcbinfo);
753 return (error);
754 }
755 inp->in6p_faddr = addr->sin6_addr;
756 inp->in6p_laddr = *in6a;
757 soisconnected(so);
758 INP_WUNLOCK(inp);
759 INP_INFO_WUNLOCK(&V_ripcbinfo);
760 return (0);
761}
762
763static int
764rip6_shutdown(struct socket *so)
765{
766 struct inpcb *inp;
767
768 inp = sotoinpcb(so);
769 KASSERT(inp != NULL, ("rip6_shutdown: inp == NULL"));
770
771 INP_WLOCK(inp);
772 socantsendmore(so);
773 INP_WUNLOCK(inp);
774 return (0);
775}
776
777static int
778rip6_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam,
779 struct mbuf *control, struct thread *td)
780{
781 struct inpcb *inp;
782 struct sockaddr_in6 tmp;
783 struct sockaddr_in6 *dst;
784 int ret;
785
786 inp = sotoinpcb(so);
787 KASSERT(inp != NULL, ("rip6_send: inp == NULL"));
788
789 /* Always copy sockaddr to avoid overwrites. */
790 /* Unlocked read. */
791 if (so->so_state & SS_ISCONNECTED) {
792 if (nam) {
793 m_freem(m);
794 return (EISCONN);
795 }
796 /* XXX */
797 bzero(&tmp, sizeof(tmp));
798 tmp.sin6_family = AF_INET6;
799 tmp.sin6_len = sizeof(struct sockaddr_in6);
800 INP_RLOCK(inp);
801 bcopy(&inp->in6p_faddr, &tmp.sin6_addr,
802 sizeof(struct in6_addr));
803 INP_RUNLOCK(inp);
804 dst = &tmp;
805 } else {
806 if (nam == NULL) {
807 m_freem(m);
808 return (ENOTCONN);
809 }
810 if (nam->sa_len != sizeof(struct sockaddr_in6)) {
811 m_freem(m);
812 return (EINVAL);
813 }
814 tmp = *(struct sockaddr_in6 *)nam;
815 dst = &tmp;
816
817 if (dst->sin6_family == AF_UNSPEC) {
818 /*
819 * XXX: we allow this case for backward
820 * compatibility to buggy applications that
821 * rely on old (and wrong) kernel behavior.
822 */
823 log(LOG_INFO, "rip6 SEND: address family is "
824 "unspec. Assume AF_INET6\n");
825 dst->sin6_family = AF_INET6;
826 } else if (dst->sin6_family != AF_INET6) {
827 m_freem(m);
828 return(EAFNOSUPPORT);
829 }
830 }
831 ret = rip6_output(m, so, dst, control);
832 return (ret);
833}
834
835struct pr_usrreqs rip6_usrreqs = {
836 .pru_abort = rip6_abort,
837 .pru_attach = rip6_attach,
838 .pru_bind = rip6_bind,
839 .pru_connect = rip6_connect,
840 .pru_control = in6_control,
841 .pru_detach = rip6_detach,
842 .pru_disconnect = rip6_disconnect,
843 .pru_peeraddr = in6_getpeeraddr,
844 .pru_send = rip6_send,
845 .pru_shutdown = rip6_shutdown,
846 .pru_sockaddr = in6_getsockaddr,
847 .pru_close = rip6_close,
848};
2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. Neither the name of the project nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 */
29
30/*-
31 * Copyright (c) 1982, 1986, 1988, 1993
32 * The Regents of the University of California.
33 * All rights reserved.
34 *
35 * Redistribution and use in source and binary forms, with or without
36 * modification, are permitted provided that the following conditions
37 * are met:
38 * 1. Redistributions of source code must retain the above copyright
39 * notice, this list of conditions and the following disclaimer.
40 * 2. Redistributions in binary form must reproduce the above copyright
41 * notice, this list of conditions and the following disclaimer in the
42 * documentation and/or other materials provided with the distribution.
43 * 4. Neither the name of the University nor the names of its contributors
44 * may be used to endorse or promote products derived from this software
45 * without specific prior written permission.
46 *
47 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
48 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
49 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
50 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
51 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
52 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
53 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
54 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
55 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
56 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
57 * SUCH DAMAGE.
58 *
59 * @(#)raw_ip.c 8.2 (Berkeley) 1/4/94
60 */
61
62#include <sys/cdefs.h>
63__FBSDID("$FreeBSD: head/sys/netinet6/raw_ip6.c 188144 2009-02-05 14:06:09Z jamie $");
64
65#include "opt_ipsec.h"
66#include "opt_inet6.h"
67
68#include <sys/param.h>
69#include <sys/errno.h>
70#include <sys/jail.h>
71#include <sys/lock.h>
72#include <sys/malloc.h>
73#include <sys/mbuf.h>
74#include <sys/priv.h>
75#include <sys/proc.h>
76#include <sys/protosw.h>
77#include <sys/signalvar.h>
78#include <sys/socket.h>
79#include <sys/socketvar.h>
80#include <sys/sx.h>
81#include <sys/syslog.h>
82#include <sys/vimage.h>
83
84#include <net/if.h>
85#include <net/if_types.h>
86#include <net/route.h>
87#include <net/vnet.h>
88
89#include <netinet/in.h>
90#include <netinet/in_var.h>
91#include <netinet/in_systm.h>
92#include <netinet/in_pcb.h>
93#include <netinet/vinet.h>
94
95#include <netinet/icmp6.h>
96#include <netinet/ip6.h>
97#include <netinet6/ip6protosw.h>
98#include <netinet6/ip6_mroute.h>
99#include <netinet6/in6_pcb.h>
100#include <netinet6/ip6_var.h>
101#include <netinet6/nd6.h>
102#include <netinet6/raw_ip6.h>
103#include <netinet6/scope6_var.h>
104#include <netinet6/vinet6.h>
105
106#ifdef IPSEC
107#include <netipsec/ipsec.h>
108#include <netipsec/ipsec6.h>
109#endif /* IPSEC */
110
111#include <machine/stdarg.h>
112
113#define satosin6(sa) ((struct sockaddr_in6 *)(sa))
114#define ifatoia6(ifa) ((struct in6_ifaddr *)(ifa))
115
116/*
117 * Raw interface to IP6 protocol.
118 */
119
120#ifdef VIMAGE_GLOBALS
121extern struct inpcbhead ripcb;
122extern struct inpcbinfo ripcbinfo;
123struct rip6stat rip6stat;
124#endif
125
126extern u_long rip_sendspace;
127extern u_long rip_recvspace;
128
129/*
130 * Hooks for multicast forwarding.
131 */
132struct socket *ip6_mrouter = NULL;
133int (*ip6_mrouter_set)(struct socket *, struct sockopt *);
134int (*ip6_mrouter_get)(struct socket *, struct sockopt *);
135int (*ip6_mrouter_done)(void);
136int (*ip6_mforward)(struct ip6_hdr *, struct ifnet *, struct mbuf *);
137int (*mrt6_ioctl)(int, caddr_t);
138
139/*
140 * Setup generic address and protocol structures for raw_input routine, then
141 * pass them along with mbuf chain.
142 */
143int
144rip6_input(struct mbuf **mp, int *offp, int proto)
145{
146 INIT_VNET_INET(curvnet);
147 INIT_VNET_INET6(curvnet);
148#ifdef IPSEC
149 INIT_VNET_IPSEC(curvnet);
150#endif
151 struct mbuf *m = *mp;
152 register struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
153 register struct inpcb *in6p;
154 struct inpcb *last = 0;
155 struct mbuf *opts = NULL;
156 struct sockaddr_in6 fromsa;
157
158 V_rip6stat.rip6s_ipackets++;
159
160 if (faithprefix_p != NULL && (*faithprefix_p)(&ip6->ip6_dst)) {
161 /* XXX Send icmp6 host/port unreach? */
162 m_freem(m);
163 return (IPPROTO_DONE);
164 }
165
166 init_sin6(&fromsa, m); /* general init */
167
168 INP_INFO_RLOCK(&V_ripcbinfo);
169 LIST_FOREACH(in6p, &V_ripcb, inp_list) {
170 /* XXX inp locking */
171 if ((in6p->inp_vflag & INP_IPV6) == 0)
172 continue;
173 if (in6p->inp_ip_p &&
174 in6p->inp_ip_p != proto)
175 continue;
176 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) &&
177 !IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &ip6->ip6_dst))
178 continue;
179 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr) &&
180 !IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, &ip6->ip6_src))
181 continue;
182 if (prison_check_ip6(in6p->inp_cred, &ip6->ip6_dst) != 0)
183 continue;
184 INP_RLOCK(in6p);
185 if (in6p->in6p_cksum != -1) {
186 V_rip6stat.rip6s_isum++;
187 if (in6_cksum(m, proto, *offp,
188 m->m_pkthdr.len - *offp)) {
189 INP_RUNLOCK(in6p);
190 V_rip6stat.rip6s_badsum++;
191 continue;
192 }
193 }
194 if (last != NULL) {
195 struct mbuf *n = m_copy(m, 0, (int)M_COPYALL);
196
197#ifdef IPSEC
198 /*
199 * Check AH/ESP integrity.
200 */
201 if (n && ipsec6_in_reject(n, last)) {
202 m_freem(n);
203 V_ipsec6stat.in_polvio++;
204 /* Do not inject data into pcb. */
205 } else
206#endif /* IPSEC */
207 if (n) {
208 if (last->inp_flags & INP_CONTROLOPTS ||
209 last->inp_socket->so_options & SO_TIMESTAMP)
210 ip6_savecontrol(last, n, &opts);
211 /* strip intermediate headers */
212 m_adj(n, *offp);
213 if (sbappendaddr(&last->inp_socket->so_rcv,
214 (struct sockaddr *)&fromsa,
215 n, opts) == 0) {
216 m_freem(n);
217 if (opts)
218 m_freem(opts);
219 V_rip6stat.rip6s_fullsock++;
220 } else
221 sorwakeup(last->inp_socket);
222 opts = NULL;
223 }
224 INP_RUNLOCK(last);
225 }
226 last = in6p;
227 }
228 INP_INFO_RUNLOCK(&V_ripcbinfo);
229#ifdef IPSEC
230 /*
231 * Check AH/ESP integrity.
232 */
233 if ((last != NULL) && ipsec6_in_reject(m, last)) {
234 m_freem(m);
235 V_ipsec6stat.in_polvio++;
236 V_ip6stat.ip6s_delivered--;
237 /* Do not inject data into pcb. */
238 INP_RUNLOCK(last);
239 } else
240#endif /* IPSEC */
241 if (last != NULL) {
242 if (last->inp_flags & INP_CONTROLOPTS ||
243 last->inp_socket->so_options & SO_TIMESTAMP)
244 ip6_savecontrol(last, m, &opts);
245 /* Strip intermediate headers. */
246 m_adj(m, *offp);
247 if (sbappendaddr(&last->inp_socket->so_rcv,
248 (struct sockaddr *)&fromsa, m, opts) == 0) {
249 m_freem(m);
250 if (opts)
251 m_freem(opts);
252 V_rip6stat.rip6s_fullsock++;
253 } else
254 sorwakeup(last->inp_socket);
255 INP_RUNLOCK(last);
256 } else {
257 V_rip6stat.rip6s_nosock++;
258 if (m->m_flags & M_MCAST)
259 V_rip6stat.rip6s_nosockmcast++;
260 if (proto == IPPROTO_NONE)
261 m_freem(m);
262 else {
263 char *prvnxtp = ip6_get_prevhdr(m, *offp); /* XXX */
264 icmp6_error(m, ICMP6_PARAM_PROB,
265 ICMP6_PARAMPROB_NEXTHEADER,
266 prvnxtp - mtod(m, char *));
267 }
268 V_ip6stat.ip6s_delivered--;
269 }
270 return (IPPROTO_DONE);
271}
272
273void
274rip6_ctlinput(int cmd, struct sockaddr *sa, void *d)
275{
276 INIT_VNET_INET(curvnet);
277 struct ip6_hdr *ip6;
278 struct mbuf *m;
279 int off = 0;
280 struct ip6ctlparam *ip6cp = NULL;
281 const struct sockaddr_in6 *sa6_src = NULL;
282 void *cmdarg;
283 struct inpcb *(*notify)(struct inpcb *, int) = in6_rtchange;
284
285 if (sa->sa_family != AF_INET6 ||
286 sa->sa_len != sizeof(struct sockaddr_in6))
287 return;
288
289 if ((unsigned)cmd >= PRC_NCMDS)
290 return;
291 if (PRC_IS_REDIRECT(cmd))
292 notify = in6_rtchange, d = NULL;
293 else if (cmd == PRC_HOSTDEAD)
294 d = NULL;
295 else if (inet6ctlerrmap[cmd] == 0)
296 return;
297
298 /*
299 * If the parameter is from icmp6, decode it.
300 */
301 if (d != NULL) {
302 ip6cp = (struct ip6ctlparam *)d;
303 m = ip6cp->ip6c_m;
304 ip6 = ip6cp->ip6c_ip6;
305 off = ip6cp->ip6c_off;
306 cmdarg = ip6cp->ip6c_cmdarg;
307 sa6_src = ip6cp->ip6c_src;
308 } else {
309 m = NULL;
310 ip6 = NULL;
311 cmdarg = NULL;
312 sa6_src = &sa6_any;
313 }
314
315 (void) in6_pcbnotify(&V_ripcbinfo, sa, 0,
316 (const struct sockaddr *)sa6_src, 0, cmd, cmdarg, notify);
317}
318
319/*
320 * Generate IPv6 header and pass packet to ip6_output. Tack on options user
321 * may have setup with control call.
322 */
323int
324#if __STDC__
325rip6_output(struct mbuf *m, ...)
326#else
327rip6_output(m, va_alist)
328 struct mbuf *m;
329 va_dcl
330#endif
331{
332 INIT_VNET_INET6(curvnet);
333 struct mbuf *control;
334 struct socket *so;
335 struct sockaddr_in6 *dstsock;
336 struct in6_addr *dst;
337 struct ip6_hdr *ip6;
338 struct inpcb *in6p;
339 u_int plen = m->m_pkthdr.len;
340 int error = 0;
341 struct ip6_pktopts opt, *optp;
342 struct ifnet *oifp = NULL;
343 int type = 0, code = 0; /* for ICMPv6 output statistics only */
344 int scope_ambiguous = 0;
345 struct in6_addr *in6a;
346 va_list ap;
347
348 va_start(ap, m);
349 so = va_arg(ap, struct socket *);
350 dstsock = va_arg(ap, struct sockaddr_in6 *);
351 control = va_arg(ap, struct mbuf *);
352 va_end(ap);
353
354 in6p = sotoinpcb(so);
355 INP_WLOCK(in6p);
356
357 dst = &dstsock->sin6_addr;
358 if (control != NULL) {
359 if ((error = ip6_setpktopts(control, &opt,
360 in6p->in6p_outputopts, so->so_cred,
361 so->so_proto->pr_protocol)) != 0) {
362 goto bad;
363 }
364 optp = &opt;
365 } else
366 optp = in6p->in6p_outputopts;
367
368 /*
369 * Check and convert scope zone ID into internal form.
370 *
371 * XXX: we may still need to determine the zone later.
372 */
373 if (!(so->so_state & SS_ISCONNECTED)) {
374 if (dstsock->sin6_scope_id == 0 && !V_ip6_use_defzone)
375 scope_ambiguous = 1;
376 if ((error = sa6_embedscope(dstsock, V_ip6_use_defzone)) != 0)
377 goto bad;
378 }
379
380 /*
381 * For an ICMPv6 packet, we should know its type and code to update
382 * statistics.
383 */
384 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) {
385 struct icmp6_hdr *icmp6;
386 if (m->m_len < sizeof(struct icmp6_hdr) &&
387 (m = m_pullup(m, sizeof(struct icmp6_hdr))) == NULL) {
388 error = ENOBUFS;
389 goto bad;
390 }
391 icmp6 = mtod(m, struct icmp6_hdr *);
392 type = icmp6->icmp6_type;
393 code = icmp6->icmp6_code;
394 }
395
396 M_PREPEND(m, sizeof(*ip6), M_DONTWAIT);
397 if (m == NULL) {
398 error = ENOBUFS;
399 goto bad;
400 }
401 ip6 = mtod(m, struct ip6_hdr *);
402
403 /*
404 * Source address selection.
405 */
406 if ((in6a = in6_selectsrc(dstsock, optp, in6p, NULL, so->so_cred,
407 &oifp, &error)) == NULL) {
408 if (error == 0)
409 error = EADDRNOTAVAIL;
410 goto bad;
411 }
412 error = prison_get_ip6(in6p->inp_cred, in6a);
413 if (error != 0)
414 goto bad;
415 ip6->ip6_src = *in6a;
416
417 if (oifp && scope_ambiguous) {
418 /*
419 * Application should provide a proper zone ID or the use of
420 * default zone IDs should be enabled. Unfortunately, some
421 * applications do not behave as it should, so we need a
422 * workaround. Even if an appropriate ID is not determined
423 * (when it's required), if we can determine the outgoing
424 * interface. determine the zone ID based on the interface.
425 */
426 error = in6_setscope(&dstsock->sin6_addr, oifp, NULL);
427 if (error != 0)
428 goto bad;
429 }
430 ip6->ip6_dst = dstsock->sin6_addr;
431
432 /*
433 * Fill in the rest of the IPv6 header fields.
434 */
435 ip6->ip6_flow = (ip6->ip6_flow & ~IPV6_FLOWINFO_MASK) |
436 (in6p->inp_flow & IPV6_FLOWINFO_MASK);
437 ip6->ip6_vfc = (ip6->ip6_vfc & ~IPV6_VERSION_MASK) |
438 (IPV6_VERSION & IPV6_VERSION_MASK);
439
440 /*
441 * ip6_plen will be filled in ip6_output, so not fill it here.
442 */
443 ip6->ip6_nxt = in6p->inp_ip_p;
444 ip6->ip6_hlim = in6_selecthlim(in6p, oifp);
445
446 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6 ||
447 in6p->in6p_cksum != -1) {
448 struct mbuf *n;
449 int off;
450 u_int16_t *p;
451
452 /* Compute checksum. */
453 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6)
454 off = offsetof(struct icmp6_hdr, icmp6_cksum);
455 else
456 off = in6p->in6p_cksum;
457 if (plen < off + 1) {
458 error = EINVAL;
459 goto bad;
460 }
461 off += sizeof(struct ip6_hdr);
462
463 n = m;
464 while (n && n->m_len <= off) {
465 off -= n->m_len;
466 n = n->m_next;
467 }
468 if (!n)
469 goto bad;
470 p = (u_int16_t *)(mtod(n, caddr_t) + off);
471 *p = 0;
472 *p = in6_cksum(m, ip6->ip6_nxt, sizeof(*ip6), plen);
473 }
474
475 error = ip6_output(m, optp, NULL, 0, in6p->in6p_moptions, &oifp, in6p);
476 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) {
477 if (oifp)
478 icmp6_ifoutstat_inc(oifp, type, code);
479 V_icmp6stat.icp6s_outhist[type]++;
480 } else
481 V_rip6stat.rip6s_opackets++;
482
483 goto freectl;
484
485 bad:
486 if (m)
487 m_freem(m);
488
489 freectl:
490 if (control != NULL) {
491 ip6_clearpktopts(&opt, -1);
492 m_freem(control);
493 }
494 INP_WUNLOCK(in6p);
495 return (error);
496}
497
498/*
499 * Raw IPv6 socket option processing.
500 */
501int
502rip6_ctloutput(struct socket *so, struct sockopt *sopt)
503{
504 int error;
505
506 if (sopt->sopt_level == IPPROTO_ICMPV6)
507 /*
508 * XXX: is it better to call icmp6_ctloutput() directly
509 * from protosw?
510 */
511 return (icmp6_ctloutput(so, sopt));
512 else if (sopt->sopt_level != IPPROTO_IPV6)
513 return (EINVAL);
514
515 error = 0;
516
517 switch (sopt->sopt_dir) {
518 case SOPT_GET:
519 switch (sopt->sopt_name) {
520 case MRT6_INIT:
521 case MRT6_DONE:
522 case MRT6_ADD_MIF:
523 case MRT6_DEL_MIF:
524 case MRT6_ADD_MFC:
525 case MRT6_DEL_MFC:
526 case MRT6_PIM:
527 error = ip6_mrouter_get ? ip6_mrouter_get(so, sopt) :
528 EOPNOTSUPP;
529 break;
530 case IPV6_CHECKSUM:
531 error = ip6_raw_ctloutput(so, sopt);
532 break;
533 default:
534 error = ip6_ctloutput(so, sopt);
535 break;
536 }
537 break;
538
539 case SOPT_SET:
540 switch (sopt->sopt_name) {
541 case MRT6_INIT:
542 case MRT6_DONE:
543 case MRT6_ADD_MIF:
544 case MRT6_DEL_MIF:
545 case MRT6_ADD_MFC:
546 case MRT6_DEL_MFC:
547 case MRT6_PIM:
548 error = ip6_mrouter_set ? ip6_mrouter_set(so, sopt) :
549 EOPNOTSUPP;
550 break;
551 case IPV6_CHECKSUM:
552 error = ip6_raw_ctloutput(so, sopt);
553 break;
554 default:
555 error = ip6_ctloutput(so, sopt);
556 break;
557 }
558 break;
559 }
560
561 return (error);
562}
563
564static int
565rip6_attach(struct socket *so, int proto, struct thread *td)
566{
567 INIT_VNET_INET(so->so_vnet);
568 struct inpcb *inp;
569 struct icmp6_filter *filter;
570 int error;
571
572 inp = sotoinpcb(so);
573 KASSERT(inp == NULL, ("rip6_attach: inp != NULL"));
574
575 error = priv_check(td, PRIV_NETINET_RAW);
576 if (error)
577 return (error);
578 error = soreserve(so, rip_sendspace, rip_recvspace);
579 if (error)
580 return (error);
581 filter = malloc(sizeof(struct icmp6_filter), M_PCB, M_NOWAIT);
582 if (filter == NULL)
583 return (ENOMEM);
584 INP_INFO_WLOCK(&V_ripcbinfo);
585 error = in_pcballoc(so, &V_ripcbinfo);
586 if (error) {
587 INP_INFO_WUNLOCK(&V_ripcbinfo);
588 free(filter, M_PCB);
589 return (error);
590 }
591 inp = (struct inpcb *)so->so_pcb;
592 INP_INFO_WUNLOCK(&V_ripcbinfo);
593 inp->inp_vflag |= INP_IPV6;
594 inp->inp_ip_p = (long)proto;
595 inp->in6p_hops = -1; /* use kernel default */
596 inp->in6p_cksum = -1;
597 inp->in6p_icmp6filt = filter;
598 ICMP6_FILTER_SETPASSALL(inp->in6p_icmp6filt);
599 INP_WUNLOCK(inp);
600 return (0);
601}
602
603static void
604rip6_detach(struct socket *so)
605{
606 INIT_VNET_INET(so->so_vnet);
607 struct inpcb *inp;
608
609 inp = sotoinpcb(so);
610 KASSERT(inp != NULL, ("rip6_detach: inp == NULL"));
611
612 if (so == ip6_mrouter && ip6_mrouter_done)
613 ip6_mrouter_done();
614 /* xxx: RSVP */
615 INP_INFO_WLOCK(&V_ripcbinfo);
616 INP_WLOCK(inp);
617 free(inp->in6p_icmp6filt, M_PCB);
618 in_pcbdetach(inp);
619 in_pcbfree(inp);
620 INP_INFO_WUNLOCK(&V_ripcbinfo);
621}
622
623/* XXXRW: This can't ever be called. */
624static void
625rip6_abort(struct socket *so)
626{
627 struct inpcb *inp;
628
629 inp = sotoinpcb(so);
630 KASSERT(inp != NULL, ("rip6_abort: inp == NULL"));
631
632 soisdisconnected(so);
633}
634
635static void
636rip6_close(struct socket *so)
637{
638 struct inpcb *inp;
639
640 inp = sotoinpcb(so);
641 KASSERT(inp != NULL, ("rip6_close: inp == NULL"));
642
643 soisdisconnected(so);
644}
645
646static int
647rip6_disconnect(struct socket *so)
648{
649 struct inpcb *inp;
650
651 inp = sotoinpcb(so);
652 KASSERT(inp != NULL, ("rip6_disconnect: inp == NULL"));
653
654 if ((so->so_state & SS_ISCONNECTED) == 0)
655 return (ENOTCONN);
656 inp->in6p_faddr = in6addr_any;
657 rip6_abort(so);
658 return (0);
659}
660
661static int
662rip6_bind(struct socket *so, struct sockaddr *nam, struct thread *td)
663{
664 INIT_VNET_NET(so->so_vnet);
665 INIT_VNET_INET(so->so_vnet);
666 INIT_VNET_INET6(so->so_vnet);
667 struct inpcb *inp;
668 struct sockaddr_in6 *addr = (struct sockaddr_in6 *)nam;
669 struct ifaddr *ia = NULL;
670 int error = 0;
671
672 inp = sotoinpcb(so);
673 KASSERT(inp != NULL, ("rip6_bind: inp == NULL"));
674
675 if (nam->sa_len != sizeof(*addr))
676 return (EINVAL);
677 if ((error = prison_check_ip6(td->td_ucred, &addr->sin6_addr)) != 0)
678 return (error);
679 if (TAILQ_EMPTY(&V_ifnet) || addr->sin6_family != AF_INET6)
680 return (EADDRNOTAVAIL);
681 if ((error = sa6_embedscope(addr, V_ip6_use_defzone)) != 0)
682 return (error);
683
684 if (!IN6_IS_ADDR_UNSPECIFIED(&addr->sin6_addr) &&
685 (ia = ifa_ifwithaddr((struct sockaddr *)addr)) == 0)
686 return (EADDRNOTAVAIL);
687 if (ia &&
688 ((struct in6_ifaddr *)ia)->ia6_flags &
689 (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY|
690 IN6_IFF_DETACHED|IN6_IFF_DEPRECATED)) {
691 return (EADDRNOTAVAIL);
692 }
693 INP_INFO_WLOCK(&V_ripcbinfo);
694 INP_WLOCK(inp);
695 inp->in6p_laddr = addr->sin6_addr;
696 INP_WUNLOCK(inp);
697 INP_INFO_WUNLOCK(&V_ripcbinfo);
698 return (0);
699}
700
701static int
702rip6_connect(struct socket *so, struct sockaddr *nam, struct thread *td)
703{
704 INIT_VNET_NET(so->so_vnet);
705 INIT_VNET_INET(so->so_vnet);
706 INIT_VNET_INET6(so->so_vnet);
707 struct inpcb *inp;
708 struct sockaddr_in6 *addr = (struct sockaddr_in6 *)nam;
709 struct in6_addr *in6a = NULL;
710 struct ifnet *ifp = NULL;
711 int error = 0, scope_ambiguous = 0;
712
713 inp = sotoinpcb(so);
714 KASSERT(inp != NULL, ("rip6_connect: inp == NULL"));
715
716 if (nam->sa_len != sizeof(*addr))
717 return (EINVAL);
718 if (TAILQ_EMPTY(&V_ifnet))
719 return (EADDRNOTAVAIL);
720 if (addr->sin6_family != AF_INET6)
721 return (EAFNOSUPPORT);
722
723 /*
724 * Application should provide a proper zone ID or the use of default
725 * zone IDs should be enabled. Unfortunately, some applications do
726 * not behave as it should, so we need a workaround. Even if an
727 * appropriate ID is not determined, we'll see if we can determine
728 * the outgoing interface. If we can, determine the zone ID based on
729 * the interface below.
730 */
731 if (addr->sin6_scope_id == 0 && !V_ip6_use_defzone)
732 scope_ambiguous = 1;
733 if ((error = sa6_embedscope(addr, V_ip6_use_defzone)) != 0)
734 return (error);
735
736 INP_INFO_WLOCK(&V_ripcbinfo);
737 INP_WLOCK(inp);
738 /* Source address selection. XXX: need pcblookup? */
739 in6a = in6_selectsrc(addr, inp->in6p_outputopts,
740 inp, NULL, so->so_cred,
741 &ifp, &error);
742 if (in6a == NULL) {
743 INP_WUNLOCK(inp);
744 INP_INFO_WUNLOCK(&V_ripcbinfo);
745 return (error ? error : EADDRNOTAVAIL);
746 }
747
748 /* XXX: see above */
749 if (ifp && scope_ambiguous &&
750 (error = in6_setscope(&addr->sin6_addr, ifp, NULL)) != 0) {
751 INP_WUNLOCK(inp);
752 INP_INFO_WUNLOCK(&V_ripcbinfo);
753 return (error);
754 }
755 inp->in6p_faddr = addr->sin6_addr;
756 inp->in6p_laddr = *in6a;
757 soisconnected(so);
758 INP_WUNLOCK(inp);
759 INP_INFO_WUNLOCK(&V_ripcbinfo);
760 return (0);
761}
762
763static int
764rip6_shutdown(struct socket *so)
765{
766 struct inpcb *inp;
767
768 inp = sotoinpcb(so);
769 KASSERT(inp != NULL, ("rip6_shutdown: inp == NULL"));
770
771 INP_WLOCK(inp);
772 socantsendmore(so);
773 INP_WUNLOCK(inp);
774 return (0);
775}
776
777static int
778rip6_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam,
779 struct mbuf *control, struct thread *td)
780{
781 struct inpcb *inp;
782 struct sockaddr_in6 tmp;
783 struct sockaddr_in6 *dst;
784 int ret;
785
786 inp = sotoinpcb(so);
787 KASSERT(inp != NULL, ("rip6_send: inp == NULL"));
788
789 /* Always copy sockaddr to avoid overwrites. */
790 /* Unlocked read. */
791 if (so->so_state & SS_ISCONNECTED) {
792 if (nam) {
793 m_freem(m);
794 return (EISCONN);
795 }
796 /* XXX */
797 bzero(&tmp, sizeof(tmp));
798 tmp.sin6_family = AF_INET6;
799 tmp.sin6_len = sizeof(struct sockaddr_in6);
800 INP_RLOCK(inp);
801 bcopy(&inp->in6p_faddr, &tmp.sin6_addr,
802 sizeof(struct in6_addr));
803 INP_RUNLOCK(inp);
804 dst = &tmp;
805 } else {
806 if (nam == NULL) {
807 m_freem(m);
808 return (ENOTCONN);
809 }
810 if (nam->sa_len != sizeof(struct sockaddr_in6)) {
811 m_freem(m);
812 return (EINVAL);
813 }
814 tmp = *(struct sockaddr_in6 *)nam;
815 dst = &tmp;
816
817 if (dst->sin6_family == AF_UNSPEC) {
818 /*
819 * XXX: we allow this case for backward
820 * compatibility to buggy applications that
821 * rely on old (and wrong) kernel behavior.
822 */
823 log(LOG_INFO, "rip6 SEND: address family is "
824 "unspec. Assume AF_INET6\n");
825 dst->sin6_family = AF_INET6;
826 } else if (dst->sin6_family != AF_INET6) {
827 m_freem(m);
828 return(EAFNOSUPPORT);
829 }
830 }
831 ret = rip6_output(m, so, dst, control);
832 return (ret);
833}
834
835struct pr_usrreqs rip6_usrreqs = {
836 .pru_abort = rip6_abort,
837 .pru_attach = rip6_attach,
838 .pru_bind = rip6_bind,
839 .pru_connect = rip6_connect,
840 .pru_control = in6_control,
841 .pru_detach = rip6_detach,
842 .pru_disconnect = rip6_disconnect,
843 .pru_peeraddr = in6_getpeeraddr,
844 .pru_send = rip6_send,
845 .pru_shutdown = rip6_shutdown,
846 .pru_sockaddr = in6_getsockaddr,
847 .pru_close = rip6_close,
848};