1/*- 2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the project nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * $KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $ 30 */ 31 32/*- 33 * Copyright (c) 1982, 1986, 1991, 1993 34 * The Regents of the University of California. All rights reserved. 35 * 36 * Redistribution and use in source and binary forms, with or without 37 * modification, are permitted provided that the following conditions 38 * are met: 39 * 1. Redistributions of source code must retain the above copyright 40 * notice, this list of conditions and the following disclaimer. 41 * 2. Redistributions in binary form must reproduce the above copyright 42 * notice, this list of conditions and the following disclaimer in the 43 * documentation and/or other materials provided with the distribution. 44 * 4. Neither the name of the University nor the names of its contributors 45 * may be used to endorse or promote products derived from this software 46 * without specific prior written permission. 47 * 48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 58 * SUCH DAMAGE. 59 * 60 * @(#)in.c 8.2 (Berkeley) 11/15/93 61 */ 62 63#include <sys/cdefs.h>
| 1/*- 2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the project nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * $KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $ 30 */ 31 32/*- 33 * Copyright (c) 1982, 1986, 1991, 1993 34 * The Regents of the University of California. All rights reserved. 35 * 36 * Redistribution and use in source and binary forms, with or without 37 * modification, are permitted provided that the following conditions 38 * are met: 39 * 1. Redistributions of source code must retain the above copyright 40 * notice, this list of conditions and the following disclaimer. 41 * 2. Redistributions in binary form must reproduce the above copyright 42 * notice, this list of conditions and the following disclaimer in the 43 * documentation and/or other materials provided with the distribution. 44 * 4. Neither the name of the University nor the names of its contributors 45 * may be used to endorse or promote products derived from this software 46 * without specific prior written permission. 47 * 48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 58 * SUCH DAMAGE. 59 * 60 * @(#)in.c 8.2 (Berkeley) 11/15/93 61 */ 62 63#include <sys/cdefs.h>
|
64__FBSDID("$FreeBSD: head/sys/netinet6/in6.c 191340 2009-04-20 22:45:21Z rwatson $");
| 64__FBSDID("$FreeBSD: head/sys/netinet6/in6.c 191672 2009-04-29 19:19:13Z bms $");
|
65 66#include "opt_inet.h" 67#include "opt_inet6.h" 68#include "opt_route.h" 69 70#include <sys/param.h> 71#include <sys/errno.h> 72#include <sys/jail.h> 73#include <sys/malloc.h> 74#include <sys/socket.h> 75#include <sys/socketvar.h> 76#include <sys/sockio.h> 77#include <sys/systm.h> 78#include <sys/priv.h> 79#include <sys/proc.h> 80#include <sys/time.h> 81#include <sys/kernel.h> 82#include <sys/syslog.h> 83#include <sys/vimage.h> 84 85#include <net/if.h> 86#include <net/if_types.h> 87#include <net/route.h> 88#include <net/if_dl.h> 89#include <net/vnet.h> 90 91#include <netinet/in.h> 92#include <netinet/in_var.h> 93#include <net/if_llatbl.h> 94#include <netinet/if_ether.h> 95#include <netinet/in_systm.h> 96#include <netinet/ip.h> 97#include <netinet/in_pcb.h> 98 99#include <netinet/ip6.h> 100#include <netinet6/ip6_var.h> 101#include <netinet6/nd6.h> 102#include <netinet6/mld6_var.h> 103#include <netinet6/ip6_mroute.h> 104#include <netinet6/in6_ifattach.h> 105#include <netinet6/scope6_var.h> 106#include <netinet6/in6_pcb.h> 107#include <netinet6/vinet6.h> 108
| 65 66#include "opt_inet.h" 67#include "opt_inet6.h" 68#include "opt_route.h" 69 70#include <sys/param.h> 71#include <sys/errno.h> 72#include <sys/jail.h> 73#include <sys/malloc.h> 74#include <sys/socket.h> 75#include <sys/socketvar.h> 76#include <sys/sockio.h> 77#include <sys/systm.h> 78#include <sys/priv.h> 79#include <sys/proc.h> 80#include <sys/time.h> 81#include <sys/kernel.h> 82#include <sys/syslog.h> 83#include <sys/vimage.h> 84 85#include <net/if.h> 86#include <net/if_types.h> 87#include <net/route.h> 88#include <net/if_dl.h> 89#include <net/vnet.h> 90 91#include <netinet/in.h> 92#include <netinet/in_var.h> 93#include <net/if_llatbl.h> 94#include <netinet/if_ether.h> 95#include <netinet/in_systm.h> 96#include <netinet/ip.h> 97#include <netinet/in_pcb.h> 98 99#include <netinet/ip6.h> 100#include <netinet6/ip6_var.h> 101#include <netinet6/nd6.h> 102#include <netinet6/mld6_var.h> 103#include <netinet6/ip6_mroute.h> 104#include <netinet6/in6_ifattach.h> 105#include <netinet6/scope6_var.h> 106#include <netinet6/in6_pcb.h> 107#include <netinet6/vinet6.h> 108
|
109MALLOC_DEFINE(M_IP6MADDR, "in6_multi", "internet multicast address"); 110
| |
111/* 112 * Definitions of some costant IP6 addresses. 113 */ 114const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT; 115const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT; 116const struct in6_addr in6addr_nodelocal_allnodes = 117 IN6ADDR_NODELOCAL_ALLNODES_INIT; 118const struct in6_addr in6addr_linklocal_allnodes = 119 IN6ADDR_LINKLOCAL_ALLNODES_INIT; 120const struct in6_addr in6addr_linklocal_allrouters = 121 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT;
| 109/* 110 * Definitions of some costant IP6 addresses. 111 */ 112const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT; 113const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT; 114const struct in6_addr in6addr_nodelocal_allnodes = 115 IN6ADDR_NODELOCAL_ALLNODES_INIT; 116const struct in6_addr in6addr_linklocal_allnodes = 117 IN6ADDR_LINKLOCAL_ALLNODES_INIT; 118const struct in6_addr in6addr_linklocal_allrouters = 119 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT;
|
| 120const struct in6_addr in6addr_linklocal_allv2routers = 121 IN6ADDR_LINKLOCAL_ALLV2ROUTERS_INIT;
|
122 123const struct in6_addr in6mask0 = IN6MASK0; 124const struct in6_addr in6mask32 = IN6MASK32; 125const struct in6_addr in6mask64 = IN6MASK64; 126const struct in6_addr in6mask96 = IN6MASK96; 127const struct in6_addr in6mask128 = IN6MASK128; 128 129const struct sockaddr_in6 sa6_any = 130 { sizeof(sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0 }; 131 132static int in6_lifaddr_ioctl __P((struct socket *, u_long, caddr_t, 133 struct ifnet *, struct thread *)); 134static int in6_ifinit __P((struct ifnet *, struct in6_ifaddr *, 135 struct sockaddr_in6 *, int)); 136static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *); 137
| 122 123const struct in6_addr in6mask0 = IN6MASK0; 124const struct in6_addr in6mask32 = IN6MASK32; 125const struct in6_addr in6mask64 = IN6MASK64; 126const struct in6_addr in6mask96 = IN6MASK96; 127const struct in6_addr in6mask128 = IN6MASK128; 128 129const struct sockaddr_in6 sa6_any = 130 { sizeof(sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0 }; 131 132static int in6_lifaddr_ioctl __P((struct socket *, u_long, caddr_t, 133 struct ifnet *, struct thread *)); 134static int in6_ifinit __P((struct ifnet *, struct in6_ifaddr *, 135 struct sockaddr_in6 *, int)); 136static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *); 137
|
138struct in6_multihead in6_multihead; /* XXX BSS initialization */
| |
139int (*faithprefix_p)(struct in6_addr *); 140 141 142 143int 144in6_mask2len(struct in6_addr *mask, u_char *lim0) 145{ 146 int x = 0, y; 147 u_char *lim = lim0, *p; 148 149 /* ignore the scope_id part */ 150 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask)) 151 lim = (u_char *)mask + sizeof(*mask); 152 for (p = (u_char *)mask; p < lim; x++, p++) { 153 if (*p != 0xff) 154 break; 155 } 156 y = 0; 157 if (p < lim) { 158 for (y = 0; y < 8; y++) { 159 if ((*p & (0x80 >> y)) == 0) 160 break; 161 } 162 } 163 164 /* 165 * when the limit pointer is given, do a stricter check on the 166 * remaining bits. 167 */ 168 if (p < lim) { 169 if (y != 0 && (*p & (0x00ff >> y)) != 0) 170 return (-1); 171 for (p = p + 1; p < lim; p++) 172 if (*p != 0) 173 return (-1); 174 } 175 176 return x * 8 + y; 177} 178 179#define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa)) 180#define ia62ifa(ia6) (&((ia6)->ia_ifa)) 181 182int 183in6_control(struct socket *so, u_long cmd, caddr_t data, 184 struct ifnet *ifp, struct thread *td) 185{ 186 INIT_VNET_INET6(curvnet); 187 struct in6_ifreq *ifr = (struct in6_ifreq *)data; 188 struct in6_ifaddr *ia = NULL; 189 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data; 190 struct sockaddr_in6 *sa6; 191 int error; 192 193 switch (cmd) { 194 case SIOCGETSGCNT_IN6: 195 case SIOCGETMIFCNT_IN6: 196 return (mrt6_ioctl ? mrt6_ioctl(cmd, data) : EOPNOTSUPP); 197 } 198 199 switch(cmd) { 200 case SIOCAADDRCTL_POLICY: 201 case SIOCDADDRCTL_POLICY: 202 if (td != NULL) { 203 error = priv_check(td, PRIV_NETINET_ADDRCTRL6); 204 if (error) 205 return (error); 206 } 207 return (in6_src_ioctl(cmd, data)); 208 } 209 210 if (ifp == NULL) 211 return (EOPNOTSUPP); 212 213 switch (cmd) { 214 case SIOCSNDFLUSH_IN6: 215 case SIOCSPFXFLUSH_IN6: 216 case SIOCSRTRFLUSH_IN6: 217 case SIOCSDEFIFACE_IN6: 218 case SIOCSIFINFO_FLAGS: 219 if (td != NULL) { 220 error = priv_check(td, PRIV_NETINET_ND6); 221 if (error) 222 return (error); 223 } 224 /* FALLTHROUGH */ 225 case OSIOCGIFINFO_IN6: 226 case SIOCGIFINFO_IN6: 227 case SIOCSIFINFO_IN6: 228 case SIOCGDRLST_IN6: 229 case SIOCGPRLST_IN6: 230 case SIOCGNBRINFO_IN6: 231 case SIOCGDEFIFACE_IN6: 232 return (nd6_ioctl(cmd, data, ifp)); 233 } 234 235 switch (cmd) { 236 case SIOCSIFPREFIX_IN6: 237 case SIOCDIFPREFIX_IN6: 238 case SIOCAIFPREFIX_IN6: 239 case SIOCCIFPREFIX_IN6: 240 case SIOCSGIFPREFIX_IN6: 241 case SIOCGIFPREFIX_IN6: 242 log(LOG_NOTICE, 243 "prefix ioctls are now invalidated. " 244 "please use ifconfig.\n"); 245 return (EOPNOTSUPP); 246 } 247 248 switch (cmd) { 249 case SIOCSSCOPE6: 250 if (td != NULL) { 251 error = priv_check(td, PRIV_NETINET_SCOPE6); 252 if (error) 253 return (error); 254 } 255 return (scope6_set(ifp, 256 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id)); 257 case SIOCGSCOPE6: 258 return (scope6_get(ifp, 259 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id)); 260 case SIOCGSCOPE6DEF: 261 return (scope6_get_default((struct scope6_id *) 262 ifr->ifr_ifru.ifru_scope_id)); 263 } 264 265 switch (cmd) { 266 case SIOCALIFADDR: 267 if (td != NULL) { 268 error = priv_check(td, PRIV_NET_ADDIFADDR); 269 if (error) 270 return (error); 271 } 272 return in6_lifaddr_ioctl(so, cmd, data, ifp, td); 273 274 case SIOCDLIFADDR: 275 if (td != NULL) { 276 error = priv_check(td, PRIV_NET_DELIFADDR); 277 if (error) 278 return (error); 279 } 280 /* FALLTHROUGH */ 281 case SIOCGLIFADDR: 282 return in6_lifaddr_ioctl(so, cmd, data, ifp, td); 283 } 284 285 /* 286 * Find address for this interface, if it exists. 287 * 288 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation 289 * only, and used the first interface address as the target of other 290 * operations (without checking ifra_addr). This was because netinet 291 * code/API assumed at most 1 interface address per interface. 292 * Since IPv6 allows a node to assign multiple addresses 293 * on a single interface, we almost always look and check the 294 * presence of ifra_addr, and reject invalid ones here. 295 * It also decreases duplicated code among SIOC*_IN6 operations. 296 */ 297 switch (cmd) { 298 case SIOCAIFADDR_IN6: 299 case SIOCSIFPHYADDR_IN6: 300 sa6 = &ifra->ifra_addr; 301 break; 302 case SIOCSIFADDR_IN6: 303 case SIOCGIFADDR_IN6: 304 case SIOCSIFDSTADDR_IN6: 305 case SIOCSIFNETMASK_IN6: 306 case SIOCGIFDSTADDR_IN6: 307 case SIOCGIFNETMASK_IN6: 308 case SIOCDIFADDR_IN6: 309 case SIOCGIFPSRCADDR_IN6: 310 case SIOCGIFPDSTADDR_IN6: 311 case SIOCGIFAFLAG_IN6: 312 case SIOCSNDFLUSH_IN6: 313 case SIOCSPFXFLUSH_IN6: 314 case SIOCSRTRFLUSH_IN6: 315 case SIOCGIFALIFETIME_IN6: 316 case SIOCSIFALIFETIME_IN6: 317 case SIOCGIFSTAT_IN6: 318 case SIOCGIFSTAT_ICMP6: 319 sa6 = &ifr->ifr_addr; 320 break; 321 default: 322 sa6 = NULL; 323 break; 324 } 325 if (sa6 && sa6->sin6_family == AF_INET6) { 326 int error = 0; 327 328 if (sa6->sin6_scope_id != 0) 329 error = sa6_embedscope(sa6, 0); 330 else 331 error = in6_setscope(&sa6->sin6_addr, ifp, NULL); 332 if (error != 0) 333 return (error); 334 if (td != NULL && (error = prison_check_ip6(td->td_ucred, 335 &sa6->sin6_addr)) != 0) 336 return (error); 337 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr); 338 } else 339 ia = NULL; 340 341 switch (cmd) { 342 case SIOCSIFADDR_IN6: 343 case SIOCSIFDSTADDR_IN6: 344 case SIOCSIFNETMASK_IN6: 345 /* 346 * Since IPv6 allows a node to assign multiple addresses 347 * on a single interface, SIOCSIFxxx ioctls are deprecated. 348 */ 349 /* we decided to obsolete this command (20000704) */ 350 return (EINVAL); 351 352 case SIOCDIFADDR_IN6: 353 /* 354 * for IPv4, we look for existing in_ifaddr here to allow 355 * "ifconfig if0 delete" to remove the first IPv4 address on 356 * the interface. For IPv6, as the spec allows multiple 357 * interface address from the day one, we consider "remove the 358 * first one" semantics to be not preferable. 359 */ 360 if (ia == NULL) 361 return (EADDRNOTAVAIL); 362 /* FALLTHROUGH */ 363 case SIOCAIFADDR_IN6: 364 /* 365 * We always require users to specify a valid IPv6 address for 366 * the corresponding operation. 367 */ 368 if (ifra->ifra_addr.sin6_family != AF_INET6 || 369 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) 370 return (EAFNOSUPPORT); 371 372 if (td != NULL) { 373 error = priv_check(td, (cmd == SIOCDIFADDR_IN6) ? 374 PRIV_NET_DELIFADDR : PRIV_NET_ADDIFADDR); 375 if (error) 376 return (error); 377 } 378 379 break; 380 381 case SIOCGIFADDR_IN6: 382 /* This interface is basically deprecated. use SIOCGIFCONF. */ 383 /* FALLTHROUGH */ 384 case SIOCGIFAFLAG_IN6: 385 case SIOCGIFNETMASK_IN6: 386 case SIOCGIFDSTADDR_IN6: 387 case SIOCGIFALIFETIME_IN6: 388 /* must think again about its semantics */ 389 if (ia == NULL) 390 return (EADDRNOTAVAIL); 391 break; 392 case SIOCSIFALIFETIME_IN6: 393 { 394 struct in6_addrlifetime *lt; 395 396 if (td != NULL) { 397 error = priv_check(td, PRIV_NETINET_ALIFETIME6); 398 if (error) 399 return (error); 400 } 401 if (ia == NULL) 402 return (EADDRNOTAVAIL); 403 /* sanity for overflow - beware unsigned */ 404 lt = &ifr->ifr_ifru.ifru_lifetime; 405 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME && 406 lt->ia6t_vltime + time_second < time_second) { 407 return EINVAL; 408 } 409 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME && 410 lt->ia6t_pltime + time_second < time_second) { 411 return EINVAL; 412 } 413 break; 414 } 415 } 416 417 switch (cmd) { 418 419 case SIOCGIFADDR_IN6: 420 ifr->ifr_addr = ia->ia_addr; 421 if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0) 422 return (error); 423 break; 424 425 case SIOCGIFDSTADDR_IN6: 426 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) 427 return (EINVAL); 428 /* 429 * XXX: should we check if ifa_dstaddr is NULL and return 430 * an error? 431 */ 432 ifr->ifr_dstaddr = ia->ia_dstaddr; 433 if ((error = sa6_recoverscope(&ifr->ifr_dstaddr)) != 0) 434 return (error); 435 break; 436 437 case SIOCGIFNETMASK_IN6: 438 ifr->ifr_addr = ia->ia_prefixmask; 439 break; 440 441 case SIOCGIFAFLAG_IN6: 442 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags; 443 break; 444 445 case SIOCGIFSTAT_IN6: 446 if (ifp == NULL) 447 return EINVAL; 448 bzero(&ifr->ifr_ifru.ifru_stat, 449 sizeof(ifr->ifr_ifru.ifru_stat)); 450 ifr->ifr_ifru.ifru_stat = 451 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat; 452 break; 453 454 case SIOCGIFSTAT_ICMP6: 455 if (ifp == NULL) 456 return EINVAL; 457 bzero(&ifr->ifr_ifru.ifru_icmp6stat, 458 sizeof(ifr->ifr_ifru.ifru_icmp6stat)); 459 ifr->ifr_ifru.ifru_icmp6stat = 460 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat; 461 break; 462 463 case SIOCGIFALIFETIME_IN6: 464 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime; 465 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 466 time_t maxexpire; 467 struct in6_addrlifetime *retlt = 468 &ifr->ifr_ifru.ifru_lifetime; 469 470 /* 471 * XXX: adjust expiration time assuming time_t is 472 * signed. 473 */ 474 maxexpire = (-1) & 475 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1)); 476 if (ia->ia6_lifetime.ia6t_vltime < 477 maxexpire - ia->ia6_updatetime) { 478 retlt->ia6t_expire = ia->ia6_updatetime + 479 ia->ia6_lifetime.ia6t_vltime; 480 } else 481 retlt->ia6t_expire = maxexpire; 482 } 483 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 484 time_t maxexpire; 485 struct in6_addrlifetime *retlt = 486 &ifr->ifr_ifru.ifru_lifetime; 487 488 /* 489 * XXX: adjust expiration time assuming time_t is 490 * signed. 491 */ 492 maxexpire = (-1) & 493 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1)); 494 if (ia->ia6_lifetime.ia6t_pltime < 495 maxexpire - ia->ia6_updatetime) { 496 retlt->ia6t_preferred = ia->ia6_updatetime + 497 ia->ia6_lifetime.ia6t_pltime; 498 } else 499 retlt->ia6t_preferred = maxexpire; 500 } 501 break; 502 503 case SIOCSIFALIFETIME_IN6: 504 ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime; 505 /* for sanity */ 506 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 507 ia->ia6_lifetime.ia6t_expire = 508 time_second + ia->ia6_lifetime.ia6t_vltime; 509 } else 510 ia->ia6_lifetime.ia6t_expire = 0; 511 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 512 ia->ia6_lifetime.ia6t_preferred = 513 time_second + ia->ia6_lifetime.ia6t_pltime; 514 } else 515 ia->ia6_lifetime.ia6t_preferred = 0; 516 break; 517 518 case SIOCAIFADDR_IN6: 519 { 520 int i, error = 0; 521 struct nd_prefixctl pr0; 522 struct nd_prefix *pr; 523 524 /* 525 * first, make or update the interface address structure, 526 * and link it to the list. 527 */ 528 if ((error = in6_update_ifa(ifp, ifra, ia, 0)) != 0) 529 return (error); 530 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr)) 531 == NULL) { 532 /* 533 * this can happen when the user specify the 0 valid 534 * lifetime. 535 */ 536 break; 537 } 538 539 /* 540 * then, make the prefix on-link on the interface. 541 * XXX: we'd rather create the prefix before the address, but 542 * we need at least one address to install the corresponding 543 * interface route, so we configure the address first. 544 */ 545 546 /* 547 * convert mask to prefix length (prefixmask has already 548 * been validated in in6_update_ifa(). 549 */ 550 bzero(&pr0, sizeof(pr0)); 551 pr0.ndpr_ifp = ifp; 552 pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 553 NULL); 554 if (pr0.ndpr_plen == 128) { 555 break; /* we don't need to install a host route. */ 556 } 557 pr0.ndpr_prefix = ifra->ifra_addr; 558 /* apply the mask for safety. */ 559 for (i = 0; i < 4; i++) { 560 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &= 561 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i]; 562 } 563 /* 564 * XXX: since we don't have an API to set prefix (not address) 565 * lifetimes, we just use the same lifetimes as addresses. 566 * The (temporarily) installed lifetimes can be overridden by 567 * later advertised RAs (when accept_rtadv is non 0), which is 568 * an intended behavior. 569 */ 570 pr0.ndpr_raf_onlink = 1; /* should be configurable? */ 571 pr0.ndpr_raf_auto = 572 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0); 573 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime; 574 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime; 575 576 /* add the prefix if not yet. */ 577 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) { 578 /* 579 * nd6_prelist_add will install the corresponding 580 * interface route. 581 */ 582 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) 583 return (error); 584 if (pr == NULL) { 585 log(LOG_ERR, "nd6_prelist_add succeeded but " 586 "no prefix\n"); 587 return (EINVAL); /* XXX panic here? */ 588 } 589 } 590 591 /* relate the address to the prefix */ 592 if (ia->ia6_ndpr == NULL) { 593 ia->ia6_ndpr = pr; 594 pr->ndpr_refcnt++; 595 596 /* 597 * If this is the first autoconf address from the 598 * prefix, create a temporary address as well 599 * (when required). 600 */ 601 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) && 602 V_ip6_use_tempaddr && pr->ndpr_refcnt == 1) { 603 int e; 604 if ((e = in6_tmpifadd(ia, 1, 0)) != 0) { 605 log(LOG_NOTICE, "in6_control: failed " 606 "to create a temporary address, " 607 "errno=%d\n", e); 608 } 609 } 610 } 611 612 /* 613 * this might affect the status of autoconfigured addresses, 614 * that is, this address might make other addresses detached. 615 */ 616 pfxlist_onlink_check(); 617 if (error == 0 && ia) 618 EVENTHANDLER_INVOKE(ifaddr_event, ifp); 619 break; 620 } 621 622 case SIOCDIFADDR_IN6: 623 { 624 struct nd_prefix *pr; 625 626 /* 627 * If the address being deleted is the only one that owns 628 * the corresponding prefix, expire the prefix as well. 629 * XXX: theoretically, we don't have to worry about such 630 * relationship, since we separate the address management 631 * and the prefix management. We do this, however, to provide 632 * as much backward compatibility as possible in terms of 633 * the ioctl operation. 634 * Note that in6_purgeaddr() will decrement ndpr_refcnt. 635 */ 636 pr = ia->ia6_ndpr; 637 in6_purgeaddr(&ia->ia_ifa); 638 if (pr && pr->ndpr_refcnt == 0) 639 prelist_remove(pr); 640 EVENTHANDLER_INVOKE(ifaddr_event, ifp); 641 break; 642 } 643 644 default: 645 if (ifp == NULL || ifp->if_ioctl == 0) 646 return (EOPNOTSUPP); 647 return ((*ifp->if_ioctl)(ifp, cmd, data)); 648 } 649 650 return (0); 651} 652 653/* 654 * Update parameters of an IPv6 interface address. 655 * If necessary, a new entry is created and linked into address chains. 656 * This function is separated from in6_control(). 657 * XXX: should this be performed under splnet()? 658 */ 659int 660in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, 661 struct in6_ifaddr *ia, int flags) 662{ 663 INIT_VNET_INET6(ifp->if_vnet); 664 INIT_VPROCG(TD_TO_VPROCG(curthread)); /* XXX V_hostname needs this */ 665 int error = 0, hostIsNew = 0, plen = -1; 666 struct in6_ifaddr *oia; 667 struct sockaddr_in6 dst6; 668 struct in6_addrlifetime *lt; 669 struct in6_multi_mship *imm; 670 struct in6_multi *in6m_sol; 671 struct rtentry *rt; 672 int delay; 673 char ip6buf[INET6_ADDRSTRLEN]; 674 675 /* Validate parameters */ 676 if (ifp == NULL || ifra == NULL) /* this maybe redundant */ 677 return (EINVAL); 678 679 /* 680 * The destination address for a p2p link must have a family 681 * of AF_UNSPEC or AF_INET6. 682 */ 683 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && 684 ifra->ifra_dstaddr.sin6_family != AF_INET6 && 685 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC) 686 return (EAFNOSUPPORT); 687 /* 688 * validate ifra_prefixmask. don't check sin6_family, netmask 689 * does not carry fields other than sin6_len. 690 */ 691 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6)) 692 return (EINVAL); 693 /* 694 * Because the IPv6 address architecture is classless, we require 695 * users to specify a (non 0) prefix length (mask) for a new address. 696 * We also require the prefix (when specified) mask is valid, and thus 697 * reject a non-consecutive mask. 698 */ 699 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0) 700 return (EINVAL); 701 if (ifra->ifra_prefixmask.sin6_len != 0) { 702 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 703 (u_char *)&ifra->ifra_prefixmask + 704 ifra->ifra_prefixmask.sin6_len); 705 if (plen <= 0) 706 return (EINVAL); 707 } else { 708 /* 709 * In this case, ia must not be NULL. We just use its prefix 710 * length. 711 */ 712 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 713 } 714 /* 715 * If the destination address on a p2p interface is specified, 716 * and the address is a scoped one, validate/set the scope 717 * zone identifier. 718 */ 719 dst6 = ifra->ifra_dstaddr; 720 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 && 721 (dst6.sin6_family == AF_INET6)) { 722 struct in6_addr in6_tmp; 723 u_int32_t zoneid; 724 725 in6_tmp = dst6.sin6_addr; 726 if (in6_setscope(&in6_tmp, ifp, &zoneid)) 727 return (EINVAL); /* XXX: should be impossible */ 728 729 if (dst6.sin6_scope_id != 0) { 730 if (dst6.sin6_scope_id != zoneid) 731 return (EINVAL); 732 } else /* user omit to specify the ID. */ 733 dst6.sin6_scope_id = zoneid; 734 735 /* convert into the internal form */ 736 if (sa6_embedscope(&dst6, 0)) 737 return (EINVAL); /* XXX: should be impossible */ 738 } 739 /* 740 * The destination address can be specified only for a p2p or a 741 * loopback interface. If specified, the corresponding prefix length 742 * must be 128. 743 */ 744 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) { 745 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) { 746 /* XXX: noisy message */ 747 nd6log((LOG_INFO, "in6_update_ifa: a destination can " 748 "be specified for a p2p or a loopback IF only\n")); 749 return (EINVAL); 750 } 751 if (plen != 128) { 752 nd6log((LOG_INFO, "in6_update_ifa: prefixlen should " 753 "be 128 when dstaddr is specified\n")); 754 return (EINVAL); 755 } 756 } 757 /* lifetime consistency check */ 758 lt = &ifra->ifra_lifetime; 759 if (lt->ia6t_pltime > lt->ia6t_vltime) 760 return (EINVAL); 761 if (lt->ia6t_vltime == 0) { 762 /* 763 * the following log might be noisy, but this is a typical 764 * configuration mistake or a tool's bug. 765 */ 766 nd6log((LOG_INFO, 767 "in6_update_ifa: valid lifetime is 0 for %s\n", 768 ip6_sprintf(ip6buf, &ifra->ifra_addr.sin6_addr))); 769 770 if (ia == NULL) 771 return (0); /* there's nothing to do */ 772 } 773 774 /* 775 * If this is a new address, allocate a new ifaddr and link it 776 * into chains. 777 */ 778 if (ia == NULL) { 779 hostIsNew = 1; 780 /* 781 * When in6_update_ifa() is called in a process of a received 782 * RA, it is called under an interrupt context. So, we should 783 * call malloc with M_NOWAIT. 784 */ 785 ia = (struct in6_ifaddr *) malloc(sizeof(*ia), M_IFADDR, 786 M_NOWAIT); 787 if (ia == NULL) 788 return (ENOBUFS); 789 bzero((caddr_t)ia, sizeof(*ia)); 790 LIST_INIT(&ia->ia6_memberships); 791 /* Initialize the address and masks, and put time stamp */ 792 IFA_LOCK_INIT(&ia->ia_ifa); 793 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr; 794 ia->ia_addr.sin6_family = AF_INET6; 795 ia->ia_addr.sin6_len = sizeof(ia->ia_addr); 796 ia->ia6_createtime = time_second; 797 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) { 798 /* 799 * XXX: some functions expect that ifa_dstaddr is not 800 * NULL for p2p interfaces. 801 */ 802 ia->ia_ifa.ifa_dstaddr = 803 (struct sockaddr *)&ia->ia_dstaddr; 804 } else { 805 ia->ia_ifa.ifa_dstaddr = NULL; 806 } 807 ia->ia_ifa.ifa_netmask = (struct sockaddr *)&ia->ia_prefixmask; 808 809 ia->ia_ifp = ifp; 810 if ((oia = V_in6_ifaddr) != NULL) { 811 for ( ; oia->ia_next; oia = oia->ia_next) 812 continue; 813 oia->ia_next = ia; 814 } else 815 V_in6_ifaddr = ia; 816 817 ia->ia_ifa.ifa_refcnt = 1; 818 IF_ADDR_LOCK(ifp); 819 TAILQ_INSERT_TAIL(&ifp->if_addrhead, &ia->ia_ifa, ifa_link); 820 IF_ADDR_UNLOCK(ifp); 821 } 822 823 /* update timestamp */ 824 ia->ia6_updatetime = time_second; 825 826 /* set prefix mask */ 827 if (ifra->ifra_prefixmask.sin6_len) { 828 /* 829 * We prohibit changing the prefix length of an existing 830 * address, because 831 * + such an operation should be rare in IPv6, and 832 * + the operation would confuse prefix management. 833 */ 834 if (ia->ia_prefixmask.sin6_len && 835 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) { 836 nd6log((LOG_INFO, "in6_update_ifa: the prefix length of an" 837 " existing (%s) address should not be changed\n", 838 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr))); 839 error = EINVAL; 840 goto unlink; 841 } 842 ia->ia_prefixmask = ifra->ifra_prefixmask; 843 } 844 845 /* 846 * If a new destination address is specified, scrub the old one and 847 * install the new destination. Note that the interface must be 848 * p2p or loopback (see the check above.) 849 */ 850 if (dst6.sin6_family == AF_INET6 && 851 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, &ia->ia_dstaddr.sin6_addr)) { 852 int e; 853 854 if ((ia->ia_flags & IFA_ROUTE) != 0 && 855 (e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) != 0) { 856 nd6log((LOG_ERR, "in6_update_ifa: failed to remove " 857 "a route to the old destination: %s\n", 858 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr))); 859 /* proceed anyway... */ 860 } else 861 ia->ia_flags &= ~IFA_ROUTE; 862 ia->ia_dstaddr = dst6; 863 } 864 865 /* 866 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred 867 * to see if the address is deprecated or invalidated, but initialize 868 * these members for applications. 869 */ 870 ia->ia6_lifetime = ifra->ifra_lifetime; 871 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 872 ia->ia6_lifetime.ia6t_expire = 873 time_second + ia->ia6_lifetime.ia6t_vltime; 874 } else 875 ia->ia6_lifetime.ia6t_expire = 0; 876 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 877 ia->ia6_lifetime.ia6t_preferred = 878 time_second + ia->ia6_lifetime.ia6t_pltime; 879 } else 880 ia->ia6_lifetime.ia6t_preferred = 0; 881 882 /* reset the interface and routing table appropriately. */ 883 if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0) 884 goto unlink; 885 886 /* 887 * configure address flags. 888 */ 889 ia->ia6_flags = ifra->ifra_flags; 890 /* 891 * backward compatibility - if IN6_IFF_DEPRECATED is set from the 892 * userland, make it deprecated. 893 */ 894 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) { 895 ia->ia6_lifetime.ia6t_pltime = 0; 896 ia->ia6_lifetime.ia6t_preferred = time_second; 897 } 898 /* 899 * Make the address tentative before joining multicast addresses, 900 * so that corresponding MLD responses would not have a tentative 901 * source address. 902 */ 903 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */ 904 if (hostIsNew && in6if_do_dad(ifp)) 905 ia->ia6_flags |= IN6_IFF_TENTATIVE; 906 907 /* 908 * We are done if we have simply modified an existing address. 909 */ 910 if (!hostIsNew) 911 return (error); 912 913 /* 914 * Beyond this point, we should call in6_purgeaddr upon an error, 915 * not just go to unlink. 916 */ 917 918 /* Join necessary multicast groups */ 919 in6m_sol = NULL; 920 if ((ifp->if_flags & IFF_MULTICAST) != 0) { 921 struct sockaddr_in6 mltaddr, mltmask; 922 struct in6_addr llsol; 923 924 /* join solicited multicast addr for new host id */ 925 bzero(&llsol, sizeof(struct in6_addr)); 926 llsol.s6_addr32[0] = IPV6_ADDR_INT32_MLL; 927 llsol.s6_addr32[1] = 0; 928 llsol.s6_addr32[2] = htonl(1); 929 llsol.s6_addr32[3] = ifra->ifra_addr.sin6_addr.s6_addr32[3]; 930 llsol.s6_addr8[12] = 0xff; 931 if ((error = in6_setscope(&llsol, ifp, NULL)) != 0) { 932 /* XXX: should not happen */ 933 log(LOG_ERR, "in6_update_ifa: " 934 "in6_setscope failed\n"); 935 goto cleanup; 936 } 937 delay = 0; 938 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 939 /* 940 * We need a random delay for DAD on the address 941 * being configured. It also means delaying 942 * transmission of the corresponding MLD report to 943 * avoid report collision. 944 * [draft-ietf-ipv6-rfc2462bis-02.txt] 945 */ 946 delay = arc4random() % 947 (MAX_RTR_SOLICITATION_DELAY * hz); 948 } 949 imm = in6_joingroup(ifp, &llsol, &error, delay); 950 if (imm == NULL) { 951 nd6log((LOG_WARNING, 952 "in6_update_ifa: addmulti failed for " 953 "%s on %s (errno=%d)\n", 954 ip6_sprintf(ip6buf, &llsol), if_name(ifp), 955 error)); 956 in6_purgeaddr((struct ifaddr *)ia); 957 return (error); 958 } 959 LIST_INSERT_HEAD(&ia->ia6_memberships, 960 imm, i6mm_chain); 961 in6m_sol = imm->i6mm_maddr; 962 963 bzero(&mltmask, sizeof(mltmask)); 964 mltmask.sin6_len = sizeof(struct sockaddr_in6); 965 mltmask.sin6_family = AF_INET6; 966 mltmask.sin6_addr = in6mask32; 967#define MLTMASK_LEN 4 /* mltmask's masklen (=32bit=4octet) */ 968 969 /* 970 * join link-local all-nodes address 971 */ 972 bzero(&mltaddr, sizeof(mltaddr)); 973 mltaddr.sin6_len = sizeof(struct sockaddr_in6); 974 mltaddr.sin6_family = AF_INET6; 975 mltaddr.sin6_addr = in6addr_linklocal_allnodes; 976 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 977 0) 978 goto cleanup; /* XXX: should not fail */ 979 980 /* 981 * XXX: do we really need this automatic routes? 982 * We should probably reconsider this stuff. Most applications 983 * actually do not need the routes, since they usually specify 984 * the outgoing interface. 985 */ 986 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 987 if (rt) { 988 /* XXX: only works in !SCOPEDROUTING case. */ 989 if (memcmp(&mltaddr.sin6_addr, 990 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 991 MLTMASK_LEN)) { 992 RTFREE_LOCKED(rt); 993 rt = NULL; 994 } 995 } 996 if (!rt) { 997 error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr, 998 (struct sockaddr *)&ia->ia_addr, 999 (struct sockaddr *)&mltmask, RTF_UP, 1000 (struct rtentry **)0); 1001 if (error) 1002 goto cleanup; 1003 } else { 1004 RTFREE_LOCKED(rt); 1005 } 1006 1007 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0); 1008 if (!imm) { 1009 nd6log((LOG_WARNING, 1010 "in6_update_ifa: addmulti failed for " 1011 "%s on %s (errno=%d)\n", 1012 ip6_sprintf(ip6buf, &mltaddr.sin6_addr), 1013 if_name(ifp), error)); 1014 goto cleanup; 1015 } 1016 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1017 1018 /* 1019 * join node information group address 1020 */ 1021#define hostnamelen strlen(V_hostname) 1022 delay = 0; 1023 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1024 /* 1025 * The spec doesn't say anything about delay for this 1026 * group, but the same logic should apply. 1027 */ 1028 delay = arc4random() % 1029 (MAX_RTR_SOLICITATION_DELAY * hz); 1030 } 1031 mtx_lock(&hostname_mtx); 1032 if (in6_nigroup(ifp, V_hostname, hostnamelen, 1033 &mltaddr.sin6_addr) == 0) { 1034 mtx_unlock(&hostname_mtx); 1035 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 1036 delay); /* XXX jinmei */ 1037 if (!imm) { 1038 nd6log((LOG_WARNING, "in6_update_ifa: " 1039 "addmulti failed for %s on %s " 1040 "(errno=%d)\n", 1041 ip6_sprintf(ip6buf, &mltaddr.sin6_addr), 1042 if_name(ifp), error)); 1043 /* XXX not very fatal, go on... */ 1044 } else { 1045 LIST_INSERT_HEAD(&ia->ia6_memberships, 1046 imm, i6mm_chain); 1047 } 1048 } else 1049 mtx_unlock(&hostname_mtx); 1050#undef hostnamelen 1051 1052 /* 1053 * join interface-local all-nodes address. 1054 * (ff01::1%ifN, and ff01::%ifN/32) 1055 */ 1056 mltaddr.sin6_addr = in6addr_nodelocal_allnodes; 1057 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) 1058 != 0) 1059 goto cleanup; /* XXX: should not fail */ 1060 /* XXX: again, do we really need the route? */ 1061 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 1062 if (rt) { 1063 if (memcmp(&mltaddr.sin6_addr, 1064 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 1065 MLTMASK_LEN)) { 1066 RTFREE_LOCKED(rt); 1067 rt = NULL; 1068 } 1069 } 1070 if (!rt) { 1071 error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr, 1072 (struct sockaddr *)&ia->ia_addr, 1073 (struct sockaddr *)&mltmask, RTF_UP, 1074 (struct rtentry **)0); 1075 if (error) 1076 goto cleanup; 1077 } else 1078 RTFREE_LOCKED(rt); 1079 1080 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0); 1081 if (!imm) { 1082 nd6log((LOG_WARNING, "in6_update_ifa: " 1083 "addmulti failed for %s on %s " 1084 "(errno=%d)\n", 1085 ip6_sprintf(ip6buf, &mltaddr.sin6_addr), 1086 if_name(ifp), error)); 1087 goto cleanup; 1088 } 1089 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1090#undef MLTMASK_LEN 1091 } 1092 1093 /* 1094 * Perform DAD, if needed. 1095 * XXX It may be of use, if we can administratively 1096 * disable DAD. 1097 */ 1098 if (hostIsNew && in6if_do_dad(ifp) && 1099 ((ifra->ifra_flags & IN6_IFF_NODAD) == 0) && 1100 (ia->ia6_flags & IN6_IFF_TENTATIVE)) 1101 { 1102 int mindelay, maxdelay; 1103 1104 delay = 0; 1105 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1106 /* 1107 * We need to impose a delay before sending an NS 1108 * for DAD. Check if we also needed a delay for the 1109 * corresponding MLD message. If we did, the delay 1110 * should be larger than the MLD delay (this could be 1111 * relaxed a bit, but this simple logic is at least 1112 * safe).
| 138int (*faithprefix_p)(struct in6_addr *); 139 140 141 142int 143in6_mask2len(struct in6_addr *mask, u_char *lim0) 144{ 145 int x = 0, y; 146 u_char *lim = lim0, *p; 147 148 /* ignore the scope_id part */ 149 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask)) 150 lim = (u_char *)mask + sizeof(*mask); 151 for (p = (u_char *)mask; p < lim; x++, p++) { 152 if (*p != 0xff) 153 break; 154 } 155 y = 0; 156 if (p < lim) { 157 for (y = 0; y < 8; y++) { 158 if ((*p & (0x80 >> y)) == 0) 159 break; 160 } 161 } 162 163 /* 164 * when the limit pointer is given, do a stricter check on the 165 * remaining bits. 166 */ 167 if (p < lim) { 168 if (y != 0 && (*p & (0x00ff >> y)) != 0) 169 return (-1); 170 for (p = p + 1; p < lim; p++) 171 if (*p != 0) 172 return (-1); 173 } 174 175 return x * 8 + y; 176} 177 178#define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa)) 179#define ia62ifa(ia6) (&((ia6)->ia_ifa)) 180 181int 182in6_control(struct socket *so, u_long cmd, caddr_t data, 183 struct ifnet *ifp, struct thread *td) 184{ 185 INIT_VNET_INET6(curvnet); 186 struct in6_ifreq *ifr = (struct in6_ifreq *)data; 187 struct in6_ifaddr *ia = NULL; 188 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data; 189 struct sockaddr_in6 *sa6; 190 int error; 191 192 switch (cmd) { 193 case SIOCGETSGCNT_IN6: 194 case SIOCGETMIFCNT_IN6: 195 return (mrt6_ioctl ? mrt6_ioctl(cmd, data) : EOPNOTSUPP); 196 } 197 198 switch(cmd) { 199 case SIOCAADDRCTL_POLICY: 200 case SIOCDADDRCTL_POLICY: 201 if (td != NULL) { 202 error = priv_check(td, PRIV_NETINET_ADDRCTRL6); 203 if (error) 204 return (error); 205 } 206 return (in6_src_ioctl(cmd, data)); 207 } 208 209 if (ifp == NULL) 210 return (EOPNOTSUPP); 211 212 switch (cmd) { 213 case SIOCSNDFLUSH_IN6: 214 case SIOCSPFXFLUSH_IN6: 215 case SIOCSRTRFLUSH_IN6: 216 case SIOCSDEFIFACE_IN6: 217 case SIOCSIFINFO_FLAGS: 218 if (td != NULL) { 219 error = priv_check(td, PRIV_NETINET_ND6); 220 if (error) 221 return (error); 222 } 223 /* FALLTHROUGH */ 224 case OSIOCGIFINFO_IN6: 225 case SIOCGIFINFO_IN6: 226 case SIOCSIFINFO_IN6: 227 case SIOCGDRLST_IN6: 228 case SIOCGPRLST_IN6: 229 case SIOCGNBRINFO_IN6: 230 case SIOCGDEFIFACE_IN6: 231 return (nd6_ioctl(cmd, data, ifp)); 232 } 233 234 switch (cmd) { 235 case SIOCSIFPREFIX_IN6: 236 case SIOCDIFPREFIX_IN6: 237 case SIOCAIFPREFIX_IN6: 238 case SIOCCIFPREFIX_IN6: 239 case SIOCSGIFPREFIX_IN6: 240 case SIOCGIFPREFIX_IN6: 241 log(LOG_NOTICE, 242 "prefix ioctls are now invalidated. " 243 "please use ifconfig.\n"); 244 return (EOPNOTSUPP); 245 } 246 247 switch (cmd) { 248 case SIOCSSCOPE6: 249 if (td != NULL) { 250 error = priv_check(td, PRIV_NETINET_SCOPE6); 251 if (error) 252 return (error); 253 } 254 return (scope6_set(ifp, 255 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id)); 256 case SIOCGSCOPE6: 257 return (scope6_get(ifp, 258 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id)); 259 case SIOCGSCOPE6DEF: 260 return (scope6_get_default((struct scope6_id *) 261 ifr->ifr_ifru.ifru_scope_id)); 262 } 263 264 switch (cmd) { 265 case SIOCALIFADDR: 266 if (td != NULL) { 267 error = priv_check(td, PRIV_NET_ADDIFADDR); 268 if (error) 269 return (error); 270 } 271 return in6_lifaddr_ioctl(so, cmd, data, ifp, td); 272 273 case SIOCDLIFADDR: 274 if (td != NULL) { 275 error = priv_check(td, PRIV_NET_DELIFADDR); 276 if (error) 277 return (error); 278 } 279 /* FALLTHROUGH */ 280 case SIOCGLIFADDR: 281 return in6_lifaddr_ioctl(so, cmd, data, ifp, td); 282 } 283 284 /* 285 * Find address for this interface, if it exists. 286 * 287 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation 288 * only, and used the first interface address as the target of other 289 * operations (without checking ifra_addr). This was because netinet 290 * code/API assumed at most 1 interface address per interface. 291 * Since IPv6 allows a node to assign multiple addresses 292 * on a single interface, we almost always look and check the 293 * presence of ifra_addr, and reject invalid ones here. 294 * It also decreases duplicated code among SIOC*_IN6 operations. 295 */ 296 switch (cmd) { 297 case SIOCAIFADDR_IN6: 298 case SIOCSIFPHYADDR_IN6: 299 sa6 = &ifra->ifra_addr; 300 break; 301 case SIOCSIFADDR_IN6: 302 case SIOCGIFADDR_IN6: 303 case SIOCSIFDSTADDR_IN6: 304 case SIOCSIFNETMASK_IN6: 305 case SIOCGIFDSTADDR_IN6: 306 case SIOCGIFNETMASK_IN6: 307 case SIOCDIFADDR_IN6: 308 case SIOCGIFPSRCADDR_IN6: 309 case SIOCGIFPDSTADDR_IN6: 310 case SIOCGIFAFLAG_IN6: 311 case SIOCSNDFLUSH_IN6: 312 case SIOCSPFXFLUSH_IN6: 313 case SIOCSRTRFLUSH_IN6: 314 case SIOCGIFALIFETIME_IN6: 315 case SIOCSIFALIFETIME_IN6: 316 case SIOCGIFSTAT_IN6: 317 case SIOCGIFSTAT_ICMP6: 318 sa6 = &ifr->ifr_addr; 319 break; 320 default: 321 sa6 = NULL; 322 break; 323 } 324 if (sa6 && sa6->sin6_family == AF_INET6) { 325 int error = 0; 326 327 if (sa6->sin6_scope_id != 0) 328 error = sa6_embedscope(sa6, 0); 329 else 330 error = in6_setscope(&sa6->sin6_addr, ifp, NULL); 331 if (error != 0) 332 return (error); 333 if (td != NULL && (error = prison_check_ip6(td->td_ucred, 334 &sa6->sin6_addr)) != 0) 335 return (error); 336 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr); 337 } else 338 ia = NULL; 339 340 switch (cmd) { 341 case SIOCSIFADDR_IN6: 342 case SIOCSIFDSTADDR_IN6: 343 case SIOCSIFNETMASK_IN6: 344 /* 345 * Since IPv6 allows a node to assign multiple addresses 346 * on a single interface, SIOCSIFxxx ioctls are deprecated. 347 */ 348 /* we decided to obsolete this command (20000704) */ 349 return (EINVAL); 350 351 case SIOCDIFADDR_IN6: 352 /* 353 * for IPv4, we look for existing in_ifaddr here to allow 354 * "ifconfig if0 delete" to remove the first IPv4 address on 355 * the interface. For IPv6, as the spec allows multiple 356 * interface address from the day one, we consider "remove the 357 * first one" semantics to be not preferable. 358 */ 359 if (ia == NULL) 360 return (EADDRNOTAVAIL); 361 /* FALLTHROUGH */ 362 case SIOCAIFADDR_IN6: 363 /* 364 * We always require users to specify a valid IPv6 address for 365 * the corresponding operation. 366 */ 367 if (ifra->ifra_addr.sin6_family != AF_INET6 || 368 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) 369 return (EAFNOSUPPORT); 370 371 if (td != NULL) { 372 error = priv_check(td, (cmd == SIOCDIFADDR_IN6) ? 373 PRIV_NET_DELIFADDR : PRIV_NET_ADDIFADDR); 374 if (error) 375 return (error); 376 } 377 378 break; 379 380 case SIOCGIFADDR_IN6: 381 /* This interface is basically deprecated. use SIOCGIFCONF. */ 382 /* FALLTHROUGH */ 383 case SIOCGIFAFLAG_IN6: 384 case SIOCGIFNETMASK_IN6: 385 case SIOCGIFDSTADDR_IN6: 386 case SIOCGIFALIFETIME_IN6: 387 /* must think again about its semantics */ 388 if (ia == NULL) 389 return (EADDRNOTAVAIL); 390 break; 391 case SIOCSIFALIFETIME_IN6: 392 { 393 struct in6_addrlifetime *lt; 394 395 if (td != NULL) { 396 error = priv_check(td, PRIV_NETINET_ALIFETIME6); 397 if (error) 398 return (error); 399 } 400 if (ia == NULL) 401 return (EADDRNOTAVAIL); 402 /* sanity for overflow - beware unsigned */ 403 lt = &ifr->ifr_ifru.ifru_lifetime; 404 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME && 405 lt->ia6t_vltime + time_second < time_second) { 406 return EINVAL; 407 } 408 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME && 409 lt->ia6t_pltime + time_second < time_second) { 410 return EINVAL; 411 } 412 break; 413 } 414 } 415 416 switch (cmd) { 417 418 case SIOCGIFADDR_IN6: 419 ifr->ifr_addr = ia->ia_addr; 420 if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0) 421 return (error); 422 break; 423 424 case SIOCGIFDSTADDR_IN6: 425 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) 426 return (EINVAL); 427 /* 428 * XXX: should we check if ifa_dstaddr is NULL and return 429 * an error? 430 */ 431 ifr->ifr_dstaddr = ia->ia_dstaddr; 432 if ((error = sa6_recoverscope(&ifr->ifr_dstaddr)) != 0) 433 return (error); 434 break; 435 436 case SIOCGIFNETMASK_IN6: 437 ifr->ifr_addr = ia->ia_prefixmask; 438 break; 439 440 case SIOCGIFAFLAG_IN6: 441 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags; 442 break; 443 444 case SIOCGIFSTAT_IN6: 445 if (ifp == NULL) 446 return EINVAL; 447 bzero(&ifr->ifr_ifru.ifru_stat, 448 sizeof(ifr->ifr_ifru.ifru_stat)); 449 ifr->ifr_ifru.ifru_stat = 450 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat; 451 break; 452 453 case SIOCGIFSTAT_ICMP6: 454 if (ifp == NULL) 455 return EINVAL; 456 bzero(&ifr->ifr_ifru.ifru_icmp6stat, 457 sizeof(ifr->ifr_ifru.ifru_icmp6stat)); 458 ifr->ifr_ifru.ifru_icmp6stat = 459 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat; 460 break; 461 462 case SIOCGIFALIFETIME_IN6: 463 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime; 464 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 465 time_t maxexpire; 466 struct in6_addrlifetime *retlt = 467 &ifr->ifr_ifru.ifru_lifetime; 468 469 /* 470 * XXX: adjust expiration time assuming time_t is 471 * signed. 472 */ 473 maxexpire = (-1) & 474 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1)); 475 if (ia->ia6_lifetime.ia6t_vltime < 476 maxexpire - ia->ia6_updatetime) { 477 retlt->ia6t_expire = ia->ia6_updatetime + 478 ia->ia6_lifetime.ia6t_vltime; 479 } else 480 retlt->ia6t_expire = maxexpire; 481 } 482 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 483 time_t maxexpire; 484 struct in6_addrlifetime *retlt = 485 &ifr->ifr_ifru.ifru_lifetime; 486 487 /* 488 * XXX: adjust expiration time assuming time_t is 489 * signed. 490 */ 491 maxexpire = (-1) & 492 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1)); 493 if (ia->ia6_lifetime.ia6t_pltime < 494 maxexpire - ia->ia6_updatetime) { 495 retlt->ia6t_preferred = ia->ia6_updatetime + 496 ia->ia6_lifetime.ia6t_pltime; 497 } else 498 retlt->ia6t_preferred = maxexpire; 499 } 500 break; 501 502 case SIOCSIFALIFETIME_IN6: 503 ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime; 504 /* for sanity */ 505 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 506 ia->ia6_lifetime.ia6t_expire = 507 time_second + ia->ia6_lifetime.ia6t_vltime; 508 } else 509 ia->ia6_lifetime.ia6t_expire = 0; 510 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 511 ia->ia6_lifetime.ia6t_preferred = 512 time_second + ia->ia6_lifetime.ia6t_pltime; 513 } else 514 ia->ia6_lifetime.ia6t_preferred = 0; 515 break; 516 517 case SIOCAIFADDR_IN6: 518 { 519 int i, error = 0; 520 struct nd_prefixctl pr0; 521 struct nd_prefix *pr; 522 523 /* 524 * first, make or update the interface address structure, 525 * and link it to the list. 526 */ 527 if ((error = in6_update_ifa(ifp, ifra, ia, 0)) != 0) 528 return (error); 529 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr)) 530 == NULL) { 531 /* 532 * this can happen when the user specify the 0 valid 533 * lifetime. 534 */ 535 break; 536 } 537 538 /* 539 * then, make the prefix on-link on the interface. 540 * XXX: we'd rather create the prefix before the address, but 541 * we need at least one address to install the corresponding 542 * interface route, so we configure the address first. 543 */ 544 545 /* 546 * convert mask to prefix length (prefixmask has already 547 * been validated in in6_update_ifa(). 548 */ 549 bzero(&pr0, sizeof(pr0)); 550 pr0.ndpr_ifp = ifp; 551 pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 552 NULL); 553 if (pr0.ndpr_plen == 128) { 554 break; /* we don't need to install a host route. */ 555 } 556 pr0.ndpr_prefix = ifra->ifra_addr; 557 /* apply the mask for safety. */ 558 for (i = 0; i < 4; i++) { 559 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &= 560 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i]; 561 } 562 /* 563 * XXX: since we don't have an API to set prefix (not address) 564 * lifetimes, we just use the same lifetimes as addresses. 565 * The (temporarily) installed lifetimes can be overridden by 566 * later advertised RAs (when accept_rtadv is non 0), which is 567 * an intended behavior. 568 */ 569 pr0.ndpr_raf_onlink = 1; /* should be configurable? */ 570 pr0.ndpr_raf_auto = 571 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0); 572 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime; 573 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime; 574 575 /* add the prefix if not yet. */ 576 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) { 577 /* 578 * nd6_prelist_add will install the corresponding 579 * interface route. 580 */ 581 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) 582 return (error); 583 if (pr == NULL) { 584 log(LOG_ERR, "nd6_prelist_add succeeded but " 585 "no prefix\n"); 586 return (EINVAL); /* XXX panic here? */ 587 } 588 } 589 590 /* relate the address to the prefix */ 591 if (ia->ia6_ndpr == NULL) { 592 ia->ia6_ndpr = pr; 593 pr->ndpr_refcnt++; 594 595 /* 596 * If this is the first autoconf address from the 597 * prefix, create a temporary address as well 598 * (when required). 599 */ 600 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) && 601 V_ip6_use_tempaddr && pr->ndpr_refcnt == 1) { 602 int e; 603 if ((e = in6_tmpifadd(ia, 1, 0)) != 0) { 604 log(LOG_NOTICE, "in6_control: failed " 605 "to create a temporary address, " 606 "errno=%d\n", e); 607 } 608 } 609 } 610 611 /* 612 * this might affect the status of autoconfigured addresses, 613 * that is, this address might make other addresses detached. 614 */ 615 pfxlist_onlink_check(); 616 if (error == 0 && ia) 617 EVENTHANDLER_INVOKE(ifaddr_event, ifp); 618 break; 619 } 620 621 case SIOCDIFADDR_IN6: 622 { 623 struct nd_prefix *pr; 624 625 /* 626 * If the address being deleted is the only one that owns 627 * the corresponding prefix, expire the prefix as well. 628 * XXX: theoretically, we don't have to worry about such 629 * relationship, since we separate the address management 630 * and the prefix management. We do this, however, to provide 631 * as much backward compatibility as possible in terms of 632 * the ioctl operation. 633 * Note that in6_purgeaddr() will decrement ndpr_refcnt. 634 */ 635 pr = ia->ia6_ndpr; 636 in6_purgeaddr(&ia->ia_ifa); 637 if (pr && pr->ndpr_refcnt == 0) 638 prelist_remove(pr); 639 EVENTHANDLER_INVOKE(ifaddr_event, ifp); 640 break; 641 } 642 643 default: 644 if (ifp == NULL || ifp->if_ioctl == 0) 645 return (EOPNOTSUPP); 646 return ((*ifp->if_ioctl)(ifp, cmd, data)); 647 } 648 649 return (0); 650} 651 652/* 653 * Update parameters of an IPv6 interface address. 654 * If necessary, a new entry is created and linked into address chains. 655 * This function is separated from in6_control(). 656 * XXX: should this be performed under splnet()? 657 */ 658int 659in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, 660 struct in6_ifaddr *ia, int flags) 661{ 662 INIT_VNET_INET6(ifp->if_vnet); 663 INIT_VPROCG(TD_TO_VPROCG(curthread)); /* XXX V_hostname needs this */ 664 int error = 0, hostIsNew = 0, plen = -1; 665 struct in6_ifaddr *oia; 666 struct sockaddr_in6 dst6; 667 struct in6_addrlifetime *lt; 668 struct in6_multi_mship *imm; 669 struct in6_multi *in6m_sol; 670 struct rtentry *rt; 671 int delay; 672 char ip6buf[INET6_ADDRSTRLEN]; 673 674 /* Validate parameters */ 675 if (ifp == NULL || ifra == NULL) /* this maybe redundant */ 676 return (EINVAL); 677 678 /* 679 * The destination address for a p2p link must have a family 680 * of AF_UNSPEC or AF_INET6. 681 */ 682 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && 683 ifra->ifra_dstaddr.sin6_family != AF_INET6 && 684 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC) 685 return (EAFNOSUPPORT); 686 /* 687 * validate ifra_prefixmask. don't check sin6_family, netmask 688 * does not carry fields other than sin6_len. 689 */ 690 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6)) 691 return (EINVAL); 692 /* 693 * Because the IPv6 address architecture is classless, we require 694 * users to specify a (non 0) prefix length (mask) for a new address. 695 * We also require the prefix (when specified) mask is valid, and thus 696 * reject a non-consecutive mask. 697 */ 698 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0) 699 return (EINVAL); 700 if (ifra->ifra_prefixmask.sin6_len != 0) { 701 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 702 (u_char *)&ifra->ifra_prefixmask + 703 ifra->ifra_prefixmask.sin6_len); 704 if (plen <= 0) 705 return (EINVAL); 706 } else { 707 /* 708 * In this case, ia must not be NULL. We just use its prefix 709 * length. 710 */ 711 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 712 } 713 /* 714 * If the destination address on a p2p interface is specified, 715 * and the address is a scoped one, validate/set the scope 716 * zone identifier. 717 */ 718 dst6 = ifra->ifra_dstaddr; 719 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 && 720 (dst6.sin6_family == AF_INET6)) { 721 struct in6_addr in6_tmp; 722 u_int32_t zoneid; 723 724 in6_tmp = dst6.sin6_addr; 725 if (in6_setscope(&in6_tmp, ifp, &zoneid)) 726 return (EINVAL); /* XXX: should be impossible */ 727 728 if (dst6.sin6_scope_id != 0) { 729 if (dst6.sin6_scope_id != zoneid) 730 return (EINVAL); 731 } else /* user omit to specify the ID. */ 732 dst6.sin6_scope_id = zoneid; 733 734 /* convert into the internal form */ 735 if (sa6_embedscope(&dst6, 0)) 736 return (EINVAL); /* XXX: should be impossible */ 737 } 738 /* 739 * The destination address can be specified only for a p2p or a 740 * loopback interface. If specified, the corresponding prefix length 741 * must be 128. 742 */ 743 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) { 744 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) { 745 /* XXX: noisy message */ 746 nd6log((LOG_INFO, "in6_update_ifa: a destination can " 747 "be specified for a p2p or a loopback IF only\n")); 748 return (EINVAL); 749 } 750 if (plen != 128) { 751 nd6log((LOG_INFO, "in6_update_ifa: prefixlen should " 752 "be 128 when dstaddr is specified\n")); 753 return (EINVAL); 754 } 755 } 756 /* lifetime consistency check */ 757 lt = &ifra->ifra_lifetime; 758 if (lt->ia6t_pltime > lt->ia6t_vltime) 759 return (EINVAL); 760 if (lt->ia6t_vltime == 0) { 761 /* 762 * the following log might be noisy, but this is a typical 763 * configuration mistake or a tool's bug. 764 */ 765 nd6log((LOG_INFO, 766 "in6_update_ifa: valid lifetime is 0 for %s\n", 767 ip6_sprintf(ip6buf, &ifra->ifra_addr.sin6_addr))); 768 769 if (ia == NULL) 770 return (0); /* there's nothing to do */ 771 } 772 773 /* 774 * If this is a new address, allocate a new ifaddr and link it 775 * into chains. 776 */ 777 if (ia == NULL) { 778 hostIsNew = 1; 779 /* 780 * When in6_update_ifa() is called in a process of a received 781 * RA, it is called under an interrupt context. So, we should 782 * call malloc with M_NOWAIT. 783 */ 784 ia = (struct in6_ifaddr *) malloc(sizeof(*ia), M_IFADDR, 785 M_NOWAIT); 786 if (ia == NULL) 787 return (ENOBUFS); 788 bzero((caddr_t)ia, sizeof(*ia)); 789 LIST_INIT(&ia->ia6_memberships); 790 /* Initialize the address and masks, and put time stamp */ 791 IFA_LOCK_INIT(&ia->ia_ifa); 792 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr; 793 ia->ia_addr.sin6_family = AF_INET6; 794 ia->ia_addr.sin6_len = sizeof(ia->ia_addr); 795 ia->ia6_createtime = time_second; 796 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) { 797 /* 798 * XXX: some functions expect that ifa_dstaddr is not 799 * NULL for p2p interfaces. 800 */ 801 ia->ia_ifa.ifa_dstaddr = 802 (struct sockaddr *)&ia->ia_dstaddr; 803 } else { 804 ia->ia_ifa.ifa_dstaddr = NULL; 805 } 806 ia->ia_ifa.ifa_netmask = (struct sockaddr *)&ia->ia_prefixmask; 807 808 ia->ia_ifp = ifp; 809 if ((oia = V_in6_ifaddr) != NULL) { 810 for ( ; oia->ia_next; oia = oia->ia_next) 811 continue; 812 oia->ia_next = ia; 813 } else 814 V_in6_ifaddr = ia; 815 816 ia->ia_ifa.ifa_refcnt = 1; 817 IF_ADDR_LOCK(ifp); 818 TAILQ_INSERT_TAIL(&ifp->if_addrhead, &ia->ia_ifa, ifa_link); 819 IF_ADDR_UNLOCK(ifp); 820 } 821 822 /* update timestamp */ 823 ia->ia6_updatetime = time_second; 824 825 /* set prefix mask */ 826 if (ifra->ifra_prefixmask.sin6_len) { 827 /* 828 * We prohibit changing the prefix length of an existing 829 * address, because 830 * + such an operation should be rare in IPv6, and 831 * + the operation would confuse prefix management. 832 */ 833 if (ia->ia_prefixmask.sin6_len && 834 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) { 835 nd6log((LOG_INFO, "in6_update_ifa: the prefix length of an" 836 " existing (%s) address should not be changed\n", 837 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr))); 838 error = EINVAL; 839 goto unlink; 840 } 841 ia->ia_prefixmask = ifra->ifra_prefixmask; 842 } 843 844 /* 845 * If a new destination address is specified, scrub the old one and 846 * install the new destination. Note that the interface must be 847 * p2p or loopback (see the check above.) 848 */ 849 if (dst6.sin6_family == AF_INET6 && 850 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, &ia->ia_dstaddr.sin6_addr)) { 851 int e; 852 853 if ((ia->ia_flags & IFA_ROUTE) != 0 && 854 (e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) != 0) { 855 nd6log((LOG_ERR, "in6_update_ifa: failed to remove " 856 "a route to the old destination: %s\n", 857 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr))); 858 /* proceed anyway... */ 859 } else 860 ia->ia_flags &= ~IFA_ROUTE; 861 ia->ia_dstaddr = dst6; 862 } 863 864 /* 865 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred 866 * to see if the address is deprecated or invalidated, but initialize 867 * these members for applications. 868 */ 869 ia->ia6_lifetime = ifra->ifra_lifetime; 870 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 871 ia->ia6_lifetime.ia6t_expire = 872 time_second + ia->ia6_lifetime.ia6t_vltime; 873 } else 874 ia->ia6_lifetime.ia6t_expire = 0; 875 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 876 ia->ia6_lifetime.ia6t_preferred = 877 time_second + ia->ia6_lifetime.ia6t_pltime; 878 } else 879 ia->ia6_lifetime.ia6t_preferred = 0; 880 881 /* reset the interface and routing table appropriately. */ 882 if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0) 883 goto unlink; 884 885 /* 886 * configure address flags. 887 */ 888 ia->ia6_flags = ifra->ifra_flags; 889 /* 890 * backward compatibility - if IN6_IFF_DEPRECATED is set from the 891 * userland, make it deprecated. 892 */ 893 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) { 894 ia->ia6_lifetime.ia6t_pltime = 0; 895 ia->ia6_lifetime.ia6t_preferred = time_second; 896 } 897 /* 898 * Make the address tentative before joining multicast addresses, 899 * so that corresponding MLD responses would not have a tentative 900 * source address. 901 */ 902 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */ 903 if (hostIsNew && in6if_do_dad(ifp)) 904 ia->ia6_flags |= IN6_IFF_TENTATIVE; 905 906 /* 907 * We are done if we have simply modified an existing address. 908 */ 909 if (!hostIsNew) 910 return (error); 911 912 /* 913 * Beyond this point, we should call in6_purgeaddr upon an error, 914 * not just go to unlink. 915 */ 916 917 /* Join necessary multicast groups */ 918 in6m_sol = NULL; 919 if ((ifp->if_flags & IFF_MULTICAST) != 0) { 920 struct sockaddr_in6 mltaddr, mltmask; 921 struct in6_addr llsol; 922 923 /* join solicited multicast addr for new host id */ 924 bzero(&llsol, sizeof(struct in6_addr)); 925 llsol.s6_addr32[0] = IPV6_ADDR_INT32_MLL; 926 llsol.s6_addr32[1] = 0; 927 llsol.s6_addr32[2] = htonl(1); 928 llsol.s6_addr32[3] = ifra->ifra_addr.sin6_addr.s6_addr32[3]; 929 llsol.s6_addr8[12] = 0xff; 930 if ((error = in6_setscope(&llsol, ifp, NULL)) != 0) { 931 /* XXX: should not happen */ 932 log(LOG_ERR, "in6_update_ifa: " 933 "in6_setscope failed\n"); 934 goto cleanup; 935 } 936 delay = 0; 937 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 938 /* 939 * We need a random delay for DAD on the address 940 * being configured. It also means delaying 941 * transmission of the corresponding MLD report to 942 * avoid report collision. 943 * [draft-ietf-ipv6-rfc2462bis-02.txt] 944 */ 945 delay = arc4random() % 946 (MAX_RTR_SOLICITATION_DELAY * hz); 947 } 948 imm = in6_joingroup(ifp, &llsol, &error, delay); 949 if (imm == NULL) { 950 nd6log((LOG_WARNING, 951 "in6_update_ifa: addmulti failed for " 952 "%s on %s (errno=%d)\n", 953 ip6_sprintf(ip6buf, &llsol), if_name(ifp), 954 error)); 955 in6_purgeaddr((struct ifaddr *)ia); 956 return (error); 957 } 958 LIST_INSERT_HEAD(&ia->ia6_memberships, 959 imm, i6mm_chain); 960 in6m_sol = imm->i6mm_maddr; 961 962 bzero(&mltmask, sizeof(mltmask)); 963 mltmask.sin6_len = sizeof(struct sockaddr_in6); 964 mltmask.sin6_family = AF_INET6; 965 mltmask.sin6_addr = in6mask32; 966#define MLTMASK_LEN 4 /* mltmask's masklen (=32bit=4octet) */ 967 968 /* 969 * join link-local all-nodes address 970 */ 971 bzero(&mltaddr, sizeof(mltaddr)); 972 mltaddr.sin6_len = sizeof(struct sockaddr_in6); 973 mltaddr.sin6_family = AF_INET6; 974 mltaddr.sin6_addr = in6addr_linklocal_allnodes; 975 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 976 0) 977 goto cleanup; /* XXX: should not fail */ 978 979 /* 980 * XXX: do we really need this automatic routes? 981 * We should probably reconsider this stuff. Most applications 982 * actually do not need the routes, since they usually specify 983 * the outgoing interface. 984 */ 985 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 986 if (rt) { 987 /* XXX: only works in !SCOPEDROUTING case. */ 988 if (memcmp(&mltaddr.sin6_addr, 989 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 990 MLTMASK_LEN)) { 991 RTFREE_LOCKED(rt); 992 rt = NULL; 993 } 994 } 995 if (!rt) { 996 error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr, 997 (struct sockaddr *)&ia->ia_addr, 998 (struct sockaddr *)&mltmask, RTF_UP, 999 (struct rtentry **)0); 1000 if (error) 1001 goto cleanup; 1002 } else { 1003 RTFREE_LOCKED(rt); 1004 } 1005 1006 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0); 1007 if (!imm) { 1008 nd6log((LOG_WARNING, 1009 "in6_update_ifa: addmulti failed for " 1010 "%s on %s (errno=%d)\n", 1011 ip6_sprintf(ip6buf, &mltaddr.sin6_addr), 1012 if_name(ifp), error)); 1013 goto cleanup; 1014 } 1015 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1016 1017 /* 1018 * join node information group address 1019 */ 1020#define hostnamelen strlen(V_hostname) 1021 delay = 0; 1022 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1023 /* 1024 * The spec doesn't say anything about delay for this 1025 * group, but the same logic should apply. 1026 */ 1027 delay = arc4random() % 1028 (MAX_RTR_SOLICITATION_DELAY * hz); 1029 } 1030 mtx_lock(&hostname_mtx); 1031 if (in6_nigroup(ifp, V_hostname, hostnamelen, 1032 &mltaddr.sin6_addr) == 0) { 1033 mtx_unlock(&hostname_mtx); 1034 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 1035 delay); /* XXX jinmei */ 1036 if (!imm) { 1037 nd6log((LOG_WARNING, "in6_update_ifa: " 1038 "addmulti failed for %s on %s " 1039 "(errno=%d)\n", 1040 ip6_sprintf(ip6buf, &mltaddr.sin6_addr), 1041 if_name(ifp), error)); 1042 /* XXX not very fatal, go on... */ 1043 } else { 1044 LIST_INSERT_HEAD(&ia->ia6_memberships, 1045 imm, i6mm_chain); 1046 } 1047 } else 1048 mtx_unlock(&hostname_mtx); 1049#undef hostnamelen 1050 1051 /* 1052 * join interface-local all-nodes address. 1053 * (ff01::1%ifN, and ff01::%ifN/32) 1054 */ 1055 mltaddr.sin6_addr = in6addr_nodelocal_allnodes; 1056 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) 1057 != 0) 1058 goto cleanup; /* XXX: should not fail */ 1059 /* XXX: again, do we really need the route? */ 1060 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 1061 if (rt) { 1062 if (memcmp(&mltaddr.sin6_addr, 1063 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 1064 MLTMASK_LEN)) { 1065 RTFREE_LOCKED(rt); 1066 rt = NULL; 1067 } 1068 } 1069 if (!rt) { 1070 error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr, 1071 (struct sockaddr *)&ia->ia_addr, 1072 (struct sockaddr *)&mltmask, RTF_UP, 1073 (struct rtentry **)0); 1074 if (error) 1075 goto cleanup; 1076 } else 1077 RTFREE_LOCKED(rt); 1078 1079 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0); 1080 if (!imm) { 1081 nd6log((LOG_WARNING, "in6_update_ifa: " 1082 "addmulti failed for %s on %s " 1083 "(errno=%d)\n", 1084 ip6_sprintf(ip6buf, &mltaddr.sin6_addr), 1085 if_name(ifp), error)); 1086 goto cleanup; 1087 } 1088 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1089#undef MLTMASK_LEN 1090 } 1091 1092 /* 1093 * Perform DAD, if needed. 1094 * XXX It may be of use, if we can administratively 1095 * disable DAD. 1096 */ 1097 if (hostIsNew && in6if_do_dad(ifp) && 1098 ((ifra->ifra_flags & IN6_IFF_NODAD) == 0) && 1099 (ia->ia6_flags & IN6_IFF_TENTATIVE)) 1100 { 1101 int mindelay, maxdelay; 1102 1103 delay = 0; 1104 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1105 /* 1106 * We need to impose a delay before sending an NS 1107 * for DAD. Check if we also needed a delay for the 1108 * corresponding MLD message. If we did, the delay 1109 * should be larger than the MLD delay (this could be 1110 * relaxed a bit, but this simple logic is at least 1111 * safe).
|
| 1112 * XXX: Break data hiding guidelines and look at 1113 * state for the solicited multicast group.
|
1113 */ 1114 mindelay = 0; 1115 if (in6m_sol != NULL &&
| 1114 */ 1115 mindelay = 0; 1116 if (in6m_sol != NULL &&
|
1116 in6m_sol->in6m_state == MLD_REPORTPENDING) {
| 1117 in6m_sol->in6m_state == MLD_REPORTING_MEMBER) {
|
1117 mindelay = in6m_sol->in6m_timer; 1118 } 1119 maxdelay = MAX_RTR_SOLICITATION_DELAY * hz; 1120 if (maxdelay - mindelay == 0) 1121 delay = 0; 1122 else { 1123 delay = 1124 (arc4random() % (maxdelay - mindelay)) + 1125 mindelay; 1126 } 1127 } 1128 nd6_dad_start((struct ifaddr *)ia, delay); 1129 } 1130 1131 return (error); 1132 1133 unlink: 1134 /* 1135 * XXX: if a change of an existing address failed, keep the entry 1136 * anyway. 1137 */ 1138 if (hostIsNew) 1139 in6_unlink_ifa(ia, ifp); 1140 return (error); 1141 1142 cleanup: 1143 in6_purgeaddr(&ia->ia_ifa); 1144 return error; 1145} 1146 1147void 1148in6_purgeaddr(struct ifaddr *ifa) 1149{ 1150 struct ifnet *ifp = ifa->ifa_ifp; 1151 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa; 1152 struct in6_multi_mship *imm; 1153 1154 /* stop DAD processing */ 1155 nd6_dad_stop(ifa); 1156 1157 IF_AFDATA_LOCK(ifp); 1158 lla_lookup(LLTABLE6(ifp), (LLE_DELETE | LLE_IFADDR), 1159 (struct sockaddr *)&ia->ia_addr); 1160 IF_AFDATA_UNLOCK(ifp); 1161 1162 /* 1163 * leave from multicast groups we have joined for the interface 1164 */ 1165 while ((imm = ia->ia6_memberships.lh_first) != NULL) { 1166 LIST_REMOVE(imm, i6mm_chain); 1167 in6_leavegroup(imm); 1168 } 1169 1170 in6_unlink_ifa(ia, ifp); 1171} 1172 1173static void 1174in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp) 1175{ 1176 INIT_VNET_INET6(ifp->if_vnet); 1177 struct in6_ifaddr *oia; 1178 int s = splnet(); 1179 1180 IF_ADDR_LOCK(ifp); 1181 TAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifa_link); 1182 IF_ADDR_UNLOCK(ifp); 1183 1184 oia = ia; 1185 if (oia == (ia = V_in6_ifaddr)) 1186 V_in6_ifaddr = ia->ia_next; 1187 else { 1188 while (ia->ia_next && (ia->ia_next != oia)) 1189 ia = ia->ia_next; 1190 if (ia->ia_next) 1191 ia->ia_next = oia->ia_next; 1192 else { 1193 /* search failed */ 1194 printf("Couldn't unlink in6_ifaddr from in6_ifaddr\n"); 1195 } 1196 } 1197 1198 /* 1199 * Release the reference to the base prefix. There should be a 1200 * positive reference. 1201 */ 1202 if (oia->ia6_ndpr == NULL) { 1203 nd6log((LOG_NOTICE, 1204 "in6_unlink_ifa: autoconf'ed address " 1205 "%p has no prefix\n", oia)); 1206 } else { 1207 oia->ia6_ndpr->ndpr_refcnt--; 1208 oia->ia6_ndpr = NULL; 1209 } 1210 1211 /* 1212 * Also, if the address being removed is autoconf'ed, call 1213 * pfxlist_onlink_check() since the release might affect the status of 1214 * other (detached) addresses. 1215 */ 1216 if ((oia->ia6_flags & IN6_IFF_AUTOCONF)) { 1217 pfxlist_onlink_check(); 1218 } 1219 1220 /* 1221 * release another refcnt for the link from in6_ifaddr. 1222 * Note that we should decrement the refcnt at least once for all *BSD. 1223 */ 1224 IFAFREE(&oia->ia_ifa); 1225 1226 splx(s); 1227} 1228 1229void 1230in6_purgeif(struct ifnet *ifp) 1231{ 1232 struct ifaddr *ifa, *nifa; 1233 1234 TAILQ_FOREACH_SAFE(ifa, &ifp->if_addrhead, ifa_link, nifa) { 1235 if (ifa->ifa_addr->sa_family != AF_INET6) 1236 continue; 1237 in6_purgeaddr(ifa); 1238 } 1239 1240 in6_ifdetach(ifp); 1241} 1242 1243/* 1244 * SIOC[GAD]LIFADDR. 1245 * SIOCGLIFADDR: get first address. (?) 1246 * SIOCGLIFADDR with IFLR_PREFIX: 1247 * get first address that matches the specified prefix. 1248 * SIOCALIFADDR: add the specified address. 1249 * SIOCALIFADDR with IFLR_PREFIX: 1250 * add the specified prefix, filling hostid part from 1251 * the first link-local address. prefixlen must be <= 64. 1252 * SIOCDLIFADDR: delete the specified address. 1253 * SIOCDLIFADDR with IFLR_PREFIX: 1254 * delete the first address that matches the specified prefix. 1255 * return values: 1256 * EINVAL on invalid parameters 1257 * EADDRNOTAVAIL on prefix match failed/specified address not found 1258 * other values may be returned from in6_ioctl() 1259 * 1260 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64. 1261 * this is to accomodate address naming scheme other than RFC2374, 1262 * in the future. 1263 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374 1264 * address encoding scheme. (see figure on page 8) 1265 */ 1266static int 1267in6_lifaddr_ioctl(struct socket *so, u_long cmd, caddr_t data, 1268 struct ifnet *ifp, struct thread *td) 1269{ 1270 struct if_laddrreq *iflr = (struct if_laddrreq *)data; 1271 struct ifaddr *ifa; 1272 struct sockaddr *sa; 1273 1274 /* sanity checks */ 1275 if (!data || !ifp) { 1276 panic("invalid argument to in6_lifaddr_ioctl"); 1277 /* NOTREACHED */ 1278 } 1279 1280 switch (cmd) { 1281 case SIOCGLIFADDR: 1282 /* address must be specified on GET with IFLR_PREFIX */ 1283 if ((iflr->flags & IFLR_PREFIX) == 0) 1284 break; 1285 /* FALLTHROUGH */ 1286 case SIOCALIFADDR: 1287 case SIOCDLIFADDR: 1288 /* address must be specified on ADD and DELETE */ 1289 sa = (struct sockaddr *)&iflr->addr; 1290 if (sa->sa_family != AF_INET6) 1291 return EINVAL; 1292 if (sa->sa_len != sizeof(struct sockaddr_in6)) 1293 return EINVAL; 1294 /* XXX need improvement */ 1295 sa = (struct sockaddr *)&iflr->dstaddr; 1296 if (sa->sa_family && sa->sa_family != AF_INET6) 1297 return EINVAL; 1298 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6)) 1299 return EINVAL; 1300 break; 1301 default: /* shouldn't happen */ 1302#if 0 1303 panic("invalid cmd to in6_lifaddr_ioctl"); 1304 /* NOTREACHED */ 1305#else 1306 return EOPNOTSUPP; 1307#endif 1308 } 1309 if (sizeof(struct in6_addr) * 8 < iflr->prefixlen) 1310 return EINVAL; 1311 1312 switch (cmd) { 1313 case SIOCALIFADDR: 1314 { 1315 struct in6_aliasreq ifra; 1316 struct in6_addr *hostid = NULL; 1317 int prefixlen; 1318 1319 if ((iflr->flags & IFLR_PREFIX) != 0) { 1320 struct sockaddr_in6 *sin6; 1321 1322 /* 1323 * hostid is to fill in the hostid part of the 1324 * address. hostid points to the first link-local 1325 * address attached to the interface. 1326 */ 1327 ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 0); 1328 if (!ifa) 1329 return EADDRNOTAVAIL; 1330 hostid = IFA_IN6(ifa); 1331 1332 /* prefixlen must be <= 64. */ 1333 if (64 < iflr->prefixlen) 1334 return EINVAL; 1335 prefixlen = iflr->prefixlen; 1336 1337 /* hostid part must be zero. */ 1338 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1339 if (sin6->sin6_addr.s6_addr32[2] != 0 || 1340 sin6->sin6_addr.s6_addr32[3] != 0) { 1341 return EINVAL; 1342 } 1343 } else 1344 prefixlen = iflr->prefixlen; 1345 1346 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */ 1347 bzero(&ifra, sizeof(ifra)); 1348 bcopy(iflr->iflr_name, ifra.ifra_name, sizeof(ifra.ifra_name)); 1349 1350 bcopy(&iflr->addr, &ifra.ifra_addr, 1351 ((struct sockaddr *)&iflr->addr)->sa_len); 1352 if (hostid) { 1353 /* fill in hostid part */ 1354 ifra.ifra_addr.sin6_addr.s6_addr32[2] = 1355 hostid->s6_addr32[2]; 1356 ifra.ifra_addr.sin6_addr.s6_addr32[3] = 1357 hostid->s6_addr32[3]; 1358 } 1359 1360 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /* XXX */ 1361 bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr, 1362 ((struct sockaddr *)&iflr->dstaddr)->sa_len); 1363 if (hostid) { 1364 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] = 1365 hostid->s6_addr32[2]; 1366 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] = 1367 hostid->s6_addr32[3]; 1368 } 1369 } 1370 1371 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6); 1372 in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen); 1373 1374 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX; 1375 return in6_control(so, SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp, td); 1376 } 1377 case SIOCGLIFADDR: 1378 case SIOCDLIFADDR: 1379 { 1380 struct in6_ifaddr *ia; 1381 struct in6_addr mask, candidate, match; 1382 struct sockaddr_in6 *sin6; 1383 int cmp; 1384 1385 bzero(&mask, sizeof(mask)); 1386 if (iflr->flags & IFLR_PREFIX) { 1387 /* lookup a prefix rather than address. */ 1388 in6_prefixlen2mask(&mask, iflr->prefixlen); 1389 1390 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1391 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1392 match.s6_addr32[0] &= mask.s6_addr32[0]; 1393 match.s6_addr32[1] &= mask.s6_addr32[1]; 1394 match.s6_addr32[2] &= mask.s6_addr32[2]; 1395 match.s6_addr32[3] &= mask.s6_addr32[3]; 1396 1397 /* if you set extra bits, that's wrong */ 1398 if (bcmp(&match, &sin6->sin6_addr, sizeof(match))) 1399 return EINVAL; 1400 1401 cmp = 1; 1402 } else { 1403 if (cmd == SIOCGLIFADDR) { 1404 /* on getting an address, take the 1st match */ 1405 cmp = 0; /* XXX */ 1406 } else { 1407 /* on deleting an address, do exact match */ 1408 in6_prefixlen2mask(&mask, 128); 1409 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1410 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1411 1412 cmp = 1; 1413 } 1414 } 1415 1416 IF_ADDR_LOCK(ifp); 1417 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1418 if (ifa->ifa_addr->sa_family != AF_INET6) 1419 continue; 1420 if (!cmp) 1421 break; 1422 1423 /* 1424 * XXX: this is adhoc, but is necessary to allow 1425 * a user to specify fe80::/64 (not /10) for a 1426 * link-local address. 1427 */ 1428 bcopy(IFA_IN6(ifa), &candidate, sizeof(candidate)); 1429 in6_clearscope(&candidate); 1430 candidate.s6_addr32[0] &= mask.s6_addr32[0]; 1431 candidate.s6_addr32[1] &= mask.s6_addr32[1]; 1432 candidate.s6_addr32[2] &= mask.s6_addr32[2]; 1433 candidate.s6_addr32[3] &= mask.s6_addr32[3]; 1434 if (IN6_ARE_ADDR_EQUAL(&candidate, &match)) 1435 break; 1436 } 1437 IF_ADDR_UNLOCK(ifp); 1438 if (!ifa) 1439 return EADDRNOTAVAIL; 1440 ia = ifa2ia6(ifa); 1441 1442 if (cmd == SIOCGLIFADDR) { 1443 int error; 1444 1445 /* fill in the if_laddrreq structure */ 1446 bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin6_len); 1447 error = sa6_recoverscope( 1448 (struct sockaddr_in6 *)&iflr->addr); 1449 if (error != 0) 1450 return (error); 1451 1452 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1453 bcopy(&ia->ia_dstaddr, &iflr->dstaddr, 1454 ia->ia_dstaddr.sin6_len); 1455 error = sa6_recoverscope( 1456 (struct sockaddr_in6 *)&iflr->dstaddr); 1457 if (error != 0) 1458 return (error); 1459 } else 1460 bzero(&iflr->dstaddr, sizeof(iflr->dstaddr)); 1461 1462 iflr->prefixlen = 1463 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 1464 1465 iflr->flags = ia->ia6_flags; /* XXX */ 1466 1467 return 0; 1468 } else { 1469 struct in6_aliasreq ifra; 1470 1471 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */ 1472 bzero(&ifra, sizeof(ifra)); 1473 bcopy(iflr->iflr_name, ifra.ifra_name, 1474 sizeof(ifra.ifra_name)); 1475 1476 bcopy(&ia->ia_addr, &ifra.ifra_addr, 1477 ia->ia_addr.sin6_len); 1478 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1479 bcopy(&ia->ia_dstaddr, &ifra.ifra_dstaddr, 1480 ia->ia_dstaddr.sin6_len); 1481 } else { 1482 bzero(&ifra.ifra_dstaddr, 1483 sizeof(ifra.ifra_dstaddr)); 1484 } 1485 bcopy(&ia->ia_prefixmask, &ifra.ifra_dstaddr, 1486 ia->ia_prefixmask.sin6_len); 1487 1488 ifra.ifra_flags = ia->ia6_flags; 1489 return in6_control(so, SIOCDIFADDR_IN6, (caddr_t)&ifra, 1490 ifp, td); 1491 } 1492 } 1493 } 1494 1495 return EOPNOTSUPP; /* just for safety */ 1496} 1497 1498/* 1499 * Initialize an interface's intetnet6 address 1500 * and routing table entry. 1501 */ 1502static int 1503in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia, 1504 struct sockaddr_in6 *sin6, int newhost) 1505{ 1506 int error = 0, plen, ifacount = 0; 1507 int s = splimp(); 1508 struct ifaddr *ifa; 1509 1510 /* 1511 * Give the interface a chance to initialize 1512 * if this is its first address, 1513 * and to validate the address if necessary. 1514 */ 1515 IF_ADDR_LOCK(ifp); 1516 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1517 if (ifa->ifa_addr->sa_family != AF_INET6) 1518 continue; 1519 ifacount++; 1520 } 1521 IF_ADDR_UNLOCK(ifp); 1522 1523 ia->ia_addr = *sin6; 1524 1525 if (ifacount <= 1 && ifp->if_ioctl) { 1526 error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia); 1527 if (error) { 1528 splx(s); 1529 return (error); 1530 } 1531 } 1532 splx(s); 1533 1534 ia->ia_ifa.ifa_metric = ifp->if_metric; 1535 1536 /* we could do in(6)_socktrim here, but just omit it at this moment. */ 1537 1538 /* 1539 * Special case: 1540 * If a new destination address is specified for a point-to-point 1541 * interface, install a route to the destination as an interface 1542 * direct route. 1543 * XXX: the logic below rejects assigning multiple addresses on a p2p 1544 * interface that share the same destination. 1545 */ 1546 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ 1547 if (!(ia->ia_flags & IFA_ROUTE) && plen == 128) { 1548 struct sockaddr *dstaddr; 1549 int rtflags = RTF_UP | RTF_HOST; 1550 1551 /* 1552 * use the interface address if configuring an 1553 * interface address with a /128 prefix len 1554 */ 1555 if (ia->ia_dstaddr.sin6_family == AF_INET6) 1556 dstaddr = (struct sockaddr *)&ia->ia_dstaddr; 1557 else 1558 dstaddr = (struct sockaddr *)&ia->ia_addr; 1559 1560 error = rtrequest(RTM_ADD, 1561 (struct sockaddr *)dstaddr, 1562 (struct sockaddr *)&ia->ia_addr, 1563 (struct sockaddr *)&ia->ia_prefixmask, 1564 ia->ia_flags | rtflags, NULL); 1565 if (error != 0) 1566 return (error); 1567 ia->ia_flags |= IFA_ROUTE; 1568 } 1569 1570 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */ 1571 if (newhost) { 1572 struct llentry *ln; 1573 1574 IF_AFDATA_LOCK(ifp); 1575 ia->ia_ifa.ifa_rtrequest = NULL; 1576 1577 /* XXX QL 1578 * we need to report rt_newaddrmsg 1579 */ 1580 ln = lla_lookup(LLTABLE6(ifp), (LLE_CREATE | LLE_IFADDR | LLE_EXCLUSIVE), 1581 (struct sockaddr *)&ia->ia_addr); 1582 IF_AFDATA_UNLOCK(ifp); 1583 if (ln != NULL) { 1584 ln->la_expire = 0; /* for IPv6 this means permanent */ 1585 ln->ln_state = ND6_LLINFO_REACHABLE; 1586 LLE_WUNLOCK(ln); 1587 } 1588 } 1589 1590 return (error); 1591} 1592
| 1118 mindelay = in6m_sol->in6m_timer; 1119 } 1120 maxdelay = MAX_RTR_SOLICITATION_DELAY * hz; 1121 if (maxdelay - mindelay == 0) 1122 delay = 0; 1123 else { 1124 delay = 1125 (arc4random() % (maxdelay - mindelay)) + 1126 mindelay; 1127 } 1128 } 1129 nd6_dad_start((struct ifaddr *)ia, delay); 1130 } 1131 1132 return (error); 1133 1134 unlink: 1135 /* 1136 * XXX: if a change of an existing address failed, keep the entry 1137 * anyway. 1138 */ 1139 if (hostIsNew) 1140 in6_unlink_ifa(ia, ifp); 1141 return (error); 1142 1143 cleanup: 1144 in6_purgeaddr(&ia->ia_ifa); 1145 return error; 1146} 1147 1148void 1149in6_purgeaddr(struct ifaddr *ifa) 1150{ 1151 struct ifnet *ifp = ifa->ifa_ifp; 1152 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa; 1153 struct in6_multi_mship *imm; 1154 1155 /* stop DAD processing */ 1156 nd6_dad_stop(ifa); 1157 1158 IF_AFDATA_LOCK(ifp); 1159 lla_lookup(LLTABLE6(ifp), (LLE_DELETE | LLE_IFADDR), 1160 (struct sockaddr *)&ia->ia_addr); 1161 IF_AFDATA_UNLOCK(ifp); 1162 1163 /* 1164 * leave from multicast groups we have joined for the interface 1165 */ 1166 while ((imm = ia->ia6_memberships.lh_first) != NULL) { 1167 LIST_REMOVE(imm, i6mm_chain); 1168 in6_leavegroup(imm); 1169 } 1170 1171 in6_unlink_ifa(ia, ifp); 1172} 1173 1174static void 1175in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp) 1176{ 1177 INIT_VNET_INET6(ifp->if_vnet); 1178 struct in6_ifaddr *oia; 1179 int s = splnet(); 1180 1181 IF_ADDR_LOCK(ifp); 1182 TAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifa_link); 1183 IF_ADDR_UNLOCK(ifp); 1184 1185 oia = ia; 1186 if (oia == (ia = V_in6_ifaddr)) 1187 V_in6_ifaddr = ia->ia_next; 1188 else { 1189 while (ia->ia_next && (ia->ia_next != oia)) 1190 ia = ia->ia_next; 1191 if (ia->ia_next) 1192 ia->ia_next = oia->ia_next; 1193 else { 1194 /* search failed */ 1195 printf("Couldn't unlink in6_ifaddr from in6_ifaddr\n"); 1196 } 1197 } 1198 1199 /* 1200 * Release the reference to the base prefix. There should be a 1201 * positive reference. 1202 */ 1203 if (oia->ia6_ndpr == NULL) { 1204 nd6log((LOG_NOTICE, 1205 "in6_unlink_ifa: autoconf'ed address " 1206 "%p has no prefix\n", oia)); 1207 } else { 1208 oia->ia6_ndpr->ndpr_refcnt--; 1209 oia->ia6_ndpr = NULL; 1210 } 1211 1212 /* 1213 * Also, if the address being removed is autoconf'ed, call 1214 * pfxlist_onlink_check() since the release might affect the status of 1215 * other (detached) addresses. 1216 */ 1217 if ((oia->ia6_flags & IN6_IFF_AUTOCONF)) { 1218 pfxlist_onlink_check(); 1219 } 1220 1221 /* 1222 * release another refcnt for the link from in6_ifaddr. 1223 * Note that we should decrement the refcnt at least once for all *BSD. 1224 */ 1225 IFAFREE(&oia->ia_ifa); 1226 1227 splx(s); 1228} 1229 1230void 1231in6_purgeif(struct ifnet *ifp) 1232{ 1233 struct ifaddr *ifa, *nifa; 1234 1235 TAILQ_FOREACH_SAFE(ifa, &ifp->if_addrhead, ifa_link, nifa) { 1236 if (ifa->ifa_addr->sa_family != AF_INET6) 1237 continue; 1238 in6_purgeaddr(ifa); 1239 } 1240 1241 in6_ifdetach(ifp); 1242} 1243 1244/* 1245 * SIOC[GAD]LIFADDR. 1246 * SIOCGLIFADDR: get first address. (?) 1247 * SIOCGLIFADDR with IFLR_PREFIX: 1248 * get first address that matches the specified prefix. 1249 * SIOCALIFADDR: add the specified address. 1250 * SIOCALIFADDR with IFLR_PREFIX: 1251 * add the specified prefix, filling hostid part from 1252 * the first link-local address. prefixlen must be <= 64. 1253 * SIOCDLIFADDR: delete the specified address. 1254 * SIOCDLIFADDR with IFLR_PREFIX: 1255 * delete the first address that matches the specified prefix. 1256 * return values: 1257 * EINVAL on invalid parameters 1258 * EADDRNOTAVAIL on prefix match failed/specified address not found 1259 * other values may be returned from in6_ioctl() 1260 * 1261 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64. 1262 * this is to accomodate address naming scheme other than RFC2374, 1263 * in the future. 1264 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374 1265 * address encoding scheme. (see figure on page 8) 1266 */ 1267static int 1268in6_lifaddr_ioctl(struct socket *so, u_long cmd, caddr_t data, 1269 struct ifnet *ifp, struct thread *td) 1270{ 1271 struct if_laddrreq *iflr = (struct if_laddrreq *)data; 1272 struct ifaddr *ifa; 1273 struct sockaddr *sa; 1274 1275 /* sanity checks */ 1276 if (!data || !ifp) { 1277 panic("invalid argument to in6_lifaddr_ioctl"); 1278 /* NOTREACHED */ 1279 } 1280 1281 switch (cmd) { 1282 case SIOCGLIFADDR: 1283 /* address must be specified on GET with IFLR_PREFIX */ 1284 if ((iflr->flags & IFLR_PREFIX) == 0) 1285 break; 1286 /* FALLTHROUGH */ 1287 case SIOCALIFADDR: 1288 case SIOCDLIFADDR: 1289 /* address must be specified on ADD and DELETE */ 1290 sa = (struct sockaddr *)&iflr->addr; 1291 if (sa->sa_family != AF_INET6) 1292 return EINVAL; 1293 if (sa->sa_len != sizeof(struct sockaddr_in6)) 1294 return EINVAL; 1295 /* XXX need improvement */ 1296 sa = (struct sockaddr *)&iflr->dstaddr; 1297 if (sa->sa_family && sa->sa_family != AF_INET6) 1298 return EINVAL; 1299 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6)) 1300 return EINVAL; 1301 break; 1302 default: /* shouldn't happen */ 1303#if 0 1304 panic("invalid cmd to in6_lifaddr_ioctl"); 1305 /* NOTREACHED */ 1306#else 1307 return EOPNOTSUPP; 1308#endif 1309 } 1310 if (sizeof(struct in6_addr) * 8 < iflr->prefixlen) 1311 return EINVAL; 1312 1313 switch (cmd) { 1314 case SIOCALIFADDR: 1315 { 1316 struct in6_aliasreq ifra; 1317 struct in6_addr *hostid = NULL; 1318 int prefixlen; 1319 1320 if ((iflr->flags & IFLR_PREFIX) != 0) { 1321 struct sockaddr_in6 *sin6; 1322 1323 /* 1324 * hostid is to fill in the hostid part of the 1325 * address. hostid points to the first link-local 1326 * address attached to the interface. 1327 */ 1328 ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 0); 1329 if (!ifa) 1330 return EADDRNOTAVAIL; 1331 hostid = IFA_IN6(ifa); 1332 1333 /* prefixlen must be <= 64. */ 1334 if (64 < iflr->prefixlen) 1335 return EINVAL; 1336 prefixlen = iflr->prefixlen; 1337 1338 /* hostid part must be zero. */ 1339 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1340 if (sin6->sin6_addr.s6_addr32[2] != 0 || 1341 sin6->sin6_addr.s6_addr32[3] != 0) { 1342 return EINVAL; 1343 } 1344 } else 1345 prefixlen = iflr->prefixlen; 1346 1347 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */ 1348 bzero(&ifra, sizeof(ifra)); 1349 bcopy(iflr->iflr_name, ifra.ifra_name, sizeof(ifra.ifra_name)); 1350 1351 bcopy(&iflr->addr, &ifra.ifra_addr, 1352 ((struct sockaddr *)&iflr->addr)->sa_len); 1353 if (hostid) { 1354 /* fill in hostid part */ 1355 ifra.ifra_addr.sin6_addr.s6_addr32[2] = 1356 hostid->s6_addr32[2]; 1357 ifra.ifra_addr.sin6_addr.s6_addr32[3] = 1358 hostid->s6_addr32[3]; 1359 } 1360 1361 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /* XXX */ 1362 bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr, 1363 ((struct sockaddr *)&iflr->dstaddr)->sa_len); 1364 if (hostid) { 1365 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] = 1366 hostid->s6_addr32[2]; 1367 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] = 1368 hostid->s6_addr32[3]; 1369 } 1370 } 1371 1372 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6); 1373 in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen); 1374 1375 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX; 1376 return in6_control(so, SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp, td); 1377 } 1378 case SIOCGLIFADDR: 1379 case SIOCDLIFADDR: 1380 { 1381 struct in6_ifaddr *ia; 1382 struct in6_addr mask, candidate, match; 1383 struct sockaddr_in6 *sin6; 1384 int cmp; 1385 1386 bzero(&mask, sizeof(mask)); 1387 if (iflr->flags & IFLR_PREFIX) { 1388 /* lookup a prefix rather than address. */ 1389 in6_prefixlen2mask(&mask, iflr->prefixlen); 1390 1391 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1392 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1393 match.s6_addr32[0] &= mask.s6_addr32[0]; 1394 match.s6_addr32[1] &= mask.s6_addr32[1]; 1395 match.s6_addr32[2] &= mask.s6_addr32[2]; 1396 match.s6_addr32[3] &= mask.s6_addr32[3]; 1397 1398 /* if you set extra bits, that's wrong */ 1399 if (bcmp(&match, &sin6->sin6_addr, sizeof(match))) 1400 return EINVAL; 1401 1402 cmp = 1; 1403 } else { 1404 if (cmd == SIOCGLIFADDR) { 1405 /* on getting an address, take the 1st match */ 1406 cmp = 0; /* XXX */ 1407 } else { 1408 /* on deleting an address, do exact match */ 1409 in6_prefixlen2mask(&mask, 128); 1410 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1411 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1412 1413 cmp = 1; 1414 } 1415 } 1416 1417 IF_ADDR_LOCK(ifp); 1418 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1419 if (ifa->ifa_addr->sa_family != AF_INET6) 1420 continue; 1421 if (!cmp) 1422 break; 1423 1424 /* 1425 * XXX: this is adhoc, but is necessary to allow 1426 * a user to specify fe80::/64 (not /10) for a 1427 * link-local address. 1428 */ 1429 bcopy(IFA_IN6(ifa), &candidate, sizeof(candidate)); 1430 in6_clearscope(&candidate); 1431 candidate.s6_addr32[0] &= mask.s6_addr32[0]; 1432 candidate.s6_addr32[1] &= mask.s6_addr32[1]; 1433 candidate.s6_addr32[2] &= mask.s6_addr32[2]; 1434 candidate.s6_addr32[3] &= mask.s6_addr32[3]; 1435 if (IN6_ARE_ADDR_EQUAL(&candidate, &match)) 1436 break; 1437 } 1438 IF_ADDR_UNLOCK(ifp); 1439 if (!ifa) 1440 return EADDRNOTAVAIL; 1441 ia = ifa2ia6(ifa); 1442 1443 if (cmd == SIOCGLIFADDR) { 1444 int error; 1445 1446 /* fill in the if_laddrreq structure */ 1447 bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin6_len); 1448 error = sa6_recoverscope( 1449 (struct sockaddr_in6 *)&iflr->addr); 1450 if (error != 0) 1451 return (error); 1452 1453 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1454 bcopy(&ia->ia_dstaddr, &iflr->dstaddr, 1455 ia->ia_dstaddr.sin6_len); 1456 error = sa6_recoverscope( 1457 (struct sockaddr_in6 *)&iflr->dstaddr); 1458 if (error != 0) 1459 return (error); 1460 } else 1461 bzero(&iflr->dstaddr, sizeof(iflr->dstaddr)); 1462 1463 iflr->prefixlen = 1464 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 1465 1466 iflr->flags = ia->ia6_flags; /* XXX */ 1467 1468 return 0; 1469 } else { 1470 struct in6_aliasreq ifra; 1471 1472 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */ 1473 bzero(&ifra, sizeof(ifra)); 1474 bcopy(iflr->iflr_name, ifra.ifra_name, 1475 sizeof(ifra.ifra_name)); 1476 1477 bcopy(&ia->ia_addr, &ifra.ifra_addr, 1478 ia->ia_addr.sin6_len); 1479 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1480 bcopy(&ia->ia_dstaddr, &ifra.ifra_dstaddr, 1481 ia->ia_dstaddr.sin6_len); 1482 } else { 1483 bzero(&ifra.ifra_dstaddr, 1484 sizeof(ifra.ifra_dstaddr)); 1485 } 1486 bcopy(&ia->ia_prefixmask, &ifra.ifra_dstaddr, 1487 ia->ia_prefixmask.sin6_len); 1488 1489 ifra.ifra_flags = ia->ia6_flags; 1490 return in6_control(so, SIOCDIFADDR_IN6, (caddr_t)&ifra, 1491 ifp, td); 1492 } 1493 } 1494 } 1495 1496 return EOPNOTSUPP; /* just for safety */ 1497} 1498 1499/* 1500 * Initialize an interface's intetnet6 address 1501 * and routing table entry. 1502 */ 1503static int 1504in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia, 1505 struct sockaddr_in6 *sin6, int newhost) 1506{ 1507 int error = 0, plen, ifacount = 0; 1508 int s = splimp(); 1509 struct ifaddr *ifa; 1510 1511 /* 1512 * Give the interface a chance to initialize 1513 * if this is its first address, 1514 * and to validate the address if necessary. 1515 */ 1516 IF_ADDR_LOCK(ifp); 1517 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1518 if (ifa->ifa_addr->sa_family != AF_INET6) 1519 continue; 1520 ifacount++; 1521 } 1522 IF_ADDR_UNLOCK(ifp); 1523 1524 ia->ia_addr = *sin6; 1525 1526 if (ifacount <= 1 && ifp->if_ioctl) { 1527 error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia); 1528 if (error) { 1529 splx(s); 1530 return (error); 1531 } 1532 } 1533 splx(s); 1534 1535 ia->ia_ifa.ifa_metric = ifp->if_metric; 1536 1537 /* we could do in(6)_socktrim here, but just omit it at this moment. */ 1538 1539 /* 1540 * Special case: 1541 * If a new destination address is specified for a point-to-point 1542 * interface, install a route to the destination as an interface 1543 * direct route. 1544 * XXX: the logic below rejects assigning multiple addresses on a p2p 1545 * interface that share the same destination. 1546 */ 1547 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ 1548 if (!(ia->ia_flags & IFA_ROUTE) && plen == 128) { 1549 struct sockaddr *dstaddr; 1550 int rtflags = RTF_UP | RTF_HOST; 1551 1552 /* 1553 * use the interface address if configuring an 1554 * interface address with a /128 prefix len 1555 */ 1556 if (ia->ia_dstaddr.sin6_family == AF_INET6) 1557 dstaddr = (struct sockaddr *)&ia->ia_dstaddr; 1558 else 1559 dstaddr = (struct sockaddr *)&ia->ia_addr; 1560 1561 error = rtrequest(RTM_ADD, 1562 (struct sockaddr *)dstaddr, 1563 (struct sockaddr *)&ia->ia_addr, 1564 (struct sockaddr *)&ia->ia_prefixmask, 1565 ia->ia_flags | rtflags, NULL); 1566 if (error != 0) 1567 return (error); 1568 ia->ia_flags |= IFA_ROUTE; 1569 } 1570 1571 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */ 1572 if (newhost) { 1573 struct llentry *ln; 1574 1575 IF_AFDATA_LOCK(ifp); 1576 ia->ia_ifa.ifa_rtrequest = NULL; 1577 1578 /* XXX QL 1579 * we need to report rt_newaddrmsg 1580 */ 1581 ln = lla_lookup(LLTABLE6(ifp), (LLE_CREATE | LLE_IFADDR | LLE_EXCLUSIVE), 1582 (struct sockaddr *)&ia->ia_addr); 1583 IF_AFDATA_UNLOCK(ifp); 1584 if (ln != NULL) { 1585 ln->la_expire = 0; /* for IPv6 this means permanent */ 1586 ln->ln_state = ND6_LLINFO_REACHABLE; 1587 LLE_WUNLOCK(ln); 1588 } 1589 } 1590 1591 return (error); 1592} 1593
|
1593struct in6_multi_mship * 1594in6_joingroup(struct ifnet *ifp, struct in6_addr *addr, 1595 int *errorp, int delay) 1596{ 1597 struct in6_multi_mship *imm; 1598 1599 imm = malloc(sizeof(*imm), M_IP6MADDR, M_NOWAIT); 1600 if (!imm) { 1601 *errorp = ENOBUFS; 1602 return NULL; 1603 } 1604 imm->i6mm_maddr = in6_addmulti(addr, ifp, errorp, delay); 1605 if (!imm->i6mm_maddr) { 1606 /* *errorp is alrady set */ 1607 free(imm, M_IP6MADDR); 1608 return NULL; 1609 } 1610 return imm; 1611} 1612 1613int 1614in6_leavegroup(struct in6_multi_mship *imm) 1615{ 1616 1617 if (imm->i6mm_maddr) 1618 in6_delmulti(imm->i6mm_maddr); 1619 free(imm, M_IP6MADDR); 1620 return 0; 1621} 1622
| |
1623/* 1624 * Find an IPv6 interface link-local address specific to an interface. 1625 */ 1626struct in6_ifaddr * 1627in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags) 1628{ 1629 struct ifaddr *ifa; 1630 1631 IF_ADDR_LOCK(ifp); 1632 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1633 if (ifa->ifa_addr->sa_family != AF_INET6) 1634 continue; 1635 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) { 1636 if ((((struct in6_ifaddr *)ifa)->ia6_flags & 1637 ignoreflags) != 0) 1638 continue; 1639 break; 1640 } 1641 } 1642 IF_ADDR_UNLOCK(ifp); 1643 1644 return ((struct in6_ifaddr *)ifa); 1645} 1646 1647 1648/* 1649 * find the internet address corresponding to a given interface and address. 1650 */ 1651struct in6_ifaddr * 1652in6ifa_ifpwithaddr(struct ifnet *ifp, struct in6_addr *addr) 1653{ 1654 struct ifaddr *ifa; 1655 1656 IF_ADDR_LOCK(ifp); 1657 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1658 if (ifa->ifa_addr->sa_family != AF_INET6) 1659 continue; 1660 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) 1661 break; 1662 } 1663 IF_ADDR_UNLOCK(ifp); 1664 1665 return ((struct in6_ifaddr *)ifa); 1666} 1667 1668/* 1669 * Convert IP6 address to printable (loggable) representation. Caller 1670 * has to make sure that ip6buf is at least INET6_ADDRSTRLEN long. 1671 */ 1672static char digits[] = "0123456789abcdef"; 1673char * 1674ip6_sprintf(char *ip6buf, const struct in6_addr *addr) 1675{ 1676 int i; 1677 char *cp; 1678 const u_int16_t *a = (const u_int16_t *)addr; 1679 const u_int8_t *d; 1680 int dcolon = 0, zero = 0; 1681 1682 cp = ip6buf; 1683 1684 for (i = 0; i < 8; i++) { 1685 if (dcolon == 1) { 1686 if (*a == 0) { 1687 if (i == 7) 1688 *cp++ = ':'; 1689 a++; 1690 continue; 1691 } else 1692 dcolon = 2; 1693 } 1694 if (*a == 0) { 1695 if (dcolon == 0 && *(a + 1) == 0) { 1696 if (i == 0) 1697 *cp++ = ':'; 1698 *cp++ = ':'; 1699 dcolon = 1; 1700 } else { 1701 *cp++ = '0'; 1702 *cp++ = ':'; 1703 } 1704 a++; 1705 continue; 1706 } 1707 d = (const u_char *)a; 1708 /* Try to eliminate leading zeros in printout like in :0001. */ 1709 zero = 1; 1710 *cp = digits[*d >> 4]; 1711 if (*cp != '0') { 1712 zero = 0; 1713 cp++; 1714 } 1715 *cp = digits[*d++ & 0xf]; 1716 if (zero == 0 || (*cp != '0')) { 1717 zero = 0; 1718 cp++; 1719 } 1720 *cp = digits[*d >> 4]; 1721 if (zero == 0 || (*cp != '0')) { 1722 zero = 0; 1723 cp++; 1724 } 1725 *cp++ = digits[*d & 0xf]; 1726 *cp++ = ':'; 1727 a++; 1728 } 1729 *--cp = '\0'; 1730 return (ip6buf); 1731} 1732 1733int 1734in6_localaddr(struct in6_addr *in6) 1735{ 1736 INIT_VNET_INET6(curvnet); 1737 struct in6_ifaddr *ia; 1738 1739 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6)) 1740 return 1; 1741 1742 for (ia = V_in6_ifaddr; ia; ia = ia->ia_next) { 1743 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr, 1744 &ia->ia_prefixmask.sin6_addr)) { 1745 return 1; 1746 } 1747 } 1748 1749 return (0); 1750} 1751 1752int 1753in6_is_addr_deprecated(struct sockaddr_in6 *sa6) 1754{ 1755 INIT_VNET_INET6(curvnet); 1756 struct in6_ifaddr *ia; 1757 1758 for (ia = V_in6_ifaddr; ia; ia = ia->ia_next) { 1759 if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, 1760 &sa6->sin6_addr) && 1761 (ia->ia6_flags & IN6_IFF_DEPRECATED) != 0) 1762 return (1); /* true */ 1763 1764 /* XXX: do we still have to go thru the rest of the list? */ 1765 } 1766 1767 return (0); /* false */ 1768} 1769 1770/* 1771 * return length of part which dst and src are equal 1772 * hard coding... 1773 */ 1774int 1775in6_matchlen(struct in6_addr *src, struct in6_addr *dst) 1776{ 1777 int match = 0; 1778 u_char *s = (u_char *)src, *d = (u_char *)dst; 1779 u_char *lim = s + 16, r; 1780 1781 while (s < lim) 1782 if ((r = (*d++ ^ *s++)) != 0) { 1783 while (r < 128) { 1784 match++; 1785 r <<= 1; 1786 } 1787 break; 1788 } else 1789 match += 8; 1790 return match; 1791} 1792 1793/* XXX: to be scope conscious */ 1794int 1795in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len) 1796{ 1797 int bytelen, bitlen; 1798 1799 /* sanity check */ 1800 if (0 > len || len > 128) { 1801 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n", 1802 len); 1803 return (0); 1804 } 1805 1806 bytelen = len / 8; 1807 bitlen = len % 8; 1808 1809 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen)) 1810 return (0); 1811 if (bitlen != 0 && 1812 p1->s6_addr[bytelen] >> (8 - bitlen) != 1813 p2->s6_addr[bytelen] >> (8 - bitlen)) 1814 return (0); 1815 1816 return (1); 1817} 1818 1819void 1820in6_prefixlen2mask(struct in6_addr *maskp, int len) 1821{ 1822 u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff}; 1823 int bytelen, bitlen, i; 1824 1825 /* sanity check */ 1826 if (0 > len || len > 128) { 1827 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n", 1828 len); 1829 return; 1830 } 1831 1832 bzero(maskp, sizeof(*maskp)); 1833 bytelen = len / 8; 1834 bitlen = len % 8; 1835 for (i = 0; i < bytelen; i++) 1836 maskp->s6_addr[i] = 0xff; 1837 if (bitlen) 1838 maskp->s6_addr[bytelen] = maskarray[bitlen - 1]; 1839} 1840 1841/* 1842 * return the best address out of the same scope. if no address was 1843 * found, return the first valid address from designated IF. 1844 */ 1845struct in6_ifaddr * 1846in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst) 1847{ 1848 INIT_VNET_INET6(curvnet); 1849 int dst_scope = in6_addrscope(dst), blen = -1, tlen; 1850 struct ifaddr *ifa; 1851 struct in6_ifaddr *besta = 0; 1852 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */ 1853 1854 dep[0] = dep[1] = NULL; 1855 1856 /* 1857 * We first look for addresses in the same scope. 1858 * If there is one, return it. 1859 * If two or more, return one which matches the dst longest. 1860 * If none, return one of global addresses assigned other ifs. 1861 */ 1862 IF_ADDR_LOCK(ifp); 1863 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1864 if (ifa->ifa_addr->sa_family != AF_INET6) 1865 continue; 1866 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 1867 continue; /* XXX: is there any case to allow anycast? */ 1868 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 1869 continue; /* don't use this interface */ 1870 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 1871 continue; 1872 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 1873 if (V_ip6_use_deprecated) 1874 dep[0] = (struct in6_ifaddr *)ifa; 1875 continue; 1876 } 1877 1878 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) { 1879 /* 1880 * call in6_matchlen() as few as possible 1881 */ 1882 if (besta) { 1883 if (blen == -1) 1884 blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst); 1885 tlen = in6_matchlen(IFA_IN6(ifa), dst); 1886 if (tlen > blen) { 1887 blen = tlen; 1888 besta = (struct in6_ifaddr *)ifa; 1889 } 1890 } else 1891 besta = (struct in6_ifaddr *)ifa; 1892 } 1893 } 1894 if (besta) { 1895 IF_ADDR_UNLOCK(ifp); 1896 return (besta); 1897 } 1898 1899 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1900 if (ifa->ifa_addr->sa_family != AF_INET6) 1901 continue; 1902 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 1903 continue; /* XXX: is there any case to allow anycast? */ 1904 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 1905 continue; /* don't use this interface */ 1906 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 1907 continue; 1908 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 1909 if (V_ip6_use_deprecated) 1910 dep[1] = (struct in6_ifaddr *)ifa; 1911 continue; 1912 } 1913 1914 IF_ADDR_UNLOCK(ifp); 1915 return (struct in6_ifaddr *)ifa; 1916 } 1917 IF_ADDR_UNLOCK(ifp); 1918 1919 /* use the last-resort values, that are, deprecated addresses */ 1920 if (dep[0]) 1921 return dep[0]; 1922 if (dep[1]) 1923 return dep[1]; 1924 1925 return NULL; 1926} 1927 1928/* 1929 * perform DAD when interface becomes IFF_UP. 1930 */ 1931void 1932in6_if_up(struct ifnet *ifp) 1933{ 1934 struct ifaddr *ifa; 1935 struct in6_ifaddr *ia; 1936 1937 IF_ADDR_LOCK(ifp); 1938 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1939 if (ifa->ifa_addr->sa_family != AF_INET6) 1940 continue; 1941 ia = (struct in6_ifaddr *)ifa; 1942 if (ia->ia6_flags & IN6_IFF_TENTATIVE) { 1943 /* 1944 * The TENTATIVE flag was likely set by hand 1945 * beforehand, implicitly indicating the need for DAD. 1946 * We may be able to skip the random delay in this 1947 * case, but we impose delays just in case. 1948 */ 1949 nd6_dad_start(ifa, 1950 arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz)); 1951 } 1952 } 1953 IF_ADDR_UNLOCK(ifp); 1954 1955 /* 1956 * special cases, like 6to4, are handled in in6_ifattach 1957 */ 1958 in6_ifattach(ifp, NULL); 1959} 1960 1961int 1962in6if_do_dad(struct ifnet *ifp) 1963{ 1964 if ((ifp->if_flags & IFF_LOOPBACK) != 0) 1965 return (0); 1966 1967 switch (ifp->if_type) { 1968#ifdef IFT_DUMMY 1969 case IFT_DUMMY: 1970#endif 1971 case IFT_FAITH: 1972 /* 1973 * These interfaces do not have the IFF_LOOPBACK flag, 1974 * but loop packets back. We do not have to do DAD on such 1975 * interfaces. We should even omit it, because loop-backed 1976 * NS would confuse the DAD procedure. 1977 */ 1978 return (0); 1979 default: 1980 /* 1981 * Our DAD routine requires the interface up and running. 1982 * However, some interfaces can be up before the RUNNING 1983 * status. Additionaly, users may try to assign addresses 1984 * before the interface becomes up (or running). 1985 * We simply skip DAD in such a case as a work around. 1986 * XXX: we should rather mark "tentative" on such addresses, 1987 * and do DAD after the interface becomes ready. 1988 */ 1989 if (!((ifp->if_flags & IFF_UP) && 1990 (ifp->if_drv_flags & IFF_DRV_RUNNING))) 1991 return (0); 1992 1993 return (1); 1994 } 1995} 1996 1997/* 1998 * Calculate max IPv6 MTU through all the interfaces and store it 1999 * to in6_maxmtu. 2000 */ 2001void 2002in6_setmaxmtu(void) 2003{ 2004 INIT_VNET_NET(curvnet); 2005 INIT_VNET_INET6(curvnet); 2006 unsigned long maxmtu = 0; 2007 struct ifnet *ifp; 2008 2009 IFNET_RLOCK(); 2010 for (ifp = TAILQ_FIRST(&V_ifnet); ifp; 2011 ifp = TAILQ_NEXT(ifp, if_list)) { 2012 /* this function can be called during ifnet initialization */ 2013 if (!ifp->if_afdata[AF_INET6]) 2014 continue; 2015 if ((ifp->if_flags & IFF_LOOPBACK) == 0 && 2016 IN6_LINKMTU(ifp) > maxmtu) 2017 maxmtu = IN6_LINKMTU(ifp); 2018 } 2019 IFNET_RUNLOCK(); 2020 if (maxmtu) /* update only when maxmtu is positive */ 2021 V_in6_maxmtu = maxmtu; 2022} 2023 2024/* 2025 * Provide the length of interface identifiers to be used for the link attached 2026 * to the given interface. The length should be defined in "IPv6 over 2027 * xxx-link" document. Note that address architecture might also define 2028 * the length for a particular set of address prefixes, regardless of the 2029 * link type. As clarified in rfc2462bis, those two definitions should be 2030 * consistent, and those really are as of August 2004. 2031 */ 2032int 2033in6_if2idlen(struct ifnet *ifp) 2034{ 2035 switch (ifp->if_type) { 2036 case IFT_ETHER: /* RFC2464 */ 2037#ifdef IFT_PROPVIRTUAL 2038 case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */ 2039#endif 2040#ifdef IFT_L2VLAN 2041 case IFT_L2VLAN: /* ditto */ 2042#endif 2043#ifdef IFT_IEEE80211 2044 case IFT_IEEE80211: /* ditto */ 2045#endif 2046#ifdef IFT_MIP 2047 case IFT_MIP: /* ditto */ 2048#endif 2049 return (64); 2050 case IFT_FDDI: /* RFC2467 */ 2051 return (64); 2052 case IFT_ISO88025: /* RFC2470 (IPv6 over Token Ring) */ 2053 return (64); 2054 case IFT_PPP: /* RFC2472 */ 2055 return (64); 2056 case IFT_ARCNET: /* RFC2497 */ 2057 return (64); 2058 case IFT_FRELAY: /* RFC2590 */ 2059 return (64); 2060 case IFT_IEEE1394: /* RFC3146 */ 2061 return (64); 2062 case IFT_GIF: 2063 return (64); /* draft-ietf-v6ops-mech-v2-07 */ 2064 case IFT_LOOP: 2065 return (64); /* XXX: is this really correct? */ 2066 default: 2067 /* 2068 * Unknown link type: 2069 * It might be controversial to use the today's common constant 2070 * of 64 for these cases unconditionally. For full compliance, 2071 * we should return an error in this case. On the other hand, 2072 * if we simply miss the standard for the link type or a new 2073 * standard is defined for a new link type, the IFID length 2074 * is very likely to be the common constant. As a compromise, 2075 * we always use the constant, but make an explicit notice 2076 * indicating the "unknown" case. 2077 */ 2078 printf("in6_if2idlen: unknown link type (%d)\n", ifp->if_type); 2079 return (64); 2080 } 2081} 2082 2083#include <sys/sysctl.h> 2084 2085struct in6_llentry { 2086 struct llentry base; 2087 struct sockaddr_in6 l3_addr6; 2088}; 2089 2090static struct llentry * 2091in6_lltable_new(const struct sockaddr *l3addr, u_int flags) 2092{ 2093 struct in6_llentry *lle; 2094 2095 lle = malloc(sizeof(struct in6_llentry), M_LLTABLE, 2096 M_DONTWAIT | M_ZERO); 2097 if (lle == NULL) /* NB: caller generates msg */ 2098 return NULL; 2099 2100 callout_init(&lle->base.ln_timer_ch, CALLOUT_MPSAFE); 2101 lle->l3_addr6 = *(const struct sockaddr_in6 *)l3addr; 2102 lle->base.lle_refcnt = 1; 2103 LLE_LOCK_INIT(&lle->base); 2104 return &lle->base; 2105} 2106 2107/* 2108 * Deletes an address from the address table. 2109 * This function is called by the timer functions 2110 * such as arptimer() and nd6_llinfo_timer(), and 2111 * the caller does the locking. 2112 */ 2113static void 2114in6_lltable_free(struct lltable *llt, struct llentry *lle) 2115{ 2116 LLE_WUNLOCK(lle); 2117 LLE_LOCK_DESTROY(lle); 2118 free(lle, M_LLTABLE); 2119} 2120 2121static int 2122in6_lltable_rtcheck(struct ifnet *ifp, const struct sockaddr *l3addr) 2123{ 2124 struct rtentry *rt; 2125 char ip6buf[INET6_ADDRSTRLEN]; 2126 2127 KASSERT(l3addr->sa_family == AF_INET6, 2128 ("sin_family %d", l3addr->sa_family)); 2129 2130 /* XXX rtalloc1 should take a const param */ 2131 rt = rtalloc1(__DECONST(struct sockaddr *, l3addr), 0, 0); 2132 if (rt == NULL || (rt->rt_flags & RTF_GATEWAY) || rt->rt_ifp != ifp) { 2133 struct ifaddr *ifa; 2134 /* 2135 * Create an ND6 cache for an IPv6 neighbor 2136 * that is not covered by our own prefix. 2137 */ 2138 /* XXX ifaof_ifpforaddr should take a const param */ 2139 ifa = ifaof_ifpforaddr(__DECONST(struct sockaddr *, l3addr), ifp); 2140 if (ifa != NULL) { 2141 if (rt != NULL) 2142 RTFREE_LOCKED(rt); 2143 return 0; 2144 } 2145 log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n", 2146 ip6_sprintf(ip6buf, &((const struct sockaddr_in6 *)l3addr)->sin6_addr)); 2147 if (rt != NULL) 2148 RTFREE_LOCKED(rt); 2149 return EINVAL; 2150 } 2151 RTFREE_LOCKED(rt); 2152 return 0; 2153} 2154 2155static struct llentry * 2156in6_lltable_lookup(struct lltable *llt, u_int flags, 2157 const struct sockaddr *l3addr) 2158{ 2159 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr; 2160 struct ifnet *ifp = llt->llt_ifp; 2161 struct llentry *lle; 2162 struct llentries *lleh; 2163 u_int hashkey; 2164 2165 IF_AFDATA_LOCK_ASSERT(ifp); 2166 KASSERT(l3addr->sa_family == AF_INET6, 2167 ("sin_family %d", l3addr->sa_family)); 2168 2169 hashkey = sin6->sin6_addr.s6_addr32[3]; 2170 lleh = &llt->lle_head[LLATBL_HASH(hashkey, LLTBL_HASHMASK)]; 2171 LIST_FOREACH(lle, lleh, lle_next) { 2172 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)L3_ADDR(lle); 2173 if (lle->la_flags & LLE_DELETED) 2174 continue; 2175 if (bcmp(&sa6->sin6_addr, &sin6->sin6_addr, 2176 sizeof(struct in6_addr)) == 0) 2177 break; 2178 } 2179 2180 if (lle == NULL) { 2181 if (!(flags & LLE_CREATE)) 2182 return (NULL); 2183 /* 2184 * A route that covers the given address must have 2185 * been installed 1st because we are doing a resolution, 2186 * verify this. 2187 */ 2188 if (!(flags & LLE_IFADDR) && 2189 in6_lltable_rtcheck(ifp, l3addr) != 0) 2190 return NULL; 2191 2192 lle = in6_lltable_new(l3addr, flags); 2193 if (lle == NULL) { 2194 log(LOG_INFO, "lla_lookup: new lle malloc failed\n"); 2195 return NULL; 2196 } 2197 lle->la_flags = flags & ~LLE_CREATE; 2198 if ((flags & (LLE_CREATE | LLE_IFADDR)) == (LLE_CREATE | LLE_IFADDR)) { 2199 bcopy(IF_LLADDR(ifp), &lle->ll_addr, ifp->if_addrlen); 2200 lle->la_flags |= (LLE_VALID | LLE_STATIC); 2201 } 2202 2203 lle->lle_tbl = llt; 2204 lle->lle_head = lleh; 2205 LIST_INSERT_HEAD(lleh, lle, lle_next); 2206 } else if (flags & LLE_DELETE) { 2207 if (!(lle->la_flags & LLE_IFADDR) || (flags & LLE_IFADDR)) { 2208 LLE_WLOCK(lle); 2209 lle->la_flags = LLE_DELETED; 2210 LLE_WUNLOCK(lle); 2211#ifdef DIAGNOSTICS 2212 log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle); 2213#endif 2214 } 2215 lle = (void *)-1; 2216 } 2217 if (LLE_IS_VALID(lle)) { 2218 if (flags & LLE_EXCLUSIVE) 2219 LLE_WLOCK(lle); 2220 else 2221 LLE_RLOCK(lle); 2222 } 2223 return (lle); 2224} 2225 2226static int 2227in6_lltable_dump(struct lltable *llt, struct sysctl_req *wr) 2228{ 2229 struct ifnet *ifp = llt->llt_ifp; 2230 struct llentry *lle; 2231 /* XXX stack use */ 2232 struct { 2233 struct rt_msghdr rtm; 2234 struct sockaddr_in6 sin6; 2235 /* 2236 * ndp.c assumes that sdl is word aligned 2237 */ 2238#ifdef __LP64__ 2239 uint32_t pad; 2240#endif 2241 struct sockaddr_dl sdl; 2242 } ndpc; 2243 int i, error; 2244 2245 /* XXXXX 2246 * current IFNET_RLOCK() is mapped to IFNET_WLOCK() 2247 * so it is okay to use this ASSERT, change it when 2248 * IFNET lock is finalized 2249 */ 2250 IFNET_WLOCK_ASSERT(); 2251 2252 error = 0; 2253 for (i = 0; i < LLTBL_HASHTBL_SIZE; i++) { 2254 LIST_FOREACH(lle, &llt->lle_head[i], lle_next) { 2255 struct sockaddr_dl *sdl; 2256 2257 /* skip deleted or invalid entries */ 2258 if ((lle->la_flags & (LLE_DELETED|LLE_VALID)) != LLE_VALID) 2259 continue; 2260 /* Skip if jailed and not a valid IP of the prison. */ 2261 if (prison_if(wr->td->td_ucred, L3_ADDR(lle)) != 0) 2262 continue; 2263 /* 2264 * produce a msg made of: 2265 * struct rt_msghdr; 2266 * struct sockaddr_in6 (IPv6) 2267 * struct sockaddr_dl; 2268 */ 2269 bzero(&ndpc, sizeof(ndpc)); 2270 ndpc.rtm.rtm_msglen = sizeof(ndpc); 2271 ndpc.rtm.rtm_version = RTM_VERSION; 2272 ndpc.rtm.rtm_type = RTM_GET; 2273 ndpc.rtm.rtm_flags = RTF_UP; 2274 ndpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY; 2275 ndpc.sin6.sin6_family = AF_INET6; 2276 ndpc.sin6.sin6_len = sizeof(ndpc.sin6); 2277 bcopy(L3_ADDR(lle), &ndpc.sin6, L3_ADDR_LEN(lle)); 2278 2279 /* publish */ 2280 if (lle->la_flags & LLE_PUB) 2281 ndpc.rtm.rtm_flags |= RTF_ANNOUNCE; 2282 2283 sdl = &ndpc.sdl; 2284 sdl->sdl_family = AF_LINK; 2285 sdl->sdl_len = sizeof(*sdl); 2286 sdl->sdl_alen = ifp->if_addrlen; 2287 sdl->sdl_index = ifp->if_index; 2288 sdl->sdl_type = ifp->if_type; 2289 bcopy(&lle->ll_addr, LLADDR(sdl), ifp->if_addrlen); 2290 ndpc.rtm.rtm_rmx.rmx_expire = 2291 lle->la_flags & LLE_STATIC ? 0 : lle->la_expire; 2292 ndpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA); 2293 if (lle->la_flags & LLE_STATIC) 2294 ndpc.rtm.rtm_flags |= RTF_STATIC; 2295 ndpc.rtm.rtm_index = ifp->if_index; 2296 error = SYSCTL_OUT(wr, &ndpc, sizeof(ndpc)); 2297 if (error) 2298 break; 2299 } 2300 } 2301 return error; 2302} 2303 2304void * 2305in6_domifattach(struct ifnet *ifp) 2306{ 2307 struct in6_ifextra *ext; 2308 2309 ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK); 2310 bzero(ext, sizeof(*ext)); 2311 2312 ext->in6_ifstat = (struct in6_ifstat *)malloc(sizeof(struct in6_ifstat), 2313 M_IFADDR, M_WAITOK); 2314 bzero(ext->in6_ifstat, sizeof(*ext->in6_ifstat)); 2315 2316 ext->icmp6_ifstat = 2317 (struct icmp6_ifstat *)malloc(sizeof(struct icmp6_ifstat), 2318 M_IFADDR, M_WAITOK); 2319 bzero(ext->icmp6_ifstat, sizeof(*ext->icmp6_ifstat)); 2320 2321 ext->nd_ifinfo = nd6_ifattach(ifp); 2322 ext->scope6_id = scope6_ifattach(ifp); 2323 ext->lltable = lltable_init(ifp, AF_INET6); 2324 if (ext->lltable != NULL) { 2325 ext->lltable->llt_new = in6_lltable_new; 2326 ext->lltable->llt_free = in6_lltable_free; 2327 ext->lltable->llt_rtcheck = in6_lltable_rtcheck; 2328 ext->lltable->llt_lookup = in6_lltable_lookup; 2329 ext->lltable->llt_dump = in6_lltable_dump; 2330 }
| 1594/* 1595 * Find an IPv6 interface link-local address specific to an interface. 1596 */ 1597struct in6_ifaddr * 1598in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags) 1599{ 1600 struct ifaddr *ifa; 1601 1602 IF_ADDR_LOCK(ifp); 1603 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1604 if (ifa->ifa_addr->sa_family != AF_INET6) 1605 continue; 1606 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) { 1607 if ((((struct in6_ifaddr *)ifa)->ia6_flags & 1608 ignoreflags) != 0) 1609 continue; 1610 break; 1611 } 1612 } 1613 IF_ADDR_UNLOCK(ifp); 1614 1615 return ((struct in6_ifaddr *)ifa); 1616} 1617 1618 1619/* 1620 * find the internet address corresponding to a given interface and address. 1621 */ 1622struct in6_ifaddr * 1623in6ifa_ifpwithaddr(struct ifnet *ifp, struct in6_addr *addr) 1624{ 1625 struct ifaddr *ifa; 1626 1627 IF_ADDR_LOCK(ifp); 1628 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1629 if (ifa->ifa_addr->sa_family != AF_INET6) 1630 continue; 1631 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) 1632 break; 1633 } 1634 IF_ADDR_UNLOCK(ifp); 1635 1636 return ((struct in6_ifaddr *)ifa); 1637} 1638 1639/* 1640 * Convert IP6 address to printable (loggable) representation. Caller 1641 * has to make sure that ip6buf is at least INET6_ADDRSTRLEN long. 1642 */ 1643static char digits[] = "0123456789abcdef"; 1644char * 1645ip6_sprintf(char *ip6buf, const struct in6_addr *addr) 1646{ 1647 int i; 1648 char *cp; 1649 const u_int16_t *a = (const u_int16_t *)addr; 1650 const u_int8_t *d; 1651 int dcolon = 0, zero = 0; 1652 1653 cp = ip6buf; 1654 1655 for (i = 0; i < 8; i++) { 1656 if (dcolon == 1) { 1657 if (*a == 0) { 1658 if (i == 7) 1659 *cp++ = ':'; 1660 a++; 1661 continue; 1662 } else 1663 dcolon = 2; 1664 } 1665 if (*a == 0) { 1666 if (dcolon == 0 && *(a + 1) == 0) { 1667 if (i == 0) 1668 *cp++ = ':'; 1669 *cp++ = ':'; 1670 dcolon = 1; 1671 } else { 1672 *cp++ = '0'; 1673 *cp++ = ':'; 1674 } 1675 a++; 1676 continue; 1677 } 1678 d = (const u_char *)a; 1679 /* Try to eliminate leading zeros in printout like in :0001. */ 1680 zero = 1; 1681 *cp = digits[*d >> 4]; 1682 if (*cp != '0') { 1683 zero = 0; 1684 cp++; 1685 } 1686 *cp = digits[*d++ & 0xf]; 1687 if (zero == 0 || (*cp != '0')) { 1688 zero = 0; 1689 cp++; 1690 } 1691 *cp = digits[*d >> 4]; 1692 if (zero == 0 || (*cp != '0')) { 1693 zero = 0; 1694 cp++; 1695 } 1696 *cp++ = digits[*d & 0xf]; 1697 *cp++ = ':'; 1698 a++; 1699 } 1700 *--cp = '\0'; 1701 return (ip6buf); 1702} 1703 1704int 1705in6_localaddr(struct in6_addr *in6) 1706{ 1707 INIT_VNET_INET6(curvnet); 1708 struct in6_ifaddr *ia; 1709 1710 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6)) 1711 return 1; 1712 1713 for (ia = V_in6_ifaddr; ia; ia = ia->ia_next) { 1714 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr, 1715 &ia->ia_prefixmask.sin6_addr)) { 1716 return 1; 1717 } 1718 } 1719 1720 return (0); 1721} 1722 1723int 1724in6_is_addr_deprecated(struct sockaddr_in6 *sa6) 1725{ 1726 INIT_VNET_INET6(curvnet); 1727 struct in6_ifaddr *ia; 1728 1729 for (ia = V_in6_ifaddr; ia; ia = ia->ia_next) { 1730 if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, 1731 &sa6->sin6_addr) && 1732 (ia->ia6_flags & IN6_IFF_DEPRECATED) != 0) 1733 return (1); /* true */ 1734 1735 /* XXX: do we still have to go thru the rest of the list? */ 1736 } 1737 1738 return (0); /* false */ 1739} 1740 1741/* 1742 * return length of part which dst and src are equal 1743 * hard coding... 1744 */ 1745int 1746in6_matchlen(struct in6_addr *src, struct in6_addr *dst) 1747{ 1748 int match = 0; 1749 u_char *s = (u_char *)src, *d = (u_char *)dst; 1750 u_char *lim = s + 16, r; 1751 1752 while (s < lim) 1753 if ((r = (*d++ ^ *s++)) != 0) { 1754 while (r < 128) { 1755 match++; 1756 r <<= 1; 1757 } 1758 break; 1759 } else 1760 match += 8; 1761 return match; 1762} 1763 1764/* XXX: to be scope conscious */ 1765int 1766in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len) 1767{ 1768 int bytelen, bitlen; 1769 1770 /* sanity check */ 1771 if (0 > len || len > 128) { 1772 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n", 1773 len); 1774 return (0); 1775 } 1776 1777 bytelen = len / 8; 1778 bitlen = len % 8; 1779 1780 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen)) 1781 return (0); 1782 if (bitlen != 0 && 1783 p1->s6_addr[bytelen] >> (8 - bitlen) != 1784 p2->s6_addr[bytelen] >> (8 - bitlen)) 1785 return (0); 1786 1787 return (1); 1788} 1789 1790void 1791in6_prefixlen2mask(struct in6_addr *maskp, int len) 1792{ 1793 u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff}; 1794 int bytelen, bitlen, i; 1795 1796 /* sanity check */ 1797 if (0 > len || len > 128) { 1798 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n", 1799 len); 1800 return; 1801 } 1802 1803 bzero(maskp, sizeof(*maskp)); 1804 bytelen = len / 8; 1805 bitlen = len % 8; 1806 for (i = 0; i < bytelen; i++) 1807 maskp->s6_addr[i] = 0xff; 1808 if (bitlen) 1809 maskp->s6_addr[bytelen] = maskarray[bitlen - 1]; 1810} 1811 1812/* 1813 * return the best address out of the same scope. if no address was 1814 * found, return the first valid address from designated IF. 1815 */ 1816struct in6_ifaddr * 1817in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst) 1818{ 1819 INIT_VNET_INET6(curvnet); 1820 int dst_scope = in6_addrscope(dst), blen = -1, tlen; 1821 struct ifaddr *ifa; 1822 struct in6_ifaddr *besta = 0; 1823 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */ 1824 1825 dep[0] = dep[1] = NULL; 1826 1827 /* 1828 * We first look for addresses in the same scope. 1829 * If there is one, return it. 1830 * If two or more, return one which matches the dst longest. 1831 * If none, return one of global addresses assigned other ifs. 1832 */ 1833 IF_ADDR_LOCK(ifp); 1834 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1835 if (ifa->ifa_addr->sa_family != AF_INET6) 1836 continue; 1837 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 1838 continue; /* XXX: is there any case to allow anycast? */ 1839 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 1840 continue; /* don't use this interface */ 1841 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 1842 continue; 1843 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 1844 if (V_ip6_use_deprecated) 1845 dep[0] = (struct in6_ifaddr *)ifa; 1846 continue; 1847 } 1848 1849 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) { 1850 /* 1851 * call in6_matchlen() as few as possible 1852 */ 1853 if (besta) { 1854 if (blen == -1) 1855 blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst); 1856 tlen = in6_matchlen(IFA_IN6(ifa), dst); 1857 if (tlen > blen) { 1858 blen = tlen; 1859 besta = (struct in6_ifaddr *)ifa; 1860 } 1861 } else 1862 besta = (struct in6_ifaddr *)ifa; 1863 } 1864 } 1865 if (besta) { 1866 IF_ADDR_UNLOCK(ifp); 1867 return (besta); 1868 } 1869 1870 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1871 if (ifa->ifa_addr->sa_family != AF_INET6) 1872 continue; 1873 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 1874 continue; /* XXX: is there any case to allow anycast? */ 1875 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 1876 continue; /* don't use this interface */ 1877 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 1878 continue; 1879 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 1880 if (V_ip6_use_deprecated) 1881 dep[1] = (struct in6_ifaddr *)ifa; 1882 continue; 1883 } 1884 1885 IF_ADDR_UNLOCK(ifp); 1886 return (struct in6_ifaddr *)ifa; 1887 } 1888 IF_ADDR_UNLOCK(ifp); 1889 1890 /* use the last-resort values, that are, deprecated addresses */ 1891 if (dep[0]) 1892 return dep[0]; 1893 if (dep[1]) 1894 return dep[1]; 1895 1896 return NULL; 1897} 1898 1899/* 1900 * perform DAD when interface becomes IFF_UP. 1901 */ 1902void 1903in6_if_up(struct ifnet *ifp) 1904{ 1905 struct ifaddr *ifa; 1906 struct in6_ifaddr *ia; 1907 1908 IF_ADDR_LOCK(ifp); 1909 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1910 if (ifa->ifa_addr->sa_family != AF_INET6) 1911 continue; 1912 ia = (struct in6_ifaddr *)ifa; 1913 if (ia->ia6_flags & IN6_IFF_TENTATIVE) { 1914 /* 1915 * The TENTATIVE flag was likely set by hand 1916 * beforehand, implicitly indicating the need for DAD. 1917 * We may be able to skip the random delay in this 1918 * case, but we impose delays just in case. 1919 */ 1920 nd6_dad_start(ifa, 1921 arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz)); 1922 } 1923 } 1924 IF_ADDR_UNLOCK(ifp); 1925 1926 /* 1927 * special cases, like 6to4, are handled in in6_ifattach 1928 */ 1929 in6_ifattach(ifp, NULL); 1930} 1931 1932int 1933in6if_do_dad(struct ifnet *ifp) 1934{ 1935 if ((ifp->if_flags & IFF_LOOPBACK) != 0) 1936 return (0); 1937 1938 switch (ifp->if_type) { 1939#ifdef IFT_DUMMY 1940 case IFT_DUMMY: 1941#endif 1942 case IFT_FAITH: 1943 /* 1944 * These interfaces do not have the IFF_LOOPBACK flag, 1945 * but loop packets back. We do not have to do DAD on such 1946 * interfaces. We should even omit it, because loop-backed 1947 * NS would confuse the DAD procedure. 1948 */ 1949 return (0); 1950 default: 1951 /* 1952 * Our DAD routine requires the interface up and running. 1953 * However, some interfaces can be up before the RUNNING 1954 * status. Additionaly, users may try to assign addresses 1955 * before the interface becomes up (or running). 1956 * We simply skip DAD in such a case as a work around. 1957 * XXX: we should rather mark "tentative" on such addresses, 1958 * and do DAD after the interface becomes ready. 1959 */ 1960 if (!((ifp->if_flags & IFF_UP) && 1961 (ifp->if_drv_flags & IFF_DRV_RUNNING))) 1962 return (0); 1963 1964 return (1); 1965 } 1966} 1967 1968/* 1969 * Calculate max IPv6 MTU through all the interfaces and store it 1970 * to in6_maxmtu. 1971 */ 1972void 1973in6_setmaxmtu(void) 1974{ 1975 INIT_VNET_NET(curvnet); 1976 INIT_VNET_INET6(curvnet); 1977 unsigned long maxmtu = 0; 1978 struct ifnet *ifp; 1979 1980 IFNET_RLOCK(); 1981 for (ifp = TAILQ_FIRST(&V_ifnet); ifp; 1982 ifp = TAILQ_NEXT(ifp, if_list)) { 1983 /* this function can be called during ifnet initialization */ 1984 if (!ifp->if_afdata[AF_INET6]) 1985 continue; 1986 if ((ifp->if_flags & IFF_LOOPBACK) == 0 && 1987 IN6_LINKMTU(ifp) > maxmtu) 1988 maxmtu = IN6_LINKMTU(ifp); 1989 } 1990 IFNET_RUNLOCK(); 1991 if (maxmtu) /* update only when maxmtu is positive */ 1992 V_in6_maxmtu = maxmtu; 1993} 1994 1995/* 1996 * Provide the length of interface identifiers to be used for the link attached 1997 * to the given interface. The length should be defined in "IPv6 over 1998 * xxx-link" document. Note that address architecture might also define 1999 * the length for a particular set of address prefixes, regardless of the 2000 * link type. As clarified in rfc2462bis, those two definitions should be 2001 * consistent, and those really are as of August 2004. 2002 */ 2003int 2004in6_if2idlen(struct ifnet *ifp) 2005{ 2006 switch (ifp->if_type) { 2007 case IFT_ETHER: /* RFC2464 */ 2008#ifdef IFT_PROPVIRTUAL 2009 case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */ 2010#endif 2011#ifdef IFT_L2VLAN 2012 case IFT_L2VLAN: /* ditto */ 2013#endif 2014#ifdef IFT_IEEE80211 2015 case IFT_IEEE80211: /* ditto */ 2016#endif 2017#ifdef IFT_MIP 2018 case IFT_MIP: /* ditto */ 2019#endif 2020 return (64); 2021 case IFT_FDDI: /* RFC2467 */ 2022 return (64); 2023 case IFT_ISO88025: /* RFC2470 (IPv6 over Token Ring) */ 2024 return (64); 2025 case IFT_PPP: /* RFC2472 */ 2026 return (64); 2027 case IFT_ARCNET: /* RFC2497 */ 2028 return (64); 2029 case IFT_FRELAY: /* RFC2590 */ 2030 return (64); 2031 case IFT_IEEE1394: /* RFC3146 */ 2032 return (64); 2033 case IFT_GIF: 2034 return (64); /* draft-ietf-v6ops-mech-v2-07 */ 2035 case IFT_LOOP: 2036 return (64); /* XXX: is this really correct? */ 2037 default: 2038 /* 2039 * Unknown link type: 2040 * It might be controversial to use the today's common constant 2041 * of 64 for these cases unconditionally. For full compliance, 2042 * we should return an error in this case. On the other hand, 2043 * if we simply miss the standard for the link type or a new 2044 * standard is defined for a new link type, the IFID length 2045 * is very likely to be the common constant. As a compromise, 2046 * we always use the constant, but make an explicit notice 2047 * indicating the "unknown" case. 2048 */ 2049 printf("in6_if2idlen: unknown link type (%d)\n", ifp->if_type); 2050 return (64); 2051 } 2052} 2053 2054#include <sys/sysctl.h> 2055 2056struct in6_llentry { 2057 struct llentry base; 2058 struct sockaddr_in6 l3_addr6; 2059}; 2060 2061static struct llentry * 2062in6_lltable_new(const struct sockaddr *l3addr, u_int flags) 2063{ 2064 struct in6_llentry *lle; 2065 2066 lle = malloc(sizeof(struct in6_llentry), M_LLTABLE, 2067 M_DONTWAIT | M_ZERO); 2068 if (lle == NULL) /* NB: caller generates msg */ 2069 return NULL; 2070 2071 callout_init(&lle->base.ln_timer_ch, CALLOUT_MPSAFE); 2072 lle->l3_addr6 = *(const struct sockaddr_in6 *)l3addr; 2073 lle->base.lle_refcnt = 1; 2074 LLE_LOCK_INIT(&lle->base); 2075 return &lle->base; 2076} 2077 2078/* 2079 * Deletes an address from the address table. 2080 * This function is called by the timer functions 2081 * such as arptimer() and nd6_llinfo_timer(), and 2082 * the caller does the locking. 2083 */ 2084static void 2085in6_lltable_free(struct lltable *llt, struct llentry *lle) 2086{ 2087 LLE_WUNLOCK(lle); 2088 LLE_LOCK_DESTROY(lle); 2089 free(lle, M_LLTABLE); 2090} 2091 2092static int 2093in6_lltable_rtcheck(struct ifnet *ifp, const struct sockaddr *l3addr) 2094{ 2095 struct rtentry *rt; 2096 char ip6buf[INET6_ADDRSTRLEN]; 2097 2098 KASSERT(l3addr->sa_family == AF_INET6, 2099 ("sin_family %d", l3addr->sa_family)); 2100 2101 /* XXX rtalloc1 should take a const param */ 2102 rt = rtalloc1(__DECONST(struct sockaddr *, l3addr), 0, 0); 2103 if (rt == NULL || (rt->rt_flags & RTF_GATEWAY) || rt->rt_ifp != ifp) { 2104 struct ifaddr *ifa; 2105 /* 2106 * Create an ND6 cache for an IPv6 neighbor 2107 * that is not covered by our own prefix. 2108 */ 2109 /* XXX ifaof_ifpforaddr should take a const param */ 2110 ifa = ifaof_ifpforaddr(__DECONST(struct sockaddr *, l3addr), ifp); 2111 if (ifa != NULL) { 2112 if (rt != NULL) 2113 RTFREE_LOCKED(rt); 2114 return 0; 2115 } 2116 log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n", 2117 ip6_sprintf(ip6buf, &((const struct sockaddr_in6 *)l3addr)->sin6_addr)); 2118 if (rt != NULL) 2119 RTFREE_LOCKED(rt); 2120 return EINVAL; 2121 } 2122 RTFREE_LOCKED(rt); 2123 return 0; 2124} 2125 2126static struct llentry * 2127in6_lltable_lookup(struct lltable *llt, u_int flags, 2128 const struct sockaddr *l3addr) 2129{ 2130 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr; 2131 struct ifnet *ifp = llt->llt_ifp; 2132 struct llentry *lle; 2133 struct llentries *lleh; 2134 u_int hashkey; 2135 2136 IF_AFDATA_LOCK_ASSERT(ifp); 2137 KASSERT(l3addr->sa_family == AF_INET6, 2138 ("sin_family %d", l3addr->sa_family)); 2139 2140 hashkey = sin6->sin6_addr.s6_addr32[3]; 2141 lleh = &llt->lle_head[LLATBL_HASH(hashkey, LLTBL_HASHMASK)]; 2142 LIST_FOREACH(lle, lleh, lle_next) { 2143 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)L3_ADDR(lle); 2144 if (lle->la_flags & LLE_DELETED) 2145 continue; 2146 if (bcmp(&sa6->sin6_addr, &sin6->sin6_addr, 2147 sizeof(struct in6_addr)) == 0) 2148 break; 2149 } 2150 2151 if (lle == NULL) { 2152 if (!(flags & LLE_CREATE)) 2153 return (NULL); 2154 /* 2155 * A route that covers the given address must have 2156 * been installed 1st because we are doing a resolution, 2157 * verify this. 2158 */ 2159 if (!(flags & LLE_IFADDR) && 2160 in6_lltable_rtcheck(ifp, l3addr) != 0) 2161 return NULL; 2162 2163 lle = in6_lltable_new(l3addr, flags); 2164 if (lle == NULL) { 2165 log(LOG_INFO, "lla_lookup: new lle malloc failed\n"); 2166 return NULL; 2167 } 2168 lle->la_flags = flags & ~LLE_CREATE; 2169 if ((flags & (LLE_CREATE | LLE_IFADDR)) == (LLE_CREATE | LLE_IFADDR)) { 2170 bcopy(IF_LLADDR(ifp), &lle->ll_addr, ifp->if_addrlen); 2171 lle->la_flags |= (LLE_VALID | LLE_STATIC); 2172 } 2173 2174 lle->lle_tbl = llt; 2175 lle->lle_head = lleh; 2176 LIST_INSERT_HEAD(lleh, lle, lle_next); 2177 } else if (flags & LLE_DELETE) { 2178 if (!(lle->la_flags & LLE_IFADDR) || (flags & LLE_IFADDR)) { 2179 LLE_WLOCK(lle); 2180 lle->la_flags = LLE_DELETED; 2181 LLE_WUNLOCK(lle); 2182#ifdef DIAGNOSTICS 2183 log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle); 2184#endif 2185 } 2186 lle = (void *)-1; 2187 } 2188 if (LLE_IS_VALID(lle)) { 2189 if (flags & LLE_EXCLUSIVE) 2190 LLE_WLOCK(lle); 2191 else 2192 LLE_RLOCK(lle); 2193 } 2194 return (lle); 2195} 2196 2197static int 2198in6_lltable_dump(struct lltable *llt, struct sysctl_req *wr) 2199{ 2200 struct ifnet *ifp = llt->llt_ifp; 2201 struct llentry *lle; 2202 /* XXX stack use */ 2203 struct { 2204 struct rt_msghdr rtm; 2205 struct sockaddr_in6 sin6; 2206 /* 2207 * ndp.c assumes that sdl is word aligned 2208 */ 2209#ifdef __LP64__ 2210 uint32_t pad; 2211#endif 2212 struct sockaddr_dl sdl; 2213 } ndpc; 2214 int i, error; 2215 2216 /* XXXXX 2217 * current IFNET_RLOCK() is mapped to IFNET_WLOCK() 2218 * so it is okay to use this ASSERT, change it when 2219 * IFNET lock is finalized 2220 */ 2221 IFNET_WLOCK_ASSERT(); 2222 2223 error = 0; 2224 for (i = 0; i < LLTBL_HASHTBL_SIZE; i++) { 2225 LIST_FOREACH(lle, &llt->lle_head[i], lle_next) { 2226 struct sockaddr_dl *sdl; 2227 2228 /* skip deleted or invalid entries */ 2229 if ((lle->la_flags & (LLE_DELETED|LLE_VALID)) != LLE_VALID) 2230 continue; 2231 /* Skip if jailed and not a valid IP of the prison. */ 2232 if (prison_if(wr->td->td_ucred, L3_ADDR(lle)) != 0) 2233 continue; 2234 /* 2235 * produce a msg made of: 2236 * struct rt_msghdr; 2237 * struct sockaddr_in6 (IPv6) 2238 * struct sockaddr_dl; 2239 */ 2240 bzero(&ndpc, sizeof(ndpc)); 2241 ndpc.rtm.rtm_msglen = sizeof(ndpc); 2242 ndpc.rtm.rtm_version = RTM_VERSION; 2243 ndpc.rtm.rtm_type = RTM_GET; 2244 ndpc.rtm.rtm_flags = RTF_UP; 2245 ndpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY; 2246 ndpc.sin6.sin6_family = AF_INET6; 2247 ndpc.sin6.sin6_len = sizeof(ndpc.sin6); 2248 bcopy(L3_ADDR(lle), &ndpc.sin6, L3_ADDR_LEN(lle)); 2249 2250 /* publish */ 2251 if (lle->la_flags & LLE_PUB) 2252 ndpc.rtm.rtm_flags |= RTF_ANNOUNCE; 2253 2254 sdl = &ndpc.sdl; 2255 sdl->sdl_family = AF_LINK; 2256 sdl->sdl_len = sizeof(*sdl); 2257 sdl->sdl_alen = ifp->if_addrlen; 2258 sdl->sdl_index = ifp->if_index; 2259 sdl->sdl_type = ifp->if_type; 2260 bcopy(&lle->ll_addr, LLADDR(sdl), ifp->if_addrlen); 2261 ndpc.rtm.rtm_rmx.rmx_expire = 2262 lle->la_flags & LLE_STATIC ? 0 : lle->la_expire; 2263 ndpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA); 2264 if (lle->la_flags & LLE_STATIC) 2265 ndpc.rtm.rtm_flags |= RTF_STATIC; 2266 ndpc.rtm.rtm_index = ifp->if_index; 2267 error = SYSCTL_OUT(wr, &ndpc, sizeof(ndpc)); 2268 if (error) 2269 break; 2270 } 2271 } 2272 return error; 2273} 2274 2275void * 2276in6_domifattach(struct ifnet *ifp) 2277{ 2278 struct in6_ifextra *ext; 2279 2280 ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK); 2281 bzero(ext, sizeof(*ext)); 2282 2283 ext->in6_ifstat = (struct in6_ifstat *)malloc(sizeof(struct in6_ifstat), 2284 M_IFADDR, M_WAITOK); 2285 bzero(ext->in6_ifstat, sizeof(*ext->in6_ifstat)); 2286 2287 ext->icmp6_ifstat = 2288 (struct icmp6_ifstat *)malloc(sizeof(struct icmp6_ifstat), 2289 M_IFADDR, M_WAITOK); 2290 bzero(ext->icmp6_ifstat, sizeof(*ext->icmp6_ifstat)); 2291 2292 ext->nd_ifinfo = nd6_ifattach(ifp); 2293 ext->scope6_id = scope6_ifattach(ifp); 2294 ext->lltable = lltable_init(ifp, AF_INET6); 2295 if (ext->lltable != NULL) { 2296 ext->lltable->llt_new = in6_lltable_new; 2297 ext->lltable->llt_free = in6_lltable_free; 2298 ext->lltable->llt_rtcheck = in6_lltable_rtcheck; 2299 ext->lltable->llt_lookup = in6_lltable_lookup; 2300 ext->lltable->llt_dump = in6_lltable_dump; 2301 }
|
| 2302 2303 ext->mld_ifinfo = mld_domifattach(ifp); 2304
|
2331 return ext; 2332} 2333 2334void 2335in6_domifdetach(struct ifnet *ifp, void *aux) 2336{ 2337 struct in6_ifextra *ext = (struct in6_ifextra *)aux; 2338
| 2305 return ext; 2306} 2307 2308void 2309in6_domifdetach(struct ifnet *ifp, void *aux) 2310{ 2311 struct in6_ifextra *ext = (struct in6_ifextra *)aux; 2312
|
| 2313 mld_domifdetach(ifp);
|
2339 scope6_ifdetach(ext->scope6_id); 2340 nd6_ifdetach(ext->nd_ifinfo); 2341 lltable_free(ext->lltable); 2342 free(ext->in6_ifstat, M_IFADDR); 2343 free(ext->icmp6_ifstat, M_IFADDR); 2344 free(ext, M_IFADDR); 2345} 2346 2347/* 2348 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be 2349 * v4 mapped addr or v4 compat addr 2350 */ 2351void 2352in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2353{ 2354 2355 bzero(sin, sizeof(*sin)); 2356 sin->sin_len = sizeof(struct sockaddr_in); 2357 sin->sin_family = AF_INET; 2358 sin->sin_port = sin6->sin6_port; 2359 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3]; 2360} 2361 2362/* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */ 2363void 2364in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2365{ 2366 bzero(sin6, sizeof(*sin6)); 2367 sin6->sin6_len = sizeof(struct sockaddr_in6); 2368 sin6->sin6_family = AF_INET6; 2369 sin6->sin6_port = sin->sin_port; 2370 sin6->sin6_addr.s6_addr32[0] = 0; 2371 sin6->sin6_addr.s6_addr32[1] = 0; 2372 sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP; 2373 sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr; 2374} 2375 2376/* Convert sockaddr_in6 into sockaddr_in. */ 2377void 2378in6_sin6_2_sin_in_sock(struct sockaddr *nam) 2379{ 2380 struct sockaddr_in *sin_p; 2381 struct sockaddr_in6 sin6; 2382 2383 /* 2384 * Save original sockaddr_in6 addr and convert it 2385 * to sockaddr_in. 2386 */ 2387 sin6 = *(struct sockaddr_in6 *)nam; 2388 sin_p = (struct sockaddr_in *)nam; 2389 in6_sin6_2_sin(sin_p, &sin6); 2390} 2391 2392/* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */ 2393void 2394in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam) 2395{ 2396 struct sockaddr_in *sin_p; 2397 struct sockaddr_in6 *sin6_p; 2398 2399 sin6_p = malloc(sizeof *sin6_p, M_SONAME, 2400 M_WAITOK); 2401 sin_p = (struct sockaddr_in *)*nam; 2402 in6_sin_2_v4mapsin6(sin_p, sin6_p); 2403 free(*nam, M_SONAME); 2404 *nam = (struct sockaddr *)sin6_p; 2405}
| 2314 scope6_ifdetach(ext->scope6_id); 2315 nd6_ifdetach(ext->nd_ifinfo); 2316 lltable_free(ext->lltable); 2317 free(ext->in6_ifstat, M_IFADDR); 2318 free(ext->icmp6_ifstat, M_IFADDR); 2319 free(ext, M_IFADDR); 2320} 2321 2322/* 2323 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be 2324 * v4 mapped addr or v4 compat addr 2325 */ 2326void 2327in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2328{ 2329 2330 bzero(sin, sizeof(*sin)); 2331 sin->sin_len = sizeof(struct sockaddr_in); 2332 sin->sin_family = AF_INET; 2333 sin->sin_port = sin6->sin6_port; 2334 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3]; 2335} 2336 2337/* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */ 2338void 2339in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2340{ 2341 bzero(sin6, sizeof(*sin6)); 2342 sin6->sin6_len = sizeof(struct sockaddr_in6); 2343 sin6->sin6_family = AF_INET6; 2344 sin6->sin6_port = sin->sin_port; 2345 sin6->sin6_addr.s6_addr32[0] = 0; 2346 sin6->sin6_addr.s6_addr32[1] = 0; 2347 sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP; 2348 sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr; 2349} 2350 2351/* Convert sockaddr_in6 into sockaddr_in. */ 2352void 2353in6_sin6_2_sin_in_sock(struct sockaddr *nam) 2354{ 2355 struct sockaddr_in *sin_p; 2356 struct sockaddr_in6 sin6; 2357 2358 /* 2359 * Save original sockaddr_in6 addr and convert it 2360 * to sockaddr_in. 2361 */ 2362 sin6 = *(struct sockaddr_in6 *)nam; 2363 sin_p = (struct sockaddr_in *)nam; 2364 in6_sin6_2_sin(sin_p, &sin6); 2365} 2366 2367/* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */ 2368void 2369in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam) 2370{ 2371 struct sockaddr_in *sin_p; 2372 struct sockaddr_in6 *sin6_p; 2373 2374 sin6_p = malloc(sizeof *sin6_p, M_SONAME, 2375 M_WAITOK); 2376 sin_p = (struct sockaddr_in *)*nam; 2377 in6_sin_2_v4mapsin6(sin_p, sin6_p); 2378 free(*nam, M_SONAME); 2379 *nam = (struct sockaddr *)sin6_p; 2380}
|