1/*-
2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. Neither the name of the project nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 *
29 * $KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $
30 */
31
32/*-
33 * Copyright (c) 1982, 1986, 1991, 1993
34 * The Regents of the University of California. All rights reserved.
35 *
36 * Redistribution and use in source and binary forms, with or without
37 * modification, are permitted provided that the following conditions
38 * are met:
39 * 1. Redistributions of source code must retain the above copyright
40 * notice, this list of conditions and the following disclaimer.
41 * 2. Redistributions in binary form must reproduce the above copyright
42 * notice, this list of conditions and the following disclaimer in the
43 * documentation and/or other materials provided with the distribution.
44 * 4. Neither the name of the University nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
47 *
48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
58 * SUCH DAMAGE.
59 *
60 * @(#)in.c 8.2 (Berkeley) 11/15/93
61 */
62
63#include <sys/cdefs.h>
| 1/*-
2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. Neither the name of the project nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 *
29 * $KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $
30 */
31
32/*-
33 * Copyright (c) 1982, 1986, 1991, 1993
34 * The Regents of the University of California. All rights reserved.
35 *
36 * Redistribution and use in source and binary forms, with or without
37 * modification, are permitted provided that the following conditions
38 * are met:
39 * 1. Redistributions of source code must retain the above copyright
40 * notice, this list of conditions and the following disclaimer.
41 * 2. Redistributions in binary form must reproduce the above copyright
42 * notice, this list of conditions and the following disclaimer in the
43 * documentation and/or other materials provided with the distribution.
44 * 4. Neither the name of the University nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
47 *
48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
58 * SUCH DAMAGE.
59 *
60 * @(#)in.c 8.2 (Berkeley) 11/15/93
61 */
62
63#include <sys/cdefs.h>
|
64__FBSDID("$FreeBSD: head/sys/netinet6/in6.c 191340 2009-04-20 22:45:21Z rwatson $");
| 64__FBSDID("$FreeBSD: head/sys/netinet6/in6.c 191672 2009-04-29 19:19:13Z bms $");
|
65
66#include "opt_inet.h"
67#include "opt_inet6.h"
68#include "opt_route.h"
69
70#include <sys/param.h>
71#include <sys/errno.h>
72#include <sys/jail.h>
73#include <sys/malloc.h>
74#include <sys/socket.h>
75#include <sys/socketvar.h>
76#include <sys/sockio.h>
77#include <sys/systm.h>
78#include <sys/priv.h>
79#include <sys/proc.h>
80#include <sys/time.h>
81#include <sys/kernel.h>
82#include <sys/syslog.h>
83#include <sys/vimage.h>
84
85#include <net/if.h>
86#include <net/if_types.h>
87#include <net/route.h>
88#include <net/if_dl.h>
89#include <net/vnet.h>
90
91#include <netinet/in.h>
92#include <netinet/in_var.h>
93#include <net/if_llatbl.h>
94#include <netinet/if_ether.h>
95#include <netinet/in_systm.h>
96#include <netinet/ip.h>
97#include <netinet/in_pcb.h>
98
99#include <netinet/ip6.h>
100#include <netinet6/ip6_var.h>
101#include <netinet6/nd6.h>
102#include <netinet6/mld6_var.h>
103#include <netinet6/ip6_mroute.h>
104#include <netinet6/in6_ifattach.h>
105#include <netinet6/scope6_var.h>
106#include <netinet6/in6_pcb.h>
107#include <netinet6/vinet6.h>
108
| 65
66#include "opt_inet.h"
67#include "opt_inet6.h"
68#include "opt_route.h"
69
70#include <sys/param.h>
71#include <sys/errno.h>
72#include <sys/jail.h>
73#include <sys/malloc.h>
74#include <sys/socket.h>
75#include <sys/socketvar.h>
76#include <sys/sockio.h>
77#include <sys/systm.h>
78#include <sys/priv.h>
79#include <sys/proc.h>
80#include <sys/time.h>
81#include <sys/kernel.h>
82#include <sys/syslog.h>
83#include <sys/vimage.h>
84
85#include <net/if.h>
86#include <net/if_types.h>
87#include <net/route.h>
88#include <net/if_dl.h>
89#include <net/vnet.h>
90
91#include <netinet/in.h>
92#include <netinet/in_var.h>
93#include <net/if_llatbl.h>
94#include <netinet/if_ether.h>
95#include <netinet/in_systm.h>
96#include <netinet/ip.h>
97#include <netinet/in_pcb.h>
98
99#include <netinet/ip6.h>
100#include <netinet6/ip6_var.h>
101#include <netinet6/nd6.h>
102#include <netinet6/mld6_var.h>
103#include <netinet6/ip6_mroute.h>
104#include <netinet6/in6_ifattach.h>
105#include <netinet6/scope6_var.h>
106#include <netinet6/in6_pcb.h>
107#include <netinet6/vinet6.h>
108
|
109MALLOC_DEFINE(M_IP6MADDR, "in6_multi", "internet multicast address");
110
| |
111/*
112 * Definitions of some costant IP6 addresses.
113 */
114const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT;
115const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT;
116const struct in6_addr in6addr_nodelocal_allnodes =
117 IN6ADDR_NODELOCAL_ALLNODES_INIT;
118const struct in6_addr in6addr_linklocal_allnodes =
119 IN6ADDR_LINKLOCAL_ALLNODES_INIT;
120const struct in6_addr in6addr_linklocal_allrouters =
121 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT;
| 109/*
110 * Definitions of some costant IP6 addresses.
111 */
112const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT;
113const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT;
114const struct in6_addr in6addr_nodelocal_allnodes =
115 IN6ADDR_NODELOCAL_ALLNODES_INIT;
116const struct in6_addr in6addr_linklocal_allnodes =
117 IN6ADDR_LINKLOCAL_ALLNODES_INIT;
118const struct in6_addr in6addr_linklocal_allrouters =
119 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT;
|
| 120const struct in6_addr in6addr_linklocal_allv2routers =
121 IN6ADDR_LINKLOCAL_ALLV2ROUTERS_INIT;
|
122
123const struct in6_addr in6mask0 = IN6MASK0;
124const struct in6_addr in6mask32 = IN6MASK32;
125const struct in6_addr in6mask64 = IN6MASK64;
126const struct in6_addr in6mask96 = IN6MASK96;
127const struct in6_addr in6mask128 = IN6MASK128;
128
129const struct sockaddr_in6 sa6_any =
130 { sizeof(sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0 };
131
132static int in6_lifaddr_ioctl __P((struct socket *, u_long, caddr_t,
133 struct ifnet *, struct thread *));
134static int in6_ifinit __P((struct ifnet *, struct in6_ifaddr *,
135 struct sockaddr_in6 *, int));
136static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *);
137
| 122
123const struct in6_addr in6mask0 = IN6MASK0;
124const struct in6_addr in6mask32 = IN6MASK32;
125const struct in6_addr in6mask64 = IN6MASK64;
126const struct in6_addr in6mask96 = IN6MASK96;
127const struct in6_addr in6mask128 = IN6MASK128;
128
129const struct sockaddr_in6 sa6_any =
130 { sizeof(sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0 };
131
132static int in6_lifaddr_ioctl __P((struct socket *, u_long, caddr_t,
133 struct ifnet *, struct thread *));
134static int in6_ifinit __P((struct ifnet *, struct in6_ifaddr *,
135 struct sockaddr_in6 *, int));
136static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *);
137
|
138struct in6_multihead in6_multihead; /* XXX BSS initialization */
| |
139int (*faithprefix_p)(struct in6_addr *);
140
141
142
143int
144in6_mask2len(struct in6_addr *mask, u_char *lim0)
145{
146 int x = 0, y;
147 u_char *lim = lim0, *p;
148
149 /* ignore the scope_id part */
150 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask))
151 lim = (u_char *)mask + sizeof(*mask);
152 for (p = (u_char *)mask; p < lim; x++, p++) {
153 if (*p != 0xff)
154 break;
155 }
156 y = 0;
157 if (p < lim) {
158 for (y = 0; y < 8; y++) {
159 if ((*p & (0x80 >> y)) == 0)
160 break;
161 }
162 }
163
164 /*
165 * when the limit pointer is given, do a stricter check on the
166 * remaining bits.
167 */
168 if (p < lim) {
169 if (y != 0 && (*p & (0x00ff >> y)) != 0)
170 return (-1);
171 for (p = p + 1; p < lim; p++)
172 if (*p != 0)
173 return (-1);
174 }
175
176 return x * 8 + y;
177}
178
179#define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa))
180#define ia62ifa(ia6) (&((ia6)->ia_ifa))
181
182int
183in6_control(struct socket *so, u_long cmd, caddr_t data,
184 struct ifnet *ifp, struct thread *td)
185{
186 INIT_VNET_INET6(curvnet);
187 struct in6_ifreq *ifr = (struct in6_ifreq *)data;
188 struct in6_ifaddr *ia = NULL;
189 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data;
190 struct sockaddr_in6 *sa6;
191 int error;
192
193 switch (cmd) {
194 case SIOCGETSGCNT_IN6:
195 case SIOCGETMIFCNT_IN6:
196 return (mrt6_ioctl ? mrt6_ioctl(cmd, data) : EOPNOTSUPP);
197 }
198
199 switch(cmd) {
200 case SIOCAADDRCTL_POLICY:
201 case SIOCDADDRCTL_POLICY:
202 if (td != NULL) {
203 error = priv_check(td, PRIV_NETINET_ADDRCTRL6);
204 if (error)
205 return (error);
206 }
207 return (in6_src_ioctl(cmd, data));
208 }
209
210 if (ifp == NULL)
211 return (EOPNOTSUPP);
212
213 switch (cmd) {
214 case SIOCSNDFLUSH_IN6:
215 case SIOCSPFXFLUSH_IN6:
216 case SIOCSRTRFLUSH_IN6:
217 case SIOCSDEFIFACE_IN6:
218 case SIOCSIFINFO_FLAGS:
219 if (td != NULL) {
220 error = priv_check(td, PRIV_NETINET_ND6);
221 if (error)
222 return (error);
223 }
224 /* FALLTHROUGH */
225 case OSIOCGIFINFO_IN6:
226 case SIOCGIFINFO_IN6:
227 case SIOCSIFINFO_IN6:
228 case SIOCGDRLST_IN6:
229 case SIOCGPRLST_IN6:
230 case SIOCGNBRINFO_IN6:
231 case SIOCGDEFIFACE_IN6:
232 return (nd6_ioctl(cmd, data, ifp));
233 }
234
235 switch (cmd) {
236 case SIOCSIFPREFIX_IN6:
237 case SIOCDIFPREFIX_IN6:
238 case SIOCAIFPREFIX_IN6:
239 case SIOCCIFPREFIX_IN6:
240 case SIOCSGIFPREFIX_IN6:
241 case SIOCGIFPREFIX_IN6:
242 log(LOG_NOTICE,
243 "prefix ioctls are now invalidated. "
244 "please use ifconfig.\n");
245 return (EOPNOTSUPP);
246 }
247
248 switch (cmd) {
249 case SIOCSSCOPE6:
250 if (td != NULL) {
251 error = priv_check(td, PRIV_NETINET_SCOPE6);
252 if (error)
253 return (error);
254 }
255 return (scope6_set(ifp,
256 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id));
257 case SIOCGSCOPE6:
258 return (scope6_get(ifp,
259 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id));
260 case SIOCGSCOPE6DEF:
261 return (scope6_get_default((struct scope6_id *)
262 ifr->ifr_ifru.ifru_scope_id));
263 }
264
265 switch (cmd) {
266 case SIOCALIFADDR:
267 if (td != NULL) {
268 error = priv_check(td, PRIV_NET_ADDIFADDR);
269 if (error)
270 return (error);
271 }
272 return in6_lifaddr_ioctl(so, cmd, data, ifp, td);
273
274 case SIOCDLIFADDR:
275 if (td != NULL) {
276 error = priv_check(td, PRIV_NET_DELIFADDR);
277 if (error)
278 return (error);
279 }
280 /* FALLTHROUGH */
281 case SIOCGLIFADDR:
282 return in6_lifaddr_ioctl(so, cmd, data, ifp, td);
283 }
284
285 /*
286 * Find address for this interface, if it exists.
287 *
288 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation
289 * only, and used the first interface address as the target of other
290 * operations (without checking ifra_addr). This was because netinet
291 * code/API assumed at most 1 interface address per interface.
292 * Since IPv6 allows a node to assign multiple addresses
293 * on a single interface, we almost always look and check the
294 * presence of ifra_addr, and reject invalid ones here.
295 * It also decreases duplicated code among SIOC*_IN6 operations.
296 */
297 switch (cmd) {
298 case SIOCAIFADDR_IN6:
299 case SIOCSIFPHYADDR_IN6:
300 sa6 = &ifra->ifra_addr;
301 break;
302 case SIOCSIFADDR_IN6:
303 case SIOCGIFADDR_IN6:
304 case SIOCSIFDSTADDR_IN6:
305 case SIOCSIFNETMASK_IN6:
306 case SIOCGIFDSTADDR_IN6:
307 case SIOCGIFNETMASK_IN6:
308 case SIOCDIFADDR_IN6:
309 case SIOCGIFPSRCADDR_IN6:
310 case SIOCGIFPDSTADDR_IN6:
311 case SIOCGIFAFLAG_IN6:
312 case SIOCSNDFLUSH_IN6:
313 case SIOCSPFXFLUSH_IN6:
314 case SIOCSRTRFLUSH_IN6:
315 case SIOCGIFALIFETIME_IN6:
316 case SIOCSIFALIFETIME_IN6:
317 case SIOCGIFSTAT_IN6:
318 case SIOCGIFSTAT_ICMP6:
319 sa6 = &ifr->ifr_addr;
320 break;
321 default:
322 sa6 = NULL;
323 break;
324 }
325 if (sa6 && sa6->sin6_family == AF_INET6) {
326 int error = 0;
327
328 if (sa6->sin6_scope_id != 0)
329 error = sa6_embedscope(sa6, 0);
330 else
331 error = in6_setscope(&sa6->sin6_addr, ifp, NULL);
332 if (error != 0)
333 return (error);
334 if (td != NULL && (error = prison_check_ip6(td->td_ucred,
335 &sa6->sin6_addr)) != 0)
336 return (error);
337 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr);
338 } else
339 ia = NULL;
340
341 switch (cmd) {
342 case SIOCSIFADDR_IN6:
343 case SIOCSIFDSTADDR_IN6:
344 case SIOCSIFNETMASK_IN6:
345 /*
346 * Since IPv6 allows a node to assign multiple addresses
347 * on a single interface, SIOCSIFxxx ioctls are deprecated.
348 */
349 /* we decided to obsolete this command (20000704) */
350 return (EINVAL);
351
352 case SIOCDIFADDR_IN6:
353 /*
354 * for IPv4, we look for existing in_ifaddr here to allow
355 * "ifconfig if0 delete" to remove the first IPv4 address on
356 * the interface. For IPv6, as the spec allows multiple
357 * interface address from the day one, we consider "remove the
358 * first one" semantics to be not preferable.
359 */
360 if (ia == NULL)
361 return (EADDRNOTAVAIL);
362 /* FALLTHROUGH */
363 case SIOCAIFADDR_IN6:
364 /*
365 * We always require users to specify a valid IPv6 address for
366 * the corresponding operation.
367 */
368 if (ifra->ifra_addr.sin6_family != AF_INET6 ||
369 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6))
370 return (EAFNOSUPPORT);
371
372 if (td != NULL) {
373 error = priv_check(td, (cmd == SIOCDIFADDR_IN6) ?
374 PRIV_NET_DELIFADDR : PRIV_NET_ADDIFADDR);
375 if (error)
376 return (error);
377 }
378
379 break;
380
381 case SIOCGIFADDR_IN6:
382 /* This interface is basically deprecated. use SIOCGIFCONF. */
383 /* FALLTHROUGH */
384 case SIOCGIFAFLAG_IN6:
385 case SIOCGIFNETMASK_IN6:
386 case SIOCGIFDSTADDR_IN6:
387 case SIOCGIFALIFETIME_IN6:
388 /* must think again about its semantics */
389 if (ia == NULL)
390 return (EADDRNOTAVAIL);
391 break;
392 case SIOCSIFALIFETIME_IN6:
393 {
394 struct in6_addrlifetime *lt;
395
396 if (td != NULL) {
397 error = priv_check(td, PRIV_NETINET_ALIFETIME6);
398 if (error)
399 return (error);
400 }
401 if (ia == NULL)
402 return (EADDRNOTAVAIL);
403 /* sanity for overflow - beware unsigned */
404 lt = &ifr->ifr_ifru.ifru_lifetime;
405 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME &&
406 lt->ia6t_vltime + time_second < time_second) {
407 return EINVAL;
408 }
409 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME &&
410 lt->ia6t_pltime + time_second < time_second) {
411 return EINVAL;
412 }
413 break;
414 }
415 }
416
417 switch (cmd) {
418
419 case SIOCGIFADDR_IN6:
420 ifr->ifr_addr = ia->ia_addr;
421 if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0)
422 return (error);
423 break;
424
425 case SIOCGIFDSTADDR_IN6:
426 if ((ifp->if_flags & IFF_POINTOPOINT) == 0)
427 return (EINVAL);
428 /*
429 * XXX: should we check if ifa_dstaddr is NULL and return
430 * an error?
431 */
432 ifr->ifr_dstaddr = ia->ia_dstaddr;
433 if ((error = sa6_recoverscope(&ifr->ifr_dstaddr)) != 0)
434 return (error);
435 break;
436
437 case SIOCGIFNETMASK_IN6:
438 ifr->ifr_addr = ia->ia_prefixmask;
439 break;
440
441 case SIOCGIFAFLAG_IN6:
442 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags;
443 break;
444
445 case SIOCGIFSTAT_IN6:
446 if (ifp == NULL)
447 return EINVAL;
448 bzero(&ifr->ifr_ifru.ifru_stat,
449 sizeof(ifr->ifr_ifru.ifru_stat));
450 ifr->ifr_ifru.ifru_stat =
451 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat;
452 break;
453
454 case SIOCGIFSTAT_ICMP6:
455 if (ifp == NULL)
456 return EINVAL;
457 bzero(&ifr->ifr_ifru.ifru_icmp6stat,
458 sizeof(ifr->ifr_ifru.ifru_icmp6stat));
459 ifr->ifr_ifru.ifru_icmp6stat =
460 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat;
461 break;
462
463 case SIOCGIFALIFETIME_IN6:
464 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime;
465 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
466 time_t maxexpire;
467 struct in6_addrlifetime *retlt =
468 &ifr->ifr_ifru.ifru_lifetime;
469
470 /*
471 * XXX: adjust expiration time assuming time_t is
472 * signed.
473 */
474 maxexpire = (-1) &
475 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
476 if (ia->ia6_lifetime.ia6t_vltime <
477 maxexpire - ia->ia6_updatetime) {
478 retlt->ia6t_expire = ia->ia6_updatetime +
479 ia->ia6_lifetime.ia6t_vltime;
480 } else
481 retlt->ia6t_expire = maxexpire;
482 }
483 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
484 time_t maxexpire;
485 struct in6_addrlifetime *retlt =
486 &ifr->ifr_ifru.ifru_lifetime;
487
488 /*
489 * XXX: adjust expiration time assuming time_t is
490 * signed.
491 */
492 maxexpire = (-1) &
493 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
494 if (ia->ia6_lifetime.ia6t_pltime <
495 maxexpire - ia->ia6_updatetime) {
496 retlt->ia6t_preferred = ia->ia6_updatetime +
497 ia->ia6_lifetime.ia6t_pltime;
498 } else
499 retlt->ia6t_preferred = maxexpire;
500 }
501 break;
502
503 case SIOCSIFALIFETIME_IN6:
504 ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime;
505 /* for sanity */
506 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
507 ia->ia6_lifetime.ia6t_expire =
508 time_second + ia->ia6_lifetime.ia6t_vltime;
509 } else
510 ia->ia6_lifetime.ia6t_expire = 0;
511 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
512 ia->ia6_lifetime.ia6t_preferred =
513 time_second + ia->ia6_lifetime.ia6t_pltime;
514 } else
515 ia->ia6_lifetime.ia6t_preferred = 0;
516 break;
517
518 case SIOCAIFADDR_IN6:
519 {
520 int i, error = 0;
521 struct nd_prefixctl pr0;
522 struct nd_prefix *pr;
523
524 /*
525 * first, make or update the interface address structure,
526 * and link it to the list.
527 */
528 if ((error = in6_update_ifa(ifp, ifra, ia, 0)) != 0)
529 return (error);
530 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr))
531 == NULL) {
532 /*
533 * this can happen when the user specify the 0 valid
534 * lifetime.
535 */
536 break;
537 }
538
539 /*
540 * then, make the prefix on-link on the interface.
541 * XXX: we'd rather create the prefix before the address, but
542 * we need at least one address to install the corresponding
543 * interface route, so we configure the address first.
544 */
545
546 /*
547 * convert mask to prefix length (prefixmask has already
548 * been validated in in6_update_ifa().
549 */
550 bzero(&pr0, sizeof(pr0));
551 pr0.ndpr_ifp = ifp;
552 pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
553 NULL);
554 if (pr0.ndpr_plen == 128) {
555 break; /* we don't need to install a host route. */
556 }
557 pr0.ndpr_prefix = ifra->ifra_addr;
558 /* apply the mask for safety. */
559 for (i = 0; i < 4; i++) {
560 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &=
561 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i];
562 }
563 /*
564 * XXX: since we don't have an API to set prefix (not address)
565 * lifetimes, we just use the same lifetimes as addresses.
566 * The (temporarily) installed lifetimes can be overridden by
567 * later advertised RAs (when accept_rtadv is non 0), which is
568 * an intended behavior.
569 */
570 pr0.ndpr_raf_onlink = 1; /* should be configurable? */
571 pr0.ndpr_raf_auto =
572 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0);
573 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime;
574 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime;
575
576 /* add the prefix if not yet. */
577 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) {
578 /*
579 * nd6_prelist_add will install the corresponding
580 * interface route.
581 */
582 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0)
583 return (error);
584 if (pr == NULL) {
585 log(LOG_ERR, "nd6_prelist_add succeeded but "
586 "no prefix\n");
587 return (EINVAL); /* XXX panic here? */
588 }
589 }
590
591 /* relate the address to the prefix */
592 if (ia->ia6_ndpr == NULL) {
593 ia->ia6_ndpr = pr;
594 pr->ndpr_refcnt++;
595
596 /*
597 * If this is the first autoconf address from the
598 * prefix, create a temporary address as well
599 * (when required).
600 */
601 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) &&
602 V_ip6_use_tempaddr && pr->ndpr_refcnt == 1) {
603 int e;
604 if ((e = in6_tmpifadd(ia, 1, 0)) != 0) {
605 log(LOG_NOTICE, "in6_control: failed "
606 "to create a temporary address, "
607 "errno=%d\n", e);
608 }
609 }
610 }
611
612 /*
613 * this might affect the status of autoconfigured addresses,
614 * that is, this address might make other addresses detached.
615 */
616 pfxlist_onlink_check();
617 if (error == 0 && ia)
618 EVENTHANDLER_INVOKE(ifaddr_event, ifp);
619 break;
620 }
621
622 case SIOCDIFADDR_IN6:
623 {
624 struct nd_prefix *pr;
625
626 /*
627 * If the address being deleted is the only one that owns
628 * the corresponding prefix, expire the prefix as well.
629 * XXX: theoretically, we don't have to worry about such
630 * relationship, since we separate the address management
631 * and the prefix management. We do this, however, to provide
632 * as much backward compatibility as possible in terms of
633 * the ioctl operation.
634 * Note that in6_purgeaddr() will decrement ndpr_refcnt.
635 */
636 pr = ia->ia6_ndpr;
637 in6_purgeaddr(&ia->ia_ifa);
638 if (pr && pr->ndpr_refcnt == 0)
639 prelist_remove(pr);
640 EVENTHANDLER_INVOKE(ifaddr_event, ifp);
641 break;
642 }
643
644 default:
645 if (ifp == NULL || ifp->if_ioctl == 0)
646 return (EOPNOTSUPP);
647 return ((*ifp->if_ioctl)(ifp, cmd, data));
648 }
649
650 return (0);
651}
652
653/*
654 * Update parameters of an IPv6 interface address.
655 * If necessary, a new entry is created and linked into address chains.
656 * This function is separated from in6_control().
657 * XXX: should this be performed under splnet()?
658 */
659int
660in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra,
661 struct in6_ifaddr *ia, int flags)
662{
663 INIT_VNET_INET6(ifp->if_vnet);
664 INIT_VPROCG(TD_TO_VPROCG(curthread)); /* XXX V_hostname needs this */
665 int error = 0, hostIsNew = 0, plen = -1;
666 struct in6_ifaddr *oia;
667 struct sockaddr_in6 dst6;
668 struct in6_addrlifetime *lt;
669 struct in6_multi_mship *imm;
670 struct in6_multi *in6m_sol;
671 struct rtentry *rt;
672 int delay;
673 char ip6buf[INET6_ADDRSTRLEN];
674
675 /* Validate parameters */
676 if (ifp == NULL || ifra == NULL) /* this maybe redundant */
677 return (EINVAL);
678
679 /*
680 * The destination address for a p2p link must have a family
681 * of AF_UNSPEC or AF_INET6.
682 */
683 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 &&
684 ifra->ifra_dstaddr.sin6_family != AF_INET6 &&
685 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC)
686 return (EAFNOSUPPORT);
687 /*
688 * validate ifra_prefixmask. don't check sin6_family, netmask
689 * does not carry fields other than sin6_len.
690 */
691 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6))
692 return (EINVAL);
693 /*
694 * Because the IPv6 address architecture is classless, we require
695 * users to specify a (non 0) prefix length (mask) for a new address.
696 * We also require the prefix (when specified) mask is valid, and thus
697 * reject a non-consecutive mask.
698 */
699 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0)
700 return (EINVAL);
701 if (ifra->ifra_prefixmask.sin6_len != 0) {
702 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
703 (u_char *)&ifra->ifra_prefixmask +
704 ifra->ifra_prefixmask.sin6_len);
705 if (plen <= 0)
706 return (EINVAL);
707 } else {
708 /*
709 * In this case, ia must not be NULL. We just use its prefix
710 * length.
711 */
712 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL);
713 }
714 /*
715 * If the destination address on a p2p interface is specified,
716 * and the address is a scoped one, validate/set the scope
717 * zone identifier.
718 */
719 dst6 = ifra->ifra_dstaddr;
720 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 &&
721 (dst6.sin6_family == AF_INET6)) {
722 struct in6_addr in6_tmp;
723 u_int32_t zoneid;
724
725 in6_tmp = dst6.sin6_addr;
726 if (in6_setscope(&in6_tmp, ifp, &zoneid))
727 return (EINVAL); /* XXX: should be impossible */
728
729 if (dst6.sin6_scope_id != 0) {
730 if (dst6.sin6_scope_id != zoneid)
731 return (EINVAL);
732 } else /* user omit to specify the ID. */
733 dst6.sin6_scope_id = zoneid;
734
735 /* convert into the internal form */
736 if (sa6_embedscope(&dst6, 0))
737 return (EINVAL); /* XXX: should be impossible */
738 }
739 /*
740 * The destination address can be specified only for a p2p or a
741 * loopback interface. If specified, the corresponding prefix length
742 * must be 128.
743 */
744 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) {
745 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) {
746 /* XXX: noisy message */
747 nd6log((LOG_INFO, "in6_update_ifa: a destination can "
748 "be specified for a p2p or a loopback IF only\n"));
749 return (EINVAL);
750 }
751 if (plen != 128) {
752 nd6log((LOG_INFO, "in6_update_ifa: prefixlen should "
753 "be 128 when dstaddr is specified\n"));
754 return (EINVAL);
755 }
756 }
757 /* lifetime consistency check */
758 lt = &ifra->ifra_lifetime;
759 if (lt->ia6t_pltime > lt->ia6t_vltime)
760 return (EINVAL);
761 if (lt->ia6t_vltime == 0) {
762 /*
763 * the following log might be noisy, but this is a typical
764 * configuration mistake or a tool's bug.
765 */
766 nd6log((LOG_INFO,
767 "in6_update_ifa: valid lifetime is 0 for %s\n",
768 ip6_sprintf(ip6buf, &ifra->ifra_addr.sin6_addr)));
769
770 if (ia == NULL)
771 return (0); /* there's nothing to do */
772 }
773
774 /*
775 * If this is a new address, allocate a new ifaddr and link it
776 * into chains.
777 */
778 if (ia == NULL) {
779 hostIsNew = 1;
780 /*
781 * When in6_update_ifa() is called in a process of a received
782 * RA, it is called under an interrupt context. So, we should
783 * call malloc with M_NOWAIT.
784 */
785 ia = (struct in6_ifaddr *) malloc(sizeof(*ia), M_IFADDR,
786 M_NOWAIT);
787 if (ia == NULL)
788 return (ENOBUFS);
789 bzero((caddr_t)ia, sizeof(*ia));
790 LIST_INIT(&ia->ia6_memberships);
791 /* Initialize the address and masks, and put time stamp */
792 IFA_LOCK_INIT(&ia->ia_ifa);
793 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr;
794 ia->ia_addr.sin6_family = AF_INET6;
795 ia->ia_addr.sin6_len = sizeof(ia->ia_addr);
796 ia->ia6_createtime = time_second;
797 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) {
798 /*
799 * XXX: some functions expect that ifa_dstaddr is not
800 * NULL for p2p interfaces.
801 */
802 ia->ia_ifa.ifa_dstaddr =
803 (struct sockaddr *)&ia->ia_dstaddr;
804 } else {
805 ia->ia_ifa.ifa_dstaddr = NULL;
806 }
807 ia->ia_ifa.ifa_netmask = (struct sockaddr *)&ia->ia_prefixmask;
808
809 ia->ia_ifp = ifp;
810 if ((oia = V_in6_ifaddr) != NULL) {
811 for ( ; oia->ia_next; oia = oia->ia_next)
812 continue;
813 oia->ia_next = ia;
814 } else
815 V_in6_ifaddr = ia;
816
817 ia->ia_ifa.ifa_refcnt = 1;
818 IF_ADDR_LOCK(ifp);
819 TAILQ_INSERT_TAIL(&ifp->if_addrhead, &ia->ia_ifa, ifa_link);
820 IF_ADDR_UNLOCK(ifp);
821 }
822
823 /* update timestamp */
824 ia->ia6_updatetime = time_second;
825
826 /* set prefix mask */
827 if (ifra->ifra_prefixmask.sin6_len) {
828 /*
829 * We prohibit changing the prefix length of an existing
830 * address, because
831 * + such an operation should be rare in IPv6, and
832 * + the operation would confuse prefix management.
833 */
834 if (ia->ia_prefixmask.sin6_len &&
835 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) {
836 nd6log((LOG_INFO, "in6_update_ifa: the prefix length of an"
837 " existing (%s) address should not be changed\n",
838 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
839 error = EINVAL;
840 goto unlink;
841 }
842 ia->ia_prefixmask = ifra->ifra_prefixmask;
843 }
844
845 /*
846 * If a new destination address is specified, scrub the old one and
847 * install the new destination. Note that the interface must be
848 * p2p or loopback (see the check above.)
849 */
850 if (dst6.sin6_family == AF_INET6 &&
851 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, &ia->ia_dstaddr.sin6_addr)) {
852 int e;
853
854 if ((ia->ia_flags & IFA_ROUTE) != 0 &&
855 (e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) != 0) {
856 nd6log((LOG_ERR, "in6_update_ifa: failed to remove "
857 "a route to the old destination: %s\n",
858 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
859 /* proceed anyway... */
860 } else
861 ia->ia_flags &= ~IFA_ROUTE;
862 ia->ia_dstaddr = dst6;
863 }
864
865 /*
866 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred
867 * to see if the address is deprecated or invalidated, but initialize
868 * these members for applications.
869 */
870 ia->ia6_lifetime = ifra->ifra_lifetime;
871 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
872 ia->ia6_lifetime.ia6t_expire =
873 time_second + ia->ia6_lifetime.ia6t_vltime;
874 } else
875 ia->ia6_lifetime.ia6t_expire = 0;
876 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
877 ia->ia6_lifetime.ia6t_preferred =
878 time_second + ia->ia6_lifetime.ia6t_pltime;
879 } else
880 ia->ia6_lifetime.ia6t_preferred = 0;
881
882 /* reset the interface and routing table appropriately. */
883 if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0)
884 goto unlink;
885
886 /*
887 * configure address flags.
888 */
889 ia->ia6_flags = ifra->ifra_flags;
890 /*
891 * backward compatibility - if IN6_IFF_DEPRECATED is set from the
892 * userland, make it deprecated.
893 */
894 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) {
895 ia->ia6_lifetime.ia6t_pltime = 0;
896 ia->ia6_lifetime.ia6t_preferred = time_second;
897 }
898 /*
899 * Make the address tentative before joining multicast addresses,
900 * so that corresponding MLD responses would not have a tentative
901 * source address.
902 */
903 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */
904 if (hostIsNew && in6if_do_dad(ifp))
905 ia->ia6_flags |= IN6_IFF_TENTATIVE;
906
907 /*
908 * We are done if we have simply modified an existing address.
909 */
910 if (!hostIsNew)
911 return (error);
912
913 /*
914 * Beyond this point, we should call in6_purgeaddr upon an error,
915 * not just go to unlink.
916 */
917
918 /* Join necessary multicast groups */
919 in6m_sol = NULL;
920 if ((ifp->if_flags & IFF_MULTICAST) != 0) {
921 struct sockaddr_in6 mltaddr, mltmask;
922 struct in6_addr llsol;
923
924 /* join solicited multicast addr for new host id */
925 bzero(&llsol, sizeof(struct in6_addr));
926 llsol.s6_addr32[0] = IPV6_ADDR_INT32_MLL;
927 llsol.s6_addr32[1] = 0;
928 llsol.s6_addr32[2] = htonl(1);
929 llsol.s6_addr32[3] = ifra->ifra_addr.sin6_addr.s6_addr32[3];
930 llsol.s6_addr8[12] = 0xff;
931 if ((error = in6_setscope(&llsol, ifp, NULL)) != 0) {
932 /* XXX: should not happen */
933 log(LOG_ERR, "in6_update_ifa: "
934 "in6_setscope failed\n");
935 goto cleanup;
936 }
937 delay = 0;
938 if ((flags & IN6_IFAUPDATE_DADDELAY)) {
939 /*
940 * We need a random delay for DAD on the address
941 * being configured. It also means delaying
942 * transmission of the corresponding MLD report to
943 * avoid report collision.
944 * [draft-ietf-ipv6-rfc2462bis-02.txt]
945 */
946 delay = arc4random() %
947 (MAX_RTR_SOLICITATION_DELAY * hz);
948 }
949 imm = in6_joingroup(ifp, &llsol, &error, delay);
950 if (imm == NULL) {
951 nd6log((LOG_WARNING,
952 "in6_update_ifa: addmulti failed for "
953 "%s on %s (errno=%d)\n",
954 ip6_sprintf(ip6buf, &llsol), if_name(ifp),
955 error));
956 in6_purgeaddr((struct ifaddr *)ia);
957 return (error);
958 }
959 LIST_INSERT_HEAD(&ia->ia6_memberships,
960 imm, i6mm_chain);
961 in6m_sol = imm->i6mm_maddr;
962
963 bzero(&mltmask, sizeof(mltmask));
964 mltmask.sin6_len = sizeof(struct sockaddr_in6);
965 mltmask.sin6_family = AF_INET6;
966 mltmask.sin6_addr = in6mask32;
967#define MLTMASK_LEN 4 /* mltmask's masklen (=32bit=4octet) */
968
969 /*
970 * join link-local all-nodes address
971 */
972 bzero(&mltaddr, sizeof(mltaddr));
973 mltaddr.sin6_len = sizeof(struct sockaddr_in6);
974 mltaddr.sin6_family = AF_INET6;
975 mltaddr.sin6_addr = in6addr_linklocal_allnodes;
976 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) !=
977 0)
978 goto cleanup; /* XXX: should not fail */
979
980 /*
981 * XXX: do we really need this automatic routes?
982 * We should probably reconsider this stuff. Most applications
983 * actually do not need the routes, since they usually specify
984 * the outgoing interface.
985 */
986 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL);
987 if (rt) {
988 /* XXX: only works in !SCOPEDROUTING case. */
989 if (memcmp(&mltaddr.sin6_addr,
990 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr,
991 MLTMASK_LEN)) {
992 RTFREE_LOCKED(rt);
993 rt = NULL;
994 }
995 }
996 if (!rt) {
997 error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr,
998 (struct sockaddr *)&ia->ia_addr,
999 (struct sockaddr *)&mltmask, RTF_UP,
1000 (struct rtentry **)0);
1001 if (error)
1002 goto cleanup;
1003 } else {
1004 RTFREE_LOCKED(rt);
1005 }
1006
1007 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0);
1008 if (!imm) {
1009 nd6log((LOG_WARNING,
1010 "in6_update_ifa: addmulti failed for "
1011 "%s on %s (errno=%d)\n",
1012 ip6_sprintf(ip6buf, &mltaddr.sin6_addr),
1013 if_name(ifp), error));
1014 goto cleanup;
1015 }
1016 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
1017
1018 /*
1019 * join node information group address
1020 */
1021#define hostnamelen strlen(V_hostname)
1022 delay = 0;
1023 if ((flags & IN6_IFAUPDATE_DADDELAY)) {
1024 /*
1025 * The spec doesn't say anything about delay for this
1026 * group, but the same logic should apply.
1027 */
1028 delay = arc4random() %
1029 (MAX_RTR_SOLICITATION_DELAY * hz);
1030 }
1031 mtx_lock(&hostname_mtx);
1032 if (in6_nigroup(ifp, V_hostname, hostnamelen,
1033 &mltaddr.sin6_addr) == 0) {
1034 mtx_unlock(&hostname_mtx);
1035 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error,
1036 delay); /* XXX jinmei */
1037 if (!imm) {
1038 nd6log((LOG_WARNING, "in6_update_ifa: "
1039 "addmulti failed for %s on %s "
1040 "(errno=%d)\n",
1041 ip6_sprintf(ip6buf, &mltaddr.sin6_addr),
1042 if_name(ifp), error));
1043 /* XXX not very fatal, go on... */
1044 } else {
1045 LIST_INSERT_HEAD(&ia->ia6_memberships,
1046 imm, i6mm_chain);
1047 }
1048 } else
1049 mtx_unlock(&hostname_mtx);
1050#undef hostnamelen
1051
1052 /*
1053 * join interface-local all-nodes address.
1054 * (ff01::1%ifN, and ff01::%ifN/32)
1055 */
1056 mltaddr.sin6_addr = in6addr_nodelocal_allnodes;
1057 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL))
1058 != 0)
1059 goto cleanup; /* XXX: should not fail */
1060 /* XXX: again, do we really need the route? */
1061 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL);
1062 if (rt) {
1063 if (memcmp(&mltaddr.sin6_addr,
1064 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr,
1065 MLTMASK_LEN)) {
1066 RTFREE_LOCKED(rt);
1067 rt = NULL;
1068 }
1069 }
1070 if (!rt) {
1071 error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr,
1072 (struct sockaddr *)&ia->ia_addr,
1073 (struct sockaddr *)&mltmask, RTF_UP,
1074 (struct rtentry **)0);
1075 if (error)
1076 goto cleanup;
1077 } else
1078 RTFREE_LOCKED(rt);
1079
1080 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0);
1081 if (!imm) {
1082 nd6log((LOG_WARNING, "in6_update_ifa: "
1083 "addmulti failed for %s on %s "
1084 "(errno=%d)\n",
1085 ip6_sprintf(ip6buf, &mltaddr.sin6_addr),
1086 if_name(ifp), error));
1087 goto cleanup;
1088 }
1089 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
1090#undef MLTMASK_LEN
1091 }
1092
1093 /*
1094 * Perform DAD, if needed.
1095 * XXX It may be of use, if we can administratively
1096 * disable DAD.
1097 */
1098 if (hostIsNew && in6if_do_dad(ifp) &&
1099 ((ifra->ifra_flags & IN6_IFF_NODAD) == 0) &&
1100 (ia->ia6_flags & IN6_IFF_TENTATIVE))
1101 {
1102 int mindelay, maxdelay;
1103
1104 delay = 0;
1105 if ((flags & IN6_IFAUPDATE_DADDELAY)) {
1106 /*
1107 * We need to impose a delay before sending an NS
1108 * for DAD. Check if we also needed a delay for the
1109 * corresponding MLD message. If we did, the delay
1110 * should be larger than the MLD delay (this could be
1111 * relaxed a bit, but this simple logic is at least
1112 * safe).
| 138int (*faithprefix_p)(struct in6_addr *);
139
140
141
142int
143in6_mask2len(struct in6_addr *mask, u_char *lim0)
144{
145 int x = 0, y;
146 u_char *lim = lim0, *p;
147
148 /* ignore the scope_id part */
149 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask))
150 lim = (u_char *)mask + sizeof(*mask);
151 for (p = (u_char *)mask; p < lim; x++, p++) {
152 if (*p != 0xff)
153 break;
154 }
155 y = 0;
156 if (p < lim) {
157 for (y = 0; y < 8; y++) {
158 if ((*p & (0x80 >> y)) == 0)
159 break;
160 }
161 }
162
163 /*
164 * when the limit pointer is given, do a stricter check on the
165 * remaining bits.
166 */
167 if (p < lim) {
168 if (y != 0 && (*p & (0x00ff >> y)) != 0)
169 return (-1);
170 for (p = p + 1; p < lim; p++)
171 if (*p != 0)
172 return (-1);
173 }
174
175 return x * 8 + y;
176}
177
178#define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa))
179#define ia62ifa(ia6) (&((ia6)->ia_ifa))
180
181int
182in6_control(struct socket *so, u_long cmd, caddr_t data,
183 struct ifnet *ifp, struct thread *td)
184{
185 INIT_VNET_INET6(curvnet);
186 struct in6_ifreq *ifr = (struct in6_ifreq *)data;
187 struct in6_ifaddr *ia = NULL;
188 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data;
189 struct sockaddr_in6 *sa6;
190 int error;
191
192 switch (cmd) {
193 case SIOCGETSGCNT_IN6:
194 case SIOCGETMIFCNT_IN6:
195 return (mrt6_ioctl ? mrt6_ioctl(cmd, data) : EOPNOTSUPP);
196 }
197
198 switch(cmd) {
199 case SIOCAADDRCTL_POLICY:
200 case SIOCDADDRCTL_POLICY:
201 if (td != NULL) {
202 error = priv_check(td, PRIV_NETINET_ADDRCTRL6);
203 if (error)
204 return (error);
205 }
206 return (in6_src_ioctl(cmd, data));
207 }
208
209 if (ifp == NULL)
210 return (EOPNOTSUPP);
211
212 switch (cmd) {
213 case SIOCSNDFLUSH_IN6:
214 case SIOCSPFXFLUSH_IN6:
215 case SIOCSRTRFLUSH_IN6:
216 case SIOCSDEFIFACE_IN6:
217 case SIOCSIFINFO_FLAGS:
218 if (td != NULL) {
219 error = priv_check(td, PRIV_NETINET_ND6);
220 if (error)
221 return (error);
222 }
223 /* FALLTHROUGH */
224 case OSIOCGIFINFO_IN6:
225 case SIOCGIFINFO_IN6:
226 case SIOCSIFINFO_IN6:
227 case SIOCGDRLST_IN6:
228 case SIOCGPRLST_IN6:
229 case SIOCGNBRINFO_IN6:
230 case SIOCGDEFIFACE_IN6:
231 return (nd6_ioctl(cmd, data, ifp));
232 }
233
234 switch (cmd) {
235 case SIOCSIFPREFIX_IN6:
236 case SIOCDIFPREFIX_IN6:
237 case SIOCAIFPREFIX_IN6:
238 case SIOCCIFPREFIX_IN6:
239 case SIOCSGIFPREFIX_IN6:
240 case SIOCGIFPREFIX_IN6:
241 log(LOG_NOTICE,
242 "prefix ioctls are now invalidated. "
243 "please use ifconfig.\n");
244 return (EOPNOTSUPP);
245 }
246
247 switch (cmd) {
248 case SIOCSSCOPE6:
249 if (td != NULL) {
250 error = priv_check(td, PRIV_NETINET_SCOPE6);
251 if (error)
252 return (error);
253 }
254 return (scope6_set(ifp,
255 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id));
256 case SIOCGSCOPE6:
257 return (scope6_get(ifp,
258 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id));
259 case SIOCGSCOPE6DEF:
260 return (scope6_get_default((struct scope6_id *)
261 ifr->ifr_ifru.ifru_scope_id));
262 }
263
264 switch (cmd) {
265 case SIOCALIFADDR:
266 if (td != NULL) {
267 error = priv_check(td, PRIV_NET_ADDIFADDR);
268 if (error)
269 return (error);
270 }
271 return in6_lifaddr_ioctl(so, cmd, data, ifp, td);
272
273 case SIOCDLIFADDR:
274 if (td != NULL) {
275 error = priv_check(td, PRIV_NET_DELIFADDR);
276 if (error)
277 return (error);
278 }
279 /* FALLTHROUGH */
280 case SIOCGLIFADDR:
281 return in6_lifaddr_ioctl(so, cmd, data, ifp, td);
282 }
283
284 /*
285 * Find address for this interface, if it exists.
286 *
287 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation
288 * only, and used the first interface address as the target of other
289 * operations (without checking ifra_addr). This was because netinet
290 * code/API assumed at most 1 interface address per interface.
291 * Since IPv6 allows a node to assign multiple addresses
292 * on a single interface, we almost always look and check the
293 * presence of ifra_addr, and reject invalid ones here.
294 * It also decreases duplicated code among SIOC*_IN6 operations.
295 */
296 switch (cmd) {
297 case SIOCAIFADDR_IN6:
298 case SIOCSIFPHYADDR_IN6:
299 sa6 = &ifra->ifra_addr;
300 break;
301 case SIOCSIFADDR_IN6:
302 case SIOCGIFADDR_IN6:
303 case SIOCSIFDSTADDR_IN6:
304 case SIOCSIFNETMASK_IN6:
305 case SIOCGIFDSTADDR_IN6:
306 case SIOCGIFNETMASK_IN6:
307 case SIOCDIFADDR_IN6:
308 case SIOCGIFPSRCADDR_IN6:
309 case SIOCGIFPDSTADDR_IN6:
310 case SIOCGIFAFLAG_IN6:
311 case SIOCSNDFLUSH_IN6:
312 case SIOCSPFXFLUSH_IN6:
313 case SIOCSRTRFLUSH_IN6:
314 case SIOCGIFALIFETIME_IN6:
315 case SIOCSIFALIFETIME_IN6:
316 case SIOCGIFSTAT_IN6:
317 case SIOCGIFSTAT_ICMP6:
318 sa6 = &ifr->ifr_addr;
319 break;
320 default:
321 sa6 = NULL;
322 break;
323 }
324 if (sa6 && sa6->sin6_family == AF_INET6) {
325 int error = 0;
326
327 if (sa6->sin6_scope_id != 0)
328 error = sa6_embedscope(sa6, 0);
329 else
330 error = in6_setscope(&sa6->sin6_addr, ifp, NULL);
331 if (error != 0)
332 return (error);
333 if (td != NULL && (error = prison_check_ip6(td->td_ucred,
334 &sa6->sin6_addr)) != 0)
335 return (error);
336 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr);
337 } else
338 ia = NULL;
339
340 switch (cmd) {
341 case SIOCSIFADDR_IN6:
342 case SIOCSIFDSTADDR_IN6:
343 case SIOCSIFNETMASK_IN6:
344 /*
345 * Since IPv6 allows a node to assign multiple addresses
346 * on a single interface, SIOCSIFxxx ioctls are deprecated.
347 */
348 /* we decided to obsolete this command (20000704) */
349 return (EINVAL);
350
351 case SIOCDIFADDR_IN6:
352 /*
353 * for IPv4, we look for existing in_ifaddr here to allow
354 * "ifconfig if0 delete" to remove the first IPv4 address on
355 * the interface. For IPv6, as the spec allows multiple
356 * interface address from the day one, we consider "remove the
357 * first one" semantics to be not preferable.
358 */
359 if (ia == NULL)
360 return (EADDRNOTAVAIL);
361 /* FALLTHROUGH */
362 case SIOCAIFADDR_IN6:
363 /*
364 * We always require users to specify a valid IPv6 address for
365 * the corresponding operation.
366 */
367 if (ifra->ifra_addr.sin6_family != AF_INET6 ||
368 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6))
369 return (EAFNOSUPPORT);
370
371 if (td != NULL) {
372 error = priv_check(td, (cmd == SIOCDIFADDR_IN6) ?
373 PRIV_NET_DELIFADDR : PRIV_NET_ADDIFADDR);
374 if (error)
375 return (error);
376 }
377
378 break;
379
380 case SIOCGIFADDR_IN6:
381 /* This interface is basically deprecated. use SIOCGIFCONF. */
382 /* FALLTHROUGH */
383 case SIOCGIFAFLAG_IN6:
384 case SIOCGIFNETMASK_IN6:
385 case SIOCGIFDSTADDR_IN6:
386 case SIOCGIFALIFETIME_IN6:
387 /* must think again about its semantics */
388 if (ia == NULL)
389 return (EADDRNOTAVAIL);
390 break;
391 case SIOCSIFALIFETIME_IN6:
392 {
393 struct in6_addrlifetime *lt;
394
395 if (td != NULL) {
396 error = priv_check(td, PRIV_NETINET_ALIFETIME6);
397 if (error)
398 return (error);
399 }
400 if (ia == NULL)
401 return (EADDRNOTAVAIL);
402 /* sanity for overflow - beware unsigned */
403 lt = &ifr->ifr_ifru.ifru_lifetime;
404 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME &&
405 lt->ia6t_vltime + time_second < time_second) {
406 return EINVAL;
407 }
408 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME &&
409 lt->ia6t_pltime + time_second < time_second) {
410 return EINVAL;
411 }
412 break;
413 }
414 }
415
416 switch (cmd) {
417
418 case SIOCGIFADDR_IN6:
419 ifr->ifr_addr = ia->ia_addr;
420 if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0)
421 return (error);
422 break;
423
424 case SIOCGIFDSTADDR_IN6:
425 if ((ifp->if_flags & IFF_POINTOPOINT) == 0)
426 return (EINVAL);
427 /*
428 * XXX: should we check if ifa_dstaddr is NULL and return
429 * an error?
430 */
431 ifr->ifr_dstaddr = ia->ia_dstaddr;
432 if ((error = sa6_recoverscope(&ifr->ifr_dstaddr)) != 0)
433 return (error);
434 break;
435
436 case SIOCGIFNETMASK_IN6:
437 ifr->ifr_addr = ia->ia_prefixmask;
438 break;
439
440 case SIOCGIFAFLAG_IN6:
441 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags;
442 break;
443
444 case SIOCGIFSTAT_IN6:
445 if (ifp == NULL)
446 return EINVAL;
447 bzero(&ifr->ifr_ifru.ifru_stat,
448 sizeof(ifr->ifr_ifru.ifru_stat));
449 ifr->ifr_ifru.ifru_stat =
450 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat;
451 break;
452
453 case SIOCGIFSTAT_ICMP6:
454 if (ifp == NULL)
455 return EINVAL;
456 bzero(&ifr->ifr_ifru.ifru_icmp6stat,
457 sizeof(ifr->ifr_ifru.ifru_icmp6stat));
458 ifr->ifr_ifru.ifru_icmp6stat =
459 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat;
460 break;
461
462 case SIOCGIFALIFETIME_IN6:
463 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime;
464 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
465 time_t maxexpire;
466 struct in6_addrlifetime *retlt =
467 &ifr->ifr_ifru.ifru_lifetime;
468
469 /*
470 * XXX: adjust expiration time assuming time_t is
471 * signed.
472 */
473 maxexpire = (-1) &
474 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
475 if (ia->ia6_lifetime.ia6t_vltime <
476 maxexpire - ia->ia6_updatetime) {
477 retlt->ia6t_expire = ia->ia6_updatetime +
478 ia->ia6_lifetime.ia6t_vltime;
479 } else
480 retlt->ia6t_expire = maxexpire;
481 }
482 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
483 time_t maxexpire;
484 struct in6_addrlifetime *retlt =
485 &ifr->ifr_ifru.ifru_lifetime;
486
487 /*
488 * XXX: adjust expiration time assuming time_t is
489 * signed.
490 */
491 maxexpire = (-1) &
492 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
493 if (ia->ia6_lifetime.ia6t_pltime <
494 maxexpire - ia->ia6_updatetime) {
495 retlt->ia6t_preferred = ia->ia6_updatetime +
496 ia->ia6_lifetime.ia6t_pltime;
497 } else
498 retlt->ia6t_preferred = maxexpire;
499 }
500 break;
501
502 case SIOCSIFALIFETIME_IN6:
503 ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime;
504 /* for sanity */
505 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
506 ia->ia6_lifetime.ia6t_expire =
507 time_second + ia->ia6_lifetime.ia6t_vltime;
508 } else
509 ia->ia6_lifetime.ia6t_expire = 0;
510 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
511 ia->ia6_lifetime.ia6t_preferred =
512 time_second + ia->ia6_lifetime.ia6t_pltime;
513 } else
514 ia->ia6_lifetime.ia6t_preferred = 0;
515 break;
516
517 case SIOCAIFADDR_IN6:
518 {
519 int i, error = 0;
520 struct nd_prefixctl pr0;
521 struct nd_prefix *pr;
522
523 /*
524 * first, make or update the interface address structure,
525 * and link it to the list.
526 */
527 if ((error = in6_update_ifa(ifp, ifra, ia, 0)) != 0)
528 return (error);
529 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr))
530 == NULL) {
531 /*
532 * this can happen when the user specify the 0 valid
533 * lifetime.
534 */
535 break;
536 }
537
538 /*
539 * then, make the prefix on-link on the interface.
540 * XXX: we'd rather create the prefix before the address, but
541 * we need at least one address to install the corresponding
542 * interface route, so we configure the address first.
543 */
544
545 /*
546 * convert mask to prefix length (prefixmask has already
547 * been validated in in6_update_ifa().
548 */
549 bzero(&pr0, sizeof(pr0));
550 pr0.ndpr_ifp = ifp;
551 pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
552 NULL);
553 if (pr0.ndpr_plen == 128) {
554 break; /* we don't need to install a host route. */
555 }
556 pr0.ndpr_prefix = ifra->ifra_addr;
557 /* apply the mask for safety. */
558 for (i = 0; i < 4; i++) {
559 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &=
560 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i];
561 }
562 /*
563 * XXX: since we don't have an API to set prefix (not address)
564 * lifetimes, we just use the same lifetimes as addresses.
565 * The (temporarily) installed lifetimes can be overridden by
566 * later advertised RAs (when accept_rtadv is non 0), which is
567 * an intended behavior.
568 */
569 pr0.ndpr_raf_onlink = 1; /* should be configurable? */
570 pr0.ndpr_raf_auto =
571 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0);
572 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime;
573 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime;
574
575 /* add the prefix if not yet. */
576 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) {
577 /*
578 * nd6_prelist_add will install the corresponding
579 * interface route.
580 */
581 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0)
582 return (error);
583 if (pr == NULL) {
584 log(LOG_ERR, "nd6_prelist_add succeeded but "
585 "no prefix\n");
586 return (EINVAL); /* XXX panic here? */
587 }
588 }
589
590 /* relate the address to the prefix */
591 if (ia->ia6_ndpr == NULL) {
592 ia->ia6_ndpr = pr;
593 pr->ndpr_refcnt++;
594
595 /*
596 * If this is the first autoconf address from the
597 * prefix, create a temporary address as well
598 * (when required).
599 */
600 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) &&
601 V_ip6_use_tempaddr && pr->ndpr_refcnt == 1) {
602 int e;
603 if ((e = in6_tmpifadd(ia, 1, 0)) != 0) {
604 log(LOG_NOTICE, "in6_control: failed "
605 "to create a temporary address, "
606 "errno=%d\n", e);
607 }
608 }
609 }
610
611 /*
612 * this might affect the status of autoconfigured addresses,
613 * that is, this address might make other addresses detached.
614 */
615 pfxlist_onlink_check();
616 if (error == 0 && ia)
617 EVENTHANDLER_INVOKE(ifaddr_event, ifp);
618 break;
619 }
620
621 case SIOCDIFADDR_IN6:
622 {
623 struct nd_prefix *pr;
624
625 /*
626 * If the address being deleted is the only one that owns
627 * the corresponding prefix, expire the prefix as well.
628 * XXX: theoretically, we don't have to worry about such
629 * relationship, since we separate the address management
630 * and the prefix management. We do this, however, to provide
631 * as much backward compatibility as possible in terms of
632 * the ioctl operation.
633 * Note that in6_purgeaddr() will decrement ndpr_refcnt.
634 */
635 pr = ia->ia6_ndpr;
636 in6_purgeaddr(&ia->ia_ifa);
637 if (pr && pr->ndpr_refcnt == 0)
638 prelist_remove(pr);
639 EVENTHANDLER_INVOKE(ifaddr_event, ifp);
640 break;
641 }
642
643 default:
644 if (ifp == NULL || ifp->if_ioctl == 0)
645 return (EOPNOTSUPP);
646 return ((*ifp->if_ioctl)(ifp, cmd, data));
647 }
648
649 return (0);
650}
651
652/*
653 * Update parameters of an IPv6 interface address.
654 * If necessary, a new entry is created and linked into address chains.
655 * This function is separated from in6_control().
656 * XXX: should this be performed under splnet()?
657 */
658int
659in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra,
660 struct in6_ifaddr *ia, int flags)
661{
662 INIT_VNET_INET6(ifp->if_vnet);
663 INIT_VPROCG(TD_TO_VPROCG(curthread)); /* XXX V_hostname needs this */
664 int error = 0, hostIsNew = 0, plen = -1;
665 struct in6_ifaddr *oia;
666 struct sockaddr_in6 dst6;
667 struct in6_addrlifetime *lt;
668 struct in6_multi_mship *imm;
669 struct in6_multi *in6m_sol;
670 struct rtentry *rt;
671 int delay;
672 char ip6buf[INET6_ADDRSTRLEN];
673
674 /* Validate parameters */
675 if (ifp == NULL || ifra == NULL) /* this maybe redundant */
676 return (EINVAL);
677
678 /*
679 * The destination address for a p2p link must have a family
680 * of AF_UNSPEC or AF_INET6.
681 */
682 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 &&
683 ifra->ifra_dstaddr.sin6_family != AF_INET6 &&
684 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC)
685 return (EAFNOSUPPORT);
686 /*
687 * validate ifra_prefixmask. don't check sin6_family, netmask
688 * does not carry fields other than sin6_len.
689 */
690 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6))
691 return (EINVAL);
692 /*
693 * Because the IPv6 address architecture is classless, we require
694 * users to specify a (non 0) prefix length (mask) for a new address.
695 * We also require the prefix (when specified) mask is valid, and thus
696 * reject a non-consecutive mask.
697 */
698 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0)
699 return (EINVAL);
700 if (ifra->ifra_prefixmask.sin6_len != 0) {
701 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
702 (u_char *)&ifra->ifra_prefixmask +
703 ifra->ifra_prefixmask.sin6_len);
704 if (plen <= 0)
705 return (EINVAL);
706 } else {
707 /*
708 * In this case, ia must not be NULL. We just use its prefix
709 * length.
710 */
711 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL);
712 }
713 /*
714 * If the destination address on a p2p interface is specified,
715 * and the address is a scoped one, validate/set the scope
716 * zone identifier.
717 */
718 dst6 = ifra->ifra_dstaddr;
719 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 &&
720 (dst6.sin6_family == AF_INET6)) {
721 struct in6_addr in6_tmp;
722 u_int32_t zoneid;
723
724 in6_tmp = dst6.sin6_addr;
725 if (in6_setscope(&in6_tmp, ifp, &zoneid))
726 return (EINVAL); /* XXX: should be impossible */
727
728 if (dst6.sin6_scope_id != 0) {
729 if (dst6.sin6_scope_id != zoneid)
730 return (EINVAL);
731 } else /* user omit to specify the ID. */
732 dst6.sin6_scope_id = zoneid;
733
734 /* convert into the internal form */
735 if (sa6_embedscope(&dst6, 0))
736 return (EINVAL); /* XXX: should be impossible */
737 }
738 /*
739 * The destination address can be specified only for a p2p or a
740 * loopback interface. If specified, the corresponding prefix length
741 * must be 128.
742 */
743 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) {
744 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) {
745 /* XXX: noisy message */
746 nd6log((LOG_INFO, "in6_update_ifa: a destination can "
747 "be specified for a p2p or a loopback IF only\n"));
748 return (EINVAL);
749 }
750 if (plen != 128) {
751 nd6log((LOG_INFO, "in6_update_ifa: prefixlen should "
752 "be 128 when dstaddr is specified\n"));
753 return (EINVAL);
754 }
755 }
756 /* lifetime consistency check */
757 lt = &ifra->ifra_lifetime;
758 if (lt->ia6t_pltime > lt->ia6t_vltime)
759 return (EINVAL);
760 if (lt->ia6t_vltime == 0) {
761 /*
762 * the following log might be noisy, but this is a typical
763 * configuration mistake or a tool's bug.
764 */
765 nd6log((LOG_INFO,
766 "in6_update_ifa: valid lifetime is 0 for %s\n",
767 ip6_sprintf(ip6buf, &ifra->ifra_addr.sin6_addr)));
768
769 if (ia == NULL)
770 return (0); /* there's nothing to do */
771 }
772
773 /*
774 * If this is a new address, allocate a new ifaddr and link it
775 * into chains.
776 */
777 if (ia == NULL) {
778 hostIsNew = 1;
779 /*
780 * When in6_update_ifa() is called in a process of a received
781 * RA, it is called under an interrupt context. So, we should
782 * call malloc with M_NOWAIT.
783 */
784 ia = (struct in6_ifaddr *) malloc(sizeof(*ia), M_IFADDR,
785 M_NOWAIT);
786 if (ia == NULL)
787 return (ENOBUFS);
788 bzero((caddr_t)ia, sizeof(*ia));
789 LIST_INIT(&ia->ia6_memberships);
790 /* Initialize the address and masks, and put time stamp */
791 IFA_LOCK_INIT(&ia->ia_ifa);
792 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr;
793 ia->ia_addr.sin6_family = AF_INET6;
794 ia->ia_addr.sin6_len = sizeof(ia->ia_addr);
795 ia->ia6_createtime = time_second;
796 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) {
797 /*
798 * XXX: some functions expect that ifa_dstaddr is not
799 * NULL for p2p interfaces.
800 */
801 ia->ia_ifa.ifa_dstaddr =
802 (struct sockaddr *)&ia->ia_dstaddr;
803 } else {
804 ia->ia_ifa.ifa_dstaddr = NULL;
805 }
806 ia->ia_ifa.ifa_netmask = (struct sockaddr *)&ia->ia_prefixmask;
807
808 ia->ia_ifp = ifp;
809 if ((oia = V_in6_ifaddr) != NULL) {
810 for ( ; oia->ia_next; oia = oia->ia_next)
811 continue;
812 oia->ia_next = ia;
813 } else
814 V_in6_ifaddr = ia;
815
816 ia->ia_ifa.ifa_refcnt = 1;
817 IF_ADDR_LOCK(ifp);
818 TAILQ_INSERT_TAIL(&ifp->if_addrhead, &ia->ia_ifa, ifa_link);
819 IF_ADDR_UNLOCK(ifp);
820 }
821
822 /* update timestamp */
823 ia->ia6_updatetime = time_second;
824
825 /* set prefix mask */
826 if (ifra->ifra_prefixmask.sin6_len) {
827 /*
828 * We prohibit changing the prefix length of an existing
829 * address, because
830 * + such an operation should be rare in IPv6, and
831 * + the operation would confuse prefix management.
832 */
833 if (ia->ia_prefixmask.sin6_len &&
834 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) {
835 nd6log((LOG_INFO, "in6_update_ifa: the prefix length of an"
836 " existing (%s) address should not be changed\n",
837 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
838 error = EINVAL;
839 goto unlink;
840 }
841 ia->ia_prefixmask = ifra->ifra_prefixmask;
842 }
843
844 /*
845 * If a new destination address is specified, scrub the old one and
846 * install the new destination. Note that the interface must be
847 * p2p or loopback (see the check above.)
848 */
849 if (dst6.sin6_family == AF_INET6 &&
850 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, &ia->ia_dstaddr.sin6_addr)) {
851 int e;
852
853 if ((ia->ia_flags & IFA_ROUTE) != 0 &&
854 (e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) != 0) {
855 nd6log((LOG_ERR, "in6_update_ifa: failed to remove "
856 "a route to the old destination: %s\n",
857 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
858 /* proceed anyway... */
859 } else
860 ia->ia_flags &= ~IFA_ROUTE;
861 ia->ia_dstaddr = dst6;
862 }
863
864 /*
865 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred
866 * to see if the address is deprecated or invalidated, but initialize
867 * these members for applications.
868 */
869 ia->ia6_lifetime = ifra->ifra_lifetime;
870 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
871 ia->ia6_lifetime.ia6t_expire =
872 time_second + ia->ia6_lifetime.ia6t_vltime;
873 } else
874 ia->ia6_lifetime.ia6t_expire = 0;
875 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
876 ia->ia6_lifetime.ia6t_preferred =
877 time_second + ia->ia6_lifetime.ia6t_pltime;
878 } else
879 ia->ia6_lifetime.ia6t_preferred = 0;
880
881 /* reset the interface and routing table appropriately. */
882 if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0)
883 goto unlink;
884
885 /*
886 * configure address flags.
887 */
888 ia->ia6_flags = ifra->ifra_flags;
889 /*
890 * backward compatibility - if IN6_IFF_DEPRECATED is set from the
891 * userland, make it deprecated.
892 */
893 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) {
894 ia->ia6_lifetime.ia6t_pltime = 0;
895 ia->ia6_lifetime.ia6t_preferred = time_second;
896 }
897 /*
898 * Make the address tentative before joining multicast addresses,
899 * so that corresponding MLD responses would not have a tentative
900 * source address.
901 */
902 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */
903 if (hostIsNew && in6if_do_dad(ifp))
904 ia->ia6_flags |= IN6_IFF_TENTATIVE;
905
906 /*
907 * We are done if we have simply modified an existing address.
908 */
909 if (!hostIsNew)
910 return (error);
911
912 /*
913 * Beyond this point, we should call in6_purgeaddr upon an error,
914 * not just go to unlink.
915 */
916
917 /* Join necessary multicast groups */
918 in6m_sol = NULL;
919 if ((ifp->if_flags & IFF_MULTICAST) != 0) {
920 struct sockaddr_in6 mltaddr, mltmask;
921 struct in6_addr llsol;
922
923 /* join solicited multicast addr for new host id */
924 bzero(&llsol, sizeof(struct in6_addr));
925 llsol.s6_addr32[0] = IPV6_ADDR_INT32_MLL;
926 llsol.s6_addr32[1] = 0;
927 llsol.s6_addr32[2] = htonl(1);
928 llsol.s6_addr32[3] = ifra->ifra_addr.sin6_addr.s6_addr32[3];
929 llsol.s6_addr8[12] = 0xff;
930 if ((error = in6_setscope(&llsol, ifp, NULL)) != 0) {
931 /* XXX: should not happen */
932 log(LOG_ERR, "in6_update_ifa: "
933 "in6_setscope failed\n");
934 goto cleanup;
935 }
936 delay = 0;
937 if ((flags & IN6_IFAUPDATE_DADDELAY)) {
938 /*
939 * We need a random delay for DAD on the address
940 * being configured. It also means delaying
941 * transmission of the corresponding MLD report to
942 * avoid report collision.
943 * [draft-ietf-ipv6-rfc2462bis-02.txt]
944 */
945 delay = arc4random() %
946 (MAX_RTR_SOLICITATION_DELAY * hz);
947 }
948 imm = in6_joingroup(ifp, &llsol, &error, delay);
949 if (imm == NULL) {
950 nd6log((LOG_WARNING,
951 "in6_update_ifa: addmulti failed for "
952 "%s on %s (errno=%d)\n",
953 ip6_sprintf(ip6buf, &llsol), if_name(ifp),
954 error));
955 in6_purgeaddr((struct ifaddr *)ia);
956 return (error);
957 }
958 LIST_INSERT_HEAD(&ia->ia6_memberships,
959 imm, i6mm_chain);
960 in6m_sol = imm->i6mm_maddr;
961
962 bzero(&mltmask, sizeof(mltmask));
963 mltmask.sin6_len = sizeof(struct sockaddr_in6);
964 mltmask.sin6_family = AF_INET6;
965 mltmask.sin6_addr = in6mask32;
966#define MLTMASK_LEN 4 /* mltmask's masklen (=32bit=4octet) */
967
968 /*
969 * join link-local all-nodes address
970 */
971 bzero(&mltaddr, sizeof(mltaddr));
972 mltaddr.sin6_len = sizeof(struct sockaddr_in6);
973 mltaddr.sin6_family = AF_INET6;
974 mltaddr.sin6_addr = in6addr_linklocal_allnodes;
975 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) !=
976 0)
977 goto cleanup; /* XXX: should not fail */
978
979 /*
980 * XXX: do we really need this automatic routes?
981 * We should probably reconsider this stuff. Most applications
982 * actually do not need the routes, since they usually specify
983 * the outgoing interface.
984 */
985 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL);
986 if (rt) {
987 /* XXX: only works in !SCOPEDROUTING case. */
988 if (memcmp(&mltaddr.sin6_addr,
989 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr,
990 MLTMASK_LEN)) {
991 RTFREE_LOCKED(rt);
992 rt = NULL;
993 }
994 }
995 if (!rt) {
996 error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr,
997 (struct sockaddr *)&ia->ia_addr,
998 (struct sockaddr *)&mltmask, RTF_UP,
999 (struct rtentry **)0);
1000 if (error)
1001 goto cleanup;
1002 } else {
1003 RTFREE_LOCKED(rt);
1004 }
1005
1006 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0);
1007 if (!imm) {
1008 nd6log((LOG_WARNING,
1009 "in6_update_ifa: addmulti failed for "
1010 "%s on %s (errno=%d)\n",
1011 ip6_sprintf(ip6buf, &mltaddr.sin6_addr),
1012 if_name(ifp), error));
1013 goto cleanup;
1014 }
1015 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
1016
1017 /*
1018 * join node information group address
1019 */
1020#define hostnamelen strlen(V_hostname)
1021 delay = 0;
1022 if ((flags & IN6_IFAUPDATE_DADDELAY)) {
1023 /*
1024 * The spec doesn't say anything about delay for this
1025 * group, but the same logic should apply.
1026 */
1027 delay = arc4random() %
1028 (MAX_RTR_SOLICITATION_DELAY * hz);
1029 }
1030 mtx_lock(&hostname_mtx);
1031 if (in6_nigroup(ifp, V_hostname, hostnamelen,
1032 &mltaddr.sin6_addr) == 0) {
1033 mtx_unlock(&hostname_mtx);
1034 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error,
1035 delay); /* XXX jinmei */
1036 if (!imm) {
1037 nd6log((LOG_WARNING, "in6_update_ifa: "
1038 "addmulti failed for %s on %s "
1039 "(errno=%d)\n",
1040 ip6_sprintf(ip6buf, &mltaddr.sin6_addr),
1041 if_name(ifp), error));
1042 /* XXX not very fatal, go on... */
1043 } else {
1044 LIST_INSERT_HEAD(&ia->ia6_memberships,
1045 imm, i6mm_chain);
1046 }
1047 } else
1048 mtx_unlock(&hostname_mtx);
1049#undef hostnamelen
1050
1051 /*
1052 * join interface-local all-nodes address.
1053 * (ff01::1%ifN, and ff01::%ifN/32)
1054 */
1055 mltaddr.sin6_addr = in6addr_nodelocal_allnodes;
1056 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL))
1057 != 0)
1058 goto cleanup; /* XXX: should not fail */
1059 /* XXX: again, do we really need the route? */
1060 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL);
1061 if (rt) {
1062 if (memcmp(&mltaddr.sin6_addr,
1063 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr,
1064 MLTMASK_LEN)) {
1065 RTFREE_LOCKED(rt);
1066 rt = NULL;
1067 }
1068 }
1069 if (!rt) {
1070 error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr,
1071 (struct sockaddr *)&ia->ia_addr,
1072 (struct sockaddr *)&mltmask, RTF_UP,
1073 (struct rtentry **)0);
1074 if (error)
1075 goto cleanup;
1076 } else
1077 RTFREE_LOCKED(rt);
1078
1079 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0);
1080 if (!imm) {
1081 nd6log((LOG_WARNING, "in6_update_ifa: "
1082 "addmulti failed for %s on %s "
1083 "(errno=%d)\n",
1084 ip6_sprintf(ip6buf, &mltaddr.sin6_addr),
1085 if_name(ifp), error));
1086 goto cleanup;
1087 }
1088 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
1089#undef MLTMASK_LEN
1090 }
1091
1092 /*
1093 * Perform DAD, if needed.
1094 * XXX It may be of use, if we can administratively
1095 * disable DAD.
1096 */
1097 if (hostIsNew && in6if_do_dad(ifp) &&
1098 ((ifra->ifra_flags & IN6_IFF_NODAD) == 0) &&
1099 (ia->ia6_flags & IN6_IFF_TENTATIVE))
1100 {
1101 int mindelay, maxdelay;
1102
1103 delay = 0;
1104 if ((flags & IN6_IFAUPDATE_DADDELAY)) {
1105 /*
1106 * We need to impose a delay before sending an NS
1107 * for DAD. Check if we also needed a delay for the
1108 * corresponding MLD message. If we did, the delay
1109 * should be larger than the MLD delay (this could be
1110 * relaxed a bit, but this simple logic is at least
1111 * safe).
|
| 1112 * XXX: Break data hiding guidelines and look at
1113 * state for the solicited multicast group.
|
1113 */
1114 mindelay = 0;
1115 if (in6m_sol != NULL &&
| 1114 */
1115 mindelay = 0;
1116 if (in6m_sol != NULL &&
|
1116 in6m_sol->in6m_state == MLD_REPORTPENDING) {
| 1117 in6m_sol->in6m_state == MLD_REPORTING_MEMBER) {
|
1117 mindelay = in6m_sol->in6m_timer;
1118 }
1119 maxdelay = MAX_RTR_SOLICITATION_DELAY * hz;
1120 if (maxdelay - mindelay == 0)
1121 delay = 0;
1122 else {
1123 delay =
1124 (arc4random() % (maxdelay - mindelay)) +
1125 mindelay;
1126 }
1127 }
1128 nd6_dad_start((struct ifaddr *)ia, delay);
1129 }
1130
1131 return (error);
1132
1133 unlink:
1134 /*
1135 * XXX: if a change of an existing address failed, keep the entry
1136 * anyway.
1137 */
1138 if (hostIsNew)
1139 in6_unlink_ifa(ia, ifp);
1140 return (error);
1141
1142 cleanup:
1143 in6_purgeaddr(&ia->ia_ifa);
1144 return error;
1145}
1146
1147void
1148in6_purgeaddr(struct ifaddr *ifa)
1149{
1150 struct ifnet *ifp = ifa->ifa_ifp;
1151 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa;
1152 struct in6_multi_mship *imm;
1153
1154 /* stop DAD processing */
1155 nd6_dad_stop(ifa);
1156
1157 IF_AFDATA_LOCK(ifp);
1158 lla_lookup(LLTABLE6(ifp), (LLE_DELETE | LLE_IFADDR),
1159 (struct sockaddr *)&ia->ia_addr);
1160 IF_AFDATA_UNLOCK(ifp);
1161
1162 /*
1163 * leave from multicast groups we have joined for the interface
1164 */
1165 while ((imm = ia->ia6_memberships.lh_first) != NULL) {
1166 LIST_REMOVE(imm, i6mm_chain);
1167 in6_leavegroup(imm);
1168 }
1169
1170 in6_unlink_ifa(ia, ifp);
1171}
1172
1173static void
1174in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp)
1175{
1176 INIT_VNET_INET6(ifp->if_vnet);
1177 struct in6_ifaddr *oia;
1178 int s = splnet();
1179
1180 IF_ADDR_LOCK(ifp);
1181 TAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifa_link);
1182 IF_ADDR_UNLOCK(ifp);
1183
1184 oia = ia;
1185 if (oia == (ia = V_in6_ifaddr))
1186 V_in6_ifaddr = ia->ia_next;
1187 else {
1188 while (ia->ia_next && (ia->ia_next != oia))
1189 ia = ia->ia_next;
1190 if (ia->ia_next)
1191 ia->ia_next = oia->ia_next;
1192 else {
1193 /* search failed */
1194 printf("Couldn't unlink in6_ifaddr from in6_ifaddr\n");
1195 }
1196 }
1197
1198 /*
1199 * Release the reference to the base prefix. There should be a
1200 * positive reference.
1201 */
1202 if (oia->ia6_ndpr == NULL) {
1203 nd6log((LOG_NOTICE,
1204 "in6_unlink_ifa: autoconf'ed address "
1205 "%p has no prefix\n", oia));
1206 } else {
1207 oia->ia6_ndpr->ndpr_refcnt--;
1208 oia->ia6_ndpr = NULL;
1209 }
1210
1211 /*
1212 * Also, if the address being removed is autoconf'ed, call
1213 * pfxlist_onlink_check() since the release might affect the status of
1214 * other (detached) addresses.
1215 */
1216 if ((oia->ia6_flags & IN6_IFF_AUTOCONF)) {
1217 pfxlist_onlink_check();
1218 }
1219
1220 /*
1221 * release another refcnt for the link from in6_ifaddr.
1222 * Note that we should decrement the refcnt at least once for all *BSD.
1223 */
1224 IFAFREE(&oia->ia_ifa);
1225
1226 splx(s);
1227}
1228
1229void
1230in6_purgeif(struct ifnet *ifp)
1231{
1232 struct ifaddr *ifa, *nifa;
1233
1234 TAILQ_FOREACH_SAFE(ifa, &ifp->if_addrhead, ifa_link, nifa) {
1235 if (ifa->ifa_addr->sa_family != AF_INET6)
1236 continue;
1237 in6_purgeaddr(ifa);
1238 }
1239
1240 in6_ifdetach(ifp);
1241}
1242
1243/*
1244 * SIOC[GAD]LIFADDR.
1245 * SIOCGLIFADDR: get first address. (?)
1246 * SIOCGLIFADDR with IFLR_PREFIX:
1247 * get first address that matches the specified prefix.
1248 * SIOCALIFADDR: add the specified address.
1249 * SIOCALIFADDR with IFLR_PREFIX:
1250 * add the specified prefix, filling hostid part from
1251 * the first link-local address. prefixlen must be <= 64.
1252 * SIOCDLIFADDR: delete the specified address.
1253 * SIOCDLIFADDR with IFLR_PREFIX:
1254 * delete the first address that matches the specified prefix.
1255 * return values:
1256 * EINVAL on invalid parameters
1257 * EADDRNOTAVAIL on prefix match failed/specified address not found
1258 * other values may be returned from in6_ioctl()
1259 *
1260 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64.
1261 * this is to accomodate address naming scheme other than RFC2374,
1262 * in the future.
1263 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374
1264 * address encoding scheme. (see figure on page 8)
1265 */
1266static int
1267in6_lifaddr_ioctl(struct socket *so, u_long cmd, caddr_t data,
1268 struct ifnet *ifp, struct thread *td)
1269{
1270 struct if_laddrreq *iflr = (struct if_laddrreq *)data;
1271 struct ifaddr *ifa;
1272 struct sockaddr *sa;
1273
1274 /* sanity checks */
1275 if (!data || !ifp) {
1276 panic("invalid argument to in6_lifaddr_ioctl");
1277 /* NOTREACHED */
1278 }
1279
1280 switch (cmd) {
1281 case SIOCGLIFADDR:
1282 /* address must be specified on GET with IFLR_PREFIX */
1283 if ((iflr->flags & IFLR_PREFIX) == 0)
1284 break;
1285 /* FALLTHROUGH */
1286 case SIOCALIFADDR:
1287 case SIOCDLIFADDR:
1288 /* address must be specified on ADD and DELETE */
1289 sa = (struct sockaddr *)&iflr->addr;
1290 if (sa->sa_family != AF_INET6)
1291 return EINVAL;
1292 if (sa->sa_len != sizeof(struct sockaddr_in6))
1293 return EINVAL;
1294 /* XXX need improvement */
1295 sa = (struct sockaddr *)&iflr->dstaddr;
1296 if (sa->sa_family && sa->sa_family != AF_INET6)
1297 return EINVAL;
1298 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6))
1299 return EINVAL;
1300 break;
1301 default: /* shouldn't happen */
1302#if 0
1303 panic("invalid cmd to in6_lifaddr_ioctl");
1304 /* NOTREACHED */
1305#else
1306 return EOPNOTSUPP;
1307#endif
1308 }
1309 if (sizeof(struct in6_addr) * 8 < iflr->prefixlen)
1310 return EINVAL;
1311
1312 switch (cmd) {
1313 case SIOCALIFADDR:
1314 {
1315 struct in6_aliasreq ifra;
1316 struct in6_addr *hostid = NULL;
1317 int prefixlen;
1318
1319 if ((iflr->flags & IFLR_PREFIX) != 0) {
1320 struct sockaddr_in6 *sin6;
1321
1322 /*
1323 * hostid is to fill in the hostid part of the
1324 * address. hostid points to the first link-local
1325 * address attached to the interface.
1326 */
1327 ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 0);
1328 if (!ifa)
1329 return EADDRNOTAVAIL;
1330 hostid = IFA_IN6(ifa);
1331
1332 /* prefixlen must be <= 64. */
1333 if (64 < iflr->prefixlen)
1334 return EINVAL;
1335 prefixlen = iflr->prefixlen;
1336
1337 /* hostid part must be zero. */
1338 sin6 = (struct sockaddr_in6 *)&iflr->addr;
1339 if (sin6->sin6_addr.s6_addr32[2] != 0 ||
1340 sin6->sin6_addr.s6_addr32[3] != 0) {
1341 return EINVAL;
1342 }
1343 } else
1344 prefixlen = iflr->prefixlen;
1345
1346 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */
1347 bzero(&ifra, sizeof(ifra));
1348 bcopy(iflr->iflr_name, ifra.ifra_name, sizeof(ifra.ifra_name));
1349
1350 bcopy(&iflr->addr, &ifra.ifra_addr,
1351 ((struct sockaddr *)&iflr->addr)->sa_len);
1352 if (hostid) {
1353 /* fill in hostid part */
1354 ifra.ifra_addr.sin6_addr.s6_addr32[2] =
1355 hostid->s6_addr32[2];
1356 ifra.ifra_addr.sin6_addr.s6_addr32[3] =
1357 hostid->s6_addr32[3];
1358 }
1359
1360 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /* XXX */
1361 bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr,
1362 ((struct sockaddr *)&iflr->dstaddr)->sa_len);
1363 if (hostid) {
1364 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] =
1365 hostid->s6_addr32[2];
1366 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] =
1367 hostid->s6_addr32[3];
1368 }
1369 }
1370
1371 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6);
1372 in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen);
1373
1374 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX;
1375 return in6_control(so, SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp, td);
1376 }
1377 case SIOCGLIFADDR:
1378 case SIOCDLIFADDR:
1379 {
1380 struct in6_ifaddr *ia;
1381 struct in6_addr mask, candidate, match;
1382 struct sockaddr_in6 *sin6;
1383 int cmp;
1384
1385 bzero(&mask, sizeof(mask));
1386 if (iflr->flags & IFLR_PREFIX) {
1387 /* lookup a prefix rather than address. */
1388 in6_prefixlen2mask(&mask, iflr->prefixlen);
1389
1390 sin6 = (struct sockaddr_in6 *)&iflr->addr;
1391 bcopy(&sin6->sin6_addr, &match, sizeof(match));
1392 match.s6_addr32[0] &= mask.s6_addr32[0];
1393 match.s6_addr32[1] &= mask.s6_addr32[1];
1394 match.s6_addr32[2] &= mask.s6_addr32[2];
1395 match.s6_addr32[3] &= mask.s6_addr32[3];
1396
1397 /* if you set extra bits, that's wrong */
1398 if (bcmp(&match, &sin6->sin6_addr, sizeof(match)))
1399 return EINVAL;
1400
1401 cmp = 1;
1402 } else {
1403 if (cmd == SIOCGLIFADDR) {
1404 /* on getting an address, take the 1st match */
1405 cmp = 0; /* XXX */
1406 } else {
1407 /* on deleting an address, do exact match */
1408 in6_prefixlen2mask(&mask, 128);
1409 sin6 = (struct sockaddr_in6 *)&iflr->addr;
1410 bcopy(&sin6->sin6_addr, &match, sizeof(match));
1411
1412 cmp = 1;
1413 }
1414 }
1415
1416 IF_ADDR_LOCK(ifp);
1417 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1418 if (ifa->ifa_addr->sa_family != AF_INET6)
1419 continue;
1420 if (!cmp)
1421 break;
1422
1423 /*
1424 * XXX: this is adhoc, but is necessary to allow
1425 * a user to specify fe80::/64 (not /10) for a
1426 * link-local address.
1427 */
1428 bcopy(IFA_IN6(ifa), &candidate, sizeof(candidate));
1429 in6_clearscope(&candidate);
1430 candidate.s6_addr32[0] &= mask.s6_addr32[0];
1431 candidate.s6_addr32[1] &= mask.s6_addr32[1];
1432 candidate.s6_addr32[2] &= mask.s6_addr32[2];
1433 candidate.s6_addr32[3] &= mask.s6_addr32[3];
1434 if (IN6_ARE_ADDR_EQUAL(&candidate, &match))
1435 break;
1436 }
1437 IF_ADDR_UNLOCK(ifp);
1438 if (!ifa)
1439 return EADDRNOTAVAIL;
1440 ia = ifa2ia6(ifa);
1441
1442 if (cmd == SIOCGLIFADDR) {
1443 int error;
1444
1445 /* fill in the if_laddrreq structure */
1446 bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin6_len);
1447 error = sa6_recoverscope(
1448 (struct sockaddr_in6 *)&iflr->addr);
1449 if (error != 0)
1450 return (error);
1451
1452 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) {
1453 bcopy(&ia->ia_dstaddr, &iflr->dstaddr,
1454 ia->ia_dstaddr.sin6_len);
1455 error = sa6_recoverscope(
1456 (struct sockaddr_in6 *)&iflr->dstaddr);
1457 if (error != 0)
1458 return (error);
1459 } else
1460 bzero(&iflr->dstaddr, sizeof(iflr->dstaddr));
1461
1462 iflr->prefixlen =
1463 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL);
1464
1465 iflr->flags = ia->ia6_flags; /* XXX */
1466
1467 return 0;
1468 } else {
1469 struct in6_aliasreq ifra;
1470
1471 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */
1472 bzero(&ifra, sizeof(ifra));
1473 bcopy(iflr->iflr_name, ifra.ifra_name,
1474 sizeof(ifra.ifra_name));
1475
1476 bcopy(&ia->ia_addr, &ifra.ifra_addr,
1477 ia->ia_addr.sin6_len);
1478 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) {
1479 bcopy(&ia->ia_dstaddr, &ifra.ifra_dstaddr,
1480 ia->ia_dstaddr.sin6_len);
1481 } else {
1482 bzero(&ifra.ifra_dstaddr,
1483 sizeof(ifra.ifra_dstaddr));
1484 }
1485 bcopy(&ia->ia_prefixmask, &ifra.ifra_dstaddr,
1486 ia->ia_prefixmask.sin6_len);
1487
1488 ifra.ifra_flags = ia->ia6_flags;
1489 return in6_control(so, SIOCDIFADDR_IN6, (caddr_t)&ifra,
1490 ifp, td);
1491 }
1492 }
1493 }
1494
1495 return EOPNOTSUPP; /* just for safety */
1496}
1497
1498/*
1499 * Initialize an interface's intetnet6 address
1500 * and routing table entry.
1501 */
1502static int
1503in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia,
1504 struct sockaddr_in6 *sin6, int newhost)
1505{
1506 int error = 0, plen, ifacount = 0;
1507 int s = splimp();
1508 struct ifaddr *ifa;
1509
1510 /*
1511 * Give the interface a chance to initialize
1512 * if this is its first address,
1513 * and to validate the address if necessary.
1514 */
1515 IF_ADDR_LOCK(ifp);
1516 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1517 if (ifa->ifa_addr->sa_family != AF_INET6)
1518 continue;
1519 ifacount++;
1520 }
1521 IF_ADDR_UNLOCK(ifp);
1522
1523 ia->ia_addr = *sin6;
1524
1525 if (ifacount <= 1 && ifp->if_ioctl) {
1526 error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia);
1527 if (error) {
1528 splx(s);
1529 return (error);
1530 }
1531 }
1532 splx(s);
1533
1534 ia->ia_ifa.ifa_metric = ifp->if_metric;
1535
1536 /* we could do in(6)_socktrim here, but just omit it at this moment. */
1537
1538 /*
1539 * Special case:
1540 * If a new destination address is specified for a point-to-point
1541 * interface, install a route to the destination as an interface
1542 * direct route.
1543 * XXX: the logic below rejects assigning multiple addresses on a p2p
1544 * interface that share the same destination.
1545 */
1546 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */
1547 if (!(ia->ia_flags & IFA_ROUTE) && plen == 128) {
1548 struct sockaddr *dstaddr;
1549 int rtflags = RTF_UP | RTF_HOST;
1550
1551 /*
1552 * use the interface address if configuring an
1553 * interface address with a /128 prefix len
1554 */
1555 if (ia->ia_dstaddr.sin6_family == AF_INET6)
1556 dstaddr = (struct sockaddr *)&ia->ia_dstaddr;
1557 else
1558 dstaddr = (struct sockaddr *)&ia->ia_addr;
1559
1560 error = rtrequest(RTM_ADD,
1561 (struct sockaddr *)dstaddr,
1562 (struct sockaddr *)&ia->ia_addr,
1563 (struct sockaddr *)&ia->ia_prefixmask,
1564 ia->ia_flags | rtflags, NULL);
1565 if (error != 0)
1566 return (error);
1567 ia->ia_flags |= IFA_ROUTE;
1568 }
1569
1570 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */
1571 if (newhost) {
1572 struct llentry *ln;
1573
1574 IF_AFDATA_LOCK(ifp);
1575 ia->ia_ifa.ifa_rtrequest = NULL;
1576
1577 /* XXX QL
1578 * we need to report rt_newaddrmsg
1579 */
1580 ln = lla_lookup(LLTABLE6(ifp), (LLE_CREATE | LLE_IFADDR | LLE_EXCLUSIVE),
1581 (struct sockaddr *)&ia->ia_addr);
1582 IF_AFDATA_UNLOCK(ifp);
1583 if (ln != NULL) {
1584 ln->la_expire = 0; /* for IPv6 this means permanent */
1585 ln->ln_state = ND6_LLINFO_REACHABLE;
1586 LLE_WUNLOCK(ln);
1587 }
1588 }
1589
1590 return (error);
1591}
1592
| 1118 mindelay = in6m_sol->in6m_timer;
1119 }
1120 maxdelay = MAX_RTR_SOLICITATION_DELAY * hz;
1121 if (maxdelay - mindelay == 0)
1122 delay = 0;
1123 else {
1124 delay =
1125 (arc4random() % (maxdelay - mindelay)) +
1126 mindelay;
1127 }
1128 }
1129 nd6_dad_start((struct ifaddr *)ia, delay);
1130 }
1131
1132 return (error);
1133
1134 unlink:
1135 /*
1136 * XXX: if a change of an existing address failed, keep the entry
1137 * anyway.
1138 */
1139 if (hostIsNew)
1140 in6_unlink_ifa(ia, ifp);
1141 return (error);
1142
1143 cleanup:
1144 in6_purgeaddr(&ia->ia_ifa);
1145 return error;
1146}
1147
1148void
1149in6_purgeaddr(struct ifaddr *ifa)
1150{
1151 struct ifnet *ifp = ifa->ifa_ifp;
1152 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa;
1153 struct in6_multi_mship *imm;
1154
1155 /* stop DAD processing */
1156 nd6_dad_stop(ifa);
1157
1158 IF_AFDATA_LOCK(ifp);
1159 lla_lookup(LLTABLE6(ifp), (LLE_DELETE | LLE_IFADDR),
1160 (struct sockaddr *)&ia->ia_addr);
1161 IF_AFDATA_UNLOCK(ifp);
1162
1163 /*
1164 * leave from multicast groups we have joined for the interface
1165 */
1166 while ((imm = ia->ia6_memberships.lh_first) != NULL) {
1167 LIST_REMOVE(imm, i6mm_chain);
1168 in6_leavegroup(imm);
1169 }
1170
1171 in6_unlink_ifa(ia, ifp);
1172}
1173
1174static void
1175in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp)
1176{
1177 INIT_VNET_INET6(ifp->if_vnet);
1178 struct in6_ifaddr *oia;
1179 int s = splnet();
1180
1181 IF_ADDR_LOCK(ifp);
1182 TAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifa_link);
1183 IF_ADDR_UNLOCK(ifp);
1184
1185 oia = ia;
1186 if (oia == (ia = V_in6_ifaddr))
1187 V_in6_ifaddr = ia->ia_next;
1188 else {
1189 while (ia->ia_next && (ia->ia_next != oia))
1190 ia = ia->ia_next;
1191 if (ia->ia_next)
1192 ia->ia_next = oia->ia_next;
1193 else {
1194 /* search failed */
1195 printf("Couldn't unlink in6_ifaddr from in6_ifaddr\n");
1196 }
1197 }
1198
1199 /*
1200 * Release the reference to the base prefix. There should be a
1201 * positive reference.
1202 */
1203 if (oia->ia6_ndpr == NULL) {
1204 nd6log((LOG_NOTICE,
1205 "in6_unlink_ifa: autoconf'ed address "
1206 "%p has no prefix\n", oia));
1207 } else {
1208 oia->ia6_ndpr->ndpr_refcnt--;
1209 oia->ia6_ndpr = NULL;
1210 }
1211
1212 /*
1213 * Also, if the address being removed is autoconf'ed, call
1214 * pfxlist_onlink_check() since the release might affect the status of
1215 * other (detached) addresses.
1216 */
1217 if ((oia->ia6_flags & IN6_IFF_AUTOCONF)) {
1218 pfxlist_onlink_check();
1219 }
1220
1221 /*
1222 * release another refcnt for the link from in6_ifaddr.
1223 * Note that we should decrement the refcnt at least once for all *BSD.
1224 */
1225 IFAFREE(&oia->ia_ifa);
1226
1227 splx(s);
1228}
1229
1230void
1231in6_purgeif(struct ifnet *ifp)
1232{
1233 struct ifaddr *ifa, *nifa;
1234
1235 TAILQ_FOREACH_SAFE(ifa, &ifp->if_addrhead, ifa_link, nifa) {
1236 if (ifa->ifa_addr->sa_family != AF_INET6)
1237 continue;
1238 in6_purgeaddr(ifa);
1239 }
1240
1241 in6_ifdetach(ifp);
1242}
1243
1244/*
1245 * SIOC[GAD]LIFADDR.
1246 * SIOCGLIFADDR: get first address. (?)
1247 * SIOCGLIFADDR with IFLR_PREFIX:
1248 * get first address that matches the specified prefix.
1249 * SIOCALIFADDR: add the specified address.
1250 * SIOCALIFADDR with IFLR_PREFIX:
1251 * add the specified prefix, filling hostid part from
1252 * the first link-local address. prefixlen must be <= 64.
1253 * SIOCDLIFADDR: delete the specified address.
1254 * SIOCDLIFADDR with IFLR_PREFIX:
1255 * delete the first address that matches the specified prefix.
1256 * return values:
1257 * EINVAL on invalid parameters
1258 * EADDRNOTAVAIL on prefix match failed/specified address not found
1259 * other values may be returned from in6_ioctl()
1260 *
1261 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64.
1262 * this is to accomodate address naming scheme other than RFC2374,
1263 * in the future.
1264 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374
1265 * address encoding scheme. (see figure on page 8)
1266 */
1267static int
1268in6_lifaddr_ioctl(struct socket *so, u_long cmd, caddr_t data,
1269 struct ifnet *ifp, struct thread *td)
1270{
1271 struct if_laddrreq *iflr = (struct if_laddrreq *)data;
1272 struct ifaddr *ifa;
1273 struct sockaddr *sa;
1274
1275 /* sanity checks */
1276 if (!data || !ifp) {
1277 panic("invalid argument to in6_lifaddr_ioctl");
1278 /* NOTREACHED */
1279 }
1280
1281 switch (cmd) {
1282 case SIOCGLIFADDR:
1283 /* address must be specified on GET with IFLR_PREFIX */
1284 if ((iflr->flags & IFLR_PREFIX) == 0)
1285 break;
1286 /* FALLTHROUGH */
1287 case SIOCALIFADDR:
1288 case SIOCDLIFADDR:
1289 /* address must be specified on ADD and DELETE */
1290 sa = (struct sockaddr *)&iflr->addr;
1291 if (sa->sa_family != AF_INET6)
1292 return EINVAL;
1293 if (sa->sa_len != sizeof(struct sockaddr_in6))
1294 return EINVAL;
1295 /* XXX need improvement */
1296 sa = (struct sockaddr *)&iflr->dstaddr;
1297 if (sa->sa_family && sa->sa_family != AF_INET6)
1298 return EINVAL;
1299 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6))
1300 return EINVAL;
1301 break;
1302 default: /* shouldn't happen */
1303#if 0
1304 panic("invalid cmd to in6_lifaddr_ioctl");
1305 /* NOTREACHED */
1306#else
1307 return EOPNOTSUPP;
1308#endif
1309 }
1310 if (sizeof(struct in6_addr) * 8 < iflr->prefixlen)
1311 return EINVAL;
1312
1313 switch (cmd) {
1314 case SIOCALIFADDR:
1315 {
1316 struct in6_aliasreq ifra;
1317 struct in6_addr *hostid = NULL;
1318 int prefixlen;
1319
1320 if ((iflr->flags & IFLR_PREFIX) != 0) {
1321 struct sockaddr_in6 *sin6;
1322
1323 /*
1324 * hostid is to fill in the hostid part of the
1325 * address. hostid points to the first link-local
1326 * address attached to the interface.
1327 */
1328 ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 0);
1329 if (!ifa)
1330 return EADDRNOTAVAIL;
1331 hostid = IFA_IN6(ifa);
1332
1333 /* prefixlen must be <= 64. */
1334 if (64 < iflr->prefixlen)
1335 return EINVAL;
1336 prefixlen = iflr->prefixlen;
1337
1338 /* hostid part must be zero. */
1339 sin6 = (struct sockaddr_in6 *)&iflr->addr;
1340 if (sin6->sin6_addr.s6_addr32[2] != 0 ||
1341 sin6->sin6_addr.s6_addr32[3] != 0) {
1342 return EINVAL;
1343 }
1344 } else
1345 prefixlen = iflr->prefixlen;
1346
1347 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */
1348 bzero(&ifra, sizeof(ifra));
1349 bcopy(iflr->iflr_name, ifra.ifra_name, sizeof(ifra.ifra_name));
1350
1351 bcopy(&iflr->addr, &ifra.ifra_addr,
1352 ((struct sockaddr *)&iflr->addr)->sa_len);
1353 if (hostid) {
1354 /* fill in hostid part */
1355 ifra.ifra_addr.sin6_addr.s6_addr32[2] =
1356 hostid->s6_addr32[2];
1357 ifra.ifra_addr.sin6_addr.s6_addr32[3] =
1358 hostid->s6_addr32[3];
1359 }
1360
1361 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /* XXX */
1362 bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr,
1363 ((struct sockaddr *)&iflr->dstaddr)->sa_len);
1364 if (hostid) {
1365 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] =
1366 hostid->s6_addr32[2];
1367 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] =
1368 hostid->s6_addr32[3];
1369 }
1370 }
1371
1372 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6);
1373 in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen);
1374
1375 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX;
1376 return in6_control(so, SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp, td);
1377 }
1378 case SIOCGLIFADDR:
1379 case SIOCDLIFADDR:
1380 {
1381 struct in6_ifaddr *ia;
1382 struct in6_addr mask, candidate, match;
1383 struct sockaddr_in6 *sin6;
1384 int cmp;
1385
1386 bzero(&mask, sizeof(mask));
1387 if (iflr->flags & IFLR_PREFIX) {
1388 /* lookup a prefix rather than address. */
1389 in6_prefixlen2mask(&mask, iflr->prefixlen);
1390
1391 sin6 = (struct sockaddr_in6 *)&iflr->addr;
1392 bcopy(&sin6->sin6_addr, &match, sizeof(match));
1393 match.s6_addr32[0] &= mask.s6_addr32[0];
1394 match.s6_addr32[1] &= mask.s6_addr32[1];
1395 match.s6_addr32[2] &= mask.s6_addr32[2];
1396 match.s6_addr32[3] &= mask.s6_addr32[3];
1397
1398 /* if you set extra bits, that's wrong */
1399 if (bcmp(&match, &sin6->sin6_addr, sizeof(match)))
1400 return EINVAL;
1401
1402 cmp = 1;
1403 } else {
1404 if (cmd == SIOCGLIFADDR) {
1405 /* on getting an address, take the 1st match */
1406 cmp = 0; /* XXX */
1407 } else {
1408 /* on deleting an address, do exact match */
1409 in6_prefixlen2mask(&mask, 128);
1410 sin6 = (struct sockaddr_in6 *)&iflr->addr;
1411 bcopy(&sin6->sin6_addr, &match, sizeof(match));
1412
1413 cmp = 1;
1414 }
1415 }
1416
1417 IF_ADDR_LOCK(ifp);
1418 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1419 if (ifa->ifa_addr->sa_family != AF_INET6)
1420 continue;
1421 if (!cmp)
1422 break;
1423
1424 /*
1425 * XXX: this is adhoc, but is necessary to allow
1426 * a user to specify fe80::/64 (not /10) for a
1427 * link-local address.
1428 */
1429 bcopy(IFA_IN6(ifa), &candidate, sizeof(candidate));
1430 in6_clearscope(&candidate);
1431 candidate.s6_addr32[0] &= mask.s6_addr32[0];
1432 candidate.s6_addr32[1] &= mask.s6_addr32[1];
1433 candidate.s6_addr32[2] &= mask.s6_addr32[2];
1434 candidate.s6_addr32[3] &= mask.s6_addr32[3];
1435 if (IN6_ARE_ADDR_EQUAL(&candidate, &match))
1436 break;
1437 }
1438 IF_ADDR_UNLOCK(ifp);
1439 if (!ifa)
1440 return EADDRNOTAVAIL;
1441 ia = ifa2ia6(ifa);
1442
1443 if (cmd == SIOCGLIFADDR) {
1444 int error;
1445
1446 /* fill in the if_laddrreq structure */
1447 bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin6_len);
1448 error = sa6_recoverscope(
1449 (struct sockaddr_in6 *)&iflr->addr);
1450 if (error != 0)
1451 return (error);
1452
1453 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) {
1454 bcopy(&ia->ia_dstaddr, &iflr->dstaddr,
1455 ia->ia_dstaddr.sin6_len);
1456 error = sa6_recoverscope(
1457 (struct sockaddr_in6 *)&iflr->dstaddr);
1458 if (error != 0)
1459 return (error);
1460 } else
1461 bzero(&iflr->dstaddr, sizeof(iflr->dstaddr));
1462
1463 iflr->prefixlen =
1464 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL);
1465
1466 iflr->flags = ia->ia6_flags; /* XXX */
1467
1468 return 0;
1469 } else {
1470 struct in6_aliasreq ifra;
1471
1472 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */
1473 bzero(&ifra, sizeof(ifra));
1474 bcopy(iflr->iflr_name, ifra.ifra_name,
1475 sizeof(ifra.ifra_name));
1476
1477 bcopy(&ia->ia_addr, &ifra.ifra_addr,
1478 ia->ia_addr.sin6_len);
1479 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) {
1480 bcopy(&ia->ia_dstaddr, &ifra.ifra_dstaddr,
1481 ia->ia_dstaddr.sin6_len);
1482 } else {
1483 bzero(&ifra.ifra_dstaddr,
1484 sizeof(ifra.ifra_dstaddr));
1485 }
1486 bcopy(&ia->ia_prefixmask, &ifra.ifra_dstaddr,
1487 ia->ia_prefixmask.sin6_len);
1488
1489 ifra.ifra_flags = ia->ia6_flags;
1490 return in6_control(so, SIOCDIFADDR_IN6, (caddr_t)&ifra,
1491 ifp, td);
1492 }
1493 }
1494 }
1495
1496 return EOPNOTSUPP; /* just for safety */
1497}
1498
1499/*
1500 * Initialize an interface's intetnet6 address
1501 * and routing table entry.
1502 */
1503static int
1504in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia,
1505 struct sockaddr_in6 *sin6, int newhost)
1506{
1507 int error = 0, plen, ifacount = 0;
1508 int s = splimp();
1509 struct ifaddr *ifa;
1510
1511 /*
1512 * Give the interface a chance to initialize
1513 * if this is its first address,
1514 * and to validate the address if necessary.
1515 */
1516 IF_ADDR_LOCK(ifp);
1517 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1518 if (ifa->ifa_addr->sa_family != AF_INET6)
1519 continue;
1520 ifacount++;
1521 }
1522 IF_ADDR_UNLOCK(ifp);
1523
1524 ia->ia_addr = *sin6;
1525
1526 if (ifacount <= 1 && ifp->if_ioctl) {
1527 error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia);
1528 if (error) {
1529 splx(s);
1530 return (error);
1531 }
1532 }
1533 splx(s);
1534
1535 ia->ia_ifa.ifa_metric = ifp->if_metric;
1536
1537 /* we could do in(6)_socktrim here, but just omit it at this moment. */
1538
1539 /*
1540 * Special case:
1541 * If a new destination address is specified for a point-to-point
1542 * interface, install a route to the destination as an interface
1543 * direct route.
1544 * XXX: the logic below rejects assigning multiple addresses on a p2p
1545 * interface that share the same destination.
1546 */
1547 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */
1548 if (!(ia->ia_flags & IFA_ROUTE) && plen == 128) {
1549 struct sockaddr *dstaddr;
1550 int rtflags = RTF_UP | RTF_HOST;
1551
1552 /*
1553 * use the interface address if configuring an
1554 * interface address with a /128 prefix len
1555 */
1556 if (ia->ia_dstaddr.sin6_family == AF_INET6)
1557 dstaddr = (struct sockaddr *)&ia->ia_dstaddr;
1558 else
1559 dstaddr = (struct sockaddr *)&ia->ia_addr;
1560
1561 error = rtrequest(RTM_ADD,
1562 (struct sockaddr *)dstaddr,
1563 (struct sockaddr *)&ia->ia_addr,
1564 (struct sockaddr *)&ia->ia_prefixmask,
1565 ia->ia_flags | rtflags, NULL);
1566 if (error != 0)
1567 return (error);
1568 ia->ia_flags |= IFA_ROUTE;
1569 }
1570
1571 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */
1572 if (newhost) {
1573 struct llentry *ln;
1574
1575 IF_AFDATA_LOCK(ifp);
1576 ia->ia_ifa.ifa_rtrequest = NULL;
1577
1578 /* XXX QL
1579 * we need to report rt_newaddrmsg
1580 */
1581 ln = lla_lookup(LLTABLE6(ifp), (LLE_CREATE | LLE_IFADDR | LLE_EXCLUSIVE),
1582 (struct sockaddr *)&ia->ia_addr);
1583 IF_AFDATA_UNLOCK(ifp);
1584 if (ln != NULL) {
1585 ln->la_expire = 0; /* for IPv6 this means permanent */
1586 ln->ln_state = ND6_LLINFO_REACHABLE;
1587 LLE_WUNLOCK(ln);
1588 }
1589 }
1590
1591 return (error);
1592}
1593
|
1593struct in6_multi_mship *
1594in6_joingroup(struct ifnet *ifp, struct in6_addr *addr,
1595 int *errorp, int delay)
1596{
1597 struct in6_multi_mship *imm;
1598
1599 imm = malloc(sizeof(*imm), M_IP6MADDR, M_NOWAIT);
1600 if (!imm) {
1601 *errorp = ENOBUFS;
1602 return NULL;
1603 }
1604 imm->i6mm_maddr = in6_addmulti(addr, ifp, errorp, delay);
1605 if (!imm->i6mm_maddr) {
1606 /* *errorp is alrady set */
1607 free(imm, M_IP6MADDR);
1608 return NULL;
1609 }
1610 return imm;
1611}
1612
1613int
1614in6_leavegroup(struct in6_multi_mship *imm)
1615{
1616
1617 if (imm->i6mm_maddr)
1618 in6_delmulti(imm->i6mm_maddr);
1619 free(imm, M_IP6MADDR);
1620 return 0;
1621}
1622
| |
1623/*
1624 * Find an IPv6 interface link-local address specific to an interface.
1625 */
1626struct in6_ifaddr *
1627in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags)
1628{
1629 struct ifaddr *ifa;
1630
1631 IF_ADDR_LOCK(ifp);
1632 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1633 if (ifa->ifa_addr->sa_family != AF_INET6)
1634 continue;
1635 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) {
1636 if ((((struct in6_ifaddr *)ifa)->ia6_flags &
1637 ignoreflags) != 0)
1638 continue;
1639 break;
1640 }
1641 }
1642 IF_ADDR_UNLOCK(ifp);
1643
1644 return ((struct in6_ifaddr *)ifa);
1645}
1646
1647
1648/*
1649 * find the internet address corresponding to a given interface and address.
1650 */
1651struct in6_ifaddr *
1652in6ifa_ifpwithaddr(struct ifnet *ifp, struct in6_addr *addr)
1653{
1654 struct ifaddr *ifa;
1655
1656 IF_ADDR_LOCK(ifp);
1657 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1658 if (ifa->ifa_addr->sa_family != AF_INET6)
1659 continue;
1660 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa)))
1661 break;
1662 }
1663 IF_ADDR_UNLOCK(ifp);
1664
1665 return ((struct in6_ifaddr *)ifa);
1666}
1667
1668/*
1669 * Convert IP6 address to printable (loggable) representation. Caller
1670 * has to make sure that ip6buf is at least INET6_ADDRSTRLEN long.
1671 */
1672static char digits[] = "0123456789abcdef";
1673char *
1674ip6_sprintf(char *ip6buf, const struct in6_addr *addr)
1675{
1676 int i;
1677 char *cp;
1678 const u_int16_t *a = (const u_int16_t *)addr;
1679 const u_int8_t *d;
1680 int dcolon = 0, zero = 0;
1681
1682 cp = ip6buf;
1683
1684 for (i = 0; i < 8; i++) {
1685 if (dcolon == 1) {
1686 if (*a == 0) {
1687 if (i == 7)
1688 *cp++ = ':';
1689 a++;
1690 continue;
1691 } else
1692 dcolon = 2;
1693 }
1694 if (*a == 0) {
1695 if (dcolon == 0 && *(a + 1) == 0) {
1696 if (i == 0)
1697 *cp++ = ':';
1698 *cp++ = ':';
1699 dcolon = 1;
1700 } else {
1701 *cp++ = '0';
1702 *cp++ = ':';
1703 }
1704 a++;
1705 continue;
1706 }
1707 d = (const u_char *)a;
1708 /* Try to eliminate leading zeros in printout like in :0001. */
1709 zero = 1;
1710 *cp = digits[*d >> 4];
1711 if (*cp != '0') {
1712 zero = 0;
1713 cp++;
1714 }
1715 *cp = digits[*d++ & 0xf];
1716 if (zero == 0 || (*cp != '0')) {
1717 zero = 0;
1718 cp++;
1719 }
1720 *cp = digits[*d >> 4];
1721 if (zero == 0 || (*cp != '0')) {
1722 zero = 0;
1723 cp++;
1724 }
1725 *cp++ = digits[*d & 0xf];
1726 *cp++ = ':';
1727 a++;
1728 }
1729 *--cp = '\0';
1730 return (ip6buf);
1731}
1732
1733int
1734in6_localaddr(struct in6_addr *in6)
1735{
1736 INIT_VNET_INET6(curvnet);
1737 struct in6_ifaddr *ia;
1738
1739 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6))
1740 return 1;
1741
1742 for (ia = V_in6_ifaddr; ia; ia = ia->ia_next) {
1743 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr,
1744 &ia->ia_prefixmask.sin6_addr)) {
1745 return 1;
1746 }
1747 }
1748
1749 return (0);
1750}
1751
1752int
1753in6_is_addr_deprecated(struct sockaddr_in6 *sa6)
1754{
1755 INIT_VNET_INET6(curvnet);
1756 struct in6_ifaddr *ia;
1757
1758 for (ia = V_in6_ifaddr; ia; ia = ia->ia_next) {
1759 if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr,
1760 &sa6->sin6_addr) &&
1761 (ia->ia6_flags & IN6_IFF_DEPRECATED) != 0)
1762 return (1); /* true */
1763
1764 /* XXX: do we still have to go thru the rest of the list? */
1765 }
1766
1767 return (0); /* false */
1768}
1769
1770/*
1771 * return length of part which dst and src are equal
1772 * hard coding...
1773 */
1774int
1775in6_matchlen(struct in6_addr *src, struct in6_addr *dst)
1776{
1777 int match = 0;
1778 u_char *s = (u_char *)src, *d = (u_char *)dst;
1779 u_char *lim = s + 16, r;
1780
1781 while (s < lim)
1782 if ((r = (*d++ ^ *s++)) != 0) {
1783 while (r < 128) {
1784 match++;
1785 r <<= 1;
1786 }
1787 break;
1788 } else
1789 match += 8;
1790 return match;
1791}
1792
1793/* XXX: to be scope conscious */
1794int
1795in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len)
1796{
1797 int bytelen, bitlen;
1798
1799 /* sanity check */
1800 if (0 > len || len > 128) {
1801 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n",
1802 len);
1803 return (0);
1804 }
1805
1806 bytelen = len / 8;
1807 bitlen = len % 8;
1808
1809 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen))
1810 return (0);
1811 if (bitlen != 0 &&
1812 p1->s6_addr[bytelen] >> (8 - bitlen) !=
1813 p2->s6_addr[bytelen] >> (8 - bitlen))
1814 return (0);
1815
1816 return (1);
1817}
1818
1819void
1820in6_prefixlen2mask(struct in6_addr *maskp, int len)
1821{
1822 u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff};
1823 int bytelen, bitlen, i;
1824
1825 /* sanity check */
1826 if (0 > len || len > 128) {
1827 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n",
1828 len);
1829 return;
1830 }
1831
1832 bzero(maskp, sizeof(*maskp));
1833 bytelen = len / 8;
1834 bitlen = len % 8;
1835 for (i = 0; i < bytelen; i++)
1836 maskp->s6_addr[i] = 0xff;
1837 if (bitlen)
1838 maskp->s6_addr[bytelen] = maskarray[bitlen - 1];
1839}
1840
1841/*
1842 * return the best address out of the same scope. if no address was
1843 * found, return the first valid address from designated IF.
1844 */
1845struct in6_ifaddr *
1846in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst)
1847{
1848 INIT_VNET_INET6(curvnet);
1849 int dst_scope = in6_addrscope(dst), blen = -1, tlen;
1850 struct ifaddr *ifa;
1851 struct in6_ifaddr *besta = 0;
1852 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */
1853
1854 dep[0] = dep[1] = NULL;
1855
1856 /*
1857 * We first look for addresses in the same scope.
1858 * If there is one, return it.
1859 * If two or more, return one which matches the dst longest.
1860 * If none, return one of global addresses assigned other ifs.
1861 */
1862 IF_ADDR_LOCK(ifp);
1863 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1864 if (ifa->ifa_addr->sa_family != AF_INET6)
1865 continue;
1866 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
1867 continue; /* XXX: is there any case to allow anycast? */
1868 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
1869 continue; /* don't use this interface */
1870 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
1871 continue;
1872 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
1873 if (V_ip6_use_deprecated)
1874 dep[0] = (struct in6_ifaddr *)ifa;
1875 continue;
1876 }
1877
1878 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) {
1879 /*
1880 * call in6_matchlen() as few as possible
1881 */
1882 if (besta) {
1883 if (blen == -1)
1884 blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst);
1885 tlen = in6_matchlen(IFA_IN6(ifa), dst);
1886 if (tlen > blen) {
1887 blen = tlen;
1888 besta = (struct in6_ifaddr *)ifa;
1889 }
1890 } else
1891 besta = (struct in6_ifaddr *)ifa;
1892 }
1893 }
1894 if (besta) {
1895 IF_ADDR_UNLOCK(ifp);
1896 return (besta);
1897 }
1898
1899 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1900 if (ifa->ifa_addr->sa_family != AF_INET6)
1901 continue;
1902 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
1903 continue; /* XXX: is there any case to allow anycast? */
1904 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
1905 continue; /* don't use this interface */
1906 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
1907 continue;
1908 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
1909 if (V_ip6_use_deprecated)
1910 dep[1] = (struct in6_ifaddr *)ifa;
1911 continue;
1912 }
1913
1914 IF_ADDR_UNLOCK(ifp);
1915 return (struct in6_ifaddr *)ifa;
1916 }
1917 IF_ADDR_UNLOCK(ifp);
1918
1919 /* use the last-resort values, that are, deprecated addresses */
1920 if (dep[0])
1921 return dep[0];
1922 if (dep[1])
1923 return dep[1];
1924
1925 return NULL;
1926}
1927
1928/*
1929 * perform DAD when interface becomes IFF_UP.
1930 */
1931void
1932in6_if_up(struct ifnet *ifp)
1933{
1934 struct ifaddr *ifa;
1935 struct in6_ifaddr *ia;
1936
1937 IF_ADDR_LOCK(ifp);
1938 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1939 if (ifa->ifa_addr->sa_family != AF_INET6)
1940 continue;
1941 ia = (struct in6_ifaddr *)ifa;
1942 if (ia->ia6_flags & IN6_IFF_TENTATIVE) {
1943 /*
1944 * The TENTATIVE flag was likely set by hand
1945 * beforehand, implicitly indicating the need for DAD.
1946 * We may be able to skip the random delay in this
1947 * case, but we impose delays just in case.
1948 */
1949 nd6_dad_start(ifa,
1950 arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz));
1951 }
1952 }
1953 IF_ADDR_UNLOCK(ifp);
1954
1955 /*
1956 * special cases, like 6to4, are handled in in6_ifattach
1957 */
1958 in6_ifattach(ifp, NULL);
1959}
1960
1961int
1962in6if_do_dad(struct ifnet *ifp)
1963{
1964 if ((ifp->if_flags & IFF_LOOPBACK) != 0)
1965 return (0);
1966
1967 switch (ifp->if_type) {
1968#ifdef IFT_DUMMY
1969 case IFT_DUMMY:
1970#endif
1971 case IFT_FAITH:
1972 /*
1973 * These interfaces do not have the IFF_LOOPBACK flag,
1974 * but loop packets back. We do not have to do DAD on such
1975 * interfaces. We should even omit it, because loop-backed
1976 * NS would confuse the DAD procedure.
1977 */
1978 return (0);
1979 default:
1980 /*
1981 * Our DAD routine requires the interface up and running.
1982 * However, some interfaces can be up before the RUNNING
1983 * status. Additionaly, users may try to assign addresses
1984 * before the interface becomes up (or running).
1985 * We simply skip DAD in such a case as a work around.
1986 * XXX: we should rather mark "tentative" on such addresses,
1987 * and do DAD after the interface becomes ready.
1988 */
1989 if (!((ifp->if_flags & IFF_UP) &&
1990 (ifp->if_drv_flags & IFF_DRV_RUNNING)))
1991 return (0);
1992
1993 return (1);
1994 }
1995}
1996
1997/*
1998 * Calculate max IPv6 MTU through all the interfaces and store it
1999 * to in6_maxmtu.
2000 */
2001void
2002in6_setmaxmtu(void)
2003{
2004 INIT_VNET_NET(curvnet);
2005 INIT_VNET_INET6(curvnet);
2006 unsigned long maxmtu = 0;
2007 struct ifnet *ifp;
2008
2009 IFNET_RLOCK();
2010 for (ifp = TAILQ_FIRST(&V_ifnet); ifp;
2011 ifp = TAILQ_NEXT(ifp, if_list)) {
2012 /* this function can be called during ifnet initialization */
2013 if (!ifp->if_afdata[AF_INET6])
2014 continue;
2015 if ((ifp->if_flags & IFF_LOOPBACK) == 0 &&
2016 IN6_LINKMTU(ifp) > maxmtu)
2017 maxmtu = IN6_LINKMTU(ifp);
2018 }
2019 IFNET_RUNLOCK();
2020 if (maxmtu) /* update only when maxmtu is positive */
2021 V_in6_maxmtu = maxmtu;
2022}
2023
2024/*
2025 * Provide the length of interface identifiers to be used for the link attached
2026 * to the given interface. The length should be defined in "IPv6 over
2027 * xxx-link" document. Note that address architecture might also define
2028 * the length for a particular set of address prefixes, regardless of the
2029 * link type. As clarified in rfc2462bis, those two definitions should be
2030 * consistent, and those really are as of August 2004.
2031 */
2032int
2033in6_if2idlen(struct ifnet *ifp)
2034{
2035 switch (ifp->if_type) {
2036 case IFT_ETHER: /* RFC2464 */
2037#ifdef IFT_PROPVIRTUAL
2038 case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */
2039#endif
2040#ifdef IFT_L2VLAN
2041 case IFT_L2VLAN: /* ditto */
2042#endif
2043#ifdef IFT_IEEE80211
2044 case IFT_IEEE80211: /* ditto */
2045#endif
2046#ifdef IFT_MIP
2047 case IFT_MIP: /* ditto */
2048#endif
2049 return (64);
2050 case IFT_FDDI: /* RFC2467 */
2051 return (64);
2052 case IFT_ISO88025: /* RFC2470 (IPv6 over Token Ring) */
2053 return (64);
2054 case IFT_PPP: /* RFC2472 */
2055 return (64);
2056 case IFT_ARCNET: /* RFC2497 */
2057 return (64);
2058 case IFT_FRELAY: /* RFC2590 */
2059 return (64);
2060 case IFT_IEEE1394: /* RFC3146 */
2061 return (64);
2062 case IFT_GIF:
2063 return (64); /* draft-ietf-v6ops-mech-v2-07 */
2064 case IFT_LOOP:
2065 return (64); /* XXX: is this really correct? */
2066 default:
2067 /*
2068 * Unknown link type:
2069 * It might be controversial to use the today's common constant
2070 * of 64 for these cases unconditionally. For full compliance,
2071 * we should return an error in this case. On the other hand,
2072 * if we simply miss the standard for the link type or a new
2073 * standard is defined for a new link type, the IFID length
2074 * is very likely to be the common constant. As a compromise,
2075 * we always use the constant, but make an explicit notice
2076 * indicating the "unknown" case.
2077 */
2078 printf("in6_if2idlen: unknown link type (%d)\n", ifp->if_type);
2079 return (64);
2080 }
2081}
2082
2083#include <sys/sysctl.h>
2084
2085struct in6_llentry {
2086 struct llentry base;
2087 struct sockaddr_in6 l3_addr6;
2088};
2089
2090static struct llentry *
2091in6_lltable_new(const struct sockaddr *l3addr, u_int flags)
2092{
2093 struct in6_llentry *lle;
2094
2095 lle = malloc(sizeof(struct in6_llentry), M_LLTABLE,
2096 M_DONTWAIT | M_ZERO);
2097 if (lle == NULL) /* NB: caller generates msg */
2098 return NULL;
2099
2100 callout_init(&lle->base.ln_timer_ch, CALLOUT_MPSAFE);
2101 lle->l3_addr6 = *(const struct sockaddr_in6 *)l3addr;
2102 lle->base.lle_refcnt = 1;
2103 LLE_LOCK_INIT(&lle->base);
2104 return &lle->base;
2105}
2106
2107/*
2108 * Deletes an address from the address table.
2109 * This function is called by the timer functions
2110 * such as arptimer() and nd6_llinfo_timer(), and
2111 * the caller does the locking.
2112 */
2113static void
2114in6_lltable_free(struct lltable *llt, struct llentry *lle)
2115{
2116 LLE_WUNLOCK(lle);
2117 LLE_LOCK_DESTROY(lle);
2118 free(lle, M_LLTABLE);
2119}
2120
2121static int
2122in6_lltable_rtcheck(struct ifnet *ifp, const struct sockaddr *l3addr)
2123{
2124 struct rtentry *rt;
2125 char ip6buf[INET6_ADDRSTRLEN];
2126
2127 KASSERT(l3addr->sa_family == AF_INET6,
2128 ("sin_family %d", l3addr->sa_family));
2129
2130 /* XXX rtalloc1 should take a const param */
2131 rt = rtalloc1(__DECONST(struct sockaddr *, l3addr), 0, 0);
2132 if (rt == NULL || (rt->rt_flags & RTF_GATEWAY) || rt->rt_ifp != ifp) {
2133 struct ifaddr *ifa;
2134 /*
2135 * Create an ND6 cache for an IPv6 neighbor
2136 * that is not covered by our own prefix.
2137 */
2138 /* XXX ifaof_ifpforaddr should take a const param */
2139 ifa = ifaof_ifpforaddr(__DECONST(struct sockaddr *, l3addr), ifp);
2140 if (ifa != NULL) {
2141 if (rt != NULL)
2142 RTFREE_LOCKED(rt);
2143 return 0;
2144 }
2145 log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n",
2146 ip6_sprintf(ip6buf, &((const struct sockaddr_in6 *)l3addr)->sin6_addr));
2147 if (rt != NULL)
2148 RTFREE_LOCKED(rt);
2149 return EINVAL;
2150 }
2151 RTFREE_LOCKED(rt);
2152 return 0;
2153}
2154
2155static struct llentry *
2156in6_lltable_lookup(struct lltable *llt, u_int flags,
2157 const struct sockaddr *l3addr)
2158{
2159 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr;
2160 struct ifnet *ifp = llt->llt_ifp;
2161 struct llentry *lle;
2162 struct llentries *lleh;
2163 u_int hashkey;
2164
2165 IF_AFDATA_LOCK_ASSERT(ifp);
2166 KASSERT(l3addr->sa_family == AF_INET6,
2167 ("sin_family %d", l3addr->sa_family));
2168
2169 hashkey = sin6->sin6_addr.s6_addr32[3];
2170 lleh = &llt->lle_head[LLATBL_HASH(hashkey, LLTBL_HASHMASK)];
2171 LIST_FOREACH(lle, lleh, lle_next) {
2172 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)L3_ADDR(lle);
2173 if (lle->la_flags & LLE_DELETED)
2174 continue;
2175 if (bcmp(&sa6->sin6_addr, &sin6->sin6_addr,
2176 sizeof(struct in6_addr)) == 0)
2177 break;
2178 }
2179
2180 if (lle == NULL) {
2181 if (!(flags & LLE_CREATE))
2182 return (NULL);
2183 /*
2184 * A route that covers the given address must have
2185 * been installed 1st because we are doing a resolution,
2186 * verify this.
2187 */
2188 if (!(flags & LLE_IFADDR) &&
2189 in6_lltable_rtcheck(ifp, l3addr) != 0)
2190 return NULL;
2191
2192 lle = in6_lltable_new(l3addr, flags);
2193 if (lle == NULL) {
2194 log(LOG_INFO, "lla_lookup: new lle malloc failed\n");
2195 return NULL;
2196 }
2197 lle->la_flags = flags & ~LLE_CREATE;
2198 if ((flags & (LLE_CREATE | LLE_IFADDR)) == (LLE_CREATE | LLE_IFADDR)) {
2199 bcopy(IF_LLADDR(ifp), &lle->ll_addr, ifp->if_addrlen);
2200 lle->la_flags |= (LLE_VALID | LLE_STATIC);
2201 }
2202
2203 lle->lle_tbl = llt;
2204 lle->lle_head = lleh;
2205 LIST_INSERT_HEAD(lleh, lle, lle_next);
2206 } else if (flags & LLE_DELETE) {
2207 if (!(lle->la_flags & LLE_IFADDR) || (flags & LLE_IFADDR)) {
2208 LLE_WLOCK(lle);
2209 lle->la_flags = LLE_DELETED;
2210 LLE_WUNLOCK(lle);
2211#ifdef DIAGNOSTICS
2212 log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle);
2213#endif
2214 }
2215 lle = (void *)-1;
2216 }
2217 if (LLE_IS_VALID(lle)) {
2218 if (flags & LLE_EXCLUSIVE)
2219 LLE_WLOCK(lle);
2220 else
2221 LLE_RLOCK(lle);
2222 }
2223 return (lle);
2224}
2225
2226static int
2227in6_lltable_dump(struct lltable *llt, struct sysctl_req *wr)
2228{
2229 struct ifnet *ifp = llt->llt_ifp;
2230 struct llentry *lle;
2231 /* XXX stack use */
2232 struct {
2233 struct rt_msghdr rtm;
2234 struct sockaddr_in6 sin6;
2235 /*
2236 * ndp.c assumes that sdl is word aligned
2237 */
2238#ifdef __LP64__
2239 uint32_t pad;
2240#endif
2241 struct sockaddr_dl sdl;
2242 } ndpc;
2243 int i, error;
2244
2245 /* XXXXX
2246 * current IFNET_RLOCK() is mapped to IFNET_WLOCK()
2247 * so it is okay to use this ASSERT, change it when
2248 * IFNET lock is finalized
2249 */
2250 IFNET_WLOCK_ASSERT();
2251
2252 error = 0;
2253 for (i = 0; i < LLTBL_HASHTBL_SIZE; i++) {
2254 LIST_FOREACH(lle, &llt->lle_head[i], lle_next) {
2255 struct sockaddr_dl *sdl;
2256
2257 /* skip deleted or invalid entries */
2258 if ((lle->la_flags & (LLE_DELETED|LLE_VALID)) != LLE_VALID)
2259 continue;
2260 /* Skip if jailed and not a valid IP of the prison. */
2261 if (prison_if(wr->td->td_ucred, L3_ADDR(lle)) != 0)
2262 continue;
2263 /*
2264 * produce a msg made of:
2265 * struct rt_msghdr;
2266 * struct sockaddr_in6 (IPv6)
2267 * struct sockaddr_dl;
2268 */
2269 bzero(&ndpc, sizeof(ndpc));
2270 ndpc.rtm.rtm_msglen = sizeof(ndpc);
2271 ndpc.rtm.rtm_version = RTM_VERSION;
2272 ndpc.rtm.rtm_type = RTM_GET;
2273 ndpc.rtm.rtm_flags = RTF_UP;
2274 ndpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY;
2275 ndpc.sin6.sin6_family = AF_INET6;
2276 ndpc.sin6.sin6_len = sizeof(ndpc.sin6);
2277 bcopy(L3_ADDR(lle), &ndpc.sin6, L3_ADDR_LEN(lle));
2278
2279 /* publish */
2280 if (lle->la_flags & LLE_PUB)
2281 ndpc.rtm.rtm_flags |= RTF_ANNOUNCE;
2282
2283 sdl = &ndpc.sdl;
2284 sdl->sdl_family = AF_LINK;
2285 sdl->sdl_len = sizeof(*sdl);
2286 sdl->sdl_alen = ifp->if_addrlen;
2287 sdl->sdl_index = ifp->if_index;
2288 sdl->sdl_type = ifp->if_type;
2289 bcopy(&lle->ll_addr, LLADDR(sdl), ifp->if_addrlen);
2290 ndpc.rtm.rtm_rmx.rmx_expire =
2291 lle->la_flags & LLE_STATIC ? 0 : lle->la_expire;
2292 ndpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA);
2293 if (lle->la_flags & LLE_STATIC)
2294 ndpc.rtm.rtm_flags |= RTF_STATIC;
2295 ndpc.rtm.rtm_index = ifp->if_index;
2296 error = SYSCTL_OUT(wr, &ndpc, sizeof(ndpc));
2297 if (error)
2298 break;
2299 }
2300 }
2301 return error;
2302}
2303
2304void *
2305in6_domifattach(struct ifnet *ifp)
2306{
2307 struct in6_ifextra *ext;
2308
2309 ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK);
2310 bzero(ext, sizeof(*ext));
2311
2312 ext->in6_ifstat = (struct in6_ifstat *)malloc(sizeof(struct in6_ifstat),
2313 M_IFADDR, M_WAITOK);
2314 bzero(ext->in6_ifstat, sizeof(*ext->in6_ifstat));
2315
2316 ext->icmp6_ifstat =
2317 (struct icmp6_ifstat *)malloc(sizeof(struct icmp6_ifstat),
2318 M_IFADDR, M_WAITOK);
2319 bzero(ext->icmp6_ifstat, sizeof(*ext->icmp6_ifstat));
2320
2321 ext->nd_ifinfo = nd6_ifattach(ifp);
2322 ext->scope6_id = scope6_ifattach(ifp);
2323 ext->lltable = lltable_init(ifp, AF_INET6);
2324 if (ext->lltable != NULL) {
2325 ext->lltable->llt_new = in6_lltable_new;
2326 ext->lltable->llt_free = in6_lltable_free;
2327 ext->lltable->llt_rtcheck = in6_lltable_rtcheck;
2328 ext->lltable->llt_lookup = in6_lltable_lookup;
2329 ext->lltable->llt_dump = in6_lltable_dump;
2330 }
| 1594/*
1595 * Find an IPv6 interface link-local address specific to an interface.
1596 */
1597struct in6_ifaddr *
1598in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags)
1599{
1600 struct ifaddr *ifa;
1601
1602 IF_ADDR_LOCK(ifp);
1603 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1604 if (ifa->ifa_addr->sa_family != AF_INET6)
1605 continue;
1606 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) {
1607 if ((((struct in6_ifaddr *)ifa)->ia6_flags &
1608 ignoreflags) != 0)
1609 continue;
1610 break;
1611 }
1612 }
1613 IF_ADDR_UNLOCK(ifp);
1614
1615 return ((struct in6_ifaddr *)ifa);
1616}
1617
1618
1619/*
1620 * find the internet address corresponding to a given interface and address.
1621 */
1622struct in6_ifaddr *
1623in6ifa_ifpwithaddr(struct ifnet *ifp, struct in6_addr *addr)
1624{
1625 struct ifaddr *ifa;
1626
1627 IF_ADDR_LOCK(ifp);
1628 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1629 if (ifa->ifa_addr->sa_family != AF_INET6)
1630 continue;
1631 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa)))
1632 break;
1633 }
1634 IF_ADDR_UNLOCK(ifp);
1635
1636 return ((struct in6_ifaddr *)ifa);
1637}
1638
1639/*
1640 * Convert IP6 address to printable (loggable) representation. Caller
1641 * has to make sure that ip6buf is at least INET6_ADDRSTRLEN long.
1642 */
1643static char digits[] = "0123456789abcdef";
1644char *
1645ip6_sprintf(char *ip6buf, const struct in6_addr *addr)
1646{
1647 int i;
1648 char *cp;
1649 const u_int16_t *a = (const u_int16_t *)addr;
1650 const u_int8_t *d;
1651 int dcolon = 0, zero = 0;
1652
1653 cp = ip6buf;
1654
1655 for (i = 0; i < 8; i++) {
1656 if (dcolon == 1) {
1657 if (*a == 0) {
1658 if (i == 7)
1659 *cp++ = ':';
1660 a++;
1661 continue;
1662 } else
1663 dcolon = 2;
1664 }
1665 if (*a == 0) {
1666 if (dcolon == 0 && *(a + 1) == 0) {
1667 if (i == 0)
1668 *cp++ = ':';
1669 *cp++ = ':';
1670 dcolon = 1;
1671 } else {
1672 *cp++ = '0';
1673 *cp++ = ':';
1674 }
1675 a++;
1676 continue;
1677 }
1678 d = (const u_char *)a;
1679 /* Try to eliminate leading zeros in printout like in :0001. */
1680 zero = 1;
1681 *cp = digits[*d >> 4];
1682 if (*cp != '0') {
1683 zero = 0;
1684 cp++;
1685 }
1686 *cp = digits[*d++ & 0xf];
1687 if (zero == 0 || (*cp != '0')) {
1688 zero = 0;
1689 cp++;
1690 }
1691 *cp = digits[*d >> 4];
1692 if (zero == 0 || (*cp != '0')) {
1693 zero = 0;
1694 cp++;
1695 }
1696 *cp++ = digits[*d & 0xf];
1697 *cp++ = ':';
1698 a++;
1699 }
1700 *--cp = '\0';
1701 return (ip6buf);
1702}
1703
1704int
1705in6_localaddr(struct in6_addr *in6)
1706{
1707 INIT_VNET_INET6(curvnet);
1708 struct in6_ifaddr *ia;
1709
1710 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6))
1711 return 1;
1712
1713 for (ia = V_in6_ifaddr; ia; ia = ia->ia_next) {
1714 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr,
1715 &ia->ia_prefixmask.sin6_addr)) {
1716 return 1;
1717 }
1718 }
1719
1720 return (0);
1721}
1722
1723int
1724in6_is_addr_deprecated(struct sockaddr_in6 *sa6)
1725{
1726 INIT_VNET_INET6(curvnet);
1727 struct in6_ifaddr *ia;
1728
1729 for (ia = V_in6_ifaddr; ia; ia = ia->ia_next) {
1730 if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr,
1731 &sa6->sin6_addr) &&
1732 (ia->ia6_flags & IN6_IFF_DEPRECATED) != 0)
1733 return (1); /* true */
1734
1735 /* XXX: do we still have to go thru the rest of the list? */
1736 }
1737
1738 return (0); /* false */
1739}
1740
1741/*
1742 * return length of part which dst and src are equal
1743 * hard coding...
1744 */
1745int
1746in6_matchlen(struct in6_addr *src, struct in6_addr *dst)
1747{
1748 int match = 0;
1749 u_char *s = (u_char *)src, *d = (u_char *)dst;
1750 u_char *lim = s + 16, r;
1751
1752 while (s < lim)
1753 if ((r = (*d++ ^ *s++)) != 0) {
1754 while (r < 128) {
1755 match++;
1756 r <<= 1;
1757 }
1758 break;
1759 } else
1760 match += 8;
1761 return match;
1762}
1763
1764/* XXX: to be scope conscious */
1765int
1766in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len)
1767{
1768 int bytelen, bitlen;
1769
1770 /* sanity check */
1771 if (0 > len || len > 128) {
1772 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n",
1773 len);
1774 return (0);
1775 }
1776
1777 bytelen = len / 8;
1778 bitlen = len % 8;
1779
1780 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen))
1781 return (0);
1782 if (bitlen != 0 &&
1783 p1->s6_addr[bytelen] >> (8 - bitlen) !=
1784 p2->s6_addr[bytelen] >> (8 - bitlen))
1785 return (0);
1786
1787 return (1);
1788}
1789
1790void
1791in6_prefixlen2mask(struct in6_addr *maskp, int len)
1792{
1793 u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff};
1794 int bytelen, bitlen, i;
1795
1796 /* sanity check */
1797 if (0 > len || len > 128) {
1798 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n",
1799 len);
1800 return;
1801 }
1802
1803 bzero(maskp, sizeof(*maskp));
1804 bytelen = len / 8;
1805 bitlen = len % 8;
1806 for (i = 0; i < bytelen; i++)
1807 maskp->s6_addr[i] = 0xff;
1808 if (bitlen)
1809 maskp->s6_addr[bytelen] = maskarray[bitlen - 1];
1810}
1811
1812/*
1813 * return the best address out of the same scope. if no address was
1814 * found, return the first valid address from designated IF.
1815 */
1816struct in6_ifaddr *
1817in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst)
1818{
1819 INIT_VNET_INET6(curvnet);
1820 int dst_scope = in6_addrscope(dst), blen = -1, tlen;
1821 struct ifaddr *ifa;
1822 struct in6_ifaddr *besta = 0;
1823 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */
1824
1825 dep[0] = dep[1] = NULL;
1826
1827 /*
1828 * We first look for addresses in the same scope.
1829 * If there is one, return it.
1830 * If two or more, return one which matches the dst longest.
1831 * If none, return one of global addresses assigned other ifs.
1832 */
1833 IF_ADDR_LOCK(ifp);
1834 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1835 if (ifa->ifa_addr->sa_family != AF_INET6)
1836 continue;
1837 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
1838 continue; /* XXX: is there any case to allow anycast? */
1839 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
1840 continue; /* don't use this interface */
1841 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
1842 continue;
1843 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
1844 if (V_ip6_use_deprecated)
1845 dep[0] = (struct in6_ifaddr *)ifa;
1846 continue;
1847 }
1848
1849 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) {
1850 /*
1851 * call in6_matchlen() as few as possible
1852 */
1853 if (besta) {
1854 if (blen == -1)
1855 blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst);
1856 tlen = in6_matchlen(IFA_IN6(ifa), dst);
1857 if (tlen > blen) {
1858 blen = tlen;
1859 besta = (struct in6_ifaddr *)ifa;
1860 }
1861 } else
1862 besta = (struct in6_ifaddr *)ifa;
1863 }
1864 }
1865 if (besta) {
1866 IF_ADDR_UNLOCK(ifp);
1867 return (besta);
1868 }
1869
1870 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1871 if (ifa->ifa_addr->sa_family != AF_INET6)
1872 continue;
1873 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
1874 continue; /* XXX: is there any case to allow anycast? */
1875 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
1876 continue; /* don't use this interface */
1877 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
1878 continue;
1879 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
1880 if (V_ip6_use_deprecated)
1881 dep[1] = (struct in6_ifaddr *)ifa;
1882 continue;
1883 }
1884
1885 IF_ADDR_UNLOCK(ifp);
1886 return (struct in6_ifaddr *)ifa;
1887 }
1888 IF_ADDR_UNLOCK(ifp);
1889
1890 /* use the last-resort values, that are, deprecated addresses */
1891 if (dep[0])
1892 return dep[0];
1893 if (dep[1])
1894 return dep[1];
1895
1896 return NULL;
1897}
1898
1899/*
1900 * perform DAD when interface becomes IFF_UP.
1901 */
1902void
1903in6_if_up(struct ifnet *ifp)
1904{
1905 struct ifaddr *ifa;
1906 struct in6_ifaddr *ia;
1907
1908 IF_ADDR_LOCK(ifp);
1909 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1910 if (ifa->ifa_addr->sa_family != AF_INET6)
1911 continue;
1912 ia = (struct in6_ifaddr *)ifa;
1913 if (ia->ia6_flags & IN6_IFF_TENTATIVE) {
1914 /*
1915 * The TENTATIVE flag was likely set by hand
1916 * beforehand, implicitly indicating the need for DAD.
1917 * We may be able to skip the random delay in this
1918 * case, but we impose delays just in case.
1919 */
1920 nd6_dad_start(ifa,
1921 arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz));
1922 }
1923 }
1924 IF_ADDR_UNLOCK(ifp);
1925
1926 /*
1927 * special cases, like 6to4, are handled in in6_ifattach
1928 */
1929 in6_ifattach(ifp, NULL);
1930}
1931
1932int
1933in6if_do_dad(struct ifnet *ifp)
1934{
1935 if ((ifp->if_flags & IFF_LOOPBACK) != 0)
1936 return (0);
1937
1938 switch (ifp->if_type) {
1939#ifdef IFT_DUMMY
1940 case IFT_DUMMY:
1941#endif
1942 case IFT_FAITH:
1943 /*
1944 * These interfaces do not have the IFF_LOOPBACK flag,
1945 * but loop packets back. We do not have to do DAD on such
1946 * interfaces. We should even omit it, because loop-backed
1947 * NS would confuse the DAD procedure.
1948 */
1949 return (0);
1950 default:
1951 /*
1952 * Our DAD routine requires the interface up and running.
1953 * However, some interfaces can be up before the RUNNING
1954 * status. Additionaly, users may try to assign addresses
1955 * before the interface becomes up (or running).
1956 * We simply skip DAD in such a case as a work around.
1957 * XXX: we should rather mark "tentative" on such addresses,
1958 * and do DAD after the interface becomes ready.
1959 */
1960 if (!((ifp->if_flags & IFF_UP) &&
1961 (ifp->if_drv_flags & IFF_DRV_RUNNING)))
1962 return (0);
1963
1964 return (1);
1965 }
1966}
1967
1968/*
1969 * Calculate max IPv6 MTU through all the interfaces and store it
1970 * to in6_maxmtu.
1971 */
1972void
1973in6_setmaxmtu(void)
1974{
1975 INIT_VNET_NET(curvnet);
1976 INIT_VNET_INET6(curvnet);
1977 unsigned long maxmtu = 0;
1978 struct ifnet *ifp;
1979
1980 IFNET_RLOCK();
1981 for (ifp = TAILQ_FIRST(&V_ifnet); ifp;
1982 ifp = TAILQ_NEXT(ifp, if_list)) {
1983 /* this function can be called during ifnet initialization */
1984 if (!ifp->if_afdata[AF_INET6])
1985 continue;
1986 if ((ifp->if_flags & IFF_LOOPBACK) == 0 &&
1987 IN6_LINKMTU(ifp) > maxmtu)
1988 maxmtu = IN6_LINKMTU(ifp);
1989 }
1990 IFNET_RUNLOCK();
1991 if (maxmtu) /* update only when maxmtu is positive */
1992 V_in6_maxmtu = maxmtu;
1993}
1994
1995/*
1996 * Provide the length of interface identifiers to be used for the link attached
1997 * to the given interface. The length should be defined in "IPv6 over
1998 * xxx-link" document. Note that address architecture might also define
1999 * the length for a particular set of address prefixes, regardless of the
2000 * link type. As clarified in rfc2462bis, those two definitions should be
2001 * consistent, and those really are as of August 2004.
2002 */
2003int
2004in6_if2idlen(struct ifnet *ifp)
2005{
2006 switch (ifp->if_type) {
2007 case IFT_ETHER: /* RFC2464 */
2008#ifdef IFT_PROPVIRTUAL
2009 case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */
2010#endif
2011#ifdef IFT_L2VLAN
2012 case IFT_L2VLAN: /* ditto */
2013#endif
2014#ifdef IFT_IEEE80211
2015 case IFT_IEEE80211: /* ditto */
2016#endif
2017#ifdef IFT_MIP
2018 case IFT_MIP: /* ditto */
2019#endif
2020 return (64);
2021 case IFT_FDDI: /* RFC2467 */
2022 return (64);
2023 case IFT_ISO88025: /* RFC2470 (IPv6 over Token Ring) */
2024 return (64);
2025 case IFT_PPP: /* RFC2472 */
2026 return (64);
2027 case IFT_ARCNET: /* RFC2497 */
2028 return (64);
2029 case IFT_FRELAY: /* RFC2590 */
2030 return (64);
2031 case IFT_IEEE1394: /* RFC3146 */
2032 return (64);
2033 case IFT_GIF:
2034 return (64); /* draft-ietf-v6ops-mech-v2-07 */
2035 case IFT_LOOP:
2036 return (64); /* XXX: is this really correct? */
2037 default:
2038 /*
2039 * Unknown link type:
2040 * It might be controversial to use the today's common constant
2041 * of 64 for these cases unconditionally. For full compliance,
2042 * we should return an error in this case. On the other hand,
2043 * if we simply miss the standard for the link type or a new
2044 * standard is defined for a new link type, the IFID length
2045 * is very likely to be the common constant. As a compromise,
2046 * we always use the constant, but make an explicit notice
2047 * indicating the "unknown" case.
2048 */
2049 printf("in6_if2idlen: unknown link type (%d)\n", ifp->if_type);
2050 return (64);
2051 }
2052}
2053
2054#include <sys/sysctl.h>
2055
2056struct in6_llentry {
2057 struct llentry base;
2058 struct sockaddr_in6 l3_addr6;
2059};
2060
2061static struct llentry *
2062in6_lltable_new(const struct sockaddr *l3addr, u_int flags)
2063{
2064 struct in6_llentry *lle;
2065
2066 lle = malloc(sizeof(struct in6_llentry), M_LLTABLE,
2067 M_DONTWAIT | M_ZERO);
2068 if (lle == NULL) /* NB: caller generates msg */
2069 return NULL;
2070
2071 callout_init(&lle->base.ln_timer_ch, CALLOUT_MPSAFE);
2072 lle->l3_addr6 = *(const struct sockaddr_in6 *)l3addr;
2073 lle->base.lle_refcnt = 1;
2074 LLE_LOCK_INIT(&lle->base);
2075 return &lle->base;
2076}
2077
2078/*
2079 * Deletes an address from the address table.
2080 * This function is called by the timer functions
2081 * such as arptimer() and nd6_llinfo_timer(), and
2082 * the caller does the locking.
2083 */
2084static void
2085in6_lltable_free(struct lltable *llt, struct llentry *lle)
2086{
2087 LLE_WUNLOCK(lle);
2088 LLE_LOCK_DESTROY(lle);
2089 free(lle, M_LLTABLE);
2090}
2091
2092static int
2093in6_lltable_rtcheck(struct ifnet *ifp, const struct sockaddr *l3addr)
2094{
2095 struct rtentry *rt;
2096 char ip6buf[INET6_ADDRSTRLEN];
2097
2098 KASSERT(l3addr->sa_family == AF_INET6,
2099 ("sin_family %d", l3addr->sa_family));
2100
2101 /* XXX rtalloc1 should take a const param */
2102 rt = rtalloc1(__DECONST(struct sockaddr *, l3addr), 0, 0);
2103 if (rt == NULL || (rt->rt_flags & RTF_GATEWAY) || rt->rt_ifp != ifp) {
2104 struct ifaddr *ifa;
2105 /*
2106 * Create an ND6 cache for an IPv6 neighbor
2107 * that is not covered by our own prefix.
2108 */
2109 /* XXX ifaof_ifpforaddr should take a const param */
2110 ifa = ifaof_ifpforaddr(__DECONST(struct sockaddr *, l3addr), ifp);
2111 if (ifa != NULL) {
2112 if (rt != NULL)
2113 RTFREE_LOCKED(rt);
2114 return 0;
2115 }
2116 log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n",
2117 ip6_sprintf(ip6buf, &((const struct sockaddr_in6 *)l3addr)->sin6_addr));
2118 if (rt != NULL)
2119 RTFREE_LOCKED(rt);
2120 return EINVAL;
2121 }
2122 RTFREE_LOCKED(rt);
2123 return 0;
2124}
2125
2126static struct llentry *
2127in6_lltable_lookup(struct lltable *llt, u_int flags,
2128 const struct sockaddr *l3addr)
2129{
2130 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr;
2131 struct ifnet *ifp = llt->llt_ifp;
2132 struct llentry *lle;
2133 struct llentries *lleh;
2134 u_int hashkey;
2135
2136 IF_AFDATA_LOCK_ASSERT(ifp);
2137 KASSERT(l3addr->sa_family == AF_INET6,
2138 ("sin_family %d", l3addr->sa_family));
2139
2140 hashkey = sin6->sin6_addr.s6_addr32[3];
2141 lleh = &llt->lle_head[LLATBL_HASH(hashkey, LLTBL_HASHMASK)];
2142 LIST_FOREACH(lle, lleh, lle_next) {
2143 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)L3_ADDR(lle);
2144 if (lle->la_flags & LLE_DELETED)
2145 continue;
2146 if (bcmp(&sa6->sin6_addr, &sin6->sin6_addr,
2147 sizeof(struct in6_addr)) == 0)
2148 break;
2149 }
2150
2151 if (lle == NULL) {
2152 if (!(flags & LLE_CREATE))
2153 return (NULL);
2154 /*
2155 * A route that covers the given address must have
2156 * been installed 1st because we are doing a resolution,
2157 * verify this.
2158 */
2159 if (!(flags & LLE_IFADDR) &&
2160 in6_lltable_rtcheck(ifp, l3addr) != 0)
2161 return NULL;
2162
2163 lle = in6_lltable_new(l3addr, flags);
2164 if (lle == NULL) {
2165 log(LOG_INFO, "lla_lookup: new lle malloc failed\n");
2166 return NULL;
2167 }
2168 lle->la_flags = flags & ~LLE_CREATE;
2169 if ((flags & (LLE_CREATE | LLE_IFADDR)) == (LLE_CREATE | LLE_IFADDR)) {
2170 bcopy(IF_LLADDR(ifp), &lle->ll_addr, ifp->if_addrlen);
2171 lle->la_flags |= (LLE_VALID | LLE_STATIC);
2172 }
2173
2174 lle->lle_tbl = llt;
2175 lle->lle_head = lleh;
2176 LIST_INSERT_HEAD(lleh, lle, lle_next);
2177 } else if (flags & LLE_DELETE) {
2178 if (!(lle->la_flags & LLE_IFADDR) || (flags & LLE_IFADDR)) {
2179 LLE_WLOCK(lle);
2180 lle->la_flags = LLE_DELETED;
2181 LLE_WUNLOCK(lle);
2182#ifdef DIAGNOSTICS
2183 log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle);
2184#endif
2185 }
2186 lle = (void *)-1;
2187 }
2188 if (LLE_IS_VALID(lle)) {
2189 if (flags & LLE_EXCLUSIVE)
2190 LLE_WLOCK(lle);
2191 else
2192 LLE_RLOCK(lle);
2193 }
2194 return (lle);
2195}
2196
2197static int
2198in6_lltable_dump(struct lltable *llt, struct sysctl_req *wr)
2199{
2200 struct ifnet *ifp = llt->llt_ifp;
2201 struct llentry *lle;
2202 /* XXX stack use */
2203 struct {
2204 struct rt_msghdr rtm;
2205 struct sockaddr_in6 sin6;
2206 /*
2207 * ndp.c assumes that sdl is word aligned
2208 */
2209#ifdef __LP64__
2210 uint32_t pad;
2211#endif
2212 struct sockaddr_dl sdl;
2213 } ndpc;
2214 int i, error;
2215
2216 /* XXXXX
2217 * current IFNET_RLOCK() is mapped to IFNET_WLOCK()
2218 * so it is okay to use this ASSERT, change it when
2219 * IFNET lock is finalized
2220 */
2221 IFNET_WLOCK_ASSERT();
2222
2223 error = 0;
2224 for (i = 0; i < LLTBL_HASHTBL_SIZE; i++) {
2225 LIST_FOREACH(lle, &llt->lle_head[i], lle_next) {
2226 struct sockaddr_dl *sdl;
2227
2228 /* skip deleted or invalid entries */
2229 if ((lle->la_flags & (LLE_DELETED|LLE_VALID)) != LLE_VALID)
2230 continue;
2231 /* Skip if jailed and not a valid IP of the prison. */
2232 if (prison_if(wr->td->td_ucred, L3_ADDR(lle)) != 0)
2233 continue;
2234 /*
2235 * produce a msg made of:
2236 * struct rt_msghdr;
2237 * struct sockaddr_in6 (IPv6)
2238 * struct sockaddr_dl;
2239 */
2240 bzero(&ndpc, sizeof(ndpc));
2241 ndpc.rtm.rtm_msglen = sizeof(ndpc);
2242 ndpc.rtm.rtm_version = RTM_VERSION;
2243 ndpc.rtm.rtm_type = RTM_GET;
2244 ndpc.rtm.rtm_flags = RTF_UP;
2245 ndpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY;
2246 ndpc.sin6.sin6_family = AF_INET6;
2247 ndpc.sin6.sin6_len = sizeof(ndpc.sin6);
2248 bcopy(L3_ADDR(lle), &ndpc.sin6, L3_ADDR_LEN(lle));
2249
2250 /* publish */
2251 if (lle->la_flags & LLE_PUB)
2252 ndpc.rtm.rtm_flags |= RTF_ANNOUNCE;
2253
2254 sdl = &ndpc.sdl;
2255 sdl->sdl_family = AF_LINK;
2256 sdl->sdl_len = sizeof(*sdl);
2257 sdl->sdl_alen = ifp->if_addrlen;
2258 sdl->sdl_index = ifp->if_index;
2259 sdl->sdl_type = ifp->if_type;
2260 bcopy(&lle->ll_addr, LLADDR(sdl), ifp->if_addrlen);
2261 ndpc.rtm.rtm_rmx.rmx_expire =
2262 lle->la_flags & LLE_STATIC ? 0 : lle->la_expire;
2263 ndpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA);
2264 if (lle->la_flags & LLE_STATIC)
2265 ndpc.rtm.rtm_flags |= RTF_STATIC;
2266 ndpc.rtm.rtm_index = ifp->if_index;
2267 error = SYSCTL_OUT(wr, &ndpc, sizeof(ndpc));
2268 if (error)
2269 break;
2270 }
2271 }
2272 return error;
2273}
2274
2275void *
2276in6_domifattach(struct ifnet *ifp)
2277{
2278 struct in6_ifextra *ext;
2279
2280 ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK);
2281 bzero(ext, sizeof(*ext));
2282
2283 ext->in6_ifstat = (struct in6_ifstat *)malloc(sizeof(struct in6_ifstat),
2284 M_IFADDR, M_WAITOK);
2285 bzero(ext->in6_ifstat, sizeof(*ext->in6_ifstat));
2286
2287 ext->icmp6_ifstat =
2288 (struct icmp6_ifstat *)malloc(sizeof(struct icmp6_ifstat),
2289 M_IFADDR, M_WAITOK);
2290 bzero(ext->icmp6_ifstat, sizeof(*ext->icmp6_ifstat));
2291
2292 ext->nd_ifinfo = nd6_ifattach(ifp);
2293 ext->scope6_id = scope6_ifattach(ifp);
2294 ext->lltable = lltable_init(ifp, AF_INET6);
2295 if (ext->lltable != NULL) {
2296 ext->lltable->llt_new = in6_lltable_new;
2297 ext->lltable->llt_free = in6_lltable_free;
2298 ext->lltable->llt_rtcheck = in6_lltable_rtcheck;
2299 ext->lltable->llt_lookup = in6_lltable_lookup;
2300 ext->lltable->llt_dump = in6_lltable_dump;
2301 }
|
| 2302
2303 ext->mld_ifinfo = mld_domifattach(ifp);
2304
|
2331 return ext;
2332}
2333
2334void
2335in6_domifdetach(struct ifnet *ifp, void *aux)
2336{
2337 struct in6_ifextra *ext = (struct in6_ifextra *)aux;
2338
| 2305 return ext;
2306}
2307
2308void
2309in6_domifdetach(struct ifnet *ifp, void *aux)
2310{
2311 struct in6_ifextra *ext = (struct in6_ifextra *)aux;
2312
|
| 2313 mld_domifdetach(ifp);
|
2339 scope6_ifdetach(ext->scope6_id);
2340 nd6_ifdetach(ext->nd_ifinfo);
2341 lltable_free(ext->lltable);
2342 free(ext->in6_ifstat, M_IFADDR);
2343 free(ext->icmp6_ifstat, M_IFADDR);
2344 free(ext, M_IFADDR);
2345}
2346
2347/*
2348 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be
2349 * v4 mapped addr or v4 compat addr
2350 */
2351void
2352in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
2353{
2354
2355 bzero(sin, sizeof(*sin));
2356 sin->sin_len = sizeof(struct sockaddr_in);
2357 sin->sin_family = AF_INET;
2358 sin->sin_port = sin6->sin6_port;
2359 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3];
2360}
2361
2362/* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */
2363void
2364in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
2365{
2366 bzero(sin6, sizeof(*sin6));
2367 sin6->sin6_len = sizeof(struct sockaddr_in6);
2368 sin6->sin6_family = AF_INET6;
2369 sin6->sin6_port = sin->sin_port;
2370 sin6->sin6_addr.s6_addr32[0] = 0;
2371 sin6->sin6_addr.s6_addr32[1] = 0;
2372 sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP;
2373 sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr;
2374}
2375
2376/* Convert sockaddr_in6 into sockaddr_in. */
2377void
2378in6_sin6_2_sin_in_sock(struct sockaddr *nam)
2379{
2380 struct sockaddr_in *sin_p;
2381 struct sockaddr_in6 sin6;
2382
2383 /*
2384 * Save original sockaddr_in6 addr and convert it
2385 * to sockaddr_in.
2386 */
2387 sin6 = *(struct sockaddr_in6 *)nam;
2388 sin_p = (struct sockaddr_in *)nam;
2389 in6_sin6_2_sin(sin_p, &sin6);
2390}
2391
2392/* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */
2393void
2394in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam)
2395{
2396 struct sockaddr_in *sin_p;
2397 struct sockaddr_in6 *sin6_p;
2398
2399 sin6_p = malloc(sizeof *sin6_p, M_SONAME,
2400 M_WAITOK);
2401 sin_p = (struct sockaddr_in *)*nam;
2402 in6_sin_2_v4mapsin6(sin_p, sin6_p);
2403 free(*nam, M_SONAME);
2404 *nam = (struct sockaddr *)sin6_p;
2405}
| 2314 scope6_ifdetach(ext->scope6_id);
2315 nd6_ifdetach(ext->nd_ifinfo);
2316 lltable_free(ext->lltable);
2317 free(ext->in6_ifstat, M_IFADDR);
2318 free(ext->icmp6_ifstat, M_IFADDR);
2319 free(ext, M_IFADDR);
2320}
2321
2322/*
2323 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be
2324 * v4 mapped addr or v4 compat addr
2325 */
2326void
2327in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
2328{
2329
2330 bzero(sin, sizeof(*sin));
2331 sin->sin_len = sizeof(struct sockaddr_in);
2332 sin->sin_family = AF_INET;
2333 sin->sin_port = sin6->sin6_port;
2334 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3];
2335}
2336
2337/* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */
2338void
2339in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
2340{
2341 bzero(sin6, sizeof(*sin6));
2342 sin6->sin6_len = sizeof(struct sockaddr_in6);
2343 sin6->sin6_family = AF_INET6;
2344 sin6->sin6_port = sin->sin_port;
2345 sin6->sin6_addr.s6_addr32[0] = 0;
2346 sin6->sin6_addr.s6_addr32[1] = 0;
2347 sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP;
2348 sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr;
2349}
2350
2351/* Convert sockaddr_in6 into sockaddr_in. */
2352void
2353in6_sin6_2_sin_in_sock(struct sockaddr *nam)
2354{
2355 struct sockaddr_in *sin_p;
2356 struct sockaddr_in6 sin6;
2357
2358 /*
2359 * Save original sockaddr_in6 addr and convert it
2360 * to sockaddr_in.
2361 */
2362 sin6 = *(struct sockaddr_in6 *)nam;
2363 sin_p = (struct sockaddr_in *)nam;
2364 in6_sin6_2_sin(sin_p, &sin6);
2365}
2366
2367/* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */
2368void
2369in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam)
2370{
2371 struct sockaddr_in *sin_p;
2372 struct sockaddr_in6 *sin6_p;
2373
2374 sin6_p = malloc(sizeof *sin6_p, M_SONAME,
2375 M_WAITOK);
2376 sin_p = (struct sockaddr_in *)*nam;
2377 in6_sin_2_v4mapsin6(sin_p, sin6_p);
2378 free(*nam, M_SONAME);
2379 *nam = (struct sockaddr *)sin6_p;
2380}
|