1/*- 2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the project nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30/*- 31 * Copyright (c) 1982, 1986, 1988, 1993 32 * The Regents of the University of California. 33 * All rights reserved. 34 * 35 * Redistribution and use in source and binary forms, with or without 36 * modification, are permitted provided that the following conditions 37 * are met: 38 * 1. Redistributions of source code must retain the above copyright 39 * notice, this list of conditions and the following disclaimer. 40 * 2. Redistributions in binary form must reproduce the above copyright 41 * notice, this list of conditions and the following disclaimer in the 42 * documentation and/or other materials provided with the distribution. 43 * 4. Neither the name of the University nor the names of its contributors 44 * may be used to endorse or promote products derived from this software 45 * without specific prior written permission. 46 * 47 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 48 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 49 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 50 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 51 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 52 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 53 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 54 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 55 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 56 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 57 * SUCH DAMAGE. 58 * 59 * @(#)raw_ip.c 8.2 (Berkeley) 1/4/94 60 */ 61 62#include <sys/cdefs.h>
| 1/*- 2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the project nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30/*- 31 * Copyright (c) 1982, 1986, 1988, 1993 32 * The Regents of the University of California. 33 * All rights reserved. 34 * 35 * Redistribution and use in source and binary forms, with or without 36 * modification, are permitted provided that the following conditions 37 * are met: 38 * 1. Redistributions of source code must retain the above copyright 39 * notice, this list of conditions and the following disclaimer. 40 * 2. Redistributions in binary form must reproduce the above copyright 41 * notice, this list of conditions and the following disclaimer in the 42 * documentation and/or other materials provided with the distribution. 43 * 4. Neither the name of the University nor the names of its contributors 44 * may be used to endorse or promote products derived from this software 45 * without specific prior written permission. 46 * 47 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 48 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 49 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 50 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 51 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 52 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 53 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 54 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 55 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 56 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 57 * SUCH DAMAGE. 58 * 59 * @(#)raw_ip.c 8.2 (Berkeley) 1/4/94 60 */ 61 62#include <sys/cdefs.h>
|
63__FBSDID("$FreeBSD: head/sys/netinet6/raw_ip6.c 190964 2009-04-12 13:22:33Z rwatson $");
| 63__FBSDID("$FreeBSD: head/sys/netinet6/raw_ip6.c 191672 2009-04-29 19:19:13Z bms $");
|
64 65#include "opt_ipsec.h" 66#include "opt_inet6.h" 67#include "opt_route.h" 68 69#include <sys/param.h> 70#include <sys/errno.h> 71#include <sys/jail.h> 72#include <sys/lock.h> 73#include <sys/malloc.h> 74#include <sys/mbuf.h> 75#include <sys/priv.h> 76#include <sys/proc.h> 77#include <sys/protosw.h> 78#include <sys/signalvar.h> 79#include <sys/socket.h> 80#include <sys/socketvar.h> 81#include <sys/sx.h> 82#include <sys/syslog.h> 83#include <sys/vimage.h> 84 85#include <net/if.h> 86#include <net/if_types.h> 87#include <net/route.h> 88#include <net/vnet.h> 89 90#include <netinet/in.h> 91#include <netinet/in_var.h> 92#include <netinet/in_systm.h> 93#include <netinet/in_pcb.h> 94#include <netinet/vinet.h> 95 96#include <netinet/icmp6.h> 97#include <netinet/ip6.h> 98#include <netinet6/ip6protosw.h> 99#include <netinet6/ip6_mroute.h> 100#include <netinet6/in6_pcb.h> 101#include <netinet6/ip6_var.h> 102#include <netinet6/nd6.h> 103#include <netinet6/raw_ip6.h> 104#include <netinet6/scope6_var.h> 105#include <netinet6/vinet6.h> 106 107#ifdef IPSEC 108#include <netipsec/ipsec.h> 109#include <netipsec/ipsec6.h> 110#endif /* IPSEC */ 111 112#include <machine/stdarg.h> 113 114#define satosin6(sa) ((struct sockaddr_in6 *)(sa)) 115#define ifatoia6(ifa) ((struct in6_ifaddr *)(ifa)) 116 117/* 118 * Raw interface to IP6 protocol. 119 */ 120 121#ifdef VIMAGE_GLOBALS 122extern struct inpcbhead ripcb; 123extern struct inpcbinfo ripcbinfo; 124struct rip6stat rip6stat; 125#endif 126 127extern u_long rip_sendspace; 128extern u_long rip_recvspace; 129 130/*
| 64 65#include "opt_ipsec.h" 66#include "opt_inet6.h" 67#include "opt_route.h" 68 69#include <sys/param.h> 70#include <sys/errno.h> 71#include <sys/jail.h> 72#include <sys/lock.h> 73#include <sys/malloc.h> 74#include <sys/mbuf.h> 75#include <sys/priv.h> 76#include <sys/proc.h> 77#include <sys/protosw.h> 78#include <sys/signalvar.h> 79#include <sys/socket.h> 80#include <sys/socketvar.h> 81#include <sys/sx.h> 82#include <sys/syslog.h> 83#include <sys/vimage.h> 84 85#include <net/if.h> 86#include <net/if_types.h> 87#include <net/route.h> 88#include <net/vnet.h> 89 90#include <netinet/in.h> 91#include <netinet/in_var.h> 92#include <netinet/in_systm.h> 93#include <netinet/in_pcb.h> 94#include <netinet/vinet.h> 95 96#include <netinet/icmp6.h> 97#include <netinet/ip6.h> 98#include <netinet6/ip6protosw.h> 99#include <netinet6/ip6_mroute.h> 100#include <netinet6/in6_pcb.h> 101#include <netinet6/ip6_var.h> 102#include <netinet6/nd6.h> 103#include <netinet6/raw_ip6.h> 104#include <netinet6/scope6_var.h> 105#include <netinet6/vinet6.h> 106 107#ifdef IPSEC 108#include <netipsec/ipsec.h> 109#include <netipsec/ipsec6.h> 110#endif /* IPSEC */ 111 112#include <machine/stdarg.h> 113 114#define satosin6(sa) ((struct sockaddr_in6 *)(sa)) 115#define ifatoia6(ifa) ((struct in6_ifaddr *)(ifa)) 116 117/* 118 * Raw interface to IP6 protocol. 119 */ 120 121#ifdef VIMAGE_GLOBALS 122extern struct inpcbhead ripcb; 123extern struct inpcbinfo ripcbinfo; 124struct rip6stat rip6stat; 125#endif 126 127extern u_long rip_sendspace; 128extern u_long rip_recvspace; 129 130/*
|
131 * Hooks for multicast forwarding.
| 131 * Hooks for multicast routing. They all default to NULL, so leave them not 132 * initialized and rely on BSS being set to 0.
|
132 */
| 133 */
|
133struct socket *ip6_mrouter = NULL;
| 134 135/* 136 * The socket used to communicate with the multicast routing daemon. 137 */ 138#ifdef VIMAGE_GLOBALS 139struct socket *ip6_mrouter; 140#endif 141 142/* 143 * The various mrouter functions. 144 */
|
134int (*ip6_mrouter_set)(struct socket *, struct sockopt *); 135int (*ip6_mrouter_get)(struct socket *, struct sockopt *); 136int (*ip6_mrouter_done)(void); 137int (*ip6_mforward)(struct ip6_hdr *, struct ifnet *, struct mbuf *); 138int (*mrt6_ioctl)(int, caddr_t); 139 140/* 141 * Setup generic address and protocol structures for raw_input routine, then 142 * pass them along with mbuf chain. 143 */ 144int 145rip6_input(struct mbuf **mp, int *offp, int proto) 146{ 147 INIT_VNET_INET(curvnet); 148 INIT_VNET_INET6(curvnet); 149#ifdef IPSEC 150 INIT_VNET_IPSEC(curvnet); 151#endif
| 145int (*ip6_mrouter_set)(struct socket *, struct sockopt *); 146int (*ip6_mrouter_get)(struct socket *, struct sockopt *); 147int (*ip6_mrouter_done)(void); 148int (*ip6_mforward)(struct ip6_hdr *, struct ifnet *, struct mbuf *); 149int (*mrt6_ioctl)(int, caddr_t); 150 151/* 152 * Setup generic address and protocol structures for raw_input routine, then 153 * pass them along with mbuf chain. 154 */ 155int 156rip6_input(struct mbuf **mp, int *offp, int proto) 157{ 158 INIT_VNET_INET(curvnet); 159 INIT_VNET_INET6(curvnet); 160#ifdef IPSEC 161 INIT_VNET_IPSEC(curvnet); 162#endif
|
| 163 struct ifnet *ifp;
|
152 struct mbuf *m = *mp; 153 register struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); 154 register struct inpcb *in6p; 155 struct inpcb *last = 0; 156 struct mbuf *opts = NULL; 157 struct sockaddr_in6 fromsa; 158 159 V_rip6stat.rip6s_ipackets++; 160 161 if (faithprefix_p != NULL && (*faithprefix_p)(&ip6->ip6_dst)) { 162 /* XXX Send icmp6 host/port unreach? */ 163 m_freem(m); 164 return (IPPROTO_DONE); 165 } 166 167 init_sin6(&fromsa, m); /* general init */ 168
| 164 struct mbuf *m = *mp; 165 register struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); 166 register struct inpcb *in6p; 167 struct inpcb *last = 0; 168 struct mbuf *opts = NULL; 169 struct sockaddr_in6 fromsa; 170 171 V_rip6stat.rip6s_ipackets++; 172 173 if (faithprefix_p != NULL && (*faithprefix_p)(&ip6->ip6_dst)) { 174 /* XXX Send icmp6 host/port unreach? */ 175 m_freem(m); 176 return (IPPROTO_DONE); 177 } 178 179 init_sin6(&fromsa, m); /* general init */ 180
|
| 181 ifp = m->m_pkthdr.rcvif; 182
|
169 INP_INFO_RLOCK(&V_ripcbinfo); 170 LIST_FOREACH(in6p, &V_ripcb, inp_list) { 171 /* XXX inp locking */ 172 if ((in6p->inp_vflag & INP_IPV6) == 0) 173 continue; 174 if (in6p->inp_ip_p && 175 in6p->inp_ip_p != proto) 176 continue; 177 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) && 178 !IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &ip6->ip6_dst)) 179 continue; 180 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr) && 181 !IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, &ip6->ip6_src)) 182 continue;
| 183 INP_INFO_RLOCK(&V_ripcbinfo); 184 LIST_FOREACH(in6p, &V_ripcb, inp_list) { 185 /* XXX inp locking */ 186 if ((in6p->inp_vflag & INP_IPV6) == 0) 187 continue; 188 if (in6p->inp_ip_p && 189 in6p->inp_ip_p != proto) 190 continue; 191 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) && 192 !IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &ip6->ip6_dst)) 193 continue; 194 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr) && 195 !IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, &ip6->ip6_src)) 196 continue;
|
183 if (prison_check_ip6(in6p->inp_cred, &ip6->ip6_dst) != 0) 184 continue; 185 INP_RLOCK(in6p);
| 197 if (jailed(in6p->inp_cred)) { 198 /* 199 * Allow raw socket in jail to receive multicast; 200 * assume process had PRIV_NETINET_RAW at attach, 201 * and fall through into normal filter path if so. 202 */ 203 if (!IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) && 204 prison_check_ip6(in6p->inp_cred, 205 &ip6->ip6_dst) != 0) 206 continue; 207 }
|
186 if (in6p->in6p_cksum != -1) { 187 V_rip6stat.rip6s_isum++; 188 if (in6_cksum(m, proto, *offp, 189 m->m_pkthdr.len - *offp)) { 190 INP_RUNLOCK(in6p); 191 V_rip6stat.rip6s_badsum++; 192 continue; 193 } 194 }
| 208 if (in6p->in6p_cksum != -1) { 209 V_rip6stat.rip6s_isum++; 210 if (in6_cksum(m, proto, *offp, 211 m->m_pkthdr.len - *offp)) { 212 INP_RUNLOCK(in6p); 213 V_rip6stat.rip6s_badsum++; 214 continue; 215 } 216 }
|
| 217 INP_RLOCK(in6p); 218 /* 219 * If this raw socket has multicast state, and we 220 * have received a multicast, check if this socket 221 * should receive it, as multicast filtering is now 222 * the responsibility of the transport layer. 223 */ 224 if (in6p->in6p_moptions && 225 IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) { 226 struct sockaddr_in6 mcaddr; 227 int blocked; 228 229 bzero(&mcaddr, sizeof(struct sockaddr_in6)); 230 mcaddr.sin6_len = sizeof(struct sockaddr_in6); 231 mcaddr.sin6_family = AF_INET6; 232 mcaddr.sin6_addr = ip6->ip6_dst; 233 234 blocked = im6o_mc_filter(in6p->in6p_moptions, ifp, 235 (struct sockaddr *)&mcaddr, 236 (struct sockaddr *)&fromsa); 237 if (blocked != MCAST_PASS) { 238 IP6STAT_INC(ip6s_notmember); 239 continue; 240 } 241 }
|
195 if (last != NULL) { 196 struct mbuf *n = m_copy(m, 0, (int)M_COPYALL); 197 198#ifdef IPSEC 199 /* 200 * Check AH/ESP integrity. 201 */ 202 if (n && ipsec6_in_reject(n, last)) { 203 m_freem(n); 204 V_ipsec6stat.in_polvio++; 205 /* Do not inject data into pcb. */ 206 } else 207#endif /* IPSEC */ 208 if (n) { 209 if (last->inp_flags & INP_CONTROLOPTS || 210 last->inp_socket->so_options & SO_TIMESTAMP) 211 ip6_savecontrol(last, n, &opts); 212 /* strip intermediate headers */ 213 m_adj(n, *offp); 214 if (sbappendaddr(&last->inp_socket->so_rcv, 215 (struct sockaddr *)&fromsa, 216 n, opts) == 0) { 217 m_freem(n); 218 if (opts) 219 m_freem(opts); 220 V_rip6stat.rip6s_fullsock++; 221 } else 222 sorwakeup(last->inp_socket); 223 opts = NULL; 224 } 225 INP_RUNLOCK(last); 226 } 227 last = in6p; 228 } 229 INP_INFO_RUNLOCK(&V_ripcbinfo); 230#ifdef IPSEC 231 /* 232 * Check AH/ESP integrity. 233 */ 234 if ((last != NULL) && ipsec6_in_reject(m, last)) { 235 m_freem(m); 236 V_ipsec6stat.in_polvio++; 237 V_ip6stat.ip6s_delivered--; 238 /* Do not inject data into pcb. */ 239 INP_RUNLOCK(last); 240 } else 241#endif /* IPSEC */ 242 if (last != NULL) { 243 if (last->inp_flags & INP_CONTROLOPTS || 244 last->inp_socket->so_options & SO_TIMESTAMP) 245 ip6_savecontrol(last, m, &opts); 246 /* Strip intermediate headers. */ 247 m_adj(m, *offp); 248 if (sbappendaddr(&last->inp_socket->so_rcv, 249 (struct sockaddr *)&fromsa, m, opts) == 0) { 250 m_freem(m); 251 if (opts) 252 m_freem(opts); 253 V_rip6stat.rip6s_fullsock++; 254 } else 255 sorwakeup(last->inp_socket); 256 INP_RUNLOCK(last); 257 } else { 258 V_rip6stat.rip6s_nosock++; 259 if (m->m_flags & M_MCAST) 260 V_rip6stat.rip6s_nosockmcast++; 261 if (proto == IPPROTO_NONE) 262 m_freem(m); 263 else { 264 char *prvnxtp = ip6_get_prevhdr(m, *offp); /* XXX */ 265 icmp6_error(m, ICMP6_PARAM_PROB, 266 ICMP6_PARAMPROB_NEXTHEADER, 267 prvnxtp - mtod(m, char *)); 268 } 269 V_ip6stat.ip6s_delivered--; 270 } 271 return (IPPROTO_DONE); 272} 273 274void 275rip6_ctlinput(int cmd, struct sockaddr *sa, void *d) 276{ 277 INIT_VNET_INET(curvnet); 278 struct ip6_hdr *ip6; 279 struct mbuf *m; 280 int off = 0; 281 struct ip6ctlparam *ip6cp = NULL; 282 const struct sockaddr_in6 *sa6_src = NULL; 283 void *cmdarg; 284 struct inpcb *(*notify)(struct inpcb *, int) = in6_rtchange; 285 286 if (sa->sa_family != AF_INET6 || 287 sa->sa_len != sizeof(struct sockaddr_in6)) 288 return; 289 290 if ((unsigned)cmd >= PRC_NCMDS) 291 return; 292 if (PRC_IS_REDIRECT(cmd)) 293 notify = in6_rtchange, d = NULL; 294 else if (cmd == PRC_HOSTDEAD) 295 d = NULL; 296 else if (inet6ctlerrmap[cmd] == 0) 297 return; 298 299 /* 300 * If the parameter is from icmp6, decode it. 301 */ 302 if (d != NULL) { 303 ip6cp = (struct ip6ctlparam *)d; 304 m = ip6cp->ip6c_m; 305 ip6 = ip6cp->ip6c_ip6; 306 off = ip6cp->ip6c_off; 307 cmdarg = ip6cp->ip6c_cmdarg; 308 sa6_src = ip6cp->ip6c_src; 309 } else { 310 m = NULL; 311 ip6 = NULL; 312 cmdarg = NULL; 313 sa6_src = &sa6_any; 314 } 315 316 (void) in6_pcbnotify(&V_ripcbinfo, sa, 0, 317 (const struct sockaddr *)sa6_src, 0, cmd, cmdarg, notify); 318} 319 320/* 321 * Generate IPv6 header and pass packet to ip6_output. Tack on options user 322 * may have setup with control call. 323 */ 324int 325#if __STDC__ 326rip6_output(struct mbuf *m, ...) 327#else 328rip6_output(m, va_alist) 329 struct mbuf *m; 330 va_dcl 331#endif 332{ 333 INIT_VNET_INET6(curvnet); 334 struct mbuf *control; 335 struct socket *so; 336 struct sockaddr_in6 *dstsock; 337 struct in6_addr *dst; 338 struct ip6_hdr *ip6; 339 struct inpcb *in6p; 340 u_int plen = m->m_pkthdr.len; 341 int error = 0; 342 struct ip6_pktopts opt, *optp; 343 struct ifnet *oifp = NULL; 344 int type = 0, code = 0; /* for ICMPv6 output statistics only */ 345 int scope_ambiguous = 0; 346 struct in6_addr *in6a; 347 va_list ap; 348 349 va_start(ap, m); 350 so = va_arg(ap, struct socket *); 351 dstsock = va_arg(ap, struct sockaddr_in6 *); 352 control = va_arg(ap, struct mbuf *); 353 va_end(ap); 354 355 in6p = sotoinpcb(so); 356 INP_WLOCK(in6p); 357 358 dst = &dstsock->sin6_addr; 359 if (control != NULL) { 360 if ((error = ip6_setpktopts(control, &opt, 361 in6p->in6p_outputopts, so->so_cred, 362 so->so_proto->pr_protocol)) != 0) { 363 goto bad; 364 } 365 optp = &opt; 366 } else 367 optp = in6p->in6p_outputopts; 368 369 /* 370 * Check and convert scope zone ID into internal form. 371 * 372 * XXX: we may still need to determine the zone later. 373 */ 374 if (!(so->so_state & SS_ISCONNECTED)) { 375 if (dstsock->sin6_scope_id == 0 && !V_ip6_use_defzone) 376 scope_ambiguous = 1; 377 if ((error = sa6_embedscope(dstsock, V_ip6_use_defzone)) != 0) 378 goto bad; 379 } 380 381 /* 382 * For an ICMPv6 packet, we should know its type and code to update 383 * statistics. 384 */ 385 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) { 386 struct icmp6_hdr *icmp6; 387 if (m->m_len < sizeof(struct icmp6_hdr) && 388 (m = m_pullup(m, sizeof(struct icmp6_hdr))) == NULL) { 389 error = ENOBUFS; 390 goto bad; 391 } 392 icmp6 = mtod(m, struct icmp6_hdr *); 393 type = icmp6->icmp6_type; 394 code = icmp6->icmp6_code; 395 } 396 397 M_PREPEND(m, sizeof(*ip6), M_DONTWAIT); 398 if (m == NULL) { 399 error = ENOBUFS; 400 goto bad; 401 } 402 ip6 = mtod(m, struct ip6_hdr *); 403 404 /* 405 * Source address selection. 406 */ 407 if ((in6a = in6_selectsrc(dstsock, optp, in6p, NULL, so->so_cred, 408 &oifp, &error)) == NULL) { 409 if (error == 0) 410 error = EADDRNOTAVAIL; 411 goto bad; 412 } 413 error = prison_get_ip6(in6p->inp_cred, in6a); 414 if (error != 0) 415 goto bad; 416 ip6->ip6_src = *in6a; 417 418 if (oifp && scope_ambiguous) { 419 /* 420 * Application should provide a proper zone ID or the use of 421 * default zone IDs should be enabled. Unfortunately, some 422 * applications do not behave as it should, so we need a 423 * workaround. Even if an appropriate ID is not determined 424 * (when it's required), if we can determine the outgoing 425 * interface. determine the zone ID based on the interface. 426 */ 427 error = in6_setscope(&dstsock->sin6_addr, oifp, NULL); 428 if (error != 0) 429 goto bad; 430 } 431 ip6->ip6_dst = dstsock->sin6_addr; 432 433 /* 434 * Fill in the rest of the IPv6 header fields. 435 */ 436 ip6->ip6_flow = (ip6->ip6_flow & ~IPV6_FLOWINFO_MASK) | 437 (in6p->inp_flow & IPV6_FLOWINFO_MASK); 438 ip6->ip6_vfc = (ip6->ip6_vfc & ~IPV6_VERSION_MASK) | 439 (IPV6_VERSION & IPV6_VERSION_MASK); 440 441 /* 442 * ip6_plen will be filled in ip6_output, so not fill it here. 443 */ 444 ip6->ip6_nxt = in6p->inp_ip_p; 445 ip6->ip6_hlim = in6_selecthlim(in6p, oifp); 446 447 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6 || 448 in6p->in6p_cksum != -1) { 449 struct mbuf *n; 450 int off; 451 u_int16_t *p; 452 453 /* Compute checksum. */ 454 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) 455 off = offsetof(struct icmp6_hdr, icmp6_cksum); 456 else 457 off = in6p->in6p_cksum; 458 if (plen < off + 1) { 459 error = EINVAL; 460 goto bad; 461 } 462 off += sizeof(struct ip6_hdr); 463 464 n = m; 465 while (n && n->m_len <= off) { 466 off -= n->m_len; 467 n = n->m_next; 468 } 469 if (!n) 470 goto bad; 471 p = (u_int16_t *)(mtod(n, caddr_t) + off); 472 *p = 0; 473 *p = in6_cksum(m, ip6->ip6_nxt, sizeof(*ip6), plen); 474 } 475 476 error = ip6_output(m, optp, NULL, 0, in6p->in6p_moptions, &oifp, in6p); 477 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) { 478 if (oifp) 479 icmp6_ifoutstat_inc(oifp, type, code); 480 ICMP6STAT_INC(icp6s_outhist[type]); 481 } else 482 V_rip6stat.rip6s_opackets++; 483 484 goto freectl; 485 486 bad: 487 if (m) 488 m_freem(m); 489 490 freectl: 491 if (control != NULL) { 492 ip6_clearpktopts(&opt, -1); 493 m_freem(control); 494 } 495 INP_WUNLOCK(in6p); 496 return (error); 497} 498 499/* 500 * Raw IPv6 socket option processing. 501 */ 502int 503rip6_ctloutput(struct socket *so, struct sockopt *sopt) 504{ 505 int error; 506 507 if (sopt->sopt_level == IPPROTO_ICMPV6) 508 /* 509 * XXX: is it better to call icmp6_ctloutput() directly 510 * from protosw? 511 */ 512 return (icmp6_ctloutput(so, sopt)); 513 else if (sopt->sopt_level != IPPROTO_IPV6) 514 return (EINVAL); 515 516 error = 0; 517 518 switch (sopt->sopt_dir) { 519 case SOPT_GET: 520 switch (sopt->sopt_name) { 521 case MRT6_INIT: 522 case MRT6_DONE: 523 case MRT6_ADD_MIF: 524 case MRT6_DEL_MIF: 525 case MRT6_ADD_MFC: 526 case MRT6_DEL_MFC: 527 case MRT6_PIM: 528 error = ip6_mrouter_get ? ip6_mrouter_get(so, sopt) : 529 EOPNOTSUPP; 530 break; 531 case IPV6_CHECKSUM: 532 error = ip6_raw_ctloutput(so, sopt); 533 break; 534 default: 535 error = ip6_ctloutput(so, sopt); 536 break; 537 } 538 break; 539 540 case SOPT_SET: 541 switch (sopt->sopt_name) { 542 case MRT6_INIT: 543 case MRT6_DONE: 544 case MRT6_ADD_MIF: 545 case MRT6_DEL_MIF: 546 case MRT6_ADD_MFC: 547 case MRT6_DEL_MFC: 548 case MRT6_PIM: 549 error = ip6_mrouter_set ? ip6_mrouter_set(so, sopt) : 550 EOPNOTSUPP; 551 break; 552 case IPV6_CHECKSUM: 553 error = ip6_raw_ctloutput(so, sopt); 554 break; 555 default: 556 error = ip6_ctloutput(so, sopt); 557 break; 558 } 559 break; 560 } 561 562 return (error); 563} 564 565static int 566rip6_attach(struct socket *so, int proto, struct thread *td) 567{ 568 INIT_VNET_INET(so->so_vnet); 569 struct inpcb *inp; 570 struct icmp6_filter *filter; 571 int error; 572 573 inp = sotoinpcb(so); 574 KASSERT(inp == NULL, ("rip6_attach: inp != NULL")); 575 576 error = priv_check(td, PRIV_NETINET_RAW); 577 if (error) 578 return (error); 579 error = soreserve(so, rip_sendspace, rip_recvspace); 580 if (error) 581 return (error); 582 filter = malloc(sizeof(struct icmp6_filter), M_PCB, M_NOWAIT); 583 if (filter == NULL) 584 return (ENOMEM); 585 INP_INFO_WLOCK(&V_ripcbinfo); 586 error = in_pcballoc(so, &V_ripcbinfo); 587 if (error) { 588 INP_INFO_WUNLOCK(&V_ripcbinfo); 589 free(filter, M_PCB); 590 return (error); 591 } 592 inp = (struct inpcb *)so->so_pcb; 593 INP_INFO_WUNLOCK(&V_ripcbinfo); 594 inp->inp_vflag |= INP_IPV6; 595 inp->inp_ip_p = (long)proto; 596 inp->in6p_hops = -1; /* use kernel default */ 597 inp->in6p_cksum = -1; 598 inp->in6p_icmp6filt = filter; 599 ICMP6_FILTER_SETPASSALL(inp->in6p_icmp6filt); 600 INP_WUNLOCK(inp); 601 return (0); 602} 603 604static void 605rip6_detach(struct socket *so) 606{
| 242 if (last != NULL) { 243 struct mbuf *n = m_copy(m, 0, (int)M_COPYALL); 244 245#ifdef IPSEC 246 /* 247 * Check AH/ESP integrity. 248 */ 249 if (n && ipsec6_in_reject(n, last)) { 250 m_freem(n); 251 V_ipsec6stat.in_polvio++; 252 /* Do not inject data into pcb. */ 253 } else 254#endif /* IPSEC */ 255 if (n) { 256 if (last->inp_flags & INP_CONTROLOPTS || 257 last->inp_socket->so_options & SO_TIMESTAMP) 258 ip6_savecontrol(last, n, &opts); 259 /* strip intermediate headers */ 260 m_adj(n, *offp); 261 if (sbappendaddr(&last->inp_socket->so_rcv, 262 (struct sockaddr *)&fromsa, 263 n, opts) == 0) { 264 m_freem(n); 265 if (opts) 266 m_freem(opts); 267 V_rip6stat.rip6s_fullsock++; 268 } else 269 sorwakeup(last->inp_socket); 270 opts = NULL; 271 } 272 INP_RUNLOCK(last); 273 } 274 last = in6p; 275 } 276 INP_INFO_RUNLOCK(&V_ripcbinfo); 277#ifdef IPSEC 278 /* 279 * Check AH/ESP integrity. 280 */ 281 if ((last != NULL) && ipsec6_in_reject(m, last)) { 282 m_freem(m); 283 V_ipsec6stat.in_polvio++; 284 V_ip6stat.ip6s_delivered--; 285 /* Do not inject data into pcb. */ 286 INP_RUNLOCK(last); 287 } else 288#endif /* IPSEC */ 289 if (last != NULL) { 290 if (last->inp_flags & INP_CONTROLOPTS || 291 last->inp_socket->so_options & SO_TIMESTAMP) 292 ip6_savecontrol(last, m, &opts); 293 /* Strip intermediate headers. */ 294 m_adj(m, *offp); 295 if (sbappendaddr(&last->inp_socket->so_rcv, 296 (struct sockaddr *)&fromsa, m, opts) == 0) { 297 m_freem(m); 298 if (opts) 299 m_freem(opts); 300 V_rip6stat.rip6s_fullsock++; 301 } else 302 sorwakeup(last->inp_socket); 303 INP_RUNLOCK(last); 304 } else { 305 V_rip6stat.rip6s_nosock++; 306 if (m->m_flags & M_MCAST) 307 V_rip6stat.rip6s_nosockmcast++; 308 if (proto == IPPROTO_NONE) 309 m_freem(m); 310 else { 311 char *prvnxtp = ip6_get_prevhdr(m, *offp); /* XXX */ 312 icmp6_error(m, ICMP6_PARAM_PROB, 313 ICMP6_PARAMPROB_NEXTHEADER, 314 prvnxtp - mtod(m, char *)); 315 } 316 V_ip6stat.ip6s_delivered--; 317 } 318 return (IPPROTO_DONE); 319} 320 321void 322rip6_ctlinput(int cmd, struct sockaddr *sa, void *d) 323{ 324 INIT_VNET_INET(curvnet); 325 struct ip6_hdr *ip6; 326 struct mbuf *m; 327 int off = 0; 328 struct ip6ctlparam *ip6cp = NULL; 329 const struct sockaddr_in6 *sa6_src = NULL; 330 void *cmdarg; 331 struct inpcb *(*notify)(struct inpcb *, int) = in6_rtchange; 332 333 if (sa->sa_family != AF_INET6 || 334 sa->sa_len != sizeof(struct sockaddr_in6)) 335 return; 336 337 if ((unsigned)cmd >= PRC_NCMDS) 338 return; 339 if (PRC_IS_REDIRECT(cmd)) 340 notify = in6_rtchange, d = NULL; 341 else if (cmd == PRC_HOSTDEAD) 342 d = NULL; 343 else if (inet6ctlerrmap[cmd] == 0) 344 return; 345 346 /* 347 * If the parameter is from icmp6, decode it. 348 */ 349 if (d != NULL) { 350 ip6cp = (struct ip6ctlparam *)d; 351 m = ip6cp->ip6c_m; 352 ip6 = ip6cp->ip6c_ip6; 353 off = ip6cp->ip6c_off; 354 cmdarg = ip6cp->ip6c_cmdarg; 355 sa6_src = ip6cp->ip6c_src; 356 } else { 357 m = NULL; 358 ip6 = NULL; 359 cmdarg = NULL; 360 sa6_src = &sa6_any; 361 } 362 363 (void) in6_pcbnotify(&V_ripcbinfo, sa, 0, 364 (const struct sockaddr *)sa6_src, 0, cmd, cmdarg, notify); 365} 366 367/* 368 * Generate IPv6 header and pass packet to ip6_output. Tack on options user 369 * may have setup with control call. 370 */ 371int 372#if __STDC__ 373rip6_output(struct mbuf *m, ...) 374#else 375rip6_output(m, va_alist) 376 struct mbuf *m; 377 va_dcl 378#endif 379{ 380 INIT_VNET_INET6(curvnet); 381 struct mbuf *control; 382 struct socket *so; 383 struct sockaddr_in6 *dstsock; 384 struct in6_addr *dst; 385 struct ip6_hdr *ip6; 386 struct inpcb *in6p; 387 u_int plen = m->m_pkthdr.len; 388 int error = 0; 389 struct ip6_pktopts opt, *optp; 390 struct ifnet *oifp = NULL; 391 int type = 0, code = 0; /* for ICMPv6 output statistics only */ 392 int scope_ambiguous = 0; 393 struct in6_addr *in6a; 394 va_list ap; 395 396 va_start(ap, m); 397 so = va_arg(ap, struct socket *); 398 dstsock = va_arg(ap, struct sockaddr_in6 *); 399 control = va_arg(ap, struct mbuf *); 400 va_end(ap); 401 402 in6p = sotoinpcb(so); 403 INP_WLOCK(in6p); 404 405 dst = &dstsock->sin6_addr; 406 if (control != NULL) { 407 if ((error = ip6_setpktopts(control, &opt, 408 in6p->in6p_outputopts, so->so_cred, 409 so->so_proto->pr_protocol)) != 0) { 410 goto bad; 411 } 412 optp = &opt; 413 } else 414 optp = in6p->in6p_outputopts; 415 416 /* 417 * Check and convert scope zone ID into internal form. 418 * 419 * XXX: we may still need to determine the zone later. 420 */ 421 if (!(so->so_state & SS_ISCONNECTED)) { 422 if (dstsock->sin6_scope_id == 0 && !V_ip6_use_defzone) 423 scope_ambiguous = 1; 424 if ((error = sa6_embedscope(dstsock, V_ip6_use_defzone)) != 0) 425 goto bad; 426 } 427 428 /* 429 * For an ICMPv6 packet, we should know its type and code to update 430 * statistics. 431 */ 432 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) { 433 struct icmp6_hdr *icmp6; 434 if (m->m_len < sizeof(struct icmp6_hdr) && 435 (m = m_pullup(m, sizeof(struct icmp6_hdr))) == NULL) { 436 error = ENOBUFS; 437 goto bad; 438 } 439 icmp6 = mtod(m, struct icmp6_hdr *); 440 type = icmp6->icmp6_type; 441 code = icmp6->icmp6_code; 442 } 443 444 M_PREPEND(m, sizeof(*ip6), M_DONTWAIT); 445 if (m == NULL) { 446 error = ENOBUFS; 447 goto bad; 448 } 449 ip6 = mtod(m, struct ip6_hdr *); 450 451 /* 452 * Source address selection. 453 */ 454 if ((in6a = in6_selectsrc(dstsock, optp, in6p, NULL, so->so_cred, 455 &oifp, &error)) == NULL) { 456 if (error == 0) 457 error = EADDRNOTAVAIL; 458 goto bad; 459 } 460 error = prison_get_ip6(in6p->inp_cred, in6a); 461 if (error != 0) 462 goto bad; 463 ip6->ip6_src = *in6a; 464 465 if (oifp && scope_ambiguous) { 466 /* 467 * Application should provide a proper zone ID or the use of 468 * default zone IDs should be enabled. Unfortunately, some 469 * applications do not behave as it should, so we need a 470 * workaround. Even if an appropriate ID is not determined 471 * (when it's required), if we can determine the outgoing 472 * interface. determine the zone ID based on the interface. 473 */ 474 error = in6_setscope(&dstsock->sin6_addr, oifp, NULL); 475 if (error != 0) 476 goto bad; 477 } 478 ip6->ip6_dst = dstsock->sin6_addr; 479 480 /* 481 * Fill in the rest of the IPv6 header fields. 482 */ 483 ip6->ip6_flow = (ip6->ip6_flow & ~IPV6_FLOWINFO_MASK) | 484 (in6p->inp_flow & IPV6_FLOWINFO_MASK); 485 ip6->ip6_vfc = (ip6->ip6_vfc & ~IPV6_VERSION_MASK) | 486 (IPV6_VERSION & IPV6_VERSION_MASK); 487 488 /* 489 * ip6_plen will be filled in ip6_output, so not fill it here. 490 */ 491 ip6->ip6_nxt = in6p->inp_ip_p; 492 ip6->ip6_hlim = in6_selecthlim(in6p, oifp); 493 494 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6 || 495 in6p->in6p_cksum != -1) { 496 struct mbuf *n; 497 int off; 498 u_int16_t *p; 499 500 /* Compute checksum. */ 501 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) 502 off = offsetof(struct icmp6_hdr, icmp6_cksum); 503 else 504 off = in6p->in6p_cksum; 505 if (plen < off + 1) { 506 error = EINVAL; 507 goto bad; 508 } 509 off += sizeof(struct ip6_hdr); 510 511 n = m; 512 while (n && n->m_len <= off) { 513 off -= n->m_len; 514 n = n->m_next; 515 } 516 if (!n) 517 goto bad; 518 p = (u_int16_t *)(mtod(n, caddr_t) + off); 519 *p = 0; 520 *p = in6_cksum(m, ip6->ip6_nxt, sizeof(*ip6), plen); 521 } 522 523 error = ip6_output(m, optp, NULL, 0, in6p->in6p_moptions, &oifp, in6p); 524 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) { 525 if (oifp) 526 icmp6_ifoutstat_inc(oifp, type, code); 527 ICMP6STAT_INC(icp6s_outhist[type]); 528 } else 529 V_rip6stat.rip6s_opackets++; 530 531 goto freectl; 532 533 bad: 534 if (m) 535 m_freem(m); 536 537 freectl: 538 if (control != NULL) { 539 ip6_clearpktopts(&opt, -1); 540 m_freem(control); 541 } 542 INP_WUNLOCK(in6p); 543 return (error); 544} 545 546/* 547 * Raw IPv6 socket option processing. 548 */ 549int 550rip6_ctloutput(struct socket *so, struct sockopt *sopt) 551{ 552 int error; 553 554 if (sopt->sopt_level == IPPROTO_ICMPV6) 555 /* 556 * XXX: is it better to call icmp6_ctloutput() directly 557 * from protosw? 558 */ 559 return (icmp6_ctloutput(so, sopt)); 560 else if (sopt->sopt_level != IPPROTO_IPV6) 561 return (EINVAL); 562 563 error = 0; 564 565 switch (sopt->sopt_dir) { 566 case SOPT_GET: 567 switch (sopt->sopt_name) { 568 case MRT6_INIT: 569 case MRT6_DONE: 570 case MRT6_ADD_MIF: 571 case MRT6_DEL_MIF: 572 case MRT6_ADD_MFC: 573 case MRT6_DEL_MFC: 574 case MRT6_PIM: 575 error = ip6_mrouter_get ? ip6_mrouter_get(so, sopt) : 576 EOPNOTSUPP; 577 break; 578 case IPV6_CHECKSUM: 579 error = ip6_raw_ctloutput(so, sopt); 580 break; 581 default: 582 error = ip6_ctloutput(so, sopt); 583 break; 584 } 585 break; 586 587 case SOPT_SET: 588 switch (sopt->sopt_name) { 589 case MRT6_INIT: 590 case MRT6_DONE: 591 case MRT6_ADD_MIF: 592 case MRT6_DEL_MIF: 593 case MRT6_ADD_MFC: 594 case MRT6_DEL_MFC: 595 case MRT6_PIM: 596 error = ip6_mrouter_set ? ip6_mrouter_set(so, sopt) : 597 EOPNOTSUPP; 598 break; 599 case IPV6_CHECKSUM: 600 error = ip6_raw_ctloutput(so, sopt); 601 break; 602 default: 603 error = ip6_ctloutput(so, sopt); 604 break; 605 } 606 break; 607 } 608 609 return (error); 610} 611 612static int 613rip6_attach(struct socket *so, int proto, struct thread *td) 614{ 615 INIT_VNET_INET(so->so_vnet); 616 struct inpcb *inp; 617 struct icmp6_filter *filter; 618 int error; 619 620 inp = sotoinpcb(so); 621 KASSERT(inp == NULL, ("rip6_attach: inp != NULL")); 622 623 error = priv_check(td, PRIV_NETINET_RAW); 624 if (error) 625 return (error); 626 error = soreserve(so, rip_sendspace, rip_recvspace); 627 if (error) 628 return (error); 629 filter = malloc(sizeof(struct icmp6_filter), M_PCB, M_NOWAIT); 630 if (filter == NULL) 631 return (ENOMEM); 632 INP_INFO_WLOCK(&V_ripcbinfo); 633 error = in_pcballoc(so, &V_ripcbinfo); 634 if (error) { 635 INP_INFO_WUNLOCK(&V_ripcbinfo); 636 free(filter, M_PCB); 637 return (error); 638 } 639 inp = (struct inpcb *)so->so_pcb; 640 INP_INFO_WUNLOCK(&V_ripcbinfo); 641 inp->inp_vflag |= INP_IPV6; 642 inp->inp_ip_p = (long)proto; 643 inp->in6p_hops = -1; /* use kernel default */ 644 inp->in6p_cksum = -1; 645 inp->in6p_icmp6filt = filter; 646 ICMP6_FILTER_SETPASSALL(inp->in6p_icmp6filt); 647 INP_WUNLOCK(inp); 648 return (0); 649} 650 651static void 652rip6_detach(struct socket *so) 653{
|
607 INIT_VNET_INET(so->so_vnet);
| 654 INIT_VNET_INET6(so->so_vnet);
|
608 struct inpcb *inp; 609 610 inp = sotoinpcb(so); 611 KASSERT(inp != NULL, ("rip6_detach: inp == NULL")); 612
| 655 struct inpcb *inp; 656 657 inp = sotoinpcb(so); 658 KASSERT(inp != NULL, ("rip6_detach: inp == NULL")); 659
|
613 if (so == ip6_mrouter && ip6_mrouter_done)
| 660 if (so == V_ip6_mrouter && ip6_mrouter_done)
|
614 ip6_mrouter_done(); 615 /* xxx: RSVP */ 616 INP_INFO_WLOCK(&V_ripcbinfo); 617 INP_WLOCK(inp); 618 free(inp->in6p_icmp6filt, M_PCB); 619 in_pcbdetach(inp); 620 in_pcbfree(inp); 621 INP_INFO_WUNLOCK(&V_ripcbinfo); 622} 623 624/* XXXRW: This can't ever be called. */ 625static void 626rip6_abort(struct socket *so) 627{ 628 struct inpcb *inp; 629 630 inp = sotoinpcb(so); 631 KASSERT(inp != NULL, ("rip6_abort: inp == NULL")); 632 633 soisdisconnected(so); 634} 635 636static void 637rip6_close(struct socket *so) 638{ 639 struct inpcb *inp; 640 641 inp = sotoinpcb(so); 642 KASSERT(inp != NULL, ("rip6_close: inp == NULL")); 643 644 soisdisconnected(so); 645} 646 647static int 648rip6_disconnect(struct socket *so) 649{ 650 struct inpcb *inp; 651 652 inp = sotoinpcb(so); 653 KASSERT(inp != NULL, ("rip6_disconnect: inp == NULL")); 654 655 if ((so->so_state & SS_ISCONNECTED) == 0) 656 return (ENOTCONN); 657 inp->in6p_faddr = in6addr_any; 658 rip6_abort(so); 659 return (0); 660} 661 662static int 663rip6_bind(struct socket *so, struct sockaddr *nam, struct thread *td) 664{ 665 INIT_VNET_NET(so->so_vnet); 666 INIT_VNET_INET(so->so_vnet); 667 INIT_VNET_INET6(so->so_vnet); 668 struct inpcb *inp; 669 struct sockaddr_in6 *addr = (struct sockaddr_in6 *)nam; 670 struct ifaddr *ia = NULL; 671 int error = 0; 672 673 inp = sotoinpcb(so); 674 KASSERT(inp != NULL, ("rip6_bind: inp == NULL")); 675 676 if (nam->sa_len != sizeof(*addr)) 677 return (EINVAL); 678 if ((error = prison_check_ip6(td->td_ucred, &addr->sin6_addr)) != 0) 679 return (error); 680 if (TAILQ_EMPTY(&V_ifnet) || addr->sin6_family != AF_INET6) 681 return (EADDRNOTAVAIL); 682 if ((error = sa6_embedscope(addr, V_ip6_use_defzone)) != 0) 683 return (error); 684 685 if (!IN6_IS_ADDR_UNSPECIFIED(&addr->sin6_addr) && 686 (ia = ifa_ifwithaddr((struct sockaddr *)addr)) == 0) 687 return (EADDRNOTAVAIL); 688 if (ia && 689 ((struct in6_ifaddr *)ia)->ia6_flags & 690 (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY| 691 IN6_IFF_DETACHED|IN6_IFF_DEPRECATED)) { 692 return (EADDRNOTAVAIL); 693 } 694 INP_INFO_WLOCK(&V_ripcbinfo); 695 INP_WLOCK(inp); 696 inp->in6p_laddr = addr->sin6_addr; 697 INP_WUNLOCK(inp); 698 INP_INFO_WUNLOCK(&V_ripcbinfo); 699 return (0); 700} 701 702static int 703rip6_connect(struct socket *so, struct sockaddr *nam, struct thread *td) 704{ 705 INIT_VNET_NET(so->so_vnet); 706 INIT_VNET_INET(so->so_vnet); 707 INIT_VNET_INET6(so->so_vnet); 708 struct inpcb *inp; 709 struct sockaddr_in6 *addr = (struct sockaddr_in6 *)nam; 710 struct in6_addr *in6a = NULL; 711 struct ifnet *ifp = NULL; 712 int error = 0, scope_ambiguous = 0; 713 714 inp = sotoinpcb(so); 715 KASSERT(inp != NULL, ("rip6_connect: inp == NULL")); 716 717 if (nam->sa_len != sizeof(*addr)) 718 return (EINVAL); 719 if (TAILQ_EMPTY(&V_ifnet)) 720 return (EADDRNOTAVAIL); 721 if (addr->sin6_family != AF_INET6) 722 return (EAFNOSUPPORT); 723 724 /* 725 * Application should provide a proper zone ID or the use of default 726 * zone IDs should be enabled. Unfortunately, some applications do 727 * not behave as it should, so we need a workaround. Even if an 728 * appropriate ID is not determined, we'll see if we can determine 729 * the outgoing interface. If we can, determine the zone ID based on 730 * the interface below. 731 */ 732 if (addr->sin6_scope_id == 0 && !V_ip6_use_defzone) 733 scope_ambiguous = 1; 734 if ((error = sa6_embedscope(addr, V_ip6_use_defzone)) != 0) 735 return (error); 736 737 INP_INFO_WLOCK(&V_ripcbinfo); 738 INP_WLOCK(inp); 739 /* Source address selection. XXX: need pcblookup? */ 740 in6a = in6_selectsrc(addr, inp->in6p_outputopts, 741 inp, NULL, so->so_cred, 742 &ifp, &error); 743 if (in6a == NULL) { 744 INP_WUNLOCK(inp); 745 INP_INFO_WUNLOCK(&V_ripcbinfo); 746 return (error ? error : EADDRNOTAVAIL); 747 } 748 749 /* XXX: see above */ 750 if (ifp && scope_ambiguous && 751 (error = in6_setscope(&addr->sin6_addr, ifp, NULL)) != 0) { 752 INP_WUNLOCK(inp); 753 INP_INFO_WUNLOCK(&V_ripcbinfo); 754 return (error); 755 } 756 inp->in6p_faddr = addr->sin6_addr; 757 inp->in6p_laddr = *in6a; 758 soisconnected(so); 759 INP_WUNLOCK(inp); 760 INP_INFO_WUNLOCK(&V_ripcbinfo); 761 return (0); 762} 763 764static int 765rip6_shutdown(struct socket *so) 766{ 767 struct inpcb *inp; 768 769 inp = sotoinpcb(so); 770 KASSERT(inp != NULL, ("rip6_shutdown: inp == NULL")); 771 772 INP_WLOCK(inp); 773 socantsendmore(so); 774 INP_WUNLOCK(inp); 775 return (0); 776} 777 778static int 779rip6_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, 780 struct mbuf *control, struct thread *td) 781{ 782 struct inpcb *inp; 783 struct sockaddr_in6 tmp; 784 struct sockaddr_in6 *dst; 785 int ret; 786 787 inp = sotoinpcb(so); 788 KASSERT(inp != NULL, ("rip6_send: inp == NULL")); 789 790 /* Always copy sockaddr to avoid overwrites. */ 791 /* Unlocked read. */ 792 if (so->so_state & SS_ISCONNECTED) { 793 if (nam) { 794 m_freem(m); 795 return (EISCONN); 796 } 797 /* XXX */ 798 bzero(&tmp, sizeof(tmp)); 799 tmp.sin6_family = AF_INET6; 800 tmp.sin6_len = sizeof(struct sockaddr_in6); 801 INP_RLOCK(inp); 802 bcopy(&inp->in6p_faddr, &tmp.sin6_addr, 803 sizeof(struct in6_addr)); 804 INP_RUNLOCK(inp); 805 dst = &tmp; 806 } else { 807 if (nam == NULL) { 808 m_freem(m); 809 return (ENOTCONN); 810 } 811 if (nam->sa_len != sizeof(struct sockaddr_in6)) { 812 m_freem(m); 813 return (EINVAL); 814 } 815 tmp = *(struct sockaddr_in6 *)nam; 816 dst = &tmp; 817 818 if (dst->sin6_family == AF_UNSPEC) { 819 /* 820 * XXX: we allow this case for backward 821 * compatibility to buggy applications that 822 * rely on old (and wrong) kernel behavior. 823 */ 824 log(LOG_INFO, "rip6 SEND: address family is " 825 "unspec. Assume AF_INET6\n"); 826 dst->sin6_family = AF_INET6; 827 } else if (dst->sin6_family != AF_INET6) { 828 m_freem(m); 829 return(EAFNOSUPPORT); 830 } 831 } 832 ret = rip6_output(m, so, dst, control); 833 return (ret); 834} 835 836struct pr_usrreqs rip6_usrreqs = { 837 .pru_abort = rip6_abort, 838 .pru_attach = rip6_attach, 839 .pru_bind = rip6_bind, 840 .pru_connect = rip6_connect, 841 .pru_control = in6_control, 842 .pru_detach = rip6_detach, 843 .pru_disconnect = rip6_disconnect, 844 .pru_peeraddr = in6_getpeeraddr, 845 .pru_send = rip6_send, 846 .pru_shutdown = rip6_shutdown, 847 .pru_sockaddr = in6_getsockaddr, 848 .pru_close = rip6_close, 849};
| 661 ip6_mrouter_done(); 662 /* xxx: RSVP */ 663 INP_INFO_WLOCK(&V_ripcbinfo); 664 INP_WLOCK(inp); 665 free(inp->in6p_icmp6filt, M_PCB); 666 in_pcbdetach(inp); 667 in_pcbfree(inp); 668 INP_INFO_WUNLOCK(&V_ripcbinfo); 669} 670 671/* XXXRW: This can't ever be called. */ 672static void 673rip6_abort(struct socket *so) 674{ 675 struct inpcb *inp; 676 677 inp = sotoinpcb(so); 678 KASSERT(inp != NULL, ("rip6_abort: inp == NULL")); 679 680 soisdisconnected(so); 681} 682 683static void 684rip6_close(struct socket *so) 685{ 686 struct inpcb *inp; 687 688 inp = sotoinpcb(so); 689 KASSERT(inp != NULL, ("rip6_close: inp == NULL")); 690 691 soisdisconnected(so); 692} 693 694static int 695rip6_disconnect(struct socket *so) 696{ 697 struct inpcb *inp; 698 699 inp = sotoinpcb(so); 700 KASSERT(inp != NULL, ("rip6_disconnect: inp == NULL")); 701 702 if ((so->so_state & SS_ISCONNECTED) == 0) 703 return (ENOTCONN); 704 inp->in6p_faddr = in6addr_any; 705 rip6_abort(so); 706 return (0); 707} 708 709static int 710rip6_bind(struct socket *so, struct sockaddr *nam, struct thread *td) 711{ 712 INIT_VNET_NET(so->so_vnet); 713 INIT_VNET_INET(so->so_vnet); 714 INIT_VNET_INET6(so->so_vnet); 715 struct inpcb *inp; 716 struct sockaddr_in6 *addr = (struct sockaddr_in6 *)nam; 717 struct ifaddr *ia = NULL; 718 int error = 0; 719 720 inp = sotoinpcb(so); 721 KASSERT(inp != NULL, ("rip6_bind: inp == NULL")); 722 723 if (nam->sa_len != sizeof(*addr)) 724 return (EINVAL); 725 if ((error = prison_check_ip6(td->td_ucred, &addr->sin6_addr)) != 0) 726 return (error); 727 if (TAILQ_EMPTY(&V_ifnet) || addr->sin6_family != AF_INET6) 728 return (EADDRNOTAVAIL); 729 if ((error = sa6_embedscope(addr, V_ip6_use_defzone)) != 0) 730 return (error); 731 732 if (!IN6_IS_ADDR_UNSPECIFIED(&addr->sin6_addr) && 733 (ia = ifa_ifwithaddr((struct sockaddr *)addr)) == 0) 734 return (EADDRNOTAVAIL); 735 if (ia && 736 ((struct in6_ifaddr *)ia)->ia6_flags & 737 (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY| 738 IN6_IFF_DETACHED|IN6_IFF_DEPRECATED)) { 739 return (EADDRNOTAVAIL); 740 } 741 INP_INFO_WLOCK(&V_ripcbinfo); 742 INP_WLOCK(inp); 743 inp->in6p_laddr = addr->sin6_addr; 744 INP_WUNLOCK(inp); 745 INP_INFO_WUNLOCK(&V_ripcbinfo); 746 return (0); 747} 748 749static int 750rip6_connect(struct socket *so, struct sockaddr *nam, struct thread *td) 751{ 752 INIT_VNET_NET(so->so_vnet); 753 INIT_VNET_INET(so->so_vnet); 754 INIT_VNET_INET6(so->so_vnet); 755 struct inpcb *inp; 756 struct sockaddr_in6 *addr = (struct sockaddr_in6 *)nam; 757 struct in6_addr *in6a = NULL; 758 struct ifnet *ifp = NULL; 759 int error = 0, scope_ambiguous = 0; 760 761 inp = sotoinpcb(so); 762 KASSERT(inp != NULL, ("rip6_connect: inp == NULL")); 763 764 if (nam->sa_len != sizeof(*addr)) 765 return (EINVAL); 766 if (TAILQ_EMPTY(&V_ifnet)) 767 return (EADDRNOTAVAIL); 768 if (addr->sin6_family != AF_INET6) 769 return (EAFNOSUPPORT); 770 771 /* 772 * Application should provide a proper zone ID or the use of default 773 * zone IDs should be enabled. Unfortunately, some applications do 774 * not behave as it should, so we need a workaround. Even if an 775 * appropriate ID is not determined, we'll see if we can determine 776 * the outgoing interface. If we can, determine the zone ID based on 777 * the interface below. 778 */ 779 if (addr->sin6_scope_id == 0 && !V_ip6_use_defzone) 780 scope_ambiguous = 1; 781 if ((error = sa6_embedscope(addr, V_ip6_use_defzone)) != 0) 782 return (error); 783 784 INP_INFO_WLOCK(&V_ripcbinfo); 785 INP_WLOCK(inp); 786 /* Source address selection. XXX: need pcblookup? */ 787 in6a = in6_selectsrc(addr, inp->in6p_outputopts, 788 inp, NULL, so->so_cred, 789 &ifp, &error); 790 if (in6a == NULL) { 791 INP_WUNLOCK(inp); 792 INP_INFO_WUNLOCK(&V_ripcbinfo); 793 return (error ? error : EADDRNOTAVAIL); 794 } 795 796 /* XXX: see above */ 797 if (ifp && scope_ambiguous && 798 (error = in6_setscope(&addr->sin6_addr, ifp, NULL)) != 0) { 799 INP_WUNLOCK(inp); 800 INP_INFO_WUNLOCK(&V_ripcbinfo); 801 return (error); 802 } 803 inp->in6p_faddr = addr->sin6_addr; 804 inp->in6p_laddr = *in6a; 805 soisconnected(so); 806 INP_WUNLOCK(inp); 807 INP_INFO_WUNLOCK(&V_ripcbinfo); 808 return (0); 809} 810 811static int 812rip6_shutdown(struct socket *so) 813{ 814 struct inpcb *inp; 815 816 inp = sotoinpcb(so); 817 KASSERT(inp != NULL, ("rip6_shutdown: inp == NULL")); 818 819 INP_WLOCK(inp); 820 socantsendmore(so); 821 INP_WUNLOCK(inp); 822 return (0); 823} 824 825static int 826rip6_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, 827 struct mbuf *control, struct thread *td) 828{ 829 struct inpcb *inp; 830 struct sockaddr_in6 tmp; 831 struct sockaddr_in6 *dst; 832 int ret; 833 834 inp = sotoinpcb(so); 835 KASSERT(inp != NULL, ("rip6_send: inp == NULL")); 836 837 /* Always copy sockaddr to avoid overwrites. */ 838 /* Unlocked read. */ 839 if (so->so_state & SS_ISCONNECTED) { 840 if (nam) { 841 m_freem(m); 842 return (EISCONN); 843 } 844 /* XXX */ 845 bzero(&tmp, sizeof(tmp)); 846 tmp.sin6_family = AF_INET6; 847 tmp.sin6_len = sizeof(struct sockaddr_in6); 848 INP_RLOCK(inp); 849 bcopy(&inp->in6p_faddr, &tmp.sin6_addr, 850 sizeof(struct in6_addr)); 851 INP_RUNLOCK(inp); 852 dst = &tmp; 853 } else { 854 if (nam == NULL) { 855 m_freem(m); 856 return (ENOTCONN); 857 } 858 if (nam->sa_len != sizeof(struct sockaddr_in6)) { 859 m_freem(m); 860 return (EINVAL); 861 } 862 tmp = *(struct sockaddr_in6 *)nam; 863 dst = &tmp; 864 865 if (dst->sin6_family == AF_UNSPEC) { 866 /* 867 * XXX: we allow this case for backward 868 * compatibility to buggy applications that 869 * rely on old (and wrong) kernel behavior. 870 */ 871 log(LOG_INFO, "rip6 SEND: address family is " 872 "unspec. Assume AF_INET6\n"); 873 dst->sin6_family = AF_INET6; 874 } else if (dst->sin6_family != AF_INET6) { 875 m_freem(m); 876 return(EAFNOSUPPORT); 877 } 878 } 879 ret = rip6_output(m, so, dst, control); 880 return (ret); 881} 882 883struct pr_usrreqs rip6_usrreqs = { 884 .pru_abort = rip6_abort, 885 .pru_attach = rip6_attach, 886 .pru_bind = rip6_bind, 887 .pru_connect = rip6_connect, 888 .pru_control = in6_control, 889 .pru_detach = rip6_detach, 890 .pru_disconnect = rip6_disconnect, 891 .pru_peeraddr = in6_getpeeraddr, 892 .pru_send = rip6_send, 893 .pru_shutdown = rip6_shutdown, 894 .pru_sockaddr = in6_getsockaddr, 895 .pru_close = rip6_close, 896};
|