1/*-
2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. Neither the name of the project nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 *
29 * $KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $
30 */
31
32/*-
33 * Copyright (c) 1982, 1986, 1991, 1993
34 * The Regents of the University of California. All rights reserved.
35 *
36 * Redistribution and use in source and binary forms, with or without
37 * modification, are permitted provided that the following conditions
38 * are met:
39 * 1. Redistributions of source code must retain the above copyright
40 * notice, this list of conditions and the following disclaimer.
41 * 2. Redistributions in binary form must reproduce the above copyright
42 * notice, this list of conditions and the following disclaimer in the
43 * documentation and/or other materials provided with the distribution.
44 * 4. Neither the name of the University nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
47 *
48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
58 * SUCH DAMAGE.
59 *
60 * @(#)in.c 8.2 (Berkeley) 11/15/93
61 */
62
63#include <sys/cdefs.h>
| 1/*-
2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. Neither the name of the project nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 *
29 * $KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $
30 */
31
32/*-
33 * Copyright (c) 1982, 1986, 1991, 1993
34 * The Regents of the University of California. All rights reserved.
35 *
36 * Redistribution and use in source and binary forms, with or without
37 * modification, are permitted provided that the following conditions
38 * are met:
39 * 1. Redistributions of source code must retain the above copyright
40 * notice, this list of conditions and the following disclaimer.
41 * 2. Redistributions in binary form must reproduce the above copyright
42 * notice, this list of conditions and the following disclaimer in the
43 * documentation and/or other materials provided with the distribution.
44 * 4. Neither the name of the University nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
47 *
48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
58 * SUCH DAMAGE.
59 *
60 * @(#)in.c 8.2 (Berkeley) 11/15/93
61 */
62
63#include <sys/cdefs.h>
|
64__FBSDID("$FreeBSD: head/sys/netinet6/in6.c 238990 2012-08-02 13:57:49Z glebius $");
| 64__FBSDID("$FreeBSD: head/sys/netinet6/in6.c 241686 2012-10-18 13:57:24Z andre $");
|
65
66#include "opt_compat.h"
67#include "opt_inet.h"
68#include "opt_inet6.h"
69
70#include <sys/param.h>
71#include <sys/errno.h>
72#include <sys/jail.h>
73#include <sys/malloc.h>
74#include <sys/socket.h>
75#include <sys/socketvar.h>
76#include <sys/sockio.h>
77#include <sys/systm.h>
78#include <sys/priv.h>
79#include <sys/proc.h>
80#include <sys/time.h>
81#include <sys/kernel.h>
82#include <sys/syslog.h>
83
84#include <net/if.h>
85#include <net/if_var.h>
86#include <net/if_types.h>
87#include <net/route.h>
88#include <net/if_dl.h>
89#include <net/vnet.h>
90
91#include <netinet/in.h>
92#include <netinet/in_var.h>
93#include <net/if_llatbl.h>
94#include <netinet/if_ether.h>
95#include <netinet/in_systm.h>
96#include <netinet/ip.h>
97#include <netinet/in_pcb.h>
98#include <netinet/ip_carp.h>
99
100#include <netinet/ip6.h>
101#include <netinet6/ip6_var.h>
102#include <netinet6/nd6.h>
103#include <netinet6/mld6_var.h>
104#include <netinet6/ip6_mroute.h>
105#include <netinet6/in6_ifattach.h>
106#include <netinet6/scope6_var.h>
107#include <netinet6/in6_pcb.h>
108
109/*
110 * Definitions of some costant IP6 addresses.
111 */
112const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT;
113const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT;
114const struct in6_addr in6addr_nodelocal_allnodes =
115 IN6ADDR_NODELOCAL_ALLNODES_INIT;
116const struct in6_addr in6addr_linklocal_allnodes =
117 IN6ADDR_LINKLOCAL_ALLNODES_INIT;
118const struct in6_addr in6addr_linklocal_allrouters =
119 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT;
120const struct in6_addr in6addr_linklocal_allv2routers =
121 IN6ADDR_LINKLOCAL_ALLV2ROUTERS_INIT;
122
123const struct in6_addr in6mask0 = IN6MASK0;
124const struct in6_addr in6mask32 = IN6MASK32;
125const struct in6_addr in6mask64 = IN6MASK64;
126const struct in6_addr in6mask96 = IN6MASK96;
127const struct in6_addr in6mask128 = IN6MASK128;
128
129const struct sockaddr_in6 sa6_any =
130 { sizeof(sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0 };
131
132static int in6_lifaddr_ioctl __P((struct socket *, u_long, caddr_t,
133 struct ifnet *, struct thread *));
134static int in6_ifinit __P((struct ifnet *, struct in6_ifaddr *,
135 struct sockaddr_in6 *, int));
136static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *);
137
138int (*faithprefix_p)(struct in6_addr *);
139
140#define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa))
141#define ia62ifa(ia6) (&((ia6)->ia_ifa))
142
143void
144in6_ifaddloop(struct ifaddr *ifa)
145{
146 struct sockaddr_dl gateway;
147 struct sockaddr_in6 mask, addr;
148 struct rtentry rt;
149 struct in6_ifaddr *ia;
150 struct ifnet *ifp;
151 struct llentry *ln;
152
153 ia = ifa2ia6(ifa);
154 ifp = ifa->ifa_ifp;
155 IF_AFDATA_LOCK(ifp);
156 ifa->ifa_rtrequest = nd6_rtrequest;
157 ln = lla_lookup(LLTABLE6(ifp), (LLE_CREATE | LLE_IFADDR |
158 LLE_EXCLUSIVE), (struct sockaddr *)&ia->ia_addr);
159 IF_AFDATA_UNLOCK(ifp);
160 if (ln != NULL) {
161 ln->la_expire = 0; /* for IPv6 this means permanent */
162 ln->ln_state = ND6_LLINFO_REACHABLE;
163 /*
164 * initialize for rtmsg generation
165 */
166 bzero(&gateway, sizeof(gateway));
167 gateway.sdl_len = sizeof(gateway);
168 gateway.sdl_family = AF_LINK;
169 gateway.sdl_nlen = 0;
170 gateway.sdl_alen = 6;
171 memcpy(gateway.sdl_data, &ln->ll_addr.mac_aligned,
172 sizeof(ln->ll_addr));
173 LLE_WUNLOCK(ln);
174 }
175
176 bzero(&rt, sizeof(rt));
177 rt.rt_gateway = (struct sockaddr *)&gateway;
178 memcpy(&mask, &ia->ia_prefixmask, sizeof(ia->ia_prefixmask));
179 memcpy(&addr, &ia->ia_addr, sizeof(ia->ia_addr));
180 rt_mask(&rt) = (struct sockaddr *)&mask;
181 rt_key(&rt) = (struct sockaddr *)&addr;
182 rt.rt_flags = RTF_UP | RTF_HOST | RTF_STATIC;
183 /* Announce arrival of local address to all FIBs. */
184 rt_newaddrmsg(RTM_ADD, ifa, 0, &rt);
185}
186
187void
188in6_ifremloop(struct ifaddr *ifa)
189{
190 struct sockaddr_dl gateway;
191 struct sockaddr_in6 mask, addr;
192 struct rtentry rt0;
193 struct in6_ifaddr *ia;
194 struct ifnet *ifp;
195
196 ia = ifa2ia6(ifa);
197 ifp = ifa->ifa_ifp;
198 IF_AFDATA_LOCK(ifp);
199 lla_lookup(LLTABLE6(ifp), (LLE_DELETE | LLE_IFADDR),
200 (struct sockaddr *)&ia->ia_addr);
201 IF_AFDATA_UNLOCK(ifp);
202
203 /*
204 * initialize for rtmsg generation
205 */
206 bzero(&gateway, sizeof(gateway));
207 gateway.sdl_len = sizeof(gateway);
208 gateway.sdl_family = AF_LINK;
209 gateway.sdl_nlen = 0;
210 gateway.sdl_alen = ifp->if_addrlen;
211 bzero(&rt0, sizeof(rt0));
212 rt0.rt_gateway = (struct sockaddr *)&gateway;
213 memcpy(&mask, &ia->ia_prefixmask, sizeof(ia->ia_prefixmask));
214 memcpy(&addr, &ia->ia_addr, sizeof(ia->ia_addr));
215 rt_mask(&rt0) = (struct sockaddr *)&mask;
216 rt_key(&rt0) = (struct sockaddr *)&addr;
217 rt0.rt_flags = RTF_HOST | RTF_STATIC;
218 /* Announce removal of local address to all FIBs. */
219 rt_newaddrmsg(RTM_DELETE, ifa, 0, &rt0);
220}
221
222int
223in6_mask2len(struct in6_addr *mask, u_char *lim0)
224{
225 int x = 0, y;
226 u_char *lim = lim0, *p;
227
228 /* ignore the scope_id part */
229 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask))
230 lim = (u_char *)mask + sizeof(*mask);
231 for (p = (u_char *)mask; p < lim; x++, p++) {
232 if (*p != 0xff)
233 break;
234 }
235 y = 0;
236 if (p < lim) {
237 for (y = 0; y < 8; y++) {
238 if ((*p & (0x80 >> y)) == 0)
239 break;
240 }
241 }
242
243 /*
244 * when the limit pointer is given, do a stricter check on the
245 * remaining bits.
246 */
247 if (p < lim) {
248 if (y != 0 && (*p & (0x00ff >> y)) != 0)
249 return (-1);
250 for (p = p + 1; p < lim; p++)
251 if (*p != 0)
252 return (-1);
253 }
254
255 return x * 8 + y;
256}
257
258#ifdef COMPAT_FREEBSD32
259struct in6_ndifreq32 {
260 char ifname[IFNAMSIZ];
261 uint32_t ifindex;
262};
263#define SIOCGDEFIFACE32_IN6 _IOWR('i', 86, struct in6_ndifreq32)
264#endif
265
266int
267in6_control(struct socket *so, u_long cmd, caddr_t data,
268 struct ifnet *ifp, struct thread *td)
269{
270 struct in6_ifreq *ifr = (struct in6_ifreq *)data;
271 struct in6_ifaddr *ia = NULL;
272 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data;
273 struct sockaddr_in6 *sa6;
274 int carp_attached = 0;
275 int error;
276 u_long ocmd = cmd;
277
278 /*
279 * Compat to make pre-10.x ifconfig(8) operable.
280 */
281 if (cmd == OSIOCAIFADDR_IN6)
282 cmd = SIOCAIFADDR_IN6;
283
284 switch (cmd) {
285 case SIOCGETSGCNT_IN6:
286 case SIOCGETMIFCNT_IN6:
287 /*
288 * XXX mrt_ioctl has a 3rd, unused, FIB argument in route.c.
289 * We cannot see how that would be needed, so do not adjust the
290 * KPI blindly; more likely should clean up the IPv4 variant.
291 */
292 return (mrt6_ioctl ? mrt6_ioctl(cmd, data) : EOPNOTSUPP);
293 }
294
295 switch(cmd) {
296 case SIOCAADDRCTL_POLICY:
297 case SIOCDADDRCTL_POLICY:
298 if (td != NULL) {
299 error = priv_check(td, PRIV_NETINET_ADDRCTRL6);
300 if (error)
301 return (error);
302 }
303 return (in6_src_ioctl(cmd, data));
304 }
305
306 if (ifp == NULL)
307 return (EOPNOTSUPP);
308
309 switch (cmd) {
310 case SIOCSNDFLUSH_IN6:
311 case SIOCSPFXFLUSH_IN6:
312 case SIOCSRTRFLUSH_IN6:
313 case SIOCSDEFIFACE_IN6:
314 case SIOCSIFINFO_FLAGS:
315 case SIOCSIFINFO_IN6:
316 if (td != NULL) {
317 error = priv_check(td, PRIV_NETINET_ND6);
318 if (error)
319 return (error);
320 }
321 /* FALLTHROUGH */
322 case OSIOCGIFINFO_IN6:
323 case SIOCGIFINFO_IN6:
324 case SIOCGDRLST_IN6:
325 case SIOCGPRLST_IN6:
326 case SIOCGNBRINFO_IN6:
327 case SIOCGDEFIFACE_IN6:
328 return (nd6_ioctl(cmd, data, ifp));
329
330#ifdef COMPAT_FREEBSD32
331 case SIOCGDEFIFACE32_IN6:
332 {
333 struct in6_ndifreq ndif;
334 struct in6_ndifreq32 *ndif32;
335
336 error = nd6_ioctl(SIOCGDEFIFACE_IN6, (caddr_t)&ndif,
337 ifp);
338 if (error)
339 return (error);
340 ndif32 = (struct in6_ndifreq32 *)data;
341 ndif32->ifindex = ndif.ifindex;
342 return (0);
343 }
344#endif
345 }
346
347 switch (cmd) {
348 case SIOCSIFPREFIX_IN6:
349 case SIOCDIFPREFIX_IN6:
350 case SIOCAIFPREFIX_IN6:
351 case SIOCCIFPREFIX_IN6:
352 case SIOCSGIFPREFIX_IN6:
353 case SIOCGIFPREFIX_IN6:
354 log(LOG_NOTICE,
355 "prefix ioctls are now invalidated. "
356 "please use ifconfig.\n");
357 return (EOPNOTSUPP);
358 }
359
360 switch (cmd) {
361 case SIOCSSCOPE6:
362 if (td != NULL) {
363 error = priv_check(td, PRIV_NETINET_SCOPE6);
364 if (error)
365 return (error);
366 }
367 return (scope6_set(ifp,
368 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id));
369 case SIOCGSCOPE6:
370 return (scope6_get(ifp,
371 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id));
372 case SIOCGSCOPE6DEF:
373 return (scope6_get_default((struct scope6_id *)
374 ifr->ifr_ifru.ifru_scope_id));
375 }
376
377 switch (cmd) {
378 case SIOCALIFADDR:
379 if (td != NULL) {
380 error = priv_check(td, PRIV_NET_ADDIFADDR);
381 if (error)
382 return (error);
383 }
384 return in6_lifaddr_ioctl(so, cmd, data, ifp, td);
385
386 case SIOCDLIFADDR:
387 if (td != NULL) {
388 error = priv_check(td, PRIV_NET_DELIFADDR);
389 if (error)
390 return (error);
391 }
392 /* FALLTHROUGH */
393 case SIOCGLIFADDR:
394 return in6_lifaddr_ioctl(so, cmd, data, ifp, td);
395 }
396
397 /*
398 * Find address for this interface, if it exists.
399 *
400 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation
401 * only, and used the first interface address as the target of other
402 * operations (without checking ifra_addr). This was because netinet
403 * code/API assumed at most 1 interface address per interface.
404 * Since IPv6 allows a node to assign multiple addresses
405 * on a single interface, we almost always look and check the
406 * presence of ifra_addr, and reject invalid ones here.
407 * It also decreases duplicated code among SIOC*_IN6 operations.
408 */
409 switch (cmd) {
410 case SIOCAIFADDR_IN6:
411 case SIOCSIFPHYADDR_IN6:
412 sa6 = &ifra->ifra_addr;
413 break;
414 case SIOCSIFADDR_IN6:
415 case SIOCGIFADDR_IN6:
416 case SIOCSIFDSTADDR_IN6:
417 case SIOCSIFNETMASK_IN6:
418 case SIOCGIFDSTADDR_IN6:
419 case SIOCGIFNETMASK_IN6:
420 case SIOCDIFADDR_IN6:
421 case SIOCGIFPSRCADDR_IN6:
422 case SIOCGIFPDSTADDR_IN6:
423 case SIOCGIFAFLAG_IN6:
424 case SIOCSNDFLUSH_IN6:
425 case SIOCSPFXFLUSH_IN6:
426 case SIOCSRTRFLUSH_IN6:
427 case SIOCGIFALIFETIME_IN6:
428 case SIOCSIFALIFETIME_IN6:
429 case SIOCGIFSTAT_IN6:
430 case SIOCGIFSTAT_ICMP6:
431 sa6 = &ifr->ifr_addr;
432 break;
433 default:
434 sa6 = NULL;
435 break;
436 }
437 if (sa6 && sa6->sin6_family == AF_INET6) {
438 if (sa6->sin6_scope_id != 0)
439 error = sa6_embedscope(sa6, 0);
440 else
441 error = in6_setscope(&sa6->sin6_addr, ifp, NULL);
442 if (error != 0)
443 return (error);
444 if (td != NULL && (error = prison_check_ip6(td->td_ucred,
445 &sa6->sin6_addr)) != 0)
446 return (error);
447 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr);
448 } else
449 ia = NULL;
450
451 switch (cmd) {
452 case SIOCSIFADDR_IN6:
453 case SIOCSIFDSTADDR_IN6:
454 case SIOCSIFNETMASK_IN6:
455 /*
456 * Since IPv6 allows a node to assign multiple addresses
457 * on a single interface, SIOCSIFxxx ioctls are deprecated.
458 */
459 /* we decided to obsolete this command (20000704) */
460 error = EINVAL;
461 goto out;
462
463 case SIOCDIFADDR_IN6:
464 /*
465 * for IPv4, we look for existing in_ifaddr here to allow
466 * "ifconfig if0 delete" to remove the first IPv4 address on
467 * the interface. For IPv6, as the spec allows multiple
468 * interface address from the day one, we consider "remove the
469 * first one" semantics to be not preferable.
470 */
471 if (ia == NULL) {
472 error = EADDRNOTAVAIL;
473 goto out;
474 }
475 /* FALLTHROUGH */
476 case SIOCAIFADDR_IN6:
477 /*
478 * We always require users to specify a valid IPv6 address for
479 * the corresponding operation.
480 */
481 if (ifra->ifra_addr.sin6_family != AF_INET6 ||
482 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) {
483 error = EAFNOSUPPORT;
484 goto out;
485 }
486
487 if (td != NULL) {
488 error = priv_check(td, (cmd == SIOCDIFADDR_IN6) ?
489 PRIV_NET_DELIFADDR : PRIV_NET_ADDIFADDR);
490 if (error)
491 goto out;
492 }
493 break;
494
495 case SIOCGIFADDR_IN6:
496 /* This interface is basically deprecated. use SIOCGIFCONF. */
497 /* FALLTHROUGH */
498 case SIOCGIFAFLAG_IN6:
499 case SIOCGIFNETMASK_IN6:
500 case SIOCGIFDSTADDR_IN6:
501 case SIOCGIFALIFETIME_IN6:
502 /* must think again about its semantics */
503 if (ia == NULL) {
504 error = EADDRNOTAVAIL;
505 goto out;
506 }
507 break;
508
509 case SIOCSIFALIFETIME_IN6:
510 {
511 struct in6_addrlifetime *lt;
512
513 if (td != NULL) {
514 error = priv_check(td, PRIV_NETINET_ALIFETIME6);
515 if (error)
516 goto out;
517 }
518 if (ia == NULL) {
519 error = EADDRNOTAVAIL;
520 goto out;
521 }
522 /* sanity for overflow - beware unsigned */
523 lt = &ifr->ifr_ifru.ifru_lifetime;
524 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME &&
525 lt->ia6t_vltime + time_second < time_second) {
526 error = EINVAL;
527 goto out;
528 }
529 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME &&
530 lt->ia6t_pltime + time_second < time_second) {
531 error = EINVAL;
532 goto out;
533 }
534 break;
535 }
536 }
537
538 switch (cmd) {
539 case SIOCGIFADDR_IN6:
540 ifr->ifr_addr = ia->ia_addr;
541 if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0)
542 goto out;
543 break;
544
545 case SIOCGIFDSTADDR_IN6:
546 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) {
547 error = EINVAL;
548 goto out;
549 }
550 /*
551 * XXX: should we check if ifa_dstaddr is NULL and return
552 * an error?
553 */
554 ifr->ifr_dstaddr = ia->ia_dstaddr;
555 if ((error = sa6_recoverscope(&ifr->ifr_dstaddr)) != 0)
556 goto out;
557 break;
558
559 case SIOCGIFNETMASK_IN6:
560 ifr->ifr_addr = ia->ia_prefixmask;
561 break;
562
563 case SIOCGIFAFLAG_IN6:
564 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags;
565 break;
566
567 case SIOCGIFSTAT_IN6:
568 if (ifp == NULL) {
569 error = EINVAL;
570 goto out;
571 }
572 bzero(&ifr->ifr_ifru.ifru_stat,
573 sizeof(ifr->ifr_ifru.ifru_stat));
574 ifr->ifr_ifru.ifru_stat =
575 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat;
576 break;
577
578 case SIOCGIFSTAT_ICMP6:
579 if (ifp == NULL) {
580 error = EINVAL;
581 goto out;
582 }
583 bzero(&ifr->ifr_ifru.ifru_icmp6stat,
584 sizeof(ifr->ifr_ifru.ifru_icmp6stat));
585 ifr->ifr_ifru.ifru_icmp6stat =
586 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat;
587 break;
588
589 case SIOCGIFALIFETIME_IN6:
590 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime;
591 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
592 time_t maxexpire;
593 struct in6_addrlifetime *retlt =
594 &ifr->ifr_ifru.ifru_lifetime;
595
596 /*
597 * XXX: adjust expiration time assuming time_t is
598 * signed.
599 */
600 maxexpire = (-1) &
601 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
602 if (ia->ia6_lifetime.ia6t_vltime <
603 maxexpire - ia->ia6_updatetime) {
604 retlt->ia6t_expire = ia->ia6_updatetime +
605 ia->ia6_lifetime.ia6t_vltime;
606 } else
607 retlt->ia6t_expire = maxexpire;
608 }
609 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
610 time_t maxexpire;
611 struct in6_addrlifetime *retlt =
612 &ifr->ifr_ifru.ifru_lifetime;
613
614 /*
615 * XXX: adjust expiration time assuming time_t is
616 * signed.
617 */
618 maxexpire = (-1) &
619 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
620 if (ia->ia6_lifetime.ia6t_pltime <
621 maxexpire - ia->ia6_updatetime) {
622 retlt->ia6t_preferred = ia->ia6_updatetime +
623 ia->ia6_lifetime.ia6t_pltime;
624 } else
625 retlt->ia6t_preferred = maxexpire;
626 }
627 break;
628
629 case SIOCSIFALIFETIME_IN6:
630 ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime;
631 /* for sanity */
632 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
633 ia->ia6_lifetime.ia6t_expire =
634 time_second + ia->ia6_lifetime.ia6t_vltime;
635 } else
636 ia->ia6_lifetime.ia6t_expire = 0;
637 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
638 ia->ia6_lifetime.ia6t_preferred =
639 time_second + ia->ia6_lifetime.ia6t_pltime;
640 } else
641 ia->ia6_lifetime.ia6t_preferred = 0;
642 break;
643
644 case SIOCAIFADDR_IN6:
645 {
646 int i;
647 struct nd_prefixctl pr0;
648 struct nd_prefix *pr;
649
650 /*
651 * first, make or update the interface address structure,
652 * and link it to the list.
653 */
654 if ((error = in6_update_ifa(ifp, ifra, ia, 0)) != 0)
655 goto out;
656 if (ia != NULL)
657 ifa_free(&ia->ia_ifa);
658 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr))
659 == NULL) {
660 /*
661 * this can happen when the user specify the 0 valid
662 * lifetime.
663 */
664 break;
665 }
666
667 if (cmd == ocmd && ifra->ifra_vhid > 0) {
668 if (carp_attach_p != NULL)
669 error = (*carp_attach_p)(&ia->ia_ifa,
670 ifra->ifra_vhid);
671 else
672 error = EPROTONOSUPPORT;
673 if (error)
674 goto out;
675 else
676 carp_attached = 1;
677 }
678
679 /*
680 * then, make the prefix on-link on the interface.
681 * XXX: we'd rather create the prefix before the address, but
682 * we need at least one address to install the corresponding
683 * interface route, so we configure the address first.
684 */
685
686 /*
687 * convert mask to prefix length (prefixmask has already
688 * been validated in in6_update_ifa().
689 */
690 bzero(&pr0, sizeof(pr0));
691 pr0.ndpr_ifp = ifp;
692 pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
693 NULL);
694 if (pr0.ndpr_plen == 128) {
695 break; /* we don't need to install a host route. */
696 }
697 pr0.ndpr_prefix = ifra->ifra_addr;
698 /* apply the mask for safety. */
699 for (i = 0; i < 4; i++) {
700 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &=
701 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i];
702 }
703 /*
704 * XXX: since we don't have an API to set prefix (not address)
705 * lifetimes, we just use the same lifetimes as addresses.
706 * The (temporarily) installed lifetimes can be overridden by
707 * later advertised RAs (when accept_rtadv is non 0), which is
708 * an intended behavior.
709 */
710 pr0.ndpr_raf_onlink = 1; /* should be configurable? */
711 pr0.ndpr_raf_auto =
712 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0);
713 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime;
714 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime;
715
716 /* add the prefix if not yet. */
717 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) {
718 /*
719 * nd6_prelist_add will install the corresponding
720 * interface route.
721 */
722 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) {
723 if (carp_attached)
724 (*carp_detach_p)(&ia->ia_ifa);
725 goto out;
726 }
727 if (pr == NULL) {
728 if (carp_attached)
729 (*carp_detach_p)(&ia->ia_ifa);
730 log(LOG_ERR, "nd6_prelist_add succeeded but "
731 "no prefix\n");
732 error = EINVAL;
733 goto out;
734 }
735 }
736
737 /* relate the address to the prefix */
738 if (ia->ia6_ndpr == NULL) {
739 ia->ia6_ndpr = pr;
740 pr->ndpr_refcnt++;
741
742 /*
743 * If this is the first autoconf address from the
744 * prefix, create a temporary address as well
745 * (when required).
746 */
747 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) &&
748 V_ip6_use_tempaddr && pr->ndpr_refcnt == 1) {
749 int e;
750 if ((e = in6_tmpifadd(ia, 1, 0)) != 0) {
751 log(LOG_NOTICE, "in6_control: failed "
752 "to create a temporary address, "
753 "errno=%d\n", e);
754 }
755 }
756 }
757
758 /*
759 * this might affect the status of autoconfigured addresses,
760 * that is, this address might make other addresses detached.
761 */
762 pfxlist_onlink_check();
763 if (error == 0 && ia) {
764 if (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED) {
765 /*
766 * Try to clear the flag when a new
767 * IPv6 address is added onto an
768 * IFDISABLED interface and it
769 * succeeds.
770 */
771 struct in6_ndireq nd;
772
773 memset(&nd, 0, sizeof(nd));
774 nd.ndi.flags = ND_IFINFO(ifp)->flags;
775 nd.ndi.flags &= ~ND6_IFF_IFDISABLED;
776 if (nd6_ioctl(SIOCSIFINFO_FLAGS,
777 (caddr_t)&nd, ifp) < 0)
778 log(LOG_NOTICE, "SIOCAIFADDR_IN6: "
779 "SIOCSIFINFO_FLAGS for -ifdisabled "
780 "failed.");
781 /*
782 * Ignore failure of clearing the flag
783 * intentionally. The failure means
784 * address duplication was detected.
785 */
786 }
787 EVENTHANDLER_INVOKE(ifaddr_event, ifp);
788 }
789 break;
790 }
791
792 case SIOCDIFADDR_IN6:
793 {
794 struct nd_prefix *pr;
795
796 /*
797 * If the address being deleted is the only one that owns
798 * the corresponding prefix, expire the prefix as well.
799 * XXX: theoretically, we don't have to worry about such
800 * relationship, since we separate the address management
801 * and the prefix management. We do this, however, to provide
802 * as much backward compatibility as possible in terms of
803 * the ioctl operation.
804 * Note that in6_purgeaddr() will decrement ndpr_refcnt.
805 */
806 pr = ia->ia6_ndpr;
807 in6_purgeaddr(&ia->ia_ifa);
808 if (pr && pr->ndpr_refcnt == 0)
809 prelist_remove(pr);
810 EVENTHANDLER_INVOKE(ifaddr_event, ifp);
811 break;
812 }
813
814 default:
815 if (ifp == NULL || ifp->if_ioctl == 0) {
816 error = EOPNOTSUPP;
817 goto out;
818 }
819 error = (*ifp->if_ioctl)(ifp, cmd, data);
820 goto out;
821 }
822
823 error = 0;
824out:
825 if (ia != NULL)
826 ifa_free(&ia->ia_ifa);
827 return (error);
828}
829
830
831/*
832 * Join necessary multicast groups. Factored out from in6_update_ifa().
833 * This entire work should only be done once, for the default FIB.
834 */
835static int
836in6_update_ifa_join_mc(struct ifnet *ifp, struct in6_aliasreq *ifra,
837 struct in6_ifaddr *ia, int flags, struct in6_multi **in6m_sol)
838{
839 char ip6buf[INET6_ADDRSTRLEN];
840 struct sockaddr_in6 mltaddr, mltmask;
841 struct in6_addr llsol;
842 struct in6_multi_mship *imm;
843 struct rtentry *rt;
844 int delay, error;
845
846 KASSERT(in6m_sol != NULL, ("%s: in6m_sol is NULL", __func__));
847
848 /* Join solicited multicast addr for new host id. */
849 bzero(&llsol, sizeof(struct in6_addr));
850 llsol.s6_addr32[0] = IPV6_ADDR_INT32_MLL;
851 llsol.s6_addr32[1] = 0;
852 llsol.s6_addr32[2] = htonl(1);
853 llsol.s6_addr32[3] = ifra->ifra_addr.sin6_addr.s6_addr32[3];
854 llsol.s6_addr8[12] = 0xff;
855 if ((error = in6_setscope(&llsol, ifp, NULL)) != 0) {
856 /* XXX: should not happen */
857 log(LOG_ERR, "%s: in6_setscope failed\n", __func__);
858 goto cleanup;
859 }
860 delay = 0;
861 if ((flags & IN6_IFAUPDATE_DADDELAY)) {
862 /*
863 * We need a random delay for DAD on the address being
864 * configured. It also means delaying transmission of the
865 * corresponding MLD report to avoid report collision.
866 * [RFC 4861, Section 6.3.7]
867 */
868 delay = arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz);
869 }
870 imm = in6_joingroup(ifp, &llsol, &error, delay);
871 if (imm == NULL) {
872 nd6log((LOG_WARNING, "%s: addmulti failed for %s on %s "
873 "(errno=%d)\n", __func__, ip6_sprintf(ip6buf, &llsol),
874 if_name(ifp), error));
875 goto cleanup;
876 }
877 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
878 *in6m_sol = imm->i6mm_maddr;
879
880 bzero(&mltmask, sizeof(mltmask));
881 mltmask.sin6_len = sizeof(struct sockaddr_in6);
882 mltmask.sin6_family = AF_INET6;
883 mltmask.sin6_addr = in6mask32;
884#define MLTMASK_LEN 4 /* mltmask's masklen (=32bit=4octet) */
885
886 /*
887 * Join link-local all-nodes address.
888 */
889 bzero(&mltaddr, sizeof(mltaddr));
890 mltaddr.sin6_len = sizeof(struct sockaddr_in6);
891 mltaddr.sin6_family = AF_INET6;
892 mltaddr.sin6_addr = in6addr_linklocal_allnodes;
893 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0)
894 goto cleanup; /* XXX: should not fail */
895
896 /*
897 * XXX: do we really need this automatic routes? We should probably
898 * reconsider this stuff. Most applications actually do not need the
899 * routes, since they usually specify the outgoing interface.
900 */
901 rt = in6_rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL, RT_DEFAULT_FIB);
902 if (rt != NULL) {
903 /* XXX: only works in !SCOPEDROUTING case. */
904 if (memcmp(&mltaddr.sin6_addr,
905 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr,
906 MLTMASK_LEN)) {
907 RTFREE_LOCKED(rt);
908 rt = NULL;
909 }
910 }
911 if (rt == NULL) {
912 error = in6_rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr,
913 (struct sockaddr *)&ia->ia_addr,
914 (struct sockaddr *)&mltmask, RTF_UP,
915 (struct rtentry **)0, RT_DEFAULT_FIB);
916 if (error)
917 goto cleanup;
918 } else
919 RTFREE_LOCKED(rt);
920
921 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0);
922 if (imm == NULL) {
923 nd6log((LOG_WARNING, "%s: addmulti failed for %s on %s "
924 "(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
925 &mltaddr.sin6_addr), if_name(ifp), error));
926 goto cleanup;
927 }
928 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
929
930 /*
931 * Join node information group address.
932 */
933 delay = 0;
934 if ((flags & IN6_IFAUPDATE_DADDELAY)) {
935 /*
936 * The spec does not say anything about delay for this group,
937 * but the same logic should apply.
938 */
939 delay = arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz);
940 }
941 if (in6_nigroup(ifp, NULL, -1, &mltaddr.sin6_addr) == 0) {
942 /* XXX jinmei */
943 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, delay);
944 if (imm == NULL)
945 nd6log((LOG_WARNING, "%s: addmulti failed for %s on %s "
946 "(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
947 &mltaddr.sin6_addr), if_name(ifp), error));
948 /* XXX not very fatal, go on... */
949 else
950 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
951 }
952
953 /*
954 * Join interface-local all-nodes address.
955 * (ff01::1%ifN, and ff01::%ifN/32)
956 */
957 mltaddr.sin6_addr = in6addr_nodelocal_allnodes;
958 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0)
959 goto cleanup; /* XXX: should not fail */
960 /* XXX: again, do we really need the route? */
961 rt = in6_rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL, RT_DEFAULT_FIB);
962 if (rt != NULL) {
963 if (memcmp(&mltaddr.sin6_addr,
964 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr,
965 MLTMASK_LEN)) {
966 RTFREE_LOCKED(rt);
967 rt = NULL;
968 }
969 }
970 if (rt == NULL) {
971 error = in6_rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr,
972 (struct sockaddr *)&ia->ia_addr,
973 (struct sockaddr *)&mltmask, RTF_UP,
974 (struct rtentry **)0, RT_DEFAULT_FIB);
975 if (error)
976 goto cleanup;
977 } else
978 RTFREE_LOCKED(rt);
979
980 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0);
981 if (imm == NULL) {
982 nd6log((LOG_WARNING, "%s: addmulti failed for %s on %s "
983 "(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
984 &mltaddr.sin6_addr), if_name(ifp), error));
985 goto cleanup;
986 }
987 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
988#undef MLTMASK_LEN
989
990cleanup:
991 return (error);
992}
993
994/*
995 * Update parameters of an IPv6 interface address.
996 * If necessary, a new entry is created and linked into address chains.
997 * This function is separated from in6_control().
| 65
66#include "opt_compat.h"
67#include "opt_inet.h"
68#include "opt_inet6.h"
69
70#include <sys/param.h>
71#include <sys/errno.h>
72#include <sys/jail.h>
73#include <sys/malloc.h>
74#include <sys/socket.h>
75#include <sys/socketvar.h>
76#include <sys/sockio.h>
77#include <sys/systm.h>
78#include <sys/priv.h>
79#include <sys/proc.h>
80#include <sys/time.h>
81#include <sys/kernel.h>
82#include <sys/syslog.h>
83
84#include <net/if.h>
85#include <net/if_var.h>
86#include <net/if_types.h>
87#include <net/route.h>
88#include <net/if_dl.h>
89#include <net/vnet.h>
90
91#include <netinet/in.h>
92#include <netinet/in_var.h>
93#include <net/if_llatbl.h>
94#include <netinet/if_ether.h>
95#include <netinet/in_systm.h>
96#include <netinet/ip.h>
97#include <netinet/in_pcb.h>
98#include <netinet/ip_carp.h>
99
100#include <netinet/ip6.h>
101#include <netinet6/ip6_var.h>
102#include <netinet6/nd6.h>
103#include <netinet6/mld6_var.h>
104#include <netinet6/ip6_mroute.h>
105#include <netinet6/in6_ifattach.h>
106#include <netinet6/scope6_var.h>
107#include <netinet6/in6_pcb.h>
108
109/*
110 * Definitions of some costant IP6 addresses.
111 */
112const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT;
113const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT;
114const struct in6_addr in6addr_nodelocal_allnodes =
115 IN6ADDR_NODELOCAL_ALLNODES_INIT;
116const struct in6_addr in6addr_linklocal_allnodes =
117 IN6ADDR_LINKLOCAL_ALLNODES_INIT;
118const struct in6_addr in6addr_linklocal_allrouters =
119 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT;
120const struct in6_addr in6addr_linklocal_allv2routers =
121 IN6ADDR_LINKLOCAL_ALLV2ROUTERS_INIT;
122
123const struct in6_addr in6mask0 = IN6MASK0;
124const struct in6_addr in6mask32 = IN6MASK32;
125const struct in6_addr in6mask64 = IN6MASK64;
126const struct in6_addr in6mask96 = IN6MASK96;
127const struct in6_addr in6mask128 = IN6MASK128;
128
129const struct sockaddr_in6 sa6_any =
130 { sizeof(sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0 };
131
132static int in6_lifaddr_ioctl __P((struct socket *, u_long, caddr_t,
133 struct ifnet *, struct thread *));
134static int in6_ifinit __P((struct ifnet *, struct in6_ifaddr *,
135 struct sockaddr_in6 *, int));
136static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *);
137
138int (*faithprefix_p)(struct in6_addr *);
139
140#define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa))
141#define ia62ifa(ia6) (&((ia6)->ia_ifa))
142
143void
144in6_ifaddloop(struct ifaddr *ifa)
145{
146 struct sockaddr_dl gateway;
147 struct sockaddr_in6 mask, addr;
148 struct rtentry rt;
149 struct in6_ifaddr *ia;
150 struct ifnet *ifp;
151 struct llentry *ln;
152
153 ia = ifa2ia6(ifa);
154 ifp = ifa->ifa_ifp;
155 IF_AFDATA_LOCK(ifp);
156 ifa->ifa_rtrequest = nd6_rtrequest;
157 ln = lla_lookup(LLTABLE6(ifp), (LLE_CREATE | LLE_IFADDR |
158 LLE_EXCLUSIVE), (struct sockaddr *)&ia->ia_addr);
159 IF_AFDATA_UNLOCK(ifp);
160 if (ln != NULL) {
161 ln->la_expire = 0; /* for IPv6 this means permanent */
162 ln->ln_state = ND6_LLINFO_REACHABLE;
163 /*
164 * initialize for rtmsg generation
165 */
166 bzero(&gateway, sizeof(gateway));
167 gateway.sdl_len = sizeof(gateway);
168 gateway.sdl_family = AF_LINK;
169 gateway.sdl_nlen = 0;
170 gateway.sdl_alen = 6;
171 memcpy(gateway.sdl_data, &ln->ll_addr.mac_aligned,
172 sizeof(ln->ll_addr));
173 LLE_WUNLOCK(ln);
174 }
175
176 bzero(&rt, sizeof(rt));
177 rt.rt_gateway = (struct sockaddr *)&gateway;
178 memcpy(&mask, &ia->ia_prefixmask, sizeof(ia->ia_prefixmask));
179 memcpy(&addr, &ia->ia_addr, sizeof(ia->ia_addr));
180 rt_mask(&rt) = (struct sockaddr *)&mask;
181 rt_key(&rt) = (struct sockaddr *)&addr;
182 rt.rt_flags = RTF_UP | RTF_HOST | RTF_STATIC;
183 /* Announce arrival of local address to all FIBs. */
184 rt_newaddrmsg(RTM_ADD, ifa, 0, &rt);
185}
186
187void
188in6_ifremloop(struct ifaddr *ifa)
189{
190 struct sockaddr_dl gateway;
191 struct sockaddr_in6 mask, addr;
192 struct rtentry rt0;
193 struct in6_ifaddr *ia;
194 struct ifnet *ifp;
195
196 ia = ifa2ia6(ifa);
197 ifp = ifa->ifa_ifp;
198 IF_AFDATA_LOCK(ifp);
199 lla_lookup(LLTABLE6(ifp), (LLE_DELETE | LLE_IFADDR),
200 (struct sockaddr *)&ia->ia_addr);
201 IF_AFDATA_UNLOCK(ifp);
202
203 /*
204 * initialize for rtmsg generation
205 */
206 bzero(&gateway, sizeof(gateway));
207 gateway.sdl_len = sizeof(gateway);
208 gateway.sdl_family = AF_LINK;
209 gateway.sdl_nlen = 0;
210 gateway.sdl_alen = ifp->if_addrlen;
211 bzero(&rt0, sizeof(rt0));
212 rt0.rt_gateway = (struct sockaddr *)&gateway;
213 memcpy(&mask, &ia->ia_prefixmask, sizeof(ia->ia_prefixmask));
214 memcpy(&addr, &ia->ia_addr, sizeof(ia->ia_addr));
215 rt_mask(&rt0) = (struct sockaddr *)&mask;
216 rt_key(&rt0) = (struct sockaddr *)&addr;
217 rt0.rt_flags = RTF_HOST | RTF_STATIC;
218 /* Announce removal of local address to all FIBs. */
219 rt_newaddrmsg(RTM_DELETE, ifa, 0, &rt0);
220}
221
222int
223in6_mask2len(struct in6_addr *mask, u_char *lim0)
224{
225 int x = 0, y;
226 u_char *lim = lim0, *p;
227
228 /* ignore the scope_id part */
229 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask))
230 lim = (u_char *)mask + sizeof(*mask);
231 for (p = (u_char *)mask; p < lim; x++, p++) {
232 if (*p != 0xff)
233 break;
234 }
235 y = 0;
236 if (p < lim) {
237 for (y = 0; y < 8; y++) {
238 if ((*p & (0x80 >> y)) == 0)
239 break;
240 }
241 }
242
243 /*
244 * when the limit pointer is given, do a stricter check on the
245 * remaining bits.
246 */
247 if (p < lim) {
248 if (y != 0 && (*p & (0x00ff >> y)) != 0)
249 return (-1);
250 for (p = p + 1; p < lim; p++)
251 if (*p != 0)
252 return (-1);
253 }
254
255 return x * 8 + y;
256}
257
258#ifdef COMPAT_FREEBSD32
259struct in6_ndifreq32 {
260 char ifname[IFNAMSIZ];
261 uint32_t ifindex;
262};
263#define SIOCGDEFIFACE32_IN6 _IOWR('i', 86, struct in6_ndifreq32)
264#endif
265
266int
267in6_control(struct socket *so, u_long cmd, caddr_t data,
268 struct ifnet *ifp, struct thread *td)
269{
270 struct in6_ifreq *ifr = (struct in6_ifreq *)data;
271 struct in6_ifaddr *ia = NULL;
272 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data;
273 struct sockaddr_in6 *sa6;
274 int carp_attached = 0;
275 int error;
276 u_long ocmd = cmd;
277
278 /*
279 * Compat to make pre-10.x ifconfig(8) operable.
280 */
281 if (cmd == OSIOCAIFADDR_IN6)
282 cmd = SIOCAIFADDR_IN6;
283
284 switch (cmd) {
285 case SIOCGETSGCNT_IN6:
286 case SIOCGETMIFCNT_IN6:
287 /*
288 * XXX mrt_ioctl has a 3rd, unused, FIB argument in route.c.
289 * We cannot see how that would be needed, so do not adjust the
290 * KPI blindly; more likely should clean up the IPv4 variant.
291 */
292 return (mrt6_ioctl ? mrt6_ioctl(cmd, data) : EOPNOTSUPP);
293 }
294
295 switch(cmd) {
296 case SIOCAADDRCTL_POLICY:
297 case SIOCDADDRCTL_POLICY:
298 if (td != NULL) {
299 error = priv_check(td, PRIV_NETINET_ADDRCTRL6);
300 if (error)
301 return (error);
302 }
303 return (in6_src_ioctl(cmd, data));
304 }
305
306 if (ifp == NULL)
307 return (EOPNOTSUPP);
308
309 switch (cmd) {
310 case SIOCSNDFLUSH_IN6:
311 case SIOCSPFXFLUSH_IN6:
312 case SIOCSRTRFLUSH_IN6:
313 case SIOCSDEFIFACE_IN6:
314 case SIOCSIFINFO_FLAGS:
315 case SIOCSIFINFO_IN6:
316 if (td != NULL) {
317 error = priv_check(td, PRIV_NETINET_ND6);
318 if (error)
319 return (error);
320 }
321 /* FALLTHROUGH */
322 case OSIOCGIFINFO_IN6:
323 case SIOCGIFINFO_IN6:
324 case SIOCGDRLST_IN6:
325 case SIOCGPRLST_IN6:
326 case SIOCGNBRINFO_IN6:
327 case SIOCGDEFIFACE_IN6:
328 return (nd6_ioctl(cmd, data, ifp));
329
330#ifdef COMPAT_FREEBSD32
331 case SIOCGDEFIFACE32_IN6:
332 {
333 struct in6_ndifreq ndif;
334 struct in6_ndifreq32 *ndif32;
335
336 error = nd6_ioctl(SIOCGDEFIFACE_IN6, (caddr_t)&ndif,
337 ifp);
338 if (error)
339 return (error);
340 ndif32 = (struct in6_ndifreq32 *)data;
341 ndif32->ifindex = ndif.ifindex;
342 return (0);
343 }
344#endif
345 }
346
347 switch (cmd) {
348 case SIOCSIFPREFIX_IN6:
349 case SIOCDIFPREFIX_IN6:
350 case SIOCAIFPREFIX_IN6:
351 case SIOCCIFPREFIX_IN6:
352 case SIOCSGIFPREFIX_IN6:
353 case SIOCGIFPREFIX_IN6:
354 log(LOG_NOTICE,
355 "prefix ioctls are now invalidated. "
356 "please use ifconfig.\n");
357 return (EOPNOTSUPP);
358 }
359
360 switch (cmd) {
361 case SIOCSSCOPE6:
362 if (td != NULL) {
363 error = priv_check(td, PRIV_NETINET_SCOPE6);
364 if (error)
365 return (error);
366 }
367 return (scope6_set(ifp,
368 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id));
369 case SIOCGSCOPE6:
370 return (scope6_get(ifp,
371 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id));
372 case SIOCGSCOPE6DEF:
373 return (scope6_get_default((struct scope6_id *)
374 ifr->ifr_ifru.ifru_scope_id));
375 }
376
377 switch (cmd) {
378 case SIOCALIFADDR:
379 if (td != NULL) {
380 error = priv_check(td, PRIV_NET_ADDIFADDR);
381 if (error)
382 return (error);
383 }
384 return in6_lifaddr_ioctl(so, cmd, data, ifp, td);
385
386 case SIOCDLIFADDR:
387 if (td != NULL) {
388 error = priv_check(td, PRIV_NET_DELIFADDR);
389 if (error)
390 return (error);
391 }
392 /* FALLTHROUGH */
393 case SIOCGLIFADDR:
394 return in6_lifaddr_ioctl(so, cmd, data, ifp, td);
395 }
396
397 /*
398 * Find address for this interface, if it exists.
399 *
400 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation
401 * only, and used the first interface address as the target of other
402 * operations (without checking ifra_addr). This was because netinet
403 * code/API assumed at most 1 interface address per interface.
404 * Since IPv6 allows a node to assign multiple addresses
405 * on a single interface, we almost always look and check the
406 * presence of ifra_addr, and reject invalid ones here.
407 * It also decreases duplicated code among SIOC*_IN6 operations.
408 */
409 switch (cmd) {
410 case SIOCAIFADDR_IN6:
411 case SIOCSIFPHYADDR_IN6:
412 sa6 = &ifra->ifra_addr;
413 break;
414 case SIOCSIFADDR_IN6:
415 case SIOCGIFADDR_IN6:
416 case SIOCSIFDSTADDR_IN6:
417 case SIOCSIFNETMASK_IN6:
418 case SIOCGIFDSTADDR_IN6:
419 case SIOCGIFNETMASK_IN6:
420 case SIOCDIFADDR_IN6:
421 case SIOCGIFPSRCADDR_IN6:
422 case SIOCGIFPDSTADDR_IN6:
423 case SIOCGIFAFLAG_IN6:
424 case SIOCSNDFLUSH_IN6:
425 case SIOCSPFXFLUSH_IN6:
426 case SIOCSRTRFLUSH_IN6:
427 case SIOCGIFALIFETIME_IN6:
428 case SIOCSIFALIFETIME_IN6:
429 case SIOCGIFSTAT_IN6:
430 case SIOCGIFSTAT_ICMP6:
431 sa6 = &ifr->ifr_addr;
432 break;
433 default:
434 sa6 = NULL;
435 break;
436 }
437 if (sa6 && sa6->sin6_family == AF_INET6) {
438 if (sa6->sin6_scope_id != 0)
439 error = sa6_embedscope(sa6, 0);
440 else
441 error = in6_setscope(&sa6->sin6_addr, ifp, NULL);
442 if (error != 0)
443 return (error);
444 if (td != NULL && (error = prison_check_ip6(td->td_ucred,
445 &sa6->sin6_addr)) != 0)
446 return (error);
447 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr);
448 } else
449 ia = NULL;
450
451 switch (cmd) {
452 case SIOCSIFADDR_IN6:
453 case SIOCSIFDSTADDR_IN6:
454 case SIOCSIFNETMASK_IN6:
455 /*
456 * Since IPv6 allows a node to assign multiple addresses
457 * on a single interface, SIOCSIFxxx ioctls are deprecated.
458 */
459 /* we decided to obsolete this command (20000704) */
460 error = EINVAL;
461 goto out;
462
463 case SIOCDIFADDR_IN6:
464 /*
465 * for IPv4, we look for existing in_ifaddr here to allow
466 * "ifconfig if0 delete" to remove the first IPv4 address on
467 * the interface. For IPv6, as the spec allows multiple
468 * interface address from the day one, we consider "remove the
469 * first one" semantics to be not preferable.
470 */
471 if (ia == NULL) {
472 error = EADDRNOTAVAIL;
473 goto out;
474 }
475 /* FALLTHROUGH */
476 case SIOCAIFADDR_IN6:
477 /*
478 * We always require users to specify a valid IPv6 address for
479 * the corresponding operation.
480 */
481 if (ifra->ifra_addr.sin6_family != AF_INET6 ||
482 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) {
483 error = EAFNOSUPPORT;
484 goto out;
485 }
486
487 if (td != NULL) {
488 error = priv_check(td, (cmd == SIOCDIFADDR_IN6) ?
489 PRIV_NET_DELIFADDR : PRIV_NET_ADDIFADDR);
490 if (error)
491 goto out;
492 }
493 break;
494
495 case SIOCGIFADDR_IN6:
496 /* This interface is basically deprecated. use SIOCGIFCONF. */
497 /* FALLTHROUGH */
498 case SIOCGIFAFLAG_IN6:
499 case SIOCGIFNETMASK_IN6:
500 case SIOCGIFDSTADDR_IN6:
501 case SIOCGIFALIFETIME_IN6:
502 /* must think again about its semantics */
503 if (ia == NULL) {
504 error = EADDRNOTAVAIL;
505 goto out;
506 }
507 break;
508
509 case SIOCSIFALIFETIME_IN6:
510 {
511 struct in6_addrlifetime *lt;
512
513 if (td != NULL) {
514 error = priv_check(td, PRIV_NETINET_ALIFETIME6);
515 if (error)
516 goto out;
517 }
518 if (ia == NULL) {
519 error = EADDRNOTAVAIL;
520 goto out;
521 }
522 /* sanity for overflow - beware unsigned */
523 lt = &ifr->ifr_ifru.ifru_lifetime;
524 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME &&
525 lt->ia6t_vltime + time_second < time_second) {
526 error = EINVAL;
527 goto out;
528 }
529 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME &&
530 lt->ia6t_pltime + time_second < time_second) {
531 error = EINVAL;
532 goto out;
533 }
534 break;
535 }
536 }
537
538 switch (cmd) {
539 case SIOCGIFADDR_IN6:
540 ifr->ifr_addr = ia->ia_addr;
541 if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0)
542 goto out;
543 break;
544
545 case SIOCGIFDSTADDR_IN6:
546 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) {
547 error = EINVAL;
548 goto out;
549 }
550 /*
551 * XXX: should we check if ifa_dstaddr is NULL and return
552 * an error?
553 */
554 ifr->ifr_dstaddr = ia->ia_dstaddr;
555 if ((error = sa6_recoverscope(&ifr->ifr_dstaddr)) != 0)
556 goto out;
557 break;
558
559 case SIOCGIFNETMASK_IN6:
560 ifr->ifr_addr = ia->ia_prefixmask;
561 break;
562
563 case SIOCGIFAFLAG_IN6:
564 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags;
565 break;
566
567 case SIOCGIFSTAT_IN6:
568 if (ifp == NULL) {
569 error = EINVAL;
570 goto out;
571 }
572 bzero(&ifr->ifr_ifru.ifru_stat,
573 sizeof(ifr->ifr_ifru.ifru_stat));
574 ifr->ifr_ifru.ifru_stat =
575 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat;
576 break;
577
578 case SIOCGIFSTAT_ICMP6:
579 if (ifp == NULL) {
580 error = EINVAL;
581 goto out;
582 }
583 bzero(&ifr->ifr_ifru.ifru_icmp6stat,
584 sizeof(ifr->ifr_ifru.ifru_icmp6stat));
585 ifr->ifr_ifru.ifru_icmp6stat =
586 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat;
587 break;
588
589 case SIOCGIFALIFETIME_IN6:
590 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime;
591 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
592 time_t maxexpire;
593 struct in6_addrlifetime *retlt =
594 &ifr->ifr_ifru.ifru_lifetime;
595
596 /*
597 * XXX: adjust expiration time assuming time_t is
598 * signed.
599 */
600 maxexpire = (-1) &
601 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
602 if (ia->ia6_lifetime.ia6t_vltime <
603 maxexpire - ia->ia6_updatetime) {
604 retlt->ia6t_expire = ia->ia6_updatetime +
605 ia->ia6_lifetime.ia6t_vltime;
606 } else
607 retlt->ia6t_expire = maxexpire;
608 }
609 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
610 time_t maxexpire;
611 struct in6_addrlifetime *retlt =
612 &ifr->ifr_ifru.ifru_lifetime;
613
614 /*
615 * XXX: adjust expiration time assuming time_t is
616 * signed.
617 */
618 maxexpire = (-1) &
619 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
620 if (ia->ia6_lifetime.ia6t_pltime <
621 maxexpire - ia->ia6_updatetime) {
622 retlt->ia6t_preferred = ia->ia6_updatetime +
623 ia->ia6_lifetime.ia6t_pltime;
624 } else
625 retlt->ia6t_preferred = maxexpire;
626 }
627 break;
628
629 case SIOCSIFALIFETIME_IN6:
630 ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime;
631 /* for sanity */
632 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
633 ia->ia6_lifetime.ia6t_expire =
634 time_second + ia->ia6_lifetime.ia6t_vltime;
635 } else
636 ia->ia6_lifetime.ia6t_expire = 0;
637 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
638 ia->ia6_lifetime.ia6t_preferred =
639 time_second + ia->ia6_lifetime.ia6t_pltime;
640 } else
641 ia->ia6_lifetime.ia6t_preferred = 0;
642 break;
643
644 case SIOCAIFADDR_IN6:
645 {
646 int i;
647 struct nd_prefixctl pr0;
648 struct nd_prefix *pr;
649
650 /*
651 * first, make or update the interface address structure,
652 * and link it to the list.
653 */
654 if ((error = in6_update_ifa(ifp, ifra, ia, 0)) != 0)
655 goto out;
656 if (ia != NULL)
657 ifa_free(&ia->ia_ifa);
658 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr))
659 == NULL) {
660 /*
661 * this can happen when the user specify the 0 valid
662 * lifetime.
663 */
664 break;
665 }
666
667 if (cmd == ocmd && ifra->ifra_vhid > 0) {
668 if (carp_attach_p != NULL)
669 error = (*carp_attach_p)(&ia->ia_ifa,
670 ifra->ifra_vhid);
671 else
672 error = EPROTONOSUPPORT;
673 if (error)
674 goto out;
675 else
676 carp_attached = 1;
677 }
678
679 /*
680 * then, make the prefix on-link on the interface.
681 * XXX: we'd rather create the prefix before the address, but
682 * we need at least one address to install the corresponding
683 * interface route, so we configure the address first.
684 */
685
686 /*
687 * convert mask to prefix length (prefixmask has already
688 * been validated in in6_update_ifa().
689 */
690 bzero(&pr0, sizeof(pr0));
691 pr0.ndpr_ifp = ifp;
692 pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
693 NULL);
694 if (pr0.ndpr_plen == 128) {
695 break; /* we don't need to install a host route. */
696 }
697 pr0.ndpr_prefix = ifra->ifra_addr;
698 /* apply the mask for safety. */
699 for (i = 0; i < 4; i++) {
700 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &=
701 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i];
702 }
703 /*
704 * XXX: since we don't have an API to set prefix (not address)
705 * lifetimes, we just use the same lifetimes as addresses.
706 * The (temporarily) installed lifetimes can be overridden by
707 * later advertised RAs (when accept_rtadv is non 0), which is
708 * an intended behavior.
709 */
710 pr0.ndpr_raf_onlink = 1; /* should be configurable? */
711 pr0.ndpr_raf_auto =
712 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0);
713 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime;
714 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime;
715
716 /* add the prefix if not yet. */
717 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) {
718 /*
719 * nd6_prelist_add will install the corresponding
720 * interface route.
721 */
722 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) {
723 if (carp_attached)
724 (*carp_detach_p)(&ia->ia_ifa);
725 goto out;
726 }
727 if (pr == NULL) {
728 if (carp_attached)
729 (*carp_detach_p)(&ia->ia_ifa);
730 log(LOG_ERR, "nd6_prelist_add succeeded but "
731 "no prefix\n");
732 error = EINVAL;
733 goto out;
734 }
735 }
736
737 /* relate the address to the prefix */
738 if (ia->ia6_ndpr == NULL) {
739 ia->ia6_ndpr = pr;
740 pr->ndpr_refcnt++;
741
742 /*
743 * If this is the first autoconf address from the
744 * prefix, create a temporary address as well
745 * (when required).
746 */
747 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) &&
748 V_ip6_use_tempaddr && pr->ndpr_refcnt == 1) {
749 int e;
750 if ((e = in6_tmpifadd(ia, 1, 0)) != 0) {
751 log(LOG_NOTICE, "in6_control: failed "
752 "to create a temporary address, "
753 "errno=%d\n", e);
754 }
755 }
756 }
757
758 /*
759 * this might affect the status of autoconfigured addresses,
760 * that is, this address might make other addresses detached.
761 */
762 pfxlist_onlink_check();
763 if (error == 0 && ia) {
764 if (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED) {
765 /*
766 * Try to clear the flag when a new
767 * IPv6 address is added onto an
768 * IFDISABLED interface and it
769 * succeeds.
770 */
771 struct in6_ndireq nd;
772
773 memset(&nd, 0, sizeof(nd));
774 nd.ndi.flags = ND_IFINFO(ifp)->flags;
775 nd.ndi.flags &= ~ND6_IFF_IFDISABLED;
776 if (nd6_ioctl(SIOCSIFINFO_FLAGS,
777 (caddr_t)&nd, ifp) < 0)
778 log(LOG_NOTICE, "SIOCAIFADDR_IN6: "
779 "SIOCSIFINFO_FLAGS for -ifdisabled "
780 "failed.");
781 /*
782 * Ignore failure of clearing the flag
783 * intentionally. The failure means
784 * address duplication was detected.
785 */
786 }
787 EVENTHANDLER_INVOKE(ifaddr_event, ifp);
788 }
789 break;
790 }
791
792 case SIOCDIFADDR_IN6:
793 {
794 struct nd_prefix *pr;
795
796 /*
797 * If the address being deleted is the only one that owns
798 * the corresponding prefix, expire the prefix as well.
799 * XXX: theoretically, we don't have to worry about such
800 * relationship, since we separate the address management
801 * and the prefix management. We do this, however, to provide
802 * as much backward compatibility as possible in terms of
803 * the ioctl operation.
804 * Note that in6_purgeaddr() will decrement ndpr_refcnt.
805 */
806 pr = ia->ia6_ndpr;
807 in6_purgeaddr(&ia->ia_ifa);
808 if (pr && pr->ndpr_refcnt == 0)
809 prelist_remove(pr);
810 EVENTHANDLER_INVOKE(ifaddr_event, ifp);
811 break;
812 }
813
814 default:
815 if (ifp == NULL || ifp->if_ioctl == 0) {
816 error = EOPNOTSUPP;
817 goto out;
818 }
819 error = (*ifp->if_ioctl)(ifp, cmd, data);
820 goto out;
821 }
822
823 error = 0;
824out:
825 if (ia != NULL)
826 ifa_free(&ia->ia_ifa);
827 return (error);
828}
829
830
831/*
832 * Join necessary multicast groups. Factored out from in6_update_ifa().
833 * This entire work should only be done once, for the default FIB.
834 */
835static int
836in6_update_ifa_join_mc(struct ifnet *ifp, struct in6_aliasreq *ifra,
837 struct in6_ifaddr *ia, int flags, struct in6_multi **in6m_sol)
838{
839 char ip6buf[INET6_ADDRSTRLEN];
840 struct sockaddr_in6 mltaddr, mltmask;
841 struct in6_addr llsol;
842 struct in6_multi_mship *imm;
843 struct rtentry *rt;
844 int delay, error;
845
846 KASSERT(in6m_sol != NULL, ("%s: in6m_sol is NULL", __func__));
847
848 /* Join solicited multicast addr for new host id. */
849 bzero(&llsol, sizeof(struct in6_addr));
850 llsol.s6_addr32[0] = IPV6_ADDR_INT32_MLL;
851 llsol.s6_addr32[1] = 0;
852 llsol.s6_addr32[2] = htonl(1);
853 llsol.s6_addr32[3] = ifra->ifra_addr.sin6_addr.s6_addr32[3];
854 llsol.s6_addr8[12] = 0xff;
855 if ((error = in6_setscope(&llsol, ifp, NULL)) != 0) {
856 /* XXX: should not happen */
857 log(LOG_ERR, "%s: in6_setscope failed\n", __func__);
858 goto cleanup;
859 }
860 delay = 0;
861 if ((flags & IN6_IFAUPDATE_DADDELAY)) {
862 /*
863 * We need a random delay for DAD on the address being
864 * configured. It also means delaying transmission of the
865 * corresponding MLD report to avoid report collision.
866 * [RFC 4861, Section 6.3.7]
867 */
868 delay = arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz);
869 }
870 imm = in6_joingroup(ifp, &llsol, &error, delay);
871 if (imm == NULL) {
872 nd6log((LOG_WARNING, "%s: addmulti failed for %s on %s "
873 "(errno=%d)\n", __func__, ip6_sprintf(ip6buf, &llsol),
874 if_name(ifp), error));
875 goto cleanup;
876 }
877 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
878 *in6m_sol = imm->i6mm_maddr;
879
880 bzero(&mltmask, sizeof(mltmask));
881 mltmask.sin6_len = sizeof(struct sockaddr_in6);
882 mltmask.sin6_family = AF_INET6;
883 mltmask.sin6_addr = in6mask32;
884#define MLTMASK_LEN 4 /* mltmask's masklen (=32bit=4octet) */
885
886 /*
887 * Join link-local all-nodes address.
888 */
889 bzero(&mltaddr, sizeof(mltaddr));
890 mltaddr.sin6_len = sizeof(struct sockaddr_in6);
891 mltaddr.sin6_family = AF_INET6;
892 mltaddr.sin6_addr = in6addr_linklocal_allnodes;
893 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0)
894 goto cleanup; /* XXX: should not fail */
895
896 /*
897 * XXX: do we really need this automatic routes? We should probably
898 * reconsider this stuff. Most applications actually do not need the
899 * routes, since they usually specify the outgoing interface.
900 */
901 rt = in6_rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL, RT_DEFAULT_FIB);
902 if (rt != NULL) {
903 /* XXX: only works in !SCOPEDROUTING case. */
904 if (memcmp(&mltaddr.sin6_addr,
905 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr,
906 MLTMASK_LEN)) {
907 RTFREE_LOCKED(rt);
908 rt = NULL;
909 }
910 }
911 if (rt == NULL) {
912 error = in6_rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr,
913 (struct sockaddr *)&ia->ia_addr,
914 (struct sockaddr *)&mltmask, RTF_UP,
915 (struct rtentry **)0, RT_DEFAULT_FIB);
916 if (error)
917 goto cleanup;
918 } else
919 RTFREE_LOCKED(rt);
920
921 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0);
922 if (imm == NULL) {
923 nd6log((LOG_WARNING, "%s: addmulti failed for %s on %s "
924 "(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
925 &mltaddr.sin6_addr), if_name(ifp), error));
926 goto cleanup;
927 }
928 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
929
930 /*
931 * Join node information group address.
932 */
933 delay = 0;
934 if ((flags & IN6_IFAUPDATE_DADDELAY)) {
935 /*
936 * The spec does not say anything about delay for this group,
937 * but the same logic should apply.
938 */
939 delay = arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz);
940 }
941 if (in6_nigroup(ifp, NULL, -1, &mltaddr.sin6_addr) == 0) {
942 /* XXX jinmei */
943 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, delay);
944 if (imm == NULL)
945 nd6log((LOG_WARNING, "%s: addmulti failed for %s on %s "
946 "(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
947 &mltaddr.sin6_addr), if_name(ifp), error));
948 /* XXX not very fatal, go on... */
949 else
950 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
951 }
952
953 /*
954 * Join interface-local all-nodes address.
955 * (ff01::1%ifN, and ff01::%ifN/32)
956 */
957 mltaddr.sin6_addr = in6addr_nodelocal_allnodes;
958 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0)
959 goto cleanup; /* XXX: should not fail */
960 /* XXX: again, do we really need the route? */
961 rt = in6_rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL, RT_DEFAULT_FIB);
962 if (rt != NULL) {
963 if (memcmp(&mltaddr.sin6_addr,
964 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr,
965 MLTMASK_LEN)) {
966 RTFREE_LOCKED(rt);
967 rt = NULL;
968 }
969 }
970 if (rt == NULL) {
971 error = in6_rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr,
972 (struct sockaddr *)&ia->ia_addr,
973 (struct sockaddr *)&mltmask, RTF_UP,
974 (struct rtentry **)0, RT_DEFAULT_FIB);
975 if (error)
976 goto cleanup;
977 } else
978 RTFREE_LOCKED(rt);
979
980 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0);
981 if (imm == NULL) {
982 nd6log((LOG_WARNING, "%s: addmulti failed for %s on %s "
983 "(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
984 &mltaddr.sin6_addr), if_name(ifp), error));
985 goto cleanup;
986 }
987 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
988#undef MLTMASK_LEN
989
990cleanup:
991 return (error);
992}
993
994/*
995 * Update parameters of an IPv6 interface address.
996 * If necessary, a new entry is created and linked into address chains.
997 * This function is separated from in6_control().
|
998 * XXX: should this be performed under splnet()?
| |
999 */
1000int
1001in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra,
1002 struct in6_ifaddr *ia, int flags)
1003{
1004 int error = 0, hostIsNew = 0, plen = -1;
1005 struct sockaddr_in6 dst6;
1006 struct in6_addrlifetime *lt;
1007 struct in6_multi *in6m_sol;
1008 int delay;
1009 char ip6buf[INET6_ADDRSTRLEN];
1010
1011 /* Validate parameters */
1012 if (ifp == NULL || ifra == NULL) /* this maybe redundant */
1013 return (EINVAL);
1014
1015 /*
1016 * The destination address for a p2p link must have a family
1017 * of AF_UNSPEC or AF_INET6.
1018 */
1019 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 &&
1020 ifra->ifra_dstaddr.sin6_family != AF_INET6 &&
1021 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC)
1022 return (EAFNOSUPPORT);
1023 /*
1024 * validate ifra_prefixmask. don't check sin6_family, netmask
1025 * does not carry fields other than sin6_len.
1026 */
1027 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6))
1028 return (EINVAL);
1029 /*
1030 * Because the IPv6 address architecture is classless, we require
1031 * users to specify a (non 0) prefix length (mask) for a new address.
1032 * We also require the prefix (when specified) mask is valid, and thus
1033 * reject a non-consecutive mask.
1034 */
1035 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0)
1036 return (EINVAL);
1037 if (ifra->ifra_prefixmask.sin6_len != 0) {
1038 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
1039 (u_char *)&ifra->ifra_prefixmask +
1040 ifra->ifra_prefixmask.sin6_len);
1041 if (plen <= 0)
1042 return (EINVAL);
1043 } else {
1044 /*
1045 * In this case, ia must not be NULL. We just use its prefix
1046 * length.
1047 */
1048 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL);
1049 }
1050 /*
1051 * If the destination address on a p2p interface is specified,
1052 * and the address is a scoped one, validate/set the scope
1053 * zone identifier.
1054 */
1055 dst6 = ifra->ifra_dstaddr;
1056 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 &&
1057 (dst6.sin6_family == AF_INET6)) {
1058 struct in6_addr in6_tmp;
1059 u_int32_t zoneid;
1060
1061 in6_tmp = dst6.sin6_addr;
1062 if (in6_setscope(&in6_tmp, ifp, &zoneid))
1063 return (EINVAL); /* XXX: should be impossible */
1064
1065 if (dst6.sin6_scope_id != 0) {
1066 if (dst6.sin6_scope_id != zoneid)
1067 return (EINVAL);
1068 } else /* user omit to specify the ID. */
1069 dst6.sin6_scope_id = zoneid;
1070
1071 /* convert into the internal form */
1072 if (sa6_embedscope(&dst6, 0))
1073 return (EINVAL); /* XXX: should be impossible */
1074 }
1075 /*
1076 * The destination address can be specified only for a p2p or a
1077 * loopback interface. If specified, the corresponding prefix length
1078 * must be 128.
1079 */
1080 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) {
1081 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) {
1082 /* XXX: noisy message */
1083 nd6log((LOG_INFO, "in6_update_ifa: a destination can "
1084 "be specified for a p2p or a loopback IF only\n"));
1085 return (EINVAL);
1086 }
1087 if (plen != 128) {
1088 nd6log((LOG_INFO, "in6_update_ifa: prefixlen should "
1089 "be 128 when dstaddr is specified\n"));
1090 return (EINVAL);
1091 }
1092 }
1093 /* lifetime consistency check */
1094 lt = &ifra->ifra_lifetime;
1095 if (lt->ia6t_pltime > lt->ia6t_vltime)
1096 return (EINVAL);
1097 if (lt->ia6t_vltime == 0) {
1098 /*
1099 * the following log might be noisy, but this is a typical
1100 * configuration mistake or a tool's bug.
1101 */
1102 nd6log((LOG_INFO,
1103 "in6_update_ifa: valid lifetime is 0 for %s\n",
1104 ip6_sprintf(ip6buf, &ifra->ifra_addr.sin6_addr)));
1105
1106 if (ia == NULL)
1107 return (0); /* there's nothing to do */
1108 }
1109
1110 /*
1111 * If this is a new address, allocate a new ifaddr and link it
1112 * into chains.
1113 */
1114 if (ia == NULL) {
1115 hostIsNew = 1;
1116 /*
1117 * When in6_update_ifa() is called in a process of a received
1118 * RA, it is called under an interrupt context. So, we should
1119 * call malloc with M_NOWAIT.
1120 */
1121 ia = (struct in6_ifaddr *) malloc(sizeof(*ia), M_IFADDR,
1122 M_NOWAIT);
1123 if (ia == NULL)
1124 return (ENOBUFS);
1125 bzero((caddr_t)ia, sizeof(*ia));
1126 ifa_init(&ia->ia_ifa);
1127 LIST_INIT(&ia->ia6_memberships);
1128 /* Initialize the address and masks, and put time stamp */
1129 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr;
1130 ia->ia_addr.sin6_family = AF_INET6;
1131 ia->ia_addr.sin6_len = sizeof(ia->ia_addr);
1132 ia->ia6_createtime = time_second;
1133 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) {
1134 /*
1135 * XXX: some functions expect that ifa_dstaddr is not
1136 * NULL for p2p interfaces.
1137 */
1138 ia->ia_ifa.ifa_dstaddr =
1139 (struct sockaddr *)&ia->ia_dstaddr;
1140 } else {
1141 ia->ia_ifa.ifa_dstaddr = NULL;
1142 }
1143 ia->ia_ifa.ifa_netmask = (struct sockaddr *)&ia->ia_prefixmask;
1144 ia->ia_ifp = ifp;
1145 ifa_ref(&ia->ia_ifa); /* if_addrhead */
1146 IF_ADDR_WLOCK(ifp);
1147 TAILQ_INSERT_TAIL(&ifp->if_addrhead, &ia->ia_ifa, ifa_link);
1148 IF_ADDR_WUNLOCK(ifp);
1149
1150 ifa_ref(&ia->ia_ifa); /* in6_ifaddrhead */
1151 IN6_IFADDR_WLOCK();
1152 TAILQ_INSERT_TAIL(&V_in6_ifaddrhead, ia, ia_link);
1153 IN6_IFADDR_WUNLOCK();
1154 }
1155
1156 /* update timestamp */
1157 ia->ia6_updatetime = time_second;
1158
1159 /* set prefix mask */
1160 if (ifra->ifra_prefixmask.sin6_len) {
1161 /*
1162 * We prohibit changing the prefix length of an existing
1163 * address, because
1164 * + such an operation should be rare in IPv6, and
1165 * + the operation would confuse prefix management.
1166 */
1167 if (ia->ia_prefixmask.sin6_len &&
1168 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) {
1169 nd6log((LOG_INFO, "in6_update_ifa: the prefix length of an"
1170 " existing (%s) address should not be changed\n",
1171 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
1172 error = EINVAL;
1173 goto unlink;
1174 }
1175 ia->ia_prefixmask = ifra->ifra_prefixmask;
1176 }
1177
1178 /*
1179 * If a new destination address is specified, scrub the old one and
1180 * install the new destination. Note that the interface must be
1181 * p2p or loopback (see the check above.)
1182 */
1183 if (dst6.sin6_family == AF_INET6 &&
1184 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, &ia->ia_dstaddr.sin6_addr)) {
1185 int e;
1186
1187 if ((ia->ia_flags & IFA_ROUTE) != 0 &&
1188 (e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) != 0) {
1189 nd6log((LOG_ERR, "in6_update_ifa: failed to remove "
1190 "a route to the old destination: %s\n",
1191 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
1192 /* proceed anyway... */
1193 } else
1194 ia->ia_flags &= ~IFA_ROUTE;
1195 ia->ia_dstaddr = dst6;
1196 }
1197
1198 /*
1199 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred
1200 * to see if the address is deprecated or invalidated, but initialize
1201 * these members for applications.
1202 */
1203 ia->ia6_lifetime = ifra->ifra_lifetime;
1204 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
1205 ia->ia6_lifetime.ia6t_expire =
1206 time_second + ia->ia6_lifetime.ia6t_vltime;
1207 } else
1208 ia->ia6_lifetime.ia6t_expire = 0;
1209 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
1210 ia->ia6_lifetime.ia6t_preferred =
1211 time_second + ia->ia6_lifetime.ia6t_pltime;
1212 } else
1213 ia->ia6_lifetime.ia6t_preferred = 0;
1214
1215 /* reset the interface and routing table appropriately. */
1216 if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0)
1217 goto unlink;
1218
1219 /*
1220 * configure address flags.
1221 */
1222 ia->ia6_flags = ifra->ifra_flags;
1223 /*
1224 * backward compatibility - if IN6_IFF_DEPRECATED is set from the
1225 * userland, make it deprecated.
1226 */
1227 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) {
1228 ia->ia6_lifetime.ia6t_pltime = 0;
1229 ia->ia6_lifetime.ia6t_preferred = time_second;
1230 }
1231 /*
1232 * Make the address tentative before joining multicast addresses,
1233 * so that corresponding MLD responses would not have a tentative
1234 * source address.
1235 */
1236 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */
1237 if (hostIsNew && in6if_do_dad(ifp))
1238 ia->ia6_flags |= IN6_IFF_TENTATIVE;
1239
1240 /* DAD should be performed after ND6_IFF_IFDISABLED is cleared. */
1241 if (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED)
1242 ia->ia6_flags |= IN6_IFF_TENTATIVE;
1243
1244 /*
1245 * We are done if we have simply modified an existing address.
1246 */
1247 if (!hostIsNew)
1248 return (error);
1249
1250 /*
1251 * Beyond this point, we should call in6_purgeaddr upon an error,
1252 * not just go to unlink.
1253 */
1254
1255 /* Join necessary multicast groups. */
1256 in6m_sol = NULL;
1257 if ((ifp->if_flags & IFF_MULTICAST) != 0) {
1258 error = in6_update_ifa_join_mc(ifp, ifra, ia, flags, &in6m_sol);
1259 if (error)
1260 goto cleanup;
1261 }
1262
1263 /*
1264 * Perform DAD, if needed.
1265 * XXX It may be of use, if we can administratively disable DAD.
1266 */
1267 if (in6if_do_dad(ifp) && ((ifra->ifra_flags & IN6_IFF_NODAD) == 0) &&
1268 (ia->ia6_flags & IN6_IFF_TENTATIVE))
1269 {
1270 int mindelay, maxdelay;
1271
1272 delay = 0;
1273 if ((flags & IN6_IFAUPDATE_DADDELAY)) {
1274 /*
1275 * We need to impose a delay before sending an NS
1276 * for DAD. Check if we also needed a delay for the
1277 * corresponding MLD message. If we did, the delay
1278 * should be larger than the MLD delay (this could be
1279 * relaxed a bit, but this simple logic is at least
1280 * safe).
1281 * XXX: Break data hiding guidelines and look at
1282 * state for the solicited multicast group.
1283 */
1284 mindelay = 0;
1285 if (in6m_sol != NULL &&
1286 in6m_sol->in6m_state == MLD_REPORTING_MEMBER) {
1287 mindelay = in6m_sol->in6m_timer;
1288 }
1289 maxdelay = MAX_RTR_SOLICITATION_DELAY * hz;
1290 if (maxdelay - mindelay == 0)
1291 delay = 0;
1292 else {
1293 delay =
1294 (arc4random() % (maxdelay - mindelay)) +
1295 mindelay;
1296 }
1297 }
1298 nd6_dad_start((struct ifaddr *)ia, delay);
1299 }
1300
1301 KASSERT(hostIsNew, ("in6_update_ifa: !hostIsNew"));
1302 ifa_free(&ia->ia_ifa);
1303 return (error);
1304
1305 unlink:
1306 /*
1307 * XXX: if a change of an existing address failed, keep the entry
1308 * anyway.
1309 */
1310 if (hostIsNew) {
1311 in6_unlink_ifa(ia, ifp);
1312 ifa_free(&ia->ia_ifa);
1313 }
1314 return (error);
1315
1316 cleanup:
1317 KASSERT(hostIsNew, ("in6_update_ifa: cleanup: !hostIsNew"));
1318 ifa_free(&ia->ia_ifa);
1319 in6_purgeaddr(&ia->ia_ifa);
1320 return error;
1321}
1322
1323/*
1324 * Leave multicast groups. Factored out from in6_purgeaddr().
1325 * This entire work should only be done once, for the default FIB.
1326 */
1327static int
1328in6_purgeaddr_mc(struct ifnet *ifp, struct in6_ifaddr *ia, struct ifaddr *ifa0)
1329{
1330 struct sockaddr_in6 mltaddr, mltmask;
1331 struct in6_multi_mship *imm;
1332 struct rtentry *rt;
1333 struct sockaddr_in6 sin6;
1334 int error;
1335
1336 /*
1337 * Leave from multicast groups we have joined for the interface.
1338 */
1339 while ((imm = LIST_FIRST(&ia->ia6_memberships)) != NULL) {
1340 LIST_REMOVE(imm, i6mm_chain);
1341 in6_leavegroup(imm);
1342 }
1343
1344 /*
1345 * Remove the link-local all-nodes address.
1346 */
1347 bzero(&mltmask, sizeof(mltmask));
1348 mltmask.sin6_len = sizeof(struct sockaddr_in6);
1349 mltmask.sin6_family = AF_INET6;
1350 mltmask.sin6_addr = in6mask32;
1351
1352 bzero(&mltaddr, sizeof(mltaddr));
1353 mltaddr.sin6_len = sizeof(struct sockaddr_in6);
1354 mltaddr.sin6_family = AF_INET6;
1355 mltaddr.sin6_addr = in6addr_linklocal_allnodes;
1356
1357 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0)
1358 return (error);
1359
1360 /*
1361 * As for the mltaddr above, proactively prepare the sin6 to avoid
1362 * rtentry un- and re-locking.
1363 */
1364 if (ifa0 != NULL) {
1365 bzero(&sin6, sizeof(sin6));
1366 sin6.sin6_len = sizeof(sin6);
1367 sin6.sin6_family = AF_INET6;
1368 memcpy(&sin6.sin6_addr, &satosin6(ifa0->ifa_addr)->sin6_addr,
1369 sizeof(sin6.sin6_addr));
1370 error = in6_setscope(&sin6.sin6_addr, ifa0->ifa_ifp, NULL);
1371 if (error != 0)
1372 return (error);
1373 }
1374
1375 rt = in6_rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL, RT_DEFAULT_FIB);
1376 if (rt != NULL && rt->rt_gateway != NULL &&
1377 (memcmp(&satosin6(rt->rt_gateway)->sin6_addr,
1378 &ia->ia_addr.sin6_addr,
1379 sizeof(ia->ia_addr.sin6_addr)) == 0)) {
1380 /*
1381 * If no more IPv6 address exists on this interface then
1382 * remove the multicast address route.
1383 */
1384 if (ifa0 == NULL) {
1385 memcpy(&mltaddr.sin6_addr,
1386 &satosin6(rt_key(rt))->sin6_addr,
1387 sizeof(mltaddr.sin6_addr));
1388 RTFREE_LOCKED(rt);
1389 error = in6_rtrequest(RTM_DELETE,
1390 (struct sockaddr *)&mltaddr,
1391 (struct sockaddr *)&ia->ia_addr,
1392 (struct sockaddr *)&mltmask, RTF_UP,
1393 (struct rtentry **)0, RT_DEFAULT_FIB);
1394 if (error)
1395 log(LOG_INFO, "%s: link-local all-nodes "
1396 "multicast address deletion error\n",
1397 __func__);
1398 } else {
1399 /*
1400 * Replace the gateway of the route.
1401 */
1402 memcpy(rt->rt_gateway, &sin6, sizeof(sin6));
1403 RTFREE_LOCKED(rt);
1404 }
1405 } else {
1406 if (rt != NULL)
1407 RTFREE_LOCKED(rt);
1408 }
1409
1410 /*
1411 * Remove the node-local all-nodes address.
1412 */
1413 mltaddr.sin6_addr = in6addr_nodelocal_allnodes;
1414 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0)
1415 return (error);
1416
1417 rt = in6_rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL, RT_DEFAULT_FIB);
1418 if (rt != NULL && rt->rt_gateway != NULL &&
1419 (memcmp(&satosin6(rt->rt_gateway)->sin6_addr,
1420 &ia->ia_addr.sin6_addr,
1421 sizeof(ia->ia_addr.sin6_addr)) == 0)) {
1422 /*
1423 * If no more IPv6 address exists on this interface then
1424 * remove the multicast address route.
1425 */
1426 if (ifa0 == NULL) {
1427 memcpy(&mltaddr.sin6_addr,
1428 &satosin6(rt_key(rt))->sin6_addr,
1429 sizeof(mltaddr.sin6_addr));
1430
1431 RTFREE_LOCKED(rt);
1432 error = in6_rtrequest(RTM_DELETE,
1433 (struct sockaddr *)&mltaddr,
1434 (struct sockaddr *)&ia->ia_addr,
1435 (struct sockaddr *)&mltmask, RTF_UP,
1436 (struct rtentry **)0, RT_DEFAULT_FIB);
1437 if (error)
1438 log(LOG_INFO, "%s: node-local all-nodes"
1439 "multicast address deletion error\n",
1440 __func__);
1441 } else {
1442 /*
1443 * Replace the gateway of the route.
1444 */
1445 memcpy(rt->rt_gateway, &sin6, sizeof(sin6));
1446 RTFREE_LOCKED(rt);
1447 }
1448 } else {
1449 if (rt != NULL)
1450 RTFREE_LOCKED(rt);
1451 }
1452
1453 return (0);
1454}
1455
1456void
1457in6_purgeaddr(struct ifaddr *ifa)
1458{
1459 struct ifnet *ifp = ifa->ifa_ifp;
1460 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa;
1461 int plen, error;
1462 struct ifaddr *ifa0;
1463
1464 if (ifa->ifa_carp)
1465 (*carp_detach_p)(ifa);
1466
1467 /*
1468 * find another IPv6 address as the gateway for the
1469 * link-local and node-local all-nodes multicast
1470 * address routes
1471 */
1472 IF_ADDR_RLOCK(ifp);
1473 TAILQ_FOREACH(ifa0, &ifp->if_addrhead, ifa_link) {
1474 if ((ifa0->ifa_addr->sa_family != AF_INET6) ||
1475 memcmp(&satosin6(ifa0->ifa_addr)->sin6_addr,
1476 &ia->ia_addr.sin6_addr, sizeof(struct in6_addr)) == 0)
1477 continue;
1478 else
1479 break;
1480 }
1481 if (ifa0 != NULL)
1482 ifa_ref(ifa0);
1483 IF_ADDR_RUNLOCK(ifp);
1484
1485 /*
1486 * Remove the loopback route to the interface address.
1487 * The check for the current setting of "nd6_useloopback"
1488 * is not needed.
1489 */
1490 if (ia->ia_flags & IFA_RTSELF) {
1491 error = ifa_del_loopback_route((struct ifaddr *)ia,
1492 (struct sockaddr *)&ia->ia_addr);
1493 if (error == 0)
1494 ia->ia_flags &= ~IFA_RTSELF;
1495 }
1496
1497 /* stop DAD processing */
1498 nd6_dad_stop(ifa);
1499
1500 /* Remove local address entry from lltable. */
1501 in6_ifremloop(ifa);
1502
1503 /* Leave multicast groups. */
1504 error = in6_purgeaddr_mc(ifp, ia, ifa0);
1505
1506 if (ifa0 != NULL)
1507 ifa_free(ifa0);
1508
1509 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */
1510 if ((ia->ia_flags & IFA_ROUTE) && plen == 128) {
1511 error = rtinit(&(ia->ia_ifa), RTM_DELETE, ia->ia_flags |
1512 (ia->ia_dstaddr.sin6_family == AF_INET6) ? RTF_HOST : 0);
1513 if (error != 0)
1514 log(LOG_INFO, "%s: err=%d, destination address delete "
1515 "failed\n", __func__, error);
1516 ia->ia_flags &= ~IFA_ROUTE;
1517 }
1518
1519 in6_unlink_ifa(ia, ifp);
1520}
1521
1522static void
1523in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp)
1524{
| 998 */
999int
1000in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra,
1001 struct in6_ifaddr *ia, int flags)
1002{
1003 int error = 0, hostIsNew = 0, plen = -1;
1004 struct sockaddr_in6 dst6;
1005 struct in6_addrlifetime *lt;
1006 struct in6_multi *in6m_sol;
1007 int delay;
1008 char ip6buf[INET6_ADDRSTRLEN];
1009
1010 /* Validate parameters */
1011 if (ifp == NULL || ifra == NULL) /* this maybe redundant */
1012 return (EINVAL);
1013
1014 /*
1015 * The destination address for a p2p link must have a family
1016 * of AF_UNSPEC or AF_INET6.
1017 */
1018 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 &&
1019 ifra->ifra_dstaddr.sin6_family != AF_INET6 &&
1020 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC)
1021 return (EAFNOSUPPORT);
1022 /*
1023 * validate ifra_prefixmask. don't check sin6_family, netmask
1024 * does not carry fields other than sin6_len.
1025 */
1026 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6))
1027 return (EINVAL);
1028 /*
1029 * Because the IPv6 address architecture is classless, we require
1030 * users to specify a (non 0) prefix length (mask) for a new address.
1031 * We also require the prefix (when specified) mask is valid, and thus
1032 * reject a non-consecutive mask.
1033 */
1034 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0)
1035 return (EINVAL);
1036 if (ifra->ifra_prefixmask.sin6_len != 0) {
1037 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
1038 (u_char *)&ifra->ifra_prefixmask +
1039 ifra->ifra_prefixmask.sin6_len);
1040 if (plen <= 0)
1041 return (EINVAL);
1042 } else {
1043 /*
1044 * In this case, ia must not be NULL. We just use its prefix
1045 * length.
1046 */
1047 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL);
1048 }
1049 /*
1050 * If the destination address on a p2p interface is specified,
1051 * and the address is a scoped one, validate/set the scope
1052 * zone identifier.
1053 */
1054 dst6 = ifra->ifra_dstaddr;
1055 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 &&
1056 (dst6.sin6_family == AF_INET6)) {
1057 struct in6_addr in6_tmp;
1058 u_int32_t zoneid;
1059
1060 in6_tmp = dst6.sin6_addr;
1061 if (in6_setscope(&in6_tmp, ifp, &zoneid))
1062 return (EINVAL); /* XXX: should be impossible */
1063
1064 if (dst6.sin6_scope_id != 0) {
1065 if (dst6.sin6_scope_id != zoneid)
1066 return (EINVAL);
1067 } else /* user omit to specify the ID. */
1068 dst6.sin6_scope_id = zoneid;
1069
1070 /* convert into the internal form */
1071 if (sa6_embedscope(&dst6, 0))
1072 return (EINVAL); /* XXX: should be impossible */
1073 }
1074 /*
1075 * The destination address can be specified only for a p2p or a
1076 * loopback interface. If specified, the corresponding prefix length
1077 * must be 128.
1078 */
1079 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) {
1080 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) {
1081 /* XXX: noisy message */
1082 nd6log((LOG_INFO, "in6_update_ifa: a destination can "
1083 "be specified for a p2p or a loopback IF only\n"));
1084 return (EINVAL);
1085 }
1086 if (plen != 128) {
1087 nd6log((LOG_INFO, "in6_update_ifa: prefixlen should "
1088 "be 128 when dstaddr is specified\n"));
1089 return (EINVAL);
1090 }
1091 }
1092 /* lifetime consistency check */
1093 lt = &ifra->ifra_lifetime;
1094 if (lt->ia6t_pltime > lt->ia6t_vltime)
1095 return (EINVAL);
1096 if (lt->ia6t_vltime == 0) {
1097 /*
1098 * the following log might be noisy, but this is a typical
1099 * configuration mistake or a tool's bug.
1100 */
1101 nd6log((LOG_INFO,
1102 "in6_update_ifa: valid lifetime is 0 for %s\n",
1103 ip6_sprintf(ip6buf, &ifra->ifra_addr.sin6_addr)));
1104
1105 if (ia == NULL)
1106 return (0); /* there's nothing to do */
1107 }
1108
1109 /*
1110 * If this is a new address, allocate a new ifaddr and link it
1111 * into chains.
1112 */
1113 if (ia == NULL) {
1114 hostIsNew = 1;
1115 /*
1116 * When in6_update_ifa() is called in a process of a received
1117 * RA, it is called under an interrupt context. So, we should
1118 * call malloc with M_NOWAIT.
1119 */
1120 ia = (struct in6_ifaddr *) malloc(sizeof(*ia), M_IFADDR,
1121 M_NOWAIT);
1122 if (ia == NULL)
1123 return (ENOBUFS);
1124 bzero((caddr_t)ia, sizeof(*ia));
1125 ifa_init(&ia->ia_ifa);
1126 LIST_INIT(&ia->ia6_memberships);
1127 /* Initialize the address and masks, and put time stamp */
1128 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr;
1129 ia->ia_addr.sin6_family = AF_INET6;
1130 ia->ia_addr.sin6_len = sizeof(ia->ia_addr);
1131 ia->ia6_createtime = time_second;
1132 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) {
1133 /*
1134 * XXX: some functions expect that ifa_dstaddr is not
1135 * NULL for p2p interfaces.
1136 */
1137 ia->ia_ifa.ifa_dstaddr =
1138 (struct sockaddr *)&ia->ia_dstaddr;
1139 } else {
1140 ia->ia_ifa.ifa_dstaddr = NULL;
1141 }
1142 ia->ia_ifa.ifa_netmask = (struct sockaddr *)&ia->ia_prefixmask;
1143 ia->ia_ifp = ifp;
1144 ifa_ref(&ia->ia_ifa); /* if_addrhead */
1145 IF_ADDR_WLOCK(ifp);
1146 TAILQ_INSERT_TAIL(&ifp->if_addrhead, &ia->ia_ifa, ifa_link);
1147 IF_ADDR_WUNLOCK(ifp);
1148
1149 ifa_ref(&ia->ia_ifa); /* in6_ifaddrhead */
1150 IN6_IFADDR_WLOCK();
1151 TAILQ_INSERT_TAIL(&V_in6_ifaddrhead, ia, ia_link);
1152 IN6_IFADDR_WUNLOCK();
1153 }
1154
1155 /* update timestamp */
1156 ia->ia6_updatetime = time_second;
1157
1158 /* set prefix mask */
1159 if (ifra->ifra_prefixmask.sin6_len) {
1160 /*
1161 * We prohibit changing the prefix length of an existing
1162 * address, because
1163 * + such an operation should be rare in IPv6, and
1164 * + the operation would confuse prefix management.
1165 */
1166 if (ia->ia_prefixmask.sin6_len &&
1167 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) {
1168 nd6log((LOG_INFO, "in6_update_ifa: the prefix length of an"
1169 " existing (%s) address should not be changed\n",
1170 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
1171 error = EINVAL;
1172 goto unlink;
1173 }
1174 ia->ia_prefixmask = ifra->ifra_prefixmask;
1175 }
1176
1177 /*
1178 * If a new destination address is specified, scrub the old one and
1179 * install the new destination. Note that the interface must be
1180 * p2p or loopback (see the check above.)
1181 */
1182 if (dst6.sin6_family == AF_INET6 &&
1183 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, &ia->ia_dstaddr.sin6_addr)) {
1184 int e;
1185
1186 if ((ia->ia_flags & IFA_ROUTE) != 0 &&
1187 (e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) != 0) {
1188 nd6log((LOG_ERR, "in6_update_ifa: failed to remove "
1189 "a route to the old destination: %s\n",
1190 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
1191 /* proceed anyway... */
1192 } else
1193 ia->ia_flags &= ~IFA_ROUTE;
1194 ia->ia_dstaddr = dst6;
1195 }
1196
1197 /*
1198 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred
1199 * to see if the address is deprecated or invalidated, but initialize
1200 * these members for applications.
1201 */
1202 ia->ia6_lifetime = ifra->ifra_lifetime;
1203 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
1204 ia->ia6_lifetime.ia6t_expire =
1205 time_second + ia->ia6_lifetime.ia6t_vltime;
1206 } else
1207 ia->ia6_lifetime.ia6t_expire = 0;
1208 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
1209 ia->ia6_lifetime.ia6t_preferred =
1210 time_second + ia->ia6_lifetime.ia6t_pltime;
1211 } else
1212 ia->ia6_lifetime.ia6t_preferred = 0;
1213
1214 /* reset the interface and routing table appropriately. */
1215 if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0)
1216 goto unlink;
1217
1218 /*
1219 * configure address flags.
1220 */
1221 ia->ia6_flags = ifra->ifra_flags;
1222 /*
1223 * backward compatibility - if IN6_IFF_DEPRECATED is set from the
1224 * userland, make it deprecated.
1225 */
1226 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) {
1227 ia->ia6_lifetime.ia6t_pltime = 0;
1228 ia->ia6_lifetime.ia6t_preferred = time_second;
1229 }
1230 /*
1231 * Make the address tentative before joining multicast addresses,
1232 * so that corresponding MLD responses would not have a tentative
1233 * source address.
1234 */
1235 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */
1236 if (hostIsNew && in6if_do_dad(ifp))
1237 ia->ia6_flags |= IN6_IFF_TENTATIVE;
1238
1239 /* DAD should be performed after ND6_IFF_IFDISABLED is cleared. */
1240 if (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED)
1241 ia->ia6_flags |= IN6_IFF_TENTATIVE;
1242
1243 /*
1244 * We are done if we have simply modified an existing address.
1245 */
1246 if (!hostIsNew)
1247 return (error);
1248
1249 /*
1250 * Beyond this point, we should call in6_purgeaddr upon an error,
1251 * not just go to unlink.
1252 */
1253
1254 /* Join necessary multicast groups. */
1255 in6m_sol = NULL;
1256 if ((ifp->if_flags & IFF_MULTICAST) != 0) {
1257 error = in6_update_ifa_join_mc(ifp, ifra, ia, flags, &in6m_sol);
1258 if (error)
1259 goto cleanup;
1260 }
1261
1262 /*
1263 * Perform DAD, if needed.
1264 * XXX It may be of use, if we can administratively disable DAD.
1265 */
1266 if (in6if_do_dad(ifp) && ((ifra->ifra_flags & IN6_IFF_NODAD) == 0) &&
1267 (ia->ia6_flags & IN6_IFF_TENTATIVE))
1268 {
1269 int mindelay, maxdelay;
1270
1271 delay = 0;
1272 if ((flags & IN6_IFAUPDATE_DADDELAY)) {
1273 /*
1274 * We need to impose a delay before sending an NS
1275 * for DAD. Check if we also needed a delay for the
1276 * corresponding MLD message. If we did, the delay
1277 * should be larger than the MLD delay (this could be
1278 * relaxed a bit, but this simple logic is at least
1279 * safe).
1280 * XXX: Break data hiding guidelines and look at
1281 * state for the solicited multicast group.
1282 */
1283 mindelay = 0;
1284 if (in6m_sol != NULL &&
1285 in6m_sol->in6m_state == MLD_REPORTING_MEMBER) {
1286 mindelay = in6m_sol->in6m_timer;
1287 }
1288 maxdelay = MAX_RTR_SOLICITATION_DELAY * hz;
1289 if (maxdelay - mindelay == 0)
1290 delay = 0;
1291 else {
1292 delay =
1293 (arc4random() % (maxdelay - mindelay)) +
1294 mindelay;
1295 }
1296 }
1297 nd6_dad_start((struct ifaddr *)ia, delay);
1298 }
1299
1300 KASSERT(hostIsNew, ("in6_update_ifa: !hostIsNew"));
1301 ifa_free(&ia->ia_ifa);
1302 return (error);
1303
1304 unlink:
1305 /*
1306 * XXX: if a change of an existing address failed, keep the entry
1307 * anyway.
1308 */
1309 if (hostIsNew) {
1310 in6_unlink_ifa(ia, ifp);
1311 ifa_free(&ia->ia_ifa);
1312 }
1313 return (error);
1314
1315 cleanup:
1316 KASSERT(hostIsNew, ("in6_update_ifa: cleanup: !hostIsNew"));
1317 ifa_free(&ia->ia_ifa);
1318 in6_purgeaddr(&ia->ia_ifa);
1319 return error;
1320}
1321
1322/*
1323 * Leave multicast groups. Factored out from in6_purgeaddr().
1324 * This entire work should only be done once, for the default FIB.
1325 */
1326static int
1327in6_purgeaddr_mc(struct ifnet *ifp, struct in6_ifaddr *ia, struct ifaddr *ifa0)
1328{
1329 struct sockaddr_in6 mltaddr, mltmask;
1330 struct in6_multi_mship *imm;
1331 struct rtentry *rt;
1332 struct sockaddr_in6 sin6;
1333 int error;
1334
1335 /*
1336 * Leave from multicast groups we have joined for the interface.
1337 */
1338 while ((imm = LIST_FIRST(&ia->ia6_memberships)) != NULL) {
1339 LIST_REMOVE(imm, i6mm_chain);
1340 in6_leavegroup(imm);
1341 }
1342
1343 /*
1344 * Remove the link-local all-nodes address.
1345 */
1346 bzero(&mltmask, sizeof(mltmask));
1347 mltmask.sin6_len = sizeof(struct sockaddr_in6);
1348 mltmask.sin6_family = AF_INET6;
1349 mltmask.sin6_addr = in6mask32;
1350
1351 bzero(&mltaddr, sizeof(mltaddr));
1352 mltaddr.sin6_len = sizeof(struct sockaddr_in6);
1353 mltaddr.sin6_family = AF_INET6;
1354 mltaddr.sin6_addr = in6addr_linklocal_allnodes;
1355
1356 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0)
1357 return (error);
1358
1359 /*
1360 * As for the mltaddr above, proactively prepare the sin6 to avoid
1361 * rtentry un- and re-locking.
1362 */
1363 if (ifa0 != NULL) {
1364 bzero(&sin6, sizeof(sin6));
1365 sin6.sin6_len = sizeof(sin6);
1366 sin6.sin6_family = AF_INET6;
1367 memcpy(&sin6.sin6_addr, &satosin6(ifa0->ifa_addr)->sin6_addr,
1368 sizeof(sin6.sin6_addr));
1369 error = in6_setscope(&sin6.sin6_addr, ifa0->ifa_ifp, NULL);
1370 if (error != 0)
1371 return (error);
1372 }
1373
1374 rt = in6_rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL, RT_DEFAULT_FIB);
1375 if (rt != NULL && rt->rt_gateway != NULL &&
1376 (memcmp(&satosin6(rt->rt_gateway)->sin6_addr,
1377 &ia->ia_addr.sin6_addr,
1378 sizeof(ia->ia_addr.sin6_addr)) == 0)) {
1379 /*
1380 * If no more IPv6 address exists on this interface then
1381 * remove the multicast address route.
1382 */
1383 if (ifa0 == NULL) {
1384 memcpy(&mltaddr.sin6_addr,
1385 &satosin6(rt_key(rt))->sin6_addr,
1386 sizeof(mltaddr.sin6_addr));
1387 RTFREE_LOCKED(rt);
1388 error = in6_rtrequest(RTM_DELETE,
1389 (struct sockaddr *)&mltaddr,
1390 (struct sockaddr *)&ia->ia_addr,
1391 (struct sockaddr *)&mltmask, RTF_UP,
1392 (struct rtentry **)0, RT_DEFAULT_FIB);
1393 if (error)
1394 log(LOG_INFO, "%s: link-local all-nodes "
1395 "multicast address deletion error\n",
1396 __func__);
1397 } else {
1398 /*
1399 * Replace the gateway of the route.
1400 */
1401 memcpy(rt->rt_gateway, &sin6, sizeof(sin6));
1402 RTFREE_LOCKED(rt);
1403 }
1404 } else {
1405 if (rt != NULL)
1406 RTFREE_LOCKED(rt);
1407 }
1408
1409 /*
1410 * Remove the node-local all-nodes address.
1411 */
1412 mltaddr.sin6_addr = in6addr_nodelocal_allnodes;
1413 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0)
1414 return (error);
1415
1416 rt = in6_rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL, RT_DEFAULT_FIB);
1417 if (rt != NULL && rt->rt_gateway != NULL &&
1418 (memcmp(&satosin6(rt->rt_gateway)->sin6_addr,
1419 &ia->ia_addr.sin6_addr,
1420 sizeof(ia->ia_addr.sin6_addr)) == 0)) {
1421 /*
1422 * If no more IPv6 address exists on this interface then
1423 * remove the multicast address route.
1424 */
1425 if (ifa0 == NULL) {
1426 memcpy(&mltaddr.sin6_addr,
1427 &satosin6(rt_key(rt))->sin6_addr,
1428 sizeof(mltaddr.sin6_addr));
1429
1430 RTFREE_LOCKED(rt);
1431 error = in6_rtrequest(RTM_DELETE,
1432 (struct sockaddr *)&mltaddr,
1433 (struct sockaddr *)&ia->ia_addr,
1434 (struct sockaddr *)&mltmask, RTF_UP,
1435 (struct rtentry **)0, RT_DEFAULT_FIB);
1436 if (error)
1437 log(LOG_INFO, "%s: node-local all-nodes"
1438 "multicast address deletion error\n",
1439 __func__);
1440 } else {
1441 /*
1442 * Replace the gateway of the route.
1443 */
1444 memcpy(rt->rt_gateway, &sin6, sizeof(sin6));
1445 RTFREE_LOCKED(rt);
1446 }
1447 } else {
1448 if (rt != NULL)
1449 RTFREE_LOCKED(rt);
1450 }
1451
1452 return (0);
1453}
1454
1455void
1456in6_purgeaddr(struct ifaddr *ifa)
1457{
1458 struct ifnet *ifp = ifa->ifa_ifp;
1459 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa;
1460 int plen, error;
1461 struct ifaddr *ifa0;
1462
1463 if (ifa->ifa_carp)
1464 (*carp_detach_p)(ifa);
1465
1466 /*
1467 * find another IPv6 address as the gateway for the
1468 * link-local and node-local all-nodes multicast
1469 * address routes
1470 */
1471 IF_ADDR_RLOCK(ifp);
1472 TAILQ_FOREACH(ifa0, &ifp->if_addrhead, ifa_link) {
1473 if ((ifa0->ifa_addr->sa_family != AF_INET6) ||
1474 memcmp(&satosin6(ifa0->ifa_addr)->sin6_addr,
1475 &ia->ia_addr.sin6_addr, sizeof(struct in6_addr)) == 0)
1476 continue;
1477 else
1478 break;
1479 }
1480 if (ifa0 != NULL)
1481 ifa_ref(ifa0);
1482 IF_ADDR_RUNLOCK(ifp);
1483
1484 /*
1485 * Remove the loopback route to the interface address.
1486 * The check for the current setting of "nd6_useloopback"
1487 * is not needed.
1488 */
1489 if (ia->ia_flags & IFA_RTSELF) {
1490 error = ifa_del_loopback_route((struct ifaddr *)ia,
1491 (struct sockaddr *)&ia->ia_addr);
1492 if (error == 0)
1493 ia->ia_flags &= ~IFA_RTSELF;
1494 }
1495
1496 /* stop DAD processing */
1497 nd6_dad_stop(ifa);
1498
1499 /* Remove local address entry from lltable. */
1500 in6_ifremloop(ifa);
1501
1502 /* Leave multicast groups. */
1503 error = in6_purgeaddr_mc(ifp, ia, ifa0);
1504
1505 if (ifa0 != NULL)
1506 ifa_free(ifa0);
1507
1508 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */
1509 if ((ia->ia_flags & IFA_ROUTE) && plen == 128) {
1510 error = rtinit(&(ia->ia_ifa), RTM_DELETE, ia->ia_flags |
1511 (ia->ia_dstaddr.sin6_family == AF_INET6) ? RTF_HOST : 0);
1512 if (error != 0)
1513 log(LOG_INFO, "%s: err=%d, destination address delete "
1514 "failed\n", __func__, error);
1515 ia->ia_flags &= ~IFA_ROUTE;
1516 }
1517
1518 in6_unlink_ifa(ia, ifp);
1519}
1520
1521static void
1522in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp)
1523{
|
1525 int s = splnet();
| |
1526
1527 IF_ADDR_WLOCK(ifp);
1528 TAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifa_link);
1529 IF_ADDR_WUNLOCK(ifp);
1530 ifa_free(&ia->ia_ifa); /* if_addrhead */
1531
1532 /*
1533 * Defer the release of what might be the last reference to the
1534 * in6_ifaddr so that it can't be freed before the remainder of the
1535 * cleanup.
1536 */
1537 IN6_IFADDR_WLOCK();
1538 TAILQ_REMOVE(&V_in6_ifaddrhead, ia, ia_link);
1539 IN6_IFADDR_WUNLOCK();
1540
1541 /*
1542 * Release the reference to the base prefix. There should be a
1543 * positive reference.
1544 */
1545 if (ia->ia6_ndpr == NULL) {
1546 nd6log((LOG_NOTICE,
1547 "in6_unlink_ifa: autoconf'ed address "
1548 "%p has no prefix\n", ia));
1549 } else {
1550 ia->ia6_ndpr->ndpr_refcnt--;
1551 ia->ia6_ndpr = NULL;
1552 }
1553
1554 /*
1555 * Also, if the address being removed is autoconf'ed, call
1556 * pfxlist_onlink_check() since the release might affect the status of
1557 * other (detached) addresses.
1558 */
1559 if ((ia->ia6_flags & IN6_IFF_AUTOCONF)) {
1560 pfxlist_onlink_check();
1561 }
1562 ifa_free(&ia->ia_ifa); /* in6_ifaddrhead */
| 1524
1525 IF_ADDR_WLOCK(ifp);
1526 TAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifa_link);
1527 IF_ADDR_WUNLOCK(ifp);
1528 ifa_free(&ia->ia_ifa); /* if_addrhead */
1529
1530 /*
1531 * Defer the release of what might be the last reference to the
1532 * in6_ifaddr so that it can't be freed before the remainder of the
1533 * cleanup.
1534 */
1535 IN6_IFADDR_WLOCK();
1536 TAILQ_REMOVE(&V_in6_ifaddrhead, ia, ia_link);
1537 IN6_IFADDR_WUNLOCK();
1538
1539 /*
1540 * Release the reference to the base prefix. There should be a
1541 * positive reference.
1542 */
1543 if (ia->ia6_ndpr == NULL) {
1544 nd6log((LOG_NOTICE,
1545 "in6_unlink_ifa: autoconf'ed address "
1546 "%p has no prefix\n", ia));
1547 } else {
1548 ia->ia6_ndpr->ndpr_refcnt--;
1549 ia->ia6_ndpr = NULL;
1550 }
1551
1552 /*
1553 * Also, if the address being removed is autoconf'ed, call
1554 * pfxlist_onlink_check() since the release might affect the status of
1555 * other (detached) addresses.
1556 */
1557 if ((ia->ia6_flags & IN6_IFF_AUTOCONF)) {
1558 pfxlist_onlink_check();
1559 }
1560 ifa_free(&ia->ia_ifa); /* in6_ifaddrhead */
|
1563 splx(s);
| |
1564}
1565
1566void
1567in6_purgeif(struct ifnet *ifp)
1568{
1569 struct ifaddr *ifa, *nifa;
1570
1571 TAILQ_FOREACH_SAFE(ifa, &ifp->if_addrhead, ifa_link, nifa) {
1572 if (ifa->ifa_addr->sa_family != AF_INET6)
1573 continue;
1574 in6_purgeaddr(ifa);
1575 }
1576
1577 in6_ifdetach(ifp);
1578}
1579
1580/*
1581 * SIOC[GAD]LIFADDR.
1582 * SIOCGLIFADDR: get first address. (?)
1583 * SIOCGLIFADDR with IFLR_PREFIX:
1584 * get first address that matches the specified prefix.
1585 * SIOCALIFADDR: add the specified address.
1586 * SIOCALIFADDR with IFLR_PREFIX:
1587 * add the specified prefix, filling hostid part from
1588 * the first link-local address. prefixlen must be <= 64.
1589 * SIOCDLIFADDR: delete the specified address.
1590 * SIOCDLIFADDR with IFLR_PREFIX:
1591 * delete the first address that matches the specified prefix.
1592 * return values:
1593 * EINVAL on invalid parameters
1594 * EADDRNOTAVAIL on prefix match failed/specified address not found
1595 * other values may be returned from in6_ioctl()
1596 *
1597 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64.
1598 * this is to accomodate address naming scheme other than RFC2374,
1599 * in the future.
1600 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374
1601 * address encoding scheme. (see figure on page 8)
1602 */
1603static int
1604in6_lifaddr_ioctl(struct socket *so, u_long cmd, caddr_t data,
1605 struct ifnet *ifp, struct thread *td)
1606{
1607 struct if_laddrreq *iflr = (struct if_laddrreq *)data;
1608 struct ifaddr *ifa;
1609 struct sockaddr *sa;
1610
1611 /* sanity checks */
1612 if (!data || !ifp) {
1613 panic("invalid argument to in6_lifaddr_ioctl");
1614 /* NOTREACHED */
1615 }
1616
1617 switch (cmd) {
1618 case SIOCGLIFADDR:
1619 /* address must be specified on GET with IFLR_PREFIX */
1620 if ((iflr->flags & IFLR_PREFIX) == 0)
1621 break;
1622 /* FALLTHROUGH */
1623 case SIOCALIFADDR:
1624 case SIOCDLIFADDR:
1625 /* address must be specified on ADD and DELETE */
1626 sa = (struct sockaddr *)&iflr->addr;
1627 if (sa->sa_family != AF_INET6)
1628 return EINVAL;
1629 if (sa->sa_len != sizeof(struct sockaddr_in6))
1630 return EINVAL;
1631 /* XXX need improvement */
1632 sa = (struct sockaddr *)&iflr->dstaddr;
1633 if (sa->sa_family && sa->sa_family != AF_INET6)
1634 return EINVAL;
1635 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6))
1636 return EINVAL;
1637 break;
1638 default: /* shouldn't happen */
1639#if 0
1640 panic("invalid cmd to in6_lifaddr_ioctl");
1641 /* NOTREACHED */
1642#else
1643 return EOPNOTSUPP;
1644#endif
1645 }
1646 if (sizeof(struct in6_addr) * 8 < iflr->prefixlen)
1647 return EINVAL;
1648
1649 switch (cmd) {
1650 case SIOCALIFADDR:
1651 {
1652 struct in6_aliasreq ifra;
1653 struct in6_addr *hostid = NULL;
1654 int prefixlen;
1655
1656 ifa = NULL;
1657 if ((iflr->flags & IFLR_PREFIX) != 0) {
1658 struct sockaddr_in6 *sin6;
1659
1660 /*
1661 * hostid is to fill in the hostid part of the
1662 * address. hostid points to the first link-local
1663 * address attached to the interface.
1664 */
1665 ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 0);
1666 if (!ifa)
1667 return EADDRNOTAVAIL;
1668 hostid = IFA_IN6(ifa);
1669
1670 /* prefixlen must be <= 64. */
1671 if (64 < iflr->prefixlen) {
1672 if (ifa != NULL)
1673 ifa_free(ifa);
1674 return EINVAL;
1675 }
1676 prefixlen = iflr->prefixlen;
1677
1678 /* hostid part must be zero. */
1679 sin6 = (struct sockaddr_in6 *)&iflr->addr;
1680 if (sin6->sin6_addr.s6_addr32[2] != 0 ||
1681 sin6->sin6_addr.s6_addr32[3] != 0) {
1682 if (ifa != NULL)
1683 ifa_free(ifa);
1684 return EINVAL;
1685 }
1686 } else
1687 prefixlen = iflr->prefixlen;
1688
1689 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */
1690 bzero(&ifra, sizeof(ifra));
1691 bcopy(iflr->iflr_name, ifra.ifra_name, sizeof(ifra.ifra_name));
1692
1693 bcopy(&iflr->addr, &ifra.ifra_addr,
1694 ((struct sockaddr *)&iflr->addr)->sa_len);
1695 if (hostid) {
1696 /* fill in hostid part */
1697 ifra.ifra_addr.sin6_addr.s6_addr32[2] =
1698 hostid->s6_addr32[2];
1699 ifra.ifra_addr.sin6_addr.s6_addr32[3] =
1700 hostid->s6_addr32[3];
1701 }
1702
1703 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /* XXX */
1704 bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr,
1705 ((struct sockaddr *)&iflr->dstaddr)->sa_len);
1706 if (hostid) {
1707 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] =
1708 hostid->s6_addr32[2];
1709 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] =
1710 hostid->s6_addr32[3];
1711 }
1712 }
1713 if (ifa != NULL)
1714 ifa_free(ifa);
1715
1716 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6);
1717 in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen);
1718
1719 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX;
1720 return in6_control(so, SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp, td);
1721 }
1722 case SIOCGLIFADDR:
1723 case SIOCDLIFADDR:
1724 {
1725 struct in6_ifaddr *ia;
1726 struct in6_addr mask, candidate, match;
1727 struct sockaddr_in6 *sin6;
1728 int cmp;
1729
1730 bzero(&mask, sizeof(mask));
1731 if (iflr->flags & IFLR_PREFIX) {
1732 /* lookup a prefix rather than address. */
1733 in6_prefixlen2mask(&mask, iflr->prefixlen);
1734
1735 sin6 = (struct sockaddr_in6 *)&iflr->addr;
1736 bcopy(&sin6->sin6_addr, &match, sizeof(match));
1737 match.s6_addr32[0] &= mask.s6_addr32[0];
1738 match.s6_addr32[1] &= mask.s6_addr32[1];
1739 match.s6_addr32[2] &= mask.s6_addr32[2];
1740 match.s6_addr32[3] &= mask.s6_addr32[3];
1741
1742 /* if you set extra bits, that's wrong */
1743 if (bcmp(&match, &sin6->sin6_addr, sizeof(match)))
1744 return EINVAL;
1745
1746 cmp = 1;
1747 } else {
1748 if (cmd == SIOCGLIFADDR) {
1749 /* on getting an address, take the 1st match */
1750 cmp = 0; /* XXX */
1751 } else {
1752 /* on deleting an address, do exact match */
1753 in6_prefixlen2mask(&mask, 128);
1754 sin6 = (struct sockaddr_in6 *)&iflr->addr;
1755 bcopy(&sin6->sin6_addr, &match, sizeof(match));
1756
1757 cmp = 1;
1758 }
1759 }
1760
1761 IF_ADDR_RLOCK(ifp);
1762 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1763 if (ifa->ifa_addr->sa_family != AF_INET6)
1764 continue;
1765 if (!cmp)
1766 break;
1767
1768 /*
1769 * XXX: this is adhoc, but is necessary to allow
1770 * a user to specify fe80::/64 (not /10) for a
1771 * link-local address.
1772 */
1773 bcopy(IFA_IN6(ifa), &candidate, sizeof(candidate));
1774 in6_clearscope(&candidate);
1775 candidate.s6_addr32[0] &= mask.s6_addr32[0];
1776 candidate.s6_addr32[1] &= mask.s6_addr32[1];
1777 candidate.s6_addr32[2] &= mask.s6_addr32[2];
1778 candidate.s6_addr32[3] &= mask.s6_addr32[3];
1779 if (IN6_ARE_ADDR_EQUAL(&candidate, &match))
1780 break;
1781 }
1782 if (ifa != NULL)
1783 ifa_ref(ifa);
1784 IF_ADDR_RUNLOCK(ifp);
1785 if (!ifa)
1786 return EADDRNOTAVAIL;
1787 ia = ifa2ia6(ifa);
1788
1789 if (cmd == SIOCGLIFADDR) {
1790 int error;
1791
1792 /* fill in the if_laddrreq structure */
1793 bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin6_len);
1794 error = sa6_recoverscope(
1795 (struct sockaddr_in6 *)&iflr->addr);
1796 if (error != 0) {
1797 ifa_free(ifa);
1798 return (error);
1799 }
1800
1801 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) {
1802 bcopy(&ia->ia_dstaddr, &iflr->dstaddr,
1803 ia->ia_dstaddr.sin6_len);
1804 error = sa6_recoverscope(
1805 (struct sockaddr_in6 *)&iflr->dstaddr);
1806 if (error != 0) {
1807 ifa_free(ifa);
1808 return (error);
1809 }
1810 } else
1811 bzero(&iflr->dstaddr, sizeof(iflr->dstaddr));
1812
1813 iflr->prefixlen =
1814 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL);
1815
1816 iflr->flags = ia->ia6_flags; /* XXX */
1817 ifa_free(ifa);
1818
1819 return 0;
1820 } else {
1821 struct in6_aliasreq ifra;
1822
1823 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */
1824 bzero(&ifra, sizeof(ifra));
1825 bcopy(iflr->iflr_name, ifra.ifra_name,
1826 sizeof(ifra.ifra_name));
1827
1828 bcopy(&ia->ia_addr, &ifra.ifra_addr,
1829 ia->ia_addr.sin6_len);
1830 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) {
1831 bcopy(&ia->ia_dstaddr, &ifra.ifra_dstaddr,
1832 ia->ia_dstaddr.sin6_len);
1833 } else {
1834 bzero(&ifra.ifra_dstaddr,
1835 sizeof(ifra.ifra_dstaddr));
1836 }
1837 bcopy(&ia->ia_prefixmask, &ifra.ifra_dstaddr,
1838 ia->ia_prefixmask.sin6_len);
1839
1840 ifra.ifra_flags = ia->ia6_flags;
1841 ifa_free(ifa);
1842 return in6_control(so, SIOCDIFADDR_IN6, (caddr_t)&ifra,
1843 ifp, td);
1844 }
1845 }
1846 }
1847
1848 return EOPNOTSUPP; /* just for safety */
1849}
1850
1851/*
1852 * Initialize an interface's IPv6 address and routing table entry.
1853 */
1854static int
1855in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia,
1856 struct sockaddr_in6 *sin6, int newhost)
1857{
1858 int error = 0, plen, ifacount = 0;
| 1561}
1562
1563void
1564in6_purgeif(struct ifnet *ifp)
1565{
1566 struct ifaddr *ifa, *nifa;
1567
1568 TAILQ_FOREACH_SAFE(ifa, &ifp->if_addrhead, ifa_link, nifa) {
1569 if (ifa->ifa_addr->sa_family != AF_INET6)
1570 continue;
1571 in6_purgeaddr(ifa);
1572 }
1573
1574 in6_ifdetach(ifp);
1575}
1576
1577/*
1578 * SIOC[GAD]LIFADDR.
1579 * SIOCGLIFADDR: get first address. (?)
1580 * SIOCGLIFADDR with IFLR_PREFIX:
1581 * get first address that matches the specified prefix.
1582 * SIOCALIFADDR: add the specified address.
1583 * SIOCALIFADDR with IFLR_PREFIX:
1584 * add the specified prefix, filling hostid part from
1585 * the first link-local address. prefixlen must be <= 64.
1586 * SIOCDLIFADDR: delete the specified address.
1587 * SIOCDLIFADDR with IFLR_PREFIX:
1588 * delete the first address that matches the specified prefix.
1589 * return values:
1590 * EINVAL on invalid parameters
1591 * EADDRNOTAVAIL on prefix match failed/specified address not found
1592 * other values may be returned from in6_ioctl()
1593 *
1594 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64.
1595 * this is to accomodate address naming scheme other than RFC2374,
1596 * in the future.
1597 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374
1598 * address encoding scheme. (see figure on page 8)
1599 */
1600static int
1601in6_lifaddr_ioctl(struct socket *so, u_long cmd, caddr_t data,
1602 struct ifnet *ifp, struct thread *td)
1603{
1604 struct if_laddrreq *iflr = (struct if_laddrreq *)data;
1605 struct ifaddr *ifa;
1606 struct sockaddr *sa;
1607
1608 /* sanity checks */
1609 if (!data || !ifp) {
1610 panic("invalid argument to in6_lifaddr_ioctl");
1611 /* NOTREACHED */
1612 }
1613
1614 switch (cmd) {
1615 case SIOCGLIFADDR:
1616 /* address must be specified on GET with IFLR_PREFIX */
1617 if ((iflr->flags & IFLR_PREFIX) == 0)
1618 break;
1619 /* FALLTHROUGH */
1620 case SIOCALIFADDR:
1621 case SIOCDLIFADDR:
1622 /* address must be specified on ADD and DELETE */
1623 sa = (struct sockaddr *)&iflr->addr;
1624 if (sa->sa_family != AF_INET6)
1625 return EINVAL;
1626 if (sa->sa_len != sizeof(struct sockaddr_in6))
1627 return EINVAL;
1628 /* XXX need improvement */
1629 sa = (struct sockaddr *)&iflr->dstaddr;
1630 if (sa->sa_family && sa->sa_family != AF_INET6)
1631 return EINVAL;
1632 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6))
1633 return EINVAL;
1634 break;
1635 default: /* shouldn't happen */
1636#if 0
1637 panic("invalid cmd to in6_lifaddr_ioctl");
1638 /* NOTREACHED */
1639#else
1640 return EOPNOTSUPP;
1641#endif
1642 }
1643 if (sizeof(struct in6_addr) * 8 < iflr->prefixlen)
1644 return EINVAL;
1645
1646 switch (cmd) {
1647 case SIOCALIFADDR:
1648 {
1649 struct in6_aliasreq ifra;
1650 struct in6_addr *hostid = NULL;
1651 int prefixlen;
1652
1653 ifa = NULL;
1654 if ((iflr->flags & IFLR_PREFIX) != 0) {
1655 struct sockaddr_in6 *sin6;
1656
1657 /*
1658 * hostid is to fill in the hostid part of the
1659 * address. hostid points to the first link-local
1660 * address attached to the interface.
1661 */
1662 ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 0);
1663 if (!ifa)
1664 return EADDRNOTAVAIL;
1665 hostid = IFA_IN6(ifa);
1666
1667 /* prefixlen must be <= 64. */
1668 if (64 < iflr->prefixlen) {
1669 if (ifa != NULL)
1670 ifa_free(ifa);
1671 return EINVAL;
1672 }
1673 prefixlen = iflr->prefixlen;
1674
1675 /* hostid part must be zero. */
1676 sin6 = (struct sockaddr_in6 *)&iflr->addr;
1677 if (sin6->sin6_addr.s6_addr32[2] != 0 ||
1678 sin6->sin6_addr.s6_addr32[3] != 0) {
1679 if (ifa != NULL)
1680 ifa_free(ifa);
1681 return EINVAL;
1682 }
1683 } else
1684 prefixlen = iflr->prefixlen;
1685
1686 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */
1687 bzero(&ifra, sizeof(ifra));
1688 bcopy(iflr->iflr_name, ifra.ifra_name, sizeof(ifra.ifra_name));
1689
1690 bcopy(&iflr->addr, &ifra.ifra_addr,
1691 ((struct sockaddr *)&iflr->addr)->sa_len);
1692 if (hostid) {
1693 /* fill in hostid part */
1694 ifra.ifra_addr.sin6_addr.s6_addr32[2] =
1695 hostid->s6_addr32[2];
1696 ifra.ifra_addr.sin6_addr.s6_addr32[3] =
1697 hostid->s6_addr32[3];
1698 }
1699
1700 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /* XXX */
1701 bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr,
1702 ((struct sockaddr *)&iflr->dstaddr)->sa_len);
1703 if (hostid) {
1704 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] =
1705 hostid->s6_addr32[2];
1706 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] =
1707 hostid->s6_addr32[3];
1708 }
1709 }
1710 if (ifa != NULL)
1711 ifa_free(ifa);
1712
1713 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6);
1714 in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen);
1715
1716 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX;
1717 return in6_control(so, SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp, td);
1718 }
1719 case SIOCGLIFADDR:
1720 case SIOCDLIFADDR:
1721 {
1722 struct in6_ifaddr *ia;
1723 struct in6_addr mask, candidate, match;
1724 struct sockaddr_in6 *sin6;
1725 int cmp;
1726
1727 bzero(&mask, sizeof(mask));
1728 if (iflr->flags & IFLR_PREFIX) {
1729 /* lookup a prefix rather than address. */
1730 in6_prefixlen2mask(&mask, iflr->prefixlen);
1731
1732 sin6 = (struct sockaddr_in6 *)&iflr->addr;
1733 bcopy(&sin6->sin6_addr, &match, sizeof(match));
1734 match.s6_addr32[0] &= mask.s6_addr32[0];
1735 match.s6_addr32[1] &= mask.s6_addr32[1];
1736 match.s6_addr32[2] &= mask.s6_addr32[2];
1737 match.s6_addr32[3] &= mask.s6_addr32[3];
1738
1739 /* if you set extra bits, that's wrong */
1740 if (bcmp(&match, &sin6->sin6_addr, sizeof(match)))
1741 return EINVAL;
1742
1743 cmp = 1;
1744 } else {
1745 if (cmd == SIOCGLIFADDR) {
1746 /* on getting an address, take the 1st match */
1747 cmp = 0; /* XXX */
1748 } else {
1749 /* on deleting an address, do exact match */
1750 in6_prefixlen2mask(&mask, 128);
1751 sin6 = (struct sockaddr_in6 *)&iflr->addr;
1752 bcopy(&sin6->sin6_addr, &match, sizeof(match));
1753
1754 cmp = 1;
1755 }
1756 }
1757
1758 IF_ADDR_RLOCK(ifp);
1759 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1760 if (ifa->ifa_addr->sa_family != AF_INET6)
1761 continue;
1762 if (!cmp)
1763 break;
1764
1765 /*
1766 * XXX: this is adhoc, but is necessary to allow
1767 * a user to specify fe80::/64 (not /10) for a
1768 * link-local address.
1769 */
1770 bcopy(IFA_IN6(ifa), &candidate, sizeof(candidate));
1771 in6_clearscope(&candidate);
1772 candidate.s6_addr32[0] &= mask.s6_addr32[0];
1773 candidate.s6_addr32[1] &= mask.s6_addr32[1];
1774 candidate.s6_addr32[2] &= mask.s6_addr32[2];
1775 candidate.s6_addr32[3] &= mask.s6_addr32[3];
1776 if (IN6_ARE_ADDR_EQUAL(&candidate, &match))
1777 break;
1778 }
1779 if (ifa != NULL)
1780 ifa_ref(ifa);
1781 IF_ADDR_RUNLOCK(ifp);
1782 if (!ifa)
1783 return EADDRNOTAVAIL;
1784 ia = ifa2ia6(ifa);
1785
1786 if (cmd == SIOCGLIFADDR) {
1787 int error;
1788
1789 /* fill in the if_laddrreq structure */
1790 bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin6_len);
1791 error = sa6_recoverscope(
1792 (struct sockaddr_in6 *)&iflr->addr);
1793 if (error != 0) {
1794 ifa_free(ifa);
1795 return (error);
1796 }
1797
1798 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) {
1799 bcopy(&ia->ia_dstaddr, &iflr->dstaddr,
1800 ia->ia_dstaddr.sin6_len);
1801 error = sa6_recoverscope(
1802 (struct sockaddr_in6 *)&iflr->dstaddr);
1803 if (error != 0) {
1804 ifa_free(ifa);
1805 return (error);
1806 }
1807 } else
1808 bzero(&iflr->dstaddr, sizeof(iflr->dstaddr));
1809
1810 iflr->prefixlen =
1811 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL);
1812
1813 iflr->flags = ia->ia6_flags; /* XXX */
1814 ifa_free(ifa);
1815
1816 return 0;
1817 } else {
1818 struct in6_aliasreq ifra;
1819
1820 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */
1821 bzero(&ifra, sizeof(ifra));
1822 bcopy(iflr->iflr_name, ifra.ifra_name,
1823 sizeof(ifra.ifra_name));
1824
1825 bcopy(&ia->ia_addr, &ifra.ifra_addr,
1826 ia->ia_addr.sin6_len);
1827 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) {
1828 bcopy(&ia->ia_dstaddr, &ifra.ifra_dstaddr,
1829 ia->ia_dstaddr.sin6_len);
1830 } else {
1831 bzero(&ifra.ifra_dstaddr,
1832 sizeof(ifra.ifra_dstaddr));
1833 }
1834 bcopy(&ia->ia_prefixmask, &ifra.ifra_dstaddr,
1835 ia->ia_prefixmask.sin6_len);
1836
1837 ifra.ifra_flags = ia->ia6_flags;
1838 ifa_free(ifa);
1839 return in6_control(so, SIOCDIFADDR_IN6, (caddr_t)&ifra,
1840 ifp, td);
1841 }
1842 }
1843 }
1844
1845 return EOPNOTSUPP; /* just for safety */
1846}
1847
1848/*
1849 * Initialize an interface's IPv6 address and routing table entry.
1850 */
1851static int
1852in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia,
1853 struct sockaddr_in6 *sin6, int newhost)
1854{
1855 int error = 0, plen, ifacount = 0;
|
1859 int s = splimp();
| |
1860 struct ifaddr *ifa;
1861
1862 /*
1863 * Give the interface a chance to initialize
1864 * if this is its first address,
1865 * and to validate the address if necessary.
1866 */
1867 IF_ADDR_RLOCK(ifp);
1868 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1869 if (ifa->ifa_addr->sa_family != AF_INET6)
1870 continue;
1871 ifacount++;
1872 }
1873 IF_ADDR_RUNLOCK(ifp);
1874
1875 ia->ia_addr = *sin6;
1876
1877 if (ifacount <= 1 && ifp->if_ioctl) {
1878 error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia);
| 1856 struct ifaddr *ifa;
1857
1858 /*
1859 * Give the interface a chance to initialize
1860 * if this is its first address,
1861 * and to validate the address if necessary.
1862 */
1863 IF_ADDR_RLOCK(ifp);
1864 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1865 if (ifa->ifa_addr->sa_family != AF_INET6)
1866 continue;
1867 ifacount++;
1868 }
1869 IF_ADDR_RUNLOCK(ifp);
1870
1871 ia->ia_addr = *sin6;
1872
1873 if (ifacount <= 1 && ifp->if_ioctl) {
1874 error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia);
|
1879 if (error) {
1880 splx(s);
| 1875 if (error)
|
1881 return (error);
| 1876 return (error);
|
1882 }
| |
1883 }
| 1877 }
|
1884 splx(s);
| |
1885
1886 ia->ia_ifa.ifa_metric = ifp->if_metric;
1887
1888 /* we could do in(6)_socktrim here, but just omit it at this moment. */
1889
1890 /*
1891 * Special case:
1892 * If a new destination address is specified for a point-to-point
1893 * interface, install a route to the destination as an interface
1894 * direct route.
1895 * XXX: the logic below rejects assigning multiple addresses on a p2p
1896 * interface that share the same destination.
1897 */
1898 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */
1899 if (!(ia->ia_flags & IFA_ROUTE) && plen == 128 &&
1900 ia->ia_dstaddr.sin6_family == AF_INET6) {
1901 int rtflags = RTF_UP | RTF_HOST;
1902 error = rtinit(&ia->ia_ifa, RTM_ADD, ia->ia_flags | rtflags);
1903 if (error)
1904 return (error);
1905 ia->ia_flags |= IFA_ROUTE;
1906 /*
1907 * Handle the case for ::1 .
1908 */
1909 if (ifp->if_flags & IFF_LOOPBACK)
1910 ia->ia_flags |= IFA_RTSELF;
1911 }
1912
1913 /*
1914 * add a loopback route to self
1915 */
1916 if (!(ia->ia_flags & IFA_RTSELF) && V_nd6_useloopback) {
1917 error = ifa_add_loopback_route((struct ifaddr *)ia,
1918 (struct sockaddr *)&ia->ia_addr);
1919 if (error == 0)
1920 ia->ia_flags |= IFA_RTSELF;
1921 }
1922
1923 /* Add local address to lltable, if necessary (ex. on p2p link). */
1924 if (newhost)
1925 in6_ifaddloop(&(ia->ia_ifa));
1926
1927 return (error);
1928}
1929
1930/*
1931 * Find an IPv6 interface link-local address specific to an interface.
1932 * ifaddr is returned referenced.
1933 */
1934struct in6_ifaddr *
1935in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags)
1936{
1937 struct ifaddr *ifa;
1938
1939 IF_ADDR_RLOCK(ifp);
1940 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1941 if (ifa->ifa_addr->sa_family != AF_INET6)
1942 continue;
1943 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) {
1944 if ((((struct in6_ifaddr *)ifa)->ia6_flags &
1945 ignoreflags) != 0)
1946 continue;
1947 ifa_ref(ifa);
1948 break;
1949 }
1950 }
1951 IF_ADDR_RUNLOCK(ifp);
1952
1953 return ((struct in6_ifaddr *)ifa);
1954}
1955
1956
1957/*
1958 * find the internet address corresponding to a given interface and address.
1959 * ifaddr is returned referenced.
1960 */
1961struct in6_ifaddr *
1962in6ifa_ifpwithaddr(struct ifnet *ifp, struct in6_addr *addr)
1963{
1964 struct ifaddr *ifa;
1965
1966 IF_ADDR_RLOCK(ifp);
1967 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1968 if (ifa->ifa_addr->sa_family != AF_INET6)
1969 continue;
1970 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) {
1971 ifa_ref(ifa);
1972 break;
1973 }
1974 }
1975 IF_ADDR_RUNLOCK(ifp);
1976
1977 return ((struct in6_ifaddr *)ifa);
1978}
1979
1980/*
1981 * Convert IP6 address to printable (loggable) representation. Caller
1982 * has to make sure that ip6buf is at least INET6_ADDRSTRLEN long.
1983 */
1984static char digits[] = "0123456789abcdef";
1985char *
1986ip6_sprintf(char *ip6buf, const struct in6_addr *addr)
1987{
1988 int i, cnt = 0, maxcnt = 0, idx = 0, index = 0;
1989 char *cp;
1990 const u_int16_t *a = (const u_int16_t *)addr;
1991 const u_int8_t *d;
1992 int dcolon = 0, zero = 0;
1993
1994 cp = ip6buf;
1995
1996 for (i = 0; i < 8; i++) {
1997 if (*(a + i) == 0) {
1998 cnt++;
1999 if (cnt == 1)
2000 idx = i;
2001 }
2002 else if (maxcnt < cnt) {
2003 maxcnt = cnt;
2004 index = idx;
2005 cnt = 0;
2006 }
2007 }
2008 if (maxcnt < cnt) {
2009 maxcnt = cnt;
2010 index = idx;
2011 }
2012
2013 for (i = 0; i < 8; i++) {
2014 if (dcolon == 1) {
2015 if (*a == 0) {
2016 if (i == 7)
2017 *cp++ = ':';
2018 a++;
2019 continue;
2020 } else
2021 dcolon = 2;
2022 }
2023 if (*a == 0) {
2024 if (dcolon == 0 && *(a + 1) == 0 && i == index) {
2025 if (i == 0)
2026 *cp++ = ':';
2027 *cp++ = ':';
2028 dcolon = 1;
2029 } else {
2030 *cp++ = '0';
2031 *cp++ = ':';
2032 }
2033 a++;
2034 continue;
2035 }
2036 d = (const u_char *)a;
2037 /* Try to eliminate leading zeros in printout like in :0001. */
2038 zero = 1;
2039 *cp = digits[*d >> 4];
2040 if (*cp != '0') {
2041 zero = 0;
2042 cp++;
2043 }
2044 *cp = digits[*d++ & 0xf];
2045 if (zero == 0 || (*cp != '0')) {
2046 zero = 0;
2047 cp++;
2048 }
2049 *cp = digits[*d >> 4];
2050 if (zero == 0 || (*cp != '0')) {
2051 zero = 0;
2052 cp++;
2053 }
2054 *cp++ = digits[*d & 0xf];
2055 *cp++ = ':';
2056 a++;
2057 }
2058 *--cp = '\0';
2059 return (ip6buf);
2060}
2061
2062int
2063in6_localaddr(struct in6_addr *in6)
2064{
2065 struct in6_ifaddr *ia;
2066
2067 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6))
2068 return 1;
2069
2070 IN6_IFADDR_RLOCK();
2071 TAILQ_FOREACH(ia, &V_in6_ifaddrhead, ia_link) {
2072 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr,
2073 &ia->ia_prefixmask.sin6_addr)) {
2074 IN6_IFADDR_RUNLOCK();
2075 return 1;
2076 }
2077 }
2078 IN6_IFADDR_RUNLOCK();
2079
2080 return (0);
2081}
2082
2083/*
2084 * Return 1 if an internet address is for the local host and configured
2085 * on one of its interfaces.
2086 */
2087int
2088in6_localip(struct in6_addr *in6)
2089{
2090 struct in6_ifaddr *ia;
2091
2092 IN6_IFADDR_RLOCK();
2093 TAILQ_FOREACH(ia, &V_in6_ifaddrhead, ia_link) {
2094 if (IN6_ARE_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr)) {
2095 IN6_IFADDR_RUNLOCK();
2096 return (1);
2097 }
2098 }
2099 IN6_IFADDR_RUNLOCK();
2100 return (0);
2101}
2102
2103
2104int
2105in6_is_addr_deprecated(struct sockaddr_in6 *sa6)
2106{
2107 struct in6_ifaddr *ia;
2108
2109 IN6_IFADDR_RLOCK();
2110 TAILQ_FOREACH(ia, &V_in6_ifaddrhead, ia_link) {
2111 if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr,
2112 &sa6->sin6_addr) &&
2113 (ia->ia6_flags & IN6_IFF_DEPRECATED) != 0) {
2114 IN6_IFADDR_RUNLOCK();
2115 return (1); /* true */
2116 }
2117
2118 /* XXX: do we still have to go thru the rest of the list? */
2119 }
2120 IN6_IFADDR_RUNLOCK();
2121
2122 return (0); /* false */
2123}
2124
2125/*
2126 * return length of part which dst and src are equal
2127 * hard coding...
2128 */
2129int
2130in6_matchlen(struct in6_addr *src, struct in6_addr *dst)
2131{
2132 int match = 0;
2133 u_char *s = (u_char *)src, *d = (u_char *)dst;
2134 u_char *lim = s + 16, r;
2135
2136 while (s < lim)
2137 if ((r = (*d++ ^ *s++)) != 0) {
2138 while (r < 128) {
2139 match++;
2140 r <<= 1;
2141 }
2142 break;
2143 } else
2144 match += 8;
2145 return match;
2146}
2147
2148/* XXX: to be scope conscious */
2149int
2150in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len)
2151{
2152 int bytelen, bitlen;
2153
2154 /* sanity check */
2155 if (0 > len || len > 128) {
2156 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n",
2157 len);
2158 return (0);
2159 }
2160
2161 bytelen = len / 8;
2162 bitlen = len % 8;
2163
2164 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen))
2165 return (0);
2166 if (bitlen != 0 &&
2167 p1->s6_addr[bytelen] >> (8 - bitlen) !=
2168 p2->s6_addr[bytelen] >> (8 - bitlen))
2169 return (0);
2170
2171 return (1);
2172}
2173
2174void
2175in6_prefixlen2mask(struct in6_addr *maskp, int len)
2176{
2177 u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff};
2178 int bytelen, bitlen, i;
2179
2180 /* sanity check */
2181 if (0 > len || len > 128) {
2182 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n",
2183 len);
2184 return;
2185 }
2186
2187 bzero(maskp, sizeof(*maskp));
2188 bytelen = len / 8;
2189 bitlen = len % 8;
2190 for (i = 0; i < bytelen; i++)
2191 maskp->s6_addr[i] = 0xff;
2192 if (bitlen)
2193 maskp->s6_addr[bytelen] = maskarray[bitlen - 1];
2194}
2195
2196/*
2197 * return the best address out of the same scope. if no address was
2198 * found, return the first valid address from designated IF.
2199 */
2200struct in6_ifaddr *
2201in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst)
2202{
2203 int dst_scope = in6_addrscope(dst), blen = -1, tlen;
2204 struct ifaddr *ifa;
2205 struct in6_ifaddr *besta = 0;
2206 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */
2207
2208 dep[0] = dep[1] = NULL;
2209
2210 /*
2211 * We first look for addresses in the same scope.
2212 * If there is one, return it.
2213 * If two or more, return one which matches the dst longest.
2214 * If none, return one of global addresses assigned other ifs.
2215 */
2216 IF_ADDR_RLOCK(ifp);
2217 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2218 if (ifa->ifa_addr->sa_family != AF_INET6)
2219 continue;
2220 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
2221 continue; /* XXX: is there any case to allow anycast? */
2222 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
2223 continue; /* don't use this interface */
2224 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
2225 continue;
2226 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
2227 if (V_ip6_use_deprecated)
2228 dep[0] = (struct in6_ifaddr *)ifa;
2229 continue;
2230 }
2231
2232 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) {
2233 /*
2234 * call in6_matchlen() as few as possible
2235 */
2236 if (besta) {
2237 if (blen == -1)
2238 blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst);
2239 tlen = in6_matchlen(IFA_IN6(ifa), dst);
2240 if (tlen > blen) {
2241 blen = tlen;
2242 besta = (struct in6_ifaddr *)ifa;
2243 }
2244 } else
2245 besta = (struct in6_ifaddr *)ifa;
2246 }
2247 }
2248 if (besta) {
2249 ifa_ref(&besta->ia_ifa);
2250 IF_ADDR_RUNLOCK(ifp);
2251 return (besta);
2252 }
2253
2254 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2255 if (ifa->ifa_addr->sa_family != AF_INET6)
2256 continue;
2257 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
2258 continue; /* XXX: is there any case to allow anycast? */
2259 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
2260 continue; /* don't use this interface */
2261 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
2262 continue;
2263 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
2264 if (V_ip6_use_deprecated)
2265 dep[1] = (struct in6_ifaddr *)ifa;
2266 continue;
2267 }
2268
2269 if (ifa != NULL)
2270 ifa_ref(ifa);
2271 IF_ADDR_RUNLOCK(ifp);
2272 return (struct in6_ifaddr *)ifa;
2273 }
2274
2275 /* use the last-resort values, that are, deprecated addresses */
2276 if (dep[0]) {
2277 ifa_ref((struct ifaddr *)dep[0]);
2278 IF_ADDR_RUNLOCK(ifp);
2279 return dep[0];
2280 }
2281 if (dep[1]) {
2282 ifa_ref((struct ifaddr *)dep[1]);
2283 IF_ADDR_RUNLOCK(ifp);
2284 return dep[1];
2285 }
2286
2287 IF_ADDR_RUNLOCK(ifp);
2288 return NULL;
2289}
2290
2291/*
2292 * perform DAD when interface becomes IFF_UP.
2293 */
2294void
2295in6_if_up(struct ifnet *ifp)
2296{
2297 struct ifaddr *ifa;
2298 struct in6_ifaddr *ia;
2299
2300 IF_ADDR_RLOCK(ifp);
2301 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2302 if (ifa->ifa_addr->sa_family != AF_INET6)
2303 continue;
2304 ia = (struct in6_ifaddr *)ifa;
2305 if (ia->ia6_flags & IN6_IFF_TENTATIVE) {
2306 /*
2307 * The TENTATIVE flag was likely set by hand
2308 * beforehand, implicitly indicating the need for DAD.
2309 * We may be able to skip the random delay in this
2310 * case, but we impose delays just in case.
2311 */
2312 nd6_dad_start(ifa,
2313 arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz));
2314 }
2315 }
2316 IF_ADDR_RUNLOCK(ifp);
2317
2318 /*
2319 * special cases, like 6to4, are handled in in6_ifattach
2320 */
2321 in6_ifattach(ifp, NULL);
2322}
2323
2324int
2325in6if_do_dad(struct ifnet *ifp)
2326{
2327 if ((ifp->if_flags & IFF_LOOPBACK) != 0)
2328 return (0);
2329
2330 if (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED)
2331 return (0);
2332
2333 switch (ifp->if_type) {
2334#ifdef IFT_DUMMY
2335 case IFT_DUMMY:
2336#endif
2337 case IFT_FAITH:
2338 /*
2339 * These interfaces do not have the IFF_LOOPBACK flag,
2340 * but loop packets back. We do not have to do DAD on such
2341 * interfaces. We should even omit it, because loop-backed
2342 * NS would confuse the DAD procedure.
2343 */
2344 return (0);
2345 default:
2346 /*
2347 * Our DAD routine requires the interface up and running.
2348 * However, some interfaces can be up before the RUNNING
2349 * status. Additionaly, users may try to assign addresses
2350 * before the interface becomes up (or running).
2351 * We simply skip DAD in such a case as a work around.
2352 * XXX: we should rather mark "tentative" on such addresses,
2353 * and do DAD after the interface becomes ready.
2354 */
2355 if (!((ifp->if_flags & IFF_UP) &&
2356 (ifp->if_drv_flags & IFF_DRV_RUNNING)))
2357 return (0);
2358
2359 return (1);
2360 }
2361}
2362
2363/*
2364 * Calculate max IPv6 MTU through all the interfaces and store it
2365 * to in6_maxmtu.
2366 */
2367void
2368in6_setmaxmtu(void)
2369{
2370 unsigned long maxmtu = 0;
2371 struct ifnet *ifp;
2372
2373 IFNET_RLOCK_NOSLEEP();
2374 TAILQ_FOREACH(ifp, &V_ifnet, if_list) {
2375 /* this function can be called during ifnet initialization */
2376 if (!ifp->if_afdata[AF_INET6])
2377 continue;
2378 if ((ifp->if_flags & IFF_LOOPBACK) == 0 &&
2379 IN6_LINKMTU(ifp) > maxmtu)
2380 maxmtu = IN6_LINKMTU(ifp);
2381 }
2382 IFNET_RUNLOCK_NOSLEEP();
2383 if (maxmtu) /* update only when maxmtu is positive */
2384 V_in6_maxmtu = maxmtu;
2385}
2386
2387/*
2388 * Provide the length of interface identifiers to be used for the link attached
2389 * to the given interface. The length should be defined in "IPv6 over
2390 * xxx-link" document. Note that address architecture might also define
2391 * the length for a particular set of address prefixes, regardless of the
2392 * link type. As clarified in rfc2462bis, those two definitions should be
2393 * consistent, and those really are as of August 2004.
2394 */
2395int
2396in6_if2idlen(struct ifnet *ifp)
2397{
2398 switch (ifp->if_type) {
2399 case IFT_ETHER: /* RFC2464 */
2400#ifdef IFT_PROPVIRTUAL
2401 case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */
2402#endif
2403#ifdef IFT_L2VLAN
2404 case IFT_L2VLAN: /* ditto */
2405#endif
2406#ifdef IFT_IEEE80211
2407 case IFT_IEEE80211: /* ditto */
2408#endif
2409#ifdef IFT_MIP
2410 case IFT_MIP: /* ditto */
2411#endif
2412 case IFT_INFINIBAND:
2413 return (64);
2414 case IFT_FDDI: /* RFC2467 */
2415 return (64);
2416 case IFT_ISO88025: /* RFC2470 (IPv6 over Token Ring) */
2417 return (64);
2418 case IFT_PPP: /* RFC2472 */
2419 return (64);
2420 case IFT_ARCNET: /* RFC2497 */
2421 return (64);
2422 case IFT_FRELAY: /* RFC2590 */
2423 return (64);
2424 case IFT_IEEE1394: /* RFC3146 */
2425 return (64);
2426 case IFT_GIF:
2427 return (64); /* draft-ietf-v6ops-mech-v2-07 */
2428 case IFT_LOOP:
2429 return (64); /* XXX: is this really correct? */
2430 default:
2431 /*
2432 * Unknown link type:
2433 * It might be controversial to use the today's common constant
2434 * of 64 for these cases unconditionally. For full compliance,
2435 * we should return an error in this case. On the other hand,
2436 * if we simply miss the standard for the link type or a new
2437 * standard is defined for a new link type, the IFID length
2438 * is very likely to be the common constant. As a compromise,
2439 * we always use the constant, but make an explicit notice
2440 * indicating the "unknown" case.
2441 */
2442 printf("in6_if2idlen: unknown link type (%d)\n", ifp->if_type);
2443 return (64);
2444 }
2445}
2446
2447#include <sys/sysctl.h>
2448
2449struct in6_llentry {
2450 struct llentry base;
2451 struct sockaddr_in6 l3_addr6;
2452};
2453
2454/*
2455 * Deletes an address from the address table.
2456 * This function is called by the timer functions
2457 * such as arptimer() and nd6_llinfo_timer(), and
2458 * the caller does the locking.
2459 */
2460static void
2461in6_lltable_free(struct lltable *llt, struct llentry *lle)
2462{
2463 LLE_WUNLOCK(lle);
2464 LLE_LOCK_DESTROY(lle);
2465 free(lle, M_LLTABLE);
2466}
2467
2468static struct llentry *
2469in6_lltable_new(const struct sockaddr *l3addr, u_int flags)
2470{
2471 struct in6_llentry *lle;
2472
2473 lle = malloc(sizeof(struct in6_llentry), M_LLTABLE, M_NOWAIT | M_ZERO);
2474 if (lle == NULL) /* NB: caller generates msg */
2475 return NULL;
2476
2477 lle->l3_addr6 = *(const struct sockaddr_in6 *)l3addr;
2478 lle->base.lle_refcnt = 1;
2479 lle->base.lle_free = in6_lltable_free;
2480 LLE_LOCK_INIT(&lle->base);
2481 callout_init_rw(&lle->base.ln_timer_ch, &lle->base.lle_lock,
2482 CALLOUT_RETURNUNLOCKED);
2483
2484 return (&lle->base);
2485}
2486
2487static void
2488in6_lltable_prefix_free(struct lltable *llt, const struct sockaddr *prefix,
2489 const struct sockaddr *mask, u_int flags)
2490{
2491 const struct sockaddr_in6 *pfx = (const struct sockaddr_in6 *)prefix;
2492 const struct sockaddr_in6 *msk = (const struct sockaddr_in6 *)mask;
2493 struct llentry *lle, *next;
2494 int i;
2495
2496 /*
2497 * (flags & LLE_STATIC) means deleting all entries
2498 * including static ND6 entries.
2499 */
2500 IF_AFDATA_WLOCK(llt->llt_ifp);
2501 for (i = 0; i < LLTBL_HASHTBL_SIZE; i++) {
2502 LIST_FOREACH_SAFE(lle, &llt->lle_head[i], lle_next, next) {
2503 if (IN6_ARE_MASKED_ADDR_EQUAL(
2504 &satosin6(L3_ADDR(lle))->sin6_addr,
2505 &pfx->sin6_addr, &msk->sin6_addr) &&
2506 ((flags & LLE_STATIC) ||
2507 !(lle->la_flags & LLE_STATIC))) {
2508 LLE_WLOCK(lle);
2509 if (callout_stop(&lle->la_timer))
2510 LLE_REMREF(lle);
2511 llentry_free(lle);
2512 }
2513 }
2514 }
2515 IF_AFDATA_WUNLOCK(llt->llt_ifp);
2516}
2517
2518static int
2519in6_lltable_rtcheck(struct ifnet *ifp,
2520 u_int flags,
2521 const struct sockaddr *l3addr)
2522{
2523 struct rtentry *rt;
2524 char ip6buf[INET6_ADDRSTRLEN];
2525
2526 KASSERT(l3addr->sa_family == AF_INET6,
2527 ("sin_family %d", l3addr->sa_family));
2528
2529 /* Our local addresses are always only installed on the default FIB. */
2530 /* XXX rtalloc1 should take a const param */
2531 rt = in6_rtalloc1(__DECONST(struct sockaddr *, l3addr), 0, 0,
2532 RT_DEFAULT_FIB);
2533 if (rt == NULL || (rt->rt_flags & RTF_GATEWAY) || rt->rt_ifp != ifp) {
2534 struct ifaddr *ifa;
2535 /*
2536 * Create an ND6 cache for an IPv6 neighbor
2537 * that is not covered by our own prefix.
2538 */
2539 /* XXX ifaof_ifpforaddr should take a const param */
2540 ifa = ifaof_ifpforaddr(__DECONST(struct sockaddr *, l3addr), ifp);
2541 if (ifa != NULL) {
2542 ifa_free(ifa);
2543 if (rt != NULL)
2544 RTFREE_LOCKED(rt);
2545 return 0;
2546 }
2547 log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n",
2548 ip6_sprintf(ip6buf, &((const struct sockaddr_in6 *)l3addr)->sin6_addr));
2549 if (rt != NULL)
2550 RTFREE_LOCKED(rt);
2551 return EINVAL;
2552 }
2553 RTFREE_LOCKED(rt);
2554 return 0;
2555}
2556
2557static struct llentry *
2558in6_lltable_lookup(struct lltable *llt, u_int flags,
2559 const struct sockaddr *l3addr)
2560{
2561 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr;
2562 struct ifnet *ifp = llt->llt_ifp;
2563 struct llentry *lle;
2564 struct llentries *lleh;
2565 u_int hashkey;
2566
2567 IF_AFDATA_LOCK_ASSERT(ifp);
2568 KASSERT(l3addr->sa_family == AF_INET6,
2569 ("sin_family %d", l3addr->sa_family));
2570
2571 hashkey = sin6->sin6_addr.s6_addr32[3];
2572 lleh = &llt->lle_head[LLATBL_HASH(hashkey, LLTBL_HASHMASK)];
2573 LIST_FOREACH(lle, lleh, lle_next) {
2574 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)L3_ADDR(lle);
2575 if (lle->la_flags & LLE_DELETED)
2576 continue;
2577 if (bcmp(&sa6->sin6_addr, &sin6->sin6_addr,
2578 sizeof(struct in6_addr)) == 0)
2579 break;
2580 }
2581
2582 if (lle == NULL) {
2583 if (!(flags & LLE_CREATE))
2584 return (NULL);
2585 /*
2586 * A route that covers the given address must have
2587 * been installed 1st because we are doing a resolution,
2588 * verify this.
2589 */
2590 if (!(flags & LLE_IFADDR) &&
2591 in6_lltable_rtcheck(ifp, flags, l3addr) != 0)
2592 return NULL;
2593
2594 lle = in6_lltable_new(l3addr, flags);
2595 if (lle == NULL) {
2596 log(LOG_INFO, "lla_lookup: new lle malloc failed\n");
2597 return NULL;
2598 }
2599 lle->la_flags = flags & ~LLE_CREATE;
2600 if ((flags & (LLE_CREATE | LLE_IFADDR)) == (LLE_CREATE | LLE_IFADDR)) {
2601 bcopy(IF_LLADDR(ifp), &lle->ll_addr, ifp->if_addrlen);
2602 lle->la_flags |= (LLE_VALID | LLE_STATIC);
2603 }
2604
2605 lle->lle_tbl = llt;
2606 lle->lle_head = lleh;
2607 lle->la_flags |= LLE_LINKED;
2608 LIST_INSERT_HEAD(lleh, lle, lle_next);
2609 } else if (flags & LLE_DELETE) {
2610 if (!(lle->la_flags & LLE_IFADDR) || (flags & LLE_IFADDR)) {
2611 LLE_WLOCK(lle);
2612 lle->la_flags |= LLE_DELETED;
2613 LLE_WUNLOCK(lle);
2614#ifdef DIAGNOSTIC
2615 log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle);
2616#endif
2617 }
2618 lle = (void *)-1;
2619 }
2620 if (LLE_IS_VALID(lle)) {
2621 if (flags & LLE_EXCLUSIVE)
2622 LLE_WLOCK(lle);
2623 else
2624 LLE_RLOCK(lle);
2625 }
2626 return (lle);
2627}
2628
2629static int
2630in6_lltable_dump(struct lltable *llt, struct sysctl_req *wr)
2631{
2632 struct ifnet *ifp = llt->llt_ifp;
2633 struct llentry *lle;
2634 /* XXX stack use */
2635 struct {
2636 struct rt_msghdr rtm;
2637 struct sockaddr_in6 sin6;
2638 /*
2639 * ndp.c assumes that sdl is word aligned
2640 */
2641#ifdef __LP64__
2642 uint32_t pad;
2643#endif
2644 struct sockaddr_dl sdl;
2645 } ndpc;
2646 int i, error;
2647
2648 if (ifp->if_flags & IFF_LOOPBACK)
2649 return 0;
2650
2651 LLTABLE_LOCK_ASSERT();
2652
2653 error = 0;
2654 for (i = 0; i < LLTBL_HASHTBL_SIZE; i++) {
2655 LIST_FOREACH(lle, &llt->lle_head[i], lle_next) {
2656 struct sockaddr_dl *sdl;
2657
2658 /* skip deleted or invalid entries */
2659 if ((lle->la_flags & (LLE_DELETED|LLE_VALID)) != LLE_VALID)
2660 continue;
2661 /* Skip if jailed and not a valid IP of the prison. */
2662 if (prison_if(wr->td->td_ucred, L3_ADDR(lle)) != 0)
2663 continue;
2664 /*
2665 * produce a msg made of:
2666 * struct rt_msghdr;
2667 * struct sockaddr_in6 (IPv6)
2668 * struct sockaddr_dl;
2669 */
2670 bzero(&ndpc, sizeof(ndpc));
2671 ndpc.rtm.rtm_msglen = sizeof(ndpc);
2672 ndpc.rtm.rtm_version = RTM_VERSION;
2673 ndpc.rtm.rtm_type = RTM_GET;
2674 ndpc.rtm.rtm_flags = RTF_UP;
2675 ndpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY;
2676 ndpc.sin6.sin6_family = AF_INET6;
2677 ndpc.sin6.sin6_len = sizeof(ndpc.sin6);
2678 bcopy(L3_ADDR(lle), &ndpc.sin6, L3_ADDR_LEN(lle));
2679
2680 /* publish */
2681 if (lle->la_flags & LLE_PUB)
2682 ndpc.rtm.rtm_flags |= RTF_ANNOUNCE;
2683
2684 sdl = &ndpc.sdl;
2685 sdl->sdl_family = AF_LINK;
2686 sdl->sdl_len = sizeof(*sdl);
2687 sdl->sdl_alen = ifp->if_addrlen;
2688 sdl->sdl_index = ifp->if_index;
2689 sdl->sdl_type = ifp->if_type;
2690 bcopy(&lle->ll_addr, LLADDR(sdl), ifp->if_addrlen);
2691 ndpc.rtm.rtm_rmx.rmx_expire =
2692 lle->la_flags & LLE_STATIC ? 0 : lle->la_expire;
2693 ndpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA);
2694 if (lle->la_flags & LLE_STATIC)
2695 ndpc.rtm.rtm_flags |= RTF_STATIC;
2696 ndpc.rtm.rtm_index = ifp->if_index;
2697 error = SYSCTL_OUT(wr, &ndpc, sizeof(ndpc));
2698 if (error)
2699 break;
2700 }
2701 }
2702 return error;
2703}
2704
2705void *
2706in6_domifattach(struct ifnet *ifp)
2707{
2708 struct in6_ifextra *ext;
2709
2710 ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK);
2711 bzero(ext, sizeof(*ext));
2712
2713 ext->in6_ifstat = (struct in6_ifstat *)malloc(sizeof(struct in6_ifstat),
2714 M_IFADDR, M_WAITOK);
2715 bzero(ext->in6_ifstat, sizeof(*ext->in6_ifstat));
2716
2717 ext->icmp6_ifstat =
2718 (struct icmp6_ifstat *)malloc(sizeof(struct icmp6_ifstat),
2719 M_IFADDR, M_WAITOK);
2720 bzero(ext->icmp6_ifstat, sizeof(*ext->icmp6_ifstat));
2721
2722 ext->nd_ifinfo = nd6_ifattach(ifp);
2723 ext->scope6_id = scope6_ifattach(ifp);
2724 ext->lltable = lltable_init(ifp, AF_INET6);
2725 if (ext->lltable != NULL) {
2726 ext->lltable->llt_prefix_free = in6_lltable_prefix_free;
2727 ext->lltable->llt_lookup = in6_lltable_lookup;
2728 ext->lltable->llt_dump = in6_lltable_dump;
2729 }
2730
2731 ext->mld_ifinfo = mld_domifattach(ifp);
2732
2733 return ext;
2734}
2735
2736void
2737in6_domifdetach(struct ifnet *ifp, void *aux)
2738{
2739 struct in6_ifextra *ext = (struct in6_ifextra *)aux;
2740
2741 mld_domifdetach(ifp);
2742 scope6_ifdetach(ext->scope6_id);
2743 nd6_ifdetach(ext->nd_ifinfo);
2744 lltable_free(ext->lltable);
2745 free(ext->in6_ifstat, M_IFADDR);
2746 free(ext->icmp6_ifstat, M_IFADDR);
2747 free(ext, M_IFADDR);
2748}
2749
2750/*
2751 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be
2752 * v4 mapped addr or v4 compat addr
2753 */
2754void
2755in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
2756{
2757
2758 bzero(sin, sizeof(*sin));
2759 sin->sin_len = sizeof(struct sockaddr_in);
2760 sin->sin_family = AF_INET;
2761 sin->sin_port = sin6->sin6_port;
2762 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3];
2763}
2764
2765/* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */
2766void
2767in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
2768{
2769 bzero(sin6, sizeof(*sin6));
2770 sin6->sin6_len = sizeof(struct sockaddr_in6);
2771 sin6->sin6_family = AF_INET6;
2772 sin6->sin6_port = sin->sin_port;
2773 sin6->sin6_addr.s6_addr32[0] = 0;
2774 sin6->sin6_addr.s6_addr32[1] = 0;
2775 sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP;
2776 sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr;
2777}
2778
2779/* Convert sockaddr_in6 into sockaddr_in. */
2780void
2781in6_sin6_2_sin_in_sock(struct sockaddr *nam)
2782{
2783 struct sockaddr_in *sin_p;
2784 struct sockaddr_in6 sin6;
2785
2786 /*
2787 * Save original sockaddr_in6 addr and convert it
2788 * to sockaddr_in.
2789 */
2790 sin6 = *(struct sockaddr_in6 *)nam;
2791 sin_p = (struct sockaddr_in *)nam;
2792 in6_sin6_2_sin(sin_p, &sin6);
2793}
2794
2795/* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */
2796void
2797in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam)
2798{
2799 struct sockaddr_in *sin_p;
2800 struct sockaddr_in6 *sin6_p;
2801
2802 sin6_p = malloc(sizeof *sin6_p, M_SONAME, M_WAITOK);
2803 sin_p = (struct sockaddr_in *)*nam;
2804 in6_sin_2_v4mapsin6(sin_p, sin6_p);
2805 free(*nam, M_SONAME);
2806 *nam = (struct sockaddr *)sin6_p;
2807}
| 1878
1879 ia->ia_ifa.ifa_metric = ifp->if_metric;
1880
1881 /* we could do in(6)_socktrim here, but just omit it at this moment. */
1882
1883 /*
1884 * Special case:
1885 * If a new destination address is specified for a point-to-point
1886 * interface, install a route to the destination as an interface
1887 * direct route.
1888 * XXX: the logic below rejects assigning multiple addresses on a p2p
1889 * interface that share the same destination.
1890 */
1891 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */
1892 if (!(ia->ia_flags & IFA_ROUTE) && plen == 128 &&
1893 ia->ia_dstaddr.sin6_family == AF_INET6) {
1894 int rtflags = RTF_UP | RTF_HOST;
1895 error = rtinit(&ia->ia_ifa, RTM_ADD, ia->ia_flags | rtflags);
1896 if (error)
1897 return (error);
1898 ia->ia_flags |= IFA_ROUTE;
1899 /*
1900 * Handle the case for ::1 .
1901 */
1902 if (ifp->if_flags & IFF_LOOPBACK)
1903 ia->ia_flags |= IFA_RTSELF;
1904 }
1905
1906 /*
1907 * add a loopback route to self
1908 */
1909 if (!(ia->ia_flags & IFA_RTSELF) && V_nd6_useloopback) {
1910 error = ifa_add_loopback_route((struct ifaddr *)ia,
1911 (struct sockaddr *)&ia->ia_addr);
1912 if (error == 0)
1913 ia->ia_flags |= IFA_RTSELF;
1914 }
1915
1916 /* Add local address to lltable, if necessary (ex. on p2p link). */
1917 if (newhost)
1918 in6_ifaddloop(&(ia->ia_ifa));
1919
1920 return (error);
1921}
1922
1923/*
1924 * Find an IPv6 interface link-local address specific to an interface.
1925 * ifaddr is returned referenced.
1926 */
1927struct in6_ifaddr *
1928in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags)
1929{
1930 struct ifaddr *ifa;
1931
1932 IF_ADDR_RLOCK(ifp);
1933 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1934 if (ifa->ifa_addr->sa_family != AF_INET6)
1935 continue;
1936 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) {
1937 if ((((struct in6_ifaddr *)ifa)->ia6_flags &
1938 ignoreflags) != 0)
1939 continue;
1940 ifa_ref(ifa);
1941 break;
1942 }
1943 }
1944 IF_ADDR_RUNLOCK(ifp);
1945
1946 return ((struct in6_ifaddr *)ifa);
1947}
1948
1949
1950/*
1951 * find the internet address corresponding to a given interface and address.
1952 * ifaddr is returned referenced.
1953 */
1954struct in6_ifaddr *
1955in6ifa_ifpwithaddr(struct ifnet *ifp, struct in6_addr *addr)
1956{
1957 struct ifaddr *ifa;
1958
1959 IF_ADDR_RLOCK(ifp);
1960 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1961 if (ifa->ifa_addr->sa_family != AF_INET6)
1962 continue;
1963 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) {
1964 ifa_ref(ifa);
1965 break;
1966 }
1967 }
1968 IF_ADDR_RUNLOCK(ifp);
1969
1970 return ((struct in6_ifaddr *)ifa);
1971}
1972
1973/*
1974 * Convert IP6 address to printable (loggable) representation. Caller
1975 * has to make sure that ip6buf is at least INET6_ADDRSTRLEN long.
1976 */
1977static char digits[] = "0123456789abcdef";
1978char *
1979ip6_sprintf(char *ip6buf, const struct in6_addr *addr)
1980{
1981 int i, cnt = 0, maxcnt = 0, idx = 0, index = 0;
1982 char *cp;
1983 const u_int16_t *a = (const u_int16_t *)addr;
1984 const u_int8_t *d;
1985 int dcolon = 0, zero = 0;
1986
1987 cp = ip6buf;
1988
1989 for (i = 0; i < 8; i++) {
1990 if (*(a + i) == 0) {
1991 cnt++;
1992 if (cnt == 1)
1993 idx = i;
1994 }
1995 else if (maxcnt < cnt) {
1996 maxcnt = cnt;
1997 index = idx;
1998 cnt = 0;
1999 }
2000 }
2001 if (maxcnt < cnt) {
2002 maxcnt = cnt;
2003 index = idx;
2004 }
2005
2006 for (i = 0; i < 8; i++) {
2007 if (dcolon == 1) {
2008 if (*a == 0) {
2009 if (i == 7)
2010 *cp++ = ':';
2011 a++;
2012 continue;
2013 } else
2014 dcolon = 2;
2015 }
2016 if (*a == 0) {
2017 if (dcolon == 0 && *(a + 1) == 0 && i == index) {
2018 if (i == 0)
2019 *cp++ = ':';
2020 *cp++ = ':';
2021 dcolon = 1;
2022 } else {
2023 *cp++ = '0';
2024 *cp++ = ':';
2025 }
2026 a++;
2027 continue;
2028 }
2029 d = (const u_char *)a;
2030 /* Try to eliminate leading zeros in printout like in :0001. */
2031 zero = 1;
2032 *cp = digits[*d >> 4];
2033 if (*cp != '0') {
2034 zero = 0;
2035 cp++;
2036 }
2037 *cp = digits[*d++ & 0xf];
2038 if (zero == 0 || (*cp != '0')) {
2039 zero = 0;
2040 cp++;
2041 }
2042 *cp = digits[*d >> 4];
2043 if (zero == 0 || (*cp != '0')) {
2044 zero = 0;
2045 cp++;
2046 }
2047 *cp++ = digits[*d & 0xf];
2048 *cp++ = ':';
2049 a++;
2050 }
2051 *--cp = '\0';
2052 return (ip6buf);
2053}
2054
2055int
2056in6_localaddr(struct in6_addr *in6)
2057{
2058 struct in6_ifaddr *ia;
2059
2060 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6))
2061 return 1;
2062
2063 IN6_IFADDR_RLOCK();
2064 TAILQ_FOREACH(ia, &V_in6_ifaddrhead, ia_link) {
2065 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr,
2066 &ia->ia_prefixmask.sin6_addr)) {
2067 IN6_IFADDR_RUNLOCK();
2068 return 1;
2069 }
2070 }
2071 IN6_IFADDR_RUNLOCK();
2072
2073 return (0);
2074}
2075
2076/*
2077 * Return 1 if an internet address is for the local host and configured
2078 * on one of its interfaces.
2079 */
2080int
2081in6_localip(struct in6_addr *in6)
2082{
2083 struct in6_ifaddr *ia;
2084
2085 IN6_IFADDR_RLOCK();
2086 TAILQ_FOREACH(ia, &V_in6_ifaddrhead, ia_link) {
2087 if (IN6_ARE_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr)) {
2088 IN6_IFADDR_RUNLOCK();
2089 return (1);
2090 }
2091 }
2092 IN6_IFADDR_RUNLOCK();
2093 return (0);
2094}
2095
2096
2097int
2098in6_is_addr_deprecated(struct sockaddr_in6 *sa6)
2099{
2100 struct in6_ifaddr *ia;
2101
2102 IN6_IFADDR_RLOCK();
2103 TAILQ_FOREACH(ia, &V_in6_ifaddrhead, ia_link) {
2104 if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr,
2105 &sa6->sin6_addr) &&
2106 (ia->ia6_flags & IN6_IFF_DEPRECATED) != 0) {
2107 IN6_IFADDR_RUNLOCK();
2108 return (1); /* true */
2109 }
2110
2111 /* XXX: do we still have to go thru the rest of the list? */
2112 }
2113 IN6_IFADDR_RUNLOCK();
2114
2115 return (0); /* false */
2116}
2117
2118/*
2119 * return length of part which dst and src are equal
2120 * hard coding...
2121 */
2122int
2123in6_matchlen(struct in6_addr *src, struct in6_addr *dst)
2124{
2125 int match = 0;
2126 u_char *s = (u_char *)src, *d = (u_char *)dst;
2127 u_char *lim = s + 16, r;
2128
2129 while (s < lim)
2130 if ((r = (*d++ ^ *s++)) != 0) {
2131 while (r < 128) {
2132 match++;
2133 r <<= 1;
2134 }
2135 break;
2136 } else
2137 match += 8;
2138 return match;
2139}
2140
2141/* XXX: to be scope conscious */
2142int
2143in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len)
2144{
2145 int bytelen, bitlen;
2146
2147 /* sanity check */
2148 if (0 > len || len > 128) {
2149 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n",
2150 len);
2151 return (0);
2152 }
2153
2154 bytelen = len / 8;
2155 bitlen = len % 8;
2156
2157 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen))
2158 return (0);
2159 if (bitlen != 0 &&
2160 p1->s6_addr[bytelen] >> (8 - bitlen) !=
2161 p2->s6_addr[bytelen] >> (8 - bitlen))
2162 return (0);
2163
2164 return (1);
2165}
2166
2167void
2168in6_prefixlen2mask(struct in6_addr *maskp, int len)
2169{
2170 u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff};
2171 int bytelen, bitlen, i;
2172
2173 /* sanity check */
2174 if (0 > len || len > 128) {
2175 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n",
2176 len);
2177 return;
2178 }
2179
2180 bzero(maskp, sizeof(*maskp));
2181 bytelen = len / 8;
2182 bitlen = len % 8;
2183 for (i = 0; i < bytelen; i++)
2184 maskp->s6_addr[i] = 0xff;
2185 if (bitlen)
2186 maskp->s6_addr[bytelen] = maskarray[bitlen - 1];
2187}
2188
2189/*
2190 * return the best address out of the same scope. if no address was
2191 * found, return the first valid address from designated IF.
2192 */
2193struct in6_ifaddr *
2194in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst)
2195{
2196 int dst_scope = in6_addrscope(dst), blen = -1, tlen;
2197 struct ifaddr *ifa;
2198 struct in6_ifaddr *besta = 0;
2199 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */
2200
2201 dep[0] = dep[1] = NULL;
2202
2203 /*
2204 * We first look for addresses in the same scope.
2205 * If there is one, return it.
2206 * If two or more, return one which matches the dst longest.
2207 * If none, return one of global addresses assigned other ifs.
2208 */
2209 IF_ADDR_RLOCK(ifp);
2210 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2211 if (ifa->ifa_addr->sa_family != AF_INET6)
2212 continue;
2213 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
2214 continue; /* XXX: is there any case to allow anycast? */
2215 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
2216 continue; /* don't use this interface */
2217 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
2218 continue;
2219 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
2220 if (V_ip6_use_deprecated)
2221 dep[0] = (struct in6_ifaddr *)ifa;
2222 continue;
2223 }
2224
2225 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) {
2226 /*
2227 * call in6_matchlen() as few as possible
2228 */
2229 if (besta) {
2230 if (blen == -1)
2231 blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst);
2232 tlen = in6_matchlen(IFA_IN6(ifa), dst);
2233 if (tlen > blen) {
2234 blen = tlen;
2235 besta = (struct in6_ifaddr *)ifa;
2236 }
2237 } else
2238 besta = (struct in6_ifaddr *)ifa;
2239 }
2240 }
2241 if (besta) {
2242 ifa_ref(&besta->ia_ifa);
2243 IF_ADDR_RUNLOCK(ifp);
2244 return (besta);
2245 }
2246
2247 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2248 if (ifa->ifa_addr->sa_family != AF_INET6)
2249 continue;
2250 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
2251 continue; /* XXX: is there any case to allow anycast? */
2252 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
2253 continue; /* don't use this interface */
2254 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
2255 continue;
2256 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
2257 if (V_ip6_use_deprecated)
2258 dep[1] = (struct in6_ifaddr *)ifa;
2259 continue;
2260 }
2261
2262 if (ifa != NULL)
2263 ifa_ref(ifa);
2264 IF_ADDR_RUNLOCK(ifp);
2265 return (struct in6_ifaddr *)ifa;
2266 }
2267
2268 /* use the last-resort values, that are, deprecated addresses */
2269 if (dep[0]) {
2270 ifa_ref((struct ifaddr *)dep[0]);
2271 IF_ADDR_RUNLOCK(ifp);
2272 return dep[0];
2273 }
2274 if (dep[1]) {
2275 ifa_ref((struct ifaddr *)dep[1]);
2276 IF_ADDR_RUNLOCK(ifp);
2277 return dep[1];
2278 }
2279
2280 IF_ADDR_RUNLOCK(ifp);
2281 return NULL;
2282}
2283
2284/*
2285 * perform DAD when interface becomes IFF_UP.
2286 */
2287void
2288in6_if_up(struct ifnet *ifp)
2289{
2290 struct ifaddr *ifa;
2291 struct in6_ifaddr *ia;
2292
2293 IF_ADDR_RLOCK(ifp);
2294 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2295 if (ifa->ifa_addr->sa_family != AF_INET6)
2296 continue;
2297 ia = (struct in6_ifaddr *)ifa;
2298 if (ia->ia6_flags & IN6_IFF_TENTATIVE) {
2299 /*
2300 * The TENTATIVE flag was likely set by hand
2301 * beforehand, implicitly indicating the need for DAD.
2302 * We may be able to skip the random delay in this
2303 * case, but we impose delays just in case.
2304 */
2305 nd6_dad_start(ifa,
2306 arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz));
2307 }
2308 }
2309 IF_ADDR_RUNLOCK(ifp);
2310
2311 /*
2312 * special cases, like 6to4, are handled in in6_ifattach
2313 */
2314 in6_ifattach(ifp, NULL);
2315}
2316
2317int
2318in6if_do_dad(struct ifnet *ifp)
2319{
2320 if ((ifp->if_flags & IFF_LOOPBACK) != 0)
2321 return (0);
2322
2323 if (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED)
2324 return (0);
2325
2326 switch (ifp->if_type) {
2327#ifdef IFT_DUMMY
2328 case IFT_DUMMY:
2329#endif
2330 case IFT_FAITH:
2331 /*
2332 * These interfaces do not have the IFF_LOOPBACK flag,
2333 * but loop packets back. We do not have to do DAD on such
2334 * interfaces. We should even omit it, because loop-backed
2335 * NS would confuse the DAD procedure.
2336 */
2337 return (0);
2338 default:
2339 /*
2340 * Our DAD routine requires the interface up and running.
2341 * However, some interfaces can be up before the RUNNING
2342 * status. Additionaly, users may try to assign addresses
2343 * before the interface becomes up (or running).
2344 * We simply skip DAD in such a case as a work around.
2345 * XXX: we should rather mark "tentative" on such addresses,
2346 * and do DAD after the interface becomes ready.
2347 */
2348 if (!((ifp->if_flags & IFF_UP) &&
2349 (ifp->if_drv_flags & IFF_DRV_RUNNING)))
2350 return (0);
2351
2352 return (1);
2353 }
2354}
2355
2356/*
2357 * Calculate max IPv6 MTU through all the interfaces and store it
2358 * to in6_maxmtu.
2359 */
2360void
2361in6_setmaxmtu(void)
2362{
2363 unsigned long maxmtu = 0;
2364 struct ifnet *ifp;
2365
2366 IFNET_RLOCK_NOSLEEP();
2367 TAILQ_FOREACH(ifp, &V_ifnet, if_list) {
2368 /* this function can be called during ifnet initialization */
2369 if (!ifp->if_afdata[AF_INET6])
2370 continue;
2371 if ((ifp->if_flags & IFF_LOOPBACK) == 0 &&
2372 IN6_LINKMTU(ifp) > maxmtu)
2373 maxmtu = IN6_LINKMTU(ifp);
2374 }
2375 IFNET_RUNLOCK_NOSLEEP();
2376 if (maxmtu) /* update only when maxmtu is positive */
2377 V_in6_maxmtu = maxmtu;
2378}
2379
2380/*
2381 * Provide the length of interface identifiers to be used for the link attached
2382 * to the given interface. The length should be defined in "IPv6 over
2383 * xxx-link" document. Note that address architecture might also define
2384 * the length for a particular set of address prefixes, regardless of the
2385 * link type. As clarified in rfc2462bis, those two definitions should be
2386 * consistent, and those really are as of August 2004.
2387 */
2388int
2389in6_if2idlen(struct ifnet *ifp)
2390{
2391 switch (ifp->if_type) {
2392 case IFT_ETHER: /* RFC2464 */
2393#ifdef IFT_PROPVIRTUAL
2394 case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */
2395#endif
2396#ifdef IFT_L2VLAN
2397 case IFT_L2VLAN: /* ditto */
2398#endif
2399#ifdef IFT_IEEE80211
2400 case IFT_IEEE80211: /* ditto */
2401#endif
2402#ifdef IFT_MIP
2403 case IFT_MIP: /* ditto */
2404#endif
2405 case IFT_INFINIBAND:
2406 return (64);
2407 case IFT_FDDI: /* RFC2467 */
2408 return (64);
2409 case IFT_ISO88025: /* RFC2470 (IPv6 over Token Ring) */
2410 return (64);
2411 case IFT_PPP: /* RFC2472 */
2412 return (64);
2413 case IFT_ARCNET: /* RFC2497 */
2414 return (64);
2415 case IFT_FRELAY: /* RFC2590 */
2416 return (64);
2417 case IFT_IEEE1394: /* RFC3146 */
2418 return (64);
2419 case IFT_GIF:
2420 return (64); /* draft-ietf-v6ops-mech-v2-07 */
2421 case IFT_LOOP:
2422 return (64); /* XXX: is this really correct? */
2423 default:
2424 /*
2425 * Unknown link type:
2426 * It might be controversial to use the today's common constant
2427 * of 64 for these cases unconditionally. For full compliance,
2428 * we should return an error in this case. On the other hand,
2429 * if we simply miss the standard for the link type or a new
2430 * standard is defined for a new link type, the IFID length
2431 * is very likely to be the common constant. As a compromise,
2432 * we always use the constant, but make an explicit notice
2433 * indicating the "unknown" case.
2434 */
2435 printf("in6_if2idlen: unknown link type (%d)\n", ifp->if_type);
2436 return (64);
2437 }
2438}
2439
2440#include <sys/sysctl.h>
2441
2442struct in6_llentry {
2443 struct llentry base;
2444 struct sockaddr_in6 l3_addr6;
2445};
2446
2447/*
2448 * Deletes an address from the address table.
2449 * This function is called by the timer functions
2450 * such as arptimer() and nd6_llinfo_timer(), and
2451 * the caller does the locking.
2452 */
2453static void
2454in6_lltable_free(struct lltable *llt, struct llentry *lle)
2455{
2456 LLE_WUNLOCK(lle);
2457 LLE_LOCK_DESTROY(lle);
2458 free(lle, M_LLTABLE);
2459}
2460
2461static struct llentry *
2462in6_lltable_new(const struct sockaddr *l3addr, u_int flags)
2463{
2464 struct in6_llentry *lle;
2465
2466 lle = malloc(sizeof(struct in6_llentry), M_LLTABLE, M_NOWAIT | M_ZERO);
2467 if (lle == NULL) /* NB: caller generates msg */
2468 return NULL;
2469
2470 lle->l3_addr6 = *(const struct sockaddr_in6 *)l3addr;
2471 lle->base.lle_refcnt = 1;
2472 lle->base.lle_free = in6_lltable_free;
2473 LLE_LOCK_INIT(&lle->base);
2474 callout_init_rw(&lle->base.ln_timer_ch, &lle->base.lle_lock,
2475 CALLOUT_RETURNUNLOCKED);
2476
2477 return (&lle->base);
2478}
2479
2480static void
2481in6_lltable_prefix_free(struct lltable *llt, const struct sockaddr *prefix,
2482 const struct sockaddr *mask, u_int flags)
2483{
2484 const struct sockaddr_in6 *pfx = (const struct sockaddr_in6 *)prefix;
2485 const struct sockaddr_in6 *msk = (const struct sockaddr_in6 *)mask;
2486 struct llentry *lle, *next;
2487 int i;
2488
2489 /*
2490 * (flags & LLE_STATIC) means deleting all entries
2491 * including static ND6 entries.
2492 */
2493 IF_AFDATA_WLOCK(llt->llt_ifp);
2494 for (i = 0; i < LLTBL_HASHTBL_SIZE; i++) {
2495 LIST_FOREACH_SAFE(lle, &llt->lle_head[i], lle_next, next) {
2496 if (IN6_ARE_MASKED_ADDR_EQUAL(
2497 &satosin6(L3_ADDR(lle))->sin6_addr,
2498 &pfx->sin6_addr, &msk->sin6_addr) &&
2499 ((flags & LLE_STATIC) ||
2500 !(lle->la_flags & LLE_STATIC))) {
2501 LLE_WLOCK(lle);
2502 if (callout_stop(&lle->la_timer))
2503 LLE_REMREF(lle);
2504 llentry_free(lle);
2505 }
2506 }
2507 }
2508 IF_AFDATA_WUNLOCK(llt->llt_ifp);
2509}
2510
2511static int
2512in6_lltable_rtcheck(struct ifnet *ifp,
2513 u_int flags,
2514 const struct sockaddr *l3addr)
2515{
2516 struct rtentry *rt;
2517 char ip6buf[INET6_ADDRSTRLEN];
2518
2519 KASSERT(l3addr->sa_family == AF_INET6,
2520 ("sin_family %d", l3addr->sa_family));
2521
2522 /* Our local addresses are always only installed on the default FIB. */
2523 /* XXX rtalloc1 should take a const param */
2524 rt = in6_rtalloc1(__DECONST(struct sockaddr *, l3addr), 0, 0,
2525 RT_DEFAULT_FIB);
2526 if (rt == NULL || (rt->rt_flags & RTF_GATEWAY) || rt->rt_ifp != ifp) {
2527 struct ifaddr *ifa;
2528 /*
2529 * Create an ND6 cache for an IPv6 neighbor
2530 * that is not covered by our own prefix.
2531 */
2532 /* XXX ifaof_ifpforaddr should take a const param */
2533 ifa = ifaof_ifpforaddr(__DECONST(struct sockaddr *, l3addr), ifp);
2534 if (ifa != NULL) {
2535 ifa_free(ifa);
2536 if (rt != NULL)
2537 RTFREE_LOCKED(rt);
2538 return 0;
2539 }
2540 log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n",
2541 ip6_sprintf(ip6buf, &((const struct sockaddr_in6 *)l3addr)->sin6_addr));
2542 if (rt != NULL)
2543 RTFREE_LOCKED(rt);
2544 return EINVAL;
2545 }
2546 RTFREE_LOCKED(rt);
2547 return 0;
2548}
2549
2550static struct llentry *
2551in6_lltable_lookup(struct lltable *llt, u_int flags,
2552 const struct sockaddr *l3addr)
2553{
2554 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr;
2555 struct ifnet *ifp = llt->llt_ifp;
2556 struct llentry *lle;
2557 struct llentries *lleh;
2558 u_int hashkey;
2559
2560 IF_AFDATA_LOCK_ASSERT(ifp);
2561 KASSERT(l3addr->sa_family == AF_INET6,
2562 ("sin_family %d", l3addr->sa_family));
2563
2564 hashkey = sin6->sin6_addr.s6_addr32[3];
2565 lleh = &llt->lle_head[LLATBL_HASH(hashkey, LLTBL_HASHMASK)];
2566 LIST_FOREACH(lle, lleh, lle_next) {
2567 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)L3_ADDR(lle);
2568 if (lle->la_flags & LLE_DELETED)
2569 continue;
2570 if (bcmp(&sa6->sin6_addr, &sin6->sin6_addr,
2571 sizeof(struct in6_addr)) == 0)
2572 break;
2573 }
2574
2575 if (lle == NULL) {
2576 if (!(flags & LLE_CREATE))
2577 return (NULL);
2578 /*
2579 * A route that covers the given address must have
2580 * been installed 1st because we are doing a resolution,
2581 * verify this.
2582 */
2583 if (!(flags & LLE_IFADDR) &&
2584 in6_lltable_rtcheck(ifp, flags, l3addr) != 0)
2585 return NULL;
2586
2587 lle = in6_lltable_new(l3addr, flags);
2588 if (lle == NULL) {
2589 log(LOG_INFO, "lla_lookup: new lle malloc failed\n");
2590 return NULL;
2591 }
2592 lle->la_flags = flags & ~LLE_CREATE;
2593 if ((flags & (LLE_CREATE | LLE_IFADDR)) == (LLE_CREATE | LLE_IFADDR)) {
2594 bcopy(IF_LLADDR(ifp), &lle->ll_addr, ifp->if_addrlen);
2595 lle->la_flags |= (LLE_VALID | LLE_STATIC);
2596 }
2597
2598 lle->lle_tbl = llt;
2599 lle->lle_head = lleh;
2600 lle->la_flags |= LLE_LINKED;
2601 LIST_INSERT_HEAD(lleh, lle, lle_next);
2602 } else if (flags & LLE_DELETE) {
2603 if (!(lle->la_flags & LLE_IFADDR) || (flags & LLE_IFADDR)) {
2604 LLE_WLOCK(lle);
2605 lle->la_flags |= LLE_DELETED;
2606 LLE_WUNLOCK(lle);
2607#ifdef DIAGNOSTIC
2608 log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle);
2609#endif
2610 }
2611 lle = (void *)-1;
2612 }
2613 if (LLE_IS_VALID(lle)) {
2614 if (flags & LLE_EXCLUSIVE)
2615 LLE_WLOCK(lle);
2616 else
2617 LLE_RLOCK(lle);
2618 }
2619 return (lle);
2620}
2621
2622static int
2623in6_lltable_dump(struct lltable *llt, struct sysctl_req *wr)
2624{
2625 struct ifnet *ifp = llt->llt_ifp;
2626 struct llentry *lle;
2627 /* XXX stack use */
2628 struct {
2629 struct rt_msghdr rtm;
2630 struct sockaddr_in6 sin6;
2631 /*
2632 * ndp.c assumes that sdl is word aligned
2633 */
2634#ifdef __LP64__
2635 uint32_t pad;
2636#endif
2637 struct sockaddr_dl sdl;
2638 } ndpc;
2639 int i, error;
2640
2641 if (ifp->if_flags & IFF_LOOPBACK)
2642 return 0;
2643
2644 LLTABLE_LOCK_ASSERT();
2645
2646 error = 0;
2647 for (i = 0; i < LLTBL_HASHTBL_SIZE; i++) {
2648 LIST_FOREACH(lle, &llt->lle_head[i], lle_next) {
2649 struct sockaddr_dl *sdl;
2650
2651 /* skip deleted or invalid entries */
2652 if ((lle->la_flags & (LLE_DELETED|LLE_VALID)) != LLE_VALID)
2653 continue;
2654 /* Skip if jailed and not a valid IP of the prison. */
2655 if (prison_if(wr->td->td_ucred, L3_ADDR(lle)) != 0)
2656 continue;
2657 /*
2658 * produce a msg made of:
2659 * struct rt_msghdr;
2660 * struct sockaddr_in6 (IPv6)
2661 * struct sockaddr_dl;
2662 */
2663 bzero(&ndpc, sizeof(ndpc));
2664 ndpc.rtm.rtm_msglen = sizeof(ndpc);
2665 ndpc.rtm.rtm_version = RTM_VERSION;
2666 ndpc.rtm.rtm_type = RTM_GET;
2667 ndpc.rtm.rtm_flags = RTF_UP;
2668 ndpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY;
2669 ndpc.sin6.sin6_family = AF_INET6;
2670 ndpc.sin6.sin6_len = sizeof(ndpc.sin6);
2671 bcopy(L3_ADDR(lle), &ndpc.sin6, L3_ADDR_LEN(lle));
2672
2673 /* publish */
2674 if (lle->la_flags & LLE_PUB)
2675 ndpc.rtm.rtm_flags |= RTF_ANNOUNCE;
2676
2677 sdl = &ndpc.sdl;
2678 sdl->sdl_family = AF_LINK;
2679 sdl->sdl_len = sizeof(*sdl);
2680 sdl->sdl_alen = ifp->if_addrlen;
2681 sdl->sdl_index = ifp->if_index;
2682 sdl->sdl_type = ifp->if_type;
2683 bcopy(&lle->ll_addr, LLADDR(sdl), ifp->if_addrlen);
2684 ndpc.rtm.rtm_rmx.rmx_expire =
2685 lle->la_flags & LLE_STATIC ? 0 : lle->la_expire;
2686 ndpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA);
2687 if (lle->la_flags & LLE_STATIC)
2688 ndpc.rtm.rtm_flags |= RTF_STATIC;
2689 ndpc.rtm.rtm_index = ifp->if_index;
2690 error = SYSCTL_OUT(wr, &ndpc, sizeof(ndpc));
2691 if (error)
2692 break;
2693 }
2694 }
2695 return error;
2696}
2697
2698void *
2699in6_domifattach(struct ifnet *ifp)
2700{
2701 struct in6_ifextra *ext;
2702
2703 ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK);
2704 bzero(ext, sizeof(*ext));
2705
2706 ext->in6_ifstat = (struct in6_ifstat *)malloc(sizeof(struct in6_ifstat),
2707 M_IFADDR, M_WAITOK);
2708 bzero(ext->in6_ifstat, sizeof(*ext->in6_ifstat));
2709
2710 ext->icmp6_ifstat =
2711 (struct icmp6_ifstat *)malloc(sizeof(struct icmp6_ifstat),
2712 M_IFADDR, M_WAITOK);
2713 bzero(ext->icmp6_ifstat, sizeof(*ext->icmp6_ifstat));
2714
2715 ext->nd_ifinfo = nd6_ifattach(ifp);
2716 ext->scope6_id = scope6_ifattach(ifp);
2717 ext->lltable = lltable_init(ifp, AF_INET6);
2718 if (ext->lltable != NULL) {
2719 ext->lltable->llt_prefix_free = in6_lltable_prefix_free;
2720 ext->lltable->llt_lookup = in6_lltable_lookup;
2721 ext->lltable->llt_dump = in6_lltable_dump;
2722 }
2723
2724 ext->mld_ifinfo = mld_domifattach(ifp);
2725
2726 return ext;
2727}
2728
2729void
2730in6_domifdetach(struct ifnet *ifp, void *aux)
2731{
2732 struct in6_ifextra *ext = (struct in6_ifextra *)aux;
2733
2734 mld_domifdetach(ifp);
2735 scope6_ifdetach(ext->scope6_id);
2736 nd6_ifdetach(ext->nd_ifinfo);
2737 lltable_free(ext->lltable);
2738 free(ext->in6_ifstat, M_IFADDR);
2739 free(ext->icmp6_ifstat, M_IFADDR);
2740 free(ext, M_IFADDR);
2741}
2742
2743/*
2744 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be
2745 * v4 mapped addr or v4 compat addr
2746 */
2747void
2748in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
2749{
2750
2751 bzero(sin, sizeof(*sin));
2752 sin->sin_len = sizeof(struct sockaddr_in);
2753 sin->sin_family = AF_INET;
2754 sin->sin_port = sin6->sin6_port;
2755 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3];
2756}
2757
2758/* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */
2759void
2760in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
2761{
2762 bzero(sin6, sizeof(*sin6));
2763 sin6->sin6_len = sizeof(struct sockaddr_in6);
2764 sin6->sin6_family = AF_INET6;
2765 sin6->sin6_port = sin->sin_port;
2766 sin6->sin6_addr.s6_addr32[0] = 0;
2767 sin6->sin6_addr.s6_addr32[1] = 0;
2768 sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP;
2769 sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr;
2770}
2771
2772/* Convert sockaddr_in6 into sockaddr_in. */
2773void
2774in6_sin6_2_sin_in_sock(struct sockaddr *nam)
2775{
2776 struct sockaddr_in *sin_p;
2777 struct sockaddr_in6 sin6;
2778
2779 /*
2780 * Save original sockaddr_in6 addr and convert it
2781 * to sockaddr_in.
2782 */
2783 sin6 = *(struct sockaddr_in6 *)nam;
2784 sin_p = (struct sockaddr_in *)nam;
2785 in6_sin6_2_sin(sin_p, &sin6);
2786}
2787
2788/* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */
2789void
2790in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam)
2791{
2792 struct sockaddr_in *sin_p;
2793 struct sockaddr_in6 *sin6_p;
2794
2795 sin6_p = malloc(sizeof *sin6_p, M_SONAME, M_WAITOK);
2796 sin_p = (struct sockaddr_in *)*nam;
2797 in6_sin_2_v4mapsin6(sin_p, sin6_p);
2798 free(*nam, M_SONAME);
2799 *nam = (struct sockaddr *)sin6_p;
2800}
|