in6.c revision 194760
1/*- 2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the project nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * $KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $ 30 */ 31 32/*- 33 * Copyright (c) 1982, 1986, 1991, 1993 34 * The Regents of the University of California. All rights reserved. 35 * 36 * Redistribution and use in source and binary forms, with or without 37 * modification, are permitted provided that the following conditions 38 * are met: 39 * 1. Redistributions of source code must retain the above copyright 40 * notice, this list of conditions and the following disclaimer. 41 * 2. Redistributions in binary form must reproduce the above copyright 42 * notice, this list of conditions and the following disclaimer in the 43 * documentation and/or other materials provided with the distribution. 44 * 4. Neither the name of the University nor the names of its contributors 45 * may be used to endorse or promote products derived from this software 46 * without specific prior written permission. 47 * 48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 58 * SUCH DAMAGE. 59 * 60 * @(#)in.c 8.2 (Berkeley) 11/15/93 61 */ 62 63#include <sys/cdefs.h> 64__FBSDID("$FreeBSD: head/sys/netinet6/in6.c 194760 2009-06-23 20:19:09Z rwatson $"); 65 66#include "opt_inet.h" 67#include "opt_inet6.h" 68 69#include <sys/param.h> 70#include <sys/errno.h> 71#include <sys/jail.h> 72#include <sys/malloc.h> 73#include <sys/socket.h> 74#include <sys/socketvar.h> 75#include <sys/sockio.h> 76#include <sys/systm.h> 77#include <sys/priv.h> 78#include <sys/proc.h> 79#include <sys/time.h> 80#include <sys/kernel.h> 81#include <sys/syslog.h> 82#include <sys/vimage.h> 83 84#include <net/if.h> 85#include <net/if_types.h> 86#include <net/route.h> 87#include <net/if_dl.h> 88#include <net/vnet.h> 89 90#include <netinet/in.h> 91#include <netinet/in_var.h> 92#include <net/if_llatbl.h> 93#include <netinet/if_ether.h> 94#include <netinet/in_systm.h> 95#include <netinet/ip.h> 96#include <netinet/in_pcb.h> 97 98#include <netinet/ip6.h> 99#include <netinet6/ip6_var.h> 100#include <netinet6/nd6.h> 101#include <netinet6/mld6_var.h> 102#include <netinet6/ip6_mroute.h> 103#include <netinet6/in6_ifattach.h> 104#include <netinet6/scope6_var.h> 105#include <netinet6/in6_pcb.h> 106#include <netinet6/vinet6.h> 107 108/* 109 * Definitions of some costant IP6 addresses. 110 */ 111const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT; 112const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT; 113const struct in6_addr in6addr_nodelocal_allnodes = 114 IN6ADDR_NODELOCAL_ALLNODES_INIT; 115const struct in6_addr in6addr_linklocal_allnodes = 116 IN6ADDR_LINKLOCAL_ALLNODES_INIT; 117const struct in6_addr in6addr_linklocal_allrouters = 118 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT; 119const struct in6_addr in6addr_linklocal_allv2routers = 120 IN6ADDR_LINKLOCAL_ALLV2ROUTERS_INIT; 121 122const struct in6_addr in6mask0 = IN6MASK0; 123const struct in6_addr in6mask32 = IN6MASK32; 124const struct in6_addr in6mask64 = IN6MASK64; 125const struct in6_addr in6mask96 = IN6MASK96; 126const struct in6_addr in6mask128 = IN6MASK128; 127 128const struct sockaddr_in6 sa6_any = 129 { sizeof(sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0 }; 130 131static int in6_lifaddr_ioctl __P((struct socket *, u_long, caddr_t, 132 struct ifnet *, struct thread *)); 133static int in6_ifinit __P((struct ifnet *, struct in6_ifaddr *, 134 struct sockaddr_in6 *, int)); 135static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *); 136 137int (*faithprefix_p)(struct in6_addr *); 138 139 140 141int 142in6_mask2len(struct in6_addr *mask, u_char *lim0) 143{ 144 int x = 0, y; 145 u_char *lim = lim0, *p; 146 147 /* ignore the scope_id part */ 148 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask)) 149 lim = (u_char *)mask + sizeof(*mask); 150 for (p = (u_char *)mask; p < lim; x++, p++) { 151 if (*p != 0xff) 152 break; 153 } 154 y = 0; 155 if (p < lim) { 156 for (y = 0; y < 8; y++) { 157 if ((*p & (0x80 >> y)) == 0) 158 break; 159 } 160 } 161 162 /* 163 * when the limit pointer is given, do a stricter check on the 164 * remaining bits. 165 */ 166 if (p < lim) { 167 if (y != 0 && (*p & (0x00ff >> y)) != 0) 168 return (-1); 169 for (p = p + 1; p < lim; p++) 170 if (*p != 0) 171 return (-1); 172 } 173 174 return x * 8 + y; 175} 176 177#define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa)) 178#define ia62ifa(ia6) (&((ia6)->ia_ifa)) 179 180int 181in6_control(struct socket *so, u_long cmd, caddr_t data, 182 struct ifnet *ifp, struct thread *td) 183{ 184 INIT_VNET_INET6(curvnet); 185 struct in6_ifreq *ifr = (struct in6_ifreq *)data; 186 struct in6_ifaddr *ia = NULL; 187 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data; 188 struct sockaddr_in6 *sa6; 189 int error; 190 191 switch (cmd) { 192 case SIOCGETSGCNT_IN6: 193 case SIOCGETMIFCNT_IN6: 194 return (mrt6_ioctl ? mrt6_ioctl(cmd, data) : EOPNOTSUPP); 195 } 196 197 switch(cmd) { 198 case SIOCAADDRCTL_POLICY: 199 case SIOCDADDRCTL_POLICY: 200 if (td != NULL) { 201 error = priv_check(td, PRIV_NETINET_ADDRCTRL6); 202 if (error) 203 return (error); 204 } 205 return (in6_src_ioctl(cmd, data)); 206 } 207 208 if (ifp == NULL) 209 return (EOPNOTSUPP); 210 211 switch (cmd) { 212 case SIOCSNDFLUSH_IN6: 213 case SIOCSPFXFLUSH_IN6: 214 case SIOCSRTRFLUSH_IN6: 215 case SIOCSDEFIFACE_IN6: 216 case SIOCSIFINFO_FLAGS: 217 case SIOCSIFINFO_IN6: 218 if (td != NULL) { 219 error = priv_check(td, PRIV_NETINET_ND6); 220 if (error) 221 return (error); 222 } 223 /* FALLTHROUGH */ 224 case OSIOCGIFINFO_IN6: 225 case SIOCGIFINFO_IN6: 226 case SIOCGDRLST_IN6: 227 case SIOCGPRLST_IN6: 228 case SIOCGNBRINFO_IN6: 229 case SIOCGDEFIFACE_IN6: 230 return (nd6_ioctl(cmd, data, ifp)); 231 } 232 233 switch (cmd) { 234 case SIOCSIFPREFIX_IN6: 235 case SIOCDIFPREFIX_IN6: 236 case SIOCAIFPREFIX_IN6: 237 case SIOCCIFPREFIX_IN6: 238 case SIOCSGIFPREFIX_IN6: 239 case SIOCGIFPREFIX_IN6: 240 log(LOG_NOTICE, 241 "prefix ioctls are now invalidated. " 242 "please use ifconfig.\n"); 243 return (EOPNOTSUPP); 244 } 245 246 switch (cmd) { 247 case SIOCSSCOPE6: 248 if (td != NULL) { 249 error = priv_check(td, PRIV_NETINET_SCOPE6); 250 if (error) 251 return (error); 252 } 253 return (scope6_set(ifp, 254 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id)); 255 case SIOCGSCOPE6: 256 return (scope6_get(ifp, 257 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id)); 258 case SIOCGSCOPE6DEF: 259 return (scope6_get_default((struct scope6_id *) 260 ifr->ifr_ifru.ifru_scope_id)); 261 } 262 263 switch (cmd) { 264 case SIOCALIFADDR: 265 if (td != NULL) { 266 error = priv_check(td, PRIV_NET_ADDIFADDR); 267 if (error) 268 return (error); 269 } 270 return in6_lifaddr_ioctl(so, cmd, data, ifp, td); 271 272 case SIOCDLIFADDR: 273 if (td != NULL) { 274 error = priv_check(td, PRIV_NET_DELIFADDR); 275 if (error) 276 return (error); 277 } 278 /* FALLTHROUGH */ 279 case SIOCGLIFADDR: 280 return in6_lifaddr_ioctl(so, cmd, data, ifp, td); 281 } 282 283 /* 284 * Find address for this interface, if it exists. 285 * 286 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation 287 * only, and used the first interface address as the target of other 288 * operations (without checking ifra_addr). This was because netinet 289 * code/API assumed at most 1 interface address per interface. 290 * Since IPv6 allows a node to assign multiple addresses 291 * on a single interface, we almost always look and check the 292 * presence of ifra_addr, and reject invalid ones here. 293 * It also decreases duplicated code among SIOC*_IN6 operations. 294 */ 295 switch (cmd) { 296 case SIOCAIFADDR_IN6: 297 case SIOCSIFPHYADDR_IN6: 298 sa6 = &ifra->ifra_addr; 299 break; 300 case SIOCSIFADDR_IN6: 301 case SIOCGIFADDR_IN6: 302 case SIOCSIFDSTADDR_IN6: 303 case SIOCSIFNETMASK_IN6: 304 case SIOCGIFDSTADDR_IN6: 305 case SIOCGIFNETMASK_IN6: 306 case SIOCDIFADDR_IN6: 307 case SIOCGIFPSRCADDR_IN6: 308 case SIOCGIFPDSTADDR_IN6: 309 case SIOCGIFAFLAG_IN6: 310 case SIOCSNDFLUSH_IN6: 311 case SIOCSPFXFLUSH_IN6: 312 case SIOCSRTRFLUSH_IN6: 313 case SIOCGIFALIFETIME_IN6: 314 case SIOCSIFALIFETIME_IN6: 315 case SIOCGIFSTAT_IN6: 316 case SIOCGIFSTAT_ICMP6: 317 sa6 = &ifr->ifr_addr; 318 break; 319 default: 320 sa6 = NULL; 321 break; 322 } 323 if (sa6 && sa6->sin6_family == AF_INET6) { 324 if (sa6->sin6_scope_id != 0) 325 error = sa6_embedscope(sa6, 0); 326 else 327 error = in6_setscope(&sa6->sin6_addr, ifp, NULL); 328 if (error != 0) 329 return (error); 330 if (td != NULL && (error = prison_check_ip6(td->td_ucred, 331 &sa6->sin6_addr)) != 0) 332 return (error); 333 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr); 334 } else 335 ia = NULL; 336 337 switch (cmd) { 338 case SIOCSIFADDR_IN6: 339 case SIOCSIFDSTADDR_IN6: 340 case SIOCSIFNETMASK_IN6: 341 /* 342 * Since IPv6 allows a node to assign multiple addresses 343 * on a single interface, SIOCSIFxxx ioctls are deprecated. 344 */ 345 /* we decided to obsolete this command (20000704) */ 346 error = EINVAL; 347 goto out; 348 349 case SIOCDIFADDR_IN6: 350 /* 351 * for IPv4, we look for existing in_ifaddr here to allow 352 * "ifconfig if0 delete" to remove the first IPv4 address on 353 * the interface. For IPv6, as the spec allows multiple 354 * interface address from the day one, we consider "remove the 355 * first one" semantics to be not preferable. 356 */ 357 if (ia == NULL) { 358 error = EADDRNOTAVAIL; 359 goto out; 360 } 361 /* FALLTHROUGH */ 362 case SIOCAIFADDR_IN6: 363 /* 364 * We always require users to specify a valid IPv6 address for 365 * the corresponding operation. 366 */ 367 if (ifra->ifra_addr.sin6_family != AF_INET6 || 368 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) { 369 error = EAFNOSUPPORT; 370 goto out; 371 } 372 373 if (td != NULL) { 374 error = priv_check(td, (cmd == SIOCDIFADDR_IN6) ? 375 PRIV_NET_DELIFADDR : PRIV_NET_ADDIFADDR); 376 if (error) 377 goto out; 378 } 379 break; 380 381 case SIOCGIFADDR_IN6: 382 /* This interface is basically deprecated. use SIOCGIFCONF. */ 383 /* FALLTHROUGH */ 384 case SIOCGIFAFLAG_IN6: 385 case SIOCGIFNETMASK_IN6: 386 case SIOCGIFDSTADDR_IN6: 387 case SIOCGIFALIFETIME_IN6: 388 /* must think again about its semantics */ 389 if (ia == NULL) { 390 error = EADDRNOTAVAIL; 391 goto out; 392 } 393 break; 394 395 case SIOCSIFALIFETIME_IN6: 396 { 397 struct in6_addrlifetime *lt; 398 399 if (td != NULL) { 400 error = priv_check(td, PRIV_NETINET_ALIFETIME6); 401 if (error) 402 goto out; 403 } 404 if (ia == NULL) { 405 error = EADDRNOTAVAIL; 406 goto out; 407 } 408 /* sanity for overflow - beware unsigned */ 409 lt = &ifr->ifr_ifru.ifru_lifetime; 410 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME && 411 lt->ia6t_vltime + time_second < time_second) { 412 error = EINVAL; 413 goto out; 414 } 415 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME && 416 lt->ia6t_pltime + time_second < time_second) { 417 error = EINVAL; 418 goto out; 419 } 420 break; 421 } 422 } 423 424 switch (cmd) { 425 case SIOCGIFADDR_IN6: 426 ifr->ifr_addr = ia->ia_addr; 427 if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0) 428 goto out; 429 break; 430 431 case SIOCGIFDSTADDR_IN6: 432 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) { 433 error = EINVAL; 434 goto out; 435 } 436 /* 437 * XXX: should we check if ifa_dstaddr is NULL and return 438 * an error? 439 */ 440 ifr->ifr_dstaddr = ia->ia_dstaddr; 441 if ((error = sa6_recoverscope(&ifr->ifr_dstaddr)) != 0) 442 goto out; 443 break; 444 445 case SIOCGIFNETMASK_IN6: 446 ifr->ifr_addr = ia->ia_prefixmask; 447 break; 448 449 case SIOCGIFAFLAG_IN6: 450 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags; 451 break; 452 453 case SIOCGIFSTAT_IN6: 454 if (ifp == NULL) { 455 error = EINVAL; 456 goto out; 457 } 458 bzero(&ifr->ifr_ifru.ifru_stat, 459 sizeof(ifr->ifr_ifru.ifru_stat)); 460 ifr->ifr_ifru.ifru_stat = 461 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat; 462 break; 463 464 case SIOCGIFSTAT_ICMP6: 465 if (ifp == NULL) { 466 error = EINVAL; 467 goto out; 468 } 469 bzero(&ifr->ifr_ifru.ifru_icmp6stat, 470 sizeof(ifr->ifr_ifru.ifru_icmp6stat)); 471 ifr->ifr_ifru.ifru_icmp6stat = 472 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat; 473 break; 474 475 case SIOCGIFALIFETIME_IN6: 476 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime; 477 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 478 time_t maxexpire; 479 struct in6_addrlifetime *retlt = 480 &ifr->ifr_ifru.ifru_lifetime; 481 482 /* 483 * XXX: adjust expiration time assuming time_t is 484 * signed. 485 */ 486 maxexpire = (-1) & 487 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1)); 488 if (ia->ia6_lifetime.ia6t_vltime < 489 maxexpire - ia->ia6_updatetime) { 490 retlt->ia6t_expire = ia->ia6_updatetime + 491 ia->ia6_lifetime.ia6t_vltime; 492 } else 493 retlt->ia6t_expire = maxexpire; 494 } 495 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 496 time_t maxexpire; 497 struct in6_addrlifetime *retlt = 498 &ifr->ifr_ifru.ifru_lifetime; 499 500 /* 501 * XXX: adjust expiration time assuming time_t is 502 * signed. 503 */ 504 maxexpire = (-1) & 505 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1)); 506 if (ia->ia6_lifetime.ia6t_pltime < 507 maxexpire - ia->ia6_updatetime) { 508 retlt->ia6t_preferred = ia->ia6_updatetime + 509 ia->ia6_lifetime.ia6t_pltime; 510 } else 511 retlt->ia6t_preferred = maxexpire; 512 } 513 break; 514 515 case SIOCSIFALIFETIME_IN6: 516 ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime; 517 /* for sanity */ 518 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 519 ia->ia6_lifetime.ia6t_expire = 520 time_second + ia->ia6_lifetime.ia6t_vltime; 521 } else 522 ia->ia6_lifetime.ia6t_expire = 0; 523 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 524 ia->ia6_lifetime.ia6t_preferred = 525 time_second + ia->ia6_lifetime.ia6t_pltime; 526 } else 527 ia->ia6_lifetime.ia6t_preferred = 0; 528 break; 529 530 case SIOCAIFADDR_IN6: 531 { 532 int i; 533 struct nd_prefixctl pr0; 534 struct nd_prefix *pr; 535 536 /* 537 * first, make or update the interface address structure, 538 * and link it to the list. 539 */ 540 if ((error = in6_update_ifa(ifp, ifra, ia, 0)) != 0) 541 goto out; 542 if (ia != NULL) 543 ifa_free(&ia->ia_ifa); 544 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr)) 545 == NULL) { 546 /* 547 * this can happen when the user specify the 0 valid 548 * lifetime. 549 */ 550 break; 551 } 552 553 /* 554 * then, make the prefix on-link on the interface. 555 * XXX: we'd rather create the prefix before the address, but 556 * we need at least one address to install the corresponding 557 * interface route, so we configure the address first. 558 */ 559 560 /* 561 * convert mask to prefix length (prefixmask has already 562 * been validated in in6_update_ifa(). 563 */ 564 bzero(&pr0, sizeof(pr0)); 565 pr0.ndpr_ifp = ifp; 566 pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 567 NULL); 568 if (pr0.ndpr_plen == 128) { 569 break; /* we don't need to install a host route. */ 570 } 571 pr0.ndpr_prefix = ifra->ifra_addr; 572 /* apply the mask for safety. */ 573 for (i = 0; i < 4; i++) { 574 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &= 575 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i]; 576 } 577 /* 578 * XXX: since we don't have an API to set prefix (not address) 579 * lifetimes, we just use the same lifetimes as addresses. 580 * The (temporarily) installed lifetimes can be overridden by 581 * later advertised RAs (when accept_rtadv is non 0), which is 582 * an intended behavior. 583 */ 584 pr0.ndpr_raf_onlink = 1; /* should be configurable? */ 585 pr0.ndpr_raf_auto = 586 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0); 587 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime; 588 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime; 589 590 /* add the prefix if not yet. */ 591 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) { 592 /* 593 * nd6_prelist_add will install the corresponding 594 * interface route. 595 */ 596 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) 597 goto out; 598 if (pr == NULL) { 599 log(LOG_ERR, "nd6_prelist_add succeeded but " 600 "no prefix\n"); 601 error = EINVAL; 602 goto out; 603 } 604 } 605 606 /* relate the address to the prefix */ 607 if (ia->ia6_ndpr == NULL) { 608 ia->ia6_ndpr = pr; 609 pr->ndpr_refcnt++; 610 611 /* 612 * If this is the first autoconf address from the 613 * prefix, create a temporary address as well 614 * (when required). 615 */ 616 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) && 617 V_ip6_use_tempaddr && pr->ndpr_refcnt == 1) { 618 int e; 619 if ((e = in6_tmpifadd(ia, 1, 0)) != 0) { 620 log(LOG_NOTICE, "in6_control: failed " 621 "to create a temporary address, " 622 "errno=%d\n", e); 623 } 624 } 625 } 626 627 /* 628 * this might affect the status of autoconfigured addresses, 629 * that is, this address might make other addresses detached. 630 */ 631 pfxlist_onlink_check(); 632 if (error == 0 && ia) 633 EVENTHANDLER_INVOKE(ifaddr_event, ifp); 634 break; 635 } 636 637 case SIOCDIFADDR_IN6: 638 { 639 struct nd_prefix *pr; 640 641 /* 642 * If the address being deleted is the only one that owns 643 * the corresponding prefix, expire the prefix as well. 644 * XXX: theoretically, we don't have to worry about such 645 * relationship, since we separate the address management 646 * and the prefix management. We do this, however, to provide 647 * as much backward compatibility as possible in terms of 648 * the ioctl operation. 649 * Note that in6_purgeaddr() will decrement ndpr_refcnt. 650 */ 651 pr = ia->ia6_ndpr; 652 in6_purgeaddr(&ia->ia_ifa); 653 if (pr && pr->ndpr_refcnt == 0) 654 prelist_remove(pr); 655 EVENTHANDLER_INVOKE(ifaddr_event, ifp); 656 break; 657 } 658 659 default: 660 if (ifp == NULL || ifp->if_ioctl == 0) { 661 error = EOPNOTSUPP; 662 goto out; 663 } 664 error = (*ifp->if_ioctl)(ifp, cmd, data); 665 goto out; 666 } 667 668 error = 0; 669out: 670 if (ia != NULL) 671 ifa_free(&ia->ia_ifa); 672 return (error); 673} 674 675/* 676 * Update parameters of an IPv6 interface address. 677 * If necessary, a new entry is created and linked into address chains. 678 * This function is separated from in6_control(). 679 * XXX: should this be performed under splnet()? 680 */ 681int 682in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, 683 struct in6_ifaddr *ia, int flags) 684{ 685 INIT_VNET_INET6(ifp->if_vnet); 686 int error = 0, hostIsNew = 0, plen = -1; 687 struct in6_ifaddr *oia; 688 struct sockaddr_in6 dst6; 689 struct in6_addrlifetime *lt; 690 struct in6_multi_mship *imm; 691 struct in6_multi *in6m_sol; 692 struct rtentry *rt; 693 int delay; 694 char ip6buf[INET6_ADDRSTRLEN]; 695 696 /* Validate parameters */ 697 if (ifp == NULL || ifra == NULL) /* this maybe redundant */ 698 return (EINVAL); 699 700 /* 701 * The destination address for a p2p link must have a family 702 * of AF_UNSPEC or AF_INET6. 703 */ 704 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && 705 ifra->ifra_dstaddr.sin6_family != AF_INET6 && 706 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC) 707 return (EAFNOSUPPORT); 708 /* 709 * validate ifra_prefixmask. don't check sin6_family, netmask 710 * does not carry fields other than sin6_len. 711 */ 712 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6)) 713 return (EINVAL); 714 /* 715 * Because the IPv6 address architecture is classless, we require 716 * users to specify a (non 0) prefix length (mask) for a new address. 717 * We also require the prefix (when specified) mask is valid, and thus 718 * reject a non-consecutive mask. 719 */ 720 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0) 721 return (EINVAL); 722 if (ifra->ifra_prefixmask.sin6_len != 0) { 723 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 724 (u_char *)&ifra->ifra_prefixmask + 725 ifra->ifra_prefixmask.sin6_len); 726 if (plen <= 0) 727 return (EINVAL); 728 } else { 729 /* 730 * In this case, ia must not be NULL. We just use its prefix 731 * length. 732 */ 733 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 734 } 735 /* 736 * If the destination address on a p2p interface is specified, 737 * and the address is a scoped one, validate/set the scope 738 * zone identifier. 739 */ 740 dst6 = ifra->ifra_dstaddr; 741 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 && 742 (dst6.sin6_family == AF_INET6)) { 743 struct in6_addr in6_tmp; 744 u_int32_t zoneid; 745 746 in6_tmp = dst6.sin6_addr; 747 if (in6_setscope(&in6_tmp, ifp, &zoneid)) 748 return (EINVAL); /* XXX: should be impossible */ 749 750 if (dst6.sin6_scope_id != 0) { 751 if (dst6.sin6_scope_id != zoneid) 752 return (EINVAL); 753 } else /* user omit to specify the ID. */ 754 dst6.sin6_scope_id = zoneid; 755 756 /* convert into the internal form */ 757 if (sa6_embedscope(&dst6, 0)) 758 return (EINVAL); /* XXX: should be impossible */ 759 } 760 /* 761 * The destination address can be specified only for a p2p or a 762 * loopback interface. If specified, the corresponding prefix length 763 * must be 128. 764 */ 765 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) { 766 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) { 767 /* XXX: noisy message */ 768 nd6log((LOG_INFO, "in6_update_ifa: a destination can " 769 "be specified for a p2p or a loopback IF only\n")); 770 return (EINVAL); 771 } 772 if (plen != 128) { 773 nd6log((LOG_INFO, "in6_update_ifa: prefixlen should " 774 "be 128 when dstaddr is specified\n")); 775 return (EINVAL); 776 } 777 } 778 /* lifetime consistency check */ 779 lt = &ifra->ifra_lifetime; 780 if (lt->ia6t_pltime > lt->ia6t_vltime) 781 return (EINVAL); 782 if (lt->ia6t_vltime == 0) { 783 /* 784 * the following log might be noisy, but this is a typical 785 * configuration mistake or a tool's bug. 786 */ 787 nd6log((LOG_INFO, 788 "in6_update_ifa: valid lifetime is 0 for %s\n", 789 ip6_sprintf(ip6buf, &ifra->ifra_addr.sin6_addr))); 790 791 if (ia == NULL) 792 return (0); /* there's nothing to do */ 793 } 794 795 /* 796 * If this is a new address, allocate a new ifaddr and link it 797 * into chains. 798 */ 799 if (ia == NULL) { 800 hostIsNew = 1; 801 /* 802 * When in6_update_ifa() is called in a process of a received 803 * RA, it is called under an interrupt context. So, we should 804 * call malloc with M_NOWAIT. 805 */ 806 ia = (struct in6_ifaddr *) malloc(sizeof(*ia), M_IFADDR, 807 M_NOWAIT); 808 if (ia == NULL) 809 return (ENOBUFS); 810 bzero((caddr_t)ia, sizeof(*ia)); 811 ifa_init(&ia->ia_ifa); 812 LIST_INIT(&ia->ia6_memberships); 813 /* Initialize the address and masks, and put time stamp */ 814 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr; 815 ia->ia_addr.sin6_family = AF_INET6; 816 ia->ia_addr.sin6_len = sizeof(ia->ia_addr); 817 ia->ia6_createtime = time_second; 818 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) { 819 /* 820 * XXX: some functions expect that ifa_dstaddr is not 821 * NULL for p2p interfaces. 822 */ 823 ia->ia_ifa.ifa_dstaddr = 824 (struct sockaddr *)&ia->ia_dstaddr; 825 } else { 826 ia->ia_ifa.ifa_dstaddr = NULL; 827 } 828 ia->ia_ifa.ifa_netmask = (struct sockaddr *)&ia->ia_prefixmask; 829 830 ia->ia_ifp = ifp; 831 if ((oia = V_in6_ifaddr) != NULL) { 832 for ( ; oia->ia_next; oia = oia->ia_next) 833 continue; 834 oia->ia_next = ia; 835 } else 836 V_in6_ifaddr = ia; 837 838 ifa_ref(&ia->ia_ifa); /* if_addrhead */ 839 IF_ADDR_LOCK(ifp); 840 TAILQ_INSERT_TAIL(&ifp->if_addrhead, &ia->ia_ifa, ifa_link); 841 IF_ADDR_UNLOCK(ifp); 842 } 843 844 /* update timestamp */ 845 ia->ia6_updatetime = time_second; 846 847 /* set prefix mask */ 848 if (ifra->ifra_prefixmask.sin6_len) { 849 /* 850 * We prohibit changing the prefix length of an existing 851 * address, because 852 * + such an operation should be rare in IPv6, and 853 * + the operation would confuse prefix management. 854 */ 855 if (ia->ia_prefixmask.sin6_len && 856 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) { 857 nd6log((LOG_INFO, "in6_update_ifa: the prefix length of an" 858 " existing (%s) address should not be changed\n", 859 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr))); 860 error = EINVAL; 861 goto unlink; 862 } 863 ia->ia_prefixmask = ifra->ifra_prefixmask; 864 } 865 866 /* 867 * If a new destination address is specified, scrub the old one and 868 * install the new destination. Note that the interface must be 869 * p2p or loopback (see the check above.) 870 */ 871 if (dst6.sin6_family == AF_INET6 && 872 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, &ia->ia_dstaddr.sin6_addr)) { 873 int e; 874 875 if ((ia->ia_flags & IFA_ROUTE) != 0 && 876 (e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) != 0) { 877 nd6log((LOG_ERR, "in6_update_ifa: failed to remove " 878 "a route to the old destination: %s\n", 879 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr))); 880 /* proceed anyway... */ 881 } else 882 ia->ia_flags &= ~IFA_ROUTE; 883 ia->ia_dstaddr = dst6; 884 } 885 886 /* 887 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred 888 * to see if the address is deprecated or invalidated, but initialize 889 * these members for applications. 890 */ 891 ia->ia6_lifetime = ifra->ifra_lifetime; 892 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 893 ia->ia6_lifetime.ia6t_expire = 894 time_second + ia->ia6_lifetime.ia6t_vltime; 895 } else 896 ia->ia6_lifetime.ia6t_expire = 0; 897 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 898 ia->ia6_lifetime.ia6t_preferred = 899 time_second + ia->ia6_lifetime.ia6t_pltime; 900 } else 901 ia->ia6_lifetime.ia6t_preferred = 0; 902 903 /* reset the interface and routing table appropriately. */ 904 if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0) 905 goto unlink; 906 907 /* 908 * configure address flags. 909 */ 910 ia->ia6_flags = ifra->ifra_flags; 911 /* 912 * backward compatibility - if IN6_IFF_DEPRECATED is set from the 913 * userland, make it deprecated. 914 */ 915 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) { 916 ia->ia6_lifetime.ia6t_pltime = 0; 917 ia->ia6_lifetime.ia6t_preferred = time_second; 918 } 919 /* 920 * Make the address tentative before joining multicast addresses, 921 * so that corresponding MLD responses would not have a tentative 922 * source address. 923 */ 924 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */ 925 if (hostIsNew && in6if_do_dad(ifp)) 926 ia->ia6_flags |= IN6_IFF_TENTATIVE; 927 928 /* 929 * We are done if we have simply modified an existing address. 930 */ 931 if (!hostIsNew) 932 return (error); 933 934 /* 935 * Beyond this point, we should call in6_purgeaddr upon an error, 936 * not just go to unlink. 937 */ 938 939 /* Join necessary multicast groups */ 940 in6m_sol = NULL; 941 if ((ifp->if_flags & IFF_MULTICAST) != 0) { 942 struct sockaddr_in6 mltaddr, mltmask; 943 struct in6_addr llsol; 944 945 /* join solicited multicast addr for new host id */ 946 bzero(&llsol, sizeof(struct in6_addr)); 947 llsol.s6_addr32[0] = IPV6_ADDR_INT32_MLL; 948 llsol.s6_addr32[1] = 0; 949 llsol.s6_addr32[2] = htonl(1); 950 llsol.s6_addr32[3] = ifra->ifra_addr.sin6_addr.s6_addr32[3]; 951 llsol.s6_addr8[12] = 0xff; 952 if ((error = in6_setscope(&llsol, ifp, NULL)) != 0) { 953 /* XXX: should not happen */ 954 log(LOG_ERR, "in6_update_ifa: " 955 "in6_setscope failed\n"); 956 goto cleanup; 957 } 958 delay = 0; 959 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 960 /* 961 * We need a random delay for DAD on the address 962 * being configured. It also means delaying 963 * transmission of the corresponding MLD report to 964 * avoid report collision. 965 * [draft-ietf-ipv6-rfc2462bis-02.txt] 966 */ 967 delay = arc4random() % 968 (MAX_RTR_SOLICITATION_DELAY * hz); 969 } 970 imm = in6_joingroup(ifp, &llsol, &error, delay); 971 if (imm == NULL) { 972 nd6log((LOG_WARNING, 973 "in6_update_ifa: addmulti failed for " 974 "%s on %s (errno=%d)\n", 975 ip6_sprintf(ip6buf, &llsol), if_name(ifp), 976 error)); 977 in6_purgeaddr((struct ifaddr *)ia); 978 return (error); 979 } 980 LIST_INSERT_HEAD(&ia->ia6_memberships, 981 imm, i6mm_chain); 982 in6m_sol = imm->i6mm_maddr; 983 984 bzero(&mltmask, sizeof(mltmask)); 985 mltmask.sin6_len = sizeof(struct sockaddr_in6); 986 mltmask.sin6_family = AF_INET6; 987 mltmask.sin6_addr = in6mask32; 988#define MLTMASK_LEN 4 /* mltmask's masklen (=32bit=4octet) */ 989 990 /* 991 * join link-local all-nodes address 992 */ 993 bzero(&mltaddr, sizeof(mltaddr)); 994 mltaddr.sin6_len = sizeof(struct sockaddr_in6); 995 mltaddr.sin6_family = AF_INET6; 996 mltaddr.sin6_addr = in6addr_linklocal_allnodes; 997 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 998 0) 999 goto cleanup; /* XXX: should not fail */ 1000 1001 /* 1002 * XXX: do we really need this automatic routes? 1003 * We should probably reconsider this stuff. Most applications 1004 * actually do not need the routes, since they usually specify 1005 * the outgoing interface. 1006 */ 1007 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 1008 if (rt) { 1009 /* XXX: only works in !SCOPEDROUTING case. */ 1010 if (memcmp(&mltaddr.sin6_addr, 1011 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 1012 MLTMASK_LEN)) { 1013 RTFREE_LOCKED(rt); 1014 rt = NULL; 1015 } 1016 } 1017 if (!rt) { 1018 error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr, 1019 (struct sockaddr *)&ia->ia_addr, 1020 (struct sockaddr *)&mltmask, RTF_UP, 1021 (struct rtentry **)0); 1022 if (error) 1023 goto cleanup; 1024 } else { 1025 RTFREE_LOCKED(rt); 1026 } 1027 1028 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0); 1029 if (!imm) { 1030 nd6log((LOG_WARNING, 1031 "in6_update_ifa: addmulti failed for " 1032 "%s on %s (errno=%d)\n", 1033 ip6_sprintf(ip6buf, &mltaddr.sin6_addr), 1034 if_name(ifp), error)); 1035 goto cleanup; 1036 } 1037 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1038 1039 /* 1040 * join node information group address 1041 */ 1042 delay = 0; 1043 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1044 /* 1045 * The spec doesn't say anything about delay for this 1046 * group, but the same logic should apply. 1047 */ 1048 delay = arc4random() % 1049 (MAX_RTR_SOLICITATION_DELAY * hz); 1050 } 1051 if (in6_nigroup(ifp, NULL, -1, &mltaddr.sin6_addr) == 0) { 1052 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 1053 delay); /* XXX jinmei */ 1054 if (!imm) { 1055 nd6log((LOG_WARNING, "in6_update_ifa: " 1056 "addmulti failed for %s on %s " 1057 "(errno=%d)\n", 1058 ip6_sprintf(ip6buf, &mltaddr.sin6_addr), 1059 if_name(ifp), error)); 1060 /* XXX not very fatal, go on... */ 1061 } else { 1062 LIST_INSERT_HEAD(&ia->ia6_memberships, 1063 imm, i6mm_chain); 1064 } 1065 } 1066 1067 /* 1068 * join interface-local all-nodes address. 1069 * (ff01::1%ifN, and ff01::%ifN/32) 1070 */ 1071 mltaddr.sin6_addr = in6addr_nodelocal_allnodes; 1072 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) 1073 != 0) 1074 goto cleanup; /* XXX: should not fail */ 1075 /* XXX: again, do we really need the route? */ 1076 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 1077 if (rt) { 1078 if (memcmp(&mltaddr.sin6_addr, 1079 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 1080 MLTMASK_LEN)) { 1081 RTFREE_LOCKED(rt); 1082 rt = NULL; 1083 } 1084 } 1085 if (!rt) { 1086 error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr, 1087 (struct sockaddr *)&ia->ia_addr, 1088 (struct sockaddr *)&mltmask, RTF_UP, 1089 (struct rtentry **)0); 1090 if (error) 1091 goto cleanup; 1092 } else 1093 RTFREE_LOCKED(rt); 1094 1095 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0); 1096 if (!imm) { 1097 nd6log((LOG_WARNING, "in6_update_ifa: " 1098 "addmulti failed for %s on %s " 1099 "(errno=%d)\n", 1100 ip6_sprintf(ip6buf, &mltaddr.sin6_addr), 1101 if_name(ifp), error)); 1102 goto cleanup; 1103 } 1104 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1105#undef MLTMASK_LEN 1106 } 1107 1108 /* 1109 * Perform DAD, if needed. 1110 * XXX It may be of use, if we can administratively 1111 * disable DAD. 1112 */ 1113 if (in6if_do_dad(ifp) && ((ifra->ifra_flags & IN6_IFF_NODAD) == 0) && 1114 (ia->ia6_flags & IN6_IFF_TENTATIVE)) 1115 { 1116 int mindelay, maxdelay; 1117 1118 delay = 0; 1119 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1120 /* 1121 * We need to impose a delay before sending an NS 1122 * for DAD. Check if we also needed a delay for the 1123 * corresponding MLD message. If we did, the delay 1124 * should be larger than the MLD delay (this could be 1125 * relaxed a bit, but this simple logic is at least 1126 * safe). 1127 * XXX: Break data hiding guidelines and look at 1128 * state for the solicited multicast group. 1129 */ 1130 mindelay = 0; 1131 if (in6m_sol != NULL && 1132 in6m_sol->in6m_state == MLD_REPORTING_MEMBER) { 1133 mindelay = in6m_sol->in6m_timer; 1134 } 1135 maxdelay = MAX_RTR_SOLICITATION_DELAY * hz; 1136 if (maxdelay - mindelay == 0) 1137 delay = 0; 1138 else { 1139 delay = 1140 (arc4random() % (maxdelay - mindelay)) + 1141 mindelay; 1142 } 1143 } 1144 nd6_dad_start((struct ifaddr *)ia, delay); 1145 } 1146 1147 KASSERT(hostIsNew, ("in6_update_ifa: !hostIsNew")); 1148 ifa_free(&ia->ia_ifa); 1149 return (error); 1150 1151 unlink: 1152 /* 1153 * XXX: if a change of an existing address failed, keep the entry 1154 * anyway. 1155 */ 1156 if (hostIsNew) { 1157 ifa_free(&ia->ia_ifa); 1158 in6_unlink_ifa(ia, ifp); 1159 } 1160 return (error); 1161 1162 cleanup: 1163 KASSERT(hostIsNew, ("in6_update_ifa: cleanup: !hostIsNew")); 1164 ifa_free(&ia->ia_ifa); 1165 in6_purgeaddr(&ia->ia_ifa); 1166 return error; 1167} 1168 1169void 1170in6_purgeaddr(struct ifaddr *ifa) 1171{ 1172 struct ifnet *ifp = ifa->ifa_ifp; 1173 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa; 1174 struct in6_multi_mship *imm; 1175 struct sockaddr_in6 mltaddr, mltmask; 1176 struct rtentry rt0; 1177 struct sockaddr_dl gateway; 1178 struct sockaddr_in6 mask, addr; 1179 int plen, error; 1180 struct rtentry *rt; 1181 struct ifaddr *ifa0, *nifa; 1182 1183 /* 1184 * find another IPv6 address as the gateway for the 1185 * link-local and node-local all-nodes multicast 1186 * address routes 1187 */ 1188 IF_ADDR_LOCK(ifp); 1189 TAILQ_FOREACH_SAFE(ifa0, &ifp->if_addrhead, ifa_link, nifa) { 1190 if ((ifa0->ifa_addr->sa_family != AF_INET6) || 1191 memcmp(&satosin6(ifa0->ifa_addr)->sin6_addr, 1192 &ia->ia_addr.sin6_addr, 1193 sizeof(struct in6_addr)) == 0) 1194 continue; 1195 else 1196 break; 1197 } 1198 if (ifa0 != NULL) 1199 ifa_ref(ifa0); 1200 IF_ADDR_UNLOCK(ifp); 1201 1202 /* stop DAD processing */ 1203 nd6_dad_stop(ifa); 1204 1205 IF_AFDATA_LOCK(ifp); 1206 lla_lookup(LLTABLE6(ifp), (LLE_DELETE | LLE_IFADDR), 1207 (struct sockaddr *)&ia->ia_addr); 1208 IF_AFDATA_UNLOCK(ifp); 1209 1210 /* 1211 * initialize for rtmsg generation 1212 */ 1213 bzero(&gateway, sizeof(gateway)); 1214 gateway.sdl_len = sizeof(gateway); 1215 gateway.sdl_family = AF_LINK; 1216 gateway.sdl_nlen = 0; 1217 gateway.sdl_alen = ifp->if_addrlen; 1218 /* */ 1219 bzero(&rt0, sizeof(rt0)); 1220 rt0.rt_gateway = (struct sockaddr *)&gateway; 1221 memcpy(&mask, &ia->ia_prefixmask, sizeof(ia->ia_prefixmask)); 1222 memcpy(&addr, &ia->ia_addr, sizeof(ia->ia_addr)); 1223 rt_mask(&rt0) = (struct sockaddr *)&mask; 1224 rt_key(&rt0) = (struct sockaddr *)&addr; 1225 rt0.rt_flags = RTF_HOST | RTF_STATIC; 1226 rt_newaddrmsg(RTM_DELETE, ifa, 0, &rt0); 1227 1228 /* 1229 * leave from multicast groups we have joined for the interface 1230 */ 1231 while ((imm = ia->ia6_memberships.lh_first) != NULL) { 1232 LIST_REMOVE(imm, i6mm_chain); 1233 in6_leavegroup(imm); 1234 } 1235 1236 /* 1237 * remove the link-local all-nodes address 1238 */ 1239 bzero(&mltmask, sizeof(mltmask)); 1240 mltmask.sin6_len = sizeof(struct sockaddr_in6); 1241 mltmask.sin6_family = AF_INET6; 1242 mltmask.sin6_addr = in6mask32; 1243 1244 bzero(&mltaddr, sizeof(mltaddr)); 1245 mltaddr.sin6_len = sizeof(struct sockaddr_in6); 1246 mltaddr.sin6_family = AF_INET6; 1247 mltaddr.sin6_addr = in6addr_linklocal_allnodes; 1248 1249 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 1250 0) 1251 goto cleanup; 1252 1253 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 1254 if (rt != NULL && rt->rt_gateway != NULL && 1255 (memcmp(&satosin6(rt->rt_gateway)->sin6_addr, 1256 &ia->ia_addr.sin6_addr, 1257 sizeof(ia->ia_addr.sin6_addr)) == 0)) { 1258 /* 1259 * if no more IPv6 address exists on this interface 1260 * then remove the multicast address route 1261 */ 1262 if (ifa0 == NULL) { 1263 memcpy(&mltaddr.sin6_addr, &satosin6(rt_key(rt))->sin6_addr, 1264 sizeof(mltaddr.sin6_addr)); 1265 RTFREE_LOCKED(rt); 1266 error = rtrequest(RTM_DELETE, (struct sockaddr *)&mltaddr, 1267 (struct sockaddr *)&ia->ia_addr, 1268 (struct sockaddr *)&mltmask, RTF_UP, 1269 (struct rtentry **)0); 1270 if (error) 1271 log(LOG_INFO, "in6_purgeaddr: link-local all-nodes" 1272 "multicast address deletion error\n"); 1273 } else { 1274 /* 1275 * replace the gateway of the route 1276 */ 1277 struct sockaddr_in6 sa; 1278 1279 bzero(&sa, sizeof(sa)); 1280 sa.sin6_len = sizeof(struct sockaddr_in6); 1281 sa.sin6_family = AF_INET6; 1282 memcpy(&sa.sin6_addr, &satosin6(ifa0->ifa_addr)->sin6_addr, 1283 sizeof(sa.sin6_addr)); 1284 in6_setscope(&sa.sin6_addr, ifa0->ifa_ifp, NULL); 1285 memcpy(rt->rt_gateway, &sa, sizeof(sa)); 1286 RTFREE_LOCKED(rt); 1287 } 1288 } else { 1289 if (rt != NULL) 1290 RTFREE_LOCKED(rt); 1291 } 1292 1293 /* 1294 * remove the node-local all-nodes address 1295 */ 1296 mltaddr.sin6_addr = in6addr_nodelocal_allnodes; 1297 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 1298 0) 1299 goto cleanup; 1300 1301 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 1302 if (rt != NULL && rt->rt_gateway != NULL && 1303 (memcmp(&satosin6(rt->rt_gateway)->sin6_addr, 1304 &ia->ia_addr.sin6_addr, 1305 sizeof(ia->ia_addr.sin6_addr)) == 0)) { 1306 /* 1307 * if no more IPv6 address exists on this interface 1308 * then remove the multicast address route 1309 */ 1310 if (ifa0 == NULL) { 1311 memcpy(&mltaddr.sin6_addr, &satosin6(rt_key(rt))->sin6_addr, 1312 sizeof(mltaddr.sin6_addr)); 1313 1314 RTFREE_LOCKED(rt); 1315 error = rtrequest(RTM_DELETE, (struct sockaddr *)&mltaddr, 1316 (struct sockaddr *)&ia->ia_addr, 1317 (struct sockaddr *)&mltmask, RTF_UP, 1318 (struct rtentry **)0); 1319 1320 if (error) 1321 log(LOG_INFO, "in6_purgeaddr: node-local all-nodes" 1322 "multicast address deletion error\n"); 1323 } else { 1324 /* 1325 * replace the gateway of the route 1326 */ 1327 struct sockaddr_in6 sa; 1328 1329 bzero(&sa, sizeof(sa)); 1330 sa.sin6_len = sizeof(struct sockaddr_in6); 1331 sa.sin6_family = AF_INET6; 1332 memcpy(&sa.sin6_addr, &satosin6(ifa0->ifa_addr)->sin6_addr, 1333 sizeof(sa.sin6_addr)); 1334 in6_setscope(&sa.sin6_addr, ifa0->ifa_ifp, NULL); 1335 memcpy(rt->rt_gateway, &sa, sizeof(sa)); 1336 RTFREE_LOCKED(rt); 1337 } 1338 } else { 1339 if (rt != NULL) 1340 RTFREE_LOCKED(rt); 1341 } 1342 1343cleanup: 1344 1345 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ 1346 if ((ia->ia_flags & IFA_ROUTE) && plen == 128) { 1347 int error; 1348 struct sockaddr *dstaddr; 1349 1350 /* 1351 * use the interface address if configuring an 1352 * interface address with a /128 prefix len 1353 */ 1354 if (ia->ia_dstaddr.sin6_family == AF_INET6) 1355 dstaddr = (struct sockaddr *)&ia->ia_dstaddr; 1356 else 1357 dstaddr = (struct sockaddr *)&ia->ia_addr; 1358 1359 error = rtrequest(RTM_DELETE, 1360 (struct sockaddr *)dstaddr, 1361 (struct sockaddr *)&ia->ia_addr, 1362 (struct sockaddr *)&ia->ia_prefixmask, 1363 ia->ia_flags | RTF_HOST, NULL); 1364 if (error != 0) 1365 return; 1366 ia->ia_flags &= ~IFA_ROUTE; 1367 } 1368 if (ifa0 != NULL) 1369 ifa_free(ifa0); 1370 1371 in6_unlink_ifa(ia, ifp); 1372} 1373 1374static void 1375in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp) 1376{ 1377 INIT_VNET_INET6(ifp->if_vnet); 1378 struct in6_ifaddr *oia; 1379 int s = splnet(); 1380 1381 IF_ADDR_LOCK(ifp); 1382 TAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifa_link); 1383 IF_ADDR_UNLOCK(ifp); 1384 ifa_free(&ia->ia_ifa); /* if_addrhead */ 1385 1386 oia = ia; 1387 if (oia == (ia = V_in6_ifaddr)) 1388 V_in6_ifaddr = ia->ia_next; 1389 else { 1390 while (ia->ia_next && (ia->ia_next != oia)) 1391 ia = ia->ia_next; 1392 if (ia->ia_next) 1393 ia->ia_next = oia->ia_next; 1394 else { 1395 /* search failed */ 1396 printf("Couldn't unlink in6_ifaddr from in6_ifaddr\n"); 1397 } 1398 } 1399 1400 /* 1401 * Release the reference to the base prefix. There should be a 1402 * positive reference. 1403 */ 1404 if (oia->ia6_ndpr == NULL) { 1405 nd6log((LOG_NOTICE, 1406 "in6_unlink_ifa: autoconf'ed address " 1407 "%p has no prefix\n", oia)); 1408 } else { 1409 oia->ia6_ndpr->ndpr_refcnt--; 1410 oia->ia6_ndpr = NULL; 1411 } 1412 1413 /* 1414 * Also, if the address being removed is autoconf'ed, call 1415 * pfxlist_onlink_check() since the release might affect the status of 1416 * other (detached) addresses. 1417 */ 1418 if ((oia->ia6_flags & IN6_IFF_AUTOCONF)) { 1419 pfxlist_onlink_check(); 1420 } 1421 1422 /* 1423 * release another refcnt for the link from in6_ifaddr. 1424 * Note that we should decrement the refcnt at least once for all *BSD. 1425 */ 1426 ifa_free(&oia->ia_ifa); 1427 1428 splx(s); 1429} 1430 1431void 1432in6_purgeif(struct ifnet *ifp) 1433{ 1434 struct ifaddr *ifa, *nifa; 1435 1436 TAILQ_FOREACH_SAFE(ifa, &ifp->if_addrhead, ifa_link, nifa) { 1437 if (ifa->ifa_addr->sa_family != AF_INET6) 1438 continue; 1439 in6_purgeaddr(ifa); 1440 } 1441 1442 in6_ifdetach(ifp); 1443} 1444 1445/* 1446 * SIOC[GAD]LIFADDR. 1447 * SIOCGLIFADDR: get first address. (?) 1448 * SIOCGLIFADDR with IFLR_PREFIX: 1449 * get first address that matches the specified prefix. 1450 * SIOCALIFADDR: add the specified address. 1451 * SIOCALIFADDR with IFLR_PREFIX: 1452 * add the specified prefix, filling hostid part from 1453 * the first link-local address. prefixlen must be <= 64. 1454 * SIOCDLIFADDR: delete the specified address. 1455 * SIOCDLIFADDR with IFLR_PREFIX: 1456 * delete the first address that matches the specified prefix. 1457 * return values: 1458 * EINVAL on invalid parameters 1459 * EADDRNOTAVAIL on prefix match failed/specified address not found 1460 * other values may be returned from in6_ioctl() 1461 * 1462 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64. 1463 * this is to accomodate address naming scheme other than RFC2374, 1464 * in the future. 1465 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374 1466 * address encoding scheme. (see figure on page 8) 1467 */ 1468static int 1469in6_lifaddr_ioctl(struct socket *so, u_long cmd, caddr_t data, 1470 struct ifnet *ifp, struct thread *td) 1471{ 1472 struct if_laddrreq *iflr = (struct if_laddrreq *)data; 1473 struct ifaddr *ifa; 1474 struct sockaddr *sa; 1475 1476 /* sanity checks */ 1477 if (!data || !ifp) { 1478 panic("invalid argument to in6_lifaddr_ioctl"); 1479 /* NOTREACHED */ 1480 } 1481 1482 switch (cmd) { 1483 case SIOCGLIFADDR: 1484 /* address must be specified on GET with IFLR_PREFIX */ 1485 if ((iflr->flags & IFLR_PREFIX) == 0) 1486 break; 1487 /* FALLTHROUGH */ 1488 case SIOCALIFADDR: 1489 case SIOCDLIFADDR: 1490 /* address must be specified on ADD and DELETE */ 1491 sa = (struct sockaddr *)&iflr->addr; 1492 if (sa->sa_family != AF_INET6) 1493 return EINVAL; 1494 if (sa->sa_len != sizeof(struct sockaddr_in6)) 1495 return EINVAL; 1496 /* XXX need improvement */ 1497 sa = (struct sockaddr *)&iflr->dstaddr; 1498 if (sa->sa_family && sa->sa_family != AF_INET6) 1499 return EINVAL; 1500 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6)) 1501 return EINVAL; 1502 break; 1503 default: /* shouldn't happen */ 1504#if 0 1505 panic("invalid cmd to in6_lifaddr_ioctl"); 1506 /* NOTREACHED */ 1507#else 1508 return EOPNOTSUPP; 1509#endif 1510 } 1511 if (sizeof(struct in6_addr) * 8 < iflr->prefixlen) 1512 return EINVAL; 1513 1514 switch (cmd) { 1515 case SIOCALIFADDR: 1516 { 1517 struct in6_aliasreq ifra; 1518 struct in6_addr *hostid = NULL; 1519 int prefixlen; 1520 1521 ifa = NULL; 1522 if ((iflr->flags & IFLR_PREFIX) != 0) { 1523 struct sockaddr_in6 *sin6; 1524 1525 /* 1526 * hostid is to fill in the hostid part of the 1527 * address. hostid points to the first link-local 1528 * address attached to the interface. 1529 */ 1530 ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 0); 1531 if (!ifa) 1532 return EADDRNOTAVAIL; 1533 hostid = IFA_IN6(ifa); 1534 1535 /* prefixlen must be <= 64. */ 1536 if (64 < iflr->prefixlen) 1537 return EINVAL; 1538 prefixlen = iflr->prefixlen; 1539 1540 /* hostid part must be zero. */ 1541 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1542 if (sin6->sin6_addr.s6_addr32[2] != 0 || 1543 sin6->sin6_addr.s6_addr32[3] != 0) { 1544 return EINVAL; 1545 } 1546 } else 1547 prefixlen = iflr->prefixlen; 1548 1549 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */ 1550 bzero(&ifra, sizeof(ifra)); 1551 bcopy(iflr->iflr_name, ifra.ifra_name, sizeof(ifra.ifra_name)); 1552 1553 bcopy(&iflr->addr, &ifra.ifra_addr, 1554 ((struct sockaddr *)&iflr->addr)->sa_len); 1555 if (hostid) { 1556 /* fill in hostid part */ 1557 ifra.ifra_addr.sin6_addr.s6_addr32[2] = 1558 hostid->s6_addr32[2]; 1559 ifra.ifra_addr.sin6_addr.s6_addr32[3] = 1560 hostid->s6_addr32[3]; 1561 } 1562 1563 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /* XXX */ 1564 bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr, 1565 ((struct sockaddr *)&iflr->dstaddr)->sa_len); 1566 if (hostid) { 1567 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] = 1568 hostid->s6_addr32[2]; 1569 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] = 1570 hostid->s6_addr32[3]; 1571 } 1572 } 1573 if (ifa != NULL) 1574 ifa_free(ifa); 1575 1576 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6); 1577 in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen); 1578 1579 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX; 1580 return in6_control(so, SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp, td); 1581 } 1582 case SIOCGLIFADDR: 1583 case SIOCDLIFADDR: 1584 { 1585 struct in6_ifaddr *ia; 1586 struct in6_addr mask, candidate, match; 1587 struct sockaddr_in6 *sin6; 1588 int cmp; 1589 1590 bzero(&mask, sizeof(mask)); 1591 if (iflr->flags & IFLR_PREFIX) { 1592 /* lookup a prefix rather than address. */ 1593 in6_prefixlen2mask(&mask, iflr->prefixlen); 1594 1595 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1596 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1597 match.s6_addr32[0] &= mask.s6_addr32[0]; 1598 match.s6_addr32[1] &= mask.s6_addr32[1]; 1599 match.s6_addr32[2] &= mask.s6_addr32[2]; 1600 match.s6_addr32[3] &= mask.s6_addr32[3]; 1601 1602 /* if you set extra bits, that's wrong */ 1603 if (bcmp(&match, &sin6->sin6_addr, sizeof(match))) 1604 return EINVAL; 1605 1606 cmp = 1; 1607 } else { 1608 if (cmd == SIOCGLIFADDR) { 1609 /* on getting an address, take the 1st match */ 1610 cmp = 0; /* XXX */ 1611 } else { 1612 /* on deleting an address, do exact match */ 1613 in6_prefixlen2mask(&mask, 128); 1614 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1615 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1616 1617 cmp = 1; 1618 } 1619 } 1620 1621 IF_ADDR_LOCK(ifp); 1622 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1623 if (ifa->ifa_addr->sa_family != AF_INET6) 1624 continue; 1625 if (!cmp) 1626 break; 1627 1628 /* 1629 * XXX: this is adhoc, but is necessary to allow 1630 * a user to specify fe80::/64 (not /10) for a 1631 * link-local address. 1632 */ 1633 bcopy(IFA_IN6(ifa), &candidate, sizeof(candidate)); 1634 in6_clearscope(&candidate); 1635 candidate.s6_addr32[0] &= mask.s6_addr32[0]; 1636 candidate.s6_addr32[1] &= mask.s6_addr32[1]; 1637 candidate.s6_addr32[2] &= mask.s6_addr32[2]; 1638 candidate.s6_addr32[3] &= mask.s6_addr32[3]; 1639 if (IN6_ARE_ADDR_EQUAL(&candidate, &match)) 1640 break; 1641 } 1642 IF_ADDR_UNLOCK(ifp); 1643 if (!ifa) 1644 return EADDRNOTAVAIL; 1645 ia = ifa2ia6(ifa); 1646 1647 if (cmd == SIOCGLIFADDR) { 1648 int error; 1649 1650 /* fill in the if_laddrreq structure */ 1651 bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin6_len); 1652 error = sa6_recoverscope( 1653 (struct sockaddr_in6 *)&iflr->addr); 1654 if (error != 0) 1655 return (error); 1656 1657 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1658 bcopy(&ia->ia_dstaddr, &iflr->dstaddr, 1659 ia->ia_dstaddr.sin6_len); 1660 error = sa6_recoverscope( 1661 (struct sockaddr_in6 *)&iflr->dstaddr); 1662 if (error != 0) 1663 return (error); 1664 } else 1665 bzero(&iflr->dstaddr, sizeof(iflr->dstaddr)); 1666 1667 iflr->prefixlen = 1668 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 1669 1670 iflr->flags = ia->ia6_flags; /* XXX */ 1671 1672 return 0; 1673 } else { 1674 struct in6_aliasreq ifra; 1675 1676 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */ 1677 bzero(&ifra, sizeof(ifra)); 1678 bcopy(iflr->iflr_name, ifra.ifra_name, 1679 sizeof(ifra.ifra_name)); 1680 1681 bcopy(&ia->ia_addr, &ifra.ifra_addr, 1682 ia->ia_addr.sin6_len); 1683 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1684 bcopy(&ia->ia_dstaddr, &ifra.ifra_dstaddr, 1685 ia->ia_dstaddr.sin6_len); 1686 } else { 1687 bzero(&ifra.ifra_dstaddr, 1688 sizeof(ifra.ifra_dstaddr)); 1689 } 1690 bcopy(&ia->ia_prefixmask, &ifra.ifra_dstaddr, 1691 ia->ia_prefixmask.sin6_len); 1692 1693 ifra.ifra_flags = ia->ia6_flags; 1694 return in6_control(so, SIOCDIFADDR_IN6, (caddr_t)&ifra, 1695 ifp, td); 1696 } 1697 } 1698 } 1699 1700 return EOPNOTSUPP; /* just for safety */ 1701} 1702 1703/* 1704 * Initialize an interface's intetnet6 address 1705 * and routing table entry. 1706 */ 1707static int 1708in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia, 1709 struct sockaddr_in6 *sin6, int newhost) 1710{ 1711 int error = 0, plen, ifacount = 0; 1712 int s = splimp(); 1713 struct ifaddr *ifa; 1714 1715 /* 1716 * Give the interface a chance to initialize 1717 * if this is its first address, 1718 * and to validate the address if necessary. 1719 */ 1720 IF_ADDR_LOCK(ifp); 1721 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1722 if (ifa->ifa_addr->sa_family != AF_INET6) 1723 continue; 1724 ifacount++; 1725 } 1726 IF_ADDR_UNLOCK(ifp); 1727 1728 ia->ia_addr = *sin6; 1729 1730 if (ifacount <= 1 && ifp->if_ioctl) { 1731 error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia); 1732 if (error) { 1733 splx(s); 1734 return (error); 1735 } 1736 } 1737 splx(s); 1738 1739 ia->ia_ifa.ifa_metric = ifp->if_metric; 1740 1741 /* we could do in(6)_socktrim here, but just omit it at this moment. */ 1742 1743 /* 1744 * Special case: 1745 * If a new destination address is specified for a point-to-point 1746 * interface, install a route to the destination as an interface 1747 * direct route. 1748 * XXX: the logic below rejects assigning multiple addresses on a p2p 1749 * interface that share the same destination. 1750 */ 1751 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ 1752 if (!(ia->ia_flags & IFA_ROUTE) && plen == 128) { 1753 struct sockaddr *dstaddr; 1754 int rtflags = RTF_UP | RTF_HOST; 1755 1756 /* 1757 * use the interface address if configuring an 1758 * interface address with a /128 prefix len 1759 */ 1760 if (ia->ia_dstaddr.sin6_family == AF_INET6) 1761 dstaddr = (struct sockaddr *)&ia->ia_dstaddr; 1762 else 1763 dstaddr = (struct sockaddr *)&ia->ia_addr; 1764 1765 error = rtrequest(RTM_ADD, 1766 (struct sockaddr *)dstaddr, 1767 (struct sockaddr *)&ia->ia_addr, 1768 (struct sockaddr *)&ia->ia_prefixmask, 1769 ia->ia_flags | rtflags, NULL); 1770 if (error != 0) 1771 return (error); 1772 ia->ia_flags |= IFA_ROUTE; 1773 } 1774 1775 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */ 1776 if (newhost) { 1777 struct llentry *ln; 1778 struct rtentry rt; 1779 struct sockaddr_dl gateway; 1780 struct sockaddr_in6 mask, addr; 1781 1782 IF_AFDATA_LOCK(ifp); 1783 ia->ia_ifa.ifa_rtrequest = NULL; 1784 1785 /* XXX QL 1786 * we need to report rt_newaddrmsg 1787 */ 1788 ln = lla_lookup(LLTABLE6(ifp), (LLE_CREATE | LLE_IFADDR | LLE_EXCLUSIVE), 1789 (struct sockaddr *)&ia->ia_addr); 1790 IF_AFDATA_UNLOCK(ifp); 1791 if (ln != NULL) { 1792 ln->la_expire = 0; /* for IPv6 this means permanent */ 1793 ln->ln_state = ND6_LLINFO_REACHABLE; 1794 /* 1795 * initialize for rtmsg generation 1796 */ 1797 bzero(&gateway, sizeof(gateway)); 1798 gateway.sdl_len = sizeof(gateway); 1799 gateway.sdl_family = AF_LINK; 1800 gateway.sdl_nlen = 0; 1801 gateway.sdl_alen = 6; 1802 memcpy(gateway.sdl_data, &ln->ll_addr.mac_aligned, sizeof(ln->ll_addr)); 1803 /* */ 1804 LLE_WUNLOCK(ln); 1805 } 1806 1807 bzero(&rt, sizeof(rt)); 1808 rt.rt_gateway = (struct sockaddr *)&gateway; 1809 memcpy(&mask, &ia->ia_prefixmask, sizeof(ia->ia_prefixmask)); 1810 memcpy(&addr, &ia->ia_addr, sizeof(ia->ia_addr)); 1811 rt_mask(&rt) = (struct sockaddr *)&mask; 1812 rt_key(&rt) = (struct sockaddr *)&addr; 1813 rt.rt_flags = RTF_UP | RTF_HOST | RTF_STATIC; 1814 rt_newaddrmsg(RTM_ADD, &ia->ia_ifa, 0, &rt); 1815 } 1816 1817 return (error); 1818} 1819 1820/* 1821 * Find an IPv6 interface link-local address specific to an interface. 1822 * ifaddr is returned referenced. 1823 */ 1824struct in6_ifaddr * 1825in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags) 1826{ 1827 struct ifaddr *ifa; 1828 1829 IF_ADDR_LOCK(ifp); 1830 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1831 if (ifa->ifa_addr->sa_family != AF_INET6) 1832 continue; 1833 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) { 1834 if ((((struct in6_ifaddr *)ifa)->ia6_flags & 1835 ignoreflags) != 0) 1836 continue; 1837 ifa_ref(ifa); 1838 break; 1839 } 1840 } 1841 IF_ADDR_UNLOCK(ifp); 1842 1843 return ((struct in6_ifaddr *)ifa); 1844} 1845 1846 1847/* 1848 * find the internet address corresponding to a given interface and address. 1849 * ifaddr is returned referenced. 1850 */ 1851struct in6_ifaddr * 1852in6ifa_ifpwithaddr(struct ifnet *ifp, struct in6_addr *addr) 1853{ 1854 struct ifaddr *ifa; 1855 1856 IF_ADDR_LOCK(ifp); 1857 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1858 if (ifa->ifa_addr->sa_family != AF_INET6) 1859 continue; 1860 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) { 1861 ifa_ref(ifa); 1862 break; 1863 } 1864 } 1865 IF_ADDR_UNLOCK(ifp); 1866 1867 return ((struct in6_ifaddr *)ifa); 1868} 1869 1870/* 1871 * Convert IP6 address to printable (loggable) representation. Caller 1872 * has to make sure that ip6buf is at least INET6_ADDRSTRLEN long. 1873 */ 1874static char digits[] = "0123456789abcdef"; 1875char * 1876ip6_sprintf(char *ip6buf, const struct in6_addr *addr) 1877{ 1878 int i; 1879 char *cp; 1880 const u_int16_t *a = (const u_int16_t *)addr; 1881 const u_int8_t *d; 1882 int dcolon = 0, zero = 0; 1883 1884 cp = ip6buf; 1885 1886 for (i = 0; i < 8; i++) { 1887 if (dcolon == 1) { 1888 if (*a == 0) { 1889 if (i == 7) 1890 *cp++ = ':'; 1891 a++; 1892 continue; 1893 } else 1894 dcolon = 2; 1895 } 1896 if (*a == 0) { 1897 if (dcolon == 0 && *(a + 1) == 0) { 1898 if (i == 0) 1899 *cp++ = ':'; 1900 *cp++ = ':'; 1901 dcolon = 1; 1902 } else { 1903 *cp++ = '0'; 1904 *cp++ = ':'; 1905 } 1906 a++; 1907 continue; 1908 } 1909 d = (const u_char *)a; 1910 /* Try to eliminate leading zeros in printout like in :0001. */ 1911 zero = 1; 1912 *cp = digits[*d >> 4]; 1913 if (*cp != '0') { 1914 zero = 0; 1915 cp++; 1916 } 1917 *cp = digits[*d++ & 0xf]; 1918 if (zero == 0 || (*cp != '0')) { 1919 zero = 0; 1920 cp++; 1921 } 1922 *cp = digits[*d >> 4]; 1923 if (zero == 0 || (*cp != '0')) { 1924 zero = 0; 1925 cp++; 1926 } 1927 *cp++ = digits[*d & 0xf]; 1928 *cp++ = ':'; 1929 a++; 1930 } 1931 *--cp = '\0'; 1932 return (ip6buf); 1933} 1934 1935int 1936in6_localaddr(struct in6_addr *in6) 1937{ 1938 INIT_VNET_INET6(curvnet); 1939 struct in6_ifaddr *ia; 1940 1941 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6)) 1942 return 1; 1943 1944 for (ia = V_in6_ifaddr; ia; ia = ia->ia_next) { 1945 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr, 1946 &ia->ia_prefixmask.sin6_addr)) { 1947 return 1; 1948 } 1949 } 1950 1951 return (0); 1952} 1953 1954int 1955in6_is_addr_deprecated(struct sockaddr_in6 *sa6) 1956{ 1957 INIT_VNET_INET6(curvnet); 1958 struct in6_ifaddr *ia; 1959 1960 for (ia = V_in6_ifaddr; ia; ia = ia->ia_next) { 1961 if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, 1962 &sa6->sin6_addr) && 1963 (ia->ia6_flags & IN6_IFF_DEPRECATED) != 0) 1964 return (1); /* true */ 1965 1966 /* XXX: do we still have to go thru the rest of the list? */ 1967 } 1968 1969 return (0); /* false */ 1970} 1971 1972/* 1973 * return length of part which dst and src are equal 1974 * hard coding... 1975 */ 1976int 1977in6_matchlen(struct in6_addr *src, struct in6_addr *dst) 1978{ 1979 int match = 0; 1980 u_char *s = (u_char *)src, *d = (u_char *)dst; 1981 u_char *lim = s + 16, r; 1982 1983 while (s < lim) 1984 if ((r = (*d++ ^ *s++)) != 0) { 1985 while (r < 128) { 1986 match++; 1987 r <<= 1; 1988 } 1989 break; 1990 } else 1991 match += 8; 1992 return match; 1993} 1994 1995/* XXX: to be scope conscious */ 1996int 1997in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len) 1998{ 1999 int bytelen, bitlen; 2000 2001 /* sanity check */ 2002 if (0 > len || len > 128) { 2003 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n", 2004 len); 2005 return (0); 2006 } 2007 2008 bytelen = len / 8; 2009 bitlen = len % 8; 2010 2011 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen)) 2012 return (0); 2013 if (bitlen != 0 && 2014 p1->s6_addr[bytelen] >> (8 - bitlen) != 2015 p2->s6_addr[bytelen] >> (8 - bitlen)) 2016 return (0); 2017 2018 return (1); 2019} 2020 2021void 2022in6_prefixlen2mask(struct in6_addr *maskp, int len) 2023{ 2024 u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff}; 2025 int bytelen, bitlen, i; 2026 2027 /* sanity check */ 2028 if (0 > len || len > 128) { 2029 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n", 2030 len); 2031 return; 2032 } 2033 2034 bzero(maskp, sizeof(*maskp)); 2035 bytelen = len / 8; 2036 bitlen = len % 8; 2037 for (i = 0; i < bytelen; i++) 2038 maskp->s6_addr[i] = 0xff; 2039 if (bitlen) 2040 maskp->s6_addr[bytelen] = maskarray[bitlen - 1]; 2041} 2042 2043/* 2044 * return the best address out of the same scope. if no address was 2045 * found, return the first valid address from designated IF. 2046 */ 2047struct in6_ifaddr * 2048in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst) 2049{ 2050 INIT_VNET_INET6(curvnet); 2051 int dst_scope = in6_addrscope(dst), blen = -1, tlen; 2052 struct ifaddr *ifa; 2053 struct in6_ifaddr *besta = 0; 2054 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */ 2055 2056 dep[0] = dep[1] = NULL; 2057 2058 /* 2059 * We first look for addresses in the same scope. 2060 * If there is one, return it. 2061 * If two or more, return one which matches the dst longest. 2062 * If none, return one of global addresses assigned other ifs. 2063 */ 2064 IF_ADDR_LOCK(ifp); 2065 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 2066 if (ifa->ifa_addr->sa_family != AF_INET6) 2067 continue; 2068 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2069 continue; /* XXX: is there any case to allow anycast? */ 2070 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2071 continue; /* don't use this interface */ 2072 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2073 continue; 2074 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2075 if (V_ip6_use_deprecated) 2076 dep[0] = (struct in6_ifaddr *)ifa; 2077 continue; 2078 } 2079 2080 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) { 2081 /* 2082 * call in6_matchlen() as few as possible 2083 */ 2084 if (besta) { 2085 if (blen == -1) 2086 blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst); 2087 tlen = in6_matchlen(IFA_IN6(ifa), dst); 2088 if (tlen > blen) { 2089 blen = tlen; 2090 besta = (struct in6_ifaddr *)ifa; 2091 } 2092 } else 2093 besta = (struct in6_ifaddr *)ifa; 2094 } 2095 } 2096 if (besta) { 2097 ifa_ref(&besta->ia_ifa); 2098 IF_ADDR_UNLOCK(ifp); 2099 return (besta); 2100 } 2101 2102 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 2103 if (ifa->ifa_addr->sa_family != AF_INET6) 2104 continue; 2105 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2106 continue; /* XXX: is there any case to allow anycast? */ 2107 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2108 continue; /* don't use this interface */ 2109 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2110 continue; 2111 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2112 if (V_ip6_use_deprecated) 2113 dep[1] = (struct in6_ifaddr *)ifa; 2114 continue; 2115 } 2116 2117 if (ifa != NULL) 2118 ifa_ref(ifa); 2119 IF_ADDR_UNLOCK(ifp); 2120 return (struct in6_ifaddr *)ifa; 2121 } 2122 IF_ADDR_UNLOCK(ifp); 2123 2124 /* use the last-resort values, that are, deprecated addresses */ 2125 if (dep[0]) 2126 return dep[0]; 2127 if (dep[1]) 2128 return dep[1]; 2129 2130 return NULL; 2131} 2132 2133/* 2134 * perform DAD when interface becomes IFF_UP. 2135 */ 2136void 2137in6_if_up(struct ifnet *ifp) 2138{ 2139 struct ifaddr *ifa; 2140 struct in6_ifaddr *ia; 2141 2142 IF_ADDR_LOCK(ifp); 2143 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 2144 if (ifa->ifa_addr->sa_family != AF_INET6) 2145 continue; 2146 ia = (struct in6_ifaddr *)ifa; 2147 if (ia->ia6_flags & IN6_IFF_TENTATIVE) { 2148 /* 2149 * The TENTATIVE flag was likely set by hand 2150 * beforehand, implicitly indicating the need for DAD. 2151 * We may be able to skip the random delay in this 2152 * case, but we impose delays just in case. 2153 */ 2154 nd6_dad_start(ifa, 2155 arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz)); 2156 } 2157 } 2158 IF_ADDR_UNLOCK(ifp); 2159 2160 /* 2161 * special cases, like 6to4, are handled in in6_ifattach 2162 */ 2163 in6_ifattach(ifp, NULL); 2164} 2165 2166int 2167in6if_do_dad(struct ifnet *ifp) 2168{ 2169 if ((ifp->if_flags & IFF_LOOPBACK) != 0) 2170 return (0); 2171 2172 switch (ifp->if_type) { 2173#ifdef IFT_DUMMY 2174 case IFT_DUMMY: 2175#endif 2176 case IFT_FAITH: 2177 /* 2178 * These interfaces do not have the IFF_LOOPBACK flag, 2179 * but loop packets back. We do not have to do DAD on such 2180 * interfaces. We should even omit it, because loop-backed 2181 * NS would confuse the DAD procedure. 2182 */ 2183 return (0); 2184 default: 2185 /* 2186 * Our DAD routine requires the interface up and running. 2187 * However, some interfaces can be up before the RUNNING 2188 * status. Additionaly, users may try to assign addresses 2189 * before the interface becomes up (or running). 2190 * We simply skip DAD in such a case as a work around. 2191 * XXX: we should rather mark "tentative" on such addresses, 2192 * and do DAD after the interface becomes ready. 2193 */ 2194 if (!((ifp->if_flags & IFF_UP) && 2195 (ifp->if_drv_flags & IFF_DRV_RUNNING))) 2196 return (0); 2197 2198 return (1); 2199 } 2200} 2201 2202/* 2203 * Calculate max IPv6 MTU through all the interfaces and store it 2204 * to in6_maxmtu. 2205 */ 2206void 2207in6_setmaxmtu(void) 2208{ 2209 INIT_VNET_NET(curvnet); 2210 INIT_VNET_INET6(curvnet); 2211 unsigned long maxmtu = 0; 2212 struct ifnet *ifp; 2213 2214 IFNET_RLOCK(); 2215 for (ifp = TAILQ_FIRST(&V_ifnet); ifp; 2216 ifp = TAILQ_NEXT(ifp, if_list)) { 2217 /* this function can be called during ifnet initialization */ 2218 if (!ifp->if_afdata[AF_INET6]) 2219 continue; 2220 if ((ifp->if_flags & IFF_LOOPBACK) == 0 && 2221 IN6_LINKMTU(ifp) > maxmtu) 2222 maxmtu = IN6_LINKMTU(ifp); 2223 } 2224 IFNET_RUNLOCK(); 2225 if (maxmtu) /* update only when maxmtu is positive */ 2226 V_in6_maxmtu = maxmtu; 2227} 2228 2229/* 2230 * Provide the length of interface identifiers to be used for the link attached 2231 * to the given interface. The length should be defined in "IPv6 over 2232 * xxx-link" document. Note that address architecture might also define 2233 * the length for a particular set of address prefixes, regardless of the 2234 * link type. As clarified in rfc2462bis, those two definitions should be 2235 * consistent, and those really are as of August 2004. 2236 */ 2237int 2238in6_if2idlen(struct ifnet *ifp) 2239{ 2240 switch (ifp->if_type) { 2241 case IFT_ETHER: /* RFC2464 */ 2242#ifdef IFT_PROPVIRTUAL 2243 case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */ 2244#endif 2245#ifdef IFT_L2VLAN 2246 case IFT_L2VLAN: /* ditto */ 2247#endif 2248#ifdef IFT_IEEE80211 2249 case IFT_IEEE80211: /* ditto */ 2250#endif 2251#ifdef IFT_MIP 2252 case IFT_MIP: /* ditto */ 2253#endif 2254 return (64); 2255 case IFT_FDDI: /* RFC2467 */ 2256 return (64); 2257 case IFT_ISO88025: /* RFC2470 (IPv6 over Token Ring) */ 2258 return (64); 2259 case IFT_PPP: /* RFC2472 */ 2260 return (64); 2261 case IFT_ARCNET: /* RFC2497 */ 2262 return (64); 2263 case IFT_FRELAY: /* RFC2590 */ 2264 return (64); 2265 case IFT_IEEE1394: /* RFC3146 */ 2266 return (64); 2267 case IFT_GIF: 2268 return (64); /* draft-ietf-v6ops-mech-v2-07 */ 2269 case IFT_LOOP: 2270 return (64); /* XXX: is this really correct? */ 2271 default: 2272 /* 2273 * Unknown link type: 2274 * It might be controversial to use the today's common constant 2275 * of 64 for these cases unconditionally. For full compliance, 2276 * we should return an error in this case. On the other hand, 2277 * if we simply miss the standard for the link type or a new 2278 * standard is defined for a new link type, the IFID length 2279 * is very likely to be the common constant. As a compromise, 2280 * we always use the constant, but make an explicit notice 2281 * indicating the "unknown" case. 2282 */ 2283 printf("in6_if2idlen: unknown link type (%d)\n", ifp->if_type); 2284 return (64); 2285 } 2286} 2287 2288#include <sys/sysctl.h> 2289 2290struct in6_llentry { 2291 struct llentry base; 2292 struct sockaddr_in6 l3_addr6; 2293}; 2294 2295static struct llentry * 2296in6_lltable_new(const struct sockaddr *l3addr, u_int flags) 2297{ 2298 struct in6_llentry *lle; 2299 2300 lle = malloc(sizeof(struct in6_llentry), M_LLTABLE, 2301 M_DONTWAIT | M_ZERO); 2302 if (lle == NULL) /* NB: caller generates msg */ 2303 return NULL; 2304 2305 callout_init(&lle->base.ln_timer_ch, CALLOUT_MPSAFE); 2306 lle->l3_addr6 = *(const struct sockaddr_in6 *)l3addr; 2307 lle->base.lle_refcnt = 1; 2308 LLE_LOCK_INIT(&lle->base); 2309 return &lle->base; 2310} 2311 2312/* 2313 * Deletes an address from the address table. 2314 * This function is called by the timer functions 2315 * such as arptimer() and nd6_llinfo_timer(), and 2316 * the caller does the locking. 2317 */ 2318static void 2319in6_lltable_free(struct lltable *llt, struct llentry *lle) 2320{ 2321 LLE_WUNLOCK(lle); 2322 LLE_LOCK_DESTROY(lle); 2323 free(lle, M_LLTABLE); 2324} 2325 2326static void 2327in6_lltable_prefix_free(struct lltable *llt, 2328 const struct sockaddr *prefix, 2329 const struct sockaddr *mask) 2330{ 2331 const struct sockaddr_in6 *pfx = (const struct sockaddr_in6 *)prefix; 2332 const struct sockaddr_in6 *msk = (const struct sockaddr_in6 *)mask; 2333 struct llentry *lle, *next; 2334 register int i; 2335 2336 for (i=0; i < LLTBL_HASHTBL_SIZE; i++) { 2337 LIST_FOREACH_SAFE(lle, &llt->lle_head[i], lle_next, next) { 2338 if (IN6_ARE_MASKED_ADDR_EQUAL( 2339 &((struct sockaddr_in6 *)L3_ADDR(lle))->sin6_addr, 2340 &pfx->sin6_addr, 2341 &msk->sin6_addr)) { 2342 callout_drain(&lle->la_timer); 2343 LLE_WLOCK(lle); 2344 llentry_free(lle); 2345 } 2346 } 2347 } 2348} 2349 2350static int 2351in6_lltable_rtcheck(struct ifnet *ifp, const struct sockaddr *l3addr) 2352{ 2353 struct rtentry *rt; 2354 char ip6buf[INET6_ADDRSTRLEN]; 2355 2356 KASSERT(l3addr->sa_family == AF_INET6, 2357 ("sin_family %d", l3addr->sa_family)); 2358 2359 /* XXX rtalloc1 should take a const param */ 2360 rt = rtalloc1(__DECONST(struct sockaddr *, l3addr), 0, 0); 2361 if (rt == NULL || (rt->rt_flags & RTF_GATEWAY) || rt->rt_ifp != ifp) { 2362 struct ifaddr *ifa; 2363 /* 2364 * Create an ND6 cache for an IPv6 neighbor 2365 * that is not covered by our own prefix. 2366 */ 2367 /* XXX ifaof_ifpforaddr should take a const param */ 2368 ifa = ifaof_ifpforaddr(__DECONST(struct sockaddr *, l3addr), ifp); 2369 if (ifa != NULL) { 2370 ifa_free(ifa); 2371 if (rt != NULL) 2372 RTFREE_LOCKED(rt); 2373 return 0; 2374 } 2375 log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n", 2376 ip6_sprintf(ip6buf, &((const struct sockaddr_in6 *)l3addr)->sin6_addr)); 2377 if (rt != NULL) 2378 RTFREE_LOCKED(rt); 2379 return EINVAL; 2380 } 2381 RTFREE_LOCKED(rt); 2382 return 0; 2383} 2384 2385static struct llentry * 2386in6_lltable_lookup(struct lltable *llt, u_int flags, 2387 const struct sockaddr *l3addr) 2388{ 2389 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr; 2390 struct ifnet *ifp = llt->llt_ifp; 2391 struct llentry *lle; 2392 struct llentries *lleh; 2393 u_int hashkey; 2394 2395 IF_AFDATA_LOCK_ASSERT(ifp); 2396 KASSERT(l3addr->sa_family == AF_INET6, 2397 ("sin_family %d", l3addr->sa_family)); 2398 2399 hashkey = sin6->sin6_addr.s6_addr32[3]; 2400 lleh = &llt->lle_head[LLATBL_HASH(hashkey, LLTBL_HASHMASK)]; 2401 LIST_FOREACH(lle, lleh, lle_next) { 2402 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)L3_ADDR(lle); 2403 if (lle->la_flags & LLE_DELETED) 2404 continue; 2405 if (bcmp(&sa6->sin6_addr, &sin6->sin6_addr, 2406 sizeof(struct in6_addr)) == 0) 2407 break; 2408 } 2409 2410 if (lle == NULL) { 2411 if (!(flags & LLE_CREATE)) 2412 return (NULL); 2413 /* 2414 * A route that covers the given address must have 2415 * been installed 1st because we are doing a resolution, 2416 * verify this. 2417 */ 2418 if (!(flags & LLE_IFADDR) && 2419 in6_lltable_rtcheck(ifp, l3addr) != 0) 2420 return NULL; 2421 2422 lle = in6_lltable_new(l3addr, flags); 2423 if (lle == NULL) { 2424 log(LOG_INFO, "lla_lookup: new lle malloc failed\n"); 2425 return NULL; 2426 } 2427 lle->la_flags = flags & ~LLE_CREATE; 2428 if ((flags & (LLE_CREATE | LLE_IFADDR)) == (LLE_CREATE | LLE_IFADDR)) { 2429 bcopy(IF_LLADDR(ifp), &lle->ll_addr, ifp->if_addrlen); 2430 lle->la_flags |= (LLE_VALID | LLE_STATIC); 2431 } 2432 2433 lle->lle_tbl = llt; 2434 lle->lle_head = lleh; 2435 LIST_INSERT_HEAD(lleh, lle, lle_next); 2436 } else if (flags & LLE_DELETE) { 2437 if (!(lle->la_flags & LLE_IFADDR) || (flags & LLE_IFADDR)) { 2438 LLE_WLOCK(lle); 2439 lle->la_flags = LLE_DELETED; 2440 LLE_WUNLOCK(lle); 2441#ifdef DIAGNOSTICS 2442 log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle); 2443#endif 2444 } 2445 lle = (void *)-1; 2446 } 2447 if (LLE_IS_VALID(lle)) { 2448 if (flags & LLE_EXCLUSIVE) 2449 LLE_WLOCK(lle); 2450 else 2451 LLE_RLOCK(lle); 2452 } 2453 return (lle); 2454} 2455 2456static int 2457in6_lltable_dump(struct lltable *llt, struct sysctl_req *wr) 2458{ 2459 struct ifnet *ifp = llt->llt_ifp; 2460 struct llentry *lle; 2461 /* XXX stack use */ 2462 struct { 2463 struct rt_msghdr rtm; 2464 struct sockaddr_in6 sin6; 2465 /* 2466 * ndp.c assumes that sdl is word aligned 2467 */ 2468#ifdef __LP64__ 2469 uint32_t pad; 2470#endif 2471 struct sockaddr_dl sdl; 2472 } ndpc; 2473 int i, error; 2474 2475 /* XXXXX 2476 * current IFNET_RLOCK() is mapped to IFNET_WLOCK() 2477 * so it is okay to use this ASSERT, change it when 2478 * IFNET lock is finalized 2479 */ 2480 IFNET_WLOCK_ASSERT(); 2481 2482 error = 0; 2483 for (i = 0; i < LLTBL_HASHTBL_SIZE; i++) { 2484 LIST_FOREACH(lle, &llt->lle_head[i], lle_next) { 2485 struct sockaddr_dl *sdl; 2486 2487 /* skip deleted or invalid entries */ 2488 if ((lle->la_flags & (LLE_DELETED|LLE_VALID)) != LLE_VALID) 2489 continue; 2490 /* Skip if jailed and not a valid IP of the prison. */ 2491 if (prison_if(wr->td->td_ucred, L3_ADDR(lle)) != 0) 2492 continue; 2493 /* 2494 * produce a msg made of: 2495 * struct rt_msghdr; 2496 * struct sockaddr_in6 (IPv6) 2497 * struct sockaddr_dl; 2498 */ 2499 bzero(&ndpc, sizeof(ndpc)); 2500 ndpc.rtm.rtm_msglen = sizeof(ndpc); 2501 ndpc.rtm.rtm_version = RTM_VERSION; 2502 ndpc.rtm.rtm_type = RTM_GET; 2503 ndpc.rtm.rtm_flags = RTF_UP; 2504 ndpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY; 2505 ndpc.sin6.sin6_family = AF_INET6; 2506 ndpc.sin6.sin6_len = sizeof(ndpc.sin6); 2507 bcopy(L3_ADDR(lle), &ndpc.sin6, L3_ADDR_LEN(lle)); 2508 2509 /* publish */ 2510 if (lle->la_flags & LLE_PUB) 2511 ndpc.rtm.rtm_flags |= RTF_ANNOUNCE; 2512 2513 sdl = &ndpc.sdl; 2514 sdl->sdl_family = AF_LINK; 2515 sdl->sdl_len = sizeof(*sdl); 2516 sdl->sdl_alen = ifp->if_addrlen; 2517 sdl->sdl_index = ifp->if_index; 2518 sdl->sdl_type = ifp->if_type; 2519 bcopy(&lle->ll_addr, LLADDR(sdl), ifp->if_addrlen); 2520 ndpc.rtm.rtm_rmx.rmx_expire = 2521 lle->la_flags & LLE_STATIC ? 0 : lle->la_expire; 2522 ndpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA); 2523 if (lle->la_flags & LLE_STATIC) 2524 ndpc.rtm.rtm_flags |= RTF_STATIC; 2525 ndpc.rtm.rtm_index = ifp->if_index; 2526 error = SYSCTL_OUT(wr, &ndpc, sizeof(ndpc)); 2527 if (error) 2528 break; 2529 } 2530 } 2531 return error; 2532} 2533 2534void * 2535in6_domifattach(struct ifnet *ifp) 2536{ 2537 struct in6_ifextra *ext; 2538 2539 ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK); 2540 bzero(ext, sizeof(*ext)); 2541 2542 ext->in6_ifstat = (struct in6_ifstat *)malloc(sizeof(struct in6_ifstat), 2543 M_IFADDR, M_WAITOK); 2544 bzero(ext->in6_ifstat, sizeof(*ext->in6_ifstat)); 2545 2546 ext->icmp6_ifstat = 2547 (struct icmp6_ifstat *)malloc(sizeof(struct icmp6_ifstat), 2548 M_IFADDR, M_WAITOK); 2549 bzero(ext->icmp6_ifstat, sizeof(*ext->icmp6_ifstat)); 2550 2551 ext->nd_ifinfo = nd6_ifattach(ifp); 2552 ext->scope6_id = scope6_ifattach(ifp); 2553 ext->lltable = lltable_init(ifp, AF_INET6); 2554 if (ext->lltable != NULL) { 2555 ext->lltable->llt_new = in6_lltable_new; 2556 ext->lltable->llt_free = in6_lltable_free; 2557 ext->lltable->llt_prefix_free = in6_lltable_prefix_free; 2558 ext->lltable->llt_rtcheck = in6_lltable_rtcheck; 2559 ext->lltable->llt_lookup = in6_lltable_lookup; 2560 ext->lltable->llt_dump = in6_lltable_dump; 2561 } 2562 2563 ext->mld_ifinfo = mld_domifattach(ifp); 2564 2565 return ext; 2566} 2567 2568void 2569in6_domifdetach(struct ifnet *ifp, void *aux) 2570{ 2571 struct in6_ifextra *ext = (struct in6_ifextra *)aux; 2572 2573 mld_domifdetach(ifp); 2574 scope6_ifdetach(ext->scope6_id); 2575 nd6_ifdetach(ext->nd_ifinfo); 2576 lltable_free(ext->lltable); 2577 free(ext->in6_ifstat, M_IFADDR); 2578 free(ext->icmp6_ifstat, M_IFADDR); 2579 free(ext, M_IFADDR); 2580} 2581 2582/* 2583 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be 2584 * v4 mapped addr or v4 compat addr 2585 */ 2586void 2587in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2588{ 2589 2590 bzero(sin, sizeof(*sin)); 2591 sin->sin_len = sizeof(struct sockaddr_in); 2592 sin->sin_family = AF_INET; 2593 sin->sin_port = sin6->sin6_port; 2594 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3]; 2595} 2596 2597/* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */ 2598void 2599in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2600{ 2601 bzero(sin6, sizeof(*sin6)); 2602 sin6->sin6_len = sizeof(struct sockaddr_in6); 2603 sin6->sin6_family = AF_INET6; 2604 sin6->sin6_port = sin->sin_port; 2605 sin6->sin6_addr.s6_addr32[0] = 0; 2606 sin6->sin6_addr.s6_addr32[1] = 0; 2607 sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP; 2608 sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr; 2609} 2610 2611/* Convert sockaddr_in6 into sockaddr_in. */ 2612void 2613in6_sin6_2_sin_in_sock(struct sockaddr *nam) 2614{ 2615 struct sockaddr_in *sin_p; 2616 struct sockaddr_in6 sin6; 2617 2618 /* 2619 * Save original sockaddr_in6 addr and convert it 2620 * to sockaddr_in. 2621 */ 2622 sin6 = *(struct sockaddr_in6 *)nam; 2623 sin_p = (struct sockaddr_in *)nam; 2624 in6_sin6_2_sin(sin_p, &sin6); 2625} 2626 2627/* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */ 2628void 2629in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam) 2630{ 2631 struct sockaddr_in *sin_p; 2632 struct sockaddr_in6 *sin6_p; 2633 2634 sin6_p = malloc(sizeof *sin6_p, M_SONAME, 2635 M_WAITOK); 2636 sin_p = (struct sockaddr_in *)*nam; 2637 in6_sin_2_v4mapsin6(sin_p, sin6_p); 2638 free(*nam, M_SONAME); 2639 *nam = (struct sockaddr *)sin6_p; 2640} 2641