in6.c revision 198418
1198893Srdivacky/*- 2198893Srdivacky * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 3198893Srdivacky * All rights reserved. 4198893Srdivacky * 5198893Srdivacky * Redistribution and use in source and binary forms, with or without 6198893Srdivacky * modification, are permitted provided that the following conditions 7198893Srdivacky * are met: 8198893Srdivacky * 1. Redistributions of source code must retain the above copyright 9198893Srdivacky * notice, this list of conditions and the following disclaimer. 10198893Srdivacky * 2. Redistributions in binary form must reproduce the above copyright 11198893Srdivacky * notice, this list of conditions and the following disclaimer in the 12198893Srdivacky * documentation and/or other materials provided with the distribution. 13198893Srdivacky * 3. Neither the name of the project nor the names of its contributors 14198893Srdivacky * may be used to endorse or promote products derived from this software 15198893Srdivacky * without specific prior written permission. 16218893Sdim * 17198893Srdivacky * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 18199990Srdivacky * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19198893Srdivacky * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20218893Sdim * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 21218893Sdim * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22198893Srdivacky * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23208600Srdivacky * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24218893Sdim * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25234353Sdim * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26249423Sdim * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27218893Sdim * SUCH DAMAGE. 28198893Srdivacky * 29198893Srdivacky * $KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $ 30198893Srdivacky */ 31218893Sdim 32218893Sdim/*- 33218893Sdim * Copyright (c) 1982, 1986, 1991, 1993 34218893Sdim * The Regents of the University of California. All rights reserved. 35218893Sdim * 36218893Sdim * Redistribution and use in source and binary forms, with or without 37226633Sdim * modification, are permitted provided that the following conditions 38218893Sdim * are met: 39239462Sdim * 1. Redistributions of source code must retain the above copyright 40218893Sdim * notice, this list of conditions and the following disclaimer. 41218893Sdim * 2. Redistributions in binary form must reproduce the above copyright 42239462Sdim * notice, this list of conditions and the following disclaimer in the 43218893Sdim * documentation and/or other materials provided with the distribution. 44239462Sdim * 4. Neither the name of the University nor the names of its contributors 45219077Sdim * may be used to endorse or promote products derived from this software 46234353Sdim * without specific prior written permission. 47219077Sdim * 48218893Sdim * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 49239462Sdim * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 50218893Sdim * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 51218893Sdim * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 52218893Sdim * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 53198893Srdivacky * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 54198893Srdivacky * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 55198893Srdivacky * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 56198893Srdivacky * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 57239462Sdim * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 58263508Sdim * SUCH DAMAGE. 59263508Sdim * 60239462Sdim * @(#)in.c 8.2 (Berkeley) 11/15/93 61239462Sdim */ 62239462Sdim 63239462Sdim#include <sys/cdefs.h> 64239462Sdim__FBSDID("$FreeBSD: head/sys/netinet6/in6.c 198418 2009-10-23 18:27:34Z qingli $"); 65239462Sdim 66239462Sdim#include "opt_inet.h" 67239462Sdim#include "opt_inet6.h" 68239462Sdim 69239462Sdim#include <sys/param.h> 70239462Sdim#include <sys/errno.h> 71239462Sdim#include <sys/jail.h> 72239462Sdim#include <sys/malloc.h> 73239462Sdim#include <sys/socket.h> 74239462Sdim#include <sys/socketvar.h> 75239462Sdim#include <sys/sockio.h> 76218893Sdim#include <sys/systm.h> 77218893Sdim#include <sys/priv.h> 78218893Sdim#include <sys/proc.h> 79218893Sdim#include <sys/time.h> 80243830Sdim#include <sys/kernel.h> 81218893Sdim#include <sys/syslog.h> 82218893Sdim 83218893Sdim#include <net/if.h> 84218893Sdim#include <net/if_var.h> 85218893Sdim#include <net/if_types.h> 86198893Srdivacky#include <net/route.h> 87218893Sdim#include <net/if_dl.h> 88218893Sdim#include <net/vnet.h> 89218893Sdim 90226633Sdim#include <netinet/in.h> 91218893Sdim#include <netinet/in_var.h> 92218893Sdim#include <net/if_llatbl.h> 93218893Sdim#include <netinet/if_ether.h> 94218893Sdim#include <netinet/in_systm.h> 95218893Sdim#include <netinet/ip.h> 96218893Sdim#include <netinet/in_pcb.h> 97218893Sdim 98218893Sdim#include <netinet/ip6.h> 99218893Sdim#include <netinet6/ip6_var.h> 100218893Sdim#include <netinet6/nd6.h> 101218893Sdim#include <netinet6/mld6_var.h> 102243830Sdim#include <netinet6/ip6_mroute.h> 103243830Sdim#include <netinet6/in6_ifattach.h> 104243830Sdim#include <netinet6/scope6_var.h> 105243830Sdim#include <netinet6/in6_pcb.h> 106243830Sdim 107234353Sdim/* 108218893Sdim * Definitions of some costant IP6 addresses. 109218893Sdim */ 110218893Sdimconst struct in6_addr in6addr_any = IN6ADDR_ANY_INIT; 111218893Sdimconst struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT; 112218893Sdimconst struct in6_addr in6addr_nodelocal_allnodes = 113218893Sdim IN6ADDR_NODELOCAL_ALLNODES_INIT; 114218893Sdimconst struct in6_addr in6addr_linklocal_allnodes = 115218893Sdim IN6ADDR_LINKLOCAL_ALLNODES_INIT; 116218893Sdimconst struct in6_addr in6addr_linklocal_allrouters = 117218893Sdim IN6ADDR_LINKLOCAL_ALLROUTERS_INIT; 118218893Sdimconst struct in6_addr in6addr_linklocal_allv2routers = 119218893Sdim IN6ADDR_LINKLOCAL_ALLV2ROUTERS_INIT; 120218893Sdim 121218893Sdimconst struct in6_addr in6mask0 = IN6MASK0; 122218893Sdimconst struct in6_addr in6mask32 = IN6MASK32; 123198893Srdivackyconst struct in6_addr in6mask64 = IN6MASK64; 124198893Srdivackyconst struct in6_addr in6mask96 = IN6MASK96; 125234353Sdimconst struct in6_addr in6mask128 = IN6MASK128; 126198893Srdivacky 127198893Srdivackyconst struct sockaddr_in6 sa6_any = 128224145Sdim { sizeof(sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0 }; 129224145Sdim 130224145Sdimstatic int in6_lifaddr_ioctl __P((struct socket *, u_long, caddr_t, 131226633Sdim struct ifnet *, struct thread *)); 132224145Sdimstatic int in6_ifinit __P((struct ifnet *, struct in6_ifaddr *, 133224145Sdim struct sockaddr_in6 *, int)); 134224145Sdimstatic void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *); 135224145Sdim 136224145Sdimint (*faithprefix_p)(struct in6_addr *); 137224145Sdim 138224145Sdim 139224145Sdim 140224145Sdimint 141224145Sdimin6_mask2len(struct in6_addr *mask, u_char *lim0) 142224145Sdim{ 143243830Sdim int x = 0, y; 144243830Sdim u_char *lim = lim0, *p; 145243830Sdim 146243830Sdim /* ignore the scope_id part */ 147243830Sdim if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask)) 148234353Sdim lim = (u_char *)mask + sizeof(*mask); 149234353Sdim for (p = (u_char *)mask; p < lim; x++, p++) { 150224145Sdim if (*p != 0xff) 151224145Sdim break; 152224145Sdim } 153224145Sdim y = 0; 154224145Sdim if (p < lim) { 155224145Sdim for (y = 0; y < 8; y++) { 156224145Sdim if ((*p & (0x80 >> y)) == 0) 157224145Sdim break; 158224145Sdim } 159224145Sdim } 160224145Sdim 161224145Sdim /* 162224145Sdim * when the limit pointer is given, do a stricter check on the 163224145Sdim * remaining bits. 164224145Sdim */ 165234353Sdim if (p < lim) { 166234353Sdim if (y != 0 && (*p & (0x00ff >> y)) != 0) 167224145Sdim return (-1); 168224145Sdim for (p = p + 1; p < lim; p++) 169218893Sdim if (*p != 0) 170218893Sdim return (-1); 171218893Sdim } 172218893Sdim 173218893Sdim return x * 8 + y; 174218893Sdim} 175218893Sdim 176243830Sdim#define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa)) 177218893Sdim#define ia62ifa(ia6) (&((ia6)->ia_ifa)) 178218893Sdim 179218893Sdimint 180218893Sdimin6_control(struct socket *so, u_long cmd, caddr_t data, 181218893Sdim struct ifnet *ifp, struct thread *td) 182218893Sdim{ 183218893Sdim struct in6_ifreq *ifr = (struct in6_ifreq *)data; 184218893Sdim struct in6_ifaddr *ia = NULL; 185218893Sdim struct in6_aliasreq *ifra = (struct in6_aliasreq *)data; 186218893Sdim struct sockaddr_in6 *sa6; 187218893Sdim int error; 188234353Sdim 189234353Sdim switch (cmd) { 190218893Sdim case SIOCGETSGCNT_IN6: 191218893Sdim case SIOCGETMIFCNT_IN6: 192218893Sdim return (mrt6_ioctl ? mrt6_ioctl(cmd, data) : EOPNOTSUPP); 193218893Sdim } 194218893Sdim 195218893Sdim switch(cmd) { 196218893Sdim case SIOCAADDRCTL_POLICY: 197218893Sdim case SIOCDADDRCTL_POLICY: 198243830Sdim if (td != NULL) { 199218893Sdim error = priv_check(td, PRIV_NETINET_ADDRCTRL6); 200218893Sdim if (error) 201218893Sdim return (error); 202218893Sdim } 203218893Sdim return (in6_src_ioctl(cmd, data)); 204218893Sdim } 205218893Sdim 206218893Sdim if (ifp == NULL) 207218893Sdim return (EOPNOTSUPP); 208218893Sdim 209218893Sdim switch (cmd) { 210218893Sdim case SIOCSNDFLUSH_IN6: 211218893Sdim case SIOCSPFXFLUSH_IN6: 212218893Sdim case SIOCSRTRFLUSH_IN6: 213218893Sdim case SIOCSDEFIFACE_IN6: 214218893Sdim case SIOCSIFINFO_FLAGS: 215218893Sdim case SIOCSIFINFO_IN6: 216218893Sdim if (td != NULL) { 217218893Sdim error = priv_check(td, PRIV_NETINET_ND6); 218218893Sdim if (error) 219218893Sdim return (error); 220218893Sdim } 221218893Sdim /* FALLTHROUGH */ 222218893Sdim case OSIOCGIFINFO_IN6: 223218893Sdim case SIOCGIFINFO_IN6: 224218893Sdim case SIOCGDRLST_IN6: 225218893Sdim case SIOCGPRLST_IN6: 226218893Sdim case SIOCGNBRINFO_IN6: 227249423Sdim case SIOCGDEFIFACE_IN6: 228263508Sdim return (nd6_ioctl(cmd, data, ifp)); 229218893Sdim } 230218893Sdim 231218893Sdim switch (cmd) { 232249423Sdim case SIOCSIFPREFIX_IN6: 233218893Sdim case SIOCDIFPREFIX_IN6: 234218893Sdim case SIOCAIFPREFIX_IN6: 235198893Srdivacky case SIOCCIFPREFIX_IN6: 236218893Sdim case SIOCSGIFPREFIX_IN6: 237263508Sdim case SIOCGIFPREFIX_IN6: 238263508Sdim log(LOG_NOTICE, 239198893Srdivacky "prefix ioctls are now invalidated. " 240198893Srdivacky "please use ifconfig.\n"); 241198893Srdivacky return (EOPNOTSUPP); 242198893Srdivacky } 243198893Srdivacky 244198893Srdivacky switch (cmd) { 245198893Srdivacky case SIOCSSCOPE6: 246263508Sdim if (td != NULL) { 247263508Sdim error = priv_check(td, PRIV_NETINET_SCOPE6); 248263508Sdim if (error) 249263508Sdim return (error); 250198893Srdivacky } 251198893Srdivacky return (scope6_set(ifp, 252198893Srdivacky (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id)); 253198893Srdivacky case SIOCGSCOPE6: 254199482Srdivacky return (scope6_get(ifp, 255218893Sdim (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id)); 256218893Sdim case SIOCGSCOPE6DEF: 257199990Srdivacky return (scope6_get_default((struct scope6_id *) 258199990Srdivacky ifr->ifr_ifru.ifru_scope_id)); 259218893Sdim } 260199990Srdivacky 261199990Srdivacky switch (cmd) { 262199990Srdivacky case SIOCALIFADDR: 263218893Sdim if (td != NULL) { 264199990Srdivacky error = priv_check(td, PRIV_NET_ADDIFADDR); 265199990Srdivacky if (error) 266218893Sdim return (error); 267218893Sdim } 268199990Srdivacky return in6_lifaddr_ioctl(so, cmd, data, ifp, td); 269199482Srdivacky 270218893Sdim case SIOCDLIFADDR: 271199482Srdivacky if (td != NULL) { 272198893Srdivacky error = priv_check(td, PRIV_NET_DELIFADDR); 273239462Sdim if (error) 274198893Srdivacky return (error); 275198893Srdivacky } 276198893Srdivacky /* FALLTHROUGH */ 277198893Srdivacky case SIOCGLIFADDR: 278198893Srdivacky return in6_lifaddr_ioctl(so, cmd, data, ifp, td); 279198893Srdivacky } 280198893Srdivacky 281198893Srdivacky /* 282198893Srdivacky * Find address for this interface, if it exists. 283198893Srdivacky * 284198893Srdivacky * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation 285198893Srdivacky * only, and used the first interface address as the target of other 286198893Srdivacky * operations (without checking ifra_addr). This was because netinet 287198893Srdivacky * code/API assumed at most 1 interface address per interface. 288210299Sed * Since IPv6 allows a node to assign multiple addresses 289210299Sed * on a single interface, we almost always look and check the 290210299Sed * presence of ifra_addr, and reject invalid ones here. 291210299Sed * It also decreases duplicated code among SIOC*_IN6 operations. 292210299Sed */ 293210299Sed switch (cmd) { 294218893Sdim case SIOCAIFADDR_IN6: 295210299Sed case SIOCSIFPHYADDR_IN6: 296218893Sdim sa6 = &ifra->ifra_addr; 297243830Sdim break; 298263508Sdim case SIOCSIFADDR_IN6: 299210299Sed case SIOCGIFADDR_IN6: 300243830Sdim case SIOCSIFDSTADDR_IN6: 301243830Sdim case SIOCSIFNETMASK_IN6: 302243830Sdim case SIOCGIFDSTADDR_IN6: 303243830Sdim case SIOCGIFNETMASK_IN6: 304210299Sed case SIOCDIFADDR_IN6: 305210299Sed case SIOCGIFPSRCADDR_IN6: 306239462Sdim case SIOCGIFPDSTADDR_IN6: 307210299Sed case SIOCGIFAFLAG_IN6: 308210299Sed case SIOCSNDFLUSH_IN6: 309210299Sed case SIOCSPFXFLUSH_IN6: 310210299Sed case SIOCSRTRFLUSH_IN6: 311210299Sed case SIOCGIFALIFETIME_IN6: 312210299Sed case SIOCSIFALIFETIME_IN6: 313210299Sed case SIOCGIFSTAT_IN6: 314210299Sed case SIOCGIFSTAT_ICMP6: 315210299Sed sa6 = &ifr->ifr_addr; 316234353Sdim break; 317210299Sed default: 318210299Sed sa6 = NULL; 319218893Sdim break; 320218893Sdim } 321218893Sdim if (sa6 && sa6->sin6_family == AF_INET6) { 322218893Sdim if (sa6->sin6_scope_id != 0) 323218893Sdim error = sa6_embedscope(sa6, 0); 324218893Sdim else 325218893Sdim error = in6_setscope(&sa6->sin6_addr, ifp, NULL); 326218893Sdim if (error != 0) 327218893Sdim return (error); 328218893Sdim if (td != NULL && (error = prison_check_ip6(td->td_ucred, 329218893Sdim &sa6->sin6_addr)) != 0) 330218893Sdim return (error); 331243830Sdim ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr); 332218893Sdim } else 333218893Sdim ia = NULL; 334218893Sdim 335218893Sdim switch (cmd) { 336218893Sdim case SIOCSIFADDR_IN6: 337243830Sdim case SIOCSIFDSTADDR_IN6: 338218893Sdim case SIOCSIFNETMASK_IN6: 339218893Sdim /* 340234353Sdim * Since IPv6 allows a node to assign multiple addresses 341234353Sdim * on a single interface, SIOCSIFxxx ioctls are deprecated. 342218893Sdim */ 343218893Sdim /* we decided to obsolete this command (20000704) */ 344218893Sdim error = EINVAL; 345226633Sdim goto out; 346218893Sdim 347218893Sdim case SIOCDIFADDR_IN6: 348218893Sdim /* 349218893Sdim * for IPv4, we look for existing in_ifaddr here to allow 350218893Sdim * "ifconfig if0 delete" to remove the first IPv4 address on 351218893Sdim * the interface. For IPv6, as the spec allows multiple 352224145Sdim * interface address from the day one, we consider "remove the 353224145Sdim * first one" semantics to be not preferable. 354249423Sdim */ 355218893Sdim if (ia == NULL) { 356218893Sdim error = EADDRNOTAVAIL; 357218893Sdim goto out; 358218893Sdim } 359243830Sdim /* FALLTHROUGH */ 360263508Sdim case SIOCAIFADDR_IN6: 361243830Sdim /* 362243830Sdim * We always require users to specify a valid IPv6 address for 363263508Sdim * the corresponding operation. 364234353Sdim */ 365243830Sdim if (ifra->ifra_addr.sin6_family != AF_INET6 || 366218893Sdim ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) { 367218893Sdim error = EAFNOSUPPORT; 368218893Sdim goto out; 369243830Sdim } 370243830Sdim 371243830Sdim if (td != NULL) { 372243830Sdim error = priv_check(td, (cmd == SIOCDIFADDR_IN6) ? 373243830Sdim PRIV_NET_DELIFADDR : PRIV_NET_ADDIFADDR); 374218893Sdim if (error) 375218893Sdim goto out; 376218893Sdim } 377218893Sdim break; 378218893Sdim 379218893Sdim case SIOCGIFADDR_IN6: 380218893Sdim /* This interface is basically deprecated. use SIOCGIFCONF. */ 381218893Sdim /* FALLTHROUGH */ 382218893Sdim case SIOCGIFAFLAG_IN6: 383218893Sdim case SIOCGIFNETMASK_IN6: 384218893Sdim case SIOCGIFDSTADDR_IN6: 385218893Sdim case SIOCGIFALIFETIME_IN6: 386218893Sdim /* must think again about its semantics */ 387218893Sdim if (ia == NULL) { 388218893Sdim error = EADDRNOTAVAIL; 389218893Sdim goto out; 390218893Sdim } 391218893Sdim break; 392218893Sdim 393218893Sdim case SIOCSIFALIFETIME_IN6: 394218893Sdim { 395218893Sdim struct in6_addrlifetime *lt; 396218893Sdim 397218893Sdim if (td != NULL) { 398218893Sdim error = priv_check(td, PRIV_NETINET_ALIFETIME6); 399218893Sdim if (error) 400218893Sdim goto out; 401218893Sdim } 402218893Sdim if (ia == NULL) { 403218893Sdim error = EADDRNOTAVAIL; 404218893Sdim goto out; 405218893Sdim } 406218893Sdim /* sanity for overflow - beware unsigned */ 407218893Sdim lt = &ifr->ifr_ifru.ifru_lifetime; 408218893Sdim if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME && 409198893Srdivacky lt->ia6t_vltime + time_second < time_second) { 410198893Srdivacky error = EINVAL; 411198893Srdivacky goto out; 412198893Srdivacky } 413218893Sdim if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME && 414221345Sdim lt->ia6t_pltime + time_second < time_second) { 415218893Sdim error = EINVAL; 416218893Sdim goto out; 417198893Srdivacky } 418198893Srdivacky break; 419198893Srdivacky } 420198893Srdivacky } 421212904Sdim 422198893Srdivacky switch (cmd) { 423198893Srdivacky case SIOCGIFADDR_IN6: 424212904Sdim ifr->ifr_addr = ia->ia_addr; 425243830Sdim if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0) 426243830Sdim goto out; 427243830Sdim break; 428198893Srdivacky 429212904Sdim case SIOCGIFDSTADDR_IN6: 430212904Sdim if ((ifp->if_flags & IFF_POINTOPOINT) == 0) { 431212904Sdim error = EINVAL; 432212904Sdim goto out; 433212904Sdim } 434199482Srdivacky /* 435221345Sdim * XXX: should we check if ifa_dstaddr is NULL and return 436221345Sdim * an error? 437199482Srdivacky */ 438199482Srdivacky ifr->ifr_dstaddr = ia->ia_dstaddr; 439212904Sdim if ((error = sa6_recoverscope(&ifr->ifr_dstaddr)) != 0) 440218893Sdim goto out; 441221345Sdim break; 442221345Sdim 443218893Sdim case SIOCGIFNETMASK_IN6: 444218893Sdim ifr->ifr_addr = ia->ia_prefixmask; 445218893Sdim break; 446198893Srdivacky 447243830Sdim case SIOCGIFAFLAG_IN6: 448243830Sdim ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags; 449198893Srdivacky break; 450198893Srdivacky 451198893Srdivacky case SIOCGIFSTAT_IN6: 452198893Srdivacky if (ifp == NULL) { 453198893Srdivacky error = EINVAL; 454234353Sdim goto out; 455198893Srdivacky } 456208600Srdivacky bzero(&ifr->ifr_ifru.ifru_stat, 457208600Srdivacky sizeof(ifr->ifr_ifru.ifru_stat)); 458208600Srdivacky ifr->ifr_ifru.ifru_stat = 459208600Srdivacky *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat; 460208600Srdivacky break; 461212904Sdim 462212904Sdim case SIOCGIFSTAT_ICMP6: 463212904Sdim if (ifp == NULL) { 464208600Srdivacky error = EINVAL; 465208600Srdivacky goto out; 466208600Srdivacky } 467208600Srdivacky bzero(&ifr->ifr_ifru.ifru_icmp6stat, 468208600Srdivacky sizeof(ifr->ifr_ifru.ifru_icmp6stat)); 469243830Sdim ifr->ifr_ifru.ifru_icmp6stat = 470243830Sdim *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat; 471243830Sdim break; 472234353Sdim 473208600Srdivacky case SIOCGIFALIFETIME_IN6: 474208600Srdivacky ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime; 475239462Sdim if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 476208600Srdivacky time_t maxexpire; 477208600Srdivacky struct in6_addrlifetime *retlt = 478208600Srdivacky &ifr->ifr_ifru.ifru_lifetime; 479218893Sdim 480218893Sdim /* 481218893Sdim * XXX: adjust expiration time assuming time_t is 482218893Sdim * signed. 483208600Srdivacky */ 484208600Srdivacky maxexpire = (-1) & 485208600Srdivacky ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1)); 486208600Srdivacky if (ia->ia6_lifetime.ia6t_vltime < 487234353Sdim maxexpire - ia->ia6_updatetime) { 488208600Srdivacky retlt->ia6t_expire = ia->ia6_updatetime + 489208600Srdivacky ia->ia6_lifetime.ia6t_vltime; 490208600Srdivacky } else 491208600Srdivacky retlt->ia6t_expire = maxexpire; 492208600Srdivacky } 493208600Srdivacky if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 494208600Srdivacky time_t maxexpire; 495208600Srdivacky struct in6_addrlifetime *retlt = 496218893Sdim &ifr->ifr_ifru.ifru_lifetime; 497218893Sdim 498234353Sdim /* 499218893Sdim * XXX: adjust expiration time assuming time_t is 500218893Sdim * signed. 501218893Sdim */ 502218893Sdim maxexpire = (-1) & 503218893Sdim ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1)); 504218893Sdim if (ia->ia6_lifetime.ia6t_pltime < 505208600Srdivacky maxexpire - ia->ia6_updatetime) { 506218893Sdim retlt->ia6t_preferred = ia->ia6_updatetime + 507234353Sdim ia->ia6_lifetime.ia6t_pltime; 508234353Sdim } else 509208600Srdivacky retlt->ia6t_preferred = maxexpire; 510226633Sdim } 511226633Sdim break; 512226633Sdim 513226633Sdim case SIOCSIFALIFETIME_IN6: 514239462Sdim ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime; 515226633Sdim /* for sanity */ 516226633Sdim if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 517226633Sdim ia->ia6_lifetime.ia6t_expire = 518226633Sdim time_second + ia->ia6_lifetime.ia6t_vltime; 519226633Sdim } else 520226633Sdim ia->ia6_lifetime.ia6t_expire = 0; 521226633Sdim if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 522226633Sdim ia->ia6_lifetime.ia6t_preferred = 523226633Sdim time_second + ia->ia6_lifetime.ia6t_pltime; 524226633Sdim } else 525226633Sdim ia->ia6_lifetime.ia6t_preferred = 0; 526226633Sdim break; 527226633Sdim 528226633Sdim case SIOCAIFADDR_IN6: 529226633Sdim { 530226633Sdim int i; 531226633Sdim struct nd_prefixctl pr0; 532226633Sdim struct nd_prefix *pr; 533226633Sdim 534226633Sdim /* 535226633Sdim * first, make or update the interface address structure, 536226633Sdim * and link it to the list. 537226633Sdim */ 538226633Sdim if ((error = in6_update_ifa(ifp, ifra, ia, 0)) != 0) 539226633Sdim goto out; 540226633Sdim if (ia != NULL) 541226633Sdim ifa_free(&ia->ia_ifa); 542226633Sdim if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr)) 543226633Sdim == NULL) { 544226633Sdim /* 545226633Sdim * this can happen when the user specify the 0 valid 546226633Sdim * lifetime. 547226633Sdim */ 548226633Sdim break; 549226633Sdim } 550226633Sdim 551226633Sdim /* 552226633Sdim * then, make the prefix on-link on the interface. 553226633Sdim * XXX: we'd rather create the prefix before the address, but 554226633Sdim * we need at least one address to install the corresponding 555226633Sdim * interface route, so we configure the address first. 556226633Sdim */ 557226633Sdim 558226633Sdim /* 559226633Sdim * convert mask to prefix length (prefixmask has already 560226633Sdim * been validated in in6_update_ifa(). 561226633Sdim */ 562226633Sdim bzero(&pr0, sizeof(pr0)); 563226633Sdim pr0.ndpr_ifp = ifp; 564226633Sdim pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 565226633Sdim NULL); 566226633Sdim if (pr0.ndpr_plen == 128) { 567234353Sdim break; /* we don't need to install a host route. */ 568234353Sdim } 569234353Sdim pr0.ndpr_prefix = ifra->ifra_addr; 570234353Sdim /* apply the mask for safety. */ 571234353Sdim for (i = 0; i < 4; i++) { 572226633Sdim pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &= 573234353Sdim ifra->ifra_prefixmask.sin6_addr.s6_addr32[i]; 574234353Sdim } 575234353Sdim /* 576234353Sdim * XXX: since we don't have an API to set prefix (not address) 577234353Sdim * lifetimes, we just use the same lifetimes as addresses. 578234353Sdim * The (temporarily) installed lifetimes can be overridden by 579234353Sdim * later advertised RAs (when accept_rtadv is non 0), which is 580234353Sdim * an intended behavior. 581234353Sdim */ 582234353Sdim pr0.ndpr_raf_onlink = 1; /* should be configurable? */ 583234353Sdim pr0.ndpr_raf_auto = 584234353Sdim ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0); 585234353Sdim pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime; 586234353Sdim pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime; 587234353Sdim 588234353Sdim /* add the prefix if not yet. */ 589234353Sdim if ((pr = nd6_prefix_lookup(&pr0)) == NULL) { 590234353Sdim /* 591234353Sdim * nd6_prelist_add will install the corresponding 592234353Sdim * interface route. 593234353Sdim */ 594234353Sdim if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) 595234353Sdim goto out; 596234353Sdim if (pr == NULL) { 597234353Sdim log(LOG_ERR, "nd6_prelist_add succeeded but " 598234353Sdim "no prefix\n"); 599239462Sdim error = EINVAL; 600239462Sdim goto out; 601234353Sdim } 602234353Sdim } 603 604 /* relate the address to the prefix */ 605 if (ia->ia6_ndpr == NULL) { 606 ia->ia6_ndpr = pr; 607 pr->ndpr_refcnt++; 608 609 /* 610 * If this is the first autoconf address from the 611 * prefix, create a temporary address as well 612 * (when required). 613 */ 614 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) && 615 V_ip6_use_tempaddr && pr->ndpr_refcnt == 1) { 616 int e; 617 if ((e = in6_tmpifadd(ia, 1, 0)) != 0) { 618 log(LOG_NOTICE, "in6_control: failed " 619 "to create a temporary address, " 620 "errno=%d\n", e); 621 } 622 } 623 } 624 625 /* 626 * this might affect the status of autoconfigured addresses, 627 * that is, this address might make other addresses detached. 628 */ 629 pfxlist_onlink_check(); 630 if (error == 0 && ia) 631 EVENTHANDLER_INVOKE(ifaddr_event, ifp); 632 break; 633 } 634 635 case SIOCDIFADDR_IN6: 636 { 637 struct nd_prefix *pr; 638 639 /* 640 * If the address being deleted is the only one that owns 641 * the corresponding prefix, expire the prefix as well. 642 * XXX: theoretically, we don't have to worry about such 643 * relationship, since we separate the address management 644 * and the prefix management. We do this, however, to provide 645 * as much backward compatibility as possible in terms of 646 * the ioctl operation. 647 * Note that in6_purgeaddr() will decrement ndpr_refcnt. 648 */ 649 pr = ia->ia6_ndpr; 650 in6_purgeaddr(&ia->ia_ifa); 651 if (pr && pr->ndpr_refcnt == 0) 652 prelist_remove(pr); 653 EVENTHANDLER_INVOKE(ifaddr_event, ifp); 654 break; 655 } 656 657 default: 658 if (ifp == NULL || ifp->if_ioctl == 0) { 659 error = EOPNOTSUPP; 660 goto out; 661 } 662 error = (*ifp->if_ioctl)(ifp, cmd, data); 663 goto out; 664 } 665 666 error = 0; 667out: 668 if (ia != NULL) 669 ifa_free(&ia->ia_ifa); 670 return (error); 671} 672 673/* 674 * Update parameters of an IPv6 interface address. 675 * If necessary, a new entry is created and linked into address chains. 676 * This function is separated from in6_control(). 677 * XXX: should this be performed under splnet()? 678 */ 679int 680in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, 681 struct in6_ifaddr *ia, int flags) 682{ 683 int error = 0, hostIsNew = 0, plen = -1; 684 struct sockaddr_in6 dst6; 685 struct in6_addrlifetime *lt; 686 struct in6_multi_mship *imm; 687 struct in6_multi *in6m_sol; 688 struct rtentry *rt; 689 int delay; 690 char ip6buf[INET6_ADDRSTRLEN]; 691 692 /* Validate parameters */ 693 if (ifp == NULL || ifra == NULL) /* this maybe redundant */ 694 return (EINVAL); 695 696 /* 697 * The destination address for a p2p link must have a family 698 * of AF_UNSPEC or AF_INET6. 699 */ 700 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && 701 ifra->ifra_dstaddr.sin6_family != AF_INET6 && 702 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC) 703 return (EAFNOSUPPORT); 704 /* 705 * validate ifra_prefixmask. don't check sin6_family, netmask 706 * does not carry fields other than sin6_len. 707 */ 708 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6)) 709 return (EINVAL); 710 /* 711 * Because the IPv6 address architecture is classless, we require 712 * users to specify a (non 0) prefix length (mask) for a new address. 713 * We also require the prefix (when specified) mask is valid, and thus 714 * reject a non-consecutive mask. 715 */ 716 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0) 717 return (EINVAL); 718 if (ifra->ifra_prefixmask.sin6_len != 0) { 719 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 720 (u_char *)&ifra->ifra_prefixmask + 721 ifra->ifra_prefixmask.sin6_len); 722 if (plen <= 0) 723 return (EINVAL); 724 } else { 725 /* 726 * In this case, ia must not be NULL. We just use its prefix 727 * length. 728 */ 729 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 730 } 731 /* 732 * If the destination address on a p2p interface is specified, 733 * and the address is a scoped one, validate/set the scope 734 * zone identifier. 735 */ 736 dst6 = ifra->ifra_dstaddr; 737 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 && 738 (dst6.sin6_family == AF_INET6)) { 739 struct in6_addr in6_tmp; 740 u_int32_t zoneid; 741 742 in6_tmp = dst6.sin6_addr; 743 if (in6_setscope(&in6_tmp, ifp, &zoneid)) 744 return (EINVAL); /* XXX: should be impossible */ 745 746 if (dst6.sin6_scope_id != 0) { 747 if (dst6.sin6_scope_id != zoneid) 748 return (EINVAL); 749 } else /* user omit to specify the ID. */ 750 dst6.sin6_scope_id = zoneid; 751 752 /* convert into the internal form */ 753 if (sa6_embedscope(&dst6, 0)) 754 return (EINVAL); /* XXX: should be impossible */ 755 } 756 /* 757 * The destination address can be specified only for a p2p or a 758 * loopback interface. If specified, the corresponding prefix length 759 * must be 128. 760 */ 761 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) { 762 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) { 763 /* XXX: noisy message */ 764 nd6log((LOG_INFO, "in6_update_ifa: a destination can " 765 "be specified for a p2p or a loopback IF only\n")); 766 return (EINVAL); 767 } 768 if (plen != 128) { 769 nd6log((LOG_INFO, "in6_update_ifa: prefixlen should " 770 "be 128 when dstaddr is specified\n")); 771 return (EINVAL); 772 } 773 } 774 /* lifetime consistency check */ 775 lt = &ifra->ifra_lifetime; 776 if (lt->ia6t_pltime > lt->ia6t_vltime) 777 return (EINVAL); 778 if (lt->ia6t_vltime == 0) { 779 /* 780 * the following log might be noisy, but this is a typical 781 * configuration mistake or a tool's bug. 782 */ 783 nd6log((LOG_INFO, 784 "in6_update_ifa: valid lifetime is 0 for %s\n", 785 ip6_sprintf(ip6buf, &ifra->ifra_addr.sin6_addr))); 786 787 if (ia == NULL) 788 return (0); /* there's nothing to do */ 789 } 790 791 /* 792 * If this is a new address, allocate a new ifaddr and link it 793 * into chains. 794 */ 795 if (ia == NULL) { 796 hostIsNew = 1; 797 /* 798 * When in6_update_ifa() is called in a process of a received 799 * RA, it is called under an interrupt context. So, we should 800 * call malloc with M_NOWAIT. 801 */ 802 ia = (struct in6_ifaddr *) malloc(sizeof(*ia), M_IFADDR, 803 M_NOWAIT); 804 if (ia == NULL) 805 return (ENOBUFS); 806 bzero((caddr_t)ia, sizeof(*ia)); 807 ifa_init(&ia->ia_ifa); 808 LIST_INIT(&ia->ia6_memberships); 809 /* Initialize the address and masks, and put time stamp */ 810 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr; 811 ia->ia_addr.sin6_family = AF_INET6; 812 ia->ia_addr.sin6_len = sizeof(ia->ia_addr); 813 ia->ia6_createtime = time_second; 814 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) { 815 /* 816 * XXX: some functions expect that ifa_dstaddr is not 817 * NULL for p2p interfaces. 818 */ 819 ia->ia_ifa.ifa_dstaddr = 820 (struct sockaddr *)&ia->ia_dstaddr; 821 } else { 822 ia->ia_ifa.ifa_dstaddr = NULL; 823 } 824 ia->ia_ifa.ifa_netmask = (struct sockaddr *)&ia->ia_prefixmask; 825 ia->ia_ifp = ifp; 826 ifa_ref(&ia->ia_ifa); /* if_addrhead */ 827 IF_ADDR_LOCK(ifp); 828 TAILQ_INSERT_TAIL(&ifp->if_addrhead, &ia->ia_ifa, ifa_link); 829 IF_ADDR_UNLOCK(ifp); 830 831 ifa_ref(&ia->ia_ifa); /* in6_ifaddrhead */ 832 IN6_IFADDR_WLOCK(); 833 TAILQ_INSERT_TAIL(&V_in6_ifaddrhead, ia, ia_link); 834 IN6_IFADDR_WUNLOCK(); 835 } 836 837 /* update timestamp */ 838 ia->ia6_updatetime = time_second; 839 840 /* set prefix mask */ 841 if (ifra->ifra_prefixmask.sin6_len) { 842 /* 843 * We prohibit changing the prefix length of an existing 844 * address, because 845 * + such an operation should be rare in IPv6, and 846 * + the operation would confuse prefix management. 847 */ 848 if (ia->ia_prefixmask.sin6_len && 849 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) { 850 nd6log((LOG_INFO, "in6_update_ifa: the prefix length of an" 851 " existing (%s) address should not be changed\n", 852 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr))); 853 error = EINVAL; 854 goto unlink; 855 } 856 ia->ia_prefixmask = ifra->ifra_prefixmask; 857 } 858 859 /* 860 * If a new destination address is specified, scrub the old one and 861 * install the new destination. Note that the interface must be 862 * p2p or loopback (see the check above.) 863 */ 864 if (dst6.sin6_family == AF_INET6 && 865 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, &ia->ia_dstaddr.sin6_addr)) { 866 int e; 867 868 if ((ia->ia_flags & IFA_ROUTE) != 0 && 869 (e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) != 0) { 870 nd6log((LOG_ERR, "in6_update_ifa: failed to remove " 871 "a route to the old destination: %s\n", 872 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr))); 873 /* proceed anyway... */ 874 } else 875 ia->ia_flags &= ~IFA_ROUTE; 876 ia->ia_dstaddr = dst6; 877 } 878 879 /* 880 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred 881 * to see if the address is deprecated or invalidated, but initialize 882 * these members for applications. 883 */ 884 ia->ia6_lifetime = ifra->ifra_lifetime; 885 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 886 ia->ia6_lifetime.ia6t_expire = 887 time_second + ia->ia6_lifetime.ia6t_vltime; 888 } else 889 ia->ia6_lifetime.ia6t_expire = 0; 890 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 891 ia->ia6_lifetime.ia6t_preferred = 892 time_second + ia->ia6_lifetime.ia6t_pltime; 893 } else 894 ia->ia6_lifetime.ia6t_preferred = 0; 895 896 /* reset the interface and routing table appropriately. */ 897 if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0) 898 goto unlink; 899 900 /* 901 * configure address flags. 902 */ 903 ia->ia6_flags = ifra->ifra_flags; 904 /* 905 * backward compatibility - if IN6_IFF_DEPRECATED is set from the 906 * userland, make it deprecated. 907 */ 908 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) { 909 ia->ia6_lifetime.ia6t_pltime = 0; 910 ia->ia6_lifetime.ia6t_preferred = time_second; 911 } 912 /* 913 * Make the address tentative before joining multicast addresses, 914 * so that corresponding MLD responses would not have a tentative 915 * source address. 916 */ 917 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */ 918 if (hostIsNew && in6if_do_dad(ifp)) 919 ia->ia6_flags |= IN6_IFF_TENTATIVE; 920 921 /* DAD should be performed after ND6_IFF_IFDISABLED is cleared. */ 922 if (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED) 923 ia->ia6_flags |= IN6_IFF_TENTATIVE; 924 925 /* 926 * We are done if we have simply modified an existing address. 927 */ 928 if (!hostIsNew) 929 return (error); 930 931 /* 932 * Beyond this point, we should call in6_purgeaddr upon an error, 933 * not just go to unlink. 934 */ 935 936 /* Join necessary multicast groups */ 937 in6m_sol = NULL; 938 if ((ifp->if_flags & IFF_MULTICAST) != 0) { 939 struct sockaddr_in6 mltaddr, mltmask; 940 struct in6_addr llsol; 941 942 /* join solicited multicast addr for new host id */ 943 bzero(&llsol, sizeof(struct in6_addr)); 944 llsol.s6_addr32[0] = IPV6_ADDR_INT32_MLL; 945 llsol.s6_addr32[1] = 0; 946 llsol.s6_addr32[2] = htonl(1); 947 llsol.s6_addr32[3] = ifra->ifra_addr.sin6_addr.s6_addr32[3]; 948 llsol.s6_addr8[12] = 0xff; 949 if ((error = in6_setscope(&llsol, ifp, NULL)) != 0) { 950 /* XXX: should not happen */ 951 log(LOG_ERR, "in6_update_ifa: " 952 "in6_setscope failed\n"); 953 goto cleanup; 954 } 955 delay = 0; 956 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 957 /* 958 * We need a random delay for DAD on the address 959 * being configured. It also means delaying 960 * transmission of the corresponding MLD report to 961 * avoid report collision. 962 * [RFC 4861, Section 6.3.7] 963 */ 964 delay = arc4random() % 965 (MAX_RTR_SOLICITATION_DELAY * hz); 966 } 967 imm = in6_joingroup(ifp, &llsol, &error, delay); 968 if (imm == NULL) { 969 nd6log((LOG_WARNING, 970 "in6_update_ifa: addmulti failed for " 971 "%s on %s (errno=%d)\n", 972 ip6_sprintf(ip6buf, &llsol), if_name(ifp), 973 error)); 974 goto cleanup; 975 } 976 LIST_INSERT_HEAD(&ia->ia6_memberships, 977 imm, i6mm_chain); 978 in6m_sol = imm->i6mm_maddr; 979 980 bzero(&mltmask, sizeof(mltmask)); 981 mltmask.sin6_len = sizeof(struct sockaddr_in6); 982 mltmask.sin6_family = AF_INET6; 983 mltmask.sin6_addr = in6mask32; 984#define MLTMASK_LEN 4 /* mltmask's masklen (=32bit=4octet) */ 985 986 /* 987 * join link-local all-nodes address 988 */ 989 bzero(&mltaddr, sizeof(mltaddr)); 990 mltaddr.sin6_len = sizeof(struct sockaddr_in6); 991 mltaddr.sin6_family = AF_INET6; 992 mltaddr.sin6_addr = in6addr_linklocal_allnodes; 993 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 994 0) 995 goto cleanup; /* XXX: should not fail */ 996 997 /* 998 * XXX: do we really need this automatic routes? 999 * We should probably reconsider this stuff. Most applications 1000 * actually do not need the routes, since they usually specify 1001 * the outgoing interface. 1002 */ 1003 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 1004 if (rt) { 1005 /* XXX: only works in !SCOPEDROUTING case. */ 1006 if (memcmp(&mltaddr.sin6_addr, 1007 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 1008 MLTMASK_LEN)) { 1009 RTFREE_LOCKED(rt); 1010 rt = NULL; 1011 } 1012 } 1013 if (!rt) { 1014 error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr, 1015 (struct sockaddr *)&ia->ia_addr, 1016 (struct sockaddr *)&mltmask, RTF_UP, 1017 (struct rtentry **)0); 1018 if (error) 1019 goto cleanup; 1020 } else { 1021 RTFREE_LOCKED(rt); 1022 } 1023 1024 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0); 1025 if (!imm) { 1026 nd6log((LOG_WARNING, 1027 "in6_update_ifa: addmulti failed for " 1028 "%s on %s (errno=%d)\n", 1029 ip6_sprintf(ip6buf, &mltaddr.sin6_addr), 1030 if_name(ifp), error)); 1031 goto cleanup; 1032 } 1033 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1034 1035 /* 1036 * join node information group address 1037 */ 1038 delay = 0; 1039 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1040 /* 1041 * The spec doesn't say anything about delay for this 1042 * group, but the same logic should apply. 1043 */ 1044 delay = arc4random() % 1045 (MAX_RTR_SOLICITATION_DELAY * hz); 1046 } 1047 if (in6_nigroup(ifp, NULL, -1, &mltaddr.sin6_addr) == 0) { 1048 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 1049 delay); /* XXX jinmei */ 1050 if (!imm) { 1051 nd6log((LOG_WARNING, "in6_update_ifa: " 1052 "addmulti failed for %s on %s " 1053 "(errno=%d)\n", 1054 ip6_sprintf(ip6buf, &mltaddr.sin6_addr), 1055 if_name(ifp), error)); 1056 /* XXX not very fatal, go on... */ 1057 } else { 1058 LIST_INSERT_HEAD(&ia->ia6_memberships, 1059 imm, i6mm_chain); 1060 } 1061 } 1062 1063 /* 1064 * join interface-local all-nodes address. 1065 * (ff01::1%ifN, and ff01::%ifN/32) 1066 */ 1067 mltaddr.sin6_addr = in6addr_nodelocal_allnodes; 1068 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) 1069 != 0) 1070 goto cleanup; /* XXX: should not fail */ 1071 /* XXX: again, do we really need the route? */ 1072 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 1073 if (rt) { 1074 if (memcmp(&mltaddr.sin6_addr, 1075 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 1076 MLTMASK_LEN)) { 1077 RTFREE_LOCKED(rt); 1078 rt = NULL; 1079 } 1080 } 1081 if (!rt) { 1082 error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr, 1083 (struct sockaddr *)&ia->ia_addr, 1084 (struct sockaddr *)&mltmask, RTF_UP, 1085 (struct rtentry **)0); 1086 if (error) 1087 goto cleanup; 1088 } else 1089 RTFREE_LOCKED(rt); 1090 1091 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0); 1092 if (!imm) { 1093 nd6log((LOG_WARNING, "in6_update_ifa: " 1094 "addmulti failed for %s on %s " 1095 "(errno=%d)\n", 1096 ip6_sprintf(ip6buf, &mltaddr.sin6_addr), 1097 if_name(ifp), error)); 1098 goto cleanup; 1099 } 1100 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1101#undef MLTMASK_LEN 1102 } 1103 1104 /* 1105 * Perform DAD, if needed. 1106 * XXX It may be of use, if we can administratively 1107 * disable DAD. 1108 */ 1109 if (in6if_do_dad(ifp) && ((ifra->ifra_flags & IN6_IFF_NODAD) == 0) && 1110 (ia->ia6_flags & IN6_IFF_TENTATIVE)) 1111 { 1112 int mindelay, maxdelay; 1113 1114 delay = 0; 1115 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1116 /* 1117 * We need to impose a delay before sending an NS 1118 * for DAD. Check if we also needed a delay for the 1119 * corresponding MLD message. If we did, the delay 1120 * should be larger than the MLD delay (this could be 1121 * relaxed a bit, but this simple logic is at least 1122 * safe). 1123 * XXX: Break data hiding guidelines and look at 1124 * state for the solicited multicast group. 1125 */ 1126 mindelay = 0; 1127 if (in6m_sol != NULL && 1128 in6m_sol->in6m_state == MLD_REPORTING_MEMBER) { 1129 mindelay = in6m_sol->in6m_timer; 1130 } 1131 maxdelay = MAX_RTR_SOLICITATION_DELAY * hz; 1132 if (maxdelay - mindelay == 0) 1133 delay = 0; 1134 else { 1135 delay = 1136 (arc4random() % (maxdelay - mindelay)) + 1137 mindelay; 1138 } 1139 } 1140 nd6_dad_start((struct ifaddr *)ia, delay); 1141 } 1142 1143 KASSERT(hostIsNew, ("in6_update_ifa: !hostIsNew")); 1144 ifa_free(&ia->ia_ifa); 1145 return (error); 1146 1147 unlink: 1148 /* 1149 * XXX: if a change of an existing address failed, keep the entry 1150 * anyway. 1151 */ 1152 if (hostIsNew) { 1153 in6_unlink_ifa(ia, ifp); 1154 ifa_free(&ia->ia_ifa); 1155 } 1156 return (error); 1157 1158 cleanup: 1159 KASSERT(hostIsNew, ("in6_update_ifa: cleanup: !hostIsNew")); 1160 ifa_free(&ia->ia_ifa); 1161 in6_purgeaddr(&ia->ia_ifa); 1162 return error; 1163} 1164 1165void 1166in6_purgeaddr(struct ifaddr *ifa) 1167{ 1168 struct ifnet *ifp = ifa->ifa_ifp; 1169 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa; 1170 struct in6_multi_mship *imm; 1171 struct sockaddr_in6 mltaddr, mltmask; 1172 struct rtentry rt0; 1173 struct sockaddr_dl gateway; 1174 struct sockaddr_in6 mask, addr; 1175 int plen, error; 1176 struct rtentry *rt; 1177 struct ifaddr *ifa0, *nifa; 1178 1179 /* 1180 * find another IPv6 address as the gateway for the 1181 * link-local and node-local all-nodes multicast 1182 * address routes 1183 */ 1184 IF_ADDR_LOCK(ifp); 1185 TAILQ_FOREACH_SAFE(ifa0, &ifp->if_addrhead, ifa_link, nifa) { 1186 if ((ifa0->ifa_addr->sa_family != AF_INET6) || 1187 memcmp(&satosin6(ifa0->ifa_addr)->sin6_addr, 1188 &ia->ia_addr.sin6_addr, 1189 sizeof(struct in6_addr)) == 0) 1190 continue; 1191 else 1192 break; 1193 } 1194 if (ifa0 != NULL) 1195 ifa_ref(ifa0); 1196 IF_ADDR_UNLOCK(ifp); 1197 1198 /* 1199 * Remove the loopback route to the interface address. 1200 * The check for the current setting of "nd6_useloopback" 1201 * is not needed. 1202 */ 1203 error = ifa_del_loopback_route((struct ifaddr *)ia, 1204 (struct sockaddr *)&ia->ia_addr); 1205 1206 /* stop DAD processing */ 1207 nd6_dad_stop(ifa); 1208 1209 IF_AFDATA_LOCK(ifp); 1210 lla_lookup(LLTABLE6(ifp), (LLE_DELETE | LLE_IFADDR), 1211 (struct sockaddr *)&ia->ia_addr); 1212 IF_AFDATA_UNLOCK(ifp); 1213 1214 /* 1215 * initialize for rtmsg generation 1216 */ 1217 bzero(&gateway, sizeof(gateway)); 1218 gateway.sdl_len = sizeof(gateway); 1219 gateway.sdl_family = AF_LINK; 1220 gateway.sdl_nlen = 0; 1221 gateway.sdl_alen = ifp->if_addrlen; 1222 /* */ 1223 bzero(&rt0, sizeof(rt0)); 1224 rt0.rt_gateway = (struct sockaddr *)&gateway; 1225 memcpy(&mask, &ia->ia_prefixmask, sizeof(ia->ia_prefixmask)); 1226 memcpy(&addr, &ia->ia_addr, sizeof(ia->ia_addr)); 1227 rt_mask(&rt0) = (struct sockaddr *)&mask; 1228 rt_key(&rt0) = (struct sockaddr *)&addr; 1229 rt0.rt_flags = RTF_HOST | RTF_STATIC; 1230 rt_newaddrmsg(RTM_DELETE, ifa, 0, &rt0); 1231 1232 /* 1233 * leave from multicast groups we have joined for the interface 1234 */ 1235 while ((imm = ia->ia6_memberships.lh_first) != NULL) { 1236 LIST_REMOVE(imm, i6mm_chain); 1237 in6_leavegroup(imm); 1238 } 1239 1240 /* 1241 * remove the link-local all-nodes address 1242 */ 1243 bzero(&mltmask, sizeof(mltmask)); 1244 mltmask.sin6_len = sizeof(struct sockaddr_in6); 1245 mltmask.sin6_family = AF_INET6; 1246 mltmask.sin6_addr = in6mask32; 1247 1248 bzero(&mltaddr, sizeof(mltaddr)); 1249 mltaddr.sin6_len = sizeof(struct sockaddr_in6); 1250 mltaddr.sin6_family = AF_INET6; 1251 mltaddr.sin6_addr = in6addr_linklocal_allnodes; 1252 1253 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 1254 0) 1255 goto cleanup; 1256 1257 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 1258 if (rt != NULL && rt->rt_gateway != NULL && 1259 (memcmp(&satosin6(rt->rt_gateway)->sin6_addr, 1260 &ia->ia_addr.sin6_addr, 1261 sizeof(ia->ia_addr.sin6_addr)) == 0)) { 1262 /* 1263 * if no more IPv6 address exists on this interface 1264 * then remove the multicast address route 1265 */ 1266 if (ifa0 == NULL) { 1267 memcpy(&mltaddr.sin6_addr, &satosin6(rt_key(rt))->sin6_addr, 1268 sizeof(mltaddr.sin6_addr)); 1269 RTFREE_LOCKED(rt); 1270 error = rtrequest(RTM_DELETE, (struct sockaddr *)&mltaddr, 1271 (struct sockaddr *)&ia->ia_addr, 1272 (struct sockaddr *)&mltmask, RTF_UP, 1273 (struct rtentry **)0); 1274 if (error) 1275 log(LOG_INFO, "in6_purgeaddr: link-local all-nodes" 1276 "multicast address deletion error\n"); 1277 } else { 1278 /* 1279 * replace the gateway of the route 1280 */ 1281 struct sockaddr_in6 sa; 1282 1283 bzero(&sa, sizeof(sa)); 1284 sa.sin6_len = sizeof(struct sockaddr_in6); 1285 sa.sin6_family = AF_INET6; 1286 memcpy(&sa.sin6_addr, &satosin6(ifa0->ifa_addr)->sin6_addr, 1287 sizeof(sa.sin6_addr)); 1288 in6_setscope(&sa.sin6_addr, ifa0->ifa_ifp, NULL); 1289 memcpy(rt->rt_gateway, &sa, sizeof(sa)); 1290 RTFREE_LOCKED(rt); 1291 } 1292 } else { 1293 if (rt != NULL) 1294 RTFREE_LOCKED(rt); 1295 } 1296 1297 /* 1298 * remove the node-local all-nodes address 1299 */ 1300 mltaddr.sin6_addr = in6addr_nodelocal_allnodes; 1301 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 1302 0) 1303 goto cleanup; 1304 1305 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 1306 if (rt != NULL && rt->rt_gateway != NULL && 1307 (memcmp(&satosin6(rt->rt_gateway)->sin6_addr, 1308 &ia->ia_addr.sin6_addr, 1309 sizeof(ia->ia_addr.sin6_addr)) == 0)) { 1310 /* 1311 * if no more IPv6 address exists on this interface 1312 * then remove the multicast address route 1313 */ 1314 if (ifa0 == NULL) { 1315 memcpy(&mltaddr.sin6_addr, &satosin6(rt_key(rt))->sin6_addr, 1316 sizeof(mltaddr.sin6_addr)); 1317 1318 RTFREE_LOCKED(rt); 1319 error = rtrequest(RTM_DELETE, (struct sockaddr *)&mltaddr, 1320 (struct sockaddr *)&ia->ia_addr, 1321 (struct sockaddr *)&mltmask, RTF_UP, 1322 (struct rtentry **)0); 1323 1324 if (error) 1325 log(LOG_INFO, "in6_purgeaddr: node-local all-nodes" 1326 "multicast address deletion error\n"); 1327 } else { 1328 /* 1329 * replace the gateway of the route 1330 */ 1331 struct sockaddr_in6 sa; 1332 1333 bzero(&sa, sizeof(sa)); 1334 sa.sin6_len = sizeof(struct sockaddr_in6); 1335 sa.sin6_family = AF_INET6; 1336 memcpy(&sa.sin6_addr, &satosin6(ifa0->ifa_addr)->sin6_addr, 1337 sizeof(sa.sin6_addr)); 1338 in6_setscope(&sa.sin6_addr, ifa0->ifa_ifp, NULL); 1339 memcpy(rt->rt_gateway, &sa, sizeof(sa)); 1340 RTFREE_LOCKED(rt); 1341 } 1342 } else { 1343 if (rt != NULL) 1344 RTFREE_LOCKED(rt); 1345 } 1346 1347cleanup: 1348 1349 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ 1350 if ((ia->ia_flags & IFA_ROUTE) && plen == 128) { 1351 int error; 1352 struct sockaddr *dstaddr; 1353 1354 /* 1355 * use the interface address if configuring an 1356 * interface address with a /128 prefix len 1357 */ 1358 if (ia->ia_dstaddr.sin6_family == AF_INET6) 1359 dstaddr = (struct sockaddr *)&ia->ia_dstaddr; 1360 else 1361 dstaddr = (struct sockaddr *)&ia->ia_addr; 1362 1363 error = rtrequest(RTM_DELETE, 1364 (struct sockaddr *)dstaddr, 1365 (struct sockaddr *)&ia->ia_addr, 1366 (struct sockaddr *)&ia->ia_prefixmask, 1367 ia->ia_flags | RTF_HOST, NULL); 1368 if (error != 0) 1369 return; 1370 ia->ia_flags &= ~IFA_ROUTE; 1371 } 1372 if (ifa0 != NULL) 1373 ifa_free(ifa0); 1374 1375 in6_unlink_ifa(ia, ifp); 1376} 1377 1378static void 1379in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp) 1380{ 1381 int s = splnet(); 1382 1383 IF_ADDR_LOCK(ifp); 1384 TAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifa_link); 1385 IF_ADDR_UNLOCK(ifp); 1386 ifa_free(&ia->ia_ifa); /* if_addrhead */ 1387 1388 /* 1389 * Defer the release of what might be the last reference to the 1390 * in6_ifaddr so that it can't be freed before the remainder of the 1391 * cleanup. 1392 */ 1393 IN6_IFADDR_WLOCK(); 1394 TAILQ_REMOVE(&V_in6_ifaddrhead, ia, ia_link); 1395 IN6_IFADDR_WUNLOCK(); 1396 1397 /* 1398 * Release the reference to the base prefix. There should be a 1399 * positive reference. 1400 */ 1401 if (ia->ia6_ndpr == NULL) { 1402 nd6log((LOG_NOTICE, 1403 "in6_unlink_ifa: autoconf'ed address " 1404 "%p has no prefix\n", ia)); 1405 } else { 1406 ia->ia6_ndpr->ndpr_refcnt--; 1407 ia->ia6_ndpr = NULL; 1408 } 1409 1410 /* 1411 * Also, if the address being removed is autoconf'ed, call 1412 * pfxlist_onlink_check() since the release might affect the status of 1413 * other (detached) addresses. 1414 */ 1415 if ((ia->ia6_flags & IN6_IFF_AUTOCONF)) { 1416 pfxlist_onlink_check(); 1417 } 1418 ifa_free(&ia->ia_ifa); /* in6_ifaddrhead */ 1419 splx(s); 1420} 1421 1422void 1423in6_purgeif(struct ifnet *ifp) 1424{ 1425 struct ifaddr *ifa, *nifa; 1426 1427 TAILQ_FOREACH_SAFE(ifa, &ifp->if_addrhead, ifa_link, nifa) { 1428 if (ifa->ifa_addr->sa_family != AF_INET6) 1429 continue; 1430 in6_purgeaddr(ifa); 1431 } 1432 1433 in6_ifdetach(ifp); 1434} 1435 1436/* 1437 * SIOC[GAD]LIFADDR. 1438 * SIOCGLIFADDR: get first address. (?) 1439 * SIOCGLIFADDR with IFLR_PREFIX: 1440 * get first address that matches the specified prefix. 1441 * SIOCALIFADDR: add the specified address. 1442 * SIOCALIFADDR with IFLR_PREFIX: 1443 * add the specified prefix, filling hostid part from 1444 * the first link-local address. prefixlen must be <= 64. 1445 * SIOCDLIFADDR: delete the specified address. 1446 * SIOCDLIFADDR with IFLR_PREFIX: 1447 * delete the first address that matches the specified prefix. 1448 * return values: 1449 * EINVAL on invalid parameters 1450 * EADDRNOTAVAIL on prefix match failed/specified address not found 1451 * other values may be returned from in6_ioctl() 1452 * 1453 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64. 1454 * this is to accomodate address naming scheme other than RFC2374, 1455 * in the future. 1456 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374 1457 * address encoding scheme. (see figure on page 8) 1458 */ 1459static int 1460in6_lifaddr_ioctl(struct socket *so, u_long cmd, caddr_t data, 1461 struct ifnet *ifp, struct thread *td) 1462{ 1463 struct if_laddrreq *iflr = (struct if_laddrreq *)data; 1464 struct ifaddr *ifa; 1465 struct sockaddr *sa; 1466 1467 /* sanity checks */ 1468 if (!data || !ifp) { 1469 panic("invalid argument to in6_lifaddr_ioctl"); 1470 /* NOTREACHED */ 1471 } 1472 1473 switch (cmd) { 1474 case SIOCGLIFADDR: 1475 /* address must be specified on GET with IFLR_PREFIX */ 1476 if ((iflr->flags & IFLR_PREFIX) == 0) 1477 break; 1478 /* FALLTHROUGH */ 1479 case SIOCALIFADDR: 1480 case SIOCDLIFADDR: 1481 /* address must be specified on ADD and DELETE */ 1482 sa = (struct sockaddr *)&iflr->addr; 1483 if (sa->sa_family != AF_INET6) 1484 return EINVAL; 1485 if (sa->sa_len != sizeof(struct sockaddr_in6)) 1486 return EINVAL; 1487 /* XXX need improvement */ 1488 sa = (struct sockaddr *)&iflr->dstaddr; 1489 if (sa->sa_family && sa->sa_family != AF_INET6) 1490 return EINVAL; 1491 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6)) 1492 return EINVAL; 1493 break; 1494 default: /* shouldn't happen */ 1495#if 0 1496 panic("invalid cmd to in6_lifaddr_ioctl"); 1497 /* NOTREACHED */ 1498#else 1499 return EOPNOTSUPP; 1500#endif 1501 } 1502 if (sizeof(struct in6_addr) * 8 < iflr->prefixlen) 1503 return EINVAL; 1504 1505 switch (cmd) { 1506 case SIOCALIFADDR: 1507 { 1508 struct in6_aliasreq ifra; 1509 struct in6_addr *hostid = NULL; 1510 int prefixlen; 1511 1512 ifa = NULL; 1513 if ((iflr->flags & IFLR_PREFIX) != 0) { 1514 struct sockaddr_in6 *sin6; 1515 1516 /* 1517 * hostid is to fill in the hostid part of the 1518 * address. hostid points to the first link-local 1519 * address attached to the interface. 1520 */ 1521 ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 0); 1522 if (!ifa) 1523 return EADDRNOTAVAIL; 1524 hostid = IFA_IN6(ifa); 1525 1526 /* prefixlen must be <= 64. */ 1527 if (64 < iflr->prefixlen) 1528 return EINVAL; 1529 prefixlen = iflr->prefixlen; 1530 1531 /* hostid part must be zero. */ 1532 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1533 if (sin6->sin6_addr.s6_addr32[2] != 0 || 1534 sin6->sin6_addr.s6_addr32[3] != 0) { 1535 return EINVAL; 1536 } 1537 } else 1538 prefixlen = iflr->prefixlen; 1539 1540 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */ 1541 bzero(&ifra, sizeof(ifra)); 1542 bcopy(iflr->iflr_name, ifra.ifra_name, sizeof(ifra.ifra_name)); 1543 1544 bcopy(&iflr->addr, &ifra.ifra_addr, 1545 ((struct sockaddr *)&iflr->addr)->sa_len); 1546 if (hostid) { 1547 /* fill in hostid part */ 1548 ifra.ifra_addr.sin6_addr.s6_addr32[2] = 1549 hostid->s6_addr32[2]; 1550 ifra.ifra_addr.sin6_addr.s6_addr32[3] = 1551 hostid->s6_addr32[3]; 1552 } 1553 1554 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /* XXX */ 1555 bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr, 1556 ((struct sockaddr *)&iflr->dstaddr)->sa_len); 1557 if (hostid) { 1558 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] = 1559 hostid->s6_addr32[2]; 1560 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] = 1561 hostid->s6_addr32[3]; 1562 } 1563 } 1564 if (ifa != NULL) 1565 ifa_free(ifa); 1566 1567 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6); 1568 in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen); 1569 1570 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX; 1571 return in6_control(so, SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp, td); 1572 } 1573 case SIOCGLIFADDR: 1574 case SIOCDLIFADDR: 1575 { 1576 struct in6_ifaddr *ia; 1577 struct in6_addr mask, candidate, match; 1578 struct sockaddr_in6 *sin6; 1579 int cmp; 1580 1581 bzero(&mask, sizeof(mask)); 1582 if (iflr->flags & IFLR_PREFIX) { 1583 /* lookup a prefix rather than address. */ 1584 in6_prefixlen2mask(&mask, iflr->prefixlen); 1585 1586 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1587 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1588 match.s6_addr32[0] &= mask.s6_addr32[0]; 1589 match.s6_addr32[1] &= mask.s6_addr32[1]; 1590 match.s6_addr32[2] &= mask.s6_addr32[2]; 1591 match.s6_addr32[3] &= mask.s6_addr32[3]; 1592 1593 /* if you set extra bits, that's wrong */ 1594 if (bcmp(&match, &sin6->sin6_addr, sizeof(match))) 1595 return EINVAL; 1596 1597 cmp = 1; 1598 } else { 1599 if (cmd == SIOCGLIFADDR) { 1600 /* on getting an address, take the 1st match */ 1601 cmp = 0; /* XXX */ 1602 } else { 1603 /* on deleting an address, do exact match */ 1604 in6_prefixlen2mask(&mask, 128); 1605 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1606 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1607 1608 cmp = 1; 1609 } 1610 } 1611 1612 IF_ADDR_LOCK(ifp); 1613 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1614 if (ifa->ifa_addr->sa_family != AF_INET6) 1615 continue; 1616 if (!cmp) 1617 break; 1618 1619 /* 1620 * XXX: this is adhoc, but is necessary to allow 1621 * a user to specify fe80::/64 (not /10) for a 1622 * link-local address. 1623 */ 1624 bcopy(IFA_IN6(ifa), &candidate, sizeof(candidate)); 1625 in6_clearscope(&candidate); 1626 candidate.s6_addr32[0] &= mask.s6_addr32[0]; 1627 candidate.s6_addr32[1] &= mask.s6_addr32[1]; 1628 candidate.s6_addr32[2] &= mask.s6_addr32[2]; 1629 candidate.s6_addr32[3] &= mask.s6_addr32[3]; 1630 if (IN6_ARE_ADDR_EQUAL(&candidate, &match)) 1631 break; 1632 } 1633 IF_ADDR_UNLOCK(ifp); 1634 if (!ifa) 1635 return EADDRNOTAVAIL; 1636 ia = ifa2ia6(ifa); 1637 1638 if (cmd == SIOCGLIFADDR) { 1639 int error; 1640 1641 /* fill in the if_laddrreq structure */ 1642 bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin6_len); 1643 error = sa6_recoverscope( 1644 (struct sockaddr_in6 *)&iflr->addr); 1645 if (error != 0) 1646 return (error); 1647 1648 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1649 bcopy(&ia->ia_dstaddr, &iflr->dstaddr, 1650 ia->ia_dstaddr.sin6_len); 1651 error = sa6_recoverscope( 1652 (struct sockaddr_in6 *)&iflr->dstaddr); 1653 if (error != 0) 1654 return (error); 1655 } else 1656 bzero(&iflr->dstaddr, sizeof(iflr->dstaddr)); 1657 1658 iflr->prefixlen = 1659 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 1660 1661 iflr->flags = ia->ia6_flags; /* XXX */ 1662 1663 return 0; 1664 } else { 1665 struct in6_aliasreq ifra; 1666 1667 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */ 1668 bzero(&ifra, sizeof(ifra)); 1669 bcopy(iflr->iflr_name, ifra.ifra_name, 1670 sizeof(ifra.ifra_name)); 1671 1672 bcopy(&ia->ia_addr, &ifra.ifra_addr, 1673 ia->ia_addr.sin6_len); 1674 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1675 bcopy(&ia->ia_dstaddr, &ifra.ifra_dstaddr, 1676 ia->ia_dstaddr.sin6_len); 1677 } else { 1678 bzero(&ifra.ifra_dstaddr, 1679 sizeof(ifra.ifra_dstaddr)); 1680 } 1681 bcopy(&ia->ia_prefixmask, &ifra.ifra_dstaddr, 1682 ia->ia_prefixmask.sin6_len); 1683 1684 ifra.ifra_flags = ia->ia6_flags; 1685 return in6_control(so, SIOCDIFADDR_IN6, (caddr_t)&ifra, 1686 ifp, td); 1687 } 1688 } 1689 } 1690 1691 return EOPNOTSUPP; /* just for safety */ 1692} 1693 1694/* 1695 * Initialize an interface's intetnet6 address 1696 * and routing table entry. 1697 */ 1698static int 1699in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia, 1700 struct sockaddr_in6 *sin6, int newhost) 1701{ 1702 int error = 0, plen, ifacount = 0; 1703 int s = splimp(); 1704 struct ifaddr *ifa; 1705 1706 /* 1707 * Give the interface a chance to initialize 1708 * if this is its first address, 1709 * and to validate the address if necessary. 1710 */ 1711 IF_ADDR_LOCK(ifp); 1712 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1713 if (ifa->ifa_addr->sa_family != AF_INET6) 1714 continue; 1715 ifacount++; 1716 } 1717 IF_ADDR_UNLOCK(ifp); 1718 1719 ia->ia_addr = *sin6; 1720 1721 if (ifacount <= 1 && ifp->if_ioctl) { 1722 error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia); 1723 if (error) { 1724 splx(s); 1725 return (error); 1726 } 1727 } 1728 splx(s); 1729 1730 ia->ia_ifa.ifa_metric = ifp->if_metric; 1731 1732 /* we could do in(6)_socktrim here, but just omit it at this moment. */ 1733 1734 /* 1735 * Special case: 1736 * If a new destination address is specified for a point-to-point 1737 * interface, install a route to the destination as an interface 1738 * direct route. 1739 * XXX: the logic below rejects assigning multiple addresses on a p2p 1740 * interface that share the same destination. 1741 */ 1742 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ 1743 if (!(ia->ia_flags & IFA_ROUTE) && plen == 128 && 1744 ia->ia_dstaddr.sin6_family == AF_INET6) { 1745 int rtflags = RTF_UP | RTF_HOST; 1746 1747 error = rtrequest(RTM_ADD, 1748 (struct sockaddr *)&ia->ia_dstaddr, 1749 (struct sockaddr *)&ia->ia_addr, 1750 (struct sockaddr *)&ia->ia_prefixmask, 1751 ia->ia_flags | rtflags, NULL); 1752 if (error != 0) 1753 return (error); 1754 ia->ia_flags |= IFA_ROUTE; 1755 } 1756 1757 /* 1758 * add a loopback route to self 1759 */ 1760 if (!(ia->ia_flags & IFA_ROUTE) 1761 && (V_nd6_useloopback 1762 || (ifp->if_flags & IFF_LOOPBACK))) { 1763 error = ifa_add_loopback_route((struct ifaddr *)ia, 1764 (struct sockaddr *)&ia->ia_addr); 1765 } 1766 1767 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */ 1768 if (newhost) { 1769 struct llentry *ln; 1770 struct rtentry rt; 1771 struct sockaddr_dl gateway; 1772 struct sockaddr_in6 mask, addr; 1773 1774 IF_AFDATA_LOCK(ifp); 1775 ia->ia_ifa.ifa_rtrequest = NULL; 1776 1777 /* XXX QL 1778 * we need to report rt_newaddrmsg 1779 */ 1780 ln = lla_lookup(LLTABLE6(ifp), (LLE_CREATE | LLE_IFADDR | LLE_EXCLUSIVE), 1781 (struct sockaddr *)&ia->ia_addr); 1782 IF_AFDATA_UNLOCK(ifp); 1783 if (ln != NULL) { 1784 ln->la_expire = 0; /* for IPv6 this means permanent */ 1785 ln->ln_state = ND6_LLINFO_REACHABLE; 1786 /* 1787 * initialize for rtmsg generation 1788 */ 1789 bzero(&gateway, sizeof(gateway)); 1790 gateway.sdl_len = sizeof(gateway); 1791 gateway.sdl_family = AF_LINK; 1792 gateway.sdl_nlen = 0; 1793 gateway.sdl_alen = 6; 1794 memcpy(gateway.sdl_data, &ln->ll_addr.mac_aligned, sizeof(ln->ll_addr)); 1795 /* */ 1796 LLE_WUNLOCK(ln); 1797 } 1798 1799 bzero(&rt, sizeof(rt)); 1800 rt.rt_gateway = (struct sockaddr *)&gateway; 1801 memcpy(&mask, &ia->ia_prefixmask, sizeof(ia->ia_prefixmask)); 1802 memcpy(&addr, &ia->ia_addr, sizeof(ia->ia_addr)); 1803 rt_mask(&rt) = (struct sockaddr *)&mask; 1804 rt_key(&rt) = (struct sockaddr *)&addr; 1805 rt.rt_flags = RTF_UP | RTF_HOST | RTF_STATIC; 1806 rt_newaddrmsg(RTM_ADD, &ia->ia_ifa, 0, &rt); 1807 } 1808 1809 return (error); 1810} 1811 1812/* 1813 * Find an IPv6 interface link-local address specific to an interface. 1814 * ifaddr is returned referenced. 1815 */ 1816struct in6_ifaddr * 1817in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags) 1818{ 1819 struct ifaddr *ifa; 1820 1821 IF_ADDR_LOCK(ifp); 1822 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1823 if (ifa->ifa_addr->sa_family != AF_INET6) 1824 continue; 1825 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) { 1826 if ((((struct in6_ifaddr *)ifa)->ia6_flags & 1827 ignoreflags) != 0) 1828 continue; 1829 ifa_ref(ifa); 1830 break; 1831 } 1832 } 1833 IF_ADDR_UNLOCK(ifp); 1834 1835 return ((struct in6_ifaddr *)ifa); 1836} 1837 1838 1839/* 1840 * find the internet address corresponding to a given interface and address. 1841 * ifaddr is returned referenced. 1842 */ 1843struct in6_ifaddr * 1844in6ifa_ifpwithaddr(struct ifnet *ifp, struct in6_addr *addr) 1845{ 1846 struct ifaddr *ifa; 1847 1848 IF_ADDR_LOCK(ifp); 1849 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1850 if (ifa->ifa_addr->sa_family != AF_INET6) 1851 continue; 1852 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) { 1853 ifa_ref(ifa); 1854 break; 1855 } 1856 } 1857 IF_ADDR_UNLOCK(ifp); 1858 1859 return ((struct in6_ifaddr *)ifa); 1860} 1861 1862/* 1863 * Convert IP6 address to printable (loggable) representation. Caller 1864 * has to make sure that ip6buf is at least INET6_ADDRSTRLEN long. 1865 */ 1866static char digits[] = "0123456789abcdef"; 1867char * 1868ip6_sprintf(char *ip6buf, const struct in6_addr *addr) 1869{ 1870 int i; 1871 char *cp; 1872 const u_int16_t *a = (const u_int16_t *)addr; 1873 const u_int8_t *d; 1874 int dcolon = 0, zero = 0; 1875 1876 cp = ip6buf; 1877 1878 for (i = 0; i < 8; i++) { 1879 if (dcolon == 1) { 1880 if (*a == 0) { 1881 if (i == 7) 1882 *cp++ = ':'; 1883 a++; 1884 continue; 1885 } else 1886 dcolon = 2; 1887 } 1888 if (*a == 0) { 1889 if (dcolon == 0 && *(a + 1) == 0) { 1890 if (i == 0) 1891 *cp++ = ':'; 1892 *cp++ = ':'; 1893 dcolon = 1; 1894 } else { 1895 *cp++ = '0'; 1896 *cp++ = ':'; 1897 } 1898 a++; 1899 continue; 1900 } 1901 d = (const u_char *)a; 1902 /* Try to eliminate leading zeros in printout like in :0001. */ 1903 zero = 1; 1904 *cp = digits[*d >> 4]; 1905 if (*cp != '0') { 1906 zero = 0; 1907 cp++; 1908 } 1909 *cp = digits[*d++ & 0xf]; 1910 if (zero == 0 || (*cp != '0')) { 1911 zero = 0; 1912 cp++; 1913 } 1914 *cp = digits[*d >> 4]; 1915 if (zero == 0 || (*cp != '0')) { 1916 zero = 0; 1917 cp++; 1918 } 1919 *cp++ = digits[*d & 0xf]; 1920 *cp++ = ':'; 1921 a++; 1922 } 1923 *--cp = '\0'; 1924 return (ip6buf); 1925} 1926 1927int 1928in6_localaddr(struct in6_addr *in6) 1929{ 1930 struct in6_ifaddr *ia; 1931 1932 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6)) 1933 return 1; 1934 1935 IN6_IFADDR_RLOCK(); 1936 TAILQ_FOREACH(ia, &V_in6_ifaddrhead, ia_link) { 1937 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr, 1938 &ia->ia_prefixmask.sin6_addr)) { 1939 IN6_IFADDR_RUNLOCK(); 1940 return 1; 1941 } 1942 } 1943 IN6_IFADDR_RUNLOCK(); 1944 1945 return (0); 1946} 1947 1948int 1949in6_is_addr_deprecated(struct sockaddr_in6 *sa6) 1950{ 1951 struct in6_ifaddr *ia; 1952 1953 IN6_IFADDR_RLOCK(); 1954 TAILQ_FOREACH(ia, &V_in6_ifaddrhead, ia_link) { 1955 if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, 1956 &sa6->sin6_addr) && 1957 (ia->ia6_flags & IN6_IFF_DEPRECATED) != 0) { 1958 IN6_IFADDR_RUNLOCK(); 1959 return (1); /* true */ 1960 } 1961 1962 /* XXX: do we still have to go thru the rest of the list? */ 1963 } 1964 IN6_IFADDR_RUNLOCK(); 1965 1966 return (0); /* false */ 1967} 1968 1969/* 1970 * return length of part which dst and src are equal 1971 * hard coding... 1972 */ 1973int 1974in6_matchlen(struct in6_addr *src, struct in6_addr *dst) 1975{ 1976 int match = 0; 1977 u_char *s = (u_char *)src, *d = (u_char *)dst; 1978 u_char *lim = s + 16, r; 1979 1980 while (s < lim) 1981 if ((r = (*d++ ^ *s++)) != 0) { 1982 while (r < 128) { 1983 match++; 1984 r <<= 1; 1985 } 1986 break; 1987 } else 1988 match += 8; 1989 return match; 1990} 1991 1992/* XXX: to be scope conscious */ 1993int 1994in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len) 1995{ 1996 int bytelen, bitlen; 1997 1998 /* sanity check */ 1999 if (0 > len || len > 128) { 2000 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n", 2001 len); 2002 return (0); 2003 } 2004 2005 bytelen = len / 8; 2006 bitlen = len % 8; 2007 2008 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen)) 2009 return (0); 2010 if (bitlen != 0 && 2011 p1->s6_addr[bytelen] >> (8 - bitlen) != 2012 p2->s6_addr[bytelen] >> (8 - bitlen)) 2013 return (0); 2014 2015 return (1); 2016} 2017 2018void 2019in6_prefixlen2mask(struct in6_addr *maskp, int len) 2020{ 2021 u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff}; 2022 int bytelen, bitlen, i; 2023 2024 /* sanity check */ 2025 if (0 > len || len > 128) { 2026 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n", 2027 len); 2028 return; 2029 } 2030 2031 bzero(maskp, sizeof(*maskp)); 2032 bytelen = len / 8; 2033 bitlen = len % 8; 2034 for (i = 0; i < bytelen; i++) 2035 maskp->s6_addr[i] = 0xff; 2036 if (bitlen) 2037 maskp->s6_addr[bytelen] = maskarray[bitlen - 1]; 2038} 2039 2040/* 2041 * return the best address out of the same scope. if no address was 2042 * found, return the first valid address from designated IF. 2043 */ 2044struct in6_ifaddr * 2045in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst) 2046{ 2047 int dst_scope = in6_addrscope(dst), blen = -1, tlen; 2048 struct ifaddr *ifa; 2049 struct in6_ifaddr *besta = 0; 2050 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */ 2051 2052 dep[0] = dep[1] = NULL; 2053 2054 /* 2055 * We first look for addresses in the same scope. 2056 * If there is one, return it. 2057 * If two or more, return one which matches the dst longest. 2058 * If none, return one of global addresses assigned other ifs. 2059 */ 2060 IF_ADDR_LOCK(ifp); 2061 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 2062 if (ifa->ifa_addr->sa_family != AF_INET6) 2063 continue; 2064 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2065 continue; /* XXX: is there any case to allow anycast? */ 2066 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2067 continue; /* don't use this interface */ 2068 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2069 continue; 2070 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2071 if (V_ip6_use_deprecated) 2072 dep[0] = (struct in6_ifaddr *)ifa; 2073 continue; 2074 } 2075 2076 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) { 2077 /* 2078 * call in6_matchlen() as few as possible 2079 */ 2080 if (besta) { 2081 if (blen == -1) 2082 blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst); 2083 tlen = in6_matchlen(IFA_IN6(ifa), dst); 2084 if (tlen > blen) { 2085 blen = tlen; 2086 besta = (struct in6_ifaddr *)ifa; 2087 } 2088 } else 2089 besta = (struct in6_ifaddr *)ifa; 2090 } 2091 } 2092 if (besta) { 2093 ifa_ref(&besta->ia_ifa); 2094 IF_ADDR_UNLOCK(ifp); 2095 return (besta); 2096 } 2097 IF_ADDR_UNLOCK(ifp); 2098 2099 IN6_IFADDR_RLOCK(); 2100 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 2101 if (ifa->ifa_addr->sa_family != AF_INET6) 2102 continue; 2103 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2104 continue; /* XXX: is there any case to allow anycast? */ 2105 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2106 continue; /* don't use this interface */ 2107 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2108 continue; 2109 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2110 if (V_ip6_use_deprecated) 2111 dep[1] = (struct in6_ifaddr *)ifa; 2112 continue; 2113 } 2114 2115 if (ifa != NULL) 2116 ifa_ref(ifa); 2117 IN6_IFADDR_RUNLOCK(); 2118 return (struct in6_ifaddr *)ifa; 2119 } 2120 IN6_IFADDR_RUNLOCK(); 2121 2122 /* use the last-resort values, that are, deprecated addresses */ 2123 if (dep[0]) 2124 return dep[0]; 2125 if (dep[1]) 2126 return dep[1]; 2127 2128 return NULL; 2129} 2130 2131/* 2132 * perform DAD when interface becomes IFF_UP. 2133 */ 2134void 2135in6_if_up(struct ifnet *ifp) 2136{ 2137 struct ifaddr *ifa; 2138 struct in6_ifaddr *ia; 2139 2140 IF_ADDR_LOCK(ifp); 2141 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 2142 if (ifa->ifa_addr->sa_family != AF_INET6) 2143 continue; 2144 ia = (struct in6_ifaddr *)ifa; 2145 if (ia->ia6_flags & IN6_IFF_TENTATIVE) { 2146 /* 2147 * The TENTATIVE flag was likely set by hand 2148 * beforehand, implicitly indicating the need for DAD. 2149 * We may be able to skip the random delay in this 2150 * case, but we impose delays just in case. 2151 */ 2152 nd6_dad_start(ifa, 2153 arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz)); 2154 } 2155 } 2156 IF_ADDR_UNLOCK(ifp); 2157 2158 /* 2159 * special cases, like 6to4, are handled in in6_ifattach 2160 */ 2161 in6_ifattach(ifp, NULL); 2162} 2163 2164int 2165in6if_do_dad(struct ifnet *ifp) 2166{ 2167 if ((ifp->if_flags & IFF_LOOPBACK) != 0) 2168 return (0); 2169 2170 if (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED) 2171 return (0); 2172 2173 switch (ifp->if_type) { 2174#ifdef IFT_DUMMY 2175 case IFT_DUMMY: 2176#endif 2177 case IFT_FAITH: 2178 /* 2179 * These interfaces do not have the IFF_LOOPBACK flag, 2180 * but loop packets back. We do not have to do DAD on such 2181 * interfaces. We should even omit it, because loop-backed 2182 * NS would confuse the DAD procedure. 2183 */ 2184 return (0); 2185 default: 2186 /* 2187 * Our DAD routine requires the interface up and running. 2188 * However, some interfaces can be up before the RUNNING 2189 * status. Additionaly, users may try to assign addresses 2190 * before the interface becomes up (or running). 2191 * We simply skip DAD in such a case as a work around. 2192 * XXX: we should rather mark "tentative" on such addresses, 2193 * and do DAD after the interface becomes ready. 2194 */ 2195 if (!((ifp->if_flags & IFF_UP) && 2196 (ifp->if_drv_flags & IFF_DRV_RUNNING))) 2197 return (0); 2198 2199 return (1); 2200 } 2201} 2202 2203/* 2204 * Calculate max IPv6 MTU through all the interfaces and store it 2205 * to in6_maxmtu. 2206 */ 2207void 2208in6_setmaxmtu(void) 2209{ 2210 unsigned long maxmtu = 0; 2211 struct ifnet *ifp; 2212 2213 IFNET_RLOCK_NOSLEEP(); 2214 for (ifp = TAILQ_FIRST(&V_ifnet); ifp; 2215 ifp = TAILQ_NEXT(ifp, if_list)) { 2216 /* this function can be called during ifnet initialization */ 2217 if (!ifp->if_afdata[AF_INET6]) 2218 continue; 2219 if ((ifp->if_flags & IFF_LOOPBACK) == 0 && 2220 IN6_LINKMTU(ifp) > maxmtu) 2221 maxmtu = IN6_LINKMTU(ifp); 2222 } 2223 IFNET_RUNLOCK_NOSLEEP(); 2224 if (maxmtu) /* update only when maxmtu is positive */ 2225 V_in6_maxmtu = maxmtu; 2226} 2227 2228/* 2229 * Provide the length of interface identifiers to be used for the link attached 2230 * to the given interface. The length should be defined in "IPv6 over 2231 * xxx-link" document. Note that address architecture might also define 2232 * the length for a particular set of address prefixes, regardless of the 2233 * link type. As clarified in rfc2462bis, those two definitions should be 2234 * consistent, and those really are as of August 2004. 2235 */ 2236int 2237in6_if2idlen(struct ifnet *ifp) 2238{ 2239 switch (ifp->if_type) { 2240 case IFT_ETHER: /* RFC2464 */ 2241#ifdef IFT_PROPVIRTUAL 2242 case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */ 2243#endif 2244#ifdef IFT_L2VLAN 2245 case IFT_L2VLAN: /* ditto */ 2246#endif 2247#ifdef IFT_IEEE80211 2248 case IFT_IEEE80211: /* ditto */ 2249#endif 2250#ifdef IFT_MIP 2251 case IFT_MIP: /* ditto */ 2252#endif 2253 return (64); 2254 case IFT_FDDI: /* RFC2467 */ 2255 return (64); 2256 case IFT_ISO88025: /* RFC2470 (IPv6 over Token Ring) */ 2257 return (64); 2258 case IFT_PPP: /* RFC2472 */ 2259 return (64); 2260 case IFT_ARCNET: /* RFC2497 */ 2261 return (64); 2262 case IFT_FRELAY: /* RFC2590 */ 2263 return (64); 2264 case IFT_IEEE1394: /* RFC3146 */ 2265 return (64); 2266 case IFT_GIF: 2267 return (64); /* draft-ietf-v6ops-mech-v2-07 */ 2268 case IFT_LOOP: 2269 return (64); /* XXX: is this really correct? */ 2270 default: 2271 /* 2272 * Unknown link type: 2273 * It might be controversial to use the today's common constant 2274 * of 64 for these cases unconditionally. For full compliance, 2275 * we should return an error in this case. On the other hand, 2276 * if we simply miss the standard for the link type or a new 2277 * standard is defined for a new link type, the IFID length 2278 * is very likely to be the common constant. As a compromise, 2279 * we always use the constant, but make an explicit notice 2280 * indicating the "unknown" case. 2281 */ 2282 printf("in6_if2idlen: unknown link type (%d)\n", ifp->if_type); 2283 return (64); 2284 } 2285} 2286 2287#include <sys/sysctl.h> 2288 2289struct in6_llentry { 2290 struct llentry base; 2291 struct sockaddr_in6 l3_addr6; 2292}; 2293 2294static struct llentry * 2295in6_lltable_new(const struct sockaddr *l3addr, u_int flags) 2296{ 2297 struct in6_llentry *lle; 2298 2299 lle = malloc(sizeof(struct in6_llentry), M_LLTABLE, 2300 M_DONTWAIT | M_ZERO); 2301 if (lle == NULL) /* NB: caller generates msg */ 2302 return NULL; 2303 2304 callout_init(&lle->base.ln_timer_ch, CALLOUT_MPSAFE); 2305 lle->l3_addr6 = *(const struct sockaddr_in6 *)l3addr; 2306 lle->base.lle_refcnt = 1; 2307 LLE_LOCK_INIT(&lle->base); 2308 return &lle->base; 2309} 2310 2311/* 2312 * Deletes an address from the address table. 2313 * This function is called by the timer functions 2314 * such as arptimer() and nd6_llinfo_timer(), and 2315 * the caller does the locking. 2316 */ 2317static void 2318in6_lltable_free(struct lltable *llt, struct llentry *lle) 2319{ 2320 LLE_WUNLOCK(lle); 2321 LLE_LOCK_DESTROY(lle); 2322 free(lle, M_LLTABLE); 2323} 2324 2325static void 2326in6_lltable_prefix_free(struct lltable *llt, 2327 const struct sockaddr *prefix, 2328 const struct sockaddr *mask) 2329{ 2330 const struct sockaddr_in6 *pfx = (const struct sockaddr_in6 *)prefix; 2331 const struct sockaddr_in6 *msk = (const struct sockaddr_in6 *)mask; 2332 struct llentry *lle, *next; 2333 register int i; 2334 2335 for (i=0; i < LLTBL_HASHTBL_SIZE; i++) { 2336 LIST_FOREACH_SAFE(lle, &llt->lle_head[i], lle_next, next) { 2337 if (IN6_ARE_MASKED_ADDR_EQUAL( 2338 &((struct sockaddr_in6 *)L3_ADDR(lle))->sin6_addr, 2339 &pfx->sin6_addr, 2340 &msk->sin6_addr)) { 2341 callout_drain(&lle->la_timer); 2342 LLE_WLOCK(lle); 2343 llentry_free(lle); 2344 } 2345 } 2346 } 2347} 2348 2349static int 2350in6_lltable_rtcheck(struct ifnet *ifp, const struct sockaddr *l3addr) 2351{ 2352 struct rtentry *rt; 2353 char ip6buf[INET6_ADDRSTRLEN]; 2354 2355 KASSERT(l3addr->sa_family == AF_INET6, 2356 ("sin_family %d", l3addr->sa_family)); 2357 2358 /* XXX rtalloc1 should take a const param */ 2359 rt = rtalloc1(__DECONST(struct sockaddr *, l3addr), 0, 0); 2360 if (rt == NULL || (rt->rt_flags & RTF_GATEWAY) || rt->rt_ifp != ifp) { 2361 struct ifaddr *ifa; 2362 /* 2363 * Create an ND6 cache for an IPv6 neighbor 2364 * that is not covered by our own prefix. 2365 */ 2366 /* XXX ifaof_ifpforaddr should take a const param */ 2367 ifa = ifaof_ifpforaddr(__DECONST(struct sockaddr *, l3addr), ifp); 2368 if (ifa != NULL) { 2369 ifa_free(ifa); 2370 if (rt != NULL) 2371 RTFREE_LOCKED(rt); 2372 return 0; 2373 } 2374 log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n", 2375 ip6_sprintf(ip6buf, &((const struct sockaddr_in6 *)l3addr)->sin6_addr)); 2376 if (rt != NULL) 2377 RTFREE_LOCKED(rt); 2378 return EINVAL; 2379 } 2380 RTFREE_LOCKED(rt); 2381 return 0; 2382} 2383 2384static struct llentry * 2385in6_lltable_lookup(struct lltable *llt, u_int flags, 2386 const struct sockaddr *l3addr) 2387{ 2388 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr; 2389 struct ifnet *ifp = llt->llt_ifp; 2390 struct llentry *lle; 2391 struct llentries *lleh; 2392 u_int hashkey; 2393 2394 IF_AFDATA_LOCK_ASSERT(ifp); 2395 KASSERT(l3addr->sa_family == AF_INET6, 2396 ("sin_family %d", l3addr->sa_family)); 2397 2398 hashkey = sin6->sin6_addr.s6_addr32[3]; 2399 lleh = &llt->lle_head[LLATBL_HASH(hashkey, LLTBL_HASHMASK)]; 2400 LIST_FOREACH(lle, lleh, lle_next) { 2401 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)L3_ADDR(lle); 2402 if (lle->la_flags & LLE_DELETED) 2403 continue; 2404 if (bcmp(&sa6->sin6_addr, &sin6->sin6_addr, 2405 sizeof(struct in6_addr)) == 0) 2406 break; 2407 } 2408 2409 if (lle == NULL) { 2410 if (!(flags & LLE_CREATE)) 2411 return (NULL); 2412 /* 2413 * A route that covers the given address must have 2414 * been installed 1st because we are doing a resolution, 2415 * verify this. 2416 */ 2417 if (!(flags & LLE_IFADDR) && 2418 in6_lltable_rtcheck(ifp, l3addr) != 0) 2419 return NULL; 2420 2421 lle = in6_lltable_new(l3addr, flags); 2422 if (lle == NULL) { 2423 log(LOG_INFO, "lla_lookup: new lle malloc failed\n"); 2424 return NULL; 2425 } 2426 lle->la_flags = flags & ~LLE_CREATE; 2427 if ((flags & (LLE_CREATE | LLE_IFADDR)) == (LLE_CREATE | LLE_IFADDR)) { 2428 bcopy(IF_LLADDR(ifp), &lle->ll_addr, ifp->if_addrlen); 2429 lle->la_flags |= (LLE_VALID | LLE_STATIC); 2430 } 2431 2432 lle->lle_tbl = llt; 2433 lle->lle_head = lleh; 2434 LIST_INSERT_HEAD(lleh, lle, lle_next); 2435 } else if (flags & LLE_DELETE) { 2436 if (!(lle->la_flags & LLE_IFADDR) || (flags & LLE_IFADDR)) { 2437 LLE_WLOCK(lle); 2438 lle->la_flags = LLE_DELETED; 2439 LLE_WUNLOCK(lle); 2440#ifdef DIAGNOSTIC 2441 log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle); 2442#endif 2443 } 2444 lle = (void *)-1; 2445 } 2446 if (LLE_IS_VALID(lle)) { 2447 if (flags & LLE_EXCLUSIVE) 2448 LLE_WLOCK(lle); 2449 else 2450 LLE_RLOCK(lle); 2451 } 2452 return (lle); 2453} 2454 2455static int 2456in6_lltable_dump(struct lltable *llt, struct sysctl_req *wr) 2457{ 2458 struct ifnet *ifp = llt->llt_ifp; 2459 struct llentry *lle; 2460 /* XXX stack use */ 2461 struct { 2462 struct rt_msghdr rtm; 2463 struct sockaddr_in6 sin6; 2464 /* 2465 * ndp.c assumes that sdl is word aligned 2466 */ 2467#ifdef __LP64__ 2468 uint32_t pad; 2469#endif 2470 struct sockaddr_dl sdl; 2471 } ndpc; 2472 int i, error; 2473 2474 if (ifp->if_flags & IFF_LOOPBACK) 2475 return 0; 2476 2477 LLTABLE_LOCK_ASSERT(); 2478 2479 error = 0; 2480 for (i = 0; i < LLTBL_HASHTBL_SIZE; i++) { 2481 LIST_FOREACH(lle, &llt->lle_head[i], lle_next) { 2482 struct sockaddr_dl *sdl; 2483 2484 /* skip deleted or invalid entries */ 2485 if ((lle->la_flags & (LLE_DELETED|LLE_VALID)) != LLE_VALID) 2486 continue; 2487 /* Skip if jailed and not a valid IP of the prison. */ 2488 if (prison_if(wr->td->td_ucred, L3_ADDR(lle)) != 0) 2489 continue; 2490 /* 2491 * produce a msg made of: 2492 * struct rt_msghdr; 2493 * struct sockaddr_in6 (IPv6) 2494 * struct sockaddr_dl; 2495 */ 2496 bzero(&ndpc, sizeof(ndpc)); 2497 ndpc.rtm.rtm_msglen = sizeof(ndpc); 2498 ndpc.rtm.rtm_version = RTM_VERSION; 2499 ndpc.rtm.rtm_type = RTM_GET; 2500 ndpc.rtm.rtm_flags = RTF_UP; 2501 ndpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY; 2502 ndpc.sin6.sin6_family = AF_INET6; 2503 ndpc.sin6.sin6_len = sizeof(ndpc.sin6); 2504 bcopy(L3_ADDR(lle), &ndpc.sin6, L3_ADDR_LEN(lle)); 2505 2506 /* publish */ 2507 if (lle->la_flags & LLE_PUB) 2508 ndpc.rtm.rtm_flags |= RTF_ANNOUNCE; 2509 2510 sdl = &ndpc.sdl; 2511 sdl->sdl_family = AF_LINK; 2512 sdl->sdl_len = sizeof(*sdl); 2513 sdl->sdl_alen = ifp->if_addrlen; 2514 sdl->sdl_index = ifp->if_index; 2515 sdl->sdl_type = ifp->if_type; 2516 bcopy(&lle->ll_addr, LLADDR(sdl), ifp->if_addrlen); 2517 ndpc.rtm.rtm_rmx.rmx_expire = 2518 lle->la_flags & LLE_STATIC ? 0 : lle->la_expire; 2519 ndpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA); 2520 if (lle->la_flags & LLE_STATIC) 2521 ndpc.rtm.rtm_flags |= RTF_STATIC; 2522 ndpc.rtm.rtm_index = ifp->if_index; 2523 error = SYSCTL_OUT(wr, &ndpc, sizeof(ndpc)); 2524 if (error) 2525 break; 2526 } 2527 } 2528 return error; 2529} 2530 2531void * 2532in6_domifattach(struct ifnet *ifp) 2533{ 2534 struct in6_ifextra *ext; 2535 2536 ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK); 2537 bzero(ext, sizeof(*ext)); 2538 2539 ext->in6_ifstat = (struct in6_ifstat *)malloc(sizeof(struct in6_ifstat), 2540 M_IFADDR, M_WAITOK); 2541 bzero(ext->in6_ifstat, sizeof(*ext->in6_ifstat)); 2542 2543 ext->icmp6_ifstat = 2544 (struct icmp6_ifstat *)malloc(sizeof(struct icmp6_ifstat), 2545 M_IFADDR, M_WAITOK); 2546 bzero(ext->icmp6_ifstat, sizeof(*ext->icmp6_ifstat)); 2547 2548 ext->nd_ifinfo = nd6_ifattach(ifp); 2549 ext->scope6_id = scope6_ifattach(ifp); 2550 ext->lltable = lltable_init(ifp, AF_INET6); 2551 if (ext->lltable != NULL) { 2552 ext->lltable->llt_new = in6_lltable_new; 2553 ext->lltable->llt_free = in6_lltable_free; 2554 ext->lltable->llt_prefix_free = in6_lltable_prefix_free; 2555 ext->lltable->llt_rtcheck = in6_lltable_rtcheck; 2556 ext->lltable->llt_lookup = in6_lltable_lookup; 2557 ext->lltable->llt_dump = in6_lltable_dump; 2558 } 2559 2560 ext->mld_ifinfo = mld_domifattach(ifp); 2561 2562 return ext; 2563} 2564 2565void 2566in6_domifdetach(struct ifnet *ifp, void *aux) 2567{ 2568 struct in6_ifextra *ext = (struct in6_ifextra *)aux; 2569 2570 mld_domifdetach(ifp); 2571 scope6_ifdetach(ext->scope6_id); 2572 nd6_ifdetach(ext->nd_ifinfo); 2573 lltable_free(ext->lltable); 2574 free(ext->in6_ifstat, M_IFADDR); 2575 free(ext->icmp6_ifstat, M_IFADDR); 2576 free(ext, M_IFADDR); 2577} 2578 2579/* 2580 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be 2581 * v4 mapped addr or v4 compat addr 2582 */ 2583void 2584in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2585{ 2586 2587 bzero(sin, sizeof(*sin)); 2588 sin->sin_len = sizeof(struct sockaddr_in); 2589 sin->sin_family = AF_INET; 2590 sin->sin_port = sin6->sin6_port; 2591 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3]; 2592} 2593 2594/* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */ 2595void 2596in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2597{ 2598 bzero(sin6, sizeof(*sin6)); 2599 sin6->sin6_len = sizeof(struct sockaddr_in6); 2600 sin6->sin6_family = AF_INET6; 2601 sin6->sin6_port = sin->sin_port; 2602 sin6->sin6_addr.s6_addr32[0] = 0; 2603 sin6->sin6_addr.s6_addr32[1] = 0; 2604 sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP; 2605 sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr; 2606} 2607 2608/* Convert sockaddr_in6 into sockaddr_in. */ 2609void 2610in6_sin6_2_sin_in_sock(struct sockaddr *nam) 2611{ 2612 struct sockaddr_in *sin_p; 2613 struct sockaddr_in6 sin6; 2614 2615 /* 2616 * Save original sockaddr_in6 addr and convert it 2617 * to sockaddr_in. 2618 */ 2619 sin6 = *(struct sockaddr_in6 *)nam; 2620 sin_p = (struct sockaddr_in *)nam; 2621 in6_sin6_2_sin(sin_p, &sin6); 2622} 2623 2624/* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */ 2625void 2626in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam) 2627{ 2628 struct sockaddr_in *sin_p; 2629 struct sockaddr_in6 *sin6_p; 2630 2631 sin6_p = malloc(sizeof *sin6_p, M_SONAME, 2632 M_WAITOK); 2633 sin_p = (struct sockaddr_in *)*nam; 2634 in6_sin_2_v4mapsin6(sin_p, sin6_p); 2635 free(*nam, M_SONAME); 2636 *nam = (struct sockaddr *)sin6_p; 2637} 2638