in6_src.c revision 186141
1/*- 2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the project nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * $KAME: in6_src.c,v 1.132 2003/08/26 04:42:27 keiichi Exp $ 30 */ 31 32/*- 33 * Copyright (c) 1982, 1986, 1991, 1993 34 * The Regents of the University of California. All rights reserved. 35 * 36 * Redistribution and use in source and binary forms, with or without 37 * modification, are permitted provided that the following conditions 38 * are met: 39 * 1. Redistributions of source code must retain the above copyright 40 * notice, this list of conditions and the following disclaimer. 41 * 2. Redistributions in binary form must reproduce the above copyright 42 * notice, this list of conditions and the following disclaimer in the 43 * documentation and/or other materials provided with the distribution. 44 * 4. Neither the name of the University nor the names of its contributors 45 * may be used to endorse or promote products derived from this software 46 * without specific prior written permission. 47 * 48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 58 * SUCH DAMAGE. 59 * 60 * @(#)in_pcb.c 8.2 (Berkeley) 1/4/94 61 */ 62 63#include <sys/cdefs.h> 64__FBSDID("$FreeBSD: head/sys/netinet6/in6_src.c 186141 2008-12-15 21:50:54Z bz $"); 65 66#include "opt_inet.h" 67#include "opt_inet6.h" 68#include "opt_mpath.h" 69 70#include <sys/param.h> 71#include <sys/systm.h> 72#include <sys/lock.h> 73#include <sys/malloc.h> 74#include <sys/mbuf.h> 75#include <sys/priv.h> 76#include <sys/protosw.h> 77#include <sys/socket.h> 78#include <sys/socketvar.h> 79#include <sys/sockio.h> 80#include <sys/sysctl.h> 81#include <sys/errno.h> 82#include <sys/time.h> 83#include <sys/jail.h> 84#include <sys/kernel.h> 85#include <sys/sx.h> 86#include <sys/vimage.h> 87 88#include <net/if.h> 89#include <net/route.h> 90#include <net/if_llatbl.h> 91#ifdef RADIX_MPATH 92#include <net/radix_mpath.h> 93#endif 94 95#include <netinet/in.h> 96#include <netinet/in_var.h> 97#include <netinet/in_systm.h> 98#include <netinet/ip.h> 99#include <netinet/in_pcb.h> 100#include <netinet/ip_var.h> 101#include <netinet/udp.h> 102#include <netinet/udp_var.h> 103#include <netinet/vinet.h> 104 105#include <netinet6/in6_var.h> 106#include <netinet/ip6.h> 107#include <netinet6/in6_pcb.h> 108#include <netinet6/ip6_var.h> 109#include <netinet6/scope6_var.h> 110#include <netinet6/nd6.h> 111#include <netinet6/vinet6.h> 112 113static struct mtx addrsel_lock; 114#define ADDRSEL_LOCK_INIT() mtx_init(&addrsel_lock, "addrsel_lock", NULL, MTX_DEF) 115#define ADDRSEL_LOCK() mtx_lock(&addrsel_lock) 116#define ADDRSEL_UNLOCK() mtx_unlock(&addrsel_lock) 117#define ADDRSEL_LOCK_ASSERT() mtx_assert(&addrsel_lock, MA_OWNED) 118 119static struct sx addrsel_sxlock; 120#define ADDRSEL_SXLOCK_INIT() sx_init(&addrsel_sxlock, "addrsel_sxlock") 121#define ADDRSEL_SLOCK() sx_slock(&addrsel_sxlock) 122#define ADDRSEL_SUNLOCK() sx_sunlock(&addrsel_sxlock) 123#define ADDRSEL_XLOCK() sx_xlock(&addrsel_sxlock) 124#define ADDRSEL_XUNLOCK() sx_xunlock(&addrsel_sxlock) 125 126#define ADDR_LABEL_NOTAPP (-1) 127 128#ifdef VIMAGE_GLOBALS 129struct in6_addrpolicy defaultaddrpolicy; 130int ip6_prefer_tempaddr; 131#endif 132 133static int selectroute __P((struct sockaddr_in6 *, struct ip6_pktopts *, 134 struct ip6_moptions *, struct route_in6 *, struct ifnet **, 135 struct rtentry **, int)); 136static int in6_selectif __P((struct sockaddr_in6 *, struct ip6_pktopts *, 137 struct ip6_moptions *, struct route_in6 *ro, struct ifnet **)); 138 139static struct in6_addrpolicy *lookup_addrsel_policy(struct sockaddr_in6 *); 140 141static void init_policy_queue(void); 142static int add_addrsel_policyent(struct in6_addrpolicy *); 143static int delete_addrsel_policyent(struct in6_addrpolicy *); 144static int walk_addrsel_policy __P((int (*)(struct in6_addrpolicy *, void *), 145 void *)); 146static int dump_addrsel_policyent(struct in6_addrpolicy *, void *); 147static struct in6_addrpolicy *match_addrsel_policy(struct sockaddr_in6 *); 148 149/* 150 * Return an IPv6 address, which is the most appropriate for a given 151 * destination and user specified options. 152 * If necessary, this function lookups the routing table and returns 153 * an entry to the caller for later use. 154 */ 155#define REPLACE(r) do {\ 156 if ((r) < sizeof(V_ip6stat.ip6s_sources_rule) / \ 157 sizeof(V_ip6stat.ip6s_sources_rule[0])) /* check for safety */ \ 158 V_ip6stat.ip6s_sources_rule[(r)]++; \ 159 /* { \ 160 char ip6buf[INET6_ADDRSTRLEN], ip6b[INET6_ADDRSTRLEN]; \ 161 printf("in6_selectsrc: replace %s with %s by %d\n", ia_best ? ip6_sprintf(ip6buf, &ia_best->ia_addr.sin6_addr) : "none", ip6_sprintf(ip6b, &ia->ia_addr.sin6_addr), (r)); \ 162 } */ \ 163 goto replace; \ 164} while(0) 165#define NEXT(r) do {\ 166 if ((r) < sizeof(V_ip6stat.ip6s_sources_rule) / \ 167 sizeof(V_ip6stat.ip6s_sources_rule[0])) /* check for safety */ \ 168 V_ip6stat.ip6s_sources_rule[(r)]++; \ 169 /* { \ 170 char ip6buf[INET6_ADDRSTRLEN], ip6b[INET6_ADDRSTRLEN]; \ 171 printf("in6_selectsrc: keep %s against %s by %d\n", ia_best ? ip6_sprintf(ip6buf, &ia_best->ia_addr.sin6_addr) : "none", ip6_sprintf(ip6b, &ia->ia_addr.sin6_addr), (r)); \ 172 } */ \ 173 goto next; /* XXX: we can't use 'continue' here */ \ 174} while(0) 175#define BREAK(r) do { \ 176 if ((r) < sizeof(V_ip6stat.ip6s_sources_rule) / \ 177 sizeof(V_ip6stat.ip6s_sources_rule[0])) /* check for safety */ \ 178 V_ip6stat.ip6s_sources_rule[(r)]++; \ 179 goto out; /* XXX: we can't use 'break' here */ \ 180} while(0) 181 182struct in6_addr * 183in6_selectsrc(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts, 184 struct inpcb *inp, struct route_in6 *ro, struct ucred *cred, 185 struct ifnet **ifpp, int *errorp) 186{ 187 INIT_VNET_INET6(curvnet); 188 struct in6_addr dst; 189 struct ifnet *ifp = NULL; 190 struct in6_ifaddr *ia = NULL, *ia_best = NULL; 191 struct in6_pktinfo *pi = NULL; 192 int dst_scope = -1, best_scope = -1, best_matchlen = -1; 193 struct in6_addrpolicy *dst_policy = NULL, *best_policy = NULL; 194 u_int32_t odstzone; 195 int prefer_tempaddr; 196 struct ip6_moptions *mopts; 197 198 dst = dstsock->sin6_addr; /* make a copy for local operation */ 199 *errorp = 0; 200 if (ifpp) 201 *ifpp = NULL; 202 203 if (inp != NULL) { 204 INP_LOCK_ASSERT(inp); 205 mopts = inp->in6p_moptions; 206 } else { 207 mopts = NULL; 208 } 209 210 /* 211 * If the source address is explicitly specified by the caller, 212 * check if the requested source address is indeed a unicast address 213 * assigned to the node, and can be used as the packet's source 214 * address. If everything is okay, use the address as source. 215 */ 216 if (opts && (pi = opts->ip6po_pktinfo) && 217 !IN6_IS_ADDR_UNSPECIFIED(&pi->ipi6_addr)) { 218 struct sockaddr_in6 srcsock; 219 struct in6_ifaddr *ia6; 220 221 /* get the outgoing interface */ 222 if ((*errorp = in6_selectif(dstsock, opts, mopts, ro, &ifp)) 223 != 0) { 224 return (NULL); 225 } 226 227 /* 228 * determine the appropriate zone id of the source based on 229 * the zone of the destination and the outgoing interface. 230 * If the specified address is ambiguous wrt the scope zone, 231 * the interface must be specified; otherwise, ifa_ifwithaddr() 232 * will fail matching the address. 233 */ 234 bzero(&srcsock, sizeof(srcsock)); 235 srcsock.sin6_family = AF_INET6; 236 srcsock.sin6_len = sizeof(srcsock); 237 srcsock.sin6_addr = pi->ipi6_addr; 238 if (ifp) { 239 *errorp = in6_setscope(&srcsock.sin6_addr, ifp, NULL); 240 if (*errorp != 0) 241 return (NULL); 242 } 243 if (cred != NULL && prison_local_ip6(cred, &srcsock.sin6_addr, 244 (inp != NULL && (inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)) != 0) { 245 *errorp = EADDRNOTAVAIL; 246 return (NULL); 247 } 248 249 ia6 = (struct in6_ifaddr *)ifa_ifwithaddr((struct sockaddr *)(&srcsock)); 250 if (ia6 == NULL || 251 (ia6->ia6_flags & (IN6_IFF_ANYCAST | IN6_IFF_NOTREADY))) { 252 *errorp = EADDRNOTAVAIL; 253 return (NULL); 254 } 255 pi->ipi6_addr = srcsock.sin6_addr; /* XXX: this overrides pi */ 256 if (ifpp) 257 *ifpp = ifp; 258 return (&ia6->ia_addr.sin6_addr); 259 } 260 261 /* 262 * Otherwise, if the socket has already bound the source, just use it. 263 */ 264 if (inp != NULL && !IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { 265 if (cred != NULL && prison_local_ip6(cred, &inp->in6p_laddr, 266 ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)) != 0) { 267 *errorp = EADDRNOTAVAIL; 268 return (NULL); 269 } 270 return (&inp->in6p_laddr); 271 } 272 273 /* 274 * If the address is not specified, choose the best one based on 275 * the outgoing interface and the destination address. 276 */ 277 /* get the outgoing interface */ 278 if ((*errorp = in6_selectif(dstsock, opts, mopts, ro, &ifp)) != 0) 279 return (NULL); 280 281#ifdef DIAGNOSTIC 282 if (ifp == NULL) /* this should not happen */ 283 panic("in6_selectsrc: NULL ifp"); 284#endif 285 *errorp = in6_setscope(&dst, ifp, &odstzone); 286 if (*errorp != 0) 287 return (NULL); 288 289 for (ia = V_in6_ifaddr; ia; ia = ia->ia_next) { 290 int new_scope = -1, new_matchlen = -1; 291 struct in6_addrpolicy *new_policy = NULL; 292 u_int32_t srczone, osrczone, dstzone; 293 struct in6_addr src; 294 struct ifnet *ifp1 = ia->ia_ifp; 295 296 /* 297 * We'll never take an address that breaks the scope zone 298 * of the destination. We also skip an address if its zone 299 * does not contain the outgoing interface. 300 * XXX: we should probably use sin6_scope_id here. 301 */ 302 if (in6_setscope(&dst, ifp1, &dstzone) || 303 odstzone != dstzone) { 304 continue; 305 } 306 src = ia->ia_addr.sin6_addr; 307 if (in6_setscope(&src, ifp, &osrczone) || 308 in6_setscope(&src, ifp1, &srczone) || 309 osrczone != srczone) { 310 continue; 311 } 312 313 /* avoid unusable addresses */ 314 if ((ia->ia6_flags & 315 (IN6_IFF_NOTREADY | IN6_IFF_ANYCAST | IN6_IFF_DETACHED))) { 316 continue; 317 } 318 if (!V_ip6_use_deprecated && IFA6_IS_DEPRECATED(ia)) 319 continue; 320 321 if (cred != NULL && 322 prison_local_ip6(cred, &ia->ia_addr.sin6_addr, 323 (inp != NULL && 324 (inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)) != 0) 325 continue; 326 327 /* Rule 1: Prefer same address */ 328 if (IN6_ARE_ADDR_EQUAL(&dst, &ia->ia_addr.sin6_addr)) { 329 ia_best = ia; 330 BREAK(1); /* there should be no better candidate */ 331 } 332 333 if (ia_best == NULL) 334 REPLACE(0); 335 336 /* Rule 2: Prefer appropriate scope */ 337 if (dst_scope < 0) 338 dst_scope = in6_addrscope(&dst); 339 new_scope = in6_addrscope(&ia->ia_addr.sin6_addr); 340 if (IN6_ARE_SCOPE_CMP(best_scope, new_scope) < 0) { 341 if (IN6_ARE_SCOPE_CMP(best_scope, dst_scope) < 0) 342 REPLACE(2); 343 NEXT(2); 344 } else if (IN6_ARE_SCOPE_CMP(new_scope, best_scope) < 0) { 345 if (IN6_ARE_SCOPE_CMP(new_scope, dst_scope) < 0) 346 NEXT(2); 347 REPLACE(2); 348 } 349 350 /* 351 * Rule 3: Avoid deprecated addresses. Note that the case of 352 * !ip6_use_deprecated is already rejected above. 353 */ 354 if (!IFA6_IS_DEPRECATED(ia_best) && IFA6_IS_DEPRECATED(ia)) 355 NEXT(3); 356 if (IFA6_IS_DEPRECATED(ia_best) && !IFA6_IS_DEPRECATED(ia)) 357 REPLACE(3); 358 359 /* Rule 4: Prefer home addresses */ 360 /* 361 * XXX: This is a TODO. We should probably merge the MIP6 362 * case above. 363 */ 364 365 /* Rule 5: Prefer outgoing interface */ 366 if (ia_best->ia_ifp == ifp && ia->ia_ifp != ifp) 367 NEXT(5); 368 if (ia_best->ia_ifp != ifp && ia->ia_ifp == ifp) 369 REPLACE(5); 370 371 /* 372 * Rule 6: Prefer matching label 373 * Note that best_policy should be non-NULL here. 374 */ 375 if (dst_policy == NULL) 376 dst_policy = lookup_addrsel_policy(dstsock); 377 if (dst_policy->label != ADDR_LABEL_NOTAPP) { 378 new_policy = lookup_addrsel_policy(&ia->ia_addr); 379 if (dst_policy->label == best_policy->label && 380 dst_policy->label != new_policy->label) 381 NEXT(6); 382 if (dst_policy->label != best_policy->label && 383 dst_policy->label == new_policy->label) 384 REPLACE(6); 385 } 386 387 /* 388 * Rule 7: Prefer public addresses. 389 * We allow users to reverse the logic by configuring 390 * a sysctl variable, so that privacy conscious users can 391 * always prefer temporary addresses. 392 */ 393 if (opts == NULL || 394 opts->ip6po_prefer_tempaddr == IP6PO_TEMPADDR_SYSTEM) { 395 prefer_tempaddr = V_ip6_prefer_tempaddr; 396 } else if (opts->ip6po_prefer_tempaddr == 397 IP6PO_TEMPADDR_NOTPREFER) { 398 prefer_tempaddr = 0; 399 } else 400 prefer_tempaddr = 1; 401 if (!(ia_best->ia6_flags & IN6_IFF_TEMPORARY) && 402 (ia->ia6_flags & IN6_IFF_TEMPORARY)) { 403 if (prefer_tempaddr) 404 REPLACE(7); 405 else 406 NEXT(7); 407 } 408 if ((ia_best->ia6_flags & IN6_IFF_TEMPORARY) && 409 !(ia->ia6_flags & IN6_IFF_TEMPORARY)) { 410 if (prefer_tempaddr) 411 NEXT(7); 412 else 413 REPLACE(7); 414 } 415 416 /* 417 * Rule 8: prefer addresses on alive interfaces. 418 * This is a KAME specific rule. 419 */ 420 if ((ia_best->ia_ifp->if_flags & IFF_UP) && 421 !(ia->ia_ifp->if_flags & IFF_UP)) 422 NEXT(8); 423 if (!(ia_best->ia_ifp->if_flags & IFF_UP) && 424 (ia->ia_ifp->if_flags & IFF_UP)) 425 REPLACE(8); 426 427 /* 428 * Rule 14: Use longest matching prefix. 429 * Note: in the address selection draft, this rule is 430 * documented as "Rule 8". However, since it is also 431 * documented that this rule can be overridden, we assign 432 * a large number so that it is easy to assign smaller numbers 433 * to more preferred rules. 434 */ 435 new_matchlen = in6_matchlen(&ia->ia_addr.sin6_addr, &dst); 436 if (best_matchlen < new_matchlen) 437 REPLACE(14); 438 if (new_matchlen < best_matchlen) 439 NEXT(14); 440 441 /* Rule 15 is reserved. */ 442 443 /* 444 * Last resort: just keep the current candidate. 445 * Or, do we need more rules? 446 */ 447 continue; 448 449 replace: 450 ia_best = ia; 451 best_scope = (new_scope >= 0 ? new_scope : 452 in6_addrscope(&ia_best->ia_addr.sin6_addr)); 453 best_policy = (new_policy ? new_policy : 454 lookup_addrsel_policy(&ia_best->ia_addr)); 455 best_matchlen = (new_matchlen >= 0 ? new_matchlen : 456 in6_matchlen(&ia_best->ia_addr.sin6_addr, 457 &dst)); 458 459 next: 460 continue; 461 462 out: 463 break; 464 } 465 466 if ((ia = ia_best) == NULL) { 467 *errorp = EADDRNOTAVAIL; 468 return (NULL); 469 } 470 471 if (ifpp) 472 *ifpp = ifp; 473 474 return (&ia->ia_addr.sin6_addr); 475} 476 477/* 478 * clone - meaningful only for bsdi and freebsd 479 */ 480static int 481selectroute(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts, 482 struct ip6_moptions *mopts, struct route_in6 *ro, 483 struct ifnet **retifp, struct rtentry **retrt, int norouteok) 484{ 485 INIT_VNET_INET6(curvnet); 486 int error = 0; 487 struct ifnet *ifp = NULL; 488 struct rtentry *rt = NULL; 489 struct sockaddr_in6 *sin6_next; 490 struct in6_pktinfo *pi = NULL; 491 struct in6_addr *dst = &dstsock->sin6_addr; 492#if 0 493 char ip6buf[INET6_ADDRSTRLEN]; 494 495 if (dstsock->sin6_addr.s6_addr32[0] == 0 && 496 dstsock->sin6_addr.s6_addr32[1] == 0 && 497 !IN6_IS_ADDR_LOOPBACK(&dstsock->sin6_addr)) { 498 printf("in6_selectroute: strange destination %s\n", 499 ip6_sprintf(ip6buf, &dstsock->sin6_addr)); 500 } else { 501 printf("in6_selectroute: destination = %s%%%d\n", 502 ip6_sprintf(ip6buf, &dstsock->sin6_addr), 503 dstsock->sin6_scope_id); /* for debug */ 504 } 505#endif 506 507 /* If the caller specify the outgoing interface explicitly, use it. */ 508 if (opts && (pi = opts->ip6po_pktinfo) != NULL && pi->ipi6_ifindex) { 509 /* XXX boundary check is assumed to be already done. */ 510 ifp = ifnet_byindex(pi->ipi6_ifindex); 511 if (ifp != NULL && 512 (norouteok || retrt == NULL || 513 IN6_IS_ADDR_MULTICAST(dst))) { 514 /* 515 * we do not have to check or get the route for 516 * multicast. 517 */ 518 goto done; 519 } else 520 goto getroute; 521 } 522 523 /* 524 * If the destination address is a multicast address and the outgoing 525 * interface for the address is specified by the caller, use it. 526 */ 527 if (IN6_IS_ADDR_MULTICAST(dst) && 528 mopts != NULL && (ifp = mopts->im6o_multicast_ifp) != NULL) { 529 goto done; /* we do not need a route for multicast. */ 530 } 531 532 getroute: 533 /* 534 * If the next hop address for the packet is specified by the caller, 535 * use it as the gateway. 536 */ 537 if (opts && opts->ip6po_nexthop) { 538 struct route_in6 *ron; 539 struct llentry *la; 540 541 sin6_next = satosin6(opts->ip6po_nexthop); 542 543 /* at this moment, we only support AF_INET6 next hops */ 544 if (sin6_next->sin6_family != AF_INET6) { 545 error = EAFNOSUPPORT; /* or should we proceed? */ 546 goto done; 547 } 548 549 /* 550 * If the next hop is an IPv6 address, then the node identified 551 * by that address must be a neighbor of the sending host. 552 */ 553 ron = &opts->ip6po_nextroute; 554 /* 555 * XXX what do we do here? 556 * PLZ to be fixing 557 */ 558 559 560 if (ron->ro_rt == NULL) { 561 rtalloc((struct route *)ron); /* multi path case? */ 562 if (ron->ro_rt == NULL) { 563 if (ron->ro_rt) { 564 RTFREE(ron->ro_rt); 565 ron->ro_rt = NULL; 566 } 567 error = EHOSTUNREACH; 568 goto done; 569 } 570 } 571 572 rt = ron->ro_rt; 573 ifp = rt->rt_ifp; 574 IF_AFDATA_LOCK(ifp); 575 la = lla_lookup(LLTABLE6(ifp), 0, (struct sockaddr *)&sin6_next->sin6_addr); 576 IF_AFDATA_UNLOCK(ifp); 577 if (la) 578 LLE_RUNLOCK(la); 579 else { 580 error = EHOSTUNREACH; 581 goto done; 582 } 583#if 0 584 if ((ron->ro_rt && 585 (ron->ro_rt->rt_flags & (RTF_UP | RTF_LLINFO)) != 586 (RTF_UP | RTF_LLINFO)) || 587 !IN6_ARE_ADDR_EQUAL(&satosin6(&ron->ro_dst)->sin6_addr, 588 &sin6_next->sin6_addr)) { 589 if (ron->ro_rt) { 590 RTFREE(ron->ro_rt); 591 ron->ro_rt = NULL; 592 } 593 *satosin6(&ron->ro_dst) = *sin6_next; 594 } 595 if (ron->ro_rt == NULL) { 596 rtalloc((struct route *)ron); /* multi path case? */ 597 if (ron->ro_rt == NULL || 598 !(ron->ro_rt->rt_flags & RTF_LLINFO)) { 599 if (ron->ro_rt) { 600 RTFREE(ron->ro_rt); 601 ron->ro_rt = NULL; 602 } 603 error = EHOSTUNREACH; 604 goto done; 605 } 606 } 607#endif 608 609 /* 610 * When cloning is required, try to allocate a route to the 611 * destination so that the caller can store path MTU 612 * information. 613 */ 614 goto done; 615 } 616 617 /* 618 * Use a cached route if it exists and is valid, else try to allocate 619 * a new one. Note that we should check the address family of the 620 * cached destination, in case of sharing the cache with IPv4. 621 */ 622 if (ro) { 623 if (ro->ro_rt && 624 (!(ro->ro_rt->rt_flags & RTF_UP) || 625 ((struct sockaddr *)(&ro->ro_dst))->sa_family != AF_INET6 || 626 !IN6_ARE_ADDR_EQUAL(&satosin6(&ro->ro_dst)->sin6_addr, 627 dst))) { 628 RTFREE(ro->ro_rt); 629 ro->ro_rt = (struct rtentry *)NULL; 630 } 631 if (ro->ro_rt == (struct rtentry *)NULL) { 632 struct sockaddr_in6 *sa6; 633 634 /* No route yet, so try to acquire one */ 635 bzero(&ro->ro_dst, sizeof(struct sockaddr_in6)); 636 sa6 = (struct sockaddr_in6 *)&ro->ro_dst; 637 *sa6 = *dstsock; 638 sa6->sin6_scope_id = 0; 639 640#ifdef RADIX_MPATH 641 rtalloc_mpath((struct route *)ro, 642 ntohl(sa6->sin6_addr.s6_addr32[3])); 643#else 644 ro->ro_rt = rtalloc1(&((struct route *)ro) 645 ->ro_dst, 0, 0UL); 646 if (ro->ro_rt) 647 RT_UNLOCK(ro->ro_rt); 648#endif 649 } 650 651 /* 652 * do not care about the result if we have the nexthop 653 * explicitly specified. 654 */ 655 if (opts && opts->ip6po_nexthop) 656 goto done; 657 658 if (ro->ro_rt) { 659 ifp = ro->ro_rt->rt_ifp; 660 661 if (ifp == NULL) { /* can this really happen? */ 662 RTFREE(ro->ro_rt); 663 ro->ro_rt = NULL; 664 } 665 } 666 if (ro->ro_rt == NULL) 667 error = EHOSTUNREACH; 668 rt = ro->ro_rt; 669 670 /* 671 * Check if the outgoing interface conflicts with 672 * the interface specified by ipi6_ifindex (if specified). 673 * Note that loopback interface is always okay. 674 * (this may happen when we are sending a packet to one of 675 * our own addresses.) 676 */ 677 if (ifp && opts && opts->ip6po_pktinfo && 678 opts->ip6po_pktinfo->ipi6_ifindex) { 679 if (!(ifp->if_flags & IFF_LOOPBACK) && 680 ifp->if_index != 681 opts->ip6po_pktinfo->ipi6_ifindex) { 682 error = EHOSTUNREACH; 683 goto done; 684 } 685 } 686 } 687 688 done: 689 if (ifp == NULL && rt == NULL) { 690 /* 691 * This can happen if the caller did not pass a cached route 692 * nor any other hints. We treat this case an error. 693 */ 694 error = EHOSTUNREACH; 695 } 696 if (error == EHOSTUNREACH) 697 V_ip6stat.ip6s_noroute++; 698 699 if (retifp != NULL) 700 *retifp = ifp; 701 if (retrt != NULL) 702 *retrt = rt; /* rt may be NULL */ 703 704 return (error); 705} 706 707static int 708in6_selectif(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts, 709 struct ip6_moptions *mopts, struct route_in6 *ro, struct ifnet **retifp) 710{ 711 int error; 712 struct route_in6 sro; 713 struct rtentry *rt = NULL; 714 715 if (ro == NULL) { 716 bzero(&sro, sizeof(sro)); 717 ro = &sro; 718 } 719 720 if ((error = selectroute(dstsock, opts, mopts, ro, retifp, 721 &rt, 1)) != 0) { 722 if (ro == &sro && rt && rt == sro.ro_rt) 723 RTFREE(rt); 724 return (error); 725 } 726 727 /* 728 * do not use a rejected or black hole route. 729 * XXX: this check should be done in the L2 output routine. 730 * However, if we skipped this check here, we'd see the following 731 * scenario: 732 * - install a rejected route for a scoped address prefix 733 * (like fe80::/10) 734 * - send a packet to a destination that matches the scoped prefix, 735 * with ambiguity about the scope zone. 736 * - pick the outgoing interface from the route, and disambiguate the 737 * scope zone with the interface. 738 * - ip6_output() would try to get another route with the "new" 739 * destination, which may be valid. 740 * - we'd see no error on output. 741 * Although this may not be very harmful, it should still be confusing. 742 * We thus reject the case here. 743 */ 744 if (rt && (rt->rt_flags & (RTF_REJECT | RTF_BLACKHOLE))) { 745 int flags = (rt->rt_flags & RTF_HOST ? EHOSTUNREACH : ENETUNREACH); 746 747 if (ro == &sro && rt && rt == sro.ro_rt) 748 RTFREE(rt); 749 return (flags); 750 } 751 752 /* 753 * Adjust the "outgoing" interface. If we're going to loop the packet 754 * back to ourselves, the ifp would be the loopback interface. 755 * However, we'd rather know the interface associated to the 756 * destination address (which should probably be one of our own 757 * addresses.) 758 */ 759 if (rt && rt->rt_ifa && rt->rt_ifa->ifa_ifp) 760 *retifp = rt->rt_ifa->ifa_ifp; 761 762 if (ro == &sro && rt && rt == sro.ro_rt) 763 RTFREE(rt); 764 return (0); 765} 766 767/* 768 * clone - meaningful only for bsdi and freebsd 769 */ 770int 771in6_selectroute(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts, 772 struct ip6_moptions *mopts, struct route_in6 *ro, 773 struct ifnet **retifp, struct rtentry **retrt) 774{ 775 776 return (selectroute(dstsock, opts, mopts, ro, retifp, 777 retrt, 0)); 778} 779 780/* 781 * Default hop limit selection. The precedence is as follows: 782 * 1. Hoplimit value specified via ioctl. 783 * 2. (If the outgoing interface is detected) the current 784 * hop limit of the interface specified by router advertisement. 785 * 3. The system default hoplimit. 786 */ 787int 788in6_selecthlim(struct inpcb *in6p, struct ifnet *ifp) 789{ 790 INIT_VNET_INET6(curvnet); 791 792 if (in6p && in6p->in6p_hops >= 0) 793 return (in6p->in6p_hops); 794 else if (ifp) 795 return (ND_IFINFO(ifp)->chlim); 796 else if (in6p && !IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) { 797 struct route_in6 ro6; 798 struct ifnet *lifp; 799 800 bzero(&ro6, sizeof(ro6)); 801 ro6.ro_dst.sin6_family = AF_INET6; 802 ro6.ro_dst.sin6_len = sizeof(struct sockaddr_in6); 803 ro6.ro_dst.sin6_addr = in6p->in6p_faddr; 804 rtalloc((struct route *)&ro6); 805 if (ro6.ro_rt) { 806 lifp = ro6.ro_rt->rt_ifp; 807 RTFREE(ro6.ro_rt); 808 if (lifp) 809 return (ND_IFINFO(lifp)->chlim); 810 } else 811 return (V_ip6_defhlim); 812 } 813 return (V_ip6_defhlim); 814} 815 816/* 817 * XXX: this is borrowed from in6_pcbbind(). If possible, we should 818 * share this function by all *bsd*... 819 */ 820int 821in6_pcbsetport(struct in6_addr *laddr, struct inpcb *inp, struct ucred *cred) 822{ 823 INIT_VNET_INET(curvnet); 824 struct socket *so = inp->inp_socket; 825 u_int16_t lport = 0, first, last, *lastport; 826 int count, error = 0, wild = 0, dorandom; 827 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 828 829 INP_INFO_WLOCK_ASSERT(pcbinfo); 830 INP_WLOCK_ASSERT(inp); 831 832 if (prison_local_ip6(cred, laddr, 833 ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)) != 0) 834 return(EINVAL); 835 836 /* XXX: this is redundant when called from in6_pcbbind */ 837 if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0) 838 wild = INPLOOKUP_WILDCARD; 839 840 inp->inp_flags |= INP_ANONPORT; 841 842 if (inp->inp_flags & INP_HIGHPORT) { 843 first = V_ipport_hifirstauto; /* sysctl */ 844 last = V_ipport_hilastauto; 845 lastport = &pcbinfo->ipi_lasthi; 846 } else if (inp->inp_flags & INP_LOWPORT) { 847 error = priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT, 0); 848 if (error) 849 return error; 850 first = V_ipport_lowfirstauto; /* 1023 */ 851 last = V_ipport_lowlastauto; /* 600 */ 852 lastport = &pcbinfo->ipi_lastlow; 853 } else { 854 first = V_ipport_firstauto; /* sysctl */ 855 last = V_ipport_lastauto; 856 lastport = &pcbinfo->ipi_lastport; 857 } 858 859 /* 860 * For UDP, use random port allocation as long as the user 861 * allows it. For TCP (and as of yet unknown) connections, 862 * use random port allocation only if the user allows it AND 863 * ipport_tick() allows it. 864 */ 865 if (V_ipport_randomized && 866 (!V_ipport_stoprandom || pcbinfo == &V_udbinfo)) 867 dorandom = 1; 868 else 869 dorandom = 0; 870 /* 871 * It makes no sense to do random port allocation if 872 * we have the only port available. 873 */ 874 if (first == last) 875 dorandom = 0; 876 /* Make sure to not include UDP packets in the count. */ 877 if (pcbinfo != &V_udbinfo) 878 V_ipport_tcpallocs++; 879 880 /* 881 * Instead of having two loops further down counting up or down 882 * make sure that first is always <= last and go with only one 883 * code path implementing all logic. 884 */ 885 if (first > last) { 886 u_int16_t aux; 887 888 aux = first; 889 first = last; 890 last = aux; 891 } 892 893 if (dorandom) 894 *lastport = first + (arc4random() % (last - first)); 895 896 count = last - first; 897 898 do { 899 if (count-- < 0) { /* completely used? */ 900 /* Undo an address bind that may have occurred. */ 901 inp->in6p_laddr = in6addr_any; 902 return (EADDRNOTAVAIL); 903 } 904 ++*lastport; 905 if (*lastport < first || *lastport > last) 906 *lastport = first; 907 lport = htons(*lastport); 908 } while (in6_pcblookup_local(pcbinfo, &inp->in6p_laddr, 909 lport, wild, cred)); 910 911 inp->inp_lport = lport; 912 if (in_pcbinshash(inp) != 0) { 913 inp->in6p_laddr = in6addr_any; 914 inp->inp_lport = 0; 915 return (EAGAIN); 916 } 917 918 return (0); 919} 920 921void 922addrsel_policy_init(void) 923{ 924 ADDRSEL_LOCK_INIT(); 925 ADDRSEL_SXLOCK_INIT(); 926 INIT_VNET_INET6(curvnet); 927 928 V_ip6_prefer_tempaddr = 0; 929 930 init_policy_queue(); 931 932 /* initialize the "last resort" policy */ 933 bzero(&V_defaultaddrpolicy, sizeof(V_defaultaddrpolicy)); 934 V_defaultaddrpolicy.label = ADDR_LABEL_NOTAPP; 935} 936 937static struct in6_addrpolicy * 938lookup_addrsel_policy(struct sockaddr_in6 *key) 939{ 940 INIT_VNET_INET6(curvnet); 941 struct in6_addrpolicy *match = NULL; 942 943 ADDRSEL_LOCK(); 944 match = match_addrsel_policy(key); 945 946 if (match == NULL) 947 match = &V_defaultaddrpolicy; 948 else 949 match->use++; 950 ADDRSEL_UNLOCK(); 951 952 return (match); 953} 954 955/* 956 * Subroutines to manage the address selection policy table via sysctl. 957 */ 958struct walkarg { 959 struct sysctl_req *w_req; 960}; 961 962static int in6_src_sysctl(SYSCTL_HANDLER_ARGS); 963SYSCTL_DECL(_net_inet6_ip6); 964SYSCTL_NODE(_net_inet6_ip6, IPV6CTL_ADDRCTLPOLICY, addrctlpolicy, 965 CTLFLAG_RD, in6_src_sysctl, ""); 966 967static int 968in6_src_sysctl(SYSCTL_HANDLER_ARGS) 969{ 970 struct walkarg w; 971 972 if (req->newptr) 973 return EPERM; 974 975 bzero(&w, sizeof(w)); 976 w.w_req = req; 977 978 return (walk_addrsel_policy(dump_addrsel_policyent, &w)); 979} 980 981int 982in6_src_ioctl(u_long cmd, caddr_t data) 983{ 984 int i; 985 struct in6_addrpolicy ent0; 986 987 if (cmd != SIOCAADDRCTL_POLICY && cmd != SIOCDADDRCTL_POLICY) 988 return (EOPNOTSUPP); /* check for safety */ 989 990 ent0 = *(struct in6_addrpolicy *)data; 991 992 if (ent0.label == ADDR_LABEL_NOTAPP) 993 return (EINVAL); 994 /* check if the prefix mask is consecutive. */ 995 if (in6_mask2len(&ent0.addrmask.sin6_addr, NULL) < 0) 996 return (EINVAL); 997 /* clear trailing garbages (if any) of the prefix address. */ 998 for (i = 0; i < 4; i++) { 999 ent0.addr.sin6_addr.s6_addr32[i] &= 1000 ent0.addrmask.sin6_addr.s6_addr32[i]; 1001 } 1002 ent0.use = 0; 1003 1004 switch (cmd) { 1005 case SIOCAADDRCTL_POLICY: 1006 return (add_addrsel_policyent(&ent0)); 1007 case SIOCDADDRCTL_POLICY: 1008 return (delete_addrsel_policyent(&ent0)); 1009 } 1010 1011 return (0); /* XXX: compromise compilers */ 1012} 1013 1014/* 1015 * The followings are implementation of the policy table using a 1016 * simple tail queue. 1017 * XXX such details should be hidden. 1018 * XXX implementation using binary tree should be more efficient. 1019 */ 1020struct addrsel_policyent { 1021 TAILQ_ENTRY(addrsel_policyent) ape_entry; 1022 struct in6_addrpolicy ape_policy; 1023}; 1024 1025TAILQ_HEAD(addrsel_policyhead, addrsel_policyent); 1026 1027#ifdef VIMAGE_GLOBALS 1028struct addrsel_policyhead addrsel_policytab; 1029#endif 1030 1031static void 1032init_policy_queue(void) 1033{ 1034 INIT_VNET_INET6(curvnet); 1035 1036 TAILQ_INIT(&V_addrsel_policytab); 1037} 1038 1039static int 1040add_addrsel_policyent(struct in6_addrpolicy *newpolicy) 1041{ 1042 INIT_VNET_INET6(curvnet); 1043 struct addrsel_policyent *new, *pol; 1044 1045 new = malloc(sizeof(*new), M_IFADDR, 1046 M_WAITOK); 1047 ADDRSEL_XLOCK(); 1048 ADDRSEL_LOCK(); 1049 1050 /* duplication check */ 1051 TAILQ_FOREACH(pol, &V_addrsel_policytab, ape_entry) { 1052 if (IN6_ARE_ADDR_EQUAL(&newpolicy->addr.sin6_addr, 1053 &pol->ape_policy.addr.sin6_addr) && 1054 IN6_ARE_ADDR_EQUAL(&newpolicy->addrmask.sin6_addr, 1055 &pol->ape_policy.addrmask.sin6_addr)) { 1056 ADDRSEL_UNLOCK(); 1057 ADDRSEL_XUNLOCK(); 1058 free(new, M_IFADDR); 1059 return (EEXIST); /* or override it? */ 1060 } 1061 } 1062 1063 bzero(new, sizeof(*new)); 1064 1065 /* XXX: should validate entry */ 1066 new->ape_policy = *newpolicy; 1067 1068 TAILQ_INSERT_TAIL(&V_addrsel_policytab, new, ape_entry); 1069 ADDRSEL_UNLOCK(); 1070 ADDRSEL_XUNLOCK(); 1071 1072 return (0); 1073} 1074 1075static int 1076delete_addrsel_policyent(struct in6_addrpolicy *key) 1077{ 1078 INIT_VNET_INET6(curvnet); 1079 struct addrsel_policyent *pol; 1080 1081 ADDRSEL_XLOCK(); 1082 ADDRSEL_LOCK(); 1083 1084 /* search for the entry in the table */ 1085 TAILQ_FOREACH(pol, &V_addrsel_policytab, ape_entry) { 1086 if (IN6_ARE_ADDR_EQUAL(&key->addr.sin6_addr, 1087 &pol->ape_policy.addr.sin6_addr) && 1088 IN6_ARE_ADDR_EQUAL(&key->addrmask.sin6_addr, 1089 &pol->ape_policy.addrmask.sin6_addr)) { 1090 break; 1091 } 1092 } 1093 if (pol == NULL) { 1094 ADDRSEL_UNLOCK(); 1095 ADDRSEL_XUNLOCK(); 1096 return (ESRCH); 1097 } 1098 1099 TAILQ_REMOVE(&V_addrsel_policytab, pol, ape_entry); 1100 ADDRSEL_UNLOCK(); 1101 ADDRSEL_XUNLOCK(); 1102 1103 return (0); 1104} 1105 1106static int 1107walk_addrsel_policy(int (*callback)(struct in6_addrpolicy *, void *), 1108 void *w) 1109{ 1110 INIT_VNET_INET6(curvnet); 1111 struct addrsel_policyent *pol; 1112 int error = 0; 1113 1114 ADDRSEL_SLOCK(); 1115 TAILQ_FOREACH(pol, &V_addrsel_policytab, ape_entry) { 1116 if ((error = (*callback)(&pol->ape_policy, w)) != 0) { 1117 ADDRSEL_SUNLOCK(); 1118 return (error); 1119 } 1120 } 1121 ADDRSEL_SUNLOCK(); 1122 return (error); 1123} 1124 1125static int 1126dump_addrsel_policyent(struct in6_addrpolicy *pol, void *arg) 1127{ 1128 int error = 0; 1129 struct walkarg *w = arg; 1130 1131 error = SYSCTL_OUT(w->w_req, pol, sizeof(*pol)); 1132 1133 return (error); 1134} 1135 1136static struct in6_addrpolicy * 1137match_addrsel_policy(struct sockaddr_in6 *key) 1138{ 1139 INIT_VNET_INET6(curvnet); 1140 struct addrsel_policyent *pent; 1141 struct in6_addrpolicy *bestpol = NULL, *pol; 1142 int matchlen, bestmatchlen = -1; 1143 u_char *mp, *ep, *k, *p, m; 1144 1145 TAILQ_FOREACH(pent, &V_addrsel_policytab, ape_entry) { 1146 matchlen = 0; 1147 1148 pol = &pent->ape_policy; 1149 mp = (u_char *)&pol->addrmask.sin6_addr; 1150 ep = mp + 16; /* XXX: scope field? */ 1151 k = (u_char *)&key->sin6_addr; 1152 p = (u_char *)&pol->addr.sin6_addr; 1153 for (; mp < ep && *mp; mp++, k++, p++) { 1154 m = *mp; 1155 if ((*k & m) != *p) 1156 goto next; /* not match */ 1157 if (m == 0xff) /* short cut for a typical case */ 1158 matchlen += 8; 1159 else { 1160 while (m >= 0x80) { 1161 matchlen++; 1162 m <<= 1; 1163 } 1164 } 1165 } 1166 1167 /* matched. check if this is better than the current best. */ 1168 if (bestpol == NULL || 1169 matchlen > bestmatchlen) { 1170 bestpol = pol; 1171 bestmatchlen = matchlen; 1172 } 1173 1174 next: 1175 continue; 1176 } 1177 1178 return (bestpol); 1179} 1180