in6_src.c revision 195699
1/*- 2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the project nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * $KAME: in6_src.c,v 1.132 2003/08/26 04:42:27 keiichi Exp $ 30 */ 31 32/*- 33 * Copyright (c) 1982, 1986, 1991, 1993 34 * The Regents of the University of California. All rights reserved. 35 * 36 * Redistribution and use in source and binary forms, with or without 37 * modification, are permitted provided that the following conditions 38 * are met: 39 * 1. Redistributions of source code must retain the above copyright 40 * notice, this list of conditions and the following disclaimer. 41 * 2. Redistributions in binary form must reproduce the above copyright 42 * notice, this list of conditions and the following disclaimer in the 43 * documentation and/or other materials provided with the distribution. 44 * 4. Neither the name of the University nor the names of its contributors 45 * may be used to endorse or promote products derived from this software 46 * without specific prior written permission. 47 * 48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 58 * SUCH DAMAGE. 59 * 60 * @(#)in_pcb.c 8.2 (Berkeley) 1/4/94 61 */ 62 63#include <sys/cdefs.h> 64__FBSDID("$FreeBSD: head/sys/netinet6/in6_src.c 195699 2009-07-14 22:48:30Z rwatson $"); 65 66#include "opt_inet.h" 67#include "opt_inet6.h" 68#include "opt_mpath.h" 69 70#include <sys/param.h> 71#include <sys/systm.h> 72#include <sys/lock.h> 73#include <sys/malloc.h> 74#include <sys/mbuf.h> 75#include <sys/priv.h> 76#include <sys/protosw.h> 77#include <sys/socket.h> 78#include <sys/socketvar.h> 79#include <sys/sockio.h> 80#include <sys/sysctl.h> 81#include <sys/errno.h> 82#include <sys/time.h> 83#include <sys/jail.h> 84#include <sys/kernel.h> 85#include <sys/sx.h> 86#include <sys/vimage.h> 87 88#include <net/if.h> 89#include <net/route.h> 90#include <net/if_llatbl.h> 91#ifdef RADIX_MPATH 92#include <net/radix_mpath.h> 93#endif 94 95#include <netinet/in.h> 96#include <netinet/in_var.h> 97#include <netinet/in_systm.h> 98#include <netinet/ip.h> 99#include <netinet/in_pcb.h> 100#include <netinet/ip_var.h> 101#include <netinet/udp.h> 102#include <netinet/udp_var.h> 103 104#include <netinet6/in6_var.h> 105#include <netinet/ip6.h> 106#include <netinet6/in6_pcb.h> 107#include <netinet6/ip6_var.h> 108#include <netinet6/scope6_var.h> 109#include <netinet6/nd6.h> 110 111static struct mtx addrsel_lock; 112#define ADDRSEL_LOCK_INIT() mtx_init(&addrsel_lock, "addrsel_lock", NULL, MTX_DEF) 113#define ADDRSEL_LOCK() mtx_lock(&addrsel_lock) 114#define ADDRSEL_UNLOCK() mtx_unlock(&addrsel_lock) 115#define ADDRSEL_LOCK_ASSERT() mtx_assert(&addrsel_lock, MA_OWNED) 116 117static struct sx addrsel_sxlock; 118#define ADDRSEL_SXLOCK_INIT() sx_init(&addrsel_sxlock, "addrsel_sxlock") 119#define ADDRSEL_SLOCK() sx_slock(&addrsel_sxlock) 120#define ADDRSEL_SUNLOCK() sx_sunlock(&addrsel_sxlock) 121#define ADDRSEL_XLOCK() sx_xlock(&addrsel_sxlock) 122#define ADDRSEL_XUNLOCK() sx_xunlock(&addrsel_sxlock) 123 124#define ADDR_LABEL_NOTAPP (-1) 125 126static VNET_DEFINE(struct in6_addrpolicy, defaultaddrpolicy); 127VNET_DEFINE(int, ip6_prefer_tempaddr); 128 129#define V_defaultaddrpolicy VNET_GET(defaultaddrpolicy) 130 131static int selectroute __P((struct sockaddr_in6 *, struct ip6_pktopts *, 132 struct ip6_moptions *, struct route_in6 *, struct ifnet **, 133 struct rtentry **, int)); 134static int in6_selectif __P((struct sockaddr_in6 *, struct ip6_pktopts *, 135 struct ip6_moptions *, struct route_in6 *ro, struct ifnet **)); 136 137static struct in6_addrpolicy *lookup_addrsel_policy(struct sockaddr_in6 *); 138 139static void init_policy_queue(void); 140static int add_addrsel_policyent(struct in6_addrpolicy *); 141static int delete_addrsel_policyent(struct in6_addrpolicy *); 142static int walk_addrsel_policy __P((int (*)(struct in6_addrpolicy *, void *), 143 void *)); 144static int dump_addrsel_policyent(struct in6_addrpolicy *, void *); 145static struct in6_addrpolicy *match_addrsel_policy(struct sockaddr_in6 *); 146 147/* 148 * Return an IPv6 address, which is the most appropriate for a given 149 * destination and user specified options. 150 * If necessary, this function lookups the routing table and returns 151 * an entry to the caller for later use. 152 */ 153#define REPLACE(r) do {\ 154 if ((r) < sizeof(V_ip6stat.ip6s_sources_rule) / \ 155 sizeof(V_ip6stat.ip6s_sources_rule[0])) /* check for safety */ \ 156 V_ip6stat.ip6s_sources_rule[(r)]++; \ 157 /* { \ 158 char ip6buf[INET6_ADDRSTRLEN], ip6b[INET6_ADDRSTRLEN]; \ 159 printf("in6_selectsrc: replace %s with %s by %d\n", ia_best ? ip6_sprintf(ip6buf, &ia_best->ia_addr.sin6_addr) : "none", ip6_sprintf(ip6b, &ia->ia_addr.sin6_addr), (r)); \ 160 } */ \ 161 goto replace; \ 162} while(0) 163#define NEXT(r) do {\ 164 if ((r) < sizeof(V_ip6stat.ip6s_sources_rule) / \ 165 sizeof(V_ip6stat.ip6s_sources_rule[0])) /* check for safety */ \ 166 V_ip6stat.ip6s_sources_rule[(r)]++; \ 167 /* { \ 168 char ip6buf[INET6_ADDRSTRLEN], ip6b[INET6_ADDRSTRLEN]; \ 169 printf("in6_selectsrc: keep %s against %s by %d\n", ia_best ? ip6_sprintf(ip6buf, &ia_best->ia_addr.sin6_addr) : "none", ip6_sprintf(ip6b, &ia->ia_addr.sin6_addr), (r)); \ 170 } */ \ 171 goto next; /* XXX: we can't use 'continue' here */ \ 172} while(0) 173#define BREAK(r) do { \ 174 if ((r) < sizeof(V_ip6stat.ip6s_sources_rule) / \ 175 sizeof(V_ip6stat.ip6s_sources_rule[0])) /* check for safety */ \ 176 V_ip6stat.ip6s_sources_rule[(r)]++; \ 177 goto out; /* XXX: we can't use 'break' here */ \ 178} while(0) 179 180int 181in6_selectsrc(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts, 182 struct inpcb *inp, struct route_in6 *ro, struct ucred *cred, 183 struct ifnet **ifpp, struct in6_addr *srcp) 184{ 185 struct in6_addr dst; 186 struct ifnet *ifp = NULL; 187 struct in6_ifaddr *ia = NULL, *ia_best = NULL; 188 struct in6_pktinfo *pi = NULL; 189 int dst_scope = -1, best_scope = -1, best_matchlen = -1; 190 struct in6_addrpolicy *dst_policy = NULL, *best_policy = NULL; 191 u_int32_t odstzone; 192 int prefer_tempaddr; 193 int error; 194 struct ip6_moptions *mopts; 195 196 KASSERT(srcp != NULL, ("%s: srcp is NULL", __func__)); 197 198 dst = dstsock->sin6_addr; /* make a copy for local operation */ 199 if (ifpp) 200 *ifpp = NULL; 201 202 if (inp != NULL) { 203 INP_LOCK_ASSERT(inp); 204 mopts = inp->in6p_moptions; 205 } else { 206 mopts = NULL; 207 } 208 209 /* 210 * If the source address is explicitly specified by the caller, 211 * check if the requested source address is indeed a unicast address 212 * assigned to the node, and can be used as the packet's source 213 * address. If everything is okay, use the address as source. 214 */ 215 if (opts && (pi = opts->ip6po_pktinfo) && 216 !IN6_IS_ADDR_UNSPECIFIED(&pi->ipi6_addr)) { 217 struct sockaddr_in6 srcsock; 218 struct in6_ifaddr *ia6; 219 220 /* get the outgoing interface */ 221 if ((error = in6_selectif(dstsock, opts, mopts, ro, &ifp)) != 0) 222 return (error); 223 224 /* 225 * determine the appropriate zone id of the source based on 226 * the zone of the destination and the outgoing interface. 227 * If the specified address is ambiguous wrt the scope zone, 228 * the interface must be specified; otherwise, ifa_ifwithaddr() 229 * will fail matching the address. 230 */ 231 bzero(&srcsock, sizeof(srcsock)); 232 srcsock.sin6_family = AF_INET6; 233 srcsock.sin6_len = sizeof(srcsock); 234 srcsock.sin6_addr = pi->ipi6_addr; 235 if (ifp) { 236 error = in6_setscope(&srcsock.sin6_addr, ifp, NULL); 237 if (error) 238 return (error); 239 } 240 if (cred != NULL && (error = prison_local_ip6(cred, 241 &srcsock.sin6_addr, (inp != NULL && 242 (inp->inp_flags & IN6P_IPV6_V6ONLY) != 0))) != 0) 243 return (error); 244 245 ia6 = (struct in6_ifaddr *)ifa_ifwithaddr( 246 (struct sockaddr *)&srcsock); 247 if (ia6 == NULL || 248 (ia6->ia6_flags & (IN6_IFF_ANYCAST | IN6_IFF_NOTREADY))) { 249 if (ia6 != NULL) 250 ifa_free(&ia6->ia_ifa); 251 return (EADDRNOTAVAIL); 252 } 253 pi->ipi6_addr = srcsock.sin6_addr; /* XXX: this overrides pi */ 254 if (ifpp) 255 *ifpp = ifp; 256 bcopy(&ia6->ia_addr.sin6_addr, srcp, sizeof(*srcp)); 257 ifa_free(&ia6->ia_ifa); 258 return (0); 259 } 260 261 /* 262 * Otherwise, if the socket has already bound the source, just use it. 263 */ 264 if (inp != NULL && !IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { 265 if (cred != NULL && 266 (error = prison_local_ip6(cred, &inp->in6p_laddr, 267 ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0))) != 0) 268 return (error); 269 bcopy(&inp->in6p_laddr, srcp, sizeof(*srcp)); 270 return (0); 271 } 272 273 /* 274 * If the address is not specified, choose the best one based on 275 * the outgoing interface and the destination address. 276 */ 277 /* get the outgoing interface */ 278 if ((error = in6_selectif(dstsock, opts, mopts, ro, &ifp)) != 0) 279 return (error); 280 281#ifdef DIAGNOSTIC 282 if (ifp == NULL) /* this should not happen */ 283 panic("in6_selectsrc: NULL ifp"); 284#endif 285 error = in6_setscope(&dst, ifp, &odstzone); 286 if (error) 287 return (error); 288 289 IN6_IFADDR_RLOCK(); 290 TAILQ_FOREACH(ia, &V_in6_ifaddrhead, ia_link) { 291 int new_scope = -1, new_matchlen = -1; 292 struct in6_addrpolicy *new_policy = NULL; 293 u_int32_t srczone, osrczone, dstzone; 294 struct in6_addr src; 295 struct ifnet *ifp1 = ia->ia_ifp; 296 297 /* 298 * We'll never take an address that breaks the scope zone 299 * of the destination. We also skip an address if its zone 300 * does not contain the outgoing interface. 301 * XXX: we should probably use sin6_scope_id here. 302 */ 303 if (in6_setscope(&dst, ifp1, &dstzone) || 304 odstzone != dstzone) { 305 continue; 306 } 307 src = ia->ia_addr.sin6_addr; 308 if (in6_setscope(&src, ifp, &osrczone) || 309 in6_setscope(&src, ifp1, &srczone) || 310 osrczone != srczone) { 311 continue; 312 } 313 314 /* avoid unusable addresses */ 315 if ((ia->ia6_flags & 316 (IN6_IFF_NOTREADY | IN6_IFF_ANYCAST | IN6_IFF_DETACHED))) { 317 continue; 318 } 319 if (!V_ip6_use_deprecated && IFA6_IS_DEPRECATED(ia)) 320 continue; 321 322 if (cred != NULL && 323 prison_local_ip6(cred, &ia->ia_addr.sin6_addr, 324 (inp != NULL && 325 (inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)) != 0) 326 continue; 327 328 /* Rule 1: Prefer same address */ 329 if (IN6_ARE_ADDR_EQUAL(&dst, &ia->ia_addr.sin6_addr)) { 330 ia_best = ia; 331 BREAK(1); /* there should be no better candidate */ 332 } 333 334 if (ia_best == NULL) 335 REPLACE(0); 336 337 /* Rule 2: Prefer appropriate scope */ 338 if (dst_scope < 0) 339 dst_scope = in6_addrscope(&dst); 340 new_scope = in6_addrscope(&ia->ia_addr.sin6_addr); 341 if (IN6_ARE_SCOPE_CMP(best_scope, new_scope) < 0) { 342 if (IN6_ARE_SCOPE_CMP(best_scope, dst_scope) < 0) 343 REPLACE(2); 344 NEXT(2); 345 } else if (IN6_ARE_SCOPE_CMP(new_scope, best_scope) < 0) { 346 if (IN6_ARE_SCOPE_CMP(new_scope, dst_scope) < 0) 347 NEXT(2); 348 REPLACE(2); 349 } 350 351 /* 352 * Rule 3: Avoid deprecated addresses. Note that the case of 353 * !ip6_use_deprecated is already rejected above. 354 */ 355 if (!IFA6_IS_DEPRECATED(ia_best) && IFA6_IS_DEPRECATED(ia)) 356 NEXT(3); 357 if (IFA6_IS_DEPRECATED(ia_best) && !IFA6_IS_DEPRECATED(ia)) 358 REPLACE(3); 359 360 /* Rule 4: Prefer home addresses */ 361 /* 362 * XXX: This is a TODO. We should probably merge the MIP6 363 * case above. 364 */ 365 366 /* Rule 5: Prefer outgoing interface */ 367 if (ia_best->ia_ifp == ifp && ia->ia_ifp != ifp) 368 NEXT(5); 369 if (ia_best->ia_ifp != ifp && ia->ia_ifp == ifp) 370 REPLACE(5); 371 372 /* 373 * Rule 6: Prefer matching label 374 * Note that best_policy should be non-NULL here. 375 */ 376 if (dst_policy == NULL) 377 dst_policy = lookup_addrsel_policy(dstsock); 378 if (dst_policy->label != ADDR_LABEL_NOTAPP) { 379 new_policy = lookup_addrsel_policy(&ia->ia_addr); 380 if (dst_policy->label == best_policy->label && 381 dst_policy->label != new_policy->label) 382 NEXT(6); 383 if (dst_policy->label != best_policy->label && 384 dst_policy->label == new_policy->label) 385 REPLACE(6); 386 } 387 388 /* 389 * Rule 7: Prefer public addresses. 390 * We allow users to reverse the logic by configuring 391 * a sysctl variable, so that privacy conscious users can 392 * always prefer temporary addresses. 393 */ 394 if (opts == NULL || 395 opts->ip6po_prefer_tempaddr == IP6PO_TEMPADDR_SYSTEM) { 396 prefer_tempaddr = V_ip6_prefer_tempaddr; 397 } else if (opts->ip6po_prefer_tempaddr == 398 IP6PO_TEMPADDR_NOTPREFER) { 399 prefer_tempaddr = 0; 400 } else 401 prefer_tempaddr = 1; 402 if (!(ia_best->ia6_flags & IN6_IFF_TEMPORARY) && 403 (ia->ia6_flags & IN6_IFF_TEMPORARY)) { 404 if (prefer_tempaddr) 405 REPLACE(7); 406 else 407 NEXT(7); 408 } 409 if ((ia_best->ia6_flags & IN6_IFF_TEMPORARY) && 410 !(ia->ia6_flags & IN6_IFF_TEMPORARY)) { 411 if (prefer_tempaddr) 412 NEXT(7); 413 else 414 REPLACE(7); 415 } 416 417 /* 418 * Rule 8: prefer addresses on alive interfaces. 419 * This is a KAME specific rule. 420 */ 421 if ((ia_best->ia_ifp->if_flags & IFF_UP) && 422 !(ia->ia_ifp->if_flags & IFF_UP)) 423 NEXT(8); 424 if (!(ia_best->ia_ifp->if_flags & IFF_UP) && 425 (ia->ia_ifp->if_flags & IFF_UP)) 426 REPLACE(8); 427 428 /* 429 * Rule 14: Use longest matching prefix. 430 * Note: in the address selection draft, this rule is 431 * documented as "Rule 8". However, since it is also 432 * documented that this rule can be overridden, we assign 433 * a large number so that it is easy to assign smaller numbers 434 * to more preferred rules. 435 */ 436 new_matchlen = in6_matchlen(&ia->ia_addr.sin6_addr, &dst); 437 if (best_matchlen < new_matchlen) 438 REPLACE(14); 439 if (new_matchlen < best_matchlen) 440 NEXT(14); 441 442 /* Rule 15 is reserved. */ 443 444 /* 445 * Last resort: just keep the current candidate. 446 * Or, do we need more rules? 447 */ 448 continue; 449 450 replace: 451 ia_best = ia; 452 best_scope = (new_scope >= 0 ? new_scope : 453 in6_addrscope(&ia_best->ia_addr.sin6_addr)); 454 best_policy = (new_policy ? new_policy : 455 lookup_addrsel_policy(&ia_best->ia_addr)); 456 best_matchlen = (new_matchlen >= 0 ? new_matchlen : 457 in6_matchlen(&ia_best->ia_addr.sin6_addr, 458 &dst)); 459 460 next: 461 continue; 462 463 out: 464 break; 465 } 466 467 if ((ia = ia_best) == NULL) { 468 IN6_IFADDR_RUNLOCK(); 469 return (EADDRNOTAVAIL); 470 } 471 472 if (ifpp) 473 *ifpp = ifp; 474 475 bcopy(&ia->ia_addr.sin6_addr, srcp, sizeof(*srcp)); 476 IN6_IFADDR_RUNLOCK(); 477 return (0); 478} 479 480/* 481 * clone - meaningful only for bsdi and freebsd 482 */ 483static int 484selectroute(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts, 485 struct ip6_moptions *mopts, struct route_in6 *ro, 486 struct ifnet **retifp, struct rtentry **retrt, int norouteok) 487{ 488 int error = 0; 489 struct ifnet *ifp = NULL; 490 struct rtentry *rt = NULL; 491 struct sockaddr_in6 *sin6_next; 492 struct in6_pktinfo *pi = NULL; 493 struct in6_addr *dst = &dstsock->sin6_addr; 494#if 0 495 char ip6buf[INET6_ADDRSTRLEN]; 496 497 if (dstsock->sin6_addr.s6_addr32[0] == 0 && 498 dstsock->sin6_addr.s6_addr32[1] == 0 && 499 !IN6_IS_ADDR_LOOPBACK(&dstsock->sin6_addr)) { 500 printf("in6_selectroute: strange destination %s\n", 501 ip6_sprintf(ip6buf, &dstsock->sin6_addr)); 502 } else { 503 printf("in6_selectroute: destination = %s%%%d\n", 504 ip6_sprintf(ip6buf, &dstsock->sin6_addr), 505 dstsock->sin6_scope_id); /* for debug */ 506 } 507#endif 508 509 /* If the caller specify the outgoing interface explicitly, use it. */ 510 if (opts && (pi = opts->ip6po_pktinfo) != NULL && pi->ipi6_ifindex) { 511 /* XXX boundary check is assumed to be already done. */ 512 ifp = ifnet_byindex(pi->ipi6_ifindex); 513 if (ifp != NULL && 514 (norouteok || retrt == NULL || 515 IN6_IS_ADDR_MULTICAST(dst))) { 516 /* 517 * we do not have to check or get the route for 518 * multicast. 519 */ 520 goto done; 521 } else 522 goto getroute; 523 } 524 525 /* 526 * If the destination address is a multicast address and the outgoing 527 * interface for the address is specified by the caller, use it. 528 */ 529 if (IN6_IS_ADDR_MULTICAST(dst) && 530 mopts != NULL && (ifp = mopts->im6o_multicast_ifp) != NULL) { 531 goto done; /* we do not need a route for multicast. */ 532 } 533 534 getroute: 535 /* 536 * If the next hop address for the packet is specified by the caller, 537 * use it as the gateway. 538 */ 539 if (opts && opts->ip6po_nexthop) { 540 struct route_in6 *ron; 541 struct llentry *la; 542 543 sin6_next = satosin6(opts->ip6po_nexthop); 544 545 /* at this moment, we only support AF_INET6 next hops */ 546 if (sin6_next->sin6_family != AF_INET6) { 547 error = EAFNOSUPPORT; /* or should we proceed? */ 548 goto done; 549 } 550 551 /* 552 * If the next hop is an IPv6 address, then the node identified 553 * by that address must be a neighbor of the sending host. 554 */ 555 ron = &opts->ip6po_nextroute; 556 /* 557 * XXX what do we do here? 558 * PLZ to be fixing 559 */ 560 561 562 if (ron->ro_rt == NULL) { 563 rtalloc((struct route *)ron); /* multi path case? */ 564 if (ron->ro_rt == NULL) { 565 if (ron->ro_rt) { 566 RTFREE(ron->ro_rt); 567 ron->ro_rt = NULL; 568 } 569 error = EHOSTUNREACH; 570 goto done; 571 } 572 } 573 574 rt = ron->ro_rt; 575 ifp = rt->rt_ifp; 576 IF_AFDATA_LOCK(ifp); 577 la = lla_lookup(LLTABLE6(ifp), 0, (struct sockaddr *)&sin6_next->sin6_addr); 578 IF_AFDATA_UNLOCK(ifp); 579 if (la != NULL) 580 LLE_RUNLOCK(la); 581 else { 582 error = EHOSTUNREACH; 583 goto done; 584 } 585#if 0 586 if ((ron->ro_rt && 587 (ron->ro_rt->rt_flags & (RTF_UP | RTF_LLINFO)) != 588 (RTF_UP | RTF_LLINFO)) || 589 !IN6_ARE_ADDR_EQUAL(&satosin6(&ron->ro_dst)->sin6_addr, 590 &sin6_next->sin6_addr)) { 591 if (ron->ro_rt) { 592 RTFREE(ron->ro_rt); 593 ron->ro_rt = NULL; 594 } 595 *satosin6(&ron->ro_dst) = *sin6_next; 596 } 597 if (ron->ro_rt == NULL) { 598 rtalloc((struct route *)ron); /* multi path case? */ 599 if (ron->ro_rt == NULL || 600 !(ron->ro_rt->rt_flags & RTF_LLINFO)) { 601 if (ron->ro_rt) { 602 RTFREE(ron->ro_rt); 603 ron->ro_rt = NULL; 604 } 605 error = EHOSTUNREACH; 606 goto done; 607 } 608 } 609#endif 610 611 /* 612 * When cloning is required, try to allocate a route to the 613 * destination so that the caller can store path MTU 614 * information. 615 */ 616 goto done; 617 } 618 619 /* 620 * Use a cached route if it exists and is valid, else try to allocate 621 * a new one. Note that we should check the address family of the 622 * cached destination, in case of sharing the cache with IPv4. 623 */ 624 if (ro) { 625 if (ro->ro_rt && 626 (!(ro->ro_rt->rt_flags & RTF_UP) || 627 ((struct sockaddr *)(&ro->ro_dst))->sa_family != AF_INET6 || 628 !IN6_ARE_ADDR_EQUAL(&satosin6(&ro->ro_dst)->sin6_addr, 629 dst))) { 630 RTFREE(ro->ro_rt); 631 ro->ro_rt = (struct rtentry *)NULL; 632 } 633 if (ro->ro_rt == (struct rtentry *)NULL) { 634 struct sockaddr_in6 *sa6; 635 636 /* No route yet, so try to acquire one */ 637 bzero(&ro->ro_dst, sizeof(struct sockaddr_in6)); 638 sa6 = (struct sockaddr_in6 *)&ro->ro_dst; 639 *sa6 = *dstsock; 640 sa6->sin6_scope_id = 0; 641 642#ifdef RADIX_MPATH 643 rtalloc_mpath((struct route *)ro, 644 ntohl(sa6->sin6_addr.s6_addr32[3])); 645#else 646 ro->ro_rt = rtalloc1(&((struct route *)ro) 647 ->ro_dst, 0, 0UL); 648 if (ro->ro_rt) 649 RT_UNLOCK(ro->ro_rt); 650#endif 651 } 652 653 /* 654 * do not care about the result if we have the nexthop 655 * explicitly specified. 656 */ 657 if (opts && opts->ip6po_nexthop) 658 goto done; 659 660 if (ro->ro_rt) { 661 ifp = ro->ro_rt->rt_ifp; 662 663 if (ifp == NULL) { /* can this really happen? */ 664 RTFREE(ro->ro_rt); 665 ro->ro_rt = NULL; 666 } 667 } 668 if (ro->ro_rt == NULL) 669 error = EHOSTUNREACH; 670 rt = ro->ro_rt; 671 672 /* 673 * Check if the outgoing interface conflicts with 674 * the interface specified by ipi6_ifindex (if specified). 675 * Note that loopback interface is always okay. 676 * (this may happen when we are sending a packet to one of 677 * our own addresses.) 678 */ 679 if (ifp && opts && opts->ip6po_pktinfo && 680 opts->ip6po_pktinfo->ipi6_ifindex) { 681 if (!(ifp->if_flags & IFF_LOOPBACK) && 682 ifp->if_index != 683 opts->ip6po_pktinfo->ipi6_ifindex) { 684 error = EHOSTUNREACH; 685 goto done; 686 } 687 } 688 } 689 690 done: 691 if (ifp == NULL && rt == NULL) { 692 /* 693 * This can happen if the caller did not pass a cached route 694 * nor any other hints. We treat this case an error. 695 */ 696 error = EHOSTUNREACH; 697 } 698 if (error == EHOSTUNREACH) 699 V_ip6stat.ip6s_noroute++; 700 701 if (retifp != NULL) 702 *retifp = ifp; 703 if (retrt != NULL) 704 *retrt = rt; /* rt may be NULL */ 705 706 return (error); 707} 708 709static int 710in6_selectif(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts, 711 struct ip6_moptions *mopts, struct route_in6 *ro, struct ifnet **retifp) 712{ 713 int error; 714 struct route_in6 sro; 715 struct rtentry *rt = NULL; 716 717 if (ro == NULL) { 718 bzero(&sro, sizeof(sro)); 719 ro = &sro; 720 } 721 722 if ((error = selectroute(dstsock, opts, mopts, ro, retifp, 723 &rt, 1)) != 0) { 724 if (ro == &sro && rt && rt == sro.ro_rt) 725 RTFREE(rt); 726 return (error); 727 } 728 729 /* 730 * do not use a rejected or black hole route. 731 * XXX: this check should be done in the L2 output routine. 732 * However, if we skipped this check here, we'd see the following 733 * scenario: 734 * - install a rejected route for a scoped address prefix 735 * (like fe80::/10) 736 * - send a packet to a destination that matches the scoped prefix, 737 * with ambiguity about the scope zone. 738 * - pick the outgoing interface from the route, and disambiguate the 739 * scope zone with the interface. 740 * - ip6_output() would try to get another route with the "new" 741 * destination, which may be valid. 742 * - we'd see no error on output. 743 * Although this may not be very harmful, it should still be confusing. 744 * We thus reject the case here. 745 */ 746 if (rt && (rt->rt_flags & (RTF_REJECT | RTF_BLACKHOLE))) { 747 int flags = (rt->rt_flags & RTF_HOST ? EHOSTUNREACH : ENETUNREACH); 748 749 if (ro == &sro && rt && rt == sro.ro_rt) 750 RTFREE(rt); 751 return (flags); 752 } 753 754 /* 755 * Adjust the "outgoing" interface. If we're going to loop the packet 756 * back to ourselves, the ifp would be the loopback interface. 757 * However, we'd rather know the interface associated to the 758 * destination address (which should probably be one of our own 759 * addresses.) 760 */ 761 if (rt && rt->rt_ifa && rt->rt_ifa->ifa_ifp) 762 *retifp = rt->rt_ifa->ifa_ifp; 763 764 if (ro == &sro && rt && rt == sro.ro_rt) 765 RTFREE(rt); 766 return (0); 767} 768 769/* 770 * clone - meaningful only for bsdi and freebsd 771 */ 772int 773in6_selectroute(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts, 774 struct ip6_moptions *mopts, struct route_in6 *ro, 775 struct ifnet **retifp, struct rtentry **retrt) 776{ 777 778 return (selectroute(dstsock, opts, mopts, ro, retifp, 779 retrt, 0)); 780} 781 782/* 783 * Default hop limit selection. The precedence is as follows: 784 * 1. Hoplimit value specified via ioctl. 785 * 2. (If the outgoing interface is detected) the current 786 * hop limit of the interface specified by router advertisement. 787 * 3. The system default hoplimit. 788 */ 789int 790in6_selecthlim(struct inpcb *in6p, struct ifnet *ifp) 791{ 792 793 if (in6p && in6p->in6p_hops >= 0) 794 return (in6p->in6p_hops); 795 else if (ifp) 796 return (ND_IFINFO(ifp)->chlim); 797 else if (in6p && !IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) { 798 struct route_in6 ro6; 799 struct ifnet *lifp; 800 801 bzero(&ro6, sizeof(ro6)); 802 ro6.ro_dst.sin6_family = AF_INET6; 803 ro6.ro_dst.sin6_len = sizeof(struct sockaddr_in6); 804 ro6.ro_dst.sin6_addr = in6p->in6p_faddr; 805 rtalloc((struct route *)&ro6); 806 if (ro6.ro_rt) { 807 lifp = ro6.ro_rt->rt_ifp; 808 RTFREE(ro6.ro_rt); 809 if (lifp) 810 return (ND_IFINFO(lifp)->chlim); 811 } else 812 return (V_ip6_defhlim); 813 } 814 return (V_ip6_defhlim); 815} 816 817/* 818 * XXX: this is borrowed from in6_pcbbind(). If possible, we should 819 * share this function by all *bsd*... 820 */ 821int 822in6_pcbsetport(struct in6_addr *laddr, struct inpcb *inp, struct ucred *cred) 823{ 824 struct socket *so = inp->inp_socket; 825 u_int16_t lport = 0, first, last, *lastport; 826 int count, error, wild = 0, dorandom; 827 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 828 829 INP_INFO_WLOCK_ASSERT(pcbinfo); 830 INP_WLOCK_ASSERT(inp); 831 832 error = prison_local_ip6(cred, laddr, 833 ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)); 834 if (error) 835 return(error); 836 837 /* XXX: this is redundant when called from in6_pcbbind */ 838 if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0) 839 wild = INPLOOKUP_WILDCARD; 840 841 inp->inp_flags |= INP_ANONPORT; 842 843 if (inp->inp_flags & INP_HIGHPORT) { 844 first = V_ipport_hifirstauto; /* sysctl */ 845 last = V_ipport_hilastauto; 846 lastport = &pcbinfo->ipi_lasthi; 847 } else if (inp->inp_flags & INP_LOWPORT) { 848 error = priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT, 0); 849 if (error) 850 return error; 851 first = V_ipport_lowfirstauto; /* 1023 */ 852 last = V_ipport_lowlastauto; /* 600 */ 853 lastport = &pcbinfo->ipi_lastlow; 854 } else { 855 first = V_ipport_firstauto; /* sysctl */ 856 last = V_ipport_lastauto; 857 lastport = &pcbinfo->ipi_lastport; 858 } 859 860 /* 861 * For UDP, use random port allocation as long as the user 862 * allows it. For TCP (and as of yet unknown) connections, 863 * use random port allocation only if the user allows it AND 864 * ipport_tick() allows it. 865 */ 866 if (V_ipport_randomized && 867 (!V_ipport_stoprandom || pcbinfo == &V_udbinfo)) 868 dorandom = 1; 869 else 870 dorandom = 0; 871 /* 872 * It makes no sense to do random port allocation if 873 * we have the only port available. 874 */ 875 if (first == last) 876 dorandom = 0; 877 /* Make sure to not include UDP packets in the count. */ 878 if (pcbinfo != &V_udbinfo) 879 V_ipport_tcpallocs++; 880 881 /* 882 * Instead of having two loops further down counting up or down 883 * make sure that first is always <= last and go with only one 884 * code path implementing all logic. 885 */ 886 if (first > last) { 887 u_int16_t aux; 888 889 aux = first; 890 first = last; 891 last = aux; 892 } 893 894 if (dorandom) 895 *lastport = first + (arc4random() % (last - first)); 896 897 count = last - first; 898 899 do { 900 if (count-- < 0) { /* completely used? */ 901 /* Undo an address bind that may have occurred. */ 902 inp->in6p_laddr = in6addr_any; 903 return (EADDRNOTAVAIL); 904 } 905 ++*lastport; 906 if (*lastport < first || *lastport > last) 907 *lastport = first; 908 lport = htons(*lastport); 909 } while (in6_pcblookup_local(pcbinfo, &inp->in6p_laddr, 910 lport, wild, cred)); 911 912 inp->inp_lport = lport; 913 if (in_pcbinshash(inp) != 0) { 914 inp->in6p_laddr = in6addr_any; 915 inp->inp_lport = 0; 916 return (EAGAIN); 917 } 918 919 return (0); 920} 921 922void 923addrsel_policy_init(void) 924{ 925 926 V_ip6_prefer_tempaddr = 0; 927 928 init_policy_queue(); 929 930 /* initialize the "last resort" policy */ 931 bzero(&V_defaultaddrpolicy, sizeof(V_defaultaddrpolicy)); 932 V_defaultaddrpolicy.label = ADDR_LABEL_NOTAPP; 933 934 if (!IS_DEFAULT_VNET(curvnet)) 935 return; 936 937 ADDRSEL_LOCK_INIT(); 938 ADDRSEL_SXLOCK_INIT(); 939} 940 941static struct in6_addrpolicy * 942lookup_addrsel_policy(struct sockaddr_in6 *key) 943{ 944 struct in6_addrpolicy *match = NULL; 945 946 ADDRSEL_LOCK(); 947 match = match_addrsel_policy(key); 948 949 if (match == NULL) 950 match = &V_defaultaddrpolicy; 951 else 952 match->use++; 953 ADDRSEL_UNLOCK(); 954 955 return (match); 956} 957 958/* 959 * Subroutines to manage the address selection policy table via sysctl. 960 */ 961struct walkarg { 962 struct sysctl_req *w_req; 963}; 964 965static int in6_src_sysctl(SYSCTL_HANDLER_ARGS); 966SYSCTL_DECL(_net_inet6_ip6); 967SYSCTL_NODE(_net_inet6_ip6, IPV6CTL_ADDRCTLPOLICY, addrctlpolicy, 968 CTLFLAG_RD, in6_src_sysctl, ""); 969 970static int 971in6_src_sysctl(SYSCTL_HANDLER_ARGS) 972{ 973 struct walkarg w; 974 975 if (req->newptr) 976 return EPERM; 977 978 bzero(&w, sizeof(w)); 979 w.w_req = req; 980 981 return (walk_addrsel_policy(dump_addrsel_policyent, &w)); 982} 983 984int 985in6_src_ioctl(u_long cmd, caddr_t data) 986{ 987 int i; 988 struct in6_addrpolicy ent0; 989 990 if (cmd != SIOCAADDRCTL_POLICY && cmd != SIOCDADDRCTL_POLICY) 991 return (EOPNOTSUPP); /* check for safety */ 992 993 ent0 = *(struct in6_addrpolicy *)data; 994 995 if (ent0.label == ADDR_LABEL_NOTAPP) 996 return (EINVAL); 997 /* check if the prefix mask is consecutive. */ 998 if (in6_mask2len(&ent0.addrmask.sin6_addr, NULL) < 0) 999 return (EINVAL); 1000 /* clear trailing garbages (if any) of the prefix address. */ 1001 for (i = 0; i < 4; i++) { 1002 ent0.addr.sin6_addr.s6_addr32[i] &= 1003 ent0.addrmask.sin6_addr.s6_addr32[i]; 1004 } 1005 ent0.use = 0; 1006 1007 switch (cmd) { 1008 case SIOCAADDRCTL_POLICY: 1009 return (add_addrsel_policyent(&ent0)); 1010 case SIOCDADDRCTL_POLICY: 1011 return (delete_addrsel_policyent(&ent0)); 1012 } 1013 1014 return (0); /* XXX: compromise compilers */ 1015} 1016 1017/* 1018 * The followings are implementation of the policy table using a 1019 * simple tail queue. 1020 * XXX such details should be hidden. 1021 * XXX implementation using binary tree should be more efficient. 1022 */ 1023struct addrsel_policyent { 1024 TAILQ_ENTRY(addrsel_policyent) ape_entry; 1025 struct in6_addrpolicy ape_policy; 1026}; 1027 1028TAILQ_HEAD(addrsel_policyhead, addrsel_policyent); 1029 1030static VNET_DEFINE(struct addrsel_policyhead, addrsel_policytab); 1031#define V_addrsel_policytab VNET_GET(addrsel_policytab) 1032 1033static void 1034init_policy_queue(void) 1035{ 1036 1037 TAILQ_INIT(&V_addrsel_policytab); 1038} 1039 1040static int 1041add_addrsel_policyent(struct in6_addrpolicy *newpolicy) 1042{ 1043 struct addrsel_policyent *new, *pol; 1044 1045 new = malloc(sizeof(*new), M_IFADDR, 1046 M_WAITOK); 1047 ADDRSEL_XLOCK(); 1048 ADDRSEL_LOCK(); 1049 1050 /* duplication check */ 1051 TAILQ_FOREACH(pol, &V_addrsel_policytab, ape_entry) { 1052 if (IN6_ARE_ADDR_EQUAL(&newpolicy->addr.sin6_addr, 1053 &pol->ape_policy.addr.sin6_addr) && 1054 IN6_ARE_ADDR_EQUAL(&newpolicy->addrmask.sin6_addr, 1055 &pol->ape_policy.addrmask.sin6_addr)) { 1056 ADDRSEL_UNLOCK(); 1057 ADDRSEL_XUNLOCK(); 1058 free(new, M_IFADDR); 1059 return (EEXIST); /* or override it? */ 1060 } 1061 } 1062 1063 bzero(new, sizeof(*new)); 1064 1065 /* XXX: should validate entry */ 1066 new->ape_policy = *newpolicy; 1067 1068 TAILQ_INSERT_TAIL(&V_addrsel_policytab, new, ape_entry); 1069 ADDRSEL_UNLOCK(); 1070 ADDRSEL_XUNLOCK(); 1071 1072 return (0); 1073} 1074 1075static int 1076delete_addrsel_policyent(struct in6_addrpolicy *key) 1077{ 1078 struct addrsel_policyent *pol; 1079 1080 ADDRSEL_XLOCK(); 1081 ADDRSEL_LOCK(); 1082 1083 /* search for the entry in the table */ 1084 TAILQ_FOREACH(pol, &V_addrsel_policytab, ape_entry) { 1085 if (IN6_ARE_ADDR_EQUAL(&key->addr.sin6_addr, 1086 &pol->ape_policy.addr.sin6_addr) && 1087 IN6_ARE_ADDR_EQUAL(&key->addrmask.sin6_addr, 1088 &pol->ape_policy.addrmask.sin6_addr)) { 1089 break; 1090 } 1091 } 1092 if (pol == NULL) { 1093 ADDRSEL_UNLOCK(); 1094 ADDRSEL_XUNLOCK(); 1095 return (ESRCH); 1096 } 1097 1098 TAILQ_REMOVE(&V_addrsel_policytab, pol, ape_entry); 1099 ADDRSEL_UNLOCK(); 1100 ADDRSEL_XUNLOCK(); 1101 1102 return (0); 1103} 1104 1105static int 1106walk_addrsel_policy(int (*callback)(struct in6_addrpolicy *, void *), 1107 void *w) 1108{ 1109 struct addrsel_policyent *pol; 1110 int error = 0; 1111 1112 ADDRSEL_SLOCK(); 1113 TAILQ_FOREACH(pol, &V_addrsel_policytab, ape_entry) { 1114 if ((error = (*callback)(&pol->ape_policy, w)) != 0) { 1115 ADDRSEL_SUNLOCK(); 1116 return (error); 1117 } 1118 } 1119 ADDRSEL_SUNLOCK(); 1120 return (error); 1121} 1122 1123static int 1124dump_addrsel_policyent(struct in6_addrpolicy *pol, void *arg) 1125{ 1126 int error = 0; 1127 struct walkarg *w = arg; 1128 1129 error = SYSCTL_OUT(w->w_req, pol, sizeof(*pol)); 1130 1131 return (error); 1132} 1133 1134static struct in6_addrpolicy * 1135match_addrsel_policy(struct sockaddr_in6 *key) 1136{ 1137 struct addrsel_policyent *pent; 1138 struct in6_addrpolicy *bestpol = NULL, *pol; 1139 int matchlen, bestmatchlen = -1; 1140 u_char *mp, *ep, *k, *p, m; 1141 1142 TAILQ_FOREACH(pent, &V_addrsel_policytab, ape_entry) { 1143 matchlen = 0; 1144 1145 pol = &pent->ape_policy; 1146 mp = (u_char *)&pol->addrmask.sin6_addr; 1147 ep = mp + 16; /* XXX: scope field? */ 1148 k = (u_char *)&key->sin6_addr; 1149 p = (u_char *)&pol->addr.sin6_addr; 1150 for (; mp < ep && *mp; mp++, k++, p++) { 1151 m = *mp; 1152 if ((*k & m) != *p) 1153 goto next; /* not match */ 1154 if (m == 0xff) /* short cut for a typical case */ 1155 matchlen += 8; 1156 else { 1157 while (m >= 0x80) { 1158 matchlen++; 1159 m <<= 1; 1160 } 1161 } 1162 } 1163 1164 /* matched. check if this is better than the current best. */ 1165 if (bestpol == NULL || 1166 matchlen > bestmatchlen) { 1167 bestpol = pol; 1168 bestmatchlen = matchlen; 1169 } 1170 1171 next: 1172 continue; 1173 } 1174 1175 return (bestpol); 1176} 1177