in6_src.c revision 249528
1/*- 2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the project nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * $KAME: in6_src.c,v 1.132 2003/08/26 04:42:27 keiichi Exp $ 30 */ 31 32/*- 33 * Copyright (c) 1982, 1986, 1991, 1993 34 * The Regents of the University of California. All rights reserved. 35 * 36 * Redistribution and use in source and binary forms, with or without 37 * modification, are permitted provided that the following conditions 38 * are met: 39 * 1. Redistributions of source code must retain the above copyright 40 * notice, this list of conditions and the following disclaimer. 41 * 2. Redistributions in binary form must reproduce the above copyright 42 * notice, this list of conditions and the following disclaimer in the 43 * documentation and/or other materials provided with the distribution. 44 * 4. Neither the name of the University nor the names of its contributors 45 * may be used to endorse or promote products derived from this software 46 * without specific prior written permission. 47 * 48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 58 * SUCH DAMAGE. 59 * 60 * @(#)in_pcb.c 8.2 (Berkeley) 1/4/94 61 */ 62 63#include <sys/cdefs.h> 64__FBSDID("$FreeBSD: head/sys/netinet6/in6_src.c 249528 2013-04-15 21:02:40Z ae $"); 65 66#include "opt_inet.h" 67#include "opt_inet6.h" 68#include "opt_mpath.h" 69 70#include <sys/param.h> 71#include <sys/systm.h> 72#include <sys/lock.h> 73#include <sys/malloc.h> 74#include <sys/mbuf.h> 75#include <sys/priv.h> 76#include <sys/protosw.h> 77#include <sys/socket.h> 78#include <sys/socketvar.h> 79#include <sys/sockio.h> 80#include <sys/sysctl.h> 81#include <sys/errno.h> 82#include <sys/time.h> 83#include <sys/jail.h> 84#include <sys/kernel.h> 85#include <sys/sx.h> 86 87#include <net/if.h> 88#include <net/if_dl.h> 89#include <net/route.h> 90#include <net/if_llatbl.h> 91#ifdef RADIX_MPATH 92#include <net/radix_mpath.h> 93#endif 94 95#include <netinet/in.h> 96#include <netinet/in_var.h> 97#include <netinet/in_systm.h> 98#include <netinet/ip.h> 99#include <netinet/in_pcb.h> 100#include <netinet/ip_var.h> 101#include <netinet/udp.h> 102#include <netinet/udp_var.h> 103 104#include <netinet6/in6_var.h> 105#include <netinet/ip6.h> 106#include <netinet6/in6_pcb.h> 107#include <netinet6/ip6_var.h> 108#include <netinet6/scope6_var.h> 109#include <netinet6/nd6.h> 110 111static struct mtx addrsel_lock; 112#define ADDRSEL_LOCK_INIT() mtx_init(&addrsel_lock, "addrsel_lock", NULL, MTX_DEF) 113#define ADDRSEL_LOCK() mtx_lock(&addrsel_lock) 114#define ADDRSEL_UNLOCK() mtx_unlock(&addrsel_lock) 115#define ADDRSEL_LOCK_ASSERT() mtx_assert(&addrsel_lock, MA_OWNED) 116 117static struct sx addrsel_sxlock; 118#define ADDRSEL_SXLOCK_INIT() sx_init(&addrsel_sxlock, "addrsel_sxlock") 119#define ADDRSEL_SLOCK() sx_slock(&addrsel_sxlock) 120#define ADDRSEL_SUNLOCK() sx_sunlock(&addrsel_sxlock) 121#define ADDRSEL_XLOCK() sx_xlock(&addrsel_sxlock) 122#define ADDRSEL_XUNLOCK() sx_xunlock(&addrsel_sxlock) 123 124#define ADDR_LABEL_NOTAPP (-1) 125static VNET_DEFINE(struct in6_addrpolicy, defaultaddrpolicy); 126#define V_defaultaddrpolicy VNET(defaultaddrpolicy) 127 128VNET_DEFINE(int, ip6_prefer_tempaddr) = 0; 129 130static int selectroute(struct sockaddr_in6 *, struct ip6_pktopts *, 131 struct ip6_moptions *, struct route_in6 *, struct ifnet **, 132 struct rtentry **, int, u_int); 133static int in6_selectif(struct sockaddr_in6 *, struct ip6_pktopts *, 134 struct ip6_moptions *, struct route_in6 *ro, struct ifnet **, 135 struct ifnet *, u_int); 136 137static struct in6_addrpolicy *lookup_addrsel_policy(struct sockaddr_in6 *); 138 139static void init_policy_queue(void); 140static int add_addrsel_policyent(struct in6_addrpolicy *); 141static int delete_addrsel_policyent(struct in6_addrpolicy *); 142static int walk_addrsel_policy(int (*)(struct in6_addrpolicy *, void *), 143 void *); 144static int dump_addrsel_policyent(struct in6_addrpolicy *, void *); 145static struct in6_addrpolicy *match_addrsel_policy(struct sockaddr_in6 *); 146 147/* 148 * Return an IPv6 address, which is the most appropriate for a given 149 * destination and user specified options. 150 * If necessary, this function lookups the routing table and returns 151 * an entry to the caller for later use. 152 */ 153#define REPLACE(r) do {\ 154 rule = (r); \ 155 /* { \ 156 char ip6buf[INET6_ADDRSTRLEN], ip6b[INET6_ADDRSTRLEN]; \ 157 printf("in6_selectsrc: replace %s with %s by %d\n", ia_best ? ip6_sprintf(ip6buf, &ia_best->ia_addr.sin6_addr) : "none", ip6_sprintf(ip6b, &ia->ia_addr.sin6_addr), (r)); \ 158 } */ \ 159 goto replace; \ 160} while(0) 161#define NEXT(r) do {\ 162 /* { \ 163 char ip6buf[INET6_ADDRSTRLEN], ip6b[INET6_ADDRSTRLEN]; \ 164 printf("in6_selectsrc: keep %s against %s by %d\n", ia_best ? ip6_sprintf(ip6buf, &ia_best->ia_addr.sin6_addr) : "none", ip6_sprintf(ip6b, &ia->ia_addr.sin6_addr), (r)); \ 165 } */ \ 166 goto next; /* XXX: we can't use 'continue' here */ \ 167} while(0) 168#define BREAK(r) do { \ 169 rule = (r); \ 170 goto out; /* XXX: we can't use 'break' here */ \ 171} while(0) 172 173int 174in6_selectsrc(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts, 175 struct inpcb *inp, struct route_in6 *ro, struct ucred *cred, 176 struct ifnet **ifpp, struct in6_addr *srcp) 177{ 178 struct in6_addr dst, tmp; 179 struct ifnet *ifp = NULL, *oifp = NULL; 180 struct in6_ifaddr *ia = NULL, *ia_best = NULL; 181 struct in6_pktinfo *pi = NULL; 182 int dst_scope = -1, best_scope = -1, best_matchlen = -1; 183 struct in6_addrpolicy *dst_policy = NULL, *best_policy = NULL; 184 u_int32_t odstzone; 185 int prefer_tempaddr; 186 int error, rule; 187 struct ip6_moptions *mopts; 188 189 KASSERT(srcp != NULL, ("%s: srcp is NULL", __func__)); 190 191 dst = dstsock->sin6_addr; /* make a copy for local operation */ 192 if (ifpp) { 193 /* 194 * Save a possibly passed in ifp for in6_selectsrc. Only 195 * neighbor discovery code should use this feature, where 196 * we may know the interface but not the FIB number holding 197 * the connected subnet in case someone deleted it from the 198 * default FIB and we need to check the interface. 199 */ 200 if (*ifpp != NULL) 201 oifp = *ifpp; 202 *ifpp = NULL; 203 } 204 205 if (inp != NULL) { 206 INP_LOCK_ASSERT(inp); 207 mopts = inp->in6p_moptions; 208 } else { 209 mopts = NULL; 210 } 211 212 /* 213 * If the source address is explicitly specified by the caller, 214 * check if the requested source address is indeed a unicast address 215 * assigned to the node, and can be used as the packet's source 216 * address. If everything is okay, use the address as source. 217 */ 218 if (opts && (pi = opts->ip6po_pktinfo) && 219 !IN6_IS_ADDR_UNSPECIFIED(&pi->ipi6_addr)) { 220 struct sockaddr_in6 srcsock; 221 struct in6_ifaddr *ia6; 222 223 /* get the outgoing interface */ 224 if ((error = in6_selectif(dstsock, opts, mopts, ro, &ifp, oifp, 225 (inp != NULL) ? inp->inp_inc.inc_fibnum : RT_DEFAULT_FIB)) 226 != 0) 227 return (error); 228 229 /* 230 * determine the appropriate zone id of the source based on 231 * the zone of the destination and the outgoing interface. 232 * If the specified address is ambiguous wrt the scope zone, 233 * the interface must be specified; otherwise, ifa_ifwithaddr() 234 * will fail matching the address. 235 */ 236 bzero(&srcsock, sizeof(srcsock)); 237 srcsock.sin6_family = AF_INET6; 238 srcsock.sin6_len = sizeof(srcsock); 239 srcsock.sin6_addr = pi->ipi6_addr; 240 if (ifp) { 241 error = in6_setscope(&srcsock.sin6_addr, ifp, NULL); 242 if (error) 243 return (error); 244 } 245 if (cred != NULL && (error = prison_local_ip6(cred, 246 &srcsock.sin6_addr, (inp != NULL && 247 (inp->inp_flags & IN6P_IPV6_V6ONLY) != 0))) != 0) 248 return (error); 249 250 ia6 = (struct in6_ifaddr *)ifa_ifwithaddr( 251 (struct sockaddr *)&srcsock); 252 if (ia6 == NULL || 253 (ia6->ia6_flags & (IN6_IFF_ANYCAST | IN6_IFF_NOTREADY))) { 254 if (ia6 != NULL) 255 ifa_free(&ia6->ia_ifa); 256 return (EADDRNOTAVAIL); 257 } 258 pi->ipi6_addr = srcsock.sin6_addr; /* XXX: this overrides pi */ 259 if (ifpp) 260 *ifpp = ifp; 261 bcopy(&ia6->ia_addr.sin6_addr, srcp, sizeof(*srcp)); 262 ifa_free(&ia6->ia_ifa); 263 return (0); 264 } 265 266 /* 267 * Otherwise, if the socket has already bound the source, just use it. 268 */ 269 if (inp != NULL && !IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { 270 if (cred != NULL && 271 (error = prison_local_ip6(cred, &inp->in6p_laddr, 272 ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0))) != 0) 273 return (error); 274 bcopy(&inp->in6p_laddr, srcp, sizeof(*srcp)); 275 return (0); 276 } 277 278 /* 279 * Bypass source address selection and use the primary jail IP 280 * if requested. 281 */ 282 if (cred != NULL && !prison_saddrsel_ip6(cred, srcp)) 283 return (0); 284 285 /* 286 * If the address is not specified, choose the best one based on 287 * the outgoing interface and the destination address. 288 */ 289 /* get the outgoing interface */ 290 if ((error = in6_selectif(dstsock, opts, mopts, ro, &ifp, oifp, 291 (inp != NULL) ? inp->inp_inc.inc_fibnum : RT_DEFAULT_FIB)) != 0) 292 return (error); 293 294#ifdef DIAGNOSTIC 295 if (ifp == NULL) /* this should not happen */ 296 panic("in6_selectsrc: NULL ifp"); 297#endif 298 error = in6_setscope(&dst, ifp, &odstzone); 299 if (error) 300 return (error); 301 302 rule = 0; 303 IN6_IFADDR_RLOCK(); 304 TAILQ_FOREACH(ia, &V_in6_ifaddrhead, ia_link) { 305 int new_scope = -1, new_matchlen = -1; 306 struct in6_addrpolicy *new_policy = NULL; 307 u_int32_t srczone, osrczone, dstzone; 308 struct in6_addr src; 309 struct ifnet *ifp1 = ia->ia_ifp; 310 311 /* 312 * We'll never take an address that breaks the scope zone 313 * of the destination. We also skip an address if its zone 314 * does not contain the outgoing interface. 315 * XXX: we should probably use sin6_scope_id here. 316 */ 317 if (in6_setscope(&dst, ifp1, &dstzone) || 318 odstzone != dstzone) { 319 continue; 320 } 321 src = ia->ia_addr.sin6_addr; 322 if (in6_setscope(&src, ifp, &osrczone) || 323 in6_setscope(&src, ifp1, &srczone) || 324 osrczone != srczone) { 325 continue; 326 } 327 328 /* avoid unusable addresses */ 329 if ((ia->ia6_flags & 330 (IN6_IFF_NOTREADY | IN6_IFF_ANYCAST | IN6_IFF_DETACHED))) { 331 continue; 332 } 333 if (!V_ip6_use_deprecated && IFA6_IS_DEPRECATED(ia)) 334 continue; 335 336 /* If jailed only take addresses of the jail into account. */ 337 if (cred != NULL && 338 prison_check_ip6(cred, &ia->ia_addr.sin6_addr) != 0) 339 continue; 340 341 /* Rule 1: Prefer same address */ 342 if (IN6_ARE_ADDR_EQUAL(&dst, &ia->ia_addr.sin6_addr)) { 343 ia_best = ia; 344 BREAK(1); /* there should be no better candidate */ 345 } 346 347 if (ia_best == NULL) 348 REPLACE(0); 349 350 /* Rule 2: Prefer appropriate scope */ 351 if (dst_scope < 0) 352 dst_scope = in6_addrscope(&dst); 353 new_scope = in6_addrscope(&ia->ia_addr.sin6_addr); 354 if (IN6_ARE_SCOPE_CMP(best_scope, new_scope) < 0) { 355 if (IN6_ARE_SCOPE_CMP(best_scope, dst_scope) < 0) 356 REPLACE(2); 357 NEXT(2); 358 } else if (IN6_ARE_SCOPE_CMP(new_scope, best_scope) < 0) { 359 if (IN6_ARE_SCOPE_CMP(new_scope, dst_scope) < 0) 360 NEXT(2); 361 REPLACE(2); 362 } 363 364 /* 365 * Rule 3: Avoid deprecated addresses. Note that the case of 366 * !ip6_use_deprecated is already rejected above. 367 */ 368 if (!IFA6_IS_DEPRECATED(ia_best) && IFA6_IS_DEPRECATED(ia)) 369 NEXT(3); 370 if (IFA6_IS_DEPRECATED(ia_best) && !IFA6_IS_DEPRECATED(ia)) 371 REPLACE(3); 372 373 /* Rule 4: Prefer home addresses */ 374 /* 375 * XXX: This is a TODO. We should probably merge the MIP6 376 * case above. 377 */ 378 379 /* Rule 5: Prefer outgoing interface */ 380 if (!(ND_IFINFO(ifp)->flags & ND6_IFF_NO_PREFER_IFACE)) { 381 if (ia_best->ia_ifp == ifp && ia->ia_ifp != ifp) 382 NEXT(5); 383 if (ia_best->ia_ifp != ifp && ia->ia_ifp == ifp) 384 REPLACE(5); 385 } 386 387 /* 388 * Rule 6: Prefer matching label 389 * Note that best_policy should be non-NULL here. 390 */ 391 if (dst_policy == NULL) 392 dst_policy = lookup_addrsel_policy(dstsock); 393 if (dst_policy->label != ADDR_LABEL_NOTAPP) { 394 new_policy = lookup_addrsel_policy(&ia->ia_addr); 395 if (dst_policy->label == best_policy->label && 396 dst_policy->label != new_policy->label) 397 NEXT(6); 398 if (dst_policy->label != best_policy->label && 399 dst_policy->label == new_policy->label) 400 REPLACE(6); 401 } 402 403 /* 404 * Rule 7: Prefer public addresses. 405 * We allow users to reverse the logic by configuring 406 * a sysctl variable, so that privacy conscious users can 407 * always prefer temporary addresses. 408 */ 409 if (opts == NULL || 410 opts->ip6po_prefer_tempaddr == IP6PO_TEMPADDR_SYSTEM) { 411 prefer_tempaddr = V_ip6_prefer_tempaddr; 412 } else if (opts->ip6po_prefer_tempaddr == 413 IP6PO_TEMPADDR_NOTPREFER) { 414 prefer_tempaddr = 0; 415 } else 416 prefer_tempaddr = 1; 417 if (!(ia_best->ia6_flags & IN6_IFF_TEMPORARY) && 418 (ia->ia6_flags & IN6_IFF_TEMPORARY)) { 419 if (prefer_tempaddr) 420 REPLACE(7); 421 else 422 NEXT(7); 423 } 424 if ((ia_best->ia6_flags & IN6_IFF_TEMPORARY) && 425 !(ia->ia6_flags & IN6_IFF_TEMPORARY)) { 426 if (prefer_tempaddr) 427 NEXT(7); 428 else 429 REPLACE(7); 430 } 431 432 /* 433 * Rule 8: prefer addresses on alive interfaces. 434 * This is a KAME specific rule. 435 */ 436 if ((ia_best->ia_ifp->if_flags & IFF_UP) && 437 !(ia->ia_ifp->if_flags & IFF_UP)) 438 NEXT(8); 439 if (!(ia_best->ia_ifp->if_flags & IFF_UP) && 440 (ia->ia_ifp->if_flags & IFF_UP)) 441 REPLACE(8); 442 443 /* 444 * Rule 14: Use longest matching prefix. 445 * Note: in the address selection draft, this rule is 446 * documented as "Rule 8". However, since it is also 447 * documented that this rule can be overridden, we assign 448 * a large number so that it is easy to assign smaller numbers 449 * to more preferred rules. 450 */ 451 new_matchlen = in6_matchlen(&ia->ia_addr.sin6_addr, &dst); 452 if (best_matchlen < new_matchlen) 453 REPLACE(14); 454 if (new_matchlen < best_matchlen) 455 NEXT(14); 456 457 /* Rule 15 is reserved. */ 458 459 /* 460 * Last resort: just keep the current candidate. 461 * Or, do we need more rules? 462 */ 463 continue; 464 465 replace: 466 ia_best = ia; 467 best_scope = (new_scope >= 0 ? new_scope : 468 in6_addrscope(&ia_best->ia_addr.sin6_addr)); 469 best_policy = (new_policy ? new_policy : 470 lookup_addrsel_policy(&ia_best->ia_addr)); 471 best_matchlen = (new_matchlen >= 0 ? new_matchlen : 472 in6_matchlen(&ia_best->ia_addr.sin6_addr, 473 &dst)); 474 475 next: 476 continue; 477 478 out: 479 break; 480 } 481 482 if ((ia = ia_best) == NULL) { 483 IN6_IFADDR_RUNLOCK(); 484 IP6STAT_INC(ip6s_sources_none); 485 return (EADDRNOTAVAIL); 486 } 487 488 /* 489 * At this point at least one of the addresses belonged to the jail 490 * but it could still be, that we want to further restrict it, e.g. 491 * theoratically IN6_IS_ADDR_LOOPBACK. 492 * It must not be IN6_IS_ADDR_UNSPECIFIED anymore. 493 * prison_local_ip6() will fix an IN6_IS_ADDR_LOOPBACK but should 494 * let all others previously selected pass. 495 * Use tmp to not change ::1 on lo0 to the primary jail address. 496 */ 497 tmp = ia->ia_addr.sin6_addr; 498 if (cred != NULL && prison_local_ip6(cred, &tmp, (inp != NULL && 499 (inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)) != 0) { 500 IN6_IFADDR_RUNLOCK(); 501 IP6STAT_INC(ip6s_sources_none); 502 return (EADDRNOTAVAIL); 503 } 504 505 if (ifpp) 506 *ifpp = ifp; 507 508 bcopy(&tmp, srcp, sizeof(*srcp)); 509 IN6_IFADDR_RUNLOCK(); 510 IP6STAT_INC(ip6s_sources_rule[rule]); 511 return (0); 512} 513 514/* 515 * clone - meaningful only for bsdi and freebsd 516 */ 517static int 518selectroute(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts, 519 struct ip6_moptions *mopts, struct route_in6 *ro, 520 struct ifnet **retifp, struct rtentry **retrt, int norouteok, u_int fibnum) 521{ 522 int error = 0; 523 struct ifnet *ifp = NULL; 524 struct rtentry *rt = NULL; 525 struct sockaddr_in6 *sin6_next; 526 struct in6_pktinfo *pi = NULL; 527 struct in6_addr *dst = &dstsock->sin6_addr; 528#if 0 529 char ip6buf[INET6_ADDRSTRLEN]; 530 531 if (dstsock->sin6_addr.s6_addr32[0] == 0 && 532 dstsock->sin6_addr.s6_addr32[1] == 0 && 533 !IN6_IS_ADDR_LOOPBACK(&dstsock->sin6_addr)) { 534 printf("in6_selectroute: strange destination %s\n", 535 ip6_sprintf(ip6buf, &dstsock->sin6_addr)); 536 } else { 537 printf("in6_selectroute: destination = %s%%%d\n", 538 ip6_sprintf(ip6buf, &dstsock->sin6_addr), 539 dstsock->sin6_scope_id); /* for debug */ 540 } 541#endif 542 543 /* If the caller specify the outgoing interface explicitly, use it. */ 544 if (opts && (pi = opts->ip6po_pktinfo) != NULL && pi->ipi6_ifindex) { 545 /* XXX boundary check is assumed to be already done. */ 546 ifp = ifnet_byindex(pi->ipi6_ifindex); 547 if (ifp != NULL && 548 (norouteok || retrt == NULL || 549 IN6_IS_ADDR_MULTICAST(dst))) { 550 /* 551 * we do not have to check or get the route for 552 * multicast. 553 */ 554 goto done; 555 } else 556 goto getroute; 557 } 558 559 /* 560 * If the destination address is a multicast address and the outgoing 561 * interface for the address is specified by the caller, use it. 562 */ 563 if (IN6_IS_ADDR_MULTICAST(dst) && 564 mopts != NULL && (ifp = mopts->im6o_multicast_ifp) != NULL) { 565 goto done; /* we do not need a route for multicast. */ 566 } 567 568 getroute: 569 /* 570 * If the next hop address for the packet is specified by the caller, 571 * use it as the gateway. 572 */ 573 if (opts && opts->ip6po_nexthop) { 574 struct route_in6 *ron; 575 struct llentry *la; 576 577 sin6_next = satosin6(opts->ip6po_nexthop); 578 579 /* at this moment, we only support AF_INET6 next hops */ 580 if (sin6_next->sin6_family != AF_INET6) { 581 error = EAFNOSUPPORT; /* or should we proceed? */ 582 goto done; 583 } 584 585 /* 586 * If the next hop is an IPv6 address, then the node identified 587 * by that address must be a neighbor of the sending host. 588 */ 589 ron = &opts->ip6po_nextroute; 590 /* 591 * XXX what do we do here? 592 * PLZ to be fixing 593 */ 594 595 596 if (ron->ro_rt == NULL) { 597 in6_rtalloc(ron, fibnum); /* multi path case? */ 598 if (ron->ro_rt == NULL) { 599 /* XXX-BZ WT.? */ 600 if (ron->ro_rt) { 601 RTFREE(ron->ro_rt); 602 ron->ro_rt = NULL; 603 } 604 error = EHOSTUNREACH; 605 goto done; 606 } 607 } 608 609 rt = ron->ro_rt; 610 ifp = rt->rt_ifp; 611 IF_AFDATA_RLOCK(ifp); 612 la = lla_lookup(LLTABLE6(ifp), 0, (struct sockaddr *)&sin6_next->sin6_addr); 613 IF_AFDATA_RUNLOCK(ifp); 614 if (la != NULL) 615 LLE_RUNLOCK(la); 616 else { 617 error = EHOSTUNREACH; 618 goto done; 619 } 620#if 0 621 if ((ron->ro_rt && 622 (ron->ro_rt->rt_flags & (RTF_UP | RTF_LLINFO)) != 623 (RTF_UP | RTF_LLINFO)) || 624 !IN6_ARE_ADDR_EQUAL(&satosin6(&ron->ro_dst)->sin6_addr, 625 &sin6_next->sin6_addr)) { 626 if (ron->ro_rt) { 627 RTFREE(ron->ro_rt); 628 ron->ro_rt = NULL; 629 } 630 *satosin6(&ron->ro_dst) = *sin6_next; 631 } 632 if (ron->ro_rt == NULL) { 633 in6_rtalloc(ron, fibnum); /* multi path case? */ 634 if (ron->ro_rt == NULL || 635 !(ron->ro_rt->rt_flags & RTF_LLINFO)) { 636 if (ron->ro_rt) { 637 RTFREE(ron->ro_rt); 638 ron->ro_rt = NULL; 639 } 640 error = EHOSTUNREACH; 641 goto done; 642 } 643 } 644#endif 645 646 /* 647 * When cloning is required, try to allocate a route to the 648 * destination so that the caller can store path MTU 649 * information. 650 */ 651 goto done; 652 } 653 654 /* 655 * Use a cached route if it exists and is valid, else try to allocate 656 * a new one. Note that we should check the address family of the 657 * cached destination, in case of sharing the cache with IPv4. 658 */ 659 if (ro) { 660 if (ro->ro_rt && 661 (!(ro->ro_rt->rt_flags & RTF_UP) || 662 ((struct sockaddr *)(&ro->ro_dst))->sa_family != AF_INET6 || 663 !IN6_ARE_ADDR_EQUAL(&satosin6(&ro->ro_dst)->sin6_addr, 664 dst))) { 665 RTFREE(ro->ro_rt); 666 ro->ro_rt = (struct rtentry *)NULL; 667 } 668 if (ro->ro_rt == (struct rtentry *)NULL) { 669 struct sockaddr_in6 *sa6; 670 671 /* No route yet, so try to acquire one */ 672 bzero(&ro->ro_dst, sizeof(struct sockaddr_in6)); 673 sa6 = (struct sockaddr_in6 *)&ro->ro_dst; 674 *sa6 = *dstsock; 675 sa6->sin6_scope_id = 0; 676 677#ifdef RADIX_MPATH 678 rtalloc_mpath_fib((struct route *)ro, 679 ntohl(sa6->sin6_addr.s6_addr32[3]), fibnum); 680#else 681 ro->ro_rt = in6_rtalloc1((struct sockaddr *) 682 &ro->ro_dst, 0, 0UL, fibnum); 683 if (ro->ro_rt) 684 RT_UNLOCK(ro->ro_rt); 685#endif 686 } 687 688 /* 689 * do not care about the result if we have the nexthop 690 * explicitly specified. 691 */ 692 if (opts && opts->ip6po_nexthop) 693 goto done; 694 695 if (ro->ro_rt) { 696 ifp = ro->ro_rt->rt_ifp; 697 698 if (ifp == NULL) { /* can this really happen? */ 699 RTFREE(ro->ro_rt); 700 ro->ro_rt = NULL; 701 } 702 } 703 if (ro->ro_rt == NULL) 704 error = EHOSTUNREACH; 705 rt = ro->ro_rt; 706 707 /* 708 * Check if the outgoing interface conflicts with 709 * the interface specified by ipi6_ifindex (if specified). 710 * Note that loopback interface is always okay. 711 * (this may happen when we are sending a packet to one of 712 * our own addresses.) 713 */ 714 if (ifp && opts && opts->ip6po_pktinfo && 715 opts->ip6po_pktinfo->ipi6_ifindex) { 716 if (!(ifp->if_flags & IFF_LOOPBACK) && 717 ifp->if_index != 718 opts->ip6po_pktinfo->ipi6_ifindex) { 719 error = EHOSTUNREACH; 720 goto done; 721 } 722 } 723 } 724 725 done: 726 if (ifp == NULL && rt == NULL) { 727 /* 728 * This can happen if the caller did not pass a cached route 729 * nor any other hints. We treat this case an error. 730 */ 731 error = EHOSTUNREACH; 732 } 733 if (error == EHOSTUNREACH) 734 IP6STAT_INC(ip6s_noroute); 735 736 if (retifp != NULL) { 737 *retifp = ifp; 738 739 /* 740 * Adjust the "outgoing" interface. If we're going to loop 741 * the packet back to ourselves, the ifp would be the loopback 742 * interface. However, we'd rather know the interface associated 743 * to the destination address (which should probably be one of 744 * our own addresses.) 745 */ 746 if (rt) { 747 if ((rt->rt_ifp->if_flags & IFF_LOOPBACK) && 748 (rt->rt_gateway->sa_family == AF_LINK)) 749 *retifp = 750 ifnet_byindex(((struct sockaddr_dl *) 751 rt->rt_gateway)->sdl_index); 752 } 753 } 754 755 if (retrt != NULL) 756 *retrt = rt; /* rt may be NULL */ 757 758 return (error); 759} 760 761static int 762in6_selectif(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts, 763 struct ip6_moptions *mopts, struct route_in6 *ro, struct ifnet **retifp, 764 struct ifnet *oifp, u_int fibnum) 765{ 766 int error; 767 struct route_in6 sro; 768 struct rtentry *rt = NULL; 769 770 KASSERT(retifp != NULL, ("%s: retifp is NULL", __func__)); 771 772 if (ro == NULL) { 773 bzero(&sro, sizeof(sro)); 774 ro = &sro; 775 } 776 777 if ((error = selectroute(dstsock, opts, mopts, ro, retifp, 778 &rt, 1, fibnum)) != 0) { 779 if (ro == &sro && rt && rt == sro.ro_rt) 780 RTFREE(rt); 781 /* Help ND. See oifp comment in in6_selectsrc(). */ 782 if (oifp != NULL && fibnum == RT_DEFAULT_FIB) { 783 *retifp = oifp; 784 error = 0; 785 } 786 return (error); 787 } 788 789 /* 790 * do not use a rejected or black hole route. 791 * XXX: this check should be done in the L2 output routine. 792 * However, if we skipped this check here, we'd see the following 793 * scenario: 794 * - install a rejected route for a scoped address prefix 795 * (like fe80::/10) 796 * - send a packet to a destination that matches the scoped prefix, 797 * with ambiguity about the scope zone. 798 * - pick the outgoing interface from the route, and disambiguate the 799 * scope zone with the interface. 800 * - ip6_output() would try to get another route with the "new" 801 * destination, which may be valid. 802 * - we'd see no error on output. 803 * Although this may not be very harmful, it should still be confusing. 804 * We thus reject the case here. 805 */ 806 if (rt && (rt->rt_flags & (RTF_REJECT | RTF_BLACKHOLE))) { 807 int flags = (rt->rt_flags & RTF_HOST ? EHOSTUNREACH : ENETUNREACH); 808 809 if (ro == &sro && rt && rt == sro.ro_rt) 810 RTFREE(rt); 811 return (flags); 812 } 813 814 if (ro == &sro && rt && rt == sro.ro_rt) 815 RTFREE(rt); 816 return (0); 817} 818 819/* 820 * Public wrapper function to selectroute(). 821 * 822 * XXX-BZ in6_selectroute() should and will grow the FIB argument. The 823 * in6_selectroute_fib() function is only there for backward compat on stable. 824 */ 825int 826in6_selectroute(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts, 827 struct ip6_moptions *mopts, struct route_in6 *ro, 828 struct ifnet **retifp, struct rtentry **retrt) 829{ 830 831 return (selectroute(dstsock, opts, mopts, ro, retifp, 832 retrt, 0, RT_DEFAULT_FIB)); 833} 834 835#ifndef BURN_BRIDGES 836int 837in6_selectroute_fib(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts, 838 struct ip6_moptions *mopts, struct route_in6 *ro, 839 struct ifnet **retifp, struct rtentry **retrt, u_int fibnum) 840{ 841 842 return (selectroute(dstsock, opts, mopts, ro, retifp, 843 retrt, 0, fibnum)); 844} 845#endif 846 847/* 848 * Default hop limit selection. The precedence is as follows: 849 * 1. Hoplimit value specified via ioctl. 850 * 2. (If the outgoing interface is detected) the current 851 * hop limit of the interface specified by router advertisement. 852 * 3. The system default hoplimit. 853 */ 854int 855in6_selecthlim(struct inpcb *in6p, struct ifnet *ifp) 856{ 857 858 if (in6p && in6p->in6p_hops >= 0) 859 return (in6p->in6p_hops); 860 else if (ifp) 861 return (ND_IFINFO(ifp)->chlim); 862 else if (in6p && !IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) { 863 struct route_in6 ro6; 864 struct ifnet *lifp; 865 866 bzero(&ro6, sizeof(ro6)); 867 ro6.ro_dst.sin6_family = AF_INET6; 868 ro6.ro_dst.sin6_len = sizeof(struct sockaddr_in6); 869 ro6.ro_dst.sin6_addr = in6p->in6p_faddr; 870 in6_rtalloc(&ro6, in6p->inp_inc.inc_fibnum); 871 if (ro6.ro_rt) { 872 lifp = ro6.ro_rt->rt_ifp; 873 RTFREE(ro6.ro_rt); 874 if (lifp) 875 return (ND_IFINFO(lifp)->chlim); 876 } 877 } 878 return (V_ip6_defhlim); 879} 880 881/* 882 * XXX: this is borrowed from in6_pcbbind(). If possible, we should 883 * share this function by all *bsd*... 884 */ 885int 886in6_pcbsetport(struct in6_addr *laddr, struct inpcb *inp, struct ucred *cred) 887{ 888 struct socket *so = inp->inp_socket; 889 u_int16_t lport = 0; 890 int error, lookupflags = 0; 891#ifdef INVARIANTS 892 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 893#endif 894 895 INP_WLOCK_ASSERT(inp); 896 INP_HASH_WLOCK_ASSERT(pcbinfo); 897 898 error = prison_local_ip6(cred, laddr, 899 ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)); 900 if (error) 901 return(error); 902 903 /* XXX: this is redundant when called from in6_pcbbind */ 904 if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0) 905 lookupflags = INPLOOKUP_WILDCARD; 906 907 inp->inp_flags |= INP_ANONPORT; 908 909 error = in_pcb_lport(inp, NULL, &lport, cred, lookupflags); 910 if (error != 0) 911 return (error); 912 913 inp->inp_lport = lport; 914 if (in_pcbinshash(inp) != 0) { 915 inp->in6p_laddr = in6addr_any; 916 inp->inp_lport = 0; 917 return (EAGAIN); 918 } 919 920 return (0); 921} 922 923void 924addrsel_policy_init(void) 925{ 926 927 init_policy_queue(); 928 929 /* initialize the "last resort" policy */ 930 bzero(&V_defaultaddrpolicy, sizeof(V_defaultaddrpolicy)); 931 V_defaultaddrpolicy.label = ADDR_LABEL_NOTAPP; 932 933 if (!IS_DEFAULT_VNET(curvnet)) 934 return; 935 936 ADDRSEL_LOCK_INIT(); 937 ADDRSEL_SXLOCK_INIT(); 938} 939 940static struct in6_addrpolicy * 941lookup_addrsel_policy(struct sockaddr_in6 *key) 942{ 943 struct in6_addrpolicy *match = NULL; 944 945 ADDRSEL_LOCK(); 946 match = match_addrsel_policy(key); 947 948 if (match == NULL) 949 match = &V_defaultaddrpolicy; 950 else 951 match->use++; 952 ADDRSEL_UNLOCK(); 953 954 return (match); 955} 956 957/* 958 * Subroutines to manage the address selection policy table via sysctl. 959 */ 960struct walkarg { 961 struct sysctl_req *w_req; 962}; 963 964static int in6_src_sysctl(SYSCTL_HANDLER_ARGS); 965SYSCTL_DECL(_net_inet6_ip6); 966static SYSCTL_NODE(_net_inet6_ip6, IPV6CTL_ADDRCTLPOLICY, addrctlpolicy, 967 CTLFLAG_RD, in6_src_sysctl, ""); 968 969static int 970in6_src_sysctl(SYSCTL_HANDLER_ARGS) 971{ 972 struct walkarg w; 973 974 if (req->newptr) 975 return EPERM; 976 977 bzero(&w, sizeof(w)); 978 w.w_req = req; 979 980 return (walk_addrsel_policy(dump_addrsel_policyent, &w)); 981} 982 983int 984in6_src_ioctl(u_long cmd, caddr_t data) 985{ 986 int i; 987 struct in6_addrpolicy ent0; 988 989 if (cmd != SIOCAADDRCTL_POLICY && cmd != SIOCDADDRCTL_POLICY) 990 return (EOPNOTSUPP); /* check for safety */ 991 992 ent0 = *(struct in6_addrpolicy *)data; 993 994 if (ent0.label == ADDR_LABEL_NOTAPP) 995 return (EINVAL); 996 /* check if the prefix mask is consecutive. */ 997 if (in6_mask2len(&ent0.addrmask.sin6_addr, NULL) < 0) 998 return (EINVAL); 999 /* clear trailing garbages (if any) of the prefix address. */ 1000 for (i = 0; i < 4; i++) { 1001 ent0.addr.sin6_addr.s6_addr32[i] &= 1002 ent0.addrmask.sin6_addr.s6_addr32[i]; 1003 } 1004 ent0.use = 0; 1005 1006 switch (cmd) { 1007 case SIOCAADDRCTL_POLICY: 1008 return (add_addrsel_policyent(&ent0)); 1009 case SIOCDADDRCTL_POLICY: 1010 return (delete_addrsel_policyent(&ent0)); 1011 } 1012 1013 return (0); /* XXX: compromise compilers */ 1014} 1015 1016/* 1017 * The followings are implementation of the policy table using a 1018 * simple tail queue. 1019 * XXX such details should be hidden. 1020 * XXX implementation using binary tree should be more efficient. 1021 */ 1022struct addrsel_policyent { 1023 TAILQ_ENTRY(addrsel_policyent) ape_entry; 1024 struct in6_addrpolicy ape_policy; 1025}; 1026 1027TAILQ_HEAD(addrsel_policyhead, addrsel_policyent); 1028 1029static VNET_DEFINE(struct addrsel_policyhead, addrsel_policytab); 1030#define V_addrsel_policytab VNET(addrsel_policytab) 1031 1032static void 1033init_policy_queue(void) 1034{ 1035 1036 TAILQ_INIT(&V_addrsel_policytab); 1037} 1038 1039static int 1040add_addrsel_policyent(struct in6_addrpolicy *newpolicy) 1041{ 1042 struct addrsel_policyent *new, *pol; 1043 1044 new = malloc(sizeof(*new), M_IFADDR, 1045 M_WAITOK); 1046 ADDRSEL_XLOCK(); 1047 ADDRSEL_LOCK(); 1048 1049 /* duplication check */ 1050 TAILQ_FOREACH(pol, &V_addrsel_policytab, ape_entry) { 1051 if (IN6_ARE_ADDR_EQUAL(&newpolicy->addr.sin6_addr, 1052 &pol->ape_policy.addr.sin6_addr) && 1053 IN6_ARE_ADDR_EQUAL(&newpolicy->addrmask.sin6_addr, 1054 &pol->ape_policy.addrmask.sin6_addr)) { 1055 ADDRSEL_UNLOCK(); 1056 ADDRSEL_XUNLOCK(); 1057 free(new, M_IFADDR); 1058 return (EEXIST); /* or override it? */ 1059 } 1060 } 1061 1062 bzero(new, sizeof(*new)); 1063 1064 /* XXX: should validate entry */ 1065 new->ape_policy = *newpolicy; 1066 1067 TAILQ_INSERT_TAIL(&V_addrsel_policytab, new, ape_entry); 1068 ADDRSEL_UNLOCK(); 1069 ADDRSEL_XUNLOCK(); 1070 1071 return (0); 1072} 1073 1074static int 1075delete_addrsel_policyent(struct in6_addrpolicy *key) 1076{ 1077 struct addrsel_policyent *pol; 1078 1079 ADDRSEL_XLOCK(); 1080 ADDRSEL_LOCK(); 1081 1082 /* search for the entry in the table */ 1083 TAILQ_FOREACH(pol, &V_addrsel_policytab, ape_entry) { 1084 if (IN6_ARE_ADDR_EQUAL(&key->addr.sin6_addr, 1085 &pol->ape_policy.addr.sin6_addr) && 1086 IN6_ARE_ADDR_EQUAL(&key->addrmask.sin6_addr, 1087 &pol->ape_policy.addrmask.sin6_addr)) { 1088 break; 1089 } 1090 } 1091 if (pol == NULL) { 1092 ADDRSEL_UNLOCK(); 1093 ADDRSEL_XUNLOCK(); 1094 return (ESRCH); 1095 } 1096 1097 TAILQ_REMOVE(&V_addrsel_policytab, pol, ape_entry); 1098 ADDRSEL_UNLOCK(); 1099 ADDRSEL_XUNLOCK(); 1100 free(pol, M_IFADDR); 1101 1102 return (0); 1103} 1104 1105static int 1106walk_addrsel_policy(int (*callback)(struct in6_addrpolicy *, void *), void *w) 1107{ 1108 struct addrsel_policyent *pol; 1109 int error = 0; 1110 1111 ADDRSEL_SLOCK(); 1112 TAILQ_FOREACH(pol, &V_addrsel_policytab, ape_entry) { 1113 if ((error = (*callback)(&pol->ape_policy, w)) != 0) { 1114 ADDRSEL_SUNLOCK(); 1115 return (error); 1116 } 1117 } 1118 ADDRSEL_SUNLOCK(); 1119 return (error); 1120} 1121 1122static int 1123dump_addrsel_policyent(struct in6_addrpolicy *pol, void *arg) 1124{ 1125 int error = 0; 1126 struct walkarg *w = arg; 1127 1128 error = SYSCTL_OUT(w->w_req, pol, sizeof(*pol)); 1129 1130 return (error); 1131} 1132 1133static struct in6_addrpolicy * 1134match_addrsel_policy(struct sockaddr_in6 *key) 1135{ 1136 struct addrsel_policyent *pent; 1137 struct in6_addrpolicy *bestpol = NULL, *pol; 1138 int matchlen, bestmatchlen = -1; 1139 u_char *mp, *ep, *k, *p, m; 1140 1141 TAILQ_FOREACH(pent, &V_addrsel_policytab, ape_entry) { 1142 matchlen = 0; 1143 1144 pol = &pent->ape_policy; 1145 mp = (u_char *)&pol->addrmask.sin6_addr; 1146 ep = mp + 16; /* XXX: scope field? */ 1147 k = (u_char *)&key->sin6_addr; 1148 p = (u_char *)&pol->addr.sin6_addr; 1149 for (; mp < ep && *mp; mp++, k++, p++) { 1150 m = *mp; 1151 if ((*k & m) != *p) 1152 goto next; /* not match */ 1153 if (m == 0xff) /* short cut for a typical case */ 1154 matchlen += 8; 1155 else { 1156 while (m >= 0x80) { 1157 matchlen++; 1158 m <<= 1; 1159 } 1160 } 1161 } 1162 1163 /* matched. check if this is better than the current best. */ 1164 if (bestpol == NULL || 1165 matchlen > bestmatchlen) { 1166 bestpol = pol; 1167 bestmatchlen = matchlen; 1168 } 1169 1170 next: 1171 continue; 1172 } 1173 1174 return (bestpol); 1175} 1176