raw_ip6.c revision 148385
1139826Simp/*- 253541Sshin * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 353541Sshin * All rights reserved. 453541Sshin * 553541Sshin * Redistribution and use in source and binary forms, with or without 653541Sshin * modification, are permitted provided that the following conditions 753541Sshin * are met: 853541Sshin * 1. Redistributions of source code must retain the above copyright 953541Sshin * notice, this list of conditions and the following disclaimer. 1053541Sshin * 2. Redistributions in binary form must reproduce the above copyright 1153541Sshin * notice, this list of conditions and the following disclaimer in the 1253541Sshin * documentation and/or other materials provided with the distribution. 1353541Sshin * 3. Neither the name of the project nor the names of its contributors 1453541Sshin * may be used to endorse or promote products derived from this software 1553541Sshin * without specific prior written permission. 1653541Sshin * 1753541Sshin * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 1853541Sshin * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 1953541Sshin * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 2053541Sshin * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 2153541Sshin * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 2253541Sshin * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2353541Sshin * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2453541Sshin * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 2553541Sshin * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 2653541Sshin * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 2753541Sshin * SUCH DAMAGE. 2853541Sshin * 2953541Sshin * $FreeBSD: head/sys/netinet6/raw_ip6.c 148385 2005-07-25 12:31:43Z ume $ 3053541Sshin */ 3153541Sshin 32139826Simp/*- 3353541Sshin * Copyright (c) 1982, 1986, 1988, 1993 3453541Sshin * The Regents of the University of California. All rights reserved. 3553541Sshin * 3653541Sshin * Redistribution and use in source and binary forms, with or without 3753541Sshin * modification, are permitted provided that the following conditions 3853541Sshin * are met: 3953541Sshin * 1. Redistributions of source code must retain the above copyright 4053541Sshin * notice, this list of conditions and the following disclaimer. 4153541Sshin * 2. Redistributions in binary form must reproduce the above copyright 4253541Sshin * notice, this list of conditions and the following disclaimer in the 4353541Sshin * documentation and/or other materials provided with the distribution. 4453541Sshin * 4. Neither the name of the University nor the names of its contributors 4553541Sshin * may be used to endorse or promote products derived from this software 4653541Sshin * without specific prior written permission. 4753541Sshin * 4853541Sshin * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 4953541Sshin * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 5053541Sshin * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 5153541Sshin * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 5253541Sshin * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 5353541Sshin * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 5453541Sshin * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 5553541Sshin * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 5653541Sshin * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 5753541Sshin * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 5853541Sshin * SUCH DAMAGE. 5953541Sshin * 6053541Sshin * @(#)raw_ip.c 8.2 (Berkeley) 1/4/94 6153541Sshin */ 6253541Sshin 6355009Sshin#include "opt_ipsec.h" 6478064Sume#include "opt_inet6.h" 6555009Sshin 6653541Sshin#include <sys/param.h> 6795759Stanimura#include <sys/errno.h> 6895759Stanimura#include <sys/lock.h> 6953541Sshin#include <sys/malloc.h> 7095759Stanimura#include <sys/mbuf.h> 7153541Sshin#include <sys/proc.h> 7295759Stanimura#include <sys/protosw.h> 7395759Stanimura#include <sys/signalvar.h> 7453541Sshin#include <sys/socket.h> 7553541Sshin#include <sys/socketvar.h> 7695759Stanimura#include <sys/sx.h> 7753541Sshin#include <sys/systm.h> 78148385Sume#include <sys/syslog.h> 7953541Sshin 8053541Sshin#include <net/if.h> 8195759Stanimura#include <net/if_types.h> 8253541Sshin#include <net/route.h> 8353541Sshin 8453541Sshin#include <netinet/in.h> 8553541Sshin#include <netinet/in_var.h> 8653541Sshin#include <netinet/in_systm.h> 8795759Stanimura#include <netinet/icmp6.h> 8895759Stanimura#include <netinet/in_pcb.h> 8962587Sitojun#include <netinet/ip6.h> 9095759Stanimura#include <netinet6/ip6protosw.h> 9156723Sshin#include <netinet6/ip6_mroute.h> 9253541Sshin#include <netinet6/in6_pcb.h> 9395759Stanimura#include <netinet6/ip6_var.h> 9453541Sshin#include <netinet6/nd6.h> 9595759Stanimura#include <netinet6/raw_ip6.h> 9662587Sitojun#include <netinet6/scope6_var.h> 9753541Sshin 9853541Sshin#ifdef IPSEC 9953541Sshin#include <netinet6/ipsec.h> 10053541Sshin#include <netinet6/ipsec6.h> 10153541Sshin#endif /*IPSEC*/ 10253541Sshin 103105199Ssam#ifdef FAST_IPSEC 104105199Ssam#include <netipsec/ipsec.h> 105105199Ssam#include <netipsec/ipsec6.h> 106105199Ssam#endif /* FAST_IPSEC */ 107105199Ssam 10853541Sshin#include <machine/stdarg.h> 10953541Sshin 11053541Sshin#define satosin6(sa) ((struct sockaddr_in6 *)(sa)) 11153541Sshin#define ifatoia6(ifa) ((struct in6_ifaddr *)(ifa)) 11253541Sshin 11353541Sshin/* 11453541Sshin * Raw interface to IP6 protocol. 11553541Sshin */ 11653541Sshin 11753541Sshinextern struct inpcbhead ripcb; 11853541Sshinextern struct inpcbinfo ripcbinfo; 11953541Sshinextern u_long rip_sendspace; 12053541Sshinextern u_long rip_recvspace; 12153541Sshin 12278064Sumestruct rip6stat rip6stat; 12378064Sume 12453541Sshin/* 12553541Sshin * Setup generic address and protocol structures 12653541Sshin * for raw_input routine, then pass them along with 12753541Sshin * mbuf chain. 12853541Sshin */ 12953541Sshinint 13053541Sshinrip6_input(mp, offp, proto) 13153541Sshin struct mbuf **mp; 13253541Sshin int *offp, proto; 13353541Sshin{ 13453541Sshin struct mbuf *m = *mp; 13553541Sshin register struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); 13653541Sshin register struct inpcb *in6p; 13753541Sshin struct inpcb *last = 0; 13878064Sume struct mbuf *opts = NULL; 139121901Sume struct sockaddr_in6 fromsa; 14053541Sshin 14178064Sume rip6stat.rip6s_ipackets++; 14278064Sume 14383934Sbrooks if (faithprefix_p != NULL && (*faithprefix_p)(&ip6->ip6_dst)) { 14478064Sume /* XXX send icmp6 host/port unreach? */ 14578064Sume m_freem(m); 14678064Sume return IPPROTO_DONE; 14753541Sshin } 14878064Sume 149121901Sume init_sin6(&fromsa, m); /* general init */ 15053541Sshin 151132714Srwatson INP_INFO_RLOCK(&ripcbinfo); 15253541Sshin LIST_FOREACH(in6p, &ripcb, inp_list) { 153132714Srwatson INP_LOCK(in6p); 154132714Srwatson if ((in6p->in6p_vflag & INP_IPV6) == 0) { 155132714Srwatsondocontinue: 156132714Srwatson INP_UNLOCK(in6p); 15753541Sshin continue; 158132714Srwatson } 15953541Sshin if (in6p->in6p_ip6_nxt && 16053541Sshin in6p->in6p_ip6_nxt != proto) 161132714Srwatson goto docontinue; 16253541Sshin if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) && 16353541Sshin !IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &ip6->ip6_dst)) 164132714Srwatson goto docontinue; 16553541Sshin if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr) && 16653541Sshin !IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, &ip6->ip6_src)) 167132714Srwatson goto docontinue; 16878064Sume if (in6p->in6p_cksum != -1) { 16978064Sume rip6stat.rip6s_isum++; 17078064Sume if (in6_cksum(m, ip6->ip6_nxt, *offp, 17178064Sume m->m_pkthdr.len - *offp)) { 17278064Sume rip6stat.rip6s_badsum++; 173132714Srwatson goto docontinue; 17478064Sume } 17553541Sshin } 17653541Sshin if (last) { 17753541Sshin struct mbuf *n = m_copy(m, 0, (int)M_COPYALL); 17878064Sume 179125941Sume#if defined(IPSEC) || defined(FAST_IPSEC) 18078064Sume /* 18178064Sume * Check AH/ESP integrity. 18278064Sume */ 183125396Sume if (n && ipsec6_in_reject(n, last)) { 18478064Sume m_freem(n); 185125941Sume#ifdef IPSEC 18678064Sume ipsec6stat.in_polvio++; 18778064Sume#endif /*IPSEC*/ 188105199Ssam /* do not inject data into pcb */ 189105199Ssam } else 190125941Sume#endif /*IPSEC || FAST_IPSEC*/ 19153541Sshin if (n) { 19297658Stanimura if (last->in6p_flags & IN6P_CONTROLOPTS || 19397658Stanimura last->in6p_socket->so_options & SO_TIMESTAMP) 194121674Sume ip6_savecontrol(last, n, &opts); 19553541Sshin /* strip intermediate headers */ 19653541Sshin m_adj(n, *offp); 19753541Sshin if (sbappendaddr(&last->in6p_socket->so_rcv, 198121901Sume (struct sockaddr *)&fromsa, 19953541Sshin n, opts) == 0) { 20053541Sshin m_freem(n); 20153541Sshin if (opts) 20253541Sshin m_freem(opts); 20378064Sume rip6stat.rip6s_fullsock++; 20497658Stanimura } else 20553541Sshin sorwakeup(last->in6p_socket); 20653541Sshin opts = NULL; 20753541Sshin } 208132714Srwatson INP_UNLOCK(last); 20953541Sshin } 21053541Sshin last = in6p; 21153541Sshin } 212125941Sume#if defined(IPSEC) || defined(FAST_IPSEC) 21378064Sume /* 21478064Sume * Check AH/ESP integrity. 21578064Sume */ 216125396Sume if (last && ipsec6_in_reject(m, last)) { 21778064Sume m_freem(m); 218125941Sume#ifdef IPSEC 21978064Sume ipsec6stat.in_polvio++; 22078064Sume#endif /*IPSEC*/ 221105199Ssam ip6stat.ip6s_delivered--; 222105199Ssam /* do not inject data into pcb */ 223105199Ssam } else 224125941Sume#endif /*IPSEC || FAST_IPSEC*/ 22553541Sshin if (last) { 22697658Stanimura if (last->in6p_flags & IN6P_CONTROLOPTS || 22797658Stanimura last->in6p_socket->so_options & SO_TIMESTAMP) 228121674Sume ip6_savecontrol(last, m, &opts); 22953541Sshin /* strip intermediate headers */ 23053541Sshin m_adj(m, *offp); 23153541Sshin if (sbappendaddr(&last->in6p_socket->so_rcv, 232121901Sume (struct sockaddr *)&fromsa, m, opts) == 0) { 23353541Sshin m_freem(m); 23453541Sshin if (opts) 23553541Sshin m_freem(opts); 23678064Sume rip6stat.rip6s_fullsock++; 23797658Stanimura } else 23853541Sshin sorwakeup(last->in6p_socket); 239132714Srwatson INP_UNLOCK(last); 24053541Sshin } else { 24178064Sume rip6stat.rip6s_nosock++; 24278064Sume if (m->m_flags & M_MCAST) 24378064Sume rip6stat.rip6s_nosockmcast++; 24453541Sshin if (proto == IPPROTO_NONE) 24553541Sshin m_freem(m); 24653541Sshin else { 24753541Sshin char *prvnxtp = ip6_get_prevhdr(m, *offp); /* XXX */ 24853541Sshin icmp6_error(m, ICMP6_PARAM_PROB, 24953541Sshin ICMP6_PARAMPROB_NEXTHEADER, 25053541Sshin prvnxtp - mtod(m, char *)); 25153541Sshin } 25253541Sshin ip6stat.ip6s_delivered--; 25353541Sshin } 254134655Srwatson INP_INFO_RUNLOCK(&ripcbinfo); 25553541Sshin return IPPROTO_DONE; 25653541Sshin} 25753541Sshin 25862587Sitojunvoid 25962587Sitojunrip6_ctlinput(cmd, sa, d) 26062587Sitojun int cmd; 26162587Sitojun struct sockaddr *sa; 26262587Sitojun void *d; 26362587Sitojun{ 26462587Sitojun struct ip6_hdr *ip6; 26562587Sitojun struct mbuf *m; 26662587Sitojun int off = 0; 26778064Sume struct ip6ctlparam *ip6cp = NULL; 26878064Sume const struct sockaddr_in6 *sa6_src = NULL; 269125776Sume void *cmdarg; 27098211Shsu struct inpcb *(*notify) __P((struct inpcb *, int)) = in6_rtchange; 27162587Sitojun 27262587Sitojun if (sa->sa_family != AF_INET6 || 27362587Sitojun sa->sa_len != sizeof(struct sockaddr_in6)) 27462587Sitojun return; 27562587Sitojun 27662587Sitojun if ((unsigned)cmd >= PRC_NCMDS) 27762587Sitojun return; 27862587Sitojun if (PRC_IS_REDIRECT(cmd)) 27962587Sitojun notify = in6_rtchange, d = NULL; 28062587Sitojun else if (cmd == PRC_HOSTDEAD) 28162587Sitojun d = NULL; 28262587Sitojun else if (inet6ctlerrmap[cmd] == 0) 28362587Sitojun return; 28462587Sitojun 28562587Sitojun /* if the parameter is from icmp6, decode it. */ 28662587Sitojun if (d != NULL) { 28778064Sume ip6cp = (struct ip6ctlparam *)d; 28862587Sitojun m = ip6cp->ip6c_m; 28962587Sitojun ip6 = ip6cp->ip6c_ip6; 29062587Sitojun off = ip6cp->ip6c_off; 291125776Sume cmdarg = ip6cp->ip6c_cmdarg; 29278064Sume sa6_src = ip6cp->ip6c_src; 29362587Sitojun } else { 29462587Sitojun m = NULL; 29562587Sitojun ip6 = NULL; 296125776Sume cmdarg = NULL; 29778064Sume sa6_src = &sa6_any; 29862587Sitojun } 29962587Sitojun 300133192Srwatson (void) in6_pcbnotify(&ripcbinfo, sa, 0, 301133192Srwatson (const struct sockaddr *)sa6_src, 302125776Sume 0, cmd, cmdarg, notify); 30362587Sitojun} 30462587Sitojun 30553541Sshin/* 30653541Sshin * Generate IPv6 header and pass packet to ip6_output. 30753541Sshin * Tack on options user may have setup with control call. 30853541Sshin */ 30953541Sshinint 31053541Sshin#if __STDC__ 31153541Sshinrip6_output(struct mbuf *m, ...) 31253541Sshin#else 31353541Sshinrip6_output(m, va_alist) 31453541Sshin struct mbuf *m; 31553541Sshin va_dcl 31653541Sshin#endif 31753541Sshin{ 318120941Sume struct mbuf *control; 31953541Sshin struct socket *so; 32053541Sshin struct sockaddr_in6 *dstsock; 32153541Sshin struct in6_addr *dst; 32253541Sshin struct ip6_hdr *ip6; 32353541Sshin struct inpcb *in6p; 32453541Sshin u_int plen = m->m_pkthdr.len; 32553541Sshin int error = 0; 326148247Sume struct ip6_pktopts opt, *optp; 32753541Sshin struct ifnet *oifp = NULL; 32853541Sshin int type = 0, code = 0; /* for ICMPv6 output statistics only */ 32953541Sshin int priv = 0; 330148385Sume int scope_ambiguous = 0; 331121472Sume struct in6_addr *in6a; 33253541Sshin va_list ap; 33353541Sshin 33453541Sshin va_start(ap, m); 33553541Sshin so = va_arg(ap, struct socket *); 33653541Sshin dstsock = va_arg(ap, struct sockaddr_in6 *); 33753541Sshin control = va_arg(ap, struct mbuf *); 33853541Sshin va_end(ap); 33953541Sshin 34053541Sshin in6p = sotoin6pcb(so); 341132714Srwatson INP_LOCK(in6p); 34253541Sshin 34353541Sshin priv = 0; 34453541Sshin if (so->so_cred->cr_uid == 0) 34553541Sshin priv = 1; 34653541Sshin dst = &dstsock->sin6_addr; 34753541Sshin if (control) { 348148242Sume if ((error = ip6_setpktopts(control, &opt, 349148250Sume in6p->in6p_outputopts, priv, so->so_proto->pr_protocol)) 350121472Sume != 0) { 35153541Sshin goto bad; 352121472Sume } 353148247Sume optp = &opt; 354148247Sume } else 355148247Sume optp = in6p->in6p_outputopts; 35653541Sshin 35753541Sshin /* 358148385Sume * Check and convert scope zone ID into internal form. 359148385Sume * XXX: we may still need to determine the zone later. 360148385Sume */ 361148385Sume if (!(so->so_state & SS_ISCONNECTED)) { 362148385Sume if (dstsock->sin6_scope_id == 0 && !ip6_use_defzone) 363148385Sume scope_ambiguous = 1; 364148385Sume if ((error = sa6_embedscope(dstsock, ip6_use_defzone)) != 0) 365148385Sume goto bad; 366148385Sume } 367148385Sume 368148385Sume /* 36953541Sshin * For an ICMPv6 packet, we should know its type and code 37053541Sshin * to update statistics. 37153541Sshin */ 37253541Sshin if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) { 37353541Sshin struct icmp6_hdr *icmp6; 37453541Sshin if (m->m_len < sizeof(struct icmp6_hdr) && 37553541Sshin (m = m_pullup(m, sizeof(struct icmp6_hdr))) == NULL) { 37653541Sshin error = ENOBUFS; 37753541Sshin goto bad; 37853541Sshin } 37953541Sshin icmp6 = mtod(m, struct icmp6_hdr *); 38053541Sshin type = icmp6->icmp6_type; 38153541Sshin code = icmp6->icmp6_code; 38253541Sshin } 38353541Sshin 384133592Srwatson M_PREPEND(m, sizeof(*ip6), M_DONTWAIT); 385133592Srwatson if (m == NULL) { 386133592Srwatson error = ENOBUFS; 387133592Srwatson goto bad; 388133592Srwatson } 38953541Sshin ip6 = mtod(m, struct ip6_hdr *); 39053541Sshin 39153541Sshin /* 39253541Sshin * Source address selection. 39353541Sshin */ 394148247Sume if ((in6a = in6_selectsrc(dstsock, optp, in6p->in6p_moptions, NULL, 395148385Sume &in6p->in6p_laddr, &oifp, &error)) == NULL) { 396121472Sume if (error == 0) 397121472Sume error = EADDRNOTAVAIL; 398121472Sume goto bad; 39953541Sshin } 400121472Sume ip6->ip6_src = *in6a; 401148385Sume 402148385Sume if (oifp && scope_ambiguous) { 403148385Sume /* 404148385Sume * Application should provide a proper zone ID or the use of 405148385Sume * default zone IDs should be enabled. Unfortunately, some 406148385Sume * applications do not behave as it should, so we need a 407148385Sume * workaround. Even if an appropriate ID is not determined 408148385Sume * (when it's required), if we can determine the outgoing 409148385Sume * interface. determine the zone ID based on the interface. 410148385Sume */ 411148385Sume error = in6_setscope(&dstsock->sin6_addr, oifp, NULL); 412148385Sume if (error != 0) 413148385Sume goto bad; 414148385Sume } 415148385Sume ip6->ip6_dst = dstsock->sin6_addr; 416148385Sume 417148385Sume /* fill in the rest of the IPv6 header fields */ 41855009Sshin ip6->ip6_flow = (ip6->ip6_flow & ~IPV6_FLOWINFO_MASK) | 41955009Sshin (in6p->in6p_flowinfo & IPV6_FLOWINFO_MASK); 42055009Sshin ip6->ip6_vfc = (ip6->ip6_vfc & ~IPV6_VERSION_MASK) | 42155009Sshin (IPV6_VERSION & IPV6_VERSION_MASK); 42253541Sshin /* ip6_plen will be filled in ip6_output, so not fill it here. */ 42353541Sshin ip6->ip6_nxt = in6p->in6p_ip6_nxt; 42453541Sshin ip6->ip6_hlim = in6_selecthlim(in6p, oifp); 42553541Sshin 42653541Sshin if (so->so_proto->pr_protocol == IPPROTO_ICMPV6 || 42753541Sshin in6p->in6p_cksum != -1) { 42853541Sshin struct mbuf *n; 42953541Sshin int off; 43053541Sshin u_int16_t *p; 43153541Sshin 43253541Sshin /* compute checksum */ 43353541Sshin if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) 43453541Sshin off = offsetof(struct icmp6_hdr, icmp6_cksum); 43553541Sshin else 43653541Sshin off = in6p->in6p_cksum; 43753541Sshin if (plen < off + 1) { 43853541Sshin error = EINVAL; 43953541Sshin goto bad; 44053541Sshin } 44153541Sshin off += sizeof(struct ip6_hdr); 44253541Sshin 44353541Sshin n = m; 44453541Sshin while (n && n->m_len <= off) { 44553541Sshin off -= n->m_len; 44653541Sshin n = n->m_next; 44753541Sshin } 44853541Sshin if (!n) 44953541Sshin goto bad; 45053541Sshin p = (u_int16_t *)(mtod(n, caddr_t) + off); 45153541Sshin *p = 0; 45253541Sshin *p = in6_cksum(m, ip6->ip6_nxt, sizeof(*ip6), plen); 45353541Sshin } 45453541Sshin 455148247Sume error = ip6_output(m, optp, NULL, 0, in6p->in6p_moptions, &oifp, in6p); 45653541Sshin if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) { 45753541Sshin if (oifp) 45853541Sshin icmp6_ifoutstat_inc(oifp, type, code); 45953541Sshin icmp6stat.icp6s_outhist[type]++; 46078064Sume } else 46178064Sume rip6stat.rip6s_opackets++; 46253541Sshin 46353541Sshin goto freectl; 46453541Sshin 46553541Sshin bad: 46653541Sshin if (m) 46753541Sshin m_freem(m); 46853541Sshin 46953541Sshin freectl: 47078064Sume if (control) { 471148247Sume ip6_clearpktopts(&opt, -1); 47253541Sshin m_freem(control); 47378064Sume } 474132714Srwatson INP_UNLOCK(in6p); 475120856Sume return (error); 47653541Sshin} 47753541Sshin 47853541Sshin/* 47953541Sshin * Raw IPv6 socket option processing. 48053541Sshin */ 48153541Sshinint 48253541Sshinrip6_ctloutput(so, sopt) 48353541Sshin struct socket *so; 48453541Sshin struct sockopt *sopt; 48553541Sshin{ 48653541Sshin int error; 48753541Sshin 48853541Sshin if (sopt->sopt_level == IPPROTO_ICMPV6) 48953541Sshin /* 49053541Sshin * XXX: is it better to call icmp6_ctloutput() directly 49153541Sshin * from protosw? 49253541Sshin */ 493120856Sume return (icmp6_ctloutput(so, sopt)); 49453541Sshin else if (sopt->sopt_level != IPPROTO_IPV6) 49553541Sshin return (EINVAL); 49653541Sshin 49753541Sshin error = 0; 49853541Sshin 49953541Sshin switch (sopt->sopt_dir) { 50053541Sshin case SOPT_GET: 50153541Sshin switch (sopt->sopt_name) { 50256723Sshin case MRT6_INIT: 50356723Sshin case MRT6_DONE: 50456723Sshin case MRT6_ADD_MIF: 50556723Sshin case MRT6_DEL_MIF: 50656723Sshin case MRT6_ADD_MFC: 50756723Sshin case MRT6_DEL_MFC: 50856723Sshin case MRT6_PIM: 50956723Sshin error = ip6_mrouter_get(so, sopt); 51056723Sshin break; 511121578Sume case IPV6_CHECKSUM: 512121578Sume error = ip6_raw_ctloutput(so, sopt); 513121578Sume break; 51453541Sshin default: 51553541Sshin error = ip6_ctloutput(so, sopt); 51653541Sshin break; 51753541Sshin } 51853541Sshin break; 51953541Sshin 52053541Sshin case SOPT_SET: 52153541Sshin switch (sopt->sopt_name) { 52256723Sshin case MRT6_INIT: 52356723Sshin case MRT6_DONE: 52456723Sshin case MRT6_ADD_MIF: 52556723Sshin case MRT6_DEL_MIF: 52656723Sshin case MRT6_ADD_MFC: 52756723Sshin case MRT6_DEL_MFC: 52856723Sshin case MRT6_PIM: 52956723Sshin error = ip6_mrouter_set(so, sopt); 53056723Sshin break; 531121578Sume case IPV6_CHECKSUM: 532121578Sume error = ip6_raw_ctloutput(so, sopt); 533121578Sume break; 53453541Sshin default: 53553541Sshin error = ip6_ctloutput(so, sopt); 53653541Sshin break; 53753541Sshin } 53853541Sshin break; 53953541Sshin } 54053541Sshin 54153541Sshin return (error); 54253541Sshin} 54353541Sshin 54453541Sshinstatic int 54583366Sjulianrip6_attach(struct socket *so, int proto, struct thread *td) 54653541Sshin{ 54753541Sshin struct inpcb *inp; 548144261Ssam struct icmp6_filter *filter; 54953541Sshin int error, s; 55053541Sshin 551132714Srwatson INP_INFO_WLOCK(&ripcbinfo); 55253541Sshin inp = sotoinpcb(so); 553132714Srwatson if (inp) { 554132714Srwatson INP_INFO_WUNLOCK(&ripcbinfo); 55553541Sshin panic("rip6_attach"); 556132714Srwatson } 557132714Srwatson if (td && (error = suser(td)) != 0) { 558132714Srwatson INP_INFO_WUNLOCK(&ripcbinfo); 55953541Sshin return error; 560132714Srwatson } 56155009Sshin error = soreserve(so, rip_sendspace, rip_recvspace); 562132714Srwatson if (error) { 563132714Srwatson INP_INFO_WUNLOCK(&ripcbinfo); 56455009Sshin return error; 565132714Srwatson } 566144261Ssam MALLOC(filter, struct icmp6_filter *, 567144261Ssam sizeof(struct icmp6_filter), M_PCB, M_NOWAIT); 568144261Ssam if (filter == NULL) 569144261Ssam return ENOMEM; 57053541Sshin s = splnet(); 571127504Spjd error = in_pcballoc(so, &ripcbinfo, "raw6inp"); 57253541Sshin splx(s); 573132714Srwatson if (error) { 574132714Srwatson INP_INFO_WUNLOCK(&ripcbinfo); 575144261Ssam FREE(filter, M_PCB); 57653541Sshin return error; 577132714Srwatson } 57853541Sshin inp = (struct inpcb *)so->so_pcb; 579132714Srwatson INP_LOCK(inp); 580132714Srwatson INP_INFO_WUNLOCK(&ripcbinfo); 58153541Sshin inp->inp_vflag |= INP_IPV6; 58253541Sshin inp->in6p_ip6_nxt = (long)proto; 58353541Sshin inp->in6p_hops = -1; /* use kernel default */ 58453541Sshin inp->in6p_cksum = -1; 585144261Ssam inp->in6p_icmp6filt = filter; 58653541Sshin ICMP6_FILTER_SETPASSALL(inp->in6p_icmp6filt); 587132714Srwatson INP_UNLOCK(inp); 58853541Sshin return 0; 58953541Sshin} 59053541Sshin 59153541Sshinstatic int 59253541Sshinrip6_detach(struct socket *so) 59353541Sshin{ 59453541Sshin struct inpcb *inp; 59553541Sshin 596132714Srwatson INP_INFO_WLOCK(&ripcbinfo); 59753541Sshin inp = sotoinpcb(so); 598132714Srwatson if (inp == 0) { 599132714Srwatson INP_INFO_WUNLOCK(&ripcbinfo); 60053541Sshin panic("rip6_detach"); 601132714Srwatson } 60253541Sshin /* xxx: RSVP */ 60357535Sshin if (so == ip6_mrouter) 60457535Sshin ip6_mrouter_done(); 60553541Sshin if (inp->in6p_icmp6filt) { 60653541Sshin FREE(inp->in6p_icmp6filt, M_PCB); 60753541Sshin inp->in6p_icmp6filt = NULL; 60853541Sshin } 609132714Srwatson INP_LOCK(inp); 61053541Sshin in6_pcbdetach(inp); 611132714Srwatson INP_INFO_WUNLOCK(&ripcbinfo); 61253541Sshin return 0; 61353541Sshin} 61453541Sshin 61553541Sshinstatic int 61653541Sshinrip6_abort(struct socket *so) 61753541Sshin{ 61853541Sshin soisdisconnected(so); 61953541Sshin return rip6_detach(so); 62053541Sshin} 62153541Sshin 62253541Sshinstatic int 62353541Sshinrip6_disconnect(struct socket *so) 62453541Sshin{ 62553541Sshin struct inpcb *inp = sotoinpcb(so); 62653541Sshin 62797658Stanimura if ((so->so_state & SS_ISCONNECTED) == 0) 62853541Sshin return ENOTCONN; 62953541Sshin inp->in6p_faddr = in6addr_any; 63053541Sshin return rip6_abort(so); 63153541Sshin} 63253541Sshin 63353541Sshinstatic int 63483366Sjulianrip6_bind(struct socket *so, struct sockaddr *nam, struct thread *td) 63553541Sshin{ 63653541Sshin struct inpcb *inp = sotoinpcb(so); 63753541Sshin struct sockaddr_in6 *addr = (struct sockaddr_in6 *)nam; 63853541Sshin struct ifaddr *ia = NULL; 639148385Sume int error = 0; 64053541Sshin 64153541Sshin if (nam->sa_len != sizeof(*addr)) 64253541Sshin return EINVAL; 64353541Sshin if (TAILQ_EMPTY(&ifnet) || addr->sin6_family != AF_INET6) 64453541Sshin return EADDRNOTAVAIL; 645148385Sume if ((error = sa6_embedscope(addr, ip6_use_defzone)) != 0) 646148385Sume return(error); 647148385Sume 64853541Sshin if (!IN6_IS_ADDR_UNSPECIFIED(&addr->sin6_addr) && 64953541Sshin (ia = ifa_ifwithaddr((struct sockaddr *)addr)) == 0) 65053541Sshin return EADDRNOTAVAIL; 65153541Sshin if (ia && 65253541Sshin ((struct in6_ifaddr *)ia)->ia6_flags & 65353541Sshin (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY| 65453541Sshin IN6_IFF_DETACHED|IN6_IFF_DEPRECATED)) { 655120856Sume return (EADDRNOTAVAIL); 65653541Sshin } 657132714Srwatson INP_INFO_WLOCK(&ripcbinfo); 658132714Srwatson INP_LOCK(inp); 65953541Sshin inp->in6p_laddr = addr->sin6_addr; 660132714Srwatson INP_UNLOCK(inp); 661132714Srwatson INP_INFO_WUNLOCK(&ripcbinfo); 66253541Sshin return 0; 66353541Sshin} 66453541Sshin 66553541Sshinstatic int 66683366Sjulianrip6_connect(struct socket *so, struct sockaddr *nam, struct thread *td) 66753541Sshin{ 66853541Sshin struct inpcb *inp = sotoinpcb(so); 66953541Sshin struct sockaddr_in6 *addr = (struct sockaddr_in6 *)nam; 67053541Sshin struct in6_addr *in6a = NULL; 671148385Sume struct ifnet *ifp = NULL; 672148385Sume int error = 0, scope_ambiguous = 0; 67353541Sshin 67453541Sshin if (nam->sa_len != sizeof(*addr)) 67553541Sshin return EINVAL; 67653541Sshin if (TAILQ_EMPTY(&ifnet)) 67753541Sshin return EADDRNOTAVAIL; 67853541Sshin if (addr->sin6_family != AF_INET6) 67953541Sshin return EAFNOSUPPORT; 680148385Sume 681148385Sume /* 682148385Sume * Application should provide a proper zone ID or the use of 683148385Sume * default zone IDs should be enabled. Unfortunately, some 684148385Sume * applications do not behave as it should, so we need a 685148385Sume * workaround. Even if an appropriate ID is not determined, 686148385Sume * we'll see if we can determine the outgoing interface. If we 687148385Sume * can, determine the zone ID based on the interface below. 688148385Sume */ 689148385Sume if (addr->sin6_scope_id == 0 && !ip6_use_defzone) 690148385Sume scope_ambiguous = 1; 691148385Sume if ((error = sa6_embedscope(addr, ip6_use_defzone)) != 0) 692148385Sume return(error); 693148385Sume 694132714Srwatson INP_INFO_WLOCK(&ripcbinfo); 695132714Srwatson INP_LOCK(inp); 69653541Sshin /* Source address selection. XXX: need pcblookup? */ 69753541Sshin in6a = in6_selectsrc(addr, inp->in6p_outputopts, 698122927Sandre inp->in6p_moptions, NULL, 699148385Sume &inp->in6p_laddr, &ifp, &error); 700132714Srwatson if (in6a == NULL) { 701132714Srwatson INP_UNLOCK(inp); 702132714Srwatson INP_INFO_WUNLOCK(&ripcbinfo); 70353541Sshin return (error ? error : EADDRNOTAVAIL); 704132714Srwatson } 705148385Sume 706148385Sume /* XXX: see above */ 707148385Sume if (ifp && scope_ambiguous && 708148385Sume (error = in6_setscope(&addr->sin6_addr, ifp, NULL)) != 0) { 709148385Sume INP_UNLOCK(inp); 710148385Sume INP_INFO_WUNLOCK(&ripcbinfo); 711148385Sume return(error); 712148385Sume } 713148385Sume inp->in6p_faddr = addr->sin6_addr; 71453541Sshin inp->in6p_laddr = *in6a; 71553541Sshin soisconnected(so); 716132714Srwatson INP_UNLOCK(inp); 717132714Srwatson INP_INFO_WUNLOCK(&ripcbinfo); 71853541Sshin return 0; 71953541Sshin} 72053541Sshin 72153541Sshinstatic int 72253541Sshinrip6_shutdown(struct socket *so) 72353541Sshin{ 724132714Srwatson struct inpcb *inp; 725132714Srwatson 726132714Srwatson INP_INFO_RLOCK(&ripcbinfo); 727132714Srwatson inp = sotoinpcb(so); 728132714Srwatson INP_LOCK(inp); 729132714Srwatson INP_INFO_RUNLOCK(&ripcbinfo); 73053541Sshin socantsendmore(so); 731132714Srwatson INP_UNLOCK(inp); 73253541Sshin return 0; 73353541Sshin} 73453541Sshin 73553541Sshinstatic int 73653541Sshinrip6_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, 73783366Sjulian struct mbuf *control, struct thread *td) 73853541Sshin{ 73953541Sshin struct inpcb *inp = sotoinpcb(so); 74053541Sshin struct sockaddr_in6 tmp; 74153541Sshin struct sockaddr_in6 *dst; 742132714Srwatson int ret; 74353541Sshin 744132714Srwatson INP_INFO_WLOCK(&ripcbinfo); 74562587Sitojun /* always copy sockaddr to avoid overwrites */ 746132714Srwatson /* Unlocked read. */ 74753541Sshin if (so->so_state & SS_ISCONNECTED) { 74853541Sshin if (nam) { 749132714Srwatson INP_INFO_WUNLOCK(&ripcbinfo); 75053541Sshin m_freem(m); 75153541Sshin return EISCONN; 75253541Sshin } 75353541Sshin /* XXX */ 75453541Sshin bzero(&tmp, sizeof(tmp)); 75553541Sshin tmp.sin6_family = AF_INET6; 75653541Sshin tmp.sin6_len = sizeof(struct sockaddr_in6); 75753541Sshin bcopy(&inp->in6p_faddr, &tmp.sin6_addr, 75853541Sshin sizeof(struct in6_addr)); 75953541Sshin dst = &tmp; 76053541Sshin } else { 76153541Sshin if (nam == NULL) { 762132714Srwatson INP_INFO_WUNLOCK(&ripcbinfo); 76353541Sshin m_freem(m); 76453541Sshin return ENOTCONN; 76553541Sshin } 766148385Sume if (nam->sa_len != sizeof(struct sockaddr_in6)) { 767148385Sume INP_INFO_WUNLOCK(&ripcbinfo); 768148385Sume m_freem(m); 769148385Sume return(EINVAL); 770148385Sume } 77162587Sitojun tmp = *(struct sockaddr_in6 *)nam; 77262587Sitojun dst = &tmp; 773148385Sume 774148385Sume if (dst->sin6_family == AF_UNSPEC) { 775148385Sume /* 776148385Sume * XXX: we allow this case for backward 777148385Sume * compatibility to buggy applications that 778148385Sume * rely on old (and wrong) kernel behavior. 779148385Sume */ 780148385Sume log(LOG_INFO, "rip6 SEND: address family is " 781148385Sume "unspec. Assume AF_INET6\n"); 782148385Sume dst->sin6_family = AF_INET6; 783148385Sume } else if (dst->sin6_family != AF_INET6) { 784148385Sume INP_INFO_WUNLOCK(&ripcbinfo); 785148385Sume m_freem(m); 786148385Sume return(EAFNOSUPPORT); 787148385Sume } 78853541Sshin } 789132714Srwatson ret = rip6_output(m, so, dst, control); 790132714Srwatson INP_INFO_WUNLOCK(&ripcbinfo); 791132714Srwatson return (ret); 79253541Sshin} 79353541Sshin 79453541Sshinstruct pr_usrreqs rip6_usrreqs = { 795137386Sphk .pru_abort = rip6_abort, 796137386Sphk .pru_attach = rip6_attach, 797137386Sphk .pru_bind = rip6_bind, 798137386Sphk .pru_connect = rip6_connect, 799137386Sphk .pru_control = in6_control, 800137386Sphk .pru_detach = rip6_detach, 801137386Sphk .pru_disconnect = rip6_disconnect, 802137386Sphk .pru_peeraddr = in6_setpeeraddr, 803137386Sphk .pru_send = rip6_send, 804137386Sphk .pru_shutdown = rip6_shutdown, 805137386Sphk .pru_sockaddr = in6_setsockaddr, 80653541Sshin}; 807