1139826Simp/*- 253541Sshin * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 3222488Srwatson * Copyright (c) 2010-2011 Juniper Networks, Inc. 453541Sshin * All rights reserved. 553541Sshin * 6222488Srwatson * Portions of this software were developed by Robert N. M. Watson under 7222488Srwatson * contract to Juniper Networks, Inc. 8222488Srwatson * 953541Sshin * Redistribution and use in source and binary forms, with or without 1053541Sshin * modification, are permitted provided that the following conditions 1153541Sshin * are met: 1253541Sshin * 1. Redistributions of source code must retain the above copyright 1353541Sshin * notice, this list of conditions and the following disclaimer. 1453541Sshin * 2. Redistributions in binary form must reproduce the above copyright 1553541Sshin * notice, this list of conditions and the following disclaimer in the 1653541Sshin * documentation and/or other materials provided with the distribution. 1753541Sshin * 3. Neither the name of the project nor the names of its contributors 1853541Sshin * may be used to endorse or promote products derived from this software 1953541Sshin * without specific prior written permission. 2053541Sshin * 2153541Sshin * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 2253541Sshin * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 2353541Sshin * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 2453541Sshin * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 2553541Sshin * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 2653541Sshin * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2753541Sshin * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2853541Sshin * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 2953541Sshin * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 3053541Sshin * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 3153541Sshin * SUCH DAMAGE. 3253541Sshin * 33174510Sobrien * $KAME: in6_pcb.c,v 1.31 2001/05/21 05:45:10 jinmei Exp $ 3453541Sshin */ 3553541Sshin 36139826Simp/*- 3753541Sshin * Copyright (c) 1982, 1986, 1991, 1993 3853541Sshin * The Regents of the University of California. All rights reserved. 3953541Sshin * 4053541Sshin * Redistribution and use in source and binary forms, with or without 4153541Sshin * modification, are permitted provided that the following conditions 4253541Sshin * are met: 4353541Sshin * 1. Redistributions of source code must retain the above copyright 4453541Sshin * notice, this list of conditions and the following disclaimer. 4553541Sshin * 2. Redistributions in binary form must reproduce the above copyright 4653541Sshin * notice, this list of conditions and the following disclaimer in the 4753541Sshin * documentation and/or other materials provided with the distribution. 4853541Sshin * 4. Neither the name of the University nor the names of its contributors 4953541Sshin * may be used to endorse or promote products derived from this software 5053541Sshin * without specific prior written permission. 5153541Sshin * 5253541Sshin * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 5353541Sshin * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 5453541Sshin * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 5553541Sshin * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 5653541Sshin * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 5753541Sshin * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 5853541Sshin * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 5953541Sshin * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 6053541Sshin * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 6153541Sshin * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 6253541Sshin * SUCH DAMAGE. 6353541Sshin * 6453541Sshin * @(#)in_pcb.c 8.2 (Berkeley) 1/4/94 6553541Sshin */ 6653541Sshin 67174510Sobrien#include <sys/cdefs.h> 68174510Sobrien__FBSDID("$FreeBSD: stable/11/sys/netinet6/in6_pcb.c 332821 2018-04-20 14:47:02Z jtl $"); 69174510Sobrien 7078064Sume#include "opt_inet.h" 7178064Sume#include "opt_inet6.h" 7255009Sshin#include "opt_ipsec.h" 73222748Srwatson#include "opt_pcbgroup.h" 74263198Srwatson#include "opt_rss.h" 7553541Sshin 7653541Sshin#include <sys/param.h> 7753541Sshin#include <sys/systm.h> 7853541Sshin#include <sys/malloc.h> 7953541Sshin#include <sys/mbuf.h> 8055679Sshin#include <sys/domain.h> 8153541Sshin#include <sys/protosw.h> 8253541Sshin#include <sys/socket.h> 8353541Sshin#include <sys/socketvar.h> 8453541Sshin#include <sys/sockio.h> 8553541Sshin#include <sys/errno.h> 8653541Sshin#include <sys/time.h> 87164033Srwatson#include <sys/priv.h> 8853541Sshin#include <sys/proc.h> 8953541Sshin#include <sys/jail.h> 9053541Sshin 9192767Sjeff#include <vm/uma.h> 9253541Sshin 9353541Sshin#include <net/if.h> 94257176Sglebius#include <net/if_var.h> 95301217Sgnn#include <net/if_llatbl.h> 9653541Sshin#include <net/if_types.h> 9753541Sshin#include <net/route.h> 9853541Sshin 9953541Sshin#include <netinet/in.h> 10053541Sshin#include <netinet/in_var.h> 10153541Sshin#include <netinet/in_systm.h> 10298102Shsu#include <netinet/tcp_var.h> 10362587Sitojun#include <netinet/ip6.h> 10455679Sshin#include <netinet/ip_var.h> 105181887Sjulian 10653541Sshin#include <netinet6/ip6_var.h> 10753541Sshin#include <netinet6/nd6.h> 10853541Sshin#include <netinet/in_pcb.h> 10953541Sshin#include <netinet6/in6_pcb.h> 110148385Sume#include <netinet6/scope6_var.h> 11153541Sshin 112271391Saestatic struct inpcb *in6_pcblookup_hash_locked(struct inpcbinfo *, 113271391Sae struct in6_addr *, u_int, struct in6_addr *, u_int, int, struct ifnet *); 114271391Sae 11553541Sshinint 116331643Sdimin6_pcbbind(struct inpcb *inp, struct sockaddr *nam, 117171259Sdelphij struct ucred *cred) 11853541Sshin{ 11953541Sshin struct socket *so = inp->inp_socket; 12053541Sshin struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)NULL; 12153541Sshin struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 12253541Sshin u_short lport = 0; 123222215Srwatson int error, lookupflags = 0; 124222215Srwatson int reuseport = (so->so_options & SO_REUSEPORT); 12553541Sshin 126178285Srwatson INP_WLOCK_ASSERT(inp); 127222488Srwatson INP_HASH_WLOCK_ASSERT(pcbinfo); 128132714Srwatson 129194907Srwatson if (TAILQ_EMPTY(&V_in6_ifaddrhead)) /* XXX broken! */ 13053541Sshin return (EADDRNOTAVAIL); 13153541Sshin if (inp->inp_lport || !IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) 132120856Sume return (EINVAL); 13353541Sshin if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0) 134222215Srwatson lookupflags = INPLOOKUP_WILDCARD; 135188148Sjamie if (nam == NULL) { 136188148Sjamie if ((error = prison_local_ip6(cred, &inp->in6p_laddr, 137188148Sjamie ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0))) != 0) 138188148Sjamie return (error); 139188148Sjamie } else { 14053541Sshin sin6 = (struct sockaddr_in6 *)nam; 14153541Sshin if (nam->sa_len != sizeof(*sin6)) 142120856Sume return (EINVAL); 14353541Sshin /* 14453541Sshin * family check. 14553541Sshin */ 14653541Sshin if (nam->sa_family != AF_INET6) 147120856Sume return (EAFNOSUPPORT); 14853541Sshin 149181803Sbz if ((error = sa6_embedscope(sin6, V_ip6_use_defzone)) != 0) 150148385Sume return(error); 15153541Sshin 152188144Sjamie if ((error = prison_local_ip6(cred, &sin6->sin6_addr, 153188144Sjamie ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0))) != 0) 154188144Sjamie return (error); 155185435Sbz 15653541Sshin lport = sin6->sin6_port; 15753541Sshin if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) { 15853541Sshin /* 15953541Sshin * Treat SO_REUSEADDR as SO_REUSEPORT for multicast; 16053541Sshin * allow compepte duplication of binding if 16153541Sshin * SO_REUSEPORT is set, or if SO_REUSEADDR is set 16253541Sshin * and a multicast address is bound on both 16353541Sshin * new and duplicated sockets. 16453541Sshin */ 165253282Strociny if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) != 0) 16653541Sshin reuseport = SO_REUSEADDR|SO_REUSEPORT; 16753541Sshin } else if (!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 168194760Srwatson struct ifaddr *ifa; 16953541Sshin 17053541Sshin sin6->sin6_port = 0; /* yech... */ 171194760Srwatson if ((ifa = ifa_ifwithaddr((struct sockaddr *)sin6)) == 172194760Srwatson NULL && 173193217Spjd (inp->inp_flags & INP_BINDANY) == 0) { 174120856Sume return (EADDRNOTAVAIL); 175193217Spjd } 17653541Sshin 17753541Sshin /* 17853541Sshin * XXX: bind to an anycast address might accidentally 17953541Sshin * cause sending a packet with anycast source address. 18078064Sume * We should allow to bind to a deprecated address, since 181120913Sume * the application dares to use it. 18253541Sshin */ 183194760Srwatson if (ifa != NULL && 184194760Srwatson ((struct in6_ifaddr *)ifa)->ia6_flags & 18578064Sume (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY|IN6_IFF_DETACHED)) { 186194760Srwatson ifa_free(ifa); 187120856Sume return (EADDRNOTAVAIL); 18853541Sshin } 189194760Srwatson if (ifa != NULL) 190194760Srwatson ifa_free(ifa); 19153541Sshin } 19253541Sshin if (lport) { 19353541Sshin struct inpcb *t; 194227206Strociny struct tcptw *tw; 19553541Sshin 19653541Sshin /* GROSS */ 197181803Sbz if (ntohs(lport) <= V_ipport_reservedhigh && 198181803Sbz ntohs(lport) >= V_ipport_reservedlow && 199164033Srwatson priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT, 200170587Srwatson 0)) 201120856Sume return (EACCES); 202159976Spjd if (!IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr) && 203183606Sbz priv_check_cred(inp->inp_cred, 204170587Srwatson PRIV_NETINET_REUSEPORT, 0) != 0) { 20555679Sshin t = in6_pcblookup_local(pcbinfo, 20653541Sshin &sin6->sin6_addr, lport, 207180427Sbz INPLOOKUP_WILDCARD, cred); 208132699Syar if (t && 209268562Sadrian ((inp->inp_flags2 & INP_BINDMULTI) == 0) && 210189848Srwatson ((t->inp_flags & INP_TIMEWAIT) == 0) && 211132699Syar (so->so_type != SOCK_STREAM || 212132699Syar IN6_IS_ADDR_UNSPECIFIED(&t->in6p_faddr)) && 21397658Stanimura (!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr) || 214171260Sdelphij !IN6_IS_ADDR_UNSPECIFIED(&t->in6p_laddr) || 215227207Strociny (t->inp_flags2 & INP_REUSEPORT) == 0) && 216227207Strociny (inp->inp_cred->cr_uid != 217183606Sbz t->inp_cred->cr_uid)) 21897658Stanimura return (EADDRINUSE); 219268562Sadrian 220268562Sadrian /* 221268562Sadrian * If the socket is a BINDMULTI socket, then 222268562Sadrian * the credentials need to match and the 223268562Sadrian * original socket also has to have been bound 224268562Sadrian * with BINDMULTI. 225268562Sadrian */ 226268562Sadrian if (t && (! in_pcbbind_check_bindmulti(inp, t))) 227268562Sadrian return (EADDRINUSE); 228268562Sadrian 229221247Sbz#ifdef INET 23078064Sume if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0 && 23155679Sshin IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 23255679Sshin struct sockaddr_in sin; 23355679Sshin 23455679Sshin in6_sin6_2_sin(&sin, sin6); 23555679Sshin t = in_pcblookup_local(pcbinfo, 236180427Sbz sin.sin_addr, lport, 237180427Sbz INPLOOKUP_WILDCARD, cred); 238132699Syar if (t && 239268562Sadrian ((inp->inp_flags2 & INP_BINDMULTI) == 0) && 240189848Srwatson ((t->inp_flags & 241132699Syar INP_TIMEWAIT) == 0) && 242132699Syar (so->so_type != SOCK_STREAM || 243132699Syar ntohl(t->inp_faddr.s_addr) == 244132699Syar INADDR_ANY) && 245183606Sbz (inp->inp_cred->cr_uid != 246183606Sbz t->inp_cred->cr_uid)) 24755679Sshin return (EADDRINUSE); 248268562Sadrian 249268562Sadrian if (t && (! in_pcbbind_check_bindmulti(inp, t))) 250268562Sadrian return (EADDRINUSE); 25155679Sshin } 252221247Sbz#endif 25353541Sshin } 25453541Sshin t = in6_pcblookup_local(pcbinfo, &sin6->sin6_addr, 255222215Srwatson lport, lookupflags, cred); 256227206Strociny if (t && (t->inp_flags & INP_TIMEWAIT)) { 257227206Strociny /* 258227206Strociny * XXXRW: If an incpb has had its timewait 259227206Strociny * state recycled, we treat the address as 260227206Strociny * being in use (for now). This is better 261227206Strociny * than a panic, but not desirable. 262227206Strociny */ 263227206Strociny tw = intotw(t); 264227206Strociny if (tw == NULL || 265227206Strociny (reuseport & tw->tw_so_options) == 0) 266227206Strociny return (EADDRINUSE); 267252710Strociny } else if (t && (reuseport & inp_so_options(t)) == 0) { 268120856Sume return (EADDRINUSE); 269227206Strociny } 270221247Sbz#ifdef INET 27178064Sume if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0 && 27255679Sshin IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 27355679Sshin struct sockaddr_in sin; 27455679Sshin 27555679Sshin in6_sin6_2_sin(&sin, sin6); 27655679Sshin t = in_pcblookup_local(pcbinfo, sin.sin_addr, 277222215Srwatson lport, lookupflags, cred); 278189848Srwatson if (t && t->inp_flags & INP_TIMEWAIT) { 279227206Strociny tw = intotw(t); 280227206Strociny if (tw == NULL) 281227206Strociny return (EADDRINUSE); 282227206Strociny if ((reuseport & tw->tw_so_options) == 0 283227206Strociny && (ntohl(t->inp_laddr.s_addr) != 284171260Sdelphij INADDR_ANY || ((inp->inp_vflag & 285171260Sdelphij INP_IPV6PROTO) == 286116453Scognet (t->inp_vflag & INP_IPV6PROTO)))) 287116453Scognet return (EADDRINUSE); 288252710Strociny } else if (t && 289252710Strociny (reuseport & inp_so_options(t)) == 0 && 290227207Strociny (ntohl(t->inp_laddr.s_addr) != INADDR_ANY || 291227449Strociny (t->inp_vflag & INP_IPV6PROTO) != 0)) 29297658Stanimura return (EADDRINUSE); 29355679Sshin } 294221247Sbz#endif 29553541Sshin } 29653541Sshin inp->in6p_laddr = sin6->sin6_addr; 29753541Sshin } 29853541Sshin if (lport == 0) { 299219570Sbz if ((error = in6_pcbsetport(&inp->in6p_laddr, inp, cred)) != 0) { 300219570Sbz /* Undo an address bind that may have occurred. */ 301219570Sbz inp->in6p_laddr = in6addr_any; 302188144Sjamie return (error); 303219570Sbz } 304183611Sbz } else { 30562587Sitojun inp->inp_lport = lport; 30662587Sitojun if (in_pcbinshash(inp) != 0) { 30762587Sitojun inp->in6p_laddr = in6addr_any; 30862587Sitojun inp->inp_lport = 0; 30962587Sitojun return (EAGAIN); 31053541Sshin } 31153541Sshin } 312120856Sume return (0); 31353541Sshin} 31453541Sshin 31553541Sshin/* 31653541Sshin * Transform old in6_pcbconnect() into an inner subroutine for new 31753541Sshin * in6_pcbconnect(): Do some validity-checking on the remote 31853541Sshin * address (in mbuf 'nam') and then determine local host address 31953541Sshin * (i.e., which interface) to use to access that remote host. 32053541Sshin * 32153541Sshin * This preserves definition of in6_pcbconnect(), while supporting a 32253541Sshin * slightly different version for T/TCP. (This is more than 32353541Sshin * a bit of a kludge, but cleaning up the internal interfaces would 32453541Sshin * have forced minor changes in every protocol). 32553541Sshin */ 326271391Saestatic int 327331643Sdimin6_pcbladdr(struct inpcb *inp, struct sockaddr *nam, 328194777Sbz struct in6_addr *plocal_addr6) 32953541Sshin{ 330331643Sdim struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam; 331148385Sume int error = 0; 332148385Sume int scope_ambiguous = 0; 333194777Sbz struct in6_addr in6a; 33453541Sshin 335178285Srwatson INP_WLOCK_ASSERT(inp); 336222488Srwatson INP_HASH_WLOCK_ASSERT(inp->inp_pcbinfo); /* XXXRW: why? */ 337158011Srwatson 33853541Sshin if (nam->sa_len != sizeof (*sin6)) 33953541Sshin return (EINVAL); 34053541Sshin if (sin6->sin6_family != AF_INET6) 34153541Sshin return (EAFNOSUPPORT); 34253541Sshin if (sin6->sin6_port == 0) 34353541Sshin return (EADDRNOTAVAIL); 34453541Sshin 345181803Sbz if (sin6->sin6_scope_id == 0 && !V_ip6_use_defzone) 346148385Sume scope_ambiguous = 1; 347181803Sbz if ((error = sa6_embedscope(sin6, V_ip6_use_defzone)) != 0) 348148385Sume return(error); 349148385Sume 350194907Srwatson if (!TAILQ_EMPTY(&V_in6_ifaddrhead)) { 35153541Sshin /* 35253541Sshin * If the destination address is UNSPECIFIED addr, 35353541Sshin * use the loopback addr, e.g ::1. 35453541Sshin */ 35553541Sshin if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) 35653541Sshin sin6->sin6_addr = in6addr_loopback; 35753541Sshin } 358188144Sjamie if ((error = prison_remote_ip6(inp->inp_cred, &sin6->sin6_addr)) != 0) 359188144Sjamie return (error); 360148385Sume 361293633Smelifaro error = in6_selectsrc_socket(sin6, inp->in6p_outputopts, 362293633Smelifaro inp, inp->inp_cred, scope_ambiguous, &in6a, NULL); 363194777Sbz if (error) 364194777Sbz return (error); 365194777Sbz 366148385Sume /* 367194777Sbz * Do not update this earlier, in case we return with an error. 368194777Sbz * 369293633Smelifaro * XXX: this in6_selectsrc_socket result might replace the bound local 370202915Sbz * address with the address specified by setsockopt(IPV6_PKTINFO). 371194777Sbz * Is it the intended behavior? 372194777Sbz */ 373194777Sbz *plocal_addr6 = in6a; 374194777Sbz 375194777Sbz /* 376148385Sume * Don't do pcblookup call here; return interface in 377148385Sume * plocal_addr6 378148385Sume * and exit to caller, that will do the lookup. 379148385Sume */ 380148385Sume 381120856Sume return (0); 38253541Sshin} 38353541Sshin 38453541Sshin/* 38553541Sshin * Outer subroutine: 38653541Sshin * Connect from a socket to a specified address. 38753541Sshin * Both address and port must be specified in argument sin. 38853541Sshin * If don't have a local address for this socket yet, 38953541Sshin * then pick one. 39053541Sshin */ 39153541Sshinint 392331643Sdimin6_pcbconnect_mbuf(struct inpcb *inp, struct sockaddr *nam, 393222691Srwatson struct ucred *cred, struct mbuf *m) 39453541Sshin{ 395222488Srwatson struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 396331643Sdim struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam; 397194777Sbz struct in6_addr addr6; 39853541Sshin int error; 39953541Sshin 400178285Srwatson INP_WLOCK_ASSERT(inp); 401222488Srwatson INP_HASH_WLOCK_ASSERT(pcbinfo); 402132714Srwatson 40353541Sshin /* 40495023Ssuz * Call inner routine, to assign local interface address. 40595023Ssuz * in6_pcbladdr() may automatically fill in sin6_scope_id. 40653541Sshin */ 40753541Sshin if ((error = in6_pcbladdr(inp, nam, &addr6)) != 0) 408120856Sume return (error); 40953541Sshin 410222488Srwatson if (in6_pcblookup_hash_locked(pcbinfo, &sin6->sin6_addr, 41153541Sshin sin6->sin6_port, 41253541Sshin IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr) 413194777Sbz ? &addr6 : &inp->in6p_laddr, 41453541Sshin inp->inp_lport, 0, NULL) != NULL) { 41553541Sshin return (EADDRINUSE); 41653541Sshin } 41753541Sshin if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { 41853541Sshin if (inp->inp_lport == 0) { 419127505Spjd error = in6_pcbbind(inp, (struct sockaddr *)0, cred); 42053541Sshin if (error) 42153541Sshin return (error); 42253541Sshin } 423194777Sbz inp->in6p_laddr = addr6; 42453541Sshin } 42553541Sshin inp->in6p_faddr = sin6->sin6_addr; 42653541Sshin inp->inp_fport = sin6->sin6_port; 42778064Sume /* update flowinfo - draft-itojun-ipv6-flowlabel-api-00 */ 428186141Sbz inp->inp_flow &= ~IPV6_FLOWLABEL_MASK; 429186141Sbz if (inp->inp_flags & IN6P_AUTOFLOWLABEL) 430186141Sbz inp->inp_flow |= 431120649Sume (htonl(ip6_randomflowlabel()) & IPV6_FLOWLABEL_MASK); 43253541Sshin 433222691Srwatson in_pcbrehash_mbuf(inp, m); 434171133Sgnn 43553541Sshin return (0); 43653541Sshin} 43753541Sshin 438222691Srwatsonint 439222691Srwatsonin6_pcbconnect(struct inpcb *inp, struct sockaddr *nam, struct ucred *cred) 440222691Srwatson{ 441222691Srwatson 442222691Srwatson return (in6_pcbconnect_mbuf(inp, nam, cred, NULL)); 443222691Srwatson} 444222691Srwatson 44553541Sshinvoid 446171259Sdelphijin6_pcbdisconnect(struct inpcb *inp) 44753541Sshin{ 448132714Srwatson 449178285Srwatson INP_WLOCK_ASSERT(inp); 450222488Srwatson INP_HASH_WLOCK_ASSERT(inp->inp_pcbinfo); 451132714Srwatson 45253541Sshin bzero((caddr_t)&inp->in6p_faddr, sizeof(inp->in6p_faddr)); 45353541Sshin inp->inp_fport = 0; 45478064Sume /* clear flowinfo - draft-itojun-ipv6-flowlabel-api-00 */ 455186141Sbz inp->inp_flow &= ~IPV6_FLOWLABEL_MASK; 45653541Sshin in_pcbrehash(inp); 45753541Sshin} 45853541Sshin 459102218Struckmanstruct sockaddr * 460171259Sdelphijin6_sockaddr(in_port_t port, struct in6_addr *addr_p) 461102218Struckman{ 462102218Struckman struct sockaddr_in6 *sin6; 463102218Struckman 464184205Sdes sin6 = malloc(sizeof *sin6, M_SONAME, M_WAITOK); 465102218Struckman bzero(sin6, sizeof *sin6); 466102218Struckman sin6->sin6_family = AF_INET6; 467102218Struckman sin6->sin6_len = sizeof(*sin6); 468102218Struckman sin6->sin6_port = port; 469102218Struckman sin6->sin6_addr = *addr_p; 470148385Sume (void)sa6_recoverscope(sin6); /* XXX: should catch errors */ 471102218Struckman 472102218Struckman return (struct sockaddr *)sin6; 473102218Struckman} 474102218Struckman 475102218Struckmanstruct sockaddr * 476171259Sdelphijin6_v4mapsin6_sockaddr(in_port_t port, struct in_addr *addr_p) 477102218Struckman{ 478102218Struckman struct sockaddr_in sin; 479102218Struckman struct sockaddr_in6 *sin6_p; 480102218Struckman 481102218Struckman bzero(&sin, sizeof sin); 482102218Struckman sin.sin_family = AF_INET; 483102218Struckman sin.sin_len = sizeof(sin); 484102218Struckman sin.sin_port = port; 485102218Struckman sin.sin_addr = *addr_p; 486102218Struckman 487184205Sdes sin6_p = malloc(sizeof *sin6_p, M_SONAME, 488111119Simp M_WAITOK); 489102218Struckman in6_sin_2_v4mapsin6(&sin, sin6_p); 490102218Struckman 491102218Struckman return (struct sockaddr *)sin6_p; 492102218Struckman} 493102218Struckman 49453541Sshinint 495171259Sdelphijin6_getsockaddr(struct socket *so, struct sockaddr **nam) 49653541Sshin{ 497331643Sdim struct inpcb *inp; 498102218Struckman struct in6_addr addr; 499102218Struckman in_port_t port; 50053541Sshin 50153541Sshin inp = sotoinpcb(so); 502169462Srwatson KASSERT(inp != NULL, ("in6_getsockaddr: inp == NULL")); 503157673Srwatson 504178320Srwatson INP_RLOCK(inp); 505102218Struckman port = inp->inp_lport; 506102218Struckman addr = inp->in6p_laddr; 507178320Srwatson INP_RUNLOCK(inp); 50853541Sshin 509102218Struckman *nam = in6_sockaddr(port, &addr); 51053541Sshin return 0; 51153541Sshin} 51253541Sshin 51353541Sshinint 514171259Sdelphijin6_getpeeraddr(struct socket *so, struct sockaddr **nam) 51553541Sshin{ 51653541Sshin struct inpcb *inp; 517102218Struckman struct in6_addr addr; 518102218Struckman in_port_t port; 51953541Sshin 52053541Sshin inp = sotoinpcb(so); 521169462Srwatson KASSERT(inp != NULL, ("in6_getpeeraddr: inp == NULL")); 522157673Srwatson 523178320Srwatson INP_RLOCK(inp); 524102218Struckman port = inp->inp_fport; 525102218Struckman addr = inp->in6p_faddr; 526178320Srwatson INP_RUNLOCK(inp); 52753541Sshin 528102218Struckman *nam = in6_sockaddr(port, &addr); 52953541Sshin return 0; 53053541Sshin} 53153541Sshin 53253541Sshinint 53353541Sshinin6_mapped_sockaddr(struct socket *so, struct sockaddr **nam) 53453541Sshin{ 535157673Srwatson struct inpcb *inp; 53653541Sshin int error; 53753541Sshin 538157673Srwatson inp = sotoinpcb(so); 539157673Srwatson KASSERT(inp != NULL, ("in6_mapped_sockaddr: inp == NULL")); 540157673Srwatson 541221247Sbz#ifdef INET 542124332Sume if ((inp->inp_vflag & (INP_IPV4 | INP_IPV6)) == INP_IPV4) { 543169462Srwatson error = in_getsockaddr(so, nam); 54454952Seivind if (error == 0) 54553541Sshin in6_sin_2_v4mapsin6_in_sock(nam); 546221247Sbz } else 547221247Sbz#endif 548221247Sbz { 549169462Srwatson /* scope issues will be handled in in6_getsockaddr(). */ 550169462Srwatson error = in6_getsockaddr(so, nam); 551120913Sume } 55253541Sshin 55353541Sshin return error; 55453541Sshin} 55553541Sshin 55653541Sshinint 55753541Sshinin6_mapped_peeraddr(struct socket *so, struct sockaddr **nam) 55853541Sshin{ 559157673Srwatson struct inpcb *inp; 56053541Sshin int error; 56153541Sshin 562157673Srwatson inp = sotoinpcb(so); 563157673Srwatson KASSERT(inp != NULL, ("in6_mapped_peeraddr: inp == NULL")); 564157673Srwatson 565221247Sbz#ifdef INET 566124332Sume if ((inp->inp_vflag & (INP_IPV4 | INP_IPV6)) == INP_IPV4) { 567169462Srwatson error = in_getpeeraddr(so, nam); 56854952Seivind if (error == 0) 56953541Sshin in6_sin_2_v4mapsin6_in_sock(nam); 57053541Sshin } else 571221247Sbz#endif 572169462Srwatson /* scope issues will be handled in in6_getpeeraddr(). */ 573169462Srwatson error = in6_getpeeraddr(so, nam); 57453541Sshin 57553541Sshin return error; 57653541Sshin} 57753541Sshin 57853541Sshin/* 57953541Sshin * Pass some notification to all connections of a protocol 58053541Sshin * associated with address dst. The local address and/or port numbers 58153541Sshin * may be specified to limit the search. The "usual action" will be 58253541Sshin * taken, depending on the ctlinput cmd. The caller must filter any 58353541Sshin * cmds that are uninteresting (e.g., no error in the map). 58453541Sshin * Call the protocol specific routine (if any) to report 58553541Sshin * any errors for each matching socket. 58653541Sshin */ 58753541Sshinvoid 588171259Sdelphijin6_pcbnotify(struct inpcbinfo *pcbinfo, struct sockaddr *dst, 589171259Sdelphij u_int fport_arg, const struct sockaddr *src, u_int lport_arg, 590171259Sdelphij int cmd, void *cmdarg, 591175162Sobrien struct inpcb *(*notify)(struct inpcb *, int)) 59253541Sshin{ 593177961Srwatson struct inpcb *inp, *inp_temp; 59478064Sume struct sockaddr_in6 sa6_src, *sa6_dst; 59553541Sshin u_short fport = fport_arg, lport = lport_arg; 59678064Sume u_int32_t flowinfo; 597157673Srwatson int errno; 59853541Sshin 599119995Sru if ((unsigned)cmd >= PRC_NCMDS || dst->sa_family != AF_INET6) 60053541Sshin return; 60178064Sume 60278064Sume sa6_dst = (struct sockaddr_in6 *)dst; 60378064Sume if (IN6_IS_ADDR_UNSPECIFIED(&sa6_dst->sin6_addr)) 60453541Sshin return; 60553541Sshin 60653541Sshin /* 60778064Sume * note that src can be NULL when we get notify by local fragmentation. 60878064Sume */ 60991346Salfred sa6_src = (src == NULL) ? sa6_any : *(const struct sockaddr_in6 *)src; 61078064Sume flowinfo = sa6_src.sin6_flowinfo; 61178064Sume 61278064Sume /* 61353541Sshin * Redirects go to all references to the destination, 61462587Sitojun * and use in6_rtchange to invalidate the route cache. 61562587Sitojun * Dead host indications: also use in6_rtchange to invalidate 61662587Sitojun * the cache, and deliver the error to all the sockets. 61753541Sshin * Otherwise, if we have knowledge of the local port and address, 61853541Sshin * deliver only to that socket. 61953541Sshin */ 62053541Sshin if (PRC_IS_REDIRECT(cmd) || cmd == PRC_HOSTDEAD) { 62153541Sshin fport = 0; 62253541Sshin lport = 0; 62378064Sume bzero((caddr_t)&sa6_src.sin6_addr, sizeof(sa6_src.sin6_addr)); 62462587Sitojun 62578064Sume if (cmd != PRC_HOSTDEAD) 62678064Sume notify = in6_rtchange; 62753541Sshin } 62853541Sshin errno = inet6ctlerrmap[cmd]; 629133192Srwatson INP_INFO_WLOCK(pcbinfo); 630177961Srwatson LIST_FOREACH_SAFE(inp, pcbinfo->ipi_listhead, inp_list, inp_temp) { 631178285Srwatson INP_WLOCK(inp); 632171260Sdelphij if ((inp->inp_vflag & INP_IPV6) == 0) { 633178285Srwatson INP_WUNLOCK(inp); 63453541Sshin continue; 635133192Srwatson } 63662587Sitojun 63778064Sume /* 638125776Sume * If the error designates a new path MTU for a destination 639125776Sume * and the application (associated with this socket) wanted to 640279588Sae * know the value, notify. 641125776Sume * XXX: should we avoid to notify the value to TCP sockets? 642125776Sume */ 643279684Sae if (cmd == PRC_MSGSIZE && cmdarg != NULL) 644125776Sume ip6_notify_pmtu(inp, (struct sockaddr_in6 *)dst, 645279588Sae *(u_int32_t *)cmdarg); 646125776Sume 647125776Sume /* 64878064Sume * Detect if we should notify the error. If no source and 64978064Sume * destination ports are specifed, but non-zero flowinfo and 65078064Sume * local address match, notify the error. This is the case 65178064Sume * when the error is delivered with an encrypted buffer 65278064Sume * by ESP. Otherwise, just compare addresses and ports 65378064Sume * as usual. 65478064Sume */ 65578064Sume if (lport == 0 && fport == 0 && flowinfo && 65678064Sume inp->inp_socket != NULL && 657186141Sbz flowinfo == (inp->inp_flow & IPV6_FLOWLABEL_MASK) && 65878064Sume IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, &sa6_src.sin6_addr)) 65978064Sume goto do_notify; 66078064Sume else if (!IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, 66178064Sume &sa6_dst->sin6_addr) || 66278064Sume inp->inp_socket == 0 || 66378064Sume (lport && inp->inp_lport != lport) || 66478064Sume (!IN6_IS_ADDR_UNSPECIFIED(&sa6_src.sin6_addr) && 66578064Sume !IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, 66678064Sume &sa6_src.sin6_addr)) || 667133192Srwatson (fport && inp->inp_fport != fport)) { 668178285Srwatson INP_WUNLOCK(inp); 66953541Sshin continue; 670133192Srwatson } 67162587Sitojun 67278064Sume do_notify: 673134121Srwatson if (notify) { 674134121Srwatson if ((*notify)(inp, errno)) 675178285Srwatson INP_WUNLOCK(inp); 676134121Srwatson } else 677178285Srwatson INP_WUNLOCK(inp); 67853541Sshin } 679133192Srwatson INP_INFO_WUNLOCK(pcbinfo); 68053541Sshin} 68153541Sshin 68253541Sshin/* 683222488Srwatson * Lookup a PCB based on the local address and port. Caller must hold the 684222488Srwatson * hash lock. No inpcb locks or references are acquired. 68553541Sshin */ 68653541Sshinstruct inpcb * 687171259Sdelphijin6_pcblookup_local(struct inpcbinfo *pcbinfo, struct in6_addr *laddr, 688222215Srwatson u_short lport, int lookupflags, struct ucred *cred) 68953541Sshin{ 690331643Sdim struct inpcb *inp; 69153541Sshin int matchwild = 3, wildcard; 69253541Sshin 693222215Srwatson KASSERT((lookupflags & ~(INPLOOKUP_WILDCARD)) == 0, 694222215Srwatson ("%s: invalid lookup flags %d", __func__, lookupflags)); 695222215Srwatson 696222488Srwatson INP_HASH_WLOCK_ASSERT(pcbinfo); 697158011Srwatson 698222215Srwatson if ((lookupflags & INPLOOKUP_WILDCARD) == 0) { 69953541Sshin struct inpcbhead *head; 70053541Sshin /* 70153541Sshin * Look for an unconnected (wildcard foreign addr) PCB that 70253541Sshin * matches the local address and port we're looking for. 70353541Sshin */ 704271386Sae head = &pcbinfo->ipi_hashbase[INP_PCBHASH( 705271386Sae INP6_PCBHASHKEY(&in6addr_any), lport, 0, 706271386Sae pcbinfo->ipi_hashmask)]; 70753541Sshin LIST_FOREACH(inp, head, inp_hash) { 708185435Sbz /* XXX inp locking */ 70954952Seivind if ((inp->inp_vflag & INP_IPV6) == 0) 71053541Sshin continue; 71153541Sshin if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) && 71253541Sshin IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr) && 71353541Sshin inp->inp_lport == lport) { 714185435Sbz /* Found. */ 715185435Sbz if (cred == NULL || 716192895Sjamie prison_equal_ip6(cred->cr_prison, 717192895Sjamie inp->inp_cred->cr_prison)) 718185435Sbz return (inp); 71953541Sshin } 72053541Sshin } 72153541Sshin /* 72253541Sshin * Not found. 72353541Sshin */ 72453541Sshin return (NULL); 72553541Sshin } else { 72653541Sshin struct inpcbporthead *porthash; 72753541Sshin struct inpcbport *phd; 72853541Sshin struct inpcb *match = NULL; 72953541Sshin /* 73053541Sshin * Best fit PCB lookup. 73153541Sshin * 73253541Sshin * First see if this local port is in use by looking on the 73353541Sshin * port hash list. 73453541Sshin */ 735169154Srwatson porthash = &pcbinfo->ipi_porthashbase[INP_PCBPORTHASH(lport, 736169154Srwatson pcbinfo->ipi_porthashmask)]; 73753541Sshin LIST_FOREACH(phd, porthash, phd_hash) { 73853541Sshin if (phd->phd_port == lport) 73953541Sshin break; 74053541Sshin } 74153541Sshin if (phd != NULL) { 74253541Sshin /* 74353541Sshin * Port is in use by one or more PCBs. Look for best 74453541Sshin * fit. 74553541Sshin */ 74653541Sshin LIST_FOREACH(inp, &phd->phd_pcblist, inp_portlist) { 74753541Sshin wildcard = 0; 748185435Sbz if (cred != NULL && 749192895Sjamie !prison_equal_ip6(cred->cr_prison, 750192895Sjamie inp->inp_cred->cr_prison)) 751185435Sbz continue; 752185435Sbz /* XXX inp locking */ 75354952Seivind if ((inp->inp_vflag & INP_IPV6) == 0) 75453541Sshin continue; 75553541Sshin if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr)) 75653541Sshin wildcard++; 75753541Sshin if (!IN6_IS_ADDR_UNSPECIFIED( 75853541Sshin &inp->in6p_laddr)) { 75953541Sshin if (IN6_IS_ADDR_UNSPECIFIED(laddr)) 76053541Sshin wildcard++; 76153541Sshin else if (!IN6_ARE_ADDR_EQUAL( 762185435Sbz &inp->in6p_laddr, laddr)) 76353541Sshin continue; 76453541Sshin } else { 76553541Sshin if (!IN6_IS_ADDR_UNSPECIFIED(laddr)) 76653541Sshin wildcard++; 76753541Sshin } 76853541Sshin if (wildcard < matchwild) { 76953541Sshin match = inp; 77053541Sshin matchwild = wildcard; 771185435Sbz if (matchwild == 0) 77253541Sshin break; 77353541Sshin } 77453541Sshin } 77553541Sshin } 77653541Sshin return (match); 77753541Sshin } 77853541Sshin} 77953541Sshin 78081127Sumevoid 781171259Sdelphijin6_pcbpurgeif0(struct inpcbinfo *pcbinfo, struct ifnet *ifp) 78281127Sume{ 783186141Sbz struct inpcb *in6p; 78481127Sume struct ip6_moptions *im6o; 785191672Sbms int i, gap; 78681127Sume 787286227Sjch INP_INFO_WLOCK(pcbinfo); 788169154Srwatson LIST_FOREACH(in6p, pcbinfo->ipi_listhead, inp_list) { 789178285Srwatson INP_WLOCK(in6p); 79081127Sume im6o = in6p->in6p_moptions; 791191672Sbms if ((in6p->inp_vflag & INP_IPV6) && im6o != NULL) { 79281127Sume /* 793191672Sbms * Unselect the outgoing ifp for multicast if it 794191672Sbms * is being detached. 79581127Sume */ 79681127Sume if (im6o->im6o_multicast_ifp == ifp) 79781127Sume im6o->im6o_multicast_ifp = NULL; 79881127Sume /* 79981127Sume * Drop multicast group membership if we joined 80081127Sume * through the interface being detached. 80181127Sume */ 802191672Sbms gap = 0; 803191672Sbms for (i = 0; i < im6o->im6o_num_memberships; i++) { 804191672Sbms if (im6o->im6o_membership[i]->in6m_ifp == 805191672Sbms ifp) { 806191672Sbms in6_mc_leave(im6o->im6o_membership[i], 807191672Sbms NULL); 808191672Sbms gap++; 809191672Sbms } else if (gap != 0) { 810191672Sbms im6o->im6o_membership[i - gap] = 811191672Sbms im6o->im6o_membership[i]; 81281127Sume } 81381127Sume } 814191672Sbms im6o->im6o_num_memberships -= gap; 81581127Sume } 816178285Srwatson INP_WUNLOCK(in6p); 81781127Sume } 818286227Sjch INP_INFO_WUNLOCK(pcbinfo); 81981127Sume} 82081127Sume 82153541Sshin/* 82253541Sshin * Check for alternatives when higher level complains 82353541Sshin * about service problems. For now, invalidate cached 82453541Sshin * routing information. If the route was created dynamically 82553541Sshin * (by a redirect), time to try a default gateway again. 82653541Sshin */ 82753541Sshinvoid 828171259Sdelphijin6_losing(struct inpcb *in6p) 82953541Sshin{ 830171259Sdelphij 831297225Sgnn if (in6p->inp_route6.ro_rt) { 832297225Sgnn RTFREE(in6p->inp_route6.ro_rt); 833297225Sgnn in6p->inp_route6.ro_rt = (struct rtentry *)NULL; 834297225Sgnn } 835301217Sgnn if (in6p->inp_route.ro_lle) 836301217Sgnn LLE_FREE(in6p->inp_route.ro_lle); /* zeros ro_lle */ 837122922Sandre return; 83853541Sshin} 83953541Sshin 84053541Sshin/* 84153541Sshin * After a routing change, flush old routing 84253541Sshin * and allocate a (hopefully) better one. 84353541Sshin */ 84498211Shsustruct inpcb * 845171259Sdelphijin6_rtchange(struct inpcb *inp, int errno) 84653541Sshin{ 847297225Sgnn 848297225Sgnn if (inp->inp_route6.ro_rt) { 849297225Sgnn RTFREE(inp->inp_route6.ro_rt); 850297225Sgnn inp->inp_route6.ro_rt = (struct rtentry *)NULL; 851297225Sgnn } 852301217Sgnn if (inp->inp_route.ro_lle) 853301217Sgnn LLE_FREE(inp->inp_route.ro_lle); /* zeros ro_lle */ 85498211Shsu return inp; 85553541Sshin} 85653541Sshin 857222748Srwatson#ifdef PCBGROUP 85853541Sshin/* 859222748Srwatson * Lookup PCB in hash list, using pcbgroup tables. 860222748Srwatson */ 861222748Srwatsonstatic struct inpcb * 862222748Srwatsonin6_pcblookup_group(struct inpcbinfo *pcbinfo, struct inpcbgroup *pcbgroup, 863222748Srwatson struct in6_addr *faddr, u_int fport_arg, struct in6_addr *laddr, 864222748Srwatson u_int lport_arg, int lookupflags, struct ifnet *ifp) 865222748Srwatson{ 866222748Srwatson struct inpcbhead *head; 867222748Srwatson struct inpcb *inp, *tmpinp; 868222748Srwatson u_short fport = fport_arg, lport = lport_arg; 869332821Sjtl bool locked; 870222748Srwatson 871222748Srwatson /* 872222748Srwatson * First look for an exact match. 873222748Srwatson */ 874222748Srwatson tmpinp = NULL; 875222748Srwatson INP_GROUP_LOCK(pcbgroup); 876271386Sae head = &pcbgroup->ipg_hashbase[INP_PCBHASH( 877271386Sae INP6_PCBHASHKEY(faddr), lport, fport, pcbgroup->ipg_hashmask)]; 878222748Srwatson LIST_FOREACH(inp, head, inp_pcbgrouphash) { 879222748Srwatson /* XXX inp locking */ 880222748Srwatson if ((inp->inp_vflag & INP_IPV6) == 0) 881222748Srwatson continue; 882222748Srwatson if (IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, faddr) && 883222748Srwatson IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr) && 884222748Srwatson inp->inp_fport == fport && 885222748Srwatson inp->inp_lport == lport) { 886222748Srwatson /* 887222748Srwatson * XXX We should be able to directly return 888222748Srwatson * the inp here, without any checks. 889222748Srwatson * Well unless both bound with SO_REUSEPORT? 890222748Srwatson */ 891222748Srwatson if (prison_flag(inp->inp_cred, PR_IP6)) 892222748Srwatson goto found; 893222748Srwatson if (tmpinp == NULL) 894222748Srwatson tmpinp = inp; 895222748Srwatson } 896222748Srwatson } 897222748Srwatson if (tmpinp != NULL) { 898222748Srwatson inp = tmpinp; 899222748Srwatson goto found; 900222748Srwatson } 901222748Srwatson 902222748Srwatson /* 903268562Sadrian * Then look for a wildcard match in the pcbgroup. 904268562Sadrian */ 905268562Sadrian if ((lookupflags & INPLOOKUP_WILDCARD) != 0) { 906268562Sadrian struct inpcb *local_wild = NULL, *local_exact = NULL; 907268562Sadrian struct inpcb *jail_wild = NULL; 908268562Sadrian int injail; 909268562Sadrian 910268562Sadrian /* 911268562Sadrian * Order of socket selection - we always prefer jails. 912268562Sadrian * 1. jailed, non-wild. 913268562Sadrian * 2. jailed, wild. 914268562Sadrian * 3. non-jailed, non-wild. 915268562Sadrian * 4. non-jailed, wild. 916268562Sadrian */ 917268562Sadrian head = &pcbgroup->ipg_hashbase[ 918268562Sadrian INP_PCBHASH(INADDR_ANY, lport, 0, pcbgroup->ipg_hashmask)]; 919268562Sadrian LIST_FOREACH(inp, head, inp_pcbgrouphash) { 920268562Sadrian /* XXX inp locking */ 921268562Sadrian if ((inp->inp_vflag & INP_IPV6) == 0) 922268562Sadrian continue; 923268562Sadrian 924268562Sadrian if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) || 925268562Sadrian inp->inp_lport != lport) { 926268562Sadrian continue; 927268562Sadrian } 928268562Sadrian 929268562Sadrian injail = prison_flag(inp->inp_cred, PR_IP6); 930268562Sadrian if (injail) { 931268562Sadrian if (prison_check_ip6(inp->inp_cred, 932268562Sadrian laddr) != 0) 933268562Sadrian continue; 934268562Sadrian } else { 935268562Sadrian if (local_exact != NULL) 936268562Sadrian continue; 937268562Sadrian } 938268562Sadrian 939268562Sadrian if (IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr)) { 940268562Sadrian if (injail) 941268562Sadrian goto found; 942268562Sadrian else 943268562Sadrian local_exact = inp; 944268562Sadrian } else if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { 945268562Sadrian if (injail) 946268562Sadrian jail_wild = inp; 947268562Sadrian else 948268562Sadrian local_wild = inp; 949268562Sadrian } 950268562Sadrian } /* LIST_FOREACH */ 951268562Sadrian 952268562Sadrian inp = jail_wild; 953268562Sadrian if (inp == NULL) 954268562Sadrian inp = jail_wild; 955268562Sadrian if (inp == NULL) 956268562Sadrian inp = local_exact; 957268562Sadrian if (inp == NULL) 958268562Sadrian inp = local_wild; 959268562Sadrian if (inp != NULL) 960268562Sadrian goto found; 961268562Sadrian } 962268562Sadrian 963268562Sadrian /* 964222748Srwatson * Then look for a wildcard match, if requested. 965222748Srwatson */ 966222748Srwatson if ((lookupflags & INPLOOKUP_WILDCARD) != 0) { 967222748Srwatson struct inpcb *local_wild = NULL, *local_exact = NULL; 968222748Srwatson struct inpcb *jail_wild = NULL; 969222748Srwatson int injail; 970222748Srwatson 971222748Srwatson /* 972222748Srwatson * Order of socket selection - we always prefer jails. 973222748Srwatson * 1. jailed, non-wild. 974222748Srwatson * 2. jailed, wild. 975222748Srwatson * 3. non-jailed, non-wild. 976222748Srwatson * 4. non-jailed, wild. 977222748Srwatson */ 978271386Sae head = &pcbinfo->ipi_wildbase[INP_PCBHASH( 979271386Sae INP6_PCBHASHKEY(&in6addr_any), lport, 0, 980271386Sae pcbinfo->ipi_wildmask)]; 981222748Srwatson LIST_FOREACH(inp, head, inp_pcbgroup_wild) { 982222748Srwatson /* XXX inp locking */ 983222748Srwatson if ((inp->inp_vflag & INP_IPV6) == 0) 984222748Srwatson continue; 985222748Srwatson 986222748Srwatson if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) || 987222748Srwatson inp->inp_lport != lport) { 988222748Srwatson continue; 989222748Srwatson } 990222748Srwatson 991222748Srwatson injail = prison_flag(inp->inp_cred, PR_IP6); 992222748Srwatson if (injail) { 993222748Srwatson if (prison_check_ip6(inp->inp_cred, 994222748Srwatson laddr) != 0) 995222748Srwatson continue; 996222748Srwatson } else { 997222748Srwatson if (local_exact != NULL) 998222748Srwatson continue; 999222748Srwatson } 1000222748Srwatson 1001222748Srwatson if (IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr)) { 1002222748Srwatson if (injail) 1003222748Srwatson goto found; 1004222748Srwatson else 1005222748Srwatson local_exact = inp; 1006222748Srwatson } else if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { 1007222748Srwatson if (injail) 1008222748Srwatson jail_wild = inp; 1009222748Srwatson else 1010222748Srwatson local_wild = inp; 1011222748Srwatson } 1012222748Srwatson } /* LIST_FOREACH */ 1013222748Srwatson 1014222748Srwatson inp = jail_wild; 1015222748Srwatson if (inp == NULL) 1016222748Srwatson inp = jail_wild; 1017222748Srwatson if (inp == NULL) 1018222748Srwatson inp = local_exact; 1019222748Srwatson if (inp == NULL) 1020222748Srwatson inp = local_wild; 1021222748Srwatson if (inp != NULL) 1022222748Srwatson goto found; 1023222748Srwatson } /* if ((lookupflags & INPLOOKUP_WILDCARD) != 0) */ 1024222748Srwatson INP_GROUP_UNLOCK(pcbgroup); 1025222748Srwatson return (NULL); 1026222748Srwatson 1027222748Srwatsonfound: 1028332821Sjtl if (lookupflags & INPLOOKUP_WLOCKPCB) 1029332821Sjtl locked = INP_TRY_WLOCK(inp); 1030332821Sjtl else if (lookupflags & INPLOOKUP_RLOCKPCB) 1031332821Sjtl locked = INP_TRY_RLOCK(inp); 1032332821Sjtl else 1033332821Sjtl panic("%s: locking buf", __func__); 1034332821Sjtl if (!locked) 1035332821Sjtl in_pcbref(inp); 1036222748Srwatson INP_GROUP_UNLOCK(pcbgroup); 1037332821Sjtl if (!locked) { 1038332821Sjtl if (lookupflags & INPLOOKUP_WLOCKPCB) { 1039332821Sjtl INP_WLOCK(inp); 1040332821Sjtl if (in_pcbrele_wlocked(inp)) 1041332821Sjtl return (NULL); 1042332821Sjtl } else { 1043332821Sjtl INP_RLOCK(inp); 1044332821Sjtl if (in_pcbrele_rlocked(inp)) 1045332821Sjtl return (NULL); 1046332821Sjtl } 1047332821Sjtl } 1048332821Sjtl#ifdef INVARIANTS 1049332821Sjtl if (lookupflags & INPLOOKUP_WLOCKPCB) 1050332821Sjtl INP_WLOCK_ASSERT(inp); 1051332821Sjtl else 1052332821Sjtl INP_RLOCK_ASSERT(inp); 1053332821Sjtl#endif 1054222748Srwatson return (inp); 1055222748Srwatson} 1056222748Srwatson#endif /* PCBGROUP */ 1057222748Srwatson 1058222748Srwatson/* 105953541Sshin * Lookup PCB in hash list. 106053541Sshin */ 1061271391Saestatic struct inpcb * 1062222488Srwatsonin6_pcblookup_hash_locked(struct inpcbinfo *pcbinfo, struct in6_addr *faddr, 1063222488Srwatson u_int fport_arg, struct in6_addr *laddr, u_int lport_arg, 1064222488Srwatson int lookupflags, struct ifnet *ifp) 106553541Sshin{ 106653541Sshin struct inpcbhead *head; 1067185435Sbz struct inpcb *inp, *tmpinp; 106853541Sshin u_short fport = fport_arg, lport = lport_arg; 106953541Sshin 1070222215Srwatson KASSERT((lookupflags & ~(INPLOOKUP_WILDCARD)) == 0, 1071222215Srwatson ("%s: invalid lookup flags %d", __func__, lookupflags)); 1072222215Srwatson 1073222488Srwatson INP_HASH_LOCK_ASSERT(pcbinfo); 1074158011Srwatson 107553541Sshin /* 107653541Sshin * First look for an exact match. 107753541Sshin */ 1078185435Sbz tmpinp = NULL; 1079271386Sae head = &pcbinfo->ipi_hashbase[INP_PCBHASH( 1080271386Sae INP6_PCBHASHKEY(faddr), lport, fport, pcbinfo->ipi_hashmask)]; 108154263Sshin LIST_FOREACH(inp, head, inp_hash) { 1082185435Sbz /* XXX inp locking */ 108354952Seivind if ((inp->inp_vflag & INP_IPV6) == 0) 108453541Sshin continue; 108553541Sshin if (IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, faddr) && 108653541Sshin IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr) && 108753541Sshin inp->inp_fport == fport && 108853541Sshin inp->inp_lport == lport) { 108953541Sshin /* 1090185435Sbz * XXX We should be able to directly return 1091185435Sbz * the inp here, without any checks. 1092185435Sbz * Well unless both bound with SO_REUSEPORT? 109353541Sshin */ 1094192895Sjamie if (prison_flag(inp->inp_cred, PR_IP6)) 1095185435Sbz return (inp); 1096185435Sbz if (tmpinp == NULL) 1097185435Sbz tmpinp = inp; 109853541Sshin } 109953541Sshin } 1100185435Sbz if (tmpinp != NULL) 1101185435Sbz return (tmpinp); 110253541Sshin 1103185435Sbz /* 1104185435Sbz * Then look for a wildcard match, if requested. 1105185435Sbz */ 1106222215Srwatson if ((lookupflags & INPLOOKUP_WILDCARD) != 0) { 1107185435Sbz struct inpcb *local_wild = NULL, *local_exact = NULL; 1108185435Sbz struct inpcb *jail_wild = NULL; 1109185435Sbz int injail; 1110185435Sbz 1111185435Sbz /* 1112185435Sbz * Order of socket selection - we always prefer jails. 1113185435Sbz * 1. jailed, non-wild. 1114185435Sbz * 2. jailed, wild. 1115185435Sbz * 3. non-jailed, non-wild. 1116185435Sbz * 4. non-jailed, wild. 1117185435Sbz */ 1118271386Sae head = &pcbinfo->ipi_hashbase[INP_PCBHASH( 1119271386Sae INP6_PCBHASHKEY(&in6addr_any), lport, 0, 1120271386Sae pcbinfo->ipi_hashmask)]; 112154263Sshin LIST_FOREACH(inp, head, inp_hash) { 1122185435Sbz /* XXX inp locking */ 112354952Seivind if ((inp->inp_vflag & INP_IPV6) == 0) 112453541Sshin continue; 1125185435Sbz 1126185435Sbz if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) || 1127185435Sbz inp->inp_lport != lport) { 1128185435Sbz continue; 1129185435Sbz } 1130185435Sbz 1131192895Sjamie injail = prison_flag(inp->inp_cred, PR_IP6); 1132185435Sbz if (injail) { 1133188144Sjamie if (prison_check_ip6(inp->inp_cred, 1134188144Sjamie laddr) != 0) 113553541Sshin continue; 1136185435Sbz } else { 1137185435Sbz if (local_exact != NULL) 1138185435Sbz continue; 1139185435Sbz } 1140185435Sbz 1141185435Sbz if (IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr)) { 1142185435Sbz if (injail) 114353541Sshin return (inp); 1144185435Sbz else 1145185435Sbz local_exact = inp; 1146185435Sbz } else if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { 1147185435Sbz if (injail) 1148185435Sbz jail_wild = inp; 1149185435Sbz else 115053541Sshin local_wild = inp; 115153541Sshin } 1152185435Sbz } /* LIST_FOREACH */ 115353541Sshin 1154185435Sbz if (jail_wild != NULL) 1155185435Sbz return (jail_wild); 1156185435Sbz if (local_exact != NULL) 1157185435Sbz return (local_exact); 1158185435Sbz if (local_wild != NULL) 1159185435Sbz return (local_wild); 1160222215Srwatson } /* if ((lookupflags & INPLOOKUP_WILDCARD) != 0) */ 1161185435Sbz 116253541Sshin /* 116353541Sshin * Not found. 116453541Sshin */ 116553541Sshin return (NULL); 116653541Sshin} 116753541Sshin 1168222488Srwatson/* 1169222488Srwatson * Lookup PCB in hash list, using pcbinfo tables. This variation locks the 1170222488Srwatson * hash list lock, and will return the inpcb locked (i.e., requires 1171222488Srwatson * INPLOOKUP_LOCKPCB). 1172222488Srwatson */ 1173222488Srwatsonstatic struct inpcb * 1174222488Srwatsonin6_pcblookup_hash(struct inpcbinfo *pcbinfo, struct in6_addr *faddr, 1175222488Srwatson u_int fport, struct in6_addr *laddr, u_int lport, int lookupflags, 1176222488Srwatson struct ifnet *ifp) 1177222488Srwatson{ 1178222488Srwatson struct inpcb *inp; 1179332821Sjtl bool locked; 1180222488Srwatson 1181222488Srwatson INP_HASH_RLOCK(pcbinfo); 1182222488Srwatson inp = in6_pcblookup_hash_locked(pcbinfo, faddr, fport, laddr, lport, 1183222488Srwatson (lookupflags & ~(INPLOOKUP_RLOCKPCB | INPLOOKUP_WLOCKPCB)), ifp); 1184222488Srwatson if (inp != NULL) { 1185332821Sjtl if (lookupflags & INPLOOKUP_WLOCKPCB) 1186332821Sjtl locked = INP_TRY_WLOCK(inp); 1187332821Sjtl else if (lookupflags & INPLOOKUP_RLOCKPCB) 1188332821Sjtl locked = INP_TRY_RLOCK(inp); 1189332821Sjtl else 1190332821Sjtl panic("%s: locking bug", __func__); 1191332821Sjtl if (!locked) 1192332821Sjtl in_pcbref(inp); 1193222488Srwatson INP_HASH_RUNLOCK(pcbinfo); 1194332821Sjtl if (!locked) { 1195332821Sjtl if (lookupflags & INPLOOKUP_WLOCKPCB) { 1196332821Sjtl INP_WLOCK(inp); 1197332821Sjtl if (in_pcbrele_wlocked(inp)) 1198332821Sjtl return (NULL); 1199332821Sjtl } else { 1200332821Sjtl INP_RLOCK(inp); 1201332821Sjtl if (in_pcbrele_rlocked(inp)) 1202332821Sjtl return (NULL); 1203332821Sjtl } 1204332821Sjtl } 1205332821Sjtl#ifdef INVARIANTS 1206332821Sjtl if (lookupflags & INPLOOKUP_WLOCKPCB) 1207332821Sjtl INP_WLOCK_ASSERT(inp); 1208332821Sjtl else 1209332821Sjtl INP_RLOCK_ASSERT(inp); 1210332821Sjtl#endif 1211222488Srwatson } else 1212222488Srwatson INP_HASH_RUNLOCK(pcbinfo); 1213222488Srwatson return (inp); 1214222488Srwatson} 1215222488Srwatson 1216222488Srwatson/* 1217222691Srwatson * Public inpcb lookup routines, accepting a 4-tuple, and optionally, an mbuf 1218222691Srwatson * from which a pre-calculated hash value may be extracted. 1219222748Srwatson * 1220222748Srwatson * Possibly more of this logic should be in in6_pcbgroup.c. 1221222488Srwatson */ 1222222488Srwatsonstruct inpcb * 1223222488Srwatsonin6_pcblookup(struct inpcbinfo *pcbinfo, struct in6_addr *faddr, u_int fport, 1224222488Srwatson struct in6_addr *laddr, u_int lport, int lookupflags, struct ifnet *ifp) 1225222488Srwatson{ 1226263198Srwatson#if defined(PCBGROUP) && !defined(RSS) 1227222748Srwatson struct inpcbgroup *pcbgroup; 1228222748Srwatson#endif 1229222748Srwatson 1230222691Srwatson KASSERT((lookupflags & ~INPLOOKUP_MASK) == 0, 1231222691Srwatson ("%s: invalid lookup flags %d", __func__, lookupflags)); 1232222691Srwatson KASSERT((lookupflags & (INPLOOKUP_RLOCKPCB | INPLOOKUP_WLOCKPCB)) != 0, 1233222691Srwatson ("%s: LOCKPCB not set", __func__)); 1234222488Srwatson 1235263198Srwatson /* 1236263198Srwatson * When not using RSS, use connection groups in preference to the 1237263198Srwatson * reservation table when looking up 4-tuples. When using RSS, just 1238263198Srwatson * use the reservation table, due to the cost of the Toeplitz hash 1239263198Srwatson * in software. 1240263198Srwatson * 1241263198Srwatson * XXXRW: This policy belongs in the pcbgroup code, as in principle 1242263198Srwatson * we could be doing RSS with a non-Toeplitz hash that is affordable 1243263198Srwatson * in software. 1244263198Srwatson */ 1245263198Srwatson#if defined(PCBGROUP) && !defined(RSS) 1246222748Srwatson if (in_pcbgroup_enabled(pcbinfo)) { 1247222748Srwatson pcbgroup = in6_pcbgroup_bytuple(pcbinfo, laddr, lport, faddr, 1248222748Srwatson fport); 1249222748Srwatson return (in6_pcblookup_group(pcbinfo, pcbgroup, faddr, fport, 1250222748Srwatson laddr, lport, lookupflags, ifp)); 1251222748Srwatson } 1252222748Srwatson#endif 1253222691Srwatson return (in6_pcblookup_hash(pcbinfo, faddr, fport, laddr, lport, 1254222691Srwatson lookupflags, ifp)); 1255222691Srwatson} 1256222691Srwatson 1257222691Srwatsonstruct inpcb * 1258222691Srwatsonin6_pcblookup_mbuf(struct inpcbinfo *pcbinfo, struct in6_addr *faddr, 1259222691Srwatson u_int fport, struct in6_addr *laddr, u_int lport, int lookupflags, 1260222691Srwatson struct ifnet *ifp, struct mbuf *m) 1261222691Srwatson{ 1262222748Srwatson#ifdef PCBGROUP 1263222748Srwatson struct inpcbgroup *pcbgroup; 1264222748Srwatson#endif 1265222748Srwatson 1266222488Srwatson KASSERT((lookupflags & ~INPLOOKUP_MASK) == 0, 1267222488Srwatson ("%s: invalid lookup flags %d", __func__, lookupflags)); 1268222488Srwatson KASSERT((lookupflags & (INPLOOKUP_RLOCKPCB | INPLOOKUP_WLOCKPCB)) != 0, 1269222488Srwatson ("%s: LOCKPCB not set", __func__)); 1270222488Srwatson 1271222748Srwatson#ifdef PCBGROUP 1272263198Srwatson /* 1273263198Srwatson * If we can use a hardware-generated hash to look up the connection 1274263198Srwatson * group, use that connection group to find the inpcb. Otherwise 1275263198Srwatson * fall back on a software hash -- or the reservation table if we're 1276263198Srwatson * using RSS. 1277263198Srwatson * 1278263198Srwatson * XXXRW: As above, that policy belongs in the pcbgroup code. 1279263198Srwatson */ 1280263198Srwatson if (in_pcbgroup_enabled(pcbinfo) && 1281275358Shselasky M_HASHTYPE_TEST(m, M_HASHTYPE_NONE) == 0) { 1282222748Srwatson pcbgroup = in6_pcbgroup_byhash(pcbinfo, M_HASHTYPE_GET(m), 1283222748Srwatson m->m_pkthdr.flowid); 1284222748Srwatson if (pcbgroup != NULL) 1285222748Srwatson return (in6_pcblookup_group(pcbinfo, pcbgroup, faddr, 1286222748Srwatson fport, laddr, lport, lookupflags, ifp)); 1287263198Srwatson#ifndef RSS 1288222748Srwatson pcbgroup = in6_pcbgroup_bytuple(pcbinfo, laddr, lport, faddr, 1289222748Srwatson fport); 1290222748Srwatson return (in6_pcblookup_group(pcbinfo, pcbgroup, faddr, fport, 1291222748Srwatson laddr, lport, lookupflags, ifp)); 1292263198Srwatson#endif 1293222748Srwatson } 1294222748Srwatson#endif 1295222488Srwatson return (in6_pcblookup_hash(pcbinfo, faddr, fport, laddr, lport, 1296222488Srwatson lookupflags, ifp)); 1297222488Srwatson} 1298222488Srwatson 129953541Sshinvoid 130053541Sshininit_sin6(struct sockaddr_in6 *sin6, struct mbuf *m) 130153541Sshin{ 130253541Sshin struct ip6_hdr *ip; 130353541Sshin 130453541Sshin ip = mtod(m, struct ip6_hdr *); 130553541Sshin bzero(sin6, sizeof(*sin6)); 130653541Sshin sin6->sin6_len = sizeof(*sin6); 130753541Sshin sin6->sin6_family = AF_INET6; 130853541Sshin sin6->sin6_addr = ip->ip6_src; 130953541Sshin 1310148385Sume (void)sa6_recoverscope(sin6); /* XXX: should catch errors... */ 1311148385Sume 131253541Sshin return; 131353541Sshin} 1314