ip6_output.c revision 317333
1/*- 2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the project nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * $KAME: ip6_output.c,v 1.279 2002/01/26 06:12:30 jinmei Exp $ 30 */ 31 32/*- 33 * Copyright (c) 1982, 1986, 1988, 1990, 1993 34 * The Regents of the University of California. All rights reserved. 35 * 36 * Redistribution and use in source and binary forms, with or without 37 * modification, are permitted provided that the following conditions 38 * are met: 39 * 1. Redistributions of source code must retain the above copyright 40 * notice, this list of conditions and the following disclaimer. 41 * 2. Redistributions in binary form must reproduce the above copyright 42 * notice, this list of conditions and the following disclaimer in the 43 * documentation and/or other materials provided with the distribution. 44 * 4. Neither the name of the University nor the names of its contributors 45 * may be used to endorse or promote products derived from this software 46 * without specific prior written permission. 47 * 48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 58 * SUCH DAMAGE. 59 * 60 * @(#)ip_output.c 8.3 (Berkeley) 1/21/94 61 */ 62 63#include <sys/cdefs.h> 64__FBSDID("$FreeBSD: stable/11/sys/netinet6/ip6_output.c 317333 2017-04-23 08:58:50Z kp $"); 65 66#include "opt_inet.h" 67#include "opt_inet6.h" 68#include "opt_ipsec.h" 69#include "opt_sctp.h" 70#include "opt_route.h" 71#include "opt_rss.h" 72 73#include <sys/param.h> 74#include <sys/kernel.h> 75#include <sys/malloc.h> 76#include <sys/mbuf.h> 77#include <sys/errno.h> 78#include <sys/priv.h> 79#include <sys/proc.h> 80#include <sys/protosw.h> 81#include <sys/socket.h> 82#include <sys/socketvar.h> 83#include <sys/syslog.h> 84#include <sys/ucred.h> 85 86#include <machine/in_cksum.h> 87 88#include <net/if.h> 89#include <net/if_var.h> 90#include <net/if_llatbl.h> 91#include <net/netisr.h> 92#include <net/route.h> 93#include <net/pfil.h> 94#include <net/rss_config.h> 95#include <net/vnet.h> 96 97#include <netinet/in.h> 98#include <netinet/in_var.h> 99#include <netinet/ip_var.h> 100#include <netinet6/in6_fib.h> 101#include <netinet6/in6_var.h> 102#include <netinet/ip6.h> 103#include <netinet/icmp6.h> 104#include <netinet6/ip6_var.h> 105#include <netinet/in_pcb.h> 106#include <netinet/tcp_var.h> 107#include <netinet6/nd6.h> 108#include <netinet6/in6_rss.h> 109 110#include <netipsec/ipsec_support.h> 111#ifdef SCTP 112#include <netinet/sctp.h> 113#include <netinet/sctp_crc32.h> 114#endif 115 116#include <netinet6/ip6protosw.h> 117#include <netinet6/scope6_var.h> 118 119#ifdef FLOWTABLE 120#include <net/flowtable.h> 121#endif 122 123extern int in6_mcast_loop; 124 125struct ip6_exthdrs { 126 struct mbuf *ip6e_ip6; 127 struct mbuf *ip6e_hbh; 128 struct mbuf *ip6e_dest1; 129 struct mbuf *ip6e_rthdr; 130 struct mbuf *ip6e_dest2; 131}; 132 133static MALLOC_DEFINE(M_IP6OPT, "ip6opt", "IPv6 options"); 134 135static int ip6_pcbopt(int, u_char *, int, struct ip6_pktopts **, 136 struct ucred *, int); 137static int ip6_pcbopts(struct ip6_pktopts **, struct mbuf *, 138 struct socket *, struct sockopt *); 139static int ip6_getpcbopt(struct ip6_pktopts *, int, struct sockopt *); 140static int ip6_setpktopt(int, u_char *, int, struct ip6_pktopts *, 141 struct ucred *, int, int, int); 142 143static int ip6_copyexthdr(struct mbuf **, caddr_t, int); 144static int ip6_insertfraghdr(struct mbuf *, struct mbuf *, int, 145 struct ip6_frag **); 146static int ip6_insert_jumboopt(struct ip6_exthdrs *, u_int32_t); 147static int ip6_splithdr(struct mbuf *, struct ip6_exthdrs *); 148static int ip6_getpmtu(struct route_in6 *, int, 149 struct ifnet *, const struct in6_addr *, u_long *, int *, u_int, 150 u_int); 151static int ip6_calcmtu(struct ifnet *, const struct in6_addr *, u_long, 152 u_long *, int *, u_int); 153static int ip6_getpmtu_ctl(u_int, const struct in6_addr *, u_long *); 154static int copypktopts(struct ip6_pktopts *, struct ip6_pktopts *, int); 155 156 157/* 158 * Make an extension header from option data. hp is the source, and 159 * mp is the destination. 160 */ 161#define MAKE_EXTHDR(hp, mp) \ 162 do { \ 163 if (hp) { \ 164 struct ip6_ext *eh = (struct ip6_ext *)(hp); \ 165 error = ip6_copyexthdr((mp), (caddr_t)(hp), \ 166 ((eh)->ip6e_len + 1) << 3); \ 167 if (error) \ 168 goto freehdrs; \ 169 } \ 170 } while (/*CONSTCOND*/ 0) 171 172/* 173 * Form a chain of extension headers. 174 * m is the extension header mbuf 175 * mp is the previous mbuf in the chain 176 * p is the next header 177 * i is the type of option. 178 */ 179#define MAKE_CHAIN(m, mp, p, i)\ 180 do {\ 181 if (m) {\ 182 if (!hdrsplit) \ 183 panic("assumption failed: hdr not split"); \ 184 *mtod((m), u_char *) = *(p);\ 185 *(p) = (i);\ 186 p = mtod((m), u_char *);\ 187 (m)->m_next = (mp)->m_next;\ 188 (mp)->m_next = (m);\ 189 (mp) = (m);\ 190 }\ 191 } while (/*CONSTCOND*/ 0) 192 193void 194in6_delayed_cksum(struct mbuf *m, uint32_t plen, u_short offset) 195{ 196 u_short csum; 197 198 csum = in_cksum_skip(m, offset + plen, offset); 199 if (m->m_pkthdr.csum_flags & CSUM_UDP_IPV6 && csum == 0) 200 csum = 0xffff; 201 offset += m->m_pkthdr.csum_data; /* checksum offset */ 202 203 if (offset + sizeof(u_short) > m->m_len) { 204 printf("%s: delayed m_pullup, m->len: %d plen %u off %u " 205 "csum_flags=%b\n", __func__, m->m_len, plen, offset, 206 (int)m->m_pkthdr.csum_flags, CSUM_BITS); 207 /* 208 * XXX this should not happen, but if it does, the correct 209 * behavior may be to insert the checksum in the appropriate 210 * next mbuf in the chain. 211 */ 212 return; 213 } 214 *(u_short *)(m->m_data + offset) = csum; 215} 216 217int 218ip6_fragment(struct ifnet *ifp, struct mbuf *m0, int hlen, u_char nextproto, 219 int mtu, uint32_t id) 220{ 221 struct mbuf *m, **mnext, *m_frgpart; 222 struct ip6_hdr *ip6, *mhip6; 223 struct ip6_frag *ip6f; 224 int off; 225 int error; 226 int tlen = m0->m_pkthdr.len; 227 228 KASSERT(( mtu % 8 == 0), ("Fragment length must be a multiple of 8")); 229 230 m = m0; 231 ip6 = mtod(m, struct ip6_hdr *); 232 mnext = &m->m_nextpkt; 233 234 for (off = hlen; off < tlen; off += mtu) { 235 m = m_gethdr(M_NOWAIT, MT_DATA); 236 if (!m) { 237 IP6STAT_INC(ip6s_odropped); 238 return (ENOBUFS); 239 } 240 m->m_flags = m0->m_flags & M_COPYFLAGS; 241 *mnext = m; 242 mnext = &m->m_nextpkt; 243 m->m_data += max_linkhdr; 244 mhip6 = mtod(m, struct ip6_hdr *); 245 *mhip6 = *ip6; 246 m->m_len = sizeof(*mhip6); 247 error = ip6_insertfraghdr(m0, m, hlen, &ip6f); 248 if (error) { 249 IP6STAT_INC(ip6s_odropped); 250 return (error); 251 } 252 ip6f->ip6f_offlg = htons((u_short)((off - hlen) & ~7)); 253 if (off + mtu >= tlen) 254 mtu = tlen - off; 255 else 256 ip6f->ip6f_offlg |= IP6F_MORE_FRAG; 257 mhip6->ip6_plen = htons((u_short)(mtu + hlen + 258 sizeof(*ip6f) - sizeof(struct ip6_hdr))); 259 if ((m_frgpart = m_copy(m0, off, mtu)) == NULL) { 260 IP6STAT_INC(ip6s_odropped); 261 return (ENOBUFS); 262 } 263 m_cat(m, m_frgpart); 264 m->m_pkthdr.len = mtu + hlen + sizeof(*ip6f); 265 m->m_pkthdr.fibnum = m0->m_pkthdr.fibnum; 266 m->m_pkthdr.rcvif = NULL; 267 ip6f->ip6f_reserved = 0; 268 ip6f->ip6f_ident = id; 269 ip6f->ip6f_nxt = nextproto; 270 IP6STAT_INC(ip6s_ofragments); 271 in6_ifstat_inc(ifp, ifs6_out_fragcreat); 272 } 273 274 return (0); 275} 276 277/* 278 * IP6 output. The packet in mbuf chain m contains a skeletal IP6 279 * header (with pri, len, nxt, hlim, src, dst). 280 * This function may modify ver and hlim only. 281 * The mbuf chain containing the packet will be freed. 282 * The mbuf opt, if present, will not be freed. 283 * If route_in6 ro is present and has ro_rt initialized, route lookup would be 284 * skipped and ro->ro_rt would be used. If ro is present but ro->ro_rt is NULL, 285 * then result of route lookup is stored in ro->ro_rt. 286 * 287 * type of "mtu": rt_mtu is u_long, ifnet.ifr_mtu is int, and 288 * nd_ifinfo.linkmtu is u_int32_t. so we use u_long to hold largest one, 289 * which is rt_mtu. 290 * 291 * ifpp - XXX: just for statistics 292 */ 293/* 294 * XXX TODO: no flowid is assigned for outbound flows? 295 */ 296int 297ip6_output(struct mbuf *m0, struct ip6_pktopts *opt, 298 struct route_in6 *ro, int flags, struct ip6_moptions *im6o, 299 struct ifnet **ifpp, struct inpcb *inp) 300{ 301 struct ip6_hdr *ip6; 302 struct ifnet *ifp, *origifp; 303 struct mbuf *m = m0; 304 struct mbuf *mprev = NULL; 305 int hlen, tlen, len; 306 struct route_in6 ip6route; 307 struct rtentry *rt = NULL; 308 struct sockaddr_in6 *dst, src_sa, dst_sa; 309 struct in6_addr odst; 310 int error = 0; 311 struct in6_ifaddr *ia = NULL; 312 u_long mtu; 313 int alwaysfrag, dontfrag; 314 u_int32_t optlen = 0, plen = 0, unfragpartlen = 0; 315 struct ip6_exthdrs exthdrs; 316 struct in6_addr src0, dst0; 317 u_int32_t zone; 318 struct route_in6 *ro_pmtu = NULL; 319 int hdrsplit = 0; 320 int sw_csum, tso; 321 int needfiblookup; 322 uint32_t fibnum; 323 struct m_tag *fwd_tag = NULL; 324 uint32_t id; 325 326 if (inp != NULL) { 327 M_SETFIB(m, inp->inp_inc.inc_fibnum); 328 if ((flags & IP_NODEFAULTFLOWID) == 0) { 329 /* unconditionally set flowid */ 330 m->m_pkthdr.flowid = inp->inp_flowid; 331 M_HASHTYPE_SET(m, inp->inp_flowtype); 332 } 333 } 334 335#if defined(IPSEC) || defined(IPSEC_SUPPORT) 336 /* 337 * IPSec checking which handles several cases. 338 * FAST IPSEC: We re-injected the packet. 339 * XXX: need scope argument. 340 */ 341 if (IPSEC_ENABLED(ipv6)) { 342 if ((error = IPSEC_OUTPUT(ipv6, m, inp)) != 0) { 343 if (error == EINPROGRESS) 344 error = 0; 345 goto done; 346 } 347 } 348#endif /* IPSEC */ 349 350 bzero(&exthdrs, sizeof(exthdrs)); 351 if (opt) { 352 /* Hop-by-Hop options header */ 353 MAKE_EXTHDR(opt->ip6po_hbh, &exthdrs.ip6e_hbh); 354 /* Destination options header(1st part) */ 355 if (opt->ip6po_rthdr) { 356 /* 357 * Destination options header(1st part) 358 * This only makes sense with a routing header. 359 * See Section 9.2 of RFC 3542. 360 * Disabling this part just for MIP6 convenience is 361 * a bad idea. We need to think carefully about a 362 * way to make the advanced API coexist with MIP6 363 * options, which might automatically be inserted in 364 * the kernel. 365 */ 366 MAKE_EXTHDR(opt->ip6po_dest1, &exthdrs.ip6e_dest1); 367 } 368 /* Routing header */ 369 MAKE_EXTHDR(opt->ip6po_rthdr, &exthdrs.ip6e_rthdr); 370 /* Destination options header(2nd part) */ 371 MAKE_EXTHDR(opt->ip6po_dest2, &exthdrs.ip6e_dest2); 372 } 373 374 /* 375 * Calculate the total length of the extension header chain. 376 * Keep the length of the unfragmentable part for fragmentation. 377 */ 378 optlen = 0; 379 if (exthdrs.ip6e_hbh) 380 optlen += exthdrs.ip6e_hbh->m_len; 381 if (exthdrs.ip6e_dest1) 382 optlen += exthdrs.ip6e_dest1->m_len; 383 if (exthdrs.ip6e_rthdr) 384 optlen += exthdrs.ip6e_rthdr->m_len; 385 unfragpartlen = optlen + sizeof(struct ip6_hdr); 386 387 /* NOTE: we don't add AH/ESP length here (done in ip6_ipsec_output) */ 388 if (exthdrs.ip6e_dest2) 389 optlen += exthdrs.ip6e_dest2->m_len; 390 391 /* 392 * If there is at least one extension header, 393 * separate IP6 header from the payload. 394 */ 395 if (optlen && !hdrsplit) { 396 if ((error = ip6_splithdr(m, &exthdrs)) != 0) { 397 m = NULL; 398 goto freehdrs; 399 } 400 m = exthdrs.ip6e_ip6; 401 hdrsplit++; 402 } 403 404 ip6 = mtod(m, struct ip6_hdr *); 405 406 /* adjust mbuf packet header length */ 407 m->m_pkthdr.len += optlen; 408 plen = m->m_pkthdr.len - sizeof(*ip6); 409 410 /* If this is a jumbo payload, insert a jumbo payload option. */ 411 if (plen > IPV6_MAXPACKET) { 412 if (!hdrsplit) { 413 if ((error = ip6_splithdr(m, &exthdrs)) != 0) { 414 m = NULL; 415 goto freehdrs; 416 } 417 m = exthdrs.ip6e_ip6; 418 hdrsplit++; 419 } 420 /* adjust pointer */ 421 ip6 = mtod(m, struct ip6_hdr *); 422 if ((error = ip6_insert_jumboopt(&exthdrs, plen)) != 0) 423 goto freehdrs; 424 ip6->ip6_plen = 0; 425 } else 426 ip6->ip6_plen = htons(plen); 427 428 /* 429 * Concatenate headers and fill in next header fields. 430 * Here we have, on "m" 431 * IPv6 payload 432 * and we insert headers accordingly. Finally, we should be getting: 433 * IPv6 hbh dest1 rthdr ah* [esp* dest2 payload] 434 * 435 * during the header composing process, "m" points to IPv6 header. 436 * "mprev" points to an extension header prior to esp. 437 */ 438 u_char *nexthdrp = &ip6->ip6_nxt; 439 mprev = m; 440 441 /* 442 * we treat dest2 specially. this makes IPsec processing 443 * much easier. the goal here is to make mprev point the 444 * mbuf prior to dest2. 445 * 446 * result: IPv6 dest2 payload 447 * m and mprev will point to IPv6 header. 448 */ 449 if (exthdrs.ip6e_dest2) { 450 if (!hdrsplit) 451 panic("assumption failed: hdr not split"); 452 exthdrs.ip6e_dest2->m_next = m->m_next; 453 m->m_next = exthdrs.ip6e_dest2; 454 *mtod(exthdrs.ip6e_dest2, u_char *) = ip6->ip6_nxt; 455 ip6->ip6_nxt = IPPROTO_DSTOPTS; 456 } 457 458 /* 459 * result: IPv6 hbh dest1 rthdr dest2 payload 460 * m will point to IPv6 header. mprev will point to the 461 * extension header prior to dest2 (rthdr in the above case). 462 */ 463 MAKE_CHAIN(exthdrs.ip6e_hbh, mprev, nexthdrp, IPPROTO_HOPOPTS); 464 MAKE_CHAIN(exthdrs.ip6e_dest1, mprev, nexthdrp, 465 IPPROTO_DSTOPTS); 466 MAKE_CHAIN(exthdrs.ip6e_rthdr, mprev, nexthdrp, 467 IPPROTO_ROUTING); 468 469 /* 470 * If there is a routing header, discard the packet. 471 */ 472 if (exthdrs.ip6e_rthdr) { 473 error = EINVAL; 474 goto bad; 475 } 476 477 /* Source address validation */ 478 if (IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_src) && 479 (flags & IPV6_UNSPECSRC) == 0) { 480 error = EOPNOTSUPP; 481 IP6STAT_INC(ip6s_badscope); 482 goto bad; 483 } 484 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_src)) { 485 error = EOPNOTSUPP; 486 IP6STAT_INC(ip6s_badscope); 487 goto bad; 488 } 489 490 IP6STAT_INC(ip6s_localout); 491 492 /* 493 * Route packet. 494 */ 495 if (ro == NULL) { 496 ro = &ip6route; 497 bzero((caddr_t)ro, sizeof(*ro)); 498 } 499 ro_pmtu = ro; 500 if (opt && opt->ip6po_rthdr) 501 ro = &opt->ip6po_route; 502 dst = (struct sockaddr_in6 *)&ro->ro_dst; 503#ifdef FLOWTABLE 504 if (ro->ro_rt == NULL) 505 (void )flowtable_lookup(AF_INET6, m, (struct route *)ro); 506#endif 507 fibnum = (inp != NULL) ? inp->inp_inc.inc_fibnum : M_GETFIB(m); 508again: 509 /* 510 * if specified, try to fill in the traffic class field. 511 * do not override if a non-zero value is already set. 512 * we check the diffserv field and the ecn field separately. 513 */ 514 if (opt && opt->ip6po_tclass >= 0) { 515 int mask = 0; 516 517 if ((ip6->ip6_flow & htonl(0xfc << 20)) == 0) 518 mask |= 0xfc; 519 if ((ip6->ip6_flow & htonl(0x03 << 20)) == 0) 520 mask |= 0x03; 521 if (mask != 0) 522 ip6->ip6_flow |= htonl((opt->ip6po_tclass & mask) << 20); 523 } 524 525 /* fill in or override the hop limit field, if necessary. */ 526 if (opt && opt->ip6po_hlim != -1) 527 ip6->ip6_hlim = opt->ip6po_hlim & 0xff; 528 else if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) { 529 if (im6o != NULL) 530 ip6->ip6_hlim = im6o->im6o_multicast_hlim; 531 else 532 ip6->ip6_hlim = V_ip6_defmcasthlim; 533 } 534 /* 535 * Validate route against routing table additions; 536 * a better/more specific route might have been added. 537 * Make sure address family is set in route. 538 */ 539 if (inp) { 540 ro->ro_dst.sin6_family = AF_INET6; 541 RT_VALIDATE((struct route *)ro, &inp->inp_rt_cookie, fibnum); 542 } 543 if (ro->ro_rt && fwd_tag == NULL && (ro->ro_rt->rt_flags & RTF_UP) && 544 ro->ro_dst.sin6_family == AF_INET6 && 545 IN6_ARE_ADDR_EQUAL(&ro->ro_dst.sin6_addr, &ip6->ip6_dst)) { 546 rt = ro->ro_rt; 547 ifp = ro->ro_rt->rt_ifp; 548 } else { 549 if (ro->ro_lle) 550 LLE_FREE(ro->ro_lle); /* zeros ro_lle */ 551 ro->ro_lle = NULL; 552 if (fwd_tag == NULL) { 553 bzero(&dst_sa, sizeof(dst_sa)); 554 dst_sa.sin6_family = AF_INET6; 555 dst_sa.sin6_len = sizeof(dst_sa); 556 dst_sa.sin6_addr = ip6->ip6_dst; 557 } 558 error = in6_selectroute_fib(&dst_sa, opt, im6o, ro, &ifp, 559 &rt, fibnum); 560 if (error != 0) { 561 if (ifp != NULL) 562 in6_ifstat_inc(ifp, ifs6_out_discard); 563 goto bad; 564 } 565 } 566 if (rt == NULL) { 567 /* 568 * If in6_selectroute() does not return a route entry, 569 * dst may not have been updated. 570 */ 571 *dst = dst_sa; /* XXX */ 572 } 573 574 /* 575 * then rt (for unicast) and ifp must be non-NULL valid values. 576 */ 577 if ((flags & IPV6_FORWARDING) == 0) { 578 /* XXX: the FORWARDING flag can be set for mrouting. */ 579 in6_ifstat_inc(ifp, ifs6_out_request); 580 } 581 if (rt != NULL) { 582 ia = (struct in6_ifaddr *)(rt->rt_ifa); 583 counter_u64_add(rt->rt_pksent, 1); 584 } 585 586 587 /* 588 * The outgoing interface must be in the zone of source and 589 * destination addresses. 590 */ 591 origifp = ifp; 592 593 src0 = ip6->ip6_src; 594 if (in6_setscope(&src0, origifp, &zone)) 595 goto badscope; 596 bzero(&src_sa, sizeof(src_sa)); 597 src_sa.sin6_family = AF_INET6; 598 src_sa.sin6_len = sizeof(src_sa); 599 src_sa.sin6_addr = ip6->ip6_src; 600 if (sa6_recoverscope(&src_sa) || zone != src_sa.sin6_scope_id) 601 goto badscope; 602 603 dst0 = ip6->ip6_dst; 604 if (in6_setscope(&dst0, origifp, &zone)) 605 goto badscope; 606 /* re-initialize to be sure */ 607 bzero(&dst_sa, sizeof(dst_sa)); 608 dst_sa.sin6_family = AF_INET6; 609 dst_sa.sin6_len = sizeof(dst_sa); 610 dst_sa.sin6_addr = ip6->ip6_dst; 611 if (sa6_recoverscope(&dst_sa) || zone != dst_sa.sin6_scope_id) { 612 goto badscope; 613 } 614 615 /* We should use ia_ifp to support the case of 616 * sending packets to an address of our own. 617 */ 618 if (ia != NULL && ia->ia_ifp) 619 ifp = ia->ia_ifp; 620 621 /* scope check is done. */ 622 goto routefound; 623 624 badscope: 625 IP6STAT_INC(ip6s_badscope); 626 in6_ifstat_inc(origifp, ifs6_out_discard); 627 if (error == 0) 628 error = EHOSTUNREACH; /* XXX */ 629 goto bad; 630 631 routefound: 632 if (rt && !IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) { 633 if (opt && opt->ip6po_nextroute.ro_rt) { 634 /* 635 * The nexthop is explicitly specified by the 636 * application. We assume the next hop is an IPv6 637 * address. 638 */ 639 dst = (struct sockaddr_in6 *)opt->ip6po_nexthop; 640 } 641 else if ((rt->rt_flags & RTF_GATEWAY)) 642 dst = (struct sockaddr_in6 *)rt->rt_gateway; 643 } 644 645 if (!IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) { 646 m->m_flags &= ~(M_BCAST | M_MCAST); /* just in case */ 647 } else { 648 m->m_flags = (m->m_flags & ~M_BCAST) | M_MCAST; 649 in6_ifstat_inc(ifp, ifs6_out_mcast); 650 /* 651 * Confirm that the outgoing interface supports multicast. 652 */ 653 if (!(ifp->if_flags & IFF_MULTICAST)) { 654 IP6STAT_INC(ip6s_noroute); 655 in6_ifstat_inc(ifp, ifs6_out_discard); 656 error = ENETUNREACH; 657 goto bad; 658 } 659 if ((im6o == NULL && in6_mcast_loop) || 660 (im6o && im6o->im6o_multicast_loop)) { 661 /* 662 * Loop back multicast datagram if not expressly 663 * forbidden to do so, even if we have not joined 664 * the address; protocols will filter it later, 665 * thus deferring a hash lookup and lock acquisition 666 * at the expense of an m_copym(). 667 */ 668 ip6_mloopback(ifp, m); 669 } else { 670 /* 671 * If we are acting as a multicast router, perform 672 * multicast forwarding as if the packet had just 673 * arrived on the interface to which we are about 674 * to send. The multicast forwarding function 675 * recursively calls this function, using the 676 * IPV6_FORWARDING flag to prevent infinite recursion. 677 * 678 * Multicasts that are looped back by ip6_mloopback(), 679 * above, will be forwarded by the ip6_input() routine, 680 * if necessary. 681 */ 682 if (V_ip6_mrouter && (flags & IPV6_FORWARDING) == 0) { 683 /* 684 * XXX: ip6_mforward expects that rcvif is NULL 685 * when it is called from the originating path. 686 * However, it may not always be the case. 687 */ 688 m->m_pkthdr.rcvif = NULL; 689 if (ip6_mforward(ip6, ifp, m) != 0) { 690 m_freem(m); 691 goto done; 692 } 693 } 694 } 695 /* 696 * Multicasts with a hoplimit of zero may be looped back, 697 * above, but must not be transmitted on a network. 698 * Also, multicasts addressed to the loopback interface 699 * are not sent -- the above call to ip6_mloopback() will 700 * loop back a copy if this host actually belongs to the 701 * destination group on the loopback interface. 702 */ 703 if (ip6->ip6_hlim == 0 || (ifp->if_flags & IFF_LOOPBACK) || 704 IN6_IS_ADDR_MC_INTFACELOCAL(&ip6->ip6_dst)) { 705 m_freem(m); 706 goto done; 707 } 708 } 709 710 /* 711 * Fill the outgoing inteface to tell the upper layer 712 * to increment per-interface statistics. 713 */ 714 if (ifpp) 715 *ifpp = ifp; 716 717 /* Determine path MTU. */ 718 if ((error = ip6_getpmtu(ro_pmtu, ro != ro_pmtu, ifp, &ip6->ip6_dst, 719 &mtu, &alwaysfrag, fibnum, *nexthdrp)) != 0) 720 goto bad; 721 722 /* 723 * The caller of this function may specify to use the minimum MTU 724 * in some cases. 725 * An advanced API option (IPV6_USE_MIN_MTU) can also override MTU 726 * setting. The logic is a bit complicated; by default, unicast 727 * packets will follow path MTU while multicast packets will be sent at 728 * the minimum MTU. If IP6PO_MINMTU_ALL is specified, all packets 729 * including unicast ones will be sent at the minimum MTU. Multicast 730 * packets will always be sent at the minimum MTU unless 731 * IP6PO_MINMTU_DISABLE is explicitly specified. 732 * See RFC 3542 for more details. 733 */ 734 if (mtu > IPV6_MMTU) { 735 if ((flags & IPV6_MINMTU)) 736 mtu = IPV6_MMTU; 737 else if (opt && opt->ip6po_minmtu == IP6PO_MINMTU_ALL) 738 mtu = IPV6_MMTU; 739 else if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) && 740 (opt == NULL || 741 opt->ip6po_minmtu != IP6PO_MINMTU_DISABLE)) { 742 mtu = IPV6_MMTU; 743 } 744 } 745 746 /* 747 * clear embedded scope identifiers if necessary. 748 * in6_clearscope will touch the addresses only when necessary. 749 */ 750 in6_clearscope(&ip6->ip6_src); 751 in6_clearscope(&ip6->ip6_dst); 752 753 /* 754 * If the outgoing packet contains a hop-by-hop options header, 755 * it must be examined and processed even by the source node. 756 * (RFC 2460, section 4.) 757 */ 758 if (exthdrs.ip6e_hbh) { 759 struct ip6_hbh *hbh = mtod(exthdrs.ip6e_hbh, struct ip6_hbh *); 760 u_int32_t dummy; /* XXX unused */ 761 u_int32_t plen = 0; /* XXX: ip6_process will check the value */ 762 763#ifdef DIAGNOSTIC 764 if ((hbh->ip6h_len + 1) << 3 > exthdrs.ip6e_hbh->m_len) 765 panic("ip6e_hbh is not contiguous"); 766#endif 767 /* 768 * XXX: if we have to send an ICMPv6 error to the sender, 769 * we need the M_LOOP flag since icmp6_error() expects 770 * the IPv6 and the hop-by-hop options header are 771 * contiguous unless the flag is set. 772 */ 773 m->m_flags |= M_LOOP; 774 m->m_pkthdr.rcvif = ifp; 775 if (ip6_process_hopopts(m, (u_int8_t *)(hbh + 1), 776 ((hbh->ip6h_len + 1) << 3) - sizeof(struct ip6_hbh), 777 &dummy, &plen) < 0) { 778 /* m was already freed at this point */ 779 error = EINVAL;/* better error? */ 780 goto done; 781 } 782 m->m_flags &= ~M_LOOP; /* XXX */ 783 m->m_pkthdr.rcvif = NULL; 784 } 785 786 /* Jump over all PFIL processing if hooks are not active. */ 787 if (!PFIL_HOOKED(&V_inet6_pfil_hook)) 788 goto passout; 789 790 odst = ip6->ip6_dst; 791 /* Run through list of hooks for output packets. */ 792 error = pfil_run_hooks(&V_inet6_pfil_hook, &m, ifp, PFIL_OUT, inp); 793 if (error != 0 || m == NULL) 794 goto done; 795 /* adjust pointer */ 796 ip6 = mtod(m, struct ip6_hdr *); 797 798 needfiblookup = 0; 799 /* See if destination IP address was changed by packet filter. */ 800 if (!IN6_ARE_ADDR_EQUAL(&odst, &ip6->ip6_dst)) { 801 m->m_flags |= M_SKIP_FIREWALL; 802 /* If destination is now ourself drop to ip6_input(). */ 803 if (in6_localip(&ip6->ip6_dst)) { 804 m->m_flags |= M_FASTFWD_OURS; 805 if (m->m_pkthdr.rcvif == NULL) 806 m->m_pkthdr.rcvif = V_loif; 807 if (m->m_pkthdr.csum_flags & CSUM_DELAY_DATA_IPV6) { 808 m->m_pkthdr.csum_flags |= 809 CSUM_DATA_VALID_IPV6 | CSUM_PSEUDO_HDR; 810 m->m_pkthdr.csum_data = 0xffff; 811 } 812#ifdef SCTP 813 if (m->m_pkthdr.csum_flags & CSUM_SCTP_IPV6) 814 m->m_pkthdr.csum_flags |= CSUM_SCTP_VALID; 815#endif 816 error = netisr_queue(NETISR_IPV6, m); 817 goto done; 818 } else { 819 RO_RTFREE(ro); 820 needfiblookup = 1; /* Redo the routing table lookup. */ 821 if (ro->ro_lle) 822 LLE_FREE(ro->ro_lle); /* zeros ro_lle */ 823 ro->ro_lle = NULL; 824 } 825 } 826 /* See if fib was changed by packet filter. */ 827 if (fibnum != M_GETFIB(m)) { 828 m->m_flags |= M_SKIP_FIREWALL; 829 fibnum = M_GETFIB(m); 830 RO_RTFREE(ro); 831 needfiblookup = 1; 832 if (ro->ro_lle) 833 LLE_FREE(ro->ro_lle); /* zeros ro_lle */ 834 ro->ro_lle = NULL; 835 } 836 if (needfiblookup) 837 goto again; 838 839 /* See if local, if yes, send it to netisr. */ 840 if (m->m_flags & M_FASTFWD_OURS) { 841 if (m->m_pkthdr.rcvif == NULL) 842 m->m_pkthdr.rcvif = V_loif; 843 if (m->m_pkthdr.csum_flags & CSUM_DELAY_DATA_IPV6) { 844 m->m_pkthdr.csum_flags |= 845 CSUM_DATA_VALID_IPV6 | CSUM_PSEUDO_HDR; 846 m->m_pkthdr.csum_data = 0xffff; 847 } 848#ifdef SCTP 849 if (m->m_pkthdr.csum_flags & CSUM_SCTP_IPV6) 850 m->m_pkthdr.csum_flags |= CSUM_SCTP_VALID; 851#endif 852 error = netisr_queue(NETISR_IPV6, m); 853 goto done; 854 } 855 /* Or forward to some other address? */ 856 if ((m->m_flags & M_IP6_NEXTHOP) && 857 (fwd_tag = m_tag_find(m, PACKET_TAG_IPFORWARD, NULL)) != NULL) { 858 dst = (struct sockaddr_in6 *)&ro->ro_dst; 859 bcopy((fwd_tag+1), &dst_sa, sizeof(struct sockaddr_in6)); 860 m->m_flags |= M_SKIP_FIREWALL; 861 m->m_flags &= ~M_IP6_NEXTHOP; 862 m_tag_delete(m, fwd_tag); 863 goto again; 864 } 865 866passout: 867 /* 868 * Send the packet to the outgoing interface. 869 * If necessary, do IPv6 fragmentation before sending. 870 * 871 * the logic here is rather complex: 872 * 1: normal case (dontfrag == 0, alwaysfrag == 0) 873 * 1-a: send as is if tlen <= path mtu 874 * 1-b: fragment if tlen > path mtu 875 * 876 * 2: if user asks us not to fragment (dontfrag == 1) 877 * 2-a: send as is if tlen <= interface mtu 878 * 2-b: error if tlen > interface mtu 879 * 880 * 3: if we always need to attach fragment header (alwaysfrag == 1) 881 * always fragment 882 * 883 * 4: if dontfrag == 1 && alwaysfrag == 1 884 * error, as we cannot handle this conflicting request 885 */ 886 sw_csum = m->m_pkthdr.csum_flags; 887 if (!hdrsplit) { 888 tso = ((sw_csum & ifp->if_hwassist & CSUM_TSO) != 0) ? 1 : 0; 889 sw_csum &= ~ifp->if_hwassist; 890 } else 891 tso = 0; 892 /* 893 * If we added extension headers, we will not do TSO and calculate the 894 * checksums ourselves for now. 895 * XXX-BZ Need a framework to know when the NIC can handle it, even 896 * with ext. hdrs. 897 */ 898 if (sw_csum & CSUM_DELAY_DATA_IPV6) { 899 sw_csum &= ~CSUM_DELAY_DATA_IPV6; 900 in6_delayed_cksum(m, plen, sizeof(struct ip6_hdr)); 901 } 902#ifdef SCTP 903 if (sw_csum & CSUM_SCTP_IPV6) { 904 sw_csum &= ~CSUM_SCTP_IPV6; 905 sctp_delayed_cksum(m, sizeof(struct ip6_hdr)); 906 } 907#endif 908 m->m_pkthdr.csum_flags &= ifp->if_hwassist; 909 tlen = m->m_pkthdr.len; 910 911 if ((opt && (opt->ip6po_flags & IP6PO_DONTFRAG)) || tso) 912 dontfrag = 1; 913 else 914 dontfrag = 0; 915 if (dontfrag && alwaysfrag) { /* case 4 */ 916 /* conflicting request - can't transmit */ 917 error = EMSGSIZE; 918 goto bad; 919 } 920 if (dontfrag && tlen > IN6_LINKMTU(ifp) && !tso) { /* case 2-b */ 921 /* 922 * Even if the DONTFRAG option is specified, we cannot send the 923 * packet when the data length is larger than the MTU of the 924 * outgoing interface. 925 * Notify the error by sending IPV6_PATHMTU ancillary data if 926 * application wanted to know the MTU value. Also return an 927 * error code (this is not described in the API spec). 928 */ 929 if (inp != NULL) 930 ip6_notify_pmtu(inp, &dst_sa, (u_int32_t)mtu); 931 error = EMSGSIZE; 932 goto bad; 933 } 934 935 /* 936 * transmit packet without fragmentation 937 */ 938 if (dontfrag || (!alwaysfrag && tlen <= mtu)) { /* case 1-a and 2-a */ 939 struct in6_ifaddr *ia6; 940 941 ip6 = mtod(m, struct ip6_hdr *); 942 ia6 = in6_ifawithifp(ifp, &ip6->ip6_src); 943 if (ia6) { 944 /* Record statistics for this interface address. */ 945 counter_u64_add(ia6->ia_ifa.ifa_opackets, 1); 946 counter_u64_add(ia6->ia_ifa.ifa_obytes, 947 m->m_pkthdr.len); 948 ifa_free(&ia6->ia_ifa); 949 } 950 error = nd6_output_ifp(ifp, origifp, m, dst, 951 (struct route *)ro); 952 goto done; 953 } 954 955 /* 956 * try to fragment the packet. case 1-b and 3 957 */ 958 if (mtu < IPV6_MMTU) { 959 /* path MTU cannot be less than IPV6_MMTU */ 960 error = EMSGSIZE; 961 in6_ifstat_inc(ifp, ifs6_out_fragfail); 962 goto bad; 963 } else if (ip6->ip6_plen == 0) { 964 /* jumbo payload cannot be fragmented */ 965 error = EMSGSIZE; 966 in6_ifstat_inc(ifp, ifs6_out_fragfail); 967 goto bad; 968 } else { 969 u_char nextproto; 970 971 /* 972 * Too large for the destination or interface; 973 * fragment if possible. 974 * Must be able to put at least 8 bytes per fragment. 975 */ 976 hlen = unfragpartlen; 977 if (mtu > IPV6_MAXPACKET) 978 mtu = IPV6_MAXPACKET; 979 980 len = (mtu - hlen - sizeof(struct ip6_frag)) & ~7; 981 if (len < 8) { 982 error = EMSGSIZE; 983 in6_ifstat_inc(ifp, ifs6_out_fragfail); 984 goto bad; 985 } 986 987 /* 988 * If the interface will not calculate checksums on 989 * fragmented packets, then do it here. 990 * XXX-BZ handle the hw offloading case. Need flags. 991 */ 992 if (m->m_pkthdr.csum_flags & CSUM_DELAY_DATA_IPV6) { 993 in6_delayed_cksum(m, plen, hlen); 994 m->m_pkthdr.csum_flags &= ~CSUM_DELAY_DATA_IPV6; 995 } 996#ifdef SCTP 997 if (m->m_pkthdr.csum_flags & CSUM_SCTP_IPV6) { 998 sctp_delayed_cksum(m, hlen); 999 m->m_pkthdr.csum_flags &= ~CSUM_SCTP_IPV6; 1000 } 1001#endif 1002 /* 1003 * Change the next header field of the last header in the 1004 * unfragmentable part. 1005 */ 1006 if (exthdrs.ip6e_rthdr) { 1007 nextproto = *mtod(exthdrs.ip6e_rthdr, u_char *); 1008 *mtod(exthdrs.ip6e_rthdr, u_char *) = IPPROTO_FRAGMENT; 1009 } else if (exthdrs.ip6e_dest1) { 1010 nextproto = *mtod(exthdrs.ip6e_dest1, u_char *); 1011 *mtod(exthdrs.ip6e_dest1, u_char *) = IPPROTO_FRAGMENT; 1012 } else if (exthdrs.ip6e_hbh) { 1013 nextproto = *mtod(exthdrs.ip6e_hbh, u_char *); 1014 *mtod(exthdrs.ip6e_hbh, u_char *) = IPPROTO_FRAGMENT; 1015 } else { 1016 nextproto = ip6->ip6_nxt; 1017 ip6->ip6_nxt = IPPROTO_FRAGMENT; 1018 } 1019 1020 /* 1021 * Loop through length of segment after first fragment, 1022 * make new header and copy data of each part and link onto 1023 * chain. 1024 */ 1025 m0 = m; 1026 id = htonl(ip6_randomid()); 1027 if ((error = ip6_fragment(ifp, m, hlen, nextproto, len, id))) 1028 goto sendorfree; 1029 1030 in6_ifstat_inc(ifp, ifs6_out_fragok); 1031 } 1032 1033 /* 1034 * Remove leading garbages. 1035 */ 1036sendorfree: 1037 m = m0->m_nextpkt; 1038 m0->m_nextpkt = 0; 1039 m_freem(m0); 1040 for (m0 = m; m; m = m0) { 1041 m0 = m->m_nextpkt; 1042 m->m_nextpkt = 0; 1043 if (error == 0) { 1044 /* Record statistics for this interface address. */ 1045 if (ia) { 1046 counter_u64_add(ia->ia_ifa.ifa_opackets, 1); 1047 counter_u64_add(ia->ia_ifa.ifa_obytes, 1048 m->m_pkthdr.len); 1049 } 1050 error = nd6_output_ifp(ifp, origifp, m, dst, 1051 (struct route *)ro); 1052 } else 1053 m_freem(m); 1054 } 1055 1056 if (error == 0) 1057 IP6STAT_INC(ip6s_fragmented); 1058 1059done: 1060 /* 1061 * Release the route if using our private route, or if 1062 * (with flowtable) we don't have our own reference. 1063 */ 1064 if (ro == &ip6route || 1065 (ro != NULL && ro->ro_flags & RT_NORTREF)) 1066 RO_RTFREE(ro); 1067 return (error); 1068 1069freehdrs: 1070 m_freem(exthdrs.ip6e_hbh); /* m_freem will check if mbuf is 0 */ 1071 m_freem(exthdrs.ip6e_dest1); 1072 m_freem(exthdrs.ip6e_rthdr); 1073 m_freem(exthdrs.ip6e_dest2); 1074 /* FALLTHROUGH */ 1075bad: 1076 if (m) 1077 m_freem(m); 1078 goto done; 1079} 1080 1081static int 1082ip6_copyexthdr(struct mbuf **mp, caddr_t hdr, int hlen) 1083{ 1084 struct mbuf *m; 1085 1086 if (hlen > MCLBYTES) 1087 return (ENOBUFS); /* XXX */ 1088 1089 if (hlen > MLEN) 1090 m = m_getcl(M_NOWAIT, MT_DATA, 0); 1091 else 1092 m = m_get(M_NOWAIT, MT_DATA); 1093 if (m == NULL) 1094 return (ENOBUFS); 1095 m->m_len = hlen; 1096 if (hdr) 1097 bcopy(hdr, mtod(m, caddr_t), hlen); 1098 1099 *mp = m; 1100 return (0); 1101} 1102 1103/* 1104 * Insert jumbo payload option. 1105 */ 1106static int 1107ip6_insert_jumboopt(struct ip6_exthdrs *exthdrs, u_int32_t plen) 1108{ 1109 struct mbuf *mopt; 1110 u_char *optbuf; 1111 u_int32_t v; 1112 1113#define JUMBOOPTLEN 8 /* length of jumbo payload option and padding */ 1114 1115 /* 1116 * If there is no hop-by-hop options header, allocate new one. 1117 * If there is one but it doesn't have enough space to store the 1118 * jumbo payload option, allocate a cluster to store the whole options. 1119 * Otherwise, use it to store the options. 1120 */ 1121 if (exthdrs->ip6e_hbh == NULL) { 1122 mopt = m_get(M_NOWAIT, MT_DATA); 1123 if (mopt == NULL) 1124 return (ENOBUFS); 1125 mopt->m_len = JUMBOOPTLEN; 1126 optbuf = mtod(mopt, u_char *); 1127 optbuf[1] = 0; /* = ((JUMBOOPTLEN) >> 3) - 1 */ 1128 exthdrs->ip6e_hbh = mopt; 1129 } else { 1130 struct ip6_hbh *hbh; 1131 1132 mopt = exthdrs->ip6e_hbh; 1133 if (M_TRAILINGSPACE(mopt) < JUMBOOPTLEN) { 1134 /* 1135 * XXX assumption: 1136 * - exthdrs->ip6e_hbh is not referenced from places 1137 * other than exthdrs. 1138 * - exthdrs->ip6e_hbh is not an mbuf chain. 1139 */ 1140 int oldoptlen = mopt->m_len; 1141 struct mbuf *n; 1142 1143 /* 1144 * XXX: give up if the whole (new) hbh header does 1145 * not fit even in an mbuf cluster. 1146 */ 1147 if (oldoptlen + JUMBOOPTLEN > MCLBYTES) 1148 return (ENOBUFS); 1149 1150 /* 1151 * As a consequence, we must always prepare a cluster 1152 * at this point. 1153 */ 1154 n = m_getcl(M_NOWAIT, MT_DATA, 0); 1155 if (n == NULL) 1156 return (ENOBUFS); 1157 n->m_len = oldoptlen + JUMBOOPTLEN; 1158 bcopy(mtod(mopt, caddr_t), mtod(n, caddr_t), 1159 oldoptlen); 1160 optbuf = mtod(n, caddr_t) + oldoptlen; 1161 m_freem(mopt); 1162 mopt = exthdrs->ip6e_hbh = n; 1163 } else { 1164 optbuf = mtod(mopt, u_char *) + mopt->m_len; 1165 mopt->m_len += JUMBOOPTLEN; 1166 } 1167 optbuf[0] = IP6OPT_PADN; 1168 optbuf[1] = 1; 1169 1170 /* 1171 * Adjust the header length according to the pad and 1172 * the jumbo payload option. 1173 */ 1174 hbh = mtod(mopt, struct ip6_hbh *); 1175 hbh->ip6h_len += (JUMBOOPTLEN >> 3); 1176 } 1177 1178 /* fill in the option. */ 1179 optbuf[2] = IP6OPT_JUMBO; 1180 optbuf[3] = 4; 1181 v = (u_int32_t)htonl(plen + JUMBOOPTLEN); 1182 bcopy(&v, &optbuf[4], sizeof(u_int32_t)); 1183 1184 /* finally, adjust the packet header length */ 1185 exthdrs->ip6e_ip6->m_pkthdr.len += JUMBOOPTLEN; 1186 1187 return (0); 1188#undef JUMBOOPTLEN 1189} 1190 1191/* 1192 * Insert fragment header and copy unfragmentable header portions. 1193 */ 1194static int 1195ip6_insertfraghdr(struct mbuf *m0, struct mbuf *m, int hlen, 1196 struct ip6_frag **frghdrp) 1197{ 1198 struct mbuf *n, *mlast; 1199 1200 if (hlen > sizeof(struct ip6_hdr)) { 1201 n = m_copym(m0, sizeof(struct ip6_hdr), 1202 hlen - sizeof(struct ip6_hdr), M_NOWAIT); 1203 if (n == NULL) 1204 return (ENOBUFS); 1205 m->m_next = n; 1206 } else 1207 n = m; 1208 1209 /* Search for the last mbuf of unfragmentable part. */ 1210 for (mlast = n; mlast->m_next; mlast = mlast->m_next) 1211 ; 1212 1213 if (M_WRITABLE(mlast) && 1214 M_TRAILINGSPACE(mlast) >= sizeof(struct ip6_frag)) { 1215 /* use the trailing space of the last mbuf for the fragment hdr */ 1216 *frghdrp = (struct ip6_frag *)(mtod(mlast, caddr_t) + 1217 mlast->m_len); 1218 mlast->m_len += sizeof(struct ip6_frag); 1219 m->m_pkthdr.len += sizeof(struct ip6_frag); 1220 } else { 1221 /* allocate a new mbuf for the fragment header */ 1222 struct mbuf *mfrg; 1223 1224 mfrg = m_get(M_NOWAIT, MT_DATA); 1225 if (mfrg == NULL) 1226 return (ENOBUFS); 1227 mfrg->m_len = sizeof(struct ip6_frag); 1228 *frghdrp = mtod(mfrg, struct ip6_frag *); 1229 mlast->m_next = mfrg; 1230 } 1231 1232 return (0); 1233} 1234 1235/* 1236 * Calculates IPv6 path mtu for destination @dst. 1237 * Resulting MTU is stored in @mtup. 1238 * 1239 * Returns 0 on success. 1240 */ 1241static int 1242ip6_getpmtu_ctl(u_int fibnum, const struct in6_addr *dst, u_long *mtup) 1243{ 1244 struct nhop6_extended nh6; 1245 struct in6_addr kdst; 1246 uint32_t scopeid; 1247 struct ifnet *ifp; 1248 u_long mtu; 1249 int error; 1250 1251 in6_splitscope(dst, &kdst, &scopeid); 1252 if (fib6_lookup_nh_ext(fibnum, &kdst, scopeid, NHR_REF, 0, &nh6) != 0) 1253 return (EHOSTUNREACH); 1254 1255 ifp = nh6.nh_ifp; 1256 mtu = nh6.nh_mtu; 1257 1258 error = ip6_calcmtu(ifp, dst, mtu, mtup, NULL, 0); 1259 fib6_free_nh_ext(fibnum, &nh6); 1260 1261 return (error); 1262} 1263 1264/* 1265 * Calculates IPv6 path MTU for @dst based on transmit @ifp, 1266 * and cached data in @ro_pmtu. 1267 * MTU from (successful) route lookup is saved (along with dst) 1268 * inside @ro_pmtu to avoid subsequent route lookups after packet 1269 * filter processing. 1270 * 1271 * Stores mtu and always-frag value into @mtup and @alwaysfragp. 1272 * Returns 0 on success. 1273 */ 1274static int 1275ip6_getpmtu(struct route_in6 *ro_pmtu, int do_lookup, 1276 struct ifnet *ifp, const struct in6_addr *dst, u_long *mtup, 1277 int *alwaysfragp, u_int fibnum, u_int proto) 1278{ 1279 struct nhop6_basic nh6; 1280 struct in6_addr kdst; 1281 uint32_t scopeid; 1282 struct sockaddr_in6 *sa6_dst; 1283 u_long mtu; 1284 1285 mtu = 0; 1286 if (do_lookup) { 1287 1288 /* 1289 * Here ro_pmtu has final destination address, while 1290 * ro might represent immediate destination. 1291 * Use ro_pmtu destination since mtu might differ. 1292 */ 1293 sa6_dst = (struct sockaddr_in6 *)&ro_pmtu->ro_dst; 1294 if (!IN6_ARE_ADDR_EQUAL(&sa6_dst->sin6_addr, dst)) 1295 ro_pmtu->ro_mtu = 0; 1296 1297 if (ro_pmtu->ro_mtu == 0) { 1298 bzero(sa6_dst, sizeof(*sa6_dst)); 1299 sa6_dst->sin6_family = AF_INET6; 1300 sa6_dst->sin6_len = sizeof(struct sockaddr_in6); 1301 sa6_dst->sin6_addr = *dst; 1302 1303 in6_splitscope(dst, &kdst, &scopeid); 1304 if (fib6_lookup_nh_basic(fibnum, &kdst, scopeid, 0, 0, 1305 &nh6) == 0) 1306 ro_pmtu->ro_mtu = nh6.nh_mtu; 1307 } 1308 1309 mtu = ro_pmtu->ro_mtu; 1310 } 1311 1312 if (ro_pmtu->ro_rt) 1313 mtu = ro_pmtu->ro_rt->rt_mtu; 1314 1315 return (ip6_calcmtu(ifp, dst, mtu, mtup, alwaysfragp, proto)); 1316} 1317 1318/* 1319 * Calculate MTU based on transmit @ifp, route mtu @rt_mtu and 1320 * hostcache data for @dst. 1321 * Stores mtu and always-frag value into @mtup and @alwaysfragp. 1322 * 1323 * Returns 0 on success. 1324 */ 1325static int 1326ip6_calcmtu(struct ifnet *ifp, const struct in6_addr *dst, u_long rt_mtu, 1327 u_long *mtup, int *alwaysfragp, u_int proto) 1328{ 1329 u_long mtu = 0; 1330 int alwaysfrag = 0; 1331 int error = 0; 1332 1333 if (rt_mtu > 0) { 1334 u_int32_t ifmtu; 1335 struct in_conninfo inc; 1336 1337 bzero(&inc, sizeof(inc)); 1338 inc.inc_flags |= INC_ISIPV6; 1339 inc.inc6_faddr = *dst; 1340 1341 ifmtu = IN6_LINKMTU(ifp); 1342 1343 /* TCP is known to react to pmtu changes so skip hc */ 1344 if (proto != IPPROTO_TCP) 1345 mtu = tcp_hc_getmtu(&inc); 1346 1347 if (mtu) 1348 mtu = min(mtu, rt_mtu); 1349 else 1350 mtu = rt_mtu; 1351 if (mtu == 0) 1352 mtu = ifmtu; 1353 else if (mtu < IPV6_MMTU) { 1354 /* 1355 * RFC2460 section 5, last paragraph: 1356 * if we record ICMPv6 too big message with 1357 * mtu < IPV6_MMTU, transmit packets sized IPV6_MMTU 1358 * or smaller, with framgent header attached. 1359 * (fragment header is needed regardless from the 1360 * packet size, for translators to identify packets) 1361 */ 1362 alwaysfrag = 1; 1363 mtu = IPV6_MMTU; 1364 } 1365 } else if (ifp) { 1366 mtu = IN6_LINKMTU(ifp); 1367 } else 1368 error = EHOSTUNREACH; /* XXX */ 1369 1370 *mtup = mtu; 1371 if (alwaysfragp) 1372 *alwaysfragp = alwaysfrag; 1373 return (error); 1374} 1375 1376/* 1377 * IP6 socket option processing. 1378 */ 1379int 1380ip6_ctloutput(struct socket *so, struct sockopt *sopt) 1381{ 1382 int optdatalen, uproto; 1383 void *optdata; 1384 struct inpcb *in6p = sotoinpcb(so); 1385 int error, optval; 1386 int level, op, optname; 1387 int optlen; 1388 struct thread *td; 1389#ifdef RSS 1390 uint32_t rss_bucket; 1391 int retval; 1392#endif 1393 1394/* 1395 * Don't use more than a quarter of mbuf clusters. N.B.: 1396 * nmbclusters is an int, but nmbclusters * MCLBYTES may overflow 1397 * on LP64 architectures, so cast to u_long to avoid undefined 1398 * behavior. ILP32 architectures cannot have nmbclusters 1399 * large enough to overflow for other reasons. 1400 */ 1401#define IPV6_PKTOPTIONS_MBUF_LIMIT ((u_long)nmbclusters * MCLBYTES / 4) 1402 1403 level = sopt->sopt_level; 1404 op = sopt->sopt_dir; 1405 optname = sopt->sopt_name; 1406 optlen = sopt->sopt_valsize; 1407 td = sopt->sopt_td; 1408 error = 0; 1409 optval = 0; 1410 uproto = (int)so->so_proto->pr_protocol; 1411 1412 if (level != IPPROTO_IPV6) { 1413 error = EINVAL; 1414 1415 if (sopt->sopt_level == SOL_SOCKET && 1416 sopt->sopt_dir == SOPT_SET) { 1417 switch (sopt->sopt_name) { 1418 case SO_REUSEADDR: 1419 INP_WLOCK(in6p); 1420 if ((so->so_options & SO_REUSEADDR) != 0) 1421 in6p->inp_flags2 |= INP_REUSEADDR; 1422 else 1423 in6p->inp_flags2 &= ~INP_REUSEADDR; 1424 INP_WUNLOCK(in6p); 1425 error = 0; 1426 break; 1427 case SO_REUSEPORT: 1428 INP_WLOCK(in6p); 1429 if ((so->so_options & SO_REUSEPORT) != 0) 1430 in6p->inp_flags2 |= INP_REUSEPORT; 1431 else 1432 in6p->inp_flags2 &= ~INP_REUSEPORT; 1433 INP_WUNLOCK(in6p); 1434 error = 0; 1435 break; 1436 case SO_SETFIB: 1437 INP_WLOCK(in6p); 1438 in6p->inp_inc.inc_fibnum = so->so_fibnum; 1439 INP_WUNLOCK(in6p); 1440 error = 0; 1441 break; 1442 default: 1443 break; 1444 } 1445 } 1446 } else { /* level == IPPROTO_IPV6 */ 1447 switch (op) { 1448 1449 case SOPT_SET: 1450 switch (optname) { 1451 case IPV6_2292PKTOPTIONS: 1452#ifdef IPV6_PKTOPTIONS 1453 case IPV6_PKTOPTIONS: 1454#endif 1455 { 1456 struct mbuf *m; 1457 1458 if (optlen > IPV6_PKTOPTIONS_MBUF_LIMIT) { 1459 printf("ip6_ctloutput: mbuf limit hit\n"); 1460 error = ENOBUFS; 1461 break; 1462 } 1463 1464 error = soopt_getm(sopt, &m); /* XXX */ 1465 if (error != 0) 1466 break; 1467 error = soopt_mcopyin(sopt, m); /* XXX */ 1468 if (error != 0) 1469 break; 1470 error = ip6_pcbopts(&in6p->in6p_outputopts, 1471 m, so, sopt); 1472 m_freem(m); /* XXX */ 1473 break; 1474 } 1475 1476 /* 1477 * Use of some Hop-by-Hop options or some 1478 * Destination options, might require special 1479 * privilege. That is, normal applications 1480 * (without special privilege) might be forbidden 1481 * from setting certain options in outgoing packets, 1482 * and might never see certain options in received 1483 * packets. [RFC 2292 Section 6] 1484 * KAME specific note: 1485 * KAME prevents non-privileged users from sending or 1486 * receiving ANY hbh/dst options in order to avoid 1487 * overhead of parsing options in the kernel. 1488 */ 1489 case IPV6_RECVHOPOPTS: 1490 case IPV6_RECVDSTOPTS: 1491 case IPV6_RECVRTHDRDSTOPTS: 1492 if (td != NULL) { 1493 error = priv_check(td, 1494 PRIV_NETINET_SETHDROPTS); 1495 if (error) 1496 break; 1497 } 1498 /* FALLTHROUGH */ 1499 case IPV6_UNICAST_HOPS: 1500 case IPV6_HOPLIMIT: 1501 1502 case IPV6_RECVPKTINFO: 1503 case IPV6_RECVHOPLIMIT: 1504 case IPV6_RECVRTHDR: 1505 case IPV6_RECVPATHMTU: 1506 case IPV6_RECVTCLASS: 1507 case IPV6_RECVFLOWID: 1508#ifdef RSS 1509 case IPV6_RECVRSSBUCKETID: 1510#endif 1511 case IPV6_V6ONLY: 1512 case IPV6_AUTOFLOWLABEL: 1513 case IPV6_BINDANY: 1514 case IPV6_BINDMULTI: 1515#ifdef RSS 1516 case IPV6_RSS_LISTEN_BUCKET: 1517#endif 1518 if (optname == IPV6_BINDANY && td != NULL) { 1519 error = priv_check(td, 1520 PRIV_NETINET_BINDANY); 1521 if (error) 1522 break; 1523 } 1524 1525 if (optlen != sizeof(int)) { 1526 error = EINVAL; 1527 break; 1528 } 1529 error = sooptcopyin(sopt, &optval, 1530 sizeof optval, sizeof optval); 1531 if (error) 1532 break; 1533 switch (optname) { 1534 1535 case IPV6_UNICAST_HOPS: 1536 if (optval < -1 || optval >= 256) 1537 error = EINVAL; 1538 else { 1539 /* -1 = kernel default */ 1540 in6p->in6p_hops = optval; 1541 if ((in6p->inp_vflag & 1542 INP_IPV4) != 0) 1543 in6p->inp_ip_ttl = optval; 1544 } 1545 break; 1546#define OPTSET(bit) \ 1547do { \ 1548 INP_WLOCK(in6p); \ 1549 if (optval) \ 1550 in6p->inp_flags |= (bit); \ 1551 else \ 1552 in6p->inp_flags &= ~(bit); \ 1553 INP_WUNLOCK(in6p); \ 1554} while (/*CONSTCOND*/ 0) 1555#define OPTSET2292(bit) \ 1556do { \ 1557 INP_WLOCK(in6p); \ 1558 in6p->inp_flags |= IN6P_RFC2292; \ 1559 if (optval) \ 1560 in6p->inp_flags |= (bit); \ 1561 else \ 1562 in6p->inp_flags &= ~(bit); \ 1563 INP_WUNLOCK(in6p); \ 1564} while (/*CONSTCOND*/ 0) 1565#define OPTBIT(bit) (in6p->inp_flags & (bit) ? 1 : 0) 1566 1567#define OPTSET2(bit, val) do { \ 1568 INP_WLOCK(in6p); \ 1569 if (val) \ 1570 in6p->inp_flags2 |= bit; \ 1571 else \ 1572 in6p->inp_flags2 &= ~bit; \ 1573 INP_WUNLOCK(in6p); \ 1574} while (0) 1575#define OPTBIT2(bit) (in6p->inp_flags2 & (bit) ? 1 : 0) 1576 1577 case IPV6_RECVPKTINFO: 1578 /* cannot mix with RFC2292 */ 1579 if (OPTBIT(IN6P_RFC2292)) { 1580 error = EINVAL; 1581 break; 1582 } 1583 OPTSET(IN6P_PKTINFO); 1584 break; 1585 1586 case IPV6_HOPLIMIT: 1587 { 1588 struct ip6_pktopts **optp; 1589 1590 /* cannot mix with RFC2292 */ 1591 if (OPTBIT(IN6P_RFC2292)) { 1592 error = EINVAL; 1593 break; 1594 } 1595 optp = &in6p->in6p_outputopts; 1596 error = ip6_pcbopt(IPV6_HOPLIMIT, 1597 (u_char *)&optval, sizeof(optval), 1598 optp, (td != NULL) ? td->td_ucred : 1599 NULL, uproto); 1600 break; 1601 } 1602 1603 case IPV6_RECVHOPLIMIT: 1604 /* cannot mix with RFC2292 */ 1605 if (OPTBIT(IN6P_RFC2292)) { 1606 error = EINVAL; 1607 break; 1608 } 1609 OPTSET(IN6P_HOPLIMIT); 1610 break; 1611 1612 case IPV6_RECVHOPOPTS: 1613 /* cannot mix with RFC2292 */ 1614 if (OPTBIT(IN6P_RFC2292)) { 1615 error = EINVAL; 1616 break; 1617 } 1618 OPTSET(IN6P_HOPOPTS); 1619 break; 1620 1621 case IPV6_RECVDSTOPTS: 1622 /* cannot mix with RFC2292 */ 1623 if (OPTBIT(IN6P_RFC2292)) { 1624 error = EINVAL; 1625 break; 1626 } 1627 OPTSET(IN6P_DSTOPTS); 1628 break; 1629 1630 case IPV6_RECVRTHDRDSTOPTS: 1631 /* cannot mix with RFC2292 */ 1632 if (OPTBIT(IN6P_RFC2292)) { 1633 error = EINVAL; 1634 break; 1635 } 1636 OPTSET(IN6P_RTHDRDSTOPTS); 1637 break; 1638 1639 case IPV6_RECVRTHDR: 1640 /* cannot mix with RFC2292 */ 1641 if (OPTBIT(IN6P_RFC2292)) { 1642 error = EINVAL; 1643 break; 1644 } 1645 OPTSET(IN6P_RTHDR); 1646 break; 1647 1648 case IPV6_RECVPATHMTU: 1649 /* 1650 * We ignore this option for TCP 1651 * sockets. 1652 * (RFC3542 leaves this case 1653 * unspecified.) 1654 */ 1655 if (uproto != IPPROTO_TCP) 1656 OPTSET(IN6P_MTU); 1657 break; 1658 1659 case IPV6_RECVFLOWID: 1660 OPTSET2(INP_RECVFLOWID, optval); 1661 break; 1662 1663#ifdef RSS 1664 case IPV6_RECVRSSBUCKETID: 1665 OPTSET2(INP_RECVRSSBUCKETID, optval); 1666 break; 1667#endif 1668 1669 case IPV6_V6ONLY: 1670 /* 1671 * make setsockopt(IPV6_V6ONLY) 1672 * available only prior to bind(2). 1673 * see ipng mailing list, Jun 22 2001. 1674 */ 1675 if (in6p->inp_lport || 1676 !IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr)) { 1677 error = EINVAL; 1678 break; 1679 } 1680 OPTSET(IN6P_IPV6_V6ONLY); 1681 if (optval) 1682 in6p->inp_vflag &= ~INP_IPV4; 1683 else 1684 in6p->inp_vflag |= INP_IPV4; 1685 break; 1686 case IPV6_RECVTCLASS: 1687 /* cannot mix with RFC2292 XXX */ 1688 if (OPTBIT(IN6P_RFC2292)) { 1689 error = EINVAL; 1690 break; 1691 } 1692 OPTSET(IN6P_TCLASS); 1693 break; 1694 case IPV6_AUTOFLOWLABEL: 1695 OPTSET(IN6P_AUTOFLOWLABEL); 1696 break; 1697 1698 case IPV6_BINDANY: 1699 OPTSET(INP_BINDANY); 1700 break; 1701 1702 case IPV6_BINDMULTI: 1703 OPTSET2(INP_BINDMULTI, optval); 1704 break; 1705#ifdef RSS 1706 case IPV6_RSS_LISTEN_BUCKET: 1707 if ((optval >= 0) && 1708 (optval < rss_getnumbuckets())) { 1709 in6p->inp_rss_listen_bucket = optval; 1710 OPTSET2(INP_RSS_BUCKET_SET, 1); 1711 } else { 1712 error = EINVAL; 1713 } 1714 break; 1715#endif 1716 } 1717 break; 1718 1719 case IPV6_TCLASS: 1720 case IPV6_DONTFRAG: 1721 case IPV6_USE_MIN_MTU: 1722 case IPV6_PREFER_TEMPADDR: 1723 if (optlen != sizeof(optval)) { 1724 error = EINVAL; 1725 break; 1726 } 1727 error = sooptcopyin(sopt, &optval, 1728 sizeof optval, sizeof optval); 1729 if (error) 1730 break; 1731 { 1732 struct ip6_pktopts **optp; 1733 optp = &in6p->in6p_outputopts; 1734 error = ip6_pcbopt(optname, 1735 (u_char *)&optval, sizeof(optval), 1736 optp, (td != NULL) ? td->td_ucred : 1737 NULL, uproto); 1738 break; 1739 } 1740 1741 case IPV6_2292PKTINFO: 1742 case IPV6_2292HOPLIMIT: 1743 case IPV6_2292HOPOPTS: 1744 case IPV6_2292DSTOPTS: 1745 case IPV6_2292RTHDR: 1746 /* RFC 2292 */ 1747 if (optlen != sizeof(int)) { 1748 error = EINVAL; 1749 break; 1750 } 1751 error = sooptcopyin(sopt, &optval, 1752 sizeof optval, sizeof optval); 1753 if (error) 1754 break; 1755 switch (optname) { 1756 case IPV6_2292PKTINFO: 1757 OPTSET2292(IN6P_PKTINFO); 1758 break; 1759 case IPV6_2292HOPLIMIT: 1760 OPTSET2292(IN6P_HOPLIMIT); 1761 break; 1762 case IPV6_2292HOPOPTS: 1763 /* 1764 * Check super-user privilege. 1765 * See comments for IPV6_RECVHOPOPTS. 1766 */ 1767 if (td != NULL) { 1768 error = priv_check(td, 1769 PRIV_NETINET_SETHDROPTS); 1770 if (error) 1771 return (error); 1772 } 1773 OPTSET2292(IN6P_HOPOPTS); 1774 break; 1775 case IPV6_2292DSTOPTS: 1776 if (td != NULL) { 1777 error = priv_check(td, 1778 PRIV_NETINET_SETHDROPTS); 1779 if (error) 1780 return (error); 1781 } 1782 OPTSET2292(IN6P_DSTOPTS|IN6P_RTHDRDSTOPTS); /* XXX */ 1783 break; 1784 case IPV6_2292RTHDR: 1785 OPTSET2292(IN6P_RTHDR); 1786 break; 1787 } 1788 break; 1789 case IPV6_PKTINFO: 1790 case IPV6_HOPOPTS: 1791 case IPV6_RTHDR: 1792 case IPV6_DSTOPTS: 1793 case IPV6_RTHDRDSTOPTS: 1794 case IPV6_NEXTHOP: 1795 { 1796 /* new advanced API (RFC3542) */ 1797 u_char *optbuf; 1798 u_char optbuf_storage[MCLBYTES]; 1799 int optlen; 1800 struct ip6_pktopts **optp; 1801 1802 /* cannot mix with RFC2292 */ 1803 if (OPTBIT(IN6P_RFC2292)) { 1804 error = EINVAL; 1805 break; 1806 } 1807 1808 /* 1809 * We only ensure valsize is not too large 1810 * here. Further validation will be done 1811 * later. 1812 */ 1813 error = sooptcopyin(sopt, optbuf_storage, 1814 sizeof(optbuf_storage), 0); 1815 if (error) 1816 break; 1817 optlen = sopt->sopt_valsize; 1818 optbuf = optbuf_storage; 1819 optp = &in6p->in6p_outputopts; 1820 error = ip6_pcbopt(optname, optbuf, optlen, 1821 optp, (td != NULL) ? td->td_ucred : NULL, 1822 uproto); 1823 break; 1824 } 1825#undef OPTSET 1826 1827 case IPV6_MULTICAST_IF: 1828 case IPV6_MULTICAST_HOPS: 1829 case IPV6_MULTICAST_LOOP: 1830 case IPV6_JOIN_GROUP: 1831 case IPV6_LEAVE_GROUP: 1832 case IPV6_MSFILTER: 1833 case MCAST_BLOCK_SOURCE: 1834 case MCAST_UNBLOCK_SOURCE: 1835 case MCAST_JOIN_GROUP: 1836 case MCAST_LEAVE_GROUP: 1837 case MCAST_JOIN_SOURCE_GROUP: 1838 case MCAST_LEAVE_SOURCE_GROUP: 1839 error = ip6_setmoptions(in6p, sopt); 1840 break; 1841 1842 case IPV6_PORTRANGE: 1843 error = sooptcopyin(sopt, &optval, 1844 sizeof optval, sizeof optval); 1845 if (error) 1846 break; 1847 1848 INP_WLOCK(in6p); 1849 switch (optval) { 1850 case IPV6_PORTRANGE_DEFAULT: 1851 in6p->inp_flags &= ~(INP_LOWPORT); 1852 in6p->inp_flags &= ~(INP_HIGHPORT); 1853 break; 1854 1855 case IPV6_PORTRANGE_HIGH: 1856 in6p->inp_flags &= ~(INP_LOWPORT); 1857 in6p->inp_flags |= INP_HIGHPORT; 1858 break; 1859 1860 case IPV6_PORTRANGE_LOW: 1861 in6p->inp_flags &= ~(INP_HIGHPORT); 1862 in6p->inp_flags |= INP_LOWPORT; 1863 break; 1864 1865 default: 1866 error = EINVAL; 1867 break; 1868 } 1869 INP_WUNLOCK(in6p); 1870 break; 1871 1872#if defined(IPSEC) || defined(IPSEC_SUPPORT) 1873 case IPV6_IPSEC_POLICY: 1874 if (IPSEC_ENABLED(ipv6)) { 1875 error = IPSEC_PCBCTL(ipv6, in6p, sopt); 1876 break; 1877 } 1878 /* FALLTHROUGH */ 1879#endif /* IPSEC */ 1880 1881 default: 1882 error = ENOPROTOOPT; 1883 break; 1884 } 1885 break; 1886 1887 case SOPT_GET: 1888 switch (optname) { 1889 1890 case IPV6_2292PKTOPTIONS: 1891#ifdef IPV6_PKTOPTIONS 1892 case IPV6_PKTOPTIONS: 1893#endif 1894 /* 1895 * RFC3542 (effectively) deprecated the 1896 * semantics of the 2292-style pktoptions. 1897 * Since it was not reliable in nature (i.e., 1898 * applications had to expect the lack of some 1899 * information after all), it would make sense 1900 * to simplify this part by always returning 1901 * empty data. 1902 */ 1903 sopt->sopt_valsize = 0; 1904 break; 1905 1906 case IPV6_RECVHOPOPTS: 1907 case IPV6_RECVDSTOPTS: 1908 case IPV6_RECVRTHDRDSTOPTS: 1909 case IPV6_UNICAST_HOPS: 1910 case IPV6_RECVPKTINFO: 1911 case IPV6_RECVHOPLIMIT: 1912 case IPV6_RECVRTHDR: 1913 case IPV6_RECVPATHMTU: 1914 1915 case IPV6_V6ONLY: 1916 case IPV6_PORTRANGE: 1917 case IPV6_RECVTCLASS: 1918 case IPV6_AUTOFLOWLABEL: 1919 case IPV6_BINDANY: 1920 case IPV6_FLOWID: 1921 case IPV6_FLOWTYPE: 1922 case IPV6_RECVFLOWID: 1923#ifdef RSS 1924 case IPV6_RSSBUCKETID: 1925 case IPV6_RECVRSSBUCKETID: 1926#endif 1927 case IPV6_BINDMULTI: 1928 switch (optname) { 1929 1930 case IPV6_RECVHOPOPTS: 1931 optval = OPTBIT(IN6P_HOPOPTS); 1932 break; 1933 1934 case IPV6_RECVDSTOPTS: 1935 optval = OPTBIT(IN6P_DSTOPTS); 1936 break; 1937 1938 case IPV6_RECVRTHDRDSTOPTS: 1939 optval = OPTBIT(IN6P_RTHDRDSTOPTS); 1940 break; 1941 1942 case IPV6_UNICAST_HOPS: 1943 optval = in6p->in6p_hops; 1944 break; 1945 1946 case IPV6_RECVPKTINFO: 1947 optval = OPTBIT(IN6P_PKTINFO); 1948 break; 1949 1950 case IPV6_RECVHOPLIMIT: 1951 optval = OPTBIT(IN6P_HOPLIMIT); 1952 break; 1953 1954 case IPV6_RECVRTHDR: 1955 optval = OPTBIT(IN6P_RTHDR); 1956 break; 1957 1958 case IPV6_RECVPATHMTU: 1959 optval = OPTBIT(IN6P_MTU); 1960 break; 1961 1962 case IPV6_V6ONLY: 1963 optval = OPTBIT(IN6P_IPV6_V6ONLY); 1964 break; 1965 1966 case IPV6_PORTRANGE: 1967 { 1968 int flags; 1969 flags = in6p->inp_flags; 1970 if (flags & INP_HIGHPORT) 1971 optval = IPV6_PORTRANGE_HIGH; 1972 else if (flags & INP_LOWPORT) 1973 optval = IPV6_PORTRANGE_LOW; 1974 else 1975 optval = 0; 1976 break; 1977 } 1978 case IPV6_RECVTCLASS: 1979 optval = OPTBIT(IN6P_TCLASS); 1980 break; 1981 1982 case IPV6_AUTOFLOWLABEL: 1983 optval = OPTBIT(IN6P_AUTOFLOWLABEL); 1984 break; 1985 1986 case IPV6_BINDANY: 1987 optval = OPTBIT(INP_BINDANY); 1988 break; 1989 1990 case IPV6_FLOWID: 1991 optval = in6p->inp_flowid; 1992 break; 1993 1994 case IPV6_FLOWTYPE: 1995 optval = in6p->inp_flowtype; 1996 break; 1997 1998 case IPV6_RECVFLOWID: 1999 optval = OPTBIT2(INP_RECVFLOWID); 2000 break; 2001#ifdef RSS 2002 case IPV6_RSSBUCKETID: 2003 retval = 2004 rss_hash2bucket(in6p->inp_flowid, 2005 in6p->inp_flowtype, 2006 &rss_bucket); 2007 if (retval == 0) 2008 optval = rss_bucket; 2009 else 2010 error = EINVAL; 2011 break; 2012 2013 case IPV6_RECVRSSBUCKETID: 2014 optval = OPTBIT2(INP_RECVRSSBUCKETID); 2015 break; 2016#endif 2017 2018 case IPV6_BINDMULTI: 2019 optval = OPTBIT2(INP_BINDMULTI); 2020 break; 2021 2022 } 2023 if (error) 2024 break; 2025 error = sooptcopyout(sopt, &optval, 2026 sizeof optval); 2027 break; 2028 2029 case IPV6_PATHMTU: 2030 { 2031 u_long pmtu = 0; 2032 struct ip6_mtuinfo mtuinfo; 2033 2034 if (!(so->so_state & SS_ISCONNECTED)) 2035 return (ENOTCONN); 2036 /* 2037 * XXX: we dot not consider the case of source 2038 * routing, or optional information to specify 2039 * the outgoing interface. 2040 */ 2041 error = ip6_getpmtu_ctl(so->so_fibnum, 2042 &in6p->in6p_faddr, &pmtu); 2043 if (error) 2044 break; 2045 if (pmtu > IPV6_MAXPACKET) 2046 pmtu = IPV6_MAXPACKET; 2047 2048 bzero(&mtuinfo, sizeof(mtuinfo)); 2049 mtuinfo.ip6m_mtu = (u_int32_t)pmtu; 2050 optdata = (void *)&mtuinfo; 2051 optdatalen = sizeof(mtuinfo); 2052 error = sooptcopyout(sopt, optdata, 2053 optdatalen); 2054 break; 2055 } 2056 2057 case IPV6_2292PKTINFO: 2058 case IPV6_2292HOPLIMIT: 2059 case IPV6_2292HOPOPTS: 2060 case IPV6_2292RTHDR: 2061 case IPV6_2292DSTOPTS: 2062 switch (optname) { 2063 case IPV6_2292PKTINFO: 2064 optval = OPTBIT(IN6P_PKTINFO); 2065 break; 2066 case IPV6_2292HOPLIMIT: 2067 optval = OPTBIT(IN6P_HOPLIMIT); 2068 break; 2069 case IPV6_2292HOPOPTS: 2070 optval = OPTBIT(IN6P_HOPOPTS); 2071 break; 2072 case IPV6_2292RTHDR: 2073 optval = OPTBIT(IN6P_RTHDR); 2074 break; 2075 case IPV6_2292DSTOPTS: 2076 optval = OPTBIT(IN6P_DSTOPTS|IN6P_RTHDRDSTOPTS); 2077 break; 2078 } 2079 error = sooptcopyout(sopt, &optval, 2080 sizeof optval); 2081 break; 2082 case IPV6_PKTINFO: 2083 case IPV6_HOPOPTS: 2084 case IPV6_RTHDR: 2085 case IPV6_DSTOPTS: 2086 case IPV6_RTHDRDSTOPTS: 2087 case IPV6_NEXTHOP: 2088 case IPV6_TCLASS: 2089 case IPV6_DONTFRAG: 2090 case IPV6_USE_MIN_MTU: 2091 case IPV6_PREFER_TEMPADDR: 2092 error = ip6_getpcbopt(in6p->in6p_outputopts, 2093 optname, sopt); 2094 break; 2095 2096 case IPV6_MULTICAST_IF: 2097 case IPV6_MULTICAST_HOPS: 2098 case IPV6_MULTICAST_LOOP: 2099 case IPV6_MSFILTER: 2100 error = ip6_getmoptions(in6p, sopt); 2101 break; 2102 2103#if defined(IPSEC) || defined(IPSEC_SUPPORT) 2104 case IPV6_IPSEC_POLICY: 2105 if (IPSEC_ENABLED(ipv6)) { 2106 error = IPSEC_PCBCTL(ipv6, in6p, sopt); 2107 break; 2108 } 2109 /* FALLTHROUGH */ 2110#endif /* IPSEC */ 2111 default: 2112 error = ENOPROTOOPT; 2113 break; 2114 } 2115 break; 2116 } 2117 } 2118 return (error); 2119} 2120 2121int 2122ip6_raw_ctloutput(struct socket *so, struct sockopt *sopt) 2123{ 2124 int error = 0, optval, optlen; 2125 const int icmp6off = offsetof(struct icmp6_hdr, icmp6_cksum); 2126 struct inpcb *in6p = sotoinpcb(so); 2127 int level, op, optname; 2128 2129 level = sopt->sopt_level; 2130 op = sopt->sopt_dir; 2131 optname = sopt->sopt_name; 2132 optlen = sopt->sopt_valsize; 2133 2134 if (level != IPPROTO_IPV6) { 2135 return (EINVAL); 2136 } 2137 2138 switch (optname) { 2139 case IPV6_CHECKSUM: 2140 /* 2141 * For ICMPv6 sockets, no modification allowed for checksum 2142 * offset, permit "no change" values to help existing apps. 2143 * 2144 * RFC3542 says: "An attempt to set IPV6_CHECKSUM 2145 * for an ICMPv6 socket will fail." 2146 * The current behavior does not meet RFC3542. 2147 */ 2148 switch (op) { 2149 case SOPT_SET: 2150 if (optlen != sizeof(int)) { 2151 error = EINVAL; 2152 break; 2153 } 2154 error = sooptcopyin(sopt, &optval, sizeof(optval), 2155 sizeof(optval)); 2156 if (error) 2157 break; 2158 if ((optval % 2) != 0) { 2159 /* the API assumes even offset values */ 2160 error = EINVAL; 2161 } else if (so->so_proto->pr_protocol == 2162 IPPROTO_ICMPV6) { 2163 if (optval != icmp6off) 2164 error = EINVAL; 2165 } else 2166 in6p->in6p_cksum = optval; 2167 break; 2168 2169 case SOPT_GET: 2170 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) 2171 optval = icmp6off; 2172 else 2173 optval = in6p->in6p_cksum; 2174 2175 error = sooptcopyout(sopt, &optval, sizeof(optval)); 2176 break; 2177 2178 default: 2179 error = EINVAL; 2180 break; 2181 } 2182 break; 2183 2184 default: 2185 error = ENOPROTOOPT; 2186 break; 2187 } 2188 2189 return (error); 2190} 2191 2192/* 2193 * Set up IP6 options in pcb for insertion in output packets or 2194 * specifying behavior of outgoing packets. 2195 */ 2196static int 2197ip6_pcbopts(struct ip6_pktopts **pktopt, struct mbuf *m, 2198 struct socket *so, struct sockopt *sopt) 2199{ 2200 struct ip6_pktopts *opt = *pktopt; 2201 int error = 0; 2202 struct thread *td = sopt->sopt_td; 2203 2204 /* turn off any old options. */ 2205 if (opt) { 2206#ifdef DIAGNOSTIC 2207 if (opt->ip6po_pktinfo || opt->ip6po_nexthop || 2208 opt->ip6po_hbh || opt->ip6po_dest1 || opt->ip6po_dest2 || 2209 opt->ip6po_rhinfo.ip6po_rhi_rthdr) 2210 printf("ip6_pcbopts: all specified options are cleared.\n"); 2211#endif 2212 ip6_clearpktopts(opt, -1); 2213 } else 2214 opt = malloc(sizeof(*opt), M_IP6OPT, M_WAITOK); 2215 *pktopt = NULL; 2216 2217 if (!m || m->m_len == 0) { 2218 /* 2219 * Only turning off any previous options, regardless of 2220 * whether the opt is just created or given. 2221 */ 2222 free(opt, M_IP6OPT); 2223 return (0); 2224 } 2225 2226 /* set options specified by user. */ 2227 if ((error = ip6_setpktopts(m, opt, NULL, (td != NULL) ? 2228 td->td_ucred : NULL, so->so_proto->pr_protocol)) != 0) { 2229 ip6_clearpktopts(opt, -1); /* XXX: discard all options */ 2230 free(opt, M_IP6OPT); 2231 return (error); 2232 } 2233 *pktopt = opt; 2234 return (0); 2235} 2236 2237/* 2238 * initialize ip6_pktopts. beware that there are non-zero default values in 2239 * the struct. 2240 */ 2241void 2242ip6_initpktopts(struct ip6_pktopts *opt) 2243{ 2244 2245 bzero(opt, sizeof(*opt)); 2246 opt->ip6po_hlim = -1; /* -1 means default hop limit */ 2247 opt->ip6po_tclass = -1; /* -1 means default traffic class */ 2248 opt->ip6po_minmtu = IP6PO_MINMTU_MCASTONLY; 2249 opt->ip6po_prefer_tempaddr = IP6PO_TEMPADDR_SYSTEM; 2250} 2251 2252static int 2253ip6_pcbopt(int optname, u_char *buf, int len, struct ip6_pktopts **pktopt, 2254 struct ucred *cred, int uproto) 2255{ 2256 struct ip6_pktopts *opt; 2257 2258 if (*pktopt == NULL) { 2259 *pktopt = malloc(sizeof(struct ip6_pktopts), M_IP6OPT, 2260 M_WAITOK); 2261 ip6_initpktopts(*pktopt); 2262 } 2263 opt = *pktopt; 2264 2265 return (ip6_setpktopt(optname, buf, len, opt, cred, 1, 0, uproto)); 2266} 2267 2268static int 2269ip6_getpcbopt(struct ip6_pktopts *pktopt, int optname, struct sockopt *sopt) 2270{ 2271 void *optdata = NULL; 2272 int optdatalen = 0; 2273 struct ip6_ext *ip6e; 2274 int error = 0; 2275 struct in6_pktinfo null_pktinfo; 2276 int deftclass = 0, on; 2277 int defminmtu = IP6PO_MINMTU_MCASTONLY; 2278 int defpreftemp = IP6PO_TEMPADDR_SYSTEM; 2279 2280 switch (optname) { 2281 case IPV6_PKTINFO: 2282 optdata = (void *)&null_pktinfo; 2283 if (pktopt && pktopt->ip6po_pktinfo) { 2284 bcopy(pktopt->ip6po_pktinfo, &null_pktinfo, 2285 sizeof(null_pktinfo)); 2286 in6_clearscope(&null_pktinfo.ipi6_addr); 2287 } else { 2288 /* XXX: we don't have to do this every time... */ 2289 bzero(&null_pktinfo, sizeof(null_pktinfo)); 2290 } 2291 optdatalen = sizeof(struct in6_pktinfo); 2292 break; 2293 case IPV6_TCLASS: 2294 if (pktopt && pktopt->ip6po_tclass >= 0) 2295 optdata = (void *)&pktopt->ip6po_tclass; 2296 else 2297 optdata = (void *)&deftclass; 2298 optdatalen = sizeof(int); 2299 break; 2300 case IPV6_HOPOPTS: 2301 if (pktopt && pktopt->ip6po_hbh) { 2302 optdata = (void *)pktopt->ip6po_hbh; 2303 ip6e = (struct ip6_ext *)pktopt->ip6po_hbh; 2304 optdatalen = (ip6e->ip6e_len + 1) << 3; 2305 } 2306 break; 2307 case IPV6_RTHDR: 2308 if (pktopt && pktopt->ip6po_rthdr) { 2309 optdata = (void *)pktopt->ip6po_rthdr; 2310 ip6e = (struct ip6_ext *)pktopt->ip6po_rthdr; 2311 optdatalen = (ip6e->ip6e_len + 1) << 3; 2312 } 2313 break; 2314 case IPV6_RTHDRDSTOPTS: 2315 if (pktopt && pktopt->ip6po_dest1) { 2316 optdata = (void *)pktopt->ip6po_dest1; 2317 ip6e = (struct ip6_ext *)pktopt->ip6po_dest1; 2318 optdatalen = (ip6e->ip6e_len + 1) << 3; 2319 } 2320 break; 2321 case IPV6_DSTOPTS: 2322 if (pktopt && pktopt->ip6po_dest2) { 2323 optdata = (void *)pktopt->ip6po_dest2; 2324 ip6e = (struct ip6_ext *)pktopt->ip6po_dest2; 2325 optdatalen = (ip6e->ip6e_len + 1) << 3; 2326 } 2327 break; 2328 case IPV6_NEXTHOP: 2329 if (pktopt && pktopt->ip6po_nexthop) { 2330 optdata = (void *)pktopt->ip6po_nexthop; 2331 optdatalen = pktopt->ip6po_nexthop->sa_len; 2332 } 2333 break; 2334 case IPV6_USE_MIN_MTU: 2335 if (pktopt) 2336 optdata = (void *)&pktopt->ip6po_minmtu; 2337 else 2338 optdata = (void *)&defminmtu; 2339 optdatalen = sizeof(int); 2340 break; 2341 case IPV6_DONTFRAG: 2342 if (pktopt && ((pktopt->ip6po_flags) & IP6PO_DONTFRAG)) 2343 on = 1; 2344 else 2345 on = 0; 2346 optdata = (void *)&on; 2347 optdatalen = sizeof(on); 2348 break; 2349 case IPV6_PREFER_TEMPADDR: 2350 if (pktopt) 2351 optdata = (void *)&pktopt->ip6po_prefer_tempaddr; 2352 else 2353 optdata = (void *)&defpreftemp; 2354 optdatalen = sizeof(int); 2355 break; 2356 default: /* should not happen */ 2357#ifdef DIAGNOSTIC 2358 panic("ip6_getpcbopt: unexpected option\n"); 2359#endif 2360 return (ENOPROTOOPT); 2361 } 2362 2363 error = sooptcopyout(sopt, optdata, optdatalen); 2364 2365 return (error); 2366} 2367 2368void 2369ip6_clearpktopts(struct ip6_pktopts *pktopt, int optname) 2370{ 2371 if (pktopt == NULL) 2372 return; 2373 2374 if (optname == -1 || optname == IPV6_PKTINFO) { 2375 if (pktopt->ip6po_pktinfo) 2376 free(pktopt->ip6po_pktinfo, M_IP6OPT); 2377 pktopt->ip6po_pktinfo = NULL; 2378 } 2379 if (optname == -1 || optname == IPV6_HOPLIMIT) 2380 pktopt->ip6po_hlim = -1; 2381 if (optname == -1 || optname == IPV6_TCLASS) 2382 pktopt->ip6po_tclass = -1; 2383 if (optname == -1 || optname == IPV6_NEXTHOP) { 2384 if (pktopt->ip6po_nextroute.ro_rt) { 2385 RTFREE(pktopt->ip6po_nextroute.ro_rt); 2386 pktopt->ip6po_nextroute.ro_rt = NULL; 2387 } 2388 if (pktopt->ip6po_nexthop) 2389 free(pktopt->ip6po_nexthop, M_IP6OPT); 2390 pktopt->ip6po_nexthop = NULL; 2391 } 2392 if (optname == -1 || optname == IPV6_HOPOPTS) { 2393 if (pktopt->ip6po_hbh) 2394 free(pktopt->ip6po_hbh, M_IP6OPT); 2395 pktopt->ip6po_hbh = NULL; 2396 } 2397 if (optname == -1 || optname == IPV6_RTHDRDSTOPTS) { 2398 if (pktopt->ip6po_dest1) 2399 free(pktopt->ip6po_dest1, M_IP6OPT); 2400 pktopt->ip6po_dest1 = NULL; 2401 } 2402 if (optname == -1 || optname == IPV6_RTHDR) { 2403 if (pktopt->ip6po_rhinfo.ip6po_rhi_rthdr) 2404 free(pktopt->ip6po_rhinfo.ip6po_rhi_rthdr, M_IP6OPT); 2405 pktopt->ip6po_rhinfo.ip6po_rhi_rthdr = NULL; 2406 if (pktopt->ip6po_route.ro_rt) { 2407 RTFREE(pktopt->ip6po_route.ro_rt); 2408 pktopt->ip6po_route.ro_rt = NULL; 2409 } 2410 } 2411 if (optname == -1 || optname == IPV6_DSTOPTS) { 2412 if (pktopt->ip6po_dest2) 2413 free(pktopt->ip6po_dest2, M_IP6OPT); 2414 pktopt->ip6po_dest2 = NULL; 2415 } 2416} 2417 2418#define PKTOPT_EXTHDRCPY(type) \ 2419do {\ 2420 if (src->type) {\ 2421 int hlen = (((struct ip6_ext *)src->type)->ip6e_len + 1) << 3;\ 2422 dst->type = malloc(hlen, M_IP6OPT, canwait);\ 2423 if (dst->type == NULL && canwait == M_NOWAIT)\ 2424 goto bad;\ 2425 bcopy(src->type, dst->type, hlen);\ 2426 }\ 2427} while (/*CONSTCOND*/ 0) 2428 2429static int 2430copypktopts(struct ip6_pktopts *dst, struct ip6_pktopts *src, int canwait) 2431{ 2432 if (dst == NULL || src == NULL) { 2433 printf("ip6_clearpktopts: invalid argument\n"); 2434 return (EINVAL); 2435 } 2436 2437 dst->ip6po_hlim = src->ip6po_hlim; 2438 dst->ip6po_tclass = src->ip6po_tclass; 2439 dst->ip6po_flags = src->ip6po_flags; 2440 dst->ip6po_minmtu = src->ip6po_minmtu; 2441 dst->ip6po_prefer_tempaddr = src->ip6po_prefer_tempaddr; 2442 if (src->ip6po_pktinfo) { 2443 dst->ip6po_pktinfo = malloc(sizeof(*dst->ip6po_pktinfo), 2444 M_IP6OPT, canwait); 2445 if (dst->ip6po_pktinfo == NULL) 2446 goto bad; 2447 *dst->ip6po_pktinfo = *src->ip6po_pktinfo; 2448 } 2449 if (src->ip6po_nexthop) { 2450 dst->ip6po_nexthop = malloc(src->ip6po_nexthop->sa_len, 2451 M_IP6OPT, canwait); 2452 if (dst->ip6po_nexthop == NULL) 2453 goto bad; 2454 bcopy(src->ip6po_nexthop, dst->ip6po_nexthop, 2455 src->ip6po_nexthop->sa_len); 2456 } 2457 PKTOPT_EXTHDRCPY(ip6po_hbh); 2458 PKTOPT_EXTHDRCPY(ip6po_dest1); 2459 PKTOPT_EXTHDRCPY(ip6po_dest2); 2460 PKTOPT_EXTHDRCPY(ip6po_rthdr); /* not copy the cached route */ 2461 return (0); 2462 2463 bad: 2464 ip6_clearpktopts(dst, -1); 2465 return (ENOBUFS); 2466} 2467#undef PKTOPT_EXTHDRCPY 2468 2469struct ip6_pktopts * 2470ip6_copypktopts(struct ip6_pktopts *src, int canwait) 2471{ 2472 int error; 2473 struct ip6_pktopts *dst; 2474 2475 dst = malloc(sizeof(*dst), M_IP6OPT, canwait); 2476 if (dst == NULL) 2477 return (NULL); 2478 ip6_initpktopts(dst); 2479 2480 if ((error = copypktopts(dst, src, canwait)) != 0) { 2481 free(dst, M_IP6OPT); 2482 return (NULL); 2483 } 2484 2485 return (dst); 2486} 2487 2488void 2489ip6_freepcbopts(struct ip6_pktopts *pktopt) 2490{ 2491 if (pktopt == NULL) 2492 return; 2493 2494 ip6_clearpktopts(pktopt, -1); 2495 2496 free(pktopt, M_IP6OPT); 2497} 2498 2499/* 2500 * Set IPv6 outgoing packet options based on advanced API. 2501 */ 2502int 2503ip6_setpktopts(struct mbuf *control, struct ip6_pktopts *opt, 2504 struct ip6_pktopts *stickyopt, struct ucred *cred, int uproto) 2505{ 2506 struct cmsghdr *cm = NULL; 2507 2508 if (control == NULL || opt == NULL) 2509 return (EINVAL); 2510 2511 ip6_initpktopts(opt); 2512 if (stickyopt) { 2513 int error; 2514 2515 /* 2516 * If stickyopt is provided, make a local copy of the options 2517 * for this particular packet, then override them by ancillary 2518 * objects. 2519 * XXX: copypktopts() does not copy the cached route to a next 2520 * hop (if any). This is not very good in terms of efficiency, 2521 * but we can allow this since this option should be rarely 2522 * used. 2523 */ 2524 if ((error = copypktopts(opt, stickyopt, M_NOWAIT)) != 0) 2525 return (error); 2526 } 2527 2528 /* 2529 * XXX: Currently, we assume all the optional information is stored 2530 * in a single mbuf. 2531 */ 2532 if (control->m_next) 2533 return (EINVAL); 2534 2535 for (; control->m_len > 0; control->m_data += CMSG_ALIGN(cm->cmsg_len), 2536 control->m_len -= CMSG_ALIGN(cm->cmsg_len)) { 2537 int error; 2538 2539 if (control->m_len < CMSG_LEN(0)) 2540 return (EINVAL); 2541 2542 cm = mtod(control, struct cmsghdr *); 2543 if (cm->cmsg_len == 0 || cm->cmsg_len > control->m_len) 2544 return (EINVAL); 2545 if (cm->cmsg_level != IPPROTO_IPV6) 2546 continue; 2547 2548 error = ip6_setpktopt(cm->cmsg_type, CMSG_DATA(cm), 2549 cm->cmsg_len - CMSG_LEN(0), opt, cred, 0, 1, uproto); 2550 if (error) 2551 return (error); 2552 } 2553 2554 return (0); 2555} 2556 2557/* 2558 * Set a particular packet option, as a sticky option or an ancillary data 2559 * item. "len" can be 0 only when it's a sticky option. 2560 * We have 4 cases of combination of "sticky" and "cmsg": 2561 * "sticky=0, cmsg=0": impossible 2562 * "sticky=0, cmsg=1": RFC2292 or RFC3542 ancillary data 2563 * "sticky=1, cmsg=0": RFC3542 socket option 2564 * "sticky=1, cmsg=1": RFC2292 socket option 2565 */ 2566static int 2567ip6_setpktopt(int optname, u_char *buf, int len, struct ip6_pktopts *opt, 2568 struct ucred *cred, int sticky, int cmsg, int uproto) 2569{ 2570 int minmtupolicy, preftemp; 2571 int error; 2572 2573 if (!sticky && !cmsg) { 2574#ifdef DIAGNOSTIC 2575 printf("ip6_setpktopt: impossible case\n"); 2576#endif 2577 return (EINVAL); 2578 } 2579 2580 /* 2581 * IPV6_2292xxx is for backward compatibility to RFC2292, and should 2582 * not be specified in the context of RFC3542. Conversely, 2583 * RFC3542 types should not be specified in the context of RFC2292. 2584 */ 2585 if (!cmsg) { 2586 switch (optname) { 2587 case IPV6_2292PKTINFO: 2588 case IPV6_2292HOPLIMIT: 2589 case IPV6_2292NEXTHOP: 2590 case IPV6_2292HOPOPTS: 2591 case IPV6_2292DSTOPTS: 2592 case IPV6_2292RTHDR: 2593 case IPV6_2292PKTOPTIONS: 2594 return (ENOPROTOOPT); 2595 } 2596 } 2597 if (sticky && cmsg) { 2598 switch (optname) { 2599 case IPV6_PKTINFO: 2600 case IPV6_HOPLIMIT: 2601 case IPV6_NEXTHOP: 2602 case IPV6_HOPOPTS: 2603 case IPV6_DSTOPTS: 2604 case IPV6_RTHDRDSTOPTS: 2605 case IPV6_RTHDR: 2606 case IPV6_USE_MIN_MTU: 2607 case IPV6_DONTFRAG: 2608 case IPV6_TCLASS: 2609 case IPV6_PREFER_TEMPADDR: /* XXX: not an RFC3542 option */ 2610 return (ENOPROTOOPT); 2611 } 2612 } 2613 2614 switch (optname) { 2615 case IPV6_2292PKTINFO: 2616 case IPV6_PKTINFO: 2617 { 2618 struct ifnet *ifp = NULL; 2619 struct in6_pktinfo *pktinfo; 2620 2621 if (len != sizeof(struct in6_pktinfo)) 2622 return (EINVAL); 2623 2624 pktinfo = (struct in6_pktinfo *)buf; 2625 2626 /* 2627 * An application can clear any sticky IPV6_PKTINFO option by 2628 * doing a "regular" setsockopt with ipi6_addr being 2629 * in6addr_any and ipi6_ifindex being zero. 2630 * [RFC 3542, Section 6] 2631 */ 2632 if (optname == IPV6_PKTINFO && opt->ip6po_pktinfo && 2633 pktinfo->ipi6_ifindex == 0 && 2634 IN6_IS_ADDR_UNSPECIFIED(&pktinfo->ipi6_addr)) { 2635 ip6_clearpktopts(opt, optname); 2636 break; 2637 } 2638 2639 if (uproto == IPPROTO_TCP && optname == IPV6_PKTINFO && 2640 sticky && !IN6_IS_ADDR_UNSPECIFIED(&pktinfo->ipi6_addr)) { 2641 return (EINVAL); 2642 } 2643 if (IN6_IS_ADDR_MULTICAST(&pktinfo->ipi6_addr)) 2644 return (EINVAL); 2645 /* validate the interface index if specified. */ 2646 if (pktinfo->ipi6_ifindex > V_if_index) 2647 return (ENXIO); 2648 if (pktinfo->ipi6_ifindex) { 2649 ifp = ifnet_byindex(pktinfo->ipi6_ifindex); 2650 if (ifp == NULL) 2651 return (ENXIO); 2652 } 2653 if (ifp != NULL && (ifp->if_afdata[AF_INET6] == NULL || 2654 (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED) != 0)) 2655 return (ENETDOWN); 2656 2657 if (ifp != NULL && 2658 !IN6_IS_ADDR_UNSPECIFIED(&pktinfo->ipi6_addr)) { 2659 struct in6_ifaddr *ia; 2660 2661 in6_setscope(&pktinfo->ipi6_addr, ifp, NULL); 2662 ia = in6ifa_ifpwithaddr(ifp, &pktinfo->ipi6_addr); 2663 if (ia == NULL) 2664 return (EADDRNOTAVAIL); 2665 ifa_free(&ia->ia_ifa); 2666 } 2667 /* 2668 * We store the address anyway, and let in6_selectsrc() 2669 * validate the specified address. This is because ipi6_addr 2670 * may not have enough information about its scope zone, and 2671 * we may need additional information (such as outgoing 2672 * interface or the scope zone of a destination address) to 2673 * disambiguate the scope. 2674 * XXX: the delay of the validation may confuse the 2675 * application when it is used as a sticky option. 2676 */ 2677 if (opt->ip6po_pktinfo == NULL) { 2678 opt->ip6po_pktinfo = malloc(sizeof(*pktinfo), 2679 M_IP6OPT, M_NOWAIT); 2680 if (opt->ip6po_pktinfo == NULL) 2681 return (ENOBUFS); 2682 } 2683 bcopy(pktinfo, opt->ip6po_pktinfo, sizeof(*pktinfo)); 2684 break; 2685 } 2686 2687 case IPV6_2292HOPLIMIT: 2688 case IPV6_HOPLIMIT: 2689 { 2690 int *hlimp; 2691 2692 /* 2693 * RFC 3542 deprecated the usage of sticky IPV6_HOPLIMIT 2694 * to simplify the ordering among hoplimit options. 2695 */ 2696 if (optname == IPV6_HOPLIMIT && sticky) 2697 return (ENOPROTOOPT); 2698 2699 if (len != sizeof(int)) 2700 return (EINVAL); 2701 hlimp = (int *)buf; 2702 if (*hlimp < -1 || *hlimp > 255) 2703 return (EINVAL); 2704 2705 opt->ip6po_hlim = *hlimp; 2706 break; 2707 } 2708 2709 case IPV6_TCLASS: 2710 { 2711 int tclass; 2712 2713 if (len != sizeof(int)) 2714 return (EINVAL); 2715 tclass = *(int *)buf; 2716 if (tclass < -1 || tclass > 255) 2717 return (EINVAL); 2718 2719 opt->ip6po_tclass = tclass; 2720 break; 2721 } 2722 2723 case IPV6_2292NEXTHOP: 2724 case IPV6_NEXTHOP: 2725 if (cred != NULL) { 2726 error = priv_check_cred(cred, 2727 PRIV_NETINET_SETHDROPTS, 0); 2728 if (error) 2729 return (error); 2730 } 2731 2732 if (len == 0) { /* just remove the option */ 2733 ip6_clearpktopts(opt, IPV6_NEXTHOP); 2734 break; 2735 } 2736 2737 /* check if cmsg_len is large enough for sa_len */ 2738 if (len < sizeof(struct sockaddr) || len < *buf) 2739 return (EINVAL); 2740 2741 switch (((struct sockaddr *)buf)->sa_family) { 2742 case AF_INET6: 2743 { 2744 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)buf; 2745 int error; 2746 2747 if (sa6->sin6_len != sizeof(struct sockaddr_in6)) 2748 return (EINVAL); 2749 2750 if (IN6_IS_ADDR_UNSPECIFIED(&sa6->sin6_addr) || 2751 IN6_IS_ADDR_MULTICAST(&sa6->sin6_addr)) { 2752 return (EINVAL); 2753 } 2754 if ((error = sa6_embedscope(sa6, V_ip6_use_defzone)) 2755 != 0) { 2756 return (error); 2757 } 2758 break; 2759 } 2760 case AF_LINK: /* should eventually be supported */ 2761 default: 2762 return (EAFNOSUPPORT); 2763 } 2764 2765 /* turn off the previous option, then set the new option. */ 2766 ip6_clearpktopts(opt, IPV6_NEXTHOP); 2767 opt->ip6po_nexthop = malloc(*buf, M_IP6OPT, M_NOWAIT); 2768 if (opt->ip6po_nexthop == NULL) 2769 return (ENOBUFS); 2770 bcopy(buf, opt->ip6po_nexthop, *buf); 2771 break; 2772 2773 case IPV6_2292HOPOPTS: 2774 case IPV6_HOPOPTS: 2775 { 2776 struct ip6_hbh *hbh; 2777 int hbhlen; 2778 2779 /* 2780 * XXX: We don't allow a non-privileged user to set ANY HbH 2781 * options, since per-option restriction has too much 2782 * overhead. 2783 */ 2784 if (cred != NULL) { 2785 error = priv_check_cred(cred, 2786 PRIV_NETINET_SETHDROPTS, 0); 2787 if (error) 2788 return (error); 2789 } 2790 2791 if (len == 0) { 2792 ip6_clearpktopts(opt, IPV6_HOPOPTS); 2793 break; /* just remove the option */ 2794 } 2795 2796 /* message length validation */ 2797 if (len < sizeof(struct ip6_hbh)) 2798 return (EINVAL); 2799 hbh = (struct ip6_hbh *)buf; 2800 hbhlen = (hbh->ip6h_len + 1) << 3; 2801 if (len != hbhlen) 2802 return (EINVAL); 2803 2804 /* turn off the previous option, then set the new option. */ 2805 ip6_clearpktopts(opt, IPV6_HOPOPTS); 2806 opt->ip6po_hbh = malloc(hbhlen, M_IP6OPT, M_NOWAIT); 2807 if (opt->ip6po_hbh == NULL) 2808 return (ENOBUFS); 2809 bcopy(hbh, opt->ip6po_hbh, hbhlen); 2810 2811 break; 2812 } 2813 2814 case IPV6_2292DSTOPTS: 2815 case IPV6_DSTOPTS: 2816 case IPV6_RTHDRDSTOPTS: 2817 { 2818 struct ip6_dest *dest, **newdest = NULL; 2819 int destlen; 2820 2821 if (cred != NULL) { /* XXX: see the comment for IPV6_HOPOPTS */ 2822 error = priv_check_cred(cred, 2823 PRIV_NETINET_SETHDROPTS, 0); 2824 if (error) 2825 return (error); 2826 } 2827 2828 if (len == 0) { 2829 ip6_clearpktopts(opt, optname); 2830 break; /* just remove the option */ 2831 } 2832 2833 /* message length validation */ 2834 if (len < sizeof(struct ip6_dest)) 2835 return (EINVAL); 2836 dest = (struct ip6_dest *)buf; 2837 destlen = (dest->ip6d_len + 1) << 3; 2838 if (len != destlen) 2839 return (EINVAL); 2840 2841 /* 2842 * Determine the position that the destination options header 2843 * should be inserted; before or after the routing header. 2844 */ 2845 switch (optname) { 2846 case IPV6_2292DSTOPTS: 2847 /* 2848 * The old advacned API is ambiguous on this point. 2849 * Our approach is to determine the position based 2850 * according to the existence of a routing header. 2851 * Note, however, that this depends on the order of the 2852 * extension headers in the ancillary data; the 1st 2853 * part of the destination options header must appear 2854 * before the routing header in the ancillary data, 2855 * too. 2856 * RFC3542 solved the ambiguity by introducing 2857 * separate ancillary data or option types. 2858 */ 2859 if (opt->ip6po_rthdr == NULL) 2860 newdest = &opt->ip6po_dest1; 2861 else 2862 newdest = &opt->ip6po_dest2; 2863 break; 2864 case IPV6_RTHDRDSTOPTS: 2865 newdest = &opt->ip6po_dest1; 2866 break; 2867 case IPV6_DSTOPTS: 2868 newdest = &opt->ip6po_dest2; 2869 break; 2870 } 2871 2872 /* turn off the previous option, then set the new option. */ 2873 ip6_clearpktopts(opt, optname); 2874 *newdest = malloc(destlen, M_IP6OPT, M_NOWAIT); 2875 if (*newdest == NULL) 2876 return (ENOBUFS); 2877 bcopy(dest, *newdest, destlen); 2878 2879 break; 2880 } 2881 2882 case IPV6_2292RTHDR: 2883 case IPV6_RTHDR: 2884 { 2885 struct ip6_rthdr *rth; 2886 int rthlen; 2887 2888 if (len == 0) { 2889 ip6_clearpktopts(opt, IPV6_RTHDR); 2890 break; /* just remove the option */ 2891 } 2892 2893 /* message length validation */ 2894 if (len < sizeof(struct ip6_rthdr)) 2895 return (EINVAL); 2896 rth = (struct ip6_rthdr *)buf; 2897 rthlen = (rth->ip6r_len + 1) << 3; 2898 if (len != rthlen) 2899 return (EINVAL); 2900 2901 switch (rth->ip6r_type) { 2902 case IPV6_RTHDR_TYPE_0: 2903 if (rth->ip6r_len == 0) /* must contain one addr */ 2904 return (EINVAL); 2905 if (rth->ip6r_len % 2) /* length must be even */ 2906 return (EINVAL); 2907 if (rth->ip6r_len / 2 != rth->ip6r_segleft) 2908 return (EINVAL); 2909 break; 2910 default: 2911 return (EINVAL); /* not supported */ 2912 } 2913 2914 /* turn off the previous option */ 2915 ip6_clearpktopts(opt, IPV6_RTHDR); 2916 opt->ip6po_rthdr = malloc(rthlen, M_IP6OPT, M_NOWAIT); 2917 if (opt->ip6po_rthdr == NULL) 2918 return (ENOBUFS); 2919 bcopy(rth, opt->ip6po_rthdr, rthlen); 2920 2921 break; 2922 } 2923 2924 case IPV6_USE_MIN_MTU: 2925 if (len != sizeof(int)) 2926 return (EINVAL); 2927 minmtupolicy = *(int *)buf; 2928 if (minmtupolicy != IP6PO_MINMTU_MCASTONLY && 2929 minmtupolicy != IP6PO_MINMTU_DISABLE && 2930 minmtupolicy != IP6PO_MINMTU_ALL) { 2931 return (EINVAL); 2932 } 2933 opt->ip6po_minmtu = minmtupolicy; 2934 break; 2935 2936 case IPV6_DONTFRAG: 2937 if (len != sizeof(int)) 2938 return (EINVAL); 2939 2940 if (uproto == IPPROTO_TCP || *(int *)buf == 0) { 2941 /* 2942 * we ignore this option for TCP sockets. 2943 * (RFC3542 leaves this case unspecified.) 2944 */ 2945 opt->ip6po_flags &= ~IP6PO_DONTFRAG; 2946 } else 2947 opt->ip6po_flags |= IP6PO_DONTFRAG; 2948 break; 2949 2950 case IPV6_PREFER_TEMPADDR: 2951 if (len != sizeof(int)) 2952 return (EINVAL); 2953 preftemp = *(int *)buf; 2954 if (preftemp != IP6PO_TEMPADDR_SYSTEM && 2955 preftemp != IP6PO_TEMPADDR_NOTPREFER && 2956 preftemp != IP6PO_TEMPADDR_PREFER) { 2957 return (EINVAL); 2958 } 2959 opt->ip6po_prefer_tempaddr = preftemp; 2960 break; 2961 2962 default: 2963 return (ENOPROTOOPT); 2964 } /* end of switch */ 2965 2966 return (0); 2967} 2968 2969/* 2970 * Routine called from ip6_output() to loop back a copy of an IP6 multicast 2971 * packet to the input queue of a specified interface. Note that this 2972 * calls the output routine of the loopback "driver", but with an interface 2973 * pointer that might NOT be &loif -- easier than replicating that code here. 2974 */ 2975void 2976ip6_mloopback(struct ifnet *ifp, struct mbuf *m) 2977{ 2978 struct mbuf *copym; 2979 struct ip6_hdr *ip6; 2980 2981 copym = m_copy(m, 0, M_COPYALL); 2982 if (copym == NULL) 2983 return; 2984 2985 /* 2986 * Make sure to deep-copy IPv6 header portion in case the data 2987 * is in an mbuf cluster, so that we can safely override the IPv6 2988 * header portion later. 2989 */ 2990 if (!M_WRITABLE(copym) || 2991 copym->m_len < sizeof(struct ip6_hdr)) { 2992 copym = m_pullup(copym, sizeof(struct ip6_hdr)); 2993 if (copym == NULL) 2994 return; 2995 } 2996 ip6 = mtod(copym, struct ip6_hdr *); 2997 /* 2998 * clear embedded scope identifiers if necessary. 2999 * in6_clearscope will touch the addresses only when necessary. 3000 */ 3001 in6_clearscope(&ip6->ip6_src); 3002 in6_clearscope(&ip6->ip6_dst); 3003 if (copym->m_pkthdr.csum_flags & CSUM_DELAY_DATA_IPV6) { 3004 copym->m_pkthdr.csum_flags |= CSUM_DATA_VALID_IPV6 | 3005 CSUM_PSEUDO_HDR; 3006 copym->m_pkthdr.csum_data = 0xffff; 3007 } 3008 if_simloop(ifp, copym, AF_INET6, 0); 3009} 3010 3011/* 3012 * Chop IPv6 header off from the payload. 3013 */ 3014static int 3015ip6_splithdr(struct mbuf *m, struct ip6_exthdrs *exthdrs) 3016{ 3017 struct mbuf *mh; 3018 struct ip6_hdr *ip6; 3019 3020 ip6 = mtod(m, struct ip6_hdr *); 3021 if (m->m_len > sizeof(*ip6)) { 3022 mh = m_gethdr(M_NOWAIT, MT_DATA); 3023 if (mh == NULL) { 3024 m_freem(m); 3025 return ENOBUFS; 3026 } 3027 m_move_pkthdr(mh, m); 3028 M_ALIGN(mh, sizeof(*ip6)); 3029 m->m_len -= sizeof(*ip6); 3030 m->m_data += sizeof(*ip6); 3031 mh->m_next = m; 3032 m = mh; 3033 m->m_len = sizeof(*ip6); 3034 bcopy((caddr_t)ip6, mtod(m, caddr_t), sizeof(*ip6)); 3035 } 3036 exthdrs->ip6e_ip6 = m; 3037 return 0; 3038} 3039 3040/* 3041 * Compute IPv6 extension header length. 3042 */ 3043int 3044ip6_optlen(struct inpcb *in6p) 3045{ 3046 int len; 3047 3048 if (!in6p->in6p_outputopts) 3049 return 0; 3050 3051 len = 0; 3052#define elen(x) \ 3053 (((struct ip6_ext *)(x)) ? (((struct ip6_ext *)(x))->ip6e_len + 1) << 3 : 0) 3054 3055 len += elen(in6p->in6p_outputopts->ip6po_hbh); 3056 if (in6p->in6p_outputopts->ip6po_rthdr) 3057 /* dest1 is valid with rthdr only */ 3058 len += elen(in6p->in6p_outputopts->ip6po_dest1); 3059 len += elen(in6p->in6p_outputopts->ip6po_rthdr); 3060 len += elen(in6p->in6p_outputopts->ip6po_dest2); 3061 return len; 3062#undef elen 3063} 3064