1139826Simp/*- 253541Sshin * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 3222488Srwatson * Copyright (c) 2010-2011 Juniper Networks, Inc. 453541Sshin * All rights reserved. 553541Sshin * 6222488Srwatson * Portions of this software were developed by Robert N. M. Watson under 7222488Srwatson * contract to Juniper Networks, Inc. 8222488Srwatson * 953541Sshin * Redistribution and use in source and binary forms, with or without 1053541Sshin * modification, are permitted provided that the following conditions 1153541Sshin * are met: 1253541Sshin * 1. Redistributions of source code must retain the above copyright 1353541Sshin * notice, this list of conditions and the following disclaimer. 1453541Sshin * 2. Redistributions in binary form must reproduce the above copyright 1553541Sshin * notice, this list of conditions and the following disclaimer in the 1653541Sshin * documentation and/or other materials provided with the distribution. 1753541Sshin * 3. Neither the name of the project nor the names of its contributors 1853541Sshin * may be used to endorse or promote products derived from this software 1953541Sshin * without specific prior written permission. 2053541Sshin * 2153541Sshin * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 2253541Sshin * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 2353541Sshin * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 2453541Sshin * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 2553541Sshin * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 2653541Sshin * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2753541Sshin * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2853541Sshin * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 2953541Sshin * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 3053541Sshin * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 3153541Sshin * SUCH DAMAGE. 3253541Sshin * 33174510Sobrien * $KAME: in6_pcb.c,v 1.31 2001/05/21 05:45:10 jinmei Exp $ 3453541Sshin */ 3553541Sshin 36139826Simp/*- 3753541Sshin * Copyright (c) 1982, 1986, 1991, 1993 3853541Sshin * The Regents of the University of California. All rights reserved. 3953541Sshin * 4053541Sshin * Redistribution and use in source and binary forms, with or without 4153541Sshin * modification, are permitted provided that the following conditions 4253541Sshin * are met: 4353541Sshin * 1. Redistributions of source code must retain the above copyright 4453541Sshin * notice, this list of conditions and the following disclaimer. 4553541Sshin * 2. Redistributions in binary form must reproduce the above copyright 4653541Sshin * notice, this list of conditions and the following disclaimer in the 4753541Sshin * documentation and/or other materials provided with the distribution. 4853541Sshin * 4. Neither the name of the University nor the names of its contributors 4953541Sshin * may be used to endorse or promote products derived from this software 5053541Sshin * without specific prior written permission. 5153541Sshin * 5253541Sshin * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 5353541Sshin * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 5453541Sshin * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 5553541Sshin * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 5653541Sshin * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 5753541Sshin * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 5853541Sshin * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 5953541Sshin * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 6053541Sshin * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 6153541Sshin * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 6253541Sshin * SUCH DAMAGE. 6353541Sshin * 6453541Sshin * @(#)in_pcb.c 8.2 (Berkeley) 1/4/94 6553541Sshin */ 6653541Sshin 67174510Sobrien#include <sys/cdefs.h> 68174510Sobrien__FBSDID("$FreeBSD$"); 69174510Sobrien 7078064Sume#include "opt_inet.h" 7178064Sume#include "opt_inet6.h" 7255009Sshin#include "opt_ipsec.h" 73222748Srwatson#include "opt_pcbgroup.h" 7453541Sshin 7553541Sshin#include <sys/param.h> 7653541Sshin#include <sys/systm.h> 7753541Sshin#include <sys/malloc.h> 7853541Sshin#include <sys/mbuf.h> 7955679Sshin#include <sys/domain.h> 8053541Sshin#include <sys/protosw.h> 8153541Sshin#include <sys/socket.h> 8253541Sshin#include <sys/socketvar.h> 8353541Sshin#include <sys/sockio.h> 8453541Sshin#include <sys/errno.h> 8553541Sshin#include <sys/time.h> 86164033Srwatson#include <sys/priv.h> 8753541Sshin#include <sys/proc.h> 8853541Sshin#include <sys/jail.h> 8953541Sshin 9092767Sjeff#include <vm/uma.h> 9153541Sshin 9253541Sshin#include <net/if.h> 9353541Sshin#include <net/if_types.h> 9453541Sshin#include <net/route.h> 9553541Sshin 9653541Sshin#include <netinet/in.h> 9753541Sshin#include <netinet/in_var.h> 9853541Sshin#include <netinet/in_systm.h> 9998102Shsu#include <netinet/tcp_var.h> 10062587Sitojun#include <netinet/ip6.h> 10155679Sshin#include <netinet/ip_var.h> 102181887Sjulian 10353541Sshin#include <netinet6/ip6_var.h> 10453541Sshin#include <netinet6/nd6.h> 10553541Sshin#include <netinet/in_pcb.h> 10653541Sshin#include <netinet6/in6_pcb.h> 107148385Sume#include <netinet6/scope6_var.h> 10853541Sshin 10953541Sshinstruct in6_addr zeroin6_addr; 11053541Sshin 11153541Sshinint 112171259Sdelphijin6_pcbbind(register struct inpcb *inp, struct sockaddr *nam, 113171259Sdelphij struct ucred *cred) 11453541Sshin{ 11553541Sshin struct socket *so = inp->inp_socket; 11653541Sshin struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)NULL; 11753541Sshin struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 11853541Sshin u_short lport = 0; 119222215Srwatson int error, lookupflags = 0; 120222215Srwatson int reuseport = (so->so_options & SO_REUSEPORT); 12153541Sshin 122178285Srwatson INP_WLOCK_ASSERT(inp); 123222488Srwatson INP_HASH_WLOCK_ASSERT(pcbinfo); 124132714Srwatson 125194907Srwatson if (TAILQ_EMPTY(&V_in6_ifaddrhead)) /* XXX broken! */ 12653541Sshin return (EADDRNOTAVAIL); 12753541Sshin if (inp->inp_lport || !IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) 128120856Sume return (EINVAL); 12953541Sshin if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0) 130222215Srwatson lookupflags = INPLOOKUP_WILDCARD; 131188148Sjamie if (nam == NULL) { 132188148Sjamie if ((error = prison_local_ip6(cred, &inp->in6p_laddr, 133188148Sjamie ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0))) != 0) 134188148Sjamie return (error); 135188148Sjamie } else { 13653541Sshin sin6 = (struct sockaddr_in6 *)nam; 13753541Sshin if (nam->sa_len != sizeof(*sin6)) 138120856Sume return (EINVAL); 13953541Sshin /* 14053541Sshin * family check. 14153541Sshin */ 14253541Sshin if (nam->sa_family != AF_INET6) 143120856Sume return (EAFNOSUPPORT); 14453541Sshin 145181803Sbz if ((error = sa6_embedscope(sin6, V_ip6_use_defzone)) != 0) 146148385Sume return(error); 14753541Sshin 148188144Sjamie if ((error = prison_local_ip6(cred, &sin6->sin6_addr, 149188144Sjamie ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0))) != 0) 150188144Sjamie return (error); 151185435Sbz 15253541Sshin lport = sin6->sin6_port; 15353541Sshin if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) { 15453541Sshin /* 15553541Sshin * Treat SO_REUSEADDR as SO_REUSEPORT for multicast; 15653541Sshin * allow compepte duplication of binding if 15753541Sshin * SO_REUSEPORT is set, or if SO_REUSEADDR is set 15853541Sshin * and a multicast address is bound on both 15953541Sshin * new and duplicated sockets. 16053541Sshin */ 161254778Strociny if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) != 0) 16253541Sshin reuseport = SO_REUSEADDR|SO_REUSEPORT; 16353541Sshin } else if (!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 164194760Srwatson struct ifaddr *ifa; 16553541Sshin 16653541Sshin sin6->sin6_port = 0; /* yech... */ 167194760Srwatson if ((ifa = ifa_ifwithaddr((struct sockaddr *)sin6)) == 168194760Srwatson NULL && 169193217Spjd (inp->inp_flags & INP_BINDANY) == 0) { 170120856Sume return (EADDRNOTAVAIL); 171193217Spjd } 17253541Sshin 17353541Sshin /* 17453541Sshin * XXX: bind to an anycast address might accidentally 17553541Sshin * cause sending a packet with anycast source address. 17678064Sume * We should allow to bind to a deprecated address, since 177120913Sume * the application dares to use it. 17853541Sshin */ 179194760Srwatson if (ifa != NULL && 180194760Srwatson ((struct in6_ifaddr *)ifa)->ia6_flags & 18178064Sume (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY|IN6_IFF_DETACHED)) { 182194760Srwatson ifa_free(ifa); 183120856Sume return (EADDRNOTAVAIL); 18453541Sshin } 185194760Srwatson if (ifa != NULL) 186194760Srwatson ifa_free(ifa); 18753541Sshin } 18853541Sshin if (lport) { 18953541Sshin struct inpcb *t; 190227428Strociny struct tcptw *tw; 19153541Sshin 19253541Sshin /* GROSS */ 193181803Sbz if (ntohs(lport) <= V_ipport_reservedhigh && 194181803Sbz ntohs(lport) >= V_ipport_reservedlow && 195164033Srwatson priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT, 196170587Srwatson 0)) 197120856Sume return (EACCES); 198159976Spjd if (!IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr) && 199183606Sbz priv_check_cred(inp->inp_cred, 200170587Srwatson PRIV_NETINET_REUSEPORT, 0) != 0) { 20155679Sshin t = in6_pcblookup_local(pcbinfo, 20253541Sshin &sin6->sin6_addr, lport, 203180427Sbz INPLOOKUP_WILDCARD, cred); 204132699Syar if (t && 205189848Srwatson ((t->inp_flags & INP_TIMEWAIT) == 0) && 206132699Syar (so->so_type != SOCK_STREAM || 207132699Syar IN6_IS_ADDR_UNSPECIFIED(&t->in6p_faddr)) && 20897658Stanimura (!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr) || 209171260Sdelphij !IN6_IS_ADDR_UNSPECIFIED(&t->in6p_laddr) || 210227428Strociny (t->inp_flags2 & INP_REUSEPORT) == 0) && 211227428Strociny (inp->inp_cred->cr_uid != 212183606Sbz t->inp_cred->cr_uid)) 21397658Stanimura return (EADDRINUSE); 214221247Sbz#ifdef INET 21578064Sume if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0 && 21655679Sshin IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 21755679Sshin struct sockaddr_in sin; 21855679Sshin 21955679Sshin in6_sin6_2_sin(&sin, sin6); 22055679Sshin t = in_pcblookup_local(pcbinfo, 221180427Sbz sin.sin_addr, lport, 222180427Sbz INPLOOKUP_WILDCARD, cred); 223132699Syar if (t && 224189848Srwatson ((t->inp_flags & 225132699Syar INP_TIMEWAIT) == 0) && 226132699Syar (so->so_type != SOCK_STREAM || 227132699Syar ntohl(t->inp_faddr.s_addr) == 228132699Syar INADDR_ANY) && 229183606Sbz (inp->inp_cred->cr_uid != 230183606Sbz t->inp_cred->cr_uid)) 23155679Sshin return (EADDRINUSE); 23255679Sshin } 233221247Sbz#endif 23453541Sshin } 23553541Sshin t = in6_pcblookup_local(pcbinfo, &sin6->sin6_addr, 236222215Srwatson lport, lookupflags, cred); 237227428Strociny if (t && (t->inp_flags & INP_TIMEWAIT)) { 238227428Strociny /* 239227428Strociny * XXXRW: If an incpb has had its timewait 240227428Strociny * state recycled, we treat the address as 241227428Strociny * being in use (for now). This is better 242227428Strociny * than a panic, but not desirable. 243227428Strociny */ 244227428Strociny tw = intotw(t); 245227428Strociny if (tw == NULL || 246227428Strociny (reuseport & tw->tw_so_options) == 0) 247227428Strociny return (EADDRINUSE); 248253281Strociny } else if (t && (reuseport & inp_so_options(t)) == 0) { 249120856Sume return (EADDRINUSE); 250227428Strociny } 251221247Sbz#ifdef INET 25278064Sume if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0 && 25355679Sshin IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 25455679Sshin struct sockaddr_in sin; 25555679Sshin 25655679Sshin in6_sin6_2_sin(&sin, sin6); 25755679Sshin t = in_pcblookup_local(pcbinfo, sin.sin_addr, 258222215Srwatson lport, lookupflags, cred); 259189848Srwatson if (t && t->inp_flags & INP_TIMEWAIT) { 260227428Strociny tw = intotw(t); 261227428Strociny if (tw == NULL) 262227428Strociny return (EADDRINUSE); 263227428Strociny if ((reuseport & tw->tw_so_options) == 0 264227428Strociny && (ntohl(t->inp_laddr.s_addr) != 265171260Sdelphij INADDR_ANY || ((inp->inp_vflag & 266171260Sdelphij INP_IPV6PROTO) == 267116453Scognet (t->inp_vflag & INP_IPV6PROTO)))) 268116453Scognet return (EADDRINUSE); 269253281Strociny } else if (t && 270253281Strociny (reuseport & inp_so_options(t)) == 0 && 271227428Strociny (ntohl(t->inp_laddr.s_addr) != INADDR_ANY || 272227450Strociny (t->inp_vflag & INP_IPV6PROTO) != 0)) 27397658Stanimura return (EADDRINUSE); 27455679Sshin } 275221247Sbz#endif 27653541Sshin } 27753541Sshin inp->in6p_laddr = sin6->sin6_addr; 27853541Sshin } 27953541Sshin if (lport == 0) { 280219570Sbz if ((error = in6_pcbsetport(&inp->in6p_laddr, inp, cred)) != 0) { 281219570Sbz /* Undo an address bind that may have occurred. */ 282219570Sbz inp->in6p_laddr = in6addr_any; 283188144Sjamie return (error); 284219570Sbz } 285183611Sbz } else { 28662587Sitojun inp->inp_lport = lport; 28762587Sitojun if (in_pcbinshash(inp) != 0) { 28862587Sitojun inp->in6p_laddr = in6addr_any; 28962587Sitojun inp->inp_lport = 0; 29062587Sitojun return (EAGAIN); 29153541Sshin } 29253541Sshin } 293120856Sume return (0); 29453541Sshin} 29553541Sshin 29653541Sshin/* 29753541Sshin * Transform old in6_pcbconnect() into an inner subroutine for new 29853541Sshin * in6_pcbconnect(): Do some validity-checking on the remote 29953541Sshin * address (in mbuf 'nam') and then determine local host address 30053541Sshin * (i.e., which interface) to use to access that remote host. 30153541Sshin * 30253541Sshin * This preserves definition of in6_pcbconnect(), while supporting a 30353541Sshin * slightly different version for T/TCP. (This is more than 30453541Sshin * a bit of a kludge, but cleaning up the internal interfaces would 30553541Sshin * have forced minor changes in every protocol). 30653541Sshin */ 30753541Sshinint 308171259Sdelphijin6_pcbladdr(register struct inpcb *inp, struct sockaddr *nam, 309194777Sbz struct in6_addr *plocal_addr6) 31053541Sshin{ 31153541Sshin register struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam; 312148385Sume int error = 0; 31353541Sshin struct ifnet *ifp = NULL; 314148385Sume int scope_ambiguous = 0; 315194777Sbz struct in6_addr in6a; 31653541Sshin 317178285Srwatson INP_WLOCK_ASSERT(inp); 318222488Srwatson INP_HASH_WLOCK_ASSERT(inp->inp_pcbinfo); /* XXXRW: why? */ 319158011Srwatson 32053541Sshin if (nam->sa_len != sizeof (*sin6)) 32153541Sshin return (EINVAL); 32253541Sshin if (sin6->sin6_family != AF_INET6) 32353541Sshin return (EAFNOSUPPORT); 32453541Sshin if (sin6->sin6_port == 0) 32553541Sshin return (EADDRNOTAVAIL); 32653541Sshin 327181803Sbz if (sin6->sin6_scope_id == 0 && !V_ip6_use_defzone) 328148385Sume scope_ambiguous = 1; 329181803Sbz if ((error = sa6_embedscope(sin6, V_ip6_use_defzone)) != 0) 330148385Sume return(error); 331148385Sume 332194907Srwatson if (!TAILQ_EMPTY(&V_in6_ifaddrhead)) { 33353541Sshin /* 33453541Sshin * If the destination address is UNSPECIFIED addr, 33553541Sshin * use the loopback addr, e.g ::1. 33653541Sshin */ 33753541Sshin if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) 33853541Sshin sin6->sin6_addr = in6addr_loopback; 33953541Sshin } 340188144Sjamie if ((error = prison_remote_ip6(inp->inp_cred, &sin6->sin6_addr)) != 0) 341188144Sjamie return (error); 342148385Sume 343194777Sbz error = in6_selectsrc(sin6, inp->in6p_outputopts, 344194777Sbz inp, NULL, inp->inp_cred, &ifp, &in6a); 345194777Sbz if (error) 346194777Sbz return (error); 347194777Sbz 348148385Sume if (ifp && scope_ambiguous && 349148385Sume (error = in6_setscope(&sin6->sin6_addr, ifp, NULL)) != 0) { 350148385Sume return(error); 35153541Sshin } 352148385Sume 353148385Sume /* 354194777Sbz * Do not update this earlier, in case we return with an error. 355194777Sbz * 356194777Sbz * XXX: this in6_selectsrc result might replace the bound local 357202915Sbz * address with the address specified by setsockopt(IPV6_PKTINFO). 358194777Sbz * Is it the intended behavior? 359194777Sbz */ 360194777Sbz *plocal_addr6 = in6a; 361194777Sbz 362194777Sbz /* 363148385Sume * Don't do pcblookup call here; return interface in 364148385Sume * plocal_addr6 365148385Sume * and exit to caller, that will do the lookup. 366148385Sume */ 367148385Sume 368120856Sume return (0); 36953541Sshin} 37053541Sshin 37153541Sshin/* 37253541Sshin * Outer subroutine: 37353541Sshin * Connect from a socket to a specified address. 37453541Sshin * Both address and port must be specified in argument sin. 37553541Sshin * If don't have a local address for this socket yet, 37653541Sshin * then pick one. 37753541Sshin */ 37853541Sshinint 379222691Srwatsonin6_pcbconnect_mbuf(register struct inpcb *inp, struct sockaddr *nam, 380222691Srwatson struct ucred *cred, struct mbuf *m) 38153541Sshin{ 382222488Srwatson struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 38353541Sshin register struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam; 384194777Sbz struct in6_addr addr6; 38553541Sshin int error; 38653541Sshin 387178285Srwatson INP_WLOCK_ASSERT(inp); 388222488Srwatson INP_HASH_WLOCK_ASSERT(pcbinfo); 389132714Srwatson 39053541Sshin /* 39195023Ssuz * Call inner routine, to assign local interface address. 39295023Ssuz * in6_pcbladdr() may automatically fill in sin6_scope_id. 39353541Sshin */ 39453541Sshin if ((error = in6_pcbladdr(inp, nam, &addr6)) != 0) 395120856Sume return (error); 39653541Sshin 397222488Srwatson if (in6_pcblookup_hash_locked(pcbinfo, &sin6->sin6_addr, 39853541Sshin sin6->sin6_port, 39953541Sshin IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr) 400194777Sbz ? &addr6 : &inp->in6p_laddr, 40153541Sshin inp->inp_lport, 0, NULL) != NULL) { 40253541Sshin return (EADDRINUSE); 40353541Sshin } 40453541Sshin if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { 40553541Sshin if (inp->inp_lport == 0) { 406127505Spjd error = in6_pcbbind(inp, (struct sockaddr *)0, cred); 40753541Sshin if (error) 40853541Sshin return (error); 40953541Sshin } 410194777Sbz inp->in6p_laddr = addr6; 41153541Sshin } 41253541Sshin inp->in6p_faddr = sin6->sin6_addr; 41353541Sshin inp->inp_fport = sin6->sin6_port; 41478064Sume /* update flowinfo - draft-itojun-ipv6-flowlabel-api-00 */ 415186141Sbz inp->inp_flow &= ~IPV6_FLOWLABEL_MASK; 416186141Sbz if (inp->inp_flags & IN6P_AUTOFLOWLABEL) 417186141Sbz inp->inp_flow |= 418120649Sume (htonl(ip6_randomflowlabel()) & IPV6_FLOWLABEL_MASK); 41953541Sshin 420222691Srwatson in_pcbrehash_mbuf(inp, m); 421171133Sgnn 42253541Sshin return (0); 42353541Sshin} 42453541Sshin 425222691Srwatsonint 426222691Srwatsonin6_pcbconnect(struct inpcb *inp, struct sockaddr *nam, struct ucred *cred) 427222691Srwatson{ 428222691Srwatson 429222691Srwatson return (in6_pcbconnect_mbuf(inp, nam, cred, NULL)); 430222691Srwatson} 431222691Srwatson 43253541Sshinvoid 433171259Sdelphijin6_pcbdisconnect(struct inpcb *inp) 43453541Sshin{ 435132714Srwatson 436178285Srwatson INP_WLOCK_ASSERT(inp); 437222488Srwatson INP_HASH_WLOCK_ASSERT(inp->inp_pcbinfo); 438132714Srwatson 43953541Sshin bzero((caddr_t)&inp->in6p_faddr, sizeof(inp->in6p_faddr)); 44053541Sshin inp->inp_fport = 0; 44178064Sume /* clear flowinfo - draft-itojun-ipv6-flowlabel-api-00 */ 442186141Sbz inp->inp_flow &= ~IPV6_FLOWLABEL_MASK; 44353541Sshin in_pcbrehash(inp); 44453541Sshin} 44553541Sshin 446102218Struckmanstruct sockaddr * 447171259Sdelphijin6_sockaddr(in_port_t port, struct in6_addr *addr_p) 448102218Struckman{ 449102218Struckman struct sockaddr_in6 *sin6; 450102218Struckman 451184205Sdes sin6 = malloc(sizeof *sin6, M_SONAME, M_WAITOK); 452102218Struckman bzero(sin6, sizeof *sin6); 453102218Struckman sin6->sin6_family = AF_INET6; 454102218Struckman sin6->sin6_len = sizeof(*sin6); 455102218Struckman sin6->sin6_port = port; 456102218Struckman sin6->sin6_addr = *addr_p; 457148385Sume (void)sa6_recoverscope(sin6); /* XXX: should catch errors */ 458102218Struckman 459102218Struckman return (struct sockaddr *)sin6; 460102218Struckman} 461102218Struckman 462102218Struckmanstruct sockaddr * 463171259Sdelphijin6_v4mapsin6_sockaddr(in_port_t port, struct in_addr *addr_p) 464102218Struckman{ 465102218Struckman struct sockaddr_in sin; 466102218Struckman struct sockaddr_in6 *sin6_p; 467102218Struckman 468102218Struckman bzero(&sin, sizeof sin); 469102218Struckman sin.sin_family = AF_INET; 470102218Struckman sin.sin_len = sizeof(sin); 471102218Struckman sin.sin_port = port; 472102218Struckman sin.sin_addr = *addr_p; 473102218Struckman 474184205Sdes sin6_p = malloc(sizeof *sin6_p, M_SONAME, 475111119Simp M_WAITOK); 476102218Struckman in6_sin_2_v4mapsin6(&sin, sin6_p); 477102218Struckman 478102218Struckman return (struct sockaddr *)sin6_p; 479102218Struckman} 480102218Struckman 48153541Sshinint 482171259Sdelphijin6_getsockaddr(struct socket *so, struct sockaddr **nam) 48353541Sshin{ 48453541Sshin register struct inpcb *inp; 485102218Struckman struct in6_addr addr; 486102218Struckman in_port_t port; 48753541Sshin 48853541Sshin inp = sotoinpcb(so); 489169462Srwatson KASSERT(inp != NULL, ("in6_getsockaddr: inp == NULL")); 490157673Srwatson 491178320Srwatson INP_RLOCK(inp); 492102218Struckman port = inp->inp_lport; 493102218Struckman addr = inp->in6p_laddr; 494178320Srwatson INP_RUNLOCK(inp); 49553541Sshin 496102218Struckman *nam = in6_sockaddr(port, &addr); 49753541Sshin return 0; 49853541Sshin} 49953541Sshin 50053541Sshinint 501171259Sdelphijin6_getpeeraddr(struct socket *so, struct sockaddr **nam) 50253541Sshin{ 50353541Sshin struct inpcb *inp; 504102218Struckman struct in6_addr addr; 505102218Struckman in_port_t port; 50653541Sshin 50753541Sshin inp = sotoinpcb(so); 508169462Srwatson KASSERT(inp != NULL, ("in6_getpeeraddr: inp == NULL")); 509157673Srwatson 510178320Srwatson INP_RLOCK(inp); 511102218Struckman port = inp->inp_fport; 512102218Struckman addr = inp->in6p_faddr; 513178320Srwatson INP_RUNLOCK(inp); 51453541Sshin 515102218Struckman *nam = in6_sockaddr(port, &addr); 51653541Sshin return 0; 51753541Sshin} 51853541Sshin 51953541Sshinint 52053541Sshinin6_mapped_sockaddr(struct socket *so, struct sockaddr **nam) 52153541Sshin{ 522157673Srwatson struct inpcb *inp; 52353541Sshin int error; 52453541Sshin 525157673Srwatson inp = sotoinpcb(so); 526157673Srwatson KASSERT(inp != NULL, ("in6_mapped_sockaddr: inp == NULL")); 527157673Srwatson 528221247Sbz#ifdef INET 529124332Sume if ((inp->inp_vflag & (INP_IPV4 | INP_IPV6)) == INP_IPV4) { 530169462Srwatson error = in_getsockaddr(so, nam); 53154952Seivind if (error == 0) 53253541Sshin in6_sin_2_v4mapsin6_in_sock(nam); 533221247Sbz } else 534221247Sbz#endif 535221247Sbz { 536169462Srwatson /* scope issues will be handled in in6_getsockaddr(). */ 537169462Srwatson error = in6_getsockaddr(so, nam); 538120913Sume } 53953541Sshin 54053541Sshin return error; 54153541Sshin} 54253541Sshin 54353541Sshinint 54453541Sshinin6_mapped_peeraddr(struct socket *so, struct sockaddr **nam) 54553541Sshin{ 546157673Srwatson struct inpcb *inp; 54753541Sshin int error; 54853541Sshin 549157673Srwatson inp = sotoinpcb(so); 550157673Srwatson KASSERT(inp != NULL, ("in6_mapped_peeraddr: inp == NULL")); 551157673Srwatson 552221247Sbz#ifdef INET 553124332Sume if ((inp->inp_vflag & (INP_IPV4 | INP_IPV6)) == INP_IPV4) { 554169462Srwatson error = in_getpeeraddr(so, nam); 55554952Seivind if (error == 0) 55653541Sshin in6_sin_2_v4mapsin6_in_sock(nam); 55753541Sshin } else 558221247Sbz#endif 559169462Srwatson /* scope issues will be handled in in6_getpeeraddr(). */ 560169462Srwatson error = in6_getpeeraddr(so, nam); 56153541Sshin 56253541Sshin return error; 56353541Sshin} 56453541Sshin 56553541Sshin/* 56653541Sshin * Pass some notification to all connections of a protocol 56753541Sshin * associated with address dst. The local address and/or port numbers 56853541Sshin * may be specified to limit the search. The "usual action" will be 56953541Sshin * taken, depending on the ctlinput cmd. The caller must filter any 57053541Sshin * cmds that are uninteresting (e.g., no error in the map). 57153541Sshin * Call the protocol specific routine (if any) to report 57253541Sshin * any errors for each matching socket. 57353541Sshin */ 57453541Sshinvoid 575171259Sdelphijin6_pcbnotify(struct inpcbinfo *pcbinfo, struct sockaddr *dst, 576171259Sdelphij u_int fport_arg, const struct sockaddr *src, u_int lport_arg, 577171259Sdelphij int cmd, void *cmdarg, 578175162Sobrien struct inpcb *(*notify)(struct inpcb *, int)) 57953541Sshin{ 580177961Srwatson struct inpcb *inp, *inp_temp; 58178064Sume struct sockaddr_in6 sa6_src, *sa6_dst; 58253541Sshin u_short fport = fport_arg, lport = lport_arg; 58378064Sume u_int32_t flowinfo; 584157673Srwatson int errno; 58553541Sshin 586119995Sru if ((unsigned)cmd >= PRC_NCMDS || dst->sa_family != AF_INET6) 58753541Sshin return; 58878064Sume 58978064Sume sa6_dst = (struct sockaddr_in6 *)dst; 59078064Sume if (IN6_IS_ADDR_UNSPECIFIED(&sa6_dst->sin6_addr)) 59153541Sshin return; 59253541Sshin 59353541Sshin /* 59478064Sume * note that src can be NULL when we get notify by local fragmentation. 59578064Sume */ 59691346Salfred sa6_src = (src == NULL) ? sa6_any : *(const struct sockaddr_in6 *)src; 59778064Sume flowinfo = sa6_src.sin6_flowinfo; 59878064Sume 59978064Sume /* 60053541Sshin * Redirects go to all references to the destination, 60162587Sitojun * and use in6_rtchange to invalidate the route cache. 60262587Sitojun * Dead host indications: also use in6_rtchange to invalidate 60362587Sitojun * the cache, and deliver the error to all the sockets. 60453541Sshin * Otherwise, if we have knowledge of the local port and address, 60553541Sshin * deliver only to that socket. 60653541Sshin */ 60753541Sshin if (PRC_IS_REDIRECT(cmd) || cmd == PRC_HOSTDEAD) { 60853541Sshin fport = 0; 60953541Sshin lport = 0; 61078064Sume bzero((caddr_t)&sa6_src.sin6_addr, sizeof(sa6_src.sin6_addr)); 61162587Sitojun 61278064Sume if (cmd != PRC_HOSTDEAD) 61378064Sume notify = in6_rtchange; 61453541Sshin } 61553541Sshin errno = inet6ctlerrmap[cmd]; 616133192Srwatson INP_INFO_WLOCK(pcbinfo); 617177961Srwatson LIST_FOREACH_SAFE(inp, pcbinfo->ipi_listhead, inp_list, inp_temp) { 618178285Srwatson INP_WLOCK(inp); 619171260Sdelphij if ((inp->inp_vflag & INP_IPV6) == 0) { 620178285Srwatson INP_WUNLOCK(inp); 62153541Sshin continue; 622133192Srwatson } 62362587Sitojun 62478064Sume /* 625125776Sume * If the error designates a new path MTU for a destination 626125776Sume * and the application (associated with this socket) wanted to 627125776Sume * know the value, notify. Note that we notify for all 628125776Sume * disconnected sockets if the corresponding application 629125776Sume * wanted. This is because some UDP applications keep sending 630125776Sume * sockets disconnected. 631125776Sume * XXX: should we avoid to notify the value to TCP sockets? 632125776Sume */ 633125776Sume if (cmd == PRC_MSGSIZE && (inp->inp_flags & IN6P_MTU) != 0 && 634125776Sume (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) || 635125776Sume IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, &sa6_dst->sin6_addr))) { 636125776Sume ip6_notify_pmtu(inp, (struct sockaddr_in6 *)dst, 637125776Sume (u_int32_t *)cmdarg); 638125776Sume } 639125776Sume 640125776Sume /* 64178064Sume * Detect if we should notify the error. If no source and 64278064Sume * destination ports are specifed, but non-zero flowinfo and 64378064Sume * local address match, notify the error. This is the case 64478064Sume * when the error is delivered with an encrypted buffer 64578064Sume * by ESP. Otherwise, just compare addresses and ports 64678064Sume * as usual. 64778064Sume */ 64878064Sume if (lport == 0 && fport == 0 && flowinfo && 64978064Sume inp->inp_socket != NULL && 650186141Sbz flowinfo == (inp->inp_flow & IPV6_FLOWLABEL_MASK) && 65178064Sume IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, &sa6_src.sin6_addr)) 65278064Sume goto do_notify; 65378064Sume else if (!IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, 65478064Sume &sa6_dst->sin6_addr) || 65578064Sume inp->inp_socket == 0 || 65678064Sume (lport && inp->inp_lport != lport) || 65778064Sume (!IN6_IS_ADDR_UNSPECIFIED(&sa6_src.sin6_addr) && 65878064Sume !IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, 65978064Sume &sa6_src.sin6_addr)) || 660133192Srwatson (fport && inp->inp_fport != fport)) { 661178285Srwatson INP_WUNLOCK(inp); 66253541Sshin continue; 663133192Srwatson } 66462587Sitojun 66578064Sume do_notify: 666134121Srwatson if (notify) { 667134121Srwatson if ((*notify)(inp, errno)) 668178285Srwatson INP_WUNLOCK(inp); 669134121Srwatson } else 670178285Srwatson INP_WUNLOCK(inp); 67153541Sshin } 672133192Srwatson INP_INFO_WUNLOCK(pcbinfo); 67353541Sshin} 67453541Sshin 67553541Sshin/* 676222488Srwatson * Lookup a PCB based on the local address and port. Caller must hold the 677222488Srwatson * hash lock. No inpcb locks or references are acquired. 67853541Sshin */ 67953541Sshinstruct inpcb * 680171259Sdelphijin6_pcblookup_local(struct inpcbinfo *pcbinfo, struct in6_addr *laddr, 681222215Srwatson u_short lport, int lookupflags, struct ucred *cred) 68253541Sshin{ 68353541Sshin register struct inpcb *inp; 68453541Sshin int matchwild = 3, wildcard; 68553541Sshin 686222215Srwatson KASSERT((lookupflags & ~(INPLOOKUP_WILDCARD)) == 0, 687222215Srwatson ("%s: invalid lookup flags %d", __func__, lookupflags)); 688222215Srwatson 689222488Srwatson INP_HASH_WLOCK_ASSERT(pcbinfo); 690158011Srwatson 691222215Srwatson if ((lookupflags & INPLOOKUP_WILDCARD) == 0) { 69253541Sshin struct inpcbhead *head; 69353541Sshin /* 69453541Sshin * Look for an unconnected (wildcard foreign addr) PCB that 69553541Sshin * matches the local address and port we're looking for. 69653541Sshin */ 697169154Srwatson head = &pcbinfo->ipi_hashbase[INP_PCBHASH(INADDR_ANY, lport, 698169154Srwatson 0, pcbinfo->ipi_hashmask)]; 69953541Sshin LIST_FOREACH(inp, head, inp_hash) { 700185435Sbz /* XXX inp locking */ 70154952Seivind if ((inp->inp_vflag & INP_IPV6) == 0) 70253541Sshin continue; 70353541Sshin if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) && 70453541Sshin IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr) && 70553541Sshin inp->inp_lport == lport) { 706185435Sbz /* Found. */ 707185435Sbz if (cred == NULL || 708192895Sjamie prison_equal_ip6(cred->cr_prison, 709192895Sjamie inp->inp_cred->cr_prison)) 710185435Sbz return (inp); 71153541Sshin } 71253541Sshin } 71353541Sshin /* 71453541Sshin * Not found. 71553541Sshin */ 71653541Sshin return (NULL); 71753541Sshin } else { 71853541Sshin struct inpcbporthead *porthash; 71953541Sshin struct inpcbport *phd; 72053541Sshin struct inpcb *match = NULL; 72153541Sshin /* 72253541Sshin * Best fit PCB lookup. 72353541Sshin * 72453541Sshin * First see if this local port is in use by looking on the 72553541Sshin * port hash list. 72653541Sshin */ 727169154Srwatson porthash = &pcbinfo->ipi_porthashbase[INP_PCBPORTHASH(lport, 728169154Srwatson pcbinfo->ipi_porthashmask)]; 72953541Sshin LIST_FOREACH(phd, porthash, phd_hash) { 73053541Sshin if (phd->phd_port == lport) 73153541Sshin break; 73253541Sshin } 73353541Sshin if (phd != NULL) { 73453541Sshin /* 73553541Sshin * Port is in use by one or more PCBs. Look for best 73653541Sshin * fit. 73753541Sshin */ 73853541Sshin LIST_FOREACH(inp, &phd->phd_pcblist, inp_portlist) { 73953541Sshin wildcard = 0; 740185435Sbz if (cred != NULL && 741192895Sjamie !prison_equal_ip6(cred->cr_prison, 742192895Sjamie inp->inp_cred->cr_prison)) 743185435Sbz continue; 744185435Sbz /* XXX inp locking */ 74554952Seivind if ((inp->inp_vflag & INP_IPV6) == 0) 74653541Sshin continue; 74753541Sshin if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr)) 74853541Sshin wildcard++; 74953541Sshin if (!IN6_IS_ADDR_UNSPECIFIED( 75053541Sshin &inp->in6p_laddr)) { 75153541Sshin if (IN6_IS_ADDR_UNSPECIFIED(laddr)) 75253541Sshin wildcard++; 75353541Sshin else if (!IN6_ARE_ADDR_EQUAL( 754185435Sbz &inp->in6p_laddr, laddr)) 75553541Sshin continue; 75653541Sshin } else { 75753541Sshin if (!IN6_IS_ADDR_UNSPECIFIED(laddr)) 75853541Sshin wildcard++; 75953541Sshin } 76053541Sshin if (wildcard < matchwild) { 76153541Sshin match = inp; 76253541Sshin matchwild = wildcard; 763185435Sbz if (matchwild == 0) 76453541Sshin break; 76553541Sshin } 76653541Sshin } 76753541Sshin } 76853541Sshin return (match); 76953541Sshin } 77053541Sshin} 77153541Sshin 77281127Sumevoid 773171259Sdelphijin6_pcbpurgeif0(struct inpcbinfo *pcbinfo, struct ifnet *ifp) 77481127Sume{ 775186141Sbz struct inpcb *in6p; 77681127Sume struct ip6_moptions *im6o; 777191672Sbms int i, gap; 77881127Sume 779157978Srwatson INP_INFO_RLOCK(pcbinfo); 780169154Srwatson LIST_FOREACH(in6p, pcbinfo->ipi_listhead, inp_list) { 781178285Srwatson INP_WLOCK(in6p); 78281127Sume im6o = in6p->in6p_moptions; 783191672Sbms if ((in6p->inp_vflag & INP_IPV6) && im6o != NULL) { 78481127Sume /* 785191672Sbms * Unselect the outgoing ifp for multicast if it 786191672Sbms * is being detached. 78781127Sume */ 78881127Sume if (im6o->im6o_multicast_ifp == ifp) 78981127Sume im6o->im6o_multicast_ifp = NULL; 79081127Sume /* 79181127Sume * Drop multicast group membership if we joined 79281127Sume * through the interface being detached. 79381127Sume */ 794191672Sbms gap = 0; 795191672Sbms for (i = 0; i < im6o->im6o_num_memberships; i++) { 796191672Sbms if (im6o->im6o_membership[i]->in6m_ifp == 797191672Sbms ifp) { 798191672Sbms in6_mc_leave(im6o->im6o_membership[i], 799191672Sbms NULL); 800191672Sbms gap++; 801191672Sbms } else if (gap != 0) { 802191672Sbms im6o->im6o_membership[i - gap] = 803191672Sbms im6o->im6o_membership[i]; 80481127Sume } 80581127Sume } 806191672Sbms im6o->im6o_num_memberships -= gap; 80781127Sume } 808178285Srwatson INP_WUNLOCK(in6p); 80981127Sume } 810157978Srwatson INP_INFO_RUNLOCK(pcbinfo); 81181127Sume} 81281127Sume 81353541Sshin/* 81453541Sshin * Check for alternatives when higher level complains 81553541Sshin * about service problems. For now, invalidate cached 81653541Sshin * routing information. If the route was created dynamically 81753541Sshin * (by a redirect), time to try a default gateway again. 81853541Sshin */ 81953541Sshinvoid 820171259Sdelphijin6_losing(struct inpcb *in6p) 82153541Sshin{ 822171259Sdelphij 823122922Sandre /* 824122922Sandre * We don't store route pointers in the routing table anymore 825122922Sandre */ 826122922Sandre return; 82753541Sshin} 82853541Sshin 82953541Sshin/* 83053541Sshin * After a routing change, flush old routing 83153541Sshin * and allocate a (hopefully) better one. 83253541Sshin */ 83398211Shsustruct inpcb * 834171259Sdelphijin6_rtchange(struct inpcb *inp, int errno) 83553541Sshin{ 836122922Sandre /* 837122922Sandre * We don't store route pointers in the routing table anymore 838122922Sandre */ 83998211Shsu return inp; 84053541Sshin} 84153541Sshin 842222748Srwatson#ifdef PCBGROUP 84353541Sshin/* 844222748Srwatson * Lookup PCB in hash list, using pcbgroup tables. 845222748Srwatson */ 846222748Srwatsonstatic struct inpcb * 847222748Srwatsonin6_pcblookup_group(struct inpcbinfo *pcbinfo, struct inpcbgroup *pcbgroup, 848222748Srwatson struct in6_addr *faddr, u_int fport_arg, struct in6_addr *laddr, 849222748Srwatson u_int lport_arg, int lookupflags, struct ifnet *ifp) 850222748Srwatson{ 851222748Srwatson struct inpcbhead *head; 852222748Srwatson struct inpcb *inp, *tmpinp; 853222748Srwatson u_short fport = fport_arg, lport = lport_arg; 854222748Srwatson int faith; 855222748Srwatson 856222748Srwatson if (faithprefix_p != NULL) 857222748Srwatson faith = (*faithprefix_p)(laddr); 858222748Srwatson else 859222748Srwatson faith = 0; 860222748Srwatson 861222748Srwatson /* 862222748Srwatson * First look for an exact match. 863222748Srwatson */ 864222748Srwatson tmpinp = NULL; 865222748Srwatson INP_GROUP_LOCK(pcbgroup); 866222748Srwatson head = &pcbgroup->ipg_hashbase[ 867222748Srwatson INP_PCBHASH(faddr->s6_addr32[3] /* XXX */, lport, fport, 868222748Srwatson pcbgroup->ipg_hashmask)]; 869222748Srwatson LIST_FOREACH(inp, head, inp_pcbgrouphash) { 870222748Srwatson /* XXX inp locking */ 871222748Srwatson if ((inp->inp_vflag & INP_IPV6) == 0) 872222748Srwatson continue; 873222748Srwatson if (IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, faddr) && 874222748Srwatson IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr) && 875222748Srwatson inp->inp_fport == fport && 876222748Srwatson inp->inp_lport == lport) { 877222748Srwatson /* 878222748Srwatson * XXX We should be able to directly return 879222748Srwatson * the inp here, without any checks. 880222748Srwatson * Well unless both bound with SO_REUSEPORT? 881222748Srwatson */ 882222748Srwatson if (prison_flag(inp->inp_cred, PR_IP6)) 883222748Srwatson goto found; 884222748Srwatson if (tmpinp == NULL) 885222748Srwatson tmpinp = inp; 886222748Srwatson } 887222748Srwatson } 888222748Srwatson if (tmpinp != NULL) { 889222748Srwatson inp = tmpinp; 890222748Srwatson goto found; 891222748Srwatson } 892222748Srwatson 893222748Srwatson /* 894222748Srwatson * Then look for a wildcard match, if requested. 895222748Srwatson */ 896222748Srwatson if ((lookupflags & INPLOOKUP_WILDCARD) != 0) { 897222748Srwatson struct inpcb *local_wild = NULL, *local_exact = NULL; 898222748Srwatson struct inpcb *jail_wild = NULL; 899222748Srwatson int injail; 900222748Srwatson 901222748Srwatson /* 902222748Srwatson * Order of socket selection - we always prefer jails. 903222748Srwatson * 1. jailed, non-wild. 904222748Srwatson * 2. jailed, wild. 905222748Srwatson * 3. non-jailed, non-wild. 906222748Srwatson * 4. non-jailed, wild. 907222748Srwatson */ 908222748Srwatson head = &pcbinfo->ipi_wildbase[INP_PCBHASH(INADDR_ANY, lport, 909222748Srwatson 0, pcbinfo->ipi_wildmask)]; 910222748Srwatson LIST_FOREACH(inp, head, inp_pcbgroup_wild) { 911222748Srwatson /* XXX inp locking */ 912222748Srwatson if ((inp->inp_vflag & INP_IPV6) == 0) 913222748Srwatson continue; 914222748Srwatson 915222748Srwatson if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) || 916222748Srwatson inp->inp_lport != lport) { 917222748Srwatson continue; 918222748Srwatson } 919222748Srwatson 920222748Srwatson /* XXX inp locking */ 921222748Srwatson if (faith && (inp->inp_flags & INP_FAITH) == 0) 922222748Srwatson continue; 923222748Srwatson 924222748Srwatson injail = prison_flag(inp->inp_cred, PR_IP6); 925222748Srwatson if (injail) { 926222748Srwatson if (prison_check_ip6(inp->inp_cred, 927222748Srwatson laddr) != 0) 928222748Srwatson continue; 929222748Srwatson } else { 930222748Srwatson if (local_exact != NULL) 931222748Srwatson continue; 932222748Srwatson } 933222748Srwatson 934222748Srwatson if (IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr)) { 935222748Srwatson if (injail) 936222748Srwatson goto found; 937222748Srwatson else 938222748Srwatson local_exact = inp; 939222748Srwatson } else if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { 940222748Srwatson if (injail) 941222748Srwatson jail_wild = inp; 942222748Srwatson else 943222748Srwatson local_wild = inp; 944222748Srwatson } 945222748Srwatson } /* LIST_FOREACH */ 946222748Srwatson 947222748Srwatson inp = jail_wild; 948222748Srwatson if (inp == NULL) 949222748Srwatson inp = jail_wild; 950222748Srwatson if (inp == NULL) 951222748Srwatson inp = local_exact; 952222748Srwatson if (inp == NULL) 953222748Srwatson inp = local_wild; 954222748Srwatson if (inp != NULL) 955222748Srwatson goto found; 956222748Srwatson } /* if ((lookupflags & INPLOOKUP_WILDCARD) != 0) */ 957222748Srwatson INP_GROUP_UNLOCK(pcbgroup); 958222748Srwatson return (NULL); 959222748Srwatson 960222748Srwatsonfound: 961222748Srwatson in_pcbref(inp); 962222748Srwatson INP_GROUP_UNLOCK(pcbgroup); 963222748Srwatson if (lookupflags & INPLOOKUP_WLOCKPCB) { 964222748Srwatson INP_WLOCK(inp); 965222748Srwatson if (in_pcbrele_wlocked(inp)) 966222748Srwatson return (NULL); 967222748Srwatson } else if (lookupflags & INPLOOKUP_RLOCKPCB) { 968222748Srwatson INP_RLOCK(inp); 969222748Srwatson if (in_pcbrele_rlocked(inp)) 970222748Srwatson return (NULL); 971222748Srwatson } else 972222748Srwatson panic("%s: locking buf", __func__); 973222748Srwatson return (inp); 974222748Srwatson} 975222748Srwatson#endif /* PCBGROUP */ 976222748Srwatson 977222748Srwatson/* 97853541Sshin * Lookup PCB in hash list. 97953541Sshin */ 98053541Sshinstruct inpcb * 981222488Srwatsonin6_pcblookup_hash_locked(struct inpcbinfo *pcbinfo, struct in6_addr *faddr, 982222488Srwatson u_int fport_arg, struct in6_addr *laddr, u_int lport_arg, 983222488Srwatson int lookupflags, struct ifnet *ifp) 98453541Sshin{ 98553541Sshin struct inpcbhead *head; 986185435Sbz struct inpcb *inp, *tmpinp; 98753541Sshin u_short fport = fport_arg, lport = lport_arg; 98878064Sume int faith; 98953541Sshin 990222215Srwatson KASSERT((lookupflags & ~(INPLOOKUP_WILDCARD)) == 0, 991222215Srwatson ("%s: invalid lookup flags %d", __func__, lookupflags)); 992222215Srwatson 993222488Srwatson INP_HASH_LOCK_ASSERT(pcbinfo); 994158011Srwatson 99583934Sbrooks if (faithprefix_p != NULL) 99683934Sbrooks faith = (*faithprefix_p)(laddr); 99783934Sbrooks else 99883934Sbrooks faith = 0; 99978064Sume 100053541Sshin /* 100153541Sshin * First look for an exact match. 100253541Sshin */ 1003185435Sbz tmpinp = NULL; 1004169154Srwatson head = &pcbinfo->ipi_hashbase[ 1005169154Srwatson INP_PCBHASH(faddr->s6_addr32[3] /* XXX */, lport, fport, 1006169154Srwatson pcbinfo->ipi_hashmask)]; 100754263Sshin LIST_FOREACH(inp, head, inp_hash) { 1008185435Sbz /* XXX inp locking */ 100954952Seivind if ((inp->inp_vflag & INP_IPV6) == 0) 101053541Sshin continue; 101153541Sshin if (IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, faddr) && 101253541Sshin IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr) && 101353541Sshin inp->inp_fport == fport && 101453541Sshin inp->inp_lport == lport) { 101553541Sshin /* 1016185435Sbz * XXX We should be able to directly return 1017185435Sbz * the inp here, without any checks. 1018185435Sbz * Well unless both bound with SO_REUSEPORT? 101953541Sshin */ 1020192895Sjamie if (prison_flag(inp->inp_cred, PR_IP6)) 1021185435Sbz return (inp); 1022185435Sbz if (tmpinp == NULL) 1023185435Sbz tmpinp = inp; 102453541Sshin } 102553541Sshin } 1026185435Sbz if (tmpinp != NULL) 1027185435Sbz return (tmpinp); 102853541Sshin 1029185435Sbz /* 1030185435Sbz * Then look for a wildcard match, if requested. 1031185435Sbz */ 1032222215Srwatson if ((lookupflags & INPLOOKUP_WILDCARD) != 0) { 1033185435Sbz struct inpcb *local_wild = NULL, *local_exact = NULL; 1034185435Sbz struct inpcb *jail_wild = NULL; 1035185435Sbz int injail; 1036185435Sbz 1037185435Sbz /* 1038185435Sbz * Order of socket selection - we always prefer jails. 1039185435Sbz * 1. jailed, non-wild. 1040185435Sbz * 2. jailed, wild. 1041185435Sbz * 3. non-jailed, non-wild. 1042185435Sbz * 4. non-jailed, wild. 1043185435Sbz */ 1044169154Srwatson head = &pcbinfo->ipi_hashbase[INP_PCBHASH(INADDR_ANY, lport, 1045169154Srwatson 0, pcbinfo->ipi_hashmask)]; 104654263Sshin LIST_FOREACH(inp, head, inp_hash) { 1047185435Sbz /* XXX inp locking */ 104854952Seivind if ((inp->inp_vflag & INP_IPV6) == 0) 104953541Sshin continue; 1050185435Sbz 1051185435Sbz if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) || 1052185435Sbz inp->inp_lport != lport) { 1053185435Sbz continue; 1054185435Sbz } 1055185435Sbz 1056185435Sbz /* XXX inp locking */ 1057185435Sbz if (faith && (inp->inp_flags & INP_FAITH) == 0) 1058185435Sbz continue; 1059185435Sbz 1060192895Sjamie injail = prison_flag(inp->inp_cred, PR_IP6); 1061185435Sbz if (injail) { 1062188144Sjamie if (prison_check_ip6(inp->inp_cred, 1063188144Sjamie laddr) != 0) 106453541Sshin continue; 1065185435Sbz } else { 1066185435Sbz if (local_exact != NULL) 1067185435Sbz continue; 1068185435Sbz } 1069185435Sbz 1070185435Sbz if (IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr)) { 1071185435Sbz if (injail) 107253541Sshin return (inp); 1073185435Sbz else 1074185435Sbz local_exact = inp; 1075185435Sbz } else if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { 1076185435Sbz if (injail) 1077185435Sbz jail_wild = inp; 1078185435Sbz else 107953541Sshin local_wild = inp; 108053541Sshin } 1081185435Sbz } /* LIST_FOREACH */ 108253541Sshin 1083185435Sbz if (jail_wild != NULL) 1084185435Sbz return (jail_wild); 1085185435Sbz if (local_exact != NULL) 1086185435Sbz return (local_exact); 1087185435Sbz if (local_wild != NULL) 1088185435Sbz return (local_wild); 1089222215Srwatson } /* if ((lookupflags & INPLOOKUP_WILDCARD) != 0) */ 1090185435Sbz 109153541Sshin /* 109253541Sshin * Not found. 109353541Sshin */ 109453541Sshin return (NULL); 109553541Sshin} 109653541Sshin 1097222488Srwatson/* 1098222488Srwatson * Lookup PCB in hash list, using pcbinfo tables. This variation locks the 1099222488Srwatson * hash list lock, and will return the inpcb locked (i.e., requires 1100222488Srwatson * INPLOOKUP_LOCKPCB). 1101222488Srwatson */ 1102222488Srwatsonstatic struct inpcb * 1103222488Srwatsonin6_pcblookup_hash(struct inpcbinfo *pcbinfo, struct in6_addr *faddr, 1104222488Srwatson u_int fport, struct in6_addr *laddr, u_int lport, int lookupflags, 1105222488Srwatson struct ifnet *ifp) 1106222488Srwatson{ 1107222488Srwatson struct inpcb *inp; 1108222488Srwatson 1109222488Srwatson INP_HASH_RLOCK(pcbinfo); 1110222488Srwatson inp = in6_pcblookup_hash_locked(pcbinfo, faddr, fport, laddr, lport, 1111222488Srwatson (lookupflags & ~(INPLOOKUP_RLOCKPCB | INPLOOKUP_WLOCKPCB)), ifp); 1112222488Srwatson if (inp != NULL) { 1113222488Srwatson in_pcbref(inp); 1114222488Srwatson INP_HASH_RUNLOCK(pcbinfo); 1115222488Srwatson if (lookupflags & INPLOOKUP_WLOCKPCB) { 1116222488Srwatson INP_WLOCK(inp); 1117222488Srwatson if (in_pcbrele_wlocked(inp)) 1118222488Srwatson return (NULL); 1119222488Srwatson } else if (lookupflags & INPLOOKUP_RLOCKPCB) { 1120222488Srwatson INP_RLOCK(inp); 1121222488Srwatson if (in_pcbrele_rlocked(inp)) 1122222488Srwatson return (NULL); 1123222488Srwatson } else 1124222488Srwatson panic("%s: locking bug", __func__); 1125222488Srwatson } else 1126222488Srwatson INP_HASH_RUNLOCK(pcbinfo); 1127222488Srwatson return (inp); 1128222488Srwatson} 1129222488Srwatson 1130222488Srwatson/* 1131222691Srwatson * Public inpcb lookup routines, accepting a 4-tuple, and optionally, an mbuf 1132222691Srwatson * from which a pre-calculated hash value may be extracted. 1133222748Srwatson * 1134222748Srwatson * Possibly more of this logic should be in in6_pcbgroup.c. 1135222488Srwatson */ 1136222488Srwatsonstruct inpcb * 1137222488Srwatsonin6_pcblookup(struct inpcbinfo *pcbinfo, struct in6_addr *faddr, u_int fport, 1138222488Srwatson struct in6_addr *laddr, u_int lport, int lookupflags, struct ifnet *ifp) 1139222488Srwatson{ 1140222748Srwatson#if defined(PCBGROUP) 1141222748Srwatson struct inpcbgroup *pcbgroup; 1142222748Srwatson#endif 1143222748Srwatson 1144222691Srwatson KASSERT((lookupflags & ~INPLOOKUP_MASK) == 0, 1145222691Srwatson ("%s: invalid lookup flags %d", __func__, lookupflags)); 1146222691Srwatson KASSERT((lookupflags & (INPLOOKUP_RLOCKPCB | INPLOOKUP_WLOCKPCB)) != 0, 1147222691Srwatson ("%s: LOCKPCB not set", __func__)); 1148222488Srwatson 1149222748Srwatson#if defined(PCBGROUP) 1150222748Srwatson if (in_pcbgroup_enabled(pcbinfo)) { 1151222748Srwatson pcbgroup = in6_pcbgroup_bytuple(pcbinfo, laddr, lport, faddr, 1152222748Srwatson fport); 1153222748Srwatson return (in6_pcblookup_group(pcbinfo, pcbgroup, faddr, fport, 1154222748Srwatson laddr, lport, lookupflags, ifp)); 1155222748Srwatson } 1156222748Srwatson#endif 1157222691Srwatson return (in6_pcblookup_hash(pcbinfo, faddr, fport, laddr, lport, 1158222691Srwatson lookupflags, ifp)); 1159222691Srwatson} 1160222691Srwatson 1161222691Srwatsonstruct inpcb * 1162222691Srwatsonin6_pcblookup_mbuf(struct inpcbinfo *pcbinfo, struct in6_addr *faddr, 1163222691Srwatson u_int fport, struct in6_addr *laddr, u_int lport, int lookupflags, 1164222691Srwatson struct ifnet *ifp, struct mbuf *m) 1165222691Srwatson{ 1166222748Srwatson#ifdef PCBGROUP 1167222748Srwatson struct inpcbgroup *pcbgroup; 1168222748Srwatson#endif 1169222748Srwatson 1170222488Srwatson KASSERT((lookupflags & ~INPLOOKUP_MASK) == 0, 1171222488Srwatson ("%s: invalid lookup flags %d", __func__, lookupflags)); 1172222488Srwatson KASSERT((lookupflags & (INPLOOKUP_RLOCKPCB | INPLOOKUP_WLOCKPCB)) != 0, 1173222488Srwatson ("%s: LOCKPCB not set", __func__)); 1174222488Srwatson 1175222748Srwatson#ifdef PCBGROUP 1176222748Srwatson if (in_pcbgroup_enabled(pcbinfo)) { 1177222748Srwatson pcbgroup = in6_pcbgroup_byhash(pcbinfo, M_HASHTYPE_GET(m), 1178222748Srwatson m->m_pkthdr.flowid); 1179222748Srwatson if (pcbgroup != NULL) 1180222748Srwatson return (in6_pcblookup_group(pcbinfo, pcbgroup, faddr, 1181222748Srwatson fport, laddr, lport, lookupflags, ifp)); 1182222748Srwatson pcbgroup = in6_pcbgroup_bytuple(pcbinfo, laddr, lport, faddr, 1183222748Srwatson fport); 1184222748Srwatson return (in6_pcblookup_group(pcbinfo, pcbgroup, faddr, fport, 1185222748Srwatson laddr, lport, lookupflags, ifp)); 1186222748Srwatson } 1187222748Srwatson#endif 1188222488Srwatson return (in6_pcblookup_hash(pcbinfo, faddr, fport, laddr, lport, 1189222488Srwatson lookupflags, ifp)); 1190222488Srwatson} 1191222488Srwatson 119253541Sshinvoid 119353541Sshininit_sin6(struct sockaddr_in6 *sin6, struct mbuf *m) 119453541Sshin{ 119553541Sshin struct ip6_hdr *ip; 119653541Sshin 119753541Sshin ip = mtod(m, struct ip6_hdr *); 119853541Sshin bzero(sin6, sizeof(*sin6)); 119953541Sshin sin6->sin6_len = sizeof(*sin6); 120053541Sshin sin6->sin6_family = AF_INET6; 120153541Sshin sin6->sin6_addr = ip->ip6_src; 120253541Sshin 1203148385Sume (void)sa6_recoverscope(sin6); /* XXX: should catch errors... */ 1204148385Sume 120553541Sshin return; 120653541Sshin} 1207