1/* 2 * Copyright (c) 2000-2014 Apple Inc. All rights reserved. 3 * 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. The rights granted to you under the License 10 * may not be used to create, or enable the creation or redistribution of, 11 * unlawful or unlicensed copies of an Apple operating system, or to 12 * circumvent, violate, or enable the circumvention or violation of, any 13 * terms of an Apple operating system software license agreement. 14 * 15 * Please obtain a copy of the License at 16 * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 * 18 * The Original Code and all software distributed under the License are 19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 * Please see the License for the specific language governing rights and 24 * limitations under the License. 25 * 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 */ 28 29 30/* $FreeBSD: src/sys/netinet6/udp6_output.c,v 1.1.2.3 2001/08/31 13:49:58 jlemon Exp $ */ 31/* $KAME: udp6_output.c,v 1.31 2001/05/21 16:39:15 jinmei Exp $ */ 32 33/* 34 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 35 * All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the project nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 */ 61 62/* 63 * Copyright (c) 1982, 1986, 1989, 1993 64 * The Regents of the University of California. All rights reserved. 65 * 66 * Redistribution and use in source and binary forms, with or without 67 * modification, are permitted provided that the following conditions 68 * are met: 69 * 1. Redistributions of source code must retain the above copyright 70 * notice, this list of conditions and the following disclaimer. 71 * 2. Redistributions in binary form must reproduce the above copyright 72 * notice, this list of conditions and the following disclaimer in the 73 * documentation and/or other materials provided with the distribution. 74 * 3. All advertising materials mentioning features or use of this software 75 * must display the following acknowledgement: 76 * This product includes software developed by the University of 77 * California, Berkeley and its contributors. 78 * 4. Neither the name of the University nor the names of its contributors 79 * may be used to endorse or promote products derived from this software 80 * without specific prior written permission. 81 * 82 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 83 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 84 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 85 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 86 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 87 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 88 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 89 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 90 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 91 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 92 * SUCH DAMAGE. 93 * 94 * @(#)udp_var.h 8.1 (Berkeley) 6/10/93 95 */ 96 97#include <sys/param.h> 98#include <sys/malloc.h> 99#include <sys/mbuf.h> 100#include <sys/protosw.h> 101#include <sys/socket.h> 102#include <sys/socketvar.h> 103#include <sys/sysctl.h> 104#include <sys/errno.h> 105#include <sys/stat.h> 106#include <sys/systm.h> 107#include <sys/proc.h> 108#include <sys/syslog.h> 109 110#include <machine/endian.h> 111 112#include <net/if.h> 113#include <net/route.h> 114#include <net/if_types.h> 115#include <net/ntstat.h> 116 117#include <netinet/in.h> 118#include <netinet/in_var.h> 119#include <netinet/in_systm.h> 120#include <netinet/ip.h> 121#include <netinet/ip_var.h> 122#include <netinet/in_pcb.h> 123#include <netinet/udp.h> 124#include <netinet/udp_var.h> 125#include <netinet/ip6.h> 126#include <netinet6/ip6_var.h> 127#include <netinet6/in6_pcb.h> 128#include <netinet6/udp6_var.h> 129#include <netinet/icmp6.h> 130#include <netinet6/ip6protosw.h> 131 132#if NECP 133#include <net/necp.h> 134#endif /* NECP */ 135 136#include <net/net_osdep.h> 137 138/* 139 * UDP protocol inplementation. 140 * Per RFC 768, August, 1980. 141 */ 142 143int 144udp6_output(struct in6pcb *in6p, struct mbuf *m, struct sockaddr *addr6, 145 struct mbuf *control, struct proc *p) 146{ 147 u_int32_t ulen = m->m_pkthdr.len; 148 u_int32_t plen = sizeof (struct udphdr) + ulen; 149 struct ip6_hdr *ip6; 150 struct udphdr *udp6; 151 struct in6_addr *laddr, *faddr; 152 u_short fport; 153 int error = 0; 154 struct ip6_pktopts opt, *optp = NULL; 155 struct ip6_moptions *im6o; 156 int af = AF_INET6, hlen = sizeof (struct ip6_hdr); 157 int flags; 158 struct sockaddr_in6 tmp; 159 struct in6_addr storage; 160 mbuf_svc_class_t msc = MBUF_SC_UNSPEC; 161 struct ip6_out_args ip6oa = 162 { IFSCOPE_NONE, { 0 }, IP6OAF_SELECT_SRCIF, 0 }; 163 struct flowadv *adv = &ip6oa.ip6oa_flowadv; 164 struct socket *so = in6p->in6p_socket; 165 struct route_in6 ro; 166 int flowadv = 0; 167 168 /* Enable flow advisory only when connected */ 169 flowadv = (so->so_state & SS_ISCONNECTED) ? 1 : 0; 170 171 if (flowadv && INP_WAIT_FOR_IF_FEEDBACK(in6p)) { 172 error = ENOBUFS; 173 goto release; 174 } 175 176 if (in6p->inp_flags & INP_BOUND_IF) { 177 ip6oa.ip6oa_boundif = in6p->inp_boundifp->if_index; 178 ip6oa.ip6oa_flags |= IP6OAF_BOUND_IF; 179 } 180 if (INP_NO_CELLULAR(in6p)) 181 ip6oa.ip6oa_flags |= IP6OAF_NO_CELLULAR; 182 if (INP_NO_EXPENSIVE(in6p)) 183 ip6oa.ip6oa_flags |= IP6OAF_NO_EXPENSIVE; 184 if (INP_AWDL_UNRESTRICTED(in6p)) 185 ip6oa.ip6oa_flags |= IP6OAF_AWDL_UNRESTRICTED; 186 187 if (control) { 188 msc = mbuf_service_class_from_control(control); 189 if ((error = ip6_setpktopts(control, &opt, 190 NULL, IPPROTO_UDP)) != 0) 191 goto release; 192 optp = &opt; 193 } else 194 optp = in6p->in6p_outputopts; 195 196 if (addr6) { 197 /* 198 * IPv4 version of udp_output calls in_pcbconnect in this case, 199 * which has its costs. 200 * 201 * Since we saw no essential reason for calling in_pcbconnect, 202 * we get rid of such kind of logic, and call in6_selectsrc 203 * and in6_pcbsetport in order to fill in the local address 204 * and the local port. 205 */ 206 struct sockaddr_in6 *sin6 = 207 (struct sockaddr_in6 *)(void *)addr6; 208 209 if (sin6->sin6_port == 0) { 210 error = EADDRNOTAVAIL; 211 goto release; 212 } 213 214 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) { 215 /* how about ::ffff:0.0.0.0 case? */ 216 error = EISCONN; 217 goto release; 218 } 219 220 /* protect *sin6 from overwrites */ 221 tmp = *sin6; 222 sin6 = &tmp; 223 224 faddr = &sin6->sin6_addr; 225 fport = sin6->sin6_port; /* allow 0 port */ 226 227 if (IN6_IS_ADDR_V4MAPPED(faddr)) { 228 if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY)) { 229 /* 230 * I believe we should explicitly discard the 231 * packet when mapped addresses are disabled, 232 * rather than send the packet as an IPv6 one. 233 * If we chose the latter approach, the packet 234 * might be sent out on the wire based on the 235 * default route, the situation which we'd 236 * probably want to avoid. 237 * (20010421 jinmei@kame.net) 238 */ 239 error = EINVAL; 240 goto release; 241 } else { 242 af = AF_INET; 243 } 244 } 245 246 /* KAME hack: embed scopeid */ 247 if (in6_embedscope(&sin6->sin6_addr, sin6, in6p, NULL, 248 optp) != 0) { 249 error = EINVAL; 250 goto release; 251 } 252 253 if (!IN6_IS_ADDR_V4MAPPED(faddr)) { 254 laddr = in6_selectsrc(sin6, optp, 255 in6p, &in6p->in6p_route, NULL, &storage, 256 ip6oa.ip6oa_boundif, &error); 257 } else 258 laddr = &in6p->in6p_laddr; /* XXX */ 259 if (laddr == NULL) { 260 if (error == 0) 261 error = EADDRNOTAVAIL; 262 goto release; 263 } 264 if (in6p->in6p_lport == 0 && 265 (error = in6_pcbsetport(laddr, in6p, p, 0)) != 0) 266 goto release; 267 } else { 268 if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) { 269 error = ENOTCONN; 270 goto release; 271 } 272 if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr)) { 273 if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY)) { 274 /* 275 * XXX: this case would happen when the 276 * application sets the V6ONLY flag after 277 * connecting the foreign address. 278 * Such applications should be fixed, 279 * so we bark here. 280 */ 281 log(LOG_INFO, "udp6_output: IPV6_V6ONLY " 282 "option was set for a connected socket\n"); 283 error = EINVAL; 284 goto release; 285 } else 286 af = AF_INET; 287 } 288 laddr = &in6p->in6p_laddr; 289 faddr = &in6p->in6p_faddr; 290 fport = in6p->in6p_fport; 291 } 292 293 if (in6p->inp_flowhash == 0) 294 in6p->inp_flowhash = inp_calc_flowhash(in6p); 295 /* update flowinfo - RFC 6437 */ 296 if (in6p->inp_flow == 0 && in6p->in6p_flags & IN6P_AUTOFLOWLABEL) { 297 in6p->inp_flow &= ~IPV6_FLOWLABEL_MASK; 298 in6p->inp_flow |= 299 (htonl(in6p->inp_flowhash) & IPV6_FLOWLABEL_MASK); 300 } 301 302 if (af == AF_INET) 303 hlen = sizeof (struct ip); 304 305 /* 306 * Calculate data length and get a mbuf 307 * for UDP and IP6 headers. 308 */ 309 M_PREPEND(m, hlen + sizeof (struct udphdr), M_DONTWAIT); 310 if (m == 0) { 311 error = ENOBUFS; 312 goto release; 313 } 314 315 /* 316 * Stuff checksum and output datagram. 317 */ 318 udp6 = (struct udphdr *)(void *)(mtod(m, caddr_t) + hlen); 319 udp6->uh_sport = in6p->in6p_lport; /* lport is always set in the PCB */ 320 udp6->uh_dport = fport; 321 if (plen <= 0xffff) 322 udp6->uh_ulen = htons((u_short)plen); 323 else 324 udp6->uh_ulen = 0; 325 udp6->uh_sum = 0; 326 327 switch (af) { 328 case AF_INET6: 329 ip6 = mtod(m, struct ip6_hdr *); 330 ip6->ip6_flow = in6p->inp_flow & IPV6_FLOWINFO_MASK; 331 ip6->ip6_vfc &= ~IPV6_VERSION_MASK; 332 ip6->ip6_vfc |= IPV6_VERSION; 333#if 0 /* ip6_plen will be filled in ip6_output. */ 334 ip6->ip6_plen = htons((u_short)plen); 335#endif 336 ip6->ip6_nxt = IPPROTO_UDP; 337 ip6->ip6_hlim = in6_selecthlim(in6p, in6p->in6p_route.ro_rt ? 338 in6p->in6p_route.ro_rt->rt_ifp : NULL); 339 ip6->ip6_src = *laddr; 340 ip6->ip6_dst = *faddr; 341 342 udp6->uh_sum = in6_pseudo(laddr, faddr, 343 htonl(plen + IPPROTO_UDP)); 344 m->m_pkthdr.csum_flags = CSUM_UDPIPV6; 345 m->m_pkthdr.csum_data = offsetof(struct udphdr, uh_sum); 346 347 if (!IN6_IS_ADDR_UNSPECIFIED(laddr)) 348 ip6oa.ip6oa_flags |= IP6OAF_BOUND_SRCADDR; 349 350 flags = IPV6_OUTARGS; 351 352 udp6stat.udp6s_opackets++; 353 354#if NECP 355 { 356 necp_kernel_policy_id policy_id; 357 if (!necp_socket_is_allowed_to_send_recv_v6(in6p, in6p->in6p_lport, fport, laddr, faddr, NULL, &policy_id)) { 358 error = EHOSTUNREACH; 359 goto release; 360 } 361 362 necp_mark_packet_from_socket(m, in6p, policy_id); 363 } 364#endif /* NECP */ 365 366#if IPSEC 367 if (in6p->in6p_sp != NULL && ipsec_setsocket(m, so) != 0) { 368 error = ENOBUFS; 369 goto release; 370 } 371#endif /*IPSEC*/ 372 373 /* In case of IPv4-mapped address used in previous send */ 374 if (ROUTE_UNUSABLE(&in6p->in6p_route) || 375 rt_key(in6p->in6p_route.ro_rt)->sa_family != AF_INET6) 376 ROUTE_RELEASE(&in6p->in6p_route); 377 378 /* Copy the cached route and take an extra reference */ 379 in6p_route_copyout(in6p, &ro); 380 381 set_packet_service_class(m, so, msc, PKT_SCF_IPV6); 382 383 m->m_pkthdr.pkt_flowsrc = FLOWSRC_INPCB; 384 m->m_pkthdr.pkt_flowid = in6p->inp_flowhash; 385 m->m_pkthdr.pkt_proto = IPPROTO_UDP; 386 m->m_pkthdr.pkt_flags |= (PKTF_FLOW_ID | PKTF_FLOW_LOCALSRC); 387 if (flowadv) 388 m->m_pkthdr.pkt_flags |= PKTF_FLOW_ADV; 389 390 im6o = in6p->in6p_moptions; 391 if (im6o != NULL) { 392 IM6O_LOCK(im6o); 393 IM6O_ADDREF_LOCKED(im6o); 394 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) && 395 im6o->im6o_multicast_ifp != NULL) { 396 in6p->in6p_last_outifp = 397 im6o->im6o_multicast_ifp; 398 } 399 IM6O_UNLOCK(im6o); 400 } 401 402 in6p->inp_sndinprog_cnt++; 403 404 socket_unlock(so, 0); 405 error = ip6_output(m, optp, &ro, flags, im6o, NULL, &ip6oa); 406 m = NULL; 407 socket_lock(so, 0); 408 409 if (im6o != NULL) 410 IM6O_REMREF(im6o); 411 412 if (error == 0 && nstat_collect) { 413 boolean_t cell, wifi, wired; 414 415 if (in6p->in6p_route.ro_rt != NULL) { 416 cell = IFNET_IS_CELLULAR(in6p->in6p_route. 417 ro_rt->rt_ifp); 418 wifi = (!cell && IFNET_IS_WIFI(in6p->in6p_route. 419 ro_rt->rt_ifp)); 420 wired = (!wifi && IFNET_IS_WIRED(in6p->in6p_route. 421 ro_rt->rt_ifp)); 422 } else { 423 cell = wifi = wired = FALSE; 424 } 425 INP_ADD_STAT(in6p, cell, wifi, wired, txpackets, 1); 426 INP_ADD_STAT(in6p, cell, wifi, wired, txbytes, ulen); 427 } 428 429 if (flowadv && (adv->code == FADV_FLOW_CONTROLLED || 430 adv->code == FADV_SUSPENDED)) { 431 /* 432 * Return an error to indicate 433 * that the packet has been dropped. 434 */ 435 error = ENOBUFS; 436 inp_set_fc_state(in6p, adv->code); 437 } 438 439 VERIFY(in6p->inp_sndinprog_cnt > 0); 440 if ( --in6p->inp_sndinprog_cnt == 0) 441 in6p->inp_flags &= ~(INP_FC_FEEDBACK); 442 443 /* Synchronize PCB cached route */ 444 in6p_route_copyin(in6p, &ro); 445 446 if (in6p->in6p_route.ro_rt != NULL) { 447 struct rtentry *rt = in6p->in6p_route.ro_rt; 448 struct ifnet *outif; 449 450 if (rt->rt_flags & RTF_MULTICAST) 451 rt = NULL; /* unusable */ 452 453 /* 454 * Always discard the cached route for unconnected 455 * socket or if it is a multicast route. 456 */ 457 if (rt == NULL) 458 ROUTE_RELEASE(&in6p->in6p_route); 459 460 /* 461 * If the destination route is unicast, update outif 462 * with that of the route interface used by IP. 463 */ 464 if (rt != NULL && 465 (outif = rt->rt_ifp) != in6p->in6p_last_outifp) 466 in6p->in6p_last_outifp = outif; 467 } else { 468 ROUTE_RELEASE(&in6p->in6p_route); 469 } 470 471 /* 472 * If output interface was cellular/expensive, and this 473 * socket is denied access to it, generate an event. 474 */ 475 if (error != 0 && (ip6oa.ip6oa_retflags & IP6OARF_IFDENIED) && 476 (INP_NO_CELLULAR(in6p) || INP_NO_EXPENSIVE(in6p))) 477 soevent(in6p->inp_socket, (SO_FILT_HINT_LOCKED| 478 SO_FILT_HINT_IFDENIED)); 479 break; 480 case AF_INET: 481 error = EAFNOSUPPORT; 482 goto release; 483 } 484 goto releaseopt; 485 486release: 487 if (m != NULL) 488 m_freem(m); 489 490releaseopt: 491 if (control != NULL) { 492 if (optp == &opt) 493 ip6_clearpktopts(optp, -1); 494 m_freem(control); 495 } 496 return (error); 497} 498