1/* 2 * Copyright (c) 2003-2013 Apple Inc. All rights reserved. 3 * 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. The rights granted to you under the License 10 * may not be used to create, or enable the creation or redistribution of, 11 * unlawful or unlicensed copies of an Apple operating system, or to 12 * circumvent, violate, or enable the circumvention or violation of, any 13 * terms of an Apple operating system software license agreement. 14 * 15 * Please obtain a copy of the License at 16 * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 * 18 * The Original Code and all software distributed under the License are 19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 * Please see the License for the specific language governing rights and 24 * limitations under the License. 25 * 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 */ 28 29/* 30 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 31 * All rights reserved. 32 * 33 * Redistribution and use in source and binary forms, with or without 34 * modification, are permitted provided that the following conditions 35 * are met: 36 * 1. Redistributions of source code must retain the above copyright 37 * notice, this list of conditions and the following disclaimer. 38 * 2. Redistributions in binary form must reproduce the above copyright 39 * notice, this list of conditions and the following disclaimer in the 40 * documentation and/or other materials provided with the distribution. 41 * 3. Neither the name of the project nor the names of its contributors 42 * may be used to endorse or promote products derived from this software 43 * without specific prior written permission. 44 * 45 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 46 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 47 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 48 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 49 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 50 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 51 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 52 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 53 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 54 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 55 * SUCH DAMAGE. 56 */ 57 58 59#include <sys/param.h> 60#include <sys/systm.h> 61#include <sys/malloc.h> 62#include <sys/mbuf.h> 63#include <sys/socket.h> 64#include <sys/sockio.h> 65#include <sys/time.h> 66#include <sys/kernel.h> 67#include <sys/errno.h> 68#include <sys/syslog.h> 69#include <sys/queue.h> 70#include <sys/mcache.h> 71#include <sys/protosw.h> 72 73#include <dev/random/randomdev.h> 74 75#include <kern/lock.h> 76#include <kern/zalloc.h> 77#include <machine/machine_routines.h> 78 79#include <net/if.h> 80#include <net/if_types.h> 81#include <net/if_dl.h> 82#include <net/route.h> 83#include <net/radix.h> 84 85#include <netinet/in.h> 86#include <netinet6/in6_var.h> 87#include <netinet6/in6_ifattach.h> 88#include <netinet/ip6.h> 89#include <netinet6/ip6_var.h> 90#include <netinet6/nd6.h> 91#include <netinet/icmp6.h> 92#include <netinet6/scope6_var.h> 93 94#include <net/net_osdep.h> 95 96static void defrouter_addreq(struct nd_defrouter *, boolean_t); 97static void defrouter_delreq(struct nd_defrouter *); 98static struct nd_defrouter *defrtrlist_update_common(struct nd_defrouter *, 99 boolean_t); 100static struct nd_defrouter *defrtrlist_update(struct nd_defrouter *); 101 102static struct in6_ifaddr *in6_pfx_newpersistaddr(struct nd_prefix *, int, 103 int *); 104static void defrtrlist_sync(struct ifnet *); 105 106static struct nd_pfxrouter *pfxrtr_lookup(struct nd_prefix *, 107 struct nd_defrouter *); 108static void pfxrtr_add(struct nd_prefix *, struct nd_defrouter *); 109static void pfxrtr_del(struct nd_pfxrouter *, struct nd_prefix *); 110static struct nd_pfxrouter *find_pfxlist_reachable_router(struct nd_prefix *); 111static void nd6_rtmsg(int, struct rtentry *); 112 113static int nd6_prefix_onlink_common(struct nd_prefix *, boolean_t, 114 unsigned int); 115static struct nd_prefix *nd6_prefix_equal_lookup(struct nd_prefix *, boolean_t); 116static void nd6_prefix_sync(struct ifnet *); 117 118static void in6_init_address_ltimes(struct nd_prefix *, 119 struct in6_addrlifetime *); 120 121static int rt6_deleteroute(struct radix_node *, void *); 122 123static struct nd_defrouter *nddr_alloc(int); 124static void nddr_free(struct nd_defrouter *); 125static void nddr_trace(struct nd_defrouter *, int); 126 127static struct nd_prefix *ndpr_alloc(int); 128static void ndpr_free(struct nd_prefix *); 129static void ndpr_trace(struct nd_prefix *, int); 130 131extern int nd6_recalc_reachtm_interval; 132 133static struct ifnet *nd6_defifp; 134int nd6_defifindex; 135static unsigned int nd6_defrouter_genid; 136 137int ip6_use_tempaddr = 1; /* use temp addr by default for testing now */ 138 139int nd6_accept_6to4 = 1; 140 141int ip6_desync_factor; 142u_int32_t ip6_temp_preferred_lifetime = DEF_TEMP_PREFERRED_LIFETIME; 143u_int32_t ip6_temp_valid_lifetime = DEF_TEMP_VALID_LIFETIME; 144/* 145 * shorter lifetimes for debugging purposes. 146 * u_int32_t ip6_temp_preferred_lifetime = 800; 147 * static u_int32_t ip6_temp_valid_lifetime = 1800; 148 */ 149int ip6_temp_regen_advance = TEMPADDR_REGEN_ADVANCE; 150 151extern lck_mtx_t *nd6_mutex; 152 153/* Serialization variables for single thread access to nd_prefix */ 154static boolean_t nd_prefix_busy; 155static void *nd_prefix_waitchan = &nd_prefix_busy; 156static int nd_prefix_waiters = 0; 157 158/* Serialization variables for single thread access to nd_defrouter */ 159static boolean_t nd_defrouter_busy; 160static void *nd_defrouter_waitchan = &nd_defrouter_busy; 161static int nd_defrouter_waiters = 0; 162 163/* RTPREF_MEDIUM has to be 0! */ 164#define RTPREF_HIGH 1 165#define RTPREF_MEDIUM 0 166#define RTPREF_LOW (-1) 167#define RTPREF_RESERVED (-2) 168#define RTPREF_INVALID (-3) /* internal */ 169 170#define NDPR_TRACE_HIST_SIZE 32 /* size of trace history */ 171 172/* For gdb */ 173__private_extern__ unsigned int ndpr_trace_hist_size = NDPR_TRACE_HIST_SIZE; 174 175struct nd_prefix_dbg { 176 struct nd_prefix ndpr_pr; /* nd_prefix */ 177 u_int16_t ndpr_refhold_cnt; /* # of ref */ 178 u_int16_t ndpr_refrele_cnt; /* # of rele */ 179 /* 180 * Circular lists of ndpr_addref and ndpr_remref callers. 181 */ 182 ctrace_t ndpr_refhold[NDPR_TRACE_HIST_SIZE]; 183 ctrace_t ndpr_refrele[NDPR_TRACE_HIST_SIZE]; 184}; 185 186static unsigned int ndpr_debug; /* debug flags */ 187static unsigned int ndpr_size; /* size of zone element */ 188static struct zone *ndpr_zone; /* zone for nd_prefix */ 189 190#define NDPR_ZONE_MAX 64 /* maximum elements in zone */ 191#define NDPR_ZONE_NAME "nd6_prefix" /* zone name */ 192 193#define NDDR_TRACE_HIST_SIZE 32 /* size of trace history */ 194 195/* For gdb */ 196__private_extern__ unsigned int nddr_trace_hist_size = NDDR_TRACE_HIST_SIZE; 197 198struct nd_defrouter_dbg { 199 struct nd_defrouter nddr_dr; /* nd_defrouter */ 200 uint16_t nddr_refhold_cnt; /* # of ref */ 201 uint16_t nddr_refrele_cnt; /* # of rele */ 202 /* 203 * Circular lists of ndpr_addref and ndpr_remref callers. 204 */ 205 ctrace_t nddr_refhold[NDDR_TRACE_HIST_SIZE]; 206 ctrace_t nddr_refrele[NDDR_TRACE_HIST_SIZE]; 207}; 208 209static unsigned int nddr_debug; /* debug flags */ 210static unsigned int nddr_size; /* size of zone element */ 211static struct zone *nddr_zone; /* zone for nd_defrouter */ 212 213#define NDDR_ZONE_MAX 64 /* maximum elements in zone */ 214#define NDDR_ZONE_NAME "nd6_defrouter" /* zone name */ 215 216static unsigned int ndprtr_size; /* size of zone element */ 217static struct zone *ndprtr_zone; /* zone for nd_pfxrouter */ 218 219#define NDPRTR_ZONE_MAX 64 /* maximum elements in zone */ 220#define NDPRTR_ZONE_NAME "nd6_pfxrouter" /* zone name */ 221 222void 223nd6_rtr_init(void) 224{ 225 PE_parse_boot_argn("ifa_debug", &ndpr_debug, sizeof (ndpr_debug)); 226 PE_parse_boot_argn("ifa_debug", &nddr_debug, sizeof (nddr_debug)); 227 228 ndpr_size = (ndpr_debug == 0) ? sizeof (struct nd_prefix) : 229 sizeof (struct nd_prefix_dbg); 230 ndpr_zone = zinit(ndpr_size, NDPR_ZONE_MAX * ndpr_size, 0, 231 NDPR_ZONE_NAME); 232 if (ndpr_zone == NULL) { 233 panic("%s: failed allocating %s", __func__, NDPR_ZONE_NAME); 234 /* NOTREACHED */ 235 } 236 zone_change(ndpr_zone, Z_EXPAND, TRUE); 237 zone_change(ndpr_zone, Z_CALLERACCT, FALSE); 238 239 nddr_size = (nddr_debug == 0) ? sizeof (struct nd_defrouter) : 240 sizeof (struct nd_defrouter_dbg); 241 nddr_zone = zinit(nddr_size, NDDR_ZONE_MAX * nddr_size, 0, 242 NDDR_ZONE_NAME); 243 if (nddr_zone == NULL) { 244 panic("%s: failed allocating %s", __func__, NDDR_ZONE_NAME); 245 /* NOTREACHED */ 246 } 247 zone_change(nddr_zone, Z_EXPAND, TRUE); 248 zone_change(nddr_zone, Z_CALLERACCT, FALSE); 249 250 ndprtr_size = sizeof (struct nd_pfxrouter); 251 ndprtr_zone = zinit(ndprtr_size, NDPRTR_ZONE_MAX * ndprtr_size, 0, 252 NDPRTR_ZONE_NAME); 253 if (ndprtr_zone == NULL) { 254 panic("%s: failed allocating %s", __func__, NDPRTR_ZONE_NAME); 255 /* NOTREACHED */ 256 } 257 zone_change(ndprtr_zone, Z_EXPAND, TRUE); 258 zone_change(ndprtr_zone, Z_CALLERACCT, FALSE); 259} 260 261/* 262 * Receive Router Solicitation Message - just for routers. 263 * Router solicitation/advertisement is mostly managed by userland program 264 * (rtadvd) so here we have no function like nd6_ra_output(). 265 * 266 * Based on RFC 2461 267 */ 268void 269nd6_rs_input( 270 struct mbuf *m, 271 int off, 272 int icmp6len) 273{ 274 struct ifnet *ifp = m->m_pkthdr.rcvif; 275 struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); 276 struct nd_router_solicit *nd_rs; 277 struct in6_addr saddr6 = ip6->ip6_src; 278 char *lladdr = NULL; 279 int lladdrlen = 0; 280 union nd_opts ndopts; 281 282 /* Expect 32-bit aligned data pointer on strict-align platforms */ 283 MBUF_STRICT_DATA_ALIGNMENT_CHECK_32(m); 284 285 /* If I'm not a router, ignore it. */ 286 if (!ip6_forwarding || !(ifp->if_eflags & IFEF_IPV6_ROUTER)) 287 goto freeit; 288 289 /* Sanity checks */ 290 if (ip6->ip6_hlim != 255) { 291 nd6log((LOG_ERR, 292 "nd6_rs_input: invalid hlim (%d) from %s to %s on %s\n", 293 ip6->ip6_hlim, ip6_sprintf(&ip6->ip6_src), 294 ip6_sprintf(&ip6->ip6_dst), if_name(ifp))); 295 goto bad; 296 } 297 298 /* 299 * Don't update the neighbor cache, if src = :: or a non-neighbor. 300 * The former case indicates that the src has no IP address assigned 301 * yet. See nd6_ns_input() for the latter case. 302 */ 303 if (IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_src)) { 304 goto freeit; 305 } else { 306 struct sockaddr_in6 src_sa6; 307 308 bzero(&src_sa6, sizeof (src_sa6)); 309 src_sa6.sin6_family = AF_INET6; 310 src_sa6.sin6_len = sizeof (src_sa6); 311 src_sa6.sin6_addr = ip6->ip6_src; 312 if (!nd6_is_addr_neighbor(&src_sa6, ifp, 0)) { 313 nd6log((LOG_INFO, "nd6_rs_input: " 314 "RS packet from non-neighbor\n")); 315 goto freeit; 316 } 317 } 318 319#ifndef PULLDOWN_TEST 320 IP6_EXTHDR_CHECK(m, off, icmp6len, return); 321 nd_rs = (struct nd_router_solicit *)((caddr_t)ip6 + off); 322#else 323 IP6_EXTHDR_GET(nd_rs, struct nd_router_solicit *, m, off, icmp6len); 324 if (nd_rs == NULL) { 325 icmp6stat.icp6s_tooshort++; 326 return; 327 } 328#endif 329 330 icmp6len -= sizeof (*nd_rs); 331 nd6_option_init(nd_rs + 1, icmp6len, &ndopts); 332 if (nd6_options(&ndopts) < 0) { 333 nd6log((LOG_INFO, 334 "nd6_rs_input: invalid ND option, ignored\n")); 335 /* nd6_options have incremented stats */ 336 goto freeit; 337 } 338 339 if (ndopts.nd_opts_src_lladdr) { 340 lladdr = (char *)(ndopts.nd_opts_src_lladdr + 1); 341 lladdrlen = ndopts.nd_opts_src_lladdr->nd_opt_len << 3; 342 } 343 344 if (lladdr && ((ifp->if_addrlen + 2 + 7) & ~7) != lladdrlen) { 345 nd6log((LOG_INFO, 346 "nd6_rs_input: lladdrlen mismatch for %s " 347 "(if %d, RS packet %d)\n", 348 ip6_sprintf(&saddr6), ifp->if_addrlen, lladdrlen - 2)); 349 goto bad; 350 } 351 352 nd6_cache_lladdr(ifp, &saddr6, lladdr, lladdrlen, ND_ROUTER_SOLICIT, 0); 353 354freeit: 355 m_freem(m); 356 return; 357 358bad: 359 icmp6stat.icp6s_badrs++; 360 m_freem(m); 361} 362 363/* 364 * Receive Router Advertisement Message. 365 * 366 * Based on RFC 2461 367 * TODO: on-link bit on prefix information 368 * TODO: ND_RA_FLAG_{OTHER,MANAGED} processing 369 */ 370void 371nd6_ra_input( 372 struct mbuf *m, 373 int off, 374 int icmp6len) 375{ 376 struct ifnet *ifp = m->m_pkthdr.rcvif; 377 struct nd_ifinfo *ndi = NULL; 378 struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); 379 struct nd_router_advert *nd_ra; 380 struct in6_addr saddr6 = ip6->ip6_src; 381 int mcast = 0; 382 union nd_opts ndopts; 383 struct nd_defrouter *dr = NULL; 384 u_int32_t mtu = 0; 385 char *lladdr = NULL; 386 u_int32_t lladdrlen = 0; 387 struct nd_prefix_list *nd_prefix_list_head = NULL; 388 u_int32_t nd_prefix_list_length = 0; 389 struct in6_ifaddr *ia6 = NULL; 390 struct nd_prefix_list *prfl; 391 struct nd_defrouter dr0; 392 u_int32_t advreachable; 393 394 395 /* Expect 32-bit aligned data pointer on strict-align platforms */ 396 MBUF_STRICT_DATA_ALIGNMENT_CHECK_32(m); 397 398 /* 399 * Discard RA unless IFEF_ACCEPT_RTADV is set (as host), or when 400 * IFEF_IPV6_ROUTER is set (as router) but the RA is not locally 401 * generated. For convenience, we allow locally generated (rtadvd) 402 * RAs to be processed on the advertising interface, as a router. 403 * 404 * Note that we don't test against ip6_forwarding as we could be 405 * both a host and a router on different interfaces, hence the 406 * check against the per-interface flags. 407 */ 408 if (!(ifp->if_eflags & (IFEF_ACCEPT_RTADV | IFEF_IPV6_ROUTER)) || 409 ((ifp->if_eflags & IFEF_IPV6_ROUTER) && 410 (ia6 = ifa_foraddr6(&saddr6)) == NULL)) 411 goto freeit; 412 413 if (ia6 != NULL) { 414 IFA_REMREF(&ia6->ia_ifa); 415 ia6 = NULL; 416 } 417 418 if (ip6->ip6_hlim != 255) { 419 nd6log((LOG_ERR, 420 "nd6_ra_input: invalid hlim (%d) from %s to %s on %s\n", 421 ip6->ip6_hlim, ip6_sprintf(&ip6->ip6_src), 422 ip6_sprintf(&ip6->ip6_dst), if_name(ifp))); 423 goto bad; 424 } 425 426 if (!IN6_IS_ADDR_LINKLOCAL(&saddr6)) { 427 nd6log((LOG_ERR, 428 "nd6_ra_input: src %s is not link-local\n", 429 ip6_sprintf(&saddr6))); 430 goto bad; 431 } 432 433#ifndef PULLDOWN_TEST 434 IP6_EXTHDR_CHECK(m, off, icmp6len, return); 435 nd_ra = (struct nd_router_advert *)((caddr_t)ip6 + off); 436#else 437 IP6_EXTHDR_GET(nd_ra, struct nd_router_advert *, m, off, icmp6len); 438 if (nd_ra == NULL) { 439 icmp6stat.icp6s_tooshort++; 440 return; 441 } 442#endif 443 444 icmp6len -= sizeof (*nd_ra); 445 nd6_option_init(nd_ra + 1, icmp6len, &ndopts); 446 if (nd6_options(&ndopts) < 0) { 447 nd6log((LOG_INFO, 448 "nd6_ra_input: invalid ND option, ignored\n")); 449 /* nd6_options have incremented stats */ 450 goto freeit; 451 } 452 453 advreachable = nd_ra->nd_ra_reachable; 454 455 /* remember if this is a multicasted advertisement */ 456 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) 457 mcast = 1; 458 459 lck_rw_lock_shared(nd_if_rwlock); 460 if (ifp->if_index >= nd_ifinfo_indexlim) { 461 lck_rw_done(nd_if_rwlock); 462 goto freeit; 463 } 464 ndi = &nd_ifinfo[ifp->if_index]; 465 VERIFY(ndi->initialized); 466 lck_mtx_lock(&ndi->lock); 467 bzero(&dr0, sizeof (dr0)); 468 dr0.rtaddr = saddr6; 469 dr0.flags = nd_ra->nd_ra_flags_reserved; 470 dr0.rtlifetime = ntohs(nd_ra->nd_ra_router_lifetime); 471 dr0.expire = net_uptime() + dr0.rtlifetime; 472 dr0.ifp = ifp; 473 /* unspecified or not? (RFC 2461 6.3.4) */ 474 if (advreachable) { 475 advreachable = ntohl(advreachable); 476 if (advreachable <= MAX_REACHABLE_TIME && 477 ndi->basereachable != advreachable) { 478 ndi->basereachable = advreachable; 479 ndi->reachable = ND_COMPUTE_RTIME(ndi->basereachable); 480 ndi->recalctm = nd6_recalc_reachtm_interval; /* reset */ 481 } 482 } 483 if (nd_ra->nd_ra_retransmit) 484 ndi->retrans = ntohl(nd_ra->nd_ra_retransmit); 485 if (nd_ra->nd_ra_curhoplimit) 486 ndi->chlim = nd_ra->nd_ra_curhoplimit; 487 lck_mtx_unlock(&ndi->lock); 488 lck_rw_done(nd_if_rwlock); 489 ndi = NULL; 490 lck_mtx_lock(nd6_mutex); 491 dr = defrtrlist_update(&dr0); 492 lck_mtx_unlock(nd6_mutex); 493 494 /* 495 * prefix 496 */ 497 if (ndopts.nd_opts_pi) { 498 struct nd_opt_hdr *pt; 499 struct nd_opt_prefix_info *pi = NULL; 500 struct nd_prefix pr; 501 502 for (pt = (struct nd_opt_hdr *)ndopts.nd_opts_pi; 503 pt <= (struct nd_opt_hdr *)ndopts.nd_opts_pi_end; 504 pt = (struct nd_opt_hdr *)((caddr_t)pt + 505 (pt->nd_opt_len << 3))) { 506 if (pt->nd_opt_type != ND_OPT_PREFIX_INFORMATION) 507 continue; 508 pi = (struct nd_opt_prefix_info *)pt; 509 510 if (pi->nd_opt_pi_len != 4) { 511 nd6log((LOG_INFO, 512 "nd6_ra_input: invalid option " 513 "len %d for prefix information option, " 514 "ignored\n", pi->nd_opt_pi_len)); 515 continue; 516 } 517 518 if (128 < pi->nd_opt_pi_prefix_len) { 519 nd6log((LOG_INFO, 520 "nd6_ra_input: invalid prefix " 521 "len %d for prefix information option, " 522 "ignored\n", pi->nd_opt_pi_prefix_len)); 523 continue; 524 } 525 526 if (IN6_IS_ADDR_MULTICAST(&pi->nd_opt_pi_prefix) || 527 IN6_IS_ADDR_LINKLOCAL(&pi->nd_opt_pi_prefix)) { 528 nd6log((LOG_INFO, 529 "%s: invalid prefix %s, ignored\n", 530 __func__, 531 ip6_sprintf(&pi->nd_opt_pi_prefix))); 532 continue; 533 } 534 535 bzero(&pr, sizeof (pr)); 536 lck_mtx_init(&pr.ndpr_lock, ifa_mtx_grp, ifa_mtx_attr); 537 NDPR_LOCK(&pr); 538 pr.ndpr_prefix.sin6_family = AF_INET6; 539 pr.ndpr_prefix.sin6_len = sizeof (pr.ndpr_prefix); 540 pr.ndpr_prefix.sin6_addr = pi->nd_opt_pi_prefix; 541 pr.ndpr_ifp = m->m_pkthdr.rcvif; 542 543 pr.ndpr_raf_onlink = (pi->nd_opt_pi_flags_reserved & 544 ND_OPT_PI_FLAG_ONLINK) ? 1 : 0; 545 pr.ndpr_raf_auto = (pi->nd_opt_pi_flags_reserved & 546 ND_OPT_PI_FLAG_AUTO) ? 1 : 0; 547 pr.ndpr_plen = pi->nd_opt_pi_prefix_len; 548 pr.ndpr_vltime = ntohl(pi->nd_opt_pi_valid_time); 549 pr.ndpr_pltime = 550 ntohl(pi->nd_opt_pi_preferred_time); 551 552 /* 553 * Exceptions to stateless autoconfiguration processing: 554 * + nd6_accept_6to4 == 0 && address has 6to4 prefix 555 * + ip6_only_allow_rfc4193_prefix != 0 && 556 * address not RFC 4193 557 */ 558 if (ip6_only_allow_rfc4193_prefix && 559 !IN6_IS_ADDR_UNIQUE_LOCAL(&pi->nd_opt_pi_prefix)) { 560 nd6log((LOG_INFO, 561 "nd6_ra_input: no SLAAC on prefix %s " 562 "[not RFC 4193]\n", 563 ip6_sprintf(&pi->nd_opt_pi_prefix))); 564 pr.ndpr_raf_auto = 0; 565 } else if (!nd6_accept_6to4 && 566 IN6_IS_ADDR_6TO4(&pi->nd_opt_pi_prefix)) { 567 nd6log((LOG_INFO, 568 "%s: no SLAAC on prefix %s " 569 "[6to4]\n", __func__, 570 ip6_sprintf(&pi->nd_opt_pi_prefix))); 571 pr.ndpr_raf_auto = 0; 572 } 573 574 if (in6_init_prefix_ltimes(&pr)) { 575 NDPR_UNLOCK(&pr); 576 lck_mtx_destroy(&pr.ndpr_lock, ifa_mtx_grp); 577 continue; /* prefix lifetime init failed */ 578 } else { 579 NDPR_UNLOCK(&pr); 580 } 581 (void) prelist_update(&pr, dr, m, mcast); 582 lck_mtx_destroy(&pr.ndpr_lock, ifa_mtx_grp); 583 584 /* 585 * We have to copy the values out after the 586 * prelist_update call since some of these values won't 587 * be properly set until after the router advertisement 588 * updating can vet the values. 589 */ 590 prfl = NULL; 591 MALLOC(prfl, struct nd_prefix_list *, sizeof (*prfl), 592 M_TEMP, M_WAITOK | M_ZERO); 593 594 if (prfl == NULL) { 595 log(LOG_DEBUG, "%s: unable to MALLOC RA prefix " 596 "structure\n", __func__); 597 continue; 598 } 599 600 /* this is only for nd6_post_msg(), otherwise unused */ 601 bcopy(&pr.ndpr_prefix, &prfl->pr.ndpr_prefix, 602 sizeof (prfl->pr.ndpr_prefix)); 603 prfl->pr.ndpr_raf = pr.ndpr_raf; 604 prfl->pr.ndpr_plen = pr.ndpr_plen; 605 prfl->pr.ndpr_vltime = pr.ndpr_vltime; 606 prfl->pr.ndpr_pltime = pr.ndpr_pltime; 607 prfl->pr.ndpr_expire = pr.ndpr_expire; 608 prfl->pr.ndpr_base_calendartime = 609 pr.ndpr_base_calendartime; 610 prfl->pr.ndpr_base_uptime = pr.ndpr_base_uptime; 611 prfl->pr.ndpr_stateflags = pr.ndpr_stateflags; 612 prfl->pr.ndpr_addrcnt = pr.ndpr_addrcnt; 613 prfl->pr.ndpr_ifp = pr.ndpr_ifp; 614 615 prfl->next = nd_prefix_list_head; 616 nd_prefix_list_head = prfl; 617 nd_prefix_list_length++; 618 } 619 } 620 621 /* 622 * MTU 623 */ 624 if (ndopts.nd_opts_mtu && ndopts.nd_opts_mtu->nd_opt_mtu_len == 1) { 625 mtu = ntohl(ndopts.nd_opts_mtu->nd_opt_mtu_mtu); 626 627 /* lower bound */ 628 if (mtu < IPV6_MMTU) { 629 nd6log((LOG_INFO, "nd6_ra_input: bogus mtu option " 630 "mtu=%d sent from %s, ignoring\n", 631 mtu, ip6_sprintf(&ip6->ip6_src))); 632 goto skip; 633 } 634 635 lck_rw_lock_shared(nd_if_rwlock); 636 if (ifp->if_index >= nd_ifinfo_indexlim) { 637 lck_rw_done(nd_if_rwlock); 638 goto freeit; 639 } 640 ndi = &nd_ifinfo[ifp->if_index]; 641 VERIFY(ndi->initialized); 642 lck_mtx_lock(&ndi->lock); 643 /* upper bound */ 644 if (ndi->maxmtu) { 645 if (mtu <= ndi->maxmtu) { 646 int change = (ndi->linkmtu != mtu); 647 648 ndi->linkmtu = mtu; 649 lck_mtx_unlock(&ndi->lock); 650 lck_rw_done(nd_if_rwlock); 651 if (change) /* in6_maxmtu may change */ 652 in6_setmaxmtu(); 653 } else { 654 nd6log((LOG_INFO, "nd6_ra_input: bogus mtu " 655 "mtu=%d sent from %s; " 656 "exceeds maxmtu %d, ignoring\n", 657 mtu, ip6_sprintf(&ip6->ip6_src), 658 ndi->maxmtu)); 659 lck_mtx_unlock(&ndi->lock); 660 lck_rw_done(nd_if_rwlock); 661 } 662 } else { 663 lck_mtx_unlock(&ndi->lock); 664 lck_rw_done(nd_if_rwlock); 665 nd6log((LOG_INFO, "nd6_ra_input: mtu option " 666 "mtu=%d sent from %s; maxmtu unknown, " 667 "ignoring\n", 668 mtu, ip6_sprintf(&ip6->ip6_src))); 669 } 670 ndi = NULL; 671 } 672 673skip: 674 675 /* 676 * Source link layer address 677 */ 678 if (ndopts.nd_opts_src_lladdr) { 679 lladdr = (char *)(ndopts.nd_opts_src_lladdr + 1); 680 lladdrlen = ndopts.nd_opts_src_lladdr->nd_opt_len << 3; 681 } 682 683 if (lladdr && ((ifp->if_addrlen + 2 + 7) & ~7) != lladdrlen) { 684 nd6log((LOG_INFO, 685 "nd6_ra_input: lladdrlen mismatch for %s " 686 "(if %d, RA packet %d)\n", 687 ip6_sprintf(&saddr6), ifp->if_addrlen, lladdrlen - 2)); 688 goto bad; 689 } 690 691 nd6_cache_lladdr(ifp, &saddr6, lladdr, (int)lladdrlen, 692 ND_ROUTER_ADVERT, 0); 693 694 /* Post message */ 695 nd6_post_msg(KEV_ND6_RA, nd_prefix_list_head, nd_prefix_list_length, 696 mtu, lladdr, lladdrlen); 697 698 /* 699 * Installing a link-layer address might change the state of the 700 * router's neighbor cache, which might also affect our on-link 701 * detection of adveritsed prefixes. 702 */ 703 lck_mtx_lock(nd6_mutex); 704 pfxlist_onlink_check(); 705 lck_mtx_unlock(nd6_mutex); 706 707freeit: 708 m_freem(m); 709 if (dr) 710 NDDR_REMREF(dr); 711 712 prfl = NULL; 713 while ((prfl = nd_prefix_list_head) != NULL) { 714 nd_prefix_list_head = prfl->next; 715 FREE(prfl, M_TEMP); 716 } 717 718 return; 719 720bad: 721 icmp6stat.icp6s_badra++; 722 goto freeit; 723} 724 725/* 726 * default router list proccessing sub routines 727 */ 728 729/* tell the change to user processes watching the routing socket. */ 730static void 731nd6_rtmsg(cmd, rt) 732 int cmd; 733 struct rtentry *rt; 734{ 735 struct rt_addrinfo info; 736 struct ifnet *ifp = rt->rt_ifp; 737 738 RT_LOCK_ASSERT_HELD(rt); 739 740 bzero((caddr_t)&info, sizeof (info)); 741 /* It's not necessary to lock ifp for if_lladdr */ 742 info.rti_info[RTAX_DST] = rt_key(rt); 743 info.rti_info[RTAX_GATEWAY] = rt->rt_gateway; 744 info.rti_info[RTAX_NETMASK] = rt_mask(rt); 745 /* 746 * ifa_addr pointers for both should always be valid 747 * in this context; no need to hold locks. 748 */ 749 info.rti_info[RTAX_IFP] = ifp->if_lladdr->ifa_addr; 750 info.rti_info[RTAX_IFA] = rt->rt_ifa->ifa_addr; 751 752 rt_missmsg(cmd, &info, rt->rt_flags, 0); 753} 754 755static void 756defrouter_addreq(struct nd_defrouter *new, boolean_t scoped) 757{ 758 struct sockaddr_in6 def, mask, gate; 759 struct rtentry *newrt = NULL; 760 unsigned int ifscope; 761 int err; 762 763 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED); 764 NDDR_LOCK_ASSERT_NOTHELD(new); 765 /* 766 * We're free to lock and unlock NDDR because our callers 767 * are holding an extra reference for us. 768 */ 769 770 NDDR_LOCK(new); 771 if (new->stateflags & NDDRF_INSTALLED) 772 goto out; 773 774 if (new->ifp->if_eflags & IFEF_IPV6_ROUTER) { 775 nd6log2((LOG_INFO, "%s: ignoring router %s, scoped=%d, " 776 "static=%d on advertising interface\n", if_name(new->ifp), 777 ip6_sprintf(&new->rtaddr), scoped, 778 (new->stateflags & NDDRF_STATIC) ? 1 : 0)); 779 goto out; 780 } 781 782 nd6log2((LOG_INFO, "%s: adding default router %s, scoped=%d, " 783 "static=%d\n", if_name(new->ifp), ip6_sprintf(&new->rtaddr), 784 scoped, (new->stateflags & NDDRF_STATIC) ? 1 : 0)); 785 786 Bzero(&def, sizeof (def)); 787 Bzero(&mask, sizeof (mask)); 788 Bzero(&gate, sizeof (gate)); 789 790 def.sin6_len = mask.sin6_len = gate.sin6_len 791 = sizeof (struct sockaddr_in6); 792 def.sin6_family = mask.sin6_family = gate.sin6_family = AF_INET6; 793 gate.sin6_addr = new->rtaddr; 794 795 ifscope = scoped ? new->ifp->if_index : IFSCOPE_NONE; 796 NDDR_UNLOCK(new); 797 798 err = rtrequest_scoped(RTM_ADD, (struct sockaddr *)&def, 799 (struct sockaddr *)&gate, (struct sockaddr *)&mask, 800 RTF_GATEWAY, &newrt, ifscope); 801 802 if (newrt) { 803 RT_LOCK(newrt); 804 nd6_rtmsg(RTM_ADD, newrt); /* tell user process */ 805 RT_REMREF_LOCKED(newrt); 806 RT_UNLOCK(newrt); 807 NDDR_LOCK(new); 808 new->stateflags |= NDDRF_INSTALLED; 809 if (ifscope != IFSCOPE_NONE) 810 new->stateflags |= NDDRF_IFSCOPE; 811 new->genid = nd6_defrouter_genid; 812 } else { 813 nd6log((LOG_ERR, "%s: failed to add default router " 814 "%s on %s scoped %d (errno = %d)\n", __func__, 815 ip6_sprintf(&gate.sin6_addr), if_name(new->ifp), 816 (ifscope != IFSCOPE_NONE), err)); 817 NDDR_LOCK(new); 818 } 819 new->err = err; 820 821out: 822 NDDR_UNLOCK(new); 823} 824 825struct nd_defrouter * 826defrouter_lookup( 827 struct in6_addr *addr, 828 struct ifnet *ifp) 829{ 830 struct nd_defrouter *dr; 831 832 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 833 834 for (dr = TAILQ_FIRST(&nd_defrouter); dr; 835 dr = TAILQ_NEXT(dr, dr_entry)) { 836 NDDR_LOCK(dr); 837 if (dr->ifp == ifp && IN6_ARE_ADDR_EQUAL(addr, &dr->rtaddr)) { 838 NDDR_ADDREF_LOCKED(dr); 839 NDDR_UNLOCK(dr); 840 return (dr); 841 } 842 NDDR_UNLOCK(dr); 843 } 844 845 return (NULL); /* search failed */ 846} 847 848/* 849 * Remove the default route for a given router. 850 * This is just a subroutine function for defrouter_select(), and should 851 * not be called from anywhere else. 852 */ 853static void 854defrouter_delreq(struct nd_defrouter *dr) 855{ 856 struct sockaddr_in6 def, mask, gate; 857 struct rtentry *oldrt = NULL; 858 unsigned int ifscope; 859 int err; 860 861 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED); 862 NDDR_LOCK_ASSERT_NOTHELD(dr); 863 /* 864 * We're free to lock and unlock NDDR because our callers 865 * are holding an extra reference for us. 866 */ 867 NDDR_LOCK(dr); 868 /* ifp would be NULL for the "drany" case */ 869 if (dr->ifp != NULL && !(dr->stateflags & NDDRF_INSTALLED)) 870 goto out; 871 872 nd6log2((LOG_INFO, "%s: removing default router %s, scoped=%d, " 873 "static=%d\n", dr->ifp != NULL ? if_name(dr->ifp) : "ANY", 874 ip6_sprintf(&dr->rtaddr), (dr->stateflags & NDDRF_IFSCOPE) ? 1 : 0, 875 (dr->stateflags & NDDRF_STATIC) ? 1 : 0)); 876 877 Bzero(&def, sizeof (def)); 878 Bzero(&mask, sizeof (mask)); 879 Bzero(&gate, sizeof (gate)); 880 881 def.sin6_len = mask.sin6_len = gate.sin6_len 882 = sizeof (struct sockaddr_in6); 883 def.sin6_family = mask.sin6_family = gate.sin6_family = AF_INET6; 884 gate.sin6_addr = dr->rtaddr; 885 886 if (dr->ifp != NULL) { 887 ifscope = (dr->stateflags & NDDRF_IFSCOPE) ? 888 dr->ifp->if_index : IFSCOPE_NONE; 889 } else { 890 ifscope = IFSCOPE_NONE; 891 } 892 NDDR_UNLOCK(dr); 893 err = rtrequest_scoped(RTM_DELETE, 894 (struct sockaddr *)&def, (struct sockaddr *)&gate, 895 (struct sockaddr *)&mask, RTF_GATEWAY, &oldrt, ifscope); 896 897 if (oldrt) { 898 RT_LOCK(oldrt); 899 nd6_rtmsg(RTM_DELETE, oldrt); 900 RT_UNLOCK(oldrt); 901 rtfree(oldrt); 902 } else if (err != ESRCH) { 903 nd6log((LOG_ERR, "%s: failed to delete default router " 904 "%s on %s scoped %d (errno = %d)\n", __func__, 905 ip6_sprintf(&gate.sin6_addr), dr->ifp != NULL ? 906 if_name(dr->ifp) : "ANY", (ifscope != IFSCOPE_NONE), err)); 907 } 908 NDDR_LOCK(dr); 909 /* ESRCH means it's no longer in the routing table; ignore it */ 910 if (oldrt != NULL || err == ESRCH) { 911 dr->stateflags &= ~NDDRF_INSTALLED; 912 if (ifscope != IFSCOPE_NONE) 913 dr->stateflags &= ~NDDRF_IFSCOPE; 914 } 915 dr->err = 0; 916out: 917 NDDR_UNLOCK(dr); 918} 919 920 921/* 922 * remove all default routes from default router list 923 */ 924void 925defrouter_reset(void) 926{ 927 struct nd_defrouter *dr, drany; 928 929 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 930 931 dr = TAILQ_FIRST(&nd_defrouter); 932 while (dr) { 933 NDDR_LOCK(dr); 934 if (dr->stateflags & NDDRF_INSTALLED) { 935 NDDR_ADDREF_LOCKED(dr); 936 NDDR_UNLOCK(dr); 937 lck_mtx_unlock(nd6_mutex); 938 defrouter_delreq(dr); 939 lck_mtx_lock(nd6_mutex); 940 NDDR_REMREF(dr); 941 dr = TAILQ_FIRST(&nd_defrouter); 942 } else { 943 NDDR_UNLOCK(dr); 944 dr = TAILQ_NEXT(dr, dr_entry); 945 } 946 } 947 948 /* Nuke primary (non-scoped) default router */ 949 if (ip6_doscopedroute) { 950 bzero(&drany, sizeof (drany)); 951 lck_mtx_init(&drany.nddr_lock, ifa_mtx_grp, ifa_mtx_attr); 952 lck_mtx_unlock(nd6_mutex); 953 defrouter_delreq(&drany); 954 lck_mtx_destroy(&drany.nddr_lock, ifa_mtx_grp); 955 lck_mtx_lock(nd6_mutex); 956 } 957 958} 959 960int 961defrtrlist_ioctl(u_long cmd, caddr_t data) 962{ 963 struct nd_defrouter dr0; 964 unsigned int ifindex; 965 struct ifnet *dr_ifp; 966 int error = 0, add = 0; 967 968 switch (cmd) { 969 case SIOCDRADD_IN6_32: /* struct in6_defrouter_32 */ 970 case SIOCDRADD_IN6_64: /* struct in6_defrouter_64 */ 971 ++add; 972 /* FALLTHRU */ 973 case SIOCDRDEL_IN6_32: /* struct in6_defrouter_32 */ 974 case SIOCDRDEL_IN6_64: /* struct in6_defrouter_64 */ 975 bzero(&dr0, sizeof (dr0)); 976 if (cmd == SIOCDRADD_IN6_64 || cmd == SIOCDRDEL_IN6_64) { 977 struct in6_defrouter_64 *r_64 = 978 (struct in6_defrouter_64 *)(void *)data; 979 u_int16_t i; 980 981 bcopy(&r_64->rtaddr.sin6_addr, &dr0.rtaddr, 982 sizeof (dr0.rtaddr)); 983 dr0.flags = r_64->flags; 984 bcopy(&r_64->if_index, &i, sizeof (i)); 985 ifindex = i; 986 } else { 987 struct in6_defrouter_32 *r_32 = 988 (struct in6_defrouter_32 *)(void *)data; 989 u_int16_t i; 990 991 bcopy(&r_32->rtaddr.sin6_addr, &dr0.rtaddr, 992 sizeof (dr0.rtaddr)); 993 dr0.flags = r_32->flags; 994 bcopy(&r_32->if_index, &i, sizeof (i)); 995 ifindex = i; 996 } 997 ifnet_head_lock_shared(); 998 /* Don't need to check is ifindex is < 0 since it's unsigned */ 999 if (if_index < ifindex || 1000 (dr_ifp = ifindex2ifnet[ifindex]) == NULL) { 1001 ifnet_head_done(); 1002 error = EINVAL; 1003 break; 1004 } 1005 dr0.ifp = dr_ifp; 1006 ifnet_head_done(); 1007 1008 if (IN6_IS_SCOPE_EMBED(&dr0.rtaddr)) { 1009 uint16_t *scope = &dr0.rtaddr.s6_addr16[1]; 1010 1011 if (*scope == 0) { 1012 *scope = htons(dr_ifp->if_index); 1013 } else if (*scope != htons(dr_ifp->if_index)) { 1014 error = EINVAL; 1015 break; 1016 } 1017 } 1018 1019 if (add) 1020 error = defrtrlist_add_static(&dr0); 1021 if (!add || error != 0) { 1022 int err = defrtrlist_del_static(&dr0); 1023 if (!add) 1024 error = err; 1025 } 1026 break; 1027 1028 default: 1029 error = EOPNOTSUPP; /* check for safety */ 1030 break; 1031 } 1032 1033 return (error); 1034} 1035 1036void 1037defrtrlist_del(struct nd_defrouter *dr) 1038{ 1039 struct nd_defrouter *deldr = NULL; 1040 struct nd_prefix *pr; 1041 struct ifnet *ifp = dr->ifp; 1042 boolean_t resetmtu; 1043 1044 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 1045 1046 if (!ip6_doscopedroute && dr == TAILQ_FIRST(&nd_defrouter)) 1047 deldr = dr; /* The router is primary. */ 1048 1049 TAILQ_REMOVE(&nd_defrouter, dr, dr_entry); 1050 ++nd6_defrouter_genid; 1051 /* 1052 * Flush all the routing table entries that use the router 1053 * as a next hop. 1054 */ 1055 if (ip6_doscopedroute || !ip6_forwarding) { 1056 /* above is a good condition? */ 1057 NDDR_ADDREF(dr); 1058 lck_mtx_unlock(nd6_mutex); 1059 rt6_flush(&dr->rtaddr, ifp); 1060 lck_mtx_lock(nd6_mutex); 1061 NDDR_REMREF(dr); 1062 } 1063 nd6log2((LOG_INFO, "%s: freeing defrouter %s\n", if_name(dr->ifp), 1064 ip6_sprintf(&dr->rtaddr))); 1065 /* 1066 * Delete it from the routing table. 1067 */ 1068 NDDR_ADDREF(dr); 1069 lck_mtx_unlock(nd6_mutex); 1070 defrouter_delreq(dr); 1071 lck_mtx_lock(nd6_mutex); 1072 NDDR_REMREF(dr); 1073 1074 /* 1075 * Also delete all the pointers to the router in each prefix lists. 1076 */ 1077 for (pr = nd_prefix.lh_first; pr; pr = pr->ndpr_next) { 1078 struct nd_pfxrouter *pfxrtr; 1079 1080 NDPR_LOCK(pr); 1081 if ((pfxrtr = pfxrtr_lookup(pr, dr)) != NULL) 1082 pfxrtr_del(pfxrtr, pr); 1083 NDPR_UNLOCK(pr); 1084 } 1085 1086 pfxlist_onlink_check(); 1087 1088 /* 1089 * If the router is the primary one, choose a new one. If Scoped 1090 * Routing is enabled, always try to pick another eligible router 1091 * on this interface. 1092 */ 1093 if (deldr || ip6_doscopedroute) 1094 defrouter_select(ifp); 1095 1096 resetmtu = FALSE; 1097 lck_rw_lock_shared(nd_if_rwlock); 1098 if (ifp->if_index < nd_ifinfo_indexlim) { 1099 struct nd_ifinfo *ndi = &nd_ifinfo[ifp->if_index]; 1100 VERIFY(ndi->initialized); 1101 lck_mtx_lock(&ndi->lock); 1102 VERIFY(ndi->ndefrouters >= 0); 1103 if (ndi->ndefrouters > 0 && --ndi->ndefrouters == 0) { 1104 nd6_ifreset(ifp); 1105 resetmtu = TRUE; 1106 } 1107 lck_mtx_unlock(&ndi->lock); 1108 } 1109 lck_rw_done(nd_if_rwlock); 1110 1111 if (resetmtu) 1112 nd6_setmtu(ifp); 1113 1114 NDDR_REMREF(dr); /* remove list reference */ 1115} 1116 1117int 1118defrtrlist_add_static(struct nd_defrouter *new) 1119{ 1120 struct nd_defrouter *dr; 1121 int err = 0; 1122 1123 new->rtlifetime = -1; 1124 new->stateflags |= NDDRF_STATIC; 1125 1126 /* we only want the preference level */ 1127 new->flags &= ND_RA_FLAG_RTPREF_MASK; 1128 1129 lck_mtx_lock(nd6_mutex); 1130 dr = defrouter_lookup(&new->rtaddr, new->ifp); 1131 if (dr != NULL && !(dr->stateflags & NDDRF_STATIC)) { 1132 err = EINVAL; 1133 } else { 1134 if (dr != NULL) 1135 NDDR_REMREF(dr); 1136 dr = defrtrlist_update(new); 1137 if (dr != NULL) 1138 err = dr->err; 1139 else 1140 err = ENOMEM; 1141 } 1142 if (dr != NULL) 1143 NDDR_REMREF(dr); 1144 lck_mtx_unlock(nd6_mutex); 1145 1146 return (err); 1147} 1148 1149int 1150defrtrlist_del_static(struct nd_defrouter *new) 1151{ 1152 struct nd_defrouter *dr; 1153 1154 lck_mtx_lock(nd6_mutex); 1155 dr = defrouter_lookup(&new->rtaddr, new->ifp); 1156 if (dr == NULL || !(dr->stateflags & NDDRF_STATIC)) { 1157 if (dr != NULL) 1158 NDDR_REMREF(dr); 1159 dr = NULL; 1160 } else { 1161 defrtrlist_del(dr); 1162 NDDR_REMREF(dr); 1163 } 1164 lck_mtx_unlock(nd6_mutex); 1165 1166 return (dr != NULL ? 0 : EINVAL); 1167} 1168 1169/* 1170 * for default router selection 1171 * regards router-preference field as a 2-bit signed integer 1172 */ 1173static int 1174rtpref(struct nd_defrouter *dr) 1175{ 1176 switch (dr->flags & ND_RA_FLAG_RTPREF_MASK) { 1177 case ND_RA_FLAG_RTPREF_HIGH: 1178 return (RTPREF_HIGH); 1179 case ND_RA_FLAG_RTPREF_MEDIUM: 1180 case ND_RA_FLAG_RTPREF_RSV: 1181 return (RTPREF_MEDIUM); 1182 case ND_RA_FLAG_RTPREF_LOW: 1183 return (RTPREF_LOW); 1184 default: 1185 /* 1186 * This case should never happen. If it did, it would mean a 1187 * serious bug of kernel internal. We thus always bark here. 1188 * Or, can we even panic? 1189 */ 1190 log(LOG_ERR, "rtpref: impossible RA flag %x\n", dr->flags); 1191 return (RTPREF_INVALID); 1192 } 1193 /* NOTREACHED */ 1194} 1195 1196/* 1197 * Default Router Selection according to Section 6.3.6 of RFC 2461 and RFC 4191: 1198 * 1199 * 1) Routers that are reachable or probably reachable should be preferred. 1200 * If we have more than one (probably) reachable router, prefer ones 1201 * with the highest router preference. 1202 * 2) When no routers on the list are known to be reachable or 1203 * probably reachable, routers SHOULD be selected in a round-robin 1204 * fashion, regardless of router preference values. 1205 * 3) If the Default Router List is empty, assume that all 1206 * destinations are on-link. 1207 * 1208 * When Scoped Routing is enabled, the selection logic is amended as follows: 1209 * 1210 * a) When a default interface is specified, the primary/non-scoped default 1211 * router will be set to the reachable router on that link (if any) with 1212 * the highest router preference. 1213 * b) When there are more than one routers on the same link, the one with 1214 * the highest router preference will be installed, either as scoped or 1215 * non-scoped route entry. If they all share the same preference value, 1216 * the one installed will be the static or the first encountered reachable 1217 * router, i.e. static one wins over dynamic. 1218 * c) When no routers on the list are known to be reachable, or probably 1219 * reachable, no round-robin selection will take place when the default 1220 * interface is set. 1221 * 1222 * We assume nd_defrouter is sorted by router preference value. 1223 * Since the code below covers both with and without router preference cases, 1224 * we do not need to classify the cases by ifdef. 1225 */ 1226void 1227defrouter_select(struct ifnet *ifp) 1228{ 1229#pragma unused(ifp) 1230 struct nd_defrouter *dr, *selected_dr = NULL, *installed_dr = NULL; 1231 struct nd_defrouter *installed_dr0 = NULL; 1232 struct rtentry *rt = NULL; 1233 struct llinfo_nd6 *ln = NULL; 1234 int update = 0; 1235 boolean_t found_installedrt = FALSE; 1236 1237 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 1238 1239 /* 1240 * We no longer install (default) interface route; only prefix routes 1241 * are installed as interface routes. Therefore, there is no harm in 1242 * going through this routine even if a default interface is specified, 1243 * which happens when Scoped Routing is enabled. But for efficiency, 1244 * we fall back to the original KAME logic when Scoped Routing is 1245 * not in effect. 1246 */ 1247 if (ip6_forwarding && !ip6_doscopedroute) { 1248 nd6log((LOG_WARNING, 1249 "defrouter_select: called unexpectedly (forwarding=%d)\n", 1250 ip6_forwarding)); 1251 return; 1252 } 1253 1254 /* 1255 * Let's handle easy case (3) first: 1256 * If default router list is empty, there's nothing to be done. 1257 */ 1258 if (!TAILQ_FIRST(&nd_defrouter)) 1259 return; 1260 1261 /* 1262 * Due to the number of times we drop nd6_mutex, we need to 1263 * serialize this function. 1264 */ 1265 while (nd_defrouter_busy) { 1266 nd_defrouter_waiters++; 1267 msleep(nd_defrouter_waitchan, nd6_mutex, (PZERO-1), 1268 __func__, NULL); 1269 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 1270 } 1271 nd_defrouter_busy = TRUE; 1272 1273 /* 1274 * Search for a (probably) reachable router from the list. 1275 * We just pick up the first reachable one (if any), assuming that 1276 * the ordering rule of the list described in defrtrlist_update(). 1277 * 1278 * For all intents and purposes of Scoped Routing: 1279 * selected_dr = candidate for primary router 1280 * installed_dr = currently installed primary router 1281 */ 1282 for (dr = TAILQ_FIRST(&nd_defrouter); dr; 1283 dr = TAILQ_NEXT(dr, dr_entry)) { 1284 boolean_t reachable, advrouter; 1285 struct in6_addr rtaddr; 1286 struct ifnet *drifp; 1287 struct nd_defrouter *drrele; 1288 1289 drrele = NULL; 1290 reachable = FALSE; 1291 NDDR_LOCK(dr); 1292 rtaddr = *(&dr->rtaddr); 1293 drifp = dr->ifp; 1294 advrouter = (drifp != NULL && 1295 (drifp->if_eflags & IFEF_IPV6_ROUTER)); 1296 NDDR_ADDREF_LOCKED(dr); /* for this for loop */ 1297 NDDR_UNLOCK(dr); 1298 1299 lck_mtx_unlock(nd6_mutex); 1300 /* Callee returns a locked route upon success */ 1301 if ((rt = nd6_lookup(&rtaddr, 0, drifp, 0)) != NULL) { 1302 RT_LOCK_ASSERT_HELD(rt); 1303 if ((ln = rt->rt_llinfo) != NULL && 1304 ND6_IS_LLINFO_PROBREACH(ln)) { 1305 reachable = TRUE; 1306 if (selected_dr == NULL && 1307 (!ip6_doscopedroute || 1308 (drifp == nd6_defifp && !advrouter))) { 1309 selected_dr = dr; 1310 NDDR_ADDREF(selected_dr); 1311 } 1312 } 1313 RT_REMREF_LOCKED(rt); 1314 RT_UNLOCK(rt); 1315 rt = NULL; 1316 } 1317 lck_mtx_lock(nd6_mutex); 1318 1319 /* Handle case (b) */ 1320 NDDR_LOCK(dr); 1321 if (ip6_doscopedroute && drifp == nd6_defifp && !advrouter && 1322 (selected_dr == NULL || rtpref(dr) > rtpref(selected_dr) || 1323 (rtpref(dr) == rtpref(selected_dr) && 1324 (dr->stateflags & NDDRF_STATIC) && 1325 !(selected_dr->stateflags & NDDRF_STATIC)))) { 1326 if (selected_dr) { 1327 /* Release it later on */ 1328 VERIFY(drrele == NULL); 1329 drrele = selected_dr; 1330 } 1331 selected_dr = dr; 1332 NDDR_ADDREF_LOCKED(selected_dr); 1333 } 1334 1335 if (!(dr->stateflags & NDDRF_INSTALLED)) { 1336 /* 1337 * If the router hasn't been installed and it is 1338 * reachable, try to install it later on below. 1339 * If it's static, try to install it anyway. 1340 */ 1341 if (!advrouter && (reachable || 1342 (dr->stateflags & NDDRF_STATIC))) { 1343 dr->genid = -1; 1344 ++update; 1345 nd6log2((LOG_INFO, "%s: possible router %s, " 1346 "scoped=%d, static=%d\n", if_name(drifp), 1347 ip6_sprintf(&rtaddr), 1348 (dr->stateflags & NDDRF_IFSCOPE) ? 1 : 0, 1349 (dr->stateflags & NDDRF_STATIC) ? 1 : 0)); 1350 } 1351 NDDR_UNLOCK(dr); 1352 NDDR_REMREF(dr); /* for this for loop */ 1353 if (drrele != NULL) 1354 NDDR_REMREF(drrele); 1355 continue; 1356 } 1357 1358 /* Record the currently installed primary/non-scoped router */ 1359 if (!ip6_doscopedroute || !(dr->stateflags & NDDRF_IFSCOPE)) { 1360 if (installed_dr == NULL) { 1361 installed_dr = dr; 1362 NDDR_ADDREF_LOCKED(installed_dr); 1363 } else { 1364 /* this should not happen; warn for diagnosis */ 1365 log(LOG_ERR, "defrouter_select: more than one " 1366 "%s default router is installed\n", 1367 ip6_doscopedroute ? "non-scoped" : ""); 1368 } 1369 } 1370 NDDR_UNLOCK(dr); 1371 NDDR_REMREF(dr); /* for this for loop */ 1372 if (drrele != NULL) 1373 NDDR_REMREF(drrele); 1374 } 1375 1376 /* If none was selected, use the currently installed one */ 1377 if (ip6_doscopedroute && selected_dr == NULL && installed_dr != NULL) { 1378 selected_dr = installed_dr; 1379 NDDR_ADDREF(selected_dr); 1380 } 1381 1382 /* 1383 * Install the unreachable one(s) if necesssary. 1384 */ 1385 for (dr = TAILQ_FIRST(&nd_defrouter); dr; 1386 dr = TAILQ_NEXT(dr, dr_entry)) { 1387 struct nd_defrouter *_dr; 1388 1389 if (!ip6_doscopedroute) 1390 break; 1391 1392 NDDR_LOCK(dr); 1393 1394 /* If already (or will be) installed, skip */ 1395 if ((dr->stateflags & NDDRF_INSTALLED) || dr->genid == -1) { 1396 NDDR_UNLOCK(dr); 1397 continue; 1398 } 1399 1400 /* See if there is already a default router for the link */ 1401 for (_dr = TAILQ_FIRST(&nd_defrouter); _dr; 1402 _dr = TAILQ_NEXT(_dr, dr_entry)) { 1403 if (_dr != dr) 1404 NDDR_LOCK(_dr); 1405 if (_dr == dr || _dr->ifp != dr->ifp) { 1406 if (_dr != dr) 1407 NDDR_UNLOCK(_dr); 1408 continue; 1409 } 1410 1411 if ((_dr->stateflags & NDDRF_INSTALLED) || 1412 _dr->genid == -1) { 1413 if (_dr != dr) 1414 NDDR_UNLOCK(_dr); 1415 break; 1416 } 1417 if (_dr != dr) 1418 NDDR_UNLOCK(_dr); 1419 } 1420 1421 /* If none so far, schedule it to be installed below */ 1422 if (_dr == NULL && dr->ifp != NULL && 1423 !(dr->ifp->if_eflags & IFEF_IPV6_ROUTER)) { 1424 dr->genid = -1; 1425 ++update; 1426 nd6log2((LOG_INFO, "%s: possible router %s, " 1427 "static=%d (unreachable)\n", if_name(dr->ifp), 1428 ip6_sprintf(&dr->rtaddr), 1429 (dr->stateflags & NDDRF_STATIC) ? 1 : 0)); 1430 } 1431 NDDR_UNLOCK(dr); 1432 } 1433 1434 dr = selected_dr; 1435 if (dr != NULL) { 1436 nd6log2((LOG_INFO, "%s: considering primary default router %s, " 1437 "static=%d [round 1]\n", if_name(dr->ifp), 1438 ip6_sprintf(&dr->rtaddr), 1439 (dr->stateflags & NDDRF_STATIC) ? 1 : 0)); 1440 } 1441 1442 /* 1443 * If none of the default routers was found to be reachable, 1444 * round-robin the list regardless of preference, except when 1445 * Scoped Routing is enabled per case (c). 1446 * 1447 * Otherwise, if we have an installed router, check if the selected 1448 * (reachable) router should really be preferred to the installed one. 1449 * We only prefer the new router when the old one is not reachable 1450 * or when the new one has a really higher preference value. 1451 */ 1452 if (!ip6_doscopedroute && selected_dr == NULL) { 1453 if (installed_dr == NULL || 1454 !TAILQ_NEXT(installed_dr, dr_entry)) { 1455 selected_dr = TAILQ_FIRST(&nd_defrouter); 1456 if (selected_dr) 1457 NDDR_ADDREF(selected_dr); 1458 } else { 1459 selected_dr = TAILQ_NEXT(installed_dr, dr_entry); 1460 if (selected_dr) 1461 NDDR_ADDREF(selected_dr); 1462 } 1463 } else if (selected_dr != NULL && installed_dr != NULL) { 1464 lck_mtx_unlock(nd6_mutex); 1465 rt = nd6_lookup(&installed_dr->rtaddr, 0, installed_dr->ifp, 0); 1466 if (rt) { 1467 RT_LOCK_ASSERT_HELD(rt); 1468 if ((ln = (struct llinfo_nd6 *)rt->rt_llinfo) && 1469 ND6_IS_LLINFO_PROBREACH(ln) && 1470 (!ip6_doscopedroute || 1471 installed_dr->ifp == nd6_defifp) && 1472 rtpref(selected_dr) <= rtpref(installed_dr)) { 1473 NDDR_REMREF(selected_dr); 1474 selected_dr = installed_dr; 1475 NDDR_ADDREF(selected_dr); 1476 } 1477 RT_REMREF_LOCKED(rt); 1478 RT_UNLOCK(rt); 1479 rt = NULL; 1480 found_installedrt = TRUE; 1481 } 1482 lck_mtx_lock(nd6_mutex); 1483 } 1484 1485 if (ip6_doscopedroute) { 1486 /* 1487 * If the installed primary router is not on the current 1488 * IPv6 default interface, demote it to a scoped entry. 1489 */ 1490 if (installed_dr != NULL && installed_dr->ifp != nd6_defifp && 1491 !(installed_dr->stateflags & NDDRF_IFSCOPE)) { 1492 if (selected_dr != NULL && 1493 selected_dr->ifp != nd6_defifp) { 1494 NDDR_REMREF(selected_dr); 1495 selected_dr = NULL; 1496 } 1497 ++update; 1498 } 1499 1500 /* 1501 * If the selected router is currently scoped, make sure 1502 * we update (it needs to be promoted to primary.) 1503 */ 1504 if (selected_dr != NULL && 1505 (selected_dr->stateflags & NDDRF_IFSCOPE)) 1506 ++update; 1507 1508 /* 1509 * If the installed router is no longe reachable, remove 1510 * it and install the selected router instead. 1511 */ 1512 if (installed_dr != NULL && selected_dr != NULL && 1513 installed_dr != selected_dr && found_installedrt == FALSE) { 1514 installed_dr0 = installed_dr; /* skip it below */ 1515 /* NB: we previousled referenced installed_dr */ 1516 installed_dr = NULL; 1517 selected_dr->genid = -1; 1518 ++update; 1519 } 1520 } 1521 1522 /* 1523 * If Scoped Routing is enabled and there's nothing to update, 1524 * just return. Otherwise, if Scoped Routing is disabled and if 1525 * the selected router is different than the installed one, 1526 * remove the installed router and install the selected one. 1527 */ 1528 dr = selected_dr; 1529 VERIFY(dr != NULL || ip6_doscopedroute); 1530 if (!ip6_doscopedroute || !update) { 1531 if (dr == NULL) 1532 goto out; 1533 1534 if (dr != installed_dr) { 1535 nd6log2((LOG_INFO, "%s: no update, selected router %s, " 1536 "installed router %s\n", if_name(dr->ifp), 1537 ip6_sprintf(&dr->rtaddr), installed_dr != NULL ? 1538 ip6_sprintf(&installed_dr->rtaddr) : "NONE")); 1539 } else { 1540 nd6log2((LOG_INFO, "%s: no update, router is %s\n", 1541 if_name(dr->ifp), ip6_sprintf(&dr->rtaddr))); 1542 } 1543 if (!ip6_doscopedroute && installed_dr != dr) { 1544 /* 1545 * No need to ADDREF dr because at this point 1546 * dr points to selected_dr, which already holds 1547 * a reference. 1548 */ 1549 lck_mtx_unlock(nd6_mutex); 1550 if (installed_dr) { 1551 defrouter_delreq(installed_dr); 1552 } 1553 defrouter_addreq(dr, FALSE); 1554 lck_mtx_lock(nd6_mutex); 1555 } 1556 goto out; 1557 } 1558 1559 /* 1560 * Scoped Routing is enabled and we need to update. The selected 1561 * router needs to be installed as primary/non-scoped entry. If 1562 * there is any existing entry that is non-scoped, remove it from 1563 * the routing table and reinstall it as scoped entry. 1564 */ 1565 if (dr != NULL) { 1566 nd6log2((LOG_INFO, "%s: considering primary default router %s, " 1567 "static=%d [round 2]\n", if_name(dr->ifp), 1568 ip6_sprintf(&dr->rtaddr), 1569 (dr->stateflags & NDDRF_STATIC) ? 1 : 0)); 1570 } 1571 1572 /* 1573 * On the following while loops we use two flags: 1574 * dr->genid 1575 * NDDRF_PROCESSED 1576 * 1577 * genid is used to skip entries that are not to be added/removed on the 1578 * second while loop. 1579 * NDDRF_PROCESSED is used to skip entries that were already 1580 * processed. 1581 * This is necessary because we drop the nd6_mutex and start the while 1582 * loop again. 1583 */ 1584 TAILQ_FOREACH(dr, &nd_defrouter, dr_entry) { 1585 NDDR_LOCK(dr); 1586 VERIFY((dr->stateflags & NDDRF_PROCESSED) == 0); 1587 NDDR_UNLOCK(dr); 1588 } 1589 /* Remove conflicting entries */ 1590 dr = TAILQ_FIRST(&nd_defrouter); 1591 while (dr) { 1592 NDDR_LOCK(dr); 1593 if (!(dr->stateflags & NDDRF_INSTALLED) || 1594 dr->stateflags & NDDRF_PROCESSED) { 1595 NDDR_UNLOCK(dr); 1596 dr = TAILQ_NEXT(dr, dr_entry); 1597 continue; 1598 } 1599 dr->stateflags |= NDDRF_PROCESSED; 1600 1601 /* A NULL selected_dr will remove primary default route */ 1602 if ((dr == selected_dr && (dr->stateflags & NDDRF_IFSCOPE)) || 1603 (dr != selected_dr && !(dr->stateflags & NDDRF_IFSCOPE))) { 1604 NDDR_ADDREF_LOCKED(dr); 1605 NDDR_UNLOCK(dr); 1606 lck_mtx_unlock(nd6_mutex); 1607 defrouter_delreq(dr); 1608 lck_mtx_lock(nd6_mutex); 1609 NDDR_LOCK(dr); 1610 if (dr && dr != installed_dr0) 1611 dr->genid = -1; 1612 NDDR_UNLOCK(dr); 1613 NDDR_REMREF(dr); 1614 /* 1615 * Since we lost nd6_mutex, we have to start over. 1616 */ 1617 dr = TAILQ_FIRST(&nd_defrouter); 1618 continue; 1619 } 1620 NDDR_UNLOCK(dr); 1621 dr = TAILQ_NEXT(dr, dr_entry); 1622 } 1623 1624 /* -1 is a special number, make sure we don't use it for genid */ 1625 if (++nd6_defrouter_genid == -1) 1626 nd6_defrouter_genid = 1; 1627 1628 TAILQ_FOREACH(dr, &nd_defrouter, dr_entry) { 1629 NDDR_LOCK(dr); 1630 dr->stateflags &= ~NDDRF_PROCESSED; 1631 NDDR_UNLOCK(dr); 1632 } 1633 /* Add the entries back */ 1634 dr = TAILQ_FIRST(&nd_defrouter); 1635 while (dr) { 1636 struct nd_defrouter *_dr; 1637 1638 NDDR_LOCK(dr); 1639 if (dr->stateflags & NDDRF_PROCESSED || 1640 dr->genid != -1) { 1641 NDDR_UNLOCK(dr); 1642 dr = TAILQ_NEXT(dr, dr_entry); 1643 continue; 1644 } 1645 dr->stateflags |= NDDRF_PROCESSED; 1646 1647 /* Handle case (b) */ 1648 for (_dr = TAILQ_FIRST(&nd_defrouter); _dr; 1649 _dr = TAILQ_NEXT(_dr, dr_entry)) { 1650 if (_dr == dr) 1651 continue; 1652 /* 1653 * This is safe because we previously checked if 1654 * _dr == dr. 1655 */ 1656 NDDR_LOCK(_dr); 1657 if (_dr->ifp == dr->ifp && rtpref(_dr) >= rtpref(dr) && 1658 (_dr->stateflags & NDDRF_INSTALLED)) { 1659 NDDR_ADDREF_LOCKED(_dr); 1660 NDDR_UNLOCK(_dr); 1661 break; 1662 } 1663 NDDR_UNLOCK(_dr); 1664 } 1665 1666 /* If same preference and i/f, static entry takes precedence */ 1667 if (_dr != NULL && rtpref(_dr) == rtpref(dr) && 1668 !(_dr->stateflags & NDDRF_STATIC) && 1669 (dr->stateflags & NDDRF_STATIC)) { 1670 lck_mtx_unlock(nd6_mutex); 1671 defrouter_delreq(_dr); 1672 lck_mtx_lock(nd6_mutex); 1673 NDDR_REMREF(_dr); 1674 _dr = NULL; 1675 } 1676 1677 if (_dr == NULL && !(dr->stateflags & NDDRF_INSTALLED)) { 1678 NDDR_ADDREF_LOCKED(dr); 1679 NDDR_UNLOCK(dr); 1680 lck_mtx_unlock(nd6_mutex); 1681 defrouter_addreq(dr, (selected_dr == NULL || 1682 dr->ifp != selected_dr->ifp)); 1683 dr->genid = nd6_defrouter_genid; 1684 lck_mtx_lock(nd6_mutex); 1685 NDDR_REMREF(dr); 1686 /* 1687 * Since we lost nd6_mutex, we have to start over. 1688 */ 1689 dr = TAILQ_FIRST(&nd_defrouter); 1690 continue; 1691 } 1692 NDDR_UNLOCK(dr); 1693 dr = TAILQ_NEXT(dr, dr_entry); 1694 } 1695out: 1696 TAILQ_FOREACH(dr, &nd_defrouter, dr_entry) { 1697 NDDR_LOCK(dr); 1698 dr->stateflags &= ~NDDRF_PROCESSED; 1699 NDDR_UNLOCK(dr); 1700 } 1701 if (selected_dr) 1702 NDDR_REMREF(selected_dr); 1703 if (installed_dr) 1704 NDDR_REMREF(installed_dr); 1705 if (installed_dr0) 1706 NDDR_REMREF(installed_dr0); 1707 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 1708 VERIFY(nd_defrouter_busy); 1709 nd_defrouter_busy = FALSE; 1710 if (nd_defrouter_waiters > 0) { 1711 nd_defrouter_waiters = 0; 1712 wakeup(nd_defrouter_waitchan); 1713 } 1714} 1715 1716static struct nd_defrouter * 1717defrtrlist_update_common(struct nd_defrouter *new, boolean_t scoped) 1718{ 1719 struct nd_defrouter *dr, *n; 1720 struct ifnet *ifp = new->ifp; 1721 struct nd_ifinfo *ndi = NULL; 1722 struct timeval caltime; 1723 1724 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 1725 1726 if ((dr = defrouter_lookup(&new->rtaddr, ifp)) != NULL) { 1727 /* entry exists */ 1728 if (new->rtlifetime == 0) { 1729 defrtrlist_del(dr); 1730 NDDR_REMREF(dr); 1731 dr = NULL; 1732 } else { 1733 int oldpref = rtpref(dr); 1734 1735 /* override */ 1736 dr->flags = new->flags; /* xxx flag check */ 1737 dr->rtlifetime = new->rtlifetime; 1738 dr->expire = new->expire; 1739 1740 /* 1741 * If the preference does not change, there's no need 1742 * to sort the entries. If Scoped Routing is enabled, 1743 * put the primary/non-scoped router at the top of the 1744 * list of routers in the same preference band, unless 1745 * it's already at that position. 1746 */ 1747 if (ip6_doscopedroute) { 1748 struct nd_defrouter *p = NULL; 1749 1750 /* same preference and scoped; just return */ 1751 if (rtpref(new) == oldpref && scoped) 1752 return (dr); 1753 1754 n = TAILQ_FIRST(&nd_defrouter); 1755 while (n != NULL) { 1756 /* preference changed; sort it */ 1757 if (rtpref(new) != oldpref) 1758 break; 1759 1760 /* not at the top of band; sort it */ 1761 if (n != dr && rtpref(n) == oldpref && 1762 (!p || rtpref(p) > rtpref(n))) 1763 break; 1764 1765 p = n; 1766 n = TAILQ_NEXT(n, dr_entry); 1767 } 1768 1769 /* nothing has changed, just return */ 1770 if (n == NULL && (scoped || 1771 !(dr->stateflags & NDDRF_IFSCOPE))) 1772 return (dr); 1773 } else if (rtpref(new) == oldpref) { 1774 return (dr); 1775 } 1776 1777 /* 1778 * preferred router may be changed, so relocate 1779 * this router. 1780 * XXX: calling TAILQ_REMOVE directly is a bad manner. 1781 * However, since defrtrlist_del() has many side 1782 * effects, we intentionally do so here. 1783 * defrouter_select() below will handle routing 1784 * changes later. 1785 */ 1786 TAILQ_REMOVE(&nd_defrouter, dr, dr_entry); 1787 new->stateflags = dr->stateflags; 1788 new->stateflags &= ~NDDRF_PROCESSED; 1789 1790 n = dr; 1791 goto insert; 1792 } 1793 return (dr); 1794 } 1795 1796 VERIFY(dr == NULL); 1797 1798 /* entry does not exist */ 1799 if (new->rtlifetime == 0) { 1800 return (NULL); 1801 } 1802 1803 n = nddr_alloc(M_WAITOK); 1804 if (n == NULL) { 1805 return (NULL); 1806 } 1807 1808 lck_rw_lock_shared(nd_if_rwlock); 1809 if (ifp->if_index >= nd_ifinfo_indexlim) 1810 goto freeit; 1811 ndi = &nd_ifinfo[ifp->if_index]; 1812 VERIFY(ndi->initialized); 1813 lck_mtx_lock(&ndi->lock); 1814 if (ip6_maxifdefrouters >= 0 && 1815 ndi->ndefrouters >= ip6_maxifdefrouters) { 1816 lck_mtx_unlock(&ndi->lock); 1817freeit: 1818 lck_rw_done(nd_if_rwlock); 1819 nddr_free(n); 1820 return (NULL); 1821 } 1822 1823 NDDR_ADDREF(n); /* for the nd_defrouter list */ 1824 NDDR_ADDREF(n); /* for the caller */ 1825 1826 ++nd6_defrouter_genid; 1827 ndi->ndefrouters++; 1828 VERIFY(ndi->ndefrouters != 0); 1829 lck_mtx_unlock(&ndi->lock); 1830 lck_rw_done(nd_if_rwlock); 1831 1832 nd6log2((LOG_INFO, "%s: allocating defrouter %s\n", if_name(ifp), 1833 ip6_sprintf(&new->rtaddr))); 1834 1835 getmicrotime(&caltime); 1836 NDDR_LOCK(n); 1837 memcpy(&n->rtaddr, &new->rtaddr, sizeof (n->rtaddr)); 1838 n->flags = new->flags; 1839 n->stateflags = new->stateflags; 1840 n->stateflags &= ~NDDRF_PROCESSED; 1841 n->rtlifetime = new->rtlifetime; 1842 n->expire = new->expire; 1843 n->base_calendartime = caltime.tv_sec; 1844 n->base_uptime = net_uptime(); 1845 n->ifp = new->ifp; 1846 n->genid = new->genid; 1847 n->err = new->err; 1848 NDDR_UNLOCK(n); 1849insert: 1850 /* get nd6_service() to be scheduled as soon as it's convenient */ 1851 ++nd6_sched_timeout_want; 1852 1853 /* 1854 * Insert the new router in the Default Router List; 1855 * The Default Router List should be in the descending order 1856 * of router-preferece. When Scoped Routing is disabled, routers 1857 * with the same preference are sorted in the arriving time order; 1858 * otherwise, the first entry in the list of routers having the same 1859 * preference is the primary default router, when the interface used 1860 * by the entry is the default interface. 1861 */ 1862 1863 /* insert at the end of the group */ 1864 for (dr = TAILQ_FIRST(&nd_defrouter); dr; 1865 dr = TAILQ_NEXT(dr, dr_entry)) { 1866 if (rtpref(n) > rtpref(dr) || 1867 (ip6_doscopedroute && !scoped && rtpref(n) == rtpref(dr))) 1868 break; 1869 } 1870 if (dr) 1871 TAILQ_INSERT_BEFORE(dr, n, dr_entry); 1872 else 1873 TAILQ_INSERT_TAIL(&nd_defrouter, n, dr_entry); 1874 1875 defrouter_select(ifp); 1876 1877 return (n); 1878} 1879 1880static struct nd_defrouter * 1881defrtrlist_update(struct nd_defrouter *new) 1882{ 1883 struct nd_defrouter *dr; 1884 1885 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 1886 dr = defrtrlist_update_common(new, 1887 (nd6_defifp != NULL && new->ifp != nd6_defifp)); 1888 1889 return (dr); 1890} 1891 1892static void 1893defrtrlist_sync(struct ifnet *ifp) 1894{ 1895 struct nd_defrouter *dr, new; 1896 1897 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 1898 1899 if (!ip6_doscopedroute) { 1900 defrouter_select(ifp); 1901 return; 1902 } 1903 1904 for (dr = TAILQ_FIRST(&nd_defrouter); dr; 1905 dr = TAILQ_NEXT(dr, dr_entry)) { 1906 NDDR_LOCK(dr); 1907 if (dr->ifp == ifp && (dr->stateflags & NDDRF_INSTALLED)) 1908 break; 1909 NDDR_UNLOCK(dr); 1910 } 1911 1912 if (dr == NULL) { 1913 defrouter_select(ifp); 1914 } else { 1915 memcpy(&new.rtaddr, &dr->rtaddr, sizeof (new.rtaddr)); 1916 new.flags = dr->flags; 1917 new.stateflags = dr->stateflags; 1918 new.stateflags &= ~NDDRF_PROCESSED; 1919 new.rtlifetime = dr->rtlifetime; 1920 new.expire = dr->expire; 1921 new.ifp = dr->ifp; 1922 new.genid = dr->genid; 1923 new.err = dr->err; 1924 NDDR_UNLOCK(dr); 1925 dr = defrtrlist_update_common(&new, FALSE); 1926 if (dr) 1927 NDDR_REMREF(dr); 1928 } 1929} 1930 1931static struct nd_pfxrouter * 1932pfxrtr_lookup(struct nd_prefix *pr, struct nd_defrouter *dr) 1933{ 1934 struct nd_pfxrouter *search; 1935 1936 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 1937 NDPR_LOCK_ASSERT_HELD(pr); 1938 1939 for (search = pr->ndpr_advrtrs.lh_first; search; 1940 search = search->pfr_next) { 1941 if (search->router == dr) 1942 break; 1943 } 1944 1945 return (search); 1946} 1947 1948static void 1949pfxrtr_add(struct nd_prefix *pr, struct nd_defrouter *dr) 1950{ 1951 struct nd_pfxrouter *new; 1952 1953 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 1954 NDPR_LOCK_ASSERT_NOTHELD(pr); 1955 1956 new = zalloc(ndprtr_zone); 1957 if (new == NULL) 1958 return; 1959 bzero(new, sizeof (*new)); 1960 new->router = dr; 1961 1962 NDPR_LOCK(pr); 1963 LIST_INSERT_HEAD(&pr->ndpr_advrtrs, new, pfr_entry); 1964 pr->ndpr_genid++; 1965 NDPR_UNLOCK(pr); 1966 1967 pfxlist_onlink_check(); 1968} 1969 1970static void 1971pfxrtr_del(struct nd_pfxrouter *pfr, struct nd_prefix *pr) 1972{ 1973 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 1974 NDPR_LOCK_ASSERT_HELD(pr); 1975 pr->ndpr_genid++; 1976 LIST_REMOVE(pfr, pfr_entry); 1977 zfree(ndprtr_zone, pfr); 1978} 1979 1980struct nd_prefix * 1981nd6_prefix_lookup(struct nd_prefix *pr) 1982{ 1983 struct nd_prefix *search; 1984 1985 lck_mtx_lock(nd6_mutex); 1986 for (search = nd_prefix.lh_first; search; search = search->ndpr_next) { 1987 NDPR_LOCK(search); 1988 if (pr->ndpr_ifp == search->ndpr_ifp && 1989 pr->ndpr_plen == search->ndpr_plen && 1990 in6_are_prefix_equal(&pr->ndpr_prefix.sin6_addr, 1991 &search->ndpr_prefix.sin6_addr, pr->ndpr_plen)) { 1992 NDPR_ADDREF_LOCKED(search); 1993 NDPR_UNLOCK(search); 1994 break; 1995 } 1996 NDPR_UNLOCK(search); 1997 } 1998 lck_mtx_unlock(nd6_mutex); 1999 2000 return (search); 2001} 2002 2003static void 2004purge_detached(struct ifnet *ifp) 2005{ 2006 struct nd_prefix *pr, *pr_next; 2007 struct in6_ifaddr *ia; 2008 struct ifaddr *ifa, *ifa_next; 2009 2010 lck_mtx_lock(nd6_mutex); 2011 2012 pr = nd_prefix.lh_first; 2013repeat: 2014 while (pr) { 2015 pr_next = pr->ndpr_next; 2016 NDPR_LOCK(pr); 2017 if (pr->ndpr_ifp != ifp || 2018 IN6_IS_ADDR_LINKLOCAL(&pr->ndpr_prefix.sin6_addr) || 2019 ((pr->ndpr_stateflags & NDPRF_DETACHED) == 0 && 2020 !LIST_EMPTY(&pr->ndpr_advrtrs))) { 2021 NDPR_UNLOCK(pr); 2022 pr = pr_next; 2023 continue; 2024 } 2025 NDPR_UNLOCK(pr); 2026 ifnet_lock_shared(ifp); 2027 for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa_next) { 2028 ifa_next = ifa->ifa_list.tqe_next; 2029 IFA_LOCK(ifa); 2030 if (ifa->ifa_addr->sa_family != AF_INET6) { 2031 IFA_UNLOCK(ifa); 2032 continue; 2033 } 2034 ia = (struct in6_ifaddr *)ifa; 2035 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) == 2036 IN6_IFF_AUTOCONF && ia->ia6_ndpr == pr) { 2037 IFA_ADDREF_LOCKED(ifa); /* for us */ 2038 IFA_UNLOCK(ifa); 2039 /* 2040 * Purging the address requires writer access 2041 * to the address list, so drop the ifnet lock 2042 * now and repeat from beginning. 2043 */ 2044 ifnet_lock_done(ifp); 2045 lck_mtx_unlock(nd6_mutex); 2046 in6_purgeaddr(ifa); 2047 IFA_REMREF(ifa); /* drop ours */ 2048 lck_mtx_lock(nd6_mutex); 2049 pr = nd_prefix.lh_first; 2050 goto repeat; 2051 } 2052 IFA_UNLOCK(ifa); 2053 } 2054 ifnet_lock_done(ifp); 2055 NDPR_LOCK(pr); 2056 if (pr->ndpr_addrcnt == 0) { 2057 NDPR_ADDREF_LOCKED(pr); 2058 prelist_remove(pr); 2059 NDPR_UNLOCK(pr); 2060 pfxlist_onlink_check(); 2061 NDPR_REMREF(pr); 2062 } else { 2063 NDPR_UNLOCK(pr); 2064 } 2065 pr = pr_next; 2066 } 2067 2068 lck_mtx_unlock(nd6_mutex); 2069} 2070 2071int 2072nd6_prelist_add(struct nd_prefix *pr, struct nd_defrouter *dr, 2073 struct nd_prefix **newp, boolean_t force_scoped) 2074{ 2075 struct nd_prefix *new = NULL; 2076 struct ifnet *ifp = pr->ndpr_ifp; 2077 struct nd_ifinfo *ndi = NULL; 2078 int i, error; 2079 2080 if (ip6_maxifprefixes >= 0) { 2081 lck_rw_lock_shared(nd_if_rwlock); 2082 if (ifp->if_index >= nd_ifinfo_indexlim) { 2083 lck_rw_done(nd_if_rwlock); 2084 return (EINVAL); 2085 } 2086 ndi = &nd_ifinfo[ifp->if_index]; 2087 VERIFY(ndi->initialized); 2088 lck_mtx_lock(&ndi->lock); 2089 if (ndi->nprefixes >= ip6_maxifprefixes / 2) { 2090 lck_mtx_unlock(&ndi->lock); 2091 lck_rw_done(nd_if_rwlock); 2092 purge_detached(ifp); 2093 lck_rw_lock_shared(nd_if_rwlock); 2094 /* 2095 * Refresh pointer since nd_ifinfo[] may have grown; 2096 * repeating the bounds check against nd_ifinfo_indexlim 2097 * isn't necessary since the array never shrinks. 2098 */ 2099 ndi = &nd_ifinfo[ifp->if_index]; 2100 lck_mtx_lock(&ndi->lock); 2101 } 2102 if (ndi->nprefixes >= ip6_maxifprefixes) { 2103 lck_mtx_unlock(&ndi->lock); 2104 lck_rw_done(nd_if_rwlock); 2105 return (ENOMEM); 2106 } 2107 lck_mtx_unlock(&ndi->lock); 2108 lck_rw_done(nd_if_rwlock); 2109 } 2110 2111 new = ndpr_alloc(M_WAITOK); 2112 if (new == NULL) 2113 return (ENOMEM); 2114 2115 NDPR_LOCK(new); 2116 NDPR_LOCK(pr); 2117 new->ndpr_ifp = pr->ndpr_ifp; 2118 new->ndpr_prefix = pr->ndpr_prefix; 2119 new->ndpr_plen = pr->ndpr_plen; 2120 new->ndpr_vltime = pr->ndpr_vltime; 2121 new->ndpr_pltime = pr->ndpr_pltime; 2122 new->ndpr_flags = pr->ndpr_flags; 2123 if (pr->ndpr_stateflags & NDPRF_STATIC) 2124 new->ndpr_stateflags |= NDPRF_STATIC; 2125 NDPR_UNLOCK(pr); 2126 if ((error = in6_init_prefix_ltimes(new)) != 0) { 2127 NDPR_UNLOCK(new); 2128 ndpr_free(new); 2129 return (error); 2130 } 2131 new->ndpr_lastupdate = net_uptime(); 2132 if (newp != NULL) { 2133 *newp = new; 2134 NDPR_ADDREF_LOCKED(new); /* for caller */ 2135 } 2136 /* initialization */ 2137 LIST_INIT(&new->ndpr_advrtrs); 2138 in6_prefixlen2mask(&new->ndpr_mask, new->ndpr_plen); 2139 /* make prefix in the canonical form */ 2140 for (i = 0; i < 4; i++) 2141 new->ndpr_prefix.sin6_addr.s6_addr32[i] &= 2142 new->ndpr_mask.s6_addr32[i]; 2143 2144 NDPR_UNLOCK(new); 2145 2146 /* get nd6_service() to be scheduled as soon as it's convenient */ 2147 ++nd6_sched_timeout_want; 2148 2149 lck_mtx_lock(nd6_mutex); 2150 /* link ndpr_entry to nd_prefix list */ 2151 LIST_INSERT_HEAD(&nd_prefix, new, ndpr_entry); 2152 new->ndpr_debug |= IFD_ATTACHED; 2153 NDPR_ADDREF(new); /* for nd_prefix list */ 2154 2155 /* ND_OPT_PI_FLAG_ONLINK processing */ 2156 if (new->ndpr_raf_onlink) { 2157 int e; 2158 2159 if ((e = nd6_prefix_onlink_common(new, force_scoped, 2160 new->ndpr_ifp->if_index)) != 0) { 2161 nd6log((LOG_ERR, "nd6_prelist_add: failed to make " 2162 "the prefix %s/%d on-link %s on %s (errno=%d)\n", 2163 ip6_sprintf(&new->ndpr_prefix.sin6_addr), 2164 new->ndpr_plen, force_scoped ? "scoped" : 2165 "non-scoped", if_name(ifp), e)); 2166 /* proceed anyway. XXX: is it correct? */ 2167 } 2168 } 2169 2170 if (dr) { 2171 pfxrtr_add(new, dr); 2172 } 2173 2174 lck_rw_lock_shared(nd_if_rwlock); 2175 /* 2176 * Refresh pointer since nd_ifinfo[] may have grown; 2177 * repeating the bounds check against nd_ifinfo_indexlim 2178 * isn't necessary since the array never shrinks. 2179 */ 2180 ndi = &nd_ifinfo[ifp->if_index]; 2181 VERIFY(ndi->initialized); 2182 lck_mtx_lock(&ndi->lock); 2183 ndi->nprefixes++; 2184 VERIFY(ndi->nprefixes != 0); 2185 lck_mtx_unlock(&ndi->lock); 2186 lck_rw_done(nd_if_rwlock); 2187 2188 lck_mtx_unlock(nd6_mutex); 2189 2190 return (0); 2191} 2192 2193/* 2194 * Caller must have held an extra reference on nd_prefix. 2195 */ 2196void 2197prelist_remove(struct nd_prefix *pr) 2198{ 2199 struct nd_pfxrouter *pfr, *next; 2200 struct ifnet *ifp = pr->ndpr_ifp; 2201 int e; 2202 2203 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 2204 NDPR_LOCK_ASSERT_HELD(pr); 2205 2206 /* make sure to invalidate the prefix until it is really freed. */ 2207 pr->ndpr_vltime = 0; 2208 pr->ndpr_pltime = 0; 2209 2210 /* 2211 * Though these flags are now meaningless, we'd rather keep the value 2212 * of pr->ndpr_raf_onlink and pr->ndpr_raf_auto not to confuse users 2213 * when executing "ndp -p". 2214 */ 2215 2216 if ((pr->ndpr_stateflags & NDPRF_ONLINK)) { 2217 NDPR_ADDREF_LOCKED(pr); 2218 NDPR_UNLOCK(pr); 2219 lck_mtx_unlock(nd6_mutex); 2220 if ((e = nd6_prefix_offlink(pr)) != 0) { 2221 nd6log((LOG_ERR, "prelist_remove: failed to make " 2222 "%s/%d offlink on %s, errno=%d\n", 2223 ip6_sprintf(&pr->ndpr_prefix.sin6_addr), 2224 pr->ndpr_plen, if_name(ifp), e)); 2225 /* what should we do? */ 2226 } 2227 lck_mtx_lock(nd6_mutex); 2228 NDPR_LOCK(pr); 2229 if (NDPR_REMREF_LOCKED(pr) == NULL) 2230 return; 2231 } 2232 2233 if (pr->ndpr_addrcnt > 0) 2234 return; /* notice here? */ 2235 2236 /* unlink ndpr_entry from nd_prefix list */ 2237 LIST_REMOVE(pr, ndpr_entry); 2238 pr->ndpr_debug &= ~IFD_ATTACHED; 2239 2240 /* free list of routers that adversed the prefix */ 2241 for (pfr = pr->ndpr_advrtrs.lh_first; pfr; pfr = next) { 2242 next = pfr->pfr_next; 2243 pfxrtr_del(pfr, pr); 2244 } 2245 2246 lck_rw_lock_shared(nd_if_rwlock); 2247 if (ifp->if_index < nd_ifinfo_indexlim) { 2248 struct nd_ifinfo *ndi = &nd_ifinfo[ifp->if_index]; 2249 VERIFY(ndi->initialized); 2250 lck_mtx_lock(&ndi->lock); 2251 VERIFY(ndi->nprefixes > 0); 2252 ndi->nprefixes--; 2253 lck_mtx_unlock(&ndi->lock); 2254 } 2255 lck_rw_done(nd_if_rwlock); 2256 2257 /* This must not be the last reference to the nd_prefix */ 2258 if (NDPR_REMREF_LOCKED(pr) == NULL) { 2259 panic("%s: unexpected (missing) refcnt ndpr=%p", __func__, pr); 2260 /* NOTREACHED */ 2261 } 2262 2263 /* 2264 * Don't call pfxlist_onlink_check() here because we are 2265 * holding the NDPR lock and this could cause a deadlock when 2266 * there are multiple threads executing pfxlist_onlink_check(). 2267 */ 2268} 2269 2270int 2271prelist_update( 2272 struct nd_prefix *new, 2273 struct nd_defrouter *dr, /* may be NULL */ 2274 struct mbuf *m, 2275 int mcast) 2276{ 2277 struct in6_ifaddr *ia6 = NULL, *ia6_match = NULL; 2278 struct ifaddr *ifa; 2279 struct ifnet *ifp = new->ndpr_ifp; 2280 struct nd_prefix *pr; 2281 int error = 0; 2282 int newprefix = 0; 2283 int auth; 2284 struct in6_addrlifetime lt6_tmp; 2285 uint64_t timenow = net_uptime(); 2286 2287 /* no need to lock "new" here, as it is local to the caller */ 2288 NDPR_LOCK_ASSERT_NOTHELD(new); 2289 2290 auth = 0; 2291 if (m) { 2292 /* 2293 * Authenticity for NA consists authentication for 2294 * both IP header and IP datagrams, doesn't it ? 2295 */ 2296#if defined(M_AUTHIPHDR) && defined(M_AUTHIPDGM) 2297 auth = (m->m_flags & M_AUTHIPHDR) && (m->m_flags & M_AUTHIPDGM); 2298#endif 2299 } 2300 2301 2302 if ((pr = nd6_prefix_lookup(new)) != NULL) { 2303 /* 2304 * nd6_prefix_lookup() ensures that pr and new have the same 2305 * prefix on a same interface. 2306 */ 2307 2308 /* 2309 * Update prefix information. Note that the on-link (L) bit 2310 * and the autonomous (A) bit should NOT be changed from 1 2311 * to 0. 2312 */ 2313 lck_mtx_lock(nd6_mutex); 2314 NDPR_LOCK(pr); 2315 if (new->ndpr_raf_onlink == 1) 2316 pr->ndpr_raf_onlink = 1; 2317 if (new->ndpr_raf_auto == 1) 2318 pr->ndpr_raf_auto = 1; 2319 if (new->ndpr_raf_onlink) { 2320 pr->ndpr_vltime = new->ndpr_vltime; 2321 pr->ndpr_pltime = new->ndpr_pltime; 2322 (void) in6_init_prefix_ltimes(pr); /* XXX error case? */ 2323 pr->ndpr_lastupdate = net_uptime(); 2324 } 2325 2326 if (new->ndpr_raf_onlink && 2327 (pr->ndpr_stateflags & NDPRF_ONLINK) == 0) { 2328 int e; 2329 2330 NDPR_UNLOCK(pr); 2331 if ((e = nd6_prefix_onlink(pr)) != 0) { 2332 nd6log((LOG_ERR, 2333 "prelist_update: failed to make " 2334 "the prefix %s/%d on-link on %s " 2335 "(errno=%d)\n", 2336 ip6_sprintf(&pr->ndpr_prefix.sin6_addr), 2337 pr->ndpr_plen, if_name(pr->ndpr_ifp), e)); 2338 /* proceed anyway. XXX: is it correct? */ 2339 } 2340 NDPR_LOCK(pr); 2341 } 2342 2343 if (dr && pfxrtr_lookup(pr, dr) == NULL) { 2344 NDPR_UNLOCK(pr); 2345 pfxrtr_add(pr, dr); 2346 } else { 2347 NDPR_UNLOCK(pr); 2348 } 2349 lck_mtx_unlock(nd6_mutex); 2350 } else { 2351 struct nd_prefix *newpr = NULL; 2352 2353 newprefix = 1; 2354 2355 if (new->ndpr_vltime == 0) 2356 goto end; 2357 if (new->ndpr_raf_onlink == 0 && new->ndpr_raf_auto == 0) 2358 goto end; 2359 2360 bzero(&new->ndpr_addr, sizeof (struct in6_addr)); 2361 2362 error = nd6_prelist_add(new, dr, &newpr, FALSE); 2363 if (error != 0 || newpr == NULL) { 2364 nd6log((LOG_NOTICE, "prelist_update: " 2365 "nd6_prelist_add failed for %s/%d on %s " 2366 "errno=%d, returnpr=0x%llx\n", 2367 ip6_sprintf(&new->ndpr_prefix.sin6_addr), 2368 new->ndpr_plen, if_name(new->ndpr_ifp), 2369 error, (uint64_t)VM_KERNEL_ADDRPERM(newpr))); 2370 goto end; /* we should just give up in this case. */ 2371 } 2372 2373 /* 2374 * XXX: from the ND point of view, we can ignore a prefix 2375 * with the on-link bit being zero. However, we need a 2376 * prefix structure for references from autoconfigured 2377 * addresses. Thus, we explicitly make sure that the prefix 2378 * itself expires now. 2379 */ 2380 NDPR_LOCK(newpr); 2381 if (newpr->ndpr_raf_onlink == 0) { 2382 newpr->ndpr_vltime = 0; 2383 newpr->ndpr_pltime = 0; 2384 in6_init_prefix_ltimes(newpr); 2385 } 2386 2387 pr = newpr; 2388 NDPR_UNLOCK(newpr); 2389 } 2390 2391 /* 2392 * Address autoconfiguration based on Section 5.5.3 of RFC 4862. 2393 * Note that pr must be non NULL at this point. 2394 */ 2395 2396 /* 5.5.3 (a). Ignore the prefix without the A bit set. */ 2397 if (!new->ndpr_raf_auto) 2398 goto afteraddrconf; 2399 2400 /* 2401 * 5.5.3 (b). the link-local prefix should have been ignored in 2402 * nd6_ra_input. 2403 */ 2404 2405 /* 5.5.3 (c). Consistency check on lifetimes: pltime <= vltime. */ 2406 if (new->ndpr_pltime > new->ndpr_vltime) { 2407 error = EINVAL; /* XXX: won't be used */ 2408 goto end; 2409 } 2410 2411 /* 2412 * 5.5.3 (d). If the prefix advertised is not equal to the prefix of 2413 * an address configured by stateless autoconfiguration already in the 2414 * list of addresses associated with the interface, and the Valid 2415 * Lifetime is not 0, form an address. We first check if we have 2416 * a matching prefix. 2417 */ 2418 ifnet_lock_shared(ifp); 2419 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 2420 struct in6_ifaddr *ifa6; 2421 u_int32_t remaininglifetime; 2422 2423 IFA_LOCK(ifa); 2424 if (ifa->ifa_addr->sa_family != AF_INET6) { 2425 IFA_UNLOCK(ifa); 2426 continue; 2427 } 2428 ifa6 = (struct in6_ifaddr *)ifa; 2429 2430 /* 2431 * We only consider autoconfigured addresses as per RFC 4862. 2432 */ 2433 if (!(ifa6->ia6_flags & IN6_IFF_AUTOCONF)) { 2434 IFA_UNLOCK(ifa); 2435 continue; 2436 } 2437 /* 2438 * Spec is not clear here, but I believe we should concentrate 2439 * on unicast (i.e. not anycast) addresses. 2440 * XXX: other ia6_flags? detached or duplicated? 2441 */ 2442 if ((ifa6->ia6_flags & IN6_IFF_ANYCAST) != 0) { 2443 IFA_UNLOCK(ifa); 2444 continue; 2445 } 2446 /* 2447 * Ignore the address if it is not associated with a prefix 2448 * or is associated with a prefix that is different from this 2449 * one. (pr is never NULL here) 2450 */ 2451 if (ifa6->ia6_ndpr != pr) { 2452 IFA_UNLOCK(ifa); 2453 continue; 2454 } 2455 2456 if (ia6_match == NULL) { /* remember the first one */ 2457 ia6_match = ifa6; 2458 IFA_ADDREF_LOCKED(ifa); /* for ia6_match */ 2459 } 2460 2461 /* 2462 * An already autoconfigured address matched. Now that we 2463 * are sure there is at least one matched address, we can 2464 * proceed to 5.5.3. (e): update the lifetimes according to the 2465 * "two hours" rule and the privacy extension. 2466 */ 2467#define TWOHOUR (120*60) 2468 2469 /* retrieve time as uptime (last arg is 0) */ 2470 in6ifa_getlifetime(ifa6, <6_tmp, 0); 2471 2472 if (lt6_tmp.ia6t_vltime == ND6_INFINITE_LIFETIME) 2473 remaininglifetime = ND6_INFINITE_LIFETIME; 2474 else if (timenow - ifa6->ia6_updatetime > lt6_tmp.ia6t_vltime) { 2475 /* 2476 * The case of "invalid" address. We should usually 2477 * not see this case. 2478 */ 2479 remaininglifetime = 0; 2480 } else { 2481 remaininglifetime = lt6_tmp.ia6t_vltime - 2482 (timenow - ifa6->ia6_updatetime); 2483 } 2484 /* when not updating, keep the current stored lifetime. */ 2485 lt6_tmp.ia6t_vltime = remaininglifetime; 2486 2487 if (TWOHOUR < new->ndpr_vltime || 2488 remaininglifetime < new->ndpr_vltime) { 2489 lt6_tmp.ia6t_vltime = new->ndpr_vltime; 2490 } else if (remaininglifetime <= TWOHOUR) { 2491 if (auth) { 2492 lt6_tmp.ia6t_vltime = new->ndpr_vltime; 2493 } 2494 } else { 2495 /* 2496 * new->ndpr_vltime <= TWOHOUR && 2497 * TWOHOUR < remaininglifetime 2498 */ 2499 lt6_tmp.ia6t_vltime = TWOHOUR; 2500 } 2501 2502 /* The 2 hour rule is not imposed for preferred lifetime. */ 2503 lt6_tmp.ia6t_pltime = new->ndpr_pltime; 2504 2505 /* Special handling for lifetimes of temporary addresses. */ 2506 if ((ifa6->ia6_flags & IN6_IFF_TEMPORARY) != 0) { 2507 u_int32_t maxvltime, maxpltime; 2508 2509 /* Constrain lifetimes to system limits. */ 2510 if (lt6_tmp.ia6t_vltime > ip6_temp_valid_lifetime) 2511 lt6_tmp.ia6t_vltime = ip6_temp_valid_lifetime; 2512 if (lt6_tmp.ia6t_pltime > ip6_temp_preferred_lifetime) 2513 lt6_tmp.ia6t_pltime = 2514 ip6_temp_preferred_lifetime - 2515 ip6_desync_factor; 2516 2517 /* 2518 * According to RFC 4941, section 3.3 (1), we only 2519 * update the lifetimes when they are in the maximum 2520 * intervals. 2521 */ 2522 if (ip6_temp_valid_lifetime > 2523 (u_int32_t)((timenow - ifa6->ia6_createtime) + 2524 ip6_desync_factor)) { 2525 maxvltime = ip6_temp_valid_lifetime - 2526 (timenow - ifa6->ia6_createtime) - 2527 ip6_desync_factor; 2528 } else 2529 maxvltime = 0; 2530 if (ip6_temp_preferred_lifetime > 2531 (u_int32_t)((timenow - ifa6->ia6_createtime) + 2532 ip6_desync_factor)) { 2533 maxpltime = ip6_temp_preferred_lifetime - 2534 (timenow - ifa6->ia6_createtime) - 2535 ip6_desync_factor; 2536 } else 2537 maxpltime = 0; 2538 2539 if (lt6_tmp.ia6t_vltime == ND6_INFINITE_LIFETIME || 2540 lt6_tmp.ia6t_vltime > maxvltime) 2541 lt6_tmp.ia6t_vltime = maxvltime; 2542 2543 if (lt6_tmp.ia6t_pltime == ND6_INFINITE_LIFETIME || 2544 lt6_tmp.ia6t_pltime > maxpltime) 2545 lt6_tmp.ia6t_pltime = maxpltime; 2546 } 2547 2548 in6_init_address_ltimes(pr, <6_tmp); 2549 2550 in6ifa_setlifetime(ifa6, <6_tmp); 2551 ifa6->ia6_updatetime = timenow; 2552 IFA_UNLOCK(ifa); 2553 } 2554 ifnet_lock_done(ifp); 2555 if (ia6_match == NULL && new->ndpr_vltime) { 2556 /* 2557 * 5.5.3 (d) (continued) 2558 * No address matched and the valid lifetime is non-zero. 2559 * Create a new address. 2560 */ 2561 2562 if ((ia6 = in6_pfx_newpersistaddr(new, mcast, &error)) 2563 != NULL) { 2564 /* 2565 * note that we should use pr (not new) for reference. 2566 */ 2567 IFA_LOCK(&ia6->ia_ifa); 2568 NDPR_LOCK(pr); 2569 ia6->ia6_ndpr = pr; 2570 NDPR_ADDREF_LOCKED(pr); /* for addr reference */ 2571 pr->ndpr_addrcnt++; 2572 VERIFY(pr->ndpr_addrcnt != 0); 2573 NDPR_UNLOCK(pr); 2574 IFA_UNLOCK(&ia6->ia_ifa); 2575 2576 /* 2577 * RFC 4941 3.3 (2). 2578 * When a new public address is created as described 2579 * in RFC 4862, also create a new temporary address. 2580 * 2581 * RFC 4941 3.5. 2582 * When an interface connects to a new link, a new 2583 * randomized interface identifier should be generated 2584 * immediately together with a new set of temporary 2585 * addresses. Thus, we specifiy 1 as the 2nd arg of 2586 * in6_tmpifadd(). 2587 */ 2588 if (ip6_use_tempaddr) { 2589 int e; 2590 if ((e = in6_tmpifadd(ia6, 1)) != 0) { 2591 nd6log((LOG_NOTICE, "prelist_update: " 2592 "failed to create a temporary " 2593 "address, errno=%d\n", 2594 e)); 2595 } 2596 } 2597 IFA_REMREF(&ia6->ia_ifa); 2598 ia6 = NULL; 2599 2600 /* 2601 * A newly added address might affect the status 2602 * of other addresses, so we check and update it. 2603 * XXX: what if address duplication happens? 2604 */ 2605 lck_mtx_lock(nd6_mutex); 2606 pfxlist_onlink_check(); 2607 lck_mtx_unlock(nd6_mutex); 2608 } 2609 } 2610 2611afteraddrconf: 2612 2613end: 2614 if (pr != NULL) 2615 NDPR_REMREF(pr); 2616 if (ia6_match != NULL) 2617 IFA_REMREF(&ia6_match->ia_ifa); 2618 return (error); 2619} 2620 2621/* 2622 * Neighbor Discover Default Router structure reference counting routines. 2623 */ 2624static struct nd_defrouter * 2625nddr_alloc(int how) 2626{ 2627 struct nd_defrouter *dr; 2628 2629 dr = (how == M_WAITOK) ? zalloc(nddr_zone) : zalloc_noblock(nddr_zone); 2630 if (dr != NULL) { 2631 bzero(dr, nddr_size); 2632 lck_mtx_init(&dr->nddr_lock, ifa_mtx_grp, ifa_mtx_attr); 2633 dr->nddr_debug |= IFD_ALLOC; 2634 if (nddr_debug != 0) { 2635 dr->nddr_debug |= IFD_DEBUG; 2636 dr->nddr_trace = nddr_trace; 2637 } 2638 } 2639 return (dr); 2640} 2641 2642static void 2643nddr_free(struct nd_defrouter *dr) 2644{ 2645 NDDR_LOCK(dr); 2646 if (dr->nddr_debug & IFD_ATTACHED) { 2647 panic("%s: attached nddr %p is being freed", __func__, dr); 2648 /* NOTREACHED */ 2649 } else if (!(dr->nddr_debug & IFD_ALLOC)) { 2650 panic("%s: nddr %p cannot be freed", __func__, dr); 2651 /* NOTREACHED */ 2652 } 2653 dr->nddr_debug &= ~IFD_ALLOC; 2654 NDDR_UNLOCK(dr); 2655 2656 lck_mtx_destroy(&dr->nddr_lock, ifa_mtx_grp); 2657 zfree(nddr_zone, dr); 2658} 2659 2660static void 2661nddr_trace(struct nd_defrouter *dr, int refhold) 2662{ 2663 struct nd_defrouter_dbg *dr_dbg = (struct nd_defrouter_dbg *)dr; 2664 ctrace_t *tr; 2665 uint32_t idx; 2666 uint16_t *cnt; 2667 2668 if (!(dr->nddr_debug & IFD_DEBUG)) { 2669 panic("%s: nddr %p has no debug structure", __func__, dr); 2670 /* NOTREACHED */ 2671 } 2672 if (refhold) { 2673 cnt = &dr_dbg->nddr_refhold_cnt; 2674 tr = dr_dbg->nddr_refhold; 2675 } else { 2676 cnt = &dr_dbg->nddr_refrele_cnt; 2677 tr = dr_dbg->nddr_refrele; 2678 } 2679 2680 idx = atomic_add_16_ov(cnt, 1) % NDDR_TRACE_HIST_SIZE; 2681 ctrace_record(&tr[idx]); 2682} 2683 2684void 2685nddr_addref(struct nd_defrouter *nddr, int locked) 2686{ 2687 2688 if (!locked) 2689 NDDR_LOCK_SPIN(nddr); 2690 else 2691 NDDR_LOCK_ASSERT_HELD(nddr); 2692 2693 if (++nddr->nddr_refcount == 0) { 2694 panic("%s: nddr %p wraparound refcnt\n", __func__, nddr); 2695 /* NOTREACHED */ 2696 } else if (nddr->nddr_trace != NULL) { 2697 (*nddr->nddr_trace)(nddr, TRUE); 2698 } 2699 2700 if (!locked) 2701 NDDR_UNLOCK(nddr); 2702} 2703 2704struct nd_defrouter * 2705nddr_remref(struct nd_defrouter *nddr, int locked) 2706{ 2707 2708 if (!locked) 2709 NDDR_LOCK_SPIN(nddr); 2710 else 2711 NDDR_LOCK_ASSERT_HELD(nddr); 2712 2713 if (nddr->nddr_refcount == 0) { 2714 panic("%s: nddr %p negative refcnt\n", __func__, nddr); 2715 /* NOTREACHED */ 2716 } else if (nddr->nddr_trace != NULL) { 2717 (*nddr->nddr_trace)(nddr, FALSE); 2718 } 2719 2720 if (--nddr->nddr_refcount == 0) { 2721 NDDR_UNLOCK(nddr); 2722 nddr_free(nddr); 2723 nddr = NULL; 2724 } 2725 2726 if (!locked && nddr != NULL) 2727 NDDR_UNLOCK(nddr); 2728 2729 return (nddr); 2730} 2731 2732uint64_t 2733nddr_getexpire(struct nd_defrouter *dr) 2734{ 2735 struct timeval caltime; 2736 uint64_t expiry; 2737 2738 if (dr->expire != 0) { 2739 /* account for system time change */ 2740 getmicrotime(&caltime); 2741 2742 dr->base_calendartime += 2743 NET_CALCULATE_CLOCKSKEW(caltime, 2744 dr->base_calendartime, net_uptime(), dr->base_uptime); 2745 2746 expiry = dr->base_calendartime + 2747 dr->expire - dr->base_uptime; 2748 } else { 2749 expiry = 0; 2750 } 2751 return (expiry); 2752} 2753 2754/* 2755 * Neighbor Discover Prefix structure reference counting routines. 2756 */ 2757static struct nd_prefix * 2758ndpr_alloc(int how) 2759{ 2760 struct nd_prefix *pr; 2761 2762 pr = (how == M_WAITOK) ? zalloc(ndpr_zone) : zalloc_noblock(ndpr_zone); 2763 if (pr != NULL) { 2764 bzero(pr, ndpr_size); 2765 lck_mtx_init(&pr->ndpr_lock, ifa_mtx_grp, ifa_mtx_attr); 2766 RB_INIT(&pr->ndpr_prproxy_sols); 2767 pr->ndpr_debug |= IFD_ALLOC; 2768 if (ndpr_debug != 0) { 2769 pr->ndpr_debug |= IFD_DEBUG; 2770 pr->ndpr_trace = ndpr_trace; 2771 } 2772 } 2773 return (pr); 2774} 2775 2776static void 2777ndpr_free(struct nd_prefix *pr) 2778{ 2779 NDPR_LOCK(pr); 2780 if (pr->ndpr_debug & IFD_ATTACHED) { 2781 panic("%s: attached ndpr %p is being freed", __func__, pr); 2782 /* NOTREACHED */ 2783 } else if (!(pr->ndpr_debug & IFD_ALLOC)) { 2784 panic("%s: ndpr %p cannot be freed", __func__, pr); 2785 /* NOTREACHED */ 2786 } else if (pr->ndpr_rt != NULL) { 2787 panic("%s: ndpr %p route %p not freed", __func__, pr, 2788 pr->ndpr_rt); 2789 /* NOTREACHED */ 2790 } else if (pr->ndpr_prproxy_sols_cnt != 0) { 2791 panic("%s: ndpr %p non-zero solicitors count (%d)", 2792 __func__, pr, pr->ndpr_prproxy_sols_cnt); 2793 /* NOTREACHED */ 2794 } else if (!RB_EMPTY(&pr->ndpr_prproxy_sols)) { 2795 panic("%s: ndpr %p non-empty solicitors tree", __func__, pr); 2796 /* NOTREACHED */ 2797 } 2798 pr->ndpr_debug &= ~IFD_ALLOC; 2799 NDPR_UNLOCK(pr); 2800 2801 lck_mtx_destroy(&pr->ndpr_lock, ifa_mtx_grp); 2802 zfree(ndpr_zone, pr); 2803} 2804 2805static void 2806ndpr_trace(struct nd_prefix *pr, int refhold) 2807{ 2808 struct nd_prefix_dbg *pr_dbg = (struct nd_prefix_dbg *)pr; 2809 ctrace_t *tr; 2810 u_int32_t idx; 2811 u_int16_t *cnt; 2812 2813 if (!(pr->ndpr_debug & IFD_DEBUG)) { 2814 panic("%s: ndpr %p has no debug structure", __func__, pr); 2815 /* NOTREACHED */ 2816 } 2817 if (refhold) { 2818 cnt = &pr_dbg->ndpr_refhold_cnt; 2819 tr = pr_dbg->ndpr_refhold; 2820 } else { 2821 cnt = &pr_dbg->ndpr_refrele_cnt; 2822 tr = pr_dbg->ndpr_refrele; 2823 } 2824 2825 idx = atomic_add_16_ov(cnt, 1) % NDPR_TRACE_HIST_SIZE; 2826 ctrace_record(&tr[idx]); 2827} 2828 2829void 2830ndpr_addref(struct nd_prefix *ndpr, int locked) 2831{ 2832 if (!locked) 2833 NDPR_LOCK_SPIN(ndpr); 2834 else 2835 NDPR_LOCK_ASSERT_HELD(ndpr); 2836 2837 if (++ndpr->ndpr_refcount == 0) { 2838 panic("%s: ndpr %p wraparound refcnt\n", __func__, ndpr); 2839 /* NOTREACHED */ 2840 } else if (ndpr->ndpr_trace != NULL) { 2841 (*ndpr->ndpr_trace)(ndpr, TRUE); 2842 } 2843 2844 if (!locked) 2845 NDPR_UNLOCK(ndpr); 2846} 2847 2848struct nd_prefix * 2849ndpr_remref(struct nd_prefix *ndpr, int locked) 2850{ 2851 if (!locked) 2852 NDPR_LOCK_SPIN(ndpr); 2853 else 2854 NDPR_LOCK_ASSERT_HELD(ndpr); 2855 2856 if (ndpr->ndpr_refcount == 0) { 2857 panic("%s: ndpr %p negative refcnt\n", __func__, ndpr); 2858 /* NOTREACHED */ 2859 } else if (ndpr->ndpr_trace != NULL) { 2860 (*ndpr->ndpr_trace)(ndpr, FALSE); 2861 } 2862 2863 if (--ndpr->ndpr_refcount == 0) { 2864 if (ndpr->ndpr_addrcnt != 0) { 2865 panic("%s: freeing ndpr %p with outstanding address " 2866 "reference (%d)", __func__, ndpr, 2867 ndpr->ndpr_addrcnt); 2868 /* NOTREACHED */ 2869 } 2870 NDPR_UNLOCK(ndpr); 2871 ndpr_free(ndpr); 2872 ndpr = NULL; 2873 } 2874 2875 if (!locked && ndpr != NULL) 2876 NDPR_UNLOCK(ndpr); 2877 2878 return (ndpr); 2879} 2880 2881uint64_t 2882ndpr_getexpire(struct nd_prefix *pr) 2883{ 2884 struct timeval caltime; 2885 uint64_t expiry; 2886 2887 if (pr->ndpr_expire != 0 && pr->ndpr_vltime != ND6_INFINITE_LIFETIME) { 2888 /* account for system time change */ 2889 getmicrotime(&caltime); 2890 2891 pr->ndpr_base_calendartime += 2892 NET_CALCULATE_CLOCKSKEW(caltime, 2893 pr->ndpr_base_calendartime, net_uptime(), 2894 pr->ndpr_base_uptime); 2895 2896 expiry = pr->ndpr_base_calendartime + 2897 pr->ndpr_expire - pr->ndpr_base_uptime; 2898 } else { 2899 expiry = 0; 2900 } 2901 return (expiry); 2902} 2903 2904/* 2905 * A supplement function used in the on-link detection below; 2906 * detect if a given prefix has a (probably) reachable advertising router. 2907 * XXX: lengthy function name... 2908 */ 2909static struct nd_pfxrouter * 2910find_pfxlist_reachable_router(struct nd_prefix *pr) 2911{ 2912 struct nd_pfxrouter *pfxrtr; 2913 struct rtentry *rt; 2914 struct llinfo_nd6 *ln; 2915 struct ifnet *ifp; 2916 struct in6_addr rtaddr; 2917 unsigned int genid; 2918 2919 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 2920 NDPR_LOCK_ASSERT_HELD(pr); 2921 2922 genid = pr->ndpr_genid; 2923 pfxrtr = LIST_FIRST(&pr->ndpr_advrtrs); 2924 while (pfxrtr) { 2925 ifp = pfxrtr->router->ifp; 2926 rtaddr = pfxrtr->router->rtaddr; 2927 NDPR_UNLOCK(pr); 2928 lck_mtx_unlock(nd6_mutex); 2929 /* Callee returns a locked route upon success */ 2930 if ((rt = nd6_lookup(&rtaddr, 0, ifp, 0)) != NULL) { 2931 RT_LOCK_ASSERT_HELD(rt); 2932 if ((ln = rt->rt_llinfo) != NULL && 2933 ND6_IS_LLINFO_PROBREACH(ln)) { 2934 RT_REMREF_LOCKED(rt); 2935 RT_UNLOCK(rt); 2936 lck_mtx_lock(nd6_mutex); 2937 NDPR_LOCK(pr); 2938 break; /* found */ 2939 } 2940 RT_REMREF_LOCKED(rt); 2941 RT_UNLOCK(rt); 2942 } 2943 lck_mtx_lock(nd6_mutex); 2944 NDPR_LOCK(pr); 2945 if (pr->ndpr_genid != genid) { 2946 pfxrtr = LIST_FIRST(&pr->ndpr_advrtrs); 2947 genid = pr->ndpr_genid; 2948 } else 2949 pfxrtr = LIST_NEXT(pfxrtr, pfr_entry); 2950 } 2951 NDPR_LOCK_ASSERT_HELD(pr); 2952 2953 return (pfxrtr); 2954 2955} 2956 2957/* 2958 * Check if each prefix in the prefix list has at least one available router 2959 * that advertised the prefix (a router is "available" if its neighbor cache 2960 * entry is reachable or probably reachable). 2961 * If the check fails, the prefix may be off-link, because, for example, 2962 * we have moved from the network but the lifetime of the prefix has not 2963 * expired yet. So we should not use the prefix if there is another prefix 2964 * that has an available router. 2965 * But, if there is no prefix that has an available router, we still regards 2966 * all the prefixes as on-link. This is because we can't tell if all the 2967 * routers are simply dead or if we really moved from the network and there 2968 * is no router around us. 2969 */ 2970void 2971pfxlist_onlink_check(void) 2972{ 2973 struct nd_prefix *pr, *prclear; 2974 struct in6_ifaddr *ifa; 2975 struct nd_defrouter *dr; 2976 struct nd_pfxrouter *pfxrtr = NULL; 2977 int err, i, found = 0; 2978 struct ifaddr **ifap = NULL; 2979 struct nd_prefix *ndpr; 2980 2981 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 2982 2983 while (nd_prefix_busy) { 2984 nd_prefix_waiters++; 2985 msleep(nd_prefix_waitchan, nd6_mutex, (PZERO-1), 2986 __func__, NULL); 2987 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 2988 } 2989 nd_prefix_busy = TRUE; 2990 2991 /* 2992 * Check if there is a prefix that has a reachable advertising 2993 * router. 2994 */ 2995 pr = nd_prefix.lh_first; 2996 while (pr) { 2997 NDPR_LOCK(pr); 2998 if (pr->ndpr_stateflags & NDPRF_PROCESSED_ONLINK) { 2999 NDPR_UNLOCK(pr); 3000 pr = pr->ndpr_next; 3001 continue; 3002 } 3003 NDPR_ADDREF_LOCKED(pr); 3004 if (pr->ndpr_raf_onlink && find_pfxlist_reachable_router(pr) && 3005 (pr->ndpr_debug & IFD_ATTACHED)) { 3006 NDPR_UNLOCK(pr); 3007 NDPR_REMREF(pr); 3008 break; 3009 } 3010 pr->ndpr_stateflags |= NDPRF_PROCESSED_ONLINK; 3011 NDPR_UNLOCK(pr); 3012 NDPR_REMREF(pr); 3013 /* 3014 * Since find_pfxlist_reachable_router() drops the nd6_mutex, we 3015 * have to start over, but the NDPRF_PROCESSED_ONLINK flag will 3016 * stop us from checking the same prefix twice. 3017 */ 3018 pr = nd_prefix.lh_first; 3019 } 3020 LIST_FOREACH(prclear, &nd_prefix, ndpr_entry) { 3021 NDPR_LOCK(prclear); 3022 prclear->ndpr_stateflags &= ~NDPRF_PROCESSED_ONLINK; 3023 NDPR_UNLOCK(prclear); 3024 } 3025 3026 /* 3027 * If we have no such prefix, check whether we still have a router 3028 * that does not advertise any prefixes. 3029 */ 3030 if (pr == NULL) { 3031 for (dr = TAILQ_FIRST(&nd_defrouter); dr; 3032 dr = TAILQ_NEXT(dr, dr_entry)) { 3033 struct nd_prefix *pr0; 3034 3035 for (pr0 = nd_prefix.lh_first; pr0; 3036 pr0 = pr0->ndpr_next) { 3037 NDPR_LOCK(pr0); 3038 if ((pfxrtr = pfxrtr_lookup(pr0, dr)) != NULL) { 3039 NDPR_UNLOCK(pr0); 3040 break; 3041 } 3042 NDPR_UNLOCK(pr0); 3043 } 3044 if (pfxrtr != NULL) 3045 break; 3046 } 3047 } 3048 if (pr != NULL || (TAILQ_FIRST(&nd_defrouter) && pfxrtr == NULL)) { 3049 /* 3050 * There is at least one prefix that has a reachable router, 3051 * or at least a router which probably does not advertise 3052 * any prefixes. The latter would be the case when we move 3053 * to a new link where we have a router that does not provide 3054 * prefixes and we configure an address by hand. 3055 * Detach prefixes which have no reachable advertising 3056 * router, and attach other prefixes. 3057 */ 3058 pr = nd_prefix.lh_first; 3059 while (pr) { 3060 NDPR_LOCK(pr); 3061 /* 3062 * We aren't interested prefixes already processed, 3063 * nor in prefixes without the L bit 3064 * set nor in static prefixes 3065 */ 3066 if (pr->ndpr_raf_onlink == 0 || 3067 pr->ndpr_stateflags & NDPRF_PROCESSED_ONLINK || 3068 pr->ndpr_stateflags & NDPRF_STATIC) { 3069 NDPR_UNLOCK(pr); 3070 pr = pr->ndpr_next; 3071 continue; 3072 } 3073 NDPR_ADDREF_LOCKED(pr); 3074 if ((pr->ndpr_stateflags & NDPRF_DETACHED) == 0 && 3075 find_pfxlist_reachable_router(pr) == NULL && 3076 (pr->ndpr_debug & IFD_ATTACHED)) 3077 pr->ndpr_stateflags |= NDPRF_DETACHED; 3078 if ((pr->ndpr_stateflags & NDPRF_DETACHED) != 0 && 3079 find_pfxlist_reachable_router(pr) != NULL && 3080 (pr->ndpr_debug & IFD_ATTACHED)) 3081 pr->ndpr_stateflags &= ~NDPRF_DETACHED; 3082 pr->ndpr_stateflags |= NDPRF_PROCESSED_ONLINK; 3083 NDPR_UNLOCK(pr); 3084 NDPR_REMREF(pr); 3085 /* 3086 * Since find_pfxlist_reachable_router() drops the 3087 * nd6_mutex, we have to start over, but the 3088 * NDPRF_PROCESSED_ONLINK flag will stop us from 3089 * checking the same prefix twice. 3090 */ 3091 pr = nd_prefix.lh_first; 3092 } 3093 } else { 3094 /* there is no prefix that has a reachable router */ 3095 for (pr = nd_prefix.lh_first; pr; pr = pr->ndpr_next) { 3096 NDPR_LOCK(pr); 3097 if (pr->ndpr_raf_onlink == 0 || 3098 pr->ndpr_stateflags & NDPRF_STATIC) { 3099 NDPR_UNLOCK(pr); 3100 continue; 3101 } 3102 if ((pr->ndpr_stateflags & NDPRF_DETACHED) != 0) 3103 pr->ndpr_stateflags &= ~NDPRF_DETACHED; 3104 NDPR_UNLOCK(pr); 3105 } 3106 } 3107 LIST_FOREACH(prclear, &nd_prefix, ndpr_entry) { 3108 NDPR_LOCK(prclear); 3109 prclear->ndpr_stateflags &= ~NDPRF_PROCESSED_ONLINK; 3110 NDPR_UNLOCK(prclear); 3111 } 3112 VERIFY(nd_prefix_busy); 3113 nd_prefix_busy = FALSE; 3114 if (nd_prefix_waiters > 0) { 3115 nd_prefix_waiters = 0; 3116 wakeup(nd_prefix_waitchan); 3117 } 3118 3119 /* 3120 * Remove each interface route associated with a (just) detached 3121 * prefix, and reinstall the interface route for a (just) attached 3122 * prefix. Note that all attempt of reinstallation does not 3123 * necessarily success, when a same prefix is shared among multiple 3124 * interfaces. Such cases will be handled in nd6_prefix_onlink, 3125 * so we don't have to care about them. 3126 */ 3127 pr = nd_prefix.lh_first; 3128 while (pr) { 3129 int e; 3130 3131 NDPR_LOCK(pr); 3132 if (pr->ndpr_raf_onlink == 0 || 3133 pr->ndpr_stateflags & NDPRF_STATIC) { 3134 NDPR_UNLOCK(pr); 3135 pr = pr->ndpr_next; 3136 continue; 3137 } 3138 if ((pr->ndpr_stateflags & NDPRF_DETACHED) != 0 && 3139 (pr->ndpr_stateflags & NDPRF_ONLINK) != 0) { 3140 NDPR_UNLOCK(pr); 3141 lck_mtx_unlock(nd6_mutex); 3142 if ((e = nd6_prefix_offlink(pr)) != 0) { 3143 nd6log((LOG_ERR, 3144 "pfxlist_onlink_check: failed to " 3145 "make %s/%d offlink, errno=%d\n", 3146 ip6_sprintf(&pr->ndpr_prefix.sin6_addr), 3147 pr->ndpr_plen, e)); 3148 } 3149 lck_mtx_lock(nd6_mutex); 3150 pr = nd_prefix.lh_first; 3151 continue; 3152 } 3153 if ((pr->ndpr_stateflags & NDPRF_DETACHED) == 0 && 3154 (pr->ndpr_stateflags & NDPRF_ONLINK) == 0 && 3155 pr->ndpr_raf_onlink) { 3156 NDPR_UNLOCK(pr); 3157 if ((e = nd6_prefix_onlink(pr)) != 0) { 3158 nd6log((LOG_ERR, 3159 "pfxlist_onlink_check: failed to " 3160 "make %s/%d offlink, errno=%d\n", 3161 ip6_sprintf(&pr->ndpr_prefix.sin6_addr), 3162 pr->ndpr_plen, e)); 3163 } 3164 } else { 3165 NDPR_UNLOCK(pr); 3166 } 3167 pr = pr->ndpr_next; 3168 } 3169 3170 /* 3171 * Changes on the prefix status might affect address status as well. 3172 * Make sure that all addresses derived from an attached prefix are 3173 * attached, and that all addresses derived from a detached prefix are 3174 * detached. Note, however, that a manually configured address should 3175 * always be attached. 3176 * The precise detection logic is same as the one for prefixes. 3177 * 3178 * ifnet_get_address_list_family_internal() may fail due to memory 3179 * pressure, but we will eventually be called again when we receive 3180 * another NA, RA, or when the link status changes. 3181 */ 3182 err = ifnet_get_address_list_family_internal(NULL, &ifap, AF_INET6, 0, 3183 M_NOWAIT, 0); 3184 if (err != 0 || ifap == NULL) { 3185 nd6log((LOG_ERR, "%s: ifnet_get_address_list_family_internal " 3186 "failed", __func__)); 3187 return; 3188 } 3189 for (i = 0; ifap[i]; i++) { 3190 ifa = ifatoia6(ifap[i]); 3191 IFA_LOCK(&ifa->ia_ifa); 3192 if ((ifa->ia6_flags & IN6_IFF_AUTOCONF) == 0 || 3193 (ifap[i]->ifa_debug & IFD_ATTACHED) == 0) { 3194 IFA_UNLOCK(&ifa->ia_ifa); 3195 continue; 3196 } 3197 if ((ndpr = ifa->ia6_ndpr) == NULL) { 3198 /* 3199 * This can happen when we first configure the address 3200 * (i.e. the address exists, but the prefix does not). 3201 * XXX: complicated relationships... 3202 */ 3203 IFA_UNLOCK(&ifa->ia_ifa); 3204 continue; 3205 } 3206 NDPR_ADDREF(ndpr); 3207 IFA_UNLOCK(&ifa->ia_ifa); 3208 3209 NDPR_LOCK(ndpr); 3210 if (find_pfxlist_reachable_router(ndpr)) { 3211 NDPR_UNLOCK(ndpr); 3212 NDPR_REMREF(ndpr); 3213 found = 1; 3214 break; 3215 } 3216 NDPR_UNLOCK(ndpr); 3217 NDPR_REMREF(ndpr); 3218 } 3219 if (found) { 3220 for (i = 0; ifap[i]; i++) { 3221 ifa = ifatoia6(ifap[i]); 3222 IFA_LOCK(&ifa->ia_ifa); 3223 if ((ifa->ia6_flags & IN6_IFF_AUTOCONF) == 0 || 3224 (ifap[i]->ifa_debug & IFD_ATTACHED) == 0) { 3225 IFA_UNLOCK(&ifa->ia_ifa); 3226 continue; 3227 } 3228 if ((ndpr = ifa->ia6_ndpr) == NULL) { 3229 /* XXX: see above. */ 3230 IFA_UNLOCK(&ifa->ia_ifa); 3231 continue; 3232 } 3233 NDPR_ADDREF(ndpr); 3234 IFA_UNLOCK(&ifa->ia_ifa); 3235 NDPR_LOCK(ndpr); 3236 if (find_pfxlist_reachable_router(ndpr)) { 3237 NDPR_UNLOCK(ndpr); 3238 IFA_LOCK(&ifa->ia_ifa); 3239 if (ifa->ia6_flags & IN6_IFF_DETACHED) { 3240 ifa->ia6_flags &= ~IN6_IFF_DETACHED; 3241 ifa->ia6_flags |= IN6_IFF_TENTATIVE; 3242 IFA_UNLOCK(&ifa->ia_ifa); 3243 nd6_dad_start((struct ifaddr *)ifa, 0); 3244 } else { 3245 IFA_UNLOCK(&ifa->ia_ifa); 3246 } 3247 } else { 3248 NDPR_UNLOCK(ndpr); 3249 IFA_LOCK(&ifa->ia_ifa); 3250 ifa->ia6_flags |= IN6_IFF_DETACHED; 3251 IFA_UNLOCK(&ifa->ia_ifa); 3252 } 3253 NDPR_REMREF(ndpr); 3254 } 3255 } else { 3256 for (i = 0; ifap[i]; i++) { 3257 ifa = ifatoia6(ifap[i]); 3258 IFA_LOCK(&ifa->ia_ifa); 3259 if ((ifa->ia6_flags & IN6_IFF_AUTOCONF) == 0) { 3260 IFA_UNLOCK(&ifa->ia_ifa); 3261 continue; 3262 } 3263 if (ifa->ia6_flags & IN6_IFF_DETACHED) { 3264 ifa->ia6_flags &= ~IN6_IFF_DETACHED; 3265 ifa->ia6_flags |= IN6_IFF_TENTATIVE; 3266 IFA_UNLOCK(&ifa->ia_ifa); 3267 /* Do we need a delay in this case? */ 3268 nd6_dad_start((struct ifaddr *)ifa, 0); 3269 } else { 3270 IFA_UNLOCK(&ifa->ia_ifa); 3271 } 3272 } 3273 } 3274 ifnet_free_address_list(ifap); 3275} 3276 3277static struct nd_prefix * 3278nd6_prefix_equal_lookup(struct nd_prefix *pr, boolean_t primary_only) 3279{ 3280 struct nd_prefix *opr; 3281 3282 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 3283 3284 for (opr = nd_prefix.lh_first; opr; opr = opr->ndpr_next) { 3285 if (opr == pr) 3286 continue; 3287 3288 NDPR_LOCK(opr); 3289 if ((opr->ndpr_stateflags & NDPRF_ONLINK) == 0) { 3290 NDPR_UNLOCK(opr); 3291 continue; 3292 } 3293 if (opr->ndpr_plen == pr->ndpr_plen && 3294 in6_are_prefix_equal(&pr->ndpr_prefix.sin6_addr, 3295 &opr->ndpr_prefix.sin6_addr, pr->ndpr_plen) && 3296 (!primary_only || 3297 !(opr->ndpr_stateflags & NDPRF_IFSCOPE))) { 3298 NDPR_ADDREF_LOCKED(opr); 3299 NDPR_UNLOCK(opr); 3300 return (opr); 3301 } 3302 NDPR_UNLOCK(opr); 3303 } 3304 return (NULL); 3305} 3306 3307/* 3308 * Synchronize the interface routes of similar prefixes on different 3309 * interfaces; the one using the default interface would be (re)installed 3310 * as a primary/non-scoped entry, and the rest as scoped entri(es). 3311 */ 3312static void 3313nd6_prefix_sync(struct ifnet *ifp) 3314{ 3315 struct nd_prefix *pr, *opr; 3316 int err = 0; 3317 3318 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 3319 3320 if (!ip6_doscopedroute || ifp == NULL) 3321 return; 3322 3323 for (pr = nd_prefix.lh_first; pr; pr = pr->ndpr_next) { 3324 NDPR_LOCK(pr); 3325 if (!(pr->ndpr_stateflags & NDPRF_ONLINK)) { 3326 NDPR_UNLOCK(pr); 3327 continue; 3328 } 3329 if (pr->ndpr_ifp == ifp && 3330 (pr->ndpr_stateflags & NDPRF_IFSCOPE) && 3331 !IN6_IS_ADDR_LINKLOCAL(&pr->ndpr_prefix.sin6_addr)) { 3332 NDPR_UNLOCK(pr); 3333 break; 3334 } 3335 NDPR_UNLOCK(pr); 3336 } 3337 3338 if (pr == NULL) 3339 return; 3340 3341 /* Remove conflicting entries */ 3342 opr = nd6_prefix_equal_lookup(pr, TRUE); 3343 if (opr != NULL) { 3344 lck_mtx_unlock(nd6_mutex); 3345 err = nd6_prefix_offlink(opr); 3346 lck_mtx_lock(nd6_mutex); 3347 if (err != 0) { 3348 nd6log((LOG_ERR, 3349 "%s: failed to make %s/%d offlink on %s, " 3350 "errno=%d\n", __func__, 3351 ip6_sprintf(&opr->ndpr_prefix.sin6_addr), 3352 opr->ndpr_plen, if_name(opr->ndpr_ifp), err)); 3353 } 3354 } else { 3355 nd6log((LOG_ERR, 3356 "%s: scoped %s/%d on %s has no matching unscoped prefix\n", 3357 __func__, ip6_sprintf(&pr->ndpr_prefix.sin6_addr), 3358 pr->ndpr_plen, if_name(pr->ndpr_ifp))); 3359 } 3360 3361 lck_mtx_unlock(nd6_mutex); 3362 err = nd6_prefix_offlink(pr); 3363 lck_mtx_lock(nd6_mutex); 3364 if (err != 0) { 3365 nd6log((LOG_ERR, 3366 "%s: failed to make %s/%d offlink on %s, errno=%d\n", 3367 __func__, ip6_sprintf(&pr->ndpr_prefix.sin6_addr), 3368 pr->ndpr_plen, if_name(pr->ndpr_ifp), err)); 3369 } 3370 3371 /* Add the entries back */ 3372 if (opr != NULL) { 3373 err = nd6_prefix_onlink_scoped(opr, opr->ndpr_ifp->if_index); 3374 if (err != 0) { 3375 nd6log((LOG_ERR, 3376 "%s: failed to make %s/%d scoped onlink on %s, " 3377 "errno=%d\n", __func__, 3378 ip6_sprintf(&opr->ndpr_prefix.sin6_addr), 3379 opr->ndpr_plen, if_name(opr->ndpr_ifp), err)); 3380 } 3381 } 3382 3383 err = nd6_prefix_onlink_scoped(pr, IFSCOPE_NONE); 3384 if (err != 0) { 3385 nd6log((LOG_ERR, 3386 "%s: failed to make %s/%d onlink on %s, errno=%d\n", 3387 __func__, ip6_sprintf(&pr->ndpr_prefix.sin6_addr), 3388 pr->ndpr_plen, if_name(pr->ndpr_ifp), err)); 3389 } 3390 3391 if (err != 0) { 3392 nd6log((LOG_ERR, 3393 "%s: error promoting %s/%d to %s from %s\n", 3394 __func__, ip6_sprintf(&pr->ndpr_prefix.sin6_addr), 3395 pr->ndpr_plen, if_name(pr->ndpr_ifp), 3396 (opr != NULL) ? if_name(opr->ndpr_ifp) : "NONE")); 3397 } else { 3398 nd6log2((LOG_INFO, 3399 "%s: %s/%d promoted, previously on %s\n", 3400 if_name(pr->ndpr_ifp), 3401 ip6_sprintf(&pr->ndpr_prefix.sin6_addr), pr->ndpr_plen, 3402 (opr != NULL) ? if_name(opr->ndpr_ifp) : "NONE")); 3403 } 3404 3405 if (opr != NULL) 3406 NDPR_REMREF(opr); 3407} 3408 3409static int 3410nd6_prefix_onlink_common(struct nd_prefix *pr, boolean_t force_scoped, 3411 unsigned int ifscope) 3412{ 3413 struct ifaddr *ifa; 3414 struct ifnet *ifp = pr->ndpr_ifp; 3415 struct sockaddr_in6 mask6, prefix; 3416 struct nd_prefix *opr; 3417 u_int32_t rtflags; 3418 int error = 0, prproxy = 0; 3419 struct rtentry *rt = NULL; 3420 3421 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 3422 3423 /* sanity check */ 3424 NDPR_LOCK(pr); 3425 if ((pr->ndpr_stateflags & NDPRF_ONLINK) != 0) { 3426 nd6log((LOG_ERR, 3427 "%s: %s/%d on %s scoped=%d is already on-link\n", 3428 __func__, ip6_sprintf(&pr->ndpr_prefix.sin6_addr), 3429 pr->ndpr_plen, if_name(pr->ndpr_ifp), 3430 (pr->ndpr_stateflags & NDPRF_IFSCOPE) ? 1 : 0); 3431 NDPR_UNLOCK(pr); 3432 return (EEXIST)); 3433 } 3434 NDPR_UNLOCK(pr); 3435 3436 /* 3437 * Add the interface route associated with the prefix. Before 3438 * installing the route, check if there's the same prefix on another 3439 * interface, and the prefix has already installed the interface route. 3440 */ 3441 opr = nd6_prefix_equal_lookup(pr, FALSE); 3442 if (opr != NULL) 3443 NDPR_REMREF(opr); 3444 3445 if (!ip6_doscopedroute) { 3446 /* if an interface route already exists, just return */ 3447 if (opr != NULL) 3448 return (0); 3449 ifscope = IFSCOPE_NONE; 3450 } else if (!force_scoped) { 3451 /* 3452 * If a primary/non-scoped interface route already exists, 3453 * install the new one as a scoped entry. If the existing 3454 * interface route is scoped, install new as non-scoped. 3455 */ 3456 ifscope = (opr != NULL) ? ifp->if_index : IFSCOPE_NONE; 3457 opr = nd6_prefix_equal_lookup(pr, TRUE); 3458 if (opr != NULL) 3459 NDPR_REMREF(opr); 3460 else if (ifscope != IFSCOPE_NONE) 3461 ifscope = IFSCOPE_NONE; 3462 } 3463 3464 /* 3465 * We prefer link-local addresses as the associated interface address. 3466 */ 3467 /* search for a link-local addr */ 3468 ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 3469 IN6_IFF_NOTREADY | IN6_IFF_ANYCAST); 3470 if (ifa == NULL) { 3471 struct in6_ifaddr *ia6; 3472 ifnet_lock_shared(ifp); 3473 IFP_TO_IA6(ifp, ia6); 3474 ifnet_lock_done(ifp); 3475 if (ia6 != NULL) 3476 ifa = &ia6->ia_ifa; 3477 /* should we care about ia6_flags? */ 3478 } 3479 NDPR_LOCK(pr); 3480 if (ifa == NULL) { 3481 /* 3482 * This can still happen, when, for example, we receive an RA 3483 * containing a prefix with the L bit set and the A bit clear, 3484 * after removing all IPv6 addresses on the receiving 3485 * interface. This should, of course, be rare though. 3486 */ 3487 nd6log((LOG_NOTICE, 3488 "nd6_prefix_onlink: failed to find any ifaddr" 3489 " to add route for a prefix(%s/%d) on %s\n", 3490 ip6_sprintf(&pr->ndpr_prefix.sin6_addr), 3491 pr->ndpr_plen, if_name(ifp))); 3492 NDPR_UNLOCK(pr); 3493 return (0); 3494 } 3495 3496 /* 3497 * in6_ifinit() sets nd6_rtrequest to ifa_rtrequest for all ifaddrs. 3498 * ifa->ifa_rtrequest = nd6_rtrequest; 3499 */ 3500 bzero(&mask6, sizeof (mask6)); 3501 mask6.sin6_len = sizeof (mask6); 3502 mask6.sin6_addr = pr->ndpr_mask; 3503 prefix = pr->ndpr_prefix; 3504 if ((rt = pr->ndpr_rt) != NULL) 3505 pr->ndpr_rt = NULL; 3506 NDPR_ADDREF_LOCKED(pr); /* keep reference for this routine */ 3507 NDPR_UNLOCK(pr); 3508 3509 IFA_LOCK_SPIN(ifa); 3510 rtflags = ifa->ifa_flags | RTF_CLONING | RTF_UP; 3511 IFA_UNLOCK(ifa); 3512 if (nd6_need_cache(ifp)) { 3513 /* explicitly set in case ifa_flags does not set the flag. */ 3514 rtflags |= RTF_CLONING; 3515 } else { 3516 /* 3517 * explicitly clear the cloning bit in case ifa_flags sets it. 3518 */ 3519 rtflags &= ~RTF_CLONING; 3520 } 3521 3522 lck_mtx_unlock(nd6_mutex); 3523 3524 if (rt != NULL) { 3525 rtfree(rt); 3526 rt = NULL; 3527 } 3528 3529 error = rtrequest_scoped(RTM_ADD, (struct sockaddr *)&prefix, 3530 ifa->ifa_addr, (struct sockaddr *)&mask6, rtflags, &rt, 3531 ifscope); 3532 3533 /* 3534 * Serialize the setting of NDPRF_PRPROXY. 3535 */ 3536 lck_mtx_lock(&proxy6_lock); 3537 3538 if (rt != NULL) { 3539 RT_LOCK(rt); 3540 nd6_rtmsg(RTM_ADD, rt); 3541 RT_UNLOCK(rt); 3542 NDPR_LOCK(pr); 3543 } else { 3544 NDPR_LOCK(pr); 3545 nd6log((LOG_ERR, "nd6_prefix_onlink: failed to add route for a" 3546 " prefix (%s/%d) on %s, gw=%s, mask=%s, flags=%lx," 3547 " scoped=%d, errno = %d\n", 3548 ip6_sprintf(&pr->ndpr_prefix.sin6_addr), 3549 pr->ndpr_plen, if_name(ifp), 3550 ip6_sprintf(&((struct sockaddr_in6 *) 3551 (void *)ifa->ifa_addr)->sin6_addr), 3552 ip6_sprintf(&mask6.sin6_addr), rtflags, 3553 (ifscope != IFSCOPE_NONE), error)); 3554 } 3555 NDPR_LOCK_ASSERT_HELD(pr); 3556 3557 pr->ndpr_stateflags &= ~(NDPRF_IFSCOPE | NDPRF_PRPROXY); 3558 3559 /* 3560 * TODO: If the prefix route exists, we should really find it and 3561 * refer the prefix to it; otherwise ndpr_rt is NULL. 3562 */ 3563 if (rt != NULL || error == EEXIST) { 3564 struct nd_ifinfo *ndi; 3565 3566 VERIFY(pr->ndpr_prproxy_sols_cnt == 0); 3567 VERIFY(RB_EMPTY(&pr->ndpr_prproxy_sols)); 3568 3569 lck_rw_lock_shared(nd_if_rwlock); 3570 ndi = ND_IFINFO(ifp); 3571 VERIFY(ndi != NULL && ndi->initialized); 3572 lck_mtx_lock(&ndi->lock); 3573 3574 pr->ndpr_rt = rt; /* keep reference from rtrequest */ 3575 pr->ndpr_stateflags |= NDPRF_ONLINK; 3576 if (ifscope != IFSCOPE_NONE) { 3577 pr->ndpr_stateflags |= NDPRF_IFSCOPE; 3578 } else if ((rtflags & RTF_CLONING) && 3579 (ndi->flags & ND6_IFF_PROXY_PREFIXES) && 3580 !IN6_IS_ADDR_LINKLOCAL(&pr->ndpr_prefix.sin6_addr)) { 3581 /* 3582 * At present, in order for the prefix to be eligible 3583 * as a proxying/proxied prefix, we require that the 3584 * prefix route entry be marked as a cloning route with 3585 * RTF_PROXY; i.e. nd6_need_cache() needs to return 3586 * true for the interface type, hence the test for 3587 * RTF_CLONING above. 3588 */ 3589 pr->ndpr_stateflags |= NDPRF_PRPROXY; 3590 } 3591 3592 lck_mtx_unlock(&ndi->lock); 3593 lck_rw_done(nd_if_rwlock); 3594 } 3595 3596 prproxy = (pr->ndpr_stateflags & NDPRF_PRPROXY); 3597 VERIFY(!prproxy || !(pr->ndpr_stateflags & NDPRF_IFSCOPE)); 3598 NDPR_UNLOCK(pr); 3599 3600 IFA_REMREF(ifa); 3601 3602 /* 3603 * If this is an upstream prefix, find the downstream ones (if any) 3604 * and re-configure their prefix routes accordingly. Otherwise, 3605 * this could be potentially be a downstream prefix, and so find the 3606 * upstream prefix, if any. 3607 */ 3608 nd6_prproxy_prelist_update(pr, prproxy ? pr : NULL); 3609 3610 NDPR_REMREF(pr); /* release reference for this routine */ 3611 lck_mtx_unlock(&proxy6_lock); 3612 3613 lck_mtx_lock(nd6_mutex); 3614 3615 return (error); 3616} 3617 3618int 3619nd6_prefix_onlink(struct nd_prefix *pr) 3620{ 3621 return (nd6_prefix_onlink_common(pr, FALSE, IFSCOPE_NONE)); 3622} 3623 3624int 3625nd6_prefix_onlink_scoped(struct nd_prefix *pr, unsigned int ifscope) 3626{ 3627 return (nd6_prefix_onlink_common(pr, TRUE, ifscope)); 3628} 3629 3630int 3631nd6_prefix_offlink(struct nd_prefix *pr) 3632{ 3633 int plen, error = 0, prproxy; 3634 struct ifnet *ifp = pr->ndpr_ifp; 3635 struct nd_prefix *opr; 3636 struct sockaddr_in6 sa6, mask6, prefix; 3637 struct rtentry *rt = NULL, *ndpr_rt = NULL; 3638 unsigned int ifscope; 3639 3640 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED); 3641 3642 /* sanity check */ 3643 NDPR_LOCK(pr); 3644 if ((pr->ndpr_stateflags & NDPRF_ONLINK) == 0) { 3645 nd6log((LOG_ERR, 3646 "nd6_prefix_offlink: %s/%d on %s scoped=%d is already " 3647 "off-link\n", ip6_sprintf(&pr->ndpr_prefix.sin6_addr), 3648 pr->ndpr_plen, if_name(pr->ndpr_ifp), 3649 (pr->ndpr_stateflags & NDPRF_IFSCOPE) ? 1 : 0)); 3650 NDPR_UNLOCK(pr); 3651 return (EEXIST); 3652 } 3653 3654 bzero(&sa6, sizeof (sa6)); 3655 sa6.sin6_family = AF_INET6; 3656 sa6.sin6_len = sizeof (sa6); 3657 bcopy(&pr->ndpr_prefix.sin6_addr, &sa6.sin6_addr, 3658 sizeof (struct in6_addr)); 3659 bzero(&mask6, sizeof (mask6)); 3660 mask6.sin6_family = AF_INET6; 3661 mask6.sin6_len = sizeof (sa6); 3662 bcopy(&pr->ndpr_mask, &mask6.sin6_addr, sizeof (struct in6_addr)); 3663 prefix = pr->ndpr_prefix; 3664 plen = pr->ndpr_plen; 3665 if ((ndpr_rt = pr->ndpr_rt) != NULL) 3666 pr->ndpr_rt = NULL; 3667 NDPR_ADDREF_LOCKED(pr); /* keep reference for this routine */ 3668 NDPR_UNLOCK(pr); 3669 3670 ifscope = (pr->ndpr_stateflags & NDPRF_IFSCOPE) ? 3671 ifp->if_index : IFSCOPE_NONE; 3672 3673 error = rtrequest_scoped(RTM_DELETE, (struct sockaddr *)&sa6, 3674 NULL, (struct sockaddr *)&mask6, 0, &rt, ifscope); 3675 3676 if (rt != NULL) { 3677 /* report the route deletion to the routing socket. */ 3678 RT_LOCK(rt); 3679 nd6_rtmsg(RTM_DELETE, rt); 3680 RT_UNLOCK(rt); 3681 rtfree(rt); 3682 3683 /* 3684 * The following check takes place only when Scoped Routing 3685 * is not enabled. There might be the same prefix on another 3686 * interface, the prefix which could not be on-link just 3687 * because we have the interface route (see comments in 3688 * nd6_prefix_onlink). If there's one, try to make the prefix 3689 * on-link on the interface. 3690 */ 3691 lck_mtx_lock(nd6_mutex); 3692 opr = nd_prefix.lh_first; 3693 while (opr) { 3694 /* does not apply in the Scoped Routing case */ 3695 if (ip6_doscopedroute) 3696 break; 3697 3698 if (opr == pr) { 3699 opr = opr->ndpr_next; 3700 continue; 3701 } 3702 3703 NDPR_LOCK(opr); 3704 if ((opr->ndpr_stateflags & NDPRF_ONLINK) != 0) { 3705 NDPR_UNLOCK(opr); 3706 opr = opr->ndpr_next; 3707 continue; 3708 } 3709 /* 3710 * KAME specific: detached prefixes should not be 3711 * on-link. 3712 */ 3713 if ((opr->ndpr_stateflags & NDPRF_DETACHED) != 0) { 3714 NDPR_UNLOCK(opr); 3715 opr = opr->ndpr_next; 3716 continue; 3717 } 3718 if (opr->ndpr_plen == plen && 3719 in6_are_prefix_equal(&prefix.sin6_addr, 3720 &opr->ndpr_prefix.sin6_addr, plen)) { 3721 int e; 3722 3723 NDPR_UNLOCK(opr); 3724 lck_mtx_unlock(nd6_mutex); 3725 if ((e = nd6_prefix_onlink(opr)) != 0) { 3726 nd6log((LOG_ERR, 3727 "nd6_prefix_offlink: failed to " 3728 "recover a prefix %s/%d from %s " 3729 "to %s (errno = %d)\n", 3730 ip6_sprintf( 3731 &opr->ndpr_prefix.sin6_addr), 3732 opr->ndpr_plen, if_name(ifp), 3733 if_name(opr->ndpr_ifp), e)); 3734 } 3735 lck_mtx_lock(nd6_mutex); 3736 opr = nd_prefix.lh_first; 3737 } else { 3738 NDPR_UNLOCK(opr); 3739 opr = opr->ndpr_next; 3740 } 3741 } 3742 lck_mtx_unlock(nd6_mutex); 3743 } else { 3744 nd6log((LOG_ERR, 3745 "nd6_prefix_offlink: failed to delete route: " 3746 "%s/%d on %s, scoped %d, (errno = %d)\n", 3747 ip6_sprintf(&sa6.sin6_addr), plen, if_name(ifp), 3748 (ifscope != IFSCOPE_NONE), error)); 3749 } 3750 3751 if (ndpr_rt != NULL) 3752 rtfree(ndpr_rt); 3753 3754 lck_mtx_lock(&proxy6_lock); 3755 3756 NDPR_LOCK(pr); 3757 prproxy = (pr->ndpr_stateflags & NDPRF_PRPROXY); 3758 VERIFY(!prproxy || !(pr->ndpr_stateflags & NDPRF_IFSCOPE)); 3759 pr->ndpr_stateflags &= ~(NDPRF_ONLINK | NDPRF_IFSCOPE | NDPRF_PRPROXY); 3760 if (pr->ndpr_prproxy_sols_cnt > 0) { 3761 VERIFY(prproxy); 3762 nd6_prproxy_sols_reap(pr); 3763 VERIFY(pr->ndpr_prproxy_sols_cnt == 0); 3764 VERIFY(RB_EMPTY(&pr->ndpr_prproxy_sols)); 3765 } 3766 NDPR_UNLOCK(pr); 3767 3768 /* 3769 * If this was an upstream prefix, find the downstream ones and do 3770 * some cleanups. If this was a downstream prefix, the prefix route 3771 * has been removed from the routing table above, but there may be 3772 * other tasks to perform. 3773 */ 3774 nd6_prproxy_prelist_update(pr, prproxy ? pr : NULL); 3775 3776 NDPR_REMREF(pr); /* release reference for this routine */ 3777 lck_mtx_unlock(&proxy6_lock); 3778 3779 return (error); 3780} 3781 3782static struct in6_ifaddr * 3783in6_pfx_newpersistaddr(struct nd_prefix *pr, int mcast, int *errorp) 3784{ 3785 struct in6_ifaddr *ia6; 3786 struct ifnet *ifp; 3787 struct nd_ifinfo *ndi; 3788 struct in6_addr mask; 3789 struct in6_aliasreq ifra; 3790 int error, ifaupdate, iidlen, notcga; 3791 3792 VERIFY(pr != NULL); 3793 VERIFY(errorp != NULL); 3794 3795 NDPR_LOCK(pr); 3796 ifp = pr->ndpr_ifp; 3797 ia6 = NULL; 3798 error = 0; 3799 3800 /* 3801 * Prefix Length check: 3802 * If the sum of the prefix length and interface identifier 3803 * length does not equal 128 bits, the Prefix Information 3804 * option MUST be ignored. The length of the interface 3805 * identifier is defined in a separate link-type specific 3806 * document. 3807 */ 3808 iidlen = in6_if2idlen(ifp); 3809 if (iidlen < 0) { 3810 error = EADDRNOTAVAIL; 3811 /* this should not happen, so we always log it. */ 3812 log(LOG_ERR, "%s: IID length undefined (%s)\n", 3813 __func__, if_name(ifp)); 3814 goto unlock1; 3815 } else if (iidlen != 64) { 3816 error = EADDRNOTAVAIL; 3817 /* 3818 * stateless autoconfiguration not yet well-defined for IID 3819 * lengths other than 64 octets. Just give up for now. 3820 */ 3821 nd6log((LOG_INFO, "%s: IID length not 64 octets (%s)\n", 3822 __func__, if_name(ifp))); 3823 goto unlock1; 3824 } 3825 3826 if (iidlen + pr->ndpr_plen != 128) { 3827 error = EADDRNOTAVAIL; 3828 nd6log((LOG_INFO, 3829 "%s: invalid prefix length %d for %s, ignored\n", 3830 __func__, pr->ndpr_plen, if_name(ifp))); 3831 goto unlock1; 3832 } 3833 3834 lck_rw_lock_shared(nd_if_rwlock); 3835 if (ifp->if_index >= nd_ifinfo_indexlim) { 3836 error = EADDRNOTAVAIL; 3837 nd6log((LOG_INFO, 3838 "%s: invalid prefix length %d for %s, ignored\n", 3839 __func__, pr->ndpr_plen, if_name(ifp))); 3840 goto unlock2; 3841 } 3842 3843 bzero(&ifra, sizeof (ifra)); 3844 strncpy(ifra.ifra_name, if_name(ifp), sizeof (ifra.ifra_name)); 3845 ifra.ifra_addr.sin6_family = AF_INET6; 3846 ifra.ifra_addr.sin6_len = sizeof (struct sockaddr_in6); 3847 3848 /* prefix */ 3849 bcopy(&pr->ndpr_prefix.sin6_addr, &ifra.ifra_addr.sin6_addr, 3850 sizeof (ifra.ifra_addr.sin6_addr)); 3851 in6_len2mask(&mask, pr->ndpr_plen); 3852 ifra.ifra_addr.sin6_addr.s6_addr32[0] &= mask.s6_addr32[0]; 3853 ifra.ifra_addr.sin6_addr.s6_addr32[1] &= mask.s6_addr32[1]; 3854 ifra.ifra_addr.sin6_addr.s6_addr32[2] &= mask.s6_addr32[2]; 3855 ifra.ifra_addr.sin6_addr.s6_addr32[3] &= mask.s6_addr32[3]; 3856 3857 ndi = &nd_ifinfo[ifp->if_index]; 3858 VERIFY(ndi->initialized); 3859 lck_mtx_lock(&ndi->lock); 3860 3861 notcga = nd6_send_opstate == ND6_SEND_OPMODE_DISABLED || 3862 (ndi->flags & ND6_IFF_INSECURE) != 0; 3863 3864 lck_mtx_unlock(&ndi->lock); 3865 lck_rw_done(nd_if_rwlock); 3866 NDPR_UNLOCK(pr); 3867 3868 if (notcga) { 3869 ia6 = in6ifa_ifpforlinklocal(ifp, 0); 3870 if (ia6 == NULL) { 3871 error = EADDRNOTAVAIL; 3872 nd6log((LOG_INFO, "%s: no link-local address (%s)\n", 3873 __func__, if_name(ifp))); 3874 goto done; 3875 } 3876 3877 IFA_LOCK(&ia6->ia_ifa); 3878 ifra.ifra_addr.sin6_addr.s6_addr32[0] |= 3879 (ia6->ia_addr.sin6_addr.s6_addr32[0] & ~mask.s6_addr32[0]); 3880 ifra.ifra_addr.sin6_addr.s6_addr32[1] |= 3881 (ia6->ia_addr.sin6_addr.s6_addr32[1] & ~mask.s6_addr32[1]); 3882 ifra.ifra_addr.sin6_addr.s6_addr32[2] |= 3883 (ia6->ia_addr.sin6_addr.s6_addr32[2] & ~mask.s6_addr32[2]); 3884 ifra.ifra_addr.sin6_addr.s6_addr32[3] |= 3885 (ia6->ia_addr.sin6_addr.s6_addr32[3] & ~mask.s6_addr32[3]); 3886 IFA_UNLOCK(&ia6->ia_ifa); 3887 IFA_REMREF(&ia6->ia_ifa); 3888 ia6 = NULL; 3889 } else { 3890 in6_cga_node_lock(); 3891 error = in6_cga_generate(NULL, 0, &ifra.ifra_addr.sin6_addr); 3892 in6_cga_node_unlock(); 3893 if (error == 0) 3894 ifra.ifra_flags |= IN6_IFF_SECURED; 3895 else { 3896 nd6log((LOG_ERR, "%s: no CGA available (%s)\n", 3897 __func__, if_name(ifp))); 3898 goto done; 3899 } 3900 } 3901 3902 VERIFY(ia6 == NULL); 3903 3904 /* new prefix mask. */ 3905 ifra.ifra_prefixmask.sin6_len = sizeof (struct sockaddr_in6); 3906 ifra.ifra_prefixmask.sin6_family = AF_INET6; 3907 bcopy(&mask, &ifra.ifra_prefixmask.sin6_addr, 3908 sizeof (ifra.ifra_prefixmask.sin6_addr)); 3909 3910 /* lifetimes. */ 3911 ifra.ifra_lifetime.ia6t_vltime = pr->ndpr_vltime; 3912 ifra.ifra_lifetime.ia6t_pltime = pr->ndpr_pltime; 3913 3914 /* address flags */ 3915 ifra.ifra_flags |= IN6_IFF_AUTOCONF; /* obey autoconf */ 3916 3917 /* 3918 * Make sure that we do not have this address already. This should 3919 * usually not happen, but we can still see this case, e.g., if we 3920 * have manually configured the exact address to be configured. 3921 */ 3922 if ((ia6 = in6ifa_ifpwithaddr(ifp, &ifra.ifra_addr.sin6_addr)) 3923 != NULL) { 3924 error = EADDRNOTAVAIL; 3925 IFA_REMREF(&ia6->ia_ifa); 3926 ia6 = NULL; 3927 3928 /* this should be rare enough to make an explicit log */ 3929 log(LOG_INFO, "%s: %s is already configured!\n", 3930 __func__, ip6_sprintf(&ifra.ifra_addr.sin6_addr)); 3931 goto done; 3932 } 3933 3934 /* 3935 * Allocate ifaddr structure, link into chain, etc. 3936 * If we are going to create a new address upon receiving a multicasted 3937 * RA, we need to impose a random delay before starting DAD. 3938 * [RFC 4862, Section 5.4.2] 3939 */ 3940 ifaupdate = IN6_IFAUPDATE_NOWAIT; 3941 if (mcast) 3942 ifaupdate |= IN6_IFAUPDATE_DADDELAY; 3943 error = in6_update_ifa(ifp, &ifra, ifaupdate, &ia6); 3944 if (error != 0) { 3945 nd6log((LOG_ERR, 3946 "%s: failed to make ifaddr %s on %s (errno=%d)\n", 3947 __func__, ip6_sprintf(&ifra.ifra_addr.sin6_addr), 3948 if_name(ifp), error)); 3949 error = EADDRNOTAVAIL; 3950 goto done; 3951 } 3952 3953 VERIFY(ia6 != NULL); 3954 in6_post_msg(ifp, KEV_INET6_NEW_RTADV_ADDR, ia6); 3955 goto done; 3956 3957unlock2: 3958 lck_rw_done(nd_if_rwlock); 3959 3960unlock1: 3961 NDPR_UNLOCK(pr); 3962 3963done: 3964 *errorp = error; 3965 return (ia6); 3966} 3967 3968#define IA6_NONCONST(i) ((struct in6_ifaddr *)(uintptr_t)(i)) 3969 3970int 3971in6_tmpifadd(const struct in6_ifaddr *ia0, int forcegen) 3972{ 3973 struct ifnet *ifp = ia0->ia_ifa.ifa_ifp; 3974 struct in6_ifaddr *ia, *newia; 3975 struct in6_aliasreq ifra; 3976 int i, error, ifaupdate; 3977 int trylimit = 3; /* XXX: adhoc value */ 3978 u_int32_t randid[2]; 3979 time_t vltime0, pltime0; 3980 uint64_t timenow = net_uptime(); 3981 struct in6_addr addr; 3982 struct nd_prefix *ndpr; 3983 3984 bzero(&ifra, sizeof (ifra)); 3985 strncpy(ifra.ifra_name, if_name(ifp), sizeof (ifra.ifra_name)); 3986 IFA_LOCK(&IA6_NONCONST(ia0)->ia_ifa); 3987 ifra.ifra_addr = ia0->ia_addr; 3988 /* copy prefix mask */ 3989 ifra.ifra_prefixmask = ia0->ia_prefixmask; 3990 /* clear the old IFID */ 3991 for (i = 0; i < 4; i++) { 3992 ifra.ifra_addr.sin6_addr.s6_addr32[i] 3993 &= ifra.ifra_prefixmask.sin6_addr.s6_addr32[i]; 3994 } 3995 addr = ia0->ia_addr.sin6_addr; 3996 IFA_UNLOCK(&IA6_NONCONST(ia0)->ia_ifa); 3997 3998again: 3999 in6_iid_mktmp(ifp, (u_int8_t *)randid, 4000 (const u_int8_t *)&addr.s6_addr[8], forcegen); 4001 4002 ifra.ifra_addr.sin6_addr.s6_addr32[2] |= 4003 (randid[0] & ~(ifra.ifra_prefixmask.sin6_addr.s6_addr32[2])); 4004 ifra.ifra_addr.sin6_addr.s6_addr32[3] |= 4005 (randid[1] & ~(ifra.ifra_prefixmask.sin6_addr.s6_addr32[3])); 4006 4007 /* 4008 * in6_iid_mktmp() quite likely provided a unique interface ID. 4009 * However, we may still have a chance to see collision, because 4010 * there may be a time lag between generation of the ID and generation 4011 * of the address. So, we'll do one more sanity check. 4012 */ 4013 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra.ifra_addr.sin6_addr)) != NULL) { 4014 IFA_REMREF(&ia->ia_ifa); 4015 if (trylimit-- == 0) { 4016 nd6log((LOG_NOTICE, "in6_tmpifadd: failed to find " 4017 "a unique random IFID\n")); 4018 return (EEXIST); 4019 } 4020 forcegen = 1; 4021 goto again; 4022 } 4023 4024 /* 4025 * The Valid Lifetime is the lower of the Valid Lifetime of the 4026 * public address or TEMP_VALID_LIFETIME. 4027 * The Preferred Lifetime is the lower of the Preferred Lifetime 4028 * of the public address or TEMP_PREFERRED_LIFETIME - 4029 * DESYNC_FACTOR. 4030 */ 4031 IFA_LOCK(&IA6_NONCONST(ia0)->ia_ifa); 4032 if (ia0->ia6_lifetime.ia6ti_vltime != ND6_INFINITE_LIFETIME) { 4033 vltime0 = IFA6_IS_INVALID(ia0, timenow) ? 0 : 4034 (ia0->ia6_lifetime.ia6ti_vltime - 4035 (timenow - ia0->ia6_updatetime)); 4036 if (vltime0 > ip6_temp_valid_lifetime) 4037 vltime0 = ip6_temp_valid_lifetime; 4038 } else { 4039 vltime0 = ip6_temp_valid_lifetime; 4040 } 4041 if (ia0->ia6_lifetime.ia6ti_pltime != ND6_INFINITE_LIFETIME) { 4042 pltime0 = IFA6_IS_DEPRECATED(ia0, timenow) ? 0 : 4043 (ia0->ia6_lifetime.ia6ti_pltime - 4044 (timenow - ia0->ia6_updatetime)); 4045 if (pltime0 > ip6_temp_preferred_lifetime - ip6_desync_factor) 4046 pltime0 = ip6_temp_preferred_lifetime - 4047 ip6_desync_factor; 4048 } else { 4049 pltime0 = ip6_temp_preferred_lifetime - ip6_desync_factor; 4050 } 4051 ifra.ifra_lifetime.ia6t_vltime = vltime0; 4052 ifra.ifra_lifetime.ia6t_pltime = pltime0; 4053 IFA_UNLOCK(&IA6_NONCONST(ia0)->ia_ifa); 4054 /* 4055 * A temporary address is created only if this calculated Preferred 4056 * Lifetime is greater than REGEN_ADVANCE time units. 4057 */ 4058 if (ifra.ifra_lifetime.ia6t_pltime <= ip6_temp_regen_advance) 4059 return (0); 4060 4061 /* XXX: scope zone ID? */ 4062 4063 ifra.ifra_flags |= (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY); 4064 4065 /* allocate ifaddr structure, link into chain, etc. */ 4066 ifaupdate = IN6_IFAUPDATE_NOWAIT | IN6_IFAUPDATE_DADDELAY; 4067 error = in6_update_ifa(ifp, &ifra, ifaupdate, &newia); 4068 if (error != 0) { 4069 nd6log((LOG_ERR, "in6_tmpifadd: failed to add address.\n")); 4070 return (error); 4071 } 4072 VERIFY(newia != NULL); 4073 4074 IFA_LOCK(&IA6_NONCONST(ia0)->ia_ifa); 4075 ndpr = ia0->ia6_ndpr; 4076 if (ndpr == NULL) { 4077 /* 4078 * We lost the race with another thread that has purged 4079 * ia0 address; in this case, purge the tmp addr as well. 4080 */ 4081 nd6log((LOG_ERR, "in6_tmpifadd: no public address\n")); 4082 VERIFY(!(ia0->ia6_flags & IN6_IFF_AUTOCONF)); 4083 IFA_UNLOCK(&IA6_NONCONST(ia0)->ia_ifa); 4084 in6_purgeaddr(&newia->ia_ifa); 4085 IFA_REMREF(&newia->ia_ifa); 4086 return (EADDRNOTAVAIL); 4087 } 4088 NDPR_ADDREF(ndpr); /* for us */ 4089 IFA_UNLOCK(&IA6_NONCONST(ia0)->ia_ifa); 4090 IFA_LOCK(&newia->ia_ifa); 4091 if (newia->ia6_ndpr != NULL) { 4092 NDPR_LOCK(newia->ia6_ndpr); 4093 VERIFY(newia->ia6_ndpr->ndpr_addrcnt != 0); 4094 newia->ia6_ndpr->ndpr_addrcnt--; 4095 NDPR_UNLOCK(newia->ia6_ndpr); 4096 NDPR_REMREF(newia->ia6_ndpr); /* release addr reference */ 4097 } 4098 newia->ia6_ndpr = ndpr; 4099 NDPR_LOCK(newia->ia6_ndpr); 4100 newia->ia6_ndpr->ndpr_addrcnt++; 4101 VERIFY(newia->ia6_ndpr->ndpr_addrcnt != 0); 4102 NDPR_ADDREF_LOCKED(newia->ia6_ndpr); /* for addr reference */ 4103 NDPR_UNLOCK(newia->ia6_ndpr); 4104 IFA_UNLOCK(&newia->ia_ifa); 4105 /* 4106 * A newly added address might affect the status of other addresses. 4107 * XXX: when the temporary address is generated with a new public 4108 * address, the onlink check is redundant. However, it would be safe 4109 * to do the check explicitly everywhere a new address is generated, 4110 * and, in fact, we surely need the check when we create a new 4111 * temporary address due to deprecation of an old temporary address. 4112 */ 4113 lck_mtx_lock(nd6_mutex); 4114 pfxlist_onlink_check(); 4115 lck_mtx_unlock(nd6_mutex); 4116 IFA_REMREF(&newia->ia_ifa); 4117 4118 /* remove our reference */ 4119 NDPR_REMREF(ndpr); 4120 4121 return (0); 4122} 4123#undef IA6_NONCONST 4124 4125int 4126in6_init_prefix_ltimes(struct nd_prefix *ndpr) 4127{ 4128 struct timeval caltime; 4129 u_int64_t timenow = net_uptime(); 4130 4131 NDPR_LOCK_ASSERT_HELD(ndpr); 4132 4133 getmicrotime(&caltime); 4134 ndpr->ndpr_base_calendartime = caltime.tv_sec; 4135 ndpr->ndpr_base_uptime = timenow; 4136 4137 /* check if preferred lifetime > valid lifetime. RFC 4862 5.5.3 (c) */ 4138 if (ndpr->ndpr_pltime > ndpr->ndpr_vltime) { 4139 nd6log((LOG_INFO, "in6_init_prefix_ltimes: preferred lifetime" 4140 "(%d) is greater than valid lifetime(%d)\n", 4141 (u_int)ndpr->ndpr_pltime, (u_int)ndpr->ndpr_vltime)); 4142 return (EINVAL); 4143 } 4144 if (ndpr->ndpr_pltime == ND6_INFINITE_LIFETIME) 4145 ndpr->ndpr_preferred = 0; 4146 else 4147 ndpr->ndpr_preferred = timenow + ndpr->ndpr_pltime; 4148 if (ndpr->ndpr_vltime == ND6_INFINITE_LIFETIME) 4149 ndpr->ndpr_expire = 0; 4150 else 4151 ndpr->ndpr_expire = timenow + ndpr->ndpr_vltime; 4152 4153 return (0); 4154} 4155 4156static void 4157in6_init_address_ltimes(struct nd_prefix *new, struct in6_addrlifetime *lt6) 4158{ 4159#pragma unused(new) 4160 uint64_t timenow = net_uptime(); 4161 4162 /* Valid lifetime must not be updated unless explicitly specified. */ 4163 /* init ia6t_expire */ 4164 if (lt6->ia6t_vltime == ND6_INFINITE_LIFETIME) { 4165 lt6->ia6t_expire = 0; 4166 } else { 4167 lt6->ia6t_expire = timenow; 4168 lt6->ia6t_expire += lt6->ia6t_vltime; 4169 } 4170 4171 /* init ia6t_preferred */ 4172 if (lt6->ia6t_pltime == ND6_INFINITE_LIFETIME) { 4173 lt6->ia6t_preferred = 0; 4174 } else { 4175 lt6->ia6t_preferred = timenow; 4176 lt6->ia6t_preferred += lt6->ia6t_pltime; 4177 } 4178} 4179 4180/* 4181 * Delete all the routing table entries that use the specified gateway. 4182 * XXX: this function causes search through all entries of routing table, so 4183 * it shouldn't be called when acting as a router. 4184 */ 4185void 4186rt6_flush( 4187 struct in6_addr *gateway, 4188 struct ifnet *ifp) 4189{ 4190 struct radix_node_head *rnh = rt_tables[AF_INET6]; 4191 4192 /* We'll care only link-local addresses */ 4193 if (!IN6_IS_ADDR_LINKLOCAL(gateway)) { 4194 return; 4195 } 4196 lck_mtx_lock(rnh_lock); 4197 /* XXX: hack for KAME's link-local address kludge */ 4198 gateway->s6_addr16[1] = htons(ifp->if_index); 4199 4200 rnh->rnh_walktree(rnh, rt6_deleteroute, (void *)gateway); 4201 lck_mtx_unlock(rnh_lock); 4202} 4203 4204static int 4205rt6_deleteroute( 4206 struct radix_node *rn, 4207 void *arg) 4208{ 4209 struct rtentry *rt = (struct rtentry *)rn; 4210 struct in6_addr *gate = (struct in6_addr *)arg; 4211 4212 lck_mtx_assert(rnh_lock, LCK_MTX_ASSERT_OWNED); 4213 4214 RT_LOCK(rt); 4215 if (rt->rt_gateway == NULL || rt->rt_gateway->sa_family != AF_INET6) { 4216 RT_UNLOCK(rt); 4217 return (0); 4218 } 4219 4220 if (!IN6_ARE_ADDR_EQUAL(gate, &SIN6(rt->rt_gateway)->sin6_addr)) { 4221 RT_UNLOCK(rt); 4222 return (0); 4223 } 4224 /* 4225 * Do not delete a static route. 4226 * XXX: this seems to be a bit ad-hoc. Should we consider the 4227 * 'cloned' bit instead? 4228 */ 4229 if ((rt->rt_flags & RTF_STATIC) != 0) { 4230 RT_UNLOCK(rt); 4231 return (0); 4232 } 4233 /* 4234 * We delete only host route. This means, in particular, we don't 4235 * delete default route. 4236 */ 4237 if ((rt->rt_flags & RTF_HOST) == 0) { 4238 RT_UNLOCK(rt); 4239 return (0); 4240 } 4241 4242 /* 4243 * Safe to drop rt_lock and use rt_key, rt_gateway, since holding 4244 * rnh_lock here prevents another thread from calling rt_setgate() 4245 * on this route. 4246 */ 4247 RT_UNLOCK(rt); 4248 return (rtrequest_locked(RTM_DELETE, rt_key(rt), rt->rt_gateway, 4249 rt_mask(rt), rt->rt_flags, 0)); 4250} 4251 4252int 4253nd6_setdefaultiface( 4254 int ifindex) 4255{ 4256 int error = 0; 4257 ifnet_t def_ifp = NULL; 4258 4259 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED); 4260 4261 ifnet_head_lock_shared(); 4262 if (ifindex < 0 || if_index < ifindex) { 4263 ifnet_head_done(); 4264 return (EINVAL); 4265 } 4266 def_ifp = ifindex2ifnet[ifindex]; 4267 ifnet_head_done(); 4268 4269 lck_mtx_lock(nd6_mutex); 4270 if (nd6_defifindex != ifindex) { 4271 struct ifnet *odef_ifp = nd6_defifp; 4272 4273 nd6_defifindex = ifindex; 4274 if (nd6_defifindex > 0) 4275 nd6_defifp = def_ifp; 4276 else 4277 nd6_defifp = NULL; 4278 4279 if (nd6_defifp != NULL) 4280 nd6log((LOG_INFO, "%s: is now the default " 4281 "interface (was %s)\n", if_name(nd6_defifp), 4282 odef_ifp != NULL ? if_name(odef_ifp) : "NONE")); 4283 else 4284 nd6log((LOG_INFO, "No default interface set\n")); 4285 4286 /* 4287 * If the Default Router List is empty, install a route 4288 * to the specified interface as default or remove the default 4289 * route when the default interface becomes canceled. 4290 * The check for the queue is actually redundant, but 4291 * we do this here to avoid re-install the default route 4292 * if the list is NOT empty. 4293 */ 4294 if (ip6_doscopedroute || TAILQ_FIRST(&nd_defrouter) == NULL) { 4295 defrtrlist_sync(nd6_defifp); 4296 nd6_prefix_sync(nd6_defifp); 4297 } 4298 4299 /* 4300 * Our current implementation assumes one-to-one maping between 4301 * interfaces and links, so it would be natural to use the 4302 * default interface as the default link. 4303 */ 4304 scope6_setdefault(nd6_defifp); 4305 } 4306 lck_mtx_unlock(nd6_mutex); 4307 4308 return (error); 4309} 4310