1/* 2 * Copyright (c) 2000-2014 Apple Inc. All rights reserved. 3 * 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. The rights granted to you under the License 10 * may not be used to create, or enable the creation or redistribution of, 11 * unlawful or unlicensed copies of an Apple operating system, or to 12 * circumvent, violate, or enable the circumvention or violation of, any 13 * terms of an Apple operating system software license agreement. 14 * 15 * Please obtain a copy of the License at 16 * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 * 18 * The Original Code and all software distributed under the License are 19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 * Please see the License for the specific language governing rights and 24 * limitations under the License. 25 * 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 */ 28 29/* 30 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 31 * All rights reserved. 32 * 33 * Redistribution and use in source and binary forms, with or without 34 * modification, are permitted provided that the following conditions 35 * are met: 36 * 1. Redistributions of source code must retain the above copyright 37 * notice, this list of conditions and the following disclaimer. 38 * 2. Redistributions in binary form must reproduce the above copyright 39 * notice, this list of conditions and the following disclaimer in the 40 * documentation and/or other materials provided with the distribution. 41 * 3. Neither the name of the project nor the names of its contributors 42 * may be used to endorse or promote products derived from this software 43 * without specific prior written permission. 44 * 45 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 46 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 47 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 48 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 49 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 50 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 51 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 52 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 53 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 54 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 55 * SUCH DAMAGE. 56 */ 57 58/* 59 * Copyright (c) 1982, 1986, 1991, 1993 60 * The Regents of the University of California. All rights reserved. 61 * 62 * Redistribution and use in source and binary forms, with or without 63 * modification, are permitted provided that the following conditions 64 * are met: 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 2. Redistributions in binary form must reproduce the above copyright 68 * notice, this list of conditions and the following disclaimer in the 69 * documentation and/or other materials provided with the distribution. 70 * 3. All advertising materials mentioning features or use of this software 71 * must display the following acknowledgement: 72 * This product includes software developed by the University of 73 * California, Berkeley and its contributors. 74 * 4. Neither the name of the University nor the names of its contributors 75 * may be used to endorse or promote products derived from this software 76 * without specific prior written permission. 77 * 78 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 79 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 80 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 81 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 82 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 83 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 84 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 85 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 86 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 87 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 88 * SUCH DAMAGE. 89 * 90 * @(#)in_pcb.c 8.2 (Berkeley) 1/4/94 91 */ 92 93 94#include <sys/param.h> 95#include <sys/systm.h> 96#include <sys/malloc.h> 97#include <sys/mbuf.h> 98#include <sys/protosw.h> 99#include <sys/socket.h> 100#include <sys/socketvar.h> 101#include <sys/errno.h> 102#include <sys/time.h> 103#include <sys/proc.h> 104#include <sys/sysctl.h> 105#include <sys/kauth.h> 106#include <sys/priv.h> 107#include <kern/locks.h> 108 109#include <net/if.h> 110#include <net/if_types.h> 111#include <net/route.h> 112 113#include <netinet/in.h> 114#include <netinet/in_var.h> 115#include <netinet/in_systm.h> 116#include <netinet/ip.h> 117#include <netinet/in_pcb.h> 118#include <netinet6/in6_var.h> 119#include <netinet/ip6.h> 120#include <netinet6/in6_pcb.h> 121#include <netinet6/ip6_var.h> 122#include <netinet6/scope6_var.h> 123#include <netinet6/nd6.h> 124 125#include <net/net_osdep.h> 126 127#include "loop.h" 128 129SYSCTL_DECL(_net_inet6_ip6); 130 131static int ip6_select_srcif_debug = 0; 132SYSCTL_INT(_net_inet6_ip6, OID_AUTO, select_srcif_debug, 133 CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_select_srcif_debug, 0, 134 "log source interface selection debug info"); 135 136#define ADDR_LABEL_NOTAPP (-1) 137struct in6_addrpolicy defaultaddrpolicy; 138 139int ip6_prefer_tempaddr = 1; 140#ifdef ENABLE_ADDRSEL 141extern lck_mtx_t *addrsel_mutex; 142#define ADDRSEL_LOCK() lck_mtx_lock(addrsel_mutex) 143#define ADDRSEL_UNLOCK() lck_mtx_unlock(addrsel_mutex) 144#else 145#define ADDRSEL_LOCK() 146#define ADDRSEL_UNLOCK() 147#endif 148 149static int selectroute(struct sockaddr_in6 *, struct sockaddr_in6 *, 150 struct ip6_pktopts *, struct ip6_moptions *, struct in6_ifaddr **, 151 struct route_in6 *, struct ifnet **, struct rtentry **, int, int, 152 struct ip6_out_args *ip6oa); 153static int in6_selectif(struct sockaddr_in6 *, struct ip6_pktopts *, 154 struct ip6_moptions *, struct route_in6 *ro, 155 struct ip6_out_args *, struct ifnet **); 156static void init_policy_queue(void); 157static int add_addrsel_policyent(const struct in6_addrpolicy *); 158#ifdef ENABLE_ADDRSEL 159static int delete_addrsel_policyent(const struct in6_addrpolicy *); 160#endif 161static int walk_addrsel_policy(int (*)(const struct in6_addrpolicy *, void *), 162 void *); 163static int dump_addrsel_policyent(const struct in6_addrpolicy *, void *); 164static struct in6_addrpolicy *match_addrsel_policy(struct sockaddr_in6 *); 165void addrsel_policy_init(void); 166 167/* 168 * Return an IPv6 address, which is the most appropriate for a given 169 * destination and user specified options. 170 * If necessary, this function lookups the routing table and returns 171 * an entry to the caller for later use. 172 */ 173#define REPLACE(r) do {\ 174 if ((r) < sizeof (ip6stat.ip6s_sources_rule) / \ 175 sizeof (ip6stat.ip6s_sources_rule[0])) /* check for safety */ \ 176 ip6stat.ip6s_sources_rule[(r)]++; \ 177 goto replace; \ 178} while (0) 179#define NEXTSRC(r) do {\ 180 if ((r) < sizeof (ip6stat.ip6s_sources_rule) / \ 181 sizeof (ip6stat.ip6s_sources_rule[0])) /* check for safety */ \ 182 ip6stat.ip6s_sources_rule[(r)]++; \ 183 goto next; /* XXX: we can't use 'continue' here */ \ 184} while (0) 185#define BREAK(r) do { \ 186 if ((r) < sizeof (ip6stat.ip6s_sources_rule) / \ 187 sizeof (ip6stat.ip6s_sources_rule[0])) /* check for safety */ \ 188 ip6stat.ip6s_sources_rule[(r)]++; \ 189 goto out; /* XXX: we can't use 'break' here */ \ 190} while (0) 191 192/* 193 * Regardless of error, it will return an ifp with a reference held if the 194 * caller provides a non-NULL ifpp. The caller is responsible for checking 195 * if the returned ifp is valid and release its reference at all times. 196 */ 197struct in6_addr * 198in6_selectsrc(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts, 199 struct inpcb *inp, struct route_in6 *ro, 200 struct ifnet **ifpp, struct in6_addr *src_storage, unsigned int ifscope, 201 int *errorp) 202{ 203 struct in6_addr dst; 204 struct ifnet *ifp = NULL; 205 struct in6_ifaddr *ia = NULL, *ia_best = NULL; 206 struct in6_pktinfo *pi = NULL; 207 int dst_scope = -1, best_scope = -1, best_matchlen = -1; 208 struct in6_addrpolicy *dst_policy = NULL, *best_policy = NULL; 209 u_int32_t odstzone; 210 int prefer_tempaddr; 211 struct ip6_moptions *mopts; 212 struct ip6_out_args ip6oa = { ifscope, { 0 }, IP6OAF_SELECT_SRCIF, 0 }; 213 boolean_t islocal = FALSE; 214 uint64_t secs = net_uptime(); 215 216 dst = dstsock->sin6_addr; /* make a copy for local operation */ 217 *errorp = 0; 218 if (ifpp != NULL) 219 *ifpp = NULL; 220 221 if (inp != NULL) { 222 mopts = inp->in6p_moptions; 223 if (INP_NO_CELLULAR(inp)) 224 ip6oa.ip6oa_flags |= IP6OAF_NO_CELLULAR; 225 if (INP_NO_EXPENSIVE(inp)) 226 ip6oa.ip6oa_flags |= IP6OAF_NO_EXPENSIVE; 227 if (INP_AWDL_UNRESTRICTED(inp)) 228 ip6oa.ip6oa_flags |= IP6OAF_AWDL_UNRESTRICTED; 229 230 } else { 231 mopts = NULL; 232 } 233 234 if (ip6oa.ip6oa_boundif != IFSCOPE_NONE) 235 ip6oa.ip6oa_flags |= IP6OAF_BOUND_IF; 236 237 /* 238 * If the source address is explicitly specified by the caller, 239 * check if the requested source address is indeed a unicast address 240 * assigned to the node, and can be used as the packet's source 241 * address. If everything is okay, use the address as source. 242 */ 243 if (opts && (pi = opts->ip6po_pktinfo) && 244 !IN6_IS_ADDR_UNSPECIFIED(&pi->ipi6_addr)) { 245 struct sockaddr_in6 srcsock; 246 struct in6_ifaddr *ia6; 247 248 /* get the outgoing interface */ 249 if ((*errorp = in6_selectif(dstsock, opts, mopts, ro, &ip6oa, 250 &ifp)) != 0) { 251 src_storage = NULL; 252 goto done; 253 } 254 255 /* 256 * determine the appropriate zone id of the source based on 257 * the zone of the destination and the outgoing interface. 258 * If the specified address is ambiguous wrt the scope zone, 259 * the interface must be specified; otherwise, ifa_ifwithaddr() 260 * will fail matching the address. 261 */ 262 bzero(&srcsock, sizeof (srcsock)); 263 srcsock.sin6_family = AF_INET6; 264 srcsock.sin6_len = sizeof (srcsock); 265 srcsock.sin6_addr = pi->ipi6_addr; 266 if (ifp != NULL) { 267 *errorp = in6_setscope(&srcsock.sin6_addr, ifp, NULL); 268 if (*errorp != 0) { 269 src_storage = NULL; 270 goto done; 271 } 272 } 273 ia6 = (struct in6_ifaddr *)ifa_ifwithaddr((struct sockaddr *) 274 (&srcsock)); 275 if (ia6 == NULL) { 276 *errorp = EADDRNOTAVAIL; 277 src_storage = NULL; 278 goto done; 279 } 280 IFA_LOCK_SPIN(&ia6->ia_ifa); 281 if ((ia6->ia6_flags & (IN6_IFF_ANYCAST | IN6_IFF_NOTREADY)) || 282 (inp && inp_restricted_send(inp, ia6->ia_ifa.ifa_ifp))) { 283 IFA_UNLOCK(&ia6->ia_ifa); 284 IFA_REMREF(&ia6->ia_ifa); 285 *errorp = EHOSTUNREACH; 286 src_storage = NULL; 287 goto done; 288 } 289 290 *src_storage = satosin6(&ia6->ia_addr)->sin6_addr; 291 IFA_UNLOCK(&ia6->ia_ifa); 292 IFA_REMREF(&ia6->ia_ifa); 293 goto done; 294 } 295 296 /* 297 * Otherwise, if the socket has already bound the source, just use it. 298 */ 299 if (inp != NULL && !IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { 300 src_storage = &inp->in6p_laddr; 301 goto done; 302 } 303 304 /* 305 * If the address is not specified, choose the best one based on 306 * the outgoing interface and the destination address. 307 */ 308 309 /* get the outgoing interface */ 310 if ((*errorp = in6_selectif(dstsock, opts, mopts, ro, &ip6oa, 311 &ifp)) != 0) { 312 src_storage = NULL; 313 goto done; 314 } 315 316 *errorp = in6_setscope(&dst, ifp, &odstzone); 317 if (*errorp != 0) { 318 src_storage = NULL; 319 goto done; 320 } 321 lck_rw_lock_shared(&in6_ifaddr_rwlock); 322 323 for (ia = in6_ifaddrs; ia; ia = ia->ia_next) { 324 int new_scope = -1, new_matchlen = -1; 325 struct in6_addrpolicy *new_policy = NULL; 326 u_int32_t srczone, osrczone, dstzone; 327 struct in6_addr src; 328 struct ifnet *ifp1 = ia->ia_ifp; 329 330 IFA_LOCK(&ia->ia_ifa); 331 /* 332 * We'll never take an address that breaks the scope zone 333 * of the destination. We also skip an address if its zone 334 * does not contain the outgoing interface. 335 * XXX: we should probably use sin6_scope_id here. 336 */ 337 if (in6_setscope(&dst, ifp1, &dstzone) || 338 odstzone != dstzone) 339 goto next; 340 341 src = ia->ia_addr.sin6_addr; 342 if (in6_setscope(&src, ifp, &osrczone) || 343 in6_setscope(&src, ifp1, &srczone) || 344 osrczone != srczone) 345 goto next; 346 347 /* avoid unusable addresses */ 348 if ((ia->ia6_flags & 349 (IN6_IFF_NOTREADY | IN6_IFF_ANYCAST | IN6_IFF_DETACHED))) 350 goto next; 351 352 if (!ip6_use_deprecated && IFA6_IS_DEPRECATED(ia, secs)) 353 goto next; 354 355 if (!nd6_optimistic_dad && 356 (ia->ia6_flags & IN6_IFF_OPTIMISTIC) != 0) 357 goto next; 358 359 /* Rule 1: Prefer same address */ 360 if (IN6_ARE_ADDR_EQUAL(&dst, &ia->ia_addr.sin6_addr)) 361 BREAK(IP6S_SRCRULE_1); /* there should be no better candidate */ 362 363 if (ia_best == NULL) 364 REPLACE(IP6S_SRCRULE_0); 365 366 /* Rule 2: Prefer appropriate scope */ 367 if (dst_scope < 0) 368 dst_scope = in6_addrscope(&dst); 369 new_scope = in6_addrscope(&ia->ia_addr.sin6_addr); 370 if (IN6_ARE_SCOPE_CMP(best_scope, new_scope) < 0) { 371 if (IN6_ARE_SCOPE_CMP(best_scope, dst_scope) < 0) 372 REPLACE(IP6S_SRCRULE_2); 373 NEXTSRC(IP6S_SRCRULE_2); 374 } else if (IN6_ARE_SCOPE_CMP(new_scope, best_scope) < 0) { 375 if (IN6_ARE_SCOPE_CMP(new_scope, dst_scope) < 0) 376 NEXTSRC(IP6S_SRCRULE_2); 377 REPLACE(IP6S_SRCRULE_2); 378 } 379 380 /* 381 * Rule 3: Avoid deprecated addresses. Note that the case of 382 * !ip6_use_deprecated is already rejected above. 383 */ 384 if (!IFA6_IS_DEPRECATED(ia_best, secs) && 385 IFA6_IS_DEPRECATED(ia, secs)) 386 NEXTSRC(IP6S_SRCRULE_3); 387 if (IFA6_IS_DEPRECATED(ia_best, secs) && 388 !IFA6_IS_DEPRECATED(ia, secs)) 389 REPLACE(IP6S_SRCRULE_3); 390 391 /* 392 * RFC 4429 says that optimistic addresses are equivalent to 393 * deprecated addresses, so avoid them here. 394 */ 395 if ((ia_best->ia6_flags & IN6_IFF_OPTIMISTIC) == 0 && 396 (ia->ia6_flags & IN6_IFF_OPTIMISTIC) != 0) 397 NEXTSRC(IP6S_SRCRULE_3); 398 if ((ia_best->ia6_flags & IN6_IFF_OPTIMISTIC) != 0 && 399 (ia->ia6_flags & IN6_IFF_OPTIMISTIC) == 0) 400 REPLACE(IP6S_SRCRULE_3); 401 402 /* Rule 4: Prefer home addresses */ 403 /* 404 * XXX: This is a TODO. We should probably merge the MIP6 405 * case above. 406 */ 407 408 /* Rule 5: Prefer outgoing interface */ 409 if (ia_best->ia_ifp == ifp && ia->ia_ifp != ifp) 410 NEXTSRC(IP6S_SRCRULE_5); 411 if (ia_best->ia_ifp != ifp && ia->ia_ifp == ifp) 412 REPLACE(IP6S_SRCRULE_5); 413 414 /* Rule 5.5: Prefer addresses in a prefix advertised by the next hop. */ 415 if (ro != NULL && ro->ro_rt != NULL && ia_best->ia6_ndpr != NULL && 416 ia->ia6_ndpr != NULL) { 417 struct rtentry *rta, *rtb; 418 int op; 419 420 NDPR_LOCK(ia_best->ia6_ndpr); 421 rta = ia_best->ia6_ndpr->ndpr_rt; 422 if (rta != NULL) 423 RT_ADDREF(rta); 424 NDPR_UNLOCK(ia_best->ia6_ndpr); 425 426 NDPR_LOCK(ia->ia6_ndpr); 427 rtb = ia->ia6_ndpr->ndpr_rt; 428 if (rtb != NULL) 429 RT_ADDREF(rtb); 430 NDPR_UNLOCK(ia->ia6_ndpr); 431 432 if (rta == NULL || rtb == NULL) 433 op = 0; 434 else if (rta == ro->ro_rt && rtb != ro->ro_rt) 435 op = 1; 436 else if (rta != ro->ro_rt && rtb == ro->ro_rt) 437 op = 2; 438 else 439 op = 0; 440 441 if (rta != NULL) 442 RT_REMREF(rta); 443 if (rtb != NULL) 444 RT_REMREF(rtb); 445 446 switch (op) { 447 case 1: 448 NEXTSRC(IP6S_SRCRULE_5_5); 449 break; 450 case 2: 451 REPLACE(IP6S_SRCRULE_5_5); 452 break; 453 default: 454 break; 455 } 456 } 457 458 /* 459 * Rule 6: Prefer matching label 460 * Note that best_policy should be non-NULL here. 461 */ 462 if (dst_policy == NULL) 463 dst_policy = in6_addrsel_lookup_policy(dstsock); 464 if (dst_policy->label != ADDR_LABEL_NOTAPP) { 465 new_policy = in6_addrsel_lookup_policy(&ia->ia_addr); 466 if (dst_policy->label == best_policy->label && 467 dst_policy->label != new_policy->label) 468 NEXTSRC(IP6S_SRCRULE_6); 469 if (dst_policy->label != best_policy->label && 470 dst_policy->label == new_policy->label) 471 REPLACE(IP6S_SRCRULE_6); 472 } 473 474 /* 475 * Rule 7: Prefer temporary addresses. 476 * We allow users to reverse the logic by configuring 477 * a sysctl variable, so that transparency conscious users can 478 * always prefer stable addresses. 479 * Don't use temporary addresses for local destinations or 480 * for multicast addresses unless we were passed in an option. 481 */ 482 if (IN6_IS_ADDR_MULTICAST(&dst) || 483 in6_matchlen(&ia_best->ia_addr.sin6_addr, &dst) >= 484 ia_best->ia_plen) 485 islocal = TRUE; 486 if (opts == NULL || 487 opts->ip6po_prefer_tempaddr == IP6PO_TEMPADDR_SYSTEM) { 488 prefer_tempaddr = islocal ? 0 : ip6_prefer_tempaddr; 489 } else if (opts->ip6po_prefer_tempaddr == 490 IP6PO_TEMPADDR_NOTPREFER) { 491 prefer_tempaddr = 0; 492 } else 493 prefer_tempaddr = 1; 494 if (!(ia_best->ia6_flags & IN6_IFF_TEMPORARY) && 495 (ia->ia6_flags & IN6_IFF_TEMPORARY)) { 496 if (prefer_tempaddr) 497 REPLACE(IP6S_SRCRULE_7); 498 else 499 NEXTSRC(IP6S_SRCRULE_7); 500 } 501 if ((ia_best->ia6_flags & IN6_IFF_TEMPORARY) && 502 !(ia->ia6_flags & IN6_IFF_TEMPORARY)) { 503 if (prefer_tempaddr) 504 NEXTSRC(IP6S_SRCRULE_7); 505 else 506 REPLACE(IP6S_SRCRULE_7); 507 } 508 509 /* 510 * Rule 7x: prefer addresses on alive interfaces. 511 * This is a KAME specific rule. 512 */ 513 if ((ia_best->ia_ifp->if_flags & IFF_UP) && 514 !(ia->ia_ifp->if_flags & IFF_UP)) 515 NEXTSRC(IP6S_SRCRULE_7x); 516 if (!(ia_best->ia_ifp->if_flags & IFF_UP) && 517 (ia->ia_ifp->if_flags & IFF_UP)) 518 REPLACE(IP6S_SRCRULE_7x); 519 520 /* 521 * Rule 8: Use longest matching prefix. 522 */ 523 new_matchlen = in6_matchlen(&ia->ia_addr.sin6_addr, &dst); 524 if (best_matchlen < new_matchlen) 525 REPLACE(IP6S_SRCRULE_8); 526 if (new_matchlen < best_matchlen) 527 NEXTSRC(IP6S_SRCRULE_8); 528 529 /* 530 * Last resort: just keep the current candidate. 531 * Or, do we need more rules? 532 */ 533 IFA_UNLOCK(&ia->ia_ifa); 534 continue; 535 536replace: 537 best_scope = (new_scope >= 0 ? new_scope : 538 in6_addrscope(&ia->ia_addr.sin6_addr)); 539 best_policy = (new_policy ? new_policy : 540 in6_addrsel_lookup_policy(&ia->ia_addr)); 541 best_matchlen = (new_matchlen >= 0 ? new_matchlen : 542 in6_matchlen(&ia->ia_addr.sin6_addr, &dst)); 543 IFA_ADDREF_LOCKED(&ia->ia_ifa); /* for ia_best */ 544 IFA_UNLOCK(&ia->ia_ifa); 545 if (ia_best != NULL) 546 IFA_REMREF(&ia_best->ia_ifa); 547 ia_best = ia; 548 continue; 549 550next: 551 IFA_UNLOCK(&ia->ia_ifa); 552 continue; 553 554out: 555 IFA_ADDREF_LOCKED(&ia->ia_ifa); /* for ia_best */ 556 IFA_UNLOCK(&ia->ia_ifa); 557 if (ia_best != NULL) 558 IFA_REMREF(&ia_best->ia_ifa); 559 ia_best = ia; 560 break; 561 } 562 563 lck_rw_done(&in6_ifaddr_rwlock); 564 565 if (ia_best != NULL && inp && 566 inp_restricted_send(inp, ia_best->ia_ifa.ifa_ifp)) { 567 IFA_REMREF(&ia_best->ia_ifa); 568 ia_best = NULL; 569 *errorp = EHOSTUNREACH; 570 } 571 572 if ((ia = ia_best) == NULL) { 573 if (*errorp == 0) 574 *errorp = EADDRNOTAVAIL; 575 src_storage = NULL; 576 goto done; 577 } 578 579 IFA_LOCK_SPIN(&ia->ia_ifa); 580 *src_storage = satosin6(&ia->ia_addr)->sin6_addr; 581 IFA_UNLOCK(&ia->ia_ifa); 582 IFA_REMREF(&ia->ia_ifa); 583done: 584 if (ifpp != NULL) { 585 /* if ifp is non-NULL, refcnt held in in6_selectif() */ 586 *ifpp = ifp; 587 } else if (ifp != NULL) { 588 ifnet_release(ifp); 589 } 590 return (src_storage); 591} 592 593/* 594 * Given a source IPv6 address (and route, if available), determine the best 595 * interface to send the packet from. Checking for (and updating) the 596 * ROF_SRCIF_SELECTED flag in the pcb-supplied route placeholder is done 597 * without any locks, based on the assumption that in the event this is 598 * called from ip6_output(), the output operation is single-threaded per-pcb, 599 * i.e. for any given pcb there can only be one thread performing output at 600 * the IPv6 layer. 601 * 602 * This routine is analogous to in_selectsrcif() for IPv4. Regardless of 603 * error, it will return an ifp with a reference held if the caller provides 604 * a non-NULL retifp. The caller is responsible for checking if the 605 * returned ifp is valid and release its reference at all times. 606 * 607 * clone - meaningful only for bsdi and freebsd 608 */ 609static int 610selectroute(struct sockaddr_in6 *srcsock, struct sockaddr_in6 *dstsock, 611 struct ip6_pktopts *opts, struct ip6_moptions *mopts, 612 struct in6_ifaddr **retsrcia, struct route_in6 *ro, 613 struct ifnet **retifp, struct rtentry **retrt, int clone, 614 int norouteok, struct ip6_out_args *ip6oa) 615{ 616 int error = 0; 617 struct ifnet *ifp = NULL, *ifp0 = NULL; 618 struct route_in6 *route = NULL; 619 struct sockaddr_in6 *sin6_next; 620 struct in6_pktinfo *pi = NULL; 621 struct in6_addr *dst = &dstsock->sin6_addr; 622 struct ifaddr *ifa = NULL; 623 char s_src[MAX_IPv6_STR_LEN], s_dst[MAX_IPv6_STR_LEN]; 624 boolean_t select_srcif, proxied_ifa = FALSE, local_dst = FALSE; 625 unsigned int ifscope = ((ip6oa != NULL) ? 626 ip6oa->ip6oa_boundif : IFSCOPE_NONE); 627 628#if 0 629 char ip6buf[INET6_ADDRSTRLEN]; 630 631 if (dstsock->sin6_addr.s6_addr32[0] == 0 && 632 dstsock->sin6_addr.s6_addr32[1] == 0 && 633 !IN6_IS_ADDR_LOOPBACK(&dstsock->sin6_addr)) { 634 printf("in6_selectroute: strange destination %s\n", 635 ip6_sprintf(ip6buf, &dstsock->sin6_addr)); 636 } else { 637 printf("in6_selectroute: destination = %s%%%d\n", 638 ip6_sprintf(ip6buf, &dstsock->sin6_addr), 639 dstsock->sin6_scope_id); /* for debug */ 640 } 641#endif 642 643 if (retifp != NULL) 644 *retifp = NULL; 645 646 if (retrt != NULL) 647 *retrt = NULL; 648 649 if (ip6_select_srcif_debug) { 650 struct in6_addr src; 651 src = (srcsock != NULL) ? srcsock->sin6_addr : in6addr_any; 652 (void) inet_ntop(AF_INET6, &src, s_src, sizeof (s_src)); 653 (void) inet_ntop(AF_INET6, dst, s_dst, sizeof (s_dst)); 654 } 655 656 /* 657 * If the destination address is UNSPECIFIED addr, bail out. 658 */ 659 if (IN6_IS_ADDR_UNSPECIFIED(dst)) { 660 error = EHOSTUNREACH; 661 goto done; 662 } 663 664 /* 665 * Perform source interface selection only if Scoped Routing 666 * is enabled and a source address that isn't unspecified. 667 */ 668 select_srcif = (ip6_doscopedroute && srcsock != NULL && 669 !IN6_IS_ADDR_UNSPECIFIED(&srcsock->sin6_addr)); 670 671 /* 672 * If Scoped Routing is disabled, ignore the given ifscope. 673 * Otherwise even if source selection won't be performed, 674 * we still obey IPV6_BOUND_IF. 675 */ 676 if (!ip6_doscopedroute && ifscope != IFSCOPE_NONE) 677 ifscope = IFSCOPE_NONE; 678 679 /* If the caller specified the outgoing interface explicitly, use it */ 680 if (opts != NULL && (pi = opts->ip6po_pktinfo) != NULL && 681 pi->ipi6_ifindex != 0) { 682 /* 683 * If IPV6_PKTINFO takes precedence over IPV6_BOUND_IF. 684 */ 685 ifscope = pi->ipi6_ifindex; 686 ifnet_head_lock_shared(); 687 /* ifp may be NULL if detached or out of range */ 688 ifp = ifp0 = 689 ((ifscope <= if_index) ? ifindex2ifnet[ifscope] : NULL); 690 ifnet_head_done(); 691 if (norouteok || retrt == NULL || IN6_IS_ADDR_MULTICAST(dst)) { 692 /* 693 * We do not have to check or get the route for 694 * multicast. If the caller didn't ask/care for 695 * the route and we have no interface to use, 696 * it's an error. 697 */ 698 if (ifp == NULL) 699 error = EHOSTUNREACH; 700 goto done; 701 } else { 702 goto getsrcif; 703 } 704 } 705 706 /* 707 * If the destination address is a multicast address and the outgoing 708 * interface for the address is specified by the caller, use it. 709 */ 710 if (IN6_IS_ADDR_MULTICAST(dst) && mopts != NULL) { 711 IM6O_LOCK(mopts); 712 if ((ifp = ifp0 = mopts->im6o_multicast_ifp) != NULL) { 713 IM6O_UNLOCK(mopts); 714 goto done; /* we do not need a route for multicast. */ 715 } 716 IM6O_UNLOCK(mopts); 717 } 718 719getsrcif: 720 /* 721 * If the outgoing interface was not set via IPV6_BOUND_IF or 722 * IPV6_PKTINFO, use the scope ID in the destination address. 723 */ 724 if (ip6_doscopedroute && ifscope == IFSCOPE_NONE) 725 ifscope = dstsock->sin6_scope_id; 726 727 /* 728 * Perform source interface selection; the source IPv6 address 729 * must belong to one of the addresses of the interface used 730 * by the route. For performance reasons, do this only if 731 * there is no route, or if the routing table has changed, 732 * or if we haven't done source interface selection on this 733 * route (for this PCB instance) before. 734 */ 735 if (!select_srcif) { 736 goto getroute; 737 } else if (!ROUTE_UNUSABLE(ro) && ro->ro_srcia != NULL && 738 (ro->ro_flags & ROF_SRCIF_SELECTED)) { 739 if (ro->ro_rt->rt_ifp->if_flags & IFF_LOOPBACK) 740 local_dst = TRUE; 741 ifa = ro->ro_srcia; 742 IFA_ADDREF(ifa); /* for caller */ 743 goto getroute; 744 } 745 746 /* 747 * Given the source IPv6 address, find a suitable source interface 748 * to use for transmission; if a scope ID has been specified, 749 * optimize the search by looking at the addresses only for that 750 * interface. This is still suboptimal, however, as we need to 751 * traverse the per-interface list. 752 */ 753 if (ifscope != IFSCOPE_NONE || (ro != NULL && ro->ro_rt != NULL)) { 754 unsigned int scope = ifscope; 755 struct ifnet *rt_ifp; 756 757 rt_ifp = (ro->ro_rt != NULL) ? ro->ro_rt->rt_ifp : NULL; 758 759 /* 760 * If no scope is specified and the route is stale (pointing 761 * to a defunct interface) use the current primary interface; 762 * this happens when switching between interfaces configured 763 * with the same IPv6 address. Otherwise pick up the scope 764 * information from the route; the ULP may have looked up a 765 * correct route and we just need to verify it here and mark 766 * it with the ROF_SRCIF_SELECTED flag below. 767 */ 768 if (scope == IFSCOPE_NONE) { 769 scope = rt_ifp->if_index; 770 if (scope != get_primary_ifscope(AF_INET6) && 771 ROUTE_UNUSABLE(ro)) 772 scope = get_primary_ifscope(AF_INET6); 773 } 774 775 ifa = (struct ifaddr *) 776 ifa_foraddr6_scoped(&srcsock->sin6_addr, scope); 777 778 /* 779 * If we are forwarding and proxying prefix(es), see if the 780 * source address is one of ours and is a proxied address; 781 * if so, use it. 782 */ 783 if (ifa == NULL && ip6_forwarding && nd6_prproxy) { 784 ifa = (struct ifaddr *) 785 ifa_foraddr6(&srcsock->sin6_addr); 786 if (ifa != NULL && !(proxied_ifa = 787 nd6_prproxy_ifaddr((struct in6_ifaddr *)ifa))) { 788 IFA_REMREF(ifa); 789 ifa = NULL; 790 } 791 } 792 793 if (ip6_select_srcif_debug && ifa != NULL) { 794 if (ro->ro_rt != NULL) { 795 printf("%s->%s ifscope %d->%d ifa_if %s " 796 "ro_if %s\n", s_src, s_dst, ifscope, 797 scope, if_name(ifa->ifa_ifp), 798 if_name(rt_ifp)); 799 } else { 800 printf("%s->%s ifscope %d->%d ifa_if %s\n", 801 s_src, s_dst, ifscope, scope, 802 if_name(ifa->ifa_ifp)); 803 } 804 } 805 } 806 807 /* 808 * Slow path; search for an interface having the corresponding source 809 * IPv6 address if the scope was not specified by the caller, and: 810 * 811 * 1) There currently isn't any route, or, 812 * 2) The interface used by the route does not own that source 813 * IPv6 address; in this case, the route will get blown away 814 * and we'll do a more specific scoped search using the newly 815 * found interface. 816 */ 817 if (ifa == NULL && ifscope == IFSCOPE_NONE) { 818 struct ifaddr *ifadst; 819 820 /* Check if the destination address is one of ours */ 821 ifadst = (struct ifaddr *)ifa_foraddr6(&dstsock->sin6_addr); 822 if (ifadst != NULL) { 823 local_dst = TRUE; 824 IFA_REMREF(ifadst); 825 } 826 827 ifa = (struct ifaddr *)ifa_foraddr6(&srcsock->sin6_addr); 828 829 if (ip6_select_srcif_debug && ifa != NULL) { 830 printf("%s->%s ifscope %d ifa_if %s\n", 831 s_src, s_dst, ifscope, if_name(ifa->ifa_ifp)); 832 } 833 834 } 835 836getroute: 837 if (ifa != NULL && !proxied_ifa && !local_dst) 838 ifscope = ifa->ifa_ifp->if_index; 839 840 /* 841 * If the next hop address for the packet is specified by the caller, 842 * use it as the gateway. 843 */ 844 if (opts != NULL && opts->ip6po_nexthop != NULL) { 845 struct route_in6 *ron; 846 847 sin6_next = satosin6(opts->ip6po_nexthop); 848 849 /* at this moment, we only support AF_INET6 next hops */ 850 if (sin6_next->sin6_family != AF_INET6) { 851 error = EAFNOSUPPORT; /* or should we proceed? */ 852 goto done; 853 } 854 855 /* 856 * If the next hop is an IPv6 address, then the node identified 857 * by that address must be a neighbor of the sending host. 858 */ 859 ron = &opts->ip6po_nextroute; 860 if (ron->ro_rt != NULL) 861 RT_LOCK(ron->ro_rt); 862 if (ROUTE_UNUSABLE(ron) || (ron->ro_rt != NULL && 863 (!(ron->ro_rt->rt_flags & RTF_LLINFO) || 864 (select_srcif && (ifa == NULL || 865 (ifa->ifa_ifp != ron->ro_rt->rt_ifp && !proxied_ifa))))) || 866 !IN6_ARE_ADDR_EQUAL(&satosin6(&ron->ro_dst)->sin6_addr, 867 &sin6_next->sin6_addr)) { 868 if (ron->ro_rt != NULL) 869 RT_UNLOCK(ron->ro_rt); 870 871 ROUTE_RELEASE(ron); 872 *satosin6(&ron->ro_dst) = *sin6_next; 873 } 874 if (ron->ro_rt == NULL) { 875 rtalloc_scoped((struct route *)ron, ifscope); 876 if (ron->ro_rt != NULL) 877 RT_LOCK(ron->ro_rt); 878 if (ROUTE_UNUSABLE(ron) || 879 !(ron->ro_rt->rt_flags & RTF_LLINFO) || 880 !IN6_ARE_ADDR_EQUAL(&satosin6(rt_key(ron->ro_rt))-> 881 sin6_addr, &sin6_next->sin6_addr)) { 882 if (ron->ro_rt != NULL) 883 RT_UNLOCK(ron->ro_rt); 884 885 ROUTE_RELEASE(ron); 886 error = EHOSTUNREACH; 887 goto done; 888 } 889 } 890 route = ron; 891 ifp = ifp0 = ron->ro_rt->rt_ifp; 892 893 /* 894 * When cloning is required, try to allocate a route to the 895 * destination so that the caller can store path MTU 896 * information. 897 */ 898 if (!clone) { 899 if (select_srcif) { 900 /* Keep the route locked */ 901 goto validateroute; 902 } 903 RT_UNLOCK(ron->ro_rt); 904 goto done; 905 } 906 RT_UNLOCK(ron->ro_rt); 907 } 908 909 /* 910 * Use a cached route if it exists and is valid, else try to allocate 911 * a new one. Note that we should check the address family of the 912 * cached destination, in case of sharing the cache with IPv4. 913 */ 914 if (ro == NULL) 915 goto done; 916 if (ro->ro_rt != NULL) 917 RT_LOCK_SPIN(ro->ro_rt); 918 if (ROUTE_UNUSABLE(ro) || (ro->ro_rt != NULL && 919 (satosin6(&ro->ro_dst)->sin6_family != AF_INET6 || 920 !IN6_ARE_ADDR_EQUAL(&satosin6(&ro->ro_dst)->sin6_addr, dst) || 921 (select_srcif && (ifa == NULL || 922 (ifa->ifa_ifp != ro->ro_rt->rt_ifp && !proxied_ifa)))))) { 923 if (ro->ro_rt != NULL) 924 RT_UNLOCK(ro->ro_rt); 925 926 ROUTE_RELEASE(ro); 927 } 928 if (ro->ro_rt == NULL) { 929 struct sockaddr_in6 *sa6; 930 931 if (ro->ro_rt != NULL) 932 RT_UNLOCK(ro->ro_rt); 933 /* No route yet, so try to acquire one */ 934 bzero(&ro->ro_dst, sizeof (struct sockaddr_in6)); 935 sa6 = (struct sockaddr_in6 *)&ro->ro_dst; 936 sa6->sin6_family = AF_INET6; 937 sa6->sin6_len = sizeof (struct sockaddr_in6); 938 sa6->sin6_addr = *dst; 939 if (IN6_IS_ADDR_MULTICAST(dst)) { 940 ro->ro_rt = rtalloc1_scoped( 941 &((struct route *)ro)->ro_dst, 0, 0, ifscope); 942 } else { 943 rtalloc_scoped((struct route *)ro, ifscope); 944 } 945 if (ro->ro_rt != NULL) 946 RT_LOCK_SPIN(ro->ro_rt); 947 } 948 949 /* 950 * Do not care about the result if we have the nexthop 951 * explicitly specified (in case we're asked to clone.) 952 */ 953 if (opts != NULL && opts->ip6po_nexthop != NULL) { 954 if (ro->ro_rt != NULL) 955 RT_UNLOCK(ro->ro_rt); 956 goto done; 957 } 958 959 if (ro->ro_rt != NULL) { 960 RT_LOCK_ASSERT_HELD(ro->ro_rt); 961 ifp = ifp0 = ro->ro_rt->rt_ifp; 962 } else { 963 error = EHOSTUNREACH; 964 } 965 route = ro; 966 967validateroute: 968 if (select_srcif) { 969 boolean_t has_route = (route != NULL && route->ro_rt != NULL); 970 boolean_t srcif_selected = FALSE; 971 972 if (has_route) 973 RT_LOCK_ASSERT_HELD(route->ro_rt); 974 /* 975 * If there is a non-loopback route with the wrong interface, 976 * or if there is no interface configured with such an address, 977 * blow it away. Except for local/loopback, we look for one 978 * with a matching interface scope/index. 979 */ 980 if (has_route && (ifa == NULL || 981 (ifa->ifa_ifp != ifp && ifp != lo_ifp) || 982 !(route->ro_rt->rt_flags & RTF_UP))) { 983 /* 984 * If the destination address belongs to a proxied 985 * prefix, relax the requirement and allow the packet 986 * to come out of the proxy interface with the source 987 * address of the real interface. 988 */ 989 if (ifa != NULL && proxied_ifa && 990 (route->ro_rt->rt_flags & (RTF_UP|RTF_PROXY)) == 991 (RTF_UP|RTF_PROXY)) { 992 srcif_selected = TRUE; 993 } else { 994 if (ip6_select_srcif_debug) { 995 if (ifa != NULL) { 996 printf("%s->%s ifscope %d " 997 "ro_if %s != ifa_if %s " 998 "(cached route cleared)\n", 999 s_src, s_dst, 1000 ifscope, if_name(ifp), 1001 if_name(ifa->ifa_ifp)); 1002 } else { 1003 printf("%s->%s ifscope %d " 1004 "ro_if %s (no ifa_if " 1005 "found)\n", s_src, s_dst, 1006 ifscope, if_name(ifp)); 1007 } 1008 } 1009 RT_UNLOCK(route->ro_rt); 1010 ROUTE_RELEASE(route); 1011 error = EHOSTUNREACH; 1012 /* Undo the settings done above */ 1013 route = NULL; 1014 ifp = NULL; /* ditch ifp; keep ifp0 */ 1015 has_route = FALSE; 1016 } 1017 } else if (has_route) { 1018 srcif_selected = TRUE; 1019 } 1020 1021 if (srcif_selected) { 1022 VERIFY(has_route); 1023 if (ifa != route->ro_srcia || 1024 !(route->ro_flags & ROF_SRCIF_SELECTED)) { 1025 RT_CONVERT_LOCK(route->ro_rt); 1026 if (ifa != NULL) 1027 IFA_ADDREF(ifa); /* for route_in6 */ 1028 if (route->ro_srcia != NULL) 1029 IFA_REMREF(route->ro_srcia); 1030 route->ro_srcia = ifa; 1031 route->ro_flags |= ROF_SRCIF_SELECTED; 1032 RT_GENID_SYNC(route->ro_rt); 1033 } 1034 RT_UNLOCK(route->ro_rt); 1035 } 1036 } else { 1037 if (ro->ro_rt != NULL) 1038 RT_UNLOCK(ro->ro_rt); 1039 if (ifp != NULL && opts != NULL && 1040 opts->ip6po_pktinfo != NULL && 1041 opts->ip6po_pktinfo->ipi6_ifindex != 0) { 1042 /* 1043 * Check if the outgoing interface conflicts with the 1044 * interface specified by ipi6_ifindex (if specified). 1045 * Note that loopback interface is always okay. 1046 * (this may happen when we are sending a packet to 1047 * one of our own addresses.) 1048 */ 1049 if (!(ifp->if_flags & IFF_LOOPBACK) && ifp->if_index != 1050 opts->ip6po_pktinfo->ipi6_ifindex) { 1051 error = EHOSTUNREACH; 1052 goto done; 1053 } 1054 } 1055 } 1056 1057done: 1058 /* 1059 * Check for interface restrictions. 1060 */ 1061#define CHECK_RESTRICTIONS(_ip6oa, _ifp) \ 1062 ((((_ip6oa)->ip6oa_flags & IP6OAF_NO_CELLULAR) && \ 1063 IFNET_IS_CELLULAR(_ifp)) || \ 1064 (((_ip6oa)->ip6oa_flags & IP6OAF_NO_EXPENSIVE) && \ 1065 IFNET_IS_EXPENSIVE(_ifp)) || \ 1066 (!((_ip6oa)->ip6oa_flags & IP6OAF_AWDL_UNRESTRICTED) && \ 1067 IFNET_IS_AWDL_RESTRICTED(_ifp))) 1068 1069 if (error == 0 && ip6oa != NULL && 1070 ((ifp && CHECK_RESTRICTIONS(ip6oa, ifp)) || 1071 (route && route->ro_rt && 1072 CHECK_RESTRICTIONS(ip6oa, route->ro_rt->rt_ifp)))) { 1073 if (route != NULL && route->ro_rt != NULL) { 1074 ROUTE_RELEASE(route); 1075 route = NULL; 1076 } 1077 ifp = NULL; /* ditch ifp; keep ifp0 */ 1078 error = EHOSTUNREACH; 1079 ip6oa->ip6oa_retflags |= IP6OARF_IFDENIED; 1080 } 1081#undef CHECK_RESTRICTIONS 1082 1083 /* 1084 * If the interface is disabled for IPv6, then ENETDOWN error. 1085 */ 1086 if (error == 0 && 1087 ifp != NULL && (ifp->if_eflags & IFEF_IPV6_DISABLED)) { 1088 error = ENETDOWN; 1089 } 1090 1091 if (ifp == NULL && (route == NULL || route->ro_rt == NULL)) { 1092 /* 1093 * This can happen if the caller did not pass a cached route 1094 * nor any other hints. We treat this case an error. 1095 */ 1096 error = EHOSTUNREACH; 1097 } 1098 if (error == EHOSTUNREACH || error == ENETDOWN) 1099 ip6stat.ip6s_noroute++; 1100 1101 /* 1102 * We'll return ifp regardless of error, so pick it up from ifp0 1103 * in case it was nullified above. Caller is responsible for 1104 * releasing the ifp if it is non-NULL. 1105 */ 1106 ifp = ifp0; 1107 if (retifp != NULL) { 1108 if (ifp != NULL) 1109 ifnet_reference(ifp); /* for caller */ 1110 *retifp = ifp; 1111 } 1112 1113 if (retsrcia != NULL) { 1114 if (ifa != NULL) 1115 IFA_ADDREF(ifa); /* for caller */ 1116 *retsrcia = (struct in6_ifaddr *)ifa; 1117 } 1118 1119 if (error == 0) { 1120 if (retrt != NULL && route != NULL) 1121 *retrt = route->ro_rt; /* ro_rt may be NULL */ 1122 } else if (select_srcif && ip6_select_srcif_debug) { 1123 printf("%s->%s ifscope %d ifa_if %s ro_if %s (error=%d)\n", 1124 s_src, s_dst, ifscope, 1125 (ifa != NULL) ? if_name(ifa->ifa_ifp) : "NONE", 1126 (ifp != NULL) ? if_name(ifp) : "NONE", error); 1127 } 1128 1129 if (ifa != NULL) 1130 IFA_REMREF(ifa); 1131 1132 return (error); 1133} 1134 1135/* 1136 * Regardless of error, it will return an ifp with a reference held if the 1137 * caller provides a non-NULL retifp. The caller is responsible for checking 1138 * if the returned ifp is valid and release its reference at all times. 1139 */ 1140static int 1141in6_selectif(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts, 1142 struct ip6_moptions *mopts, struct route_in6 *ro, 1143 struct ip6_out_args *ip6oa, struct ifnet **retifp) 1144{ 1145 int err = 0; 1146 struct route_in6 sro; 1147 struct rtentry *rt = NULL; 1148 1149 if (ro == NULL) { 1150 bzero(&sro, sizeof (sro)); 1151 ro = &sro; 1152 } 1153 1154 if ((err = selectroute(NULL, dstsock, opts, mopts, NULL, ro, retifp, 1155 &rt, 0, 1, ip6oa)) != 0) 1156 goto done; 1157 1158 /* 1159 * do not use a rejected or black hole route. 1160 * XXX: this check should be done in the L2 output routine. 1161 * However, if we skipped this check here, we'd see the following 1162 * scenario: 1163 * - install a rejected route for a scoped address prefix 1164 * (like fe80::/10) 1165 * - send a packet to a destination that matches the scoped prefix, 1166 * with ambiguity about the scope zone. 1167 * - pick the outgoing interface from the route, and disambiguate the 1168 * scope zone with the interface. 1169 * - ip6_output() would try to get another route with the "new" 1170 * destination, which may be valid. 1171 * - we'd see no error on output. 1172 * Although this may not be very harmful, it should still be confusing. 1173 * We thus reject the case here. 1174 */ 1175 if (rt && (rt->rt_flags & (RTF_REJECT | RTF_BLACKHOLE))) { 1176 err = ((rt->rt_flags & RTF_HOST) ? EHOSTUNREACH : ENETUNREACH); 1177 goto done; 1178 } 1179 1180 /* 1181 * Adjust the "outgoing" interface. If we're going to loop the packet 1182 * back to ourselves, the ifp would be the loopback interface. 1183 * However, we'd rather know the interface associated to the 1184 * destination address (which should probably be one of our own 1185 * addresses.) 1186 */ 1187 if (rt != NULL && rt->rt_ifa != NULL && rt->rt_ifa->ifa_ifp != NULL && 1188 retifp != NULL) { 1189 ifnet_reference(rt->rt_ifa->ifa_ifp); 1190 if (*retifp != NULL) 1191 ifnet_release(*retifp); 1192 *retifp = rt->rt_ifa->ifa_ifp; 1193 } 1194 1195done: 1196 if (ro == &sro) { 1197 VERIFY(rt == NULL || rt == ro->ro_rt); 1198 ROUTE_RELEASE(ro); 1199 } 1200 1201 /* 1202 * retifp might point to a valid ifp with a reference held; 1203 * caller is responsible for releasing it if non-NULL. 1204 */ 1205 return (err); 1206} 1207 1208/* 1209 * Regardless of error, it will return an ifp with a reference held if the 1210 * caller provides a non-NULL retifp. The caller is responsible for checking 1211 * if the returned ifp is valid and release its reference at all times. 1212 * 1213 * clone - meaningful only for bsdi and freebsd 1214 */ 1215int 1216in6_selectroute(struct sockaddr_in6 *srcsock, struct sockaddr_in6 *dstsock, 1217 struct ip6_pktopts *opts, struct ip6_moptions *mopts, 1218 struct in6_ifaddr **retsrcia, struct route_in6 *ro, struct ifnet **retifp, 1219 struct rtentry **retrt, int clone, struct ip6_out_args *ip6oa) 1220{ 1221 1222 return (selectroute(srcsock, dstsock, opts, mopts, retsrcia, ro, retifp, 1223 retrt, clone, 0, ip6oa)); 1224} 1225 1226/* 1227 * Default hop limit selection. The precedence is as follows: 1228 * 1. Hoplimit value specified via ioctl. 1229 * 2. (If the outgoing interface is detected) the current 1230 * hop limit of the interface specified by router advertisement. 1231 * 3. The system default hoplimit. 1232 */ 1233int 1234in6_selecthlim(struct in6pcb *in6p, struct ifnet *ifp) 1235{ 1236 if (in6p && in6p->in6p_hops >= 0) { 1237 return (in6p->in6p_hops); 1238 } else { 1239 lck_rw_lock_shared(nd_if_rwlock); 1240 if (ifp && ifp->if_index < nd_ifinfo_indexlim) { 1241 u_int8_t chlim; 1242 struct nd_ifinfo *ndi = &nd_ifinfo[ifp->if_index]; 1243 1244 if (ndi->initialized) { 1245 /* access chlim without lock, for performance */ 1246 chlim = ndi->chlim; 1247 } else { 1248 chlim = ip6_defhlim; 1249 } 1250 lck_rw_done(nd_if_rwlock); 1251 return (chlim); 1252 } else { 1253 lck_rw_done(nd_if_rwlock); 1254 return (ip6_defhlim); 1255 } 1256 } 1257} 1258 1259/* 1260 * XXX: this is borrowed from in6_pcbbind(). If possible, we should 1261 * share this function by all *bsd*... 1262 */ 1263int 1264in6_pcbsetport(struct in6_addr *laddr, struct inpcb *inp, struct proc *p, 1265 int locked) 1266{ 1267#pragma unused(laddr) 1268 struct socket *so = inp->inp_socket; 1269 u_int16_t lport = 0, first, last, *lastport; 1270 int count, error = 0, wild = 0; 1271 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 1272 kauth_cred_t cred; 1273 if (!locked) { /* Make sure we don't run into a deadlock: 4052373 */ 1274 if (!lck_rw_try_lock_exclusive(pcbinfo->ipi_lock)) { 1275 socket_unlock(inp->inp_socket, 0); 1276 lck_rw_lock_exclusive(pcbinfo->ipi_lock); 1277 socket_lock(inp->inp_socket, 0); 1278 } 1279 1280 /* 1281 * Check if a local port was assigned to the inp while 1282 * this thread was waiting for the pcbinfo lock 1283 */ 1284 if (inp->inp_lport != 0) { 1285 VERIFY(inp->inp_flags2 & INP2_INHASHLIST); 1286 lck_rw_done(pcbinfo->ipi_lock); 1287 1288 /* 1289 * It is not an error if another thread allocated 1290 * a port 1291 */ 1292 return (0); 1293 } 1294 } 1295 1296 /* XXX: this is redundant when called from in6_pcbbind */ 1297 if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0) 1298 wild = INPLOOKUP_WILDCARD; 1299 1300 if (inp->inp_flags & INP_HIGHPORT) { 1301 first = ipport_hifirstauto; /* sysctl */ 1302 last = ipport_hilastauto; 1303 lastport = &pcbinfo->ipi_lasthi; 1304 } else if (inp->inp_flags & INP_LOWPORT) { 1305 cred = kauth_cred_proc_ref(p); 1306 error = priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT, 0); 1307 kauth_cred_unref(&cred); 1308 if (error != 0) { 1309 if (!locked) 1310 lck_rw_done(pcbinfo->ipi_lock); 1311 return (error); 1312 } 1313 first = ipport_lowfirstauto; /* 1023 */ 1314 last = ipport_lowlastauto; /* 600 */ 1315 lastport = &pcbinfo->ipi_lastlow; 1316 } else { 1317 first = ipport_firstauto; /* sysctl */ 1318 last = ipport_lastauto; 1319 lastport = &pcbinfo->ipi_lastport; 1320 } 1321 /* 1322 * Simple check to ensure all ports are not used up causing 1323 * a deadlock here. 1324 * 1325 * We split the two cases (up and down) so that the direction 1326 * is not being tested on each round of the loop. 1327 */ 1328 if (first > last) { 1329 /* 1330 * counting down 1331 */ 1332 count = first - last; 1333 1334 do { 1335 if (count-- < 0) { /* completely used? */ 1336 /* 1337 * Undo any address bind that may have 1338 * occurred above. 1339 */ 1340 inp->in6p_laddr = in6addr_any; 1341 inp->in6p_last_outifp = NULL; 1342 if (!locked) 1343 lck_rw_done(pcbinfo->ipi_lock); 1344 return (EAGAIN); 1345 } 1346 --*lastport; 1347 if (*lastport > first || *lastport < last) 1348 *lastport = first; 1349 lport = htons(*lastport); 1350 } while (in6_pcblookup_local(pcbinfo, &inp->in6p_laddr, lport, 1351 wild)); 1352 } else { 1353 /* counting up */ 1354 count = last - first; 1355 1356 do { 1357 if (count-- < 0) { /* completely used? */ 1358 /* 1359 * Undo any address bind that may have 1360 * occurred above. 1361 */ 1362 inp->in6p_laddr = in6addr_any; 1363 inp->in6p_last_outifp = NULL; 1364 if (!locked) 1365 lck_rw_done(pcbinfo->ipi_lock); 1366 return (EAGAIN); 1367 } 1368 ++*lastport; 1369 if (*lastport < first || *lastport > last) 1370 *lastport = first; 1371 lport = htons(*lastport); 1372 } while (in6_pcblookup_local(pcbinfo, &inp->in6p_laddr, lport, 1373 wild)); 1374 } 1375 1376 inp->inp_lport = lport; 1377 inp->inp_flags |= INP_ANONPORT; 1378 1379 if (in_pcbinshash(inp, 1) != 0) { 1380 inp->in6p_laddr = in6addr_any; 1381 inp->in6p_last_outifp = NULL; 1382 1383 inp->inp_lport = 0; 1384 inp->inp_flags &= ~INP_ANONPORT; 1385 if (!locked) 1386 lck_rw_done(pcbinfo->ipi_lock); 1387 return (EAGAIN); 1388 } 1389 1390 if (!locked) 1391 lck_rw_done(pcbinfo->ipi_lock); 1392 return (0); 1393} 1394 1395/* 1396 * The followings are implementation of the policy table using a 1397 * simple tail queue. 1398 * XXX such details should be hidden. 1399 * XXX implementation using binary tree should be more efficient. 1400 */ 1401struct addrsel_policyent { 1402 TAILQ_ENTRY(addrsel_policyent) ape_entry; 1403 struct in6_addrpolicy ape_policy; 1404}; 1405 1406TAILQ_HEAD(addrsel_policyhead, addrsel_policyent); 1407 1408struct addrsel_policyhead addrsel_policytab; 1409 1410static void 1411init_policy_queue(void) 1412{ 1413 TAILQ_INIT(&addrsel_policytab); 1414} 1415 1416void 1417addrsel_policy_init(void) 1418{ 1419 /* 1420 * Default address selection policy based on RFC 6724. 1421 */ 1422 static const struct in6_addrpolicy defaddrsel[] = { 1423 /* Loopback -- prefix=::1/128, precedence=50, label=0 */ 1424 { 1425 .addr = { 1426 .sin6_family = AF_INET6, 1427 .sin6_addr = IN6ADDR_LOOPBACK_INIT, 1428 .sin6_len = sizeof (struct sockaddr_in6) 1429 }, 1430 .addrmask = { 1431 .sin6_family = AF_INET6, 1432 .sin6_addr = IN6MASK128, 1433 .sin6_len = sizeof (struct sockaddr_in6) 1434 }, 1435 .preced = 50, 1436 .label = 0 1437 }, 1438 1439 /* Unspecified -- prefix=::/0, precedence=40, label=1 */ 1440 { 1441 .addr = { 1442 .sin6_family = AF_INET6, 1443 .sin6_addr = IN6ADDR_ANY_INIT, 1444 .sin6_len = sizeof (struct sockaddr_in6) 1445 }, 1446 .addrmask = { 1447 .sin6_family = AF_INET6, 1448 .sin6_addr = IN6MASK0, 1449 .sin6_len = sizeof (struct sockaddr_in6) 1450 }, 1451 .preced = 40, 1452 .label = 1 1453 }, 1454 1455 /* IPv4 Mapped -- prefix=::ffff:0:0/96, precedence=35, label=4 */ 1456 { 1457 .addr = { 1458 .sin6_family = AF_INET6, 1459 .sin6_addr = IN6ADDR_V4MAPPED_INIT, 1460 .sin6_len = sizeof (struct sockaddr_in6) 1461 }, 1462 .addrmask = { 1463 .sin6_family = AF_INET6, 1464 .sin6_addr = IN6MASK96, 1465 .sin6_len = sizeof (struct sockaddr_in6) 1466 }, 1467 .preced = 35, 1468 .label = 4 1469 }, 1470 1471 /* 6to4 -- prefix=2002::/16, precedence=30, label=2 */ 1472 { 1473 .addr = { 1474 .sin6_family = AF_INET6, 1475 .sin6_addr = {{{ 0x20, 0x02 }}}, 1476 .sin6_len = sizeof (struct sockaddr_in6) 1477 }, 1478 .addrmask = { 1479 .sin6_family = AF_INET6, 1480 .sin6_addr = IN6MASK16, 1481 .sin6_len = sizeof (struct sockaddr_in6) 1482 }, 1483 .preced = 30, 1484 .label = 2 1485 }, 1486 1487 /* Teredo -- prefix=2001::/32, precedence=5, label=5 */ 1488 { 1489 .addr = { 1490 .sin6_family = AF_INET6, 1491 .sin6_addr = {{{ 0x20, 0x01 }}}, 1492 .sin6_len = sizeof (struct sockaddr_in6) 1493 }, 1494 .addrmask = { 1495 .sin6_family = AF_INET6, 1496 .sin6_addr = IN6MASK32, 1497 .sin6_len = sizeof (struct sockaddr_in6) 1498 }, 1499 .preced = 5, 1500 .label = 5 1501 }, 1502 1503 /* Unique Local (ULA) -- prefix=fc00::/7, precedence=3, label=13 */ 1504 { 1505 .addr = { 1506 .sin6_family = AF_INET6, 1507 .sin6_addr = {{{ 0xfc }}}, 1508 .sin6_len = sizeof (struct sockaddr_in6) 1509 }, 1510 .addrmask = { 1511 .sin6_family = AF_INET6, 1512 .sin6_addr = IN6MASK7, 1513 .sin6_len = sizeof (struct sockaddr_in6) 1514 }, 1515 .preced = 3, 1516 .label = 13 1517 }, 1518 1519 /* IPv4 Compatible -- prefix=::/96, precedence=1, label=3 */ 1520 { 1521 .addr = { 1522 .sin6_family = AF_INET6, 1523 .sin6_addr = IN6ADDR_ANY_INIT, 1524 .sin6_len = sizeof (struct sockaddr_in6) 1525 }, 1526 .addrmask = { 1527 .sin6_family = AF_INET6, 1528 .sin6_addr = IN6MASK96, 1529 .sin6_len = sizeof (struct sockaddr_in6) 1530 }, 1531 .preced = 1, 1532 .label = 3 1533 }, 1534 1535 /* Site-local (deprecated) -- prefix=fec0::/10, precedence=1, label=11 */ 1536 { 1537 .addr = { 1538 .sin6_family = AF_INET6, 1539 .sin6_addr = {{{ 0xfe, 0xc0 }}}, 1540 .sin6_len = sizeof (struct sockaddr_in6) 1541 }, 1542 .addrmask = { 1543 .sin6_family = AF_INET6, 1544 .sin6_addr = IN6MASK16, 1545 .sin6_len = sizeof (struct sockaddr_in6) 1546 }, 1547 .preced = 1, 1548 .label = 11 1549 }, 1550 1551 /* 6bone (deprecated) -- prefix=3ffe::/16, precedence=1, label=12 */ 1552 { 1553 .addr = { 1554 .sin6_family = AF_INET6, 1555 .sin6_addr = {{{ 0x3f, 0xfe }}}, 1556 .sin6_len = sizeof (struct sockaddr_in6) 1557 }, 1558 .addrmask = { 1559 .sin6_family = AF_INET6, 1560 .sin6_addr = IN6MASK16, 1561 .sin6_len = sizeof (struct sockaddr_in6) 1562 }, 1563 .preced = 1, 1564 .label = 12 1565 }, 1566 }; 1567 int i; 1568 1569 init_policy_queue(); 1570 1571 /* initialize the "last resort" policy */ 1572 bzero(&defaultaddrpolicy, sizeof (defaultaddrpolicy)); 1573 defaultaddrpolicy.label = ADDR_LABEL_NOTAPP; 1574 1575 for (i = 0; i < sizeof (defaddrsel) / sizeof (defaddrsel[0]); i++) 1576 add_addrsel_policyent(&defaddrsel[i]); 1577 1578} 1579 1580struct in6_addrpolicy * 1581in6_addrsel_lookup_policy(struct sockaddr_in6 *key) 1582{ 1583 struct in6_addrpolicy *match = NULL; 1584 1585 ADDRSEL_LOCK(); 1586 match = match_addrsel_policy(key); 1587 1588 if (match == NULL) 1589 match = &defaultaddrpolicy; 1590 else 1591 match->use++; 1592 ADDRSEL_UNLOCK(); 1593 1594 return (match); 1595} 1596 1597static struct in6_addrpolicy * 1598match_addrsel_policy(struct sockaddr_in6 *key) 1599{ 1600 struct addrsel_policyent *pent; 1601 struct in6_addrpolicy *bestpol = NULL, *pol; 1602 int matchlen, bestmatchlen = -1; 1603 u_char *mp, *ep, *k, *p, m; 1604 1605 TAILQ_FOREACH(pent, &addrsel_policytab, ape_entry) { 1606 matchlen = 0; 1607 1608 pol = &pent->ape_policy; 1609 mp = (u_char *)&pol->addrmask.sin6_addr; 1610 ep = mp + 16; /* XXX: scope field? */ 1611 k = (u_char *)&key->sin6_addr; 1612 p = (u_char *)&pol->addr.sin6_addr; 1613 for (; mp < ep && *mp; mp++, k++, p++) { 1614 m = *mp; 1615 if ((*k & m) != *p) 1616 goto next; /* not match */ 1617 if (m == 0xff) /* short cut for a typical case */ 1618 matchlen += 8; 1619 else { 1620 while (m >= 0x80) { 1621 matchlen++; 1622 m <<= 1; 1623 } 1624 } 1625 } 1626 1627 /* matched. check if this is better than the current best. */ 1628 if (bestpol == NULL || 1629 matchlen > bestmatchlen) { 1630 bestpol = pol; 1631 bestmatchlen = matchlen; 1632 } 1633 1634 next: 1635 continue; 1636 } 1637 1638 return (bestpol); 1639} 1640 1641static int 1642add_addrsel_policyent(const struct in6_addrpolicy *newpolicy) 1643{ 1644 struct addrsel_policyent *new, *pol; 1645 1646 MALLOC(new, struct addrsel_policyent *, sizeof (*new), M_IFADDR, 1647 M_WAITOK); 1648 1649 ADDRSEL_LOCK(); 1650 1651 /* duplication check */ 1652 TAILQ_FOREACH(pol, &addrsel_policytab, ape_entry) { 1653 if (IN6_ARE_ADDR_EQUAL(&newpolicy->addr.sin6_addr, 1654 &pol->ape_policy.addr.sin6_addr) && 1655 IN6_ARE_ADDR_EQUAL(&newpolicy->addrmask.sin6_addr, 1656 &pol->ape_policy.addrmask.sin6_addr)) { 1657 ADDRSEL_UNLOCK(); 1658 FREE(new, M_IFADDR); 1659 return (EEXIST); /* or override it? */ 1660 } 1661 } 1662 1663 bzero(new, sizeof (*new)); 1664 1665 /* XXX: should validate entry */ 1666 new->ape_policy = *newpolicy; 1667 1668 TAILQ_INSERT_TAIL(&addrsel_policytab, new, ape_entry); 1669 ADDRSEL_UNLOCK(); 1670 1671 return (0); 1672} 1673#ifdef ENABLE_ADDRSEL 1674static int 1675delete_addrsel_policyent(const struct in6_addrpolicy *key) 1676{ 1677 struct addrsel_policyent *pol; 1678 1679 1680 ADDRSEL_LOCK(); 1681 1682 /* search for the entry in the table */ 1683 TAILQ_FOREACH(pol, &addrsel_policytab, ape_entry) { 1684 if (IN6_ARE_ADDR_EQUAL(&key->addr.sin6_addr, 1685 &pol->ape_policy.addr.sin6_addr) && 1686 IN6_ARE_ADDR_EQUAL(&key->addrmask.sin6_addr, 1687 &pol->ape_policy.addrmask.sin6_addr)) { 1688 break; 1689 } 1690 } 1691 if (pol == NULL) { 1692 ADDRSEL_UNLOCK(); 1693 return (ESRCH); 1694 } 1695 1696 TAILQ_REMOVE(&addrsel_policytab, pol, ape_entry); 1697 FREE(pol, M_IFADDR); 1698 pol = NULL; 1699 ADDRSEL_UNLOCK(); 1700 1701 return (0); 1702} 1703#endif /* ENABLE_ADDRSEL */ 1704 1705int 1706walk_addrsel_policy(int (*callback)(const struct in6_addrpolicy *, void *), 1707 void *w) 1708{ 1709 struct addrsel_policyent *pol; 1710 int error = 0; 1711 1712 ADDRSEL_LOCK(); 1713 TAILQ_FOREACH(pol, &addrsel_policytab, ape_entry) { 1714 if ((error = (*callback)(&pol->ape_policy, w)) != 0) { 1715 ADDRSEL_UNLOCK(); 1716 return (error); 1717 } 1718 } 1719 ADDRSEL_UNLOCK(); 1720 return (error); 1721} 1722/* 1723 * Subroutines to manage the address selection policy table via sysctl. 1724 */ 1725struct walkarg { 1726 struct sysctl_req *w_req; 1727}; 1728 1729 1730static int 1731dump_addrsel_policyent(const struct in6_addrpolicy *pol, void *arg) 1732{ 1733 int error = 0; 1734 struct walkarg *w = arg; 1735 1736 error = SYSCTL_OUT(w->w_req, pol, sizeof (*pol)); 1737 1738 return (error); 1739} 1740 1741static int 1742in6_src_sysctl SYSCTL_HANDLER_ARGS 1743{ 1744#pragma unused(oidp, arg1, arg2) 1745struct walkarg w; 1746 1747 if (req->newptr) 1748 return (EPERM); 1749 bzero(&w, sizeof (w)); 1750 w.w_req = req; 1751 1752 return (walk_addrsel_policy(dump_addrsel_policyent, &w)); 1753} 1754 1755 1756SYSCTL_NODE(_net_inet6_ip6, IPV6CTL_ADDRCTLPOLICY, addrctlpolicy, 1757 CTLFLAG_RD | CTLFLAG_LOCKED, in6_src_sysctl, ""); 1758int 1759in6_src_ioctl(u_long cmd, caddr_t data) 1760{ 1761 int i; 1762 struct in6_addrpolicy ent0; 1763 1764 if (cmd != SIOCAADDRCTL_POLICY && cmd != SIOCDADDRCTL_POLICY) 1765 return (EOPNOTSUPP); /* check for safety */ 1766 1767 bcopy(data, &ent0, sizeof (ent0)); 1768 1769 if (ent0.label == ADDR_LABEL_NOTAPP) 1770 return (EINVAL); 1771 /* check if the prefix mask is consecutive. */ 1772 if (in6_mask2len(&ent0.addrmask.sin6_addr, NULL) < 0) 1773 return (EINVAL); 1774 /* clear trailing garbages (if any) of the prefix address. */ 1775 for (i = 0; i < 4; i++) { 1776 ent0.addr.sin6_addr.s6_addr32[i] &= 1777 ent0.addrmask.sin6_addr.s6_addr32[i]; 1778 } 1779 ent0.use = 0; 1780 1781 switch (cmd) { 1782 case SIOCAADDRCTL_POLICY: 1783#ifdef ENABLE_ADDRSEL 1784 return (add_addrsel_policyent(&ent0)); 1785#else 1786 return (ENOTSUP); 1787#endif 1788 case SIOCDADDRCTL_POLICY: 1789#ifdef ENABLE_ADDRSEL 1790 return (delete_addrsel_policyent(&ent0)); 1791#else 1792 return (ENOTSUP); 1793#endif 1794 } 1795 1796 return (0); /* XXX: compromise compilers */ 1797} 1798 1799/* 1800 * generate kernel-internal form (scopeid embedded into s6_addr16[1]). 1801 * If the address scope of is link-local, embed the interface index in the 1802 * address. The routine determines our precedence 1803 * between advanced API scope/interface specification and basic API 1804 * specification. 1805 * 1806 * this function should be nuked in the future, when we get rid of 1807 * embedded scopeid thing. 1808 * 1809 * XXX actually, it is over-specification to return ifp against sin6_scope_id. 1810 * there can be multiple interfaces that belong to a particular scope zone 1811 * (in specification, we have 1:N mapping between a scope zone and interfaces). 1812 * we may want to change the function to return something other than ifp. 1813 */ 1814int 1815in6_embedscope(struct in6_addr *in6, const struct sockaddr_in6 *sin6, 1816 struct in6pcb *in6p, struct ifnet **ifpp, struct ip6_pktopts *opt) 1817{ 1818 struct ifnet *ifp = NULL; 1819 u_int32_t scopeid; 1820 struct ip6_pktopts *optp = NULL; 1821 1822 *in6 = sin6->sin6_addr; 1823 scopeid = sin6->sin6_scope_id; 1824 if (ifpp != NULL) 1825 *ifpp = NULL; 1826 1827 /* 1828 * don't try to read sin6->sin6_addr beyond here, since the caller may 1829 * ask us to overwrite existing sockaddr_in6 1830 */ 1831 1832#ifdef ENABLE_DEFAULT_SCOPE 1833 if (scopeid == 0) 1834 scopeid = scope6_addr2default(in6); 1835#endif 1836 1837 if (IN6_IS_SCOPE_LINKLOCAL(in6) || IN6_IS_ADDR_MC_INTFACELOCAL(in6)) { 1838 struct in6_pktinfo *pi; 1839 struct ifnet *im6o_multicast_ifp = NULL; 1840 1841 if (in6p != NULL && IN6_IS_ADDR_MULTICAST(in6) && 1842 in6p->in6p_moptions != NULL) { 1843 IM6O_LOCK(in6p->in6p_moptions); 1844 im6o_multicast_ifp = 1845 in6p->in6p_moptions->im6o_multicast_ifp; 1846 IM6O_UNLOCK(in6p->in6p_moptions); 1847 } 1848 1849 if (opt != NULL) 1850 optp = opt; 1851 else if (in6p != NULL) 1852 optp = in6p->in6p_outputopts; 1853 /* 1854 * KAME assumption: link id == interface id 1855 */ 1856 if (in6p != NULL && optp != NULL && 1857 (pi = optp->ip6po_pktinfo) != NULL && 1858 pi->ipi6_ifindex != 0) { 1859 /* ifp is needed here if only we're returning it */ 1860 if (ifpp != NULL) { 1861 ifnet_head_lock_shared(); 1862 ifp = ifindex2ifnet[pi->ipi6_ifindex]; 1863 ifnet_head_done(); 1864 } 1865 in6->s6_addr16[1] = htons(pi->ipi6_ifindex); 1866 } else if (in6p != NULL && IN6_IS_ADDR_MULTICAST(in6) && 1867 in6p->in6p_moptions != NULL && im6o_multicast_ifp != NULL) { 1868 ifp = im6o_multicast_ifp; 1869 in6->s6_addr16[1] = htons(ifp->if_index); 1870 } else if (scopeid != 0) { 1871 /* 1872 * Since scopeid is unsigned, we only have to check it 1873 * against if_index (ifnet_head_lock not needed since 1874 * if_index is an ever-increasing integer.) 1875 */ 1876 if (if_index < scopeid) 1877 return (ENXIO); /* XXX EINVAL? */ 1878 1879 /* ifp is needed here only if we're returning it */ 1880 if (ifpp != NULL) { 1881 ifnet_head_lock_shared(); 1882 ifp = ifindex2ifnet[scopeid]; 1883 ifnet_head_done(); 1884 } 1885 /* XXX assignment to 16bit from 32bit variable */ 1886 in6->s6_addr16[1] = htons(scopeid & 0xffff); 1887 } 1888 1889 if (ifpp != NULL) { 1890 if (ifp != NULL) 1891 ifnet_reference(ifp); /* for caller */ 1892 *ifpp = ifp; 1893 } 1894 } 1895 1896 return (0); 1897} 1898 1899/* 1900 * generate standard sockaddr_in6 from embedded form. 1901 * touches sin6_addr and sin6_scope_id only. 1902 * 1903 * this function should be nuked in the future, when we get rid of 1904 * embedded scopeid thing. 1905 */ 1906int 1907in6_recoverscope( 1908 struct sockaddr_in6 *sin6, 1909 const struct in6_addr *in6, 1910 struct ifnet *ifp) 1911{ 1912 u_int32_t scopeid; 1913 1914 sin6->sin6_addr = *in6; 1915 1916 /* 1917 * don't try to read *in6 beyond here, since the caller may 1918 * ask us to overwrite existing sockaddr_in6 1919 */ 1920 1921 sin6->sin6_scope_id = 0; 1922 if (IN6_IS_SCOPE_LINKLOCAL(in6) || IN6_IS_ADDR_MC_INTFACELOCAL(in6)) { 1923 /* 1924 * KAME assumption: link id == interface id 1925 */ 1926 scopeid = ntohs(sin6->sin6_addr.s6_addr16[1]); 1927 if (scopeid) { 1928 /* 1929 * sanity check 1930 * 1931 * Since scopeid is unsigned, we only have to check it 1932 * against if_index 1933 */ 1934 if (if_index < scopeid) 1935 return (ENXIO); 1936 if (ifp && ifp->if_index != scopeid) 1937 return (ENXIO); 1938 sin6->sin6_addr.s6_addr16[1] = 0; 1939 sin6->sin6_scope_id = scopeid; 1940 } 1941 } 1942 1943 return (0); 1944} 1945