1 /* $FreeBSD$ */ 2 /* $KAME: if_gif.c,v 1.87 2001/10/19 08:50:27 itojun Exp $ */ 3 4 /*- 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 #include "opt_inet.h" 34 #include "opt_inet6.h" 35 36 #include <sys/param.h> 37 #include <sys/systm.h> 38 #include <sys/jail.h> 39 #include <sys/kernel.h> 40 #include <sys/malloc.h> 41 #include <sys/mbuf.h> 42 #include <sys/module.h> 43 #include <sys/socket.h> 44 #include <sys/sockio.h> 45 #include <sys/errno.h> 46 #include <sys/time.h> 47 #include <sys/sysctl.h> 48 #include <sys/syslog.h> 49 #include <sys/priv.h> 50 #include <sys/proc.h> 51 #include <sys/protosw.h> 52 #include <sys/conf.h> 53 #include <machine/cpu.h> 54 55 #include <net/if.h> 56 #include <net/if_var.h> 57 #include <net/if_clone.h> 58 #include <net/if_types.h> 59 #include <net/netisr.h> 60 #include <net/route.h> 61 #include <net/bpf.h> 62 #include <net/vnet.h> 63 64 #include <netinet/in.h> 65 #include <netinet/in_systm.h> 66 #include <netinet/ip.h> 67 #ifdef INET 68 #include <netinet/in_var.h> 69 #include <netinet/in_gif.h> 70 #include <netinet/ip_var.h> 71 #endif /* INET */ 72 73 #ifdef INET6 74 #ifndef INET 75 #include <netinet/in.h> 76 #endif 77 #include <netinet6/in6_var.h> 78 #include <netinet/ip6.h> 79 #include <netinet6/ip6_var.h> 80 #include <netinet6/scope6_var.h> 81 #include <netinet6/in6_gif.h> 82 #include <netinet6/ip6protosw.h> 83 #endif /* INET6 */ 84 85 #include <netinet/ip_encap.h> 86 #include <net/ethernet.h> 87 #include <net/if_bridgevar.h> 88 #include <net/if_gif.h> 89 90 #include <security/mac/mac_framework.h> 91 92 static const char gifname[] = "gif"; 93 94 /* 95 * gif_mtx protects the global gif_softc_list. 96 */ 97 static struct mtx gif_mtx; 98 static MALLOC_DEFINE(M_GIF, "gif", "Generic Tunnel Interface"); 99 static VNET_DEFINE(LIST_HEAD(, gif_softc), gif_softc_list); 100 #define V_gif_softc_list VNET(gif_softc_list) 101 102 void (*ng_gif_input_p)(struct ifnet *ifp, struct mbuf **mp, int af); 103 void (*ng_gif_input_orphan_p)(struct ifnet *ifp, struct mbuf *m, int af); 104 void (*ng_gif_attach_p)(struct ifnet *ifp); 105 void (*ng_gif_detach_p)(struct ifnet *ifp); 106 107 static void gif_start(struct ifnet *); 108 static int gif_clone_create(struct if_clone *, int, caddr_t); 109 static void gif_clone_destroy(struct ifnet *); 110 static struct if_clone *gif_cloner; 111 112 static int gifmodevent(module_t, int, void *); 113 114 SYSCTL_DECL(_net_link); 115 static SYSCTL_NODE(_net_link, IFT_GIF, gif, CTLFLAG_RW, 0, 116 "Generic Tunnel Interface"); 117 #ifndef MAX_GIF_NEST 118 /* 119 * This macro controls the default upper limitation on nesting of gif tunnels. 120 * Since, setting a large value to this macro with a careless configuration 121 * may introduce system crash, we don't allow any nestings by default. 122 * If you need to configure nested gif tunnels, you can define this macro 123 * in your kernel configuration file. However, if you do so, please be 124 * careful to configure the tunnels so that it won't make a loop. 125 */ 126 #define MAX_GIF_NEST 1 127 #endif 128 static VNET_DEFINE(int, max_gif_nesting) = MAX_GIF_NEST; 129 #define V_max_gif_nesting VNET(max_gif_nesting) 130 SYSCTL_VNET_INT(_net_link_gif, OID_AUTO, max_nesting, CTLFLAG_RW, 131 &VNET_NAME(max_gif_nesting), 0, "Max nested tunnels"); 132 133 /* 134 * By default, we disallow creation of multiple tunnels between the same 135 * pair of addresses. Some applications require this functionality so 136 * we allow control over this check here. 137 */ 138 #ifdef XBONEHACK 139 static VNET_DEFINE(int, parallel_tunnels) = 1; 140 #else 141 static VNET_DEFINE(int, parallel_tunnels) = 0; 142 #endif 143 #define V_parallel_tunnels VNET(parallel_tunnels) 144 SYSCTL_VNET_INT(_net_link_gif, OID_AUTO, parallel_tunnels, CTLFLAG_RW, 145 &VNET_NAME(parallel_tunnels), 0, "Allow parallel tunnels?"); 146 147 /* copy from src/sys/net/if_ethersubr.c */ 148 static const u_char etherbroadcastaddr[ETHER_ADDR_LEN] = 149 { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 150 #ifndef ETHER_IS_BROADCAST 151 #define ETHER_IS_BROADCAST(addr) \ 152 (bcmp(etherbroadcastaddr, (addr), ETHER_ADDR_LEN) == 0) 153 #endif 154 155 static int 156 gif_clone_create(ifc, unit, params) 157 struct if_clone *ifc; 158 int unit; 159 caddr_t params; 160 { 161 struct gif_softc *sc; 162 163 sc = malloc(sizeof(struct gif_softc), M_GIF, M_WAITOK | M_ZERO); 164 sc->gif_fibnum = curthread->td_proc->p_fibnum; 165 GIF2IFP(sc) = if_alloc(IFT_GIF); 166 if (GIF2IFP(sc) == NULL) { 167 free(sc, M_GIF); 168 return (ENOSPC); 169 } 170 171 GIF_LOCK_INIT(sc); 172 173 GIF2IFP(sc)->if_softc = sc; 174 if_initname(GIF2IFP(sc), gifname, unit); 175 176 sc->encap_cookie4 = sc->encap_cookie6 = NULL; 177 sc->gif_options = 0; 178 179 GIF2IFP(sc)->if_addrlen = 0; 180 GIF2IFP(sc)->if_mtu = GIF_MTU; 181 GIF2IFP(sc)->if_flags = IFF_POINTOPOINT | IFF_MULTICAST; 182 #if 0 183 /* turn off ingress filter */ 184 GIF2IFP(sc)->if_flags |= IFF_LINK2; 185 #endif 186 GIF2IFP(sc)->if_ioctl = gif_ioctl; 187 GIF2IFP(sc)->if_start = gif_start; 188 GIF2IFP(sc)->if_output = gif_output; 189 GIF2IFP(sc)->if_snd.ifq_maxlen = ifqmaxlen; 190 if_attach(GIF2IFP(sc)); 191 bpfattach(GIF2IFP(sc), DLT_NULL, sizeof(u_int32_t)); 192 if (ng_gif_attach_p != NULL) 193 (*ng_gif_attach_p)(GIF2IFP(sc)); 194 195 mtx_lock(&gif_mtx); 196 LIST_INSERT_HEAD(&V_gif_softc_list, sc, gif_list); 197 mtx_unlock(&gif_mtx); 198 199 return (0); 200 } 201 202 static void 203 gif_clone_destroy(ifp) 204 struct ifnet *ifp; 205 { 206 #if defined(INET) || defined(INET6) 207 int err; 208 #endif 209 struct gif_softc *sc = ifp->if_softc; 210 211 mtx_lock(&gif_mtx); 212 LIST_REMOVE(sc, gif_list); 213 mtx_unlock(&gif_mtx); 214 215 gif_delete_tunnel(ifp); 216 #ifdef INET6 217 if (sc->encap_cookie6 != NULL) { 218 err = encap_detach(sc->encap_cookie6); 219 KASSERT(err == 0, ("Unexpected error detaching encap_cookie6")); 220 } 221 #endif 222 #ifdef INET 223 if (sc->encap_cookie4 != NULL) { 224 err = encap_detach(sc->encap_cookie4); 225 KASSERT(err == 0, ("Unexpected error detaching encap_cookie4")); 226 } 227 #endif 228 229 if (ng_gif_detach_p != NULL) 230 (*ng_gif_detach_p)(ifp); 231 bpfdetach(ifp); 232 if_detach(ifp); 233 if_free(ifp); 234 235 GIF_LOCK_DESTROY(sc); 236 237 free(sc, M_GIF); 238 } 239 240 static void 241 vnet_gif_init(const void *unused __unused) 242 { 243 244 LIST_INIT(&V_gif_softc_list); 245 } 246 VNET_SYSINIT(vnet_gif_init, SI_SUB_PSEUDO, SI_ORDER_MIDDLE, vnet_gif_init, 247 NULL); 248 249 static int 250 gifmodevent(mod, type, data) 251 module_t mod; 252 int type; 253 void *data; 254 { 255 256 switch (type) { 257 case MOD_LOAD: 258 mtx_init(&gif_mtx, "gif_mtx", NULL, MTX_DEF); 259 gif_cloner = if_clone_simple(gifname, gif_clone_create, 260 gif_clone_destroy, 0); 261 break; 262 263 case MOD_UNLOAD: 264 if_clone_detach(gif_cloner); 265 mtx_destroy(&gif_mtx); 266 break; 267 default: 268 return EOPNOTSUPP; 269 } 270 return 0; 271 } 272 273 static moduledata_t gif_mod = { 274 "if_gif", 275 gifmodevent, 276 0 277 }; 278 279 DECLARE_MODULE(if_gif, gif_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 280 MODULE_VERSION(if_gif, 1); 281 282 int 283 gif_encapcheck(m, off, proto, arg) 284 const struct mbuf *m; 285 int off; 286 int proto; 287 void *arg; 288 { 289 struct ip ip; 290 struct gif_softc *sc; 291 292 sc = (struct gif_softc *)arg; 293 if (sc == NULL) 294 return 0; 295 296 if ((GIF2IFP(sc)->if_flags & IFF_UP) == 0) 297 return 0; 298 299 /* no physical address */ 300 if (!sc->gif_psrc || !sc->gif_pdst) 301 return 0; 302 303 switch (proto) { 304 #ifdef INET 305 case IPPROTO_IPV4: 306 break; 307 #endif 308 #ifdef INET6 309 case IPPROTO_IPV6: 310 break; 311 #endif 312 case IPPROTO_ETHERIP: 313 break; 314 315 default: 316 return 0; 317 } 318 319 /* Bail on short packets */ 320 if (m->m_pkthdr.len < sizeof(ip)) 321 return 0; 322 323 m_copydata(m, 0, sizeof(ip), (caddr_t)&ip); 324 325 switch (ip.ip_v) { 326 #ifdef INET 327 case 4: 328 if (sc->gif_psrc->sa_family != AF_INET || 329 sc->gif_pdst->sa_family != AF_INET) 330 return 0; 331 return gif_encapcheck4(m, off, proto, arg); 332 #endif 333 #ifdef INET6 334 case 6: 335 if (m->m_pkthdr.len < sizeof(struct ip6_hdr)) 336 return 0; 337 if (sc->gif_psrc->sa_family != AF_INET6 || 338 sc->gif_pdst->sa_family != AF_INET6) 339 return 0; 340 return gif_encapcheck6(m, off, proto, arg); 341 #endif 342 default: 343 return 0; 344 } 345 } 346 #ifdef INET 347 #define GIF_HDR_LEN (ETHER_HDR_LEN + sizeof (struct ip)) 348 #endif 349 #ifdef INET6 350 #define GIF_HDR_LEN6 (ETHER_HDR_LEN + sizeof (struct ip6_hdr)) 351 #endif 352 353 static void 354 gif_start(struct ifnet *ifp) 355 { 356 struct gif_softc *sc; 357 struct mbuf *m; 358 uint32_t af; 359 int error = 0; 360 361 sc = ifp->if_softc; 362 GIF_LOCK(sc); 363 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 364 while (!IFQ_DRV_IS_EMPTY(&ifp->if_snd)) { 365 366 IFQ_DRV_DEQUEUE(&ifp->if_snd, m); 367 if (m == 0) 368 break; 369 370 #ifdef ALTQ 371 /* Take out those altq bytes we add in gif_output */ 372 #ifdef INET 373 if (sc->gif_psrc->sa_family == AF_INET) 374 m->m_pkthdr.len -= GIF_HDR_LEN; 375 #endif 376 #ifdef INET6 377 if (sc->gif_psrc->sa_family == AF_INET6) 378 m->m_pkthdr.len -= GIF_HDR_LEN6; 379 #endif 380 #endif 381 /* 382 * Now pull back the af that we 383 * stashed in the csum_data. 384 */ 385 af = m->m_pkthdr.csum_data; 386 387 if (ifp->if_bridge) 388 af = AF_LINK; 389 390 BPF_MTAP2(ifp, &af, sizeof(af), m); 391 ifp->if_opackets++; 392 393 /* Done by IFQ_HANDOFF */ 394 /* ifp->if_obytes += m->m_pkthdr.len;*/ 395 /* override to IPPROTO_ETHERIP for bridged traffic */ 396 397 M_SETFIB(m, sc->gif_fibnum); 398 /* inner AF-specific encapsulation */ 399 /* XXX should we check if our outer source is legal? */ 400 /* dispatch to output logic based on outer AF */ 401 switch (sc->gif_psrc->sa_family) { 402 #ifdef INET 403 case AF_INET: 404 error = in_gif_output(ifp, af, m); 405 break; 406 #endif 407 #ifdef INET6 408 case AF_INET6: 409 error = in6_gif_output(ifp, af, m); 410 break; 411 #endif 412 default: 413 m_freem(m); 414 error = ENETDOWN; 415 } 416 if (error) 417 ifp->if_oerrors++; 418 419 } 420 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 421 GIF_UNLOCK(sc); 422 return; 423 } 424 425 int 426 gif_output(struct ifnet *ifp, struct mbuf *m, const struct sockaddr *dst, 427 struct route *ro) 428 { 429 struct gif_softc *sc = ifp->if_softc; 430 struct m_tag *mtag; 431 int error = 0; 432 int gif_called; 433 uint32_t af; 434 #ifdef MAC 435 error = mac_ifnet_check_transmit(ifp, m); 436 if (error) { 437 m_freem(m); 438 goto end; 439 } 440 #endif 441 if ((ifp->if_flags & IFF_MONITOR) != 0) { 442 error = ENETDOWN; 443 m_freem(m); 444 goto end; 445 } 446 447 /* 448 * gif may cause infinite recursion calls when misconfigured. 449 * We'll prevent this by detecting loops. 450 * 451 * High nesting level may cause stack exhaustion. 452 * We'll prevent this by introducing upper limit. 453 */ 454 gif_called = 1; 455 mtag = m_tag_locate(m, MTAG_GIF, MTAG_GIF_CALLED, NULL); 456 while (mtag != NULL) { 457 if (*(struct ifnet **)(mtag + 1) == ifp) { 458 log(LOG_NOTICE, 459 "gif_output: loop detected on %s\n", 460 (*(struct ifnet **)(mtag + 1))->if_xname); 461 m_freem(m); 462 error = EIO; /* is there better errno? */ 463 goto end; 464 } 465 mtag = m_tag_locate(m, MTAG_GIF, MTAG_GIF_CALLED, mtag); 466 gif_called++; 467 } 468 if (gif_called > V_max_gif_nesting) { 469 log(LOG_NOTICE, 470 "gif_output: recursively called too many times(%d)\n", 471 gif_called); 472 m_freem(m); 473 error = EIO; /* is there better errno? */ 474 goto end; 475 } 476 mtag = m_tag_alloc(MTAG_GIF, MTAG_GIF_CALLED, sizeof(struct ifnet *), 477 M_NOWAIT); 478 if (mtag == NULL) { 479 m_freem(m); 480 error = ENOMEM; 481 goto end; 482 } 483 *(struct ifnet **)(mtag + 1) = ifp; 484 m_tag_prepend(m, mtag); 485 486 m->m_flags &= ~(M_BCAST|M_MCAST); 487 /* BPF writes need to be handled specially. */ 488 if (dst->sa_family == AF_UNSPEC) 489 bcopy(dst->sa_data, &af, sizeof(af)); 490 else 491 af = dst->sa_family; 492 /* 493 * Now save the af in the inbound pkt csum 494 * data, this is a cheat since we are using 495 * the inbound csum_data field to carry the 496 * af over to the gif_start() routine, avoiding 497 * using yet another mtag. 498 */ 499 m->m_pkthdr.csum_data = af; 500 if (!(ifp->if_flags & IFF_UP) || 501 sc->gif_psrc == NULL || sc->gif_pdst == NULL) { 502 m_freem(m); 503 error = ENETDOWN; 504 goto end; 505 } 506 #ifdef ALTQ 507 /* 508 * Make altq aware of the bytes we will add 509 * when we actually send it. 510 */ 511 #ifdef INET 512 if (sc->gif_psrc->sa_family == AF_INET) 513 m->m_pkthdr.len += GIF_HDR_LEN; 514 #endif 515 #ifdef INET6 516 if (sc->gif_psrc->sa_family == AF_INET6) 517 m->m_pkthdr.len += GIF_HDR_LEN6; 518 #endif 519 #endif 520 /* 521 * Queue message on interface, update output statistics if 522 * successful, and start output if interface not yet active. 523 */ 524 IFQ_HANDOFF(ifp, m, error); 525 end: 526 if (error) 527 ifp->if_oerrors++; 528 return (error); 529 } 530 531 void 532 gif_input(m, af, ifp) 533 struct mbuf *m; 534 int af; 535 struct ifnet *ifp; 536 { 537 int isr, n; 538 struct gif_softc *sc; 539 struct etherip_header *eip; 540 struct ether_header *eh; 541 struct ifnet *oldifp; 542 543 if (ifp == NULL) { 544 /* just in case */ 545 m_freem(m); 546 return; 547 } 548 sc = ifp->if_softc; 549 m->m_pkthdr.rcvif = ifp; 550 551 #ifdef MAC 552 mac_ifnet_create_mbuf(ifp, m); 553 #endif 554 555 if (bpf_peers_present(ifp->if_bpf)) { 556 u_int32_t af1 = af; 557 bpf_mtap2(ifp->if_bpf, &af1, sizeof(af1), m); 558 } 559 560 if ((ifp->if_flags & IFF_MONITOR) != 0) { 561 ifp->if_ipackets++; 562 ifp->if_ibytes += m->m_pkthdr.len; 563 m_freem(m); 564 return; 565 } 566 567 if (ng_gif_input_p != NULL) { 568 (*ng_gif_input_p)(ifp, &m, af); 569 if (m == NULL) 570 return; 571 } 572 573 /* 574 * Put the packet to the network layer input queue according to the 575 * specified address family. 576 * Note: older versions of gif_input directly called network layer 577 * input functions, e.g. ip6_input, here. We changed the policy to 578 * prevent too many recursive calls of such input functions, which 579 * might cause kernel panic. But the change may introduce another 580 * problem; if the input queue is full, packets are discarded. 581 * The kernel stack overflow really happened, and we believed 582 * queue-full rarely occurs, so we changed the policy. 583 */ 584 switch (af) { 585 #ifdef INET 586 case AF_INET: 587 isr = NETISR_IP; 588 break; 589 #endif 590 #ifdef INET6 591 case AF_INET6: 592 isr = NETISR_IPV6; 593 break; 594 #endif 595 case AF_LINK: 596 n = sizeof(struct etherip_header) + sizeof(struct ether_header); 597 if (n > m->m_len) { 598 m = m_pullup(m, n); 599 if (m == NULL) { 600 ifp->if_ierrors++; 601 return; 602 } 603 } 604 605 eip = mtod(m, struct etherip_header *); 606 /* 607 * GIF_ACCEPT_REVETHIP (enabled by default) intentionally 608 * accepts an EtherIP packet with revered version field in 609 * the header. This is a knob for backward compatibility 610 * with FreeBSD 7.2R or prior. 611 */ 612 if (sc->gif_options & GIF_ACCEPT_REVETHIP) { 613 if (eip->eip_resvl != ETHERIP_VERSION 614 && eip->eip_ver != ETHERIP_VERSION) { 615 /* discard unknown versions */ 616 m_freem(m); 617 return; 618 } 619 } else { 620 if (eip->eip_ver != ETHERIP_VERSION) { 621 /* discard unknown versions */ 622 m_freem(m); 623 return; 624 } 625 } 626 m_adj(m, sizeof(struct etherip_header)); 627 628 m->m_flags &= ~(M_BCAST|M_MCAST); 629 m->m_pkthdr.rcvif = ifp; 630 631 if (ifp->if_bridge) { 632 oldifp = ifp; 633 eh = mtod(m, struct ether_header *); 634 if (ETHER_IS_MULTICAST(eh->ether_dhost)) { 635 if (ETHER_IS_BROADCAST(eh->ether_dhost)) 636 m->m_flags |= M_BCAST; 637 else 638 m->m_flags |= M_MCAST; 639 ifp->if_imcasts++; 640 } 641 BRIDGE_INPUT(ifp, m); 642 643 if (m != NULL && ifp != oldifp) { 644 /* 645 * The bridge gave us back itself or one of the 646 * members for which the frame is addressed. 647 */ 648 ether_demux(ifp, m); 649 return; 650 } 651 } 652 if (m != NULL) 653 m_freem(m); 654 return; 655 656 default: 657 if (ng_gif_input_orphan_p != NULL) 658 (*ng_gif_input_orphan_p)(ifp, m, af); 659 else 660 m_freem(m); 661 return; 662 } 663 664 ifp->if_ipackets++; 665 ifp->if_ibytes += m->m_pkthdr.len; 666 M_SETFIB(m, ifp->if_fib); 667 netisr_dispatch(isr, m); 668 } 669 670 /* XXX how should we handle IPv6 scope on SIOC[GS]IFPHYADDR? */ 671 int 672 gif_ioctl(ifp, cmd, data) 673 struct ifnet *ifp; 674 u_long cmd; 675 caddr_t data; 676 { 677 struct gif_softc *sc = ifp->if_softc; 678 struct ifreq *ifr = (struct ifreq*)data; 679 int error = 0, size; 680 u_int options; 681 struct sockaddr *dst, *src; 682 #ifdef SIOCSIFMTU /* xxx */ 683 u_long mtu; 684 #endif 685 686 switch (cmd) { 687 case SIOCSIFADDR: 688 ifp->if_flags |= IFF_UP; 689 break; 690 691 case SIOCADDMULTI: 692 case SIOCDELMULTI: 693 break; 694 695 #ifdef SIOCSIFMTU /* xxx */ 696 case SIOCGIFMTU: 697 break; 698 699 case SIOCSIFMTU: 700 mtu = ifr->ifr_mtu; 701 if (mtu < GIF_MTU_MIN || mtu > GIF_MTU_MAX) 702 return (EINVAL); 703 ifp->if_mtu = mtu; 704 break; 705 #endif /* SIOCSIFMTU */ 706 707 #ifdef INET 708 case SIOCSIFPHYADDR: 709 #endif 710 #ifdef INET6 711 case SIOCSIFPHYADDR_IN6: 712 #endif /* INET6 */ 713 case SIOCSLIFPHYADDR: 714 switch (cmd) { 715 #ifdef INET 716 case SIOCSIFPHYADDR: 717 src = (struct sockaddr *) 718 &(((struct in_aliasreq *)data)->ifra_addr); 719 dst = (struct sockaddr *) 720 &(((struct in_aliasreq *)data)->ifra_dstaddr); 721 break; 722 #endif 723 #ifdef INET6 724 case SIOCSIFPHYADDR_IN6: 725 src = (struct sockaddr *) 726 &(((struct in6_aliasreq *)data)->ifra_addr); 727 dst = (struct sockaddr *) 728 &(((struct in6_aliasreq *)data)->ifra_dstaddr); 729 break; 730 #endif 731 case SIOCSLIFPHYADDR: 732 src = (struct sockaddr *) 733 &(((struct if_laddrreq *)data)->addr); 734 dst = (struct sockaddr *) 735 &(((struct if_laddrreq *)data)->dstaddr); 736 break; 737 default: 738 return EINVAL; 739 } 740 741 /* sa_family must be equal */ 742 if (src->sa_family != dst->sa_family) 743 return EINVAL; 744 745 /* validate sa_len */ 746 switch (src->sa_family) { 747 #ifdef INET 748 case AF_INET: 749 if (src->sa_len != sizeof(struct sockaddr_in)) 750 return EINVAL; 751 break; 752 #endif 753 #ifdef INET6 754 case AF_INET6: 755 if (src->sa_len != sizeof(struct sockaddr_in6)) 756 return EINVAL; 757 break; 758 #endif 759 default: 760 return EAFNOSUPPORT; 761 } 762 switch (dst->sa_family) { 763 #ifdef INET 764 case AF_INET: 765 if (dst->sa_len != sizeof(struct sockaddr_in)) 766 return EINVAL; 767 break; 768 #endif 769 #ifdef INET6 770 case AF_INET6: 771 if (dst->sa_len != sizeof(struct sockaddr_in6)) 772 return EINVAL; 773 break; 774 #endif 775 default: 776 return EAFNOSUPPORT; 777 } 778 779 /* check sa_family looks sane for the cmd */ 780 switch (cmd) { 781 case SIOCSIFPHYADDR: 782 if (src->sa_family == AF_INET) 783 break; 784 return EAFNOSUPPORT; 785 #ifdef INET6 786 case SIOCSIFPHYADDR_IN6: 787 if (src->sa_family == AF_INET6) 788 break; 789 return EAFNOSUPPORT; 790 #endif /* INET6 */ 791 case SIOCSLIFPHYADDR: 792 /* checks done in the above */ 793 break; 794 } 795 796 error = gif_set_tunnel(GIF2IFP(sc), src, dst); 797 break; 798 799 #ifdef SIOCDIFPHYADDR 800 case SIOCDIFPHYADDR: 801 gif_delete_tunnel(GIF2IFP(sc)); 802 break; 803 #endif 804 805 case SIOCGIFPSRCADDR: 806 #ifdef INET6 807 case SIOCGIFPSRCADDR_IN6: 808 #endif /* INET6 */ 809 if (sc->gif_psrc == NULL) { 810 error = EADDRNOTAVAIL; 811 goto bad; 812 } 813 src = sc->gif_psrc; 814 switch (cmd) { 815 #ifdef INET 816 case SIOCGIFPSRCADDR: 817 dst = &ifr->ifr_addr; 818 size = sizeof(ifr->ifr_addr); 819 break; 820 #endif /* INET */ 821 #ifdef INET6 822 case SIOCGIFPSRCADDR_IN6: 823 dst = (struct sockaddr *) 824 &(((struct in6_ifreq *)data)->ifr_addr); 825 size = sizeof(((struct in6_ifreq *)data)->ifr_addr); 826 break; 827 #endif /* INET6 */ 828 default: 829 error = EADDRNOTAVAIL; 830 goto bad; 831 } 832 if (src->sa_len > size) 833 return EINVAL; 834 bcopy((caddr_t)src, (caddr_t)dst, src->sa_len); 835 #ifdef INET6 836 if (dst->sa_family == AF_INET6) { 837 error = sa6_recoverscope((struct sockaddr_in6 *)dst); 838 if (error != 0) 839 return (error); 840 } 841 #endif 842 break; 843 844 case SIOCGIFPDSTADDR: 845 #ifdef INET6 846 case SIOCGIFPDSTADDR_IN6: 847 #endif /* INET6 */ 848 if (sc->gif_pdst == NULL) { 849 error = EADDRNOTAVAIL; 850 goto bad; 851 } 852 src = sc->gif_pdst; 853 switch (cmd) { 854 #ifdef INET 855 case SIOCGIFPDSTADDR: 856 dst = &ifr->ifr_addr; 857 size = sizeof(ifr->ifr_addr); 858 break; 859 #endif /* INET */ 860 #ifdef INET6 861 case SIOCGIFPDSTADDR_IN6: 862 dst = (struct sockaddr *) 863 &(((struct in6_ifreq *)data)->ifr_addr); 864 size = sizeof(((struct in6_ifreq *)data)->ifr_addr); 865 break; 866 #endif /* INET6 */ 867 default: 868 error = EADDRNOTAVAIL; 869 goto bad; 870 } 871 if (src->sa_len > size) 872 return EINVAL; 873 error = prison_if(curthread->td_ucred, src); 874 if (error != 0) 875 return (error); 876 error = prison_if(curthread->td_ucred, dst); 877 if (error != 0) 878 return (error); 879 bcopy((caddr_t)src, (caddr_t)dst, src->sa_len); 880 #ifdef INET6 881 if (dst->sa_family == AF_INET6) { 882 error = sa6_recoverscope((struct sockaddr_in6 *)dst); 883 if (error != 0) 884 return (error); 885 } 886 #endif 887 break; 888 889 case SIOCGLIFPHYADDR: 890 if (sc->gif_psrc == NULL || sc->gif_pdst == NULL) { 891 error = EADDRNOTAVAIL; 892 goto bad; 893 } 894 895 /* copy src */ 896 src = sc->gif_psrc; 897 dst = (struct sockaddr *) 898 &(((struct if_laddrreq *)data)->addr); 899 size = sizeof(((struct if_laddrreq *)data)->addr); 900 if (src->sa_len > size) 901 return EINVAL; 902 bcopy((caddr_t)src, (caddr_t)dst, src->sa_len); 903 904 /* copy dst */ 905 src = sc->gif_pdst; 906 dst = (struct sockaddr *) 907 &(((struct if_laddrreq *)data)->dstaddr); 908 size = sizeof(((struct if_laddrreq *)data)->dstaddr); 909 if (src->sa_len > size) 910 return EINVAL; 911 bcopy((caddr_t)src, (caddr_t)dst, src->sa_len); 912 break; 913 914 case SIOCSIFFLAGS: 915 /* if_ioctl() takes care of it */ 916 break; 917 918 case GIFGOPTS: 919 options = sc->gif_options; 920 error = copyout(&options, ifr->ifr_data, 921 sizeof(options)); 922 break; 923 924 case GIFSOPTS: 925 if ((error = priv_check(curthread, PRIV_NET_GIF)) != 0) 926 break; 927 error = copyin(ifr->ifr_data, &options, sizeof(options)); 928 if (error) 929 break; 930 if (options & ~GIF_OPTMASK) 931 error = EINVAL; 932 else 933 sc->gif_options = options; 934 break; 935 936 default: 937 error = EINVAL; 938 break; 939 } 940 bad: 941 return error; 942 } 943 944 /* 945 * XXXRW: There's a general event-ordering issue here: the code to check 946 * if a given tunnel is already present happens before we perform a 947 * potentially blocking setup of the tunnel. This code needs to be 948 * re-ordered so that the check and replacement can be atomic using 949 * a mutex. 950 */ 951 int 952 gif_set_tunnel(ifp, src, dst) 953 struct ifnet *ifp; 954 struct sockaddr *src; 955 struct sockaddr *dst; 956 { 957 struct gif_softc *sc = ifp->if_softc; 958 struct gif_softc *sc2; 959 struct sockaddr *osrc, *odst, *sa; 960 int error = 0; 961 962 mtx_lock(&gif_mtx); 963 LIST_FOREACH(sc2, &V_gif_softc_list, gif_list) { 964 if (sc2 == sc) 965 continue; 966 if (!sc2->gif_pdst || !sc2->gif_psrc) 967 continue; 968 if (sc2->gif_pdst->sa_family != dst->sa_family || 969 sc2->gif_pdst->sa_len != dst->sa_len || 970 sc2->gif_psrc->sa_family != src->sa_family || 971 sc2->gif_psrc->sa_len != src->sa_len) 972 continue; 973 974 /* 975 * Disallow parallel tunnels unless instructed 976 * otherwise. 977 */ 978 if (!V_parallel_tunnels && 979 bcmp(sc2->gif_pdst, dst, dst->sa_len) == 0 && 980 bcmp(sc2->gif_psrc, src, src->sa_len) == 0) { 981 error = EADDRNOTAVAIL; 982 mtx_unlock(&gif_mtx); 983 goto bad; 984 } 985 986 /* XXX both end must be valid? (I mean, not 0.0.0.0) */ 987 } 988 mtx_unlock(&gif_mtx); 989 990 /* XXX we can detach from both, but be polite just in case */ 991 if (sc->gif_psrc) 992 switch (sc->gif_psrc->sa_family) { 993 #ifdef INET 994 case AF_INET: 995 (void)in_gif_detach(sc); 996 break; 997 #endif 998 #ifdef INET6 999 case AF_INET6: 1000 (void)in6_gif_detach(sc); 1001 break; 1002 #endif 1003 } 1004 1005 osrc = sc->gif_psrc; 1006 sa = (struct sockaddr *)malloc(src->sa_len, M_IFADDR, M_WAITOK); 1007 bcopy((caddr_t)src, (caddr_t)sa, src->sa_len); 1008 sc->gif_psrc = sa; 1009 1010 odst = sc->gif_pdst; 1011 sa = (struct sockaddr *)malloc(dst->sa_len, M_IFADDR, M_WAITOK); 1012 bcopy((caddr_t)dst, (caddr_t)sa, dst->sa_len); 1013 sc->gif_pdst = sa; 1014 1015 switch (sc->gif_psrc->sa_family) { 1016 #ifdef INET 1017 case AF_INET: 1018 error = in_gif_attach(sc); 1019 break; 1020 #endif 1021 #ifdef INET6 1022 case AF_INET6: 1023 /* 1024 * Check validity of the scope zone ID of the addresses, and 1025 * convert it into the kernel internal form if necessary. 1026 */ 1027 error = sa6_embedscope((struct sockaddr_in6 *)sc->gif_psrc, 0); 1028 if (error != 0) 1029 break; 1030 error = sa6_embedscope((struct sockaddr_in6 *)sc->gif_pdst, 0); 1031 if (error != 0) 1032 break; 1033 error = in6_gif_attach(sc); 1034 break; 1035 #endif 1036 } 1037 if (error) { 1038 /* rollback */ 1039 free((caddr_t)sc->gif_psrc, M_IFADDR); 1040 free((caddr_t)sc->gif_pdst, M_IFADDR); 1041 sc->gif_psrc = osrc; 1042 sc->gif_pdst = odst; 1043 goto bad; 1044 } 1045 1046 if (osrc) 1047 free((caddr_t)osrc, M_IFADDR); 1048 if (odst) 1049 free((caddr_t)odst, M_IFADDR); 1050 1051 bad: 1052 if (sc->gif_psrc && sc->gif_pdst) 1053 ifp->if_drv_flags |= IFF_DRV_RUNNING; 1054 else 1055 ifp->if_drv_flags &= ~IFF_DRV_RUNNING; 1056 1057 return error; 1058 } 1059 1060 void 1061 gif_delete_tunnel(ifp) 1062 struct ifnet *ifp; 1063 { 1064 struct gif_softc *sc = ifp->if_softc; 1065 1066 if (sc->gif_psrc) { 1067 free((caddr_t)sc->gif_psrc, M_IFADDR); 1068 sc->gif_psrc = NULL; 1069 } 1070 if (sc->gif_pdst) { 1071 free((caddr_t)sc->gif_pdst, M_IFADDR); 1072 sc->gif_pdst = NULL; 1073 } 1074 /* it is safe to detach from both */ 1075 #ifdef INET 1076 (void)in_gif_detach(sc); 1077 #endif 1078 #ifdef INET6 1079 (void)in6_gif_detach(sc); 1080 #endif 1081 ifp->if_drv_flags &= ~IFF_DRV_RUNNING; 1082 } 1083