1 /* $FreeBSD$ */ 2 /* $KAME: if_gif.c,v 1.87 2001/10/19 08:50:27 itojun Exp $ */ 3 4 /*- 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 #include "opt_inet.h" 34 #include "opt_inet6.h" 35 36 #include <sys/param.h> 37 #include <sys/systm.h> 38 #include <sys/jail.h> 39 #include <sys/kernel.h> 40 #include <sys/malloc.h> 41 #include <sys/mbuf.h> 42 #include <sys/module.h> 43 #include <sys/socket.h> 44 #include <sys/sockio.h> 45 #include <sys/errno.h> 46 #include <sys/time.h> 47 #include <sys/sysctl.h> 48 #include <sys/syslog.h> 49 #include <sys/priv.h> 50 #include <sys/proc.h> 51 #include <sys/protosw.h> 52 #include <sys/conf.h> 53 #include <machine/cpu.h> 54 55 #include <net/if.h> 56 #include <net/if_var.h> 57 #include <net/if_clone.h> 58 #include <net/if_types.h> 59 #include <net/netisr.h> 60 #include <net/route.h> 61 #include <net/bpf.h> 62 #include <net/vnet.h> 63 64 #include <netinet/in.h> 65 #include <netinet/in_systm.h> 66 #include <netinet/ip.h> 67 #ifdef INET 68 #include <netinet/in_var.h> 69 #include <netinet/in_gif.h> 70 #include <netinet/ip_var.h> 71 #endif /* INET */ 72 73 #ifdef INET6 74 #ifndef INET 75 #include <netinet/in.h> 76 #endif 77 #include <netinet6/in6_var.h> 78 #include <netinet/ip6.h> 79 #include <netinet6/ip6_var.h> 80 #include <netinet6/scope6_var.h> 81 #include <netinet6/in6_gif.h> 82 #include <netinet6/ip6protosw.h> 83 #endif /* INET6 */ 84 85 #include <netinet/ip_encap.h> 86 #include <net/ethernet.h> 87 #include <net/if_bridgevar.h> 88 #include <net/if_gif.h> 89 90 #include <security/mac/mac_framework.h> 91 92 static const char gifname[] = "gif"; 93 94 /* 95 * gif_mtx protects a per-vnet gif_softc_list. 96 */ 97 static VNET_DEFINE(struct mtx, gif_mtx); 98 #define V_gif_mtx VNET(gif_mtx) 99 static MALLOC_DEFINE(M_GIF, "gif", "Generic Tunnel Interface"); 100 static VNET_DEFINE(LIST_HEAD(, gif_softc), gif_softc_list); 101 #define V_gif_softc_list VNET(gif_softc_list) 102 103 #define GIF_LIST_LOCK_INIT(x) mtx_init(&V_gif_mtx, "gif_mtx", \ 104 NULL, MTX_DEF) 105 #define GIF_LIST_LOCK_DESTROY(x) mtx_destroy(&V_gif_mtx) 106 #define GIF_LIST_LOCK(x) mtx_lock(&V_gif_mtx) 107 #define GIF_LIST_UNLOCK(x) mtx_unlock(&V_gif_mtx) 108 109 void (*ng_gif_input_p)(struct ifnet *ifp, struct mbuf **mp, int af); 110 void (*ng_gif_input_orphan_p)(struct ifnet *ifp, struct mbuf *m, int af); 111 void (*ng_gif_attach_p)(struct ifnet *ifp); 112 void (*ng_gif_detach_p)(struct ifnet *ifp); 113 114 static void gif_start(struct ifnet *); 115 static int gif_clone_create(struct if_clone *, int, caddr_t); 116 static void gif_clone_destroy(struct ifnet *); 117 static VNET_DEFINE(struct if_clone *, gif_cloner); 118 #define V_gif_cloner VNET(gif_cloner) 119 120 static int gifmodevent(module_t, int, void *); 121 122 SYSCTL_DECL(_net_link); 123 static SYSCTL_NODE(_net_link, IFT_GIF, gif, CTLFLAG_RW, 0, 124 "Generic Tunnel Interface"); 125 #ifndef MAX_GIF_NEST 126 /* 127 * This macro controls the default upper limitation on nesting of gif tunnels. 128 * Since, setting a large value to this macro with a careless configuration 129 * may introduce system crash, we don't allow any nestings by default. 130 * If you need to configure nested gif tunnels, you can define this macro 131 * in your kernel configuration file. However, if you do so, please be 132 * careful to configure the tunnels so that it won't make a loop. 133 */ 134 #define MAX_GIF_NEST 1 135 #endif 136 static VNET_DEFINE(int, max_gif_nesting) = MAX_GIF_NEST; 137 #define V_max_gif_nesting VNET(max_gif_nesting) 138 SYSCTL_VNET_INT(_net_link_gif, OID_AUTO, max_nesting, CTLFLAG_RW, 139 &VNET_NAME(max_gif_nesting), 0, "Max nested tunnels"); 140 141 /* 142 * By default, we disallow creation of multiple tunnels between the same 143 * pair of addresses. Some applications require this functionality so 144 * we allow control over this check here. 145 */ 146 #ifdef XBONEHACK 147 static VNET_DEFINE(int, parallel_tunnels) = 1; 148 #else 149 static VNET_DEFINE(int, parallel_tunnels) = 0; 150 #endif 151 #define V_parallel_tunnels VNET(parallel_tunnels) 152 SYSCTL_VNET_INT(_net_link_gif, OID_AUTO, parallel_tunnels, CTLFLAG_RW, 153 &VNET_NAME(parallel_tunnels), 0, "Allow parallel tunnels?"); 154 155 /* copy from src/sys/net/if_ethersubr.c */ 156 static const u_char etherbroadcastaddr[ETHER_ADDR_LEN] = 157 { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 158 #ifndef ETHER_IS_BROADCAST 159 #define ETHER_IS_BROADCAST(addr) \ 160 (bcmp(etherbroadcastaddr, (addr), ETHER_ADDR_LEN) == 0) 161 #endif 162 163 static int 164 gif_clone_create(struct if_clone *ifc, int unit, caddr_t params) 165 { 166 struct gif_softc *sc; 167 168 sc = malloc(sizeof(struct gif_softc), M_GIF, M_WAITOK | M_ZERO); 169 sc->gif_fibnum = curthread->td_proc->p_fibnum; 170 GIF2IFP(sc) = if_alloc(IFT_GIF); 171 if (GIF2IFP(sc) == NULL) { 172 free(sc, M_GIF); 173 return (ENOSPC); 174 } 175 176 GIF_LOCK_INIT(sc); 177 178 GIF2IFP(sc)->if_softc = sc; 179 if_initname(GIF2IFP(sc), gifname, unit); 180 181 sc->encap_cookie4 = sc->encap_cookie6 = NULL; 182 sc->gif_options = 0; 183 184 GIF2IFP(sc)->if_addrlen = 0; 185 GIF2IFP(sc)->if_mtu = GIF_MTU; 186 GIF2IFP(sc)->if_flags = IFF_POINTOPOINT | IFF_MULTICAST; 187 #if 0 188 /* turn off ingress filter */ 189 GIF2IFP(sc)->if_flags |= IFF_LINK2; 190 #endif 191 GIF2IFP(sc)->if_ioctl = gif_ioctl; 192 GIF2IFP(sc)->if_start = gif_start; 193 GIF2IFP(sc)->if_output = gif_output; 194 GIF2IFP(sc)->if_snd.ifq_maxlen = ifqmaxlen; 195 if_attach(GIF2IFP(sc)); 196 bpfattach(GIF2IFP(sc), DLT_NULL, sizeof(u_int32_t)); 197 if (ng_gif_attach_p != NULL) 198 (*ng_gif_attach_p)(GIF2IFP(sc)); 199 200 GIF_LIST_LOCK(); 201 LIST_INSERT_HEAD(&V_gif_softc_list, sc, gif_list); 202 GIF_LIST_UNLOCK(); 203 204 return (0); 205 } 206 207 static void 208 gif_clone_destroy(struct ifnet *ifp) 209 { 210 #if defined(INET) || defined(INET6) 211 int err; 212 #endif 213 struct gif_softc *sc = ifp->if_softc; 214 215 GIF_LIST_LOCK(); 216 LIST_REMOVE(sc, gif_list); 217 GIF_LIST_UNLOCK(); 218 219 gif_delete_tunnel(ifp); 220 #ifdef INET6 221 if (sc->encap_cookie6 != NULL) { 222 err = encap_detach(sc->encap_cookie6); 223 KASSERT(err == 0, ("Unexpected error detaching encap_cookie6")); 224 } 225 #endif 226 #ifdef INET 227 if (sc->encap_cookie4 != NULL) { 228 err = encap_detach(sc->encap_cookie4); 229 KASSERT(err == 0, ("Unexpected error detaching encap_cookie4")); 230 } 231 #endif 232 233 if (ng_gif_detach_p != NULL) 234 (*ng_gif_detach_p)(ifp); 235 bpfdetach(ifp); 236 if_detach(ifp); 237 if_free(ifp); 238 239 GIF_LOCK_DESTROY(sc); 240 241 free(sc, M_GIF); 242 } 243 244 static void 245 vnet_gif_init(const void *unused __unused) 246 { 247 248 LIST_INIT(&V_gif_softc_list); 249 GIF_LIST_LOCK_INIT(); 250 V_gif_cloner = if_clone_simple(gifname, gif_clone_create, 251 gif_clone_destroy, 0); 252 } 253 VNET_SYSINIT(vnet_gif_init, SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_ANY, 254 vnet_gif_init, NULL); 255 256 static void 257 vnet_gif_uninit(const void *unused __unused) 258 { 259 260 if_clone_detach(V_gif_cloner); 261 GIF_LIST_LOCK_DESTROY(); 262 } 263 VNET_SYSUNINIT(vnet_gif_uninit, SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_ANY, 264 vnet_gif_uninit, NULL); 265 266 static int 267 gifmodevent(module_t mod, int type, void *data) 268 { 269 270 switch (type) { 271 case MOD_LOAD: 272 case MOD_UNLOAD: 273 break; 274 default: 275 return (EOPNOTSUPP); 276 } 277 return (0); 278 } 279 280 static moduledata_t gif_mod = { 281 "if_gif", 282 gifmodevent, 283 0 284 }; 285 286 DECLARE_MODULE(if_gif, gif_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); 287 MODULE_VERSION(if_gif, 1); 288 289 int 290 gif_encapcheck(const struct mbuf *m, int off, int proto, void *arg) 291 { 292 struct ip ip; 293 struct gif_softc *sc; 294 295 sc = (struct gif_softc *)arg; 296 if (sc == NULL) 297 return 0; 298 299 if ((GIF2IFP(sc)->if_flags & IFF_UP) == 0) 300 return 0; 301 302 /* no physical address */ 303 if (!sc->gif_psrc || !sc->gif_pdst) 304 return 0; 305 306 switch (proto) { 307 #ifdef INET 308 case IPPROTO_IPV4: 309 break; 310 #endif 311 #ifdef INET6 312 case IPPROTO_IPV6: 313 break; 314 #endif 315 case IPPROTO_ETHERIP: 316 break; 317 318 default: 319 return 0; 320 } 321 322 /* Bail on short packets */ 323 if (m->m_pkthdr.len < sizeof(ip)) 324 return 0; 325 326 m_copydata(m, 0, sizeof(ip), (caddr_t)&ip); 327 328 switch (ip.ip_v) { 329 #ifdef INET 330 case 4: 331 if (sc->gif_psrc->sa_family != AF_INET || 332 sc->gif_pdst->sa_family != AF_INET) 333 return 0; 334 return gif_encapcheck4(m, off, proto, arg); 335 #endif 336 #ifdef INET6 337 case 6: 338 if (m->m_pkthdr.len < sizeof(struct ip6_hdr)) 339 return 0; 340 if (sc->gif_psrc->sa_family != AF_INET6 || 341 sc->gif_pdst->sa_family != AF_INET6) 342 return 0; 343 return gif_encapcheck6(m, off, proto, arg); 344 #endif 345 default: 346 return 0; 347 } 348 } 349 #ifdef INET 350 #define GIF_HDR_LEN (ETHER_HDR_LEN + sizeof (struct ip)) 351 #endif 352 #ifdef INET6 353 #define GIF_HDR_LEN6 (ETHER_HDR_LEN + sizeof (struct ip6_hdr)) 354 #endif 355 356 static void 357 gif_start(struct ifnet *ifp) 358 { 359 struct gif_softc *sc; 360 struct mbuf *m; 361 uint32_t af; 362 int error = 0; 363 364 sc = ifp->if_softc; 365 GIF_LOCK(sc); 366 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 367 while (!IFQ_DRV_IS_EMPTY(&ifp->if_snd)) { 368 369 IFQ_DRV_DEQUEUE(&ifp->if_snd, m); 370 if (m == 0) 371 break; 372 373 #ifdef ALTQ 374 /* Take out those altq bytes we add in gif_output */ 375 #ifdef INET 376 if (sc->gif_psrc->sa_family == AF_INET) 377 m->m_pkthdr.len -= GIF_HDR_LEN; 378 #endif 379 #ifdef INET6 380 if (sc->gif_psrc->sa_family == AF_INET6) 381 m->m_pkthdr.len -= GIF_HDR_LEN6; 382 #endif 383 #endif 384 /* 385 * Now pull back the af that we 386 * stashed in the csum_data. 387 */ 388 af = m->m_pkthdr.csum_data; 389 390 /* override to IPPROTO_ETHERIP for bridged traffic */ 391 if (ifp->if_bridge) 392 af = AF_LINK; 393 394 BPF_MTAP2(ifp, &af, sizeof(af), m); 395 if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1); 396 397 /* Done by IFQ_HANDOFF */ 398 /* if_inc_counter(ifp, IFCOUNTER_OBYTES, m->m_pkthdr.len);*/ 399 400 M_SETFIB(m, sc->gif_fibnum); 401 /* inner AF-specific encapsulation */ 402 /* XXX should we check if our outer source is legal? */ 403 /* dispatch to output logic based on outer AF */ 404 switch (sc->gif_psrc->sa_family) { 405 #ifdef INET 406 case AF_INET: 407 error = in_gif_output(ifp, af, m); 408 break; 409 #endif 410 #ifdef INET6 411 case AF_INET6: 412 error = in6_gif_output(ifp, af, m); 413 break; 414 #endif 415 default: 416 m_freem(m); 417 error = ENETDOWN; 418 } 419 if (error) 420 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 421 422 } 423 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 424 GIF_UNLOCK(sc); 425 return; 426 } 427 428 int 429 gif_output(struct ifnet *ifp, struct mbuf *m, const struct sockaddr *dst, 430 struct route *ro) 431 { 432 struct gif_softc *sc = ifp->if_softc; 433 struct m_tag *mtag; 434 int error = 0; 435 int gif_called; 436 uint32_t af; 437 #ifdef MAC 438 error = mac_ifnet_check_transmit(ifp, m); 439 if (error) { 440 m_freem(m); 441 goto end; 442 } 443 #endif 444 if ((ifp->if_flags & IFF_MONITOR) != 0) { 445 error = ENETDOWN; 446 m_freem(m); 447 goto end; 448 } 449 450 /* 451 * gif may cause infinite recursion calls when misconfigured. 452 * We'll prevent this by detecting loops. 453 * 454 * High nesting level may cause stack exhaustion. 455 * We'll prevent this by introducing upper limit. 456 */ 457 gif_called = 1; 458 mtag = m_tag_locate(m, MTAG_GIF, MTAG_GIF_CALLED, NULL); 459 while (mtag != NULL) { 460 if (*(struct ifnet **)(mtag + 1) == ifp) { 461 log(LOG_NOTICE, 462 "gif_output: loop detected on %s\n", 463 (*(struct ifnet **)(mtag + 1))->if_xname); 464 m_freem(m); 465 error = EIO; /* is there better errno? */ 466 goto end; 467 } 468 mtag = m_tag_locate(m, MTAG_GIF, MTAG_GIF_CALLED, mtag); 469 gif_called++; 470 } 471 if (gif_called > V_max_gif_nesting) { 472 log(LOG_NOTICE, 473 "gif_output: recursively called too many times(%d)\n", 474 gif_called); 475 m_freem(m); 476 error = EIO; /* is there better errno? */ 477 goto end; 478 } 479 mtag = m_tag_alloc(MTAG_GIF, MTAG_GIF_CALLED, sizeof(struct ifnet *), 480 M_NOWAIT); 481 if (mtag == NULL) { 482 m_freem(m); 483 error = ENOMEM; 484 goto end; 485 } 486 *(struct ifnet **)(mtag + 1) = ifp; 487 m_tag_prepend(m, mtag); 488 489 m->m_flags &= ~(M_BCAST|M_MCAST); 490 /* BPF writes need to be handled specially. */ 491 if (dst->sa_family == AF_UNSPEC) 492 bcopy(dst->sa_data, &af, sizeof(af)); 493 else 494 af = dst->sa_family; 495 /* 496 * Now save the af in the inbound pkt csum 497 * data, this is a cheat since we are using 498 * the inbound csum_data field to carry the 499 * af over to the gif_start() routine, avoiding 500 * using yet another mtag. 501 */ 502 m->m_pkthdr.csum_data = af; 503 if (!(ifp->if_flags & IFF_UP) || 504 sc->gif_psrc == NULL || sc->gif_pdst == NULL) { 505 m_freem(m); 506 error = ENETDOWN; 507 goto end; 508 } 509 #ifdef ALTQ 510 /* 511 * Make altq aware of the bytes we will add 512 * when we actually send it. 513 */ 514 #ifdef INET 515 if (sc->gif_psrc->sa_family == AF_INET) 516 m->m_pkthdr.len += GIF_HDR_LEN; 517 #endif 518 #ifdef INET6 519 if (sc->gif_psrc->sa_family == AF_INET6) 520 m->m_pkthdr.len += GIF_HDR_LEN6; 521 #endif 522 #endif 523 /* 524 * Queue message on interface, update output statistics if 525 * successful, and start output if interface not yet active. 526 */ 527 IFQ_HANDOFF(ifp, m, error); 528 end: 529 if (error) 530 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 531 return (error); 532 } 533 534 void 535 gif_input(struct mbuf *m, int af, struct ifnet *ifp) 536 { 537 int isr, n; 538 struct gif_softc *sc; 539 struct etherip_header *eip; 540 struct ether_header *eh; 541 struct ifnet *oldifp; 542 543 if (ifp == NULL) { 544 /* just in case */ 545 m_freem(m); 546 return; 547 } 548 sc = ifp->if_softc; 549 m->m_pkthdr.rcvif = ifp; 550 m_clrprotoflags(m); 551 552 #ifdef MAC 553 mac_ifnet_create_mbuf(ifp, m); 554 #endif 555 556 if (bpf_peers_present(ifp->if_bpf)) { 557 u_int32_t af1 = af; 558 bpf_mtap2(ifp->if_bpf, &af1, sizeof(af1), m); 559 } 560 561 if ((ifp->if_flags & IFF_MONITOR) != 0) { 562 if_inc_counter(ifp, IFCOUNTER_IPACKETS, 1); 563 if_inc_counter(ifp, IFCOUNTER_IBYTES, m->m_pkthdr.len); 564 m_freem(m); 565 return; 566 } 567 568 if (ng_gif_input_p != NULL) { 569 (*ng_gif_input_p)(ifp, &m, af); 570 if (m == NULL) 571 return; 572 } 573 574 /* 575 * Put the packet to the network layer input queue according to the 576 * specified address family. 577 * Note: older versions of gif_input directly called network layer 578 * input functions, e.g. ip6_input, here. We changed the policy to 579 * prevent too many recursive calls of such input functions, which 580 * might cause kernel panic. But the change may introduce another 581 * problem; if the input queue is full, packets are discarded. 582 * The kernel stack overflow really happened, and we believed 583 * queue-full rarely occurs, so we changed the policy. 584 */ 585 switch (af) { 586 #ifdef INET 587 case AF_INET: 588 isr = NETISR_IP; 589 break; 590 #endif 591 #ifdef INET6 592 case AF_INET6: 593 isr = NETISR_IPV6; 594 break; 595 #endif 596 case AF_LINK: 597 n = sizeof(struct etherip_header) + sizeof(struct ether_header); 598 if (n > m->m_len) { 599 m = m_pullup(m, n); 600 if (m == NULL) { 601 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1); 602 return; 603 } 604 } 605 606 eip = mtod(m, struct etherip_header *); 607 /* 608 * GIF_ACCEPT_REVETHIP (enabled by default) intentionally 609 * accepts an EtherIP packet with revered version field in 610 * the header. This is a knob for backward compatibility 611 * with FreeBSD 7.2R or prior. 612 */ 613 if (sc->gif_options & GIF_ACCEPT_REVETHIP) { 614 if (eip->eip_resvl != ETHERIP_VERSION 615 && eip->eip_ver != ETHERIP_VERSION) { 616 /* discard unknown versions */ 617 m_freem(m); 618 return; 619 } 620 } else { 621 if (eip->eip_ver != ETHERIP_VERSION) { 622 /* discard unknown versions */ 623 m_freem(m); 624 return; 625 } 626 } 627 m_adj(m, sizeof(struct etherip_header)); 628 629 m->m_flags &= ~(M_BCAST|M_MCAST); 630 m->m_pkthdr.rcvif = ifp; 631 632 if (ifp->if_bridge) { 633 oldifp = ifp; 634 eh = mtod(m, struct ether_header *); 635 if (ETHER_IS_MULTICAST(eh->ether_dhost)) { 636 if (ETHER_IS_BROADCAST(eh->ether_dhost)) 637 m->m_flags |= M_BCAST; 638 else 639 m->m_flags |= M_MCAST; 640 if_inc_counter(ifp, IFCOUNTER_IMCASTS, 1); 641 } 642 BRIDGE_INPUT(ifp, m); 643 644 if (m != NULL && ifp != oldifp) { 645 /* 646 * The bridge gave us back itself or one of the 647 * members for which the frame is addressed. 648 */ 649 ether_demux(ifp, m); 650 return; 651 } 652 } 653 if (m != NULL) 654 m_freem(m); 655 return; 656 657 default: 658 if (ng_gif_input_orphan_p != NULL) 659 (*ng_gif_input_orphan_p)(ifp, m, af); 660 else 661 m_freem(m); 662 return; 663 } 664 665 if_inc_counter(ifp, IFCOUNTER_IPACKETS, 1); 666 if_inc_counter(ifp, IFCOUNTER_IBYTES, m->m_pkthdr.len); 667 M_SETFIB(m, ifp->if_fib); 668 netisr_dispatch(isr, m); 669 } 670 671 /* XXX how should we handle IPv6 scope on SIOC[GS]IFPHYADDR? */ 672 int 673 gif_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 674 { 675 struct gif_softc *sc = ifp->if_softc; 676 struct ifreq *ifr = (struct ifreq*)data; 677 int error = 0, size; 678 u_int options; 679 struct sockaddr *dst, *src; 680 #ifdef SIOCSIFMTU /* xxx */ 681 u_long mtu; 682 #endif 683 684 switch (cmd) { 685 case SIOCSIFADDR: 686 ifp->if_flags |= IFF_UP; 687 break; 688 689 case SIOCADDMULTI: 690 case SIOCDELMULTI: 691 break; 692 693 #ifdef SIOCSIFMTU /* xxx */ 694 case SIOCGIFMTU: 695 break; 696 697 case SIOCSIFMTU: 698 mtu = ifr->ifr_mtu; 699 if (mtu < GIF_MTU_MIN || mtu > GIF_MTU_MAX) 700 return (EINVAL); 701 ifp->if_mtu = mtu; 702 break; 703 #endif /* SIOCSIFMTU */ 704 705 #ifdef INET 706 case SIOCSIFPHYADDR: 707 #endif 708 #ifdef INET6 709 case SIOCSIFPHYADDR_IN6: 710 #endif /* INET6 */ 711 switch (cmd) { 712 #ifdef INET 713 case SIOCSIFPHYADDR: 714 src = (struct sockaddr *) 715 &(((struct in_aliasreq *)data)->ifra_addr); 716 dst = (struct sockaddr *) 717 &(((struct in_aliasreq *)data)->ifra_dstaddr); 718 break; 719 #endif 720 #ifdef INET6 721 case SIOCSIFPHYADDR_IN6: 722 src = (struct sockaddr *) 723 &(((struct in6_aliasreq *)data)->ifra_addr); 724 dst = (struct sockaddr *) 725 &(((struct in6_aliasreq *)data)->ifra_dstaddr); 726 break; 727 #endif 728 default: 729 return EINVAL; 730 } 731 732 /* sa_family must be equal */ 733 if (src->sa_family != dst->sa_family) 734 return EINVAL; 735 736 /* validate sa_len */ 737 switch (src->sa_family) { 738 #ifdef INET 739 case AF_INET: 740 if (src->sa_len != sizeof(struct sockaddr_in)) 741 return EINVAL; 742 break; 743 #endif 744 #ifdef INET6 745 case AF_INET6: 746 if (src->sa_len != sizeof(struct sockaddr_in6)) 747 return EINVAL; 748 break; 749 #endif 750 default: 751 return EAFNOSUPPORT; 752 } 753 switch (dst->sa_family) { 754 #ifdef INET 755 case AF_INET: 756 if (dst->sa_len != sizeof(struct sockaddr_in)) 757 return EINVAL; 758 break; 759 #endif 760 #ifdef INET6 761 case AF_INET6: 762 if (dst->sa_len != sizeof(struct sockaddr_in6)) 763 return EINVAL; 764 break; 765 #endif 766 default: 767 return EAFNOSUPPORT; 768 } 769 770 /* check sa_family looks sane for the cmd */ 771 switch (cmd) { 772 case SIOCSIFPHYADDR: 773 if (src->sa_family == AF_INET) 774 break; 775 return EAFNOSUPPORT; 776 #ifdef INET6 777 case SIOCSIFPHYADDR_IN6: 778 if (src->sa_family == AF_INET6) 779 break; 780 return EAFNOSUPPORT; 781 #endif /* INET6 */ 782 } 783 784 error = gif_set_tunnel(GIF2IFP(sc), src, dst); 785 break; 786 787 #ifdef SIOCDIFPHYADDR 788 case SIOCDIFPHYADDR: 789 gif_delete_tunnel(GIF2IFP(sc)); 790 break; 791 #endif 792 793 case SIOCGIFPSRCADDR: 794 #ifdef INET6 795 case SIOCGIFPSRCADDR_IN6: 796 #endif /* INET6 */ 797 if (sc->gif_psrc == NULL) { 798 error = EADDRNOTAVAIL; 799 goto bad; 800 } 801 src = sc->gif_psrc; 802 switch (cmd) { 803 #ifdef INET 804 case SIOCGIFPSRCADDR: 805 dst = &ifr->ifr_addr; 806 size = sizeof(ifr->ifr_addr); 807 break; 808 #endif /* INET */ 809 #ifdef INET6 810 case SIOCGIFPSRCADDR_IN6: 811 dst = (struct sockaddr *) 812 &(((struct in6_ifreq *)data)->ifr_addr); 813 size = sizeof(((struct in6_ifreq *)data)->ifr_addr); 814 break; 815 #endif /* INET6 */ 816 default: 817 error = EADDRNOTAVAIL; 818 goto bad; 819 } 820 if (src->sa_len > size) 821 return EINVAL; 822 bcopy((caddr_t)src, (caddr_t)dst, src->sa_len); 823 #ifdef INET6 824 if (dst->sa_family == AF_INET6) { 825 error = sa6_recoverscope((struct sockaddr_in6 *)dst); 826 if (error != 0) 827 return (error); 828 } 829 #endif 830 break; 831 832 case SIOCGIFPDSTADDR: 833 #ifdef INET6 834 case SIOCGIFPDSTADDR_IN6: 835 #endif /* INET6 */ 836 if (sc->gif_pdst == NULL) { 837 error = EADDRNOTAVAIL; 838 goto bad; 839 } 840 src = sc->gif_pdst; 841 switch (cmd) { 842 #ifdef INET 843 case SIOCGIFPDSTADDR: 844 dst = &ifr->ifr_addr; 845 size = sizeof(ifr->ifr_addr); 846 break; 847 #endif /* INET */ 848 #ifdef INET6 849 case SIOCGIFPDSTADDR_IN6: 850 dst = (struct sockaddr *) 851 &(((struct in6_ifreq *)data)->ifr_addr); 852 size = sizeof(((struct in6_ifreq *)data)->ifr_addr); 853 break; 854 #endif /* INET6 */ 855 default: 856 error = EADDRNOTAVAIL; 857 goto bad; 858 } 859 if (src->sa_len > size) 860 return EINVAL; 861 error = prison_if(curthread->td_ucred, src); 862 if (error != 0) 863 return (error); 864 error = prison_if(curthread->td_ucred, dst); 865 if (error != 0) 866 return (error); 867 bcopy((caddr_t)src, (caddr_t)dst, src->sa_len); 868 #ifdef INET6 869 if (dst->sa_family == AF_INET6) { 870 error = sa6_recoverscope((struct sockaddr_in6 *)dst); 871 if (error != 0) 872 return (error); 873 } 874 #endif 875 break; 876 877 case SIOCSIFFLAGS: 878 /* if_ioctl() takes care of it */ 879 break; 880 881 case GIFGOPTS: 882 options = sc->gif_options; 883 error = copyout(&options, ifr->ifr_data, 884 sizeof(options)); 885 break; 886 887 case GIFSOPTS: 888 if ((error = priv_check(curthread, PRIV_NET_GIF)) != 0) 889 break; 890 error = copyin(ifr->ifr_data, &options, sizeof(options)); 891 if (error) 892 break; 893 if (options & ~GIF_OPTMASK) 894 error = EINVAL; 895 else 896 sc->gif_options = options; 897 break; 898 899 default: 900 error = EINVAL; 901 break; 902 } 903 bad: 904 return error; 905 } 906 907 /* 908 * XXXRW: There's a general event-ordering issue here: the code to check 909 * if a given tunnel is already present happens before we perform a 910 * potentially blocking setup of the tunnel. This code needs to be 911 * re-ordered so that the check and replacement can be atomic using 912 * a mutex. 913 */ 914 int 915 gif_set_tunnel(struct ifnet *ifp, struct sockaddr *src, struct sockaddr *dst) 916 { 917 struct gif_softc *sc = ifp->if_softc; 918 struct gif_softc *sc2; 919 struct sockaddr *osrc, *odst, *sa; 920 int error = 0; 921 922 GIF_LIST_LOCK(); 923 LIST_FOREACH(sc2, &V_gif_softc_list, gif_list) { 924 if (sc2 == sc) 925 continue; 926 if (!sc2->gif_pdst || !sc2->gif_psrc) 927 continue; 928 if (sc2->gif_pdst->sa_family != dst->sa_family || 929 sc2->gif_pdst->sa_len != dst->sa_len || 930 sc2->gif_psrc->sa_family != src->sa_family || 931 sc2->gif_psrc->sa_len != src->sa_len) 932 continue; 933 934 /* 935 * Disallow parallel tunnels unless instructed 936 * otherwise. 937 */ 938 if (!V_parallel_tunnels && 939 bcmp(sc2->gif_pdst, dst, dst->sa_len) == 0 && 940 bcmp(sc2->gif_psrc, src, src->sa_len) == 0) { 941 error = EADDRNOTAVAIL; 942 GIF_LIST_UNLOCK(); 943 goto bad; 944 } 945 946 /* XXX both end must be valid? (I mean, not 0.0.0.0) */ 947 } 948 GIF_LIST_UNLOCK(); 949 950 /* XXX we can detach from both, but be polite just in case */ 951 if (sc->gif_psrc) 952 switch (sc->gif_psrc->sa_family) { 953 #ifdef INET 954 case AF_INET: 955 (void)in_gif_detach(sc); 956 break; 957 #endif 958 #ifdef INET6 959 case AF_INET6: 960 (void)in6_gif_detach(sc); 961 break; 962 #endif 963 } 964 965 osrc = sc->gif_psrc; 966 sa = (struct sockaddr *)malloc(src->sa_len, M_IFADDR, M_WAITOK); 967 bcopy((caddr_t)src, (caddr_t)sa, src->sa_len); 968 sc->gif_psrc = sa; 969 970 odst = sc->gif_pdst; 971 sa = (struct sockaddr *)malloc(dst->sa_len, M_IFADDR, M_WAITOK); 972 bcopy((caddr_t)dst, (caddr_t)sa, dst->sa_len); 973 sc->gif_pdst = sa; 974 975 switch (sc->gif_psrc->sa_family) { 976 #ifdef INET 977 case AF_INET: 978 error = in_gif_attach(sc); 979 break; 980 #endif 981 #ifdef INET6 982 case AF_INET6: 983 /* 984 * Check validity of the scope zone ID of the addresses, and 985 * convert it into the kernel internal form if necessary. 986 */ 987 error = sa6_embedscope((struct sockaddr_in6 *)sc->gif_psrc, 0); 988 if (error != 0) 989 break; 990 error = sa6_embedscope((struct sockaddr_in6 *)sc->gif_pdst, 0); 991 if (error != 0) 992 break; 993 error = in6_gif_attach(sc); 994 break; 995 #endif 996 } 997 if (error) { 998 /* rollback */ 999 free((caddr_t)sc->gif_psrc, M_IFADDR); 1000 free((caddr_t)sc->gif_pdst, M_IFADDR); 1001 sc->gif_psrc = osrc; 1002 sc->gif_pdst = odst; 1003 goto bad; 1004 } 1005 1006 if (osrc) 1007 free((caddr_t)osrc, M_IFADDR); 1008 if (odst) 1009 free((caddr_t)odst, M_IFADDR); 1010 1011 bad: 1012 if (sc->gif_psrc && sc->gif_pdst) 1013 ifp->if_drv_flags |= IFF_DRV_RUNNING; 1014 else 1015 ifp->if_drv_flags &= ~IFF_DRV_RUNNING; 1016 1017 return error; 1018 } 1019 1020 void 1021 gif_delete_tunnel(struct ifnet *ifp) 1022 { 1023 struct gif_softc *sc = ifp->if_softc; 1024 1025 if (sc->gif_psrc) { 1026 free((caddr_t)sc->gif_psrc, M_IFADDR); 1027 sc->gif_psrc = NULL; 1028 } 1029 if (sc->gif_pdst) { 1030 free((caddr_t)sc->gif_pdst, M_IFADDR); 1031 sc->gif_pdst = NULL; 1032 } 1033 /* it is safe to detach from both */ 1034 #ifdef INET 1035 (void)in_gif_detach(sc); 1036 #endif 1037 #ifdef INET6 1038 (void)in6_gif_detach(sc); 1039 #endif 1040 ifp->if_drv_flags &= ~IFF_DRV_RUNNING; 1041 } 1042