1 /* 2 * Copyright (c) 1980, 1986, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * @(#)route.c 8.2 (Berkeley) 11/15/93 34 * $FreeBSD$ 35 */ 36 37 #include "opt_inet.h" 38 #include "opt_mrouting.h" 39 40 #include <sys/param.h> 41 #include <sys/systm.h> 42 #include <sys/malloc.h> 43 #include <sys/mbuf.h> 44 #include <sys/socket.h> 45 #include <sys/domain.h> 46 #include <sys/kernel.h> 47 48 #include <net/if.h> 49 #include <net/route.h> 50 51 #include <netinet/in.h> 52 #include <netinet/ip_mroute.h> 53 54 #define SA(p) ((struct sockaddr *)(p)) 55 56 struct route_cb route_cb; 57 static struct rtstat rtstat; 58 struct radix_node_head *rt_tables[AF_MAX+1]; 59 60 static int rttrash; /* routes not in table but not freed */ 61 62 static void rt_maskedcopy __P((struct sockaddr *, 63 struct sockaddr *, struct sockaddr *)); 64 static void rtable_init __P((void **)); 65 66 static void 67 rtable_init(table) 68 void **table; 69 { 70 struct domain *dom; 71 for (dom = domains; dom; dom = dom->dom_next) 72 if (dom->dom_rtattach) 73 dom->dom_rtattach(&table[dom->dom_family], 74 dom->dom_rtoffset); 75 } 76 77 void 78 route_init() 79 { 80 rn_init(); /* initialize all zeroes, all ones, mask table */ 81 rtable_init((void **)rt_tables); 82 } 83 84 /* 85 * Packet routing routines. 86 */ 87 void 88 rtalloc(ro) 89 register struct route *ro; 90 { 91 rtalloc_ign(ro, 0UL); 92 } 93 94 void 95 rtalloc_ign(ro, ignore) 96 register struct route *ro; 97 u_long ignore; 98 { 99 struct rtentry *rt; 100 int s; 101 102 if ((rt = ro->ro_rt) != NULL) { 103 if (rt->rt_ifp != NULL && rt->rt_flags & RTF_UP) 104 return; 105 /* XXX - We are probably always at splnet here already. */ 106 s = splnet(); 107 RTFREE(rt); 108 ro->ro_rt = NULL; 109 splx(s); 110 } 111 ro->ro_rt = rtalloc1(&ro->ro_dst, 1, ignore); 112 } 113 114 /* 115 * Look up the route that matches the address given 116 * Or, at least try.. Create a cloned route if needed. 117 */ 118 struct rtentry * 119 rtalloc1(dst, report, ignflags) 120 register struct sockaddr *dst; 121 int report; 122 u_long ignflags; 123 { 124 register struct radix_node_head *rnh = rt_tables[dst->sa_family]; 125 register struct rtentry *rt; 126 register struct radix_node *rn; 127 struct rtentry *newrt = 0; 128 struct rt_addrinfo info; 129 u_long nflags; 130 int s = splnet(), err = 0, msgtype = RTM_MISS; 131 132 /* 133 * Look up the address in the table for that Address Family 134 */ 135 if (rnh && (rn = rnh->rnh_matchaddr((caddr_t)dst, rnh)) && 136 ((rn->rn_flags & RNF_ROOT) == 0)) { 137 /* 138 * If we find it and it's not the root node, then 139 * get a refernce on the rtentry associated. 140 */ 141 newrt = rt = (struct rtentry *)rn; 142 nflags = rt->rt_flags & ~ignflags; 143 if (report && (nflags & (RTF_CLONING | RTF_PRCLONING))) { 144 /* 145 * We are apparently adding (report = 0 in delete). 146 * If it requires that it be cloned, do so. 147 * (This implies it wasn't a HOST route.) 148 */ 149 err = rtrequest(RTM_RESOLVE, dst, SA(0), 150 SA(0), 0, &newrt); 151 if (err) { 152 /* 153 * If the cloning didn't succeed, maybe 154 * what we have will do. Return that. 155 */ 156 newrt = rt; 157 rt->rt_refcnt++; 158 goto miss; 159 } 160 if ((rt = newrt) && (rt->rt_flags & RTF_XRESOLVE)) { 161 /* 162 * If the new route specifies it be 163 * externally resolved, then go do that. 164 */ 165 msgtype = RTM_RESOLVE; 166 goto miss; 167 } 168 } else 169 rt->rt_refcnt++; 170 } else { 171 /* 172 * Either we hit the root or couldn't find any match, 173 * Which basically means 174 * "caint get there frm here" 175 */ 176 rtstat.rts_unreach++; 177 miss: if (report) { 178 /* 179 * If required, report the failure to the supervising 180 * Authorities. 181 * For a delete, this is not an error. (report == 0) 182 */ 183 bzero((caddr_t)&info, sizeof(info)); 184 info.rti_info[RTAX_DST] = dst; 185 rt_missmsg(msgtype, &info, 0, err); 186 } 187 } 188 splx(s); 189 return (newrt); 190 } 191 192 /* 193 * Remove a reference count from an rtentry. 194 * If the count gets low enough, take it out of the routing table 195 */ 196 void 197 rtfree(rt) 198 register struct rtentry *rt; 199 { 200 /* 201 * find the tree for that address family 202 */ 203 register struct radix_node_head *rnh = 204 rt_tables[rt_key(rt)->sa_family]; 205 register struct ifaddr *ifa; 206 207 if (rt == 0 || rnh == 0) 208 panic("rtfree"); 209 210 /* 211 * decrement the reference count by one and if it reaches 0, 212 * and there is a close function defined, call the close function 213 */ 214 rt->rt_refcnt--; 215 if(rnh->rnh_close && rt->rt_refcnt == 0) { 216 rnh->rnh_close((struct radix_node *)rt, rnh); 217 } 218 219 /* 220 * If we are no longer "up" (and ref == 0) 221 * then we can free the resources associated 222 * with the route. 223 */ 224 if (rt->rt_refcnt <= 0 && (rt->rt_flags & RTF_UP) == 0) { 225 if (rt->rt_nodes->rn_flags & (RNF_ACTIVE | RNF_ROOT)) 226 panic ("rtfree 2"); 227 /* 228 * the rtentry must have been removed from the routing table 229 * so it is represented in rttrash.. remove that now. 230 */ 231 rttrash--; 232 233 #ifdef DIAGNOSTIC 234 if (rt->rt_refcnt < 0) { 235 printf("rtfree: %p not freed (neg refs)\n", rt); 236 return; 237 } 238 #endif 239 240 /* 241 * release references on items we hold them on.. 242 * e.g other routes and ifaddrs. 243 */ 244 if((ifa = rt->rt_ifa)) 245 IFAFREE(ifa); 246 if (rt->rt_parent) { 247 RTFREE(rt->rt_parent); 248 } 249 250 /* 251 * The key is separatly alloc'd so free it (see rt_setgate()). 252 * This also frees the gateway, as they are always malloc'd 253 * together. 254 */ 255 Free(rt_key(rt)); 256 257 /* 258 * and the rtentry itself of course 259 */ 260 Free(rt); 261 } 262 } 263 264 void 265 ifafree(ifa) 266 register struct ifaddr *ifa; 267 { 268 if (ifa == NULL) 269 panic("ifafree"); 270 if (ifa->ifa_refcnt == 0) 271 free(ifa, M_IFADDR); 272 else 273 ifa->ifa_refcnt--; 274 } 275 276 /* 277 * Force a routing table entry to the specified 278 * destination to go through the given gateway. 279 * Normally called as a result of a routing redirect 280 * message from the network layer. 281 * 282 * N.B.: must be called at splnet 283 * 284 */ 285 void 286 rtredirect(dst, gateway, netmask, flags, src, rtp) 287 struct sockaddr *dst, *gateway, *netmask, *src; 288 int flags; 289 struct rtentry **rtp; 290 { 291 register struct rtentry *rt; 292 int error = 0; 293 short *stat = 0; 294 struct rt_addrinfo info; 295 struct ifaddr *ifa; 296 297 /* verify the gateway is directly reachable */ 298 if ((ifa = ifa_ifwithnet(gateway)) == 0) { 299 error = ENETUNREACH; 300 goto out; 301 } 302 rt = rtalloc1(dst, 0, 0UL); 303 /* 304 * If the redirect isn't from our current router for this dst, 305 * it's either old or wrong. If it redirects us to ourselves, 306 * we have a routing loop, perhaps as a result of an interface 307 * going down recently. 308 */ 309 #define equal(a1, a2) (bcmp((caddr_t)(a1), (caddr_t)(a2), (a1)->sa_len) == 0) 310 if (!(flags & RTF_DONE) && rt && 311 (!equal(src, rt->rt_gateway) || rt->rt_ifa != ifa)) 312 error = EINVAL; 313 else if (ifa_ifwithaddr(gateway)) 314 error = EHOSTUNREACH; 315 if (error) 316 goto done; 317 /* 318 * Create a new entry if we just got back a wildcard entry 319 * or the the lookup failed. This is necessary for hosts 320 * which use routing redirects generated by smart gateways 321 * to dynamically build the routing tables. 322 */ 323 if ((rt == 0) || (rt_mask(rt) && rt_mask(rt)->sa_len < 2)) 324 goto create; 325 /* 326 * Don't listen to the redirect if it's 327 * for a route to an interface. 328 */ 329 if (rt->rt_flags & RTF_GATEWAY) { 330 if (((rt->rt_flags & RTF_HOST) == 0) && (flags & RTF_HOST)) { 331 /* 332 * Changing from route to net => route to host. 333 * Create new route, rather than smashing route to net. 334 */ 335 create: 336 flags |= RTF_GATEWAY | RTF_DYNAMIC; 337 error = rtrequest((int)RTM_ADD, dst, gateway, 338 netmask, flags, 339 (struct rtentry **)0); 340 stat = &rtstat.rts_dynamic; 341 } else { 342 /* 343 * Smash the current notion of the gateway to 344 * this destination. Should check about netmask!!! 345 */ 346 rt->rt_flags |= RTF_MODIFIED; 347 flags |= RTF_MODIFIED; 348 stat = &rtstat.rts_newgateway; 349 /* 350 * add the key and gateway (in one malloc'd chunk). 351 */ 352 rt_setgate(rt, rt_key(rt), gateway); 353 } 354 } else 355 error = EHOSTUNREACH; 356 done: 357 if (rt) { 358 if (rtp && !error) 359 *rtp = rt; 360 else 361 rtfree(rt); 362 } 363 out: 364 if (error) 365 rtstat.rts_badredirect++; 366 else if (stat != NULL) 367 (*stat)++; 368 bzero((caddr_t)&info, sizeof(info)); 369 info.rti_info[RTAX_DST] = dst; 370 info.rti_info[RTAX_GATEWAY] = gateway; 371 info.rti_info[RTAX_NETMASK] = netmask; 372 info.rti_info[RTAX_AUTHOR] = src; 373 rt_missmsg(RTM_REDIRECT, &info, flags, error); 374 } 375 376 /* 377 * Routing table ioctl interface. 378 */ 379 int 380 rtioctl(req, data, p) 381 int req; 382 caddr_t data; 383 struct proc *p; 384 { 385 #ifdef INET 386 /* Multicast goop, grrr... */ 387 #ifdef MROUTING 388 return mrt_ioctl(req, data); 389 #else 390 return mrt_ioctl(req, data, p); 391 #endif 392 #else /* INET */ 393 return ENXIO; 394 #endif /* INET */ 395 } 396 397 struct ifaddr * 398 ifa_ifwithroute(flags, dst, gateway) 399 int flags; 400 struct sockaddr *dst, *gateway; 401 { 402 register struct ifaddr *ifa; 403 if ((flags & RTF_GATEWAY) == 0) { 404 /* 405 * If we are adding a route to an interface, 406 * and the interface is a pt to pt link 407 * we should search for the destination 408 * as our clue to the interface. Otherwise 409 * we can use the local address. 410 */ 411 ifa = 0; 412 if (flags & RTF_HOST) { 413 ifa = ifa_ifwithdstaddr(dst); 414 } 415 if (ifa == 0) 416 ifa = ifa_ifwithaddr(gateway); 417 } else { 418 /* 419 * If we are adding a route to a remote net 420 * or host, the gateway may still be on the 421 * other end of a pt to pt link. 422 */ 423 ifa = ifa_ifwithdstaddr(gateway); 424 } 425 if (ifa == 0) 426 ifa = ifa_ifwithnet(gateway); 427 if (ifa == 0) { 428 struct rtentry *rt = rtalloc1(gateway, 0, 0UL); 429 if (rt == 0) 430 return (0); 431 rt->rt_refcnt--; 432 if ((ifa = rt->rt_ifa) == 0) 433 return (0); 434 } 435 if (ifa->ifa_addr->sa_family != dst->sa_family) { 436 struct ifaddr *oifa = ifa; 437 ifa = ifaof_ifpforaddr(dst, ifa->ifa_ifp); 438 if (ifa == 0) 439 ifa = oifa; 440 } 441 return (ifa); 442 } 443 444 #define ROUNDUP(a) (a>0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long)) 445 446 static int rt_fixdelete __P((struct radix_node *, void *)); 447 static int rt_fixchange __P((struct radix_node *, void *)); 448 449 struct rtfc_arg { 450 struct rtentry *rt0; 451 struct radix_node_head *rnh; 452 }; 453 454 /* 455 * Do appropriate manipulations of a routing tree given 456 * all the bits of info needed 457 */ 458 int 459 rtrequest(req, dst, gateway, netmask, flags, ret_nrt) 460 int req, flags; 461 struct sockaddr *dst, *gateway, *netmask; 462 struct rtentry **ret_nrt; 463 { 464 int s = splnet(); int error = 0; 465 register struct rtentry *rt; 466 register struct radix_node *rn; 467 register struct radix_node_head *rnh; 468 struct ifaddr *ifa; 469 struct sockaddr *ndst; 470 #define senderr(x) { error = x ; goto bad; } 471 472 /* 473 * Find the correct routing tree to use for this Address Family 474 */ 475 if ((rnh = rt_tables[dst->sa_family]) == 0) 476 senderr(ESRCH); 477 /* 478 * If we are adding a host route then we don't want to put 479 * a netmask in the tree 480 */ 481 if (flags & RTF_HOST) 482 netmask = 0; 483 switch (req) { 484 case RTM_DELETE: 485 /* 486 * Remove the item from the tree and return it. 487 * Complain if it is not there and do no more processing. 488 */ 489 if ((rn = rnh->rnh_deladdr(dst, netmask, rnh)) == 0) 490 senderr(ESRCH); 491 if (rn->rn_flags & (RNF_ACTIVE | RNF_ROOT)) 492 panic ("rtrequest delete"); 493 rt = (struct rtentry *)rn; 494 495 /* 496 * Now search what's left of the subtree for any cloned 497 * routes which might have been formed from this node. 498 */ 499 if ((rt->rt_flags & (RTF_CLONING | RTF_PRCLONING)) && 500 rt_mask(rt)) { 501 rnh->rnh_walktree_from(rnh, dst, rt_mask(rt), 502 rt_fixdelete, rt); 503 } 504 505 /* 506 * Remove any external references we may have. 507 * This might result in another rtentry being freed if 508 * we held its last reference. 509 */ 510 if (rt->rt_gwroute) { 511 rt = rt->rt_gwroute; 512 RTFREE(rt); 513 (rt = (struct rtentry *)rn)->rt_gwroute = 0; 514 } 515 516 /* 517 * NB: RTF_UP must be set during the search above, 518 * because we might delete the last ref, causing 519 * rt to get freed prematurely. 520 * eh? then why not just add a reference? 521 * I'm not sure how RTF_UP helps matters. (JRE) 522 */ 523 rt->rt_flags &= ~RTF_UP; 524 525 /* 526 * give the protocol a chance to keep things in sync. 527 */ 528 if ((ifa = rt->rt_ifa) && ifa->ifa_rtrequest) 529 ifa->ifa_rtrequest(RTM_DELETE, rt, SA(0)); 530 531 /* 532 * one more rtentry floating around that is not 533 * linked to the routing table. 534 */ 535 rttrash++; 536 537 /* 538 * If the caller wants it, then it can have it, 539 * but it's up to it to free the rtentry as we won't be 540 * doing it. 541 */ 542 if (ret_nrt) 543 *ret_nrt = rt; 544 else if (rt->rt_refcnt <= 0) { 545 rt->rt_refcnt++; /* make a 1->0 transition */ 546 rtfree(rt); 547 } 548 break; 549 550 case RTM_RESOLVE: 551 if (ret_nrt == 0 || (rt = *ret_nrt) == 0) 552 senderr(EINVAL); 553 ifa = rt->rt_ifa; 554 flags = rt->rt_flags & 555 ~(RTF_CLONING | RTF_PRCLONING | RTF_STATIC); 556 flags |= RTF_WASCLONED; 557 gateway = rt->rt_gateway; 558 if ((netmask = rt->rt_genmask) == 0) 559 flags |= RTF_HOST; 560 goto makeroute; 561 562 case RTM_ADD: 563 if ((flags & RTF_GATEWAY) && !gateway) 564 panic("rtrequest: GATEWAY but no gateway"); 565 566 if ((ifa = ifa_ifwithroute(flags, dst, gateway)) == 0) 567 senderr(ENETUNREACH); 568 569 makeroute: 570 R_Malloc(rt, struct rtentry *, sizeof(*rt)); 571 if (rt == 0) 572 senderr(ENOBUFS); 573 Bzero(rt, sizeof(*rt)); 574 rt->rt_flags = RTF_UP | flags; 575 /* 576 * Add the gateway. Possibly re-malloc-ing the storage for it 577 * also add the rt_gwroute if possible. 578 */ 579 if ((error = rt_setgate(rt, dst, gateway)) != 0) { 580 Free(rt); 581 senderr(error); 582 } 583 584 /* 585 * point to the (possibly newly malloc'd) dest address. 586 */ 587 ndst = rt_key(rt); 588 589 /* 590 * make sure it contains the value we want (masked if needed). 591 */ 592 if (netmask) { 593 rt_maskedcopy(dst, ndst, netmask); 594 } else 595 Bcopy(dst, ndst, dst->sa_len); 596 597 /* 598 * Note that we now have a reference to the ifa. 599 * This moved from below so that rnh->rnh_addaddr() can 600 * examine the ifa and ifa->ifa_ifp if it so desires. 601 */ 602 ifa->ifa_refcnt++; 603 rt->rt_ifa = ifa; 604 rt->rt_ifp = ifa->ifa_ifp; 605 /* XXX mtu manipulation will be done in rnh_addaddr -- itojun */ 606 607 rn = rnh->rnh_addaddr((caddr_t)ndst, (caddr_t)netmask, 608 rnh, rt->rt_nodes); 609 if (rn == 0) { 610 struct rtentry *rt2; 611 /* 612 * Uh-oh, we already have one of these in the tree. 613 * We do a special hack: if the route that's already 614 * there was generated by the protocol-cloning 615 * mechanism, then we just blow it away and retry 616 * the insertion of the new one. 617 */ 618 rt2 = rtalloc1(dst, 0, RTF_PRCLONING); 619 if (rt2 && rt2->rt_parent) { 620 rtrequest(RTM_DELETE, 621 (struct sockaddr *)rt_key(rt2), 622 rt2->rt_gateway, 623 rt_mask(rt2), rt2->rt_flags, 0); 624 RTFREE(rt2); 625 rn = rnh->rnh_addaddr((caddr_t)ndst, 626 (caddr_t)netmask, 627 rnh, rt->rt_nodes); 628 } else if (rt2) { 629 /* undo the extra ref we got */ 630 RTFREE(rt2); 631 } 632 } 633 634 /* 635 * If it still failed to go into the tree, 636 * then un-make it (this should be a function) 637 */ 638 if (rn == 0) { 639 if (rt->rt_gwroute) 640 rtfree(rt->rt_gwroute); 641 if (rt->rt_ifa) { 642 IFAFREE(rt->rt_ifa); 643 } 644 Free(rt_key(rt)); 645 Free(rt); 646 senderr(EEXIST); 647 } 648 649 rt->rt_parent = 0; 650 651 /* 652 * If we got here from RESOLVE, then we are cloning 653 * so clone the rest, and note that we 654 * are a clone (and increment the parent's references) 655 */ 656 if (req == RTM_RESOLVE) { 657 rt->rt_rmx = (*ret_nrt)->rt_rmx; /* copy metrics */ 658 if ((*ret_nrt)->rt_flags & (RTF_CLONING | RTF_PRCLONING)) { 659 rt->rt_parent = (*ret_nrt); 660 (*ret_nrt)->rt_refcnt++; 661 } 662 } 663 664 /* 665 * if this protocol has something to add to this then 666 * allow it to do that as well. 667 */ 668 if (ifa->ifa_rtrequest) 669 ifa->ifa_rtrequest(req, rt, SA(ret_nrt ? *ret_nrt : 0)); 670 671 /* 672 * We repeat the same procedure from rt_setgate() here because 673 * it doesn't fire when we call it there because the node 674 * hasn't been added to the tree yet. 675 */ 676 if (!(rt->rt_flags & RTF_HOST) && rt_mask(rt) != 0) { 677 struct rtfc_arg arg; 678 arg.rnh = rnh; 679 arg.rt0 = rt; 680 rnh->rnh_walktree_from(rnh, rt_key(rt), rt_mask(rt), 681 rt_fixchange, &arg); 682 } 683 684 /* 685 * actually return a resultant rtentry and 686 * give the caller a single reference. 687 */ 688 if (ret_nrt) { 689 *ret_nrt = rt; 690 rt->rt_refcnt++; 691 } 692 break; 693 } 694 bad: 695 splx(s); 696 return (error); 697 } 698 699 /* 700 * Called from rtrequest(RTM_DELETE, ...) to fix up the route's ``family'' 701 * (i.e., the routes related to it by the operation of cloning). This 702 * routine is iterated over all potential former-child-routes by way of 703 * rnh->rnh_walktree_from() above, and those that actually are children of 704 * the late parent (passed in as VP here) are themselves deleted. 705 */ 706 static int 707 rt_fixdelete(rn, vp) 708 struct radix_node *rn; 709 void *vp; 710 { 711 struct rtentry *rt = (struct rtentry *)rn; 712 struct rtentry *rt0 = vp; 713 714 if (rt->rt_parent == rt0 && !(rt->rt_flags & RTF_PINNED)) { 715 return rtrequest(RTM_DELETE, rt_key(rt), 716 (struct sockaddr *)0, rt_mask(rt), 717 rt->rt_flags, (struct rtentry **)0); 718 } 719 return 0; 720 } 721 722 /* 723 * This routine is called from rt_setgate() to do the analogous thing for 724 * adds and changes. There is the added complication in this case of a 725 * middle insert; i.e., insertion of a new network route between an older 726 * network route and (cloned) host routes. For this reason, a simple check 727 * of rt->rt_parent is insufficient; each candidate route must be tested 728 * against the (mask, value) of the new route (passed as before in vp) 729 * to see if the new route matches it. Unfortunately, this has the obnoxious 730 * property of also triggering for insertion /above/ a pre-existing network 731 * route and clones. Sigh. This may be fixed some day. 732 * 733 * XXX - it may be possible to do fixdelete() for changes and reserve this 734 * routine just for adds. I'm not sure why I thought it was necessary to do 735 * changes this way. 736 */ 737 #ifdef DEBUG 738 static int rtfcdebug = 0; 739 #endif 740 741 static int 742 rt_fixchange(rn, vp) 743 struct radix_node *rn; 744 void *vp; 745 { 746 struct rtentry *rt = (struct rtentry *)rn; 747 struct rtfc_arg *ap = vp; 748 struct rtentry *rt0 = ap->rt0; 749 struct radix_node_head *rnh = ap->rnh; 750 u_char *xk1, *xm1, *xk2; 751 int i, len; 752 753 #ifdef DEBUG 754 if (rtfcdebug) 755 printf("rt_fixchange: rt %p, rt0 %p\n", rt, rt0); 756 #endif 757 758 if (!rt->rt_parent || (rt->rt_flags & RTF_PINNED)) { 759 #ifdef DEBUG 760 if(rtfcdebug) printf("no parent or pinned\n"); 761 #endif 762 return 0; 763 } 764 765 if (rt->rt_parent == rt0) { 766 #ifdef DEBUG 767 if(rtfcdebug) printf("parent match\n"); 768 #endif 769 return rtrequest(RTM_DELETE, rt_key(rt), 770 (struct sockaddr *)0, rt_mask(rt), 771 rt->rt_flags, (struct rtentry **)0); 772 } 773 774 /* 775 * There probably is a function somewhere which does this... 776 * if not, there should be. 777 */ 778 len = imin(((struct sockaddr *)rt_key(rt0))->sa_len, 779 ((struct sockaddr *)rt_key(rt))->sa_len); 780 781 xk1 = (u_char *)rt_key(rt0); 782 xm1 = (u_char *)rt_mask(rt0); 783 xk2 = (u_char *)rt_key(rt); 784 785 for (i = rnh->rnh_treetop->rn_offset; i < len; i++) { 786 if ((xk2[i] & xm1[i]) != xk1[i]) { 787 #ifdef DEBUG 788 if(rtfcdebug) printf("no match\n"); 789 #endif 790 return 0; 791 } 792 } 793 794 /* 795 * OK, this node is a clone, and matches the node currently being 796 * changed/added under the node's mask. So, get rid of it. 797 */ 798 #ifdef DEBUG 799 if(rtfcdebug) printf("deleting\n"); 800 #endif 801 return rtrequest(RTM_DELETE, rt_key(rt), (struct sockaddr *)0, 802 rt_mask(rt), rt->rt_flags, (struct rtentry **)0); 803 } 804 805 int 806 rt_setgate(rt0, dst, gate) 807 struct rtentry *rt0; 808 struct sockaddr *dst, *gate; 809 { 810 caddr_t new, old; 811 int dlen = ROUNDUP(dst->sa_len), glen = ROUNDUP(gate->sa_len); 812 register struct rtentry *rt = rt0; 813 struct radix_node_head *rnh = rt_tables[dst->sa_family]; 814 815 /* 816 * A host route with the destination equal to the gateway 817 * will interfere with keeping LLINFO in the routing 818 * table, so disallow it. 819 */ 820 if (((rt0->rt_flags & (RTF_HOST|RTF_GATEWAY|RTF_LLINFO)) == 821 (RTF_HOST|RTF_GATEWAY)) && 822 (dst->sa_len == gate->sa_len) && 823 (bcmp(dst, gate, dst->sa_len) == 0)) { 824 /* 825 * The route might already exist if this is an RTM_CHANGE 826 * or a routing redirect, so try to delete it. 827 */ 828 if (rt_key(rt0)) 829 rtrequest(RTM_DELETE, (struct sockaddr *)rt_key(rt0), 830 rt0->rt_gateway, rt_mask(rt0), rt0->rt_flags, 0); 831 return EADDRNOTAVAIL; 832 } 833 834 /* 835 * Both dst and gateway are stored in the same malloc'd chunk 836 * (If I ever get my hands on....) 837 * if we need to malloc a new chunk, then keep the old one around 838 * till we don't need it any more. 839 */ 840 if (rt->rt_gateway == 0 || glen > ROUNDUP(rt->rt_gateway->sa_len)) { 841 old = (caddr_t)rt_key(rt); 842 R_Malloc(new, caddr_t, dlen + glen); 843 if (new == 0) 844 return ENOBUFS; 845 rt->rt_nodes->rn_key = new; 846 } else { 847 /* 848 * otherwise just overwrite the old one 849 */ 850 new = rt->rt_nodes->rn_key; 851 old = 0; 852 } 853 854 /* 855 * copy the new gateway value into the memory chunk 856 */ 857 Bcopy(gate, (rt->rt_gateway = (struct sockaddr *)(new + dlen)), glen); 858 859 /* 860 * if we are replacing the chunk (or it's new) we need to 861 * replace the dst as well 862 */ 863 if (old) { 864 Bcopy(dst, new, dlen); 865 Free(old); 866 } 867 868 /* 869 * If there is already a gwroute, it's now almost definitly wrong 870 * so drop it. 871 */ 872 if (rt->rt_gwroute) { 873 rt = rt->rt_gwroute; RTFREE(rt); 874 rt = rt0; rt->rt_gwroute = 0; 875 } 876 /* 877 * Cloning loop avoidance: 878 * In the presence of protocol-cloning and bad configuration, 879 * it is possible to get stuck in bottomless mutual recursion 880 * (rtrequest rt_setgate rtalloc1). We avoid this by not allowing 881 * protocol-cloning to operate for gateways (which is probably the 882 * correct choice anyway), and avoid the resulting reference loops 883 * by disallowing any route to run through itself as a gateway. 884 * This is obviously mandatory when we get rt->rt_output(). 885 */ 886 if (rt->rt_flags & RTF_GATEWAY) { 887 rt->rt_gwroute = rtalloc1(gate, 1, RTF_PRCLONING); 888 if (rt->rt_gwroute == rt) { 889 RTFREE(rt->rt_gwroute); 890 rt->rt_gwroute = 0; 891 return EDQUOT; /* failure */ 892 } 893 } 894 895 /* 896 * This isn't going to do anything useful for host routes, so 897 * don't bother. Also make sure we have a reasonable mask 898 * (we don't yet have one during adds). 899 */ 900 if (!(rt->rt_flags & RTF_HOST) && rt_mask(rt) != 0) { 901 struct rtfc_arg arg; 902 arg.rnh = rnh; 903 arg.rt0 = rt; 904 rnh->rnh_walktree_from(rnh, rt_key(rt), rt_mask(rt), 905 rt_fixchange, &arg); 906 } 907 908 return 0; 909 } 910 911 static void 912 rt_maskedcopy(src, dst, netmask) 913 struct sockaddr *src, *dst, *netmask; 914 { 915 register u_char *cp1 = (u_char *)src; 916 register u_char *cp2 = (u_char *)dst; 917 register u_char *cp3 = (u_char *)netmask; 918 u_char *cplim = cp2 + *cp3; 919 u_char *cplim2 = cp2 + *cp1; 920 921 *cp2++ = *cp1++; *cp2++ = *cp1++; /* copies sa_len & sa_family */ 922 cp3 += 2; 923 if (cplim > cplim2) 924 cplim = cplim2; 925 while (cp2 < cplim) 926 *cp2++ = *cp1++ & *cp3++; 927 if (cp2 < cplim2) 928 bzero((caddr_t)cp2, (unsigned)(cplim2 - cp2)); 929 } 930 931 /* 932 * Set up a routing table entry, normally 933 * for an interface. 934 */ 935 int 936 rtinit(ifa, cmd, flags) 937 register struct ifaddr *ifa; 938 int cmd, flags; 939 { 940 register struct rtentry *rt; 941 register struct sockaddr *dst; 942 register struct sockaddr *deldst; 943 struct mbuf *m = 0; 944 struct rtentry *nrt = 0; 945 int error; 946 947 dst = flags & RTF_HOST ? ifa->ifa_dstaddr : ifa->ifa_addr; 948 /* 949 * If it's a delete, check that if it exists, it's on the correct 950 * interface or we might scrub a route to another ifa which would 951 * be confusing at best and possibly worse. 952 */ 953 if (cmd == RTM_DELETE) { 954 /* 955 * It's a delete, so it should already exist.. 956 * If it's a net, mask off the host bits 957 * (Assuming we have a mask) 958 */ 959 if ((flags & RTF_HOST) == 0 && ifa->ifa_netmask) { 960 m = m_get(M_DONTWAIT, MT_SONAME); 961 if (m == NULL) 962 return(ENOBUFS); 963 deldst = mtod(m, struct sockaddr *); 964 rt_maskedcopy(dst, deldst, ifa->ifa_netmask); 965 dst = deldst; 966 } 967 /* 968 * Get an rtentry that is in the routing tree and 969 * contains the correct info. (if this fails, can't get there). 970 * We set "report" to FALSE so that if it doesn't exist, 971 * it doesn't report an error or clone a route, etc. etc. 972 */ 973 rt = rtalloc1(dst, 0, 0UL); 974 if (rt) { 975 /* 976 * Ok so we found the rtentry. it has an extra reference 977 * for us at this stage. we won't need that so 978 * lop that off now. 979 */ 980 rt->rt_refcnt--; 981 if (rt->rt_ifa != ifa) { 982 /* 983 * If the interface in the rtentry doesn't match 984 * the interface we are using, then we don't 985 * want to delete it, so return an error. 986 * This seems to be the only point of 987 * this whole RTM_DELETE clause. 988 */ 989 if (m) 990 (void) m_free(m); 991 return (flags & RTF_HOST ? EHOSTUNREACH 992 : ENETUNREACH); 993 } 994 } 995 /* XXX */ 996 #if 0 997 else { 998 /* 999 * One would think that as we are deleting, and we know 1000 * it doesn't exist, we could just return at this point 1001 * with an "ELSE" clause, but apparently not.. 1002 */ 1003 return (flags & RTF_HOST ? EHOSTUNREACH 1004 : ENETUNREACH); 1005 } 1006 #endif 1007 } 1008 /* 1009 * Do the actual request 1010 */ 1011 error = rtrequest(cmd, dst, ifa->ifa_addr, ifa->ifa_netmask, 1012 flags | ifa->ifa_flags, &nrt); 1013 if (m) 1014 (void) m_free(m); 1015 /* 1016 * If we are deleting, and we found an entry, then 1017 * it's been removed from the tree.. now throw it away. 1018 */ 1019 if (cmd == RTM_DELETE && error == 0 && (rt = nrt)) { 1020 /* 1021 * notify any listenning routing agents of the change 1022 */ 1023 rt_newaddrmsg(cmd, ifa, error, nrt); 1024 if (rt->rt_refcnt <= 0) { 1025 rt->rt_refcnt++; /* need a 1->0 transition to free */ 1026 rtfree(rt); 1027 } 1028 } 1029 1030 /* 1031 * We are adding, and we have a returned routing entry. 1032 * We need to sanity check the result. 1033 */ 1034 if (cmd == RTM_ADD && error == 0 && (rt = nrt)) { 1035 /* 1036 * We just wanted to add it.. we don't actually need a reference 1037 */ 1038 rt->rt_refcnt--; 1039 /* 1040 * If it came back with an unexpected interface, then it must 1041 * have already existed or something. (XXX) 1042 */ 1043 if (rt->rt_ifa != ifa) { 1044 if (!(rt->rt_ifa->ifa_ifp->if_flags & 1045 (IFF_POINTOPOINT|IFF_LOOPBACK))) 1046 printf("rtinit: wrong ifa (%p) was (%p)\n", 1047 ifa, rt->rt_ifa); 1048 /* 1049 * Ask that the protocol in question 1050 * remove anything it has associated with 1051 * this route and ifaddr. 1052 */ 1053 if (rt->rt_ifa->ifa_rtrequest) 1054 rt->rt_ifa->ifa_rtrequest(RTM_DELETE, rt, SA(0)); 1055 /* 1056 * Remove the reference to its ifaddr. 1057 */ 1058 IFAFREE(rt->rt_ifa); 1059 /* 1060 * And substitute in references to the ifaddr 1061 * we are adding. 1062 */ 1063 rt->rt_ifa = ifa; 1064 rt->rt_ifp = ifa->ifa_ifp; 1065 rt->rt_rmx.rmx_mtu = ifa->ifa_ifp->if_mtu; /*XXX*/ 1066 ifa->ifa_refcnt++; 1067 /* 1068 * Now ask the protocol to check if it needs 1069 * any special processing in its new form. 1070 */ 1071 if (ifa->ifa_rtrequest) 1072 ifa->ifa_rtrequest(RTM_ADD, rt, SA(0)); 1073 } 1074 /* 1075 * notify any listenning routing agents of the change 1076 */ 1077 rt_newaddrmsg(cmd, ifa, error, nrt); 1078 } 1079 return (error); 1080 } 1081 1082 /* This must be before ip6_init2(), which is now SI_ORDER_MIDDLE */ 1083 SYSINIT(route, SI_SUB_PROTO_DOMAIN, SI_ORDER_THIRD, route_init, 0); 1084