1 /* 2 * Copyright (c) 1980, 1986, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * @(#)route.c 8.3.1.1 (Berkeley) 2/23/95 34 * $FreeBSD$ 35 */ 36 37 #include "opt_inet.h" 38 #include "opt_mrouting.h" 39 40 #include <sys/param.h> 41 #include <sys/systm.h> 42 #include <sys/malloc.h> 43 #include <sys/mbuf.h> 44 #include <sys/socket.h> 45 #include <sys/domain.h> 46 #include <sys/kernel.h> 47 48 #include <net/if.h> 49 #include <net/route.h> 50 51 #include <netinet/in.h> 52 #include <netinet/ip_mroute.h> 53 54 #define SA(p) ((struct sockaddr *)(p)) 55 56 static struct rtstat rtstat; 57 struct radix_node_head *rt_tables[AF_MAX+1]; 58 59 static int rttrash; /* routes not in table but not freed */ 60 61 static void rt_maskedcopy(struct sockaddr *, 62 struct sockaddr *, struct sockaddr *); 63 static void rtable_init(void **); 64 65 static void 66 rtable_init(void **table) 67 { 68 struct domain *dom; 69 for (dom = domains; dom; dom = dom->dom_next) 70 if (dom->dom_rtattach) 71 dom->dom_rtattach(&table[dom->dom_family], 72 dom->dom_rtoffset); 73 } 74 75 void 76 route_init() 77 { 78 rn_init(); /* initialize all zeroes, all ones, mask table */ 79 rtable_init((void **)rt_tables); 80 } 81 82 /* 83 * Packet routing routines. 84 */ 85 void 86 rtalloc(struct route *ro) 87 { 88 rtalloc_ign(ro, 0UL); 89 } 90 91 void 92 rtalloc_ign(struct route *ro, u_long ignore) 93 { 94 struct rtentry *rt; 95 96 if ((rt = ro->ro_rt) != NULL) { 97 if (rt->rt_ifp != NULL && rt->rt_flags & RTF_UP) 98 return; 99 RTFREE(rt); 100 ro->ro_rt = NULL; 101 } 102 ro->ro_rt = rtalloc1(&ro->ro_dst, 1, ignore); 103 if (ro->ro_rt) 104 RT_UNLOCK(ro->ro_rt); 105 } 106 107 /* 108 * Look up the route that matches the address given 109 * Or, at least try.. Create a cloned route if needed. 110 * 111 * The returned route, if any, is locked. 112 */ 113 struct rtentry * 114 rtalloc1(struct sockaddr *dst, int report, u_long ignflags) 115 { 116 struct radix_node_head *rnh = rt_tables[dst->sa_family]; 117 struct rtentry *rt; 118 struct radix_node *rn; 119 struct rtentry *newrt; 120 struct rt_addrinfo info; 121 u_long nflags; 122 int err = 0, msgtype = RTM_MISS; 123 124 newrt = 0; 125 bzero(&info, sizeof(info)); 126 /* 127 * Look up the address in the table for that Address Family 128 */ 129 if (rnh == NULL) { 130 rtstat.rts_unreach++; 131 goto miss2; 132 } 133 RADIX_NODE_HEAD_LOCK(rnh); 134 if ((rn = rnh->rnh_matchaddr(dst, rnh)) && 135 (rn->rn_flags & RNF_ROOT) == 0) { 136 /* 137 * If we find it and it's not the root node, then 138 * get a refernce on the rtentry associated. 139 */ 140 newrt = rt = (struct rtentry *)rn; 141 nflags = rt->rt_flags & ~ignflags; 142 if (report && (nflags & RTF_CLONING)) { 143 /* 144 * We are apparently adding (report = 0 in delete). 145 * If it requires that it be cloned, do so. 146 * (This implies it wasn't a HOST route.) 147 */ 148 err = rtrequest(RTM_RESOLVE, dst, SA(0), 149 SA(0), 0, &newrt); 150 if (err) { 151 /* 152 * If the cloning didn't succeed, maybe 153 * what we have will do. Return that. 154 */ 155 newrt = rt; /* existing route */ 156 RT_LOCK(newrt); 157 RT_ADDREF(newrt); 158 goto miss; 159 } 160 KASSERT(newrt, ("no route and no error")); 161 RT_LOCK(newrt); 162 if (newrt->rt_flags & RTF_XRESOLVE) { 163 /* 164 * If the new route specifies it be 165 * externally resolved, then go do that. 166 */ 167 msgtype = RTM_RESOLVE; 168 goto miss; 169 } 170 /* Inform listeners of the new route. */ 171 info.rti_info[RTAX_DST] = rt_key(newrt); 172 info.rti_info[RTAX_NETMASK] = rt_mask(newrt); 173 info.rti_info[RTAX_GATEWAY] = newrt->rt_gateway; 174 if (newrt->rt_ifp != NULL) { 175 info.rti_info[RTAX_IFP] = 176 TAILQ_FIRST(&newrt->rt_ifp->if_addrhead)->ifa_addr; 177 info.rti_info[RTAX_IFA] = newrt->rt_ifa->ifa_addr; 178 } 179 rt_missmsg(RTM_ADD, &info, newrt->rt_flags, 0); 180 } else { 181 KASSERT(rt == newrt, ("locking wrong route")); 182 RT_LOCK(newrt); 183 RT_ADDREF(newrt); 184 } 185 RADIX_NODE_HEAD_UNLOCK(rnh); 186 } else { 187 /* 188 * Either we hit the root or couldn't find any match, 189 * Which basically means 190 * "caint get there frm here" 191 */ 192 rtstat.rts_unreach++; 193 miss: 194 RADIX_NODE_HEAD_UNLOCK(rnh); 195 miss2: if (report) { 196 /* 197 * If required, report the failure to the supervising 198 * Authorities. 199 * For a delete, this is not an error. (report == 0) 200 */ 201 info.rti_info[RTAX_DST] = dst; 202 rt_missmsg(msgtype, &info, 0, err); 203 } 204 } 205 if (newrt) 206 RT_LOCK_ASSERT(newrt); 207 return (newrt); 208 } 209 210 /* 211 * Remove a reference count from an rtentry. 212 * If the count gets low enough, take it out of the routing table 213 */ 214 void 215 rtfree(struct rtentry *rt) 216 { 217 /* 218 * find the tree for that address family 219 */ 220 struct radix_node_head *rnh = rt_tables[rt_key(rt)->sa_family]; 221 222 if (rt == 0 || rnh == 0) 223 panic("rtfree"); 224 225 RT_LOCK_ASSERT(rt); 226 227 /* 228 * decrement the reference count by one and if it reaches 0, 229 * and there is a close function defined, call the close function 230 */ 231 RT_REMREF(rt); 232 if (rt->rt_refcnt > 0) 233 goto done; 234 235 /* 236 * On last reference give the "close method" a chance 237 * to cleanup private state. This also permits (for 238 * IPv4 and IPv6) a chance to decide if the routing table 239 * entry should be purged immediately or at a later time. 240 * When an immediate purge is to happen the close routine 241 * typically calls rtexpunge which clears the RTF_UP flag 242 * on the entry so that the code below reclaims the storage. 243 */ 244 if (rt->rt_refcnt == 0 && rnh->rnh_close) 245 rnh->rnh_close((struct radix_node *)rt, rnh); 246 247 /* 248 * If we are no longer "up" (and ref == 0) 249 * then we can free the resources associated 250 * with the route. 251 */ 252 if ((rt->rt_flags & RTF_UP) == 0) { 253 if (rt->rt_nodes->rn_flags & (RNF_ACTIVE | RNF_ROOT)) 254 panic ("rtfree 2"); 255 /* 256 * the rtentry must have been removed from the routing table 257 * so it is represented in rttrash.. remove that now. 258 */ 259 rttrash--; 260 #ifdef DIAGNOSTIC 261 if (rt->rt_refcnt < 0) { 262 printf("rtfree: %p not freed (neg refs)\n", rt); 263 goto done; 264 } 265 #endif 266 /* 267 * release references on items we hold them on.. 268 * e.g other routes and ifaddrs. 269 */ 270 if (rt->rt_ifa) 271 IFAFREE(rt->rt_ifa); 272 rt->rt_parent = NULL; /* NB: no refcnt on parent */ 273 274 /* 275 * The key is separatly alloc'd so free it (see rt_setgate()). 276 * This also frees the gateway, as they are always malloc'd 277 * together. 278 */ 279 Free(rt_key(rt)); 280 281 /* 282 * and the rtentry itself of course 283 */ 284 RT_LOCK_DESTROY(rt); 285 Free(rt); 286 return; 287 } 288 done: 289 RT_UNLOCK(rt); 290 } 291 292 /* compare two sockaddr structures */ 293 #define sa_equal(a1, a2) (bcmp((a1), (a2), (a1)->sa_len) == 0) 294 295 /* 296 * Force a routing table entry to the specified 297 * destination to go through the given gateway. 298 * Normally called as a result of a routing redirect 299 * message from the network layer. 300 */ 301 void 302 rtredirect(struct sockaddr *dst, 303 struct sockaddr *gateway, 304 struct sockaddr *netmask, 305 int flags, 306 struct sockaddr *src) 307 { 308 struct rtentry *rt; 309 int error = 0; 310 short *stat = 0; 311 struct rt_addrinfo info; 312 struct ifaddr *ifa; 313 314 /* verify the gateway is directly reachable */ 315 if ((ifa = ifa_ifwithnet(gateway)) == 0) { 316 error = ENETUNREACH; 317 goto out; 318 } 319 rt = rtalloc1(dst, 0, 0UL); /* NB: rt is locked */ 320 /* 321 * If the redirect isn't from our current router for this dst, 322 * it's either old or wrong. If it redirects us to ourselves, 323 * we have a routing loop, perhaps as a result of an interface 324 * going down recently. 325 */ 326 if (!(flags & RTF_DONE) && rt && 327 (!sa_equal(src, rt->rt_gateway) || rt->rt_ifa != ifa)) 328 error = EINVAL; 329 else if (ifa_ifwithaddr(gateway)) 330 error = EHOSTUNREACH; 331 if (error) 332 goto done; 333 /* 334 * Create a new entry if we just got back a wildcard entry 335 * or the the lookup failed. This is necessary for hosts 336 * which use routing redirects generated by smart gateways 337 * to dynamically build the routing tables. 338 */ 339 if (rt == 0 || (rt_mask(rt) && rt_mask(rt)->sa_len < 2)) 340 goto create; 341 /* 342 * Don't listen to the redirect if it's 343 * for a route to an interface. 344 */ 345 if (rt->rt_flags & RTF_GATEWAY) { 346 if (((rt->rt_flags & RTF_HOST) == 0) && (flags & RTF_HOST)) { 347 /* 348 * Changing from route to net => route to host. 349 * Create new route, rather than smashing route to net. 350 */ 351 create: 352 if (rt) 353 rtfree(rt); 354 flags |= RTF_GATEWAY | RTF_DYNAMIC; 355 bzero((caddr_t)&info, sizeof(info)); 356 info.rti_info[RTAX_DST] = dst; 357 info.rti_info[RTAX_GATEWAY] = gateway; 358 info.rti_info[RTAX_NETMASK] = netmask; 359 info.rti_ifa = ifa; 360 info.rti_flags = flags; 361 rt = NULL; 362 error = rtrequest1(RTM_ADD, &info, &rt); 363 if (rt != NULL) { 364 RT_LOCK(rt); 365 flags = rt->rt_flags; 366 } 367 stat = &rtstat.rts_dynamic; 368 } else { 369 /* 370 * Smash the current notion of the gateway to 371 * this destination. Should check about netmask!!! 372 */ 373 rt->rt_flags |= RTF_MODIFIED; 374 flags |= RTF_MODIFIED; 375 stat = &rtstat.rts_newgateway; 376 /* 377 * add the key and gateway (in one malloc'd chunk). 378 */ 379 rt_setgate(rt, rt_key(rt), gateway); 380 } 381 } else 382 error = EHOSTUNREACH; 383 done: 384 if (rt) 385 rtfree(rt); 386 out: 387 if (error) 388 rtstat.rts_badredirect++; 389 else if (stat != NULL) 390 (*stat)++; 391 bzero((caddr_t)&info, sizeof(info)); 392 info.rti_info[RTAX_DST] = dst; 393 info.rti_info[RTAX_GATEWAY] = gateway; 394 info.rti_info[RTAX_NETMASK] = netmask; 395 info.rti_info[RTAX_AUTHOR] = src; 396 rt_missmsg(RTM_REDIRECT, &info, flags, error); 397 } 398 399 /* 400 * Routing table ioctl interface. 401 */ 402 int 403 rtioctl(u_long req, caddr_t data) 404 { 405 #ifdef INET 406 /* Multicast goop, grrr... */ 407 return mrt_ioctl ? mrt_ioctl(req, data) : EOPNOTSUPP; 408 #else /* INET */ 409 return ENXIO; 410 #endif /* INET */ 411 } 412 413 struct ifaddr * 414 ifa_ifwithroute(int flags, struct sockaddr *dst, struct sockaddr *gateway) 415 { 416 register struct ifaddr *ifa; 417 418 if ((flags & RTF_GATEWAY) == 0) { 419 /* 420 * If we are adding a route to an interface, 421 * and the interface is a pt to pt link 422 * we should search for the destination 423 * as our clue to the interface. Otherwise 424 * we can use the local address. 425 */ 426 ifa = 0; 427 if (flags & RTF_HOST) { 428 ifa = ifa_ifwithdstaddr(dst); 429 } 430 if (ifa == 0) 431 ifa = ifa_ifwithaddr(gateway); 432 } else { 433 /* 434 * If we are adding a route to a remote net 435 * or host, the gateway may still be on the 436 * other end of a pt to pt link. 437 */ 438 ifa = ifa_ifwithdstaddr(gateway); 439 } 440 if (ifa == 0) 441 ifa = ifa_ifwithnet(gateway); 442 if (ifa == 0) { 443 struct rtentry *rt = rtalloc1(gateway, 0, 0UL); 444 if (rt == 0) 445 return (0); 446 RT_REMREF(rt); 447 RT_UNLOCK(rt); 448 if ((ifa = rt->rt_ifa) == 0) 449 return (0); 450 } 451 if (ifa->ifa_addr->sa_family != dst->sa_family) { 452 struct ifaddr *oifa = ifa; 453 ifa = ifaof_ifpforaddr(dst, ifa->ifa_ifp); 454 if (ifa == 0) 455 ifa = oifa; 456 } 457 return (ifa); 458 } 459 460 static int rt_fixdelete(struct radix_node *, void *); 461 static int rt_fixchange(struct radix_node *, void *); 462 463 struct rtfc_arg { 464 struct rtentry *rt0; 465 struct radix_node_head *rnh; 466 }; 467 468 /* 469 * Do appropriate manipulations of a routing tree given 470 * all the bits of info needed 471 */ 472 int 473 rtrequest(int req, 474 struct sockaddr *dst, 475 struct sockaddr *gateway, 476 struct sockaddr *netmask, 477 int flags, 478 struct rtentry **ret_nrt) 479 { 480 struct rt_addrinfo info; 481 482 bzero((caddr_t)&info, sizeof(info)); 483 info.rti_flags = flags; 484 info.rti_info[RTAX_DST] = dst; 485 info.rti_info[RTAX_GATEWAY] = gateway; 486 info.rti_info[RTAX_NETMASK] = netmask; 487 return rtrequest1(req, &info, ret_nrt); 488 } 489 490 /* 491 * These (questionable) definitions of apparent local variables apply 492 * to the next two functions. XXXXXX!!! 493 */ 494 #define dst info->rti_info[RTAX_DST] 495 #define gateway info->rti_info[RTAX_GATEWAY] 496 #define netmask info->rti_info[RTAX_NETMASK] 497 #define ifaaddr info->rti_info[RTAX_IFA] 498 #define ifpaddr info->rti_info[RTAX_IFP] 499 #define flags info->rti_flags 500 501 int 502 rt_getifa(struct rt_addrinfo *info) 503 { 504 struct ifaddr *ifa; 505 int error = 0; 506 507 /* 508 * ifp may be specified by sockaddr_dl 509 * when protocol address is ambiguous. 510 */ 511 if (info->rti_ifp == NULL && ifpaddr != NULL && 512 ifpaddr->sa_family == AF_LINK && 513 (ifa = ifa_ifwithnet(ifpaddr)) != NULL) 514 info->rti_ifp = ifa->ifa_ifp; 515 if (info->rti_ifa == NULL && ifaaddr != NULL) 516 info->rti_ifa = ifa_ifwithaddr(ifaaddr); 517 if (info->rti_ifa == NULL) { 518 struct sockaddr *sa; 519 520 sa = ifaaddr != NULL ? ifaaddr : 521 (gateway != NULL ? gateway : dst); 522 if (sa != NULL && info->rti_ifp != NULL) 523 info->rti_ifa = ifaof_ifpforaddr(sa, info->rti_ifp); 524 else if (dst != NULL && gateway != NULL) 525 info->rti_ifa = ifa_ifwithroute(flags, dst, gateway); 526 else if (sa != NULL) 527 info->rti_ifa = ifa_ifwithroute(flags, sa, sa); 528 } 529 if ((ifa = info->rti_ifa) != NULL) { 530 if (info->rti_ifp == NULL) 531 info->rti_ifp = ifa->ifa_ifp; 532 } else 533 error = ENETUNREACH; 534 return (error); 535 } 536 537 /* 538 * Expunges references to a route that's about to be reclaimed. 539 * The route must be locked. 540 */ 541 int 542 rtexpunge(struct rtentry *rt) 543 { 544 struct radix_node *rn; 545 struct radix_node_head *rnh; 546 struct ifaddr *ifa; 547 int error = 0; 548 549 RT_LOCK_ASSERT(rt); 550 #if 0 551 /* 552 * We cannot assume anything about the reference count 553 * because protocols call us in many situations; often 554 * before unwinding references to the table entry. 555 */ 556 KASSERT(rt->rt_refcnt <= 1, ("bogus refcnt %ld", rt->rt_refcnt)); 557 #endif 558 /* 559 * Find the correct routing tree to use for this Address Family 560 */ 561 rnh = rt_tables[rt_key(rt)->sa_family]; 562 if (rnh == 0) 563 return (EAFNOSUPPORT); 564 565 RADIX_NODE_HEAD_LOCK(rnh); 566 567 /* 568 * Remove the item from the tree; it should be there, 569 * but when callers invoke us blindly it may not (sigh). 570 */ 571 rn = rnh->rnh_deladdr(rt_key(rt), rt_mask(rt), rnh); 572 if (rn == 0) { 573 error = ESRCH; 574 goto bad; 575 } 576 KASSERT((rn->rn_flags & (RNF_ACTIVE | RNF_ROOT)) == 0, 577 ("unexpected flags 0x%x", rn->rn_flags)); 578 KASSERT(rt == (struct rtentry *)rn, 579 ("lookup mismatch, rt %p rn %p", rt, rn)); 580 581 rt->rt_flags &= ~RTF_UP; 582 583 /* 584 * Now search what's left of the subtree for any cloned 585 * routes which might have been formed from this node. 586 */ 587 if ((rt->rt_flags & RTF_CLONING) && rt_mask(rt)) 588 rnh->rnh_walktree_from(rnh, rt_key(rt), rt_mask(rt), 589 rt_fixdelete, rt); 590 591 /* 592 * Remove any external references we may have. 593 * This might result in another rtentry being freed if 594 * we held its last reference. 595 */ 596 if (rt->rt_gwroute) { 597 struct rtentry *gwrt = rt->rt_gwroute; 598 RTFREE(gwrt); 599 rt->rt_gwroute = 0; 600 } 601 602 /* 603 * Give the protocol a chance to keep things in sync. 604 */ 605 if ((ifa = rt->rt_ifa) && ifa->ifa_rtrequest) { 606 struct rt_addrinfo info; 607 608 bzero((caddr_t)&info, sizeof(info)); 609 info.rti_flags = rt->rt_flags; 610 info.rti_info[RTAX_DST] = rt_key(rt); 611 info.rti_info[RTAX_GATEWAY] = rt->rt_gateway; 612 info.rti_info[RTAX_NETMASK] = rt_mask(rt); 613 ifa->ifa_rtrequest(RTM_DELETE, rt, &info); 614 } 615 616 /* 617 * one more rtentry floating around that is not 618 * linked to the routing table. 619 */ 620 rttrash++; 621 bad: 622 RADIX_NODE_HEAD_UNLOCK(rnh); 623 return (error); 624 } 625 626 int 627 rtrequest1(int req, struct rt_addrinfo *info, struct rtentry **ret_nrt) 628 { 629 int error = 0; 630 register struct rtentry *rt; 631 register struct radix_node *rn; 632 register struct radix_node_head *rnh; 633 struct ifaddr *ifa; 634 struct sockaddr *ndst; 635 #define senderr(x) { error = x ; goto bad; } 636 637 /* 638 * Find the correct routing tree to use for this Address Family 639 */ 640 rnh = rt_tables[dst->sa_family]; 641 if (rnh == 0) 642 return (EAFNOSUPPORT); 643 RADIX_NODE_HEAD_LOCK(rnh); 644 /* 645 * If we are adding a host route then we don't want to put 646 * a netmask in the tree, nor do we want to clone it. 647 */ 648 if (flags & RTF_HOST) { 649 netmask = 0; 650 flags &= ~RTF_CLONING; 651 } 652 switch (req) { 653 case RTM_DELETE: 654 /* 655 * Remove the item from the tree and return it. 656 * Complain if it is not there and do no more processing. 657 */ 658 rn = rnh->rnh_deladdr(dst, netmask, rnh); 659 if (rn == 0) 660 senderr(ESRCH); 661 if (rn->rn_flags & (RNF_ACTIVE | RNF_ROOT)) 662 panic ("rtrequest delete"); 663 rt = (struct rtentry *)rn; 664 RT_LOCK(rt); 665 RT_ADDREF(rt); 666 rt->rt_flags &= ~RTF_UP; 667 668 /* 669 * Now search what's left of the subtree for any cloned 670 * routes which might have been formed from this node. 671 */ 672 if ((rt->rt_flags & RTF_CLONING) && 673 rt_mask(rt)) { 674 rnh->rnh_walktree_from(rnh, dst, rt_mask(rt), 675 rt_fixdelete, rt); 676 } 677 678 /* 679 * Remove any external references we may have. 680 * This might result in another rtentry being freed if 681 * we held its last reference. 682 */ 683 if (rt->rt_gwroute) { 684 struct rtentry *gwrt = rt->rt_gwroute; 685 RTFREE(gwrt); 686 rt->rt_gwroute = 0; 687 } 688 689 /* 690 * give the protocol a chance to keep things in sync. 691 */ 692 if ((ifa = rt->rt_ifa) && ifa->ifa_rtrequest) 693 ifa->ifa_rtrequest(RTM_DELETE, rt, info); 694 695 /* 696 * one more rtentry floating around that is not 697 * linked to the routing table. 698 */ 699 rttrash++; 700 701 /* 702 * If the caller wants it, then it can have it, 703 * but it's up to it to free the rtentry as we won't be 704 * doing it. 705 */ 706 if (ret_nrt) { 707 *ret_nrt = rt; 708 RT_UNLOCK(rt); 709 } else 710 RTFREE_LOCKED(rt); 711 break; 712 713 case RTM_RESOLVE: 714 if (ret_nrt == 0 || (rt = *ret_nrt) == 0) 715 senderr(EINVAL); 716 ifa = rt->rt_ifa; 717 /* XXX locking? */ 718 flags = rt->rt_flags & 719 ~(RTF_CLONING | RTF_STATIC); 720 flags |= RTF_WASCLONED; 721 gateway = rt->rt_gateway; 722 if ((netmask = rt->rt_genmask) == 0) 723 flags |= RTF_HOST; 724 goto makeroute; 725 726 case RTM_ADD: 727 if ((flags & RTF_GATEWAY) && !gateway) 728 panic("rtrequest: GATEWAY but no gateway"); 729 730 if (info->rti_ifa == NULL && (error = rt_getifa(info))) 731 senderr(error); 732 ifa = info->rti_ifa; 733 734 makeroute: 735 R_Zalloc(rt, struct rtentry *, sizeof(*rt)); 736 if (rt == 0) 737 senderr(ENOBUFS); 738 RT_LOCK_INIT(rt); 739 rt->rt_flags = RTF_UP | flags; 740 /* 741 * Add the gateway. Possibly re-malloc-ing the storage for it 742 * also add the rt_gwroute if possible. 743 */ 744 RT_LOCK(rt); 745 if ((error = rt_setgate(rt, dst, gateway)) != 0) { 746 RT_LOCK_DESTROY(rt); 747 Free(rt); 748 senderr(error); 749 } 750 751 /* 752 * point to the (possibly newly malloc'd) dest address. 753 */ 754 ndst = (struct sockaddr *)rt_key(rt); 755 756 /* 757 * make sure it contains the value we want (masked if needed). 758 */ 759 if (netmask) { 760 rt_maskedcopy(dst, ndst, netmask); 761 } else 762 Bcopy(dst, ndst, dst->sa_len); 763 764 /* 765 * Note that we now have a reference to the ifa. 766 * This moved from below so that rnh->rnh_addaddr() can 767 * examine the ifa and ifa->ifa_ifp if it so desires. 768 */ 769 IFAREF(ifa); 770 rt->rt_ifa = ifa; 771 rt->rt_ifp = ifa->ifa_ifp; 772 773 /* XXX mtu manipulation will be done in rnh_addaddr -- itojun */ 774 rn = rnh->rnh_addaddr(ndst, netmask, rnh, rt->rt_nodes); 775 if (rn == 0) { 776 struct rtentry *rt2; 777 /* 778 * Uh-oh, we already have one of these in the tree. 779 * We do a special hack: if the route that's already 780 * there was generated by the cloning mechanism 781 * then we just blow it away and retry the insertion 782 * of the new one. 783 */ 784 rt2 = rtalloc1(dst, 0, 0); 785 if (rt2 && rt2->rt_parent) { 786 rtexpunge(rt2); 787 RT_UNLOCK(rt2); 788 rn = rnh->rnh_addaddr(ndst, netmask, 789 rnh, rt->rt_nodes); 790 } else if (rt2) { 791 /* undo the extra ref we got */ 792 RTFREE_LOCKED(rt2); 793 } 794 } 795 796 /* 797 * If it still failed to go into the tree, 798 * then un-make it (this should be a function) 799 */ 800 if (rn == 0) { 801 if (rt->rt_gwroute) 802 RTFREE(rt->rt_gwroute); 803 if (rt->rt_ifa) 804 IFAFREE(rt->rt_ifa); 805 Free(rt_key(rt)); 806 RT_LOCK_DESTROY(rt); 807 Free(rt); 808 senderr(EEXIST); 809 } 810 811 rt->rt_parent = 0; 812 813 /* 814 * If we got here from RESOLVE, then we are cloning 815 * so clone the rest, and note that we 816 * are a clone (and increment the parent's references) 817 */ 818 if (req == RTM_RESOLVE) { 819 KASSERT(ret_nrt && *ret_nrt, 820 ("no route to clone from")); 821 rt->rt_rmx = (*ret_nrt)->rt_rmx; /* copy metrics */ 822 rt->rt_rmx.rmx_pksent = 0; /* reset packet counter */ 823 if ((*ret_nrt)->rt_flags & RTF_CLONING) { 824 /* 825 * NB: We do not bump the refcnt on the parent 826 * entry under the assumption that it will 827 * remain so long as we do. This is 828 * important when deleting the parent route 829 * as this operation requires traversing 830 * the tree to delete all clones and futzing 831 * with refcnts requires us to double-lock 832 * parent through this back reference. 833 */ 834 rt->rt_parent = *ret_nrt; 835 } 836 } 837 838 /* 839 * if this protocol has something to add to this then 840 * allow it to do that as well. 841 */ 842 if (ifa->ifa_rtrequest) 843 ifa->ifa_rtrequest(req, rt, info); 844 845 /* 846 * We repeat the same procedure from rt_setgate() here because 847 * it doesn't fire when we call it there because the node 848 * hasn't been added to the tree yet. 849 */ 850 if (req == RTM_ADD && 851 !(rt->rt_flags & RTF_HOST) && rt_mask(rt) != 0) { 852 struct rtfc_arg arg; 853 arg.rnh = rnh; 854 arg.rt0 = rt; 855 rnh->rnh_walktree_from(rnh, rt_key(rt), rt_mask(rt), 856 rt_fixchange, &arg); 857 } 858 859 /* 860 * actually return a resultant rtentry and 861 * give the caller a single reference. 862 */ 863 if (ret_nrt) { 864 *ret_nrt = rt; 865 RT_ADDREF(rt); 866 } 867 RT_UNLOCK(rt); 868 break; 869 default: 870 error = EOPNOTSUPP; 871 } 872 bad: 873 RADIX_NODE_HEAD_UNLOCK(rnh); 874 return (error); 875 #undef senderr 876 } 877 878 #undef dst 879 #undef gateway 880 #undef netmask 881 #undef ifaaddr 882 #undef ifpaddr 883 #undef flags 884 885 /* 886 * Called from rtrequest(RTM_DELETE, ...) to fix up the route's ``family'' 887 * (i.e., the routes related to it by the operation of cloning). This 888 * routine is iterated over all potential former-child-routes by way of 889 * rnh->rnh_walktree_from() above, and those that actually are children of 890 * the late parent (passed in as VP here) are themselves deleted. 891 */ 892 static int 893 rt_fixdelete(struct radix_node *rn, void *vp) 894 { 895 struct rtentry *rt = (struct rtentry *)rn; 896 struct rtentry *rt0 = vp; 897 898 if (rt->rt_parent == rt0 && 899 !(rt->rt_flags & (RTF_PINNED | RTF_CLONING))) { 900 return rtrequest(RTM_DELETE, rt_key(rt), 901 (struct sockaddr *)0, rt_mask(rt), 902 rt->rt_flags, (struct rtentry **)0); 903 } 904 return 0; 905 } 906 907 /* 908 * This routine is called from rt_setgate() to do the analogous thing for 909 * adds and changes. There is the added complication in this case of a 910 * middle insert; i.e., insertion of a new network route between an older 911 * network route and (cloned) host routes. For this reason, a simple check 912 * of rt->rt_parent is insufficient; each candidate route must be tested 913 * against the (mask, value) of the new route (passed as before in vp) 914 * to see if the new route matches it. 915 * 916 * XXX - it may be possible to do fixdelete() for changes and reserve this 917 * routine just for adds. I'm not sure why I thought it was necessary to do 918 * changes this way. 919 */ 920 #ifdef DEBUG 921 static int rtfcdebug = 0; 922 #endif 923 924 static int 925 rt_fixchange(struct radix_node *rn, void *vp) 926 { 927 struct rtentry *rt = (struct rtentry *)rn; 928 struct rtfc_arg *ap = vp; 929 struct rtentry *rt0 = ap->rt0; 930 struct radix_node_head *rnh = ap->rnh; 931 u_char *xk1, *xm1, *xk2, *xmp; 932 int i, len, mlen; 933 934 #ifdef DEBUG 935 if (rtfcdebug) 936 printf("rt_fixchange: rt %p, rt0 %p\n", rt, rt0); 937 #endif 938 939 if (!rt->rt_parent || 940 (rt->rt_flags & (RTF_PINNED | RTF_CLONING))) { 941 #ifdef DEBUG 942 if(rtfcdebug) printf("no parent, pinned or cloning\n"); 943 #endif 944 return 0; 945 } 946 947 if (rt->rt_parent == rt0) { 948 #ifdef DEBUG 949 if(rtfcdebug) printf("parent match\n"); 950 #endif 951 return rtrequest(RTM_DELETE, rt_key(rt), 952 (struct sockaddr *)0, rt_mask(rt), 953 rt->rt_flags, (struct rtentry **)0); 954 } 955 956 /* 957 * There probably is a function somewhere which does this... 958 * if not, there should be. 959 */ 960 len = imin(rt_key(rt0)->sa_len, rt_key(rt)->sa_len); 961 962 xk1 = (u_char *)rt_key(rt0); 963 xm1 = (u_char *)rt_mask(rt0); 964 xk2 = (u_char *)rt_key(rt); 965 966 /* avoid applying a less specific route */ 967 xmp = (u_char *)rt_mask(rt->rt_parent); 968 mlen = rt_key(rt->rt_parent)->sa_len; 969 if (mlen > rt_key(rt0)->sa_len) { 970 #ifdef DEBUG 971 if (rtfcdebug) 972 printf("rt_fixchange: inserting a less " 973 "specific route\n"); 974 #endif 975 return 0; 976 } 977 for (i = rnh->rnh_treetop->rn_offset; i < mlen; i++) { 978 if ((xmp[i] & ~(xmp[i] ^ xm1[i])) != xmp[i]) { 979 #ifdef DEBUG 980 if (rtfcdebug) 981 printf("rt_fixchange: inserting a less " 982 "specific route\n"); 983 #endif 984 return 0; 985 } 986 } 987 988 for (i = rnh->rnh_treetop->rn_offset; i < len; i++) { 989 if ((xk2[i] & xm1[i]) != xk1[i]) { 990 #ifdef DEBUG 991 if(rtfcdebug) printf("no match\n"); 992 #endif 993 return 0; 994 } 995 } 996 997 /* 998 * OK, this node is a clone, and matches the node currently being 999 * changed/added under the node's mask. So, get rid of it. 1000 */ 1001 #ifdef DEBUG 1002 if(rtfcdebug) printf("deleting\n"); 1003 #endif 1004 return rtrequest(RTM_DELETE, rt_key(rt), (struct sockaddr *)0, 1005 rt_mask(rt), rt->rt_flags, (struct rtentry **)0); 1006 } 1007 1008 #define ROUNDUP(a) (a>0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long)) 1009 1010 int 1011 rt_setgate(struct rtentry *rt, struct sockaddr *dst, struct sockaddr *gate) 1012 { 1013 /* XXX dst may be overwritten, can we move this to below */ 1014 struct radix_node_head *rnh = rt_tables[dst->sa_family]; 1015 caddr_t new, old; 1016 int dlen = ROUNDUP(dst->sa_len), glen = ROUNDUP(gate->sa_len); 1017 1018 RT_LOCK_ASSERT(rt); 1019 1020 /* 1021 * A host route with the destination equal to the gateway 1022 * will interfere with keeping LLINFO in the routing 1023 * table, so disallow it. 1024 */ 1025 if (((rt->rt_flags & (RTF_HOST|RTF_GATEWAY|RTF_LLINFO)) == 1026 (RTF_HOST|RTF_GATEWAY)) && 1027 dst->sa_len == gate->sa_len && 1028 bcmp(dst, gate, dst->sa_len) == 0) { 1029 /* 1030 * The route might already exist if this is an RTM_CHANGE 1031 * or a routing redirect, so try to delete it. 1032 */ 1033 if (rt_key(rt)) 1034 rtexpunge(rt); 1035 return EADDRNOTAVAIL; 1036 } 1037 1038 /* 1039 * Both dst and gateway are stored in the same malloc'd chunk 1040 * (If I ever get my hands on....) 1041 * if we need to malloc a new chunk, then keep the old one around 1042 * till we don't need it any more. 1043 */ 1044 if (rt->rt_gateway == 0 || glen > ROUNDUP(rt->rt_gateway->sa_len)) { 1045 old = (caddr_t)rt_key(rt); 1046 R_Malloc(new, caddr_t, dlen + glen); 1047 if (new == 0) 1048 return ENOBUFS; 1049 rt_key(rt) = new; 1050 } else { 1051 /* 1052 * otherwise just overwrite the old one 1053 */ 1054 new = (caddr_t)rt_key(rt); 1055 old = 0; 1056 } 1057 1058 /* 1059 * copy the new gateway value into the memory chunk 1060 */ 1061 Bcopy(gate, (rt->rt_gateway = (struct sockaddr *)(new + dlen)), glen); 1062 1063 /* 1064 * if we are replacing the chunk (or it's new) we need to 1065 * replace the dst as well 1066 */ 1067 if (old) { 1068 Bcopy(dst, new, dlen); 1069 Free(old); 1070 old = 0; 1071 } 1072 1073 /* 1074 * If there is already a gwroute, it's now almost definitly wrong 1075 * so drop it. 1076 */ 1077 if (rt->rt_gwroute != NULL) { 1078 RTFREE(rt->rt_gwroute); 1079 rt->rt_gwroute = NULL; 1080 } 1081 /* 1082 * Cloning loop avoidance: 1083 * In the presence of protocol-cloning and bad configuration, 1084 * it is possible to get stuck in bottomless mutual recursion 1085 * (rtrequest rt_setgate rtalloc1). We avoid this by not allowing 1086 * protocol-cloning to operate for gateways (which is probably the 1087 * correct choice anyway), and avoid the resulting reference loops 1088 * by disallowing any route to run through itself as a gateway. 1089 * This is obviously mandatory when we get rt->rt_output(). 1090 * XXX: After removal of PRCLONING this is probably not needed anymore. 1091 */ 1092 if (rt->rt_flags & RTF_GATEWAY) { 1093 struct rtentry *gwrt; 1094 1095 RT_UNLOCK(rt); /* XXX workaround LOR */ 1096 gwrt = rtalloc1(gate, 1, 0); 1097 RT_LOCK(rt); 1098 rt->rt_gwroute = gwrt; 1099 if (rt->rt_gwroute == rt) { 1100 RTFREE_LOCKED(rt->rt_gwroute); 1101 rt->rt_gwroute = 0; 1102 return EDQUOT; /* failure */ 1103 } 1104 if (rt->rt_gwroute != NULL) 1105 RT_UNLOCK(rt->rt_gwroute); 1106 } 1107 1108 /* 1109 * This isn't going to do anything useful for host routes, so 1110 * don't bother. Also make sure we have a reasonable mask 1111 * (we don't yet have one during adds). 1112 */ 1113 if (!(rt->rt_flags & RTF_HOST) && rt_mask(rt) != 0) { 1114 struct rtfc_arg arg; 1115 1116 arg.rnh = rnh; 1117 arg.rt0 = rt; 1118 RT_UNLOCK(rt); /* XXX workaround LOR */ 1119 RADIX_NODE_HEAD_LOCK(rnh); 1120 RT_LOCK(rt); 1121 rnh->rnh_walktree_from(rnh, rt_key(rt), rt_mask(rt), 1122 rt_fixchange, &arg); 1123 RADIX_NODE_HEAD_UNLOCK(rnh); 1124 } 1125 1126 return 0; 1127 } 1128 1129 static void 1130 rt_maskedcopy(struct sockaddr *src, struct sockaddr *dst, struct sockaddr *netmask) 1131 { 1132 register u_char *cp1 = (u_char *)src; 1133 register u_char *cp2 = (u_char *)dst; 1134 register u_char *cp3 = (u_char *)netmask; 1135 u_char *cplim = cp2 + *cp3; 1136 u_char *cplim2 = cp2 + *cp1; 1137 1138 *cp2++ = *cp1++; *cp2++ = *cp1++; /* copies sa_len & sa_family */ 1139 cp3 += 2; 1140 if (cplim > cplim2) 1141 cplim = cplim2; 1142 while (cp2 < cplim) 1143 *cp2++ = *cp1++ & *cp3++; 1144 if (cp2 < cplim2) 1145 bzero((caddr_t)cp2, (unsigned)(cplim2 - cp2)); 1146 } 1147 1148 /* 1149 * Set up a routing table entry, normally 1150 * for an interface. 1151 */ 1152 int 1153 rtinit(struct ifaddr *ifa, int cmd, int flags) 1154 { 1155 register struct rtentry *rt; 1156 register struct sockaddr *dst; 1157 register struct sockaddr *deldst; 1158 struct sockaddr *netmask; 1159 struct mbuf *m = 0; 1160 struct rtentry *nrt = 0; 1161 struct radix_node_head *rnh; 1162 struct radix_node *rn; 1163 int error; 1164 struct rt_addrinfo info; 1165 1166 if (flags & RTF_HOST) { 1167 dst = ifa->ifa_dstaddr; 1168 netmask = NULL; 1169 } else { 1170 dst = ifa->ifa_addr; 1171 netmask = ifa->ifa_netmask; 1172 } 1173 /* 1174 * If it's a delete, check that if it exists, it's on the correct 1175 * interface or we might scrub a route to another ifa which would 1176 * be confusing at best and possibly worse. 1177 */ 1178 if (cmd == RTM_DELETE) { 1179 /* 1180 * It's a delete, so it should already exist.. 1181 * If it's a net, mask off the host bits 1182 * (Assuming we have a mask) 1183 */ 1184 if (netmask != NULL) { 1185 m = m_get(M_DONTWAIT, MT_SONAME); 1186 if (m == NULL) 1187 return(ENOBUFS); 1188 deldst = mtod(m, struct sockaddr *); 1189 rt_maskedcopy(dst, deldst, netmask); 1190 dst = deldst; 1191 } 1192 /* 1193 * Look up an rtentry that is in the routing tree and 1194 * contains the correct info. 1195 */ 1196 if ((rnh = rt_tables[dst->sa_family]) == NULL) 1197 goto bad; 1198 RADIX_NODE_HEAD_LOCK(rnh); 1199 error = ((rn = rnh->rnh_lookup(dst, netmask, rnh)) == NULL || 1200 (rn->rn_flags & RNF_ROOT) || 1201 ((struct rtentry *)rn)->rt_ifa != ifa || 1202 !sa_equal(SA(rn->rn_key), dst)); 1203 RADIX_NODE_HEAD_UNLOCK(rnh); 1204 if (error) { 1205 bad: 1206 if (m) 1207 (void) m_free(m); 1208 return (flags & RTF_HOST ? EHOSTUNREACH : ENETUNREACH); 1209 } 1210 } 1211 /* 1212 * Do the actual request 1213 */ 1214 bzero((caddr_t)&info, sizeof(info)); 1215 info.rti_ifa = ifa; 1216 info.rti_flags = flags | ifa->ifa_flags; 1217 info.rti_info[RTAX_DST] = dst; 1218 info.rti_info[RTAX_GATEWAY] = ifa->ifa_addr; 1219 info.rti_info[RTAX_NETMASK] = netmask; 1220 error = rtrequest1(cmd, &info, &nrt); 1221 if (error == 0 && (rt = nrt) != NULL) { 1222 /* 1223 * notify any listening routing agents of the change 1224 */ 1225 RT_LOCK(rt); 1226 rt_newaddrmsg(cmd, ifa, error, rt); 1227 if (cmd == RTM_DELETE) { 1228 /* 1229 * If we are deleting, and we found an entry, then 1230 * it's been removed from the tree.. now throw it away. 1231 */ 1232 RTFREE_LOCKED(rt); 1233 } else { 1234 if (cmd == RTM_ADD) { 1235 /* 1236 * We just wanted to add it.. we don't actually 1237 * need a reference. 1238 */ 1239 RT_REMREF(rt); 1240 } 1241 RT_UNLOCK(rt); 1242 } 1243 } 1244 if (m) 1245 (void) m_free(m); 1246 return (error); 1247 } 1248 1249 /* 1250 * Validate the route rt0 to the specified destination. If the 1251 * route is marked down try to find a new route. If the route 1252 * to the gateway is gone, try to setup a new route. Otherwise, 1253 * if the route is marked for packets to be rejected, enforce that. 1254 * 1255 * On return lrt contains the route to the destination and lrt0 1256 * contains the route to the next hop. Their values are meaningul 1257 * ONLY if no error is returned. 1258 * 1259 * This routine is invoked on each layer 2 output path, prior to 1260 * encapsulating outbound packets. 1261 */ 1262 int 1263 rt_check(struct rtentry **lrt, struct rtentry **lrt0, struct sockaddr *dst) 1264 { 1265 #define senderr(x) { error = x ; goto bad; } 1266 struct rtentry *rt; 1267 struct rtentry *rt0; 1268 int error; 1269 1270 rt0 = *lrt0; 1271 rt = rt0; 1272 if (rt) { 1273 /* NB: the locking here is tortuous... */ 1274 RT_LOCK(rt); 1275 if ((rt->rt_flags & RTF_UP) == 0) { 1276 RT_UNLOCK(rt); 1277 rt = rtalloc1(dst, 1, 0UL); 1278 if (rt != NULL) { 1279 RT_REMREF(rt); 1280 /* XXX what about if change? */ 1281 } else 1282 senderr(EHOSTUNREACH); 1283 rt0 = rt; 1284 } 1285 /* XXX BSD/OS checks dst->sa_family != AF_NS */ 1286 if (rt->rt_flags & RTF_GATEWAY) { 1287 if (rt->rt_gwroute == 0) 1288 goto lookup; 1289 rt = rt->rt_gwroute; 1290 RT_LOCK(rt); /* NB: gwroute */ 1291 if ((rt->rt_flags & RTF_UP) == 0) { 1292 rtfree(rt); /* unlock gwroute */ 1293 rt = rt0; 1294 lookup: 1295 RT_UNLOCK(rt0); 1296 rt = rtalloc1(rt->rt_gateway, 1, 0UL); 1297 RT_LOCK(rt0); 1298 rt0->rt_gwroute = rt; 1299 if (rt == 0) { 1300 RT_UNLOCK(rt0); 1301 senderr(EHOSTUNREACH); 1302 } 1303 } 1304 RT_UNLOCK(rt0); 1305 } 1306 /* XXX why are we inspecting rmx_expire? */ 1307 error = (rt->rt_flags & RTF_REJECT) && 1308 (rt->rt_rmx.rmx_expire == 0 || 1309 time_second < rt->rt_rmx.rmx_expire); 1310 RT_UNLOCK(rt); 1311 if (error) 1312 senderr(rt == rt0 ? EHOSTDOWN : EHOSTUNREACH); 1313 } 1314 *lrt = rt; /* NB: return unlocked */ 1315 *lrt0 = rt0; 1316 return (0); 1317 bad: 1318 /* NB: lrt and lrt0 should not be interpreted if error is non-zero */ 1319 return (error); 1320 #undef senderr 1321 } 1322 1323 /* This must be before ip6_init2(), which is now SI_ORDER_MIDDLE */ 1324 SYSINIT(route, SI_SUB_PROTO_DOMAIN, SI_ORDER_THIRD, route_init, 0); 1325