1 /*- 2 * Copyright (c) 2015 3 * Alexander V. Chernikov <melifaro@FreeBSD.org> 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #include <sys/cdefs.h> 31 __FBSDID("$FreeBSD$"); 32 33 #include "opt_inet.h" 34 #include "opt_route.h" 35 #include "opt_mpath.h" 36 37 #include <sys/param.h> 38 #include <sys/systm.h> 39 #include <sys/lock.h> 40 #include <sys/rmlock.h> 41 #include <sys/malloc.h> 42 #include <sys/mbuf.h> 43 #include <sys/socket.h> 44 #include <sys/sysctl.h> 45 #include <sys/kernel.h> 46 47 #include <net/if.h> 48 #include <net/if_var.h> 49 #include <net/if_dl.h> 50 #include <net/route.h> 51 #include <net/route/route_var.h> 52 #include <net/route/nhop.h> 53 #include <net/route/shared.h> 54 #include <net/vnet.h> 55 56 #ifdef RADIX_MPATH 57 #include <net/radix_mpath.h> 58 #endif 59 60 #include <netinet/in.h> 61 #include <netinet/in_var.h> 62 #include <netinet/in_fib.h> 63 64 #ifdef INET 65 66 /* Verify struct route compatiblity */ 67 /* Assert 'struct route_in' is compatible with 'struct route' */ 68 CHK_STRUCT_ROUTE_COMPAT(struct route_in, ro_dst4); 69 static void fib4_rte_to_nh_basic(struct nhop_object *nh, struct in_addr dst, 70 uint32_t flags, struct nhop4_basic *pnh4); 71 static void fib4_rte_to_nh_extended(struct nhop_object *nh, struct in_addr dst, 72 uint32_t flags, struct nhop4_extended *pnh4); 73 74 75 static void 76 fib4_rte_to_nh_basic(struct nhop_object *nh, struct in_addr dst, 77 uint32_t flags, struct nhop4_basic *pnh4) 78 { 79 80 if ((flags & NHR_IFAIF) != 0) 81 pnh4->nh_ifp = nh->nh_ifa->ifa_ifp; 82 else 83 pnh4->nh_ifp = nh->nh_ifp; 84 pnh4->nh_mtu = nh->nh_mtu; 85 if (nh->nh_flags & NHF_GATEWAY) 86 pnh4->nh_addr = nh->gw4_sa.sin_addr; 87 else 88 pnh4->nh_addr = dst; 89 /* Set flags */ 90 pnh4->nh_flags = nh->nh_flags; 91 /* TODO: Handle RTF_BROADCAST here */ 92 } 93 94 static void 95 fib4_rte_to_nh_extended(struct nhop_object *nh, struct in_addr dst, 96 uint32_t flags, struct nhop4_extended *pnh4) 97 { 98 99 if ((flags & NHR_IFAIF) != 0) 100 pnh4->nh_ifp = nh->nh_ifa->ifa_ifp; 101 else 102 pnh4->nh_ifp = nh->nh_ifp; 103 pnh4->nh_mtu = nh->nh_mtu; 104 if (nh->nh_flags & NHF_GATEWAY) 105 pnh4->nh_addr = nh->gw4_sa.sin_addr; 106 else 107 pnh4->nh_addr = dst; 108 /* Set flags */ 109 pnh4->nh_flags = nh->nh_flags; 110 pnh4->nh_ia = ifatoia(nh->nh_ifa); 111 pnh4->nh_src = IA_SIN(pnh4->nh_ia)->sin_addr; 112 } 113 114 /* 115 * Performs IPv4 route table lookup on @dst. Returns 0 on success. 116 * Stores nexthop info provided @pnh4 structure. 117 * Note that 118 * - nh_ifp cannot be safely dereferenced 119 * - nh_ifp represents logical transmit interface (rt_ifp) (e.g. if 120 * looking up address on interface "ix0" pointer to "lo0" interface 121 * will be returned instead of "ix0") 122 * - nh_ifp represents "address" interface if NHR_IFAIF flag is passed 123 * - howewer mtu from "transmit" interface will be returned. 124 */ 125 int 126 fib4_lookup_nh_basic(uint32_t fibnum, struct in_addr dst, uint32_t flags, 127 uint32_t flowid, struct nhop4_basic *pnh4) 128 { 129 RIB_RLOCK_TRACKER; 130 struct rib_head *rh; 131 struct radix_node *rn; 132 struct sockaddr_in sin; 133 struct nhop_object *nh; 134 135 KASSERT((fibnum < rt_numfibs), ("fib4_lookup_nh_basic: bad fibnum")); 136 rh = rt_tables_get_rnh(fibnum, AF_INET); 137 if (rh == NULL) 138 return (ENOENT); 139 140 /* Prepare lookup key */ 141 memset(&sin, 0, sizeof(sin)); 142 sin.sin_len = sizeof(struct sockaddr_in); 143 sin.sin_addr = dst; 144 145 RIB_RLOCK(rh); 146 rn = rh->rnh_matchaddr((void *)&sin, &rh->head); 147 if (rn != NULL && ((rn->rn_flags & RNF_ROOT) == 0)) { 148 nh = RNTORT(rn)->rt_nhop; 149 /* Ensure route & ifp is UP */ 150 if (RT_LINK_IS_UP(nh->nh_ifp)) { 151 fib4_rte_to_nh_basic(nh, dst, flags, pnh4); 152 RIB_RUNLOCK(rh); 153 154 return (0); 155 } 156 } 157 RIB_RUNLOCK(rh); 158 159 return (ENOENT); 160 } 161 162 /* 163 * Performs IPv4 route table lookup on @dst. Returns 0 on success. 164 * Stores extende nexthop info provided @pnh4 structure. 165 * Note that 166 * - nh_ifp cannot be safely dereferenced unless NHR_REF is specified. 167 * - in that case you need to call fib4_free_nh_ext() 168 * - nh_ifp represents logical transmit interface (rt_ifp) (e.g. if 169 * looking up address of interface "ix0" pointer to "lo0" interface 170 * will be returned instead of "ix0") 171 * - nh_ifp represents "address" interface if NHR_IFAIF flag is passed 172 * - howewer mtu from "transmit" interface will be returned. 173 */ 174 int 175 fib4_lookup_nh_ext(uint32_t fibnum, struct in_addr dst, uint32_t flags, 176 uint32_t flowid, struct nhop4_extended *pnh4) 177 { 178 RIB_RLOCK_TRACKER; 179 struct rib_head *rh; 180 struct radix_node *rn; 181 struct sockaddr_in sin; 182 struct rtentry *rte; 183 struct nhop_object *nh; 184 185 KASSERT((fibnum < rt_numfibs), ("fib4_lookup_nh_ext: bad fibnum")); 186 rh = rt_tables_get_rnh(fibnum, AF_INET); 187 if (rh == NULL) 188 return (ENOENT); 189 190 /* Prepare lookup key */ 191 memset(&sin, 0, sizeof(sin)); 192 sin.sin_len = sizeof(struct sockaddr_in); 193 sin.sin_addr = dst; 194 195 RIB_RLOCK(rh); 196 rn = rh->rnh_matchaddr((void *)&sin, &rh->head); 197 if (rn != NULL && ((rn->rn_flags & RNF_ROOT) == 0)) { 198 rte = RNTORT(rn); 199 #ifdef RADIX_MPATH 200 rte = rt_mpath_select(rte, flowid); 201 if (rte == NULL) { 202 RIB_RUNLOCK(rh); 203 return (ENOENT); 204 } 205 #endif 206 nh = rte->rt_nhop; 207 /* Ensure route & ifp is UP */ 208 if (RT_LINK_IS_UP(nh->nh_ifp)) { 209 fib4_rte_to_nh_extended(nh, dst, flags, pnh4); 210 if ((flags & NHR_REF) != 0) { 211 /* TODO: lwref on egress ifp's ? */ 212 } 213 RIB_RUNLOCK(rh); 214 215 return (0); 216 } 217 } 218 RIB_RUNLOCK(rh); 219 220 return (ENOENT); 221 } 222 223 void 224 fib4_free_nh_ext(uint32_t fibnum, struct nhop4_extended *pnh4) 225 { 226 227 } 228 229 /* 230 * Looks up path in fib @fibnum specified by @dst. 231 * Returns path nexthop on success. Nexthop is safe to use 232 * within the current network epoch. If longer lifetime is required, 233 * one needs to pass NHR_REF as a flag. This will return referenced 234 * nexthop. 235 */ 236 struct nhop_object * 237 fib4_lookup(uint32_t fibnum, struct in_addr dst, uint32_t scopeid, 238 uint32_t flags, uint32_t flowid) 239 { 240 RIB_RLOCK_TRACKER; 241 struct rib_head *rh; 242 struct radix_node *rn; 243 struct rtentry *rt; 244 struct nhop_object *nh; 245 246 KASSERT((fibnum < rt_numfibs), ("fib4_lookup: bad fibnum")); 247 rh = rt_tables_get_rnh(fibnum, AF_INET); 248 if (rh == NULL) 249 return (NULL); 250 251 /* Prepare lookup key */ 252 struct sockaddr_in sin4; 253 memset(&sin4, 0, sizeof(sin4)); 254 sin4.sin_family = AF_INET; 255 sin4.sin_len = sizeof(struct sockaddr_in); 256 sin4.sin_addr = dst; 257 258 nh = NULL; 259 RIB_RLOCK(rh); 260 rn = rh->rnh_matchaddr((void *)&sin4, &rh->head); 261 if (rn != NULL && ((rn->rn_flags & RNF_ROOT) == 0)) { 262 rt = RNTORT(rn); 263 #ifdef RADIX_MPATH 264 if (rt_mpath_next(rt) != NULL) 265 rt = rt_mpath_selectrte(rt, flowid); 266 #endif 267 nh = rt->rt_nhop; 268 /* Ensure route & ifp is UP */ 269 if (RT_LINK_IS_UP(nh->nh_ifp)) { 270 if (flags & NHR_REF) 271 nhop_ref_object(nh); 272 RIB_RUNLOCK(rh); 273 return (nh); 274 } 275 } 276 RIB_RUNLOCK(rh); 277 278 RTSTAT_INC(rts_unreach); 279 return (NULL); 280 } 281 282 inline static int 283 check_urpf(const struct nhop_object *nh, uint32_t flags, 284 const struct ifnet *src_if) 285 { 286 287 if (src_if != NULL && nh->nh_aifp == src_if) { 288 return (1); 289 } 290 if (src_if == NULL) { 291 if ((flags & NHR_NODEFAULT) == 0) 292 return (1); 293 else if ((nh->nh_flags & NHF_DEFAULT) == 0) 294 return (1); 295 } 296 297 return (0); 298 } 299 300 #ifdef RADIX_MPATH 301 inline static int 302 check_urpf_mpath(struct rtentry *rt, uint32_t flags, 303 const struct ifnet *src_if) 304 { 305 306 while (rt != NULL) { 307 if (check_urpf(rt->rt_nhop, flags, src_if) != 0) 308 return (1); 309 rt = rt_mpath_next(rt); 310 } 311 312 return (0); 313 } 314 #endif 315 316 /* 317 * Performs reverse path forwarding lookup. 318 * If @src_if is non-zero, verifies that at least 1 path goes via 319 * this interface. 320 * If @src_if is zero, verifies that route exist. 321 * if @flags contains NHR_NOTDEFAULT, do not consider default route. 322 * 323 * Returns 1 if route matching conditions is found, 0 otherwise. 324 */ 325 int 326 fib4_check_urpf(uint32_t fibnum, struct in_addr dst, uint32_t scopeid, 327 uint32_t flags, const struct ifnet *src_if) 328 { 329 RIB_RLOCK_TRACKER; 330 struct rib_head *rh; 331 struct radix_node *rn; 332 struct rtentry *rt; 333 int ret; 334 335 KASSERT((fibnum < rt_numfibs), ("fib4_check_urpf: bad fibnum")); 336 rh = rt_tables_get_rnh(fibnum, AF_INET); 337 if (rh == NULL) 338 return (0); 339 340 /* Prepare lookup key */ 341 struct sockaddr_in sin4; 342 memset(&sin4, 0, sizeof(sin4)); 343 sin4.sin_len = sizeof(struct sockaddr_in); 344 sin4.sin_addr = dst; 345 346 RIB_RLOCK(rh); 347 rn = rh->rnh_matchaddr((void *)&sin4, &rh->head); 348 if (rn != NULL && ((rn->rn_flags & RNF_ROOT) == 0)) { 349 rt = RNTORT(rn); 350 #ifdef RADIX_MPATH 351 ret = check_urpf_mpath(rt, flags, src_if); 352 #else 353 ret = check_urpf(rt->rt_nhop, flags, src_if); 354 #endif 355 RIB_RUNLOCK(rh); 356 return (ret); 357 } 358 RIB_RUNLOCK(rh); 359 360 return (0); 361 } 362 363 struct nhop_object * 364 fib4_lookup_debugnet(uint32_t fibnum, struct in_addr dst, uint32_t scopeid, 365 uint32_t flags) 366 { 367 struct rib_head *rh; 368 struct radix_node *rn; 369 struct rtentry *rt; 370 struct nhop_object *nh; 371 372 KASSERT((fibnum < rt_numfibs), ("fib4_lookup_debugnet: bad fibnum")); 373 rh = rt_tables_get_rnh(fibnum, AF_INET); 374 if (rh == NULL) 375 return (NULL); 376 377 /* Prepare lookup key */ 378 struct sockaddr_in sin4; 379 memset(&sin4, 0, sizeof(sin4)); 380 sin4.sin_family = AF_INET; 381 sin4.sin_len = sizeof(struct sockaddr_in); 382 sin4.sin_addr = dst; 383 384 nh = NULL; 385 /* unlocked lookup */ 386 rn = rh->rnh_matchaddr((void *)&sin4, &rh->head); 387 if (rn != NULL && ((rn->rn_flags & RNF_ROOT) == 0)) { 388 rt = RNTORT(rn); 389 #ifdef RADIX_MPATH 390 if (rt_mpath_next(rt) != NULL) 391 rt = rt_mpath_selectrte(rt, 0); 392 #endif 393 nh = rt->rt_nhop; 394 /* Ensure route & ifp is UP */ 395 if (RT_LINK_IS_UP(nh->nh_ifp)) { 396 if (flags & NHR_REF) 397 nhop_ref_object(nh); 398 return (nh); 399 } 400 } 401 402 return (NULL); 403 } 404 405 #endif 406