1 /*- 2 * Copyright (c) 2015 3 * Alexander V. Chernikov <melifaro@FreeBSD.org> 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #include <sys/cdefs.h> 31 __FBSDID("$FreeBSD$"); 32 33 #include "opt_inet.h" 34 #include "opt_route.h" 35 #include "opt_mpath.h" 36 37 #include <sys/param.h> 38 #include <sys/systm.h> 39 #include <sys/lock.h> 40 #include <sys/rmlock.h> 41 #include <sys/malloc.h> 42 #include <sys/mbuf.h> 43 #include <sys/socket.h> 44 #include <sys/sysctl.h> 45 #include <sys/kernel.h> 46 47 #include <net/if.h> 48 #include <net/if_var.h> 49 #include <net/if_dl.h> 50 #include <net/route.h> 51 #include <net/route_var.h> 52 #include <net/route/nhop.h> 53 #include <net/route/shared.h> 54 #include <net/vnet.h> 55 56 #ifdef RADIX_MPATH 57 #include <net/radix_mpath.h> 58 #endif 59 60 #include <netinet/in.h> 61 #include <netinet/in_var.h> 62 #include <netinet/in_fib.h> 63 64 #ifdef INET 65 static void fib4_rte_to_nh_basic(struct nhop_object *nh, struct in_addr dst, 66 uint32_t flags, struct nhop4_basic *pnh4); 67 static void fib4_rte_to_nh_extended(struct nhop_object *nh, struct in_addr dst, 68 uint32_t flags, struct nhop4_extended *pnh4); 69 70 #define RNTORT(p) ((struct rtentry *)(p)) 71 72 static void 73 fib4_rte_to_nh_basic(struct nhop_object *nh, struct in_addr dst, 74 uint32_t flags, struct nhop4_basic *pnh4) 75 { 76 77 if ((flags & NHR_IFAIF) != 0) 78 pnh4->nh_ifp = nh->nh_ifa->ifa_ifp; 79 else 80 pnh4->nh_ifp = nh->nh_ifp; 81 pnh4->nh_mtu = nh->nh_mtu; 82 if (nh->nh_flags & NHF_GATEWAY) 83 pnh4->nh_addr = nh->gw4_sa.sin_addr; 84 else 85 pnh4->nh_addr = dst; 86 /* Set flags */ 87 pnh4->nh_flags = nh->nh_flags; 88 /* TODO: Handle RTF_BROADCAST here */ 89 } 90 91 static void 92 fib4_rte_to_nh_extended(struct nhop_object *nh, struct in_addr dst, 93 uint32_t flags, struct nhop4_extended *pnh4) 94 { 95 96 if ((flags & NHR_IFAIF) != 0) 97 pnh4->nh_ifp = nh->nh_ifa->ifa_ifp; 98 else 99 pnh4->nh_ifp = nh->nh_ifp; 100 pnh4->nh_mtu = nh->nh_mtu; 101 if (nh->nh_flags & NHF_GATEWAY) 102 pnh4->nh_addr = nh->gw4_sa.sin_addr; 103 else 104 pnh4->nh_addr = dst; 105 /* Set flags */ 106 pnh4->nh_flags = nh->nh_flags; 107 pnh4->nh_ia = ifatoia(nh->nh_ifa); 108 pnh4->nh_src = IA_SIN(pnh4->nh_ia)->sin_addr; 109 } 110 111 /* 112 * Performs IPv4 route table lookup on @dst. Returns 0 on success. 113 * Stores nexthop info provided @pnh4 structure. 114 * Note that 115 * - nh_ifp cannot be safely dereferenced 116 * - nh_ifp represents logical transmit interface (rt_ifp) (e.g. if 117 * looking up address on interface "ix0" pointer to "lo0" interface 118 * will be returned instead of "ix0") 119 * - nh_ifp represents "address" interface if NHR_IFAIF flag is passed 120 * - howewer mtu from "transmit" interface will be returned. 121 */ 122 int 123 fib4_lookup_nh_basic(uint32_t fibnum, struct in_addr dst, uint32_t flags, 124 uint32_t flowid, struct nhop4_basic *pnh4) 125 { 126 RIB_RLOCK_TRACKER; 127 struct rib_head *rh; 128 struct radix_node *rn; 129 struct sockaddr_in sin; 130 struct nhop_object *nh; 131 132 KASSERT((fibnum < rt_numfibs), ("fib4_lookup_nh_basic: bad fibnum")); 133 rh = rt_tables_get_rnh(fibnum, AF_INET); 134 if (rh == NULL) 135 return (ENOENT); 136 137 /* Prepare lookup key */ 138 memset(&sin, 0, sizeof(sin)); 139 sin.sin_len = sizeof(struct sockaddr_in); 140 sin.sin_addr = dst; 141 142 RIB_RLOCK(rh); 143 rn = rh->rnh_matchaddr((void *)&sin, &rh->head); 144 if (rn != NULL && ((rn->rn_flags & RNF_ROOT) == 0)) { 145 nh = RNTORT(rn)->rt_nhop; 146 /* Ensure route & ifp is UP */ 147 if (RT_LINK_IS_UP(nh->nh_ifp)) { 148 fib4_rte_to_nh_basic(nh, dst, flags, pnh4); 149 RIB_RUNLOCK(rh); 150 151 return (0); 152 } 153 } 154 RIB_RUNLOCK(rh); 155 156 return (ENOENT); 157 } 158 159 /* 160 * Performs IPv4 route table lookup on @dst. Returns 0 on success. 161 * Stores extende nexthop info provided @pnh4 structure. 162 * Note that 163 * - nh_ifp cannot be safely dereferenced unless NHR_REF is specified. 164 * - in that case you need to call fib4_free_nh_ext() 165 * - nh_ifp represents logical transmit interface (rt_ifp) (e.g. if 166 * looking up address of interface "ix0" pointer to "lo0" interface 167 * will be returned instead of "ix0") 168 * - nh_ifp represents "address" interface if NHR_IFAIF flag is passed 169 * - howewer mtu from "transmit" interface will be returned. 170 */ 171 int 172 fib4_lookup_nh_ext(uint32_t fibnum, struct in_addr dst, uint32_t flags, 173 uint32_t flowid, struct nhop4_extended *pnh4) 174 { 175 RIB_RLOCK_TRACKER; 176 struct rib_head *rh; 177 struct radix_node *rn; 178 struct sockaddr_in sin; 179 struct rtentry *rte; 180 struct nhop_object *nh; 181 182 KASSERT((fibnum < rt_numfibs), ("fib4_lookup_nh_ext: bad fibnum")); 183 rh = rt_tables_get_rnh(fibnum, AF_INET); 184 if (rh == NULL) 185 return (ENOENT); 186 187 /* Prepare lookup key */ 188 memset(&sin, 0, sizeof(sin)); 189 sin.sin_len = sizeof(struct sockaddr_in); 190 sin.sin_addr = dst; 191 192 RIB_RLOCK(rh); 193 rn = rh->rnh_matchaddr((void *)&sin, &rh->head); 194 if (rn != NULL && ((rn->rn_flags & RNF_ROOT) == 0)) { 195 rte = RNTORT(rn); 196 #ifdef RADIX_MPATH 197 rte = rt_mpath_select(rte, flowid); 198 if (rte == NULL) { 199 RIB_RUNLOCK(rh); 200 return (ENOENT); 201 } 202 #endif 203 nh = rte->rt_nhop; 204 /* Ensure route & ifp is UP */ 205 if (RT_LINK_IS_UP(nh->nh_ifp)) { 206 fib4_rte_to_nh_extended(nh, dst, flags, pnh4); 207 if ((flags & NHR_REF) != 0) { 208 /* TODO: lwref on egress ifp's ? */ 209 } 210 RIB_RUNLOCK(rh); 211 212 return (0); 213 } 214 } 215 RIB_RUNLOCK(rh); 216 217 return (ENOENT); 218 } 219 220 void 221 fib4_free_nh_ext(uint32_t fibnum, struct nhop4_extended *pnh4) 222 { 223 224 } 225 226 /* 227 * Looks up path in fib @fibnum specified by @dst. 228 * Returns path nexthop on success. Nexthop is safe to use 229 * within the current network epoch. If longer lifetime is required, 230 * one needs to pass NHR_REF as a flag. This will return referenced 231 * nexthop. 232 */ 233 struct nhop_object * 234 fib4_lookup(uint32_t fibnum, struct in_addr dst, uint32_t scopeid, 235 uint32_t flags, uint32_t flowid) 236 { 237 RIB_RLOCK_TRACKER; 238 struct rib_head *rh; 239 struct radix_node *rn; 240 struct rtentry *rt; 241 struct nhop_object *nh; 242 243 KASSERT((fibnum < rt_numfibs), ("fib4_lookup: bad fibnum")); 244 rh = rt_tables_get_rnh(fibnum, AF_INET); 245 if (rh == NULL) 246 return (NULL); 247 248 /* Prepare lookup key */ 249 struct sockaddr_in sin4; 250 memset(&sin4, 0, sizeof(sin4)); 251 sin4.sin_family = AF_INET; 252 sin4.sin_len = sizeof(struct sockaddr_in); 253 sin4.sin_addr = dst; 254 255 nh = NULL; 256 RIB_RLOCK(rh); 257 rn = rh->rnh_matchaddr((void *)&sin4, &rh->head); 258 if (rn != NULL && ((rn->rn_flags & RNF_ROOT) == 0)) { 259 rt = RNTORT(rn); 260 #ifdef RADIX_MPATH 261 if (rt_mpath_next(rt) != NULL) 262 rt = rt_mpath_selectrte(rt, flowid); 263 #endif 264 nh = rt->rt_nhop; 265 /* Ensure route & ifp is UP */ 266 if (RT_LINK_IS_UP(nh->nh_ifp)) { 267 if (flags & NHR_REF) 268 nhop_ref_object(nh); 269 RIB_RUNLOCK(rh); 270 return (nh); 271 } 272 } 273 RIB_RUNLOCK(rh); 274 275 RTSTAT_INC(rts_unreach); 276 return (NULL); 277 } 278 279 inline static int 280 check_urpf(const struct nhop_object *nh, uint32_t flags, 281 const struct ifnet *src_if) 282 { 283 284 if (src_if != NULL && nh->nh_aifp == src_if) { 285 return (1); 286 } 287 if (src_if == NULL) { 288 if ((flags & NHR_NODEFAULT) == 0) 289 return (1); 290 else if ((nh->nh_flags & NHF_DEFAULT) == 0) 291 return (1); 292 } 293 294 return (0); 295 } 296 297 #ifdef RADIX_MPATH 298 inline static int 299 check_urpf_mpath(struct rtentry *rt, uint32_t flags, 300 const struct ifnet *src_if) 301 { 302 303 while (rt != NULL) { 304 if (check_urpf(rt->rt_nhop, flags, src_if) != 0) 305 return (1); 306 rt = rt_mpath_next(rt); 307 } 308 309 return (0); 310 } 311 #endif 312 313 /* 314 * Performs reverse path forwarding lookup. 315 * If @src_if is non-zero, verifies that at least 1 path goes via 316 * this interface. 317 * If @src_if is zero, verifies that route exist. 318 * if @flags contains NHR_NOTDEFAULT, do not consider default route. 319 * 320 * Returns 1 if route matching conditions is found, 0 otherwise. 321 */ 322 int 323 fib4_check_urpf(uint32_t fibnum, struct in_addr dst, uint32_t scopeid, 324 uint32_t flags, const struct ifnet *src_if) 325 { 326 RIB_RLOCK_TRACKER; 327 struct rib_head *rh; 328 struct radix_node *rn; 329 struct rtentry *rt; 330 int ret; 331 332 KASSERT((fibnum < rt_numfibs), ("fib4_check_urpf: bad fibnum")); 333 rh = rt_tables_get_rnh(fibnum, AF_INET); 334 if (rh == NULL) 335 return (0); 336 337 /* Prepare lookup key */ 338 struct sockaddr_in sin4; 339 memset(&sin4, 0, sizeof(sin4)); 340 sin4.sin_len = sizeof(struct sockaddr_in); 341 sin4.sin_addr = dst; 342 343 RIB_RLOCK(rh); 344 rn = rh->rnh_matchaddr((void *)&sin4, &rh->head); 345 if (rn != NULL && ((rn->rn_flags & RNF_ROOT) == 0)) { 346 rt = RNTORT(rn); 347 #ifdef RADIX_MPATH 348 ret = check_urpf_mpath(rt, flags, src_if); 349 #else 350 ret = check_urpf(rt->rt_nhop, flags, src_if); 351 #endif 352 RIB_RUNLOCK(rh); 353 return (ret); 354 } 355 RIB_RUNLOCK(rh); 356 357 return (0); 358 } 359 360 #endif 361