1 /*- 2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the project nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * $KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $ 30 */ 31 32 /*- 33 * Copyright (c) 1982, 1986, 1991, 1993 34 * The Regents of the University of California. All rights reserved. 35 * 36 * Redistribution and use in source and binary forms, with or without 37 * modification, are permitted provided that the following conditions 38 * are met: 39 * 1. Redistributions of source code must retain the above copyright 40 * notice, this list of conditions and the following disclaimer. 41 * 2. Redistributions in binary form must reproduce the above copyright 42 * notice, this list of conditions and the following disclaimer in the 43 * documentation and/or other materials provided with the distribution. 44 * 4. Neither the name of the University nor the names of its contributors 45 * may be used to endorse or promote products derived from this software 46 * without specific prior written permission. 47 * 48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 58 * SUCH DAMAGE. 59 * 60 * @(#)in.c 8.2 (Berkeley) 11/15/93 61 */ 62 63 #include <sys/cdefs.h> 64 __FBSDID("$FreeBSD$"); 65 66 #include "opt_inet.h" 67 #include "opt_inet6.h" 68 #include "opt_route.h" 69 70 #include <sys/param.h> 71 #include <sys/errno.h> 72 #include <sys/jail.h> 73 #include <sys/malloc.h> 74 #include <sys/socket.h> 75 #include <sys/socketvar.h> 76 #include <sys/sockio.h> 77 #include <sys/systm.h> 78 #include <sys/priv.h> 79 #include <sys/proc.h> 80 #include <sys/time.h> 81 #include <sys/kernel.h> 82 #include <sys/syslog.h> 83 #include <sys/vimage.h> 84 85 #include <net/if.h> 86 #include <net/if_types.h> 87 #include <net/route.h> 88 #include <net/if_dl.h> 89 #include <net/vnet.h> 90 91 #include <netinet/in.h> 92 #include <netinet/in_var.h> 93 #include <net/if_llatbl.h> 94 #include <netinet/if_ether.h> 95 #include <netinet/in_systm.h> 96 #include <netinet/ip.h> 97 #include <netinet/in_pcb.h> 98 99 #include <netinet/ip6.h> 100 #include <netinet6/ip6_var.h> 101 #include <netinet6/nd6.h> 102 #include <netinet6/mld6_var.h> 103 #include <netinet6/ip6_mroute.h> 104 #include <netinet6/in6_ifattach.h> 105 #include <netinet6/scope6_var.h> 106 #include <netinet6/in6_pcb.h> 107 #include <netinet6/vinet6.h> 108 109 /* 110 * Definitions of some costant IP6 addresses. 111 */ 112 const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT; 113 const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT; 114 const struct in6_addr in6addr_nodelocal_allnodes = 115 IN6ADDR_NODELOCAL_ALLNODES_INIT; 116 const struct in6_addr in6addr_linklocal_allnodes = 117 IN6ADDR_LINKLOCAL_ALLNODES_INIT; 118 const struct in6_addr in6addr_linklocal_allrouters = 119 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT; 120 const struct in6_addr in6addr_linklocal_allv2routers = 121 IN6ADDR_LINKLOCAL_ALLV2ROUTERS_INIT; 122 123 const struct in6_addr in6mask0 = IN6MASK0; 124 const struct in6_addr in6mask32 = IN6MASK32; 125 const struct in6_addr in6mask64 = IN6MASK64; 126 const struct in6_addr in6mask96 = IN6MASK96; 127 const struct in6_addr in6mask128 = IN6MASK128; 128 129 const struct sockaddr_in6 sa6_any = 130 { sizeof(sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0 }; 131 132 static int in6_lifaddr_ioctl __P((struct socket *, u_long, caddr_t, 133 struct ifnet *, struct thread *)); 134 static int in6_ifinit __P((struct ifnet *, struct in6_ifaddr *, 135 struct sockaddr_in6 *, int)); 136 static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *); 137 138 int (*faithprefix_p)(struct in6_addr *); 139 140 141 142 int 143 in6_mask2len(struct in6_addr *mask, u_char *lim0) 144 { 145 int x = 0, y; 146 u_char *lim = lim0, *p; 147 148 /* ignore the scope_id part */ 149 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask)) 150 lim = (u_char *)mask + sizeof(*mask); 151 for (p = (u_char *)mask; p < lim; x++, p++) { 152 if (*p != 0xff) 153 break; 154 } 155 y = 0; 156 if (p < lim) { 157 for (y = 0; y < 8; y++) { 158 if ((*p & (0x80 >> y)) == 0) 159 break; 160 } 161 } 162 163 /* 164 * when the limit pointer is given, do a stricter check on the 165 * remaining bits. 166 */ 167 if (p < lim) { 168 if (y != 0 && (*p & (0x00ff >> y)) != 0) 169 return (-1); 170 for (p = p + 1; p < lim; p++) 171 if (*p != 0) 172 return (-1); 173 } 174 175 return x * 8 + y; 176 } 177 178 #define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa)) 179 #define ia62ifa(ia6) (&((ia6)->ia_ifa)) 180 181 int 182 in6_control(struct socket *so, u_long cmd, caddr_t data, 183 struct ifnet *ifp, struct thread *td) 184 { 185 INIT_VNET_INET6(curvnet); 186 struct in6_ifreq *ifr = (struct in6_ifreq *)data; 187 struct in6_ifaddr *ia = NULL; 188 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data; 189 struct sockaddr_in6 *sa6; 190 int error; 191 192 switch (cmd) { 193 case SIOCGETSGCNT_IN6: 194 case SIOCGETMIFCNT_IN6: 195 return (mrt6_ioctl ? mrt6_ioctl(cmd, data) : EOPNOTSUPP); 196 } 197 198 switch(cmd) { 199 case SIOCAADDRCTL_POLICY: 200 case SIOCDADDRCTL_POLICY: 201 if (td != NULL) { 202 error = priv_check(td, PRIV_NETINET_ADDRCTRL6); 203 if (error) 204 return (error); 205 } 206 return (in6_src_ioctl(cmd, data)); 207 } 208 209 if (ifp == NULL) 210 return (EOPNOTSUPP); 211 212 switch (cmd) { 213 case SIOCSNDFLUSH_IN6: 214 case SIOCSPFXFLUSH_IN6: 215 case SIOCSRTRFLUSH_IN6: 216 case SIOCSDEFIFACE_IN6: 217 case SIOCSIFINFO_FLAGS: 218 if (td != NULL) { 219 error = priv_check(td, PRIV_NETINET_ND6); 220 if (error) 221 return (error); 222 } 223 /* FALLTHROUGH */ 224 case OSIOCGIFINFO_IN6: 225 case SIOCGIFINFO_IN6: 226 case SIOCSIFINFO_IN6: 227 case SIOCGDRLST_IN6: 228 case SIOCGPRLST_IN6: 229 case SIOCGNBRINFO_IN6: 230 case SIOCGDEFIFACE_IN6: 231 return (nd6_ioctl(cmd, data, ifp)); 232 } 233 234 switch (cmd) { 235 case SIOCSIFPREFIX_IN6: 236 case SIOCDIFPREFIX_IN6: 237 case SIOCAIFPREFIX_IN6: 238 case SIOCCIFPREFIX_IN6: 239 case SIOCSGIFPREFIX_IN6: 240 case SIOCGIFPREFIX_IN6: 241 log(LOG_NOTICE, 242 "prefix ioctls are now invalidated. " 243 "please use ifconfig.\n"); 244 return (EOPNOTSUPP); 245 } 246 247 switch (cmd) { 248 case SIOCSSCOPE6: 249 if (td != NULL) { 250 error = priv_check(td, PRIV_NETINET_SCOPE6); 251 if (error) 252 return (error); 253 } 254 return (scope6_set(ifp, 255 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id)); 256 case SIOCGSCOPE6: 257 return (scope6_get(ifp, 258 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id)); 259 case SIOCGSCOPE6DEF: 260 return (scope6_get_default((struct scope6_id *) 261 ifr->ifr_ifru.ifru_scope_id)); 262 } 263 264 switch (cmd) { 265 case SIOCALIFADDR: 266 if (td != NULL) { 267 error = priv_check(td, PRIV_NET_ADDIFADDR); 268 if (error) 269 return (error); 270 } 271 return in6_lifaddr_ioctl(so, cmd, data, ifp, td); 272 273 case SIOCDLIFADDR: 274 if (td != NULL) { 275 error = priv_check(td, PRIV_NET_DELIFADDR); 276 if (error) 277 return (error); 278 } 279 /* FALLTHROUGH */ 280 case SIOCGLIFADDR: 281 return in6_lifaddr_ioctl(so, cmd, data, ifp, td); 282 } 283 284 /* 285 * Find address for this interface, if it exists. 286 * 287 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation 288 * only, and used the first interface address as the target of other 289 * operations (without checking ifra_addr). This was because netinet 290 * code/API assumed at most 1 interface address per interface. 291 * Since IPv6 allows a node to assign multiple addresses 292 * on a single interface, we almost always look and check the 293 * presence of ifra_addr, and reject invalid ones here. 294 * It also decreases duplicated code among SIOC*_IN6 operations. 295 */ 296 switch (cmd) { 297 case SIOCAIFADDR_IN6: 298 case SIOCSIFPHYADDR_IN6: 299 sa6 = &ifra->ifra_addr; 300 break; 301 case SIOCSIFADDR_IN6: 302 case SIOCGIFADDR_IN6: 303 case SIOCSIFDSTADDR_IN6: 304 case SIOCSIFNETMASK_IN6: 305 case SIOCGIFDSTADDR_IN6: 306 case SIOCGIFNETMASK_IN6: 307 case SIOCDIFADDR_IN6: 308 case SIOCGIFPSRCADDR_IN6: 309 case SIOCGIFPDSTADDR_IN6: 310 case SIOCGIFAFLAG_IN6: 311 case SIOCSNDFLUSH_IN6: 312 case SIOCSPFXFLUSH_IN6: 313 case SIOCSRTRFLUSH_IN6: 314 case SIOCGIFALIFETIME_IN6: 315 case SIOCSIFALIFETIME_IN6: 316 case SIOCGIFSTAT_IN6: 317 case SIOCGIFSTAT_ICMP6: 318 sa6 = &ifr->ifr_addr; 319 break; 320 default: 321 sa6 = NULL; 322 break; 323 } 324 if (sa6 && sa6->sin6_family == AF_INET6) { 325 int error = 0; 326 327 if (sa6->sin6_scope_id != 0) 328 error = sa6_embedscope(sa6, 0); 329 else 330 error = in6_setscope(&sa6->sin6_addr, ifp, NULL); 331 if (error != 0) 332 return (error); 333 if (td != NULL && (error = prison_check_ip6(td->td_ucred, 334 &sa6->sin6_addr)) != 0) 335 return (error); 336 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr); 337 } else 338 ia = NULL; 339 340 switch (cmd) { 341 case SIOCSIFADDR_IN6: 342 case SIOCSIFDSTADDR_IN6: 343 case SIOCSIFNETMASK_IN6: 344 /* 345 * Since IPv6 allows a node to assign multiple addresses 346 * on a single interface, SIOCSIFxxx ioctls are deprecated. 347 */ 348 /* we decided to obsolete this command (20000704) */ 349 return (EINVAL); 350 351 case SIOCDIFADDR_IN6: 352 /* 353 * for IPv4, we look for existing in_ifaddr here to allow 354 * "ifconfig if0 delete" to remove the first IPv4 address on 355 * the interface. For IPv6, as the spec allows multiple 356 * interface address from the day one, we consider "remove the 357 * first one" semantics to be not preferable. 358 */ 359 if (ia == NULL) 360 return (EADDRNOTAVAIL); 361 /* FALLTHROUGH */ 362 case SIOCAIFADDR_IN6: 363 /* 364 * We always require users to specify a valid IPv6 address for 365 * the corresponding operation. 366 */ 367 if (ifra->ifra_addr.sin6_family != AF_INET6 || 368 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) 369 return (EAFNOSUPPORT); 370 371 if (td != NULL) { 372 error = priv_check(td, (cmd == SIOCDIFADDR_IN6) ? 373 PRIV_NET_DELIFADDR : PRIV_NET_ADDIFADDR); 374 if (error) 375 return (error); 376 } 377 378 break; 379 380 case SIOCGIFADDR_IN6: 381 /* This interface is basically deprecated. use SIOCGIFCONF. */ 382 /* FALLTHROUGH */ 383 case SIOCGIFAFLAG_IN6: 384 case SIOCGIFNETMASK_IN6: 385 case SIOCGIFDSTADDR_IN6: 386 case SIOCGIFALIFETIME_IN6: 387 /* must think again about its semantics */ 388 if (ia == NULL) 389 return (EADDRNOTAVAIL); 390 break; 391 case SIOCSIFALIFETIME_IN6: 392 { 393 struct in6_addrlifetime *lt; 394 395 if (td != NULL) { 396 error = priv_check(td, PRIV_NETINET_ALIFETIME6); 397 if (error) 398 return (error); 399 } 400 if (ia == NULL) 401 return (EADDRNOTAVAIL); 402 /* sanity for overflow - beware unsigned */ 403 lt = &ifr->ifr_ifru.ifru_lifetime; 404 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME && 405 lt->ia6t_vltime + time_second < time_second) { 406 return EINVAL; 407 } 408 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME && 409 lt->ia6t_pltime + time_second < time_second) { 410 return EINVAL; 411 } 412 break; 413 } 414 } 415 416 switch (cmd) { 417 418 case SIOCGIFADDR_IN6: 419 ifr->ifr_addr = ia->ia_addr; 420 if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0) 421 return (error); 422 break; 423 424 case SIOCGIFDSTADDR_IN6: 425 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) 426 return (EINVAL); 427 /* 428 * XXX: should we check if ifa_dstaddr is NULL and return 429 * an error? 430 */ 431 ifr->ifr_dstaddr = ia->ia_dstaddr; 432 if ((error = sa6_recoverscope(&ifr->ifr_dstaddr)) != 0) 433 return (error); 434 break; 435 436 case SIOCGIFNETMASK_IN6: 437 ifr->ifr_addr = ia->ia_prefixmask; 438 break; 439 440 case SIOCGIFAFLAG_IN6: 441 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags; 442 break; 443 444 case SIOCGIFSTAT_IN6: 445 if (ifp == NULL) 446 return EINVAL; 447 bzero(&ifr->ifr_ifru.ifru_stat, 448 sizeof(ifr->ifr_ifru.ifru_stat)); 449 ifr->ifr_ifru.ifru_stat = 450 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat; 451 break; 452 453 case SIOCGIFSTAT_ICMP6: 454 if (ifp == NULL) 455 return EINVAL; 456 bzero(&ifr->ifr_ifru.ifru_icmp6stat, 457 sizeof(ifr->ifr_ifru.ifru_icmp6stat)); 458 ifr->ifr_ifru.ifru_icmp6stat = 459 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat; 460 break; 461 462 case SIOCGIFALIFETIME_IN6: 463 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime; 464 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 465 time_t maxexpire; 466 struct in6_addrlifetime *retlt = 467 &ifr->ifr_ifru.ifru_lifetime; 468 469 /* 470 * XXX: adjust expiration time assuming time_t is 471 * signed. 472 */ 473 maxexpire = (-1) & 474 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1)); 475 if (ia->ia6_lifetime.ia6t_vltime < 476 maxexpire - ia->ia6_updatetime) { 477 retlt->ia6t_expire = ia->ia6_updatetime + 478 ia->ia6_lifetime.ia6t_vltime; 479 } else 480 retlt->ia6t_expire = maxexpire; 481 } 482 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 483 time_t maxexpire; 484 struct in6_addrlifetime *retlt = 485 &ifr->ifr_ifru.ifru_lifetime; 486 487 /* 488 * XXX: adjust expiration time assuming time_t is 489 * signed. 490 */ 491 maxexpire = (-1) & 492 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1)); 493 if (ia->ia6_lifetime.ia6t_pltime < 494 maxexpire - ia->ia6_updatetime) { 495 retlt->ia6t_preferred = ia->ia6_updatetime + 496 ia->ia6_lifetime.ia6t_pltime; 497 } else 498 retlt->ia6t_preferred = maxexpire; 499 } 500 break; 501 502 case SIOCSIFALIFETIME_IN6: 503 ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime; 504 /* for sanity */ 505 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 506 ia->ia6_lifetime.ia6t_expire = 507 time_second + ia->ia6_lifetime.ia6t_vltime; 508 } else 509 ia->ia6_lifetime.ia6t_expire = 0; 510 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 511 ia->ia6_lifetime.ia6t_preferred = 512 time_second + ia->ia6_lifetime.ia6t_pltime; 513 } else 514 ia->ia6_lifetime.ia6t_preferred = 0; 515 break; 516 517 case SIOCAIFADDR_IN6: 518 { 519 int i, error = 0; 520 struct nd_prefixctl pr0; 521 struct nd_prefix *pr; 522 523 /* 524 * first, make or update the interface address structure, 525 * and link it to the list. 526 */ 527 if ((error = in6_update_ifa(ifp, ifra, ia, 0)) != 0) 528 return (error); 529 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr)) 530 == NULL) { 531 /* 532 * this can happen when the user specify the 0 valid 533 * lifetime. 534 */ 535 break; 536 } 537 538 /* 539 * then, make the prefix on-link on the interface. 540 * XXX: we'd rather create the prefix before the address, but 541 * we need at least one address to install the corresponding 542 * interface route, so we configure the address first. 543 */ 544 545 /* 546 * convert mask to prefix length (prefixmask has already 547 * been validated in in6_update_ifa(). 548 */ 549 bzero(&pr0, sizeof(pr0)); 550 pr0.ndpr_ifp = ifp; 551 pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 552 NULL); 553 if (pr0.ndpr_plen == 128) { 554 break; /* we don't need to install a host route. */ 555 } 556 pr0.ndpr_prefix = ifra->ifra_addr; 557 /* apply the mask for safety. */ 558 for (i = 0; i < 4; i++) { 559 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &= 560 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i]; 561 } 562 /* 563 * XXX: since we don't have an API to set prefix (not address) 564 * lifetimes, we just use the same lifetimes as addresses. 565 * The (temporarily) installed lifetimes can be overridden by 566 * later advertised RAs (when accept_rtadv is non 0), which is 567 * an intended behavior. 568 */ 569 pr0.ndpr_raf_onlink = 1; /* should be configurable? */ 570 pr0.ndpr_raf_auto = 571 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0); 572 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime; 573 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime; 574 575 /* add the prefix if not yet. */ 576 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) { 577 /* 578 * nd6_prelist_add will install the corresponding 579 * interface route. 580 */ 581 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) 582 return (error); 583 if (pr == NULL) { 584 log(LOG_ERR, "nd6_prelist_add succeeded but " 585 "no prefix\n"); 586 return (EINVAL); /* XXX panic here? */ 587 } 588 } 589 590 /* relate the address to the prefix */ 591 if (ia->ia6_ndpr == NULL) { 592 ia->ia6_ndpr = pr; 593 pr->ndpr_refcnt++; 594 595 /* 596 * If this is the first autoconf address from the 597 * prefix, create a temporary address as well 598 * (when required). 599 */ 600 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) && 601 V_ip6_use_tempaddr && pr->ndpr_refcnt == 1) { 602 int e; 603 if ((e = in6_tmpifadd(ia, 1, 0)) != 0) { 604 log(LOG_NOTICE, "in6_control: failed " 605 "to create a temporary address, " 606 "errno=%d\n", e); 607 } 608 } 609 } 610 611 /* 612 * this might affect the status of autoconfigured addresses, 613 * that is, this address might make other addresses detached. 614 */ 615 pfxlist_onlink_check(); 616 if (error == 0 && ia) 617 EVENTHANDLER_INVOKE(ifaddr_event, ifp); 618 break; 619 } 620 621 case SIOCDIFADDR_IN6: 622 { 623 struct nd_prefix *pr; 624 625 /* 626 * If the address being deleted is the only one that owns 627 * the corresponding prefix, expire the prefix as well. 628 * XXX: theoretically, we don't have to worry about such 629 * relationship, since we separate the address management 630 * and the prefix management. We do this, however, to provide 631 * as much backward compatibility as possible in terms of 632 * the ioctl operation. 633 * Note that in6_purgeaddr() will decrement ndpr_refcnt. 634 */ 635 pr = ia->ia6_ndpr; 636 in6_purgeaddr(&ia->ia_ifa); 637 if (pr && pr->ndpr_refcnt == 0) 638 prelist_remove(pr); 639 EVENTHANDLER_INVOKE(ifaddr_event, ifp); 640 break; 641 } 642 643 default: 644 if (ifp == NULL || ifp->if_ioctl == 0) 645 return (EOPNOTSUPP); 646 return ((*ifp->if_ioctl)(ifp, cmd, data)); 647 } 648 649 return (0); 650 } 651 652 /* 653 * Update parameters of an IPv6 interface address. 654 * If necessary, a new entry is created and linked into address chains. 655 * This function is separated from in6_control(). 656 * XXX: should this be performed under splnet()? 657 */ 658 int 659 in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, 660 struct in6_ifaddr *ia, int flags) 661 { 662 INIT_VNET_INET6(ifp->if_vnet); 663 INIT_VPROCG(TD_TO_VPROCG(curthread)); /* XXX V_hostname needs this */ 664 int error = 0, hostIsNew = 0, plen = -1; 665 struct in6_ifaddr *oia; 666 struct sockaddr_in6 dst6; 667 struct in6_addrlifetime *lt; 668 struct in6_multi_mship *imm; 669 struct in6_multi *in6m_sol; 670 struct rtentry *rt; 671 int delay; 672 char ip6buf[INET6_ADDRSTRLEN]; 673 674 /* Validate parameters */ 675 if (ifp == NULL || ifra == NULL) /* this maybe redundant */ 676 return (EINVAL); 677 678 /* 679 * The destination address for a p2p link must have a family 680 * of AF_UNSPEC or AF_INET6. 681 */ 682 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && 683 ifra->ifra_dstaddr.sin6_family != AF_INET6 && 684 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC) 685 return (EAFNOSUPPORT); 686 /* 687 * validate ifra_prefixmask. don't check sin6_family, netmask 688 * does not carry fields other than sin6_len. 689 */ 690 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6)) 691 return (EINVAL); 692 /* 693 * Because the IPv6 address architecture is classless, we require 694 * users to specify a (non 0) prefix length (mask) for a new address. 695 * We also require the prefix (when specified) mask is valid, and thus 696 * reject a non-consecutive mask. 697 */ 698 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0) 699 return (EINVAL); 700 if (ifra->ifra_prefixmask.sin6_len != 0) { 701 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 702 (u_char *)&ifra->ifra_prefixmask + 703 ifra->ifra_prefixmask.sin6_len); 704 if (plen <= 0) 705 return (EINVAL); 706 } else { 707 /* 708 * In this case, ia must not be NULL. We just use its prefix 709 * length. 710 */ 711 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 712 } 713 /* 714 * If the destination address on a p2p interface is specified, 715 * and the address is a scoped one, validate/set the scope 716 * zone identifier. 717 */ 718 dst6 = ifra->ifra_dstaddr; 719 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 && 720 (dst6.sin6_family == AF_INET6)) { 721 struct in6_addr in6_tmp; 722 u_int32_t zoneid; 723 724 in6_tmp = dst6.sin6_addr; 725 if (in6_setscope(&in6_tmp, ifp, &zoneid)) 726 return (EINVAL); /* XXX: should be impossible */ 727 728 if (dst6.sin6_scope_id != 0) { 729 if (dst6.sin6_scope_id != zoneid) 730 return (EINVAL); 731 } else /* user omit to specify the ID. */ 732 dst6.sin6_scope_id = zoneid; 733 734 /* convert into the internal form */ 735 if (sa6_embedscope(&dst6, 0)) 736 return (EINVAL); /* XXX: should be impossible */ 737 } 738 /* 739 * The destination address can be specified only for a p2p or a 740 * loopback interface. If specified, the corresponding prefix length 741 * must be 128. 742 */ 743 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) { 744 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) { 745 /* XXX: noisy message */ 746 nd6log((LOG_INFO, "in6_update_ifa: a destination can " 747 "be specified for a p2p or a loopback IF only\n")); 748 return (EINVAL); 749 } 750 if (plen != 128) { 751 nd6log((LOG_INFO, "in6_update_ifa: prefixlen should " 752 "be 128 when dstaddr is specified\n")); 753 return (EINVAL); 754 } 755 } 756 /* lifetime consistency check */ 757 lt = &ifra->ifra_lifetime; 758 if (lt->ia6t_pltime > lt->ia6t_vltime) 759 return (EINVAL); 760 if (lt->ia6t_vltime == 0) { 761 /* 762 * the following log might be noisy, but this is a typical 763 * configuration mistake or a tool's bug. 764 */ 765 nd6log((LOG_INFO, 766 "in6_update_ifa: valid lifetime is 0 for %s\n", 767 ip6_sprintf(ip6buf, &ifra->ifra_addr.sin6_addr))); 768 769 if (ia == NULL) 770 return (0); /* there's nothing to do */ 771 } 772 773 /* 774 * If this is a new address, allocate a new ifaddr and link it 775 * into chains. 776 */ 777 if (ia == NULL) { 778 hostIsNew = 1; 779 /* 780 * When in6_update_ifa() is called in a process of a received 781 * RA, it is called under an interrupt context. So, we should 782 * call malloc with M_NOWAIT. 783 */ 784 ia = (struct in6_ifaddr *) malloc(sizeof(*ia), M_IFADDR, 785 M_NOWAIT); 786 if (ia == NULL) 787 return (ENOBUFS); 788 bzero((caddr_t)ia, sizeof(*ia)); 789 LIST_INIT(&ia->ia6_memberships); 790 /* Initialize the address and masks, and put time stamp */ 791 IFA_LOCK_INIT(&ia->ia_ifa); 792 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr; 793 ia->ia_addr.sin6_family = AF_INET6; 794 ia->ia_addr.sin6_len = sizeof(ia->ia_addr); 795 ia->ia6_createtime = time_second; 796 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) { 797 /* 798 * XXX: some functions expect that ifa_dstaddr is not 799 * NULL for p2p interfaces. 800 */ 801 ia->ia_ifa.ifa_dstaddr = 802 (struct sockaddr *)&ia->ia_dstaddr; 803 } else { 804 ia->ia_ifa.ifa_dstaddr = NULL; 805 } 806 ia->ia_ifa.ifa_netmask = (struct sockaddr *)&ia->ia_prefixmask; 807 808 ia->ia_ifp = ifp; 809 if ((oia = V_in6_ifaddr) != NULL) { 810 for ( ; oia->ia_next; oia = oia->ia_next) 811 continue; 812 oia->ia_next = ia; 813 } else 814 V_in6_ifaddr = ia; 815 816 ia->ia_ifa.ifa_refcnt = 1; 817 IF_ADDR_LOCK(ifp); 818 TAILQ_INSERT_TAIL(&ifp->if_addrhead, &ia->ia_ifa, ifa_link); 819 IF_ADDR_UNLOCK(ifp); 820 } 821 822 /* update timestamp */ 823 ia->ia6_updatetime = time_second; 824 825 /* set prefix mask */ 826 if (ifra->ifra_prefixmask.sin6_len) { 827 /* 828 * We prohibit changing the prefix length of an existing 829 * address, because 830 * + such an operation should be rare in IPv6, and 831 * + the operation would confuse prefix management. 832 */ 833 if (ia->ia_prefixmask.sin6_len && 834 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) { 835 nd6log((LOG_INFO, "in6_update_ifa: the prefix length of an" 836 " existing (%s) address should not be changed\n", 837 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr))); 838 error = EINVAL; 839 goto unlink; 840 } 841 ia->ia_prefixmask = ifra->ifra_prefixmask; 842 } 843 844 /* 845 * If a new destination address is specified, scrub the old one and 846 * install the new destination. Note that the interface must be 847 * p2p or loopback (see the check above.) 848 */ 849 if (dst6.sin6_family == AF_INET6 && 850 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, &ia->ia_dstaddr.sin6_addr)) { 851 int e; 852 853 if ((ia->ia_flags & IFA_ROUTE) != 0 && 854 (e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) != 0) { 855 nd6log((LOG_ERR, "in6_update_ifa: failed to remove " 856 "a route to the old destination: %s\n", 857 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr))); 858 /* proceed anyway... */ 859 } else 860 ia->ia_flags &= ~IFA_ROUTE; 861 ia->ia_dstaddr = dst6; 862 } 863 864 /* 865 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred 866 * to see if the address is deprecated or invalidated, but initialize 867 * these members for applications. 868 */ 869 ia->ia6_lifetime = ifra->ifra_lifetime; 870 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 871 ia->ia6_lifetime.ia6t_expire = 872 time_second + ia->ia6_lifetime.ia6t_vltime; 873 } else 874 ia->ia6_lifetime.ia6t_expire = 0; 875 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 876 ia->ia6_lifetime.ia6t_preferred = 877 time_second + ia->ia6_lifetime.ia6t_pltime; 878 } else 879 ia->ia6_lifetime.ia6t_preferred = 0; 880 881 /* reset the interface and routing table appropriately. */ 882 if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0) 883 goto unlink; 884 885 /* 886 * configure address flags. 887 */ 888 ia->ia6_flags = ifra->ifra_flags; 889 /* 890 * backward compatibility - if IN6_IFF_DEPRECATED is set from the 891 * userland, make it deprecated. 892 */ 893 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) { 894 ia->ia6_lifetime.ia6t_pltime = 0; 895 ia->ia6_lifetime.ia6t_preferred = time_second; 896 } 897 /* 898 * Make the address tentative before joining multicast addresses, 899 * so that corresponding MLD responses would not have a tentative 900 * source address. 901 */ 902 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */ 903 if (hostIsNew && in6if_do_dad(ifp)) 904 ia->ia6_flags |= IN6_IFF_TENTATIVE; 905 906 /* 907 * We are done if we have simply modified an existing address. 908 */ 909 if (!hostIsNew) 910 return (error); 911 912 /* 913 * Beyond this point, we should call in6_purgeaddr upon an error, 914 * not just go to unlink. 915 */ 916 917 /* Join necessary multicast groups */ 918 in6m_sol = NULL; 919 if ((ifp->if_flags & IFF_MULTICAST) != 0) { 920 struct sockaddr_in6 mltaddr, mltmask; 921 struct in6_addr llsol; 922 923 /* join solicited multicast addr for new host id */ 924 bzero(&llsol, sizeof(struct in6_addr)); 925 llsol.s6_addr32[0] = IPV6_ADDR_INT32_MLL; 926 llsol.s6_addr32[1] = 0; 927 llsol.s6_addr32[2] = htonl(1); 928 llsol.s6_addr32[3] = ifra->ifra_addr.sin6_addr.s6_addr32[3]; 929 llsol.s6_addr8[12] = 0xff; 930 if ((error = in6_setscope(&llsol, ifp, NULL)) != 0) { 931 /* XXX: should not happen */ 932 log(LOG_ERR, "in6_update_ifa: " 933 "in6_setscope failed\n"); 934 goto cleanup; 935 } 936 delay = 0; 937 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 938 /* 939 * We need a random delay for DAD on the address 940 * being configured. It also means delaying 941 * transmission of the corresponding MLD report to 942 * avoid report collision. 943 * [draft-ietf-ipv6-rfc2462bis-02.txt] 944 */ 945 delay = arc4random() % 946 (MAX_RTR_SOLICITATION_DELAY * hz); 947 } 948 imm = in6_joingroup(ifp, &llsol, &error, delay); 949 if (imm == NULL) { 950 nd6log((LOG_WARNING, 951 "in6_update_ifa: addmulti failed for " 952 "%s on %s (errno=%d)\n", 953 ip6_sprintf(ip6buf, &llsol), if_name(ifp), 954 error)); 955 in6_purgeaddr((struct ifaddr *)ia); 956 return (error); 957 } 958 LIST_INSERT_HEAD(&ia->ia6_memberships, 959 imm, i6mm_chain); 960 in6m_sol = imm->i6mm_maddr; 961 962 bzero(&mltmask, sizeof(mltmask)); 963 mltmask.sin6_len = sizeof(struct sockaddr_in6); 964 mltmask.sin6_family = AF_INET6; 965 mltmask.sin6_addr = in6mask32; 966 #define MLTMASK_LEN 4 /* mltmask's masklen (=32bit=4octet) */ 967 968 /* 969 * join link-local all-nodes address 970 */ 971 bzero(&mltaddr, sizeof(mltaddr)); 972 mltaddr.sin6_len = sizeof(struct sockaddr_in6); 973 mltaddr.sin6_family = AF_INET6; 974 mltaddr.sin6_addr = in6addr_linklocal_allnodes; 975 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 976 0) 977 goto cleanup; /* XXX: should not fail */ 978 979 /* 980 * XXX: do we really need this automatic routes? 981 * We should probably reconsider this stuff. Most applications 982 * actually do not need the routes, since they usually specify 983 * the outgoing interface. 984 */ 985 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 986 if (rt) { 987 /* XXX: only works in !SCOPEDROUTING case. */ 988 if (memcmp(&mltaddr.sin6_addr, 989 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 990 MLTMASK_LEN)) { 991 RTFREE_LOCKED(rt); 992 rt = NULL; 993 } 994 } 995 if (!rt) { 996 error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr, 997 (struct sockaddr *)&ia->ia_addr, 998 (struct sockaddr *)&mltmask, RTF_UP, 999 (struct rtentry **)0); 1000 if (error) 1001 goto cleanup; 1002 } else { 1003 RTFREE_LOCKED(rt); 1004 } 1005 1006 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0); 1007 if (!imm) { 1008 nd6log((LOG_WARNING, 1009 "in6_update_ifa: addmulti failed for " 1010 "%s on %s (errno=%d)\n", 1011 ip6_sprintf(ip6buf, &mltaddr.sin6_addr), 1012 if_name(ifp), error)); 1013 goto cleanup; 1014 } 1015 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1016 1017 /* 1018 * join node information group address 1019 */ 1020 #define hostnamelen strlen(V_hostname) 1021 delay = 0; 1022 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1023 /* 1024 * The spec doesn't say anything about delay for this 1025 * group, but the same logic should apply. 1026 */ 1027 delay = arc4random() % 1028 (MAX_RTR_SOLICITATION_DELAY * hz); 1029 } 1030 mtx_lock(&hostname_mtx); 1031 if (in6_nigroup(ifp, V_hostname, hostnamelen, 1032 &mltaddr.sin6_addr) == 0) { 1033 mtx_unlock(&hostname_mtx); 1034 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 1035 delay); /* XXX jinmei */ 1036 if (!imm) { 1037 nd6log((LOG_WARNING, "in6_update_ifa: " 1038 "addmulti failed for %s on %s " 1039 "(errno=%d)\n", 1040 ip6_sprintf(ip6buf, &mltaddr.sin6_addr), 1041 if_name(ifp), error)); 1042 /* XXX not very fatal, go on... */ 1043 } else { 1044 LIST_INSERT_HEAD(&ia->ia6_memberships, 1045 imm, i6mm_chain); 1046 } 1047 } else 1048 mtx_unlock(&hostname_mtx); 1049 #undef hostnamelen 1050 1051 /* 1052 * join interface-local all-nodes address. 1053 * (ff01::1%ifN, and ff01::%ifN/32) 1054 */ 1055 mltaddr.sin6_addr = in6addr_nodelocal_allnodes; 1056 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) 1057 != 0) 1058 goto cleanup; /* XXX: should not fail */ 1059 /* XXX: again, do we really need the route? */ 1060 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 1061 if (rt) { 1062 if (memcmp(&mltaddr.sin6_addr, 1063 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 1064 MLTMASK_LEN)) { 1065 RTFREE_LOCKED(rt); 1066 rt = NULL; 1067 } 1068 } 1069 if (!rt) { 1070 error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr, 1071 (struct sockaddr *)&ia->ia_addr, 1072 (struct sockaddr *)&mltmask, RTF_UP, 1073 (struct rtentry **)0); 1074 if (error) 1075 goto cleanup; 1076 } else 1077 RTFREE_LOCKED(rt); 1078 1079 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0); 1080 if (!imm) { 1081 nd6log((LOG_WARNING, "in6_update_ifa: " 1082 "addmulti failed for %s on %s " 1083 "(errno=%d)\n", 1084 ip6_sprintf(ip6buf, &mltaddr.sin6_addr), 1085 if_name(ifp), error)); 1086 goto cleanup; 1087 } 1088 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1089 #undef MLTMASK_LEN 1090 } 1091 1092 /* 1093 * Perform DAD, if needed. 1094 * XXX It may be of use, if we can administratively 1095 * disable DAD. 1096 */ 1097 if (hostIsNew && in6if_do_dad(ifp) && 1098 ((ifra->ifra_flags & IN6_IFF_NODAD) == 0) && 1099 (ia->ia6_flags & IN6_IFF_TENTATIVE)) 1100 { 1101 int mindelay, maxdelay; 1102 1103 delay = 0; 1104 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1105 /* 1106 * We need to impose a delay before sending an NS 1107 * for DAD. Check if we also needed a delay for the 1108 * corresponding MLD message. If we did, the delay 1109 * should be larger than the MLD delay (this could be 1110 * relaxed a bit, but this simple logic is at least 1111 * safe). 1112 * XXX: Break data hiding guidelines and look at 1113 * state for the solicited multicast group. 1114 */ 1115 mindelay = 0; 1116 if (in6m_sol != NULL && 1117 in6m_sol->in6m_state == MLD_REPORTING_MEMBER) { 1118 mindelay = in6m_sol->in6m_timer; 1119 } 1120 maxdelay = MAX_RTR_SOLICITATION_DELAY * hz; 1121 if (maxdelay - mindelay == 0) 1122 delay = 0; 1123 else { 1124 delay = 1125 (arc4random() % (maxdelay - mindelay)) + 1126 mindelay; 1127 } 1128 } 1129 nd6_dad_start((struct ifaddr *)ia, delay); 1130 } 1131 1132 return (error); 1133 1134 unlink: 1135 /* 1136 * XXX: if a change of an existing address failed, keep the entry 1137 * anyway. 1138 */ 1139 if (hostIsNew) 1140 in6_unlink_ifa(ia, ifp); 1141 return (error); 1142 1143 cleanup: 1144 in6_purgeaddr(&ia->ia_ifa); 1145 return error; 1146 } 1147 1148 void 1149 in6_purgeaddr(struct ifaddr *ifa) 1150 { 1151 struct ifnet *ifp = ifa->ifa_ifp; 1152 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa; 1153 struct in6_multi_mship *imm; 1154 struct sockaddr_in6 mltaddr, mltmask; 1155 struct rtentry rt0; 1156 struct sockaddr_dl gateway; 1157 struct sockaddr_in6 mask, addr; 1158 int plen, error; 1159 struct rtentry *rt; 1160 struct ifaddr *ifa0, *nifa; 1161 1162 /* 1163 * find another IPv6 address as the gateway for the 1164 * link-local and node-local all-nodes multicast 1165 * address routes 1166 */ 1167 TAILQ_FOREACH_SAFE(ifa0, &ifp->if_addrhead, ifa_link, nifa) { 1168 if ((ifa0->ifa_addr->sa_family != AF_INET6) || 1169 memcmp(&satosin6(ifa0->ifa_addr)->sin6_addr, 1170 &ia->ia_addr.sin6_addr, 1171 sizeof(struct in6_addr)) == 0) 1172 continue; 1173 else 1174 break; 1175 } 1176 1177 /* stop DAD processing */ 1178 nd6_dad_stop(ifa); 1179 1180 IF_AFDATA_LOCK(ifp); 1181 lla_lookup(LLTABLE6(ifp), (LLE_DELETE | LLE_IFADDR), 1182 (struct sockaddr *)&ia->ia_addr); 1183 IF_AFDATA_UNLOCK(ifp); 1184 1185 /* 1186 * initialize for rtmsg generation 1187 */ 1188 bzero(&gateway, sizeof(gateway)); 1189 gateway.sdl_len = sizeof(gateway); 1190 gateway.sdl_family = AF_LINK; 1191 gateway.sdl_nlen = 0; 1192 gateway.sdl_alen = ifp->if_addrlen; 1193 /* */ 1194 bzero(&rt0, sizeof(rt0)); 1195 rt0.rt_gateway = (struct sockaddr *)&gateway; 1196 memcpy(&mask, &ia->ia_prefixmask, sizeof(ia->ia_prefixmask)); 1197 memcpy(&addr, &ia->ia_addr, sizeof(ia->ia_addr)); 1198 rt_mask(&rt0) = (struct sockaddr *)&mask; 1199 rt_key(&rt0) = (struct sockaddr *)&addr; 1200 rt0.rt_flags = RTF_HOST | RTF_STATIC; 1201 rt_newaddrmsg(RTM_DELETE, ifa, 0, &rt0); 1202 1203 /* 1204 * leave from multicast groups we have joined for the interface 1205 */ 1206 while ((imm = ia->ia6_memberships.lh_first) != NULL) { 1207 LIST_REMOVE(imm, i6mm_chain); 1208 in6_leavegroup(imm); 1209 } 1210 1211 /* 1212 * remove the link-local all-nodes address 1213 */ 1214 bzero(&mltmask, sizeof(mltmask)); 1215 mltmask.sin6_len = sizeof(struct sockaddr_in6); 1216 mltmask.sin6_family = AF_INET6; 1217 mltmask.sin6_addr = in6mask32; 1218 1219 bzero(&mltaddr, sizeof(mltaddr)); 1220 mltaddr.sin6_len = sizeof(struct sockaddr_in6); 1221 mltaddr.sin6_family = AF_INET6; 1222 mltaddr.sin6_addr = in6addr_linklocal_allnodes; 1223 1224 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 1225 0) 1226 goto cleanup; 1227 1228 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 1229 if (rt != NULL && rt->rt_gateway != NULL && 1230 (memcmp(&satosin6(rt->rt_gateway)->sin6_addr, 1231 &ia->ia_addr.sin6_addr, 1232 sizeof(ia->ia_addr.sin6_addr)) == 0)) { 1233 /* 1234 * if no more IPv6 address exists on this interface 1235 * then remove the multicast address route 1236 */ 1237 if (ifa0 == NULL) { 1238 memcpy(&mltaddr.sin6_addr, &satosin6(rt_key(rt))->sin6_addr, 1239 sizeof(mltaddr.sin6_addr)); 1240 RTFREE_LOCKED(rt); 1241 error = rtrequest(RTM_DELETE, (struct sockaddr *)&mltaddr, 1242 (struct sockaddr *)&ia->ia_addr, 1243 (struct sockaddr *)&mltmask, RTF_UP, 1244 (struct rtentry **)0); 1245 if (error) 1246 log(LOG_INFO, "in6_purgeaddr: link-local all-nodes" 1247 "multicast address deletion error\n"); 1248 } else { 1249 /* 1250 * replace the gateway of the route 1251 */ 1252 struct sockaddr_in6 sa; 1253 1254 bzero(&sa, sizeof(sa)); 1255 sa.sin6_len = sizeof(struct sockaddr_in6); 1256 sa.sin6_family = AF_INET6; 1257 memcpy(&sa.sin6_addr, &satosin6(ifa0->ifa_addr)->sin6_addr, 1258 sizeof(sa.sin6_addr)); 1259 in6_setscope(&sa.sin6_addr, ifa0->ifa_ifp, NULL); 1260 memcpy(rt->rt_gateway, &sa, sizeof(sa)); 1261 RTFREE_LOCKED(rt); 1262 } 1263 } else { 1264 if (rt != NULL) 1265 RTFREE_LOCKED(rt); 1266 } 1267 1268 /* 1269 * remove the node-local all-nodes address 1270 */ 1271 mltaddr.sin6_addr = in6addr_nodelocal_allnodes; 1272 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 1273 0) 1274 goto cleanup; 1275 1276 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 1277 if (rt != NULL && rt->rt_gateway != NULL && 1278 (memcmp(&satosin6(rt->rt_gateway)->sin6_addr, 1279 &ia->ia_addr.sin6_addr, 1280 sizeof(ia->ia_addr.sin6_addr)) == 0)) { 1281 /* 1282 * if no more IPv6 address exists on this interface 1283 * then remove the multicast address route 1284 */ 1285 if (ifa0 == NULL) { 1286 memcpy(&mltaddr.sin6_addr, &satosin6(rt_key(rt))->sin6_addr, 1287 sizeof(mltaddr.sin6_addr)); 1288 1289 RTFREE_LOCKED(rt); 1290 error = rtrequest(RTM_DELETE, (struct sockaddr *)&mltaddr, 1291 (struct sockaddr *)&ia->ia_addr, 1292 (struct sockaddr *)&mltmask, RTF_UP, 1293 (struct rtentry **)0); 1294 1295 if (error) 1296 log(LOG_INFO, "in6_purgeaddr: node-local all-nodes" 1297 "multicast address deletion error\n"); 1298 } else { 1299 /* 1300 * replace the gateway of the route 1301 */ 1302 struct sockaddr_in6 sa; 1303 1304 bzero(&sa, sizeof(sa)); 1305 sa.sin6_len = sizeof(struct sockaddr_in6); 1306 sa.sin6_family = AF_INET6; 1307 memcpy(&sa.sin6_addr, &satosin6(ifa0->ifa_addr)->sin6_addr, 1308 sizeof(sa.sin6_addr)); 1309 in6_setscope(&sa.sin6_addr, ifa0->ifa_ifp, NULL); 1310 memcpy(rt->rt_gateway, &sa, sizeof(sa)); 1311 RTFREE_LOCKED(rt); 1312 } 1313 } else { 1314 if (rt != NULL) 1315 RTFREE_LOCKED(rt); 1316 } 1317 1318 cleanup: 1319 1320 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ 1321 if ((ia->ia_flags & IFA_ROUTE) && plen == 128) { 1322 int error; 1323 struct sockaddr *dstaddr; 1324 1325 /* 1326 * use the interface address if configuring an 1327 * interface address with a /128 prefix len 1328 */ 1329 if (ia->ia_dstaddr.sin6_family == AF_INET6) 1330 dstaddr = (struct sockaddr *)&ia->ia_dstaddr; 1331 else 1332 dstaddr = (struct sockaddr *)&ia->ia_addr; 1333 1334 error = rtrequest(RTM_DELETE, 1335 (struct sockaddr *)dstaddr, 1336 (struct sockaddr *)&ia->ia_addr, 1337 (struct sockaddr *)&ia->ia_prefixmask, 1338 ia->ia_flags | RTF_HOST, NULL); 1339 if (error != 0) 1340 return; 1341 ia->ia_flags &= ~IFA_ROUTE; 1342 } 1343 1344 in6_unlink_ifa(ia, ifp); 1345 } 1346 1347 static void 1348 in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp) 1349 { 1350 INIT_VNET_INET6(ifp->if_vnet); 1351 struct in6_ifaddr *oia; 1352 int s = splnet(); 1353 1354 IF_ADDR_LOCK(ifp); 1355 TAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifa_link); 1356 IF_ADDR_UNLOCK(ifp); 1357 1358 oia = ia; 1359 if (oia == (ia = V_in6_ifaddr)) 1360 V_in6_ifaddr = ia->ia_next; 1361 else { 1362 while (ia->ia_next && (ia->ia_next != oia)) 1363 ia = ia->ia_next; 1364 if (ia->ia_next) 1365 ia->ia_next = oia->ia_next; 1366 else { 1367 /* search failed */ 1368 printf("Couldn't unlink in6_ifaddr from in6_ifaddr\n"); 1369 } 1370 } 1371 1372 /* 1373 * Release the reference to the base prefix. There should be a 1374 * positive reference. 1375 */ 1376 if (oia->ia6_ndpr == NULL) { 1377 nd6log((LOG_NOTICE, 1378 "in6_unlink_ifa: autoconf'ed address " 1379 "%p has no prefix\n", oia)); 1380 } else { 1381 oia->ia6_ndpr->ndpr_refcnt--; 1382 oia->ia6_ndpr = NULL; 1383 } 1384 1385 /* 1386 * Also, if the address being removed is autoconf'ed, call 1387 * pfxlist_onlink_check() since the release might affect the status of 1388 * other (detached) addresses. 1389 */ 1390 if ((oia->ia6_flags & IN6_IFF_AUTOCONF)) { 1391 pfxlist_onlink_check(); 1392 } 1393 1394 /* 1395 * release another refcnt for the link from in6_ifaddr. 1396 * Note that we should decrement the refcnt at least once for all *BSD. 1397 */ 1398 IFAFREE(&oia->ia_ifa); 1399 1400 splx(s); 1401 } 1402 1403 void 1404 in6_purgeif(struct ifnet *ifp) 1405 { 1406 struct ifaddr *ifa, *nifa; 1407 1408 TAILQ_FOREACH_SAFE(ifa, &ifp->if_addrhead, ifa_link, nifa) { 1409 if (ifa->ifa_addr->sa_family != AF_INET6) 1410 continue; 1411 in6_purgeaddr(ifa); 1412 } 1413 1414 in6_ifdetach(ifp); 1415 } 1416 1417 /* 1418 * SIOC[GAD]LIFADDR. 1419 * SIOCGLIFADDR: get first address. (?) 1420 * SIOCGLIFADDR with IFLR_PREFIX: 1421 * get first address that matches the specified prefix. 1422 * SIOCALIFADDR: add the specified address. 1423 * SIOCALIFADDR with IFLR_PREFIX: 1424 * add the specified prefix, filling hostid part from 1425 * the first link-local address. prefixlen must be <= 64. 1426 * SIOCDLIFADDR: delete the specified address. 1427 * SIOCDLIFADDR with IFLR_PREFIX: 1428 * delete the first address that matches the specified prefix. 1429 * return values: 1430 * EINVAL on invalid parameters 1431 * EADDRNOTAVAIL on prefix match failed/specified address not found 1432 * other values may be returned from in6_ioctl() 1433 * 1434 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64. 1435 * this is to accomodate address naming scheme other than RFC2374, 1436 * in the future. 1437 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374 1438 * address encoding scheme. (see figure on page 8) 1439 */ 1440 static int 1441 in6_lifaddr_ioctl(struct socket *so, u_long cmd, caddr_t data, 1442 struct ifnet *ifp, struct thread *td) 1443 { 1444 struct if_laddrreq *iflr = (struct if_laddrreq *)data; 1445 struct ifaddr *ifa; 1446 struct sockaddr *sa; 1447 1448 /* sanity checks */ 1449 if (!data || !ifp) { 1450 panic("invalid argument to in6_lifaddr_ioctl"); 1451 /* NOTREACHED */ 1452 } 1453 1454 switch (cmd) { 1455 case SIOCGLIFADDR: 1456 /* address must be specified on GET with IFLR_PREFIX */ 1457 if ((iflr->flags & IFLR_PREFIX) == 0) 1458 break; 1459 /* FALLTHROUGH */ 1460 case SIOCALIFADDR: 1461 case SIOCDLIFADDR: 1462 /* address must be specified on ADD and DELETE */ 1463 sa = (struct sockaddr *)&iflr->addr; 1464 if (sa->sa_family != AF_INET6) 1465 return EINVAL; 1466 if (sa->sa_len != sizeof(struct sockaddr_in6)) 1467 return EINVAL; 1468 /* XXX need improvement */ 1469 sa = (struct sockaddr *)&iflr->dstaddr; 1470 if (sa->sa_family && sa->sa_family != AF_INET6) 1471 return EINVAL; 1472 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6)) 1473 return EINVAL; 1474 break; 1475 default: /* shouldn't happen */ 1476 #if 0 1477 panic("invalid cmd to in6_lifaddr_ioctl"); 1478 /* NOTREACHED */ 1479 #else 1480 return EOPNOTSUPP; 1481 #endif 1482 } 1483 if (sizeof(struct in6_addr) * 8 < iflr->prefixlen) 1484 return EINVAL; 1485 1486 switch (cmd) { 1487 case SIOCALIFADDR: 1488 { 1489 struct in6_aliasreq ifra; 1490 struct in6_addr *hostid = NULL; 1491 int prefixlen; 1492 1493 if ((iflr->flags & IFLR_PREFIX) != 0) { 1494 struct sockaddr_in6 *sin6; 1495 1496 /* 1497 * hostid is to fill in the hostid part of the 1498 * address. hostid points to the first link-local 1499 * address attached to the interface. 1500 */ 1501 ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 0); 1502 if (!ifa) 1503 return EADDRNOTAVAIL; 1504 hostid = IFA_IN6(ifa); 1505 1506 /* prefixlen must be <= 64. */ 1507 if (64 < iflr->prefixlen) 1508 return EINVAL; 1509 prefixlen = iflr->prefixlen; 1510 1511 /* hostid part must be zero. */ 1512 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1513 if (sin6->sin6_addr.s6_addr32[2] != 0 || 1514 sin6->sin6_addr.s6_addr32[3] != 0) { 1515 return EINVAL; 1516 } 1517 } else 1518 prefixlen = iflr->prefixlen; 1519 1520 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */ 1521 bzero(&ifra, sizeof(ifra)); 1522 bcopy(iflr->iflr_name, ifra.ifra_name, sizeof(ifra.ifra_name)); 1523 1524 bcopy(&iflr->addr, &ifra.ifra_addr, 1525 ((struct sockaddr *)&iflr->addr)->sa_len); 1526 if (hostid) { 1527 /* fill in hostid part */ 1528 ifra.ifra_addr.sin6_addr.s6_addr32[2] = 1529 hostid->s6_addr32[2]; 1530 ifra.ifra_addr.sin6_addr.s6_addr32[3] = 1531 hostid->s6_addr32[3]; 1532 } 1533 1534 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /* XXX */ 1535 bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr, 1536 ((struct sockaddr *)&iflr->dstaddr)->sa_len); 1537 if (hostid) { 1538 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] = 1539 hostid->s6_addr32[2]; 1540 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] = 1541 hostid->s6_addr32[3]; 1542 } 1543 } 1544 1545 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6); 1546 in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen); 1547 1548 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX; 1549 return in6_control(so, SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp, td); 1550 } 1551 case SIOCGLIFADDR: 1552 case SIOCDLIFADDR: 1553 { 1554 struct in6_ifaddr *ia; 1555 struct in6_addr mask, candidate, match; 1556 struct sockaddr_in6 *sin6; 1557 int cmp; 1558 1559 bzero(&mask, sizeof(mask)); 1560 if (iflr->flags & IFLR_PREFIX) { 1561 /* lookup a prefix rather than address. */ 1562 in6_prefixlen2mask(&mask, iflr->prefixlen); 1563 1564 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1565 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1566 match.s6_addr32[0] &= mask.s6_addr32[0]; 1567 match.s6_addr32[1] &= mask.s6_addr32[1]; 1568 match.s6_addr32[2] &= mask.s6_addr32[2]; 1569 match.s6_addr32[3] &= mask.s6_addr32[3]; 1570 1571 /* if you set extra bits, that's wrong */ 1572 if (bcmp(&match, &sin6->sin6_addr, sizeof(match))) 1573 return EINVAL; 1574 1575 cmp = 1; 1576 } else { 1577 if (cmd == SIOCGLIFADDR) { 1578 /* on getting an address, take the 1st match */ 1579 cmp = 0; /* XXX */ 1580 } else { 1581 /* on deleting an address, do exact match */ 1582 in6_prefixlen2mask(&mask, 128); 1583 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1584 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1585 1586 cmp = 1; 1587 } 1588 } 1589 1590 IF_ADDR_LOCK(ifp); 1591 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1592 if (ifa->ifa_addr->sa_family != AF_INET6) 1593 continue; 1594 if (!cmp) 1595 break; 1596 1597 /* 1598 * XXX: this is adhoc, but is necessary to allow 1599 * a user to specify fe80::/64 (not /10) for a 1600 * link-local address. 1601 */ 1602 bcopy(IFA_IN6(ifa), &candidate, sizeof(candidate)); 1603 in6_clearscope(&candidate); 1604 candidate.s6_addr32[0] &= mask.s6_addr32[0]; 1605 candidate.s6_addr32[1] &= mask.s6_addr32[1]; 1606 candidate.s6_addr32[2] &= mask.s6_addr32[2]; 1607 candidate.s6_addr32[3] &= mask.s6_addr32[3]; 1608 if (IN6_ARE_ADDR_EQUAL(&candidate, &match)) 1609 break; 1610 } 1611 IF_ADDR_UNLOCK(ifp); 1612 if (!ifa) 1613 return EADDRNOTAVAIL; 1614 ia = ifa2ia6(ifa); 1615 1616 if (cmd == SIOCGLIFADDR) { 1617 int error; 1618 1619 /* fill in the if_laddrreq structure */ 1620 bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin6_len); 1621 error = sa6_recoverscope( 1622 (struct sockaddr_in6 *)&iflr->addr); 1623 if (error != 0) 1624 return (error); 1625 1626 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1627 bcopy(&ia->ia_dstaddr, &iflr->dstaddr, 1628 ia->ia_dstaddr.sin6_len); 1629 error = sa6_recoverscope( 1630 (struct sockaddr_in6 *)&iflr->dstaddr); 1631 if (error != 0) 1632 return (error); 1633 } else 1634 bzero(&iflr->dstaddr, sizeof(iflr->dstaddr)); 1635 1636 iflr->prefixlen = 1637 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 1638 1639 iflr->flags = ia->ia6_flags; /* XXX */ 1640 1641 return 0; 1642 } else { 1643 struct in6_aliasreq ifra; 1644 1645 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */ 1646 bzero(&ifra, sizeof(ifra)); 1647 bcopy(iflr->iflr_name, ifra.ifra_name, 1648 sizeof(ifra.ifra_name)); 1649 1650 bcopy(&ia->ia_addr, &ifra.ifra_addr, 1651 ia->ia_addr.sin6_len); 1652 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1653 bcopy(&ia->ia_dstaddr, &ifra.ifra_dstaddr, 1654 ia->ia_dstaddr.sin6_len); 1655 } else { 1656 bzero(&ifra.ifra_dstaddr, 1657 sizeof(ifra.ifra_dstaddr)); 1658 } 1659 bcopy(&ia->ia_prefixmask, &ifra.ifra_dstaddr, 1660 ia->ia_prefixmask.sin6_len); 1661 1662 ifra.ifra_flags = ia->ia6_flags; 1663 return in6_control(so, SIOCDIFADDR_IN6, (caddr_t)&ifra, 1664 ifp, td); 1665 } 1666 } 1667 } 1668 1669 return EOPNOTSUPP; /* just for safety */ 1670 } 1671 1672 /* 1673 * Initialize an interface's intetnet6 address 1674 * and routing table entry. 1675 */ 1676 static int 1677 in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia, 1678 struct sockaddr_in6 *sin6, int newhost) 1679 { 1680 int error = 0, plen, ifacount = 0; 1681 int s = splimp(); 1682 struct ifaddr *ifa; 1683 1684 /* 1685 * Give the interface a chance to initialize 1686 * if this is its first address, 1687 * and to validate the address if necessary. 1688 */ 1689 IF_ADDR_LOCK(ifp); 1690 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1691 if (ifa->ifa_addr->sa_family != AF_INET6) 1692 continue; 1693 ifacount++; 1694 } 1695 IF_ADDR_UNLOCK(ifp); 1696 1697 ia->ia_addr = *sin6; 1698 1699 if (ifacount <= 1 && ifp->if_ioctl) { 1700 error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia); 1701 if (error) { 1702 splx(s); 1703 return (error); 1704 } 1705 } 1706 splx(s); 1707 1708 ia->ia_ifa.ifa_metric = ifp->if_metric; 1709 1710 /* we could do in(6)_socktrim here, but just omit it at this moment. */ 1711 1712 /* 1713 * Special case: 1714 * If a new destination address is specified for a point-to-point 1715 * interface, install a route to the destination as an interface 1716 * direct route. 1717 * XXX: the logic below rejects assigning multiple addresses on a p2p 1718 * interface that share the same destination. 1719 */ 1720 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ 1721 if (!(ia->ia_flags & IFA_ROUTE) && plen == 128) { 1722 struct sockaddr *dstaddr; 1723 int rtflags = RTF_UP | RTF_HOST; 1724 1725 /* 1726 * use the interface address if configuring an 1727 * interface address with a /128 prefix len 1728 */ 1729 if (ia->ia_dstaddr.sin6_family == AF_INET6) 1730 dstaddr = (struct sockaddr *)&ia->ia_dstaddr; 1731 else 1732 dstaddr = (struct sockaddr *)&ia->ia_addr; 1733 1734 error = rtrequest(RTM_ADD, 1735 (struct sockaddr *)dstaddr, 1736 (struct sockaddr *)&ia->ia_addr, 1737 (struct sockaddr *)&ia->ia_prefixmask, 1738 ia->ia_flags | rtflags, NULL); 1739 if (error != 0) 1740 return (error); 1741 ia->ia_flags |= IFA_ROUTE; 1742 } 1743 1744 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */ 1745 if (newhost) { 1746 struct llentry *ln; 1747 struct rtentry rt; 1748 struct sockaddr_dl gateway; 1749 struct sockaddr_in6 mask, addr; 1750 1751 IF_AFDATA_LOCK(ifp); 1752 ia->ia_ifa.ifa_rtrequest = NULL; 1753 1754 /* XXX QL 1755 * we need to report rt_newaddrmsg 1756 */ 1757 ln = lla_lookup(LLTABLE6(ifp), (LLE_CREATE | LLE_IFADDR | LLE_EXCLUSIVE), 1758 (struct sockaddr *)&ia->ia_addr); 1759 IF_AFDATA_UNLOCK(ifp); 1760 if (ln != NULL) { 1761 ln->la_expire = 0; /* for IPv6 this means permanent */ 1762 ln->ln_state = ND6_LLINFO_REACHABLE; 1763 /* 1764 * initialize for rtmsg generation 1765 */ 1766 bzero(&gateway, sizeof(gateway)); 1767 gateway.sdl_len = sizeof(gateway); 1768 gateway.sdl_family = AF_LINK; 1769 gateway.sdl_nlen = 0; 1770 gateway.sdl_alen = 6; 1771 memcpy(gateway.sdl_data, &ln->ll_addr.mac_aligned, sizeof(ln->ll_addr)); 1772 /* */ 1773 LLE_WUNLOCK(ln); 1774 } 1775 1776 bzero(&rt, sizeof(rt)); 1777 rt.rt_gateway = (struct sockaddr *)&gateway; 1778 memcpy(&mask, &ia->ia_prefixmask, sizeof(ia->ia_prefixmask)); 1779 memcpy(&addr, &ia->ia_addr, sizeof(ia->ia_addr)); 1780 rt_mask(&rt) = (struct sockaddr *)&mask; 1781 rt_key(&rt) = (struct sockaddr *)&addr; 1782 rt.rt_flags = RTF_UP | RTF_HOST | RTF_STATIC; 1783 rt_newaddrmsg(RTM_ADD, &ia->ia_ifa, 0, &rt); 1784 } 1785 1786 return (error); 1787 } 1788 1789 /* 1790 * Find an IPv6 interface link-local address specific to an interface. 1791 */ 1792 struct in6_ifaddr * 1793 in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags) 1794 { 1795 struct ifaddr *ifa; 1796 1797 IF_ADDR_LOCK(ifp); 1798 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1799 if (ifa->ifa_addr->sa_family != AF_INET6) 1800 continue; 1801 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) { 1802 if ((((struct in6_ifaddr *)ifa)->ia6_flags & 1803 ignoreflags) != 0) 1804 continue; 1805 break; 1806 } 1807 } 1808 IF_ADDR_UNLOCK(ifp); 1809 1810 return ((struct in6_ifaddr *)ifa); 1811 } 1812 1813 1814 /* 1815 * find the internet address corresponding to a given interface and address. 1816 */ 1817 struct in6_ifaddr * 1818 in6ifa_ifpwithaddr(struct ifnet *ifp, struct in6_addr *addr) 1819 { 1820 struct ifaddr *ifa; 1821 1822 IF_ADDR_LOCK(ifp); 1823 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1824 if (ifa->ifa_addr->sa_family != AF_INET6) 1825 continue; 1826 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) 1827 break; 1828 } 1829 IF_ADDR_UNLOCK(ifp); 1830 1831 return ((struct in6_ifaddr *)ifa); 1832 } 1833 1834 /* 1835 * Convert IP6 address to printable (loggable) representation. Caller 1836 * has to make sure that ip6buf is at least INET6_ADDRSTRLEN long. 1837 */ 1838 static char digits[] = "0123456789abcdef"; 1839 char * 1840 ip6_sprintf(char *ip6buf, const struct in6_addr *addr) 1841 { 1842 int i; 1843 char *cp; 1844 const u_int16_t *a = (const u_int16_t *)addr; 1845 const u_int8_t *d; 1846 int dcolon = 0, zero = 0; 1847 1848 cp = ip6buf; 1849 1850 for (i = 0; i < 8; i++) { 1851 if (dcolon == 1) { 1852 if (*a == 0) { 1853 if (i == 7) 1854 *cp++ = ':'; 1855 a++; 1856 continue; 1857 } else 1858 dcolon = 2; 1859 } 1860 if (*a == 0) { 1861 if (dcolon == 0 && *(a + 1) == 0) { 1862 if (i == 0) 1863 *cp++ = ':'; 1864 *cp++ = ':'; 1865 dcolon = 1; 1866 } else { 1867 *cp++ = '0'; 1868 *cp++ = ':'; 1869 } 1870 a++; 1871 continue; 1872 } 1873 d = (const u_char *)a; 1874 /* Try to eliminate leading zeros in printout like in :0001. */ 1875 zero = 1; 1876 *cp = digits[*d >> 4]; 1877 if (*cp != '0') { 1878 zero = 0; 1879 cp++; 1880 } 1881 *cp = digits[*d++ & 0xf]; 1882 if (zero == 0 || (*cp != '0')) { 1883 zero = 0; 1884 cp++; 1885 } 1886 *cp = digits[*d >> 4]; 1887 if (zero == 0 || (*cp != '0')) { 1888 zero = 0; 1889 cp++; 1890 } 1891 *cp++ = digits[*d & 0xf]; 1892 *cp++ = ':'; 1893 a++; 1894 } 1895 *--cp = '\0'; 1896 return (ip6buf); 1897 } 1898 1899 int 1900 in6_localaddr(struct in6_addr *in6) 1901 { 1902 INIT_VNET_INET6(curvnet); 1903 struct in6_ifaddr *ia; 1904 1905 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6)) 1906 return 1; 1907 1908 for (ia = V_in6_ifaddr; ia; ia = ia->ia_next) { 1909 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr, 1910 &ia->ia_prefixmask.sin6_addr)) { 1911 return 1; 1912 } 1913 } 1914 1915 return (0); 1916 } 1917 1918 int 1919 in6_is_addr_deprecated(struct sockaddr_in6 *sa6) 1920 { 1921 INIT_VNET_INET6(curvnet); 1922 struct in6_ifaddr *ia; 1923 1924 for (ia = V_in6_ifaddr; ia; ia = ia->ia_next) { 1925 if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, 1926 &sa6->sin6_addr) && 1927 (ia->ia6_flags & IN6_IFF_DEPRECATED) != 0) 1928 return (1); /* true */ 1929 1930 /* XXX: do we still have to go thru the rest of the list? */ 1931 } 1932 1933 return (0); /* false */ 1934 } 1935 1936 /* 1937 * return length of part which dst and src are equal 1938 * hard coding... 1939 */ 1940 int 1941 in6_matchlen(struct in6_addr *src, struct in6_addr *dst) 1942 { 1943 int match = 0; 1944 u_char *s = (u_char *)src, *d = (u_char *)dst; 1945 u_char *lim = s + 16, r; 1946 1947 while (s < lim) 1948 if ((r = (*d++ ^ *s++)) != 0) { 1949 while (r < 128) { 1950 match++; 1951 r <<= 1; 1952 } 1953 break; 1954 } else 1955 match += 8; 1956 return match; 1957 } 1958 1959 /* XXX: to be scope conscious */ 1960 int 1961 in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len) 1962 { 1963 int bytelen, bitlen; 1964 1965 /* sanity check */ 1966 if (0 > len || len > 128) { 1967 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n", 1968 len); 1969 return (0); 1970 } 1971 1972 bytelen = len / 8; 1973 bitlen = len % 8; 1974 1975 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen)) 1976 return (0); 1977 if (bitlen != 0 && 1978 p1->s6_addr[bytelen] >> (8 - bitlen) != 1979 p2->s6_addr[bytelen] >> (8 - bitlen)) 1980 return (0); 1981 1982 return (1); 1983 } 1984 1985 void 1986 in6_prefixlen2mask(struct in6_addr *maskp, int len) 1987 { 1988 u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff}; 1989 int bytelen, bitlen, i; 1990 1991 /* sanity check */ 1992 if (0 > len || len > 128) { 1993 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n", 1994 len); 1995 return; 1996 } 1997 1998 bzero(maskp, sizeof(*maskp)); 1999 bytelen = len / 8; 2000 bitlen = len % 8; 2001 for (i = 0; i < bytelen; i++) 2002 maskp->s6_addr[i] = 0xff; 2003 if (bitlen) 2004 maskp->s6_addr[bytelen] = maskarray[bitlen - 1]; 2005 } 2006 2007 /* 2008 * return the best address out of the same scope. if no address was 2009 * found, return the first valid address from designated IF. 2010 */ 2011 struct in6_ifaddr * 2012 in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst) 2013 { 2014 INIT_VNET_INET6(curvnet); 2015 int dst_scope = in6_addrscope(dst), blen = -1, tlen; 2016 struct ifaddr *ifa; 2017 struct in6_ifaddr *besta = 0; 2018 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */ 2019 2020 dep[0] = dep[1] = NULL; 2021 2022 /* 2023 * We first look for addresses in the same scope. 2024 * If there is one, return it. 2025 * If two or more, return one which matches the dst longest. 2026 * If none, return one of global addresses assigned other ifs. 2027 */ 2028 IF_ADDR_LOCK(ifp); 2029 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 2030 if (ifa->ifa_addr->sa_family != AF_INET6) 2031 continue; 2032 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2033 continue; /* XXX: is there any case to allow anycast? */ 2034 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2035 continue; /* don't use this interface */ 2036 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2037 continue; 2038 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2039 if (V_ip6_use_deprecated) 2040 dep[0] = (struct in6_ifaddr *)ifa; 2041 continue; 2042 } 2043 2044 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) { 2045 /* 2046 * call in6_matchlen() as few as possible 2047 */ 2048 if (besta) { 2049 if (blen == -1) 2050 blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst); 2051 tlen = in6_matchlen(IFA_IN6(ifa), dst); 2052 if (tlen > blen) { 2053 blen = tlen; 2054 besta = (struct in6_ifaddr *)ifa; 2055 } 2056 } else 2057 besta = (struct in6_ifaddr *)ifa; 2058 } 2059 } 2060 if (besta) { 2061 IF_ADDR_UNLOCK(ifp); 2062 return (besta); 2063 } 2064 2065 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 2066 if (ifa->ifa_addr->sa_family != AF_INET6) 2067 continue; 2068 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2069 continue; /* XXX: is there any case to allow anycast? */ 2070 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2071 continue; /* don't use this interface */ 2072 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2073 continue; 2074 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2075 if (V_ip6_use_deprecated) 2076 dep[1] = (struct in6_ifaddr *)ifa; 2077 continue; 2078 } 2079 2080 IF_ADDR_UNLOCK(ifp); 2081 return (struct in6_ifaddr *)ifa; 2082 } 2083 IF_ADDR_UNLOCK(ifp); 2084 2085 /* use the last-resort values, that are, deprecated addresses */ 2086 if (dep[0]) 2087 return dep[0]; 2088 if (dep[1]) 2089 return dep[1]; 2090 2091 return NULL; 2092 } 2093 2094 /* 2095 * perform DAD when interface becomes IFF_UP. 2096 */ 2097 void 2098 in6_if_up(struct ifnet *ifp) 2099 { 2100 struct ifaddr *ifa; 2101 struct in6_ifaddr *ia; 2102 2103 IF_ADDR_LOCK(ifp); 2104 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 2105 if (ifa->ifa_addr->sa_family != AF_INET6) 2106 continue; 2107 ia = (struct in6_ifaddr *)ifa; 2108 if (ia->ia6_flags & IN6_IFF_TENTATIVE) { 2109 /* 2110 * The TENTATIVE flag was likely set by hand 2111 * beforehand, implicitly indicating the need for DAD. 2112 * We may be able to skip the random delay in this 2113 * case, but we impose delays just in case. 2114 */ 2115 nd6_dad_start(ifa, 2116 arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz)); 2117 } 2118 } 2119 IF_ADDR_UNLOCK(ifp); 2120 2121 /* 2122 * special cases, like 6to4, are handled in in6_ifattach 2123 */ 2124 in6_ifattach(ifp, NULL); 2125 } 2126 2127 int 2128 in6if_do_dad(struct ifnet *ifp) 2129 { 2130 if ((ifp->if_flags & IFF_LOOPBACK) != 0) 2131 return (0); 2132 2133 switch (ifp->if_type) { 2134 #ifdef IFT_DUMMY 2135 case IFT_DUMMY: 2136 #endif 2137 case IFT_FAITH: 2138 /* 2139 * These interfaces do not have the IFF_LOOPBACK flag, 2140 * but loop packets back. We do not have to do DAD on such 2141 * interfaces. We should even omit it, because loop-backed 2142 * NS would confuse the DAD procedure. 2143 */ 2144 return (0); 2145 default: 2146 /* 2147 * Our DAD routine requires the interface up and running. 2148 * However, some interfaces can be up before the RUNNING 2149 * status. Additionaly, users may try to assign addresses 2150 * before the interface becomes up (or running). 2151 * We simply skip DAD in such a case as a work around. 2152 * XXX: we should rather mark "tentative" on such addresses, 2153 * and do DAD after the interface becomes ready. 2154 */ 2155 if (!((ifp->if_flags & IFF_UP) && 2156 (ifp->if_drv_flags & IFF_DRV_RUNNING))) 2157 return (0); 2158 2159 return (1); 2160 } 2161 } 2162 2163 /* 2164 * Calculate max IPv6 MTU through all the interfaces and store it 2165 * to in6_maxmtu. 2166 */ 2167 void 2168 in6_setmaxmtu(void) 2169 { 2170 INIT_VNET_NET(curvnet); 2171 INIT_VNET_INET6(curvnet); 2172 unsigned long maxmtu = 0; 2173 struct ifnet *ifp; 2174 2175 IFNET_RLOCK(); 2176 for (ifp = TAILQ_FIRST(&V_ifnet); ifp; 2177 ifp = TAILQ_NEXT(ifp, if_list)) { 2178 /* this function can be called during ifnet initialization */ 2179 if (!ifp->if_afdata[AF_INET6]) 2180 continue; 2181 if ((ifp->if_flags & IFF_LOOPBACK) == 0 && 2182 IN6_LINKMTU(ifp) > maxmtu) 2183 maxmtu = IN6_LINKMTU(ifp); 2184 } 2185 IFNET_RUNLOCK(); 2186 if (maxmtu) /* update only when maxmtu is positive */ 2187 V_in6_maxmtu = maxmtu; 2188 } 2189 2190 /* 2191 * Provide the length of interface identifiers to be used for the link attached 2192 * to the given interface. The length should be defined in "IPv6 over 2193 * xxx-link" document. Note that address architecture might also define 2194 * the length for a particular set of address prefixes, regardless of the 2195 * link type. As clarified in rfc2462bis, those two definitions should be 2196 * consistent, and those really are as of August 2004. 2197 */ 2198 int 2199 in6_if2idlen(struct ifnet *ifp) 2200 { 2201 switch (ifp->if_type) { 2202 case IFT_ETHER: /* RFC2464 */ 2203 #ifdef IFT_PROPVIRTUAL 2204 case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */ 2205 #endif 2206 #ifdef IFT_L2VLAN 2207 case IFT_L2VLAN: /* ditto */ 2208 #endif 2209 #ifdef IFT_IEEE80211 2210 case IFT_IEEE80211: /* ditto */ 2211 #endif 2212 #ifdef IFT_MIP 2213 case IFT_MIP: /* ditto */ 2214 #endif 2215 return (64); 2216 case IFT_FDDI: /* RFC2467 */ 2217 return (64); 2218 case IFT_ISO88025: /* RFC2470 (IPv6 over Token Ring) */ 2219 return (64); 2220 case IFT_PPP: /* RFC2472 */ 2221 return (64); 2222 case IFT_ARCNET: /* RFC2497 */ 2223 return (64); 2224 case IFT_FRELAY: /* RFC2590 */ 2225 return (64); 2226 case IFT_IEEE1394: /* RFC3146 */ 2227 return (64); 2228 case IFT_GIF: 2229 return (64); /* draft-ietf-v6ops-mech-v2-07 */ 2230 case IFT_LOOP: 2231 return (64); /* XXX: is this really correct? */ 2232 default: 2233 /* 2234 * Unknown link type: 2235 * It might be controversial to use the today's common constant 2236 * of 64 for these cases unconditionally. For full compliance, 2237 * we should return an error in this case. On the other hand, 2238 * if we simply miss the standard for the link type or a new 2239 * standard is defined for a new link type, the IFID length 2240 * is very likely to be the common constant. As a compromise, 2241 * we always use the constant, but make an explicit notice 2242 * indicating the "unknown" case. 2243 */ 2244 printf("in6_if2idlen: unknown link type (%d)\n", ifp->if_type); 2245 return (64); 2246 } 2247 } 2248 2249 #include <sys/sysctl.h> 2250 2251 struct in6_llentry { 2252 struct llentry base; 2253 struct sockaddr_in6 l3_addr6; 2254 }; 2255 2256 static struct llentry * 2257 in6_lltable_new(const struct sockaddr *l3addr, u_int flags) 2258 { 2259 struct in6_llentry *lle; 2260 2261 lle = malloc(sizeof(struct in6_llentry), M_LLTABLE, 2262 M_DONTWAIT | M_ZERO); 2263 if (lle == NULL) /* NB: caller generates msg */ 2264 return NULL; 2265 2266 callout_init(&lle->base.ln_timer_ch, CALLOUT_MPSAFE); 2267 lle->l3_addr6 = *(const struct sockaddr_in6 *)l3addr; 2268 lle->base.lle_refcnt = 1; 2269 LLE_LOCK_INIT(&lle->base); 2270 return &lle->base; 2271 } 2272 2273 /* 2274 * Deletes an address from the address table. 2275 * This function is called by the timer functions 2276 * such as arptimer() and nd6_llinfo_timer(), and 2277 * the caller does the locking. 2278 */ 2279 static void 2280 in6_lltable_free(struct lltable *llt, struct llentry *lle) 2281 { 2282 LLE_WUNLOCK(lle); 2283 LLE_LOCK_DESTROY(lle); 2284 free(lle, M_LLTABLE); 2285 } 2286 2287 static void 2288 in6_lltable_prefix_free(struct lltable *llt, 2289 const struct sockaddr *prefix, 2290 const struct sockaddr *mask) 2291 { 2292 const struct sockaddr_in6 *pfx = (const struct sockaddr_in6 *)prefix; 2293 const struct sockaddr_in6 *msk = (const struct sockaddr_in6 *)mask; 2294 struct llentry *lle, *next; 2295 register int i; 2296 2297 for (i=0; i < LLTBL_HASHTBL_SIZE; i++) { 2298 LIST_FOREACH_SAFE(lle, &llt->lle_head[i], lle_next, next) { 2299 if (IN6_ARE_MASKED_ADDR_EQUAL( 2300 &((struct sockaddr_in6 *)L3_ADDR(lle))->sin6_addr, 2301 &pfx->sin6_addr, 2302 &msk->sin6_addr)) { 2303 callout_drain(&lle->la_timer); 2304 LLE_WLOCK(lle); 2305 llentry_free(lle); 2306 } 2307 } 2308 } 2309 } 2310 2311 static int 2312 in6_lltable_rtcheck(struct ifnet *ifp, const struct sockaddr *l3addr) 2313 { 2314 struct rtentry *rt; 2315 char ip6buf[INET6_ADDRSTRLEN]; 2316 2317 KASSERT(l3addr->sa_family == AF_INET6, 2318 ("sin_family %d", l3addr->sa_family)); 2319 2320 /* XXX rtalloc1 should take a const param */ 2321 rt = rtalloc1(__DECONST(struct sockaddr *, l3addr), 0, 0); 2322 if (rt == NULL || (rt->rt_flags & RTF_GATEWAY) || rt->rt_ifp != ifp) { 2323 struct ifaddr *ifa; 2324 /* 2325 * Create an ND6 cache for an IPv6 neighbor 2326 * that is not covered by our own prefix. 2327 */ 2328 /* XXX ifaof_ifpforaddr should take a const param */ 2329 ifa = ifaof_ifpforaddr(__DECONST(struct sockaddr *, l3addr), ifp); 2330 if (ifa != NULL) { 2331 if (rt != NULL) 2332 RTFREE_LOCKED(rt); 2333 return 0; 2334 } 2335 log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n", 2336 ip6_sprintf(ip6buf, &((const struct sockaddr_in6 *)l3addr)->sin6_addr)); 2337 if (rt != NULL) 2338 RTFREE_LOCKED(rt); 2339 return EINVAL; 2340 } 2341 RTFREE_LOCKED(rt); 2342 return 0; 2343 } 2344 2345 static struct llentry * 2346 in6_lltable_lookup(struct lltable *llt, u_int flags, 2347 const struct sockaddr *l3addr) 2348 { 2349 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr; 2350 struct ifnet *ifp = llt->llt_ifp; 2351 struct llentry *lle; 2352 struct llentries *lleh; 2353 u_int hashkey; 2354 2355 IF_AFDATA_LOCK_ASSERT(ifp); 2356 KASSERT(l3addr->sa_family == AF_INET6, 2357 ("sin_family %d", l3addr->sa_family)); 2358 2359 hashkey = sin6->sin6_addr.s6_addr32[3]; 2360 lleh = &llt->lle_head[LLATBL_HASH(hashkey, LLTBL_HASHMASK)]; 2361 LIST_FOREACH(lle, lleh, lle_next) { 2362 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)L3_ADDR(lle); 2363 if (lle->la_flags & LLE_DELETED) 2364 continue; 2365 if (bcmp(&sa6->sin6_addr, &sin6->sin6_addr, 2366 sizeof(struct in6_addr)) == 0) 2367 break; 2368 } 2369 2370 if (lle == NULL) { 2371 if (!(flags & LLE_CREATE)) 2372 return (NULL); 2373 /* 2374 * A route that covers the given address must have 2375 * been installed 1st because we are doing a resolution, 2376 * verify this. 2377 */ 2378 if (!(flags & LLE_IFADDR) && 2379 in6_lltable_rtcheck(ifp, l3addr) != 0) 2380 return NULL; 2381 2382 lle = in6_lltable_new(l3addr, flags); 2383 if (lle == NULL) { 2384 log(LOG_INFO, "lla_lookup: new lle malloc failed\n"); 2385 return NULL; 2386 } 2387 lle->la_flags = flags & ~LLE_CREATE; 2388 if ((flags & (LLE_CREATE | LLE_IFADDR)) == (LLE_CREATE | LLE_IFADDR)) { 2389 bcopy(IF_LLADDR(ifp), &lle->ll_addr, ifp->if_addrlen); 2390 lle->la_flags |= (LLE_VALID | LLE_STATIC); 2391 } 2392 2393 lle->lle_tbl = llt; 2394 lle->lle_head = lleh; 2395 LIST_INSERT_HEAD(lleh, lle, lle_next); 2396 } else if (flags & LLE_DELETE) { 2397 if (!(lle->la_flags & LLE_IFADDR) || (flags & LLE_IFADDR)) { 2398 LLE_WLOCK(lle); 2399 lle->la_flags = LLE_DELETED; 2400 LLE_WUNLOCK(lle); 2401 #ifdef DIAGNOSTICS 2402 log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle); 2403 #endif 2404 } 2405 lle = (void *)-1; 2406 } 2407 if (LLE_IS_VALID(lle)) { 2408 if (flags & LLE_EXCLUSIVE) 2409 LLE_WLOCK(lle); 2410 else 2411 LLE_RLOCK(lle); 2412 } 2413 return (lle); 2414 } 2415 2416 static int 2417 in6_lltable_dump(struct lltable *llt, struct sysctl_req *wr) 2418 { 2419 struct ifnet *ifp = llt->llt_ifp; 2420 struct llentry *lle; 2421 /* XXX stack use */ 2422 struct { 2423 struct rt_msghdr rtm; 2424 struct sockaddr_in6 sin6; 2425 /* 2426 * ndp.c assumes that sdl is word aligned 2427 */ 2428 #ifdef __LP64__ 2429 uint32_t pad; 2430 #endif 2431 struct sockaddr_dl sdl; 2432 } ndpc; 2433 int i, error; 2434 2435 /* XXXXX 2436 * current IFNET_RLOCK() is mapped to IFNET_WLOCK() 2437 * so it is okay to use this ASSERT, change it when 2438 * IFNET lock is finalized 2439 */ 2440 IFNET_WLOCK_ASSERT(); 2441 2442 error = 0; 2443 for (i = 0; i < LLTBL_HASHTBL_SIZE; i++) { 2444 LIST_FOREACH(lle, &llt->lle_head[i], lle_next) { 2445 struct sockaddr_dl *sdl; 2446 2447 /* skip deleted or invalid entries */ 2448 if ((lle->la_flags & (LLE_DELETED|LLE_VALID)) != LLE_VALID) 2449 continue; 2450 /* Skip if jailed and not a valid IP of the prison. */ 2451 if (prison_if(wr->td->td_ucred, L3_ADDR(lle)) != 0) 2452 continue; 2453 /* 2454 * produce a msg made of: 2455 * struct rt_msghdr; 2456 * struct sockaddr_in6 (IPv6) 2457 * struct sockaddr_dl; 2458 */ 2459 bzero(&ndpc, sizeof(ndpc)); 2460 ndpc.rtm.rtm_msglen = sizeof(ndpc); 2461 ndpc.rtm.rtm_version = RTM_VERSION; 2462 ndpc.rtm.rtm_type = RTM_GET; 2463 ndpc.rtm.rtm_flags = RTF_UP; 2464 ndpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY; 2465 ndpc.sin6.sin6_family = AF_INET6; 2466 ndpc.sin6.sin6_len = sizeof(ndpc.sin6); 2467 bcopy(L3_ADDR(lle), &ndpc.sin6, L3_ADDR_LEN(lle)); 2468 2469 /* publish */ 2470 if (lle->la_flags & LLE_PUB) 2471 ndpc.rtm.rtm_flags |= RTF_ANNOUNCE; 2472 2473 sdl = &ndpc.sdl; 2474 sdl->sdl_family = AF_LINK; 2475 sdl->sdl_len = sizeof(*sdl); 2476 sdl->sdl_alen = ifp->if_addrlen; 2477 sdl->sdl_index = ifp->if_index; 2478 sdl->sdl_type = ifp->if_type; 2479 bcopy(&lle->ll_addr, LLADDR(sdl), ifp->if_addrlen); 2480 ndpc.rtm.rtm_rmx.rmx_expire = 2481 lle->la_flags & LLE_STATIC ? 0 : lle->la_expire; 2482 ndpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA); 2483 if (lle->la_flags & LLE_STATIC) 2484 ndpc.rtm.rtm_flags |= RTF_STATIC; 2485 ndpc.rtm.rtm_index = ifp->if_index; 2486 error = SYSCTL_OUT(wr, &ndpc, sizeof(ndpc)); 2487 if (error) 2488 break; 2489 } 2490 } 2491 return error; 2492 } 2493 2494 void * 2495 in6_domifattach(struct ifnet *ifp) 2496 { 2497 struct in6_ifextra *ext; 2498 2499 ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK); 2500 bzero(ext, sizeof(*ext)); 2501 2502 ext->in6_ifstat = (struct in6_ifstat *)malloc(sizeof(struct in6_ifstat), 2503 M_IFADDR, M_WAITOK); 2504 bzero(ext->in6_ifstat, sizeof(*ext->in6_ifstat)); 2505 2506 ext->icmp6_ifstat = 2507 (struct icmp6_ifstat *)malloc(sizeof(struct icmp6_ifstat), 2508 M_IFADDR, M_WAITOK); 2509 bzero(ext->icmp6_ifstat, sizeof(*ext->icmp6_ifstat)); 2510 2511 ext->nd_ifinfo = nd6_ifattach(ifp); 2512 ext->scope6_id = scope6_ifattach(ifp); 2513 ext->lltable = lltable_init(ifp, AF_INET6); 2514 if (ext->lltable != NULL) { 2515 ext->lltable->llt_new = in6_lltable_new; 2516 ext->lltable->llt_free = in6_lltable_free; 2517 ext->lltable->llt_prefix_free = in6_lltable_prefix_free; 2518 ext->lltable->llt_rtcheck = in6_lltable_rtcheck; 2519 ext->lltable->llt_lookup = in6_lltable_lookup; 2520 ext->lltable->llt_dump = in6_lltable_dump; 2521 } 2522 2523 ext->mld_ifinfo = mld_domifattach(ifp); 2524 2525 return ext; 2526 } 2527 2528 void 2529 in6_domifdetach(struct ifnet *ifp, void *aux) 2530 { 2531 struct in6_ifextra *ext = (struct in6_ifextra *)aux; 2532 2533 mld_domifdetach(ifp); 2534 scope6_ifdetach(ext->scope6_id); 2535 nd6_ifdetach(ext->nd_ifinfo); 2536 lltable_free(ext->lltable); 2537 free(ext->in6_ifstat, M_IFADDR); 2538 free(ext->icmp6_ifstat, M_IFADDR); 2539 free(ext, M_IFADDR); 2540 } 2541 2542 /* 2543 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be 2544 * v4 mapped addr or v4 compat addr 2545 */ 2546 void 2547 in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2548 { 2549 2550 bzero(sin, sizeof(*sin)); 2551 sin->sin_len = sizeof(struct sockaddr_in); 2552 sin->sin_family = AF_INET; 2553 sin->sin_port = sin6->sin6_port; 2554 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3]; 2555 } 2556 2557 /* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */ 2558 void 2559 in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2560 { 2561 bzero(sin6, sizeof(*sin6)); 2562 sin6->sin6_len = sizeof(struct sockaddr_in6); 2563 sin6->sin6_family = AF_INET6; 2564 sin6->sin6_port = sin->sin_port; 2565 sin6->sin6_addr.s6_addr32[0] = 0; 2566 sin6->sin6_addr.s6_addr32[1] = 0; 2567 sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP; 2568 sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr; 2569 } 2570 2571 /* Convert sockaddr_in6 into sockaddr_in. */ 2572 void 2573 in6_sin6_2_sin_in_sock(struct sockaddr *nam) 2574 { 2575 struct sockaddr_in *sin_p; 2576 struct sockaddr_in6 sin6; 2577 2578 /* 2579 * Save original sockaddr_in6 addr and convert it 2580 * to sockaddr_in. 2581 */ 2582 sin6 = *(struct sockaddr_in6 *)nam; 2583 sin_p = (struct sockaddr_in *)nam; 2584 in6_sin6_2_sin(sin_p, &sin6); 2585 } 2586 2587 /* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */ 2588 void 2589 in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam) 2590 { 2591 struct sockaddr_in *sin_p; 2592 struct sockaddr_in6 *sin6_p; 2593 2594 sin6_p = malloc(sizeof *sin6_p, M_SONAME, 2595 M_WAITOK); 2596 sin_p = (struct sockaddr_in *)*nam; 2597 in6_sin_2_v4mapsin6(sin_p, sin6_p); 2598 free(*nam, M_SONAME); 2599 *nam = (struct sockaddr *)sin6_p; 2600 } 2601