1 /*- 2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the project nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * $KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $ 30 */ 31 32 /*- 33 * Copyright (c) 1982, 1986, 1991, 1993 34 * The Regents of the University of California. All rights reserved. 35 * 36 * Redistribution and use in source and binary forms, with or without 37 * modification, are permitted provided that the following conditions 38 * are met: 39 * 1. Redistributions of source code must retain the above copyright 40 * notice, this list of conditions and the following disclaimer. 41 * 2. Redistributions in binary form must reproduce the above copyright 42 * notice, this list of conditions and the following disclaimer in the 43 * documentation and/or other materials provided with the distribution. 44 * 4. Neither the name of the University nor the names of its contributors 45 * may be used to endorse or promote products derived from this software 46 * without specific prior written permission. 47 * 48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 58 * SUCH DAMAGE. 59 * 60 * @(#)in.c 8.2 (Berkeley) 11/15/93 61 */ 62 63 #include <sys/cdefs.h> 64 __FBSDID("$FreeBSD$"); 65 66 #include "opt_inet.h" 67 #include "opt_inet6.h" 68 #include "opt_route.h" 69 70 #include <sys/param.h> 71 #include <sys/errno.h> 72 #include <sys/jail.h> 73 #include <sys/malloc.h> 74 #include <sys/socket.h> 75 #include <sys/socketvar.h> 76 #include <sys/sockio.h> 77 #include <sys/systm.h> 78 #include <sys/priv.h> 79 #include <sys/proc.h> 80 #include <sys/time.h> 81 #include <sys/kernel.h> 82 #include <sys/syslog.h> 83 #include <sys/vimage.h> 84 85 #include <net/if.h> 86 #include <net/if_types.h> 87 #include <net/route.h> 88 #include <net/if_dl.h> 89 #include <net/vnet.h> 90 91 #include <netinet/in.h> 92 #include <netinet/in_var.h> 93 #include <net/if_llatbl.h> 94 #include <netinet/if_ether.h> 95 #include <netinet/in_systm.h> 96 #include <netinet/ip.h> 97 #include <netinet/in_pcb.h> 98 99 #include <netinet/ip6.h> 100 #include <netinet6/ip6_var.h> 101 #include <netinet6/nd6.h> 102 #include <netinet6/mld6_var.h> 103 #include <netinet6/ip6_mroute.h> 104 #include <netinet6/in6_ifattach.h> 105 #include <netinet6/scope6_var.h> 106 #include <netinet6/in6_pcb.h> 107 #include <netinet6/vinet6.h> 108 109 /* 110 * Definitions of some costant IP6 addresses. 111 */ 112 const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT; 113 const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT; 114 const struct in6_addr in6addr_nodelocal_allnodes = 115 IN6ADDR_NODELOCAL_ALLNODES_INIT; 116 const struct in6_addr in6addr_linklocal_allnodes = 117 IN6ADDR_LINKLOCAL_ALLNODES_INIT; 118 const struct in6_addr in6addr_linklocal_allrouters = 119 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT; 120 const struct in6_addr in6addr_linklocal_allv2routers = 121 IN6ADDR_LINKLOCAL_ALLV2ROUTERS_INIT; 122 123 const struct in6_addr in6mask0 = IN6MASK0; 124 const struct in6_addr in6mask32 = IN6MASK32; 125 const struct in6_addr in6mask64 = IN6MASK64; 126 const struct in6_addr in6mask96 = IN6MASK96; 127 const struct in6_addr in6mask128 = IN6MASK128; 128 129 const struct sockaddr_in6 sa6_any = 130 { sizeof(sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0 }; 131 132 static int in6_lifaddr_ioctl __P((struct socket *, u_long, caddr_t, 133 struct ifnet *, struct thread *)); 134 static int in6_ifinit __P((struct ifnet *, struct in6_ifaddr *, 135 struct sockaddr_in6 *, int)); 136 static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *); 137 138 int (*faithprefix_p)(struct in6_addr *); 139 140 141 142 int 143 in6_mask2len(struct in6_addr *mask, u_char *lim0) 144 { 145 int x = 0, y; 146 u_char *lim = lim0, *p; 147 148 /* ignore the scope_id part */ 149 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask)) 150 lim = (u_char *)mask + sizeof(*mask); 151 for (p = (u_char *)mask; p < lim; x++, p++) { 152 if (*p != 0xff) 153 break; 154 } 155 y = 0; 156 if (p < lim) { 157 for (y = 0; y < 8; y++) { 158 if ((*p & (0x80 >> y)) == 0) 159 break; 160 } 161 } 162 163 /* 164 * when the limit pointer is given, do a stricter check on the 165 * remaining bits. 166 */ 167 if (p < lim) { 168 if (y != 0 && (*p & (0x00ff >> y)) != 0) 169 return (-1); 170 for (p = p + 1; p < lim; p++) 171 if (*p != 0) 172 return (-1); 173 } 174 175 return x * 8 + y; 176 } 177 178 #define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa)) 179 #define ia62ifa(ia6) (&((ia6)->ia_ifa)) 180 181 int 182 in6_control(struct socket *so, u_long cmd, caddr_t data, 183 struct ifnet *ifp, struct thread *td) 184 { 185 INIT_VNET_INET6(curvnet); 186 struct in6_ifreq *ifr = (struct in6_ifreq *)data; 187 struct in6_ifaddr *ia = NULL; 188 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data; 189 struct sockaddr_in6 *sa6; 190 int error; 191 192 switch (cmd) { 193 case SIOCGETSGCNT_IN6: 194 case SIOCGETMIFCNT_IN6: 195 return (mrt6_ioctl ? mrt6_ioctl(cmd, data) : EOPNOTSUPP); 196 } 197 198 switch(cmd) { 199 case SIOCAADDRCTL_POLICY: 200 case SIOCDADDRCTL_POLICY: 201 if (td != NULL) { 202 error = priv_check(td, PRIV_NETINET_ADDRCTRL6); 203 if (error) 204 return (error); 205 } 206 return (in6_src_ioctl(cmd, data)); 207 } 208 209 if (ifp == NULL) 210 return (EOPNOTSUPP); 211 212 switch (cmd) { 213 case SIOCSNDFLUSH_IN6: 214 case SIOCSPFXFLUSH_IN6: 215 case SIOCSRTRFLUSH_IN6: 216 case SIOCSDEFIFACE_IN6: 217 case SIOCSIFINFO_FLAGS: 218 if (td != NULL) { 219 error = priv_check(td, PRIV_NETINET_ND6); 220 if (error) 221 return (error); 222 } 223 /* FALLTHROUGH */ 224 case OSIOCGIFINFO_IN6: 225 case SIOCGIFINFO_IN6: 226 case SIOCSIFINFO_IN6: 227 case SIOCGDRLST_IN6: 228 case SIOCGPRLST_IN6: 229 case SIOCGNBRINFO_IN6: 230 case SIOCGDEFIFACE_IN6: 231 return (nd6_ioctl(cmd, data, ifp)); 232 } 233 234 switch (cmd) { 235 case SIOCSIFPREFIX_IN6: 236 case SIOCDIFPREFIX_IN6: 237 case SIOCAIFPREFIX_IN6: 238 case SIOCCIFPREFIX_IN6: 239 case SIOCSGIFPREFIX_IN6: 240 case SIOCGIFPREFIX_IN6: 241 log(LOG_NOTICE, 242 "prefix ioctls are now invalidated. " 243 "please use ifconfig.\n"); 244 return (EOPNOTSUPP); 245 } 246 247 switch (cmd) { 248 case SIOCSSCOPE6: 249 if (td != NULL) { 250 error = priv_check(td, PRIV_NETINET_SCOPE6); 251 if (error) 252 return (error); 253 } 254 return (scope6_set(ifp, 255 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id)); 256 case SIOCGSCOPE6: 257 return (scope6_get(ifp, 258 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id)); 259 case SIOCGSCOPE6DEF: 260 return (scope6_get_default((struct scope6_id *) 261 ifr->ifr_ifru.ifru_scope_id)); 262 } 263 264 switch (cmd) { 265 case SIOCALIFADDR: 266 if (td != NULL) { 267 error = priv_check(td, PRIV_NET_ADDIFADDR); 268 if (error) 269 return (error); 270 } 271 return in6_lifaddr_ioctl(so, cmd, data, ifp, td); 272 273 case SIOCDLIFADDR: 274 if (td != NULL) { 275 error = priv_check(td, PRIV_NET_DELIFADDR); 276 if (error) 277 return (error); 278 } 279 /* FALLTHROUGH */ 280 case SIOCGLIFADDR: 281 return in6_lifaddr_ioctl(so, cmd, data, ifp, td); 282 } 283 284 /* 285 * Find address for this interface, if it exists. 286 * 287 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation 288 * only, and used the first interface address as the target of other 289 * operations (without checking ifra_addr). This was because netinet 290 * code/API assumed at most 1 interface address per interface. 291 * Since IPv6 allows a node to assign multiple addresses 292 * on a single interface, we almost always look and check the 293 * presence of ifra_addr, and reject invalid ones here. 294 * It also decreases duplicated code among SIOC*_IN6 operations. 295 */ 296 switch (cmd) { 297 case SIOCAIFADDR_IN6: 298 case SIOCSIFPHYADDR_IN6: 299 sa6 = &ifra->ifra_addr; 300 break; 301 case SIOCSIFADDR_IN6: 302 case SIOCGIFADDR_IN6: 303 case SIOCSIFDSTADDR_IN6: 304 case SIOCSIFNETMASK_IN6: 305 case SIOCGIFDSTADDR_IN6: 306 case SIOCGIFNETMASK_IN6: 307 case SIOCDIFADDR_IN6: 308 case SIOCGIFPSRCADDR_IN6: 309 case SIOCGIFPDSTADDR_IN6: 310 case SIOCGIFAFLAG_IN6: 311 case SIOCSNDFLUSH_IN6: 312 case SIOCSPFXFLUSH_IN6: 313 case SIOCSRTRFLUSH_IN6: 314 case SIOCGIFALIFETIME_IN6: 315 case SIOCSIFALIFETIME_IN6: 316 case SIOCGIFSTAT_IN6: 317 case SIOCGIFSTAT_ICMP6: 318 sa6 = &ifr->ifr_addr; 319 break; 320 default: 321 sa6 = NULL; 322 break; 323 } 324 if (sa6 && sa6->sin6_family == AF_INET6) { 325 int error = 0; 326 327 if (sa6->sin6_scope_id != 0) 328 error = sa6_embedscope(sa6, 0); 329 else 330 error = in6_setscope(&sa6->sin6_addr, ifp, NULL); 331 if (error != 0) 332 return (error); 333 if (td != NULL && (error = prison_check_ip6(td->td_ucred, 334 &sa6->sin6_addr)) != 0) 335 return (error); 336 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr); 337 } else 338 ia = NULL; 339 340 switch (cmd) { 341 case SIOCSIFADDR_IN6: 342 case SIOCSIFDSTADDR_IN6: 343 case SIOCSIFNETMASK_IN6: 344 /* 345 * Since IPv6 allows a node to assign multiple addresses 346 * on a single interface, SIOCSIFxxx ioctls are deprecated. 347 */ 348 /* we decided to obsolete this command (20000704) */ 349 return (EINVAL); 350 351 case SIOCDIFADDR_IN6: 352 /* 353 * for IPv4, we look for existing in_ifaddr here to allow 354 * "ifconfig if0 delete" to remove the first IPv4 address on 355 * the interface. For IPv6, as the spec allows multiple 356 * interface address from the day one, we consider "remove the 357 * first one" semantics to be not preferable. 358 */ 359 if (ia == NULL) 360 return (EADDRNOTAVAIL); 361 /* FALLTHROUGH */ 362 case SIOCAIFADDR_IN6: 363 /* 364 * We always require users to specify a valid IPv6 address for 365 * the corresponding operation. 366 */ 367 if (ifra->ifra_addr.sin6_family != AF_INET6 || 368 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) 369 return (EAFNOSUPPORT); 370 371 if (td != NULL) { 372 error = priv_check(td, (cmd == SIOCDIFADDR_IN6) ? 373 PRIV_NET_DELIFADDR : PRIV_NET_ADDIFADDR); 374 if (error) 375 return (error); 376 } 377 378 break; 379 380 case SIOCGIFADDR_IN6: 381 /* This interface is basically deprecated. use SIOCGIFCONF. */ 382 /* FALLTHROUGH */ 383 case SIOCGIFAFLAG_IN6: 384 case SIOCGIFNETMASK_IN6: 385 case SIOCGIFDSTADDR_IN6: 386 case SIOCGIFALIFETIME_IN6: 387 /* must think again about its semantics */ 388 if (ia == NULL) 389 return (EADDRNOTAVAIL); 390 break; 391 case SIOCSIFALIFETIME_IN6: 392 { 393 struct in6_addrlifetime *lt; 394 395 if (td != NULL) { 396 error = priv_check(td, PRIV_NETINET_ALIFETIME6); 397 if (error) 398 return (error); 399 } 400 if (ia == NULL) 401 return (EADDRNOTAVAIL); 402 /* sanity for overflow - beware unsigned */ 403 lt = &ifr->ifr_ifru.ifru_lifetime; 404 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME && 405 lt->ia6t_vltime + time_second < time_second) { 406 return EINVAL; 407 } 408 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME && 409 lt->ia6t_pltime + time_second < time_second) { 410 return EINVAL; 411 } 412 break; 413 } 414 } 415 416 switch (cmd) { 417 418 case SIOCGIFADDR_IN6: 419 ifr->ifr_addr = ia->ia_addr; 420 if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0) 421 return (error); 422 break; 423 424 case SIOCGIFDSTADDR_IN6: 425 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) 426 return (EINVAL); 427 /* 428 * XXX: should we check if ifa_dstaddr is NULL and return 429 * an error? 430 */ 431 ifr->ifr_dstaddr = ia->ia_dstaddr; 432 if ((error = sa6_recoverscope(&ifr->ifr_dstaddr)) != 0) 433 return (error); 434 break; 435 436 case SIOCGIFNETMASK_IN6: 437 ifr->ifr_addr = ia->ia_prefixmask; 438 break; 439 440 case SIOCGIFAFLAG_IN6: 441 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags; 442 break; 443 444 case SIOCGIFSTAT_IN6: 445 if (ifp == NULL) 446 return EINVAL; 447 bzero(&ifr->ifr_ifru.ifru_stat, 448 sizeof(ifr->ifr_ifru.ifru_stat)); 449 ifr->ifr_ifru.ifru_stat = 450 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat; 451 break; 452 453 case SIOCGIFSTAT_ICMP6: 454 if (ifp == NULL) 455 return EINVAL; 456 bzero(&ifr->ifr_ifru.ifru_icmp6stat, 457 sizeof(ifr->ifr_ifru.ifru_icmp6stat)); 458 ifr->ifr_ifru.ifru_icmp6stat = 459 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat; 460 break; 461 462 case SIOCGIFALIFETIME_IN6: 463 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime; 464 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 465 time_t maxexpire; 466 struct in6_addrlifetime *retlt = 467 &ifr->ifr_ifru.ifru_lifetime; 468 469 /* 470 * XXX: adjust expiration time assuming time_t is 471 * signed. 472 */ 473 maxexpire = (-1) & 474 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1)); 475 if (ia->ia6_lifetime.ia6t_vltime < 476 maxexpire - ia->ia6_updatetime) { 477 retlt->ia6t_expire = ia->ia6_updatetime + 478 ia->ia6_lifetime.ia6t_vltime; 479 } else 480 retlt->ia6t_expire = maxexpire; 481 } 482 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 483 time_t maxexpire; 484 struct in6_addrlifetime *retlt = 485 &ifr->ifr_ifru.ifru_lifetime; 486 487 /* 488 * XXX: adjust expiration time assuming time_t is 489 * signed. 490 */ 491 maxexpire = (-1) & 492 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1)); 493 if (ia->ia6_lifetime.ia6t_pltime < 494 maxexpire - ia->ia6_updatetime) { 495 retlt->ia6t_preferred = ia->ia6_updatetime + 496 ia->ia6_lifetime.ia6t_pltime; 497 } else 498 retlt->ia6t_preferred = maxexpire; 499 } 500 break; 501 502 case SIOCSIFALIFETIME_IN6: 503 ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime; 504 /* for sanity */ 505 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 506 ia->ia6_lifetime.ia6t_expire = 507 time_second + ia->ia6_lifetime.ia6t_vltime; 508 } else 509 ia->ia6_lifetime.ia6t_expire = 0; 510 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 511 ia->ia6_lifetime.ia6t_preferred = 512 time_second + ia->ia6_lifetime.ia6t_pltime; 513 } else 514 ia->ia6_lifetime.ia6t_preferred = 0; 515 break; 516 517 case SIOCAIFADDR_IN6: 518 { 519 int i, error = 0; 520 struct nd_prefixctl pr0; 521 struct nd_prefix *pr; 522 523 /* 524 * first, make or update the interface address structure, 525 * and link it to the list. 526 */ 527 if ((error = in6_update_ifa(ifp, ifra, ia, 0)) != 0) 528 return (error); 529 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr)) 530 == NULL) { 531 /* 532 * this can happen when the user specify the 0 valid 533 * lifetime. 534 */ 535 break; 536 } 537 538 /* 539 * then, make the prefix on-link on the interface. 540 * XXX: we'd rather create the prefix before the address, but 541 * we need at least one address to install the corresponding 542 * interface route, so we configure the address first. 543 */ 544 545 /* 546 * convert mask to prefix length (prefixmask has already 547 * been validated in in6_update_ifa(). 548 */ 549 bzero(&pr0, sizeof(pr0)); 550 pr0.ndpr_ifp = ifp; 551 pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 552 NULL); 553 if (pr0.ndpr_plen == 128) { 554 break; /* we don't need to install a host route. */ 555 } 556 pr0.ndpr_prefix = ifra->ifra_addr; 557 /* apply the mask for safety. */ 558 for (i = 0; i < 4; i++) { 559 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &= 560 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i]; 561 } 562 /* 563 * XXX: since we don't have an API to set prefix (not address) 564 * lifetimes, we just use the same lifetimes as addresses. 565 * The (temporarily) installed lifetimes can be overridden by 566 * later advertised RAs (when accept_rtadv is non 0), which is 567 * an intended behavior. 568 */ 569 pr0.ndpr_raf_onlink = 1; /* should be configurable? */ 570 pr0.ndpr_raf_auto = 571 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0); 572 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime; 573 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime; 574 575 /* add the prefix if not yet. */ 576 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) { 577 /* 578 * nd6_prelist_add will install the corresponding 579 * interface route. 580 */ 581 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) 582 return (error); 583 if (pr == NULL) { 584 log(LOG_ERR, "nd6_prelist_add succeeded but " 585 "no prefix\n"); 586 return (EINVAL); /* XXX panic here? */ 587 } 588 } 589 590 /* relate the address to the prefix */ 591 if (ia->ia6_ndpr == NULL) { 592 ia->ia6_ndpr = pr; 593 pr->ndpr_refcnt++; 594 595 /* 596 * If this is the first autoconf address from the 597 * prefix, create a temporary address as well 598 * (when required). 599 */ 600 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) && 601 V_ip6_use_tempaddr && pr->ndpr_refcnt == 1) { 602 int e; 603 if ((e = in6_tmpifadd(ia, 1, 0)) != 0) { 604 log(LOG_NOTICE, "in6_control: failed " 605 "to create a temporary address, " 606 "errno=%d\n", e); 607 } 608 } 609 } 610 611 /* 612 * this might affect the status of autoconfigured addresses, 613 * that is, this address might make other addresses detached. 614 */ 615 pfxlist_onlink_check(); 616 if (error == 0 && ia) 617 EVENTHANDLER_INVOKE(ifaddr_event, ifp); 618 break; 619 } 620 621 case SIOCDIFADDR_IN6: 622 { 623 struct nd_prefix *pr; 624 625 /* 626 * If the address being deleted is the only one that owns 627 * the corresponding prefix, expire the prefix as well. 628 * XXX: theoretically, we don't have to worry about such 629 * relationship, since we separate the address management 630 * and the prefix management. We do this, however, to provide 631 * as much backward compatibility as possible in terms of 632 * the ioctl operation. 633 * Note that in6_purgeaddr() will decrement ndpr_refcnt. 634 */ 635 pr = ia->ia6_ndpr; 636 in6_purgeaddr(&ia->ia_ifa); 637 if (pr && pr->ndpr_refcnt == 0) 638 prelist_remove(pr); 639 EVENTHANDLER_INVOKE(ifaddr_event, ifp); 640 break; 641 } 642 643 default: 644 if (ifp == NULL || ifp->if_ioctl == 0) 645 return (EOPNOTSUPP); 646 return ((*ifp->if_ioctl)(ifp, cmd, data)); 647 } 648 649 return (0); 650 } 651 652 /* 653 * Update parameters of an IPv6 interface address. 654 * If necessary, a new entry is created and linked into address chains. 655 * This function is separated from in6_control(). 656 * XXX: should this be performed under splnet()? 657 */ 658 int 659 in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, 660 struct in6_ifaddr *ia, int flags) 661 { 662 INIT_VNET_INET6(ifp->if_vnet); 663 int error = 0, hostIsNew = 0, plen = -1; 664 struct in6_ifaddr *oia; 665 struct sockaddr_in6 dst6; 666 struct in6_addrlifetime *lt; 667 struct in6_multi_mship *imm; 668 struct in6_multi *in6m_sol; 669 struct rtentry *rt; 670 int delay; 671 char ip6buf[INET6_ADDRSTRLEN]; 672 673 /* Validate parameters */ 674 if (ifp == NULL || ifra == NULL) /* this maybe redundant */ 675 return (EINVAL); 676 677 /* 678 * The destination address for a p2p link must have a family 679 * of AF_UNSPEC or AF_INET6. 680 */ 681 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && 682 ifra->ifra_dstaddr.sin6_family != AF_INET6 && 683 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC) 684 return (EAFNOSUPPORT); 685 /* 686 * validate ifra_prefixmask. don't check sin6_family, netmask 687 * does not carry fields other than sin6_len. 688 */ 689 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6)) 690 return (EINVAL); 691 /* 692 * Because the IPv6 address architecture is classless, we require 693 * users to specify a (non 0) prefix length (mask) for a new address. 694 * We also require the prefix (when specified) mask is valid, and thus 695 * reject a non-consecutive mask. 696 */ 697 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0) 698 return (EINVAL); 699 if (ifra->ifra_prefixmask.sin6_len != 0) { 700 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 701 (u_char *)&ifra->ifra_prefixmask + 702 ifra->ifra_prefixmask.sin6_len); 703 if (plen <= 0) 704 return (EINVAL); 705 } else { 706 /* 707 * In this case, ia must not be NULL. We just use its prefix 708 * length. 709 */ 710 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 711 } 712 /* 713 * If the destination address on a p2p interface is specified, 714 * and the address is a scoped one, validate/set the scope 715 * zone identifier. 716 */ 717 dst6 = ifra->ifra_dstaddr; 718 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 && 719 (dst6.sin6_family == AF_INET6)) { 720 struct in6_addr in6_tmp; 721 u_int32_t zoneid; 722 723 in6_tmp = dst6.sin6_addr; 724 if (in6_setscope(&in6_tmp, ifp, &zoneid)) 725 return (EINVAL); /* XXX: should be impossible */ 726 727 if (dst6.sin6_scope_id != 0) { 728 if (dst6.sin6_scope_id != zoneid) 729 return (EINVAL); 730 } else /* user omit to specify the ID. */ 731 dst6.sin6_scope_id = zoneid; 732 733 /* convert into the internal form */ 734 if (sa6_embedscope(&dst6, 0)) 735 return (EINVAL); /* XXX: should be impossible */ 736 } 737 /* 738 * The destination address can be specified only for a p2p or a 739 * loopback interface. If specified, the corresponding prefix length 740 * must be 128. 741 */ 742 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) { 743 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) { 744 /* XXX: noisy message */ 745 nd6log((LOG_INFO, "in6_update_ifa: a destination can " 746 "be specified for a p2p or a loopback IF only\n")); 747 return (EINVAL); 748 } 749 if (plen != 128) { 750 nd6log((LOG_INFO, "in6_update_ifa: prefixlen should " 751 "be 128 when dstaddr is specified\n")); 752 return (EINVAL); 753 } 754 } 755 /* lifetime consistency check */ 756 lt = &ifra->ifra_lifetime; 757 if (lt->ia6t_pltime > lt->ia6t_vltime) 758 return (EINVAL); 759 if (lt->ia6t_vltime == 0) { 760 /* 761 * the following log might be noisy, but this is a typical 762 * configuration mistake or a tool's bug. 763 */ 764 nd6log((LOG_INFO, 765 "in6_update_ifa: valid lifetime is 0 for %s\n", 766 ip6_sprintf(ip6buf, &ifra->ifra_addr.sin6_addr))); 767 768 if (ia == NULL) 769 return (0); /* there's nothing to do */ 770 } 771 772 /* 773 * If this is a new address, allocate a new ifaddr and link it 774 * into chains. 775 */ 776 if (ia == NULL) { 777 hostIsNew = 1; 778 /* 779 * When in6_update_ifa() is called in a process of a received 780 * RA, it is called under an interrupt context. So, we should 781 * call malloc with M_NOWAIT. 782 */ 783 ia = (struct in6_ifaddr *) malloc(sizeof(*ia), M_IFADDR, 784 M_NOWAIT); 785 if (ia == NULL) 786 return (ENOBUFS); 787 bzero((caddr_t)ia, sizeof(*ia)); 788 LIST_INIT(&ia->ia6_memberships); 789 /* Initialize the address and masks, and put time stamp */ 790 IFA_LOCK_INIT(&ia->ia_ifa); 791 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr; 792 ia->ia_addr.sin6_family = AF_INET6; 793 ia->ia_addr.sin6_len = sizeof(ia->ia_addr); 794 ia->ia6_createtime = time_second; 795 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) { 796 /* 797 * XXX: some functions expect that ifa_dstaddr is not 798 * NULL for p2p interfaces. 799 */ 800 ia->ia_ifa.ifa_dstaddr = 801 (struct sockaddr *)&ia->ia_dstaddr; 802 } else { 803 ia->ia_ifa.ifa_dstaddr = NULL; 804 } 805 ia->ia_ifa.ifa_netmask = (struct sockaddr *)&ia->ia_prefixmask; 806 807 ia->ia_ifp = ifp; 808 if ((oia = V_in6_ifaddr) != NULL) { 809 for ( ; oia->ia_next; oia = oia->ia_next) 810 continue; 811 oia->ia_next = ia; 812 } else 813 V_in6_ifaddr = ia; 814 815 ia->ia_ifa.ifa_refcnt = 1; 816 IF_ADDR_LOCK(ifp); 817 TAILQ_INSERT_TAIL(&ifp->if_addrhead, &ia->ia_ifa, ifa_link); 818 IF_ADDR_UNLOCK(ifp); 819 } 820 821 /* update timestamp */ 822 ia->ia6_updatetime = time_second; 823 824 /* set prefix mask */ 825 if (ifra->ifra_prefixmask.sin6_len) { 826 /* 827 * We prohibit changing the prefix length of an existing 828 * address, because 829 * + such an operation should be rare in IPv6, and 830 * + the operation would confuse prefix management. 831 */ 832 if (ia->ia_prefixmask.sin6_len && 833 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) { 834 nd6log((LOG_INFO, "in6_update_ifa: the prefix length of an" 835 " existing (%s) address should not be changed\n", 836 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr))); 837 error = EINVAL; 838 goto unlink; 839 } 840 ia->ia_prefixmask = ifra->ifra_prefixmask; 841 } 842 843 /* 844 * If a new destination address is specified, scrub the old one and 845 * install the new destination. Note that the interface must be 846 * p2p or loopback (see the check above.) 847 */ 848 if (dst6.sin6_family == AF_INET6 && 849 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, &ia->ia_dstaddr.sin6_addr)) { 850 int e; 851 852 if ((ia->ia_flags & IFA_ROUTE) != 0 && 853 (e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) != 0) { 854 nd6log((LOG_ERR, "in6_update_ifa: failed to remove " 855 "a route to the old destination: %s\n", 856 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr))); 857 /* proceed anyway... */ 858 } else 859 ia->ia_flags &= ~IFA_ROUTE; 860 ia->ia_dstaddr = dst6; 861 } 862 863 /* 864 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred 865 * to see if the address is deprecated or invalidated, but initialize 866 * these members for applications. 867 */ 868 ia->ia6_lifetime = ifra->ifra_lifetime; 869 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 870 ia->ia6_lifetime.ia6t_expire = 871 time_second + ia->ia6_lifetime.ia6t_vltime; 872 } else 873 ia->ia6_lifetime.ia6t_expire = 0; 874 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 875 ia->ia6_lifetime.ia6t_preferred = 876 time_second + ia->ia6_lifetime.ia6t_pltime; 877 } else 878 ia->ia6_lifetime.ia6t_preferred = 0; 879 880 /* reset the interface and routing table appropriately. */ 881 if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0) 882 goto unlink; 883 884 /* 885 * configure address flags. 886 */ 887 ia->ia6_flags = ifra->ifra_flags; 888 /* 889 * backward compatibility - if IN6_IFF_DEPRECATED is set from the 890 * userland, make it deprecated. 891 */ 892 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) { 893 ia->ia6_lifetime.ia6t_pltime = 0; 894 ia->ia6_lifetime.ia6t_preferred = time_second; 895 } 896 /* 897 * Make the address tentative before joining multicast addresses, 898 * so that corresponding MLD responses would not have a tentative 899 * source address. 900 */ 901 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */ 902 if (hostIsNew && in6if_do_dad(ifp)) 903 ia->ia6_flags |= IN6_IFF_TENTATIVE; 904 905 /* 906 * We are done if we have simply modified an existing address. 907 */ 908 if (!hostIsNew) 909 return (error); 910 911 /* 912 * Beyond this point, we should call in6_purgeaddr upon an error, 913 * not just go to unlink. 914 */ 915 916 /* Join necessary multicast groups */ 917 in6m_sol = NULL; 918 if ((ifp->if_flags & IFF_MULTICAST) != 0) { 919 struct sockaddr_in6 mltaddr, mltmask; 920 struct in6_addr llsol; 921 922 /* join solicited multicast addr for new host id */ 923 bzero(&llsol, sizeof(struct in6_addr)); 924 llsol.s6_addr32[0] = IPV6_ADDR_INT32_MLL; 925 llsol.s6_addr32[1] = 0; 926 llsol.s6_addr32[2] = htonl(1); 927 llsol.s6_addr32[3] = ifra->ifra_addr.sin6_addr.s6_addr32[3]; 928 llsol.s6_addr8[12] = 0xff; 929 if ((error = in6_setscope(&llsol, ifp, NULL)) != 0) { 930 /* XXX: should not happen */ 931 log(LOG_ERR, "in6_update_ifa: " 932 "in6_setscope failed\n"); 933 goto cleanup; 934 } 935 delay = 0; 936 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 937 /* 938 * We need a random delay for DAD on the address 939 * being configured. It also means delaying 940 * transmission of the corresponding MLD report to 941 * avoid report collision. 942 * [draft-ietf-ipv6-rfc2462bis-02.txt] 943 */ 944 delay = arc4random() % 945 (MAX_RTR_SOLICITATION_DELAY * hz); 946 } 947 imm = in6_joingroup(ifp, &llsol, &error, delay); 948 if (imm == NULL) { 949 nd6log((LOG_WARNING, 950 "in6_update_ifa: addmulti failed for " 951 "%s on %s (errno=%d)\n", 952 ip6_sprintf(ip6buf, &llsol), if_name(ifp), 953 error)); 954 in6_purgeaddr((struct ifaddr *)ia); 955 return (error); 956 } 957 LIST_INSERT_HEAD(&ia->ia6_memberships, 958 imm, i6mm_chain); 959 in6m_sol = imm->i6mm_maddr; 960 961 bzero(&mltmask, sizeof(mltmask)); 962 mltmask.sin6_len = sizeof(struct sockaddr_in6); 963 mltmask.sin6_family = AF_INET6; 964 mltmask.sin6_addr = in6mask32; 965 #define MLTMASK_LEN 4 /* mltmask's masklen (=32bit=4octet) */ 966 967 /* 968 * join link-local all-nodes address 969 */ 970 bzero(&mltaddr, sizeof(mltaddr)); 971 mltaddr.sin6_len = sizeof(struct sockaddr_in6); 972 mltaddr.sin6_family = AF_INET6; 973 mltaddr.sin6_addr = in6addr_linklocal_allnodes; 974 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 975 0) 976 goto cleanup; /* XXX: should not fail */ 977 978 /* 979 * XXX: do we really need this automatic routes? 980 * We should probably reconsider this stuff. Most applications 981 * actually do not need the routes, since they usually specify 982 * the outgoing interface. 983 */ 984 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 985 if (rt) { 986 /* XXX: only works in !SCOPEDROUTING case. */ 987 if (memcmp(&mltaddr.sin6_addr, 988 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 989 MLTMASK_LEN)) { 990 RTFREE_LOCKED(rt); 991 rt = NULL; 992 } 993 } 994 if (!rt) { 995 error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr, 996 (struct sockaddr *)&ia->ia_addr, 997 (struct sockaddr *)&mltmask, RTF_UP, 998 (struct rtentry **)0); 999 if (error) 1000 goto cleanup; 1001 } else { 1002 RTFREE_LOCKED(rt); 1003 } 1004 1005 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0); 1006 if (!imm) { 1007 nd6log((LOG_WARNING, 1008 "in6_update_ifa: addmulti failed for " 1009 "%s on %s (errno=%d)\n", 1010 ip6_sprintf(ip6buf, &mltaddr.sin6_addr), 1011 if_name(ifp), error)); 1012 goto cleanup; 1013 } 1014 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1015 1016 /* 1017 * join node information group address 1018 */ 1019 delay = 0; 1020 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1021 /* 1022 * The spec doesn't say anything about delay for this 1023 * group, but the same logic should apply. 1024 */ 1025 delay = arc4random() % 1026 (MAX_RTR_SOLICITATION_DELAY * hz); 1027 } 1028 if (in6_nigroup(ifp, NULL, -1, &mltaddr.sin6_addr) == 0) { 1029 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 1030 delay); /* XXX jinmei */ 1031 if (!imm) { 1032 nd6log((LOG_WARNING, "in6_update_ifa: " 1033 "addmulti failed for %s on %s " 1034 "(errno=%d)\n", 1035 ip6_sprintf(ip6buf, &mltaddr.sin6_addr), 1036 if_name(ifp), error)); 1037 /* XXX not very fatal, go on... */ 1038 } else { 1039 LIST_INSERT_HEAD(&ia->ia6_memberships, 1040 imm, i6mm_chain); 1041 } 1042 } 1043 1044 /* 1045 * join interface-local all-nodes address. 1046 * (ff01::1%ifN, and ff01::%ifN/32) 1047 */ 1048 mltaddr.sin6_addr = in6addr_nodelocal_allnodes; 1049 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) 1050 != 0) 1051 goto cleanup; /* XXX: should not fail */ 1052 /* XXX: again, do we really need the route? */ 1053 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 1054 if (rt) { 1055 if (memcmp(&mltaddr.sin6_addr, 1056 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 1057 MLTMASK_LEN)) { 1058 RTFREE_LOCKED(rt); 1059 rt = NULL; 1060 } 1061 } 1062 if (!rt) { 1063 error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr, 1064 (struct sockaddr *)&ia->ia_addr, 1065 (struct sockaddr *)&mltmask, RTF_UP, 1066 (struct rtentry **)0); 1067 if (error) 1068 goto cleanup; 1069 } else 1070 RTFREE_LOCKED(rt); 1071 1072 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0); 1073 if (!imm) { 1074 nd6log((LOG_WARNING, "in6_update_ifa: " 1075 "addmulti failed for %s on %s " 1076 "(errno=%d)\n", 1077 ip6_sprintf(ip6buf, &mltaddr.sin6_addr), 1078 if_name(ifp), error)); 1079 goto cleanup; 1080 } 1081 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1082 #undef MLTMASK_LEN 1083 } 1084 1085 /* 1086 * Perform DAD, if needed. 1087 * XXX It may be of use, if we can administratively 1088 * disable DAD. 1089 */ 1090 if (hostIsNew && in6if_do_dad(ifp) && 1091 ((ifra->ifra_flags & IN6_IFF_NODAD) == 0) && 1092 (ia->ia6_flags & IN6_IFF_TENTATIVE)) 1093 { 1094 int mindelay, maxdelay; 1095 1096 delay = 0; 1097 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1098 /* 1099 * We need to impose a delay before sending an NS 1100 * for DAD. Check if we also needed a delay for the 1101 * corresponding MLD message. If we did, the delay 1102 * should be larger than the MLD delay (this could be 1103 * relaxed a bit, but this simple logic is at least 1104 * safe). 1105 * XXX: Break data hiding guidelines and look at 1106 * state for the solicited multicast group. 1107 */ 1108 mindelay = 0; 1109 if (in6m_sol != NULL && 1110 in6m_sol->in6m_state == MLD_REPORTING_MEMBER) { 1111 mindelay = in6m_sol->in6m_timer; 1112 } 1113 maxdelay = MAX_RTR_SOLICITATION_DELAY * hz; 1114 if (maxdelay - mindelay == 0) 1115 delay = 0; 1116 else { 1117 delay = 1118 (arc4random() % (maxdelay - mindelay)) + 1119 mindelay; 1120 } 1121 } 1122 nd6_dad_start((struct ifaddr *)ia, delay); 1123 } 1124 1125 return (error); 1126 1127 unlink: 1128 /* 1129 * XXX: if a change of an existing address failed, keep the entry 1130 * anyway. 1131 */ 1132 if (hostIsNew) 1133 in6_unlink_ifa(ia, ifp); 1134 return (error); 1135 1136 cleanup: 1137 in6_purgeaddr(&ia->ia_ifa); 1138 return error; 1139 } 1140 1141 void 1142 in6_purgeaddr(struct ifaddr *ifa) 1143 { 1144 struct ifnet *ifp = ifa->ifa_ifp; 1145 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa; 1146 struct in6_multi_mship *imm; 1147 struct sockaddr_in6 mltaddr, mltmask; 1148 struct rtentry rt0; 1149 struct sockaddr_dl gateway; 1150 struct sockaddr_in6 mask, addr; 1151 int plen, error; 1152 struct rtentry *rt; 1153 struct ifaddr *ifa0, *nifa; 1154 1155 /* 1156 * find another IPv6 address as the gateway for the 1157 * link-local and node-local all-nodes multicast 1158 * address routes 1159 */ 1160 TAILQ_FOREACH_SAFE(ifa0, &ifp->if_addrhead, ifa_link, nifa) { 1161 if ((ifa0->ifa_addr->sa_family != AF_INET6) || 1162 memcmp(&satosin6(ifa0->ifa_addr)->sin6_addr, 1163 &ia->ia_addr.sin6_addr, 1164 sizeof(struct in6_addr)) == 0) 1165 continue; 1166 else 1167 break; 1168 } 1169 1170 /* stop DAD processing */ 1171 nd6_dad_stop(ifa); 1172 1173 IF_AFDATA_LOCK(ifp); 1174 lla_lookup(LLTABLE6(ifp), (LLE_DELETE | LLE_IFADDR), 1175 (struct sockaddr *)&ia->ia_addr); 1176 IF_AFDATA_UNLOCK(ifp); 1177 1178 /* 1179 * initialize for rtmsg generation 1180 */ 1181 bzero(&gateway, sizeof(gateway)); 1182 gateway.sdl_len = sizeof(gateway); 1183 gateway.sdl_family = AF_LINK; 1184 gateway.sdl_nlen = 0; 1185 gateway.sdl_alen = ifp->if_addrlen; 1186 /* */ 1187 bzero(&rt0, sizeof(rt0)); 1188 rt0.rt_gateway = (struct sockaddr *)&gateway; 1189 memcpy(&mask, &ia->ia_prefixmask, sizeof(ia->ia_prefixmask)); 1190 memcpy(&addr, &ia->ia_addr, sizeof(ia->ia_addr)); 1191 rt_mask(&rt0) = (struct sockaddr *)&mask; 1192 rt_key(&rt0) = (struct sockaddr *)&addr; 1193 rt0.rt_flags = RTF_HOST | RTF_STATIC; 1194 rt_newaddrmsg(RTM_DELETE, ifa, 0, &rt0); 1195 1196 /* 1197 * leave from multicast groups we have joined for the interface 1198 */ 1199 while ((imm = ia->ia6_memberships.lh_first) != NULL) { 1200 LIST_REMOVE(imm, i6mm_chain); 1201 in6_leavegroup(imm); 1202 } 1203 1204 /* 1205 * remove the link-local all-nodes address 1206 */ 1207 bzero(&mltmask, sizeof(mltmask)); 1208 mltmask.sin6_len = sizeof(struct sockaddr_in6); 1209 mltmask.sin6_family = AF_INET6; 1210 mltmask.sin6_addr = in6mask32; 1211 1212 bzero(&mltaddr, sizeof(mltaddr)); 1213 mltaddr.sin6_len = sizeof(struct sockaddr_in6); 1214 mltaddr.sin6_family = AF_INET6; 1215 mltaddr.sin6_addr = in6addr_linklocal_allnodes; 1216 1217 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 1218 0) 1219 goto cleanup; 1220 1221 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 1222 if (rt != NULL && rt->rt_gateway != NULL && 1223 (memcmp(&satosin6(rt->rt_gateway)->sin6_addr, 1224 &ia->ia_addr.sin6_addr, 1225 sizeof(ia->ia_addr.sin6_addr)) == 0)) { 1226 /* 1227 * if no more IPv6 address exists on this interface 1228 * then remove the multicast address route 1229 */ 1230 if (ifa0 == NULL) { 1231 memcpy(&mltaddr.sin6_addr, &satosin6(rt_key(rt))->sin6_addr, 1232 sizeof(mltaddr.sin6_addr)); 1233 RTFREE_LOCKED(rt); 1234 error = rtrequest(RTM_DELETE, (struct sockaddr *)&mltaddr, 1235 (struct sockaddr *)&ia->ia_addr, 1236 (struct sockaddr *)&mltmask, RTF_UP, 1237 (struct rtentry **)0); 1238 if (error) 1239 log(LOG_INFO, "in6_purgeaddr: link-local all-nodes" 1240 "multicast address deletion error\n"); 1241 } else { 1242 /* 1243 * replace the gateway of the route 1244 */ 1245 struct sockaddr_in6 sa; 1246 1247 bzero(&sa, sizeof(sa)); 1248 sa.sin6_len = sizeof(struct sockaddr_in6); 1249 sa.sin6_family = AF_INET6; 1250 memcpy(&sa.sin6_addr, &satosin6(ifa0->ifa_addr)->sin6_addr, 1251 sizeof(sa.sin6_addr)); 1252 in6_setscope(&sa.sin6_addr, ifa0->ifa_ifp, NULL); 1253 memcpy(rt->rt_gateway, &sa, sizeof(sa)); 1254 RTFREE_LOCKED(rt); 1255 } 1256 } else { 1257 if (rt != NULL) 1258 RTFREE_LOCKED(rt); 1259 } 1260 1261 /* 1262 * remove the node-local all-nodes address 1263 */ 1264 mltaddr.sin6_addr = in6addr_nodelocal_allnodes; 1265 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 1266 0) 1267 goto cleanup; 1268 1269 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 1270 if (rt != NULL && rt->rt_gateway != NULL && 1271 (memcmp(&satosin6(rt->rt_gateway)->sin6_addr, 1272 &ia->ia_addr.sin6_addr, 1273 sizeof(ia->ia_addr.sin6_addr)) == 0)) { 1274 /* 1275 * if no more IPv6 address exists on this interface 1276 * then remove the multicast address route 1277 */ 1278 if (ifa0 == NULL) { 1279 memcpy(&mltaddr.sin6_addr, &satosin6(rt_key(rt))->sin6_addr, 1280 sizeof(mltaddr.sin6_addr)); 1281 1282 RTFREE_LOCKED(rt); 1283 error = rtrequest(RTM_DELETE, (struct sockaddr *)&mltaddr, 1284 (struct sockaddr *)&ia->ia_addr, 1285 (struct sockaddr *)&mltmask, RTF_UP, 1286 (struct rtentry **)0); 1287 1288 if (error) 1289 log(LOG_INFO, "in6_purgeaddr: node-local all-nodes" 1290 "multicast address deletion error\n"); 1291 } else { 1292 /* 1293 * replace the gateway of the route 1294 */ 1295 struct sockaddr_in6 sa; 1296 1297 bzero(&sa, sizeof(sa)); 1298 sa.sin6_len = sizeof(struct sockaddr_in6); 1299 sa.sin6_family = AF_INET6; 1300 memcpy(&sa.sin6_addr, &satosin6(ifa0->ifa_addr)->sin6_addr, 1301 sizeof(sa.sin6_addr)); 1302 in6_setscope(&sa.sin6_addr, ifa0->ifa_ifp, NULL); 1303 memcpy(rt->rt_gateway, &sa, sizeof(sa)); 1304 RTFREE_LOCKED(rt); 1305 } 1306 } else { 1307 if (rt != NULL) 1308 RTFREE_LOCKED(rt); 1309 } 1310 1311 cleanup: 1312 1313 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ 1314 if ((ia->ia_flags & IFA_ROUTE) && plen == 128) { 1315 int error; 1316 struct sockaddr *dstaddr; 1317 1318 /* 1319 * use the interface address if configuring an 1320 * interface address with a /128 prefix len 1321 */ 1322 if (ia->ia_dstaddr.sin6_family == AF_INET6) 1323 dstaddr = (struct sockaddr *)&ia->ia_dstaddr; 1324 else 1325 dstaddr = (struct sockaddr *)&ia->ia_addr; 1326 1327 error = rtrequest(RTM_DELETE, 1328 (struct sockaddr *)dstaddr, 1329 (struct sockaddr *)&ia->ia_addr, 1330 (struct sockaddr *)&ia->ia_prefixmask, 1331 ia->ia_flags | RTF_HOST, NULL); 1332 if (error != 0) 1333 return; 1334 ia->ia_flags &= ~IFA_ROUTE; 1335 } 1336 1337 in6_unlink_ifa(ia, ifp); 1338 } 1339 1340 static void 1341 in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp) 1342 { 1343 INIT_VNET_INET6(ifp->if_vnet); 1344 struct in6_ifaddr *oia; 1345 int s = splnet(); 1346 1347 IF_ADDR_LOCK(ifp); 1348 TAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifa_link); 1349 IF_ADDR_UNLOCK(ifp); 1350 1351 oia = ia; 1352 if (oia == (ia = V_in6_ifaddr)) 1353 V_in6_ifaddr = ia->ia_next; 1354 else { 1355 while (ia->ia_next && (ia->ia_next != oia)) 1356 ia = ia->ia_next; 1357 if (ia->ia_next) 1358 ia->ia_next = oia->ia_next; 1359 else { 1360 /* search failed */ 1361 printf("Couldn't unlink in6_ifaddr from in6_ifaddr\n"); 1362 } 1363 } 1364 1365 /* 1366 * Release the reference to the base prefix. There should be a 1367 * positive reference. 1368 */ 1369 if (oia->ia6_ndpr == NULL) { 1370 nd6log((LOG_NOTICE, 1371 "in6_unlink_ifa: autoconf'ed address " 1372 "%p has no prefix\n", oia)); 1373 } else { 1374 oia->ia6_ndpr->ndpr_refcnt--; 1375 oia->ia6_ndpr = NULL; 1376 } 1377 1378 /* 1379 * Also, if the address being removed is autoconf'ed, call 1380 * pfxlist_onlink_check() since the release might affect the status of 1381 * other (detached) addresses. 1382 */ 1383 if ((oia->ia6_flags & IN6_IFF_AUTOCONF)) { 1384 pfxlist_onlink_check(); 1385 } 1386 1387 /* 1388 * release another refcnt for the link from in6_ifaddr. 1389 * Note that we should decrement the refcnt at least once for all *BSD. 1390 */ 1391 IFAFREE(&oia->ia_ifa); 1392 1393 splx(s); 1394 } 1395 1396 void 1397 in6_purgeif(struct ifnet *ifp) 1398 { 1399 struct ifaddr *ifa, *nifa; 1400 1401 TAILQ_FOREACH_SAFE(ifa, &ifp->if_addrhead, ifa_link, nifa) { 1402 if (ifa->ifa_addr->sa_family != AF_INET6) 1403 continue; 1404 in6_purgeaddr(ifa); 1405 } 1406 1407 in6_ifdetach(ifp); 1408 } 1409 1410 /* 1411 * SIOC[GAD]LIFADDR. 1412 * SIOCGLIFADDR: get first address. (?) 1413 * SIOCGLIFADDR with IFLR_PREFIX: 1414 * get first address that matches the specified prefix. 1415 * SIOCALIFADDR: add the specified address. 1416 * SIOCALIFADDR with IFLR_PREFIX: 1417 * add the specified prefix, filling hostid part from 1418 * the first link-local address. prefixlen must be <= 64. 1419 * SIOCDLIFADDR: delete the specified address. 1420 * SIOCDLIFADDR with IFLR_PREFIX: 1421 * delete the first address that matches the specified prefix. 1422 * return values: 1423 * EINVAL on invalid parameters 1424 * EADDRNOTAVAIL on prefix match failed/specified address not found 1425 * other values may be returned from in6_ioctl() 1426 * 1427 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64. 1428 * this is to accomodate address naming scheme other than RFC2374, 1429 * in the future. 1430 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374 1431 * address encoding scheme. (see figure on page 8) 1432 */ 1433 static int 1434 in6_lifaddr_ioctl(struct socket *so, u_long cmd, caddr_t data, 1435 struct ifnet *ifp, struct thread *td) 1436 { 1437 struct if_laddrreq *iflr = (struct if_laddrreq *)data; 1438 struct ifaddr *ifa; 1439 struct sockaddr *sa; 1440 1441 /* sanity checks */ 1442 if (!data || !ifp) { 1443 panic("invalid argument to in6_lifaddr_ioctl"); 1444 /* NOTREACHED */ 1445 } 1446 1447 switch (cmd) { 1448 case SIOCGLIFADDR: 1449 /* address must be specified on GET with IFLR_PREFIX */ 1450 if ((iflr->flags & IFLR_PREFIX) == 0) 1451 break; 1452 /* FALLTHROUGH */ 1453 case SIOCALIFADDR: 1454 case SIOCDLIFADDR: 1455 /* address must be specified on ADD and DELETE */ 1456 sa = (struct sockaddr *)&iflr->addr; 1457 if (sa->sa_family != AF_INET6) 1458 return EINVAL; 1459 if (sa->sa_len != sizeof(struct sockaddr_in6)) 1460 return EINVAL; 1461 /* XXX need improvement */ 1462 sa = (struct sockaddr *)&iflr->dstaddr; 1463 if (sa->sa_family && sa->sa_family != AF_INET6) 1464 return EINVAL; 1465 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6)) 1466 return EINVAL; 1467 break; 1468 default: /* shouldn't happen */ 1469 #if 0 1470 panic("invalid cmd to in6_lifaddr_ioctl"); 1471 /* NOTREACHED */ 1472 #else 1473 return EOPNOTSUPP; 1474 #endif 1475 } 1476 if (sizeof(struct in6_addr) * 8 < iflr->prefixlen) 1477 return EINVAL; 1478 1479 switch (cmd) { 1480 case SIOCALIFADDR: 1481 { 1482 struct in6_aliasreq ifra; 1483 struct in6_addr *hostid = NULL; 1484 int prefixlen; 1485 1486 if ((iflr->flags & IFLR_PREFIX) != 0) { 1487 struct sockaddr_in6 *sin6; 1488 1489 /* 1490 * hostid is to fill in the hostid part of the 1491 * address. hostid points to the first link-local 1492 * address attached to the interface. 1493 */ 1494 ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 0); 1495 if (!ifa) 1496 return EADDRNOTAVAIL; 1497 hostid = IFA_IN6(ifa); 1498 1499 /* prefixlen must be <= 64. */ 1500 if (64 < iflr->prefixlen) 1501 return EINVAL; 1502 prefixlen = iflr->prefixlen; 1503 1504 /* hostid part must be zero. */ 1505 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1506 if (sin6->sin6_addr.s6_addr32[2] != 0 || 1507 sin6->sin6_addr.s6_addr32[3] != 0) { 1508 return EINVAL; 1509 } 1510 } else 1511 prefixlen = iflr->prefixlen; 1512 1513 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */ 1514 bzero(&ifra, sizeof(ifra)); 1515 bcopy(iflr->iflr_name, ifra.ifra_name, sizeof(ifra.ifra_name)); 1516 1517 bcopy(&iflr->addr, &ifra.ifra_addr, 1518 ((struct sockaddr *)&iflr->addr)->sa_len); 1519 if (hostid) { 1520 /* fill in hostid part */ 1521 ifra.ifra_addr.sin6_addr.s6_addr32[2] = 1522 hostid->s6_addr32[2]; 1523 ifra.ifra_addr.sin6_addr.s6_addr32[3] = 1524 hostid->s6_addr32[3]; 1525 } 1526 1527 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /* XXX */ 1528 bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr, 1529 ((struct sockaddr *)&iflr->dstaddr)->sa_len); 1530 if (hostid) { 1531 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] = 1532 hostid->s6_addr32[2]; 1533 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] = 1534 hostid->s6_addr32[3]; 1535 } 1536 } 1537 1538 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6); 1539 in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen); 1540 1541 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX; 1542 return in6_control(so, SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp, td); 1543 } 1544 case SIOCGLIFADDR: 1545 case SIOCDLIFADDR: 1546 { 1547 struct in6_ifaddr *ia; 1548 struct in6_addr mask, candidate, match; 1549 struct sockaddr_in6 *sin6; 1550 int cmp; 1551 1552 bzero(&mask, sizeof(mask)); 1553 if (iflr->flags & IFLR_PREFIX) { 1554 /* lookup a prefix rather than address. */ 1555 in6_prefixlen2mask(&mask, iflr->prefixlen); 1556 1557 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1558 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1559 match.s6_addr32[0] &= mask.s6_addr32[0]; 1560 match.s6_addr32[1] &= mask.s6_addr32[1]; 1561 match.s6_addr32[2] &= mask.s6_addr32[2]; 1562 match.s6_addr32[3] &= mask.s6_addr32[3]; 1563 1564 /* if you set extra bits, that's wrong */ 1565 if (bcmp(&match, &sin6->sin6_addr, sizeof(match))) 1566 return EINVAL; 1567 1568 cmp = 1; 1569 } else { 1570 if (cmd == SIOCGLIFADDR) { 1571 /* on getting an address, take the 1st match */ 1572 cmp = 0; /* XXX */ 1573 } else { 1574 /* on deleting an address, do exact match */ 1575 in6_prefixlen2mask(&mask, 128); 1576 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1577 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1578 1579 cmp = 1; 1580 } 1581 } 1582 1583 IF_ADDR_LOCK(ifp); 1584 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1585 if (ifa->ifa_addr->sa_family != AF_INET6) 1586 continue; 1587 if (!cmp) 1588 break; 1589 1590 /* 1591 * XXX: this is adhoc, but is necessary to allow 1592 * a user to specify fe80::/64 (not /10) for a 1593 * link-local address. 1594 */ 1595 bcopy(IFA_IN6(ifa), &candidate, sizeof(candidate)); 1596 in6_clearscope(&candidate); 1597 candidate.s6_addr32[0] &= mask.s6_addr32[0]; 1598 candidate.s6_addr32[1] &= mask.s6_addr32[1]; 1599 candidate.s6_addr32[2] &= mask.s6_addr32[2]; 1600 candidate.s6_addr32[3] &= mask.s6_addr32[3]; 1601 if (IN6_ARE_ADDR_EQUAL(&candidate, &match)) 1602 break; 1603 } 1604 IF_ADDR_UNLOCK(ifp); 1605 if (!ifa) 1606 return EADDRNOTAVAIL; 1607 ia = ifa2ia6(ifa); 1608 1609 if (cmd == SIOCGLIFADDR) { 1610 int error; 1611 1612 /* fill in the if_laddrreq structure */ 1613 bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin6_len); 1614 error = sa6_recoverscope( 1615 (struct sockaddr_in6 *)&iflr->addr); 1616 if (error != 0) 1617 return (error); 1618 1619 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1620 bcopy(&ia->ia_dstaddr, &iflr->dstaddr, 1621 ia->ia_dstaddr.sin6_len); 1622 error = sa6_recoverscope( 1623 (struct sockaddr_in6 *)&iflr->dstaddr); 1624 if (error != 0) 1625 return (error); 1626 } else 1627 bzero(&iflr->dstaddr, sizeof(iflr->dstaddr)); 1628 1629 iflr->prefixlen = 1630 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 1631 1632 iflr->flags = ia->ia6_flags; /* XXX */ 1633 1634 return 0; 1635 } else { 1636 struct in6_aliasreq ifra; 1637 1638 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */ 1639 bzero(&ifra, sizeof(ifra)); 1640 bcopy(iflr->iflr_name, ifra.ifra_name, 1641 sizeof(ifra.ifra_name)); 1642 1643 bcopy(&ia->ia_addr, &ifra.ifra_addr, 1644 ia->ia_addr.sin6_len); 1645 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1646 bcopy(&ia->ia_dstaddr, &ifra.ifra_dstaddr, 1647 ia->ia_dstaddr.sin6_len); 1648 } else { 1649 bzero(&ifra.ifra_dstaddr, 1650 sizeof(ifra.ifra_dstaddr)); 1651 } 1652 bcopy(&ia->ia_prefixmask, &ifra.ifra_dstaddr, 1653 ia->ia_prefixmask.sin6_len); 1654 1655 ifra.ifra_flags = ia->ia6_flags; 1656 return in6_control(so, SIOCDIFADDR_IN6, (caddr_t)&ifra, 1657 ifp, td); 1658 } 1659 } 1660 } 1661 1662 return EOPNOTSUPP; /* just for safety */ 1663 } 1664 1665 /* 1666 * Initialize an interface's intetnet6 address 1667 * and routing table entry. 1668 */ 1669 static int 1670 in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia, 1671 struct sockaddr_in6 *sin6, int newhost) 1672 { 1673 int error = 0, plen, ifacount = 0; 1674 int s = splimp(); 1675 struct ifaddr *ifa; 1676 1677 /* 1678 * Give the interface a chance to initialize 1679 * if this is its first address, 1680 * and to validate the address if necessary. 1681 */ 1682 IF_ADDR_LOCK(ifp); 1683 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1684 if (ifa->ifa_addr->sa_family != AF_INET6) 1685 continue; 1686 ifacount++; 1687 } 1688 IF_ADDR_UNLOCK(ifp); 1689 1690 ia->ia_addr = *sin6; 1691 1692 if (ifacount <= 1 && ifp->if_ioctl) { 1693 error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia); 1694 if (error) { 1695 splx(s); 1696 return (error); 1697 } 1698 } 1699 splx(s); 1700 1701 ia->ia_ifa.ifa_metric = ifp->if_metric; 1702 1703 /* we could do in(6)_socktrim here, but just omit it at this moment. */ 1704 1705 /* 1706 * Special case: 1707 * If a new destination address is specified for a point-to-point 1708 * interface, install a route to the destination as an interface 1709 * direct route. 1710 * XXX: the logic below rejects assigning multiple addresses on a p2p 1711 * interface that share the same destination. 1712 */ 1713 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ 1714 if (!(ia->ia_flags & IFA_ROUTE) && plen == 128) { 1715 struct sockaddr *dstaddr; 1716 int rtflags = RTF_UP | RTF_HOST; 1717 1718 /* 1719 * use the interface address if configuring an 1720 * interface address with a /128 prefix len 1721 */ 1722 if (ia->ia_dstaddr.sin6_family == AF_INET6) 1723 dstaddr = (struct sockaddr *)&ia->ia_dstaddr; 1724 else 1725 dstaddr = (struct sockaddr *)&ia->ia_addr; 1726 1727 error = rtrequest(RTM_ADD, 1728 (struct sockaddr *)dstaddr, 1729 (struct sockaddr *)&ia->ia_addr, 1730 (struct sockaddr *)&ia->ia_prefixmask, 1731 ia->ia_flags | rtflags, NULL); 1732 if (error != 0) 1733 return (error); 1734 ia->ia_flags |= IFA_ROUTE; 1735 } 1736 1737 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */ 1738 if (newhost) { 1739 struct llentry *ln; 1740 struct rtentry rt; 1741 struct sockaddr_dl gateway; 1742 struct sockaddr_in6 mask, addr; 1743 1744 IF_AFDATA_LOCK(ifp); 1745 ia->ia_ifa.ifa_rtrequest = NULL; 1746 1747 /* XXX QL 1748 * we need to report rt_newaddrmsg 1749 */ 1750 ln = lla_lookup(LLTABLE6(ifp), (LLE_CREATE | LLE_IFADDR | LLE_EXCLUSIVE), 1751 (struct sockaddr *)&ia->ia_addr); 1752 IF_AFDATA_UNLOCK(ifp); 1753 if (ln != NULL) { 1754 ln->la_expire = 0; /* for IPv6 this means permanent */ 1755 ln->ln_state = ND6_LLINFO_REACHABLE; 1756 /* 1757 * initialize for rtmsg generation 1758 */ 1759 bzero(&gateway, sizeof(gateway)); 1760 gateway.sdl_len = sizeof(gateway); 1761 gateway.sdl_family = AF_LINK; 1762 gateway.sdl_nlen = 0; 1763 gateway.sdl_alen = 6; 1764 memcpy(gateway.sdl_data, &ln->ll_addr.mac_aligned, sizeof(ln->ll_addr)); 1765 /* */ 1766 LLE_WUNLOCK(ln); 1767 } 1768 1769 bzero(&rt, sizeof(rt)); 1770 rt.rt_gateway = (struct sockaddr *)&gateway; 1771 memcpy(&mask, &ia->ia_prefixmask, sizeof(ia->ia_prefixmask)); 1772 memcpy(&addr, &ia->ia_addr, sizeof(ia->ia_addr)); 1773 rt_mask(&rt) = (struct sockaddr *)&mask; 1774 rt_key(&rt) = (struct sockaddr *)&addr; 1775 rt.rt_flags = RTF_UP | RTF_HOST | RTF_STATIC; 1776 rt_newaddrmsg(RTM_ADD, &ia->ia_ifa, 0, &rt); 1777 } 1778 1779 return (error); 1780 } 1781 1782 /* 1783 * Find an IPv6 interface link-local address specific to an interface. 1784 */ 1785 struct in6_ifaddr * 1786 in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags) 1787 { 1788 struct ifaddr *ifa; 1789 1790 IF_ADDR_LOCK(ifp); 1791 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1792 if (ifa->ifa_addr->sa_family != AF_INET6) 1793 continue; 1794 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) { 1795 if ((((struct in6_ifaddr *)ifa)->ia6_flags & 1796 ignoreflags) != 0) 1797 continue; 1798 break; 1799 } 1800 } 1801 IF_ADDR_UNLOCK(ifp); 1802 1803 return ((struct in6_ifaddr *)ifa); 1804 } 1805 1806 1807 /* 1808 * find the internet address corresponding to a given interface and address. 1809 */ 1810 struct in6_ifaddr * 1811 in6ifa_ifpwithaddr(struct ifnet *ifp, struct in6_addr *addr) 1812 { 1813 struct ifaddr *ifa; 1814 1815 IF_ADDR_LOCK(ifp); 1816 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 1817 if (ifa->ifa_addr->sa_family != AF_INET6) 1818 continue; 1819 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) 1820 break; 1821 } 1822 IF_ADDR_UNLOCK(ifp); 1823 1824 return ((struct in6_ifaddr *)ifa); 1825 } 1826 1827 /* 1828 * Convert IP6 address to printable (loggable) representation. Caller 1829 * has to make sure that ip6buf is at least INET6_ADDRSTRLEN long. 1830 */ 1831 static char digits[] = "0123456789abcdef"; 1832 char * 1833 ip6_sprintf(char *ip6buf, const struct in6_addr *addr) 1834 { 1835 int i; 1836 char *cp; 1837 const u_int16_t *a = (const u_int16_t *)addr; 1838 const u_int8_t *d; 1839 int dcolon = 0, zero = 0; 1840 1841 cp = ip6buf; 1842 1843 for (i = 0; i < 8; i++) { 1844 if (dcolon == 1) { 1845 if (*a == 0) { 1846 if (i == 7) 1847 *cp++ = ':'; 1848 a++; 1849 continue; 1850 } else 1851 dcolon = 2; 1852 } 1853 if (*a == 0) { 1854 if (dcolon == 0 && *(a + 1) == 0) { 1855 if (i == 0) 1856 *cp++ = ':'; 1857 *cp++ = ':'; 1858 dcolon = 1; 1859 } else { 1860 *cp++ = '0'; 1861 *cp++ = ':'; 1862 } 1863 a++; 1864 continue; 1865 } 1866 d = (const u_char *)a; 1867 /* Try to eliminate leading zeros in printout like in :0001. */ 1868 zero = 1; 1869 *cp = digits[*d >> 4]; 1870 if (*cp != '0') { 1871 zero = 0; 1872 cp++; 1873 } 1874 *cp = digits[*d++ & 0xf]; 1875 if (zero == 0 || (*cp != '0')) { 1876 zero = 0; 1877 cp++; 1878 } 1879 *cp = digits[*d >> 4]; 1880 if (zero == 0 || (*cp != '0')) { 1881 zero = 0; 1882 cp++; 1883 } 1884 *cp++ = digits[*d & 0xf]; 1885 *cp++ = ':'; 1886 a++; 1887 } 1888 *--cp = '\0'; 1889 return (ip6buf); 1890 } 1891 1892 int 1893 in6_localaddr(struct in6_addr *in6) 1894 { 1895 INIT_VNET_INET6(curvnet); 1896 struct in6_ifaddr *ia; 1897 1898 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6)) 1899 return 1; 1900 1901 for (ia = V_in6_ifaddr; ia; ia = ia->ia_next) { 1902 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr, 1903 &ia->ia_prefixmask.sin6_addr)) { 1904 return 1; 1905 } 1906 } 1907 1908 return (0); 1909 } 1910 1911 int 1912 in6_is_addr_deprecated(struct sockaddr_in6 *sa6) 1913 { 1914 INIT_VNET_INET6(curvnet); 1915 struct in6_ifaddr *ia; 1916 1917 for (ia = V_in6_ifaddr; ia; ia = ia->ia_next) { 1918 if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, 1919 &sa6->sin6_addr) && 1920 (ia->ia6_flags & IN6_IFF_DEPRECATED) != 0) 1921 return (1); /* true */ 1922 1923 /* XXX: do we still have to go thru the rest of the list? */ 1924 } 1925 1926 return (0); /* false */ 1927 } 1928 1929 /* 1930 * return length of part which dst and src are equal 1931 * hard coding... 1932 */ 1933 int 1934 in6_matchlen(struct in6_addr *src, struct in6_addr *dst) 1935 { 1936 int match = 0; 1937 u_char *s = (u_char *)src, *d = (u_char *)dst; 1938 u_char *lim = s + 16, r; 1939 1940 while (s < lim) 1941 if ((r = (*d++ ^ *s++)) != 0) { 1942 while (r < 128) { 1943 match++; 1944 r <<= 1; 1945 } 1946 break; 1947 } else 1948 match += 8; 1949 return match; 1950 } 1951 1952 /* XXX: to be scope conscious */ 1953 int 1954 in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len) 1955 { 1956 int bytelen, bitlen; 1957 1958 /* sanity check */ 1959 if (0 > len || len > 128) { 1960 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n", 1961 len); 1962 return (0); 1963 } 1964 1965 bytelen = len / 8; 1966 bitlen = len % 8; 1967 1968 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen)) 1969 return (0); 1970 if (bitlen != 0 && 1971 p1->s6_addr[bytelen] >> (8 - bitlen) != 1972 p2->s6_addr[bytelen] >> (8 - bitlen)) 1973 return (0); 1974 1975 return (1); 1976 } 1977 1978 void 1979 in6_prefixlen2mask(struct in6_addr *maskp, int len) 1980 { 1981 u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff}; 1982 int bytelen, bitlen, i; 1983 1984 /* sanity check */ 1985 if (0 > len || len > 128) { 1986 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n", 1987 len); 1988 return; 1989 } 1990 1991 bzero(maskp, sizeof(*maskp)); 1992 bytelen = len / 8; 1993 bitlen = len % 8; 1994 for (i = 0; i < bytelen; i++) 1995 maskp->s6_addr[i] = 0xff; 1996 if (bitlen) 1997 maskp->s6_addr[bytelen] = maskarray[bitlen - 1]; 1998 } 1999 2000 /* 2001 * return the best address out of the same scope. if no address was 2002 * found, return the first valid address from designated IF. 2003 */ 2004 struct in6_ifaddr * 2005 in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst) 2006 { 2007 INIT_VNET_INET6(curvnet); 2008 int dst_scope = in6_addrscope(dst), blen = -1, tlen; 2009 struct ifaddr *ifa; 2010 struct in6_ifaddr *besta = 0; 2011 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */ 2012 2013 dep[0] = dep[1] = NULL; 2014 2015 /* 2016 * We first look for addresses in the same scope. 2017 * If there is one, return it. 2018 * If two or more, return one which matches the dst longest. 2019 * If none, return one of global addresses assigned other ifs. 2020 */ 2021 IF_ADDR_LOCK(ifp); 2022 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 2023 if (ifa->ifa_addr->sa_family != AF_INET6) 2024 continue; 2025 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2026 continue; /* XXX: is there any case to allow anycast? */ 2027 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2028 continue; /* don't use this interface */ 2029 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2030 continue; 2031 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2032 if (V_ip6_use_deprecated) 2033 dep[0] = (struct in6_ifaddr *)ifa; 2034 continue; 2035 } 2036 2037 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) { 2038 /* 2039 * call in6_matchlen() as few as possible 2040 */ 2041 if (besta) { 2042 if (blen == -1) 2043 blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst); 2044 tlen = in6_matchlen(IFA_IN6(ifa), dst); 2045 if (tlen > blen) { 2046 blen = tlen; 2047 besta = (struct in6_ifaddr *)ifa; 2048 } 2049 } else 2050 besta = (struct in6_ifaddr *)ifa; 2051 } 2052 } 2053 if (besta) { 2054 IF_ADDR_UNLOCK(ifp); 2055 return (besta); 2056 } 2057 2058 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 2059 if (ifa->ifa_addr->sa_family != AF_INET6) 2060 continue; 2061 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2062 continue; /* XXX: is there any case to allow anycast? */ 2063 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2064 continue; /* don't use this interface */ 2065 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2066 continue; 2067 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2068 if (V_ip6_use_deprecated) 2069 dep[1] = (struct in6_ifaddr *)ifa; 2070 continue; 2071 } 2072 2073 IF_ADDR_UNLOCK(ifp); 2074 return (struct in6_ifaddr *)ifa; 2075 } 2076 IF_ADDR_UNLOCK(ifp); 2077 2078 /* use the last-resort values, that are, deprecated addresses */ 2079 if (dep[0]) 2080 return dep[0]; 2081 if (dep[1]) 2082 return dep[1]; 2083 2084 return NULL; 2085 } 2086 2087 /* 2088 * perform DAD when interface becomes IFF_UP. 2089 */ 2090 void 2091 in6_if_up(struct ifnet *ifp) 2092 { 2093 struct ifaddr *ifa; 2094 struct in6_ifaddr *ia; 2095 2096 IF_ADDR_LOCK(ifp); 2097 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 2098 if (ifa->ifa_addr->sa_family != AF_INET6) 2099 continue; 2100 ia = (struct in6_ifaddr *)ifa; 2101 if (ia->ia6_flags & IN6_IFF_TENTATIVE) { 2102 /* 2103 * The TENTATIVE flag was likely set by hand 2104 * beforehand, implicitly indicating the need for DAD. 2105 * We may be able to skip the random delay in this 2106 * case, but we impose delays just in case. 2107 */ 2108 nd6_dad_start(ifa, 2109 arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz)); 2110 } 2111 } 2112 IF_ADDR_UNLOCK(ifp); 2113 2114 /* 2115 * special cases, like 6to4, are handled in in6_ifattach 2116 */ 2117 in6_ifattach(ifp, NULL); 2118 } 2119 2120 int 2121 in6if_do_dad(struct ifnet *ifp) 2122 { 2123 if ((ifp->if_flags & IFF_LOOPBACK) != 0) 2124 return (0); 2125 2126 switch (ifp->if_type) { 2127 #ifdef IFT_DUMMY 2128 case IFT_DUMMY: 2129 #endif 2130 case IFT_FAITH: 2131 /* 2132 * These interfaces do not have the IFF_LOOPBACK flag, 2133 * but loop packets back. We do not have to do DAD on such 2134 * interfaces. We should even omit it, because loop-backed 2135 * NS would confuse the DAD procedure. 2136 */ 2137 return (0); 2138 default: 2139 /* 2140 * Our DAD routine requires the interface up and running. 2141 * However, some interfaces can be up before the RUNNING 2142 * status. Additionaly, users may try to assign addresses 2143 * before the interface becomes up (or running). 2144 * We simply skip DAD in such a case as a work around. 2145 * XXX: we should rather mark "tentative" on such addresses, 2146 * and do DAD after the interface becomes ready. 2147 */ 2148 if (!((ifp->if_flags & IFF_UP) && 2149 (ifp->if_drv_flags & IFF_DRV_RUNNING))) 2150 return (0); 2151 2152 return (1); 2153 } 2154 } 2155 2156 /* 2157 * Calculate max IPv6 MTU through all the interfaces and store it 2158 * to in6_maxmtu. 2159 */ 2160 void 2161 in6_setmaxmtu(void) 2162 { 2163 INIT_VNET_NET(curvnet); 2164 INIT_VNET_INET6(curvnet); 2165 unsigned long maxmtu = 0; 2166 struct ifnet *ifp; 2167 2168 IFNET_RLOCK(); 2169 for (ifp = TAILQ_FIRST(&V_ifnet); ifp; 2170 ifp = TAILQ_NEXT(ifp, if_list)) { 2171 /* this function can be called during ifnet initialization */ 2172 if (!ifp->if_afdata[AF_INET6]) 2173 continue; 2174 if ((ifp->if_flags & IFF_LOOPBACK) == 0 && 2175 IN6_LINKMTU(ifp) > maxmtu) 2176 maxmtu = IN6_LINKMTU(ifp); 2177 } 2178 IFNET_RUNLOCK(); 2179 if (maxmtu) /* update only when maxmtu is positive */ 2180 V_in6_maxmtu = maxmtu; 2181 } 2182 2183 /* 2184 * Provide the length of interface identifiers to be used for the link attached 2185 * to the given interface. The length should be defined in "IPv6 over 2186 * xxx-link" document. Note that address architecture might also define 2187 * the length for a particular set of address prefixes, regardless of the 2188 * link type. As clarified in rfc2462bis, those two definitions should be 2189 * consistent, and those really are as of August 2004. 2190 */ 2191 int 2192 in6_if2idlen(struct ifnet *ifp) 2193 { 2194 switch (ifp->if_type) { 2195 case IFT_ETHER: /* RFC2464 */ 2196 #ifdef IFT_PROPVIRTUAL 2197 case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */ 2198 #endif 2199 #ifdef IFT_L2VLAN 2200 case IFT_L2VLAN: /* ditto */ 2201 #endif 2202 #ifdef IFT_IEEE80211 2203 case IFT_IEEE80211: /* ditto */ 2204 #endif 2205 #ifdef IFT_MIP 2206 case IFT_MIP: /* ditto */ 2207 #endif 2208 return (64); 2209 case IFT_FDDI: /* RFC2467 */ 2210 return (64); 2211 case IFT_ISO88025: /* RFC2470 (IPv6 over Token Ring) */ 2212 return (64); 2213 case IFT_PPP: /* RFC2472 */ 2214 return (64); 2215 case IFT_ARCNET: /* RFC2497 */ 2216 return (64); 2217 case IFT_FRELAY: /* RFC2590 */ 2218 return (64); 2219 case IFT_IEEE1394: /* RFC3146 */ 2220 return (64); 2221 case IFT_GIF: 2222 return (64); /* draft-ietf-v6ops-mech-v2-07 */ 2223 case IFT_LOOP: 2224 return (64); /* XXX: is this really correct? */ 2225 default: 2226 /* 2227 * Unknown link type: 2228 * It might be controversial to use the today's common constant 2229 * of 64 for these cases unconditionally. For full compliance, 2230 * we should return an error in this case. On the other hand, 2231 * if we simply miss the standard for the link type or a new 2232 * standard is defined for a new link type, the IFID length 2233 * is very likely to be the common constant. As a compromise, 2234 * we always use the constant, but make an explicit notice 2235 * indicating the "unknown" case. 2236 */ 2237 printf("in6_if2idlen: unknown link type (%d)\n", ifp->if_type); 2238 return (64); 2239 } 2240 } 2241 2242 #include <sys/sysctl.h> 2243 2244 struct in6_llentry { 2245 struct llentry base; 2246 struct sockaddr_in6 l3_addr6; 2247 }; 2248 2249 static struct llentry * 2250 in6_lltable_new(const struct sockaddr *l3addr, u_int flags) 2251 { 2252 struct in6_llentry *lle; 2253 2254 lle = malloc(sizeof(struct in6_llentry), M_LLTABLE, 2255 M_DONTWAIT | M_ZERO); 2256 if (lle == NULL) /* NB: caller generates msg */ 2257 return NULL; 2258 2259 callout_init(&lle->base.ln_timer_ch, CALLOUT_MPSAFE); 2260 lle->l3_addr6 = *(const struct sockaddr_in6 *)l3addr; 2261 lle->base.lle_refcnt = 1; 2262 LLE_LOCK_INIT(&lle->base); 2263 return &lle->base; 2264 } 2265 2266 /* 2267 * Deletes an address from the address table. 2268 * This function is called by the timer functions 2269 * such as arptimer() and nd6_llinfo_timer(), and 2270 * the caller does the locking. 2271 */ 2272 static void 2273 in6_lltable_free(struct lltable *llt, struct llentry *lle) 2274 { 2275 LLE_WUNLOCK(lle); 2276 LLE_LOCK_DESTROY(lle); 2277 free(lle, M_LLTABLE); 2278 } 2279 2280 static void 2281 in6_lltable_prefix_free(struct lltable *llt, 2282 const struct sockaddr *prefix, 2283 const struct sockaddr *mask) 2284 { 2285 const struct sockaddr_in6 *pfx = (const struct sockaddr_in6 *)prefix; 2286 const struct sockaddr_in6 *msk = (const struct sockaddr_in6 *)mask; 2287 struct llentry *lle, *next; 2288 register int i; 2289 2290 for (i=0; i < LLTBL_HASHTBL_SIZE; i++) { 2291 LIST_FOREACH_SAFE(lle, &llt->lle_head[i], lle_next, next) { 2292 if (IN6_ARE_MASKED_ADDR_EQUAL( 2293 &((struct sockaddr_in6 *)L3_ADDR(lle))->sin6_addr, 2294 &pfx->sin6_addr, 2295 &msk->sin6_addr)) { 2296 callout_drain(&lle->la_timer); 2297 LLE_WLOCK(lle); 2298 llentry_free(lle); 2299 } 2300 } 2301 } 2302 } 2303 2304 static int 2305 in6_lltable_rtcheck(struct ifnet *ifp, const struct sockaddr *l3addr) 2306 { 2307 struct rtentry *rt; 2308 char ip6buf[INET6_ADDRSTRLEN]; 2309 2310 KASSERT(l3addr->sa_family == AF_INET6, 2311 ("sin_family %d", l3addr->sa_family)); 2312 2313 /* XXX rtalloc1 should take a const param */ 2314 rt = rtalloc1(__DECONST(struct sockaddr *, l3addr), 0, 0); 2315 if (rt == NULL || (rt->rt_flags & RTF_GATEWAY) || rt->rt_ifp != ifp) { 2316 struct ifaddr *ifa; 2317 /* 2318 * Create an ND6 cache for an IPv6 neighbor 2319 * that is not covered by our own prefix. 2320 */ 2321 /* XXX ifaof_ifpforaddr should take a const param */ 2322 ifa = ifaof_ifpforaddr(__DECONST(struct sockaddr *, l3addr), ifp); 2323 if (ifa != NULL) { 2324 if (rt != NULL) 2325 RTFREE_LOCKED(rt); 2326 return 0; 2327 } 2328 log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n", 2329 ip6_sprintf(ip6buf, &((const struct sockaddr_in6 *)l3addr)->sin6_addr)); 2330 if (rt != NULL) 2331 RTFREE_LOCKED(rt); 2332 return EINVAL; 2333 } 2334 RTFREE_LOCKED(rt); 2335 return 0; 2336 } 2337 2338 static struct llentry * 2339 in6_lltable_lookup(struct lltable *llt, u_int flags, 2340 const struct sockaddr *l3addr) 2341 { 2342 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr; 2343 struct ifnet *ifp = llt->llt_ifp; 2344 struct llentry *lle; 2345 struct llentries *lleh; 2346 u_int hashkey; 2347 2348 IF_AFDATA_LOCK_ASSERT(ifp); 2349 KASSERT(l3addr->sa_family == AF_INET6, 2350 ("sin_family %d", l3addr->sa_family)); 2351 2352 hashkey = sin6->sin6_addr.s6_addr32[3]; 2353 lleh = &llt->lle_head[LLATBL_HASH(hashkey, LLTBL_HASHMASK)]; 2354 LIST_FOREACH(lle, lleh, lle_next) { 2355 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)L3_ADDR(lle); 2356 if (lle->la_flags & LLE_DELETED) 2357 continue; 2358 if (bcmp(&sa6->sin6_addr, &sin6->sin6_addr, 2359 sizeof(struct in6_addr)) == 0) 2360 break; 2361 } 2362 2363 if (lle == NULL) { 2364 if (!(flags & LLE_CREATE)) 2365 return (NULL); 2366 /* 2367 * A route that covers the given address must have 2368 * been installed 1st because we are doing a resolution, 2369 * verify this. 2370 */ 2371 if (!(flags & LLE_IFADDR) && 2372 in6_lltable_rtcheck(ifp, l3addr) != 0) 2373 return NULL; 2374 2375 lle = in6_lltable_new(l3addr, flags); 2376 if (lle == NULL) { 2377 log(LOG_INFO, "lla_lookup: new lle malloc failed\n"); 2378 return NULL; 2379 } 2380 lle->la_flags = flags & ~LLE_CREATE; 2381 if ((flags & (LLE_CREATE | LLE_IFADDR)) == (LLE_CREATE | LLE_IFADDR)) { 2382 bcopy(IF_LLADDR(ifp), &lle->ll_addr, ifp->if_addrlen); 2383 lle->la_flags |= (LLE_VALID | LLE_STATIC); 2384 } 2385 2386 lle->lle_tbl = llt; 2387 lle->lle_head = lleh; 2388 LIST_INSERT_HEAD(lleh, lle, lle_next); 2389 } else if (flags & LLE_DELETE) { 2390 if (!(lle->la_flags & LLE_IFADDR) || (flags & LLE_IFADDR)) { 2391 LLE_WLOCK(lle); 2392 lle->la_flags = LLE_DELETED; 2393 LLE_WUNLOCK(lle); 2394 #ifdef DIAGNOSTICS 2395 log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle); 2396 #endif 2397 } 2398 lle = (void *)-1; 2399 } 2400 if (LLE_IS_VALID(lle)) { 2401 if (flags & LLE_EXCLUSIVE) 2402 LLE_WLOCK(lle); 2403 else 2404 LLE_RLOCK(lle); 2405 } 2406 return (lle); 2407 } 2408 2409 static int 2410 in6_lltable_dump(struct lltable *llt, struct sysctl_req *wr) 2411 { 2412 struct ifnet *ifp = llt->llt_ifp; 2413 struct llentry *lle; 2414 /* XXX stack use */ 2415 struct { 2416 struct rt_msghdr rtm; 2417 struct sockaddr_in6 sin6; 2418 /* 2419 * ndp.c assumes that sdl is word aligned 2420 */ 2421 #ifdef __LP64__ 2422 uint32_t pad; 2423 #endif 2424 struct sockaddr_dl sdl; 2425 } ndpc; 2426 int i, error; 2427 2428 /* XXXXX 2429 * current IFNET_RLOCK() is mapped to IFNET_WLOCK() 2430 * so it is okay to use this ASSERT, change it when 2431 * IFNET lock is finalized 2432 */ 2433 IFNET_WLOCK_ASSERT(); 2434 2435 error = 0; 2436 for (i = 0; i < LLTBL_HASHTBL_SIZE; i++) { 2437 LIST_FOREACH(lle, &llt->lle_head[i], lle_next) { 2438 struct sockaddr_dl *sdl; 2439 2440 /* skip deleted or invalid entries */ 2441 if ((lle->la_flags & (LLE_DELETED|LLE_VALID)) != LLE_VALID) 2442 continue; 2443 /* Skip if jailed and not a valid IP of the prison. */ 2444 if (prison_if(wr->td->td_ucred, L3_ADDR(lle)) != 0) 2445 continue; 2446 /* 2447 * produce a msg made of: 2448 * struct rt_msghdr; 2449 * struct sockaddr_in6 (IPv6) 2450 * struct sockaddr_dl; 2451 */ 2452 bzero(&ndpc, sizeof(ndpc)); 2453 ndpc.rtm.rtm_msglen = sizeof(ndpc); 2454 ndpc.rtm.rtm_version = RTM_VERSION; 2455 ndpc.rtm.rtm_type = RTM_GET; 2456 ndpc.rtm.rtm_flags = RTF_UP; 2457 ndpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY; 2458 ndpc.sin6.sin6_family = AF_INET6; 2459 ndpc.sin6.sin6_len = sizeof(ndpc.sin6); 2460 bcopy(L3_ADDR(lle), &ndpc.sin6, L3_ADDR_LEN(lle)); 2461 2462 /* publish */ 2463 if (lle->la_flags & LLE_PUB) 2464 ndpc.rtm.rtm_flags |= RTF_ANNOUNCE; 2465 2466 sdl = &ndpc.sdl; 2467 sdl->sdl_family = AF_LINK; 2468 sdl->sdl_len = sizeof(*sdl); 2469 sdl->sdl_alen = ifp->if_addrlen; 2470 sdl->sdl_index = ifp->if_index; 2471 sdl->sdl_type = ifp->if_type; 2472 bcopy(&lle->ll_addr, LLADDR(sdl), ifp->if_addrlen); 2473 ndpc.rtm.rtm_rmx.rmx_expire = 2474 lle->la_flags & LLE_STATIC ? 0 : lle->la_expire; 2475 ndpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA); 2476 if (lle->la_flags & LLE_STATIC) 2477 ndpc.rtm.rtm_flags |= RTF_STATIC; 2478 ndpc.rtm.rtm_index = ifp->if_index; 2479 error = SYSCTL_OUT(wr, &ndpc, sizeof(ndpc)); 2480 if (error) 2481 break; 2482 } 2483 } 2484 return error; 2485 } 2486 2487 void * 2488 in6_domifattach(struct ifnet *ifp) 2489 { 2490 struct in6_ifextra *ext; 2491 2492 ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK); 2493 bzero(ext, sizeof(*ext)); 2494 2495 ext->in6_ifstat = (struct in6_ifstat *)malloc(sizeof(struct in6_ifstat), 2496 M_IFADDR, M_WAITOK); 2497 bzero(ext->in6_ifstat, sizeof(*ext->in6_ifstat)); 2498 2499 ext->icmp6_ifstat = 2500 (struct icmp6_ifstat *)malloc(sizeof(struct icmp6_ifstat), 2501 M_IFADDR, M_WAITOK); 2502 bzero(ext->icmp6_ifstat, sizeof(*ext->icmp6_ifstat)); 2503 2504 ext->nd_ifinfo = nd6_ifattach(ifp); 2505 ext->scope6_id = scope6_ifattach(ifp); 2506 ext->lltable = lltable_init(ifp, AF_INET6); 2507 if (ext->lltable != NULL) { 2508 ext->lltable->llt_new = in6_lltable_new; 2509 ext->lltable->llt_free = in6_lltable_free; 2510 ext->lltable->llt_prefix_free = in6_lltable_prefix_free; 2511 ext->lltable->llt_rtcheck = in6_lltable_rtcheck; 2512 ext->lltable->llt_lookup = in6_lltable_lookup; 2513 ext->lltable->llt_dump = in6_lltable_dump; 2514 } 2515 2516 ext->mld_ifinfo = mld_domifattach(ifp); 2517 2518 return ext; 2519 } 2520 2521 void 2522 in6_domifdetach(struct ifnet *ifp, void *aux) 2523 { 2524 struct in6_ifextra *ext = (struct in6_ifextra *)aux; 2525 2526 mld_domifdetach(ifp); 2527 scope6_ifdetach(ext->scope6_id); 2528 nd6_ifdetach(ext->nd_ifinfo); 2529 lltable_free(ext->lltable); 2530 free(ext->in6_ifstat, M_IFADDR); 2531 free(ext->icmp6_ifstat, M_IFADDR); 2532 free(ext, M_IFADDR); 2533 } 2534 2535 /* 2536 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be 2537 * v4 mapped addr or v4 compat addr 2538 */ 2539 void 2540 in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2541 { 2542 2543 bzero(sin, sizeof(*sin)); 2544 sin->sin_len = sizeof(struct sockaddr_in); 2545 sin->sin_family = AF_INET; 2546 sin->sin_port = sin6->sin6_port; 2547 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3]; 2548 } 2549 2550 /* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */ 2551 void 2552 in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2553 { 2554 bzero(sin6, sizeof(*sin6)); 2555 sin6->sin6_len = sizeof(struct sockaddr_in6); 2556 sin6->sin6_family = AF_INET6; 2557 sin6->sin6_port = sin->sin_port; 2558 sin6->sin6_addr.s6_addr32[0] = 0; 2559 sin6->sin6_addr.s6_addr32[1] = 0; 2560 sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP; 2561 sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr; 2562 } 2563 2564 /* Convert sockaddr_in6 into sockaddr_in. */ 2565 void 2566 in6_sin6_2_sin_in_sock(struct sockaddr *nam) 2567 { 2568 struct sockaddr_in *sin_p; 2569 struct sockaddr_in6 sin6; 2570 2571 /* 2572 * Save original sockaddr_in6 addr and convert it 2573 * to sockaddr_in. 2574 */ 2575 sin6 = *(struct sockaddr_in6 *)nam; 2576 sin_p = (struct sockaddr_in *)nam; 2577 in6_sin6_2_sin(sin_p, &sin6); 2578 } 2579 2580 /* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */ 2581 void 2582 in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam) 2583 { 2584 struct sockaddr_in *sin_p; 2585 struct sockaddr_in6 *sin6_p; 2586 2587 sin6_p = malloc(sizeof *sin6_p, M_SONAME, 2588 M_WAITOK); 2589 sin_p = (struct sockaddr_in *)*nam; 2590 in6_sin_2_v4mapsin6(sin_p, sin6_p); 2591 free(*nam, M_SONAME); 2592 *nam = (struct sockaddr *)sin6_p; 2593 } 2594