1 /* $FreeBSD$ */ 2 /* $KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $ */ 3 4 /*- 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /*- 34 * Copyright (c) 1982, 1986, 1991, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 4. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 * 61 * @(#)in.c 8.2 (Berkeley) 11/15/93 62 */ 63 64 #include "opt_inet.h" 65 #include "opt_inet6.h" 66 67 #include <sys/param.h> 68 #include <sys/errno.h> 69 #include <sys/malloc.h> 70 #include <sys/socket.h> 71 #include <sys/socketvar.h> 72 #include <sys/sockio.h> 73 #include <sys/systm.h> 74 #include <sys/priv.h> 75 #include <sys/proc.h> 76 #include <sys/time.h> 77 #include <sys/kernel.h> 78 #include <sys/syslog.h> 79 80 #include <net/if.h> 81 #include <net/if_types.h> 82 #include <net/route.h> 83 #include <net/if_dl.h> 84 85 #include <netinet/in.h> 86 #include <netinet/in_var.h> 87 #include <netinet/if_ether.h> 88 #include <netinet/in_systm.h> 89 #include <netinet/ip.h> 90 #include <netinet/in_pcb.h> 91 92 #include <netinet/ip6.h> 93 #include <netinet6/ip6_var.h> 94 #include <netinet6/nd6.h> 95 #include <netinet6/mld6_var.h> 96 #include <netinet6/ip6_mroute.h> 97 #include <netinet6/in6_ifattach.h> 98 #include <netinet6/scope6_var.h> 99 #include <netinet6/in6_pcb.h> 100 101 MALLOC_DEFINE(M_IP6MADDR, "in6_multi", "internet multicast address"); 102 103 /* 104 * Definitions of some costant IP6 addresses. 105 */ 106 const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT; 107 const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT; 108 const struct in6_addr in6addr_nodelocal_allnodes = 109 IN6ADDR_NODELOCAL_ALLNODES_INIT; 110 const struct in6_addr in6addr_linklocal_allnodes = 111 IN6ADDR_LINKLOCAL_ALLNODES_INIT; 112 const struct in6_addr in6addr_linklocal_allrouters = 113 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT; 114 115 const struct in6_addr in6mask0 = IN6MASK0; 116 const struct in6_addr in6mask32 = IN6MASK32; 117 const struct in6_addr in6mask64 = IN6MASK64; 118 const struct in6_addr in6mask96 = IN6MASK96; 119 const struct in6_addr in6mask128 = IN6MASK128; 120 121 const struct sockaddr_in6 sa6_any = 122 { sizeof(sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0 }; 123 124 static int in6_lifaddr_ioctl __P((struct socket *, u_long, caddr_t, 125 struct ifnet *, struct thread *)); 126 static int in6_ifinit __P((struct ifnet *, struct in6_ifaddr *, 127 struct sockaddr_in6 *, int)); 128 static void in6_unlink_ifa __P((struct in6_ifaddr *, struct ifnet *)); 129 130 struct in6_multihead in6_multihead; /* XXX BSS initialization */ 131 int (*faithprefix_p)(struct in6_addr *); 132 133 /* 134 * Subroutine for in6_ifaddloop() and in6_ifremloop(). 135 * This routine does actual work. 136 */ 137 static void 138 in6_ifloop_request(int cmd, struct ifaddr *ifa) 139 { 140 struct sockaddr_in6 all1_sa; 141 struct rtentry *nrt = NULL; 142 int e; 143 char ip6buf[INET6_ADDRSTRLEN]; 144 145 bzero(&all1_sa, sizeof(all1_sa)); 146 all1_sa.sin6_family = AF_INET6; 147 all1_sa.sin6_len = sizeof(struct sockaddr_in6); 148 all1_sa.sin6_addr = in6mask128; 149 150 /* 151 * We specify the address itself as the gateway, and set the 152 * RTF_LLINFO flag, so that the corresponding host route would have 153 * the flag, and thus applications that assume traditional behavior 154 * would be happy. Note that we assume the caller of the function 155 * (probably implicitly) set nd6_rtrequest() to ifa->ifa_rtrequest, 156 * which changes the outgoing interface to the loopback interface. 157 */ 158 e = rtrequest(cmd, ifa->ifa_addr, ifa->ifa_addr, 159 (struct sockaddr *)&all1_sa, RTF_UP|RTF_HOST|RTF_LLINFO, &nrt); 160 if (e != 0) { 161 /* XXX need more descriptive message */ 162 163 log(LOG_ERR, "in6_ifloop_request: " 164 "%s operation failed for %s (errno=%d)\n", 165 cmd == RTM_ADD ? "ADD" : "DELETE", 166 ip6_sprintf(ip6buf, 167 &((struct in6_ifaddr *)ifa)->ia_addr.sin6_addr), e); 168 } 169 170 /* 171 * Report the addition/removal of the address to the routing socket. 172 * XXX: since we called rtinit for a p2p interface with a destination, 173 * we end up reporting twice in such a case. Should we rather 174 * omit the second report? 175 */ 176 if (nrt) { 177 RT_LOCK(nrt); 178 /* 179 * Make sure rt_ifa be equal to IFA, the second argument of 180 * the function. We need this because when we refer to 181 * rt_ifa->ia6_flags in ip6_input, we assume that the rt_ifa 182 * points to the address instead of the loopback address. 183 */ 184 if (cmd == RTM_ADD && ifa != nrt->rt_ifa) { 185 IFAFREE(nrt->rt_ifa); 186 IFAREF(ifa); 187 nrt->rt_ifa = ifa; 188 } 189 190 rt_newaddrmsg(cmd, ifa, e, nrt); 191 if (cmd == RTM_DELETE) { 192 rtfree(nrt); 193 } else { 194 /* the cmd must be RTM_ADD here */ 195 RT_REMREF(nrt); 196 RT_UNLOCK(nrt); 197 } 198 } 199 } 200 201 /* 202 * Add ownaddr as loopback rtentry. We previously add the route only if 203 * necessary (ex. on a p2p link). However, since we now manage addresses 204 * separately from prefixes, we should always add the route. We can't 205 * rely on the cloning mechanism from the corresponding interface route 206 * any more. 207 */ 208 void 209 in6_ifaddloop(struct ifaddr *ifa) 210 { 211 struct rtentry *rt; 212 int need_loop; 213 214 /* If there is no loopback entry, allocate one. */ 215 rt = rtalloc1(ifa->ifa_addr, 0, 0); 216 need_loop = (rt == NULL || (rt->rt_flags & RTF_HOST) == 0 || 217 (rt->rt_ifp->if_flags & IFF_LOOPBACK) == 0); 218 if (rt) 219 rtfree(rt); 220 if (need_loop) 221 in6_ifloop_request(RTM_ADD, ifa); 222 } 223 224 /* 225 * Remove loopback rtentry of ownaddr generated by in6_ifaddloop(), 226 * if it exists. 227 */ 228 void 229 in6_ifremloop(struct ifaddr *ifa) 230 { 231 struct in6_ifaddr *ia; 232 struct rtentry *rt; 233 int ia_count = 0; 234 235 /* 236 * Some of BSD variants do not remove cloned routes 237 * from an interface direct route, when removing the direct route 238 * (see comments in net/net_osdep.h). Even for variants that do remove 239 * cloned routes, they could fail to remove the cloned routes when 240 * we handle multple addresses that share a common prefix. 241 * So, we should remove the route corresponding to the deleted address. 242 */ 243 244 /* 245 * Delete the entry only if exact one ifa exists. More than one ifa 246 * can exist if we assign a same single address to multiple 247 * (probably p2p) interfaces. 248 * XXX: we should avoid such a configuration in IPv6... 249 */ 250 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 251 if (IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &ia->ia_addr.sin6_addr)) { 252 ia_count++; 253 if (ia_count > 1) 254 break; 255 } 256 } 257 258 if (ia_count == 1) { 259 /* 260 * Before deleting, check if a corresponding loopbacked host 261 * route surely exists. With this check, we can avoid to 262 * delete an interface direct route whose destination is same 263 * as the address being removed. This can happen when removing 264 * a subnet-router anycast address on an interface attahced 265 * to a shared medium. 266 */ 267 rt = rtalloc1(ifa->ifa_addr, 0, 0); 268 if (rt != NULL) { 269 if ((rt->rt_flags & RTF_HOST) != 0 && 270 (rt->rt_ifp->if_flags & IFF_LOOPBACK) != 0) { 271 rtfree(rt); 272 in6_ifloop_request(RTM_DELETE, ifa); 273 } else 274 RT_UNLOCK(rt); 275 } 276 } 277 } 278 279 int 280 in6_mask2len(mask, lim0) 281 struct in6_addr *mask; 282 u_char *lim0; 283 { 284 int x = 0, y; 285 u_char *lim = lim0, *p; 286 287 /* ignore the scope_id part */ 288 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask)) 289 lim = (u_char *)mask + sizeof(*mask); 290 for (p = (u_char *)mask; p < lim; x++, p++) { 291 if (*p != 0xff) 292 break; 293 } 294 y = 0; 295 if (p < lim) { 296 for (y = 0; y < 8; y++) { 297 if ((*p & (0x80 >> y)) == 0) 298 break; 299 } 300 } 301 302 /* 303 * when the limit pointer is given, do a stricter check on the 304 * remaining bits. 305 */ 306 if (p < lim) { 307 if (y != 0 && (*p & (0x00ff >> y)) != 0) 308 return (-1); 309 for (p = p + 1; p < lim; p++) 310 if (*p != 0) 311 return (-1); 312 } 313 314 return x * 8 + y; 315 } 316 317 #define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa)) 318 #define ia62ifa(ia6) (&((ia6)->ia_ifa)) 319 320 int 321 in6_control(so, cmd, data, ifp, td) 322 struct socket *so; 323 u_long cmd; 324 caddr_t data; 325 struct ifnet *ifp; 326 struct thread *td; 327 { 328 struct in6_ifreq *ifr = (struct in6_ifreq *)data; 329 struct in6_ifaddr *ia = NULL; 330 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data; 331 struct sockaddr_in6 *sa6; 332 int error; 333 334 switch (cmd) { 335 case SIOCGETSGCNT_IN6: 336 case SIOCGETMIFCNT_IN6: 337 return (mrt6_ioctl(cmd, data)); 338 } 339 340 switch(cmd) { 341 case SIOCAADDRCTL_POLICY: 342 case SIOCDADDRCTL_POLICY: 343 if (td != NULL) { 344 error = priv_check(td, PRIV_NETINET_ADDRCTRL6); 345 if (error) 346 return (error); 347 } 348 return (in6_src_ioctl(cmd, data)); 349 } 350 351 if (ifp == NULL) 352 return (EOPNOTSUPP); 353 354 switch (cmd) { 355 case SIOCSNDFLUSH_IN6: 356 case SIOCSPFXFLUSH_IN6: 357 case SIOCSRTRFLUSH_IN6: 358 case SIOCSDEFIFACE_IN6: 359 case SIOCSIFINFO_FLAGS: 360 if (td != NULL) { 361 error = priv_check(td, PRIV_NETINET_ND6); 362 if (error) 363 return (error); 364 } 365 /* FALLTHROUGH */ 366 case OSIOCGIFINFO_IN6: 367 case SIOCGIFINFO_IN6: 368 case SIOCSIFINFO_IN6: 369 case SIOCGDRLST_IN6: 370 case SIOCGPRLST_IN6: 371 case SIOCGNBRINFO_IN6: 372 case SIOCGDEFIFACE_IN6: 373 return (nd6_ioctl(cmd, data, ifp)); 374 } 375 376 switch (cmd) { 377 case SIOCSIFPREFIX_IN6: 378 case SIOCDIFPREFIX_IN6: 379 case SIOCAIFPREFIX_IN6: 380 case SIOCCIFPREFIX_IN6: 381 case SIOCSGIFPREFIX_IN6: 382 case SIOCGIFPREFIX_IN6: 383 log(LOG_NOTICE, 384 "prefix ioctls are now invalidated. " 385 "please use ifconfig.\n"); 386 return (EOPNOTSUPP); 387 } 388 389 switch (cmd) { 390 case SIOCSSCOPE6: 391 if (td != NULL) { 392 error = priv_check(td, PRIV_NETINET_SCOPE6); 393 if (error) 394 return (error); 395 } 396 return (scope6_set(ifp, 397 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id)); 398 case SIOCGSCOPE6: 399 return (scope6_get(ifp, 400 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id)); 401 case SIOCGSCOPE6DEF: 402 return (scope6_get_default((struct scope6_id *) 403 ifr->ifr_ifru.ifru_scope_id)); 404 } 405 406 switch (cmd) { 407 case SIOCALIFADDR: 408 case SIOCDLIFADDR: 409 /* 410 * XXXRW: Is this checked at another layer? What priv to use 411 * here? 412 */ 413 if (td != NULL) { 414 error = suser(td); 415 if (error) 416 return (error); 417 } 418 /* FALLTHROUGH */ 419 case SIOCGLIFADDR: 420 return in6_lifaddr_ioctl(so, cmd, data, ifp, td); 421 } 422 423 /* 424 * Find address for this interface, if it exists. 425 * 426 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation 427 * only, and used the first interface address as the target of other 428 * operations (without checking ifra_addr). This was because netinet 429 * code/API assumed at most 1 interface address per interface. 430 * Since IPv6 allows a node to assign multiple addresses 431 * on a single interface, we almost always look and check the 432 * presence of ifra_addr, and reject invalid ones here. 433 * It also decreases duplicated code among SIOC*_IN6 operations. 434 */ 435 switch (cmd) { 436 case SIOCAIFADDR_IN6: 437 case SIOCSIFPHYADDR_IN6: 438 sa6 = &ifra->ifra_addr; 439 break; 440 case SIOCSIFADDR_IN6: 441 case SIOCGIFADDR_IN6: 442 case SIOCSIFDSTADDR_IN6: 443 case SIOCSIFNETMASK_IN6: 444 case SIOCGIFDSTADDR_IN6: 445 case SIOCGIFNETMASK_IN6: 446 case SIOCDIFADDR_IN6: 447 case SIOCGIFPSRCADDR_IN6: 448 case SIOCGIFPDSTADDR_IN6: 449 case SIOCGIFAFLAG_IN6: 450 case SIOCSNDFLUSH_IN6: 451 case SIOCSPFXFLUSH_IN6: 452 case SIOCSRTRFLUSH_IN6: 453 case SIOCGIFALIFETIME_IN6: 454 case SIOCSIFALIFETIME_IN6: 455 case SIOCGIFSTAT_IN6: 456 case SIOCGIFSTAT_ICMP6: 457 sa6 = &ifr->ifr_addr; 458 break; 459 default: 460 sa6 = NULL; 461 break; 462 } 463 if (sa6 && sa6->sin6_family == AF_INET6) { 464 int error = 0; 465 466 if (sa6->sin6_scope_id != 0) 467 error = sa6_embedscope(sa6, 0); 468 else 469 error = in6_setscope(&sa6->sin6_addr, ifp, NULL); 470 if (error != 0) 471 return (error); 472 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr); 473 } else 474 ia = NULL; 475 476 switch (cmd) { 477 case SIOCSIFADDR_IN6: 478 case SIOCSIFDSTADDR_IN6: 479 case SIOCSIFNETMASK_IN6: 480 /* 481 * Since IPv6 allows a node to assign multiple addresses 482 * on a single interface, SIOCSIFxxx ioctls are deprecated. 483 */ 484 /* we decided to obsolete this command (20000704) */ 485 return (EINVAL); 486 487 case SIOCDIFADDR_IN6: 488 /* 489 * for IPv4, we look for existing in_ifaddr here to allow 490 * "ifconfig if0 delete" to remove the first IPv4 address on 491 * the interface. For IPv6, as the spec allows multiple 492 * interface address from the day one, we consider "remove the 493 * first one" semantics to be not preferable. 494 */ 495 if (ia == NULL) 496 return (EADDRNOTAVAIL); 497 /* FALLTHROUGH */ 498 case SIOCAIFADDR_IN6: 499 /* 500 * We always require users to specify a valid IPv6 address for 501 * the corresponding operation. 502 */ 503 if (ifra->ifra_addr.sin6_family != AF_INET6 || 504 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) 505 return (EAFNOSUPPORT); 506 507 /* 508 * XXXRW: Is this checked at another layer? What priv to use 509 * here? 510 */ 511 if (td != NULL) { 512 error = suser(td); 513 if (error) 514 return (error); 515 } 516 517 break; 518 519 case SIOCGIFADDR_IN6: 520 /* This interface is basically deprecated. use SIOCGIFCONF. */ 521 /* FALLTHROUGH */ 522 case SIOCGIFAFLAG_IN6: 523 case SIOCGIFNETMASK_IN6: 524 case SIOCGIFDSTADDR_IN6: 525 case SIOCGIFALIFETIME_IN6: 526 /* must think again about its semantics */ 527 if (ia == NULL) 528 return (EADDRNOTAVAIL); 529 break; 530 case SIOCSIFALIFETIME_IN6: 531 { 532 struct in6_addrlifetime *lt; 533 534 if (td != NULL) { 535 error = priv_check(td, PRIV_NETINET_ALIFETIME6); 536 if (error) 537 return (error); 538 } 539 if (ia == NULL) 540 return (EADDRNOTAVAIL); 541 /* sanity for overflow - beware unsigned */ 542 lt = &ifr->ifr_ifru.ifru_lifetime; 543 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME && 544 lt->ia6t_vltime + time_second < time_second) { 545 return EINVAL; 546 } 547 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME && 548 lt->ia6t_pltime + time_second < time_second) { 549 return EINVAL; 550 } 551 break; 552 } 553 } 554 555 switch (cmd) { 556 557 case SIOCGIFADDR_IN6: 558 ifr->ifr_addr = ia->ia_addr; 559 if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0) 560 return (error); 561 break; 562 563 case SIOCGIFDSTADDR_IN6: 564 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) 565 return (EINVAL); 566 /* 567 * XXX: should we check if ifa_dstaddr is NULL and return 568 * an error? 569 */ 570 ifr->ifr_dstaddr = ia->ia_dstaddr; 571 if ((error = sa6_recoverscope(&ifr->ifr_dstaddr)) != 0) 572 return (error); 573 break; 574 575 case SIOCGIFNETMASK_IN6: 576 ifr->ifr_addr = ia->ia_prefixmask; 577 break; 578 579 case SIOCGIFAFLAG_IN6: 580 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags; 581 break; 582 583 case SIOCGIFSTAT_IN6: 584 if (ifp == NULL) 585 return EINVAL; 586 bzero(&ifr->ifr_ifru.ifru_stat, 587 sizeof(ifr->ifr_ifru.ifru_stat)); 588 ifr->ifr_ifru.ifru_stat = 589 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat; 590 break; 591 592 case SIOCGIFSTAT_ICMP6: 593 if (ifp == NULL) 594 return EINVAL; 595 bzero(&ifr->ifr_ifru.ifru_icmp6stat, 596 sizeof(ifr->ifr_ifru.ifru_icmp6stat)); 597 ifr->ifr_ifru.ifru_icmp6stat = 598 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat; 599 break; 600 601 case SIOCGIFALIFETIME_IN6: 602 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime; 603 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 604 time_t maxexpire; 605 struct in6_addrlifetime *retlt = 606 &ifr->ifr_ifru.ifru_lifetime; 607 608 /* 609 * XXX: adjust expiration time assuming time_t is 610 * signed. 611 */ 612 maxexpire = (-1) & 613 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1)); 614 if (ia->ia6_lifetime.ia6t_vltime < 615 maxexpire - ia->ia6_updatetime) { 616 retlt->ia6t_expire = ia->ia6_updatetime + 617 ia->ia6_lifetime.ia6t_vltime; 618 } else 619 retlt->ia6t_expire = maxexpire; 620 } 621 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 622 time_t maxexpire; 623 struct in6_addrlifetime *retlt = 624 &ifr->ifr_ifru.ifru_lifetime; 625 626 /* 627 * XXX: adjust expiration time assuming time_t is 628 * signed. 629 */ 630 maxexpire = (-1) & 631 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1)); 632 if (ia->ia6_lifetime.ia6t_pltime < 633 maxexpire - ia->ia6_updatetime) { 634 retlt->ia6t_preferred = ia->ia6_updatetime + 635 ia->ia6_lifetime.ia6t_pltime; 636 } else 637 retlt->ia6t_preferred = maxexpire; 638 } 639 break; 640 641 case SIOCSIFALIFETIME_IN6: 642 ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime; 643 /* for sanity */ 644 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 645 ia->ia6_lifetime.ia6t_expire = 646 time_second + ia->ia6_lifetime.ia6t_vltime; 647 } else 648 ia->ia6_lifetime.ia6t_expire = 0; 649 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 650 ia->ia6_lifetime.ia6t_preferred = 651 time_second + ia->ia6_lifetime.ia6t_pltime; 652 } else 653 ia->ia6_lifetime.ia6t_preferred = 0; 654 break; 655 656 case SIOCAIFADDR_IN6: 657 { 658 int i, error = 0; 659 struct nd_prefixctl pr0; 660 struct nd_prefix *pr; 661 662 /* 663 * first, make or update the interface address structure, 664 * and link it to the list. 665 */ 666 if ((error = in6_update_ifa(ifp, ifra, ia, 0)) != 0) 667 return (error); 668 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr)) 669 == NULL) { 670 /* 671 * this can happen when the user specify the 0 valid 672 * lifetime. 673 */ 674 break; 675 } 676 677 /* 678 * then, make the prefix on-link on the interface. 679 * XXX: we'd rather create the prefix before the address, but 680 * we need at least one address to install the corresponding 681 * interface route, so we configure the address first. 682 */ 683 684 /* 685 * convert mask to prefix length (prefixmask has already 686 * been validated in in6_update_ifa(). 687 */ 688 bzero(&pr0, sizeof(pr0)); 689 pr0.ndpr_ifp = ifp; 690 pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 691 NULL); 692 if (pr0.ndpr_plen == 128) { 693 break; /* we don't need to install a host route. */ 694 } 695 pr0.ndpr_prefix = ifra->ifra_addr; 696 /* apply the mask for safety. */ 697 for (i = 0; i < 4; i++) { 698 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &= 699 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i]; 700 } 701 /* 702 * XXX: since we don't have an API to set prefix (not address) 703 * lifetimes, we just use the same lifetimes as addresses. 704 * The (temporarily) installed lifetimes can be overridden by 705 * later advertised RAs (when accept_rtadv is non 0), which is 706 * an intended behavior. 707 */ 708 pr0.ndpr_raf_onlink = 1; /* should be configurable? */ 709 pr0.ndpr_raf_auto = 710 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0); 711 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime; 712 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime; 713 714 /* add the prefix if not yet. */ 715 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) { 716 /* 717 * nd6_prelist_add will install the corresponding 718 * interface route. 719 */ 720 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) 721 return (error); 722 if (pr == NULL) { 723 log(LOG_ERR, "nd6_prelist_add succeeded but " 724 "no prefix\n"); 725 return (EINVAL); /* XXX panic here? */ 726 } 727 } 728 729 /* relate the address to the prefix */ 730 if (ia->ia6_ndpr == NULL) { 731 ia->ia6_ndpr = pr; 732 pr->ndpr_refcnt++; 733 734 /* 735 * If this is the first autoconf address from the 736 * prefix, create a temporary address as well 737 * (when required). 738 */ 739 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) && 740 ip6_use_tempaddr && pr->ndpr_refcnt == 1) { 741 int e; 742 if ((e = in6_tmpifadd(ia, 1, 0)) != 0) { 743 log(LOG_NOTICE, "in6_control: failed " 744 "to create a temporary address, " 745 "errno=%d\n", e); 746 } 747 } 748 } 749 750 /* 751 * this might affect the status of autoconfigured addresses, 752 * that is, this address might make other addresses detached. 753 */ 754 pfxlist_onlink_check(); 755 if (error == 0 && ia) 756 EVENTHANDLER_INVOKE(ifaddr_event, ifp); 757 break; 758 } 759 760 case SIOCDIFADDR_IN6: 761 { 762 struct nd_prefix *pr; 763 764 /* 765 * If the address being deleted is the only one that owns 766 * the corresponding prefix, expire the prefix as well. 767 * XXX: theoretically, we don't have to worry about such 768 * relationship, since we separate the address management 769 * and the prefix management. We do this, however, to provide 770 * as much backward compatibility as possible in terms of 771 * the ioctl operation. 772 * Note that in6_purgeaddr() will decrement ndpr_refcnt. 773 */ 774 pr = ia->ia6_ndpr; 775 in6_purgeaddr(&ia->ia_ifa); 776 if (pr && pr->ndpr_refcnt == 0) 777 prelist_remove(pr); 778 EVENTHANDLER_INVOKE(ifaddr_event, ifp); 779 break; 780 } 781 782 default: 783 if (ifp == NULL || ifp->if_ioctl == 0) 784 return (EOPNOTSUPP); 785 return ((*ifp->if_ioctl)(ifp, cmd, data)); 786 } 787 788 return (0); 789 } 790 791 /* 792 * Update parameters of an IPv6 interface address. 793 * If necessary, a new entry is created and linked into address chains. 794 * This function is separated from in6_control(). 795 * XXX: should this be performed under splnet()? 796 */ 797 int 798 in6_update_ifa(ifp, ifra, ia, flags) 799 struct ifnet *ifp; 800 struct in6_aliasreq *ifra; 801 struct in6_ifaddr *ia; 802 int flags; 803 { 804 int error = 0, hostIsNew = 0, plen = -1; 805 struct in6_ifaddr *oia; 806 struct sockaddr_in6 dst6; 807 struct in6_addrlifetime *lt; 808 struct in6_multi_mship *imm; 809 struct in6_multi *in6m_sol; 810 struct rtentry *rt; 811 int delay; 812 char ip6buf[INET6_ADDRSTRLEN]; 813 814 /* Validate parameters */ 815 if (ifp == NULL || ifra == NULL) /* this maybe redundant */ 816 return (EINVAL); 817 818 /* 819 * The destination address for a p2p link must have a family 820 * of AF_UNSPEC or AF_INET6. 821 */ 822 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && 823 ifra->ifra_dstaddr.sin6_family != AF_INET6 && 824 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC) 825 return (EAFNOSUPPORT); 826 /* 827 * validate ifra_prefixmask. don't check sin6_family, netmask 828 * does not carry fields other than sin6_len. 829 */ 830 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6)) 831 return (EINVAL); 832 /* 833 * Because the IPv6 address architecture is classless, we require 834 * users to specify a (non 0) prefix length (mask) for a new address. 835 * We also require the prefix (when specified) mask is valid, and thus 836 * reject a non-consecutive mask. 837 */ 838 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0) 839 return (EINVAL); 840 if (ifra->ifra_prefixmask.sin6_len != 0) { 841 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 842 (u_char *)&ifra->ifra_prefixmask + 843 ifra->ifra_prefixmask.sin6_len); 844 if (plen <= 0) 845 return (EINVAL); 846 } else { 847 /* 848 * In this case, ia must not be NULL. We just use its prefix 849 * length. 850 */ 851 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 852 } 853 /* 854 * If the destination address on a p2p interface is specified, 855 * and the address is a scoped one, validate/set the scope 856 * zone identifier. 857 */ 858 dst6 = ifra->ifra_dstaddr; 859 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 && 860 (dst6.sin6_family == AF_INET6)) { 861 struct in6_addr in6_tmp; 862 u_int32_t zoneid; 863 864 in6_tmp = dst6.sin6_addr; 865 if (in6_setscope(&in6_tmp, ifp, &zoneid)) 866 return (EINVAL); /* XXX: should be impossible */ 867 868 if (dst6.sin6_scope_id != 0) { 869 if (dst6.sin6_scope_id != zoneid) 870 return (EINVAL); 871 } else /* user omit to specify the ID. */ 872 dst6.sin6_scope_id = zoneid; 873 874 /* convert into the internal form */ 875 if (sa6_embedscope(&dst6, 0)) 876 return (EINVAL); /* XXX: should be impossible */ 877 } 878 /* 879 * The destination address can be specified only for a p2p or a 880 * loopback interface. If specified, the corresponding prefix length 881 * must be 128. 882 */ 883 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) { 884 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) { 885 /* XXX: noisy message */ 886 nd6log((LOG_INFO, "in6_update_ifa: a destination can " 887 "be specified for a p2p or a loopback IF only\n")); 888 return (EINVAL); 889 } 890 if (plen != 128) { 891 nd6log((LOG_INFO, "in6_update_ifa: prefixlen should " 892 "be 128 when dstaddr is specified\n")); 893 return (EINVAL); 894 } 895 } 896 /* lifetime consistency check */ 897 lt = &ifra->ifra_lifetime; 898 if (lt->ia6t_pltime > lt->ia6t_vltime) 899 return (EINVAL); 900 if (lt->ia6t_vltime == 0) { 901 /* 902 * the following log might be noisy, but this is a typical 903 * configuration mistake or a tool's bug. 904 */ 905 nd6log((LOG_INFO, 906 "in6_update_ifa: valid lifetime is 0 for %s\n", 907 ip6_sprintf(ip6buf, &ifra->ifra_addr.sin6_addr))); 908 909 if (ia == NULL) 910 return (0); /* there's nothing to do */ 911 } 912 913 /* 914 * If this is a new address, allocate a new ifaddr and link it 915 * into chains. 916 */ 917 if (ia == NULL) { 918 hostIsNew = 1; 919 /* 920 * When in6_update_ifa() is called in a process of a received 921 * RA, it is called under an interrupt context. So, we should 922 * call malloc with M_NOWAIT. 923 */ 924 ia = (struct in6_ifaddr *) malloc(sizeof(*ia), M_IFADDR, 925 M_NOWAIT); 926 if (ia == NULL) 927 return (ENOBUFS); 928 bzero((caddr_t)ia, sizeof(*ia)); 929 /* Initialize the address and masks, and put time stamp */ 930 IFA_LOCK_INIT(&ia->ia_ifa); 931 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr; 932 ia->ia_addr.sin6_family = AF_INET6; 933 ia->ia_addr.sin6_len = sizeof(ia->ia_addr); 934 ia->ia6_createtime = time_second; 935 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) { 936 /* 937 * XXX: some functions expect that ifa_dstaddr is not 938 * NULL for p2p interfaces. 939 */ 940 ia->ia_ifa.ifa_dstaddr = 941 (struct sockaddr *)&ia->ia_dstaddr; 942 } else { 943 ia->ia_ifa.ifa_dstaddr = NULL; 944 } 945 ia->ia_ifa.ifa_netmask = (struct sockaddr *)&ia->ia_prefixmask; 946 947 ia->ia_ifp = ifp; 948 if ((oia = in6_ifaddr) != NULL) { 949 for ( ; oia->ia_next; oia = oia->ia_next) 950 continue; 951 oia->ia_next = ia; 952 } else 953 in6_ifaddr = ia; 954 955 ia->ia_ifa.ifa_refcnt = 1; 956 TAILQ_INSERT_TAIL(&ifp->if_addrlist, &ia->ia_ifa, ifa_list); 957 } 958 959 /* update timestamp */ 960 ia->ia6_updatetime = time_second; 961 962 /* set prefix mask */ 963 if (ifra->ifra_prefixmask.sin6_len) { 964 /* 965 * We prohibit changing the prefix length of an existing 966 * address, because 967 * + such an operation should be rare in IPv6, and 968 * + the operation would confuse prefix management. 969 */ 970 if (ia->ia_prefixmask.sin6_len && 971 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) { 972 nd6log((LOG_INFO, "in6_update_ifa: the prefix length of an" 973 " existing (%s) address should not be changed\n", 974 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr))); 975 error = EINVAL; 976 goto unlink; 977 } 978 ia->ia_prefixmask = ifra->ifra_prefixmask; 979 } 980 981 /* 982 * If a new destination address is specified, scrub the old one and 983 * install the new destination. Note that the interface must be 984 * p2p or loopback (see the check above.) 985 */ 986 if (dst6.sin6_family == AF_INET6 && 987 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, &ia->ia_dstaddr.sin6_addr)) { 988 int e; 989 990 if ((ia->ia_flags & IFA_ROUTE) != 0 && 991 (e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) != 0) { 992 nd6log((LOG_ERR, "in6_update_ifa: failed to remove " 993 "a route to the old destination: %s\n", 994 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr))); 995 /* proceed anyway... */ 996 } else 997 ia->ia_flags &= ~IFA_ROUTE; 998 ia->ia_dstaddr = dst6; 999 } 1000 1001 /* 1002 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred 1003 * to see if the address is deprecated or invalidated, but initialize 1004 * these members for applications. 1005 */ 1006 ia->ia6_lifetime = ifra->ifra_lifetime; 1007 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 1008 ia->ia6_lifetime.ia6t_expire = 1009 time_second + ia->ia6_lifetime.ia6t_vltime; 1010 } else 1011 ia->ia6_lifetime.ia6t_expire = 0; 1012 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 1013 ia->ia6_lifetime.ia6t_preferred = 1014 time_second + ia->ia6_lifetime.ia6t_pltime; 1015 } else 1016 ia->ia6_lifetime.ia6t_preferred = 0; 1017 1018 /* reset the interface and routing table appropriately. */ 1019 if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0) 1020 goto unlink; 1021 1022 /* 1023 * configure address flags. 1024 */ 1025 ia->ia6_flags = ifra->ifra_flags; 1026 /* 1027 * backward compatibility - if IN6_IFF_DEPRECATED is set from the 1028 * userland, make it deprecated. 1029 */ 1030 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) { 1031 ia->ia6_lifetime.ia6t_pltime = 0; 1032 ia->ia6_lifetime.ia6t_preferred = time_second; 1033 } 1034 /* 1035 * Make the address tentative before joining multicast addresses, 1036 * so that corresponding MLD responses would not have a tentative 1037 * source address. 1038 */ 1039 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */ 1040 if (hostIsNew && in6if_do_dad(ifp)) 1041 ia->ia6_flags |= IN6_IFF_TENTATIVE; 1042 1043 /* 1044 * We are done if we have simply modified an existing address. 1045 */ 1046 if (!hostIsNew) 1047 return (error); 1048 1049 /* 1050 * Beyond this point, we should call in6_purgeaddr upon an error, 1051 * not just go to unlink. 1052 */ 1053 1054 /* Join necessary multicast groups */ 1055 in6m_sol = NULL; 1056 if ((ifp->if_flags & IFF_MULTICAST) != 0) { 1057 struct sockaddr_in6 mltaddr, mltmask; 1058 struct in6_addr llsol; 1059 1060 /* join solicited multicast addr for new host id */ 1061 bzero(&llsol, sizeof(struct in6_addr)); 1062 llsol.s6_addr32[0] = IPV6_ADDR_INT32_MLL; 1063 llsol.s6_addr32[1] = 0; 1064 llsol.s6_addr32[2] = htonl(1); 1065 llsol.s6_addr32[3] = ifra->ifra_addr.sin6_addr.s6_addr32[3]; 1066 llsol.s6_addr8[12] = 0xff; 1067 if ((error = in6_setscope(&llsol, ifp, NULL)) != 0) { 1068 /* XXX: should not happen */ 1069 log(LOG_ERR, "in6_update_ifa: " 1070 "in6_setscope failed\n"); 1071 goto cleanup; 1072 } 1073 delay = 0; 1074 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1075 /* 1076 * We need a random delay for DAD on the address 1077 * being configured. It also means delaying 1078 * transmission of the corresponding MLD report to 1079 * avoid report collision. 1080 * [draft-ietf-ipv6-rfc2462bis-02.txt] 1081 */ 1082 delay = arc4random() % 1083 (MAX_RTR_SOLICITATION_DELAY * hz); 1084 } 1085 imm = in6_joingroup(ifp, &llsol, &error, delay); 1086 if (error != 0) { 1087 nd6log((LOG_WARNING, 1088 "in6_update_ifa: addmulti failed for " 1089 "%s on %s (errno=%d)\n", 1090 ip6_sprintf(ip6buf, &llsol), if_name(ifp), 1091 error)); 1092 in6_purgeaddr((struct ifaddr *)ia); 1093 return (error); 1094 } 1095 in6m_sol = imm->i6mm_maddr; 1096 1097 bzero(&mltmask, sizeof(mltmask)); 1098 mltmask.sin6_len = sizeof(struct sockaddr_in6); 1099 mltmask.sin6_family = AF_INET6; 1100 mltmask.sin6_addr = in6mask32; 1101 #define MLTMASK_LEN 4 /* mltmask's masklen (=32bit=4octet) */ 1102 1103 /* 1104 * join link-local all-nodes address 1105 */ 1106 bzero(&mltaddr, sizeof(mltaddr)); 1107 mltaddr.sin6_len = sizeof(struct sockaddr_in6); 1108 mltaddr.sin6_family = AF_INET6; 1109 mltaddr.sin6_addr = in6addr_linklocal_allnodes; 1110 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 1111 0) 1112 goto cleanup; /* XXX: should not fail */ 1113 1114 /* 1115 * XXX: do we really need this automatic routes? 1116 * We should probably reconsider this stuff. Most applications 1117 * actually do not need the routes, since they usually specify 1118 * the outgoing interface. 1119 */ 1120 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 1121 if (rt) { 1122 if (memcmp(&mltaddr.sin6_addr, 1123 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 1124 MLTMASK_LEN)) { 1125 RTFREE_LOCKED(rt); 1126 rt = NULL; 1127 } 1128 } 1129 if (!rt) { 1130 /* XXX: we need RTF_CLONING to fake nd6_rtrequest */ 1131 error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr, 1132 (struct sockaddr *)&ia->ia_addr, 1133 (struct sockaddr *)&mltmask, RTF_UP | RTF_CLONING, 1134 (struct rtentry **)0); 1135 if (error) 1136 goto cleanup; 1137 } else 1138 RTFREE_LOCKED(rt); 1139 1140 /* 1141 * XXX: do we really need this automatic routes? 1142 * We should probably reconsider this stuff. Most applications 1143 * actually do not need the routes, since they usually specify 1144 * the outgoing interface. 1145 */ 1146 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 1147 if (rt) { 1148 /* XXX: only works in !SCOPEDROUTING case. */ 1149 if (memcmp(&mltaddr.sin6_addr, 1150 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 1151 MLTMASK_LEN)) { 1152 RTFREE_LOCKED(rt); 1153 rt = NULL; 1154 } 1155 } 1156 if (!rt) { 1157 error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr, 1158 (struct sockaddr *)&ia->ia_addr, 1159 (struct sockaddr *)&mltmask, RTF_UP | RTF_CLONING, 1160 (struct rtentry **)0); 1161 if (error) 1162 goto cleanup; 1163 } else { 1164 RTFREE_LOCKED(rt); 1165 } 1166 1167 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0); 1168 if (!imm) { 1169 nd6log((LOG_WARNING, 1170 "in6_update_ifa: addmulti failed for " 1171 "%s on %s (errno=%d)\n", 1172 ip6_sprintf(ip6buf, &mltaddr.sin6_addr), 1173 if_name(ifp), error)); 1174 goto cleanup; 1175 } 1176 1177 /* 1178 * join node information group address 1179 */ 1180 #define hostnamelen strlen(hostname) 1181 delay = 0; 1182 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1183 /* 1184 * The spec doesn't say anything about delay for this 1185 * group, but the same logic should apply. 1186 */ 1187 delay = arc4random() % 1188 (MAX_RTR_SOLICITATION_DELAY * hz); 1189 } 1190 if (in6_nigroup(ifp, hostname, hostnamelen, &mltaddr.sin6_addr) 1191 == 0) { 1192 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 1193 delay); /* XXX jinmei */ 1194 if (!imm) { 1195 nd6log((LOG_WARNING, "in6_update_ifa: " 1196 "addmulti failed for %s on %s " 1197 "(errno=%d)\n", 1198 ip6_sprintf(ip6buf, &mltaddr.sin6_addr), 1199 if_name(ifp), error)); 1200 /* XXX not very fatal, go on... */ 1201 } 1202 } 1203 #undef hostnamelen 1204 1205 /* 1206 * join interface-local all-nodes address. 1207 * (ff01::1%ifN, and ff01::%ifN/32) 1208 */ 1209 mltaddr.sin6_addr = in6addr_nodelocal_allnodes; 1210 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) 1211 != 0) 1212 goto cleanup; /* XXX: should not fail */ 1213 /* XXX: again, do we really need the route? */ 1214 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 1215 if (rt) { 1216 if (memcmp(&mltaddr.sin6_addr, 1217 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 1218 MLTMASK_LEN)) { 1219 RTFREE_LOCKED(rt); 1220 rt = NULL; 1221 } 1222 } 1223 if (!rt) { 1224 error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr, 1225 (struct sockaddr *)&ia->ia_addr, 1226 (struct sockaddr *)&mltmask, RTF_UP | RTF_CLONING, 1227 (struct rtentry **)0); 1228 if (error) 1229 goto cleanup; 1230 } else 1231 RTFREE_LOCKED(rt); 1232 1233 /* XXX: again, do we really need the route? */ 1234 rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL); 1235 if (rt) { 1236 if (memcmp(&mltaddr.sin6_addr, 1237 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 1238 MLTMASK_LEN)) { 1239 RTFREE_LOCKED(rt); 1240 rt = NULL; 1241 } 1242 } 1243 if (!rt) { 1244 error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr, 1245 (struct sockaddr *)&ia->ia_addr, 1246 (struct sockaddr *)&mltmask, RTF_UP | RTF_CLONING, 1247 (struct rtentry **)0); 1248 if (error) 1249 goto cleanup; 1250 } else { 1251 RTFREE_LOCKED(rt); 1252 } 1253 1254 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0); 1255 if (!imm) { 1256 nd6log((LOG_WARNING, "in6_update_ifa: " 1257 "addmulti failed for %s on %s " 1258 "(errno=%d)\n", 1259 ip6_sprintf(ip6buf, &mltaddr.sin6_addr), 1260 if_name(ifp), error)); 1261 goto cleanup; 1262 } 1263 #undef MLTMASK_LEN 1264 } 1265 1266 /* 1267 * Perform DAD, if needed. 1268 * XXX It may be of use, if we can administratively 1269 * disable DAD. 1270 */ 1271 if (hostIsNew && in6if_do_dad(ifp) && 1272 ((ifra->ifra_flags & IN6_IFF_NODAD) == 0) && 1273 (ia->ia6_flags & IN6_IFF_TENTATIVE)) 1274 { 1275 int mindelay, maxdelay; 1276 1277 delay = 0; 1278 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1279 /* 1280 * We need to impose a delay before sending an NS 1281 * for DAD. Check if we also needed a delay for the 1282 * corresponding MLD message. If we did, the delay 1283 * should be larger than the MLD delay (this could be 1284 * relaxed a bit, but this simple logic is at least 1285 * safe). 1286 */ 1287 mindelay = 0; 1288 if (in6m_sol != NULL && 1289 in6m_sol->in6m_state == MLD_REPORTPENDING) { 1290 mindelay = in6m_sol->in6m_timer; 1291 } 1292 maxdelay = MAX_RTR_SOLICITATION_DELAY * hz; 1293 if (maxdelay - mindelay == 0) 1294 delay = 0; 1295 else { 1296 delay = 1297 (arc4random() % (maxdelay - mindelay)) + 1298 mindelay; 1299 } 1300 } 1301 nd6_dad_start((struct ifaddr *)ia, delay); 1302 } 1303 1304 return (error); 1305 1306 unlink: 1307 /* 1308 * XXX: if a change of an existing address failed, keep the entry 1309 * anyway. 1310 */ 1311 if (hostIsNew) 1312 in6_unlink_ifa(ia, ifp); 1313 return (error); 1314 1315 cleanup: 1316 in6_purgeaddr(&ia->ia_ifa); 1317 return error; 1318 } 1319 1320 void 1321 in6_purgeaddr(ifa) 1322 struct ifaddr *ifa; 1323 { 1324 struct ifnet *ifp = ifa->ifa_ifp; 1325 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa; 1326 char ip6buf[INET6_ADDRSTRLEN]; 1327 1328 /* stop DAD processing */ 1329 nd6_dad_stop(ifa); 1330 1331 /* 1332 * delete route to the destination of the address being purged. 1333 * The interface must be p2p or loopback in this case. 1334 */ 1335 if ((ia->ia_flags & IFA_ROUTE) != 0 && ia->ia_dstaddr.sin6_len != 0) { 1336 int e; 1337 1338 if ((e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) 1339 != 0) { 1340 log(LOG_ERR, "in6_purgeaddr: failed to remove " 1341 "a route to the p2p destination: %s on %s, " 1342 "errno=%d\n", 1343 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr), 1344 if_name(ifp), e); 1345 /* proceed anyway... */ 1346 } else 1347 ia->ia_flags &= ~IFA_ROUTE; 1348 } 1349 1350 /* Remove ownaddr's loopback rtentry, if it exists. */ 1351 in6_ifremloop(&(ia->ia_ifa)); 1352 1353 if (ifp->if_flags & IFF_MULTICAST) { 1354 /* 1355 * delete solicited multicast addr for deleting host id 1356 */ 1357 struct in6_multi *in6m; 1358 struct in6_addr llsol; 1359 bzero(&llsol, sizeof(struct in6_addr)); 1360 llsol.s6_addr32[0] = IPV6_ADDR_INT32_MLL; 1361 llsol.s6_addr32[1] = 0; 1362 llsol.s6_addr32[2] = htonl(1); 1363 llsol.s6_addr32[3] = 1364 ia->ia_addr.sin6_addr.s6_addr32[3]; 1365 llsol.s6_addr8[12] = 0xff; 1366 (void)in6_setscope(&llsol, ifp, NULL); /* XXX proceed anyway */ 1367 1368 IN6_LOOKUP_MULTI(llsol, ifp, in6m); 1369 if (in6m) 1370 in6_delmulti(in6m); 1371 } 1372 1373 in6_unlink_ifa(ia, ifp); 1374 } 1375 1376 static void 1377 in6_unlink_ifa(ia, ifp) 1378 struct in6_ifaddr *ia; 1379 struct ifnet *ifp; 1380 { 1381 struct in6_ifaddr *oia; 1382 int s = splnet(); 1383 1384 TAILQ_REMOVE(&ifp->if_addrlist, &ia->ia_ifa, ifa_list); 1385 1386 oia = ia; 1387 if (oia == (ia = in6_ifaddr)) 1388 in6_ifaddr = ia->ia_next; 1389 else { 1390 while (ia->ia_next && (ia->ia_next != oia)) 1391 ia = ia->ia_next; 1392 if (ia->ia_next) 1393 ia->ia_next = oia->ia_next; 1394 else { 1395 /* search failed */ 1396 printf("Couldn't unlink in6_ifaddr from in6_ifaddr\n"); 1397 } 1398 } 1399 1400 /* 1401 * Release the reference to the base prefix. There should be a 1402 * positive reference. 1403 */ 1404 if (oia->ia6_ndpr == NULL) { 1405 nd6log((LOG_NOTICE, 1406 "in6_unlink_ifa: autoconf'ed address " 1407 "%p has no prefix\n", oia)); 1408 } else { 1409 oia->ia6_ndpr->ndpr_refcnt--; 1410 oia->ia6_ndpr = NULL; 1411 } 1412 1413 /* 1414 * Also, if the address being removed is autoconf'ed, call 1415 * pfxlist_onlink_check() since the release might affect the status of 1416 * other (detached) addresses. 1417 */ 1418 if ((oia->ia6_flags & IN6_IFF_AUTOCONF)) { 1419 pfxlist_onlink_check(); 1420 } 1421 1422 /* 1423 * release another refcnt for the link from in6_ifaddr. 1424 * Note that we should decrement the refcnt at least once for all *BSD. 1425 */ 1426 IFAFREE(&oia->ia_ifa); 1427 1428 splx(s); 1429 } 1430 1431 void 1432 in6_purgeif(ifp) 1433 struct ifnet *ifp; 1434 { 1435 struct ifaddr *ifa, *nifa; 1436 1437 for (ifa = TAILQ_FIRST(&ifp->if_addrlist); ifa != NULL; ifa = nifa) { 1438 nifa = TAILQ_NEXT(ifa, ifa_list); 1439 if (ifa->ifa_addr->sa_family != AF_INET6) 1440 continue; 1441 in6_purgeaddr(ifa); 1442 } 1443 1444 in6_ifdetach(ifp); 1445 } 1446 1447 /* 1448 * SIOC[GAD]LIFADDR. 1449 * SIOCGLIFADDR: get first address. (?) 1450 * SIOCGLIFADDR with IFLR_PREFIX: 1451 * get first address that matches the specified prefix. 1452 * SIOCALIFADDR: add the specified address. 1453 * SIOCALIFADDR with IFLR_PREFIX: 1454 * add the specified prefix, filling hostid part from 1455 * the first link-local address. prefixlen must be <= 64. 1456 * SIOCDLIFADDR: delete the specified address. 1457 * SIOCDLIFADDR with IFLR_PREFIX: 1458 * delete the first address that matches the specified prefix. 1459 * return values: 1460 * EINVAL on invalid parameters 1461 * EADDRNOTAVAIL on prefix match failed/specified address not found 1462 * other values may be returned from in6_ioctl() 1463 * 1464 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64. 1465 * this is to accomodate address naming scheme other than RFC2374, 1466 * in the future. 1467 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374 1468 * address encoding scheme. (see figure on page 8) 1469 */ 1470 static int 1471 in6_lifaddr_ioctl(so, cmd, data, ifp, td) 1472 struct socket *so; 1473 u_long cmd; 1474 caddr_t data; 1475 struct ifnet *ifp; 1476 struct thread *td; 1477 { 1478 struct if_laddrreq *iflr = (struct if_laddrreq *)data; 1479 struct ifaddr *ifa; 1480 struct sockaddr *sa; 1481 1482 /* sanity checks */ 1483 if (!data || !ifp) { 1484 panic("invalid argument to in6_lifaddr_ioctl"); 1485 /* NOTREACHED */ 1486 } 1487 1488 switch (cmd) { 1489 case SIOCGLIFADDR: 1490 /* address must be specified on GET with IFLR_PREFIX */ 1491 if ((iflr->flags & IFLR_PREFIX) == 0) 1492 break; 1493 /* FALLTHROUGH */ 1494 case SIOCALIFADDR: 1495 case SIOCDLIFADDR: 1496 /* address must be specified on ADD and DELETE */ 1497 sa = (struct sockaddr *)&iflr->addr; 1498 if (sa->sa_family != AF_INET6) 1499 return EINVAL; 1500 if (sa->sa_len != sizeof(struct sockaddr_in6)) 1501 return EINVAL; 1502 /* XXX need improvement */ 1503 sa = (struct sockaddr *)&iflr->dstaddr; 1504 if (sa->sa_family && sa->sa_family != AF_INET6) 1505 return EINVAL; 1506 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6)) 1507 return EINVAL; 1508 break; 1509 default: /* shouldn't happen */ 1510 #if 0 1511 panic("invalid cmd to in6_lifaddr_ioctl"); 1512 /* NOTREACHED */ 1513 #else 1514 return EOPNOTSUPP; 1515 #endif 1516 } 1517 if (sizeof(struct in6_addr) * 8 < iflr->prefixlen) 1518 return EINVAL; 1519 1520 switch (cmd) { 1521 case SIOCALIFADDR: 1522 { 1523 struct in6_aliasreq ifra; 1524 struct in6_addr *hostid = NULL; 1525 int prefixlen; 1526 1527 if ((iflr->flags & IFLR_PREFIX) != 0) { 1528 struct sockaddr_in6 *sin6; 1529 1530 /* 1531 * hostid is to fill in the hostid part of the 1532 * address. hostid points to the first link-local 1533 * address attached to the interface. 1534 */ 1535 ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 0); 1536 if (!ifa) 1537 return EADDRNOTAVAIL; 1538 hostid = IFA_IN6(ifa); 1539 1540 /* prefixlen must be <= 64. */ 1541 if (64 < iflr->prefixlen) 1542 return EINVAL; 1543 prefixlen = iflr->prefixlen; 1544 1545 /* hostid part must be zero. */ 1546 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1547 if (sin6->sin6_addr.s6_addr32[2] != 0 || 1548 sin6->sin6_addr.s6_addr32[3] != 0) { 1549 return EINVAL; 1550 } 1551 } else 1552 prefixlen = iflr->prefixlen; 1553 1554 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */ 1555 bzero(&ifra, sizeof(ifra)); 1556 bcopy(iflr->iflr_name, ifra.ifra_name, sizeof(ifra.ifra_name)); 1557 1558 bcopy(&iflr->addr, &ifra.ifra_addr, 1559 ((struct sockaddr *)&iflr->addr)->sa_len); 1560 if (hostid) { 1561 /* fill in hostid part */ 1562 ifra.ifra_addr.sin6_addr.s6_addr32[2] = 1563 hostid->s6_addr32[2]; 1564 ifra.ifra_addr.sin6_addr.s6_addr32[3] = 1565 hostid->s6_addr32[3]; 1566 } 1567 1568 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /* XXX */ 1569 bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr, 1570 ((struct sockaddr *)&iflr->dstaddr)->sa_len); 1571 if (hostid) { 1572 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] = 1573 hostid->s6_addr32[2]; 1574 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] = 1575 hostid->s6_addr32[3]; 1576 } 1577 } 1578 1579 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6); 1580 in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen); 1581 1582 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX; 1583 return in6_control(so, SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp, td); 1584 } 1585 case SIOCGLIFADDR: 1586 case SIOCDLIFADDR: 1587 { 1588 struct in6_ifaddr *ia; 1589 struct in6_addr mask, candidate, match; 1590 struct sockaddr_in6 *sin6; 1591 int cmp; 1592 1593 bzero(&mask, sizeof(mask)); 1594 if (iflr->flags & IFLR_PREFIX) { 1595 /* lookup a prefix rather than address. */ 1596 in6_prefixlen2mask(&mask, iflr->prefixlen); 1597 1598 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1599 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1600 match.s6_addr32[0] &= mask.s6_addr32[0]; 1601 match.s6_addr32[1] &= mask.s6_addr32[1]; 1602 match.s6_addr32[2] &= mask.s6_addr32[2]; 1603 match.s6_addr32[3] &= mask.s6_addr32[3]; 1604 1605 /* if you set extra bits, that's wrong */ 1606 if (bcmp(&match, &sin6->sin6_addr, sizeof(match))) 1607 return EINVAL; 1608 1609 cmp = 1; 1610 } else { 1611 if (cmd == SIOCGLIFADDR) { 1612 /* on getting an address, take the 1st match */ 1613 cmp = 0; /* XXX */ 1614 } else { 1615 /* on deleting an address, do exact match */ 1616 in6_prefixlen2mask(&mask, 128); 1617 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1618 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1619 1620 cmp = 1; 1621 } 1622 } 1623 1624 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 1625 if (ifa->ifa_addr->sa_family != AF_INET6) 1626 continue; 1627 if (!cmp) 1628 break; 1629 1630 /* 1631 * XXX: this is adhoc, but is necessary to allow 1632 * a user to specify fe80::/64 (not /10) for a 1633 * link-local address. 1634 */ 1635 bcopy(IFA_IN6(ifa), &candidate, sizeof(candidate)); 1636 in6_clearscope(&candidate); 1637 candidate.s6_addr32[0] &= mask.s6_addr32[0]; 1638 candidate.s6_addr32[1] &= mask.s6_addr32[1]; 1639 candidate.s6_addr32[2] &= mask.s6_addr32[2]; 1640 candidate.s6_addr32[3] &= mask.s6_addr32[3]; 1641 if (IN6_ARE_ADDR_EQUAL(&candidate, &match)) 1642 break; 1643 } 1644 if (!ifa) 1645 return EADDRNOTAVAIL; 1646 ia = ifa2ia6(ifa); 1647 1648 if (cmd == SIOCGLIFADDR) { 1649 int error; 1650 1651 /* fill in the if_laddrreq structure */ 1652 bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin6_len); 1653 error = sa6_recoverscope( 1654 (struct sockaddr_in6 *)&iflr->addr); 1655 if (error != 0) 1656 return (error); 1657 1658 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1659 bcopy(&ia->ia_dstaddr, &iflr->dstaddr, 1660 ia->ia_dstaddr.sin6_len); 1661 error = sa6_recoverscope( 1662 (struct sockaddr_in6 *)&iflr->dstaddr); 1663 if (error != 0) 1664 return (error); 1665 } else 1666 bzero(&iflr->dstaddr, sizeof(iflr->dstaddr)); 1667 1668 iflr->prefixlen = 1669 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 1670 1671 iflr->flags = ia->ia6_flags; /* XXX */ 1672 1673 return 0; 1674 } else { 1675 struct in6_aliasreq ifra; 1676 1677 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */ 1678 bzero(&ifra, sizeof(ifra)); 1679 bcopy(iflr->iflr_name, ifra.ifra_name, 1680 sizeof(ifra.ifra_name)); 1681 1682 bcopy(&ia->ia_addr, &ifra.ifra_addr, 1683 ia->ia_addr.sin6_len); 1684 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1685 bcopy(&ia->ia_dstaddr, &ifra.ifra_dstaddr, 1686 ia->ia_dstaddr.sin6_len); 1687 } else { 1688 bzero(&ifra.ifra_dstaddr, 1689 sizeof(ifra.ifra_dstaddr)); 1690 } 1691 bcopy(&ia->ia_prefixmask, &ifra.ifra_dstaddr, 1692 ia->ia_prefixmask.sin6_len); 1693 1694 ifra.ifra_flags = ia->ia6_flags; 1695 return in6_control(so, SIOCDIFADDR_IN6, (caddr_t)&ifra, 1696 ifp, td); 1697 } 1698 } 1699 } 1700 1701 return EOPNOTSUPP; /* just for safety */ 1702 } 1703 1704 /* 1705 * Initialize an interface's intetnet6 address 1706 * and routing table entry. 1707 */ 1708 static int 1709 in6_ifinit(ifp, ia, sin6, newhost) 1710 struct ifnet *ifp; 1711 struct in6_ifaddr *ia; 1712 struct sockaddr_in6 *sin6; 1713 int newhost; 1714 { 1715 int error = 0, plen, ifacount = 0; 1716 int s = splimp(); 1717 struct ifaddr *ifa; 1718 1719 /* 1720 * Give the interface a chance to initialize 1721 * if this is its first address, 1722 * and to validate the address if necessary. 1723 */ 1724 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 1725 if (ifa->ifa_addr->sa_family != AF_INET6) 1726 continue; 1727 ifacount++; 1728 } 1729 1730 ia->ia_addr = *sin6; 1731 1732 if (ifacount <= 1 && ifp->if_ioctl) { 1733 IFF_LOCKGIANT(ifp); 1734 error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia); 1735 IFF_UNLOCKGIANT(ifp); 1736 if (error) { 1737 splx(s); 1738 return (error); 1739 } 1740 } 1741 splx(s); 1742 1743 ia->ia_ifa.ifa_metric = ifp->if_metric; 1744 1745 /* we could do in(6)_socktrim here, but just omit it at this moment. */ 1746 1747 if (newhost) { 1748 /* 1749 * set the rtrequest function to create llinfo. It also 1750 * adjust outgoing interface of the route for the local 1751 * address when called via in6_ifaddloop() below. 1752 */ 1753 ia->ia_ifa.ifa_rtrequest = nd6_rtrequest; 1754 } 1755 1756 /* 1757 * Special case: 1758 * If a new destination address is specified for a point-to-point 1759 * interface, install a route to the destination as an interface 1760 * direct route. In addition, if the link is expected to have neighbor 1761 * cache entries, specify RTF_LLINFO so that a cache entry for the 1762 * destination address will be created. 1763 * created 1764 * XXX: the logic below rejects assigning multiple addresses on a p2p 1765 * interface that share the same destination. 1766 */ 1767 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ 1768 if (!(ia->ia_flags & IFA_ROUTE) && plen == 128 && 1769 ia->ia_dstaddr.sin6_family == AF_INET6) { 1770 int rtflags = RTF_UP | RTF_HOST; 1771 struct rtentry *rt = NULL, **rtp = NULL; 1772 1773 if (nd6_need_cache(ifp) != 0) { 1774 rtflags |= RTF_LLINFO; 1775 rtp = &rt; 1776 } 1777 1778 error = rtrequest(RTM_ADD, (struct sockaddr *)&ia->ia_dstaddr, 1779 (struct sockaddr *)&ia->ia_addr, 1780 (struct sockaddr *)&ia->ia_prefixmask, 1781 ia->ia_flags | rtflags, rtp); 1782 if (error != 0) 1783 return (error); 1784 if (rt != NULL) { 1785 struct llinfo_nd6 *ln; 1786 1787 RT_LOCK(rt); 1788 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 1789 if (ln != NULL) { 1790 /* 1791 * Set the state to STALE because we don't 1792 * have to perform address resolution on this 1793 * link. 1794 */ 1795 ln->ln_state = ND6_LLINFO_STALE; 1796 } 1797 RT_REMREF(rt); 1798 RT_UNLOCK(rt); 1799 } 1800 ia->ia_flags |= IFA_ROUTE; 1801 } 1802 if (plen < 128) { 1803 /* 1804 * The RTF_CLONING flag is necessary for in6_is_ifloop_auto(). 1805 */ 1806 ia->ia_ifa.ifa_flags |= RTF_CLONING; 1807 } 1808 1809 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */ 1810 if (newhost) 1811 in6_ifaddloop(&(ia->ia_ifa)); 1812 1813 return (error); 1814 } 1815 1816 struct in6_multi_mship * 1817 in6_joingroup(ifp, addr, errorp, delay) 1818 struct ifnet *ifp; 1819 struct in6_addr *addr; 1820 int *errorp; 1821 int delay; 1822 { 1823 struct in6_multi_mship *imm; 1824 1825 imm = malloc(sizeof(*imm), M_IP6MADDR, M_NOWAIT); 1826 if (!imm) { 1827 *errorp = ENOBUFS; 1828 return NULL; 1829 } 1830 imm->i6mm_maddr = in6_addmulti(addr, ifp, errorp, delay); 1831 if (!imm->i6mm_maddr) { 1832 /* *errorp is alrady set */ 1833 free(imm, M_IP6MADDR); 1834 return NULL; 1835 } 1836 return imm; 1837 } 1838 1839 int 1840 in6_leavegroup(imm) 1841 struct in6_multi_mship *imm; 1842 { 1843 1844 if (imm->i6mm_maddr) 1845 in6_delmulti(imm->i6mm_maddr); 1846 free(imm, M_IP6MADDR); 1847 return 0; 1848 } 1849 1850 /* 1851 * Find an IPv6 interface link-local address specific to an interface. 1852 */ 1853 struct in6_ifaddr * 1854 in6ifa_ifpforlinklocal(ifp, ignoreflags) 1855 struct ifnet *ifp; 1856 int ignoreflags; 1857 { 1858 struct ifaddr *ifa; 1859 1860 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 1861 if (ifa->ifa_addr->sa_family != AF_INET6) 1862 continue; 1863 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) { 1864 if ((((struct in6_ifaddr *)ifa)->ia6_flags & 1865 ignoreflags) != 0) 1866 continue; 1867 break; 1868 } 1869 } 1870 1871 return ((struct in6_ifaddr *)ifa); 1872 } 1873 1874 1875 /* 1876 * find the internet address corresponding to a given interface and address. 1877 */ 1878 struct in6_ifaddr * 1879 in6ifa_ifpwithaddr(ifp, addr) 1880 struct ifnet *ifp; 1881 struct in6_addr *addr; 1882 { 1883 struct ifaddr *ifa; 1884 1885 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 1886 if (ifa->ifa_addr->sa_family != AF_INET6) 1887 continue; 1888 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) 1889 break; 1890 } 1891 1892 return ((struct in6_ifaddr *)ifa); 1893 } 1894 1895 /* 1896 * Convert IP6 address to printable (loggable) representation. Caller 1897 * has to make sure that ip6buf is at least INET6_ADDRSTRLEN long. 1898 */ 1899 static char digits[] = "0123456789abcdef"; 1900 char * 1901 ip6_sprintf(char *ip6buf, const struct in6_addr *addr) 1902 { 1903 int i; 1904 char *cp; 1905 const u_int16_t *a = (const u_int16_t *)addr; 1906 const u_int8_t *d; 1907 int dcolon = 0, zero = 0; 1908 1909 cp = ip6buf; 1910 1911 for (i = 0; i < 8; i++) { 1912 if (dcolon == 1) { 1913 if (*a == 0) { 1914 if (i == 7) 1915 *cp++ = ':'; 1916 a++; 1917 continue; 1918 } else 1919 dcolon = 2; 1920 } 1921 if (*a == 0) { 1922 if (dcolon == 0 && *(a + 1) == 0) { 1923 if (i == 0) 1924 *cp++ = ':'; 1925 *cp++ = ':'; 1926 dcolon = 1; 1927 } else { 1928 *cp++ = '0'; 1929 *cp++ = ':'; 1930 } 1931 a++; 1932 continue; 1933 } 1934 d = (const u_char *)a; 1935 /* Try to eliminate leading zeros in printout like in :0001. */ 1936 zero = 1; 1937 *cp = digits[*d >> 4]; 1938 if (*cp != '0') { 1939 zero = 0; 1940 cp++; 1941 } 1942 *cp = digits[*d++ & 0xf]; 1943 if (zero == 0 || (*cp != '0')) { 1944 zero = 0; 1945 cp++; 1946 } 1947 *cp = digits[*d >> 4]; 1948 if (zero == 0 || (*cp != '0')) { 1949 zero = 0; 1950 cp++; 1951 } 1952 *cp++ = digits[*d & 0xf]; 1953 *cp++ = ':'; 1954 a++; 1955 } 1956 *--cp = '\0'; 1957 return (ip6buf); 1958 } 1959 1960 int 1961 in6_localaddr(in6) 1962 struct in6_addr *in6; 1963 { 1964 struct in6_ifaddr *ia; 1965 1966 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6)) 1967 return 1; 1968 1969 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 1970 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr, 1971 &ia->ia_prefixmask.sin6_addr)) { 1972 return 1; 1973 } 1974 } 1975 1976 return (0); 1977 } 1978 1979 int 1980 in6_is_addr_deprecated(sa6) 1981 struct sockaddr_in6 *sa6; 1982 { 1983 struct in6_ifaddr *ia; 1984 1985 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 1986 if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, 1987 &sa6->sin6_addr) && 1988 (ia->ia6_flags & IN6_IFF_DEPRECATED) != 0) 1989 return (1); /* true */ 1990 1991 /* XXX: do we still have to go thru the rest of the list? */ 1992 } 1993 1994 return (0); /* false */ 1995 } 1996 1997 /* 1998 * return length of part which dst and src are equal 1999 * hard coding... 2000 */ 2001 int 2002 in6_matchlen(src, dst) 2003 struct in6_addr *src, *dst; 2004 { 2005 int match = 0; 2006 u_char *s = (u_char *)src, *d = (u_char *)dst; 2007 u_char *lim = s + 16, r; 2008 2009 while (s < lim) 2010 if ((r = (*d++ ^ *s++)) != 0) { 2011 while (r < 128) { 2012 match++; 2013 r <<= 1; 2014 } 2015 break; 2016 } else 2017 match += 8; 2018 return match; 2019 } 2020 2021 /* XXX: to be scope conscious */ 2022 int 2023 in6_are_prefix_equal(p1, p2, len) 2024 struct in6_addr *p1, *p2; 2025 int len; 2026 { 2027 int bytelen, bitlen; 2028 2029 /* sanity check */ 2030 if (0 > len || len > 128) { 2031 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n", 2032 len); 2033 return (0); 2034 } 2035 2036 bytelen = len / 8; 2037 bitlen = len % 8; 2038 2039 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen)) 2040 return (0); 2041 if (bitlen != 0 && 2042 p1->s6_addr[bytelen] >> (8 - bitlen) != 2043 p2->s6_addr[bytelen] >> (8 - bitlen)) 2044 return (0); 2045 2046 return (1); 2047 } 2048 2049 void 2050 in6_prefixlen2mask(maskp, len) 2051 struct in6_addr *maskp; 2052 int len; 2053 { 2054 u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff}; 2055 int bytelen, bitlen, i; 2056 2057 /* sanity check */ 2058 if (0 > len || len > 128) { 2059 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n", 2060 len); 2061 return; 2062 } 2063 2064 bzero(maskp, sizeof(*maskp)); 2065 bytelen = len / 8; 2066 bitlen = len % 8; 2067 for (i = 0; i < bytelen; i++) 2068 maskp->s6_addr[i] = 0xff; 2069 if (bitlen) 2070 maskp->s6_addr[bytelen] = maskarray[bitlen - 1]; 2071 } 2072 2073 /* 2074 * return the best address out of the same scope. if no address was 2075 * found, return the first valid address from designated IF. 2076 */ 2077 struct in6_ifaddr * 2078 in6_ifawithifp(ifp, dst) 2079 struct ifnet *ifp; 2080 struct in6_addr *dst; 2081 { 2082 int dst_scope = in6_addrscope(dst), blen = -1, tlen; 2083 struct ifaddr *ifa; 2084 struct in6_ifaddr *besta = 0; 2085 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */ 2086 2087 dep[0] = dep[1] = NULL; 2088 2089 /* 2090 * We first look for addresses in the same scope. 2091 * If there is one, return it. 2092 * If two or more, return one which matches the dst longest. 2093 * If none, return one of global addresses assigned other ifs. 2094 */ 2095 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 2096 if (ifa->ifa_addr->sa_family != AF_INET6) 2097 continue; 2098 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2099 continue; /* XXX: is there any case to allow anycast? */ 2100 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2101 continue; /* don't use this interface */ 2102 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2103 continue; 2104 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2105 if (ip6_use_deprecated) 2106 dep[0] = (struct in6_ifaddr *)ifa; 2107 continue; 2108 } 2109 2110 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) { 2111 /* 2112 * call in6_matchlen() as few as possible 2113 */ 2114 if (besta) { 2115 if (blen == -1) 2116 blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst); 2117 tlen = in6_matchlen(IFA_IN6(ifa), dst); 2118 if (tlen > blen) { 2119 blen = tlen; 2120 besta = (struct in6_ifaddr *)ifa; 2121 } 2122 } else 2123 besta = (struct in6_ifaddr *)ifa; 2124 } 2125 } 2126 if (besta) 2127 return (besta); 2128 2129 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 2130 if (ifa->ifa_addr->sa_family != AF_INET6) 2131 continue; 2132 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2133 continue; /* XXX: is there any case to allow anycast? */ 2134 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2135 continue; /* don't use this interface */ 2136 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2137 continue; 2138 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2139 if (ip6_use_deprecated) 2140 dep[1] = (struct in6_ifaddr *)ifa; 2141 continue; 2142 } 2143 2144 return (struct in6_ifaddr *)ifa; 2145 } 2146 2147 /* use the last-resort values, that are, deprecated addresses */ 2148 if (dep[0]) 2149 return dep[0]; 2150 if (dep[1]) 2151 return dep[1]; 2152 2153 return NULL; 2154 } 2155 2156 /* 2157 * perform DAD when interface becomes IFF_UP. 2158 */ 2159 void 2160 in6_if_up(ifp) 2161 struct ifnet *ifp; 2162 { 2163 struct ifaddr *ifa; 2164 struct in6_ifaddr *ia; 2165 2166 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 2167 if (ifa->ifa_addr->sa_family != AF_INET6) 2168 continue; 2169 ia = (struct in6_ifaddr *)ifa; 2170 if (ia->ia6_flags & IN6_IFF_TENTATIVE) { 2171 /* 2172 * The TENTATIVE flag was likely set by hand 2173 * beforehand, implicitly indicating the need for DAD. 2174 * We may be able to skip the random delay in this 2175 * case, but we impose delays just in case. 2176 */ 2177 nd6_dad_start(ifa, 2178 arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz)); 2179 } 2180 } 2181 2182 /* 2183 * special cases, like 6to4, are handled in in6_ifattach 2184 */ 2185 in6_ifattach(ifp, NULL); 2186 } 2187 2188 int 2189 in6if_do_dad(ifp) 2190 struct ifnet *ifp; 2191 { 2192 if ((ifp->if_flags & IFF_LOOPBACK) != 0) 2193 return (0); 2194 2195 switch (ifp->if_type) { 2196 #ifdef IFT_DUMMY 2197 case IFT_DUMMY: 2198 #endif 2199 case IFT_FAITH: 2200 /* 2201 * These interfaces do not have the IFF_LOOPBACK flag, 2202 * but loop packets back. We do not have to do DAD on such 2203 * interfaces. We should even omit it, because loop-backed 2204 * NS would confuse the DAD procedure. 2205 */ 2206 return (0); 2207 default: 2208 /* 2209 * Our DAD routine requires the interface up and running. 2210 * However, some interfaces can be up before the RUNNING 2211 * status. Additionaly, users may try to assign addresses 2212 * before the interface becomes up (or running). 2213 * We simply skip DAD in such a case as a work around. 2214 * XXX: we should rather mark "tentative" on such addresses, 2215 * and do DAD after the interface becomes ready. 2216 */ 2217 if (!((ifp->if_flags & IFF_UP) && 2218 (ifp->if_drv_flags & IFF_DRV_RUNNING))) 2219 return (0); 2220 2221 return (1); 2222 } 2223 } 2224 2225 /* 2226 * Calculate max IPv6 MTU through all the interfaces and store it 2227 * to in6_maxmtu. 2228 */ 2229 void 2230 in6_setmaxmtu() 2231 { 2232 unsigned long maxmtu = 0; 2233 struct ifnet *ifp; 2234 2235 IFNET_RLOCK(); 2236 for (ifp = TAILQ_FIRST(&ifnet); ifp; ifp = TAILQ_NEXT(ifp, if_list)) { 2237 /* this function can be called during ifnet initialization */ 2238 if (!ifp->if_afdata[AF_INET6]) 2239 continue; 2240 if ((ifp->if_flags & IFF_LOOPBACK) == 0 && 2241 IN6_LINKMTU(ifp) > maxmtu) 2242 maxmtu = IN6_LINKMTU(ifp); 2243 } 2244 IFNET_RUNLOCK(); 2245 if (maxmtu) /* update only when maxmtu is positive */ 2246 in6_maxmtu = maxmtu; 2247 } 2248 2249 /* 2250 * Provide the length of interface identifiers to be used for the link attached 2251 * to the given interface. The length should be defined in "IPv6 over 2252 * xxx-link" document. Note that address architecture might also define 2253 * the length for a particular set of address prefixes, regardless of the 2254 * link type. As clarified in rfc2462bis, those two definitions should be 2255 * consistent, and those really are as of August 2004. 2256 */ 2257 int 2258 in6_if2idlen(ifp) 2259 struct ifnet *ifp; 2260 { 2261 switch (ifp->if_type) { 2262 case IFT_ETHER: /* RFC2464 */ 2263 #ifdef IFT_PROPVIRTUAL 2264 case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */ 2265 #endif 2266 #ifdef IFT_L2VLAN 2267 case IFT_L2VLAN: /* ditto */ 2268 #endif 2269 #ifdef IFT_IEEE80211 2270 case IFT_IEEE80211: /* ditto */ 2271 #endif 2272 #ifdef IFT_MIP 2273 case IFT_MIP: /* ditto */ 2274 #endif 2275 return (64); 2276 case IFT_FDDI: /* RFC2467 */ 2277 return (64); 2278 case IFT_ISO88025: /* RFC2470 (IPv6 over Token Ring) */ 2279 return (64); 2280 case IFT_PPP: /* RFC2472 */ 2281 return (64); 2282 case IFT_ARCNET: /* RFC2497 */ 2283 return (64); 2284 case IFT_FRELAY: /* RFC2590 */ 2285 return (64); 2286 case IFT_IEEE1394: /* RFC3146 */ 2287 return (64); 2288 case IFT_GIF: 2289 return (64); /* draft-ietf-v6ops-mech-v2-07 */ 2290 case IFT_LOOP: 2291 return (64); /* XXX: is this really correct? */ 2292 default: 2293 /* 2294 * Unknown link type: 2295 * It might be controversial to use the today's common constant 2296 * of 64 for these cases unconditionally. For full compliance, 2297 * we should return an error in this case. On the other hand, 2298 * if we simply miss the standard for the link type or a new 2299 * standard is defined for a new link type, the IFID length 2300 * is very likely to be the common constant. As a compromise, 2301 * we always use the constant, but make an explicit notice 2302 * indicating the "unknown" case. 2303 */ 2304 printf("in6_if2idlen: unknown link type (%d)\n", ifp->if_type); 2305 return (64); 2306 } 2307 } 2308 2309 void * 2310 in6_domifattach(ifp) 2311 struct ifnet *ifp; 2312 { 2313 struct in6_ifextra *ext; 2314 2315 ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK); 2316 bzero(ext, sizeof(*ext)); 2317 2318 ext->in6_ifstat = (struct in6_ifstat *)malloc(sizeof(struct in6_ifstat), 2319 M_IFADDR, M_WAITOK); 2320 bzero(ext->in6_ifstat, sizeof(*ext->in6_ifstat)); 2321 2322 ext->icmp6_ifstat = 2323 (struct icmp6_ifstat *)malloc(sizeof(struct icmp6_ifstat), 2324 M_IFADDR, M_WAITOK); 2325 bzero(ext->icmp6_ifstat, sizeof(*ext->icmp6_ifstat)); 2326 2327 ext->nd_ifinfo = nd6_ifattach(ifp); 2328 ext->scope6_id = scope6_ifattach(ifp); 2329 return ext; 2330 } 2331 2332 void 2333 in6_domifdetach(ifp, aux) 2334 struct ifnet *ifp; 2335 void *aux; 2336 { 2337 struct in6_ifextra *ext = (struct in6_ifextra *)aux; 2338 2339 scope6_ifdetach(ext->scope6_id); 2340 nd6_ifdetach(ext->nd_ifinfo); 2341 free(ext->in6_ifstat, M_IFADDR); 2342 free(ext->icmp6_ifstat, M_IFADDR); 2343 free(ext, M_IFADDR); 2344 } 2345 2346 /* 2347 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be 2348 * v4 mapped addr or v4 compat addr 2349 */ 2350 void 2351 in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2352 { 2353 bzero(sin, sizeof(*sin)); 2354 sin->sin_len = sizeof(struct sockaddr_in); 2355 sin->sin_family = AF_INET; 2356 sin->sin_port = sin6->sin6_port; 2357 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3]; 2358 } 2359 2360 /* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */ 2361 void 2362 in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2363 { 2364 bzero(sin6, sizeof(*sin6)); 2365 sin6->sin6_len = sizeof(struct sockaddr_in6); 2366 sin6->sin6_family = AF_INET6; 2367 sin6->sin6_port = sin->sin_port; 2368 sin6->sin6_addr.s6_addr32[0] = 0; 2369 sin6->sin6_addr.s6_addr32[1] = 0; 2370 sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP; 2371 sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr; 2372 } 2373 2374 /* Convert sockaddr_in6 into sockaddr_in. */ 2375 void 2376 in6_sin6_2_sin_in_sock(struct sockaddr *nam) 2377 { 2378 struct sockaddr_in *sin_p; 2379 struct sockaddr_in6 sin6; 2380 2381 /* 2382 * Save original sockaddr_in6 addr and convert it 2383 * to sockaddr_in. 2384 */ 2385 sin6 = *(struct sockaddr_in6 *)nam; 2386 sin_p = (struct sockaddr_in *)nam; 2387 in6_sin6_2_sin(sin_p, &sin6); 2388 } 2389 2390 /* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */ 2391 void 2392 in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam) 2393 { 2394 struct sockaddr_in *sin_p; 2395 struct sockaddr_in6 *sin6_p; 2396 2397 MALLOC(sin6_p, struct sockaddr_in6 *, sizeof *sin6_p, M_SONAME, 2398 M_WAITOK); 2399 sin_p = (struct sockaddr_in *)*nam; 2400 in6_sin_2_v4mapsin6(sin_p, sin6_p); 2401 FREE(*nam, M_SONAME); 2402 *nam = (struct sockaddr *)sin6_p; 2403 } 2404