1 /*- 2 * Copyright (c) 2015 3 * Alexander V. Chernikov <melifaro@FreeBSD.org> 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #include <sys/cdefs.h> 31 __FBSDID("$FreeBSD$"); 32 33 #include "opt_inet.h" 34 #include "opt_inet6.h" 35 #include "opt_route.h" 36 #include "opt_mpath.h" 37 38 #include <sys/param.h> 39 #include <sys/systm.h> 40 #include <sys/lock.h> 41 #include <sys/rmlock.h> 42 #include <sys/malloc.h> 43 #include <sys/mbuf.h> 44 #include <sys/socket.h> 45 #include <sys/sysctl.h> 46 #include <sys/kernel.h> 47 48 #include <net/if.h> 49 #include <net/if_var.h> 50 #include <net/if_dl.h> 51 #include <net/route.h> 52 #include <net/route_var.h> 53 #include <net/route/nhop.h> 54 #include <net/route/shared.h> 55 #include <net/vnet.h> 56 57 #ifdef RADIX_MPATH 58 #include <net/radix_mpath.h> 59 #endif 60 61 #include <netinet/in.h> 62 #include <netinet/in_var.h> 63 #include <netinet/ip_mroute.h> 64 #include <netinet/ip6.h> 65 #include <netinet6/in6_fib.h> 66 #include <netinet6/in6_var.h> 67 #include <netinet6/nd6.h> 68 #include <netinet6/scope6_var.h> 69 70 #include <net/if_types.h> 71 72 #ifdef INET6 73 static void fib6_rte_to_nh_extended(const struct nhop_object *nh, 74 const struct in6_addr *dst, uint32_t flags, struct nhop6_extended *pnh6); 75 static void fib6_rte_to_nh_basic(const struct nhop_object *nh, const struct in6_addr *dst, 76 uint32_t flags, struct nhop6_basic *pnh6); 77 #define RNTORT(p) ((struct rtentry *)(p)) 78 79 #define ifatoia6(ifa) ((struct in6_ifaddr *)(ifa)) 80 81 CHK_STRUCT_ROUTE_COMPAT(struct route_in6, ro_dst); 82 83 84 85 static void 86 fib6_rte_to_nh_basic(const struct nhop_object *nh, const struct in6_addr *dst, 87 uint32_t flags, struct nhop6_basic *pnh6) 88 { 89 90 /* Do explicit nexthop zero unless we're copying it */ 91 memset(pnh6, 0, sizeof(*pnh6)); 92 93 if ((flags & NHR_IFAIF) != 0) 94 pnh6->nh_ifp = nh->nh_aifp; 95 else 96 pnh6->nh_ifp = nh->nh_ifp; 97 98 pnh6->nh_mtu = nh->nh_mtu; 99 if (nh->nh_flags & NHF_GATEWAY) { 100 /* Return address with embedded scope. */ 101 pnh6->nh_addr = nh->gw6_sa.sin6_addr; 102 } else 103 pnh6->nh_addr = *dst; 104 /* Set flags */ 105 pnh6->nh_flags = nh->nh_flags; 106 } 107 108 static void 109 fib6_rte_to_nh_extended(const struct nhop_object *nh, const struct in6_addr *dst, 110 uint32_t flags, struct nhop6_extended *pnh6) 111 { 112 113 /* Do explicit nexthop zero unless we're copying it */ 114 memset(pnh6, 0, sizeof(*pnh6)); 115 116 if ((flags & NHR_IFAIF) != 0) 117 pnh6->nh_ifp = nh->nh_aifp; 118 else 119 pnh6->nh_ifp = nh->nh_ifp; 120 121 pnh6->nh_mtu = nh->nh_mtu; 122 if (nh->nh_flags & NHF_GATEWAY) { 123 /* Return address with embedded scope. */ 124 pnh6->nh_addr = nh->gw6_sa.sin6_addr; 125 } else 126 pnh6->nh_addr = *dst; 127 /* Set flags */ 128 pnh6->nh_flags = nh->nh_flags; 129 pnh6->nh_ia = ifatoia6(nh->nh_ifa); 130 } 131 132 /* 133 * Performs IPv6 route table lookup on @dst. Returns 0 on success. 134 * Stores basic nexthop info into provided @pnh6 structure. 135 * Note that 136 * - nh_ifp represents logical transmit interface (rt_ifp) by default 137 * - nh_ifp represents "address" interface if NHR_IFAIF flag is passed 138 * - mtu from logical transmit interface will be returned. 139 * - nh_ifp cannot be safely dereferenced 140 * - nh_ifp represents rt_ifp (e.g. if looking up address on 141 * interface "ix0" pointer to "ix0" interface will be returned instead 142 * of "lo0") 143 * - howewer mtu from "transmit" interface will be returned. 144 * - scope will be embedded in nh_addr 145 */ 146 int 147 fib6_lookup_nh_basic(uint32_t fibnum, const struct in6_addr *dst, uint32_t scopeid, 148 uint32_t flags, uint32_t flowid, struct nhop6_basic *pnh6) 149 { 150 RIB_RLOCK_TRACKER; 151 struct rib_head *rh; 152 struct radix_node *rn; 153 struct sockaddr_in6 sin6; 154 struct nhop_object *nh; 155 156 KASSERT((fibnum < rt_numfibs), ("fib6_lookup_nh_basic: bad fibnum")); 157 rh = rt_tables_get_rnh(fibnum, AF_INET6); 158 if (rh == NULL) 159 return (ENOENT); 160 161 /* Prepare lookup key */ 162 memset(&sin6, 0, sizeof(sin6)); 163 sin6.sin6_addr = *dst; 164 sin6.sin6_len = sizeof(struct sockaddr_in6); 165 /* Assume scopeid is valid and embed it directly */ 166 if (IN6_IS_SCOPE_LINKLOCAL(dst)) 167 sin6.sin6_addr.s6_addr16[1] = htons(scopeid & 0xffff); 168 169 RIB_RLOCK(rh); 170 rn = rh->rnh_matchaddr((void *)&sin6, &rh->head); 171 if (rn != NULL && ((rn->rn_flags & RNF_ROOT) == 0)) { 172 nh = RNTORT(rn)->rt_nhop; 173 /* Ensure route & ifp is UP */ 174 if (RT_LINK_IS_UP(nh->nh_ifp)) { 175 fib6_rte_to_nh_basic(nh, &sin6.sin6_addr, flags, pnh6); 176 RIB_RUNLOCK(rh); 177 return (0); 178 } 179 } 180 RIB_RUNLOCK(rh); 181 182 return (ENOENT); 183 } 184 185 /* 186 * Performs IPv6 route table lookup on @dst. Returns 0 on success. 187 * Stores extended nexthop info into provided @pnh6 structure. 188 * Note that 189 * - nh_ifp cannot be safely dereferenced unless NHR_REF is specified. 190 * - in that case you need to call fib6_free_nh_ext() 191 * - nh_ifp represents logical transmit interface (rt_ifp) by default 192 * - nh_ifp represents "address" interface if NHR_IFAIF flag is passed 193 * - mtu from logical transmit interface will be returned. 194 * - scope will be embedded in nh_addr 195 */ 196 int 197 fib6_lookup_nh_ext(uint32_t fibnum, const struct in6_addr *dst,uint32_t scopeid, 198 uint32_t flags, uint32_t flowid, struct nhop6_extended *pnh6) 199 { 200 RIB_RLOCK_TRACKER; 201 struct rib_head *rh; 202 struct radix_node *rn; 203 struct sockaddr_in6 sin6; 204 struct rtentry *rte; 205 struct nhop_object *nh; 206 207 KASSERT((fibnum < rt_numfibs), ("fib6_lookup_nh_ext: bad fibnum")); 208 rh = rt_tables_get_rnh(fibnum, AF_INET6); 209 if (rh == NULL) 210 return (ENOENT); 211 212 /* Prepare lookup key */ 213 memset(&sin6, 0, sizeof(sin6)); 214 sin6.sin6_len = sizeof(struct sockaddr_in6); 215 sin6.sin6_addr = *dst; 216 /* Assume scopeid is valid and embed it directly */ 217 if (IN6_IS_SCOPE_LINKLOCAL(dst)) 218 sin6.sin6_addr.s6_addr16[1] = htons(scopeid & 0xffff); 219 220 RIB_RLOCK(rh); 221 rn = rh->rnh_matchaddr((void *)&sin6, &rh->head); 222 if (rn != NULL && ((rn->rn_flags & RNF_ROOT) == 0)) { 223 rte = RNTORT(rn); 224 #ifdef RADIX_MPATH 225 rte = rt_mpath_select(rte, flowid); 226 if (rte == NULL) { 227 RIB_RUNLOCK(rh); 228 return (ENOENT); 229 } 230 #endif 231 nh = rte->rt_nhop; 232 /* Ensure route & ifp is UP */ 233 if (RT_LINK_IS_UP(nh->nh_ifp)) { 234 fib6_rte_to_nh_extended(nh, &sin6.sin6_addr, flags, 235 pnh6); 236 if ((flags & NHR_REF) != 0) { 237 /* TODO: Do lwref on egress ifp's */ 238 } 239 RIB_RUNLOCK(rh); 240 241 return (0); 242 } 243 } 244 RIB_RUNLOCK(rh); 245 246 return (ENOENT); 247 } 248 249 void 250 fib6_free_nh_ext(uint32_t fibnum, struct nhop6_extended *pnh6) 251 { 252 253 } 254 255 /* 256 * Looks up path in fib @fibnum specified by @dst. 257 * Assumes scope is deembedded and provided in @scopeid. 258 * 259 * Returns path nexthop on success. Nexthop is safe to use 260 * within the current network epoch. If longer lifetime is required, 261 * one needs to pass NHR_REF as a flag. This will return referenced 262 * nexthop. 263 */ 264 struct nhop_object * 265 fib6_lookup(uint32_t fibnum, const struct in6_addr *dst6, 266 uint32_t scopeid, uint32_t flags, uint32_t flowid) 267 { 268 RIB_RLOCK_TRACKER; 269 struct rib_head *rh; 270 struct radix_node *rn; 271 struct rtentry *rt; 272 struct nhop_object *nh; 273 struct sockaddr_in6 sin6; 274 275 KASSERT((fibnum < rt_numfibs), ("fib6_lookup: bad fibnum")); 276 rh = rt_tables_get_rnh(fibnum, AF_INET6); 277 if (rh == NULL) 278 return (NULL); 279 280 /* TODO: radix changes */ 281 //addr = *dst6; 282 /* Prepare lookup key */ 283 memset(&sin6, 0, sizeof(sin6)); 284 sin6.sin6_len = sizeof(struct sockaddr_in6); 285 sin6.sin6_addr = *dst6; 286 287 /* Assume scopeid is valid and embed it directly */ 288 if (IN6_IS_SCOPE_LINKLOCAL(dst6)) 289 sin6.sin6_addr.s6_addr16[1] = htons(scopeid & 0xffff); 290 291 RIB_RLOCK(rh); 292 rn = rh->rnh_matchaddr((void *)&sin6, &rh->head); 293 if (rn != NULL && ((rn->rn_flags & RNF_ROOT) == 0)) { 294 rt = RNTORT(rn); 295 #ifdef RADIX_MPATH 296 if (rt_mpath_next(rt) != NULL) 297 rt = rt_mpath_selectrte(rt, flowid); 298 #endif 299 nh = rt->rt_nhop; 300 /* Ensure route & ifp is UP */ 301 if (RT_LINK_IS_UP(nh->nh_ifp)) { 302 if (flags & NHR_REF) 303 nhop_ref_object(nh); 304 RIB_RUNLOCK(rh); 305 return (nh); 306 } 307 } 308 RIB_RUNLOCK(rh); 309 310 RTSTAT_INC(rts_unreach); 311 return (NULL); 312 } 313 314 inline static int 315 check_urpf(const struct nhop_object *nh, uint32_t flags, 316 const struct ifnet *src_if) 317 { 318 319 if (src_if != NULL && nh->nh_aifp == src_if) { 320 return (1); 321 } 322 if (src_if == NULL) { 323 if ((flags & NHR_NODEFAULT) == 0) 324 return (1); 325 else if ((nh->nh_flags & NHF_DEFAULT) == 0) 326 return (1); 327 } 328 329 return (0); 330 } 331 332 #ifdef RADIX_MPATH 333 inline static int 334 check_urpf_mpath(struct rtentry *rt, uint32_t flags, 335 const struct ifnet *src_if) 336 { 337 338 while (rt != NULL) { 339 if (check_urpf(rt->rt_nhop, flags, src_if) != 0) 340 return (1); 341 rt = rt_mpath_next(rt); 342 } 343 344 return (0); 345 } 346 #endif 347 348 /* 349 * Performs reverse path forwarding lookup. 350 * If @src_if is non-zero, verifies that at least 1 path goes via 351 * this interface. 352 * If @src_if is zero, verifies that route exist. 353 * if @flags contains NHR_NOTDEFAULT, do not consider default route. 354 * 355 * Returns 1 if route matching conditions is found, 0 otherwise. 356 */ 357 int 358 fib6_check_urpf(uint32_t fibnum, const struct in6_addr *dst6, 359 uint32_t scopeid, uint32_t flags, const struct ifnet *src_if) 360 { 361 RIB_RLOCK_TRACKER; 362 struct rib_head *rh; 363 struct radix_node *rn; 364 struct rtentry *rt; 365 struct sockaddr_in6 sin6; 366 int ret; 367 368 KASSERT((fibnum < rt_numfibs), ("fib6_check_urpf: bad fibnum")); 369 rh = rt_tables_get_rnh(fibnum, AF_INET6); 370 if (rh == NULL) 371 return (0); 372 373 /* TODO: radix changes */ 374 /* Prepare lookup key */ 375 memset(&sin6, 0, sizeof(sin6)); 376 sin6.sin6_len = sizeof(struct sockaddr_in6); 377 sin6.sin6_addr = *dst6; 378 379 /* Assume scopeid is valid and embed it directly */ 380 if (IN6_IS_SCOPE_LINKLOCAL(dst6)) 381 sin6.sin6_addr.s6_addr16[1] = htons(scopeid & 0xffff); 382 383 RIB_RLOCK(rh); 384 rn = rh->rnh_matchaddr((void *)&sin6, &rh->head); 385 if (rn != NULL && ((rn->rn_flags & RNF_ROOT) == 0)) { 386 rt = RNTORT(rn); 387 #ifdef RADIX_MPATH 388 ret = check_urpf_mpath(rt, flags, src_if); 389 #else 390 ret = check_urpf(rt->rt_nhop, flags, src_if); 391 #endif 392 RIB_RUNLOCK(rh); 393 return (ret); 394 } 395 RIB_RUNLOCK(rh); 396 397 return (0); 398 } 399 400 #endif 401 402