1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the project nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 * $KAME: in6_ifattach.c,v 1.118 2001/05/24 07:44:00 itojun Exp $ 32 */ 33 34 #include <sys/param.h> 35 #include <sys/eventhandler.h> 36 #include <sys/systm.h> 37 #include <sys/counter.h> 38 #include <sys/malloc.h> 39 #include <sys/socket.h> 40 #include <sys/sockio.h> 41 #include <sys/jail.h> 42 #include <sys/kernel.h> 43 #include <sys/lock.h> 44 #include <sys/proc.h> 45 #include <sys/rmlock.h> 46 #include <sys/syslog.h> 47 #include <sys/md5.h> 48 49 #include <net/if.h> 50 #include <net/if_var.h> 51 #include <net/if_dl.h> 52 #include <net/if_private.h> 53 #include <net/if_types.h> 54 #include <net/if_llatbl.h> 55 #include <net/route.h> 56 #include <net/vnet.h> 57 58 #include <netinet/in.h> 59 #include <netinet/in_var.h> 60 #include <netinet/if_ether.h> 61 #include <netinet/in_pcb.h> 62 #include <netinet/ip_var.h> 63 #include <netinet/udp.h> 64 #include <netinet/udp_var.h> 65 66 #include <netinet/ip6.h> 67 #include <netinet6/ip6_var.h> 68 #include <netinet6/in6_var.h> 69 #include <netinet6/in6_pcb.h> 70 #include <netinet6/in6_ifattach.h> 71 #include <netinet6/ip6_var.h> 72 #include <netinet6/nd6.h> 73 #include <netinet6/mld6_var.h> 74 #include <netinet6/scope6_var.h> 75 76 #include <crypto/sha2/sha256.h> 77 #include <machine/atomic.h> 78 79 #ifdef IP6_AUTO_LINKLOCAL 80 VNET_DEFINE(int, ip6_auto_linklocal) = IP6_AUTO_LINKLOCAL; 81 #else 82 VNET_DEFINE(int, ip6_auto_linklocal) = 1; /* enabled by default */ 83 #endif 84 85 VNET_DEFINE(struct callout, in6_tmpaddrtimer_ch); 86 #define V_in6_tmpaddrtimer_ch VNET(in6_tmpaddrtimer_ch) 87 88 VNET_DEFINE(int, ip6_stableaddr_netifsource) = IP6_STABLEADDR_NETIFSRC_NAME; /* Use interface name by default */ 89 90 VNET_DECLARE(struct inpcbinfo, ripcbinfo); 91 #define V_ripcbinfo VNET(ripcbinfo) 92 93 static int get_rand_ifid(struct ifnet *, struct in6_addr *); 94 static int in6_ifattach_linklocal(struct ifnet *, struct ifnet *); 95 static int in6_ifattach_loopback(struct ifnet *); 96 static void in6_purgemaddrs(struct ifnet *); 97 98 #define EUI64_GBIT 0x01 99 #define EUI64_UBIT 0x02 100 #define EUI64_TO_IFID(in6) do {(in6)->s6_addr[8] ^= EUI64_UBIT; } while (0) 101 #define EUI64_GROUP(in6) ((in6)->s6_addr[8] & EUI64_GBIT) 102 #define EUI64_INDIVIDUAL(in6) (!EUI64_GROUP(in6)) 103 #define EUI64_LOCAL(in6) ((in6)->s6_addr[8] & EUI64_UBIT) 104 #define EUI64_UNIVERSAL(in6) (!EUI64_LOCAL(in6)) 105 106 #define IFID_LOCAL(in6) (!EUI64_LOCAL(in6)) 107 #define IFID_UNIVERSAL(in6) (!EUI64_UNIVERSAL(in6)) 108 109 #define HMAC_IPAD 0x36 110 #define HMAC_OPAD 0x5C 111 112 /* 113 * Generate a last-resort interface identifier, when the machine has no 114 * IEEE802/EUI64 address sources. 115 * The goal here is to get an interface identifier that is 116 * (1) random enough and (2) does not change across reboot. 117 * We currently use MD5(hostname) for it. 118 * 119 * in6 - upper 64bits are preserved 120 */ 121 static int 122 get_rand_ifid(struct ifnet *ifp, struct in6_addr *in6) 123 { 124 MD5_CTX ctxt; 125 struct prison *pr; 126 u_int8_t digest[16]; 127 int hostnamelen; 128 129 pr = curthread->td_ucred->cr_prison; 130 mtx_lock(&pr->pr_mtx); 131 hostnamelen = strlen(pr->pr_hostname); 132 #if 0 133 /* we need at least several letters as seed for ifid */ 134 if (hostnamelen < 3) { 135 mtx_unlock(&pr->pr_mtx); 136 return -1; 137 } 138 #endif 139 140 /* generate 8 bytes of pseudo-random value. */ 141 bzero(&ctxt, sizeof(ctxt)); 142 MD5Init(&ctxt); 143 MD5Update(&ctxt, pr->pr_hostname, hostnamelen); 144 mtx_unlock(&pr->pr_mtx); 145 MD5Final(digest, &ctxt); 146 147 /* assumes sizeof(digest) > sizeof(ifid) */ 148 bcopy(digest, &in6->s6_addr[8], 8); 149 150 /* make sure to set "u" bit to local, and "g" bit to individual. */ 151 in6->s6_addr[8] &= ~EUI64_GBIT; /* g bit to "individual" */ 152 in6->s6_addr[8] |= EUI64_UBIT; /* u bit to "local" */ 153 154 /* convert EUI64 into IPv6 interface identifier */ 155 EUI64_TO_IFID(in6); 156 157 return 0; 158 } 159 160 161 /* 162 * Get interface link level sockaddr 163 */ 164 static struct sockaddr_dl * 165 get_interface_link_level(struct ifnet *ifp) 166 { 167 struct ifaddr *ifa; 168 struct sockaddr_dl *sdl; 169 170 NET_EPOCH_ASSERT(); 171 172 CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 173 if (ifa->ifa_addr->sa_family != AF_LINK) 174 continue; 175 sdl = (struct sockaddr_dl *)ifa->ifa_addr; 176 if (sdl == NULL) 177 continue; 178 if (sdl->sdl_alen == 0) 179 continue; 180 181 return (sdl); 182 } 183 184 return (NULL); 185 } 186 187 /* 188 * Get hwaddr from link interface 189 */ 190 static uint8_t * 191 in6_get_interface_hwaddr(struct ifnet *ifp, size_t *len) 192 { 193 struct sockaddr_dl *sdl; 194 u_int8_t *addr; 195 static u_int8_t allzero[8] = { 0, 0, 0, 0, 0, 0, 0, 0 }; 196 static u_int8_t allone[8] = 197 { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 198 199 sdl = get_interface_link_level(ifp); 200 if (sdl == NULL) 201 return (NULL); 202 203 addr = LLADDR(sdl); 204 *len = sdl->sdl_alen; 205 206 /* get EUI64 */ 207 switch (ifp->if_type) { 208 case IFT_BRIDGE: 209 case IFT_ETHER: 210 case IFT_L2VLAN: 211 case IFT_ATM: 212 case IFT_IEEE1394: 213 /* IEEE802/EUI64 cases - what others? */ 214 /* IEEE1394 uses 16byte length address starting with EUI64 */ 215 if (*len > 8) 216 *len = 8; 217 218 /* look at IEEE802/EUI64 only */ 219 if (*len != 8 && *len != 6) 220 return (NULL); 221 222 /* 223 * check for invalid MAC address - on bsdi, we see it a lot 224 * since wildboar configures all-zero MAC on pccard before 225 * card insertion. 226 */ 227 if (memcmp(addr, allzero, *len) == 0 || memcmp(addr, allone, *len) == 0) 228 return (NULL); 229 230 break; 231 232 case IFT_GIF: 233 case IFT_STF: 234 /* 235 * RFC2893 says: "SHOULD use IPv4 address as ifid source". 236 * however, IPv4 address is not very suitable as unique 237 * identifier source (can be renumbered). 238 * we don't do this. 239 */ 240 return (NULL); 241 242 case IFT_INFINIBAND: 243 if (*len != 20) 244 return (NULL); 245 *len = 8; 246 addr += 12; 247 break; 248 249 default: 250 return (NULL); 251 } 252 253 return (addr); 254 } 255 256 /* 257 * Get interface identifier for the specified interface. 258 * XXX assumes single sockaddr_dl (AF_LINK address) per an interface 259 * 260 * in6 - upper 64bits are preserved 261 */ 262 int 263 in6_get_hw_ifid(struct ifnet *ifp, struct in6_addr *in6) 264 { 265 size_t hwaddr_len; 266 uint8_t *hwaddr; 267 static u_int8_t allzero[8] = { 0, 0, 0, 0, 0, 0, 0, 0 }; 268 269 hwaddr = in6_get_interface_hwaddr(ifp, &hwaddr_len); 270 if (hwaddr == NULL || (hwaddr_len != 6 && hwaddr_len != 8)) 271 return (-1); 272 273 /* make EUI64 address */ 274 if (hwaddr_len == 8) 275 memcpy(&in6->s6_addr[8], hwaddr, 8); 276 else if (hwaddr_len == 6) { 277 in6->s6_addr[8] = hwaddr[0]; 278 in6->s6_addr[9] = hwaddr[1]; 279 in6->s6_addr[10] = hwaddr[2]; 280 in6->s6_addr[11] = 0xff; 281 in6->s6_addr[12] = 0xfe; 282 in6->s6_addr[13] = hwaddr[3]; 283 in6->s6_addr[14] = hwaddr[4]; 284 in6->s6_addr[15] = hwaddr[5]; 285 } 286 287 /* sanity check: g bit must not indicate "group" */ 288 if (EUI64_GROUP(in6)) 289 return -1; 290 291 /* convert EUI64 into IPv6 interface identifier */ 292 EUI64_TO_IFID(in6); 293 294 /* 295 * sanity check: ifid must not be all zero, avoid conflict with 296 * subnet router anycast 297 */ 298 if ((in6->s6_addr[8] & ~(EUI64_GBIT | EUI64_UBIT)) == 0x00 && 299 bcmp(&in6->s6_addr[9], allzero, 7) == 0) 300 return -1; 301 302 return 0; 303 } 304 305 /* 306 * Validate generated interface id to make sure it does not fall in any reserved range: 307 * 308 * https://www.iana.org/assignments/ipv6-interface-ids/ipv6-interface-ids.xhtml 309 */ 310 static bool 311 validate_ifid(uint8_t *iid) 312 { 313 static uint8_t allzero[8] = { 0, 0, 0, 0, 0, 0, 0, 0 }; 314 static uint8_t reserved_eth[5] = { 0x02, 0x00, 0x5E, 0xFF, 0xFE }; 315 static uint8_t reserved_anycast[7] = { 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; 316 317 /* Subnet-Router Anycast (RFC 4291) */ 318 if (memcmp(iid, allzero, 8) == 0) 319 return (false); 320 321 /* 322 * Reserved IPv6 Interface Identifiers corresponding to the IANA Ethernet Block (RFC 4291) 323 * and 324 * Proxy Mobile IPv6 (RFC 6543) 325 */ 326 if (memcmp(iid, reserved_eth, 5) == 0) 327 return (false); 328 329 /* Reserved Subnet Anycast Addresses (RFC 2526) */ 330 if (memcmp(iid, reserved_anycast, 7) == 0 && iid[7] >= 0x80) 331 return (false); 332 333 return (true); 334 } 335 336 /* 337 * Get interface identifier for the specified interface, according to 338 * RFC 7217 Stable and Opaque IDs with SLAAC, using HMAC-SHA256 digest. 339 * 340 * in6 - upper 64bits are preserved 341 */ 342 bool 343 in6_get_stableifid(struct ifnet *ifp, struct in6_addr *in6, int prefixlen) 344 { 345 struct sockaddr_dl *sdl; 346 const uint8_t *netiface; 347 size_t netiface_len, hostuuid_len; 348 uint8_t hostuuid[HOSTUUIDLEN + 1], hmac_key[SHA256_BLOCK_LENGTH], 349 hk_ipad[SHA256_BLOCK_LENGTH], hk_opad[SHA256_BLOCK_LENGTH]; 350 uint64_t dad_failures; 351 SHA256_CTX ctxt; 352 353 switch (V_ip6_stableaddr_netifsource) { 354 case IP6_STABLEADDR_NETIFSRC_ID: 355 sdl = get_interface_link_level(ifp); 356 if (sdl == NULL) 357 return (false); 358 netiface = (uint8_t *)&LLINDEX(sdl); 359 netiface_len = sizeof(u_short); /* real return type of LLINDEX */ 360 break; 361 362 case IP6_STABLEADDR_NETIFSRC_MAC: 363 netiface = in6_get_interface_hwaddr(ifp, &netiface_len); 364 if (netiface == NULL) 365 return (false); 366 break; 367 368 case IP6_STABLEADDR_NETIFSRC_NAME: 369 default: 370 netiface = (const uint8_t *)if_name(ifp); 371 netiface_len = strlen(netiface); 372 break; 373 } 374 375 /* Use hostuuid as constant "secret" key */ 376 getcredhostuuid(curthread->td_ucred, hostuuid, sizeof(hostuuid)); 377 if (strncmp(hostuuid, DEFAULT_HOSTUUID, sizeof(hostuuid)) == 0) { 378 /* If hostuuid is not set, use a random value */ 379 arc4rand(hostuuid, HOSTUUIDLEN, 0); 380 hostuuid[HOSTUUIDLEN] = '\0'; 381 } 382 hostuuid_len = strlen(hostuuid); 383 384 dad_failures = atomic_load_int(&DAD_FAILURES(ifp)); 385 386 /* RFC 7217 section 7, default max retries */ 387 if (dad_failures > V_ip6_stableaddr_maxretries) 388 return (false); 389 390 /* 391 * Use hostuuid as basis for HMAC key 392 */ 393 memset(hmac_key, 0, sizeof(hmac_key)); 394 if (hostuuid_len <= SHA256_BLOCK_LENGTH) { 395 /* copy to hmac key variable, zero padded */ 396 memcpy(hmac_key, hostuuid, hostuuid_len); 397 } else { 398 /* if longer than block length, use hash of the value, zero padded */ 399 SHA256_Init(&ctxt); 400 SHA256_Update(&ctxt, hostuuid, hostuuid_len); 401 SHA256_Final(hmac_key, &ctxt); 402 } 403 /* XOR key with ipad and opad values */ 404 for (uint16_t i = 0; i < sizeof(hmac_key); i++) { 405 hk_ipad[i] = hmac_key[i] ^ HMAC_IPAD; 406 hk_opad[i] = hmac_key[i] ^ HMAC_OPAD; 407 } 408 409 /* 410 * Generate interface id in a loop, adding an offset to be factored in the hash function. 411 * This is necessary, because if the generated interface id happens to be invalid we 412 * want to force the hash function to generate a different one, otherwise we would end up 413 * in an infinite loop trying the same invalid interface id over and over again. 414 * 415 * Using an uint8 counter for the offset, so limit iteration at UINT8_MAX. This is a safety 416 * measure, this will never iterate more than once or twice in practice. 417 */ 418 for(uint8_t offset = 0; offset < UINT8_MAX; offset++) { 419 uint8_t digest[SHA256_DIGEST_LENGTH]; 420 421 /* Calculate inner hash */ 422 SHA256_Init(&ctxt); 423 SHA256_Update(&ctxt, hk_ipad, sizeof(hk_ipad)); 424 SHA256_Update(&ctxt, in6->s6_addr, prefixlen / 8); 425 SHA256_Update(&ctxt, netiface, netiface_len); 426 SHA256_Update(&ctxt, (uint8_t *)&dad_failures, 8); 427 SHA256_Update(&ctxt, hostuuid, hostuuid_len); 428 SHA256_Update(&ctxt, &offset, 1); 429 SHA256_Final(digest, &ctxt); 430 431 /* Calculate outer hash */ 432 SHA256_Init(&ctxt); 433 SHA256_Update(&ctxt, hk_opad, sizeof(hk_opad)); 434 SHA256_Update(&ctxt, digest, sizeof(digest)); 435 SHA256_Final(digest, &ctxt); 436 437 if (validate_ifid(digest)) { 438 /* assumes sizeof(digest) > sizeof(ifid) */ 439 memcpy(&in6->s6_addr[8], digest, 8); 440 441 return (true); 442 } 443 } 444 445 return (false); 446 } 447 448 /* 449 * Get interface identifier for the specified interface. If it is not 450 * available on ifp0, borrow interface identifier from other information 451 * sources. 452 * 453 * altifp - secondary EUI64 source 454 */ 455 int 456 in6_get_ifid(struct ifnet *ifp0, struct ifnet *altifp, 457 struct in6_addr *in6) 458 { 459 struct ifnet *ifp; 460 461 NET_EPOCH_ASSERT(); 462 463 /* first, try to get it from the interface itself, with stable algorithm, if configured */ 464 if ((ifp0->if_inet6->nd_flags & ND6_IFF_STABLEADDR) && in6_get_stableifid(ifp0, in6, 64) == 0) { 465 nd6log((LOG_DEBUG, "%s: got interface identifier from itself (stable private)\n", 466 if_name(ifp0))); 467 goto success; 468 } 469 470 /* then/otherwise try to get it from the interface itself */ 471 if (in6_get_hw_ifid(ifp0, in6) == 0) { 472 nd6log((LOG_DEBUG, "%s: got interface identifier from itself\n", 473 if_name(ifp0))); 474 goto success; 475 } 476 477 /* try secondary EUI64 source. this basically is for ATM PVC */ 478 if (altifp && in6_get_hw_ifid(altifp, in6) == 0) { 479 nd6log((LOG_DEBUG, "%s: got interface identifier from %s\n", 480 if_name(ifp0), if_name(altifp))); 481 goto success; 482 } 483 484 /* next, try to get it from some other hardware interface */ 485 CK_STAILQ_FOREACH(ifp, &V_ifnet, if_link) { 486 if (ifp == ifp0) 487 continue; 488 if (in6_get_hw_ifid(ifp, in6) != 0) 489 continue; 490 491 /* 492 * to borrow ifid from other interface, ifid needs to be 493 * globally unique 494 */ 495 if (IFID_UNIVERSAL(in6)) { 496 nd6log((LOG_DEBUG, 497 "%s: borrow interface identifier from %s\n", 498 if_name(ifp0), if_name(ifp))); 499 goto success; 500 } 501 } 502 503 /* last resort: get from random number source */ 504 if (get_rand_ifid(ifp, in6) == 0) { 505 nd6log((LOG_DEBUG, 506 "%s: interface identifier generated by random number\n", 507 if_name(ifp0))); 508 goto success; 509 } 510 511 printf("%s: failed to get interface identifier\n", if_name(ifp0)); 512 return -1; 513 514 success: 515 nd6log((LOG_INFO, "%s: ifid: %02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x\n", 516 if_name(ifp0), in6->s6_addr[8], in6->s6_addr[9], in6->s6_addr[10], 517 in6->s6_addr[11], in6->s6_addr[12], in6->s6_addr[13], 518 in6->s6_addr[14], in6->s6_addr[15])); 519 return 0; 520 } 521 522 /* 523 * altifp - secondary EUI64 source 524 */ 525 static int 526 in6_ifattach_linklocal(struct ifnet *ifp, struct ifnet *altifp) 527 { 528 struct in6_ifaddr *ia; 529 struct in6_aliasreq ifra; 530 struct nd_prefixctl pr0; 531 struct epoch_tracker et; 532 struct nd_prefix *pr; 533 int error; 534 535 /* 536 * configure link-local address. 537 */ 538 in6_prepare_ifra(&ifra, NULL, &in6mask64); 539 540 ifra.ifra_addr.sin6_addr.s6_addr32[0] = htonl(0xfe800000); 541 ifra.ifra_addr.sin6_addr.s6_addr32[1] = 0; 542 if ((ifp->if_flags & IFF_LOOPBACK) != 0) { 543 ifra.ifra_addr.sin6_addr.s6_addr32[2] = 0; 544 ifra.ifra_addr.sin6_addr.s6_addr32[3] = htonl(1); 545 } else { 546 NET_EPOCH_ENTER(et); 547 error = in6_get_ifid(ifp, altifp, &ifra.ifra_addr.sin6_addr); 548 NET_EPOCH_EXIT(et); 549 if (error != 0) { 550 nd6log((LOG_ERR, 551 "%s: no ifid available\n", if_name(ifp))); 552 return (-1); 553 } 554 } 555 if (in6_setscope(&ifra.ifra_addr.sin6_addr, ifp, NULL)) 556 return (-1); 557 558 /* link-local addresses should NEVER expire. */ 559 ifra.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME; 560 ifra.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME; 561 562 /* 563 * Now call in6_update_ifa() to do a bunch of procedures to configure 564 * a link-local address. We can set the 3rd argument to NULL, because 565 * we know there's no other link-local address on the interface 566 * and therefore we are adding one (instead of updating one). 567 */ 568 if ((error = in6_update_ifa(ifp, &ifra, NULL, 569 IN6_IFAUPDATE_DADDELAY)) != 0) { 570 /* 571 * XXX: When the interface does not support IPv6, this call 572 * would fail in the SIOCSIFADDR ioctl. I believe the 573 * notification is rather confusing in this case, so just 574 * suppress it. (jinmei@kame.net 20010130) 575 */ 576 if (error != EAFNOSUPPORT) 577 nd6log((LOG_NOTICE, "in6_ifattach_linklocal: failed to " 578 "configure a link-local address on %s " 579 "(errno=%d)\n", 580 if_name(ifp), error)); 581 return (-1); 582 } 583 584 NET_EPOCH_ENTER(et); 585 ia = in6ifa_ifpforlinklocal(ifp, 0); 586 NET_EPOCH_EXIT(et); 587 if (ia == NULL) { 588 /* 589 * Another thread removed the address that we just added. 590 * This should be rare, but it happens. 591 */ 592 nd6log((LOG_NOTICE, "%s: %s: new link-local address " 593 "disappeared\n", __func__, if_name(ifp))); 594 return (-1); 595 } 596 ifa_free(&ia->ia_ifa); 597 598 /* 599 * Make the link-local prefix (fe80::%link/64) as on-link. 600 * Since we'd like to manage prefixes separately from addresses, 601 * we make an ND6 prefix structure for the link-local prefix, 602 * and add it to the prefix list as a never-expire prefix. 603 * XXX: this change might affect some existing code base... 604 */ 605 bzero(&pr0, sizeof(pr0)); 606 pr0.ndpr_ifp = ifp; 607 /* this should be 64 at this moment. */ 608 pr0.ndpr_plen = in6_mask2len(&ifra.ifra_prefixmask.sin6_addr, NULL); 609 pr0.ndpr_prefix = ifra.ifra_addr; 610 /* apply the mask for safety. (nd6_prelist_add will apply it again) */ 611 IN6_MASK_ADDR(&pr0.ndpr_prefix.sin6_addr, &in6mask64); 612 /* 613 * Initialize parameters. The link-local prefix must always be 614 * on-link, and its lifetimes never expire. 615 */ 616 pr0.ndpr_raf_onlink = 1; 617 pr0.ndpr_raf_auto = 1; /* probably meaningless */ 618 pr0.ndpr_vltime = ND6_INFINITE_LIFETIME; 619 pr0.ndpr_pltime = ND6_INFINITE_LIFETIME; 620 /* 621 * Since there is no other link-local addresses, nd6_prefix_lookup() 622 * probably returns NULL. However, we cannot always expect the result. 623 * For example, if we first remove the (only) existing link-local 624 * address, and then reconfigure another one, the prefix is still 625 * valid with referring to the old link-local address. 626 */ 627 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) { 628 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) 629 return (error); 630 /* Reference prefix */ 631 ia->ia6_ndpr = pr; 632 pr->ndpr_addrcnt++; 633 } 634 nd6_prefix_rele(pr); 635 636 return 0; 637 } 638 639 /* 640 * ifp - must be IFT_LOOP 641 */ 642 static int 643 in6_ifattach_loopback(struct ifnet *ifp) 644 { 645 struct in6_aliasreq ifra; 646 int error; 647 648 in6_prepare_ifra(&ifra, &in6addr_loopback, &in6mask128); 649 650 /* 651 * Always initialize ia_dstaddr (= broadcast address) to loopback 652 * address. Follows IPv4 practice - see in_ifinit(). 653 */ 654 ifra.ifra_dstaddr.sin6_len = sizeof(struct sockaddr_in6); 655 ifra.ifra_dstaddr.sin6_family = AF_INET6; 656 ifra.ifra_dstaddr.sin6_addr = in6addr_loopback; 657 658 /* the loopback address should NEVER expire. */ 659 ifra.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME; 660 ifra.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME; 661 662 /* 663 * We are sure that this is a newly assigned address, so we can set 664 * NULL to the 3rd arg. 665 */ 666 if ((error = in6_update_ifa(ifp, &ifra, NULL, 0)) != 0) { 667 nd6log((LOG_ERR, "in6_ifattach_loopback: failed to configure " 668 "the loopback address on %s (errno=%d)\n", 669 if_name(ifp), error)); 670 return (-1); 671 } 672 673 return 0; 674 } 675 676 /* 677 * compute NI group address, based on the current hostname setting. 678 * see RFC 4620. 679 * 680 * when ifp == NULL, the caller is responsible for filling scopeid. 681 * 682 * If oldmcprefix == 1, FF02:0:0:0:0:2::/96 is used for NI group address 683 * while it is FF02:0:0:0:0:2:FF00::/104 in RFC 4620. 684 */ 685 static int 686 in6_nigroup0(struct ifnet *ifp, const char *name, int namelen, 687 struct in6_addr *in6, int oldmcprefix) 688 { 689 struct prison *pr; 690 const char *p; 691 u_char *q; 692 MD5_CTX ctxt; 693 u_int8_t digest[16]; 694 char l; 695 char n[64]; /* a single label must not exceed 63 chars */ 696 697 /* 698 * If no name is given and namelen is -1, 699 * we try to do the hostname lookup ourselves. 700 */ 701 if (!name && namelen == -1) { 702 pr = curthread->td_ucred->cr_prison; 703 mtx_lock(&pr->pr_mtx); 704 name = pr->pr_hostname; 705 namelen = strlen(name); 706 } else 707 pr = NULL; 708 if (!name || !namelen) { 709 if (pr != NULL) 710 mtx_unlock(&pr->pr_mtx); 711 return -1; 712 } 713 714 p = name; 715 while (p && *p && *p != '.' && p - name < namelen) 716 p++; 717 if (p == name || p - name > sizeof(n) - 1) { 718 if (pr != NULL) 719 mtx_unlock(&pr->pr_mtx); 720 return -1; /* label too long */ 721 } 722 l = p - name; 723 strncpy(n, name, l); 724 if (pr != NULL) 725 mtx_unlock(&pr->pr_mtx); 726 n[(int)l] = '\0'; 727 for (q = n; *q; q++) { 728 if ('A' <= *q && *q <= 'Z') 729 *q = *q - 'A' + 'a'; 730 } 731 732 /* generate 16 bytes of pseudo-random value. */ 733 bzero(&ctxt, sizeof(ctxt)); 734 MD5Init(&ctxt); 735 MD5Update(&ctxt, &l, sizeof(l)); 736 MD5Update(&ctxt, n, l); 737 MD5Final(digest, &ctxt); 738 739 bzero(in6, sizeof(*in6)); 740 in6->s6_addr16[0] = IPV6_ADDR_INT16_MLL; 741 in6->s6_addr8[11] = 2; 742 if (oldmcprefix == 0) { 743 in6->s6_addr8[12] = 0xff; 744 /* Copy the first 24 bits of 128-bit hash into the address. */ 745 bcopy(digest, &in6->s6_addr8[13], 3); 746 } else { 747 /* Copy the first 32 bits of 128-bit hash into the address. */ 748 bcopy(digest, &in6->s6_addr32[3], sizeof(in6->s6_addr32[3])); 749 } 750 if (in6_setscope(in6, ifp, NULL)) 751 return (-1); /* XXX: should not fail */ 752 753 return 0; 754 } 755 756 int 757 in6_nigroup(struct ifnet *ifp, const char *name, int namelen, 758 struct in6_addr *in6) 759 { 760 761 return (in6_nigroup0(ifp, name, namelen, in6, 0)); 762 } 763 764 int 765 in6_nigroup_oldmcprefix(struct ifnet *ifp, const char *name, int namelen, 766 struct in6_addr *in6) 767 { 768 769 return (in6_nigroup0(ifp, name, namelen, in6, 1)); 770 } 771 772 /* 773 * XXX multiple loopback interface needs more care. for instance, 774 * nodelocal address needs to be configured onto only one of them. 775 * XXX multiple link-local address case 776 * 777 * altifp - secondary EUI64 source 778 */ 779 void 780 in6_ifattach(struct ifnet *ifp, struct ifnet *altifp) 781 { 782 struct in6_ifaddr *ia; 783 784 /* XXXGL: can this happen after IFT_PFLOG and IFT_PFSYNC are gone? */ 785 if (ifp->if_inet6 == NULL) 786 return; 787 /* 788 * quirks based on interface type 789 */ 790 switch (ifp->if_type) { 791 case IFT_STF: 792 /* 793 * 6to4 interface is a very special kind of beast. 794 * no multicast, no linklocal. RFC2529 specifies how to make 795 * linklocals for 6to4 interface, but there's no use and 796 * it is rather harmful to have one. 797 */ 798 ifp->if_inet6->nd_flags &= ~ND6_IFF_AUTO_LINKLOCAL; 799 ifp->if_inet6->nd_flags |= ND6_IFF_NO_DAD; 800 break; 801 default: 802 break; 803 } 804 805 /* 806 * usually, we require multicast capability to the interface 807 */ 808 if ((ifp->if_flags & IFF_MULTICAST) == 0) { 809 nd6log((LOG_INFO, "in6_ifattach: " 810 "%s is not multicast capable, IPv6 not enabled\n", 811 if_name(ifp))); 812 return; 813 } 814 815 /* 816 * assign loopback address for loopback interface. 817 */ 818 if ((ifp->if_flags & IFF_LOOPBACK) != 0) { 819 /* 820 * check that loopback address doesn't exist yet. 821 */ 822 ia = in6ifa_ifwithaddr(&in6addr_loopback, 0, false); 823 if (ia == NULL) 824 in6_ifattach_loopback(ifp); 825 } 826 827 /* 828 * assign a link-local address, if there's none. 829 */ 830 if (!(ifp->if_inet6->nd_flags & ND6_IFF_IFDISABLED) && 831 ifp->if_inet6->nd_flags & ND6_IFF_AUTO_LINKLOCAL) { 832 struct epoch_tracker et; 833 834 NET_EPOCH_ENTER(et); 835 ia = in6ifa_ifpforlinklocal(ifp, 0); 836 NET_EPOCH_EXIT(et); 837 if (ia == NULL) 838 in6_ifattach_linklocal(ifp, altifp); 839 else 840 ifa_free(&ia->ia_ifa); 841 } 842 } 843 844 /* 845 * NOTE: in6_ifdetach() does not support loopback if at this moment. 846 * 847 * When shutting down a VNET we clean up layers top-down. In that case 848 * upper layer protocols (ulp) are cleaned up already and locks are destroyed 849 * and we must not call into these cleanup functions anymore, thus purgeulp 850 * is set to 0 in that case by in6_ifdetach_destroy(). 851 * The normal case of destroying a (cloned) interface still needs to cleanup 852 * everything related to the interface and will have purgeulp set to 1. 853 */ 854 static void 855 _in6_ifdetach(struct ifnet *ifp, int purgeulp) 856 { 857 struct ifaddr *ifa, *next; 858 859 /* XXXGL: can this happen after IFT_PFLOG and IFT_PFSYNC are gone? */ 860 if (ifp->if_inet6 == NULL) 861 return; 862 863 /* 864 * nuke any of IPv6 addresses we have 865 */ 866 CK_STAILQ_FOREACH_SAFE(ifa, &ifp->if_addrhead, ifa_link, next) { 867 if (ifa->ifa_addr->sa_family != AF_INET6) 868 continue; 869 in6_purgeaddr(ifa); 870 } 871 if (purgeulp) { 872 IN6_MULTI_LOCK(); 873 in6_pcbpurgeif0(&V_udbinfo, ifp); 874 in6_pcbpurgeif0(&V_ulitecbinfo, ifp); 875 in6_pcbpurgeif0(&V_ripcbinfo, ifp); 876 IN6_MULTI_UNLOCK(); 877 } 878 /* leave from all multicast groups joined */ 879 in6_purgemaddrs(ifp); 880 881 /* 882 * Remove neighbor management table. 883 * Enabling the nd6_purge will panic on vmove for interfaces on VNET 884 * teardown as the IPv6 layer is cleaned up already and the locks 885 * are destroyed. 886 */ 887 if (purgeulp) 888 nd6_purge(ifp); 889 } 890 891 void 892 in6_ifdetach(struct ifnet *ifp) 893 { 894 895 _in6_ifdetach(ifp, 1); 896 } 897 898 static void 899 in6_ifextra_free(epoch_context_t ctx) 900 { 901 struct in6_ifextra *ext = 902 __containerof(ctx, struct in6_ifextra, epoch_ctx); 903 904 COUNTER_ARRAY_FREE(ext->in6_ifstat, 905 sizeof(struct in6_ifstat) / sizeof(uint64_t)); 906 COUNTER_ARRAY_FREE(ext->icmp6_ifstat, 907 sizeof(struct icmp6_ifstat) / sizeof(uint64_t)); 908 free(ext, M_IFADDR); 909 } 910 911 static void 912 in6_ifdeparture(void *arg __unused, struct ifnet *ifp) 913 { 914 struct in6_ifextra *ext = ifp->if_inet6; 915 916 /* XXXGL: can this happen after IFT_PFLOG and IFT_PFSYNC are gone? */ 917 if (ifp->if_inet6 == NULL) 918 return; 919 920 #ifdef VIMAGE 921 /* 922 * On VNET shutdown abort here as the stack teardown will do all 923 * the work top-down for us. XXXGL: see comment in in.c:in_ifdetach(). 924 */ 925 if (!VNET_IS_SHUTTING_DOWN(ifp->if_vnet)) 926 #endif 927 _in6_ifdetach(ifp, 1); 928 /* 929 * XXXGL: mld and nd bits are left in a consistent state after 930 * destructors, but I'm not sure if it safe to call lltable_free() here. 931 * Individual lle entries are epoch(9) protected, but the table itself 932 * isn't. 933 */ 934 mld_domifdetach(ifp); 935 nd6_ifdetach(ifp); 936 lltable_free(ext->lltable); 937 NET_EPOCH_CALL(in6_ifextra_free, &ext->epoch_ctx); 938 } 939 EVENTHANDLER_DEFINE(ifnet_departure_event, in6_ifdeparture, NULL, 940 EVENTHANDLER_PRI_ANY); 941 942 void 943 in6_ifdetach_destroy(struct ifnet *ifp) 944 { 945 946 _in6_ifdetach(ifp, 0); 947 } 948 949 void 950 in6_tmpaddrtimer(void *arg) 951 { 952 CURVNET_SET((struct vnet *) arg); 953 954 callout_reset(&V_in6_tmpaddrtimer_ch, 955 (V_ip6_temp_preferred_lifetime - V_ip6_desync_factor - 956 V_ip6_temp_regen_advance) * hz, in6_tmpaddrtimer, curvnet); 957 958 CURVNET_RESTORE(); 959 } 960 961 static void 962 in6_purgemaddrs(struct ifnet *ifp) 963 { 964 struct in6_multi_head inmh; 965 966 SLIST_INIT(&inmh); 967 IN6_MULTI_LOCK(); 968 IN6_MULTI_LIST_LOCK(); 969 mld_ifdetach(ifp, &inmh); 970 IN6_MULTI_LIST_UNLOCK(); 971 IN6_MULTI_UNLOCK(); 972 in6m_release_list_deferred(&inmh); 973 974 /* 975 * Make sure all multicast deletions invoking if_ioctl() are 976 * completed before returning. Else we risk accessing a freed 977 * ifnet structure pointer. 978 */ 979 in6m_release_wait(NULL); 980 } 981 982 void 983 in6_ifattach_destroy(void) 984 { 985 986 callout_drain(&V_in6_tmpaddrtimer_ch); 987 } 988 989 static void 990 in6_ifattach_init(void *dummy) 991 { 992 993 /* Timer for regeneranation of temporary addresses randomize ID. */ 994 callout_init(&V_in6_tmpaddrtimer_ch, 1); 995 callout_reset(&V_in6_tmpaddrtimer_ch, 996 (V_ip6_temp_preferred_lifetime - V_ip6_desync_factor - 997 V_ip6_temp_regen_advance) * hz, 998 in6_tmpaddrtimer, curvnet); 999 } 1000 1001 /* 1002 * Cheat. 1003 * This must be after route_init(), which is now SI_ORDER_THIRD. 1004 */ 1005 SYSINIT(in6_ifattach_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_MIDDLE, 1006 in6_ifattach_init, NULL); 1007