1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the project nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 * $KAME: in6_ifattach.c,v 1.118 2001/05/24 07:44:00 itojun Exp $ 32 */ 33 34 #include <sys/param.h> 35 #include <sys/systm.h> 36 #include <sys/counter.h> 37 #include <sys/malloc.h> 38 #include <sys/socket.h> 39 #include <sys/sockio.h> 40 #include <sys/jail.h> 41 #include <sys/kernel.h> 42 #include <sys/lock.h> 43 #include <sys/proc.h> 44 #include <sys/rmlock.h> 45 #include <sys/syslog.h> 46 #include <sys/md5.h> 47 #include <crypto/sha2/sha256.h> 48 49 #include <net/if.h> 50 #include <net/if_var.h> 51 #include <net/if_dl.h> 52 #include <net/if_private.h> 53 #include <net/if_types.h> 54 #include <net/route.h> 55 #include <net/vnet.h> 56 57 #include <netinet/in.h> 58 #include <netinet/in_var.h> 59 #include <netinet/if_ether.h> 60 #include <netinet/in_pcb.h> 61 #include <netinet/ip_var.h> 62 #include <netinet/udp.h> 63 #include <netinet/udp_var.h> 64 65 #include <netinet/ip6.h> 66 #include <netinet6/ip6_var.h> 67 #include <netinet6/in6_var.h> 68 #include <netinet6/in6_pcb.h> 69 #include <netinet6/in6_ifattach.h> 70 #include <netinet6/ip6_var.h> 71 #include <netinet6/nd6.h> 72 #include <netinet6/mld6_var.h> 73 #include <netinet6/scope6_var.h> 74 75 #ifdef IP6_AUTO_LINKLOCAL 76 VNET_DEFINE(int, ip6_auto_linklocal) = IP6_AUTO_LINKLOCAL; 77 #else 78 VNET_DEFINE(int, ip6_auto_linklocal) = 1; /* enabled by default */ 79 #endif 80 81 VNET_DEFINE(struct callout, in6_tmpaddrtimer_ch); 82 #define V_in6_tmpaddrtimer_ch VNET(in6_tmpaddrtimer_ch) 83 84 VNET_DEFINE(int, ip6_stableaddr_netifsource) = IP6_STABLEADDR_NETIFSRC_NAME; /* Use interface name by default */ 85 86 VNET_DECLARE(struct inpcbinfo, ripcbinfo); 87 #define V_ripcbinfo VNET(ripcbinfo) 88 89 static int get_rand_ifid(struct ifnet *, struct in6_addr *); 90 static int in6_ifattach_linklocal(struct ifnet *, struct ifnet *); 91 static int in6_ifattach_loopback(struct ifnet *); 92 static void in6_purgemaddrs(struct ifnet *); 93 94 #define EUI64_GBIT 0x01 95 #define EUI64_UBIT 0x02 96 #define EUI64_TO_IFID(in6) do {(in6)->s6_addr[8] ^= EUI64_UBIT; } while (0) 97 #define EUI64_GROUP(in6) ((in6)->s6_addr[8] & EUI64_GBIT) 98 #define EUI64_INDIVIDUAL(in6) (!EUI64_GROUP(in6)) 99 #define EUI64_LOCAL(in6) ((in6)->s6_addr[8] & EUI64_UBIT) 100 #define EUI64_UNIVERSAL(in6) (!EUI64_LOCAL(in6)) 101 102 #define IFID_LOCAL(in6) (!EUI64_LOCAL(in6)) 103 #define IFID_UNIVERSAL(in6) (!EUI64_UNIVERSAL(in6)) 104 105 #define HMAC_IPAD 0x36 106 #define HMAC_OPAD 0x5C 107 108 /* 109 * Generate a last-resort interface identifier, when the machine has no 110 * IEEE802/EUI64 address sources. 111 * The goal here is to get an interface identifier that is 112 * (1) random enough and (2) does not change across reboot. 113 * We currently use MD5(hostname) for it. 114 * 115 * in6 - upper 64bits are preserved 116 */ 117 static int 118 get_rand_ifid(struct ifnet *ifp, struct in6_addr *in6) 119 { 120 MD5_CTX ctxt; 121 struct prison *pr; 122 u_int8_t digest[16]; 123 int hostnamelen; 124 125 pr = curthread->td_ucred->cr_prison; 126 mtx_lock(&pr->pr_mtx); 127 hostnamelen = strlen(pr->pr_hostname); 128 #if 0 129 /* we need at least several letters as seed for ifid */ 130 if (hostnamelen < 3) { 131 mtx_unlock(&pr->pr_mtx); 132 return -1; 133 } 134 #endif 135 136 /* generate 8 bytes of pseudo-random value. */ 137 bzero(&ctxt, sizeof(ctxt)); 138 MD5Init(&ctxt); 139 MD5Update(&ctxt, pr->pr_hostname, hostnamelen); 140 mtx_unlock(&pr->pr_mtx); 141 MD5Final(digest, &ctxt); 142 143 /* assumes sizeof(digest) > sizeof(ifid) */ 144 bcopy(digest, &in6->s6_addr[8], 8); 145 146 /* make sure to set "u" bit to local, and "g" bit to individual. */ 147 in6->s6_addr[8] &= ~EUI64_GBIT; /* g bit to "individual" */ 148 in6->s6_addr[8] |= EUI64_UBIT; /* u bit to "local" */ 149 150 /* convert EUI64 into IPv6 interface identifier */ 151 EUI64_TO_IFID(in6); 152 153 return 0; 154 } 155 156 157 /** 158 * Get interface link level sockaddr 159 */ 160 static struct sockaddr_dl * 161 get_interface_link_level(struct ifnet *ifp) 162 { 163 struct ifaddr *ifa; 164 struct sockaddr_dl *sdl; 165 166 NET_EPOCH_ASSERT(); 167 168 CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 169 if (ifa->ifa_addr->sa_family != AF_LINK) 170 continue; 171 sdl = (struct sockaddr_dl *)ifa->ifa_addr; 172 if (sdl == NULL) 173 continue; 174 if (sdl->sdl_alen == 0) 175 continue; 176 177 return sdl; 178 } 179 180 return NULL; 181 } 182 183 /* 184 * Get hwaddr from link interface 185 */ 186 static uint8_t * 187 in6_get_interface_hwaddr(struct ifnet *ifp, size_t *len) 188 { 189 struct sockaddr_dl *sdl; 190 u_int8_t *addr; 191 static u_int8_t allzero[8] = { 0, 0, 0, 0, 0, 0, 0, 0 }; 192 static u_int8_t allone[8] = 193 { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 194 195 sdl = get_interface_link_level(ifp); 196 if (sdl == NULL) 197 return (NULL); 198 199 addr = LLADDR(sdl); 200 *len = sdl->sdl_alen; 201 202 /* get EUI64 */ 203 switch (ifp->if_type) { 204 case IFT_BRIDGE: 205 case IFT_ETHER: 206 case IFT_L2VLAN: 207 case IFT_ATM: 208 case IFT_IEEE1394: 209 /* IEEE802/EUI64 cases - what others? */ 210 /* IEEE1394 uses 16byte length address starting with EUI64 */ 211 if (*len > 8) 212 *len = 8; 213 214 /* look at IEEE802/EUI64 only */ 215 if (*len != 8 && *len != 6) 216 return (NULL); 217 218 /* 219 * check for invalid MAC address - on bsdi, we see it a lot 220 * since wildboar configures all-zero MAC on pccard before 221 * card insertion. 222 */ 223 if (memcmp(addr, allzero, *len) == 0 || memcmp(addr, allone, *len) == 0) 224 return (NULL); 225 226 break; 227 228 case IFT_GIF: 229 case IFT_STF: 230 /* 231 * RFC2893 says: "SHOULD use IPv4 address as ifid source". 232 * however, IPv4 address is not very suitable as unique 233 * identifier source (can be renumbered). 234 * we don't do this. 235 */ 236 return (NULL); 237 238 case IFT_INFINIBAND: 239 if (*len != 20) 240 return (NULL); 241 *len = 8; 242 addr += 12; 243 break; 244 245 default: 246 return (NULL); 247 } 248 249 return addr; 250 } 251 252 /* 253 * Get interface identifier for the specified interface. 254 * XXX assumes single sockaddr_dl (AF_LINK address) per an interface 255 * 256 * in6 - upper 64bits are preserved 257 */ 258 int 259 in6_get_hw_ifid(struct ifnet *ifp, struct in6_addr *in6) 260 { 261 size_t hwaddr_len; 262 uint8_t *hwaddr; 263 static u_int8_t allzero[8] = { 0, 0, 0, 0, 0, 0, 0, 0 }; 264 265 hwaddr = in6_get_interface_hwaddr(ifp, &hwaddr_len); 266 if (hwaddr == NULL || (hwaddr_len != 6 && hwaddr_len != 8)) 267 return -1; 268 269 /* make EUI64 address */ 270 if (hwaddr_len == 8) 271 memcpy(&in6->s6_addr[8], hwaddr, 8); 272 else if (hwaddr_len == 6) { 273 in6->s6_addr[8] = hwaddr[0]; 274 in6->s6_addr[9] = hwaddr[1]; 275 in6->s6_addr[10] = hwaddr[2]; 276 in6->s6_addr[11] = 0xff; 277 in6->s6_addr[12] = 0xfe; 278 in6->s6_addr[13] = hwaddr[3]; 279 in6->s6_addr[14] = hwaddr[4]; 280 in6->s6_addr[15] = hwaddr[5]; 281 } 282 283 /* sanity check: g bit must not indicate "group" */ 284 if (EUI64_GROUP(in6)) 285 return -1; 286 287 /* convert EUI64 into IPv6 interface identifier */ 288 EUI64_TO_IFID(in6); 289 290 /* 291 * sanity check: ifid must not be all zero, avoid conflict with 292 * subnet router anycast 293 */ 294 if ((in6->s6_addr[8] & ~(EUI64_GBIT | EUI64_UBIT)) == 0x00 && 295 bcmp(&in6->s6_addr[9], allzero, 7) == 0) 296 return -1; 297 298 return 0; 299 } 300 301 /* 302 * Validate generated interface id to make sure it does not fall in any reserved range: 303 * 304 * https://www.iana.org/assignments/ipv6-interface-ids/ipv6-interface-ids.xhtml 305 */ 306 static bool 307 validate_ifid(uint8_t *iid) 308 { 309 static uint8_t allzero[8] = { 0, 0, 0, 0, 0, 0, 0, 0 }; 310 static uint8_t reserved_eth[5] = { 0x02, 0x00, 0x5E, 0xFF, 0xFE }; 311 static uint8_t reserved_anycast[7] = { 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; 312 313 /* Subnet-Router Anycast (RFC 4291)*/ 314 if (memcmp(iid, allzero, 8) == 0) 315 return (false); 316 317 /* 318 * Reserved IPv6 Interface Identifiers corresponding to the IANA Ethernet Block (RFC 4291) 319 * and 320 * Proxy Mobile IPv6 (RFC 6543) 321 */ 322 if (memcmp(iid, reserved_eth, 5) == 0) 323 return (false); 324 325 /* Reserved Subnet Anycast Addresses (RFC 2526) */ 326 if (memcmp(iid, reserved_anycast, 7) == 0 && iid[7] >= 0x80) 327 return (false); 328 329 return (true); 330 } 331 332 /* 333 * Get interface identifier for the specified interface, according to 334 * RFC 7217 Stable and Opaque IDs with SLAAC, using HMAC-SHA256 digest. 335 * 336 * in6 - upper 64bits are preserved 337 */ 338 bool 339 in6_get_stableifid(struct ifnet *ifp, struct in6_addr *in6, int prefixlen) 340 { 341 struct sockaddr_dl *sdl; 342 const uint8_t *netiface; 343 size_t netiface_len, hostuuid_len; 344 uint8_t hostuuid[HOSTUUIDLEN + 1], hmac_key[SHA256_BLOCK_LENGTH], 345 hk_ipad[SHA256_BLOCK_LENGTH], hk_opad[SHA256_BLOCK_LENGTH]; 346 uint64_t dad_failures; 347 SHA256_CTX ctxt; 348 349 switch (V_ip6_stableaddr_netifsource) { 350 case IP6_STABLEADDR_NETIFSRC_ID: 351 sdl = get_interface_link_level(ifp); 352 if (sdl == NULL) 353 return (false); 354 netiface = (uint8_t *)&LLINDEX(sdl); 355 netiface_len = sizeof(u_short); /* real return type of LLINDEX */ 356 break; 357 358 case IP6_STABLEADDR_NETIFSRC_MAC: 359 netiface = in6_get_interface_hwaddr(ifp, &netiface_len); 360 if (netiface == NULL) 361 return (false); 362 break; 363 364 case IP6_STABLEADDR_NETIFSRC_NAME: 365 default: 366 netiface = (const uint8_t *)if_name(ifp); 367 netiface_len = strlen(netiface); 368 break; 369 } 370 371 /* Use hostuuid as constant "secret" key */ 372 getcredhostuuid(curthread->td_ucred, hostuuid, sizeof(hostuuid)); 373 if (strncmp(hostuuid, DEFAULT_HOSTUUID, sizeof(hostuuid)) == 0) { 374 // If hostuuid is not set, use a random value 375 arc4rand(hostuuid, HOSTUUIDLEN, 0); 376 hostuuid[HOSTUUIDLEN] = '\0'; 377 } 378 hostuuid_len = strlen(hostuuid); 379 380 dad_failures = counter_u64_fetch(DAD_FAILURES(ifp)); 381 382 /* 383 * RFC 7217 section 7 384 * 385 * default max retries 386 */ 387 if (dad_failures > V_ip6_stableaddr_maxretries) 388 return (false); 389 390 /* 391 * Use hostuuid as basis for HMAC key 392 */ 393 memset(hmac_key, 0, sizeof(hmac_key)); 394 if (hostuuid_len <= SHA256_BLOCK_LENGTH) { 395 /* copy to hmac key variable, zero padded */ 396 memcpy(hmac_key, hostuuid, hostuuid_len); 397 } else { 398 /* if longer than block length, use hash of the value, zero padded */ 399 SHA256_Init(&ctxt); 400 SHA256_Update(&ctxt, hostuuid, hostuuid_len); 401 SHA256_Final(hmac_key, &ctxt); 402 } 403 /* XOR key with ipad and opad values */ 404 for (uint16_t i = 0; i < sizeof(hmac_key); i++) { 405 hk_ipad[i] = hmac_key[i] ^ HMAC_IPAD; 406 hk_opad[i] = hmac_key[i] ^ HMAC_OPAD; 407 } 408 409 /* 410 * Generate interface id in a loop, adding an offset to be factored in the hash function. 411 * This is necessary, because if the generated interface id happens to be invalid we 412 * want to force the hash function to generate a different one, otherwise we would end up 413 * in an infinite loop trying the same invalid interface id over and over again. 414 * 415 * Using an uint8 counter for the offset, so limit iteration at UINT8_MAX. This is a safety 416 * measure, this will never iterate more than once or twice in practice. 417 */ 418 for(uint8_t offset = 0; offset < UINT8_MAX; offset++) { 419 uint8_t digest[SHA256_DIGEST_LENGTH]; 420 421 /* Calculate inner hash */ 422 SHA256_Init(&ctxt); 423 SHA256_Update(&ctxt, hk_ipad, sizeof(hk_ipad)); 424 SHA256_Update(&ctxt, in6->s6_addr, prefixlen / 8); 425 SHA256_Update(&ctxt, netiface, netiface_len); 426 SHA256_Update(&ctxt, (uint8_t *)&dad_failures, 8); 427 SHA256_Update(&ctxt, hostuuid, hostuuid_len); 428 SHA256_Update(&ctxt, &offset, 1); 429 SHA256_Final(digest, &ctxt); 430 431 /* Calculate outer hash */ 432 SHA256_Init(&ctxt); 433 SHA256_Update(&ctxt, hk_opad, sizeof(hk_opad)); 434 SHA256_Update(&ctxt, digest, sizeof(digest)); 435 SHA256_Final(digest, &ctxt); 436 437 if (validate_ifid(digest)) { 438 /* assumes sizeof(digest) > sizeof(ifid) */ 439 memcpy(&in6->s6_addr[8], digest, 8); 440 441 return (true); 442 } 443 } 444 445 return (false); 446 } 447 448 /* 449 * Get interface identifier for the specified interface. If it is not 450 * available on ifp0, borrow interface identifier from other information 451 * sources. 452 * 453 * altifp - secondary EUI64 source 454 */ 455 int 456 in6_get_ifid(struct ifnet *ifp0, struct ifnet *altifp, 457 struct in6_addr *in6) 458 { 459 struct ifnet *ifp; 460 461 NET_EPOCH_ASSERT(); 462 463 /* first, try to get it from the interface itself, with stable algorithm, if configured */ 464 if ((ND_IFINFO(ifp0)->flags & ND6_IFF_STABLEADDR) && in6_get_stableifid(ifp0, in6, 64) == 0) { 465 nd6log((LOG_DEBUG, "%s: got interface identifier from itself (stable private)\n", 466 if_name(ifp0))); 467 goto success; 468 } 469 470 /* then/otherwise try to get it from the interface itself */ 471 if (in6_get_hw_ifid(ifp0, in6) == 0) { 472 nd6log((LOG_DEBUG, "%s: got interface identifier from itself\n", 473 if_name(ifp0))); 474 goto success; 475 } 476 477 /* try secondary EUI64 source. this basically is for ATM PVC */ 478 if (altifp && in6_get_hw_ifid(altifp, in6) == 0) { 479 nd6log((LOG_DEBUG, "%s: got interface identifier from %s\n", 480 if_name(ifp0), if_name(altifp))); 481 goto success; 482 } 483 484 /* next, try to get it from some other hardware interface */ 485 CK_STAILQ_FOREACH(ifp, &V_ifnet, if_link) { 486 if (ifp == ifp0) 487 continue; 488 if (in6_get_hw_ifid(ifp, in6) != 0) 489 continue; 490 491 /* 492 * to borrow ifid from other interface, ifid needs to be 493 * globally unique 494 */ 495 if (IFID_UNIVERSAL(in6)) { 496 nd6log((LOG_DEBUG, 497 "%s: borrow interface identifier from %s\n", 498 if_name(ifp0), if_name(ifp))); 499 goto success; 500 } 501 } 502 503 /* last resort: get from random number source */ 504 if (get_rand_ifid(ifp, in6) == 0) { 505 nd6log((LOG_DEBUG, 506 "%s: interface identifier generated by random number\n", 507 if_name(ifp0))); 508 goto success; 509 } 510 511 printf("%s: failed to get interface identifier\n", if_name(ifp0)); 512 return -1; 513 514 success: 515 nd6log((LOG_INFO, "%s: ifid: %02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x\n", 516 if_name(ifp0), in6->s6_addr[8], in6->s6_addr[9], in6->s6_addr[10], 517 in6->s6_addr[11], in6->s6_addr[12], in6->s6_addr[13], 518 in6->s6_addr[14], in6->s6_addr[15])); 519 return 0; 520 } 521 522 /* 523 * altifp - secondary EUI64 source 524 */ 525 static int 526 in6_ifattach_linklocal(struct ifnet *ifp, struct ifnet *altifp) 527 { 528 struct in6_ifaddr *ia; 529 struct in6_aliasreq ifra; 530 struct nd_prefixctl pr0; 531 struct epoch_tracker et; 532 struct nd_prefix *pr; 533 int error; 534 535 /* 536 * configure link-local address. 537 */ 538 in6_prepare_ifra(&ifra, NULL, &in6mask64); 539 540 ifra.ifra_addr.sin6_addr.s6_addr32[0] = htonl(0xfe800000); 541 ifra.ifra_addr.sin6_addr.s6_addr32[1] = 0; 542 if ((ifp->if_flags & IFF_LOOPBACK) != 0) { 543 ifra.ifra_addr.sin6_addr.s6_addr32[2] = 0; 544 ifra.ifra_addr.sin6_addr.s6_addr32[3] = htonl(1); 545 } else { 546 NET_EPOCH_ENTER(et); 547 error = in6_get_ifid(ifp, altifp, &ifra.ifra_addr.sin6_addr); 548 NET_EPOCH_EXIT(et); 549 if (error != 0) { 550 nd6log((LOG_ERR, 551 "%s: no ifid available\n", if_name(ifp))); 552 return (-1); 553 } 554 } 555 if (in6_setscope(&ifra.ifra_addr.sin6_addr, ifp, NULL)) 556 return (-1); 557 558 /* link-local addresses should NEVER expire. */ 559 ifra.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME; 560 ifra.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME; 561 562 /* 563 * Now call in6_update_ifa() to do a bunch of procedures to configure 564 * a link-local address. We can set the 3rd argument to NULL, because 565 * we know there's no other link-local address on the interface 566 * and therefore we are adding one (instead of updating one). 567 */ 568 if ((error = in6_update_ifa(ifp, &ifra, NULL, 569 IN6_IFAUPDATE_DADDELAY)) != 0) { 570 /* 571 * XXX: When the interface does not support IPv6, this call 572 * would fail in the SIOCSIFADDR ioctl. I believe the 573 * notification is rather confusing in this case, so just 574 * suppress it. (jinmei@kame.net 20010130) 575 */ 576 if (error != EAFNOSUPPORT) 577 nd6log((LOG_NOTICE, "in6_ifattach_linklocal: failed to " 578 "configure a link-local address on %s " 579 "(errno=%d)\n", 580 if_name(ifp), error)); 581 return (-1); 582 } 583 584 NET_EPOCH_ENTER(et); 585 ia = in6ifa_ifpforlinklocal(ifp, 0); 586 NET_EPOCH_EXIT(et); 587 if (ia == NULL) { 588 /* 589 * Another thread removed the address that we just added. 590 * This should be rare, but it happens. 591 */ 592 nd6log((LOG_NOTICE, "%s: %s: new link-local address " 593 "disappeared\n", __func__, if_name(ifp))); 594 return (-1); 595 } 596 ifa_free(&ia->ia_ifa); 597 598 /* 599 * Make the link-local prefix (fe80::%link/64) as on-link. 600 * Since we'd like to manage prefixes separately from addresses, 601 * we make an ND6 prefix structure for the link-local prefix, 602 * and add it to the prefix list as a never-expire prefix. 603 * XXX: this change might affect some existing code base... 604 */ 605 bzero(&pr0, sizeof(pr0)); 606 pr0.ndpr_ifp = ifp; 607 /* this should be 64 at this moment. */ 608 pr0.ndpr_plen = in6_mask2len(&ifra.ifra_prefixmask.sin6_addr, NULL); 609 pr0.ndpr_prefix = ifra.ifra_addr; 610 /* apply the mask for safety. (nd6_prelist_add will apply it again) */ 611 IN6_MASK_ADDR(&pr0.ndpr_prefix.sin6_addr, &in6mask64); 612 /* 613 * Initialize parameters. The link-local prefix must always be 614 * on-link, and its lifetimes never expire. 615 */ 616 pr0.ndpr_raf_onlink = 1; 617 pr0.ndpr_raf_auto = 1; /* probably meaningless */ 618 pr0.ndpr_vltime = ND6_INFINITE_LIFETIME; 619 pr0.ndpr_pltime = ND6_INFINITE_LIFETIME; 620 /* 621 * Since there is no other link-local addresses, nd6_prefix_lookup() 622 * probably returns NULL. However, we cannot always expect the result. 623 * For example, if we first remove the (only) existing link-local 624 * address, and then reconfigure another one, the prefix is still 625 * valid with referring to the old link-local address. 626 */ 627 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) { 628 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) 629 return (error); 630 /* Reference prefix */ 631 ia->ia6_ndpr = pr; 632 pr->ndpr_addrcnt++; 633 } else 634 nd6_prefix_rele(pr); 635 636 return 0; 637 } 638 639 /* 640 * ifp - must be IFT_LOOP 641 */ 642 static int 643 in6_ifattach_loopback(struct ifnet *ifp) 644 { 645 struct in6_aliasreq ifra; 646 int error; 647 648 in6_prepare_ifra(&ifra, &in6addr_loopback, &in6mask128); 649 650 /* 651 * Always initialize ia_dstaddr (= broadcast address) to loopback 652 * address. Follows IPv4 practice - see in_ifinit(). 653 */ 654 ifra.ifra_dstaddr.sin6_len = sizeof(struct sockaddr_in6); 655 ifra.ifra_dstaddr.sin6_family = AF_INET6; 656 ifra.ifra_dstaddr.sin6_addr = in6addr_loopback; 657 658 /* the loopback address should NEVER expire. */ 659 ifra.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME; 660 ifra.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME; 661 662 /* 663 * We are sure that this is a newly assigned address, so we can set 664 * NULL to the 3rd arg. 665 */ 666 if ((error = in6_update_ifa(ifp, &ifra, NULL, 0)) != 0) { 667 nd6log((LOG_ERR, "in6_ifattach_loopback: failed to configure " 668 "the loopback address on %s (errno=%d)\n", 669 if_name(ifp), error)); 670 return (-1); 671 } 672 673 return 0; 674 } 675 676 /* 677 * compute NI group address, based on the current hostname setting. 678 * see RFC 4620. 679 * 680 * when ifp == NULL, the caller is responsible for filling scopeid. 681 * 682 * If oldmcprefix == 1, FF02:0:0:0:0:2::/96 is used for NI group address 683 * while it is FF02:0:0:0:0:2:FF00::/104 in RFC 4620. 684 */ 685 static int 686 in6_nigroup0(struct ifnet *ifp, const char *name, int namelen, 687 struct in6_addr *in6, int oldmcprefix) 688 { 689 struct prison *pr; 690 const char *p; 691 u_char *q; 692 MD5_CTX ctxt; 693 u_int8_t digest[16]; 694 char l; 695 char n[64]; /* a single label must not exceed 63 chars */ 696 697 /* 698 * If no name is given and namelen is -1, 699 * we try to do the hostname lookup ourselves. 700 */ 701 if (!name && namelen == -1) { 702 pr = curthread->td_ucred->cr_prison; 703 mtx_lock(&pr->pr_mtx); 704 name = pr->pr_hostname; 705 namelen = strlen(name); 706 } else 707 pr = NULL; 708 if (!name || !namelen) { 709 if (pr != NULL) 710 mtx_unlock(&pr->pr_mtx); 711 return -1; 712 } 713 714 p = name; 715 while (p && *p && *p != '.' && p - name < namelen) 716 p++; 717 if (p == name || p - name > sizeof(n) - 1) { 718 if (pr != NULL) 719 mtx_unlock(&pr->pr_mtx); 720 return -1; /* label too long */ 721 } 722 l = p - name; 723 strncpy(n, name, l); 724 if (pr != NULL) 725 mtx_unlock(&pr->pr_mtx); 726 n[(int)l] = '\0'; 727 for (q = n; *q; q++) { 728 if ('A' <= *q && *q <= 'Z') 729 *q = *q - 'A' + 'a'; 730 } 731 732 /* generate 16 bytes of pseudo-random value. */ 733 bzero(&ctxt, sizeof(ctxt)); 734 MD5Init(&ctxt); 735 MD5Update(&ctxt, &l, sizeof(l)); 736 MD5Update(&ctxt, n, l); 737 MD5Final(digest, &ctxt); 738 739 bzero(in6, sizeof(*in6)); 740 in6->s6_addr16[0] = IPV6_ADDR_INT16_MLL; 741 in6->s6_addr8[11] = 2; 742 if (oldmcprefix == 0) { 743 in6->s6_addr8[12] = 0xff; 744 /* Copy the first 24 bits of 128-bit hash into the address. */ 745 bcopy(digest, &in6->s6_addr8[13], 3); 746 } else { 747 /* Copy the first 32 bits of 128-bit hash into the address. */ 748 bcopy(digest, &in6->s6_addr32[3], sizeof(in6->s6_addr32[3])); 749 } 750 if (in6_setscope(in6, ifp, NULL)) 751 return (-1); /* XXX: should not fail */ 752 753 return 0; 754 } 755 756 int 757 in6_nigroup(struct ifnet *ifp, const char *name, int namelen, 758 struct in6_addr *in6) 759 { 760 761 return (in6_nigroup0(ifp, name, namelen, in6, 0)); 762 } 763 764 int 765 in6_nigroup_oldmcprefix(struct ifnet *ifp, const char *name, int namelen, 766 struct in6_addr *in6) 767 { 768 769 return (in6_nigroup0(ifp, name, namelen, in6, 1)); 770 } 771 772 /* 773 * XXX multiple loopback interface needs more care. for instance, 774 * nodelocal address needs to be configured onto only one of them. 775 * XXX multiple link-local address case 776 * 777 * altifp - secondary EUI64 source 778 */ 779 void 780 in6_ifattach(struct ifnet *ifp, struct ifnet *altifp) 781 { 782 struct in6_ifaddr *ia; 783 784 if (ifp->if_afdata[AF_INET6] == NULL) 785 return; 786 /* 787 * quirks based on interface type 788 */ 789 switch (ifp->if_type) { 790 case IFT_STF: 791 /* 792 * 6to4 interface is a very special kind of beast. 793 * no multicast, no linklocal. RFC2529 specifies how to make 794 * linklocals for 6to4 interface, but there's no use and 795 * it is rather harmful to have one. 796 */ 797 ND_IFINFO(ifp)->flags &= ~ND6_IFF_AUTO_LINKLOCAL; 798 ND_IFINFO(ifp)->flags |= ND6_IFF_NO_DAD; 799 break; 800 default: 801 break; 802 } 803 804 /* 805 * usually, we require multicast capability to the interface 806 */ 807 if ((ifp->if_flags & IFF_MULTICAST) == 0) { 808 nd6log((LOG_INFO, "in6_ifattach: " 809 "%s is not multicast capable, IPv6 not enabled\n", 810 if_name(ifp))); 811 return; 812 } 813 814 /* 815 * assign loopback address for loopback interface. 816 */ 817 if ((ifp->if_flags & IFF_LOOPBACK) != 0) { 818 /* 819 * check that loopback address doesn't exist yet. 820 */ 821 ia = in6ifa_ifwithaddr(&in6addr_loopback, 0, false); 822 if (ia == NULL) 823 in6_ifattach_loopback(ifp); 824 } 825 826 /* 827 * assign a link-local address, if there's none. 828 */ 829 if (!(ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED) && 830 ND_IFINFO(ifp)->flags & ND6_IFF_AUTO_LINKLOCAL) { 831 struct epoch_tracker et; 832 833 NET_EPOCH_ENTER(et); 834 ia = in6ifa_ifpforlinklocal(ifp, 0); 835 NET_EPOCH_EXIT(et); 836 if (ia == NULL) 837 in6_ifattach_linklocal(ifp, altifp); 838 else 839 ifa_free(&ia->ia_ifa); 840 } 841 } 842 843 /* 844 * NOTE: in6_ifdetach() does not support loopback if at this moment. 845 * 846 * When shutting down a VNET we clean up layers top-down. In that case 847 * upper layer protocols (ulp) are cleaned up already and locks are destroyed 848 * and we must not call into these cleanup functions anymore, thus purgeulp 849 * is set to 0 in that case by in6_ifdetach_destroy(). 850 * The normal case of destroying a (cloned) interface still needs to cleanup 851 * everything related to the interface and will have purgeulp set to 1. 852 */ 853 static void 854 _in6_ifdetach(struct ifnet *ifp, int purgeulp) 855 { 856 struct ifaddr *ifa, *next; 857 858 if (ifp->if_afdata[AF_INET6] == NULL) 859 return; 860 861 /* 862 * nuke any of IPv6 addresses we have 863 */ 864 CK_STAILQ_FOREACH_SAFE(ifa, &ifp->if_addrhead, ifa_link, next) { 865 if (ifa->ifa_addr->sa_family != AF_INET6) 866 continue; 867 in6_purgeaddr(ifa); 868 } 869 if (purgeulp) { 870 IN6_MULTI_LOCK(); 871 in6_pcbpurgeif0(&V_udbinfo, ifp); 872 in6_pcbpurgeif0(&V_ulitecbinfo, ifp); 873 in6_pcbpurgeif0(&V_ripcbinfo, ifp); 874 IN6_MULTI_UNLOCK(); 875 } 876 /* leave from all multicast groups joined */ 877 in6_purgemaddrs(ifp); 878 879 /* 880 * Remove neighbor management table. 881 * Enabling the nd6_purge will panic on vmove for interfaces on VNET 882 * teardown as the IPv6 layer is cleaned up already and the locks 883 * are destroyed. 884 */ 885 if (purgeulp) 886 nd6_purge(ifp); 887 } 888 889 void 890 in6_ifdetach(struct ifnet *ifp) 891 { 892 893 _in6_ifdetach(ifp, 1); 894 } 895 896 void 897 in6_ifdetach_destroy(struct ifnet *ifp) 898 { 899 900 _in6_ifdetach(ifp, 0); 901 } 902 903 void 904 in6_tmpaddrtimer(void *arg) 905 { 906 CURVNET_SET((struct vnet *) arg); 907 908 callout_reset(&V_in6_tmpaddrtimer_ch, 909 (V_ip6_temp_preferred_lifetime - V_ip6_desync_factor - 910 V_ip6_temp_regen_advance) * hz, in6_tmpaddrtimer, curvnet); 911 912 CURVNET_RESTORE(); 913 } 914 915 static void 916 in6_purgemaddrs(struct ifnet *ifp) 917 { 918 struct in6_multi_head inmh; 919 920 SLIST_INIT(&inmh); 921 IN6_MULTI_LOCK(); 922 IN6_MULTI_LIST_LOCK(); 923 mld_ifdetach(ifp, &inmh); 924 IN6_MULTI_LIST_UNLOCK(); 925 IN6_MULTI_UNLOCK(); 926 in6m_release_list_deferred(&inmh); 927 928 /* 929 * Make sure all multicast deletions invoking if_ioctl() are 930 * completed before returning. Else we risk accessing a freed 931 * ifnet structure pointer. 932 */ 933 in6m_release_wait(NULL); 934 } 935 936 void 937 in6_ifattach_destroy(void) 938 { 939 940 callout_drain(&V_in6_tmpaddrtimer_ch); 941 } 942 943 static void 944 in6_ifattach_init(void *dummy) 945 { 946 947 /* Timer for regeneranation of temporary addresses randomize ID. */ 948 callout_init(&V_in6_tmpaddrtimer_ch, 1); 949 callout_reset(&V_in6_tmpaddrtimer_ch, 950 (V_ip6_temp_preferred_lifetime - V_ip6_desync_factor - 951 V_ip6_temp_regen_advance) * hz, 952 in6_tmpaddrtimer, curvnet); 953 } 954 955 /* 956 * Cheat. 957 * This must be after route_init(), which is now SI_ORDER_THIRD. 958 */ 959 SYSINIT(in6_ifattach_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_MIDDLE, 960 in6_ifattach_init, NULL); 961