1caf43b02SWarner Losh /*- 251369649SPedro F. Giffuni * SPDX-License-Identifier: BSD-3-Clause 351369649SPedro F. Giffuni * 482cd038dSYoshinobu Inoue * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 5fa046d87SRobert Watson * Copyright (c) 2010-2011 Juniper Networks, Inc. 682cd038dSYoshinobu Inoue * All rights reserved. 782cd038dSYoshinobu Inoue * 8fa046d87SRobert Watson * Portions of this software were developed by Robert N. M. Watson under 9fa046d87SRobert Watson * contract to Juniper Networks, Inc. 10fa046d87SRobert Watson * 1182cd038dSYoshinobu Inoue * Redistribution and use in source and binary forms, with or without 1282cd038dSYoshinobu Inoue * modification, are permitted provided that the following conditions 1382cd038dSYoshinobu Inoue * are met: 1482cd038dSYoshinobu Inoue * 1. Redistributions of source code must retain the above copyright 1582cd038dSYoshinobu Inoue * notice, this list of conditions and the following disclaimer. 1682cd038dSYoshinobu Inoue * 2. Redistributions in binary form must reproduce the above copyright 1782cd038dSYoshinobu Inoue * notice, this list of conditions and the following disclaimer in the 1882cd038dSYoshinobu Inoue * documentation and/or other materials provided with the distribution. 1982cd038dSYoshinobu Inoue * 3. Neither the name of the project nor the names of its contributors 2082cd038dSYoshinobu Inoue * may be used to endorse or promote products derived from this software 2182cd038dSYoshinobu Inoue * without specific prior written permission. 2282cd038dSYoshinobu Inoue * 2382cd038dSYoshinobu Inoue * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 2482cd038dSYoshinobu Inoue * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 2582cd038dSYoshinobu Inoue * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 2682cd038dSYoshinobu Inoue * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 2782cd038dSYoshinobu Inoue * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 2882cd038dSYoshinobu Inoue * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2982cd038dSYoshinobu Inoue * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 3082cd038dSYoshinobu Inoue * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 3182cd038dSYoshinobu Inoue * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 3282cd038dSYoshinobu Inoue * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 3382cd038dSYoshinobu Inoue * SUCH DAMAGE. 3482cd038dSYoshinobu Inoue * 35b48287a3SDavid E. O'Brien * $KAME: in6_pcb.c,v 1.31 2001/05/21 05:45:10 jinmei Exp $ 3682cd038dSYoshinobu Inoue */ 3782cd038dSYoshinobu Inoue 38caf43b02SWarner Losh /*- 3982cd038dSYoshinobu Inoue * Copyright (c) 1982, 1986, 1991, 1993 4082cd038dSYoshinobu Inoue * The Regents of the University of California. All rights reserved. 4182cd038dSYoshinobu Inoue * 4282cd038dSYoshinobu Inoue * Redistribution and use in source and binary forms, with or without 4382cd038dSYoshinobu Inoue * modification, are permitted provided that the following conditions 4482cd038dSYoshinobu Inoue * are met: 4582cd038dSYoshinobu Inoue * 1. Redistributions of source code must retain the above copyright 4682cd038dSYoshinobu Inoue * notice, this list of conditions and the following disclaimer. 4782cd038dSYoshinobu Inoue * 2. Redistributions in binary form must reproduce the above copyright 4882cd038dSYoshinobu Inoue * notice, this list of conditions and the following disclaimer in the 4982cd038dSYoshinobu Inoue * documentation and/or other materials provided with the distribution. 50fbbd9655SWarner Losh * 3. Neither the name of the University nor the names of its contributors 5182cd038dSYoshinobu Inoue * may be used to endorse or promote products derived from this software 5282cd038dSYoshinobu Inoue * without specific prior written permission. 5382cd038dSYoshinobu Inoue * 5482cd038dSYoshinobu Inoue * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 5582cd038dSYoshinobu Inoue * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 5682cd038dSYoshinobu Inoue * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 5782cd038dSYoshinobu Inoue * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 5882cd038dSYoshinobu Inoue * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 5982cd038dSYoshinobu Inoue * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 6082cd038dSYoshinobu Inoue * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 6182cd038dSYoshinobu Inoue * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 6282cd038dSYoshinobu Inoue * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 6382cd038dSYoshinobu Inoue * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 6482cd038dSYoshinobu Inoue * SUCH DAMAGE. 6582cd038dSYoshinobu Inoue * 6682cd038dSYoshinobu Inoue * @(#)in_pcb.c 8.2 (Berkeley) 1/4/94 6782cd038dSYoshinobu Inoue */ 6882cd038dSYoshinobu Inoue 69b48287a3SDavid E. O'Brien #include <sys/cdefs.h> 7033841545SHajimu UMEMOTO #include "opt_inet.h" 7133841545SHajimu UMEMOTO #include "opt_inet6.h" 726a800098SYoshinobu Inoue #include "opt_ipsec.h" 730c325f53SAlexander V. Chernikov #include "opt_route.h" 747527624eSRobert Watson #include "opt_rss.h" 7582cd038dSYoshinobu Inoue 76a0577692SGleb Smirnoff #include <sys/hash.h> 7782cd038dSYoshinobu Inoue #include <sys/param.h> 7882cd038dSYoshinobu Inoue #include <sys/systm.h> 7982cd038dSYoshinobu Inoue #include <sys/malloc.h> 8082cd038dSYoshinobu Inoue #include <sys/mbuf.h> 81fb59c426SYoshinobu Inoue #include <sys/domain.h> 82fdb987beSMark Johnston #include <sys/proc.h> 8382cd038dSYoshinobu Inoue #include <sys/protosw.h> 84fdb987beSMark Johnston #include <sys/smr.h> 8582cd038dSYoshinobu Inoue #include <sys/socket.h> 8682cd038dSYoshinobu Inoue #include <sys/socketvar.h> 8782cd038dSYoshinobu Inoue #include <sys/sockio.h> 8882cd038dSYoshinobu Inoue #include <sys/errno.h> 8982cd038dSYoshinobu Inoue #include <sys/time.h> 90acd3428bSRobert Watson #include <sys/priv.h> 9182cd038dSYoshinobu Inoue #include <sys/proc.h> 9282cd038dSYoshinobu Inoue #include <sys/jail.h> 9382cd038dSYoshinobu Inoue 9494540027SJeff Roberson #include <vm/uma.h> 9582cd038dSYoshinobu Inoue 9682cd038dSYoshinobu Inoue #include <net/if.h> 9776039bc8SGleb Smirnoff #include <net/if_var.h> 986d768226SGeorge V. Neville-Neil #include <net/if_llatbl.h> 9982cd038dSYoshinobu Inoue #include <net/if_types.h> 10082cd038dSYoshinobu Inoue #include <net/route.h> 101983066f0SAlexander V. Chernikov #include <net/route/nhop.h> 10282cd038dSYoshinobu Inoue 10382cd038dSYoshinobu Inoue #include <netinet/in.h> 10482cd038dSYoshinobu Inoue #include <netinet/in_var.h> 10582cd038dSYoshinobu Inoue #include <netinet/in_systm.h> 106686cdd19SJun-ichiro itojun Hagino #include <netinet/ip6.h> 107fb59c426SYoshinobu Inoue #include <netinet/ip_var.h> 108ac957cd2SJulian Elischer 10982cd038dSYoshinobu Inoue #include <netinet6/ip6_var.h> 11082cd038dSYoshinobu Inoue #include <netinet6/nd6.h> 11182cd038dSYoshinobu Inoue #include <netinet/in_pcb.h> 1120f617ae4SGleb Smirnoff #include <netinet/in_pcb_var.h> 11382cd038dSYoshinobu Inoue #include <netinet6/in6_pcb.h> 114983066f0SAlexander V. Chernikov #include <netinet6/in6_fib.h> 115a1f7e5f8SHajimu UMEMOTO #include <netinet6/scope6_var.h> 11682cd038dSYoshinobu Inoue 11782cd038dSYoshinobu Inoue int 118147f018aSGleb Smirnoff in6_pcbsetport(struct in6_addr *laddr, struct inpcb *inp, struct ucred *cred) 119147f018aSGleb Smirnoff { 120147f018aSGleb Smirnoff struct socket *so = inp->inp_socket; 121147f018aSGleb Smirnoff u_int16_t lport = 0; 122147f018aSGleb Smirnoff int error, lookupflags = 0; 123147f018aSGleb Smirnoff #ifdef INVARIANTS 124147f018aSGleb Smirnoff struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 125147f018aSGleb Smirnoff #endif 126147f018aSGleb Smirnoff 127147f018aSGleb Smirnoff INP_WLOCK_ASSERT(inp); 128147f018aSGleb Smirnoff INP_HASH_WLOCK_ASSERT(pcbinfo); 129147f018aSGleb Smirnoff 130147f018aSGleb Smirnoff error = prison_local_ip6(cred, laddr, 131147f018aSGleb Smirnoff ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)); 132147f018aSGleb Smirnoff if (error) 133147f018aSGleb Smirnoff return(error); 134147f018aSGleb Smirnoff 135147f018aSGleb Smirnoff /* XXX: this is redundant when called from in6_pcbbind */ 136147f018aSGleb Smirnoff if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT|SO_REUSEPORT_LB)) == 0) 137147f018aSGleb Smirnoff lookupflags = INPLOOKUP_WILDCARD; 138147f018aSGleb Smirnoff 139147f018aSGleb Smirnoff inp->inp_flags |= INP_ANONPORT; 140147f018aSGleb Smirnoff 141147f018aSGleb Smirnoff error = in_pcb_lport(inp, NULL, &lport, cred, lookupflags); 142147f018aSGleb Smirnoff if (error != 0) 143147f018aSGleb Smirnoff return (error); 144147f018aSGleb Smirnoff 145147f018aSGleb Smirnoff inp->inp_lport = lport; 146147f018aSGleb Smirnoff if (in_pcbinshash(inp) != 0) { 147147f018aSGleb Smirnoff inp->in6p_laddr = in6addr_any; 148147f018aSGleb Smirnoff inp->inp_lport = 0; 149147f018aSGleb Smirnoff return (EAGAIN); 150147f018aSGleb Smirnoff } 151147f018aSGleb Smirnoff 152147f018aSGleb Smirnoff return (0); 153147f018aSGleb Smirnoff } 154147f018aSGleb Smirnoff 155147f018aSGleb Smirnoff int 15696871af0SGleb Smirnoff in6_pcbbind(struct inpcb *inp, struct sockaddr_in6 *sin6, struct ucred *cred) 15782cd038dSYoshinobu Inoue { 15882cd038dSYoshinobu Inoue struct socket *so = inp->inp_socket; 15982cd038dSYoshinobu Inoue struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 16082cd038dSYoshinobu Inoue u_short lport = 0; 16168e0d7e0SRobert Watson int error, lookupflags = 0; 16268e0d7e0SRobert Watson int reuseport = (so->so_options & SO_REUSEPORT); 16382cd038dSYoshinobu Inoue 1641a43cff9SSean Bruno /* 1651a43cff9SSean Bruno * XXX: Maybe we could let SO_REUSEPORT_LB set SO_REUSEPORT bit here 1661a43cff9SSean Bruno * so that we don't have to add to the (already messy) code below. 1671a43cff9SSean Bruno */ 1681a43cff9SSean Bruno int reuseport_lb = (so->so_options & SO_REUSEPORT_LB); 1691a43cff9SSean Bruno 1708501a69cSRobert Watson INP_WLOCK_ASSERT(inp); 171fa046d87SRobert Watson INP_HASH_WLOCK_ASSERT(pcbinfo); 17207385abdSRobert Watson 17382cd038dSYoshinobu Inoue if (inp->inp_lport || !IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) 17482cd038dSYoshinobu Inoue return (EINVAL); 1751a43cff9SSean Bruno if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT|SO_REUSEPORT_LB)) == 0) 17668e0d7e0SRobert Watson lookupflags = INPLOOKUP_WILDCARD; 17796871af0SGleb Smirnoff if (sin6 == NULL) { 1787c2f3cb9SJamie Gritton if ((error = prison_local_ip6(cred, &inp->in6p_laddr, 1797c2f3cb9SJamie Gritton ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0))) != 0) 1807c2f3cb9SJamie Gritton return (error); 1817c2f3cb9SJamie Gritton } else { 182f161d294SMark Johnston KASSERT(sin6->sin6_family == AF_INET6, 183f161d294SMark Johnston ("%s: invalid address family for %p", __func__, sin6)); 184f161d294SMark Johnston KASSERT(sin6->sin6_len == sizeof(*sin6), 185f161d294SMark Johnston ("%s: invalid address length for %p", __func__, sin6)); 18682cd038dSYoshinobu Inoue 187603724d3SBjoern A. Zeeb if ((error = sa6_embedscope(sin6, V_ip6_use_defzone)) != 0) 188a1f7e5f8SHajimu UMEMOTO return(error); 18982cd038dSYoshinobu Inoue 190b89e82ddSJamie Gritton if ((error = prison_local_ip6(cred, &sin6->sin6_addr, 191b89e82ddSJamie Gritton ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0))) != 0) 192b89e82ddSJamie Gritton return (error); 193413628a7SBjoern A. Zeeb 19482cd038dSYoshinobu Inoue lport = sin6->sin6_port; 19582cd038dSYoshinobu Inoue if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) { 19682cd038dSYoshinobu Inoue /* 19782cd038dSYoshinobu Inoue * Treat SO_REUSEADDR as SO_REUSEPORT for multicast; 19882cd038dSYoshinobu Inoue * allow compepte duplication of binding if 19982cd038dSYoshinobu Inoue * SO_REUSEPORT is set, or if SO_REUSEADDR is set 20082cd038dSYoshinobu Inoue * and a multicast address is bound on both 20182cd038dSYoshinobu Inoue * new and duplicated sockets. 20282cd038dSYoshinobu Inoue */ 203f122b319SMikolaj Golub if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) != 0) 20482cd038dSYoshinobu Inoue reuseport = SO_REUSEADDR|SO_REUSEPORT; 2051a43cff9SSean Bruno /* 2061a43cff9SSean Bruno * XXX: How to deal with SO_REUSEPORT_LB here? 2071a43cff9SSean Bruno * Treat same as SO_REUSEPORT for now. 2081a43cff9SSean Bruno */ 2091a43cff9SSean Bruno if ((so->so_options & 2101a43cff9SSean Bruno (SO_REUSEADDR|SO_REUSEPORT_LB)) != 0) 2111a43cff9SSean Bruno reuseport_lb = SO_REUSEADDR|SO_REUSEPORT_LB; 21282cd038dSYoshinobu Inoue } else if (!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 213a68cc388SGleb Smirnoff struct epoch_tracker et; 2148c0fec80SRobert Watson struct ifaddr *ifa; 21582cd038dSYoshinobu Inoue 21682cd038dSYoshinobu Inoue sin6->sin6_port = 0; /* yech... */ 217a68cc388SGleb Smirnoff NET_EPOCH_ENTER(et); 2188c0fec80SRobert Watson if ((ifa = ifa_ifwithaddr((struct sockaddr *)sin6)) == 2198c0fec80SRobert Watson NULL && 220f44270e7SPawel Jakub Dawidek (inp->inp_flags & INP_BINDANY) == 0) { 221a68cc388SGleb Smirnoff NET_EPOCH_EXIT(et); 22282cd038dSYoshinobu Inoue return (EADDRNOTAVAIL); 223f44270e7SPawel Jakub Dawidek } 22482cd038dSYoshinobu Inoue 22582cd038dSYoshinobu Inoue /* 22682cd038dSYoshinobu Inoue * XXX: bind to an anycast address might accidentally 22782cd038dSYoshinobu Inoue * cause sending a packet with anycast source address. 22833841545SHajimu UMEMOTO * We should allow to bind to a deprecated address, since 2297efe5d92SHajimu UMEMOTO * the application dares to use it. 23082cd038dSYoshinobu Inoue */ 2318c0fec80SRobert Watson if (ifa != NULL && 2328c0fec80SRobert Watson ((struct in6_ifaddr *)ifa)->ia6_flags & 23333841545SHajimu UMEMOTO (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY|IN6_IFF_DETACHED)) { 234a68cc388SGleb Smirnoff NET_EPOCH_EXIT(et); 23582cd038dSYoshinobu Inoue return (EADDRNOTAVAIL); 23682cd038dSYoshinobu Inoue } 237a68cc388SGleb Smirnoff NET_EPOCH_EXIT(et); 23882cd038dSYoshinobu Inoue } 23982cd038dSYoshinobu Inoue if (lport) { 24082cd038dSYoshinobu Inoue struct inpcb *t; 24182cd038dSYoshinobu Inoue 24282cd038dSYoshinobu Inoue /* GROSS */ 243603724d3SBjoern A. Zeeb if (ntohs(lport) <= V_ipport_reservedhigh && 244603724d3SBjoern A. Zeeb ntohs(lport) >= V_ipport_reservedlow && 245cc426dd3SMateusz Guzik priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT)) 24682cd038dSYoshinobu Inoue return (EACCES); 247835d4b89SPawel Jakub Dawidek if (!IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr) && 248cc426dd3SMateusz Guzik priv_check_cred(inp->inp_cred, PRIV_NETINET_REUSEPORT) != 0) { 249fb59c426SYoshinobu Inoue t = in6_pcblookup_local(pcbinfo, 25082cd038dSYoshinobu Inoue &sin6->sin6_addr, lport, 251078b7042SBjoern A. Zeeb INPLOOKUP_WILDCARD, cred); 2523aff4ccdSMark Johnston if (t != NULL && 253f66145c6SYaroslav Tykhiy (so->so_type != SOCK_STREAM || 254f66145c6SYaroslav Tykhiy IN6_IS_ADDR_UNSPECIFIED(&t->in6p_faddr)) && 2554cc20ab1SSeigo Tanimura (!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr) || 25682cd038dSYoshinobu Inoue !IN6_IS_ADDR_UNSPECIFIED(&t->in6p_laddr) || 257e3ba0d6aSGleb Smirnoff (t->inp_socket->so_options & SO_REUSEPORT) || 258e3ba0d6aSGleb Smirnoff (t->inp_socket->so_options & SO_REUSEPORT_LB) == 0) && 259fc06cd42SMikolaj Golub (inp->inp_cred->cr_uid != 26086d02c5cSBjoern A. Zeeb t->inp_cred->cr_uid)) 26182cd038dSYoshinobu Inoue return (EADDRINUSE); 262c7c0d948SAdrian Chadd 26367107f45SBjoern A. Zeeb #ifdef INET 26433841545SHajimu UMEMOTO if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0 && 265fb59c426SYoshinobu Inoue IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 266fb59c426SYoshinobu Inoue struct sockaddr_in sin; 267fb59c426SYoshinobu Inoue 268fb59c426SYoshinobu Inoue in6_sin6_2_sin(&sin, sin6); 269fb59c426SYoshinobu Inoue t = in_pcblookup_local(pcbinfo, 270fb59c426SYoshinobu Inoue sin.sin_addr, lport, 271078b7042SBjoern A. Zeeb INPLOOKUP_WILDCARD, cred); 2723aff4ccdSMark Johnston if (t != NULL && 273f66145c6SYaroslav Tykhiy (so->so_type != SOCK_STREAM || 274f66145c6SYaroslav Tykhiy ntohl(t->inp_faddr.s_addr) == 275f66145c6SYaroslav Tykhiy INADDR_ANY) && 27686d02c5cSBjoern A. Zeeb (inp->inp_cred->cr_uid != 27786d02c5cSBjoern A. Zeeb t->inp_cred->cr_uid)) 278fb59c426SYoshinobu Inoue return (EADDRINUSE); 279fb59c426SYoshinobu Inoue } 28067107f45SBjoern A. Zeeb #endif 28182cd038dSYoshinobu Inoue } 28282cd038dSYoshinobu Inoue t = in6_pcblookup_local(pcbinfo, &sin6->sin6_addr, 28368e0d7e0SRobert Watson lport, lookupflags, cred); 284e3ba0d6aSGleb Smirnoff if (t && (reuseport & t->inp_socket->so_options) == 0 && 285e3ba0d6aSGleb Smirnoff (reuseport_lb & t->inp_socket->so_options) == 0) { 28629381b36SMikolaj Golub return (EADDRINUSE); 28729381b36SMikolaj Golub } 28867107f45SBjoern A. Zeeb #ifdef INET 28933841545SHajimu UMEMOTO if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0 && 290fb59c426SYoshinobu Inoue IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 291fb59c426SYoshinobu Inoue struct sockaddr_in sin; 292fb59c426SYoshinobu Inoue 293fb59c426SYoshinobu Inoue in6_sin6_2_sin(&sin, sin6); 294fb59c426SYoshinobu Inoue t = in_pcblookup_local(pcbinfo, sin.sin_addr, 29568e0d7e0SRobert Watson lport, lookupflags, cred); 2960d744519SGleb Smirnoff if (t && 297e3ba0d6aSGleb Smirnoff (reuseport & t->inp_socket->so_options) == 0 && 298e3ba0d6aSGleb Smirnoff (reuseport_lb & t->inp_socket->so_options) == 0 && 299fc06cd42SMikolaj Golub (ntohl(t->inp_laddr.s_addr) != INADDR_ANY || 3001a43cff9SSean Bruno (t->inp_vflag & INP_IPV6PROTO) != 0)) { 301fb59c426SYoshinobu Inoue return (EADDRINUSE); 302fb59c426SYoshinobu Inoue } 3031a43cff9SSean Bruno } 30467107f45SBjoern A. Zeeb #endif 30582cd038dSYoshinobu Inoue } 30682cd038dSYoshinobu Inoue inp->in6p_laddr = sin6->sin6_addr; 30782cd038dSYoshinobu Inoue } 30882cd038dSYoshinobu Inoue if (lport == 0) { 3094616026fSErmal Luçi if ((error = in6_pcbsetport(&inp->in6p_laddr, inp, cred)) != 0) { 3104a2b2562SBjoern A. Zeeb /* Undo an address bind that may have occurred. */ 3114a2b2562SBjoern A. Zeeb inp->in6p_laddr = in6addr_any; 312b89e82ddSJamie Gritton return (error); 3134a2b2562SBjoern A. Zeeb } 31455fd3bafSBjoern A. Zeeb } else { 31582cd038dSYoshinobu Inoue inp->inp_lport = lport; 31682cd038dSYoshinobu Inoue if (in_pcbinshash(inp) != 0) { 31782cd038dSYoshinobu Inoue inp->in6p_laddr = in6addr_any; 31882cd038dSYoshinobu Inoue inp->inp_lport = 0; 31982cd038dSYoshinobu Inoue return (EAGAIN); 32082cd038dSYoshinobu Inoue } 321686cdd19SJun-ichiro itojun Hagino } 32282cd038dSYoshinobu Inoue return (0); 32382cd038dSYoshinobu Inoue } 32482cd038dSYoshinobu Inoue 32582cd038dSYoshinobu Inoue /* 32682cd038dSYoshinobu Inoue * Transform old in6_pcbconnect() into an inner subroutine for new 32782cd038dSYoshinobu Inoue * in6_pcbconnect(): Do some validity-checking on the remote 32882cd038dSYoshinobu Inoue * address (in mbuf 'nam') and then determine local host address 32982cd038dSYoshinobu Inoue * (i.e., which interface) to use to access that remote host. 33082cd038dSYoshinobu Inoue * 33182cd038dSYoshinobu Inoue * This preserves definition of in6_pcbconnect(), while supporting a 33282cd038dSYoshinobu Inoue * slightly different version for T/TCP. (This is more than 33382cd038dSYoshinobu Inoue * a bit of a kludge, but cleaning up the internal interfaces would 33482cd038dSYoshinobu Inoue * have forced minor changes in every protocol). 33582cd038dSYoshinobu Inoue */ 336a7e201bbSAndrey V. Elsukov static int 337f161d294SMark Johnston in6_pcbladdr(struct inpcb *inp, struct sockaddr_in6 *sin6, 338*0bf5377bSAndrey V. Elsukov struct in6_addr *plocal_addr6, bool sas_required) 33982cd038dSYoshinobu Inoue { 34082cd038dSYoshinobu Inoue int error = 0; 341a1f7e5f8SHajimu UMEMOTO int scope_ambiguous = 0; 34288d166bfSBjoern A. Zeeb struct in6_addr in6a; 34382cd038dSYoshinobu Inoue 3443d76be28SGleb Smirnoff NET_EPOCH_ASSERT(); 3458501a69cSRobert Watson INP_WLOCK_ASSERT(inp); 346fa046d87SRobert Watson INP_HASH_WLOCK_ASSERT(inp->inp_pcbinfo); /* XXXRW: why? */ 3478deea4a8SRobert Watson 34882cd038dSYoshinobu Inoue if (sin6->sin6_port == 0) 34982cd038dSYoshinobu Inoue return (EADDRNOTAVAIL); 35082cd038dSYoshinobu Inoue 351603724d3SBjoern A. Zeeb if (sin6->sin6_scope_id == 0 && !V_ip6_use_defzone) 352a1f7e5f8SHajimu UMEMOTO scope_ambiguous = 1; 353603724d3SBjoern A. Zeeb if ((error = sa6_embedscope(sin6, V_ip6_use_defzone)) != 0) 354a1f7e5f8SHajimu UMEMOTO return(error); 355a1f7e5f8SHajimu UMEMOTO 356d7c5a620SMatt Macy if (!CK_STAILQ_EMPTY(&V_in6_ifaddrhead)) { 35782cd038dSYoshinobu Inoue /* 35882cd038dSYoshinobu Inoue * If the destination address is UNSPECIFIED addr, 35982cd038dSYoshinobu Inoue * use the loopback addr, e.g ::1. 36082cd038dSYoshinobu Inoue */ 36182cd038dSYoshinobu Inoue if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) 36282cd038dSYoshinobu Inoue sin6->sin6_addr = in6addr_loopback; 36382cd038dSYoshinobu Inoue } 364b89e82ddSJamie Gritton if ((error = prison_remote_ip6(inp->inp_cred, &sin6->sin6_addr)) != 0) 365b89e82ddSJamie Gritton return (error); 366a1f7e5f8SHajimu UMEMOTO 367*0bf5377bSAndrey V. Elsukov if (sas_required) { 368601c0b8bSAlexander V. Chernikov error = in6_selectsrc_socket(sin6, inp->in6p_outputopts, 369601c0b8bSAlexander V. Chernikov inp, inp->inp_cred, scope_ambiguous, &in6a, NULL); 37088d166bfSBjoern A. Zeeb if (error) 37188d166bfSBjoern A. Zeeb return (error); 372*0bf5377bSAndrey V. Elsukov } else { 373*0bf5377bSAndrey V. Elsukov /* 374*0bf5377bSAndrey V. Elsukov * Source address selection isn't required when syncache 375*0bf5377bSAndrey V. Elsukov * has already established connection and both source and 376*0bf5377bSAndrey V. Elsukov * destination addresses was chosen. 377*0bf5377bSAndrey V. Elsukov * 378*0bf5377bSAndrey V. Elsukov * This also includes the case when fwd_tag was used to 379*0bf5377bSAndrey V. Elsukov * select source address in tcp_input(). 380*0bf5377bSAndrey V. Elsukov */ 381*0bf5377bSAndrey V. Elsukov in6a = inp->in6p_laddr; 382*0bf5377bSAndrey V. Elsukov } 383*0bf5377bSAndrey V. Elsukov 384713264f6SMark Johnston if (IN6_IS_ADDR_UNSPECIFIED(&in6a)) 385713264f6SMark Johnston return (EHOSTUNREACH); 38688d166bfSBjoern A. Zeeb /* 38788d166bfSBjoern A. Zeeb * Do not update this earlier, in case we return with an error. 38888d166bfSBjoern A. Zeeb * 389601c0b8bSAlexander V. Chernikov * XXX: this in6_selectsrc_socket result might replace the bound local 390681ffdf9SBjoern A. Zeeb * address with the address specified by setsockopt(IPV6_PKTINFO). 39188d166bfSBjoern A. Zeeb * Is it the intended behavior? 39288d166bfSBjoern A. Zeeb */ 39388d166bfSBjoern A. Zeeb *plocal_addr6 = in6a; 39488d166bfSBjoern A. Zeeb 39582cd038dSYoshinobu Inoue /* 39682cd038dSYoshinobu Inoue * Don't do pcblookup call here; return interface in 39782cd038dSYoshinobu Inoue * plocal_addr6 39882cd038dSYoshinobu Inoue * and exit to caller, that will do the lookup. 39982cd038dSYoshinobu Inoue */ 400a1f7e5f8SHajimu UMEMOTO 40182cd038dSYoshinobu Inoue return (0); 40282cd038dSYoshinobu Inoue } 40382cd038dSYoshinobu Inoue 40482cd038dSYoshinobu Inoue /* 40582cd038dSYoshinobu Inoue * Outer subroutine: 40682cd038dSYoshinobu Inoue * Connect from a socket to a specified address. 40782cd038dSYoshinobu Inoue * Both address and port must be specified in argument sin. 40882cd038dSYoshinobu Inoue * If don't have a local address for this socket yet, 40982cd038dSYoshinobu Inoue * then pick one. 41082cd038dSYoshinobu Inoue */ 41182cd038dSYoshinobu Inoue int 412a9d22cceSGleb Smirnoff in6_pcbconnect(struct inpcb *inp, struct sockaddr_in6 *sin6, struct ucred *cred, 413*0bf5377bSAndrey V. Elsukov bool sas_required) 41482cd038dSYoshinobu Inoue { 415fa046d87SRobert Watson struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 41625102351SMike Karels struct sockaddr_in6 laddr6; 41782cd038dSYoshinobu Inoue int error; 41882cd038dSYoshinobu Inoue 4193d76be28SGleb Smirnoff NET_EPOCH_ASSERT(); 4203d76be28SGleb Smirnoff INP_WLOCK_ASSERT(inp); 4213d76be28SGleb Smirnoff INP_HASH_WLOCK_ASSERT(pcbinfo); 422f161d294SMark Johnston KASSERT(sin6->sin6_family == AF_INET6, 423f161d294SMark Johnston ("%s: invalid address family for %p", __func__, sin6)); 424f161d294SMark Johnston KASSERT(sin6->sin6_len == sizeof(*sin6), 425f161d294SMark Johnston ("%s: invalid address length for %p", __func__, sin6)); 426fdb987beSMark Johnston KASSERT(IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr), 427fdb987beSMark Johnston ("%s: inp is already connected", __func__)); 428f161d294SMark Johnston 42925102351SMike Karels bzero(&laddr6, sizeof(laddr6)); 43025102351SMike Karels laddr6.sin6_family = AF_INET6; 43125102351SMike Karels 4320c325f53SAlexander V. Chernikov #ifdef ROUTE_MPATH 4330c325f53SAlexander V. Chernikov if (CALC_FLOWID_OUTBOUND) { 4340c325f53SAlexander V. Chernikov uint32_t hash_type, hash_val; 4350c325f53SAlexander V. Chernikov 4360c325f53SAlexander V. Chernikov hash_val = fib6_calc_software_hash(&inp->in6p_laddr, 4370c325f53SAlexander V. Chernikov &sin6->sin6_addr, 0, sin6->sin6_port, 4380c325f53SAlexander V. Chernikov inp->inp_socket->so_proto->pr_protocol, &hash_type); 4390c325f53SAlexander V. Chernikov inp->inp_flowid = hash_val; 4400c325f53SAlexander V. Chernikov inp->inp_flowtype = hash_type; 4410c325f53SAlexander V. Chernikov } 4420c325f53SAlexander V. Chernikov #endif 44382cd038dSYoshinobu Inoue /* 44482cd038dSYoshinobu Inoue * Call inner routine, to assign local interface address. 44588ff5695SSUZUKI Shinsuke * in6_pcbladdr() may automatically fill in sin6_scope_id. 44682cd038dSYoshinobu Inoue */ 447*0bf5377bSAndrey V. Elsukov if ((error = in6_pcbladdr(inp, sin6, &laddr6.sin6_addr, 448*0bf5377bSAndrey V. Elsukov sas_required)) != 0) 44982cd038dSYoshinobu Inoue return (error); 45082cd038dSYoshinobu Inoue 451fa046d87SRobert Watson if (in6_pcblookup_hash_locked(pcbinfo, &sin6->sin6_addr, 4524130ea61SMark Johnston sin6->sin6_port, IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr) ? 4534130ea61SMark Johnston &laddr6.sin6_addr : &inp->in6p_laddr, inp->inp_lport, 0, 4544130ea61SMark Johnston M_NODOM) != NULL) 45582cd038dSYoshinobu Inoue return (EADDRINUSE); 45682cd038dSYoshinobu Inoue if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { 45782cd038dSYoshinobu Inoue if (inp->inp_lport == 0) { 45825102351SMike Karels error = in_pcb_lport_dest(inp, 45925102351SMike Karels (struct sockaddr *) &laddr6, &inp->inp_lport, 460440598ddSJonathan T. Looney (struct sockaddr *) sin6, sin6->sin6_port, cred, 461440598ddSJonathan T. Looney INPLOOKUP_WILDCARD); 4624616026fSErmal Luçi if (error) 46382cd038dSYoshinobu Inoue return (error); 46482cd038dSYoshinobu Inoue } 46525102351SMike Karels inp->in6p_laddr = laddr6.sin6_addr; 46682cd038dSYoshinobu Inoue } 46782cd038dSYoshinobu Inoue inp->in6p_faddr = sin6->sin6_addr; 46882cd038dSYoshinobu Inoue inp->inp_fport = sin6->sin6_port; 46933841545SHajimu UMEMOTO /* update flowinfo - draft-itojun-ipv6-flowlabel-api-00 */ 470fc384fa5SBjoern A. Zeeb inp->inp_flow &= ~IPV6_FLOWLABEL_MASK; 471fc384fa5SBjoern A. Zeeb if (inp->inp_flags & IN6P_AUTOFLOWLABEL) 472fc384fa5SBjoern A. Zeeb inp->inp_flow |= 473b79274baSHajimu UMEMOTO (htonl(ip6_randomflowlabel()) & IPV6_FLOWLABEL_MASK); 47482cd038dSYoshinobu Inoue 475fdb987beSMark Johnston if ((inp->inp_flags & INP_INHASHLIST) != 0) { 476db0ac6deSCy Schubert in_pcbrehash(inp); 477fe1274eeSMichael Tuexen } else { 478db0ac6deSCy Schubert in_pcbinshash(inp); 479fe1274eeSMichael Tuexen } 4802cb64cb2SGeorge V. Neville-Neil 48182cd038dSYoshinobu Inoue return (0); 48282cd038dSYoshinobu Inoue } 48382cd038dSYoshinobu Inoue 48482cd038dSYoshinobu Inoue void 4851272577eSXin LI in6_pcbdisconnect(struct inpcb *inp) 48682cd038dSYoshinobu Inoue { 48707385abdSRobert Watson 4888501a69cSRobert Watson INP_WLOCK_ASSERT(inp); 489fa046d87SRobert Watson INP_HASH_WLOCK_ASSERT(inp->inp_pcbinfo); 490fdb987beSMark Johnston KASSERT(inp->inp_smr == SMR_SEQ_INVALID, 491fdb987beSMark Johnston ("%s: inp %p was already disconnected", __func__, inp)); 49207385abdSRobert Watson 493fdb987beSMark Johnston in_pcbremhash_locked(inp); 494fdb987beSMark Johnston 495fdb987beSMark Johnston /* See the comment in in_pcbinshash(). */ 496fdb987beSMark Johnston inp->inp_smr = smr_advance(inp->inp_pcbinfo->ipi_smr); 497fdb987beSMark Johnston 498fdb987beSMark Johnston /* XXX-MJ torn writes are visible to SMR lookup */ 4992589ec0fSMark Johnston memset(&inp->in6p_laddr, 0, sizeof(inp->in6p_laddr)); 5002589ec0fSMark Johnston memset(&inp->in6p_faddr, 0, sizeof(inp->in6p_faddr)); 50182cd038dSYoshinobu Inoue inp->inp_fport = 0; 50233841545SHajimu UMEMOTO /* clear flowinfo - draft-itojun-ipv6-flowlabel-api-00 */ 503fc384fa5SBjoern A. Zeeb inp->inp_flow &= ~IPV6_FLOWLABEL_MASK; 50482cd038dSYoshinobu Inoue } 50582cd038dSYoshinobu Inoue 50626ef6ac4SDon Lewis struct sockaddr * 5071272577eSXin LI in6_sockaddr(in_port_t port, struct in6_addr *addr_p) 50826ef6ac4SDon Lewis { 50926ef6ac4SDon Lewis struct sockaddr_in6 *sin6; 51026ef6ac4SDon Lewis 5111ede983cSDag-Erling Smørgrav sin6 = malloc(sizeof *sin6, M_SONAME, M_WAITOK); 51226ef6ac4SDon Lewis bzero(sin6, sizeof *sin6); 51326ef6ac4SDon Lewis sin6->sin6_family = AF_INET6; 51426ef6ac4SDon Lewis sin6->sin6_len = sizeof(*sin6); 51526ef6ac4SDon Lewis sin6->sin6_port = port; 51626ef6ac4SDon Lewis sin6->sin6_addr = *addr_p; 517a1f7e5f8SHajimu UMEMOTO (void)sa6_recoverscope(sin6); /* XXX: should catch errors */ 51826ef6ac4SDon Lewis 51926ef6ac4SDon Lewis return (struct sockaddr *)sin6; 52026ef6ac4SDon Lewis } 52126ef6ac4SDon Lewis 52226ef6ac4SDon Lewis struct sockaddr * 5231272577eSXin LI in6_v4mapsin6_sockaddr(in_port_t port, struct in_addr *addr_p) 52426ef6ac4SDon Lewis { 52526ef6ac4SDon Lewis struct sockaddr_in sin; 52626ef6ac4SDon Lewis struct sockaddr_in6 *sin6_p; 52726ef6ac4SDon Lewis 52826ef6ac4SDon Lewis bzero(&sin, sizeof sin); 52926ef6ac4SDon Lewis sin.sin_family = AF_INET; 53026ef6ac4SDon Lewis sin.sin_len = sizeof(sin); 53126ef6ac4SDon Lewis sin.sin_port = port; 53226ef6ac4SDon Lewis sin.sin_addr = *addr_p; 53326ef6ac4SDon Lewis 5341ede983cSDag-Erling Smørgrav sin6_p = malloc(sizeof *sin6_p, M_SONAME, 535a163d034SWarner Losh M_WAITOK); 53626ef6ac4SDon Lewis in6_sin_2_v4mapsin6(&sin, sin6_p); 53726ef6ac4SDon Lewis 53826ef6ac4SDon Lewis return (struct sockaddr *)sin6_p; 53926ef6ac4SDon Lewis } 54026ef6ac4SDon Lewis 54182cd038dSYoshinobu Inoue int 5421272577eSXin LI in6_getsockaddr(struct socket *so, struct sockaddr **nam) 54382cd038dSYoshinobu Inoue { 5443e85b721SEd Maste struct inpcb *inp; 54526ef6ac4SDon Lewis struct in6_addr addr; 54626ef6ac4SDon Lewis in_port_t port; 54782cd038dSYoshinobu Inoue 54882cd038dSYoshinobu Inoue inp = sotoinpcb(so); 54954d642bbSRobert Watson KASSERT(inp != NULL, ("in6_getsockaddr: inp == NULL")); 55048477723SRobert Watson 5518328afb7SRobert Watson INP_RLOCK(inp); 55226ef6ac4SDon Lewis port = inp->inp_lport; 55326ef6ac4SDon Lewis addr = inp->in6p_laddr; 5548328afb7SRobert Watson INP_RUNLOCK(inp); 55582cd038dSYoshinobu Inoue 55626ef6ac4SDon Lewis *nam = in6_sockaddr(port, &addr); 55782cd038dSYoshinobu Inoue return 0; 55882cd038dSYoshinobu Inoue } 55982cd038dSYoshinobu Inoue 56082cd038dSYoshinobu Inoue int 5611272577eSXin LI in6_getpeeraddr(struct socket *so, struct sockaddr **nam) 56282cd038dSYoshinobu Inoue { 56382cd038dSYoshinobu Inoue struct inpcb *inp; 56426ef6ac4SDon Lewis struct in6_addr addr; 56526ef6ac4SDon Lewis in_port_t port; 56682cd038dSYoshinobu Inoue 56782cd038dSYoshinobu Inoue inp = sotoinpcb(so); 56854d642bbSRobert Watson KASSERT(inp != NULL, ("in6_getpeeraddr: inp == NULL")); 56948477723SRobert Watson 5708328afb7SRobert Watson INP_RLOCK(inp); 57126ef6ac4SDon Lewis port = inp->inp_fport; 57226ef6ac4SDon Lewis addr = inp->in6p_faddr; 5738328afb7SRobert Watson INP_RUNLOCK(inp); 57482cd038dSYoshinobu Inoue 57526ef6ac4SDon Lewis *nam = in6_sockaddr(port, &addr); 57682cd038dSYoshinobu Inoue return 0; 57782cd038dSYoshinobu Inoue } 57882cd038dSYoshinobu Inoue 57982cd038dSYoshinobu Inoue int 58082cd038dSYoshinobu Inoue in6_mapped_sockaddr(struct socket *so, struct sockaddr **nam) 58182cd038dSYoshinobu Inoue { 58248477723SRobert Watson struct inpcb *inp; 58382cd038dSYoshinobu Inoue int error; 58482cd038dSYoshinobu Inoue 58548477723SRobert Watson inp = sotoinpcb(so); 58648477723SRobert Watson KASSERT(inp != NULL, ("in6_mapped_sockaddr: inp == NULL")); 58748477723SRobert Watson 58867107f45SBjoern A. Zeeb #ifdef INET 5895fac4178SHajimu UMEMOTO if ((inp->inp_vflag & (INP_IPV4 | INP_IPV6)) == INP_IPV4) { 59054d642bbSRobert Watson error = in_getsockaddr(so, nam); 591369dc8ceSEivind Eklund if (error == 0) 59282cd038dSYoshinobu Inoue in6_sin_2_v4mapsin6_in_sock(nam); 59367107f45SBjoern A. Zeeb } else 59467107f45SBjoern A. Zeeb #endif 59567107f45SBjoern A. Zeeb { 59654d642bbSRobert Watson /* scope issues will be handled in in6_getsockaddr(). */ 59754d642bbSRobert Watson error = in6_getsockaddr(so, nam); 5987efe5d92SHajimu UMEMOTO } 59982cd038dSYoshinobu Inoue 60082cd038dSYoshinobu Inoue return error; 60182cd038dSYoshinobu Inoue } 60282cd038dSYoshinobu Inoue 60382cd038dSYoshinobu Inoue int 60482cd038dSYoshinobu Inoue in6_mapped_peeraddr(struct socket *so, struct sockaddr **nam) 60582cd038dSYoshinobu Inoue { 60648477723SRobert Watson struct inpcb *inp; 60782cd038dSYoshinobu Inoue int error; 60882cd038dSYoshinobu Inoue 60948477723SRobert Watson inp = sotoinpcb(so); 61048477723SRobert Watson KASSERT(inp != NULL, ("in6_mapped_peeraddr: inp == NULL")); 61148477723SRobert Watson 61267107f45SBjoern A. Zeeb #ifdef INET 6135fac4178SHajimu UMEMOTO if ((inp->inp_vflag & (INP_IPV4 | INP_IPV6)) == INP_IPV4) { 61454d642bbSRobert Watson error = in_getpeeraddr(so, nam); 615369dc8ceSEivind Eklund if (error == 0) 61682cd038dSYoshinobu Inoue in6_sin_2_v4mapsin6_in_sock(nam); 61782cd038dSYoshinobu Inoue } else 61867107f45SBjoern A. Zeeb #endif 61954d642bbSRobert Watson /* scope issues will be handled in in6_getpeeraddr(). */ 62054d642bbSRobert Watson error = in6_getpeeraddr(so, nam); 62182cd038dSYoshinobu Inoue 62282cd038dSYoshinobu Inoue return error; 62382cd038dSYoshinobu Inoue } 62482cd038dSYoshinobu Inoue 62582cd038dSYoshinobu Inoue /* 62682cd038dSYoshinobu Inoue * Pass some notification to all connections of a protocol 62782cd038dSYoshinobu Inoue * associated with address dst. The local address and/or port numbers 62882cd038dSYoshinobu Inoue * may be specified to limit the search. The "usual action" will be 62982cd038dSYoshinobu Inoue * taken, depending on the ctlinput cmd. The caller must filter any 63082cd038dSYoshinobu Inoue * cmds that are uninteresting (e.g., no error in the map). 63182cd038dSYoshinobu Inoue * Call the protocol specific routine (if any) to report 63282cd038dSYoshinobu Inoue * any errors for each matching socket. 63382cd038dSYoshinobu Inoue */ 634db0ac6deSCy Schubert static bool 635db0ac6deSCy Schubert inp_match6(const struct inpcb *inp, void *v __unused) 636db0ac6deSCy Schubert { 637db0ac6deSCy Schubert 638db0ac6deSCy Schubert return ((inp->inp_vflag & INP_IPV6) != 0); 639db0ac6deSCy Schubert } 640fcb3f813SGleb Smirnoff 64182cd038dSYoshinobu Inoue void 64243d39ca7SGleb Smirnoff in6_pcbnotify(struct inpcbinfo *pcbinfo, struct sockaddr_in6 *sa6_dst, 64343d39ca7SGleb Smirnoff u_int fport_arg, const struct sockaddr_in6 *src, u_int lport_arg, 644fcb3f813SGleb Smirnoff int errno, void *cmdarg, 6459233d8f3SDavid E. O'Brien struct inpcb *(*notify)(struct inpcb *, int)) 64682cd038dSYoshinobu Inoue { 647db0ac6deSCy Schubert struct inpcb_iterator inpi = INP_ITERATOR(pcbinfo, INPLOOKUP_WLOCKPCB, 648db0ac6deSCy Schubert inp_match6, NULL); 649db0ac6deSCy Schubert struct inpcb *inp; 65043d39ca7SGleb Smirnoff struct sockaddr_in6 sa6_src; 65182cd038dSYoshinobu Inoue u_short fport = fport_arg, lport = lport_arg; 65233841545SHajimu UMEMOTO u_int32_t flowinfo; 65333841545SHajimu UMEMOTO 65433841545SHajimu UMEMOTO if (IN6_IS_ADDR_UNSPECIFIED(&sa6_dst->sin6_addr)) 65582cd038dSYoshinobu Inoue return; 65682cd038dSYoshinobu Inoue 65782cd038dSYoshinobu Inoue /* 65833841545SHajimu UMEMOTO * note that src can be NULL when we get notify by local fragmentation. 65933841545SHajimu UMEMOTO */ 66043d39ca7SGleb Smirnoff sa6_src = (src == NULL) ? sa6_any : *src; 66133841545SHajimu UMEMOTO flowinfo = sa6_src.sin6_flowinfo; 66233841545SHajimu UMEMOTO 663db0ac6deSCy Schubert while ((inp = inp_next(&inpi)) != NULL) { 664db0ac6deSCy Schubert INP_WLOCK_ASSERT(inp); 665686cdd19SJun-ichiro itojun Hagino /* 666efddf5c6SHajimu UMEMOTO * If the error designates a new path MTU for a destination 667efddf5c6SHajimu UMEMOTO * and the application (associated with this socket) wanted to 6688f1beb88SAndrey V. Elsukov * know the value, notify. 669efddf5c6SHajimu UMEMOTO * XXX: should we avoid to notify the value to TCP sockets? 670efddf5c6SHajimu UMEMOTO */ 671fcb3f813SGleb Smirnoff if (errno == EMSGSIZE && cmdarg != NULL) 67243d39ca7SGleb Smirnoff ip6_notify_pmtu(inp, sa6_dst, *(uint32_t *)cmdarg); 673efddf5c6SHajimu UMEMOTO 674efddf5c6SHajimu UMEMOTO /* 67533841545SHajimu UMEMOTO * Detect if we should notify the error. If no source and 67604389c85SGordon Bergling * destination ports are specified, but non-zero flowinfo and 67733841545SHajimu UMEMOTO * local address match, notify the error. This is the case 67833841545SHajimu UMEMOTO * when the error is delivered with an encrypted buffer 67933841545SHajimu UMEMOTO * by ESP. Otherwise, just compare addresses and ports 68033841545SHajimu UMEMOTO * as usual. 681686cdd19SJun-ichiro itojun Hagino */ 68233841545SHajimu UMEMOTO if (lport == 0 && fport == 0 && flowinfo && 68333841545SHajimu UMEMOTO inp->inp_socket != NULL && 684fc384fa5SBjoern A. Zeeb flowinfo == (inp->inp_flow & IPV6_FLOWLABEL_MASK) && 68533841545SHajimu UMEMOTO IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, &sa6_src.sin6_addr)) 68633841545SHajimu UMEMOTO goto do_notify; 68733841545SHajimu UMEMOTO else if (!IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, 68833841545SHajimu UMEMOTO &sa6_dst->sin6_addr) || 68982cd038dSYoshinobu Inoue inp->inp_socket == 0 || 69082cd038dSYoshinobu Inoue (lport && inp->inp_lport != lport) || 69133841545SHajimu UMEMOTO (!IN6_IS_ADDR_UNSPECIFIED(&sa6_src.sin6_addr) && 69233841545SHajimu UMEMOTO !IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, 69333841545SHajimu UMEMOTO &sa6_src.sin6_addr)) || 694f31f65a7SRobert Watson (fport && inp->inp_fport != fport)) { 69582cd038dSYoshinobu Inoue continue; 696f31f65a7SRobert Watson } 697686cdd19SJun-ichiro itojun Hagino 69833841545SHajimu UMEMOTO do_notify: 699db0ac6deSCy Schubert if (notify) 700db0ac6deSCy Schubert (*notify)(inp, errno); 70182cd038dSYoshinobu Inoue } 70282cd038dSYoshinobu Inoue } 70382cd038dSYoshinobu Inoue 70482cd038dSYoshinobu Inoue /* 705fa046d87SRobert Watson * Lookup a PCB based on the local address and port. Caller must hold the 706fa046d87SRobert Watson * hash lock. No inpcb locks or references are acquired. 70782cd038dSYoshinobu Inoue */ 70882cd038dSYoshinobu Inoue struct inpcb * 7091272577eSXin LI in6_pcblookup_local(struct inpcbinfo *pcbinfo, struct in6_addr *laddr, 71068e0d7e0SRobert Watson u_short lport, int lookupflags, struct ucred *cred) 71182cd038dSYoshinobu Inoue { 7123e85b721SEd Maste struct inpcb *inp; 71382cd038dSYoshinobu Inoue int matchwild = 3, wildcard; 71482cd038dSYoshinobu Inoue 71568e0d7e0SRobert Watson KASSERT((lookupflags & ~(INPLOOKUP_WILDCARD)) == 0, 71668e0d7e0SRobert Watson ("%s: invalid lookup flags %d", __func__, lookupflags)); 71768e0d7e0SRobert Watson 718c17cd08fSGleb Smirnoff INP_HASH_LOCK_ASSERT(pcbinfo); 7198deea4a8SRobert Watson 72068e0d7e0SRobert Watson if ((lookupflags & INPLOOKUP_WILDCARD) == 0) { 72182cd038dSYoshinobu Inoue struct inpcbhead *head; 72282cd038dSYoshinobu Inoue /* 72382cd038dSYoshinobu Inoue * Look for an unconnected (wildcard foreign addr) PCB that 72482cd038dSYoshinobu Inoue * matches the local address and port we're looking for. 72582cd038dSYoshinobu Inoue */ 726fdb987beSMark Johnston head = &pcbinfo->ipi_hash_wild[INP_PCBHASH_WILD(lport, 7271b44e5ffSAndrey V. Elsukov pcbinfo->ipi_hashmask)]; 728fdb987beSMark Johnston CK_LIST_FOREACH(inp, head, inp_hash_wild) { 729413628a7SBjoern A. Zeeb /* XXX inp locking */ 730369dc8ceSEivind Eklund if ((inp->inp_vflag & INP_IPV6) == 0) 73182cd038dSYoshinobu Inoue continue; 73282cd038dSYoshinobu Inoue if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) && 73382cd038dSYoshinobu Inoue IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr) && 73482cd038dSYoshinobu Inoue inp->inp_lport == lport) { 735413628a7SBjoern A. Zeeb /* Found. */ 736ac1750ddSMark Johnston if (prison_equal_ip6(cred->cr_prison, 7370304c731SJamie Gritton inp->inp_cred->cr_prison)) 73882cd038dSYoshinobu Inoue return (inp); 73982cd038dSYoshinobu Inoue } 74082cd038dSYoshinobu Inoue } 74182cd038dSYoshinobu Inoue /* 74282cd038dSYoshinobu Inoue * Not found. 74382cd038dSYoshinobu Inoue */ 74482cd038dSYoshinobu Inoue return (NULL); 74582cd038dSYoshinobu Inoue } else { 74682cd038dSYoshinobu Inoue struct inpcbporthead *porthash; 74782cd038dSYoshinobu Inoue struct inpcbport *phd; 74882cd038dSYoshinobu Inoue struct inpcb *match = NULL; 74982cd038dSYoshinobu Inoue /* 75082cd038dSYoshinobu Inoue * Best fit PCB lookup. 75182cd038dSYoshinobu Inoue * 75282cd038dSYoshinobu Inoue * First see if this local port is in use by looking on the 75382cd038dSYoshinobu Inoue * port hash list. 75482cd038dSYoshinobu Inoue */ 755712fc218SRobert Watson porthash = &pcbinfo->ipi_porthashbase[INP_PCBPORTHASH(lport, 756712fc218SRobert Watson pcbinfo->ipi_porthashmask)]; 757b872626dSMatt Macy CK_LIST_FOREACH(phd, porthash, phd_hash) { 75882cd038dSYoshinobu Inoue if (phd->phd_port == lport) 75982cd038dSYoshinobu Inoue break; 76082cd038dSYoshinobu Inoue } 76182cd038dSYoshinobu Inoue if (phd != NULL) { 76282cd038dSYoshinobu Inoue /* 76382cd038dSYoshinobu Inoue * Port is in use by one or more PCBs. Look for best 76482cd038dSYoshinobu Inoue * fit. 76582cd038dSYoshinobu Inoue */ 766b872626dSMatt Macy CK_LIST_FOREACH(inp, &phd->phd_pcblist, inp_portlist) { 76782cd038dSYoshinobu Inoue wildcard = 0; 768ac1750ddSMark Johnston if (!prison_equal_ip6(cred->cr_prison, 7690304c731SJamie Gritton inp->inp_cred->cr_prison)) 770413628a7SBjoern A. Zeeb continue; 771413628a7SBjoern A. Zeeb /* XXX inp locking */ 772369dc8ceSEivind Eklund if ((inp->inp_vflag & INP_IPV6) == 0) 77382cd038dSYoshinobu Inoue continue; 77482cd038dSYoshinobu Inoue if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr)) 77582cd038dSYoshinobu Inoue wildcard++; 77682cd038dSYoshinobu Inoue if (!IN6_IS_ADDR_UNSPECIFIED( 77782cd038dSYoshinobu Inoue &inp->in6p_laddr)) { 77882cd038dSYoshinobu Inoue if (IN6_IS_ADDR_UNSPECIFIED(laddr)) 77982cd038dSYoshinobu Inoue wildcard++; 78082cd038dSYoshinobu Inoue else if (!IN6_ARE_ADDR_EQUAL( 78182cd038dSYoshinobu Inoue &inp->in6p_laddr, laddr)) 78282cd038dSYoshinobu Inoue continue; 78382cd038dSYoshinobu Inoue } else { 78482cd038dSYoshinobu Inoue if (!IN6_IS_ADDR_UNSPECIFIED(laddr)) 78582cd038dSYoshinobu Inoue wildcard++; 78682cd038dSYoshinobu Inoue } 78782cd038dSYoshinobu Inoue if (wildcard < matchwild) { 78882cd038dSYoshinobu Inoue match = inp; 78982cd038dSYoshinobu Inoue matchwild = wildcard; 790413628a7SBjoern A. Zeeb if (matchwild == 0) 79182cd038dSYoshinobu Inoue break; 79282cd038dSYoshinobu Inoue } 79382cd038dSYoshinobu Inoue } 79482cd038dSYoshinobu Inoue } 79582cd038dSYoshinobu Inoue return (match); 79682cd038dSYoshinobu Inoue } 79782cd038dSYoshinobu Inoue } 79882cd038dSYoshinobu Inoue 799db0ac6deSCy Schubert static bool 800db0ac6deSCy Schubert in6_multi_match(const struct inpcb *inp, void *v __unused) 801db0ac6deSCy Schubert { 802db0ac6deSCy Schubert 803db0ac6deSCy Schubert if ((inp->inp_vflag & INP_IPV6) && inp->in6p_moptions != NULL) 804db0ac6deSCy Schubert return (true); 805db0ac6deSCy Schubert else 806db0ac6deSCy Schubert return (false); 807db0ac6deSCy Schubert } 808db0ac6deSCy Schubert 809e43cc4aeSHajimu UMEMOTO void 8101272577eSXin LI in6_pcbpurgeif0(struct inpcbinfo *pcbinfo, struct ifnet *ifp) 811e43cc4aeSHajimu UMEMOTO { 812db0ac6deSCy Schubert struct inpcb_iterator inpi = INP_ITERATOR(pcbinfo, INPLOOKUP_RLOCKPCB, 813db0ac6deSCy Schubert in6_multi_match, NULL); 8140ecd976eSBjoern A. Zeeb struct inpcb *inp; 81559854ecfSHans Petter Selasky struct in6_multi *inm; 81659854ecfSHans Petter Selasky struct in6_mfilter *imf; 817e43cc4aeSHajimu UMEMOTO struct ip6_moptions *im6o; 818e43cc4aeSHajimu UMEMOTO 819db0ac6deSCy Schubert IN6_MULTI_LOCK_ASSERT(); 820db0ac6deSCy Schubert 821db0ac6deSCy Schubert while ((inp = inp_next(&inpi)) != NULL) { 822db0ac6deSCy Schubert INP_RLOCK_ASSERT(inp); 823db0ac6deSCy Schubert 8240ecd976eSBjoern A. Zeeb im6o = inp->in6p_moptions; 825e43cc4aeSHajimu UMEMOTO /* 82633cde130SBruce M Simpson * Unselect the outgoing ifp for multicast if it 82733cde130SBruce M Simpson * is being detached. 828e43cc4aeSHajimu UMEMOTO */ 829e43cc4aeSHajimu UMEMOTO if (im6o->im6o_multicast_ifp == ifp) 830e43cc4aeSHajimu UMEMOTO im6o->im6o_multicast_ifp = NULL; 831e43cc4aeSHajimu UMEMOTO /* 832e43cc4aeSHajimu UMEMOTO * Drop multicast group membership if we joined 833e43cc4aeSHajimu UMEMOTO * through the interface being detached. 834e43cc4aeSHajimu UMEMOTO */ 83559854ecfSHans Petter Selasky restart: 83659854ecfSHans Petter Selasky IP6_MFILTER_FOREACH(imf, &im6o->im6o_head) { 83759854ecfSHans Petter Selasky if ((inm = imf->im6f_in6m) == NULL) 83859854ecfSHans Petter Selasky continue; 83959854ecfSHans Petter Selasky if (inm->in6m_ifp != ifp) 84059854ecfSHans Petter Selasky continue; 84159854ecfSHans Petter Selasky ip6_mfilter_remove(&im6o->im6o_head, imf); 84259854ecfSHans Petter Selasky in6_leavegroup_locked(inm, NULL); 84359854ecfSHans Petter Selasky ip6_mfilter_free(imf); 84459854ecfSHans Petter Selasky goto restart; 845e43cc4aeSHajimu UMEMOTO } 846e43cc4aeSHajimu UMEMOTO } 847e43cc4aeSHajimu UMEMOTO } 848e43cc4aeSHajimu UMEMOTO 84982cd038dSYoshinobu Inoue /* 85082cd038dSYoshinobu Inoue * Check for alternatives when higher level complains 85182cd038dSYoshinobu Inoue * about service problems. For now, invalidate cached 85282cd038dSYoshinobu Inoue * routing information. If the route was created dynamically 85382cd038dSYoshinobu Inoue * (by a redirect), time to try a default gateway again. 85482cd038dSYoshinobu Inoue */ 85582cd038dSYoshinobu Inoue void 856ec86402eSBjoern A. Zeeb in6_losing(struct inpcb *inp) 85782cd038dSYoshinobu Inoue { 8581272577eSXin LI 859ec86402eSBjoern A. Zeeb RO_INVALIDATE_CACHE(&inp->inp_route6); 86082cd038dSYoshinobu Inoue } 86182cd038dSYoshinobu Inoue 86282cd038dSYoshinobu Inoue /* 86382cd038dSYoshinobu Inoue * After a routing change, flush old routing 86482cd038dSYoshinobu Inoue * and allocate a (hopefully) better one. 86582cd038dSYoshinobu Inoue */ 8663ce144eaSJeffrey Hsu struct inpcb * 867ec86402eSBjoern A. Zeeb in6_rtchange(struct inpcb *inp, int errno __unused) 86882cd038dSYoshinobu Inoue { 86984cc0778SGeorge V. Neville-Neil 870ec86402eSBjoern A. Zeeb RO_INVALIDATE_CACHE(&inp->inp_route6); 8713ce144eaSJeffrey Hsu return inp; 87282cd038dSYoshinobu Inoue } 87382cd038dSYoshinobu Inoue 874d93ec8cbSMark Johnston static bool 875d93ec8cbSMark Johnston in6_pcblookup_lb_numa_match(const struct inpcblbgroup *grp, int domain) 876d93ec8cbSMark Johnston { 877d93ec8cbSMark Johnston return (domain == M_NODOM || domain == grp->il_numa_domain); 878d93ec8cbSMark Johnston } 879d93ec8cbSMark Johnston 8801a43cff9SSean Bruno static struct inpcb * 8811a43cff9SSean Bruno in6_pcblookup_lbgroup(const struct inpcbinfo *pcbinfo, 8824130ea61SMark Johnston const struct in6_addr *faddr, uint16_t fport, const struct in6_addr *laddr, 8834130ea61SMark Johnston uint16_t lport, uint8_t domain) 8841a43cff9SSean Bruno { 8851a43cff9SSean Bruno const struct inpcblbgrouphead *hdr; 8861a43cff9SSean Bruno struct inpcblbgroup *grp; 887d93ec8cbSMark Johnston struct inpcblbgroup *jail_exact, *jail_wild, *local_exact, *local_wild; 8881a43cff9SSean Bruno 8891a43cff9SSean Bruno INP_HASH_LOCK_ASSERT(pcbinfo); 8901a43cff9SSean Bruno 8919d2877fcSMark Johnston hdr = &pcbinfo->ipi_lbgrouphashbase[ 8929d2877fcSMark Johnston INP_PCBPORTHASH(lport, pcbinfo->ipi_lbgrouphashmask)]; 8931a43cff9SSean Bruno 8941a43cff9SSean Bruno /* 895d93ec8cbSMark Johnston * Search for an LB group match based on the following criteria: 896d93ec8cbSMark Johnston * - prefer jailed groups to non-jailed groups 897d93ec8cbSMark Johnston * - prefer exact source address matches to wildcard matches 898d93ec8cbSMark Johnston * - prefer groups bound to the specified NUMA domain 8991a43cff9SSean Bruno */ 900d93ec8cbSMark Johnston jail_exact = jail_wild = local_exact = local_wild = NULL; 90154af3d0dSMark Johnston CK_LIST_FOREACH(grp, hdr, il_list) { 902d93ec8cbSMark Johnston bool injail; 903d93ec8cbSMark Johnston 9044b82a7b6SAndrew Gallatin #ifdef INET 9054b82a7b6SAndrew Gallatin if (!(grp->il_vflag & INP_IPV6)) 9064b82a7b6SAndrew Gallatin continue; 9074b82a7b6SAndrew Gallatin #endif 908d3a4b0daSMark Johnston if (grp->il_lport != lport) 909d3a4b0daSMark Johnston continue; 9101a43cff9SSean Bruno 911d93ec8cbSMark Johnston injail = prison_flag(grp->il_cred, PR_IP6) != 0; 912d93ec8cbSMark Johnston if (injail && prison_check_ip6_locked(grp->il_cred->cr_prison, 913d93ec8cbSMark Johnston laddr) != 0) 914d93ec8cbSMark Johnston continue; 915d93ec8cbSMark Johnston 916a034518aSAndrew Gallatin if (IN6_ARE_ADDR_EQUAL(&grp->il6_laddr, laddr)) { 917d93ec8cbSMark Johnston if (injail) { 918d93ec8cbSMark Johnston jail_exact = grp; 919d93ec8cbSMark Johnston if (in6_pcblookup_lb_numa_match(grp, domain)) 920d93ec8cbSMark Johnston /* This is a perfect match. */ 921d93ec8cbSMark Johnston goto out; 922d93ec8cbSMark Johnston } else if (local_exact == NULL || 923d93ec8cbSMark Johnston in6_pcblookup_lb_numa_match(grp, domain)) { 924d93ec8cbSMark Johnston local_exact = grp; 925a034518aSAndrew Gallatin } 9264130ea61SMark Johnston } else if (IN6_IS_ADDR_UNSPECIFIED(&grp->il6_laddr)) { 927d93ec8cbSMark Johnston if (injail) { 928d93ec8cbSMark Johnston if (jail_wild == NULL || 929d93ec8cbSMark Johnston in6_pcblookup_lb_numa_match(grp, domain)) 930d93ec8cbSMark Johnston jail_wild = grp; 931d93ec8cbSMark Johnston } else if (local_wild == NULL || 932d93ec8cbSMark Johnston in6_pcblookup_lb_numa_match(grp, domain)) { 933d93ec8cbSMark Johnston local_wild = grp; 934d93ec8cbSMark Johnston } 935d93ec8cbSMark Johnston } 936d93ec8cbSMark Johnston } 937d93ec8cbSMark Johnston 938d93ec8cbSMark Johnston if (jail_exact != NULL) 939d93ec8cbSMark Johnston grp = jail_exact; 940d93ec8cbSMark Johnston else if (jail_wild != NULL) 941d93ec8cbSMark Johnston grp = jail_wild; 942d93ec8cbSMark Johnston else if (local_exact != NULL) 943d93ec8cbSMark Johnston grp = local_exact; 944a034518aSAndrew Gallatin else 945d93ec8cbSMark Johnston grp = local_wild; 946d93ec8cbSMark Johnston if (grp == NULL) 947d93ec8cbSMark Johnston return (NULL); 948d93ec8cbSMark Johnston out: 949d93ec8cbSMark Johnston return (grp->il_inp[INP6_PCBLBGROUP_PKTHASH(faddr, lport, fport) % 950d93ec8cbSMark Johnston grp->il_inpcnt]); 9511a43cff9SSean Bruno } 9521a43cff9SSean Bruno 9533e98dcb3SMark Johnston static bool 9543e98dcb3SMark Johnston in6_pcblookup_exact_match(const struct inpcb *inp, const struct in6_addr *faddr, 9553e98dcb3SMark Johnston u_short fport, const struct in6_addr *laddr, u_short lport) 9563e98dcb3SMark Johnston { 9573e98dcb3SMark Johnston /* XXX inp locking */ 9583e98dcb3SMark Johnston if ((inp->inp_vflag & INP_IPV6) == 0) 9593e98dcb3SMark Johnston return (false); 9603e98dcb3SMark Johnston if (IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, faddr) && 9613e98dcb3SMark Johnston IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr) && 9623e98dcb3SMark Johnston inp->inp_fport == fport && inp->inp_lport == lport) 9633e98dcb3SMark Johnston return (true); 9643e98dcb3SMark Johnston return (false); 9653e98dcb3SMark Johnston } 9663e98dcb3SMark Johnston 9674130ea61SMark Johnston static struct inpcb * 9687b92493aSMark Johnston in6_pcblookup_hash_exact(struct inpcbinfo *pcbinfo, 9697b92493aSMark Johnston const struct in6_addr *faddr, u_short fport, 9707b92493aSMark Johnston const struct in6_addr *laddr, u_short lport) 97182cd038dSYoshinobu Inoue { 97282cd038dSYoshinobu Inoue struct inpcbhead *head; 9733e98dcb3SMark Johnston struct inpcb *inp; 97468e0d7e0SRobert Watson 975fa046d87SRobert Watson INP_HASH_LOCK_ASSERT(pcbinfo); 9768deea4a8SRobert Watson 97782cd038dSYoshinobu Inoue /* 97882cd038dSYoshinobu Inoue * First look for an exact match. 97982cd038dSYoshinobu Inoue */ 980fdb987beSMark Johnston head = &pcbinfo->ipi_hash_exact[INP6_PCBHASH(faddr, lport, fport, 981a0577692SGleb Smirnoff pcbinfo->ipi_hashmask)]; 982fdb987beSMark Johnston CK_LIST_FOREACH(inp, head, inp_hash_exact) { 9833e98dcb3SMark Johnston if (in6_pcblookup_exact_match(inp, faddr, fport, laddr, lport)) 98482cd038dSYoshinobu Inoue return (inp); 98582cd038dSYoshinobu Inoue } 9863e98dcb3SMark Johnston return (NULL); 9873e98dcb3SMark Johnston } 9883e98dcb3SMark Johnston 9893e98dcb3SMark Johnston typedef enum { 9903e98dcb3SMark Johnston INPLOOKUP_MATCH_NONE = 0, 9913e98dcb3SMark Johnston INPLOOKUP_MATCH_WILD = 1, 9923e98dcb3SMark Johnston INPLOOKUP_MATCH_LADDR = 2, 9933e98dcb3SMark Johnston } inp_lookup_match_t; 9943e98dcb3SMark Johnston 9953e98dcb3SMark Johnston static inp_lookup_match_t 9963e98dcb3SMark Johnston in6_pcblookup_wild_match(const struct inpcb *inp, const struct in6_addr *laddr, 9973e98dcb3SMark Johnston u_short lport) 9983e98dcb3SMark Johnston { 9993e98dcb3SMark Johnston /* XXX inp locking */ 10003e98dcb3SMark Johnston if ((inp->inp_vflag & INP_IPV6) == 0) 10013e98dcb3SMark Johnston return (INPLOOKUP_MATCH_NONE); 10023e98dcb3SMark Johnston if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) || 10033e98dcb3SMark Johnston inp->inp_lport != lport) 10043e98dcb3SMark Johnston return (INPLOOKUP_MATCH_NONE); 10053e98dcb3SMark Johnston if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) 10063e98dcb3SMark Johnston return (INPLOOKUP_MATCH_WILD); 10073e98dcb3SMark Johnston if (IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr)) 10083e98dcb3SMark Johnston return (INPLOOKUP_MATCH_LADDR); 10093e98dcb3SMark Johnston return (INPLOOKUP_MATCH_NONE); 10104130ea61SMark Johnston } 101182cd038dSYoshinobu Inoue 10127b92493aSMark Johnston #define INP_LOOKUP_AGAIN ((struct inpcb *)(uintptr_t)-1) 10137b92493aSMark Johnston 10147b92493aSMark Johnston static struct inpcb * 10157b92493aSMark Johnston in6_pcblookup_hash_wild_smr(struct inpcbinfo *pcbinfo, 10167b92493aSMark Johnston const struct in6_addr *faddr, u_short fport, const struct in6_addr *laddr, 10177b92493aSMark Johnston u_short lport, const inp_lookup_t lockflags) 10187b92493aSMark Johnston { 10197b92493aSMark Johnston struct inpcbhead *head; 10207b92493aSMark Johnston struct inpcb *inp; 10217b92493aSMark Johnston 10227b92493aSMark Johnston KASSERT(SMR_ENTERED(pcbinfo->ipi_smr), 10237b92493aSMark Johnston ("%s: not in SMR read section", __func__)); 10247b92493aSMark Johnston 10257b92493aSMark Johnston head = &pcbinfo->ipi_hash_wild[INP_PCBHASH_WILD(lport, 10267b92493aSMark Johnston pcbinfo->ipi_hashmask)]; 10277b92493aSMark Johnston CK_LIST_FOREACH(inp, head, inp_hash_wild) { 10287b92493aSMark Johnston inp_lookup_match_t match; 10297b92493aSMark Johnston 10307b92493aSMark Johnston match = in6_pcblookup_wild_match(inp, laddr, lport); 10317b92493aSMark Johnston if (match == INPLOOKUP_MATCH_NONE) 10327b92493aSMark Johnston continue; 10337b92493aSMark Johnston 10347b92493aSMark Johnston if (__predict_true(inp_smr_lock(inp, lockflags))) { 1035a306ed50SMark Johnston match = in6_pcblookup_wild_match(inp, laddr, lport); 1036a306ed50SMark Johnston if (match != INPLOOKUP_MATCH_NONE && 1037a306ed50SMark Johnston prison_check_ip6_locked(inp->inp_cred->cr_prison, 1038a306ed50SMark Johnston laddr) == 0) 10397b92493aSMark Johnston return (inp); 10407b92493aSMark Johnston inp_unlock(inp, lockflags); 10417b92493aSMark Johnston } 10427b92493aSMark Johnston 10437b92493aSMark Johnston /* 10447b92493aSMark Johnston * The matching socket disappeared out from under us. Fall back 10457b92493aSMark Johnston * to a serialized lookup. 10467b92493aSMark Johnston */ 10477b92493aSMark Johnston return (INP_LOOKUP_AGAIN); 10487b92493aSMark Johnston } 10497b92493aSMark Johnston return (NULL); 10507b92493aSMark Johnston } 10517b92493aSMark Johnston 10524130ea61SMark Johnston static struct inpcb * 10534130ea61SMark Johnston in6_pcblookup_hash_wild_locked(struct inpcbinfo *pcbinfo, 10547b92493aSMark Johnston const struct in6_addr *faddr, u_short fport, const struct in6_addr *laddr, 10554130ea61SMark Johnston u_short lport) 10564130ea61SMark Johnston { 10574130ea61SMark Johnston struct inpcbhead *head; 10584130ea61SMark Johnston struct inpcb *inp, *jail_wild, *local_exact, *local_wild; 1059d93ec8cbSMark Johnston 10603e98dcb3SMark Johnston INP_HASH_LOCK_ASSERT(pcbinfo); 10613e98dcb3SMark Johnston 1062d93ec8cbSMark Johnston /* 1063413628a7SBjoern A. Zeeb * Order of socket selection - we always prefer jails. 1064413628a7SBjoern A. Zeeb * 1. jailed, non-wild. 1065413628a7SBjoern A. Zeeb * 2. jailed, wild. 1066413628a7SBjoern A. Zeeb * 3. non-jailed, non-wild. 1067413628a7SBjoern A. Zeeb * 4. non-jailed, wild. 1068413628a7SBjoern A. Zeeb */ 1069fdb987beSMark Johnston head = &pcbinfo->ipi_hash_wild[INP_PCBHASH_WILD(lport, 10701b44e5ffSAndrey V. Elsukov pcbinfo->ipi_hashmask)]; 10714130ea61SMark Johnston local_wild = local_exact = jail_wild = NULL; 1072fdb987beSMark Johnston CK_LIST_FOREACH(inp, head, inp_hash_wild) { 10733e98dcb3SMark Johnston inp_lookup_match_t match; 10744130ea61SMark Johnston bool injail; 10754130ea61SMark Johnston 10763e98dcb3SMark Johnston match = in6_pcblookup_wild_match(inp, laddr, lport); 10773e98dcb3SMark Johnston if (match == INPLOOKUP_MATCH_NONE) 107882cd038dSYoshinobu Inoue continue; 1079413628a7SBjoern A. Zeeb 10804130ea61SMark Johnston injail = prison_flag(inp->inp_cred, PR_IP6) != 0; 1081413628a7SBjoern A. Zeeb if (injail) { 1082185e659cSGleb Smirnoff if (prison_check_ip6_locked( 1083185e659cSGleb Smirnoff inp->inp_cred->cr_prison, laddr) != 0) 1084413628a7SBjoern A. Zeeb continue; 1085413628a7SBjoern A. Zeeb } else { 1086413628a7SBjoern A. Zeeb if (local_exact != NULL) 1087413628a7SBjoern A. Zeeb continue; 1088413628a7SBjoern A. Zeeb } 1089413628a7SBjoern A. Zeeb 10903e98dcb3SMark Johnston if (match == INPLOOKUP_MATCH_LADDR) { 1091413628a7SBjoern A. Zeeb if (injail) 109282cd038dSYoshinobu Inoue return (inp); 1093413628a7SBjoern A. Zeeb else 1094413628a7SBjoern A. Zeeb local_exact = inp; 10953e98dcb3SMark Johnston } else { 1096413628a7SBjoern A. Zeeb if (injail) 1097413628a7SBjoern A. Zeeb jail_wild = inp; 1098413628a7SBjoern A. Zeeb else 109982cd038dSYoshinobu Inoue local_wild = inp; 110082cd038dSYoshinobu Inoue } 11014130ea61SMark Johnston } 1102413628a7SBjoern A. Zeeb 1103413628a7SBjoern A. Zeeb if (jail_wild != NULL) 1104413628a7SBjoern A. Zeeb return (jail_wild); 1105413628a7SBjoern A. Zeeb if (local_exact != NULL) 1106413628a7SBjoern A. Zeeb return (local_exact); 1107413628a7SBjoern A. Zeeb if (local_wild != NULL) 110882cd038dSYoshinobu Inoue return (local_wild); 110982cd038dSYoshinobu Inoue return (NULL); 111082cd038dSYoshinobu Inoue } 111182cd038dSYoshinobu Inoue 11124130ea61SMark Johnston struct inpcb * 11137b92493aSMark Johnston in6_pcblookup_hash_locked(struct inpcbinfo *pcbinfo, 11147b92493aSMark Johnston const struct in6_addr *faddr, u_int fport_arg, 11157b92493aSMark Johnston const struct in6_addr *laddr, u_int lport_arg, 11164130ea61SMark Johnston int lookupflags, uint8_t numa_domain) 11174130ea61SMark Johnston { 11184130ea61SMark Johnston struct inpcb *inp; 11194130ea61SMark Johnston u_short fport = fport_arg, lport = lport_arg; 11204130ea61SMark Johnston 11214130ea61SMark Johnston KASSERT((lookupflags & ~INPLOOKUP_WILDCARD) == 0, 11224130ea61SMark Johnston ("%s: invalid lookup flags %d", __func__, lookupflags)); 11234130ea61SMark Johnston KASSERT(!IN6_IS_ADDR_UNSPECIFIED(faddr), 11244130ea61SMark Johnston ("%s: invalid foreign address", __func__)); 11254130ea61SMark Johnston KASSERT(!IN6_IS_ADDR_UNSPECIFIED(laddr), 11264130ea61SMark Johnston ("%s: invalid local address", __func__)); 11274130ea61SMark Johnston INP_HASH_LOCK_ASSERT(pcbinfo); 11284130ea61SMark Johnston 11294130ea61SMark Johnston inp = in6_pcblookup_hash_exact(pcbinfo, faddr, fport, laddr, lport); 11304130ea61SMark Johnston if (inp != NULL) 11314130ea61SMark Johnston return (inp); 11324130ea61SMark Johnston 11334130ea61SMark Johnston if ((lookupflags & INPLOOKUP_WILDCARD) != 0) { 11344130ea61SMark Johnston inp = in6_pcblookup_lbgroup(pcbinfo, faddr, fport, laddr, 11354130ea61SMark Johnston lport, numa_domain); 11364130ea61SMark Johnston if (inp == NULL) { 11374130ea61SMark Johnston inp = in6_pcblookup_hash_wild_locked(pcbinfo, faddr, 11384130ea61SMark Johnston fport, laddr, lport); 11394130ea61SMark Johnston } 11404130ea61SMark Johnston } 11414130ea61SMark Johnston return (inp); 11424130ea61SMark Johnston } 11434130ea61SMark Johnston 1144fa046d87SRobert Watson static struct inpcb * 11457b92493aSMark Johnston in6_pcblookup_hash(struct inpcbinfo *pcbinfo, const struct in6_addr *faddr, 11467b92493aSMark Johnston u_int fport, const struct in6_addr *laddr, u_int lport, int lookupflags, 11474130ea61SMark Johnston uint8_t numa_domain) 1148fa046d87SRobert Watson { 1149fa046d87SRobert Watson struct inpcb *inp; 11507b92493aSMark Johnston const inp_lookup_t lockflags = lookupflags & INPLOOKUP_LOCKMASK; 11517b92493aSMark Johnston 11527b92493aSMark Johnston KASSERT((lookupflags & (INPLOOKUP_RLOCKPCB | INPLOOKUP_WLOCKPCB)) != 0, 11537b92493aSMark Johnston ("%s: LOCKPCB not set", __func__)); 11547b92493aSMark Johnston 11557b92493aSMark Johnston INP_HASH_WLOCK(pcbinfo); 11567b92493aSMark Johnston inp = in6_pcblookup_hash_locked(pcbinfo, faddr, fport, laddr, lport, 11577b92493aSMark Johnston lookupflags & ~INPLOOKUP_LOCKMASK, numa_domain); 11587b92493aSMark Johnston if (inp != NULL && !inp_trylock(inp, lockflags)) { 11597b92493aSMark Johnston in_pcbref(inp); 11607b92493aSMark Johnston INP_HASH_WUNLOCK(pcbinfo); 11617b92493aSMark Johnston inp_lock(inp, lockflags); 11627b92493aSMark Johnston if (in_pcbrele(inp, lockflags)) 11637b92493aSMark Johnston /* XXX-MJ or retry until we get a negative match? */ 11647b92493aSMark Johnston inp = NULL; 11657b92493aSMark Johnston } else { 11667b92493aSMark Johnston INP_HASH_WUNLOCK(pcbinfo); 11677b92493aSMark Johnston } 11687b92493aSMark Johnston return (inp); 11697b92493aSMark Johnston } 11707b92493aSMark Johnston 11717b92493aSMark Johnston static struct inpcb * 11727b92493aSMark Johnston in6_pcblookup_hash_smr(struct inpcbinfo *pcbinfo, struct in6_addr *faddr, 11737b92493aSMark Johnston u_int fport_arg, struct in6_addr *laddr, u_int lport_arg, int lookupflags, 11747b92493aSMark Johnston uint8_t numa_domain) 11757b92493aSMark Johnston { 11767b92493aSMark Johnston struct inpcb *inp; 11777b92493aSMark Johnston const inp_lookup_t lockflags = lookupflags & INPLOOKUP_LOCKMASK; 11787b92493aSMark Johnston const u_short fport = fport_arg, lport = lport_arg; 1179fa046d87SRobert Watson 1180675e2618SMark Johnston KASSERT((lookupflags & ~INPLOOKUP_MASK) == 0, 1181675e2618SMark Johnston ("%s: invalid lookup flags %d", __func__, lookupflags)); 1182675e2618SMark Johnston KASSERT((lookupflags & (INPLOOKUP_RLOCKPCB | INPLOOKUP_WLOCKPCB)) != 0, 1183675e2618SMark Johnston ("%s: LOCKPCB not set", __func__)); 1184675e2618SMark Johnston 1185db0ac6deSCy Schubert smr_enter(pcbinfo->ipi_smr); 11867b92493aSMark Johnston inp = in6_pcblookup_hash_exact(pcbinfo, faddr, fport, laddr, lport); 1187fa046d87SRobert Watson if (inp != NULL) { 11887b92493aSMark Johnston if (__predict_true(inp_smr_lock(inp, lockflags))) { 11897b92493aSMark Johnston if (__predict_true(in6_pcblookup_exact_match(inp, 11907b92493aSMark Johnston faddr, fport, laddr, lport))) 11917b92493aSMark Johnston return (inp); 11927b92493aSMark Johnston inp_unlock(inp, lockflags); 11937b92493aSMark Johnston } 11947b92493aSMark Johnston /* 11957b92493aSMark Johnston * We failed to lock the inpcb, or its connection state changed 11967b92493aSMark Johnston * out from under us. Fall back to a precise search. 11977b92493aSMark Johnston */ 11987b92493aSMark Johnston return (in6_pcblookup_hash(pcbinfo, faddr, fport, laddr, lport, 11997b92493aSMark Johnston lookupflags, numa_domain)); 12007b92493aSMark Johnston } 12017b92493aSMark Johnston 12027b92493aSMark Johnston if ((lookupflags & INPLOOKUP_WILDCARD) != 0) { 12037b92493aSMark Johnston inp = in6_pcblookup_lbgroup(pcbinfo, faddr, fport, 12047b92493aSMark Johnston laddr, lport, numa_domain); 12057b92493aSMark Johnston if (inp != NULL) { 12067b92493aSMark Johnston if (__predict_true(inp_smr_lock(inp, lockflags))) { 12077b92493aSMark Johnston if (__predict_true(in6_pcblookup_wild_match(inp, 12087b92493aSMark Johnston laddr, lport) != INPLOOKUP_MATCH_NONE)) 12097b92493aSMark Johnston return (inp); 12107b92493aSMark Johnston inp_unlock(inp, lockflags); 12117b92493aSMark Johnston } 12127b92493aSMark Johnston inp = INP_LOOKUP_AGAIN; 12137b92493aSMark Johnston } else { 12147b92493aSMark Johnston inp = in6_pcblookup_hash_wild_smr(pcbinfo, faddr, fport, 12157b92493aSMark Johnston laddr, lport, lockflags); 12167b92493aSMark Johnston } 12177b92493aSMark Johnston if (inp == INP_LOOKUP_AGAIN) { 12187b92493aSMark Johnston return (in6_pcblookup_hash(pcbinfo, faddr, fport, laddr, 12197b92493aSMark Johnston lport, lookupflags, numa_domain)); 12207b92493aSMark Johnston } 12217b92493aSMark Johnston } 12227b92493aSMark Johnston 12237b92493aSMark Johnston if (inp == NULL) 1224db0ac6deSCy Schubert smr_exit(pcbinfo->ipi_smr); 1225db0ac6deSCy Schubert 1226fa046d87SRobert Watson return (inp); 1227fa046d87SRobert Watson } 1228fa046d87SRobert Watson 1229fa046d87SRobert Watson /* 1230d3c1f003SRobert Watson * Public inpcb lookup routines, accepting a 4-tuple, and optionally, an mbuf 1231d3c1f003SRobert Watson * from which a pre-calculated hash value may be extracted. 1232fa046d87SRobert Watson */ 1233fa046d87SRobert Watson struct inpcb * 1234fa046d87SRobert Watson in6_pcblookup(struct inpcbinfo *pcbinfo, struct in6_addr *faddr, u_int fport, 12354130ea61SMark Johnston struct in6_addr *laddr, u_int lport, int lookupflags, 12364130ea61SMark Johnston struct ifnet *ifp __unused) 1237fa046d87SRobert Watson { 12384130ea61SMark Johnston return (in6_pcblookup_hash_smr(pcbinfo, faddr, fport, laddr, lport, 12394130ea61SMark Johnston lookupflags, M_NODOM)); 1240d3c1f003SRobert Watson } 1241d3c1f003SRobert Watson 1242d3c1f003SRobert Watson struct inpcb * 1243d3c1f003SRobert Watson in6_pcblookup_mbuf(struct inpcbinfo *pcbinfo, struct in6_addr *faddr, 1244d3c1f003SRobert Watson u_int fport, struct in6_addr *laddr, u_int lport, int lookupflags, 12454130ea61SMark Johnston struct ifnet *ifp __unused, struct mbuf *m) 1246d3c1f003SRobert Watson { 12474130ea61SMark Johnston return (in6_pcblookup_hash_smr(pcbinfo, faddr, fport, laddr, lport, 12484130ea61SMark Johnston lookupflags, m->m_pkthdr.numa_domain)); 1249fa046d87SRobert Watson } 1250fa046d87SRobert Watson 125182cd038dSYoshinobu Inoue void 1252dce33a45SErmal Luçi init_sin6(struct sockaddr_in6 *sin6, struct mbuf *m, int srcordst) 125382cd038dSYoshinobu Inoue { 125482cd038dSYoshinobu Inoue struct ip6_hdr *ip; 125582cd038dSYoshinobu Inoue 125682cd038dSYoshinobu Inoue ip = mtod(m, struct ip6_hdr *); 125782cd038dSYoshinobu Inoue bzero(sin6, sizeof(*sin6)); 125882cd038dSYoshinobu Inoue sin6->sin6_len = sizeof(*sin6); 125982cd038dSYoshinobu Inoue sin6->sin6_family = AF_INET6; 1260dce33a45SErmal Luçi sin6->sin6_addr = srcordst ? ip->ip6_dst : ip->ip6_src; 1261a1f7e5f8SHajimu UMEMOTO 1262a1f7e5f8SHajimu UMEMOTO (void)sa6_recoverscope(sin6); /* XXX: should catch errors... */ 126382cd038dSYoshinobu Inoue 126482cd038dSYoshinobu Inoue return; 126582cd038dSYoshinobu Inoue } 1266