1caf43b02SWarner Losh /*- 251369649SPedro F. Giffuni * SPDX-License-Identifier: BSD-3-Clause 351369649SPedro F. Giffuni * 482cd038dSYoshinobu Inoue * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 5fa046d87SRobert Watson * Copyright (c) 2010-2011 Juniper Networks, Inc. 682cd038dSYoshinobu Inoue * All rights reserved. 782cd038dSYoshinobu Inoue * 8fa046d87SRobert Watson * Portions of this software were developed by Robert N. M. Watson under 9fa046d87SRobert Watson * contract to Juniper Networks, Inc. 10fa046d87SRobert Watson * 1182cd038dSYoshinobu Inoue * Redistribution and use in source and binary forms, with or without 1282cd038dSYoshinobu Inoue * modification, are permitted provided that the following conditions 1382cd038dSYoshinobu Inoue * are met: 1482cd038dSYoshinobu Inoue * 1. Redistributions of source code must retain the above copyright 1582cd038dSYoshinobu Inoue * notice, this list of conditions and the following disclaimer. 1682cd038dSYoshinobu Inoue * 2. Redistributions in binary form must reproduce the above copyright 1782cd038dSYoshinobu Inoue * notice, this list of conditions and the following disclaimer in the 1882cd038dSYoshinobu Inoue * documentation and/or other materials provided with the distribution. 1982cd038dSYoshinobu Inoue * 3. Neither the name of the project nor the names of its contributors 2082cd038dSYoshinobu Inoue * may be used to endorse or promote products derived from this software 2182cd038dSYoshinobu Inoue * without specific prior written permission. 2282cd038dSYoshinobu Inoue * 2382cd038dSYoshinobu Inoue * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 2482cd038dSYoshinobu Inoue * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 2582cd038dSYoshinobu Inoue * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 2682cd038dSYoshinobu Inoue * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 2782cd038dSYoshinobu Inoue * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 2882cd038dSYoshinobu Inoue * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2982cd038dSYoshinobu Inoue * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 3082cd038dSYoshinobu Inoue * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 3182cd038dSYoshinobu Inoue * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 3282cd038dSYoshinobu Inoue * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 3382cd038dSYoshinobu Inoue * SUCH DAMAGE. 3482cd038dSYoshinobu Inoue * 35b48287a3SDavid E. O'Brien * $KAME: in6_pcb.c,v 1.31 2001/05/21 05:45:10 jinmei Exp $ 3682cd038dSYoshinobu Inoue */ 3782cd038dSYoshinobu Inoue 38caf43b02SWarner Losh /*- 3982cd038dSYoshinobu Inoue * Copyright (c) 1982, 1986, 1991, 1993 4082cd038dSYoshinobu Inoue * The Regents of the University of California. All rights reserved. 4182cd038dSYoshinobu Inoue * 4282cd038dSYoshinobu Inoue * Redistribution and use in source and binary forms, with or without 4382cd038dSYoshinobu Inoue * modification, are permitted provided that the following conditions 4482cd038dSYoshinobu Inoue * are met: 4582cd038dSYoshinobu Inoue * 1. Redistributions of source code must retain the above copyright 4682cd038dSYoshinobu Inoue * notice, this list of conditions and the following disclaimer. 4782cd038dSYoshinobu Inoue * 2. Redistributions in binary form must reproduce the above copyright 4882cd038dSYoshinobu Inoue * notice, this list of conditions and the following disclaimer in the 4982cd038dSYoshinobu Inoue * documentation and/or other materials provided with the distribution. 50fbbd9655SWarner Losh * 3. Neither the name of the University nor the names of its contributors 5182cd038dSYoshinobu Inoue * may be used to endorse or promote products derived from this software 5282cd038dSYoshinobu Inoue * without specific prior written permission. 5382cd038dSYoshinobu Inoue * 5482cd038dSYoshinobu Inoue * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 5582cd038dSYoshinobu Inoue * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 5682cd038dSYoshinobu Inoue * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 5782cd038dSYoshinobu Inoue * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 5882cd038dSYoshinobu Inoue * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 5982cd038dSYoshinobu Inoue * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 6082cd038dSYoshinobu Inoue * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 6182cd038dSYoshinobu Inoue * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 6282cd038dSYoshinobu Inoue * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 6382cd038dSYoshinobu Inoue * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 6482cd038dSYoshinobu Inoue * SUCH DAMAGE. 6582cd038dSYoshinobu Inoue */ 6682cd038dSYoshinobu Inoue 67b48287a3SDavid E. O'Brien #include <sys/cdefs.h> 6833841545SHajimu UMEMOTO #include "opt_inet.h" 6933841545SHajimu UMEMOTO #include "opt_inet6.h" 706a800098SYoshinobu Inoue #include "opt_ipsec.h" 710c325f53SAlexander V. Chernikov #include "opt_route.h" 727527624eSRobert Watson #include "opt_rss.h" 7382cd038dSYoshinobu Inoue 74a0577692SGleb Smirnoff #include <sys/hash.h> 7582cd038dSYoshinobu Inoue #include <sys/param.h> 7682cd038dSYoshinobu Inoue #include <sys/systm.h> 7782cd038dSYoshinobu Inoue #include <sys/malloc.h> 7882cd038dSYoshinobu Inoue #include <sys/mbuf.h> 79fb59c426SYoshinobu Inoue #include <sys/domain.h> 80fdb987beSMark Johnston #include <sys/proc.h> 8182cd038dSYoshinobu Inoue #include <sys/protosw.h> 82fdb987beSMark Johnston #include <sys/smr.h> 8382cd038dSYoshinobu Inoue #include <sys/socket.h> 8482cd038dSYoshinobu Inoue #include <sys/socketvar.h> 8582cd038dSYoshinobu Inoue #include <sys/sockio.h> 86417b35a9SMark Johnston #include <sys/sysctl.h> 8782cd038dSYoshinobu Inoue #include <sys/errno.h> 8882cd038dSYoshinobu Inoue #include <sys/time.h> 89acd3428bSRobert Watson #include <sys/priv.h> 9082cd038dSYoshinobu Inoue #include <sys/proc.h> 9182cd038dSYoshinobu Inoue #include <sys/jail.h> 9282cd038dSYoshinobu Inoue 9394540027SJeff Roberson #include <vm/uma.h> 9482cd038dSYoshinobu Inoue 9582cd038dSYoshinobu Inoue #include <net/if.h> 9676039bc8SGleb Smirnoff #include <net/if_var.h> 976d768226SGeorge V. Neville-Neil #include <net/if_llatbl.h> 9882cd038dSYoshinobu Inoue #include <net/if_types.h> 9982cd038dSYoshinobu Inoue #include <net/route.h> 100983066f0SAlexander V. Chernikov #include <net/route/nhop.h> 101417b35a9SMark Johnston #include <net/vnet.h> 10282cd038dSYoshinobu Inoue 10382cd038dSYoshinobu Inoue #include <netinet/in.h> 10482cd038dSYoshinobu Inoue #include <netinet/in_var.h> 10582cd038dSYoshinobu Inoue #include <netinet/in_systm.h> 106686cdd19SJun-ichiro itojun Hagino #include <netinet/ip6.h> 107fb59c426SYoshinobu Inoue #include <netinet/ip_var.h> 108ac957cd2SJulian Elischer 10982cd038dSYoshinobu Inoue #include <netinet6/ip6_var.h> 11082cd038dSYoshinobu Inoue #include <netinet6/nd6.h> 11182cd038dSYoshinobu Inoue #include <netinet/in_pcb.h> 1120f617ae4SGleb Smirnoff #include <netinet/in_pcb_var.h> 11382cd038dSYoshinobu Inoue #include <netinet6/in6_pcb.h> 114983066f0SAlexander V. Chernikov #include <netinet6/in6_fib.h> 115a1f7e5f8SHajimu UMEMOTO #include <netinet6/scope6_var.h> 11682cd038dSYoshinobu Inoue 117417b35a9SMark Johnston SYSCTL_DECL(_net_inet6); 118417b35a9SMark Johnston SYSCTL_DECL(_net_inet6_ip6); 119417b35a9SMark Johnston VNET_DEFINE_STATIC(int, connect_in6addr_wild) = 1; 120417b35a9SMark Johnston #define V_connect_in6addr_wild VNET(connect_in6addr_wild) 121417b35a9SMark Johnston SYSCTL_INT(_net_inet6_ip6, OID_AUTO, connect_in6addr_wild, 122417b35a9SMark Johnston CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(connect_in6addr_wild), 0, 123417b35a9SMark Johnston "Allow connecting to the unspecified address for connect(2)"); 124417b35a9SMark Johnston 12582cd038dSYoshinobu Inoue int 126147f018aSGleb Smirnoff in6_pcbsetport(struct in6_addr *laddr, struct inpcb *inp, struct ucred *cred) 127147f018aSGleb Smirnoff { 128147f018aSGleb Smirnoff struct socket *so = inp->inp_socket; 129147f018aSGleb Smirnoff u_int16_t lport = 0; 130147f018aSGleb Smirnoff int error, lookupflags = 0; 131147f018aSGleb Smirnoff #ifdef INVARIANTS 132147f018aSGleb Smirnoff struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 133147f018aSGleb Smirnoff #endif 134147f018aSGleb Smirnoff 135147f018aSGleb Smirnoff INP_WLOCK_ASSERT(inp); 136147f018aSGleb Smirnoff INP_HASH_WLOCK_ASSERT(pcbinfo); 137147f018aSGleb Smirnoff 138147f018aSGleb Smirnoff error = prison_local_ip6(cred, laddr, 139147f018aSGleb Smirnoff ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)); 140147f018aSGleb Smirnoff if (error) 141147f018aSGleb Smirnoff return(error); 142147f018aSGleb Smirnoff 143147f018aSGleb Smirnoff /* XXX: this is redundant when called from in6_pcbbind */ 144147f018aSGleb Smirnoff if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT|SO_REUSEPORT_LB)) == 0) 145147f018aSGleb Smirnoff lookupflags = INPLOOKUP_WILDCARD; 146147f018aSGleb Smirnoff 147147f018aSGleb Smirnoff inp->inp_flags |= INP_ANONPORT; 148147f018aSGleb Smirnoff 149147f018aSGleb Smirnoff error = in_pcb_lport(inp, NULL, &lport, cred, lookupflags); 150147f018aSGleb Smirnoff if (error != 0) 151147f018aSGleb Smirnoff return (error); 152147f018aSGleb Smirnoff 153147f018aSGleb Smirnoff inp->inp_lport = lport; 154147f018aSGleb Smirnoff if (in_pcbinshash(inp) != 0) { 155147f018aSGleb Smirnoff inp->in6p_laddr = in6addr_any; 156147f018aSGleb Smirnoff inp->inp_lport = 0; 157147f018aSGleb Smirnoff return (EAGAIN); 158147f018aSGleb Smirnoff } 159147f018aSGleb Smirnoff 160147f018aSGleb Smirnoff return (0); 161147f018aSGleb Smirnoff } 162147f018aSGleb Smirnoff 1631a43cff9SSean Bruno /* 16401f8ce83SMark Johnston * Determine whether the inpcb can be bound to the specified address/port tuple. 1651a43cff9SSean Bruno */ 16601f8ce83SMark Johnston static int 167bbd0084bSMark Johnston in6_pcbbind_avail(struct inpcb *inp, const struct sockaddr_in6 *sin6, int fib, 16801f8ce83SMark Johnston int sooptions, int lookupflags, struct ucred *cred) 16901f8ce83SMark Johnston { 17001f8ce83SMark Johnston const struct in6_addr *laddr; 17101f8ce83SMark Johnston int reuseport, reuseport_lb; 17201f8ce83SMark Johnston u_short lport; 1731a43cff9SSean Bruno 17401f8ce83SMark Johnston INP_LOCK_ASSERT(inp); 17501f8ce83SMark Johnston INP_HASH_LOCK_ASSERT(inp->inp_pcbinfo); 17607385abdSRobert Watson 17701f8ce83SMark Johnston laddr = &sin6->sin6_addr; 17882cd038dSYoshinobu Inoue lport = sin6->sin6_port; 17901f8ce83SMark Johnston 18001f8ce83SMark Johnston reuseport = (sooptions & SO_REUSEPORT); 18101f8ce83SMark Johnston reuseport_lb = (sooptions & SO_REUSEPORT_LB); 18201f8ce83SMark Johnston 18301f8ce83SMark Johnston if (IN6_IS_ADDR_MULTICAST(laddr)) { 18482cd038dSYoshinobu Inoue /* 18582cd038dSYoshinobu Inoue * Treat SO_REUSEADDR as SO_REUSEPORT for multicast; 18682cd038dSYoshinobu Inoue * allow compepte duplication of binding if 18782cd038dSYoshinobu Inoue * SO_REUSEPORT is set, or if SO_REUSEADDR is set 18882cd038dSYoshinobu Inoue * and a multicast address is bound on both 18982cd038dSYoshinobu Inoue * new and duplicated sockets. 19082cd038dSYoshinobu Inoue */ 19101f8ce83SMark Johnston if ((sooptions & (SO_REUSEADDR | SO_REUSEPORT)) != 0) 19282cd038dSYoshinobu Inoue reuseport = SO_REUSEADDR | SO_REUSEPORT; 1931a43cff9SSean Bruno /* 1941a43cff9SSean Bruno * XXX: How to deal with SO_REUSEPORT_LB here? 1951a43cff9SSean Bruno * Treat same as SO_REUSEPORT for now. 1961a43cff9SSean Bruno */ 19701f8ce83SMark Johnston if ((sooptions & (SO_REUSEADDR | SO_REUSEPORT_LB)) != 0) 1981a43cff9SSean Bruno reuseport_lb = SO_REUSEADDR | SO_REUSEPORT_LB; 19901f8ce83SMark Johnston } else if (!IN6_IS_ADDR_UNSPECIFIED(laddr)) { 20001f8ce83SMark Johnston struct sockaddr_in6 sin6; 201a68cc388SGleb Smirnoff struct epoch_tracker et; 2028c0fec80SRobert Watson struct ifaddr *ifa; 20382cd038dSYoshinobu Inoue 20401f8ce83SMark Johnston memset(&sin6, 0, sizeof(sin6)); 20501f8ce83SMark Johnston sin6.sin6_family = AF_INET6; 20601f8ce83SMark Johnston sin6.sin6_len = sizeof(sin6); 20701f8ce83SMark Johnston sin6.sin6_addr = *laddr; 20801f8ce83SMark Johnston 209a68cc388SGleb Smirnoff NET_EPOCH_ENTER(et); 21001f8ce83SMark Johnston if ((ifa = ifa_ifwithaddr((const struct sockaddr *)&sin6)) == 21101f8ce83SMark Johnston NULL && (inp->inp_flags & INP_BINDANY) == 0) { 212a68cc388SGleb Smirnoff NET_EPOCH_EXIT(et); 21382cd038dSYoshinobu Inoue return (EADDRNOTAVAIL); 214f44270e7SPawel Jakub Dawidek } 21582cd038dSYoshinobu Inoue 21682cd038dSYoshinobu Inoue /* 21782cd038dSYoshinobu Inoue * XXX: bind to an anycast address might accidentally 21882cd038dSYoshinobu Inoue * cause sending a packet with anycast source address. 21933841545SHajimu UMEMOTO * We should allow to bind to a deprecated address, since 2207efe5d92SHajimu UMEMOTO * the application dares to use it. 22182cd038dSYoshinobu Inoue */ 2228c0fec80SRobert Watson if (ifa != NULL && 2238c0fec80SRobert Watson ((struct in6_ifaddr *)ifa)->ia6_flags & 22433841545SHajimu UMEMOTO (IN6_IFF_ANYCAST | IN6_IFF_NOTREADY | IN6_IFF_DETACHED)) { 225a68cc388SGleb Smirnoff NET_EPOCH_EXIT(et); 22682cd038dSYoshinobu Inoue return (EADDRNOTAVAIL); 22782cd038dSYoshinobu Inoue } 228a68cc388SGleb Smirnoff NET_EPOCH_EXIT(et); 22982cd038dSYoshinobu Inoue } 23001f8ce83SMark Johnston 23101f8ce83SMark Johnston if (lport != 0) { 23282cd038dSYoshinobu Inoue struct inpcb *t; 23382cd038dSYoshinobu Inoue 234603724d3SBjoern A. Zeeb if (ntohs(lport) <= V_ipport_reservedhigh && 235603724d3SBjoern A. Zeeb ntohs(lport) >= V_ipport_reservedlow && 236cc426dd3SMateusz Guzik priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT)) 23782cd038dSYoshinobu Inoue return (EACCES); 23845a77bf2SMark Johnston 23901f8ce83SMark Johnston if (!IN6_IS_ADDR_MULTICAST(laddr) && 24001f8ce83SMark Johnston priv_check_cred(inp->inp_cred, PRIV_NETINET_REUSEPORT) != 24101f8ce83SMark Johnston 0) { 242c9756953SMark Johnston /* 243c9756953SMark Johnston * If a socket owned by a different user is already 244c9756953SMark Johnston * bound to this port, fail. In particular, SO_REUSE* 245c9756953SMark Johnston * can only be used to share a port among sockets owned 246c9756953SMark Johnston * by the same user. 247c9756953SMark Johnston * 248c9756953SMark Johnston * However, we can share a port with a connected socket 249c9756953SMark Johnston * which has a unique 4-tuple. 250c9756953SMark Johnston */ 25101f8ce83SMark Johnston t = in6_pcblookup_local(inp->inp_pcbinfo, laddr, lport, 2529a413162SMark Johnston RT_ALL_FIBS, INPLOOKUP_WILDCARD, cred); 2533aff4ccdSMark Johnston if (t != NULL && 25401f8ce83SMark Johnston (inp->inp_socket->so_type != SOCK_STREAM || 255f66145c6SYaroslav Tykhiy IN6_IS_ADDR_UNSPECIFIED(&t->in6p_faddr)) && 25601f8ce83SMark Johnston (inp->inp_cred->cr_uid != t->inp_cred->cr_uid)) 25782cd038dSYoshinobu Inoue return (EADDRINUSE); 258c7c0d948SAdrian Chadd 25967107f45SBjoern A. Zeeb #ifdef INET 26033841545SHajimu UMEMOTO if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0 && 26101f8ce83SMark Johnston IN6_IS_ADDR_UNSPECIFIED(laddr)) { 262fb59c426SYoshinobu Inoue struct sockaddr_in sin; 263fb59c426SYoshinobu Inoue 264fb59c426SYoshinobu Inoue in6_sin6_2_sin(&sin, sin6); 26501f8ce83SMark Johnston t = in_pcblookup_local(inp->inp_pcbinfo, 2669a413162SMark Johnston sin.sin_addr, lport, RT_ALL_FIBS, 2679a413162SMark Johnston INPLOOKUP_WILDCARD, cred); 2683aff4ccdSMark Johnston if (t != NULL && 26901f8ce83SMark Johnston (inp->inp_socket->so_type != SOCK_STREAM || 27045a77bf2SMark Johnston in_nullhost(t->inp_faddr)) && 27186d02c5cSBjoern A. Zeeb (inp->inp_cred->cr_uid != 27286d02c5cSBjoern A. Zeeb t->inp_cred->cr_uid)) 273fb59c426SYoshinobu Inoue return (EADDRINUSE); 274fb59c426SYoshinobu Inoue } 27567107f45SBjoern A. Zeeb #endif 27682cd038dSYoshinobu Inoue } 27701f8ce83SMark Johnston t = in6_pcblookup_local(inp->inp_pcbinfo, laddr, lport, 278bbd0084bSMark Johnston fib, lookupflags, cred); 27945a77bf2SMark Johnston if (t != NULL && ((reuseport | reuseport_lb) & 28045a77bf2SMark Johnston t->inp_socket->so_options) == 0) 28129381b36SMikolaj Golub return (EADDRINUSE); 28267107f45SBjoern A. Zeeb #ifdef INET 28333841545SHajimu UMEMOTO if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0 && 28401f8ce83SMark Johnston IN6_IS_ADDR_UNSPECIFIED(laddr)) { 285fb59c426SYoshinobu Inoue struct sockaddr_in sin; 286fb59c426SYoshinobu Inoue 287fb59c426SYoshinobu Inoue in6_sin6_2_sin(&sin, sin6); 28801f8ce83SMark Johnston t = in_pcblookup_local(inp->inp_pcbinfo, sin.sin_addr, 2899a413162SMark Johnston lport, RT_ALL_FIBS, lookupflags, cred); 29045a77bf2SMark Johnston if (t != NULL && ((reuseport | reuseport_lb) & 29145a77bf2SMark Johnston t->inp_socket->so_options) == 0 && 29245a77bf2SMark Johnston (!in_nullhost(t->inp_laddr) || 2931a43cff9SSean Bruno (t->inp_vflag & INP_IPV6PROTO) != 0)) { 294fb59c426SYoshinobu Inoue return (EADDRINUSE); 295fb59c426SYoshinobu Inoue } 2961a43cff9SSean Bruno } 29767107f45SBjoern A. Zeeb #endif 29882cd038dSYoshinobu Inoue } 29901f8ce83SMark Johnston return (0); 30001f8ce83SMark Johnston } 30101f8ce83SMark Johnston 30201f8ce83SMark Johnston int 303bbd0084bSMark Johnston in6_pcbbind(struct inpcb *inp, struct sockaddr_in6 *sin6, int flags, 304bbd0084bSMark Johnston struct ucred *cred) 30501f8ce83SMark Johnston { 30601f8ce83SMark Johnston struct socket *so = inp->inp_socket; 30701f8ce83SMark Johnston u_short lport = 0; 308bbd0084bSMark Johnston int error, fib, lookupflags, sooptions; 30901f8ce83SMark Johnston 31001f8ce83SMark Johnston INP_WLOCK_ASSERT(inp); 311ffb3d384SMark Johnston INP_HASH_WLOCK_ASSERT(inp->inp_pcbinfo); 31201f8ce83SMark Johnston 31301f8ce83SMark Johnston if (inp->inp_lport || !IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) 31401f8ce83SMark Johnston return (EINVAL); 31501f8ce83SMark Johnston 31601f8ce83SMark Johnston lookupflags = 0; 31701f8ce83SMark Johnston sooptions = atomic_load_int(&so->so_options); 31801f8ce83SMark Johnston if ((sooptions & (SO_REUSEADDR | SO_REUSEPORT | SO_REUSEPORT_LB)) == 0) 31901f8ce83SMark Johnston lookupflags = INPLOOKUP_WILDCARD; 32001f8ce83SMark Johnston if (sin6 == NULL) { 32101f8ce83SMark Johnston if ((error = prison_local_ip6(cred, &inp->in6p_laddr, 32201f8ce83SMark Johnston ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0))) != 0) 32301f8ce83SMark Johnston return (error); 32401f8ce83SMark Johnston } else { 32501f8ce83SMark Johnston KASSERT(sin6->sin6_family == AF_INET6, 32601f8ce83SMark Johnston ("%s: invalid address family for %p", __func__, sin6)); 32701f8ce83SMark Johnston KASSERT(sin6->sin6_len == sizeof(*sin6), 32801f8ce83SMark Johnston ("%s: invalid address length for %p", __func__, sin6)); 32901f8ce83SMark Johnston 33001f8ce83SMark Johnston if ((error = sa6_embedscope(sin6, V_ip6_use_defzone)) != 0) 33101f8ce83SMark Johnston return(error); 33201f8ce83SMark Johnston 33301f8ce83SMark Johnston if ((error = prison_local_ip6(cred, &sin6->sin6_addr, 33401f8ce83SMark Johnston ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0))) != 0) 33501f8ce83SMark Johnston return (error); 33601f8ce83SMark Johnston 337bbd0084bSMark Johnston fib = (flags & INPBIND_FIB) != 0 ? inp->inp_inc.inc_fibnum : 338bbd0084bSMark Johnston RT_ALL_FIBS; 339bbd0084bSMark Johnston 34001f8ce83SMark Johnston /* See if this address/port combo is available. */ 341bbd0084bSMark Johnston error = in6_pcbbind_avail(inp, sin6, fib, sooptions, lookupflags, 34201f8ce83SMark Johnston cred); 34301f8ce83SMark Johnston if (error != 0) 34401f8ce83SMark Johnston return (error); 34501f8ce83SMark Johnston 34601f8ce83SMark Johnston lport = sin6->sin6_port; 34782cd038dSYoshinobu Inoue inp->in6p_laddr = sin6->sin6_addr; 34882cd038dSYoshinobu Inoue } 349bbd0084bSMark Johnston if ((flags & INPBIND_FIB) != 0) 350bbd0084bSMark Johnston inp->inp_flags |= INP_BOUNDFIB; 35182cd038dSYoshinobu Inoue if (lport == 0) { 3524616026fSErmal Luçi if ((error = in6_pcbsetport(&inp->in6p_laddr, inp, cred)) != 0) { 3534a2b2562SBjoern A. Zeeb /* Undo an address bind that may have occurred. */ 354bbd0084bSMark Johnston inp->inp_flags &= ~INP_BOUNDFIB; 3554a2b2562SBjoern A. Zeeb inp->in6p_laddr = in6addr_any; 356b89e82ddSJamie Gritton return (error); 3574a2b2562SBjoern A. Zeeb } 35855fd3bafSBjoern A. Zeeb } else { 35982cd038dSYoshinobu Inoue inp->inp_lport = lport; 36082cd038dSYoshinobu Inoue if (in_pcbinshash(inp) != 0) { 361bbd0084bSMark Johnston inp->inp_flags &= ~INP_BOUNDFIB; 36282cd038dSYoshinobu Inoue inp->in6p_laddr = in6addr_any; 36382cd038dSYoshinobu Inoue inp->inp_lport = 0; 36482cd038dSYoshinobu Inoue return (EAGAIN); 36582cd038dSYoshinobu Inoue } 366686cdd19SJun-ichiro itojun Hagino } 36782cd038dSYoshinobu Inoue return (0); 36882cd038dSYoshinobu Inoue } 36982cd038dSYoshinobu Inoue 37082cd038dSYoshinobu Inoue /* 37182cd038dSYoshinobu Inoue * Transform old in6_pcbconnect() into an inner subroutine for new 37282cd038dSYoshinobu Inoue * in6_pcbconnect(): Do some validity-checking on the remote 37382cd038dSYoshinobu Inoue * address (in mbuf 'nam') and then determine local host address 37482cd038dSYoshinobu Inoue * (i.e., which interface) to use to access that remote host. 37582cd038dSYoshinobu Inoue * 37682cd038dSYoshinobu Inoue * This preserves definition of in6_pcbconnect(), while supporting a 37782cd038dSYoshinobu Inoue * slightly different version for T/TCP. (This is more than 37882cd038dSYoshinobu Inoue * a bit of a kludge, but cleaning up the internal interfaces would 37982cd038dSYoshinobu Inoue * have forced minor changes in every protocol). 38082cd038dSYoshinobu Inoue */ 381a7e201bbSAndrey V. Elsukov static int 382f161d294SMark Johnston in6_pcbladdr(struct inpcb *inp, struct sockaddr_in6 *sin6, 3830bf5377bSAndrey V. Elsukov struct in6_addr *plocal_addr6, bool sas_required) 38482cd038dSYoshinobu Inoue { 38582cd038dSYoshinobu Inoue int error = 0; 386a1f7e5f8SHajimu UMEMOTO int scope_ambiguous = 0; 38788d166bfSBjoern A. Zeeb struct in6_addr in6a; 38882cd038dSYoshinobu Inoue 3893d76be28SGleb Smirnoff NET_EPOCH_ASSERT(); 3908501a69cSRobert Watson INP_WLOCK_ASSERT(inp); 391fa046d87SRobert Watson INP_HASH_WLOCK_ASSERT(inp->inp_pcbinfo); /* XXXRW: why? */ 3928deea4a8SRobert Watson 39382cd038dSYoshinobu Inoue if (sin6->sin6_port == 0) 39482cd038dSYoshinobu Inoue return (EADDRNOTAVAIL); 39582cd038dSYoshinobu Inoue 396603724d3SBjoern A. Zeeb if (sin6->sin6_scope_id == 0 && !V_ip6_use_defzone) 397a1f7e5f8SHajimu UMEMOTO scope_ambiguous = 1; 398603724d3SBjoern A. Zeeb if ((error = sa6_embedscope(sin6, V_ip6_use_defzone)) != 0) 399a1f7e5f8SHajimu UMEMOTO return(error); 400a1f7e5f8SHajimu UMEMOTO 401417b35a9SMark Johnston if (V_connect_in6addr_wild && !CK_STAILQ_EMPTY(&V_in6_ifaddrhead)) { 40282cd038dSYoshinobu Inoue /* 40382cd038dSYoshinobu Inoue * If the destination address is UNSPECIFIED addr, 40482cd038dSYoshinobu Inoue * use the loopback addr, e.g ::1. 40582cd038dSYoshinobu Inoue */ 40682cd038dSYoshinobu Inoue if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) 40782cd038dSYoshinobu Inoue sin6->sin6_addr = in6addr_loopback; 4080c605af3SMark Johnston } else if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 4090c605af3SMark Johnston return (ENETUNREACH); 41082cd038dSYoshinobu Inoue } 4110c605af3SMark Johnston 412b89e82ddSJamie Gritton if ((error = prison_remote_ip6(inp->inp_cred, &sin6->sin6_addr)) != 0) 413b89e82ddSJamie Gritton return (error); 414a1f7e5f8SHajimu UMEMOTO 4150bf5377bSAndrey V. Elsukov if (sas_required) { 416601c0b8bSAlexander V. Chernikov error = in6_selectsrc_socket(sin6, inp->in6p_outputopts, 417601c0b8bSAlexander V. Chernikov inp, inp->inp_cred, scope_ambiguous, &in6a, NULL); 41888d166bfSBjoern A. Zeeb if (error) 41988d166bfSBjoern A. Zeeb return (error); 4200bf5377bSAndrey V. Elsukov } else { 4210bf5377bSAndrey V. Elsukov /* 4220bf5377bSAndrey V. Elsukov * Source address selection isn't required when syncache 4230bf5377bSAndrey V. Elsukov * has already established connection and both source and 4240bf5377bSAndrey V. Elsukov * destination addresses was chosen. 4250bf5377bSAndrey V. Elsukov * 4260bf5377bSAndrey V. Elsukov * This also includes the case when fwd_tag was used to 4270bf5377bSAndrey V. Elsukov * select source address in tcp_input(). 4280bf5377bSAndrey V. Elsukov */ 4290bf5377bSAndrey V. Elsukov in6a = inp->in6p_laddr; 4300bf5377bSAndrey V. Elsukov } 4310bf5377bSAndrey V. Elsukov 432713264f6SMark Johnston if (IN6_IS_ADDR_UNSPECIFIED(&in6a)) 433713264f6SMark Johnston return (EHOSTUNREACH); 43488d166bfSBjoern A. Zeeb /* 43588d166bfSBjoern A. Zeeb * Do not update this earlier, in case we return with an error. 43688d166bfSBjoern A. Zeeb * 437601c0b8bSAlexander V. Chernikov * XXX: this in6_selectsrc_socket result might replace the bound local 438681ffdf9SBjoern A. Zeeb * address with the address specified by setsockopt(IPV6_PKTINFO). 43988d166bfSBjoern A. Zeeb * Is it the intended behavior? 44088d166bfSBjoern A. Zeeb */ 44188d166bfSBjoern A. Zeeb *plocal_addr6 = in6a; 44288d166bfSBjoern A. Zeeb 44382cd038dSYoshinobu Inoue /* 44482cd038dSYoshinobu Inoue * Don't do pcblookup call here; return interface in 44582cd038dSYoshinobu Inoue * plocal_addr6 44682cd038dSYoshinobu Inoue * and exit to caller, that will do the lookup. 44782cd038dSYoshinobu Inoue */ 448a1f7e5f8SHajimu UMEMOTO 44982cd038dSYoshinobu Inoue return (0); 45082cd038dSYoshinobu Inoue } 45182cd038dSYoshinobu Inoue 45282cd038dSYoshinobu Inoue /* 45382cd038dSYoshinobu Inoue * Outer subroutine: 45482cd038dSYoshinobu Inoue * Connect from a socket to a specified address. 45582cd038dSYoshinobu Inoue * Both address and port must be specified in argument sin. 45682cd038dSYoshinobu Inoue * If don't have a local address for this socket yet, 45782cd038dSYoshinobu Inoue * then pick one. 45882cd038dSYoshinobu Inoue */ 45982cd038dSYoshinobu Inoue int 460a9d22cceSGleb Smirnoff in6_pcbconnect(struct inpcb *inp, struct sockaddr_in6 *sin6, struct ucred *cred, 4610bf5377bSAndrey V. Elsukov bool sas_required) 46282cd038dSYoshinobu Inoue { 463fa046d87SRobert Watson struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 46425102351SMike Karels struct sockaddr_in6 laddr6; 46582cd038dSYoshinobu Inoue int error; 46682cd038dSYoshinobu Inoue 4673d76be28SGleb Smirnoff NET_EPOCH_ASSERT(); 4683d76be28SGleb Smirnoff INP_WLOCK_ASSERT(inp); 4693d76be28SGleb Smirnoff INP_HASH_WLOCK_ASSERT(pcbinfo); 470f161d294SMark Johnston KASSERT(sin6->sin6_family == AF_INET6, 471f161d294SMark Johnston ("%s: invalid address family for %p", __func__, sin6)); 472f161d294SMark Johnston KASSERT(sin6->sin6_len == sizeof(*sin6), 473f161d294SMark Johnston ("%s: invalid address length for %p", __func__, sin6)); 474fdb987beSMark Johnston KASSERT(IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr), 475fdb987beSMark Johnston ("%s: inp is already connected", __func__)); 476f161d294SMark Johnston 47725102351SMike Karels bzero(&laddr6, sizeof(laddr6)); 47825102351SMike Karels laddr6.sin6_family = AF_INET6; 47925102351SMike Karels 4800c325f53SAlexander V. Chernikov #ifdef ROUTE_MPATH 4810c325f53SAlexander V. Chernikov if (CALC_FLOWID_OUTBOUND) { 4820c325f53SAlexander V. Chernikov uint32_t hash_type, hash_val; 4830c325f53SAlexander V. Chernikov 4840c325f53SAlexander V. Chernikov hash_val = fib6_calc_software_hash(&inp->in6p_laddr, 4850c325f53SAlexander V. Chernikov &sin6->sin6_addr, 0, sin6->sin6_port, 4860c325f53SAlexander V. Chernikov inp->inp_socket->so_proto->pr_protocol, &hash_type); 4870c325f53SAlexander V. Chernikov inp->inp_flowid = hash_val; 4880c325f53SAlexander V. Chernikov inp->inp_flowtype = hash_type; 4890c325f53SAlexander V. Chernikov } 4900c325f53SAlexander V. Chernikov #endif 49182cd038dSYoshinobu Inoue /* 49282cd038dSYoshinobu Inoue * Call inner routine, to assign local interface address. 49388ff5695SSUZUKI Shinsuke * in6_pcbladdr() may automatically fill in sin6_scope_id. 49482cd038dSYoshinobu Inoue */ 4950bf5377bSAndrey V. Elsukov if ((error = in6_pcbladdr(inp, sin6, &laddr6.sin6_addr, 4960bf5377bSAndrey V. Elsukov sas_required)) != 0) 49782cd038dSYoshinobu Inoue return (error); 49882cd038dSYoshinobu Inoue 499fa046d87SRobert Watson if (in6_pcblookup_hash_locked(pcbinfo, &sin6->sin6_addr, 5004130ea61SMark Johnston sin6->sin6_port, IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr) ? 5014130ea61SMark Johnston &laddr6.sin6_addr : &inp->in6p_laddr, inp->inp_lport, 0, 502*da806e8dSMark Johnston M_NODOM, RT_ALL_FIBS) != NULL) 50382cd038dSYoshinobu Inoue return (EADDRINUSE); 50482cd038dSYoshinobu Inoue if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { 50582cd038dSYoshinobu Inoue if (inp->inp_lport == 0) { 50625102351SMike Karels error = in_pcb_lport_dest(inp, 50725102351SMike Karels (struct sockaddr *) &laddr6, &inp->inp_lport, 508440598ddSJonathan T. Looney (struct sockaddr *) sin6, sin6->sin6_port, cred, 509440598ddSJonathan T. Looney INPLOOKUP_WILDCARD); 5104616026fSErmal Luçi if (error) 51182cd038dSYoshinobu Inoue return (error); 51282cd038dSYoshinobu Inoue } 51325102351SMike Karels inp->in6p_laddr = laddr6.sin6_addr; 51482cd038dSYoshinobu Inoue } 51582cd038dSYoshinobu Inoue inp->in6p_faddr = sin6->sin6_addr; 51682cd038dSYoshinobu Inoue inp->inp_fport = sin6->sin6_port; 51733841545SHajimu UMEMOTO /* update flowinfo - draft-itojun-ipv6-flowlabel-api-00 */ 518fc384fa5SBjoern A. Zeeb inp->inp_flow &= ~IPV6_FLOWLABEL_MASK; 519fc384fa5SBjoern A. Zeeb if (inp->inp_flags & IN6P_AUTOFLOWLABEL) 520fc384fa5SBjoern A. Zeeb inp->inp_flow |= 521b79274baSHajimu UMEMOTO (htonl(ip6_randomflowlabel()) & IPV6_FLOWLABEL_MASK); 52282cd038dSYoshinobu Inoue 523fdb987beSMark Johnston if ((inp->inp_flags & INP_INHASHLIST) != 0) { 524db0ac6deSCy Schubert in_pcbrehash(inp); 525fe1274eeSMichael Tuexen } else { 526db0ac6deSCy Schubert in_pcbinshash(inp); 527fe1274eeSMichael Tuexen } 5282cb64cb2SGeorge V. Neville-Neil 52982cd038dSYoshinobu Inoue return (0); 53082cd038dSYoshinobu Inoue } 53182cd038dSYoshinobu Inoue 53282cd038dSYoshinobu Inoue void 5331272577eSXin LI in6_pcbdisconnect(struct inpcb *inp) 53482cd038dSYoshinobu Inoue { 53507385abdSRobert Watson 5368501a69cSRobert Watson INP_WLOCK_ASSERT(inp); 537fa046d87SRobert Watson INP_HASH_WLOCK_ASSERT(inp->inp_pcbinfo); 538fdb987beSMark Johnston KASSERT(inp->inp_smr == SMR_SEQ_INVALID, 539fdb987beSMark Johnston ("%s: inp %p was already disconnected", __func__, inp)); 54007385abdSRobert Watson 541fdb987beSMark Johnston in_pcbremhash_locked(inp); 542fdb987beSMark Johnston 543fdb987beSMark Johnston /* See the comment in in_pcbinshash(). */ 544fdb987beSMark Johnston inp->inp_smr = smr_advance(inp->inp_pcbinfo->ipi_smr); 545fdb987beSMark Johnston 546fdb987beSMark Johnston /* XXX-MJ torn writes are visible to SMR lookup */ 5472589ec0fSMark Johnston memset(&inp->in6p_laddr, 0, sizeof(inp->in6p_laddr)); 5482589ec0fSMark Johnston memset(&inp->in6p_faddr, 0, sizeof(inp->in6p_faddr)); 54982cd038dSYoshinobu Inoue inp->inp_fport = 0; 55033841545SHajimu UMEMOTO /* clear flowinfo - draft-itojun-ipv6-flowlabel-api-00 */ 551fc384fa5SBjoern A. Zeeb inp->inp_flow &= ~IPV6_FLOWLABEL_MASK; 55282cd038dSYoshinobu Inoue } 55382cd038dSYoshinobu Inoue 55482cd038dSYoshinobu Inoue int 5550fac350cSGleb Smirnoff in6_getsockaddr(struct socket *so, struct sockaddr *sa) 55682cd038dSYoshinobu Inoue { 5573e85b721SEd Maste struct inpcb *inp; 55882cd038dSYoshinobu Inoue 55982cd038dSYoshinobu Inoue inp = sotoinpcb(so); 56054d642bbSRobert Watson KASSERT(inp != NULL, ("in6_getsockaddr: inp == NULL")); 56148477723SRobert Watson 5620fac350cSGleb Smirnoff *(struct sockaddr_in6 *)sa = (struct sockaddr_in6 ){ 5630fac350cSGleb Smirnoff .sin6_len = sizeof(struct sockaddr_in6), 5640fac350cSGleb Smirnoff .sin6_family = AF_INET6, 5650fac350cSGleb Smirnoff .sin6_port = inp->inp_lport, 5660fac350cSGleb Smirnoff .sin6_addr = inp->in6p_laddr, 5670fac350cSGleb Smirnoff }; 5680fac350cSGleb Smirnoff /* XXX: should catch errors */ 5690fac350cSGleb Smirnoff (void)sa6_recoverscope((struct sockaddr_in6 *)sa); 57082cd038dSYoshinobu Inoue 5710fac350cSGleb Smirnoff return (0); 57282cd038dSYoshinobu Inoue } 57382cd038dSYoshinobu Inoue 57482cd038dSYoshinobu Inoue int 5750fac350cSGleb Smirnoff in6_getpeeraddr(struct socket *so, struct sockaddr *sa) 57682cd038dSYoshinobu Inoue { 57782cd038dSYoshinobu Inoue struct inpcb *inp; 57882cd038dSYoshinobu Inoue 57982cd038dSYoshinobu Inoue inp = sotoinpcb(so); 58054d642bbSRobert Watson KASSERT(inp != NULL, ("in6_getpeeraddr: inp == NULL")); 58148477723SRobert Watson 5820fac350cSGleb Smirnoff *(struct sockaddr_in6 *)sa = (struct sockaddr_in6 ){ 5830fac350cSGleb Smirnoff .sin6_len = sizeof(struct sockaddr_in6), 5840fac350cSGleb Smirnoff .sin6_family = AF_INET6, 5850fac350cSGleb Smirnoff .sin6_port = inp->inp_fport, 5860fac350cSGleb Smirnoff .sin6_addr = inp->in6p_faddr, 5870fac350cSGleb Smirnoff }; 5880fac350cSGleb Smirnoff /* XXX: should catch errors */ 5890fac350cSGleb Smirnoff (void)sa6_recoverscope((struct sockaddr_in6 *)sa); 59082cd038dSYoshinobu Inoue 5910fac350cSGleb Smirnoff return (0); 59282cd038dSYoshinobu Inoue } 59382cd038dSYoshinobu Inoue 59482cd038dSYoshinobu Inoue int 5950fac350cSGleb Smirnoff in6_mapped_sockaddr(struct socket *so, struct sockaddr *sa) 59682cd038dSYoshinobu Inoue { 59782cd038dSYoshinobu Inoue int error; 598042fb58dSLexi Winter #ifdef INET 599042fb58dSLexi Winter struct inpcb *inp; 60082cd038dSYoshinobu Inoue 60148477723SRobert Watson inp = sotoinpcb(so); 60248477723SRobert Watson KASSERT(inp != NULL, ("in6_mapped_sockaddr: inp == NULL")); 60348477723SRobert Watson 6045fac4178SHajimu UMEMOTO if ((inp->inp_vflag & (INP_IPV4 | INP_IPV6)) == INP_IPV4) { 6050fac350cSGleb Smirnoff struct sockaddr_in sin; 6060fac350cSGleb Smirnoff 6070fac350cSGleb Smirnoff error = in_getsockaddr(so, (struct sockaddr *)&sin); 608369dc8ceSEivind Eklund if (error == 0) 6090fac350cSGleb Smirnoff in6_sin_2_v4mapsin6(&sin, (struct sockaddr_in6 *)sa); 61067107f45SBjoern A. Zeeb } else 61167107f45SBjoern A. Zeeb #endif 61267107f45SBjoern A. Zeeb { 61354d642bbSRobert Watson /* scope issues will be handled in in6_getsockaddr(). */ 6140fac350cSGleb Smirnoff error = in6_getsockaddr(so, sa); 6157efe5d92SHajimu UMEMOTO } 61682cd038dSYoshinobu Inoue 61782cd038dSYoshinobu Inoue return error; 61882cd038dSYoshinobu Inoue } 61982cd038dSYoshinobu Inoue 62082cd038dSYoshinobu Inoue int 6210fac350cSGleb Smirnoff in6_mapped_peeraddr(struct socket *so, struct sockaddr *sa) 62282cd038dSYoshinobu Inoue { 62382cd038dSYoshinobu Inoue int error; 624042fb58dSLexi Winter #ifdef INET 625042fb58dSLexi Winter struct inpcb *inp; 62682cd038dSYoshinobu Inoue 62748477723SRobert Watson inp = sotoinpcb(so); 62848477723SRobert Watson KASSERT(inp != NULL, ("in6_mapped_peeraddr: inp == NULL")); 62948477723SRobert Watson 6305fac4178SHajimu UMEMOTO if ((inp->inp_vflag & (INP_IPV4 | INP_IPV6)) == INP_IPV4) { 6310fac350cSGleb Smirnoff struct sockaddr_in sin; 6320fac350cSGleb Smirnoff 6330fac350cSGleb Smirnoff error = in_getpeeraddr(so, (struct sockaddr *)&sin); 634369dc8ceSEivind Eklund if (error == 0) 6350fac350cSGleb Smirnoff in6_sin_2_v4mapsin6(&sin, (struct sockaddr_in6 *)sa); 63682cd038dSYoshinobu Inoue } else 63767107f45SBjoern A. Zeeb #endif 638042fb58dSLexi Winter { 63954d642bbSRobert Watson /* scope issues will be handled in in6_getpeeraddr(). */ 6400fac350cSGleb Smirnoff error = in6_getpeeraddr(so, sa); 641042fb58dSLexi Winter } 64282cd038dSYoshinobu Inoue 64382cd038dSYoshinobu Inoue return error; 64482cd038dSYoshinobu Inoue } 64582cd038dSYoshinobu Inoue 64682cd038dSYoshinobu Inoue /* 64782cd038dSYoshinobu Inoue * Pass some notification to all connections of a protocol 64882cd038dSYoshinobu Inoue * associated with address dst. The local address and/or port numbers 64982cd038dSYoshinobu Inoue * may be specified to limit the search. The "usual action" will be 65082cd038dSYoshinobu Inoue * taken, depending on the ctlinput cmd. The caller must filter any 65182cd038dSYoshinobu Inoue * cmds that are uninteresting (e.g., no error in the map). 65282cd038dSYoshinobu Inoue * Call the protocol specific routine (if any) to report 65382cd038dSYoshinobu Inoue * any errors for each matching socket. 65482cd038dSYoshinobu Inoue */ 655db0ac6deSCy Schubert static bool 656db0ac6deSCy Schubert inp_match6(const struct inpcb *inp, void *v __unused) 657db0ac6deSCy Schubert { 658db0ac6deSCy Schubert 659db0ac6deSCy Schubert return ((inp->inp_vflag & INP_IPV6) != 0); 660db0ac6deSCy Schubert } 661fcb3f813SGleb Smirnoff 66282cd038dSYoshinobu Inoue void 66343d39ca7SGleb Smirnoff in6_pcbnotify(struct inpcbinfo *pcbinfo, struct sockaddr_in6 *sa6_dst, 66443d39ca7SGleb Smirnoff u_int fport_arg, const struct sockaddr_in6 *src, u_int lport_arg, 665fcb3f813SGleb Smirnoff int errno, void *cmdarg, 6669233d8f3SDavid E. O'Brien struct inpcb *(*notify)(struct inpcb *, int)) 66782cd038dSYoshinobu Inoue { 668db0ac6deSCy Schubert struct inpcb_iterator inpi = INP_ITERATOR(pcbinfo, INPLOOKUP_WLOCKPCB, 669db0ac6deSCy Schubert inp_match6, NULL); 670db0ac6deSCy Schubert struct inpcb *inp; 67143d39ca7SGleb Smirnoff struct sockaddr_in6 sa6_src; 67282cd038dSYoshinobu Inoue u_short fport = fport_arg, lport = lport_arg; 67333841545SHajimu UMEMOTO u_int32_t flowinfo; 67433841545SHajimu UMEMOTO 67533841545SHajimu UMEMOTO if (IN6_IS_ADDR_UNSPECIFIED(&sa6_dst->sin6_addr)) 67682cd038dSYoshinobu Inoue return; 67782cd038dSYoshinobu Inoue 67882cd038dSYoshinobu Inoue /* 67933841545SHajimu UMEMOTO * note that src can be NULL when we get notify by local fragmentation. 68033841545SHajimu UMEMOTO */ 68143d39ca7SGleb Smirnoff sa6_src = (src == NULL) ? sa6_any : *src; 68233841545SHajimu UMEMOTO flowinfo = sa6_src.sin6_flowinfo; 68333841545SHajimu UMEMOTO 684db0ac6deSCy Schubert while ((inp = inp_next(&inpi)) != NULL) { 685db0ac6deSCy Schubert INP_WLOCK_ASSERT(inp); 686686cdd19SJun-ichiro itojun Hagino /* 687efddf5c6SHajimu UMEMOTO * If the error designates a new path MTU for a destination 688efddf5c6SHajimu UMEMOTO * and the application (associated with this socket) wanted to 6898f1beb88SAndrey V. Elsukov * know the value, notify. 690efddf5c6SHajimu UMEMOTO * XXX: should we avoid to notify the value to TCP sockets? 691efddf5c6SHajimu UMEMOTO */ 692fcb3f813SGleb Smirnoff if (errno == EMSGSIZE && cmdarg != NULL) 69343d39ca7SGleb Smirnoff ip6_notify_pmtu(inp, sa6_dst, *(uint32_t *)cmdarg); 694efddf5c6SHajimu UMEMOTO 695efddf5c6SHajimu UMEMOTO /* 69633841545SHajimu UMEMOTO * Detect if we should notify the error. If no source and 69704389c85SGordon Bergling * destination ports are specified, but non-zero flowinfo and 69833841545SHajimu UMEMOTO * local address match, notify the error. This is the case 69933841545SHajimu UMEMOTO * when the error is delivered with an encrypted buffer 70033841545SHajimu UMEMOTO * by ESP. Otherwise, just compare addresses and ports 70133841545SHajimu UMEMOTO * as usual. 702686cdd19SJun-ichiro itojun Hagino */ 70333841545SHajimu UMEMOTO if (lport == 0 && fport == 0 && flowinfo && 70433841545SHajimu UMEMOTO inp->inp_socket != NULL && 705fc384fa5SBjoern A. Zeeb flowinfo == (inp->inp_flow & IPV6_FLOWLABEL_MASK) && 70633841545SHajimu UMEMOTO IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, &sa6_src.sin6_addr)) 70733841545SHajimu UMEMOTO goto do_notify; 70833841545SHajimu UMEMOTO else if (!IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, 70933841545SHajimu UMEMOTO &sa6_dst->sin6_addr) || 71082cd038dSYoshinobu Inoue inp->inp_socket == 0 || 71182cd038dSYoshinobu Inoue (lport && inp->inp_lport != lport) || 71233841545SHajimu UMEMOTO (!IN6_IS_ADDR_UNSPECIFIED(&sa6_src.sin6_addr) && 71333841545SHajimu UMEMOTO !IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, 71433841545SHajimu UMEMOTO &sa6_src.sin6_addr)) || 715f31f65a7SRobert Watson (fport && inp->inp_fport != fport)) { 71682cd038dSYoshinobu Inoue continue; 717f31f65a7SRobert Watson } 718686cdd19SJun-ichiro itojun Hagino 71933841545SHajimu UMEMOTO do_notify: 720db0ac6deSCy Schubert if (notify) 721db0ac6deSCy Schubert (*notify)(inp, errno); 72282cd038dSYoshinobu Inoue } 72382cd038dSYoshinobu Inoue } 72482cd038dSYoshinobu Inoue 72582cd038dSYoshinobu Inoue /* 726fa046d87SRobert Watson * Lookup a PCB based on the local address and port. Caller must hold the 727fa046d87SRobert Watson * hash lock. No inpcb locks or references are acquired. 72882cd038dSYoshinobu Inoue */ 72982cd038dSYoshinobu Inoue struct inpcb * 73052ef944bSMark Johnston in6_pcblookup_local(struct inpcbinfo *pcbinfo, const struct in6_addr *laddr, 7319a413162SMark Johnston u_short lport, int fib, int lookupflags, struct ucred *cred) 73282cd038dSYoshinobu Inoue { 7333e85b721SEd Maste struct inpcb *inp; 73482cd038dSYoshinobu Inoue int matchwild = 3, wildcard; 73582cd038dSYoshinobu Inoue 73668e0d7e0SRobert Watson KASSERT((lookupflags & ~(INPLOOKUP_WILDCARD)) == 0, 73768e0d7e0SRobert Watson ("%s: invalid lookup flags %d", __func__, lookupflags)); 7389a413162SMark Johnston KASSERT(fib == RT_ALL_FIBS || (fib >= 0 && fib < V_rt_numfibs), 7399a413162SMark Johnston ("%s: invalid fib %d", __func__, fib)); 74068e0d7e0SRobert Watson 741c17cd08fSGleb Smirnoff INP_HASH_LOCK_ASSERT(pcbinfo); 7428deea4a8SRobert Watson 74368e0d7e0SRobert Watson if ((lookupflags & INPLOOKUP_WILDCARD) == 0) { 74482cd038dSYoshinobu Inoue struct inpcbhead *head; 74582cd038dSYoshinobu Inoue /* 74682cd038dSYoshinobu Inoue * Look for an unconnected (wildcard foreign addr) PCB that 74782cd038dSYoshinobu Inoue * matches the local address and port we're looking for. 74882cd038dSYoshinobu Inoue */ 749fdb987beSMark Johnston head = &pcbinfo->ipi_hash_wild[INP_PCBHASH_WILD(lport, 7501b44e5ffSAndrey V. Elsukov pcbinfo->ipi_hashmask)]; 751fdb987beSMark Johnston CK_LIST_FOREACH(inp, head, inp_hash_wild) { 752413628a7SBjoern A. Zeeb /* XXX inp locking */ 753369dc8ceSEivind Eklund if ((inp->inp_vflag & INP_IPV6) == 0) 75482cd038dSYoshinobu Inoue continue; 75582cd038dSYoshinobu Inoue if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) && 75682cd038dSYoshinobu Inoue IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr) && 7579a413162SMark Johnston inp->inp_lport == lport && (fib == RT_ALL_FIBS || 7589a413162SMark Johnston inp->inp_inc.inc_fibnum == fib)) { 759413628a7SBjoern A. Zeeb /* Found. */ 760ac1750ddSMark Johnston if (prison_equal_ip6(cred->cr_prison, 7610304c731SJamie Gritton inp->inp_cred->cr_prison)) 76282cd038dSYoshinobu Inoue return (inp); 76382cd038dSYoshinobu Inoue } 76482cd038dSYoshinobu Inoue } 76582cd038dSYoshinobu Inoue /* 76682cd038dSYoshinobu Inoue * Not found. 76782cd038dSYoshinobu Inoue */ 76882cd038dSYoshinobu Inoue return (NULL); 76982cd038dSYoshinobu Inoue } else { 77082cd038dSYoshinobu Inoue struct inpcbporthead *porthash; 77182cd038dSYoshinobu Inoue struct inpcbport *phd; 77282cd038dSYoshinobu Inoue struct inpcb *match = NULL; 77382cd038dSYoshinobu Inoue /* 77482cd038dSYoshinobu Inoue * Best fit PCB lookup. 77582cd038dSYoshinobu Inoue * 77682cd038dSYoshinobu Inoue * First see if this local port is in use by looking on the 77782cd038dSYoshinobu Inoue * port hash list. 77882cd038dSYoshinobu Inoue */ 779712fc218SRobert Watson porthash = &pcbinfo->ipi_porthashbase[INP_PCBPORTHASH(lport, 780712fc218SRobert Watson pcbinfo->ipi_porthashmask)]; 781b872626dSMatt Macy CK_LIST_FOREACH(phd, porthash, phd_hash) { 78282cd038dSYoshinobu Inoue if (phd->phd_port == lport) 78382cd038dSYoshinobu Inoue break; 78482cd038dSYoshinobu Inoue } 78582cd038dSYoshinobu Inoue if (phd != NULL) { 78682cd038dSYoshinobu Inoue /* 78782cd038dSYoshinobu Inoue * Port is in use by one or more PCBs. Look for best 78882cd038dSYoshinobu Inoue * fit. 78982cd038dSYoshinobu Inoue */ 790b872626dSMatt Macy CK_LIST_FOREACH(inp, &phd->phd_pcblist, inp_portlist) { 79182cd038dSYoshinobu Inoue wildcard = 0; 792ac1750ddSMark Johnston if (!prison_equal_ip6(cred->cr_prison, 7930304c731SJamie Gritton inp->inp_cred->cr_prison)) 794413628a7SBjoern A. Zeeb continue; 795413628a7SBjoern A. Zeeb /* XXX inp locking */ 796369dc8ceSEivind Eklund if ((inp->inp_vflag & INP_IPV6) == 0) 79782cd038dSYoshinobu Inoue continue; 7989a413162SMark Johnston if (fib != RT_ALL_FIBS && 7999a413162SMark Johnston inp->inp_inc.inc_fibnum != fib) 8009a413162SMark Johnston continue; 80182cd038dSYoshinobu Inoue if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr)) 80282cd038dSYoshinobu Inoue wildcard++; 80382cd038dSYoshinobu Inoue if (!IN6_IS_ADDR_UNSPECIFIED( 80482cd038dSYoshinobu Inoue &inp->in6p_laddr)) { 80582cd038dSYoshinobu Inoue if (IN6_IS_ADDR_UNSPECIFIED(laddr)) 80682cd038dSYoshinobu Inoue wildcard++; 80782cd038dSYoshinobu Inoue else if (!IN6_ARE_ADDR_EQUAL( 80882cd038dSYoshinobu Inoue &inp->in6p_laddr, laddr)) 80982cd038dSYoshinobu Inoue continue; 81082cd038dSYoshinobu Inoue } else { 81182cd038dSYoshinobu Inoue if (!IN6_IS_ADDR_UNSPECIFIED(laddr)) 81282cd038dSYoshinobu Inoue wildcard++; 81382cd038dSYoshinobu Inoue } 81482cd038dSYoshinobu Inoue if (wildcard < matchwild) { 81582cd038dSYoshinobu Inoue match = inp; 81682cd038dSYoshinobu Inoue matchwild = wildcard; 817413628a7SBjoern A. Zeeb if (matchwild == 0) 81882cd038dSYoshinobu Inoue break; 81982cd038dSYoshinobu Inoue } 82082cd038dSYoshinobu Inoue } 82182cd038dSYoshinobu Inoue } 82282cd038dSYoshinobu Inoue return (match); 82382cd038dSYoshinobu Inoue } 82482cd038dSYoshinobu Inoue } 82582cd038dSYoshinobu Inoue 826db0ac6deSCy Schubert static bool 827db0ac6deSCy Schubert in6_multi_match(const struct inpcb *inp, void *v __unused) 828db0ac6deSCy Schubert { 829db0ac6deSCy Schubert 830db0ac6deSCy Schubert if ((inp->inp_vflag & INP_IPV6) && inp->in6p_moptions != NULL) 831db0ac6deSCy Schubert return (true); 832db0ac6deSCy Schubert else 833db0ac6deSCy Schubert return (false); 834db0ac6deSCy Schubert } 835db0ac6deSCy Schubert 836e43cc4aeSHajimu UMEMOTO void 8371272577eSXin LI in6_pcbpurgeif0(struct inpcbinfo *pcbinfo, struct ifnet *ifp) 838e43cc4aeSHajimu UMEMOTO { 839db0ac6deSCy Schubert struct inpcb_iterator inpi = INP_ITERATOR(pcbinfo, INPLOOKUP_RLOCKPCB, 840db0ac6deSCy Schubert in6_multi_match, NULL); 8410ecd976eSBjoern A. Zeeb struct inpcb *inp; 84259854ecfSHans Petter Selasky struct in6_multi *inm; 84359854ecfSHans Petter Selasky struct in6_mfilter *imf; 844e43cc4aeSHajimu UMEMOTO struct ip6_moptions *im6o; 845e43cc4aeSHajimu UMEMOTO 846db0ac6deSCy Schubert IN6_MULTI_LOCK_ASSERT(); 847db0ac6deSCy Schubert 848db0ac6deSCy Schubert while ((inp = inp_next(&inpi)) != NULL) { 849db0ac6deSCy Schubert INP_RLOCK_ASSERT(inp); 850db0ac6deSCy Schubert 8510ecd976eSBjoern A. Zeeb im6o = inp->in6p_moptions; 852e43cc4aeSHajimu UMEMOTO /* 85333cde130SBruce M Simpson * Unselect the outgoing ifp for multicast if it 85433cde130SBruce M Simpson * is being detached. 855e43cc4aeSHajimu UMEMOTO */ 856e43cc4aeSHajimu UMEMOTO if (im6o->im6o_multicast_ifp == ifp) 857e43cc4aeSHajimu UMEMOTO im6o->im6o_multicast_ifp = NULL; 858e43cc4aeSHajimu UMEMOTO /* 859e43cc4aeSHajimu UMEMOTO * Drop multicast group membership if we joined 860e43cc4aeSHajimu UMEMOTO * through the interface being detached. 861e43cc4aeSHajimu UMEMOTO */ 86259854ecfSHans Petter Selasky restart: 86359854ecfSHans Petter Selasky IP6_MFILTER_FOREACH(imf, &im6o->im6o_head) { 86459854ecfSHans Petter Selasky if ((inm = imf->im6f_in6m) == NULL) 86559854ecfSHans Petter Selasky continue; 86659854ecfSHans Petter Selasky if (inm->in6m_ifp != ifp) 86759854ecfSHans Petter Selasky continue; 86859854ecfSHans Petter Selasky ip6_mfilter_remove(&im6o->im6o_head, imf); 86959854ecfSHans Petter Selasky in6_leavegroup_locked(inm, NULL); 87059854ecfSHans Petter Selasky ip6_mfilter_free(imf); 87159854ecfSHans Petter Selasky goto restart; 872e43cc4aeSHajimu UMEMOTO } 873e43cc4aeSHajimu UMEMOTO } 874e43cc4aeSHajimu UMEMOTO } 875e43cc4aeSHajimu UMEMOTO 87682cd038dSYoshinobu Inoue /* 87782cd038dSYoshinobu Inoue * Check for alternatives when higher level complains 87882cd038dSYoshinobu Inoue * about service problems. For now, invalidate cached 87982cd038dSYoshinobu Inoue * routing information. If the route was created dynamically 88082cd038dSYoshinobu Inoue * (by a redirect), time to try a default gateway again. 88182cd038dSYoshinobu Inoue */ 88282cd038dSYoshinobu Inoue void 883ec86402eSBjoern A. Zeeb in6_losing(struct inpcb *inp) 88482cd038dSYoshinobu Inoue { 8851272577eSXin LI 886ec86402eSBjoern A. Zeeb RO_INVALIDATE_CACHE(&inp->inp_route6); 88782cd038dSYoshinobu Inoue } 88882cd038dSYoshinobu Inoue 88982cd038dSYoshinobu Inoue /* 89082cd038dSYoshinobu Inoue * After a routing change, flush old routing 89182cd038dSYoshinobu Inoue * and allocate a (hopefully) better one. 89282cd038dSYoshinobu Inoue */ 8933ce144eaSJeffrey Hsu struct inpcb * 894ec86402eSBjoern A. Zeeb in6_rtchange(struct inpcb *inp, int errno __unused) 89582cd038dSYoshinobu Inoue { 89684cc0778SGeorge V. Neville-Neil 897ec86402eSBjoern A. Zeeb RO_INVALIDATE_CACHE(&inp->inp_route6); 8983ce144eaSJeffrey Hsu return inp; 89982cd038dSYoshinobu Inoue } 90082cd038dSYoshinobu Inoue 901d93ec8cbSMark Johnston static bool 902*da806e8dSMark Johnston in6_pcblookup_lb_match(const struct inpcblbgroup *grp, int domain, int fib) 903d93ec8cbSMark Johnston { 904*da806e8dSMark Johnston return ((domain == M_NODOM || domain == grp->il_numa_domain) && 905*da806e8dSMark Johnston (fib == RT_ALL_FIBS || fib == grp->il_fibnum)); 906d93ec8cbSMark Johnston } 907d93ec8cbSMark Johnston 9081a43cff9SSean Bruno static struct inpcb * 9091a43cff9SSean Bruno in6_pcblookup_lbgroup(const struct inpcbinfo *pcbinfo, 9104130ea61SMark Johnston const struct in6_addr *faddr, uint16_t fport, const struct in6_addr *laddr, 911*da806e8dSMark Johnston uint16_t lport, uint8_t domain, int fib) 9121a43cff9SSean Bruno { 9131a43cff9SSean Bruno const struct inpcblbgrouphead *hdr; 9141a43cff9SSean Bruno struct inpcblbgroup *grp; 915d93ec8cbSMark Johnston struct inpcblbgroup *jail_exact, *jail_wild, *local_exact, *local_wild; 916a600aabeSMark Johnston struct inpcb *inp; 917a600aabeSMark Johnston u_int count; 9181a43cff9SSean Bruno 9191a43cff9SSean Bruno INP_HASH_LOCK_ASSERT(pcbinfo); 920*da806e8dSMark Johnston NET_EPOCH_ASSERT(); 9211a43cff9SSean Bruno 9229d2877fcSMark Johnston hdr = &pcbinfo->ipi_lbgrouphashbase[ 9239d2877fcSMark Johnston INP_PCBPORTHASH(lport, pcbinfo->ipi_lbgrouphashmask)]; 9241a43cff9SSean Bruno 9251a43cff9SSean Bruno /* 926d93ec8cbSMark Johnston * Search for an LB group match based on the following criteria: 927d93ec8cbSMark Johnston * - prefer jailed groups to non-jailed groups 928d93ec8cbSMark Johnston * - prefer exact source address matches to wildcard matches 929d93ec8cbSMark Johnston * - prefer groups bound to the specified NUMA domain 9301a43cff9SSean Bruno */ 931d93ec8cbSMark Johnston jail_exact = jail_wild = local_exact = local_wild = NULL; 93254af3d0dSMark Johnston CK_LIST_FOREACH(grp, hdr, il_list) { 933d93ec8cbSMark Johnston bool injail; 934d93ec8cbSMark Johnston 9354b82a7b6SAndrew Gallatin #ifdef INET 9364b82a7b6SAndrew Gallatin if (!(grp->il_vflag & INP_IPV6)) 9374b82a7b6SAndrew Gallatin continue; 9384b82a7b6SAndrew Gallatin #endif 939d3a4b0daSMark Johnston if (grp->il_lport != lport) 940d3a4b0daSMark Johnston continue; 9411a43cff9SSean Bruno 942d93ec8cbSMark Johnston injail = prison_flag(grp->il_cred, PR_IP6) != 0; 943d93ec8cbSMark Johnston if (injail && prison_check_ip6_locked(grp->il_cred->cr_prison, 944d93ec8cbSMark Johnston laddr) != 0) 945d93ec8cbSMark Johnston continue; 946d93ec8cbSMark Johnston 947a034518aSAndrew Gallatin if (IN6_ARE_ADDR_EQUAL(&grp->il6_laddr, laddr)) { 948d93ec8cbSMark Johnston if (injail) { 949d93ec8cbSMark Johnston jail_exact = grp; 950*da806e8dSMark Johnston if (in6_pcblookup_lb_match(grp, domain, fib)) 951d93ec8cbSMark Johnston /* This is a perfect match. */ 952d93ec8cbSMark Johnston goto out; 953d93ec8cbSMark Johnston } else if (local_exact == NULL || 954*da806e8dSMark Johnston in6_pcblookup_lb_match(grp, domain, fib)) { 955d93ec8cbSMark Johnston local_exact = grp; 956a034518aSAndrew Gallatin } 9574130ea61SMark Johnston } else if (IN6_IS_ADDR_UNSPECIFIED(&grp->il6_laddr)) { 958d93ec8cbSMark Johnston if (injail) { 959d93ec8cbSMark Johnston if (jail_wild == NULL || 960*da806e8dSMark Johnston in6_pcblookup_lb_match(grp, domain, fib)) 961d93ec8cbSMark Johnston jail_wild = grp; 962d93ec8cbSMark Johnston } else if (local_wild == NULL || 963*da806e8dSMark Johnston in6_pcblookup_lb_match(grp, domain, fib)) { 964d93ec8cbSMark Johnston local_wild = grp; 965d93ec8cbSMark Johnston } 966d93ec8cbSMark Johnston } 967d93ec8cbSMark Johnston } 968d93ec8cbSMark Johnston 969d93ec8cbSMark Johnston if (jail_exact != NULL) 970d93ec8cbSMark Johnston grp = jail_exact; 971d93ec8cbSMark Johnston else if (jail_wild != NULL) 972d93ec8cbSMark Johnston grp = jail_wild; 973d93ec8cbSMark Johnston else if (local_exact != NULL) 974d93ec8cbSMark Johnston grp = local_exact; 975a034518aSAndrew Gallatin else 976d93ec8cbSMark Johnston grp = local_wild; 977d93ec8cbSMark Johnston if (grp == NULL) 978d93ec8cbSMark Johnston return (NULL); 979d93ec8cbSMark Johnston out: 980a600aabeSMark Johnston /* 981a600aabeSMark Johnston * Synchronize with in_pcblbgroup_insert(). 982a600aabeSMark Johnston */ 983a600aabeSMark Johnston count = atomic_load_acq_int(&grp->il_inpcnt); 984a600aabeSMark Johnston if (count == 0) 985a600aabeSMark Johnston return (NULL); 986a600aabeSMark Johnston inp = grp->il_inp[INP6_PCBLBGROUP_PKTHASH(faddr, lport, fport) % count]; 987a600aabeSMark Johnston KASSERT(inp != NULL, ("%s: inp == NULL", __func__)); 988a600aabeSMark Johnston return (inp); 9891a43cff9SSean Bruno } 9901a43cff9SSean Bruno 9913e98dcb3SMark Johnston static bool 9923e98dcb3SMark Johnston in6_pcblookup_exact_match(const struct inpcb *inp, const struct in6_addr *faddr, 9933e98dcb3SMark Johnston u_short fport, const struct in6_addr *laddr, u_short lport) 9943e98dcb3SMark Johnston { 9953e98dcb3SMark Johnston /* XXX inp locking */ 9963e98dcb3SMark Johnston if ((inp->inp_vflag & INP_IPV6) == 0) 9973e98dcb3SMark Johnston return (false); 9983e98dcb3SMark Johnston if (IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, faddr) && 9993e98dcb3SMark Johnston IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr) && 10003e98dcb3SMark Johnston inp->inp_fport == fport && inp->inp_lport == lport) 10013e98dcb3SMark Johnston return (true); 10023e98dcb3SMark Johnston return (false); 10033e98dcb3SMark Johnston } 10043e98dcb3SMark Johnston 10054130ea61SMark Johnston static struct inpcb * 10067b92493aSMark Johnston in6_pcblookup_hash_exact(struct inpcbinfo *pcbinfo, 10077b92493aSMark Johnston const struct in6_addr *faddr, u_short fport, 10087b92493aSMark Johnston const struct in6_addr *laddr, u_short lport) 100982cd038dSYoshinobu Inoue { 101082cd038dSYoshinobu Inoue struct inpcbhead *head; 10113e98dcb3SMark Johnston struct inpcb *inp; 101268e0d7e0SRobert Watson 1013fa046d87SRobert Watson INP_HASH_LOCK_ASSERT(pcbinfo); 10148deea4a8SRobert Watson 101582cd038dSYoshinobu Inoue /* 101682cd038dSYoshinobu Inoue * First look for an exact match. 101782cd038dSYoshinobu Inoue */ 1018fdb987beSMark Johnston head = &pcbinfo->ipi_hash_exact[INP6_PCBHASH(faddr, lport, fport, 1019a0577692SGleb Smirnoff pcbinfo->ipi_hashmask)]; 1020fdb987beSMark Johnston CK_LIST_FOREACH(inp, head, inp_hash_exact) { 10213e98dcb3SMark Johnston if (in6_pcblookup_exact_match(inp, faddr, fport, laddr, lport)) 102282cd038dSYoshinobu Inoue return (inp); 102382cd038dSYoshinobu Inoue } 10243e98dcb3SMark Johnston return (NULL); 10253e98dcb3SMark Johnston } 10263e98dcb3SMark Johnston 10273e98dcb3SMark Johnston typedef enum { 10283e98dcb3SMark Johnston INPLOOKUP_MATCH_NONE = 0, 10293e98dcb3SMark Johnston INPLOOKUP_MATCH_WILD = 1, 10303e98dcb3SMark Johnston INPLOOKUP_MATCH_LADDR = 2, 10313e98dcb3SMark Johnston } inp_lookup_match_t; 10323e98dcb3SMark Johnston 10333e98dcb3SMark Johnston static inp_lookup_match_t 10343e98dcb3SMark Johnston in6_pcblookup_wild_match(const struct inpcb *inp, const struct in6_addr *laddr, 1035*da806e8dSMark Johnston u_short lport, int fib) 10363e98dcb3SMark Johnston { 10373e98dcb3SMark Johnston /* XXX inp locking */ 10383e98dcb3SMark Johnston if ((inp->inp_vflag & INP_IPV6) == 0) 10393e98dcb3SMark Johnston return (INPLOOKUP_MATCH_NONE); 10403e98dcb3SMark Johnston if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) || 10413e98dcb3SMark Johnston inp->inp_lport != lport) 10423e98dcb3SMark Johnston return (INPLOOKUP_MATCH_NONE); 1043*da806e8dSMark Johnston if (fib != RT_ALL_FIBS && inp->inp_inc.inc_fibnum != fib) 1044*da806e8dSMark Johnston return (INPLOOKUP_MATCH_NONE); 10453e98dcb3SMark Johnston if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) 10463e98dcb3SMark Johnston return (INPLOOKUP_MATCH_WILD); 10473e98dcb3SMark Johnston if (IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr)) 10483e98dcb3SMark Johnston return (INPLOOKUP_MATCH_LADDR); 10493e98dcb3SMark Johnston return (INPLOOKUP_MATCH_NONE); 10504130ea61SMark Johnston } 105182cd038dSYoshinobu Inoue 10527b92493aSMark Johnston #define INP_LOOKUP_AGAIN ((struct inpcb *)(uintptr_t)-1) 10537b92493aSMark Johnston 10547b92493aSMark Johnston static struct inpcb * 10557b92493aSMark Johnston in6_pcblookup_hash_wild_smr(struct inpcbinfo *pcbinfo, 1056*da806e8dSMark Johnston const struct in6_addr *laddr, u_short lport, int fib, 1057*da806e8dSMark Johnston const inp_lookup_t lockflags) 10587b92493aSMark Johnston { 10597b92493aSMark Johnston struct inpcbhead *head; 10607b92493aSMark Johnston struct inpcb *inp; 10617b92493aSMark Johnston 10627b92493aSMark Johnston KASSERT(SMR_ENTERED(pcbinfo->ipi_smr), 10637b92493aSMark Johnston ("%s: not in SMR read section", __func__)); 10647b92493aSMark Johnston 10657b92493aSMark Johnston head = &pcbinfo->ipi_hash_wild[INP_PCBHASH_WILD(lport, 10667b92493aSMark Johnston pcbinfo->ipi_hashmask)]; 10677b92493aSMark Johnston CK_LIST_FOREACH(inp, head, inp_hash_wild) { 10687b92493aSMark Johnston inp_lookup_match_t match; 10697b92493aSMark Johnston 1070*da806e8dSMark Johnston match = in6_pcblookup_wild_match(inp, laddr, lport, fib); 10717b92493aSMark Johnston if (match == INPLOOKUP_MATCH_NONE) 10727b92493aSMark Johnston continue; 10737b92493aSMark Johnston 10747b92493aSMark Johnston if (__predict_true(inp_smr_lock(inp, lockflags))) { 1075*da806e8dSMark Johnston match = in6_pcblookup_wild_match(inp, laddr, lport, 1076*da806e8dSMark Johnston fib); 1077a306ed50SMark Johnston if (match != INPLOOKUP_MATCH_NONE && 1078a306ed50SMark Johnston prison_check_ip6_locked(inp->inp_cred->cr_prison, 1079a306ed50SMark Johnston laddr) == 0) 10807b92493aSMark Johnston return (inp); 10817b92493aSMark Johnston inp_unlock(inp, lockflags); 10827b92493aSMark Johnston } 10837b92493aSMark Johnston 10847b92493aSMark Johnston /* 10857b92493aSMark Johnston * The matching socket disappeared out from under us. Fall back 10867b92493aSMark Johnston * to a serialized lookup. 10877b92493aSMark Johnston */ 10887b92493aSMark Johnston return (INP_LOOKUP_AGAIN); 10897b92493aSMark Johnston } 10907b92493aSMark Johnston return (NULL); 10917b92493aSMark Johnston } 10927b92493aSMark Johnston 10934130ea61SMark Johnston static struct inpcb * 10944130ea61SMark Johnston in6_pcblookup_hash_wild_locked(struct inpcbinfo *pcbinfo, 1095*da806e8dSMark Johnston const struct in6_addr *laddr, u_short lport, int fib) 10964130ea61SMark Johnston { 10974130ea61SMark Johnston struct inpcbhead *head; 10984130ea61SMark Johnston struct inpcb *inp, *jail_wild, *local_exact, *local_wild; 1099d93ec8cbSMark Johnston 11003e98dcb3SMark Johnston INP_HASH_LOCK_ASSERT(pcbinfo); 11013e98dcb3SMark Johnston 1102d93ec8cbSMark Johnston /* 1103413628a7SBjoern A. Zeeb * Order of socket selection - we always prefer jails. 1104413628a7SBjoern A. Zeeb * 1. jailed, non-wild. 1105413628a7SBjoern A. Zeeb * 2. jailed, wild. 1106413628a7SBjoern A. Zeeb * 3. non-jailed, non-wild. 1107413628a7SBjoern A. Zeeb * 4. non-jailed, wild. 1108413628a7SBjoern A. Zeeb */ 1109fdb987beSMark Johnston head = &pcbinfo->ipi_hash_wild[INP_PCBHASH_WILD(lport, 11101b44e5ffSAndrey V. Elsukov pcbinfo->ipi_hashmask)]; 11114130ea61SMark Johnston local_wild = local_exact = jail_wild = NULL; 1112fdb987beSMark Johnston CK_LIST_FOREACH(inp, head, inp_hash_wild) { 11133e98dcb3SMark Johnston inp_lookup_match_t match; 11144130ea61SMark Johnston bool injail; 11154130ea61SMark Johnston 1116*da806e8dSMark Johnston match = in6_pcblookup_wild_match(inp, laddr, lport, fib); 11173e98dcb3SMark Johnston if (match == INPLOOKUP_MATCH_NONE) 111882cd038dSYoshinobu Inoue continue; 1119413628a7SBjoern A. Zeeb 11204130ea61SMark Johnston injail = prison_flag(inp->inp_cred, PR_IP6) != 0; 1121413628a7SBjoern A. Zeeb if (injail) { 1122185e659cSGleb Smirnoff if (prison_check_ip6_locked( 1123185e659cSGleb Smirnoff inp->inp_cred->cr_prison, laddr) != 0) 1124413628a7SBjoern A. Zeeb continue; 1125413628a7SBjoern A. Zeeb } else { 1126413628a7SBjoern A. Zeeb if (local_exact != NULL) 1127413628a7SBjoern A. Zeeb continue; 1128413628a7SBjoern A. Zeeb } 1129413628a7SBjoern A. Zeeb 11303e98dcb3SMark Johnston if (match == INPLOOKUP_MATCH_LADDR) { 1131413628a7SBjoern A. Zeeb if (injail) 113282cd038dSYoshinobu Inoue return (inp); 1133413628a7SBjoern A. Zeeb else 1134413628a7SBjoern A. Zeeb local_exact = inp; 11353e98dcb3SMark Johnston } else { 1136413628a7SBjoern A. Zeeb if (injail) 1137413628a7SBjoern A. Zeeb jail_wild = inp; 1138413628a7SBjoern A. Zeeb else 113982cd038dSYoshinobu Inoue local_wild = inp; 114082cd038dSYoshinobu Inoue } 11414130ea61SMark Johnston } 1142413628a7SBjoern A. Zeeb 1143413628a7SBjoern A. Zeeb if (jail_wild != NULL) 1144413628a7SBjoern A. Zeeb return (jail_wild); 1145413628a7SBjoern A. Zeeb if (local_exact != NULL) 1146413628a7SBjoern A. Zeeb return (local_exact); 1147413628a7SBjoern A. Zeeb if (local_wild != NULL) 114882cd038dSYoshinobu Inoue return (local_wild); 114982cd038dSYoshinobu Inoue return (NULL); 115082cd038dSYoshinobu Inoue } 115182cd038dSYoshinobu Inoue 11524130ea61SMark Johnston struct inpcb * 11537b92493aSMark Johnston in6_pcblookup_hash_locked(struct inpcbinfo *pcbinfo, 11547b92493aSMark Johnston const struct in6_addr *faddr, u_int fport_arg, 11557b92493aSMark Johnston const struct in6_addr *laddr, u_int lport_arg, 1156*da806e8dSMark Johnston int lookupflags, uint8_t numa_domain, int fib) 11574130ea61SMark Johnston { 11584130ea61SMark Johnston struct inpcb *inp; 11594130ea61SMark Johnston u_short fport = fport_arg, lport = lport_arg; 11604130ea61SMark Johnston 1161*da806e8dSMark Johnston KASSERT((lookupflags & ~(INPLOOKUP_WILDCARD | INPLOOKUP_FIB)) == 0, 11624130ea61SMark Johnston ("%s: invalid lookup flags %d", __func__, lookupflags)); 11634130ea61SMark Johnston KASSERT(!IN6_IS_ADDR_UNSPECIFIED(faddr), 11644130ea61SMark Johnston ("%s: invalid foreign address", __func__)); 11654130ea61SMark Johnston KASSERT(!IN6_IS_ADDR_UNSPECIFIED(laddr), 11664130ea61SMark Johnston ("%s: invalid local address", __func__)); 11674130ea61SMark Johnston INP_HASH_LOCK_ASSERT(pcbinfo); 11684130ea61SMark Johnston 11694130ea61SMark Johnston inp = in6_pcblookup_hash_exact(pcbinfo, faddr, fport, laddr, lport); 11704130ea61SMark Johnston if (inp != NULL) 11714130ea61SMark Johnston return (inp); 11724130ea61SMark Johnston 11734130ea61SMark Johnston if ((lookupflags & INPLOOKUP_WILDCARD) != 0) { 11744130ea61SMark Johnston inp = in6_pcblookup_lbgroup(pcbinfo, faddr, fport, laddr, 1175*da806e8dSMark Johnston lport, numa_domain, fib); 11764130ea61SMark Johnston if (inp == NULL) { 117721d7ac8cSMark Johnston inp = in6_pcblookup_hash_wild_locked(pcbinfo, 1178*da806e8dSMark Johnston laddr, lport, fib); 11794130ea61SMark Johnston } 11804130ea61SMark Johnston } 11814130ea61SMark Johnston return (inp); 11824130ea61SMark Johnston } 11834130ea61SMark Johnston 1184fa046d87SRobert Watson static struct inpcb * 11857b92493aSMark Johnston in6_pcblookup_hash(struct inpcbinfo *pcbinfo, const struct in6_addr *faddr, 11867b92493aSMark Johnston u_int fport, const struct in6_addr *laddr, u_int lport, int lookupflags, 1187*da806e8dSMark Johnston uint8_t numa_domain, int fib) 1188fa046d87SRobert Watson { 1189fa046d87SRobert Watson struct inpcb *inp; 11907b92493aSMark Johnston const inp_lookup_t lockflags = lookupflags & INPLOOKUP_LOCKMASK; 11917b92493aSMark Johnston 11927b92493aSMark Johnston KASSERT((lookupflags & (INPLOOKUP_RLOCKPCB | INPLOOKUP_WLOCKPCB)) != 0, 11937b92493aSMark Johnston ("%s: LOCKPCB not set", __func__)); 11947b92493aSMark Johnston 11957b92493aSMark Johnston INP_HASH_WLOCK(pcbinfo); 11967b92493aSMark Johnston inp = in6_pcblookup_hash_locked(pcbinfo, faddr, fport, laddr, lport, 1197*da806e8dSMark Johnston lookupflags & ~INPLOOKUP_LOCKMASK, numa_domain, fib); 11987b92493aSMark Johnston if (inp != NULL && !inp_trylock(inp, lockflags)) { 11997b92493aSMark Johnston in_pcbref(inp); 12007b92493aSMark Johnston INP_HASH_WUNLOCK(pcbinfo); 12017b92493aSMark Johnston inp_lock(inp, lockflags); 12027b92493aSMark Johnston if (in_pcbrele(inp, lockflags)) 12037b92493aSMark Johnston /* XXX-MJ or retry until we get a negative match? */ 12047b92493aSMark Johnston inp = NULL; 12057b92493aSMark Johnston } else { 12067b92493aSMark Johnston INP_HASH_WUNLOCK(pcbinfo); 12077b92493aSMark Johnston } 12087b92493aSMark Johnston return (inp); 12097b92493aSMark Johnston } 12107b92493aSMark Johnston 12117b92493aSMark Johnston static struct inpcb * 121252ef944bSMark Johnston in6_pcblookup_hash_smr(struct inpcbinfo *pcbinfo, const struct in6_addr *faddr, 121352ef944bSMark Johnston u_int fport_arg, const struct in6_addr *laddr, u_int lport_arg, 1214*da806e8dSMark Johnston int lookupflags, uint8_t numa_domain, int fib) 12157b92493aSMark Johnston { 12167b92493aSMark Johnston struct inpcb *inp; 12177b92493aSMark Johnston const inp_lookup_t lockflags = lookupflags & INPLOOKUP_LOCKMASK; 12187b92493aSMark Johnston const u_short fport = fport_arg, lport = lport_arg; 1219fa046d87SRobert Watson 1220675e2618SMark Johnston KASSERT((lookupflags & ~INPLOOKUP_MASK) == 0, 1221675e2618SMark Johnston ("%s: invalid lookup flags %d", __func__, lookupflags)); 1222675e2618SMark Johnston KASSERT((lookupflags & (INPLOOKUP_RLOCKPCB | INPLOOKUP_WLOCKPCB)) != 0, 1223675e2618SMark Johnston ("%s: LOCKPCB not set", __func__)); 1224675e2618SMark Johnston 1225db0ac6deSCy Schubert smr_enter(pcbinfo->ipi_smr); 12267b92493aSMark Johnston inp = in6_pcblookup_hash_exact(pcbinfo, faddr, fport, laddr, lport); 1227fa046d87SRobert Watson if (inp != NULL) { 12287b92493aSMark Johnston if (__predict_true(inp_smr_lock(inp, lockflags))) { 12297b92493aSMark Johnston if (__predict_true(in6_pcblookup_exact_match(inp, 12307b92493aSMark Johnston faddr, fport, laddr, lport))) 12317b92493aSMark Johnston return (inp); 12327b92493aSMark Johnston inp_unlock(inp, lockflags); 12337b92493aSMark Johnston } 12347b92493aSMark Johnston /* 12357b92493aSMark Johnston * We failed to lock the inpcb, or its connection state changed 12367b92493aSMark Johnston * out from under us. Fall back to a precise search. 12377b92493aSMark Johnston */ 12387b92493aSMark Johnston return (in6_pcblookup_hash(pcbinfo, faddr, fport, laddr, lport, 1239*da806e8dSMark Johnston lookupflags, numa_domain, fib)); 12407b92493aSMark Johnston } 12417b92493aSMark Johnston 12427b92493aSMark Johnston if ((lookupflags & INPLOOKUP_WILDCARD) != 0) { 12437b92493aSMark Johnston inp = in6_pcblookup_lbgroup(pcbinfo, faddr, fport, 1244*da806e8dSMark Johnston laddr, lport, numa_domain, fib); 12457b92493aSMark Johnston if (inp != NULL) { 12467b92493aSMark Johnston if (__predict_true(inp_smr_lock(inp, lockflags))) { 12477b92493aSMark Johnston if (__predict_true(in6_pcblookup_wild_match(inp, 1248*da806e8dSMark Johnston laddr, lport, fib) != INPLOOKUP_MATCH_NONE)) 12497b92493aSMark Johnston return (inp); 12507b92493aSMark Johnston inp_unlock(inp, lockflags); 12517b92493aSMark Johnston } 12527b92493aSMark Johnston inp = INP_LOOKUP_AGAIN; 12537b92493aSMark Johnston } else { 125421d7ac8cSMark Johnston inp = in6_pcblookup_hash_wild_smr(pcbinfo, laddr, lport, 1255*da806e8dSMark Johnston fib, lockflags); 12567b92493aSMark Johnston } 12577b92493aSMark Johnston if (inp == INP_LOOKUP_AGAIN) { 12587b92493aSMark Johnston return (in6_pcblookup_hash(pcbinfo, faddr, fport, laddr, 1259*da806e8dSMark Johnston lport, lookupflags, numa_domain, fib)); 12607b92493aSMark Johnston } 12617b92493aSMark Johnston } 12627b92493aSMark Johnston 12637b92493aSMark Johnston if (inp == NULL) 1264db0ac6deSCy Schubert smr_exit(pcbinfo->ipi_smr); 1265db0ac6deSCy Schubert 1266fa046d87SRobert Watson return (inp); 1267fa046d87SRobert Watson } 1268fa046d87SRobert Watson 1269fa046d87SRobert Watson /* 1270d3c1f003SRobert Watson * Public inpcb lookup routines, accepting a 4-tuple, and optionally, an mbuf 1271d3c1f003SRobert Watson * from which a pre-calculated hash value may be extracted. 1272fa046d87SRobert Watson */ 1273fa046d87SRobert Watson struct inpcb * 127452ef944bSMark Johnston in6_pcblookup(struct inpcbinfo *pcbinfo, const struct in6_addr *faddr, 127552ef944bSMark Johnston u_int fport, const struct in6_addr *laddr, u_int lport, int lookupflags, 1276*da806e8dSMark Johnston struct ifnet *ifp) 1277fa046d87SRobert Watson { 1278*da806e8dSMark Johnston int fib; 1279*da806e8dSMark Johnston 1280*da806e8dSMark Johnston fib = (lookupflags & INPLOOKUP_FIB) ? if_getfib(ifp) : RT_ALL_FIBS; 12814130ea61SMark Johnston return (in6_pcblookup_hash_smr(pcbinfo, faddr, fport, laddr, lport, 1282*da806e8dSMark Johnston lookupflags, M_NODOM, fib)); 1283d3c1f003SRobert Watson } 1284d3c1f003SRobert Watson 1285d3c1f003SRobert Watson struct inpcb * 128652ef944bSMark Johnston in6_pcblookup_mbuf(struct inpcbinfo *pcbinfo, const struct in6_addr *faddr, 128752ef944bSMark Johnston u_int fport, const struct in6_addr *laddr, u_int lport, int lookupflags, 12884130ea61SMark Johnston struct ifnet *ifp __unused, struct mbuf *m) 1289d3c1f003SRobert Watson { 1290*da806e8dSMark Johnston int fib; 1291*da806e8dSMark Johnston 1292*da806e8dSMark Johnston M_ASSERTPKTHDR(m); 1293*da806e8dSMark Johnston fib = (lookupflags & INPLOOKUP_FIB) ? M_GETFIB(m) : RT_ALL_FIBS; 12944130ea61SMark Johnston return (in6_pcblookup_hash_smr(pcbinfo, faddr, fport, laddr, lport, 1295*da806e8dSMark Johnston lookupflags, m->m_pkthdr.numa_domain, fib)); 1296fa046d87SRobert Watson } 1297fa046d87SRobert Watson 129882cd038dSYoshinobu Inoue void 1299dce33a45SErmal Luçi init_sin6(struct sockaddr_in6 *sin6, struct mbuf *m, int srcordst) 130082cd038dSYoshinobu Inoue { 130182cd038dSYoshinobu Inoue struct ip6_hdr *ip; 130282cd038dSYoshinobu Inoue 130382cd038dSYoshinobu Inoue ip = mtod(m, struct ip6_hdr *); 130482cd038dSYoshinobu Inoue bzero(sin6, sizeof(*sin6)); 130582cd038dSYoshinobu Inoue sin6->sin6_len = sizeof(*sin6); 130682cd038dSYoshinobu Inoue sin6->sin6_family = AF_INET6; 1307dce33a45SErmal Luçi sin6->sin6_addr = srcordst ? ip->ip6_dst : ip->ip6_src; 1308a1f7e5f8SHajimu UMEMOTO 1309a1f7e5f8SHajimu UMEMOTO (void)sa6_recoverscope(sin6); /* XXX: should catch errors... */ 131082cd038dSYoshinobu Inoue 131182cd038dSYoshinobu Inoue return; 131282cd038dSYoshinobu Inoue } 1313