1 /* $FreeBSD$ */ 2 /* $KAME: in6_src.c,v 1.132 2003/08/26 04:42:27 keiichi Exp $ */ 3 4 /*- 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /*- 34 * Copyright (c) 1982, 1986, 1991, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 4. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 * 61 * @(#)in_pcb.c 8.2 (Berkeley) 1/4/94 62 */ 63 64 #include "opt_inet.h" 65 #include "opt_inet6.h" 66 67 #include <sys/param.h> 68 #include <sys/systm.h> 69 #include <sys/malloc.h> 70 #include <sys/mbuf.h> 71 #include <sys/priv.h> 72 #include <sys/protosw.h> 73 #include <sys/socket.h> 74 #include <sys/socketvar.h> 75 #include <sys/sockio.h> 76 #include <sys/sysctl.h> 77 #include <sys/errno.h> 78 #include <sys/time.h> 79 #include <sys/kernel.h> 80 #include <sys/sx.h> 81 82 #include <net/if.h> 83 #include <net/route.h> 84 85 #include <netinet/in.h> 86 #include <netinet/in_var.h> 87 #include <netinet/in_systm.h> 88 #include <netinet/ip.h> 89 #include <netinet/in_pcb.h> 90 #include <netinet6/in6_var.h> 91 #include <netinet/ip6.h> 92 #include <netinet6/in6_pcb.h> 93 #include <netinet6/ip6_var.h> 94 #include <netinet6/scope6_var.h> 95 #include <netinet6/nd6.h> 96 97 static struct mtx addrsel_lock; 98 #define ADDRSEL_LOCK_INIT() mtx_init(&addrsel_lock, "addrsel_lock", NULL, MTX_DEF) 99 #define ADDRSEL_LOCK() mtx_lock(&addrsel_lock) 100 #define ADDRSEL_UNLOCK() mtx_unlock(&addrsel_lock) 101 #define ADDRSEL_LOCK_ASSERT() mtx_assert(&addrsel_lock, MA_OWNED) 102 103 static struct sx addrsel_sxlock; 104 #define ADDRSEL_SXLOCK_INIT() sx_init(&addrsel_sxlock, "addrsel_sxlock") 105 #define ADDRSEL_SLOCK() sx_slock(&addrsel_sxlock) 106 #define ADDRSEL_SUNLOCK() sx_sunlock(&addrsel_sxlock) 107 #define ADDRSEL_XLOCK() sx_xlock(&addrsel_sxlock) 108 #define ADDRSEL_XUNLOCK() sx_xunlock(&addrsel_sxlock) 109 110 #define ADDR_LABEL_NOTAPP (-1) 111 struct in6_addrpolicy defaultaddrpolicy; 112 113 int ip6_prefer_tempaddr = 0; 114 115 static int selectroute __P((struct sockaddr_in6 *, struct ip6_pktopts *, 116 struct ip6_moptions *, struct route_in6 *, struct ifnet **, 117 struct rtentry **, int, int)); 118 static int in6_selectif __P((struct sockaddr_in6 *, struct ip6_pktopts *, 119 struct ip6_moptions *, struct route_in6 *ro, struct ifnet **)); 120 121 static struct in6_addrpolicy *lookup_addrsel_policy __P((struct sockaddr_in6 *)); 122 123 static void init_policy_queue __P((void)); 124 static int add_addrsel_policyent __P((struct in6_addrpolicy *)); 125 static int delete_addrsel_policyent __P((struct in6_addrpolicy *)); 126 static int walk_addrsel_policy __P((int (*)(struct in6_addrpolicy *, void *), 127 void *)); 128 static int dump_addrsel_policyent __P((struct in6_addrpolicy *, void *)); 129 static struct in6_addrpolicy *match_addrsel_policy __P((struct sockaddr_in6 *)); 130 131 /* 132 * Return an IPv6 address, which is the most appropriate for a given 133 * destination and user specified options. 134 * If necessary, this function lookups the routing table and returns 135 * an entry to the caller for later use. 136 */ 137 #define REPLACE(r) do {\ 138 if ((r) < sizeof(ip6stat.ip6s_sources_rule) / \ 139 sizeof(ip6stat.ip6s_sources_rule[0])) /* check for safety */ \ 140 ip6stat.ip6s_sources_rule[(r)]++; \ 141 /* printf("in6_selectsrc: replace %s with %s by %d\n", ia_best ? ip6_sprintf(&ia_best->ia_addr.sin6_addr) : "none", ip6_sprintf(&ia->ia_addr.sin6_addr), (r)); */ \ 142 goto replace; \ 143 } while(0) 144 #define NEXT(r) do {\ 145 if ((r) < sizeof(ip6stat.ip6s_sources_rule) / \ 146 sizeof(ip6stat.ip6s_sources_rule[0])) /* check for safety */ \ 147 ip6stat.ip6s_sources_rule[(r)]++; \ 148 /* printf("in6_selectsrc: keep %s against %s by %d\n", ia_best ? ip6_sprintf(&ia_best->ia_addr.sin6_addr) : "none", ip6_sprintf(&ia->ia_addr.sin6_addr), (r)); */ \ 149 goto next; /* XXX: we can't use 'continue' here */ \ 150 } while(0) 151 #define BREAK(r) do { \ 152 if ((r) < sizeof(ip6stat.ip6s_sources_rule) / \ 153 sizeof(ip6stat.ip6s_sources_rule[0])) /* check for safety */ \ 154 ip6stat.ip6s_sources_rule[(r)]++; \ 155 goto out; /* XXX: we can't use 'break' here */ \ 156 } while(0) 157 158 struct in6_addr * 159 in6_selectsrc(dstsock, opts, mopts, ro, laddr, ifpp, errorp) 160 struct sockaddr_in6 *dstsock; 161 struct ip6_pktopts *opts; 162 struct ip6_moptions *mopts; 163 struct route_in6 *ro; 164 struct in6_addr *laddr; 165 struct ifnet **ifpp; 166 int *errorp; 167 { 168 struct in6_addr dst; 169 struct ifnet *ifp = NULL; 170 struct in6_ifaddr *ia = NULL, *ia_best = NULL; 171 struct in6_pktinfo *pi = NULL; 172 int dst_scope = -1, best_scope = -1, best_matchlen = -1; 173 struct in6_addrpolicy *dst_policy = NULL, *best_policy = NULL; 174 u_int32_t odstzone; 175 int prefer_tempaddr; 176 177 dst = dstsock->sin6_addr; /* make a copy for local operation */ 178 *errorp = 0; 179 if (ifpp) 180 *ifpp = NULL; 181 182 /* 183 * If the source address is explicitly specified by the caller, 184 * check if the requested source address is indeed a unicast address 185 * assigned to the node, and can be used as the packet's source 186 * address. If everything is okay, use the address as source. 187 */ 188 if (opts && (pi = opts->ip6po_pktinfo) && 189 !IN6_IS_ADDR_UNSPECIFIED(&pi->ipi6_addr)) { 190 struct sockaddr_in6 srcsock; 191 struct in6_ifaddr *ia6; 192 193 /* get the outgoing interface */ 194 if ((*errorp = in6_selectif(dstsock, opts, mopts, ro, &ifp)) 195 != 0) { 196 return (NULL); 197 } 198 199 /* 200 * determine the appropriate zone id of the source based on 201 * the zone of the destination and the outgoing interface. 202 * If the specified address is ambiguous wrt the scope zone, 203 * the interface must be specified; otherwise, ifa_ifwithaddr() 204 * will fail matching the address. 205 */ 206 bzero(&srcsock, sizeof(srcsock)); 207 srcsock.sin6_family = AF_INET6; 208 srcsock.sin6_len = sizeof(srcsock); 209 srcsock.sin6_addr = pi->ipi6_addr; 210 if (ifp) { 211 *errorp = in6_setscope(&srcsock.sin6_addr, ifp, NULL); 212 if (*errorp != 0) 213 return (NULL); 214 } 215 216 ia6 = (struct in6_ifaddr *)ifa_ifwithaddr((struct sockaddr *)(&srcsock)); 217 if (ia6 == NULL || 218 (ia6->ia6_flags & (IN6_IFF_ANYCAST | IN6_IFF_NOTREADY))) { 219 *errorp = EADDRNOTAVAIL; 220 return (NULL); 221 } 222 pi->ipi6_addr = srcsock.sin6_addr; /* XXX: this overrides pi */ 223 if (ifpp) 224 *ifpp = ifp; 225 return (&ia6->ia_addr.sin6_addr); 226 } 227 228 /* 229 * Otherwise, if the socket has already bound the source, just use it. 230 */ 231 if (laddr && !IN6_IS_ADDR_UNSPECIFIED(laddr)) 232 return (laddr); 233 234 /* 235 * If the address is not specified, choose the best one based on 236 * the outgoing interface and the destination address. 237 */ 238 /* get the outgoing interface */ 239 if ((*errorp = in6_selectif(dstsock, opts, mopts, ro, &ifp)) != 0) 240 return (NULL); 241 242 #ifdef DIAGNOSTIC 243 if (ifp == NULL) /* this should not happen */ 244 panic("in6_selectsrc: NULL ifp"); 245 #endif 246 *errorp = in6_setscope(&dst, ifp, &odstzone); 247 if (*errorp != 0) 248 return (NULL); 249 250 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 251 int new_scope = -1, new_matchlen = -1; 252 struct in6_addrpolicy *new_policy = NULL; 253 u_int32_t srczone, osrczone, dstzone; 254 struct in6_addr src; 255 struct ifnet *ifp1 = ia->ia_ifp; 256 257 /* 258 * We'll never take an address that breaks the scope zone 259 * of the destination. We also skip an address if its zone 260 * does not contain the outgoing interface. 261 * XXX: we should probably use sin6_scope_id here. 262 */ 263 if (in6_setscope(&dst, ifp1, &dstzone) || 264 odstzone != dstzone) { 265 continue; 266 } 267 src = ia->ia_addr.sin6_addr; 268 if (in6_setscope(&src, ifp, &osrczone) || 269 in6_setscope(&src, ifp1, &srczone) || 270 osrczone != srczone) { 271 continue; 272 } 273 274 /* avoid unusable addresses */ 275 if ((ia->ia6_flags & 276 (IN6_IFF_NOTREADY | IN6_IFF_ANYCAST | IN6_IFF_DETACHED))) { 277 continue; 278 } 279 if (!ip6_use_deprecated && IFA6_IS_DEPRECATED(ia)) 280 continue; 281 282 /* Rule 1: Prefer same address */ 283 if (IN6_ARE_ADDR_EQUAL(&dst, &ia->ia_addr.sin6_addr)) { 284 ia_best = ia; 285 BREAK(1); /* there should be no better candidate */ 286 } 287 288 if (ia_best == NULL) 289 REPLACE(0); 290 291 /* Rule 2: Prefer appropriate scope */ 292 if (dst_scope < 0) 293 dst_scope = in6_addrscope(&dst); 294 new_scope = in6_addrscope(&ia->ia_addr.sin6_addr); 295 if (IN6_ARE_SCOPE_CMP(best_scope, new_scope) < 0) { 296 if (IN6_ARE_SCOPE_CMP(best_scope, dst_scope) < 0) 297 REPLACE(2); 298 NEXT(2); 299 } else if (IN6_ARE_SCOPE_CMP(new_scope, best_scope) < 0) { 300 if (IN6_ARE_SCOPE_CMP(new_scope, dst_scope) < 0) 301 NEXT(2); 302 REPLACE(2); 303 } 304 305 /* 306 * Rule 3: Avoid deprecated addresses. Note that the case of 307 * !ip6_use_deprecated is already rejected above. 308 */ 309 if (!IFA6_IS_DEPRECATED(ia_best) && IFA6_IS_DEPRECATED(ia)) 310 NEXT(3); 311 if (IFA6_IS_DEPRECATED(ia_best) && !IFA6_IS_DEPRECATED(ia)) 312 REPLACE(3); 313 314 /* Rule 4: Prefer home addresses */ 315 /* 316 * XXX: This is a TODO. We should probably merge the MIP6 317 * case above. 318 */ 319 320 /* Rule 5: Prefer outgoing interface */ 321 if (ia_best->ia_ifp == ifp && ia->ia_ifp != ifp) 322 NEXT(5); 323 if (ia_best->ia_ifp != ifp && ia->ia_ifp == ifp) 324 REPLACE(5); 325 326 /* 327 * Rule 6: Prefer matching label 328 * Note that best_policy should be non-NULL here. 329 */ 330 if (dst_policy == NULL) 331 dst_policy = lookup_addrsel_policy(dstsock); 332 if (dst_policy->label != ADDR_LABEL_NOTAPP) { 333 new_policy = lookup_addrsel_policy(&ia->ia_addr); 334 if (dst_policy->label == best_policy->label && 335 dst_policy->label != new_policy->label) 336 NEXT(6); 337 if (dst_policy->label != best_policy->label && 338 dst_policy->label == new_policy->label) 339 REPLACE(6); 340 } 341 342 /* 343 * Rule 7: Prefer public addresses. 344 * We allow users to reverse the logic by configuring 345 * a sysctl variable, so that privacy conscious users can 346 * always prefer temporary addresses. 347 */ 348 if (opts == NULL || 349 opts->ip6po_prefer_tempaddr == IP6PO_TEMPADDR_SYSTEM) { 350 prefer_tempaddr = ip6_prefer_tempaddr; 351 } else if (opts->ip6po_prefer_tempaddr == 352 IP6PO_TEMPADDR_NOTPREFER) { 353 prefer_tempaddr = 0; 354 } else 355 prefer_tempaddr = 1; 356 if (!(ia_best->ia6_flags & IN6_IFF_TEMPORARY) && 357 (ia->ia6_flags & IN6_IFF_TEMPORARY)) { 358 if (prefer_tempaddr) 359 REPLACE(7); 360 else 361 NEXT(7); 362 } 363 if ((ia_best->ia6_flags & IN6_IFF_TEMPORARY) && 364 !(ia->ia6_flags & IN6_IFF_TEMPORARY)) { 365 if (prefer_tempaddr) 366 NEXT(7); 367 else 368 REPLACE(7); 369 } 370 371 /* 372 * Rule 8: prefer addresses on alive interfaces. 373 * This is a KAME specific rule. 374 */ 375 if ((ia_best->ia_ifp->if_flags & IFF_UP) && 376 !(ia->ia_ifp->if_flags & IFF_UP)) 377 NEXT(8); 378 if (!(ia_best->ia_ifp->if_flags & IFF_UP) && 379 (ia->ia_ifp->if_flags & IFF_UP)) 380 REPLACE(8); 381 382 /* 383 * Rule 14: Use longest matching prefix. 384 * Note: in the address selection draft, this rule is 385 * documented as "Rule 8". However, since it is also 386 * documented that this rule can be overridden, we assign 387 * a large number so that it is easy to assign smaller numbers 388 * to more preferred rules. 389 */ 390 new_matchlen = in6_matchlen(&ia->ia_addr.sin6_addr, &dst); 391 if (best_matchlen < new_matchlen) 392 REPLACE(14); 393 if (new_matchlen < best_matchlen) 394 NEXT(14); 395 396 /* Rule 15 is reserved. */ 397 398 /* 399 * Last resort: just keep the current candidate. 400 * Or, do we need more rules? 401 */ 402 continue; 403 404 replace: 405 ia_best = ia; 406 best_scope = (new_scope >= 0 ? new_scope : 407 in6_addrscope(&ia_best->ia_addr.sin6_addr)); 408 best_policy = (new_policy ? new_policy : 409 lookup_addrsel_policy(&ia_best->ia_addr)); 410 best_matchlen = (new_matchlen >= 0 ? new_matchlen : 411 in6_matchlen(&ia_best->ia_addr.sin6_addr, 412 &dst)); 413 414 next: 415 continue; 416 417 out: 418 break; 419 } 420 421 if ((ia = ia_best) == NULL) { 422 *errorp = EADDRNOTAVAIL; 423 return (NULL); 424 } 425 426 if (ifpp) 427 *ifpp = ifp; 428 429 return (&ia->ia_addr.sin6_addr); 430 } 431 432 static int 433 selectroute(dstsock, opts, mopts, ro, retifp, retrt, clone, norouteok) 434 struct sockaddr_in6 *dstsock; 435 struct ip6_pktopts *opts; 436 struct ip6_moptions *mopts; 437 struct route_in6 *ro; 438 struct ifnet **retifp; 439 struct rtentry **retrt; 440 int clone; /* meaningful only for bsdi and freebsd. */ 441 int norouteok; 442 { 443 int error = 0; 444 struct ifnet *ifp = NULL; 445 struct rtentry *rt = NULL; 446 struct sockaddr_in6 *sin6_next; 447 struct in6_pktinfo *pi = NULL; 448 struct in6_addr *dst = &dstsock->sin6_addr; 449 #if 0 450 char ip6buf[INET6_ADDRSTRLEN]; 451 452 if (dstsock->sin6_addr.s6_addr32[0] == 0 && 453 dstsock->sin6_addr.s6_addr32[1] == 0 && 454 !IN6_IS_ADDR_LOOPBACK(&dstsock->sin6_addr)) { 455 printf("in6_selectroute: strange destination %s\n", 456 ip6_sprintf(ip6buf, &dstsock->sin6_addr)); 457 } else { 458 printf("in6_selectroute: destination = %s%%%d\n", 459 ip6_sprintf(ip6buf, &dstsock->sin6_addr), 460 dstsock->sin6_scope_id); /* for debug */ 461 } 462 #endif 463 464 /* If the caller specify the outgoing interface explicitly, use it. */ 465 if (opts && (pi = opts->ip6po_pktinfo) != NULL && pi->ipi6_ifindex) { 466 /* XXX boundary check is assumed to be already done. */ 467 ifp = ifnet_byindex(pi->ipi6_ifindex); 468 if (ifp != NULL && 469 (norouteok || retrt == NULL || 470 IN6_IS_ADDR_MULTICAST(dst))) { 471 /* 472 * we do not have to check or get the route for 473 * multicast. 474 */ 475 goto done; 476 } else 477 goto getroute; 478 } 479 480 /* 481 * If the destination address is a multicast address and the outgoing 482 * interface for the address is specified by the caller, use it. 483 */ 484 if (IN6_IS_ADDR_MULTICAST(dst) && 485 mopts != NULL && (ifp = mopts->im6o_multicast_ifp) != NULL) { 486 goto done; /* we do not need a route for multicast. */ 487 } 488 489 getroute: 490 /* 491 * If the next hop address for the packet is specified by the caller, 492 * use it as the gateway. 493 */ 494 if (opts && opts->ip6po_nexthop) { 495 struct route_in6 *ron; 496 497 sin6_next = satosin6(opts->ip6po_nexthop); 498 499 /* at this moment, we only support AF_INET6 next hops */ 500 if (sin6_next->sin6_family != AF_INET6) { 501 error = EAFNOSUPPORT; /* or should we proceed? */ 502 goto done; 503 } 504 505 /* 506 * If the next hop is an IPv6 address, then the node identified 507 * by that address must be a neighbor of the sending host. 508 */ 509 ron = &opts->ip6po_nextroute; 510 if ((ron->ro_rt && 511 (ron->ro_rt->rt_flags & (RTF_UP | RTF_LLINFO)) != 512 (RTF_UP | RTF_LLINFO)) || 513 !IN6_ARE_ADDR_EQUAL(&satosin6(&ron->ro_dst)->sin6_addr, 514 &sin6_next->sin6_addr)) { 515 if (ron->ro_rt) { 516 RTFREE(ron->ro_rt); 517 ron->ro_rt = NULL; 518 } 519 *satosin6(&ron->ro_dst) = *sin6_next; 520 } 521 if (ron->ro_rt == NULL) { 522 rtalloc((struct route *)ron); /* multi path case? */ 523 if (ron->ro_rt == NULL || 524 !(ron->ro_rt->rt_flags & RTF_LLINFO)) { 525 if (ron->ro_rt) { 526 RTFREE(ron->ro_rt); 527 ron->ro_rt = NULL; 528 } 529 error = EHOSTUNREACH; 530 goto done; 531 } 532 } 533 rt = ron->ro_rt; 534 ifp = rt->rt_ifp; 535 536 /* 537 * When cloning is required, try to allocate a route to the 538 * destination so that the caller can store path MTU 539 * information. 540 */ 541 if (!clone) 542 goto done; 543 } 544 545 /* 546 * Use a cached route if it exists and is valid, else try to allocate 547 * a new one. Note that we should check the address family of the 548 * cached destination, in case of sharing the cache with IPv4. 549 */ 550 if (ro) { 551 if (ro->ro_rt && 552 (!(ro->ro_rt->rt_flags & RTF_UP) || 553 ((struct sockaddr *)(&ro->ro_dst))->sa_family != AF_INET6 || 554 !IN6_ARE_ADDR_EQUAL(&satosin6(&ro->ro_dst)->sin6_addr, 555 dst))) { 556 RTFREE(ro->ro_rt); 557 ro->ro_rt = (struct rtentry *)NULL; 558 } 559 if (ro->ro_rt == (struct rtentry *)NULL) { 560 struct sockaddr_in6 *sa6; 561 562 /* No route yet, so try to acquire one */ 563 bzero(&ro->ro_dst, sizeof(struct sockaddr_in6)); 564 sa6 = (struct sockaddr_in6 *)&ro->ro_dst; 565 *sa6 = *dstsock; 566 sa6->sin6_scope_id = 0; 567 568 if (clone) { 569 rtalloc((struct route *)ro); 570 } else { 571 ro->ro_rt = rtalloc1(&((struct route *)ro) 572 ->ro_dst, 0, 0UL); 573 if (ro->ro_rt) 574 RT_UNLOCK(ro->ro_rt); 575 } 576 } 577 578 /* 579 * do not care about the result if we have the nexthop 580 * explicitly specified. 581 */ 582 if (opts && opts->ip6po_nexthop) 583 goto done; 584 585 if (ro->ro_rt) { 586 ifp = ro->ro_rt->rt_ifp; 587 588 if (ifp == NULL) { /* can this really happen? */ 589 RTFREE(ro->ro_rt); 590 ro->ro_rt = NULL; 591 } 592 } 593 if (ro->ro_rt == NULL) 594 error = EHOSTUNREACH; 595 rt = ro->ro_rt; 596 597 /* 598 * Check if the outgoing interface conflicts with 599 * the interface specified by ipi6_ifindex (if specified). 600 * Note that loopback interface is always okay. 601 * (this may happen when we are sending a packet to one of 602 * our own addresses.) 603 */ 604 if (ifp && opts && opts->ip6po_pktinfo && 605 opts->ip6po_pktinfo->ipi6_ifindex) { 606 if (!(ifp->if_flags & IFF_LOOPBACK) && 607 ifp->if_index != 608 opts->ip6po_pktinfo->ipi6_ifindex) { 609 error = EHOSTUNREACH; 610 goto done; 611 } 612 } 613 } 614 615 done: 616 if (ifp == NULL && rt == NULL) { 617 /* 618 * This can happen if the caller did not pass a cached route 619 * nor any other hints. We treat this case an error. 620 */ 621 error = EHOSTUNREACH; 622 } 623 if (error == EHOSTUNREACH) 624 ip6stat.ip6s_noroute++; 625 626 if (retifp != NULL) 627 *retifp = ifp; 628 if (retrt != NULL) 629 *retrt = rt; /* rt may be NULL */ 630 631 return (error); 632 } 633 634 static int 635 in6_selectif(dstsock, opts, mopts, ro, retifp) 636 struct sockaddr_in6 *dstsock; 637 struct ip6_pktopts *opts; 638 struct ip6_moptions *mopts; 639 struct route_in6 *ro; 640 struct ifnet **retifp; 641 { 642 int error; 643 struct route_in6 sro; 644 struct rtentry *rt = NULL; 645 646 if (ro == NULL) { 647 bzero(&sro, sizeof(sro)); 648 ro = &sro; 649 } 650 651 if ((error = selectroute(dstsock, opts, mopts, ro, retifp, 652 &rt, 0, 1)) != 0) { 653 if (ro == &sro && rt && rt == sro.ro_rt) 654 RTFREE(rt); 655 return (error); 656 } 657 658 /* 659 * do not use a rejected or black hole route. 660 * XXX: this check should be done in the L2 output routine. 661 * However, if we skipped this check here, we'd see the following 662 * scenario: 663 * - install a rejected route for a scoped address prefix 664 * (like fe80::/10) 665 * - send a packet to a destination that matches the scoped prefix, 666 * with ambiguity about the scope zone. 667 * - pick the outgoing interface from the route, and disambiguate the 668 * scope zone with the interface. 669 * - ip6_output() would try to get another route with the "new" 670 * destination, which may be valid. 671 * - we'd see no error on output. 672 * Although this may not be very harmful, it should still be confusing. 673 * We thus reject the case here. 674 */ 675 if (rt && (rt->rt_flags & (RTF_REJECT | RTF_BLACKHOLE))) { 676 int flags = (rt->rt_flags & RTF_HOST ? EHOSTUNREACH : ENETUNREACH); 677 678 if (ro == &sro && rt && rt == sro.ro_rt) 679 RTFREE(rt); 680 return (flags); 681 } 682 683 /* 684 * Adjust the "outgoing" interface. If we're going to loop the packet 685 * back to ourselves, the ifp would be the loopback interface. 686 * However, we'd rather know the interface associated to the 687 * destination address (which should probably be one of our own 688 * addresses.) 689 */ 690 if (rt && rt->rt_ifa && rt->rt_ifa->ifa_ifp) 691 *retifp = rt->rt_ifa->ifa_ifp; 692 693 if (ro == &sro && rt && rt == sro.ro_rt) 694 RTFREE(rt); 695 return (0); 696 } 697 698 int 699 in6_selectroute(dstsock, opts, mopts, ro, retifp, retrt, clone) 700 struct sockaddr_in6 *dstsock; 701 struct ip6_pktopts *opts; 702 struct ip6_moptions *mopts; 703 struct route_in6 *ro; 704 struct ifnet **retifp; 705 struct rtentry **retrt; 706 int clone; /* meaningful only for bsdi and freebsd. */ 707 { 708 return (selectroute(dstsock, opts, mopts, ro, retifp, 709 retrt, clone, 0)); 710 } 711 712 /* 713 * Default hop limit selection. The precedence is as follows: 714 * 1. Hoplimit value specified via ioctl. 715 * 2. (If the outgoing interface is detected) the current 716 * hop limit of the interface specified by router advertisement. 717 * 3. The system default hoplimit. 718 */ 719 int 720 in6_selecthlim(in6p, ifp) 721 struct in6pcb *in6p; 722 struct ifnet *ifp; 723 { 724 if (in6p && in6p->in6p_hops >= 0) 725 return (in6p->in6p_hops); 726 else if (ifp) 727 return (ND_IFINFO(ifp)->chlim); 728 else if (in6p && !IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) { 729 struct route_in6 ro6; 730 struct ifnet *lifp; 731 732 bzero(&ro6, sizeof(ro6)); 733 ro6.ro_dst.sin6_family = AF_INET6; 734 ro6.ro_dst.sin6_len = sizeof(struct sockaddr_in6); 735 ro6.ro_dst.sin6_addr = in6p->in6p_faddr; 736 rtalloc((struct route *)&ro6); 737 if (ro6.ro_rt) { 738 lifp = ro6.ro_rt->rt_ifp; 739 RTFREE(ro6.ro_rt); 740 if (lifp) 741 return (ND_IFINFO(lifp)->chlim); 742 } else 743 return (ip6_defhlim); 744 } 745 return (ip6_defhlim); 746 } 747 748 /* 749 * XXX: this is borrowed from in6_pcbbind(). If possible, we should 750 * share this function by all *bsd*... 751 */ 752 int 753 in6_pcbsetport(laddr, inp, cred) 754 struct in6_addr *laddr; 755 struct inpcb *inp; 756 struct ucred *cred; 757 { 758 struct socket *so = inp->inp_socket; 759 u_int16_t lport = 0, first, last, *lastport; 760 int count, error = 0, wild = 0; 761 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 762 763 INP_INFO_WLOCK_ASSERT(pcbinfo); 764 INP_LOCK_ASSERT(inp); 765 766 /* XXX: this is redundant when called from in6_pcbbind */ 767 if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0) 768 wild = INPLOOKUP_WILDCARD; 769 770 inp->inp_flags |= INP_ANONPORT; 771 772 if (inp->inp_flags & INP_HIGHPORT) { 773 first = ipport_hifirstauto; /* sysctl */ 774 last = ipport_hilastauto; 775 lastport = &pcbinfo->lasthi; 776 } else if (inp->inp_flags & INP_LOWPORT) { 777 error = priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT, 778 SUSER_ALLOWJAIL); 779 if (error) 780 return error; 781 first = ipport_lowfirstauto; /* 1023 */ 782 last = ipport_lowlastauto; /* 600 */ 783 lastport = &pcbinfo->lastlow; 784 } else { 785 first = ipport_firstauto; /* sysctl */ 786 last = ipport_lastauto; 787 lastport = &pcbinfo->lastport; 788 } 789 /* 790 * Simple check to ensure all ports are not used up causing 791 * a deadlock here. 792 * 793 * We split the two cases (up and down) so that the direction 794 * is not being tested on each round of the loop. 795 */ 796 if (first > last) { 797 /* 798 * counting down 799 */ 800 count = first - last; 801 802 do { 803 if (count-- < 0) { /* completely used? */ 804 /* 805 * Undo any address bind that may have 806 * occurred above. 807 */ 808 inp->in6p_laddr = in6addr_any; 809 return (EAGAIN); 810 } 811 --*lastport; 812 if (*lastport > first || *lastport < last) 813 *lastport = first; 814 lport = htons(*lastport); 815 } while (in6_pcblookup_local(pcbinfo, &inp->in6p_laddr, 816 lport, wild)); 817 } else { 818 /* 819 * counting up 820 */ 821 count = last - first; 822 823 do { 824 if (count-- < 0) { /* completely used? */ 825 /* 826 * Undo any address bind that may have 827 * occurred above. 828 */ 829 inp->in6p_laddr = in6addr_any; 830 return (EAGAIN); 831 } 832 ++*lastport; 833 if (*lastport < first || *lastport > last) 834 *lastport = first; 835 lport = htons(*lastport); 836 } while (in6_pcblookup_local(pcbinfo, 837 &inp->in6p_laddr, lport, wild)); 838 } 839 840 inp->inp_lport = lport; 841 if (in_pcbinshash(inp) != 0) { 842 inp->in6p_laddr = in6addr_any; 843 inp->inp_lport = 0; 844 return (EAGAIN); 845 } 846 847 return (0); 848 } 849 850 void 851 addrsel_policy_init() 852 { 853 ADDRSEL_LOCK_INIT(); 854 ADDRSEL_SXLOCK_INIT(); 855 856 init_policy_queue(); 857 858 /* initialize the "last resort" policy */ 859 bzero(&defaultaddrpolicy, sizeof(defaultaddrpolicy)); 860 defaultaddrpolicy.label = ADDR_LABEL_NOTAPP; 861 } 862 863 static struct in6_addrpolicy * 864 lookup_addrsel_policy(key) 865 struct sockaddr_in6 *key; 866 { 867 struct in6_addrpolicy *match = NULL; 868 869 ADDRSEL_LOCK(); 870 match = match_addrsel_policy(key); 871 872 if (match == NULL) 873 match = &defaultaddrpolicy; 874 else 875 match->use++; 876 ADDRSEL_UNLOCK(); 877 878 return (match); 879 } 880 881 /* 882 * Subroutines to manage the address selection policy table via sysctl. 883 */ 884 struct walkarg { 885 struct sysctl_req *w_req; 886 }; 887 888 static int in6_src_sysctl(SYSCTL_HANDLER_ARGS); 889 SYSCTL_DECL(_net_inet6_ip6); 890 SYSCTL_NODE(_net_inet6_ip6, IPV6CTL_ADDRCTLPOLICY, addrctlpolicy, 891 CTLFLAG_RD, in6_src_sysctl, ""); 892 893 static int 894 in6_src_sysctl(SYSCTL_HANDLER_ARGS) 895 { 896 struct walkarg w; 897 898 if (req->newptr) 899 return EPERM; 900 901 bzero(&w, sizeof(w)); 902 w.w_req = req; 903 904 return (walk_addrsel_policy(dump_addrsel_policyent, &w)); 905 } 906 907 int 908 in6_src_ioctl(cmd, data) 909 u_long cmd; 910 caddr_t data; 911 { 912 int i; 913 struct in6_addrpolicy ent0; 914 915 if (cmd != SIOCAADDRCTL_POLICY && cmd != SIOCDADDRCTL_POLICY) 916 return (EOPNOTSUPP); /* check for safety */ 917 918 ent0 = *(struct in6_addrpolicy *)data; 919 920 if (ent0.label == ADDR_LABEL_NOTAPP) 921 return (EINVAL); 922 /* check if the prefix mask is consecutive. */ 923 if (in6_mask2len(&ent0.addrmask.sin6_addr, NULL) < 0) 924 return (EINVAL); 925 /* clear trailing garbages (if any) of the prefix address. */ 926 for (i = 0; i < 4; i++) { 927 ent0.addr.sin6_addr.s6_addr32[i] &= 928 ent0.addrmask.sin6_addr.s6_addr32[i]; 929 } 930 ent0.use = 0; 931 932 switch (cmd) { 933 case SIOCAADDRCTL_POLICY: 934 return (add_addrsel_policyent(&ent0)); 935 case SIOCDADDRCTL_POLICY: 936 return (delete_addrsel_policyent(&ent0)); 937 } 938 939 return (0); /* XXX: compromise compilers */ 940 } 941 942 /* 943 * The followings are implementation of the policy table using a 944 * simple tail queue. 945 * XXX such details should be hidden. 946 * XXX implementation using binary tree should be more efficient. 947 */ 948 struct addrsel_policyent { 949 TAILQ_ENTRY(addrsel_policyent) ape_entry; 950 struct in6_addrpolicy ape_policy; 951 }; 952 953 TAILQ_HEAD(addrsel_policyhead, addrsel_policyent); 954 955 struct addrsel_policyhead addrsel_policytab; 956 957 static void 958 init_policy_queue() 959 { 960 TAILQ_INIT(&addrsel_policytab); 961 } 962 963 static int 964 add_addrsel_policyent(newpolicy) 965 struct in6_addrpolicy *newpolicy; 966 { 967 struct addrsel_policyent *new, *pol; 968 969 MALLOC(new, struct addrsel_policyent *, sizeof(*new), M_IFADDR, 970 M_WAITOK); 971 ADDRSEL_XLOCK(); 972 ADDRSEL_LOCK(); 973 974 /* duplication check */ 975 TAILQ_FOREACH(pol, &addrsel_policytab, ape_entry) { 976 if (IN6_ARE_ADDR_EQUAL(&newpolicy->addr.sin6_addr, 977 &pol->ape_policy.addr.sin6_addr) && 978 IN6_ARE_ADDR_EQUAL(&newpolicy->addrmask.sin6_addr, 979 &pol->ape_policy.addrmask.sin6_addr)) { 980 ADDRSEL_UNLOCK(); 981 ADDRSEL_XUNLOCK(); 982 FREE(new, M_IFADDR); 983 return (EEXIST); /* or override it? */ 984 } 985 } 986 987 bzero(new, sizeof(*new)); 988 989 /* XXX: should validate entry */ 990 new->ape_policy = *newpolicy; 991 992 TAILQ_INSERT_TAIL(&addrsel_policytab, new, ape_entry); 993 ADDRSEL_UNLOCK(); 994 ADDRSEL_XUNLOCK(); 995 996 return (0); 997 } 998 999 static int 1000 delete_addrsel_policyent(key) 1001 struct in6_addrpolicy *key; 1002 { 1003 struct addrsel_policyent *pol; 1004 1005 ADDRSEL_XLOCK(); 1006 ADDRSEL_LOCK(); 1007 1008 /* search for the entry in the table */ 1009 TAILQ_FOREACH(pol, &addrsel_policytab, ape_entry) { 1010 if (IN6_ARE_ADDR_EQUAL(&key->addr.sin6_addr, 1011 &pol->ape_policy.addr.sin6_addr) && 1012 IN6_ARE_ADDR_EQUAL(&key->addrmask.sin6_addr, 1013 &pol->ape_policy.addrmask.sin6_addr)) { 1014 break; 1015 } 1016 } 1017 if (pol == NULL) { 1018 ADDRSEL_UNLOCK(); 1019 ADDRSEL_XUNLOCK(); 1020 return (ESRCH); 1021 } 1022 1023 TAILQ_REMOVE(&addrsel_policytab, pol, ape_entry); 1024 ADDRSEL_UNLOCK(); 1025 ADDRSEL_XUNLOCK(); 1026 1027 return (0); 1028 } 1029 1030 static int 1031 walk_addrsel_policy(callback, w) 1032 int (*callback) __P((struct in6_addrpolicy *, void *)); 1033 void *w; 1034 { 1035 struct addrsel_policyent *pol; 1036 int error = 0; 1037 1038 ADDRSEL_SLOCK(); 1039 TAILQ_FOREACH(pol, &addrsel_policytab, ape_entry) { 1040 if ((error = (*callback)(&pol->ape_policy, w)) != 0) { 1041 ADDRSEL_SUNLOCK(); 1042 return (error); 1043 } 1044 } 1045 ADDRSEL_SUNLOCK(); 1046 return (error); 1047 } 1048 1049 static int 1050 dump_addrsel_policyent(pol, arg) 1051 struct in6_addrpolicy *pol; 1052 void *arg; 1053 { 1054 int error = 0; 1055 struct walkarg *w = arg; 1056 1057 error = SYSCTL_OUT(w->w_req, pol, sizeof(*pol)); 1058 1059 return (error); 1060 } 1061 1062 static struct in6_addrpolicy * 1063 match_addrsel_policy(key) 1064 struct sockaddr_in6 *key; 1065 { 1066 struct addrsel_policyent *pent; 1067 struct in6_addrpolicy *bestpol = NULL, *pol; 1068 int matchlen, bestmatchlen = -1; 1069 u_char *mp, *ep, *k, *p, m; 1070 1071 TAILQ_FOREACH(pent, &addrsel_policytab, ape_entry) { 1072 matchlen = 0; 1073 1074 pol = &pent->ape_policy; 1075 mp = (u_char *)&pol->addrmask.sin6_addr; 1076 ep = mp + 16; /* XXX: scope field? */ 1077 k = (u_char *)&key->sin6_addr; 1078 p = (u_char *)&pol->addr.sin6_addr; 1079 for (; mp < ep && *mp; mp++, k++, p++) { 1080 m = *mp; 1081 if ((*k & m) != *p) 1082 goto next; /* not match */ 1083 if (m == 0xff) /* short cut for a typical case */ 1084 matchlen += 8; 1085 else { 1086 while (m >= 0x80) { 1087 matchlen++; 1088 m <<= 1; 1089 } 1090 } 1091 } 1092 1093 /* matched. check if this is better than the current best. */ 1094 if (bestpol == NULL || 1095 matchlen > bestmatchlen) { 1096 bestpol = pol; 1097 bestmatchlen = matchlen; 1098 } 1099 1100 next: 1101 continue; 1102 } 1103 1104 return (bestpol); 1105 } 1106