1caf43b02SWarner Losh /*- 251369649SPedro F. Giffuni * SPDX-License-Identifier: BSD-3-Clause 351369649SPedro F. Giffuni * 482cd038dSYoshinobu Inoue * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 582cd038dSYoshinobu Inoue * All rights reserved. 682cd038dSYoshinobu Inoue * 782cd038dSYoshinobu Inoue * Redistribution and use in source and binary forms, with or without 882cd038dSYoshinobu Inoue * modification, are permitted provided that the following conditions 982cd038dSYoshinobu Inoue * are met: 1082cd038dSYoshinobu Inoue * 1. Redistributions of source code must retain the above copyright 1182cd038dSYoshinobu Inoue * notice, this list of conditions and the following disclaimer. 1282cd038dSYoshinobu Inoue * 2. Redistributions in binary form must reproduce the above copyright 1382cd038dSYoshinobu Inoue * notice, this list of conditions and the following disclaimer in the 1482cd038dSYoshinobu Inoue * documentation and/or other materials provided with the distribution. 1582cd038dSYoshinobu Inoue * 3. Neither the name of the project nor the names of its contributors 1682cd038dSYoshinobu Inoue * may be used to endorse or promote products derived from this software 1782cd038dSYoshinobu Inoue * without specific prior written permission. 1882cd038dSYoshinobu Inoue * 1982cd038dSYoshinobu Inoue * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 2082cd038dSYoshinobu Inoue * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 2182cd038dSYoshinobu Inoue * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 2282cd038dSYoshinobu Inoue * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 2382cd038dSYoshinobu Inoue * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 2482cd038dSYoshinobu Inoue * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2582cd038dSYoshinobu Inoue * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2682cd038dSYoshinobu Inoue * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 2782cd038dSYoshinobu Inoue * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 2882cd038dSYoshinobu Inoue * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 2982cd038dSYoshinobu Inoue * SUCH DAMAGE. 3082cd038dSYoshinobu Inoue */ 3182cd038dSYoshinobu Inoue 32caf43b02SWarner Losh /*- 3382cd038dSYoshinobu Inoue * Copyright (c) 1982, 1986, 1988, 1993 340ae76120SRobert Watson * The Regents of the University of California. 350ae76120SRobert Watson * All rights reserved. 3682cd038dSYoshinobu Inoue * 3782cd038dSYoshinobu Inoue * Redistribution and use in source and binary forms, with or without 3882cd038dSYoshinobu Inoue * modification, are permitted provided that the following conditions 3982cd038dSYoshinobu Inoue * are met: 4082cd038dSYoshinobu Inoue * 1. Redistributions of source code must retain the above copyright 4182cd038dSYoshinobu Inoue * notice, this list of conditions and the following disclaimer. 4282cd038dSYoshinobu Inoue * 2. Redistributions in binary form must reproduce the above copyright 4382cd038dSYoshinobu Inoue * notice, this list of conditions and the following disclaimer in the 4482cd038dSYoshinobu Inoue * documentation and/or other materials provided with the distribution. 45fbbd9655SWarner Losh * 3. Neither the name of the University nor the names of its contributors 4682cd038dSYoshinobu Inoue * may be used to endorse or promote products derived from this software 4782cd038dSYoshinobu Inoue * without specific prior written permission. 4882cd038dSYoshinobu Inoue * 4982cd038dSYoshinobu Inoue * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 5082cd038dSYoshinobu Inoue * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 5182cd038dSYoshinobu Inoue * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 5282cd038dSYoshinobu Inoue * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 5382cd038dSYoshinobu Inoue * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 5482cd038dSYoshinobu Inoue * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 5582cd038dSYoshinobu Inoue * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 5682cd038dSYoshinobu Inoue * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 5782cd038dSYoshinobu Inoue * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 5882cd038dSYoshinobu Inoue * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 5982cd038dSYoshinobu Inoue * SUCH DAMAGE. 6082cd038dSYoshinobu Inoue * 6182cd038dSYoshinobu Inoue * @(#)raw_ip.c 8.2 (Berkeley) 1/4/94 6282cd038dSYoshinobu Inoue */ 6382cd038dSYoshinobu Inoue 64b48287a3SDavid E. O'Brien #include <sys/cdefs.h> 65b48287a3SDavid E. O'Brien __FBSDID("$FreeBSD$"); 66b48287a3SDavid E. O'Brien 676a800098SYoshinobu Inoue #include "opt_ipsec.h" 6833841545SHajimu UMEMOTO #include "opt_inet6.h" 696a800098SYoshinobu Inoue 7082cd038dSYoshinobu Inoue #include <sys/param.h> 7182cd038dSYoshinobu Inoue #include <sys/errno.h> 72413628a7SBjoern A. Zeeb #include <sys/jail.h> 73a786f679SAndrey V. Elsukov #include <sys/kernel.h> 74960ed29cSSeigo Tanimura #include <sys/lock.h> 75960ed29cSSeigo Tanimura #include <sys/malloc.h> 76960ed29cSSeigo Tanimura #include <sys/mbuf.h> 77c2259ba4SRobert Watson #include <sys/priv.h> 78960ed29cSSeigo Tanimura #include <sys/proc.h> 79960ed29cSSeigo Tanimura #include <sys/protosw.h> 80960ed29cSSeigo Tanimura #include <sys/signalvar.h> 81960ed29cSSeigo Tanimura #include <sys/socket.h> 82960ed29cSSeigo Tanimura #include <sys/socketvar.h> 83960ed29cSSeigo Tanimura #include <sys/sx.h> 84a1f7e5f8SHajimu UMEMOTO #include <sys/syslog.h> 8582cd038dSYoshinobu Inoue 8682cd038dSYoshinobu Inoue #include <net/if.h> 8776039bc8SGleb Smirnoff #include <net/if_var.h> 8882cd038dSYoshinobu Inoue #include <net/if_types.h> 89960ed29cSSeigo Tanimura #include <net/route.h> 904b79449eSBjoern A. Zeeb #include <net/vnet.h> 9182cd038dSYoshinobu Inoue 9282cd038dSYoshinobu Inoue #include <netinet/in.h> 9382cd038dSYoshinobu Inoue #include <netinet/in_var.h> 9482cd038dSYoshinobu Inoue #include <netinet/in_systm.h> 9582cd038dSYoshinobu Inoue #include <netinet/in_pcb.h> 964b79449eSBjoern A. Zeeb 974b79449eSBjoern A. Zeeb #include <netinet/icmp6.h> 98960ed29cSSeigo Tanimura #include <netinet/ip6.h> 991db8d1f8SAna Kukec #include <netinet/ip_var.h> 100686cdd19SJun-ichiro itojun Hagino #include <netinet6/ip6protosw.h> 101960ed29cSSeigo Tanimura #include <netinet6/ip6_mroute.h> 102960ed29cSSeigo Tanimura #include <netinet6/in6_pcb.h> 103960ed29cSSeigo Tanimura #include <netinet6/ip6_var.h> 104960ed29cSSeigo Tanimura #include <netinet6/nd6.h> 105960ed29cSSeigo Tanimura #include <netinet6/raw_ip6.h> 106686cdd19SJun-ichiro itojun Hagino #include <netinet6/scope6_var.h> 1071db8d1f8SAna Kukec #include <netinet6/send.h> 10882cd038dSYoshinobu Inoue 109fcf59617SAndrey V. Elsukov #include <netipsec/ipsec_support.h> 110b9234fafSSam Leffler 11182cd038dSYoshinobu Inoue #include <machine/stdarg.h> 11282cd038dSYoshinobu Inoue 11382cd038dSYoshinobu Inoue #define satosin6(sa) ((struct sockaddr_in6 *)(sa)) 11482cd038dSYoshinobu Inoue #define ifatoia6(ifa) ((struct in6_ifaddr *)(ifa)) 11582cd038dSYoshinobu Inoue 11682cd038dSYoshinobu Inoue /* 11782cd038dSYoshinobu Inoue * Raw interface to IP6 protocol. 11882cd038dSYoshinobu Inoue */ 11982cd038dSYoshinobu Inoue 120eddfbb76SRobert Watson VNET_DECLARE(struct inpcbhead, ripcb); 121eddfbb76SRobert Watson VNET_DECLARE(struct inpcbinfo, ripcbinfo); 1221e77c105SRobert Watson #define V_ripcb VNET(ripcb) 1231e77c105SRobert Watson #define V_ripcbinfo VNET(ripcbinfo) 124eddfbb76SRobert Watson 12597021c24SMarko Zec extern u_long rip_sendspace; 12697021c24SMarko Zec extern u_long rip_recvspace; 12797021c24SMarko Zec 128a786f679SAndrey V. Elsukov VNET_PCPUSTAT_DEFINE(struct rip6stat, rip6stat); 129a786f679SAndrey V. Elsukov VNET_PCPUSTAT_SYSINIT(rip6stat); 130a786f679SAndrey V. Elsukov 131a786f679SAndrey V. Elsukov #ifdef VIMAGE 132a786f679SAndrey V. Elsukov VNET_PCPUSTAT_SYSUNINIT(rip6stat); 133a786f679SAndrey V. Elsukov #endif /* VIMAGE */ 13482cea7e6SBjoern A. Zeeb 13582cd038dSYoshinobu Inoue /* 13633cde130SBruce M Simpson * Hooks for multicast routing. They all default to NULL, so leave them not 13733cde130SBruce M Simpson * initialized and rely on BSS being set to 0. 1386be2e366SBruce M Simpson */ 13933cde130SBruce M Simpson 14033cde130SBruce M Simpson /* 14133cde130SBruce M Simpson * The socket used to communicate with the multicast routing daemon. 14233cde130SBruce M Simpson */ 143eddfbb76SRobert Watson VNET_DEFINE(struct socket *, ip6_mrouter); 14433cde130SBruce M Simpson 14533cde130SBruce M Simpson /* 14633cde130SBruce M Simpson * The various mrouter functions. 14733cde130SBruce M Simpson */ 1486be2e366SBruce M Simpson int (*ip6_mrouter_set)(struct socket *, struct sockopt *); 1496be2e366SBruce M Simpson int (*ip6_mrouter_get)(struct socket *, struct sockopt *); 1506be2e366SBruce M Simpson int (*ip6_mrouter_done)(void); 1516be2e366SBruce M Simpson int (*ip6_mforward)(struct ip6_hdr *, struct ifnet *, struct mbuf *); 152e40bae9aSRoman Divacky int (*mrt6_ioctl)(u_long, caddr_t); 1536be2e366SBruce M Simpson 1546be2e366SBruce M Simpson /* 1550ae76120SRobert Watson * Setup generic address and protocol structures for raw_input routine, then 1560ae76120SRobert Watson * pass them along with mbuf chain. 15782cd038dSYoshinobu Inoue */ 15882cd038dSYoshinobu Inoue int 1591272577eSXin LI rip6_input(struct mbuf **mp, int *offp, int proto) 16082cd038dSYoshinobu Inoue { 16133cde130SBruce M Simpson struct ifnet *ifp; 16282cd038dSYoshinobu Inoue struct mbuf *m = *mp; 1633e85b721SEd Maste struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); 1640ecd976eSBjoern A. Zeeb struct inpcb *inp; 165155d72c4SPedro F. Giffuni struct inpcb *last = NULL; 16633841545SHajimu UMEMOTO struct mbuf *opts = NULL; 167af12e09eSHajimu UMEMOTO struct sockaddr_in6 fromsa; 168f42347c3SGleb Smirnoff 169f42347c3SGleb Smirnoff NET_EPOCH_ASSERT(); 17082cd038dSYoshinobu Inoue 171f1d7ebfeSAndrey V. Elsukov RIP6STAT_INC(rip6s_ipackets); 17233841545SHajimu UMEMOTO 173dce33a45SErmal Luçi init_sin6(&fromsa, m, 0); /* general init */ 17482cd038dSYoshinobu Inoue 17533cde130SBruce M Simpson ifp = m->m_pkthdr.rcvif; 17633cde130SBruce M Simpson 1770ecd976eSBjoern A. Zeeb CK_LIST_FOREACH(inp, &V_ripcb, inp_list) { 178413628a7SBjoern A. Zeeb /* XXX inp locking */ 1790ecd976eSBjoern A. Zeeb if ((inp->inp_vflag & INP_IPV6) == 0) 18082cd038dSYoshinobu Inoue continue; 1810ecd976eSBjoern A. Zeeb if (inp->inp_ip_p && 1820ecd976eSBjoern A. Zeeb inp->inp_ip_p != proto) 183b11e21aeSAlexander Motin continue; 1840ecd976eSBjoern A. Zeeb if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr) && 1850ecd976eSBjoern A. Zeeb !IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, &ip6->ip6_dst)) 186b11e21aeSAlexander Motin continue; 1870ecd976eSBjoern A. Zeeb if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) && 1880ecd976eSBjoern A. Zeeb !IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, &ip6->ip6_src)) 189b11e21aeSAlexander Motin continue; 1901ff6e7a8SBjoern A. Zeeb if (last != NULL) { 1911ff6e7a8SBjoern A. Zeeb struct mbuf *n = m_copym(m, 0, M_COPYALL, M_NOWAIT); 1921ff6e7a8SBjoern A. Zeeb 1931ff6e7a8SBjoern A. Zeeb #if defined(IPSEC) || defined(IPSEC_SUPPORT) 1941ff6e7a8SBjoern A. Zeeb /* 1951ff6e7a8SBjoern A. Zeeb * Check AH/ESP integrity. 1961ff6e7a8SBjoern A. Zeeb */ 1971ff6e7a8SBjoern A. Zeeb if (IPSEC_ENABLED(ipv6)) { 1981ff6e7a8SBjoern A. Zeeb if (n != NULL && 1991ff6e7a8SBjoern A. Zeeb IPSEC_CHECK_POLICY(ipv6, n, last) != 0) { 2001ff6e7a8SBjoern A. Zeeb m_freem(n); 2011ff6e7a8SBjoern A. Zeeb /* Do not inject data into pcb. */ 2021ff6e7a8SBjoern A. Zeeb n = NULL; 2031ff6e7a8SBjoern A. Zeeb } 2041ff6e7a8SBjoern A. Zeeb } 2051ff6e7a8SBjoern A. Zeeb #endif /* IPSEC */ 2061ff6e7a8SBjoern A. Zeeb if (n) { 2071ff6e7a8SBjoern A. Zeeb if (last->inp_flags & INP_CONTROLOPTS || 2081ff6e7a8SBjoern A. Zeeb last->inp_socket->so_options & SO_TIMESTAMP) 2091ff6e7a8SBjoern A. Zeeb ip6_savecontrol(last, n, &opts); 2101ff6e7a8SBjoern A. Zeeb /* strip intermediate headers */ 2111ff6e7a8SBjoern A. Zeeb m_adj(n, *offp); 2121ff6e7a8SBjoern A. Zeeb if (sbappendaddr(&last->inp_socket->so_rcv, 2131ff6e7a8SBjoern A. Zeeb (struct sockaddr *)&fromsa, 2141ff6e7a8SBjoern A. Zeeb n, opts) == 0) { 2151ff6e7a8SBjoern A. Zeeb m_freem(n); 2161ff6e7a8SBjoern A. Zeeb if (opts) 2171ff6e7a8SBjoern A. Zeeb m_freem(opts); 2181ff6e7a8SBjoern A. Zeeb RIP6STAT_INC(rip6s_fullsock); 2191ff6e7a8SBjoern A. Zeeb } else 2201ff6e7a8SBjoern A. Zeeb sorwakeup(last->inp_socket); 2211ff6e7a8SBjoern A. Zeeb opts = NULL; 2221ff6e7a8SBjoern A. Zeeb } 2231ff6e7a8SBjoern A. Zeeb INP_RUNLOCK(last); 2241ff6e7a8SBjoern A. Zeeb last = NULL; 2251ff6e7a8SBjoern A. Zeeb } 2260ecd976eSBjoern A. Zeeb INP_RLOCK(inp); 2270ecd976eSBjoern A. Zeeb if (__predict_false(inp->inp_flags2 & INP_FREED)) 2281ff6e7a8SBjoern A. Zeeb goto skip_2; 2290ecd976eSBjoern A. Zeeb if (jailed_without_vnet(inp->inp_cred)) { 23033cde130SBruce M Simpson /* 23133cde130SBruce M Simpson * Allow raw socket in jail to receive multicast; 23233cde130SBruce M Simpson * assume process had PRIV_NETINET_RAW at attach, 23333cde130SBruce M Simpson * and fall through into normal filter path if so. 23433cde130SBruce M Simpson */ 23533cde130SBruce M Simpson if (!IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) && 2360ecd976eSBjoern A. Zeeb prison_check_ip6(inp->inp_cred, 23733cde130SBruce M Simpson &ip6->ip6_dst) != 0) 2381ff6e7a8SBjoern A. Zeeb goto skip_2; 23933cde130SBruce M Simpson } 2400ecd976eSBjoern A. Zeeb if (inp->in6p_cksum != -1) { 241f1d7ebfeSAndrey V. Elsukov RIP6STAT_INC(rip6s_isum); 2420ecd976eSBjoern A. Zeeb if (m->m_pkthdr.len - (*offp + inp->in6p_cksum) < 2 || 24370a0f3dcSMichael Tuexen in6_cksum(m, proto, *offp, 24482cd038dSYoshinobu Inoue m->m_pkthdr.len - *offp)) { 245f1d7ebfeSAndrey V. Elsukov RIP6STAT_INC(rip6s_badsum); 246fb288770SMichael Tuexen /* 247fb288770SMichael Tuexen * Drop the received message, don't send an 248fb288770SMichael Tuexen * ICMP6 message. Set proto to IPPROTO_NONE 249fb288770SMichael Tuexen * to achieve that. 250fb288770SMichael Tuexen */ 251fb288770SMichael Tuexen proto = IPPROTO_NONE; 2521ff6e7a8SBjoern A. Zeeb goto skip_2; 25382cd038dSYoshinobu Inoue } 25433841545SHajimu UMEMOTO } 25533cde130SBruce M Simpson /* 25633cde130SBruce M Simpson * If this raw socket has multicast state, and we 25733cde130SBruce M Simpson * have received a multicast, check if this socket 25833cde130SBruce M Simpson * should receive it, as multicast filtering is now 25933cde130SBruce M Simpson * the responsibility of the transport layer. 26033cde130SBruce M Simpson */ 2610ecd976eSBjoern A. Zeeb if (inp->in6p_moptions && 26233cde130SBruce M Simpson IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) { 2637ab5a5cdSBruce M Simpson /* 2647ab5a5cdSBruce M Simpson * If the incoming datagram is for MLD, allow it 2657ab5a5cdSBruce M Simpson * through unconditionally to the raw socket. 2667ab5a5cdSBruce M Simpson * 2677ab5a5cdSBruce M Simpson * Use the M_RTALERT_MLD flag to check for MLD 2687ab5a5cdSBruce M Simpson * traffic without having to inspect the mbuf chain 2697ab5a5cdSBruce M Simpson * more deeply, as all MLDv1/v2 host messages MUST 2707ab5a5cdSBruce M Simpson * contain the Router Alert option. 2717ab5a5cdSBruce M Simpson * 2727ab5a5cdSBruce M Simpson * In the case of MLDv1, we may not have explicitly 2737ab5a5cdSBruce M Simpson * joined the group, and may have set IFF_ALLMULTI 2747ab5a5cdSBruce M Simpson * on the interface. im6o_mc_filter() may discard 2757ab5a5cdSBruce M Simpson * control traffic we actually need to see. 2767ab5a5cdSBruce M Simpson * 2777ab5a5cdSBruce M Simpson * Userland multicast routing daemons should continue 2787ab5a5cdSBruce M Simpson * filter the control traffic appropriately. 2797ab5a5cdSBruce M Simpson */ 28033cde130SBruce M Simpson int blocked; 28133cde130SBruce M Simpson 2827ab5a5cdSBruce M Simpson blocked = MCAST_PASS; 2837ab5a5cdSBruce M Simpson if ((m->m_flags & M_RTALERT_MLD) == 0) { 2847ab5a5cdSBruce M Simpson struct sockaddr_in6 mcaddr; 2857ab5a5cdSBruce M Simpson 28633cde130SBruce M Simpson bzero(&mcaddr, sizeof(struct sockaddr_in6)); 28733cde130SBruce M Simpson mcaddr.sin6_len = sizeof(struct sockaddr_in6); 28833cde130SBruce M Simpson mcaddr.sin6_family = AF_INET6; 28933cde130SBruce M Simpson mcaddr.sin6_addr = ip6->ip6_dst; 29033cde130SBruce M Simpson 2910ecd976eSBjoern A. Zeeb blocked = im6o_mc_filter(inp->in6p_moptions, 2927ab5a5cdSBruce M Simpson ifp, 29333cde130SBruce M Simpson (struct sockaddr *)&mcaddr, 29433cde130SBruce M Simpson (struct sockaddr *)&fromsa); 2957ab5a5cdSBruce M Simpson } 29633cde130SBruce M Simpson if (blocked != MCAST_PASS) { 29733cde130SBruce M Simpson IP6STAT_INC(ip6s_notmember); 2981ff6e7a8SBjoern A. Zeeb goto skip_2; 29933cde130SBruce M Simpson } 30033cde130SBruce M Simpson } 3010ecd976eSBjoern A. Zeeb last = inp; 3021ff6e7a8SBjoern A. Zeeb continue; 3031ff6e7a8SBjoern A. Zeeb skip_2: 3040ecd976eSBjoern A. Zeeb INP_RUNLOCK(inp); 30582cd038dSYoshinobu Inoue } 306fcf59617SAndrey V. Elsukov #if defined(IPSEC) || defined(IPSEC_SUPPORT) 307da0f4099SHajimu UMEMOTO /* 308da0f4099SHajimu UMEMOTO * Check AH/ESP integrity. 309da0f4099SHajimu UMEMOTO */ 310fcf59617SAndrey V. Elsukov if (IPSEC_ENABLED(ipv6) && last != NULL && 311fcf59617SAndrey V. Elsukov IPSEC_CHECK_POLICY(ipv6, m, last) != 0) { 312da0f4099SHajimu UMEMOTO m_freem(m); 3139cb8d207SAndrey V. Elsukov IP6STAT_DEC(ip6s_delivered); 3140ae76120SRobert Watson /* Do not inject data into pcb. */ 3159ad11dd8SRobert Watson INP_RUNLOCK(last); 316b9234fafSSam Leffler } else 317b2630c29SGeorge V. Neville-Neil #endif /* IPSEC */ 318aba53ef0SKip Macy if (last != NULL) { 31997590249SBjoern A. Zeeb if (last->inp_flags & INP_CONTROLOPTS || 320fc384fa5SBjoern A. Zeeb last->inp_socket->so_options & SO_TIMESTAMP) 32111de19f4SHajimu UMEMOTO ip6_savecontrol(last, m, &opts); 3220ae76120SRobert Watson /* Strip intermediate headers. */ 32382cd038dSYoshinobu Inoue m_adj(m, *offp); 324fc384fa5SBjoern A. Zeeb if (sbappendaddr(&last->inp_socket->so_rcv, 325af12e09eSHajimu UMEMOTO (struct sockaddr *)&fromsa, m, opts) == 0) { 32682cd038dSYoshinobu Inoue m_freem(m); 32782cd038dSYoshinobu Inoue if (opts) 32882cd038dSYoshinobu Inoue m_freem(opts); 329f1d7ebfeSAndrey V. Elsukov RIP6STAT_INC(rip6s_fullsock); 3304cc20ab1SSeigo Tanimura } else 331fc384fa5SBjoern A. Zeeb sorwakeup(last->inp_socket); 3329ad11dd8SRobert Watson INP_RUNLOCK(last); 33382cd038dSYoshinobu Inoue } else { 334f1d7ebfeSAndrey V. Elsukov RIP6STAT_INC(rip6s_nosock); 33533841545SHajimu UMEMOTO if (m->m_flags & M_MCAST) 336f1d7ebfeSAndrey V. Elsukov RIP6STAT_INC(rip6s_nosockmcast); 33782cd038dSYoshinobu Inoue if (proto == IPPROTO_NONE) 33882cd038dSYoshinobu Inoue m_freem(m); 33968e0e5a6SAndrey V. Elsukov else 34082cd038dSYoshinobu Inoue icmp6_error(m, ICMP6_PARAM_PROB, 34182cd038dSYoshinobu Inoue ICMP6_PARAMPROB_NEXTHEADER, 34268e0e5a6SAndrey V. Elsukov ip6_get_prevhdr(m, *offp)); 3439cb8d207SAndrey V. Elsukov IP6STAT_DEC(ip6s_delivered); 34482cd038dSYoshinobu Inoue } 3450ae76120SRobert Watson return (IPPROTO_DONE); 34682cd038dSYoshinobu Inoue } 34782cd038dSYoshinobu Inoue 348686cdd19SJun-ichiro itojun Hagino void 3491272577eSXin LI rip6_ctlinput(int cmd, struct sockaddr *sa, void *d) 350686cdd19SJun-ichiro itojun Hagino { 35133841545SHajimu UMEMOTO struct ip6ctlparam *ip6cp = NULL; 35233841545SHajimu UMEMOTO const struct sockaddr_in6 *sa6_src = NULL; 353efddf5c6SHajimu UMEMOTO void *cmdarg; 3549233d8f3SDavid E. O'Brien struct inpcb *(*notify)(struct inpcb *, int) = in6_rtchange; 355686cdd19SJun-ichiro itojun Hagino 356686cdd19SJun-ichiro itojun Hagino if (sa->sa_family != AF_INET6 || 357686cdd19SJun-ichiro itojun Hagino sa->sa_len != sizeof(struct sockaddr_in6)) 358686cdd19SJun-ichiro itojun Hagino return; 359686cdd19SJun-ichiro itojun Hagino 360686cdd19SJun-ichiro itojun Hagino if ((unsigned)cmd >= PRC_NCMDS) 361686cdd19SJun-ichiro itojun Hagino return; 362686cdd19SJun-ichiro itojun Hagino if (PRC_IS_REDIRECT(cmd)) 363686cdd19SJun-ichiro itojun Hagino notify = in6_rtchange, d = NULL; 364686cdd19SJun-ichiro itojun Hagino else if (cmd == PRC_HOSTDEAD) 365686cdd19SJun-ichiro itojun Hagino d = NULL; 366686cdd19SJun-ichiro itojun Hagino else if (inet6ctlerrmap[cmd] == 0) 367686cdd19SJun-ichiro itojun Hagino return; 368686cdd19SJun-ichiro itojun Hagino 3690ae76120SRobert Watson /* 3700ae76120SRobert Watson * If the parameter is from icmp6, decode it. 3710ae76120SRobert Watson */ 372686cdd19SJun-ichiro itojun Hagino if (d != NULL) { 37333841545SHajimu UMEMOTO ip6cp = (struct ip6ctlparam *)d; 374efddf5c6SHajimu UMEMOTO cmdarg = ip6cp->ip6c_cmdarg; 37533841545SHajimu UMEMOTO sa6_src = ip6cp->ip6c_src; 376686cdd19SJun-ichiro itojun Hagino } else { 377efddf5c6SHajimu UMEMOTO cmdarg = NULL; 37833841545SHajimu UMEMOTO sa6_src = &sa6_any; 379686cdd19SJun-ichiro itojun Hagino } 380686cdd19SJun-ichiro itojun Hagino 381603724d3SBjoern A. Zeeb (void) in6_pcbnotify(&V_ripcbinfo, sa, 0, 3820ae76120SRobert Watson (const struct sockaddr *)sa6_src, 0, cmd, cmdarg, notify); 383686cdd19SJun-ichiro itojun Hagino } 384686cdd19SJun-ichiro itojun Hagino 38582cd038dSYoshinobu Inoue /* 3860ae76120SRobert Watson * Generate IPv6 header and pass packet to ip6_output. Tack on options user 3870ae76120SRobert Watson * may have setup with control call. 38882cd038dSYoshinobu Inoue */ 38982cd038dSYoshinobu Inoue int 3908f5a8818SKevin Lo rip6_output(struct mbuf *m, struct socket *so, ...) 39182cd038dSYoshinobu Inoue { 392*b9555453SGleb Smirnoff struct epoch_tracker et; 39307eb2995SHajimu UMEMOTO struct mbuf *control; 3941db8d1f8SAna Kukec struct m_tag *mtag; 39582cd038dSYoshinobu Inoue struct sockaddr_in6 *dstsock; 39682cd038dSYoshinobu Inoue struct ip6_hdr *ip6; 3970ecd976eSBjoern A. Zeeb struct inpcb *inp; 39882cd038dSYoshinobu Inoue u_int plen = m->m_pkthdr.len; 39982cd038dSYoshinobu Inoue int error = 0; 400e07db7aaSHajimu UMEMOTO struct ip6_pktopts opt, *optp; 40182cd038dSYoshinobu Inoue struct ifnet *oifp = NULL; 40282cd038dSYoshinobu Inoue int type = 0, code = 0; /* for ICMPv6 output statistics only */ 403a1f7e5f8SHajimu UMEMOTO int scope_ambiguous = 0; 404388288b2SHajimu UMEMOTO int use_defzone = 0; 405601c0b8bSAlexander V. Chernikov int hlim = 0; 40688d166bfSBjoern A. Zeeb struct in6_addr in6a; 40782cd038dSYoshinobu Inoue va_list ap; 40882cd038dSYoshinobu Inoue 4098f5a8818SKevin Lo va_start(ap, so); 41082cd038dSYoshinobu Inoue dstsock = va_arg(ap, struct sockaddr_in6 *); 41182cd038dSYoshinobu Inoue control = va_arg(ap, struct mbuf *); 41282cd038dSYoshinobu Inoue va_end(ap); 41382cd038dSYoshinobu Inoue 4140ecd976eSBjoern A. Zeeb inp = sotoinpcb(so); 4150ecd976eSBjoern A. Zeeb INP_WLOCK(inp); 41682cd038dSYoshinobu Inoue 41775bab8b8SKip Macy if (control != NULL) { 418d5e3406dSHajimu UMEMOTO if ((error = ip6_setpktopts(control, &opt, 4190ecd976eSBjoern A. Zeeb inp->in6p_outputopts, so->so_cred, 42079ba3952SBjoern A. Zeeb so->so_proto->pr_protocol)) != 0) { 42182cd038dSYoshinobu Inoue goto bad; 422f95d4633SHajimu UMEMOTO } 423e07db7aaSHajimu UMEMOTO optp = &opt; 424e07db7aaSHajimu UMEMOTO } else 4250ecd976eSBjoern A. Zeeb optp = inp->in6p_outputopts; 42682cd038dSYoshinobu Inoue 42782cd038dSYoshinobu Inoue /* 428a1f7e5f8SHajimu UMEMOTO * Check and convert scope zone ID into internal form. 4290ae76120SRobert Watson * 430a1f7e5f8SHajimu UMEMOTO * XXX: we may still need to determine the zone later. 431a1f7e5f8SHajimu UMEMOTO */ 432a1f7e5f8SHajimu UMEMOTO if (!(so->so_state & SS_ISCONNECTED)) { 433365ccde0SHajimu UMEMOTO if (!optp || !optp->ip6po_pktinfo || 434365ccde0SHajimu UMEMOTO !optp->ip6po_pktinfo->ipi6_ifindex) 435388288b2SHajimu UMEMOTO use_defzone = V_ip6_use_defzone; 436388288b2SHajimu UMEMOTO if (dstsock->sin6_scope_id == 0 && !use_defzone) 437a1f7e5f8SHajimu UMEMOTO scope_ambiguous = 1; 438388288b2SHajimu UMEMOTO if ((error = sa6_embedscope(dstsock, use_defzone)) != 0) 439a1f7e5f8SHajimu UMEMOTO goto bad; 440a1f7e5f8SHajimu UMEMOTO } 441a1f7e5f8SHajimu UMEMOTO 442a1f7e5f8SHajimu UMEMOTO /* 4430ae76120SRobert Watson * For an ICMPv6 packet, we should know its type and code to update 4440ae76120SRobert Watson * statistics. 44582cd038dSYoshinobu Inoue */ 44682cd038dSYoshinobu Inoue if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) { 44782cd038dSYoshinobu Inoue struct icmp6_hdr *icmp6; 44882cd038dSYoshinobu Inoue if (m->m_len < sizeof(struct icmp6_hdr) && 44982cd038dSYoshinobu Inoue (m = m_pullup(m, sizeof(struct icmp6_hdr))) == NULL) { 45082cd038dSYoshinobu Inoue error = ENOBUFS; 45182cd038dSYoshinobu Inoue goto bad; 45282cd038dSYoshinobu Inoue } 45382cd038dSYoshinobu Inoue icmp6 = mtod(m, struct icmp6_hdr *); 45482cd038dSYoshinobu Inoue type = icmp6->icmp6_type; 45582cd038dSYoshinobu Inoue code = icmp6->icmp6_code; 45682cd038dSYoshinobu Inoue } 45782cd038dSYoshinobu Inoue 458eb1b1807SGleb Smirnoff M_PREPEND(m, sizeof(*ip6), M_NOWAIT); 4598a0c4da8SRobert Watson if (m == NULL) { 4608a0c4da8SRobert Watson error = ENOBUFS; 4618a0c4da8SRobert Watson goto bad; 4628a0c4da8SRobert Watson } 46382cd038dSYoshinobu Inoue ip6 = mtod(m, struct ip6_hdr *); 46482cd038dSYoshinobu Inoue 46582cd038dSYoshinobu Inoue /* 46682cd038dSYoshinobu Inoue * Source address selection. 46782cd038dSYoshinobu Inoue */ 4680ecd976eSBjoern A. Zeeb error = in6_selectsrc_socket(dstsock, optp, inp, so->so_cred, 469601c0b8bSAlexander V. Chernikov scope_ambiguous, &in6a, &hlim); 470601c0b8bSAlexander V. Chernikov 47188d166bfSBjoern A. Zeeb if (error) 47282cd038dSYoshinobu Inoue goto bad; 4730ecd976eSBjoern A. Zeeb error = prison_check_ip6(inp->inp_cred, &in6a); 474b89e82ddSJamie Gritton if (error != 0) 475413628a7SBjoern A. Zeeb goto bad; 47688d166bfSBjoern A. Zeeb ip6->ip6_src = in6a; 477a1f7e5f8SHajimu UMEMOTO 478a1f7e5f8SHajimu UMEMOTO ip6->ip6_dst = dstsock->sin6_addr; 479a1f7e5f8SHajimu UMEMOTO 4800ae76120SRobert Watson /* 4810ae76120SRobert Watson * Fill in the rest of the IPv6 header fields. 4820ae76120SRobert Watson */ 4836a800098SYoshinobu Inoue ip6->ip6_flow = (ip6->ip6_flow & ~IPV6_FLOWINFO_MASK) | 4840ecd976eSBjoern A. Zeeb (inp->inp_flow & IPV6_FLOWINFO_MASK); 4856a800098SYoshinobu Inoue ip6->ip6_vfc = (ip6->ip6_vfc & ~IPV6_VERSION_MASK) | 4866a800098SYoshinobu Inoue (IPV6_VERSION & IPV6_VERSION_MASK); 4870ae76120SRobert Watson 4880ae76120SRobert Watson /* 4890ae76120SRobert Watson * ip6_plen will be filled in ip6_output, so not fill it here. 4900ae76120SRobert Watson */ 4910ecd976eSBjoern A. Zeeb ip6->ip6_nxt = inp->inp_ip_p; 492601c0b8bSAlexander V. Chernikov ip6->ip6_hlim = hlim; 49382cd038dSYoshinobu Inoue 49482cd038dSYoshinobu Inoue if (so->so_proto->pr_protocol == IPPROTO_ICMPV6 || 4950ecd976eSBjoern A. Zeeb inp->in6p_cksum != -1) { 49682cd038dSYoshinobu Inoue struct mbuf *n; 49782cd038dSYoshinobu Inoue int off; 49882cd038dSYoshinobu Inoue u_int16_t *p; 49982cd038dSYoshinobu Inoue 5000ae76120SRobert Watson /* Compute checksum. */ 50182cd038dSYoshinobu Inoue if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) 50282cd038dSYoshinobu Inoue off = offsetof(struct icmp6_hdr, icmp6_cksum); 50382cd038dSYoshinobu Inoue else 5040ecd976eSBjoern A. Zeeb off = inp->in6p_cksum; 505ae7c65b1SMichael Tuexen if (plen < off + 2) { 50682cd038dSYoshinobu Inoue error = EINVAL; 50782cd038dSYoshinobu Inoue goto bad; 50882cd038dSYoshinobu Inoue } 50982cd038dSYoshinobu Inoue off += sizeof(struct ip6_hdr); 51082cd038dSYoshinobu Inoue 51182cd038dSYoshinobu Inoue n = m; 51282cd038dSYoshinobu Inoue while (n && n->m_len <= off) { 51382cd038dSYoshinobu Inoue off -= n->m_len; 51482cd038dSYoshinobu Inoue n = n->m_next; 51582cd038dSYoshinobu Inoue } 51682cd038dSYoshinobu Inoue if (!n) 51782cd038dSYoshinobu Inoue goto bad; 51882cd038dSYoshinobu Inoue p = (u_int16_t *)(mtod(n, caddr_t) + off); 51982cd038dSYoshinobu Inoue *p = 0; 52082cd038dSYoshinobu Inoue *p = in6_cksum(m, ip6->ip6_nxt, sizeof(*ip6), plen); 52182cd038dSYoshinobu Inoue } 52282cd038dSYoshinobu Inoue 5231db8d1f8SAna Kukec /* 5241db8d1f8SAna Kukec * Send RA/RS messages to user land for protection, before sending 5251db8d1f8SAna Kukec * them to rtadvd/rtsol. 5261db8d1f8SAna Kukec */ 5271db8d1f8SAna Kukec if ((send_sendso_input_hook != NULL) && 5281db8d1f8SAna Kukec so->so_proto->pr_protocol == IPPROTO_ICMPV6) { 5291db8d1f8SAna Kukec switch (type) { 5301db8d1f8SAna Kukec case ND_ROUTER_ADVERT: 5311db8d1f8SAna Kukec case ND_ROUTER_SOLICIT: 5321db8d1f8SAna Kukec mtag = m_tag_get(PACKET_TAG_ND_OUTGOING, 5331db8d1f8SAna Kukec sizeof(unsigned short), M_NOWAIT); 5341db8d1f8SAna Kukec if (mtag == NULL) 5351db8d1f8SAna Kukec goto bad; 5361db8d1f8SAna Kukec m_tag_prepend(m, mtag); 5371db8d1f8SAna Kukec } 5381db8d1f8SAna Kukec } 5391db8d1f8SAna Kukec 540*b9555453SGleb Smirnoff NET_EPOCH_ENTER(et); 5410ecd976eSBjoern A. Zeeb error = ip6_output(m, optp, NULL, 0, inp->in6p_moptions, &oifp, inp); 542*b9555453SGleb Smirnoff NET_EPOCH_EXIT(et); 54382cd038dSYoshinobu Inoue if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) { 54482cd038dSYoshinobu Inoue if (oifp) 54582cd038dSYoshinobu Inoue icmp6_ifoutstat_inc(oifp, type, code); 546e27b0c87SRobert Watson ICMP6STAT_INC(icp6s_outhist[type]); 54733841545SHajimu UMEMOTO } else 548f1d7ebfeSAndrey V. Elsukov RIP6STAT_INC(rip6s_opackets); 54982cd038dSYoshinobu Inoue 55082cd038dSYoshinobu Inoue goto freectl; 55182cd038dSYoshinobu Inoue 55282cd038dSYoshinobu Inoue bad: 55382cd038dSYoshinobu Inoue if (m) 55482cd038dSYoshinobu Inoue m_freem(m); 55582cd038dSYoshinobu Inoue 55682cd038dSYoshinobu Inoue freectl: 55775bab8b8SKip Macy if (control != NULL) { 558e07db7aaSHajimu UMEMOTO ip6_clearpktopts(&opt, -1); 55982cd038dSYoshinobu Inoue m_freem(control); 56033841545SHajimu UMEMOTO } 5610ecd976eSBjoern A. Zeeb INP_WUNLOCK(inp); 56282cd038dSYoshinobu Inoue return (error); 56382cd038dSYoshinobu Inoue } 56482cd038dSYoshinobu Inoue 56582cd038dSYoshinobu Inoue /* 56682cd038dSYoshinobu Inoue * Raw IPv6 socket option processing. 56782cd038dSYoshinobu Inoue */ 56882cd038dSYoshinobu Inoue int 5691272577eSXin LI rip6_ctloutput(struct socket *so, struct sockopt *sopt) 57082cd038dSYoshinobu Inoue { 571ee799639SBjoern A. Zeeb struct inpcb *inp; 57282cd038dSYoshinobu Inoue int error; 57382cd038dSYoshinobu Inoue 57482cd038dSYoshinobu Inoue if (sopt->sopt_level == IPPROTO_ICMPV6) 57582cd038dSYoshinobu Inoue /* 57682cd038dSYoshinobu Inoue * XXX: is it better to call icmp6_ctloutput() directly 57782cd038dSYoshinobu Inoue * from protosw? 57882cd038dSYoshinobu Inoue */ 57982cd038dSYoshinobu Inoue return (icmp6_ctloutput(so, sopt)); 580ee799639SBjoern A. Zeeb else if (sopt->sopt_level != IPPROTO_IPV6) { 581ee799639SBjoern A. Zeeb if (sopt->sopt_level == SOL_SOCKET && 582ee799639SBjoern A. Zeeb sopt->sopt_name == SO_SETFIB) { 583ee799639SBjoern A. Zeeb inp = sotoinpcb(so); 584ee799639SBjoern A. Zeeb INP_WLOCK(inp); 585ee799639SBjoern A. Zeeb inp->inp_inc.inc_fibnum = so->so_fibnum; 586ee799639SBjoern A. Zeeb INP_WUNLOCK(inp); 587ee799639SBjoern A. Zeeb return (0); 588ee799639SBjoern A. Zeeb } 58982cd038dSYoshinobu Inoue return (EINVAL); 590ee799639SBjoern A. Zeeb } 59182cd038dSYoshinobu Inoue 59282cd038dSYoshinobu Inoue error = 0; 59382cd038dSYoshinobu Inoue 59482cd038dSYoshinobu Inoue switch (sopt->sopt_dir) { 59582cd038dSYoshinobu Inoue case SOPT_GET: 59682cd038dSYoshinobu Inoue switch (sopt->sopt_name) { 59791ec0a1eSYoshinobu Inoue case MRT6_INIT: 59891ec0a1eSYoshinobu Inoue case MRT6_DONE: 59991ec0a1eSYoshinobu Inoue case MRT6_ADD_MIF: 60091ec0a1eSYoshinobu Inoue case MRT6_DEL_MIF: 60191ec0a1eSYoshinobu Inoue case MRT6_ADD_MFC: 60291ec0a1eSYoshinobu Inoue case MRT6_DEL_MFC: 60391ec0a1eSYoshinobu Inoue case MRT6_PIM: 6046be2e366SBruce M Simpson error = ip6_mrouter_get ? ip6_mrouter_get(so, sopt) : 6056be2e366SBruce M Simpson EOPNOTSUPP; 60691ec0a1eSYoshinobu Inoue break; 60702b9a206SHajimu UMEMOTO case IPV6_CHECKSUM: 60802b9a206SHajimu UMEMOTO error = ip6_raw_ctloutput(so, sopt); 60902b9a206SHajimu UMEMOTO break; 61082cd038dSYoshinobu Inoue default: 61182cd038dSYoshinobu Inoue error = ip6_ctloutput(so, sopt); 61282cd038dSYoshinobu Inoue break; 61382cd038dSYoshinobu Inoue } 61482cd038dSYoshinobu Inoue break; 61582cd038dSYoshinobu Inoue 61682cd038dSYoshinobu Inoue case SOPT_SET: 61782cd038dSYoshinobu Inoue switch (sopt->sopt_name) { 61891ec0a1eSYoshinobu Inoue case MRT6_INIT: 61991ec0a1eSYoshinobu Inoue case MRT6_DONE: 62091ec0a1eSYoshinobu Inoue case MRT6_ADD_MIF: 62191ec0a1eSYoshinobu Inoue case MRT6_DEL_MIF: 62291ec0a1eSYoshinobu Inoue case MRT6_ADD_MFC: 62391ec0a1eSYoshinobu Inoue case MRT6_DEL_MFC: 62491ec0a1eSYoshinobu Inoue case MRT6_PIM: 6256be2e366SBruce M Simpson error = ip6_mrouter_set ? ip6_mrouter_set(so, sopt) : 6266be2e366SBruce M Simpson EOPNOTSUPP; 62791ec0a1eSYoshinobu Inoue break; 62802b9a206SHajimu UMEMOTO case IPV6_CHECKSUM: 62902b9a206SHajimu UMEMOTO error = ip6_raw_ctloutput(so, sopt); 63002b9a206SHajimu UMEMOTO break; 63182cd038dSYoshinobu Inoue default: 63282cd038dSYoshinobu Inoue error = ip6_ctloutput(so, sopt); 63382cd038dSYoshinobu Inoue break; 63482cd038dSYoshinobu Inoue } 63582cd038dSYoshinobu Inoue break; 63682cd038dSYoshinobu Inoue } 63782cd038dSYoshinobu Inoue 63882cd038dSYoshinobu Inoue return (error); 63982cd038dSYoshinobu Inoue } 64082cd038dSYoshinobu Inoue 64182cd038dSYoshinobu Inoue static int 642b40ce416SJulian Elischer rip6_attach(struct socket *so, int proto, struct thread *td) 64382cd038dSYoshinobu Inoue { 64482cd038dSYoshinobu Inoue struct inpcb *inp; 6458a9d54dfSSam Leffler struct icmp6_filter *filter; 646ff7425ceSRobert Watson int error; 64782cd038dSYoshinobu Inoue 64882cd038dSYoshinobu Inoue inp = sotoinpcb(so); 64914ba8addSRobert Watson KASSERT(inp == NULL, ("rip6_attach: inp != NULL")); 6500ae76120SRobert Watson 65179ba3952SBjoern A. Zeeb error = priv_check(td, PRIV_NETINET_RAW); 65279ba3952SBjoern A. Zeeb if (error) 6530ae76120SRobert Watson return (error); 65482cd038dSYoshinobu Inoue error = soreserve(so, rip_sendspace, rip_recvspace); 65514ba8addSRobert Watson if (error) 6560ae76120SRobert Watson return (error); 6571ede983cSDag-Erling Smørgrav filter = malloc(sizeof(struct icmp6_filter), M_PCB, M_NOWAIT); 65814ba8addSRobert Watson if (filter == NULL) 6590ae76120SRobert Watson return (ENOMEM); 660603724d3SBjoern A. Zeeb INP_INFO_WLOCK(&V_ripcbinfo); 661603724d3SBjoern A. Zeeb error = in_pcballoc(so, &V_ripcbinfo); 66207385abdSRobert Watson if (error) { 663603724d3SBjoern A. Zeeb INP_INFO_WUNLOCK(&V_ripcbinfo); 6641ede983cSDag-Erling Smørgrav free(filter, M_PCB); 6650ae76120SRobert Watson return (error); 66607385abdSRobert Watson } 66782cd038dSYoshinobu Inoue inp = (struct inpcb *)so->so_pcb; 668603724d3SBjoern A. Zeeb INP_INFO_WUNLOCK(&V_ripcbinfo); 66982cd038dSYoshinobu Inoue inp->inp_vflag |= INP_IPV6; 670fc384fa5SBjoern A. Zeeb inp->inp_ip_p = (long)proto; 67182cd038dSYoshinobu Inoue inp->in6p_hops = -1; /* use kernel default */ 67282cd038dSYoshinobu Inoue inp->in6p_cksum = -1; 6738a9d54dfSSam Leffler inp->in6p_icmp6filt = filter; 67482cd038dSYoshinobu Inoue ICMP6_FILTER_SETPASSALL(inp->in6p_icmp6filt); 6758501a69cSRobert Watson INP_WUNLOCK(inp); 6760ae76120SRobert Watson return (0); 67782cd038dSYoshinobu Inoue } 67882cd038dSYoshinobu Inoue 679bc725eafSRobert Watson static void 68082cd038dSYoshinobu Inoue rip6_detach(struct socket *so) 68182cd038dSYoshinobu Inoue { 68282cd038dSYoshinobu Inoue struct inpcb *inp; 68382cd038dSYoshinobu Inoue 68482cd038dSYoshinobu Inoue inp = sotoinpcb(so); 68514ba8addSRobert Watson KASSERT(inp != NULL, ("rip6_detach: inp == NULL")); 686a152f8a3SRobert Watson 68733cde130SBruce M Simpson if (so == V_ip6_mrouter && ip6_mrouter_done) 688e7e3ecb6SYoshinobu Inoue ip6_mrouter_done(); 6896be2e366SBruce M Simpson /* xxx: RSVP */ 690603724d3SBjoern A. Zeeb INP_INFO_WLOCK(&V_ripcbinfo); 6918501a69cSRobert Watson INP_WLOCK(inp); 6921ede983cSDag-Erling Smørgrav free(inp->in6p_icmp6filt, M_PCB); 6930206cdb8SBjoern A. Zeeb in_pcbdetach(inp); 6946aee2fc5SBjoern A. Zeeb in_pcbfree(inp); 695603724d3SBjoern A. Zeeb INP_INFO_WUNLOCK(&V_ripcbinfo); 69682cd038dSYoshinobu Inoue } 69782cd038dSYoshinobu Inoue 698a152f8a3SRobert Watson /* XXXRW: This can't ever be called. */ 699ac45e92fSRobert Watson static void 70082cd038dSYoshinobu Inoue rip6_abort(struct socket *so) 70182cd038dSYoshinobu Inoue { 702a152f8a3SRobert Watson struct inpcb *inp; 703a152f8a3SRobert Watson 704a152f8a3SRobert Watson inp = sotoinpcb(so); 705a152f8a3SRobert Watson KASSERT(inp != NULL, ("rip6_abort: inp == NULL")); 706a152f8a3SRobert Watson 70782cd038dSYoshinobu Inoue soisdisconnected(so); 708a152f8a3SRobert Watson } 709a152f8a3SRobert Watson 710a152f8a3SRobert Watson static void 711a152f8a3SRobert Watson rip6_close(struct socket *so) 712a152f8a3SRobert Watson { 713a152f8a3SRobert Watson struct inpcb *inp; 714a152f8a3SRobert Watson 715a152f8a3SRobert Watson inp = sotoinpcb(so); 716a152f8a3SRobert Watson KASSERT(inp != NULL, ("rip6_close: inp == NULL")); 717a152f8a3SRobert Watson 718a152f8a3SRobert Watson soisdisconnected(so); 71982cd038dSYoshinobu Inoue } 72082cd038dSYoshinobu Inoue 72182cd038dSYoshinobu Inoue static int 72282cd038dSYoshinobu Inoue rip6_disconnect(struct socket *so) 72382cd038dSYoshinobu Inoue { 7240ae76120SRobert Watson struct inpcb *inp; 7250ae76120SRobert Watson 7260ae76120SRobert Watson inp = sotoinpcb(so); 7270ae76120SRobert Watson KASSERT(inp != NULL, ("rip6_disconnect: inp == NULL")); 72882cd038dSYoshinobu Inoue 7294cc20ab1SSeigo Tanimura if ((so->so_state & SS_ISCONNECTED) == 0) 7300ae76120SRobert Watson return (ENOTCONN); 73182cd038dSYoshinobu Inoue inp->in6p_faddr = in6addr_any; 732ac45e92fSRobert Watson rip6_abort(so); 73314ba8addSRobert Watson return (0); 73482cd038dSYoshinobu Inoue } 73582cd038dSYoshinobu Inoue 73682cd038dSYoshinobu Inoue static int 737b40ce416SJulian Elischer rip6_bind(struct socket *so, struct sockaddr *nam, struct thread *td) 73882cd038dSYoshinobu Inoue { 7393af7f97cSGleb Smirnoff struct epoch_tracker et; 7400ae76120SRobert Watson struct inpcb *inp; 74182cd038dSYoshinobu Inoue struct sockaddr_in6 *addr = (struct sockaddr_in6 *)nam; 7428c0fec80SRobert Watson struct ifaddr *ifa = NULL; 743a1f7e5f8SHajimu UMEMOTO int error = 0; 74482cd038dSYoshinobu Inoue 7450ae76120SRobert Watson inp = sotoinpcb(so); 74614ba8addSRobert Watson KASSERT(inp != NULL, ("rip6_bind: inp == NULL")); 7470ae76120SRobert Watson 74882cd038dSYoshinobu Inoue if (nam->sa_len != sizeof(*addr)) 7490ae76120SRobert Watson return (EINVAL); 750b89e82ddSJamie Gritton if ((error = prison_check_ip6(td->td_ucred, &addr->sin6_addr)) != 0) 751b89e82ddSJamie Gritton return (error); 7524f6c66ccSMatt Macy if (CK_STAILQ_EMPTY(&V_ifnet) || addr->sin6_family != AF_INET6) 7530ae76120SRobert Watson return (EADDRNOTAVAIL); 754603724d3SBjoern A. Zeeb if ((error = sa6_embedscope(addr, V_ip6_use_defzone)) != 0) 755a1f7e5f8SHajimu UMEMOTO return (error); 756a1f7e5f8SHajimu UMEMOTO 7573af7f97cSGleb Smirnoff NET_EPOCH_ENTER(et); 75882cd038dSYoshinobu Inoue if (!IN6_IS_ADDR_UNSPECIFIED(&addr->sin6_addr) && 7593af7f97cSGleb Smirnoff (ifa = ifa_ifwithaddr((struct sockaddr *)addr)) == NULL) { 7603af7f97cSGleb Smirnoff NET_EPOCH_EXIT(et); 7610ae76120SRobert Watson return (EADDRNOTAVAIL); 7623af7f97cSGleb Smirnoff } 7638c0fec80SRobert Watson if (ifa != NULL && 7648c0fec80SRobert Watson ((struct in6_ifaddr *)ifa)->ia6_flags & 76582cd038dSYoshinobu Inoue (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY| 7663af7f97cSGleb Smirnoff IN6_IFF_DETACHED|IN6_IFF_DEPRECATED)) { 7673af7f97cSGleb Smirnoff NET_EPOCH_EXIT(et); 76882cd038dSYoshinobu Inoue return (EADDRNOTAVAIL); 7693af7f97cSGleb Smirnoff } 7703af7f97cSGleb Smirnoff NET_EPOCH_EXIT(et); 771603724d3SBjoern A. Zeeb INP_INFO_WLOCK(&V_ripcbinfo); 7728501a69cSRobert Watson INP_WLOCK(inp); 77382cd038dSYoshinobu Inoue inp->in6p_laddr = addr->sin6_addr; 7748501a69cSRobert Watson INP_WUNLOCK(inp); 775603724d3SBjoern A. Zeeb INP_INFO_WUNLOCK(&V_ripcbinfo); 7760ae76120SRobert Watson return (0); 77782cd038dSYoshinobu Inoue } 77882cd038dSYoshinobu Inoue 77982cd038dSYoshinobu Inoue static int 780b40ce416SJulian Elischer rip6_connect(struct socket *so, struct sockaddr *nam, struct thread *td) 78182cd038dSYoshinobu Inoue { 7820ae76120SRobert Watson struct inpcb *inp; 78382cd038dSYoshinobu Inoue struct sockaddr_in6 *addr = (struct sockaddr_in6 *)nam; 78488d166bfSBjoern A. Zeeb struct in6_addr in6a; 785a1f7e5f8SHajimu UMEMOTO int error = 0, scope_ambiguous = 0; 78682cd038dSYoshinobu Inoue 7870ae76120SRobert Watson inp = sotoinpcb(so); 78814ba8addSRobert Watson KASSERT(inp != NULL, ("rip6_connect: inp == NULL")); 7890ae76120SRobert Watson 79082cd038dSYoshinobu Inoue if (nam->sa_len != sizeof(*addr)) 7910ae76120SRobert Watson return (EINVAL); 7924f6c66ccSMatt Macy if (CK_STAILQ_EMPTY(&V_ifnet)) 7930ae76120SRobert Watson return (EADDRNOTAVAIL); 79482cd038dSYoshinobu Inoue if (addr->sin6_family != AF_INET6) 7950ae76120SRobert Watson return (EAFNOSUPPORT); 796a1f7e5f8SHajimu UMEMOTO 797a1f7e5f8SHajimu UMEMOTO /* 7980ae76120SRobert Watson * Application should provide a proper zone ID or the use of default 7990ae76120SRobert Watson * zone IDs should be enabled. Unfortunately, some applications do 8000ae76120SRobert Watson * not behave as it should, so we need a workaround. Even if an 8010ae76120SRobert Watson * appropriate ID is not determined, we'll see if we can determine 8020ae76120SRobert Watson * the outgoing interface. If we can, determine the zone ID based on 8030ae76120SRobert Watson * the interface below. 804a1f7e5f8SHajimu UMEMOTO */ 805603724d3SBjoern A. Zeeb if (addr->sin6_scope_id == 0 && !V_ip6_use_defzone) 806a1f7e5f8SHajimu UMEMOTO scope_ambiguous = 1; 807603724d3SBjoern A. Zeeb if ((error = sa6_embedscope(addr, V_ip6_use_defzone)) != 0) 808a1f7e5f8SHajimu UMEMOTO return (error); 809a1f7e5f8SHajimu UMEMOTO 810603724d3SBjoern A. Zeeb INP_INFO_WLOCK(&V_ripcbinfo); 8118501a69cSRobert Watson INP_WLOCK(inp); 81282cd038dSYoshinobu Inoue /* Source address selection. XXX: need pcblookup? */ 813601c0b8bSAlexander V. Chernikov error = in6_selectsrc_socket(addr, inp->in6p_outputopts, 814601c0b8bSAlexander V. Chernikov inp, so->so_cred, scope_ambiguous, &in6a, NULL); 81588d166bfSBjoern A. Zeeb if (error) { 8168501a69cSRobert Watson INP_WUNLOCK(inp); 817603724d3SBjoern A. Zeeb INP_INFO_WUNLOCK(&V_ripcbinfo); 81888d166bfSBjoern A. Zeeb return (error); 81907385abdSRobert Watson } 820a1f7e5f8SHajimu UMEMOTO 82182cd038dSYoshinobu Inoue inp->in6p_faddr = addr->sin6_addr; 82288d166bfSBjoern A. Zeeb inp->in6p_laddr = in6a; 82382cd038dSYoshinobu Inoue soisconnected(so); 8248501a69cSRobert Watson INP_WUNLOCK(inp); 825603724d3SBjoern A. Zeeb INP_INFO_WUNLOCK(&V_ripcbinfo); 8260ae76120SRobert Watson return (0); 82782cd038dSYoshinobu Inoue } 82882cd038dSYoshinobu Inoue 82982cd038dSYoshinobu Inoue static int 83082cd038dSYoshinobu Inoue rip6_shutdown(struct socket *so) 83182cd038dSYoshinobu Inoue { 83207385abdSRobert Watson struct inpcb *inp; 83307385abdSRobert Watson 83407385abdSRobert Watson inp = sotoinpcb(so); 83514ba8addSRobert Watson KASSERT(inp != NULL, ("rip6_shutdown: inp == NULL")); 8360ae76120SRobert Watson 8378501a69cSRobert Watson INP_WLOCK(inp); 83882cd038dSYoshinobu Inoue socantsendmore(so); 8398501a69cSRobert Watson INP_WUNLOCK(inp); 8400ae76120SRobert Watson return (0); 84182cd038dSYoshinobu Inoue } 84282cd038dSYoshinobu Inoue 84382cd038dSYoshinobu Inoue static int 84482cd038dSYoshinobu Inoue rip6_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, 845b40ce416SJulian Elischer struct mbuf *control, struct thread *td) 84682cd038dSYoshinobu Inoue { 8470ae76120SRobert Watson struct inpcb *inp; 84882cd038dSYoshinobu Inoue struct sockaddr_in6 tmp; 84982cd038dSYoshinobu Inoue struct sockaddr_in6 *dst; 85007385abdSRobert Watson int ret; 85182cd038dSYoshinobu Inoue 8520ae76120SRobert Watson inp = sotoinpcb(so); 85314ba8addSRobert Watson KASSERT(inp != NULL, ("rip6_send: inp == NULL")); 8540ae76120SRobert Watson 8550ae76120SRobert Watson /* Always copy sockaddr to avoid overwrites. */ 85607385abdSRobert Watson /* Unlocked read. */ 85782cd038dSYoshinobu Inoue if (so->so_state & SS_ISCONNECTED) { 85882cd038dSYoshinobu Inoue if (nam) { 85982cd038dSYoshinobu Inoue m_freem(m); 8600ae76120SRobert Watson return (EISCONN); 86182cd038dSYoshinobu Inoue } 86282cd038dSYoshinobu Inoue /* XXX */ 86382cd038dSYoshinobu Inoue bzero(&tmp, sizeof(tmp)); 86482cd038dSYoshinobu Inoue tmp.sin6_family = AF_INET6; 86582cd038dSYoshinobu Inoue tmp.sin6_len = sizeof(struct sockaddr_in6); 8662209e8f1SRobert Watson INP_RLOCK(inp); 86782cd038dSYoshinobu Inoue bcopy(&inp->in6p_faddr, &tmp.sin6_addr, 86882cd038dSYoshinobu Inoue sizeof(struct in6_addr)); 8692209e8f1SRobert Watson INP_RUNLOCK(inp); 87082cd038dSYoshinobu Inoue dst = &tmp; 87182cd038dSYoshinobu Inoue } else { 87282cd038dSYoshinobu Inoue if (nam == NULL) { 87382cd038dSYoshinobu Inoue m_freem(m); 8740ae76120SRobert Watson return (ENOTCONN); 87582cd038dSYoshinobu Inoue } 876a1f7e5f8SHajimu UMEMOTO if (nam->sa_len != sizeof(struct sockaddr_in6)) { 877a1f7e5f8SHajimu UMEMOTO m_freem(m); 878a1f7e5f8SHajimu UMEMOTO return (EINVAL); 879a1f7e5f8SHajimu UMEMOTO } 880686cdd19SJun-ichiro itojun Hagino tmp = *(struct sockaddr_in6 *)nam; 881686cdd19SJun-ichiro itojun Hagino dst = &tmp; 882a1f7e5f8SHajimu UMEMOTO 883a1f7e5f8SHajimu UMEMOTO if (dst->sin6_family == AF_UNSPEC) { 884a1f7e5f8SHajimu UMEMOTO /* 885a1f7e5f8SHajimu UMEMOTO * XXX: we allow this case for backward 886a1f7e5f8SHajimu UMEMOTO * compatibility to buggy applications that 887a1f7e5f8SHajimu UMEMOTO * rely on old (and wrong) kernel behavior. 888a1f7e5f8SHajimu UMEMOTO */ 889a1f7e5f8SHajimu UMEMOTO log(LOG_INFO, "rip6 SEND: address family is " 890a1f7e5f8SHajimu UMEMOTO "unspec. Assume AF_INET6\n"); 891a1f7e5f8SHajimu UMEMOTO dst->sin6_family = AF_INET6; 892a1f7e5f8SHajimu UMEMOTO } else if (dst->sin6_family != AF_INET6) { 893a1f7e5f8SHajimu UMEMOTO m_freem(m); 894a1f7e5f8SHajimu UMEMOTO return(EAFNOSUPPORT); 89582cd038dSYoshinobu Inoue } 896686cdd19SJun-ichiro itojun Hagino } 89707385abdSRobert Watson ret = rip6_output(m, so, dst, control); 89807385abdSRobert Watson return (ret); 89982cd038dSYoshinobu Inoue } 90082cd038dSYoshinobu Inoue 90182cd038dSYoshinobu Inoue struct pr_usrreqs rip6_usrreqs = { 902756d52a1SPoul-Henning Kamp .pru_abort = rip6_abort, 903756d52a1SPoul-Henning Kamp .pru_attach = rip6_attach, 904756d52a1SPoul-Henning Kamp .pru_bind = rip6_bind, 905756d52a1SPoul-Henning Kamp .pru_connect = rip6_connect, 906756d52a1SPoul-Henning Kamp .pru_control = in6_control, 907756d52a1SPoul-Henning Kamp .pru_detach = rip6_detach, 908756d52a1SPoul-Henning Kamp .pru_disconnect = rip6_disconnect, 90954d642bbSRobert Watson .pru_peeraddr = in6_getpeeraddr, 910756d52a1SPoul-Henning Kamp .pru_send = rip6_send, 911756d52a1SPoul-Henning Kamp .pru_shutdown = rip6_shutdown, 91254d642bbSRobert Watson .pru_sockaddr = in6_getsockaddr, 913a152f8a3SRobert Watson .pru_close = rip6_close, 91482cd038dSYoshinobu Inoue }; 915