if_gif.c revision 1.16
1 /* $NetBSD: if_gif.c,v 1.16 2000/10/07 04:18:04 itojun Exp $ */ 2 /* $KAME: if_gif.c,v 1.34 2000/10/07 03:58:53 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 #include "opt_inet.h" 34 35 #include <sys/param.h> 36 #include <sys/systm.h> 37 #include <sys/kernel.h> 38 #include <sys/mbuf.h> 39 #include <sys/socket.h> 40 #include <sys/sockio.h> 41 #include <sys/errno.h> 42 #include <sys/ioctl.h> 43 #include <sys/time.h> 44 #include <sys/syslog.h> 45 #include <sys/protosw.h> 46 #include <machine/cpu.h> 47 48 #include <net/if.h> 49 #include <net/if_types.h> 50 #include <net/netisr.h> 51 #include <net/route.h> 52 #include <net/bpf.h> 53 54 #include <netinet/in.h> 55 #include <netinet/in_systm.h> 56 #include <netinet/ip.h> 57 #ifdef INET 58 #include <netinet/in_var.h> 59 #include <netinet/in_gif.h> 60 #endif /* INET */ 61 62 #ifdef INET6 63 #ifndef INET 64 #include <netinet/in.h> 65 #endif 66 #include <netinet6/in6_var.h> 67 #include <netinet/ip6.h> 68 #include <netinet6/ip6_var.h> 69 #include <netinet6/in6_gif.h> 70 #include <netinet6/ip6protosw.h> 71 #endif /* INET6 */ 72 73 #include <netinet/ip_encap.h> 74 #include <net/if_gif.h> 75 76 #include "gif.h" 77 #include "bpfilter.h" 78 79 #include <net/net_osdep.h> 80 81 #if NGIF > 0 82 83 void gifattach __P((int)); 84 static int gif_encapcheck __P((const struct mbuf *, int, int, void *)); 85 #ifdef INET 86 extern struct protosw in_gif_protosw; 87 #endif 88 #ifdef INET6 89 extern struct ip6protosw in6_gif_protosw; 90 #endif 91 92 /* 93 * gif global variable definitions 94 */ 95 LIST_HEAD(, gif_softc) gif_softc_list; 96 97 int gif_clone_create __P((struct if_clone *, int)); 98 void gif_clone_destroy __P((struct ifnet *)); 99 100 struct if_clone gif_cloner = 101 IF_CLONE_INITIALIZER("gif", gif_clone_create, gif_clone_destroy); 102 103 void gif_delete_tunnel __P((struct gif_softc *)); 104 105 #ifndef MAX_GIF_NEST 106 /* 107 * This macro controls the upper limitation on nesting of gif tunnels. 108 * Since, setting a large value to this macro with a careless configuration 109 * may introduce system crash, we don't allow any nestings by default. 110 * If you need to configure nested gif tunnels, you can define this macro 111 * in your kernel configuration file. However, if you do so, please be 112 * careful to configure the tunnels so that it won't make a loop. 113 */ 114 #define MAX_GIF_NEST 1 115 #endif 116 static int max_gif_nesting = MAX_GIF_NEST; 117 118 /* ARGSUSED */ 119 void 120 gifattach(count) 121 int count; 122 { 123 124 LIST_INIT(&gif_softc_list); 125 if_clone_attach(&gif_cloner); 126 } 127 128 int 129 gif_clone_create(ifc, unit) 130 struct if_clone *ifc; 131 int unit; 132 { 133 struct gif_softc *sc; 134 135 sc = malloc(sizeof(struct gif_softc), M_DEVBUF, M_WAIT); 136 bzero(sc, sizeof(struct gif_softc)); 137 138 sprintf(sc->gif_if.if_xname, "%s%d", ifc->ifc_name, unit); 139 140 sc->encap_cookie4 = sc->encap_cookie6 = NULL; 141 #ifdef INET 142 sc->encap_cookie4 = encap_attach_func(AF_INET, -1, 143 gif_encapcheck, &in_gif_protosw, sc); 144 if (sc->encap_cookie4 == NULL) { 145 printf("%s: unable to attach encap4\n", if_name(&sc->gif_if)); 146 free(sc, M_DEVBUF); 147 return (EIO); /* XXX */ 148 } 149 #endif 150 #ifdef INET6 151 sc->encap_cookie6 = encap_attach_func(AF_INET6, -1, 152 gif_encapcheck, (struct protosw *)&in6_gif_protosw, sc); 153 if (sc->encap_cookie6 == NULL) { 154 if (sc->encap_cookie4) { 155 encap_detach(sc->encap_cookie4); 156 sc->encap_cookie4 = NULL; 157 } 158 printf("%s: unable to attach encap6\n", if_name(&sc->gif_if)); 159 free(sc, M_DEVBUF); 160 return (EIO); /* XXX */ 161 } 162 #endif 163 164 sc->gif_if.if_mtu = GIF_MTU; 165 sc->gif_if.if_flags = IFF_POINTOPOINT | IFF_MULTICAST; 166 sc->gif_if.if_ioctl = gif_ioctl; 167 sc->gif_if.if_output = gif_output; 168 sc->gif_if.if_type = IFT_GIF; 169 if_attach(&sc->gif_if); 170 #if NBPFILTER > 0 171 #ifdef HAVE_OLD_BPF 172 bpfattach(&sc->gif_if, DLT_NULL, sizeof(u_int)); 173 #else 174 bpfattach(&sc->gif_if.if_bpf, &sc->gif_if, DLT_NULL, sizeof(u_int)); 175 #endif 176 #endif 177 LIST_INSERT_HEAD(&gif_softc_list, sc, gif_list); 178 return (0); 179 } 180 181 void 182 gif_clone_destroy(ifp) 183 struct ifnet *ifp; 184 { 185 struct gif_softc *sc = (void *) ifp; 186 187 gif_delete_tunnel(sc); 188 LIST_REMOVE(sc, gif_list); 189 #ifdef INET6 190 encap_detach(sc->encap_cookie6); 191 #endif 192 #ifdef INET 193 encap_detach(sc->encap_cookie4); 194 #endif 195 196 #if NBPFILTER > 0 197 bpfdetach(ifp); 198 #endif 199 if_detach(ifp); 200 201 free(sc, M_DEVBUF); 202 } 203 204 static int 205 gif_encapcheck(m, off, proto, arg) 206 const struct mbuf *m; 207 int off; 208 int proto; 209 void *arg; 210 { 211 struct ip ip; 212 struct gif_softc *sc; 213 214 sc = (struct gif_softc *)arg; 215 if (sc == NULL) 216 return 0; 217 218 if ((sc->gif_if.if_flags & IFF_UP) == 0) 219 return 0; 220 221 /* no physical address */ 222 if (!sc->gif_psrc || !sc->gif_pdst) 223 return 0; 224 225 switch (proto) { 226 #ifdef INET 227 case IPPROTO_IPV4: 228 break; 229 #endif 230 #ifdef INET6 231 case IPPROTO_IPV6: 232 break; 233 #endif 234 default: 235 return 0; 236 } 237 238 /* LINTED const cast */ 239 m_copydata((struct mbuf *)m, 0, sizeof(ip), (caddr_t)&ip); 240 241 switch (ip.ip_v) { 242 #ifdef INET 243 case 4: 244 if (sc->gif_psrc->sa_family != AF_INET || 245 sc->gif_pdst->sa_family != AF_INET) 246 return 0; 247 return gif_encapcheck4(m, off, proto, arg); 248 #endif 249 #ifdef INET6 250 case 6: 251 if (sc->gif_psrc->sa_family != AF_INET6 || 252 sc->gif_pdst->sa_family != AF_INET6) 253 return 0; 254 return gif_encapcheck6(m, off, proto, arg); 255 #endif 256 default: 257 return 0; 258 } 259 } 260 261 int 262 gif_output(ifp, m, dst, rt) 263 struct ifnet *ifp; 264 struct mbuf *m; 265 struct sockaddr *dst; 266 struct rtentry *rt; /* added in net2 */ 267 { 268 register struct gif_softc *sc = (struct gif_softc*)ifp; 269 int error = 0; 270 static int called = 0; /* XXX: MUTEX */ 271 272 /* 273 * gif may cause infinite recursion calls when misconfigured. 274 * We'll prevent this by introducing upper limit. 275 * XXX: this mechanism may introduce another problem about 276 * mutual exclusion of the variable CALLED, especially if we 277 * use kernel thread. 278 */ 279 if (++called > max_gif_nesting) { 280 log(LOG_NOTICE, 281 "gif_output: recursively called too many times(%d)\n", 282 called); 283 m_freem(m); 284 error = EIO; /* is there better errno? */ 285 goto end; 286 } 287 288 ifp->if_lastchange = time; 289 m->m_flags &= ~(M_BCAST|M_MCAST); 290 if (!(ifp->if_flags & IFF_UP) || 291 sc->gif_psrc == NULL || sc->gif_pdst == NULL) { 292 m_freem(m); 293 error = ENETDOWN; 294 goto end; 295 } 296 297 #if NBPFILTER > 0 298 if (ifp->if_bpf) { 299 /* 300 * We need to prepend the address family as 301 * a four byte field. Cons up a dummy header 302 * to pacify bpf. This is safe because bpf 303 * will only read from the mbuf (i.e., it won't 304 * try to free it or keep a pointer a to it). 305 */ 306 struct mbuf m0; 307 u_int af = dst->sa_family; 308 309 m0.m_next = m; 310 m0.m_len = 4; 311 m0.m_data = (char *)⁡ 312 313 #ifdef HAVE_OLD_BPF 314 bpf_mtap(ifp, &m0); 315 #else 316 bpf_mtap(ifp->if_bpf, &m0); 317 #endif 318 } 319 #endif 320 ifp->if_opackets++; 321 ifp->if_obytes += m->m_pkthdr.len; 322 323 /* XXX should we check if our outer source is legal? */ 324 325 switch (sc->gif_psrc->sa_family) { 326 #ifdef INET 327 case AF_INET: 328 error = in_gif_output(ifp, dst->sa_family, m, rt); 329 break; 330 #endif 331 #ifdef INET6 332 case AF_INET6: 333 error = in6_gif_output(ifp, dst->sa_family, m, rt); 334 break; 335 #endif 336 default: 337 m_freem(m); 338 error = ENETDOWN; 339 } 340 341 end: 342 called = 0; /* reset recursion counter */ 343 if (error) ifp->if_oerrors++; 344 return error; 345 } 346 347 void 348 gif_input(m, af, gifp) 349 struct mbuf *m; 350 int af; 351 struct ifnet *gifp; 352 { 353 int s, isr; 354 register struct ifqueue *ifq = 0; 355 356 if (gifp == NULL) { 357 /* just in case */ 358 m_freem(m); 359 return; 360 } 361 362 m->m_pkthdr.rcvif = gifp; 363 364 #if NBPFILTER > 0 365 if (gifp->if_bpf) { 366 /* 367 * We need to prepend the address family as 368 * a four byte field. Cons up a dummy header 369 * to pacify bpf. This is safe because bpf 370 * will only read from the mbuf (i.e., it won't 371 * try to free it or keep a pointer a to it). 372 */ 373 struct mbuf m0; 374 u_int af = AF_INET6; 375 376 m0.m_next = m; 377 m0.m_len = 4; 378 m0.m_data = (char *)⁡ 379 380 #ifdef HAVE_OLD_BPF 381 bpf_mtap(gifp, &m0); 382 #else 383 bpf_mtap(gifp->if_bpf, &m0); 384 #endif 385 } 386 #endif /*NBPFILTER > 0*/ 387 388 /* 389 * Put the packet to the network layer input queue according to the 390 * specified address family. 391 * Note: older versions of gif_input directly called network layer 392 * input functions, e.g. ip6_input, here. We changed the policy to 393 * prevent too many recursive calls of such input functions, which 394 * might cause kernel panic. But the change may introduce another 395 * problem; if the input queue is full, packets are discarded. 396 * We believed it rarely occurs and changed the policy. If we find 397 * it occurs more times than we thought, we may change the policy 398 * again. 399 */ 400 switch (af) { 401 #ifdef INET 402 case AF_INET: 403 ifq = &ipintrq; 404 isr = NETISR_IP; 405 break; 406 #endif 407 #ifdef INET6 408 case AF_INET6: 409 ifq = &ip6intrq; 410 isr = NETISR_IPV6; 411 break; 412 #endif 413 default: 414 m_freem(m); 415 return; 416 } 417 418 s = splimp(); 419 if (IF_QFULL(ifq)) { 420 IF_DROP(ifq); /* update statistics */ 421 m_freem(m); 422 splx(s); 423 return; 424 } 425 IF_ENQUEUE(ifq, m); 426 /* we need schednetisr since the address family may change */ 427 schednetisr(isr); 428 gifp->if_ipackets++; 429 gifp->if_ibytes += m->m_pkthdr.len; 430 splx(s); 431 432 return; 433 } 434 435 /* XXX how should we handle IPv6 scope on SIOC[GS]IFPHYADDR? */ 436 int 437 gif_ioctl(ifp, cmd, data) 438 struct ifnet *ifp; 439 u_long cmd; 440 caddr_t data; 441 { 442 struct gif_softc *sc = (struct gif_softc*)ifp; 443 struct ifreq *ifr = (struct ifreq*)data; 444 int error = 0, size; 445 struct sockaddr *dst, *src; 446 struct sockaddr *sa; 447 struct gif_softc *sc2; 448 449 switch (cmd) { 450 case SIOCSIFADDR: 451 break; 452 453 case SIOCSIFDSTADDR: 454 break; 455 456 case SIOCADDMULTI: 457 case SIOCDELMULTI: 458 switch (ifr->ifr_addr.sa_family) { 459 #ifdef INET 460 case AF_INET: /* IP supports Multicast */ 461 break; 462 #endif /* INET */ 463 #ifdef INET6 464 case AF_INET6: /* IP6 supports Multicast */ 465 break; 466 #endif /* INET6 */ 467 default: /* Other protocols doesn't support Multicast */ 468 error = EAFNOSUPPORT; 469 break; 470 } 471 break; 472 473 #ifdef SIOCSIFMTU /* xxx */ 474 case SIOCGIFMTU: 475 break; 476 477 case SIOCSIFMTU: 478 { 479 u_long mtu; 480 mtu = ifr->ifr_mtu; 481 if (mtu < GIF_MTU_MIN || mtu > GIF_MTU_MAX) { 482 return (EINVAL); 483 } 484 ifp->if_mtu = mtu; 485 } 486 break; 487 #endif /* SIOCSIFMTU */ 488 489 case SIOCSIFPHYADDR: 490 #ifdef INET6 491 case SIOCSIFPHYADDR_IN6: 492 #endif /* INET6 */ 493 switch (cmd) { 494 #ifdef INET 495 case SIOCSIFPHYADDR: 496 src = (struct sockaddr *) 497 &(((struct in_aliasreq *)data)->ifra_addr); 498 dst = (struct sockaddr *) 499 &(((struct in_aliasreq *)data)->ifra_dstaddr); 500 if (src->sa_len != sizeof(struct sockaddr_in) || 501 dst->sa_len != sizeof(struct sockaddr_in)) 502 return EINVAL; 503 if (src->sa_family != AF_INET || 504 dst->sa_family != AF_INET) 505 return EAFNOSUPPORT; 506 break; 507 #endif 508 #ifdef INET6 509 case SIOCSIFPHYADDR_IN6: 510 src = (struct sockaddr *) 511 &(((struct in6_aliasreq *)data)->ifra_addr); 512 dst = (struct sockaddr *) 513 &(((struct in6_aliasreq *)data)->ifra_dstaddr); 514 if (src->sa_len != sizeof(struct sockaddr_in6) || 515 dst->sa_len != sizeof(struct sockaddr_in6)) 516 return EINVAL; 517 if (src->sa_family != AF_INET6 || 518 dst->sa_family != AF_INET6) 519 return EAFNOSUPPORT; 520 break; 521 #endif 522 } 523 524 for (sc2 = LIST_FIRST(&gif_softc_list); sc2 != NULL; 525 sc2 = LIST_NEXT(sc2, gif_list)) { 526 if (sc2 == sc) 527 continue; 528 if (!sc2->gif_pdst || !sc2->gif_psrc) 529 continue; 530 if (sc2->gif_pdst->sa_family != dst->sa_family || 531 sc2->gif_pdst->sa_len != dst->sa_len || 532 sc2->gif_psrc->sa_family != src->sa_family || 533 sc2->gif_psrc->sa_len != src->sa_len) 534 continue; 535 536 /* can't configure same pair of address onto two gifs */ 537 if (bcmp(sc2->gif_pdst, dst, dst->sa_len) == 0 && 538 bcmp(sc2->gif_psrc, src, src->sa_len) == 0) { 539 error = EADDRNOTAVAIL; 540 goto bad; 541 } 542 543 /* can't configure multiple multi-dest interfaces */ 544 #define multidest(x) \ 545 (((struct sockaddr_in *)(x))->sin_addr.s_addr == INADDR_ANY) 546 #ifdef INET6 547 #define multidest6(x) \ 548 (IN6_IS_ADDR_UNSPECIFIED(&((struct sockaddr_in6 *)(x))->sin6_addr)) 549 #endif 550 if (dst->sa_family == AF_INET && 551 multidest(dst) && multidest(sc2->gif_pdst)) { 552 error = EADDRNOTAVAIL; 553 goto bad; 554 } 555 #ifdef INET6 556 if (dst->sa_family == AF_INET6 && 557 multidest6(dst) && multidest6(sc2->gif_pdst)) { 558 error = EADDRNOTAVAIL; 559 goto bad; 560 } 561 #endif 562 } 563 564 if (src->sa_family != dst->sa_family || 565 src->sa_len != dst->sa_len) { 566 error = EINVAL; 567 break; 568 } 569 switch (src->sa_family) { 570 #ifdef INET 571 case AF_INET: 572 size = sizeof(struct sockaddr_in); 573 break; 574 #endif 575 #ifdef INET6 576 case AF_INET6: 577 size = sizeof(struct sockaddr_in6); 578 break; 579 #endif 580 default: 581 error = EAFNOSUPPORT; 582 goto bad; 583 } 584 if (src->sa_len != size) { 585 error = EINVAL; 586 break; 587 } 588 589 if (sc->gif_psrc) 590 free((caddr_t)sc->gif_psrc, M_IFADDR); 591 sa = (struct sockaddr *)malloc(size, M_IFADDR, M_WAITOK); 592 bcopy((caddr_t)src, (caddr_t)sa, size); 593 sc->gif_psrc = sa; 594 595 if (sc->gif_pdst) 596 free((caddr_t)sc->gif_pdst, M_IFADDR); 597 sa = (struct sockaddr *)malloc(size, M_IFADDR, M_WAITOK); 598 bcopy((caddr_t)dst, (caddr_t)sa, size); 599 sc->gif_pdst = sa; 600 601 ifp->if_flags |= IFF_UP; 602 if_up(ifp); /* send up RTM_IFINFO */ 603 604 error = 0; 605 break; 606 607 #ifdef SIOCDIFPHYADDR 608 case SIOCDIFPHYADDR: 609 gif_delete_tunnel(sc); 610 break; 611 #endif 612 613 case SIOCGIFPSRCADDR: 614 #ifdef INET6 615 case SIOCGIFPSRCADDR_IN6: 616 #endif /* INET6 */ 617 if (sc->gif_psrc == NULL) { 618 error = EADDRNOTAVAIL; 619 goto bad; 620 } 621 src = sc->gif_psrc; 622 switch (cmd) { 623 #ifdef INET 624 case SIOCGIFPSRCADDR: 625 dst = &ifr->ifr_addr; 626 size = sizeof(ifr->ifr_addr); 627 break; 628 #endif /* INET */ 629 #ifdef INET6 630 case SIOCGIFPSRCADDR_IN6: 631 dst = (struct sockaddr *) 632 &(((struct in6_ifreq *)data)->ifr_addr); 633 size = sizeof(((struct in6_ifreq *)data)->ifr_addr); 634 break; 635 #endif /* INET6 */ 636 default: 637 error = EADDRNOTAVAIL; 638 goto bad; 639 } 640 if (src->sa_len > size) 641 return EINVAL; 642 bcopy((caddr_t)src, (caddr_t)dst, src->sa_len); 643 break; 644 645 case SIOCGIFPDSTADDR: 646 #ifdef INET6 647 case SIOCGIFPDSTADDR_IN6: 648 #endif /* INET6 */ 649 if (sc->gif_pdst == NULL) { 650 error = EADDRNOTAVAIL; 651 goto bad; 652 } 653 src = sc->gif_pdst; 654 switch (cmd) { 655 #ifdef INET 656 case SIOCGIFPDSTADDR: 657 dst = &ifr->ifr_addr; 658 size = sizeof(ifr->ifr_addr); 659 break; 660 #endif /* INET */ 661 #ifdef INET6 662 case SIOCGIFPDSTADDR_IN6: 663 dst = (struct sockaddr *) 664 &(((struct in6_ifreq *)data)->ifr_addr); 665 size = sizeof(((struct in6_ifreq *)data)->ifr_addr); 666 break; 667 #endif /* INET6 */ 668 default: 669 error = EADDRNOTAVAIL; 670 goto bad; 671 } 672 if (src->sa_len > size) 673 return EINVAL; 674 bcopy((caddr_t)src, (caddr_t)dst, src->sa_len); 675 break; 676 677 case SIOCSIFFLAGS: 678 /* if_ioctl() takes care of it */ 679 break; 680 681 default: 682 error = EINVAL; 683 break; 684 } 685 bad: 686 return error; 687 } 688 689 void 690 gif_delete_tunnel(sc) 691 struct gif_softc *sc; 692 { 693 int s; 694 695 s = splsoftnet(); 696 697 if (sc->gif_psrc) { 698 free((caddr_t)sc->gif_psrc, M_IFADDR); 699 sc->gif_psrc = NULL; 700 } 701 if (sc->gif_pdst) { 702 free((caddr_t)sc->gif_pdst, M_IFADDR); 703 sc->gif_pdst = NULL; 704 } 705 /* change the IFF_UP flag as well? */ 706 707 splx(s); 708 } 709 #endif /*NGIF > 0*/ 710
Indexes created Wed Sep 24 05:09:52 GMT 2025