in6.c revision 1.97
1 /* $NetBSD: in6.c,v 1.97 2006/03/03 14:07:06 rpaulo Exp $ */ 2 /* $KAME: in6.c,v 1.198 2001/07/18 09:12:38 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1991, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 * 61 * @(#)in.c 8.2 (Berkeley) 11/15/93 62 */ 63 64 #include <sys/cdefs.h> 65 __KERNEL_RCSID(0, "$NetBSD: in6.c,v 1.97 2006/03/03 14:07:06 rpaulo Exp $"); 66 67 #include "opt_inet.h" 68 #include "opt_pfil_hooks.h" 69 70 #include <sys/param.h> 71 #include <sys/ioctl.h> 72 #include <sys/errno.h> 73 #include <sys/malloc.h> 74 #include <sys/socket.h> 75 #include <sys/socketvar.h> 76 #include <sys/sockio.h> 77 #include <sys/systm.h> 78 #include <sys/proc.h> 79 #include <sys/time.h> 80 #include <sys/kernel.h> 81 #include <sys/syslog.h> 82 83 #include <net/if.h> 84 #include <net/if_types.h> 85 #include <net/route.h> 86 #include <net/if_dl.h> 87 88 #include <netinet/in.h> 89 #include <netinet/in_var.h> 90 #include <net/if_ether.h> 91 92 #include <netinet/ip6.h> 93 #include <netinet6/ip6_var.h> 94 #include <netinet6/nd6.h> 95 #include <netinet6/mld6_var.h> 96 #include <netinet6/ip6_mroute.h> 97 #include <netinet6/in6_ifattach.h> 98 #include <netinet6/scope6_var.h> 99 100 #include <net/net_osdep.h> 101 102 #ifdef PFIL_HOOKS 103 #include <net/pfil.h> 104 #endif 105 106 MALLOC_DEFINE(M_IP6OPT, "ip6_options", "IPv6 options"); 107 108 /* enable backward compatibility code for obsoleted ioctls */ 109 #define COMPAT_IN6IFIOCTL 110 111 /* 112 * Definitions of some constant IP6 addresses. 113 */ 114 const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT; 115 const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT; 116 const struct in6_addr in6addr_nodelocal_allnodes = 117 IN6ADDR_NODELOCAL_ALLNODES_INIT; 118 const struct in6_addr in6addr_linklocal_allnodes = 119 IN6ADDR_LINKLOCAL_ALLNODES_INIT; 120 const struct in6_addr in6addr_linklocal_allrouters = 121 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT; 122 123 const struct in6_addr in6mask0 = IN6MASK0; 124 const struct in6_addr in6mask32 = IN6MASK32; 125 const struct in6_addr in6mask64 = IN6MASK64; 126 const struct in6_addr in6mask96 = IN6MASK96; 127 const struct in6_addr in6mask128 = IN6MASK128; 128 129 const struct sockaddr_in6 sa6_any = {sizeof(sa6_any), AF_INET6, 130 0, 0, IN6ADDR_ANY_INIT, 0}; 131 132 static int in6_lifaddr_ioctl __P((struct socket *, u_long, caddr_t, 133 struct ifnet *, struct proc *)); 134 static int in6_ifinit __P((struct ifnet *, struct in6_ifaddr *, 135 struct sockaddr_in6 *, int)); 136 static void in6_unlink_ifa __P((struct in6_ifaddr *, struct ifnet *)); 137 138 /* 139 * This structure is used to keep track of in6_multi chains which belong to 140 * deleted interface addresses. 141 */ 142 static LIST_HEAD(, multi6_kludge) in6_mk; /* XXX BSS initialization */ 143 144 struct multi6_kludge { 145 LIST_ENTRY(multi6_kludge) mk_entry; 146 struct ifnet *mk_ifp; 147 struct in6_multihead mk_head; 148 }; 149 150 /* 151 * Subroutine for in6_ifaddloop() and in6_ifremloop(). 152 * This routine does actual work. 153 */ 154 static void 155 in6_ifloop_request(int cmd, struct ifaddr *ifa) 156 { 157 struct sockaddr_in6 lo_sa; 158 struct sockaddr_in6 all1_sa; 159 struct rtentry *nrt = NULL; 160 int e; 161 162 bzero(&lo_sa, sizeof(lo_sa)); 163 bzero(&all1_sa, sizeof(all1_sa)); 164 lo_sa.sin6_family = all1_sa.sin6_family = AF_INET6; 165 lo_sa.sin6_len = all1_sa.sin6_len = sizeof(struct sockaddr_in6); 166 lo_sa.sin6_addr = in6addr_loopback; 167 all1_sa.sin6_addr = in6mask128; 168 169 /* 170 * We specify the address itself as the gateway, and set the 171 * RTF_LLINFO flag, so that the corresponding host route would have 172 * the flag, and thus applications that assume traditional behavior 173 * would be happy. Note that we assume the caller of the function 174 * (probably implicitly) set nd6_rtrequest() to ifa->ifa_rtrequest, 175 * which changes the outgoing interface to the loopback interface. 176 */ 177 e = rtrequest(cmd, ifa->ifa_addr, ifa->ifa_addr, 178 (struct sockaddr *)&all1_sa, RTF_UP|RTF_HOST|RTF_LLINFO, &nrt); 179 if (e != 0) { 180 log(LOG_ERR, "in6_ifloop_request: " 181 "%s operation failed for %s (errno=%d)\n", 182 cmd == RTM_ADD ? "ADD" : "DELETE", 183 ip6_sprintf(&((struct in6_ifaddr *)ifa)->ia_addr.sin6_addr), 184 e); 185 } 186 187 /* 188 * Make sure rt_ifa be equal to IFA, the second argument of the 189 * function. 190 * We need this because when we refer to rt_ifa->ia6_flags in 191 * ip6_input, we assume that the rt_ifa points to the address instead 192 * of the loopback address. 193 */ 194 if (cmd == RTM_ADD && nrt && ifa != nrt->rt_ifa) { 195 IFAFREE(nrt->rt_ifa); 196 IFAREF(ifa); 197 nrt->rt_ifa = ifa; 198 } 199 200 /* 201 * Report the addition/removal of the address to the routing socket. 202 * XXX: since we called rtinit for a p2p interface with a destination, 203 * we end up reporting twice in such a case. Should we rather 204 * omit the second report? 205 */ 206 if (nrt) { 207 rt_newaddrmsg(cmd, ifa, e, nrt); 208 if (cmd == RTM_DELETE) { 209 if (nrt->rt_refcnt <= 0) { 210 /* XXX: we should free the entry ourselves. */ 211 nrt->rt_refcnt++; 212 rtfree(nrt); 213 } 214 } else { 215 /* the cmd must be RTM_ADD here */ 216 nrt->rt_refcnt--; 217 } 218 } 219 } 220 221 /* 222 * Add ownaddr as loopback rtentry. We previously add the route only if 223 * necessary (ex. on a p2p link). However, since we now manage addresses 224 * separately from prefixes, we should always add the route. We can't 225 * rely on the cloning mechanism from the corresponding interface route 226 * any more. 227 */ 228 static void 229 in6_ifaddloop(struct ifaddr *ifa) 230 { 231 struct rtentry *rt; 232 233 /* If there is no loopback entry, allocate one. */ 234 rt = rtalloc1(ifa->ifa_addr, 0); 235 if (rt == NULL || (rt->rt_flags & RTF_HOST) == 0 || 236 (rt->rt_ifp->if_flags & IFF_LOOPBACK) == 0) 237 in6_ifloop_request(RTM_ADD, ifa); 238 if (rt) 239 rt->rt_refcnt--; 240 } 241 242 /* 243 * Remove loopback rtentry of ownaddr generated by in6_ifaddloop(), 244 * if it exists. 245 */ 246 static void 247 in6_ifremloop(struct ifaddr *ifa) 248 { 249 struct in6_ifaddr *ia; 250 struct rtentry *rt; 251 int ia_count = 0; 252 253 /* 254 * Some of BSD variants do not remove cloned routes 255 * from an interface direct route, when removing the direct route 256 * (see comments in net/net_osdep.h). Even for variants that do remove 257 * cloned routes, they could fail to remove the cloned routes when 258 * we handle multple addresses that share a common prefix. 259 * So, we should remove the route corresponding to the deleted address. 260 */ 261 262 /* 263 * Delete the entry only if exact one ifa exists. More than one ifa 264 * can exist if we assign a same single address to multiple 265 * (probably p2p) interfaces. 266 * XXX: we should avoid such a configuration in IPv6... 267 */ 268 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 269 if (IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &ia->ia_addr.sin6_addr)) { 270 ia_count++; 271 if (ia_count > 1) 272 break; 273 } 274 } 275 276 if (ia_count == 1) { 277 /* 278 * Before deleting, check if a corresponding loopbacked host 279 * route surely exists. With this check, we can avoid to 280 * delete an interface direct route whose destination is same 281 * as the address being removed. This can happen when removing 282 * a subnet-router anycast address on an interface attahced 283 * to a shared medium. 284 */ 285 rt = rtalloc1(ifa->ifa_addr, 0); 286 if (rt != NULL && (rt->rt_flags & RTF_HOST) != 0 && 287 (rt->rt_ifp->if_flags & IFF_LOOPBACK) != 0) { 288 rt->rt_refcnt--; 289 in6_ifloop_request(RTM_DELETE, ifa); 290 } 291 } 292 } 293 294 int 295 in6_mask2len(mask, lim0) 296 struct in6_addr *mask; 297 u_char *lim0; 298 { 299 int x = 0, y; 300 u_char *lim = lim0, *p; 301 302 /* ignore the scope_id part */ 303 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask)) 304 lim = (u_char *)mask + sizeof(*mask); 305 for (p = (u_char *)mask; p < lim; x++, p++) { 306 if (*p != 0xff) 307 break; 308 } 309 y = 0; 310 if (p < lim) { 311 for (y = 0; y < 8; y++) { 312 if ((*p & (0x80 >> y)) == 0) 313 break; 314 } 315 } 316 317 /* 318 * when the limit pointer is given, do a stricter check on the 319 * remaining bits. 320 */ 321 if (p < lim) { 322 if (y != 0 && (*p & (0x00ff >> y)) != 0) 323 return (-1); 324 for (p = p + 1; p < lim; p++) 325 if (*p != 0) 326 return (-1); 327 } 328 329 return x * 8 + y; 330 } 331 332 #define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa)) 333 #define ia62ifa(ia6) (&((ia6)->ia_ifa)) 334 335 int 336 in6_control(so, cmd, data, ifp, p) 337 struct socket *so; 338 u_long cmd; 339 caddr_t data; 340 struct ifnet *ifp; 341 struct proc *p; 342 { 343 struct in6_ifreq *ifr = (struct in6_ifreq *)data; 344 struct in6_ifaddr *ia = NULL; 345 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data; 346 struct sockaddr_in6 *sa6; 347 int error, privileged; 348 349 privileged = 0; 350 if (p && !suser(p->p_ucred, &p->p_acflag)) 351 privileged++; 352 353 switch (cmd) { 354 case SIOCGETSGCNT_IN6: 355 case SIOCGETMIFCNT_IN6: 356 return (mrt6_ioctl(cmd, data)); 357 } 358 359 if (ifp == NULL) 360 return (EOPNOTSUPP); 361 362 switch (cmd) { 363 case SIOCSNDFLUSH_IN6: 364 case SIOCSPFXFLUSH_IN6: 365 case SIOCSRTRFLUSH_IN6: 366 case SIOCSDEFIFACE_IN6: 367 case SIOCSIFINFO_FLAGS: 368 if (!privileged) 369 return (EPERM); 370 /* FALLTHROUGH */ 371 case OSIOCGIFINFO_IN6: 372 case SIOCGIFINFO_IN6: 373 case SIOCGDRLST_IN6: 374 case SIOCGPRLST_IN6: 375 case SIOCGNBRINFO_IN6: 376 case SIOCGDEFIFACE_IN6: 377 return (nd6_ioctl(cmd, data, ifp)); 378 } 379 380 switch (cmd) { 381 case SIOCSIFPREFIX_IN6: 382 case SIOCDIFPREFIX_IN6: 383 case SIOCAIFPREFIX_IN6: 384 case SIOCCIFPREFIX_IN6: 385 case SIOCSGIFPREFIX_IN6: 386 case SIOCGIFPREFIX_IN6: 387 log(LOG_NOTICE, 388 "prefix ioctls are now invalidated. " 389 "please use ifconfig.\n"); 390 return (EOPNOTSUPP); 391 } 392 393 switch (cmd) { 394 case SIOCALIFADDR: 395 case SIOCDLIFADDR: 396 if (!privileged) 397 return (EPERM); 398 /* FALLTHROUGH */ 399 case SIOCGLIFADDR: 400 return in6_lifaddr_ioctl(so, cmd, data, ifp, p); 401 } 402 403 /* 404 * Find address for this interface, if it exists. 405 * 406 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation 407 * only, and used the first interface address as the target of other 408 * operations (without checking ifra_addr). This was because netinet 409 * code/API assumed at most 1 interface address per interface. 410 * Since IPv6 allows a node to assign multiple addresses 411 * on a single interface, we almost always look and check the 412 * presence of ifra_addr, and reject invalid ones here. 413 * It also decreases duplicated code among SIOC*_IN6 operations. 414 */ 415 switch (cmd) { 416 case SIOCAIFADDR_IN6: 417 case SIOCSIFPHYADDR_IN6: 418 sa6 = &ifra->ifra_addr; 419 break; 420 case SIOCSIFADDR_IN6: 421 case SIOCGIFADDR_IN6: 422 case SIOCSIFDSTADDR_IN6: 423 case SIOCSIFNETMASK_IN6: 424 case SIOCGIFDSTADDR_IN6: 425 case SIOCGIFNETMASK_IN6: 426 case SIOCDIFADDR_IN6: 427 case SIOCGIFPSRCADDR_IN6: 428 case SIOCGIFPDSTADDR_IN6: 429 case SIOCGIFAFLAG_IN6: 430 case SIOCSNDFLUSH_IN6: 431 case SIOCSPFXFLUSH_IN6: 432 case SIOCSRTRFLUSH_IN6: 433 case SIOCGIFALIFETIME_IN6: 434 case SIOCSIFALIFETIME_IN6: 435 case SIOCGIFSTAT_IN6: 436 case SIOCGIFSTAT_ICMP6: 437 sa6 = &ifr->ifr_addr; 438 break; 439 default: 440 sa6 = NULL; 441 break; 442 } 443 if (sa6 && sa6->sin6_family == AF_INET6) { 444 if (sa6->sin6_scope_id != 0) 445 error = sa6_embedscope(sa6, 0); 446 else 447 error = in6_setscope(&sa6->sin6_addr, ifp, NULL); 448 if (error != 0) 449 return (error); 450 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr); 451 } else 452 ia = NULL; 453 454 switch (cmd) { 455 case SIOCSIFADDR_IN6: 456 case SIOCSIFDSTADDR_IN6: 457 case SIOCSIFNETMASK_IN6: 458 /* 459 * Since IPv6 allows a node to assign multiple addresses 460 * on a single interface, SIOCSIFxxx ioctls are deprecated. 461 */ 462 return (EINVAL); 463 464 case SIOCDIFADDR_IN6: 465 /* 466 * for IPv4, we look for existing in_ifaddr here to allow 467 * "ifconfig if0 delete" to remove the first IPv4 address on 468 * the interface. For IPv6, as the spec allows multiple 469 * interface address from the day one, we consider "remove the 470 * first one" semantics to be not preferable. 471 */ 472 if (ia == NULL) 473 return (EADDRNOTAVAIL); 474 /* FALLTHROUGH */ 475 case SIOCAIFADDR_IN6: 476 /* 477 * We always require users to specify a valid IPv6 address for 478 * the corresponding operation. 479 */ 480 if (ifra->ifra_addr.sin6_family != AF_INET6 || 481 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) 482 return (EAFNOSUPPORT); 483 if (!privileged) 484 return (EPERM); 485 486 break; 487 488 case SIOCGIFADDR_IN6: 489 /* This interface is basically deprecated. use SIOCGIFCONF. */ 490 /* FALLTHROUGH */ 491 case SIOCGIFAFLAG_IN6: 492 case SIOCGIFNETMASK_IN6: 493 case SIOCGIFDSTADDR_IN6: 494 case SIOCGIFALIFETIME_IN6: 495 /* must think again about its semantics */ 496 if (ia == NULL) 497 return (EADDRNOTAVAIL); 498 break; 499 case SIOCSIFALIFETIME_IN6: 500 { 501 struct in6_addrlifetime *lt; 502 503 if (!privileged) 504 return (EPERM); 505 if (ia == NULL) 506 return (EADDRNOTAVAIL); 507 /* sanity for overflow - beware unsigned */ 508 lt = &ifr->ifr_ifru.ifru_lifetime; 509 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME 510 && lt->ia6t_vltime + time.tv_sec < time.tv_sec) { 511 return EINVAL; 512 } 513 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME 514 && lt->ia6t_pltime + time.tv_sec < time.tv_sec) { 515 return EINVAL; 516 } 517 break; 518 } 519 } 520 521 switch (cmd) { 522 523 case SIOCGIFADDR_IN6: 524 ifr->ifr_addr = ia->ia_addr; 525 if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0) 526 return (error); 527 break; 528 529 case SIOCGIFDSTADDR_IN6: 530 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) 531 return (EINVAL); 532 /* 533 * XXX: should we check if ifa_dstaddr is NULL and return 534 * an error? 535 */ 536 ifr->ifr_dstaddr = ia->ia_dstaddr; 537 if ((error = sa6_recoverscope(&ifr->ifr_dstaddr)) != 0) 538 return (error); 539 break; 540 541 case SIOCGIFNETMASK_IN6: 542 ifr->ifr_addr = ia->ia_prefixmask; 543 break; 544 545 case SIOCGIFAFLAG_IN6: 546 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags; 547 break; 548 549 case SIOCGIFSTAT_IN6: 550 if (ifp == NULL) 551 return EINVAL; 552 bzero(&ifr->ifr_ifru.ifru_stat, 553 sizeof(ifr->ifr_ifru.ifru_stat)); 554 ifr->ifr_ifru.ifru_stat = 555 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat; 556 break; 557 558 case SIOCGIFSTAT_ICMP6: 559 if (ifp == NULL) 560 return EINVAL; 561 bzero(&ifr->ifr_ifru.ifru_icmp6stat, 562 sizeof(ifr->ifr_ifru.ifru_icmp6stat)); 563 ifr->ifr_ifru.ifru_icmp6stat = 564 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat; 565 break; 566 567 case SIOCGIFALIFETIME_IN6: 568 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime; 569 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 570 time_t maxexpire; 571 struct in6_addrlifetime *retlt = 572 &ifr->ifr_ifru.ifru_lifetime; 573 574 /* 575 * XXX: adjust expiration time assuming time_t is 576 * signed. 577 */ 578 maxexpire = (-1) & 579 ~(1 << ((sizeof(maxexpire) * 8) - 1)); 580 if (ia->ia6_lifetime.ia6t_vltime < 581 maxexpire - ia->ia6_updatetime) { 582 retlt->ia6t_expire = ia->ia6_updatetime + 583 ia->ia6_lifetime.ia6t_vltime; 584 } else 585 retlt->ia6t_expire = maxexpire; 586 } 587 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 588 time_t maxexpire; 589 struct in6_addrlifetime *retlt = 590 &ifr->ifr_ifru.ifru_lifetime; 591 592 /* 593 * XXX: adjust expiration time assuming time_t is 594 * signed. 595 */ 596 maxexpire = (-1) & 597 ~(1 << ((sizeof(maxexpire) * 8) - 1)); 598 if (ia->ia6_lifetime.ia6t_pltime < 599 maxexpire - ia->ia6_updatetime) { 600 retlt->ia6t_preferred = ia->ia6_updatetime + 601 ia->ia6_lifetime.ia6t_pltime; 602 } else 603 retlt->ia6t_preferred = maxexpire; 604 } 605 break; 606 607 case SIOCSIFALIFETIME_IN6: 608 ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime; 609 /* for sanity */ 610 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 611 ia->ia6_lifetime.ia6t_expire = 612 time.tv_sec + ia->ia6_lifetime.ia6t_vltime; 613 } else 614 ia->ia6_lifetime.ia6t_expire = 0; 615 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 616 ia->ia6_lifetime.ia6t_preferred = 617 time.tv_sec + ia->ia6_lifetime.ia6t_pltime; 618 } else 619 ia->ia6_lifetime.ia6t_preferred = 0; 620 break; 621 622 case SIOCAIFADDR_IN6: 623 { 624 int i; 625 struct nd_prefix pr0, *pr; 626 627 /* reject read-only flags */ 628 if ((ifra->ifra_flags & IN6_IFF_DUPLICATED) != 0 || 629 (ifra->ifra_flags & IN6_IFF_DETACHED) != 0 || 630 (ifra->ifra_flags & IN6_IFF_NODAD) != 0 || 631 (ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0) { 632 return (EINVAL); 633 } 634 /* 635 * first, make or update the interface address structure, 636 * and link it to the list. 637 */ 638 if ((error = in6_update_ifa(ifp, ifra, ia)) != 0) 639 return (error); 640 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr)) 641 == NULL) { 642 /* 643 * this can happen when the user specify the 0 valid 644 * lifetime. 645 */ 646 break; 647 } 648 649 /* 650 * then, make the prefix on-link on the interface. 651 * XXX: we'd rather create the prefix before the address, but 652 * we need at least one address to install the corresponding 653 * interface route, so we configure the address first. 654 */ 655 656 /* 657 * convert mask to prefix length (prefixmask has already 658 * been validated in in6_update_ifa(). 659 */ 660 bzero(&pr0, sizeof(pr0)); 661 pr0.ndpr_ifp = ifp; 662 pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 663 NULL); 664 if (pr0.ndpr_plen == 128) { 665 break; /* we don't need to install a host route. */ 666 } 667 pr0.ndpr_prefix = ifra->ifra_addr; 668 pr0.ndpr_mask = ifra->ifra_prefixmask.sin6_addr; 669 /* apply the mask for safety. */ 670 for (i = 0; i < 4; i++) { 671 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &= 672 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i]; 673 } 674 /* 675 * XXX: since we don't have an API to set prefix (not address) 676 * lifetimes, we just use the same lifetimes as addresses. 677 * The (temporarily) installed lifetimes can be overridden by 678 * later advertised RAs (when accept_rtadv is non 0), which is 679 * an intended behavior. 680 */ 681 pr0.ndpr_raf_onlink = 1; /* should be configurable? */ 682 pr0.ndpr_raf_auto = 683 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0); 684 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime; 685 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime; 686 687 /* add the prefix if not yet. */ 688 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) { 689 /* 690 * nd6_prelist_add will install the corresponding 691 * interface route. 692 */ 693 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) 694 return (error); 695 if (pr == NULL) { 696 log(LOG_ERR, "nd6_prelist_add succeeded but " 697 "no prefix\n"); 698 return (EINVAL); /* XXX panic here? */ 699 } 700 } 701 702 /* relate the address to the prefix */ 703 if (ia->ia6_ndpr == NULL) { 704 ia->ia6_ndpr = pr; 705 pr->ndpr_refcnt++; 706 } 707 708 /* 709 * this might affect the status of autoconfigured addresses, 710 * that is, this address might make other addresses detached. 711 */ 712 pfxlist_onlink_check(); 713 714 #ifdef PFIL_HOOKS 715 (void)pfil_run_hooks(&if_pfil, (struct mbuf **)SIOCAIFADDR_IN6, 716 ifp, PFIL_IFADDR); 717 #endif 718 719 break; 720 } 721 722 case SIOCDIFADDR_IN6: 723 { 724 int i = 0, purgeprefix = 0; 725 struct nd_prefix pr0, *pr = NULL; 726 727 /* 728 * If the address being deleted is the only one that owns 729 * the corresponding prefix, expire the prefix as well. 730 * XXX: theoretically, we don't have to worry about such 731 * relationship, since we separate the address management 732 * and the prefix management. We do this, however, to provide 733 * as much backward compatibility as possible in terms of 734 * the ioctl operation. 735 */ 736 bzero(&pr0, sizeof(pr0)); 737 pr0.ndpr_ifp = ifp; 738 pr0.ndpr_plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, 739 NULL); 740 if (pr0.ndpr_plen == 128) 741 goto purgeaddr; 742 pr0.ndpr_prefix = ia->ia_addr; 743 pr0.ndpr_mask = ia->ia_prefixmask.sin6_addr; 744 for (i = 0; i < 4; i++) { 745 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &= 746 ia->ia_prefixmask.sin6_addr.s6_addr32[i]; 747 } 748 if ((pr = nd6_prefix_lookup(&pr0)) != NULL && 749 pr == ia->ia6_ndpr) { 750 pr->ndpr_refcnt--; 751 if (pr->ndpr_refcnt == 0) 752 purgeprefix = 1; 753 } 754 755 purgeaddr: 756 in6_purgeaddr(&ia->ia_ifa); 757 if (pr && purgeprefix) 758 prelist_remove(pr); 759 #ifdef PFIL_HOOKS 760 (void)pfil_run_hooks(&if_pfil, (struct mbuf **)SIOCDIFADDR_IN6, 761 ifp, PFIL_IFADDR); 762 #endif 763 break; 764 } 765 766 default: 767 if (ifp == NULL || ifp->if_ioctl == 0) 768 return (EOPNOTSUPP); 769 return ((*ifp->if_ioctl)(ifp, cmd, data)); 770 } 771 772 return (0); 773 } 774 775 /* 776 * Update parameters of an IPv6 interface address. 777 * If necessary, a new entry is created and linked into address chains. 778 * This function is separated from in6_control(). 779 * XXX: should this be performed under splnet()? 780 */ 781 int 782 in6_update_ifa(ifp, ifra, ia) 783 struct ifnet *ifp; 784 struct in6_aliasreq *ifra; 785 struct in6_ifaddr *ia; 786 { 787 int error = 0, hostIsNew = 0, plen = -1; 788 struct in6_ifaddr *oia; 789 struct sockaddr_in6 dst6; 790 struct in6_addrlifetime *lt; 791 struct in6_multi_mship *imm; 792 struct rtentry *rt; 793 794 /* Validate parameters */ 795 if (ifp == NULL || ifra == NULL) /* this maybe redundant */ 796 return (EINVAL); 797 798 /* 799 * The destination address for a p2p link must have a family 800 * of AF_UNSPEC or AF_INET6. 801 */ 802 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && 803 ifra->ifra_dstaddr.sin6_family != AF_INET6 && 804 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC) 805 return (EAFNOSUPPORT); 806 /* 807 * validate ifra_prefixmask. don't check sin6_family, netmask 808 * does not carry fields other than sin6_len. 809 */ 810 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6)) 811 return (EINVAL); 812 /* 813 * Because the IPv6 address architecture is classless, we require 814 * users to specify a (non 0) prefix length (mask) for a new address. 815 * We also require the prefix (when specified) mask is valid, and thus 816 * reject a non-consecutive mask. 817 */ 818 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0) 819 return (EINVAL); 820 if (ifra->ifra_prefixmask.sin6_len != 0) { 821 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 822 (u_char *)&ifra->ifra_prefixmask + 823 ifra->ifra_prefixmask.sin6_len); 824 if (plen <= 0) 825 return (EINVAL); 826 } else { 827 /* 828 * In this case, ia must not be NULL. We just use its prefix 829 * length. 830 */ 831 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 832 } 833 /* 834 * If the destination address on a p2p interface is specified, 835 * and the address is a scoped one, validate/set the scope 836 * zone identifier. 837 */ 838 dst6 = ifra->ifra_dstaddr; 839 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 && 840 (dst6.sin6_family == AF_INET6)) { 841 struct in6_addr in6_tmp; 842 u_int32_t zoneid; 843 844 in6_tmp = dst6.sin6_addr; 845 if (in6_setscope(&in6_tmp, ifp, &zoneid)) 846 return (EINVAL); /* XXX: should be impossible */ 847 848 if (dst6.sin6_scope_id != 0) { 849 if (dst6.sin6_scope_id != zoneid) 850 return (EINVAL); 851 } else /* user omit to specify the ID. */ 852 dst6.sin6_scope_id = zoneid; 853 854 /* convert into the internal form */ 855 if (sa6_embedscope(&dst6, 0)) 856 return (EINVAL); /* XXX: should be impossible */ 857 } 858 /* 859 * The destination address can be specified only for a p2p or a 860 * loopback interface. If specified, the corresponding prefix length 861 * must be 128. 862 */ 863 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) { 864 #ifdef FORCE_P2PPLEN 865 int i; 866 #endif 867 868 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) { 869 /* XXX: noisy message */ 870 nd6log((LOG_INFO, "in6_update_ifa: a destination can " 871 "be specified for a p2p or a loopback IF only\n")); 872 return (EINVAL); 873 } 874 if (plen != 128) { 875 nd6log((LOG_INFO, "in6_update_ifa: prefixlen should " 876 "be 128 when dstaddr is specified\n")); 877 #ifdef FORCE_P2PPLEN 878 /* 879 * To be compatible with old configurations, 880 * such as ifconfig gif0 inet6 2001::1 2001::2 881 * prefixlen 126, we override the specified 882 * prefixmask as if the prefix length was 128. 883 */ 884 ifra->ifra_prefixmask.sin6_len = 885 sizeof(struct sockaddr_in6); 886 for (i = 0; i < 4; i++) 887 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i] = 888 0xffffffff; 889 plen = 128; 890 #else 891 return (EINVAL); 892 #endif 893 } 894 } 895 /* lifetime consistency check */ 896 lt = &ifra->ifra_lifetime; 897 if (lt->ia6t_pltime > lt->ia6t_vltime) 898 return (EINVAL); 899 if (lt->ia6t_vltime == 0) { 900 /* 901 * the following log might be noisy, but this is a typical 902 * configuration mistake or a tool's bug. 903 */ 904 nd6log((LOG_INFO, 905 "in6_update_ifa: valid lifetime is 0 for %s\n", 906 ip6_sprintf(&ifra->ifra_addr.sin6_addr))); 907 908 if (ia == NULL) 909 return (0); /* there's nothing to do */ 910 } 911 912 /* 913 * If this is a new address, allocate a new ifaddr and link it 914 * into chains. 915 */ 916 if (ia == NULL) { 917 hostIsNew = 1; 918 /* 919 * When in6_update_ifa() is called in a process of a received 920 * RA, it is called under an interrupt context. So, we should 921 * call malloc with M_NOWAIT. 922 */ 923 ia = (struct in6_ifaddr *) malloc(sizeof(*ia), M_IFADDR, 924 M_NOWAIT); 925 if (ia == NULL) 926 return (ENOBUFS); 927 bzero((caddr_t)ia, sizeof(*ia)); 928 LIST_INIT(&ia->ia6_memberships); 929 /* Initialize the address and masks, and put time stamp */ 930 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr; 931 ia->ia_addr.sin6_family = AF_INET6; 932 ia->ia_addr.sin6_len = sizeof(ia->ia_addr); 933 ia->ia6_createtime = ia->ia6_updatetime = time.tv_sec; 934 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) { 935 /* 936 * XXX: some functions expect that ifa_dstaddr is not 937 * NULL for p2p interfaces. 938 */ 939 ia->ia_ifa.ifa_dstaddr = 940 (struct sockaddr *)&ia->ia_dstaddr; 941 } else { 942 ia->ia_ifa.ifa_dstaddr = NULL; 943 } 944 ia->ia_ifa.ifa_netmask = 945 (struct sockaddr *)&ia->ia_prefixmask; 946 947 ia->ia_ifp = ifp; 948 if ((oia = in6_ifaddr) != NULL) { 949 for ( ; oia->ia_next; oia = oia->ia_next) 950 continue; 951 oia->ia_next = ia; 952 } else 953 in6_ifaddr = ia; 954 /* gain a refcnt for the link from in6_ifaddr */ 955 IFAREF(&ia->ia_ifa); 956 957 TAILQ_INSERT_TAIL(&ifp->if_addrlist, &ia->ia_ifa, 958 ifa_list); 959 /* gain another refcnt for the link from if_addrlist */ 960 IFAREF(&ia->ia_ifa); 961 } 962 963 /* set prefix mask */ 964 if (ifra->ifra_prefixmask.sin6_len) { 965 /* 966 * We prohibit changing the prefix length of an existing 967 * address, because 968 * + such an operation should be rare in IPv6, and 969 * + the operation would confuse prefix management. 970 */ 971 if (ia->ia_prefixmask.sin6_len && 972 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) { 973 nd6log((LOG_INFO, "in6_update_ifa: the prefix length of an" 974 " existing (%s) address should not be changed\n", 975 ip6_sprintf(&ia->ia_addr.sin6_addr))); 976 error = EINVAL; 977 goto unlink; 978 } 979 ia->ia_prefixmask = ifra->ifra_prefixmask; 980 } 981 982 /* 983 * If a new destination address is specified, scrub the old one and 984 * install the new destination. Note that the interface must be 985 * p2p or loopback (see the check above.) 986 */ 987 if (dst6.sin6_family == AF_INET6 && 988 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, &ia->ia_dstaddr.sin6_addr)) { 989 if ((ia->ia_flags & IFA_ROUTE) != 0 && 990 rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST) != 0) { 991 nd6log((LOG_ERR, "in6_update_ifa: failed to remove " 992 "a route to the old destination: %s\n", 993 ip6_sprintf(&ia->ia_addr.sin6_addr))); 994 /* proceed anyway... */ 995 } else 996 ia->ia_flags &= ~IFA_ROUTE; 997 ia->ia_dstaddr = dst6; 998 } 999 1000 /* 1001 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred 1002 * to see if the address is deprecated or invalidated, but initialize 1003 * these members for applications. 1004 */ 1005 ia->ia6_lifetime = ifra->ifra_lifetime; 1006 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 1007 ia->ia6_lifetime.ia6t_expire = 1008 time.tv_sec + ia->ia6_lifetime.ia6t_vltime; 1009 } else 1010 ia->ia6_lifetime.ia6t_expire = 0; 1011 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 1012 ia->ia6_lifetime.ia6t_preferred = 1013 time.tv_sec + ia->ia6_lifetime.ia6t_pltime; 1014 } else 1015 ia->ia6_lifetime.ia6t_preferred = 0; 1016 1017 /* reset the interface and routing table appropriately. */ 1018 if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0) 1019 goto unlink; 1020 1021 /* 1022 * configure address flags. 1023 */ 1024 ia->ia6_flags = ifra->ifra_flags; 1025 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */ 1026 /* 1027 * backward compatibility - if IN6_IFF_DEPRECATED is set from the 1028 * userland, make it deprecated. 1029 */ 1030 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) { 1031 ia->ia6_lifetime.ia6t_pltime = 0; 1032 ia->ia6_lifetime.ia6t_preferred = time.tv_sec; 1033 } 1034 1035 /* 1036 * Perform DAD, if needed. 1037 * XXX It may be of use, if we can administratively 1038 * disable DAD. 1039 */ 1040 if (in6if_do_dad(ifp) && hostIsNew && 1041 (ifra->ifra_flags & IN6_IFF_NODAD) == 0) { 1042 ia->ia6_flags |= IN6_IFF_TENTATIVE; 1043 nd6_dad_start((struct ifaddr *)ia, NULL); 1044 } 1045 1046 /* 1047 * We are done if we have simply modified an existing address. 1048 */ 1049 if (!hostIsNew) 1050 return (error); 1051 1052 /* 1053 * Beyond this point, we should call in6_purgeaddr upon an error, 1054 * not just go to unlink. 1055 */ 1056 1057 /* join necessary multicast groups */ 1058 if ((ifp->if_flags & IFF_MULTICAST) != 0) { 1059 struct sockaddr_in6 mltaddr, mltmask; 1060 struct in6_addr llsol; 1061 1062 /* join solicited multicast addr for new host id */ 1063 bzero(&llsol, sizeof(struct in6_addr)); 1064 llsol.s6_addr16[0] = htons(0xff02); 1065 llsol.s6_addr32[1] = 0; 1066 llsol.s6_addr32[2] = htonl(1); 1067 llsol.s6_addr32[3] = ifra->ifra_addr.sin6_addr.s6_addr32[3]; 1068 llsol.s6_addr8[12] = 0xff; 1069 if ((error = in6_setscope(&llsol, ifp, NULL)) != 0) { 1070 /* XXX: should not happen */ 1071 log(LOG_ERR, "in6_update_ifa: " 1072 "in6_setscope failed\n"); 1073 goto cleanup; 1074 } 1075 imm = in6_joingroup(ifp, &llsol, &error); 1076 if (!imm) { 1077 nd6log((LOG_ERR, 1078 "in6_update_ifa: addmulti " 1079 "failed for %s on %s (errno=%d)\n", 1080 ip6_sprintf(&llsol), if_name(ifp), error)); 1081 goto cleanup; 1082 } 1083 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1084 1085 bzero(&mltmask, sizeof(mltmask)); 1086 mltmask.sin6_len = sizeof(struct sockaddr_in6); 1087 mltmask.sin6_family = AF_INET6; 1088 mltmask.sin6_addr = in6mask32; 1089 1090 /* 1091 * join link-local all-nodes address 1092 */ 1093 bzero(&mltaddr, sizeof(mltaddr)); 1094 mltaddr.sin6_len = sizeof(struct sockaddr_in6); 1095 mltaddr.sin6_family = AF_INET6; 1096 mltaddr.sin6_addr = in6addr_linklocal_allnodes; 1097 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 1098 0) 1099 goto cleanup; /* XXX: should not fail */ 1100 1101 /* 1102 * XXX: do we really need this automatic routes? 1103 * We should probably reconsider this stuff. Most applications 1104 * actually do not need the routes, since they usually specify 1105 * the outgoing interface. 1106 */ 1107 rt = rtalloc1((struct sockaddr *)&mltaddr, 0); 1108 if (rt) { 1109 /* 1110 * 32bit came from "mltmask" 1111 */ 1112 if (memcmp(&mltaddr.sin6_addr, 1113 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 1114 32 / 8)) { 1115 RTFREE(rt); 1116 rt = NULL; 1117 } 1118 } 1119 if (!rt) { 1120 struct rt_addrinfo info; 1121 1122 bzero(&info, sizeof(info)); 1123 info.rti_info[RTAX_DST] = (struct sockaddr *)&mltaddr; 1124 info.rti_info[RTAX_GATEWAY] = 1125 (struct sockaddr *)&ia->ia_addr; 1126 info.rti_info[RTAX_NETMASK] = 1127 (struct sockaddr *)&mltmask; 1128 info.rti_info[RTAX_IFA] = 1129 (struct sockaddr *)&ia->ia_addr; 1130 /* XXX: we need RTF_CLONING to fake nd6_rtrequest */ 1131 info.rti_flags = RTF_UP | RTF_CLONING; 1132 error = rtrequest1(RTM_ADD, &info, NULL); 1133 if (error) 1134 goto cleanup; 1135 } else { 1136 RTFREE(rt); 1137 } 1138 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error); 1139 if (!imm) { 1140 nd6log((LOG_WARNING, 1141 "in6_update_ifa: addmulti failed for " 1142 "%s on %s (errno=%d)\n", 1143 ip6_sprintf(&mltaddr.sin6_addr), 1144 if_name(ifp), error)); 1145 goto cleanup; 1146 } 1147 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1148 1149 /* 1150 * join node information group address 1151 */ 1152 if (in6_nigroup(ifp, hostname, hostnamelen, &mltaddr) == 0) { 1153 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error); 1154 if (!imm) { 1155 nd6log((LOG_WARNING, "in6_update_ifa: " 1156 "addmulti failed for %s on %s (errno=%d)\n", 1157 ip6_sprintf(&mltaddr.sin6_addr), 1158 if_name(ifp), error)); 1159 /* XXX not very fatal, go on... */ 1160 } else { 1161 LIST_INSERT_HEAD(&ia->ia6_memberships, 1162 imm, i6mm_chain); 1163 } 1164 } 1165 1166 1167 /* 1168 * join interface-local all-nodes address. 1169 * (ff01::1%ifN, and ff01::%ifN/32) 1170 */ 1171 mltaddr.sin6_addr = in6addr_nodelocal_allnodes; 1172 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) 1173 != 0) 1174 goto cleanup; /* XXX: should not fail */ 1175 1176 /* XXX: again, do we really need the route? */ 1177 rt = rtalloc1((struct sockaddr *)&mltaddr, 0); 1178 if (rt) { 1179 /* 32bit came from "mltmask" */ 1180 if (memcmp(&mltaddr.sin6_addr, 1181 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 1182 32 / 8)) { 1183 RTFREE(rt); 1184 rt = NULL; 1185 } 1186 } 1187 if (!rt) { 1188 struct rt_addrinfo info; 1189 1190 bzero(&info, sizeof(info)); 1191 info.rti_info[RTAX_DST] = (struct sockaddr *)&mltaddr; 1192 info.rti_info[RTAX_GATEWAY] = 1193 (struct sockaddr *)&ia->ia_addr; 1194 info.rti_info[RTAX_NETMASK] = 1195 (struct sockaddr *)&mltmask; 1196 info.rti_info[RTAX_IFA] = 1197 (struct sockaddr *)&ia->ia_addr; 1198 info.rti_flags = RTF_UP | RTF_CLONING; 1199 error = rtrequest1(RTM_ADD, &info, NULL); 1200 if (error) 1201 goto cleanup; 1202 } else { 1203 RTFREE(rt); 1204 } 1205 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error); 1206 if (!imm) { 1207 nd6log((LOG_WARNING, "in6_update_ifa: " 1208 "addmulti failed for %s on %s (errno=%d)\n", 1209 ip6_sprintf(&mltaddr.sin6_addr), 1210 if_name(ifp), error)); 1211 goto cleanup; 1212 } 1213 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1214 } 1215 1216 return (error); 1217 1218 unlink: 1219 /* 1220 * XXX: if a change of an existing address failed, keep the entry 1221 * anyway. 1222 */ 1223 if (hostIsNew) 1224 in6_unlink_ifa(ia, ifp); 1225 return (error); 1226 1227 cleanup: 1228 in6_purgeaddr(&ia->ia_ifa); 1229 return error; 1230 } 1231 1232 void 1233 in6_purgeaddr(ifa) 1234 struct ifaddr *ifa; 1235 { 1236 struct ifnet *ifp = ifa->ifa_ifp; 1237 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa; 1238 struct in6_multi_mship *imm; 1239 1240 /* stop DAD processing */ 1241 nd6_dad_stop(ifa); 1242 1243 /* 1244 * delete route to the destination of the address being purged. 1245 * The interface must be p2p or loopback in this case. 1246 */ 1247 if ((ia->ia_flags & IFA_ROUTE) != 0 && ia->ia_dstaddr.sin6_len != 0) { 1248 int e; 1249 1250 if ((e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) 1251 != 0) { 1252 log(LOG_ERR, "in6_purgeaddr: failed to remove " 1253 "a route to the p2p destination: %s on %s, " 1254 "errno=%d\n", 1255 ip6_sprintf(&ia->ia_addr.sin6_addr), if_name(ifp), 1256 e); 1257 /* proceed anyway... */ 1258 } else 1259 ia->ia_flags &= ~IFA_ROUTE; 1260 } 1261 1262 /* Remove ownaddr's loopback rtentry, if it exists. */ 1263 in6_ifremloop(&(ia->ia_ifa)); 1264 1265 /* 1266 * leave from multicast groups we have joined for the interface 1267 */ 1268 while ((imm = ia->ia6_memberships.lh_first) != NULL) { 1269 LIST_REMOVE(imm, i6mm_chain); 1270 in6_leavegroup(imm); 1271 } 1272 1273 in6_unlink_ifa(ia, ifp); 1274 } 1275 1276 static void 1277 in6_unlink_ifa(ia, ifp) 1278 struct in6_ifaddr *ia; 1279 struct ifnet *ifp; 1280 { 1281 struct in6_ifaddr *oia; 1282 int s = splnet(); 1283 1284 TAILQ_REMOVE(&ifp->if_addrlist, &ia->ia_ifa, ifa_list); 1285 /* release a refcnt for the link from if_addrlist */ 1286 IFAFREE(&ia->ia_ifa); 1287 1288 oia = ia; 1289 if (oia == (ia = in6_ifaddr)) 1290 in6_ifaddr = ia->ia_next; 1291 else { 1292 while (ia->ia_next && (ia->ia_next != oia)) 1293 ia = ia->ia_next; 1294 if (ia->ia_next) 1295 ia->ia_next = oia->ia_next; 1296 else { 1297 /* search failed */ 1298 printf("Couldn't unlink in6_ifaddr from in6_ifaddr\n"); 1299 } 1300 } 1301 1302 if (oia->ia6_multiaddrs.lh_first != NULL) { 1303 /* 1304 * XXX thorpej (at) NetBSD.org -- if the interface is going 1305 * XXX away, don't save the multicast entries, delete them! 1306 */ 1307 if (oia->ia_ifa.ifa_ifp->if_output == if_nulloutput) { 1308 struct in6_multi *in6m; 1309 1310 while ((in6m = 1311 LIST_FIRST(&oia->ia6_multiaddrs)) != NULL) 1312 in6_delmulti(in6m); 1313 } else 1314 in6_savemkludge(oia); 1315 } 1316 1317 /* 1318 * When an autoconfigured address is being removed, release the 1319 * reference to the base prefix. Also, since the release might 1320 * affect the status of other (detached) addresses, call 1321 * pfxlist_onlink_check(). 1322 */ 1323 if ((oia->ia6_flags & IN6_IFF_AUTOCONF) != 0) { 1324 if (oia->ia6_ndpr == NULL) { 1325 log(LOG_NOTICE, "in6_unlink_ifa: autoconf'ed address " 1326 "%p has no prefix\n", oia); 1327 } else { 1328 oia->ia6_ndpr->ndpr_refcnt--; 1329 oia->ia6_flags &= ~IN6_IFF_AUTOCONF; 1330 oia->ia6_ndpr = NULL; 1331 } 1332 1333 pfxlist_onlink_check(); 1334 } 1335 1336 /* 1337 * release another refcnt for the link from in6_ifaddr. 1338 * Note that we should decrement the refcnt at least once for all *BSD. 1339 */ 1340 IFAFREE(&oia->ia_ifa); 1341 1342 splx(s); 1343 } 1344 1345 void 1346 in6_purgeif(ifp) 1347 struct ifnet *ifp; 1348 { 1349 struct ifaddr *ifa, *nifa; 1350 1351 for (ifa = TAILQ_FIRST(&ifp->if_addrlist); ifa != NULL; ifa = nifa) 1352 { 1353 nifa = TAILQ_NEXT(ifa, ifa_list); 1354 if (ifa->ifa_addr->sa_family != AF_INET6) 1355 continue; 1356 in6_purgeaddr(ifa); 1357 } 1358 1359 in6_ifdetach(ifp); 1360 } 1361 1362 /* 1363 * SIOC[GAD]LIFADDR. 1364 * SIOCGLIFADDR: get first address. (?) 1365 * SIOCGLIFADDR with IFLR_PREFIX: 1366 * get first address that matches the specified prefix. 1367 * SIOCALIFADDR: add the specified address. 1368 * SIOCALIFADDR with IFLR_PREFIX: 1369 * add the specified prefix, filling hostid part from 1370 * the first link-local address. prefixlen must be <= 64. 1371 * SIOCDLIFADDR: delete the specified address. 1372 * SIOCDLIFADDR with IFLR_PREFIX: 1373 * delete the first address that matches the specified prefix. 1374 * return values: 1375 * EINVAL on invalid parameters 1376 * EADDRNOTAVAIL on prefix match failed/specified address not found 1377 * other values may be returned from in6_ioctl() 1378 * 1379 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64. 1380 * this is to accomodate address naming scheme other than RFC2374, 1381 * in the future. 1382 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374 1383 * address encoding scheme. (see figure on page 8) 1384 */ 1385 static int 1386 in6_lifaddr_ioctl(so, cmd, data, ifp, p) 1387 struct socket *so; 1388 u_long cmd; 1389 caddr_t data; 1390 struct ifnet *ifp; 1391 struct proc *p; 1392 { 1393 struct if_laddrreq *iflr = (struct if_laddrreq *)data; 1394 struct ifaddr *ifa; 1395 struct sockaddr *sa; 1396 1397 /* sanity checks */ 1398 if (!data || !ifp) { 1399 panic("invalid argument to in6_lifaddr_ioctl"); 1400 /* NOTREACHED */ 1401 } 1402 1403 switch (cmd) { 1404 case SIOCGLIFADDR: 1405 /* address must be specified on GET with IFLR_PREFIX */ 1406 if ((iflr->flags & IFLR_PREFIX) == 0) 1407 break; 1408 /* FALLTHROUGH */ 1409 case SIOCALIFADDR: 1410 case SIOCDLIFADDR: 1411 /* address must be specified on ADD and DELETE */ 1412 sa = (struct sockaddr *)&iflr->addr; 1413 if (sa->sa_family != AF_INET6) 1414 return EINVAL; 1415 if (sa->sa_len != sizeof(struct sockaddr_in6)) 1416 return EINVAL; 1417 /* XXX need improvement */ 1418 sa = (struct sockaddr *)&iflr->dstaddr; 1419 if (sa->sa_family && sa->sa_family != AF_INET6) 1420 return EINVAL; 1421 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6)) 1422 return EINVAL; 1423 break; 1424 default: /* shouldn't happen */ 1425 #if 0 1426 panic("invalid cmd to in6_lifaddr_ioctl"); 1427 /* NOTREACHED */ 1428 #else 1429 return EOPNOTSUPP; 1430 #endif 1431 } 1432 if (sizeof(struct in6_addr) * 8 < iflr->prefixlen) 1433 return EINVAL; 1434 1435 switch (cmd) { 1436 case SIOCALIFADDR: 1437 { 1438 struct in6_aliasreq ifra; 1439 struct in6_addr *xhostid = NULL; 1440 int prefixlen; 1441 1442 if ((iflr->flags & IFLR_PREFIX) != 0) { 1443 struct sockaddr_in6 *sin6; 1444 1445 /* 1446 * xhostid is to fill in the hostid part of the 1447 * address. xhostid points to the first link-local 1448 * address attached to the interface. 1449 */ 1450 ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 0); 1451 if (!ifa) 1452 return EADDRNOTAVAIL; 1453 xhostid = IFA_IN6(ifa); 1454 1455 /* prefixlen must be <= 64. */ 1456 if (64 < iflr->prefixlen) 1457 return EINVAL; 1458 prefixlen = iflr->prefixlen; 1459 1460 /* hostid part must be zero. */ 1461 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1462 if (sin6->sin6_addr.s6_addr32[2] != 0 1463 || sin6->sin6_addr.s6_addr32[3] != 0) { 1464 return EINVAL; 1465 } 1466 } else 1467 prefixlen = iflr->prefixlen; 1468 1469 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */ 1470 bzero(&ifra, sizeof(ifra)); 1471 bcopy(iflr->iflr_name, ifra.ifra_name, sizeof(ifra.ifra_name)); 1472 1473 bcopy(&iflr->addr, &ifra.ifra_addr, 1474 ((struct sockaddr *)&iflr->addr)->sa_len); 1475 if (xhostid) { 1476 /* fill in hostid part */ 1477 ifra.ifra_addr.sin6_addr.s6_addr32[2] = 1478 xhostid->s6_addr32[2]; 1479 ifra.ifra_addr.sin6_addr.s6_addr32[3] = 1480 xhostid->s6_addr32[3]; 1481 } 1482 1483 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /* XXX */ 1484 bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr, 1485 ((struct sockaddr *)&iflr->dstaddr)->sa_len); 1486 if (xhostid) { 1487 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] = 1488 xhostid->s6_addr32[2]; 1489 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] = 1490 xhostid->s6_addr32[3]; 1491 } 1492 } 1493 1494 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6); 1495 in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen); 1496 1497 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX; 1498 return in6_control(so, SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp, p); 1499 } 1500 case SIOCGLIFADDR: 1501 case SIOCDLIFADDR: 1502 { 1503 struct in6_ifaddr *ia; 1504 struct in6_addr mask, candidate, match; 1505 struct sockaddr_in6 *sin6; 1506 int cmp; 1507 1508 bzero(&mask, sizeof(mask)); 1509 if (iflr->flags & IFLR_PREFIX) { 1510 /* lookup a prefix rather than address. */ 1511 in6_prefixlen2mask(&mask, iflr->prefixlen); 1512 1513 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1514 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1515 match.s6_addr32[0] &= mask.s6_addr32[0]; 1516 match.s6_addr32[1] &= mask.s6_addr32[1]; 1517 match.s6_addr32[2] &= mask.s6_addr32[2]; 1518 match.s6_addr32[3] &= mask.s6_addr32[3]; 1519 1520 /* if you set extra bits, that's wrong */ 1521 if (bcmp(&match, &sin6->sin6_addr, sizeof(match))) 1522 return EINVAL; 1523 1524 cmp = 1; 1525 } else { 1526 if (cmd == SIOCGLIFADDR) { 1527 /* on getting an address, take the 1st match */ 1528 cmp = 0; /* XXX */ 1529 } else { 1530 /* on deleting an address, do exact match */ 1531 in6_prefixlen2mask(&mask, 128); 1532 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1533 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1534 1535 cmp = 1; 1536 } 1537 } 1538 1539 for (ifa = ifp->if_addrlist.tqh_first; 1540 ifa; 1541 ifa = ifa->ifa_list.tqe_next) 1542 { 1543 if (ifa->ifa_addr->sa_family != AF_INET6) 1544 continue; 1545 if (!cmp) 1546 break; 1547 1548 /* 1549 * XXX: this is adhoc, but is necessary to allow 1550 * a user to specify fe80::/64 (not /10) for a 1551 * link-local address. 1552 */ 1553 bcopy(IFA_IN6(ifa), &candidate, sizeof(candidate)); 1554 in6_clearscope(&candidate); 1555 candidate.s6_addr32[0] &= mask.s6_addr32[0]; 1556 candidate.s6_addr32[1] &= mask.s6_addr32[1]; 1557 candidate.s6_addr32[2] &= mask.s6_addr32[2]; 1558 candidate.s6_addr32[3] &= mask.s6_addr32[3]; 1559 if (IN6_ARE_ADDR_EQUAL(&candidate, &match)) 1560 break; 1561 } 1562 if (!ifa) 1563 return EADDRNOTAVAIL; 1564 ia = ifa2ia6(ifa); 1565 1566 if (cmd == SIOCGLIFADDR) { 1567 int error; 1568 1569 /* fill in the if_laddrreq structure */ 1570 bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin6_len); 1571 error = sa6_recoverscope( 1572 (struct sockaddr_in6 *)&iflr->addr); 1573 if (error != 0) 1574 return (error); 1575 1576 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1577 bcopy(&ia->ia_dstaddr, &iflr->dstaddr, 1578 ia->ia_dstaddr.sin6_len); 1579 error = sa6_recoverscope( 1580 (struct sockaddr_in6 *)&iflr->dstaddr); 1581 if (error != 0) 1582 return (error); 1583 } else 1584 bzero(&iflr->dstaddr, sizeof(iflr->dstaddr)); 1585 1586 iflr->prefixlen = 1587 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 1588 1589 iflr->flags = ia->ia6_flags; /* XXX */ 1590 1591 return 0; 1592 } else { 1593 struct in6_aliasreq ifra; 1594 1595 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */ 1596 bzero(&ifra, sizeof(ifra)); 1597 bcopy(iflr->iflr_name, ifra.ifra_name, 1598 sizeof(ifra.ifra_name)); 1599 1600 bcopy(&ia->ia_addr, &ifra.ifra_addr, 1601 ia->ia_addr.sin6_len); 1602 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1603 bcopy(&ia->ia_dstaddr, &ifra.ifra_dstaddr, 1604 ia->ia_dstaddr.sin6_len); 1605 } else { 1606 bzero(&ifra.ifra_dstaddr, 1607 sizeof(ifra.ifra_dstaddr)); 1608 } 1609 bcopy(&ia->ia_prefixmask, &ifra.ifra_dstaddr, 1610 ia->ia_prefixmask.sin6_len); 1611 1612 ifra.ifra_flags = ia->ia6_flags; 1613 return in6_control(so, SIOCDIFADDR_IN6, (caddr_t)&ifra, 1614 ifp, p); 1615 } 1616 } 1617 } 1618 1619 return EOPNOTSUPP; /* just for safety */ 1620 } 1621 1622 /* 1623 * Initialize an interface's intetnet6 address 1624 * and routing table entry. 1625 */ 1626 static int 1627 in6_ifinit(ifp, ia, sin6, newhost) 1628 struct ifnet *ifp; 1629 struct in6_ifaddr *ia; 1630 struct sockaddr_in6 *sin6; 1631 int newhost; 1632 { 1633 int error = 0, plen, ifacount = 0; 1634 int s = splnet(); 1635 struct ifaddr *ifa; 1636 1637 /* 1638 * Give the interface a chance to initialize 1639 * if this is its first address, 1640 * and to validate the address if necessary. 1641 */ 1642 for (ifa = ifp->if_addrlist.tqh_first; ifa; 1643 ifa = ifa->ifa_list.tqe_next) 1644 { 1645 if (ifa->ifa_addr == NULL) 1646 continue; /* just for safety */ 1647 if (ifa->ifa_addr->sa_family != AF_INET6) 1648 continue; 1649 ifacount++; 1650 } 1651 1652 ia->ia_addr = *sin6; 1653 1654 if (ifacount <= 1 && ifp->if_ioctl && 1655 (error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia))) { 1656 splx(s); 1657 return (error); 1658 } 1659 splx(s); 1660 1661 ia->ia_ifa.ifa_metric = ifp->if_metric; 1662 1663 /* we could do in(6)_socktrim here, but just omit it at this moment. */ 1664 1665 /* 1666 * Special case: 1667 * If the destination address is specified for a point-to-point 1668 * interface, install a route to the destination as an interface 1669 * direct route. 1670 */ 1671 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ 1672 if (plen == 128 && ia->ia_dstaddr.sin6_family == AF_INET6) { 1673 if ((error = rtinit(&(ia->ia_ifa), (int)RTM_ADD, 1674 RTF_UP | RTF_HOST)) != 0) 1675 return (error); 1676 ia->ia_flags |= IFA_ROUTE; 1677 } 1678 1679 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */ 1680 if (newhost) { 1681 /* set the rtrequest function to create llinfo */ 1682 ia->ia_ifa.ifa_rtrequest = nd6_rtrequest; 1683 in6_ifaddloop(&(ia->ia_ifa)); 1684 } 1685 1686 if (ifp->if_flags & IFF_MULTICAST) 1687 in6_restoremkludge(ia, ifp); 1688 1689 return (error); 1690 } 1691 1692 /* 1693 * Multicast address kludge: 1694 * If there were any multicast addresses attached to this interface address, 1695 * either move them to another address on this interface, or save them until 1696 * such time as this interface is reconfigured for IPv6. 1697 */ 1698 void 1699 in6_savemkludge(oia) 1700 struct in6_ifaddr *oia; 1701 { 1702 struct in6_ifaddr *ia; 1703 struct in6_multi *in6m, *next; 1704 1705 IFP_TO_IA6(oia->ia_ifp, ia); 1706 if (ia) { /* there is another address */ 1707 for (in6m = oia->ia6_multiaddrs.lh_first; in6m; in6m = next){ 1708 next = in6m->in6m_entry.le_next; 1709 IFAFREE(&in6m->in6m_ia->ia_ifa); 1710 IFAREF(&ia->ia_ifa); 1711 in6m->in6m_ia = ia; 1712 LIST_INSERT_HEAD(&ia->ia6_multiaddrs, in6m, in6m_entry); 1713 } 1714 } else { /* last address on this if deleted, save */ 1715 struct multi6_kludge *mk; 1716 1717 for (mk = in6_mk.lh_first; mk; mk = mk->mk_entry.le_next) { 1718 if (mk->mk_ifp == oia->ia_ifp) 1719 break; 1720 } 1721 if (mk == NULL) /* this should not happen! */ 1722 panic("in6_savemkludge: no kludge space"); 1723 1724 for (in6m = oia->ia6_multiaddrs.lh_first; in6m; in6m = next){ 1725 next = in6m->in6m_entry.le_next; 1726 IFAFREE(&in6m->in6m_ia->ia_ifa); /* release reference */ 1727 in6m->in6m_ia = NULL; 1728 LIST_INSERT_HEAD(&mk->mk_head, in6m, in6m_entry); 1729 } 1730 } 1731 } 1732 1733 /* 1734 * Continuation of multicast address hack: 1735 * If there was a multicast group list previously saved for this interface, 1736 * then we re-attach it to the first address configured on the i/f. 1737 */ 1738 void 1739 in6_restoremkludge(ia, ifp) 1740 struct in6_ifaddr *ia; 1741 struct ifnet *ifp; 1742 { 1743 struct multi6_kludge *mk; 1744 1745 for (mk = in6_mk.lh_first; mk; mk = mk->mk_entry.le_next) { 1746 if (mk->mk_ifp == ifp) { 1747 struct in6_multi *in6m, *next; 1748 1749 for (in6m = mk->mk_head.lh_first; in6m; in6m = next) { 1750 next = in6m->in6m_entry.le_next; 1751 in6m->in6m_ia = ia; 1752 IFAREF(&ia->ia_ifa); 1753 LIST_INSERT_HEAD(&ia->ia6_multiaddrs, 1754 in6m, in6m_entry); 1755 } 1756 LIST_INIT(&mk->mk_head); 1757 break; 1758 } 1759 } 1760 } 1761 1762 /* 1763 * Allocate space for the kludge at interface initialization time. 1764 * Formerly, we dynamically allocated the space in in6_savemkludge() with 1765 * malloc(M_WAITOK). However, it was wrong since the function could be called 1766 * under an interrupt context (software timer on address lifetime expiration). 1767 * Also, we cannot just give up allocating the strucutre, since the group 1768 * membership structure is very complex and we need to keep it anyway. 1769 * Of course, this function MUST NOT be called under an interrupt context. 1770 * Specifically, it is expected to be called only from in6_ifattach(), though 1771 * it is a global function. 1772 */ 1773 void 1774 in6_createmkludge(ifp) 1775 struct ifnet *ifp; 1776 { 1777 struct multi6_kludge *mk; 1778 1779 for (mk = in6_mk.lh_first; mk; mk = mk->mk_entry.le_next) { 1780 /* If we've already had one, do not allocate. */ 1781 if (mk->mk_ifp == ifp) 1782 return; 1783 } 1784 1785 mk = malloc(sizeof(*mk), M_IPMADDR, M_WAITOK); 1786 1787 bzero(mk, sizeof(*mk)); 1788 LIST_INIT(&mk->mk_head); 1789 mk->mk_ifp = ifp; 1790 LIST_INSERT_HEAD(&in6_mk, mk, mk_entry); 1791 } 1792 1793 void 1794 in6_purgemkludge(ifp) 1795 struct ifnet *ifp; 1796 { 1797 struct multi6_kludge *mk; 1798 struct in6_multi *in6m; 1799 1800 for (mk = in6_mk.lh_first; mk; mk = mk->mk_entry.le_next) { 1801 if (mk->mk_ifp != ifp) 1802 continue; 1803 1804 /* leave from all multicast groups joined */ 1805 while ((in6m = LIST_FIRST(&mk->mk_head)) != NULL) 1806 in6_delmulti(in6m); 1807 LIST_REMOVE(mk, mk_entry); 1808 free(mk, M_IPMADDR); 1809 break; 1810 } 1811 } 1812 1813 /* 1814 * Add an address to the list of IP6 multicast addresses for a 1815 * given interface. 1816 */ 1817 struct in6_multi * 1818 in6_addmulti(maddr6, ifp, errorp) 1819 struct in6_addr *maddr6; 1820 struct ifnet *ifp; 1821 int *errorp; 1822 { 1823 struct in6_ifaddr *ia; 1824 struct in6_ifreq ifr; 1825 struct in6_multi *in6m; 1826 int s = splsoftnet(); 1827 1828 *errorp = 0; 1829 /* 1830 * See if address already in list. 1831 */ 1832 IN6_LOOKUP_MULTI(*maddr6, ifp, in6m); 1833 if (in6m != NULL) { 1834 /* 1835 * Found it; just increment the refrence count. 1836 */ 1837 in6m->in6m_refcount++; 1838 } else { 1839 /* 1840 * New address; allocate a new multicast record 1841 * and link it into the interface's multicast list. 1842 */ 1843 in6m = (struct in6_multi *) 1844 malloc(sizeof(*in6m), M_IPMADDR, M_NOWAIT); 1845 if (in6m == NULL) { 1846 splx(s); 1847 *errorp = ENOBUFS; 1848 return (NULL); 1849 } 1850 in6m->in6m_addr = *maddr6; 1851 in6m->in6m_ifp = ifp; 1852 in6m->in6m_refcount = 1; 1853 IFP_TO_IA6(ifp, ia); 1854 if (ia == NULL) { 1855 free(in6m, M_IPMADDR); 1856 splx(s); 1857 *errorp = EADDRNOTAVAIL; /* appropriate? */ 1858 return (NULL); 1859 } 1860 in6m->in6m_ia = ia; 1861 IFAREF(&ia->ia_ifa); /* gain a reference */ 1862 LIST_INSERT_HEAD(&ia->ia6_multiaddrs, in6m, in6m_entry); 1863 1864 /* 1865 * Ask the network driver to update its multicast reception 1866 * filter appropriately for the new address. 1867 */ 1868 bzero(&ifr.ifr_addr, sizeof(struct sockaddr_in6)); 1869 ifr.ifr_addr.sin6_len = sizeof(struct sockaddr_in6); 1870 ifr.ifr_addr.sin6_family = AF_INET6; 1871 ifr.ifr_addr.sin6_addr = *maddr6; 1872 if (ifp->if_ioctl == NULL) 1873 *errorp = ENXIO; /* XXX: appropriate? */ 1874 else 1875 *errorp = (*ifp->if_ioctl)(ifp, SIOCADDMULTI, 1876 (caddr_t)&ifr); 1877 if (*errorp) { 1878 LIST_REMOVE(in6m, in6m_entry); 1879 free(in6m, M_IPMADDR); 1880 IFAFREE(&ia->ia_ifa); 1881 splx(s); 1882 return (NULL); 1883 } 1884 /* 1885 * Let MLD6 know that we have joined a new IP6 multicast 1886 * group. 1887 */ 1888 mld6_start_listening(in6m); 1889 } 1890 splx(s); 1891 return (in6m); 1892 } 1893 1894 /* 1895 * Delete a multicast address record. 1896 */ 1897 void 1898 in6_delmulti(in6m) 1899 struct in6_multi *in6m; 1900 { 1901 struct in6_ifreq ifr; 1902 struct in6_ifaddr *ia; 1903 int s = splsoftnet(); 1904 1905 if (--in6m->in6m_refcount == 0) { 1906 /* 1907 * No remaining claims to this record; let MLD6 know 1908 * that we are leaving the multicast group. 1909 */ 1910 mld6_stop_listening(in6m); 1911 1912 /* 1913 * Unlink from list. 1914 */ 1915 LIST_REMOVE(in6m, in6m_entry); 1916 if (in6m->in6m_ia) { 1917 IFAFREE(&in6m->in6m_ia->ia_ifa); /* release reference */ 1918 } 1919 /* 1920 * Delete all references of this multicasting group from 1921 * the membership arrays 1922 */ 1923 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 1924 struct in6_multi_mship *imm; 1925 LIST_FOREACH(imm, &ia->ia6_memberships, 1926 i6mm_chain) { 1927 if (imm->i6mm_maddr == in6m) 1928 imm->i6mm_maddr = NULL; 1929 } 1930 } 1931 1932 /* 1933 * Notify the network driver to update its multicast 1934 * reception filter. 1935 */ 1936 bzero(&ifr.ifr_addr, sizeof(struct sockaddr_in6)); 1937 ifr.ifr_addr.sin6_len = sizeof(struct sockaddr_in6); 1938 ifr.ifr_addr.sin6_family = AF_INET6; 1939 ifr.ifr_addr.sin6_addr = in6m->in6m_addr; 1940 (*in6m->in6m_ifp->if_ioctl)(in6m->in6m_ifp, 1941 SIOCDELMULTI, (caddr_t)&ifr); 1942 free(in6m, M_IPMADDR); 1943 } 1944 splx(s); 1945 } 1946 1947 struct in6_multi_mship * 1948 in6_joingroup(ifp, addr, errorp) 1949 struct ifnet *ifp; 1950 struct in6_addr *addr; 1951 int *errorp; 1952 { 1953 struct in6_multi_mship *imm; 1954 1955 imm = malloc(sizeof(*imm), M_IPMADDR, M_NOWAIT); 1956 if (!imm) { 1957 *errorp = ENOBUFS; 1958 return NULL; 1959 } 1960 imm->i6mm_maddr = in6_addmulti(addr, ifp, errorp); 1961 if (!imm->i6mm_maddr) { 1962 /* *errorp is alrady set */ 1963 free(imm, M_IPMADDR); 1964 return NULL; 1965 } 1966 return imm; 1967 } 1968 1969 int 1970 in6_leavegroup(imm) 1971 struct in6_multi_mship *imm; 1972 { 1973 1974 if (imm->i6mm_maddr) 1975 in6_delmulti(imm->i6mm_maddr); 1976 free(imm, M_IPMADDR); 1977 return 0; 1978 } 1979 1980 /* 1981 * Find an IPv6 interface link-local address specific to an interface. 1982 */ 1983 struct in6_ifaddr * 1984 in6ifa_ifpforlinklocal(ifp, ignoreflags) 1985 struct ifnet *ifp; 1986 int ignoreflags; 1987 { 1988 struct ifaddr *ifa; 1989 1990 for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa->ifa_list.tqe_next) 1991 { 1992 if (ifa->ifa_addr == NULL) 1993 continue; /* just for safety */ 1994 if (ifa->ifa_addr->sa_family != AF_INET6) 1995 continue; 1996 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) { 1997 if ((((struct in6_ifaddr *)ifa)->ia6_flags & 1998 ignoreflags) != 0) 1999 continue; 2000 break; 2001 } 2002 } 2003 2004 return ((struct in6_ifaddr *)ifa); 2005 } 2006 2007 2008 /* 2009 * find the internet address corresponding to a given interface and address. 2010 */ 2011 struct in6_ifaddr * 2012 in6ifa_ifpwithaddr(ifp, addr) 2013 struct ifnet *ifp; 2014 struct in6_addr *addr; 2015 { 2016 struct ifaddr *ifa; 2017 2018 for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa->ifa_list.tqe_next) 2019 { 2020 if (ifa->ifa_addr == NULL) 2021 continue; /* just for safety */ 2022 if (ifa->ifa_addr->sa_family != AF_INET6) 2023 continue; 2024 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) 2025 break; 2026 } 2027 2028 return ((struct in6_ifaddr *)ifa); 2029 } 2030 2031 /* 2032 * Convert IP6 address to printable (loggable) representation. 2033 */ 2034 static int ip6round = 0; 2035 char * 2036 ip6_sprintf(addr) 2037 const struct in6_addr *addr; 2038 { 2039 static char ip6buf[8][48]; 2040 int i; 2041 char *cp; 2042 const u_int16_t *a = (const u_int16_t *)addr; 2043 const u_int8_t *d; 2044 int dcolon = 0; 2045 2046 ip6round = (ip6round + 1) & 7; 2047 cp = ip6buf[ip6round]; 2048 2049 for (i = 0; i < 8; i++) { 2050 if (dcolon == 1) { 2051 if (*a == 0) { 2052 if (i == 7) 2053 *cp++ = ':'; 2054 a++; 2055 continue; 2056 } else 2057 dcolon = 2; 2058 } 2059 if (*a == 0) { 2060 if (dcolon == 0 && *(a + 1) == 0) { 2061 if (i == 0) 2062 *cp++ = ':'; 2063 *cp++ = ':'; 2064 dcolon = 1; 2065 } else { 2066 *cp++ = '0'; 2067 *cp++ = ':'; 2068 } 2069 a++; 2070 continue; 2071 } 2072 d = (const u_char *)a; 2073 *cp++ = hexdigits[*d >> 4]; 2074 *cp++ = hexdigits[*d++ & 0xf]; 2075 *cp++ = hexdigits[*d >> 4]; 2076 *cp++ = hexdigits[*d & 0xf]; 2077 *cp++ = ':'; 2078 a++; 2079 } 2080 *--cp = 0; 2081 return (ip6buf[ip6round]); 2082 } 2083 2084 /* 2085 * Determine if an address is on a local network. 2086 */ 2087 int 2088 in6_localaddr(in6) 2089 struct in6_addr *in6; 2090 { 2091 struct in6_ifaddr *ia; 2092 2093 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6)) 2094 return (1); 2095 2096 for (ia = in6_ifaddr; ia; ia = ia->ia_next) 2097 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr, 2098 &ia->ia_prefixmask.sin6_addr)) 2099 return (1); 2100 2101 return (0); 2102 } 2103 2104 int 2105 in6_is_addr_deprecated(sa6) 2106 struct sockaddr_in6 *sa6; 2107 { 2108 struct in6_ifaddr *ia; 2109 2110 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 2111 if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, 2112 &sa6->sin6_addr) && 2113 #ifdef SCOPEDROUTING 2114 ia->ia_addr.sin6_scope_id == sa6->sin6_scope_id && 2115 #endif 2116 (ia->ia6_flags & IN6_IFF_DEPRECATED) != 0) 2117 return (1); /* true */ 2118 2119 /* XXX: do we still have to go thru the rest of the list? */ 2120 } 2121 2122 return (0); /* false */ 2123 } 2124 2125 /* 2126 * return length of part which dst and src are equal 2127 * hard coding... 2128 */ 2129 int 2130 in6_matchlen(src, dst) 2131 struct in6_addr *src, *dst; 2132 { 2133 int match = 0; 2134 u_char *s = (u_char *)src, *d = (u_char *)dst; 2135 u_char *lim = s + 16, r; 2136 2137 while (s < lim) 2138 if ((r = (*d++ ^ *s++)) != 0) { 2139 while (r < 128) { 2140 match++; 2141 r <<= 1; 2142 } 2143 break; 2144 } else 2145 match += 8; 2146 return match; 2147 } 2148 2149 /* XXX: to be scope conscious */ 2150 int 2151 in6_are_prefix_equal(p1, p2, len) 2152 struct in6_addr *p1, *p2; 2153 int len; 2154 { 2155 int bytelen, bitlen; 2156 2157 /* sanity check */ 2158 if (0 > len || len > 128) { 2159 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n", 2160 len); 2161 return (0); 2162 } 2163 2164 bytelen = len / 8; 2165 bitlen = len % 8; 2166 2167 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen)) 2168 return (0); 2169 if (bitlen != 0 && 2170 p1->s6_addr[bytelen] >> (8 - bitlen) != 2171 p2->s6_addr[bytelen] >> (8 - bitlen)) 2172 return (0); 2173 2174 return (1); 2175 } 2176 2177 void 2178 in6_prefixlen2mask(maskp, len) 2179 struct in6_addr *maskp; 2180 int len; 2181 { 2182 static const u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff}; 2183 int bytelen, bitlen, i; 2184 2185 /* sanity check */ 2186 if (0 > len || len > 128) { 2187 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n", 2188 len); 2189 return; 2190 } 2191 2192 bzero(maskp, sizeof(*maskp)); 2193 bytelen = len / 8; 2194 bitlen = len % 8; 2195 for (i = 0; i < bytelen; i++) 2196 maskp->s6_addr[i] = 0xff; 2197 if (bitlen) 2198 maskp->s6_addr[bytelen] = maskarray[bitlen - 1]; 2199 } 2200 2201 /* 2202 * return the best address out of the same scope. if no address was 2203 * found, return the first valid address from designated IF. 2204 */ 2205 struct in6_ifaddr * 2206 in6_ifawithifp(ifp, dst) 2207 struct ifnet *ifp; 2208 struct in6_addr *dst; 2209 { 2210 int dst_scope = in6_addrscope(dst), blen = -1, tlen; 2211 struct ifaddr *ifa; 2212 struct in6_ifaddr *besta = 0; 2213 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */ 2214 2215 dep[0] = dep[1] = NULL; 2216 2217 /* 2218 * We first look for addresses in the same scope. 2219 * If there is one, return it. 2220 * If two or more, return one which matches the dst longest. 2221 * If none, return one of global addresses assigned other ifs. 2222 */ 2223 for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa->ifa_list.tqe_next) 2224 { 2225 if (ifa->ifa_addr->sa_family != AF_INET6) 2226 continue; 2227 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2228 continue; /* XXX: is there any case to allow anycast? */ 2229 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2230 continue; /* don't use this interface */ 2231 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2232 continue; 2233 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2234 if (ip6_use_deprecated) 2235 dep[0] = (struct in6_ifaddr *)ifa; 2236 continue; 2237 } 2238 2239 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) { 2240 /* 2241 * call in6_matchlen() as few as possible 2242 */ 2243 if (besta) { 2244 if (blen == -1) 2245 blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst); 2246 tlen = in6_matchlen(IFA_IN6(ifa), dst); 2247 if (tlen > blen) { 2248 blen = tlen; 2249 besta = (struct in6_ifaddr *)ifa; 2250 } 2251 } else 2252 besta = (struct in6_ifaddr *)ifa; 2253 } 2254 } 2255 if (besta) 2256 return (besta); 2257 2258 for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa->ifa_list.tqe_next) 2259 { 2260 if (ifa->ifa_addr->sa_family != AF_INET6) 2261 continue; 2262 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2263 continue; /* XXX: is there any case to allow anycast? */ 2264 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2265 continue; /* don't use this interface */ 2266 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2267 continue; 2268 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2269 if (ip6_use_deprecated) 2270 dep[1] = (struct in6_ifaddr *)ifa; 2271 continue; 2272 } 2273 2274 return (struct in6_ifaddr *)ifa; 2275 } 2276 2277 /* use the last-resort values, that are, deprecated addresses */ 2278 if (dep[0]) 2279 return dep[0]; 2280 if (dep[1]) 2281 return dep[1]; 2282 2283 return NULL; 2284 } 2285 2286 /* 2287 * perform DAD when interface becomes IFF_UP. 2288 */ 2289 void 2290 in6_if_up(ifp) 2291 struct ifnet *ifp; 2292 { 2293 struct ifaddr *ifa; 2294 struct in6_ifaddr *ia; 2295 int dad_delay; /* delay ticks before DAD output */ 2296 2297 /* 2298 * special cases, like 6to4, are handled in in6_ifattach 2299 */ 2300 in6_ifattach(ifp, NULL); 2301 2302 dad_delay = 0; 2303 for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa->ifa_list.tqe_next) 2304 { 2305 if (ifa->ifa_addr->sa_family != AF_INET6) 2306 continue; 2307 ia = (struct in6_ifaddr *)ifa; 2308 if (ia->ia6_flags & IN6_IFF_TENTATIVE) 2309 nd6_dad_start(ifa, &dad_delay); 2310 } 2311 } 2312 2313 int 2314 in6if_do_dad(ifp) 2315 struct ifnet *ifp; 2316 { 2317 if ((ifp->if_flags & IFF_LOOPBACK) != 0) 2318 return (0); 2319 2320 switch (ifp->if_type) { 2321 case IFT_FAITH: 2322 /* 2323 * These interfaces do not have the IFF_LOOPBACK flag, 2324 * but loop packets back. We do not have to do DAD on such 2325 * interfaces. We should even omit it, because loop-backed 2326 * NS would confuse the DAD procedure. 2327 */ 2328 return (0); 2329 default: 2330 /* 2331 * Our DAD routine requires the interface up and running. 2332 * However, some interfaces can be up before the RUNNING 2333 * status. Additionaly, users may try to assign addresses 2334 * before the interface becomes up (or running). 2335 * We simply skip DAD in such a case as a work around. 2336 * XXX: we should rather mark "tentative" on such addresses, 2337 * and do DAD after the interface becomes ready. 2338 */ 2339 if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) != 2340 (IFF_UP|IFF_RUNNING)) 2341 return (0); 2342 2343 return (1); 2344 } 2345 } 2346 2347 /* 2348 * Calculate max IPv6 MTU through all the interfaces and store it 2349 * to in6_maxmtu. 2350 */ 2351 void 2352 in6_setmaxmtu() 2353 { 2354 unsigned long maxmtu = 0; 2355 struct ifnet *ifp; 2356 2357 for (ifp = TAILQ_FIRST(&ifnet); ifp; ifp = TAILQ_NEXT(ifp, if_list)) 2358 { 2359 /* this function can be called during ifnet initialization */ 2360 if (!ifp->if_afdata[AF_INET6]) 2361 continue; 2362 if ((ifp->if_flags & IFF_LOOPBACK) == 0 && 2363 IN6_LINKMTU(ifp) > maxmtu) 2364 maxmtu = IN6_LINKMTU(ifp); 2365 } 2366 if (maxmtu) /* update only when maxmtu is positive */ 2367 in6_maxmtu = maxmtu; 2368 } 2369 2370 void * 2371 in6_domifattach(ifp) 2372 struct ifnet *ifp; 2373 { 2374 struct in6_ifextra *ext; 2375 2376 ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK); 2377 bzero(ext, sizeof(*ext)); 2378 2379 ext->in6_ifstat = (struct in6_ifstat *)malloc(sizeof(struct in6_ifstat), 2380 M_IFADDR, M_WAITOK); 2381 bzero(ext->in6_ifstat, sizeof(*ext->in6_ifstat)); 2382 2383 ext->icmp6_ifstat = 2384 (struct icmp6_ifstat *)malloc(sizeof(struct icmp6_ifstat), 2385 M_IFADDR, M_WAITOK); 2386 bzero(ext->icmp6_ifstat, sizeof(*ext->icmp6_ifstat)); 2387 2388 ext->nd_ifinfo = nd6_ifattach(ifp); 2389 ext->scope6_id = scope6_ifattach(ifp); 2390 return ext; 2391 } 2392 2393 void 2394 in6_domifdetach(ifp, aux) 2395 struct ifnet *ifp; 2396 void *aux; 2397 { 2398 struct in6_ifextra *ext = (struct in6_ifextra *)aux; 2399 2400 nd6_ifdetach(ext->nd_ifinfo); 2401 free(ext->in6_ifstat, M_IFADDR); 2402 free(ext->icmp6_ifstat, M_IFADDR); 2403 scope6_ifdetach(ext->scope6_id); 2404 free(ext, M_IFADDR); 2405 } 2406
Indexes created Thu Sep 25 14:09:45 GMT 2025