raw_ip6.c revision 1.8
1 /* $NetBSD: raw_ip6.c,v 1.8 1999/07/30 10:35:38 itojun Exp $ */ 2 3 /* 4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the project nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 /* 33 * Copyright (c) 1982, 1986, 1988, 1993 34 * The Regents of the University of California. All rights reserved. 35 * 36 * Redistribution and use in source and binary forms, with or without 37 * modification, are permitted provided that the following conditions 38 * are met: 39 * 1. Redistributions of source code must retain the above copyright 40 * notice, this list of conditions and the following disclaimer. 41 * 2. Redistributions in binary form must reproduce the above copyright 42 * notice, this list of conditions and the following disclaimer in the 43 * documentation and/or other materials provided with the distribution. 44 * 3. All advertising materials mentioning features or use of this software 45 * must display the following acknowledgement: 46 * This product includes software developed by the University of 47 * California, Berkeley and its contributors. 48 * 4. Neither the name of the University nor the names of its contributors 49 * may be used to endorse or promote products derived from this software 50 * without specific prior written permission. 51 * 52 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 53 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 54 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 55 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 56 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 57 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 58 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 59 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 60 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 61 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 62 * SUCH DAMAGE. 63 * 64 * @(#)raw_ip.c 8.2 (Berkeley) 1/4/94 65 */ 66 67 #include "opt_ipsec.h" 68 69 #include <sys/param.h> 70 #include <sys/malloc.h> 71 #include <sys/mbuf.h> 72 #include <sys/socket.h> 73 #include <sys/protosw.h> 74 #include <sys/socketvar.h> 75 #include <sys/errno.h> 76 #include <sys/systm.h> 77 #ifdef __NetBSD__ 78 #include <sys/proc.h> 79 #endif 80 81 #include <net/if.h> 82 #include <net/route.h> 83 #include <net/if_types.h> 84 85 #include <netinet/in.h> 86 #include <netinet/in_var.h> 87 #include <netinet6/ip6.h> 88 #include <netinet6/ip6_var.h> 89 #include <netinet6/ip6_mroute.h> 90 #include <netinet6/icmp6.h> 91 #include <netinet6/in6_pcb.h> 92 #include <netinet6/nd6.h> 93 94 #ifdef IPSEC 95 #include <netinet6/ipsec.h> 96 #endif /*IPSEC*/ 97 98 #include <machine/stdarg.h> 99 100 #include "faith.h" 101 102 struct in6pcb rawin6pcb; 103 #define ifatoia6(ifa) ((struct in6_ifaddr *)(ifa)) 104 105 /* 106 * Raw interface to IP6 protocol. 107 */ 108 109 /* 110 * Initialize raw connection block queue. 111 */ 112 void 113 rip6_init() 114 { 115 rawin6pcb.in6p_next = rawin6pcb.in6p_prev = &rawin6pcb; 116 } 117 118 /* 119 * Setup generic address and protocol structures 120 * for raw_input routine, then pass them along with 121 * mbuf chain. 122 */ 123 int 124 rip6_input(mp, offp, proto) 125 struct mbuf **mp; 126 int *offp, proto; 127 { 128 struct mbuf *m = *mp; 129 register struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); 130 register struct in6pcb *in6p; 131 struct in6pcb *last = NULL; 132 struct sockaddr_in6 rip6src; 133 struct mbuf *opts = NULL; 134 135 #if defined(NFAITH) && 0 < NFAITH 136 if (m->m_pkthdr.rcvif) { 137 if (m->m_pkthdr.rcvif->if_type == IFT_FAITH) { 138 /* send icmp6 host unreach? */ 139 m_freem(m); 140 return IPPROTO_DONE; 141 } 142 } 143 #endif 144 bzero(&rip6src, sizeof(rip6src)); 145 rip6src.sin6_len = sizeof(struct sockaddr_in6); 146 rip6src.sin6_family = AF_INET6; 147 rip6src.sin6_addr = ip6->ip6_src; 148 if (IN6_IS_SCOPE_LINKLOCAL(&rip6src.sin6_addr)) 149 rip6src.sin6_addr.s6_addr16[1] = 0; 150 if (m->m_pkthdr.rcvif) { 151 if (IN6_IS_SCOPE_LINKLOCAL(&rip6src.sin6_addr)) 152 rip6src.sin6_scope_id = m->m_pkthdr.rcvif->if_index; 153 else 154 rip6src.sin6_scope_id = 0; 155 } else 156 rip6src.sin6_scope_id = 0; 157 158 for (in6p = rawin6pcb.in6p_next; 159 in6p != &rawin6pcb; in6p = in6p->in6p_next) { 160 if (in6p->in6p_ip6.ip6_nxt && 161 in6p->in6p_ip6.ip6_nxt != proto) 162 continue; 163 if (!IN6_IS_ADDR_ANY(&in6p->in6p_laddr) && 164 !IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &ip6->ip6_dst)) 165 continue; 166 if (!IN6_IS_ADDR_ANY(&in6p->in6p_faddr) && 167 !IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, &ip6->ip6_src)) 168 continue; 169 if (in6p->in6p_cksum != -1 170 && in6_cksum(m, ip6->ip6_nxt, *offp, m->m_pkthdr.len - *offp)) 171 { 172 /* XXX bark something */ 173 continue; 174 } 175 if (last) { 176 struct mbuf *n; 177 if ((n = m_copy(m, 0, (int)M_COPYALL)) != NULL) { 178 if (last->in6p_flags & IN6P_CONTROLOPTS) 179 ip6_savecontrol(last, &opts, ip6, n); 180 /* strip intermediate headers */ 181 m_adj(n, *offp); 182 if (sbappendaddr(&last->in6p_socket->so_rcv, 183 (struct sockaddr *)&rip6src, 184 n, opts) == 0) { 185 /* should notify about lost packet */ 186 m_freem(n); 187 if (opts) 188 m_freem(opts); 189 } else 190 sorwakeup(last->in6p_socket); 191 opts = NULL; 192 } 193 } 194 last = in6p; 195 } 196 if (last) { 197 if (last->in6p_flags & IN6P_CONTROLOPTS) 198 ip6_savecontrol(last, &opts, ip6, m); 199 /* strip intermediate headers */ 200 m_adj(m, *offp); 201 if (sbappendaddr(&last->in6p_socket->so_rcv, 202 (struct sockaddr *)&rip6src, m, opts) == 0) { 203 m_freem(m); 204 if (opts) 205 m_freem(opts); 206 } else 207 sorwakeup(last->in6p_socket); 208 } else { 209 if (proto == IPPROTO_NONE) 210 m_freem(m); 211 else { 212 char *prvnxtp = ip6_get_prevhdr(m, *offp); /* XXX */ 213 icmp6_error(m, ICMP6_PARAM_PROB, 214 ICMP6_PARAMPROB_NEXTHEADER, 215 prvnxtp - mtod(m, char *)); 216 } 217 ip6stat.ip6s_delivered--; 218 } 219 return IPPROTO_DONE; 220 } 221 222 /* 223 * Generate IPv6 header and pass packet to ip6_output. 224 * Tack on options user may have setup with control call. 225 */ 226 int 227 #if __STDC__ 228 rip6_output(struct mbuf *m, ...) 229 #else 230 rip6_output(m, va_alist) 231 struct mbuf *m; 232 va_dcl 233 #endif 234 { 235 struct socket *so; 236 struct sockaddr_in6 *dstsock; 237 struct mbuf *control; 238 struct in6_addr *dst; 239 struct ip6_hdr *ip6; 240 struct in6pcb *in6p; 241 u_int plen = m->m_pkthdr.len; 242 int error = 0; 243 struct ip6_pktopts opt, *optp = NULL; 244 struct ifnet *oifp = NULL; 245 int priv = 0; 246 va_list ap; 247 248 va_start(ap, m); 249 so = va_arg(ap, struct socket *); 250 dstsock = va_arg(ap, struct sockaddr_in6 *); 251 control = va_arg(ap, struct mbuf *); 252 va_end(ap); 253 254 in6p = sotoin6pcb(so); 255 256 { 257 struct proc *p = curproc; /* XXX */ 258 259 if (p && !suser(p->p_ucred, &p->p_acflag)) 260 priv = 1; 261 } 262 dst = &dstsock->sin6_addr; 263 if (control) { 264 if ((error = ip6_setpktoptions(control, &opt, priv)) != 0) 265 goto bad; 266 optp = &opt; 267 } else 268 optp = in6p->in6p_outputopts; 269 270 M_PREPEND(m, sizeof(*ip6), M_WAIT); 271 ip6 = mtod(m, struct ip6_hdr *); 272 273 /* 274 * Next header might not be ICMP6 but use its pseudo header anyway. 275 */ 276 ip6->ip6_dst = *dst; 277 278 /* 279 * If the scope of the destination is link-local, embed the interface 280 * index in the address. 281 * 282 * XXX advanced-api value overrides sin6_scope_id 283 */ 284 if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_dst)) { 285 struct in6_pktinfo *pi; 286 287 /* 288 * XXX Boundary check is assumed to be already done in 289 * in6_setpktoptions(). 290 */ 291 if (optp && (pi = optp->ip6po_pktinfo) && pi->ipi6_ifindex) { 292 ip6->ip6_dst.s6_addr16[1] = htons(pi->ipi6_ifindex); 293 oifp = ifindex2ifnet[pi->ipi6_ifindex]; 294 } 295 else if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) && 296 in6p->in6p_moptions && 297 in6p->in6p_moptions->im6o_multicast_ifp) { 298 ip6->ip6_dst.s6_addr16[1] = 299 htons(in6p->in6p_moptions->im6o_multicast_ifp->if_index); 300 oifp = ifindex2ifnet[in6p->in6p_moptions->im6o_multicast_ifp->if_index]; 301 } else if (dstsock->sin6_scope_id) { 302 /* boundary check */ 303 if (dstsock->sin6_scope_id < 0 304 || if_index < dstsock->sin6_scope_id) { 305 error = ENXIO; /* XXX EINVAL? */ 306 goto bad; 307 } 308 ip6->ip6_dst.s6_addr16[1] 309 = htons(dstsock->sin6_scope_id & 0xffff);/*XXX*/ 310 } 311 } 312 313 if (IN6_IS_ADDR_ANY(&in6p->in6p_laddr)) { 314 struct in6_addr *in6a; 315 316 if ((in6a = in6_selectsrc(dstsock, optp, 317 in6p->in6p_moptions, 318 &in6p->in6p_route, 319 &error)) == 0) { 320 if (error == 0) 321 error = EADDRNOTAVAIL; 322 goto bad; 323 } 324 ip6->ip6_src = *in6a; 325 if (in6p->in6p_route.ro_rt) 326 oifp = ifindex2ifnet[in6p->in6p_route.ro_rt->rt_ifp->if_index]; 327 } else 328 ip6->ip6_src = in6p->in6p_laddr; 329 330 ip6->ip6_flow = in6p->in6p_flowinfo & IPV6_FLOWINFO_MASK; 331 ip6->ip6_vfc = IPV6_VERSION; 332 #if 0 /* ip6_plen will be filled in ip6_output. */ 333 ip6->ip6_plen = htons((u_short)plen); 334 #endif 335 ip6->ip6_nxt = in6p->in6p_ip6.ip6_nxt; 336 if (oifp) 337 ip6->ip6_hlim = nd_ifinfo[oifp->if_index].chlim; 338 else 339 ip6->ip6_hlim = in6p->in6p_ip6.ip6_hlim; 340 341 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6 || 342 in6p->in6p_cksum != -1) { 343 struct mbuf *n; 344 int off; 345 u_int16_t *p; 346 347 #define offsetof(type, member) ((size_t)(&((type *)0)->member)) /* XXX */ 348 349 /* compute checksum */ 350 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) 351 off = offsetof(struct icmp6_hdr, icmp6_cksum); 352 else 353 off = in6p->in6p_cksum; 354 if (plen < off + 1) { 355 error = EINVAL; 356 goto bad; 357 } 358 off += sizeof(struct ip6_hdr); 359 360 n = m; 361 while (n && n->m_len <= off) { 362 off -= n->m_len; 363 n = n->m_next; 364 } 365 if (!n) 366 goto bad; 367 p = (u_int16_t *)(mtod(n, caddr_t) + off); 368 *p = 0; 369 *p = in6_cksum(m, ip6->ip6_nxt, sizeof(*ip6), plen); 370 } 371 372 #ifdef IPSEC 373 m->m_pkthdr.rcvif = (struct ifnet *)so; 374 #endif /*IPSEC*/ 375 376 error = ip6_output(m, optp, &in6p->in6p_route, 0, in6p->in6p_moptions); 377 goto freectl; 378 379 bad: 380 if (m) 381 m_freem(m); 382 383 freectl: 384 if (optp == &opt && optp->ip6po_rthdr && optp->ip6po_route.ro_rt) 385 RTFREE(optp->ip6po_route.ro_rt); 386 if (control) 387 m_freem(control); 388 return(error); 389 } 390 391 /* 392 * Raw IPv6 socket option processing. 393 */ 394 int 395 rip6_ctloutput(op, so, level, optname, m) 396 int op; 397 struct socket *so; 398 int level, optname; 399 struct mbuf **m; 400 { 401 int error = 0; 402 403 switch(level) { 404 case IPPROTO_IPV6: 405 switch(optname) { 406 case MRT6_INIT: 407 case MRT6_DONE: 408 case MRT6_ADD_MIF: 409 case MRT6_DEL_MIF: 410 case MRT6_ADD_MFC: 411 case MRT6_DEL_MFC: 412 case MRT6_PIM: 413 if (op == PRCO_SETOPT) { 414 error = ip6_mrouter_set(optname, so, *m); 415 if (*m) 416 (void)m_free(*m); 417 } else if (op == PRCO_GETOPT) { 418 error = ip6_mrouter_get(optname, so, m); 419 } else 420 error = EINVAL; 421 return (error); 422 } 423 return (ip6_ctloutput(op, so, level, optname, m)); 424 /* NOTREACHED */ 425 426 case IPPROTO_ICMPV6: 427 /* 428 * XXX: is it better to call icmp6_ctloutput() directly 429 * from protosw? 430 */ 431 return(icmp6_ctloutput(op, so, level, optname, m)); 432 433 default: 434 if (op == PRCO_SETOPT && *m) 435 (void)m_free(*m); 436 return(EINVAL); 437 } 438 } 439 440 extern u_long rip6_sendspace; 441 extern u_long rip6_recvspace; 442 443 int 444 rip6_usrreq(so, req, m, nam, control, p) 445 register struct socket *so; 446 int req; 447 struct mbuf *m, *nam, *control; 448 struct proc *p; 449 { 450 register struct in6pcb *in6p = sotoin6pcb(so); 451 int s; 452 int error = 0; 453 /* extern struct socket *ip6_mrouter; */ /* xxx */ 454 455 if (req == PRU_CONTROL) 456 return (in6_control(so, (u_long)m, (caddr_t)nam, 457 (struct ifnet *)control, p)); 458 459 switch (req) { 460 case PRU_ATTACH: 461 if (in6p) 462 panic("rip6_attach"); 463 if (p == 0 || suser(p->p_ucred, &p->p_acflag)) { 464 error = EACCES; 465 break; 466 } 467 s = splsoftnet(); 468 if ((error = soreserve(so, rip6_sendspace, rip6_recvspace)) || 469 (error = in6_pcballoc(so, &rawin6pcb))) { 470 splx(s); 471 break; 472 } 473 splx(s); 474 in6p = sotoin6pcb(so); 475 in6p->in6p_ip6.ip6_nxt = (long)nam; 476 in6p->in6p_cksum = -1; 477 #ifdef IPSEC 478 if ((error = ipsec_init_policy(&in6p->in6p_sp)) != 0) 479 break; 480 #endif /*IPSEC*/ 481 482 MALLOC(in6p->in6p_icmp6filt, struct icmp6_filter *, 483 sizeof(struct icmp6_filter), M_PCB, M_NOWAIT); 484 ICMP6_FILTER_SETPASSALL(in6p->in6p_icmp6filt); 485 break; 486 487 case PRU_DISCONNECT: 488 if ((so->so_state & SS_ISCONNECTED) == 0) { 489 error = ENOTCONN; 490 break; 491 } 492 in6p->in6p_faddr = in6addr_any; 493 so->so_state &= ~SS_ISCONNECTED; /* XXX */ 494 break; 495 496 case PRU_ABORT: 497 soisdisconnected(so); 498 /* Fallthrough */ 499 case PRU_DETACH: 500 if (in6p == 0) 501 panic("rip6_detach"); 502 if (so == ip6_mrouter) 503 ip6_mrouter_done(); 504 /* xxx: RSVP */ 505 if (in6p->in6p_icmp6filt) { 506 FREE(in6p->in6p_icmp6filt, M_PCB); 507 in6p->in6p_icmp6filt = NULL; 508 } 509 in6_pcbdetach(in6p); 510 break; 511 512 case PRU_BIND: 513 { 514 struct sockaddr_in6 *addr = mtod(nam, struct sockaddr_in6 *); 515 struct ifaddr *ia = NULL; 516 517 if (nam->m_len != sizeof(*addr)) { 518 error = EINVAL; 519 break; 520 } 521 if ((ifnet.tqh_first == 0) || 522 (addr->sin6_family != AF_INET6) || 523 (!IN6_IS_ADDR_ANY(&addr->sin6_addr) && 524 (ia = ifa_ifwithaddr((struct sockaddr *)addr)) == 0)) { 525 error = EADDRNOTAVAIL; 526 break; 527 } 528 if (ia && 529 ((struct in6_ifaddr *)ia)->ia6_flags & 530 (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY| 531 IN6_IFF_DETACHED|IN6_IFF_DEPRECATED)) { 532 error = EADDRNOTAVAIL; 533 break; 534 } 535 in6p->in6p_laddr = addr->sin6_addr; 536 break; 537 } 538 539 case PRU_CONNECT: 540 { 541 struct sockaddr_in6 *addr = mtod(nam, struct sockaddr_in6 *); 542 struct in6_addr *in6a = NULL; 543 544 if (nam->m_len != sizeof(*addr)) { 545 error = EINVAL; 546 break; 547 } 548 if (ifnet.tqh_first == 0) { 549 error = EADDRNOTAVAIL; 550 break; 551 } 552 if (addr->sin6_family != AF_INET6) { 553 error = EAFNOSUPPORT; 554 break; 555 } 556 557 /* Source address selection. XXX: need pcblookup? */ 558 in6a = &in6p->in6p_laddr; 559 if (IN6_IS_ADDR_ANY(in6a) && 560 (in6a = in6_selectsrc(addr, in6p->in6p_outputopts, 561 in6p->in6p_moptions, &in6p->in6p_route, 562 &error)) == NULL) { 563 if (error == 0) 564 error = EADDRNOTAVAIL; 565 break; 566 } 567 in6p->in6p_laddr = *in6a; 568 in6p->in6p_faddr = addr->sin6_addr; 569 soisconnected(so); 570 break; 571 } 572 573 case PRU_CONNECT2: 574 error = EOPNOTSUPP; 575 break; 576 577 /* 578 * Mark the connection as being incapable of futther input. 579 */ 580 case PRU_SHUTDOWN: 581 socantsendmore(so); 582 break; 583 /* 584 * Ship a packet out. The appropriate raw output 585 * routine handles any messaging necessary. 586 */ 587 case PRU_SEND: 588 { 589 struct sockaddr_in6 tmp; 590 struct sockaddr_in6 *dst; 591 592 if (so->so_state & SS_ISCONNECTED) { 593 if (nam) { 594 error = EISCONN; 595 break; 596 } 597 /* XXX */ 598 bzero(&tmp, sizeof(tmp)); 599 tmp.sin6_family = AF_INET6; 600 tmp.sin6_len = sizeof(struct sockaddr_in6); 601 bcopy(&in6p->in6p_faddr, &tmp.sin6_addr, 602 sizeof(struct in6_addr)); 603 dst = &tmp; 604 } else { 605 if (nam == NULL) { 606 error = ENOTCONN; 607 break; 608 } 609 dst = mtod(nam, struct sockaddr_in6 *); 610 } 611 error = rip6_output(m, so, dst, control); 612 m = NULL; 613 break; 614 } 615 616 case PRU_SENSE: 617 /* 618 * stat: don't bother with a blocksize 619 */ 620 return(0); 621 /* 622 * Not supported. 623 */ 624 case PRU_RCVOOB: 625 case PRU_RCVD: 626 case PRU_LISTEN: 627 case PRU_ACCEPT: 628 case PRU_SENDOOB: 629 error = EOPNOTSUPP; 630 break; 631 632 case PRU_SOCKADDR: 633 in6_setsockaddr(in6p, nam); 634 break; 635 636 case PRU_PEERADDR: 637 in6_setpeeraddr(in6p, nam); 638 break; 639 640 default: 641 panic("rip6_usrreq"); 642 } 643 if (m != NULL) 644 m_freem(m); 645 return(error); 646 } 647
Indexes created Tue Sep 30 20:09:53 GMT 2025