1 /* $FreeBSD: src/sys/netinet6/in6.c,v 1.7.2.9 2002/04/28 05:40:26 suz Exp $ */ 2 /* $DragonFly: src/sys/netinet6/in6.c,v 1.8 2004/05/20 18:30:36 cpressey Exp $ */ 3 /* $KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $ */ 4 5 /* 6 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the project nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 /* 35 * Copyright (c) 1982, 1986, 1991, 1993 36 * The Regents of the University of California. All rights reserved. 37 * 38 * Redistribution and use in source and binary forms, with or without 39 * modification, are permitted provided that the following conditions 40 * are met: 41 * 1. Redistributions of source code must retain the above copyright 42 * notice, this list of conditions and the following disclaimer. 43 * 2. Redistributions in binary form must reproduce the above copyright 44 * notice, this list of conditions and the following disclaimer in the 45 * documentation and/or other materials provided with the distribution. 46 * 3. All advertising materials mentioning features or use of this software 47 * must display the following acknowledgement: 48 * This product includes software developed by the University of 49 * California, Berkeley and its contributors. 50 * 4. Neither the name of the University nor the names of its contributors 51 * may be used to endorse or promote products derived from this software 52 * without specific prior written permission. 53 * 54 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 55 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 56 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 57 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 58 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 59 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 60 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 61 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 62 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 63 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 64 * SUCH DAMAGE. 65 * 66 * @(#)in.c 8.2 (Berkeley) 11/15/93 67 */ 68 69 #include "opt_inet.h" 70 #include "opt_inet6.h" 71 72 #include <sys/param.h> 73 #include <sys/errno.h> 74 #include <sys/malloc.h> 75 #include <sys/socket.h> 76 #include <sys/socketvar.h> 77 #include <sys/sockio.h> 78 #include <sys/systm.h> 79 #include <sys/proc.h> 80 #include <sys/time.h> 81 #include <sys/kernel.h> 82 #include <sys/syslog.h> 83 84 #include <net/if.h> 85 #include <net/if_types.h> 86 #include <net/route.h> 87 #include <net/if_dl.h> 88 89 #include <netinet/in.h> 90 #include <netinet/in_var.h> 91 #include <netinet/if_ether.h> 92 #ifndef SCOPEDROUTING 93 #include <netinet/in_systm.h> 94 #include <netinet/ip.h> 95 #include <netinet/in_pcb.h> 96 #endif 97 98 #include <netinet/ip6.h> 99 #include <netinet6/ip6_var.h> 100 #include <netinet6/nd6.h> 101 #include <netinet6/mld6_var.h> 102 #include <netinet6/ip6_mroute.h> 103 #include <netinet6/in6_ifattach.h> 104 #include <netinet6/scope6_var.h> 105 #ifndef SCOPEDROUTING 106 #include <netinet6/in6_pcb.h> 107 #endif 108 109 #include <net/net_osdep.h> 110 111 MALLOC_DEFINE(M_IPMADDR, "in6_multi", "internet multicast address"); 112 113 /* 114 * Definitions of some costant IP6 addresses. 115 */ 116 const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT; 117 const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT; 118 const struct in6_addr in6addr_nodelocal_allnodes = 119 IN6ADDR_NODELOCAL_ALLNODES_INIT; 120 const struct in6_addr in6addr_linklocal_allnodes = 121 IN6ADDR_LINKLOCAL_ALLNODES_INIT; 122 const struct in6_addr in6addr_linklocal_allrouters = 123 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT; 124 125 const struct in6_addr in6mask0 = IN6MASK0; 126 const struct in6_addr in6mask32 = IN6MASK32; 127 const struct in6_addr in6mask64 = IN6MASK64; 128 const struct in6_addr in6mask96 = IN6MASK96; 129 const struct in6_addr in6mask128 = IN6MASK128; 130 131 const struct sockaddr_in6 sa6_any = {sizeof(sa6_any), AF_INET6, 132 0, 0, IN6ADDR_ANY_INIT, 0}; 133 134 static int in6_lifaddr_ioctl (struct socket *, u_long, caddr_t, 135 struct ifnet *, struct thread *); 136 static int in6_ifinit (struct ifnet *, struct in6_ifaddr *, 137 struct sockaddr_in6 *, int); 138 static void in6_unlink_ifa (struct in6_ifaddr *, struct ifnet *); 139 140 struct in6_multihead in6_multihead; /* XXX BSS initialization */ 141 142 int (*faithprefix_p)(struct in6_addr *); 143 144 /* 145 * Subroutine for in6_ifaddloop() and in6_ifremloop(). 146 * This routine does actual work. 147 */ 148 static void 149 in6_ifloop_request(int cmd, struct ifaddr *ifa) 150 { 151 struct sockaddr_in6 all1_sa; 152 struct rtentry *nrt = NULL; 153 int e; 154 155 bzero(&all1_sa, sizeof(all1_sa)); 156 all1_sa.sin6_family = AF_INET6; 157 all1_sa.sin6_len = sizeof(struct sockaddr_in6); 158 all1_sa.sin6_addr = in6mask128; 159 160 /* 161 * We specify the address itself as the gateway, and set the 162 * RTF_LLINFO flag, so that the corresponding host route would have 163 * the flag, and thus applications that assume traditional behavior 164 * would be happy. Note that we assume the caller of the function 165 * (probably implicitly) set nd6_rtrequest() to ifa->ifa_rtrequest, 166 * which changes the outgoing interface to the loopback interface. 167 */ 168 e = rtrequest(cmd, ifa->ifa_addr, ifa->ifa_addr, 169 (struct sockaddr *)&all1_sa, 170 RTF_UP|RTF_HOST|RTF_LLINFO, &nrt); 171 if (e != 0) { 172 log(LOG_ERR, "in6_ifloop_request: " 173 "%s operation failed for %s (errno=%d)\n", 174 cmd == RTM_ADD ? "ADD" : "DELETE", 175 ip6_sprintf(&((struct in6_ifaddr *)ifa)->ia_addr.sin6_addr), 176 e); 177 } 178 179 /* 180 * Make sure rt_ifa be equal to IFA, the second argument of the 181 * function. 182 * We need this because when we refer to rt_ifa->ia6_flags in 183 * ip6_input, we assume that the rt_ifa points to the address instead 184 * of the loopback address. 185 */ 186 if (cmd == RTM_ADD && nrt && ifa != nrt->rt_ifa) { 187 IFAFREE(nrt->rt_ifa); 188 IFAREF(ifa); 189 nrt->rt_ifa = ifa; 190 } 191 192 /* 193 * Report the addition/removal of the address to the routing socket. 194 * XXX: since we called rtinit for a p2p interface with a destination, 195 * we end up reporting twice in such a case. Should we rather 196 * omit the second report? 197 */ 198 if (nrt) { 199 rt_newaddrmsg(cmd, ifa, e, nrt); 200 if (cmd == RTM_DELETE) { 201 if (nrt->rt_refcnt <= 0) { 202 /* XXX: we should free the entry ourselves. */ 203 nrt->rt_refcnt++; 204 rtfree(nrt); 205 } 206 } else { 207 /* the cmd must be RTM_ADD here */ 208 nrt->rt_refcnt--; 209 } 210 } 211 } 212 213 /* 214 * Add ownaddr as loopback rtentry. We previously add the route only if 215 * necessary (ex. on a p2p link). However, since we now manage addresses 216 * separately from prefixes, we should always add the route. We can't 217 * rely on the cloning mechanism from the corresponding interface route 218 * any more. 219 */ 220 static void 221 in6_ifaddloop(struct ifaddr *ifa) 222 { 223 struct rtentry *rt; 224 225 /* If there is no loopback entry, allocate one. */ 226 rt = rtalloc1(ifa->ifa_addr, 0, 0); 227 if (rt == NULL || (rt->rt_flags & RTF_HOST) == 0 || 228 (rt->rt_ifp->if_flags & IFF_LOOPBACK) == 0) 229 in6_ifloop_request(RTM_ADD, ifa); 230 if (rt) 231 rt->rt_refcnt--; 232 } 233 234 /* 235 * Remove loopback rtentry of ownaddr generated by in6_ifaddloop(), 236 * if it exists. 237 */ 238 static void 239 in6_ifremloop(struct ifaddr *ifa) 240 { 241 struct in6_ifaddr *ia; 242 struct rtentry *rt; 243 int ia_count = 0; 244 245 /* 246 * Some of BSD variants do not remove cloned routes 247 * from an interface direct route, when removing the direct route 248 * (see comments in net/net_osdep.h). Even for variants that do remove 249 * cloned routes, they could fail to remove the cloned routes when 250 * we handle multple addresses that share a common prefix. 251 * So, we should remove the route corresponding to the deleted address 252 * regardless of the result of in6_is_ifloop_auto(). 253 */ 254 255 /* 256 * Delete the entry only if exact one ifa exists. More than one ifa 257 * can exist if we assign a same single address to multiple 258 * (probably p2p) interfaces. 259 * XXX: we should avoid such a configuration in IPv6... 260 */ 261 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 262 if (IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &ia->ia_addr.sin6_addr)) { 263 ia_count++; 264 if (ia_count > 1) 265 break; 266 } 267 } 268 269 if (ia_count == 1) { 270 /* 271 * Before deleting, check if a corresponding loopbacked host 272 * route surely exists. With this check, we can avoid to 273 * delete an interface direct route whose destination is same 274 * as the address being removed. This can happen when remofing 275 * a subnet-router anycast address on an interface attahced 276 * to a shared medium. 277 */ 278 rt = rtalloc1(ifa->ifa_addr, 0, 0); 279 if (rt != NULL && (rt->rt_flags & RTF_HOST) != 0 && 280 (rt->rt_ifp->if_flags & IFF_LOOPBACK) != 0) { 281 rt->rt_refcnt--; 282 in6_ifloop_request(RTM_DELETE, ifa); 283 } 284 } 285 } 286 287 int 288 in6_ifindex2scopeid(int idx) 289 { 290 struct ifnet *ifp; 291 struct ifaddr *ifa; 292 struct sockaddr_in6 *sin6; 293 294 if (idx < 0 || if_index < idx) 295 return -1; 296 ifp = ifindex2ifnet[idx]; 297 298 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) 299 { 300 if (ifa->ifa_addr->sa_family != AF_INET6) 301 continue; 302 sin6 = (struct sockaddr_in6 *)ifa->ifa_addr; 303 if (IN6_IS_ADDR_SITELOCAL(&sin6->sin6_addr)) 304 return sin6->sin6_scope_id & 0xffff; 305 } 306 307 return -1; 308 } 309 310 int 311 in6_mask2len(struct in6_addr *mask, u_char *lim0) 312 { 313 int x = 0, y; 314 u_char *lim = lim0, *p; 315 316 if (lim0 == NULL || 317 lim0 - (u_char *)mask > sizeof(*mask)) /* ignore the scope_id part */ 318 lim = (u_char *)mask + sizeof(*mask); 319 for (p = (u_char *)mask; p < lim; x++, p++) { 320 if (*p != 0xff) 321 break; 322 } 323 y = 0; 324 if (p < lim) { 325 for (y = 0; y < 8; y++) { 326 if ((*p & (0x80 >> y)) == 0) 327 break; 328 } 329 } 330 331 /* 332 * when the limit pointer is given, do a stricter check on the 333 * remaining bits. 334 */ 335 if (p < lim) { 336 if (y != 0 && (*p & (0x00ff >> y)) != 0) 337 return(-1); 338 for (p = p + 1; p < lim; p++) 339 if (*p != 0) 340 return(-1); 341 } 342 343 return x * 8 + y; 344 } 345 346 void 347 in6_len2mask(struct in6_addr *mask, int len) 348 { 349 int i; 350 351 bzero(mask, sizeof(*mask)); 352 for (i = 0; i < len / 8; i++) 353 mask->s6_addr8[i] = 0xff; 354 if (len % 8) 355 mask->s6_addr8[i] = (0xff00 >> (len % 8)) & 0xff; 356 } 357 358 #define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa)) 359 #define ia62ifa(ia6) (&((ia6)->ia_ifa)) 360 361 int 362 in6_control(struct socket *so, u_long cmd, caddr_t data, 363 struct ifnet *ifp, struct thread *td) 364 { 365 struct in6_ifreq *ifr = (struct in6_ifreq *)data; 366 struct in6_ifaddr *ia = NULL; 367 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data; 368 int privileged; 369 370 privileged = 0; 371 if (suser(td) == 0) 372 privileged++; 373 374 switch (cmd) { 375 case SIOCGETSGCNT_IN6: 376 case SIOCGETMIFCNT_IN6: 377 return (mrt6_ioctl(cmd, data)); 378 } 379 380 if (ifp == NULL) 381 return(EOPNOTSUPP); 382 383 switch (cmd) { 384 case SIOCSNDFLUSH_IN6: 385 case SIOCSPFXFLUSH_IN6: 386 case SIOCSRTRFLUSH_IN6: 387 case SIOCSDEFIFACE_IN6: 388 case SIOCSIFINFO_FLAGS: 389 if (!privileged) 390 return(EPERM); 391 /* fall through */ 392 case OSIOCGIFINFO_IN6: 393 case SIOCGIFINFO_IN6: 394 case SIOCGDRLST_IN6: 395 case SIOCGPRLST_IN6: 396 case SIOCGNBRINFO_IN6: 397 case SIOCGDEFIFACE_IN6: 398 return(nd6_ioctl(cmd, data, ifp)); 399 } 400 401 switch (cmd) { 402 case SIOCSIFPREFIX_IN6: 403 case SIOCDIFPREFIX_IN6: 404 case SIOCAIFPREFIX_IN6: 405 case SIOCCIFPREFIX_IN6: 406 case SIOCSGIFPREFIX_IN6: 407 case SIOCGIFPREFIX_IN6: 408 log(LOG_NOTICE, 409 "prefix ioctls are now invalidated. " 410 "please use ifconfig.\n"); 411 return(EOPNOTSUPP); 412 } 413 414 switch (cmd) { 415 case SIOCSSCOPE6: 416 if (!privileged) 417 return(EPERM); 418 return(scope6_set(ifp, ifr->ifr_ifru.ifru_scope_id)); 419 break; 420 case SIOCGSCOPE6: 421 return(scope6_get(ifp, ifr->ifr_ifru.ifru_scope_id)); 422 break; 423 case SIOCGSCOPE6DEF: 424 return(scope6_get_default(ifr->ifr_ifru.ifru_scope_id)); 425 break; 426 } 427 428 switch (cmd) { 429 case SIOCALIFADDR: 430 case SIOCDLIFADDR: 431 if (!privileged) 432 return(EPERM); 433 /* fall through */ 434 case SIOCGLIFADDR: 435 return in6_lifaddr_ioctl(so, cmd, data, ifp, td); 436 } 437 438 /* 439 * Find address for this interface, if it exists. 440 */ 441 if (ifra->ifra_addr.sin6_family == AF_INET6) { /* XXX */ 442 struct sockaddr_in6 *sa6 = 443 (struct sockaddr_in6 *)&ifra->ifra_addr; 444 445 if (IN6_IS_ADDR_LINKLOCAL(&sa6->sin6_addr)) { 446 if (sa6->sin6_addr.s6_addr16[1] == 0) { 447 /* link ID is not embedded by the user */ 448 sa6->sin6_addr.s6_addr16[1] = 449 htons(ifp->if_index); 450 } else if (sa6->sin6_addr.s6_addr16[1] != 451 htons(ifp->if_index)) { 452 return(EINVAL); /* link ID contradicts */ 453 } 454 if (sa6->sin6_scope_id) { 455 if (sa6->sin6_scope_id != 456 (u_int32_t)ifp->if_index) 457 return(EINVAL); 458 sa6->sin6_scope_id = 0; /* XXX: good way? */ 459 } 460 } 461 ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr); 462 } 463 464 switch (cmd) { 465 case SIOCSIFADDR_IN6: 466 case SIOCSIFDSTADDR_IN6: 467 case SIOCSIFNETMASK_IN6: 468 /* 469 * Since IPv6 allows a node to assign multiple addresses 470 * on a single interface, SIOCSIFxxx ioctls are not suitable 471 * and should be unused. 472 */ 473 /* we decided to obsolete this command (20000704) */ 474 return(EINVAL); 475 476 case SIOCDIFADDR_IN6: 477 /* 478 * for IPv4, we look for existing in_ifaddr here to allow 479 * "ifconfig if0 delete" to remove first IPv4 address on the 480 * interface. For IPv6, as the spec allow multiple interface 481 * address from the day one, we consider "remove the first one" 482 * semantics to be not preferable. 483 */ 484 if (ia == NULL) 485 return(EADDRNOTAVAIL); 486 /* FALLTHROUGH */ 487 case SIOCAIFADDR_IN6: 488 /* 489 * We always require users to specify a valid IPv6 address for 490 * the corresponding operation. 491 */ 492 if (ifra->ifra_addr.sin6_family != AF_INET6 || 493 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) 494 return(EAFNOSUPPORT); 495 if (!privileged) 496 return(EPERM); 497 498 break; 499 500 case SIOCGIFADDR_IN6: 501 /* This interface is basically deprecated. use SIOCGIFCONF. */ 502 /* fall through */ 503 case SIOCGIFAFLAG_IN6: 504 case SIOCGIFNETMASK_IN6: 505 case SIOCGIFDSTADDR_IN6: 506 case SIOCGIFALIFETIME_IN6: 507 /* must think again about its semantics */ 508 if (ia == NULL) 509 return(EADDRNOTAVAIL); 510 break; 511 case SIOCSIFALIFETIME_IN6: 512 { 513 struct in6_addrlifetime *lt; 514 515 if (!privileged) 516 return(EPERM); 517 if (ia == NULL) 518 return(EADDRNOTAVAIL); 519 /* sanity for overflow - beware unsigned */ 520 lt = &ifr->ifr_ifru.ifru_lifetime; 521 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME 522 && lt->ia6t_vltime + time_second < time_second) { 523 return EINVAL; 524 } 525 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME 526 && lt->ia6t_pltime + time_second < time_second) { 527 return EINVAL; 528 } 529 break; 530 } 531 } 532 533 switch (cmd) { 534 535 case SIOCGIFADDR_IN6: 536 ifr->ifr_addr = ia->ia_addr; 537 break; 538 539 case SIOCGIFDSTADDR_IN6: 540 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) 541 return(EINVAL); 542 /* 543 * XXX: should we check if ifa_dstaddr is NULL and return 544 * an error? 545 */ 546 ifr->ifr_dstaddr = ia->ia_dstaddr; 547 break; 548 549 case SIOCGIFNETMASK_IN6: 550 ifr->ifr_addr = ia->ia_prefixmask; 551 break; 552 553 case SIOCGIFAFLAG_IN6: 554 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags; 555 break; 556 557 case SIOCGIFSTAT_IN6: 558 if (ifp == NULL) 559 return EINVAL; 560 if (in6_ifstat == NULL || ifp->if_index >= in6_ifstatmax 561 || in6_ifstat[ifp->if_index] == NULL) { 562 /* return EAFNOSUPPORT? */ 563 bzero(&ifr->ifr_ifru.ifru_stat, 564 sizeof(ifr->ifr_ifru.ifru_stat)); 565 } else 566 ifr->ifr_ifru.ifru_stat = *in6_ifstat[ifp->if_index]; 567 break; 568 569 case SIOCGIFSTAT_ICMP6: 570 if (ifp == NULL) 571 return EINVAL; 572 if (icmp6_ifstat == NULL || ifp->if_index >= icmp6_ifstatmax || 573 icmp6_ifstat[ifp->if_index] == NULL) { 574 /* return EAFNOSUPPORT? */ 575 bzero(&ifr->ifr_ifru.ifru_stat, 576 sizeof(ifr->ifr_ifru.ifru_icmp6stat)); 577 } else 578 ifr->ifr_ifru.ifru_icmp6stat = 579 *icmp6_ifstat[ifp->if_index]; 580 break; 581 582 case SIOCGIFALIFETIME_IN6: 583 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime; 584 break; 585 586 case SIOCSIFALIFETIME_IN6: 587 ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime; 588 /* for sanity */ 589 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 590 ia->ia6_lifetime.ia6t_expire = 591 time_second + ia->ia6_lifetime.ia6t_vltime; 592 } else 593 ia->ia6_lifetime.ia6t_expire = 0; 594 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 595 ia->ia6_lifetime.ia6t_preferred = 596 time_second + ia->ia6_lifetime.ia6t_pltime; 597 } else 598 ia->ia6_lifetime.ia6t_preferred = 0; 599 break; 600 601 case SIOCAIFADDR_IN6: 602 { 603 int i, error = 0; 604 struct nd_prefix pr0, *pr; 605 606 /* 607 * first, make or update the interface address structure, 608 * and link it to the list. 609 */ 610 if ((error = in6_update_ifa(ifp, ifra, ia)) != 0) 611 return(error); 612 613 /* 614 * then, make the prefix on-link on the interface. 615 * XXX: we'd rather create the prefix before the address, but 616 * we need at least one address to install the corresponding 617 * interface route, so we configure the address first. 618 */ 619 620 /* 621 * convert mask to prefix length (prefixmask has already 622 * been validated in in6_update_ifa(). 623 */ 624 bzero(&pr0, sizeof(pr0)); 625 pr0.ndpr_ifp = ifp; 626 pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 627 NULL); 628 if (pr0.ndpr_plen == 128) 629 break; /* we don't need to install a host route. */ 630 pr0.ndpr_prefix = ifra->ifra_addr; 631 pr0.ndpr_mask = ifra->ifra_prefixmask.sin6_addr; 632 /* apply the mask for safety. */ 633 for (i = 0; i < 4; i++) { 634 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &= 635 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i]; 636 } 637 /* 638 * XXX: since we don't have an API to set prefix (not address) 639 * lifetimes, we just use the same lifetimes as addresses. 640 * The (temporarily) installed lifetimes can be overridden by 641 * later advertised RAs (when accept_rtadv is non 0), which is 642 * an intended behavior. 643 */ 644 pr0.ndpr_raf_onlink = 1; /* should be configurable? */ 645 pr0.ndpr_raf_auto = 646 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0); 647 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime; 648 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime; 649 650 /* add the prefix if there's one. */ 651 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) { 652 /* 653 * nd6_prelist_add will install the corresponding 654 * interface route. 655 */ 656 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) 657 return(error); 658 if (pr == NULL) { 659 log(LOG_ERR, "nd6_prelist_add succedded but " 660 "no prefix\n"); 661 return(EINVAL); /* XXX panic here? */ 662 } 663 } 664 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr)) 665 == NULL) { 666 /* XXX: this should not happen! */ 667 log(LOG_ERR, "in6_control: addition succeeded, but" 668 " no ifaddr\n"); 669 } else { 670 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) != 0 && 671 ia->ia6_ndpr == NULL) { /* new autoconfed addr */ 672 ia->ia6_ndpr = pr; 673 pr->ndpr_refcnt++; 674 675 /* 676 * If this is the first autoconf address from 677 * the prefix, create a temporary address 678 * as well (when specified). 679 */ 680 if (ip6_use_tempaddr && 681 pr->ndpr_refcnt == 1) { 682 int e; 683 if ((e = in6_tmpifadd(ia, 1)) != 0) { 684 log(LOG_NOTICE, "in6_control: " 685 "failed to create a " 686 "temporary address, " 687 "errno=%d\n", 688 e); 689 } 690 } 691 } 692 693 /* 694 * this might affect the status of autoconfigured 695 * addresses, that is, this address might make 696 * other addresses detached. 697 */ 698 pfxlist_onlink_check(); 699 } 700 break; 701 } 702 703 case SIOCDIFADDR_IN6: 704 { 705 int i = 0; 706 struct nd_prefix pr0, *pr; 707 708 /* 709 * If the address being deleted is the only one that owns 710 * the corresponding prefix, expire the prefix as well. 711 * XXX: theoretically, we don't have to warry about such 712 * relationship, since we separate the address management 713 * and the prefix management. We do this, however, to provide 714 * as much backward compatibility as possible in terms of 715 * the ioctl operation. 716 */ 717 bzero(&pr0, sizeof(pr0)); 718 pr0.ndpr_ifp = ifp; 719 pr0.ndpr_plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, 720 NULL); 721 if (pr0.ndpr_plen == 128) 722 goto purgeaddr; 723 pr0.ndpr_prefix = ia->ia_addr; 724 pr0.ndpr_mask = ia->ia_prefixmask.sin6_addr; 725 for (i = 0; i < 4; i++) { 726 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &= 727 ia->ia_prefixmask.sin6_addr.s6_addr32[i]; 728 } 729 /* 730 * The logic of the following condition is a bit complicated. 731 * We expire the prefix when 732 * 1. the address obeys autoconfiguration and it is the 733 * only owner of the associated prefix, or 734 * 2. the address does not obey autoconf and there is no 735 * other owner of the prefix. 736 */ 737 if ((pr = nd6_prefix_lookup(&pr0)) != NULL && 738 (((ia->ia6_flags & IN6_IFF_AUTOCONF) != 0 && 739 pr->ndpr_refcnt == 1) || 740 ((ia->ia6_flags & IN6_IFF_AUTOCONF) == 0 && 741 pr->ndpr_refcnt == 0))) { 742 pr->ndpr_expire = 1; /* XXX: just for expiration */ 743 } 744 745 purgeaddr: 746 in6_purgeaddr(&ia->ia_ifa); 747 break; 748 } 749 750 default: 751 if (ifp == NULL || ifp->if_ioctl == 0) 752 return(EOPNOTSUPP); 753 return((*ifp->if_ioctl)(ifp, cmd, data, td->td_proc->p_ucred)); 754 } 755 756 return(0); 757 } 758 759 /* 760 * Update parameters of an IPv6 interface address. 761 * If necessary, a new entry is created and linked into address chains. 762 * This function is separated from in6_control(). 763 * XXX: should this be performed under splnet()? 764 */ 765 int 766 in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, 767 struct in6_ifaddr *ia) 768 { 769 int error = 0, hostIsNew = 0, plen = -1; 770 struct in6_ifaddr *oia; 771 struct sockaddr_in6 dst6; 772 struct in6_addrlifetime *lt; 773 774 /* Validate parameters */ 775 if (ifp == NULL || ifra == NULL) /* this maybe redundant */ 776 return(EINVAL); 777 778 /* 779 * The destination address for a p2p link must have a family 780 * of AF_UNSPEC or AF_INET6. 781 */ 782 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && 783 ifra->ifra_dstaddr.sin6_family != AF_INET6 && 784 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC) 785 return(EAFNOSUPPORT); 786 /* 787 * validate ifra_prefixmask. don't check sin6_family, netmask 788 * does not carry fields other than sin6_len. 789 */ 790 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6)) 791 return(EINVAL); 792 /* 793 * Because the IPv6 address architecture is classless, we require 794 * users to specify a (non 0) prefix length (mask) for a new address. 795 * We also require the prefix (when specified) mask is valid, and thus 796 * reject a non-consecutive mask. 797 */ 798 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0) 799 return(EINVAL); 800 if (ifra->ifra_prefixmask.sin6_len != 0) { 801 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 802 (u_char *)&ifra->ifra_prefixmask + 803 ifra->ifra_prefixmask.sin6_len); 804 if (plen <= 0) 805 return(EINVAL); 806 } 807 else { 808 /* 809 * In this case, ia must not be NULL. We just use its prefix 810 * length. 811 */ 812 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 813 } 814 /* 815 * If the destination address on a p2p interface is specified, 816 * and the address is a scoped one, validate/set the scope 817 * zone identifier. 818 */ 819 dst6 = ifra->ifra_dstaddr; 820 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) && 821 (dst6.sin6_family == AF_INET6)) { 822 int scopeid; 823 824 #ifndef SCOPEDROUTING 825 if ((error = in6_recoverscope(&dst6, 826 &ifra->ifra_dstaddr.sin6_addr, 827 ifp)) != 0) 828 return(error); 829 #endif 830 scopeid = in6_addr2scopeid(ifp, &dst6.sin6_addr); 831 if (dst6.sin6_scope_id == 0) /* user omit to specify the ID. */ 832 dst6.sin6_scope_id = scopeid; 833 else if (dst6.sin6_scope_id != scopeid) 834 return(EINVAL); /* scope ID mismatch. */ 835 #ifndef SCOPEDROUTING 836 if ((error = in6_embedscope(&dst6.sin6_addr, &dst6, NULL, NULL)) 837 != 0) 838 return(error); 839 dst6.sin6_scope_id = 0; /* XXX */ 840 #endif 841 } 842 /* 843 * The destination address can be specified only for a p2p or a 844 * loopback interface. If specified, the corresponding prefix length 845 * must be 128. 846 */ 847 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) { 848 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) { 849 /* XXX: noisy message */ 850 log(LOG_INFO, "in6_update_ifa: a destination can be " 851 "specified for a p2p or a loopback IF only\n"); 852 return(EINVAL); 853 } 854 if (plen != 128) { 855 /* 856 * The following message seems noisy, but we dare to 857 * add it for diagnosis. 858 */ 859 log(LOG_INFO, "in6_update_ifa: prefixlen must be 128 " 860 "when dstaddr is specified\n"); 861 return(EINVAL); 862 } 863 } 864 /* lifetime consistency check */ 865 lt = &ifra->ifra_lifetime; 866 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME 867 && lt->ia6t_vltime + time_second < time_second) { 868 return EINVAL; 869 } 870 if (lt->ia6t_vltime == 0) { 871 /* 872 * the following log might be noisy, but this is a typical 873 * configuration mistake or a tool's bug. 874 */ 875 log(LOG_INFO, 876 "in6_update_ifa: valid lifetime is 0 for %s\n", 877 ip6_sprintf(&ifra->ifra_addr.sin6_addr)); 878 } 879 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME 880 && lt->ia6t_pltime + time_second < time_second) { 881 return EINVAL; 882 } 883 884 /* 885 * If this is a new address, allocate a new ifaddr and link it 886 * into chains. 887 */ 888 if (ia == NULL) { 889 hostIsNew = 1; 890 /* 891 * When in6_update_ifa() is called in a process of a received 892 * RA, it is called under splnet(). So, we should call malloc 893 * with M_NOWAIT. 894 */ 895 ia = (struct in6_ifaddr *) 896 malloc(sizeof(*ia), M_IFADDR, M_NOWAIT); 897 if (ia == NULL) 898 return (ENOBUFS); 899 bzero((caddr_t)ia, sizeof(*ia)); 900 /* Initialize the address and masks */ 901 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr; 902 ia->ia_addr.sin6_family = AF_INET6; 903 ia->ia_addr.sin6_len = sizeof(ia->ia_addr); 904 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) { 905 /* 906 * XXX: some functions expect that ifa_dstaddr is not 907 * NULL for p2p interfaces. 908 */ 909 ia->ia_ifa.ifa_dstaddr 910 = (struct sockaddr *)&ia->ia_dstaddr; 911 } else { 912 ia->ia_ifa.ifa_dstaddr = NULL; 913 } 914 ia->ia_ifa.ifa_netmask 915 = (struct sockaddr *)&ia->ia_prefixmask; 916 917 ia->ia_ifp = ifp; 918 if ((oia = in6_ifaddr) != NULL) { 919 for ( ; oia->ia_next; oia = oia->ia_next) 920 continue; 921 oia->ia_next = ia; 922 } else 923 in6_ifaddr = ia; 924 925 TAILQ_INSERT_TAIL(&ifp->if_addrlist, &ia->ia_ifa, 926 ifa_list); 927 } 928 929 /* set prefix mask */ 930 if (ifra->ifra_prefixmask.sin6_len) { 931 /* 932 * We prohibit changing the prefix length of an existing 933 * address, because 934 * + such an operation should be rare in IPv6, and 935 * + the operation would confuse prefix management. 936 */ 937 if (ia->ia_prefixmask.sin6_len && 938 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) { 939 log(LOG_INFO, "in6_update_ifa: the prefix length of an" 940 " existing (%s) address should not be changed\n", 941 ip6_sprintf(&ia->ia_addr.sin6_addr)); 942 error = EINVAL; 943 goto unlink; 944 } 945 ia->ia_prefixmask = ifra->ifra_prefixmask; 946 } 947 948 /* 949 * If a new destination address is specified, scrub the old one and 950 * install the new destination. Note that the interface must be 951 * p2p or loopback (see the check above.) 952 */ 953 if (dst6.sin6_family == AF_INET6 && 954 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, 955 &ia->ia_dstaddr.sin6_addr)) { 956 int e; 957 958 if ((ia->ia_flags & IFA_ROUTE) != 0 && 959 (e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) 960 != 0) { 961 log(LOG_ERR, "in6_update_ifa: failed to remove " 962 "a route to the old destination: %s\n", 963 ip6_sprintf(&ia->ia_addr.sin6_addr)); 964 /* proceed anyway... */ 965 } 966 else 967 ia->ia_flags &= ~IFA_ROUTE; 968 ia->ia_dstaddr = dst6; 969 } 970 971 /* reset the interface and routing table appropriately. */ 972 if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0) 973 goto unlink; 974 975 /* 976 * Beyond this point, we should call in6_purgeaddr upon an error, 977 * not just go to unlink. 978 */ 979 980 #if 0 /* disable this mechanism for now */ 981 /* update prefix list */ 982 if (hostIsNew && 983 (ifra->ifra_flags & IN6_IFF_NOPFX) == 0) { /* XXX */ 984 int iilen; 985 986 iilen = (sizeof(ia->ia_prefixmask.sin6_addr) << 3) - plen; 987 if ((error = in6_prefix_add_ifid(iilen, ia)) != 0) { 988 in6_purgeaddr((struct ifaddr *)ia); 989 return(error); 990 } 991 } 992 #endif 993 994 if ((ifp->if_flags & IFF_MULTICAST) != 0) { 995 struct sockaddr_in6 mltaddr, mltmask; 996 struct in6_multi *in6m; 997 998 if (hostIsNew) { 999 /* 1000 * join solicited multicast addr for new host id 1001 */ 1002 struct in6_addr llsol; 1003 bzero(&llsol, sizeof(struct in6_addr)); 1004 llsol.s6_addr16[0] = htons(0xff02); 1005 llsol.s6_addr16[1] = htons(ifp->if_index); 1006 llsol.s6_addr32[1] = 0; 1007 llsol.s6_addr32[2] = htonl(1); 1008 llsol.s6_addr32[3] = 1009 ifra->ifra_addr.sin6_addr.s6_addr32[3]; 1010 llsol.s6_addr8[12] = 0xff; 1011 (void)in6_addmulti(&llsol, ifp, &error); 1012 if (error != 0) { 1013 log(LOG_WARNING, 1014 "in6_update_ifa: addmulti failed for " 1015 "%s on %s (errno=%d)\n", 1016 ip6_sprintf(&llsol), if_name(ifp), 1017 error); 1018 in6_purgeaddr((struct ifaddr *)ia); 1019 return(error); 1020 } 1021 } 1022 1023 bzero(&mltmask, sizeof(mltmask)); 1024 mltmask.sin6_len = sizeof(struct sockaddr_in6); 1025 mltmask.sin6_family = AF_INET6; 1026 mltmask.sin6_addr = in6mask32; 1027 1028 /* 1029 * join link-local all-nodes address 1030 */ 1031 bzero(&mltaddr, sizeof(mltaddr)); 1032 mltaddr.sin6_len = sizeof(struct sockaddr_in6); 1033 mltaddr.sin6_family = AF_INET6; 1034 mltaddr.sin6_addr = in6addr_linklocal_allnodes; 1035 mltaddr.sin6_addr.s6_addr16[1] = htons(ifp->if_index); 1036 1037 IN6_LOOKUP_MULTI(mltaddr.sin6_addr, ifp, in6m); 1038 if (in6m == NULL) { 1039 rtrequest(RTM_ADD, 1040 (struct sockaddr *)&mltaddr, 1041 (struct sockaddr *)&ia->ia_addr, 1042 (struct sockaddr *)&mltmask, 1043 RTF_UP|RTF_CLONING, /* xxx */ 1044 (struct rtentry **)0); 1045 (void)in6_addmulti(&mltaddr.sin6_addr, ifp, &error); 1046 if (error != 0) { 1047 log(LOG_WARNING, 1048 "in6_update_ifa: addmulti failed for " 1049 "%s on %s (errno=%d)\n", 1050 ip6_sprintf(&mltaddr.sin6_addr), 1051 if_name(ifp), error); 1052 } 1053 } 1054 1055 /* 1056 * join node information group address 1057 */ 1058 #define hostnamelen strlen(hostname) 1059 if (in6_nigroup(ifp, hostname, hostnamelen, &mltaddr.sin6_addr) 1060 == 0) { 1061 IN6_LOOKUP_MULTI(mltaddr.sin6_addr, ifp, in6m); 1062 if (in6m == NULL && ia != NULL) { 1063 (void)in6_addmulti(&mltaddr.sin6_addr, 1064 ifp, &error); 1065 if (error != 0) { 1066 log(LOG_WARNING, "in6_update_ifa: " 1067 "addmulti failed for " 1068 "%s on %s (errno=%d)\n", 1069 ip6_sprintf(&mltaddr.sin6_addr), 1070 if_name(ifp), error); 1071 } 1072 } 1073 } 1074 #undef hostnamelen 1075 1076 /* 1077 * join node-local all-nodes address, on loopback. 1078 * XXX: since "node-local" is obsoleted by interface-local, 1079 * we have to join the group on every interface with 1080 * some interface-boundary restriction. 1081 */ 1082 if (ifp->if_flags & IFF_LOOPBACK) { 1083 struct in6_ifaddr *ia_loop; 1084 1085 struct in6_addr loop6 = in6addr_loopback; 1086 ia_loop = in6ifa_ifpwithaddr(ifp, &loop6); 1087 1088 mltaddr.sin6_addr = in6addr_nodelocal_allnodes; 1089 1090 IN6_LOOKUP_MULTI(mltaddr.sin6_addr, ifp, in6m); 1091 if (in6m == NULL && ia_loop != NULL) { 1092 rtrequest(RTM_ADD, 1093 (struct sockaddr *)&mltaddr, 1094 (struct sockaddr *)&ia_loop->ia_addr, 1095 (struct sockaddr *)&mltmask, 1096 RTF_UP, 1097 (struct rtentry **)0); 1098 (void)in6_addmulti(&mltaddr.sin6_addr, ifp, 1099 &error); 1100 if (error != 0) { 1101 log(LOG_WARNING, "in6_update_ifa: " 1102 "addmulti failed for %s on %s " 1103 "(errno=%d)\n", 1104 ip6_sprintf(&mltaddr.sin6_addr), 1105 if_name(ifp), error); 1106 } 1107 } 1108 } 1109 } 1110 1111 ia->ia6_flags = ifra->ifra_flags; 1112 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /*safety*/ 1113 ia->ia6_flags &= ~IN6_IFF_NODAD; /* Mobile IPv6 */ 1114 1115 ia->ia6_lifetime = ifra->ifra_lifetime; 1116 /* for sanity */ 1117 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 1118 ia->ia6_lifetime.ia6t_expire = 1119 time_second + ia->ia6_lifetime.ia6t_vltime; 1120 } else 1121 ia->ia6_lifetime.ia6t_expire = 0; 1122 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 1123 ia->ia6_lifetime.ia6t_preferred = 1124 time_second + ia->ia6_lifetime.ia6t_pltime; 1125 } else 1126 ia->ia6_lifetime.ia6t_preferred = 0; 1127 1128 /* 1129 * make sure to initialize ND6 information. this is to workaround 1130 * issues with interfaces with IPv6 addresses, which have never brought 1131 * up. We are assuming that it is safe to nd6_ifattach multiple times. 1132 */ 1133 nd6_ifattach(ifp); 1134 1135 /* 1136 * Perform DAD, if needed. 1137 * XXX It may be of use, if we can administratively 1138 * disable DAD. 1139 */ 1140 if (in6if_do_dad(ifp) && (ifra->ifra_flags & IN6_IFF_NODAD) == 0) { 1141 ia->ia6_flags |= IN6_IFF_TENTATIVE; 1142 nd6_dad_start((struct ifaddr *)ia, NULL); 1143 } 1144 1145 return(error); 1146 1147 unlink: 1148 /* 1149 * XXX: if a change of an existing address failed, keep the entry 1150 * anyway. 1151 */ 1152 if (hostIsNew) 1153 in6_unlink_ifa(ia, ifp); 1154 return(error); 1155 } 1156 1157 void 1158 in6_purgeaddr(struct ifaddr *ifa) 1159 { 1160 struct ifnet *ifp = ifa->ifa_ifp; 1161 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa; 1162 1163 /* stop DAD processing */ 1164 nd6_dad_stop(ifa); 1165 1166 /* 1167 * delete route to the destination of the address being purged. 1168 * The interface must be p2p or loopback in this case. 1169 */ 1170 if ((ia->ia_flags & IFA_ROUTE) != 0 && ia->ia_dstaddr.sin6_len != 0) { 1171 int e; 1172 1173 if ((e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) 1174 != 0) { 1175 log(LOG_ERR, "in6_purgeaddr: failed to remove " 1176 "a route to the p2p destination: %s on %s, " 1177 "errno=%d\n", 1178 ip6_sprintf(&ia->ia_addr.sin6_addr), if_name(ifp), 1179 e); 1180 /* proceed anyway... */ 1181 } 1182 else 1183 ia->ia_flags &= ~IFA_ROUTE; 1184 } 1185 1186 /* Remove ownaddr's loopback rtentry, if it exists. */ 1187 in6_ifremloop(&(ia->ia_ifa)); 1188 1189 if (ifp->if_flags & IFF_MULTICAST) { 1190 /* 1191 * delete solicited multicast addr for deleting host id 1192 */ 1193 struct in6_multi *in6m; 1194 struct in6_addr llsol; 1195 bzero(&llsol, sizeof(struct in6_addr)); 1196 llsol.s6_addr16[0] = htons(0xff02); 1197 llsol.s6_addr16[1] = htons(ifp->if_index); 1198 llsol.s6_addr32[1] = 0; 1199 llsol.s6_addr32[2] = htonl(1); 1200 llsol.s6_addr32[3] = 1201 ia->ia_addr.sin6_addr.s6_addr32[3]; 1202 llsol.s6_addr8[12] = 0xff; 1203 1204 IN6_LOOKUP_MULTI(llsol, ifp, in6m); 1205 if (in6m) 1206 in6_delmulti(in6m); 1207 } 1208 1209 in6_unlink_ifa(ia, ifp); 1210 } 1211 1212 static void 1213 in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp) 1214 { 1215 int plen, iilen; 1216 struct in6_ifaddr *oia; 1217 int s = splnet(); 1218 1219 TAILQ_REMOVE(&ifp->if_addrlist, &ia->ia_ifa, ifa_list); 1220 1221 oia = ia; 1222 if (oia == (ia = in6_ifaddr)) 1223 in6_ifaddr = ia->ia_next; 1224 else { 1225 while (ia->ia_next && (ia->ia_next != oia)) 1226 ia = ia->ia_next; 1227 if (ia->ia_next) 1228 ia->ia_next = oia->ia_next; 1229 else { 1230 /* search failed */ 1231 printf("Couldn't unlink in6_ifaddr from in6_ifaddr\n"); 1232 } 1233 } 1234 1235 if (oia->ia6_ifpr) { /* check for safety */ 1236 plen = in6_mask2len(&oia->ia_prefixmask.sin6_addr, NULL); 1237 iilen = (sizeof(oia->ia_prefixmask.sin6_addr) << 3) - plen; 1238 in6_prefix_remove_ifid(iilen, oia); 1239 } 1240 1241 /* 1242 * When an autoconfigured address is being removed, release the 1243 * reference to the base prefix. Also, since the release might 1244 * affect the status of other (detached) addresses, call 1245 * pfxlist_onlink_check(). 1246 */ 1247 if ((oia->ia6_flags & IN6_IFF_AUTOCONF) != 0) { 1248 if (oia->ia6_ndpr == NULL) { 1249 log(LOG_NOTICE, "in6_unlink_ifa: autoconf'ed address " 1250 "%p has no prefix\n", oia); 1251 } else { 1252 oia->ia6_ndpr->ndpr_refcnt--; 1253 oia->ia6_flags &= ~IN6_IFF_AUTOCONF; 1254 oia->ia6_ndpr = NULL; 1255 } 1256 1257 pfxlist_onlink_check(); 1258 } 1259 1260 /* 1261 * release another refcnt for the link from in6_ifaddr. 1262 * Note that we should decrement the refcnt at least once for all *BSD. 1263 */ 1264 IFAFREE(&oia->ia_ifa); 1265 1266 splx(s); 1267 } 1268 1269 void 1270 in6_purgeif(struct ifnet *ifp) 1271 { 1272 struct ifaddr *ifa, *nifa; 1273 1274 for (ifa = TAILQ_FIRST(&ifp->if_addrlist); ifa != NULL; ifa = nifa) 1275 { 1276 nifa = TAILQ_NEXT(ifa, ifa_list); 1277 if (ifa->ifa_addr->sa_family != AF_INET6) 1278 continue; 1279 in6_purgeaddr(ifa); 1280 } 1281 1282 in6_ifdetach(ifp); 1283 } 1284 1285 /* 1286 * SIOC[GAD]LIFADDR. 1287 * SIOCGLIFADDR: get first address. (?) 1288 * SIOCGLIFADDR with IFLR_PREFIX: 1289 * get first address that matches the specified prefix. 1290 * SIOCALIFADDR: add the specified address. 1291 * SIOCALIFADDR with IFLR_PREFIX: 1292 * add the specified prefix, filling hostid part from 1293 * the first link-local address. prefixlen must be <= 64. 1294 * SIOCDLIFADDR: delete the specified address. 1295 * SIOCDLIFADDR with IFLR_PREFIX: 1296 * delete the first address that matches the specified prefix. 1297 * return values: 1298 * EINVAL on invalid parameters 1299 * EADDRNOTAVAIL on prefix match failed/specified address not found 1300 * other values may be returned from in6_ioctl() 1301 * 1302 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64. 1303 * this is to accomodate address naming scheme other than RFC2374, 1304 * in the future. 1305 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374 1306 * address encoding scheme. (see figure on page 8) 1307 */ 1308 static int 1309 in6_lifaddr_ioctl(struct socket *so, u_long cmd, caddr_t data, 1310 struct ifnet *ifp, struct thread *td) 1311 { 1312 struct if_laddrreq *iflr = (struct if_laddrreq *)data; 1313 struct ifaddr *ifa; 1314 struct sockaddr *sa; 1315 1316 /* sanity checks */ 1317 if (!data || !ifp) { 1318 panic("invalid argument to in6_lifaddr_ioctl"); 1319 /*NOTRECHED*/ 1320 } 1321 1322 switch (cmd) { 1323 case SIOCGLIFADDR: 1324 /* address must be specified on GET with IFLR_PREFIX */ 1325 if ((iflr->flags & IFLR_PREFIX) == 0) 1326 break; 1327 /* FALLTHROUGH */ 1328 case SIOCALIFADDR: 1329 case SIOCDLIFADDR: 1330 /* address must be specified on ADD and DELETE */ 1331 sa = (struct sockaddr *)&iflr->addr; 1332 if (sa->sa_family != AF_INET6) 1333 return EINVAL; 1334 if (sa->sa_len != sizeof(struct sockaddr_in6)) 1335 return EINVAL; 1336 /* XXX need improvement */ 1337 sa = (struct sockaddr *)&iflr->dstaddr; 1338 if (sa->sa_family && sa->sa_family != AF_INET6) 1339 return EINVAL; 1340 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6)) 1341 return EINVAL; 1342 break; 1343 default: /* shouldn't happen */ 1344 #if 0 1345 panic("invalid cmd to in6_lifaddr_ioctl"); 1346 /* NOTREACHED */ 1347 #else 1348 return EOPNOTSUPP; 1349 #endif 1350 } 1351 if (sizeof(struct in6_addr) * 8 < iflr->prefixlen) 1352 return EINVAL; 1353 1354 switch (cmd) { 1355 case SIOCALIFADDR: 1356 { 1357 struct in6_aliasreq ifra; 1358 struct in6_addr *hostid = NULL; 1359 int prefixlen; 1360 1361 if ((iflr->flags & IFLR_PREFIX) != 0) { 1362 struct sockaddr_in6 *sin6; 1363 1364 /* 1365 * hostid is to fill in the hostid part of the 1366 * address. hostid points to the first link-local 1367 * address attached to the interface. 1368 */ 1369 ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 0); 1370 if (!ifa) 1371 return EADDRNOTAVAIL; 1372 hostid = IFA_IN6(ifa); 1373 1374 /* prefixlen must be <= 64. */ 1375 if (64 < iflr->prefixlen) 1376 return EINVAL; 1377 prefixlen = iflr->prefixlen; 1378 1379 /* hostid part must be zero. */ 1380 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1381 if (sin6->sin6_addr.s6_addr32[2] != 0 1382 || sin6->sin6_addr.s6_addr32[3] != 0) { 1383 return EINVAL; 1384 } 1385 } else 1386 prefixlen = iflr->prefixlen; 1387 1388 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */ 1389 bzero(&ifra, sizeof(ifra)); 1390 bcopy(iflr->iflr_name, ifra.ifra_name, 1391 sizeof(ifra.ifra_name)); 1392 1393 bcopy(&iflr->addr, &ifra.ifra_addr, 1394 ((struct sockaddr *)&iflr->addr)->sa_len); 1395 if (hostid) { 1396 /* fill in hostid part */ 1397 ifra.ifra_addr.sin6_addr.s6_addr32[2] = 1398 hostid->s6_addr32[2]; 1399 ifra.ifra_addr.sin6_addr.s6_addr32[3] = 1400 hostid->s6_addr32[3]; 1401 } 1402 1403 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /*XXX*/ 1404 bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr, 1405 ((struct sockaddr *)&iflr->dstaddr)->sa_len); 1406 if (hostid) { 1407 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] = 1408 hostid->s6_addr32[2]; 1409 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] = 1410 hostid->s6_addr32[3]; 1411 } 1412 } 1413 1414 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6); 1415 in6_len2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen); 1416 1417 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX; 1418 return in6_control(so, SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp, td); 1419 } 1420 case SIOCGLIFADDR: 1421 case SIOCDLIFADDR: 1422 { 1423 struct in6_ifaddr *ia; 1424 struct in6_addr mask, candidate, match; 1425 struct sockaddr_in6 *sin6; 1426 int cmp; 1427 1428 bzero(&mask, sizeof(mask)); 1429 if (iflr->flags & IFLR_PREFIX) { 1430 /* lookup a prefix rather than address. */ 1431 in6_len2mask(&mask, iflr->prefixlen); 1432 1433 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1434 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1435 match.s6_addr32[0] &= mask.s6_addr32[0]; 1436 match.s6_addr32[1] &= mask.s6_addr32[1]; 1437 match.s6_addr32[2] &= mask.s6_addr32[2]; 1438 match.s6_addr32[3] &= mask.s6_addr32[3]; 1439 1440 /* if you set extra bits, that's wrong */ 1441 if (bcmp(&match, &sin6->sin6_addr, sizeof(match))) 1442 return EINVAL; 1443 1444 cmp = 1; 1445 } else { 1446 if (cmd == SIOCGLIFADDR) { 1447 /* on getting an address, take the 1st match */ 1448 cmp = 0; /* XXX */ 1449 } else { 1450 /* on deleting an address, do exact match */ 1451 in6_len2mask(&mask, 128); 1452 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1453 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1454 1455 cmp = 1; 1456 } 1457 } 1458 1459 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) 1460 { 1461 if (ifa->ifa_addr->sa_family != AF_INET6) 1462 continue; 1463 if (!cmp) 1464 break; 1465 1466 bcopy(IFA_IN6(ifa), &candidate, sizeof(candidate)); 1467 #ifndef SCOPEDROUTING 1468 /* 1469 * XXX: this is adhoc, but is necessary to allow 1470 * a user to specify fe80::/64 (not /10) for a 1471 * link-local address. 1472 */ 1473 if (IN6_IS_ADDR_LINKLOCAL(&candidate)) 1474 candidate.s6_addr16[1] = 0; 1475 #endif 1476 candidate.s6_addr32[0] &= mask.s6_addr32[0]; 1477 candidate.s6_addr32[1] &= mask.s6_addr32[1]; 1478 candidate.s6_addr32[2] &= mask.s6_addr32[2]; 1479 candidate.s6_addr32[3] &= mask.s6_addr32[3]; 1480 if (IN6_ARE_ADDR_EQUAL(&candidate, &match)) 1481 break; 1482 } 1483 if (!ifa) 1484 return EADDRNOTAVAIL; 1485 ia = ifa2ia6(ifa); 1486 1487 if (cmd == SIOCGLIFADDR) { 1488 #ifndef SCOPEDROUTING 1489 struct sockaddr_in6 *s6; 1490 #endif 1491 1492 /* fill in the if_laddrreq structure */ 1493 bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin6_len); 1494 #ifndef SCOPEDROUTING /* XXX see above */ 1495 s6 = (struct sockaddr_in6 *)&iflr->addr; 1496 if (IN6_IS_ADDR_LINKLOCAL(&s6->sin6_addr)) { 1497 s6->sin6_addr.s6_addr16[1] = 0; 1498 s6->sin6_scope_id = 1499 in6_addr2scopeid(ifp, &s6->sin6_addr); 1500 } 1501 #endif 1502 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1503 bcopy(&ia->ia_dstaddr, &iflr->dstaddr, 1504 ia->ia_dstaddr.sin6_len); 1505 #ifndef SCOPEDROUTING /* XXX see above */ 1506 s6 = (struct sockaddr_in6 *)&iflr->dstaddr; 1507 if (IN6_IS_ADDR_LINKLOCAL(&s6->sin6_addr)) { 1508 s6->sin6_addr.s6_addr16[1] = 0; 1509 s6->sin6_scope_id = 1510 in6_addr2scopeid(ifp, 1511 &s6->sin6_addr); 1512 } 1513 #endif 1514 } else 1515 bzero(&iflr->dstaddr, sizeof(iflr->dstaddr)); 1516 1517 iflr->prefixlen = 1518 in6_mask2len(&ia->ia_prefixmask.sin6_addr, 1519 NULL); 1520 1521 iflr->flags = ia->ia6_flags; /* XXX */ 1522 1523 return 0; 1524 } else { 1525 struct in6_aliasreq ifra; 1526 1527 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */ 1528 bzero(&ifra, sizeof(ifra)); 1529 bcopy(iflr->iflr_name, ifra.ifra_name, 1530 sizeof(ifra.ifra_name)); 1531 1532 bcopy(&ia->ia_addr, &ifra.ifra_addr, 1533 ia->ia_addr.sin6_len); 1534 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1535 bcopy(&ia->ia_dstaddr, &ifra.ifra_dstaddr, 1536 ia->ia_dstaddr.sin6_len); 1537 } else { 1538 bzero(&ifra.ifra_dstaddr, 1539 sizeof(ifra.ifra_dstaddr)); 1540 } 1541 bcopy(&ia->ia_prefixmask, &ifra.ifra_dstaddr, 1542 ia->ia_prefixmask.sin6_len); 1543 1544 ifra.ifra_flags = ia->ia6_flags; 1545 return in6_control(so, SIOCDIFADDR_IN6, (caddr_t)&ifra, 1546 ifp, td); 1547 } 1548 } 1549 } 1550 1551 return EOPNOTSUPP; /* just for safety */ 1552 } 1553 1554 /* 1555 * Initialize an interface's intetnet6 address 1556 * and routing table entry. 1557 */ 1558 static int 1559 in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia, struct sockaddr_in6 *sin6, 1560 int newhost) 1561 { 1562 int error = 0, plen, ifacount = 0; 1563 int s = splimp(); 1564 struct ifaddr *ifa; 1565 1566 /* 1567 * Give the interface a chance to initialize 1568 * if this is its first address, 1569 * and to validate the address if necessary. 1570 */ 1571 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) 1572 { 1573 if (ifa->ifa_addr == NULL) 1574 continue; /* just for safety */ 1575 if (ifa->ifa_addr->sa_family != AF_INET6) 1576 continue; 1577 ifacount++; 1578 } 1579 1580 ia->ia_addr = *sin6; 1581 1582 if (ifacount <= 1 && ifp->if_ioctl && 1583 (error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia, 1584 (struct ucred *)NULL))) { 1585 splx(s); 1586 return(error); 1587 } 1588 splx(s); 1589 1590 ia->ia_ifa.ifa_metric = ifp->if_metric; 1591 1592 /* we could do in(6)_socktrim here, but just omit it at this moment. */ 1593 1594 /* 1595 * Special case: 1596 * If the destination address is specified for a point-to-point 1597 * interface, install a route to the destination as an interface 1598 * direct route. 1599 */ 1600 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ 1601 if (plen == 128 && ia->ia_dstaddr.sin6_family == AF_INET6) { 1602 if ((error = rtinit(&(ia->ia_ifa), (int)RTM_ADD, 1603 RTF_UP | RTF_HOST)) != 0) 1604 return(error); 1605 ia->ia_flags |= IFA_ROUTE; 1606 } 1607 if (plen < 128) { 1608 /* 1609 * The RTF_CLONING flag is necessary for in6_is_ifloop_auto(). 1610 */ 1611 ia->ia_ifa.ifa_flags |= RTF_CLONING; 1612 } 1613 1614 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */ 1615 if (newhost) { 1616 /* set the rtrequest function to create llinfo */ 1617 ia->ia_ifa.ifa_rtrequest = nd6_rtrequest; 1618 in6_ifaddloop(&(ia->ia_ifa)); 1619 } 1620 1621 return(error); 1622 } 1623 1624 /* 1625 * Add an address to the list of IP6 multicast addresses for a 1626 * given interface. 1627 */ 1628 struct in6_multi * 1629 in6_addmulti(struct in6_addr *maddr6, struct ifnet *ifp, int *errorp) 1630 { 1631 struct in6_multi *in6m; 1632 struct sockaddr_in6 sin6; 1633 struct ifmultiaddr *ifma; 1634 int s = splnet(); 1635 1636 *errorp = 0; 1637 1638 /* 1639 * Call generic routine to add membership or increment 1640 * refcount. It wants addresses in the form of a sockaddr, 1641 * so we build one here (being careful to zero the unused bytes). 1642 */ 1643 bzero(&sin6, sizeof sin6); 1644 sin6.sin6_family = AF_INET6; 1645 sin6.sin6_len = sizeof sin6; 1646 sin6.sin6_addr = *maddr6; 1647 *errorp = if_addmulti(ifp, (struct sockaddr *)&sin6, &ifma); 1648 if (*errorp) { 1649 splx(s); 1650 return 0; 1651 } 1652 1653 /* 1654 * If ifma->ifma_protospec is null, then if_addmulti() created 1655 * a new record. Otherwise, we are done. 1656 */ 1657 if (ifma->ifma_protospec != 0) 1658 return ifma->ifma_protospec; 1659 1660 /* XXX - if_addmulti uses M_WAITOK. Can this really be called 1661 at interrupt time? If so, need to fix if_addmulti. XXX */ 1662 in6m = (struct in6_multi *)malloc(sizeof(*in6m), M_IPMADDR, M_NOWAIT); 1663 if (in6m == NULL) { 1664 splx(s); 1665 return (NULL); 1666 } 1667 1668 bzero(in6m, sizeof *in6m); 1669 in6m->in6m_addr = *maddr6; 1670 in6m->in6m_ifp = ifp; 1671 in6m->in6m_ifma = ifma; 1672 ifma->ifma_protospec = in6m; 1673 LIST_INSERT_HEAD(&in6_multihead, in6m, in6m_entry); 1674 1675 /* 1676 * Let MLD6 know that we have joined a new IP6 multicast 1677 * group. 1678 */ 1679 mld6_start_listening(in6m); 1680 splx(s); 1681 return(in6m); 1682 } 1683 1684 /* 1685 * Delete a multicast address record. 1686 */ 1687 void 1688 in6_delmulti(struct in6_multi *in6m) 1689 { 1690 struct ifmultiaddr *ifma = in6m->in6m_ifma; 1691 int s = splnet(); 1692 1693 if (ifma->ifma_refcount == 1) { 1694 /* 1695 * No remaining claims to this record; let MLD6 know 1696 * that we are leaving the multicast group. 1697 */ 1698 mld6_stop_listening(in6m); 1699 ifma->ifma_protospec = 0; 1700 LIST_REMOVE(in6m, in6m_entry); 1701 free(in6m, M_IPMADDR); 1702 } 1703 /* XXX - should be separate API for when we have an ifma? */ 1704 if_delmulti(ifma->ifma_ifp, ifma->ifma_addr); 1705 splx(s); 1706 } 1707 1708 /* 1709 * Find an IPv6 interface link-local address specific to an interface. 1710 */ 1711 struct in6_ifaddr * 1712 in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags) 1713 { 1714 struct ifaddr *ifa; 1715 1716 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) 1717 { 1718 if (ifa->ifa_addr == NULL) 1719 continue; /* just for safety */ 1720 if (ifa->ifa_addr->sa_family != AF_INET6) 1721 continue; 1722 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) { 1723 if ((((struct in6_ifaddr *)ifa)->ia6_flags & 1724 ignoreflags) != 0) 1725 continue; 1726 break; 1727 } 1728 } 1729 1730 return((struct in6_ifaddr *)ifa); 1731 } 1732 1733 1734 /* 1735 * find the internet address corresponding to a given interface and address. 1736 */ 1737 struct in6_ifaddr * 1738 in6ifa_ifpwithaddr(struct ifnet *ifp, struct in6_addr *addr) 1739 { 1740 struct ifaddr *ifa; 1741 1742 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) 1743 { 1744 if (ifa->ifa_addr == NULL) 1745 continue; /* just for safety */ 1746 if (ifa->ifa_addr->sa_family != AF_INET6) 1747 continue; 1748 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) 1749 break; 1750 } 1751 1752 return((struct in6_ifaddr *)ifa); 1753 } 1754 1755 /* 1756 * Convert IP6 address to printable (loggable) representation. 1757 */ 1758 static char digits[] = "0123456789abcdef"; 1759 static int ip6round = 0; 1760 char * 1761 ip6_sprintf(const struct in6_addr *addr) 1762 { 1763 static char ip6buf[8][48]; 1764 int i; 1765 char *cp; 1766 const u_short *a = (const u_short *)addr; 1767 const u_char *d; 1768 int dcolon = 0; 1769 1770 ip6round = (ip6round + 1) & 7; 1771 cp = ip6buf[ip6round]; 1772 1773 for (i = 0; i < 8; i++) { 1774 if (dcolon == 1) { 1775 if (*a == 0) { 1776 if (i == 7) 1777 *cp++ = ':'; 1778 a++; 1779 continue; 1780 } else 1781 dcolon = 2; 1782 } 1783 if (*a == 0) { 1784 if (dcolon == 0 && *(a + 1) == 0) { 1785 if (i == 0) 1786 *cp++ = ':'; 1787 *cp++ = ':'; 1788 dcolon = 1; 1789 } else { 1790 *cp++ = '0'; 1791 *cp++ = ':'; 1792 } 1793 a++; 1794 continue; 1795 } 1796 d = (const u_char *)a; 1797 *cp++ = digits[*d >> 4]; 1798 *cp++ = digits[*d++ & 0xf]; 1799 *cp++ = digits[*d >> 4]; 1800 *cp++ = digits[*d & 0xf]; 1801 *cp++ = ':'; 1802 a++; 1803 } 1804 *--cp = 0; 1805 return(ip6buf[ip6round]); 1806 } 1807 1808 int 1809 in6_localaddr(struct in6_addr *in6) 1810 { 1811 struct in6_ifaddr *ia; 1812 1813 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6)) 1814 return 1; 1815 1816 for (ia = in6_ifaddr; ia; ia = ia->ia_next) 1817 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr, 1818 &ia->ia_prefixmask.sin6_addr)) 1819 return 1; 1820 1821 return (0); 1822 } 1823 1824 int 1825 in6_is_addr_deprecated(struct sockaddr_in6 *sa6) 1826 { 1827 struct in6_ifaddr *ia; 1828 1829 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 1830 if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, 1831 &sa6->sin6_addr) && 1832 #ifdef SCOPEDROUTING 1833 ia->ia_addr.sin6_scope_id == sa6->sin6_scope_id && 1834 #endif 1835 (ia->ia6_flags & IN6_IFF_DEPRECATED) != 0) 1836 return(1); /* true */ 1837 1838 /* XXX: do we still have to go thru the rest of the list? */ 1839 } 1840 1841 return(0); /* false */ 1842 } 1843 1844 /* 1845 * return length of part which dst and src are equal 1846 * hard coding... 1847 */ 1848 int 1849 in6_matchlen(struct in6_addr *src, struct in6_addr *dst) 1850 { 1851 int match = 0; 1852 u_char *s = (u_char *)src, *d = (u_char *)dst; 1853 u_char *lim = s + 16, r; 1854 1855 while (s < lim) 1856 if ((r = (*d++ ^ *s++)) != 0) { 1857 while (r < 128) { 1858 match++; 1859 r <<= 1; 1860 } 1861 break; 1862 } else 1863 match += 8; 1864 return match; 1865 } 1866 1867 /* XXX: to be scope conscious */ 1868 int 1869 in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len) 1870 { 1871 int bytelen, bitlen; 1872 1873 /* sanity check */ 1874 if (0 > len || len > 128) { 1875 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n", 1876 len); 1877 return(0); 1878 } 1879 1880 bytelen = len / 8; 1881 bitlen = len % 8; 1882 1883 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen)) 1884 return(0); 1885 if (p1->s6_addr[bytelen] >> (8 - bitlen) != 1886 p2->s6_addr[bytelen] >> (8 - bitlen)) 1887 return(0); 1888 1889 return(1); 1890 } 1891 1892 void 1893 in6_prefixlen2mask(struct in6_addr *maskp, int len) 1894 { 1895 u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff}; 1896 int bytelen, bitlen, i; 1897 1898 /* sanity check */ 1899 if (0 > len || len > 128) { 1900 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n", 1901 len); 1902 return; 1903 } 1904 1905 bzero(maskp, sizeof(*maskp)); 1906 bytelen = len / 8; 1907 bitlen = len % 8; 1908 for (i = 0; i < bytelen; i++) 1909 maskp->s6_addr[i] = 0xff; 1910 if (bitlen) 1911 maskp->s6_addr[bytelen] = maskarray[bitlen - 1]; 1912 } 1913 1914 /* 1915 * return the best address out of the same scope 1916 */ 1917 struct in6_ifaddr * 1918 in6_ifawithscope(struct ifnet *oifp, struct in6_addr *dst) 1919 { 1920 int dst_scope = in6_addrscope(dst), src_scope, best_scope = 0; 1921 int blen = -1; 1922 struct ifaddr *ifa; 1923 struct ifnet *ifp; 1924 struct in6_ifaddr *ifa_best = NULL; 1925 1926 if (oifp == NULL) { 1927 #if 0 1928 printf("in6_ifawithscope: output interface is not specified\n"); 1929 #endif 1930 return(NULL); 1931 } 1932 1933 /* 1934 * We search for all addresses on all interfaces from the beginning. 1935 * Comparing an interface with the outgoing interface will be done 1936 * only at the final stage of tiebreaking. 1937 */ 1938 for (ifp = TAILQ_FIRST(&ifnet); ifp; ifp = TAILQ_NEXT(ifp, if_list)) 1939 { 1940 /* 1941 * We can never take an address that breaks the scope zone 1942 * of the destination. 1943 */ 1944 if (in6_addr2scopeid(ifp, dst) != in6_addr2scopeid(oifp, dst)) 1945 continue; 1946 1947 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) 1948 { 1949 int tlen = -1, dscopecmp, bscopecmp, matchcmp; 1950 1951 if (ifa->ifa_addr->sa_family != AF_INET6) 1952 continue; 1953 1954 src_scope = in6_addrscope(IFA_IN6(ifa)); 1955 1956 /* 1957 * Don't use an address before completing DAD 1958 * nor a duplicated address. 1959 */ 1960 if (((struct in6_ifaddr *)ifa)->ia6_flags & 1961 IN6_IFF_NOTREADY) 1962 continue; 1963 1964 /* XXX: is there any case to allow anycasts? */ 1965 if (((struct in6_ifaddr *)ifa)->ia6_flags & 1966 IN6_IFF_ANYCAST) 1967 continue; 1968 1969 if (((struct in6_ifaddr *)ifa)->ia6_flags & 1970 IN6_IFF_DETACHED) 1971 continue; 1972 1973 /* 1974 * If this is the first address we find, 1975 * keep it anyway. 1976 */ 1977 if (ifa_best == NULL) 1978 goto replace; 1979 1980 /* 1981 * ifa_best is never NULL beyond this line except 1982 * within the block labeled "replace". 1983 */ 1984 1985 /* 1986 * If ifa_best has a smaller scope than dst and 1987 * the current address has a larger one than 1988 * (or equal to) dst, always replace ifa_best. 1989 * Also, if the current address has a smaller scope 1990 * than dst, ignore it unless ifa_best also has a 1991 * smaller scope. 1992 * Consequently, after the two if-clause below, 1993 * the followings must be satisfied: 1994 * (scope(src) < scope(dst) && 1995 * scope(best) < scope(dst)) 1996 * OR 1997 * (scope(best) >= scope(dst) && 1998 * scope(src) >= scope(dst)) 1999 */ 2000 if (IN6_ARE_SCOPE_CMP(best_scope, dst_scope) < 0 && 2001 IN6_ARE_SCOPE_CMP(src_scope, dst_scope) >= 0) 2002 goto replace; /* (A) */ 2003 if (IN6_ARE_SCOPE_CMP(src_scope, dst_scope) < 0 && 2004 IN6_ARE_SCOPE_CMP(best_scope, dst_scope) >= 0) 2005 continue; /* (B) */ 2006 2007 /* 2008 * A deprecated address SHOULD NOT be used in new 2009 * communications if an alternate (non-deprecated) 2010 * address is available and has sufficient scope. 2011 * RFC 2462, Section 5.5.4. 2012 */ 2013 if (((struct in6_ifaddr *)ifa)->ia6_flags & 2014 IN6_IFF_DEPRECATED) { 2015 /* 2016 * Ignore any deprecated addresses if 2017 * specified by configuration. 2018 */ 2019 if (!ip6_use_deprecated) 2020 continue; 2021 2022 /* 2023 * If we have already found a non-deprecated 2024 * candidate, just ignore deprecated addresses. 2025 */ 2026 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) 2027 == 0) 2028 continue; 2029 } 2030 2031 /* 2032 * A non-deprecated address is always preferred 2033 * to a deprecated one regardless of scopes and 2034 * address matching (Note invariants ensured by the 2035 * conditions (A) and (B) above.) 2036 */ 2037 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) && 2038 (((struct in6_ifaddr *)ifa)->ia6_flags & 2039 IN6_IFF_DEPRECATED) == 0) 2040 goto replace; 2041 2042 /* 2043 * When we use temporary addresses described in 2044 * RFC 3041, we prefer temporary addresses to 2045 * public autoconf addresses. Again, note the 2046 * invariants from (A) and (B). Also note that we 2047 * don't have any preference between static addresses 2048 * and autoconf addresses (despite of whether or not 2049 * the latter is temporary or public.) 2050 */ 2051 if (ip6_use_tempaddr) { 2052 struct in6_ifaddr *ifat; 2053 2054 ifat = (struct in6_ifaddr *)ifa; 2055 if ((ifa_best->ia6_flags & 2056 (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY)) 2057 == IN6_IFF_AUTOCONF && 2058 (ifat->ia6_flags & 2059 (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY)) 2060 == (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY)) { 2061 goto replace; 2062 } 2063 if ((ifa_best->ia6_flags & 2064 (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY)) 2065 == (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY) && 2066 (ifat->ia6_flags & 2067 (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY)) 2068 == IN6_IFF_AUTOCONF) { 2069 continue; 2070 } 2071 } 2072 2073 /* 2074 * At this point, we have two cases: 2075 * 1. we are looking at a non-deprecated address, 2076 * and ifa_best is also non-deprecated. 2077 * 2. we are looking at a deprecated address, 2078 * and ifa_best is also deprecated. 2079 * Also, we do not have to consider a case where 2080 * the scope of if_best is larger(smaller) than dst and 2081 * the scope of the current address is smaller(larger) 2082 * than dst. Such a case has already been covered. 2083 * Tiebreaking is done according to the following 2084 * items: 2085 * - the scope comparison between the address and 2086 * dst (dscopecmp) 2087 * - the scope comparison between the address and 2088 * ifa_best (bscopecmp) 2089 * - if the address match dst longer than ifa_best 2090 * (matchcmp) 2091 * - if the address is on the outgoing I/F (outI/F) 2092 * 2093 * Roughly speaking, the selection policy is 2094 * - the most important item is scope. The same scope 2095 * is best. Then search for a larger scope. 2096 * Smaller scopes are the last resort. 2097 * - A deprecated address is chosen only when we have 2098 * no address that has an enough scope, but is 2099 * prefered to any addresses of smaller scopes 2100 * (this must be already done above.) 2101 * - addresses on the outgoing I/F are preferred to 2102 * ones on other interfaces if none of above 2103 * tiebreaks. In the table below, the column "bI" 2104 * means if the best_ifa is on the outgoing 2105 * interface, and the column "sI" means if the ifa 2106 * is on the outgoing interface. 2107 * - If there is no other reasons to choose one, 2108 * longest address match against dst is considered. 2109 * 2110 * The precise decision table is as follows: 2111 * dscopecmp bscopecmp match bI oI | replace? 2112 * N/A equal N/A Y N | No (1) 2113 * N/A equal N/A N Y | Yes (2) 2114 * N/A equal larger N/A | Yes (3) 2115 * N/A equal !larger N/A | No (4) 2116 * larger larger N/A N/A | No (5) 2117 * larger smaller N/A N/A | Yes (6) 2118 * smaller larger N/A N/A | Yes (7) 2119 * smaller smaller N/A N/A | No (8) 2120 * equal smaller N/A N/A | Yes (9) 2121 * equal larger (already done at A above) 2122 */ 2123 dscopecmp = IN6_ARE_SCOPE_CMP(src_scope, dst_scope); 2124 bscopecmp = IN6_ARE_SCOPE_CMP(src_scope, best_scope); 2125 2126 if (bscopecmp == 0) { 2127 struct ifnet *bifp = ifa_best->ia_ifp; 2128 2129 if (bifp == oifp && ifp != oifp) /* (1) */ 2130 continue; 2131 if (bifp != oifp && ifp == oifp) /* (2) */ 2132 goto replace; 2133 2134 /* 2135 * Both bifp and ifp are on the outgoing 2136 * interface, or both two are on a different 2137 * interface from the outgoing I/F. 2138 * now we need address matching against dst 2139 * for tiebreaking. 2140 */ 2141 tlen = in6_matchlen(IFA_IN6(ifa), dst); 2142 matchcmp = tlen - blen; 2143 if (matchcmp > 0) /* (3) */ 2144 goto replace; 2145 continue; /* (4) */ 2146 } 2147 if (dscopecmp > 0) { 2148 if (bscopecmp > 0) /* (5) */ 2149 continue; 2150 goto replace; /* (6) */ 2151 } 2152 if (dscopecmp < 0) { 2153 if (bscopecmp > 0) /* (7) */ 2154 goto replace; 2155 continue; /* (8) */ 2156 } 2157 2158 /* now dscopecmp must be 0 */ 2159 if (bscopecmp < 0) 2160 goto replace; /* (9) */ 2161 2162 replace: 2163 ifa_best = (struct in6_ifaddr *)ifa; 2164 blen = tlen >= 0 ? tlen : 2165 in6_matchlen(IFA_IN6(ifa), dst); 2166 best_scope = in6_addrscope(&ifa_best->ia_addr.sin6_addr); 2167 } 2168 } 2169 2170 /* count statistics for future improvements */ 2171 if (ifa_best == NULL) 2172 ip6stat.ip6s_sources_none++; 2173 else { 2174 if (oifp == ifa_best->ia_ifp) 2175 ip6stat.ip6s_sources_sameif[best_scope]++; 2176 else 2177 ip6stat.ip6s_sources_otherif[best_scope]++; 2178 2179 if (best_scope == dst_scope) 2180 ip6stat.ip6s_sources_samescope[best_scope]++; 2181 else 2182 ip6stat.ip6s_sources_otherscope[best_scope]++; 2183 2184 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) != 0) 2185 ip6stat.ip6s_sources_deprecated[best_scope]++; 2186 } 2187 2188 return(ifa_best); 2189 } 2190 2191 /* 2192 * return the best address out of the same scope. if no address was 2193 * found, return the first valid address from designated IF. 2194 */ 2195 struct in6_ifaddr * 2196 in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst) 2197 { 2198 int dst_scope = in6_addrscope(dst), blen = -1, tlen; 2199 struct ifaddr *ifa; 2200 struct in6_ifaddr *besta = 0; 2201 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */ 2202 2203 dep[0] = dep[1] = NULL; 2204 2205 /* 2206 * We first look for addresses in the same scope. 2207 * If there is one, return it. 2208 * If two or more, return one which matches the dst longest. 2209 * If none, return one of global addresses assigned other ifs. 2210 */ 2211 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) 2212 { 2213 if (ifa->ifa_addr->sa_family != AF_INET6) 2214 continue; 2215 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2216 continue; /* XXX: is there any case to allow anycast? */ 2217 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2218 continue; /* don't use this interface */ 2219 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2220 continue; 2221 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2222 if (ip6_use_deprecated) 2223 dep[0] = (struct in6_ifaddr *)ifa; 2224 continue; 2225 } 2226 2227 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) { 2228 /* 2229 * call in6_matchlen() as few as possible 2230 */ 2231 if (besta) { 2232 if (blen == -1) 2233 blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst); 2234 tlen = in6_matchlen(IFA_IN6(ifa), dst); 2235 if (tlen > blen) { 2236 blen = tlen; 2237 besta = (struct in6_ifaddr *)ifa; 2238 } 2239 } else 2240 besta = (struct in6_ifaddr *)ifa; 2241 } 2242 } 2243 if (besta) 2244 return(besta); 2245 2246 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) 2247 { 2248 if (ifa->ifa_addr->sa_family != AF_INET6) 2249 continue; 2250 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2251 continue; /* XXX: is there any case to allow anycast? */ 2252 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2253 continue; /* don't use this interface */ 2254 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2255 continue; 2256 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2257 if (ip6_use_deprecated) 2258 dep[1] = (struct in6_ifaddr *)ifa; 2259 continue; 2260 } 2261 2262 return (struct in6_ifaddr *)ifa; 2263 } 2264 2265 /* use the last-resort values, that are, deprecated addresses */ 2266 if (dep[0]) 2267 return dep[0]; 2268 if (dep[1]) 2269 return dep[1]; 2270 2271 return NULL; 2272 } 2273 2274 /* 2275 * perform DAD when interface becomes IFF_UP. 2276 */ 2277 void 2278 in6_if_up(struct ifnet *ifp) 2279 { 2280 struct ifaddr *ifa; 2281 struct in6_ifaddr *ia; 2282 int dad_delay; /* delay ticks before DAD output */ 2283 2284 /* 2285 * special cases, like 6to4, are handled in in6_ifattach 2286 */ 2287 in6_ifattach(ifp, NULL); 2288 2289 dad_delay = 0; 2290 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) 2291 { 2292 if (ifa->ifa_addr->sa_family != AF_INET6) 2293 continue; 2294 ia = (struct in6_ifaddr *)ifa; 2295 if (ia->ia6_flags & IN6_IFF_TENTATIVE) 2296 nd6_dad_start(ifa, &dad_delay); 2297 } 2298 } 2299 2300 int 2301 in6if_do_dad(struct ifnet *ifp) 2302 { 2303 if ((ifp->if_flags & IFF_LOOPBACK) != 0) 2304 return(0); 2305 2306 switch (ifp->if_type) { 2307 #ifdef IFT_DUMMY 2308 case IFT_DUMMY: 2309 #endif 2310 case IFT_FAITH: 2311 /* 2312 * These interfaces do not have the IFF_LOOPBACK flag, 2313 * but loop packets back. We do not have to do DAD on such 2314 * interfaces. We should even omit it, because loop-backed 2315 * NS would confuse the DAD procedure. 2316 */ 2317 return(0); 2318 default: 2319 /* 2320 * Our DAD routine requires the interface up and running. 2321 * However, some interfaces can be up before the RUNNING 2322 * status. Additionaly, users may try to assign addresses 2323 * before the interface becomes up (or running). 2324 * We simply skip DAD in such a case as a work around. 2325 * XXX: we should rather mark "tentative" on such addresses, 2326 * and do DAD after the interface becomes ready. 2327 */ 2328 if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) != 2329 (IFF_UP|IFF_RUNNING)) 2330 return(0); 2331 2332 return(1); 2333 } 2334 } 2335 2336 /* 2337 * Calculate max IPv6 MTU through all the interfaces and store it 2338 * to in6_maxmtu. 2339 */ 2340 void 2341 in6_setmaxmtu(void) 2342 { 2343 unsigned long maxmtu = 0; 2344 struct ifnet *ifp; 2345 2346 for (ifp = TAILQ_FIRST(&ifnet); ifp; ifp = TAILQ_NEXT(ifp, if_list)) 2347 { 2348 if ((ifp->if_flags & IFF_LOOPBACK) == 0 && 2349 nd_ifinfo[ifp->if_index].linkmtu > maxmtu) 2350 maxmtu = nd_ifinfo[ifp->if_index].linkmtu; 2351 } 2352 if (maxmtu) /* update only when maxmtu is positive */ 2353 in6_maxmtu = maxmtu; 2354 } 2355 2356 /* 2357 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be 2358 * v4 mapped addr or v4 compat addr 2359 */ 2360 void 2361 in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2362 { 2363 bzero(sin, sizeof(*sin)); 2364 sin->sin_len = sizeof(struct sockaddr_in); 2365 sin->sin_family = AF_INET; 2366 sin->sin_port = sin6->sin6_port; 2367 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3]; 2368 } 2369 2370 /* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */ 2371 void 2372 in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2373 { 2374 bzero(sin6, sizeof(*sin6)); 2375 sin6->sin6_len = sizeof(struct sockaddr_in6); 2376 sin6->sin6_family = AF_INET6; 2377 sin6->sin6_port = sin->sin_port; 2378 sin6->sin6_addr.s6_addr32[0] = 0; 2379 sin6->sin6_addr.s6_addr32[1] = 0; 2380 sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP; 2381 sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr; 2382 } 2383 2384 /* Convert sockaddr_in6 into sockaddr_in. */ 2385 void 2386 in6_sin6_2_sin_in_sock(struct sockaddr *nam) 2387 { 2388 struct sockaddr_in *sin_p; 2389 struct sockaddr_in6 sin6; 2390 2391 /* 2392 * Save original sockaddr_in6 addr and convert it 2393 * to sockaddr_in. 2394 */ 2395 sin6 = *(struct sockaddr_in6 *)nam; 2396 sin_p = (struct sockaddr_in *)nam; 2397 in6_sin6_2_sin(sin_p, &sin6); 2398 } 2399 2400 /* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */ 2401 void 2402 in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam) 2403 { 2404 struct sockaddr_in *sin_p; 2405 struct sockaddr_in6 *sin6_p; 2406 2407 MALLOC(sin6_p, struct sockaddr_in6 *, sizeof *sin6_p, M_SONAME, 2408 M_WAITOK); 2409 sin_p = (struct sockaddr_in *)*nam; 2410 in6_sin_2_v4mapsin6(sin_p, sin6_p); 2411 FREE(*nam, M_SONAME); 2412 *nam = (struct sockaddr *)sin6_p; 2413 } 2414