1 /* $FreeBSD: src/sys/netinet6/in6.c,v 1.7.2.9 2002/04/28 05:40:26 suz Exp $ */ 2 /* $KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1991, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 * 61 * @(#)in.c 8.2 (Berkeley) 11/15/93 62 */ 63 64 #include "opt_inet.h" 65 #include "opt_inet6.h" 66 67 #include <sys/param.h> 68 #include <sys/errno.h> 69 #include <sys/malloc.h> 70 #include <sys/socket.h> 71 #include <sys/socketvar.h> 72 #include <sys/sockio.h> 73 #include <sys/systm.h> 74 #include <sys/proc.h> 75 #include <sys/caps.h> 76 #include <sys/time.h> 77 #include <sys/kernel.h> 78 #include <sys/syslog.h> 79 #include <sys/jail.h> 80 81 #include <sys/thread2.h> 82 #include <sys/msgport2.h> 83 84 #include <net/if.h> 85 #include <net/if_types.h> 86 #include <net/route.h> 87 #include <net/if_dl.h> 88 #include <net/netmsg2.h> 89 #include <net/netisr2.h> 90 91 #include <netinet/in.h> 92 #include <netinet/in_var.h> 93 #include <netinet/if_ether.h> 94 #include <netinet/in_systm.h> 95 #include <netinet/ip.h> 96 #include <netinet/in_pcb.h> 97 98 #include <netinet/ip6.h> 99 #include <netinet6/ip6_var.h> 100 #include <netinet6/nd6.h> 101 #include <netinet6/mld6_var.h> 102 #include <netinet6/ip6_mroute.h> 103 #include <netinet6/in6_ifattach.h> 104 #include <netinet6/scope6_var.h> 105 #include <netinet6/in6_pcb.h> 106 #include <netinet6/in6_var.h> 107 108 #include <net/net_osdep.h> 109 110 /* 111 * Definitions of some costant IP6 addresses. 112 */ 113 const struct in6_addr kin6addr_any = IN6ADDR_ANY_INIT; 114 const struct in6_addr kin6addr_loopback = IN6ADDR_LOOPBACK_INIT; 115 const struct in6_addr kin6addr_nodelocal_allnodes = 116 IN6ADDR_NODELOCAL_ALLNODES_INIT; 117 const struct in6_addr kin6addr_linklocal_allnodes = 118 IN6ADDR_LINKLOCAL_ALLNODES_INIT; 119 const struct in6_addr kin6addr_linklocal_allrouters = 120 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT; 121 122 const struct in6_addr in6mask0 = IN6MASK0; 123 const struct in6_addr in6mask32 = IN6MASK32; 124 const struct in6_addr in6mask64 = IN6MASK64; 125 const struct in6_addr in6mask96 = IN6MASK96; 126 const struct in6_addr in6mask128 = IN6MASK128; 127 128 const struct sockaddr_in6 sa6_any = {sizeof(sa6_any), AF_INET6, 129 0, 0, IN6ADDR_ANY_INIT, 0}; 130 131 static int in6_lifaddr_ioctl (u_long, caddr_t, struct ifnet *, 132 struct thread *); 133 static int in6_ifinit (struct ifnet *, struct in6_ifaddr *, 134 struct sockaddr_in6 *, int); 135 static void in6_unlink_ifa (struct in6_ifaddr *, struct ifnet *); 136 static void in6_ifloop_request_callback(int, int, struct rt_addrinfo *, struct rtentry *, void *); 137 138 static void in6_control_internal_dispatch(netmsg_t); 139 static int in6_control_internal(u_long, caddr_t, struct ifnet *, 140 struct thread *); 141 142 struct in6_multihead in6_multihead; /* XXX BSS initialization */ 143 144 /* 145 * Subroutine for in6_ifaddloop() and in6_ifremloop(). 146 * This routine does actual work. 147 */ 148 static void 149 in6_ifloop_request(int cmd, struct ifaddr *ifa, 150 void (*callback)(int, int, struct rt_addrinfo *, struct rtentry *, void *)) 151 { 152 struct sockaddr_in6 all1_sa; 153 struct rt_addrinfo rtinfo; 154 int error; 155 156 bzero(&all1_sa, sizeof(all1_sa)); 157 all1_sa.sin6_family = AF_INET6; 158 all1_sa.sin6_len = sizeof(struct sockaddr_in6); 159 all1_sa.sin6_addr = in6mask128; 160 161 /* 162 * We specify the address itself as the gateway, and set the 163 * RTF_LLINFO flag, so that the corresponding host route would have 164 * the flag, and thus applications that assume traditional behavior 165 * would be happy. Note that we assume the caller of the function 166 * (probably implicitly) set nd6_rtrequest() to ifa->ifa_rtrequest, 167 * which changes the outgoing interface to the loopback interface. 168 */ 169 bzero(&rtinfo, sizeof(struct rt_addrinfo)); 170 rtinfo.rti_info[RTAX_DST] = ifa->ifa_addr; 171 rtinfo.rti_info[RTAX_GATEWAY] = ifa->ifa_addr; 172 rtinfo.rti_info[RTAX_NETMASK] = (struct sockaddr *)&all1_sa; 173 rtinfo.rti_flags = RTF_UP|RTF_HOST|RTF_LLINFO; 174 175 error = rtrequest1_global(cmd, &rtinfo, callback, ifa, RTREQ_PRIO_NORM); 176 if (error != 0) { 177 log(LOG_ERR, "in6_ifloop_request: " 178 "%s operation failed for %s (errno=%d)\n", 179 cmd == RTM_ADD ? "ADD" : cmd == RTM_DELETE ? "DELETE" : "GET", 180 ip6_sprintf(&((struct in6_ifaddr *)ifa)->ia_addr.sin6_addr), 181 error); 182 } 183 } 184 185 static void 186 in6_ifloop_request_callback(int cmd, int error, struct rt_addrinfo *rtinfo, 187 struct rtentry *rt, void *arg) 188 { 189 struct ifaddr *ifa = arg; 190 191 if (error) 192 goto done; 193 194 /* 195 * Make sure rt_ifa be equal to IFA, the second argument of the 196 * function. 197 * We need this because when we refer to rt_ifa->ia6_flags in 198 * ip6_input, we assume that the rt_ifa points to the address instead 199 * of the loopback address. 200 */ 201 if (cmd == RTM_ADD && rt && ifa != rt->rt_ifa) { 202 ++rt->rt_refcnt; 203 IFAFREE(rt->rt_ifa); 204 IFAREF(ifa); 205 rt->rt_ifa = ifa; 206 --rt->rt_refcnt; 207 } 208 209 /* 210 * Report the addition/removal of the address to the routing socket, 211 * unless the address is marked as tentative, where it will be reported 212 * once DAD completes. 213 * XXX: since we called rtinit for a p2p interface with a destination, 214 * we end up reporting twice in such a case. Should we rather 215 * omit the second report? 216 */ 217 if (rt) { 218 if (mycpuid == 0) { 219 struct in6_ifaddr *ia6 = (struct in6_ifaddr *)ifa; 220 221 if (cmd != RTM_ADD || 222 !(ia6->ia6_flags & IN6_IFF_TENTATIVE)) 223 rt_newaddrmsg(cmd, ifa, error, rt); 224 } 225 if (cmd == RTM_DELETE) { 226 if (rt->rt_refcnt == 0) { 227 ++rt->rt_refcnt; 228 rtfree(rt); 229 } 230 } 231 } 232 done: 233 /* no way to return any new error */ 234 ; 235 } 236 237 static void 238 in6_newaddrmsg_callback(int cmd, int error, struct rt_addrinfo *rtinfo, 239 struct rtentry *rt, void *arg) 240 { 241 struct ifaddr *ifa = arg; 242 243 if (error == 0 && rt != NULL && mycpuid == 0) 244 rt_newaddrmsg(RTM_ADD, ifa, error, rt); 245 } 246 247 void 248 in6_newaddrmsg(struct ifaddr *ifa) 249 { 250 in6_ifloop_request(RTM_GET, ifa, in6_newaddrmsg_callback); 251 } 252 253 /* 254 * Add ownaddr as loopback rtentry. We previously add the route only if 255 * necessary (ex. on a p2p link). However, since we now manage addresses 256 * separately from prefixes, we should always add the route. We can't 257 * rely on the cloning mechanism from the corresponding interface route 258 * any more. 259 */ 260 void 261 in6_ifaddloop(struct ifaddr *ifa) 262 { 263 struct rtentry *rt; 264 265 /* If there is no loopback entry, allocate one. */ 266 rt = rtpurelookup(ifa->ifa_addr); 267 if (rt == NULL || !(rt->rt_flags & RTF_HOST) || 268 !(rt->rt_ifp->if_flags & IFF_LOOPBACK)) 269 in6_ifloop_request(RTM_ADD, ifa, in6_ifloop_request_callback); 270 if (rt != NULL) 271 rt->rt_refcnt--; 272 } 273 274 /* 275 * Remove loopback rtentry of ownaddr generated by in6_ifaddloop(), 276 * if it exists. 277 */ 278 void 279 in6_ifremloop(struct ifaddr *ifa) 280 { 281 struct in6_ifaddr *ia; 282 struct rtentry *rt; 283 int ia_count = 0; 284 285 /* 286 * Some of BSD variants do not remove cloned routes 287 * from an interface direct route, when removing the direct route 288 * (see comments in net/net_osdep.h). Even for variants that do remove 289 * cloned routes, they could fail to remove the cloned routes when 290 * we handle multple addresses that share a common prefix. 291 * So, we should remove the route corresponding to the deleted address 292 * regardless of the result of in6_is_ifloop_auto(). 293 */ 294 295 /* 296 * Delete the entry only if exact one ifa exists. More than one ifa 297 * can exist if we assign a same single address to multiple 298 * (probably p2p) interfaces. 299 * XXX: we should avoid such a configuration in IPv6... 300 */ 301 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 302 if (IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &ia->ia_addr.sin6_addr)) { 303 ia_count++; 304 if (ia_count > 1) 305 break; 306 } 307 } 308 309 if (ia_count == 1) { 310 /* 311 * Before deleting, check if a corresponding loopbacked host 312 * route surely exists. With this check, we can avoid to 313 * delete an interface direct route whose destination is same 314 * as the address being removed. This can happen when remofing 315 * a subnet-router anycast address on an interface attahced 316 * to a shared medium. 317 */ 318 rt = rtpurelookup(ifa->ifa_addr); 319 if (rt != NULL && (rt->rt_flags & RTF_HOST) && 320 (rt->rt_ifp->if_flags & IFF_LOOPBACK)) { 321 rt->rt_refcnt--; 322 in6_ifloop_request(RTM_DELETE, ifa, 323 in6_ifloop_request_callback); 324 } 325 } 326 } 327 328 int 329 in6_mask2len(const struct in6_addr *mask, const u_char *lim0) 330 { 331 int x = 0, y; 332 const u_char *lim = lim0, *p; 333 334 if (lim0 == NULL || 335 lim0 - (const u_char *)mask > sizeof(*mask)) { 336 /* Ignore the scope_id part */ 337 lim = (const u_char *)mask + sizeof(*mask); 338 } 339 for (p = (const u_char *)mask; p < lim; x++, p++) { 340 if (*p != 0xff) 341 break; 342 } 343 y = 0; 344 if (p < lim) { 345 for (y = 0; y < 8; y++) { 346 if ((*p & (0x80 >> y)) == 0) 347 break; 348 } 349 } 350 351 /* 352 * When the limit pointer is given, do a stricter check on the 353 * remaining bits. 354 */ 355 if (p < lim) { 356 if (y != 0 && (*p & (0x00ff >> y)) != 0) 357 return (-1); 358 for (p = p + 1; p < lim; p++) 359 if (*p != 0) 360 return (-1); 361 } 362 363 return x * 8 + y; 364 } 365 366 #define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa)) 367 #define ia62ifa(ia6) (&((ia6)->ia_ifa)) 368 369 void 370 in6_control_dispatch(netmsg_t msg) 371 { 372 int error; 373 374 error = in6_control(msg->control.nm_cmd, 375 msg->control.nm_data, 376 msg->control.nm_ifp, 377 msg->control.nm_td); 378 lwkt_replymsg(&msg->control.base.lmsg, error); 379 } 380 381 int 382 in6_control(u_long cmd, caddr_t data, struct ifnet *ifp, struct thread *td) 383 { 384 struct netmsg_pru_control msg; 385 386 switch (cmd) { 387 case SIOCSIFPREFIX_IN6: 388 case SIOCDIFPREFIX_IN6: 389 case SIOCAIFPREFIX_IN6: 390 case SIOCCIFPREFIX_IN6: 391 case SIOCSGIFPREFIX_IN6: 392 case SIOCGIFPREFIX_IN6: 393 log(LOG_NOTICE, "prefix ioctls are now invalidated. " 394 "please use ifconfig.\n"); 395 return (EOPNOTSUPP); 396 397 case SIOCSIFADDR_IN6: 398 case SIOCSIFDSTADDR_IN6: 399 case SIOCSIFNETMASK_IN6: 400 /* 401 * Since IPv6 allows a node to assign multiple addresses 402 * on a single interface, SIOCSIFxxx ioctls are not suitable 403 * and should be unused. 404 */ 405 /* We decided to obsolete this command (20000704) */ 406 return (EINVAL); 407 408 case SIOCSIFADDR: 409 case SIOCSIFDSTADDR: 410 case SIOCSIFBRDADDR: 411 case SIOCSIFNETMASK: 412 /* 413 * Do not pass those ioctl to driver handler since they are not 414 * properly setup. Instead just error out. 415 */ 416 return (EOPNOTSUPP); 417 418 /* mroute */ 419 case SIOCGETSGCNT_IN6: 420 case SIOCGETMIFCNT_IN6: 421 /* srcsel policy */ 422 case SIOCAADDRCTL_POLICY: 423 case SIOCDADDRCTL_POLICY: 424 /* nd6 */ 425 case SIOCSNDFLUSH_IN6: 426 case SIOCSPFXFLUSH_IN6: 427 case SIOCSRTRFLUSH_IN6: 428 case SIOCSDEFIFACE_IN6: 429 case SIOCSIFINFO_FLAGS: 430 case SIOCSIFINFO_IN6: 431 case OSIOCGIFINFO_IN6: 432 case SIOCGIFINFO_IN6: 433 case SIOCGDRLST_IN6: 434 case SIOCGPRLST_IN6: 435 case SIOCGNBRINFO_IN6: 436 case SIOCGDEFIFACE_IN6: 437 /* scope6 */ 438 case SIOCSSCOPE6: 439 case SIOCGSCOPE6: 440 case SIOCGSCOPE6DEF: 441 /* change address */ 442 case SIOCALIFADDR: 443 case SIOCDLIFADDR: 444 case SIOCSIFALIFETIME_IN6: 445 case SIOCAIFADDR_IN6: 446 case SIOCDIFADDR_IN6: 447 /* 448 * Dispatch these SIOCs to netisr0. 449 */ 450 netmsg_init(&msg.base, NULL, &curthread->td_msgport, 0, 451 in6_control_internal_dispatch); 452 msg.nm_cmd = cmd; 453 msg.nm_data = data; 454 msg.nm_ifp = ifp; 455 msg.nm_td = td; 456 lwkt_domsg(netisr_cpuport(0), &msg.base.lmsg, 0); 457 return msg.base.lmsg.ms_error; 458 459 default: 460 return in6_control_internal(cmd, data, ifp, td); 461 } 462 } 463 464 static void 465 in6_control_internal_dispatch(netmsg_t msg) 466 { 467 int error; 468 469 error = in6_control_internal(msg->control.nm_cmd, msg->control.nm_data, 470 msg->control.nm_ifp, msg->control.nm_td); 471 lwkt_replymsg(&msg->lmsg, error); 472 } 473 474 static int 475 in6_control_internal(u_long cmd, caddr_t data, struct ifnet *ifp, 476 struct thread *td) 477 { 478 struct in6_ifreq *ifr = (struct in6_ifreq *)data; 479 struct in6_ifaddr *ia = NULL; 480 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data; 481 struct in6_ifextra *xtra; 482 boolean_t privileged; 483 int error; 484 485 privileged = FALSE; 486 if (caps_priv_check_td(td, SYSCAP_RESTRICTEDROOT) == 0) 487 privileged = TRUE; 488 489 switch (cmd) { 490 case SIOCALIFADDR: 491 case SIOCDLIFADDR: 492 if (!privileged) 493 return (EPERM); 494 /* FALLTHROUGH */ 495 case SIOCGLIFADDR: 496 if (ifp == NULL) 497 return (EOPNOTSUPP); 498 return in6_lifaddr_ioctl(cmd, data, ifp, td); 499 } 500 501 switch (cmd) { 502 case SIOCGETSGCNT_IN6: 503 case SIOCGETMIFCNT_IN6: 504 return (mrt6_ioctl(cmd, data)); 505 } 506 507 switch(cmd) { 508 case SIOCAADDRCTL_POLICY: 509 case SIOCDADDRCTL_POLICY: 510 if (!privileged) 511 return (EPERM); 512 return (in6_src_ioctl(cmd, data)); 513 } 514 515 if (ifp == NULL) 516 return (EOPNOTSUPP); 517 518 switch (cmd) { 519 case SIOCSNDFLUSH_IN6: 520 case SIOCSPFXFLUSH_IN6: 521 case SIOCSRTRFLUSH_IN6: 522 case SIOCSDEFIFACE_IN6: 523 case SIOCSIFINFO_FLAGS: 524 case SIOCSIFINFO_IN6: 525 if (!privileged) 526 return (EPERM); 527 /* FALLTHROUGH */ 528 case OSIOCGIFINFO_IN6: 529 case SIOCGIFINFO_IN6: 530 case SIOCGDRLST_IN6: 531 case SIOCGPRLST_IN6: 532 case SIOCGNBRINFO_IN6: 533 case SIOCGDEFIFACE_IN6: 534 return (nd6_ioctl(cmd, data, ifp)); 535 } 536 537 switch (cmd) { 538 case SIOCSSCOPE6: 539 if (!privileged) 540 return (EPERM); 541 return (scope6_set(ifp, 542 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id)); 543 544 case SIOCGSCOPE6: 545 return (scope6_get(ifp, 546 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id)); 547 548 case SIOCGSCOPE6DEF: 549 return (scope6_get_default((struct scope6_id *) 550 ifr->ifr_ifru.ifru_scope_id)); 551 } 552 553 /* 554 * Find address for this interface, if it exists. 555 */ 556 if (ifra->ifra_addr.sin6_family == AF_INET6) { /* XXX */ 557 struct sockaddr_in6 *sa6 = 558 (struct sockaddr_in6 *)&ifra->ifra_addr; 559 560 if (IN6_IS_ADDR_LINKLOCAL(&sa6->sin6_addr)) { 561 if (sa6->sin6_addr.s6_addr16[1] == 0) { 562 /* Link ID is not embedded by the user */ 563 sa6->sin6_addr.s6_addr16[1] = 564 htons(ifp->if_index); 565 } else if (sa6->sin6_addr.s6_addr16[1] != 566 htons(ifp->if_index)) { 567 /* Link ID contradicts */ 568 return (EINVAL); 569 } 570 if (sa6->sin6_scope_id) { 571 if (sa6->sin6_scope_id != 572 (u_int32_t)ifp->if_index) 573 return (EINVAL); 574 sa6->sin6_scope_id = 0; /* XXX: good way? */ 575 } 576 } 577 ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr); 578 } 579 580 switch (cmd) { 581 case SIOCDIFADDR_IN6: 582 /* 583 * For IPv4, we look for existing in_ifaddr here to allow 584 * "ifconfig if0 delete" to remove first IPv4 address on the 585 * interface. For IPv6, as the spec allow multiple interface 586 * address from the day one, we consider "remove the first one" 587 * semantics to be not preferable. 588 */ 589 if (ia == NULL) 590 return (EADDRNOTAVAIL); 591 /* FALLTHROUGH */ 592 case SIOCAIFADDR_IN6: 593 /* 594 * We always require users to specify a valid IPv6 address for 595 * the corresponding operation. 596 */ 597 if (ifra->ifra_addr.sin6_family != AF_INET6 || 598 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) 599 return (EAFNOSUPPORT); 600 if (!privileged) 601 return (EPERM); 602 break; 603 604 case SIOCGIFADDR_IN6: 605 /* This interface is basically deprecated. Use SIOCGIFCONF. */ 606 /* FALLTHROUGH */ 607 case SIOCGIFAFLAG_IN6: 608 case SIOCGIFNETMASK_IN6: 609 case SIOCGIFDSTADDR_IN6: 610 case SIOCGIFALIFETIME_IN6: 611 /* Must think again about its semantics */ 612 if (ia == NULL) 613 return (EADDRNOTAVAIL); 614 break; 615 616 case SIOCSIFALIFETIME_IN6: 617 { 618 const struct in6_addrlifetime *lt; 619 620 if (!privileged) 621 return (EPERM); 622 if (ia == NULL) 623 return (EADDRNOTAVAIL); 624 /* Sanity for overflow - beware unsigned */ 625 lt = &ifr->ifr_ifru.ifru_lifetime; 626 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME && 627 lt->ia6t_vltime + time_uptime < time_uptime) 628 return EINVAL; 629 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME && 630 lt->ia6t_pltime + time_uptime < time_uptime) 631 return EINVAL; 632 break; 633 } 634 } 635 636 switch (cmd) { 637 case SIOCGIFADDR_IN6: 638 ifr->ifr_addr = ia->ia_addr; 639 break; 640 641 case SIOCGIFDSTADDR_IN6: 642 if (!(ifp->if_flags & IFF_POINTOPOINT)) 643 return (EINVAL); 644 /* 645 * XXX: Should we check if ifa_dstaddr is NULL and return 646 * an error? 647 */ 648 ifr->ifr_dstaddr = ia->ia_dstaddr; 649 break; 650 651 case SIOCGIFNETMASK_IN6: 652 ifr->ifr_addr = ia->ia_prefixmask; 653 break; 654 655 case SIOCGIFAFLAG_IN6: 656 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags; 657 break; 658 659 case SIOCGIFSTAT_IN6: 660 if ((xtra = ifp->if_afdata[AF_INET6]) == NULL) 661 return EINVAL; 662 bzero(&ifr->ifr_ifru.ifru_stat, 663 sizeof(ifr->ifr_ifru.ifru_stat)); 664 ifr->ifr_ifru.ifru_stat = *xtra->in6_ifstat; 665 break; 666 667 case SIOCGIFSTAT_ICMP6: 668 if ((xtra = ifp->if_afdata[AF_INET6]) == NULL) 669 return EINVAL; 670 bzero(&ifr->ifr_ifru.ifru_stat, 671 sizeof(ifr->ifr_ifru.ifru_icmp6stat)); 672 ifr->ifr_ifru.ifru_icmp6stat = *xtra->icmp6_ifstat; 673 break; 674 675 case SIOCGIFALIFETIME_IN6: 676 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime; 677 break; 678 679 case SIOCSIFALIFETIME_IN6: 680 ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime; 681 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 682 ia->ia6_lifetime.ia6t_expire = 683 time_uptime + ia->ia6_lifetime.ia6t_vltime; 684 } else { 685 ia->ia6_lifetime.ia6t_expire = 0; 686 } 687 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 688 ia->ia6_lifetime.ia6t_preferred = 689 time_uptime + ia->ia6_lifetime.ia6t_pltime; 690 } else { 691 ia->ia6_lifetime.ia6t_preferred = 0; 692 } 693 break; 694 695 case SIOCAIFADDR_IN6: 696 { 697 int i, error = 0, iaIsNew; 698 struct nd_prefix pr0, *pr; 699 700 if (ia != NULL) 701 iaIsNew = 0; 702 else 703 iaIsNew = 1; 704 705 /* 706 * First, make or update the interface address structure, 707 * and link it to the list. 708 */ 709 if ((error = in6_update_ifa(ifp, ifra, ia)) != 0) 710 return (error); 711 712 /* 713 * Then, make the prefix on-link on the interface. 714 * XXX: We'd rather create the prefix before the address, but 715 * we need at least one address to install the corresponding 716 * interface route, so we configure the address first. 717 */ 718 719 /* 720 * Convert mask to prefix length (prefixmask has already 721 * been validated in in6_update_ifa(). 722 */ 723 bzero(&pr0, sizeof(pr0)); 724 pr0.ndpr_ifp = ifp; 725 pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 726 NULL); 727 if (pr0.ndpr_plen == 128) 728 break; /* no need to install a host route. */ 729 pr0.ndpr_prefix = ifra->ifra_addr; 730 pr0.ndpr_mask = ifra->ifra_prefixmask.sin6_addr; 731 /* Apply the mask for safety. */ 732 for (i = 0; i < 4; i++) { 733 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &= 734 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i]; 735 } 736 /* 737 * XXX: Since we don't have an API to set prefix (not address) 738 * lifetimes, we just use the same lifetimes as addresses. 739 * The (temporarily) installed lifetimes can be overridden by 740 * later advertised RAs (when accept_rtadv is non 0), which is 741 * an intended behavior. 742 */ 743 pr0.ndpr_raf_onlink = 1; /* should be configurable? */ 744 pr0.ndpr_raf_auto = 745 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0); 746 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime; 747 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime; 748 749 /* Add the prefix if there's one. */ 750 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) { 751 /* 752 * nd6_prelist_add will install the corresponding 753 * interface route. 754 */ 755 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) 756 return (error); 757 if (pr == NULL) { 758 log(LOG_ERR, "nd6_prelist_add succeeded but " 759 "no prefix\n"); 760 return (EINVAL); /* XXX panic here? */ 761 } 762 } 763 764 ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr); 765 if (ia == NULL) { 766 /* XXX: This should not happen! */ 767 log(LOG_ERR, "in6_control: addition succeeded, but" 768 " no ifaddr\n"); 769 } else { 770 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) && 771 ia->ia6_ndpr == NULL) { 772 /* 773 * New autoconf address 774 */ 775 ia->ia6_ndpr = pr; 776 pr->ndpr_refcnt++; 777 778 /* 779 * If this is the first autoconf address from 780 * the prefix, create a temporary address 781 * as well (when specified). 782 */ 783 if (ip6_use_tempaddr && pr->ndpr_refcnt == 1) { 784 int e; 785 786 if ((e = in6_tmpifadd(ia, 1)) != 0) { 787 log(LOG_NOTICE, "in6_control: " 788 "failed to create a " 789 "temporary address, " 790 "errno=%d\n", e); 791 } 792 } 793 } 794 795 /* 796 * This might affect the status of autoconfigured 797 * addresses, that is, this address might make 798 * other addresses detached. 799 */ 800 pfxlist_onlink_check(); 801 } 802 if (error == 0 && ia) { 803 EVENTHANDLER_INVOKE(ifaddr_event, ifp, 804 iaIsNew ? IFADDR_EVENT_ADD : IFADDR_EVENT_CHANGE, 805 &ia->ia_ifa); 806 } 807 break; 808 } 809 810 case SIOCDIFADDR_IN6: 811 { 812 int i = 0; 813 struct nd_prefix pr0, *pr; 814 815 /* 816 * If the address being deleted is the only one that owns 817 * the corresponding prefix, expire the prefix as well. 818 * XXX: Theoretically, we don't have to warry about such 819 * relationship, since we separate the address management 820 * and the prefix management. We do this, however, to provide 821 * as much backward compatibility as possible in terms of 822 * the ioctl operation. 823 */ 824 bzero(&pr0, sizeof(pr0)); 825 pr0.ndpr_ifp = ifp; 826 pr0.ndpr_plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, 827 NULL); 828 if (pr0.ndpr_plen == 128) 829 goto purgeaddr; 830 pr0.ndpr_prefix = ia->ia_addr; 831 pr0.ndpr_mask = ia->ia_prefixmask.sin6_addr; 832 for (i = 0; i < 4; i++) { 833 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &= 834 ia->ia_prefixmask.sin6_addr.s6_addr32[i]; 835 } 836 /* 837 * The logic of the following condition is a bit complicated. 838 * We expire the prefix when 839 * 1. The address obeys autoconfiguration and it is the 840 * only owner of the associated prefix, or 841 * 2. The address does not obey autoconf and there is no 842 * other owner of the prefix. 843 */ 844 if ((pr = nd6_prefix_lookup(&pr0)) != NULL && 845 (((ia->ia6_flags & IN6_IFF_AUTOCONF) && 846 pr->ndpr_refcnt == 1) || 847 (!(ia->ia6_flags & IN6_IFF_AUTOCONF) && 848 pr->ndpr_refcnt == 0))) 849 pr->ndpr_expire = 1; /* XXX: just for expiration */ 850 851 purgeaddr: 852 EVENTHANDLER_INVOKE(ifaddr_event, ifp, IFADDR_EVENT_DELETE, 853 &ia->ia_ifa); 854 in6_purgeaddr(&ia->ia_ifa); 855 break; 856 } 857 858 default: 859 if (ifp->if_ioctl == NULL) 860 return (EOPNOTSUPP); 861 ifnet_serialize_all(ifp); 862 error = ifp->if_ioctl(ifp, cmd, data, td->td_proc->p_ucred); 863 ifnet_deserialize_all(ifp); 864 return (error); 865 } 866 867 return (0); 868 } 869 870 /* 871 * Update parameters of an IPv6 interface address. 872 * If necessary, a new entry is created and linked into address chains. 873 * This function is separated from in6_control(). 874 * XXX: should this be performed under splnet()? 875 */ 876 int 877 in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, 878 struct in6_ifaddr *ia) 879 { 880 int error = 0, hostIsNew = 0, was_tentative, plen = -1; 881 struct in6_ifaddr *oia; 882 struct sockaddr_in6 dst6; 883 struct in6_addrlifetime *lt; 884 885 /* Validate parameters */ 886 if (ifp == NULL || ifra == NULL) /* this maybe redundant */ 887 return (EINVAL); 888 889 /* 890 * The destination address for a p2p link must have a family 891 * of AF_UNSPEC or AF_INET6. 892 */ 893 if ((ifp->if_flags & IFF_POINTOPOINT) && 894 ifra->ifra_dstaddr.sin6_family != AF_INET6 && 895 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC) 896 return (EAFNOSUPPORT); 897 /* 898 * validate ifra_prefixmask. don't check sin6_family, netmask 899 * does not carry fields other than sin6_len. 900 */ 901 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6)) 902 return (EINVAL); 903 /* 904 * Because the IPv6 address architecture is classless, we require 905 * users to specify a (non 0) prefix length (mask) for a new address. 906 * We also require the prefix (when specified) mask is valid, and thus 907 * reject a non-consecutive mask. 908 */ 909 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0) 910 return (EINVAL); 911 if (ifra->ifra_prefixmask.sin6_len != 0) { 912 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 913 (u_char *)&ifra->ifra_prefixmask + 914 ifra->ifra_prefixmask.sin6_len); 915 if (plen <= 0) 916 return (EINVAL); 917 } 918 else { 919 /* 920 * In this case, ia must not be NULL. We just use its prefix 921 * length. 922 */ 923 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 924 } 925 /* 926 * If the destination address on a p2p interface is specified, 927 * and the address is a scoped one, validate/set the scope 928 * zone identifier. 929 */ 930 dst6 = ifra->ifra_dstaddr; 931 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) && 932 (dst6.sin6_family == AF_INET6)) { 933 int scopeid; 934 935 if ((error = in6_recoverscope(&dst6, 936 &ifra->ifra_dstaddr.sin6_addr, 937 ifp)) != 0) 938 return (error); 939 if (in6_addr2zoneid(ifp, &dst6.sin6_addr, &scopeid)) 940 return (EINVAL); 941 if (dst6.sin6_scope_id == 0) /* user omit to specify the ID. */ 942 dst6.sin6_scope_id = scopeid; 943 else if (dst6.sin6_scope_id != scopeid) 944 return (EINVAL); /* scope ID mismatch. */ 945 if ((error = in6_embedscope(&dst6.sin6_addr, &dst6, NULL, NULL)) 946 != 0) 947 return (error); 948 dst6.sin6_scope_id = 0; /* XXX */ 949 } 950 /* 951 * The destination address can be specified only for a p2p or a 952 * loopback interface. If specified, the corresponding prefix length 953 * must be 128. 954 */ 955 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) { 956 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) == 0) { 957 /* XXX: noisy message */ 958 log(LOG_INFO, "in6_update_ifa: a destination can be " 959 "specified for a p2p or a loopback IF only\n"); 960 return (EINVAL); 961 } 962 if (plen != 128) { 963 /* 964 * The following message seems noisy, but we dare to 965 * add it for diagnosis. 966 */ 967 log(LOG_INFO, "in6_update_ifa: prefixlen must be 128 " 968 "when dstaddr is specified\n"); 969 return (EINVAL); 970 } 971 } 972 /* lifetime consistency check */ 973 lt = &ifra->ifra_lifetime; 974 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME 975 && lt->ia6t_vltime + time_uptime < time_uptime) { 976 return EINVAL; 977 } 978 if (lt->ia6t_vltime == 0) { 979 /* 980 * the following log might be noisy, but this is a typical 981 * configuration mistake or a tool's bug. 982 */ 983 log(LOG_INFO, 984 "in6_update_ifa: valid lifetime is 0 for %s\n", 985 ip6_sprintf(&ifra->ifra_addr.sin6_addr)); 986 } 987 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME 988 && lt->ia6t_pltime + time_uptime < time_uptime) { 989 return EINVAL; 990 } 991 992 /* 993 * If this is a new address, allocate a new ifaddr and link it 994 * into chains. 995 */ 996 if (ia == NULL) { 997 hostIsNew = 1; 998 ia = ifa_create(sizeof(*ia)); 999 1000 /* Initialize the address and masks */ 1001 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr; 1002 ia->ia_addr.sin6_family = AF_INET6; 1003 ia->ia_addr.sin6_len = sizeof(ia->ia_addr); 1004 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) { 1005 /* 1006 * XXX: some functions expect that ifa_dstaddr is not 1007 * NULL for p2p interfaces. 1008 */ 1009 ia->ia_ifa.ifa_dstaddr 1010 = (struct sockaddr *)&ia->ia_dstaddr; 1011 } else { 1012 ia->ia_ifa.ifa_dstaddr = NULL; 1013 } 1014 ia->ia_ifa.ifa_netmask 1015 = (struct sockaddr *)&ia->ia_prefixmask; 1016 1017 ia->ia_ifp = ifp; 1018 if ((oia = in6_ifaddr) != NULL) { 1019 for ( ; oia->ia_next; oia = oia->ia_next) 1020 continue; 1021 oia->ia_next = ia; 1022 } else 1023 in6_ifaddr = ia; 1024 1025 ifa_iflink(&ia->ia_ifa, ifp, 1); 1026 } 1027 1028 /* set prefix mask */ 1029 if (ifra->ifra_prefixmask.sin6_len) { 1030 /* 1031 * We prohibit changing the prefix length of an existing 1032 * address, because 1033 * + such an operation should be rare in IPv6, and 1034 * + the operation would confuse prefix management. 1035 */ 1036 if (ia->ia_prefixmask.sin6_len && 1037 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) { 1038 log(LOG_INFO, "in6_update_ifa: the prefix length of an" 1039 " existing (%s) address should not be changed\n", 1040 ip6_sprintf(&ia->ia_addr.sin6_addr)); 1041 error = EINVAL; 1042 goto unlink; 1043 } 1044 ia->ia_prefixmask = ifra->ifra_prefixmask; 1045 } 1046 1047 /* 1048 * If a new destination address is specified, scrub the old one and 1049 * install the new destination. Note that the interface must be 1050 * p2p or loopback (see the check above.) 1051 */ 1052 if (dst6.sin6_family == AF_INET6 && 1053 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, 1054 &ia->ia_dstaddr.sin6_addr)) { 1055 int e; 1056 1057 if ((ia->ia_flags & IFA_ROUTE) && 1058 (e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) 1059 != 0) { 1060 log(LOG_ERR, "in6_update_ifa: failed to remove " 1061 "a route to the old destination: %s\n", 1062 ip6_sprintf(&ia->ia_addr.sin6_addr)); 1063 /* proceed anyway... */ 1064 } 1065 else 1066 ia->ia_flags &= ~IFA_ROUTE; 1067 ia->ia_dstaddr = dst6; 1068 } 1069 1070 was_tentative = ia->ia6_flags & (IN6_IFF_TENTATIVE|IN6_IFF_DUPLICATED); 1071 ia->ia6_flags = ifra->ifra_flags; 1072 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /*safety*/ 1073 ia->ia6_flags &= ~IN6_IFF_NODAD; /* Mobile IPv6 */ 1074 if ((hostIsNew || was_tentative) && 1075 in6if_do_dad(ifp) && 1076 !(ifra->ifra_flags & IN6_IFF_NODAD)) 1077 ia->ia6_flags |= IN6_IFF_TENTATIVE; 1078 1079 ia->ia6_lifetime = ifra->ifra_lifetime; 1080 /* for sanity */ 1081 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 1082 ia->ia6_lifetime.ia6t_expire = 1083 time_uptime + ia->ia6_lifetime.ia6t_vltime; 1084 } else 1085 ia->ia6_lifetime.ia6t_expire = 0; 1086 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 1087 ia->ia6_lifetime.ia6t_preferred = 1088 time_uptime + ia->ia6_lifetime.ia6t_pltime; 1089 } else 1090 ia->ia6_lifetime.ia6t_preferred = 0; 1091 1092 /* reset the interface and routing table appropriately. */ 1093 if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0) 1094 goto unlink; 1095 1096 /* 1097 * Beyond this point, we should call in6_purgeaddr upon an error, 1098 * not just go to unlink. 1099 */ 1100 1101 if (ifp->if_flags & IFF_MULTICAST) { 1102 struct sockaddr_in6 mltaddr, mltmask; 1103 struct in6_multi *in6m; 1104 1105 if (hostIsNew) { 1106 /* 1107 * join solicited multicast addr for new host id 1108 */ 1109 struct in6_addr llsol; 1110 bzero(&llsol, sizeof(struct in6_addr)); 1111 llsol.s6_addr16[0] = htons(0xff02); 1112 llsol.s6_addr16[1] = htons(ifp->if_index); 1113 llsol.s6_addr32[1] = 0; 1114 llsol.s6_addr32[2] = htonl(1); 1115 llsol.s6_addr32[3] = 1116 ifra->ifra_addr.sin6_addr.s6_addr32[3]; 1117 llsol.s6_addr8[12] = 0xff; 1118 in6_addmulti(&llsol, ifp, &error); 1119 if (error != 0) { 1120 log(LOG_WARNING, 1121 "in6_update_ifa: addmulti failed for " 1122 "%s on %s (errno=%d)\n", 1123 ip6_sprintf(&llsol), if_name(ifp), 1124 error); 1125 in6_purgeaddr((struct ifaddr *)ia); 1126 return (error); 1127 } 1128 } 1129 1130 bzero(&mltmask, sizeof(mltmask)); 1131 mltmask.sin6_len = sizeof(struct sockaddr_in6); 1132 mltmask.sin6_family = AF_INET6; 1133 mltmask.sin6_addr = in6mask32; 1134 1135 /* 1136 * join link-local all-nodes address 1137 */ 1138 bzero(&mltaddr, sizeof(mltaddr)); 1139 mltaddr.sin6_len = sizeof(struct sockaddr_in6); 1140 mltaddr.sin6_family = AF_INET6; 1141 mltaddr.sin6_addr = kin6addr_linklocal_allnodes; 1142 mltaddr.sin6_addr.s6_addr16[1] = htons(ifp->if_index); 1143 1144 in6m = IN6_LOOKUP_MULTI(&mltaddr.sin6_addr, ifp); 1145 if (in6m == NULL) { 1146 rtrequest_global(RTM_ADD, 1147 (struct sockaddr *)&mltaddr, 1148 (struct sockaddr *)&ia->ia_addr, 1149 (struct sockaddr *)&mltmask, 1150 RTF_UP|RTF_CLONING); /* xxx */ 1151 in6_addmulti(&mltaddr.sin6_addr, ifp, &error); 1152 if (error != 0) { 1153 log(LOG_WARNING, 1154 "in6_update_ifa: addmulti failed for " 1155 "%s on %s (errno=%d)\n", 1156 ip6_sprintf(&mltaddr.sin6_addr), 1157 if_name(ifp), error); 1158 } 1159 } 1160 1161 /* 1162 * join node information group address 1163 */ 1164 #define hostnamelen strlen(hostname) 1165 if (in6_nigroup(ifp, hostname, hostnamelen, &mltaddr.sin6_addr) 1166 == 0) { 1167 in6m = IN6_LOOKUP_MULTI(&mltaddr.sin6_addr, ifp); 1168 if (in6m == NULL && ia != NULL) { 1169 in6_addmulti(&mltaddr.sin6_addr, ifp, &error); 1170 if (error != 0) { 1171 log(LOG_WARNING, "in6_update_ifa: " 1172 "addmulti failed for " 1173 "%s on %s (errno=%d)\n", 1174 ip6_sprintf(&mltaddr.sin6_addr), 1175 if_name(ifp), error); 1176 } 1177 } 1178 } 1179 #undef hostnamelen 1180 1181 /* 1182 * join node-local all-nodes address, on loopback. 1183 * XXX: since "node-local" is obsoleted by interface-local, 1184 * we have to join the group on every interface with 1185 * some interface-boundary restriction. 1186 */ 1187 if (ifp->if_flags & IFF_LOOPBACK) { 1188 struct in6_ifaddr *ia_loop; 1189 1190 struct in6_addr loop6 = kin6addr_loopback; 1191 ia_loop = in6ifa_ifpwithaddr(ifp, &loop6); 1192 1193 mltaddr.sin6_addr = kin6addr_nodelocal_allnodes; 1194 1195 in6m = IN6_LOOKUP_MULTI(&mltaddr.sin6_addr, ifp); 1196 if (in6m == NULL && ia_loop != NULL) { 1197 rtrequest_global(RTM_ADD, 1198 (struct sockaddr *)&mltaddr, 1199 (struct sockaddr *)&ia_loop->ia_addr, 1200 (struct sockaddr *)&mltmask, 1201 RTF_UP); 1202 in6_addmulti(&mltaddr.sin6_addr, ifp, &error); 1203 if (error != 0) { 1204 log(LOG_WARNING, "in6_update_ifa: " 1205 "addmulti failed for %s on %s " 1206 "(errno=%d)\n", 1207 ip6_sprintf(&mltaddr.sin6_addr), 1208 if_name(ifp), error); 1209 } 1210 } 1211 } 1212 } 1213 1214 /* 1215 * Perform DAD, if needed. 1216 * XXX It may be of use, if we can administratively 1217 * disable DAD. 1218 */ 1219 if (in6if_do_dad(ifp) && 1220 !(ifra->ifra_flags & IN6_IFF_NODAD) && 1221 ia->ia6_flags & IN6_IFF_TENTATIVE) 1222 nd6_dad_start((struct ifaddr *)ia, NULL); 1223 1224 return (error); 1225 1226 unlink: 1227 /* 1228 * XXX: if a change of an existing address failed, keep the entry 1229 * anyway. 1230 */ 1231 if (hostIsNew) 1232 in6_unlink_ifa(ia, ifp); 1233 return (error); 1234 } 1235 1236 void 1237 in6_purgeaddr(struct ifaddr *ifa) 1238 { 1239 struct ifnet *ifp = ifa->ifa_ifp; 1240 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa; 1241 1242 /* stop DAD processing */ 1243 nd6_dad_stop(ifa); 1244 1245 /* 1246 * delete route to the destination of the address being purged. 1247 * The interface must be p2p or loopback in this case. 1248 */ 1249 if ((ia->ia_flags & IFA_ROUTE) && ia->ia_dstaddr.sin6_len != 0) { 1250 int e; 1251 1252 if ((e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) 1253 != 0) { 1254 log(LOG_ERR, "in6_purgeaddr: failed to remove " 1255 "a route to the p2p destination: %s on %s, " 1256 "errno=%d\n", 1257 ip6_sprintf(&ia->ia_addr.sin6_addr), if_name(ifp), 1258 e); 1259 /* proceed anyway... */ 1260 } 1261 else 1262 ia->ia_flags &= ~IFA_ROUTE; 1263 } 1264 1265 /* Remove ownaddr's loopback rtentry, if it exists. */ 1266 in6_ifremloop(&(ia->ia_ifa)); 1267 1268 if (ifp->if_flags & IFF_MULTICAST) { 1269 /* 1270 * delete solicited multicast addr for deleting host id 1271 */ 1272 struct in6_multi *in6m; 1273 struct in6_addr llsol; 1274 bzero(&llsol, sizeof(struct in6_addr)); 1275 llsol.s6_addr16[0] = htons(0xff02); 1276 llsol.s6_addr16[1] = htons(ifp->if_index); 1277 llsol.s6_addr32[1] = 0; 1278 llsol.s6_addr32[2] = htonl(1); 1279 llsol.s6_addr32[3] = 1280 ia->ia_addr.sin6_addr.s6_addr32[3]; 1281 llsol.s6_addr8[12] = 0xff; 1282 1283 in6m = IN6_LOOKUP_MULTI(&llsol, ifp); 1284 if (in6m) 1285 in6_delmulti(in6m); 1286 } 1287 1288 in6_unlink_ifa(ia, ifp); 1289 } 1290 1291 static void 1292 in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp) 1293 { 1294 struct in6_ifaddr *oia; 1295 1296 crit_enter(); 1297 1298 ifa_ifunlink(&ia->ia_ifa, ifp); 1299 1300 oia = ia; 1301 if (oia == (ia = in6_ifaddr)) 1302 in6_ifaddr = ia->ia_next; 1303 else { 1304 while (ia->ia_next && (ia->ia_next != oia)) 1305 ia = ia->ia_next; 1306 if (ia->ia_next) 1307 ia->ia_next = oia->ia_next; 1308 else { 1309 /* search failed */ 1310 kprintf("Couldn't unlink in6_ifaddr from in6_ifaddr\n"); 1311 } 1312 } 1313 1314 /* 1315 * When an autoconfigured address is being removed, release the 1316 * reference to the base prefix. Also, since the release might 1317 * affect the status of other (detached) addresses, call 1318 * pfxlist_onlink_check(). 1319 */ 1320 if (oia->ia6_flags & IN6_IFF_AUTOCONF) { 1321 if (oia->ia6_ndpr == NULL) { 1322 log(LOG_NOTICE, "in6_unlink_ifa: autoconf'ed address " 1323 "%p has no prefix\n", oia); 1324 } else { 1325 oia->ia6_ndpr->ndpr_refcnt--; 1326 oia->ia6_flags &= ~IN6_IFF_AUTOCONF; 1327 oia->ia6_ndpr = NULL; 1328 } 1329 1330 pfxlist_onlink_check(); 1331 } 1332 1333 /* 1334 * release another refcnt for the link from in6_ifaddr. 1335 * Note that we should decrement the refcnt at least once for all *BSD. 1336 */ 1337 ifa_destroy(&oia->ia_ifa); 1338 1339 crit_exit(); 1340 } 1341 1342 void 1343 in6_purgeif(struct ifnet *ifp) 1344 { 1345 struct ifaddr_container *ifac, *next; 1346 1347 TAILQ_FOREACH_MUTABLE(ifac, &ifp->if_addrheads[mycpuid], 1348 ifa_link, next) { 1349 if (ifac->ifa->ifa_addr->sa_family != AF_INET6) 1350 continue; 1351 in6_purgeaddr(ifac->ifa); 1352 } 1353 1354 in6_ifdetach(ifp); 1355 } 1356 1357 /* 1358 * SIOC[GAD]LIFADDR. 1359 * SIOCGLIFADDR: get first address. (?) 1360 * SIOCGLIFADDR with IFLR_PREFIX: 1361 * get first address that matches the specified prefix. 1362 * SIOCALIFADDR: add the specified address. 1363 * SIOCALIFADDR with IFLR_PREFIX: 1364 * add the specified prefix, filling hostid part from 1365 * the first link-local address. prefixlen must be <= 64. 1366 * SIOCDLIFADDR: delete the specified address. 1367 * SIOCDLIFADDR with IFLR_PREFIX: 1368 * delete the first address that matches the specified prefix. 1369 * return values: 1370 * EINVAL on invalid parameters 1371 * EADDRNOTAVAIL on prefix match failed/specified address not found 1372 * other values may be returned from in6_ioctl() 1373 * 1374 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64. 1375 * this is to accomodate address naming scheme other than RFC2374, 1376 * in the future. 1377 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374 1378 * address encoding scheme. (see figure on page 8) 1379 */ 1380 static int 1381 in6_lifaddr_ioctl(u_long cmd, caddr_t data, struct ifnet *ifp, 1382 struct thread *td) 1383 { 1384 struct if_laddrreq *iflr = (struct if_laddrreq *)data; 1385 struct sockaddr *sa; 1386 1387 /* sanity checks */ 1388 if (!data || !ifp) { 1389 panic("invalid argument to in6_lifaddr_ioctl"); 1390 /*NOTRECHED*/ 1391 } 1392 1393 switch (cmd) { 1394 case SIOCGLIFADDR: 1395 /* address must be specified on GET with IFLR_PREFIX */ 1396 if (!(iflr->flags & IFLR_PREFIX)) 1397 break; 1398 /* FALLTHROUGH */ 1399 case SIOCALIFADDR: 1400 case SIOCDLIFADDR: 1401 /* address must be specified on ADD and DELETE */ 1402 sa = (struct sockaddr *)&iflr->addr; 1403 if (sa->sa_family != AF_INET6) 1404 return EINVAL; 1405 if (sa->sa_len != sizeof(struct sockaddr_in6)) 1406 return EINVAL; 1407 /* XXX need improvement */ 1408 sa = (struct sockaddr *)&iflr->dstaddr; 1409 if (sa->sa_family && sa->sa_family != AF_INET6) 1410 return EINVAL; 1411 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6)) 1412 return EINVAL; 1413 break; 1414 default: /* shouldn't happen */ 1415 #if 0 1416 panic("invalid cmd to in6_lifaddr_ioctl"); 1417 /* NOTREACHED */ 1418 #else 1419 return EOPNOTSUPP; 1420 #endif 1421 } 1422 if (sizeof(struct in6_addr) * 8 < iflr->prefixlen) 1423 return EINVAL; 1424 1425 switch (cmd) { 1426 case SIOCALIFADDR: 1427 { 1428 struct in6_aliasreq ifra; 1429 struct in6_addr *hostid = NULL; 1430 int prefixlen; 1431 1432 if (iflr->flags & IFLR_PREFIX) { 1433 struct ifaddr *ifa; 1434 struct sockaddr_in6 *sin6; 1435 1436 /* 1437 * hostid is to fill in the hostid part of the 1438 * address. hostid points to the first link-local 1439 * address attached to the interface. 1440 */ 1441 ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 0); 1442 if (!ifa) 1443 return EADDRNOTAVAIL; 1444 hostid = IFA_IN6(ifa); 1445 1446 /* prefixlen must be <= 64. */ 1447 if (64 < iflr->prefixlen) 1448 return EINVAL; 1449 prefixlen = iflr->prefixlen; 1450 1451 /* hostid part must be zero. */ 1452 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1453 if (sin6->sin6_addr.s6_addr32[2] != 0 1454 || sin6->sin6_addr.s6_addr32[3] != 0) { 1455 return EINVAL; 1456 } 1457 } else 1458 prefixlen = iflr->prefixlen; 1459 1460 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */ 1461 bzero(&ifra, sizeof(ifra)); 1462 bcopy(iflr->iflr_name, ifra.ifra_name, 1463 sizeof(ifra.ifra_name)); 1464 1465 bcopy(&iflr->addr, &ifra.ifra_addr, 1466 ((struct sockaddr *)&iflr->addr)->sa_len); 1467 if (hostid) { 1468 /* fill in hostid part */ 1469 ifra.ifra_addr.sin6_addr.s6_addr32[2] = 1470 hostid->s6_addr32[2]; 1471 ifra.ifra_addr.sin6_addr.s6_addr32[3] = 1472 hostid->s6_addr32[3]; 1473 } 1474 1475 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /*XXX*/ 1476 bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr, 1477 ((struct sockaddr *)&iflr->dstaddr)->sa_len); 1478 if (hostid) { 1479 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] = 1480 hostid->s6_addr32[2]; 1481 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] = 1482 hostid->s6_addr32[3]; 1483 } 1484 } 1485 1486 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6); 1487 in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen); 1488 1489 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX; 1490 return in6_control_internal(SIOCAIFADDR_IN6, (caddr_t)&ifra, 1491 ifp, td); 1492 } 1493 case SIOCGLIFADDR: 1494 case SIOCDLIFADDR: 1495 { 1496 struct ifaddr_container *ifac; 1497 struct in6_ifaddr *ia; 1498 struct in6_addr mask, candidate, match; 1499 struct sockaddr_in6 *sin6; 1500 int cmp; 1501 1502 bzero(&mask, sizeof(mask)); 1503 if (iflr->flags & IFLR_PREFIX) { 1504 /* lookup a prefix rather than address. */ 1505 in6_prefixlen2mask(&mask, iflr->prefixlen); 1506 1507 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1508 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1509 match.s6_addr32[0] &= mask.s6_addr32[0]; 1510 match.s6_addr32[1] &= mask.s6_addr32[1]; 1511 match.s6_addr32[2] &= mask.s6_addr32[2]; 1512 match.s6_addr32[3] &= mask.s6_addr32[3]; 1513 1514 /* if you set extra bits, that's wrong */ 1515 if (bcmp(&match, &sin6->sin6_addr, sizeof(match))) 1516 return EINVAL; 1517 1518 cmp = 1; 1519 } else { 1520 if (cmd == SIOCGLIFADDR) { 1521 /* on getting an address, take the 1st match */ 1522 cmp = 0; /* XXX */ 1523 } else { 1524 /* on deleting an address, do exact match */ 1525 in6_prefixlen2mask(&mask, 128); 1526 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1527 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1528 1529 cmp = 1; 1530 } 1531 } 1532 1533 TAILQ_FOREACH(ifac, &ifp->if_addrheads[mycpuid], ifa_link) { 1534 struct ifaddr *ifa = ifac->ifa; 1535 1536 if (ifa->ifa_addr->sa_family != AF_INET6) 1537 continue; 1538 if (!cmp) 1539 break; 1540 1541 bcopy(IFA_IN6(ifa), &candidate, sizeof(candidate)); 1542 /* 1543 * XXX: this is adhoc, but is necessary to allow 1544 * a user to specify fe80::/64 (not /10) for a 1545 * link-local address. 1546 */ 1547 if (IN6_IS_ADDR_LINKLOCAL(&candidate)) 1548 candidate.s6_addr16[1] = 0; 1549 candidate.s6_addr32[0] &= mask.s6_addr32[0]; 1550 candidate.s6_addr32[1] &= mask.s6_addr32[1]; 1551 candidate.s6_addr32[2] &= mask.s6_addr32[2]; 1552 candidate.s6_addr32[3] &= mask.s6_addr32[3]; 1553 if (IN6_ARE_ADDR_EQUAL(&candidate, &match)) 1554 break; 1555 } 1556 if (ifac == NULL) 1557 return EADDRNOTAVAIL; 1558 ia = ifa2ia6(ifac->ifa); 1559 1560 if (cmd == SIOCGLIFADDR) { 1561 struct sockaddr_in6 *s6; 1562 1563 /* fill in the if_laddrreq structure */ 1564 bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin6_len); 1565 s6 = (struct sockaddr_in6 *)&iflr->addr; 1566 if (IN6_IS_ADDR_LINKLOCAL(&s6->sin6_addr)) { 1567 s6->sin6_addr.s6_addr16[1] = 0; 1568 if (in6_addr2zoneid(ifp, &s6->sin6_addr, 1569 &s6->sin6_scope_id)) 1570 return (EINVAL);/* XXX */ 1571 } 1572 if (ifp->if_flags & IFF_POINTOPOINT) { 1573 bcopy(&ia->ia_dstaddr, &iflr->dstaddr, 1574 ia->ia_dstaddr.sin6_len); 1575 s6 = (struct sockaddr_in6 *)&iflr->dstaddr; 1576 if (IN6_IS_ADDR_LINKLOCAL(&s6->sin6_addr)) { 1577 s6->sin6_addr.s6_addr16[1] = 0; 1578 if (in6_addr2zoneid(ifp, 1579 &s6->sin6_addr, &s6->sin6_scope_id)) 1580 return (EINVAL); /* EINVAL */ 1581 } 1582 } else 1583 bzero(&iflr->dstaddr, sizeof(iflr->dstaddr)); 1584 1585 iflr->prefixlen = 1586 in6_mask2len(&ia->ia_prefixmask.sin6_addr, 1587 NULL); 1588 1589 iflr->flags = ia->ia6_flags; /* XXX */ 1590 1591 return 0; 1592 } else { 1593 struct in6_aliasreq ifra; 1594 1595 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */ 1596 bzero(&ifra, sizeof(ifra)); 1597 bcopy(iflr->iflr_name, ifra.ifra_name, 1598 sizeof(ifra.ifra_name)); 1599 1600 bcopy(&ia->ia_addr, &ifra.ifra_addr, 1601 ia->ia_addr.sin6_len); 1602 if (ifp->if_flags & IFF_POINTOPOINT) 1603 bcopy(&ia->ia_dstaddr, &ifra.ifra_dstaddr, 1604 ia->ia_dstaddr.sin6_len); 1605 else 1606 bzero(&ifra.ifra_dstaddr, 1607 sizeof(ifra.ifra_dstaddr)); 1608 bcopy(&ia->ia_prefixmask, &ifra.ifra_dstaddr, 1609 ia->ia_prefixmask.sin6_len); 1610 1611 ifra.ifra_flags = ia->ia6_flags; 1612 return in6_control_internal(SIOCDIFADDR_IN6, 1613 (caddr_t)&ifra, ifp, td); 1614 } 1615 } 1616 } 1617 1618 return EOPNOTSUPP; /* just for safety */ 1619 } 1620 1621 /* 1622 * Initialize an interface's intetnet6 address 1623 * and routing table entry. 1624 */ 1625 static int 1626 in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia, struct sockaddr_in6 *sin6, 1627 int newhost) 1628 { 1629 int error = 0, plen; 1630 1631 ia->ia_addr = *sin6; 1632 1633 if (ifp->if_ioctl != NULL) { 1634 ifnet_serialize_all(ifp); 1635 error = ifp->if_ioctl(ifp, SIOCSIFADDR, (caddr_t)ia, NULL); 1636 ifnet_deserialize_all(ifp); 1637 if (error) 1638 return (error); 1639 } 1640 1641 ia->ia_ifa.ifa_metric = ifp->if_metric; 1642 1643 /* we could do in(6)_socktrim here, but just omit it at this moment. */ 1644 1645 /* 1646 * Special case: 1647 * If the destination address is specified for a point-to-point 1648 * interface, install a route to the destination as an interface 1649 * direct route. 1650 */ 1651 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ 1652 if (plen == 128 && ia->ia_dstaddr.sin6_family == AF_INET6) { 1653 if ((error = rtinit(&(ia->ia_ifa), (int)RTM_ADD, 1654 RTF_UP | RTF_HOST)) != 0) 1655 return (error); 1656 ia->ia_flags |= IFA_ROUTE; 1657 } 1658 if (plen < 128) { 1659 /* 1660 * The RTF_CLONING flag is necessary for in6_is_ifloop_auto(). 1661 */ 1662 ia->ia_ifa.ifa_flags |= RTF_CLONING; 1663 } 1664 1665 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */ 1666 if (newhost) { 1667 /* set the rtrequest function to create llinfo */ 1668 ia->ia_ifa.ifa_rtrequest = nd6_rtrequest; 1669 in6_ifaddloop(&(ia->ia_ifa)); 1670 } 1671 1672 return (error); 1673 } 1674 1675 struct in6_multi_mship * 1676 in6_joingroup(struct ifnet *ifp, struct in6_addr *addr, int *errorp) 1677 { 1678 struct in6_multi_mship *imm; 1679 1680 imm = kmalloc(sizeof(*imm), M_IPMADDR, M_NOWAIT); 1681 if (!imm) { 1682 *errorp = ENOBUFS; 1683 return NULL; 1684 } 1685 imm->i6mm_maddr = in6_addmulti(addr, ifp, errorp); 1686 if (!imm->i6mm_maddr) { 1687 /* *errorp is alrady set */ 1688 kfree(imm, M_IPMADDR); 1689 return NULL; 1690 } 1691 return imm; 1692 } 1693 1694 int 1695 in6_leavegroup(struct in6_multi_mship *imm) 1696 { 1697 1698 if (imm->i6mm_maddr) 1699 in6_delmulti(imm->i6mm_maddr); 1700 kfree(imm, M_IPMADDR); 1701 return 0; 1702 } 1703 1704 /* 1705 * Add an address to the list of IP6 multicast addresses for a 1706 * given interface. 1707 */ 1708 struct in6_multi * 1709 in6_addmulti(struct in6_addr *maddr6, struct ifnet *ifp, int *errorp) 1710 { 1711 struct in6_multi *in6m; 1712 struct sockaddr_in6 sin6; 1713 struct ifmultiaddr *ifma; 1714 1715 *errorp = 0; 1716 1717 crit_enter(); 1718 1719 /* 1720 * Call generic routine to add membership or increment 1721 * refcount. It wants addresses in the form of a sockaddr, 1722 * so we build one here (being careful to zero the unused bytes). 1723 */ 1724 bzero(&sin6, sizeof sin6); 1725 sin6.sin6_family = AF_INET6; 1726 sin6.sin6_len = sizeof sin6; 1727 sin6.sin6_addr = *maddr6; 1728 *errorp = if_addmulti(ifp, (struct sockaddr *)&sin6, &ifma); 1729 if (*errorp) { 1730 crit_exit(); 1731 return 0; 1732 } 1733 1734 /* 1735 * If ifma->ifma_protospec is null, then if_addmulti() created 1736 * a new record. Otherwise, we are done. 1737 */ 1738 if (ifma->ifma_protospec != NULL) { 1739 crit_exit(); 1740 return ifma->ifma_protospec; 1741 } 1742 1743 in6m = kmalloc(sizeof(*in6m), M_IPMADDR, M_INTWAIT | M_ZERO); 1744 in6m->in6m_addr = *maddr6; 1745 in6m->in6m_ifp = ifp; 1746 in6m->in6m_ifma = ifma; 1747 ifma->ifma_protospec = in6m; 1748 LIST_INSERT_HEAD(&in6_multihead, in6m, in6m_entry); 1749 1750 /* 1751 * Let MLD6 know that we have joined a new IP6 multicast 1752 * group. 1753 */ 1754 mld6_start_listening(in6m); 1755 crit_exit(); 1756 return (in6m); 1757 } 1758 1759 /* 1760 * Delete a multicast address record. 1761 */ 1762 void 1763 in6_delmulti(struct in6_multi *in6m) 1764 { 1765 struct ifmultiaddr *ifma = in6m->in6m_ifma; 1766 1767 crit_enter(); 1768 1769 if (ifma->ifma_refcount == 1) { 1770 /* 1771 * No remaining claims to this record; let MLD6 know 1772 * that we are leaving the multicast group. 1773 */ 1774 mld6_stop_listening(in6m); 1775 ifma->ifma_protospec = NULL; 1776 LIST_REMOVE(in6m, in6m_entry); 1777 kfree(in6m, M_IPMADDR); 1778 } 1779 /* XXX - should be separate API for when we have an ifma? */ 1780 if_delmulti(ifma->ifma_ifp, ifma->ifma_addr); 1781 crit_exit(); 1782 } 1783 1784 /* 1785 * Find an IPv6 interface link-local address specific to an interface. 1786 */ 1787 struct in6_ifaddr * 1788 in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags) 1789 { 1790 const struct ifaddr_container *ifac; 1791 1792 TAILQ_FOREACH(ifac, &ifp->if_addrheads[mycpuid], ifa_link) { 1793 struct ifaddr *ifa = ifac->ifa; 1794 1795 if (ifa->ifa_addr == NULL) 1796 continue; /* just for safety */ 1797 if (ifa->ifa_addr->sa_family != AF_INET6) 1798 continue; 1799 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) { 1800 if ((((struct in6_ifaddr *)ifa)->ia6_flags & 1801 ignoreflags) != 0) 1802 continue; 1803 return (struct in6_ifaddr *)ifa; 1804 } 1805 } 1806 return NULL; 1807 } 1808 1809 1810 /* 1811 * find the internet address corresponding to a given interface and address. 1812 */ 1813 struct in6_ifaddr * 1814 in6ifa_ifpwithaddr(struct ifnet *ifp, struct in6_addr *addr) 1815 { 1816 const struct ifaddr_container *ifac; 1817 1818 TAILQ_FOREACH(ifac, &ifp->if_addrheads[mycpuid], ifa_link) { 1819 struct ifaddr *ifa = ifac->ifa; 1820 1821 if (ifa->ifa_addr == NULL) 1822 continue; /* just for safety */ 1823 if (ifa->ifa_addr->sa_family != AF_INET6) 1824 continue; 1825 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) 1826 return (struct in6_ifaddr *)ifa; 1827 } 1828 return NULL; 1829 } 1830 1831 /* 1832 * Find a link-local scoped address on ifp and return it if any. 1833 */ 1834 struct in6_ifaddr * 1835 in6ifa_llaonifp(struct ifnet *ifp) 1836 { 1837 const struct ifaddr_container *ifac; 1838 1839 TAILQ_FOREACH(ifac, &ifp->if_addrheads[mycpuid], ifa_link) { 1840 const struct sockaddr_in6 *sin6; 1841 struct ifaddr *ifa = ifac->ifa; 1842 1843 if (ifa->ifa_addr->sa_family != AF_INET6) 1844 continue; 1845 sin6 = (const struct sockaddr_in6 *)ifa->ifa_addr; 1846 if (IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr) || 1847 /* XXX why are mcast addresses ifp address list? */ 1848 IN6_IS_ADDR_MC_INTFACELOCAL(&sin6->sin6_addr) || 1849 IN6_IS_ADDR_MC_NODELOCAL(&sin6->sin6_addr)) 1850 return (struct in6_ifaddr *)ifa; 1851 } 1852 return NULL; 1853 } 1854 1855 /* 1856 * find the internet address on a given interface corresponding to a neighbor's 1857 * address. 1858 */ 1859 struct in6_ifaddr * 1860 in6ifa_ifplocaladdr(const struct ifnet *ifp, const struct in6_addr *addr) 1861 { 1862 struct ifaddr *ifa; 1863 struct in6_ifaddr *ia; 1864 struct ifaddr_container *ifac; 1865 1866 TAILQ_FOREACH(ifac, &ifp->if_addrheads[mycpuid], ifa_link) { 1867 ifa = ifac->ifa; 1868 1869 if (ifa->ifa_addr == NULL) 1870 continue; /* just for safety */ 1871 if (ifa->ifa_addr->sa_family != AF_INET6) 1872 continue; 1873 ia = (struct in6_ifaddr *)ifa; 1874 if (IN6_ARE_MASKED_ADDR_EQUAL(addr, 1875 &ia->ia_addr.sin6_addr, 1876 &ia->ia_prefixmask.sin6_addr)) 1877 return ia; 1878 } 1879 1880 return NULL; 1881 } 1882 1883 /* 1884 * Convert IP6 address to printable (loggable) representation. 1885 */ 1886 static char digits[] = "0123456789abcdef"; 1887 static int ip6round = 0; 1888 char * 1889 ip6_sprintf(const struct in6_addr *addr) 1890 { 1891 static char ip6buf[8][48]; 1892 int i; 1893 char *cp; 1894 const u_short *a = (const u_short *)addr; 1895 const u_char *d; 1896 int dcolon = 0; 1897 1898 ip6round = (ip6round + 1) & 7; 1899 cp = ip6buf[ip6round]; 1900 1901 for (i = 0; i < 8; i++) { 1902 if (dcolon == 1) { 1903 if (*a == 0) { 1904 if (i == 7) 1905 *cp++ = ':'; 1906 a++; 1907 continue; 1908 } else 1909 dcolon = 2; 1910 } 1911 if (*a == 0) { 1912 if (dcolon == 0 && *(a + 1) == 0) { 1913 if (i == 0) 1914 *cp++ = ':'; 1915 *cp++ = ':'; 1916 dcolon = 1; 1917 } else { 1918 *cp++ = '0'; 1919 *cp++ = ':'; 1920 } 1921 a++; 1922 continue; 1923 } 1924 d = (const u_char *)a; 1925 *cp++ = digits[*d >> 4]; 1926 *cp++ = digits[*d++ & 0xf]; 1927 *cp++ = digits[*d >> 4]; 1928 *cp++ = digits[*d & 0xf]; 1929 *cp++ = ':'; 1930 a++; 1931 } 1932 *--cp = 0; 1933 return (ip6buf[ip6round]); 1934 } 1935 1936 int 1937 in6_localaddr(struct in6_addr *in6) 1938 { 1939 struct in6_ifaddr *ia; 1940 1941 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6)) 1942 return 1; 1943 1944 for (ia = in6_ifaddr; ia; ia = ia->ia_next) 1945 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr, 1946 &ia->ia_prefixmask.sin6_addr)) 1947 return 1; 1948 1949 return (0); 1950 } 1951 1952 int 1953 in6_is_addr_deprecated(struct sockaddr_in6 *sa6) 1954 { 1955 struct in6_ifaddr *ia; 1956 1957 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 1958 if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, 1959 &sa6->sin6_addr) && 1960 (ia->ia6_flags & IN6_IFF_DEPRECATED)) 1961 return (1); /* true */ 1962 1963 /* XXX: do we still have to go thru the rest of the list? */ 1964 } 1965 1966 return (0); /* false */ 1967 } 1968 1969 /* 1970 * return length of part which dst and src are equal 1971 * hard coding... 1972 */ 1973 int 1974 in6_matchlen(struct in6_addr *src, struct in6_addr *dst) 1975 { 1976 int match = 0; 1977 u_char *s = (u_char *)src, *d = (u_char *)dst; 1978 u_char *lim = s + 16, r; 1979 1980 while (s < lim) 1981 if ((r = (*d++ ^ *s++)) != 0) { 1982 while (r < 128) { 1983 match++; 1984 r <<= 1; 1985 } 1986 break; 1987 } else 1988 match += 8; 1989 return match; 1990 } 1991 1992 /* XXX: to be scope conscious */ 1993 int 1994 in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len) 1995 { 1996 int bytelen, bitlen; 1997 1998 /* sanity check */ 1999 if (0 > len || len > 128) { 2000 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n", 2001 len); 2002 return (0); 2003 } 2004 2005 bytelen = len / 8; 2006 bitlen = len % 8; 2007 2008 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen)) 2009 return (0); 2010 if (p1->s6_addr[bytelen] >> (8 - bitlen) != 2011 p2->s6_addr[bytelen] >> (8 - bitlen)) 2012 return (0); 2013 2014 return (1); 2015 } 2016 2017 void 2018 in6_prefixlen2mask(struct in6_addr *maskp, int len) 2019 { 2020 u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff}; 2021 int bytelen, bitlen, i; 2022 2023 /* sanity check */ 2024 if (0 > len || len > 128) { 2025 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n", 2026 len); 2027 return; 2028 } 2029 2030 bzero(maskp, sizeof(*maskp)); 2031 bytelen = len / 8; 2032 bitlen = len % 8; 2033 for (i = 0; i < bytelen; i++) 2034 maskp->s6_addr[i] = 0xff; 2035 if (bitlen) 2036 maskp->s6_addr[bytelen] = maskarray[bitlen - 1]; 2037 } 2038 2039 /* 2040 * return the best address out of the same scope 2041 */ 2042 struct in6_ifaddr * 2043 in6_ifawithscope(struct ifnet *oifp, struct in6_addr *dst, struct ucred *cred) 2044 { 2045 int dst_scope = in6_addrscope(dst), src_scope, best_scope = 0; 2046 int blen = -1; 2047 struct in6_ifaddr *ifa_best = NULL; 2048 u_int32_t dstzone, odstzone; 2049 int jailed = 0; 2050 const struct ifnet_array *arr; 2051 int i; 2052 2053 if(cred && cred->cr_prison) 2054 jailed = 1; 2055 2056 if (oifp == NULL) 2057 return (NULL); 2058 2059 if (in6_addr2zoneid(oifp, dst, &odstzone)) 2060 return (NULL); 2061 2062 /* 2063 * We search for all addresses on all interfaces from the beginning. 2064 * Comparing an interface with the outgoing interface will be done 2065 * only at the final stage of tiebreaking. 2066 */ 2067 arr = ifnet_array_get(); 2068 for (i = 0; i < arr->ifnet_count; ++i) { 2069 struct ifnet *ifp = arr->ifnet_arr[i]; 2070 struct ifaddr_container *ifac; 2071 2072 /* 2073 * We can never take an address that breaks the scope zone 2074 * of the destination. 2075 */ 2076 if (ifp->if_afdata[AF_INET6] == NULL) 2077 continue; 2078 if (in6_addr2zoneid(ifp, dst, &dstzone) || dstzone != odstzone) 2079 continue; 2080 2081 TAILQ_FOREACH(ifac, &ifp->if_addrheads[mycpuid], ifa_link) { 2082 int tlen = -1, dscopecmp, bscopecmp, matchcmp; 2083 struct ifaddr *ifa = ifac->ifa; 2084 2085 if (ifa->ifa_addr->sa_family != AF_INET6) 2086 continue; 2087 2088 src_scope = in6_addrscope(IFA_IN6(ifa)); 2089 2090 /* 2091 * Don't use an address before completing DAD 2092 * nor a duplicated address. 2093 */ 2094 if (((struct in6_ifaddr *)ifa)->ia6_flags & 2095 IN6_IFF_NOTREADY) 2096 continue; 2097 2098 /* XXX: is there any case to allow anycasts? */ 2099 if (((struct in6_ifaddr *)ifa)->ia6_flags & 2100 IN6_IFF_ANYCAST) 2101 continue; 2102 2103 if (((struct in6_ifaddr *)ifa)->ia6_flags & 2104 IN6_IFF_DETACHED) 2105 continue; 2106 2107 /* Skip adresses not valid for current jail */ 2108 if (jailed && 2109 !(jailed_ip(cred->cr_prison, (struct sockaddr *)(ifa->ifa_addr)) != 0)) 2110 continue; 2111 2112 /* 2113 * If this is the first address we find, 2114 * keep it anyway. 2115 */ 2116 if (ifa_best == NULL) 2117 goto replace; 2118 2119 /* 2120 * ifa_best is never NULL beyond this line except 2121 * within the block labeled "replace". 2122 */ 2123 2124 /* 2125 * If ifa_best has a smaller scope than dst and 2126 * the current address has a larger one than 2127 * (or equal to) dst, always replace ifa_best. 2128 * Also, if the current address has a smaller scope 2129 * than dst, ignore it unless ifa_best also has a 2130 * smaller scope. 2131 * Consequently, after the two if-clause below, 2132 * the followings must be satisfied: 2133 * (scope(src) < scope(dst) && 2134 * scope(best) < scope(dst)) 2135 * OR 2136 * (scope(best) >= scope(dst) && 2137 * scope(src) >= scope(dst)) 2138 */ 2139 if (IN6_ARE_SCOPE_CMP(best_scope, dst_scope) < 0 && 2140 IN6_ARE_SCOPE_CMP(src_scope, dst_scope) >= 0) 2141 goto replace; /* (A) */ 2142 if (IN6_ARE_SCOPE_CMP(src_scope, dst_scope) < 0 && 2143 IN6_ARE_SCOPE_CMP(best_scope, dst_scope) >= 0) 2144 continue; /* (B) */ 2145 2146 /* 2147 * A deprecated address SHOULD NOT be used in new 2148 * communications if an alternate (non-deprecated) 2149 * address is available and has sufficient scope. 2150 * RFC 2462, Section 5.5.4. 2151 */ 2152 if (((struct in6_ifaddr *)ifa)->ia6_flags & 2153 IN6_IFF_DEPRECATED) { 2154 /* 2155 * Ignore any deprecated addresses if 2156 * specified by configuration. 2157 */ 2158 if (!ip6_use_deprecated) 2159 continue; 2160 2161 /* 2162 * If we have already found a non-deprecated 2163 * candidate, just ignore deprecated addresses. 2164 */ 2165 if (!(ifa_best->ia6_flags & IN6_IFF_DEPRECATED)) 2166 continue; 2167 } 2168 2169 /* 2170 * A non-deprecated address is always preferred 2171 * to a deprecated one regardless of scopes and 2172 * address matching (Note invariants ensured by the 2173 * conditions (A) and (B) above.) 2174 */ 2175 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) && 2176 !(((struct in6_ifaddr *)ifa)->ia6_flags & 2177 IN6_IFF_DEPRECATED)) 2178 goto replace; 2179 2180 /* 2181 * When we use temporary addresses described in 2182 * RFC 3041, we prefer temporary addresses to 2183 * public autoconf addresses. Again, note the 2184 * invariants from (A) and (B). Also note that we 2185 * don't have any preference between static addresses 2186 * and autoconf addresses (despite of whether or not 2187 * the latter is temporary or public.) 2188 */ 2189 if (ip6_use_tempaddr) { 2190 struct in6_ifaddr *ifat; 2191 2192 ifat = (struct in6_ifaddr *)ifa; 2193 if ((ifa_best->ia6_flags & 2194 (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY)) 2195 == IN6_IFF_AUTOCONF && 2196 (ifat->ia6_flags & 2197 (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY)) 2198 == (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY)) { 2199 goto replace; 2200 } 2201 if ((ifa_best->ia6_flags & 2202 (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY)) 2203 == (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY) && 2204 (ifat->ia6_flags & 2205 (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY)) 2206 == IN6_IFF_AUTOCONF) { 2207 continue; 2208 } 2209 } 2210 2211 /* 2212 * At this point, we have two cases: 2213 * 1. we are looking at a non-deprecated address, 2214 * and ifa_best is also non-deprecated. 2215 * 2. we are looking at a deprecated address, 2216 * and ifa_best is also deprecated. 2217 * Also, we do not have to consider a case where 2218 * the scope of if_best is larger(smaller) than dst and 2219 * the scope of the current address is smaller(larger) 2220 * than dst. Such a case has already been covered. 2221 * Tiebreaking is done according to the following 2222 * items: 2223 * - the scope comparison between the address and 2224 * dst (dscopecmp) 2225 * - the scope comparison between the address and 2226 * ifa_best (bscopecmp) 2227 * - if the address match dst longer than ifa_best 2228 * (matchcmp) 2229 * - if the address is on the outgoing I/F (outI/F) 2230 * 2231 * Roughly speaking, the selection policy is 2232 * - the most important item is scope. The same scope 2233 * is best. Then search for a larger scope. 2234 * Smaller scopes are the last resort. 2235 * - A deprecated address is chosen only when we have 2236 * no address that has an enough scope, but is 2237 * prefered to any addresses of smaller scopes 2238 * (this must be already done above.) 2239 * - addresses on the outgoing I/F are preferred to 2240 * ones on other interfaces if none of above 2241 * tiebreaks. In the table below, the column "bI" 2242 * means if the best_ifa is on the outgoing 2243 * interface, and the column "sI" means if the ifa 2244 * is on the outgoing interface. 2245 * - If there is no other reasons to choose one, 2246 * longest address match against dst is considered. 2247 * 2248 * The precise decision table is as follows: 2249 * dscopecmp bscopecmp match bI oI | replace? 2250 * N/A equal N/A Y N | No (1) 2251 * N/A equal N/A N Y | Yes (2) 2252 * N/A equal larger N/A | Yes (3) 2253 * N/A equal !larger N/A | No (4) 2254 * larger larger N/A N/A | No (5) 2255 * larger smaller N/A N/A | Yes (6) 2256 * smaller larger N/A N/A | Yes (7) 2257 * smaller smaller N/A N/A | No (8) 2258 * equal smaller N/A N/A | Yes (9) 2259 * equal larger (already done at A above) 2260 */ 2261 dscopecmp = IN6_ARE_SCOPE_CMP(src_scope, dst_scope); 2262 bscopecmp = IN6_ARE_SCOPE_CMP(src_scope, best_scope); 2263 2264 if (bscopecmp == 0) { 2265 struct ifnet *bifp = ifa_best->ia_ifp; 2266 2267 if (bifp == oifp && ifp != oifp) /* (1) */ 2268 continue; 2269 if (bifp != oifp && ifp == oifp) /* (2) */ 2270 goto replace; 2271 2272 /* 2273 * Both bifp and ifp are on the outgoing 2274 * interface, or both two are on a different 2275 * interface from the outgoing I/F. 2276 * now we need address matching against dst 2277 * for tiebreaking. 2278 */ 2279 tlen = in6_matchlen(IFA_IN6(ifa), dst); 2280 matchcmp = tlen - blen; 2281 if (matchcmp > 0) /* (3) */ 2282 goto replace; 2283 continue; /* (4) */ 2284 } 2285 if (dscopecmp > 0) { 2286 if (bscopecmp > 0) /* (5) */ 2287 continue; 2288 goto replace; /* (6) */ 2289 } 2290 if (dscopecmp < 0) { 2291 if (bscopecmp > 0) /* (7) */ 2292 goto replace; 2293 continue; /* (8) */ 2294 } 2295 2296 /* now dscopecmp must be 0 */ 2297 if (bscopecmp < 0) 2298 goto replace; /* (9) */ 2299 2300 replace: 2301 ifa_best = (struct in6_ifaddr *)ifa; 2302 blen = tlen >= 0 ? tlen : 2303 in6_matchlen(IFA_IN6(ifa), dst); 2304 best_scope = in6_addrscope(&ifa_best->ia_addr.sin6_addr); 2305 } 2306 } 2307 2308 /* count statistics for future improvements */ 2309 if (ifa_best == NULL) 2310 ip6stat.ip6s_sources_none++; 2311 else { 2312 if (oifp == ifa_best->ia_ifp) 2313 ip6stat.ip6s_sources_sameif[best_scope]++; 2314 else 2315 ip6stat.ip6s_sources_otherif[best_scope]++; 2316 2317 if (best_scope == dst_scope) 2318 ip6stat.ip6s_sources_samescope[best_scope]++; 2319 else 2320 ip6stat.ip6s_sources_otherscope[best_scope]++; 2321 2322 if (ifa_best->ia6_flags & IN6_IFF_DEPRECATED) 2323 ip6stat.ip6s_sources_deprecated[best_scope]++; 2324 } 2325 2326 return (ifa_best); 2327 } 2328 2329 /* 2330 * return the best address out of the same scope. if no address was 2331 * found, return the first valid address from designated IF. 2332 */ 2333 struct in6_ifaddr * 2334 in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst) 2335 { 2336 int dst_scope = in6_addrscope(dst), blen = -1, tlen; 2337 struct ifaddr_container *ifac; 2338 struct in6_ifaddr *besta = NULL; 2339 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */ 2340 2341 dep[0] = dep[1] = NULL; 2342 2343 /* 2344 * We first look for addresses in the same scope. 2345 * If there is one, return it. 2346 * If two or more, return one which matches the dst longest. 2347 * If none, return one of global addresses assigned other ifs. 2348 */ 2349 TAILQ_FOREACH(ifac, &ifp->if_addrheads[mycpuid], ifa_link) { 2350 struct ifaddr *ifa = ifac->ifa; 2351 2352 if (ifa->ifa_addr->sa_family != AF_INET6) 2353 continue; 2354 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2355 continue; /* XXX: is there any case to allow anycast? */ 2356 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2357 continue; /* don't use this interface */ 2358 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2359 continue; 2360 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2361 if (ip6_use_deprecated) 2362 dep[0] = (struct in6_ifaddr *)ifa; 2363 continue; 2364 } 2365 2366 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) { 2367 /* 2368 * call in6_matchlen() as few as possible 2369 */ 2370 if (besta) { 2371 if (blen == -1) 2372 blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst); 2373 tlen = in6_matchlen(IFA_IN6(ifa), dst); 2374 if (tlen > blen) { 2375 blen = tlen; 2376 besta = (struct in6_ifaddr *)ifa; 2377 } 2378 } else 2379 besta = (struct in6_ifaddr *)ifa; 2380 } 2381 } 2382 if (besta) 2383 return (besta); 2384 2385 TAILQ_FOREACH(ifac, &ifp->if_addrheads[mycpuid], ifa_link) { 2386 struct ifaddr *ifa = ifac->ifa; 2387 2388 if (ifa->ifa_addr->sa_family != AF_INET6) 2389 continue; 2390 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2391 continue; /* XXX: is there any case to allow anycast? */ 2392 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2393 continue; /* don't use this interface */ 2394 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2395 continue; 2396 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2397 if (ip6_use_deprecated) 2398 dep[1] = (struct in6_ifaddr *)ifa; 2399 continue; 2400 } 2401 2402 return (struct in6_ifaddr *)ifa; 2403 } 2404 2405 /* use the last-resort values, that are, deprecated addresses */ 2406 if (dep[0]) 2407 return dep[0]; 2408 if (dep[1]) 2409 return dep[1]; 2410 2411 return NULL; 2412 } 2413 2414 /* 2415 * perform DAD when interface becomes IFF_UP. 2416 */ 2417 static void 2418 in6_if_up_dispatch(netmsg_t nmsg) 2419 { 2420 struct ifnet *ifp = nmsg->lmsg.u.ms_resultp; 2421 struct ifaddr_container *ifac; 2422 struct in6_ifaddr *ia; 2423 int dad_delay; /* delay ticks before DAD output */ 2424 2425 ASSERT_NETISR0; 2426 2427 /* 2428 * special cases, like 6to4, are handled in in6_ifattach 2429 */ 2430 in6_ifattach(ifp, NULL); 2431 2432 dad_delay = 0; 2433 TAILQ_FOREACH(ifac, &ifp->if_addrheads[mycpuid], ifa_link) { 2434 struct ifaddr *ifa = ifac->ifa; 2435 2436 if (ifa->ifa_addr->sa_family != AF_INET6) 2437 continue; 2438 ia = (struct in6_ifaddr *)ifa; 2439 if (ia->ia6_flags & IN6_IFF_TENTATIVE) 2440 nd6_dad_start(ifa, &dad_delay); 2441 } 2442 2443 netisr_replymsg(&nmsg->base, 0); 2444 } 2445 2446 void 2447 in6_if_up(struct ifnet *ifp) 2448 { 2449 struct netmsg_base nmsg; 2450 2451 netmsg_init(&nmsg, NULL, &curthread->td_msgport, 0, in6_if_up_dispatch); 2452 nmsg.lmsg.u.ms_resultp = ifp; 2453 netisr_domsg(&nmsg, 0); 2454 } 2455 2456 void 2457 in6_if_down(struct ifnet *ifp) 2458 { 2459 rt_purgecloned(ifp, AF_INET6); 2460 } 2461 2462 int 2463 in6if_do_dad(struct ifnet *ifp) 2464 { 2465 if (ifp->if_flags & IFF_LOOPBACK) 2466 return (0); 2467 2468 switch (ifp->if_type) { 2469 #ifdef IFT_DUMMY 2470 case IFT_DUMMY: 2471 return (0); 2472 #endif 2473 default: 2474 /* 2475 * Our DAD routine requires the interface up and running. 2476 * However, some interfaces can be up before the RUNNING 2477 * status. Additionaly, users may try to assign addresses 2478 * before the interface becomes up (or running). 2479 * We simply skip DAD in such a case as a work around. 2480 * XXX: we should rather mark "tentative" on such addresses, 2481 * and do DAD after the interface becomes ready. 2482 */ 2483 if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) != 2484 (IFF_UP|IFF_RUNNING)) 2485 return (0); 2486 2487 return (1); 2488 } 2489 } 2490 2491 /* 2492 * Calculate max IPv6 MTU through all the interfaces and store it 2493 * to in6_maxmtu. 2494 */ 2495 void 2496 in6_setmaxmtu(void) 2497 { 2498 unsigned long maxmtu = 0; 2499 const struct ifnet_array *arr; 2500 int i; 2501 2502 ASSERT_NETISR0; 2503 2504 arr = ifnet_array_get(); 2505 for (i = 0; i < arr->ifnet_count; ++i) { 2506 struct ifnet *ifp = arr->ifnet_arr[i]; 2507 2508 /* this function can be called during ifnet initialization */ 2509 if (ifp->if_afdata[AF_INET6] == NULL) 2510 continue; 2511 if ((ifp->if_flags & IFF_LOOPBACK) == 0 && 2512 IN6_LINKMTU(ifp) > maxmtu) 2513 maxmtu = IN6_LINKMTU(ifp); 2514 } 2515 if (maxmtu) /* update only when maxmtu is positive */ 2516 in6_maxmtu = maxmtu; 2517 } 2518 2519 void * 2520 in6_domifattach(struct ifnet *ifp) 2521 { 2522 struct in6_ifextra *ext; 2523 2524 ext = (struct in6_ifextra *)kmalloc(sizeof(*ext), M_IFADDR, M_WAITOK); 2525 bzero(ext, sizeof(*ext)); 2526 2527 ext->in6_ifstat = (struct in6_ifstat *)kmalloc(sizeof(struct in6_ifstat), 2528 M_IFADDR, M_WAITOK); 2529 bzero(ext->in6_ifstat, sizeof(*ext->in6_ifstat)); 2530 2531 ext->icmp6_ifstat = 2532 (struct icmp6_ifstat *)kmalloc(sizeof(struct icmp6_ifstat), 2533 M_IFADDR, M_WAITOK); 2534 bzero(ext->icmp6_ifstat, sizeof(*ext->icmp6_ifstat)); 2535 2536 ext->nd_ifinfo = nd6_ifattach(ifp); 2537 ext->scope6_id = scope6_ifattach(ifp); 2538 return ext; 2539 } 2540 2541 void 2542 in6_domifdetach(struct ifnet *ifp, void *aux) 2543 { 2544 struct in6_ifextra *ext = (struct in6_ifextra *)aux; 2545 scope6_ifdetach(ext->scope6_id); 2546 nd6_ifdetach(ext->nd_ifinfo); 2547 kfree(ext->in6_ifstat, M_IFADDR); 2548 kfree(ext->icmp6_ifstat, M_IFADDR); 2549 kfree(ext, M_IFADDR); 2550 } 2551