1 /*- 2 * Copyright (c) 2015 3 * Alexander V. Chernikov <melifaro@FreeBSD.org> 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #include <sys/cdefs.h> 31 __FBSDID("$FreeBSD$"); 32 33 #include "opt_inet.h" 34 #include "opt_route.h" 35 #include "opt_mpath.h" 36 37 #include <sys/param.h> 38 #include <sys/systm.h> 39 #include <sys/lock.h> 40 #include <sys/rmlock.h> 41 #include <sys/malloc.h> 42 #include <sys/mbuf.h> 43 #include <sys/socket.h> 44 #include <sys/sysctl.h> 45 #include <sys/kernel.h> 46 47 #include <net/if.h> 48 #include <net/if_var.h> 49 #include <net/if_dl.h> 50 #include <net/route.h> 51 #include <net/route/route_var.h> 52 #include <net/route/nhop.h> 53 #include <net/route/shared.h> 54 #include <net/vnet.h> 55 56 #ifdef RADIX_MPATH 57 #include <net/radix_mpath.h> 58 #endif 59 60 #include <netinet/in.h> 61 #include <netinet/in_var.h> 62 #include <netinet/in_fib.h> 63 64 #ifdef INET 65 66 /* Verify struct route compatiblity */ 67 /* Assert 'struct route_in' is compatible with 'struct route' */ 68 CHK_STRUCT_ROUTE_COMPAT(struct route_in, ro_dst4); 69 70 /* 71 * Looks up path in fib @fibnum specified by @dst. 72 * Returns path nexthop on success. Nexthop is safe to use 73 * within the current network epoch. If longer lifetime is required, 74 * one needs to pass NHR_REF as a flag. This will return referenced 75 * nexthop. 76 */ 77 struct nhop_object * 78 fib4_lookup(uint32_t fibnum, struct in_addr dst, uint32_t scopeid, 79 uint32_t flags, uint32_t flowid) 80 { 81 RIB_RLOCK_TRACKER; 82 struct rib_head *rh; 83 struct radix_node *rn; 84 struct rtentry *rt; 85 struct nhop_object *nh; 86 87 KASSERT((fibnum < rt_numfibs), ("fib4_lookup: bad fibnum")); 88 rh = rt_tables_get_rnh(fibnum, AF_INET); 89 if (rh == NULL) 90 return (NULL); 91 92 /* Prepare lookup key */ 93 struct sockaddr_in sin4; 94 memset(&sin4, 0, sizeof(sin4)); 95 sin4.sin_family = AF_INET; 96 sin4.sin_len = sizeof(struct sockaddr_in); 97 sin4.sin_addr = dst; 98 99 nh = NULL; 100 RIB_RLOCK(rh); 101 rn = rh->rnh_matchaddr((void *)&sin4, &rh->head); 102 if (rn != NULL && ((rn->rn_flags & RNF_ROOT) == 0)) { 103 rt = RNTORT(rn); 104 #ifdef RADIX_MPATH 105 if (rt_mpath_next(rt) != NULL) 106 rt = rt_mpath_selectrte(rt, flowid); 107 #endif 108 nh = rt->rt_nhop; 109 /* Ensure route & ifp is UP */ 110 if (RT_LINK_IS_UP(nh->nh_ifp)) { 111 if (flags & NHR_REF) 112 nhop_ref_object(nh); 113 RIB_RUNLOCK(rh); 114 return (nh); 115 } 116 } 117 RIB_RUNLOCK(rh); 118 119 RTSTAT_INC(rts_unreach); 120 return (NULL); 121 } 122 123 inline static int 124 check_urpf(const struct nhop_object *nh, uint32_t flags, 125 const struct ifnet *src_if) 126 { 127 128 if (src_if != NULL && nh->nh_aifp == src_if) { 129 return (1); 130 } 131 if (src_if == NULL) { 132 if ((flags & NHR_NODEFAULT) == 0) 133 return (1); 134 else if ((nh->nh_flags & NHF_DEFAULT) == 0) 135 return (1); 136 } 137 138 return (0); 139 } 140 141 #ifdef RADIX_MPATH 142 inline static int 143 check_urpf_mpath(struct rtentry *rt, uint32_t flags, 144 const struct ifnet *src_if) 145 { 146 147 while (rt != NULL) { 148 if (check_urpf(rt->rt_nhop, flags, src_if) != 0) 149 return (1); 150 rt = rt_mpath_next(rt); 151 } 152 153 return (0); 154 } 155 #endif 156 157 /* 158 * Performs reverse path forwarding lookup. 159 * If @src_if is non-zero, verifies that at least 1 path goes via 160 * this interface. 161 * If @src_if is zero, verifies that route exist. 162 * if @flags contains NHR_NOTDEFAULT, do not consider default route. 163 * 164 * Returns 1 if route matching conditions is found, 0 otherwise. 165 */ 166 int 167 fib4_check_urpf(uint32_t fibnum, struct in_addr dst, uint32_t scopeid, 168 uint32_t flags, const struct ifnet *src_if) 169 { 170 RIB_RLOCK_TRACKER; 171 struct rib_head *rh; 172 struct radix_node *rn; 173 struct rtentry *rt; 174 int ret; 175 176 KASSERT((fibnum < rt_numfibs), ("fib4_check_urpf: bad fibnum")); 177 rh = rt_tables_get_rnh(fibnum, AF_INET); 178 if (rh == NULL) 179 return (0); 180 181 /* Prepare lookup key */ 182 struct sockaddr_in sin4; 183 memset(&sin4, 0, sizeof(sin4)); 184 sin4.sin_len = sizeof(struct sockaddr_in); 185 sin4.sin_addr = dst; 186 187 RIB_RLOCK(rh); 188 rn = rh->rnh_matchaddr((void *)&sin4, &rh->head); 189 if (rn != NULL && ((rn->rn_flags & RNF_ROOT) == 0)) { 190 rt = RNTORT(rn); 191 #ifdef RADIX_MPATH 192 ret = check_urpf_mpath(rt, flags, src_if); 193 #else 194 ret = check_urpf(rt->rt_nhop, flags, src_if); 195 #endif 196 RIB_RUNLOCK(rh); 197 return (ret); 198 } 199 RIB_RUNLOCK(rh); 200 201 return (0); 202 } 203 204 struct nhop_object * 205 fib4_lookup_debugnet(uint32_t fibnum, struct in_addr dst, uint32_t scopeid, 206 uint32_t flags) 207 { 208 struct rib_head *rh; 209 struct radix_node *rn; 210 struct rtentry *rt; 211 struct nhop_object *nh; 212 213 KASSERT((fibnum < rt_numfibs), ("fib4_lookup_debugnet: bad fibnum")); 214 rh = rt_tables_get_rnh(fibnum, AF_INET); 215 if (rh == NULL) 216 return (NULL); 217 218 /* Prepare lookup key */ 219 struct sockaddr_in sin4; 220 memset(&sin4, 0, sizeof(sin4)); 221 sin4.sin_family = AF_INET; 222 sin4.sin_len = sizeof(struct sockaddr_in); 223 sin4.sin_addr = dst; 224 225 nh = NULL; 226 /* unlocked lookup */ 227 rn = rh->rnh_matchaddr((void *)&sin4, &rh->head); 228 if (rn != NULL && ((rn->rn_flags & RNF_ROOT) == 0)) { 229 rt = RNTORT(rn); 230 #ifdef RADIX_MPATH 231 if (rt_mpath_next(rt) != NULL) 232 rt = rt_mpath_selectrte(rt, 0); 233 #endif 234 nh = rt->rt_nhop; 235 /* Ensure route & ifp is UP */ 236 if (RT_LINK_IS_UP(nh->nh_ifp)) { 237 if (flags & NHR_REF) 238 nhop_ref_object(nh); 239 return (nh); 240 } 241 } 242 243 return (NULL); 244 } 245 246 #endif 247