[apple/xnu.git] / bsd / netinet6 / udp6_output.c

/*
 * Copyright (c) 2000-2014 Apple Inc. All rights reserved.
 *
 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. The rights granted to you under the License
 * may not be used to create, or enable the creation or redistribution of,
 * unlawful or unlicensed copies of an Apple operating system, or to
 * circumvent, violate, or enable the circumvention or violation of, any
 * terms of an Apple operating system software license agreement.
 * 
 * Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
 */


/*	$FreeBSD: src/sys/netinet6/udp6_output.c,v 1.1.2.3 2001/08/31 13:49:58 jlemon Exp $	*/
/*	$KAME: udp6_output.c,v 1.31 2001/05/21 16:39:15 jinmei Exp $	*/

/*
 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. Neither the name of the project nor the names of its contributors
 *    may be used to endorse or promote products derived from this software
 *    without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */

/*
 * Copyright (c) 1982, 1986, 1989, 1993
 *	The Regents of the University of California.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *	This product includes software developed by the University of
 *	California, Berkeley and its contributors.
 * 4. Neither the name of the University nor the names of its contributors
 *    may be used to endorse or promote products derived from this software
 *    without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
 *	@(#)udp_var.h	8.1 (Berkeley) 6/10/93
 */

#include <sys/param.h>
#include <sys/malloc.h>
#include <sys/mbuf.h>
#include <sys/protosw.h>
#include <sys/socket.h>
#include <sys/socketvar.h>
#include <sys/sysctl.h>
#include <sys/errno.h>
#include <sys/stat.h>
#include <sys/systm.h>
#include <sys/proc.h>
#include <sys/syslog.h>

#include <machine/endian.h>

#include <net/if.h>
#include <net/route.h>
#include <net/if_types.h>
#include <net/ntstat.h>

#include <netinet/in.h>
#include <netinet/in_var.h>
#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <netinet/ip_var.h>
#include <netinet/in_pcb.h>
#include <netinet/udp.h>
#include <netinet/udp_var.h>
#include <netinet/ip6.h>
#include <netinet6/ip6_var.h>
#include <netinet6/in6_pcb.h>
#include <netinet6/udp6_var.h>
#include <netinet/icmp6.h>
#include <netinet6/ip6protosw.h>

#if NECP
#include <net/necp.h>
#endif /* NECP */

#include <net/net_osdep.h>

/*
 * UDP protocol inplementation.
 * Per RFC 768, August, 1980.
 */

int
udp6_output(struct in6pcb *in6p, struct mbuf *m, struct sockaddr *addr6,
    struct mbuf *control, struct proc *p)
{
	u_int32_t ulen = m->m_pkthdr.len;
	u_int32_t plen = sizeof (struct udphdr) + ulen;
	struct ip6_hdr *ip6;
	struct udphdr *udp6;
	struct in6_addr *laddr, *faddr;
	u_short fport;
	int error = 0;
	struct ip6_pktopts opt, *optp = NULL;
	struct ip6_moptions *im6o;
	int af = AF_INET6, hlen = sizeof (struct ip6_hdr);
	int flags;
	struct sockaddr_in6 tmp;
	struct	in6_addr storage;
	mbuf_svc_class_t msc = MBUF_SC_UNSPEC;
	struct ip6_out_args ip6oa =
	    { IFSCOPE_NONE, { 0 }, IP6OAF_SELECT_SRCIF, 0 };
	struct flowadv *adv = &ip6oa.ip6oa_flowadv;
	struct socket *so = in6p->in6p_socket;
	struct route_in6 ro;
	int flowadv = 0;

	/* Enable flow advisory only when connected */
	flowadv = (so->so_state & SS_ISCONNECTED) ? 1 : 0;

	if (flowadv && INP_WAIT_FOR_IF_FEEDBACK(in6p)) {
		error = ENOBUFS;
		goto release;
	}

	if (in6p->inp_flags & INP_BOUND_IF) {
		ip6oa.ip6oa_boundif = in6p->inp_boundifp->if_index;
		ip6oa.ip6oa_flags |= IP6OAF_BOUND_IF;
	}
	if (INP_NO_CELLULAR(in6p))
		ip6oa.ip6oa_flags |= IP6OAF_NO_CELLULAR;
	if (INP_NO_EXPENSIVE(in6p))
		ip6oa.ip6oa_flags |= IP6OAF_NO_EXPENSIVE;
	if (INP_AWDL_UNRESTRICTED(in6p))
		ip6oa.ip6oa_flags |= IP6OAF_AWDL_UNRESTRICTED;

	if (control) {
		msc = mbuf_service_class_from_control(control);
		if ((error = ip6_setpktopts(control, &opt,
		    NULL, IPPROTO_UDP)) != 0)
			goto release;
		optp = &opt;
	} else
		optp = in6p->in6p_outputopts;

	if (addr6) {
		/*
		 * IPv4 version of udp_output calls in_pcbconnect in this case,
		 * which has its costs.
		 *
		 * Since we saw no essential reason for calling in_pcbconnect,
		 * we get rid of such kind of logic, and call in6_selectsrc
		 * and in6_pcbsetport in order to fill in the local address
		 * and the local port.
		 */
		struct sockaddr_in6 *sin6 =
		    (struct sockaddr_in6 *)(void *)addr6;

		if (sin6->sin6_port == 0) {
			error = EADDRNOTAVAIL;
			goto release;
		}

		if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) {
			/* how about ::ffff:0.0.0.0 case? */
			error = EISCONN;
			goto release;
		}

		/* protect *sin6 from overwrites */
		tmp = *sin6;
		sin6 = &tmp;

		faddr = &sin6->sin6_addr;
		fport = sin6->sin6_port; /* allow 0 port */

		if (IN6_IS_ADDR_V4MAPPED(faddr)) {
			if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY)) {
				/*
				 * I believe we should explicitly discard the
				 * packet when mapped addresses are disabled,
				 * rather than send the packet as an IPv6 one.
				 * If we chose the latter approach, the packet
				 * might be sent out on the wire based on the
				 * default route, the situation which we'd
				 * probably want to avoid.
				 * (20010421 jinmei@kame.net)
				 */
				error = EINVAL;
				goto release;
			} else {
				af = AF_INET;
			}
		}

		/* KAME hack: embed scopeid */
		if (in6_embedscope(&sin6->sin6_addr, sin6, in6p, NULL,
		    optp) != 0) {
			error = EINVAL;
			goto release;
		}

		if (!IN6_IS_ADDR_V4MAPPED(faddr)) {
			laddr = in6_selectsrc(sin6, optp,
			    in6p, &in6p->in6p_route, NULL, &storage,
			    ip6oa.ip6oa_boundif, &error);
		} else
			laddr = &in6p->in6p_laddr;	/* XXX */
		if (laddr == NULL) {
			if (error == 0)
				error = EADDRNOTAVAIL;
			goto release;
		}
		if (in6p->in6p_lport == 0 &&
		    (error = in6_pcbsetport(laddr, in6p, p, 0)) != 0)
			goto release;
	} else {
		if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) {
			error = ENOTCONN;
			goto release;
		}
		if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr)) {
			if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY)) {
				/*
				 * XXX: this case would happen when the
				 * application sets the V6ONLY flag after
				 * connecting the foreign address.
				 * Such applications should be fixed,
				 * so we bark here.
				 */
				log(LOG_INFO, "udp6_output: IPV6_V6ONLY "
				    "option was set for a connected socket\n");
				error = EINVAL;
				goto release;
			} else
				af = AF_INET;
		}
		laddr = &in6p->in6p_laddr;
		faddr = &in6p->in6p_faddr;
		fport = in6p->in6p_fport;
	}

	if (in6p->inp_flowhash == 0)
		in6p->inp_flowhash = inp_calc_flowhash(in6p);
	/* update flowinfo - RFC 6437 */
	if (in6p->inp_flow == 0 && in6p->in6p_flags & IN6P_AUTOFLOWLABEL) {
		in6p->inp_flow &= ~IPV6_FLOWLABEL_MASK;
		in6p->inp_flow |=
		    (htonl(in6p->inp_flowhash) & IPV6_FLOWLABEL_MASK);
	}

	if (af == AF_INET)
		hlen = sizeof (struct ip);

	/*
	 * Calculate data length and get a mbuf
	 * for UDP and IP6 headers.
	 */
	M_PREPEND(m, hlen + sizeof (struct udphdr), M_DONTWAIT);
	if (m == 0) {
		error = ENOBUFS;
		goto release;
	}

	/*
	 * Stuff checksum and output datagram.
	 */
	udp6 = (struct udphdr *)(void *)(mtod(m, caddr_t) + hlen);
	udp6->uh_sport = in6p->in6p_lport; /* lport is always set in the PCB */
	udp6->uh_dport = fport;
	if (plen <= 0xffff)
		udp6->uh_ulen = htons((u_short)plen);
	else
		udp6->uh_ulen = 0;
	udp6->uh_sum = 0;

	switch (af) {
	case AF_INET6:
		ip6 = mtod(m, struct ip6_hdr *);
		ip6->ip6_flow	= in6p->inp_flow & IPV6_FLOWINFO_MASK;
		ip6->ip6_vfc	&= ~IPV6_VERSION_MASK;
		ip6->ip6_vfc	|= IPV6_VERSION;
#if 0		/* ip6_plen will be filled in ip6_output. */
		ip6->ip6_plen	= htons((u_short)plen);
#endif
		ip6->ip6_nxt	= IPPROTO_UDP;
		ip6->ip6_hlim	= in6_selecthlim(in6p, in6p->in6p_route.ro_rt ?
		    in6p->in6p_route.ro_rt->rt_ifp : NULL);
		ip6->ip6_src	= *laddr;
		ip6->ip6_dst	= *faddr;

		udp6->uh_sum = in6_pseudo(laddr, faddr,
		    htonl(plen + IPPROTO_UDP));
		m->m_pkthdr.csum_flags = CSUM_UDPIPV6;
		m->m_pkthdr.csum_data = offsetof(struct udphdr, uh_sum);

		if (!IN6_IS_ADDR_UNSPECIFIED(laddr))
			ip6oa.ip6oa_flags |= IP6OAF_BOUND_SRCADDR;

		flags = IPV6_OUTARGS;

		udp6stat.udp6s_opackets++;
			
#if NECP
		{
			necp_kernel_policy_id policy_id;
			if (!necp_socket_is_allowed_to_send_recv_v6(in6p, in6p->in6p_lport, fport, laddr, faddr, NULL, &policy_id)) {
				error = EHOSTUNREACH;
				goto release;
			}

			necp_mark_packet_from_socket(m, in6p, policy_id);
		}
#endif /* NECP */
			
#if IPSEC
		if (in6p->in6p_sp != NULL && ipsec_setsocket(m, so) != 0) {
			error = ENOBUFS;
			goto release;
		}
#endif /*IPSEC*/

		/* In case of IPv4-mapped address used in previous send */
		if (ROUTE_UNUSABLE(&in6p->in6p_route) ||
		    rt_key(in6p->in6p_route.ro_rt)->sa_family != AF_INET6)
			ROUTE_RELEASE(&in6p->in6p_route);

		/* Copy the cached route and take an extra reference */
		in6p_route_copyout(in6p, &ro);

		set_packet_service_class(m, so, msc, PKT_SCF_IPV6);

		m->m_pkthdr.pkt_flowsrc = FLOWSRC_INPCB;
		m->m_pkthdr.pkt_flowid = in6p->inp_flowhash;
		m->m_pkthdr.pkt_proto = IPPROTO_UDP;
		m->m_pkthdr.pkt_flags |= (PKTF_FLOW_ID | PKTF_FLOW_LOCALSRC);
		if (flowadv)
			m->m_pkthdr.pkt_flags |= PKTF_FLOW_ADV;

		im6o = in6p->in6p_moptions;
		if (im6o != NULL) {
			IM6O_LOCK(im6o);
			IM6O_ADDREF_LOCKED(im6o);
			if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) &&
			    im6o->im6o_multicast_ifp != NULL) {
				in6p->in6p_last_outifp =
				    im6o->im6o_multicast_ifp;
			}
			IM6O_UNLOCK(im6o);
		}

		in6p->inp_sndinprog_cnt++;

		socket_unlock(so, 0);
		error = ip6_output(m, optp, &ro, flags, im6o, NULL, &ip6oa);
		m = NULL;
		socket_lock(so, 0);

		if (im6o != NULL)
			IM6O_REMREF(im6o);

		if (error == 0 && nstat_collect) {
			boolean_t cell, wifi, wired;

			if (in6p->in6p_route.ro_rt != NULL) {
				cell = IFNET_IS_CELLULAR(in6p->in6p_route.
				    ro_rt->rt_ifp);
				wifi = (!cell && IFNET_IS_WIFI(in6p->in6p_route.
				    ro_rt->rt_ifp));
				wired = (!wifi && IFNET_IS_WIRED(in6p->in6p_route.
				    ro_rt->rt_ifp));
			} else {
				cell = wifi = wired = FALSE;
			}
			INP_ADD_STAT(in6p, cell, wifi, wired, txpackets, 1);
			INP_ADD_STAT(in6p, cell, wifi, wired, txbytes, ulen);
		}

		if (flowadv && (adv->code == FADV_FLOW_CONTROLLED ||
		    adv->code == FADV_SUSPENDED)) {
			/*
			 * Return an error to indicate
			 * that the packet has been dropped.
			 */
			error = ENOBUFS;
			inp_set_fc_state(in6p, adv->code);
		}

		VERIFY(in6p->inp_sndinprog_cnt > 0);
		if ( --in6p->inp_sndinprog_cnt == 0)
			in6p->inp_flags &= ~(INP_FC_FEEDBACK);

		/* Synchronize PCB cached route */
		in6p_route_copyin(in6p, &ro);

		if (in6p->in6p_route.ro_rt != NULL) {
			struct rtentry *rt = in6p->in6p_route.ro_rt;
			struct ifnet *outif;

			if (rt->rt_flags & RTF_MULTICAST)
				rt = NULL;	/* unusable */

			/*
			 * Always discard the cached route for unconnected
			 * socket or if it is a multicast route.
			 */
			if (rt == NULL)
				ROUTE_RELEASE(&in6p->in6p_route);

			/*
			 * If the destination route is unicast, update outif
			 * with that of the route interface used by IP.
			 */
			if (rt != NULL &&
			    (outif = rt->rt_ifp) != in6p->in6p_last_outifp)
				in6p->in6p_last_outifp = outif;
		} else {
			ROUTE_RELEASE(&in6p->in6p_route);
		}

		/*
		 * If output interface was cellular/expensive, and this
		 * socket is denied access to it, generate an event.
		 */
		if (error != 0 && (ip6oa.ip6oa_retflags & IP6OARF_IFDENIED) &&
		    (INP_NO_CELLULAR(in6p) || INP_NO_EXPENSIVE(in6p)))
			soevent(in6p->inp_socket, (SO_FILT_HINT_LOCKED|
			    SO_FILT_HINT_IFDENIED));
		break;
	case AF_INET:
		error = EAFNOSUPPORT;
		goto release;
	}
	goto releaseopt;

release:
	if (m != NULL)
		m_freem(m);

releaseopt:
	if (control != NULL) {
		if (optp == &opt)
			ip6_clearpktopts(optp, -1);
		m_freem(control);
	}
	return (error);
}
Commit	Line	Data
b0d623f7	1	/*
fe8ab488	2	* Copyright (c) 2000-2014 Apple Inc. All rights reserved.
b0d623f7 A	3	*
	4	* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
	5	*
	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. The rights granted to you under the License
	10	* may not be used to create, or enable the creation or redistribution of,
	11	* unlawful or unlicensed copies of an Apple operating system, or to
	12	* circumvent, violate, or enable the circumvention or violation of, any
	13	* terms of an Apple operating system software license agreement.
	14	*
	15	* Please obtain a copy of the License at
	16	* http://www.opensource.apple.com/apsl/ and read it before using this file.
	17	*
	18	* The Original Code and all software distributed under the License are
	19	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	20	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	21	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	22	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	23	* Please see the License for the specific language governing rights and
	24	* limitations under the License.
	25	*
	26	* @APPLE_OSREFERENCE_LICENSE_HEADER_END@
	27	*/
	28
	29
9bccf70c A	30	/* $FreeBSD: src/sys/netinet6/udp6_output.c,v 1.1.2.3 2001/08/31 13:49:58 jlemon Exp $ */
	31	/* $KAME: udp6_output.c,v 1.31 2001/05/21 16:39:15 jinmei Exp $ */
	32
	33	/*
	34	* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
	35	* All rights reserved.
	36	*
	37	* Redistribution and use in source and binary forms, with or without
	38	* modification, are permitted provided that the following conditions
	39	* are met:
	40	* 1. Redistributions of source code must retain the above copyright
	41	* notice, this list of conditions and the following disclaimer.
	42	* 2. Redistributions in binary form must reproduce the above copyright
	43	* notice, this list of conditions and the following disclaimer in the
	44	* documentation and/or other materials provided with the distribution.
	45	* 3. Neither the name of the project nor the names of its contributors
	46	* may be used to endorse or promote products derived from this software
	47	* without specific prior written permission.
	48	*
	49	* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
	50	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	51	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	52	* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
	53	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	54	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	55	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	56	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	57	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	58	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	59	* SUCH DAMAGE.
	60	*/
	61
	62	/*
	63	* Copyright (c) 1982, 1986, 1989, 1993
	64	* The Regents of the University of California. All rights reserved.
	65	*
	66	* Redistribution and use in source and binary forms, with or without
	67	* modification, are permitted provided that the following conditions
	68	* are met:
	69	* 1. Redistributions of source code must retain the above copyright
	70	* notice, this list of conditions and the following disclaimer.
	71	* 2. Redistributions in binary form must reproduce the above copyright
	72	* notice, this list of conditions and the following disclaimer in the
	73	* documentation and/or other materials provided with the distribution.
	74	* 3. All advertising materials mentioning features or use of this software
	75	* must display the following acknowledgement:
	76	* This product includes software developed by the University of
	77	* California, Berkeley and its contributors.
	78	* 4. Neither the name of the University nor the names of its contributors
	79	* may be used to endorse or promote products derived from this software
	80	* without specific prior written permission.
	81	*
	82	* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
	83	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	84	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	85	* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
	86	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	87	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	88	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	89	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	90	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	91	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	92	* SUCH DAMAGE.
	93	*
94	* @(#)udp_var.h 8.1 (Berkeley) 6/10/93
95	*/
96
97	#include <sys/param.h>
98	#include <sys/malloc.h>
99	#include <sys/mbuf.h>
100	#include <sys/protosw.h>
101	#include <sys/socket.h>
102	#include <sys/socketvar.h>
103	#include <sys/sysctl.h>
104	#include <sys/errno.h>
105	#include <sys/stat.h>
106	#include <sys/systm.h>
107	#include <sys/proc.h>
108	#include <sys/syslog.h>
109
6d2010ae A	110	#include <machine/endian.h>
6d2010ae A	111
9bccf70c A	112	#include <net/if.h>
	113	#include <net/route.h>
	114	#include <net/if_types.h>
6d2010ae	115	#include <net/ntstat.h>
9bccf70c A	116
	117	#include <netinet/in.h>
	118	#include <netinet/in_var.h>
	119	#include <netinet/in_systm.h>
	120	#include <netinet/ip.h>
	121	#include <netinet/ip_var.h>
	122	#include <netinet/in_pcb.h>
	123	#include <netinet/udp.h>
	124	#include <netinet/udp_var.h>
	125	#include <netinet/ip6.h>
	126	#include <netinet6/ip6_var.h>
	127	#include <netinet6/in6_pcb.h>
	128	#include <netinet6/udp6_var.h>
	129	#include <netinet/icmp6.h>
	130	#include <netinet6/ip6protosw.h>
	131
fe8ab488 A	132	#if NECP
	133	#include <net/necp.h>
	134	#endif /* NECP */
9bccf70c	135
9bccf70c A	136	#include <net/net_osdep.h>
	137
	138	/*
	139	* UDP protocol inplementation.
	140	* Per RFC 768, August, 1980.
	141	*/
	142
9bccf70c	143	int
39236c6e A	144	udp6_output(struct in6pcb in6p, struct mbuf m, struct sockaddr *addr6,
39236c6e A	145	struct mbuf control, struct proc p)
9bccf70c A	146	{
9bccf70c A	147	u_int32_t ulen = m->m_pkthdr.len;
39236c6e	148	u_int32_t plen = sizeof (struct udphdr) + ulen;
9bccf70c A	149	struct ip6_hdr *ip6;
	150	struct udphdr *udp6;
	151	struct in6_addr laddr, faddr;
	152	u_short fport;
	153	int error = 0;
6d2010ae A	154	struct ip6_pktopts opt, *optp = NULL;
6d2010ae A	155	struct ip6_moptions *im6o;
39236c6e	156	int af = AF_INET6, hlen = sizeof (struct ip6_hdr);
9bccf70c A	157	int flags;
9bccf70c A	158	struct sockaddr_in6 tmp;
91447636	159	struct in6_addr storage;
316670eb A	160	mbuf_svc_class_t msc = MBUF_SC_UNSPEC;
316670eb A	161	struct ip6_out_args ip6oa =
39236c6e	162	{ IFSCOPE_NONE, { 0 }, IP6OAF_SELECT_SRCIF, 0 };
316670eb	163	struct flowadv *adv = &ip6oa.ip6oa_flowadv;
39236c6e A	164	struct socket *so = in6p->in6p_socket;
39236c6e A	165	struct route_in6 ro;
316670eb A	166	int flowadv = 0;
	167
	168	/* Enable flow advisory only when connected */
39236c6e	169	flowadv = (so->so_state & SS_ISCONNECTED) ? 1 : 0;
6d2010ae	170
316670eb A	171	if (flowadv && INP_WAIT_FOR_IF_FEEDBACK(in6p)) {
	172	error = ENOBUFS;
	173	goto release;
	174	}
9bccf70c	175
316670eb A	176	if (in6p->inp_flags & INP_BOUND_IF) {
	177	ip6oa.ip6oa_boundif = in6p->inp_boundifp->if_index;
	178	ip6oa.ip6oa_flags \|= IP6OAF_BOUND_IF;
	179	}
fe8ab488	180	if (INP_NO_CELLULAR(in6p))
316670eb	181	ip6oa.ip6oa_flags \|= IP6OAF_NO_CELLULAR;
fe8ab488 A	182	if (INP_NO_EXPENSIVE(in6p))
	183	ip6oa.ip6oa_flags \|= IP6OAF_NO_EXPENSIVE;
	184	if (INP_AWDL_UNRESTRICTED(in6p))
	185	ip6oa.ip6oa_flags \|= IP6OAF_AWDL_UNRESTRICTED;
b0d623f7	186
9bccf70c	187	if (control) {
316670eb	188	msc = mbuf_service_class_from_control(control);
39236c6e A	189	if ((error = ip6_setpktopts(control, &opt,
39236c6e A	190	NULL, IPPROTO_UDP)) != 0)
9bccf70c	191	goto release;
6d2010ae A	192	optp = &opt;
	193	} else
	194	optp = in6p->in6p_outputopts;
9bccf70c A	195
	196	if (addr6) {
	197	/*
	198	* IPv4 version of udp_output calls in_pcbconnect in this case,
39236c6e A	199	* which has its costs.
39236c6e A	200	*
9bccf70c A	201	* Since we saw no essential reason for calling in_pcbconnect,
	202	* we get rid of such kind of logic, and call in6_selectsrc
	203	* and in6_pcbsetport in order to fill in the local address
	204	* and the local port.
	205	*/
316670eb A	206	struct sockaddr_in6 *sin6 =
	207	(struct sockaddr_in6 )(void )addr6;
	208
9bccf70c A	209	if (sin6->sin6_port == 0) {
	210	error = EADDRNOTAVAIL;
	211	goto release;
	212	}
	213
	214	if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) {
	215	/* how about ::ffff:0.0.0.0 case? */
	216	error = EISCONN;
	217	goto release;
	218	}
	219
	220	/* protect sin6 from overwrites /
	221	tmp = *sin6;
	222	sin6 = &tmp;
	223
	224	faddr = &sin6->sin6_addr;
	225	fport = sin6->sin6_port; /* allow 0 port */
	226
	227	if (IN6_IS_ADDR_V4MAPPED(faddr)) {
	228	if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY)) {
	229	/*
	230	* I believe we should explicitly discard the
	231	* packet when mapped addresses are disabled,
	232	* rather than send the packet as an IPv6 one.
	233	* If we chose the latter approach, the packet
	234	* might be sent out on the wire based on the
	235	* default route, the situation which we'd
	236	* probably want to avoid.
	237	* (20010421 jinmei@kame.net)
	238	*/
	239	error = EINVAL;
	240	goto release;
39236c6e	241	} else {
9bccf70c	242	af = AF_INET;
39236c6e	243	}
9bccf70c A	244	}
	245
	246	/* KAME hack: embed scopeid */
6d2010ae A	247	if (in6_embedscope(&sin6->sin6_addr, sin6, in6p, NULL,
6d2010ae A	248	optp) != 0) {
9bccf70c A	249	error = EINVAL;
	250	goto release;
	251	}
	252
	253	if (!IN6_IS_ADDR_V4MAPPED(faddr)) {
6d2010ae A	254	laddr = in6_selectsrc(sin6, optp,
	255	in6p, &in6p->in6p_route, NULL, &storage,
	256	ip6oa.ip6oa_boundif, &error);
9bccf70c A	257	} else
	258	laddr = &in6p->in6p_laddr; /* XXX */
	259	if (laddr == NULL) {
	260	if (error == 0)
	261	error = EADDRNOTAVAIL;
	262	goto release;
	263	}
	264	if (in6p->in6p_lport == 0 &&
91447636	265	(error = in6_pcbsetport(laddr, in6p, p, 0)) != 0)
9bccf70c A	266	goto release;
	267	} else {
	268	if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) {
	269	error = ENOTCONN;
	270	goto release;
	271	}
	272	if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr)) {
	273	if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY)) {
	274	/*
	275	* XXX: this case would happen when the
	276	* application sets the V6ONLY flag after
	277	* connecting the foreign address.
	278	* Such applications should be fixed,
	279	* so we bark here.
	280	*/
	281	log(LOG_INFO, "udp6_output: IPV6_V6ONLY "
	282	"option was set for a connected socket\n");
	283	error = EINVAL;
	284	goto release;
	285	} else
	286	af = AF_INET;
	287	}
	288	laddr = &in6p->in6p_laddr;
	289	faddr = &in6p->in6p_faddr;
	290	fport = in6p->in6p_fport;
	291	}
	292
316670eb A	293	if (in6p->inp_flowhash == 0)
316670eb A	294	in6p->inp_flowhash = inp_calc_flowhash(in6p);
39236c6e A	295	/* update flowinfo - RFC 6437 */
	296	if (in6p->inp_flow == 0 && in6p->in6p_flags & IN6P_AUTOFLOWLABEL) {
	297	in6p->inp_flow &= ~IPV6_FLOWLABEL_MASK;
	298	in6p->inp_flow \|=
	299	(htonl(in6p->inp_flowhash) & IPV6_FLOWLABEL_MASK);
	300	}
316670eb	301
9bccf70c	302	if (af == AF_INET)
39236c6e	303	hlen = sizeof (struct ip);
9bccf70c A	304
	305	/*
	306	* Calculate data length and get a mbuf
	307	* for UDP and IP6 headers.
	308	*/
39236c6e	309	M_PREPEND(m, hlen + sizeof (struct udphdr), M_DONTWAIT);
9bccf70c A	310	if (m == 0) {
	311	error = ENOBUFS;
	312	goto release;
	313	}
	314
	315	/*
	316	* Stuff checksum and output datagram.
	317	*/
316670eb	318	udp6 = (struct udphdr )(void )(mtod(m, caddr_t) + hlen);
9bccf70c A	319	udp6->uh_sport = in6p->in6p_lport; /* lport is always set in the PCB */
	320	udp6->uh_dport = fport;
	321	if (plen <= 0xffff)
	322	udp6->uh_ulen = htons((u_short)plen);
	323	else
	324	udp6->uh_ulen = 0;
	325	udp6->uh_sum = 0;
	326
	327	switch (af) {
	328	case AF_INET6:
	329	ip6 = mtod(m, struct ip6_hdr *);
39236c6e A	330	ip6->ip6_flow = in6p->inp_flow & IPV6_FLOWINFO_MASK;
	331	ip6->ip6_vfc &= ~IPV6_VERSION_MASK;
	332	ip6->ip6_vfc \|= IPV6_VERSION;
	333	#if 0 /* ip6_plen will be filled in ip6_output. */
9bccf70c A	334	ip6->ip6_plen = htons((u_short)plen);
	335	#endif
	336	ip6->ip6_nxt = IPPROTO_UDP;
39236c6e A	337	ip6->ip6_hlim = in6_selecthlim(in6p, in6p->in6p_route.ro_rt ?
39236c6e A	338	in6p->in6p_route.ro_rt->rt_ifp : NULL);
9bccf70c A	339	ip6->ip6_src = *laddr;
	340	ip6->ip6_dst = *faddr;
	341
39236c6e A	342	udp6->uh_sum = in6_pseudo(laddr, faddr,
39236c6e A	343	htonl(plen + IPPROTO_UDP));
6d2010ae A	344	m->m_pkthdr.csum_flags = CSUM_UDPIPV6;
6d2010ae A	345	m->m_pkthdr.csum_data = offsetof(struct udphdr, uh_sum);
9bccf70c	346
316670eb A	347	if (!IN6_IS_ADDR_UNSPECIFIED(laddr))
	348	ip6oa.ip6oa_flags \|= IP6OAF_BOUND_SRCADDR;
	349
6d2010ae	350	flags = IPV6_OUTARGS;
9bccf70c A	351
9bccf70c A	352	udp6stat.udp6s_opackets++;
fe8ab488 A	353
	354	#if NECP
	355	{
	356	necp_kernel_policy_id policy_id;
	357	if (!necp_socket_is_allowed_to_send_recv_v6(in6p, in6p->in6p_lport, fport, laddr, faddr, NULL, &policy_id)) {
	358	error = EHOSTUNREACH;
	359	goto release;
	360	}
	361
	362	necp_mark_packet_from_socket(m, in6p, policy_id);
	363	}
	364	#endif /* NECP */
	365
39236c6e	366	#if IPSEC
fe8ab488	367	if (in6p->in6p_sp != NULL && ipsec_setsocket(m, so) != 0) {
9bccf70c A	368	error = ENOBUFS;
	369	goto release;
	370	}
fe8ab488	371	#endif /IPSEC/
39236c6e A	372
	373	/* In case of IPv4-mapped address used in previous send */
	374	if (ROUTE_UNUSABLE(&in6p->in6p_route) \|\|
	375	rt_key(in6p->in6p_route.ro_rt)->sa_family != AF_INET6)
	376	ROUTE_RELEASE(&in6p->in6p_route);
6d2010ae	377
39236c6e A	378	/* Copy the cached route and take an extra reference */
39236c6e A	379	in6p_route_copyout(in6p, &ro);
316670eb	380
39236c6e A	381	set_packet_service_class(m, so, msc, PKT_SCF_IPV6);
	382
	383	m->m_pkthdr.pkt_flowsrc = FLOWSRC_INPCB;
	384	m->m_pkthdr.pkt_flowid = in6p->inp_flowhash;
	385	m->m_pkthdr.pkt_proto = IPPROTO_UDP;
	386	m->m_pkthdr.pkt_flags \|= (PKTF_FLOW_ID \| PKTF_FLOW_LOCALSRC);
316670eb	387	if (flowadv)
39236c6e	388	m->m_pkthdr.pkt_flags \|= PKTF_FLOW_ADV;
6d2010ae A	389
6d2010ae A	390	im6o = in6p->in6p_moptions;
316670eb A	391	if (im6o != NULL) {
	392	IM6O_LOCK(im6o);
	393	IM6O_ADDREF_LOCKED(im6o);
	394	if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) &&
	395	im6o->im6o_multicast_ifp != NULL) {
39236c6e A	396	in6p->in6p_last_outifp =
39236c6e A	397	im6o->im6o_multicast_ifp;
316670eb A	398	}
	399	IM6O_UNLOCK(im6o);
	400	}
	401
	402	in6p->inp_sndinprog_cnt++;
6d2010ae	403
39236c6e A	404	socket_unlock(so, 0);
	405	error = ip6_output(m, optp, &ro, flags, im6o, NULL, &ip6oa);
	406	m = NULL;
	407	socket_lock(so, 0);
6d2010ae A	408
	409	if (im6o != NULL)
	410	IM6O_REMREF(im6o);
316670eb	411
6d2010ae	412	if (error == 0 && nstat_collect) {
fe8ab488	413	boolean_t cell, wifi, wired;
39236c6e A	414
	415	if (in6p->in6p_route.ro_rt != NULL) {
	416	cell = IFNET_IS_CELLULAR(in6p->in6p_route.
	417	ro_rt->rt_ifp);
	418	wifi = (!cell && IFNET_IS_WIFI(in6p->in6p_route.
	419	ro_rt->rt_ifp));
fe8ab488 A	420	wired = (!wifi && IFNET_IS_WIRED(in6p->in6p_route.
fe8ab488 A	421	ro_rt->rt_ifp));
39236c6e	422	} else {
fe8ab488	423	cell = wifi = wired = FALSE;
39236c6e	424	}
fe8ab488 A	425	INP_ADD_STAT(in6p, cell, wifi, wired, txpackets, 1);
fe8ab488 A	426	INP_ADD_STAT(in6p, cell, wifi, wired, txbytes, ulen);
6d2010ae	427	}
d1ecb069	428
316670eb A	429	if (flowadv && (adv->code == FADV_FLOW_CONTROLLED \|\|
316670eb A	430	adv->code == FADV_SUSPENDED)) {
39236c6e A	431	/*
	432	* Return an error to indicate
	433	* that the packet has been dropped.
316670eb A	434	*/
	435	error = ENOBUFS;
	436	inp_set_fc_state(in6p, adv->code);
	437	}
	438
	439	VERIFY(in6p->inp_sndinprog_cnt > 0);
	440	if ( --in6p->inp_sndinprog_cnt == 0)
	441	in6p->inp_flags &= ~(INP_FC_FEEDBACK);
	442
39236c6e A	443	/* Synchronize PCB cached route */
	444	in6p_route_copyin(in6p, &ro);
	445
6d2010ae A	446	if (in6p->in6p_route.ro_rt != NULL) {
6d2010ae A	447	struct rtentry *rt = in6p->in6p_route.ro_rt;
316670eb	448	struct ifnet *outif;
6d2010ae	449
39236c6e	450	if (rt->rt_flags & RTF_MULTICAST)
6d2010ae	451	rt = NULL; /* unusable */
39236c6e	452
6d2010ae A	453	/*
	454	* Always discard the cached route for unconnected
	455	* socket or if it is a multicast route.
	456	*/
39236c6e A	457	if (rt == NULL)
	458	ROUTE_RELEASE(&in6p->in6p_route);
	459
6d2010ae	460	/*
39236c6e A	461	* If the destination route is unicast, update outif
39236c6e A	462	* with that of the route interface used by IP.
6d2010ae	463	*/
316670eb A	464	if (rt != NULL &&
	465	(outif = rt->rt_ifp) != in6p->in6p_last_outifp)
	466	in6p->in6p_last_outifp = outif;
39236c6e A	467	} else {
39236c6e A	468	ROUTE_RELEASE(&in6p->in6p_route);
d1ecb069	469	}
39236c6e A	470
39236c6e A	471	/*
fe8ab488 A	472	* If output interface was cellular/expensive, and this
fe8ab488 A	473	* socket is denied access to it, generate an event.
39236c6e A	474	*/
39236c6e A	475	if (error != 0 && (ip6oa.ip6oa_retflags & IP6OARF_IFDENIED) &&
fe8ab488	476	(INP_NO_CELLULAR(in6p) \|\| INP_NO_EXPENSIVE(in6p)))
39236c6e A	477	soevent(in6p->inp_socket, (SO_FILT_HINT_LOCKED\|
39236c6e A	478	SO_FILT_HINT_IFDENIED));
9bccf70c A	479	break;
	480	case AF_INET:
	481	error = EAFNOSUPPORT;
	482	goto release;
	483	}
	484	goto releaseopt;
	485
	486	release:
39236c6e A	487	if (m != NULL)
39236c6e A	488	m_freem(m);
9bccf70c A	489
9bccf70c A	490	releaseopt:
39236c6e	491	if (control != NULL) {
6d2010ae A	492	if (optp == &opt)
6d2010ae A	493	ip6_clearpktopts(optp, -1);
9bccf70c A	494	m_freem(control);
9bccf70c A	495	}
39236c6e	496	return (error);
9bccf70c	497	}