]> git.saurik.com Git - apple/xnu.git/blob - bsd/net/route.c
xnu-792.6.76.tar.gz
[apple/xnu.git] / bsd / net / route.c
1 /*
2 * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * The contents of this file constitute Original Code as defined in and
7 * are subject to the Apple Public Source License Version 1.1 (the
8 * "License"). You may not use this file except in compliance with the
9 * License. Please obtain a copy of the License at
10 * http://www.apple.com/publicsource and read it before using this file.
11 *
12 * This Original Code and all software distributed under the License are
13 * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
14 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
15 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
16 * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
17 * License for the specific language governing rights and limitations
18 * under the License.
19 *
20 * @APPLE_LICENSE_HEADER_END@
21 */
22 /*
23 * Copyright (c) 1980, 1986, 1991, 1993
24 * The Regents of the University of California. All rights reserved.
25 *
26 * Redistribution and use in source and binary forms, with or without
27 * modification, are permitted provided that the following conditions
28 * are met:
29 * 1. Redistributions of source code must retain the above copyright
30 * notice, this list of conditions and the following disclaimer.
31 * 2. Redistributions in binary form must reproduce the above copyright
32 * notice, this list of conditions and the following disclaimer in the
33 * documentation and/or other materials provided with the distribution.
34 * 3. All advertising materials mentioning features or use of this software
35 * must display the following acknowledgement:
36 * This product includes software developed by the University of
37 * California, Berkeley and its contributors.
38 * 4. Neither the name of the University nor the names of its contributors
39 * may be used to endorse or promote products derived from this software
40 * without specific prior written permission.
41 *
42 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
43 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
44 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
45 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
46 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
47 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
48 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
49 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
50 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
51 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
52 * SUCH DAMAGE.
53 *
54 * @(#)route.c 8.2 (Berkeley) 11/15/93
55 * $FreeBSD: src/sys/net/route.c,v 1.59.2.3 2001/07/29 19:18:02 ume Exp $
56 */
57
58 #include <sys/param.h>
59 #include <sys/systm.h>
60 #include <sys/malloc.h>
61 #include <sys/mbuf.h>
62 #include <sys/socket.h>
63 #include <sys/domain.h>
64 #include <sys/syslog.h>
65 #include <kern/lock.h>
66
67 #include <net/if.h>
68 #include <net/route.h>
69
70 #include <netinet/in.h>
71 #include <netinet/ip_mroute.h>
72
73 #include <net/if_dl.h>
74
75 #define SA(p) ((struct sockaddr *)(p))
76
77 extern struct domain routedomain;
78 struct route_cb route_cb;
79 __private_extern__ struct rtstat rtstat = { 0, 0, 0, 0, 0 };
80 struct radix_node_head *rt_tables[AF_MAX+1];
81
82 lck_mtx_t *rt_mtx; /*### global routing tables mutex for now */
83 lck_attr_t *rt_mtx_attr;
84 lck_grp_t *rt_mtx_grp;
85 lck_grp_attr_t *rt_mtx_grp_attr;
86
87 lck_mtx_t *route_domain_mtx; /*### global routing tables mutex for now */
88 __private_extern__ int rttrash = 0; /* routes not in table but not freed */
89
90 static void rt_maskedcopy(struct sockaddr *,
91 struct sockaddr *, struct sockaddr *);
92 static void rtable_init(void **);
93
94 __private_extern__ u_long route_generation = 0;
95 extern int use_routegenid;
96
97
98 static void
99 rtable_init(table)
100 void **table;
101 {
102 struct domain *dom;
103 for (dom = domains; dom; dom = dom->dom_next)
104 if (dom->dom_rtattach)
105 dom->dom_rtattach(&table[dom->dom_family],
106 dom->dom_rtoffset);
107 }
108
109 void
110 route_init()
111 {
112 rt_mtx_grp_attr = lck_grp_attr_alloc_init();
113
114 lck_grp_attr_setdefault(rt_mtx_grp_attr);
115
116 rt_mtx_grp = lck_grp_alloc_init("route", rt_mtx_grp_attr);
117
118 rt_mtx_attr = lck_attr_alloc_init();
119
120 lck_attr_setdefault(rt_mtx_attr);
121
122 if ((rt_mtx = lck_mtx_alloc_init(rt_mtx_grp, rt_mtx_attr)) == NULL) {
123 printf("route_init: can't alloc rt_mtx\n");
124 return;
125 }
126
127 lck_mtx_lock(rt_mtx);
128 rn_init(); /* initialize all zeroes, all ones, mask table */
129 lck_mtx_unlock(rt_mtx);
130 rtable_init((void **)rt_tables);
131 route_domain_mtx = routedomain.dom_mtx;
132 }
133
134 /*
135 * Packet routing routines.
136 */
137 void
138 rtalloc(ro)
139 register struct route *ro;
140 {
141 rtalloc_ign(ro, 0UL);
142 }
143
144 void
145 rtalloc_ign_locked(ro, ignore)
146 register struct route *ro;
147 u_long ignore;
148 {
149 struct rtentry *rt;
150
151 if ((rt = ro->ro_rt) != NULL) {
152 if (rt->rt_ifp != NULL && rt->rt_flags & RTF_UP)
153 return;
154 /* XXX - We are probably always at splnet here already. */
155 rtfree_locked(rt);
156 ro->ro_rt = NULL;
157 }
158 ro->ro_rt = rtalloc1_locked(&ro->ro_dst, 1, ignore);
159 if (ro->ro_rt)
160 ro->ro_rt->generation_id = route_generation;
161 }
162 void
163 rtalloc_ign(ro, ignore)
164 register struct route *ro;
165 u_long ignore;
166 {
167 lck_mtx_assert(rt_mtx, LCK_MTX_ASSERT_NOTOWNED);
168 lck_mtx_lock(rt_mtx);
169 rtalloc_ign_locked(ro, ignore);
170 lck_mtx_unlock(rt_mtx);
171 }
172
173 /*
174 * Look up the route that matches the address given
175 * Or, at least try.. Create a cloned route if needed.
176 */
177 struct rtentry *
178 rtalloc1_locked(dst, report, ignflags)
179 const struct sockaddr *dst;
180 int report;
181 u_long ignflags;
182 {
183 register struct radix_node_head *rnh = rt_tables[dst->sa_family];
184 register struct rtentry *rt;
185 register struct radix_node *rn;
186 struct rtentry *newrt = 0;
187 struct rt_addrinfo info;
188 u_long nflags;
189 int err = 0, msgtype = RTM_MISS;
190 /*
191 * Look up the address in the table for that Address Family
192 */
193 if (rnh && (rn = rnh->rnh_matchaddr((caddr_t)dst, rnh)) &&
194 ((rn->rn_flags & RNF_ROOT) == 0)) {
195 /*
196 * If we find it and it's not the root node, then
197 * get a refernce on the rtentry associated.
198 */
199 newrt = rt = (struct rtentry *)rn;
200 nflags = rt->rt_flags & ~ignflags;
201 if (report && (nflags & (RTF_CLONING | RTF_PRCLONING))) {
202 /*
203 * We are apparently adding (report = 0 in delete).
204 * If it requires that it be cloned, do so.
205 * (This implies it wasn't a HOST route.)
206 */
207 err = rtrequest_locked(RTM_RESOLVE, dst, SA(0),
208 SA(0), 0, &newrt);
209 if (err) {
210 /*
211 * If the cloning didn't succeed, maybe
212 * what we have will do. Return that.
213 */
214 newrt = rt;
215 rtref(rt);
216 goto miss;
217 }
218 if ((rt = newrt) && (rt->rt_flags & RTF_XRESOLVE)) {
219 /*
220 * If the new route specifies it be
221 * externally resolved, then go do that.
222 */
223 msgtype = RTM_RESOLVE;
224 goto miss;
225 }
226 } else
227 rtref(rt);
228 } else {
229 /*
230 * Either we hit the root or couldn't find any match,
231 * Which basically means
232 * "caint get there frm here"
233 */
234 rtstat.rts_unreach++;
235 miss: if (report) {
236 /*
237 * If required, report the failure to the supervising
238 * Authorities.
239 * For a delete, this is not an error. (report == 0)
240 */
241 bzero((caddr_t)&info, sizeof(info));
242 info.rti_info[RTAX_DST] = dst;
243 rt_missmsg(msgtype, &info, 0, err);
244 }
245 }
246 return (newrt);
247 }
248
249 struct rtentry *
250 rtalloc1(dst, report, ignflags)
251 register struct sockaddr *dst;
252 int report;
253 u_long ignflags;
254 {
255 struct rtentry * entry;
256 lck_mtx_assert(rt_mtx, LCK_MTX_ASSERT_NOTOWNED);
257 lck_mtx_lock(rt_mtx);
258 entry = rtalloc1_locked(dst, report, ignflags);
259 lck_mtx_unlock(rt_mtx);
260 return (entry);
261 }
262
263 /*
264 * Remove a reference count from an rtentry.
265 * If the count gets low enough, take it out of the routing table
266 */
267 void
268 rtfree_locked(rt)
269 register struct rtentry *rt;
270 {
271 /*
272 * find the tree for that address family
273 * Note: in the case of igmp packets, there might not be an rnh
274 */
275 register struct radix_node_head *rnh;
276
277 lck_mtx_assert(rt_mtx, LCK_MTX_ASSERT_OWNED);
278
279 /* See 3582620 - We hit this during the transition from funnels to locks */
280 if (rt == 0) {
281 printf("rtfree - rt is NULL\n");
282 return;
283 }
284
285 rnh = rt_tables[rt_key(rt)->sa_family];
286
287 /*
288 * decrement the reference count by one and if it reaches 0,
289 * and there is a close function defined, call the close function
290 */
291 rt->rt_refcnt--;
292 if(rnh && rnh->rnh_close && rt->rt_refcnt == 0) {
293 rnh->rnh_close((struct radix_node *)rt, rnh);
294 }
295
296 /*
297 * If we are no longer "up" (and ref == 0)
298 * then we can free the resources associated
299 * with the route.
300 */
301 if (rt->rt_refcnt <= 0 && (rt->rt_flags & RTF_UP) == 0) {
302 if (rt->rt_nodes->rn_flags & (RNF_ACTIVE | RNF_ROOT))
303 panic ("rtfree 2");
304 /*
305 * the rtentry must have been removed from the routing table
306 * so it is represented in rttrash.. remove that now.
307 */
308 rttrash--;
309
310 #ifdef DIAGNOSTIC
311 if (rt->rt_refcnt < 0) {
312 printf("rtfree: %p not freed (neg refs) cnt=%d\n", rt, rt->rt_refcnt);
313 return;
314 }
315 #endif
316
317 /*
318 * release references on items we hold them on..
319 * e.g other routes and ifaddrs.
320 */
321 if (rt->rt_parent)
322 rtfree_locked(rt->rt_parent);
323
324 if(rt->rt_ifa) {
325 ifafree(rt->rt_ifa);
326 rt->rt_ifa = NULL;
327 }
328
329 /*
330 * The key is separatly alloc'd so free it (see rt_setgate()).
331 * This also frees the gateway, as they are always malloc'd
332 * together.
333 */
334 R_Free(rt_key(rt));
335
336 /*
337 * and the rtentry itself of course
338 */
339 R_Free(rt);
340 }
341 }
342
343 void
344 rtfree(rt)
345 register struct rtentry *rt;
346 {
347 lck_mtx_assert(rt_mtx, LCK_MTX_ASSERT_NOTOWNED);
348 lck_mtx_lock(rt_mtx);
349 rtfree_locked(rt);
350 lck_mtx_unlock(rt_mtx);
351 }
352
353 /*
354 * Decrements the refcount but does not free the route when
355 * the refcount reaches zero. Unless you have really good reason,
356 * use rtfree not rtunref.
357 */
358 void
359 rtunref(struct rtentry* rt)
360 {
361 lck_mtx_assert(rt_mtx, LCK_MTX_ASSERT_OWNED);
362
363 if (rt == NULL)
364 panic("rtunref");
365 rt->rt_refcnt--;
366 #if DEBUG
367 if (rt->rt_refcnt <= 0 && (rt->rt_flags & RTF_UP) == 0)
368 printf("rtunref - if rtfree were called, we would have freed route\n");
369 #endif
370 }
371
372 /*
373 * Add a reference count from an rtentry.
374 */
375 void
376 rtref(struct rtentry* rt)
377 {
378 lck_mtx_assert(rt_mtx, LCK_MTX_ASSERT_OWNED);
379
380 if (rt == NULL)
381 panic("rtref");
382
383 rt->rt_refcnt++;
384 }
385
386 void
387 rtsetifa(struct rtentry *rt, struct ifaddr* ifa)
388 {
389 if (rt == NULL)
390 panic("rtsetifa");
391
392 if (rt->rt_ifa == ifa)
393 return;
394
395 /* Release the old ifa */
396 if (rt->rt_ifa)
397 ifafree(rt->rt_ifa);
398
399 /* Set rt_ifa */
400 rt->rt_ifa = ifa;
401
402 /* Take a reference to the ifa */
403 if (rt->rt_ifa)
404 ifaref(rt->rt_ifa);
405 }
406
407 void
408 ifafree(ifa)
409 register struct ifaddr *ifa;
410 {
411 int i, oldval;
412 u_char *ptr = (u_char*)ifa;
413
414 if (ifa == NULL)
415 panic("ifafree");
416
417 oldval = OSAddAtomic(-1, &ifa->ifa_refcnt);
418
419 if (oldval == 0) {
420 if ((ifa->ifa_flags & IFA_ATTACHED) != 0) {
421 panic("ifa attached to ifp is being freed\n");
422 }
423 FREE(ifa, M_IFADDR);
424 }
425 }
426
427 void
428 ifaref(struct ifaddr *ifa)
429 {
430 if (ifa == NULL)
431 panic("ifaref");
432
433 if (OSAddAtomic(1, &ifa->ifa_refcnt) == 0xffffffff)
434 panic("ifaref - reference count rolled over!");
435 }
436
437 /*
438 * Force a routing table entry to the specified
439 * destination to go through the given gateway.
440 * Normally called as a result of a routing redirect
441 * message from the network layer.
442 *
443 * N.B.: must be called at splnet
444 *
445 */
446 void
447 rtredirect(dst, gateway, netmask, flags, src, rtp)
448 struct sockaddr *dst, *gateway, *netmask, *src;
449 int flags;
450 struct rtentry **rtp;
451 {
452 register struct rtentry *rt;
453 int error = 0;
454 short *stat = 0;
455 struct rt_addrinfo info;
456 struct ifaddr *ifa = NULL;
457
458 lck_mtx_assert(rt_mtx, LCK_MTX_ASSERT_NOTOWNED);
459 lck_mtx_lock(rt_mtx);
460
461 /* verify the gateway is directly reachable */
462 if ((ifa = ifa_ifwithnet(gateway)) == 0) {
463 error = ENETUNREACH;
464 goto out;
465 }
466
467 rt = rtalloc1_locked(dst, 0, 0UL);
468 /*
469 * If the redirect isn't from our current router for this dst,
470 * it's either old or wrong. If it redirects us to ourselves,
471 * we have a routing loop, perhaps as a result of an interface
472 * going down recently.
473 */
474 #define equal(a1, a2) (bcmp((caddr_t)(a1), (caddr_t)(a2), (a1)->sa_len) == 0)
475 if (!(flags & RTF_DONE) && rt &&
476 (!equal(src, rt->rt_gateway) || rt->rt_ifa != ifa))
477 error = EINVAL;
478 else {
479 ifafree(ifa);
480 if ((ifa = ifa_ifwithaddr(gateway))) {
481 ifafree(ifa);
482 ifa = NULL;
483 error = EHOSTUNREACH;
484 }
485 }
486
487 if (ifa) {
488 ifafree(ifa);
489 ifa = NULL;
490 }
491
492 if (error)
493 goto done;
494 /*
495 * Create a new entry if we just got back a wildcard entry
496 * or the the lookup failed. This is necessary for hosts
497 * which use routing redirects generated by smart gateways
498 * to dynamically build the routing tables.
499 */
500 if ((rt == 0) || (rt_mask(rt) && rt_mask(rt)->sa_len < 2))
501 goto create;
502 /*
503 * Don't listen to the redirect if it's
504 * for a route to an interface.
505 */
506 if (rt->rt_flags & RTF_GATEWAY) {
507 if (((rt->rt_flags & RTF_HOST) == 0) && (flags & RTF_HOST)) {
508 /*
509 * Changing from route to net => route to host.
510 * Create new route, rather than smashing route to net.
511 */
512 create:
513 flags |= RTF_GATEWAY | RTF_DYNAMIC;
514 error = rtrequest_locked((int)RTM_ADD, dst, gateway,
515 netmask, flags,
516 (struct rtentry **)0);
517 stat = &rtstat.rts_dynamic;
518 } else {
519 /*
520 * Smash the current notion of the gateway to
521 * this destination. Should check about netmask!!!
522 */
523 rt->rt_flags |= RTF_MODIFIED;
524 flags |= RTF_MODIFIED;
525 stat = &rtstat.rts_newgateway;
526 /*
527 * add the key and gateway (in one malloc'd chunk).
528 */
529 rt_setgate(rt, rt_key(rt), gateway);
530 }
531 } else
532 error = EHOSTUNREACH;
533 done:
534 if (rt) {
535 if (rtp && !error)
536 *rtp = rt;
537 else
538 rtfree_locked(rt);
539 }
540 out:
541 if (error)
542 rtstat.rts_badredirect++;
543 else if (stat != NULL)
544 (*stat)++;
545 bzero((caddr_t)&info, sizeof(info));
546 info.rti_info[RTAX_DST] = dst;
547 info.rti_info[RTAX_GATEWAY] = gateway;
548 info.rti_info[RTAX_NETMASK] = netmask;
549 info.rti_info[RTAX_AUTHOR] = src;
550 rt_missmsg(RTM_REDIRECT, &info, flags, error);
551 lck_mtx_unlock(rt_mtx);
552 }
553
554 /*
555 * Routing table ioctl interface.
556 */
557 int
558 rtioctl(req, data, p)
559 int req;
560 caddr_t data;
561 struct proc *p;
562 {
563 #if INET
564 /* Multicast goop, grrr... */
565 #if MROUTING
566 return mrt_ioctl(req, data);
567 #else
568 return mrt_ioctl(req, data, p);
569 #endif
570 #else /* INET */
571 return ENXIO;
572 #endif /* INET */
573 }
574
575 struct ifaddr *
576 ifa_ifwithroute(
577 int flags,
578 const struct sockaddr *dst,
579 const struct sockaddr *gateway)
580 {
581
582 lck_mtx_assert(rt_mtx, LCK_MTX_ASSERT_OWNED);
583
584 struct ifaddr *ifa = 0;
585 if ((flags & RTF_GATEWAY) == 0) {
586 /*
587 * If we are adding a route to an interface,
588 * and the interface is a pt to pt link
589 * we should search for the destination
590 * as our clue to the interface. Otherwise
591 * we can use the local address.
592 */
593 if (flags & RTF_HOST) {
594 ifa = ifa_ifwithdstaddr(dst);
595 }
596 if (ifa == 0)
597 ifa = ifa_ifwithaddr(gateway);
598 } else {
599 /*
600 * If we are adding a route to a remote net
601 * or host, the gateway may still be on the
602 * other end of a pt to pt link.
603 */
604 ifa = ifa_ifwithdstaddr(gateway);
605 }
606 if (ifa == 0)
607 ifa = ifa_ifwithnet(gateway);
608 if (ifa == 0) {
609 struct rtentry *rt = rtalloc1_locked(dst, 0, 0UL);
610 if (rt == 0)
611 return (0);
612 ifa = rt->rt_ifa;
613 if (ifa)
614 ifaref(ifa);
615 rtunref(rt);
616 if (ifa == 0)
617 return 0;
618 }
619 if (ifa->ifa_addr->sa_family != dst->sa_family) {
620 struct ifaddr *newifa;
621 newifa = ifaof_ifpforaddr(dst, ifa->ifa_ifp);
622 if (newifa != 0) {
623 ifafree(ifa);
624 ifa = newifa;
625 }
626 }
627 return (ifa);
628 }
629
630 #define ROUNDUP(a) (a>0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long))
631
632 static int rt_fixdelete __P((struct radix_node *, void *));
633 static int rt_fixchange __P((struct radix_node *, void *));
634
635 struct rtfc_arg {
636 struct rtentry *rt0;
637 struct radix_node_head *rnh;
638 };
639
640 /*
641 * Do appropriate manipulations of a routing tree given
642 * all the bits of info needed
643 */
644 rtrequest_locked(
645 int req,
646 struct sockaddr *dst,
647 struct sockaddr *gateway,
648 struct sockaddr *netmask,
649 int flags,
650 struct rtentry **ret_nrt)
651 {
652 int error = 0;
653 register struct rtentry *rt;
654 register struct radix_node *rn;
655 register struct radix_node_head *rnh;
656 struct ifaddr *ifa = NULL;
657 struct sockaddr *ndst;
658 #define senderr(x) { error = x ; goto bad; }
659
660 lck_mtx_assert(rt_mtx, LCK_MTX_ASSERT_OWNED);
661 /*
662 * Find the correct routing tree to use for this Address Family
663 */
664 if ((rnh = rt_tables[dst->sa_family]) == 0)
665 senderr(ESRCH);
666 /*
667 * If we are adding a host route then we don't want to put
668 * a netmask in the tree
669 */
670 if (flags & RTF_HOST)
671 netmask = 0;
672 switch (req) {
673 case RTM_DELETE:
674 /*
675 * Remove the item from the tree and return it.
676 * Complain if it is not there and do no more processing.
677 */
678 if ((rn = rnh->rnh_deladdr(dst, netmask, rnh)) == 0)
679 senderr(ESRCH);
680 if (rn->rn_flags & (RNF_ACTIVE | RNF_ROOT))
681 panic ("rtrequest delete");
682 rt = (struct rtentry *)rn;
683
684 /*
685 * Now search what's left of the subtree for any cloned
686 * routes which might have been formed from this node.
687 */
688 if ((rt->rt_flags & (RTF_CLONING | RTF_PRCLONING)) &&
689 rt_mask(rt)) {
690 rnh->rnh_walktree_from(rnh, dst, rt_mask(rt),
691 rt_fixdelete, rt);
692 }
693
694 /*
695 * Remove any external references we may have.
696 * This might result in another rtentry being freed if
697 * we held its last reference.
698 */
699 if (rt->rt_gwroute) {
700 rt = rt->rt_gwroute;
701 rtfree_locked(rt);
702 (rt = (struct rtentry *)rn)->rt_gwroute = 0;
703 }
704
705 /*
706 * NB: RTF_UP must be set during the search above,
707 * because we might delete the last ref, causing
708 * rt to get freed prematurely.
709 * eh? then why not just add a reference?
710 * I'm not sure how RTF_UP helps matters. (JRE)
711 */
712 rt->rt_flags &= ~RTF_UP;
713
714 /*
715 * give the protocol a chance to keep things in sync.
716 */
717 if ((ifa = rt->rt_ifa) && ifa->ifa_rtrequest)
718 ifa->ifa_rtrequest(RTM_DELETE, rt, SA(0));
719 ifa = NULL;
720
721 /*
722 * one more rtentry floating around that is not
723 * linked to the routing table.
724 */
725 rttrash++;
726
727 /*
728 * If the caller wants it, then it can have it,
729 * but it's up to it to free the rtentry as we won't be
730 * doing it.
731 */
732 if (ret_nrt)
733 *ret_nrt = rt;
734 else if (rt->rt_refcnt <= 0) {
735 rt->rt_refcnt++; /* make a 1->0 transition */
736 rtfree_locked(rt);
737 }
738 break;
739
740 case RTM_RESOLVE:
741 if (ret_nrt == 0 || (rt = *ret_nrt) == 0)
742 senderr(EINVAL);
743 ifa = rt->rt_ifa;
744 ifaref(ifa);
745 flags = rt->rt_flags &
746 ~(RTF_CLONING | RTF_PRCLONING | RTF_STATIC);
747 flags |= RTF_WASCLONED;
748 gateway = rt->rt_gateway;
749 if ((netmask = rt->rt_genmask) == 0)
750 flags |= RTF_HOST;
751 goto makeroute;
752
753 case RTM_ADD:
754 if ((flags & RTF_GATEWAY) && !gateway)
755 panic("rtrequest: GATEWAY but no gateway");
756
757 if ((ifa = ifa_ifwithroute(flags, dst, gateway)) == 0)
758 senderr(ENETUNREACH);
759
760 makeroute:
761 R_Malloc(rt, struct rtentry *, sizeof(*rt));
762 if (rt == 0)
763 senderr(ENOBUFS);
764 Bzero(rt, sizeof(*rt));
765 rt->rt_flags = RTF_UP | flags;
766 /*
767 * Add the gateway. Possibly re-malloc-ing the storage for it
768 * also add the rt_gwroute if possible.
769 */
770 if ((error = rt_setgate(rt, dst, gateway)) != 0) {
771 R_Free(rt);
772 senderr(error);
773 }
774
775 /*
776 * point to the (possibly newly malloc'd) dest address.
777 */
778 ndst = rt_key(rt);
779
780 /*
781 * make sure it contains the value we want (masked if needed).
782 */
783 if (netmask) {
784 rt_maskedcopy(dst, ndst, netmask);
785 } else
786 Bcopy(dst, ndst, dst->sa_len);
787
788 /*
789 * Note that we now have a reference to the ifa.
790 * This moved from below so that rnh->rnh_addaddr() can
791 * examine the ifa and ifa->ifa_ifp if it so desires.
792 */
793 rtsetifa(rt, ifa);
794 rt->rt_ifp = rt->rt_ifa->ifa_ifp;
795
796 /* XXX mtu manipulation will be done in rnh_addaddr -- itojun */
797
798 rn = rnh->rnh_addaddr((caddr_t)ndst, (caddr_t)netmask,
799 rnh, rt->rt_nodes);
800 if (rn == 0) {
801 struct rtentry *rt2;
802 /*
803 * Uh-oh, we already have one of these in the tree.
804 * We do a special hack: if the route that's already
805 * there was generated by the protocol-cloning
806 * mechanism, then we just blow it away and retry
807 * the insertion of the new one.
808 */
809 rt2 = rtalloc1_locked(dst, 0, RTF_PRCLONING);
810 if (rt2 && rt2->rt_parent) {
811 rtrequest_locked(RTM_DELETE,
812 (struct sockaddr *)rt_key(rt2),
813 rt2->rt_gateway,
814 rt_mask(rt2), rt2->rt_flags, 0);
815 rtfree_locked(rt2);
816 rn = rnh->rnh_addaddr((caddr_t)ndst,
817 (caddr_t)netmask,
818 rnh, rt->rt_nodes);
819 } else if (rt2) {
820 /* undo the extra ref we got */
821 rtfree_locked(rt2);
822 }
823 }
824
825 /*
826 * If it still failed to go into the tree,
827 * then un-make it (this should be a function)
828 */
829 if (rn == 0) {
830 if (rt->rt_gwroute)
831 rtfree_locked(rt->rt_gwroute);
832 if (rt->rt_ifa) {
833 ifafree(rt->rt_ifa);
834 }
835 R_Free(rt_key(rt));
836 R_Free(rt);
837 senderr(EEXIST);
838 }
839
840 rt->rt_parent = 0;
841
842 /*
843 * If we got here from RESOLVE, then we are cloning
844 * so clone the rest, and note that we
845 * are a clone (and increment the parent's references)
846 */
847 if (req == RTM_RESOLVE) {
848 rt->rt_rmx = (*ret_nrt)->rt_rmx; /* copy metrics */
849 if ((*ret_nrt)->rt_flags & (RTF_CLONING | RTF_PRCLONING)) {
850 rt->rt_parent = (*ret_nrt);
851 rtref(*ret_nrt);
852 }
853 }
854
855 /*
856 * if this protocol has something to add to this then
857 * allow it to do that as well.
858 */
859 if (ifa->ifa_rtrequest)
860 ifa->ifa_rtrequest(req, rt, SA(ret_nrt ? *ret_nrt : 0));
861 ifafree(ifa);
862 ifa = 0;
863
864 /*
865 * We repeat the same procedure from rt_setgate() here because
866 * it doesn't fire when we call it there because the node
867 * hasn't been added to the tree yet.
868 */
869 if (!(rt->rt_flags & RTF_HOST) && rt_mask(rt) != 0) {
870 struct rtfc_arg arg;
871 arg.rnh = rnh;
872 arg.rt0 = rt;
873 rnh->rnh_walktree_from(rnh, rt_key(rt), rt_mask(rt),
874 rt_fixchange, &arg);
875 }
876
877 /*
878 * actually return a resultant rtentry and
879 * give the caller a single reference.
880 */
881 if (ret_nrt) {
882 *ret_nrt = rt;
883 rtref(rt);
884 }
885 break;
886 }
887 bad:
888 if (ifa)
889 ifafree(ifa);
890 return (error);
891 }
892
893 int
894 rtrequest(
895 int req,
896 struct sockaddr *dst,
897 struct sockaddr *gateway,
898 struct sockaddr *netmask,
899 int flags,
900 struct rtentry **ret_nrt)
901 {
902 int error;
903 lck_mtx_assert(rt_mtx, LCK_MTX_ASSERT_NOTOWNED);
904 lck_mtx_lock(rt_mtx);
905 error = rtrequest_locked(req, dst, gateway, netmask, flags, ret_nrt);
906 lck_mtx_unlock(rt_mtx);
907 return (error);
908 }
909 /*
910 * Called from rtrequest(RTM_DELETE, ...) to fix up the route's ``family''
911 * (i.e., the routes related to it by the operation of cloning). This
912 * routine is iterated over all potential former-child-routes by way of
913 * rnh->rnh_walktree_from() above, and those that actually are children of
914 * the late parent (passed in as VP here) are themselves deleted.
915 */
916 static int
917 rt_fixdelete(rn, vp)
918 struct radix_node *rn;
919 void *vp;
920 {
921 struct rtentry *rt = (struct rtentry *)rn;
922 struct rtentry *rt0 = vp;
923
924 lck_mtx_assert(rt_mtx, LCK_MTX_ASSERT_OWNED);
925
926 if (rt->rt_parent == rt0 && !(rt->rt_flags & RTF_PINNED)) {
927 return rtrequest_locked(RTM_DELETE, rt_key(rt),
928 (struct sockaddr *)0, rt_mask(rt),
929 rt->rt_flags, (struct rtentry **)0);
930 }
931 return 0;
932 }
933
934 /*
935 * This routine is called from rt_setgate() to do the analogous thing for
936 * adds and changes. There is the added complication in this case of a
937 * middle insert; i.e., insertion of a new network route between an older
938 * network route and (cloned) host routes. For this reason, a simple check
939 * of rt->rt_parent is insufficient; each candidate route must be tested
940 * against the (mask, value) of the new route (passed as before in vp)
941 * to see if the new route matches it.
942 *
943 * XXX - it may be possible to do fixdelete() for changes and reserve this
944 * routine just for adds. I'm not sure why I thought it was necessary to do
945 * changes this way.
946 */
947 #ifdef DEBUG
948 static int rtfcdebug = 0;
949 #endif
950
951 static int
952 rt_fixchange(rn, vp)
953 struct radix_node *rn;
954 void *vp;
955 {
956 struct rtentry *rt = (struct rtentry *)rn;
957 struct rtfc_arg *ap = vp;
958 struct rtentry *rt0 = ap->rt0;
959 struct radix_node_head *rnh = ap->rnh;
960 u_char *xk1, *xm1, *xk2, *xmp;
961 int i, len, mlen;
962
963 #ifdef DEBUG
964 if (rtfcdebug)
965 printf("rt_fixchange: rt %p, rt0 %p\n", rt, rt0);
966 #endif
967
968 lck_mtx_assert(rt_mtx, LCK_MTX_ASSERT_OWNED);
969
970 if (!rt->rt_parent || (rt->rt_flags & RTF_PINNED)) {
971 #ifdef DEBUG
972 if(rtfcdebug) printf("no parent or pinned\n");
973 #endif
974 return 0;
975 }
976
977 if (rt->rt_parent == rt0) {
978 #ifdef DEBUG
979 if(rtfcdebug) printf("parent match\n");
980 #endif
981 return rtrequest_locked(RTM_DELETE, rt_key(rt),
982 (struct sockaddr *)0, rt_mask(rt),
983 rt->rt_flags, (struct rtentry **)0);
984 }
985
986 /*
987 * There probably is a function somewhere which does this...
988 * if not, there should be.
989 */
990 len = imin(((struct sockaddr *)rt_key(rt0))->sa_len,
991 ((struct sockaddr *)rt_key(rt))->sa_len);
992
993 xk1 = (u_char *)rt_key(rt0);
994 xm1 = (u_char *)rt_mask(rt0);
995 xk2 = (u_char *)rt_key(rt);
996
997 /* avoid applying a less specific route */
998 xmp = (u_char *)rt_mask(rt->rt_parent);
999 mlen = ((struct sockaddr *)rt_key(rt->rt_parent))->sa_len;
1000 if (mlen > ((struct sockaddr *)rt_key(rt0))->sa_len) {
1001 #if DEBUG
1002 if (rtfcdebug)
1003 printf("rt_fixchange: inserting a less "
1004 "specific route\n");
1005 #endif
1006 return 0;
1007 }
1008 for (i = rnh->rnh_treetop->rn_offset; i < mlen; i++) {
1009 if ((xmp[i] & ~(xmp[i] ^ xm1[i])) != xmp[i]) {
1010 #if DEBUG
1011 if (rtfcdebug)
1012 printf("rt_fixchange: inserting a less "
1013 "specific route\n");
1014 #endif
1015 return 0;
1016 }
1017 }
1018
1019 for (i = rnh->rnh_treetop->rn_offset; i < len; i++) {
1020 if ((xk2[i] & xm1[i]) != xk1[i]) {
1021 #ifdef DEBUG
1022 if(rtfcdebug) printf("no match\n");
1023 #endif
1024 return 0;
1025 }
1026 }
1027
1028 /*
1029 * OK, this node is a clone, and matches the node currently being
1030 * changed/added under the node's mask. So, get rid of it.
1031 */
1032 #ifdef DEBUG
1033 if(rtfcdebug) printf("deleting\n");
1034 #endif
1035 return rtrequest_locked(RTM_DELETE, rt_key(rt), (struct sockaddr *)0,
1036 rt_mask(rt), rt->rt_flags, (struct rtentry **)0);
1037 }
1038
1039 int
1040 rt_setgate(rt0, dst, gate)
1041 struct rtentry *rt0;
1042 struct sockaddr *dst, *gate;
1043 {
1044 caddr_t new, old;
1045 int dlen = ROUNDUP(dst->sa_len), glen = ROUNDUP(gate->sa_len);
1046 register struct rtentry *rt = rt0;
1047 struct radix_node_head *rnh = rt_tables[dst->sa_family];
1048 extern void kdp_set_gateway_mac (void *gatewaymac);
1049 /*
1050 * A host route with the destination equal to the gateway
1051 * will interfere with keeping LLINFO in the routing
1052 * table, so disallow it.
1053 */
1054
1055 lck_mtx_assert(rt_mtx, LCK_MTX_ASSERT_OWNED);
1056
1057 if (((rt0->rt_flags & (RTF_HOST|RTF_GATEWAY|RTF_LLINFO)) ==
1058 (RTF_HOST|RTF_GATEWAY)) &&
1059 (dst->sa_len == gate->sa_len) &&
1060 (bcmp(dst, gate, dst->sa_len) == 0)) {
1061 /*
1062 * The route might already exist if this is an RTM_CHANGE
1063 * or a routing redirect, so try to delete it.
1064 */
1065 if (rt_key(rt0))
1066 rtrequest_locked(RTM_DELETE, (struct sockaddr *)rt_key(rt0),
1067 rt0->rt_gateway, rt_mask(rt0), rt0->rt_flags, 0);
1068 return EADDRNOTAVAIL;
1069 }
1070
1071 /*
1072 * Both dst and gateway are stored in the same malloc'd chunk
1073 * (If I ever get my hands on....)
1074 * if we need to malloc a new chunk, then keep the old one around
1075 * till we don't need it any more.
1076 */
1077 if (rt->rt_gateway == 0 || glen > ROUNDUP(rt->rt_gateway->sa_len)) {
1078 old = (caddr_t)rt_key(rt);
1079 R_Malloc(new, caddr_t, dlen + glen);
1080 if (new == 0)
1081 return ENOBUFS;
1082 rt->rt_nodes->rn_key = new;
1083 } else {
1084 /*
1085 * otherwise just overwrite the old one
1086 */
1087 new = rt->rt_nodes->rn_key;
1088 old = 0;
1089 }
1090
1091 /*
1092 * copy the new gateway value into the memory chunk
1093 */
1094 Bcopy(gate, (rt->rt_gateway = (struct sockaddr *)(new + dlen)), glen);
1095
1096 /*
1097 * if we are replacing the chunk (or it's new) we need to
1098 * replace the dst as well
1099 */
1100 if (old) {
1101 Bcopy(dst, new, dlen);
1102 R_Free(old);
1103 }
1104
1105 /*
1106 * If there is already a gwroute, it's now almost definitly wrong
1107 * so drop it.
1108 */
1109 if (rt->rt_gwroute) {
1110 rt = rt->rt_gwroute; rtfree_locked(rt);
1111 rt = rt0; rt->rt_gwroute = 0;
1112 }
1113 /*
1114 * Cloning loop avoidance:
1115 * In the presence of protocol-cloning and bad configuration,
1116 * it is possible to get stuck in bottomless mutual recursion
1117 * (rtrequest rt_setgate rtalloc1). We avoid this by not allowing
1118 * protocol-cloning to operate for gateways (which is probably the
1119 * correct choice anyway), and avoid the resulting reference loops
1120 * by disallowing any route to run through itself as a gateway.
1121 * This is obviously mandatory when we get rt->rt_output().
1122 */
1123 if (rt->rt_flags & RTF_GATEWAY) {
1124 rt->rt_gwroute = rtalloc1_locked(gate, 1, RTF_PRCLONING);
1125 if (rt->rt_gwroute == rt) {
1126 rtfree_locked(rt->rt_gwroute);
1127 rt->rt_gwroute = 0;
1128 return EDQUOT; /* failure */
1129 }
1130 /* Tell the kernel debugger about the new default gateway */
1131 if ((AF_INET == rt->rt_gateway->sa_family) &&
1132 rt->rt_gwroute && rt->rt_gwroute->rt_gateway &&
1133 (AF_LINK == rt->rt_gwroute->rt_gateway->sa_family)) {
1134 kdp_set_gateway_mac(((struct sockaddr_dl *)rt0->rt_gwroute->rt_gateway)->sdl_data);
1135 }
1136 }
1137
1138 /*
1139 * This isn't going to do anything useful for host routes, so
1140 * don't bother. Also make sure we have a reasonable mask
1141 * (we don't yet have one during adds).
1142 */
1143 if (!(rt->rt_flags & RTF_HOST) && rt_mask(rt) != 0) {
1144 struct rtfc_arg arg;
1145 arg.rnh = rnh;
1146 arg.rt0 = rt;
1147 rnh->rnh_walktree_from(rnh, rt_key(rt), rt_mask(rt),
1148 rt_fixchange, &arg);
1149 }
1150
1151 return 0;
1152 }
1153
1154 static void
1155 rt_maskedcopy(src, dst, netmask)
1156 struct sockaddr *src, *dst, *netmask;
1157 {
1158 register u_char *cp1 = (u_char *)src;
1159 register u_char *cp2 = (u_char *)dst;
1160 register u_char *cp3 = (u_char *)netmask;
1161 u_char *cplim = cp2 + *cp3;
1162 u_char *cplim2 = cp2 + *cp1;
1163
1164 *cp2++ = *cp1++; *cp2++ = *cp1++; /* copies sa_len & sa_family */
1165 cp3 += 2;
1166 if (cplim > cplim2)
1167 cplim = cplim2;
1168 while (cp2 < cplim)
1169 *cp2++ = *cp1++ & *cp3++;
1170 if (cp2 < cplim2)
1171 bzero((caddr_t)cp2, (unsigned)(cplim2 - cp2));
1172 }
1173
1174 /*
1175 * Set up a routing table entry, normally
1176 * for an interface.
1177 */
1178 int
1179 rtinit(ifa, cmd, flags)
1180 register struct ifaddr *ifa;
1181 int cmd, flags;
1182 {
1183 int error;
1184 lck_mtx_assert(rt_mtx, LCK_MTX_ASSERT_NOTOWNED);
1185 lck_mtx_lock(rt_mtx);
1186 error = rtinit_locked(ifa, cmd, flags);
1187 lck_mtx_unlock(rt_mtx);
1188 return (error);
1189 }
1190
1191 int
1192 rtinit_locked(ifa, cmd, flags)
1193 register struct ifaddr *ifa;
1194 int cmd, flags;
1195 {
1196 register struct rtentry *rt;
1197 register struct sockaddr *dst;
1198 register struct sockaddr *deldst;
1199 struct mbuf *m = 0;
1200 struct rtentry *nrt = 0;
1201 int error;
1202
1203 dst = flags & RTF_HOST ? ifa->ifa_dstaddr : ifa->ifa_addr;
1204 /*
1205 * If it's a delete, check that if it exists, it's on the correct
1206 * interface or we might scrub a route to another ifa which would
1207 * be confusing at best and possibly worse.
1208 */
1209 if (cmd == RTM_DELETE) {
1210 /*
1211 * It's a delete, so it should already exist..
1212 * If it's a net, mask off the host bits
1213 * (Assuming we have a mask)
1214 */
1215 if ((flags & RTF_HOST) == 0 && ifa->ifa_netmask) {
1216 m = m_get(M_DONTWAIT, MT_SONAME);
1217 if (m == NULL) {
1218 return(ENOBUFS);
1219 }
1220 deldst = mtod(m, struct sockaddr *);
1221 rt_maskedcopy(dst, deldst, ifa->ifa_netmask);
1222 dst = deldst;
1223 }
1224 /*
1225 * Get an rtentry that is in the routing tree and
1226 * contains the correct info. (if this fails, can't get there).
1227 * We set "report" to FALSE so that if it doesn't exist,
1228 * it doesn't report an error or clone a route, etc. etc.
1229 */
1230 rt = rtalloc1_locked(dst, 0, 0UL);
1231 if (rt) {
1232 /*
1233 * Ok so we found the rtentry. it has an extra reference
1234 * for us at this stage. we won't need that so
1235 * lop that off now.
1236 */
1237 rtunref(rt);
1238 if (rt->rt_ifa != ifa) {
1239 /*
1240 * If the interface in the rtentry doesn't match
1241 * the interface we are using, then we don't
1242 * want to delete it, so return an error.
1243 * This seems to be the only point of
1244 * this whole RTM_DELETE clause.
1245 */
1246 if (m)
1247 (void) m_free(m);
1248 return (flags & RTF_HOST ? EHOSTUNREACH
1249 : ENETUNREACH);
1250 }
1251 }
1252 /* XXX */
1253 #if 0
1254 else {
1255 /*
1256 * One would think that as we are deleting, and we know
1257 * it doesn't exist, we could just return at this point
1258 * with an "ELSE" clause, but apparently not..
1259 */
1260 lck_mtx_unlock(rt_mtx);
1261 return (flags & RTF_HOST ? EHOSTUNREACH
1262 : ENETUNREACH);
1263 }
1264 #endif
1265 }
1266 /*
1267 * Do the actual request
1268 */
1269 error = rtrequest_locked(cmd, dst, ifa->ifa_addr, ifa->ifa_netmask,
1270 flags | ifa->ifa_flags, &nrt);
1271 if (m)
1272 (void) m_free(m);
1273 /*
1274 * If we are deleting, and we found an entry, then
1275 * it's been removed from the tree.. now throw it away.
1276 */
1277 if (cmd == RTM_DELETE && error == 0 && (rt = nrt)) {
1278 /*
1279 * notify any listenning routing agents of the change
1280 */
1281 rt_newaddrmsg(cmd, ifa, error, nrt);
1282 if (use_routegenid)
1283 route_generation++;
1284 if (rt->rt_refcnt <= 0) {
1285 rt->rt_refcnt++; /* need a 1->0 transition to free */
1286 rtfree_locked(rt);
1287 }
1288 }
1289
1290 /*
1291 * We are adding, and we have a returned routing entry.
1292 * We need to sanity check the result.
1293 */
1294 if (cmd == RTM_ADD && error == 0 && (rt = nrt)) {
1295 /*
1296 * We just wanted to add it.. we don't actually need a reference
1297 */
1298 rtunref(rt);
1299 /*
1300 * If it came back with an unexpected interface, then it must
1301 * have already existed or something. (XXX)
1302 */
1303 if (rt->rt_ifa != ifa) {
1304 if (!(rt->rt_ifa->ifa_ifp->if_flags &
1305 (IFF_POINTOPOINT|IFF_LOOPBACK)))
1306 printf("rtinit: wrong ifa (%p) was (%p)\n",
1307 ifa, rt->rt_ifa);
1308 /*
1309 * Ask that the protocol in question
1310 * remove anything it has associated with
1311 * this route and ifaddr.
1312 */
1313 if (rt->rt_ifa->ifa_rtrequest)
1314 rt->rt_ifa->ifa_rtrequest(RTM_DELETE, rt, SA(0));
1315 /*
1316 * Set the route's ifa.
1317 */
1318 rtsetifa(rt, ifa);
1319 /*
1320 * And substitute in references to the ifaddr
1321 * we are adding.
1322 */
1323 rt->rt_ifp = ifa->ifa_ifp;
1324 rt->rt_rmx.rmx_mtu = ifa->ifa_ifp->if_mtu; /*XXX*/
1325 /*
1326 * Now ask the protocol to check if it needs
1327 * any special processing in its new form.
1328 */
1329 if (ifa->ifa_rtrequest)
1330 ifa->ifa_rtrequest(RTM_ADD, rt, SA(0));
1331 }
1332 /*
1333 * notify any listenning routing agents of the change
1334 */
1335 rt_newaddrmsg(cmd, ifa, error, nrt);
1336 if (use_routegenid)
1337 route_generation++;
1338 }
1339 return (error);
1340 }