]> git.saurik.com Git - apple/xnu.git/blob - bsd/netinet6/ip6_mroute.c
projects / apple / xnu.git / blob
? search:


3f0735c6337aa1f77094c06f946b37a7ac1fa768
[apple/xnu.git] / bsd / netinet6 / ip6_mroute.c
1 /*
2 * Copyright (c) 2003-2008 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 /* $FreeBSD: src/sys/netinet6/ip6_mroute.c,v 1.16.2.1 2002/12/18 21:39:40 suz Exp $ */
29 /* $KAME: ip6_mroute.c,v 1.58 2001/12/18 02:36:31 itojun Exp $ */
30
31 /*
32 * Copyright (C) 1998 WIDE Project.
33 * All rights reserved.
34 *
35 * Redistribution and use in source and binary forms, with or without
36 * modification, are permitted provided that the following conditions
37 * are met:
38 * 1. Redistributions of source code must retain the above copyright
39 * notice, this list of conditions and the following disclaimer.
40 * 2. Redistributions in binary form must reproduce the above copyright
41 * notice, this list of conditions and the following disclaimer in the
42 * documentation and/or other materials provided with the distribution.
43 * 3. Neither the name of the project nor the names of its contributors
44 * may be used to endorse or promote products derived from this software
45 * without specific prior written permission.
46 *
47 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
48 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
49 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
50 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
51 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
52 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
53 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
54 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
55 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
56 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
57 * SUCH DAMAGE.
58 */
59 /*
60 * NOTICE: This file was modified by SPARTA, Inc. in 2005 to introduce
61 * support for mandatory and extensible security protections. This notice
62 * is included in support of clause 2.2 (b) of the Apple Public License,
63 * Version 2.0.
64 */
65
66 /* BSDI ip_mroute.c,v 2.10 1996/11/14 00:29:52 jch Exp */
67
68 /*
69 * IP multicast forwarding procedures
70 *
71 * Written by David Waitzman, BBN Labs, August 1988.
72 * Modified by Steve Deering, Stanford, February 1989.
73 * Modified by Mark J. Steiglitz, Stanford, May, 1991
74 * Modified by Van Jacobson, LBL, January 1993
75 * Modified by Ajit Thyagarajan, PARC, August 1993
76 * Modified by Bill Fenenr, PARC, April 1994
77 *
78 * MROUTING Revision: 3.5.1.2 + PIM-SMv2 (pimd) Support
79 */
80
81
82 #include <sys/param.h>
83 #include <sys/systm.h>
84 #include <sys/malloc.h>
85 #include <sys/mbuf.h>
86 #include <sys/socket.h>
87 #include <sys/socketvar.h>
88 #include <sys/sockio.h>
89 #include <sys/protosw.h>
90 #include <sys/errno.h>
91 #include <sys/time.h>
92 #include <sys/kernel.h>
93 #include <sys/syslog.h>
94 #include <kern/locks.h>
95
96 #include <net/if.h>
97 #include <net/route.h>
98 #include <net/raw_cb.h>
99 #include <net/dlil.h>
100 #include <net/net_osdep.h>
101
102 #include <netinet/in.h>
103 #include <netinet/in_var.h>
104
105 #include <netinet/ip6.h>
106 #include <netinet6/ip6_var.h>
107 #include <netinet6/ip6_mroute.h>
108 #include <netinet6/pim6.h>
109 #include <netinet6/pim6_var.h>
110
111 #if CONFIG_MACF_NET
112 #include <security/mac.h>
113 #endif /* MAC_NET */
114
115 #ifndef __APPLE__
116 static MALLOC_DEFINE(M_MRTABLE, "mf6c", "multicast forwarding cache entry");
117 #endif
118
119 #define M_HASCL(m) ((m)->m_flags & M_EXT)
120
121 static int ip6_mdq(struct mbuf *, struct ifnet *, struct mf6c *);
122 static void phyint_send(struct ip6_hdr *, struct mif6 *, struct mbuf *);
123
124 static int set_pim6(int *);
125 static int socket_send(struct socket *, struct mbuf *,
126 struct sockaddr_in6 *);
127 static int register_send(struct ip6_hdr *, struct mif6 *,
128 struct mbuf *);
129
130 extern lck_mtx_t *ip6_mutex;
131 /*
132 * Globals. All but ip6_mrouter, ip6_mrtproto and mrt6stat could be static,
133 * except for netstat or debugging purposes.
134 */
135 struct socket *ip6_mrouter = NULL;
136 int ip6_mrouter_ver = 0;
137 int ip6_mrtproto = IPPROTO_PIM; /* for netstat only */
138 struct mrt6stat mrt6stat;
139
140 #define NO_RTE_FOUND 0x1
141 #define RTE_FOUND 0x2
142
143 struct mf6c *mf6ctable[MF6CTBLSIZ];
144 u_char n6expire[MF6CTBLSIZ];
145 static struct mif6 mif6table[MAXMIFS];
146 #if MRT6DEBUG
147 u_int mrt6debug = 0; /* debug level */
148 #define DEBUG_MFC 0x02
149 #define DEBUG_FORWARD 0x04
150 #define DEBUG_EXPIRE 0x08
151 #define DEBUG_XMIT 0x10
152 #define DEBUG_REG 0x20
153 #define DEBUG_PIM 0x40
154 #endif
155
156 static void expire_upcalls(void *);
157
158 #define EXPIRE_TIMEOUT (hz / 4) /* 4x / second */
159 #define UPCALL_EXPIRE 6 /* number of timeouts */
160
161 #if INET
162 #if MROUTING
163 extern struct socket *ip_mrouter;
164 #endif
165 #endif
166
167 /*
168 * 'Interfaces' associated with decapsulator (so we can tell
169 * packets that went through it from ones that get reflected
170 * by a broken gateway). These interfaces are never linked into
171 * the system ifnet list & no routes point to them. I.e., packets
172 * can't be sent this way. They only exist as a placeholder for
173 * multicast source verification.
174 */
175 struct ifnet multicast_register_if;
176
177 #define ENCAP_HOPS 64
178
179 /*
180 * Private variables.
181 */
182 static mifi_t nummifs = 0;
183 static mifi_t reg_mif_num = (mifi_t)-1;
184
185 static struct pim6stat pim6stat;
186 static int pim6;
187
188 /*
189 * Hash function for a source, group entry
190 */
191 #define MF6CHASH(a, g) MF6CHASHMOD((a).s6_addr32[0] ^ (a).s6_addr32[1] ^ \
192 (a).s6_addr32[2] ^ (a).s6_addr32[3] ^ \
193 (g).s6_addr32[0] ^ (g).s6_addr32[1] ^ \
194 (g).s6_addr32[2] ^ (g).s6_addr32[3])
195
196 /*
197 * Find a route for a given origin IPv6 address and Multicast group address.
198 * Quality of service parameter to be added in the future!!!
199 */
200
201 #define MF6CFIND(o, g, rt) do { \
202 struct mf6c *_rt = mf6ctable[MF6CHASH(o,g)]; \
203 rt = NULL; \
204 mrt6stat.mrt6s_mfc_lookups++; \
205 while (_rt) { \
206 if (IN6_ARE_ADDR_EQUAL(&_rt->mf6c_origin.sin6_addr, &(o)) && \
207 IN6_ARE_ADDR_EQUAL(&_rt->mf6c_mcastgrp.sin6_addr, &(g)) && \
208 (_rt->mf6c_stall == NULL)) { \
209 rt = _rt; \
210 break; \
211 } \
212 _rt = _rt->mf6c_next; \
213 } \
214 if (rt == NULL) { \
215 mrt6stat.mrt6s_mfc_misses++; \
216 } \
217 } while (0)
218
219 /*
220 * Macros to compute elapsed time efficiently
221 * Borrowed from Van Jacobson's scheduling code
222 */
223 #define TV_DELTA(a, b, delta) do { \
224 int xxs; \
225 \
226 delta = (a).tv_usec - (b).tv_usec; \
227 if ((xxs = (a).tv_sec - (b).tv_sec)) { \
228 switch (xxs) { \
229 case 2: \
230 delta += 1000000; \
231 /* fall through */ \
232 case 1: \
233 delta += 1000000; \
234 break; \
235 default: \
236 delta += (1000000 * xxs); \
237 } \
238 } \
239 } while (0)
240
241 #define TV_LT(a, b) (((a).tv_usec < (b).tv_usec && \
242 (a).tv_sec <= (b).tv_sec) || (a).tv_sec < (b).tv_sec)
243
244 #if UPCALL_TIMING
245 #define UPCALL_MAX 50
246 u_int32_t upcall_data[UPCALL_MAX + 1];
247 static void collate();
248 #endif /* UPCALL_TIMING */
249
250 static int get_sg_cnt(struct sioc_sg_req6 *);
251 static int get_mif6_cnt(void *, int);
252 static int ip6_mrouter_init(struct socket *, int, int);
253 static int add_m6if(struct mif6ctl *);
254 static int del_m6if(mifi_t *);
255 static int add_m6fc(struct mf6cctl *);
256 static int del_m6fc(struct mf6cctl *);
257
258 #ifndef __APPLE__
259 static struct callout expire_upcalls_ch;
260 #endif
261 /*
262 * Handle MRT setsockopt commands to modify the multicast routing tables.
263 */
264 int
265 ip6_mrouter_set(so, sopt)
266 struct socket *so;
267 struct sockopt *sopt;
268 {
269 int error = 0;
270 int optval;
271 struct mif6ctl mifc;
272 struct mf6cctl mfcc;
273 mifi_t mifi;
274
275 if (so != ip6_mrouter && sopt->sopt_name != MRT6_INIT)
276 return (EACCES);
277
278 switch (sopt->sopt_name) {
279 case MRT6_INIT:
280 #if MRT6_OINIT
281 case MRT6_OINIT:
282 #endif
283 error = sooptcopyin(sopt, &optval, sizeof(optval),
284 sizeof(optval));
285 if (error)
286 break;
287 error = ip6_mrouter_init(so, optval, sopt->sopt_name);
288 break;
289 case MRT6_DONE:
290 error = ip6_mrouter_done();
291 break;
292 case MRT6_ADD_MIF:
293 error = sooptcopyin(sopt, &mifc, sizeof(mifc), sizeof(mifc));
294 if (error)
295 break;
296 error = add_m6if(&mifc);
297 break;
298 case MRT6_ADD_MFC:
299 error = sooptcopyin(sopt, &mfcc, sizeof(mfcc), sizeof(mfcc));
300 if (error)
301 break;
302 error = add_m6fc(&mfcc);
303 break;
304 case MRT6_DEL_MFC:
305 error = sooptcopyin(sopt, &mfcc, sizeof(mfcc), sizeof(mfcc));
306 if (error)
307 break;
308 error = del_m6fc(&mfcc);
309 break;
310 case MRT6_DEL_MIF:
311 error = sooptcopyin(sopt, &mifi, sizeof(mifi), sizeof(mifi));
312 if (error)
313 break;
314 error = del_m6if(&mifi);
315 break;
316 case MRT6_PIM:
317 error = sooptcopyin(sopt, &optval, sizeof(optval),
318 sizeof(optval));
319 if (error)
320 break;
321 error = set_pim6(&optval);
322 break;
323 default:
324 error = EOPNOTSUPP;
325 break;
326 }
327
328 return (error);
329 }
330
331 /*
332 * Handle MRT getsockopt commands
333 */
334 int
335 ip6_mrouter_get(so, sopt)
336 struct socket *so;
337 struct sockopt *sopt;
338 {
339 int error = 0;
340
341 if (so != ip6_mrouter) return EACCES;
342
343 switch (sopt->sopt_name) {
344 case MRT6_PIM:
345 error = sooptcopyout(sopt, &pim6, sizeof(pim6));
346 break;
347 }
348 return (error);
349 }
350
351 /*
352 * Handle ioctl commands to obtain information from the cache
353 */
354 int
355 mrt6_ioctl(u_long cmd, caddr_t data)
356 {
357 int error = 0;
358
359 switch (cmd) {
360 case SIOCGETSGCNT_IN6:
361 return (get_sg_cnt((struct sioc_sg_req6 *)data));
362 /* NOTREACHED */
363
364 case SIOCGETMIFCNT_IN6_32:
365 case SIOCGETMIFCNT_IN6_64:
366 return (get_mif6_cnt(data, cmd == SIOCGETMIFCNT_IN6_64));
367 /* NOTREACHED */
368
369 default:
370 error = EINVAL;
371 break;
372 }
373 return (error);
374 }
375
376 /*
377 * returns the packet, byte, rpf-failure count for the source group provided
378 */
379 static int
380 get_sg_cnt(req)
381 struct sioc_sg_req6 *req;
382 {
383 struct mf6c *rt;
384
385 MF6CFIND(req->src.sin6_addr, req->grp.sin6_addr, rt);
386 if (rt != NULL) {
387 req->pktcnt = rt->mf6c_pkt_cnt;
388 req->bytecnt = rt->mf6c_byte_cnt;
389 req->wrong_if = rt->mf6c_wrong_if;
390 } else
391 return(ESRCH);
392 #if 0
393 req->pktcnt = req->bytecnt = req->wrong_if = 0xffffffff;
394 #endif
395
396 return 0;
397 }
398
399 /*
400 * returns the input and output packet and byte counts on the mif provided
401 */
402 static int
403 get_mif6_cnt(void *data, int p64)
404 {
405 if (p64) {
406 struct sioc_mif_req6_64 *req = data;
407
408 mifi_t mifi = req->mifi;
409
410 if (mifi >= nummifs)
411 return (EINVAL);
412
413 req->icount = mif6table[mifi].m6_pkt_in;
414 req->ocount = mif6table[mifi].m6_pkt_out;
415 req->ibytes = mif6table[mifi].m6_bytes_in;
416 req->obytes = mif6table[mifi].m6_bytes_out;
417 } else {
418 struct sioc_mif_req6_32 *req = data;
419
420 mifi_t mifi = req->mifi;
421
422 if (mifi >= nummifs)
423 return (EINVAL);
424
425 req->icount = mif6table[mifi].m6_pkt_in;
426 req->ocount = mif6table[mifi].m6_pkt_out;
427 req->ibytes = mif6table[mifi].m6_bytes_in;
428 req->obytes = mif6table[mifi].m6_bytes_out;
429 }
430 return (0);
431 }
432
433 static int
434 set_pim6(i)
435 int *i;
436 {
437 if ((*i != 1) && (*i != 0))
438 return EINVAL;
439
440 pim6 = *i;
441
442 return 0;
443 }
444
445 /*
446 * Enable multicast routing
447 */
448 static int
449 ip6_mrouter_init(so, v, cmd)
450 struct socket *so;
451 int v;
452 int cmd;
453 {
454 #if MRT6DEBUG
455 if (mrt6debug)
456 log(LOG_DEBUG,
457 "ip6_mrouter_init: so_type = %d, pr_protocol = %d\n",
458 so->so_type, so->so_proto->pr_protocol);
459 #endif
460
461 if (so->so_type != SOCK_RAW ||
462 so->so_proto->pr_protocol != IPPROTO_ICMPV6)
463 return EOPNOTSUPP;
464
465 if (v != 1)
466 return (ENOPROTOOPT);
467
468 if (ip6_mrouter != NULL) return EADDRINUSE;
469
470 ip6_mrouter = so;
471 ip6_mrouter_ver = cmd;
472
473 bzero((caddr_t)mf6ctable, sizeof(mf6ctable));
474 bzero((caddr_t)n6expire, sizeof(n6expire));
475
476 pim6 = 0;/* used for stubbing out/in pim stuff */
477
478 #ifndef __APPLE__
479 callout_reset(&expire_upcalls_ch, EXPIRE_TIMEOUT,
480 expire_upcalls, NULL);
481 #else
482 timeout(expire_upcalls, (caddr_t)NULL, EXPIRE_TIMEOUT);
483 #endif
484
485 #if MRT6DEBUG
486 if (mrt6debug)
487 log(LOG_DEBUG, "ip6_mrouter_init\n");
488 #endif
489
490 return 0;
491 }
492
493 /*
494 * Disable multicast routing
495 */
496 int
497 ip6_mrouter_done()
498 {
499 mifi_t mifi;
500 int i;
501 struct mf6c *rt;
502 struct rtdetq *rte;
503
504
505 /*
506 * For each phyint in use, disable promiscuous reception of all IPv6
507 * multicasts.
508 */
509 #if INET
510 #if MROUTING
511 /*
512 * If there is still IPv4 multicast routing daemon,
513 * we remain interfaces to receive all muliticasted packets.
514 * XXX: there may be an interface in which the IPv4 multicast
515 * daemon is not interested...
516 */
517 if (!ip_mrouter)
518 #endif
519 #endif
520 {
521 for (mifi = 0; mifi < nummifs; mifi++) {
522 if (mif6table[mifi].m6_ifp &&
523 !(mif6table[mifi].m6_flags & MIFF_REGISTER)) {
524 #ifdef __APPLE__
525 if_allmulti(mif6table[mifi].m6_ifp, 0);
526 #else
527 {
528 struct ifnet *ifp;
529 struct in6_ifreq ifr;
530
531 ifr.ifr_addr.sin6_family = AF_INET6;
532 ifr.ifr_addr.sin6_addr= in6addr_any;
533 ifp = mif6table[mifi].m6_ifp;
534 ifnet_ioctl(ifp, 0, SIOCDELMULTI, &ifr);
535 }
536 #endif
537 }
538 }
539 }
540 #if notyet
541 bzero((caddr_t)qtable, sizeof(qtable));
542 bzero((caddr_t)tbftable, sizeof(tbftable));
543 #endif
544 bzero((caddr_t)mif6table, sizeof(mif6table));
545 nummifs = 0;
546
547 pim6 = 0; /* used to stub out/in pim specific code */
548
549 #ifndef __APPLE__
550 callout_stop(&expire_upcalls_ch);
551 #else
552 untimeout(expire_upcalls, (caddr_t)NULL);
553 #endif
554
555 /*
556 * Free all multicast forwarding cache entries.
557 *###LD 5/27 needs locking
558 */
559 for (i = 0; i < MF6CTBLSIZ; i++) {
560 rt = mf6ctable[i];
561 while (rt) {
562 struct mf6c *frt;
563
564 for (rte = rt->mf6c_stall; rte != NULL; ) {
565 struct rtdetq *n = rte->next;
566
567 m_free(rte->m);
568 FREE(rte, M_MRTABLE);
569 rte = n;
570 }
571 frt = rt;
572 rt = rt->mf6c_next;
573 FREE(frt, M_MRTABLE);
574 }
575 }
576
577 bzero((caddr_t)mf6ctable, sizeof(mf6ctable));
578
579 /*
580 * Reset de-encapsulation cache
581 */
582 reg_mif_num = -1;
583
584 ip6_mrouter = NULL;
585 ip6_mrouter_ver = 0;
586
587
588 #if MRT6DEBUG
589 if (mrt6debug)
590 log(LOG_DEBUG, "ip6_mrouter_done\n");
591 #endif
592
593 return 0;
594 }
595
596 static struct sockaddr_in6 sin6 = { sizeof(sin6), AF_INET6 ,
597 0, 0, IN6ADDR_ANY_INIT, 0};
598
599 /*
600 * Add a mif to the mif table
601 */
602 static int
603 add_m6if(mifcp)
604 struct mif6ctl *mifcp;
605 {
606 struct mif6 *mifp;
607 struct ifnet *ifp;
608 int error;
609 #if notyet
610 struct tbf *m_tbf = tbftable + mifcp->mif6c_mifi;
611 #endif
612
613 if (mifcp->mif6c_mifi >= MAXMIFS)
614 return EINVAL;
615 mifp = mif6table + mifcp->mif6c_mifi;
616 if (mifp->m6_ifp)
617 return EADDRINUSE; /* XXX: is it appropriate? */
618
619 ifnet_head_lock_shared();
620 if (mifcp->mif6c_pifi == 0 || mifcp->mif6c_pifi > if_index) {
621 ifnet_head_done();
622 return ENXIO;
623 }
624 ifp = ifindex2ifnet[mifcp->mif6c_pifi];
625 ifnet_head_done();
626
627 if (ifp == NULL) {
628 return ENXIO;
629 }
630 if (mifcp->mif6c_flags & MIFF_REGISTER) {
631 if (reg_mif_num == (mifi_t)-1) {
632 multicast_register_if.if_name = "register_mif";
633 multicast_register_if.if_flags |= IFF_LOOPBACK;
634 multicast_register_if.if_index = mifcp->mif6c_mifi;
635 reg_mif_num = mifcp->mif6c_mifi;
636 }
637
638 ifp = &multicast_register_if;
639
640 } /* if REGISTER */
641 else {
642 /* Make sure the interface supports multicast */
643 if ((ifp->if_flags & IFF_MULTICAST) == 0)
644 return EOPNOTSUPP;
645
646 error = if_allmulti(ifp, 1);
647 if (error)
648 return error;
649 }
650
651 mifp->m6_flags = mifcp->mif6c_flags;
652 mifp->m6_ifp = ifp;
653 #if notyet
654 /* scaling up here allows division by 1024 in critical code */
655 mifp->m6_rate_limit = mifcp->mif6c_rate_limit * 1024 / 1000;
656 #endif
657 /* initialize per mif pkt counters */
658 mifp->m6_pkt_in = 0;
659 mifp->m6_pkt_out = 0;
660 mifp->m6_bytes_in = 0;
661 mifp->m6_bytes_out = 0;
662
663 /* Adjust nummifs up if the mifi is higher than nummifs */
664 if (nummifs <= mifcp->mif6c_mifi)
665 nummifs = mifcp->mif6c_mifi + 1;
666
667 #if MRT6DEBUG
668 if (mrt6debug)
669 log(LOG_DEBUG,
670 "add_mif #%d, phyint %s%d\n",
671 mifcp->mif6c_mifi,
672 ifp->if_name, ifp->if_unit);
673 #endif
674
675 return 0;
676 }
677
678 /*
679 * Delete a mif from the mif table
680 */
681 static int
682 del_m6if(mifip)
683 mifi_t *mifip;
684 {
685 struct mif6 *mifp = mif6table + *mifip;
686 mifi_t mifi;
687 struct ifnet *ifp;
688
689 if (*mifip >= nummifs)
690 return EINVAL;
691 if (mifp->m6_ifp == NULL)
692 return EINVAL;
693
694
695 if (!(mifp->m6_flags & MIFF_REGISTER)) {
696 /*
697 * XXX: what if there is yet IPv4 multicast daemon
698 * using the interface?
699 */
700 ifp = mifp->m6_ifp;
701
702 if_allmulti(ifp, 0);
703 }
704
705 #if notyet
706 bzero((caddr_t)qtable[*mifip], sizeof(qtable[*mifip]));
707 bzero((caddr_t)mifp->m6_tbf, sizeof(*(mifp->m6_tbf)));
708 #endif
709 bzero((caddr_t)mifp, sizeof(*mifp));
710
711 /* Adjust nummifs down */
712 for (mifi = nummifs; mifi > 0; mifi--)
713 if (mif6table[mifi - 1].m6_ifp)
714 break;
715 nummifs = mifi;
716
717
718 #if MRT6DEBUG
719 if (mrt6debug)
720 log(LOG_DEBUG, "del_m6if %d, nummifs %d\n", *mifip, nummifs);
721 #endif
722
723 return 0;
724 }
725
726 /*
727 * Add an mfc entry
728 */
729 static int
730 add_m6fc(mfccp)
731 struct mf6cctl *mfccp;
732 {
733 struct mf6c *rt;
734 u_int32_t hash;
735 struct rtdetq *rte;
736 u_short nstl;
737
738 MF6CFIND(mfccp->mf6cc_origin.sin6_addr,
739 mfccp->mf6cc_mcastgrp.sin6_addr, rt);
740
741 /* If an entry already exists, just update the fields */
742 if (rt) {
743 #if MRT6DEBUG
744 if (mrt6debug & DEBUG_MFC)
745 log(LOG_DEBUG,
746 "add_m6fc no upcall h %d o %s g %s p %x\n",
747 ip6_sprintf(&mfccp->mf6cc_origin.sin6_addr),
748 ip6_sprintf(&mfccp->mf6cc_mcastgrp.sin6_addr),
749 mfccp->mf6cc_parent);
750 #endif
751
752 rt->mf6c_parent = mfccp->mf6cc_parent;
753 rt->mf6c_ifset = mfccp->mf6cc_ifset;
754 return 0;
755 }
756
757 /*
758 * Find the entry for which the upcall was made and update
759 */
760 hash = MF6CHASH(mfccp->mf6cc_origin.sin6_addr,
761 mfccp->mf6cc_mcastgrp.sin6_addr);
762 for (rt = mf6ctable[hash], nstl = 0; rt; rt = rt->mf6c_next) {
763 if (IN6_ARE_ADDR_EQUAL(&rt->mf6c_origin.sin6_addr,
764 &mfccp->mf6cc_origin.sin6_addr) &&
765 IN6_ARE_ADDR_EQUAL(&rt->mf6c_mcastgrp.sin6_addr,
766 &mfccp->mf6cc_mcastgrp.sin6_addr) &&
767 (rt->mf6c_stall != NULL)) {
768
769 if (nstl++)
770 log(LOG_ERR,
771 "add_m6fc: %s o %s g %s p %x dbx %p\n",
772 "multiple kernel entries",
773 ip6_sprintf(&mfccp->mf6cc_origin.sin6_addr),
774 ip6_sprintf(&mfccp->mf6cc_mcastgrp.sin6_addr),
775 mfccp->mf6cc_parent, rt->mf6c_stall);
776
777 #if MRT6DEBUG
778 if (mrt6debug & DEBUG_MFC)
779 log(LOG_DEBUG,
780 "add_m6fc o %s g %s p %x dbg %x\n",
781 ip6_sprintf(&mfccp->mf6cc_origin.sin6_addr),
782 ip6_sprintf(&mfccp->mf6cc_mcastgrp.sin6_addr),
783 mfccp->mf6cc_parent, rt->mf6c_stall);
784 #endif
785
786 rt->mf6c_origin = mfccp->mf6cc_origin;
787 rt->mf6c_mcastgrp = mfccp->mf6cc_mcastgrp;
788 rt->mf6c_parent = mfccp->mf6cc_parent;
789 rt->mf6c_ifset = mfccp->mf6cc_ifset;
790 /* initialize pkt counters per src-grp */
791 rt->mf6c_pkt_cnt = 0;
792 rt->mf6c_byte_cnt = 0;
793 rt->mf6c_wrong_if = 0;
794
795 rt->mf6c_expire = 0; /* Don't clean this guy up */
796 n6expire[hash]--;
797
798 /* free packets Qed at the end of this entry */
799 for (rte = rt->mf6c_stall; rte != NULL; ) {
800 struct rtdetq *n = rte->next;
801 ip6_mdq(rte->m, rte->ifp, rt);
802 m_freem(rte->m);
803 #if UPCALL_TIMING
804 collate(&(rte->t));
805 #endif /* UPCALL_TIMING */
806 FREE(rte, M_MRTABLE);
807 rte = n;
808 }
809 rt->mf6c_stall = NULL;
810 }
811 }
812
813 /*
814 * It is possible that an entry is being inserted without an upcall
815 */
816 if (nstl == 0) {
817 #if MRT6DEBUG
818 if (mrt6debug & DEBUG_MFC)
819 log(LOG_DEBUG,"add_mfc no upcall h %d o %s g %s p %x\n",
820 hash,
821 ip6_sprintf(&mfccp->mf6cc_origin.sin6_addr),
822 ip6_sprintf(&mfccp->mf6cc_mcastgrp.sin6_addr),
823 mfccp->mf6cc_parent);
824 #endif
825
826 for (rt = mf6ctable[hash]; rt; rt = rt->mf6c_next) {
827
828 if (IN6_ARE_ADDR_EQUAL(&rt->mf6c_origin.sin6_addr,
829 &mfccp->mf6cc_origin.sin6_addr)&&
830 IN6_ARE_ADDR_EQUAL(&rt->mf6c_mcastgrp.sin6_addr,
831 &mfccp->mf6cc_mcastgrp.sin6_addr)) {
832
833 rt->mf6c_origin = mfccp->mf6cc_origin;
834 rt->mf6c_mcastgrp = mfccp->mf6cc_mcastgrp;
835 rt->mf6c_parent = mfccp->mf6cc_parent;
836 rt->mf6c_ifset = mfccp->mf6cc_ifset;
837 /* initialize pkt counters per src-grp */
838 rt->mf6c_pkt_cnt = 0;
839 rt->mf6c_byte_cnt = 0;
840 rt->mf6c_wrong_if = 0;
841
842 if (rt->mf6c_expire)
843 n6expire[hash]--;
844 rt->mf6c_expire = 0;
845 }
846 }
847 if (rt == NULL) {
848 /* no upcall, so make a new entry */
849 rt = (struct mf6c *)_MALLOC(sizeof(*rt), M_MRTABLE,
850 M_NOWAIT);
851 if (rt == NULL) {
852 return ENOBUFS;
853 }
854
855 /* insert new entry at head of hash chain */
856 rt->mf6c_origin = mfccp->mf6cc_origin;
857 rt->mf6c_mcastgrp = mfccp->mf6cc_mcastgrp;
858 rt->mf6c_parent = mfccp->mf6cc_parent;
859 rt->mf6c_ifset = mfccp->mf6cc_ifset;
860 /* initialize pkt counters per src-grp */
861 rt->mf6c_pkt_cnt = 0;
862 rt->mf6c_byte_cnt = 0;
863 rt->mf6c_wrong_if = 0;
864 rt->mf6c_expire = 0;
865 rt->mf6c_stall = NULL;
866
867 /* link into table */
868 rt->mf6c_next = mf6ctable[hash];
869 mf6ctable[hash] = rt;
870 }
871 }
872 return 0;
873 }
874
875 #if UPCALL_TIMING
876 /*
877 * collect delay statistics on the upcalls
878 */
879 static void
880 collate(t)
881 struct timeval *t;
882 {
883 u_int32_t d;
884 struct timeval tp;
885 u_int32_t delta;
886
887 GET_TIME(tp);
888
889 if (TV_LT(*t, tp))
890 {
891 TV_DELTA(tp, *t, delta);
892
893 d = delta >> 10;
894 if (d > UPCALL_MAX)
895 d = UPCALL_MAX;
896
897 ++upcall_data[d];
898 }
899 }
900 #endif /* UPCALL_TIMING */
901
902 /*
903 * Delete an mfc entry
904 */
905 static int
906 del_m6fc(mfccp)
907 struct mf6cctl *mfccp;
908 {
909 struct sockaddr_in6 origin;
910 struct sockaddr_in6 mcastgrp;
911 struct mf6c *rt;
912 struct mf6c **nptr;
913 u_int32_t hash;
914
915 origin = mfccp->mf6cc_origin;
916 mcastgrp = mfccp->mf6cc_mcastgrp;
917 hash = MF6CHASH(origin.sin6_addr, mcastgrp.sin6_addr);
918
919 #if MRT6DEBUG
920 if (mrt6debug & DEBUG_MFC)
921 log(LOG_DEBUG,"del_m6fc orig %s mcastgrp %s\n",
922 ip6_sprintf(&origin.sin6_addr),
923 ip6_sprintf(&mcastgrp.sin6_addr));
924 #endif
925
926
927 nptr = &mf6ctable[hash];
928 while ((rt = *nptr) != NULL) {
929 if (IN6_ARE_ADDR_EQUAL(&origin.sin6_addr,
930 &rt->mf6c_origin.sin6_addr) &&
931 IN6_ARE_ADDR_EQUAL(&mcastgrp.sin6_addr,
932 &rt->mf6c_mcastgrp.sin6_addr) &&
933 rt->mf6c_stall == NULL)
934 break;
935
936 nptr = &rt->mf6c_next;
937 }
938 if (rt == NULL) {
939 return EADDRNOTAVAIL;
940 }
941
942 *nptr = rt->mf6c_next;
943 FREE(rt, M_MRTABLE);
944
945
946 return 0;
947 }
948
949 static int
950 socket_send(s, mm, src)
951 struct socket *s;
952 struct mbuf *mm;
953 struct sockaddr_in6 *src;
954 {
955 //### LD 5/27/04 needs locking!
956 //
957 if (s) {
958 if (sbappendaddr(&s->so_rcv,
959 (struct sockaddr *)src,
960 mm, (struct mbuf *)0, NULL) != 0) {
961 sorwakeup(s);
962 return 0;
963 }
964 }
965 return -1;
966 }
967
968 /*
969 * IPv6 multicast forwarding function. This function assumes that the packet
970 * pointed to by "ip6" has arrived on (or is about to be sent to) the interface
971 * pointed to by "ifp", and the packet is to be relayed to other networks
972 * that have members of the packet's destination IPv6 multicast group.
973 *
974 * The packet is returned unscathed to the caller, unless it is
975 * erroneous, in which case a non-zero return value tells the caller to
976 * discard it.
977 */
978
979 int
980 ip6_mforward(ip6, ifp, m)
981 struct ip6_hdr *ip6;
982 struct ifnet *ifp;
983 struct mbuf *m;
984 {
985 struct mf6c *rt;
986 struct mif6 *mifp;
987 struct mbuf *mm;
988 mifi_t mifi;
989 struct timeval timenow;
990
991 #if MRT6DEBUG
992 if (mrt6debug & DEBUG_FORWARD)
993 log(LOG_DEBUG, "ip6_mforward: src %s, dst %s, ifindex %d\n",
994 ip6_sprintf(&ip6->ip6_src), ip6_sprintf(&ip6->ip6_dst),
995 ifp->if_index);
996 #endif
997
998 /*
999 * Don't forward a packet with Hop limit of zero or one,
1000 * or a packet destined to a local-only group.
1001 */
1002 if (ip6->ip6_hlim <= 1 || IN6_IS_ADDR_MC_NODELOCAL(&ip6->ip6_dst) ||
1003 IN6_IS_ADDR_MC_LINKLOCAL(&ip6->ip6_dst))
1004 return 0;
1005 ip6->ip6_hlim--;
1006
1007 /*
1008 * Source address check: do not forward packets with unspecified
1009 * source. It was discussed in July 2000, on ipngwg mailing list.
1010 * This is rather more serious than unicast cases, because some
1011 * MLD packets can be sent with the unspecified source address
1012 * (although such packets must normally set 1 to the hop limit field).
1013 */
1014 getmicrotime(&timenow);
1015 if (IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_src)) {
1016 ip6stat.ip6s_cantforward++;
1017 if (ip6_log_time + ip6_log_interval < timenow.tv_sec) {
1018 ip6_log_time = timenow.tv_sec;
1019 log(LOG_DEBUG,
1020 "cannot forward "
1021 "from %s to %s nxt %d received on %s\n",
1022 ip6_sprintf(&ip6->ip6_src),
1023 ip6_sprintf(&ip6->ip6_dst),
1024 ip6->ip6_nxt,
1025 if_name(m->m_pkthdr.rcvif));
1026 }
1027 return 0;
1028 }
1029
1030 /*
1031 * Determine forwarding mifs from the forwarding cache table
1032 */
1033 MF6CFIND(ip6->ip6_src, ip6->ip6_dst, rt);
1034
1035 /* Entry exists, so forward if necessary */
1036 if (rt) {
1037 return (ip6_mdq(m, ifp, rt));
1038 } else {
1039 /*
1040 * If we don't have a route for packet's origin,
1041 * Make a copy of the packet &
1042 * send message to routing daemon
1043 */
1044
1045 struct mbuf *mb0;
1046 struct rtdetq *rte;
1047 u_int32_t hash;
1048 /* int i, npkts;*/
1049 #if UPCALL_TIMING
1050 struct timeval tp;
1051
1052 GET_TIME(tp);
1053 #endif /* UPCALL_TIMING */
1054
1055 mrt6stat.mrt6s_no_route++;
1056 #if MRT6DEBUG
1057 if (mrt6debug & (DEBUG_FORWARD | DEBUG_MFC))
1058 log(LOG_DEBUG, "ip6_mforward: no rte s %s g %s\n",
1059 ip6_sprintf(&ip6->ip6_src),
1060 ip6_sprintf(&ip6->ip6_dst));
1061 #endif
1062
1063 /*
1064 * Allocate mbufs early so that we don't do extra work if we
1065 * are just going to fail anyway.
1066 */
1067 rte = (struct rtdetq *)_MALLOC(sizeof(*rte), M_MRTABLE,
1068 M_NOWAIT);
1069 if (rte == NULL) {
1070 return ENOBUFS;
1071 }
1072 mb0 = m_copy(m, 0, M_COPYALL);
1073 /*
1074 * Pullup packet header if needed before storing it,
1075 * as other references may modify it in the meantime.
1076 */
1077 if (mb0 &&
1078 (M_HASCL(mb0) || mb0->m_len < sizeof(struct ip6_hdr)))
1079 mb0 = m_pullup(mb0, sizeof(struct ip6_hdr));
1080 if (mb0 == NULL) {
1081 FREE(rte, M_MRTABLE);
1082 return ENOBUFS;
1083 }
1084
1085 /* is there an upcall waiting for this packet? */
1086 hash = MF6CHASH(ip6->ip6_src, ip6->ip6_dst);
1087 for (rt = mf6ctable[hash]; rt; rt = rt->mf6c_next) {
1088 if (IN6_ARE_ADDR_EQUAL(&ip6->ip6_src,
1089 &rt->mf6c_origin.sin6_addr) &&
1090 IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst,
1091 &rt->mf6c_mcastgrp.sin6_addr) &&
1092 (rt->mf6c_stall != NULL))
1093 break;
1094 }
1095
1096 if (rt == NULL) {
1097 struct mrt6msg *im;
1098 #if MRT6_OINIT
1099 struct omrt6msg *oim;
1100 #endif
1101
1102 /* no upcall, so make a new entry */
1103 rt = (struct mf6c *)_MALLOC(sizeof(*rt), M_MRTABLE,
1104 M_NOWAIT);
1105 if (rt == NULL) {
1106 FREE(rte, M_MRTABLE);
1107 m_freem(mb0);
1108 return ENOBUFS;
1109 }
1110 /*
1111 * Make a copy of the header to send to the user
1112 * level process
1113 */
1114 mm = m_copy(mb0, 0, sizeof(struct ip6_hdr));
1115
1116 if (mm == NULL) {
1117 FREE(rte, M_MRTABLE);
1118 m_freem(mb0);
1119 FREE(rt, M_MRTABLE);
1120 return ENOBUFS;
1121 }
1122
1123 /*
1124 * Send message to routing daemon
1125 */
1126 sin6.sin6_addr = ip6->ip6_src;
1127
1128 im = NULL;
1129 #if MRT6_OINIT
1130 oim = NULL;
1131 #endif
1132 switch (ip6_mrouter_ver) {
1133 #if MRT6_OINIT
1134 case MRT6_OINIT:
1135 oim = mtod(mm, struct omrt6msg *);
1136 oim->im6_msgtype = MRT6MSG_NOCACHE;
1137 oim->im6_mbz = 0;
1138 break;
1139 #endif
1140 case MRT6_INIT:
1141 im = mtod(mm, struct mrt6msg *);
1142 im->im6_msgtype = MRT6MSG_NOCACHE;
1143 im->im6_mbz = 0;
1144 break;
1145 default:
1146 FREE(rte, M_MRTABLE);
1147 m_freem(mb0);
1148 FREE(rt, M_MRTABLE);
1149 return EINVAL;
1150 }
1151
1152 #if MRT6DEBUG
1153 if (mrt6debug & DEBUG_FORWARD)
1154 log(LOG_DEBUG,
1155 "getting the iif info in the kernel\n");
1156 #endif
1157
1158 for (mifp = mif6table, mifi = 0;
1159 mifi < nummifs && mifp->m6_ifp != ifp;
1160 mifp++, mifi++)
1161 ;
1162
1163 switch (ip6_mrouter_ver) {
1164 #if MRT6_OINIT
1165 case MRT6_OINIT:
1166 oim->im6_mif = mifi;
1167 break;
1168 #endif
1169 case MRT6_INIT:
1170 im->im6_mif = mifi;
1171 break;
1172 }
1173
1174 if (socket_send(ip6_mrouter, mm, &sin6) < 0) {
1175 log(LOG_WARNING, "ip6_mforward: ip6_mrouter "
1176 "socket queue full\n");
1177 mrt6stat.mrt6s_upq_sockfull++;
1178 FREE(rte, M_MRTABLE);
1179 m_freem(mb0);
1180 FREE(rt, M_MRTABLE);
1181 return ENOBUFS;
1182 }
1183
1184 mrt6stat.mrt6s_upcalls++;
1185
1186 /* insert new entry at head of hash chain */
1187 bzero(rt, sizeof(*rt));
1188 rt->mf6c_origin.sin6_family = AF_INET6;
1189 rt->mf6c_origin.sin6_len = sizeof(struct sockaddr_in6);
1190 rt->mf6c_origin.sin6_addr = ip6->ip6_src;
1191 rt->mf6c_mcastgrp.sin6_family = AF_INET6;
1192 rt->mf6c_mcastgrp.sin6_len = sizeof(struct sockaddr_in6);
1193 rt->mf6c_mcastgrp.sin6_addr = ip6->ip6_dst;
1194 rt->mf6c_expire = UPCALL_EXPIRE;
1195 n6expire[hash]++;
1196 rt->mf6c_parent = MF6C_INCOMPLETE_PARENT;
1197
1198 /* link into table */
1199 rt->mf6c_next = mf6ctable[hash];
1200 mf6ctable[hash] = rt;
1201 /* Add this entry to the end of the queue */
1202 rt->mf6c_stall = rte;
1203 } else {
1204 /* determine if q has overflowed */
1205 struct rtdetq **p;
1206 int npkts = 0;
1207
1208 for (p = &rt->mf6c_stall; *p != NULL; p = &(*p)->next)
1209 if (++npkts > MAX_UPQ6) {
1210 mrt6stat.mrt6s_upq_ovflw++;
1211 FREE(rte, M_MRTABLE);
1212 m_freem(mb0);
1213 return 0;
1214 }
1215
1216 /* Add this entry to the end of the queue */
1217 *p = rte;
1218 }
1219
1220 rte->next = NULL;
1221 rte->m = mb0;
1222 rte->ifp = ifp;
1223 #if UPCALL_TIMING
1224 rte->t = tp;
1225 #endif /* UPCALL_TIMING */
1226
1227
1228 return 0;
1229 }
1230 }
1231
1232 /*
1233 * Clean up cache entries if upcalls are not serviced
1234 * Call from the Slow Timeout mechanism, every half second.
1235 */
1236 static void
1237 expire_upcalls(
1238 __unused void *unused)
1239 {
1240 struct rtdetq *rte;
1241 struct mf6c *mfc, **nptr;
1242 int i;
1243
1244 for (i = 0; i < MF6CTBLSIZ; i++) {
1245 if (n6expire[i] == 0)
1246 continue;
1247 nptr = &mf6ctable[i];
1248 while ((mfc = *nptr) != NULL) {
1249 rte = mfc->mf6c_stall;
1250 /*
1251 * Skip real cache entries
1252 * Make sure it wasn't marked to not expire (shouldn't happen)
1253 * If it expires now
1254 */
1255 if (rte != NULL &&
1256 mfc->mf6c_expire != 0 &&
1257 --mfc->mf6c_expire == 0) {
1258 #if MRT6DEBUG
1259 if (mrt6debug & DEBUG_EXPIRE)
1260 log(LOG_DEBUG, "expire_upcalls: expiring (%s %s)\n",
1261 ip6_sprintf(&mfc->mf6c_origin.sin6_addr),
1262 ip6_sprintf(&mfc->mf6c_mcastgrp.sin6_addr));
1263 #endif
1264 /*
1265 * drop all the packets
1266 * free the mbuf with the pkt, if, timing info
1267 */
1268 do {
1269 struct rtdetq *n = rte->next;
1270 m_freem(rte->m);
1271 FREE(rte, M_MRTABLE);
1272 rte = n;
1273 } while (rte != NULL);
1274 mrt6stat.mrt6s_cache_cleanups++;
1275 n6expire[i]--;
1276
1277 *nptr = mfc->mf6c_next;
1278 FREE(mfc, M_MRTABLE);
1279 } else {
1280 nptr = &mfc->mf6c_next;
1281 }
1282 }
1283 }
1284
1285 #ifndef __APPLE__
1286 callout_reset(&expire_upcalls_ch, EXPIRE_TIMEOUT,
1287 expire_upcalls, NULL);
1288 #else
1289 timeout(expire_upcalls, (caddr_t)NULL, EXPIRE_TIMEOUT);
1290 #endif
1291 }
1292
1293 /*
1294 * Packet forwarding routine once entry in the cache is made
1295 */
1296 static int
1297 ip6_mdq(m, ifp, rt)
1298 struct mbuf *m;
1299 struct ifnet *ifp;
1300 struct mf6c *rt;
1301 {
1302 struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
1303 mifi_t mifi, iif;
1304 struct mif6 *mifp;
1305 int plen = m->m_pkthdr.len;
1306
1307 /*
1308 * Macro to send packet on mif. Since RSVP packets don't get counted on
1309 * input, they shouldn't get counted on output, so statistics keeping is
1310 * separate.
1311 */
1312
1313 #define MC6_SEND(ip6, mifp, m) do { \
1314 if ((mifp)->m6_flags & MIFF_REGISTER) \
1315 register_send((ip6), (mifp), (m)); \
1316 else \
1317 phyint_send((ip6), (mifp), (m)); \
1318 } while (0)
1319
1320 /*
1321 * Don't forward if it didn't arrive from the parent mif
1322 * for its origin.
1323 */
1324 mifi = rt->mf6c_parent;
1325 if ((mifi >= nummifs) || (mif6table[mifi].m6_ifp != ifp)) {
1326 /* came in the wrong interface */
1327 #if MRT6DEBUG
1328 if (mrt6debug & DEBUG_FORWARD)
1329 log(LOG_DEBUG,
1330 "wrong if: ifid %d mifi %d mififid %x\n",
1331 ifp->if_index, mifi,
1332 mif6table[mifi].m6_ifp->if_index);
1333 #endif
1334 mrt6stat.mrt6s_wrong_if++;
1335 rt->mf6c_wrong_if++;
1336 /*
1337 * If we are doing PIM processing, and we are forwarding
1338 * packets on this interface, send a message to the
1339 * routing daemon.
1340 */
1341 /* have to make sure this is a valid mif */
1342 if (mifi < nummifs && mif6table[mifi].m6_ifp)
1343 if (pim6 && (m->m_flags & M_LOOP) == 0) {
1344 /*
1345 * Check the M_LOOP flag to avoid an
1346 * unnecessary PIM assert.
1347 * XXX: M_LOOP is an ad-hoc hack...
1348 */
1349 static struct sockaddr_in6 addr =
1350 { sizeof(addr), AF_INET6 , 0, 0, IN6ADDR_ANY_INIT, 0};
1351
1352 struct mbuf *mm;
1353 struct mrt6msg *im;
1354 #if MRT6_OINIT
1355 struct omrt6msg *oim;
1356 #endif
1357
1358 mm = m_copy(m, 0, sizeof(struct ip6_hdr));
1359 if (mm &&
1360 (M_HASCL(mm) ||
1361 mm->m_len < sizeof(struct ip6_hdr)))
1362 mm = m_pullup(mm, sizeof(struct ip6_hdr));
1363 if (mm == NULL)
1364 return ENOBUFS;
1365
1366 #if MRT6_OINIT
1367 oim = NULL;
1368 #endif
1369 im = NULL;
1370 switch (ip6_mrouter_ver) {
1371 #if MRT6_OINIT
1372 case MRT6_OINIT:
1373 oim = mtod(mm, struct omrt6msg *);
1374 oim->im6_msgtype = MRT6MSG_WRONGMIF;
1375 oim->im6_mbz = 0;
1376 break;
1377 #endif
1378 case MRT6_INIT:
1379 im = mtod(mm, struct mrt6msg *);
1380 im->im6_msgtype = MRT6MSG_WRONGMIF;
1381 im->im6_mbz = 0;
1382 break;
1383 default:
1384 m_freem(mm);
1385 return EINVAL;
1386 }
1387
1388 for (mifp = mif6table, iif = 0;
1389 iif < nummifs && mifp &&
1390 mifp->m6_ifp != ifp;
1391 mifp++, iif++)
1392 ;
1393
1394 switch (ip6_mrouter_ver) {
1395 #if MRT6_OINIT
1396 case MRT6_OINIT:
1397 oim->im6_mif = iif;
1398 addr.sin6_addr = oim->im6_src;
1399 break;
1400 #endif
1401 case MRT6_INIT:
1402 im->im6_mif = iif;
1403 addr.sin6_addr = im->im6_src;
1404 break;
1405 }
1406
1407 mrt6stat.mrt6s_upcalls++;
1408
1409 if (socket_send(ip6_mrouter, mm, &addr) < 0) {
1410 #if MRT6DEBUG
1411 if (mrt6debug)
1412 log(LOG_WARNING, "mdq, ip6_mrouter socket queue full\n");
1413 #endif
1414 ++mrt6stat.mrt6s_upq_sockfull;
1415 return ENOBUFS;
1416 } /* if socket Q full */
1417 } /* if PIM */
1418 return 0;
1419 } /* if wrong iif */
1420
1421 /* If I sourced this packet, it counts as output, else it was input. */
1422 if (m->m_pkthdr.rcvif == NULL) {
1423 /* XXX: is rcvif really NULL when output?? */
1424 mif6table[mifi].m6_pkt_out++;
1425 mif6table[mifi].m6_bytes_out += plen;
1426 } else {
1427 mif6table[mifi].m6_pkt_in++;
1428 mif6table[mifi].m6_bytes_in += plen;
1429 }
1430 rt->mf6c_pkt_cnt++;
1431 rt->mf6c_byte_cnt += plen;
1432
1433 /*
1434 * For each mif, forward a copy of the packet if there are group
1435 * members downstream on the interface.
1436 */
1437 for (mifp = mif6table, mifi = 0; mifi < nummifs; mifp++, mifi++)
1438 if (IF_ISSET(mifi, &rt->mf6c_ifset)) {
1439 /*
1440 * check if the outgoing packet is going to break
1441 * a scope boundary.
1442 * XXX For packets through PIM register tunnel
1443 * interface, we believe a routing daemon.
1444 */
1445 if ((mif6table[rt->mf6c_parent].m6_flags &
1446 MIFF_REGISTER) == 0 &&
1447 (mif6table[mifi].m6_flags & MIFF_REGISTER) == 0 &&
1448 (in6_addr2scopeid(ifp, &ip6->ip6_dst) !=
1449 in6_addr2scopeid(mif6table[mifi].m6_ifp,
1450 &ip6->ip6_dst) ||
1451 in6_addr2scopeid(ifp, &ip6->ip6_src) !=
1452 in6_addr2scopeid(mif6table[mifi].m6_ifp,
1453 &ip6->ip6_src))) {
1454 ip6stat.ip6s_badscope++;
1455 continue;
1456 }
1457
1458 mifp->m6_pkt_out++;
1459 mifp->m6_bytes_out += plen;
1460 MC6_SEND(ip6, mifp, m);
1461 }
1462 return 0;
1463 }
1464
1465 static void
1466 phyint_send(ip6, mifp, m)
1467 struct ip6_hdr *ip6;
1468 struct mif6 *mifp;
1469 struct mbuf *m;
1470 {
1471 struct mbuf *mb_copy;
1472 struct ifnet *ifp = mifp->m6_ifp;
1473 int error = 0;
1474 static struct route_in6 ro;
1475 struct in6_multi *in6m;
1476 struct sockaddr_in6 *dst6;
1477
1478 /*
1479 * Make a new reference to the packet; make sure that
1480 * the IPv6 header is actually copied, not just referenced,
1481 * so that ip6_output() only scribbles on the copy.
1482 */
1483 mb_copy = m_copy(m, 0, M_COPYALL);
1484 if (mb_copy &&
1485 (M_HASCL(mb_copy) || mb_copy->m_len < sizeof(struct ip6_hdr)))
1486 mb_copy = m_pullup(mb_copy, sizeof(struct ip6_hdr));
1487 if (mb_copy == NULL) {
1488 return;
1489 }
1490 /* set MCAST flag to the outgoing packet */
1491 mb_copy->m_flags |= M_MCAST;
1492
1493 /*
1494 * If we sourced the packet, call ip6_output since we may devide
1495 * the packet into fragments when the packet is too big for the
1496 * outgoing interface.
1497 * Otherwise, we can simply send the packet to the interface
1498 * sending queue.
1499 */
1500 if (m->m_pkthdr.rcvif == NULL) {
1501 struct ip6_moptions im6o;
1502
1503 im6o.im6o_multicast_ifp = ifp;
1504 /* XXX: ip6_output will override ip6->ip6_hlim */
1505 im6o.im6o_multicast_hlim = ip6->ip6_hlim;
1506 im6o.im6o_multicast_loop = 1;
1507 error = ip6_output(mb_copy, NULL, &ro,
1508 IPV6_FORWARDING, &im6o, NULL, 0);
1509
1510
1511 #if MRT6DEBUG
1512 if (mrt6debug & DEBUG_XMIT)
1513 log(LOG_DEBUG, "phyint_send on mif %d err %d\n",
1514 mifp - mif6table, error);
1515 #endif
1516 return;
1517 }
1518
1519 /*
1520 * If we belong to the destination multicast group
1521 * on the outgoing interface, loop back a copy.
1522 */
1523 dst6 = (struct sockaddr_in6 *)&ro.ro_dst;
1524 ifnet_lock_shared(ifp);
1525 IN6_LOOKUP_MULTI(ip6->ip6_dst, ifp, in6m);
1526 ifnet_lock_done(ifp);
1527 if (in6m != NULL) {
1528 dst6->sin6_len = sizeof(struct sockaddr_in6);
1529 dst6->sin6_family = AF_INET6;
1530 dst6->sin6_addr = ip6->ip6_dst;
1531 ip6_mloopback(ifp, m, (struct sockaddr_in6 *)&ro.ro_dst);
1532 }
1533 /*
1534 * Put the packet into the sending queue of the outgoing interface
1535 * if it would fit in the MTU of the interface.
1536 */
1537 if (mb_copy->m_pkthdr.len <= ifp->if_mtu || ifp->if_mtu < IPV6_MMTU) {
1538 dst6->sin6_len = sizeof(struct sockaddr_in6);
1539 dst6->sin6_family = AF_INET6;
1540 dst6->sin6_addr = ip6->ip6_dst;
1541 /*
1542 * We just call if_output instead of nd6_output here, since
1543 * we need no ND for a multicast forwarded packet...right?
1544 */
1545 #ifdef __APPLE__
1546 /* Make sure the HW checksum flags are cleaned before sending the packet */
1547
1548 mb_copy->m_pkthdr.rcvif = 0;
1549 mb_copy->m_pkthdr.csum_data = 0;
1550 mb_copy->m_pkthdr.csum_flags = 0;
1551
1552 lck_mtx_unlock(ip6_mutex);
1553 error = dlil_output(ifp, PF_INET6, mb_copy,
1554 NULL, (struct sockaddr *)&ro.ro_dst, 0);
1555 lck_mtx_lock(ip6_mutex);
1556 #else
1557 error = (*ifp->if_output)(ifp, mb_copy,
1558 (struct sockaddr *)&ro.ro_dst,
1559 NULL);
1560 #endif
1561 #if MRT6DEBUG
1562 if (mrt6debug & DEBUG_XMIT)
1563 log(LOG_DEBUG, "phyint_send on mif %d err %d\n",
1564 mifp - mif6table, error);
1565 #endif
1566 } else {
1567 #if MULTICAST_PMTUD
1568 icmp6_error(mb_copy, ICMP6_PACKET_TOO_BIG, 0, ifp->if_mtu);
1569 #else
1570 #if MRT6DEBUG
1571 if (mrt6debug & DEBUG_XMIT)
1572 log(LOG_DEBUG,
1573 "phyint_send: packet too big on %s o %s g %s"
1574 " size %d(discarded)\n",
1575 if_name(ifp),
1576 ip6_sprintf(&ip6->ip6_src),
1577 ip6_sprintf(&ip6->ip6_dst),
1578 mb_copy->m_pkthdr.len);
1579 #endif /* MRT6DEBUG */
1580 m_freem(mb_copy); /* simply discard the packet */
1581 #endif
1582 }
1583 }
1584
1585 static int
1586 register_send(ip6, mif, m)
1587 struct ip6_hdr *ip6;
1588 struct mif6 *mif;
1589 struct mbuf *m;
1590 {
1591 struct mbuf *mm;
1592 int i, len = m->m_pkthdr.len;
1593 static struct sockaddr_in6 addr = { sizeof(addr), AF_INET6 ,
1594 0, 0, IN6ADDR_ANY_INIT, 0};
1595 struct mrt6msg *im6;
1596
1597 #if MRT6DEBUG
1598 if (mrt6debug)
1599 log(LOG_DEBUG, "** IPv6 register_send **\n src %s dst %s\n",
1600 ip6_sprintf(&ip6->ip6_src), ip6_sprintf(&ip6->ip6_dst));
1601 #endif
1602 ++pim6stat.pim6s_snd_registers;
1603
1604 /* Make a copy of the packet to send to the user level process */
1605 MGETHDR(mm, M_DONTWAIT, MT_HEADER);
1606 if (mm == NULL)
1607 return ENOBUFS;
1608 #ifdef __darwin8_notyet
1609 #if CONFIG_MACF_NET
1610 mac_create_mbuf_multicast_encap(m, mif->m6_ifp, mm);
1611 #endif
1612 #endif
1613 mm->m_pkthdr.rcvif = NULL;
1614 mm->m_data += max_linkhdr;
1615 mm->m_len = sizeof(struct ip6_hdr);
1616
1617 if ((mm->m_next = m_copy(m, 0, M_COPYALL)) == NULL) {
1618 m_freem(mm);
1619 return ENOBUFS;
1620 }
1621 i = MHLEN - M_LEADINGSPACE(mm);
1622 if (i > len)
1623 i = len;
1624 mm = m_pullup(mm, i);
1625 if (mm == NULL){
1626 m_freem(mm);
1627 return ENOBUFS;
1628 }
1629 /* TODO: check it! */
1630 mm->m_pkthdr.len = len + sizeof(struct ip6_hdr);
1631
1632 /*
1633 * Send message to routing daemon
1634 */
1635 addr.sin6_addr = ip6->ip6_src;
1636
1637 im6 = mtod(mm, struct mrt6msg *);
1638 im6->im6_msgtype = MRT6MSG_WHOLEPKT;
1639 im6->im6_mbz = 0;
1640
1641 im6->im6_mif = mif - mif6table;
1642
1643 /* iif info is not given for reg. encap.n */
1644 mrt6stat.mrt6s_upcalls++;
1645
1646 if (socket_send(ip6_mrouter, mm, &addr) < 0) {
1647 #if MRT6DEBUG
1648 if (mrt6debug)
1649 log(LOG_WARNING,
1650 "register_send: ip6_mrouter socket queue full\n");
1651 #endif
1652 ++mrt6stat.mrt6s_upq_sockfull;
1653 return ENOBUFS;
1654 }
1655 return 0;
1656 }
1657
1658 /*
1659 * PIM sparse mode hook
1660 * Receives the pim control messages, and passes them up to the listening
1661 * socket, using rip6_input.
1662 * The only message processed is the REGISTER pim message; the pim header
1663 * is stripped off, and the inner packet is passed to register_mforward.
1664 */
1665 int
1666 pim6_input(mp, offp)
1667 struct mbuf **mp;
1668 int *offp;
1669 {
1670 struct pim *pim; /* pointer to a pim struct */
1671 struct ip6_hdr *ip6;
1672 int pimlen;
1673 struct mbuf *m = *mp;
1674 int minlen;
1675 int off = *offp;
1676 int proto;
1677
1678 ++pim6stat.pim6s_rcv_total;
1679
1680 ip6 = mtod(m, struct ip6_hdr *);
1681 pimlen = m->m_pkthdr.len - *offp;
1682 proto = ip6->ip6_nxt;
1683
1684 /*
1685 * Validate lengths
1686 */
1687 if (pimlen < PIM_MINLEN) {
1688 ++pim6stat.pim6s_rcv_tooshort;
1689 #if MRT6DEBUG
1690 if (mrt6debug & DEBUG_PIM)
1691 log(LOG_DEBUG,"pim6_input: PIM packet too short\n");
1692 #endif
1693 m_freem(m);
1694 return(IPPROTO_DONE);
1695 }
1696
1697 /*
1698 * if the packet is at least as big as a REGISTER, go ahead
1699 * and grab the PIM REGISTER header size, to avoid another
1700 * possible m_pullup() later.
1701 *
1702 * PIM_MINLEN == pimhdr + u_int32 == 8
1703 * PIM6_REG_MINLEN == pimhdr + reghdr + eip6hdr == 4 + 4 + 40
1704 */
1705 minlen = (pimlen >= PIM6_REG_MINLEN) ? PIM6_REG_MINLEN : PIM_MINLEN;
1706
1707 /*
1708 * Make sure that the IP6 and PIM headers in contiguous memory, and
1709 * possibly the PIM REGISTER header
1710 */
1711 #ifndef PULLDOWN_TEST
1712 IP6_EXTHDR_CHECK(m, off, minlen, return IPPROTO_DONE);
1713 /* adjust pointer */
1714 ip6 = mtod(m, struct ip6_hdr *);
1715
1716 /* adjust mbuf to point to the PIM header */
1717 pim = (struct pim *)((caddr_t)ip6 + off);
1718 #else
1719 IP6_EXTHDR_GET(pim, struct pim *, m, off, minlen);
1720 if (pim == NULL) {
1721 pim6stat.pim6s_rcv_tooshort++;
1722 return IPPROTO_DONE;
1723 }
1724 #endif
1725
1726 #define PIM6_CHECKSUM
1727 #ifdef PIM6_CHECKSUM
1728 {
1729 int cksumlen;
1730
1731 /*
1732 * Validate checksum.
1733 * If PIM REGISTER, exclude the data packet
1734 */
1735 if (pim->pim_type == PIM_REGISTER)
1736 cksumlen = PIM_MINLEN;
1737 else
1738 cksumlen = pimlen;
1739
1740 if (in6_cksum(m, IPPROTO_PIM, off, cksumlen)) {
1741 ++pim6stat.pim6s_rcv_badsum;
1742 #if MRT6DEBUG
1743 if (mrt6debug & DEBUG_PIM)
1744 log(LOG_DEBUG,
1745 "pim6_input: invalid checksum\n");
1746 #endif
1747 m_freem(m);
1748 return(IPPROTO_DONE);
1749 }
1750 }
1751 #endif /* PIM_CHECKSUM */
1752
1753 /* PIM version check */
1754 if (pim->pim_ver != PIM_VERSION) {
1755 ++pim6stat.pim6s_rcv_badversion;
1756 #if MRT6DEBUG
1757 log(LOG_ERR,
1758 "pim6_input: incorrect version %d, expecting %d\n",
1759 pim->pim_ver, PIM_VERSION);
1760 #endif
1761 m_freem(m);
1762 return(IPPROTO_DONE);
1763 }
1764
1765 if (pim->pim_type == PIM_REGISTER) {
1766 /*
1767 * since this is a REGISTER, we'll make a copy of the register
1768 * headers ip6+pim+u_int32_t+encap_ip6, to be passed up to the
1769 * routing daemon.
1770 */
1771 static struct sockaddr_in6 dst = { sizeof(dst), AF_INET6 ,
1772 0, 0, IN6ADDR_ANY_INIT, 0 };
1773
1774 struct mbuf *mcp;
1775 struct ip6_hdr *eip6;
1776 u_int32_t *reghdr;
1777
1778 ++pim6stat.pim6s_rcv_registers;
1779
1780 if ((reg_mif_num >= nummifs) || (reg_mif_num == (mifi_t) -1)) {
1781 #if MRT6DEBUG
1782 if (mrt6debug & DEBUG_PIM)
1783 log(LOG_DEBUG,
1784 "pim6_input: register mif not set: %d\n",
1785 reg_mif_num);
1786 #endif
1787 m_freem(m);
1788 return(IPPROTO_DONE);
1789 }
1790
1791 reghdr = (u_int32_t *)(pim + 1);
1792
1793 if ((ntohl(*reghdr) & PIM_NULL_REGISTER))
1794 goto pim6_input_to_daemon;
1795
1796 /*
1797 * Validate length
1798 */
1799 if (pimlen < PIM6_REG_MINLEN) {
1800 ++pim6stat.pim6s_rcv_tooshort;
1801 ++pim6stat.pim6s_rcv_badregisters;
1802 #if MRT6DEBUG
1803 log(LOG_ERR,
1804 "pim6_input: register packet size too "
1805 "small %d from %s\n",
1806 pimlen, ip6_sprintf(&ip6->ip6_src));
1807 #endif
1808 m_freem(m);
1809 return(IPPROTO_DONE);
1810 }
1811
1812 eip6 = (struct ip6_hdr *) (reghdr + 1);
1813 #if MRT6DEBUG
1814 if (mrt6debug & DEBUG_PIM)
1815 log(LOG_DEBUG,
1816 "pim6_input[register], eip6: %s -> %s, "
1817 "eip6 plen %d\n",
1818 ip6_sprintf(&eip6->ip6_src),
1819 ip6_sprintf(&eip6->ip6_dst),
1820 ntohs(eip6->ip6_plen));
1821 #endif
1822
1823 /* verify the version number of the inner packet */
1824 if ((eip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) {
1825 ++pim6stat.pim6s_rcv_badregisters;
1826 #if MRT6DEBUG
1827 log(LOG_DEBUG, "pim6_input: invalid IP version (%d) "
1828 "of the inner packet\n",
1829 (eip6->ip6_vfc & IPV6_VERSION));
1830 #endif
1831 m_freem(m);
1832 return(IPPROTO_NONE);
1833 }
1834
1835 /* verify the inner packet is destined to a mcast group */
1836 if (!IN6_IS_ADDR_MULTICAST(&eip6->ip6_dst)) {
1837 ++pim6stat.pim6s_rcv_badregisters;
1838 #if MRT6DEBUG
1839 if (mrt6debug & DEBUG_PIM)
1840 log(LOG_DEBUG,
1841 "pim6_input: inner packet of register "
1842 "is not multicast %s\n",
1843 ip6_sprintf(&eip6->ip6_dst));
1844 #endif
1845 m_freem(m);
1846 return(IPPROTO_DONE);
1847 }
1848
1849 /*
1850 * make a copy of the whole header to pass to the daemon later.
1851 */
1852 mcp = m_copy(m, 0, off + PIM6_REG_MINLEN);
1853 if (mcp == NULL) {
1854 #if MRT6DEBUG
1855 log(LOG_ERR,
1856 "pim6_input: pim register: "
1857 "could not copy register head\n");
1858 #endif
1859 m_freem(m);
1860 return(IPPROTO_DONE);
1861 }
1862
1863 /*
1864 * forward the inner ip6 packet; point m_data at the inner ip6.
1865 */
1866 m_adj(m, off + PIM_MINLEN);
1867 #if MRT6DEBUG
1868 if (mrt6debug & DEBUG_PIM) {
1869 log(LOG_DEBUG,
1870 "pim6_input: forwarding decapsulated register: "
1871 "src %s, dst %s, mif %d\n",
1872 ip6_sprintf(&eip6->ip6_src),
1873 ip6_sprintf(&eip6->ip6_dst),
1874 reg_mif_num);
1875 }
1876 #endif
1877
1878 #ifdef __APPLE__
1879
1880 if (lo_ifp) {
1881 lck_mtx_unlock(ip6_mutex);
1882 dlil_output(lo_ifp, PF_INET6, m, 0, (struct sockaddr *)&dst, 0);
1883 lck_mtx_lock(ip6_mutex);
1884 }
1885 else {
1886 printf("Warning: pim6_input call to dlil_find_dltag failed!\n");
1887 m_freem(m);
1888 }
1889 #else
1890 (void) if_simloop(mif6table[reg_mif_num].m6_ifp, m,
1891 dst.sin6_family, NULL);
1892 #endif
1893
1894 /* prepare the register head to send to the mrouting daemon */
1895 m = mcp;
1896 }
1897
1898 /*
1899 * Pass the PIM message up to the daemon; if it is a register message
1900 * pass the 'head' only up to the daemon. This includes the
1901 * encapsulator ip6 header, pim header, register header and the
1902 * encapsulated ip6 header.
1903 */
1904 pim6_input_to_daemon:
1905 rip6_input(&m, offp);
1906 return(IPPROTO_DONE);
1907 }
mirror of XNU