bsd/netinet6/nd6_send.c

   1 /*
   2  * Copyright (c) 2013-2016 Apple Inc. All rights reserved.
   3  *
   4  * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. The rights granted to you under the License
  10  * may not be used to create, or enable the creation or redistribution of,
  11  * unlawful or unlicensed copies of an Apple operating system, or to
  12  * circumvent, violate, or enable the circumvention or violation of, any
  13  * terms of an Apple operating system software license agreement.
  14  *
  15  * Please obtain a copy of the License at
  16  * http://www.opensource.apple.com/apsl/ and read it before using this file.
  17  *
  18  * The Original Code and all software distributed under the License are
  19  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  20  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  21  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  22  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  23  * Please see the License for the specific language governing rights and
  24  * limitations under the License.
  25  *
  26  * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
  27  */
  28
  29 #include <sys/types.h>
  30 #include <sys/malloc.h>
  31 #include <sys/proc.h>
  32 #include <sys/sysctl.h>
  33 #include <sys/syslog.h>
  34
  35 #include <libkern/crypto/sha1.h>
  36
  37 #include <net/if.h>
  38
  39 #include <netinet/in.h>
  40 #include <netinet6/in6_var.h>
  41 #include <netinet/ip6.h>
  42 #include <netinet6/ip6_var.h>
  43 #include <netinet6/nd6.h>
  44
  45 #if CONFIG_MACF
  46 #include <sys/kauth.h>
  47 #include <security/mac_framework.h>
  48 #endif
  49
  50 SYSCTL_DECL(_net_inet6);        /* Note: Not in any common header. */
  51
  52 SYSCTL_NODE(_net_inet6, OID_AUTO, send, CTLFLAG_RW | CTLFLAG_LOCKED, 0,
  53     "IPv6 Secure Neighbor Discovery");
  54
  55 static int nd6_send_opmode = ND6_SEND_OPMODE_CGA_QUIET;
  56 SYSCTL_INT(_net_inet6_send, OID_AUTO, opmode, CTLFLAG_RW | CTLFLAG_LOCKED,
  57     &nd6_send_opmode, 0, "configured SEND operating mode");
  58
  59 int nd6_send_opstate = ND6_SEND_OPMODE_DISABLED;
  60 SYSCTL_INT(_net_inet6_send, OID_AUTO, opstate, CTLFLAG_RD | CTLFLAG_LOCKED,
  61     &nd6_send_opstate, 0, "current SEND operating state");
  62
  63 static int sysctl_cga_parameters SYSCTL_HANDLER_ARGS;
  64
  65 SYSCTL_PROC(_net_inet6_send, OID_AUTO, cga_parameters,
  66     CTLTYPE_OPAQUE | CTLFLAG_RW | CTLFLAG_LOCKED, 0, 0,
  67     sysctl_cga_parameters, "S,nd6_send_nodecfg", "");
  68
  69 /*
  70  * The size of the buffer is sufficient to contain a public key, its size in
  71  * machine binary type for the kernel, and the CGA precalc for the global
  72  * scope. This interface is not a public API, so we don't anticipate that the
  73  * userland and the kernel will be mismatched between ILP32 and LP64.
  74  */
  75 #define SYSCTL_CGA_PARAMETERS_BUFFER_SIZE \
  76         (2 * (sizeof (u_int16_t) + IN6_CGA_KEY_MAXSIZE) + \
  77         sizeof (struct in6_cga_prepare))
  78
  79 static int
  80 sysctl_cga_parameters SYSCTL_HANDLER_ARGS
  81 {
  82 #pragma unused(oidp, arg1)
  83         u_int namelen;
  84         char *oldp, *newp;
  85         const char *fin;
  86         struct in6_cga_nodecfg cfg;
  87         struct iovec *iov;
  88         int error;
  89         char *buffer;
  90         u_int16_t u16;
  91 #if CONFIG_MACF
  92         kauth_cred_t cred;
  93 #endif
  94
  95         namelen = arg2;
  96         if (namelen != 0) {
  97                 log(LOG_ERR, "%s: name length err [len=%u]\n", __func__,
  98                     namelen);
  99                 return EINVAL;
 100         }
 101
 102         if (req->newlen > SYSCTL_CGA_PARAMETERS_BUFFER_SIZE) {
 103                 log(LOG_ERR, "%s: input buffer size error [len=%zu]\n",
 104                     __func__, req->newlen);
 105                 return EINVAL;
 106         }
 107
 108 #if CONFIG_MACF
 109         cred = kauth_cred_proc_ref(current_proc());
 110         error = mac_system_check_info(cred, "net.inet6.send.cga_parameters");
 111         kauth_cred_unref(&cred);
 112         if (error != 0) {
 113                 log(LOG_ERR, "%s: mac_system_check_info denied.\n", __func__);
 114                 return EPERM;
 115         }
 116 #endif
 117
 118         MALLOC(buffer, char *, SYSCTL_CGA_PARAMETERS_BUFFER_SIZE, M_IP6CGA,
 119             M_WAITOK | M_ZERO);
 120         if (buffer == NULL) {
 121                 log(LOG_ERR, "%s: could not allocate marshaling buffer.\n",
 122                     __func__);
 123                 return ENOMEM;
 124         }
 125
 126         in6_cga_node_lock();
 127
 128         if (req->oldptr != USER_ADDR_NULL && req->oldlen > 0) {
 129                 oldp = buffer;
 130                 fin = &buffer[SYSCTL_CGA_PARAMETERS_BUFFER_SIZE];
 131                 if (req->oldlen < SYSCTL_CGA_PARAMETERS_BUFFER_SIZE) {
 132                         fin = &buffer[req->oldlen];
 133                 }
 134
 135                 in6_cga_query(&cfg);
 136                 iov = &cfg.cga_pubkey;
 137                 if (iov->iov_len > 0) {
 138                         VERIFY(iov->iov_len < UINT16_MAX);
 139
 140                         if (&oldp[sizeof(cfg.cga_prepare)] <= fin) {
 141                                 bcopy(&cfg.cga_prepare, oldp,
 142                                     sizeof(cfg.cga_prepare));
 143                         }
 144                         oldp += sizeof(cfg.cga_prepare);
 145
 146                         if (&oldp[sizeof(u16)] < fin) {
 147                                 u16 = (u_int16_t) iov->iov_len;
 148                                 bcopy(&u16, oldp, sizeof(u16));
 149                         }
 150                         oldp += sizeof(u16);
 151
 152                         if (&oldp[iov->iov_len] < fin) {
 153                                 bcopy(iov->iov_base, oldp, iov->iov_len);
 154                         }
 155                         oldp += iov->iov_len;
 156
 157                         if (oldp > fin) {
 158                                 req->oldlen = oldp - buffer;
 159                                 log(LOG_ERR, "%s: marshalled data too large.\n",
 160                                     __func__);
 161                                 error = ENOMEM;
 162                                 goto done;
 163                         }
 164                 }
 165
 166                 error = SYSCTL_OUT(req, buffer, oldp - buffer);
 167                 if (error) {
 168                         goto done;
 169                 }
 170         }
 171
 172         if (req->newptr == USER_ADDR_NULL) {
 173                 goto done;
 174         }
 175
 176         error = proc_suser(current_proc());
 177         if (error) {
 178                 goto done;
 179         }
 180
 181         if (req->newlen == 0) {
 182                 in6_cga_stop();
 183                 nd6_send_opstate = ND6_SEND_OPMODE_DISABLED;
 184                 goto done;
 185         }
 186
 187         error = SYSCTL_IN(req, buffer, req->newlen);
 188         if (error) {
 189                 goto done;
 190         }
 191
 192         newp = buffer;
 193         fin = &buffer[req->newlen];
 194
 195         bzero(&cfg, sizeof cfg);
 196
 197         if (&newp[sizeof(cfg.cga_prepare)] <= fin) {
 198                 bcopy(newp, &cfg.cga_prepare, sizeof(cfg.cga_prepare));
 199         }
 200         newp += sizeof(cfg.cga_prepare);
 201
 202         iov = &cfg.cga_privkey;
 203         if (&newp[sizeof(u16)] < fin) {
 204                 bcopy(newp, &u16, sizeof(u16));
 205                 iov->iov_len = u16;
 206
 207                 if (iov->iov_len > IN6_CGA_KEY_MAXSIZE) {
 208                         error = EINVAL;
 209                         goto done;
 210                 }
 211         }
 212         newp += sizeof(u16);
 213
 214         iov->iov_base = newp;
 215         newp += iov->iov_len;
 216
 217         iov = &cfg.cga_pubkey;
 218         if (&newp[sizeof(u16)] < fin) {
 219                 bcopy(newp, &u16, sizeof(u16));
 220                 iov->iov_len = u16;
 221
 222                 if (iov->iov_len > IN6_CGA_KEY_MAXSIZE) {
 223                         error = EINVAL;
 224                         goto done;
 225                 }
 226         }
 227         newp += sizeof(u16);
 228
 229         iov->iov_base = newp;
 230         newp += iov->iov_len;
 231
 232         if (newp > fin) {
 233                 log(LOG_ERR, "%s: input too large [octets=%ld].\n", __func__,
 234                     newp - fin);
 235                 error = ENOMEM;
 236                 goto done;
 237         }
 238
 239         error = in6_cga_start(&cfg);
 240         if (!error) {
 241                 nd6_send_opstate = nd6_send_opmode;
 242         } else {
 243                 log(LOG_ERR, "%s: in6_cga_start error=%d.\n", __func__,
 244                     error);
 245         }
 246
 247 done:
 248         in6_cga_node_unlock();
 249         FREE(buffer, M_IP6CGA);
 250         return error;
 251 }
 252
 253 /* End of file */