]> git.saurik.com Git - apple/xnu.git/blob - bsd/netinet6/in6.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-4903.231.4.tar.gz
[apple/xnu.git] / bsd / netinet6 / in6.c
1 /*
2 * Copyright (c) 2003-2018 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28
29 /*
30 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
31 * All rights reserved.
32 *
33 * Redistribution and use in source and binary forms, with or without
34 * modification, are permitted provided that the following conditions
35 * are met:
36 * 1. Redistributions of source code must retain the above copyright
37 * notice, this list of conditions and the following disclaimer.
38 * 2. Redistributions in binary form must reproduce the above copyright
39 * notice, this list of conditions and the following disclaimer in the
40 * documentation and/or other materials provided with the distribution.
41 * 3. Neither the name of the project nor the names of its contributors
42 * may be used to endorse or promote products derived from this software
43 * without specific prior written permission.
44 *
45 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
46 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
47 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
48 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
49 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
50 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
51 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
52 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
53 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
54 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
55 * SUCH DAMAGE.
56 */
57
58 /*
59 * Copyright (c) 1982, 1986, 1991, 1993
60 * The Regents of the University of California. All rights reserved.
61 *
62 * Redistribution and use in source and binary forms, with or without
63 * modification, are permitted provided that the following conditions
64 * are met:
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 * 2. Redistributions in binary form must reproduce the above copyright
68 * notice, this list of conditions and the following disclaimer in the
69 * documentation and/or other materials provided with the distribution.
70 * 3. All advertising materials mentioning features or use of this software
71 * must display the following acknowledgement:
72 * This product includes software developed by the University of
73 * California, Berkeley and its contributors.
74 * 4. Neither the name of the University nor the names of its contributors
75 * may be used to endorse or promote products derived from this software
76 * without specific prior written permission.
77 *
78 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
79 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
80 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
81 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
82 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
83 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
84 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
85 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
86 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
87 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
88 * SUCH DAMAGE.
89 *
90 * @(#)in.c 8.2 (Berkeley) 11/15/93
91 */
92
93
94 #include <sys/param.h>
95 #include <sys/ioctl.h>
96 #include <sys/errno.h>
97 #include <sys/malloc.h>
98 #include <sys/socket.h>
99 #include <sys/socketvar.h>
100 #include <sys/sockio.h>
101 #include <sys/systm.h>
102 #include <sys/time.h>
103 #include <sys/kernel.h>
104 #include <sys/syslog.h>
105 #include <sys/kern_event.h>
106 #include <sys/mcache.h>
107 #include <sys/protosw.h>
108 #include <sys/sysctl.h>
109
110 #include <kern/locks.h>
111 #include <kern/zalloc.h>
112 #include <kern/clock.h>
113 #include <libkern/OSAtomic.h>
114 #include <machine/machine_routines.h>
115 #include <mach/boolean.h>
116
117 #include <net/if.h>
118 #include <net/if_types.h>
119 #include <net/if_var.h>
120 #include <net/route.h>
121 #include <net/if_dl.h>
122 #include <net/kpi_protocol.h>
123 #include <net/nwk_wq.h>
124
125 #include <netinet/in.h>
126 #include <netinet/in_var.h>
127 #include <netinet/if_ether.h>
128 #include <netinet/in_systm.h>
129 #include <netinet/ip.h>
130 #include <netinet/in_pcb.h>
131 #include <netinet/icmp6.h>
132 #include <netinet/tcp.h>
133 #include <netinet/tcp_seq.h>
134 #include <netinet/tcp_var.h>
135
136 #include <netinet6/nd6.h>
137 #include <netinet/ip6.h>
138 #include <netinet6/ip6_var.h>
139 #include <netinet6/mld6_var.h>
140 #include <netinet6/in6_ifattach.h>
141 #include <netinet6/scope6_var.h>
142 #include <netinet6/in6_var.h>
143 #include <netinet6/in6_pcb.h>
144
145 #include <net/net_osdep.h>
146
147 #include <net/dlil.h>
148 #include <net/if_llatbl.h>
149
150 #if PF
151 #include <net/pfvar.h>
152 #endif /* PF */
153
154 /*
155 * Definitions of some costant IP6 addresses.
156 */
157 const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT;
158 const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT;
159 const struct in6_addr in6addr_nodelocal_allnodes =
160 IN6ADDR_NODELOCAL_ALLNODES_INIT;
161 const struct in6_addr in6addr_linklocal_allnodes =
162 IN6ADDR_LINKLOCAL_ALLNODES_INIT;
163 const struct in6_addr in6addr_linklocal_allrouters =
164 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT;
165 const struct in6_addr in6addr_linklocal_allv2routers =
166 IN6ADDR_LINKLOCAL_ALLV2ROUTERS_INIT;
167
168 const struct in6_addr in6mask0 = IN6MASK0;
169 const struct in6_addr in6mask7 = IN6MASK7;
170 const struct in6_addr in6mask16 = IN6MASK16;
171 const struct in6_addr in6mask32 = IN6MASK32;
172 const struct in6_addr in6mask64 = IN6MASK64;
173 const struct in6_addr in6mask96 = IN6MASK96;
174 const struct in6_addr in6mask128 = IN6MASK128;
175
176 const struct sockaddr_in6 sa6_any = {
177 sizeof (sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0
178 };
179
180 static int in6ctl_associd(struct socket *, u_long, caddr_t);
181 static int in6ctl_connid(struct socket *, u_long, caddr_t);
182 static int in6ctl_conninfo(struct socket *, u_long, caddr_t);
183 static int in6ctl_llstart(struct ifnet *, u_long, caddr_t);
184 static int in6ctl_llstop(struct ifnet *);
185 static int in6ctl_cgastart(struct ifnet *, u_long, caddr_t);
186 static int in6ctl_gifaddr(struct ifnet *, struct in6_ifaddr *, u_long,
187 struct in6_ifreq *);
188 static int in6ctl_gifstat(struct ifnet *, u_long, struct in6_ifreq *);
189 static int in6ctl_alifetime(struct in6_ifaddr *, u_long, struct in6_ifreq *,
190 boolean_t);
191 static int in6ctl_aifaddr(struct ifnet *, struct in6_aliasreq *);
192 static void in6ctl_difaddr(struct ifnet *, struct in6_ifaddr *);
193 static int in6_autoconf(struct ifnet *, int);
194 static int in6_setrouter(struct ifnet *, int);
195 static int in6_ifinit(struct ifnet *, struct in6_ifaddr *, int);
196 static int in6_ifaupdate_aux(struct in6_ifaddr *, struct ifnet *, int);
197 static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *);
198 static struct in6_ifaddr *in6_ifaddr_alloc(int);
199 static void in6_ifaddr_attached(struct ifaddr *);
200 static void in6_ifaddr_detached(struct ifaddr *);
201 static void in6_ifaddr_free(struct ifaddr *);
202 static void in6_ifaddr_trace(struct ifaddr *, int);
203 #if defined(__LP64__)
204 static void in6_cgareq_32_to_64(struct in6_cgareq_32 *,
205 struct in6_cgareq_64 *);
206 #else
207 static void in6_cgareq_64_to_32(struct in6_cgareq_64 *,
208 struct in6_cgareq_32 *);
209 #endif
210 static struct in6_aliasreq *in6_aliasreq_to_native(void *, int,
211 struct in6_aliasreq *);
212 static struct in6_cgareq *in6_cgareq_to_native(void *, int,
213 struct in6_cgareq *);
214 static int in6_to_kamescope(struct sockaddr_in6 *, struct ifnet *);
215 static int in6_getassocids(struct socket *, uint32_t *, user_addr_t);
216 static int in6_getconnids(struct socket *, sae_associd_t, uint32_t *,
217 user_addr_t);
218
219 static void in6_if_up_dad_start(struct ifnet *);
220
221 extern lck_mtx_t *nd6_mutex;
222
223 #define IN6IFA_TRACE_HIST_SIZE 32 /* size of trace history */
224
225 /* For gdb */
226 __private_extern__ unsigned int in6ifa_trace_hist_size = IN6IFA_TRACE_HIST_SIZE;
227
228 struct in6_ifaddr_dbg {
229 struct in6_ifaddr in6ifa; /* in6_ifaddr */
230 struct in6_ifaddr in6ifa_old; /* saved in6_ifaddr */
231 u_int16_t in6ifa_refhold_cnt; /* # of IFA_ADDREF */
232 u_int16_t in6ifa_refrele_cnt; /* # of IFA_REMREF */
233 /*
234 * Alloc and free callers.
235 */
236 ctrace_t in6ifa_alloc;
237 ctrace_t in6ifa_free;
238 /*
239 * Circular lists of IFA_ADDREF and IFA_REMREF callers.
240 */
241 ctrace_t in6ifa_refhold[IN6IFA_TRACE_HIST_SIZE];
242 ctrace_t in6ifa_refrele[IN6IFA_TRACE_HIST_SIZE];
243 /*
244 * Trash list linkage
245 */
246 TAILQ_ENTRY(in6_ifaddr_dbg) in6ifa_trash_link;
247 };
248
249 /* List of trash in6_ifaddr entries protected by in6ifa_trash_lock */
250 static TAILQ_HEAD(, in6_ifaddr_dbg) in6ifa_trash_head;
251 static decl_lck_mtx_data(, in6ifa_trash_lock);
252
253 #if DEBUG
254 static unsigned int in6ifa_debug = 1; /* debugging (enabled) */
255 #else
256 static unsigned int in6ifa_debug; /* debugging (disabled) */
257 #endif /* !DEBUG */
258 static unsigned int in6ifa_size; /* size of zone element */
259 static struct zone *in6ifa_zone; /* zone for in6_ifaddr */
260
261 #define IN6IFA_ZONE_MAX 64 /* maximum elements in zone */
262 #define IN6IFA_ZONE_NAME "in6_ifaddr" /* zone name */
263
264 struct eventhandler_lists_ctxt in6_evhdlr_ctxt;
265 struct eventhandler_lists_ctxt in6_clat46_evhdlr_ctxt;
266 /*
267 * Subroutine for in6_ifaddloop() and in6_ifremloop().
268 * This routine does actual work.
269 */
270 static void
271 in6_ifloop_request(int cmd, struct ifaddr *ifa)
272 {
273 struct sockaddr_in6 all1_sa;
274 struct rtentry *nrt = NULL;
275 int e;
276
277 bzero(&all1_sa, sizeof (all1_sa));
278 all1_sa.sin6_family = AF_INET6;
279 all1_sa.sin6_len = sizeof (struct sockaddr_in6);
280 all1_sa.sin6_addr = in6mask128;
281
282 /*
283 * We specify the address itself as the gateway, and set the
284 * RTF_LLINFO flag, so that the corresponding host route would have
285 * the flag, and thus applications that assume traditional behavior
286 * would be happy. Note that we assume the caller of the function
287 * (probably implicitly) set nd6_rtrequest() to ifa->ifa_rtrequest,
288 * which changes the outgoing interface to the loopback interface.
289 * ifa_addr for INET6 is set once during init; no need to hold lock.
290 */
291 lck_mtx_lock(rnh_lock);
292 e = rtrequest_locked(cmd, ifa->ifa_addr, ifa->ifa_addr,
293 (struct sockaddr *)&all1_sa, RTF_UP|RTF_HOST|RTF_LLINFO, &nrt);
294 if (e != 0) {
295 log(LOG_ERR, "in6_ifloop_request: "
296 "%s operation failed for %s (errno=%d)\n",
297 cmd == RTM_ADD ? "ADD" : "DELETE",
298 ip6_sprintf(&((struct in6_ifaddr *)ifa)->ia_addr.sin6_addr),
299 e);
300 }
301
302 if (nrt != NULL)
303 RT_LOCK(nrt);
304 /*
305 * Make sure rt_ifa be equal to IFA, the second argument of the
306 * function.
307 * We need this because when we refer to rt_ifa->ia6_flags in
308 * ip6_input, we assume that the rt_ifa points to the address instead
309 * of the loopback address.
310 */
311 if (cmd == RTM_ADD && nrt && ifa != nrt->rt_ifa) {
312 rtsetifa(nrt, ifa);
313 }
314
315 /*
316 * Report the addition/removal of the address to the routing socket.
317 * XXX: since we called rtinit for a p2p interface with a destination,
318 * we end up reporting twice in such a case. Should we rather
319 * omit the second report?
320 */
321 if (nrt != NULL) {
322 rt_newaddrmsg(cmd, ifa, e, nrt);
323 if (cmd == RTM_DELETE) {
324 RT_UNLOCK(nrt);
325 rtfree_locked(nrt);
326 } else {
327 /* the cmd must be RTM_ADD here */
328 RT_REMREF_LOCKED(nrt);
329 RT_UNLOCK(nrt);
330 }
331 }
332 lck_mtx_unlock(rnh_lock);
333 }
334
335 /*
336 * Add ownaddr as loopback rtentry. We previously add the route only if
337 * necessary (ex. on a p2p link). However, since we now manage addresses
338 * separately from prefixes, we should always add the route. We can't
339 * rely on the cloning mechanism from the corresponding interface route
340 * any more.
341 */
342 static void
343 in6_ifaddloop(struct ifaddr *ifa)
344 {
345 struct rtentry *rt;
346
347 /*
348 * If there is no loopback entry, allocate one. ifa_addr for
349 * INET6 is set once during init; no need to hold lock.
350 */
351 rt = rtalloc1(ifa->ifa_addr, 0, 0);
352 if (rt != NULL)
353 RT_LOCK(rt);
354 if (rt == NULL || (rt->rt_flags & RTF_HOST) == 0 ||
355 (rt->rt_ifp->if_flags & IFF_LOOPBACK) == 0) {
356 if (rt != NULL) {
357 RT_REMREF_LOCKED(rt);
358 RT_UNLOCK(rt);
359 }
360 in6_ifloop_request(RTM_ADD, ifa);
361 } else if (rt != NULL) {
362 RT_REMREF_LOCKED(rt);
363 RT_UNLOCK(rt);
364 }
365 }
366
367 /*
368 * Remove loopback rtentry of ownaddr generated by in6_ifaddloop(),
369 * if it exists.
370 */
371 static void
372 in6_ifremloop(struct ifaddr *ifa)
373 {
374 struct in6_ifaddr *ia;
375 struct rtentry *rt;
376 int ia_count = 0;
377
378 /*
379 * Some of BSD variants do not remove cloned routes
380 * from an interface direct route, when removing the direct route
381 * (see comments in net/net_osdep.h). Even for variants that do remove
382 * cloned routes, they could fail to remove the cloned routes when
383 * we handle multple addresses that share a common prefix.
384 * So, we should remove the route corresponding to the deleted address
385 * regardless of the result of in6_is_ifloop_auto().
386 */
387
388 /*
389 * Delete the entry only if exact one ifa exists. More than one ifa
390 * can exist if we assign a same single address to multiple
391 * (probably p2p) interfaces.
392 * XXX: we should avoid such a configuration in IPv6...
393 */
394 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
395 for (ia = in6_ifaddrs; ia; ia = ia->ia_next) {
396 IFA_LOCK(&ia->ia_ifa);
397 if (IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &ia->ia_addr.sin6_addr)) {
398 ia_count++;
399 if (ia_count > 1) {
400 IFA_UNLOCK(&ia->ia_ifa);
401 break;
402 }
403 }
404 IFA_UNLOCK(&ia->ia_ifa);
405 }
406 lck_rw_done(&in6_ifaddr_rwlock);
407
408 if (ia_count == 1) {
409 /*
410 * Before deleting, check if a corresponding loopbacked host
411 * route surely exists. With this check, we can avoid to
412 * delete an interface direct route whose destination is same
413 * as the address being removed. This can happen when removing
414 * a subnet-router anycast address on an interface attahced
415 * to a shared medium. ifa_addr for INET6 is set once during
416 * init; no need to hold lock.
417 */
418 rt = rtalloc1(ifa->ifa_addr, 0, 0);
419 if (rt != NULL) {
420 RT_LOCK(rt);
421 if ((rt->rt_flags & RTF_HOST) != 0 &&
422 (rt->rt_ifp->if_flags & IFF_LOOPBACK) != 0) {
423 RT_REMREF_LOCKED(rt);
424 RT_UNLOCK(rt);
425 in6_ifloop_request(RTM_DELETE, ifa);
426 } else {
427 RT_UNLOCK(rt);
428 }
429 }
430 }
431 }
432
433
434 int
435 in6_mask2len(struct in6_addr *mask, u_char *lim0)
436 {
437 int x = 0, y;
438 u_char *lim = lim0, *p;
439
440 /* ignore the scope_id part */
441 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof (*mask))
442 lim = (u_char *)mask + sizeof (*mask);
443 for (p = (u_char *)mask; p < lim; x++, p++) {
444 if (*p != 0xff)
445 break;
446 }
447 y = 0;
448 if (p < lim) {
449 for (y = 0; y < 8; y++) {
450 if ((*p & (0x80 >> y)) == 0)
451 break;
452 }
453 }
454
455 /*
456 * when the limit pointer is given, do a stricter check on the
457 * remaining bits.
458 */
459 if (p < lim) {
460 if (y != 0 && (*p & (0x00ff >> y)) != 0)
461 return (-1);
462 for (p = p + 1; p < lim; p++)
463 if (*p != 0)
464 return (-1);
465 }
466
467 return (x * 8 + y);
468 }
469
470 void
471 in6_len2mask(struct in6_addr *mask, int len)
472 {
473 int i;
474
475 bzero(mask, sizeof (*mask));
476 for (i = 0; i < len / 8; i++)
477 mask->s6_addr8[i] = 0xff;
478 if (len % 8)
479 mask->s6_addr8[i] = (0xff00 >> (len % 8)) & 0xff;
480 }
481
482 void
483 in6_aliasreq_64_to_32(struct in6_aliasreq_64 *src, struct in6_aliasreq_32 *dst)
484 {
485 bzero(dst, sizeof (*dst));
486 bcopy(src->ifra_name, dst->ifra_name, sizeof (dst->ifra_name));
487 dst->ifra_addr = src->ifra_addr;
488 dst->ifra_dstaddr = src->ifra_dstaddr;
489 dst->ifra_prefixmask = src->ifra_prefixmask;
490 dst->ifra_flags = src->ifra_flags;
491 dst->ifra_lifetime.ia6t_expire = src->ifra_lifetime.ia6t_expire;
492 dst->ifra_lifetime.ia6t_preferred = src->ifra_lifetime.ia6t_preferred;
493 dst->ifra_lifetime.ia6t_vltime = src->ifra_lifetime.ia6t_vltime;
494 dst->ifra_lifetime.ia6t_pltime = src->ifra_lifetime.ia6t_pltime;
495 }
496
497 void
498 in6_aliasreq_32_to_64(struct in6_aliasreq_32 *src, struct in6_aliasreq_64 *dst)
499 {
500 bzero(dst, sizeof (*dst));
501 bcopy(src->ifra_name, dst->ifra_name, sizeof (dst->ifra_name));
502 dst->ifra_addr = src->ifra_addr;
503 dst->ifra_dstaddr = src->ifra_dstaddr;
504 dst->ifra_prefixmask = src->ifra_prefixmask;
505 dst->ifra_flags = src->ifra_flags;
506 dst->ifra_lifetime.ia6t_expire = src->ifra_lifetime.ia6t_expire;
507 dst->ifra_lifetime.ia6t_preferred = src->ifra_lifetime.ia6t_preferred;
508 dst->ifra_lifetime.ia6t_vltime = src->ifra_lifetime.ia6t_vltime;
509 dst->ifra_lifetime.ia6t_pltime = src->ifra_lifetime.ia6t_pltime;
510 }
511
512 #if defined(__LP64__)
513 void
514 in6_cgareq_32_to_64(struct in6_cgareq_32 *src,
515 struct in6_cgareq_64 *dst)
516 {
517 bzero(dst, sizeof (*dst));
518 bcopy(src->cgar_name, dst->cgar_name, sizeof (dst->cgar_name));
519 dst->cgar_flags = src->cgar_flags;
520 bcopy(src->cgar_cgaprep.cga_modifier.octets,
521 dst->cgar_cgaprep.cga_modifier.octets,
522 sizeof (dst->cgar_cgaprep.cga_modifier.octets));
523 dst->cgar_cgaprep.cga_security_level =
524 src->cgar_cgaprep.cga_security_level;
525 dst->cgar_lifetime.ia6t_expire = src->cgar_lifetime.ia6t_expire;
526 dst->cgar_lifetime.ia6t_preferred = src->cgar_lifetime.ia6t_preferred;
527 dst->cgar_lifetime.ia6t_vltime = src->cgar_lifetime.ia6t_vltime;
528 dst->cgar_lifetime.ia6t_pltime = src->cgar_lifetime.ia6t_pltime;
529 }
530 #endif
531
532 #if !defined(__LP64__)
533 void
534 in6_cgareq_64_to_32(struct in6_cgareq_64 *src,
535 struct in6_cgareq_32 *dst)
536 {
537 bzero(dst, sizeof (*dst));
538 bcopy(src->cgar_name, dst->cgar_name, sizeof (dst->cgar_name));
539 dst->cgar_flags = src->cgar_flags;
540 bcopy(src->cgar_cgaprep.cga_modifier.octets,
541 dst->cgar_cgaprep.cga_modifier.octets,
542 sizeof (dst->cgar_cgaprep.cga_modifier.octets));
543 dst->cgar_cgaprep.cga_security_level =
544 src->cgar_cgaprep.cga_security_level;
545 dst->cgar_lifetime.ia6t_expire = src->cgar_lifetime.ia6t_expire;
546 dst->cgar_lifetime.ia6t_preferred = src->cgar_lifetime.ia6t_preferred;
547 dst->cgar_lifetime.ia6t_vltime = src->cgar_lifetime.ia6t_vltime;
548 dst->cgar_lifetime.ia6t_pltime = src->cgar_lifetime.ia6t_pltime;
549 }
550 #endif
551
552 static struct in6_aliasreq *
553 in6_aliasreq_to_native(void *data, int data_is_64, struct in6_aliasreq *dst)
554 {
555 #if defined(__LP64__)
556 if (data_is_64)
557 bcopy(data, dst, sizeof (*dst));
558 else
559 in6_aliasreq_32_to_64((struct in6_aliasreq_32 *)data,
560 (struct in6_aliasreq_64 *)dst);
561 #else
562 if (data_is_64)
563 in6_aliasreq_64_to_32((struct in6_aliasreq_64 *)data,
564 (struct in6_aliasreq_32 *)dst);
565 else
566 bcopy(data, dst, sizeof (*dst));
567 #endif /* __LP64__ */
568 return (dst);
569 }
570
571 static struct in6_cgareq *
572 in6_cgareq_to_native(void *data, int is64, struct in6_cgareq *dst)
573 {
574 #if defined(__LP64__)
575 if (is64)
576 bcopy(data, dst, sizeof (*dst));
577 else
578 in6_cgareq_32_to_64((struct in6_cgareq_32 *)data,
579 (struct in6_cgareq_64 *)dst);
580 #else
581 if (is64)
582 in6_cgareq_64_to_32((struct in6_cgareq_64 *)data,
583 (struct in6_cgareq_32 *)dst);
584 else
585 bcopy(data, dst, sizeof (*dst));
586 #endif /* __LP64__ */
587 return (dst);
588 }
589
590 static __attribute__((noinline)) int
591 in6ctl_associd(struct socket *so, u_long cmd, caddr_t data)
592 {
593 int error = 0;
594 union {
595 struct so_aidreq32 a32;
596 struct so_aidreq64 a64;
597 } u;
598
599 VERIFY(so != NULL);
600
601 switch (cmd) {
602 case SIOCGASSOCIDS32: { /* struct so_aidreq32 */
603 bcopy(data, &u.a32, sizeof (u.a32));
604 error = in6_getassocids(so, &u.a32.sar_cnt, u.a32.sar_aidp);
605 if (error == 0)
606 bcopy(&u.a32, data, sizeof (u.a32));
607 break;
608 }
609
610 case SIOCGASSOCIDS64: { /* struct so_aidreq64 */
611 bcopy(data, &u.a64, sizeof (u.a64));
612 error = in6_getassocids(so, &u.a64.sar_cnt, u.a64.sar_aidp);
613 if (error == 0)
614 bcopy(&u.a64, data, sizeof (u.a64));
615 break;
616 }
617
618 default:
619 VERIFY(0);
620 /* NOTREACHED */
621 }
622
623 return (error);
624 }
625
626 static __attribute__((noinline)) int
627 in6ctl_connid(struct socket *so, u_long cmd, caddr_t data)
628 {
629 int error = 0;
630 union {
631 struct so_cidreq32 c32;
632 struct so_cidreq64 c64;
633 } u;
634
635 VERIFY(so != NULL);
636
637 switch (cmd) {
638 case SIOCGCONNIDS32: { /* struct so_cidreq32 */
639 bcopy(data, &u.c32, sizeof (u.c32));
640 error = in6_getconnids(so, u.c32.scr_aid, &u.c32.scr_cnt,
641 u.c32.scr_cidp);
642 if (error == 0)
643 bcopy(&u.c32, data, sizeof (u.c32));
644 break;
645 }
646
647 case SIOCGCONNIDS64: { /* struct so_cidreq64 */
648 bcopy(data, &u.c64, sizeof (u.c64));
649 error = in6_getconnids(so, u.c64.scr_aid, &u.c64.scr_cnt,
650 u.c64.scr_cidp);
651 if (error == 0)
652 bcopy(&u.c64, data, sizeof (u.c64));
653 break;
654 }
655
656 default:
657 VERIFY(0);
658 /* NOTREACHED */
659 }
660
661 return (error);
662 }
663
664 static __attribute__((noinline)) int
665 in6ctl_conninfo(struct socket *so, u_long cmd, caddr_t data)
666 {
667 int error = 0;
668 union {
669 struct so_cinforeq32 ci32;
670 struct so_cinforeq64 ci64;
671 } u;
672
673 VERIFY(so != NULL);
674
675 switch (cmd) {
676 case SIOCGCONNINFO32: { /* struct so_cinforeq32 */
677 bcopy(data, &u.ci32, sizeof (u.ci32));
678 error = in6_getconninfo(so, u.ci32.scir_cid, &u.ci32.scir_flags,
679 &u.ci32.scir_ifindex, &u.ci32.scir_error, u.ci32.scir_src,
680 &u.ci32.scir_src_len, u.ci32.scir_dst, &u.ci32.scir_dst_len,
681 &u.ci32.scir_aux_type, u.ci32.scir_aux_data,
682 &u.ci32.scir_aux_len);
683 if (error == 0)
684 bcopy(&u.ci32, data, sizeof (u.ci32));
685 break;
686 }
687
688 case SIOCGCONNINFO64: { /* struct so_cinforeq64 */
689 bcopy(data, &u.ci64, sizeof (u.ci64));
690 error = in6_getconninfo(so, u.ci64.scir_cid, &u.ci64.scir_flags,
691 &u.ci64.scir_ifindex, &u.ci64.scir_error, u.ci64.scir_src,
692 &u.ci64.scir_src_len, u.ci64.scir_dst, &u.ci64.scir_dst_len,
693 &u.ci64.scir_aux_type, u.ci64.scir_aux_data,
694 &u.ci64.scir_aux_len);
695 if (error == 0)
696 bcopy(&u.ci64, data, sizeof (u.ci64));
697 break;
698 }
699
700 default:
701 VERIFY(0);
702 /* NOTREACHED */
703 }
704
705 return (error);
706 }
707
708 static __attribute__((noinline)) int
709 in6ctl_llstart(struct ifnet *ifp, u_long cmd, caddr_t data)
710 {
711 struct in6_aliasreq sifra, *ifra = NULL;
712 boolean_t is64;
713 int error = 0;
714
715 VERIFY(ifp != NULL);
716
717 switch (cmd) {
718 case SIOCLL_START_32: /* struct in6_aliasreq_32 */
719 case SIOCLL_START_64: /* struct in6_aliasreq_64 */
720 is64 = (cmd == SIOCLL_START_64);
721 /*
722 * Convert user ifra to the kernel form, when appropriate.
723 * This allows the conversion between different data models
724 * to be centralized, so that it can be passed around to other
725 * routines that are expecting the kernel form.
726 */
727 ifra = in6_aliasreq_to_native(data, is64, &sifra);
728
729 /*
730 * NOTE: All the interface specific DLIL attachements should
731 * be done here. They are currently done in in6_ifattach_aux()
732 * for the interfaces that need it.
733 */
734 if (ifra->ifra_addr.sin6_family == AF_INET6 &&
735 /* Only check ifra_dstaddr if valid */
736 (ifra->ifra_dstaddr.sin6_len == 0 ||
737 ifra->ifra_dstaddr.sin6_family == AF_INET6)) {
738 /* some interfaces may provide LinkLocal addresses */
739 error = in6_ifattach_aliasreq(ifp, NULL, ifra);
740 } else {
741 error = in6_ifattach_aliasreq(ifp, NULL, NULL);
742 }
743 if (error == 0)
744 in6_if_up_dad_start(ifp);
745 break;
746
747 default:
748 VERIFY(0);
749 /* NOTREACHED */
750 }
751
752 return (error);
753 }
754
755 static __attribute__((noinline)) int
756 in6ctl_llstop(struct ifnet *ifp)
757 {
758 struct in6_ifaddr *ia;
759 struct nd_prefix pr0, *pr;
760
761 VERIFY(ifp != NULL);
762
763 /* Remove link local addresses from interface */
764 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
765 ia = in6_ifaddrs;
766 while (ia != NULL) {
767 if (ia->ia_ifa.ifa_ifp != ifp) {
768 ia = ia->ia_next;
769 continue;
770 }
771 IFA_LOCK(&ia->ia_ifa);
772 if (IN6_IS_ADDR_LINKLOCAL(&ia->ia_addr.sin6_addr)) {
773 IFA_ADDREF_LOCKED(&ia->ia_ifa); /* for us */
774 IFA_UNLOCK(&ia->ia_ifa);
775 lck_rw_done(&in6_ifaddr_rwlock);
776 in6_purgeaddr(&ia->ia_ifa);
777 IFA_REMREF(&ia->ia_ifa); /* for us */
778 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
779 /*
780 * Purging the address caused in6_ifaddr_rwlock
781 * to be dropped and reacquired;
782 * therefore search again from the beginning
783 * of in6_ifaddrs list.
784 */
785 ia = in6_ifaddrs;
786 continue;
787 }
788 IFA_UNLOCK(&ia->ia_ifa);
789 ia = ia->ia_next;
790 }
791 lck_rw_done(&in6_ifaddr_rwlock);
792
793 /* Delete the link local prefix */
794 bzero(&pr0, sizeof(pr0));
795 pr0.ndpr_plen = 64;
796 pr0.ndpr_ifp = ifp;
797 pr0.ndpr_prefix.sin6_addr.s6_addr16[0] = IPV6_ADDR_INT16_ULL;
798 in6_setscope(&pr0.ndpr_prefix.sin6_addr, ifp, NULL);
799 pr = nd6_prefix_lookup(&pr0, ND6_PREFIX_EXPIRY_UNSPEC);
800 if (pr) {
801 lck_mtx_lock(nd6_mutex);
802 NDPR_LOCK(pr);
803 prelist_remove(pr);
804 NDPR_UNLOCK(pr);
805 NDPR_REMREF(pr); /* Drop the reference from lookup */
806 lck_mtx_unlock(nd6_mutex);
807 }
808
809 return (0);
810 }
811
812 /*
813 * This routine configures secure link local address
814 */
815 static __attribute__((noinline)) int
816 in6ctl_cgastart(struct ifnet *ifp, u_long cmd, caddr_t data)
817 {
818 struct in6_cgareq llcgasr;
819 int is64, error = 0;
820
821 VERIFY(ifp != NULL);
822
823 switch (cmd) {
824 case SIOCLL_CGASTART_32: /* struct in6_cgareq_32 */
825 case SIOCLL_CGASTART_64: /* struct in6_cgareq_64 */
826 is64 = (cmd == SIOCLL_CGASTART_64);
827 /*
828 * Convert user cgareq to the kernel form, when appropriate.
829 * This allows the conversion between different data models
830 * to be centralized, so that it can be passed around to other
831 * routines that are expecting the kernel form.
832 */
833 in6_cgareq_to_native(data, is64, &llcgasr);
834
835 /*
836 * NOTE: All the interface specific DLIL attachements
837 * should be done here. They are currently done in
838 * in6_ifattach_cgareq() for the interfaces that
839 * need it.
840 */
841 error = in6_ifattach_llcgareq(ifp, &llcgasr);
842 if (error == 0)
843 in6_if_up_dad_start(ifp);
844 break;
845
846 default:
847 VERIFY(0);
848 /* NOTREACHED */
849 }
850
851 return (error);
852 }
853
854 /*
855 * Caller passes in the ioctl data pointer directly via "ifr", with the
856 * expectation that this routine always uses bcopy() or other byte-aligned
857 * memory accesses.
858 */
859 static __attribute__((noinline)) int
860 in6ctl_gifaddr(struct ifnet *ifp, struct in6_ifaddr *ia, u_long cmd,
861 struct in6_ifreq *ifr)
862 {
863 struct sockaddr_in6 addr;
864 int error = 0;
865
866 VERIFY(ifp != NULL);
867
868 if (ia == NULL)
869 return (EADDRNOTAVAIL);
870
871 switch (cmd) {
872 case SIOCGIFADDR_IN6: /* struct in6_ifreq */
873 IFA_LOCK(&ia->ia_ifa);
874 bcopy(&ia->ia_addr, &addr, sizeof (addr));
875 IFA_UNLOCK(&ia->ia_ifa);
876 if ((error = sa6_recoverscope(&addr, TRUE)) != 0)
877 break;
878 bcopy(&addr, &ifr->ifr_addr, sizeof (addr));
879 break;
880
881 case SIOCGIFDSTADDR_IN6: /* struct in6_ifreq */
882 if (!(ifp->if_flags & IFF_POINTOPOINT)) {
883 error = EINVAL;
884 break;
885 }
886 /*
887 * XXX: should we check if ifa_dstaddr is NULL and return
888 * an error?
889 */
890 IFA_LOCK(&ia->ia_ifa);
891 bcopy(&ia->ia_dstaddr, &addr, sizeof (addr));
892 IFA_UNLOCK(&ia->ia_ifa);
893 if ((error = sa6_recoverscope(&addr, TRUE)) != 0)
894 break;
895 bcopy(&addr, &ifr->ifr_dstaddr, sizeof (addr));
896 break;
897
898 default:
899 VERIFY(0);
900 /* NOTREACHED */
901 }
902
903 return (error);
904 }
905
906 /*
907 * Caller passes in the ioctl data pointer directly via "ifr", with the
908 * expectation that this routine always uses bcopy() or other byte-aligned
909 * memory accesses.
910 */
911 static __attribute__((noinline)) int
912 in6ctl_gifstat(struct ifnet *ifp, u_long cmd, struct in6_ifreq *ifr)
913 {
914 int error = 0, index;
915
916 VERIFY(ifp != NULL);
917 index = ifp->if_index;
918
919 switch (cmd) {
920 case SIOCGIFSTAT_IN6: /* struct in6_ifreq */
921 /* N.B.: if_inet6data is never freed once set. */
922 if (IN6_IFEXTRA(ifp) == NULL) {
923 /* return (EAFNOSUPPORT)? */
924 bzero(&ifr->ifr_ifru.ifru_stat,
925 sizeof (ifr->ifr_ifru.ifru_stat));
926 } else {
927 bcopy(&IN6_IFEXTRA(ifp)->in6_ifstat,
928 &ifr->ifr_ifru.ifru_stat,
929 sizeof (ifr->ifr_ifru.ifru_stat));
930 }
931 break;
932
933 case SIOCGIFSTAT_ICMP6: /* struct in6_ifreq */
934 /* N.B.: if_inet6data is never freed once set. */
935 if (IN6_IFEXTRA(ifp) == NULL) {
936 /* return (EAFNOSUPPORT)? */
937 bzero(&ifr->ifr_ifru.ifru_icmp6stat,
938 sizeof (ifr->ifr_ifru.ifru_icmp6stat));
939 } else {
940 bcopy(&IN6_IFEXTRA(ifp)->icmp6_ifstat,
941 &ifr->ifr_ifru.ifru_icmp6stat,
942 sizeof (ifr->ifr_ifru.ifru_icmp6stat));
943 }
944 break;
945
946 default:
947 VERIFY(0);
948 /* NOTREACHED */
949 }
950
951 return (error);
952 }
953
954 /*
955 * Caller passes in the ioctl data pointer directly via "ifr", with the
956 * expectation that this routine always uses bcopy() or other byte-aligned
957 * memory accesses.
958 */
959 static __attribute__((noinline)) int
960 in6ctl_alifetime(struct in6_ifaddr *ia, u_long cmd, struct in6_ifreq *ifr,
961 boolean_t p64)
962 {
963 uint64_t timenow = net_uptime();
964 struct in6_addrlifetime ia6_lt;
965 struct timeval caltime;
966 int error = 0;
967
968 if (ia == NULL)
969 return (EADDRNOTAVAIL);
970
971 switch (cmd) {
972 case SIOCGIFALIFETIME_IN6: /* struct in6_ifreq */
973 IFA_LOCK(&ia->ia_ifa);
974 /* retrieve time as calendar time (last arg is 1) */
975 in6ifa_getlifetime(ia, &ia6_lt, 1);
976 if (p64) {
977 struct in6_addrlifetime_64 lt;
978
979 bzero(&lt, sizeof (lt));
980 lt.ia6t_expire = ia6_lt.ia6t_expire;
981 lt.ia6t_preferred = ia6_lt.ia6t_preferred;
982 lt.ia6t_vltime = ia6_lt.ia6t_vltime;
983 lt.ia6t_pltime = ia6_lt.ia6t_pltime;
984 bcopy(&lt, &ifr->ifr_ifru.ifru_lifetime, sizeof (lt));
985 } else {
986 struct in6_addrlifetime_32 lt;
987
988 bzero(&lt, sizeof (lt));
989 lt.ia6t_expire = (uint32_t)ia6_lt.ia6t_expire;
990 lt.ia6t_preferred = (uint32_t)ia6_lt.ia6t_preferred;
991 lt.ia6t_vltime = (uint32_t)ia6_lt.ia6t_vltime;
992 lt.ia6t_pltime = (uint32_t)ia6_lt.ia6t_pltime;
993 bcopy(&lt, &ifr->ifr_ifru.ifru_lifetime, sizeof (lt));
994 }
995 IFA_UNLOCK(&ia->ia_ifa);
996 break;
997
998 case SIOCSIFALIFETIME_IN6: /* struct in6_ifreq */
999 getmicrotime(&caltime);
1000
1001 /* sanity for overflow - beware unsigned */
1002 if (p64) {
1003 struct in6_addrlifetime_64 lt;
1004
1005 bcopy(&ifr->ifr_ifru.ifru_lifetime, &lt, sizeof (lt));
1006 if (lt.ia6t_vltime != ND6_INFINITE_LIFETIME &&
1007 lt.ia6t_vltime + caltime.tv_sec < caltime.tv_sec) {
1008 error = EINVAL;
1009 break;
1010 }
1011 if (lt.ia6t_pltime != ND6_INFINITE_LIFETIME &&
1012 lt.ia6t_pltime + caltime.tv_sec < caltime.tv_sec) {
1013 error = EINVAL;
1014 break;
1015 }
1016 } else {
1017 struct in6_addrlifetime_32 lt;
1018
1019 bcopy(&ifr->ifr_ifru.ifru_lifetime, &lt, sizeof (lt));
1020 if (lt.ia6t_vltime != ND6_INFINITE_LIFETIME &&
1021 lt.ia6t_vltime + caltime.tv_sec < caltime.tv_sec) {
1022 error = EINVAL;
1023 break;
1024 }
1025 if (lt.ia6t_pltime != ND6_INFINITE_LIFETIME &&
1026 lt.ia6t_pltime + caltime.tv_sec < caltime.tv_sec) {
1027 error = EINVAL;
1028 break;
1029 }
1030 }
1031
1032 IFA_LOCK(&ia->ia_ifa);
1033 if (p64) {
1034 struct in6_addrlifetime_64 lt;
1035
1036 bcopy(&ifr->ifr_ifru.ifru_lifetime, &lt, sizeof (lt));
1037 ia6_lt.ia6t_expire = lt.ia6t_expire;
1038 ia6_lt.ia6t_preferred = lt.ia6t_preferred;
1039 ia6_lt.ia6t_vltime = lt.ia6t_vltime;
1040 ia6_lt.ia6t_pltime = lt.ia6t_pltime;
1041 } else {
1042 struct in6_addrlifetime_32 lt;
1043
1044 bcopy(&ifr->ifr_ifru.ifru_lifetime, &lt, sizeof (lt));
1045 ia6_lt.ia6t_expire = (uint32_t)lt.ia6t_expire;
1046 ia6_lt.ia6t_preferred = (uint32_t)lt.ia6t_preferred;
1047 ia6_lt.ia6t_vltime = lt.ia6t_vltime;
1048 ia6_lt.ia6t_pltime = lt.ia6t_pltime;
1049 }
1050 /* for sanity */
1051 if (ia6_lt.ia6t_vltime != ND6_INFINITE_LIFETIME)
1052 ia6_lt.ia6t_expire = timenow + ia6_lt.ia6t_vltime;
1053 else
1054 ia6_lt.ia6t_expire = 0;
1055
1056 if (ia6_lt.ia6t_pltime != ND6_INFINITE_LIFETIME)
1057 ia6_lt.ia6t_preferred = timenow + ia6_lt.ia6t_pltime;
1058 else
1059 ia6_lt.ia6t_preferred = 0;
1060
1061 in6ifa_setlifetime(ia, &ia6_lt);
1062 IFA_UNLOCK(&ia->ia_ifa);
1063 break;
1064
1065 default:
1066 VERIFY(0);
1067 /* NOTREACHED */
1068 }
1069
1070 return (error);
1071 }
1072
1073 static int
1074 in6ctl_clat46start(struct ifnet *ifp)
1075 {
1076 struct nd_prefix *pr = NULL;
1077 struct nd_prefix *next = NULL;
1078 struct in6_ifaddr *ia6 = NULL;
1079 int error = 0;
1080
1081 if (ifp == lo_ifp)
1082 return (EINVAL);
1083 /*
1084 * Traverse the list of prefixes and find the first non-linklocal
1085 * prefix on the interface.
1086 * For that found eligible prefix, configure a CLAT46 reserved address.
1087 */
1088 lck_mtx_lock(nd6_mutex);
1089 for (pr = nd_prefix.lh_first; pr; pr = next) {
1090 next = pr->ndpr_next;
1091
1092 NDPR_LOCK(pr);
1093 if (pr->ndpr_ifp != ifp) {
1094 NDPR_UNLOCK(pr);
1095 continue;
1096 }
1097
1098 if (IN6_IS_ADDR_LINKLOCAL(&pr->ndpr_prefix.sin6_addr)) {
1099 NDPR_UNLOCK(pr);
1100 continue; /* XXX */
1101 }
1102
1103 if (pr->ndpr_raf_auto == 0) {
1104 NDPR_UNLOCK(pr);
1105 continue;
1106 }
1107
1108 if (pr->ndpr_stateflags & NDPRF_DEFUNCT) {
1109 NDPR_UNLOCK(pr);
1110 continue;
1111 }
1112
1113 if ((pr->ndpr_stateflags & NDPRF_CLAT46) == 0
1114 && pr->ndpr_vltime != 0) {
1115 NDPR_ADDREF_LOCKED(pr); /* Take reference for rest of the processing */
1116 NDPR_UNLOCK(pr);
1117 break;
1118 } else {
1119 NDPR_UNLOCK(pr);
1120 continue;
1121 }
1122 }
1123 lck_mtx_unlock(nd6_mutex);
1124
1125 if (pr != NULL) {
1126 if ((ia6 = in6_pfx_newpersistaddr(pr, FALSE, &error, TRUE)) == NULL) {
1127 nd6log0((LOG_ERR, "Could not configure CLAT46 address on interface "
1128 "%s.\n", ifp->if_xname));
1129 } else {
1130 IFA_LOCK(&ia6->ia_ifa);
1131 NDPR_LOCK(pr);
1132 ia6->ia6_ndpr = pr;
1133 NDPR_ADDREF_LOCKED(pr); /* for addr reference */
1134 pr->ndpr_stateflags |= NDPRF_CLAT46;
1135 pr->ndpr_addrcnt++;
1136 VERIFY(pr->ndpr_addrcnt != 0);
1137 NDPR_UNLOCK(pr);
1138 IFA_UNLOCK(&ia6->ia_ifa);
1139 IFA_REMREF(&ia6->ia_ifa);
1140 ia6 = NULL;
1141 /*
1142 * A newly added address might affect the status
1143 * of other addresses, so we check and update it.
1144 * XXX: what if address duplication happens?
1145 */
1146 lck_mtx_lock(nd6_mutex);
1147 pfxlist_onlink_check();
1148 lck_mtx_unlock(nd6_mutex);
1149 }
1150 NDPR_REMREF(pr);
1151 }
1152 return (error);
1153 }
1154
1155 #define ifa2ia6(ifa) ((struct in6_ifaddr *)(void *)(ifa))
1156
1157 /*
1158 * Generic INET6 control operations (ioctl's).
1159 *
1160 * ifp is NULL if not an interface-specific ioctl.
1161 *
1162 * Most of the routines called to handle the ioctls would end up being
1163 * tail-call optimized, which unfortunately causes this routine to
1164 * consume too much stack space; this is the reason for the "noinline"
1165 * attribute used on those routines.
1166 *
1167 * If called directly from within the networking stack (as opposed to via
1168 * pru_control), the socket parameter may be NULL.
1169 */
1170 int
1171 in6_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp,
1172 struct proc *p)
1173 {
1174 struct in6_ifreq *ifr = (struct in6_ifreq *)(void *)data;
1175 struct in6_aliasreq sifra, *ifra = NULL;
1176 struct in6_ifaddr *ia = NULL;
1177 struct sockaddr_in6 sin6, *sa6 = NULL;
1178 boolean_t privileged = (proc_suser(p) == 0);
1179 boolean_t p64 = proc_is64bit(p);
1180 boolean_t so_unlocked = FALSE;
1181 int intval, error = 0;
1182
1183 /* In case it's NULL, make sure it came from the kernel */
1184 VERIFY(so != NULL || p == kernproc);
1185
1186 /*
1187 * ioctls which don't require ifp, may require socket.
1188 */
1189 switch (cmd) {
1190 case SIOCAADDRCTL_POLICY: /* struct in6_addrpolicy */
1191 case SIOCDADDRCTL_POLICY: /* struct in6_addrpolicy */
1192 if (!privileged)
1193 return (EPERM);
1194 return (in6_src_ioctl(cmd, data));
1195 /* NOTREACHED */
1196
1197 case SIOCDRADD_IN6_32: /* struct in6_defrouter_32 */
1198 case SIOCDRADD_IN6_64: /* struct in6_defrouter_64 */
1199 case SIOCDRDEL_IN6_32: /* struct in6_defrouter_32 */
1200 case SIOCDRDEL_IN6_64: /* struct in6_defrouter_64 */
1201 if (!privileged)
1202 return (EPERM);
1203 return (defrtrlist_ioctl(cmd, data));
1204 /* NOTREACHED */
1205
1206 case SIOCGASSOCIDS32: /* struct so_aidreq32 */
1207 case SIOCGASSOCIDS64: /* struct so_aidreq64 */
1208 return (in6ctl_associd(so, cmd, data));
1209 /* NOTREACHED */
1210
1211 case SIOCGCONNIDS32: /* struct so_cidreq32 */
1212 case SIOCGCONNIDS64: /* struct so_cidreq64 */
1213 return (in6ctl_connid(so, cmd, data));
1214 /* NOTREACHED */
1215
1216 case SIOCGCONNINFO32: /* struct so_cinforeq32 */
1217 case SIOCGCONNINFO64: /* struct so_cinforeq64 */
1218 return (in6ctl_conninfo(so, cmd, data));
1219 /* NOTREACHED */
1220 }
1221
1222 /*
1223 * The rest of ioctls require ifp; reject if we don't have one;
1224 * return ENXIO to be consistent with ifioctl().
1225 */
1226 if (ifp == NULL)
1227 return (ENXIO);
1228
1229 /*
1230 * Unlock the socket since ifnet_ioctl() may be invoked by
1231 * one of the ioctl handlers below. Socket will be re-locked
1232 * prior to returning.
1233 */
1234 if (so != NULL) {
1235 socket_unlock(so, 0);
1236 so_unlocked = TRUE;
1237 }
1238
1239 /*
1240 * ioctls which require ifp but not interface address.
1241 */
1242 switch (cmd) {
1243 case SIOCAUTOCONF_START: /* struct in6_ifreq */
1244 if (!privileged) {
1245 error = EPERM;
1246 goto done;
1247 }
1248 error = in6_autoconf(ifp, TRUE);
1249 goto done;
1250
1251 case SIOCAUTOCONF_STOP: /* struct in6_ifreq */
1252 if (!privileged) {
1253 error = EPERM;
1254 goto done;
1255 }
1256 error = in6_autoconf(ifp, FALSE);
1257 goto done;
1258
1259 case SIOCLL_START_32: /* struct in6_aliasreq_32 */
1260 case SIOCLL_START_64: /* struct in6_aliasreq_64 */
1261 if (!privileged) {
1262 error = EPERM;
1263 goto done;
1264 }
1265 error = in6ctl_llstart(ifp, cmd, data);
1266 goto done;
1267
1268 case SIOCLL_STOP: /* struct in6_ifreq */
1269 if (!privileged) {
1270 error = EPERM;
1271 goto done;
1272 }
1273 error = in6ctl_llstop(ifp);
1274 goto done;
1275
1276 case SIOCCLAT46_START: /* struct in6_ifreq */
1277 if (!privileged) {
1278 error = EPERM;
1279 goto done;
1280 }
1281 error = in6ctl_clat46start(ifp);
1282 if (error == 0)
1283 ifp->if_eflags |= IFEF_CLAT46;
1284 goto done;
1285
1286 case SIOCCLAT46_STOP: /* struct in6_ifreq */
1287 if (!privileged) {
1288 error = EPERM;
1289 goto done;
1290 }
1291
1292 /*
1293 * Not much to be done here and it might not be needed
1294 * It would usually be done when IPv6 configuration is being
1295 * flushed.
1296 * XXX Probably STOP equivalent is not needed here.
1297 */
1298 ifp->if_eflags &= ~IFEF_CLAT46;
1299 goto done;
1300 case SIOCSETROUTERMODE_IN6: /* struct in6_ifreq */
1301 if (!privileged) {
1302 error = EPERM;
1303 goto done;
1304 }
1305 bcopy(&((struct in6_ifreq *)(void *)data)->ifr_intval,
1306 &intval, sizeof (intval));
1307
1308 error = in6_setrouter(ifp, intval);
1309 goto done;
1310
1311 case SIOCPROTOATTACH_IN6_32: /* struct in6_aliasreq_32 */
1312 case SIOCPROTOATTACH_IN6_64: /* struct in6_aliasreq_64 */
1313 if (!privileged) {
1314 error = EPERM;
1315 goto done;
1316 }
1317 error = in6_domifattach(ifp);
1318 goto done;
1319
1320 case SIOCPROTODETACH_IN6: /* struct in6_ifreq */
1321 if (!privileged) {
1322 error = EPERM;
1323 goto done;
1324 }
1325 /* Cleanup interface routes and addresses */
1326 in6_purgeif(ifp);
1327
1328 if ((error = proto_unplumb(PF_INET6, ifp)))
1329 log(LOG_ERR, "SIOCPROTODETACH_IN6: %s error=%d\n",
1330 if_name(ifp), error);
1331 goto done;
1332
1333 case SIOCSNDFLUSH_IN6: /* struct in6_ifreq */
1334 case SIOCSPFXFLUSH_IN6: /* struct in6_ifreq */
1335 case SIOCSRTRFLUSH_IN6: /* struct in6_ifreq */
1336 case SIOCSDEFIFACE_IN6_32: /* struct in6_ndifreq_32 */
1337 case SIOCSDEFIFACE_IN6_64: /* struct in6_ndifreq_64 */
1338 case SIOCSIFINFO_FLAGS: /* struct in6_ndireq */
1339 case SIOCGIFCGAPREP_IN6: /* struct in6_ifreq */
1340 case SIOCSIFCGAPREP_IN6: /* struct in6_ifreq */
1341 if (!privileged) {
1342 error = EPERM;
1343 goto done;
1344 }
1345 /* FALLTHRU */
1346 case OSIOCGIFINFO_IN6: /* struct in6_ondireq */
1347 case SIOCGIFINFO_IN6: /* struct in6_ondireq */
1348 case SIOCGDRLST_IN6_32: /* struct in6_drlist_32 */
1349 case SIOCGDRLST_IN6_64: /* struct in6_drlist_64 */
1350 case SIOCGPRLST_IN6_32: /* struct in6_prlist_32 */
1351 case SIOCGPRLST_IN6_64: /* struct in6_prlist_64 */
1352 case SIOCGNBRINFO_IN6_32: /* struct in6_nbrinfo_32 */
1353 case SIOCGNBRINFO_IN6_64: /* struct in6_nbrinfo_64 */
1354 case SIOCGDEFIFACE_IN6_32: /* struct in6_ndifreq_32 */
1355 case SIOCGDEFIFACE_IN6_64: /* struct in6_ndifreq_64 */
1356 error = nd6_ioctl(cmd, data, ifp);
1357 goto done;
1358
1359 case SIOCSIFPREFIX_IN6: /* struct in6_prefixreq (deprecated) */
1360 case SIOCDIFPREFIX_IN6: /* struct in6_prefixreq (deprecated) */
1361 case SIOCAIFPREFIX_IN6: /* struct in6_rrenumreq (deprecated) */
1362 case SIOCCIFPREFIX_IN6: /* struct in6_rrenumreq (deprecated) */
1363 case SIOCSGIFPREFIX_IN6: /* struct in6_rrenumreq (deprecated) */
1364 case SIOCGIFPREFIX_IN6: /* struct in6_prefixreq (deprecated) */
1365 log(LOG_NOTICE,
1366 "prefix ioctls are now invalidated. "
1367 "please use ifconfig.\n");
1368 error = EOPNOTSUPP;
1369 goto done;
1370
1371 case SIOCSSCOPE6: /* struct in6_ifreq (deprecated) */
1372 case SIOCGSCOPE6: /* struct in6_ifreq (deprecated) */
1373 case SIOCGSCOPE6DEF: /* struct in6_ifreq (deprecated) */
1374 error = EOPNOTSUPP;
1375 goto done;
1376
1377 case SIOCLL_CGASTART_32: /* struct in6_cgareq_32 */
1378 case SIOCLL_CGASTART_64: /* struct in6_cgareq_64 */
1379 if (!privileged)
1380 error = EPERM;
1381 else
1382 error = in6ctl_cgastart(ifp, cmd, data);
1383 goto done;
1384
1385 case SIOCGIFSTAT_IN6: /* struct in6_ifreq */
1386 case SIOCGIFSTAT_ICMP6: /* struct in6_ifreq */
1387 error = in6ctl_gifstat(ifp, cmd, ifr);
1388 goto done;
1389 }
1390
1391 /*
1392 * ioctls which require interface address; obtain sockaddr_in6.
1393 */
1394 switch (cmd) {
1395 case SIOCSIFADDR_IN6: /* struct in6_ifreq (deprecated) */
1396 case SIOCSIFDSTADDR_IN6: /* struct in6_ifreq (deprecated) */
1397 case SIOCSIFNETMASK_IN6: /* struct in6_ifreq (deprecated) */
1398 /*
1399 * Since IPv6 allows a node to assign multiple addresses
1400 * on a single interface, SIOCSIFxxx ioctls are deprecated.
1401 */
1402 /* we decided to obsolete this command (20000704) */
1403 error = EOPNOTSUPP;
1404 goto done;
1405
1406 case SIOCAIFADDR_IN6_32: /* struct in6_aliasreq_32 */
1407 case SIOCAIFADDR_IN6_64: /* struct in6_aliasreq_64 */
1408 if (!privileged) {
1409 error = EPERM;
1410 goto done;
1411 }
1412 /*
1413 * Convert user ifra to the kernel form, when appropriate.
1414 * This allows the conversion between different data models
1415 * to be centralized, so that it can be passed around to other
1416 * routines that are expecting the kernel form.
1417 */
1418 ifra = in6_aliasreq_to_native(data,
1419 (cmd == SIOCAIFADDR_IN6_64), &sifra);
1420 bcopy(&ifra->ifra_addr, &sin6, sizeof (sin6));
1421 sa6 = &sin6;
1422 break;
1423
1424 case SIOCDIFADDR_IN6: /* struct in6_ifreq */
1425 case SIOCSIFALIFETIME_IN6: /* struct in6_ifreq */
1426 if (!privileged) {
1427 error = EPERM;
1428 goto done;
1429 }
1430 /* FALLTHRU */
1431 case SIOCGIFADDR_IN6: /* struct in6_ifreq */
1432 case SIOCGIFDSTADDR_IN6: /* struct in6_ifreq */
1433 case SIOCGIFNETMASK_IN6: /* struct in6_ifreq */
1434 case SIOCGIFAFLAG_IN6: /* struct in6_ifreq */
1435 case SIOCGIFALIFETIME_IN6: /* struct in6_ifreq */
1436 bcopy(&ifr->ifr_addr, &sin6, sizeof (sin6));
1437 sa6 = &sin6;
1438 break;
1439 case SIOCGIFDSTADDR:
1440 case SIOCSIFDSTADDR:
1441 case SIOCGIFBRDADDR:
1442 case SIOCSIFBRDADDR:
1443 case SIOCGIFNETMASK:
1444 case SIOCSIFNETMASK:
1445 case SIOCGIFADDR:
1446 case SIOCSIFADDR:
1447 case SIOCAIFADDR:
1448 case SIOCDIFADDR:
1449 /* Do not handle these AF_INET commands in AF_INET6 path */
1450 error = EINVAL;
1451 goto done;
1452 }
1453
1454 /*
1455 * Find address for this interface, if it exists.
1456 *
1457 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation
1458 * only, and used the first interface address as the target of other
1459 * operations (without checking ifra_addr). This was because netinet
1460 * code/API assumed at most 1 interface address per interface.
1461 * Since IPv6 allows a node to assign multiple addresses
1462 * on a single interface, we almost always look and check the
1463 * presence of ifra_addr, and reject invalid ones here.
1464 * It also decreases duplicated code among SIOC*_IN6 operations.
1465 */
1466 VERIFY(ia == NULL);
1467 if (sa6 != NULL && sa6->sin6_family == AF_INET6) {
1468 if (IN6_IS_ADDR_LINKLOCAL(&sa6->sin6_addr)) {
1469 if (sa6->sin6_addr.s6_addr16[1] == 0) {
1470 /* link ID is not embedded by the user */
1471 sa6->sin6_addr.s6_addr16[1] =
1472 htons(ifp->if_index);
1473 } else if (sa6->sin6_addr.s6_addr16[1] !=
1474 htons(ifp->if_index)) {
1475 error = EINVAL; /* link ID contradicts */
1476 goto done;
1477 }
1478 if (sa6->sin6_scope_id) {
1479 if (sa6->sin6_scope_id !=
1480 (u_int32_t)ifp->if_index) {
1481 error = EINVAL;
1482 goto done;
1483 }
1484 sa6->sin6_scope_id = 0; /* XXX: good way? */
1485 }
1486 }
1487 /*
1488 * Any failures from this point on must take into account
1489 * a non-NULL "ia" with an outstanding reference count, and
1490 * therefore requires IFA_REMREF. Jump to "done" label
1491 * instead of calling return if "ia" is valid.
1492 */
1493 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr);
1494 }
1495
1496 /*
1497 * SIOCDIFADDR_IN6/SIOCAIFADDR_IN6 specific tests.
1498 */
1499 switch (cmd) {
1500 case SIOCDIFADDR_IN6: /* struct in6_ifreq */
1501 if (ia == NULL) {
1502 error = EADDRNOTAVAIL;
1503 goto done;
1504 }
1505 /* FALLTHROUGH */
1506 case SIOCAIFADDR_IN6_32: /* struct in6_aliasreq_32 */
1507 case SIOCAIFADDR_IN6_64: /* struct in6_aliasreq_64 */
1508 VERIFY(sa6 != NULL);
1509 /*
1510 * We always require users to specify a valid IPv6 address for
1511 * the corresponding operation. Use "sa6" instead of "ifra"
1512 * since SIOCDIFADDR_IN6 falls thru above.
1513 */
1514 if (sa6->sin6_family != AF_INET6 ||
1515 sa6->sin6_len != sizeof (struct sockaddr_in6)) {
1516 error = EAFNOSUPPORT;
1517 goto done;
1518 }
1519 break;
1520 }
1521
1522 /*
1523 * And finally process address-related ioctls.
1524 */
1525 switch (cmd) {
1526 case SIOCGIFADDR_IN6: /* struct in6_ifreq */
1527 /* This interface is basically deprecated. use SIOCGIFCONF. */
1528 /* FALLTHRU */
1529 case SIOCGIFDSTADDR_IN6: /* struct in6_ifreq */
1530 error = in6ctl_gifaddr(ifp, ia, cmd, ifr);
1531 break;
1532
1533 case SIOCGIFNETMASK_IN6: /* struct in6_ifreq */
1534 if (ia != NULL) {
1535 IFA_LOCK(&ia->ia_ifa);
1536 bcopy(&ia->ia_prefixmask, &ifr->ifr_addr,
1537 sizeof (struct sockaddr_in6));
1538 IFA_UNLOCK(&ia->ia_ifa);
1539 } else {
1540 error = EADDRNOTAVAIL;
1541 }
1542 break;
1543
1544 case SIOCGIFAFLAG_IN6: /* struct in6_ifreq */
1545 if (ia != NULL) {
1546 IFA_LOCK(&ia->ia_ifa);
1547 bcopy(&ia->ia6_flags, &ifr->ifr_ifru.ifru_flags6,
1548 sizeof (ifr->ifr_ifru.ifru_flags6));
1549 IFA_UNLOCK(&ia->ia_ifa);
1550 } else {
1551 error = EADDRNOTAVAIL;
1552 }
1553 break;
1554
1555 case SIOCGIFALIFETIME_IN6: /* struct in6_ifreq */
1556 case SIOCSIFALIFETIME_IN6: /* struct in6_ifreq */
1557 error = in6ctl_alifetime(ia, cmd, ifr, p64);
1558 break;
1559
1560 case SIOCAIFADDR_IN6_32: /* struct in6_aliasreq_32 */
1561 case SIOCAIFADDR_IN6_64: /* struct in6_aliasreq_64 */
1562 error = in6ctl_aifaddr(ifp, ifra);
1563 break;
1564
1565 case SIOCDIFADDR_IN6:
1566 in6ctl_difaddr(ifp, ia);
1567 break;
1568
1569 default:
1570 error = ifnet_ioctl(ifp, PF_INET6, cmd, data);
1571 break;
1572 }
1573
1574 done:
1575 if (ia != NULL)
1576 IFA_REMREF(&ia->ia_ifa);
1577 if (so_unlocked)
1578 socket_lock(so, 0);
1579
1580 return (error);
1581 }
1582
1583 static __attribute__((noinline)) int
1584 in6ctl_aifaddr(struct ifnet *ifp, struct in6_aliasreq *ifra)
1585 {
1586 int i, error, addtmp, plen;
1587 struct nd_prefix pr0, *pr;
1588 struct in6_ifaddr *ia;
1589
1590 VERIFY(ifp != NULL && ifra != NULL);
1591 ia = NULL;
1592
1593 /* Attempt to attach the protocol, in case it isn't attached */
1594 error = in6_domifattach(ifp);
1595 if (error == 0) {
1596 /* PF_INET6 wasn't previously attached */
1597 error = in6_ifattach_aliasreq(ifp, NULL, NULL);
1598 if (error != 0)
1599 goto done;
1600
1601 in6_if_up_dad_start(ifp);
1602 } else if (error != EEXIST) {
1603 goto done;
1604 }
1605
1606 /*
1607 * First, make or update the interface address structure, and link it
1608 * to the list.
1609 */
1610 error = in6_update_ifa(ifp, ifra, 0, &ia);
1611 if (error != 0)
1612 goto done;
1613 VERIFY(ia != NULL);
1614
1615 /* Now, make the prefix on-link on the interface. */
1616 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, NULL);
1617 if (plen == 128)
1618 goto done;
1619
1620 /*
1621 * NOTE: We'd rather create the prefix before the address, but we need
1622 * at least one address to install the corresponding interface route,
1623 * so we configure the address first.
1624 */
1625
1626 /*
1627 * Convert mask to prefix length (prefixmask has already been validated
1628 * in in6_update_ifa().
1629 */
1630 bzero(&pr0, sizeof (pr0));
1631 pr0.ndpr_plen = plen;
1632 pr0.ndpr_ifp = ifp;
1633 pr0.ndpr_prefix = ifra->ifra_addr;
1634 pr0.ndpr_mask = ifra->ifra_prefixmask.sin6_addr;
1635
1636 /* apply the mask for safety. */
1637 for (i = 0; i < 4; i++) {
1638 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &=
1639 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i];
1640 }
1641
1642 /*
1643 * Since we don't have an API to set prefix (not address) lifetimes, we
1644 * just use the same lifetimes as addresses. The (temporarily)
1645 * installed lifetimes can be overridden by later advertised RAs (when
1646 * accept_rtadv is non 0), which is an intended behavior.
1647 */
1648 pr0.ndpr_raf_onlink = 1; /* should be configurable? */
1649 pr0.ndpr_raf_auto = !!(ifra->ifra_flags & IN6_IFF_AUTOCONF);
1650 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime;
1651 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime;
1652 pr0.ndpr_stateflags |= NDPRF_STATIC;
1653 lck_mtx_init(&pr0.ndpr_lock, ifa_mtx_grp, ifa_mtx_attr);
1654
1655 /* add the prefix if there's none. */
1656 if ((pr = nd6_prefix_lookup(&pr0, ND6_PREFIX_EXPIRY_NEVER)) == NULL) {
1657 /*
1658 * nd6_prelist_add will install the corresponding interface
1659 * route.
1660 */
1661 error = nd6_prelist_add(&pr0, NULL, &pr, FALSE);
1662 if (error != 0)
1663 goto done;
1664
1665 if (pr == NULL) {
1666 log(LOG_ERR, "%s: nd6_prelist_add okay, but"
1667 " no prefix.\n", __func__);
1668 error = EINVAL;
1669 goto done;
1670 }
1671 }
1672
1673 IFA_LOCK(&ia->ia_ifa);
1674
1675 /* if this is a new autoconfed addr */
1676 addtmp = FALSE;
1677 if (ia->ia6_ndpr == NULL) {
1678 NDPR_LOCK(pr);
1679 ++pr->ndpr_addrcnt;
1680 VERIFY(pr->ndpr_addrcnt != 0);
1681 ia->ia6_ndpr = pr;
1682 NDPR_ADDREF_LOCKED(pr); /* for addr reference */
1683
1684 /*
1685 * If this is the first autoconf address from the prefix,
1686 * create a temporary address as well (when specified).
1687 */
1688 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) != 0 &&
1689 ip6_use_tempaddr &&
1690 pr->ndpr_addrcnt == 1) {
1691 addtmp = true;
1692 }
1693 NDPR_UNLOCK(pr);
1694 }
1695
1696 IFA_UNLOCK(&ia->ia_ifa);
1697
1698 if (addtmp) {
1699 int e;
1700 e = in6_tmpifadd(ia, 1);
1701 if (e != 0)
1702 log(LOG_NOTICE, "%s: failed to create a"
1703 " temporary address, error=%d\n",
1704 __func__, e);
1705 }
1706
1707 /*
1708 * This might affect the status of autoconfigured addresses, that is,
1709 * this address might make other addresses detached.
1710 */
1711 lck_mtx_lock(nd6_mutex);
1712 pfxlist_onlink_check();
1713 lck_mtx_unlock(nd6_mutex);
1714
1715 /* Drop use count held above during lookup/add */
1716 NDPR_REMREF(pr);
1717
1718 done:
1719 if (ia != NULL)
1720 IFA_REMREF(&ia->ia_ifa);
1721 return (error);
1722 }
1723
1724 static __attribute__((noinline)) void
1725 in6ctl_difaddr(struct ifnet *ifp, struct in6_ifaddr *ia)
1726 {
1727 int i = 0;
1728 struct nd_prefix pr0, *pr;
1729
1730 VERIFY(ifp != NULL && ia != NULL);
1731
1732 /*
1733 * If the address being deleted is the only one that owns
1734 * the corresponding prefix, expire the prefix as well.
1735 * XXX: theoretically, we don't have to worry about such
1736 * relationship, since we separate the address management
1737 * and the prefix management. We do this, however, to provide
1738 * as much backward compatibility as possible in terms of
1739 * the ioctl operation.
1740 * Note that in6_purgeaddr() will decrement ndpr_addrcnt.
1741 */
1742 IFA_LOCK(&ia->ia_ifa);
1743 bzero(&pr0, sizeof (pr0));
1744 pr0.ndpr_ifp = ifp;
1745 pr0.ndpr_plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL);
1746 if (pr0.ndpr_plen == 128) {
1747 IFA_UNLOCK(&ia->ia_ifa);
1748 goto purgeaddr;
1749 }
1750 pr0.ndpr_prefix = ia->ia_addr;
1751 pr0.ndpr_mask = ia->ia_prefixmask.sin6_addr;
1752 for (i = 0; i < 4; i++) {
1753 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &=
1754 ia->ia_prefixmask.sin6_addr.s6_addr32[i];
1755 }
1756 IFA_UNLOCK(&ia->ia_ifa);
1757
1758 if ((pr = nd6_prefix_lookup(&pr0, ND6_PREFIX_EXPIRY_UNSPEC)) != NULL) {
1759 IFA_LOCK(&ia->ia_ifa);
1760 NDPR_LOCK(pr);
1761 if (pr->ndpr_addrcnt == 1) {
1762 /* XXX: just for expiration */
1763 pr->ndpr_expire = 1;
1764 }
1765 NDPR_UNLOCK(pr);
1766 IFA_UNLOCK(&ia->ia_ifa);
1767
1768 /* Drop use count held above during lookup */
1769 NDPR_REMREF(pr);
1770 }
1771
1772 purgeaddr:
1773 in6_purgeaddr(&ia->ia_ifa);
1774 }
1775
1776 static __attribute__((noinline)) int
1777 in6_autoconf(struct ifnet *ifp, int enable)
1778 {
1779 int error = 0;
1780
1781 VERIFY(ifp != NULL);
1782
1783 if (ifp->if_flags & IFF_LOOPBACK)
1784 return (EINVAL);
1785
1786 if (enable) {
1787 /*
1788 * An interface in IPv6 router mode implies that it
1789 * is either configured with a static IP address or
1790 * autoconfigured via a locally-generated RA. Prevent
1791 * SIOCAUTOCONF_START from being set in that mode.
1792 */
1793 ifnet_lock_exclusive(ifp);
1794 if (ifp->if_eflags & IFEF_IPV6_ROUTER) {
1795 ifp->if_eflags &= ~IFEF_ACCEPT_RTADV;
1796 error = EBUSY;
1797 } else {
1798 ifp->if_eflags |= IFEF_ACCEPT_RTADV;
1799 }
1800 ifnet_lock_done(ifp);
1801 } else {
1802 struct in6_ifaddr *ia = NULL;
1803
1804 ifnet_lock_exclusive(ifp);
1805 ifp->if_eflags &= ~IFEF_ACCEPT_RTADV;
1806 ifnet_lock_done(ifp);
1807
1808 /* Remove autoconfigured address from interface */
1809 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
1810 ia = in6_ifaddrs;
1811 while (ia != NULL) {
1812 if (ia->ia_ifa.ifa_ifp != ifp) {
1813 ia = ia->ia_next;
1814 continue;
1815 }
1816 IFA_LOCK(&ia->ia_ifa);
1817 if (ia->ia6_flags & IN6_IFF_AUTOCONF) {
1818 IFA_ADDREF_LOCKED(&ia->ia_ifa); /* for us */
1819 IFA_UNLOCK(&ia->ia_ifa);
1820 lck_rw_done(&in6_ifaddr_rwlock);
1821 in6_purgeaddr(&ia->ia_ifa);
1822 IFA_REMREF(&ia->ia_ifa); /* for us */
1823 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
1824 /*
1825 * Purging the address caused in6_ifaddr_rwlock
1826 * to be dropped and reacquired;
1827 * therefore search again from the beginning
1828 * of in6_ifaddrs list.
1829 */
1830 ia = in6_ifaddrs;
1831 continue;
1832 }
1833 IFA_UNLOCK(&ia->ia_ifa);
1834 ia = ia->ia_next;
1835 }
1836 lck_rw_done(&in6_ifaddr_rwlock);
1837 }
1838 return (error);
1839 }
1840
1841 /*
1842 * Handle SIOCSETROUTERMODE_IN6 to set or clear the IPv6 router mode flag on
1843 * the interface. Entering or exiting this mode will result in the removal of
1844 * autoconfigured IPv6 addresses on the interface.
1845 */
1846 static __attribute__((noinline)) int
1847 in6_setrouter(struct ifnet *ifp, int enable)
1848 {
1849 VERIFY(ifp != NULL);
1850
1851 if (ifp->if_flags & IFF_LOOPBACK)
1852 return (ENODEV);
1853
1854 if (enable) {
1855 struct nd_ifinfo *ndi = NULL;
1856
1857 ndi = ND_IFINFO(ifp);
1858 if (ndi != NULL && ndi->initialized) {
1859 lck_mtx_lock(&ndi->lock);
1860 if (ndi->flags & ND6_IFF_PROXY_PREFIXES) {
1861 /* No proxy if we are an advertising router */
1862 ndi->flags &= ~ND6_IFF_PROXY_PREFIXES;
1863 lck_mtx_unlock(&ndi->lock);
1864 (void) nd6_if_prproxy(ifp, FALSE);
1865 } else {
1866 lck_mtx_unlock(&ndi->lock);
1867 }
1868 }
1869 }
1870
1871 ifnet_lock_exclusive(ifp);
1872 if (enable) {
1873 ifp->if_eflags |= IFEF_IPV6_ROUTER;
1874 } else {
1875 ifp->if_eflags &= ~IFEF_IPV6_ROUTER;
1876 }
1877 ifnet_lock_done(ifp);
1878
1879 lck_mtx_lock(nd6_mutex);
1880 defrouter_select(ifp);
1881 lck_mtx_unlock(nd6_mutex);
1882
1883 if_allmulti(ifp, enable);
1884
1885 return (in6_autoconf(ifp, FALSE));
1886 }
1887
1888 static int
1889 in6_to_kamescope(struct sockaddr_in6 *sin6, struct ifnet *ifp)
1890 {
1891 struct sockaddr_in6 tmp;
1892 int error, id;
1893
1894 VERIFY(sin6 != NULL);
1895 tmp = *sin6;
1896
1897 error = in6_recoverscope(&tmp, &sin6->sin6_addr, ifp);
1898 if (error != 0)
1899 return (error);
1900
1901 id = in6_addr2scopeid(ifp, &tmp.sin6_addr);
1902 if (tmp.sin6_scope_id == 0)
1903 tmp.sin6_scope_id = id;
1904 else if (tmp.sin6_scope_id != id)
1905 return (EINVAL); /* scope ID mismatch. */
1906
1907 error = in6_embedscope(&tmp.sin6_addr, &tmp, NULL, NULL, NULL);
1908 if (error != 0)
1909 return (error);
1910
1911 tmp.sin6_scope_id = 0;
1912 *sin6 = tmp;
1913 return (0);
1914 }
1915
1916 /*
1917 * When the address is being configured we should clear out certain flags
1918 * coming in from the caller.
1919 */
1920 #define IN6_IFF_CLR_ADDR_FLAG_MASK (~(IN6_IFF_DEPRECATED | IN6_IFF_DETACHED | IN6_IFF_DUPLICATED))
1921
1922 static int
1923 in6_ifaupdate_aux(struct in6_ifaddr *ia, struct ifnet *ifp, int ifaupflags)
1924 {
1925 struct sockaddr_in6 mltaddr, mltmask;
1926 struct in6_addr llsol;
1927 struct ifaddr *ifa;
1928 struct in6_multi *in6m_sol;
1929 struct in6_multi_mship *imm;
1930 struct rtentry *rt;
1931 int delay, error = 0;
1932
1933 VERIFY(ifp != NULL && ia != NULL);
1934 ifa = &ia->ia_ifa;
1935 in6m_sol = NULL;
1936
1937 nd6log2((LOG_DEBUG, "%s - %s ifp %s ia6_flags 0x%x ifaupflags 0x%x\n",
1938 __func__,
1939 ip6_sprintf(&ia->ia_addr.sin6_addr),
1940 if_name(ia->ia_ifp),
1941 ia->ia6_flags,
1942 ifaupflags));
1943
1944 /*
1945 * Just to be safe, always clear certain flags when address
1946 * is being configured
1947 */
1948 ia->ia6_flags &= IN6_IFF_CLR_ADDR_FLAG_MASK;
1949
1950 /*
1951 * Mark the address as tentative before joining multicast addresses,
1952 * so that corresponding MLD responses would not have a tentative
1953 * source address.
1954 */
1955 if (in6if_do_dad(ifp)) {
1956 in6_ifaddr_set_dadprogress(ia);
1957 /*
1958 * Do not delay sending neighbor solicitations when using optimistic
1959 * duplicate address detection, c.f. RFC 4429.
1960 */
1961 if (ia->ia6_flags & IN6_IFF_OPTIMISTIC)
1962 ifaupflags &= ~IN6_IFAUPDATE_DADDELAY;
1963 else
1964 ifaupflags |= IN6_IFAUPDATE_DADDELAY;
1965 } else {
1966 /*
1967 * If the interface has been marked to not perform
1968 * DAD, make sure to reset DAD in progress flags
1969 * that may come in from the caller.
1970 */
1971 ia->ia6_flags &= ~IN6_IFF_DADPROGRESS;
1972 }
1973
1974 /* Join necessary multicast groups */
1975 if ((ifp->if_flags & IFF_MULTICAST) != 0) {
1976
1977 /* join solicited multicast addr for new host id */
1978 bzero(&llsol, sizeof (struct in6_addr));
1979 llsol.s6_addr32[0] = IPV6_ADDR_INT32_MLL;
1980 llsol.s6_addr32[1] = 0;
1981 llsol.s6_addr32[2] = htonl(1);
1982 llsol.s6_addr32[3] = ia->ia_addr.sin6_addr.s6_addr32[3];
1983 llsol.s6_addr8[12] = 0xff;
1984 if ((error = in6_setscope(&llsol, ifp, NULL)) != 0) {
1985 /* XXX: should not happen */
1986 log(LOG_ERR, "%s: in6_setscope failed\n", __func__);
1987 goto unwind;
1988 }
1989 delay = 0;
1990 if ((ifaupflags & IN6_IFAUPDATE_DADDELAY)) {
1991 /*
1992 * We need a random delay for DAD on the address
1993 * being configured. It also means delaying
1994 * transmission of the corresponding MLD report to
1995 * avoid report collision. [RFC 4862]
1996 */
1997 delay = random() % MAX_RTR_SOLICITATION_DELAY;
1998 }
1999 imm = in6_joingroup(ifp, &llsol, &error, delay);
2000 if (imm == NULL) {
2001 nd6log((LOG_WARNING,
2002 "%s: addmulti failed for %s on %s (errno=%d)\n",
2003 __func__, ip6_sprintf(&llsol), if_name(ifp),
2004 error));
2005 VERIFY(error != 0);
2006 goto unwind;
2007 }
2008 in6m_sol = imm->i6mm_maddr;
2009 /* take a refcount for this routine */
2010 IN6M_ADDREF(in6m_sol);
2011
2012 IFA_LOCK_SPIN(ifa);
2013 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
2014 IFA_UNLOCK(ifa);
2015
2016 bzero(&mltmask, sizeof (mltmask));
2017 mltmask.sin6_len = sizeof (struct sockaddr_in6);
2018 mltmask.sin6_family = AF_INET6;
2019 mltmask.sin6_addr = in6mask32;
2020 #define MLTMASK_LEN 4 /* mltmask's masklen (=32bit=4octet) */
2021
2022 /*
2023 * join link-local all-nodes address
2024 */
2025 bzero(&mltaddr, sizeof (mltaddr));
2026 mltaddr.sin6_len = sizeof (struct sockaddr_in6);
2027 mltaddr.sin6_family = AF_INET6;
2028 mltaddr.sin6_addr = in6addr_linklocal_allnodes;
2029 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0)
2030 goto unwind; /* XXX: should not fail */
2031
2032 /*
2033 * XXX: do we really need this automatic routes?
2034 * We should probably reconsider this stuff. Most applications
2035 * actually do not need the routes, since they usually specify
2036 * the outgoing interface.
2037 */
2038 rt = rtalloc1_scoped((struct sockaddr *)&mltaddr, 0, 0UL,
2039 ia->ia_ifp->if_index);
2040 if (rt) {
2041 if (memcmp(&mltaddr.sin6_addr, &((struct sockaddr_in6 *)
2042 (void *)rt_key(rt))->sin6_addr, MLTMASK_LEN)) {
2043 rtfree(rt);
2044 rt = NULL;
2045 }
2046 }
2047 if (!rt) {
2048 error = rtrequest_scoped(RTM_ADD,
2049 (struct sockaddr *)&mltaddr,
2050 (struct sockaddr *)&ia->ia_addr,
2051 (struct sockaddr *)&mltmask, RTF_UP | RTF_CLONING,
2052 NULL, ia->ia_ifp->if_index);
2053 if (error)
2054 goto unwind;
2055 } else {
2056 rtfree(rt);
2057 }
2058
2059 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0);
2060 if (!imm) {
2061 nd6log((LOG_WARNING,
2062 "%s: addmulti failed for %s on %s (errno=%d)\n",
2063 __func__, ip6_sprintf(&mltaddr.sin6_addr),
2064 if_name(ifp), error));
2065 VERIFY(error != 0);
2066 goto unwind;
2067 }
2068 IFA_LOCK_SPIN(ifa);
2069 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
2070 IFA_UNLOCK(ifa);
2071
2072 /*
2073 * join node information group address
2074 */
2075 #define hostnamelen strlen(hostname)
2076 delay = 0;
2077 if ((ifaupflags & IN6_IFAUPDATE_DADDELAY)) {
2078 /*
2079 * The spec doesn't say anything about delay for this
2080 * group, but the same logic should apply.
2081 */
2082 delay = random() % MAX_RTR_SOLICITATION_DELAY;
2083 }
2084 if (in6_nigroup(ifp, hostname, hostnamelen, &mltaddr.sin6_addr)
2085 == 0) {
2086 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error,
2087 delay); /* XXX jinmei */
2088 if (!imm) {
2089 nd6log((LOG_WARNING,
2090 "%s: addmulti failed for %s on %s "
2091 "(errno=%d)\n",
2092 __func__, ip6_sprintf(&mltaddr.sin6_addr),
2093 if_name(ifp), error));
2094 /* XXX not very fatal, go on... */
2095 error = 0;
2096 } else {
2097 IFA_LOCK_SPIN(ifa);
2098 LIST_INSERT_HEAD(&ia->ia6_memberships,
2099 imm, i6mm_chain);
2100 IFA_UNLOCK(ifa);
2101 }
2102 }
2103 #undef hostnamelen
2104
2105 /*
2106 * join interface-local all-nodes address.
2107 * (ff01::1%ifN, and ff01::%ifN/32)
2108 */
2109 mltaddr.sin6_addr = in6addr_nodelocal_allnodes;
2110 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0)
2111 goto unwind; /* XXX: should not fail */
2112 /* XXX: again, do we really need the route? */
2113 rt = rtalloc1_scoped((struct sockaddr *)&mltaddr, 0, 0UL,
2114 ia->ia_ifp->if_index);
2115 if (rt) {
2116 if (memcmp(&mltaddr.sin6_addr, &((struct sockaddr_in6 *)
2117 (void *)rt_key(rt))->sin6_addr, MLTMASK_LEN)) {
2118 rtfree(rt);
2119 rt = NULL;
2120 }
2121 }
2122 if (!rt) {
2123 error = rtrequest_scoped(RTM_ADD,
2124 (struct sockaddr *)&mltaddr,
2125 (struct sockaddr *)&ia->ia_addr,
2126 (struct sockaddr *)&mltmask, RTF_UP | RTF_CLONING,
2127 NULL, ia->ia_ifp->if_index);
2128 if (error)
2129 goto unwind;
2130 } else
2131 rtfree(rt);
2132
2133 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0);
2134 if (!imm) {
2135 nd6log((LOG_WARNING,
2136 "%s: addmulti failed for %s on %s (errno=%d)\n",
2137 __func__, ip6_sprintf(&mltaddr.sin6_addr),
2138 if_name(ifp), error));
2139 VERIFY(error != 0);
2140 goto unwind;
2141 }
2142 IFA_LOCK(ifa);
2143 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
2144 IFA_UNLOCK(ifa);
2145 }
2146 #undef MLTMASK_LEN
2147
2148 /* Ensure nd6_service() is scheduled as soon as it's convenient */
2149 ++nd6_sched_timeout_want;
2150
2151 /*
2152 * Perform DAD, if needed.
2153 * XXX It may be of use, if we can administratively
2154 * disable DAD.
2155 */
2156 IFA_LOCK_SPIN(ifa);
2157 if (in6if_do_dad(ifp) && ((ifa->ifa_flags & IN6_IFF_NODAD) == 0) &&
2158 (ia->ia6_flags & IN6_IFF_DADPROGRESS)) {
2159 int mindelay, maxdelay;
2160 int *delayptr, delayval;
2161
2162 IFA_UNLOCK(ifa);
2163 delayptr = NULL;
2164 /*
2165 * Avoid the DAD delay if the caller wants us to skip it.
2166 * This is not compliant with RFC 2461, but it's only being
2167 * used for signalling and not for actual DAD.
2168 */
2169 if ((ifaupflags & IN6_IFAUPDATE_DADDELAY) &&
2170 !(ia->ia6_flags & IN6_IFF_SWIFTDAD)) {
2171 /*
2172 * We need to impose a delay before sending an NS
2173 * for DAD. Check if we also needed a delay for the
2174 * corresponding MLD message. If we did, the delay
2175 * should be larger than the MLD delay (this could be
2176 * relaxed a bit, but this simple logic is at least
2177 * safe).
2178 */
2179 mindelay = 0;
2180 if (in6m_sol != NULL) {
2181 IN6M_LOCK(in6m_sol);
2182 if (in6m_sol->in6m_state ==
2183 MLD_REPORTING_MEMBER)
2184 mindelay = in6m_sol->in6m_timer;
2185 IN6M_UNLOCK(in6m_sol);
2186 }
2187 maxdelay = MAX_RTR_SOLICITATION_DELAY * hz;
2188 if (maxdelay - mindelay == 0)
2189 delayval = 0;
2190 else {
2191 delayval =
2192 (random() % (maxdelay - mindelay)) +
2193 mindelay;
2194 }
2195 delayptr = &delayval;
2196 }
2197
2198 nd6_dad_start((struct ifaddr *)ia, delayptr);
2199 } else {
2200 IFA_UNLOCK(ifa);
2201 }
2202
2203 goto done;
2204
2205 unwind:
2206 VERIFY(error != 0);
2207 in6_purgeaddr(&ia->ia_ifa);
2208
2209 done:
2210 /* release reference held for this routine */
2211 if (in6m_sol != NULL)
2212 IN6M_REMREF(in6m_sol);
2213 return (error);
2214 }
2215
2216 /*
2217 * Request an IPv6 interface address. If the address is new, then it will be
2218 * constructed and appended to the interface address chains. The interface
2219 * address structure is optionally returned with a reference for the caller.
2220 */
2221 int
2222 in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, int ifaupflags,
2223 struct in6_ifaddr **iar)
2224 {
2225 struct in6_addrlifetime ia6_lt;
2226 struct in6_ifaddr *ia;
2227 struct ifaddr *ifa;
2228 struct ifaddr *xifa;
2229 struct in6_addrlifetime *lt;
2230 uint64_t timenow;
2231 int plen, error;
2232
2233 /* Sanity check parameters and initialize locals */
2234 VERIFY(ifp != NULL && ifra != NULL && iar != NULL);
2235 ia = NULL;
2236 ifa = NULL;
2237 error = 0;
2238
2239 /*
2240 * We always require users to specify a valid IPv6 address for
2241 * the corresponding operation.
2242 */
2243 if (ifra->ifra_addr.sin6_family != AF_INET6 ||
2244 ifra->ifra_addr.sin6_len != sizeof (struct sockaddr_in6)) {
2245 error = EAFNOSUPPORT;
2246 goto unwind;
2247 }
2248
2249 /* Validate ifra_prefixmask.sin6_len is properly bounded. */
2250 if (ifra->ifra_prefixmask.sin6_len == 0 ||
2251 ifra->ifra_prefixmask.sin6_len > sizeof (struct sockaddr_in6)) {
2252 error = EINVAL;
2253 goto unwind;
2254 }
2255
2256 /* Validate prefix length extracted from ifra_prefixmask structure. */
2257 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
2258 (u_char *)&ifra->ifra_prefixmask + ifra->ifra_prefixmask.sin6_len);
2259 if (plen <= 0) {
2260 error = EINVAL;
2261 goto unwind;
2262 }
2263
2264 /* Validate lifetimes */
2265 lt = &ifra->ifra_lifetime;
2266 if (lt->ia6t_pltime > lt->ia6t_vltime) {
2267 log(LOG_INFO,
2268 "%s: pltime 0x%x > vltime 0x%x for %s\n", __func__,
2269 lt->ia6t_pltime, lt->ia6t_vltime,
2270 ip6_sprintf(&ifra->ifra_addr.sin6_addr));
2271 error = EINVAL;
2272 goto unwind;
2273 }
2274 if (lt->ia6t_vltime == 0) {
2275 /*
2276 * the following log might be noisy, but this is a typical
2277 * configuration mistake or a tool's bug.
2278 */
2279 log(LOG_INFO, "%s: valid lifetime is 0 for %s\n", __func__,
2280 ip6_sprintf(&ifra->ifra_addr.sin6_addr));
2281 }
2282
2283 /*
2284 * Before we lock the ifnet structure, we first check to see if the
2285 * address already exists. If so, then we don't allocate and link a
2286 * new one here.
2287 */
2288 ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr);
2289 if (ia != NULL)
2290 ifa = &ia->ia_ifa;
2291
2292 /*
2293 * Validate destination address on interface types that require it.
2294 */
2295 if ((ifp->if_flags & (IFF_LOOPBACK|IFF_POINTOPOINT)) != 0) {
2296 switch (ifra->ifra_dstaddr.sin6_family) {
2297 case AF_INET6:
2298 if (plen != 128) {
2299 /* noisy message for diagnostic purposes */
2300 log(LOG_INFO,
2301 "%s: prefix length < 128 with"
2302 " explicit dstaddr.\n", __func__);
2303 error = EINVAL;
2304 goto unwind;
2305 }
2306 break;
2307
2308 case AF_UNSPEC:
2309 break;
2310
2311 default:
2312 error = EAFNOSUPPORT;
2313 goto unwind;
2314 }
2315 } else if (ifra->ifra_dstaddr.sin6_family != AF_UNSPEC) {
2316 log(LOG_INFO,
2317 "%s: dstaddr valid only on p2p and loopback interfaces.\n",
2318 __func__);
2319 error = EINVAL;
2320 goto unwind;
2321 }
2322
2323 timenow = net_uptime();
2324
2325 if (ia == NULL) {
2326 int how;
2327
2328 /* Is this the first new IPv6 address for the interface? */
2329 ifaupflags |= IN6_IFAUPDATE_NEWADDR;
2330
2331 /* Allocate memory for IPv6 interface address structure. */
2332 how = !(ifaupflags & IN6_IFAUPDATE_NOWAIT) ? M_WAITOK : 0;
2333 ia = in6_ifaddr_alloc(how);
2334 if (ia == NULL) {
2335 error = ENOBUFS;
2336 goto unwind;
2337 }
2338
2339 ifa = &ia->ia_ifa;
2340
2341 /*
2342 * Initialize interface address structure.
2343 *
2344 * Note well: none of these sockaddr_in6 structures contain a
2345 * valid sin6_port, sin6_flowinfo or even a sin6_scope_id field.
2346 * We still embed link-local scope identifiers at the end of an
2347 * arbitrary fe80::/32 prefix, for historical reasons. Also, the
2348 * ifa_dstaddr field is always non-NULL on point-to-point and
2349 * loopback interfaces, and conventionally points to a socket
2350 * address of AF_UNSPEC family when there is no destination.
2351 *
2352 * Please enjoy the dancing sea turtle.
2353 */
2354 IFA_ADDREF(ifa); /* for this and optionally for caller */
2355 ifa->ifa_addr = (struct sockaddr *)&ia->ia_addr;
2356 if (ifra->ifra_dstaddr.sin6_family == AF_INET6 ||
2357 (ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0)
2358 ifa->ifa_dstaddr = (struct sockaddr *)&ia->ia_dstaddr;
2359 ifa->ifa_netmask = (struct sockaddr *)&ia->ia_prefixmask;
2360 ifa->ifa_ifp = ifp;
2361 ifa->ifa_metric = ifp->if_metric;
2362 ifa->ifa_rtrequest = nd6_rtrequest;
2363
2364 LIST_INIT(&ia->ia6_memberships);
2365 ia->ia_addr.sin6_family = AF_INET6;
2366 ia->ia_addr.sin6_len = sizeof (ia->ia_addr);
2367 ia->ia_addr.sin6_addr = ifra->ifra_addr.sin6_addr;
2368 ia->ia_prefixmask.sin6_family = AF_INET6;
2369 ia->ia_prefixmask.sin6_len = sizeof (ia->ia_prefixmask);
2370 ia->ia_prefixmask.sin6_addr = ifra->ifra_prefixmask.sin6_addr;
2371 error = in6_to_kamescope(&ia->ia_addr, ifp);
2372 if (error != 0)
2373 goto unwind;
2374 if (ifa->ifa_dstaddr != NULL) {
2375 ia->ia_dstaddr = ifra->ifra_dstaddr;
2376 error = in6_to_kamescope(&ia->ia_dstaddr, ifp);
2377 if (error != 0)
2378 goto unwind;
2379 }
2380
2381 /* Append to address chains */
2382 ifnet_lock_exclusive(ifp);
2383 ifaupflags |= IN6_IFAUPDATE_1STADDR;
2384 TAILQ_FOREACH(xifa, &ifp->if_addrlist, ifa_list) {
2385 IFA_LOCK_SPIN(xifa);
2386 if (xifa->ifa_addr->sa_family != AF_INET6) {
2387 IFA_UNLOCK(xifa);
2388 ifaupflags &= ~IN6_IFAUPDATE_1STADDR;
2389 break;
2390 }
2391 IFA_UNLOCK(xifa);
2392 }
2393
2394 IFA_LOCK_SPIN(ifa);
2395 if_attach_ifa(ifp, ifa); /* holds reference for ifnet link */
2396 IFA_UNLOCK(ifa);
2397 ifnet_lock_done(ifp);
2398
2399 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
2400 if (in6_ifaddrs != NULL) {
2401 struct in6_ifaddr *iac;
2402 for (iac = in6_ifaddrs; iac->ia_next != NULL;
2403 iac = iac->ia_next)
2404 continue;
2405 iac->ia_next = ia;
2406 } else {
2407 in6_ifaddrs = ia;
2408 }
2409 IFA_ADDREF(ifa); /* hold for in6_ifaddrs link */
2410 lck_rw_done(&in6_ifaddr_rwlock);
2411 } else {
2412 ifa = &ia->ia_ifa;
2413 ifaupflags &= ~(IN6_IFAUPDATE_NEWADDR|IN6_IFAUPDATE_1STADDR);
2414 }
2415
2416 VERIFY(ia != NULL && ifa == &ia->ia_ifa);
2417 IFA_LOCK(ifa);
2418
2419 /*
2420 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred
2421 * to see if the address is deprecated or invalidated, but initialize
2422 * these members for applications.
2423 */
2424 ia->ia6_updatetime = ia->ia6_createtime = timenow;
2425 ia6_lt = *lt;
2426 if (ia6_lt.ia6t_vltime != ND6_INFINITE_LIFETIME)
2427 ia6_lt.ia6t_expire = timenow + ia6_lt.ia6t_vltime;
2428 else
2429 ia6_lt.ia6t_expire = 0;
2430 if (ia6_lt.ia6t_pltime != ND6_INFINITE_LIFETIME)
2431 ia6_lt.ia6t_preferred = timenow + ia6_lt.ia6t_pltime;
2432 else
2433 ia6_lt.ia6t_preferred = 0;
2434 in6ifa_setlifetime(ia, &ia6_lt);
2435
2436 /*
2437 * Backward compatibility - if IN6_IFF_DEPRECATED is set from the
2438 * userland, make it deprecated.
2439 */
2440 if ((ia->ia6_flags & IN6_IFF_DEPRECATED) != 0) {
2441 ia->ia6_lifetime.ia6ti_pltime = 0;
2442 ia->ia6_lifetime.ia6ti_preferred = timenow;
2443 }
2444
2445 /*
2446 * Update flag or prefix length
2447 */
2448 ia->ia_plen = plen;
2449 ia->ia6_flags = ifra->ifra_flags;
2450
2451 /* Release locks (new address available to concurrent tasks) */
2452 IFA_UNLOCK(ifa);
2453
2454 /* Further initialization of the interface address */
2455 error = in6_ifinit(ifp, ia, ifaupflags);
2456 if (error != 0)
2457 goto unwind;
2458
2459 /* Finish updating the address while other tasks are working with it */
2460 error = in6_ifaupdate_aux(ia, ifp, ifaupflags);
2461 if (error != 0)
2462 goto unwind;
2463
2464 /* Return success (optionally w/ address for caller). */
2465 VERIFY(error == 0);
2466 (void) ifnet_notify_address(ifp, AF_INET6);
2467 goto done;
2468
2469 unwind:
2470 VERIFY(error != 0);
2471 if (ia != NULL) {
2472 VERIFY(ifa == &ia->ia_ifa);
2473 IFA_REMREF(ifa);
2474 ia = NULL;
2475 }
2476
2477 done:
2478 *iar = ia;
2479 return (error);
2480 }
2481
2482 void
2483 in6_purgeaddr(struct ifaddr *ifa)
2484 {
2485 struct ifnet *ifp = ifa->ifa_ifp;
2486 struct in6_ifaddr *ia = (struct in6_ifaddr *)ifa;
2487 struct in6_multi_mship *imm;
2488
2489 LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED);
2490
2491 /* stop DAD processing */
2492 nd6_dad_stop(ifa);
2493
2494 /*
2495 * delete route to the destination of the address being purged.
2496 * The interface must be p2p or loopback in this case.
2497 */
2498 IFA_LOCK(ifa);
2499 if ((ia->ia_flags & IFA_ROUTE) && ia->ia_plen == 128) {
2500 int error, rtf;
2501
2502 IFA_UNLOCK(ifa);
2503 rtf = (ia->ia_dstaddr.sin6_family == AF_INET6) ? RTF_HOST : 0;
2504 error = rtinit(&(ia->ia_ifa), RTM_DELETE, rtf);
2505 if (error != 0) {
2506 log(LOG_ERR, "in6_purgeaddr: failed to remove "
2507 "a route to the p2p destination: %s on %s, "
2508 "errno=%d\n",
2509 ip6_sprintf(&ia->ia_addr.sin6_addr), if_name(ifp),
2510 error);
2511 /* proceed anyway... */
2512 }
2513 IFA_LOCK_SPIN(ifa);
2514 ia->ia_flags &= ~IFA_ROUTE;
2515 }
2516 IFA_UNLOCK(ifa);
2517
2518 /* Remove ownaddr's loopback rtentry, if it exists. */
2519 in6_ifremloop(&(ia->ia_ifa));
2520
2521 /*
2522 * leave from multicast groups we have joined for the interface
2523 */
2524 IFA_LOCK(ifa);
2525 while ((imm = ia->ia6_memberships.lh_first) != NULL) {
2526 LIST_REMOVE(imm, i6mm_chain);
2527 IFA_UNLOCK(ifa);
2528 in6_leavegroup(imm);
2529 IFA_LOCK(ifa);
2530 }
2531 IFA_UNLOCK(ifa);
2532
2533 /* in6_unlink_ifa() will need exclusive access */
2534 in6_unlink_ifa(ia, ifp);
2535 in6_post_msg(ifp, KEV_INET6_ADDR_DELETED, ia, NULL);
2536
2537 (void) ifnet_notify_address(ifp, AF_INET6);
2538 }
2539
2540 static void
2541 in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp)
2542 {
2543 struct in6_ifaddr *oia;
2544 struct ifaddr *ifa;
2545 int unlinked;
2546
2547 LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED);
2548
2549 ifa = &ia->ia_ifa;
2550 IFA_ADDREF(ifa);
2551
2552 ifnet_lock_exclusive(ifp);
2553 IFA_LOCK(ifa);
2554 if (ifa->ifa_debug & IFD_ATTACHED)
2555 if_detach_ifa(ifp, ifa);
2556 IFA_UNLOCK(ifa);
2557 ifnet_lock_done(ifp);
2558
2559 unlinked = 1;
2560 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
2561 oia = ia;
2562 if (oia == (ia = in6_ifaddrs)) {
2563 in6_ifaddrs = ia->ia_next;
2564 } else {
2565 while (ia->ia_next && (ia->ia_next != oia))
2566 ia = ia->ia_next;
2567 if (ia->ia_next) {
2568 ia->ia_next = oia->ia_next;
2569 } else {
2570 /* search failed */
2571 log(LOG_NOTICE, "%s: search failed.\n", __func__);
2572 unlinked = 0;
2573 }
2574 }
2575
2576 /*
2577 * When IPv6 address is being removed, release the
2578 * reference to the base prefix.
2579 * Also, since the release might, affect the status
2580 * of other (detached) addresses, call
2581 * pfxlist_onlink_check().
2582 */
2583 ifa = &oia->ia_ifa;
2584 IFA_LOCK(ifa);
2585 /*
2586 * Only log the below message for addresses other than
2587 * link local.
2588 * Only one LLA (auto-configured or statically) is allowed
2589 * on an interface.
2590 * LLA prefix, while added to the prefix list, is not
2591 * reference countedi (as it is the only one).
2592 * The prefix also never expires on its own as LLAs
2593 * have infinite lifetime.
2594 *
2595 * For now quiece down the log message for LLAs.
2596 */
2597 if (!IN6_IS_ADDR_LINKLOCAL(&oia->ia_addr.sin6_addr)) {
2598 if (oia->ia6_ndpr == NULL)
2599 log(LOG_NOTICE, "in6_unlink_ifa: IPv6 address "
2600 "0x%llx has no prefix\n",
2601 (uint64_t)VM_KERNEL_ADDRPERM(oia));
2602 else {
2603 struct nd_prefix *pr = oia->ia6_ndpr;
2604 oia->ia6_flags &= ~IN6_IFF_AUTOCONF;
2605 oia->ia6_ndpr = NULL;
2606 NDPR_LOCK(pr);
2607 VERIFY(pr->ndpr_addrcnt != 0);
2608 pr->ndpr_addrcnt--;
2609 if (oia->ia6_flags & IN6_IFF_CLAT46)
2610 pr->ndpr_stateflags &= ~NDPRF_CLAT46;
2611 NDPR_UNLOCK(pr);
2612 NDPR_REMREF(pr); /* release addr reference */
2613 }
2614 }
2615 IFA_UNLOCK(ifa);
2616 lck_rw_done(&in6_ifaddr_rwlock);
2617
2618 if ((oia->ia6_flags & IN6_IFF_AUTOCONF) != 0) {
2619 lck_mtx_lock(nd6_mutex);
2620 pfxlist_onlink_check();
2621 lck_mtx_unlock(nd6_mutex);
2622 }
2623 /*
2624 * release another refcnt for the link from in6_ifaddrs.
2625 * Do this only if it's not already unlinked in the event that we lost
2626 * the race, since in6_ifaddr_rwlock was momentarily dropped above.
2627 */
2628 if (unlinked)
2629 IFA_REMREF(ifa);
2630
2631 /* release reference held for this routine */
2632 IFA_REMREF(ifa);
2633
2634 /* invalidate route caches */
2635 routegenid_inet6_update();
2636 }
2637
2638 void
2639 in6_purgeif(struct ifnet *ifp)
2640 {
2641 struct in6_ifaddr *ia;
2642
2643 if (ifp == NULL)
2644 return;
2645
2646 LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED);
2647
2648 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
2649 ia = in6_ifaddrs;
2650 while (ia != NULL) {
2651 if (ia->ia_ifa.ifa_ifp != ifp) {
2652 ia = ia->ia_next;
2653 continue;
2654 }
2655 IFA_ADDREF(&ia->ia_ifa); /* for us */
2656 lck_rw_done(&in6_ifaddr_rwlock);
2657 in6_purgeaddr(&ia->ia_ifa);
2658 IFA_REMREF(&ia->ia_ifa); /* for us */
2659 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
2660 /*
2661 * Purging the address would have caused
2662 * in6_ifaddr_rwlock to be dropped and reacquired;
2663 * therefore search again from the beginning
2664 * of in6_ifaddrs list.
2665 */
2666 ia = in6_ifaddrs;
2667 }
2668 lck_rw_done(&in6_ifaddr_rwlock);
2669
2670 in6_ifdetach(ifp);
2671 }
2672
2673 /*
2674 * Initialize an interface's internet6 address and routing table entry.
2675 */
2676 static int
2677 in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia, int ifaupflags)
2678 {
2679 int error;
2680 struct ifaddr *ifa;
2681
2682 error = 0;
2683 ifa = &ia->ia_ifa;
2684
2685 /*
2686 * NOTE: SIOCSIFADDR is defined with struct ifreq as parameter,
2687 * but here we are sending it down to the interface with a pointer
2688 * to struct ifaddr, for legacy reasons.
2689 */
2690 if ((ifaupflags & IN6_IFAUPDATE_1STADDR) != 0) {
2691 error = ifnet_ioctl(ifp, PF_INET6, SIOCSIFADDR, ia);
2692 if (error != 0) {
2693 if (error != EOPNOTSUPP)
2694 return (error);
2695 error = 0;
2696 }
2697 }
2698
2699 IFA_LOCK(ifa);
2700
2701 /*
2702 * Special case:
2703 * If the destination address is specified for a point-to-point
2704 * interface, install a route to the destination as an interface
2705 * direct route.
2706 */
2707 if (!(ia->ia_flags & IFA_ROUTE) && ia->ia_plen == 128 &&
2708 ia->ia_dstaddr.sin6_family == AF_INET6) {
2709 IFA_UNLOCK(ifa);
2710 error = rtinit(ifa, RTM_ADD, RTF_UP | RTF_HOST);
2711 if (error != 0)
2712 return (error);
2713 IFA_LOCK(ifa);
2714 ia->ia_flags |= IFA_ROUTE;
2715 }
2716 IFA_LOCK_ASSERT_HELD(ifa);
2717 if (ia->ia_plen < 128) {
2718 /*
2719 * The RTF_CLONING flag is necessary for in6_is_ifloop_auto().
2720 */
2721 ia->ia_flags |= RTF_CLONING;
2722 }
2723
2724 IFA_UNLOCK(ifa);
2725
2726 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */
2727 if ((ifaupflags & IN6_IFAUPDATE_NEWADDR) != 0)
2728 in6_ifaddloop(ifa);
2729
2730 /* invalidate route caches */
2731 routegenid_inet6_update();
2732
2733 VERIFY(error == 0);
2734 return (0);
2735 }
2736
2737 void
2738 in6_purgeaddrs(struct ifnet *ifp)
2739 {
2740 in6_purgeif(ifp);
2741 }
2742
2743 /*
2744 * Find an IPv6 interface link-local address specific to an interface.
2745 */
2746 struct in6_ifaddr *
2747 in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags)
2748 {
2749 struct ifaddr *ifa;
2750
2751 ifnet_lock_shared(ifp);
2752 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list)
2753 {
2754 IFA_LOCK_SPIN(ifa);
2755 if (ifa->ifa_addr->sa_family != AF_INET6) {
2756 IFA_UNLOCK(ifa);
2757 continue;
2758 }
2759 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) {
2760 if ((((struct in6_ifaddr *)ifa)->ia6_flags &
2761 ignoreflags) != 0) {
2762 IFA_UNLOCK(ifa);
2763 continue;
2764 }
2765 IFA_ADDREF_LOCKED(ifa); /* for caller */
2766 IFA_UNLOCK(ifa);
2767 break;
2768 }
2769 IFA_UNLOCK(ifa);
2770 }
2771 ifnet_lock_done(ifp);
2772
2773 return ((struct in6_ifaddr *)ifa);
2774 }
2775
2776 struct in6_ifaddr *
2777 in6ifa_ifpwithflag(struct ifnet * ifp, int flag)
2778 {
2779 struct ifaddr *ifa;
2780
2781 ifnet_lock_shared(ifp);
2782 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list)
2783 {
2784 IFA_LOCK_SPIN(ifa);
2785 if (ifa->ifa_addr->sa_family != AF_INET6 ) {
2786 IFA_UNLOCK(ifa);
2787 continue;
2788 }
2789 if ((((struct in6_ifaddr *)ifa)->ia6_flags & flag) == flag) {
2790 IFA_ADDREF_LOCKED(ifa);
2791 IFA_UNLOCK(ifa);
2792 break;
2793 }
2794 IFA_UNLOCK(ifa);
2795 }
2796 ifnet_lock_done(ifp);
2797
2798 return ((struct in6_ifaddr *)ifa);
2799 }
2800
2801 /*
2802 * find the internet address corresponding to a given interface and address.
2803 */
2804 struct in6_ifaddr *
2805 in6ifa_ifpwithaddr(struct ifnet *ifp, struct in6_addr *addr)
2806 {
2807 struct ifaddr *ifa;
2808
2809 ifnet_lock_shared(ifp);
2810 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list)
2811 {
2812 IFA_LOCK_SPIN(ifa);
2813 if (ifa->ifa_addr->sa_family != AF_INET6) {
2814 IFA_UNLOCK(ifa);
2815 continue;
2816 }
2817 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) {
2818 IFA_ADDREF_LOCKED(ifa); /* for caller */
2819 IFA_UNLOCK(ifa);
2820 break;
2821 }
2822 IFA_UNLOCK(ifa);
2823 }
2824 ifnet_lock_done(ifp);
2825
2826 return ((struct in6_ifaddr *)ifa);
2827 }
2828
2829 struct in6_ifaddr *
2830 in6ifa_prproxyaddr(struct in6_addr *addr)
2831 {
2832 struct in6_ifaddr *ia;
2833
2834 lck_rw_lock_shared(&in6_ifaddr_rwlock);
2835 for (ia = in6_ifaddrs; ia; ia = ia->ia_next) {
2836 IFA_LOCK(&ia->ia_ifa);
2837 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(&ia->ia_ifa))) {
2838 IFA_ADDREF_LOCKED(&ia->ia_ifa); /* for caller */
2839 IFA_UNLOCK(&ia->ia_ifa);
2840 break;
2841 }
2842 IFA_UNLOCK(&ia->ia_ifa);
2843 }
2844 lck_rw_done(&in6_ifaddr_rwlock);
2845
2846 if (ia != NULL && !nd6_prproxy_ifaddr(ia)) {
2847 IFA_REMREF(&ia->ia_ifa);
2848 ia = NULL;
2849 }
2850
2851 return (ia);
2852 }
2853
2854 void
2855 in6ifa_getlifetime(struct in6_ifaddr *ia6, struct in6_addrlifetime *t_dst,
2856 int iscalendar)
2857 {
2858 struct in6_addrlifetime_i *t_src = &ia6->ia6_lifetime;
2859 struct timeval caltime;
2860
2861 t_dst->ia6t_vltime = t_src->ia6ti_vltime;
2862 t_dst->ia6t_pltime = t_src->ia6ti_pltime;
2863 t_dst->ia6t_expire = 0;
2864 t_dst->ia6t_preferred = 0;
2865
2866 /* account for system time change */
2867 getmicrotime(&caltime);
2868 t_src->ia6ti_base_calendartime +=
2869 NET_CALCULATE_CLOCKSKEW(caltime,
2870 t_src->ia6ti_base_calendartime, net_uptime(),
2871 t_src->ia6ti_base_uptime);
2872
2873 if (iscalendar) {
2874 if (t_src->ia6ti_expire != 0 &&
2875 t_src->ia6ti_vltime != ND6_INFINITE_LIFETIME)
2876 t_dst->ia6t_expire = t_src->ia6ti_base_calendartime +
2877 t_src->ia6ti_expire - t_src->ia6ti_base_uptime;
2878
2879 if (t_src->ia6ti_preferred != 0 &&
2880 t_src->ia6ti_pltime != ND6_INFINITE_LIFETIME)
2881 t_dst->ia6t_preferred = t_src->ia6ti_base_calendartime +
2882 t_src->ia6ti_preferred - t_src->ia6ti_base_uptime;
2883 } else {
2884 if (t_src->ia6ti_expire != 0 &&
2885 t_src->ia6ti_vltime != ND6_INFINITE_LIFETIME)
2886 t_dst->ia6t_expire = t_src->ia6ti_expire;
2887
2888 if (t_src->ia6ti_preferred != 0 &&
2889 t_src->ia6ti_pltime != ND6_INFINITE_LIFETIME)
2890 t_dst->ia6t_preferred = t_src->ia6ti_preferred;
2891 }
2892 }
2893
2894 void
2895 in6ifa_setlifetime(struct in6_ifaddr *ia6, struct in6_addrlifetime *t_src)
2896 {
2897 struct in6_addrlifetime_i *t_dst = &ia6->ia6_lifetime;
2898 struct timeval caltime;
2899
2900 /* account for system time change */
2901 getmicrotime(&caltime);
2902 t_dst->ia6ti_base_calendartime +=
2903 NET_CALCULATE_CLOCKSKEW(caltime,
2904 t_dst->ia6ti_base_calendartime, net_uptime(),
2905 t_dst->ia6ti_base_uptime);
2906
2907 /* trust the caller for the values */
2908 t_dst->ia6ti_expire = t_src->ia6t_expire;
2909 t_dst->ia6ti_preferred = t_src->ia6t_preferred;
2910 t_dst->ia6ti_vltime = t_src->ia6t_vltime;
2911 t_dst->ia6ti_pltime = t_src->ia6t_pltime;
2912 }
2913
2914 /*
2915 * Convert IP6 address to printable (loggable) representation.
2916 */
2917 char *
2918 ip6_sprintf(const struct in6_addr *addr)
2919 {
2920 static const char digits[] = "0123456789abcdef";
2921 static int ip6round = 0;
2922 static char ip6buf[8][48];
2923
2924 int i;
2925 char *cp;
2926 const u_short *a = (const u_short *)addr;
2927 const u_char *d;
2928 u_char n;
2929 int dcolon = 0;
2930 int zpad = 0;
2931
2932 ip6round = (ip6round + 1) & 7;
2933 cp = ip6buf[ip6round];
2934
2935 for (i = 0; i < 8; i++) {
2936 if (dcolon == 1) {
2937 if (*a == 0) {
2938 if (i == 7)
2939 *cp++ = ':';
2940 a++;
2941 continue;
2942 } else
2943 dcolon = 2;
2944 }
2945 if (*a == 0) {
2946 if (dcolon == 0 && *(a + 1) == 0) {
2947 if (i == 0)
2948 *cp++ = ':';
2949 *cp++ = ':';
2950 dcolon = 1;
2951 } else {
2952 *cp++ = '0';
2953 *cp++ = ':';
2954 }
2955 a++;
2956 continue;
2957 }
2958 d = (const u_char *)a;
2959 zpad = 0;
2960 if ((n = *d >> 4) != 0) {
2961 *cp++ = digits[n];
2962 zpad = 1;
2963 }
2964 if ((n = *d++ & 0xf) != 0 || zpad) {
2965 *cp++ = digits[n];
2966 zpad = 1;
2967 }
2968 if ((n = *d >> 4) != 0 || zpad) {
2969 *cp++ = digits[n];
2970 zpad = 1;
2971 }
2972 if ((n = *d & 0xf) != 0 || zpad)
2973 *cp++ = digits[n];
2974 *cp++ = ':';
2975 a++;
2976 }
2977 *--cp = 0;
2978 return (ip6buf[ip6round]);
2979 }
2980
2981 int
2982 in6addr_local(struct in6_addr *in6)
2983 {
2984 struct rtentry *rt;
2985 struct sockaddr_in6 sin6;
2986 int local = 0;
2987
2988 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_SCOPE_LINKLOCAL(in6))
2989 return (1);
2990
2991 sin6.sin6_family = AF_INET6;
2992 sin6.sin6_len = sizeof (sin6);
2993 bcopy(in6, &sin6.sin6_addr, sizeof (*in6));
2994 rt = rtalloc1((struct sockaddr *)&sin6, 0, 0);
2995
2996 if (rt != NULL) {
2997 RT_LOCK_SPIN(rt);
2998 if (rt->rt_gateway->sa_family == AF_LINK)
2999 local = 1;
3000 RT_UNLOCK(rt);
3001 rtfree(rt);
3002 } else {
3003 local = in6_localaddr(in6);
3004 }
3005 return (local);
3006 }
3007
3008 int
3009 in6_localaddr(struct in6_addr *in6)
3010 {
3011 struct in6_ifaddr *ia;
3012
3013 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6))
3014 return (1);
3015
3016 lck_rw_lock_shared(&in6_ifaddr_rwlock);
3017 for (ia = in6_ifaddrs; ia; ia = ia->ia_next) {
3018 IFA_LOCK_SPIN(&ia->ia_ifa);
3019 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr,
3020 &ia->ia_prefixmask.sin6_addr)) {
3021 IFA_UNLOCK(&ia->ia_ifa);
3022 lck_rw_done(&in6_ifaddr_rwlock);
3023 return (1);
3024 }
3025 IFA_UNLOCK(&ia->ia_ifa);
3026 }
3027 lck_rw_done(&in6_ifaddr_rwlock);
3028 return (0);
3029 }
3030
3031 /*
3032 * return length of part which dst and src are equal
3033 * hard coding...
3034 */
3035 int
3036 in6_matchlen(struct in6_addr *src, struct in6_addr *dst)
3037 {
3038 int match = 0;
3039 u_char *s = (u_char *)src, *d = (u_char *)dst;
3040 u_char *lim = s + 16, r;
3041
3042 while (s < lim)
3043 if ((r = (*d++ ^ *s++)) != 0) {
3044 while (r < 128) {
3045 match++;
3046 r <<= 1;
3047 }
3048 break;
3049 } else
3050 match += 8;
3051 return (match);
3052 }
3053
3054 /* XXX: to be scope conscious */
3055 int
3056 in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len)
3057 {
3058 int bytelen, bitlen;
3059
3060 /* sanity check */
3061 if (0 > len || len > 128) {
3062 log(LOG_ERR, "%s: invalid prefix length(%d)\n", __func__, len);
3063 return (0);
3064 }
3065
3066 bytelen = len / 8;
3067 bitlen = len % 8;
3068
3069 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen))
3070 return (0);
3071 if (bitlen != 0 &&
3072 p1->s6_addr[bytelen] >> (8 - bitlen) !=
3073 p2->s6_addr[bytelen] >> (8 - bitlen))
3074 return (0);
3075
3076 return (1);
3077 }
3078
3079 void
3080 in6_prefixlen2mask(struct in6_addr *maskp, int len)
3081 {
3082 u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff};
3083 int bytelen, bitlen, i;
3084
3085 /* sanity check */
3086 if (0 > len || len > 128) {
3087 log(LOG_ERR, "%s: invalid prefix length(%d)\n", __func__, len);
3088 return;
3089 }
3090
3091 bzero(maskp, sizeof (*maskp));
3092 bytelen = len / 8;
3093 bitlen = len % 8;
3094 for (i = 0; i < bytelen; i++)
3095 maskp->s6_addr[i] = 0xff;
3096 if (bitlen)
3097 maskp->s6_addr[bytelen] = maskarray[bitlen - 1];
3098 }
3099
3100 /*
3101 * return the best address out of the same scope
3102 */
3103 struct in6_ifaddr *
3104 in6_ifawithscope(struct ifnet *oifp, struct in6_addr *dst)
3105 {
3106 int dst_scope = in6_addrscope(dst), src_scope, best_scope = 0;
3107 int blen = -1;
3108 struct ifaddr *ifa;
3109 struct ifnet *ifp;
3110 struct in6_ifaddr *ifa_best = NULL;
3111
3112 if (oifp == NULL) {
3113 return (NULL);
3114 }
3115
3116 /*
3117 * We search for all addresses on all interfaces from the beginning.
3118 * Comparing an interface with the outgoing interface will be done
3119 * only at the final stage of tiebreaking.
3120 */
3121 ifnet_head_lock_shared();
3122 TAILQ_FOREACH(ifp, &ifnet_head, if_list) {
3123 /*
3124 * We can never take an address that breaks the scope zone
3125 * of the destination.
3126 */
3127 if (in6_addr2scopeid(ifp, dst) != in6_addr2scopeid(oifp, dst))
3128 continue;
3129
3130 ifnet_lock_shared(ifp);
3131 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) {
3132 int tlen = -1, dscopecmp, bscopecmp, matchcmp;
3133
3134 IFA_LOCK(ifa);
3135 if (ifa->ifa_addr->sa_family != AF_INET6) {
3136 IFA_UNLOCK(ifa);
3137 continue;
3138 }
3139 src_scope = in6_addrscope(IFA_IN6(ifa));
3140
3141 /*
3142 * Don't use an address before completing DAD
3143 * nor a duplicated address.
3144 */
3145 if (((struct in6_ifaddr *)ifa)->ia6_flags &
3146 (IN6_IFF_NOTREADY | IN6_IFF_CLAT46)) {
3147 IFA_UNLOCK(ifa);
3148 continue;
3149 }
3150 /* XXX: is there any case to allow anycasts? */
3151 if (((struct in6_ifaddr *)ifa)->ia6_flags &
3152 IN6_IFF_ANYCAST) {
3153 IFA_UNLOCK(ifa);
3154 continue;
3155 }
3156 if (((struct in6_ifaddr *)ifa)->ia6_flags &
3157 IN6_IFF_DETACHED) {
3158 IFA_UNLOCK(ifa);
3159 continue;
3160 }
3161 /*
3162 * If this is the first address we find,
3163 * keep it anyway.
3164 */
3165 if (ifa_best == NULL)
3166 goto replace;
3167
3168 /*
3169 * ifa_best is never NULL beyond this line except
3170 * within the block labeled "replace".
3171 */
3172
3173 /*
3174 * If ifa_best has a smaller scope than dst and
3175 * the current address has a larger one than
3176 * (or equal to) dst, always replace ifa_best.
3177 * Also, if the current address has a smaller scope
3178 * than dst, ignore it unless ifa_best also has a
3179 * smaller scope.
3180 * Consequently, after the two if-clause below,
3181 * the followings must be satisfied:
3182 * (scope(src) < scope(dst) &&
3183 * scope(best) < scope(dst))
3184 * OR
3185 * (scope(best) >= scope(dst) &&
3186 * scope(src) >= scope(dst))
3187 */
3188 if (IN6_ARE_SCOPE_CMP(best_scope, dst_scope) < 0 &&
3189 IN6_ARE_SCOPE_CMP(src_scope, dst_scope) >= 0)
3190 goto replace; /* (A) */
3191 if (IN6_ARE_SCOPE_CMP(src_scope, dst_scope) < 0 &&
3192 IN6_ARE_SCOPE_CMP(best_scope, dst_scope) >= 0) {
3193 IFA_UNLOCK(ifa);
3194 continue; /* (B) */
3195 }
3196 /*
3197 * A deprecated address SHOULD NOT be used in new
3198 * communications if an alternate (non-deprecated)
3199 * address is available and has sufficient scope.
3200 * RFC 4862, Section 5.5.4.
3201 */
3202 if (((struct in6_ifaddr *)ifa)->ia6_flags &
3203 IN6_IFF_DEPRECATED) {
3204 /*
3205 * Ignore any deprecated addresses if
3206 * specified by configuration.
3207 */
3208 if (!ip6_use_deprecated) {
3209 IFA_UNLOCK(ifa);
3210 continue;
3211 }
3212 /*
3213 * If we have already found a non-deprecated
3214 * candidate, just ignore deprecated addresses.
3215 */
3216 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED)
3217 == 0) {
3218 IFA_UNLOCK(ifa);
3219 continue;
3220 }
3221 }
3222
3223 /*
3224 * A non-deprecated address is always preferred
3225 * to a deprecated one regardless of scopes and
3226 * address matching (Note invariants ensured by the
3227 * conditions (A) and (B) above.)
3228 */
3229 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) &&
3230 (((struct in6_ifaddr *)ifa)->ia6_flags &
3231 IN6_IFF_DEPRECATED) == 0)
3232 goto replace;
3233
3234 /*
3235 * When we use temporary addresses described in
3236 * RFC 4941, we prefer temporary addresses to
3237 * public autoconf addresses. Again, note the
3238 * invariants from (A) and (B). Also note that we
3239 * don't have any preference between static addresses
3240 * and autoconf addresses (despite of whether or not
3241 * the latter is temporary or public.)
3242 */
3243 if (ip6_use_tempaddr) {
3244 struct in6_ifaddr *ifat;
3245
3246 ifat = (struct in6_ifaddr *)ifa;
3247 if ((ifa_best->ia6_flags &
3248 (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY))
3249 == IN6_IFF_AUTOCONF &&
3250 (ifat->ia6_flags &
3251 (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY))
3252 == (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY)) {
3253 goto replace;
3254 }
3255 if ((ifa_best->ia6_flags &
3256 (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY))
3257 == (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY) &&
3258 (ifat->ia6_flags &
3259 (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY))
3260 == IN6_IFF_AUTOCONF) {
3261 IFA_UNLOCK(ifa);
3262 continue;
3263 }
3264 }
3265
3266 /*
3267 * At this point, we have two cases:
3268 * 1. we are looking at a non-deprecated address,
3269 * and ifa_best is also non-deprecated.
3270 * 2. we are looking at a deprecated address,
3271 * and ifa_best is also deprecated.
3272 * Also, we do not have to consider a case where
3273 * the scope of if_best is larger(smaller) than dst and
3274 * the scope of the current address is smaller(larger)
3275 * than dst. Such a case has already been covered.
3276 * Tiebreaking is done according to the following
3277 * items:
3278 * - the scope comparison between the address and
3279 * dst (dscopecmp)
3280 * - the scope comparison between the address and
3281 * ifa_best (bscopecmp)
3282 * - if the address match dst longer than ifa_best
3283 * (matchcmp)
3284 * - if the address is on the outgoing I/F (outI/F)
3285 *
3286 * Roughly speaking, the selection policy is
3287 * - the most important item is scope. The same scope
3288 * is best. Then search for a larger scope.
3289 * Smaller scopes are the last resort.
3290 * - A deprecated address is chosen only when we have
3291 * no address that has an enough scope, but is
3292 * prefered to any addresses of smaller scopes
3293 * (this must be already done above.)
3294 * - addresses on the outgoing I/F are preferred to
3295 * ones on other interfaces if none of above
3296 * tiebreaks. In the table below, the column "bI"
3297 * means if the best_ifa is on the outgoing
3298 * interface, and the column "sI" means if the ifa
3299 * is on the outgoing interface.
3300 * - If there is no other reasons to choose one,
3301 * longest address match against dst is considered.
3302 *
3303 * The precise decision table is as follows:
3304 * dscopecmp bscopecmp match bI oI | replace?
3305 * N/A equal N/A Y N | No (1)
3306 * N/A equal N/A N Y | Yes (2)
3307 * N/A equal larger N/A | Yes (3)
3308 * N/A equal !larger N/A | No (4)
3309 * larger larger N/A N/A | No (5)
3310 * larger smaller N/A N/A | Yes (6)
3311 * smaller larger N/A N/A | Yes (7)
3312 * smaller smaller N/A N/A | No (8)
3313 * equal smaller N/A N/A | Yes (9)
3314 * equal larger (already done at A above)
3315 */
3316 dscopecmp = IN6_ARE_SCOPE_CMP(src_scope, dst_scope);
3317 bscopecmp = IN6_ARE_SCOPE_CMP(src_scope, best_scope);
3318
3319 if (bscopecmp == 0) {
3320 struct ifnet *bifp = ifa_best->ia_ifp;
3321
3322 if (bifp == oifp && ifp != oifp) { /* (1) */
3323 IFA_UNLOCK(ifa);
3324 continue;
3325 }
3326 if (bifp != oifp && ifp == oifp) /* (2) */
3327 goto replace;
3328
3329 /*
3330 * Both bifp and ifp are on the outgoing
3331 * interface, or both two are on a different
3332 * interface from the outgoing I/F.
3333 * now we need address matching against dst
3334 * for tiebreaking.
3335 */
3336 tlen = in6_matchlen(IFA_IN6(ifa), dst);
3337 matchcmp = tlen - blen;
3338 if (matchcmp > 0) /* (3) */
3339 goto replace;
3340 IFA_UNLOCK(ifa);
3341 continue; /* (4) */
3342 }
3343 if (dscopecmp > 0) {
3344 if (bscopecmp > 0) { /* (5) */
3345 IFA_UNLOCK(ifa);
3346 continue;
3347 }
3348 goto replace; /* (6) */
3349 }
3350 if (dscopecmp < 0) {
3351 if (bscopecmp > 0) /* (7) */
3352 goto replace;
3353 IFA_UNLOCK(ifa);
3354 continue; /* (8) */
3355 }
3356
3357 /* now dscopecmp must be 0 */
3358 if (bscopecmp < 0)
3359 goto replace; /* (9) */
3360
3361 replace:
3362 IFA_ADDREF_LOCKED(ifa); /* for ifa_best */
3363 blen = tlen >= 0 ? tlen :
3364 in6_matchlen(IFA_IN6(ifa), dst);
3365 best_scope =
3366 in6_addrscope(&ifa2ia6(ifa)->ia_addr.sin6_addr);
3367 IFA_UNLOCK(ifa);
3368 if (ifa_best)
3369 IFA_REMREF(&ifa_best->ia_ifa);
3370 ifa_best = (struct in6_ifaddr *)ifa;
3371 }
3372 ifnet_lock_done(ifp);
3373 }
3374 ifnet_head_done();
3375
3376 /* count statistics for future improvements */
3377 if (ifa_best == NULL)
3378 ip6stat.ip6s_sources_none++;
3379 else {
3380 IFA_LOCK_SPIN(&ifa_best->ia_ifa);
3381 if (oifp == ifa_best->ia_ifp)
3382 ip6stat.ip6s_sources_sameif[best_scope]++;
3383 else
3384 ip6stat.ip6s_sources_otherif[best_scope]++;
3385
3386 if (best_scope == dst_scope)
3387 ip6stat.ip6s_sources_samescope[best_scope]++;
3388 else
3389 ip6stat.ip6s_sources_otherscope[best_scope]++;
3390
3391 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) != 0)
3392 ip6stat.ip6s_sources_deprecated[best_scope]++;
3393 IFA_UNLOCK(&ifa_best->ia_ifa);
3394 }
3395
3396 return (ifa_best);
3397 }
3398
3399 /*
3400 * return the best address out of the same scope. if no address was
3401 * found, return the first valid address from designated IF.
3402 */
3403 struct in6_ifaddr *
3404 in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst)
3405 {
3406 int dst_scope = in6_addrscope(dst), blen = -1, tlen;
3407 struct ifaddr *ifa;
3408 struct in6_ifaddr *besta = NULL;
3409 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */
3410
3411 dep[0] = dep[1] = NULL;
3412
3413 /*
3414 * We first look for addresses in the same scope.
3415 * If there is one, return it.
3416 * If two or more, return one which matches the dst longest.
3417 * If none, return one of global addresses assigned other ifs.
3418 */
3419 ifnet_lock_shared(ifp);
3420 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) {
3421 IFA_LOCK(ifa);
3422 if (ifa->ifa_addr->sa_family != AF_INET6) {
3423 IFA_UNLOCK(ifa);
3424 continue;
3425 }
3426 if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_ANYCAST) {
3427 IFA_UNLOCK(ifa);
3428 continue; /* XXX: is there any case to allow anycast? */
3429 }
3430 if (ifa2ia6(ifa)->ia6_flags & (IN6_IFF_NOTREADY | IN6_IFF_CLAT46)) {
3431 IFA_UNLOCK(ifa);
3432 continue; /* don't use this interface */
3433 }
3434 if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_DETACHED) {
3435 IFA_UNLOCK(ifa);
3436 continue;
3437 }
3438 if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
3439 if (ip6_use_deprecated) {
3440 IFA_ADDREF_LOCKED(ifa); /* for dep[0] */
3441 IFA_UNLOCK(ifa);
3442 if (dep[0] != NULL)
3443 IFA_REMREF(&dep[0]->ia_ifa);
3444 dep[0] = (struct in6_ifaddr *)ifa;
3445 } else {
3446 IFA_UNLOCK(ifa);
3447 }
3448 continue;
3449 }
3450
3451 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) {
3452 /*
3453 * call in6_matchlen() as few as possible
3454 */
3455 if (besta) {
3456 if (blen == -1) {
3457 IFA_UNLOCK(ifa);
3458 IFA_LOCK(&besta->ia_ifa);
3459 blen = in6_matchlen(
3460 &besta->ia_addr.sin6_addr, dst);
3461 IFA_UNLOCK(&besta->ia_ifa);
3462 IFA_LOCK(ifa);
3463 }
3464 tlen = in6_matchlen(IFA_IN6(ifa), dst);
3465 if (tlen > blen) {
3466 blen = tlen;
3467 IFA_ADDREF_LOCKED(ifa); /* for besta */
3468 IFA_UNLOCK(ifa);
3469 IFA_REMREF(&besta->ia_ifa);
3470 besta = (struct in6_ifaddr *)ifa;
3471 } else {
3472 IFA_UNLOCK(ifa);
3473 }
3474 } else {
3475 besta = (struct in6_ifaddr *)ifa;
3476 IFA_ADDREF_LOCKED(ifa); /* for besta */
3477 IFA_UNLOCK(ifa);
3478 }
3479 } else {
3480 IFA_UNLOCK(ifa);
3481 }
3482 }
3483 if (besta) {
3484 ifnet_lock_done(ifp);
3485 if (dep[0] != NULL)
3486 IFA_REMREF(&dep[0]->ia_ifa);
3487 return (besta);
3488 }
3489
3490 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) {
3491 IFA_LOCK(ifa);
3492 if (ifa->ifa_addr->sa_family != AF_INET6) {
3493 IFA_UNLOCK(ifa);
3494 continue;
3495 }
3496 if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_ANYCAST) {
3497 IFA_UNLOCK(ifa);
3498 continue; /* XXX: is there any case to allow anycast? */
3499 }
3500 if (ifa2ia6(ifa)->ia6_flags & (IN6_IFF_NOTREADY | IN6_IFF_CLAT46)) {
3501 IFA_UNLOCK(ifa);
3502 continue; /* don't use this interface */
3503 }
3504 if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_DETACHED) {
3505 IFA_UNLOCK(ifa);
3506 continue;
3507 }
3508 if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
3509 if (ip6_use_deprecated) {
3510 IFA_ADDREF_LOCKED(ifa); /* for dep[1] */
3511 IFA_UNLOCK(ifa);
3512 if (dep[1] != NULL)
3513 IFA_REMREF(&dep[1]->ia_ifa);
3514 dep[1] = (struct in6_ifaddr *)ifa;
3515 } else {
3516 IFA_UNLOCK(ifa);
3517 }
3518 continue;
3519 }
3520 IFA_ADDREF_LOCKED(ifa); /* for caller */
3521 IFA_UNLOCK(ifa);
3522 ifnet_lock_done(ifp);
3523 if (dep[0] != NULL)
3524 IFA_REMREF(&dep[0]->ia_ifa);
3525 if (dep[1] != NULL)
3526 IFA_REMREF(&dep[1]->ia_ifa);
3527 return ((struct in6_ifaddr *)ifa);
3528 }
3529 ifnet_lock_done(ifp);
3530
3531 /* use the last-resort values, that are, deprecated addresses */
3532 if (dep[0]) {
3533 if (dep[1] != NULL)
3534 IFA_REMREF(&dep[1]->ia_ifa);
3535 return (dep[0]);
3536 }
3537 if (dep[1])
3538 return (dep[1]);
3539
3540 return (NULL);
3541 }
3542
3543 /*
3544 * perform DAD when interface becomes IFF_UP.
3545 */
3546 static void
3547 in6_if_up_dad_start(struct ifnet *ifp)
3548 {
3549 struct ifaddr *ifa;
3550 struct nd_ifinfo *ndi = NULL;
3551
3552 ndi = ND_IFINFO(ifp);
3553 VERIFY((NULL != ndi) && (TRUE == ndi->initialized));
3554 if (!(ndi->flags & ND6_IFF_DAD))
3555 return;
3556
3557 /* start DAD on all the interface addresses */
3558 ifnet_lock_exclusive(ifp);
3559 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) {
3560 struct in6_ifaddr *ia6;
3561
3562 IFA_LOCK_SPIN(ifa);
3563 if (ifa->ifa_addr->sa_family != AF_INET6) {
3564 IFA_UNLOCK(ifa);
3565 continue;
3566 }
3567 ia6 = (struct in6_ifaddr *)ifa;
3568 if (ia6->ia6_flags & IN6_IFF_DADPROGRESS) {
3569 int delay = 0; /* delay ticks before DAD output */
3570 IFA_UNLOCK(ifa);
3571 nd6_dad_start(ifa, &delay);
3572 } else {
3573 IFA_UNLOCK(ifa);
3574 }
3575 }
3576 ifnet_lock_done(ifp);
3577 }
3578
3579 int
3580 in6if_do_dad(
3581 struct ifnet *ifp)
3582 {
3583 struct nd_ifinfo *ndi = NULL;
3584
3585 if ((ifp->if_flags & IFF_LOOPBACK) != 0)
3586 return (0);
3587
3588 ndi = ND_IFINFO(ifp);
3589 VERIFY((NULL != ndi) && (TRUE == ndi->initialized));
3590 if (!(ndi->flags & ND6_IFF_DAD))
3591 return (0);
3592
3593 /*
3594 * If we are using the alternative neighbor discovery
3595 * interface on this interface, then skip DAD.
3596 *
3597 * Also, skip it for interfaces marked "local private"
3598 * for now, even when not marked as using the alternative
3599 * interface. This is for historical reasons.
3600 */
3601 if (ifp->if_eflags &
3602 (IFEF_IPV6_ND6ALT|IFEF_LOCALNET_PRIVATE|IFEF_DIRECTLINK))
3603 return (0);
3604
3605 if (ifp->if_subfamily == IFNET_SUBFAMILY_IPSEC ||
3606 ifp->if_subfamily == IFNET_SUBFAMILY_UTUN) {
3607 /*
3608 * Ignore DAD for tunneling virtual interfaces, which get
3609 * their IPv6 address explicitly assigned.
3610 */
3611 return (0);
3612 }
3613
3614 switch (ifp->if_type) {
3615 #if IFT_DUMMY
3616 case IFT_DUMMY:
3617 #endif
3618 case IFT_FAITH:
3619 /*
3620 * These interfaces do not have the IFF_LOOPBACK flag,
3621 * but loop packets back. We do not have to do DAD on such
3622 * interfaces. We should even omit it, because loop-backed
3623 * NS would confuse the DAD procedure.
3624 */
3625 return (0);
3626 default:
3627 /*
3628 * Our DAD routine requires the interface up and running.
3629 * However, some interfaces can be up before the RUNNING
3630 * status. Additionaly, users may try to assign addresses
3631 * before the interface becomes up (or running).
3632 * We simply skip DAD in such a case as a work around.
3633 * XXX: we should rather mark "tentative" on such addresses,
3634 * and do DAD after the interface becomes ready.
3635 */
3636 if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) !=
3637 (IFF_UP|IFF_RUNNING))
3638 return (0);
3639
3640 return (1);
3641 }
3642 }
3643
3644 /*
3645 * Calculate max IPv6 MTU through all the interfaces and store it
3646 * to in6_maxmtu.
3647 */
3648 void
3649 in6_setmaxmtu(void)
3650 {
3651 u_int32_t maxmtu = 0;
3652 struct ifnet *ifp;
3653
3654 ifnet_head_lock_shared();
3655 TAILQ_FOREACH(ifp, &ifnet_head, if_list) {
3656 struct nd_ifinfo *ndi = NULL;
3657
3658 if ((ndi = ND_IFINFO(ifp)) != NULL && !ndi->initialized)
3659 ndi = NULL;
3660 if (ndi != NULL)
3661 lck_mtx_lock(&ndi->lock);
3662 if ((ifp->if_flags & IFF_LOOPBACK) == 0 &&
3663 IN6_LINKMTU(ifp) > maxmtu)
3664 maxmtu = IN6_LINKMTU(ifp);
3665 if (ndi != NULL)
3666 lck_mtx_unlock(&ndi->lock);
3667 }
3668 ifnet_head_done();
3669 if (maxmtu) /* update only when maxmtu is positive */
3670 in6_maxmtu = maxmtu;
3671 }
3672 /*
3673 * Provide the length of interface identifiers to be used for the link attached
3674 * to the given interface. The length should be defined in "IPv6 over
3675 * xxx-link" document. Note that address architecture might also define
3676 * the length for a particular set of address prefixes, regardless of the
3677 * link type. Also see RFC 4862 for additional background.
3678 */
3679 int
3680 in6_if2idlen(struct ifnet *ifp)
3681 {
3682 switch (ifp->if_type) {
3683 case IFT_ETHER: /* RFC2464 */
3684 case IFT_IEEE8023ADLAG: /* IEEE802.3ad Link Aggregate */
3685 #ifdef IFT_PROPVIRTUAL
3686 case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */
3687 #endif
3688 #ifdef IFT_L2VLAN
3689 case IFT_L2VLAN: /* ditto */
3690 #endif
3691 #ifdef IFT_IEEE80211
3692 case IFT_IEEE80211: /* ditto */
3693 #endif
3694 #ifdef IFT_MIP
3695 case IFT_MIP: /* ditto */
3696 #endif
3697 return (64);
3698 case IFT_FDDI: /* RFC2467 */
3699 return (64);
3700 case IFT_ISO88025: /* RFC2470 (IPv6 over Token Ring) */
3701 return (64);
3702 case IFT_PPP: /* RFC2472 */
3703 return (64);
3704 case IFT_ARCNET: /* RFC2497 */
3705 return (64);
3706 case IFT_FRELAY: /* RFC2590 */
3707 return (64);
3708 case IFT_IEEE1394: /* RFC3146 */
3709 return (64);
3710 case IFT_GIF:
3711 return (64); /* draft-ietf-v6ops-mech-v2-07 */
3712 case IFT_LOOP:
3713 return (64); /* XXX: is this really correct? */
3714 case IFT_OTHER:
3715 return (64); /* for utun interfaces */
3716 case IFT_CELLULAR:
3717 return (64); /* Packet Data over Cellular */
3718 case IFT_BRIDGE:
3719 return (64); /* Transparent bridge interface */
3720 default:
3721 /*
3722 * Unknown link type:
3723 * It might be controversial to use the today's common constant
3724 * of 64 for these cases unconditionally. For full compliance,
3725 * we should return an error in this case. On the other hand,
3726 * if we simply miss the standard for the link type or a new
3727 * standard is defined for a new link type, the IFID length
3728 * is very likely to be the common constant. As a compromise,
3729 * we always use the constant, but make an explicit notice
3730 * indicating the "unknown" case.
3731 */
3732 log(LOG_NOTICE, "%s: unknown link type (%d)\n", __func__,
3733 ifp->if_type);
3734 return (64);
3735 }
3736 }
3737 /*
3738 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be
3739 * v4 mapped addr or v4 compat addr
3740 */
3741 void
3742 in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
3743 {
3744 bzero(sin, sizeof (*sin));
3745 sin->sin_len = sizeof (struct sockaddr_in);
3746 sin->sin_family = AF_INET;
3747 sin->sin_port = sin6->sin6_port;
3748 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3];
3749 }
3750
3751 /* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */
3752 void
3753 in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
3754 {
3755 bzero(sin6, sizeof (*sin6));
3756 sin6->sin6_len = sizeof (struct sockaddr_in6);
3757 sin6->sin6_family = AF_INET6;
3758 sin6->sin6_port = sin->sin_port;
3759 sin6->sin6_addr.s6_addr32[0] = 0;
3760 sin6->sin6_addr.s6_addr32[1] = 0;
3761 if (sin->sin_addr.s_addr) {
3762 sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP;
3763 sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr;
3764 } else {
3765 sin6->sin6_addr.s6_addr32[2] = 0;
3766 sin6->sin6_addr.s6_addr32[3] = 0;
3767 }
3768 }
3769
3770 /* Convert sockaddr_in6 into sockaddr_in. */
3771 void
3772 in6_sin6_2_sin_in_sock(struct sockaddr *nam)
3773 {
3774 struct sockaddr_in *sin_p;
3775 struct sockaddr_in6 sin6;
3776
3777 /*
3778 * Save original sockaddr_in6 addr and convert it
3779 * to sockaddr_in.
3780 */
3781 sin6 = *(struct sockaddr_in6 *)(void *)nam;
3782 sin_p = (struct sockaddr_in *)(void *)nam;
3783 in6_sin6_2_sin(sin_p, &sin6);
3784 }
3785
3786 /* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */
3787 int
3788 in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam)
3789 {
3790 struct sockaddr_in *sin_p;
3791 struct sockaddr_in6 *sin6_p;
3792
3793 MALLOC(sin6_p, struct sockaddr_in6 *, sizeof (*sin6_p), M_SONAME,
3794 M_WAITOK);
3795 if (sin6_p == NULL)
3796 return (ENOBUFS);
3797 sin_p = (struct sockaddr_in *)(void *)*nam;
3798 in6_sin_2_v4mapsin6(sin_p, sin6_p);
3799 FREE(*nam, M_SONAME);
3800 *nam = (struct sockaddr *)sin6_p;
3801
3802 return (0);
3803 }
3804
3805 /*
3806 * Posts in6_event_data message kernel events.
3807 *
3808 * To get the same size of kev_in6_data between ILP32 and LP64 data models
3809 * we are using a special version of the in6_addrlifetime structure that
3810 * uses only 32 bits fields to be compatible with Leopard, and that
3811 * are large enough to span 68 years.
3812 */
3813 void
3814 in6_post_msg(struct ifnet *ifp, u_int32_t event_code, struct in6_ifaddr *ifa,
3815 uint8_t *mac)
3816 {
3817 struct kev_msg ev_msg;
3818 struct kev_in6_data in6_event_data;
3819 struct in6_addrlifetime ia6_lt;
3820
3821 bzero(&in6_event_data, sizeof (struct kev_in6_data));
3822 bzero(&ev_msg, sizeof (struct kev_msg));
3823 ev_msg.vendor_code = KEV_VENDOR_APPLE;
3824 ev_msg.kev_class = KEV_NETWORK_CLASS;
3825 ev_msg.kev_subclass = KEV_INET6_SUBCLASS;
3826 ev_msg.event_code = event_code;
3827
3828 if (ifa) {
3829 IFA_LOCK(&ifa->ia_ifa);
3830 in6_event_data.ia_addr = ifa->ia_addr;
3831 in6_event_data.ia_net = ifa->ia_net;
3832 in6_event_data.ia_dstaddr = ifa->ia_dstaddr;
3833 in6_event_data.ia_prefixmask = ifa->ia_prefixmask;
3834 in6_event_data.ia_plen = ifa->ia_plen;
3835 in6_event_data.ia6_flags = (u_int32_t)ifa->ia6_flags;
3836
3837 /* retrieve time as calendar time (last arg is 1) */
3838 in6ifa_getlifetime(ifa, &ia6_lt, 1);
3839 in6_event_data.ia_lifetime.ia6t_expire = ia6_lt.ia6t_expire;
3840 in6_event_data.ia_lifetime.ia6t_preferred = ia6_lt.ia6t_preferred;
3841 in6_event_data.ia_lifetime.ia6t_vltime = ia6_lt.ia6t_vltime;
3842 in6_event_data.ia_lifetime.ia6t_pltime = ia6_lt.ia6t_pltime;
3843 IFA_UNLOCK(&ifa->ia_ifa);
3844 }
3845
3846 if (ifp != NULL) {
3847 (void) strlcpy(&in6_event_data.link_data.if_name[0],
3848 ifp->if_name, IFNAMSIZ);
3849 in6_event_data.link_data.if_family = ifp->if_family;
3850 in6_event_data.link_data.if_unit = (u_int32_t)ifp->if_unit;
3851 }
3852
3853 if (mac != NULL)
3854 memcpy(&in6_event_data.ia_mac, mac,
3855 sizeof(in6_event_data.ia_mac));
3856
3857 ev_msg.dv[0].data_ptr = &in6_event_data;
3858 ev_msg.dv[0].data_length = sizeof (in6_event_data);
3859 ev_msg.dv[1].data_length = 0;
3860
3861 dlil_post_complete_msg(NULL, &ev_msg);
3862 }
3863
3864 /*
3865 * Called as part of ip6_init
3866 */
3867 void
3868 in6_ifaddr_init(void)
3869 {
3870 in6_cga_init();
3871 in6_multi_init();
3872
3873 PE_parse_boot_argn("ifa_debug", &in6ifa_debug, sizeof (in6ifa_debug));
3874
3875 in6ifa_size = (in6ifa_debug == 0) ? sizeof (struct in6_ifaddr) :
3876 sizeof (struct in6_ifaddr_dbg);
3877
3878 in6ifa_zone = zinit(in6ifa_size, IN6IFA_ZONE_MAX * in6ifa_size,
3879 0, IN6IFA_ZONE_NAME);
3880 if (in6ifa_zone == NULL) {
3881 panic("%s: failed allocating %s", __func__, IN6IFA_ZONE_NAME);
3882 /* NOTREACHED */
3883 }
3884 zone_change(in6ifa_zone, Z_EXPAND, TRUE);
3885 zone_change(in6ifa_zone, Z_CALLERACCT, FALSE);
3886
3887 lck_mtx_init(&in6ifa_trash_lock, ifa_mtx_grp, ifa_mtx_attr);
3888 TAILQ_INIT(&in6ifa_trash_head);
3889 }
3890
3891 static struct in6_ifaddr *
3892 in6_ifaddr_alloc(int how)
3893 {
3894 struct in6_ifaddr *in6ifa;
3895
3896 in6ifa = (how == M_WAITOK) ? zalloc(in6ifa_zone) :
3897 zalloc_noblock(in6ifa_zone);
3898 if (in6ifa != NULL) {
3899 bzero(in6ifa, in6ifa_size);
3900 in6ifa->ia_ifa.ifa_free = in6_ifaddr_free;
3901 in6ifa->ia_ifa.ifa_debug |= IFD_ALLOC;
3902 ifa_lock_init(&in6ifa->ia_ifa);
3903 if (in6ifa_debug != 0) {
3904 struct in6_ifaddr_dbg *in6ifa_dbg =
3905 (struct in6_ifaddr_dbg *)in6ifa;
3906 in6ifa->ia_ifa.ifa_debug |= IFD_DEBUG;
3907 in6ifa->ia_ifa.ifa_trace = in6_ifaddr_trace;
3908 in6ifa->ia_ifa.ifa_attached = in6_ifaddr_attached;
3909 in6ifa->ia_ifa.ifa_detached = in6_ifaddr_detached;
3910 ctrace_record(&in6ifa_dbg->in6ifa_alloc);
3911 }
3912 }
3913
3914 return (in6ifa);
3915 }
3916
3917 static void
3918 in6_ifaddr_free(struct ifaddr *ifa)
3919 {
3920 IFA_LOCK_ASSERT_HELD(ifa);
3921
3922 if (ifa->ifa_refcnt != 0) {
3923 panic("%s: ifa %p bad ref cnt", __func__, ifa);
3924 /* NOTREACHED */
3925 } else if (!(ifa->ifa_debug & IFD_ALLOC)) {
3926 panic("%s: ifa %p cannot be freed", __func__, ifa);
3927 /* NOTREACHED */
3928 }
3929 if (ifa->ifa_debug & IFD_DEBUG) {
3930 struct in6_ifaddr_dbg *in6ifa_dbg =
3931 (struct in6_ifaddr_dbg *)ifa;
3932 ctrace_record(&in6ifa_dbg->in6ifa_free);
3933 bcopy(&in6ifa_dbg->in6ifa, &in6ifa_dbg->in6ifa_old,
3934 sizeof (struct in6_ifaddr));
3935 if (ifa->ifa_debug & IFD_TRASHED) {
3936 /* Become a regular mutex, just in case */
3937 IFA_CONVERT_LOCK(ifa);
3938 lck_mtx_lock(&in6ifa_trash_lock);
3939 TAILQ_REMOVE(&in6ifa_trash_head, in6ifa_dbg,
3940 in6ifa_trash_link);
3941 lck_mtx_unlock(&in6ifa_trash_lock);
3942 ifa->ifa_debug &= ~IFD_TRASHED;
3943 }
3944 }
3945 IFA_UNLOCK(ifa);
3946 ifa_lock_destroy(ifa);
3947 bzero(ifa, sizeof (struct in6_ifaddr));
3948 zfree(in6ifa_zone, ifa);
3949 }
3950
3951 static void
3952 in6_ifaddr_attached(struct ifaddr *ifa)
3953 {
3954 struct in6_ifaddr_dbg *in6ifa_dbg = (struct in6_ifaddr_dbg *)ifa;
3955
3956 IFA_LOCK_ASSERT_HELD(ifa);
3957
3958 if (!(ifa->ifa_debug & IFD_DEBUG)) {
3959 panic("%s: ifa %p has no debug structure", __func__, ifa);
3960 /* NOTREACHED */
3961 }
3962 if (ifa->ifa_debug & IFD_TRASHED) {
3963 /* Become a regular mutex, just in case */
3964 IFA_CONVERT_LOCK(ifa);
3965 lck_mtx_lock(&in6ifa_trash_lock);
3966 TAILQ_REMOVE(&in6ifa_trash_head, in6ifa_dbg, in6ifa_trash_link);
3967 lck_mtx_unlock(&in6ifa_trash_lock);
3968 ifa->ifa_debug &= ~IFD_TRASHED;
3969 }
3970 }
3971
3972 static void
3973 in6_ifaddr_detached(struct ifaddr *ifa)
3974 {
3975 struct in6_ifaddr_dbg *in6ifa_dbg = (struct in6_ifaddr_dbg *)ifa;
3976
3977 IFA_LOCK_ASSERT_HELD(ifa);
3978
3979 if (!(ifa->ifa_debug & IFD_DEBUG)) {
3980 panic("%s: ifa %p has no debug structure", __func__, ifa);
3981 /* NOTREACHED */
3982 } else if (ifa->ifa_debug & IFD_TRASHED) {
3983 panic("%s: ifa %p is already in trash list", __func__, ifa);
3984 /* NOTREACHED */
3985 }
3986 ifa->ifa_debug |= IFD_TRASHED;
3987 /* Become a regular mutex, just in case */
3988 IFA_CONVERT_LOCK(ifa);
3989 lck_mtx_lock(&in6ifa_trash_lock);
3990 TAILQ_INSERT_TAIL(&in6ifa_trash_head, in6ifa_dbg, in6ifa_trash_link);
3991 lck_mtx_unlock(&in6ifa_trash_lock);
3992 }
3993
3994 static void
3995 in6_ifaddr_trace(struct ifaddr *ifa, int refhold)
3996 {
3997 struct in6_ifaddr_dbg *in6ifa_dbg = (struct in6_ifaddr_dbg *)ifa;
3998 ctrace_t *tr;
3999 u_int32_t idx;
4000 u_int16_t *cnt;
4001
4002 if (!(ifa->ifa_debug & IFD_DEBUG)) {
4003 panic("%s: ifa %p has no debug structure", __func__, ifa);
4004 /* NOTREACHED */
4005 }
4006 if (refhold) {
4007 cnt = &in6ifa_dbg->in6ifa_refhold_cnt;
4008 tr = in6ifa_dbg->in6ifa_refhold;
4009 } else {
4010 cnt = &in6ifa_dbg->in6ifa_refrele_cnt;
4011 tr = in6ifa_dbg->in6ifa_refrele;
4012 }
4013
4014 idx = atomic_add_16_ov(cnt, 1) % IN6IFA_TRACE_HIST_SIZE;
4015 ctrace_record(&tr[idx]);
4016 }
4017
4018 /*
4019 * Handle SIOCGASSOCIDS ioctl for PF_INET6 domain.
4020 */
4021 static int
4022 in6_getassocids(struct socket *so, uint32_t *cnt, user_addr_t aidp)
4023 {
4024 struct in6pcb *in6p = sotoin6pcb(so);
4025 sae_associd_t aid;
4026
4027 if (in6p == NULL || in6p->inp_state == INPCB_STATE_DEAD)
4028 return (EINVAL);
4029
4030 /* IN6PCB has no concept of association */
4031 aid = SAE_ASSOCID_ANY;
4032 *cnt = 0;
4033
4034 /* just asking how many there are? */
4035 if (aidp == USER_ADDR_NULL)
4036 return (0);
4037
4038 return (copyout(&aid, aidp, sizeof (aid)));
4039 }
4040
4041 /*
4042 * Handle SIOCGCONNIDS ioctl for PF_INET6 domain.
4043 */
4044 static int
4045 in6_getconnids(struct socket *so, sae_associd_t aid, uint32_t *cnt,
4046 user_addr_t cidp)
4047 {
4048 struct in6pcb *in6p = sotoin6pcb(so);
4049 sae_connid_t cid;
4050
4051 if (in6p == NULL || in6p->inp_state == INPCB_STATE_DEAD)
4052 return (EINVAL);
4053
4054 if (aid != SAE_ASSOCID_ANY && aid != SAE_ASSOCID_ALL)
4055 return (EINVAL);
4056
4057 /* if connected, return 1 connection count */
4058 *cnt = ((so->so_state & SS_ISCONNECTED) ? 1 : 0);
4059
4060 /* just asking how many there are? */
4061 if (cidp == USER_ADDR_NULL)
4062 return (0);
4063
4064 /* if IN6PCB is connected, assign it connid 1 */
4065 cid = ((*cnt != 0) ? 1 : SAE_CONNID_ANY);
4066
4067 return (copyout(&cid, cidp, sizeof (cid)));
4068 }
4069
4070 /*
4071 * Handle SIOCGCONNINFO ioctl for PF_INET6 domain.
4072 */
4073 int
4074 in6_getconninfo(struct socket *so, sae_connid_t cid, uint32_t *flags,
4075 uint32_t *ifindex, int32_t *soerror, user_addr_t src, socklen_t *src_len,
4076 user_addr_t dst, socklen_t *dst_len, uint32_t *aux_type,
4077 user_addr_t aux_data, uint32_t *aux_len)
4078 {
4079 struct in6pcb *in6p = sotoin6pcb(so);
4080 struct sockaddr_in6 sin6;
4081 struct ifnet *ifp = NULL;
4082 int error = 0;
4083 u_int32_t copy_len = 0;
4084
4085 /*
4086 * Don't test for INPCB_STATE_DEAD since this may be called
4087 * after SOF_PCBCLEARING is set, e.g. after tcp_close().
4088 */
4089 if (in6p == NULL) {
4090 error = EINVAL;
4091 goto out;
4092 }
4093
4094 if (cid != SAE_CONNID_ANY && cid != SAE_CONNID_ALL && cid != 1) {
4095 error = EINVAL;
4096 goto out;
4097 }
4098
4099 ifp = in6p->in6p_last_outifp;
4100 *ifindex = ((ifp != NULL) ? ifp->if_index : 0);
4101 *soerror = so->so_error;
4102 *flags = 0;
4103 if (so->so_state & SS_ISCONNECTED)
4104 *flags |= (CIF_CONNECTED | CIF_PREFERRED);
4105 if (in6p->in6p_flags & INP_BOUND_IF)
4106 *flags |= CIF_BOUND_IF;
4107 if (!(in6p->in6p_flags & INP_IN6ADDR_ANY))
4108 *flags |= CIF_BOUND_IP;
4109 if (!(in6p->in6p_flags & INP_ANONPORT))
4110 *flags |= CIF_BOUND_PORT;
4111
4112 bzero(&sin6, sizeof (sin6));
4113 sin6.sin6_len = sizeof (sin6);
4114 sin6.sin6_family = AF_INET6;
4115
4116 /* source address and port */
4117 sin6.sin6_port = in6p->in6p_lport;
4118 in6_recoverscope(&sin6, &in6p->in6p_laddr, NULL);
4119 if (*src_len == 0) {
4120 *src_len = sin6.sin6_len;
4121 } else {
4122 if (src != USER_ADDR_NULL) {
4123 copy_len = min(*src_len, sizeof (sin6));
4124 error = copyout(&sin6, src, copy_len);
4125 if (error != 0)
4126 goto out;
4127 *src_len = copy_len;
4128 }
4129 }
4130
4131 /* destination address and port */
4132 sin6.sin6_port = in6p->in6p_fport;
4133 in6_recoverscope(&sin6, &in6p->in6p_faddr, NULL);
4134 if (*dst_len == 0) {
4135 *dst_len = sin6.sin6_len;
4136 } else {
4137 if (dst != USER_ADDR_NULL) {
4138 copy_len = min(*dst_len, sizeof (sin6));
4139 error = copyout(&sin6, dst, copy_len);
4140 if (error != 0)
4141 goto out;
4142 *dst_len = copy_len;
4143 }
4144 }
4145
4146 if (SOCK_PROTO(so) == IPPROTO_TCP) {
4147 struct conninfo_tcp tcp_ci;
4148
4149 *aux_type = CIAUX_TCP;
4150 if (*aux_len == 0) {
4151 *aux_len = sizeof (tcp_ci);
4152 } else {
4153 if (aux_data != USER_ADDR_NULL) {
4154 copy_len = min(*aux_len, sizeof (tcp_ci));
4155 bzero(&tcp_ci, sizeof (tcp_ci));
4156 tcp_getconninfo(so, &tcp_ci);
4157 error = copyout(&tcp_ci, aux_data, copy_len);
4158 if (error != 0)
4159 goto out;
4160 *aux_len = copy_len;
4161 }
4162 }
4163 } else {
4164 *aux_type = 0;
4165 *aux_len = 0;
4166 }
4167
4168 out:
4169 return (error);
4170 }
4171
4172 /*
4173 * 'u' group ioctls.
4174 *
4175 * The switch statement below does nothing at runtime, as it serves as a
4176 * compile time check to ensure that all of the socket 'u' ioctls (those
4177 * in the 'u' group going thru soo_ioctl) that are made available by the
4178 * networking stack is unique. This works as long as this routine gets
4179 * updated each time a new interface ioctl gets added.
4180 *
4181 * Any failures at compile time indicates duplicated ioctl values.
4182 */
4183 static __attribute__((unused)) void
4184 in6ioctl_cassert(void)
4185 {
4186 /*
4187 * This is equivalent to _CASSERT() and the compiler wouldn't
4188 * generate any instructions, thus for compile time only.
4189 */
4190 switch ((u_long)0) {
4191 case 0:
4192
4193 /* bsd/netinet6/in6_var.h */
4194 case SIOCAADDRCTL_POLICY:
4195 case SIOCDADDRCTL_POLICY:
4196 case SIOCDRADD_IN6_32:
4197 case SIOCDRADD_IN6_64:
4198 case SIOCDRDEL_IN6_32:
4199 case SIOCDRDEL_IN6_64:
4200 ;
4201 }
4202 }
4203
4204 struct in6_llentry {
4205 struct llentry base;
4206 };
4207
4208 #define IN6_LLTBL_DEFAULT_HSIZE 32
4209 #define IN6_LLTBL_HASH(k, h) \
4210 ((((((((k) >> 8) ^ (k)) >> 8) ^ (k)) >> 8) ^ (k)) & ((h) - 1))
4211
4212 /*
4213 * Do actual deallocation of @lle.
4214 */
4215 static void
4216 in6_lltable_destroy_lle_unlocked(struct llentry *lle)
4217 {
4218 LLE_LOCK_DESTROY(lle);
4219 LLE_REQ_DESTROY(lle);
4220 FREE(lle, M_LLTABLE);
4221 }
4222
4223 /*
4224 * Called by LLE_FREE_LOCKED when number of references
4225 * drops to zero.
4226 */
4227 static void
4228 in6_lltable_destroy_lle(struct llentry *lle)
4229 {
4230 LLE_WUNLOCK(lle);
4231 /* XXX TBD */
4232 //thread_call_free(lle->lle_timer);
4233 in6_lltable_destroy_lle_unlocked(lle);
4234 }
4235
4236
4237 static struct llentry *
4238 in6_lltable_new(const struct in6_addr *addr6, u_int flags)
4239 {
4240 #pragma unused(flags)
4241 struct in6_llentry *lle;
4242
4243 MALLOC(lle, struct in6_llentry *, sizeof(struct in6_llentry), M_LLTABLE, M_NOWAIT | M_ZERO);
4244 if (lle == NULL) /* NB: caller generates msg */
4245 return NULL;
4246
4247 lle->base.r_l3addr.addr6 = *addr6;
4248 lle->base.lle_refcnt = 1;
4249 lle->base.lle_free = in6_lltable_destroy_lle;
4250 LLE_LOCK_INIT(&lle->base);
4251 LLE_REQ_INIT(&lle->base);
4252 #if 0
4253 /* XXX TBD */
4254 lle->base.lle_timer = thread_call_allocate(nd6_llinfo_timer, lle);
4255
4256 if (lle->base.lle_timer == NULL) {
4257 printf("lle_timer thread call could not be allocated.\n");
4258 LLE_LOCK_DESTROY(&lle->base);
4259 LLE_REQ_DESTROY(&lle->base);
4260 FREE(lle, M_LLTABLE);
4261 return NULL;
4262 }
4263 #endif
4264 return (&lle->base);
4265 }
4266
4267 static int
4268 in6_lltable_match_prefix(const struct sockaddr *saddr,
4269 const struct sockaddr *smask, u_int flags, struct llentry *lle)
4270 {
4271 const struct in6_addr *addr, *mask, *lle_addr;
4272
4273 addr = &((const struct sockaddr_in6 *)(const void *)saddr)->sin6_addr;
4274 mask = &((const struct sockaddr_in6 *)(const void *)smask)->sin6_addr;
4275 lle_addr = &lle->r_l3addr.addr6;
4276
4277 if (IN6_ARE_MASKED_ADDR_EQUAL(lle_addr, addr, mask) == 0)
4278 return (0);
4279
4280 if (lle->la_flags & LLE_IFADDR) {
4281 /*
4282 * Delete LLE_IFADDR records IFF address & flag matches.
4283 * Note that addr is the interface address within prefix
4284 * being matched.
4285 */
4286 if (IN6_ARE_ADDR_EQUAL(addr, lle_addr) &&
4287 (flags & LLE_STATIC) != 0)
4288 return (1);
4289 return (0);
4290 }
4291
4292 /* flags & LLE_STATIC means deleting both dynamic and static entries */
4293 if ((flags & LLE_STATIC) || !(lle->la_flags & LLE_STATIC))
4294 return (1);
4295
4296 return (0);
4297 }
4298
4299 static void
4300 in6_lltable_free_entry(struct lltable *llt, struct llentry *lle)
4301 {
4302 struct ifnet *ifp;
4303
4304 LLE_WLOCK_ASSERT(lle);
4305 KASSERT(llt != NULL, ("lltable is NULL"));
4306
4307 /* Unlink entry from table */
4308 if ((lle->la_flags & LLE_LINKED) != 0) {
4309 ifp = llt->llt_ifp;
4310 if_afdata_wlock_assert(ifp, llt->llt_af);
4311 lltable_unlink_entry(llt, lle);
4312 }
4313
4314 #if 0
4315 /* XXX TBD */
4316 if (thread_call_cancel(lle->lle_timer) == TRUE)
4317 LLE_REMREF(lle);
4318 #endif
4319 llentry_free(lle);
4320 }
4321
4322 static int
4323 in6_lltable_rtcheck(struct ifnet *ifp,
4324 u_int flags, const struct sockaddr *l3addr)
4325 {
4326 #pragma unused(flags)
4327 struct rtentry *rt;
4328
4329 KASSERT(l3addr->sa_family == AF_INET6,
4330 ("sin_family %d", l3addr->sa_family));
4331 /* XXX rtalloc1 should take a const param */
4332 rt = rtalloc1(__DECONST(struct sockaddr *, l3addr), 0, 0);
4333 if (rt == NULL || (rt->rt_flags & RTF_GATEWAY) || rt->rt_ifp != ifp) {
4334 struct ifaddr *ifa;
4335 /*
4336 * Create an ND6 cache for an IPv6 neighbor
4337 * that is not covered by our own prefix.
4338 */
4339 /* XXX ifaof_ifpforaddr should take a const param */
4340 ifa = ifaof_ifpforaddr(__DECONST(struct sockaddr *, l3addr), ifp);
4341 if (ifa != NULL) {
4342 IFA_REMREF(ifa);
4343 if (rt != NULL)
4344 rtfree(rt);
4345 return 0;
4346 }
4347 log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n",
4348 ip6_sprintf(&((const struct sockaddr_in6 *)(const void *)l3addr)->sin6_addr));
4349 if (rt != NULL)
4350 rtfree(rt);
4351 return EINVAL;
4352 }
4353 rtfree(rt);
4354 return 0;
4355 }
4356
4357 static inline uint32_t
4358 in6_lltable_hash_dst(const struct in6_addr *dst, uint32_t hsize)
4359 {
4360 return (IN6_LLTBL_HASH(dst->s6_addr32[3], hsize));
4361 }
4362
4363 static uint32_t
4364 in6_lltable_hash(const struct llentry *lle, uint32_t hsize)
4365 {
4366 return (in6_lltable_hash_dst(&lle->r_l3addr.addr6, hsize));
4367 }
4368
4369 static void
4370 in6_lltable_fill_sa_entry(const struct llentry *lle, struct sockaddr *sa)
4371 {
4372 struct sockaddr_in6 *sin6;
4373
4374 sin6 = (struct sockaddr_in6 *)(void *)sa;
4375 bzero(sin6, sizeof(*sin6));
4376 sin6->sin6_family = AF_INET6;
4377 sin6->sin6_len = sizeof(*sin6);
4378 sin6->sin6_addr = lle->r_l3addr.addr6;
4379 }
4380
4381 static inline struct llentry *
4382 in6_lltable_find_dst(struct lltable *llt, const struct in6_addr *dst)
4383 {
4384 struct llentry *lle;
4385 struct llentries *lleh;
4386 u_int hashidx;
4387
4388 hashidx = in6_lltable_hash_dst(dst, llt->llt_hsize);
4389 lleh = &llt->lle_head[hashidx];
4390 LIST_FOREACH(lle, lleh, lle_next) {
4391 if (lle->la_flags & LLE_DELETED)
4392 continue;
4393 if (IN6_ARE_ADDR_EQUAL(&lle->r_l3addr.addr6, dst))
4394 break;
4395 }
4396
4397 return (lle);
4398 }
4399
4400 static void
4401 in6_lltable_delete_entry(struct lltable *llt, struct llentry *lle)
4402 {
4403 #pragma unused(llt)
4404 lle->la_flags |= LLE_DELETED;
4405 EVENTHANDLER_INVOKE(NULL, lle_event, lle, LLENTRY_DELETED);
4406 #ifdef DIAGNOSTIC
4407 log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle);
4408 #endif
4409 llentry_free(lle);
4410 }
4411
4412 static struct llentry *
4413 in6_lltable_alloc(struct lltable *llt, u_int flags,
4414 const struct sockaddr *l3addr)
4415 {
4416 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)(const void *)l3addr;
4417 struct ifnet *ifp = llt->llt_ifp;
4418 struct llentry *lle;
4419
4420 KASSERT(l3addr->sa_family == AF_INET6,
4421 ("sin_family %d", l3addr->sa_family));
4422
4423 /*
4424 * A route that covers the given address must have
4425 * been installed 1st because we are doing a resolution,
4426 * verify this.
4427 */
4428 if (!(flags & LLE_IFADDR) &&
4429 in6_lltable_rtcheck(ifp, flags, l3addr) != 0)
4430 return (NULL);
4431
4432 lle = in6_lltable_new(&sin6->sin6_addr, flags);
4433 if (lle == NULL) {
4434 log(LOG_INFO, "lla_lookup: new lle malloc failed\n");
4435 return (NULL);
4436 }
4437 lle->la_flags = flags;
4438 if ((flags & LLE_IFADDR) == LLE_IFADDR) {
4439 lltable_set_entry_addr(ifp, lle, LLADDR(SDL(ifp->if_lladdr->ifa_addr)));
4440 lle->la_flags |= LLE_STATIC;
4441 }
4442
4443 if ((lle->la_flags & LLE_STATIC) != 0)
4444 lle->ln_state = ND6_LLINFO_REACHABLE;
4445
4446 return (lle);
4447 }
4448
4449 static struct llentry *
4450 in6_lltable_lookup(struct lltable *llt, u_int flags,
4451 const struct sockaddr *l3addr)
4452 {
4453 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)(const void *)l3addr;
4454 struct llentry *lle;
4455
4456 IF_AFDATA_LOCK_ASSERT(llt->llt_ifp, llt->llt_af);
4457 KASSERT(l3addr->sa_family == AF_INET6,
4458 ("sin_family %d", l3addr->sa_family));
4459
4460 lle = in6_lltable_find_dst(llt, &sin6->sin6_addr);
4461
4462 if (lle == NULL)
4463 return (NULL);
4464
4465 KASSERT((flags & (LLE_UNLOCKED|LLE_EXCLUSIVE)) !=
4466 (LLE_UNLOCKED|LLE_EXCLUSIVE),("wrong lle request flags: 0x%X",
4467 flags));
4468
4469 if (flags & LLE_UNLOCKED)
4470 return (lle);
4471
4472 if (flags & LLE_EXCLUSIVE)
4473 LLE_WLOCK(lle);
4474 else
4475 LLE_RLOCK(lle);
4476 return (lle);
4477 }
4478
4479 static int
4480 in6_lltable_dump_entry(struct lltable *llt, struct llentry *lle,
4481 struct sysctl_req *wr)
4482 {
4483 struct ifnet *ifp = llt->llt_ifp;
4484 /* XXX stack use */
4485 struct {
4486 struct rt_msghdr rtm;
4487 struct sockaddr_in6 sin6;
4488 /*
4489 * ndp.c assumes that sdl is word aligned
4490 */
4491 #ifdef __LP64__
4492 uint32_t pad;
4493 #endif
4494 struct sockaddr_dl sdl;
4495 } ndpc;
4496 struct sockaddr_dl *sdl;
4497 int error;
4498
4499 bzero(&ndpc, sizeof(ndpc));
4500 /* skip deleted entries */
4501 if ((lle->la_flags & LLE_DELETED) == LLE_DELETED)
4502 return (0);
4503 /* Skip if jailed and not a valid IP of the prison. */
4504 lltable_fill_sa_entry(lle,
4505 (struct sockaddr *)&ndpc.sin6);
4506 /*
4507 * produce a msg made of:
4508 * struct rt_msghdr;
4509 * struct sockaddr_in6 (IPv6)
4510 * struct sockaddr_dl;
4511 */
4512 ndpc.rtm.rtm_msglen = sizeof(ndpc);
4513 ndpc.rtm.rtm_version = RTM_VERSION;
4514 ndpc.rtm.rtm_type = RTM_GET;
4515 ndpc.rtm.rtm_flags = RTF_UP;
4516 ndpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY;
4517
4518 /* publish */
4519 if (lle->la_flags & LLE_PUB)
4520 ndpc.rtm.rtm_flags |= RTF_ANNOUNCE;
4521 sdl = &ndpc.sdl;
4522 sdl->sdl_family = AF_LINK;
4523 sdl->sdl_len = sizeof(*sdl);
4524 sdl->sdl_index = ifp->if_index;
4525 sdl->sdl_type = ifp->if_type;
4526 if ((lle->la_flags & LLE_VALID) == LLE_VALID) {
4527 sdl->sdl_alen = ifp->if_addrlen;
4528 bcopy(&lle->ll_addr, LLADDR(sdl), ifp->if_addrlen);
4529 } else {
4530 sdl->sdl_alen = 0;
4531 bzero(LLADDR(sdl), ifp->if_addrlen);
4532 }
4533 if (lle->la_expire != 0) {
4534 clock_sec_t secs;
4535 clock_usec_t usecs;
4536
4537 clock_get_calendar_microtime(&secs, &usecs);
4538 ndpc.rtm.rtm_rmx.rmx_expire = lle->la_expire +
4539 lle->lle_remtime / hz +
4540 secs - net_uptime();
4541 }
4542 ndpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA);
4543 if (lle->la_flags & LLE_STATIC)
4544 ndpc.rtm.rtm_flags |= RTF_STATIC;
4545 if (lle->la_flags & LLE_IFADDR)
4546 ndpc.rtm.rtm_flags |= RTF_PINNED;
4547 if (lle->ln_router != 0)
4548 ndpc.rtm.rtm_flags |= RTF_GATEWAY;
4549 ndpc.rtm.rtm_rmx.rmx_pksent = lle->la_asked;
4550 /* Store state in rmx_weight value */
4551 ndpc.rtm.rtm_rmx.rmx_state = lle->ln_state;
4552 ndpc.rtm.rtm_index = ifp->if_index;
4553 error = SYSCTL_OUT(wr, &ndpc, sizeof(ndpc));
4554
4555 return (error);
4556 }
4557
4558 struct lltable *
4559 in6_lltattach(struct ifnet *ifp)
4560 {
4561 struct lltable *llt;
4562
4563 llt = lltable_allocate_htbl(IN6_LLTBL_DEFAULT_HSIZE);
4564 llt->llt_af = AF_INET6;
4565 llt->llt_ifp = ifp;
4566
4567 llt->llt_lookup = in6_lltable_lookup;
4568 llt->llt_alloc_entry = in6_lltable_alloc;
4569 llt->llt_delete_entry = in6_lltable_delete_entry;
4570 llt->llt_dump_entry = in6_lltable_dump_entry;
4571 llt->llt_hash = in6_lltable_hash;
4572 llt->llt_fill_sa_entry = in6_lltable_fill_sa_entry;
4573 llt->llt_free_entry = in6_lltable_free_entry;
4574 llt->llt_match_prefix = in6_lltable_match_prefix;
4575 lltable_link(llt);
4576
4577 return (llt);
4578 }
4579
4580 void
4581 in6_ip6_to_sockaddr(const struct in6_addr *ip6, u_int16_t port,
4582 struct sockaddr_in6 *sin6, u_int32_t maxlen)
4583 {
4584 if (maxlen < sizeof(struct sockaddr_in6)) {
4585 return;
4586 }
4587
4588 *sin6 = (struct sockaddr_in6) {
4589 .sin6_family = AF_INET6,
4590 .sin6_len = sizeof(*sin6),
4591 .sin6_port = port,
4592 .sin6_addr = *ip6,
4593 };
4594
4595 if (IN6_IS_SCOPE_EMBED(&sin6->sin6_addr))
4596 {
4597 sin6->sin6_scope_id = ntohs(sin6->sin6_addr.s6_addr16[1]);
4598 sin6->sin6_addr.s6_addr16[1] = 0;
4599 }
4600 }
4601
4602 /* IPv6 events */
4603 struct in6_event {
4604 in6_evhdlr_code_t in6_event_code;
4605 struct ifnet *in6_ifp;
4606 struct in6_addr in6_address;
4607 uint32_t val;
4608 };
4609
4610 struct in6_event2kev in6_event2kev_array[IN6_EVENT_MAX] = {
4611 {
4612 .in6_event_code = IN6_ADDR_MARKED_DUPLICATED,
4613 .in6_event_kev_subclass = KEV_ND6_SUBCLASS,
4614 .in6_event_kev_code = KEV_ND6_DAD_FAILURE,
4615 .in6_event_str = "IN6_ADDR_MARKED_DUPLICATED",
4616 },
4617 {
4618 .in6_event_code = IN6_ADDR_MARKED_DETACHED,
4619 .in6_event_kev_subclass = KEV_ND6_SUBCLASS,
4620 .in6_event_kev_code = KEV_ND6_ADDR_DETACHED,
4621 .in6_event_str = "IN6_ADDR_MARKED_DETACHED",
4622 },
4623 {
4624 .in6_event_code = IN6_ADDR_MARKED_DEPRECATED,
4625 .in6_event_kev_subclass = KEV_ND6_SUBCLASS,
4626 .in6_event_kev_code = KEV_ND6_ADDR_DEPRECATED,
4627 .in6_event_str = "IN6_ADDR_MARKED_DEPRECATED",
4628 },
4629 {
4630 .in6_event_code = IN6_NDP_RTR_EXPIRY,
4631 .in6_event_kev_subclass = KEV_ND6_SUBCLASS,
4632 .in6_event_kev_code = KEV_ND6_RTR_EXPIRED,
4633 .in6_event_str = "IN6_NDP_RTR_EXPIRY",
4634 },
4635 {
4636 .in6_event_code = IN6_NDP_PFX_EXPIRY,
4637 .in6_event_kev_subclass = KEV_ND6_SUBCLASS,
4638 .in6_event_kev_code = KEV_ND6_PFX_EXPIRED,
4639 .in6_event_str = "IN6_NDP_PFX_EXPIRY",
4640 },
4641 {
4642 .in6_event_code = IN6_NDP_ADDR_EXPIRY,
4643 .in6_event_kev_subclass = KEV_ND6_SUBCLASS,
4644 .in6_event_kev_code = KEV_ND6_ADDR_EXPIRED,
4645 .in6_event_str = "IN6_NDP_ADDR_EXPIRY",
4646 },
4647 };
4648
4649 void
4650 in6_eventhdlr_callback(struct eventhandler_entry_arg arg0 __unused,
4651 in6_evhdlr_code_t in6_ev_code, struct ifnet *ifp,
4652 struct in6_addr *p_addr6, uint32_t val)
4653 {
4654 struct kev_msg ev_msg;
4655 struct kev_nd6_event nd6_event;
4656
4657 bzero(&ev_msg, sizeof(ev_msg));
4658 bzero(&nd6_event, sizeof(nd6_event));
4659
4660 nd6log0((LOG_INFO, "%s Event %s received for %s\n",
4661 __func__, in6_event2kev_array[in6_ev_code].in6_event_str,
4662 ip6_sprintf(p_addr6)));
4663
4664 ev_msg.vendor_code = KEV_VENDOR_APPLE;
4665 ev_msg.kev_class = KEV_NETWORK_CLASS;
4666 ev_msg.kev_subclass =
4667 in6_event2kev_array[in6_ev_code].in6_event_kev_subclass;
4668 ev_msg.event_code =
4669 in6_event2kev_array[in6_ev_code].in6_event_kev_code;
4670
4671 nd6_event.link_data.if_family = ifp->if_family;
4672 nd6_event.link_data.if_unit = ifp->if_unit;
4673 strlcpy(nd6_event.link_data.if_name, ifp->if_name,
4674 sizeof(nd6_event.link_data.if_name));
4675
4676 VERIFY(p_addr6 != NULL);
4677 bcopy(p_addr6, &nd6_event.in6_address,
4678 sizeof(nd6_event.in6_address));
4679 nd6_event.val = val;
4680
4681 ev_msg.dv[0].data_ptr = &nd6_event;
4682 ev_msg.dv[0].data_length = sizeof(nd6_event);
4683
4684 kev_post_msg(&ev_msg);
4685 }
4686
4687 static void
4688 in6_event_callback(void *arg)
4689 {
4690 struct in6_event *p_in6_ev = (struct in6_event *)arg;
4691
4692 EVENTHANDLER_INVOKE(&in6_evhdlr_ctxt, in6_event,
4693 p_in6_ev->in6_event_code, p_in6_ev->in6_ifp,
4694 &p_in6_ev->in6_address, p_in6_ev->val);
4695 }
4696
4697 struct in6_event_nwk_wq_entry
4698 {
4699 struct nwk_wq_entry nwk_wqe;
4700 struct in6_event in6_ev_arg;
4701 };
4702
4703 void
4704 in6_event_enqueue_nwk_wq_entry(in6_evhdlr_code_t in6_event_code,
4705 struct ifnet *ifp, struct in6_addr *p_addr6,
4706 uint32_t val)
4707 {
4708 struct in6_event_nwk_wq_entry *p_in6_ev = NULL;
4709
4710 MALLOC(p_in6_ev, struct in6_event_nwk_wq_entry *,
4711 sizeof(struct in6_event_nwk_wq_entry),
4712 M_NWKWQ, M_WAITOK | M_ZERO);
4713
4714 p_in6_ev->nwk_wqe.func = in6_event_callback;
4715 p_in6_ev->nwk_wqe.is_arg_managed = TRUE;
4716 p_in6_ev->nwk_wqe.arg = &p_in6_ev->in6_ev_arg;
4717
4718 p_in6_ev->in6_ev_arg.in6_event_code = in6_event_code;
4719 p_in6_ev->in6_ev_arg.in6_ifp = ifp;
4720 if (p_addr6 != NULL) {
4721 bcopy(p_addr6, &p_in6_ev->in6_ev_arg.in6_address,
4722 sizeof(p_in6_ev->in6_ev_arg.in6_address));
4723 }
4724 p_in6_ev->in6_ev_arg.val = val;
4725
4726 nwk_wq_enqueue((struct nwk_wq_entry*)p_in6_ev);
4727 }
mirror of XNU