-/* $FreeBSD: src/sys/netinet6/nd6.c,v 1.2.2.9 2001/07/11 09:39:04 ume Exp $ */
+/* $FreeBSD: src/sys/netinet6/nd6.c,v 1.20 2002/08/02 20:49:14 rwatson Exp $ */
/* $KAME: nd6.c,v 1.144 2001/05/24 07:44:00 itojun Exp $ */
/*
#include <sys/syslog.h>
#include <sys/protosw.h>
#include <kern/queue.h>
+#include <kern/lock.h>
#define DONT_WARN_OBSOLETE
#include <net/if.h>
static int nd6_inuse, nd6_allocated;
struct llinfo_nd6 llinfo_nd6 = {&llinfo_nd6, &llinfo_nd6};
-static size_t nd_ifinfo_indexlim = 8;
+size_t nd_ifinfo_indexlim = 8;
struct nd_ifinfo *nd_ifinfo = NULL;
struct nd_drhead nd_defrouter;
struct nd_prhead nd_prefix = { 0 };
int nd6_recalc_reachtm_interval = ND6_RECALC_REACHTM_INTERVAL;
static struct sockaddr_in6 all1_sa;
-static void nd6_slowtimo_funneled __P((void *));
-static int regen_tmpaddr __P((struct in6_ifaddr *));
+static int regen_tmpaddr(struct in6_ifaddr *);
+extern lck_mtx_t *rt_mtx;
+extern lck_mtx_t *ip6_mutex;
+extern lck_mtx_t *nd6_mutex;
+static void nd6_slowtimo(void *ignored_arg);
void
nd6_init()
nd6_init_done = 1;
/* start timer */
- timeout(nd6_slowtimo_funneled, (caddr_t)0, ND6_SLOWTIMER_INTERVAL * hz);
+ timeout(nd6_slowtimo, (caddr_t)0, ND6_SLOWTIMER_INTERVAL * hz);
}
void
-nd6_ifattach(ifp)
- struct ifnet *ifp;
+nd6_ifattach(
+ struct ifnet *ifp)
{
/*
* changes, which means we might have to adjust the ND level MTU.
*/
void
-nd6_setmtu(ifp)
- struct ifnet *ifp;
+nd6_setmtu(
+ struct ifnet *ifp)
{
#ifndef MIN
#define MIN(a,b) ((a) < (b) ? (a) : (b))
#endif
- struct nd_ifinfo *ndi = &nd_ifinfo[ifp->if_index];
- u_long oldmaxmtu = ndi->maxmtu;
- u_long oldlinkmtu = ndi->linkmtu;
+
+ struct nd_ifinfo *ndi;
+ u_long oldmaxmtu, oldlinkmtu;
+
+ /*
+ * Make sure IPv6 is enabled for the interface first,
+ * because this can be called directly from SIOCSIFMTU for IPv4
+ */
+
+ if (ifp->if_index >= nd_ifinfo_indexlim) {
+ return; /* we're out of bound for nd_ifinfo */
+ }
+
+ ndi = &nd_ifinfo[ifp->if_index];
+ oldmaxmtu = ndi->maxmtu;
+ oldlinkmtu = ndi->linkmtu;
switch (ifp->if_type) {
case IFT_ARCNET: /* XXX MTU handling needs more work */
ndi->maxmtu = MIN(60480, ifp->if_mtu);
break;
+ case IFT_L2VLAN: /* XXX what if the VLAN isn't over ethernet? */
+ case IFT_IEEE8023ADLAG:
case IFT_ETHER:
ndi->maxmtu = MIN(ETHERMTU, ifp->if_mtu);
break;
}
void
-nd6_option_init(opt, icmp6len, ndopts)
- void *opt;
- int icmp6len;
- union nd_opts *ndopts;
+nd6_option_init(
+ void *opt,
+ int icmp6len,
+ union nd_opts *ndopts)
{
bzero(ndopts, sizeof(*ndopts));
ndopts->nd_opts_search = (struct nd_opt_hdr *)opt;
* Take one ND option.
*/
struct nd_opt_hdr *
-nd6_option(ndopts)
- union nd_opts *ndopts;
+nd6_option(
+ union nd_opts *ndopts)
{
struct nd_opt_hdr *nd_opt;
int olen;
* multiple options of the same type.
*/
int
-nd6_options(ndopts)
- union nd_opts *ndopts;
+nd6_options(
+ union nd_opts *ndopts)
{
struct nd_opt_hdr *nd_opt;
int i = 0;
* ND6 timer routine to expire default route list and prefix list
*/
void
-nd6_timer_funneled(ignored_arg)
- void *ignored_arg;
+nd6_timer(
+ void *ignored_arg)
{
-#ifdef __APPLE__
- boolean_t funnel_state;
- funnel_state = thread_funnel_set(network_flock, TRUE);
-#endif
- nd6_timer(ignored_arg);
-#ifdef __APPLE__
- (void) thread_funnel_set(network_flock, FALSE);
-#endif
-}
-void
-nd6_timer(ignored_arg)
- void *ignored_arg;
-{
- int s;
struct llinfo_nd6 *ln;
struct nd_defrouter *dr;
struct nd_prefix *pr;
- struct ifnet *ifp;
+ struct ifnet *ifp = NULL;
struct in6_ifaddr *ia6, *nia6;
struct in6_addrlifetime *lt6;
+ struct timeval timenow;
+
+ getmicrotime(&timenow);
- s = splnet();
- timeout(nd6_timer_funneled, (caddr_t)0, nd6_prune * hz);
ln = llinfo_nd6.ln_next;
- /* XXX BSD/OS separates this code -- itojun */
while (ln && ln != &llinfo_nd6) {
struct rtentry *rt;
struct sockaddr_in6 *dst;
ndi = &nd_ifinfo[ifp->if_index];
dst = (struct sockaddr_in6 *)rt_key(rt);
- if (ln->ln_expire > time_second) {
+ if (ln->ln_expire > timenow.tv_sec) {
ln = next;
continue;
}
-
+
/* sanity check */
- if (!rt)
- panic("rt=0 in nd6_timer(ln=%p)\n", ln);
- if (rt->rt_llinfo && (struct llinfo_nd6 *)rt->rt_llinfo != ln)
- panic("rt_llinfo(%p) is not equal to ln(%p)\n",
+ if (!rt) {
+ printf("rt=0 in nd6_timer(ln=%p)\n", ln);
+ ln = next;
+ continue;
+ }
+ if (rt->rt_llinfo && (struct llinfo_nd6 *)rt->rt_llinfo != ln) {
+ printf("rt_llinfo(%p) is not equal to ln(%p)\n",
rt->rt_llinfo, ln);
- if (!dst)
- panic("dst=0 in nd6_timer(ln=%p)\n", ln);
+ ln = next;
+ continue;
+ }
+ if (!dst) {
+ printf("dst=0 in nd6_timer(ln=%p)\n", ln);
+ ln = next;
+ continue;
+ }
switch (ln->ln_state) {
case ND6_LLINFO_INCOMPLETE:
if (ln->ln_asked < nd6_mmaxtries) {
ln->ln_asked++;
- ln->ln_expire = time_second +
+ ln->ln_expire = timenow.tv_sec +
nd_ifinfo[ifp->if_index].retrans / 1000;
nd6_ns_output(ifp, NULL, &dst->sin6_addr,
- ln, 0);
+ ln, 0, 0);
} else {
struct mbuf *m = ln->ln_hold;
+ ln->ln_hold = NULL;
if (m) {
if (rt->rt_ifp) {
/*
case ND6_LLINFO_REACHABLE:
if (ln->ln_expire) {
ln->ln_state = ND6_LLINFO_STALE;
- ln->ln_expire = time_second + nd6_gctimer;
+ ln->ln_expire = timenow.tv_sec + nd6_gctimer;
}
break;
/* We need NUD */
ln->ln_asked = 1;
ln->ln_state = ND6_LLINFO_PROBE;
- ln->ln_expire = time_second +
+ ln->ln_expire = timenow.tv_sec +
ndi->retrans / 1000;
nd6_ns_output(ifp, &dst->sin6_addr,
&dst->sin6_addr,
- ln, 0);
+ ln, 0, 0);
} else {
ln->ln_state = ND6_LLINFO_STALE; /* XXX */
- ln->ln_expire = time_second + nd6_gctimer;
+ ln->ln_expire = timenow.tv_sec + nd6_gctimer;
}
break;
case ND6_LLINFO_PROBE:
if (ln->ln_asked < nd6_umaxtries) {
ln->ln_asked++;
- ln->ln_expire = time_second +
+ ln->ln_expire = timenow.tv_sec +
nd_ifinfo[ifp->if_index].retrans / 1000;
nd6_ns_output(ifp, &dst->sin6_addr,
- &dst->sin6_addr, ln, 0);
+ &dst->sin6_addr, ln, 0, 0);
} else {
next = nd6_free(rt);
}
}
/* expire default router list */
+ lck_mtx_lock(nd6_mutex);
dr = TAILQ_FIRST(&nd_defrouter);
while (dr) {
- if (dr->expire && dr->expire < time_second) {
+ if (dr->expire && dr->expire < timenow.tv_sec) {
struct nd_defrouter *t;
t = TAILQ_NEXT(dr, dr_entry);
- defrtrlist_del(dr);
+ defrtrlist_del(dr, 1);
dr = t;
} else {
dr = TAILQ_NEXT(dr, dr_entry);
* rather separate address lifetimes and prefix lifetimes.
*/
addrloop:
- for (ia6 = in6_ifaddr; ia6; ia6 = nia6) {
+ for (ia6 = in6_ifaddrs; ia6; ia6 = nia6) {
nia6 = ia6->ia_next;
/* check address lifetime */
lt6 = &ia6->ia6_lifetime;
/*
* If the expiring address is temporary, try
* regenerating a new one. This would be useful when
- * we suspended a laptop PC, then turned on after a
+ * we suspended a laptop PC, then turned it on after a
* period that could invalidate all temporary
* addresses. Although we may have to restart the
* loop (see below), it must be after purging the
regen = 1;
}
- in6_purgeaddr(&ia6->ia_ifa);
+ in6_purgeaddr(&ia6->ia_ifa, 1);
if (regen)
goto addrloop; /* XXX: see below */
- } else if (IFA6_IS_DEPRECATED(ia6)) {
+ }
+ if (IFA6_IS_DEPRECATED(ia6)) {
int oldflags = ia6->ia6_flags;
ia6->ia6_flags |= IN6_IFF_DEPRECATED;
* has changed while we are still in
* the loop. Although the change
* would not cause disaster (because
- * it's not an addition, but a
- * deletion,) we'd rather restart the
+ * it's not a deletion, but an
+ * addition,) we'd rather restart the
* loop just for safety. Or does this
* significantly reduce performance??
*/
goto addrloop;
}
}
- } else if (IFA6_IS_DEPRECATED(ia6)) {
+ } else {
/*
* A new RA might have made a deprecated address
* preferred.
* check prefix lifetime.
* since pltime is just for autoconf, pltime processing for
* prefix is not necessary.
- *
- * we offset expire time by NDPR_KEEP_EXPIRE, so that we
- * can use the old prefix information to validate the
- * next prefix information to come. See prelist_update()
- * for actual validation.
- *
- * I don't think such an offset is necessary.
- * (jinmei@kame.net, 20010130).
*/
- if (pr->ndpr_expire && pr->ndpr_expire < time_second) {
+ if (pr->ndpr_expire && pr->ndpr_expire < timenow.tv_sec) {
struct nd_prefix *t;
t = pr->ndpr_next;
* separate. NEVER perform in6_purgeaddr here.
*/
- prelist_remove(pr);
+ prelist_remove(pr, 1);
pr = t;
} else
pr = pr->ndpr_next;
}
- splx(s);
+ lck_mtx_unlock(nd6_mutex);
+ timeout(nd6_timer, (caddr_t)0, nd6_prune * hz);
}
static int
-regen_tmpaddr(ia6)
- struct in6_ifaddr *ia6; /* deprecated/invalidated temporary address */
+regen_tmpaddr(
+ struct in6_ifaddr *ia6) /* deprecated/invalidated temporary address */
{
struct ifaddr *ifa;
struct ifnet *ifp;
struct in6_ifaddr *public_ifa6 = NULL;
+ struct timeval timenow;
+
+ getmicrotime(&timenow);
ifp = ia6->ia_ifa.ifa_ifp;
+ ifnet_lock_exclusive(ifp);
for (ifa = ifp->if_addrlist.tqh_first; ifa;
ifa = ifa->ifa_list.tqe_next)
{
if (!IFA6_IS_DEPRECATED(it6))
public_ifa6 = it6;
}
+ ifnet_lock_done(ifp);
if (public_ifa6 != NULL) {
int e;
* ifp goes away.
*/
void
-nd6_purge(ifp)
- struct ifnet *ifp;
+nd6_purge(
+ struct ifnet *ifp)
{
struct llinfo_nd6 *ln, *nln;
struct nd_defrouter *dr, *ndr, drany;
struct nd_prefix *pr, *npr;
/* Nuke default router list entries toward ifp */
+ lck_mtx_lock(nd6_mutex);
if ((dr = TAILQ_FIRST(&nd_defrouter)) != NULL) {
/*
* The first entry of the list may be stored in
for (dr = TAILQ_NEXT(dr, dr_entry); dr; dr = ndr) {
ndr = TAILQ_NEXT(dr, dr_entry);
if (dr->ifp == ifp)
- defrtrlist_del(dr);
+ defrtrlist_del(dr, 1);
}
dr = TAILQ_FIRST(&nd_defrouter);
if (dr->ifp == ifp)
- defrtrlist_del(dr);
+ defrtrlist_del(dr, 1);
}
/* Nuke prefix list entries toward ifp */
* by itself.
* (jinmei@kame.net 20010129)
*/
- prelist_remove(pr);
+ prelist_remove(pr, 1);
}
}
if (nd6_defifindex == ifp->if_index)
nd6_setdefaultiface(0);
- if (!ip6_forwarding && ip6_accept_rtadv) { /* XXX: too restrictive? */
+ if (!ip6_forwarding && (ip6_accept_rtadv || (ifp->if_eflags & IFEF_ACCEPT_RTADVD))) {
/* refresh default router list */
bzero(&drany, sizeof(drany));
defrouter_delreq(&drany, 0);
defrouter_select();
}
+ lck_mtx_unlock(nd6_mutex);
/*
* Nuke neighbor cache entries for the ifp.
}
struct rtentry *
-nd6_lookup(addr6, create, ifp)
- struct in6_addr *addr6;
- int create;
- struct ifnet *ifp;
+nd6_lookup(
+ struct in6_addr *addr6,
+ int create,
+ struct ifnet *ifp,
+ int rt_locked)
{
struct rtentry *rt;
struct sockaddr_in6 sin6;
#if SCOPEDROUTING
sin6.sin6_scope_id = in6_addr2scopeid(ifp, addr6);
#endif
- rt = rtalloc1((struct sockaddr *)&sin6, create, 0UL);
+ if (!rt_locked)
+ lck_mtx_lock(rt_mtx);
+ rt = rtalloc1_locked((struct sockaddr *)&sin6, create, 0UL);
if (rt && (rt->rt_flags & RTF_LLINFO) == 0) {
/*
* This is the case for the default route.
* interface route.
*/
if (create) {
- rtfree(rt);
+ rtfree_locked(rt);
rt = 0;
}
}
*/
struct ifaddr *ifa =
ifaof_ifpforaddr((struct sockaddr *)&sin6, ifp);
- if (ifa == NULL)
+ if (ifa == NULL) {
+ if (!rt_locked)
+ lck_mtx_unlock(rt_mtx);
return(NULL);
+ }
/*
- * Create a new route. RTF_LLINFO is necessary
+ * Create a new route. RTF_LLINFO is necessary
* to create a Neighbor Cache entry for the
* destination in nd6_rtrequest which will be
- * called in rtequest via ifa->ifa_rtrequest.
+ * called in rtrequest via ifa->ifa_rtrequest.
*/
- if ((e = rtrequest(RTM_ADD, (struct sockaddr *)&sin6,
+ if ((e = rtrequest_locked(RTM_ADD, (struct sockaddr *)&sin6,
ifa->ifa_addr,
(struct sockaddr *)&all1_sa,
(ifa->ifa_flags |
RTF_HOST | RTF_LLINFO) &
~RTF_CLONING,
- &rt)) != 0)
- log(LOG_ERR,
- "nd6_lookup: failed to add route for a "
- "neighbor(%s), errno=%d\n",
- ip6_sprintf(addr6), e);
- if (rt == NULL)
+ &rt)) != 0) {
+ if (e != EEXIST)
+ log(LOG_ERR,
+ "nd6_lookup: failed to add route for a "
+ "neighbor(%s), errno=%d\n",
+ ip6_sprintf(addr6), e);
+ }
+ ifafree(ifa);
+ if (rt == NULL) {
+ if (!rt_locked)
+ lck_mtx_unlock(rt_mtx);
return(NULL);
+ }
if (rt->rt_llinfo) {
struct llinfo_nd6 *ln =
(struct llinfo_nd6 *)rt->rt_llinfo;
ln->ln_state = ND6_LLINFO_NOSTATE;
}
- } else
+ } else {
+ if (!rt_locked)
+ lck_mtx_unlock(rt_mtx);
return(NULL);
+ }
}
rtunref(rt);
/*
* Validation for the entry.
+ * Note that the check for rt_llinfo is necessary because a cloned
+ * route from a parent route that has the L flag (e.g. the default
+ * route to a p2p interface) may have the flag, too, while the
+ * destination is not actually a neighbor.
* XXX: we can't use rt->rt_ifp to check for the interface, since
* it might be the loopback interface if the entry is for our
* own address on a non-loopback interface. Instead, we should
- * use rt->rt_ifa->ifa_ifp, which would specify the REAL interface.
+ * use rt->rt_ifa->ifa_ifp, which would specify the REAL
+ * interface.
*/
- if ((rt->rt_flags & RTF_GATEWAY) || (rt->rt_flags & RTF_LLINFO) == 0 ||
- rt->rt_gateway->sa_family != AF_LINK ||
- (ifp && rt->rt_ifa->ifa_ifp != ifp)) {
+ if ((ifp->if_type !=IFT_PPP) && ((rt->rt_flags & RTF_GATEWAY) || (rt->rt_flags & RTF_LLINFO) == 0 ||
+ rt->rt_gateway->sa_family != AF_LINK || rt->rt_llinfo == NULL ||
+
+ (ifp && rt->rt_ifa->ifa_ifp != ifp))) {
+ if (!rt_locked)
+ lck_mtx_unlock(rt_mtx);
if (create) {
log(LOG_DEBUG, "nd6_lookup: failed to lookup %s (if = %s)\n",
ip6_sprintf(addr6), ifp ? if_name(ifp) : "unspec");
/* xxx more logs... kazu */
}
- return(0);
- }
+ return(NULL);
+ }
+ if (!rt_locked)
+ lck_mtx_unlock(rt_mtx);
return(rt);
}
* XXX: should take care of the destination of a p2p link?
*/
int
-nd6_is_addr_neighbor(addr, ifp)
- struct sockaddr_in6 *addr;
- struct ifnet *ifp;
+nd6_is_addr_neighbor(
+ struct sockaddr_in6 *addr,
+ struct ifnet *ifp,
+ int rt_locked)
{
struct ifaddr *ifa;
int i;
* If the address matches one of our addresses,
* it should be a neighbor.
*/
+ ifnet_lock_shared(ifp);
for (ifa = ifp->if_addrlist.tqh_first;
ifa;
ifa = ifa->ifa_list.tqe_next)
{
if (ifa->ifa_addr->sa_family != AF_INET6)
- next: continue;
+ continue;
for (i = 0; i < 4; i++) {
if ((IFADDR6(ifa).s6_addr32[i] ^
addr->sin6_addr.s6_addr32[i]) &
- IFMASK6(ifa).s6_addr32[i])
- goto next;
+ IFMASK6(ifa).s6_addr32[i])
+ continue;
}
+ ifnet_lock_done(ifp);
return(1);
}
+ ifnet_lock_done(ifp);
/*
* Even if the address matches none of our addresses, it might be
* in the neighbor cache.
*/
- if (nd6_lookup(&addr->sin6_addr, 0, ifp))
+ if (nd6_lookup(&addr->sin6_addr, 0, ifp, rt_locked) != NULL)
return(1);
return(0);
* Free an nd6 llinfo entry.
*/
struct llinfo_nd6 *
-nd6_free(rt)
- struct rtentry *rt;
+nd6_free(
+ struct rtentry *rt)
{
struct llinfo_nd6 *ln = (struct llinfo_nd6 *)rt->rt_llinfo, *next;
struct in6_addr in6 = ((struct sockaddr_in6 *)rt_key(rt))->sin6_addr;
* even though it is not harmful, it was not really necessary.
*/
- if (!ip6_forwarding && ip6_accept_rtadv) { /* XXX: too restrictive? */
- int s;
- s = splnet();
+ if (!ip6_forwarding && (ip6_accept_rtadv || (rt->rt_ifp->if_eflags & IFEF_ACCEPT_RTADVD))) {
+ lck_mtx_lock(nd6_mutex);
dr = defrouter_lookup(&((struct sockaddr_in6 *)rt_key(rt))->sin6_addr,
rt->rt_ifp);
- if (ln->ln_router || dr) {
+ if ((ln && ln->ln_router) || dr) {
/*
* rt6_flush must be called whether or not the neighbor
* is in the Default Router List.
/*
* Temporarily fake the state to choose a new default
* router and to perform on-link determination of
- * prefixes coreectly.
+ * prefixes correctly.
* Below the state will be set correctly,
* or the entry itself will be deleted.
*/
* before the default router selection, we perform
* the check now.
*/
- pfxlist_onlink_check();
+ pfxlist_onlink_check(1);
if (dr == TAILQ_FIRST(&nd_defrouter)) {
/*
defrouter_select();
}
}
- splx(s);
+ lck_mtx_unlock(nd6_mutex);
}
/*
* Before deleting the entry, remember the next entry as the
* return value. We need this because pfxlist_onlink_check() above
* might have freed other entries (particularly the old next entry) as
- * a side effect (XXX).
+ * a side effect (XXX).
*/
- next = ln->ln_next;
+ if (ln)
+ next = ln->ln_next;
+ else
+ next = 0;
/*
* Detach the route from the routing tree and the list of neighbor
* XXX cost-effective metods?
*/
void
-nd6_nud_hint(rt, dst6, force)
- struct rtentry *rt;
- struct in6_addr *dst6;
- int force;
+nd6_nud_hint(
+ struct rtentry *rt,
+ struct in6_addr *dst6,
+ int force)
{
struct llinfo_nd6 *ln;
+ struct timeval timenow;
+
+ getmicrotime(&timenow);
/*
* If the caller specified "rt", use that. Otherwise, resolve the
if (!rt) {
if (!dst6)
return;
- if (!(rt = nd6_lookup(dst6, 0, NULL)))
+ if (!(rt = nd6_lookup(dst6, 0, NULL, 0)))
return;
}
ln->ln_state = ND6_LLINFO_REACHABLE;
if (ln->ln_expire)
- ln->ln_expire = time_second +
+ ln->ln_expire = timenow.tv_sec +
nd_ifinfo[rt->rt_ifp->if_index].reachable;
}
void
-nd6_rtrequest(req, rt, sa)
- int req;
- struct rtentry *rt;
- struct sockaddr *sa; /* xxx unused */
+nd6_rtrequest(
+ int req,
+ struct rtentry *rt,
+ struct sockaddr *sa) /* xxx unused */
{
struct sockaddr *gate = rt->rt_gateway;
struct llinfo_nd6 *ln = (struct llinfo_nd6 *)rt->rt_llinfo;
static struct sockaddr_dl null_sdl = {sizeof(null_sdl), AF_LINK};
struct ifnet *ifp = rt->rt_ifp;
struct ifaddr *ifa;
+ struct timeval timenow;
- if (rt->rt_flags & RTF_GATEWAY)
+
+ if ((rt->rt_flags & RTF_GATEWAY))
return;
if (nd6_need_cache(ifp) == 0 && (rt->rt_flags & RTF_HOST) == 0) {
return;
}
+ if (req == RTM_RESOLVE &&
+ (nd6_need_cache(ifp) == 0 || /* stf case */
+ !nd6_is_addr_neighbor((struct sockaddr_in6 *)rt_key(rt), ifp, 1))) {
+ /*
+ * FreeBSD and BSD/OS often make a cloned host route based
+ * on a less-specific route (e.g. the default route).
+ * If the less specific route does not have a "gateway"
+ * (this is the case when the route just goes to a p2p or an
+ * stf interface), we'll mistakenly make a neighbor cache for
+ * the host route, and will see strange neighbor solicitation
+ * for the corresponding destination. In order to avoid the
+ * confusion, we check if the destination of the route is
+ * a neighbor in terms of neighbor discovery, and stop the
+ * process if not. Additionally, we remove the LLINFO flag
+ * so that ndp(8) will not try to get the neighbor information
+ * of the destination.
+ */
+ rt->rt_flags &= ~RTF_LLINFO;
+ return;
+ }
+
+ getmicrotime(&timenow);
switch (req) {
case RTM_ADD:
/*
if (rt->rt_flags & (RTF_CLONING | RTF_LLINFO)) {
/*
* Case 1: This route should come from
- * a route to interface. RTF_LLINFO flag is set
+ * a route to interface. RTF_LLINFO flag is set
* for a host route whose destination should be
* treated as on-link.
*/
SDL(gate)->sdl_type = ifp->if_type;
SDL(gate)->sdl_index = ifp->if_index;
if (ln)
- ln->ln_expire = time_second;
+ ln->ln_expire = timenow.tv_sec;
#if 1
if (ln && ln->ln_expire == 0) {
/* kludge for desktops */
#if 0
- printf("nd6_request: time.tv_sec is zero; "
+ printf("nd6_rtequest: time.tv_sec is zero; "
"treat it as 1\n");
#endif
ln->ln_expire = 1;
}
#endif
- if (rt->rt_flags & RTF_CLONING)
+ if ((rt->rt_flags & RTF_CLONING))
break;
}
/*
* initialized in rtrequest(), so rt_expire is 0.
*/
ln->ln_state = ND6_LLINFO_NOSTATE;
- ln->ln_expire = time_second;
+ ln->ln_expire = timenow.tv_sec;
}
rt->rt_flags |= RTF_LLINFO;
ln->ln_next = llinfo_nd6.ln_next;
SDL(gate)->sdl_alen = ifp->if_addrlen;
}
if (nd6_useloopback) {
- rt->rt_ifp = &loif[0]; /*XXX*/
+ rt->rt_ifp = &loif[0]; /* XXX */
/*
* Make sure rt_ifa be equal to the ifaddr
* corresponding to the address.
llsol.s6_addr32[2] = htonl(1);
llsol.s6_addr8[12] = 0xff;
- if (!in6_addmulti(&llsol, ifp, &error)) {
+ if (!in6_addmulti(&llsol, ifp, &error, 0)) {
nd6log((LOG_ERR, "%s: failed to join "
"%s (errno=%d)\n", if_name(ifp),
ip6_sprintf(&llsol), error));
llsol.s6_addr32[2] = htonl(1);
llsol.s6_addr8[12] = 0xff;
+ ifnet_lock_shared(ifp);
IN6_LOOKUP_MULTI(llsol, ifp, in6m);
+ ifnet_lock_done(ifp);
if (in6m)
- in6_delmulti(in6m);
+ in6_delmulti(in6m, 0);
}
nd6_inuse--;
ln->ln_next->ln_prev = ln->ln_prev;
rt->rt_flags &= ~RTF_LLINFO;
if (ln->ln_hold)
m_freem(ln->ln_hold);
- Free((caddr_t)ln);
+ ln->ln_hold = NULL;
+ R_Free((caddr_t)ln);
}
}
int
-nd6_ioctl(cmd, data, ifp)
- u_long cmd;
- caddr_t data;
- struct ifnet *ifp;
+nd6_ioctl(
+ u_long cmd,
+ caddr_t data,
+ struct ifnet *ifp)
{
struct in6_drlist *drl = (struct in6_drlist *)data;
struct in6_prlist *prl = (struct in6_prlist *)data;
struct nd_prefix *pr;
struct rtentry *rt;
int i = 0, error = 0;
- int s;
switch (cmd) {
case SIOCGDRLST_IN6:
/*
* obsolete API, use sysctl under net.inet6.icmp6
*/
+ lck_mtx_lock(nd6_mutex);
bzero(drl, sizeof(*drl));
- s = splnet();
dr = TAILQ_FIRST(&nd_defrouter);
while (dr && i < DRLSTSIZ) {
drl->defrouter[i].rtaddr = dr->rtaddr;
i++;
dr = TAILQ_NEXT(dr, dr_entry);
}
- splx(s);
+ lck_mtx_unlock(nd6_mutex);
break;
case SIOCGPRLST_IN6:
/*
* how about separating ioctls into two?
*/
bzero(prl, sizeof(*prl));
- s = splnet();
+ lck_mtx_lock(nd6_mutex);
pr = nd_prefix.lh_first;
while (pr && i < PRLSTSIZ) {
struct nd_pfxrouter *pfr;
i++;
}
}
- splx(s);
-
+ lck_mtx_unlock(nd6_mutex);
break;
case OSIOCGIFINFO_IN6:
if (!nd_ifinfo || i >= nd_ifinfo_indexlim) {
* route equals to the top of default router list
*/
bzero(&any, sizeof(any));
- defrouter_delreq(&any, 0);
+ lck_mtx_lock(nd6_mutex);
+ defrouter_delreq(&any, 1);
defrouter_select();
+ lck_mtx_unlock(nd6_mutex);
/* xxx sumikawa: flush prefix list */
break;
case SIOCSPFXFLUSH_IN6:
{
/* flush all the prefix advertised by routers */
struct nd_prefix *pr, *next;
+ lck_mtx_lock(nd6_mutex);
- s = splnet();
for (pr = nd_prefix.lh_first; pr; pr = next) {
struct in6_ifaddr *ia, *ia_next;
continue; /* XXX */
/* do we really have to remove addresses as well? */
- for (ia = in6_ifaddr; ia; ia = ia_next) {
- /* ia might be removed. keep the next ptr. */
+ for (ia = in6_ifaddrs; ia; ia = ia_next) {
+ /* ia might be removed. keep the next ptr. */
ia_next = ia->ia_next;
if ((ia->ia6_flags & IN6_IFF_AUTOCONF) == 0)
continue;
if (ia->ia6_ndpr == pr)
- in6_purgeaddr(&ia->ia_ifa);
+ in6_purgeaddr(&ia->ia_ifa, 1);
}
- prelist_remove(pr);
+ prelist_remove(pr, 1);
}
- splx(s);
+ lck_mtx_unlock(nd6_mutex);
break;
}
case SIOCSRTRFLUSH_IN6:
/* flush all the default routers */
struct nd_defrouter *dr, *next;
- s = splnet();
+ lck_mtx_lock(nd6_mutex);
if ((dr = TAILQ_FIRST(&nd_defrouter)) != NULL) {
/*
* The first entry of the list may be stored in
*/
for (dr = TAILQ_NEXT(dr, dr_entry); dr; dr = next) {
next = TAILQ_NEXT(dr, dr_entry);
- defrtrlist_del(dr);
+ defrtrlist_del(dr, 1);
}
- defrtrlist_del(TAILQ_FIRST(&nd_defrouter));
+ defrtrlist_del(TAILQ_FIRST(&nd_defrouter), 1);
}
- splx(s);
+ lck_mtx_unlock(nd6_mutex);
break;
}
case SIOCGNBRINFO_IN6:
*idp = htons(ifp->if_index);
}
- s = splnet();
- if ((rt = nd6_lookup(&nb_addr, 0, ifp)) == NULL) {
+ if ((rt = nd6_lookup(&nb_addr, 0, ifp, 0)) == NULL) {
error = EINVAL;
- splx(s);
break;
}
ln = (struct llinfo_nd6 *)rt->rt_llinfo;
nbi->asked = ln->ln_asked;
nbi->isrouter = ln->ln_router;
nbi->expire = ln->ln_expire;
- splx(s);
break;
}
* on reception of inbound ND6 packets. (RS/RA/NS/redirect)
*/
struct rtentry *
-nd6_cache_lladdr(ifp, from, lladdr, lladdrlen, type, code)
- struct ifnet *ifp;
- struct in6_addr *from;
- char *lladdr;
- int lladdrlen;
- int type; /* ICMP6 type */
- int code; /* type dependent information */
+nd6_cache_lladdr(
+ struct ifnet *ifp,
+ struct in6_addr *from,
+ char *lladdr,
+ int lladdrlen,
+ int type, /* ICMP6 type */
+ int code) /* type dependent information */
{
struct rtentry *rt = NULL;
struct llinfo_nd6 *ln = NULL;
int olladdr;
int llchange;
int newstate = 0;
+ struct timeval timenow;
if (!ifp)
panic("ifp == NULL in nd6_cache_lladdr");
* Spec says nothing in sections for RA, RS and NA. There's small
* description on it in NS section (RFC 2461 7.2.3).
*/
+ getmicrotime(&timenow);
- rt = nd6_lookup(from, 0, ifp);
+ lck_mtx_lock(rt_mtx);
+ rt = nd6_lookup(from, 0, ifp, 1);
if (!rt) {
#if 0
/* nothing must be done if there's no lladdr */
return NULL;
#endif
- rt = nd6_lookup(from, 1, ifp);
+ rt = nd6_lookup(from, 1, ifp, 1);
is_newentry = 1;
} else {
/* do nothing if static ndp is set */
- if (rt->rt_flags & RTF_STATIC)
+ if (rt->rt_flags & RTF_STATIC) {
+ lck_mtx_unlock(rt_mtx);
return NULL;
+ }
is_newentry = 0;
}
- if (!rt)
+ lck_mtx_unlock(rt_mtx);
+
+ if (!rt)
return NULL;
if ((rt->rt_flags & (RTF_GATEWAY | RTF_LLINFO)) != RTF_LLINFO) {
fail:
* 1 -- y -- (7) * STALE
*/
- if (lladdr) { /*(3-5) and (7)*/
+ if (lladdr) { /* (3-5) and (7) */
/*
* Record source link-layer address
* XXX is it dependent to ifp->if_type?
}
if (!is_newentry) {
- if ((!olladdr && lladdr) /*(3)*/
- || (olladdr && lladdr && llchange)) { /*(5)*/
+ if ((!olladdr && lladdr) /* (3) */
+ || (olladdr && lladdr && llchange)) { /* (5) */
do_update = 1;
newstate = ND6_LLINFO_STALE;
- } else /*(1-2,4)*/
+ } else /* (1-2,4) */
do_update = 0;
} else {
do_update = 1;
- if (!lladdr) /*(6)*/
+ if (!lladdr) /* (6) */
newstate = ND6_LLINFO_NOSTATE;
- else /*(7)*/
+ else /* (7) */
newstate = ND6_LLINFO_STALE;
}
* we must set the timer now, although it is actually
* meaningless.
*/
- ln->ln_expire = time_second + nd6_gctimer;
+ ln->ln_expire = timenow.tv_sec + nd6_gctimer;
if (ln->ln_hold) {
/*
*/
nd6_output(ifp, ifp, ln->ln_hold,
(struct sockaddr_in6 *)rt_key(rt),
- rt);
+ rt, 0);
ln->ln_hold = NULL;
}
} else if (ln->ln_state == ND6_LLINFO_INCOMPLETE) {
/* probe right away */
- ln->ln_expire = time_second;
+ ln->ln_expire = timenow.tv_sec;
}
}
/*
* New entry must have is_router flag cleared.
*/
- if (is_newentry) /*(6-7)*/
+ if (is_newentry) /* (6-7) */
ln->ln_router = 0;
break;
case ND_REDIRECT:
*/
if (code == ND_REDIRECT_ROUTER)
ln->ln_router = 1;
- else if (is_newentry) /*(6-7)*/
+ else if (is_newentry) /* (6-7) */
ln->ln_router = 0;
break;
case ND_ROUTER_SOLICIT:
/*
* Mark an entry with lladdr as a router.
*/
- if ((!is_newentry && (olladdr || lladdr)) /*(2-5)*/
- || (is_newentry && lladdr)) { /*(7)*/
+ if ((!is_newentry && (olladdr || lladdr)) /* (2-5) */
+ || (is_newentry && lladdr)) { /* (7) */
ln->ln_router = 1;
}
break;
* for those are not autoconfigured hosts, we explicitly avoid such
* cases for safety.
*/
- if (do_update && ln->ln_router && !ip6_forwarding && ip6_accept_rtadv)
+ if (do_update && ln->ln_router && !ip6_forwarding && (ip6_accept_rtadv || (ifp->if_eflags & IFEF_ACCEPT_RTADVD))) {
+ lck_mtx_lock(nd6_mutex);
defrouter_select();
+ lck_mtx_unlock(nd6_mutex);
+ }
return rt;
}
-
static void
-nd6_slowtimo(ignored_arg)
- void *ignored_arg;
+nd6_slowtimo(
+ void *ignored_arg)
{
- int s = splnet();
int i;
struct nd_ifinfo *nd6if;
- s = splnet();
- timeout(nd6_slowtimo_funneled, (caddr_t)0, ND6_SLOWTIMER_INTERVAL * hz);
+ lck_mtx_lock(nd6_mutex);
for (i = 1; i < if_index + 1; i++) {
if (!nd_ifinfo || i >= nd_ifinfo_indexlim)
continue;
nd6if->reachable = ND_COMPUTE_RTIME(nd6if->basereachable);
}
}
- splx(s);
+ lck_mtx_unlock(nd6_mutex);
+ timeout(nd6_slowtimo, (caddr_t)0, ND6_SLOWTIMER_INTERVAL * hz);
}
-static void
-nd6_slowtimo_funneled(ignored_arg)
- void *ignored_arg;
-{
-#ifdef __APPLE__
- boolean_t funnel_state;
- funnel_state = thread_funnel_set(network_flock, TRUE);
-#endif
- nd6_slowtimo(ignored_arg);
-#ifdef __APPLE__
- (void) thread_funnel_set(network_flock, FALSE);
-#endif
-}
#define senderr(e) { error = (e); goto bad;}
int
-nd6_output(ifp, origifp, m0, dst, rt0)
- struct ifnet *ifp;
- struct ifnet *origifp;
- struct mbuf *m0;
- struct sockaddr_in6 *dst;
- struct rtentry *rt0;
+nd6_output(
+ struct ifnet *ifp,
+ struct ifnet *origifp,
+ struct mbuf *m0,
+ struct sockaddr_in6 *dst,
+ struct rtentry *rt0,
+ int locked)
{
struct mbuf *m = m0;
struct rtentry *rt = rt0;
struct sockaddr_in6 *gw6 = NULL;
struct llinfo_nd6 *ln = NULL;
int error = 0;
+ struct timeval timenow;
if (IN6_IS_ADDR_MULTICAST(&dst->sin6_addr))
goto sendpkt;
goto sendpkt;
/*
- * next hop determination. This routine is derived from ether_outpout.
+ * next hop determination. This routine is derived from ether_outpout.
*/
+ lck_mtx_lock(rt_mtx);
if (rt) {
if ((rt->rt_flags & RTF_UP) == 0) {
- if ((rt0 = rt = rtalloc1((struct sockaddr *)dst, 1, 0UL)) !=
+ if ((rt0 = rt = rtalloc1_locked((struct sockaddr *)dst, 1, 0UL)) !=
NULL)
{
rtunref(rt);
if (rt->rt_ifp != ifp) {
/* XXX: loop care? */
+ lck_mtx_unlock(rt_mtx);
return nd6_output(ifp, origifp, m0,
- dst, rt);
+ dst, rt, locked);
}
- } else
+ } else {
+ lck_mtx_unlock(rt_mtx);
senderr(EHOSTUNREACH);
+ }
}
if (rt->rt_flags & RTF_GATEWAY) {
/*
* We skip link-layer address resolution and NUD
* if the gateway is not a neighbor from ND point
- * of view, regardless the value of the
- * nd_ifinfo.flags.
- * The second condition is a bit tricky: we skip
+ * of view, regardless of the value of nd_ifinfo.flags.
+ * The second condition is a bit tricky; we skip
* if the gateway is our own address, which is
* sometimes used to install a route to a p2p link.
*/
- if (!nd6_is_addr_neighbor(gw6, ifp) ||
+ if (!nd6_is_addr_neighbor(gw6, ifp, 1) ||
in6ifa_ifpwithaddr(ifp, &gw6->sin6_addr)) {
/*
* We allow this kind of tricky route only
* when the outgoing interface is p2p.
* XXX: we may need a more generic rule here.
*/
+ lck_mtx_unlock(rt_mtx);
if ((ifp->if_flags & IFF_POINTOPOINT) == 0)
senderr(EHOSTUNREACH);
if (rt->rt_gwroute == 0)
goto lookup;
if (((rt = rt->rt_gwroute)->rt_flags & RTF_UP) == 0) {
- rtfree(rt); rt = rt0;
- lookup: rt->rt_gwroute = rtalloc1(rt->rt_gateway, 1, 0UL);
- if ((rt = rt->rt_gwroute) == 0)
+ rtfree_locked(rt); rt = rt0;
+ lookup: rt->rt_gwroute = rtalloc1_locked(rt->rt_gateway, 1, 0UL);
+ if ((rt = rt->rt_gwroute) == 0) {
+ lck_mtx_unlock(rt_mtx);
senderr(EHOSTUNREACH);
+ }
}
}
}
else {
/*
* Since nd6_is_addr_neighbor() internally calls nd6_lookup(),
- * the condition below is not very efficient. But we believe
+ * the condition below is not very efficient. But we believe
* it is tolerable, because this should be a rare case.
*/
- if (nd6_is_addr_neighbor(dst, ifp) &&
- (rt = nd6_lookup(&dst->sin6_addr, 1, ifp)) != NULL)
+ if (nd6_is_addr_neighbor(dst, ifp, 1) &&
+ (rt = nd6_lookup(&dst->sin6_addr, 1, ifp, 1)) != NULL)
ln = (struct llinfo_nd6 *)rt->rt_llinfo;
}
+ lck_mtx_unlock(rt_mtx);
if (!ln || !rt) {
if ((ifp->if_flags & IFF_POINTOPOINT) == 0 &&
!(nd_ifinfo[ifp->if_index].flags & ND6_IFF_PERFORMNUD)) {
goto sendpkt; /* send anyway */
}
+ getmicrotime(&timenow);
+
/* We don't have to do link-layer address resolution on a p2p link. */
if ((ifp->if_flags & IFF_POINTOPOINT) != 0 &&
ln->ln_state < ND6_LLINFO_REACHABLE) {
ln->ln_state = ND6_LLINFO_STALE;
- ln->ln_expire = time_second + nd6_gctimer;
+ ln->ln_expire = timenow.tv_sec + nd6_gctimer;
}
/*
if (ln->ln_state == ND6_LLINFO_STALE) {
ln->ln_asked = 0;
ln->ln_state = ND6_LLINFO_DELAY;
- ln->ln_expire = time_second + nd6_delay;
+ ln->ln_expire = timenow.tv_sec + nd6_delay;
}
/*
* If the neighbor cache entry has a state other than INCOMPLETE
- * (i.e. its link-layer address is already reloved), just
+ * (i.e. its link-layer address is already resolved), just
* send the packet.
*/
if (ln->ln_state > ND6_LLINFO_INCOMPLETE)
/*
* There is a neighbor cache entry, but no ethernet address
- * response yet. Replace the held mbuf (if any) with this
+ * response yet. Replace the held mbuf (if any) with this
* latest one.
*
- * XXX Does the code conform to rate-limiting rule?
- * (RFC 2461 7.2.2)
+ * This code conforms to the rate-limiting rule described in Section
+ * 7.2.2 of RFC 2461, because the timer is set correctly after sending
+ * an NS below.
*/
if (ln->ln_state == ND6_LLINFO_NOSTATE)
ln->ln_state = ND6_LLINFO_INCOMPLETE;
ln->ln_hold = m;
if (ln->ln_expire) {
if (ln->ln_asked < nd6_mmaxtries &&
- ln->ln_expire < time_second) {
+ ln->ln_expire < timenow.tv_sec) {
ln->ln_asked++;
- ln->ln_expire = time_second +
+ ln->ln_expire = timenow.tv_sec +
nd_ifinfo[ifp->if_index].retrans / 1000;
- nd6_ns_output(ifp, NULL, &dst->sin6_addr, ln, 0);
+ nd6_ns_output(ifp, NULL, &dst->sin6_addr, ln, 0, locked);
}
}
return(0);
/* Make sure the HW checksum flags are cleaned before sending the packet */
- m->m_pkthdr.rcvif = (struct ifnet *)0;
m->m_pkthdr.csum_data = 0;
m->m_pkthdr.csum_flags = 0;
if ((ifp->if_flags & IFF_LOOPBACK) != 0) {
- return (dlil_output(ifptodlt(origifp, PF_INET6), m, (caddr_t)rt, (struct sockaddr *)dst,0));
+ m->m_pkthdr.rcvif = origifp; /* forwarding rules require the original scope_id */
+ if (locked)
+ lck_mtx_unlock(ip6_mutex);
+ error = dlil_output(origifp, PF_INET6, m, (caddr_t)rt, (struct sockaddr *)dst, 0);
+ if (locked)
+ lck_mtx_lock(ip6_mutex);
+ return error;
+ } else {
+ /* Do not allow loopback address to wind up on a wire */
+ struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
+
+ if ((IN6_IS_ADDR_LOOPBACK(&ip6->ip6_src) ||
+ IN6_IS_ADDR_LOOPBACK(&ip6->ip6_dst))) {
+ ip6stat.ip6s_badscope++;
+ /*
+ * Do not simply drop the packet just like a firewall -- we want the
+ * the application to feel the pain.
+ * Return ENETUNREACH like ip6_output does in some similar cases.
+ * This can startle the otherwise clueless process that specifies
+ * loopback as the source address.
+ */
+ error = ENETUNREACH;
+ goto bad;
+ }
}
- return (dlil_output(ifptodlt(ifp, PF_INET6), m, (caddr_t)rt, (struct sockaddr *)dst, 0));
+ m->m_pkthdr.rcvif = 0;
+ if (locked)
+ lck_mtx_unlock(ip6_mutex);
+ error = dlil_output(ifp, PF_INET6, m, (caddr_t)rt, (struct sockaddr *)dst, 0);
+ if (locked)
+ lck_mtx_lock(ip6_mutex);
+ return(error);
#else
if ((ifp->if_flags & IFF_LOOPBACK) != 0) {
return((*ifp->if_output)(origifp, m, (struct sockaddr *)dst,
#undef senderr
int
-nd6_need_cache(ifp)
- struct ifnet *ifp;
+nd6_need_cache(
+ struct ifnet *ifp)
{
/*
* XXX: we currently do not make neighbor cache on any interface
case IFT_ETHER:
case IFT_FDDI:
case IFT_IEEE1394:
-#if IFT_L2VLAN
case IFT_L2VLAN:
-#endif
+ case IFT_IEEE8023ADLAG:
#if IFT_IEEE80211
case IFT_IEEE80211:
#endif
}
int
-nd6_storelladdr(ifp, rt, m, dst, desten)
- struct ifnet *ifp;
- struct rtentry *rt;
- struct mbuf *m;
- struct sockaddr *dst;
- u_char *desten;
+nd6_storelladdr(
+ struct ifnet *ifp,
+ struct rtentry *rt,
+ struct mbuf *m,
+ struct sockaddr *dst,
+ u_char *desten)
{
int i;
struct sockaddr_dl *sdl;
switch (ifp->if_type) {
case IFT_ETHER:
case IFT_FDDI:
-#if IFT_L2VLAN
- case IFT_L2VLAN:
-#endif
+ case IFT_L2VLAN:
+ case IFT_IEEE8023ADLAG:
#if IFT_IEEE80211
case IFT_IEEE80211:
#endif
*desten = 0;
return(1);
default:
- m_freem(m);
- return(0);
+ return(0); /* caller will free mbuf */
}
}
if (rt == NULL) {
/* this could happen, if we could not allocate memory */
- m_freem(m);
- return(0);
+ return(0); /* caller will free mbuf */
}
if (rt->rt_gateway->sa_family != AF_LINK) {
printf("nd6_storelladdr: something odd happens\n");
- m_freem(m);
- return(0);
+ return(0); /* caller will free mbuf */
}
sdl = SDL(rt->rt_gateway);
if (sdl->sdl_alen == 0) {
/* this should be impossible, but we bark here for debugging */
printf("nd6_storelladdr: sdl_alen == 0\n");
- m_freem(m);
- return(0);
+ return(0); /* caller will free mbuf */
}
bcopy(LLADDR(sdl), desten, sdl->sdl_alen);
return(1);
}
+
+extern errno_t arp_route_to_gateway_route(const struct sockaddr *net_dest,
+ route_t hint, route_t *out_route);
+
+errno_t
+nd6_lookup_ipv6(
+ ifnet_t ifp,
+ const struct sockaddr_in6 *ip6_dest,
+ struct sockaddr_dl *ll_dest,
+ size_t ll_dest_len,
+ route_t hint,
+ mbuf_t packet)
+{
+ route_t route = hint;
+ errno_t result = 0;
+ struct sockaddr_dl *sdl = NULL;
+ size_t copy_len;
+
+ if (ip6_dest->sin6_family != AF_INET6)
+ return EAFNOSUPPORT;
+
+ if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) != (IFF_UP|IFF_RUNNING))
+ return ENETDOWN;
+
+ if (hint) {
+ result = arp_route_to_gateway_route((const struct sockaddr*)ip6_dest, hint, &route);
+ if (result != 0)
+ return result;
+ }
+
+ if ((packet->m_flags & M_MCAST) != 0) {
+ return dlil_resolve_multi(ifp, (const struct sockaddr*)ip6_dest,
+ ll_dest, ll_dest_len);
+ }
+
+ if (route == NULL) {
+ /* this could happen, if we could not allocate memory */
+ return ENOBUFS;
+ }
+
+ lck_mtx_lock(rt_mtx);
+
+ if (route->rt_gateway->sa_family != AF_LINK) {
+ printf("nd6_lookup_ipv6: gateway address not AF_LINK\n");
+ result = EADDRNOTAVAIL;
+ goto done;
+ }
+
+ sdl = SDL(route->rt_gateway);
+ if (sdl->sdl_alen == 0) {
+ /* this should be impossible, but we bark here for debugging */
+ printf("nd6_storelladdr: sdl_alen == 0\n");
+ result = EHOSTUNREACH;
+ }
+
+ copy_len = sdl->sdl_len <= ll_dest_len ? sdl->sdl_len : ll_dest_len;
+ bcopy(sdl, ll_dest, copy_len);
+
+done:
+ lck_mtx_unlock(rt_mtx);
+ return result;
+}
+
#ifndef __APPLE__
static int nd6_sysctl_drlist SYSCTL_HANDLER_ARGS;
static int nd6_sysctl_prlist SYSCTL_HANDLER_ARGS;
return EPERM;
error = 0;
+ lck_mtx_lock(nd6_mutex);
for (dr = TAILQ_FIRST(&nd_defrouter);
dr;
dr = TAILQ_NEXT(dr, dr_entry)) {
if (error)
break;
}
+ lck_mtx_unlock(nd6_mutex);
return error;
}
return EPERM;
error = 0;
+ lck_mtx_lock(nd6_mutex);
+
for (pr = nd_prefix.lh_first; pr; pr = pr->ndpr_next) {
u_short advrtrs;
size_t advance;
if (error)
break;
}
+ lck_mtx_unlock(nd6_mutex);
return error;
}
#endif
projects / apple / xnu.git / blobdiff