2005-01-07 02:30:35 +00:00
|
|
|
/*-
|
2017-11-20 19:43:44 +00:00
|
|
|
* SPDX-License-Identifier: BSD-3-Clause
|
|
|
|
*
|
1999-11-22 02:45:11 +00:00
|
|
|
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
|
|
|
|
* All rights reserved.
|
|
|
|
*
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
* are met:
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
|
|
|
* 3. Neither the name of the project nor the names of its contributors
|
|
|
|
* may be used to endorse or promote products derived from this software
|
|
|
|
* without specific prior written permission.
|
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
|
|
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
|
|
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
* SUCH DAMAGE.
|
2007-12-10 16:03:40 +00:00
|
|
|
*
|
|
|
|
* $KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $
|
1999-11-22 02:45:11 +00:00
|
|
|
*/
|
|
|
|
|
2005-01-07 02:30:35 +00:00
|
|
|
/*-
|
1999-11-22 02:45:11 +00:00
|
|
|
* Copyright (c) 1982, 1986, 1991, 1993
|
|
|
|
* The Regents of the University of California. All rights reserved.
|
|
|
|
*
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
* are met:
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
2017-02-28 23:42:47 +00:00
|
|
|
* 3. Neither the name of the University nor the names of its contributors
|
1999-11-22 02:45:11 +00:00
|
|
|
* may be used to endorse or promote products derived from this software
|
|
|
|
* without specific prior written permission.
|
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
* SUCH DAMAGE.
|
|
|
|
*
|
|
|
|
* @(#)in.c 8.2 (Berkeley) 11/15/93
|
|
|
|
*/
|
|
|
|
|
2007-12-10 16:03:40 +00:00
|
|
|
#include <sys/cdefs.h>
|
|
|
|
__FBSDID("$FreeBSD$");
|
|
|
|
|
2000-07-04 16:35:15 +00:00
|
|
|
#include "opt_inet.h"
|
|
|
|
#include "opt_inet6.h"
|
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
#include <sys/param.h>
|
2013-10-28 07:29:16 +00:00
|
|
|
#include <sys/eventhandler.h>
|
1999-11-22 02:45:11 +00:00
|
|
|
#include <sys/errno.h>
|
2009-01-09 13:06:56 +00:00
|
|
|
#include <sys/jail.h>
|
1999-11-22 02:45:11 +00:00
|
|
|
#include <sys/malloc.h>
|
|
|
|
#include <sys/socket.h>
|
|
|
|
#include <sys/socketvar.h>
|
|
|
|
#include <sys/sockio.h>
|
|
|
|
#include <sys/systm.h>
|
2006-11-06 13:42:10 +00:00
|
|
|
#include <sys/priv.h>
|
1999-11-22 02:45:11 +00:00
|
|
|
#include <sys/proc.h>
|
2018-05-02 19:36:29 +00:00
|
|
|
#include <sys/protosw.h>
|
1999-11-22 02:45:11 +00:00
|
|
|
#include <sys/time.h>
|
|
|
|
#include <sys/kernel.h>
|
2015-07-29 08:12:05 +00:00
|
|
|
#include <sys/lock.h>
|
|
|
|
#include <sys/rmlock.h>
|
1999-11-22 02:45:11 +00:00
|
|
|
#include <sys/syslog.h>
|
|
|
|
|
|
|
|
#include <net/if.h>
|
2009-09-15 19:18:34 +00:00
|
|
|
#include <net/if_var.h>
|
1999-11-22 02:45:11 +00:00
|
|
|
#include <net/if_types.h>
|
|
|
|
#include <net/route.h>
|
|
|
|
#include <net/if_dl.h>
|
2008-12-02 21:37:28 +00:00
|
|
|
#include <net/vnet.h>
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
#include <netinet/in.h>
|
|
|
|
#include <netinet/in_var.h>
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
#include <net/if_llatbl.h>
|
1999-11-22 02:45:11 +00:00
|
|
|
#include <netinet/if_ether.h>
|
2001-06-11 12:39:29 +00:00
|
|
|
#include <netinet/in_systm.h>
|
|
|
|
#include <netinet/ip.h>
|
|
|
|
#include <netinet/in_pcb.h>
|
A major overhaul of the CARP implementation. The ip_carp.c was started
from scratch, copying needed functionality from the old implemenation
on demand, with a thorough review of all code. The main change is that
interface layer has been removed from the CARP. Now redundant addresses
are configured exactly on the interfaces, they run on.
The CARP configuration itself is, as before, configured and read via
SIOCSVH/SIOCGVH ioctls. A new prefix created with SIOCAIFADDR or
SIOCAIFADDR_IN6 may now be configured to a particular virtual host id,
which makes the prefix redundant.
ifconfig(8) semantics has been changed too: now one doesn't need
to clone carpXX interface, he/she should directly configure a vhid
on a Ethernet interface.
To supply vhid data from the kernel to an application the getifaddrs(8)
function had been changed to pass ifam_data with each address. [1]
The new implementation definitely closes all PRs related to carp(4)
being an interface, and may close several others. It also allows
to run a single redundant IP per interface.
Big thanks to Bjoern Zeeb for his help with inet6 part of patch, for
idea on using ifam_data and for several rounds of reviewing!
PR: kern/117000, kern/126945, kern/126714, kern/120130, kern/117448
Reviewed by: bz
Submitted by: bz [1]
2011-12-16 12:16:56 +00:00
|
|
|
#include <netinet/ip_carp.h>
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2000-07-04 16:35:15 +00:00
|
|
|
#include <netinet/ip6.h>
|
1999-11-22 02:45:11 +00:00
|
|
|
#include <netinet6/ip6_var.h>
|
2002-04-19 04:46:24 +00:00
|
|
|
#include <netinet6/nd6.h>
|
1999-11-22 02:45:11 +00:00
|
|
|
#include <netinet6/mld6_var.h>
|
2000-07-04 16:35:15 +00:00
|
|
|
#include <netinet6/ip6_mroute.h>
|
1999-11-22 02:45:11 +00:00
|
|
|
#include <netinet6/in6_ifattach.h>
|
2000-07-04 16:35:15 +00:00
|
|
|
#include <netinet6/scope6_var.h>
|
2015-12-09 11:14:27 +00:00
|
|
|
#include <netinet6/in6_fib.h>
|
2001-06-11 12:39:29 +00:00
|
|
|
#include <netinet6/in6_pcb.h>
|
2000-07-04 16:35:15 +00:00
|
|
|
|
2018-05-18 20:13:34 +00:00
|
|
|
|
2018-03-30 21:38:53 +00:00
|
|
|
/*
|
|
|
|
* struct in6_ifreq and struct ifreq must be type punnable for common members
|
|
|
|
* of ifr_ifru to allow accessors to be shared.
|
|
|
|
*/
|
|
|
|
_Static_assert(offsetof(struct in6_ifreq, ifr_ifru) ==
|
|
|
|
offsetof(struct ifreq, ifr_ifru),
|
|
|
|
"struct in6_ifreq and struct ifreq are not type punnable");
|
|
|
|
|
2013-05-04 19:16:26 +00:00
|
|
|
VNET_DECLARE(int, icmp6_nodeinfo_oldmcprefix);
|
|
|
|
#define V_icmp6_nodeinfo_oldmcprefix VNET(icmp6_nodeinfo_oldmcprefix)
|
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
/*
|
2015-12-17 14:41:30 +00:00
|
|
|
* Definitions of some costant IP6 addresses.
|
1999-11-22 02:45:11 +00:00
|
|
|
*/
|
2000-07-04 16:35:15 +00:00
|
|
|
const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT;
|
|
|
|
const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT;
|
|
|
|
const struct in6_addr in6addr_nodelocal_allnodes =
|
1999-11-22 02:45:11 +00:00
|
|
|
IN6ADDR_NODELOCAL_ALLNODES_INIT;
|
2000-07-04 16:35:15 +00:00
|
|
|
const struct in6_addr in6addr_linklocal_allnodes =
|
1999-11-22 02:45:11 +00:00
|
|
|
IN6ADDR_LINKLOCAL_ALLNODES_INIT;
|
2000-07-04 16:35:15 +00:00
|
|
|
const struct in6_addr in6addr_linklocal_allrouters =
|
1999-11-22 02:45:11 +00:00
|
|
|
IN6ADDR_LINKLOCAL_ALLROUTERS_INIT;
|
Bite the bullet, and make the IPv6 SSM and MLDv2 mega-commit:
import from p4 bms_netdev. Summary of changes:
* Connect netinet6/in6_mcast.c to build.
The legacy KAME KPIs are mostly preserved.
* Eliminate now dead code from ip6_output.c.
Don't do mbuf bingo, we are not going to do RFC 2292 style
CMSG tricks for multicast options as they are not required
by any current IPv6 normative reference.
* Refactor transports (UDP, raw_ip6) to do own mcast filtering.
SCTP, TCP unaffected by this change.
* Add ip6_msource, in6_msource structs to in6_var.h.
* Hookup mld_ifinfo state to in6_ifextra, allocate from
domifattach path.
* Eliminate IN6_LOOKUP_MULTI(), it is no longer referenced.
Kernel consumers which need this should use in6m_lookup().
* Refactor IPv6 socket group memberships to use a vector (like IPv4).
* Update ifmcstat(8) for IPv6 SSM.
* Add witness lock order for IN6_MULTI_LOCK.
* Move IN6_MULTI_LOCK out of lower ip6_output()/ip6_input() paths.
* Introduce IP6STAT_ADD/SUB/INC/DEC as per rwatson's IPv4 cleanup.
* Update carp(4) for new IPv6 SSM KPIs.
* Virtualize ip6_mrouter socket.
Changes mostly localized to IPv6 MROUTING.
* Don't do a local group lookup in MROUTING.
* Kill unused KAME prototypes in6_purgemkludge(), in6_restoremkludge().
* Preserve KAME DAD timer jitter behaviour in MLDv1 compatibility mode.
* Bump __FreeBSD_version to 800084.
* Update UPDATING.
NOTE WELL:
* This code hasn't been tested against real MLDv2 queriers
(yet), although the on-wire protocol has been verified in Wireshark.
* There are a few unresolved issues in the socket layer APIs to
do with scope ID propagation.
* There is a LOR present in ip6_output()'s use of
in6_setscope() which needs to be resolved. See comments in mld6.c.
This is believed to be benign and can't be avoided for the moment
without re-introducing an indirect netisr.
This work was mostly derived from the IGMPv3 implementation, and
has been sponsored by a third party.
2009-04-29 19:19:13 +00:00
|
|
|
const struct in6_addr in6addr_linklocal_allv2routers =
|
|
|
|
IN6ADDR_LINKLOCAL_ALLV2ROUTERS_INIT;
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2000-07-04 16:35:15 +00:00
|
|
|
const struct in6_addr in6mask0 = IN6MASK0;
|
|
|
|
const struct in6_addr in6mask32 = IN6MASK32;
|
|
|
|
const struct in6_addr in6mask64 = IN6MASK64;
|
|
|
|
const struct in6_addr in6mask96 = IN6MASK96;
|
|
|
|
const struct in6_addr in6mask128 = IN6MASK128;
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2004-03-03 14:33:16 +00:00
|
|
|
const struct sockaddr_in6 sa6_any =
|
|
|
|
{ sizeof(sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0 };
|
2001-06-11 12:39:29 +00:00
|
|
|
|
2014-01-19 16:07:27 +00:00
|
|
|
static int in6_notify_ifa(struct ifnet *, struct in6_ifaddr *,
|
|
|
|
struct in6_aliasreq *, int);
|
2008-01-08 19:08:58 +00:00
|
|
|
static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *);
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2014-01-18 15:52:52 +00:00
|
|
|
static int in6_validate_ifra(struct ifnet *, struct in6_aliasreq *,
|
|
|
|
struct in6_ifaddr *, int);
|
|
|
|
static struct in6_ifaddr *in6_alloc_ifa(struct ifnet *,
|
|
|
|
struct in6_aliasreq *, int flags);
|
|
|
|
static int in6_update_ifa_internal(struct ifnet *, struct in6_aliasreq *,
|
|
|
|
struct in6_ifaddr *, int, int);
|
2014-01-19 16:07:27 +00:00
|
|
|
static int in6_broadcast_ifa(struct ifnet *, struct in6_aliasreq *,
|
2014-01-18 15:52:52 +00:00
|
|
|
struct in6_ifaddr *, int);
|
|
|
|
|
2011-10-13 13:05:36 +00:00
|
|
|
#define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa))
|
|
|
|
#define ia62ifa(ia6) (&((ia6)->ia_ifa))
|
2001-06-11 12:39:29 +00:00
|
|
|
|
2014-01-19 16:07:27 +00:00
|
|
|
|
2011-10-13 13:05:36 +00:00
|
|
|
void
|
2014-01-19 16:07:27 +00:00
|
|
|
in6_newaddrmsg(struct in6_ifaddr *ia, int cmd)
|
2011-10-13 13:05:36 +00:00
|
|
|
{
|
|
|
|
struct sockaddr_dl gateway;
|
|
|
|
struct sockaddr_in6 mask, addr;
|
|
|
|
struct rtentry rt;
|
Constrain IPv6 routes to single FIBs when net.add_addr_allfibs=0
sys/netinet6/icmp6.c
Use the interface's FIB for source address selection in ICMPv6 error
responses.
sys/netinet6/in6.c
In in6_newaddrmsg, announce arrival of local addresses on the
interface's FIB only. In in6_lltable_rtcheck, use a per-fib ND6
cache instead of a single cache.
sys/netinet6/in6_src.c
In in6_selectsrc, use the caller's fib instead of the default fib.
In in6_selectsrc_socket, remove a superfluous check.
sys/netinet6/nd6.c
In nd6_lle_event, use the interface's fib for routing socket
messages. In nd6_is_new_addr_neighbor, check all FIBs when trying
to determine whether an address is a neighbor. Also, simplify the
code for point to point interfaces.
sys/netinet6/nd6.h
sys/netinet6/nd6.c
sys/netinet6/nd6_rtr.c
Make defrouter_select fib-aware, and make all of its callers pass in
the interface fib.
sys/netinet6/nd6_nbr.c
When inputting a Neighbor Solicitation packet, consider the
interface fib instead of the default fib for DAD. Output NS and
Neighbor Advertisement packets on the correct fib.
sys/netinet6/nd6_rtr.c
Allow installing the same host route on different interfaces in
different FIBs. If rt_add_addr_allfibs=0, only install or delete
the prefix route on the interface fib.
tests/sys/netinet/fibs_test.sh
Clear some expected failures, but add a skip for the newly revealed
BUG217871.
PR: 196361
Submitted by: Erick Turnquist <jhujhiti@adjectivism.org>
Reported by: Jason Healy <jhealy@logn.net>
Reviewed by: asomers
MFC after: 3 weeks
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D9451
2017-03-17 16:50:37 +00:00
|
|
|
int fibnum;
|
2014-01-19 16:07:27 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* initialize for rtmsg generation
|
|
|
|
*/
|
|
|
|
bzero(&gateway, sizeof(gateway));
|
|
|
|
gateway.sdl_len = sizeof(gateway);
|
|
|
|
gateway.sdl_family = AF_LINK;
|
2011-10-13 13:05:36 +00:00
|
|
|
|
|
|
|
bzero(&rt, sizeof(rt));
|
|
|
|
rt.rt_gateway = (struct sockaddr *)&gateway;
|
|
|
|
memcpy(&mask, &ia->ia_prefixmask, sizeof(ia->ia_prefixmask));
|
|
|
|
memcpy(&addr, &ia->ia_addr, sizeof(ia->ia_addr));
|
|
|
|
rt_mask(&rt) = (struct sockaddr *)&mask;
|
|
|
|
rt_key(&rt) = (struct sockaddr *)&addr;
|
2014-01-19 16:07:27 +00:00
|
|
|
rt.rt_flags = RTF_HOST | RTF_STATIC;
|
|
|
|
if (cmd == RTM_ADD)
|
|
|
|
rt.rt_flags |= RTF_UP;
|
Constrain IPv6 routes to single FIBs when net.add_addr_allfibs=0
sys/netinet6/icmp6.c
Use the interface's FIB for source address selection in ICMPv6 error
responses.
sys/netinet6/in6.c
In in6_newaddrmsg, announce arrival of local addresses on the
interface's FIB only. In in6_lltable_rtcheck, use a per-fib ND6
cache instead of a single cache.
sys/netinet6/in6_src.c
In in6_selectsrc, use the caller's fib instead of the default fib.
In in6_selectsrc_socket, remove a superfluous check.
sys/netinet6/nd6.c
In nd6_lle_event, use the interface's fib for routing socket
messages. In nd6_is_new_addr_neighbor, check all FIBs when trying
to determine whether an address is a neighbor. Also, simplify the
code for point to point interfaces.
sys/netinet6/nd6.h
sys/netinet6/nd6.c
sys/netinet6/nd6_rtr.c
Make defrouter_select fib-aware, and make all of its callers pass in
the interface fib.
sys/netinet6/nd6_nbr.c
When inputting a Neighbor Solicitation packet, consider the
interface fib instead of the default fib for DAD. Output NS and
Neighbor Advertisement packets on the correct fib.
sys/netinet6/nd6_rtr.c
Allow installing the same host route on different interfaces in
different FIBs. If rt_add_addr_allfibs=0, only install or delete
the prefix route on the interface fib.
tests/sys/netinet/fibs_test.sh
Clear some expected failures, but add a skip for the newly revealed
BUG217871.
PR: 196361
Submitted by: Erick Turnquist <jhujhiti@adjectivism.org>
Reported by: Jason Healy <jhealy@logn.net>
Reviewed by: asomers
MFC after: 3 weeks
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D9451
2017-03-17 16:50:37 +00:00
|
|
|
fibnum = V_rt_add_addr_allfibs ? RT_ALL_FIBS : ia62ifa(ia)->ifa_ifp->if_fib;
|
|
|
|
/* Announce arrival of local address to this FIB. */
|
|
|
|
rt_newaddrmsg_fib(cmd, &ia->ia_ifa, 0, &rt, fibnum);
|
2011-10-13 13:05:36 +00:00
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
int
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_mask2len(struct in6_addr *mask, u_char *lim0)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
2001-06-11 12:39:29 +00:00
|
|
|
int x = 0, y;
|
|
|
|
u_char *lim = lim0, *p;
|
|
|
|
|
2003-10-07 17:46:18 +00:00
|
|
|
/* ignore the scope_id part */
|
|
|
|
if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask))
|
2001-06-11 12:39:29 +00:00
|
|
|
lim = (u_char *)mask + sizeof(*mask);
|
|
|
|
for (p = (u_char *)mask; p < lim; x++, p++) {
|
|
|
|
if (*p != 0xff)
|
1999-11-22 02:45:11 +00:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
y = 0;
|
2001-06-11 12:39:29 +00:00
|
|
|
if (p < lim) {
|
1999-11-22 02:45:11 +00:00
|
|
|
for (y = 0; y < 8; y++) {
|
2001-06-11 12:39:29 +00:00
|
|
|
if ((*p & (0x80 >> y)) == 0)
|
1999-11-22 02:45:11 +00:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
2001-06-11 12:39:29 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* when the limit pointer is given, do a stricter check on the
|
|
|
|
* remaining bits.
|
|
|
|
*/
|
|
|
|
if (p < lim) {
|
|
|
|
if (y != 0 && (*p & (0x00ff >> y)) != 0)
|
2003-10-06 14:02:09 +00:00
|
|
|
return (-1);
|
2001-06-11 12:39:29 +00:00
|
|
|
for (p = p + 1; p < lim; p++)
|
|
|
|
if (*p != 0)
|
2003-10-06 14:02:09 +00:00
|
|
|
return (-1);
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
2003-10-07 17:46:18 +00:00
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
return x * 8 + y;
|
|
|
|
}
|
|
|
|
|
2010-04-27 09:47:14 +00:00
|
|
|
#ifdef COMPAT_FREEBSD32
|
|
|
|
struct in6_ndifreq32 {
|
2012-07-31 11:31:12 +00:00
|
|
|
char ifname[IFNAMSIZ];
|
|
|
|
uint32_t ifindex;
|
2010-04-27 09:47:14 +00:00
|
|
|
};
|
2012-07-31 11:31:12 +00:00
|
|
|
#define SIOCGDEFIFACE32_IN6 _IOWR('i', 86, struct in6_ndifreq32)
|
2010-04-27 09:47:14 +00:00
|
|
|
#endif
|
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
int
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_control(struct socket *so, u_long cmd, caddr_t data,
|
|
|
|
struct ifnet *ifp, struct thread *td)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
|
|
|
struct in6_ifreq *ifr = (struct in6_ifreq *)data;
|
2001-06-11 12:39:29 +00:00
|
|
|
struct in6_ifaddr *ia = NULL;
|
1999-11-22 02:45:11 +00:00
|
|
|
struct in6_aliasreq *ifra = (struct in6_aliasreq *)data;
|
2005-10-21 16:23:01 +00:00
|
|
|
struct sockaddr_in6 *sa6;
|
A major overhaul of the CARP implementation. The ip_carp.c was started
from scratch, copying needed functionality from the old implemenation
on demand, with a thorough review of all code. The main change is that
interface layer has been removed from the CARP. Now redundant addresses
are configured exactly on the interfaces, they run on.
The CARP configuration itself is, as before, configured and read via
SIOCSVH/SIOCGVH ioctls. A new prefix created with SIOCAIFADDR or
SIOCAIFADDR_IN6 may now be configured to a particular virtual host id,
which makes the prefix redundant.
ifconfig(8) semantics has been changed too: now one doesn't need
to clone carpXX interface, he/she should directly configure a vhid
on a Ethernet interface.
To supply vhid data from the kernel to an application the getifaddrs(8)
function had been changed to pass ifam_data with each address. [1]
The new implementation definitely closes all PRs related to carp(4)
being an interface, and may close several others. It also allows
to run a single redundant IP per interface.
Big thanks to Bjoern Zeeb for his help with inet6 part of patch, for
idea on using ifam_data and for several rounds of reviewing!
PR: kern/117000, kern/126945, kern/126714, kern/120130, kern/117448
Reviewed by: bz
Submitted by: bz [1]
2011-12-16 12:16:56 +00:00
|
|
|
int carp_attached = 0;
|
2006-11-06 13:42:10 +00:00
|
|
|
int error;
|
2011-12-21 12:39:08 +00:00
|
|
|
u_long ocmd = cmd;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Compat to make pre-10.x ifconfig(8) operable.
|
|
|
|
*/
|
|
|
|
if (cmd == OSIOCAIFADDR_IN6)
|
|
|
|
cmd = SIOCAIFADDR_IN6;
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2000-07-04 16:35:15 +00:00
|
|
|
switch (cmd) {
|
|
|
|
case SIOCGETSGCNT_IN6:
|
|
|
|
case SIOCGETMIFCNT_IN6:
|
2012-08-01 09:00:26 +00:00
|
|
|
/*
|
2012-02-17 02:39:58 +00:00
|
|
|
* XXX mrt_ioctl has a 3rd, unused, FIB argument in route.c.
|
|
|
|
* We cannot see how that would be needed, so do not adjust the
|
|
|
|
* KPI blindly; more likely should clean up the IPv4 variant.
|
|
|
|
*/
|
2007-02-24 11:38:47 +00:00
|
|
|
return (mrt6_ioctl ? mrt6_ioctl(cmd, data) : EOPNOTSUPP);
|
2000-07-04 16:35:15 +00:00
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2014-08-22 19:21:08 +00:00
|
|
|
switch (cmd) {
|
2003-10-30 15:29:17 +00:00
|
|
|
case SIOCAADDRCTL_POLICY:
|
|
|
|
case SIOCDADDRCTL_POLICY:
|
2006-11-06 13:42:10 +00:00
|
|
|
if (td != NULL) {
|
|
|
|
error = priv_check(td, PRIV_NETINET_ADDRCTRL6);
|
|
|
|
if (error)
|
|
|
|
return (error);
|
|
|
|
}
|
2003-10-30 15:29:17 +00:00
|
|
|
return (in6_src_ioctl(cmd, data));
|
|
|
|
}
|
|
|
|
|
2000-07-04 16:35:15 +00:00
|
|
|
if (ifp == NULL)
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EOPNOTSUPP);
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
switch (cmd) {
|
|
|
|
case SIOCSNDFLUSH_IN6:
|
|
|
|
case SIOCSPFXFLUSH_IN6:
|
|
|
|
case SIOCSRTRFLUSH_IN6:
|
2000-07-04 16:35:15 +00:00
|
|
|
case SIOCSDEFIFACE_IN6:
|
|
|
|
case SIOCSIFINFO_FLAGS:
|
2009-06-10 10:31:11 +00:00
|
|
|
case SIOCSIFINFO_IN6:
|
2006-11-06 13:42:10 +00:00
|
|
|
if (td != NULL) {
|
|
|
|
error = priv_check(td, PRIV_NETINET_ND6);
|
|
|
|
if (error)
|
|
|
|
return (error);
|
|
|
|
}
|
2003-10-07 17:46:18 +00:00
|
|
|
/* FALLTHROUGH */
|
2001-06-11 12:39:29 +00:00
|
|
|
case OSIOCGIFINFO_IN6:
|
1999-11-22 02:45:11 +00:00
|
|
|
case SIOCGIFINFO_IN6:
|
|
|
|
case SIOCGNBRINFO_IN6:
|
2000-07-04 16:35:15 +00:00
|
|
|
case SIOCGDEFIFACE_IN6:
|
2003-10-06 14:02:09 +00:00
|
|
|
return (nd6_ioctl(cmd, data, ifp));
|
2010-04-27 09:47:14 +00:00
|
|
|
|
|
|
|
#ifdef COMPAT_FREEBSD32
|
|
|
|
case SIOCGDEFIFACE32_IN6:
|
|
|
|
{
|
|
|
|
struct in6_ndifreq ndif;
|
|
|
|
struct in6_ndifreq32 *ndif32;
|
|
|
|
|
|
|
|
error = nd6_ioctl(SIOCGDEFIFACE_IN6, (caddr_t)&ndif,
|
|
|
|
ifp);
|
|
|
|
if (error)
|
|
|
|
return (error);
|
|
|
|
ndif32 = (struct in6_ndifreq32 *)data;
|
|
|
|
ndif32->ifindex = ndif.ifindex;
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
#endif
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
switch (cmd) {
|
|
|
|
case SIOCSIFPREFIX_IN6:
|
|
|
|
case SIOCDIFPREFIX_IN6:
|
|
|
|
case SIOCAIFPREFIX_IN6:
|
|
|
|
case SIOCCIFPREFIX_IN6:
|
|
|
|
case SIOCSGIFPREFIX_IN6:
|
|
|
|
case SIOCGIFPREFIX_IN6:
|
2001-06-11 12:39:29 +00:00
|
|
|
log(LOG_NOTICE,
|
|
|
|
"prefix ioctls are now invalidated. "
|
|
|
|
"please use ifconfig.\n");
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EOPNOTSUPP);
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
2002-04-19 04:46:24 +00:00
|
|
|
switch (cmd) {
|
2000-07-04 16:35:15 +00:00
|
|
|
case SIOCSSCOPE6:
|
2006-11-06 13:42:10 +00:00
|
|
|
if (td != NULL) {
|
|
|
|
error = priv_check(td, PRIV_NETINET_SCOPE6);
|
|
|
|
if (error)
|
|
|
|
return (error);
|
|
|
|
}
|
2014-08-22 19:21:08 +00:00
|
|
|
/* FALLTHROUGH */
|
2000-07-04 16:35:15 +00:00
|
|
|
case SIOCGSCOPE6:
|
|
|
|
case SIOCGSCOPE6DEF:
|
2014-08-22 19:21:08 +00:00
|
|
|
return (scope6_ioctl(cmd, data, ifp));
|
2000-07-04 16:35:15 +00:00
|
|
|
}
|
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
/*
|
|
|
|
* Find address for this interface, if it exists.
|
2005-10-21 16:23:01 +00:00
|
|
|
*
|
|
|
|
* In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation
|
|
|
|
* only, and used the first interface address as the target of other
|
|
|
|
* operations (without checking ifra_addr). This was because netinet
|
|
|
|
* code/API assumed at most 1 interface address per interface.
|
|
|
|
* Since IPv6 allows a node to assign multiple addresses
|
|
|
|
* on a single interface, we almost always look and check the
|
|
|
|
* presence of ifra_addr, and reject invalid ones here.
|
|
|
|
* It also decreases duplicated code among SIOC*_IN6 operations.
|
1999-11-22 02:45:11 +00:00
|
|
|
*/
|
2005-10-21 16:23:01 +00:00
|
|
|
switch (cmd) {
|
|
|
|
case SIOCAIFADDR_IN6:
|
|
|
|
case SIOCSIFPHYADDR_IN6:
|
|
|
|
sa6 = &ifra->ifra_addr;
|
|
|
|
break;
|
|
|
|
case SIOCSIFADDR_IN6:
|
|
|
|
case SIOCGIFADDR_IN6:
|
|
|
|
case SIOCSIFDSTADDR_IN6:
|
|
|
|
case SIOCSIFNETMASK_IN6:
|
|
|
|
case SIOCGIFDSTADDR_IN6:
|
|
|
|
case SIOCGIFNETMASK_IN6:
|
|
|
|
case SIOCDIFADDR_IN6:
|
|
|
|
case SIOCGIFPSRCADDR_IN6:
|
|
|
|
case SIOCGIFPDSTADDR_IN6:
|
|
|
|
case SIOCGIFAFLAG_IN6:
|
|
|
|
case SIOCSNDFLUSH_IN6:
|
|
|
|
case SIOCSPFXFLUSH_IN6:
|
|
|
|
case SIOCSRTRFLUSH_IN6:
|
|
|
|
case SIOCGIFALIFETIME_IN6:
|
|
|
|
case SIOCGIFSTAT_IN6:
|
|
|
|
case SIOCGIFSTAT_ICMP6:
|
|
|
|
sa6 = &ifr->ifr_addr;
|
|
|
|
break;
|
2013-09-10 10:05:59 +00:00
|
|
|
case SIOCSIFADDR:
|
|
|
|
case SIOCSIFBRDADDR:
|
|
|
|
case SIOCSIFDSTADDR:
|
|
|
|
case SIOCSIFNETMASK:
|
|
|
|
/*
|
|
|
|
* Although we should pass any non-INET6 ioctl requests
|
|
|
|
* down to driver, we filter some legacy INET requests.
|
|
|
|
* Drivers trust SIOCSIFADDR et al to come from an already
|
|
|
|
* privileged layer, and do not perform any credentials
|
|
|
|
* checks or input validation.
|
|
|
|
*/
|
|
|
|
return (EINVAL);
|
2005-10-21 16:23:01 +00:00
|
|
|
default:
|
|
|
|
sa6 = NULL;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if (sa6 && sa6->sin6_family == AF_INET6) {
|
|
|
|
if (sa6->sin6_scope_id != 0)
|
|
|
|
error = sa6_embedscope(sa6, 0);
|
2005-07-25 12:31:43 +00:00
|
|
|
else
|
2005-10-21 16:23:01 +00:00
|
|
|
error = in6_setscope(&sa6->sin6_addr, ifp, NULL);
|
2005-07-25 12:31:43 +00:00
|
|
|
if (error != 0)
|
|
|
|
return (error);
|
2009-02-05 14:06:09 +00:00
|
|
|
if (td != NULL && (error = prison_check_ip6(td->td_ucred,
|
|
|
|
&sa6->sin6_addr)) != 0)
|
|
|
|
return (error);
|
2005-10-21 16:23:01 +00:00
|
|
|
ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr);
|
|
|
|
} else
|
|
|
|
ia = NULL;
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
switch (cmd) {
|
2001-06-11 12:39:29 +00:00
|
|
|
case SIOCSIFADDR_IN6:
|
|
|
|
case SIOCSIFDSTADDR_IN6:
|
|
|
|
case SIOCSIFNETMASK_IN6:
|
|
|
|
/*
|
|
|
|
* Since IPv6 allows a node to assign multiple addresses
|
2005-10-19 10:09:19 +00:00
|
|
|
* on a single interface, SIOCSIFxxx ioctls are deprecated.
|
2001-06-11 12:39:29 +00:00
|
|
|
*/
|
|
|
|
/* we decided to obsolete this command (20000704) */
|
2009-06-23 20:19:09 +00:00
|
|
|
error = EINVAL;
|
|
|
|
goto out;
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
case SIOCDIFADDR_IN6:
|
2000-07-04 16:35:15 +00:00
|
|
|
/*
|
2001-06-11 12:39:29 +00:00
|
|
|
* for IPv4, we look for existing in_ifaddr here to allow
|
2005-10-19 10:09:19 +00:00
|
|
|
* "ifconfig if0 delete" to remove the first IPv4 address on
|
|
|
|
* the interface. For IPv6, as the spec allows multiple
|
|
|
|
* interface address from the day one, we consider "remove the
|
|
|
|
* first one" semantics to be not preferable.
|
2000-07-04 16:35:15 +00:00
|
|
|
*/
|
2009-06-23 20:19:09 +00:00
|
|
|
if (ia == NULL) {
|
|
|
|
error = EADDRNOTAVAIL;
|
|
|
|
goto out;
|
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
/* FALLTHROUGH */
|
|
|
|
case SIOCAIFADDR_IN6:
|
2000-07-04 16:35:15 +00:00
|
|
|
/*
|
2001-06-11 12:39:29 +00:00
|
|
|
* We always require users to specify a valid IPv6 address for
|
|
|
|
* the corresponding operation.
|
2000-07-04 16:35:15 +00:00
|
|
|
*/
|
2001-06-11 12:39:29 +00:00
|
|
|
if (ifra->ifra_addr.sin6_family != AF_INET6 ||
|
2009-06-23 20:19:09 +00:00
|
|
|
ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) {
|
|
|
|
error = EAFNOSUPPORT;
|
|
|
|
goto out;
|
|
|
|
}
|
2006-11-06 13:42:10 +00:00
|
|
|
|
|
|
|
if (td != NULL) {
|
2012-07-31 11:31:12 +00:00
|
|
|
error = priv_check(td, (cmd == SIOCDIFADDR_IN6) ?
|
2008-01-24 08:25:59 +00:00
|
|
|
PRIV_NET_DELIFADDR : PRIV_NET_ADDIFADDR);
|
2006-11-06 13:42:10 +00:00
|
|
|
if (error)
|
2009-06-23 20:19:09 +00:00
|
|
|
goto out;
|
2006-11-06 13:42:10 +00:00
|
|
|
}
|
2014-08-22 19:21:08 +00:00
|
|
|
/* FALLTHROUGH */
|
|
|
|
case SIOCGIFSTAT_IN6:
|
|
|
|
case SIOCGIFSTAT_ICMP6:
|
|
|
|
if (ifp->if_afdata[AF_INET6] == NULL) {
|
|
|
|
error = EPFNOSUPPORT;
|
|
|
|
goto out;
|
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
case SIOCGIFADDR_IN6:
|
|
|
|
/* This interface is basically deprecated. use SIOCGIFCONF. */
|
2003-10-07 17:46:18 +00:00
|
|
|
/* FALLTHROUGH */
|
1999-11-22 02:45:11 +00:00
|
|
|
case SIOCGIFAFLAG_IN6:
|
|
|
|
case SIOCGIFNETMASK_IN6:
|
|
|
|
case SIOCGIFDSTADDR_IN6:
|
|
|
|
case SIOCGIFALIFETIME_IN6:
|
|
|
|
/* must think again about its semantics */
|
2009-06-23 20:19:09 +00:00
|
|
|
if (ia == NULL) {
|
|
|
|
error = EADDRNOTAVAIL;
|
|
|
|
goto out;
|
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
switch (cmd) {
|
|
|
|
case SIOCGIFADDR_IN6:
|
|
|
|
ifr->ifr_addr = ia->ia_addr;
|
2005-07-25 12:31:43 +00:00
|
|
|
if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0)
|
2009-06-23 20:19:09 +00:00
|
|
|
goto out;
|
1999-11-22 02:45:11 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
case SIOCGIFDSTADDR_IN6:
|
2009-06-23 20:19:09 +00:00
|
|
|
if ((ifp->if_flags & IFF_POINTOPOINT) == 0) {
|
|
|
|
error = EINVAL;
|
|
|
|
goto out;
|
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
ifr->ifr_dstaddr = ia->ia_dstaddr;
|
2005-07-25 12:31:43 +00:00
|
|
|
if ((error = sa6_recoverscope(&ifr->ifr_dstaddr)) != 0)
|
2009-06-23 20:19:09 +00:00
|
|
|
goto out;
|
1999-11-22 02:45:11 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
case SIOCGIFNETMASK_IN6:
|
|
|
|
ifr->ifr_addr = ia->ia_prefixmask;
|
|
|
|
break;
|
|
|
|
|
|
|
|
case SIOCGIFAFLAG_IN6:
|
|
|
|
ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags;
|
|
|
|
break;
|
|
|
|
|
|
|
|
case SIOCGIFSTAT_IN6:
|
2013-07-09 09:59:46 +00:00
|
|
|
COUNTER_ARRAY_COPY(((struct in6_ifextra *)
|
|
|
|
ifp->if_afdata[AF_INET6])->in6_ifstat,
|
|
|
|
&ifr->ifr_ifru.ifru_stat,
|
|
|
|
sizeof(struct in6_ifstat) / sizeof(uint64_t));
|
1999-11-22 02:45:11 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
case SIOCGIFSTAT_ICMP6:
|
2013-07-09 09:59:46 +00:00
|
|
|
COUNTER_ARRAY_COPY(((struct in6_ifextra *)
|
|
|
|
ifp->if_afdata[AF_INET6])->icmp6_ifstat,
|
|
|
|
&ifr->ifr_ifru.ifru_icmp6stat,
|
|
|
|
sizeof(struct icmp6_ifstat) / sizeof(uint64_t));
|
1999-11-22 02:45:11 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
case SIOCGIFALIFETIME_IN6:
|
|
|
|
ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime;
|
2005-10-21 16:23:01 +00:00
|
|
|
if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
|
|
|
|
time_t maxexpire;
|
|
|
|
struct in6_addrlifetime *retlt =
|
|
|
|
&ifr->ifr_ifru.ifru_lifetime;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* XXX: adjust expiration time assuming time_t is
|
|
|
|
* signed.
|
|
|
|
*/
|
|
|
|
maxexpire = (-1) &
|
2005-10-22 05:07:16 +00:00
|
|
|
~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
|
2005-10-21 16:23:01 +00:00
|
|
|
if (ia->ia6_lifetime.ia6t_vltime <
|
|
|
|
maxexpire - ia->ia6_updatetime) {
|
|
|
|
retlt->ia6t_expire = ia->ia6_updatetime +
|
|
|
|
ia->ia6_lifetime.ia6t_vltime;
|
|
|
|
} else
|
|
|
|
retlt->ia6t_expire = maxexpire;
|
|
|
|
}
|
|
|
|
if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
|
|
|
|
time_t maxexpire;
|
|
|
|
struct in6_addrlifetime *retlt =
|
|
|
|
&ifr->ifr_ifru.ifru_lifetime;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* XXX: adjust expiration time assuming time_t is
|
|
|
|
* signed.
|
|
|
|
*/
|
|
|
|
maxexpire = (-1) &
|
2005-10-22 05:07:16 +00:00
|
|
|
~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
|
2005-10-21 16:23:01 +00:00
|
|
|
if (ia->ia6_lifetime.ia6t_pltime <
|
|
|
|
maxexpire - ia->ia6_updatetime) {
|
|
|
|
retlt->ia6t_preferred = ia->ia6_updatetime +
|
|
|
|
ia->ia6_lifetime.ia6t_pltime;
|
|
|
|
} else
|
|
|
|
retlt->ia6t_preferred = maxexpire;
|
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
break;
|
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
case SIOCAIFADDR_IN6:
|
|
|
|
{
|
2005-10-21 16:23:01 +00:00
|
|
|
struct nd_prefixctl pr0;
|
|
|
|
struct nd_prefix *pr;
|
2001-06-11 12:39:29 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* first, make or update the interface address structure,
|
|
|
|
* and link it to the list.
|
|
|
|
*/
|
2005-10-21 16:23:01 +00:00
|
|
|
if ((error = in6_update_ifa(ifp, ifra, ia, 0)) != 0)
|
2009-06-23 20:19:09 +00:00
|
|
|
goto out;
|
2017-01-25 19:04:08 +00:00
|
|
|
if (ia != NULL) {
|
|
|
|
if (ia->ia_ifa.ifa_carp)
|
|
|
|
(*carp_detach_p)(&ia->ia_ifa, true);
|
2009-06-23 20:19:09 +00:00
|
|
|
ifa_free(&ia->ia_ifa);
|
2017-01-25 19:04:08 +00:00
|
|
|
}
|
2005-10-31 23:06:04 +00:00
|
|
|
if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr))
|
|
|
|
== NULL) {
|
2007-07-05 16:29:40 +00:00
|
|
|
/*
|
2005-10-31 23:06:04 +00:00
|
|
|
* this can happen when the user specify the 0 valid
|
|
|
|
* lifetime.
|
|
|
|
*/
|
|
|
|
break;
|
|
|
|
}
|
2001-06-11 12:39:29 +00:00
|
|
|
|
2011-12-21 12:39:08 +00:00
|
|
|
if (cmd == ocmd && ifra->ifra_vhid > 0) {
|
A major overhaul of the CARP implementation. The ip_carp.c was started
from scratch, copying needed functionality from the old implemenation
on demand, with a thorough review of all code. The main change is that
interface layer has been removed from the CARP. Now redundant addresses
are configured exactly on the interfaces, they run on.
The CARP configuration itself is, as before, configured and read via
SIOCSVH/SIOCGVH ioctls. A new prefix created with SIOCAIFADDR or
SIOCAIFADDR_IN6 may now be configured to a particular virtual host id,
which makes the prefix redundant.
ifconfig(8) semantics has been changed too: now one doesn't need
to clone carpXX interface, he/she should directly configure a vhid
on a Ethernet interface.
To supply vhid data from the kernel to an application the getifaddrs(8)
function had been changed to pass ifam_data with each address. [1]
The new implementation definitely closes all PRs related to carp(4)
being an interface, and may close several others. It also allows
to run a single redundant IP per interface.
Big thanks to Bjoern Zeeb for his help with inet6 part of patch, for
idea on using ifam_data and for several rounds of reviewing!
PR: kern/117000, kern/126945, kern/126714, kern/120130, kern/117448
Reviewed by: bz
Submitted by: bz [1]
2011-12-16 12:16:56 +00:00
|
|
|
if (carp_attach_p != NULL)
|
|
|
|
error = (*carp_attach_p)(&ia->ia_ifa,
|
|
|
|
ifra->ifra_vhid);
|
|
|
|
else
|
|
|
|
error = EPROTONOSUPPORT;
|
|
|
|
if (error)
|
|
|
|
goto out;
|
|
|
|
else
|
|
|
|
carp_attached = 1;
|
|
|
|
}
|
|
|
|
|
2000-07-04 16:35:15 +00:00
|
|
|
/*
|
2001-06-11 12:39:29 +00:00
|
|
|
* then, make the prefix on-link on the interface.
|
|
|
|
* XXX: we'd rather create the prefix before the address, but
|
|
|
|
* we need at least one address to install the corresponding
|
|
|
|
* interface route, so we configure the address first.
|
2000-07-04 16:35:15 +00:00
|
|
|
*/
|
2001-06-11 12:39:29 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* convert mask to prefix length (prefixmask has already
|
|
|
|
* been validated in in6_update_ifa().
|
|
|
|
*/
|
|
|
|
bzero(&pr0, sizeof(pr0));
|
|
|
|
pr0.ndpr_ifp = ifp;
|
|
|
|
pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
|
2003-10-07 17:46:18 +00:00
|
|
|
NULL);
|
|
|
|
if (pr0.ndpr_plen == 128) {
|
2014-11-02 21:58:31 +00:00
|
|
|
/* we don't need to install a host route. */
|
|
|
|
goto aifaddr_out;
|
2003-10-07 17:46:18 +00:00
|
|
|
}
|
2001-06-11 12:39:29 +00:00
|
|
|
pr0.ndpr_prefix = ifra->ifra_addr;
|
|
|
|
/* apply the mask for safety. */
|
2014-01-08 22:13:32 +00:00
|
|
|
IN6_MASK_ADDR(&pr0.ndpr_prefix.sin6_addr,
|
|
|
|
&ifra->ifra_prefixmask.sin6_addr);
|
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
/*
|
2002-04-19 04:46:24 +00:00
|
|
|
* XXX: since we don't have an API to set prefix (not address)
|
|
|
|
* lifetimes, we just use the same lifetimes as addresses.
|
|
|
|
* The (temporarily) installed lifetimes can be overridden by
|
|
|
|
* later advertised RAs (when accept_rtadv is non 0), which is
|
|
|
|
* an intended behavior.
|
2001-06-11 12:39:29 +00:00
|
|
|
*/
|
|
|
|
pr0.ndpr_raf_onlink = 1; /* should be configurable? */
|
|
|
|
pr0.ndpr_raf_auto =
|
2003-10-07 17:46:18 +00:00
|
|
|
((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0);
|
2001-06-11 12:39:29 +00:00
|
|
|
pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime;
|
|
|
|
pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime;
|
|
|
|
|
2003-10-07 17:46:18 +00:00
|
|
|
/* add the prefix if not yet. */
|
2001-06-11 12:39:29 +00:00
|
|
|
if ((pr = nd6_prefix_lookup(&pr0)) == NULL) {
|
|
|
|
/*
|
|
|
|
* nd6_prelist_add will install the corresponding
|
|
|
|
* interface route.
|
|
|
|
*/
|
A major overhaul of the CARP implementation. The ip_carp.c was started
from scratch, copying needed functionality from the old implemenation
on demand, with a thorough review of all code. The main change is that
interface layer has been removed from the CARP. Now redundant addresses
are configured exactly on the interfaces, they run on.
The CARP configuration itself is, as before, configured and read via
SIOCSVH/SIOCGVH ioctls. A new prefix created with SIOCAIFADDR or
SIOCAIFADDR_IN6 may now be configured to a particular virtual host id,
which makes the prefix redundant.
ifconfig(8) semantics has been changed too: now one doesn't need
to clone carpXX interface, he/she should directly configure a vhid
on a Ethernet interface.
To supply vhid data from the kernel to an application the getifaddrs(8)
function had been changed to pass ifam_data with each address. [1]
The new implementation definitely closes all PRs related to carp(4)
being an interface, and may close several others. It also allows
to run a single redundant IP per interface.
Big thanks to Bjoern Zeeb for his help with inet6 part of patch, for
idea on using ifam_data and for several rounds of reviewing!
PR: kern/117000, kern/126945, kern/126714, kern/120130, kern/117448
Reviewed by: bz
Submitted by: bz [1]
2011-12-16 12:16:56 +00:00
|
|
|
if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) {
|
|
|
|
if (carp_attached)
|
2017-01-25 19:04:08 +00:00
|
|
|
(*carp_detach_p)(&ia->ia_ifa, false);
|
2009-06-23 20:19:09 +00:00
|
|
|
goto out;
|
A major overhaul of the CARP implementation. The ip_carp.c was started
from scratch, copying needed functionality from the old implemenation
on demand, with a thorough review of all code. The main change is that
interface layer has been removed from the CARP. Now redundant addresses
are configured exactly on the interfaces, they run on.
The CARP configuration itself is, as before, configured and read via
SIOCSVH/SIOCGVH ioctls. A new prefix created with SIOCAIFADDR or
SIOCAIFADDR_IN6 may now be configured to a particular virtual host id,
which makes the prefix redundant.
ifconfig(8) semantics has been changed too: now one doesn't need
to clone carpXX interface, he/she should directly configure a vhid
on a Ethernet interface.
To supply vhid data from the kernel to an application the getifaddrs(8)
function had been changed to pass ifam_data with each address. [1]
The new implementation definitely closes all PRs related to carp(4)
being an interface, and may close several others. It also allows
to run a single redundant IP per interface.
Big thanks to Bjoern Zeeb for his help with inet6 part of patch, for
idea on using ifam_data and for several rounds of reviewing!
PR: kern/117000, kern/126945, kern/126714, kern/120130, kern/117448
Reviewed by: bz
Submitted by: bz [1]
2011-12-16 12:16:56 +00:00
|
|
|
}
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
2005-10-31 23:06:04 +00:00
|
|
|
|
|
|
|
/* relate the address to the prefix */
|
|
|
|
if (ia->ia6_ndpr == NULL) {
|
|
|
|
ia->ia6_ndpr = pr;
|
2016-09-24 01:14:25 +00:00
|
|
|
pr->ndpr_addrcnt++;
|
2001-06-11 12:39:29 +00:00
|
|
|
|
|
|
|
/*
|
2005-10-31 23:06:04 +00:00
|
|
|
* If this is the first autoconf address from the
|
|
|
|
* prefix, create a temporary address as well
|
|
|
|
* (when required).
|
2001-06-11 12:39:29 +00:00
|
|
|
*/
|
2005-10-31 23:06:04 +00:00
|
|
|
if ((ia->ia6_flags & IN6_IFF_AUTOCONF) &&
|
2016-09-24 01:14:25 +00:00
|
|
|
V_ip6_use_tempaddr && pr->ndpr_addrcnt == 1) {
|
2005-10-31 23:06:04 +00:00
|
|
|
int e;
|
|
|
|
if ((e = in6_tmpifadd(ia, 1, 0)) != 0) {
|
|
|
|
log(LOG_NOTICE, "in6_control: failed "
|
|
|
|
"to create a temporary address, "
|
|
|
|
"errno=%d\n", e);
|
|
|
|
}
|
|
|
|
}
|
2000-07-04 16:35:15 +00:00
|
|
|
}
|
2016-10-07 21:10:53 +00:00
|
|
|
nd6_prefix_rele(pr);
|
2005-10-31 23:06:04 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* this might affect the status of autoconfigured addresses,
|
|
|
|
* that is, this address might make other addresses detached.
|
|
|
|
*/
|
|
|
|
pfxlist_onlink_check();
|
2016-05-15 03:01:40 +00:00
|
|
|
|
2014-11-02 21:58:31 +00:00
|
|
|
aifaddr_out:
|
|
|
|
/*
|
|
|
|
* Try to clear the flag when a new IPv6 address is added
|
|
|
|
* onto an IFDISABLED interface and it succeeds.
|
|
|
|
*/
|
|
|
|
if (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED) {
|
|
|
|
struct in6_ndireq nd;
|
|
|
|
|
|
|
|
memset(&nd, 0, sizeof(nd));
|
|
|
|
nd.ndi.flags = ND_IFINFO(ifp)->flags;
|
|
|
|
nd.ndi.flags &= ~ND6_IFF_IFDISABLED;
|
|
|
|
if (nd6_ioctl(SIOCSIFINFO_FLAGS, (caddr_t)&nd, ifp) < 0)
|
|
|
|
log(LOG_NOTICE, "SIOCAIFADDR_IN6: "
|
|
|
|
"SIOCSIFINFO_FLAGS for -ifdisabled "
|
|
|
|
"failed.");
|
|
|
|
/*
|
|
|
|
* Ignore failure of clearing the flag intentionally.
|
|
|
|
* The failure means address duplication was detected.
|
|
|
|
*/
|
2011-06-06 02:37:38 +00:00
|
|
|
}
|
2001-06-11 12:39:29 +00:00
|
|
|
break;
|
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
case SIOCDIFADDR_IN6:
|
|
|
|
{
|
2005-10-21 16:23:01 +00:00
|
|
|
struct nd_prefix *pr;
|
2001-06-11 12:39:29 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If the address being deleted is the only one that owns
|
|
|
|
* the corresponding prefix, expire the prefix as well.
|
2003-10-07 17:46:18 +00:00
|
|
|
* XXX: theoretically, we don't have to worry about such
|
2001-06-11 12:39:29 +00:00
|
|
|
* relationship, since we separate the address management
|
|
|
|
* and the prefix management. We do this, however, to provide
|
|
|
|
* as much backward compatibility as possible in terms of
|
|
|
|
* the ioctl operation.
|
2016-09-24 01:14:25 +00:00
|
|
|
* Note that in6_purgeaddr() will decrement ndpr_addrcnt.
|
2001-06-11 12:39:29 +00:00
|
|
|
*/
|
2005-10-31 23:06:04 +00:00
|
|
|
pr = ia->ia6_ndpr;
|
2001-06-11 12:39:29 +00:00
|
|
|
in6_purgeaddr(&ia->ia_ifa);
|
2016-10-07 21:10:53 +00:00
|
|
|
if (pr != NULL && pr->ndpr_addrcnt == 0) {
|
|
|
|
ND6_WLOCK();
|
|
|
|
nd6_prefix_unlink(pr, NULL);
|
|
|
|
ND6_WUNLOCK();
|
|
|
|
nd6_prefix_del(pr);
|
|
|
|
}
|
2018-10-21 15:02:06 +00:00
|
|
|
EVENTHANDLER_INVOKE(ifaddr_event_ext, ifp, &ia->ia_ifa,
|
|
|
|
IFADDR_EVENT_DEL);
|
1999-11-22 02:45:11 +00:00
|
|
|
break;
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
default:
|
2014-08-22 19:21:08 +00:00
|
|
|
if (ifp->if_ioctl == NULL) {
|
2009-06-23 20:19:09 +00:00
|
|
|
error = EOPNOTSUPP;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
error = (*ifp->if_ioctl)(ifp, cmd, data);
|
|
|
|
goto out;
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
|
|
|
|
2009-06-23 20:19:09 +00:00
|
|
|
error = 0;
|
|
|
|
out:
|
|
|
|
if (ia != NULL)
|
|
|
|
ifa_free(&ia->ia_ifa);
|
|
|
|
return (error);
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
|
|
|
|
2012-02-17 02:39:58 +00:00
|
|
|
|
2018-05-02 19:36:29 +00:00
|
|
|
static struct in6_multi_mship *
|
|
|
|
in6_joingroup_legacy(struct ifnet *ifp, const struct in6_addr *mcaddr,
|
|
|
|
int *errorp, int delay)
|
|
|
|
{
|
|
|
|
struct in6_multi_mship *imm;
|
|
|
|
int error;
|
|
|
|
|
|
|
|
imm = malloc(sizeof(*imm), M_IP6MADDR, M_NOWAIT);
|
|
|
|
if (imm == NULL) {
|
|
|
|
*errorp = ENOBUFS;
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
|
|
|
|
delay = (delay * PR_FASTHZ) / hz;
|
|
|
|
|
|
|
|
error = in6_joingroup(ifp, mcaddr, NULL, &imm->i6mm_maddr, delay);
|
|
|
|
if (error) {
|
|
|
|
*errorp = error;
|
|
|
|
free(imm, M_IP6MADDR);
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
|
|
|
|
return (imm);
|
|
|
|
}
|
2012-02-17 02:39:58 +00:00
|
|
|
/*
|
|
|
|
* Join necessary multicast groups. Factored out from in6_update_ifa().
|
|
|
|
* This entire work should only be done once, for the default FIB.
|
|
|
|
*/
|
|
|
|
static int
|
|
|
|
in6_update_ifa_join_mc(struct ifnet *ifp, struct in6_aliasreq *ifra,
|
|
|
|
struct in6_ifaddr *ia, int flags, struct in6_multi **in6m_sol)
|
|
|
|
{
|
|
|
|
char ip6buf[INET6_ADDRSTRLEN];
|
2014-10-27 16:15:15 +00:00
|
|
|
struct in6_addr mltaddr;
|
2012-02-17 02:39:58 +00:00
|
|
|
struct in6_multi_mship *imm;
|
|
|
|
int delay, error;
|
|
|
|
|
|
|
|
KASSERT(in6m_sol != NULL, ("%s: in6m_sol is NULL", __func__));
|
|
|
|
|
|
|
|
/* Join solicited multicast addr for new host id. */
|
2014-10-27 16:15:15 +00:00
|
|
|
bzero(&mltaddr, sizeof(struct in6_addr));
|
|
|
|
mltaddr.s6_addr32[0] = IPV6_ADDR_INT32_MLL;
|
|
|
|
mltaddr.s6_addr32[2] = htonl(1);
|
|
|
|
mltaddr.s6_addr32[3] = ifra->ifra_addr.sin6_addr.s6_addr32[3];
|
|
|
|
mltaddr.s6_addr8[12] = 0xff;
|
|
|
|
if ((error = in6_setscope(&mltaddr, ifp, NULL)) != 0) {
|
2012-02-17 02:39:58 +00:00
|
|
|
/* XXX: should not happen */
|
|
|
|
log(LOG_ERR, "%s: in6_setscope failed\n", __func__);
|
|
|
|
goto cleanup;
|
|
|
|
}
|
2014-10-27 16:15:15 +00:00
|
|
|
delay = error = 0;
|
2012-02-17 02:39:58 +00:00
|
|
|
if ((flags & IN6_IFAUPDATE_DADDELAY)) {
|
|
|
|
/*
|
|
|
|
* We need a random delay for DAD on the address being
|
|
|
|
* configured. It also means delaying transmission of the
|
|
|
|
* corresponding MLD report to avoid report collision.
|
|
|
|
* [RFC 4861, Section 6.3.7]
|
|
|
|
*/
|
|
|
|
delay = arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz);
|
|
|
|
}
|
2018-05-02 19:36:29 +00:00
|
|
|
imm = in6_joingroup_legacy(ifp, &mltaddr, &error, delay);
|
2012-02-17 02:39:58 +00:00
|
|
|
if (imm == NULL) {
|
2014-10-27 16:15:15 +00:00
|
|
|
nd6log((LOG_WARNING, "%s: in6_joingroup failed for %s on %s "
|
|
|
|
"(errno=%d)\n", __func__, ip6_sprintf(ip6buf, &mltaddr),
|
2012-02-17 02:39:58 +00:00
|
|
|
if_name(ifp), error));
|
|
|
|
goto cleanup;
|
|
|
|
}
|
|
|
|
LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
|
|
|
|
*in6m_sol = imm->i6mm_maddr;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Join link-local all-nodes address.
|
|
|
|
*/
|
2014-10-27 16:15:15 +00:00
|
|
|
mltaddr = in6addr_linklocal_allnodes;
|
|
|
|
if ((error = in6_setscope(&mltaddr, ifp, NULL)) != 0)
|
2012-02-17 02:39:58 +00:00
|
|
|
goto cleanup; /* XXX: should not fail */
|
|
|
|
|
2018-05-02 19:36:29 +00:00
|
|
|
imm = in6_joingroup_legacy(ifp, &mltaddr, &error, 0);
|
2012-02-17 02:39:58 +00:00
|
|
|
if (imm == NULL) {
|
2014-10-27 16:15:15 +00:00
|
|
|
nd6log((LOG_WARNING, "%s: in6_joingroup failed for %s on %s "
|
|
|
|
"(errno=%d)\n", __func__, ip6_sprintf(ip6buf, &mltaddr),
|
|
|
|
if_name(ifp), error));
|
2012-02-17 02:39:58 +00:00
|
|
|
goto cleanup;
|
|
|
|
}
|
|
|
|
LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Join node information group address.
|
|
|
|
*/
|
|
|
|
delay = 0;
|
|
|
|
if ((flags & IN6_IFAUPDATE_DADDELAY)) {
|
|
|
|
/*
|
|
|
|
* The spec does not say anything about delay for this group,
|
|
|
|
* but the same logic should apply.
|
|
|
|
*/
|
|
|
|
delay = arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz);
|
|
|
|
}
|
2014-10-27 16:15:15 +00:00
|
|
|
if (in6_nigroup(ifp, NULL, -1, &mltaddr) == 0) {
|
2012-02-17 02:39:58 +00:00
|
|
|
/* XXX jinmei */
|
2018-05-02 19:36:29 +00:00
|
|
|
imm = in6_joingroup_legacy(ifp, &mltaddr, &error, delay);
|
2012-02-17 02:39:58 +00:00
|
|
|
if (imm == NULL)
|
2014-10-27 16:15:15 +00:00
|
|
|
nd6log((LOG_WARNING,
|
|
|
|
"%s: in6_joingroup failed for %s on %s "
|
2013-05-04 19:16:26 +00:00
|
|
|
"(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
|
2014-10-27 16:15:15 +00:00
|
|
|
&mltaddr), if_name(ifp), error));
|
2013-05-04 19:16:26 +00:00
|
|
|
/* XXX not very fatal, go on... */
|
|
|
|
else
|
|
|
|
LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
|
|
|
|
}
|
2014-10-27 16:15:15 +00:00
|
|
|
if (V_icmp6_nodeinfo_oldmcprefix &&
|
|
|
|
in6_nigroup_oldmcprefix(ifp, NULL, -1, &mltaddr) == 0) {
|
2018-05-02 19:36:29 +00:00
|
|
|
imm = in6_joingroup_legacy(ifp, &mltaddr, &error, delay);
|
2013-05-04 19:16:26 +00:00
|
|
|
if (imm == NULL)
|
2014-10-27 16:15:15 +00:00
|
|
|
nd6log((LOG_WARNING,
|
|
|
|
"%s: in6_joingroup failed for %s on %s "
|
2012-02-17 02:39:58 +00:00
|
|
|
"(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
|
2014-10-27 16:15:15 +00:00
|
|
|
&mltaddr), if_name(ifp), error));
|
2012-02-17 02:39:58 +00:00
|
|
|
/* XXX not very fatal, go on... */
|
|
|
|
else
|
|
|
|
LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Join interface-local all-nodes address.
|
|
|
|
* (ff01::1%ifN, and ff01::%ifN/32)
|
|
|
|
*/
|
2014-10-27 16:15:15 +00:00
|
|
|
mltaddr = in6addr_nodelocal_allnodes;
|
|
|
|
if ((error = in6_setscope(&mltaddr, ifp, NULL)) != 0)
|
2012-02-17 02:39:58 +00:00
|
|
|
goto cleanup; /* XXX: should not fail */
|
|
|
|
|
2018-05-02 19:36:29 +00:00
|
|
|
imm = in6_joingroup_legacy(ifp, &mltaddr, &error, 0);
|
2012-02-17 02:39:58 +00:00
|
|
|
if (imm == NULL) {
|
2014-10-27 16:15:15 +00:00
|
|
|
nd6log((LOG_WARNING, "%s: in6_joingroup failed for %s on %s "
|
2012-02-17 02:39:58 +00:00
|
|
|
"(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
|
2014-10-27 16:15:15 +00:00
|
|
|
&mltaddr), if_name(ifp), error));
|
2012-02-17 02:39:58 +00:00
|
|
|
goto cleanup;
|
|
|
|
}
|
|
|
|
LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
/*
|
|
|
|
* Update parameters of an IPv6 interface address.
|
|
|
|
* If necessary, a new entry is created and linked into address chains.
|
|
|
|
* This function is separated from in6_control().
|
|
|
|
*/
|
|
|
|
int
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra,
|
|
|
|
struct in6_ifaddr *ia, int flags)
|
2001-06-11 12:39:29 +00:00
|
|
|
{
|
2014-01-18 15:52:52 +00:00
|
|
|
int error, hostIsNew = 0;
|
|
|
|
|
|
|
|
if ((error = in6_validate_ifra(ifp, ifra, ia, flags)) != 0)
|
|
|
|
return (error);
|
|
|
|
|
|
|
|
if (ia == NULL) {
|
|
|
|
hostIsNew = 1;
|
|
|
|
if ((ia = in6_alloc_ifa(ifp, ifra, flags)) == NULL)
|
|
|
|
return (ENOBUFS);
|
|
|
|
}
|
|
|
|
|
|
|
|
error = in6_update_ifa_internal(ifp, ifra, ia, hostIsNew, flags);
|
|
|
|
if (error != 0) {
|
|
|
|
if (hostIsNew != 0) {
|
|
|
|
in6_unlink_ifa(ia, ifp);
|
|
|
|
ifa_free(&ia->ia_ifa);
|
|
|
|
}
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (hostIsNew)
|
2014-01-19 16:07:27 +00:00
|
|
|
error = in6_broadcast_ifa(ifp, ifra, ia, flags);
|
2014-01-18 15:52:52 +00:00
|
|
|
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
2014-01-18 20:32:59 +00:00
|
|
|
/*
|
2014-01-19 16:07:27 +00:00
|
|
|
* Fill in basic IPv6 address request info.
|
2014-01-18 20:32:59 +00:00
|
|
|
*/
|
|
|
|
void
|
|
|
|
in6_prepare_ifra(struct in6_aliasreq *ifra, const struct in6_addr *addr,
|
|
|
|
const struct in6_addr *mask)
|
|
|
|
{
|
|
|
|
|
|
|
|
memset(ifra, 0, sizeof(struct in6_aliasreq));
|
|
|
|
|
|
|
|
ifra->ifra_addr.sin6_family = AF_INET6;
|
|
|
|
ifra->ifra_addr.sin6_len = sizeof(struct sockaddr_in6);
|
|
|
|
if (addr != NULL)
|
|
|
|
ifra->ifra_addr.sin6_addr = *addr;
|
|
|
|
|
|
|
|
ifra->ifra_prefixmask.sin6_family = AF_INET6;
|
|
|
|
ifra->ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6);
|
|
|
|
if (mask != NULL)
|
|
|
|
ifra->ifra_prefixmask.sin6_addr = *mask;
|
|
|
|
}
|
|
|
|
|
2014-01-18 15:52:52 +00:00
|
|
|
static int
|
|
|
|
in6_validate_ifra(struct ifnet *ifp, struct in6_aliasreq *ifra,
|
|
|
|
struct in6_ifaddr *ia, int flags)
|
|
|
|
{
|
|
|
|
int plen = -1;
|
2001-06-11 12:39:29 +00:00
|
|
|
struct sockaddr_in6 dst6;
|
|
|
|
struct in6_addrlifetime *lt;
|
2006-12-12 12:17:58 +00:00
|
|
|
char ip6buf[INET6_ADDRSTRLEN];
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
/* Validate parameters */
|
|
|
|
if (ifp == NULL || ifra == NULL) /* this maybe redundant */
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EINVAL);
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
/*
|
|
|
|
* The destination address for a p2p link must have a family
|
|
|
|
* of AF_UNSPEC or AF_INET6.
|
|
|
|
*/
|
|
|
|
if ((ifp->if_flags & IFF_POINTOPOINT) != 0 &&
|
|
|
|
ifra->ifra_dstaddr.sin6_family != AF_INET6 &&
|
|
|
|
ifra->ifra_dstaddr.sin6_family != AF_UNSPEC)
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EAFNOSUPPORT);
|
2014-01-19 16:07:27 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Validate address
|
|
|
|
*/
|
|
|
|
if (ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6) ||
|
|
|
|
ifra->ifra_addr.sin6_family != AF_INET6)
|
|
|
|
return (EINVAL);
|
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
/*
|
|
|
|
* validate ifra_prefixmask. don't check sin6_family, netmask
|
|
|
|
* does not carry fields other than sin6_len.
|
|
|
|
*/
|
|
|
|
if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6))
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EINVAL);
|
2001-06-11 12:39:29 +00:00
|
|
|
/*
|
|
|
|
* Because the IPv6 address architecture is classless, we require
|
|
|
|
* users to specify a (non 0) prefix length (mask) for a new address.
|
|
|
|
* We also require the prefix (when specified) mask is valid, and thus
|
|
|
|
* reject a non-consecutive mask.
|
|
|
|
*/
|
|
|
|
if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0)
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EINVAL);
|
2001-06-11 12:39:29 +00:00
|
|
|
if (ifra->ifra_prefixmask.sin6_len != 0) {
|
|
|
|
plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
|
2003-10-07 17:46:18 +00:00
|
|
|
(u_char *)&ifra->ifra_prefixmask +
|
|
|
|
ifra->ifra_prefixmask.sin6_len);
|
2001-06-11 12:39:29 +00:00
|
|
|
if (plen <= 0)
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EINVAL);
|
2003-10-07 17:46:18 +00:00
|
|
|
} else {
|
2000-07-04 16:35:15 +00:00
|
|
|
/*
|
2002-04-19 04:46:24 +00:00
|
|
|
* In this case, ia must not be NULL. We just use its prefix
|
2001-06-11 12:39:29 +00:00
|
|
|
* length.
|
2000-07-04 16:35:15 +00:00
|
|
|
*/
|
2001-06-11 12:39:29 +00:00
|
|
|
plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL);
|
|
|
|
}
|
|
|
|
/*
|
|
|
|
* If the destination address on a p2p interface is specified,
|
|
|
|
* and the address is a scoped one, validate/set the scope
|
|
|
|
* zone identifier.
|
|
|
|
*/
|
|
|
|
dst6 = ifra->ifra_dstaddr;
|
2003-10-07 17:46:18 +00:00
|
|
|
if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 &&
|
2001-06-11 12:39:29 +00:00
|
|
|
(dst6.sin6_family == AF_INET6)) {
|
2005-07-25 12:31:43 +00:00
|
|
|
struct in6_addr in6_tmp;
|
2004-03-03 14:33:16 +00:00
|
|
|
u_int32_t zoneid;
|
2001-06-11 12:39:29 +00:00
|
|
|
|
2005-07-25 12:31:43 +00:00
|
|
|
in6_tmp = dst6.sin6_addr;
|
|
|
|
if (in6_setscope(&in6_tmp, ifp, &zoneid))
|
|
|
|
return (EINVAL); /* XXX: should be impossible */
|
|
|
|
|
|
|
|
if (dst6.sin6_scope_id != 0) {
|
|
|
|
if (dst6.sin6_scope_id != zoneid)
|
|
|
|
return (EINVAL);
|
|
|
|
} else /* user omit to specify the ID. */
|
2004-03-03 14:33:16 +00:00
|
|
|
dst6.sin6_scope_id = zoneid;
|
2005-07-25 12:31:43 +00:00
|
|
|
|
|
|
|
/* convert into the internal form */
|
|
|
|
if (sa6_embedscope(&dst6, 0))
|
|
|
|
return (EINVAL); /* XXX: should be impossible */
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
2014-01-18 15:52:52 +00:00
|
|
|
/* Modify original ifra_dstaddr to reflect changes */
|
|
|
|
ifra->ifra_dstaddr = dst6;
|
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
/*
|
|
|
|
* The destination address can be specified only for a p2p or a
|
|
|
|
* loopback interface. If specified, the corresponding prefix length
|
|
|
|
* must be 128.
|
|
|
|
*/
|
|
|
|
if (ifra->ifra_dstaddr.sin6_family == AF_INET6) {
|
|
|
|
if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) {
|
2004-03-03 14:33:16 +00:00
|
|
|
/* XXX: noisy message */
|
2003-11-04 14:09:37 +00:00
|
|
|
nd6log((LOG_INFO, "in6_update_ifa: a destination can "
|
|
|
|
"be specified for a p2p or a loopback IF only\n"));
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EINVAL);
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
|
|
|
if (plen != 128) {
|
2003-11-04 14:09:37 +00:00
|
|
|
nd6log((LOG_INFO, "in6_update_ifa: prefixlen should "
|
|
|
|
"be 128 when dstaddr is specified\n"));
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EINVAL);
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
/* lifetime consistency check */
|
|
|
|
lt = &ifra->ifra_lifetime;
|
2005-10-21 16:23:01 +00:00
|
|
|
if (lt->ia6t_pltime > lt->ia6t_vltime)
|
|
|
|
return (EINVAL);
|
2001-06-11 12:39:29 +00:00
|
|
|
if (lt->ia6t_vltime == 0) {
|
2000-07-04 16:35:15 +00:00
|
|
|
/*
|
2001-06-11 12:39:29 +00:00
|
|
|
* the following log might be noisy, but this is a typical
|
|
|
|
* configuration mistake or a tool's bug.
|
2000-07-04 16:35:15 +00:00
|
|
|
*/
|
2003-11-04 14:09:37 +00:00
|
|
|
nd6log((LOG_INFO,
|
2001-06-11 12:39:29 +00:00
|
|
|
"in6_update_ifa: valid lifetime is 0 for %s\n",
|
2006-12-12 12:17:58 +00:00
|
|
|
ip6_sprintf(ip6buf, &ifra->ifra_addr.sin6_addr)));
|
2005-10-21 16:23:01 +00:00
|
|
|
|
|
|
|
if (ia == NULL)
|
|
|
|
return (0); /* there's nothing to do */
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
2000-07-04 16:35:15 +00:00
|
|
|
|
2014-01-18 15:52:52 +00:00
|
|
|
/* Check prefix mask */
|
|
|
|
if (ia != NULL && ifra->ifra_prefixmask.sin6_len != 0) {
|
|
|
|
/*
|
|
|
|
* We prohibit changing the prefix length of an existing
|
|
|
|
* address, because
|
|
|
|
* + such an operation should be rare in IPv6, and
|
|
|
|
* + the operation would confuse prefix management.
|
|
|
|
*/
|
|
|
|
if (ia->ia_prefixmask.sin6_len != 0 &&
|
|
|
|
in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) {
|
|
|
|
nd6log((LOG_INFO, "in6_validate_ifa: the prefix length "
|
|
|
|
"of an existing %s address should not be changed\n",
|
|
|
|
ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
|
|
|
|
|
|
|
|
return (EINVAL);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
2014-01-18 15:57:43 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Allocate a new ifaddr and link it into chains.
|
|
|
|
*/
|
2014-01-18 15:52:52 +00:00
|
|
|
static struct in6_ifaddr *
|
|
|
|
in6_alloc_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, int flags)
|
|
|
|
{
|
|
|
|
struct in6_ifaddr *ia;
|
|
|
|
|
2014-01-18 15:57:43 +00:00
|
|
|
/*
|
|
|
|
* When in6_alloc_ifa() is called in a process of a received
|
|
|
|
* RA, it is called under an interrupt context. So, we should
|
|
|
|
* call malloc with M_NOWAIT.
|
|
|
|
*/
|
|
|
|
ia = (struct in6_ifaddr *)ifa_alloc(sizeof(*ia), M_NOWAIT);
|
|
|
|
if (ia == NULL)
|
|
|
|
return (NULL);
|
|
|
|
LIST_INIT(&ia->ia6_memberships);
|
|
|
|
/* Initialize the address and masks, and put time stamp */
|
|
|
|
ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr;
|
|
|
|
ia->ia_addr.sin6_family = AF_INET6;
|
|
|
|
ia->ia_addr.sin6_len = sizeof(ia->ia_addr);
|
2014-01-19 16:07:27 +00:00
|
|
|
/* XXX: Can we assign ,sin6_addr and skip the rest? */
|
|
|
|
ia->ia_addr = ifra->ifra_addr;
|
2014-01-18 15:57:43 +00:00
|
|
|
ia->ia6_createtime = time_uptime;
|
|
|
|
if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) {
|
2001-07-15 14:24:00 +00:00
|
|
|
/*
|
2014-01-19 16:07:27 +00:00
|
|
|
* Some functions expect that ifa_dstaddr is not
|
2014-01-18 15:57:43 +00:00
|
|
|
* NULL for p2p interfaces.
|
2001-07-15 14:24:00 +00:00
|
|
|
*/
|
2014-01-18 15:57:43 +00:00
|
|
|
ia->ia_ifa.ifa_dstaddr =
|
|
|
|
(struct sockaddr *)&ia->ia_dstaddr;
|
|
|
|
} else {
|
|
|
|
ia->ia_ifa.ifa_dstaddr = NULL;
|
|
|
|
}
|
2014-01-19 16:07:27 +00:00
|
|
|
|
|
|
|
/* set prefix mask if any */
|
2014-01-18 15:57:43 +00:00
|
|
|
ia->ia_ifa.ifa_netmask = (struct sockaddr *)&ia->ia_prefixmask;
|
2014-01-19 16:07:27 +00:00
|
|
|
if (ifra->ifra_prefixmask.sin6_len != 0) {
|
|
|
|
ia->ia_prefixmask.sin6_family = AF_INET6;
|
|
|
|
ia->ia_prefixmask.sin6_len = ifra->ifra_prefixmask.sin6_len;
|
|
|
|
ia->ia_prefixmask.sin6_addr = ifra->ifra_prefixmask.sin6_addr;
|
|
|
|
}
|
|
|
|
|
2014-01-18 15:57:43 +00:00
|
|
|
ia->ia_ifp = ifp;
|
|
|
|
ifa_ref(&ia->ia_ifa); /* if_addrhead */
|
|
|
|
IF_ADDR_WLOCK(ifp);
|
2018-05-18 20:13:34 +00:00
|
|
|
CK_STAILQ_INSERT_TAIL(&ifp->if_addrhead, &ia->ia_ifa, ifa_link);
|
2014-01-18 15:57:43 +00:00
|
|
|
IF_ADDR_WUNLOCK(ifp);
|
|
|
|
|
|
|
|
ifa_ref(&ia->ia_ifa); /* in6_ifaddrhead */
|
|
|
|
IN6_IFADDR_WLOCK();
|
2018-05-18 20:13:34 +00:00
|
|
|
CK_STAILQ_INSERT_TAIL(&V_in6_ifaddrhead, ia, ia_link);
|
2018-05-24 23:21:23 +00:00
|
|
|
CK_LIST_INSERT_HEAD(IN6ADDR_HASH(&ia->ia_addr.sin6_addr), ia, ia6_hash);
|
2014-01-18 15:57:43 +00:00
|
|
|
IN6_IFADDR_WUNLOCK();
|
|
|
|
|
2014-01-18 15:52:52 +00:00
|
|
|
return (ia);
|
|
|
|
}
|
|
|
|
|
2014-01-19 16:07:27 +00:00
|
|
|
/*
|
|
|
|
* Update/configure interface address parameters:
|
|
|
|
*
|
|
|
|
* 1) Update lifetime
|
|
|
|
* 2) Update interface metric ad flags
|
|
|
|
* 3) Notify other subsystems
|
|
|
|
*/
|
2014-01-18 15:52:52 +00:00
|
|
|
static int
|
|
|
|
in6_update_ifa_internal(struct ifnet *ifp, struct in6_aliasreq *ifra,
|
|
|
|
struct in6_ifaddr *ia, int hostIsNew, int flags)
|
|
|
|
{
|
|
|
|
int error;
|
2001-06-11 12:39:29 +00:00
|
|
|
|
2005-10-21 16:23:01 +00:00
|
|
|
/* update timestamp */
|
2013-08-05 20:13:02 +00:00
|
|
|
ia->ia6_updatetime = time_uptime;
|
2005-10-21 16:23:01 +00:00
|
|
|
|
2005-07-25 12:31:43 +00:00
|
|
|
/*
|
|
|
|
* Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred
|
|
|
|
* to see if the address is deprecated or invalidated, but initialize
|
|
|
|
* these members for applications.
|
|
|
|
*/
|
|
|
|
ia->ia6_lifetime = ifra->ifra_lifetime;
|
|
|
|
if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
|
|
|
|
ia->ia6_lifetime.ia6t_expire =
|
2013-08-05 20:13:02 +00:00
|
|
|
time_uptime + ia->ia6_lifetime.ia6t_vltime;
|
2005-07-25 12:31:43 +00:00
|
|
|
} else
|
|
|
|
ia->ia6_lifetime.ia6t_expire = 0;
|
|
|
|
if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
|
|
|
|
ia->ia6_lifetime.ia6t_preferred =
|
2013-08-05 20:13:02 +00:00
|
|
|
time_uptime + ia->ia6_lifetime.ia6t_pltime;
|
2005-07-25 12:31:43 +00:00
|
|
|
} else
|
|
|
|
ia->ia6_lifetime.ia6t_preferred = 0;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* backward compatibility - if IN6_IFF_DEPRECATED is set from the
|
|
|
|
* userland, make it deprecated.
|
|
|
|
*/
|
|
|
|
if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) {
|
|
|
|
ia->ia6_lifetime.ia6t_pltime = 0;
|
2013-08-05 20:13:02 +00:00
|
|
|
ia->ia6_lifetime.ia6t_preferred = time_uptime;
|
2005-07-25 12:31:43 +00:00
|
|
|
}
|
2014-01-18 15:52:52 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* configure address flags.
|
|
|
|
*/
|
|
|
|
ia->ia6_flags = ifra->ifra_flags;
|
|
|
|
|
2005-07-25 12:31:43 +00:00
|
|
|
/*
|
2005-10-21 16:23:01 +00:00
|
|
|
* Make the address tentative before joining multicast addresses,
|
|
|
|
* so that corresponding MLD responses would not have a tentative
|
|
|
|
* source address.
|
2005-07-25 12:31:43 +00:00
|
|
|
*/
|
2005-10-21 16:23:01 +00:00
|
|
|
ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */
|
2005-07-25 12:31:43 +00:00
|
|
|
|
2015-09-10 06:10:30 +00:00
|
|
|
/*
|
|
|
|
* DAD should be performed for an new address or addresses on
|
|
|
|
* an interface with ND6_IFF_IFDISABLED.
|
|
|
|
*/
|
|
|
|
if (in6if_do_dad(ifp) &&
|
|
|
|
(hostIsNew || (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED)))
|
2009-09-12 22:08:20 +00:00
|
|
|
ia->ia6_flags |= IN6_IFF_TENTATIVE;
|
|
|
|
|
2014-01-19 16:07:27 +00:00
|
|
|
/* notify other subsystems */
|
|
|
|
error = in6_notify_ifa(ifp, ia, ifra, hostIsNew);
|
2014-01-18 15:52:52 +00:00
|
|
|
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
2014-01-19 16:07:27 +00:00
|
|
|
/*
|
|
|
|
* Do link-level ifa job:
|
|
|
|
* 1) Add lle entry for added address
|
|
|
|
* 2) Notifies routing socket users about new address
|
|
|
|
* 3) join appropriate multicast group
|
|
|
|
* 4) start DAD if enabled
|
|
|
|
*/
|
2014-01-18 15:52:52 +00:00
|
|
|
static int
|
2014-01-19 16:07:27 +00:00
|
|
|
in6_broadcast_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra,
|
2014-01-18 15:52:52 +00:00
|
|
|
struct in6_ifaddr *ia, int flags)
|
|
|
|
{
|
|
|
|
struct in6_multi *in6m_sol;
|
|
|
|
int error = 0;
|
|
|
|
|
|
|
|
/* Add local address to lltable, if necessary (ex. on p2p link). */
|
2014-01-19 16:07:27 +00:00
|
|
|
if ((error = nd6_add_ifa_lle(ia)) != 0) {
|
|
|
|
in6_purgeaddr(&ia->ia_ifa);
|
|
|
|
ifa_free(&ia->ia_ifa);
|
|
|
|
return (error);
|
|
|
|
}
|
2005-07-25 12:31:43 +00:00
|
|
|
|
2012-02-17 02:39:58 +00:00
|
|
|
/* Join necessary multicast groups. */
|
2005-10-21 16:23:01 +00:00
|
|
|
in6m_sol = NULL;
|
2001-06-11 12:39:29 +00:00
|
|
|
if ((ifp->if_flags & IFF_MULTICAST) != 0) {
|
2012-02-17 02:39:58 +00:00
|
|
|
error = in6_update_ifa_join_mc(ifp, ifra, ia, flags, &in6m_sol);
|
2014-01-18 15:52:52 +00:00
|
|
|
if (error != 0) {
|
|
|
|
in6_purgeaddr(&ia->ia_ifa);
|
2014-01-19 16:07:27 +00:00
|
|
|
ifa_free(&ia->ia_ifa);
|
2014-01-18 15:52:52 +00:00
|
|
|
return (error);
|
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
2001-06-11 12:39:29 +00:00
|
|
|
|
2015-08-24 05:21:49 +00:00
|
|
|
/* Perform DAD, if the address is TENTATIVE. */
|
|
|
|
if ((ia->ia6_flags & IN6_IFF_TENTATIVE)) {
|
2014-01-18 15:52:52 +00:00
|
|
|
int delay, mindelay, maxdelay;
|
2005-10-21 16:23:01 +00:00
|
|
|
|
|
|
|
delay = 0;
|
|
|
|
if ((flags & IN6_IFAUPDATE_DADDELAY)) {
|
|
|
|
/*
|
|
|
|
* We need to impose a delay before sending an NS
|
|
|
|
* for DAD. Check if we also needed a delay for the
|
|
|
|
* corresponding MLD message. If we did, the delay
|
|
|
|
* should be larger than the MLD delay (this could be
|
|
|
|
* relaxed a bit, but this simple logic is at least
|
|
|
|
* safe).
|
Bite the bullet, and make the IPv6 SSM and MLDv2 mega-commit:
import from p4 bms_netdev. Summary of changes:
* Connect netinet6/in6_mcast.c to build.
The legacy KAME KPIs are mostly preserved.
* Eliminate now dead code from ip6_output.c.
Don't do mbuf bingo, we are not going to do RFC 2292 style
CMSG tricks for multicast options as they are not required
by any current IPv6 normative reference.
* Refactor transports (UDP, raw_ip6) to do own mcast filtering.
SCTP, TCP unaffected by this change.
* Add ip6_msource, in6_msource structs to in6_var.h.
* Hookup mld_ifinfo state to in6_ifextra, allocate from
domifattach path.
* Eliminate IN6_LOOKUP_MULTI(), it is no longer referenced.
Kernel consumers which need this should use in6m_lookup().
* Refactor IPv6 socket group memberships to use a vector (like IPv4).
* Update ifmcstat(8) for IPv6 SSM.
* Add witness lock order for IN6_MULTI_LOCK.
* Move IN6_MULTI_LOCK out of lower ip6_output()/ip6_input() paths.
* Introduce IP6STAT_ADD/SUB/INC/DEC as per rwatson's IPv4 cleanup.
* Update carp(4) for new IPv6 SSM KPIs.
* Virtualize ip6_mrouter socket.
Changes mostly localized to IPv6 MROUTING.
* Don't do a local group lookup in MROUTING.
* Kill unused KAME prototypes in6_purgemkludge(), in6_restoremkludge().
* Preserve KAME DAD timer jitter behaviour in MLDv1 compatibility mode.
* Bump __FreeBSD_version to 800084.
* Update UPDATING.
NOTE WELL:
* This code hasn't been tested against real MLDv2 queriers
(yet), although the on-wire protocol has been verified in Wireshark.
* There are a few unresolved issues in the socket layer APIs to
do with scope ID propagation.
* There is a LOR present in ip6_output()'s use of
in6_setscope() which needs to be resolved. See comments in mld6.c.
This is believed to be benign and can't be avoided for the moment
without re-introducing an indirect netisr.
This work was mostly derived from the IGMPv3 implementation, and
has been sponsored by a third party.
2009-04-29 19:19:13 +00:00
|
|
|
* XXX: Break data hiding guidelines and look at
|
|
|
|
* state for the solicited multicast group.
|
2005-10-21 16:23:01 +00:00
|
|
|
*/
|
|
|
|
mindelay = 0;
|
|
|
|
if (in6m_sol != NULL &&
|
Bite the bullet, and make the IPv6 SSM and MLDv2 mega-commit:
import from p4 bms_netdev. Summary of changes:
* Connect netinet6/in6_mcast.c to build.
The legacy KAME KPIs are mostly preserved.
* Eliminate now dead code from ip6_output.c.
Don't do mbuf bingo, we are not going to do RFC 2292 style
CMSG tricks for multicast options as they are not required
by any current IPv6 normative reference.
* Refactor transports (UDP, raw_ip6) to do own mcast filtering.
SCTP, TCP unaffected by this change.
* Add ip6_msource, in6_msource structs to in6_var.h.
* Hookup mld_ifinfo state to in6_ifextra, allocate from
domifattach path.
* Eliminate IN6_LOOKUP_MULTI(), it is no longer referenced.
Kernel consumers which need this should use in6m_lookup().
* Refactor IPv6 socket group memberships to use a vector (like IPv4).
* Update ifmcstat(8) for IPv6 SSM.
* Add witness lock order for IN6_MULTI_LOCK.
* Move IN6_MULTI_LOCK out of lower ip6_output()/ip6_input() paths.
* Introduce IP6STAT_ADD/SUB/INC/DEC as per rwatson's IPv4 cleanup.
* Update carp(4) for new IPv6 SSM KPIs.
* Virtualize ip6_mrouter socket.
Changes mostly localized to IPv6 MROUTING.
* Don't do a local group lookup in MROUTING.
* Kill unused KAME prototypes in6_purgemkludge(), in6_restoremkludge().
* Preserve KAME DAD timer jitter behaviour in MLDv1 compatibility mode.
* Bump __FreeBSD_version to 800084.
* Update UPDATING.
NOTE WELL:
* This code hasn't been tested against real MLDv2 queriers
(yet), although the on-wire protocol has been verified in Wireshark.
* There are a few unresolved issues in the socket layer APIs to
do with scope ID propagation.
* There is a LOR present in ip6_output()'s use of
in6_setscope() which needs to be resolved. See comments in mld6.c.
This is believed to be benign and can't be avoided for the moment
without re-introducing an indirect netisr.
This work was mostly derived from the IGMPv3 implementation, and
has been sponsored by a third party.
2009-04-29 19:19:13 +00:00
|
|
|
in6m_sol->in6m_state == MLD_REPORTING_MEMBER) {
|
2005-10-21 16:23:01 +00:00
|
|
|
mindelay = in6m_sol->in6m_timer;
|
|
|
|
}
|
|
|
|
maxdelay = MAX_RTR_SOLICITATION_DELAY * hz;
|
|
|
|
if (maxdelay - mindelay == 0)
|
|
|
|
delay = 0;
|
|
|
|
else {
|
|
|
|
delay =
|
|
|
|
(arc4random() % (maxdelay - mindelay)) +
|
|
|
|
mindelay;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
nd6_dad_start((struct ifaddr *)ia, delay);
|
|
|
|
}
|
|
|
|
|
2015-05-29 10:24:16 +00:00
|
|
|
in6_newaddrmsg(ia, RTM_ADD);
|
2009-06-23 20:19:09 +00:00
|
|
|
ifa_free(&ia->ia_ifa);
|
2003-10-06 14:02:09 +00:00
|
|
|
return (error);
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
2012-02-17 02:39:58 +00:00
|
|
|
void
|
|
|
|
in6_purgeaddr(struct ifaddr *ifa)
|
|
|
|
{
|
|
|
|
struct ifnet *ifp = ifa->ifa_ifp;
|
|
|
|
struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa;
|
2014-11-10 16:01:31 +00:00
|
|
|
struct in6_multi_mship *imm;
|
2012-02-17 02:39:58 +00:00
|
|
|
int plen, error;
|
|
|
|
|
|
|
|
if (ifa->ifa_carp)
|
2017-01-25 19:04:08 +00:00
|
|
|
(*carp_detach_p)(ifa, false);
|
2012-02-17 02:39:58 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Remove the loopback route to the interface address.
|
2012-07-31 11:31:12 +00:00
|
|
|
* The check for the current setting of "nd6_useloopback"
|
2012-02-17 02:39:58 +00:00
|
|
|
* is not needed.
|
|
|
|
*/
|
|
|
|
if (ia->ia_flags & IFA_RTSELF) {
|
|
|
|
error = ifa_del_loopback_route((struct ifaddr *)ia,
|
2012-07-31 11:31:12 +00:00
|
|
|
(struct sockaddr *)&ia->ia_addr);
|
2012-02-17 02:39:58 +00:00
|
|
|
if (error == 0)
|
|
|
|
ia->ia_flags &= ~IFA_RTSELF;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* stop DAD processing */
|
|
|
|
nd6_dad_stop(ifa);
|
|
|
|
|
|
|
|
/* Leave multicast groups. */
|
2014-11-10 16:01:31 +00:00
|
|
|
while ((imm = LIST_FIRST(&ia->ia6_memberships)) != NULL) {
|
|
|
|
LIST_REMOVE(imm, i6mm_chain);
|
2018-05-02 19:36:29 +00:00
|
|
|
if (imm->i6mm_maddr != NULL)
|
|
|
|
in6_leavegroup(imm->i6mm_maddr, NULL);
|
|
|
|
free(imm, M_IP6MADDR);
|
2014-11-10 16:01:31 +00:00
|
|
|
}
|
2009-05-18 02:25:45 +00:00
|
|
|
plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */
|
|
|
|
if ((ia->ia_flags & IFA_ROUTE) && plen == 128) {
|
2012-02-17 02:39:58 +00:00
|
|
|
error = rtinit(&(ia->ia_ifa), RTM_DELETE, ia->ia_flags |
|
2016-02-17 21:17:14 +00:00
|
|
|
(ia->ia_dstaddr.sin6_family == AF_INET6 ? RTF_HOST : 0));
|
2009-05-18 02:25:45 +00:00
|
|
|
if (error != 0)
|
2012-02-17 02:39:58 +00:00
|
|
|
log(LOG_INFO, "%s: err=%d, destination address delete "
|
|
|
|
"failed\n", __func__, error);
|
2009-05-18 02:25:45 +00:00
|
|
|
ia->ia_flags &= ~IFA_ROUTE;
|
|
|
|
}
|
|
|
|
|
2015-05-29 10:24:16 +00:00
|
|
|
in6_newaddrmsg(ia, RTM_DELETE);
|
2001-06-11 12:39:29 +00:00
|
|
|
in6_unlink_ifa(ia, ifp);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp)
|
2001-06-11 12:39:29 +00:00
|
|
|
{
|
2015-02-05 16:29:26 +00:00
|
|
|
char ip6buf[INET6_ADDRSTRLEN];
|
2015-09-14 16:48:19 +00:00
|
|
|
int remove_lle;
|
2001-06-11 12:39:29 +00:00
|
|
|
|
2012-01-05 19:00:36 +00:00
|
|
|
IF_ADDR_WLOCK(ifp);
|
2018-05-18 20:13:34 +00:00
|
|
|
CK_STAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifaddr, ifa_link);
|
2012-01-05 19:00:36 +00:00
|
|
|
IF_ADDR_WUNLOCK(ifp);
|
2009-06-23 20:19:09 +00:00
|
|
|
ifa_free(&ia->ia_ifa); /* if_addrhead */
|
2000-07-04 16:35:15 +00:00
|
|
|
|
2009-06-27 11:05:53 +00:00
|
|
|
/*
|
|
|
|
* Defer the release of what might be the last reference to the
|
|
|
|
* in6_ifaddr so that it can't be freed before the remainder of the
|
|
|
|
* cleanup.
|
|
|
|
*/
|
2009-06-25 16:35:28 +00:00
|
|
|
IN6_IFADDR_WLOCK();
|
2018-05-18 20:13:34 +00:00
|
|
|
CK_STAILQ_REMOVE(&V_in6_ifaddrhead, ia, in6_ifaddr, ia_link);
|
2018-05-24 23:21:23 +00:00
|
|
|
CK_LIST_REMOVE(ia, ia6_hash);
|
2009-06-25 16:35:28 +00:00
|
|
|
IN6_IFADDR_WUNLOCK();
|
2000-07-04 16:35:15 +00:00
|
|
|
|
|
|
|
/*
|
2005-10-31 23:06:04 +00:00
|
|
|
* Release the reference to the base prefix. There should be a
|
|
|
|
* positive reference.
|
2000-07-04 16:35:15 +00:00
|
|
|
*/
|
2015-09-14 16:48:19 +00:00
|
|
|
remove_lle = 0;
|
2009-06-24 21:00:25 +00:00
|
|
|
if (ia->ia6_ndpr == NULL) {
|
2005-10-31 23:06:04 +00:00
|
|
|
nd6log((LOG_NOTICE,
|
|
|
|
"in6_unlink_ifa: autoconf'ed address "
|
2015-02-05 16:29:26 +00:00
|
|
|
"%s has no prefix\n", ip6_sprintf(ip6buf, IA6_IN6(ia))));
|
2005-10-31 23:06:04 +00:00
|
|
|
} else {
|
2016-09-24 01:14:25 +00:00
|
|
|
ia->ia6_ndpr->ndpr_addrcnt--;
|
2015-09-14 16:48:19 +00:00
|
|
|
/* Do not delete lles within prefix if refcont != 0 */
|
2016-09-24 01:14:25 +00:00
|
|
|
if (ia->ia6_ndpr->ndpr_addrcnt == 0)
|
2015-09-14 16:48:19 +00:00
|
|
|
remove_lle = 1;
|
2009-06-24 21:00:25 +00:00
|
|
|
ia->ia6_ndpr = NULL;
|
2005-10-31 23:06:04 +00:00
|
|
|
}
|
2001-06-11 12:39:29 +00:00
|
|
|
|
2015-09-14 16:48:19 +00:00
|
|
|
nd6_rem_ifa_lle(ia, remove_lle);
|
|
|
|
|
2005-10-31 23:06:04 +00:00
|
|
|
/*
|
|
|
|
* Also, if the address being removed is autoconf'ed, call
|
|
|
|
* pfxlist_onlink_check() since the release might affect the status of
|
2007-07-05 16:29:40 +00:00
|
|
|
* other (detached) addresses.
|
2005-10-31 23:06:04 +00:00
|
|
|
*/
|
2009-06-24 21:00:25 +00:00
|
|
|
if ((ia->ia6_flags & IN6_IFF_AUTOCONF)) {
|
2001-06-11 12:39:29 +00:00
|
|
|
pfxlist_onlink_check();
|
2000-07-04 16:35:15 +00:00
|
|
|
}
|
2009-06-27 11:05:53 +00:00
|
|
|
ifa_free(&ia->ia_ifa); /* in6_ifaddrhead */
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
/*
|
2015-08-24 05:21:49 +00:00
|
|
|
* Notifies other subsystems about address change/arrival:
|
|
|
|
* 1) Notifies device handler on the first IPv6 address assignment
|
2014-01-19 16:07:27 +00:00
|
|
|
* 2) Handle routing table changes for P2P links and route
|
|
|
|
* 3) Handle routing table changes for address host route
|
1999-11-22 02:45:11 +00:00
|
|
|
*/
|
2001-06-11 12:39:29 +00:00
|
|
|
static int
|
2014-01-19 16:07:27 +00:00
|
|
|
in6_notify_ifa(struct ifnet *ifp, struct in6_ifaddr *ia,
|
|
|
|
struct in6_aliasreq *ifra, int hostIsNew)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
2001-06-11 12:39:29 +00:00
|
|
|
int error = 0, plen, ifacount = 0;
|
|
|
|
struct ifaddr *ifa;
|
2014-01-19 16:07:27 +00:00
|
|
|
struct sockaddr_in6 *pdst;
|
|
|
|
char ip6buf[INET6_ADDRSTRLEN];
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Give the interface a chance to initialize
|
|
|
|
* if this is its first address,
|
|
|
|
*/
|
2014-01-19 16:07:27 +00:00
|
|
|
if (hostIsNew != 0) {
|
2019-01-09 01:11:19 +00:00
|
|
|
struct epoch_tracker et;
|
|
|
|
|
|
|
|
NET_EPOCH_ENTER(et);
|
2018-05-18 20:13:34 +00:00
|
|
|
CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
|
2014-01-19 16:07:27 +00:00
|
|
|
if (ifa->ifa_addr->sa_family != AF_INET6)
|
|
|
|
continue;
|
|
|
|
ifacount++;
|
|
|
|
}
|
2019-01-09 01:11:19 +00:00
|
|
|
NET_EPOCH_EXIT(et);
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
|
|
|
|
2005-06-02 00:04:08 +00:00
|
|
|
if (ifacount <= 1 && ifp->if_ioctl) {
|
|
|
|
error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia);
|
2012-10-18 13:57:24 +00:00
|
|
|
if (error)
|
2018-05-08 11:39:01 +00:00
|
|
|
goto done;
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
2014-01-19 16:07:27 +00:00
|
|
|
/*
|
|
|
|
* If a new destination address is specified, scrub the old one and
|
|
|
|
* install the new destination. Note that the interface must be
|
|
|
|
* p2p or loopback.
|
|
|
|
*/
|
|
|
|
pdst = &ifra->ifra_dstaddr;
|
|
|
|
if (pdst->sin6_family == AF_INET6 &&
|
|
|
|
!IN6_ARE_ADDR_EQUAL(&pdst->sin6_addr, &ia->ia_dstaddr.sin6_addr)) {
|
|
|
|
if ((ia->ia_flags & IFA_ROUTE) != 0 &&
|
|
|
|
(rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST) != 0)) {
|
|
|
|
nd6log((LOG_ERR, "in6_update_ifa_internal: failed to "
|
|
|
|
"remove a route to the old destination: %s\n",
|
|
|
|
ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
|
|
|
|
/* proceed anyway... */
|
|
|
|
} else
|
|
|
|
ia->ia_flags &= ~IFA_ROUTE;
|
|
|
|
ia->ia_dstaddr = *pdst;
|
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
/*
|
2004-01-10 08:59:21 +00:00
|
|
|
* If a new destination address is specified for a point-to-point
|
2001-06-11 12:39:29 +00:00
|
|
|
* interface, install a route to the destination as an interface
|
2012-07-31 11:31:12 +00:00
|
|
|
* direct route.
|
2004-01-10 08:59:21 +00:00
|
|
|
* XXX: the logic below rejects assigning multiple addresses on a p2p
|
2006-06-08 00:31:17 +00:00
|
|
|
* interface that share the same destination.
|
1999-11-22 02:45:11 +00:00
|
|
|
*/
|
2001-06-11 12:39:29 +00:00
|
|
|
plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */
|
2009-08-12 19:15:26 +00:00
|
|
|
if (!(ia->ia_flags & IFA_ROUTE) && plen == 128 &&
|
|
|
|
ia->ia_dstaddr.sin6_family == AF_INET6) {
|
2006-06-08 00:31:17 +00:00
|
|
|
int rtflags = RTF_UP | RTF_HOST;
|
2011-10-16 22:24:04 +00:00
|
|
|
/*
|
|
|
|
* Handle the case for ::1 .
|
|
|
|
*/
|
|
|
|
if (ifp->if_flags & IFF_LOOPBACK)
|
|
|
|
ia->ia_flags |= IFA_RTSELF;
|
2014-01-19 16:07:27 +00:00
|
|
|
error = rtinit(&ia->ia_ifa, RTM_ADD, ia->ia_flags | rtflags);
|
|
|
|
if (error)
|
2018-05-08 11:39:01 +00:00
|
|
|
goto done;
|
2014-01-19 16:07:27 +00:00
|
|
|
ia->ia_flags |= IFA_ROUTE;
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2009-07-12 19:20:55 +00:00
|
|
|
/*
|
2014-01-19 16:07:27 +00:00
|
|
|
* add a loopback route to self if not exists
|
2009-07-12 19:20:55 +00:00
|
|
|
*/
|
2011-10-16 22:24:04 +00:00
|
|
|
if (!(ia->ia_flags & IFA_RTSELF) && V_nd6_useloopback) {
|
2009-09-15 19:18:34 +00:00
|
|
|
error = ifa_add_loopback_route((struct ifaddr *)ia,
|
2012-07-31 11:31:12 +00:00
|
|
|
(struct sockaddr *)&ia->ia_addr);
|
2009-12-30 21:35:34 +00:00
|
|
|
if (error == 0)
|
|
|
|
ia->ia_flags |= IFA_RTSELF;
|
2009-07-12 19:20:55 +00:00
|
|
|
}
|
2018-05-08 11:39:01 +00:00
|
|
|
done:
|
|
|
|
WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
|
|
|
|
"Invoking IPv6 network device address event may sleep");
|
|
|
|
|
2018-10-21 15:02:06 +00:00
|
|
|
ifa_ref(&ia->ia_ifa);
|
|
|
|
EVENTHANDLER_INVOKE(ifaddr_event_ext, ifp, &ia->ia_ifa,
|
|
|
|
IFADDR_EVENT_ADD);
|
|
|
|
ifa_free(&ia->ia_ifa);
|
2009-07-12 19:20:55 +00:00
|
|
|
|
2003-10-06 14:02:09 +00:00
|
|
|
return (error);
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Find an IPv6 interface link-local address specific to an interface.
|
2009-06-23 20:19:09 +00:00
|
|
|
* ifaddr is returned referenced.
|
1999-11-22 02:45:11 +00:00
|
|
|
*/
|
|
|
|
struct in6_ifaddr *
|
2007-07-05 16:23:49 +00:00
|
|
|
in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
2019-01-09 01:11:19 +00:00
|
|
|
struct epoch_tracker et;
|
2001-06-11 12:39:29 +00:00
|
|
|
struct ifaddr *ifa;
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2019-01-09 01:11:19 +00:00
|
|
|
NET_EPOCH_ENTER(et);
|
2018-05-18 20:13:34 +00:00
|
|
|
CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
|
1999-11-22 02:45:11 +00:00
|
|
|
if (ifa->ifa_addr->sa_family != AF_INET6)
|
|
|
|
continue;
|
2000-07-04 16:35:15 +00:00
|
|
|
if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) {
|
|
|
|
if ((((struct in6_ifaddr *)ifa)->ia6_flags &
|
2012-07-31 11:31:12 +00:00
|
|
|
ignoreflags) != 0)
|
2000-07-04 16:35:15 +00:00
|
|
|
continue;
|
2009-06-23 20:19:09 +00:00
|
|
|
ifa_ref(ifa);
|
1999-11-22 02:45:11 +00:00
|
|
|
break;
|
2000-07-04 16:35:15 +00:00
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
2019-01-09 01:11:19 +00:00
|
|
|
NET_EPOCH_EXIT(et);
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2003-10-06 14:02:09 +00:00
|
|
|
return ((struct in6_ifaddr *)ifa);
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2014-09-11 13:18:41 +00:00
|
|
|
/*
|
2018-01-23 19:40:05 +00:00
|
|
|
* find the interface address corresponding to a given IPv6 address.
|
2014-09-11 13:18:41 +00:00
|
|
|
* ifaddr is returned referenced.
|
|
|
|
*/
|
|
|
|
struct in6_ifaddr *
|
|
|
|
in6ifa_ifwithaddr(const struct in6_addr *addr, uint32_t zoneid)
|
|
|
|
{
|
2015-07-29 08:12:05 +00:00
|
|
|
struct rm_priotracker in6_ifa_tracker;
|
2014-09-11 13:18:41 +00:00
|
|
|
struct in6_ifaddr *ia;
|
|
|
|
|
2015-07-29 08:12:05 +00:00
|
|
|
IN6_IFADDR_RLOCK(&in6_ifa_tracker);
|
2018-05-24 23:21:23 +00:00
|
|
|
CK_LIST_FOREACH(ia, IN6ADDR_HASH(addr), ia6_hash) {
|
2014-09-11 13:18:41 +00:00
|
|
|
if (IN6_ARE_ADDR_EQUAL(IA6_IN6(ia), addr)) {
|
|
|
|
if (zoneid != 0 &&
|
|
|
|
zoneid != ia->ia_addr.sin6_scope_id)
|
|
|
|
continue;
|
|
|
|
ifa_ref(&ia->ia_ifa);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
2015-07-29 08:12:05 +00:00
|
|
|
IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
|
2014-09-11 13:18:41 +00:00
|
|
|
return (ia);
|
|
|
|
}
|
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
/*
|
|
|
|
* find the internet address corresponding to a given interface and address.
|
2009-06-23 20:19:09 +00:00
|
|
|
* ifaddr is returned referenced.
|
1999-11-22 02:45:11 +00:00
|
|
|
*/
|
|
|
|
struct in6_ifaddr *
|
2015-09-05 05:54:09 +00:00
|
|
|
in6ifa_ifpwithaddr(struct ifnet *ifp, const struct in6_addr *addr)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
2019-01-09 01:11:19 +00:00
|
|
|
struct epoch_tracker et;
|
2001-06-11 12:39:29 +00:00
|
|
|
struct ifaddr *ifa;
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2019-01-09 01:11:19 +00:00
|
|
|
NET_EPOCH_ENTER(et);
|
2018-05-18 20:13:34 +00:00
|
|
|
CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
|
1999-11-22 02:45:11 +00:00
|
|
|
if (ifa->ifa_addr->sa_family != AF_INET6)
|
|
|
|
continue;
|
2009-06-23 20:19:09 +00:00
|
|
|
if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) {
|
|
|
|
ifa_ref(ifa);
|
1999-11-22 02:45:11 +00:00
|
|
|
break;
|
2009-06-23 20:19:09 +00:00
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
2019-01-09 01:11:19 +00:00
|
|
|
NET_EPOCH_EXIT(et);
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2003-10-06 14:02:09 +00:00
|
|
|
return ((struct in6_ifaddr *)ifa);
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
2013-07-02 16:58:15 +00:00
|
|
|
/*
|
|
|
|
* Find a link-local scoped address on ifp and return it if any.
|
|
|
|
*/
|
|
|
|
struct in6_ifaddr *
|
|
|
|
in6ifa_llaonifp(struct ifnet *ifp)
|
|
|
|
{
|
2019-01-09 01:11:19 +00:00
|
|
|
struct epoch_tracker et;
|
2013-07-02 16:58:15 +00:00
|
|
|
struct sockaddr_in6 *sin6;
|
|
|
|
struct ifaddr *ifa;
|
|
|
|
|
|
|
|
if (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED)
|
|
|
|
return (NULL);
|
2019-01-09 01:11:19 +00:00
|
|
|
NET_EPOCH_ENTER(et);
|
2018-05-18 20:13:34 +00:00
|
|
|
CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
|
2013-07-02 16:58:15 +00:00
|
|
|
if (ifa->ifa_addr->sa_family != AF_INET6)
|
|
|
|
continue;
|
|
|
|
sin6 = (struct sockaddr_in6 *)ifa->ifa_addr;
|
|
|
|
if (IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr) ||
|
|
|
|
IN6_IS_ADDR_MC_INTFACELOCAL(&sin6->sin6_addr) ||
|
|
|
|
IN6_IS_ADDR_MC_NODELOCAL(&sin6->sin6_addr))
|
|
|
|
break;
|
|
|
|
}
|
2019-01-09 01:11:19 +00:00
|
|
|
NET_EPOCH_EXIT(et);
|
2013-07-02 16:58:15 +00:00
|
|
|
|
|
|
|
return ((struct in6_ifaddr *)ifa);
|
|
|
|
}
|
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
/*
|
2006-12-12 12:17:58 +00:00
|
|
|
* Convert IP6 address to printable (loggable) representation. Caller
|
|
|
|
* has to make sure that ip6buf is at least INET6_ADDRSTRLEN long.
|
1999-11-22 02:45:11 +00:00
|
|
|
*/
|
|
|
|
static char digits[] = "0123456789abcdef";
|
|
|
|
char *
|
2006-12-12 12:17:58 +00:00
|
|
|
ip6_sprintf(char *ip6buf, const struct in6_addr *addr)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
2010-05-19 00:35:47 +00:00
|
|
|
int i, cnt = 0, maxcnt = 0, idx = 0, index = 0;
|
2001-06-11 12:39:29 +00:00
|
|
|
char *cp;
|
2004-03-03 14:33:16 +00:00
|
|
|
const u_int16_t *a = (const u_int16_t *)addr;
|
|
|
|
const u_int8_t *d;
|
2006-12-16 14:15:31 +00:00
|
|
|
int dcolon = 0, zero = 0;
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2006-12-12 12:17:58 +00:00
|
|
|
cp = ip6buf;
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2010-05-19 00:35:47 +00:00
|
|
|
for (i = 0; i < 8; i++) {
|
|
|
|
if (*(a + i) == 0) {
|
|
|
|
cnt++;
|
|
|
|
if (cnt == 1)
|
|
|
|
idx = i;
|
|
|
|
}
|
|
|
|
else if (maxcnt < cnt) {
|
|
|
|
maxcnt = cnt;
|
|
|
|
index = idx;
|
|
|
|
cnt = 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (maxcnt < cnt) {
|
|
|
|
maxcnt = cnt;
|
|
|
|
index = idx;
|
|
|
|
}
|
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
for (i = 0; i < 8; i++) {
|
|
|
|
if (dcolon == 1) {
|
|
|
|
if (*a == 0) {
|
|
|
|
if (i == 7)
|
|
|
|
*cp++ = ':';
|
|
|
|
a++;
|
|
|
|
continue;
|
|
|
|
} else
|
|
|
|
dcolon = 2;
|
|
|
|
}
|
|
|
|
if (*a == 0) {
|
2010-05-19 00:35:47 +00:00
|
|
|
if (dcolon == 0 && *(a + 1) == 0 && i == index) {
|
1999-11-22 02:45:11 +00:00
|
|
|
if (i == 0)
|
|
|
|
*cp++ = ':';
|
|
|
|
*cp++ = ':';
|
|
|
|
dcolon = 1;
|
|
|
|
} else {
|
|
|
|
*cp++ = '0';
|
|
|
|
*cp++ = ':';
|
|
|
|
}
|
|
|
|
a++;
|
|
|
|
continue;
|
|
|
|
}
|
2002-02-27 02:44:45 +00:00
|
|
|
d = (const u_char *)a;
|
2006-12-16 14:15:31 +00:00
|
|
|
/* Try to eliminate leading zeros in printout like in :0001. */
|
|
|
|
zero = 1;
|
|
|
|
*cp = digits[*d >> 4];
|
|
|
|
if (*cp != '0') {
|
|
|
|
zero = 0;
|
|
|
|
cp++;
|
|
|
|
}
|
|
|
|
*cp = digits[*d++ & 0xf];
|
|
|
|
if (zero == 0 || (*cp != '0')) {
|
|
|
|
zero = 0;
|
|
|
|
cp++;
|
|
|
|
}
|
|
|
|
*cp = digits[*d >> 4];
|
|
|
|
if (zero == 0 || (*cp != '0')) {
|
|
|
|
zero = 0;
|
|
|
|
cp++;
|
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
*cp++ = digits[*d & 0xf];
|
|
|
|
*cp++ = ':';
|
|
|
|
a++;
|
|
|
|
}
|
2006-12-12 12:17:58 +00:00
|
|
|
*--cp = '\0';
|
|
|
|
return (ip6buf);
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
int
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_localaddr(struct in6_addr *in6)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
2015-07-29 08:12:05 +00:00
|
|
|
struct rm_priotracker in6_ifa_tracker;
|
1999-11-22 02:45:11 +00:00
|
|
|
struct in6_ifaddr *ia;
|
|
|
|
|
|
|
|
if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6))
|
|
|
|
return 1;
|
|
|
|
|
2015-07-29 08:12:05 +00:00
|
|
|
IN6_IFADDR_RLOCK(&in6_ifa_tracker);
|
2018-05-18 20:13:34 +00:00
|
|
|
CK_STAILQ_FOREACH(ia, &V_in6_ifaddrhead, ia_link) {
|
1999-11-22 02:45:11 +00:00
|
|
|
if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr,
|
2003-10-07 17:46:18 +00:00
|
|
|
&ia->ia_prefixmask.sin6_addr)) {
|
2015-07-29 08:12:05 +00:00
|
|
|
IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
|
1999-11-22 02:45:11 +00:00
|
|
|
return 1;
|
2003-10-07 17:46:18 +00:00
|
|
|
}
|
|
|
|
}
|
2015-07-29 08:12:05 +00:00
|
|
|
IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
2011-08-20 16:43:47 +00:00
|
|
|
/*
|
|
|
|
* Return 1 if an internet address is for the local host and configured
|
|
|
|
* on one of its interfaces.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
in6_localip(struct in6_addr *in6)
|
|
|
|
{
|
2015-07-29 08:12:05 +00:00
|
|
|
struct rm_priotracker in6_ifa_tracker;
|
2011-08-20 16:43:47 +00:00
|
|
|
struct in6_ifaddr *ia;
|
|
|
|
|
2015-07-29 08:12:05 +00:00
|
|
|
IN6_IFADDR_RLOCK(&in6_ifa_tracker);
|
2018-05-24 23:21:23 +00:00
|
|
|
CK_LIST_FOREACH(ia, IN6ADDR_HASH(in6), ia6_hash) {
|
2011-08-20 16:43:47 +00:00
|
|
|
if (IN6_ARE_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr)) {
|
2015-07-29 08:12:05 +00:00
|
|
|
IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
|
2011-08-20 16:43:47 +00:00
|
|
|
return (1);
|
|
|
|
}
|
|
|
|
}
|
2015-07-29 08:12:05 +00:00
|
|
|
IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
|
2011-08-20 16:43:47 +00:00
|
|
|
return (0);
|
|
|
|
}
|
2015-04-17 11:57:06 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Return 1 if an internet address is configured on an interface.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
in6_ifhasaddr(struct ifnet *ifp, struct in6_addr *addr)
|
|
|
|
{
|
|
|
|
struct in6_addr in6;
|
2019-01-09 01:11:19 +00:00
|
|
|
struct epoch_tracker et;
|
2015-04-17 11:57:06 +00:00
|
|
|
struct ifaddr *ifa;
|
|
|
|
struct in6_ifaddr *ia6;
|
|
|
|
|
|
|
|
in6 = *addr;
|
2015-04-17 15:26:08 +00:00
|
|
|
if (in6_clearscope(&in6))
|
2015-04-17 11:57:06 +00:00
|
|
|
return (0);
|
|
|
|
in6_setscope(&in6, ifp, NULL);
|
|
|
|
|
2019-01-09 01:11:19 +00:00
|
|
|
NET_EPOCH_ENTER(et);
|
2018-05-18 20:13:34 +00:00
|
|
|
CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
|
2015-04-17 11:57:06 +00:00
|
|
|
if (ifa->ifa_addr->sa_family != AF_INET6)
|
|
|
|
continue;
|
|
|
|
ia6 = (struct in6_ifaddr *)ifa;
|
|
|
|
if (IN6_ARE_ADDR_EQUAL(&ia6->ia_addr.sin6_addr, &in6)) {
|
2019-01-09 01:11:19 +00:00
|
|
|
NET_EPOCH_EXIT(et);
|
2015-04-17 11:57:06 +00:00
|
|
|
return (1);
|
|
|
|
}
|
|
|
|
}
|
2019-01-09 01:11:19 +00:00
|
|
|
NET_EPOCH_EXIT(et);
|
2015-04-17 11:57:06 +00:00
|
|
|
|
|
|
|
return (0);
|
|
|
|
}
|
2011-08-20 16:43:47 +00:00
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
int
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_is_addr_deprecated(struct sockaddr_in6 *sa6)
|
2001-06-11 12:39:29 +00:00
|
|
|
{
|
2015-07-29 08:12:05 +00:00
|
|
|
struct rm_priotracker in6_ifa_tracker;
|
2001-06-11 12:39:29 +00:00
|
|
|
struct in6_ifaddr *ia;
|
|
|
|
|
2015-07-29 08:12:05 +00:00
|
|
|
IN6_IFADDR_RLOCK(&in6_ifa_tracker);
|
2018-05-24 23:21:23 +00:00
|
|
|
CK_LIST_FOREACH(ia, IN6ADDR_HASH(&sa6->sin6_addr), ia6_hash) {
|
2012-12-15 20:04:24 +00:00
|
|
|
if (IN6_ARE_ADDR_EQUAL(IA6_IN6(ia), &sa6->sin6_addr)) {
|
|
|
|
if (ia->ia6_flags & IN6_IFF_DEPRECATED) {
|
2015-07-29 08:12:05 +00:00
|
|
|
IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
|
2012-12-15 20:04:24 +00:00
|
|
|
return (1); /* true */
|
|
|
|
}
|
|
|
|
break;
|
2009-06-25 16:35:28 +00:00
|
|
|
}
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
2015-07-29 08:12:05 +00:00
|
|
|
IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
|
2001-06-11 12:39:29 +00:00
|
|
|
|
2003-10-06 14:02:09 +00:00
|
|
|
return (0); /* false */
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
/*
|
|
|
|
* return length of part which dst and src are equal
|
|
|
|
* hard coding...
|
|
|
|
*/
|
|
|
|
int
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_matchlen(struct in6_addr *src, struct in6_addr *dst)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
|
|
|
int match = 0;
|
|
|
|
u_char *s = (u_char *)src, *d = (u_char *)dst;
|
|
|
|
u_char *lim = s + 16, r;
|
|
|
|
|
|
|
|
while (s < lim)
|
|
|
|
if ((r = (*d++ ^ *s++)) != 0) {
|
|
|
|
while (r < 128) {
|
|
|
|
match++;
|
|
|
|
r <<= 1;
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
} else
|
|
|
|
match += 8;
|
|
|
|
return match;
|
|
|
|
}
|
|
|
|
|
2000-07-04 16:35:15 +00:00
|
|
|
/* XXX: to be scope conscious */
|
1999-11-22 02:45:11 +00:00
|
|
|
int
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
|
|
|
int bytelen, bitlen;
|
|
|
|
|
|
|
|
/* sanity check */
|
|
|
|
if (0 > len || len > 128) {
|
|
|
|
log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n",
|
|
|
|
len);
|
2003-10-06 14:02:09 +00:00
|
|
|
return (0);
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
bytelen = len / 8;
|
|
|
|
bitlen = len % 8;
|
|
|
|
|
|
|
|
if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen))
|
2003-10-06 14:02:09 +00:00
|
|
|
return (0);
|
2004-02-24 01:20:51 +00:00
|
|
|
if (bitlen != 0 &&
|
|
|
|
p1->s6_addr[bytelen] >> (8 - bitlen) !=
|
1999-11-22 02:45:11 +00:00
|
|
|
p2->s6_addr[bytelen] >> (8 - bitlen))
|
2003-10-06 14:02:09 +00:00
|
|
|
return (0);
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2003-10-06 14:02:09 +00:00
|
|
|
return (1);
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
void
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_prefixlen2mask(struct in6_addr *maskp, int len)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
|
|
|
u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff};
|
|
|
|
int bytelen, bitlen, i;
|
|
|
|
|
|
|
|
/* sanity check */
|
|
|
|
if (0 > len || len > 128) {
|
|
|
|
log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n",
|
|
|
|
len);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
bzero(maskp, sizeof(*maskp));
|
|
|
|
bytelen = len / 8;
|
|
|
|
bitlen = len % 8;
|
|
|
|
for (i = 0; i < bytelen; i++)
|
|
|
|
maskp->s6_addr[i] = 0xff;
|
|
|
|
if (bitlen)
|
|
|
|
maskp->s6_addr[bytelen] = maskarray[bitlen - 1];
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* return the best address out of the same scope. if no address was
|
|
|
|
* found, return the first valid address from designated IF.
|
|
|
|
*/
|
|
|
|
struct in6_ifaddr *
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
2019-01-09 01:11:19 +00:00
|
|
|
struct epoch_tracker et;
|
1999-11-22 02:45:11 +00:00
|
|
|
int dst_scope = in6_addrscope(dst), blen = -1, tlen;
|
|
|
|
struct ifaddr *ifa;
|
2016-04-15 17:30:33 +00:00
|
|
|
struct in6_ifaddr *besta = NULL;
|
2002-04-19 04:46:24 +00:00
|
|
|
struct in6_ifaddr *dep[2]; /* last-resort: deprecated */
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
dep[0] = dep[1] = NULL;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* We first look for addresses in the same scope.
|
|
|
|
* If there is one, return it.
|
|
|
|
* If two or more, return one which matches the dst longest.
|
|
|
|
* If none, return one of global addresses assigned other ifs.
|
|
|
|
*/
|
2019-01-09 01:11:19 +00:00
|
|
|
NET_EPOCH_ENTER(et);
|
2018-05-18 20:13:34 +00:00
|
|
|
CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
|
1999-11-22 02:45:11 +00:00
|
|
|
if (ifa->ifa_addr->sa_family != AF_INET6)
|
|
|
|
continue;
|
|
|
|
if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
|
|
|
|
continue; /* XXX: is there any case to allow anycast? */
|
|
|
|
if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
|
|
|
|
continue; /* don't use this interface */
|
|
|
|
if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
|
|
|
|
continue;
|
|
|
|
if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
|
Commit step 1 of the vimage project, (network stack)
virtualization work done by Marko Zec (zec@).
This is the first in a series of commits over the course
of the next few weeks.
Mark all uses of global variables to be virtualized
with a V_ prefix.
Use macros to map them back to their global names for
now, so this is a NOP change only.
We hope to have caught at least 85-90% of what is needed
so we do not invalidate a lot of outstanding patches again.
Obtained from: //depot/projects/vimage-commit2/...
Reviewed by: brooks, des, ed, mav, julian,
jamie, kris, rwatson, zec, ...
(various people I forgot, different versions)
md5 (with a bit of help)
Sponsored by: NLnet Foundation, The FreeBSD Foundation
X-MFC after: never
V_Commit_Message_Reviewed_By: more people than the patch
2008-08-17 23:27:27 +00:00
|
|
|
if (V_ip6_use_deprecated)
|
1999-11-22 02:45:11 +00:00
|
|
|
dep[0] = (struct in6_ifaddr *)ifa;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (dst_scope == in6_addrscope(IFA_IN6(ifa))) {
|
|
|
|
/*
|
|
|
|
* call in6_matchlen() as few as possible
|
|
|
|
*/
|
|
|
|
if (besta) {
|
|
|
|
if (blen == -1)
|
|
|
|
blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst);
|
|
|
|
tlen = in6_matchlen(IFA_IN6(ifa), dst);
|
|
|
|
if (tlen > blen) {
|
|
|
|
blen = tlen;
|
|
|
|
besta = (struct in6_ifaddr *)ifa;
|
|
|
|
}
|
|
|
|
} else
|
|
|
|
besta = (struct in6_ifaddr *)ifa;
|
|
|
|
}
|
|
|
|
}
|
2009-04-20 16:05:16 +00:00
|
|
|
if (besta) {
|
2009-06-23 20:19:09 +00:00
|
|
|
ifa_ref(&besta->ia_ifa);
|
2019-01-09 01:11:19 +00:00
|
|
|
NET_EPOCH_EXIT(et);
|
2003-10-06 14:02:09 +00:00
|
|
|
return (besta);
|
2009-04-20 16:05:16 +00:00
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2018-05-18 20:13:34 +00:00
|
|
|
CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
|
1999-11-22 02:45:11 +00:00
|
|
|
if (ifa->ifa_addr->sa_family != AF_INET6)
|
|
|
|
continue;
|
|
|
|
if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
|
|
|
|
continue; /* XXX: is there any case to allow anycast? */
|
|
|
|
if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
|
|
|
|
continue; /* don't use this interface */
|
|
|
|
if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
|
|
|
|
continue;
|
|
|
|
if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
|
Commit step 1 of the vimage project, (network stack)
virtualization work done by Marko Zec (zec@).
This is the first in a series of commits over the course
of the next few weeks.
Mark all uses of global variables to be virtualized
with a V_ prefix.
Use macros to map them back to their global names for
now, so this is a NOP change only.
We hope to have caught at least 85-90% of what is needed
so we do not invalidate a lot of outstanding patches again.
Obtained from: //depot/projects/vimage-commit2/...
Reviewed by: brooks, des, ed, mav, julian,
jamie, kris, rwatson, zec, ...
(various people I forgot, different versions)
md5 (with a bit of help)
Sponsored by: NLnet Foundation, The FreeBSD Foundation
X-MFC after: never
V_Commit_Message_Reviewed_By: more people than the patch
2008-08-17 23:27:27 +00:00
|
|
|
if (V_ip6_use_deprecated)
|
1999-11-22 02:45:11 +00:00
|
|
|
dep[1] = (struct in6_ifaddr *)ifa;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
2009-06-23 20:19:09 +00:00
|
|
|
if (ifa != NULL)
|
|
|
|
ifa_ref(ifa);
|
2019-01-09 01:11:19 +00:00
|
|
|
NET_EPOCH_EXIT(et);
|
1999-11-22 02:45:11 +00:00
|
|
|
return (struct in6_ifaddr *)ifa;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* use the last-resort values, that are, deprecated addresses */
|
2012-05-30 20:02:39 +00:00
|
|
|
if (dep[0]) {
|
|
|
|
ifa_ref((struct ifaddr *)dep[0]);
|
2019-01-09 01:11:19 +00:00
|
|
|
NET_EPOCH_EXIT(et);
|
1999-11-22 02:45:11 +00:00
|
|
|
return dep[0];
|
2012-05-30 20:02:39 +00:00
|
|
|
}
|
|
|
|
if (dep[1]) {
|
|
|
|
ifa_ref((struct ifaddr *)dep[1]);
|
2019-01-09 01:11:19 +00:00
|
|
|
NET_EPOCH_EXIT(et);
|
1999-11-22 02:45:11 +00:00
|
|
|
return dep[1];
|
2012-05-30 20:02:39 +00:00
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2019-01-09 01:11:19 +00:00
|
|
|
NET_EPOCH_EXIT(et);
|
1999-11-22 02:45:11 +00:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* perform DAD when interface becomes IFF_UP.
|
|
|
|
*/
|
|
|
|
void
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_if_up(struct ifnet *ifp)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
2019-01-09 01:11:19 +00:00
|
|
|
struct epoch_tracker et;
|
1999-11-22 02:45:11 +00:00
|
|
|
struct ifaddr *ifa;
|
|
|
|
struct in6_ifaddr *ia;
|
|
|
|
|
2019-01-09 01:11:19 +00:00
|
|
|
NET_EPOCH_ENTER(et);
|
2018-05-18 20:13:34 +00:00
|
|
|
CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
|
1999-11-22 02:45:11 +00:00
|
|
|
if (ifa->ifa_addr->sa_family != AF_INET6)
|
|
|
|
continue;
|
|
|
|
ia = (struct in6_ifaddr *)ifa;
|
2005-10-21 16:23:01 +00:00
|
|
|
if (ia->ia6_flags & IN6_IFF_TENTATIVE) {
|
|
|
|
/*
|
|
|
|
* The TENTATIVE flag was likely set by hand
|
|
|
|
* beforehand, implicitly indicating the need for DAD.
|
|
|
|
* We may be able to skip the random delay in this
|
|
|
|
* case, but we impose delays just in case.
|
|
|
|
*/
|
|
|
|
nd6_dad_start(ifa,
|
|
|
|
arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz));
|
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
2019-01-09 01:11:19 +00:00
|
|
|
NET_EPOCH_EXIT(et);
|
2005-10-21 16:23:01 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* special cases, like 6to4, are handled in in6_ifattach
|
|
|
|
*/
|
|
|
|
in6_ifattach(ifp, NULL);
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
int
|
2007-07-05 16:23:49 +00:00
|
|
|
in6if_do_dad(struct ifnet *ifp)
|
2001-06-11 12:39:29 +00:00
|
|
|
{
|
2019-03-30 18:00:44 +00:00
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
if ((ifp->if_flags & IFF_LOOPBACK) != 0)
|
2003-10-06 14:02:09 +00:00
|
|
|
return (0);
|
2019-03-30 18:00:44 +00:00
|
|
|
if ((ifp->if_flags & IFF_MULTICAST) == 0)
|
|
|
|
return (0);
|
|
|
|
if ((ND_IFINFO(ifp)->flags &
|
|
|
|
(ND6_IFF_IFDISABLED | ND6_IFF_NO_DAD)) != 0)
|
2009-09-12 22:08:20 +00:00
|
|
|
return (0);
|
2014-11-09 21:33:01 +00:00
|
|
|
return (1);
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
/*
|
|
|
|
* Calculate max IPv6 MTU through all the interfaces and store it
|
|
|
|
* to in6_maxmtu.
|
|
|
|
*/
|
|
|
|
void
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_setmaxmtu(void)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
2019-01-09 01:11:19 +00:00
|
|
|
struct epoch_tracker et;
|
1999-11-22 02:45:11 +00:00
|
|
|
unsigned long maxmtu = 0;
|
|
|
|
struct ifnet *ifp;
|
|
|
|
|
2019-01-09 01:11:19 +00:00
|
|
|
NET_EPOCH_ENTER(et);
|
2018-05-23 21:02:14 +00:00
|
|
|
CK_STAILQ_FOREACH(ifp, &V_ifnet, if_link) {
|
2003-10-20 15:27:48 +00:00
|
|
|
/* this function can be called during ifnet initialization */
|
|
|
|
if (!ifp->if_afdata[AF_INET6])
|
|
|
|
continue;
|
1999-11-22 02:45:11 +00:00
|
|
|
if ((ifp->if_flags & IFF_LOOPBACK) == 0 &&
|
2003-10-20 15:27:48 +00:00
|
|
|
IN6_LINKMTU(ifp) > maxmtu)
|
|
|
|
maxmtu = IN6_LINKMTU(ifp);
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
2019-01-09 01:11:19 +00:00
|
|
|
NET_EPOCH_EXIT(et);
|
2012-07-31 11:31:12 +00:00
|
|
|
if (maxmtu) /* update only when maxmtu is positive */
|
Commit step 1 of the vimage project, (network stack)
virtualization work done by Marko Zec (zec@).
This is the first in a series of commits over the course
of the next few weeks.
Mark all uses of global variables to be virtualized
with a V_ prefix.
Use macros to map them back to their global names for
now, so this is a NOP change only.
We hope to have caught at least 85-90% of what is needed
so we do not invalidate a lot of outstanding patches again.
Obtained from: //depot/projects/vimage-commit2/...
Reviewed by: brooks, des, ed, mav, julian,
jamie, kris, rwatson, zec, ...
(various people I forgot, different versions)
md5 (with a bit of help)
Sponsored by: NLnet Foundation, The FreeBSD Foundation
X-MFC after: never
V_Commit_Message_Reviewed_By: more people than the patch
2008-08-17 23:27:27 +00:00
|
|
|
V_in6_maxmtu = maxmtu;
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
2005-10-21 16:23:01 +00:00
|
|
|
/*
|
|
|
|
* Provide the length of interface identifiers to be used for the link attached
|
|
|
|
* to the given interface. The length should be defined in "IPv6 over
|
|
|
|
* xxx-link" document. Note that address architecture might also define
|
|
|
|
* the length for a particular set of address prefixes, regardless of the
|
|
|
|
* link type. As clarified in rfc2462bis, those two definitions should be
|
|
|
|
* consistent, and those really are as of August 2004.
|
|
|
|
*/
|
|
|
|
int
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_if2idlen(struct ifnet *ifp)
|
2005-10-21 16:23:01 +00:00
|
|
|
{
|
|
|
|
switch (ifp->if_type) {
|
|
|
|
case IFT_ETHER: /* RFC2464 */
|
|
|
|
case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */
|
|
|
|
case IFT_L2VLAN: /* ditto */
|
2015-12-28 18:29:47 +00:00
|
|
|
case IFT_BRIDGE: /* bridge(4) only does Ethernet-like links */
|
2011-03-21 09:40:01 +00:00
|
|
|
case IFT_INFINIBAND:
|
2005-10-21 16:23:01 +00:00
|
|
|
return (64);
|
|
|
|
case IFT_PPP: /* RFC2472 */
|
|
|
|
return (64);
|
|
|
|
case IFT_FRELAY: /* RFC2590 */
|
|
|
|
return (64);
|
|
|
|
case IFT_IEEE1394: /* RFC3146 */
|
|
|
|
return (64);
|
|
|
|
case IFT_GIF:
|
|
|
|
return (64); /* draft-ietf-v6ops-mech-v2-07 */
|
|
|
|
case IFT_LOOP:
|
|
|
|
return (64); /* XXX: is this really correct? */
|
|
|
|
default:
|
|
|
|
/*
|
|
|
|
* Unknown link type:
|
|
|
|
* It might be controversial to use the today's common constant
|
|
|
|
* of 64 for these cases unconditionally. For full compliance,
|
|
|
|
* we should return an error in this case. On the other hand,
|
|
|
|
* if we simply miss the standard for the link type or a new
|
|
|
|
* standard is defined for a new link type, the IFID length
|
|
|
|
* is very likely to be the common constant. As a compromise,
|
|
|
|
* we always use the constant, but make an explicit notice
|
|
|
|
* indicating the "unknown" case.
|
|
|
|
*/
|
|
|
|
printf("in6_if2idlen: unknown link type (%d)\n", ifp->if_type);
|
|
|
|
return (64);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
#include <sys/sysctl.h>
|
|
|
|
|
|
|
|
struct in6_llentry {
|
|
|
|
struct llentry base;
|
|
|
|
};
|
|
|
|
|
2015-08-10 12:03:59 +00:00
|
|
|
#define IN6_LLTBL_DEFAULT_HSIZE 32
|
|
|
|
#define IN6_LLTBL_HASH(k, h) \
|
|
|
|
(((((((k >> 8) ^ k) >> 8) ^ k) >> 8) ^ k) & ((h) - 1))
|
|
|
|
|
2012-02-23 18:21:37 +00:00
|
|
|
/*
|
2015-08-10 12:03:59 +00:00
|
|
|
* Do actual deallocation of @lle.
|
2016-04-26 23:13:48 +00:00
|
|
|
*/
|
|
|
|
static void
|
2018-05-23 21:02:14 +00:00
|
|
|
in6_lltable_destroy_lle_unlocked(epoch_context_t ctx)
|
2016-04-26 23:13:48 +00:00
|
|
|
{
|
2018-05-23 21:02:14 +00:00
|
|
|
struct llentry *lle;
|
2016-04-26 23:13:48 +00:00
|
|
|
|
2018-05-23 21:02:14 +00:00
|
|
|
lle = __containerof(ctx, struct llentry, lle_epoch_ctx);
|
2016-04-26 23:13:48 +00:00
|
|
|
LLE_LOCK_DESTROY(lle);
|
|
|
|
LLE_REQ_DESTROY(lle);
|
|
|
|
free(lle, M_LLTABLE);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2015-08-10 12:03:59 +00:00
|
|
|
* Called by LLE_FREE_LOCKED when number of references
|
|
|
|
* drops to zero.
|
2012-02-23 18:21:37 +00:00
|
|
|
*/
|
|
|
|
static void
|
2015-08-10 12:03:59 +00:00
|
|
|
in6_lltable_destroy_lle(struct llentry *lle)
|
2012-02-23 18:21:37 +00:00
|
|
|
{
|
2015-08-10 12:03:59 +00:00
|
|
|
|
2012-02-23 18:21:37 +00:00
|
|
|
LLE_WUNLOCK(lle);
|
2018-05-23 21:02:14 +00:00
|
|
|
epoch_call(net_epoch_preempt, &lle->lle_epoch_ctx, in6_lltable_destroy_lle_unlocked);
|
2012-02-23 18:21:37 +00:00
|
|
|
}
|
|
|
|
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
static struct llentry *
|
2015-08-11 09:26:11 +00:00
|
|
|
in6_lltable_new(const struct in6_addr *addr6, u_int flags)
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
{
|
|
|
|
struct in6_llentry *lle;
|
|
|
|
|
2012-07-31 11:31:12 +00:00
|
|
|
lle = malloc(sizeof(struct in6_llentry), M_LLTABLE, M_NOWAIT | M_ZERO);
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
if (lle == NULL) /* NB: caller generates msg */
|
|
|
|
return NULL;
|
|
|
|
|
2015-08-11 09:26:11 +00:00
|
|
|
lle->base.r_l3addr.addr6 = *addr6;
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
lle->base.lle_refcnt = 1;
|
2015-08-10 12:03:59 +00:00
|
|
|
lle->base.lle_free = in6_lltable_destroy_lle;
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
LLE_LOCK_INIT(&lle->base);
|
2015-12-13 07:39:49 +00:00
|
|
|
LLE_REQ_INIT(&lle->base);
|
2015-08-11 12:38:54 +00:00
|
|
|
callout_init(&lle->base.lle_timer, 1);
|
2010-11-29 00:04:08 +00:00
|
|
|
|
2012-07-31 11:31:12 +00:00
|
|
|
return (&lle->base);
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
}
|
|
|
|
|
2015-08-10 12:03:59 +00:00
|
|
|
static int
|
2015-09-14 16:48:19 +00:00
|
|
|
in6_lltable_match_prefix(const struct sockaddr *saddr,
|
|
|
|
const struct sockaddr *smask, u_int flags, struct llentry *lle)
|
2009-05-20 21:07:15 +00:00
|
|
|
{
|
2015-09-14 16:48:19 +00:00
|
|
|
const struct in6_addr *addr, *mask, *lle_addr;
|
|
|
|
|
|
|
|
addr = &((const struct sockaddr_in6 *)saddr)->sin6_addr;
|
|
|
|
mask = &((const struct sockaddr_in6 *)smask)->sin6_addr;
|
|
|
|
lle_addr = &lle->r_l3addr.addr6;
|
|
|
|
|
|
|
|
if (IN6_ARE_MASKED_ADDR_EQUAL(lle_addr, addr, mask) == 0)
|
|
|
|
return (0);
|
|
|
|
|
|
|
|
if (lle->la_flags & LLE_IFADDR) {
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Delete LLE_IFADDR records IFF address & flag matches.
|
|
|
|
* Note that addr is the interface address within prefix
|
|
|
|
* being matched.
|
|
|
|
*/
|
|
|
|
if (IN6_ARE_ADDR_EQUAL(addr, lle_addr) &&
|
|
|
|
(flags & LLE_STATIC) != 0)
|
|
|
|
return (1);
|
|
|
|
return (0);
|
|
|
|
}
|
2009-05-20 21:07:15 +00:00
|
|
|
|
2015-09-14 16:48:19 +00:00
|
|
|
/* flags & LLE_STATIC means deleting both dynamic and static entries */
|
|
|
|
if ((flags & LLE_STATIC) || !(lle->la_flags & LLE_STATIC))
|
2015-08-10 12:03:59 +00:00
|
|
|
return (1);
|
|
|
|
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
in6_lltable_free_entry(struct lltable *llt, struct llentry *lle)
|
|
|
|
{
|
|
|
|
struct ifnet *ifp;
|
|
|
|
|
|
|
|
LLE_WLOCK_ASSERT(lle);
|
|
|
|
KASSERT(llt != NULL, ("lltable is NULL"));
|
|
|
|
|
|
|
|
/* Unlink entry from table */
|
|
|
|
if ((lle->la_flags & LLE_LINKED) != 0) {
|
|
|
|
|
|
|
|
ifp = llt->llt_ifp;
|
|
|
|
IF_AFDATA_WLOCK_ASSERT(ifp);
|
|
|
|
lltable_unlink_entry(llt, lle);
|
2009-05-20 21:07:15 +00:00
|
|
|
}
|
2015-08-10 12:03:59 +00:00
|
|
|
|
|
|
|
llentry_free(lle);
|
2009-05-20 21:07:15 +00:00
|
|
|
}
|
|
|
|
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
static int
|
2012-07-31 11:31:12 +00:00
|
|
|
in6_lltable_rtcheck(struct ifnet *ifp,
|
|
|
|
u_int flags,
|
2009-12-30 21:35:34 +00:00
|
|
|
const struct sockaddr *l3addr)
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
{
|
2015-12-09 11:14:27 +00:00
|
|
|
const struct sockaddr_in6 *sin6;
|
|
|
|
struct nhop6_basic nh6;
|
|
|
|
struct in6_addr dst;
|
|
|
|
uint32_t scopeid;
|
|
|
|
int error;
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
char ip6buf[INET6_ADDRSTRLEN];
|
Constrain IPv6 routes to single FIBs when net.add_addr_allfibs=0
sys/netinet6/icmp6.c
Use the interface's FIB for source address selection in ICMPv6 error
responses.
sys/netinet6/in6.c
In in6_newaddrmsg, announce arrival of local addresses on the
interface's FIB only. In in6_lltable_rtcheck, use a per-fib ND6
cache instead of a single cache.
sys/netinet6/in6_src.c
In in6_selectsrc, use the caller's fib instead of the default fib.
In in6_selectsrc_socket, remove a superfluous check.
sys/netinet6/nd6.c
In nd6_lle_event, use the interface's fib for routing socket
messages. In nd6_is_new_addr_neighbor, check all FIBs when trying
to determine whether an address is a neighbor. Also, simplify the
code for point to point interfaces.
sys/netinet6/nd6.h
sys/netinet6/nd6.c
sys/netinet6/nd6_rtr.c
Make defrouter_select fib-aware, and make all of its callers pass in
the interface fib.
sys/netinet6/nd6_nbr.c
When inputting a Neighbor Solicitation packet, consider the
interface fib instead of the default fib for DAD. Output NS and
Neighbor Advertisement packets on the correct fib.
sys/netinet6/nd6_rtr.c
Allow installing the same host route on different interfaces in
different FIBs. If rt_add_addr_allfibs=0, only install or delete
the prefix route on the interface fib.
tests/sys/netinet/fibs_test.sh
Clear some expected failures, but add a skip for the newly revealed
BUG217871.
PR: 196361
Submitted by: Erick Turnquist <jhujhiti@adjectivism.org>
Reported by: Jason Healy <jhealy@logn.net>
Reviewed by: asomers
MFC after: 3 weeks
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D9451
2017-03-17 16:50:37 +00:00
|
|
|
int fibnum;
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
|
|
|
|
KASSERT(l3addr->sa_family == AF_INET6,
|
|
|
|
("sin_family %d", l3addr->sa_family));
|
|
|
|
|
2015-12-09 11:14:27 +00:00
|
|
|
sin6 = (const struct sockaddr_in6 *)l3addr;
|
|
|
|
in6_splitscope(&sin6->sin6_addr, &dst, &scopeid);
|
Constrain IPv6 routes to single FIBs when net.add_addr_allfibs=0
sys/netinet6/icmp6.c
Use the interface's FIB for source address selection in ICMPv6 error
responses.
sys/netinet6/in6.c
In in6_newaddrmsg, announce arrival of local addresses on the
interface's FIB only. In in6_lltable_rtcheck, use a per-fib ND6
cache instead of a single cache.
sys/netinet6/in6_src.c
In in6_selectsrc, use the caller's fib instead of the default fib.
In in6_selectsrc_socket, remove a superfluous check.
sys/netinet6/nd6.c
In nd6_lle_event, use the interface's fib for routing socket
messages. In nd6_is_new_addr_neighbor, check all FIBs when trying
to determine whether an address is a neighbor. Also, simplify the
code for point to point interfaces.
sys/netinet6/nd6.h
sys/netinet6/nd6.c
sys/netinet6/nd6_rtr.c
Make defrouter_select fib-aware, and make all of its callers pass in
the interface fib.
sys/netinet6/nd6_nbr.c
When inputting a Neighbor Solicitation packet, consider the
interface fib instead of the default fib for DAD. Output NS and
Neighbor Advertisement packets on the correct fib.
sys/netinet6/nd6_rtr.c
Allow installing the same host route on different interfaces in
different FIBs. If rt_add_addr_allfibs=0, only install or delete
the prefix route on the interface fib.
tests/sys/netinet/fibs_test.sh
Clear some expected failures, but add a skip for the newly revealed
BUG217871.
PR: 196361
Submitted by: Erick Turnquist <jhujhiti@adjectivism.org>
Reported by: Jason Healy <jhealy@logn.net>
Reviewed by: asomers
MFC after: 3 weeks
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D9451
2017-03-17 16:50:37 +00:00
|
|
|
fibnum = V_rt_add_addr_allfibs ? RT_DEFAULT_FIB : ifp->if_fib;
|
|
|
|
error = fib6_lookup_nh_basic(fibnum, &dst, scopeid, 0, 0, &nh6);
|
2015-12-09 11:14:27 +00:00
|
|
|
if (error != 0 || (nh6.nh_flags & NHF_GATEWAY) || nh6.nh_ifp != ifp) {
|
2019-01-09 01:11:19 +00:00
|
|
|
struct epoch_tracker et;
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
struct ifaddr *ifa;
|
2012-07-31 11:31:12 +00:00
|
|
|
/*
|
|
|
|
* Create an ND6 cache for an IPv6 neighbor
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
* that is not covered by our own prefix.
|
|
|
|
*/
|
2019-01-09 01:11:19 +00:00
|
|
|
NET_EPOCH_ENTER(et);
|
2015-09-05 05:54:09 +00:00
|
|
|
ifa = ifaof_ifpforaddr(l3addr, ifp);
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
if (ifa != NULL) {
|
2019-01-09 01:11:19 +00:00
|
|
|
NET_EPOCH_EXIT(et);
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
return 0;
|
|
|
|
}
|
2019-01-09 01:11:19 +00:00
|
|
|
NET_EPOCH_EXIT(et);
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n",
|
2015-12-09 11:14:27 +00:00
|
|
|
ip6_sprintf(ip6buf, &sin6->sin6_addr));
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
return EINVAL;
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2018-03-17 17:05:48 +00:00
|
|
|
/*
|
|
|
|
* Called by the datapath to indicate that the entry was used.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
in6_lltable_mark_used(struct llentry *lle)
|
|
|
|
{
|
|
|
|
|
|
|
|
LLE_REQ_LOCK(lle);
|
|
|
|
lle->r_skip_req = 0;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Set the hit time so the callback function
|
|
|
|
* can determine the remaining time before
|
|
|
|
* transiting to the DELAY state.
|
|
|
|
*/
|
|
|
|
lle->lle_hittime = time_uptime;
|
|
|
|
LLE_REQ_UNLOCK(lle);
|
|
|
|
}
|
|
|
|
|
2015-08-10 12:03:59 +00:00
|
|
|
static inline uint32_t
|
|
|
|
in6_lltable_hash_dst(const struct in6_addr *dst, uint32_t hsize)
|
|
|
|
{
|
|
|
|
|
|
|
|
return (IN6_LLTBL_HASH(dst->s6_addr32[3], hsize));
|
|
|
|
}
|
|
|
|
|
|
|
|
static uint32_t
|
|
|
|
in6_lltable_hash(const struct llentry *lle, uint32_t hsize)
|
|
|
|
{
|
|
|
|
|
2015-08-11 09:26:11 +00:00
|
|
|
return (in6_lltable_hash_dst(&lle->r_l3addr.addr6, hsize));
|
2015-08-10 12:03:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
in6_lltable_fill_sa_entry(const struct llentry *lle, struct sockaddr *sa)
|
|
|
|
{
|
|
|
|
struct sockaddr_in6 *sin6;
|
|
|
|
|
|
|
|
sin6 = (struct sockaddr_in6 *)sa;
|
|
|
|
bzero(sin6, sizeof(*sin6));
|
|
|
|
sin6->sin6_family = AF_INET6;
|
|
|
|
sin6->sin6_len = sizeof(*sin6);
|
2015-08-11 09:26:11 +00:00
|
|
|
sin6->sin6_addr = lle->r_l3addr.addr6;
|
2015-08-10 12:03:59 +00:00
|
|
|
}
|
|
|
|
|
2015-08-08 17:48:54 +00:00
|
|
|
static inline struct llentry *
|
|
|
|
in6_lltable_find_dst(struct lltable *llt, const struct in6_addr *dst)
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
{
|
|
|
|
struct llentry *lle;
|
|
|
|
struct llentries *lleh;
|
2015-08-10 12:03:59 +00:00
|
|
|
u_int hashidx;
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
|
2015-08-11 05:51:00 +00:00
|
|
|
hashidx = in6_lltable_hash_dst(dst, llt->llt_hsize);
|
2015-08-10 12:03:59 +00:00
|
|
|
lleh = &llt->lle_head[hashidx];
|
2018-05-23 21:02:14 +00:00
|
|
|
CK_LIST_FOREACH(lle, lleh, lle_next) {
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
if (lle->la_flags & LLE_DELETED)
|
|
|
|
continue;
|
2015-08-11 09:26:11 +00:00
|
|
|
if (IN6_ARE_ADDR_EQUAL(&lle->r_l3addr.addr6, dst))
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
2015-08-08 17:48:54 +00:00
|
|
|
return (lle);
|
|
|
|
}
|
|
|
|
|
2015-09-14 16:48:19 +00:00
|
|
|
static void
|
|
|
|
in6_lltable_delete_entry(struct lltable *llt, struct llentry *lle)
|
2015-08-08 17:48:54 +00:00
|
|
|
{
|
|
|
|
|
2015-09-14 16:48:19 +00:00
|
|
|
lle->la_flags |= LLE_DELETED;
|
|
|
|
EVENTHANDLER_INVOKE(lle_event, lle, LLENTRY_DELETED);
|
2009-10-23 18:27:34 +00:00
|
|
|
#ifdef DIAGNOSTIC
|
2015-09-14 16:48:19 +00:00
|
|
|
log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle);
|
2012-08-01 09:00:26 +00:00
|
|
|
#endif
|
2015-09-14 16:48:19 +00:00
|
|
|
llentry_free(lle);
|
2015-08-08 17:48:54 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
static struct llentry *
|
2015-08-20 12:05:17 +00:00
|
|
|
in6_lltable_alloc(struct lltable *llt, u_int flags,
|
2015-08-08 17:48:54 +00:00
|
|
|
const struct sockaddr *l3addr)
|
|
|
|
{
|
|
|
|
const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr;
|
|
|
|
struct ifnet *ifp = llt->llt_ifp;
|
|
|
|
struct llentry *lle;
|
2015-12-31 05:03:27 +00:00
|
|
|
char linkhdr[LLE_MAX_LINKHDR];
|
|
|
|
size_t linkhdrsize;
|
|
|
|
int lladdr_off;
|
2015-08-08 17:48:54 +00:00
|
|
|
|
|
|
|
KASSERT(l3addr->sa_family == AF_INET6,
|
|
|
|
("sin_family %d", l3addr->sa_family));
|
|
|
|
|
|
|
|
/*
|
|
|
|
* A route that covers the given address must have
|
|
|
|
* been installed 1st because we are doing a resolution,
|
|
|
|
* verify this.
|
|
|
|
*/
|
|
|
|
if (!(flags & LLE_IFADDR) &&
|
|
|
|
in6_lltable_rtcheck(ifp, flags, l3addr) != 0)
|
|
|
|
return (NULL);
|
|
|
|
|
2015-08-11 09:26:11 +00:00
|
|
|
lle = in6_lltable_new(&sin6->sin6_addr, flags);
|
2015-08-08 17:48:54 +00:00
|
|
|
if (lle == NULL) {
|
|
|
|
log(LOG_INFO, "lla_lookup: new lle malloc failed\n");
|
|
|
|
return (NULL);
|
|
|
|
}
|
|
|
|
lle->la_flags = flags;
|
|
|
|
if ((flags & LLE_IFADDR) == LLE_IFADDR) {
|
2015-12-31 05:03:27 +00:00
|
|
|
linkhdrsize = LLE_MAX_LINKHDR;
|
|
|
|
if (lltable_calc_llheader(ifp, AF_INET6, IF_LLADDR(ifp),
|
2016-04-26 23:13:48 +00:00
|
|
|
linkhdr, &linkhdrsize, &lladdr_off) != 0) {
|
2018-05-23 21:02:14 +00:00
|
|
|
epoch_call(net_epoch_preempt, &lle->lle_epoch_ctx, in6_lltable_destroy_lle_unlocked);
|
2015-12-31 05:03:27 +00:00
|
|
|
return (NULL);
|
2016-04-26 23:13:48 +00:00
|
|
|
}
|
2015-12-31 05:03:27 +00:00
|
|
|
lltable_set_entry_addr(ifp, lle, linkhdr, linkhdrsize,
|
|
|
|
lladdr_off);
|
2015-11-07 11:12:00 +00:00
|
|
|
lle->la_flags |= LLE_STATIC;
|
2015-08-08 17:48:54 +00:00
|
|
|
}
|
|
|
|
|
2015-08-31 05:03:36 +00:00
|
|
|
if ((lle->la_flags & LLE_STATIC) != 0)
|
|
|
|
lle->ln_state = ND6_LLINFO_REACHABLE;
|
|
|
|
|
2015-08-08 17:48:54 +00:00
|
|
|
return (lle);
|
|
|
|
}
|
|
|
|
|
|
|
|
static struct llentry *
|
|
|
|
in6_lltable_lookup(struct lltable *llt, u_int flags,
|
|
|
|
const struct sockaddr *l3addr)
|
|
|
|
{
|
|
|
|
const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr;
|
|
|
|
struct llentry *lle;
|
|
|
|
|
2015-08-08 21:41:59 +00:00
|
|
|
IF_AFDATA_LOCK_ASSERT(llt->llt_ifp);
|
2015-08-08 17:48:54 +00:00
|
|
|
KASSERT(l3addr->sa_family == AF_INET6,
|
|
|
|
("sin_family %d", l3addr->sa_family));
|
2019-01-23 22:19:49 +00:00
|
|
|
KASSERT((flags & (LLE_UNLOCKED | LLE_EXCLUSIVE)) !=
|
|
|
|
(LLE_UNLOCKED | LLE_EXCLUSIVE),
|
|
|
|
("wrong lle request flags: %#x", flags));
|
2015-08-08 17:48:54 +00:00
|
|
|
|
|
|
|
lle = in6_lltable_find_dst(llt, &sin6->sin6_addr);
|
|
|
|
if (lle == NULL)
|
|
|
|
return (NULL);
|
2015-12-13 07:39:49 +00:00
|
|
|
if (flags & LLE_UNLOCKED)
|
|
|
|
return (lle);
|
|
|
|
|
2015-08-08 17:48:54 +00:00
|
|
|
if (flags & LLE_EXCLUSIVE)
|
|
|
|
LLE_WLOCK(lle);
|
|
|
|
else
|
|
|
|
LLE_RLOCK(lle);
|
2019-01-23 22:18:23 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If the afdata lock is not held, the LLE may have been unlinked while
|
|
|
|
* we were blocked on the LLE lock. Check for this case.
|
|
|
|
*/
|
|
|
|
if (__predict_false((lle->la_flags & LLE_LINKED) == 0)) {
|
|
|
|
if (flags & LLE_EXCLUSIVE)
|
|
|
|
LLE_WUNLOCK(lle);
|
|
|
|
else
|
|
|
|
LLE_RUNLOCK(lle);
|
|
|
|
return (NULL);
|
|
|
|
}
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
return (lle);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
2015-08-10 12:03:59 +00:00
|
|
|
in6_lltable_dump_entry(struct lltable *llt, struct llentry *lle,
|
|
|
|
struct sysctl_req *wr)
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
{
|
|
|
|
struct ifnet *ifp = llt->llt_ifp;
|
|
|
|
/* XXX stack use */
|
|
|
|
struct {
|
|
|
|
struct rt_msghdr rtm;
|
|
|
|
struct sockaddr_in6 sin6;
|
|
|
|
/*
|
|
|
|
* ndp.c assumes that sdl is word aligned
|
|
|
|
*/
|
|
|
|
#ifdef __LP64__
|
|
|
|
uint32_t pad;
|
|
|
|
#endif
|
|
|
|
struct sockaddr_dl sdl;
|
|
|
|
} ndpc;
|
2015-08-10 12:03:59 +00:00
|
|
|
struct sockaddr_dl *sdl;
|
|
|
|
int error;
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
|
2015-08-10 12:03:59 +00:00
|
|
|
bzero(&ndpc, sizeof(ndpc));
|
2018-05-15 17:57:46 +00:00
|
|
|
/* skip deleted entries */
|
|
|
|
if ((lle->la_flags & LLE_DELETED) == LLE_DELETED)
|
|
|
|
return (0);
|
|
|
|
/* Skip if jailed and not a valid IP of the prison. */
|
2018-05-15 17:59:46 +00:00
|
|
|
lltable_fill_sa_entry(lle, (struct sockaddr *)&ndpc.sin6);
|
|
|
|
if (prison_if(wr->td->td_ucred, (struct sockaddr *)&ndpc.sin6) != 0)
|
2018-05-15 17:57:46 +00:00
|
|
|
return (0);
|
|
|
|
/*
|
|
|
|
* produce a msg made of:
|
|
|
|
* struct rt_msghdr;
|
|
|
|
* struct sockaddr_in6 (IPv6)
|
|
|
|
* struct sockaddr_dl;
|
|
|
|
*/
|
|
|
|
ndpc.rtm.rtm_msglen = sizeof(ndpc);
|
|
|
|
ndpc.rtm.rtm_version = RTM_VERSION;
|
|
|
|
ndpc.rtm.rtm_type = RTM_GET;
|
|
|
|
ndpc.rtm.rtm_flags = RTF_UP;
|
|
|
|
ndpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY;
|
|
|
|
if (V_deembed_scopeid)
|
|
|
|
sa6_recoverscope(&ndpc.sin6);
|
|
|
|
|
|
|
|
/* publish */
|
|
|
|
if (lle->la_flags & LLE_PUB)
|
|
|
|
ndpc.rtm.rtm_flags |= RTF_ANNOUNCE;
|
|
|
|
|
|
|
|
sdl = &ndpc.sdl;
|
|
|
|
sdl->sdl_family = AF_LINK;
|
|
|
|
sdl->sdl_len = sizeof(*sdl);
|
|
|
|
sdl->sdl_index = ifp->if_index;
|
|
|
|
sdl->sdl_type = ifp->if_type;
|
|
|
|
if ((lle->la_flags & LLE_VALID) == LLE_VALID) {
|
|
|
|
sdl->sdl_alen = ifp->if_addrlen;
|
2018-05-15 17:59:46 +00:00
|
|
|
bcopy(lle->ll_addr, LLADDR(sdl), ifp->if_addrlen);
|
2018-05-15 17:57:46 +00:00
|
|
|
} else {
|
|
|
|
sdl->sdl_alen = 0;
|
|
|
|
bzero(LLADDR(sdl), ifp->if_addrlen);
|
|
|
|
}
|
|
|
|
if (lle->la_expire != 0)
|
|
|
|
ndpc.rtm.rtm_rmx.rmx_expire = lle->la_expire +
|
2018-05-15 17:59:46 +00:00
|
|
|
lle->lle_remtime / hz + time_second - time_uptime;
|
2018-05-15 17:57:46 +00:00
|
|
|
ndpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA);
|
|
|
|
if (lle->la_flags & LLE_STATIC)
|
|
|
|
ndpc.rtm.rtm_flags |= RTF_STATIC;
|
|
|
|
if (lle->la_flags & LLE_IFADDR)
|
|
|
|
ndpc.rtm.rtm_flags |= RTF_PINNED;
|
|
|
|
if (lle->ln_router != 0)
|
|
|
|
ndpc.rtm.rtm_flags |= RTF_GATEWAY;
|
|
|
|
ndpc.rtm.rtm_rmx.rmx_pksent = lle->la_asked;
|
|
|
|
/* Store state in rmx_weight value */
|
|
|
|
ndpc.rtm.rtm_rmx.rmx_state = lle->ln_state;
|
|
|
|
ndpc.rtm.rtm_index = ifp->if_index;
|
|
|
|
error = SYSCTL_OUT(wr, &ndpc, sizeof(ndpc));
|
2015-08-10 12:03:59 +00:00
|
|
|
|
|
|
|
return (error);
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
}
|
|
|
|
|
2015-08-11 05:51:00 +00:00
|
|
|
static struct lltable *
|
|
|
|
in6_lltattach(struct ifnet *ifp)
|
|
|
|
{
|
|
|
|
struct lltable *llt;
|
|
|
|
|
|
|
|
llt = lltable_allocate_htbl(IN6_LLTBL_DEFAULT_HSIZE);
|
|
|
|
llt->llt_af = AF_INET6;
|
|
|
|
llt->llt_ifp = ifp;
|
|
|
|
|
|
|
|
llt->llt_lookup = in6_lltable_lookup;
|
2015-08-20 12:05:17 +00:00
|
|
|
llt->llt_alloc_entry = in6_lltable_alloc;
|
2015-09-14 16:48:19 +00:00
|
|
|
llt->llt_delete_entry = in6_lltable_delete_entry;
|
2015-08-11 05:51:00 +00:00
|
|
|
llt->llt_dump_entry = in6_lltable_dump_entry;
|
|
|
|
llt->llt_hash = in6_lltable_hash;
|
|
|
|
llt->llt_fill_sa_entry = in6_lltable_fill_sa_entry;
|
|
|
|
llt->llt_free_entry = in6_lltable_free_entry;
|
|
|
|
llt->llt_match_prefix = in6_lltable_match_prefix;
|
2018-03-17 17:05:48 +00:00
|
|
|
llt->llt_mark_used = in6_lltable_mark_used;
|
2015-08-11 05:51:00 +00:00
|
|
|
lltable_link(llt);
|
|
|
|
|
|
|
|
return (llt);
|
|
|
|
}
|
|
|
|
|
2003-10-17 15:46:31 +00:00
|
|
|
void *
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_domifattach(struct ifnet *ifp)
|
2003-10-17 15:46:31 +00:00
|
|
|
{
|
|
|
|
struct in6_ifextra *ext;
|
|
|
|
|
2013-07-31 16:24:49 +00:00
|
|
|
/* There are not IPv6-capable interfaces. */
|
|
|
|
switch (ifp->if_type) {
|
|
|
|
case IFT_PFLOG:
|
|
|
|
case IFT_PFSYNC:
|
|
|
|
case IFT_USB:
|
|
|
|
return (NULL);
|
|
|
|
}
|
2003-10-17 15:46:31 +00:00
|
|
|
ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK);
|
|
|
|
bzero(ext, sizeof(*ext));
|
|
|
|
|
2013-07-09 15:20:46 +00:00
|
|
|
ext->in6_ifstat = malloc(sizeof(counter_u64_t) *
|
|
|
|
sizeof(struct in6_ifstat) / sizeof(uint64_t), M_IFADDR, M_WAITOK);
|
2013-07-09 09:59:46 +00:00
|
|
|
COUNTER_ARRAY_ALLOC(ext->in6_ifstat,
|
|
|
|
sizeof(struct in6_ifstat) / sizeof(uint64_t), M_WAITOK);
|
2003-10-17 15:46:31 +00:00
|
|
|
|
2013-07-09 15:20:46 +00:00
|
|
|
ext->icmp6_ifstat = malloc(sizeof(counter_u64_t) *
|
|
|
|
sizeof(struct icmp6_ifstat) / sizeof(uint64_t), M_IFADDR,
|
2013-07-09 09:59:46 +00:00
|
|
|
M_WAITOK);
|
|
|
|
COUNTER_ARRAY_ALLOC(ext->icmp6_ifstat,
|
|
|
|
sizeof(struct icmp6_ifstat) / sizeof(uint64_t), M_WAITOK);
|
2003-10-17 15:46:31 +00:00
|
|
|
|
|
|
|
ext->nd_ifinfo = nd6_ifattach(ifp);
|
|
|
|
ext->scope6_id = scope6_ifattach(ifp);
|
2015-08-11 05:51:00 +00:00
|
|
|
ext->lltable = in6_lltattach(ifp);
|
Bite the bullet, and make the IPv6 SSM and MLDv2 mega-commit:
import from p4 bms_netdev. Summary of changes:
* Connect netinet6/in6_mcast.c to build.
The legacy KAME KPIs are mostly preserved.
* Eliminate now dead code from ip6_output.c.
Don't do mbuf bingo, we are not going to do RFC 2292 style
CMSG tricks for multicast options as they are not required
by any current IPv6 normative reference.
* Refactor transports (UDP, raw_ip6) to do own mcast filtering.
SCTP, TCP unaffected by this change.
* Add ip6_msource, in6_msource structs to in6_var.h.
* Hookup mld_ifinfo state to in6_ifextra, allocate from
domifattach path.
* Eliminate IN6_LOOKUP_MULTI(), it is no longer referenced.
Kernel consumers which need this should use in6m_lookup().
* Refactor IPv6 socket group memberships to use a vector (like IPv4).
* Update ifmcstat(8) for IPv6 SSM.
* Add witness lock order for IN6_MULTI_LOCK.
* Move IN6_MULTI_LOCK out of lower ip6_output()/ip6_input() paths.
* Introduce IP6STAT_ADD/SUB/INC/DEC as per rwatson's IPv4 cleanup.
* Update carp(4) for new IPv6 SSM KPIs.
* Virtualize ip6_mrouter socket.
Changes mostly localized to IPv6 MROUTING.
* Don't do a local group lookup in MROUTING.
* Kill unused KAME prototypes in6_purgemkludge(), in6_restoremkludge().
* Preserve KAME DAD timer jitter behaviour in MLDv1 compatibility mode.
* Bump __FreeBSD_version to 800084.
* Update UPDATING.
NOTE WELL:
* This code hasn't been tested against real MLDv2 queriers
(yet), although the on-wire protocol has been verified in Wireshark.
* There are a few unresolved issues in the socket layer APIs to
do with scope ID propagation.
* There is a LOR present in ip6_output()'s use of
in6_setscope() which needs to be resolved. See comments in mld6.c.
This is believed to be benign and can't be avoided for the moment
without re-introducing an indirect netisr.
This work was mostly derived from the IGMPv3 implementation, and
has been sponsored by a third party.
2009-04-29 19:19:13 +00:00
|
|
|
|
|
|
|
ext->mld_ifinfo = mld_domifattach(ifp);
|
|
|
|
|
2003-10-17 15:46:31 +00:00
|
|
|
return ext;
|
|
|
|
}
|
|
|
|
|
Make checks for rt_mtu generic:
Some virtual if drivers has (ab)used ifa ifa_rtrequest hook to enforce
route MTU to be not bigger that interface MTU. While ifa_rtrequest hooking
might be an option in some situation, it is not feasible to do MTU checks
there: generic (or per-domain) routing code is perfectly capable of doing
this.
We currrently have 3 places where MTU is altered:
1) route addition.
In this case domain overrides radix _addroute callback (in[6]_addroute)
and all necessary checks/fixes are/can be done there.
2) route change (especially, GW change).
In this case, there are no explicit per-domain calls, but one can
override rte by setting ifa_rtrequest hook to domain handler
(inet6 does this).
3) ifconfig ifaceX mtu YYYY
In this case, we have no callbacks, but ip[6]_output performes runtime
checks and decreases rt_mtu if necessary.
Generally, the goals are to be able to handle all MTU changes in
control plane, not in runtime part, and properly deal with increased
interface MTU.
This commit changes the following:
* removes hooks setting MTU from drivers side
* adds proper per-doman MTU checks for case 1)
* adds generic MTU check for case 2)
* The latter is done by using new dom_ifmtu callback since
if_mtu denotes L3 interface MTU, e.g. maximum trasmitted _packet_ size.
However, IPv6 mtu might be different from if_mtu one (e.g. default 1280)
for some cases, so we need an abstract way to know maximum MTU size
for given interface and domain.
* moves rt_setmetrics() before MTU/ifa_rtrequest hooks since it copies
user-supplied data which must be checked.
* removes RT_LOCK_ASSERT() from other ifa_rtrequest hooks to be able to
use this functions on new non-inserted rte.
More changes will follow soon.
MFC after: 1 month
Sponsored by: Yandex LLC
2014-11-06 13:13:09 +00:00
|
|
|
int
|
|
|
|
in6_domifmtu(struct ifnet *ifp)
|
|
|
|
{
|
2015-12-14 19:44:49 +00:00
|
|
|
if (ifp->if_afdata[AF_INET6] == NULL)
|
|
|
|
return ifp->if_mtu;
|
Make checks for rt_mtu generic:
Some virtual if drivers has (ab)used ifa ifa_rtrequest hook to enforce
route MTU to be not bigger that interface MTU. While ifa_rtrequest hooking
might be an option in some situation, it is not feasible to do MTU checks
there: generic (or per-domain) routing code is perfectly capable of doing
this.
We currrently have 3 places where MTU is altered:
1) route addition.
In this case domain overrides radix _addroute callback (in[6]_addroute)
and all necessary checks/fixes are/can be done there.
2) route change (especially, GW change).
In this case, there are no explicit per-domain calls, but one can
override rte by setting ifa_rtrequest hook to domain handler
(inet6 does this).
3) ifconfig ifaceX mtu YYYY
In this case, we have no callbacks, but ip[6]_output performes runtime
checks and decreases rt_mtu if necessary.
Generally, the goals are to be able to handle all MTU changes in
control plane, not in runtime part, and properly deal with increased
interface MTU.
This commit changes the following:
* removes hooks setting MTU from drivers side
* adds proper per-doman MTU checks for case 1)
* adds generic MTU check for case 2)
* The latter is done by using new dom_ifmtu callback since
if_mtu denotes L3 interface MTU, e.g. maximum trasmitted _packet_ size.
However, IPv6 mtu might be different from if_mtu one (e.g. default 1280)
for some cases, so we need an abstract way to know maximum MTU size
for given interface and domain.
* moves rt_setmetrics() before MTU/ifa_rtrequest hooks since it copies
user-supplied data which must be checked.
* removes RT_LOCK_ASSERT() from other ifa_rtrequest hooks to be able to
use this functions on new non-inserted rte.
More changes will follow soon.
MFC after: 1 month
Sponsored by: Yandex LLC
2014-11-06 13:13:09 +00:00
|
|
|
|
|
|
|
return (IN6_LINKMTU(ifp));
|
|
|
|
}
|
|
|
|
|
2003-10-17 15:46:31 +00:00
|
|
|
void
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_domifdetach(struct ifnet *ifp, void *aux)
|
2003-10-17 15:46:31 +00:00
|
|
|
{
|
|
|
|
struct in6_ifextra *ext = (struct in6_ifextra *)aux;
|
|
|
|
|
Bite the bullet, and make the IPv6 SSM and MLDv2 mega-commit:
import from p4 bms_netdev. Summary of changes:
* Connect netinet6/in6_mcast.c to build.
The legacy KAME KPIs are mostly preserved.
* Eliminate now dead code from ip6_output.c.
Don't do mbuf bingo, we are not going to do RFC 2292 style
CMSG tricks for multicast options as they are not required
by any current IPv6 normative reference.
* Refactor transports (UDP, raw_ip6) to do own mcast filtering.
SCTP, TCP unaffected by this change.
* Add ip6_msource, in6_msource structs to in6_var.h.
* Hookup mld_ifinfo state to in6_ifextra, allocate from
domifattach path.
* Eliminate IN6_LOOKUP_MULTI(), it is no longer referenced.
Kernel consumers which need this should use in6m_lookup().
* Refactor IPv6 socket group memberships to use a vector (like IPv4).
* Update ifmcstat(8) for IPv6 SSM.
* Add witness lock order for IN6_MULTI_LOCK.
* Move IN6_MULTI_LOCK out of lower ip6_output()/ip6_input() paths.
* Introduce IP6STAT_ADD/SUB/INC/DEC as per rwatson's IPv4 cleanup.
* Update carp(4) for new IPv6 SSM KPIs.
* Virtualize ip6_mrouter socket.
Changes mostly localized to IPv6 MROUTING.
* Don't do a local group lookup in MROUTING.
* Kill unused KAME prototypes in6_purgemkludge(), in6_restoremkludge().
* Preserve KAME DAD timer jitter behaviour in MLDv1 compatibility mode.
* Bump __FreeBSD_version to 800084.
* Update UPDATING.
NOTE WELL:
* This code hasn't been tested against real MLDv2 queriers
(yet), although the on-wire protocol has been verified in Wireshark.
* There are a few unresolved issues in the socket layer APIs to
do with scope ID propagation.
* There is a LOR present in ip6_output()'s use of
in6_setscope() which needs to be resolved. See comments in mld6.c.
This is believed to be benign and can't be avoided for the moment
without re-introducing an indirect netisr.
This work was mostly derived from the IGMPv3 implementation, and
has been sponsored by a third party.
2009-04-29 19:19:13 +00:00
|
|
|
mld_domifdetach(ifp);
|
2003-10-17 15:46:31 +00:00
|
|
|
scope6_ifdetach(ext->scope6_id);
|
Get closer to a VIMAGE network stack teardown from top to bottom rather
than removing the network interfaces first. This change is rather larger
and convoluted as the ordering requirements cannot be separated.
Move the pfil(9) framework to SI_SUB_PROTO_PFIL, move Firewalls and
related modules to their own SI_SUB_PROTO_FIREWALL.
Move initialization of "physical" interfaces to SI_SUB_DRIVERS,
move virtual (cloned) interfaces to SI_SUB_PSEUDO.
Move Multicast to SI_SUB_PROTO_MC.
Re-work parts of multicast initialisation and teardown, not taking the
huge amount of memory into account if used as a module yet.
For interface teardown we try to do as many of them as we can on
SI_SUB_INIT_IF, but for some this makes no sense, e.g., when tunnelling
over a higher layer protocol such as IP. In that case the interface
has to go along (or before) the higher layer protocol is shutdown.
Kernel hhooks need to go last on teardown as they may be used at various
higher layers and we cannot remove them before we cleaned up the higher
layers.
For interface teardown there are multiple paths:
(a) a cloned interface is destroyed (inside a VIMAGE or in the base system),
(b) any interface is moved from a virtual network stack to a different
network stack ("vmove"), or (c) a virtual network stack is being shut down.
All code paths go through if_detach_internal() where we, depending on the
vmove flag or the vnet state, make a decision on how much to shut down;
in case we are destroying a VNET the individual protocol layers will
cleanup their own parts thus we cannot do so again for each interface as
we end up with, e.g., double-frees, destroying locks twice or acquiring
already destroyed locks.
When calling into protocol cleanups we equally have to tell them
whether they need to detach upper layer protocols ("ulp") or not
(e.g., in6_ifdetach()).
Provide or enahnce helper functions to do proper cleanup at a protocol
rather than at an interface level.
Approved by: re (hrs)
Obtained from: projects/vnet
Reviewed by: gnn, jhb
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D6747
2016-06-21 13:48:49 +00:00
|
|
|
nd6_ifdetach(ifp, ext->nd_ifinfo);
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
lltable_free(ext->lltable);
|
2013-07-09 09:59:46 +00:00
|
|
|
COUNTER_ARRAY_FREE(ext->in6_ifstat,
|
|
|
|
sizeof(struct in6_ifstat) / sizeof(uint64_t));
|
2003-10-17 15:46:31 +00:00
|
|
|
free(ext->in6_ifstat, M_IFADDR);
|
2013-07-09 09:59:46 +00:00
|
|
|
COUNTER_ARRAY_FREE(ext->icmp6_ifstat,
|
|
|
|
sizeof(struct icmp6_ifstat) / sizeof(uint64_t));
|
2003-10-17 15:46:31 +00:00
|
|
|
free(ext->icmp6_ifstat, M_IFADDR);
|
|
|
|
free(ext, M_IFADDR);
|
|
|
|
}
|
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
/*
|
2002-04-19 04:46:24 +00:00
|
|
|
* Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be
|
1999-11-22 02:45:11 +00:00
|
|
|
* v4 mapped addr or v4 compat addr
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
|
|
|
|
{
|
2007-07-05 16:23:49 +00:00
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
bzero(sin, sizeof(*sin));
|
|
|
|
sin->sin_len = sizeof(struct sockaddr_in);
|
|
|
|
sin->sin_family = AF_INET;
|
|
|
|
sin->sin_port = sin6->sin6_port;
|
2003-10-07 17:46:18 +00:00
|
|
|
sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3];
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */
|
|
|
|
void
|
|
|
|
in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
|
|
|
|
{
|
|
|
|
bzero(sin6, sizeof(*sin6));
|
|
|
|
sin6->sin6_len = sizeof(struct sockaddr_in6);
|
|
|
|
sin6->sin6_family = AF_INET6;
|
|
|
|
sin6->sin6_port = sin->sin_port;
|
|
|
|
sin6->sin6_addr.s6_addr32[0] = 0;
|
|
|
|
sin6->sin6_addr.s6_addr32[1] = 0;
|
|
|
|
sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP;
|
|
|
|
sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Convert sockaddr_in6 into sockaddr_in. */
|
|
|
|
void
|
|
|
|
in6_sin6_2_sin_in_sock(struct sockaddr *nam)
|
|
|
|
{
|
|
|
|
struct sockaddr_in *sin_p;
|
|
|
|
struct sockaddr_in6 sin6;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Save original sockaddr_in6 addr and convert it
|
|
|
|
* to sockaddr_in.
|
|
|
|
*/
|
|
|
|
sin6 = *(struct sockaddr_in6 *)nam;
|
|
|
|
sin_p = (struct sockaddr_in *)nam;
|
|
|
|
in6_sin6_2_sin(sin_p, &sin6);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */
|
|
|
|
void
|
|
|
|
in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam)
|
|
|
|
{
|
|
|
|
struct sockaddr_in *sin_p;
|
|
|
|
struct sockaddr_in6 *sin6_p;
|
|
|
|
|
2012-07-31 11:31:12 +00:00
|
|
|
sin6_p = malloc(sizeof *sin6_p, M_SONAME, M_WAITOK);
|
1999-11-22 02:45:11 +00:00
|
|
|
sin_p = (struct sockaddr_in *)*nam;
|
|
|
|
in6_sin_2_v4mapsin6(sin_p, sin6_p);
|
2008-10-23 15:53:51 +00:00
|
|
|
free(*nam, M_SONAME);
|
1999-11-22 02:45:11 +00:00
|
|
|
*nam = (struct sockaddr *)sin6_p;
|
|
|
|
}
|