2005-01-07 02:30:35 +00:00
|
|
|
/*-
|
1999-11-22 02:45:11 +00:00
|
|
|
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
|
|
|
|
* All rights reserved.
|
|
|
|
*
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
* are met:
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
|
|
|
* 3. Neither the name of the project nor the names of its contributors
|
|
|
|
* may be used to endorse or promote products derived from this software
|
|
|
|
* without specific prior written permission.
|
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
|
|
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
|
|
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
* SUCH DAMAGE.
|
2007-12-10 16:03:40 +00:00
|
|
|
*
|
|
|
|
* $KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $
|
1999-11-22 02:45:11 +00:00
|
|
|
*/
|
|
|
|
|
2005-01-07 02:30:35 +00:00
|
|
|
/*-
|
1999-11-22 02:45:11 +00:00
|
|
|
* Copyright (c) 1982, 1986, 1991, 1993
|
|
|
|
* The Regents of the University of California. All rights reserved.
|
|
|
|
*
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
* are met:
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
|
|
|
* 4. Neither the name of the University nor the names of its contributors
|
|
|
|
* may be used to endorse or promote products derived from this software
|
|
|
|
* without specific prior written permission.
|
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
* SUCH DAMAGE.
|
|
|
|
*
|
|
|
|
* @(#)in.c 8.2 (Berkeley) 11/15/93
|
|
|
|
*/
|
|
|
|
|
2007-12-10 16:03:40 +00:00
|
|
|
#include <sys/cdefs.h>
|
|
|
|
__FBSDID("$FreeBSD$");
|
|
|
|
|
2000-07-04 16:35:15 +00:00
|
|
|
#include "opt_inet.h"
|
|
|
|
#include "opt_inet6.h"
|
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
#include <sys/param.h>
|
|
|
|
#include <sys/errno.h>
|
2009-01-09 13:06:56 +00:00
|
|
|
#include <sys/jail.h>
|
1999-11-22 02:45:11 +00:00
|
|
|
#include <sys/malloc.h>
|
|
|
|
#include <sys/socket.h>
|
|
|
|
#include <sys/socketvar.h>
|
|
|
|
#include <sys/sockio.h>
|
|
|
|
#include <sys/systm.h>
|
2006-11-06 13:42:10 +00:00
|
|
|
#include <sys/priv.h>
|
1999-11-22 02:45:11 +00:00
|
|
|
#include <sys/proc.h>
|
|
|
|
#include <sys/time.h>
|
|
|
|
#include <sys/kernel.h>
|
|
|
|
#include <sys/syslog.h>
|
Commit step 1 of the vimage project, (network stack)
virtualization work done by Marko Zec (zec@).
This is the first in a series of commits over the course
of the next few weeks.
Mark all uses of global variables to be virtualized
with a V_ prefix.
Use macros to map them back to their global names for
now, so this is a NOP change only.
We hope to have caught at least 85-90% of what is needed
so we do not invalidate a lot of outstanding patches again.
Obtained from: //depot/projects/vimage-commit2/...
Reviewed by: brooks, des, ed, mav, julian,
jamie, kris, rwatson, zec, ...
(various people I forgot, different versions)
md5 (with a bit of help)
Sponsored by: NLnet Foundation, The FreeBSD Foundation
X-MFC after: never
V_Commit_Message_Reviewed_By: more people than the patch
2008-08-17 23:27:27 +00:00
|
|
|
#include <sys/vimage.h>
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
#include <net/if.h>
|
|
|
|
#include <net/if_types.h>
|
|
|
|
#include <net/route.h>
|
|
|
|
#include <net/if_dl.h>
|
2008-12-02 21:37:28 +00:00
|
|
|
#include <net/vnet.h>
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
#include <netinet/in.h>
|
|
|
|
#include <netinet/in_var.h>
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
#include <net/if_llatbl.h>
|
1999-11-22 02:45:11 +00:00
|
|
|
#include <netinet/if_ether.h>
|
2001-06-11 12:39:29 +00:00
|
|
|
#include <netinet/in_systm.h>
|
|
|
|
#include <netinet/ip.h>
|
|
|
|
#include <netinet/in_pcb.h>
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2000-07-04 16:35:15 +00:00
|
|
|
#include <netinet/ip6.h>
|
1999-11-22 02:45:11 +00:00
|
|
|
#include <netinet6/ip6_var.h>
|
2002-04-19 04:46:24 +00:00
|
|
|
#include <netinet6/nd6.h>
|
1999-11-22 02:45:11 +00:00
|
|
|
#include <netinet6/mld6_var.h>
|
2000-07-04 16:35:15 +00:00
|
|
|
#include <netinet6/ip6_mroute.h>
|
1999-11-22 02:45:11 +00:00
|
|
|
#include <netinet6/in6_ifattach.h>
|
2000-07-04 16:35:15 +00:00
|
|
|
#include <netinet6/scope6_var.h>
|
2001-06-11 12:39:29 +00:00
|
|
|
#include <netinet6/in6_pcb.h>
|
2008-12-02 21:37:28 +00:00
|
|
|
#include <netinet6/vinet6.h>
|
2000-07-04 16:35:15 +00:00
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
/*
|
|
|
|
* Definitions of some costant IP6 addresses.
|
|
|
|
*/
|
2000-07-04 16:35:15 +00:00
|
|
|
const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT;
|
|
|
|
const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT;
|
|
|
|
const struct in6_addr in6addr_nodelocal_allnodes =
|
1999-11-22 02:45:11 +00:00
|
|
|
IN6ADDR_NODELOCAL_ALLNODES_INIT;
|
2000-07-04 16:35:15 +00:00
|
|
|
const struct in6_addr in6addr_linklocal_allnodes =
|
1999-11-22 02:45:11 +00:00
|
|
|
IN6ADDR_LINKLOCAL_ALLNODES_INIT;
|
2000-07-04 16:35:15 +00:00
|
|
|
const struct in6_addr in6addr_linklocal_allrouters =
|
1999-11-22 02:45:11 +00:00
|
|
|
IN6ADDR_LINKLOCAL_ALLROUTERS_INIT;
|
Bite the bullet, and make the IPv6 SSM and MLDv2 mega-commit:
import from p4 bms_netdev. Summary of changes:
* Connect netinet6/in6_mcast.c to build.
The legacy KAME KPIs are mostly preserved.
* Eliminate now dead code from ip6_output.c.
Don't do mbuf bingo, we are not going to do RFC 2292 style
CMSG tricks for multicast options as they are not required
by any current IPv6 normative reference.
* Refactor transports (UDP, raw_ip6) to do own mcast filtering.
SCTP, TCP unaffected by this change.
* Add ip6_msource, in6_msource structs to in6_var.h.
* Hookup mld_ifinfo state to in6_ifextra, allocate from
domifattach path.
* Eliminate IN6_LOOKUP_MULTI(), it is no longer referenced.
Kernel consumers which need this should use in6m_lookup().
* Refactor IPv6 socket group memberships to use a vector (like IPv4).
* Update ifmcstat(8) for IPv6 SSM.
* Add witness lock order for IN6_MULTI_LOCK.
* Move IN6_MULTI_LOCK out of lower ip6_output()/ip6_input() paths.
* Introduce IP6STAT_ADD/SUB/INC/DEC as per rwatson's IPv4 cleanup.
* Update carp(4) for new IPv6 SSM KPIs.
* Virtualize ip6_mrouter socket.
Changes mostly localized to IPv6 MROUTING.
* Don't do a local group lookup in MROUTING.
* Kill unused KAME prototypes in6_purgemkludge(), in6_restoremkludge().
* Preserve KAME DAD timer jitter behaviour in MLDv1 compatibility mode.
* Bump __FreeBSD_version to 800084.
* Update UPDATING.
NOTE WELL:
* This code hasn't been tested against real MLDv2 queriers
(yet), although the on-wire protocol has been verified in Wireshark.
* There are a few unresolved issues in the socket layer APIs to
do with scope ID propagation.
* There is a LOR present in ip6_output()'s use of
in6_setscope() which needs to be resolved. See comments in mld6.c.
This is believed to be benign and can't be avoided for the moment
without re-introducing an indirect netisr.
This work was mostly derived from the IGMPv3 implementation, and
has been sponsored by a third party.
2009-04-29 19:19:13 +00:00
|
|
|
const struct in6_addr in6addr_linklocal_allv2routers =
|
|
|
|
IN6ADDR_LINKLOCAL_ALLV2ROUTERS_INIT;
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2000-07-04 16:35:15 +00:00
|
|
|
const struct in6_addr in6mask0 = IN6MASK0;
|
|
|
|
const struct in6_addr in6mask32 = IN6MASK32;
|
|
|
|
const struct in6_addr in6mask64 = IN6MASK64;
|
|
|
|
const struct in6_addr in6mask96 = IN6MASK96;
|
|
|
|
const struct in6_addr in6mask128 = IN6MASK128;
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2004-03-03 14:33:16 +00:00
|
|
|
const struct sockaddr_in6 sa6_any =
|
|
|
|
{ sizeof(sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0 };
|
2001-06-11 12:39:29 +00:00
|
|
|
|
2000-07-04 16:35:15 +00:00
|
|
|
static int in6_lifaddr_ioctl __P((struct socket *, u_long, caddr_t,
|
2001-09-12 08:38:13 +00:00
|
|
|
struct ifnet *, struct thread *));
|
2001-06-11 12:39:29 +00:00
|
|
|
static int in6_ifinit __P((struct ifnet *, struct in6_ifaddr *,
|
2003-10-07 17:46:18 +00:00
|
|
|
struct sockaddr_in6 *, int));
|
2008-01-08 19:08:58 +00:00
|
|
|
static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *);
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2001-09-25 18:40:52 +00:00
|
|
|
int (*faithprefix_p)(struct in6_addr *);
|
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
int
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_mask2len(struct in6_addr *mask, u_char *lim0)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
2001-06-11 12:39:29 +00:00
|
|
|
int x = 0, y;
|
|
|
|
u_char *lim = lim0, *p;
|
|
|
|
|
2003-10-07 17:46:18 +00:00
|
|
|
/* ignore the scope_id part */
|
|
|
|
if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask))
|
2001-06-11 12:39:29 +00:00
|
|
|
lim = (u_char *)mask + sizeof(*mask);
|
|
|
|
for (p = (u_char *)mask; p < lim; x++, p++) {
|
|
|
|
if (*p != 0xff)
|
1999-11-22 02:45:11 +00:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
y = 0;
|
2001-06-11 12:39:29 +00:00
|
|
|
if (p < lim) {
|
1999-11-22 02:45:11 +00:00
|
|
|
for (y = 0; y < 8; y++) {
|
2001-06-11 12:39:29 +00:00
|
|
|
if ((*p & (0x80 >> y)) == 0)
|
1999-11-22 02:45:11 +00:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
2001-06-11 12:39:29 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* when the limit pointer is given, do a stricter check on the
|
|
|
|
* remaining bits.
|
|
|
|
*/
|
|
|
|
if (p < lim) {
|
|
|
|
if (y != 0 && (*p & (0x00ff >> y)) != 0)
|
2003-10-06 14:02:09 +00:00
|
|
|
return (-1);
|
2001-06-11 12:39:29 +00:00
|
|
|
for (p = p + 1; p < lim; p++)
|
|
|
|
if (*p != 0)
|
2003-10-06 14:02:09 +00:00
|
|
|
return (-1);
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
2003-10-07 17:46:18 +00:00
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
return x * 8 + y;
|
|
|
|
}
|
|
|
|
|
|
|
|
#define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa))
|
2000-07-04 16:35:15 +00:00
|
|
|
#define ia62ifa(ia6) (&((ia6)->ia_ifa))
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
int
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_control(struct socket *so, u_long cmd, caddr_t data,
|
|
|
|
struct ifnet *ifp, struct thread *td)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
Step 1.5 of importing the network stack virtualization infrastructure
from the vimage project, as per plan established at devsummit 08/08:
http://wiki.freebsd.org/Image/Notes200808DevSummit
Introduce INIT_VNET_*() initializer macros, VNET_FOREACH() iterator
macros, and CURVNET_SET() context setting macros, all currently
resolving to NOPs.
Prepare for virtualization of selected SYSCTL objects by introducing a
family of SYSCTL_V_*() macros, currently resolving to their global
counterparts, i.e. SYSCTL_V_INT() == SYSCTL_INT().
Move selected #defines from sys/sys/vimage.h to newly introduced header
files specific to virtualized subsystems (sys/net/vnet.h,
sys/netinet/vinet.h etc.).
All the changes are verified to have zero functional impact at this
point in time by doing MD5 comparision between pre- and post-change
object files(*).
(*) netipsec/keysock.c did not validate depending on compile time options.
Implemented by: julian, bz, brooks, zec
Reviewed by: julian, bz, brooks, kris, rwatson, ...
Approved by: julian (mentor)
Obtained from: //depot/projects/vimage-commit2/...
X-MFC after: never
Sponsored by: NLnet Foundation, The FreeBSD Foundation
2008-10-02 15:37:58 +00:00
|
|
|
INIT_VNET_INET6(curvnet);
|
1999-11-22 02:45:11 +00:00
|
|
|
struct in6_ifreq *ifr = (struct in6_ifreq *)data;
|
2001-06-11 12:39:29 +00:00
|
|
|
struct in6_ifaddr *ia = NULL;
|
1999-11-22 02:45:11 +00:00
|
|
|
struct in6_aliasreq *ifra = (struct in6_aliasreq *)data;
|
2005-10-21 16:23:01 +00:00
|
|
|
struct sockaddr_in6 *sa6;
|
2006-11-06 13:42:10 +00:00
|
|
|
int error;
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2000-07-04 16:35:15 +00:00
|
|
|
switch (cmd) {
|
|
|
|
case SIOCGETSGCNT_IN6:
|
|
|
|
case SIOCGETMIFCNT_IN6:
|
2007-02-24 11:38:47 +00:00
|
|
|
return (mrt6_ioctl ? mrt6_ioctl(cmd, data) : EOPNOTSUPP);
|
2000-07-04 16:35:15 +00:00
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2003-10-30 15:29:17 +00:00
|
|
|
switch(cmd) {
|
|
|
|
case SIOCAADDRCTL_POLICY:
|
|
|
|
case SIOCDADDRCTL_POLICY:
|
2006-11-06 13:42:10 +00:00
|
|
|
if (td != NULL) {
|
|
|
|
error = priv_check(td, PRIV_NETINET_ADDRCTRL6);
|
|
|
|
if (error)
|
|
|
|
return (error);
|
|
|
|
}
|
2003-10-30 15:29:17 +00:00
|
|
|
return (in6_src_ioctl(cmd, data));
|
|
|
|
}
|
|
|
|
|
2000-07-04 16:35:15 +00:00
|
|
|
if (ifp == NULL)
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EOPNOTSUPP);
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
switch (cmd) {
|
|
|
|
case SIOCSNDFLUSH_IN6:
|
|
|
|
case SIOCSPFXFLUSH_IN6:
|
|
|
|
case SIOCSRTRFLUSH_IN6:
|
2000-07-04 16:35:15 +00:00
|
|
|
case SIOCSDEFIFACE_IN6:
|
|
|
|
case SIOCSIFINFO_FLAGS:
|
2009-06-10 10:31:11 +00:00
|
|
|
case SIOCSIFINFO_IN6:
|
2006-11-06 13:42:10 +00:00
|
|
|
if (td != NULL) {
|
|
|
|
error = priv_check(td, PRIV_NETINET_ND6);
|
|
|
|
if (error)
|
|
|
|
return (error);
|
|
|
|
}
|
2003-10-07 17:46:18 +00:00
|
|
|
/* FALLTHROUGH */
|
2001-06-11 12:39:29 +00:00
|
|
|
case OSIOCGIFINFO_IN6:
|
1999-11-22 02:45:11 +00:00
|
|
|
case SIOCGIFINFO_IN6:
|
|
|
|
case SIOCGDRLST_IN6:
|
|
|
|
case SIOCGPRLST_IN6:
|
|
|
|
case SIOCGNBRINFO_IN6:
|
2000-07-04 16:35:15 +00:00
|
|
|
case SIOCGDEFIFACE_IN6:
|
2003-10-06 14:02:09 +00:00
|
|
|
return (nd6_ioctl(cmd, data, ifp));
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
switch (cmd) {
|
|
|
|
case SIOCSIFPREFIX_IN6:
|
|
|
|
case SIOCDIFPREFIX_IN6:
|
|
|
|
case SIOCAIFPREFIX_IN6:
|
|
|
|
case SIOCCIFPREFIX_IN6:
|
|
|
|
case SIOCSGIFPREFIX_IN6:
|
|
|
|
case SIOCGIFPREFIX_IN6:
|
2001-06-11 12:39:29 +00:00
|
|
|
log(LOG_NOTICE,
|
|
|
|
"prefix ioctls are now invalidated. "
|
|
|
|
"please use ifconfig.\n");
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EOPNOTSUPP);
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
2002-04-19 04:46:24 +00:00
|
|
|
switch (cmd) {
|
2000-07-04 16:35:15 +00:00
|
|
|
case SIOCSSCOPE6:
|
2006-11-06 13:42:10 +00:00
|
|
|
if (td != NULL) {
|
|
|
|
error = priv_check(td, PRIV_NETINET_SCOPE6);
|
|
|
|
if (error)
|
|
|
|
return (error);
|
|
|
|
}
|
2003-10-17 15:46:31 +00:00
|
|
|
return (scope6_set(ifp,
|
|
|
|
(struct scope6_id *)ifr->ifr_ifru.ifru_scope_id));
|
2000-07-04 16:35:15 +00:00
|
|
|
case SIOCGSCOPE6:
|
2003-10-17 15:46:31 +00:00
|
|
|
return (scope6_get(ifp,
|
|
|
|
(struct scope6_id *)ifr->ifr_ifru.ifru_scope_id));
|
2000-07-04 16:35:15 +00:00
|
|
|
case SIOCGSCOPE6DEF:
|
2003-10-17 15:46:31 +00:00
|
|
|
return (scope6_get_default((struct scope6_id *)
|
|
|
|
ifr->ifr_ifru.ifru_scope_id));
|
2000-07-04 16:35:15 +00:00
|
|
|
}
|
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
switch (cmd) {
|
|
|
|
case SIOCALIFADDR:
|
2008-01-24 08:25:59 +00:00
|
|
|
if (td != NULL) {
|
|
|
|
error = priv_check(td, PRIV_NET_ADDIFADDR);
|
|
|
|
if (error)
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
return in6_lifaddr_ioctl(so, cmd, data, ifp, td);
|
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
case SIOCDLIFADDR:
|
2006-11-06 13:42:10 +00:00
|
|
|
if (td != NULL) {
|
2008-01-24 08:25:59 +00:00
|
|
|
error = priv_check(td, PRIV_NET_DELIFADDR);
|
2006-11-06 13:42:10 +00:00
|
|
|
if (error)
|
|
|
|
return (error);
|
|
|
|
}
|
2003-10-07 17:46:18 +00:00
|
|
|
/* FALLTHROUGH */
|
1999-11-22 02:45:11 +00:00
|
|
|
case SIOCGLIFADDR:
|
2001-09-12 08:38:13 +00:00
|
|
|
return in6_lifaddr_ioctl(so, cmd, data, ifp, td);
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Find address for this interface, if it exists.
|
2005-10-21 16:23:01 +00:00
|
|
|
*
|
|
|
|
* In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation
|
|
|
|
* only, and used the first interface address as the target of other
|
|
|
|
* operations (without checking ifra_addr). This was because netinet
|
|
|
|
* code/API assumed at most 1 interface address per interface.
|
|
|
|
* Since IPv6 allows a node to assign multiple addresses
|
|
|
|
* on a single interface, we almost always look and check the
|
|
|
|
* presence of ifra_addr, and reject invalid ones here.
|
|
|
|
* It also decreases duplicated code among SIOC*_IN6 operations.
|
1999-11-22 02:45:11 +00:00
|
|
|
*/
|
2005-10-21 16:23:01 +00:00
|
|
|
switch (cmd) {
|
|
|
|
case SIOCAIFADDR_IN6:
|
|
|
|
case SIOCSIFPHYADDR_IN6:
|
|
|
|
sa6 = &ifra->ifra_addr;
|
|
|
|
break;
|
|
|
|
case SIOCSIFADDR_IN6:
|
|
|
|
case SIOCGIFADDR_IN6:
|
|
|
|
case SIOCSIFDSTADDR_IN6:
|
|
|
|
case SIOCSIFNETMASK_IN6:
|
|
|
|
case SIOCGIFDSTADDR_IN6:
|
|
|
|
case SIOCGIFNETMASK_IN6:
|
|
|
|
case SIOCDIFADDR_IN6:
|
|
|
|
case SIOCGIFPSRCADDR_IN6:
|
|
|
|
case SIOCGIFPDSTADDR_IN6:
|
|
|
|
case SIOCGIFAFLAG_IN6:
|
|
|
|
case SIOCSNDFLUSH_IN6:
|
|
|
|
case SIOCSPFXFLUSH_IN6:
|
|
|
|
case SIOCSRTRFLUSH_IN6:
|
|
|
|
case SIOCGIFALIFETIME_IN6:
|
|
|
|
case SIOCSIFALIFETIME_IN6:
|
|
|
|
case SIOCGIFSTAT_IN6:
|
|
|
|
case SIOCGIFSTAT_ICMP6:
|
|
|
|
sa6 = &ifr->ifr_addr;
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
sa6 = NULL;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if (sa6 && sa6->sin6_family == AF_INET6) {
|
2005-07-25 12:31:43 +00:00
|
|
|
int error = 0;
|
|
|
|
|
2005-10-21 16:23:01 +00:00
|
|
|
if (sa6->sin6_scope_id != 0)
|
|
|
|
error = sa6_embedscope(sa6, 0);
|
2005-07-25 12:31:43 +00:00
|
|
|
else
|
2005-10-21 16:23:01 +00:00
|
|
|
error = in6_setscope(&sa6->sin6_addr, ifp, NULL);
|
2005-07-25 12:31:43 +00:00
|
|
|
if (error != 0)
|
|
|
|
return (error);
|
2009-02-05 14:06:09 +00:00
|
|
|
if (td != NULL && (error = prison_check_ip6(td->td_ucred,
|
|
|
|
&sa6->sin6_addr)) != 0)
|
|
|
|
return (error);
|
2005-10-21 16:23:01 +00:00
|
|
|
ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr);
|
|
|
|
} else
|
|
|
|
ia = NULL;
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
switch (cmd) {
|
2001-06-11 12:39:29 +00:00
|
|
|
case SIOCSIFADDR_IN6:
|
|
|
|
case SIOCSIFDSTADDR_IN6:
|
|
|
|
case SIOCSIFNETMASK_IN6:
|
|
|
|
/*
|
|
|
|
* Since IPv6 allows a node to assign multiple addresses
|
2005-10-19 10:09:19 +00:00
|
|
|
* on a single interface, SIOCSIFxxx ioctls are deprecated.
|
2001-06-11 12:39:29 +00:00
|
|
|
*/
|
|
|
|
/* we decided to obsolete this command (20000704) */
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EINVAL);
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
case SIOCDIFADDR_IN6:
|
2000-07-04 16:35:15 +00:00
|
|
|
/*
|
2001-06-11 12:39:29 +00:00
|
|
|
* for IPv4, we look for existing in_ifaddr here to allow
|
2005-10-19 10:09:19 +00:00
|
|
|
* "ifconfig if0 delete" to remove the first IPv4 address on
|
|
|
|
* the interface. For IPv6, as the spec allows multiple
|
|
|
|
* interface address from the day one, we consider "remove the
|
|
|
|
* first one" semantics to be not preferable.
|
2000-07-04 16:35:15 +00:00
|
|
|
*/
|
|
|
|
if (ia == NULL)
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EADDRNOTAVAIL);
|
1999-11-22 02:45:11 +00:00
|
|
|
/* FALLTHROUGH */
|
|
|
|
case SIOCAIFADDR_IN6:
|
2000-07-04 16:35:15 +00:00
|
|
|
/*
|
2001-06-11 12:39:29 +00:00
|
|
|
* We always require users to specify a valid IPv6 address for
|
|
|
|
* the corresponding operation.
|
2000-07-04 16:35:15 +00:00
|
|
|
*/
|
2001-06-11 12:39:29 +00:00
|
|
|
if (ifra->ifra_addr.sin6_family != AF_INET6 ||
|
|
|
|
ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6))
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EAFNOSUPPORT);
|
2006-11-06 13:42:10 +00:00
|
|
|
|
|
|
|
if (td != NULL) {
|
2008-01-24 08:25:59 +00:00
|
|
|
error = priv_check(td, (cmd == SIOCDIFADDR_IN6) ?
|
|
|
|
PRIV_NET_DELIFADDR : PRIV_NET_ADDIFADDR);
|
2006-11-06 13:42:10 +00:00
|
|
|
if (error)
|
|
|
|
return (error);
|
|
|
|
}
|
2000-07-04 16:35:15 +00:00
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
case SIOCGIFADDR_IN6:
|
|
|
|
/* This interface is basically deprecated. use SIOCGIFCONF. */
|
2003-10-07 17:46:18 +00:00
|
|
|
/* FALLTHROUGH */
|
1999-11-22 02:45:11 +00:00
|
|
|
case SIOCGIFAFLAG_IN6:
|
|
|
|
case SIOCGIFNETMASK_IN6:
|
|
|
|
case SIOCGIFDSTADDR_IN6:
|
|
|
|
case SIOCGIFALIFETIME_IN6:
|
|
|
|
/* must think again about its semantics */
|
2000-07-04 16:35:15 +00:00
|
|
|
if (ia == NULL)
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EADDRNOTAVAIL);
|
1999-11-22 02:45:11 +00:00
|
|
|
break;
|
|
|
|
case SIOCSIFALIFETIME_IN6:
|
|
|
|
{
|
|
|
|
struct in6_addrlifetime *lt;
|
|
|
|
|
2006-11-06 13:42:10 +00:00
|
|
|
if (td != NULL) {
|
|
|
|
error = priv_check(td, PRIV_NETINET_ALIFETIME6);
|
|
|
|
if (error)
|
|
|
|
return (error);
|
|
|
|
}
|
2000-07-04 16:35:15 +00:00
|
|
|
if (ia == NULL)
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EADDRNOTAVAIL);
|
1999-11-22 02:45:11 +00:00
|
|
|
/* sanity for overflow - beware unsigned */
|
|
|
|
lt = &ifr->ifr_ifru.ifru_lifetime;
|
2004-03-03 14:33:16 +00:00
|
|
|
if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME &&
|
|
|
|
lt->ia6t_vltime + time_second < time_second) {
|
1999-11-22 02:45:11 +00:00
|
|
|
return EINVAL;
|
|
|
|
}
|
2004-03-03 14:33:16 +00:00
|
|
|
if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME &&
|
|
|
|
lt->ia6t_pltime + time_second < time_second) {
|
1999-11-22 02:45:11 +00:00
|
|
|
return EINVAL;
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
switch (cmd) {
|
|
|
|
|
|
|
|
case SIOCGIFADDR_IN6:
|
|
|
|
ifr->ifr_addr = ia->ia_addr;
|
2005-07-25 12:31:43 +00:00
|
|
|
if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0)
|
|
|
|
return (error);
|
1999-11-22 02:45:11 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
case SIOCGIFDSTADDR_IN6:
|
|
|
|
if ((ifp->if_flags & IFF_POINTOPOINT) == 0)
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EINVAL);
|
2000-07-04 16:35:15 +00:00
|
|
|
/*
|
|
|
|
* XXX: should we check if ifa_dstaddr is NULL and return
|
|
|
|
* an error?
|
|
|
|
*/
|
1999-11-22 02:45:11 +00:00
|
|
|
ifr->ifr_dstaddr = ia->ia_dstaddr;
|
2005-07-25 12:31:43 +00:00
|
|
|
if ((error = sa6_recoverscope(&ifr->ifr_dstaddr)) != 0)
|
|
|
|
return (error);
|
1999-11-22 02:45:11 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
case SIOCGIFNETMASK_IN6:
|
|
|
|
ifr->ifr_addr = ia->ia_prefixmask;
|
|
|
|
break;
|
|
|
|
|
|
|
|
case SIOCGIFAFLAG_IN6:
|
|
|
|
ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags;
|
|
|
|
break;
|
|
|
|
|
|
|
|
case SIOCGIFSTAT_IN6:
|
2003-10-17 17:34:31 +00:00
|
|
|
if (ifp == NULL)
|
|
|
|
return EINVAL;
|
2003-10-17 15:46:31 +00:00
|
|
|
bzero(&ifr->ifr_ifru.ifru_stat,
|
|
|
|
sizeof(ifr->ifr_ifru.ifru_stat));
|
|
|
|
ifr->ifr_ifru.ifru_stat =
|
|
|
|
*((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat;
|
1999-11-22 02:45:11 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
case SIOCGIFSTAT_ICMP6:
|
|
|
|
if (ifp == NULL)
|
|
|
|
return EINVAL;
|
2006-02-08 07:16:46 +00:00
|
|
|
bzero(&ifr->ifr_ifru.ifru_icmp6stat,
|
2003-10-17 15:46:31 +00:00
|
|
|
sizeof(ifr->ifr_ifru.ifru_icmp6stat));
|
|
|
|
ifr->ifr_ifru.ifru_icmp6stat =
|
|
|
|
*((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat;
|
1999-11-22 02:45:11 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
case SIOCGIFALIFETIME_IN6:
|
|
|
|
ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime;
|
2005-10-21 16:23:01 +00:00
|
|
|
if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
|
|
|
|
time_t maxexpire;
|
|
|
|
struct in6_addrlifetime *retlt =
|
|
|
|
&ifr->ifr_ifru.ifru_lifetime;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* XXX: adjust expiration time assuming time_t is
|
|
|
|
* signed.
|
|
|
|
*/
|
|
|
|
maxexpire = (-1) &
|
2005-10-22 05:07:16 +00:00
|
|
|
~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
|
2005-10-21 16:23:01 +00:00
|
|
|
if (ia->ia6_lifetime.ia6t_vltime <
|
|
|
|
maxexpire - ia->ia6_updatetime) {
|
|
|
|
retlt->ia6t_expire = ia->ia6_updatetime +
|
|
|
|
ia->ia6_lifetime.ia6t_vltime;
|
|
|
|
} else
|
|
|
|
retlt->ia6t_expire = maxexpire;
|
|
|
|
}
|
|
|
|
if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
|
|
|
|
time_t maxexpire;
|
|
|
|
struct in6_addrlifetime *retlt =
|
|
|
|
&ifr->ifr_ifru.ifru_lifetime;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* XXX: adjust expiration time assuming time_t is
|
|
|
|
* signed.
|
|
|
|
*/
|
|
|
|
maxexpire = (-1) &
|
2005-10-22 05:07:16 +00:00
|
|
|
~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
|
2005-10-21 16:23:01 +00:00
|
|
|
if (ia->ia6_lifetime.ia6t_pltime <
|
|
|
|
maxexpire - ia->ia6_updatetime) {
|
|
|
|
retlt->ia6t_preferred = ia->ia6_updatetime +
|
|
|
|
ia->ia6_lifetime.ia6t_pltime;
|
|
|
|
} else
|
|
|
|
retlt->ia6t_preferred = maxexpire;
|
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
case SIOCSIFALIFETIME_IN6:
|
|
|
|
ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime;
|
|
|
|
/* for sanity */
|
|
|
|
if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
|
|
|
|
ia->ia6_lifetime.ia6t_expire =
|
|
|
|
time_second + ia->ia6_lifetime.ia6t_vltime;
|
|
|
|
} else
|
|
|
|
ia->ia6_lifetime.ia6t_expire = 0;
|
|
|
|
if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
|
|
|
|
ia->ia6_lifetime.ia6t_preferred =
|
|
|
|
time_second + ia->ia6_lifetime.ia6t_pltime;
|
|
|
|
} else
|
|
|
|
ia->ia6_lifetime.ia6t_preferred = 0;
|
|
|
|
break;
|
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
case SIOCAIFADDR_IN6:
|
|
|
|
{
|
|
|
|
int i, error = 0;
|
2005-10-21 16:23:01 +00:00
|
|
|
struct nd_prefixctl pr0;
|
|
|
|
struct nd_prefix *pr;
|
2001-06-11 12:39:29 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* first, make or update the interface address structure,
|
|
|
|
* and link it to the list.
|
|
|
|
*/
|
2005-10-21 16:23:01 +00:00
|
|
|
if ((error = in6_update_ifa(ifp, ifra, ia, 0)) != 0)
|
2003-10-06 14:02:09 +00:00
|
|
|
return (error);
|
2005-10-31 23:06:04 +00:00
|
|
|
if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr))
|
|
|
|
== NULL) {
|
2007-07-05 16:29:40 +00:00
|
|
|
/*
|
2005-10-31 23:06:04 +00:00
|
|
|
* this can happen when the user specify the 0 valid
|
|
|
|
* lifetime.
|
|
|
|
*/
|
|
|
|
break;
|
|
|
|
}
|
2001-06-11 12:39:29 +00:00
|
|
|
|
2000-07-04 16:35:15 +00:00
|
|
|
/*
|
2001-06-11 12:39:29 +00:00
|
|
|
* then, make the prefix on-link on the interface.
|
|
|
|
* XXX: we'd rather create the prefix before the address, but
|
|
|
|
* we need at least one address to install the corresponding
|
|
|
|
* interface route, so we configure the address first.
|
2000-07-04 16:35:15 +00:00
|
|
|
*/
|
2001-06-11 12:39:29 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* convert mask to prefix length (prefixmask has already
|
|
|
|
* been validated in in6_update_ifa().
|
|
|
|
*/
|
|
|
|
bzero(&pr0, sizeof(pr0));
|
|
|
|
pr0.ndpr_ifp = ifp;
|
|
|
|
pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
|
2003-10-07 17:46:18 +00:00
|
|
|
NULL);
|
|
|
|
if (pr0.ndpr_plen == 128) {
|
2001-06-11 12:39:29 +00:00
|
|
|
break; /* we don't need to install a host route. */
|
2003-10-07 17:46:18 +00:00
|
|
|
}
|
2001-06-11 12:39:29 +00:00
|
|
|
pr0.ndpr_prefix = ifra->ifra_addr;
|
|
|
|
/* apply the mask for safety. */
|
|
|
|
for (i = 0; i < 4; i++) {
|
|
|
|
pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &=
|
2003-10-07 17:46:18 +00:00
|
|
|
ifra->ifra_prefixmask.sin6_addr.s6_addr32[i];
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
|
|
|
/*
|
2002-04-19 04:46:24 +00:00
|
|
|
* XXX: since we don't have an API to set prefix (not address)
|
|
|
|
* lifetimes, we just use the same lifetimes as addresses.
|
|
|
|
* The (temporarily) installed lifetimes can be overridden by
|
|
|
|
* later advertised RAs (when accept_rtadv is non 0), which is
|
|
|
|
* an intended behavior.
|
2001-06-11 12:39:29 +00:00
|
|
|
*/
|
|
|
|
pr0.ndpr_raf_onlink = 1; /* should be configurable? */
|
|
|
|
pr0.ndpr_raf_auto =
|
2003-10-07 17:46:18 +00:00
|
|
|
((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0);
|
2001-06-11 12:39:29 +00:00
|
|
|
pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime;
|
|
|
|
pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime;
|
|
|
|
|
2003-10-07 17:46:18 +00:00
|
|
|
/* add the prefix if not yet. */
|
2001-06-11 12:39:29 +00:00
|
|
|
if ((pr = nd6_prefix_lookup(&pr0)) == NULL) {
|
|
|
|
/*
|
|
|
|
* nd6_prelist_add will install the corresponding
|
|
|
|
* interface route.
|
|
|
|
*/
|
|
|
|
if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0)
|
2003-10-06 14:02:09 +00:00
|
|
|
return (error);
|
2001-06-11 12:39:29 +00:00
|
|
|
if (pr == NULL) {
|
2003-10-07 17:46:18 +00:00
|
|
|
log(LOG_ERR, "nd6_prelist_add succeeded but "
|
2001-06-11 12:39:29 +00:00
|
|
|
"no prefix\n");
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EINVAL); /* XXX panic here? */
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
|
|
|
}
|
2005-10-31 23:06:04 +00:00
|
|
|
|
|
|
|
/* relate the address to the prefix */
|
|
|
|
if (ia->ia6_ndpr == NULL) {
|
|
|
|
ia->ia6_ndpr = pr;
|
|
|
|
pr->ndpr_refcnt++;
|
2001-06-11 12:39:29 +00:00
|
|
|
|
|
|
|
/*
|
2005-10-31 23:06:04 +00:00
|
|
|
* If this is the first autoconf address from the
|
|
|
|
* prefix, create a temporary address as well
|
|
|
|
* (when required).
|
2001-06-11 12:39:29 +00:00
|
|
|
*/
|
2005-10-31 23:06:04 +00:00
|
|
|
if ((ia->ia6_flags & IN6_IFF_AUTOCONF) &&
|
Commit step 1 of the vimage project, (network stack)
virtualization work done by Marko Zec (zec@).
This is the first in a series of commits over the course
of the next few weeks.
Mark all uses of global variables to be virtualized
with a V_ prefix.
Use macros to map them back to their global names for
now, so this is a NOP change only.
We hope to have caught at least 85-90% of what is needed
so we do not invalidate a lot of outstanding patches again.
Obtained from: //depot/projects/vimage-commit2/...
Reviewed by: brooks, des, ed, mav, julian,
jamie, kris, rwatson, zec, ...
(various people I forgot, different versions)
md5 (with a bit of help)
Sponsored by: NLnet Foundation, The FreeBSD Foundation
X-MFC after: never
V_Commit_Message_Reviewed_By: more people than the patch
2008-08-17 23:27:27 +00:00
|
|
|
V_ip6_use_tempaddr && pr->ndpr_refcnt == 1) {
|
2005-10-31 23:06:04 +00:00
|
|
|
int e;
|
|
|
|
if ((e = in6_tmpifadd(ia, 1, 0)) != 0) {
|
|
|
|
log(LOG_NOTICE, "in6_control: failed "
|
|
|
|
"to create a temporary address, "
|
|
|
|
"errno=%d\n", e);
|
|
|
|
}
|
|
|
|
}
|
2000-07-04 16:35:15 +00:00
|
|
|
}
|
2005-10-31 23:06:04 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* this might affect the status of autoconfigured addresses,
|
|
|
|
* that is, this address might make other addresses detached.
|
|
|
|
*/
|
|
|
|
pfxlist_onlink_check();
|
2004-02-26 04:27:55 +00:00
|
|
|
if (error == 0 && ia)
|
|
|
|
EVENTHANDLER_INVOKE(ifaddr_event, ifp);
|
2001-06-11 12:39:29 +00:00
|
|
|
break;
|
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
case SIOCDIFADDR_IN6:
|
|
|
|
{
|
2005-10-21 16:23:01 +00:00
|
|
|
struct nd_prefix *pr;
|
2001-06-11 12:39:29 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If the address being deleted is the only one that owns
|
|
|
|
* the corresponding prefix, expire the prefix as well.
|
2003-10-07 17:46:18 +00:00
|
|
|
* XXX: theoretically, we don't have to worry about such
|
2001-06-11 12:39:29 +00:00
|
|
|
* relationship, since we separate the address management
|
|
|
|
* and the prefix management. We do this, however, to provide
|
|
|
|
* as much backward compatibility as possible in terms of
|
|
|
|
* the ioctl operation.
|
2005-10-31 23:06:04 +00:00
|
|
|
* Note that in6_purgeaddr() will decrement ndpr_refcnt.
|
2001-06-11 12:39:29 +00:00
|
|
|
*/
|
2005-10-31 23:06:04 +00:00
|
|
|
pr = ia->ia6_ndpr;
|
2001-06-11 12:39:29 +00:00
|
|
|
in6_purgeaddr(&ia->ia_ifa);
|
2005-10-31 23:06:04 +00:00
|
|
|
if (pr && pr->ndpr_refcnt == 0)
|
|
|
|
prelist_remove(pr);
|
2004-02-26 04:27:55 +00:00
|
|
|
EVENTHANDLER_INVOKE(ifaddr_event, ifp);
|
1999-11-22 02:45:11 +00:00
|
|
|
break;
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
default:
|
|
|
|
if (ifp == NULL || ifp->if_ioctl == 0)
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EOPNOTSUPP);
|
|
|
|
return ((*ifp->if_ioctl)(ifp, cmd, data));
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
|
|
|
|
2003-10-06 14:02:09 +00:00
|
|
|
return (0);
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Update parameters of an IPv6 interface address.
|
|
|
|
* If necessary, a new entry is created and linked into address chains.
|
|
|
|
* This function is separated from in6_control().
|
|
|
|
* XXX: should this be performed under splnet()?
|
|
|
|
*/
|
|
|
|
int
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra,
|
|
|
|
struct in6_ifaddr *ia, int flags)
|
2001-06-11 12:39:29 +00:00
|
|
|
{
|
Step 1.5 of importing the network stack virtualization infrastructure
from the vimage project, as per plan established at devsummit 08/08:
http://wiki.freebsd.org/Image/Notes200808DevSummit
Introduce INIT_VNET_*() initializer macros, VNET_FOREACH() iterator
macros, and CURVNET_SET() context setting macros, all currently
resolving to NOPs.
Prepare for virtualization of selected SYSCTL objects by introducing a
family of SYSCTL_V_*() macros, currently resolving to their global
counterparts, i.e. SYSCTL_V_INT() == SYSCTL_INT().
Move selected #defines from sys/sys/vimage.h to newly introduced header
files specific to virtualized subsystems (sys/net/vnet.h,
sys/netinet/vinet.h etc.).
All the changes are verified to have zero functional impact at this
point in time by doing MD5 comparision between pre- and post-change
object files(*).
(*) netipsec/keysock.c did not validate depending on compile time options.
Implemented by: julian, bz, brooks, zec
Reviewed by: julian, bz, brooks, kris, rwatson, ...
Approved by: julian (mentor)
Obtained from: //depot/projects/vimage-commit2/...
X-MFC after: never
Sponsored by: NLnet Foundation, The FreeBSD Foundation
2008-10-02 15:37:58 +00:00
|
|
|
INIT_VNET_INET6(ifp->if_vnet);
|
2001-06-11 12:39:29 +00:00
|
|
|
int error = 0, hostIsNew = 0, plen = -1;
|
|
|
|
struct in6_ifaddr *oia;
|
|
|
|
struct sockaddr_in6 dst6;
|
|
|
|
struct in6_addrlifetime *lt;
|
2005-10-21 16:23:01 +00:00
|
|
|
struct in6_multi_mship *imm;
|
|
|
|
struct in6_multi *in6m_sol;
|
2005-07-25 12:31:43 +00:00
|
|
|
struct rtentry *rt;
|
2005-10-21 16:23:01 +00:00
|
|
|
int delay;
|
2006-12-12 12:17:58 +00:00
|
|
|
char ip6buf[INET6_ADDRSTRLEN];
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
/* Validate parameters */
|
|
|
|
if (ifp == NULL || ifra == NULL) /* this maybe redundant */
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EINVAL);
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
/*
|
|
|
|
* The destination address for a p2p link must have a family
|
|
|
|
* of AF_UNSPEC or AF_INET6.
|
|
|
|
*/
|
|
|
|
if ((ifp->if_flags & IFF_POINTOPOINT) != 0 &&
|
|
|
|
ifra->ifra_dstaddr.sin6_family != AF_INET6 &&
|
|
|
|
ifra->ifra_dstaddr.sin6_family != AF_UNSPEC)
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EAFNOSUPPORT);
|
2001-06-11 12:39:29 +00:00
|
|
|
/*
|
|
|
|
* validate ifra_prefixmask. don't check sin6_family, netmask
|
|
|
|
* does not carry fields other than sin6_len.
|
|
|
|
*/
|
|
|
|
if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6))
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EINVAL);
|
2001-06-11 12:39:29 +00:00
|
|
|
/*
|
|
|
|
* Because the IPv6 address architecture is classless, we require
|
|
|
|
* users to specify a (non 0) prefix length (mask) for a new address.
|
|
|
|
* We also require the prefix (when specified) mask is valid, and thus
|
|
|
|
* reject a non-consecutive mask.
|
|
|
|
*/
|
|
|
|
if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0)
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EINVAL);
|
2001-06-11 12:39:29 +00:00
|
|
|
if (ifra->ifra_prefixmask.sin6_len != 0) {
|
|
|
|
plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
|
2003-10-07 17:46:18 +00:00
|
|
|
(u_char *)&ifra->ifra_prefixmask +
|
|
|
|
ifra->ifra_prefixmask.sin6_len);
|
2001-06-11 12:39:29 +00:00
|
|
|
if (plen <= 0)
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EINVAL);
|
2003-10-07 17:46:18 +00:00
|
|
|
} else {
|
2000-07-04 16:35:15 +00:00
|
|
|
/*
|
2002-04-19 04:46:24 +00:00
|
|
|
* In this case, ia must not be NULL. We just use its prefix
|
2001-06-11 12:39:29 +00:00
|
|
|
* length.
|
2000-07-04 16:35:15 +00:00
|
|
|
*/
|
2001-06-11 12:39:29 +00:00
|
|
|
plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL);
|
|
|
|
}
|
|
|
|
/*
|
|
|
|
* If the destination address on a p2p interface is specified,
|
|
|
|
* and the address is a scoped one, validate/set the scope
|
|
|
|
* zone identifier.
|
|
|
|
*/
|
|
|
|
dst6 = ifra->ifra_dstaddr;
|
2003-10-07 17:46:18 +00:00
|
|
|
if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 &&
|
2001-06-11 12:39:29 +00:00
|
|
|
(dst6.sin6_family == AF_INET6)) {
|
2005-07-25 12:31:43 +00:00
|
|
|
struct in6_addr in6_tmp;
|
2004-03-03 14:33:16 +00:00
|
|
|
u_int32_t zoneid;
|
2001-06-11 12:39:29 +00:00
|
|
|
|
2005-07-25 12:31:43 +00:00
|
|
|
in6_tmp = dst6.sin6_addr;
|
|
|
|
if (in6_setscope(&in6_tmp, ifp, &zoneid))
|
|
|
|
return (EINVAL); /* XXX: should be impossible */
|
|
|
|
|
|
|
|
if (dst6.sin6_scope_id != 0) {
|
|
|
|
if (dst6.sin6_scope_id != zoneid)
|
|
|
|
return (EINVAL);
|
|
|
|
} else /* user omit to specify the ID. */
|
2004-03-03 14:33:16 +00:00
|
|
|
dst6.sin6_scope_id = zoneid;
|
2005-07-25 12:31:43 +00:00
|
|
|
|
|
|
|
/* convert into the internal form */
|
|
|
|
if (sa6_embedscope(&dst6, 0))
|
|
|
|
return (EINVAL); /* XXX: should be impossible */
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
|
|
|
/*
|
|
|
|
* The destination address can be specified only for a p2p or a
|
|
|
|
* loopback interface. If specified, the corresponding prefix length
|
|
|
|
* must be 128.
|
|
|
|
*/
|
|
|
|
if (ifra->ifra_dstaddr.sin6_family == AF_INET6) {
|
|
|
|
if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) {
|
2004-03-03 14:33:16 +00:00
|
|
|
/* XXX: noisy message */
|
2003-11-04 14:09:37 +00:00
|
|
|
nd6log((LOG_INFO, "in6_update_ifa: a destination can "
|
|
|
|
"be specified for a p2p or a loopback IF only\n"));
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EINVAL);
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
|
|
|
if (plen != 128) {
|
2003-11-04 14:09:37 +00:00
|
|
|
nd6log((LOG_INFO, "in6_update_ifa: prefixlen should "
|
|
|
|
"be 128 when dstaddr is specified\n"));
|
2003-10-06 14:02:09 +00:00
|
|
|
return (EINVAL);
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
/* lifetime consistency check */
|
|
|
|
lt = &ifra->ifra_lifetime;
|
2005-10-21 16:23:01 +00:00
|
|
|
if (lt->ia6t_pltime > lt->ia6t_vltime)
|
|
|
|
return (EINVAL);
|
2001-06-11 12:39:29 +00:00
|
|
|
if (lt->ia6t_vltime == 0) {
|
2000-07-04 16:35:15 +00:00
|
|
|
/*
|
2001-06-11 12:39:29 +00:00
|
|
|
* the following log might be noisy, but this is a typical
|
|
|
|
* configuration mistake or a tool's bug.
|
2000-07-04 16:35:15 +00:00
|
|
|
*/
|
2003-11-04 14:09:37 +00:00
|
|
|
nd6log((LOG_INFO,
|
2001-06-11 12:39:29 +00:00
|
|
|
"in6_update_ifa: valid lifetime is 0 for %s\n",
|
2006-12-12 12:17:58 +00:00
|
|
|
ip6_sprintf(ip6buf, &ifra->ifra_addr.sin6_addr)));
|
2005-10-21 16:23:01 +00:00
|
|
|
|
|
|
|
if (ia == NULL)
|
|
|
|
return (0); /* there's nothing to do */
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
2000-07-04 16:35:15 +00:00
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
/*
|
|
|
|
* If this is a new address, allocate a new ifaddr and link it
|
|
|
|
* into chains.
|
|
|
|
*/
|
|
|
|
if (ia == NULL) {
|
|
|
|
hostIsNew = 1;
|
2001-07-15 14:24:00 +00:00
|
|
|
/*
|
|
|
|
* When in6_update_ifa() is called in a process of a received
|
2003-10-07 17:46:18 +00:00
|
|
|
* RA, it is called under an interrupt context. So, we should
|
|
|
|
* call malloc with M_NOWAIT.
|
2001-07-15 14:24:00 +00:00
|
|
|
*/
|
2003-10-07 17:46:18 +00:00
|
|
|
ia = (struct in6_ifaddr *) malloc(sizeof(*ia), M_IFADDR,
|
|
|
|
M_NOWAIT);
|
2001-06-11 12:39:29 +00:00
|
|
|
if (ia == NULL)
|
|
|
|
return (ENOBUFS);
|
|
|
|
bzero((caddr_t)ia, sizeof(*ia));
|
2009-06-21 19:30:33 +00:00
|
|
|
ifa_init(&ia->ia_ifa);
|
2007-06-02 08:02:36 +00:00
|
|
|
LIST_INIT(&ia->ia6_memberships);
|
2005-10-21 16:23:01 +00:00
|
|
|
/* Initialize the address and masks, and put time stamp */
|
2001-06-11 12:39:29 +00:00
|
|
|
ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr;
|
|
|
|
ia->ia_addr.sin6_family = AF_INET6;
|
|
|
|
ia->ia_addr.sin6_len = sizeof(ia->ia_addr);
|
2005-10-21 16:23:01 +00:00
|
|
|
ia->ia6_createtime = time_second;
|
2001-06-11 12:39:29 +00:00
|
|
|
if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) {
|
|
|
|
/*
|
|
|
|
* XXX: some functions expect that ifa_dstaddr is not
|
|
|
|
* NULL for p2p interfaces.
|
|
|
|
*/
|
2003-10-07 17:46:18 +00:00
|
|
|
ia->ia_ifa.ifa_dstaddr =
|
|
|
|
(struct sockaddr *)&ia->ia_dstaddr;
|
2001-06-11 12:39:29 +00:00
|
|
|
} else {
|
|
|
|
ia->ia_ifa.ifa_dstaddr = NULL;
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
2002-12-18 11:46:59 +00:00
|
|
|
ia->ia_ifa.ifa_netmask = (struct sockaddr *)&ia->ia_prefixmask;
|
2001-06-11 12:39:29 +00:00
|
|
|
|
|
|
|
ia->ia_ifp = ifp;
|
Commit step 1 of the vimage project, (network stack)
virtualization work done by Marko Zec (zec@).
This is the first in a series of commits over the course
of the next few weeks.
Mark all uses of global variables to be virtualized
with a V_ prefix.
Use macros to map them back to their global names for
now, so this is a NOP change only.
We hope to have caught at least 85-90% of what is needed
so we do not invalidate a lot of outstanding patches again.
Obtained from: //depot/projects/vimage-commit2/...
Reviewed by: brooks, des, ed, mav, julian,
jamie, kris, rwatson, zec, ...
(various people I forgot, different versions)
md5 (with a bit of help)
Sponsored by: NLnet Foundation, The FreeBSD Foundation
X-MFC after: never
V_Commit_Message_Reviewed_By: more people than the patch
2008-08-17 23:27:27 +00:00
|
|
|
if ((oia = V_in6_ifaddr) != NULL) {
|
2001-06-11 12:39:29 +00:00
|
|
|
for ( ; oia->ia_next; oia = oia->ia_next)
|
|
|
|
continue;
|
|
|
|
oia->ia_next = ia;
|
|
|
|
} else
|
Commit step 1 of the vimage project, (network stack)
virtualization work done by Marko Zec (zec@).
This is the first in a series of commits over the course
of the next few weeks.
Mark all uses of global variables to be virtualized
with a V_ prefix.
Use macros to map them back to their global names for
now, so this is a NOP change only.
We hope to have caught at least 85-90% of what is needed
so we do not invalidate a lot of outstanding patches again.
Obtained from: //depot/projects/vimage-commit2/...
Reviewed by: brooks, des, ed, mav, julian,
jamie, kris, rwatson, zec, ...
(various people I forgot, different versions)
md5 (with a bit of help)
Sponsored by: NLnet Foundation, The FreeBSD Foundation
X-MFC after: never
V_Commit_Message_Reviewed_By: more people than the patch
2008-08-17 23:27:27 +00:00
|
|
|
V_in6_ifaddr = ia;
|
2001-06-11 12:39:29 +00:00
|
|
|
|
2009-04-20 16:05:16 +00:00
|
|
|
IF_ADDR_LOCK(ifp);
|
2009-04-20 22:45:21 +00:00
|
|
|
TAILQ_INSERT_TAIL(&ifp->if_addrhead, &ia->ia_ifa, ifa_link);
|
2009-04-20 16:05:16 +00:00
|
|
|
IF_ADDR_UNLOCK(ifp);
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
|
|
|
|
2005-10-21 16:23:01 +00:00
|
|
|
/* update timestamp */
|
|
|
|
ia->ia6_updatetime = time_second;
|
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
/* set prefix mask */
|
|
|
|
if (ifra->ifra_prefixmask.sin6_len) {
|
|
|
|
/*
|
|
|
|
* We prohibit changing the prefix length of an existing
|
|
|
|
* address, because
|
|
|
|
* + such an operation should be rare in IPv6, and
|
|
|
|
* + the operation would confuse prefix management.
|
|
|
|
*/
|
|
|
|
if (ia->ia_prefixmask.sin6_len &&
|
|
|
|
in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) {
|
2003-11-04 14:09:37 +00:00
|
|
|
nd6log((LOG_INFO, "in6_update_ifa: the prefix length of an"
|
2001-06-11 12:39:29 +00:00
|
|
|
" existing (%s) address should not be changed\n",
|
2006-12-12 12:17:58 +00:00
|
|
|
ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
|
2001-06-11 12:39:29 +00:00
|
|
|
error = EINVAL;
|
|
|
|
goto unlink;
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
2001-06-11 12:39:29 +00:00
|
|
|
ia->ia_prefixmask = ifra->ifra_prefixmask;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If a new destination address is specified, scrub the old one and
|
|
|
|
* install the new destination. Note that the interface must be
|
2003-10-07 17:46:18 +00:00
|
|
|
* p2p or loopback (see the check above.)
|
2001-06-11 12:39:29 +00:00
|
|
|
*/
|
|
|
|
if (dst6.sin6_family == AF_INET6 &&
|
2003-10-07 17:46:18 +00:00
|
|
|
!IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, &ia->ia_dstaddr.sin6_addr)) {
|
2001-06-11 12:39:29 +00:00
|
|
|
int e;
|
|
|
|
|
|
|
|
if ((ia->ia_flags & IFA_ROUTE) != 0 &&
|
2003-10-07 17:46:18 +00:00
|
|
|
(e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) != 0) {
|
2003-11-04 14:09:37 +00:00
|
|
|
nd6log((LOG_ERR, "in6_update_ifa: failed to remove "
|
2001-06-11 12:39:29 +00:00
|
|
|
"a route to the old destination: %s\n",
|
2006-12-12 12:17:58 +00:00
|
|
|
ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
|
2001-06-11 12:39:29 +00:00
|
|
|
/* proceed anyway... */
|
2003-10-07 17:46:18 +00:00
|
|
|
} else
|
2001-06-11 12:39:29 +00:00
|
|
|
ia->ia_flags &= ~IFA_ROUTE;
|
|
|
|
ia->ia_dstaddr = dst6;
|
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2005-07-25 12:31:43 +00:00
|
|
|
/*
|
|
|
|
* Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred
|
|
|
|
* to see if the address is deprecated or invalidated, but initialize
|
|
|
|
* these members for applications.
|
|
|
|
*/
|
|
|
|
ia->ia6_lifetime = ifra->ifra_lifetime;
|
|
|
|
if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
|
|
|
|
ia->ia6_lifetime.ia6t_expire =
|
|
|
|
time_second + ia->ia6_lifetime.ia6t_vltime;
|
|
|
|
} else
|
|
|
|
ia->ia6_lifetime.ia6t_expire = 0;
|
|
|
|
if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
|
|
|
|
ia->ia6_lifetime.ia6t_preferred =
|
|
|
|
time_second + ia->ia6_lifetime.ia6t_pltime;
|
|
|
|
} else
|
|
|
|
ia->ia6_lifetime.ia6t_preferred = 0;
|
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
/* reset the interface and routing table appropriately. */
|
|
|
|
if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0)
|
|
|
|
goto unlink;
|
|
|
|
|
2005-07-25 12:31:43 +00:00
|
|
|
/*
|
|
|
|
* configure address flags.
|
|
|
|
*/
|
|
|
|
ia->ia6_flags = ifra->ifra_flags;
|
|
|
|
/*
|
|
|
|
* backward compatibility - if IN6_IFF_DEPRECATED is set from the
|
|
|
|
* userland, make it deprecated.
|
|
|
|
*/
|
|
|
|
if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) {
|
|
|
|
ia->ia6_lifetime.ia6t_pltime = 0;
|
|
|
|
ia->ia6_lifetime.ia6t_preferred = time_second;
|
|
|
|
}
|
|
|
|
/*
|
2005-10-21 16:23:01 +00:00
|
|
|
* Make the address tentative before joining multicast addresses,
|
|
|
|
* so that corresponding MLD responses would not have a tentative
|
|
|
|
* source address.
|
2005-07-25 12:31:43 +00:00
|
|
|
*/
|
2005-10-21 16:23:01 +00:00
|
|
|
ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */
|
|
|
|
if (hostIsNew && in6if_do_dad(ifp))
|
2005-07-25 12:31:43 +00:00
|
|
|
ia->ia6_flags |= IN6_IFF_TENTATIVE;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* We are done if we have simply modified an existing address.
|
|
|
|
*/
|
|
|
|
if (!hostIsNew)
|
|
|
|
return (error);
|
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
/*
|
|
|
|
* Beyond this point, we should call in6_purgeaddr upon an error,
|
2003-10-07 17:46:18 +00:00
|
|
|
* not just go to unlink.
|
2001-06-11 12:39:29 +00:00
|
|
|
*/
|
|
|
|
|
2005-10-19 10:09:19 +00:00
|
|
|
/* Join necessary multicast groups */
|
2005-10-21 16:23:01 +00:00
|
|
|
in6m_sol = NULL;
|
2001-06-11 12:39:29 +00:00
|
|
|
if ((ifp->if_flags & IFF_MULTICAST) != 0) {
|
|
|
|
struct sockaddr_in6 mltaddr, mltmask;
|
2005-07-25 12:31:43 +00:00
|
|
|
struct in6_addr llsol;
|
2001-06-11 12:39:29 +00:00
|
|
|
|
2005-07-25 12:31:43 +00:00
|
|
|
/* join solicited multicast addr for new host id */
|
|
|
|
bzero(&llsol, sizeof(struct in6_addr));
|
2005-10-19 10:09:19 +00:00
|
|
|
llsol.s6_addr32[0] = IPV6_ADDR_INT32_MLL;
|
2005-07-25 12:31:43 +00:00
|
|
|
llsol.s6_addr32[1] = 0;
|
|
|
|
llsol.s6_addr32[2] = htonl(1);
|
|
|
|
llsol.s6_addr32[3] = ifra->ifra_addr.sin6_addr.s6_addr32[3];
|
|
|
|
llsol.s6_addr8[12] = 0xff;
|
|
|
|
if ((error = in6_setscope(&llsol, ifp, NULL)) != 0) {
|
|
|
|
/* XXX: should not happen */
|
|
|
|
log(LOG_ERR, "in6_update_ifa: "
|
|
|
|
"in6_setscope failed\n");
|
|
|
|
goto cleanup;
|
|
|
|
}
|
2005-10-21 16:23:01 +00:00
|
|
|
delay = 0;
|
|
|
|
if ((flags & IN6_IFAUPDATE_DADDELAY)) {
|
|
|
|
/*
|
|
|
|
* We need a random delay for DAD on the address
|
|
|
|
* being configured. It also means delaying
|
|
|
|
* transmission of the corresponding MLD report to
|
|
|
|
* avoid report collision.
|
|
|
|
* [draft-ietf-ipv6-rfc2462bis-02.txt]
|
|
|
|
*/
|
|
|
|
delay = arc4random() %
|
|
|
|
(MAX_RTR_SOLICITATION_DELAY * hz);
|
|
|
|
}
|
|
|
|
imm = in6_joingroup(ifp, &llsol, &error, delay);
|
2007-06-02 08:02:36 +00:00
|
|
|
if (imm == NULL) {
|
2005-07-25 12:31:43 +00:00
|
|
|
nd6log((LOG_WARNING,
|
|
|
|
"in6_update_ifa: addmulti failed for "
|
|
|
|
"%s on %s (errno=%d)\n",
|
2006-12-12 12:17:58 +00:00
|
|
|
ip6_sprintf(ip6buf, &llsol), if_name(ifp),
|
2005-07-25 12:31:43 +00:00
|
|
|
error));
|
2005-10-21 16:23:01 +00:00
|
|
|
in6_purgeaddr((struct ifaddr *)ia);
|
|
|
|
return (error);
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
2007-06-02 08:02:36 +00:00
|
|
|
LIST_INSERT_HEAD(&ia->ia6_memberships,
|
|
|
|
imm, i6mm_chain);
|
2005-10-21 16:23:01 +00:00
|
|
|
in6m_sol = imm->i6mm_maddr;
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
bzero(&mltmask, sizeof(mltmask));
|
|
|
|
mltmask.sin6_len = sizeof(struct sockaddr_in6);
|
|
|
|
mltmask.sin6_family = AF_INET6;
|
|
|
|
mltmask.sin6_addr = in6mask32;
|
2005-10-19 10:09:19 +00:00
|
|
|
#define MLTMASK_LEN 4 /* mltmask's masklen (=32bit=4octet) */
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2001-01-18 06:07:53 +00:00
|
|
|
/*
|
2001-06-11 12:39:29 +00:00
|
|
|
* join link-local all-nodes address
|
2001-01-18 06:07:53 +00:00
|
|
|
*/
|
2001-06-11 12:39:29 +00:00
|
|
|
bzero(&mltaddr, sizeof(mltaddr));
|
|
|
|
mltaddr.sin6_len = sizeof(struct sockaddr_in6);
|
|
|
|
mltaddr.sin6_family = AF_INET6;
|
|
|
|
mltaddr.sin6_addr = in6addr_linklocal_allnodes;
|
2005-07-25 12:31:43 +00:00
|
|
|
if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) !=
|
|
|
|
0)
|
|
|
|
goto cleanup; /* XXX: should not fail */
|
|
|
|
|
2005-10-21 16:23:01 +00:00
|
|
|
/*
|
|
|
|
* XXX: do we really need this automatic routes?
|
|
|
|
* We should probably reconsider this stuff. Most applications
|
|
|
|
* actually do not need the routes, since they usually specify
|
|
|
|
* the outgoing interface.
|
|
|
|
*/
|
|
|
|
rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL);
|
|
|
|
if (rt) {
|
|
|
|
/* XXX: only works in !SCOPEDROUTING case. */
|
|
|
|
if (memcmp(&mltaddr.sin6_addr,
|
|
|
|
&((struct sockaddr_in6 *)rt_key(rt))->sin6_addr,
|
|
|
|
MLTMASK_LEN)) {
|
|
|
|
RTFREE_LOCKED(rt);
|
|
|
|
rt = NULL;
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
|
|
|
}
|
2005-10-21 16:23:01 +00:00
|
|
|
if (!rt) {
|
|
|
|
error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr,
|
|
|
|
(struct sockaddr *)&ia->ia_addr,
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
(struct sockaddr *)&mltmask, RTF_UP,
|
2005-10-21 16:23:01 +00:00
|
|
|
(struct rtentry **)0);
|
|
|
|
if (error)
|
|
|
|
goto cleanup;
|
|
|
|
} else {
|
|
|
|
RTFREE_LOCKED(rt);
|
|
|
|
}
|
|
|
|
|
|
|
|
imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0);
|
|
|
|
if (!imm) {
|
|
|
|
nd6log((LOG_WARNING,
|
|
|
|
"in6_update_ifa: addmulti failed for "
|
|
|
|
"%s on %s (errno=%d)\n",
|
2006-12-12 12:17:58 +00:00
|
|
|
ip6_sprintf(ip6buf, &mltaddr.sin6_addr),
|
2005-10-21 16:23:01 +00:00
|
|
|
if_name(ifp), error));
|
|
|
|
goto cleanup;
|
|
|
|
}
|
2007-06-02 08:02:36 +00:00
|
|
|
LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
|
2001-01-18 06:07:53 +00:00
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
/*
|
2001-06-11 12:39:29 +00:00
|
|
|
* join node information group address
|
1999-11-22 02:45:11 +00:00
|
|
|
*/
|
2005-10-21 16:23:01 +00:00
|
|
|
delay = 0;
|
|
|
|
if ((flags & IN6_IFAUPDATE_DADDELAY)) {
|
|
|
|
/*
|
|
|
|
* The spec doesn't say anything about delay for this
|
|
|
|
* group, but the same logic should apply.
|
|
|
|
*/
|
|
|
|
delay = arc4random() %
|
|
|
|
(MAX_RTR_SOLICITATION_DELAY * hz);
|
|
|
|
}
|
2009-05-27 14:11:23 +00:00
|
|
|
if (in6_nigroup(ifp, NULL, -1, &mltaddr.sin6_addr) == 0) {
|
2005-10-21 16:23:01 +00:00
|
|
|
imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error,
|
|
|
|
delay); /* XXX jinmei */
|
|
|
|
if (!imm) {
|
|
|
|
nd6log((LOG_WARNING, "in6_update_ifa: "
|
|
|
|
"addmulti failed for %s on %s "
|
|
|
|
"(errno=%d)\n",
|
2006-12-12 12:17:58 +00:00
|
|
|
ip6_sprintf(ip6buf, &mltaddr.sin6_addr),
|
2005-10-21 16:23:01 +00:00
|
|
|
if_name(ifp), error));
|
|
|
|
/* XXX not very fatal, go on... */
|
2007-06-02 08:02:36 +00:00
|
|
|
} else {
|
|
|
|
LIST_INSERT_HEAD(&ia->ia6_memberships,
|
|
|
|
imm, i6mm_chain);
|
2000-07-04 16:35:15 +00:00
|
|
|
}
|
2009-05-27 14:11:23 +00:00
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
/*
|
2005-07-25 12:31:43 +00:00
|
|
|
* join interface-local all-nodes address.
|
|
|
|
* (ff01::1%ifN, and ff01::%ifN/32)
|
2001-06-11 12:39:29 +00:00
|
|
|
*/
|
2005-07-25 12:31:43 +00:00
|
|
|
mltaddr.sin6_addr = in6addr_nodelocal_allnodes;
|
|
|
|
if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL))
|
|
|
|
!= 0)
|
|
|
|
goto cleanup; /* XXX: should not fail */
|
|
|
|
/* XXX: again, do we really need the route? */
|
|
|
|
rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL);
|
|
|
|
if (rt) {
|
|
|
|
if (memcmp(&mltaddr.sin6_addr,
|
|
|
|
&((struct sockaddr_in6 *)rt_key(rt))->sin6_addr,
|
2005-10-19 10:09:19 +00:00
|
|
|
MLTMASK_LEN)) {
|
2005-07-25 12:31:43 +00:00
|
|
|
RTFREE_LOCKED(rt);
|
|
|
|
rt = NULL;
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
2005-07-25 12:31:43 +00:00
|
|
|
if (!rt) {
|
|
|
|
error = rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr,
|
|
|
|
(struct sockaddr *)&ia->ia_addr,
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
(struct sockaddr *)&mltmask, RTF_UP,
|
2005-07-25 12:31:43 +00:00
|
|
|
(struct rtentry **)0);
|
|
|
|
if (error)
|
|
|
|
goto cleanup;
|
|
|
|
} else
|
|
|
|
RTFREE_LOCKED(rt);
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2005-10-21 16:23:01 +00:00
|
|
|
imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0);
|
|
|
|
if (!imm) {
|
|
|
|
nd6log((LOG_WARNING, "in6_update_ifa: "
|
|
|
|
"addmulti failed for %s on %s "
|
|
|
|
"(errno=%d)\n",
|
2006-12-12 12:17:58 +00:00
|
|
|
ip6_sprintf(ip6buf, &mltaddr.sin6_addr),
|
2005-10-21 16:23:01 +00:00
|
|
|
if_name(ifp), error));
|
|
|
|
goto cleanup;
|
|
|
|
}
|
2007-06-02 08:02:36 +00:00
|
|
|
LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
|
2005-10-19 10:09:19 +00:00
|
|
|
#undef MLTMASK_LEN
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
2001-06-11 12:39:29 +00:00
|
|
|
|
2005-10-21 16:23:01 +00:00
|
|
|
/*
|
|
|
|
* Perform DAD, if needed.
|
|
|
|
* XXX It may be of use, if we can administratively
|
|
|
|
* disable DAD.
|
|
|
|
*/
|
|
|
|
if (hostIsNew && in6if_do_dad(ifp) &&
|
|
|
|
((ifra->ifra_flags & IN6_IFF_NODAD) == 0) &&
|
|
|
|
(ia->ia6_flags & IN6_IFF_TENTATIVE))
|
|
|
|
{
|
|
|
|
int mindelay, maxdelay;
|
|
|
|
|
|
|
|
delay = 0;
|
|
|
|
if ((flags & IN6_IFAUPDATE_DADDELAY)) {
|
|
|
|
/*
|
|
|
|
* We need to impose a delay before sending an NS
|
|
|
|
* for DAD. Check if we also needed a delay for the
|
|
|
|
* corresponding MLD message. If we did, the delay
|
|
|
|
* should be larger than the MLD delay (this could be
|
|
|
|
* relaxed a bit, but this simple logic is at least
|
|
|
|
* safe).
|
Bite the bullet, and make the IPv6 SSM and MLDv2 mega-commit:
import from p4 bms_netdev. Summary of changes:
* Connect netinet6/in6_mcast.c to build.
The legacy KAME KPIs are mostly preserved.
* Eliminate now dead code from ip6_output.c.
Don't do mbuf bingo, we are not going to do RFC 2292 style
CMSG tricks for multicast options as they are not required
by any current IPv6 normative reference.
* Refactor transports (UDP, raw_ip6) to do own mcast filtering.
SCTP, TCP unaffected by this change.
* Add ip6_msource, in6_msource structs to in6_var.h.
* Hookup mld_ifinfo state to in6_ifextra, allocate from
domifattach path.
* Eliminate IN6_LOOKUP_MULTI(), it is no longer referenced.
Kernel consumers which need this should use in6m_lookup().
* Refactor IPv6 socket group memberships to use a vector (like IPv4).
* Update ifmcstat(8) for IPv6 SSM.
* Add witness lock order for IN6_MULTI_LOCK.
* Move IN6_MULTI_LOCK out of lower ip6_output()/ip6_input() paths.
* Introduce IP6STAT_ADD/SUB/INC/DEC as per rwatson's IPv4 cleanup.
* Update carp(4) for new IPv6 SSM KPIs.
* Virtualize ip6_mrouter socket.
Changes mostly localized to IPv6 MROUTING.
* Don't do a local group lookup in MROUTING.
* Kill unused KAME prototypes in6_purgemkludge(), in6_restoremkludge().
* Preserve KAME DAD timer jitter behaviour in MLDv1 compatibility mode.
* Bump __FreeBSD_version to 800084.
* Update UPDATING.
NOTE WELL:
* This code hasn't been tested against real MLDv2 queriers
(yet), although the on-wire protocol has been verified in Wireshark.
* There are a few unresolved issues in the socket layer APIs to
do with scope ID propagation.
* There is a LOR present in ip6_output()'s use of
in6_setscope() which needs to be resolved. See comments in mld6.c.
This is believed to be benign and can't be avoided for the moment
without re-introducing an indirect netisr.
This work was mostly derived from the IGMPv3 implementation, and
has been sponsored by a third party.
2009-04-29 19:19:13 +00:00
|
|
|
* XXX: Break data hiding guidelines and look at
|
|
|
|
* state for the solicited multicast group.
|
2005-10-21 16:23:01 +00:00
|
|
|
*/
|
|
|
|
mindelay = 0;
|
|
|
|
if (in6m_sol != NULL &&
|
Bite the bullet, and make the IPv6 SSM and MLDv2 mega-commit:
import from p4 bms_netdev. Summary of changes:
* Connect netinet6/in6_mcast.c to build.
The legacy KAME KPIs are mostly preserved.
* Eliminate now dead code from ip6_output.c.
Don't do mbuf bingo, we are not going to do RFC 2292 style
CMSG tricks for multicast options as they are not required
by any current IPv6 normative reference.
* Refactor transports (UDP, raw_ip6) to do own mcast filtering.
SCTP, TCP unaffected by this change.
* Add ip6_msource, in6_msource structs to in6_var.h.
* Hookup mld_ifinfo state to in6_ifextra, allocate from
domifattach path.
* Eliminate IN6_LOOKUP_MULTI(), it is no longer referenced.
Kernel consumers which need this should use in6m_lookup().
* Refactor IPv6 socket group memberships to use a vector (like IPv4).
* Update ifmcstat(8) for IPv6 SSM.
* Add witness lock order for IN6_MULTI_LOCK.
* Move IN6_MULTI_LOCK out of lower ip6_output()/ip6_input() paths.
* Introduce IP6STAT_ADD/SUB/INC/DEC as per rwatson's IPv4 cleanup.
* Update carp(4) for new IPv6 SSM KPIs.
* Virtualize ip6_mrouter socket.
Changes mostly localized to IPv6 MROUTING.
* Don't do a local group lookup in MROUTING.
* Kill unused KAME prototypes in6_purgemkludge(), in6_restoremkludge().
* Preserve KAME DAD timer jitter behaviour in MLDv1 compatibility mode.
* Bump __FreeBSD_version to 800084.
* Update UPDATING.
NOTE WELL:
* This code hasn't been tested against real MLDv2 queriers
(yet), although the on-wire protocol has been verified in Wireshark.
* There are a few unresolved issues in the socket layer APIs to
do with scope ID propagation.
* There is a LOR present in ip6_output()'s use of
in6_setscope() which needs to be resolved. See comments in mld6.c.
This is believed to be benign and can't be avoided for the moment
without re-introducing an indirect netisr.
This work was mostly derived from the IGMPv3 implementation, and
has been sponsored by a third party.
2009-04-29 19:19:13 +00:00
|
|
|
in6m_sol->in6m_state == MLD_REPORTING_MEMBER) {
|
2005-10-21 16:23:01 +00:00
|
|
|
mindelay = in6m_sol->in6m_timer;
|
|
|
|
}
|
|
|
|
maxdelay = MAX_RTR_SOLICITATION_DELAY * hz;
|
|
|
|
if (maxdelay - mindelay == 0)
|
|
|
|
delay = 0;
|
|
|
|
else {
|
|
|
|
delay =
|
|
|
|
(arc4random() % (maxdelay - mindelay)) +
|
|
|
|
mindelay;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
nd6_dad_start((struct ifaddr *)ia, delay);
|
|
|
|
}
|
|
|
|
|
2003-10-06 14:02:09 +00:00
|
|
|
return (error);
|
2001-06-11 12:39:29 +00:00
|
|
|
|
|
|
|
unlink:
|
|
|
|
/*
|
|
|
|
* XXX: if a change of an existing address failed, keep the entry
|
|
|
|
* anyway.
|
|
|
|
*/
|
|
|
|
if (hostIsNew)
|
|
|
|
in6_unlink_ifa(ia, ifp);
|
2003-10-06 14:02:09 +00:00
|
|
|
return (error);
|
2005-07-25 12:31:43 +00:00
|
|
|
|
|
|
|
cleanup:
|
|
|
|
in6_purgeaddr(&ia->ia_ifa);
|
|
|
|
return error;
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
2000-07-04 16:35:15 +00:00
|
|
|
void
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_purgeaddr(struct ifaddr *ifa)
|
2000-07-04 16:35:15 +00:00
|
|
|
{
|
2001-06-11 12:39:29 +00:00
|
|
|
struct ifnet *ifp = ifa->ifa_ifp;
|
|
|
|
struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa;
|
2007-06-02 08:02:36 +00:00
|
|
|
struct in6_multi_mship *imm;
|
2009-05-18 02:25:45 +00:00
|
|
|
struct sockaddr_in6 mltaddr, mltmask;
|
|
|
|
struct rtentry rt0;
|
|
|
|
struct sockaddr_dl gateway;
|
|
|
|
struct sockaddr_in6 mask, addr;
|
|
|
|
int plen, error;
|
|
|
|
struct rtentry *rt;
|
|
|
|
struct ifaddr *ifa0, *nifa;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* find another IPv6 address as the gateway for the
|
|
|
|
* link-local and node-local all-nodes multicast
|
|
|
|
* address routes
|
|
|
|
*/
|
|
|
|
TAILQ_FOREACH_SAFE(ifa0, &ifp->if_addrhead, ifa_link, nifa) {
|
|
|
|
if ((ifa0->ifa_addr->sa_family != AF_INET6) ||
|
|
|
|
memcmp(&satosin6(ifa0->ifa_addr)->sin6_addr,
|
|
|
|
&ia->ia_addr.sin6_addr,
|
|
|
|
sizeof(struct in6_addr)) == 0)
|
|
|
|
continue;
|
|
|
|
else
|
|
|
|
break;
|
|
|
|
}
|
2000-07-04 16:35:15 +00:00
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
/* stop DAD processing */
|
|
|
|
nd6_dad_stop(ifa);
|
|
|
|
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
IF_AFDATA_LOCK(ifp);
|
|
|
|
lla_lookup(LLTABLE6(ifp), (LLE_DELETE | LLE_IFADDR),
|
|
|
|
(struct sockaddr *)&ia->ia_addr);
|
|
|
|
IF_AFDATA_UNLOCK(ifp);
|
2009-05-18 02:25:45 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* initialize for rtmsg generation
|
|
|
|
*/
|
|
|
|
bzero(&gateway, sizeof(gateway));
|
|
|
|
gateway.sdl_len = sizeof(gateway);
|
|
|
|
gateway.sdl_family = AF_LINK;
|
|
|
|
gateway.sdl_nlen = 0;
|
|
|
|
gateway.sdl_alen = ifp->if_addrlen;
|
|
|
|
/* */
|
|
|
|
bzero(&rt0, sizeof(rt0));
|
|
|
|
rt0.rt_gateway = (struct sockaddr *)&gateway;
|
|
|
|
memcpy(&mask, &ia->ia_prefixmask, sizeof(ia->ia_prefixmask));
|
|
|
|
memcpy(&addr, &ia->ia_addr, sizeof(ia->ia_addr));
|
|
|
|
rt_mask(&rt0) = (struct sockaddr *)&mask;
|
|
|
|
rt_key(&rt0) = (struct sockaddr *)&addr;
|
|
|
|
rt0.rt_flags = RTF_HOST | RTF_STATIC;
|
|
|
|
rt_newaddrmsg(RTM_DELETE, ifa, 0, &rt0);
|
|
|
|
|
2007-06-02 08:02:36 +00:00
|
|
|
/*
|
|
|
|
* leave from multicast groups we have joined for the interface
|
|
|
|
*/
|
|
|
|
while ((imm = ia->ia6_memberships.lh_first) != NULL) {
|
|
|
|
LIST_REMOVE(imm, i6mm_chain);
|
|
|
|
in6_leavegroup(imm);
|
2000-07-04 16:35:15 +00:00
|
|
|
}
|
|
|
|
|
2009-05-18 02:25:45 +00:00
|
|
|
/*
|
|
|
|
* remove the link-local all-nodes address
|
|
|
|
*/
|
|
|
|
bzero(&mltmask, sizeof(mltmask));
|
|
|
|
mltmask.sin6_len = sizeof(struct sockaddr_in6);
|
|
|
|
mltmask.sin6_family = AF_INET6;
|
|
|
|
mltmask.sin6_addr = in6mask32;
|
|
|
|
|
|
|
|
bzero(&mltaddr, sizeof(mltaddr));
|
|
|
|
mltaddr.sin6_len = sizeof(struct sockaddr_in6);
|
|
|
|
mltaddr.sin6_family = AF_INET6;
|
|
|
|
mltaddr.sin6_addr = in6addr_linklocal_allnodes;
|
|
|
|
|
|
|
|
if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) !=
|
|
|
|
0)
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL);
|
|
|
|
if (rt != NULL && rt->rt_gateway != NULL &&
|
|
|
|
(memcmp(&satosin6(rt->rt_gateway)->sin6_addr,
|
|
|
|
&ia->ia_addr.sin6_addr,
|
|
|
|
sizeof(ia->ia_addr.sin6_addr)) == 0)) {
|
|
|
|
/*
|
|
|
|
* if no more IPv6 address exists on this interface
|
|
|
|
* then remove the multicast address route
|
|
|
|
*/
|
|
|
|
if (ifa0 == NULL) {
|
|
|
|
memcpy(&mltaddr.sin6_addr, &satosin6(rt_key(rt))->sin6_addr,
|
|
|
|
sizeof(mltaddr.sin6_addr));
|
|
|
|
RTFREE_LOCKED(rt);
|
|
|
|
error = rtrequest(RTM_DELETE, (struct sockaddr *)&mltaddr,
|
|
|
|
(struct sockaddr *)&ia->ia_addr,
|
|
|
|
(struct sockaddr *)&mltmask, RTF_UP,
|
|
|
|
(struct rtentry **)0);
|
|
|
|
if (error)
|
|
|
|
log(LOG_INFO, "in6_purgeaddr: link-local all-nodes"
|
|
|
|
"multicast address deletion error\n");
|
|
|
|
} else {
|
|
|
|
/*
|
|
|
|
* replace the gateway of the route
|
|
|
|
*/
|
|
|
|
struct sockaddr_in6 sa;
|
|
|
|
|
|
|
|
bzero(&sa, sizeof(sa));
|
|
|
|
sa.sin6_len = sizeof(struct sockaddr_in6);
|
|
|
|
sa.sin6_family = AF_INET6;
|
|
|
|
memcpy(&sa.sin6_addr, &satosin6(ifa0->ifa_addr)->sin6_addr,
|
|
|
|
sizeof(sa.sin6_addr));
|
|
|
|
in6_setscope(&sa.sin6_addr, ifa0->ifa_ifp, NULL);
|
|
|
|
memcpy(rt->rt_gateway, &sa, sizeof(sa));
|
|
|
|
RTFREE_LOCKED(rt);
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
if (rt != NULL)
|
|
|
|
RTFREE_LOCKED(rt);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* remove the node-local all-nodes address
|
|
|
|
*/
|
|
|
|
mltaddr.sin6_addr = in6addr_nodelocal_allnodes;
|
|
|
|
if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) !=
|
|
|
|
0)
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
rt = rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL);
|
|
|
|
if (rt != NULL && rt->rt_gateway != NULL &&
|
|
|
|
(memcmp(&satosin6(rt->rt_gateway)->sin6_addr,
|
|
|
|
&ia->ia_addr.sin6_addr,
|
|
|
|
sizeof(ia->ia_addr.sin6_addr)) == 0)) {
|
|
|
|
/*
|
|
|
|
* if no more IPv6 address exists on this interface
|
|
|
|
* then remove the multicast address route
|
|
|
|
*/
|
|
|
|
if (ifa0 == NULL) {
|
|
|
|
memcpy(&mltaddr.sin6_addr, &satosin6(rt_key(rt))->sin6_addr,
|
|
|
|
sizeof(mltaddr.sin6_addr));
|
|
|
|
|
|
|
|
RTFREE_LOCKED(rt);
|
|
|
|
error = rtrequest(RTM_DELETE, (struct sockaddr *)&mltaddr,
|
|
|
|
(struct sockaddr *)&ia->ia_addr,
|
|
|
|
(struct sockaddr *)&mltmask, RTF_UP,
|
|
|
|
(struct rtentry **)0);
|
|
|
|
|
|
|
|
if (error)
|
|
|
|
log(LOG_INFO, "in6_purgeaddr: node-local all-nodes"
|
|
|
|
"multicast address deletion error\n");
|
|
|
|
} else {
|
|
|
|
/*
|
|
|
|
* replace the gateway of the route
|
|
|
|
*/
|
|
|
|
struct sockaddr_in6 sa;
|
|
|
|
|
|
|
|
bzero(&sa, sizeof(sa));
|
|
|
|
sa.sin6_len = sizeof(struct sockaddr_in6);
|
|
|
|
sa.sin6_family = AF_INET6;
|
|
|
|
memcpy(&sa.sin6_addr, &satosin6(ifa0->ifa_addr)->sin6_addr,
|
|
|
|
sizeof(sa.sin6_addr));
|
|
|
|
in6_setscope(&sa.sin6_addr, ifa0->ifa_ifp, NULL);
|
|
|
|
memcpy(rt->rt_gateway, &sa, sizeof(sa));
|
|
|
|
RTFREE_LOCKED(rt);
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
if (rt != NULL)
|
|
|
|
RTFREE_LOCKED(rt);
|
|
|
|
}
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
|
|
|
plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */
|
|
|
|
if ((ia->ia_flags & IFA_ROUTE) && plen == 128) {
|
|
|
|
int error;
|
|
|
|
struct sockaddr *dstaddr;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* use the interface address if configuring an
|
|
|
|
* interface address with a /128 prefix len
|
|
|
|
*/
|
|
|
|
if (ia->ia_dstaddr.sin6_family == AF_INET6)
|
|
|
|
dstaddr = (struct sockaddr *)&ia->ia_dstaddr;
|
|
|
|
else
|
|
|
|
dstaddr = (struct sockaddr *)&ia->ia_addr;
|
|
|
|
|
|
|
|
error = rtrequest(RTM_DELETE,
|
|
|
|
(struct sockaddr *)dstaddr,
|
|
|
|
(struct sockaddr *)&ia->ia_addr,
|
|
|
|
(struct sockaddr *)&ia->ia_prefixmask,
|
|
|
|
ia->ia_flags | RTF_HOST, NULL);
|
|
|
|
if (error != 0)
|
|
|
|
return;
|
|
|
|
ia->ia_flags &= ~IFA_ROUTE;
|
|
|
|
}
|
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
in6_unlink_ifa(ia, ifp);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp)
|
2001-06-11 12:39:29 +00:00
|
|
|
{
|
Step 1.5 of importing the network stack virtualization infrastructure
from the vimage project, as per plan established at devsummit 08/08:
http://wiki.freebsd.org/Image/Notes200808DevSummit
Introduce INIT_VNET_*() initializer macros, VNET_FOREACH() iterator
macros, and CURVNET_SET() context setting macros, all currently
resolving to NOPs.
Prepare for virtualization of selected SYSCTL objects by introducing a
family of SYSCTL_V_*() macros, currently resolving to their global
counterparts, i.e. SYSCTL_V_INT() == SYSCTL_INT().
Move selected #defines from sys/sys/vimage.h to newly introduced header
files specific to virtualized subsystems (sys/net/vnet.h,
sys/netinet/vinet.h etc.).
All the changes are verified to have zero functional impact at this
point in time by doing MD5 comparision between pre- and post-change
object files(*).
(*) netipsec/keysock.c did not validate depending on compile time options.
Implemented by: julian, bz, brooks, zec
Reviewed by: julian, bz, brooks, kris, rwatson, ...
Approved by: julian (mentor)
Obtained from: //depot/projects/vimage-commit2/...
X-MFC after: never
Sponsored by: NLnet Foundation, The FreeBSD Foundation
2008-10-02 15:37:58 +00:00
|
|
|
INIT_VNET_INET6(ifp->if_vnet);
|
2001-06-11 12:39:29 +00:00
|
|
|
struct in6_ifaddr *oia;
|
|
|
|
int s = splnet();
|
|
|
|
|
2009-04-20 16:05:16 +00:00
|
|
|
IF_ADDR_LOCK(ifp);
|
2009-04-20 22:45:21 +00:00
|
|
|
TAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifa_link);
|
2009-04-20 16:05:16 +00:00
|
|
|
IF_ADDR_UNLOCK(ifp);
|
2000-07-04 16:35:15 +00:00
|
|
|
|
|
|
|
oia = ia;
|
Commit step 1 of the vimage project, (network stack)
virtualization work done by Marko Zec (zec@).
This is the first in a series of commits over the course
of the next few weeks.
Mark all uses of global variables to be virtualized
with a V_ prefix.
Use macros to map them back to their global names for
now, so this is a NOP change only.
We hope to have caught at least 85-90% of what is needed
so we do not invalidate a lot of outstanding patches again.
Obtained from: //depot/projects/vimage-commit2/...
Reviewed by: brooks, des, ed, mav, julian,
jamie, kris, rwatson, zec, ...
(various people I forgot, different versions)
md5 (with a bit of help)
Sponsored by: NLnet Foundation, The FreeBSD Foundation
X-MFC after: never
V_Commit_Message_Reviewed_By: more people than the patch
2008-08-17 23:27:27 +00:00
|
|
|
if (oia == (ia = V_in6_ifaddr))
|
|
|
|
V_in6_ifaddr = ia->ia_next;
|
2000-07-04 16:35:15 +00:00
|
|
|
else {
|
|
|
|
while (ia->ia_next && (ia->ia_next != oia))
|
|
|
|
ia = ia->ia_next;
|
|
|
|
if (ia->ia_next)
|
|
|
|
ia->ia_next = oia->ia_next;
|
2001-06-11 12:39:29 +00:00
|
|
|
else {
|
|
|
|
/* search failed */
|
|
|
|
printf("Couldn't unlink in6_ifaddr from in6_ifaddr\n");
|
|
|
|
}
|
2000-07-04 16:35:15 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2005-10-31 23:06:04 +00:00
|
|
|
* Release the reference to the base prefix. There should be a
|
|
|
|
* positive reference.
|
2000-07-04 16:35:15 +00:00
|
|
|
*/
|
2005-10-31 23:06:04 +00:00
|
|
|
if (oia->ia6_ndpr == NULL) {
|
|
|
|
nd6log((LOG_NOTICE,
|
|
|
|
"in6_unlink_ifa: autoconf'ed address "
|
|
|
|
"%p has no prefix\n", oia));
|
|
|
|
} else {
|
|
|
|
oia->ia6_ndpr->ndpr_refcnt--;
|
|
|
|
oia->ia6_ndpr = NULL;
|
|
|
|
}
|
2001-06-11 12:39:29 +00:00
|
|
|
|
2005-10-31 23:06:04 +00:00
|
|
|
/*
|
|
|
|
* Also, if the address being removed is autoconf'ed, call
|
|
|
|
* pfxlist_onlink_check() since the release might affect the status of
|
2007-07-05 16:29:40 +00:00
|
|
|
* other (detached) addresses.
|
2005-10-31 23:06:04 +00:00
|
|
|
*/
|
|
|
|
if ((oia->ia6_flags & IN6_IFF_AUTOCONF)) {
|
2001-06-11 12:39:29 +00:00
|
|
|
pfxlist_onlink_check();
|
2000-07-04 16:35:15 +00:00
|
|
|
}
|
2001-06-11 12:39:29 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* release another refcnt for the link from in6_ifaddr.
|
|
|
|
* Note that we should decrement the refcnt at least once for all *BSD.
|
|
|
|
*/
|
2009-06-21 19:30:33 +00:00
|
|
|
ifa_free(&oia->ia_ifa);
|
2001-06-11 12:39:29 +00:00
|
|
|
|
|
|
|
splx(s);
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_purgeif(struct ifnet *ifp)
|
2001-06-11 12:39:29 +00:00
|
|
|
{
|
|
|
|
struct ifaddr *ifa, *nifa;
|
|
|
|
|
2009-04-20 22:45:21 +00:00
|
|
|
TAILQ_FOREACH_SAFE(ifa, &ifp->if_addrhead, ifa_link, nifa) {
|
2001-06-11 12:39:29 +00:00
|
|
|
if (ifa->ifa_addr->sa_family != AF_INET6)
|
|
|
|
continue;
|
|
|
|
in6_purgeaddr(ifa);
|
|
|
|
}
|
|
|
|
|
|
|
|
in6_ifdetach(ifp);
|
2000-07-04 16:35:15 +00:00
|
|
|
}
|
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
/*
|
|
|
|
* SIOC[GAD]LIFADDR.
|
2000-07-07 04:09:51 +00:00
|
|
|
* SIOCGLIFADDR: get first address. (?)
|
1999-11-22 02:45:11 +00:00
|
|
|
* SIOCGLIFADDR with IFLR_PREFIX:
|
|
|
|
* get first address that matches the specified prefix.
|
|
|
|
* SIOCALIFADDR: add the specified address.
|
|
|
|
* SIOCALIFADDR with IFLR_PREFIX:
|
|
|
|
* add the specified prefix, filling hostid part from
|
|
|
|
* the first link-local address. prefixlen must be <= 64.
|
|
|
|
* SIOCDLIFADDR: delete the specified address.
|
|
|
|
* SIOCDLIFADDR with IFLR_PREFIX:
|
|
|
|
* delete the first address that matches the specified prefix.
|
|
|
|
* return values:
|
|
|
|
* EINVAL on invalid parameters
|
|
|
|
* EADDRNOTAVAIL on prefix match failed/specified address not found
|
|
|
|
* other values may be returned from in6_ioctl()
|
|
|
|
*
|
|
|
|
* NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64.
|
|
|
|
* this is to accomodate address naming scheme other than RFC2374,
|
|
|
|
* in the future.
|
|
|
|
* RFC2373 defines interface id to be 64bit, but it allows non-RFC2374
|
|
|
|
* address encoding scheme. (see figure on page 8)
|
|
|
|
*/
|
|
|
|
static int
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_lifaddr_ioctl(struct socket *so, u_long cmd, caddr_t data,
|
|
|
|
struct ifnet *ifp, struct thread *td)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
|
|
|
struct if_laddrreq *iflr = (struct if_laddrreq *)data;
|
|
|
|
struct ifaddr *ifa;
|
2000-07-04 16:35:15 +00:00
|
|
|
struct sockaddr *sa;
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
/* sanity checks */
|
|
|
|
if (!data || !ifp) {
|
|
|
|
panic("invalid argument to in6_lifaddr_ioctl");
|
2003-10-07 17:46:18 +00:00
|
|
|
/* NOTREACHED */
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
switch (cmd) {
|
|
|
|
case SIOCGLIFADDR:
|
|
|
|
/* address must be specified on GET with IFLR_PREFIX */
|
|
|
|
if ((iflr->flags & IFLR_PREFIX) == 0)
|
|
|
|
break;
|
2002-04-19 04:46:24 +00:00
|
|
|
/* FALLTHROUGH */
|
1999-11-22 02:45:11 +00:00
|
|
|
case SIOCALIFADDR:
|
|
|
|
case SIOCDLIFADDR:
|
|
|
|
/* address must be specified on ADD and DELETE */
|
2000-07-04 16:35:15 +00:00
|
|
|
sa = (struct sockaddr *)&iflr->addr;
|
|
|
|
if (sa->sa_family != AF_INET6)
|
1999-11-22 02:45:11 +00:00
|
|
|
return EINVAL;
|
2000-07-04 16:35:15 +00:00
|
|
|
if (sa->sa_len != sizeof(struct sockaddr_in6))
|
1999-11-22 02:45:11 +00:00
|
|
|
return EINVAL;
|
|
|
|
/* XXX need improvement */
|
2000-07-04 16:35:15 +00:00
|
|
|
sa = (struct sockaddr *)&iflr->dstaddr;
|
|
|
|
if (sa->sa_family && sa->sa_family != AF_INET6)
|
1999-11-22 02:45:11 +00:00
|
|
|
return EINVAL;
|
2000-07-04 16:35:15 +00:00
|
|
|
if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6))
|
1999-11-22 02:45:11 +00:00
|
|
|
return EINVAL;
|
|
|
|
break;
|
2002-04-19 04:46:24 +00:00
|
|
|
default: /* shouldn't happen */
|
2000-07-04 16:35:15 +00:00
|
|
|
#if 0
|
|
|
|
panic("invalid cmd to in6_lifaddr_ioctl");
|
2002-04-19 04:46:24 +00:00
|
|
|
/* NOTREACHED */
|
2000-07-04 16:35:15 +00:00
|
|
|
#else
|
1999-11-22 02:45:11 +00:00
|
|
|
return EOPNOTSUPP;
|
2000-07-04 16:35:15 +00:00
|
|
|
#endif
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
if (sizeof(struct in6_addr) * 8 < iflr->prefixlen)
|
|
|
|
return EINVAL;
|
|
|
|
|
|
|
|
switch (cmd) {
|
|
|
|
case SIOCALIFADDR:
|
|
|
|
{
|
|
|
|
struct in6_aliasreq ifra;
|
|
|
|
struct in6_addr *hostid = NULL;
|
|
|
|
int prefixlen;
|
|
|
|
|
|
|
|
if ((iflr->flags & IFLR_PREFIX) != 0) {
|
|
|
|
struct sockaddr_in6 *sin6;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* hostid is to fill in the hostid part of the
|
|
|
|
* address. hostid points to the first link-local
|
|
|
|
* address attached to the interface.
|
|
|
|
*/
|
2000-07-04 16:35:15 +00:00
|
|
|
ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 0);
|
1999-11-22 02:45:11 +00:00
|
|
|
if (!ifa)
|
|
|
|
return EADDRNOTAVAIL;
|
|
|
|
hostid = IFA_IN6(ifa);
|
|
|
|
|
2007-07-05 16:29:40 +00:00
|
|
|
/* prefixlen must be <= 64. */
|
1999-11-22 02:45:11 +00:00
|
|
|
if (64 < iflr->prefixlen)
|
|
|
|
return EINVAL;
|
|
|
|
prefixlen = iflr->prefixlen;
|
|
|
|
|
|
|
|
/* hostid part must be zero. */
|
|
|
|
sin6 = (struct sockaddr_in6 *)&iflr->addr;
|
2004-03-03 14:33:16 +00:00
|
|
|
if (sin6->sin6_addr.s6_addr32[2] != 0 ||
|
|
|
|
sin6->sin6_addr.s6_addr32[3] != 0) {
|
1999-11-22 02:45:11 +00:00
|
|
|
return EINVAL;
|
|
|
|
}
|
|
|
|
} else
|
|
|
|
prefixlen = iflr->prefixlen;
|
|
|
|
|
|
|
|
/* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */
|
|
|
|
bzero(&ifra, sizeof(ifra));
|
2003-10-07 17:46:18 +00:00
|
|
|
bcopy(iflr->iflr_name, ifra.ifra_name, sizeof(ifra.ifra_name));
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2000-07-04 16:35:15 +00:00
|
|
|
bcopy(&iflr->addr, &ifra.ifra_addr,
|
2003-10-07 17:46:18 +00:00
|
|
|
((struct sockaddr *)&iflr->addr)->sa_len);
|
1999-11-22 02:45:11 +00:00
|
|
|
if (hostid) {
|
|
|
|
/* fill in hostid part */
|
|
|
|
ifra.ifra_addr.sin6_addr.s6_addr32[2] =
|
2003-10-07 17:46:18 +00:00
|
|
|
hostid->s6_addr32[2];
|
1999-11-22 02:45:11 +00:00
|
|
|
ifra.ifra_addr.sin6_addr.s6_addr32[3] =
|
2003-10-07 17:46:18 +00:00
|
|
|
hostid->s6_addr32[3];
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
2003-10-07 17:46:18 +00:00
|
|
|
if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /* XXX */
|
1999-11-22 02:45:11 +00:00
|
|
|
bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr,
|
2003-10-07 17:46:18 +00:00
|
|
|
((struct sockaddr *)&iflr->dstaddr)->sa_len);
|
1999-11-22 02:45:11 +00:00
|
|
|
if (hostid) {
|
|
|
|
ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] =
|
2003-10-07 17:46:18 +00:00
|
|
|
hostid->s6_addr32[2];
|
1999-11-22 02:45:11 +00:00
|
|
|
ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] =
|
2003-10-07 17:46:18 +00:00
|
|
|
hostid->s6_addr32[3];
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6);
|
2003-10-17 17:50:09 +00:00
|
|
|
in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen);
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX;
|
2001-09-12 08:38:13 +00:00
|
|
|
return in6_control(so, SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp, td);
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
case SIOCGLIFADDR:
|
|
|
|
case SIOCDLIFADDR:
|
|
|
|
{
|
|
|
|
struct in6_ifaddr *ia;
|
|
|
|
struct in6_addr mask, candidate, match;
|
|
|
|
struct sockaddr_in6 *sin6;
|
|
|
|
int cmp;
|
|
|
|
|
|
|
|
bzero(&mask, sizeof(mask));
|
|
|
|
if (iflr->flags & IFLR_PREFIX) {
|
|
|
|
/* lookup a prefix rather than address. */
|
2003-10-17 17:50:09 +00:00
|
|
|
in6_prefixlen2mask(&mask, iflr->prefixlen);
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
sin6 = (struct sockaddr_in6 *)&iflr->addr;
|
|
|
|
bcopy(&sin6->sin6_addr, &match, sizeof(match));
|
|
|
|
match.s6_addr32[0] &= mask.s6_addr32[0];
|
|
|
|
match.s6_addr32[1] &= mask.s6_addr32[1];
|
|
|
|
match.s6_addr32[2] &= mask.s6_addr32[2];
|
|
|
|
match.s6_addr32[3] &= mask.s6_addr32[3];
|
|
|
|
|
|
|
|
/* if you set extra bits, that's wrong */
|
|
|
|
if (bcmp(&match, &sin6->sin6_addr, sizeof(match)))
|
|
|
|
return EINVAL;
|
|
|
|
|
|
|
|
cmp = 1;
|
|
|
|
} else {
|
|
|
|
if (cmd == SIOCGLIFADDR) {
|
|
|
|
/* on getting an address, take the 1st match */
|
2002-04-19 04:46:24 +00:00
|
|
|
cmp = 0; /* XXX */
|
1999-11-22 02:45:11 +00:00
|
|
|
} else {
|
|
|
|
/* on deleting an address, do exact match */
|
2003-10-17 17:50:09 +00:00
|
|
|
in6_prefixlen2mask(&mask, 128);
|
1999-11-22 02:45:11 +00:00
|
|
|
sin6 = (struct sockaddr_in6 *)&iflr->addr;
|
|
|
|
bcopy(&sin6->sin6_addr, &match, sizeof(match));
|
|
|
|
|
|
|
|
cmp = 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2009-04-20 16:05:16 +00:00
|
|
|
IF_ADDR_LOCK(ifp);
|
2009-04-20 22:45:21 +00:00
|
|
|
TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
|
1999-11-22 02:45:11 +00:00
|
|
|
if (ifa->ifa_addr->sa_family != AF_INET6)
|
|
|
|
continue;
|
|
|
|
if (!cmp)
|
|
|
|
break;
|
2001-06-11 12:39:29 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* XXX: this is adhoc, but is necessary to allow
|
|
|
|
* a user to specify fe80::/64 (not /10) for a
|
|
|
|
* link-local address.
|
|
|
|
*/
|
2005-07-25 12:31:43 +00:00
|
|
|
bcopy(IFA_IN6(ifa), &candidate, sizeof(candidate));
|
|
|
|
in6_clearscope(&candidate);
|
1999-11-22 02:45:11 +00:00
|
|
|
candidate.s6_addr32[0] &= mask.s6_addr32[0];
|
|
|
|
candidate.s6_addr32[1] &= mask.s6_addr32[1];
|
|
|
|
candidate.s6_addr32[2] &= mask.s6_addr32[2];
|
|
|
|
candidate.s6_addr32[3] &= mask.s6_addr32[3];
|
|
|
|
if (IN6_ARE_ADDR_EQUAL(&candidate, &match))
|
|
|
|
break;
|
|
|
|
}
|
2009-04-20 16:05:16 +00:00
|
|
|
IF_ADDR_UNLOCK(ifp);
|
1999-11-22 02:45:11 +00:00
|
|
|
if (!ifa)
|
|
|
|
return EADDRNOTAVAIL;
|
|
|
|
ia = ifa2ia6(ifa);
|
|
|
|
|
|
|
|
if (cmd == SIOCGLIFADDR) {
|
2005-07-25 12:31:43 +00:00
|
|
|
int error;
|
2001-06-11 12:39:29 +00:00
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
/* fill in the if_laddrreq structure */
|
|
|
|
bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin6_len);
|
2005-07-25 12:31:43 +00:00
|
|
|
error = sa6_recoverscope(
|
|
|
|
(struct sockaddr_in6 *)&iflr->addr);
|
|
|
|
if (error != 0)
|
|
|
|
return (error);
|
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
if ((ifp->if_flags & IFF_POINTOPOINT) != 0) {
|
|
|
|
bcopy(&ia->ia_dstaddr, &iflr->dstaddr,
|
2003-10-07 17:46:18 +00:00
|
|
|
ia->ia_dstaddr.sin6_len);
|
2005-07-25 12:31:43 +00:00
|
|
|
error = sa6_recoverscope(
|
|
|
|
(struct sockaddr_in6 *)&iflr->dstaddr);
|
|
|
|
if (error != 0)
|
|
|
|
return (error);
|
1999-11-22 02:45:11 +00:00
|
|
|
} else
|
|
|
|
bzero(&iflr->dstaddr, sizeof(iflr->dstaddr));
|
|
|
|
|
|
|
|
iflr->prefixlen =
|
2003-10-07 17:46:18 +00:00
|
|
|
in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL);
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2002-04-19 04:46:24 +00:00
|
|
|
iflr->flags = ia->ia6_flags; /* XXX */
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
return 0;
|
|
|
|
} else {
|
|
|
|
struct in6_aliasreq ifra;
|
|
|
|
|
|
|
|
/* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */
|
|
|
|
bzero(&ifra, sizeof(ifra));
|
|
|
|
bcopy(iflr->iflr_name, ifra.ifra_name,
|
2003-10-07 17:46:18 +00:00
|
|
|
sizeof(ifra.ifra_name));
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
bcopy(&ia->ia_addr, &ifra.ifra_addr,
|
2003-10-07 17:46:18 +00:00
|
|
|
ia->ia_addr.sin6_len);
|
1999-11-22 02:45:11 +00:00
|
|
|
if ((ifp->if_flags & IFF_POINTOPOINT) != 0) {
|
|
|
|
bcopy(&ia->ia_dstaddr, &ifra.ifra_dstaddr,
|
2003-10-07 17:46:18 +00:00
|
|
|
ia->ia_dstaddr.sin6_len);
|
2000-07-04 16:35:15 +00:00
|
|
|
} else {
|
|
|
|
bzero(&ifra.ifra_dstaddr,
|
|
|
|
sizeof(ifra.ifra_dstaddr));
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
bcopy(&ia->ia_prefixmask, &ifra.ifra_dstaddr,
|
2003-10-07 17:46:18 +00:00
|
|
|
ia->ia_prefixmask.sin6_len);
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
ifra.ifra_flags = ia->ia6_flags;
|
|
|
|
return in6_control(so, SIOCDIFADDR_IN6, (caddr_t)&ifra,
|
2003-10-07 17:46:18 +00:00
|
|
|
ifp, td);
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2002-04-19 04:46:24 +00:00
|
|
|
return EOPNOTSUPP; /* just for safety */
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Initialize an interface's intetnet6 address
|
|
|
|
* and routing table entry.
|
|
|
|
*/
|
2001-06-11 12:39:29 +00:00
|
|
|
static int
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia,
|
|
|
|
struct sockaddr_in6 *sin6, int newhost)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
2001-06-11 12:39:29 +00:00
|
|
|
int error = 0, plen, ifacount = 0;
|
1999-11-22 02:45:11 +00:00
|
|
|
int s = splimp();
|
2001-06-11 12:39:29 +00:00
|
|
|
struct ifaddr *ifa;
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Give the interface a chance to initialize
|
|
|
|
* if this is its first address,
|
|
|
|
* and to validate the address if necessary.
|
|
|
|
*/
|
2009-04-20 16:05:16 +00:00
|
|
|
IF_ADDR_LOCK(ifp);
|
2009-04-20 22:45:21 +00:00
|
|
|
TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
|
2001-06-11 12:39:29 +00:00
|
|
|
if (ifa->ifa_addr->sa_family != AF_INET6)
|
|
|
|
continue;
|
|
|
|
ifacount++;
|
|
|
|
}
|
2009-04-20 16:05:16 +00:00
|
|
|
IF_ADDR_UNLOCK(ifp);
|
2001-06-11 12:39:29 +00:00
|
|
|
|
|
|
|
ia->ia_addr = *sin6;
|
|
|
|
|
2005-06-02 00:04:08 +00:00
|
|
|
if (ifacount <= 1 && ifp->if_ioctl) {
|
|
|
|
error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia);
|
|
|
|
if (error) {
|
|
|
|
splx(s);
|
|
|
|
return (error);
|
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
2001-06-11 12:39:29 +00:00
|
|
|
splx(s);
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
ia->ia_ifa.ifa_metric = ifp->if_metric;
|
|
|
|
|
|
|
|
/* we could do in(6)_socktrim here, but just omit it at this moment. */
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
/*
|
2001-06-11 12:39:29 +00:00
|
|
|
* Special case:
|
2004-01-10 08:59:21 +00:00
|
|
|
* If a new destination address is specified for a point-to-point
|
2001-06-11 12:39:29 +00:00
|
|
|
* interface, install a route to the destination as an interface
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
* direct route.
|
2004-01-10 08:59:21 +00:00
|
|
|
* XXX: the logic below rejects assigning multiple addresses on a p2p
|
2006-06-08 00:31:17 +00:00
|
|
|
* interface that share the same destination.
|
1999-11-22 02:45:11 +00:00
|
|
|
*/
|
2001-06-11 12:39:29 +00:00
|
|
|
plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */
|
2009-01-03 00:27:28 +00:00
|
|
|
if (!(ia->ia_flags & IFA_ROUTE) && plen == 128) {
|
|
|
|
struct sockaddr *dstaddr;
|
2006-06-08 00:31:17 +00:00
|
|
|
int rtflags = RTF_UP | RTF_HOST;
|
|
|
|
|
2009-01-03 00:27:28 +00:00
|
|
|
/*
|
|
|
|
* use the interface address if configuring an
|
|
|
|
* interface address with a /128 prefix len
|
|
|
|
*/
|
|
|
|
if (ia->ia_dstaddr.sin6_family == AF_INET6)
|
|
|
|
dstaddr = (struct sockaddr *)&ia->ia_dstaddr;
|
|
|
|
else
|
|
|
|
dstaddr = (struct sockaddr *)&ia->ia_addr;
|
2006-06-08 00:31:17 +00:00
|
|
|
|
Add code to allow the system to handle multiple routing tables.
This particular implementation is designed to be fully backwards compatible
and to be MFC-able to 7.x (and 6.x)
Currently the only protocol that can make use of the multiple tables is IPv4
Similar functionality exists in OpenBSD and Linux.
From my notes:
-----
One thing where FreeBSD has been falling behind, and which by chance I
have some time to work on is "policy based routing", which allows
different
packet streams to be routed by more than just the destination address.
Constraints:
------------
I want to make some form of this available in the 6.x tree
(and by extension 7.x) , but FreeBSD in general needs it so I might as
well do it in -current and back port the portions I need.
One of the ways that this can be done is to have the ability to
instantiate multiple kernel routing tables (which I will now
refer to as "Forwarding Information Bases" or "FIBs" for political
correctness reasons). Which FIB a particular packet uses to make
the next hop decision can be decided by a number of mechanisms.
The policies these mechanisms implement are the "Policies" referred
to in "Policy based routing".
One of the constraints I have if I try to back port this work to
6.x is that it must be implemented as a EXTENSION to the existing
ABIs in 6.x so that third party applications do not need to be
recompiled in timespan of the branch.
This first version will not have some of the bells and whistles that
will come with later versions. It will, for example, be limited to 16
tables in the first commit.
Implementation method, Compatible version. (part 1)
-------------------------------
For this reason I have implemented a "sufficient subset" of a
multiple routing table solution in Perforce, and back-ported it
to 6.x. (also in Perforce though not always caught up with what I
have done in -current/P4). The subset allows a number of FIBs
to be defined at compile time (8 is sufficient for my purposes in 6.x)
and implements the changes needed to allow IPV4 to use them. I have not
done the changes for ipv6 simply because I do not need it, and I do not
have enough knowledge of ipv6 (e.g. neighbor discovery) needed to do it.
Other protocol families are left untouched and should there be
users with proprietary protocol families, they should continue to work
and be oblivious to the existence of the extra FIBs.
To understand how this is done, one must know that the current FIB
code starts everything off with a single dimensional array of
pointers to FIB head structures (One per protocol family), each of
which in turn points to the trie of routes available to that family.
The basic change in the ABI compatible version of the change is to
extent that array to be a 2 dimensional array, so that
instead of protocol family X looking at rt_tables[X] for the
table it needs, it looks at rt_tables[Y][X] when for all
protocol families except ipv4 Y is always 0.
Code that is unaware of the change always just sees the first row
of the table, which of course looks just like the one dimensional
array that existed before.
The entry points rtrequest(), rtalloc(), rtalloc1(), rtalloc_ign()
are all maintained, but refer only to the first row of the array,
so that existing callers in proprietary protocols can continue to
do the "right thing".
Some new entry points are added, for the exclusive use of ipv4 code
called in_rtrequest(), in_rtalloc(), in_rtalloc1() and in_rtalloc_ign(),
which have an extra argument which refers the code to the correct row.
In addition, there are some new entry points (currently called
rtalloc_fib() and friends) that check the Address family being
looked up and call either rtalloc() (and friends) if the protocol
is not IPv4 forcing the action to row 0 or to the appropriate row
if it IS IPv4 (and that info is available). These are for calling
from code that is not specific to any particular protocol. The way
these are implemented would change in the non ABI preserving code
to be added later.
One feature of the first version of the code is that for ipv4,
the interface routes show up automatically on all the FIBs, so
that no matter what FIB you select you always have the basic
direct attached hosts available to you. (rtinit() does this
automatically).
You CAN delete an interface route from one FIB should you want
to but by default it's there. ARP information is also available
in each FIB. It's assumed that the same machine would have the
same MAC address, regardless of which FIB you are using to get
to it.
This brings us as to how the correct FIB is selected for an outgoing
IPV4 packet.
Firstly, all packets have a FIB associated with them. if nothing
has been done to change it, it will be FIB 0. The FIB is changed
in the following ways.
Packets fall into one of a number of classes.
1/ locally generated packets, coming from a socket/PCB.
Such packets select a FIB from a number associated with the
socket/PCB. This in turn is inherited from the process,
but can be changed by a socket option. The process in turn
inherits it on fork. I have written a utility call setfib
that acts a bit like nice..
setfib -3 ping target.example.com # will use fib 3 for ping.
It is an obvious extension to make it a property of a jail
but I have not done so. It can be achieved by combining the setfib and
jail commands.
2/ packets received on an interface for forwarding.
By default these packets would use table 0,
(or possibly a number settable in a sysctl(not yet)).
but prior to routing the firewall can inspect them (see below).
(possibly in the future you may be able to associate a FIB
with packets received on an interface.. An ifconfig arg, but not yet.)
3/ packets inspected by a packet classifier, which can arbitrarily
associate a fib with it on a packet by packet basis.
A fib assigned to a packet by a packet classifier
(such as ipfw) would over-ride a fib associated by
a more default source. (such as cases 1 or 2).
4/ a tcp listen socket associated with a fib will generate
accept sockets that are associated with that same fib.
5/ Packets generated in response to some other packet (e.g. reset
or icmp packets). These should use the FIB associated with the
packet being reponded to.
6/ Packets generated during encapsulation.
gif, tun and other tunnel interfaces will encapsulate using the FIB
that was in effect withthe proces that set up the tunnel.
thus setfib 1 ifconfig gif0 [tunnel instructions]
will set the fib for the tunnel to use to be fib 1.
Routing messages would be associated with their
process, and thus select one FIB or another.
messages from the kernel would be associated with the fib they
refer to and would only be received by a routing socket associated
with that fib. (not yet implemented)
In addition Netstat has been edited to be able to cope with the
fact that the array is now 2 dimensional. (It looks in system
memory using libkvm (!)). Old versions of netstat see only the first FIB.
In addition two sysctls are added to give:
a) the number of FIBs compiled in (active)
b) the default FIB of the calling process.
Early testing experience:
-------------------------
Basically our (IronPort's) appliance does this functionality already
using ipfw fwd but that method has some drawbacks.
For example,
It can't fully simulate a routing table because it can't influence the
socket's choice of local address when a connect() is done.
Testing during the generating of these changes has been
remarkably smooth so far. Multiple tables have co-existed
with no notable side effects, and packets have been routes
accordingly.
ipfw has grown 2 new keywords:
setfib N ip from anay to any
count ip from any to any fib N
In pf there seems to be a requirement to be able to give symbolic names to the
fibs but I do not have that capacity. I am not sure if it is required.
SCTP has interestingly enough built in support for this, called VRFs
in Cisco parlance. it will be interesting to see how that handles it
when it suddenly actually does something.
Where to next:
--------------------
After committing the ABI compatible version and MFCing it, I'd
like to proceed in a forward direction in -current. this will
result in some roto-tilling in the routing code.
Firstly: the current code's idea of having a separate tree per
protocol family, all of the same format, and pointed to by the
1 dimensional array is a bit silly. Especially when one considers that
there is code that makes assumptions about every protocol having the
same internal structures there. Some protocols don't WANT that
sort of structure. (for example the whole idea of a netmask is foreign
to appletalk). This needs to be made opaque to the external code.
My suggested first change is to add routing method pointers to the
'domain' structure, along with information pointing the data.
instead of having an array of pointers to uniform structures,
there would be an array pointing to the 'domain' structures
for each protocol address domain (protocol family),
and the methods this reached would be called. The methods would have
an argument that gives FIB number, but the protocol would be free
to ignore it.
When the ABI can be changed it raises the possibilty of the
addition of a fib entry into the "struct route". Currently,
the structure contains the sockaddr of the desination, and the resulting
fib entry. To make this work fully, one could add a fib number
so that given an address and a fib, one can find the third element, the
fib entry.
Interaction with the ARP layer/ LL layer would need to be
revisited as well. Qing Li has been working on this already.
This work was sponsored by Ironport Systems/Cisco
Reviewed by: several including rwatson, bz and mlair (parts each)
Obtained from: Ironport systems/Cisco
2008-05-09 23:03:00 +00:00
|
|
|
error = rtrequest(RTM_ADD,
|
2009-01-03 00:27:28 +00:00
|
|
|
(struct sockaddr *)dstaddr,
|
2006-06-08 00:31:17 +00:00
|
|
|
(struct sockaddr *)&ia->ia_addr,
|
|
|
|
(struct sockaddr *)&ia->ia_prefixmask,
|
2009-01-03 00:27:28 +00:00
|
|
|
ia->ia_flags | rtflags, NULL);
|
2006-06-08 00:31:17 +00:00
|
|
|
if (error != 0)
|
2003-10-06 14:02:09 +00:00
|
|
|
return (error);
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
ia->ia_flags |= IFA_ROUTE;
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2002-04-19 04:46:24 +00:00
|
|
|
/* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
if (newhost) {
|
|
|
|
struct llentry *ln;
|
2009-05-18 02:25:45 +00:00
|
|
|
struct rtentry rt;
|
|
|
|
struct sockaddr_dl gateway;
|
|
|
|
struct sockaddr_in6 mask, addr;
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
|
|
|
|
IF_AFDATA_LOCK(ifp);
|
|
|
|
ia->ia_ifa.ifa_rtrequest = NULL;
|
|
|
|
|
|
|
|
/* XXX QL
|
|
|
|
* we need to report rt_newaddrmsg
|
|
|
|
*/
|
|
|
|
ln = lla_lookup(LLTABLE6(ifp), (LLE_CREATE | LLE_IFADDR | LLE_EXCLUSIVE),
|
|
|
|
(struct sockaddr *)&ia->ia_addr);
|
|
|
|
IF_AFDATA_UNLOCK(ifp);
|
2008-12-16 02:30:42 +00:00
|
|
|
if (ln != NULL) {
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
ln->la_expire = 0; /* for IPv6 this means permanent */
|
|
|
|
ln->ln_state = ND6_LLINFO_REACHABLE;
|
2009-05-18 02:25:45 +00:00
|
|
|
/*
|
|
|
|
* initialize for rtmsg generation
|
|
|
|
*/
|
|
|
|
bzero(&gateway, sizeof(gateway));
|
|
|
|
gateway.sdl_len = sizeof(gateway);
|
|
|
|
gateway.sdl_family = AF_LINK;
|
|
|
|
gateway.sdl_nlen = 0;
|
|
|
|
gateway.sdl_alen = 6;
|
|
|
|
memcpy(gateway.sdl_data, &ln->ll_addr.mac_aligned, sizeof(ln->ll_addr));
|
|
|
|
/* */
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
LLE_WUNLOCK(ln);
|
|
|
|
}
|
2009-05-18 02:25:45 +00:00
|
|
|
|
|
|
|
bzero(&rt, sizeof(rt));
|
|
|
|
rt.rt_gateway = (struct sockaddr *)&gateway;
|
|
|
|
memcpy(&mask, &ia->ia_prefixmask, sizeof(ia->ia_prefixmask));
|
|
|
|
memcpy(&addr, &ia->ia_addr, sizeof(ia->ia_addr));
|
|
|
|
rt_mask(&rt) = (struct sockaddr *)&mask;
|
|
|
|
rt_key(&rt) = (struct sockaddr *)&addr;
|
|
|
|
rt.rt_flags = RTF_UP | RTF_HOST | RTF_STATIC;
|
|
|
|
rt_newaddrmsg(RTM_ADD, &ia->ia_ifa, 0, &rt);
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2003-10-06 14:02:09 +00:00
|
|
|
return (error);
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Find an IPv6 interface link-local address specific to an interface.
|
|
|
|
*/
|
|
|
|
struct in6_ifaddr *
|
2007-07-05 16:23:49 +00:00
|
|
|
in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
2001-06-11 12:39:29 +00:00
|
|
|
struct ifaddr *ifa;
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2009-04-20 16:05:16 +00:00
|
|
|
IF_ADDR_LOCK(ifp);
|
2009-04-20 22:45:21 +00:00
|
|
|
TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
|
1999-11-22 02:45:11 +00:00
|
|
|
if (ifa->ifa_addr->sa_family != AF_INET6)
|
|
|
|
continue;
|
2000-07-04 16:35:15 +00:00
|
|
|
if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) {
|
|
|
|
if ((((struct in6_ifaddr *)ifa)->ia6_flags &
|
|
|
|
ignoreflags) != 0)
|
|
|
|
continue;
|
1999-11-22 02:45:11 +00:00
|
|
|
break;
|
2000-07-04 16:35:15 +00:00
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
2009-04-20 16:05:16 +00:00
|
|
|
IF_ADDR_UNLOCK(ifp);
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2003-10-06 14:02:09 +00:00
|
|
|
return ((struct in6_ifaddr *)ifa);
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
* find the internet address corresponding to a given interface and address.
|
|
|
|
*/
|
|
|
|
struct in6_ifaddr *
|
2007-07-05 16:23:49 +00:00
|
|
|
in6ifa_ifpwithaddr(struct ifnet *ifp, struct in6_addr *addr)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
2001-06-11 12:39:29 +00:00
|
|
|
struct ifaddr *ifa;
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2009-04-20 21:37:46 +00:00
|
|
|
IF_ADDR_LOCK(ifp);
|
2009-04-20 22:45:21 +00:00
|
|
|
TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
|
1999-11-22 02:45:11 +00:00
|
|
|
if (ifa->ifa_addr->sa_family != AF_INET6)
|
|
|
|
continue;
|
|
|
|
if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa)))
|
|
|
|
break;
|
|
|
|
}
|
2009-04-20 21:37:46 +00:00
|
|
|
IF_ADDR_UNLOCK(ifp);
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2003-10-06 14:02:09 +00:00
|
|
|
return ((struct in6_ifaddr *)ifa);
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2006-12-12 12:17:58 +00:00
|
|
|
* Convert IP6 address to printable (loggable) representation. Caller
|
|
|
|
* has to make sure that ip6buf is at least INET6_ADDRSTRLEN long.
|
1999-11-22 02:45:11 +00:00
|
|
|
*/
|
|
|
|
static char digits[] = "0123456789abcdef";
|
|
|
|
char *
|
2006-12-12 12:17:58 +00:00
|
|
|
ip6_sprintf(char *ip6buf, const struct in6_addr *addr)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
2001-06-11 12:39:29 +00:00
|
|
|
int i;
|
|
|
|
char *cp;
|
2004-03-03 14:33:16 +00:00
|
|
|
const u_int16_t *a = (const u_int16_t *)addr;
|
|
|
|
const u_int8_t *d;
|
2006-12-16 14:15:31 +00:00
|
|
|
int dcolon = 0, zero = 0;
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2006-12-12 12:17:58 +00:00
|
|
|
cp = ip6buf;
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
for (i = 0; i < 8; i++) {
|
|
|
|
if (dcolon == 1) {
|
|
|
|
if (*a == 0) {
|
|
|
|
if (i == 7)
|
|
|
|
*cp++ = ':';
|
|
|
|
a++;
|
|
|
|
continue;
|
|
|
|
} else
|
|
|
|
dcolon = 2;
|
|
|
|
}
|
|
|
|
if (*a == 0) {
|
|
|
|
if (dcolon == 0 && *(a + 1) == 0) {
|
|
|
|
if (i == 0)
|
|
|
|
*cp++ = ':';
|
|
|
|
*cp++ = ':';
|
|
|
|
dcolon = 1;
|
|
|
|
} else {
|
|
|
|
*cp++ = '0';
|
|
|
|
*cp++ = ':';
|
|
|
|
}
|
|
|
|
a++;
|
|
|
|
continue;
|
|
|
|
}
|
2002-02-27 02:44:45 +00:00
|
|
|
d = (const u_char *)a;
|
2006-12-16 14:15:31 +00:00
|
|
|
/* Try to eliminate leading zeros in printout like in :0001. */
|
|
|
|
zero = 1;
|
|
|
|
*cp = digits[*d >> 4];
|
|
|
|
if (*cp != '0') {
|
|
|
|
zero = 0;
|
|
|
|
cp++;
|
|
|
|
}
|
|
|
|
*cp = digits[*d++ & 0xf];
|
|
|
|
if (zero == 0 || (*cp != '0')) {
|
|
|
|
zero = 0;
|
|
|
|
cp++;
|
|
|
|
}
|
|
|
|
*cp = digits[*d >> 4];
|
|
|
|
if (zero == 0 || (*cp != '0')) {
|
|
|
|
zero = 0;
|
|
|
|
cp++;
|
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
*cp++ = digits[*d & 0xf];
|
|
|
|
*cp++ = ':';
|
|
|
|
a++;
|
|
|
|
}
|
2006-12-12 12:17:58 +00:00
|
|
|
*--cp = '\0';
|
|
|
|
return (ip6buf);
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
int
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_localaddr(struct in6_addr *in6)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
Step 1.5 of importing the network stack virtualization infrastructure
from the vimage project, as per plan established at devsummit 08/08:
http://wiki.freebsd.org/Image/Notes200808DevSummit
Introduce INIT_VNET_*() initializer macros, VNET_FOREACH() iterator
macros, and CURVNET_SET() context setting macros, all currently
resolving to NOPs.
Prepare for virtualization of selected SYSCTL objects by introducing a
family of SYSCTL_V_*() macros, currently resolving to their global
counterparts, i.e. SYSCTL_V_INT() == SYSCTL_INT().
Move selected #defines from sys/sys/vimage.h to newly introduced header
files specific to virtualized subsystems (sys/net/vnet.h,
sys/netinet/vinet.h etc.).
All the changes are verified to have zero functional impact at this
point in time by doing MD5 comparision between pre- and post-change
object files(*).
(*) netipsec/keysock.c did not validate depending on compile time options.
Implemented by: julian, bz, brooks, zec
Reviewed by: julian, bz, brooks, kris, rwatson, ...
Approved by: julian (mentor)
Obtained from: //depot/projects/vimage-commit2/...
X-MFC after: never
Sponsored by: NLnet Foundation, The FreeBSD Foundation
2008-10-02 15:37:58 +00:00
|
|
|
INIT_VNET_INET6(curvnet);
|
1999-11-22 02:45:11 +00:00
|
|
|
struct in6_ifaddr *ia;
|
|
|
|
|
|
|
|
if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6))
|
|
|
|
return 1;
|
|
|
|
|
Commit step 1 of the vimage project, (network stack)
virtualization work done by Marko Zec (zec@).
This is the first in a series of commits over the course
of the next few weeks.
Mark all uses of global variables to be virtualized
with a V_ prefix.
Use macros to map them back to their global names for
now, so this is a NOP change only.
We hope to have caught at least 85-90% of what is needed
so we do not invalidate a lot of outstanding patches again.
Obtained from: //depot/projects/vimage-commit2/...
Reviewed by: brooks, des, ed, mav, julian,
jamie, kris, rwatson, zec, ...
(various people I forgot, different versions)
md5 (with a bit of help)
Sponsored by: NLnet Foundation, The FreeBSD Foundation
X-MFC after: never
V_Commit_Message_Reviewed_By: more people than the patch
2008-08-17 23:27:27 +00:00
|
|
|
for (ia = V_in6_ifaddr; ia; ia = ia->ia_next) {
|
1999-11-22 02:45:11 +00:00
|
|
|
if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr,
|
2003-10-07 17:46:18 +00:00
|
|
|
&ia->ia_prefixmask.sin6_addr)) {
|
1999-11-22 02:45:11 +00:00
|
|
|
return 1;
|
2003-10-07 17:46:18 +00:00
|
|
|
}
|
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
int
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_is_addr_deprecated(struct sockaddr_in6 *sa6)
|
2001-06-11 12:39:29 +00:00
|
|
|
{
|
Step 1.5 of importing the network stack virtualization infrastructure
from the vimage project, as per plan established at devsummit 08/08:
http://wiki.freebsd.org/Image/Notes200808DevSummit
Introduce INIT_VNET_*() initializer macros, VNET_FOREACH() iterator
macros, and CURVNET_SET() context setting macros, all currently
resolving to NOPs.
Prepare for virtualization of selected SYSCTL objects by introducing a
family of SYSCTL_V_*() macros, currently resolving to their global
counterparts, i.e. SYSCTL_V_INT() == SYSCTL_INT().
Move selected #defines from sys/sys/vimage.h to newly introduced header
files specific to virtualized subsystems (sys/net/vnet.h,
sys/netinet/vinet.h etc.).
All the changes are verified to have zero functional impact at this
point in time by doing MD5 comparision between pre- and post-change
object files(*).
(*) netipsec/keysock.c did not validate depending on compile time options.
Implemented by: julian, bz, brooks, zec
Reviewed by: julian, bz, brooks, kris, rwatson, ...
Approved by: julian (mentor)
Obtained from: //depot/projects/vimage-commit2/...
X-MFC after: never
Sponsored by: NLnet Foundation, The FreeBSD Foundation
2008-10-02 15:37:58 +00:00
|
|
|
INIT_VNET_INET6(curvnet);
|
2001-06-11 12:39:29 +00:00
|
|
|
struct in6_ifaddr *ia;
|
|
|
|
|
Commit step 1 of the vimage project, (network stack)
virtualization work done by Marko Zec (zec@).
This is the first in a series of commits over the course
of the next few weeks.
Mark all uses of global variables to be virtualized
with a V_ prefix.
Use macros to map them back to their global names for
now, so this is a NOP change only.
We hope to have caught at least 85-90% of what is needed
so we do not invalidate a lot of outstanding patches again.
Obtained from: //depot/projects/vimage-commit2/...
Reviewed by: brooks, des, ed, mav, julian,
jamie, kris, rwatson, zec, ...
(various people I forgot, different versions)
md5 (with a bit of help)
Sponsored by: NLnet Foundation, The FreeBSD Foundation
X-MFC after: never
V_Commit_Message_Reviewed_By: more people than the patch
2008-08-17 23:27:27 +00:00
|
|
|
for (ia = V_in6_ifaddr; ia; ia = ia->ia_next) {
|
2001-06-11 12:39:29 +00:00
|
|
|
if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr,
|
|
|
|
&sa6->sin6_addr) &&
|
|
|
|
(ia->ia6_flags & IN6_IFF_DEPRECATED) != 0)
|
2003-10-06 14:02:09 +00:00
|
|
|
return (1); /* true */
|
2001-06-11 12:39:29 +00:00
|
|
|
|
|
|
|
/* XXX: do we still have to go thru the rest of the list? */
|
|
|
|
}
|
|
|
|
|
2003-10-06 14:02:09 +00:00
|
|
|
return (0); /* false */
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
/*
|
|
|
|
* return length of part which dst and src are equal
|
|
|
|
* hard coding...
|
|
|
|
*/
|
|
|
|
int
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_matchlen(struct in6_addr *src, struct in6_addr *dst)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
|
|
|
int match = 0;
|
|
|
|
u_char *s = (u_char *)src, *d = (u_char *)dst;
|
|
|
|
u_char *lim = s + 16, r;
|
|
|
|
|
|
|
|
while (s < lim)
|
|
|
|
if ((r = (*d++ ^ *s++)) != 0) {
|
|
|
|
while (r < 128) {
|
|
|
|
match++;
|
|
|
|
r <<= 1;
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
} else
|
|
|
|
match += 8;
|
|
|
|
return match;
|
|
|
|
}
|
|
|
|
|
2000-07-04 16:35:15 +00:00
|
|
|
/* XXX: to be scope conscious */
|
1999-11-22 02:45:11 +00:00
|
|
|
int
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
|
|
|
int bytelen, bitlen;
|
|
|
|
|
|
|
|
/* sanity check */
|
|
|
|
if (0 > len || len > 128) {
|
|
|
|
log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n",
|
|
|
|
len);
|
2003-10-06 14:02:09 +00:00
|
|
|
return (0);
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
bytelen = len / 8;
|
|
|
|
bitlen = len % 8;
|
|
|
|
|
|
|
|
if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen))
|
2003-10-06 14:02:09 +00:00
|
|
|
return (0);
|
2004-02-24 01:20:51 +00:00
|
|
|
if (bitlen != 0 &&
|
|
|
|
p1->s6_addr[bytelen] >> (8 - bitlen) !=
|
1999-11-22 02:45:11 +00:00
|
|
|
p2->s6_addr[bytelen] >> (8 - bitlen))
|
2003-10-06 14:02:09 +00:00
|
|
|
return (0);
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2003-10-06 14:02:09 +00:00
|
|
|
return (1);
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
void
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_prefixlen2mask(struct in6_addr *maskp, int len)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
|
|
|
u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff};
|
|
|
|
int bytelen, bitlen, i;
|
|
|
|
|
|
|
|
/* sanity check */
|
|
|
|
if (0 > len || len > 128) {
|
|
|
|
log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n",
|
|
|
|
len);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
bzero(maskp, sizeof(*maskp));
|
|
|
|
bytelen = len / 8;
|
|
|
|
bitlen = len % 8;
|
|
|
|
for (i = 0; i < bytelen; i++)
|
|
|
|
maskp->s6_addr[i] = 0xff;
|
|
|
|
if (bitlen)
|
|
|
|
maskp->s6_addr[bytelen] = maskarray[bitlen - 1];
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* return the best address out of the same scope. if no address was
|
|
|
|
* found, return the first valid address from designated IF.
|
|
|
|
*/
|
|
|
|
struct in6_ifaddr *
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
Step 1.5 of importing the network stack virtualization infrastructure
from the vimage project, as per plan established at devsummit 08/08:
http://wiki.freebsd.org/Image/Notes200808DevSummit
Introduce INIT_VNET_*() initializer macros, VNET_FOREACH() iterator
macros, and CURVNET_SET() context setting macros, all currently
resolving to NOPs.
Prepare for virtualization of selected SYSCTL objects by introducing a
family of SYSCTL_V_*() macros, currently resolving to their global
counterparts, i.e. SYSCTL_V_INT() == SYSCTL_INT().
Move selected #defines from sys/sys/vimage.h to newly introduced header
files specific to virtualized subsystems (sys/net/vnet.h,
sys/netinet/vinet.h etc.).
All the changes are verified to have zero functional impact at this
point in time by doing MD5 comparision between pre- and post-change
object files(*).
(*) netipsec/keysock.c did not validate depending on compile time options.
Implemented by: julian, bz, brooks, zec
Reviewed by: julian, bz, brooks, kris, rwatson, ...
Approved by: julian (mentor)
Obtained from: //depot/projects/vimage-commit2/...
X-MFC after: never
Sponsored by: NLnet Foundation, The FreeBSD Foundation
2008-10-02 15:37:58 +00:00
|
|
|
INIT_VNET_INET6(curvnet);
|
1999-11-22 02:45:11 +00:00
|
|
|
int dst_scope = in6_addrscope(dst), blen = -1, tlen;
|
|
|
|
struct ifaddr *ifa;
|
|
|
|
struct in6_ifaddr *besta = 0;
|
2002-04-19 04:46:24 +00:00
|
|
|
struct in6_ifaddr *dep[2]; /* last-resort: deprecated */
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
dep[0] = dep[1] = NULL;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* We first look for addresses in the same scope.
|
|
|
|
* If there is one, return it.
|
|
|
|
* If two or more, return one which matches the dst longest.
|
|
|
|
* If none, return one of global addresses assigned other ifs.
|
|
|
|
*/
|
2009-04-20 16:05:16 +00:00
|
|
|
IF_ADDR_LOCK(ifp);
|
2009-04-20 22:45:21 +00:00
|
|
|
TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
|
1999-11-22 02:45:11 +00:00
|
|
|
if (ifa->ifa_addr->sa_family != AF_INET6)
|
|
|
|
continue;
|
|
|
|
if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
|
|
|
|
continue; /* XXX: is there any case to allow anycast? */
|
|
|
|
if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
|
|
|
|
continue; /* don't use this interface */
|
|
|
|
if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
|
|
|
|
continue;
|
|
|
|
if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
|
Commit step 1 of the vimage project, (network stack)
virtualization work done by Marko Zec (zec@).
This is the first in a series of commits over the course
of the next few weeks.
Mark all uses of global variables to be virtualized
with a V_ prefix.
Use macros to map them back to their global names for
now, so this is a NOP change only.
We hope to have caught at least 85-90% of what is needed
so we do not invalidate a lot of outstanding patches again.
Obtained from: //depot/projects/vimage-commit2/...
Reviewed by: brooks, des, ed, mav, julian,
jamie, kris, rwatson, zec, ...
(various people I forgot, different versions)
md5 (with a bit of help)
Sponsored by: NLnet Foundation, The FreeBSD Foundation
X-MFC after: never
V_Commit_Message_Reviewed_By: more people than the patch
2008-08-17 23:27:27 +00:00
|
|
|
if (V_ip6_use_deprecated)
|
1999-11-22 02:45:11 +00:00
|
|
|
dep[0] = (struct in6_ifaddr *)ifa;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (dst_scope == in6_addrscope(IFA_IN6(ifa))) {
|
|
|
|
/*
|
|
|
|
* call in6_matchlen() as few as possible
|
|
|
|
*/
|
|
|
|
if (besta) {
|
|
|
|
if (blen == -1)
|
|
|
|
blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst);
|
|
|
|
tlen = in6_matchlen(IFA_IN6(ifa), dst);
|
|
|
|
if (tlen > blen) {
|
|
|
|
blen = tlen;
|
|
|
|
besta = (struct in6_ifaddr *)ifa;
|
|
|
|
}
|
|
|
|
} else
|
|
|
|
besta = (struct in6_ifaddr *)ifa;
|
|
|
|
}
|
|
|
|
}
|
2009-04-20 16:05:16 +00:00
|
|
|
if (besta) {
|
|
|
|
IF_ADDR_UNLOCK(ifp);
|
2003-10-06 14:02:09 +00:00
|
|
|
return (besta);
|
2009-04-20 16:05:16 +00:00
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
|
2009-04-20 22:45:21 +00:00
|
|
|
TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
|
1999-11-22 02:45:11 +00:00
|
|
|
if (ifa->ifa_addr->sa_family != AF_INET6)
|
|
|
|
continue;
|
|
|
|
if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
|
|
|
|
continue; /* XXX: is there any case to allow anycast? */
|
|
|
|
if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
|
|
|
|
continue; /* don't use this interface */
|
|
|
|
if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
|
|
|
|
continue;
|
|
|
|
if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
|
Commit step 1 of the vimage project, (network stack)
virtualization work done by Marko Zec (zec@).
This is the first in a series of commits over the course
of the next few weeks.
Mark all uses of global variables to be virtualized
with a V_ prefix.
Use macros to map them back to their global names for
now, so this is a NOP change only.
We hope to have caught at least 85-90% of what is needed
so we do not invalidate a lot of outstanding patches again.
Obtained from: //depot/projects/vimage-commit2/...
Reviewed by: brooks, des, ed, mav, julian,
jamie, kris, rwatson, zec, ...
(various people I forgot, different versions)
md5 (with a bit of help)
Sponsored by: NLnet Foundation, The FreeBSD Foundation
X-MFC after: never
V_Commit_Message_Reviewed_By: more people than the patch
2008-08-17 23:27:27 +00:00
|
|
|
if (V_ip6_use_deprecated)
|
1999-11-22 02:45:11 +00:00
|
|
|
dep[1] = (struct in6_ifaddr *)ifa;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
2009-04-20 16:05:16 +00:00
|
|
|
IF_ADDR_UNLOCK(ifp);
|
1999-11-22 02:45:11 +00:00
|
|
|
return (struct in6_ifaddr *)ifa;
|
|
|
|
}
|
2009-04-20 16:05:16 +00:00
|
|
|
IF_ADDR_UNLOCK(ifp);
|
1999-11-22 02:45:11 +00:00
|
|
|
|
|
|
|
/* use the last-resort values, that are, deprecated addresses */
|
|
|
|
if (dep[0])
|
|
|
|
return dep[0];
|
|
|
|
if (dep[1])
|
|
|
|
return dep[1];
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* perform DAD when interface becomes IFF_UP.
|
|
|
|
*/
|
|
|
|
void
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_if_up(struct ifnet *ifp)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
|
|
|
struct ifaddr *ifa;
|
|
|
|
struct in6_ifaddr *ia;
|
|
|
|
|
2009-04-20 16:05:16 +00:00
|
|
|
IF_ADDR_LOCK(ifp);
|
2009-04-20 22:45:21 +00:00
|
|
|
TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
|
1999-11-22 02:45:11 +00:00
|
|
|
if (ifa->ifa_addr->sa_family != AF_INET6)
|
|
|
|
continue;
|
|
|
|
ia = (struct in6_ifaddr *)ifa;
|
2005-10-21 16:23:01 +00:00
|
|
|
if (ia->ia6_flags & IN6_IFF_TENTATIVE) {
|
|
|
|
/*
|
|
|
|
* The TENTATIVE flag was likely set by hand
|
|
|
|
* beforehand, implicitly indicating the need for DAD.
|
|
|
|
* We may be able to skip the random delay in this
|
|
|
|
* case, but we impose delays just in case.
|
|
|
|
*/
|
|
|
|
nd6_dad_start(ifa,
|
|
|
|
arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz));
|
|
|
|
}
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
2009-04-20 16:05:16 +00:00
|
|
|
IF_ADDR_UNLOCK(ifp);
|
2005-10-21 16:23:01 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* special cases, like 6to4, are handled in in6_ifattach
|
|
|
|
*/
|
|
|
|
in6_ifattach(ifp, NULL);
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
2001-06-11 12:39:29 +00:00
|
|
|
int
|
2007-07-05 16:23:49 +00:00
|
|
|
in6if_do_dad(struct ifnet *ifp)
|
2001-06-11 12:39:29 +00:00
|
|
|
{
|
|
|
|
if ((ifp->if_flags & IFF_LOOPBACK) != 0)
|
2003-10-06 14:02:09 +00:00
|
|
|
return (0);
|
2001-06-11 12:39:29 +00:00
|
|
|
|
|
|
|
switch (ifp->if_type) {
|
|
|
|
#ifdef IFT_DUMMY
|
|
|
|
case IFT_DUMMY:
|
|
|
|
#endif
|
|
|
|
case IFT_FAITH:
|
|
|
|
/*
|
|
|
|
* These interfaces do not have the IFF_LOOPBACK flag,
|
|
|
|
* but loop packets back. We do not have to do DAD on such
|
|
|
|
* interfaces. We should even omit it, because loop-backed
|
|
|
|
* NS would confuse the DAD procedure.
|
|
|
|
*/
|
2003-10-06 14:02:09 +00:00
|
|
|
return (0);
|
2001-06-11 12:39:29 +00:00
|
|
|
default:
|
|
|
|
/*
|
|
|
|
* Our DAD routine requires the interface up and running.
|
|
|
|
* However, some interfaces can be up before the RUNNING
|
|
|
|
* status. Additionaly, users may try to assign addresses
|
|
|
|
* before the interface becomes up (or running).
|
|
|
|
* We simply skip DAD in such a case as a work around.
|
|
|
|
* XXX: we should rather mark "tentative" on such addresses,
|
|
|
|
* and do DAD after the interface becomes ready.
|
|
|
|
*/
|
2005-08-09 10:20:02 +00:00
|
|
|
if (!((ifp->if_flags & IFF_UP) &&
|
|
|
|
(ifp->if_drv_flags & IFF_DRV_RUNNING)))
|
2003-10-06 14:02:09 +00:00
|
|
|
return (0);
|
2001-06-11 12:39:29 +00:00
|
|
|
|
2003-10-06 14:02:09 +00:00
|
|
|
return (1);
|
2001-06-11 12:39:29 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
/*
|
|
|
|
* Calculate max IPv6 MTU through all the interfaces and store it
|
|
|
|
* to in6_maxmtu.
|
|
|
|
*/
|
|
|
|
void
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_setmaxmtu(void)
|
1999-11-22 02:45:11 +00:00
|
|
|
{
|
Step 1.5 of importing the network stack virtualization infrastructure
from the vimage project, as per plan established at devsummit 08/08:
http://wiki.freebsd.org/Image/Notes200808DevSummit
Introduce INIT_VNET_*() initializer macros, VNET_FOREACH() iterator
macros, and CURVNET_SET() context setting macros, all currently
resolving to NOPs.
Prepare for virtualization of selected SYSCTL objects by introducing a
family of SYSCTL_V_*() macros, currently resolving to their global
counterparts, i.e. SYSCTL_V_INT() == SYSCTL_INT().
Move selected #defines from sys/sys/vimage.h to newly introduced header
files specific to virtualized subsystems (sys/net/vnet.h,
sys/netinet/vinet.h etc.).
All the changes are verified to have zero functional impact at this
point in time by doing MD5 comparision between pre- and post-change
object files(*).
(*) netipsec/keysock.c did not validate depending on compile time options.
Implemented by: julian, bz, brooks, zec
Reviewed by: julian, bz, brooks, kris, rwatson, ...
Approved by: julian (mentor)
Obtained from: //depot/projects/vimage-commit2/...
X-MFC after: never
Sponsored by: NLnet Foundation, The FreeBSD Foundation
2008-10-02 15:37:58 +00:00
|
|
|
INIT_VNET_NET(curvnet);
|
|
|
|
INIT_VNET_INET6(curvnet);
|
1999-11-22 02:45:11 +00:00
|
|
|
unsigned long maxmtu = 0;
|
|
|
|
struct ifnet *ifp;
|
|
|
|
|
2002-12-22 05:35:03 +00:00
|
|
|
IFNET_RLOCK();
|
2008-08-20 01:05:56 +00:00
|
|
|
for (ifp = TAILQ_FIRST(&V_ifnet); ifp;
|
2008-08-20 01:24:55 +00:00
|
|
|
ifp = TAILQ_NEXT(ifp, if_list)) {
|
2003-10-20 15:27:48 +00:00
|
|
|
/* this function can be called during ifnet initialization */
|
|
|
|
if (!ifp->if_afdata[AF_INET6])
|
|
|
|
continue;
|
1999-11-22 02:45:11 +00:00
|
|
|
if ((ifp->if_flags & IFF_LOOPBACK) == 0 &&
|
2003-10-20 15:27:48 +00:00
|
|
|
IN6_LINKMTU(ifp) > maxmtu)
|
|
|
|
maxmtu = IN6_LINKMTU(ifp);
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
2002-12-22 05:35:03 +00:00
|
|
|
IFNET_RUNLOCK();
|
2003-10-07 17:46:18 +00:00
|
|
|
if (maxmtu) /* update only when maxmtu is positive */
|
Commit step 1 of the vimage project, (network stack)
virtualization work done by Marko Zec (zec@).
This is the first in a series of commits over the course
of the next few weeks.
Mark all uses of global variables to be virtualized
with a V_ prefix.
Use macros to map them back to their global names for
now, so this is a NOP change only.
We hope to have caught at least 85-90% of what is needed
so we do not invalidate a lot of outstanding patches again.
Obtained from: //depot/projects/vimage-commit2/...
Reviewed by: brooks, des, ed, mav, julian,
jamie, kris, rwatson, zec, ...
(various people I forgot, different versions)
md5 (with a bit of help)
Sponsored by: NLnet Foundation, The FreeBSD Foundation
X-MFC after: never
V_Commit_Message_Reviewed_By: more people than the patch
2008-08-17 23:27:27 +00:00
|
|
|
V_in6_maxmtu = maxmtu;
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
2005-10-21 16:23:01 +00:00
|
|
|
/*
|
|
|
|
* Provide the length of interface identifiers to be used for the link attached
|
|
|
|
* to the given interface. The length should be defined in "IPv6 over
|
|
|
|
* xxx-link" document. Note that address architecture might also define
|
|
|
|
* the length for a particular set of address prefixes, regardless of the
|
|
|
|
* link type. As clarified in rfc2462bis, those two definitions should be
|
|
|
|
* consistent, and those really are as of August 2004.
|
|
|
|
*/
|
|
|
|
int
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_if2idlen(struct ifnet *ifp)
|
2005-10-21 16:23:01 +00:00
|
|
|
{
|
|
|
|
switch (ifp->if_type) {
|
|
|
|
case IFT_ETHER: /* RFC2464 */
|
|
|
|
#ifdef IFT_PROPVIRTUAL
|
|
|
|
case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */
|
|
|
|
#endif
|
|
|
|
#ifdef IFT_L2VLAN
|
|
|
|
case IFT_L2VLAN: /* ditto */
|
|
|
|
#endif
|
|
|
|
#ifdef IFT_IEEE80211
|
|
|
|
case IFT_IEEE80211: /* ditto */
|
|
|
|
#endif
|
|
|
|
#ifdef IFT_MIP
|
|
|
|
case IFT_MIP: /* ditto */
|
|
|
|
#endif
|
|
|
|
return (64);
|
|
|
|
case IFT_FDDI: /* RFC2467 */
|
|
|
|
return (64);
|
|
|
|
case IFT_ISO88025: /* RFC2470 (IPv6 over Token Ring) */
|
|
|
|
return (64);
|
|
|
|
case IFT_PPP: /* RFC2472 */
|
|
|
|
return (64);
|
|
|
|
case IFT_ARCNET: /* RFC2497 */
|
|
|
|
return (64);
|
|
|
|
case IFT_FRELAY: /* RFC2590 */
|
|
|
|
return (64);
|
|
|
|
case IFT_IEEE1394: /* RFC3146 */
|
|
|
|
return (64);
|
|
|
|
case IFT_GIF:
|
|
|
|
return (64); /* draft-ietf-v6ops-mech-v2-07 */
|
|
|
|
case IFT_LOOP:
|
|
|
|
return (64); /* XXX: is this really correct? */
|
|
|
|
default:
|
|
|
|
/*
|
|
|
|
* Unknown link type:
|
|
|
|
* It might be controversial to use the today's common constant
|
|
|
|
* of 64 for these cases unconditionally. For full compliance,
|
|
|
|
* we should return an error in this case. On the other hand,
|
|
|
|
* if we simply miss the standard for the link type or a new
|
|
|
|
* standard is defined for a new link type, the IFID length
|
|
|
|
* is very likely to be the common constant. As a compromise,
|
|
|
|
* we always use the constant, but make an explicit notice
|
|
|
|
* indicating the "unknown" case.
|
|
|
|
*/
|
|
|
|
printf("in6_if2idlen: unknown link type (%d)\n", ifp->if_type);
|
|
|
|
return (64);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
#include <sys/sysctl.h>
|
|
|
|
|
|
|
|
struct in6_llentry {
|
|
|
|
struct llentry base;
|
|
|
|
struct sockaddr_in6 l3_addr6;
|
|
|
|
};
|
|
|
|
|
|
|
|
static struct llentry *
|
|
|
|
in6_lltable_new(const struct sockaddr *l3addr, u_int flags)
|
|
|
|
{
|
|
|
|
struct in6_llentry *lle;
|
|
|
|
|
|
|
|
lle = malloc(sizeof(struct in6_llentry), M_LLTABLE,
|
|
|
|
M_DONTWAIT | M_ZERO);
|
|
|
|
if (lle == NULL) /* NB: caller generates msg */
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
callout_init(&lle->base.ln_timer_ch, CALLOUT_MPSAFE);
|
|
|
|
lle->l3_addr6 = *(const struct sockaddr_in6 *)l3addr;
|
|
|
|
lle->base.lle_refcnt = 1;
|
|
|
|
LLE_LOCK_INIT(&lle->base);
|
|
|
|
return &lle->base;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Deletes an address from the address table.
|
|
|
|
* This function is called by the timer functions
|
|
|
|
* such as arptimer() and nd6_llinfo_timer(), and
|
|
|
|
* the caller does the locking.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
in6_lltable_free(struct lltable *llt, struct llentry *lle)
|
|
|
|
{
|
2008-12-16 00:20:49 +00:00
|
|
|
LLE_WUNLOCK(lle);
|
|
|
|
LLE_LOCK_DESTROY(lle);
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
free(lle, M_LLTABLE);
|
|
|
|
}
|
|
|
|
|
2009-05-20 21:07:15 +00:00
|
|
|
static void
|
|
|
|
in6_lltable_prefix_free(struct lltable *llt,
|
|
|
|
const struct sockaddr *prefix,
|
|
|
|
const struct sockaddr *mask)
|
|
|
|
{
|
|
|
|
const struct sockaddr_in6 *pfx = (const struct sockaddr_in6 *)prefix;
|
|
|
|
const struct sockaddr_in6 *msk = (const struct sockaddr_in6 *)mask;
|
|
|
|
struct llentry *lle, *next;
|
|
|
|
register int i;
|
|
|
|
|
|
|
|
for (i=0; i < LLTBL_HASHTBL_SIZE; i++) {
|
|
|
|
LIST_FOREACH_SAFE(lle, &llt->lle_head[i], lle_next, next) {
|
|
|
|
if (IN6_ARE_MASKED_ADDR_EQUAL(
|
|
|
|
&((struct sockaddr_in6 *)L3_ADDR(lle))->sin6_addr,
|
|
|
|
&pfx->sin6_addr,
|
|
|
|
&msk->sin6_addr)) {
|
|
|
|
callout_drain(&lle->la_timer);
|
|
|
|
LLE_WLOCK(lle);
|
|
|
|
llentry_free(lle);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
static int
|
|
|
|
in6_lltable_rtcheck(struct ifnet *ifp, const struct sockaddr *l3addr)
|
|
|
|
{
|
|
|
|
struct rtentry *rt;
|
|
|
|
char ip6buf[INET6_ADDRSTRLEN];
|
|
|
|
|
|
|
|
KASSERT(l3addr->sa_family == AF_INET6,
|
|
|
|
("sin_family %d", l3addr->sa_family));
|
|
|
|
|
|
|
|
/* XXX rtalloc1 should take a const param */
|
|
|
|
rt = rtalloc1(__DECONST(struct sockaddr *, l3addr), 0, 0);
|
|
|
|
if (rt == NULL || (rt->rt_flags & RTF_GATEWAY) || rt->rt_ifp != ifp) {
|
|
|
|
struct ifaddr *ifa;
|
|
|
|
/*
|
|
|
|
* Create an ND6 cache for an IPv6 neighbor
|
|
|
|
* that is not covered by our own prefix.
|
|
|
|
*/
|
|
|
|
/* XXX ifaof_ifpforaddr should take a const param */
|
|
|
|
ifa = ifaof_ifpforaddr(__DECONST(struct sockaddr *, l3addr), ifp);
|
|
|
|
if (ifa != NULL) {
|
|
|
|
if (rt != NULL)
|
2009-01-31 10:48:02 +00:00
|
|
|
RTFREE_LOCKED(rt);
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n",
|
|
|
|
ip6_sprintf(ip6buf, &((const struct sockaddr_in6 *)l3addr)->sin6_addr));
|
|
|
|
if (rt != NULL)
|
2009-01-31 10:48:02 +00:00
|
|
|
RTFREE_LOCKED(rt);
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
return EINVAL;
|
|
|
|
}
|
2009-01-31 10:48:02 +00:00
|
|
|
RTFREE_LOCKED(rt);
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static struct llentry *
|
|
|
|
in6_lltable_lookup(struct lltable *llt, u_int flags,
|
|
|
|
const struct sockaddr *l3addr)
|
|
|
|
{
|
|
|
|
const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr;
|
|
|
|
struct ifnet *ifp = llt->llt_ifp;
|
|
|
|
struct llentry *lle;
|
|
|
|
struct llentries *lleh;
|
|
|
|
u_int hashkey;
|
|
|
|
|
|
|
|
IF_AFDATA_LOCK_ASSERT(ifp);
|
|
|
|
KASSERT(l3addr->sa_family == AF_INET6,
|
|
|
|
("sin_family %d", l3addr->sa_family));
|
|
|
|
|
|
|
|
hashkey = sin6->sin6_addr.s6_addr32[3];
|
|
|
|
lleh = &llt->lle_head[LLATBL_HASH(hashkey, LLTBL_HASHMASK)];
|
|
|
|
LIST_FOREACH(lle, lleh, lle_next) {
|
2009-01-03 00:27:28 +00:00
|
|
|
struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)L3_ADDR(lle);
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
if (lle->la_flags & LLE_DELETED)
|
|
|
|
continue;
|
2009-01-03 00:27:28 +00:00
|
|
|
if (bcmp(&sa6->sin6_addr, &sin6->sin6_addr,
|
|
|
|
sizeof(struct in6_addr)) == 0)
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (lle == NULL) {
|
|
|
|
if (!(flags & LLE_CREATE))
|
|
|
|
return (NULL);
|
|
|
|
/*
|
|
|
|
* A route that covers the given address must have
|
|
|
|
* been installed 1st because we are doing a resolution,
|
|
|
|
* verify this.
|
|
|
|
*/
|
|
|
|
if (!(flags & LLE_IFADDR) &&
|
|
|
|
in6_lltable_rtcheck(ifp, l3addr) != 0)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
lle = in6_lltable_new(l3addr, flags);
|
|
|
|
if (lle == NULL) {
|
|
|
|
log(LOG_INFO, "lla_lookup: new lle malloc failed\n");
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
lle->la_flags = flags & ~LLE_CREATE;
|
|
|
|
if ((flags & (LLE_CREATE | LLE_IFADDR)) == (LLE_CREATE | LLE_IFADDR)) {
|
|
|
|
bcopy(IF_LLADDR(ifp), &lle->ll_addr, ifp->if_addrlen);
|
|
|
|
lle->la_flags |= (LLE_VALID | LLE_STATIC);
|
|
|
|
}
|
|
|
|
|
|
|
|
lle->lle_tbl = llt;
|
|
|
|
lle->lle_head = lleh;
|
|
|
|
LIST_INSERT_HEAD(lleh, lle, lle_next);
|
|
|
|
} else if (flags & LLE_DELETE) {
|
2008-12-22 07:11:15 +00:00
|
|
|
if (!(lle->la_flags & LLE_IFADDR) || (flags & LLE_IFADDR)) {
|
|
|
|
LLE_WLOCK(lle);
|
|
|
|
lle->la_flags = LLE_DELETED;
|
|
|
|
LLE_WUNLOCK(lle);
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
#ifdef DIAGNOSTICS
|
2008-12-22 07:11:15 +00:00
|
|
|
log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle);
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
#endif
|
2008-12-22 07:11:15 +00:00
|
|
|
}
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
lle = (void *)-1;
|
|
|
|
}
|
|
|
|
if (LLE_IS_VALID(lle)) {
|
|
|
|
if (flags & LLE_EXCLUSIVE)
|
|
|
|
LLE_WLOCK(lle);
|
|
|
|
else
|
|
|
|
LLE_RLOCK(lle);
|
|
|
|
}
|
|
|
|
return (lle);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
in6_lltable_dump(struct lltable *llt, struct sysctl_req *wr)
|
|
|
|
{
|
|
|
|
struct ifnet *ifp = llt->llt_ifp;
|
|
|
|
struct llentry *lle;
|
|
|
|
/* XXX stack use */
|
|
|
|
struct {
|
|
|
|
struct rt_msghdr rtm;
|
|
|
|
struct sockaddr_in6 sin6;
|
|
|
|
/*
|
|
|
|
* ndp.c assumes that sdl is word aligned
|
|
|
|
*/
|
|
|
|
#ifdef __LP64__
|
|
|
|
uint32_t pad;
|
|
|
|
#endif
|
|
|
|
struct sockaddr_dl sdl;
|
|
|
|
} ndpc;
|
|
|
|
int i, error;
|
|
|
|
|
|
|
|
/* XXXXX
|
|
|
|
* current IFNET_RLOCK() is mapped to IFNET_WLOCK()
|
|
|
|
* so it is okay to use this ASSERT, change it when
|
|
|
|
* IFNET lock is finalized
|
|
|
|
*/
|
|
|
|
IFNET_WLOCK_ASSERT();
|
|
|
|
|
|
|
|
error = 0;
|
|
|
|
for (i = 0; i < LLTBL_HASHTBL_SIZE; i++) {
|
|
|
|
LIST_FOREACH(lle, &llt->lle_head[i], lle_next) {
|
|
|
|
struct sockaddr_dl *sdl;
|
|
|
|
|
|
|
|
/* skip deleted or invalid entries */
|
|
|
|
if ((lle->la_flags & (LLE_DELETED|LLE_VALID)) != LLE_VALID)
|
|
|
|
continue;
|
2009-01-09 21:57:49 +00:00
|
|
|
/* Skip if jailed and not a valid IP of the prison. */
|
2009-02-05 14:06:09 +00:00
|
|
|
if (prison_if(wr->td->td_ucred, L3_ADDR(lle)) != 0)
|
2009-01-09 21:57:49 +00:00
|
|
|
continue;
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
/*
|
|
|
|
* produce a msg made of:
|
|
|
|
* struct rt_msghdr;
|
|
|
|
* struct sockaddr_in6 (IPv6)
|
|
|
|
* struct sockaddr_dl;
|
|
|
|
*/
|
|
|
|
bzero(&ndpc, sizeof(ndpc));
|
|
|
|
ndpc.rtm.rtm_msglen = sizeof(ndpc);
|
2009-01-12 11:24:32 +00:00
|
|
|
ndpc.rtm.rtm_version = RTM_VERSION;
|
|
|
|
ndpc.rtm.rtm_type = RTM_GET;
|
|
|
|
ndpc.rtm.rtm_flags = RTF_UP;
|
|
|
|
ndpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY;
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
ndpc.sin6.sin6_family = AF_INET6;
|
|
|
|
ndpc.sin6.sin6_len = sizeof(ndpc.sin6);
|
|
|
|
bcopy(L3_ADDR(lle), &ndpc.sin6, L3_ADDR_LEN(lle));
|
|
|
|
|
|
|
|
/* publish */
|
|
|
|
if (lle->la_flags & LLE_PUB)
|
|
|
|
ndpc.rtm.rtm_flags |= RTF_ANNOUNCE;
|
|
|
|
|
|
|
|
sdl = &ndpc.sdl;
|
|
|
|
sdl->sdl_family = AF_LINK;
|
|
|
|
sdl->sdl_len = sizeof(*sdl);
|
|
|
|
sdl->sdl_alen = ifp->if_addrlen;
|
|
|
|
sdl->sdl_index = ifp->if_index;
|
|
|
|
sdl->sdl_type = ifp->if_type;
|
|
|
|
bcopy(&lle->ll_addr, LLADDR(sdl), ifp->if_addrlen);
|
|
|
|
ndpc.rtm.rtm_rmx.rmx_expire =
|
|
|
|
lle->la_flags & LLE_STATIC ? 0 : lle->la_expire;
|
2008-12-26 19:45:24 +00:00
|
|
|
ndpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA);
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
if (lle->la_flags & LLE_STATIC)
|
|
|
|
ndpc.rtm.rtm_flags |= RTF_STATIC;
|
|
|
|
ndpc.rtm.rtm_index = ifp->if_index;
|
|
|
|
error = SYSCTL_OUT(wr, &ndpc, sizeof(ndpc));
|
|
|
|
if (error)
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return error;
|
|
|
|
}
|
|
|
|
|
2003-10-17 15:46:31 +00:00
|
|
|
void *
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_domifattach(struct ifnet *ifp)
|
2003-10-17 15:46:31 +00:00
|
|
|
{
|
|
|
|
struct in6_ifextra *ext;
|
|
|
|
|
|
|
|
ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK);
|
|
|
|
bzero(ext, sizeof(*ext));
|
|
|
|
|
|
|
|
ext->in6_ifstat = (struct in6_ifstat *)malloc(sizeof(struct in6_ifstat),
|
|
|
|
M_IFADDR, M_WAITOK);
|
|
|
|
bzero(ext->in6_ifstat, sizeof(*ext->in6_ifstat));
|
|
|
|
|
|
|
|
ext->icmp6_ifstat =
|
|
|
|
(struct icmp6_ifstat *)malloc(sizeof(struct icmp6_ifstat),
|
|
|
|
M_IFADDR, M_WAITOK);
|
|
|
|
bzero(ext->icmp6_ifstat, sizeof(*ext->icmp6_ifstat));
|
|
|
|
|
|
|
|
ext->nd_ifinfo = nd6_ifattach(ifp);
|
|
|
|
ext->scope6_id = scope6_ifattach(ifp);
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
ext->lltable = lltable_init(ifp, AF_INET6);
|
|
|
|
if (ext->lltable != NULL) {
|
|
|
|
ext->lltable->llt_new = in6_lltable_new;
|
|
|
|
ext->lltable->llt_free = in6_lltable_free;
|
2009-05-20 21:07:15 +00:00
|
|
|
ext->lltable->llt_prefix_free = in6_lltable_prefix_free;
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
ext->lltable->llt_rtcheck = in6_lltable_rtcheck;
|
|
|
|
ext->lltable->llt_lookup = in6_lltable_lookup;
|
|
|
|
ext->lltable->llt_dump = in6_lltable_dump;
|
|
|
|
}
|
Bite the bullet, and make the IPv6 SSM and MLDv2 mega-commit:
import from p4 bms_netdev. Summary of changes:
* Connect netinet6/in6_mcast.c to build.
The legacy KAME KPIs are mostly preserved.
* Eliminate now dead code from ip6_output.c.
Don't do mbuf bingo, we are not going to do RFC 2292 style
CMSG tricks for multicast options as they are not required
by any current IPv6 normative reference.
* Refactor transports (UDP, raw_ip6) to do own mcast filtering.
SCTP, TCP unaffected by this change.
* Add ip6_msource, in6_msource structs to in6_var.h.
* Hookup mld_ifinfo state to in6_ifextra, allocate from
domifattach path.
* Eliminate IN6_LOOKUP_MULTI(), it is no longer referenced.
Kernel consumers which need this should use in6m_lookup().
* Refactor IPv6 socket group memberships to use a vector (like IPv4).
* Update ifmcstat(8) for IPv6 SSM.
* Add witness lock order for IN6_MULTI_LOCK.
* Move IN6_MULTI_LOCK out of lower ip6_output()/ip6_input() paths.
* Introduce IP6STAT_ADD/SUB/INC/DEC as per rwatson's IPv4 cleanup.
* Update carp(4) for new IPv6 SSM KPIs.
* Virtualize ip6_mrouter socket.
Changes mostly localized to IPv6 MROUTING.
* Don't do a local group lookup in MROUTING.
* Kill unused KAME prototypes in6_purgemkludge(), in6_restoremkludge().
* Preserve KAME DAD timer jitter behaviour in MLDv1 compatibility mode.
* Bump __FreeBSD_version to 800084.
* Update UPDATING.
NOTE WELL:
* This code hasn't been tested against real MLDv2 queriers
(yet), although the on-wire protocol has been verified in Wireshark.
* There are a few unresolved issues in the socket layer APIs to
do with scope ID propagation.
* There is a LOR present in ip6_output()'s use of
in6_setscope() which needs to be resolved. See comments in mld6.c.
This is believed to be benign and can't be avoided for the moment
without re-introducing an indirect netisr.
This work was mostly derived from the IGMPv3 implementation, and
has been sponsored by a third party.
2009-04-29 19:19:13 +00:00
|
|
|
|
|
|
|
ext->mld_ifinfo = mld_domifattach(ifp);
|
|
|
|
|
2003-10-17 15:46:31 +00:00
|
|
|
return ext;
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
2007-07-05 16:23:49 +00:00
|
|
|
in6_domifdetach(struct ifnet *ifp, void *aux)
|
2003-10-17 15:46:31 +00:00
|
|
|
{
|
|
|
|
struct in6_ifextra *ext = (struct in6_ifextra *)aux;
|
|
|
|
|
Bite the bullet, and make the IPv6 SSM and MLDv2 mega-commit:
import from p4 bms_netdev. Summary of changes:
* Connect netinet6/in6_mcast.c to build.
The legacy KAME KPIs are mostly preserved.
* Eliminate now dead code from ip6_output.c.
Don't do mbuf bingo, we are not going to do RFC 2292 style
CMSG tricks for multicast options as they are not required
by any current IPv6 normative reference.
* Refactor transports (UDP, raw_ip6) to do own mcast filtering.
SCTP, TCP unaffected by this change.
* Add ip6_msource, in6_msource structs to in6_var.h.
* Hookup mld_ifinfo state to in6_ifextra, allocate from
domifattach path.
* Eliminate IN6_LOOKUP_MULTI(), it is no longer referenced.
Kernel consumers which need this should use in6m_lookup().
* Refactor IPv6 socket group memberships to use a vector (like IPv4).
* Update ifmcstat(8) for IPv6 SSM.
* Add witness lock order for IN6_MULTI_LOCK.
* Move IN6_MULTI_LOCK out of lower ip6_output()/ip6_input() paths.
* Introduce IP6STAT_ADD/SUB/INC/DEC as per rwatson's IPv4 cleanup.
* Update carp(4) for new IPv6 SSM KPIs.
* Virtualize ip6_mrouter socket.
Changes mostly localized to IPv6 MROUTING.
* Don't do a local group lookup in MROUTING.
* Kill unused KAME prototypes in6_purgemkludge(), in6_restoremkludge().
* Preserve KAME DAD timer jitter behaviour in MLDv1 compatibility mode.
* Bump __FreeBSD_version to 800084.
* Update UPDATING.
NOTE WELL:
* This code hasn't been tested against real MLDv2 queriers
(yet), although the on-wire protocol has been verified in Wireshark.
* There are a few unresolved issues in the socket layer APIs to
do with scope ID propagation.
* There is a LOR present in ip6_output()'s use of
in6_setscope() which needs to be resolved. See comments in mld6.c.
This is believed to be benign and can't be avoided for the moment
without re-introducing an indirect netisr.
This work was mostly derived from the IGMPv3 implementation, and
has been sponsored by a third party.
2009-04-29 19:19:13 +00:00
|
|
|
mld_domifdetach(ifp);
|
2003-10-17 15:46:31 +00:00
|
|
|
scope6_ifdetach(ext->scope6_id);
|
|
|
|
nd6_ifdetach(ext->nd_ifinfo);
|
This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
|
|
|
lltable_free(ext->lltable);
|
2003-10-17 15:46:31 +00:00
|
|
|
free(ext->in6_ifstat, M_IFADDR);
|
|
|
|
free(ext->icmp6_ifstat, M_IFADDR);
|
|
|
|
free(ext, M_IFADDR);
|
|
|
|
}
|
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
/*
|
2002-04-19 04:46:24 +00:00
|
|
|
* Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be
|
1999-11-22 02:45:11 +00:00
|
|
|
* v4 mapped addr or v4 compat addr
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
|
|
|
|
{
|
2007-07-05 16:23:49 +00:00
|
|
|
|
1999-11-22 02:45:11 +00:00
|
|
|
bzero(sin, sizeof(*sin));
|
|
|
|
sin->sin_len = sizeof(struct sockaddr_in);
|
|
|
|
sin->sin_family = AF_INET;
|
|
|
|
sin->sin_port = sin6->sin6_port;
|
2003-10-07 17:46:18 +00:00
|
|
|
sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3];
|
1999-11-22 02:45:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */
|
|
|
|
void
|
|
|
|
in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
|
|
|
|
{
|
|
|
|
bzero(sin6, sizeof(*sin6));
|
|
|
|
sin6->sin6_len = sizeof(struct sockaddr_in6);
|
|
|
|
sin6->sin6_family = AF_INET6;
|
|
|
|
sin6->sin6_port = sin->sin_port;
|
|
|
|
sin6->sin6_addr.s6_addr32[0] = 0;
|
|
|
|
sin6->sin6_addr.s6_addr32[1] = 0;
|
|
|
|
sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP;
|
|
|
|
sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Convert sockaddr_in6 into sockaddr_in. */
|
|
|
|
void
|
|
|
|
in6_sin6_2_sin_in_sock(struct sockaddr *nam)
|
|
|
|
{
|
|
|
|
struct sockaddr_in *sin_p;
|
|
|
|
struct sockaddr_in6 sin6;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Save original sockaddr_in6 addr and convert it
|
|
|
|
* to sockaddr_in.
|
|
|
|
*/
|
|
|
|
sin6 = *(struct sockaddr_in6 *)nam;
|
|
|
|
sin_p = (struct sockaddr_in *)nam;
|
|
|
|
in6_sin6_2_sin(sin_p, &sin6);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */
|
|
|
|
void
|
|
|
|
in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam)
|
|
|
|
{
|
|
|
|
struct sockaddr_in *sin_p;
|
|
|
|
struct sockaddr_in6 *sin6_p;
|
|
|
|
|
2008-10-23 15:53:51 +00:00
|
|
|
sin6_p = malloc(sizeof *sin6_p, M_SONAME,
|
2003-02-19 05:47:46 +00:00
|
|
|
M_WAITOK);
|
1999-11-22 02:45:11 +00:00
|
|
|
sin_p = (struct sockaddr_in *)*nam;
|
|
|
|
in6_sin_2_v4mapsin6(sin_p, sin6_p);
|
2008-10-23 15:53:51 +00:00
|
|
|
free(*nam, M_SONAME);
|
1999-11-22 02:45:11 +00:00
|
|
|
*nam = (struct sockaddr *)sin6_p;
|
|
|
|
}
|