2 * Copyright (c) 1999 Poul-Henning Kamp.
3 * Copyright (c) 2008 Bjoern A. Zeeb.
4 * Copyright (c) 2009 James Gritton.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 #include <sys/cdefs.h>
32 #include "opt_inet6.h"
34 #include <sys/param.h>
35 #include <sys/types.h>
36 #include <sys/kernel.h>
37 #include <sys/systm.h>
38 #include <sys/errno.h>
39 #include <sys/sysproto.h>
40 #include <sys/malloc.h>
44 #include <sys/taskqueue.h>
45 #include <sys/fcntl.h>
48 #include <sys/mutex.h>
49 #include <sys/racct.h>
50 #include <sys/refcount.h>
52 #include <sys/namei.h>
53 #include <sys/mount.h>
54 #include <sys/queue.h>
55 #include <sys/socket.h>
56 #include <sys/syscallsubr.h>
57 #include <sys/sysctl.h>
58 #include <sys/vnode.h>
63 #include <netinet/in.h>
66 prison_primary_ip4(const struct prison *pr)
69 return (((const struct in_addr *)prison_ip_get0(pr, PR_INET))->s_addr);
73 prison_qcmp_v4(const void *ip1, const void *ip2)
78 * We need to compare in HBO here to get the list sorted as expected
79 * by the result of the code. Sorting NBO addresses gives you
80 * interesting results. If you do not understand, do not try.
82 iaa = ntohl(((const struct in_addr *)ip1)->s_addr);
83 iab = ntohl(((const struct in_addr *)ip2)->s_addr);
86 * Do not simply return the difference of the two numbers, the int is
98 prison_valid_v4(const void *ip)
100 in_addr_t ia = ((const struct in_addr *)ip)->s_addr;
103 * We do not have to care about byte order for these
104 * checks so we will do them in NBO.
106 return (ia != INADDR_ANY && ia != INADDR_BROADCAST);
110 * Pass back primary IPv4 address of this jail.
112 * If not restricted return success but do not alter the address. Caller has
113 * to make sure to initialize it correctly (e.g. INADDR_ANY).
115 * Returns 0 on success, EAFNOSUPPORT if the jail doesn't allow IPv4.
116 * Address returned in NBO.
119 prison_get_ip4(struct ucred *cred, struct in_addr *ia)
123 KASSERT(cred != NULL, ("%s: cred is NULL", __func__));
124 KASSERT(ia != NULL, ("%s: ia is NULL", __func__));
126 pr = cred->cr_prison;
127 if (!(pr->pr_flags & PR_IP4))
129 mtx_lock(&pr->pr_mtx);
130 if (!(pr->pr_flags & PR_IP4)) {
131 mtx_unlock(&pr->pr_mtx);
134 if (pr->pr_addrs[PR_INET] == NULL) {
135 mtx_unlock(&pr->pr_mtx);
136 return (EAFNOSUPPORT);
139 ia->s_addr = prison_primary_ip4(pr);
140 mtx_unlock(&pr->pr_mtx);
145 * Return true if we should do proper source address selection or are not jailed.
146 * We will return false if we should bypass source address selection in favour
147 * of the primary jail IPv4 address. Only in this case *ia will be updated and
149 * Return true, even in case this jail does not allow IPv4.
152 prison_saddrsel_ip4(struct ucred *cred, struct in_addr *ia)
157 KASSERT(cred != NULL, ("%s: cred is NULL", __func__));
158 KASSERT(ia != NULL, ("%s: ia is NULL", __func__));
163 pr = cred->cr_prison;
164 if (pr->pr_flags & PR_IP4_SADDRSEL)
167 lia.s_addr = INADDR_ANY;
168 if (prison_get_ip4(cred, &lia) != 0)
170 if (lia.s_addr == INADDR_ANY)
173 ia->s_addr = lia.s_addr;
178 * Return true if pr1 and pr2 have the same IPv4 address restrictions.
181 prison_equal_ip4(struct prison *pr1, struct prison *pr2)
188 * No need to lock since the PR_IP4_USER flag can't be altered for
191 while (pr1 != &prison0 &&
193 !(pr1->pr_flags & PR_VNET) &&
195 !(pr1->pr_flags & PR_IP4_USER))
196 pr1 = pr1->pr_parent;
197 while (pr2 != &prison0 &&
199 !(pr2->pr_flags & PR_VNET) &&
201 !(pr2->pr_flags & PR_IP4_USER))
202 pr2 = pr2->pr_parent;
207 * Make sure our (source) address is set to something meaningful to this
210 * Returns 0 if jail doesn't restrict IPv4 or if address belongs to jail,
211 * EADDRNOTAVAIL if the address doesn't belong, or EAFNOSUPPORT if the jail
212 * doesn't allow IPv4. Address passed in in NBO and returned in NBO.
215 prison_local_ip4(struct ucred *cred, struct in_addr *ia)
221 KASSERT(cred != NULL, ("%s: cred is NULL", __func__));
222 KASSERT(ia != NULL, ("%s: ia is NULL", __func__));
224 pr = cred->cr_prison;
225 if (!(pr->pr_flags & PR_IP4))
227 mtx_lock(&pr->pr_mtx);
228 if (!(pr->pr_flags & PR_IP4)) {
229 mtx_unlock(&pr->pr_mtx);
232 if (pr->pr_addrs[PR_INET] == NULL) {
233 mtx_unlock(&pr->pr_mtx);
234 return (EAFNOSUPPORT);
237 ia0.s_addr = ntohl(ia->s_addr);
239 if (ia0.s_addr == INADDR_ANY) {
241 * In case there is only 1 IPv4 address, bind directly.
243 if (prison_ip_cnt(pr, PR_INET) == 1)
244 ia->s_addr = prison_primary_ip4(pr);
245 mtx_unlock(&pr->pr_mtx);
249 error = prison_check_ip4_locked(pr, ia);
250 if (error == EADDRNOTAVAIL && ia0.s_addr == INADDR_LOOPBACK) {
251 ia->s_addr = prison_primary_ip4(pr);
255 mtx_unlock(&pr->pr_mtx);
260 * Rewrite destination address in case we will connect to loopback address.
262 * Returns 0 on success, EAFNOSUPPORT if the jail doesn't allow IPv4.
263 * Address passed in in NBO and returned in NBO.
266 prison_remote_ip4(struct ucred *cred, struct in_addr *ia)
270 KASSERT(cred != NULL, ("%s: cred is NULL", __func__));
271 KASSERT(ia != NULL, ("%s: ia is NULL", __func__));
273 pr = cred->cr_prison;
274 if (!(pr->pr_flags & PR_IP4))
276 mtx_lock(&pr->pr_mtx);
277 if (!(pr->pr_flags & PR_IP4)) {
278 mtx_unlock(&pr->pr_mtx);
281 if (pr->pr_addrs[PR_INET] == NULL) {
282 mtx_unlock(&pr->pr_mtx);
283 return (EAFNOSUPPORT);
286 if (ntohl(ia->s_addr) == INADDR_LOOPBACK &&
287 prison_check_ip4_locked(pr, ia) == EADDRNOTAVAIL) {
288 ia->s_addr = prison_primary_ip4(pr);
289 mtx_unlock(&pr->pr_mtx);
294 * Return success because nothing had to be changed.
296 mtx_unlock(&pr->pr_mtx);
301 * Check if given address belongs to the jail referenced by cred/prison.
303 * Returns 0 if address belongs to jail,
304 * EADDRNOTAVAIL if the address doesn't belong to the jail.
307 prison_check_ip4_locked(const struct prison *pr, const struct in_addr *ia)
310 if (!(pr->pr_flags & PR_IP4))
313 return (prison_ip_check(pr, PR_INET, ia));
317 prison_check_ip4(const struct ucred *cred, const struct in_addr *ia)
322 KASSERT(cred != NULL, ("%s: cred is NULL", __func__));
323 KASSERT(ia != NULL, ("%s: ia is NULL", __func__));
325 pr = cred->cr_prison;
326 if (!(pr->pr_flags & PR_IP4))
328 mtx_lock(&pr->pr_mtx);
329 if (!(pr->pr_flags & PR_IP4)) {
330 mtx_unlock(&pr->pr_mtx);
333 if (pr->pr_addrs[PR_INET] == NULL) {
334 mtx_unlock(&pr->pr_mtx);
335 return (EAFNOSUPPORT);
338 error = prison_check_ip4_locked(pr, ia);
339 mtx_unlock(&pr->pr_mtx);