2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. Neither the name of the project nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * $KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $
33 * Copyright (c) 1982, 1986, 1991, 1993
34 * The Regents of the University of California. All rights reserved.
36 * Redistribution and use in source and binary forms, with or without
37 * modification, are permitted provided that the following conditions
39 * 1. Redistributions of source code must retain the above copyright
40 * notice, this list of conditions and the following disclaimer.
41 * 2. Redistributions in binary form must reproduce the above copyright
42 * notice, this list of conditions and the following disclaimer in the
43 * documentation and/or other materials provided with the distribution.
44 * 4. Neither the name of the University nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
60 * @(#)in.c 8.2 (Berkeley) 11/15/93
63 #include <sys/cdefs.h>
64 __FBSDID("$FreeBSD$");
66 #include "opt_compat.h"
68 #include "opt_inet6.h"
70 #include <sys/param.h>
71 #include <sys/eventhandler.h>
72 #include <sys/errno.h>
74 #include <sys/malloc.h>
75 #include <sys/socket.h>
76 #include <sys/socketvar.h>
77 #include <sys/sockio.h>
78 #include <sys/systm.h>
82 #include <sys/kernel.h>
83 #include <sys/syslog.h>
86 #include <net/if_var.h>
87 #include <net/if_types.h>
88 #include <net/route.h>
89 #include <net/if_dl.h>
92 #include <netinet/in.h>
93 #include <netinet/in_var.h>
94 #include <net/if_llatbl.h>
95 #include <netinet/if_ether.h>
96 #include <netinet/in_systm.h>
97 #include <netinet/ip.h>
98 #include <netinet/in_pcb.h>
99 #include <netinet/ip_carp.h>
101 #include <netinet/ip6.h>
102 #include <netinet6/ip6_var.h>
103 #include <netinet6/nd6.h>
104 #include <netinet6/mld6_var.h>
105 #include <netinet6/ip6_mroute.h>
106 #include <netinet6/in6_ifattach.h>
107 #include <netinet6/scope6_var.h>
108 #include <netinet6/in6_pcb.h>
110 VNET_DECLARE(int, icmp6_nodeinfo_oldmcprefix);
111 #define V_icmp6_nodeinfo_oldmcprefix VNET(icmp6_nodeinfo_oldmcprefix)
114 * Definitions of some costant IP6 addresses.
116 const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT;
117 const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT;
118 const struct in6_addr in6addr_nodelocal_allnodes =
119 IN6ADDR_NODELOCAL_ALLNODES_INIT;
120 const struct in6_addr in6addr_linklocal_allnodes =
121 IN6ADDR_LINKLOCAL_ALLNODES_INIT;
122 const struct in6_addr in6addr_linklocal_allrouters =
123 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT;
124 const struct in6_addr in6addr_linklocal_allv2routers =
125 IN6ADDR_LINKLOCAL_ALLV2ROUTERS_INIT;
127 const struct in6_addr in6mask0 = IN6MASK0;
128 const struct in6_addr in6mask32 = IN6MASK32;
129 const struct in6_addr in6mask64 = IN6MASK64;
130 const struct in6_addr in6mask96 = IN6MASK96;
131 const struct in6_addr in6mask128 = IN6MASK128;
133 const struct sockaddr_in6 sa6_any =
134 { sizeof(sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0 };
136 static int in6_notify_ifa(struct ifnet *, struct in6_ifaddr *,
137 struct in6_aliasreq *, int);
138 static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *);
140 int (*faithprefix_p)(struct in6_addr *);
142 static int in6_validate_ifra(struct ifnet *, struct in6_aliasreq *,
143 struct in6_ifaddr *, int);
144 static struct in6_ifaddr *in6_alloc_ifa(struct ifnet *,
145 struct in6_aliasreq *, int flags);
146 static int in6_update_ifa_internal(struct ifnet *, struct in6_aliasreq *,
147 struct in6_ifaddr *, int, int);
148 static int in6_broadcast_ifa(struct ifnet *, struct in6_aliasreq *,
149 struct in6_ifaddr *, int);
151 #define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa))
152 #define ia62ifa(ia6) (&((ia6)->ia_ifa))
156 in6_newaddrmsg(struct in6_ifaddr *ia, int cmd)
158 struct sockaddr_dl gateway;
159 struct sockaddr_in6 mask, addr;
163 * initialize for rtmsg generation
165 bzero(&gateway, sizeof(gateway));
166 gateway.sdl_len = sizeof(gateway);
167 gateway.sdl_family = AF_LINK;
169 bzero(&rt, sizeof(rt));
170 rt.rt_gateway = (struct sockaddr *)&gateway;
171 memcpy(&mask, &ia->ia_prefixmask, sizeof(ia->ia_prefixmask));
172 memcpy(&addr, &ia->ia_addr, sizeof(ia->ia_addr));
173 rt_mask(&rt) = (struct sockaddr *)&mask;
174 rt_key(&rt) = (struct sockaddr *)&addr;
175 rt.rt_flags = RTF_HOST | RTF_STATIC;
177 rt.rt_flags |= RTF_UP;
178 /* Announce arrival of local address to all FIBs. */
179 rt_newaddrmsg(cmd, &ia->ia_ifa, 0, &rt);
183 in6_mask2len(struct in6_addr *mask, u_char *lim0)
186 u_char *lim = lim0, *p;
188 /* ignore the scope_id part */
189 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask))
190 lim = (u_char *)mask + sizeof(*mask);
191 for (p = (u_char *)mask; p < lim; x++, p++) {
197 for (y = 0; y < 8; y++) {
198 if ((*p & (0x80 >> y)) == 0)
204 * when the limit pointer is given, do a stricter check on the
208 if (y != 0 && (*p & (0x00ff >> y)) != 0)
210 for (p = p + 1; p < lim; p++)
218 #ifdef COMPAT_FREEBSD32
219 struct in6_ndifreq32 {
220 char ifname[IFNAMSIZ];
223 #define SIOCGDEFIFACE32_IN6 _IOWR('i', 86, struct in6_ndifreq32)
227 in6_control(struct socket *so, u_long cmd, caddr_t data,
228 struct ifnet *ifp, struct thread *td)
230 struct in6_ifreq *ifr = (struct in6_ifreq *)data;
231 struct in6_ifaddr *ia = NULL;
232 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data;
233 struct sockaddr_in6 *sa6;
234 int carp_attached = 0;
239 * Compat to make pre-10.x ifconfig(8) operable.
241 if (cmd == OSIOCAIFADDR_IN6)
242 cmd = SIOCAIFADDR_IN6;
245 case SIOCGETSGCNT_IN6:
246 case SIOCGETMIFCNT_IN6:
248 * XXX mrt_ioctl has a 3rd, unused, FIB argument in route.c.
249 * We cannot see how that would be needed, so do not adjust the
250 * KPI blindly; more likely should clean up the IPv4 variant.
252 return (mrt6_ioctl ? mrt6_ioctl(cmd, data) : EOPNOTSUPP);
256 case SIOCAADDRCTL_POLICY:
257 case SIOCDADDRCTL_POLICY:
259 error = priv_check(td, PRIV_NETINET_ADDRCTRL6);
263 return (in6_src_ioctl(cmd, data));
270 case SIOCSNDFLUSH_IN6:
271 case SIOCSPFXFLUSH_IN6:
272 case SIOCSRTRFLUSH_IN6:
273 case SIOCSDEFIFACE_IN6:
274 case SIOCSIFINFO_FLAGS:
275 case SIOCSIFINFO_IN6:
277 error = priv_check(td, PRIV_NETINET_ND6);
282 case OSIOCGIFINFO_IN6:
283 case SIOCGIFINFO_IN6:
286 case SIOCGNBRINFO_IN6:
287 case SIOCGDEFIFACE_IN6:
288 return (nd6_ioctl(cmd, data, ifp));
290 #ifdef COMPAT_FREEBSD32
291 case SIOCGDEFIFACE32_IN6:
293 struct in6_ndifreq ndif;
294 struct in6_ndifreq32 *ndif32;
296 error = nd6_ioctl(SIOCGDEFIFACE_IN6, (caddr_t)&ndif,
300 ndif32 = (struct in6_ndifreq32 *)data;
301 ndif32->ifindex = ndif.ifindex;
308 case SIOCSIFPREFIX_IN6:
309 case SIOCDIFPREFIX_IN6:
310 case SIOCAIFPREFIX_IN6:
311 case SIOCCIFPREFIX_IN6:
312 case SIOCSGIFPREFIX_IN6:
313 case SIOCGIFPREFIX_IN6:
315 "prefix ioctls are now invalidated. "
316 "please use ifconfig.\n");
323 error = priv_check(td, PRIV_NETINET_SCOPE6);
327 return (scope6_set(ifp,
328 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id));
330 return (scope6_get(ifp,
331 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id));
333 return (scope6_get_default((struct scope6_id *)
334 ifr->ifr_ifru.ifru_scope_id));
338 * Find address for this interface, if it exists.
340 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation
341 * only, and used the first interface address as the target of other
342 * operations (without checking ifra_addr). This was because netinet
343 * code/API assumed at most 1 interface address per interface.
344 * Since IPv6 allows a node to assign multiple addresses
345 * on a single interface, we almost always look and check the
346 * presence of ifra_addr, and reject invalid ones here.
347 * It also decreases duplicated code among SIOC*_IN6 operations.
350 case SIOCAIFADDR_IN6:
351 case SIOCSIFPHYADDR_IN6:
352 sa6 = &ifra->ifra_addr;
354 case SIOCSIFADDR_IN6:
355 case SIOCGIFADDR_IN6:
356 case SIOCSIFDSTADDR_IN6:
357 case SIOCSIFNETMASK_IN6:
358 case SIOCGIFDSTADDR_IN6:
359 case SIOCGIFNETMASK_IN6:
360 case SIOCDIFADDR_IN6:
361 case SIOCGIFPSRCADDR_IN6:
362 case SIOCGIFPDSTADDR_IN6:
363 case SIOCGIFAFLAG_IN6:
364 case SIOCSNDFLUSH_IN6:
365 case SIOCSPFXFLUSH_IN6:
366 case SIOCSRTRFLUSH_IN6:
367 case SIOCGIFALIFETIME_IN6:
368 case SIOCSIFALIFETIME_IN6:
369 case SIOCGIFSTAT_IN6:
370 case SIOCGIFSTAT_ICMP6:
371 sa6 = &ifr->ifr_addr;
378 * Although we should pass any non-INET6 ioctl requests
379 * down to driver, we filter some legacy INET requests.
380 * Drivers trust SIOCSIFADDR et al to come from an already
381 * privileged layer, and do not perform any credentials
382 * checks or input validation.
389 if (sa6 && sa6->sin6_family == AF_INET6) {
390 if (sa6->sin6_scope_id != 0)
391 error = sa6_embedscope(sa6, 0);
393 error = in6_setscope(&sa6->sin6_addr, ifp, NULL);
396 if (td != NULL && (error = prison_check_ip6(td->td_ucred,
397 &sa6->sin6_addr)) != 0)
399 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr);
404 case SIOCSIFADDR_IN6:
405 case SIOCSIFDSTADDR_IN6:
406 case SIOCSIFNETMASK_IN6:
408 * Since IPv6 allows a node to assign multiple addresses
409 * on a single interface, SIOCSIFxxx ioctls are deprecated.
411 /* we decided to obsolete this command (20000704) */
415 case SIOCDIFADDR_IN6:
417 * for IPv4, we look for existing in_ifaddr here to allow
418 * "ifconfig if0 delete" to remove the first IPv4 address on
419 * the interface. For IPv6, as the spec allows multiple
420 * interface address from the day one, we consider "remove the
421 * first one" semantics to be not preferable.
424 error = EADDRNOTAVAIL;
428 case SIOCAIFADDR_IN6:
430 * We always require users to specify a valid IPv6 address for
431 * the corresponding operation.
433 if (ifra->ifra_addr.sin6_family != AF_INET6 ||
434 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) {
435 error = EAFNOSUPPORT;
440 error = priv_check(td, (cmd == SIOCDIFADDR_IN6) ?
441 PRIV_NET_DELIFADDR : PRIV_NET_ADDIFADDR);
447 case SIOCGIFADDR_IN6:
448 /* This interface is basically deprecated. use SIOCGIFCONF. */
450 case SIOCGIFAFLAG_IN6:
451 case SIOCGIFNETMASK_IN6:
452 case SIOCGIFDSTADDR_IN6:
453 case SIOCGIFALIFETIME_IN6:
454 /* must think again about its semantics */
456 error = EADDRNOTAVAIL;
461 case SIOCSIFALIFETIME_IN6:
463 struct in6_addrlifetime *lt;
466 error = priv_check(td, PRIV_NETINET_ALIFETIME6);
471 error = EADDRNOTAVAIL;
474 /* sanity for overflow - beware unsigned */
475 lt = &ifr->ifr_ifru.ifru_lifetime;
476 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME &&
477 lt->ia6t_vltime + time_uptime < time_uptime) {
481 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME &&
482 lt->ia6t_pltime + time_uptime < time_uptime) {
491 case SIOCGIFADDR_IN6:
492 ifr->ifr_addr = ia->ia_addr;
493 if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0)
497 case SIOCGIFDSTADDR_IN6:
498 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) {
503 * XXX: should we check if ifa_dstaddr is NULL and return
506 ifr->ifr_dstaddr = ia->ia_dstaddr;
507 if ((error = sa6_recoverscope(&ifr->ifr_dstaddr)) != 0)
511 case SIOCGIFNETMASK_IN6:
512 ifr->ifr_addr = ia->ia_prefixmask;
515 case SIOCGIFAFLAG_IN6:
516 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags;
519 case SIOCGIFSTAT_IN6:
524 COUNTER_ARRAY_COPY(((struct in6_ifextra *)
525 ifp->if_afdata[AF_INET6])->in6_ifstat,
526 &ifr->ifr_ifru.ifru_stat,
527 sizeof(struct in6_ifstat) / sizeof(uint64_t));
530 case SIOCGIFSTAT_ICMP6:
535 COUNTER_ARRAY_COPY(((struct in6_ifextra *)
536 ifp->if_afdata[AF_INET6])->icmp6_ifstat,
537 &ifr->ifr_ifru.ifru_icmp6stat,
538 sizeof(struct icmp6_ifstat) / sizeof(uint64_t));
541 case SIOCGIFALIFETIME_IN6:
542 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime;
543 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
545 struct in6_addrlifetime *retlt =
546 &ifr->ifr_ifru.ifru_lifetime;
549 * XXX: adjust expiration time assuming time_t is
553 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
554 if (ia->ia6_lifetime.ia6t_vltime <
555 maxexpire - ia->ia6_updatetime) {
556 retlt->ia6t_expire = ia->ia6_updatetime +
557 ia->ia6_lifetime.ia6t_vltime;
559 retlt->ia6t_expire = maxexpire;
561 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
563 struct in6_addrlifetime *retlt =
564 &ifr->ifr_ifru.ifru_lifetime;
567 * XXX: adjust expiration time assuming time_t is
571 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
572 if (ia->ia6_lifetime.ia6t_pltime <
573 maxexpire - ia->ia6_updatetime) {
574 retlt->ia6t_preferred = ia->ia6_updatetime +
575 ia->ia6_lifetime.ia6t_pltime;
577 retlt->ia6t_preferred = maxexpire;
581 case SIOCSIFALIFETIME_IN6:
582 ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime;
584 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
585 ia->ia6_lifetime.ia6t_expire =
586 time_uptime + ia->ia6_lifetime.ia6t_vltime;
588 ia->ia6_lifetime.ia6t_expire = 0;
589 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
590 ia->ia6_lifetime.ia6t_preferred =
591 time_uptime + ia->ia6_lifetime.ia6t_pltime;
593 ia->ia6_lifetime.ia6t_preferred = 0;
596 case SIOCAIFADDR_IN6:
598 struct nd_prefixctl pr0;
599 struct nd_prefix *pr;
602 * first, make or update the interface address structure,
603 * and link it to the list.
605 if ((error = in6_update_ifa(ifp, ifra, ia, 0)) != 0)
608 ifa_free(&ia->ia_ifa);
609 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr))
612 * this can happen when the user specify the 0 valid
618 if (cmd == ocmd && ifra->ifra_vhid > 0) {
619 if (carp_attach_p != NULL)
620 error = (*carp_attach_p)(&ia->ia_ifa,
623 error = EPROTONOSUPPORT;
631 * then, make the prefix on-link on the interface.
632 * XXX: we'd rather create the prefix before the address, but
633 * we need at least one address to install the corresponding
634 * interface route, so we configure the address first.
638 * convert mask to prefix length (prefixmask has already
639 * been validated in in6_update_ifa().
641 bzero(&pr0, sizeof(pr0));
643 pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
645 if (pr0.ndpr_plen == 128) {
646 break; /* we don't need to install a host route. */
648 pr0.ndpr_prefix = ifra->ifra_addr;
649 /* apply the mask for safety. */
650 IN6_MASK_ADDR(&pr0.ndpr_prefix.sin6_addr,
651 &ifra->ifra_prefixmask.sin6_addr);
654 * XXX: since we don't have an API to set prefix (not address)
655 * lifetimes, we just use the same lifetimes as addresses.
656 * The (temporarily) installed lifetimes can be overridden by
657 * later advertised RAs (when accept_rtadv is non 0), which is
658 * an intended behavior.
660 pr0.ndpr_raf_onlink = 1; /* should be configurable? */
662 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0);
663 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime;
664 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime;
666 /* add the prefix if not yet. */
667 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) {
669 * nd6_prelist_add will install the corresponding
672 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) {
674 (*carp_detach_p)(&ia->ia_ifa);
679 (*carp_detach_p)(&ia->ia_ifa);
680 log(LOG_ERR, "nd6_prelist_add succeeded but "
687 /* relate the address to the prefix */
688 if (ia->ia6_ndpr == NULL) {
693 * If this is the first autoconf address from the
694 * prefix, create a temporary address as well
697 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) &&
698 V_ip6_use_tempaddr && pr->ndpr_refcnt == 1) {
700 if ((e = in6_tmpifadd(ia, 1, 0)) != 0) {
701 log(LOG_NOTICE, "in6_control: failed "
702 "to create a temporary address, "
709 * this might affect the status of autoconfigured addresses,
710 * that is, this address might make other addresses detached.
712 pfxlist_onlink_check();
713 if (error == 0 && ia) {
714 if (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED) {
716 * Try to clear the flag when a new
717 * IPv6 address is added onto an
718 * IFDISABLED interface and it
721 struct in6_ndireq nd;
723 memset(&nd, 0, sizeof(nd));
724 nd.ndi.flags = ND_IFINFO(ifp)->flags;
725 nd.ndi.flags &= ~ND6_IFF_IFDISABLED;
726 if (nd6_ioctl(SIOCSIFINFO_FLAGS,
727 (caddr_t)&nd, ifp) < 0)
728 log(LOG_NOTICE, "SIOCAIFADDR_IN6: "
729 "SIOCSIFINFO_FLAGS for -ifdisabled "
732 * Ignore failure of clearing the flag
733 * intentionally. The failure means
734 * address duplication was detected.
737 EVENTHANDLER_INVOKE(ifaddr_event, ifp);
742 case SIOCDIFADDR_IN6:
744 struct nd_prefix *pr;
747 * If the address being deleted is the only one that owns
748 * the corresponding prefix, expire the prefix as well.
749 * XXX: theoretically, we don't have to worry about such
750 * relationship, since we separate the address management
751 * and the prefix management. We do this, however, to provide
752 * as much backward compatibility as possible in terms of
753 * the ioctl operation.
754 * Note that in6_purgeaddr() will decrement ndpr_refcnt.
757 in6_purgeaddr(&ia->ia_ifa);
758 if (pr && pr->ndpr_refcnt == 0)
760 EVENTHANDLER_INVOKE(ifaddr_event, ifp);
765 if (ifp == NULL || ifp->if_ioctl == 0) {
769 error = (*ifp->if_ioctl)(ifp, cmd, data);
776 ifa_free(&ia->ia_ifa);
782 * Join necessary multicast groups. Factored out from in6_update_ifa().
783 * This entire work should only be done once, for the default FIB.
786 in6_update_ifa_join_mc(struct ifnet *ifp, struct in6_aliasreq *ifra,
787 struct in6_ifaddr *ia, int flags, struct in6_multi **in6m_sol)
789 char ip6buf[INET6_ADDRSTRLEN];
790 struct sockaddr_in6 mltaddr, mltmask;
791 struct in6_addr llsol;
792 struct in6_multi_mship *imm;
796 KASSERT(in6m_sol != NULL, ("%s: in6m_sol is NULL", __func__));
798 /* Join solicited multicast addr for new host id. */
799 bzero(&llsol, sizeof(struct in6_addr));
800 llsol.s6_addr32[0] = IPV6_ADDR_INT32_MLL;
801 llsol.s6_addr32[1] = 0;
802 llsol.s6_addr32[2] = htonl(1);
803 llsol.s6_addr32[3] = ifra->ifra_addr.sin6_addr.s6_addr32[3];
804 llsol.s6_addr8[12] = 0xff;
805 if ((error = in6_setscope(&llsol, ifp, NULL)) != 0) {
806 /* XXX: should not happen */
807 log(LOG_ERR, "%s: in6_setscope failed\n", __func__);
811 if ((flags & IN6_IFAUPDATE_DADDELAY)) {
813 * We need a random delay for DAD on the address being
814 * configured. It also means delaying transmission of the
815 * corresponding MLD report to avoid report collision.
816 * [RFC 4861, Section 6.3.7]
818 delay = arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz);
820 imm = in6_joingroup(ifp, &llsol, &error, delay);
822 nd6log((LOG_WARNING, "%s: addmulti failed for %s on %s "
823 "(errno=%d)\n", __func__, ip6_sprintf(ip6buf, &llsol),
824 if_name(ifp), error));
827 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
828 *in6m_sol = imm->i6mm_maddr;
830 bzero(&mltmask, sizeof(mltmask));
831 mltmask.sin6_len = sizeof(struct sockaddr_in6);
832 mltmask.sin6_family = AF_INET6;
833 mltmask.sin6_addr = in6mask32;
834 #define MLTMASK_LEN 4 /* mltmask's masklen (=32bit=4octet) */
837 * Join link-local all-nodes address.
839 bzero(&mltaddr, sizeof(mltaddr));
840 mltaddr.sin6_len = sizeof(struct sockaddr_in6);
841 mltaddr.sin6_family = AF_INET6;
842 mltaddr.sin6_addr = in6addr_linklocal_allnodes;
843 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0)
844 goto cleanup; /* XXX: should not fail */
847 * XXX: do we really need this automatic routes? We should probably
848 * reconsider this stuff. Most applications actually do not need the
849 * routes, since they usually specify the outgoing interface.
851 rt = in6_rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL, RT_DEFAULT_FIB);
853 /* XXX: only works in !SCOPEDROUTING case. */
854 if (memcmp(&mltaddr.sin6_addr,
855 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr,
862 error = in6_rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr,
863 (struct sockaddr *)&ia->ia_addr,
864 (struct sockaddr *)&mltmask, RTF_UP,
865 (struct rtentry **)0, RT_DEFAULT_FIB);
871 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0);
873 nd6log((LOG_WARNING, "%s: addmulti failed for %s on %s "
874 "(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
875 &mltaddr.sin6_addr), if_name(ifp), error));
878 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
881 * Join node information group address.
884 if ((flags & IN6_IFAUPDATE_DADDELAY)) {
886 * The spec does not say anything about delay for this group,
887 * but the same logic should apply.
889 delay = arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz);
891 if (in6_nigroup(ifp, NULL, -1, &mltaddr.sin6_addr) == 0) {
893 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, delay);
895 nd6log((LOG_WARNING, "%s: addmulti failed for %s on %s "
896 "(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
897 &mltaddr.sin6_addr), if_name(ifp), error));
898 /* XXX not very fatal, go on... */
900 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
902 if (V_icmp6_nodeinfo_oldmcprefix &&
903 in6_nigroup_oldmcprefix(ifp, NULL, -1, &mltaddr.sin6_addr) == 0) {
904 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, delay);
906 nd6log((LOG_WARNING, "%s: addmulti failed for %s on %s "
907 "(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
908 &mltaddr.sin6_addr), if_name(ifp), error));
909 /* XXX not very fatal, go on... */
911 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
915 * Join interface-local all-nodes address.
916 * (ff01::1%ifN, and ff01::%ifN/32)
918 mltaddr.sin6_addr = in6addr_nodelocal_allnodes;
919 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0)
920 goto cleanup; /* XXX: should not fail */
921 /* XXX: again, do we really need the route? */
922 rt = in6_rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL, RT_DEFAULT_FIB);
924 if (memcmp(&mltaddr.sin6_addr,
925 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr,
932 error = in6_rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr,
933 (struct sockaddr *)&ia->ia_addr,
934 (struct sockaddr *)&mltmask, RTF_UP,
935 (struct rtentry **)0, RT_DEFAULT_FIB);
941 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0);
943 nd6log((LOG_WARNING, "%s: addmulti failed for %s on %s "
944 "(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
945 &mltaddr.sin6_addr), if_name(ifp), error));
948 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
956 * Update parameters of an IPv6 interface address.
957 * If necessary, a new entry is created and linked into address chains.
958 * This function is separated from in6_control().
961 in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra,
962 struct in6_ifaddr *ia, int flags)
964 int error, hostIsNew = 0;
966 if ((error = in6_validate_ifra(ifp, ifra, ia, flags)) != 0)
971 if ((ia = in6_alloc_ifa(ifp, ifra, flags)) == NULL)
975 error = in6_update_ifa_internal(ifp, ifra, ia, hostIsNew, flags);
977 if (hostIsNew != 0) {
978 in6_unlink_ifa(ia, ifp);
979 ifa_free(&ia->ia_ifa);
985 error = in6_broadcast_ifa(ifp, ifra, ia, flags);
991 * Fill in basic IPv6 address request info.
994 in6_prepare_ifra(struct in6_aliasreq *ifra, const struct in6_addr *addr,
995 const struct in6_addr *mask)
998 memset(ifra, 0, sizeof(struct in6_aliasreq));
1000 ifra->ifra_addr.sin6_family = AF_INET6;
1001 ifra->ifra_addr.sin6_len = sizeof(struct sockaddr_in6);
1003 ifra->ifra_addr.sin6_addr = *addr;
1005 ifra->ifra_prefixmask.sin6_family = AF_INET6;
1006 ifra->ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6);
1008 ifra->ifra_prefixmask.sin6_addr = *mask;
1012 in6_validate_ifra(struct ifnet *ifp, struct in6_aliasreq *ifra,
1013 struct in6_ifaddr *ia, int flags)
1016 struct sockaddr_in6 dst6;
1017 struct in6_addrlifetime *lt;
1018 char ip6buf[INET6_ADDRSTRLEN];
1020 /* Validate parameters */
1021 if (ifp == NULL || ifra == NULL) /* this maybe redundant */
1025 * The destination address for a p2p link must have a family
1026 * of AF_UNSPEC or AF_INET6.
1028 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 &&
1029 ifra->ifra_dstaddr.sin6_family != AF_INET6 &&
1030 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC)
1031 return (EAFNOSUPPORT);
1036 if (ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6) ||
1037 ifra->ifra_addr.sin6_family != AF_INET6)
1041 * validate ifra_prefixmask. don't check sin6_family, netmask
1042 * does not carry fields other than sin6_len.
1044 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6))
1047 * Because the IPv6 address architecture is classless, we require
1048 * users to specify a (non 0) prefix length (mask) for a new address.
1049 * We also require the prefix (when specified) mask is valid, and thus
1050 * reject a non-consecutive mask.
1052 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0)
1054 if (ifra->ifra_prefixmask.sin6_len != 0) {
1055 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
1056 (u_char *)&ifra->ifra_prefixmask +
1057 ifra->ifra_prefixmask.sin6_len);
1062 * In this case, ia must not be NULL. We just use its prefix
1065 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL);
1068 * If the destination address on a p2p interface is specified,
1069 * and the address is a scoped one, validate/set the scope
1072 dst6 = ifra->ifra_dstaddr;
1073 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 &&
1074 (dst6.sin6_family == AF_INET6)) {
1075 struct in6_addr in6_tmp;
1078 in6_tmp = dst6.sin6_addr;
1079 if (in6_setscope(&in6_tmp, ifp, &zoneid))
1080 return (EINVAL); /* XXX: should be impossible */
1082 if (dst6.sin6_scope_id != 0) {
1083 if (dst6.sin6_scope_id != zoneid)
1085 } else /* user omit to specify the ID. */
1086 dst6.sin6_scope_id = zoneid;
1088 /* convert into the internal form */
1089 if (sa6_embedscope(&dst6, 0))
1090 return (EINVAL); /* XXX: should be impossible */
1092 /* Modify original ifra_dstaddr to reflect changes */
1093 ifra->ifra_dstaddr = dst6;
1096 * The destination address can be specified only for a p2p or a
1097 * loopback interface. If specified, the corresponding prefix length
1100 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) {
1101 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) {
1102 /* XXX: noisy message */
1103 nd6log((LOG_INFO, "in6_update_ifa: a destination can "
1104 "be specified for a p2p or a loopback IF only\n"));
1108 nd6log((LOG_INFO, "in6_update_ifa: prefixlen should "
1109 "be 128 when dstaddr is specified\n"));
1113 /* lifetime consistency check */
1114 lt = &ifra->ifra_lifetime;
1115 if (lt->ia6t_pltime > lt->ia6t_vltime)
1117 if (lt->ia6t_vltime == 0) {
1119 * the following log might be noisy, but this is a typical
1120 * configuration mistake or a tool's bug.
1123 "in6_update_ifa: valid lifetime is 0 for %s\n",
1124 ip6_sprintf(ip6buf, &ifra->ifra_addr.sin6_addr)));
1127 return (0); /* there's nothing to do */
1130 /* Check prefix mask */
1131 if (ia != NULL && ifra->ifra_prefixmask.sin6_len != 0) {
1133 * We prohibit changing the prefix length of an existing
1135 * + such an operation should be rare in IPv6, and
1136 * + the operation would confuse prefix management.
1138 if (ia->ia_prefixmask.sin6_len != 0 &&
1139 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) {
1140 nd6log((LOG_INFO, "in6_validate_ifa: the prefix length "
1141 "of an existing %s address should not be changed\n",
1142 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
1153 * Allocate a new ifaddr and link it into chains.
1155 static struct in6_ifaddr *
1156 in6_alloc_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, int flags)
1158 struct in6_ifaddr *ia;
1161 * When in6_alloc_ifa() is called in a process of a received
1162 * RA, it is called under an interrupt context. So, we should
1163 * call malloc with M_NOWAIT.
1165 ia = (struct in6_ifaddr *)ifa_alloc(sizeof(*ia), M_NOWAIT);
1168 LIST_INIT(&ia->ia6_memberships);
1169 /* Initialize the address and masks, and put time stamp */
1170 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr;
1171 ia->ia_addr.sin6_family = AF_INET6;
1172 ia->ia_addr.sin6_len = sizeof(ia->ia_addr);
1173 /* XXX: Can we assign ,sin6_addr and skip the rest? */
1174 ia->ia_addr = ifra->ifra_addr;
1175 ia->ia6_createtime = time_uptime;
1176 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) {
1178 * Some functions expect that ifa_dstaddr is not
1179 * NULL for p2p interfaces.
1181 ia->ia_ifa.ifa_dstaddr =
1182 (struct sockaddr *)&ia->ia_dstaddr;
1184 ia->ia_ifa.ifa_dstaddr = NULL;
1187 /* set prefix mask if any */
1188 ia->ia_ifa.ifa_netmask = (struct sockaddr *)&ia->ia_prefixmask;
1189 if (ifra->ifra_prefixmask.sin6_len != 0) {
1190 ia->ia_prefixmask.sin6_family = AF_INET6;
1191 ia->ia_prefixmask.sin6_len = ifra->ifra_prefixmask.sin6_len;
1192 ia->ia_prefixmask.sin6_addr = ifra->ifra_prefixmask.sin6_addr;
1196 ifa_ref(&ia->ia_ifa); /* if_addrhead */
1198 TAILQ_INSERT_TAIL(&ifp->if_addrhead, &ia->ia_ifa, ifa_link);
1199 IF_ADDR_WUNLOCK(ifp);
1201 ifa_ref(&ia->ia_ifa); /* in6_ifaddrhead */
1203 TAILQ_INSERT_TAIL(&V_in6_ifaddrhead, ia, ia_link);
1204 LIST_INSERT_HEAD(IN6ADDR_HASH(&ia->ia_addr.sin6_addr), ia, ia6_hash);
1205 IN6_IFADDR_WUNLOCK();
1211 * Update/configure interface address parameters:
1213 * 1) Update lifetime
1214 * 2) Update interface metric ad flags
1215 * 3) Notify other subsystems
1218 in6_update_ifa_internal(struct ifnet *ifp, struct in6_aliasreq *ifra,
1219 struct in6_ifaddr *ia, int hostIsNew, int flags)
1223 /* update timestamp */
1224 ia->ia6_updatetime = time_uptime;
1227 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred
1228 * to see if the address is deprecated or invalidated, but initialize
1229 * these members for applications.
1231 ia->ia6_lifetime = ifra->ifra_lifetime;
1232 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
1233 ia->ia6_lifetime.ia6t_expire =
1234 time_uptime + ia->ia6_lifetime.ia6t_vltime;
1236 ia->ia6_lifetime.ia6t_expire = 0;
1237 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
1238 ia->ia6_lifetime.ia6t_preferred =
1239 time_uptime + ia->ia6_lifetime.ia6t_pltime;
1241 ia->ia6_lifetime.ia6t_preferred = 0;
1244 * backward compatibility - if IN6_IFF_DEPRECATED is set from the
1245 * userland, make it deprecated.
1247 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) {
1248 ia->ia6_lifetime.ia6t_pltime = 0;
1249 ia->ia6_lifetime.ia6t_preferred = time_uptime;
1253 ia->ia_ifa.ifa_metric = ifp->if_metric;
1256 * configure address flags.
1258 ia->ia6_flags = ifra->ifra_flags;
1261 * Make the address tentative before joining multicast addresses,
1262 * so that corresponding MLD responses would not have a tentative
1265 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */
1266 if (hostIsNew && in6if_do_dad(ifp))
1267 ia->ia6_flags |= IN6_IFF_TENTATIVE;
1269 /* DAD should be performed after ND6_IFF_IFDISABLED is cleared. */
1270 if (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED)
1271 ia->ia6_flags |= IN6_IFF_TENTATIVE;
1273 /* notify other subsystems */
1274 error = in6_notify_ifa(ifp, ia, ifra, hostIsNew);
1280 * Do link-level ifa job:
1281 * 1) Add lle entry for added address
1282 * 2) Notifies routing socket users about new address
1283 * 3) join appropriate multicast group
1284 * 4) start DAD if enabled
1287 in6_broadcast_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra,
1288 struct in6_ifaddr *ia, int flags)
1290 struct in6_multi *in6m_sol;
1293 /* Add local address to lltable, if necessary (ex. on p2p link). */
1294 if ((error = nd6_add_ifa_lle(ia)) != 0) {
1295 in6_purgeaddr(&ia->ia_ifa);
1296 ifa_free(&ia->ia_ifa);
1300 /* Join necessary multicast groups. */
1302 if ((ifp->if_flags & IFF_MULTICAST) != 0) {
1303 error = in6_update_ifa_join_mc(ifp, ifra, ia, flags, &in6m_sol);
1305 in6_purgeaddr(&ia->ia_ifa);
1306 ifa_free(&ia->ia_ifa);
1312 * Perform DAD, if needed.
1313 * XXX It may be of use, if we can administratively disable DAD.
1315 if (in6if_do_dad(ifp) && ((ifra->ifra_flags & IN6_IFF_NODAD) == 0) &&
1316 (ia->ia6_flags & IN6_IFF_TENTATIVE))
1318 int delay, mindelay, maxdelay;
1321 if ((flags & IN6_IFAUPDATE_DADDELAY)) {
1323 * We need to impose a delay before sending an NS
1324 * for DAD. Check if we also needed a delay for the
1325 * corresponding MLD message. If we did, the delay
1326 * should be larger than the MLD delay (this could be
1327 * relaxed a bit, but this simple logic is at least
1329 * XXX: Break data hiding guidelines and look at
1330 * state for the solicited multicast group.
1333 if (in6m_sol != NULL &&
1334 in6m_sol->in6m_state == MLD_REPORTING_MEMBER) {
1335 mindelay = in6m_sol->in6m_timer;
1337 maxdelay = MAX_RTR_SOLICITATION_DELAY * hz;
1338 if (maxdelay - mindelay == 0)
1342 (arc4random() % (maxdelay - mindelay)) +
1346 nd6_dad_start((struct ifaddr *)ia, delay);
1349 ifa_free(&ia->ia_ifa);
1354 * Leave multicast groups. Factored out from in6_purgeaddr().
1355 * This entire work should only be done once, for the default FIB.
1358 in6_purgeaddr_mc(struct ifnet *ifp, struct in6_ifaddr *ia, struct ifaddr *ifa0)
1360 struct sockaddr_in6 mltaddr, mltmask;
1361 struct in6_multi_mship *imm;
1363 struct sockaddr_in6 sin6;
1367 * Leave from multicast groups we have joined for the interface.
1369 while ((imm = LIST_FIRST(&ia->ia6_memberships)) != NULL) {
1370 LIST_REMOVE(imm, i6mm_chain);
1371 in6_leavegroup(imm);
1375 * Remove the link-local all-nodes address.
1377 bzero(&mltmask, sizeof(mltmask));
1378 mltmask.sin6_len = sizeof(struct sockaddr_in6);
1379 mltmask.sin6_family = AF_INET6;
1380 mltmask.sin6_addr = in6mask32;
1382 bzero(&mltaddr, sizeof(mltaddr));
1383 mltaddr.sin6_len = sizeof(struct sockaddr_in6);
1384 mltaddr.sin6_family = AF_INET6;
1385 mltaddr.sin6_addr = in6addr_linklocal_allnodes;
1387 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0)
1391 * As for the mltaddr above, proactively prepare the sin6 to avoid
1392 * rtentry un- and re-locking.
1395 bzero(&sin6, sizeof(sin6));
1396 sin6.sin6_len = sizeof(sin6);
1397 sin6.sin6_family = AF_INET6;
1398 memcpy(&sin6.sin6_addr, &satosin6(ifa0->ifa_addr)->sin6_addr,
1399 sizeof(sin6.sin6_addr));
1400 error = in6_setscope(&sin6.sin6_addr, ifa0->ifa_ifp, NULL);
1405 rt = in6_rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL, RT_DEFAULT_FIB);
1406 if (rt != NULL && rt->rt_gateway != NULL &&
1407 (memcmp(&satosin6(rt->rt_gateway)->sin6_addr,
1408 &ia->ia_addr.sin6_addr,
1409 sizeof(ia->ia_addr.sin6_addr)) == 0)) {
1411 * If no more IPv6 address exists on this interface then
1412 * remove the multicast address route.
1415 memcpy(&mltaddr.sin6_addr,
1416 &satosin6(rt_key(rt))->sin6_addr,
1417 sizeof(mltaddr.sin6_addr));
1419 error = in6_rtrequest(RTM_DELETE,
1420 (struct sockaddr *)&mltaddr,
1421 (struct sockaddr *)&ia->ia_addr,
1422 (struct sockaddr *)&mltmask, RTF_UP,
1423 (struct rtentry **)0, RT_DEFAULT_FIB);
1425 log(LOG_INFO, "%s: link-local all-nodes "
1426 "multicast address deletion error\n",
1430 * Replace the gateway of the route.
1432 memcpy(rt->rt_gateway, &sin6, sizeof(sin6));
1441 * Remove the node-local all-nodes address.
1443 mltaddr.sin6_addr = in6addr_nodelocal_allnodes;
1444 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0)
1447 rt = in6_rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL, RT_DEFAULT_FIB);
1448 if (rt != NULL && rt->rt_gateway != NULL &&
1449 (memcmp(&satosin6(rt->rt_gateway)->sin6_addr,
1450 &ia->ia_addr.sin6_addr,
1451 sizeof(ia->ia_addr.sin6_addr)) == 0)) {
1453 * If no more IPv6 address exists on this interface then
1454 * remove the multicast address route.
1457 memcpy(&mltaddr.sin6_addr,
1458 &satosin6(rt_key(rt))->sin6_addr,
1459 sizeof(mltaddr.sin6_addr));
1462 error = in6_rtrequest(RTM_DELETE,
1463 (struct sockaddr *)&mltaddr,
1464 (struct sockaddr *)&ia->ia_addr,
1465 (struct sockaddr *)&mltmask, RTF_UP,
1466 (struct rtentry **)0, RT_DEFAULT_FIB);
1468 log(LOG_INFO, "%s: node-local all-nodes"
1469 "multicast address deletion error\n",
1473 * Replace the gateway of the route.
1475 memcpy(rt->rt_gateway, &sin6, sizeof(sin6));
1487 in6_purgeaddr(struct ifaddr *ifa)
1489 struct ifnet *ifp = ifa->ifa_ifp;
1490 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa;
1492 struct ifaddr *ifa0;
1495 (*carp_detach_p)(ifa);
1498 * find another IPv6 address as the gateway for the
1499 * link-local and node-local all-nodes multicast
1503 TAILQ_FOREACH(ifa0, &ifp->if_addrhead, ifa_link) {
1504 if ((ifa0->ifa_addr->sa_family != AF_INET6) ||
1505 memcmp(&satosin6(ifa0->ifa_addr)->sin6_addr,
1506 &ia->ia_addr.sin6_addr, sizeof(struct in6_addr)) == 0)
1513 IF_ADDR_RUNLOCK(ifp);
1516 * Remove the loopback route to the interface address.
1517 * The check for the current setting of "nd6_useloopback"
1520 if (ia->ia_flags & IFA_RTSELF) {
1521 error = ifa_del_loopback_route((struct ifaddr *)ia,
1522 (struct sockaddr *)&ia->ia_addr);
1524 ia->ia_flags &= ~IFA_RTSELF;
1527 /* stop DAD processing */
1530 /* Remove local address entry from lltable. */
1531 nd6_rem_ifa_lle(ia);
1533 /* Leave multicast groups. */
1534 error = in6_purgeaddr_mc(ifp, ia, ifa0);
1539 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */
1540 if ((ia->ia_flags & IFA_ROUTE) && plen == 128) {
1541 error = rtinit(&(ia->ia_ifa), RTM_DELETE, ia->ia_flags |
1542 (ia->ia_dstaddr.sin6_family == AF_INET6) ? RTF_HOST : 0);
1544 log(LOG_INFO, "%s: err=%d, destination address delete "
1545 "failed\n", __func__, error);
1546 ia->ia_flags &= ~IFA_ROUTE;
1549 in6_unlink_ifa(ia, ifp);
1553 in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp)
1557 TAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifa_link);
1558 IF_ADDR_WUNLOCK(ifp);
1559 ifa_free(&ia->ia_ifa); /* if_addrhead */
1562 * Defer the release of what might be the last reference to the
1563 * in6_ifaddr so that it can't be freed before the remainder of the
1567 TAILQ_REMOVE(&V_in6_ifaddrhead, ia, ia_link);
1568 LIST_REMOVE(ia, ia6_hash);
1569 IN6_IFADDR_WUNLOCK();
1572 * Release the reference to the base prefix. There should be a
1573 * positive reference.
1575 if (ia->ia6_ndpr == NULL) {
1577 "in6_unlink_ifa: autoconf'ed address "
1578 "%p has no prefix\n", ia));
1580 ia->ia6_ndpr->ndpr_refcnt--;
1581 ia->ia6_ndpr = NULL;
1585 * Also, if the address being removed is autoconf'ed, call
1586 * pfxlist_onlink_check() since the release might affect the status of
1587 * other (detached) addresses.
1589 if ((ia->ia6_flags & IN6_IFF_AUTOCONF)) {
1590 pfxlist_onlink_check();
1592 ifa_free(&ia->ia_ifa); /* in6_ifaddrhead */
1596 in6_purgeif(struct ifnet *ifp)
1598 struct ifaddr *ifa, *nifa;
1600 TAILQ_FOREACH_SAFE(ifa, &ifp->if_addrhead, ifa_link, nifa) {
1601 if (ifa->ifa_addr->sa_family != AF_INET6)
1610 * Notifies other other subsystems about address change/arrival:
1611 * 1) Notifies device handler on first IPv6 address assignment
1612 * 2) Handle routing table changes for P2P links and route
1613 * 3) Handle routing table changes for address host route
1616 in6_notify_ifa(struct ifnet *ifp, struct in6_ifaddr *ia,
1617 struct in6_aliasreq *ifra, int hostIsNew)
1619 int error = 0, plen, ifacount = 0;
1621 struct sockaddr_in6 *pdst;
1622 char ip6buf[INET6_ADDRSTRLEN];
1625 * Give the interface a chance to initialize
1626 * if this is its first address,
1628 if (hostIsNew != 0) {
1630 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1631 if (ifa->ifa_addr->sa_family != AF_INET6)
1635 IF_ADDR_RUNLOCK(ifp);
1638 if (ifacount <= 1 && ifp->if_ioctl) {
1639 error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia);
1645 * If a new destination address is specified, scrub the old one and
1646 * install the new destination. Note that the interface must be
1649 pdst = &ifra->ifra_dstaddr;
1650 if (pdst->sin6_family == AF_INET6 &&
1651 !IN6_ARE_ADDR_EQUAL(&pdst->sin6_addr, &ia->ia_dstaddr.sin6_addr)) {
1652 if ((ia->ia_flags & IFA_ROUTE) != 0 &&
1653 (rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST) != 0)) {
1654 nd6log((LOG_ERR, "in6_update_ifa_internal: failed to "
1655 "remove a route to the old destination: %s\n",
1656 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
1657 /* proceed anyway... */
1659 ia->ia_flags &= ~IFA_ROUTE;
1660 ia->ia_dstaddr = *pdst;
1664 * If a new destination address is specified for a point-to-point
1665 * interface, install a route to the destination as an interface
1667 * XXX: the logic below rejects assigning multiple addresses on a p2p
1668 * interface that share the same destination.
1670 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */
1671 if (!(ia->ia_flags & IFA_ROUTE) && plen == 128 &&
1672 ia->ia_dstaddr.sin6_family == AF_INET6) {
1673 int rtflags = RTF_UP | RTF_HOST;
1675 * Handle the case for ::1 .
1677 if (ifp->if_flags & IFF_LOOPBACK)
1678 ia->ia_flags |= IFA_RTSELF;
1679 error = rtinit(&ia->ia_ifa, RTM_ADD, ia->ia_flags | rtflags);
1682 ia->ia_flags |= IFA_ROUTE;
1686 * add a loopback route to self if not exists
1688 if (!(ia->ia_flags & IFA_RTSELF) && V_nd6_useloopback) {
1689 error = ifa_add_loopback_route((struct ifaddr *)ia,
1690 (struct sockaddr *)&ia->ia_addr);
1692 ia->ia_flags |= IFA_RTSELF;
1699 * Find an IPv6 interface link-local address specific to an interface.
1700 * ifaddr is returned referenced.
1703 in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags)
1708 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1709 if (ifa->ifa_addr->sa_family != AF_INET6)
1711 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) {
1712 if ((((struct in6_ifaddr *)ifa)->ia6_flags &
1719 IF_ADDR_RUNLOCK(ifp);
1721 return ((struct in6_ifaddr *)ifa);
1726 * find the internet address corresponding to a given interface and address.
1727 * ifaddr is returned referenced.
1730 in6ifa_ifpwithaddr(struct ifnet *ifp, struct in6_addr *addr)
1735 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1736 if (ifa->ifa_addr->sa_family != AF_INET6)
1738 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) {
1743 IF_ADDR_RUNLOCK(ifp);
1745 return ((struct in6_ifaddr *)ifa);
1749 * Find a link-local scoped address on ifp and return it if any.
1752 in6ifa_llaonifp(struct ifnet *ifp)
1754 struct sockaddr_in6 *sin6;
1757 if (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED)
1760 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1761 if (ifa->ifa_addr->sa_family != AF_INET6)
1763 sin6 = (struct sockaddr_in6 *)ifa->ifa_addr;
1764 if (IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr) ||
1765 IN6_IS_ADDR_MC_INTFACELOCAL(&sin6->sin6_addr) ||
1766 IN6_IS_ADDR_MC_NODELOCAL(&sin6->sin6_addr))
1769 if_addr_runlock(ifp);
1771 return ((struct in6_ifaddr *)ifa);
1775 * Convert IP6 address to printable (loggable) representation. Caller
1776 * has to make sure that ip6buf is at least INET6_ADDRSTRLEN long.
1778 static char digits[] = "0123456789abcdef";
1780 ip6_sprintf(char *ip6buf, const struct in6_addr *addr)
1782 int i, cnt = 0, maxcnt = 0, idx = 0, index = 0;
1784 const u_int16_t *a = (const u_int16_t *)addr;
1786 int dcolon = 0, zero = 0;
1790 for (i = 0; i < 8; i++) {
1791 if (*(a + i) == 0) {
1796 else if (maxcnt < cnt) {
1807 for (i = 0; i < 8; i++) {
1818 if (dcolon == 0 && *(a + 1) == 0 && i == index) {
1830 d = (const u_char *)a;
1831 /* Try to eliminate leading zeros in printout like in :0001. */
1833 *cp = digits[*d >> 4];
1838 *cp = digits[*d++ & 0xf];
1839 if (zero == 0 || (*cp != '0')) {
1843 *cp = digits[*d >> 4];
1844 if (zero == 0 || (*cp != '0')) {
1848 *cp++ = digits[*d & 0xf];
1857 in6_localaddr(struct in6_addr *in6)
1859 struct in6_ifaddr *ia;
1861 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6))
1865 TAILQ_FOREACH(ia, &V_in6_ifaddrhead, ia_link) {
1866 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr,
1867 &ia->ia_prefixmask.sin6_addr)) {
1868 IN6_IFADDR_RUNLOCK();
1872 IN6_IFADDR_RUNLOCK();
1878 * Return 1 if an internet address is for the local host and configured
1879 * on one of its interfaces.
1882 in6_localip(struct in6_addr *in6)
1884 struct in6_ifaddr *ia;
1887 LIST_FOREACH(ia, IN6ADDR_HASH(in6), ia6_hash) {
1888 if (IN6_ARE_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr)) {
1889 IN6_IFADDR_RUNLOCK();
1893 IN6_IFADDR_RUNLOCK();
1898 in6_is_addr_deprecated(struct sockaddr_in6 *sa6)
1900 struct in6_ifaddr *ia;
1903 LIST_FOREACH(ia, IN6ADDR_HASH(&sa6->sin6_addr), ia6_hash) {
1904 if (IN6_ARE_ADDR_EQUAL(IA6_IN6(ia), &sa6->sin6_addr)) {
1905 if (ia->ia6_flags & IN6_IFF_DEPRECATED) {
1906 IN6_IFADDR_RUNLOCK();
1907 return (1); /* true */
1912 IN6_IFADDR_RUNLOCK();
1914 return (0); /* false */
1918 * return length of part which dst and src are equal
1922 in6_matchlen(struct in6_addr *src, struct in6_addr *dst)
1925 u_char *s = (u_char *)src, *d = (u_char *)dst;
1926 u_char *lim = s + 16, r;
1929 if ((r = (*d++ ^ *s++)) != 0) {
1940 /* XXX: to be scope conscious */
1942 in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len)
1944 int bytelen, bitlen;
1947 if (0 > len || len > 128) {
1948 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n",
1956 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen))
1959 p1->s6_addr[bytelen] >> (8 - bitlen) !=
1960 p2->s6_addr[bytelen] >> (8 - bitlen))
1967 in6_prefixlen2mask(struct in6_addr *maskp, int len)
1969 u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff};
1970 int bytelen, bitlen, i;
1973 if (0 > len || len > 128) {
1974 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n",
1979 bzero(maskp, sizeof(*maskp));
1982 for (i = 0; i < bytelen; i++)
1983 maskp->s6_addr[i] = 0xff;
1985 maskp->s6_addr[bytelen] = maskarray[bitlen - 1];
1989 * return the best address out of the same scope. if no address was
1990 * found, return the first valid address from designated IF.
1993 in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst)
1995 int dst_scope = in6_addrscope(dst), blen = -1, tlen;
1997 struct in6_ifaddr *besta = 0;
1998 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */
2000 dep[0] = dep[1] = NULL;
2003 * We first look for addresses in the same scope.
2004 * If there is one, return it.
2005 * If two or more, return one which matches the dst longest.
2006 * If none, return one of global addresses assigned other ifs.
2009 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2010 if (ifa->ifa_addr->sa_family != AF_INET6)
2012 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
2013 continue; /* XXX: is there any case to allow anycast? */
2014 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
2015 continue; /* don't use this interface */
2016 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
2018 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
2019 if (V_ip6_use_deprecated)
2020 dep[0] = (struct in6_ifaddr *)ifa;
2024 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) {
2026 * call in6_matchlen() as few as possible
2030 blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst);
2031 tlen = in6_matchlen(IFA_IN6(ifa), dst);
2034 besta = (struct in6_ifaddr *)ifa;
2037 besta = (struct in6_ifaddr *)ifa;
2041 ifa_ref(&besta->ia_ifa);
2042 IF_ADDR_RUNLOCK(ifp);
2046 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2047 if (ifa->ifa_addr->sa_family != AF_INET6)
2049 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
2050 continue; /* XXX: is there any case to allow anycast? */
2051 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
2052 continue; /* don't use this interface */
2053 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
2055 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
2056 if (V_ip6_use_deprecated)
2057 dep[1] = (struct in6_ifaddr *)ifa;
2063 IF_ADDR_RUNLOCK(ifp);
2064 return (struct in6_ifaddr *)ifa;
2067 /* use the last-resort values, that are, deprecated addresses */
2069 ifa_ref((struct ifaddr *)dep[0]);
2070 IF_ADDR_RUNLOCK(ifp);
2074 ifa_ref((struct ifaddr *)dep[1]);
2075 IF_ADDR_RUNLOCK(ifp);
2079 IF_ADDR_RUNLOCK(ifp);
2084 * perform DAD when interface becomes IFF_UP.
2087 in6_if_up(struct ifnet *ifp)
2090 struct in6_ifaddr *ia;
2093 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2094 if (ifa->ifa_addr->sa_family != AF_INET6)
2096 ia = (struct in6_ifaddr *)ifa;
2097 if (ia->ia6_flags & IN6_IFF_TENTATIVE) {
2099 * The TENTATIVE flag was likely set by hand
2100 * beforehand, implicitly indicating the need for DAD.
2101 * We may be able to skip the random delay in this
2102 * case, but we impose delays just in case.
2105 arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz));
2108 IF_ADDR_RUNLOCK(ifp);
2111 * special cases, like 6to4, are handled in in6_ifattach
2113 in6_ifattach(ifp, NULL);
2117 in6if_do_dad(struct ifnet *ifp)
2119 if ((ifp->if_flags & IFF_LOOPBACK) != 0)
2122 if (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED)
2125 switch (ifp->if_type) {
2131 * These interfaces do not have the IFF_LOOPBACK flag,
2132 * but loop packets back. We do not have to do DAD on such
2133 * interfaces. We should even omit it, because loop-backed
2134 * NS would confuse the DAD procedure.
2139 * Our DAD routine requires the interface up and running.
2140 * However, some interfaces can be up before the RUNNING
2141 * status. Additionaly, users may try to assign addresses
2142 * before the interface becomes up (or running).
2143 * We simply skip DAD in such a case as a work around.
2144 * XXX: we should rather mark "tentative" on such addresses,
2145 * and do DAD after the interface becomes ready.
2147 if (!((ifp->if_flags & IFF_UP) &&
2148 (ifp->if_drv_flags & IFF_DRV_RUNNING)))
2156 * Calculate max IPv6 MTU through all the interfaces and store it
2162 unsigned long maxmtu = 0;
2165 IFNET_RLOCK_NOSLEEP();
2166 TAILQ_FOREACH(ifp, &V_ifnet, if_list) {
2167 /* this function can be called during ifnet initialization */
2168 if (!ifp->if_afdata[AF_INET6])
2170 if ((ifp->if_flags & IFF_LOOPBACK) == 0 &&
2171 IN6_LINKMTU(ifp) > maxmtu)
2172 maxmtu = IN6_LINKMTU(ifp);
2174 IFNET_RUNLOCK_NOSLEEP();
2175 if (maxmtu) /* update only when maxmtu is positive */
2176 V_in6_maxmtu = maxmtu;
2180 * Provide the length of interface identifiers to be used for the link attached
2181 * to the given interface. The length should be defined in "IPv6 over
2182 * xxx-link" document. Note that address architecture might also define
2183 * the length for a particular set of address prefixes, regardless of the
2184 * link type. As clarified in rfc2462bis, those two definitions should be
2185 * consistent, and those really are as of August 2004.
2188 in6_if2idlen(struct ifnet *ifp)
2190 switch (ifp->if_type) {
2191 case IFT_ETHER: /* RFC2464 */
2192 #ifdef IFT_PROPVIRTUAL
2193 case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */
2196 case IFT_L2VLAN: /* ditto */
2198 #ifdef IFT_IEEE80211
2199 case IFT_IEEE80211: /* ditto */
2202 case IFT_MIP: /* ditto */
2204 case IFT_INFINIBAND:
2206 case IFT_FDDI: /* RFC2467 */
2208 case IFT_ISO88025: /* RFC2470 (IPv6 over Token Ring) */
2210 case IFT_PPP: /* RFC2472 */
2212 case IFT_ARCNET: /* RFC2497 */
2214 case IFT_FRELAY: /* RFC2590 */
2216 case IFT_IEEE1394: /* RFC3146 */
2219 return (64); /* draft-ietf-v6ops-mech-v2-07 */
2221 return (64); /* XXX: is this really correct? */
2224 * Unknown link type:
2225 * It might be controversial to use the today's common constant
2226 * of 64 for these cases unconditionally. For full compliance,
2227 * we should return an error in this case. On the other hand,
2228 * if we simply miss the standard for the link type or a new
2229 * standard is defined for a new link type, the IFID length
2230 * is very likely to be the common constant. As a compromise,
2231 * we always use the constant, but make an explicit notice
2232 * indicating the "unknown" case.
2234 printf("in6_if2idlen: unknown link type (%d)\n", ifp->if_type);
2239 #include <sys/sysctl.h>
2241 struct in6_llentry {
2242 struct llentry base;
2243 struct sockaddr_in6 l3_addr6;
2247 * Deletes an address from the address table.
2248 * This function is called by the timer functions
2249 * such as arptimer() and nd6_llinfo_timer(), and
2250 * the caller does the locking.
2253 in6_lltable_free(struct lltable *llt, struct llentry *lle)
2256 LLE_LOCK_DESTROY(lle);
2257 free(lle, M_LLTABLE);
2260 static struct llentry *
2261 in6_lltable_new(const struct sockaddr *l3addr, u_int flags)
2263 struct in6_llentry *lle;
2265 lle = malloc(sizeof(struct in6_llentry), M_LLTABLE, M_NOWAIT | M_ZERO);
2266 if (lle == NULL) /* NB: caller generates msg */
2269 lle->l3_addr6 = *(const struct sockaddr_in6 *)l3addr;
2270 lle->base.lle_refcnt = 1;
2271 lle->base.lle_free = in6_lltable_free;
2272 LLE_LOCK_INIT(&lle->base);
2273 callout_init_rw(&lle->base.ln_timer_ch, &lle->base.lle_lock,
2274 CALLOUT_RETURNUNLOCKED);
2276 return (&lle->base);
2280 in6_lltable_prefix_free(struct lltable *llt, const struct sockaddr *prefix,
2281 const struct sockaddr *mask, u_int flags)
2283 const struct sockaddr_in6 *pfx = (const struct sockaddr_in6 *)prefix;
2284 const struct sockaddr_in6 *msk = (const struct sockaddr_in6 *)mask;
2285 struct llentry *lle, *next;
2289 * (flags & LLE_STATIC) means deleting all entries
2290 * including static ND6 entries.
2292 IF_AFDATA_WLOCK(llt->llt_ifp);
2293 for (i = 0; i < LLTBL_HASHTBL_SIZE; i++) {
2294 LIST_FOREACH_SAFE(lle, &llt->lle_head[i], lle_next, next) {
2295 if (IN6_ARE_MASKED_ADDR_EQUAL(
2296 &satosin6(L3_ADDR(lle))->sin6_addr,
2297 &pfx->sin6_addr, &msk->sin6_addr) &&
2298 ((flags & LLE_STATIC) ||
2299 !(lle->la_flags & LLE_STATIC))) {
2301 if (callout_stop(&lle->la_timer))
2307 IF_AFDATA_WUNLOCK(llt->llt_ifp);
2311 in6_lltable_rtcheck(struct ifnet *ifp,
2313 const struct sockaddr *l3addr)
2316 char ip6buf[INET6_ADDRSTRLEN];
2318 KASSERT(l3addr->sa_family == AF_INET6,
2319 ("sin_family %d", l3addr->sa_family));
2321 /* Our local addresses are always only installed on the default FIB. */
2322 /* XXX rtalloc1 should take a const param */
2323 rt = in6_rtalloc1(__DECONST(struct sockaddr *, l3addr), 0, 0,
2325 if (rt == NULL || (rt->rt_flags & RTF_GATEWAY) || rt->rt_ifp != ifp) {
2328 * Create an ND6 cache for an IPv6 neighbor
2329 * that is not covered by our own prefix.
2331 /* XXX ifaof_ifpforaddr should take a const param */
2332 ifa = ifaof_ifpforaddr(__DECONST(struct sockaddr *, l3addr), ifp);
2339 log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n",
2340 ip6_sprintf(ip6buf, &((const struct sockaddr_in6 *)l3addr)->sin6_addr));
2349 static struct llentry *
2350 in6_lltable_lookup(struct lltable *llt, u_int flags,
2351 const struct sockaddr *l3addr)
2353 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr;
2354 struct ifnet *ifp = llt->llt_ifp;
2355 struct llentry *lle;
2356 struct llentries *lleh;
2359 IF_AFDATA_LOCK_ASSERT(ifp);
2360 KASSERT(l3addr->sa_family == AF_INET6,
2361 ("sin_family %d", l3addr->sa_family));
2363 hashkey = sin6->sin6_addr.s6_addr32[3];
2364 lleh = &llt->lle_head[LLATBL_HASH(hashkey, LLTBL_HASHMASK)];
2365 LIST_FOREACH(lle, lleh, lle_next) {
2366 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)L3_ADDR(lle);
2367 if (lle->la_flags & LLE_DELETED)
2369 if (bcmp(&sa6->sin6_addr, &sin6->sin6_addr,
2370 sizeof(struct in6_addr)) == 0)
2375 if (!(flags & LLE_CREATE))
2377 IF_AFDATA_WLOCK_ASSERT(ifp);
2379 * A route that covers the given address must have
2380 * been installed 1st because we are doing a resolution,
2383 if (!(flags & LLE_IFADDR) &&
2384 in6_lltable_rtcheck(ifp, flags, l3addr) != 0)
2387 lle = in6_lltable_new(l3addr, flags);
2389 log(LOG_INFO, "lla_lookup: new lle malloc failed\n");
2392 lle->la_flags = flags & ~LLE_CREATE;
2393 if ((flags & (LLE_CREATE | LLE_IFADDR)) == (LLE_CREATE | LLE_IFADDR)) {
2394 bcopy(IF_LLADDR(ifp), &lle->ll_addr, ifp->if_addrlen);
2395 lle->la_flags |= (LLE_VALID | LLE_STATIC);
2399 lle->lle_head = lleh;
2400 lle->la_flags |= LLE_LINKED;
2401 LIST_INSERT_HEAD(lleh, lle, lle_next);
2402 } else if (flags & LLE_DELETE) {
2403 if (!(lle->la_flags & LLE_IFADDR) || (flags & LLE_IFADDR)) {
2405 lle->la_flags |= LLE_DELETED;
2407 log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle);
2409 if ((lle->la_flags &
2410 (LLE_STATIC | LLE_IFADDR)) == LLE_STATIC)
2417 if (LLE_IS_VALID(lle)) {
2418 if (flags & LLE_EXCLUSIVE)
2427 in6_lltable_dump(struct lltable *llt, struct sysctl_req *wr)
2429 struct ifnet *ifp = llt->llt_ifp;
2430 struct llentry *lle;
2433 struct rt_msghdr rtm;
2434 struct sockaddr_in6 sin6;
2436 * ndp.c assumes that sdl is word aligned
2441 struct sockaddr_dl sdl;
2445 if (ifp->if_flags & IFF_LOOPBACK)
2448 LLTABLE_LOCK_ASSERT();
2451 for (i = 0; i < LLTBL_HASHTBL_SIZE; i++) {
2452 LIST_FOREACH(lle, &llt->lle_head[i], lle_next) {
2453 struct sockaddr_dl *sdl;
2455 /* skip deleted or invalid entries */
2456 if ((lle->la_flags & (LLE_DELETED|LLE_VALID)) != LLE_VALID)
2458 /* Skip if jailed and not a valid IP of the prison. */
2459 if (prison_if(wr->td->td_ucred, L3_ADDR(lle)) != 0)
2462 * produce a msg made of:
2464 * struct sockaddr_in6 (IPv6)
2465 * struct sockaddr_dl;
2467 bzero(&ndpc, sizeof(ndpc));
2468 ndpc.rtm.rtm_msglen = sizeof(ndpc);
2469 ndpc.rtm.rtm_version = RTM_VERSION;
2470 ndpc.rtm.rtm_type = RTM_GET;
2471 ndpc.rtm.rtm_flags = RTF_UP;
2472 ndpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY;
2473 ndpc.sin6.sin6_family = AF_INET6;
2474 ndpc.sin6.sin6_len = sizeof(ndpc.sin6);
2475 bcopy(L3_ADDR(lle), &ndpc.sin6, L3_ADDR_LEN(lle));
2476 if (V_deembed_scopeid)
2477 sa6_recoverscope(&ndpc.sin6);
2480 if (lle->la_flags & LLE_PUB)
2481 ndpc.rtm.rtm_flags |= RTF_ANNOUNCE;
2484 sdl->sdl_family = AF_LINK;
2485 sdl->sdl_len = sizeof(*sdl);
2486 sdl->sdl_alen = ifp->if_addrlen;
2487 sdl->sdl_index = ifp->if_index;
2488 sdl->sdl_type = ifp->if_type;
2489 bcopy(&lle->ll_addr, LLADDR(sdl), ifp->if_addrlen);
2490 ndpc.rtm.rtm_rmx.rmx_expire =
2491 lle->la_flags & LLE_STATIC ? 0 : lle->la_expire;
2492 ndpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA);
2493 if (lle->la_flags & LLE_STATIC)
2494 ndpc.rtm.rtm_flags |= RTF_STATIC;
2495 ndpc.rtm.rtm_index = ifp->if_index;
2496 error = SYSCTL_OUT(wr, &ndpc, sizeof(ndpc));
2505 in6_domifattach(struct ifnet *ifp)
2507 struct in6_ifextra *ext;
2509 /* There are not IPv6-capable interfaces. */
2510 switch (ifp->if_type) {
2516 ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK);
2517 bzero(ext, sizeof(*ext));
2519 ext->in6_ifstat = malloc(sizeof(counter_u64_t) *
2520 sizeof(struct in6_ifstat) / sizeof(uint64_t), M_IFADDR, M_WAITOK);
2521 COUNTER_ARRAY_ALLOC(ext->in6_ifstat,
2522 sizeof(struct in6_ifstat) / sizeof(uint64_t), M_WAITOK);
2524 ext->icmp6_ifstat = malloc(sizeof(counter_u64_t) *
2525 sizeof(struct icmp6_ifstat) / sizeof(uint64_t), M_IFADDR,
2527 COUNTER_ARRAY_ALLOC(ext->icmp6_ifstat,
2528 sizeof(struct icmp6_ifstat) / sizeof(uint64_t), M_WAITOK);
2530 ext->nd_ifinfo = nd6_ifattach(ifp);
2531 ext->scope6_id = scope6_ifattach(ifp);
2532 ext->lltable = lltable_init(ifp, AF_INET6);
2533 if (ext->lltable != NULL) {
2534 ext->lltable->llt_prefix_free = in6_lltable_prefix_free;
2535 ext->lltable->llt_lookup = in6_lltable_lookup;
2536 ext->lltable->llt_dump = in6_lltable_dump;
2539 ext->mld_ifinfo = mld_domifattach(ifp);
2545 in6_domifdetach(struct ifnet *ifp, void *aux)
2547 struct in6_ifextra *ext = (struct in6_ifextra *)aux;
2549 mld_domifdetach(ifp);
2550 scope6_ifdetach(ext->scope6_id);
2551 nd6_ifdetach(ext->nd_ifinfo);
2552 lltable_free(ext->lltable);
2553 COUNTER_ARRAY_FREE(ext->in6_ifstat,
2554 sizeof(struct in6_ifstat) / sizeof(uint64_t));
2555 free(ext->in6_ifstat, M_IFADDR);
2556 COUNTER_ARRAY_FREE(ext->icmp6_ifstat,
2557 sizeof(struct icmp6_ifstat) / sizeof(uint64_t));
2558 free(ext->icmp6_ifstat, M_IFADDR);
2559 free(ext, M_IFADDR);
2563 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be
2564 * v4 mapped addr or v4 compat addr
2567 in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
2570 bzero(sin, sizeof(*sin));
2571 sin->sin_len = sizeof(struct sockaddr_in);
2572 sin->sin_family = AF_INET;
2573 sin->sin_port = sin6->sin6_port;
2574 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3];
2577 /* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */
2579 in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
2581 bzero(sin6, sizeof(*sin6));
2582 sin6->sin6_len = sizeof(struct sockaddr_in6);
2583 sin6->sin6_family = AF_INET6;
2584 sin6->sin6_port = sin->sin_port;
2585 sin6->sin6_addr.s6_addr32[0] = 0;
2586 sin6->sin6_addr.s6_addr32[1] = 0;
2587 sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP;
2588 sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr;
2591 /* Convert sockaddr_in6 into sockaddr_in. */
2593 in6_sin6_2_sin_in_sock(struct sockaddr *nam)
2595 struct sockaddr_in *sin_p;
2596 struct sockaddr_in6 sin6;
2599 * Save original sockaddr_in6 addr and convert it
2602 sin6 = *(struct sockaddr_in6 *)nam;
2603 sin_p = (struct sockaddr_in *)nam;
2604 in6_sin6_2_sin(sin_p, &sin6);
2607 /* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */
2609 in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam)
2611 struct sockaddr_in *sin_p;
2612 struct sockaddr_in6 *sin6_p;
2614 sin6_p = malloc(sizeof *sin6_p, M_SONAME, M_WAITOK);
2615 sin_p = (struct sockaddr_in *)*nam;
2616 in6_sin_2_v4mapsin6(sin_p, sin6_p);
2617 free(*nam, M_SONAME);
2618 *nam = (struct sockaddr *)sin6_p;
projects / FreeBSD / FreeBSD.git / blob