2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. Neither the name of the project nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * $KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $
33 * Copyright (c) 1982, 1986, 1991, 1993
34 * The Regents of the University of California. All rights reserved.
36 * Redistribution and use in source and binary forms, with or without
37 * modification, are permitted provided that the following conditions
39 * 1. Redistributions of source code must retain the above copyright
40 * notice, this list of conditions and the following disclaimer.
41 * 2. Redistributions in binary form must reproduce the above copyright
42 * notice, this list of conditions and the following disclaimer in the
43 * documentation and/or other materials provided with the distribution.
44 * 4. Neither the name of the University nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
60 * @(#)in.c 8.2 (Berkeley) 11/15/93
63 #include <sys/cdefs.h>
64 __FBSDID("$FreeBSD$");
66 #include "opt_compat.h"
68 #include "opt_inet6.h"
70 #include <sys/param.h>
71 #include <sys/errno.h>
73 #include <sys/malloc.h>
74 #include <sys/socket.h>
75 #include <sys/socketvar.h>
76 #include <sys/sockio.h>
77 #include <sys/systm.h>
81 #include <sys/kernel.h>
82 #include <sys/syslog.h>
85 #include <net/if_var.h>
86 #include <net/if_types.h>
87 #include <net/route.h>
88 #include <net/if_dl.h>
91 #include <netinet/in.h>
92 #include <netinet/in_var.h>
93 #include <net/if_llatbl.h>
94 #include <netinet/if_ether.h>
95 #include <netinet/in_systm.h>
96 #include <netinet/ip.h>
97 #include <netinet/in_pcb.h>
98 #include <netinet/ip_carp.h>
100 #include <netinet/ip6.h>
101 #include <netinet6/ip6_var.h>
102 #include <netinet6/nd6.h>
103 #include <netinet6/mld6_var.h>
104 #include <netinet6/ip6_mroute.h>
105 #include <netinet6/in6_ifattach.h>
106 #include <netinet6/scope6_var.h>
107 #include <netinet6/in6_pcb.h>
109 VNET_DECLARE(int, icmp6_nodeinfo_oldmcprefix);
110 #define V_icmp6_nodeinfo_oldmcprefix VNET(icmp6_nodeinfo_oldmcprefix)
113 * Definitions of some costant IP6 addresses.
115 const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT;
116 const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT;
117 const struct in6_addr in6addr_nodelocal_allnodes =
118 IN6ADDR_NODELOCAL_ALLNODES_INIT;
119 const struct in6_addr in6addr_linklocal_allnodes =
120 IN6ADDR_LINKLOCAL_ALLNODES_INIT;
121 const struct in6_addr in6addr_linklocal_allrouters =
122 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT;
123 const struct in6_addr in6addr_linklocal_allv2routers =
124 IN6ADDR_LINKLOCAL_ALLV2ROUTERS_INIT;
126 const struct in6_addr in6mask0 = IN6MASK0;
127 const struct in6_addr in6mask32 = IN6MASK32;
128 const struct in6_addr in6mask64 = IN6MASK64;
129 const struct in6_addr in6mask96 = IN6MASK96;
130 const struct in6_addr in6mask128 = IN6MASK128;
132 const struct sockaddr_in6 sa6_any =
133 { sizeof(sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0 };
135 static int in6_lifaddr_ioctl(struct socket *, u_long, caddr_t,
136 struct ifnet *, struct thread *);
137 static int in6_ifinit(struct ifnet *, struct in6_ifaddr *,
138 struct sockaddr_in6 *, int);
139 static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *);
141 int (*faithprefix_p)(struct in6_addr *);
143 #define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa))
144 #define ia62ifa(ia6) (&((ia6)->ia_ifa))
147 in6_ifaddloop(struct ifaddr *ifa)
149 struct sockaddr_dl gateway;
150 struct sockaddr_in6 mask, addr;
152 struct in6_ifaddr *ia;
159 ifa->ifa_rtrequest = nd6_rtrequest;
160 ln = lla_lookup(LLTABLE6(ifp), (LLE_CREATE | LLE_IFADDR |
161 LLE_EXCLUSIVE), (struct sockaddr *)&ia->ia_addr);
162 IF_AFDATA_UNLOCK(ifp);
164 ln->la_expire = 0; /* for IPv6 this means permanent */
165 ln->ln_state = ND6_LLINFO_REACHABLE;
167 * initialize for rtmsg generation
169 bzero(&gateway, sizeof(gateway));
170 gateway.sdl_len = sizeof(gateway);
171 gateway.sdl_family = AF_LINK;
172 gateway.sdl_nlen = 0;
173 gateway.sdl_alen = 6;
174 memcpy(gateway.sdl_data, &ln->ll_addr.mac_aligned,
175 sizeof(ln->ll_addr));
179 bzero(&rt, sizeof(rt));
180 rt.rt_gateway = (struct sockaddr *)&gateway;
181 memcpy(&mask, &ia->ia_prefixmask, sizeof(ia->ia_prefixmask));
182 memcpy(&addr, &ia->ia_addr, sizeof(ia->ia_addr));
183 rt_mask(&rt) = (struct sockaddr *)&mask;
184 rt_key(&rt) = (struct sockaddr *)&addr;
185 rt.rt_flags = RTF_UP | RTF_HOST | RTF_STATIC;
186 /* Announce arrival of local address to all FIBs. */
187 rt_newaddrmsg(RTM_ADD, ifa, 0, &rt);
191 in6_ifremloop(struct ifaddr *ifa)
193 struct sockaddr_dl gateway;
194 struct sockaddr_in6 mask, addr;
196 struct in6_ifaddr *ia;
201 memcpy(&addr, &ia->ia_addr, sizeof(ia->ia_addr));
202 memcpy(&mask, &ia->ia_prefixmask, sizeof(ia->ia_prefixmask));
203 lltable_prefix_free(AF_INET6, (struct sockaddr *)&addr,
204 (struct sockaddr *)&mask, LLE_STATIC);
207 * initialize for rtmsg generation
209 bzero(&gateway, sizeof(gateway));
210 gateway.sdl_len = sizeof(gateway);
211 gateway.sdl_family = AF_LINK;
212 gateway.sdl_nlen = 0;
213 gateway.sdl_alen = ifp->if_addrlen;
214 bzero(&rt0, sizeof(rt0));
215 rt0.rt_gateway = (struct sockaddr *)&gateway;
216 rt_mask(&rt0) = (struct sockaddr *)&mask;
217 rt_key(&rt0) = (struct sockaddr *)&addr;
218 rt0.rt_flags = RTF_HOST | RTF_STATIC;
219 /* Announce removal of local address to all FIBs. */
220 rt_newaddrmsg(RTM_DELETE, ifa, 0, &rt0);
224 in6_mask2len(struct in6_addr *mask, u_char *lim0)
227 u_char *lim = lim0, *p;
229 /* ignore the scope_id part */
230 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask))
231 lim = (u_char *)mask + sizeof(*mask);
232 for (p = (u_char *)mask; p < lim; x++, p++) {
238 for (y = 0; y < 8; y++) {
239 if ((*p & (0x80 >> y)) == 0)
245 * when the limit pointer is given, do a stricter check on the
249 if (y != 0 && (*p & (0x00ff >> y)) != 0)
251 for (p = p + 1; p < lim; p++)
259 #ifdef COMPAT_FREEBSD32
260 struct in6_ndifreq32 {
261 char ifname[IFNAMSIZ];
264 #define SIOCGDEFIFACE32_IN6 _IOWR('i', 86, struct in6_ndifreq32)
268 in6_control(struct socket *so, u_long cmd, caddr_t data,
269 struct ifnet *ifp, struct thread *td)
271 struct in6_ifreq *ifr = (struct in6_ifreq *)data;
272 struct in6_ifaddr *ia = NULL;
273 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data;
274 struct sockaddr_in6 *sa6;
275 int carp_attached = 0;
280 * Compat to make pre-10.x ifconfig(8) operable.
282 if (cmd == OSIOCAIFADDR_IN6)
283 cmd = SIOCAIFADDR_IN6;
286 case SIOCGETSGCNT_IN6:
287 case SIOCGETMIFCNT_IN6:
289 * XXX mrt_ioctl has a 3rd, unused, FIB argument in route.c.
290 * We cannot see how that would be needed, so do not adjust the
291 * KPI blindly; more likely should clean up the IPv4 variant.
293 return (mrt6_ioctl ? mrt6_ioctl(cmd, data) : EOPNOTSUPP);
297 case SIOCAADDRCTL_POLICY:
298 case SIOCDADDRCTL_POLICY:
300 error = priv_check(td, PRIV_NETINET_ADDRCTRL6);
304 return (in6_src_ioctl(cmd, data));
311 case SIOCSNDFLUSH_IN6:
312 case SIOCSPFXFLUSH_IN6:
313 case SIOCSRTRFLUSH_IN6:
314 case SIOCSDEFIFACE_IN6:
315 case SIOCSIFINFO_FLAGS:
316 case SIOCSIFINFO_IN6:
318 error = priv_check(td, PRIV_NETINET_ND6);
323 case OSIOCGIFINFO_IN6:
324 case SIOCGIFINFO_IN6:
327 case SIOCGNBRINFO_IN6:
328 case SIOCGDEFIFACE_IN6:
329 return (nd6_ioctl(cmd, data, ifp));
331 #ifdef COMPAT_FREEBSD32
332 case SIOCGDEFIFACE32_IN6:
334 struct in6_ndifreq ndif;
335 struct in6_ndifreq32 *ndif32;
337 error = nd6_ioctl(SIOCGDEFIFACE_IN6, (caddr_t)&ndif,
341 ndif32 = (struct in6_ndifreq32 *)data;
342 ndif32->ifindex = ndif.ifindex;
349 case SIOCSIFPREFIX_IN6:
350 case SIOCDIFPREFIX_IN6:
351 case SIOCAIFPREFIX_IN6:
352 case SIOCCIFPREFIX_IN6:
353 case SIOCSGIFPREFIX_IN6:
354 case SIOCGIFPREFIX_IN6:
356 "prefix ioctls are now invalidated. "
357 "please use ifconfig.\n");
364 error = priv_check(td, PRIV_NETINET_SCOPE6);
368 return (scope6_set(ifp,
369 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id));
371 return (scope6_get(ifp,
372 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id));
374 return (scope6_get_default((struct scope6_id *)
375 ifr->ifr_ifru.ifru_scope_id));
381 error = priv_check(td, PRIV_NET_ADDIFADDR);
385 return in6_lifaddr_ioctl(so, cmd, data, ifp, td);
389 error = priv_check(td, PRIV_NET_DELIFADDR);
395 return in6_lifaddr_ioctl(so, cmd, data, ifp, td);
399 * Find address for this interface, if it exists.
401 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation
402 * only, and used the first interface address as the target of other
403 * operations (without checking ifra_addr). This was because netinet
404 * code/API assumed at most 1 interface address per interface.
405 * Since IPv6 allows a node to assign multiple addresses
406 * on a single interface, we almost always look and check the
407 * presence of ifra_addr, and reject invalid ones here.
408 * It also decreases duplicated code among SIOC*_IN6 operations.
411 case SIOCAIFADDR_IN6:
412 case SIOCSIFPHYADDR_IN6:
413 sa6 = &ifra->ifra_addr;
415 case SIOCSIFADDR_IN6:
416 case SIOCGIFADDR_IN6:
417 case SIOCSIFDSTADDR_IN6:
418 case SIOCSIFNETMASK_IN6:
419 case SIOCGIFDSTADDR_IN6:
420 case SIOCGIFNETMASK_IN6:
421 case SIOCDIFADDR_IN6:
422 case SIOCGIFPSRCADDR_IN6:
423 case SIOCGIFPDSTADDR_IN6:
424 case SIOCGIFAFLAG_IN6:
425 case SIOCSNDFLUSH_IN6:
426 case SIOCSPFXFLUSH_IN6:
427 case SIOCSRTRFLUSH_IN6:
428 case SIOCGIFALIFETIME_IN6:
429 case SIOCSIFALIFETIME_IN6:
430 case SIOCGIFSTAT_IN6:
431 case SIOCGIFSTAT_ICMP6:
432 sa6 = &ifr->ifr_addr;
438 if (sa6 && sa6->sin6_family == AF_INET6) {
439 if (sa6->sin6_scope_id != 0)
440 error = sa6_embedscope(sa6, 0);
442 error = in6_setscope(&sa6->sin6_addr, ifp, NULL);
445 if (td != NULL && (error = prison_check_ip6(td->td_ucred,
446 &sa6->sin6_addr)) != 0)
448 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr);
453 case SIOCSIFADDR_IN6:
454 case SIOCSIFDSTADDR_IN6:
455 case SIOCSIFNETMASK_IN6:
457 * Since IPv6 allows a node to assign multiple addresses
458 * on a single interface, SIOCSIFxxx ioctls are deprecated.
460 /* we decided to obsolete this command (20000704) */
464 case SIOCDIFADDR_IN6:
466 * for IPv4, we look for existing in_ifaddr here to allow
467 * "ifconfig if0 delete" to remove the first IPv4 address on
468 * the interface. For IPv6, as the spec allows multiple
469 * interface address from the day one, we consider "remove the
470 * first one" semantics to be not preferable.
473 error = EADDRNOTAVAIL;
477 case SIOCAIFADDR_IN6:
479 * We always require users to specify a valid IPv6 address for
480 * the corresponding operation.
482 if (ifra->ifra_addr.sin6_family != AF_INET6 ||
483 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) {
484 error = EAFNOSUPPORT;
489 error = priv_check(td, (cmd == SIOCDIFADDR_IN6) ?
490 PRIV_NET_DELIFADDR : PRIV_NET_ADDIFADDR);
496 case SIOCGIFADDR_IN6:
497 /* This interface is basically deprecated. use SIOCGIFCONF. */
499 case SIOCGIFAFLAG_IN6:
500 case SIOCGIFNETMASK_IN6:
501 case SIOCGIFDSTADDR_IN6:
502 case SIOCGIFALIFETIME_IN6:
503 /* must think again about its semantics */
505 error = EADDRNOTAVAIL;
510 case SIOCSIFALIFETIME_IN6:
512 struct in6_addrlifetime *lt;
515 error = priv_check(td, PRIV_NETINET_ALIFETIME6);
520 error = EADDRNOTAVAIL;
523 /* sanity for overflow - beware unsigned */
524 lt = &ifr->ifr_ifru.ifru_lifetime;
525 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME &&
526 lt->ia6t_vltime + time_second < time_second) {
530 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME &&
531 lt->ia6t_pltime + time_second < time_second) {
540 case SIOCGIFADDR_IN6:
541 ifr->ifr_addr = ia->ia_addr;
542 if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0)
546 case SIOCGIFDSTADDR_IN6:
547 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) {
552 * XXX: should we check if ifa_dstaddr is NULL and return
555 ifr->ifr_dstaddr = ia->ia_dstaddr;
556 if ((error = sa6_recoverscope(&ifr->ifr_dstaddr)) != 0)
560 case SIOCGIFNETMASK_IN6:
561 ifr->ifr_addr = ia->ia_prefixmask;
564 case SIOCGIFAFLAG_IN6:
565 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags;
568 case SIOCGIFSTAT_IN6:
573 bzero(&ifr->ifr_ifru.ifru_stat,
574 sizeof(ifr->ifr_ifru.ifru_stat));
575 ifr->ifr_ifru.ifru_stat =
576 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat;
579 case SIOCGIFSTAT_ICMP6:
584 bzero(&ifr->ifr_ifru.ifru_icmp6stat,
585 sizeof(ifr->ifr_ifru.ifru_icmp6stat));
586 ifr->ifr_ifru.ifru_icmp6stat =
587 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat;
590 case SIOCGIFALIFETIME_IN6:
591 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime;
592 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
594 struct in6_addrlifetime *retlt =
595 &ifr->ifr_ifru.ifru_lifetime;
598 * XXX: adjust expiration time assuming time_t is
602 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
603 if (ia->ia6_lifetime.ia6t_vltime <
604 maxexpire - ia->ia6_updatetime) {
605 retlt->ia6t_expire = ia->ia6_updatetime +
606 ia->ia6_lifetime.ia6t_vltime;
608 retlt->ia6t_expire = maxexpire;
610 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
612 struct in6_addrlifetime *retlt =
613 &ifr->ifr_ifru.ifru_lifetime;
616 * XXX: adjust expiration time assuming time_t is
620 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
621 if (ia->ia6_lifetime.ia6t_pltime <
622 maxexpire - ia->ia6_updatetime) {
623 retlt->ia6t_preferred = ia->ia6_updatetime +
624 ia->ia6_lifetime.ia6t_pltime;
626 retlt->ia6t_preferred = maxexpire;
630 case SIOCSIFALIFETIME_IN6:
631 ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime;
633 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
634 ia->ia6_lifetime.ia6t_expire =
635 time_second + ia->ia6_lifetime.ia6t_vltime;
637 ia->ia6_lifetime.ia6t_expire = 0;
638 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
639 ia->ia6_lifetime.ia6t_preferred =
640 time_second + ia->ia6_lifetime.ia6t_pltime;
642 ia->ia6_lifetime.ia6t_preferred = 0;
645 case SIOCAIFADDR_IN6:
648 struct nd_prefixctl pr0;
649 struct nd_prefix *pr;
652 * first, make or update the interface address structure,
653 * and link it to the list.
655 if ((error = in6_update_ifa(ifp, ifra, ia, 0)) != 0)
658 ifa_free(&ia->ia_ifa);
659 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr))
662 * this can happen when the user specify the 0 valid
668 if (cmd == ocmd && ifra->ifra_vhid > 0) {
669 if (carp_attach_p != NULL)
670 error = (*carp_attach_p)(&ia->ia_ifa,
673 error = EPROTONOSUPPORT;
681 * then, make the prefix on-link on the interface.
682 * XXX: we'd rather create the prefix before the address, but
683 * we need at least one address to install the corresponding
684 * interface route, so we configure the address first.
688 * convert mask to prefix length (prefixmask has already
689 * been validated in in6_update_ifa().
691 bzero(&pr0, sizeof(pr0));
693 pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
695 if (pr0.ndpr_plen == 128) {
696 break; /* we don't need to install a host route. */
698 pr0.ndpr_prefix = ifra->ifra_addr;
699 /* apply the mask for safety. */
700 for (i = 0; i < 4; i++) {
701 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &=
702 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i];
705 * XXX: since we don't have an API to set prefix (not address)
706 * lifetimes, we just use the same lifetimes as addresses.
707 * The (temporarily) installed lifetimes can be overridden by
708 * later advertised RAs (when accept_rtadv is non 0), which is
709 * an intended behavior.
711 pr0.ndpr_raf_onlink = 1; /* should be configurable? */
713 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0);
714 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime;
715 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime;
717 /* add the prefix if not yet. */
718 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) {
720 * nd6_prelist_add will install the corresponding
723 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) {
725 (*carp_detach_p)(&ia->ia_ifa);
730 (*carp_detach_p)(&ia->ia_ifa);
731 log(LOG_ERR, "nd6_prelist_add succeeded but "
738 /* relate the address to the prefix */
739 if (ia->ia6_ndpr == NULL) {
744 * If this is the first autoconf address from the
745 * prefix, create a temporary address as well
748 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) &&
749 V_ip6_use_tempaddr && pr->ndpr_refcnt == 1) {
751 if ((e = in6_tmpifadd(ia, 1, 0)) != 0) {
752 log(LOG_NOTICE, "in6_control: failed "
753 "to create a temporary address, "
760 * this might affect the status of autoconfigured addresses,
761 * that is, this address might make other addresses detached.
763 pfxlist_onlink_check();
764 if (error == 0 && ia) {
765 if (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED) {
767 * Try to clear the flag when a new
768 * IPv6 address is added onto an
769 * IFDISABLED interface and it
772 struct in6_ndireq nd;
774 memset(&nd, 0, sizeof(nd));
775 nd.ndi.flags = ND_IFINFO(ifp)->flags;
776 nd.ndi.flags &= ~ND6_IFF_IFDISABLED;
777 if (nd6_ioctl(SIOCSIFINFO_FLAGS,
778 (caddr_t)&nd, ifp) < 0)
779 log(LOG_NOTICE, "SIOCAIFADDR_IN6: "
780 "SIOCSIFINFO_FLAGS for -ifdisabled "
783 * Ignore failure of clearing the flag
784 * intentionally. The failure means
785 * address duplication was detected.
788 EVENTHANDLER_INVOKE(ifaddr_event, ifp);
793 case SIOCDIFADDR_IN6:
795 struct nd_prefix *pr;
798 * If the address being deleted is the only one that owns
799 * the corresponding prefix, expire the prefix as well.
800 * XXX: theoretically, we don't have to worry about such
801 * relationship, since we separate the address management
802 * and the prefix management. We do this, however, to provide
803 * as much backward compatibility as possible in terms of
804 * the ioctl operation.
805 * Note that in6_purgeaddr() will decrement ndpr_refcnt.
808 in6_purgeaddr(&ia->ia_ifa);
809 if (pr && pr->ndpr_refcnt == 0)
811 EVENTHANDLER_INVOKE(ifaddr_event, ifp);
816 if (ifp == NULL || ifp->if_ioctl == 0) {
820 error = (*ifp->if_ioctl)(ifp, cmd, data);
827 ifa_free(&ia->ia_ifa);
833 * Join necessary multicast groups. Factored out from in6_update_ifa().
834 * This entire work should only be done once, for the default FIB.
837 in6_update_ifa_join_mc(struct ifnet *ifp, struct in6_aliasreq *ifra,
838 struct in6_ifaddr *ia, int flags, struct in6_multi **in6m_sol)
840 char ip6buf[INET6_ADDRSTRLEN];
841 struct sockaddr_in6 mltaddr, mltmask;
842 struct in6_addr llsol;
843 struct in6_multi_mship *imm;
847 KASSERT(in6m_sol != NULL, ("%s: in6m_sol is NULL", __func__));
849 /* Join solicited multicast addr for new host id. */
850 bzero(&llsol, sizeof(struct in6_addr));
851 llsol.s6_addr32[0] = IPV6_ADDR_INT32_MLL;
852 llsol.s6_addr32[1] = 0;
853 llsol.s6_addr32[2] = htonl(1);
854 llsol.s6_addr32[3] = ifra->ifra_addr.sin6_addr.s6_addr32[3];
855 llsol.s6_addr8[12] = 0xff;
856 if ((error = in6_setscope(&llsol, ifp, NULL)) != 0) {
857 /* XXX: should not happen */
858 log(LOG_ERR, "%s: in6_setscope failed\n", __func__);
862 if ((flags & IN6_IFAUPDATE_DADDELAY)) {
864 * We need a random delay for DAD on the address being
865 * configured. It also means delaying transmission of the
866 * corresponding MLD report to avoid report collision.
867 * [RFC 4861, Section 6.3.7]
869 delay = arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz);
871 imm = in6_joingroup(ifp, &llsol, &error, delay);
873 nd6log((LOG_WARNING, "%s: addmulti failed for %s on %s "
874 "(errno=%d)\n", __func__, ip6_sprintf(ip6buf, &llsol),
875 if_name(ifp), error));
878 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
879 *in6m_sol = imm->i6mm_maddr;
881 bzero(&mltmask, sizeof(mltmask));
882 mltmask.sin6_len = sizeof(struct sockaddr_in6);
883 mltmask.sin6_family = AF_INET6;
884 mltmask.sin6_addr = in6mask32;
885 #define MLTMASK_LEN 4 /* mltmask's masklen (=32bit=4octet) */
888 * Join link-local all-nodes address.
890 bzero(&mltaddr, sizeof(mltaddr));
891 mltaddr.sin6_len = sizeof(struct sockaddr_in6);
892 mltaddr.sin6_family = AF_INET6;
893 mltaddr.sin6_addr = in6addr_linklocal_allnodes;
894 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0)
895 goto cleanup; /* XXX: should not fail */
898 * XXX: do we really need this automatic routes? We should probably
899 * reconsider this stuff. Most applications actually do not need the
900 * routes, since they usually specify the outgoing interface.
902 rt = in6_rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL, RT_DEFAULT_FIB);
904 /* XXX: only works in !SCOPEDROUTING case. */
905 if (memcmp(&mltaddr.sin6_addr,
906 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr,
913 error = in6_rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr,
914 (struct sockaddr *)&ia->ia_addr,
915 (struct sockaddr *)&mltmask, RTF_UP,
916 (struct rtentry **)0, RT_DEFAULT_FIB);
922 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0);
924 nd6log((LOG_WARNING, "%s: addmulti failed for %s on %s "
925 "(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
926 &mltaddr.sin6_addr), if_name(ifp), error));
929 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
932 * Join node information group address.
935 if ((flags & IN6_IFAUPDATE_DADDELAY)) {
937 * The spec does not say anything about delay for this group,
938 * but the same logic should apply.
940 delay = arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz);
942 if (in6_nigroup(ifp, NULL, -1, &mltaddr.sin6_addr) == 0) {
944 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, delay);
946 nd6log((LOG_WARNING, "%s: addmulti failed for %s on %s "
947 "(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
948 &mltaddr.sin6_addr), if_name(ifp), error));
949 /* XXX not very fatal, go on... */
951 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
953 if (V_icmp6_nodeinfo_oldmcprefix &&
954 in6_nigroup_oldmcprefix(ifp, NULL, -1, &mltaddr.sin6_addr) == 0) {
955 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, delay);
957 nd6log((LOG_WARNING, "%s: addmulti failed for %s on %s "
958 "(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
959 &mltaddr.sin6_addr), if_name(ifp), error));
960 /* XXX not very fatal, go on... */
962 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
966 * Join interface-local all-nodes address.
967 * (ff01::1%ifN, and ff01::%ifN/32)
969 mltaddr.sin6_addr = in6addr_nodelocal_allnodes;
970 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0)
971 goto cleanup; /* XXX: should not fail */
972 /* XXX: again, do we really need the route? */
973 rt = in6_rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL, RT_DEFAULT_FIB);
975 if (memcmp(&mltaddr.sin6_addr,
976 &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr,
983 error = in6_rtrequest(RTM_ADD, (struct sockaddr *)&mltaddr,
984 (struct sockaddr *)&ia->ia_addr,
985 (struct sockaddr *)&mltmask, RTF_UP,
986 (struct rtentry **)0, RT_DEFAULT_FIB);
992 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0);
994 nd6log((LOG_WARNING, "%s: addmulti failed for %s on %s "
995 "(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
996 &mltaddr.sin6_addr), if_name(ifp), error));
999 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
1007 * Update parameters of an IPv6 interface address.
1008 * If necessary, a new entry is created and linked into address chains.
1009 * This function is separated from in6_control().
1012 in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra,
1013 struct in6_ifaddr *ia, int flags)
1015 int error = 0, hostIsNew = 0, plen = -1;
1016 struct sockaddr_in6 dst6;
1017 struct in6_addrlifetime *lt;
1018 struct in6_multi *in6m_sol;
1020 char ip6buf[INET6_ADDRSTRLEN];
1022 /* Validate parameters */
1023 if (ifp == NULL || ifra == NULL) /* this maybe redundant */
1027 * The destination address for a p2p link must have a family
1028 * of AF_UNSPEC or AF_INET6.
1030 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 &&
1031 ifra->ifra_dstaddr.sin6_family != AF_INET6 &&
1032 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC)
1033 return (EAFNOSUPPORT);
1035 * validate ifra_prefixmask. don't check sin6_family, netmask
1036 * does not carry fields other than sin6_len.
1038 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6))
1041 * Because the IPv6 address architecture is classless, we require
1042 * users to specify a (non 0) prefix length (mask) for a new address.
1043 * We also require the prefix (when specified) mask is valid, and thus
1044 * reject a non-consecutive mask.
1046 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0)
1048 if (ifra->ifra_prefixmask.sin6_len != 0) {
1049 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
1050 (u_char *)&ifra->ifra_prefixmask +
1051 ifra->ifra_prefixmask.sin6_len);
1056 * In this case, ia must not be NULL. We just use its prefix
1059 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL);
1062 * If the destination address on a p2p interface is specified,
1063 * and the address is a scoped one, validate/set the scope
1066 dst6 = ifra->ifra_dstaddr;
1067 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 &&
1068 (dst6.sin6_family == AF_INET6)) {
1069 struct in6_addr in6_tmp;
1072 in6_tmp = dst6.sin6_addr;
1073 if (in6_setscope(&in6_tmp, ifp, &zoneid))
1074 return (EINVAL); /* XXX: should be impossible */
1076 if (dst6.sin6_scope_id != 0) {
1077 if (dst6.sin6_scope_id != zoneid)
1079 } else /* user omit to specify the ID. */
1080 dst6.sin6_scope_id = zoneid;
1082 /* convert into the internal form */
1083 if (sa6_embedscope(&dst6, 0))
1084 return (EINVAL); /* XXX: should be impossible */
1087 * The destination address can be specified only for a p2p or a
1088 * loopback interface. If specified, the corresponding prefix length
1091 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) {
1092 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) {
1093 /* XXX: noisy message */
1094 nd6log((LOG_INFO, "in6_update_ifa: a destination can "
1095 "be specified for a p2p or a loopback IF only\n"));
1099 nd6log((LOG_INFO, "in6_update_ifa: prefixlen should "
1100 "be 128 when dstaddr is specified\n"));
1104 /* lifetime consistency check */
1105 lt = &ifra->ifra_lifetime;
1106 if (lt->ia6t_pltime > lt->ia6t_vltime)
1108 if (lt->ia6t_vltime == 0) {
1110 * the following log might be noisy, but this is a typical
1111 * configuration mistake or a tool's bug.
1114 "in6_update_ifa: valid lifetime is 0 for %s\n",
1115 ip6_sprintf(ip6buf, &ifra->ifra_addr.sin6_addr)));
1118 return (0); /* there's nothing to do */
1122 * If this is a new address, allocate a new ifaddr and link it
1128 * When in6_update_ifa() is called in a process of a received
1129 * RA, it is called under an interrupt context. So, we should
1130 * call malloc with M_NOWAIT.
1132 ia = (struct in6_ifaddr *) malloc(sizeof(*ia), M_IFADDR,
1136 bzero((caddr_t)ia, sizeof(*ia));
1137 ifa_init(&ia->ia_ifa);
1138 LIST_INIT(&ia->ia6_memberships);
1139 /* Initialize the address and masks, and put time stamp */
1140 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr;
1141 ia->ia_addr.sin6_family = AF_INET6;
1142 ia->ia_addr.sin6_len = sizeof(ia->ia_addr);
1143 ia->ia6_createtime = time_second;
1144 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) {
1146 * XXX: some functions expect that ifa_dstaddr is not
1147 * NULL for p2p interfaces.
1149 ia->ia_ifa.ifa_dstaddr =
1150 (struct sockaddr *)&ia->ia_dstaddr;
1152 ia->ia_ifa.ifa_dstaddr = NULL;
1154 ia->ia_ifa.ifa_netmask = (struct sockaddr *)&ia->ia_prefixmask;
1156 ifa_ref(&ia->ia_ifa); /* if_addrhead */
1158 TAILQ_INSERT_TAIL(&ifp->if_addrhead, &ia->ia_ifa, ifa_link);
1159 IF_ADDR_WUNLOCK(ifp);
1161 ifa_ref(&ia->ia_ifa); /* in6_ifaddrhead */
1163 TAILQ_INSERT_TAIL(&V_in6_ifaddrhead, ia, ia_link);
1164 LIST_INSERT_HEAD(IN6ADDR_HASH(&ifra->ifra_addr.sin6_addr),
1166 IN6_IFADDR_WUNLOCK();
1169 /* update timestamp */
1170 ia->ia6_updatetime = time_second;
1172 /* set prefix mask */
1173 if (ifra->ifra_prefixmask.sin6_len) {
1175 * We prohibit changing the prefix length of an existing
1177 * + such an operation should be rare in IPv6, and
1178 * + the operation would confuse prefix management.
1180 if (ia->ia_prefixmask.sin6_len &&
1181 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) {
1182 nd6log((LOG_INFO, "in6_update_ifa: the prefix length of an"
1183 " existing (%s) address should not be changed\n",
1184 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
1188 ia->ia_prefixmask = ifra->ifra_prefixmask;
1189 ia->ia_prefixmask.sin6_family = AF_INET6;
1193 * If a new destination address is specified, scrub the old one and
1194 * install the new destination. Note that the interface must be
1195 * p2p or loopback (see the check above.)
1197 if (dst6.sin6_family == AF_INET6 &&
1198 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, &ia->ia_dstaddr.sin6_addr)) {
1201 if ((ia->ia_flags & IFA_ROUTE) != 0 &&
1202 (e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) != 0) {
1203 nd6log((LOG_ERR, "in6_update_ifa: failed to remove "
1204 "a route to the old destination: %s\n",
1205 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
1206 /* proceed anyway... */
1208 ia->ia_flags &= ~IFA_ROUTE;
1209 ia->ia_dstaddr = dst6;
1213 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred
1214 * to see if the address is deprecated or invalidated, but initialize
1215 * these members for applications.
1217 ia->ia6_lifetime = ifra->ifra_lifetime;
1218 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
1219 ia->ia6_lifetime.ia6t_expire =
1220 time_second + ia->ia6_lifetime.ia6t_vltime;
1222 ia->ia6_lifetime.ia6t_expire = 0;
1223 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
1224 ia->ia6_lifetime.ia6t_preferred =
1225 time_second + ia->ia6_lifetime.ia6t_pltime;
1227 ia->ia6_lifetime.ia6t_preferred = 0;
1229 /* reset the interface and routing table appropriately. */
1230 if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0)
1234 * configure address flags.
1236 ia->ia6_flags = ifra->ifra_flags;
1238 * backward compatibility - if IN6_IFF_DEPRECATED is set from the
1239 * userland, make it deprecated.
1241 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) {
1242 ia->ia6_lifetime.ia6t_pltime = 0;
1243 ia->ia6_lifetime.ia6t_preferred = time_second;
1246 * Make the address tentative before joining multicast addresses,
1247 * so that corresponding MLD responses would not have a tentative
1250 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */
1251 if (hostIsNew && in6if_do_dad(ifp))
1252 ia->ia6_flags |= IN6_IFF_TENTATIVE;
1254 /* DAD should be performed after ND6_IFF_IFDISABLED is cleared. */
1255 if (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED)
1256 ia->ia6_flags |= IN6_IFF_TENTATIVE;
1259 * We are done if we have simply modified an existing address.
1265 * Beyond this point, we should call in6_purgeaddr upon an error,
1266 * not just go to unlink.
1269 /* Join necessary multicast groups. */
1271 if ((ifp->if_flags & IFF_MULTICAST) != 0) {
1272 error = in6_update_ifa_join_mc(ifp, ifra, ia, flags, &in6m_sol);
1278 * Perform DAD, if needed.
1279 * XXX It may be of use, if we can administratively disable DAD.
1281 if (in6if_do_dad(ifp) && ((ifra->ifra_flags & IN6_IFF_NODAD) == 0) &&
1282 (ia->ia6_flags & IN6_IFF_TENTATIVE))
1284 int mindelay, maxdelay;
1287 if ((flags & IN6_IFAUPDATE_DADDELAY)) {
1289 * We need to impose a delay before sending an NS
1290 * for DAD. Check if we also needed a delay for the
1291 * corresponding MLD message. If we did, the delay
1292 * should be larger than the MLD delay (this could be
1293 * relaxed a bit, but this simple logic is at least
1295 * XXX: Break data hiding guidelines and look at
1296 * state for the solicited multicast group.
1299 if (in6m_sol != NULL &&
1300 in6m_sol->in6m_state == MLD_REPORTING_MEMBER) {
1301 mindelay = in6m_sol->in6m_timer;
1303 maxdelay = MAX_RTR_SOLICITATION_DELAY * hz;
1304 if (maxdelay - mindelay == 0)
1308 (arc4random() % (maxdelay - mindelay)) +
1312 nd6_dad_start((struct ifaddr *)ia, delay);
1315 KASSERT(hostIsNew, ("in6_update_ifa: !hostIsNew"));
1316 ifa_free(&ia->ia_ifa);
1321 * XXX: if a change of an existing address failed, keep the entry
1325 in6_unlink_ifa(ia, ifp);
1326 ifa_free(&ia->ia_ifa);
1331 KASSERT(hostIsNew, ("in6_update_ifa: cleanup: !hostIsNew"));
1332 ifa_free(&ia->ia_ifa);
1333 in6_purgeaddr(&ia->ia_ifa);
1338 * Leave multicast groups. Factored out from in6_purgeaddr().
1339 * This entire work should only be done once, for the default FIB.
1342 in6_purgeaddr_mc(struct ifnet *ifp, struct in6_ifaddr *ia, struct ifaddr *ifa0)
1344 struct sockaddr_in6 mltaddr, mltmask;
1345 struct in6_multi_mship *imm;
1347 struct sockaddr_in6 sin6;
1351 * Leave from multicast groups we have joined for the interface.
1353 while ((imm = LIST_FIRST(&ia->ia6_memberships)) != NULL) {
1354 LIST_REMOVE(imm, i6mm_chain);
1355 in6_leavegroup(imm);
1359 * Remove the link-local all-nodes address.
1361 bzero(&mltmask, sizeof(mltmask));
1362 mltmask.sin6_len = sizeof(struct sockaddr_in6);
1363 mltmask.sin6_family = AF_INET6;
1364 mltmask.sin6_addr = in6mask32;
1366 bzero(&mltaddr, sizeof(mltaddr));
1367 mltaddr.sin6_len = sizeof(struct sockaddr_in6);
1368 mltaddr.sin6_family = AF_INET6;
1369 mltaddr.sin6_addr = in6addr_linklocal_allnodes;
1371 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0)
1375 * As for the mltaddr above, proactively prepare the sin6 to avoid
1376 * rtentry un- and re-locking.
1379 bzero(&sin6, sizeof(sin6));
1380 sin6.sin6_len = sizeof(sin6);
1381 sin6.sin6_family = AF_INET6;
1382 memcpy(&sin6.sin6_addr, &satosin6(ifa0->ifa_addr)->sin6_addr,
1383 sizeof(sin6.sin6_addr));
1384 error = in6_setscope(&sin6.sin6_addr, ifa0->ifa_ifp, NULL);
1389 rt = in6_rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL, RT_DEFAULT_FIB);
1390 if (rt != NULL && rt->rt_gateway != NULL &&
1391 (memcmp(&satosin6(rt->rt_gateway)->sin6_addr,
1392 &ia->ia_addr.sin6_addr,
1393 sizeof(ia->ia_addr.sin6_addr)) == 0)) {
1395 * If no more IPv6 address exists on this interface then
1396 * remove the multicast address route.
1399 memcpy(&mltaddr.sin6_addr,
1400 &satosin6(rt_key(rt))->sin6_addr,
1401 sizeof(mltaddr.sin6_addr));
1403 error = in6_rtrequest(RTM_DELETE,
1404 (struct sockaddr *)&mltaddr,
1405 (struct sockaddr *)&ia->ia_addr,
1406 (struct sockaddr *)&mltmask, RTF_UP,
1407 (struct rtentry **)0, RT_DEFAULT_FIB);
1409 log(LOG_INFO, "%s: link-local all-nodes "
1410 "multicast address deletion error\n",
1414 * Replace the gateway of the route.
1416 memcpy(rt->rt_gateway, &sin6, sizeof(sin6));
1425 * Remove the node-local all-nodes address.
1427 mltaddr.sin6_addr = in6addr_nodelocal_allnodes;
1428 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0)
1431 rt = in6_rtalloc1((struct sockaddr *)&mltaddr, 0, 0UL, RT_DEFAULT_FIB);
1432 if (rt != NULL && rt->rt_gateway != NULL &&
1433 (memcmp(&satosin6(rt->rt_gateway)->sin6_addr,
1434 &ia->ia_addr.sin6_addr,
1435 sizeof(ia->ia_addr.sin6_addr)) == 0)) {
1437 * If no more IPv6 address exists on this interface then
1438 * remove the multicast address route.
1441 memcpy(&mltaddr.sin6_addr,
1442 &satosin6(rt_key(rt))->sin6_addr,
1443 sizeof(mltaddr.sin6_addr));
1446 error = in6_rtrequest(RTM_DELETE,
1447 (struct sockaddr *)&mltaddr,
1448 (struct sockaddr *)&ia->ia_addr,
1449 (struct sockaddr *)&mltmask, RTF_UP,
1450 (struct rtentry **)0, RT_DEFAULT_FIB);
1452 log(LOG_INFO, "%s: node-local all-nodes"
1453 "multicast address deletion error\n",
1457 * Replace the gateway of the route.
1459 memcpy(rt->rt_gateway, &sin6, sizeof(sin6));
1471 in6_purgeaddr(struct ifaddr *ifa)
1473 struct ifnet *ifp = ifa->ifa_ifp;
1474 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa;
1476 struct ifaddr *ifa0;
1479 (*carp_detach_p)(ifa);
1482 * find another IPv6 address as the gateway for the
1483 * link-local and node-local all-nodes multicast
1487 TAILQ_FOREACH(ifa0, &ifp->if_addrhead, ifa_link) {
1488 if ((ifa0->ifa_addr->sa_family != AF_INET6) ||
1489 memcmp(&satosin6(ifa0->ifa_addr)->sin6_addr,
1490 &ia->ia_addr.sin6_addr, sizeof(struct in6_addr)) == 0)
1497 IF_ADDR_RUNLOCK(ifp);
1500 * Remove the loopback route to the interface address.
1501 * The check for the current setting of "nd6_useloopback"
1504 if (ia->ia_flags & IFA_RTSELF) {
1505 error = ifa_del_loopback_route((struct ifaddr *)ia,
1506 (struct sockaddr *)&ia->ia_addr);
1508 ia->ia_flags &= ~IFA_RTSELF;
1511 /* stop DAD processing */
1514 /* Remove local address entry from lltable. */
1517 /* Leave multicast groups. */
1518 error = in6_purgeaddr_mc(ifp, ia, ifa0);
1523 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */
1524 if ((ia->ia_flags & IFA_ROUTE) && plen == 128) {
1525 error = rtinit(&(ia->ia_ifa), RTM_DELETE, ia->ia_flags |
1526 (ia->ia_dstaddr.sin6_family == AF_INET6) ? RTF_HOST : 0);
1528 log(LOG_INFO, "%s: err=%d, destination address delete "
1529 "failed\n", __func__, error);
1530 ia->ia_flags &= ~IFA_ROUTE;
1533 in6_unlink_ifa(ia, ifp);
1537 in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp)
1541 TAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifa_link);
1542 IF_ADDR_WUNLOCK(ifp);
1543 ifa_free(&ia->ia_ifa); /* if_addrhead */
1546 * Defer the release of what might be the last reference to the
1547 * in6_ifaddr so that it can't be freed before the remainder of the
1551 TAILQ_REMOVE(&V_in6_ifaddrhead, ia, ia_link);
1552 LIST_REMOVE(ia, ia6_hash);
1553 IN6_IFADDR_WUNLOCK();
1556 * Release the reference to the base prefix. There should be a
1557 * positive reference.
1559 if (ia->ia6_ndpr == NULL) {
1561 "in6_unlink_ifa: autoconf'ed address "
1562 "%p has no prefix\n", ia));
1564 ia->ia6_ndpr->ndpr_refcnt--;
1565 ia->ia6_ndpr = NULL;
1569 * Also, if the address being removed is autoconf'ed, call
1570 * pfxlist_onlink_check() since the release might affect the status of
1571 * other (detached) addresses.
1573 if ((ia->ia6_flags & IN6_IFF_AUTOCONF)) {
1574 pfxlist_onlink_check();
1576 ifa_free(&ia->ia_ifa); /* in6_ifaddrhead */
1580 in6_purgeif(struct ifnet *ifp)
1582 struct ifaddr *ifa, *nifa;
1584 TAILQ_FOREACH_SAFE(ifa, &ifp->if_addrhead, ifa_link, nifa) {
1585 if (ifa->ifa_addr->sa_family != AF_INET6)
1595 * SIOCGLIFADDR: get first address. (?)
1596 * SIOCGLIFADDR with IFLR_PREFIX:
1597 * get first address that matches the specified prefix.
1598 * SIOCALIFADDR: add the specified address.
1599 * SIOCALIFADDR with IFLR_PREFIX:
1600 * add the specified prefix, filling hostid part from
1601 * the first link-local address. prefixlen must be <= 64.
1602 * SIOCDLIFADDR: delete the specified address.
1603 * SIOCDLIFADDR with IFLR_PREFIX:
1604 * delete the first address that matches the specified prefix.
1606 * EINVAL on invalid parameters
1607 * EADDRNOTAVAIL on prefix match failed/specified address not found
1608 * other values may be returned from in6_ioctl()
1610 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64.
1611 * this is to accomodate address naming scheme other than RFC2374,
1613 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374
1614 * address encoding scheme. (see figure on page 8)
1617 in6_lifaddr_ioctl(struct socket *so, u_long cmd, caddr_t data,
1618 struct ifnet *ifp, struct thread *td)
1620 struct if_laddrreq *iflr = (struct if_laddrreq *)data;
1622 struct sockaddr *sa;
1625 if (!data || !ifp) {
1626 panic("invalid argument to in6_lifaddr_ioctl");
1632 /* address must be specified on GET with IFLR_PREFIX */
1633 if ((iflr->flags & IFLR_PREFIX) == 0)
1638 /* address must be specified on ADD and DELETE */
1639 sa = (struct sockaddr *)&iflr->addr;
1640 if (sa->sa_family != AF_INET6)
1642 if (sa->sa_len != sizeof(struct sockaddr_in6))
1644 /* XXX need improvement */
1645 sa = (struct sockaddr *)&iflr->dstaddr;
1646 if (sa->sa_family && sa->sa_family != AF_INET6)
1648 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6))
1651 default: /* shouldn't happen */
1653 panic("invalid cmd to in6_lifaddr_ioctl");
1659 if (sizeof(struct in6_addr) * 8 < iflr->prefixlen)
1665 struct in6_aliasreq ifra;
1666 struct in6_addr *hostid = NULL;
1670 if ((iflr->flags & IFLR_PREFIX) != 0) {
1671 struct sockaddr_in6 *sin6;
1674 * hostid is to fill in the hostid part of the
1675 * address. hostid points to the first link-local
1676 * address attached to the interface.
1678 ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 0);
1680 return EADDRNOTAVAIL;
1681 hostid = IFA_IN6(ifa);
1683 /* prefixlen must be <= 64. */
1684 if (64 < iflr->prefixlen) {
1689 prefixlen = iflr->prefixlen;
1691 /* hostid part must be zero. */
1692 sin6 = (struct sockaddr_in6 *)&iflr->addr;
1693 if (sin6->sin6_addr.s6_addr32[2] != 0 ||
1694 sin6->sin6_addr.s6_addr32[3] != 0) {
1700 prefixlen = iflr->prefixlen;
1702 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */
1703 bzero(&ifra, sizeof(ifra));
1704 bcopy(iflr->iflr_name, ifra.ifra_name, sizeof(ifra.ifra_name));
1706 bcopy(&iflr->addr, &ifra.ifra_addr,
1707 ((struct sockaddr *)&iflr->addr)->sa_len);
1709 /* fill in hostid part */
1710 ifra.ifra_addr.sin6_addr.s6_addr32[2] =
1711 hostid->s6_addr32[2];
1712 ifra.ifra_addr.sin6_addr.s6_addr32[3] =
1713 hostid->s6_addr32[3];
1716 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /* XXX */
1717 bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr,
1718 ((struct sockaddr *)&iflr->dstaddr)->sa_len);
1720 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] =
1721 hostid->s6_addr32[2];
1722 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] =
1723 hostid->s6_addr32[3];
1729 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6);
1730 in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen);
1732 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX;
1733 return in6_control(so, SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp, td);
1738 struct in6_ifaddr *ia;
1739 struct in6_addr mask, candidate, match;
1740 struct sockaddr_in6 *sin6;
1743 bzero(&mask, sizeof(mask));
1744 if (iflr->flags & IFLR_PREFIX) {
1745 /* lookup a prefix rather than address. */
1746 in6_prefixlen2mask(&mask, iflr->prefixlen);
1748 sin6 = (struct sockaddr_in6 *)&iflr->addr;
1749 bcopy(&sin6->sin6_addr, &match, sizeof(match));
1750 match.s6_addr32[0] &= mask.s6_addr32[0];
1751 match.s6_addr32[1] &= mask.s6_addr32[1];
1752 match.s6_addr32[2] &= mask.s6_addr32[2];
1753 match.s6_addr32[3] &= mask.s6_addr32[3];
1755 /* if you set extra bits, that's wrong */
1756 if (bcmp(&match, &sin6->sin6_addr, sizeof(match)))
1761 if (cmd == SIOCGLIFADDR) {
1762 /* on getting an address, take the 1st match */
1765 /* on deleting an address, do exact match */
1766 in6_prefixlen2mask(&mask, 128);
1767 sin6 = (struct sockaddr_in6 *)&iflr->addr;
1768 bcopy(&sin6->sin6_addr, &match, sizeof(match));
1775 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1776 if (ifa->ifa_addr->sa_family != AF_INET6)
1782 * XXX: this is adhoc, but is necessary to allow
1783 * a user to specify fe80::/64 (not /10) for a
1784 * link-local address.
1786 bcopy(IFA_IN6(ifa), &candidate, sizeof(candidate));
1787 in6_clearscope(&candidate);
1788 candidate.s6_addr32[0] &= mask.s6_addr32[0];
1789 candidate.s6_addr32[1] &= mask.s6_addr32[1];
1790 candidate.s6_addr32[2] &= mask.s6_addr32[2];
1791 candidate.s6_addr32[3] &= mask.s6_addr32[3];
1792 if (IN6_ARE_ADDR_EQUAL(&candidate, &match))
1797 IF_ADDR_RUNLOCK(ifp);
1799 return EADDRNOTAVAIL;
1802 if (cmd == SIOCGLIFADDR) {
1805 /* fill in the if_laddrreq structure */
1806 bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin6_len);
1807 error = sa6_recoverscope(
1808 (struct sockaddr_in6 *)&iflr->addr);
1814 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) {
1815 bcopy(&ia->ia_dstaddr, &iflr->dstaddr,
1816 ia->ia_dstaddr.sin6_len);
1817 error = sa6_recoverscope(
1818 (struct sockaddr_in6 *)&iflr->dstaddr);
1824 bzero(&iflr->dstaddr, sizeof(iflr->dstaddr));
1827 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL);
1829 iflr->flags = ia->ia6_flags; /* XXX */
1834 struct in6_aliasreq ifra;
1836 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */
1837 bzero(&ifra, sizeof(ifra));
1838 bcopy(iflr->iflr_name, ifra.ifra_name,
1839 sizeof(ifra.ifra_name));
1841 bcopy(&ia->ia_addr, &ifra.ifra_addr,
1842 ia->ia_addr.sin6_len);
1843 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) {
1844 bcopy(&ia->ia_dstaddr, &ifra.ifra_dstaddr,
1845 ia->ia_dstaddr.sin6_len);
1847 bzero(&ifra.ifra_dstaddr,
1848 sizeof(ifra.ifra_dstaddr));
1850 bcopy(&ia->ia_prefixmask, &ifra.ifra_dstaddr,
1851 ia->ia_prefixmask.sin6_len);
1853 ifra.ifra_flags = ia->ia6_flags;
1855 return in6_control(so, SIOCDIFADDR_IN6, (caddr_t)&ifra,
1861 return EOPNOTSUPP; /* just for safety */
1865 * Initialize an interface's IPv6 address and routing table entry.
1868 in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia,
1869 struct sockaddr_in6 *sin6, int newhost)
1871 int error = 0, plen, ifacount = 0;
1875 * Give the interface a chance to initialize
1876 * if this is its first address,
1877 * and to validate the address if necessary.
1880 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1881 if (ifa->ifa_addr->sa_family != AF_INET6)
1885 IF_ADDR_RUNLOCK(ifp);
1887 ia->ia_addr = *sin6;
1889 if (ifacount <= 1 && ifp->if_ioctl) {
1890 error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia);
1895 ia->ia_ifa.ifa_metric = ifp->if_metric;
1897 /* we could do in(6)_socktrim here, but just omit it at this moment. */
1901 * If a new destination address is specified for a point-to-point
1902 * interface, install a route to the destination as an interface
1904 * XXX: the logic below rejects assigning multiple addresses on a p2p
1905 * interface that share the same destination.
1907 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */
1908 if (!(ia->ia_flags & IFA_ROUTE) && plen == 128 &&
1909 ia->ia_dstaddr.sin6_family == AF_INET6) {
1910 int rtflags = RTF_UP | RTF_HOST;
1911 error = rtinit(&ia->ia_ifa, RTM_ADD, ia->ia_flags | rtflags);
1914 ia->ia_flags |= IFA_ROUTE;
1916 * Handle the case for ::1 .
1918 if (ifp->if_flags & IFF_LOOPBACK)
1919 ia->ia_flags |= IFA_RTSELF;
1923 * add a loopback route to self
1925 if (!(ia->ia_flags & IFA_RTSELF) && V_nd6_useloopback) {
1926 error = ifa_add_loopback_route((struct ifaddr *)ia,
1927 (struct sockaddr *)&ia->ia_addr);
1929 ia->ia_flags |= IFA_RTSELF;
1932 /* Add local address to lltable, if necessary (ex. on p2p link). */
1934 in6_ifaddloop(&(ia->ia_ifa));
1940 * Find an IPv6 interface link-local address specific to an interface.
1941 * ifaddr is returned referenced.
1944 in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags)
1949 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1950 if (ifa->ifa_addr->sa_family != AF_INET6)
1952 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) {
1953 if ((((struct in6_ifaddr *)ifa)->ia6_flags &
1960 IF_ADDR_RUNLOCK(ifp);
1962 return ((struct in6_ifaddr *)ifa);
1967 * find the internet address corresponding to a given interface and address.
1968 * ifaddr is returned referenced.
1971 in6ifa_ifpwithaddr(struct ifnet *ifp, struct in6_addr *addr)
1976 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1977 if (ifa->ifa_addr->sa_family != AF_INET6)
1979 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) {
1984 IF_ADDR_RUNLOCK(ifp);
1986 return ((struct in6_ifaddr *)ifa);
1990 * Find a link-local scoped address on ifp and return it if any.
1993 in6ifa_llaonifp(struct ifnet *ifp)
1995 struct sockaddr_in6 *sin6;
1998 if (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED)
2001 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2002 if (ifa->ifa_addr->sa_family != AF_INET6)
2004 sin6 = (struct sockaddr_in6 *)ifa->ifa_addr;
2005 if (IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr) ||
2006 IN6_IS_ADDR_MC_INTFACELOCAL(&sin6->sin6_addr) ||
2007 IN6_IS_ADDR_MC_NODELOCAL(&sin6->sin6_addr))
2010 if_addr_runlock(ifp);
2012 return ((struct in6_ifaddr *)ifa);
2016 * Convert IP6 address to printable (loggable) representation. Caller
2017 * has to make sure that ip6buf is at least INET6_ADDRSTRLEN long.
2019 static char digits[] = "0123456789abcdef";
2021 ip6_sprintf(char *ip6buf, const struct in6_addr *addr)
2023 int i, cnt = 0, maxcnt = 0, idx = 0, index = 0;
2025 const u_int16_t *a = (const u_int16_t *)addr;
2027 int dcolon = 0, zero = 0;
2031 for (i = 0; i < 8; i++) {
2032 if (*(a + i) == 0) {
2037 else if (maxcnt < cnt) {
2048 for (i = 0; i < 8; i++) {
2059 if (dcolon == 0 && *(a + 1) == 0 && i == index) {
2071 d = (const u_char *)a;
2072 /* Try to eliminate leading zeros in printout like in :0001. */
2074 *cp = digits[*d >> 4];
2079 *cp = digits[*d++ & 0xf];
2080 if (zero == 0 || (*cp != '0')) {
2084 *cp = digits[*d >> 4];
2085 if (zero == 0 || (*cp != '0')) {
2089 *cp++ = digits[*d & 0xf];
2098 in6_localaddr(struct in6_addr *in6)
2100 struct in6_ifaddr *ia;
2102 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6))
2106 TAILQ_FOREACH(ia, &V_in6_ifaddrhead, ia_link) {
2107 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr,
2108 &ia->ia_prefixmask.sin6_addr)) {
2109 IN6_IFADDR_RUNLOCK();
2113 IN6_IFADDR_RUNLOCK();
2119 * Return 1 if an internet address is for the local host and configured
2120 * on one of its interfaces.
2123 in6_localip(struct in6_addr *in6)
2125 struct in6_ifaddr *ia;
2128 LIST_FOREACH(ia, IN6ADDR_HASH(in6), ia6_hash) {
2129 if (IN6_ARE_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr)) {
2130 IN6_IFADDR_RUNLOCK();
2134 IN6_IFADDR_RUNLOCK();
2139 in6_is_addr_deprecated(struct sockaddr_in6 *sa6)
2141 struct in6_ifaddr *ia;
2144 LIST_FOREACH(ia, IN6ADDR_HASH(&sa6->sin6_addr), ia6_hash) {
2145 if (IN6_ARE_ADDR_EQUAL(IA6_IN6(ia), &sa6->sin6_addr)) {
2146 if (ia->ia6_flags & IN6_IFF_DEPRECATED) {
2147 IN6_IFADDR_RUNLOCK();
2148 return (1); /* true */
2153 IN6_IFADDR_RUNLOCK();
2155 return (0); /* false */
2159 * return length of part which dst and src are equal
2163 in6_matchlen(struct in6_addr *src, struct in6_addr *dst)
2166 u_char *s = (u_char *)src, *d = (u_char *)dst;
2167 u_char *lim = s + 16, r;
2170 if ((r = (*d++ ^ *s++)) != 0) {
2181 /* XXX: to be scope conscious */
2183 in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len)
2185 int bytelen, bitlen;
2188 if (0 > len || len > 128) {
2189 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n",
2197 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen))
2200 p1->s6_addr[bytelen] >> (8 - bitlen) !=
2201 p2->s6_addr[bytelen] >> (8 - bitlen))
2208 in6_prefixlen2mask(struct in6_addr *maskp, int len)
2210 u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff};
2211 int bytelen, bitlen, i;
2214 if (0 > len || len > 128) {
2215 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n",
2220 bzero(maskp, sizeof(*maskp));
2223 for (i = 0; i < bytelen; i++)
2224 maskp->s6_addr[i] = 0xff;
2226 maskp->s6_addr[bytelen] = maskarray[bitlen - 1];
2230 * return the best address out of the same scope. if no address was
2231 * found, return the first valid address from designated IF.
2234 in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst)
2236 int dst_scope = in6_addrscope(dst), blen = -1, tlen;
2238 struct in6_ifaddr *besta = 0;
2239 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */
2241 dep[0] = dep[1] = NULL;
2244 * We first look for addresses in the same scope.
2245 * If there is one, return it.
2246 * If two or more, return one which matches the dst longest.
2247 * If none, return one of global addresses assigned other ifs.
2250 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2251 if (ifa->ifa_addr->sa_family != AF_INET6)
2253 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
2254 continue; /* XXX: is there any case to allow anycast? */
2255 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
2256 continue; /* don't use this interface */
2257 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
2259 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
2260 if (V_ip6_use_deprecated)
2261 dep[0] = (struct in6_ifaddr *)ifa;
2265 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) {
2267 * call in6_matchlen() as few as possible
2271 blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst);
2272 tlen = in6_matchlen(IFA_IN6(ifa), dst);
2275 besta = (struct in6_ifaddr *)ifa;
2278 besta = (struct in6_ifaddr *)ifa;
2282 ifa_ref(&besta->ia_ifa);
2283 IF_ADDR_RUNLOCK(ifp);
2287 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2288 if (ifa->ifa_addr->sa_family != AF_INET6)
2290 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
2291 continue; /* XXX: is there any case to allow anycast? */
2292 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
2293 continue; /* don't use this interface */
2294 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
2296 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
2297 if (V_ip6_use_deprecated)
2298 dep[1] = (struct in6_ifaddr *)ifa;
2304 IF_ADDR_RUNLOCK(ifp);
2305 return (struct in6_ifaddr *)ifa;
2308 /* use the last-resort values, that are, deprecated addresses */
2310 ifa_ref((struct ifaddr *)dep[0]);
2311 IF_ADDR_RUNLOCK(ifp);
2315 ifa_ref((struct ifaddr *)dep[1]);
2316 IF_ADDR_RUNLOCK(ifp);
2320 IF_ADDR_RUNLOCK(ifp);
2325 * perform DAD when interface becomes IFF_UP.
2328 in6_if_up(struct ifnet *ifp)
2331 struct in6_ifaddr *ia;
2334 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2335 if (ifa->ifa_addr->sa_family != AF_INET6)
2337 ia = (struct in6_ifaddr *)ifa;
2338 if (ia->ia6_flags & IN6_IFF_TENTATIVE) {
2340 * The TENTATIVE flag was likely set by hand
2341 * beforehand, implicitly indicating the need for DAD.
2342 * We may be able to skip the random delay in this
2343 * case, but we impose delays just in case.
2346 arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz));
2349 IF_ADDR_RUNLOCK(ifp);
2352 * special cases, like 6to4, are handled in in6_ifattach
2354 in6_ifattach(ifp, NULL);
2358 in6if_do_dad(struct ifnet *ifp)
2360 if ((ifp->if_flags & IFF_LOOPBACK) != 0)
2363 if (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED)
2366 switch (ifp->if_type) {
2372 * These interfaces do not have the IFF_LOOPBACK flag,
2373 * but loop packets back. We do not have to do DAD on such
2374 * interfaces. We should even omit it, because loop-backed
2375 * NS would confuse the DAD procedure.
2380 * Our DAD routine requires the interface up and running.
2381 * However, some interfaces can be up before the RUNNING
2382 * status. Additionaly, users may try to assign addresses
2383 * before the interface becomes up (or running).
2384 * We simply skip DAD in such a case as a work around.
2385 * XXX: we should rather mark "tentative" on such addresses,
2386 * and do DAD after the interface becomes ready.
2388 if (!((ifp->if_flags & IFF_UP) &&
2389 (ifp->if_drv_flags & IFF_DRV_RUNNING)))
2397 * Calculate max IPv6 MTU through all the interfaces and store it
2403 unsigned long maxmtu = 0;
2406 IFNET_RLOCK_NOSLEEP();
2407 TAILQ_FOREACH(ifp, &V_ifnet, if_list) {
2408 /* this function can be called during ifnet initialization */
2409 if (!ifp->if_afdata[AF_INET6])
2411 if ((ifp->if_flags & IFF_LOOPBACK) == 0 &&
2412 IN6_LINKMTU(ifp) > maxmtu)
2413 maxmtu = IN6_LINKMTU(ifp);
2415 IFNET_RUNLOCK_NOSLEEP();
2416 if (maxmtu) /* update only when maxmtu is positive */
2417 V_in6_maxmtu = maxmtu;
2421 * Provide the length of interface identifiers to be used for the link attached
2422 * to the given interface. The length should be defined in "IPv6 over
2423 * xxx-link" document. Note that address architecture might also define
2424 * the length for a particular set of address prefixes, regardless of the
2425 * link type. As clarified in rfc2462bis, those two definitions should be
2426 * consistent, and those really are as of August 2004.
2429 in6_if2idlen(struct ifnet *ifp)
2431 switch (ifp->if_type) {
2432 case IFT_ETHER: /* RFC2464 */
2433 #ifdef IFT_PROPVIRTUAL
2434 case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */
2437 case IFT_L2VLAN: /* ditto */
2439 #ifdef IFT_IEEE80211
2440 case IFT_IEEE80211: /* ditto */
2443 case IFT_MIP: /* ditto */
2445 case IFT_INFINIBAND:
2447 case IFT_FDDI: /* RFC2467 */
2449 case IFT_ISO88025: /* RFC2470 (IPv6 over Token Ring) */
2451 case IFT_PPP: /* RFC2472 */
2453 case IFT_ARCNET: /* RFC2497 */
2455 case IFT_FRELAY: /* RFC2590 */
2457 case IFT_IEEE1394: /* RFC3146 */
2460 return (64); /* draft-ietf-v6ops-mech-v2-07 */
2462 return (64); /* XXX: is this really correct? */
2465 * Unknown link type:
2466 * It might be controversial to use the today's common constant
2467 * of 64 for these cases unconditionally. For full compliance,
2468 * we should return an error in this case. On the other hand,
2469 * if we simply miss the standard for the link type or a new
2470 * standard is defined for a new link type, the IFID length
2471 * is very likely to be the common constant. As a compromise,
2472 * we always use the constant, but make an explicit notice
2473 * indicating the "unknown" case.
2475 printf("in6_if2idlen: unknown link type (%d)\n", ifp->if_type);
2480 #include <sys/sysctl.h>
2482 struct in6_llentry {
2483 struct llentry base;
2484 struct sockaddr_in6 l3_addr6;
2488 * Deletes an address from the address table.
2489 * This function is called by the timer functions
2490 * such as arptimer() and nd6_llinfo_timer(), and
2491 * the caller does the locking.
2494 in6_lltable_free(struct lltable *llt, struct llentry *lle)
2497 LLE_LOCK_DESTROY(lle);
2498 free(lle, M_LLTABLE);
2501 static struct llentry *
2502 in6_lltable_new(const struct sockaddr *l3addr, u_int flags)
2504 struct in6_llentry *lle;
2506 lle = malloc(sizeof(struct in6_llentry), M_LLTABLE, M_NOWAIT | M_ZERO);
2507 if (lle == NULL) /* NB: caller generates msg */
2510 lle->l3_addr6 = *(const struct sockaddr_in6 *)l3addr;
2511 lle->base.lle_refcnt = 1;
2512 lle->base.lle_free = in6_lltable_free;
2513 LLE_LOCK_INIT(&lle->base);
2514 callout_init_rw(&lle->base.ln_timer_ch, &lle->base.lle_lock,
2515 CALLOUT_RETURNUNLOCKED);
2517 return (&lle->base);
2521 in6_lltable_prefix_free(struct lltable *llt, const struct sockaddr *prefix,
2522 const struct sockaddr *mask, u_int flags)
2524 const struct sockaddr_in6 *pfx = (const struct sockaddr_in6 *)prefix;
2525 const struct sockaddr_in6 *msk = (const struct sockaddr_in6 *)mask;
2526 struct llentry *lle, *next;
2530 * (flags & LLE_STATIC) means deleting all entries
2531 * including static ND6 entries.
2533 IF_AFDATA_WLOCK(llt->llt_ifp);
2534 for (i = 0; i < LLTBL_HASHTBL_SIZE; i++) {
2535 LIST_FOREACH_SAFE(lle, &llt->lle_head[i], lle_next, next) {
2536 if (IN6_ARE_MASKED_ADDR_EQUAL(
2537 &satosin6(L3_ADDR(lle))->sin6_addr,
2538 &pfx->sin6_addr, &msk->sin6_addr) &&
2539 ((flags & LLE_STATIC) ||
2540 !(lle->la_flags & LLE_STATIC))) {
2542 if (callout_stop(&lle->la_timer))
2548 IF_AFDATA_WUNLOCK(llt->llt_ifp);
2552 in6_lltable_rtcheck(struct ifnet *ifp,
2554 const struct sockaddr *l3addr)
2557 char ip6buf[INET6_ADDRSTRLEN];
2559 KASSERT(l3addr->sa_family == AF_INET6,
2560 ("sin_family %d", l3addr->sa_family));
2562 /* Our local addresses are always only installed on the default FIB. */
2563 /* XXX rtalloc1 should take a const param */
2564 rt = in6_rtalloc1(__DECONST(struct sockaddr *, l3addr), 0, 0,
2566 if (rt == NULL || (rt->rt_flags & RTF_GATEWAY) || rt->rt_ifp != ifp) {
2569 * Create an ND6 cache for an IPv6 neighbor
2570 * that is not covered by our own prefix.
2572 /* XXX ifaof_ifpforaddr should take a const param */
2573 ifa = ifaof_ifpforaddr(__DECONST(struct sockaddr *, l3addr), ifp);
2580 log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n",
2581 ip6_sprintf(ip6buf, &((const struct sockaddr_in6 *)l3addr)->sin6_addr));
2590 static struct llentry *
2591 in6_lltable_lookup(struct lltable *llt, u_int flags,
2592 const struct sockaddr *l3addr)
2594 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr;
2595 struct ifnet *ifp = llt->llt_ifp;
2596 struct llentry *lle;
2597 struct llentries *lleh;
2600 IF_AFDATA_LOCK_ASSERT(ifp);
2601 KASSERT(l3addr->sa_family == AF_INET6,
2602 ("sin_family %d", l3addr->sa_family));
2604 hashkey = sin6->sin6_addr.s6_addr32[3];
2605 lleh = &llt->lle_head[LLATBL_HASH(hashkey, LLTBL_HASHMASK)];
2606 LIST_FOREACH(lle, lleh, lle_next) {
2607 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)L3_ADDR(lle);
2608 if (lle->la_flags & LLE_DELETED)
2610 if (bcmp(&sa6->sin6_addr, &sin6->sin6_addr,
2611 sizeof(struct in6_addr)) == 0)
2616 if (!(flags & LLE_CREATE))
2619 * A route that covers the given address must have
2620 * been installed 1st because we are doing a resolution,
2623 if (!(flags & LLE_IFADDR) &&
2624 in6_lltable_rtcheck(ifp, flags, l3addr) != 0)
2627 lle = in6_lltable_new(l3addr, flags);
2629 log(LOG_INFO, "lla_lookup: new lle malloc failed\n");
2632 lle->la_flags = flags & ~LLE_CREATE;
2633 if ((flags & (LLE_CREATE | LLE_IFADDR)) == (LLE_CREATE | LLE_IFADDR)) {
2634 bcopy(IF_LLADDR(ifp), &lle->ll_addr, ifp->if_addrlen);
2635 lle->la_flags |= (LLE_VALID | LLE_STATIC);
2639 lle->lle_head = lleh;
2640 lle->la_flags |= LLE_LINKED;
2641 LIST_INSERT_HEAD(lleh, lle, lle_next);
2642 } else if (flags & LLE_DELETE) {
2643 if (!(lle->la_flags & LLE_IFADDR) || (flags & LLE_IFADDR)) {
2645 lle->la_flags |= LLE_DELETED;
2647 log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle);
2649 if ((lle->la_flags &
2650 (LLE_STATIC | LLE_IFADDR)) == LLE_STATIC)
2657 if (LLE_IS_VALID(lle)) {
2658 if (flags & LLE_EXCLUSIVE)
2667 in6_lltable_dump(struct lltable *llt, struct sysctl_req *wr)
2669 struct ifnet *ifp = llt->llt_ifp;
2670 struct llentry *lle;
2673 struct rt_msghdr rtm;
2674 struct sockaddr_in6 sin6;
2676 * ndp.c assumes that sdl is word aligned
2681 struct sockaddr_dl sdl;
2685 if (ifp->if_flags & IFF_LOOPBACK)
2688 LLTABLE_LOCK_ASSERT();
2691 for (i = 0; i < LLTBL_HASHTBL_SIZE; i++) {
2692 LIST_FOREACH(lle, &llt->lle_head[i], lle_next) {
2693 struct sockaddr_dl *sdl;
2695 /* skip deleted or invalid entries */
2696 if ((lle->la_flags & (LLE_DELETED|LLE_VALID)) != LLE_VALID)
2698 /* Skip if jailed and not a valid IP of the prison. */
2699 if (prison_if(wr->td->td_ucred, L3_ADDR(lle)) != 0)
2702 * produce a msg made of:
2704 * struct sockaddr_in6 (IPv6)
2705 * struct sockaddr_dl;
2707 bzero(&ndpc, sizeof(ndpc));
2708 ndpc.rtm.rtm_msglen = sizeof(ndpc);
2709 ndpc.rtm.rtm_version = RTM_VERSION;
2710 ndpc.rtm.rtm_type = RTM_GET;
2711 ndpc.rtm.rtm_flags = RTF_UP;
2712 ndpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY;
2713 ndpc.sin6.sin6_family = AF_INET6;
2714 ndpc.sin6.sin6_len = sizeof(ndpc.sin6);
2715 bcopy(L3_ADDR(lle), &ndpc.sin6, L3_ADDR_LEN(lle));
2716 if (V_deembed_scopeid)
2717 sa6_recoverscope(&ndpc.sin6);
2720 if (lle->la_flags & LLE_PUB)
2721 ndpc.rtm.rtm_flags |= RTF_ANNOUNCE;
2724 sdl->sdl_family = AF_LINK;
2725 sdl->sdl_len = sizeof(*sdl);
2726 sdl->sdl_alen = ifp->if_addrlen;
2727 sdl->sdl_index = ifp->if_index;
2728 sdl->sdl_type = ifp->if_type;
2729 bcopy(&lle->ll_addr, LLADDR(sdl), ifp->if_addrlen);
2730 ndpc.rtm.rtm_rmx.rmx_expire =
2731 lle->la_flags & LLE_STATIC ? 0 : lle->la_expire;
2732 ndpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA);
2733 if (lle->la_flags & LLE_STATIC)
2734 ndpc.rtm.rtm_flags |= RTF_STATIC;
2735 ndpc.rtm.rtm_index = ifp->if_index;
2736 error = SYSCTL_OUT(wr, &ndpc, sizeof(ndpc));
2745 in6_domifattach(struct ifnet *ifp)
2747 struct in6_ifextra *ext;
2749 ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK);
2750 bzero(ext, sizeof(*ext));
2752 ext->in6_ifstat = (struct in6_ifstat *)malloc(sizeof(struct in6_ifstat),
2753 M_IFADDR, M_WAITOK);
2754 bzero(ext->in6_ifstat, sizeof(*ext->in6_ifstat));
2757 (struct icmp6_ifstat *)malloc(sizeof(struct icmp6_ifstat),
2758 M_IFADDR, M_WAITOK);
2759 bzero(ext->icmp6_ifstat, sizeof(*ext->icmp6_ifstat));
2761 ext->nd_ifinfo = nd6_ifattach(ifp);
2762 ext->scope6_id = scope6_ifattach(ifp);
2763 ext->lltable = lltable_init(ifp, AF_INET6);
2764 if (ext->lltable != NULL) {
2765 ext->lltable->llt_prefix_free = in6_lltable_prefix_free;
2766 ext->lltable->llt_lookup = in6_lltable_lookup;
2767 ext->lltable->llt_dump = in6_lltable_dump;
2770 ext->mld_ifinfo = mld_domifattach(ifp);
2776 in6_domifdetach(struct ifnet *ifp, void *aux)
2778 struct in6_ifextra *ext = (struct in6_ifextra *)aux;
2780 mld_domifdetach(ifp);
2781 scope6_ifdetach(ext->scope6_id);
2782 nd6_ifdetach(ext->nd_ifinfo);
2783 lltable_free(ext->lltable);
2784 free(ext->in6_ifstat, M_IFADDR);
2785 free(ext->icmp6_ifstat, M_IFADDR);
2786 free(ext, M_IFADDR);
2790 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be
2791 * v4 mapped addr or v4 compat addr
2794 in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
2797 bzero(sin, sizeof(*sin));
2798 sin->sin_len = sizeof(struct sockaddr_in);
2799 sin->sin_family = AF_INET;
2800 sin->sin_port = sin6->sin6_port;
2801 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3];
2804 /* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */
2806 in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
2808 bzero(sin6, sizeof(*sin6));
2809 sin6->sin6_len = sizeof(struct sockaddr_in6);
2810 sin6->sin6_family = AF_INET6;
2811 sin6->sin6_port = sin->sin_port;
2812 sin6->sin6_addr.s6_addr32[0] = 0;
2813 sin6->sin6_addr.s6_addr32[1] = 0;
2814 sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP;
2815 sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr;
2818 /* Convert sockaddr_in6 into sockaddr_in. */
2820 in6_sin6_2_sin_in_sock(struct sockaddr *nam)
2822 struct sockaddr_in *sin_p;
2823 struct sockaddr_in6 sin6;
2826 * Save original sockaddr_in6 addr and convert it
2829 sin6 = *(struct sockaddr_in6 *)nam;
2830 sin_p = (struct sockaddr_in *)nam;
2831 in6_sin6_2_sin(sin_p, &sin6);
2834 /* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */
2836 in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam)
2838 struct sockaddr_in *sin_p;
2839 struct sockaddr_in6 *sin6_p;
2841 sin6_p = malloc(sizeof *sin6_p, M_SONAME, M_WAITOK);
2842 sin_p = (struct sockaddr_in *)*nam;
2843 in6_sin_2_v4mapsin6(sin_p, sin6_p);
2844 free(*nam, M_SONAME);
2845 *nam = (struct sockaddr *)sin6_p;
projects / FreeBSD / FreeBSD.git / blob