2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. Neither the name of the project nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * $KAME: ip6_output.c,v 1.279 2002/01/26 06:12:30 jinmei Exp $
33 * Copyright (c) 1982, 1986, 1988, 1990, 1993
34 * The Regents of the University of California. All rights reserved.
36 * Redistribution and use in source and binary forms, with or without
37 * modification, are permitted provided that the following conditions
39 * 1. Redistributions of source code must retain the above copyright
40 * notice, this list of conditions and the following disclaimer.
41 * 2. Redistributions in binary form must reproduce the above copyright
42 * notice, this list of conditions and the following disclaimer in the
43 * documentation and/or other materials provided with the distribution.
44 * 4. Neither the name of the University nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
60 * @(#)ip_output.c 8.3 (Berkeley) 1/21/94
63 #include <sys/cdefs.h>
64 __FBSDID("$FreeBSD$");
67 #include "opt_inet6.h"
69 #include "opt_ipsec.h"
71 #include "opt_route.h"
73 #include <sys/param.h>
74 #include <sys/kernel.h>
75 #include <sys/malloc.h>
77 #include <sys/errno.h>
80 #include <sys/protosw.h>
81 #include <sys/socket.h>
82 #include <sys/socketvar.h>
83 #include <sys/syslog.h>
84 #include <sys/ucred.h>
86 #include <machine/in_cksum.h>
89 #include <net/netisr.h>
90 #include <net/route.h>
94 #include <netinet/in.h>
95 #include <netinet/in_var.h>
96 #include <netinet/ip_var.h>
97 #include <netinet6/in6_var.h>
98 #include <netinet/ip6.h>
99 #include <netinet/icmp6.h>
100 #include <netinet6/ip6_var.h>
101 #include <netinet/in_pcb.h>
102 #include <netinet/tcp_var.h>
103 #include <netinet6/nd6.h>
106 #include <netipsec/ipsec.h>
107 #include <netipsec/ipsec6.h>
108 #include <netipsec/key.h>
109 #include <netinet6/ip6_ipsec.h>
112 #include <netinet/sctp.h>
113 #include <netinet/sctp_crc32.h>
116 #include <netinet6/ip6protosw.h>
117 #include <netinet6/scope6_var.h>
120 #include <net/flowtable.h>
123 extern int in6_mcast_loop;
126 struct mbuf *ip6e_ip6;
127 struct mbuf *ip6e_hbh;
128 struct mbuf *ip6e_dest1;
129 struct mbuf *ip6e_rthdr;
130 struct mbuf *ip6e_dest2;
133 static int ip6_pcbopt __P((int, u_char *, int, struct ip6_pktopts **,
134 struct ucred *, int));
135 static int ip6_pcbopts __P((struct ip6_pktopts **, struct mbuf *,
136 struct socket *, struct sockopt *));
137 static int ip6_getpcbopt(struct ip6_pktopts *, int, struct sockopt *);
138 static int ip6_setpktopt __P((int, u_char *, int, struct ip6_pktopts *,
139 struct ucred *, int, int, int));
141 static int ip6_copyexthdr(struct mbuf **, caddr_t, int);
142 static int ip6_insertfraghdr __P((struct mbuf *, struct mbuf *, int,
143 struct ip6_frag **));
144 static int ip6_insert_jumboopt(struct ip6_exthdrs *, u_int32_t);
145 static int ip6_splithdr(struct mbuf *, struct ip6_exthdrs *);
146 static int ip6_getpmtu __P((struct route_in6 *, struct route_in6 *,
147 struct ifnet *, struct in6_addr *, u_long *, int *, u_int));
148 static int copypktopts(struct ip6_pktopts *, struct ip6_pktopts *, int);
152 * Make an extension header from option data. hp is the source, and
153 * mp is the destination.
155 #define MAKE_EXTHDR(hp, mp) \
158 struct ip6_ext *eh = (struct ip6_ext *)(hp); \
159 error = ip6_copyexthdr((mp), (caddr_t)(hp), \
160 ((eh)->ip6e_len + 1) << 3); \
164 } while (/*CONSTCOND*/ 0)
167 * Form a chain of extension headers.
168 * m is the extension header mbuf
169 * mp is the previous mbuf in the chain
170 * p is the next header
171 * i is the type of option.
173 #define MAKE_CHAIN(m, mp, p, i)\
177 panic("assumption failed: hdr not split"); \
178 *mtod((m), u_char *) = *(p);\
180 p = mtod((m), u_char *);\
181 (m)->m_next = (mp)->m_next;\
185 } while (/*CONSTCOND*/ 0)
188 in6_delayed_cksum(struct mbuf *m, uint32_t plen, u_short offset)
192 csum = in_cksum_skip(m, offset + plen, offset);
193 if (m->m_pkthdr.csum_flags & CSUM_UDP_IPV6 && csum == 0)
195 offset += m->m_pkthdr.csum_data; /* checksum offset */
197 if (offset + sizeof(u_short) > m->m_len) {
198 printf("%s: delayed m_pullup, m->len: %d plen %u off %u "
199 "csum_flags=0x%04x\n", __func__, m->m_len, plen, offset,
200 m->m_pkthdr.csum_flags);
202 * XXX this should not happen, but if it does, the correct
203 * behavior may be to insert the checksum in the appropriate
204 * next mbuf in the chain.
208 *(u_short *)(m->m_data + offset) = csum;
212 * IP6 output. The packet in mbuf chain m contains a skeletal IP6
213 * header (with pri, len, nxt, hlim, src, dst).
214 * This function may modify ver and hlim only.
215 * The mbuf chain containing the packet will be freed.
216 * The mbuf opt, if present, will not be freed.
217 * If route_in6 ro is present and has ro_rt initialized, route lookup would be
218 * skipped and ro->ro_rt would be used. If ro is present but ro->ro_rt is NULL,
219 * then result of route lookup is stored in ro->ro_rt.
221 * type of "mtu": rt_rmx.rmx_mtu is u_long, ifnet.ifr_mtu is int, and
222 * nd_ifinfo.linkmtu is u_int32_t. so we use u_long to hold largest one,
223 * which is rt_rmx.rmx_mtu.
225 * ifpp - XXX: just for statistics
228 ip6_output(struct mbuf *m0, struct ip6_pktopts *opt,
229 struct route_in6 *ro, int flags, struct ip6_moptions *im6o,
230 struct ifnet **ifpp, struct inpcb *inp)
232 struct ip6_hdr *ip6, *mhip6;
233 struct ifnet *ifp, *origifp;
235 struct mbuf *mprev = NULL;
236 int hlen, tlen, len, off;
237 struct route_in6 ip6route;
238 struct rtentry *rt = NULL;
239 struct sockaddr_in6 *dst, src_sa, dst_sa;
240 struct in6_addr odst;
242 struct in6_ifaddr *ia = NULL;
244 int alwaysfrag, dontfrag;
245 u_int32_t optlen = 0, plen = 0, unfragpartlen = 0;
246 struct ip6_exthdrs exthdrs;
247 struct in6_addr finaldst, src0, dst0;
249 struct route_in6 *ro_pmtu = NULL;
254 struct ipsec_output_state state;
255 struct ip6_rthdr *rh = NULL;
256 int needipsectun = 0;
258 struct secpolicy *sp = NULL;
260 #ifdef IPFIREWALL_FORWARD
261 struct m_tag *fwd_tag;
264 ip6 = mtod(m, struct ip6_hdr *);
266 printf ("ip6 is NULL");
271 M_SETFIB(m, inp->inp_inc.inc_fibnum);
273 finaldst = ip6->ip6_dst;
274 bzero(&exthdrs, sizeof(exthdrs));
276 /* Hop-by-Hop options header */
277 MAKE_EXTHDR(opt->ip6po_hbh, &exthdrs.ip6e_hbh);
278 /* Destination options header(1st part) */
279 if (opt->ip6po_rthdr) {
281 * Destination options header(1st part)
282 * This only makes sense with a routing header.
283 * See Section 9.2 of RFC 3542.
284 * Disabling this part just for MIP6 convenience is
285 * a bad idea. We need to think carefully about a
286 * way to make the advanced API coexist with MIP6
287 * options, which might automatically be inserted in
290 MAKE_EXTHDR(opt->ip6po_dest1, &exthdrs.ip6e_dest1);
293 MAKE_EXTHDR(opt->ip6po_rthdr, &exthdrs.ip6e_rthdr);
294 /* Destination options header(2nd part) */
295 MAKE_EXTHDR(opt->ip6po_dest2, &exthdrs.ip6e_dest2);
300 * IPSec checking which handles several cases.
301 * FAST IPSEC: We re-injected the packet.
303 switch(ip6_ipsec_output(&m, inp, &flags, &error, &ifp, &sp))
305 case 1: /* Bad packet */
307 case -1: /* Do IPSec */
310 * Do delayed checksums now, as we may send before returning.
312 if (m->m_pkthdr.csum_flags & CSUM_DELAY_DATA_IPV6) {
313 plen = m->m_pkthdr.len - sizeof(*ip6);
314 in6_delayed_cksum(m, plen, sizeof(struct ip6_hdr));
315 m->m_pkthdr.csum_flags &= ~CSUM_DELAY_DATA_IPV6;
318 if (m->m_pkthdr.csum_flags & CSUM_SCTP_IPV6) {
319 sctp_delayed_cksum(m, sizeof(struct ip6_hdr));
320 m->m_pkthdr.csum_flags &= ~CSUM_SCTP_IPV6;
323 case 0: /* No IPSec */
330 * Calculate the total length of the extension header chain.
331 * Keep the length of the unfragmentable part for fragmentation.
334 if (exthdrs.ip6e_hbh)
335 optlen += exthdrs.ip6e_hbh->m_len;
336 if (exthdrs.ip6e_dest1)
337 optlen += exthdrs.ip6e_dest1->m_len;
338 if (exthdrs.ip6e_rthdr)
339 optlen += exthdrs.ip6e_rthdr->m_len;
340 unfragpartlen = optlen + sizeof(struct ip6_hdr);
342 /* NOTE: we don't add AH/ESP length here. do that later. */
343 if (exthdrs.ip6e_dest2)
344 optlen += exthdrs.ip6e_dest2->m_len;
347 * If we need IPsec, or there is at least one extension header,
348 * separate IP6 header from the payload.
350 if ((needipsec || optlen) && !hdrsplit) {
351 if ((error = ip6_splithdr(m, &exthdrs)) != 0) {
355 m = exthdrs.ip6e_ip6;
360 ip6 = mtod(m, struct ip6_hdr *);
362 /* adjust mbuf packet header length */
363 m->m_pkthdr.len += optlen;
364 plen = m->m_pkthdr.len - sizeof(*ip6);
366 /* If this is a jumbo payload, insert a jumbo payload option. */
367 if (plen > IPV6_MAXPACKET) {
369 if ((error = ip6_splithdr(m, &exthdrs)) != 0) {
373 m = exthdrs.ip6e_ip6;
377 ip6 = mtod(m, struct ip6_hdr *);
378 if ((error = ip6_insert_jumboopt(&exthdrs, plen)) != 0)
382 ip6->ip6_plen = htons(plen);
385 * Concatenate headers and fill in next header fields.
386 * Here we have, on "m"
388 * and we insert headers accordingly. Finally, we should be getting:
389 * IPv6 hbh dest1 rthdr ah* [esp* dest2 payload]
391 * during the header composing process, "m" points to IPv6 header.
392 * "mprev" points to an extension header prior to esp.
394 u_char *nexthdrp = &ip6->ip6_nxt;
398 * we treat dest2 specially. this makes IPsec processing
399 * much easier. the goal here is to make mprev point the
400 * mbuf prior to dest2.
402 * result: IPv6 dest2 payload
403 * m and mprev will point to IPv6 header.
405 if (exthdrs.ip6e_dest2) {
407 panic("assumption failed: hdr not split");
408 exthdrs.ip6e_dest2->m_next = m->m_next;
409 m->m_next = exthdrs.ip6e_dest2;
410 *mtod(exthdrs.ip6e_dest2, u_char *) = ip6->ip6_nxt;
411 ip6->ip6_nxt = IPPROTO_DSTOPTS;
415 * result: IPv6 hbh dest1 rthdr dest2 payload
416 * m will point to IPv6 header. mprev will point to the
417 * extension header prior to dest2 (rthdr in the above case).
419 MAKE_CHAIN(exthdrs.ip6e_hbh, mprev, nexthdrp, IPPROTO_HOPOPTS);
420 MAKE_CHAIN(exthdrs.ip6e_dest1, mprev, nexthdrp,
422 MAKE_CHAIN(exthdrs.ip6e_rthdr, mprev, nexthdrp,
430 * pointers after IPsec headers are not valid any more.
431 * other pointers need a great care too.
432 * (IPsec routines should not mangle mbufs prior to AH/ESP)
434 exthdrs.ip6e_dest2 = NULL;
436 if (exthdrs.ip6e_rthdr) {
437 rh = mtod(exthdrs.ip6e_rthdr, struct ip6_rthdr *);
438 segleft_org = rh->ip6r_segleft;
439 rh->ip6r_segleft = 0;
442 bzero(&state, sizeof(state));
444 error = ipsec6_output_trans(&state, nexthdrp, mprev, sp, flags,
447 if (error == EJUSTRETURN) {
449 * We had a SP with a level of 'use' and no SA. We
450 * will just continue to process the packet without
455 /* mbuf is already reclaimed in ipsec6_output_trans. */
465 printf("[%s:%d] (ipsec): error code %d\n",
466 __func__, __LINE__, error);
469 /* don't show these error codes to the user */
474 } else if (!needipsectun) {
476 * In the FAST IPSec case we have already
477 * re-injected the packet and it has been freed
478 * by the ipsec_done() function. So, just clean
479 * up after ourselves.
484 if (exthdrs.ip6e_rthdr) {
485 /* ah6_output doesn't modify mbuf chain */
486 rh->ip6r_segleft = segleft_org;
492 * If there is a routing header, discard the packet.
494 if (exthdrs.ip6e_rthdr) {
499 /* Source address validation */
500 if (IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_src) &&
501 (flags & IPV6_UNSPECSRC) == 0) {
503 V_ip6stat.ip6s_badscope++;
506 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_src)) {
508 V_ip6stat.ip6s_badscope++;
512 V_ip6stat.ip6s_localout++;
519 bzero((caddr_t)ro, sizeof(*ro));
522 if (opt && opt->ip6po_rthdr)
523 ro = &opt->ip6po_route;
524 dst = (struct sockaddr_in6 *)&ro->ro_dst;
526 if (ro->ro_rt == NULL) {
530 * The flow table returns route entries valid for up to 30
531 * seconds; we rely on the remainder of ip_output() taking no
532 * longer than that long for the stability of ro_rt. The
533 * flow ID assignment must have happened before this point.
535 fle = flowtable_lookup_mbuf(V_ip6_ft, m, AF_INET6);
537 flow_to_route_in6(fle, ro);
542 * if specified, try to fill in the traffic class field.
543 * do not override if a non-zero value is already set.
544 * we check the diffserv field and the ecn field separately.
546 if (opt && opt->ip6po_tclass >= 0) {
549 if ((ip6->ip6_flow & htonl(0xfc << 20)) == 0)
551 if ((ip6->ip6_flow & htonl(0x03 << 20)) == 0)
554 ip6->ip6_flow |= htonl((opt->ip6po_tclass & mask) << 20);
557 /* fill in or override the hop limit field, if necessary. */
558 if (opt && opt->ip6po_hlim != -1)
559 ip6->ip6_hlim = opt->ip6po_hlim & 0xff;
560 else if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
562 ip6->ip6_hlim = im6o->im6o_multicast_hlim;
564 ip6->ip6_hlim = V_ip6_defmcasthlim;
569 * We may re-inject packets into the stack here.
571 if (needipsec && needipsectun) {
572 struct ipsec_output_state state;
575 * All the extension headers will become inaccessible
576 * (since they can be encrypted).
577 * Don't panic, we need no more updates to extension headers
578 * on inner IPv6 packet (since they are now encapsulated).
580 * IPv6 [ESP|AH] IPv6 [extension headers] payload
582 bzero(&exthdrs, sizeof(exthdrs));
583 exthdrs.ip6e_ip6 = m;
585 bzero(&state, sizeof(state));
587 state.ro = (struct route *)ro;
588 state.dst = (struct sockaddr *)dst;
590 error = ipsec6_output_tunnel(&state, sp, flags);
593 ro = (struct route_in6 *)state.ro;
594 dst = (struct sockaddr_in6 *)state.dst;
595 if (error == EJUSTRETURN) {
597 * We had a SP with a level of 'use' and no SA. We
598 * will just continue to process the packet without
603 /* mbuf is already reclaimed in ipsec6_output_tunnel. */
614 printf("[%s:%d] (ipsec): error code %d\n",
615 __func__, __LINE__, error);
618 /* don't show these error codes to the user */
625 * In the FAST IPSec case we have already
626 * re-injected the packet and it has been freed
627 * by the ipsec_done() function. So, just clean
628 * up after ourselves.
634 exthdrs.ip6e_ip6 = m;
639 ip6 = mtod(m, struct ip6_hdr *);
641 bzero(&dst_sa, sizeof(dst_sa));
642 dst_sa.sin6_family = AF_INET6;
643 dst_sa.sin6_len = sizeof(dst_sa);
644 dst_sa.sin6_addr = ip6->ip6_dst;
647 ifp = ro->ro_rt->rt_ifp;
648 } else if ((error = in6_selectroute_fib(&dst_sa, opt, im6o, ro,
649 &ifp, &rt, inp ? inp->inp_inc.inc_fibnum : M_GETFIB(m))) != 0) {
652 V_ip6stat.ip6s_noroute++;
656 break; /* XXX statistics? */
659 in6_ifstat_inc(ifp, ifs6_out_discard);
664 * If in6_selectroute() does not return a route entry,
665 * dst may not have been updated.
667 *dst = dst_sa; /* XXX */
671 * then rt (for unicast) and ifp must be non-NULL valid values.
673 if ((flags & IPV6_FORWARDING) == 0) {
674 /* XXX: the FORWARDING flag can be set for mrouting. */
675 in6_ifstat_inc(ifp, ifs6_out_request);
678 ia = (struct in6_ifaddr *)(rt->rt_ifa);
684 * The outgoing interface must be in the zone of source and
685 * destination addresses.
690 if (in6_setscope(&src0, origifp, &zone))
692 bzero(&src_sa, sizeof(src_sa));
693 src_sa.sin6_family = AF_INET6;
694 src_sa.sin6_len = sizeof(src_sa);
695 src_sa.sin6_addr = ip6->ip6_src;
696 if (sa6_recoverscope(&src_sa) || zone != src_sa.sin6_scope_id)
700 if (in6_setscope(&dst0, origifp, &zone))
702 /* re-initialize to be sure */
703 bzero(&dst_sa, sizeof(dst_sa));
704 dst_sa.sin6_family = AF_INET6;
705 dst_sa.sin6_len = sizeof(dst_sa);
706 dst_sa.sin6_addr = ip6->ip6_dst;
707 if (sa6_recoverscope(&dst_sa) || zone != dst_sa.sin6_scope_id) {
711 /* We should use ia_ifp to support the case of
712 * sending packets to an address of our own.
714 if (ia != NULL && ia->ia_ifp)
717 /* scope check is done. */
721 V_ip6stat.ip6s_badscope++;
722 in6_ifstat_inc(origifp, ifs6_out_discard);
724 error = EHOSTUNREACH; /* XXX */
728 if (rt && !IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
729 if (opt && opt->ip6po_nextroute.ro_rt) {
731 * The nexthop is explicitly specified by the
732 * application. We assume the next hop is an IPv6
735 dst = (struct sockaddr_in6 *)opt->ip6po_nexthop;
737 else if ((rt->rt_flags & RTF_GATEWAY))
738 dst = (struct sockaddr_in6 *)rt->rt_gateway;
741 if (!IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
742 m->m_flags &= ~(M_BCAST | M_MCAST); /* just in case */
744 m->m_flags = (m->m_flags & ~M_BCAST) | M_MCAST;
745 in6_ifstat_inc(ifp, ifs6_out_mcast);
747 * Confirm that the outgoing interface supports multicast.
749 if (!(ifp->if_flags & IFF_MULTICAST)) {
750 V_ip6stat.ip6s_noroute++;
751 in6_ifstat_inc(ifp, ifs6_out_discard);
755 if ((im6o == NULL && in6_mcast_loop) ||
756 (im6o && im6o->im6o_multicast_loop)) {
758 * Loop back multicast datagram if not expressly
759 * forbidden to do so, even if we have not joined
760 * the address; protocols will filter it later,
761 * thus deferring a hash lookup and lock acquisition
762 * at the expense of an m_copym().
764 ip6_mloopback(ifp, m, dst);
767 * If we are acting as a multicast router, perform
768 * multicast forwarding as if the packet had just
769 * arrived on the interface to which we are about
770 * to send. The multicast forwarding function
771 * recursively calls this function, using the
772 * IPV6_FORWARDING flag to prevent infinite recursion.
774 * Multicasts that are looped back by ip6_mloopback(),
775 * above, will be forwarded by the ip6_input() routine,
778 if (V_ip6_mrouter && (flags & IPV6_FORWARDING) == 0) {
780 * XXX: ip6_mforward expects that rcvif is NULL
781 * when it is called from the originating path.
782 * However, it is not always the case, since
783 * some versions of MGETHDR() does not
784 * initialize the field.
786 m->m_pkthdr.rcvif = NULL;
787 if (ip6_mforward(ip6, ifp, m) != 0) {
794 * Multicasts with a hoplimit of zero may be looped back,
795 * above, but must not be transmitted on a network.
796 * Also, multicasts addressed to the loopback interface
797 * are not sent -- the above call to ip6_mloopback() will
798 * loop back a copy if this host actually belongs to the
799 * destination group on the loopback interface.
801 if (ip6->ip6_hlim == 0 || (ifp->if_flags & IFF_LOOPBACK) ||
802 IN6_IS_ADDR_MC_INTFACELOCAL(&ip6->ip6_dst)) {
809 * Fill the outgoing inteface to tell the upper layer
810 * to increment per-interface statistics.
815 /* Determine path MTU. */
816 if ((error = ip6_getpmtu(ro_pmtu, ro, ifp, &finaldst, &mtu,
817 &alwaysfrag, inp ? inp->inp_inc.inc_fibnum : M_GETFIB(m))) != 0)
821 * The caller of this function may specify to use the minimum MTU
823 * An advanced API option (IPV6_USE_MIN_MTU) can also override MTU
824 * setting. The logic is a bit complicated; by default, unicast
825 * packets will follow path MTU while multicast packets will be sent at
826 * the minimum MTU. If IP6PO_MINMTU_ALL is specified, all packets
827 * including unicast ones will be sent at the minimum MTU. Multicast
828 * packets will always be sent at the minimum MTU unless
829 * IP6PO_MINMTU_DISABLE is explicitly specified.
830 * See RFC 3542 for more details.
832 if (mtu > IPV6_MMTU) {
833 if ((flags & IPV6_MINMTU))
835 else if (opt && opt->ip6po_minmtu == IP6PO_MINMTU_ALL)
837 else if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) &&
839 opt->ip6po_minmtu != IP6PO_MINMTU_DISABLE)) {
845 * clear embedded scope identifiers if necessary.
846 * in6_clearscope will touch the addresses only when necessary.
848 in6_clearscope(&ip6->ip6_src);
849 in6_clearscope(&ip6->ip6_dst);
852 * If the outgoing packet contains a hop-by-hop options header,
853 * it must be examined and processed even by the source node.
854 * (RFC 2460, section 4.)
856 if (exthdrs.ip6e_hbh) {
857 struct ip6_hbh *hbh = mtod(exthdrs.ip6e_hbh, struct ip6_hbh *);
858 u_int32_t dummy; /* XXX unused */
859 u_int32_t plen = 0; /* XXX: ip6_process will check the value */
862 if ((hbh->ip6h_len + 1) << 3 > exthdrs.ip6e_hbh->m_len)
863 panic("ip6e_hbh is not contiguous");
866 * XXX: if we have to send an ICMPv6 error to the sender,
867 * we need the M_LOOP flag since icmp6_error() expects
868 * the IPv6 and the hop-by-hop options header are
869 * contiguous unless the flag is set.
871 m->m_flags |= M_LOOP;
872 m->m_pkthdr.rcvif = ifp;
873 if (ip6_process_hopopts(m, (u_int8_t *)(hbh + 1),
874 ((hbh->ip6h_len + 1) << 3) - sizeof(struct ip6_hbh),
875 &dummy, &plen) < 0) {
876 /* m was already freed at this point */
877 error = EINVAL;/* better error? */
880 m->m_flags &= ~M_LOOP; /* XXX */
881 m->m_pkthdr.rcvif = NULL;
884 /* Jump over all PFIL processing if hooks are not active. */
885 if (!PFIL_HOOKED(&V_inet6_pfil_hook))
889 /* Run through list of hooks for output packets. */
890 error = pfil_run_hooks(&V_inet6_pfil_hook, &m, ifp, PFIL_OUT, inp);
891 if (error != 0 || m == NULL)
893 ip6 = mtod(m, struct ip6_hdr *);
895 /* See if destination IP address was changed by packet filter. */
896 if (!IN6_ARE_ADDR_EQUAL(&odst, &ip6->ip6_dst)) {
897 m->m_flags |= M_SKIP_FIREWALL;
898 /* If destination is now ourself drop to ip6_input(). */
899 if (in6_localip(&ip6->ip6_dst)) {
900 m->m_flags |= M_FASTFWD_OURS;
901 if (m->m_pkthdr.rcvif == NULL)
902 m->m_pkthdr.rcvif = V_loif;
903 if (m->m_pkthdr.csum_flags & CSUM_DELAY_DATA_IPV6) {
904 m->m_pkthdr.csum_flags |=
905 CSUM_DATA_VALID_IPV6 | CSUM_PSEUDO_HDR;
906 m->m_pkthdr.csum_data = 0xffff;
909 if (m->m_pkthdr.csum_flags & CSUM_SCTP_IPV6)
910 m->m_pkthdr.csum_flags |= CSUM_SCTP_VALID;
912 error = netisr_queue(NETISR_IPV6, m);
915 goto again; /* Redo the routing table lookup. */
918 #ifdef IPFIREWALL_FORWARD
919 /* See if local, if yes, send it to netisr. */
920 if (m->m_flags & M_FASTFWD_OURS) {
921 if (m->m_pkthdr.rcvif == NULL)
922 m->m_pkthdr.rcvif = V_loif;
923 if (m->m_pkthdr.csum_flags & CSUM_DELAY_DATA_IPV6) {
924 m->m_pkthdr.csum_flags |=
925 CSUM_DATA_VALID_IPV6 | CSUM_PSEUDO_HDR;
926 m->m_pkthdr.csum_data = 0xffff;
929 if (m->m_pkthdr.csum_flags & CSUM_SCTP_IPV6)
930 m->m_pkthdr.csum_flags |= CSUM_SCTP_VALID;
932 error = netisr_queue(NETISR_IPV6, m);
935 /* Or forward to some other address? */
936 fwd_tag = m_tag_find(m, PACKET_TAG_IPFORWARD, NULL);
938 dst = (struct sockaddr_in6 *)&ro->ro_dst;
939 bcopy((fwd_tag+1), dst, sizeof(struct sockaddr_in6));
940 m->m_flags |= M_SKIP_FIREWALL;
941 m_tag_delete(m, fwd_tag);
944 #endif /* IPFIREWALL_FORWARD */
948 * Send the packet to the outgoing interface.
949 * If necessary, do IPv6 fragmentation before sending.
951 * the logic here is rather complex:
952 * 1: normal case (dontfrag == 0, alwaysfrag == 0)
953 * 1-a: send as is if tlen <= path mtu
954 * 1-b: fragment if tlen > path mtu
956 * 2: if user asks us not to fragment (dontfrag == 1)
957 * 2-a: send as is if tlen <= interface mtu
958 * 2-b: error if tlen > interface mtu
960 * 3: if we always need to attach fragment header (alwaysfrag == 1)
963 * 4: if dontfrag == 1 && alwaysfrag == 1
964 * error, as we cannot handle this conflicting request
966 sw_csum = m->m_pkthdr.csum_flags;
968 tso = ((sw_csum & ifp->if_hwassist & CSUM_TSO) != 0) ? 1 : 0;
969 sw_csum &= ~ifp->if_hwassist;
973 * If we added extension headers, we will not do TSO and calculate the
974 * checksums ourselves for now.
975 * XXX-BZ Need a framework to know when the NIC can handle it, even
978 if (sw_csum & CSUM_DELAY_DATA_IPV6) {
979 sw_csum &= ~CSUM_DELAY_DATA_IPV6;
980 in6_delayed_cksum(m, plen, sizeof(struct ip6_hdr));
983 if (sw_csum & CSUM_SCTP_IPV6) {
984 sw_csum &= ~CSUM_SCTP_IPV6;
985 sctp_delayed_cksum(m, sizeof(struct ip6_hdr));
988 m->m_pkthdr.csum_flags &= ifp->if_hwassist;
989 tlen = m->m_pkthdr.len;
991 if ((opt && (opt->ip6po_flags & IP6PO_DONTFRAG)) || tso)
995 if (dontfrag && alwaysfrag) { /* case 4 */
996 /* conflicting request - can't transmit */
1000 if (dontfrag && tlen > IN6_LINKMTU(ifp) && !tso) { /* case 2-b */
1002 * Even if the DONTFRAG option is specified, we cannot send the
1003 * packet when the data length is larger than the MTU of the
1004 * outgoing interface.
1005 * Notify the error by sending IPV6_PATHMTU ancillary data as
1006 * well as returning an error code (the latter is not described
1010 struct ip6ctlparam ip6cp;
1012 mtu32 = (u_int32_t)mtu;
1013 bzero(&ip6cp, sizeof(ip6cp));
1014 ip6cp.ip6c_cmdarg = (void *)&mtu32;
1015 pfctlinput2(PRC_MSGSIZE, (struct sockaddr *)&ro_pmtu->ro_dst,
1023 * transmit packet without fragmentation
1025 if (dontfrag || (!alwaysfrag && tlen <= mtu)) { /* case 1-a and 2-a */
1026 struct in6_ifaddr *ia6;
1028 ip6 = mtod(m, struct ip6_hdr *);
1029 ia6 = in6_ifawithifp(ifp, &ip6->ip6_src);
1031 /* Record statistics for this interface address. */
1032 ia6->ia_ifa.if_opackets++;
1033 ia6->ia_ifa.if_obytes += m->m_pkthdr.len;
1034 ifa_free(&ia6->ia_ifa);
1036 error = nd6_output(ifp, origifp, m, dst, ro->ro_rt);
1041 * try to fragment the packet. case 1-b and 3
1043 if (mtu < IPV6_MMTU) {
1044 /* path MTU cannot be less than IPV6_MMTU */
1046 in6_ifstat_inc(ifp, ifs6_out_fragfail);
1048 } else if (ip6->ip6_plen == 0) {
1049 /* jumbo payload cannot be fragmented */
1051 in6_ifstat_inc(ifp, ifs6_out_fragfail);
1054 struct mbuf **mnext, *m_frgpart;
1055 struct ip6_frag *ip6f;
1056 u_int32_t id = htonl(ip6_randomid());
1059 int qslots = ifp->if_snd.ifq_maxlen - ifp->if_snd.ifq_len;
1062 * Too large for the destination or interface;
1063 * fragment if possible.
1064 * Must be able to put at least 8 bytes per fragment.
1066 hlen = unfragpartlen;
1067 if (mtu > IPV6_MAXPACKET)
1068 mtu = IPV6_MAXPACKET;
1070 len = (mtu - hlen - sizeof(struct ip6_frag)) & ~7;
1073 in6_ifstat_inc(ifp, ifs6_out_fragfail);
1078 * Verify that we have any chance at all of being able to queue
1079 * the packet or packet fragments
1081 if (qslots <= 0 || ((u_int)qslots * (mtu - hlen)
1082 < tlen /* - hlen */)) {
1084 V_ip6stat.ip6s_odropped++;
1090 * If the interface will not calculate checksums on
1091 * fragmented packets, then do it here.
1092 * XXX-BZ handle the hw offloading case. Need flags.
1094 if (m->m_pkthdr.csum_flags & CSUM_DELAY_DATA_IPV6) {
1095 in6_delayed_cksum(m, plen, hlen);
1096 m->m_pkthdr.csum_flags &= ~CSUM_DELAY_DATA_IPV6;
1099 if (m->m_pkthdr.csum_flags & CSUM_SCTP_IPV6) {
1100 sctp_delayed_cksum(m, hlen);
1101 m->m_pkthdr.csum_flags &= ~CSUM_SCTP_IPV6;
1104 mnext = &m->m_nextpkt;
1107 * Change the next header field of the last header in the
1108 * unfragmentable part.
1110 if (exthdrs.ip6e_rthdr) {
1111 nextproto = *mtod(exthdrs.ip6e_rthdr, u_char *);
1112 *mtod(exthdrs.ip6e_rthdr, u_char *) = IPPROTO_FRAGMENT;
1113 } else if (exthdrs.ip6e_dest1) {
1114 nextproto = *mtod(exthdrs.ip6e_dest1, u_char *);
1115 *mtod(exthdrs.ip6e_dest1, u_char *) = IPPROTO_FRAGMENT;
1116 } else if (exthdrs.ip6e_hbh) {
1117 nextproto = *mtod(exthdrs.ip6e_hbh, u_char *);
1118 *mtod(exthdrs.ip6e_hbh, u_char *) = IPPROTO_FRAGMENT;
1120 nextproto = ip6->ip6_nxt;
1121 ip6->ip6_nxt = IPPROTO_FRAGMENT;
1125 * Loop through length of segment after first fragment,
1126 * make new header and copy data of each part and link onto
1130 for (off = hlen; off < tlen; off += len) {
1131 MGETHDR(m, M_DONTWAIT, MT_HEADER);
1134 V_ip6stat.ip6s_odropped++;
1137 m->m_pkthdr.rcvif = NULL;
1138 m->m_flags = m0->m_flags & M_COPYFLAGS; /* incl. FIB */
1140 mnext = &m->m_nextpkt;
1141 m->m_data += max_linkhdr;
1142 mhip6 = mtod(m, struct ip6_hdr *);
1144 m->m_len = sizeof(*mhip6);
1145 error = ip6_insertfraghdr(m0, m, hlen, &ip6f);
1147 V_ip6stat.ip6s_odropped++;
1150 ip6f->ip6f_offlg = htons((u_short)((off - hlen) & ~7));
1151 if (off + len >= tlen)
1154 ip6f->ip6f_offlg |= IP6F_MORE_FRAG;
1155 mhip6->ip6_plen = htons((u_short)(len + hlen +
1156 sizeof(*ip6f) - sizeof(struct ip6_hdr)));
1157 if ((m_frgpart = m_copy(m0, off, len)) == 0) {
1159 V_ip6stat.ip6s_odropped++;
1162 m_cat(m, m_frgpart);
1163 m->m_pkthdr.len = len + hlen + sizeof(*ip6f);
1164 m->m_pkthdr.rcvif = NULL;
1165 ip6f->ip6f_reserved = 0;
1166 ip6f->ip6f_ident = id;
1167 ip6f->ip6f_nxt = nextproto;
1168 V_ip6stat.ip6s_ofragments++;
1169 in6_ifstat_inc(ifp, ifs6_out_fragcreat);
1172 in6_ifstat_inc(ifp, ifs6_out_fragok);
1176 * Remove leading garbages.
1182 for (m0 = m; m; m = m0) {
1186 /* Record statistics for this interface address. */
1188 ia->ia_ifa.if_opackets++;
1189 ia->ia_ifa.if_obytes += m->m_pkthdr.len;
1191 error = nd6_output(ifp, origifp, m, dst, ro->ro_rt);
1197 V_ip6stat.ip6s_fragmented++;
1200 if (ro == &ip6route)
1202 if (ro_pmtu == &ip6route)
1212 m_freem(exthdrs.ip6e_hbh); /* m_freem will check if mbuf is 0 */
1213 m_freem(exthdrs.ip6e_dest1);
1214 m_freem(exthdrs.ip6e_rthdr);
1215 m_freem(exthdrs.ip6e_dest2);
1224 ip6_copyexthdr(struct mbuf **mp, caddr_t hdr, int hlen)
1228 if (hlen > MCLBYTES)
1229 return (ENOBUFS); /* XXX */
1231 MGET(m, M_DONTWAIT, MT_DATA);
1236 MCLGET(m, M_DONTWAIT);
1237 if ((m->m_flags & M_EXT) == 0) {
1244 bcopy(hdr, mtod(m, caddr_t), hlen);
1251 * Insert jumbo payload option.
1254 ip6_insert_jumboopt(struct ip6_exthdrs *exthdrs, u_int32_t plen)
1260 #define JUMBOOPTLEN 8 /* length of jumbo payload option and padding */
1263 * If there is no hop-by-hop options header, allocate new one.
1264 * If there is one but it doesn't have enough space to store the
1265 * jumbo payload option, allocate a cluster to store the whole options.
1266 * Otherwise, use it to store the options.
1268 if (exthdrs->ip6e_hbh == 0) {
1269 MGET(mopt, M_DONTWAIT, MT_DATA);
1272 mopt->m_len = JUMBOOPTLEN;
1273 optbuf = mtod(mopt, u_char *);
1274 optbuf[1] = 0; /* = ((JUMBOOPTLEN) >> 3) - 1 */
1275 exthdrs->ip6e_hbh = mopt;
1277 struct ip6_hbh *hbh;
1279 mopt = exthdrs->ip6e_hbh;
1280 if (M_TRAILINGSPACE(mopt) < JUMBOOPTLEN) {
1283 * - exthdrs->ip6e_hbh is not referenced from places
1284 * other than exthdrs.
1285 * - exthdrs->ip6e_hbh is not an mbuf chain.
1287 int oldoptlen = mopt->m_len;
1291 * XXX: give up if the whole (new) hbh header does
1292 * not fit even in an mbuf cluster.
1294 if (oldoptlen + JUMBOOPTLEN > MCLBYTES)
1298 * As a consequence, we must always prepare a cluster
1301 MGET(n, M_DONTWAIT, MT_DATA);
1303 MCLGET(n, M_DONTWAIT);
1304 if ((n->m_flags & M_EXT) == 0) {
1311 n->m_len = oldoptlen + JUMBOOPTLEN;
1312 bcopy(mtod(mopt, caddr_t), mtod(n, caddr_t),
1314 optbuf = mtod(n, caddr_t) + oldoptlen;
1316 mopt = exthdrs->ip6e_hbh = n;
1318 optbuf = mtod(mopt, u_char *) + mopt->m_len;
1319 mopt->m_len += JUMBOOPTLEN;
1321 optbuf[0] = IP6OPT_PADN;
1325 * Adjust the header length according to the pad and
1326 * the jumbo payload option.
1328 hbh = mtod(mopt, struct ip6_hbh *);
1329 hbh->ip6h_len += (JUMBOOPTLEN >> 3);
1332 /* fill in the option. */
1333 optbuf[2] = IP6OPT_JUMBO;
1335 v = (u_int32_t)htonl(plen + JUMBOOPTLEN);
1336 bcopy(&v, &optbuf[4], sizeof(u_int32_t));
1338 /* finally, adjust the packet header length */
1339 exthdrs->ip6e_ip6->m_pkthdr.len += JUMBOOPTLEN;
1346 * Insert fragment header and copy unfragmentable header portions.
1349 ip6_insertfraghdr(struct mbuf *m0, struct mbuf *m, int hlen,
1350 struct ip6_frag **frghdrp)
1352 struct mbuf *n, *mlast;
1354 if (hlen > sizeof(struct ip6_hdr)) {
1355 n = m_copym(m0, sizeof(struct ip6_hdr),
1356 hlen - sizeof(struct ip6_hdr), M_DONTWAIT);
1363 /* Search for the last mbuf of unfragmentable part. */
1364 for (mlast = n; mlast->m_next; mlast = mlast->m_next)
1367 if ((mlast->m_flags & M_EXT) == 0 &&
1368 M_TRAILINGSPACE(mlast) >= sizeof(struct ip6_frag)) {
1369 /* use the trailing space of the last mbuf for the fragment hdr */
1370 *frghdrp = (struct ip6_frag *)(mtod(mlast, caddr_t) +
1372 mlast->m_len += sizeof(struct ip6_frag);
1373 m->m_pkthdr.len += sizeof(struct ip6_frag);
1375 /* allocate a new mbuf for the fragment header */
1378 MGET(mfrg, M_DONTWAIT, MT_DATA);
1381 mfrg->m_len = sizeof(struct ip6_frag);
1382 *frghdrp = mtod(mfrg, struct ip6_frag *);
1383 mlast->m_next = mfrg;
1390 ip6_getpmtu(struct route_in6 *ro_pmtu, struct route_in6 *ro,
1391 struct ifnet *ifp, struct in6_addr *dst, u_long *mtup,
1392 int *alwaysfragp, u_int fibnum)
1398 if (ro_pmtu != ro) {
1399 /* The first hop and the final destination may differ. */
1400 struct sockaddr_in6 *sa6_dst =
1401 (struct sockaddr_in6 *)&ro_pmtu->ro_dst;
1402 if (ro_pmtu->ro_rt &&
1403 ((ro_pmtu->ro_rt->rt_flags & RTF_UP) == 0 ||
1404 !IN6_ARE_ADDR_EQUAL(&sa6_dst->sin6_addr, dst))) {
1405 RTFREE(ro_pmtu->ro_rt);
1406 ro_pmtu->ro_rt = (struct rtentry *)NULL;
1408 if (ro_pmtu->ro_rt == NULL) {
1409 bzero(sa6_dst, sizeof(*sa6_dst));
1410 sa6_dst->sin6_family = AF_INET6;
1411 sa6_dst->sin6_len = sizeof(struct sockaddr_in6);
1412 sa6_dst->sin6_addr = *dst;
1414 in6_rtalloc(ro_pmtu, fibnum);
1417 if (ro_pmtu->ro_rt) {
1419 struct in_conninfo inc;
1421 bzero(&inc, sizeof(inc));
1422 inc.inc_flags |= INC_ISIPV6;
1423 inc.inc6_faddr = *dst;
1426 ifp = ro_pmtu->ro_rt->rt_ifp;
1427 ifmtu = IN6_LINKMTU(ifp);
1428 mtu = tcp_hc_getmtu(&inc);
1430 mtu = min(mtu, ro_pmtu->ro_rt->rt_rmx.rmx_mtu);
1432 mtu = ro_pmtu->ro_rt->rt_rmx.rmx_mtu;
1435 else if (mtu < IPV6_MMTU) {
1437 * RFC2460 section 5, last paragraph:
1438 * if we record ICMPv6 too big message with
1439 * mtu < IPV6_MMTU, transmit packets sized IPV6_MMTU
1440 * or smaller, with framgent header attached.
1441 * (fragment header is needed regardless from the
1442 * packet size, for translators to identify packets)
1446 } else if (mtu > ifmtu) {
1448 * The MTU on the route is larger than the MTU on
1449 * the interface! This shouldn't happen, unless the
1450 * MTU of the interface has been changed after the
1451 * interface was brought up. Change the MTU in the
1452 * route to match the interface MTU (as long as the
1453 * field isn't locked).
1456 ro_pmtu->ro_rt->rt_rmx.rmx_mtu = mtu;
1459 mtu = IN6_LINKMTU(ifp);
1461 error = EHOSTUNREACH; /* XXX */
1465 *alwaysfragp = alwaysfrag;
1470 * IP6 socket option processing.
1473 ip6_ctloutput(struct socket *so, struct sockopt *sopt)
1475 int optdatalen, uproto;
1477 struct inpcb *in6p = sotoinpcb(so);
1479 int level, op, optname;
1483 level = sopt->sopt_level;
1484 op = sopt->sopt_dir;
1485 optname = sopt->sopt_name;
1486 optlen = sopt->sopt_valsize;
1490 uproto = (int)so->so_proto->pr_protocol;
1492 if (level != IPPROTO_IPV6) {
1495 if (sopt->sopt_level == SOL_SOCKET &&
1496 sopt->sopt_dir == SOPT_SET) {
1497 switch (sopt->sopt_name) {
1500 if (IN_MULTICAST(ntohl(in6p->inp_laddr.s_addr))) {
1501 if ((so->so_options &
1502 (SO_REUSEADDR | SO_REUSEPORT)) != 0)
1503 in6p->inp_flags2 |= INP_REUSEPORT;
1505 in6p->inp_flags2 &= ~INP_REUSEPORT;
1512 if ((so->so_options & SO_REUSEPORT) != 0)
1513 in6p->inp_flags2 |= INP_REUSEPORT;
1515 in6p->inp_flags2 &= ~INP_REUSEPORT;
1521 in6p->inp_inc.inc_fibnum = so->so_fibnum;
1529 } else { /* level == IPPROTO_IPV6 */
1534 case IPV6_2292PKTOPTIONS:
1535 #ifdef IPV6_PKTOPTIONS
1536 case IPV6_PKTOPTIONS:
1541 error = soopt_getm(sopt, &m); /* XXX */
1544 error = soopt_mcopyin(sopt, m); /* XXX */
1547 error = ip6_pcbopts(&in6p->in6p_outputopts,
1549 m_freem(m); /* XXX */
1554 * Use of some Hop-by-Hop options or some
1555 * Destination options, might require special
1556 * privilege. That is, normal applications
1557 * (without special privilege) might be forbidden
1558 * from setting certain options in outgoing packets,
1559 * and might never see certain options in received
1560 * packets. [RFC 2292 Section 6]
1561 * KAME specific note:
1562 * KAME prevents non-privileged users from sending or
1563 * receiving ANY hbh/dst options in order to avoid
1564 * overhead of parsing options in the kernel.
1566 case IPV6_RECVHOPOPTS:
1567 case IPV6_RECVDSTOPTS:
1568 case IPV6_RECVRTHDRDSTOPTS:
1570 error = priv_check(td,
1571 PRIV_NETINET_SETHDROPTS);
1576 case IPV6_UNICAST_HOPS:
1580 case IPV6_RECVPKTINFO:
1581 case IPV6_RECVHOPLIMIT:
1582 case IPV6_RECVRTHDR:
1583 case IPV6_RECVPATHMTU:
1584 case IPV6_RECVTCLASS:
1586 case IPV6_AUTOFLOWLABEL:
1588 if (optname == IPV6_BINDANY && td != NULL) {
1589 error = priv_check(td,
1590 PRIV_NETINET_BINDANY);
1595 if (optlen != sizeof(int)) {
1599 error = sooptcopyin(sopt, &optval,
1600 sizeof optval, sizeof optval);
1605 case IPV6_UNICAST_HOPS:
1606 if (optval < -1 || optval >= 256)
1609 /* -1 = kernel default */
1610 in6p->in6p_hops = optval;
1611 if ((in6p->inp_vflag &
1613 in6p->inp_ip_ttl = optval;
1616 #define OPTSET(bit) \
1620 in6p->inp_flags |= (bit); \
1622 in6p->inp_flags &= ~(bit); \
1623 INP_WUNLOCK(in6p); \
1624 } while (/*CONSTCOND*/ 0)
1625 #define OPTSET2292(bit) \
1628 in6p->inp_flags |= IN6P_RFC2292; \
1630 in6p->inp_flags |= (bit); \
1632 in6p->inp_flags &= ~(bit); \
1633 INP_WUNLOCK(in6p); \
1634 } while (/*CONSTCOND*/ 0)
1635 #define OPTBIT(bit) (in6p->inp_flags & (bit) ? 1 : 0)
1637 case IPV6_RECVPKTINFO:
1638 /* cannot mix with RFC2292 */
1639 if (OPTBIT(IN6P_RFC2292)) {
1643 OPTSET(IN6P_PKTINFO);
1648 struct ip6_pktopts **optp;
1650 /* cannot mix with RFC2292 */
1651 if (OPTBIT(IN6P_RFC2292)) {
1655 optp = &in6p->in6p_outputopts;
1656 error = ip6_pcbopt(IPV6_HOPLIMIT,
1657 (u_char *)&optval, sizeof(optval),
1658 optp, (td != NULL) ? td->td_ucred :
1663 case IPV6_RECVHOPLIMIT:
1664 /* cannot mix with RFC2292 */
1665 if (OPTBIT(IN6P_RFC2292)) {
1669 OPTSET(IN6P_HOPLIMIT);
1672 case IPV6_RECVHOPOPTS:
1673 /* cannot mix with RFC2292 */
1674 if (OPTBIT(IN6P_RFC2292)) {
1678 OPTSET(IN6P_HOPOPTS);
1681 case IPV6_RECVDSTOPTS:
1682 /* cannot mix with RFC2292 */
1683 if (OPTBIT(IN6P_RFC2292)) {
1687 OPTSET(IN6P_DSTOPTS);
1690 case IPV6_RECVRTHDRDSTOPTS:
1691 /* cannot mix with RFC2292 */
1692 if (OPTBIT(IN6P_RFC2292)) {
1696 OPTSET(IN6P_RTHDRDSTOPTS);
1699 case IPV6_RECVRTHDR:
1700 /* cannot mix with RFC2292 */
1701 if (OPTBIT(IN6P_RFC2292)) {
1712 case IPV6_RECVPATHMTU:
1714 * We ignore this option for TCP
1716 * (RFC3542 leaves this case
1719 if (uproto != IPPROTO_TCP)
1725 * make setsockopt(IPV6_V6ONLY)
1726 * available only prior to bind(2).
1727 * see ipng mailing list, Jun 22 2001.
1729 if (in6p->inp_lport ||
1730 !IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr)) {
1734 OPTSET(IN6P_IPV6_V6ONLY);
1736 in6p->inp_vflag &= ~INP_IPV4;
1738 in6p->inp_vflag |= INP_IPV4;
1740 case IPV6_RECVTCLASS:
1741 /* cannot mix with RFC2292 XXX */
1742 if (OPTBIT(IN6P_RFC2292)) {
1746 OPTSET(IN6P_TCLASS);
1748 case IPV6_AUTOFLOWLABEL:
1749 OPTSET(IN6P_AUTOFLOWLABEL);
1753 OPTSET(INP_BINDANY);
1760 case IPV6_USE_MIN_MTU:
1761 case IPV6_PREFER_TEMPADDR:
1762 if (optlen != sizeof(optval)) {
1766 error = sooptcopyin(sopt, &optval,
1767 sizeof optval, sizeof optval);
1771 struct ip6_pktopts **optp;
1772 optp = &in6p->in6p_outputopts;
1773 error = ip6_pcbopt(optname,
1774 (u_char *)&optval, sizeof(optval),
1775 optp, (td != NULL) ? td->td_ucred :
1780 case IPV6_2292PKTINFO:
1781 case IPV6_2292HOPLIMIT:
1782 case IPV6_2292HOPOPTS:
1783 case IPV6_2292DSTOPTS:
1784 case IPV6_2292RTHDR:
1786 if (optlen != sizeof(int)) {
1790 error = sooptcopyin(sopt, &optval,
1791 sizeof optval, sizeof optval);
1795 case IPV6_2292PKTINFO:
1796 OPTSET2292(IN6P_PKTINFO);
1798 case IPV6_2292HOPLIMIT:
1799 OPTSET2292(IN6P_HOPLIMIT);
1801 case IPV6_2292HOPOPTS:
1803 * Check super-user privilege.
1804 * See comments for IPV6_RECVHOPOPTS.
1807 error = priv_check(td,
1808 PRIV_NETINET_SETHDROPTS);
1812 OPTSET2292(IN6P_HOPOPTS);
1814 case IPV6_2292DSTOPTS:
1816 error = priv_check(td,
1817 PRIV_NETINET_SETHDROPTS);
1821 OPTSET2292(IN6P_DSTOPTS|IN6P_RTHDRDSTOPTS); /* XXX */
1823 case IPV6_2292RTHDR:
1824 OPTSET2292(IN6P_RTHDR);
1832 case IPV6_RTHDRDSTOPTS:
1835 /* new advanced API (RFC3542) */
1837 u_char optbuf_storage[MCLBYTES];
1839 struct ip6_pktopts **optp;
1841 /* cannot mix with RFC2292 */
1842 if (OPTBIT(IN6P_RFC2292)) {
1848 * We only ensure valsize is not too large
1849 * here. Further validation will be done
1852 error = sooptcopyin(sopt, optbuf_storage,
1853 sizeof(optbuf_storage), 0);
1856 optlen = sopt->sopt_valsize;
1857 optbuf = optbuf_storage;
1858 optp = &in6p->in6p_outputopts;
1859 error = ip6_pcbopt(optname, optbuf, optlen,
1860 optp, (td != NULL) ? td->td_ucred : NULL,
1866 case IPV6_MULTICAST_IF:
1867 case IPV6_MULTICAST_HOPS:
1868 case IPV6_MULTICAST_LOOP:
1869 case IPV6_JOIN_GROUP:
1870 case IPV6_LEAVE_GROUP:
1872 case MCAST_BLOCK_SOURCE:
1873 case MCAST_UNBLOCK_SOURCE:
1874 case MCAST_JOIN_GROUP:
1875 case MCAST_LEAVE_GROUP:
1876 case MCAST_JOIN_SOURCE_GROUP:
1877 case MCAST_LEAVE_SOURCE_GROUP:
1878 error = ip6_setmoptions(in6p, sopt);
1881 case IPV6_PORTRANGE:
1882 error = sooptcopyin(sopt, &optval,
1883 sizeof optval, sizeof optval);
1889 case IPV6_PORTRANGE_DEFAULT:
1890 in6p->inp_flags &= ~(INP_LOWPORT);
1891 in6p->inp_flags &= ~(INP_HIGHPORT);
1894 case IPV6_PORTRANGE_HIGH:
1895 in6p->inp_flags &= ~(INP_LOWPORT);
1896 in6p->inp_flags |= INP_HIGHPORT;
1899 case IPV6_PORTRANGE_LOW:
1900 in6p->inp_flags &= ~(INP_HIGHPORT);
1901 in6p->inp_flags |= INP_LOWPORT;
1912 case IPV6_IPSEC_POLICY:
1917 if ((error = soopt_getm(sopt, &m)) != 0) /* XXX */
1919 if ((error = soopt_mcopyin(sopt, m)) != 0) /* XXX */
1921 req = mtod(m, caddr_t);
1922 error = ipsec_set_policy(in6p, optname, req,
1923 m->m_len, (sopt->sopt_td != NULL) ?
1924 sopt->sopt_td->td_ucred : NULL);
1931 error = ENOPROTOOPT;
1939 case IPV6_2292PKTOPTIONS:
1940 #ifdef IPV6_PKTOPTIONS
1941 case IPV6_PKTOPTIONS:
1944 * RFC3542 (effectively) deprecated the
1945 * semantics of the 2292-style pktoptions.
1946 * Since it was not reliable in nature (i.e.,
1947 * applications had to expect the lack of some
1948 * information after all), it would make sense
1949 * to simplify this part by always returning
1952 sopt->sopt_valsize = 0;
1955 case IPV6_RECVHOPOPTS:
1956 case IPV6_RECVDSTOPTS:
1957 case IPV6_RECVRTHDRDSTOPTS:
1958 case IPV6_UNICAST_HOPS:
1959 case IPV6_RECVPKTINFO:
1960 case IPV6_RECVHOPLIMIT:
1961 case IPV6_RECVRTHDR:
1962 case IPV6_RECVPATHMTU:
1966 case IPV6_PORTRANGE:
1967 case IPV6_RECVTCLASS:
1968 case IPV6_AUTOFLOWLABEL:
1972 case IPV6_RECVHOPOPTS:
1973 optval = OPTBIT(IN6P_HOPOPTS);
1976 case IPV6_RECVDSTOPTS:
1977 optval = OPTBIT(IN6P_DSTOPTS);
1980 case IPV6_RECVRTHDRDSTOPTS:
1981 optval = OPTBIT(IN6P_RTHDRDSTOPTS);
1984 case IPV6_UNICAST_HOPS:
1985 optval = in6p->in6p_hops;
1988 case IPV6_RECVPKTINFO:
1989 optval = OPTBIT(IN6P_PKTINFO);
1992 case IPV6_RECVHOPLIMIT:
1993 optval = OPTBIT(IN6P_HOPLIMIT);
1996 case IPV6_RECVRTHDR:
1997 optval = OPTBIT(IN6P_RTHDR);
2000 case IPV6_RECVPATHMTU:
2001 optval = OPTBIT(IN6P_MTU);
2005 optval = OPTBIT(INP_FAITH);
2009 optval = OPTBIT(IN6P_IPV6_V6ONLY);
2012 case IPV6_PORTRANGE:
2015 flags = in6p->inp_flags;
2016 if (flags & INP_HIGHPORT)
2017 optval = IPV6_PORTRANGE_HIGH;
2018 else if (flags & INP_LOWPORT)
2019 optval = IPV6_PORTRANGE_LOW;
2024 case IPV6_RECVTCLASS:
2025 optval = OPTBIT(IN6P_TCLASS);
2028 case IPV6_AUTOFLOWLABEL:
2029 optval = OPTBIT(IN6P_AUTOFLOWLABEL);
2033 optval = OPTBIT(INP_BINDANY);
2038 error = sooptcopyout(sopt, &optval,
2045 struct ip6_mtuinfo mtuinfo;
2046 struct route_in6 sro;
2048 bzero(&sro, sizeof(sro));
2050 if (!(so->so_state & SS_ISCONNECTED))
2053 * XXX: we dot not consider the case of source
2054 * routing, or optional information to specify
2055 * the outgoing interface.
2057 error = ip6_getpmtu(&sro, NULL, NULL,
2058 &in6p->in6p_faddr, &pmtu, NULL,
2064 if (pmtu > IPV6_MAXPACKET)
2065 pmtu = IPV6_MAXPACKET;
2067 bzero(&mtuinfo, sizeof(mtuinfo));
2068 mtuinfo.ip6m_mtu = (u_int32_t)pmtu;
2069 optdata = (void *)&mtuinfo;
2070 optdatalen = sizeof(mtuinfo);
2071 error = sooptcopyout(sopt, optdata,
2076 case IPV6_2292PKTINFO:
2077 case IPV6_2292HOPLIMIT:
2078 case IPV6_2292HOPOPTS:
2079 case IPV6_2292RTHDR:
2080 case IPV6_2292DSTOPTS:
2082 case IPV6_2292PKTINFO:
2083 optval = OPTBIT(IN6P_PKTINFO);
2085 case IPV6_2292HOPLIMIT:
2086 optval = OPTBIT(IN6P_HOPLIMIT);
2088 case IPV6_2292HOPOPTS:
2089 optval = OPTBIT(IN6P_HOPOPTS);
2091 case IPV6_2292RTHDR:
2092 optval = OPTBIT(IN6P_RTHDR);
2094 case IPV6_2292DSTOPTS:
2095 optval = OPTBIT(IN6P_DSTOPTS|IN6P_RTHDRDSTOPTS);
2098 error = sooptcopyout(sopt, &optval,
2105 case IPV6_RTHDRDSTOPTS:
2109 case IPV6_USE_MIN_MTU:
2110 case IPV6_PREFER_TEMPADDR:
2111 error = ip6_getpcbopt(in6p->in6p_outputopts,
2115 case IPV6_MULTICAST_IF:
2116 case IPV6_MULTICAST_HOPS:
2117 case IPV6_MULTICAST_LOOP:
2119 error = ip6_getmoptions(in6p, sopt);
2123 case IPV6_IPSEC_POLICY:
2127 struct mbuf *m = NULL;
2128 struct mbuf **mp = &m;
2129 size_t ovalsize = sopt->sopt_valsize;
2130 caddr_t oval = (caddr_t)sopt->sopt_val;
2132 error = soopt_getm(sopt, &m); /* XXX */
2135 error = soopt_mcopyin(sopt, m); /* XXX */
2138 sopt->sopt_valsize = ovalsize;
2139 sopt->sopt_val = oval;
2141 req = mtod(m, caddr_t);
2144 error = ipsec_get_policy(in6p, req, len, mp);
2146 error = soopt_mcopyout(sopt, m); /* XXX */
2147 if (error == 0 && m)
2154 error = ENOPROTOOPT;
2164 ip6_raw_ctloutput(struct socket *so, struct sockopt *sopt)
2166 int error = 0, optval, optlen;
2167 const int icmp6off = offsetof(struct icmp6_hdr, icmp6_cksum);
2168 struct inpcb *in6p = sotoinpcb(so);
2169 int level, op, optname;
2171 level = sopt->sopt_level;
2172 op = sopt->sopt_dir;
2173 optname = sopt->sopt_name;
2174 optlen = sopt->sopt_valsize;
2176 if (level != IPPROTO_IPV6) {
2183 * For ICMPv6 sockets, no modification allowed for checksum
2184 * offset, permit "no change" values to help existing apps.
2186 * RFC3542 says: "An attempt to set IPV6_CHECKSUM
2187 * for an ICMPv6 socket will fail."
2188 * The current behavior does not meet RFC3542.
2192 if (optlen != sizeof(int)) {
2196 error = sooptcopyin(sopt, &optval, sizeof(optval),
2200 if ((optval % 2) != 0) {
2201 /* the API assumes even offset values */
2203 } else if (so->so_proto->pr_protocol ==
2205 if (optval != icmp6off)
2208 in6p->in6p_cksum = optval;
2212 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6)
2215 optval = in6p->in6p_cksum;
2217 error = sooptcopyout(sopt, &optval, sizeof(optval));
2227 error = ENOPROTOOPT;
2235 * Set up IP6 options in pcb for insertion in output packets or
2236 * specifying behavior of outgoing packets.
2239 ip6_pcbopts(struct ip6_pktopts **pktopt, struct mbuf *m,
2240 struct socket *so, struct sockopt *sopt)
2242 struct ip6_pktopts *opt = *pktopt;
2244 struct thread *td = sopt->sopt_td;
2246 /* turn off any old options. */
2249 if (opt->ip6po_pktinfo || opt->ip6po_nexthop ||
2250 opt->ip6po_hbh || opt->ip6po_dest1 || opt->ip6po_dest2 ||
2251 opt->ip6po_rhinfo.ip6po_rhi_rthdr)
2252 printf("ip6_pcbopts: all specified options are cleared.\n");
2254 ip6_clearpktopts(opt, -1);
2256 opt = malloc(sizeof(*opt), M_IP6OPT, M_WAITOK);
2259 if (!m || m->m_len == 0) {
2261 * Only turning off any previous options, regardless of
2262 * whether the opt is just created or given.
2264 free(opt, M_IP6OPT);
2268 /* set options specified by user. */
2269 if ((error = ip6_setpktopts(m, opt, NULL, (td != NULL) ?
2270 td->td_ucred : NULL, so->so_proto->pr_protocol)) != 0) {
2271 ip6_clearpktopts(opt, -1); /* XXX: discard all options */
2272 free(opt, M_IP6OPT);
2280 * initialize ip6_pktopts. beware that there are non-zero default values in
2284 ip6_initpktopts(struct ip6_pktopts *opt)
2287 bzero(opt, sizeof(*opt));
2288 opt->ip6po_hlim = -1; /* -1 means default hop limit */
2289 opt->ip6po_tclass = -1; /* -1 means default traffic class */
2290 opt->ip6po_minmtu = IP6PO_MINMTU_MCASTONLY;
2291 opt->ip6po_prefer_tempaddr = IP6PO_TEMPADDR_SYSTEM;
2295 ip6_pcbopt(int optname, u_char *buf, int len, struct ip6_pktopts **pktopt,
2296 struct ucred *cred, int uproto)
2298 struct ip6_pktopts *opt;
2300 if (*pktopt == NULL) {
2301 *pktopt = malloc(sizeof(struct ip6_pktopts), M_IP6OPT,
2303 ip6_initpktopts(*pktopt);
2307 return (ip6_setpktopt(optname, buf, len, opt, cred, 1, 0, uproto));
2311 ip6_getpcbopt(struct ip6_pktopts *pktopt, int optname, struct sockopt *sopt)
2313 void *optdata = NULL;
2315 struct ip6_ext *ip6e;
2317 struct in6_pktinfo null_pktinfo;
2318 int deftclass = 0, on;
2319 int defminmtu = IP6PO_MINMTU_MCASTONLY;
2320 int defpreftemp = IP6PO_TEMPADDR_SYSTEM;
2324 if (pktopt && pktopt->ip6po_pktinfo)
2325 optdata = (void *)pktopt->ip6po_pktinfo;
2327 /* XXX: we don't have to do this every time... */
2328 bzero(&null_pktinfo, sizeof(null_pktinfo));
2329 optdata = (void *)&null_pktinfo;
2331 optdatalen = sizeof(struct in6_pktinfo);
2334 if (pktopt && pktopt->ip6po_tclass >= 0)
2335 optdata = (void *)&pktopt->ip6po_tclass;
2337 optdata = (void *)&deftclass;
2338 optdatalen = sizeof(int);
2341 if (pktopt && pktopt->ip6po_hbh) {
2342 optdata = (void *)pktopt->ip6po_hbh;
2343 ip6e = (struct ip6_ext *)pktopt->ip6po_hbh;
2344 optdatalen = (ip6e->ip6e_len + 1) << 3;
2348 if (pktopt && pktopt->ip6po_rthdr) {
2349 optdata = (void *)pktopt->ip6po_rthdr;
2350 ip6e = (struct ip6_ext *)pktopt->ip6po_rthdr;
2351 optdatalen = (ip6e->ip6e_len + 1) << 3;
2354 case IPV6_RTHDRDSTOPTS:
2355 if (pktopt && pktopt->ip6po_dest1) {
2356 optdata = (void *)pktopt->ip6po_dest1;
2357 ip6e = (struct ip6_ext *)pktopt->ip6po_dest1;
2358 optdatalen = (ip6e->ip6e_len + 1) << 3;
2362 if (pktopt && pktopt->ip6po_dest2) {
2363 optdata = (void *)pktopt->ip6po_dest2;
2364 ip6e = (struct ip6_ext *)pktopt->ip6po_dest2;
2365 optdatalen = (ip6e->ip6e_len + 1) << 3;
2369 if (pktopt && pktopt->ip6po_nexthop) {
2370 optdata = (void *)pktopt->ip6po_nexthop;
2371 optdatalen = pktopt->ip6po_nexthop->sa_len;
2374 case IPV6_USE_MIN_MTU:
2376 optdata = (void *)&pktopt->ip6po_minmtu;
2378 optdata = (void *)&defminmtu;
2379 optdatalen = sizeof(int);
2382 if (pktopt && ((pktopt->ip6po_flags) & IP6PO_DONTFRAG))
2386 optdata = (void *)&on;
2387 optdatalen = sizeof(on);
2389 case IPV6_PREFER_TEMPADDR:
2391 optdata = (void *)&pktopt->ip6po_prefer_tempaddr;
2393 optdata = (void *)&defpreftemp;
2394 optdatalen = sizeof(int);
2396 default: /* should not happen */
2398 panic("ip6_getpcbopt: unexpected option\n");
2400 return (ENOPROTOOPT);
2403 error = sooptcopyout(sopt, optdata, optdatalen);
2409 ip6_clearpktopts(struct ip6_pktopts *pktopt, int optname)
2414 if (optname == -1 || optname == IPV6_PKTINFO) {
2415 if (pktopt->ip6po_pktinfo)
2416 free(pktopt->ip6po_pktinfo, M_IP6OPT);
2417 pktopt->ip6po_pktinfo = NULL;
2419 if (optname == -1 || optname == IPV6_HOPLIMIT)
2420 pktopt->ip6po_hlim = -1;
2421 if (optname == -1 || optname == IPV6_TCLASS)
2422 pktopt->ip6po_tclass = -1;
2423 if (optname == -1 || optname == IPV6_NEXTHOP) {
2424 if (pktopt->ip6po_nextroute.ro_rt) {
2425 RTFREE(pktopt->ip6po_nextroute.ro_rt);
2426 pktopt->ip6po_nextroute.ro_rt = NULL;
2428 if (pktopt->ip6po_nexthop)
2429 free(pktopt->ip6po_nexthop, M_IP6OPT);
2430 pktopt->ip6po_nexthop = NULL;
2432 if (optname == -1 || optname == IPV6_HOPOPTS) {
2433 if (pktopt->ip6po_hbh)
2434 free(pktopt->ip6po_hbh, M_IP6OPT);
2435 pktopt->ip6po_hbh = NULL;
2437 if (optname == -1 || optname == IPV6_RTHDRDSTOPTS) {
2438 if (pktopt->ip6po_dest1)
2439 free(pktopt->ip6po_dest1, M_IP6OPT);
2440 pktopt->ip6po_dest1 = NULL;
2442 if (optname == -1 || optname == IPV6_RTHDR) {
2443 if (pktopt->ip6po_rhinfo.ip6po_rhi_rthdr)
2444 free(pktopt->ip6po_rhinfo.ip6po_rhi_rthdr, M_IP6OPT);
2445 pktopt->ip6po_rhinfo.ip6po_rhi_rthdr = NULL;
2446 if (pktopt->ip6po_route.ro_rt) {
2447 RTFREE(pktopt->ip6po_route.ro_rt);
2448 pktopt->ip6po_route.ro_rt = NULL;
2451 if (optname == -1 || optname == IPV6_DSTOPTS) {
2452 if (pktopt->ip6po_dest2)
2453 free(pktopt->ip6po_dest2, M_IP6OPT);
2454 pktopt->ip6po_dest2 = NULL;
2458 #define PKTOPT_EXTHDRCPY(type) \
2461 int hlen = (((struct ip6_ext *)src->type)->ip6e_len + 1) << 3;\
2462 dst->type = malloc(hlen, M_IP6OPT, canwait);\
2463 if (dst->type == NULL && canwait == M_NOWAIT)\
2465 bcopy(src->type, dst->type, hlen);\
2467 } while (/*CONSTCOND*/ 0)
2470 copypktopts(struct ip6_pktopts *dst, struct ip6_pktopts *src, int canwait)
2472 if (dst == NULL || src == NULL) {
2473 printf("ip6_clearpktopts: invalid argument\n");
2477 dst->ip6po_hlim = src->ip6po_hlim;
2478 dst->ip6po_tclass = src->ip6po_tclass;
2479 dst->ip6po_flags = src->ip6po_flags;
2480 dst->ip6po_minmtu = src->ip6po_minmtu;
2481 dst->ip6po_prefer_tempaddr = src->ip6po_prefer_tempaddr;
2482 if (src->ip6po_pktinfo) {
2483 dst->ip6po_pktinfo = malloc(sizeof(*dst->ip6po_pktinfo),
2485 if (dst->ip6po_pktinfo == NULL)
2487 *dst->ip6po_pktinfo = *src->ip6po_pktinfo;
2489 if (src->ip6po_nexthop) {
2490 dst->ip6po_nexthop = malloc(src->ip6po_nexthop->sa_len,
2492 if (dst->ip6po_nexthop == NULL)
2494 bcopy(src->ip6po_nexthop, dst->ip6po_nexthop,
2495 src->ip6po_nexthop->sa_len);
2497 PKTOPT_EXTHDRCPY(ip6po_hbh);
2498 PKTOPT_EXTHDRCPY(ip6po_dest1);
2499 PKTOPT_EXTHDRCPY(ip6po_dest2);
2500 PKTOPT_EXTHDRCPY(ip6po_rthdr); /* not copy the cached route */
2504 ip6_clearpktopts(dst, -1);
2507 #undef PKTOPT_EXTHDRCPY
2509 struct ip6_pktopts *
2510 ip6_copypktopts(struct ip6_pktopts *src, int canwait)
2513 struct ip6_pktopts *dst;
2515 dst = malloc(sizeof(*dst), M_IP6OPT, canwait);
2518 ip6_initpktopts(dst);
2520 if ((error = copypktopts(dst, src, canwait)) != 0) {
2521 free(dst, M_IP6OPT);
2529 ip6_freepcbopts(struct ip6_pktopts *pktopt)
2534 ip6_clearpktopts(pktopt, -1);
2536 free(pktopt, M_IP6OPT);
2540 * Set IPv6 outgoing packet options based on advanced API.
2543 ip6_setpktopts(struct mbuf *control, struct ip6_pktopts *opt,
2544 struct ip6_pktopts *stickyopt, struct ucred *cred, int uproto)
2546 struct cmsghdr *cm = 0;
2548 if (control == NULL || opt == NULL)
2551 ip6_initpktopts(opt);
2556 * If stickyopt is provided, make a local copy of the options
2557 * for this particular packet, then override them by ancillary
2559 * XXX: copypktopts() does not copy the cached route to a next
2560 * hop (if any). This is not very good in terms of efficiency,
2561 * but we can allow this since this option should be rarely
2564 if ((error = copypktopts(opt, stickyopt, M_NOWAIT)) != 0)
2569 * XXX: Currently, we assume all the optional information is stored
2572 if (control->m_next)
2575 for (; control->m_len > 0; control->m_data += CMSG_ALIGN(cm->cmsg_len),
2576 control->m_len -= CMSG_ALIGN(cm->cmsg_len)) {
2579 if (control->m_len < CMSG_LEN(0))
2582 cm = mtod(control, struct cmsghdr *);
2583 if (cm->cmsg_len == 0 || cm->cmsg_len > control->m_len)
2585 if (cm->cmsg_level != IPPROTO_IPV6)
2588 error = ip6_setpktopt(cm->cmsg_type, CMSG_DATA(cm),
2589 cm->cmsg_len - CMSG_LEN(0), opt, cred, 0, 1, uproto);
2598 * Set a particular packet option, as a sticky option or an ancillary data
2599 * item. "len" can be 0 only when it's a sticky option.
2600 * We have 4 cases of combination of "sticky" and "cmsg":
2601 * "sticky=0, cmsg=0": impossible
2602 * "sticky=0, cmsg=1": RFC2292 or RFC3542 ancillary data
2603 * "sticky=1, cmsg=0": RFC3542 socket option
2604 * "sticky=1, cmsg=1": RFC2292 socket option
2607 ip6_setpktopt(int optname, u_char *buf, int len, struct ip6_pktopts *opt,
2608 struct ucred *cred, int sticky, int cmsg, int uproto)
2610 int minmtupolicy, preftemp;
2613 if (!sticky && !cmsg) {
2615 printf("ip6_setpktopt: impossible case\n");
2621 * IPV6_2292xxx is for backward compatibility to RFC2292, and should
2622 * not be specified in the context of RFC3542. Conversely,
2623 * RFC3542 types should not be specified in the context of RFC2292.
2627 case IPV6_2292PKTINFO:
2628 case IPV6_2292HOPLIMIT:
2629 case IPV6_2292NEXTHOP:
2630 case IPV6_2292HOPOPTS:
2631 case IPV6_2292DSTOPTS:
2632 case IPV6_2292RTHDR:
2633 case IPV6_2292PKTOPTIONS:
2634 return (ENOPROTOOPT);
2637 if (sticky && cmsg) {
2644 case IPV6_RTHDRDSTOPTS:
2646 case IPV6_USE_MIN_MTU:
2649 case IPV6_PREFER_TEMPADDR: /* XXX: not an RFC3542 option */
2650 return (ENOPROTOOPT);
2655 case IPV6_2292PKTINFO:
2658 struct ifnet *ifp = NULL;
2659 struct in6_pktinfo *pktinfo;
2661 if (len != sizeof(struct in6_pktinfo))
2664 pktinfo = (struct in6_pktinfo *)buf;
2667 * An application can clear any sticky IPV6_PKTINFO option by
2668 * doing a "regular" setsockopt with ipi6_addr being
2669 * in6addr_any and ipi6_ifindex being zero.
2670 * [RFC 3542, Section 6]
2672 if (optname == IPV6_PKTINFO && opt->ip6po_pktinfo &&
2673 pktinfo->ipi6_ifindex == 0 &&
2674 IN6_IS_ADDR_UNSPECIFIED(&pktinfo->ipi6_addr)) {
2675 ip6_clearpktopts(opt, optname);
2679 if (uproto == IPPROTO_TCP && optname == IPV6_PKTINFO &&
2680 sticky && !IN6_IS_ADDR_UNSPECIFIED(&pktinfo->ipi6_addr)) {
2684 /* validate the interface index if specified. */
2685 if (pktinfo->ipi6_ifindex > V_if_index ||
2686 pktinfo->ipi6_ifindex < 0) {
2689 if (pktinfo->ipi6_ifindex) {
2690 ifp = ifnet_byindex(pktinfo->ipi6_ifindex);
2696 * We store the address anyway, and let in6_selectsrc()
2697 * validate the specified address. This is because ipi6_addr
2698 * may not have enough information about its scope zone, and
2699 * we may need additional information (such as outgoing
2700 * interface or the scope zone of a destination address) to
2701 * disambiguate the scope.
2702 * XXX: the delay of the validation may confuse the
2703 * application when it is used as a sticky option.
2705 if (opt->ip6po_pktinfo == NULL) {
2706 opt->ip6po_pktinfo = malloc(sizeof(*pktinfo),
2707 M_IP6OPT, M_NOWAIT);
2708 if (opt->ip6po_pktinfo == NULL)
2711 bcopy(pktinfo, opt->ip6po_pktinfo, sizeof(*pktinfo));
2715 case IPV6_2292HOPLIMIT:
2721 * RFC 3542 deprecated the usage of sticky IPV6_HOPLIMIT
2722 * to simplify the ordering among hoplimit options.
2724 if (optname == IPV6_HOPLIMIT && sticky)
2725 return (ENOPROTOOPT);
2727 if (len != sizeof(int))
2730 if (*hlimp < -1 || *hlimp > 255)
2733 opt->ip6po_hlim = *hlimp;
2741 if (len != sizeof(int))
2743 tclass = *(int *)buf;
2744 if (tclass < -1 || tclass > 255)
2747 opt->ip6po_tclass = tclass;
2751 case IPV6_2292NEXTHOP:
2754 error = priv_check_cred(cred,
2755 PRIV_NETINET_SETHDROPTS, 0);
2760 if (len == 0) { /* just remove the option */
2761 ip6_clearpktopts(opt, IPV6_NEXTHOP);
2765 /* check if cmsg_len is large enough for sa_len */
2766 if (len < sizeof(struct sockaddr) || len < *buf)
2769 switch (((struct sockaddr *)buf)->sa_family) {
2772 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)buf;
2775 if (sa6->sin6_len != sizeof(struct sockaddr_in6))
2778 if (IN6_IS_ADDR_UNSPECIFIED(&sa6->sin6_addr) ||
2779 IN6_IS_ADDR_MULTICAST(&sa6->sin6_addr)) {
2782 if ((error = sa6_embedscope(sa6, V_ip6_use_defzone))
2788 case AF_LINK: /* should eventually be supported */
2790 return (EAFNOSUPPORT);
2793 /* turn off the previous option, then set the new option. */
2794 ip6_clearpktopts(opt, IPV6_NEXTHOP);
2795 opt->ip6po_nexthop = malloc(*buf, M_IP6OPT, M_NOWAIT);
2796 if (opt->ip6po_nexthop == NULL)
2798 bcopy(buf, opt->ip6po_nexthop, *buf);
2801 case IPV6_2292HOPOPTS:
2804 struct ip6_hbh *hbh;
2808 * XXX: We don't allow a non-privileged user to set ANY HbH
2809 * options, since per-option restriction has too much
2813 error = priv_check_cred(cred,
2814 PRIV_NETINET_SETHDROPTS, 0);
2820 ip6_clearpktopts(opt, IPV6_HOPOPTS);
2821 break; /* just remove the option */
2824 /* message length validation */
2825 if (len < sizeof(struct ip6_hbh))
2827 hbh = (struct ip6_hbh *)buf;
2828 hbhlen = (hbh->ip6h_len + 1) << 3;
2832 /* turn off the previous option, then set the new option. */
2833 ip6_clearpktopts(opt, IPV6_HOPOPTS);
2834 opt->ip6po_hbh = malloc(hbhlen, M_IP6OPT, M_NOWAIT);
2835 if (opt->ip6po_hbh == NULL)
2837 bcopy(hbh, opt->ip6po_hbh, hbhlen);
2842 case IPV6_2292DSTOPTS:
2844 case IPV6_RTHDRDSTOPTS:
2846 struct ip6_dest *dest, **newdest = NULL;
2849 if (cred != NULL) { /* XXX: see the comment for IPV6_HOPOPTS */
2850 error = priv_check_cred(cred,
2851 PRIV_NETINET_SETHDROPTS, 0);
2857 ip6_clearpktopts(opt, optname);
2858 break; /* just remove the option */
2861 /* message length validation */
2862 if (len < sizeof(struct ip6_dest))
2864 dest = (struct ip6_dest *)buf;
2865 destlen = (dest->ip6d_len + 1) << 3;
2870 * Determine the position that the destination options header
2871 * should be inserted; before or after the routing header.
2874 case IPV6_2292DSTOPTS:
2876 * The old advacned API is ambiguous on this point.
2877 * Our approach is to determine the position based
2878 * according to the existence of a routing header.
2879 * Note, however, that this depends on the order of the
2880 * extension headers in the ancillary data; the 1st
2881 * part of the destination options header must appear
2882 * before the routing header in the ancillary data,
2884 * RFC3542 solved the ambiguity by introducing
2885 * separate ancillary data or option types.
2887 if (opt->ip6po_rthdr == NULL)
2888 newdest = &opt->ip6po_dest1;
2890 newdest = &opt->ip6po_dest2;
2892 case IPV6_RTHDRDSTOPTS:
2893 newdest = &opt->ip6po_dest1;
2896 newdest = &opt->ip6po_dest2;
2900 /* turn off the previous option, then set the new option. */
2901 ip6_clearpktopts(opt, optname);
2902 *newdest = malloc(destlen, M_IP6OPT, M_NOWAIT);
2903 if (*newdest == NULL)
2905 bcopy(dest, *newdest, destlen);
2910 case IPV6_2292RTHDR:
2913 struct ip6_rthdr *rth;
2917 ip6_clearpktopts(opt, IPV6_RTHDR);
2918 break; /* just remove the option */
2921 /* message length validation */
2922 if (len < sizeof(struct ip6_rthdr))
2924 rth = (struct ip6_rthdr *)buf;
2925 rthlen = (rth->ip6r_len + 1) << 3;
2929 switch (rth->ip6r_type) {
2930 case IPV6_RTHDR_TYPE_0:
2931 if (rth->ip6r_len == 0) /* must contain one addr */
2933 if (rth->ip6r_len % 2) /* length must be even */
2935 if (rth->ip6r_len / 2 != rth->ip6r_segleft)
2939 return (EINVAL); /* not supported */
2942 /* turn off the previous option */
2943 ip6_clearpktopts(opt, IPV6_RTHDR);
2944 opt->ip6po_rthdr = malloc(rthlen, M_IP6OPT, M_NOWAIT);
2945 if (opt->ip6po_rthdr == NULL)
2947 bcopy(rth, opt->ip6po_rthdr, rthlen);
2952 case IPV6_USE_MIN_MTU:
2953 if (len != sizeof(int))
2955 minmtupolicy = *(int *)buf;
2956 if (minmtupolicy != IP6PO_MINMTU_MCASTONLY &&
2957 minmtupolicy != IP6PO_MINMTU_DISABLE &&
2958 minmtupolicy != IP6PO_MINMTU_ALL) {
2961 opt->ip6po_minmtu = minmtupolicy;
2965 if (len != sizeof(int))
2968 if (uproto == IPPROTO_TCP || *(int *)buf == 0) {
2970 * we ignore this option for TCP sockets.
2971 * (RFC3542 leaves this case unspecified.)
2973 opt->ip6po_flags &= ~IP6PO_DONTFRAG;
2975 opt->ip6po_flags |= IP6PO_DONTFRAG;
2978 case IPV6_PREFER_TEMPADDR:
2979 if (len != sizeof(int))
2981 preftemp = *(int *)buf;
2982 if (preftemp != IP6PO_TEMPADDR_SYSTEM &&
2983 preftemp != IP6PO_TEMPADDR_NOTPREFER &&
2984 preftemp != IP6PO_TEMPADDR_PREFER) {
2987 opt->ip6po_prefer_tempaddr = preftemp;
2991 return (ENOPROTOOPT);
2992 } /* end of switch */
2998 * Routine called from ip6_output() to loop back a copy of an IP6 multicast
2999 * packet to the input queue of a specified interface. Note that this
3000 * calls the output routine of the loopback "driver", but with an interface
3001 * pointer that might NOT be &loif -- easier than replicating that code here.
3004 ip6_mloopback(struct ifnet *ifp, struct mbuf *m, struct sockaddr_in6 *dst)
3007 struct ip6_hdr *ip6;
3009 copym = m_copy(m, 0, M_COPYALL);
3014 * Make sure to deep-copy IPv6 header portion in case the data
3015 * is in an mbuf cluster, so that we can safely override the IPv6
3016 * header portion later.
3018 if ((copym->m_flags & M_EXT) != 0 ||
3019 copym->m_len < sizeof(struct ip6_hdr)) {
3020 copym = m_pullup(copym, sizeof(struct ip6_hdr));
3026 if (copym->m_len < sizeof(*ip6)) {
3032 ip6 = mtod(copym, struct ip6_hdr *);
3034 * clear embedded scope identifiers if necessary.
3035 * in6_clearscope will touch the addresses only when necessary.
3037 in6_clearscope(&ip6->ip6_src);
3038 in6_clearscope(&ip6->ip6_dst);
3040 (void)if_simloop(ifp, copym, dst->sin6_family, 0);
3044 * Chop IPv6 header off from the payload.
3047 ip6_splithdr(struct mbuf *m, struct ip6_exthdrs *exthdrs)
3050 struct ip6_hdr *ip6;
3052 ip6 = mtod(m, struct ip6_hdr *);
3053 if (m->m_len > sizeof(*ip6)) {
3054 MGETHDR(mh, M_DONTWAIT, MT_HEADER);
3059 M_MOVE_PKTHDR(mh, m);
3060 MH_ALIGN(mh, sizeof(*ip6));
3061 m->m_len -= sizeof(*ip6);
3062 m->m_data += sizeof(*ip6);
3065 m->m_len = sizeof(*ip6);
3066 bcopy((caddr_t)ip6, mtod(m, caddr_t), sizeof(*ip6));
3068 exthdrs->ip6e_ip6 = m;
3073 * Compute IPv6 extension header length.
3076 ip6_optlen(struct inpcb *in6p)
3080 if (!in6p->in6p_outputopts)
3085 (((struct ip6_ext *)(x)) ? (((struct ip6_ext *)(x))->ip6e_len + 1) << 3 : 0)
3087 len += elen(in6p->in6p_outputopts->ip6po_hbh);
3088 if (in6p->in6p_outputopts->ip6po_rthdr)
3089 /* dest1 is valid with rthdr only */
3090 len += elen(in6p->in6p_outputopts->ip6po_dest1);
3091 len += elen(in6p->in6p_outputopts->ip6po_rthdr);
3092 len += elen(in6p->in6p_outputopts->ip6po_dest2);