2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. Neither the name of the project nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * $KAME: ip6_output.c,v 1.279 2002/01/26 06:12:30 jinmei Exp $
33 * Copyright (c) 1982, 1986, 1988, 1990, 1993
34 * The Regents of the University of California. All rights reserved.
36 * Redistribution and use in source and binary forms, with or without
37 * modification, are permitted provided that the following conditions
39 * 1. Redistributions of source code must retain the above copyright
40 * notice, this list of conditions and the following disclaimer.
41 * 2. Redistributions in binary form must reproduce the above copyright
42 * notice, this list of conditions and the following disclaimer in the
43 * documentation and/or other materials provided with the distribution.
44 * 4. Neither the name of the University nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
60 * @(#)ip_output.c 8.3 (Berkeley) 1/21/94
63 #include <sys/cdefs.h>
64 __FBSDID("$FreeBSD$");
67 #include "opt_inet6.h"
68 #include "opt_ipsec.h"
70 #include <sys/param.h>
71 #include <sys/kernel.h>
72 #include <sys/malloc.h>
74 #include <sys/errno.h>
77 #include <sys/protosw.h>
78 #include <sys/socket.h>
79 #include <sys/socketvar.h>
80 #include <sys/ucred.h>
81 #include <sys/vimage.h>
84 #include <net/netisr.h>
85 #include <net/route.h>
88 #include <netinet/in.h>
89 #include <netinet/in_var.h>
90 #include <netinet6/in6_var.h>
91 #include <netinet/ip6.h>
92 #include <netinet/icmp6.h>
93 #include <netinet6/ip6_var.h>
94 #include <netinet/in_pcb.h>
95 #include <netinet/tcp_var.h>
96 #include <netinet6/nd6.h>
99 #include <netipsec/ipsec.h>
100 #include <netipsec/ipsec6.h>
101 #include <netipsec/key.h>
102 #include <netinet6/ip6_ipsec.h>
105 #include <netinet6/ip6protosw.h>
106 #include <netinet6/scope6_var.h>
108 static MALLOC_DEFINE(M_IP6MOPTS, "ip6_moptions", "internet multicast options");
111 struct mbuf *ip6e_ip6;
112 struct mbuf *ip6e_hbh;
113 struct mbuf *ip6e_dest1;
114 struct mbuf *ip6e_rthdr;
115 struct mbuf *ip6e_dest2;
118 static int ip6_pcbopt __P((int, u_char *, int, struct ip6_pktopts **,
119 struct ucred *, int));
120 static int ip6_pcbopts __P((struct ip6_pktopts **, struct mbuf *,
121 struct socket *, struct sockopt *));
122 static int ip6_getpcbopt(struct ip6_pktopts *, int, struct sockopt *);
123 static int ip6_setpktopt __P((int, u_char *, int, struct ip6_pktopts *,
124 struct ucred *, int, int, int));
126 static int ip6_setmoptions(int, struct ip6_moptions **, struct mbuf *);
127 static int ip6_getmoptions(int, struct ip6_moptions *, struct mbuf **);
128 static int ip6_copyexthdr(struct mbuf **, caddr_t, int);
129 static int ip6_insertfraghdr __P((struct mbuf *, struct mbuf *, int,
130 struct ip6_frag **));
131 static int ip6_insert_jumboopt(struct ip6_exthdrs *, u_int32_t);
132 static int ip6_splithdr(struct mbuf *, struct ip6_exthdrs *);
133 static int ip6_getpmtu __P((struct route_in6 *, struct route_in6 *,
134 struct ifnet *, struct in6_addr *, u_long *, int *));
135 static int copypktopts(struct ip6_pktopts *, struct ip6_pktopts *, int);
139 * Make an extension header from option data. hp is the source, and
140 * mp is the destination.
142 #define MAKE_EXTHDR(hp, mp) \
145 struct ip6_ext *eh = (struct ip6_ext *)(hp); \
146 error = ip6_copyexthdr((mp), (caddr_t)(hp), \
147 ((eh)->ip6e_len + 1) << 3); \
151 } while (/*CONSTCOND*/ 0)
154 * Form a chain of extension headers.
155 * m is the extension header mbuf
156 * mp is the previous mbuf in the chain
157 * p is the next header
158 * i is the type of option.
160 #define MAKE_CHAIN(m, mp, p, i)\
164 panic("assumption failed: hdr not split"); \
165 *mtod((m), u_char *) = *(p);\
167 p = mtod((m), u_char *);\
168 (m)->m_next = (mp)->m_next;\
172 } while (/*CONSTCOND*/ 0)
175 * IP6 output. The packet in mbuf chain m contains a skeletal IP6
176 * header (with pri, len, nxt, hlim, src, dst).
177 * This function may modify ver and hlim only.
178 * The mbuf chain containing the packet will be freed.
179 * The mbuf opt, if present, will not be freed.
181 * type of "mtu": rt_rmx.rmx_mtu is u_long, ifnet.ifr_mtu is int, and
182 * nd_ifinfo.linkmtu is u_int32_t. so we use u_long to hold largest one,
183 * which is rt_rmx.rmx_mtu.
185 * ifpp - XXX: just for statistics
188 ip6_output(struct mbuf *m0, struct ip6_pktopts *opt,
189 struct route_in6 *ro, int flags, struct ip6_moptions *im6o,
190 struct ifnet **ifpp, struct inpcb *inp)
192 INIT_VNET_NET(curvnet);
193 INIT_VNET_INET6(curvnet);
194 struct ip6_hdr *ip6, *mhip6;
195 struct ifnet *ifp, *origifp;
197 struct mbuf *mprev = NULL;
198 int hlen, tlen, len, off;
199 struct route_in6 ip6route;
200 struct rtentry *rt = NULL;
201 struct sockaddr_in6 *dst, src_sa, dst_sa;
202 struct in6_addr odst;
204 struct in6_ifaddr *ia = NULL;
206 int alwaysfrag, dontfrag;
207 u_int32_t optlen = 0, plen = 0, unfragpartlen = 0;
208 struct ip6_exthdrs exthdrs;
209 struct in6_addr finaldst, src0, dst0;
211 struct route_in6 *ro_pmtu = NULL;
215 struct ipsec_output_state state;
216 struct ip6_rthdr *rh = NULL;
217 int needipsectun = 0;
219 struct secpolicy *sp = NULL;
222 ip6 = mtod(m, struct ip6_hdr *);
224 printf ("ip6 is NULL");
228 finaldst = ip6->ip6_dst;
230 bzero(&exthdrs, sizeof(exthdrs));
233 /* Hop-by-Hop options header */
234 MAKE_EXTHDR(opt->ip6po_hbh, &exthdrs.ip6e_hbh);
235 /* Destination options header(1st part) */
236 if (opt->ip6po_rthdr) {
238 * Destination options header(1st part)
239 * This only makes sense with a routing header.
240 * See Section 9.2 of RFC 3542.
241 * Disabling this part just for MIP6 convenience is
242 * a bad idea. We need to think carefully about a
243 * way to make the advanced API coexist with MIP6
244 * options, which might automatically be inserted in
247 MAKE_EXTHDR(opt->ip6po_dest1, &exthdrs.ip6e_dest1);
250 MAKE_EXTHDR(opt->ip6po_rthdr, &exthdrs.ip6e_rthdr);
251 /* Destination options header(2nd part) */
252 MAKE_EXTHDR(opt->ip6po_dest2, &exthdrs.ip6e_dest2);
256 * IPSec checking which handles several cases.
257 * FAST IPSEC: We re-injected the packet.
260 switch(ip6_ipsec_output(&m, inp, &flags, &error, &ifp, &sp))
262 case 1: /* Bad packet */
264 case -1: /* Do IPSec */
266 case 0: /* No IPSec */
273 * Calculate the total length of the extension header chain.
274 * Keep the length of the unfragmentable part for fragmentation.
277 if (exthdrs.ip6e_hbh)
278 optlen += exthdrs.ip6e_hbh->m_len;
279 if (exthdrs.ip6e_dest1)
280 optlen += exthdrs.ip6e_dest1->m_len;
281 if (exthdrs.ip6e_rthdr)
282 optlen += exthdrs.ip6e_rthdr->m_len;
283 unfragpartlen = optlen + sizeof(struct ip6_hdr);
285 /* NOTE: we don't add AH/ESP length here. do that later. */
286 if (exthdrs.ip6e_dest2)
287 optlen += exthdrs.ip6e_dest2->m_len;
290 * If we need IPsec, or there is at least one extension header,
291 * separate IP6 header from the payload.
293 if ((needipsec || optlen) && !hdrsplit) {
294 if ((error = ip6_splithdr(m, &exthdrs)) != 0) {
298 m = exthdrs.ip6e_ip6;
303 ip6 = mtod(m, struct ip6_hdr *);
305 /* adjust mbuf packet header length */
306 m->m_pkthdr.len += optlen;
307 plen = m->m_pkthdr.len - sizeof(*ip6);
309 /* If this is a jumbo payload, insert a jumbo payload option. */
310 if (plen > IPV6_MAXPACKET) {
312 if ((error = ip6_splithdr(m, &exthdrs)) != 0) {
316 m = exthdrs.ip6e_ip6;
320 ip6 = mtod(m, struct ip6_hdr *);
321 if ((error = ip6_insert_jumboopt(&exthdrs, plen)) != 0)
325 ip6->ip6_plen = htons(plen);
328 * Concatenate headers and fill in next header fields.
329 * Here we have, on "m"
331 * and we insert headers accordingly. Finally, we should be getting:
332 * IPv6 hbh dest1 rthdr ah* [esp* dest2 payload]
334 * during the header composing process, "m" points to IPv6 header.
335 * "mprev" points to an extension header prior to esp.
337 u_char *nexthdrp = &ip6->ip6_nxt;
341 * we treat dest2 specially. this makes IPsec processing
342 * much easier. the goal here is to make mprev point the
343 * mbuf prior to dest2.
345 * result: IPv6 dest2 payload
346 * m and mprev will point to IPv6 header.
348 if (exthdrs.ip6e_dest2) {
350 panic("assumption failed: hdr not split");
351 exthdrs.ip6e_dest2->m_next = m->m_next;
352 m->m_next = exthdrs.ip6e_dest2;
353 *mtod(exthdrs.ip6e_dest2, u_char *) = ip6->ip6_nxt;
354 ip6->ip6_nxt = IPPROTO_DSTOPTS;
358 * result: IPv6 hbh dest1 rthdr dest2 payload
359 * m will point to IPv6 header. mprev will point to the
360 * extension header prior to dest2 (rthdr in the above case).
362 MAKE_CHAIN(exthdrs.ip6e_hbh, mprev, nexthdrp, IPPROTO_HOPOPTS);
363 MAKE_CHAIN(exthdrs.ip6e_dest1, mprev, nexthdrp,
365 MAKE_CHAIN(exthdrs.ip6e_rthdr, mprev, nexthdrp,
373 * pointers after IPsec headers are not valid any more.
374 * other pointers need a great care too.
375 * (IPsec routines should not mangle mbufs prior to AH/ESP)
377 exthdrs.ip6e_dest2 = NULL;
379 if (exthdrs.ip6e_rthdr) {
380 rh = mtod(exthdrs.ip6e_rthdr, struct ip6_rthdr *);
381 segleft_org = rh->ip6r_segleft;
382 rh->ip6r_segleft = 0;
385 bzero(&state, sizeof(state));
387 error = ipsec6_output_trans(&state, nexthdrp, mprev, sp, flags,
390 if (error == EJUSTRETURN) {
392 * We had a SP with a level of 'use' and no SA. We
393 * will just continue to process the packet without
398 /* mbuf is already reclaimed in ipsec6_output_trans. */
408 printf("[%s:%d] (ipsec): error code %d\n",
409 __func__, __LINE__, error);
412 /* don't show these error codes to the user */
417 } else if (!needipsectun) {
419 * In the FAST IPSec case we have already
420 * re-injected the packet and it has been freed
421 * by the ipsec_done() function. So, just clean
422 * up after ourselves.
427 if (exthdrs.ip6e_rthdr) {
428 /* ah6_output doesn't modify mbuf chain */
429 rh->ip6r_segleft = segleft_org;
435 * If there is a routing header, replace the destination address field
436 * with the first hop of the routing header.
438 if (exthdrs.ip6e_rthdr) {
439 struct ip6_rthdr *rh =
440 (struct ip6_rthdr *)(mtod(exthdrs.ip6e_rthdr,
441 struct ip6_rthdr *));
442 struct ip6_rthdr0 *rh0;
443 struct in6_addr *addr;
444 struct sockaddr_in6 sa;
446 switch (rh->ip6r_type) {
447 case IPV6_RTHDR_TYPE_0:
448 rh0 = (struct ip6_rthdr0 *)rh;
449 addr = (struct in6_addr *)(rh0 + 1);
452 * construct a sockaddr_in6 form of
455 * XXX: we may not have enough
456 * information about its scope zone;
457 * there is no standard API to pass
458 * the information from the
461 bzero(&sa, sizeof(sa));
462 sa.sin6_family = AF_INET6;
463 sa.sin6_len = sizeof(sa);
464 sa.sin6_addr = addr[0];
465 if ((error = sa6_embedscope(&sa,
466 V_ip6_use_defzone)) != 0) {
469 ip6->ip6_dst = sa.sin6_addr;
470 bcopy(&addr[1], &addr[0], sizeof(struct in6_addr)
471 * (rh0->ip6r0_segleft - 1));
472 addr[rh0->ip6r0_segleft - 1] = finaldst;
474 in6_clearscope(addr + rh0->ip6r0_segleft - 1);
476 default: /* is it possible? */
482 /* Source address validation */
483 if (IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_src) &&
484 (flags & IPV6_UNSPECSRC) == 0) {
486 V_ip6stat.ip6s_badscope++;
489 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_src)) {
491 V_ip6stat.ip6s_badscope++;
495 V_ip6stat.ip6s_localout++;
502 bzero((caddr_t)ro, sizeof(*ro));
505 if (opt && opt->ip6po_rthdr)
506 ro = &opt->ip6po_route;
507 dst = (struct sockaddr_in6 *)&ro->ro_dst;
511 * if specified, try to fill in the traffic class field.
512 * do not override if a non-zero value is already set.
513 * we check the diffserv field and the ecn field separately.
515 if (opt && opt->ip6po_tclass >= 0) {
518 if ((ip6->ip6_flow & htonl(0xfc << 20)) == 0)
520 if ((ip6->ip6_flow & htonl(0x03 << 20)) == 0)
523 ip6->ip6_flow |= htonl((opt->ip6po_tclass & mask) << 20);
526 /* fill in or override the hop limit field, if necessary. */
527 if (opt && opt->ip6po_hlim != -1)
528 ip6->ip6_hlim = opt->ip6po_hlim & 0xff;
529 else if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
531 ip6->ip6_hlim = im6o->im6o_multicast_hlim;
533 ip6->ip6_hlim = V_ip6_defmcasthlim;
538 * We may re-inject packets into the stack here.
540 if (needipsec && needipsectun) {
541 struct ipsec_output_state state;
544 * All the extension headers will become inaccessible
545 * (since they can be encrypted).
546 * Don't panic, we need no more updates to extension headers
547 * on inner IPv6 packet (since they are now encapsulated).
549 * IPv6 [ESP|AH] IPv6 [extension headers] payload
551 bzero(&exthdrs, sizeof(exthdrs));
552 exthdrs.ip6e_ip6 = m;
554 bzero(&state, sizeof(state));
556 state.ro = (struct route *)ro;
557 state.dst = (struct sockaddr *)dst;
559 error = ipsec6_output_tunnel(&state, sp, flags);
562 ro = (struct route_in6 *)state.ro;
563 dst = (struct sockaddr_in6 *)state.dst;
564 if (error == EJUSTRETURN) {
566 * We had a SP with a level of 'use' and no SA. We
567 * will just continue to process the packet without
572 /* mbuf is already reclaimed in ipsec6_output_tunnel. */
583 printf("[%s:%d] (ipsec): error code %d\n",
584 __func__, __LINE__, error);
587 /* don't show these error codes to the user */
594 * In the FAST IPSec case we have already
595 * re-injected the packet and it has been freed
596 * by the ipsec_done() function. So, just clean
597 * up after ourselves.
603 exthdrs.ip6e_ip6 = m;
608 ip6 = mtod(m, struct ip6_hdr *);
610 bzero(&dst_sa, sizeof(dst_sa));
611 dst_sa.sin6_family = AF_INET6;
612 dst_sa.sin6_len = sizeof(dst_sa);
613 dst_sa.sin6_addr = ip6->ip6_dst;
614 if ((error = in6_selectroute(&dst_sa, opt, im6o, ro,
615 &ifp, &rt, 0)) != 0) {
618 V_ip6stat.ip6s_noroute++;
622 break; /* XXX statistics? */
625 in6_ifstat_inc(ifp, ifs6_out_discard);
630 * If in6_selectroute() does not return a route entry,
631 * dst may not have been updated.
633 *dst = dst_sa; /* XXX */
637 * then rt (for unicast) and ifp must be non-NULL valid values.
639 if ((flags & IPV6_FORWARDING) == 0) {
640 /* XXX: the FORWARDING flag can be set for mrouting. */
641 in6_ifstat_inc(ifp, ifs6_out_request);
644 ia = (struct in6_ifaddr *)(rt->rt_ifa);
649 * The outgoing interface must be in the zone of source and
650 * destination addresses. We should use ia_ifp to support the
651 * case of sending packets to an address of our own.
653 if (ia != NULL && ia->ia_ifp)
654 origifp = ia->ia_ifp;
659 if (in6_setscope(&src0, origifp, &zone))
661 bzero(&src_sa, sizeof(src_sa));
662 src_sa.sin6_family = AF_INET6;
663 src_sa.sin6_len = sizeof(src_sa);
664 src_sa.sin6_addr = ip6->ip6_src;
665 if (sa6_recoverscope(&src_sa) || zone != src_sa.sin6_scope_id)
669 if (in6_setscope(&dst0, origifp, &zone))
671 /* re-initialize to be sure */
672 bzero(&dst_sa, sizeof(dst_sa));
673 dst_sa.sin6_family = AF_INET6;
674 dst_sa.sin6_len = sizeof(dst_sa);
675 dst_sa.sin6_addr = ip6->ip6_dst;
676 if (sa6_recoverscope(&dst_sa) || zone != dst_sa.sin6_scope_id) {
680 /* scope check is done. */
684 V_ip6stat.ip6s_badscope++;
685 in6_ifstat_inc(origifp, ifs6_out_discard);
687 error = EHOSTUNREACH; /* XXX */
691 if (rt && !IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
692 if (opt && opt->ip6po_nextroute.ro_rt) {
694 * The nexthop is explicitly specified by the
695 * application. We assume the next hop is an IPv6
698 dst = (struct sockaddr_in6 *)opt->ip6po_nexthop;
700 else if ((rt->rt_flags & RTF_GATEWAY))
701 dst = (struct sockaddr_in6 *)rt->rt_gateway;
704 if (!IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
705 m->m_flags &= ~(M_BCAST | M_MCAST); /* just in case */
707 struct in6_multi *in6m;
709 m->m_flags = (m->m_flags & ~M_BCAST) | M_MCAST;
711 in6_ifstat_inc(ifp, ifs6_out_mcast);
714 * Confirm that the outgoing interface supports multicast.
716 if (!(ifp->if_flags & IFF_MULTICAST)) {
717 V_ip6stat.ip6s_noroute++;
718 in6_ifstat_inc(ifp, ifs6_out_discard);
722 IN6_LOOKUP_MULTI(ip6->ip6_dst, ifp, in6m);
724 (im6o == NULL || im6o->im6o_multicast_loop)) {
726 * If we belong to the destination multicast group
727 * on the outgoing interface, and the caller did not
728 * forbid loopback, loop back a copy.
730 ip6_mloopback(ifp, m, dst);
733 * If we are acting as a multicast router, perform
734 * multicast forwarding as if the packet had just
735 * arrived on the interface to which we are about
736 * to send. The multicast forwarding function
737 * recursively calls this function, using the
738 * IPV6_FORWARDING flag to prevent infinite recursion.
740 * Multicasts that are looped back by ip6_mloopback(),
741 * above, will be forwarded by the ip6_input() routine,
744 if (ip6_mrouter && (flags & IPV6_FORWARDING) == 0) {
746 * XXX: ip6_mforward expects that rcvif is NULL
747 * when it is called from the originating path.
748 * However, it is not always the case, since
749 * some versions of MGETHDR() does not
750 * initialize the field.
752 m->m_pkthdr.rcvif = NULL;
753 if (ip6_mforward(ip6, ifp, m) != 0) {
760 * Multicasts with a hoplimit of zero may be looped back,
761 * above, but must not be transmitted on a network.
762 * Also, multicasts addressed to the loopback interface
763 * are not sent -- the above call to ip6_mloopback() will
764 * loop back a copy if this host actually belongs to the
765 * destination group on the loopback interface.
767 if (ip6->ip6_hlim == 0 || (ifp->if_flags & IFF_LOOPBACK) ||
768 IN6_IS_ADDR_MC_INTFACELOCAL(&ip6->ip6_dst)) {
775 * Fill the outgoing inteface to tell the upper layer
776 * to increment per-interface statistics.
781 /* Determine path MTU. */
782 if ((error = ip6_getpmtu(ro_pmtu, ro, ifp, &finaldst, &mtu,
787 * The caller of this function may specify to use the minimum MTU
789 * An advanced API option (IPV6_USE_MIN_MTU) can also override MTU
790 * setting. The logic is a bit complicated; by default, unicast
791 * packets will follow path MTU while multicast packets will be sent at
792 * the minimum MTU. If IP6PO_MINMTU_ALL is specified, all packets
793 * including unicast ones will be sent at the minimum MTU. Multicast
794 * packets will always be sent at the minimum MTU unless
795 * IP6PO_MINMTU_DISABLE is explicitly specified.
796 * See RFC 3542 for more details.
798 if (mtu > IPV6_MMTU) {
799 if ((flags & IPV6_MINMTU))
801 else if (opt && opt->ip6po_minmtu == IP6PO_MINMTU_ALL)
803 else if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) &&
805 opt->ip6po_minmtu != IP6PO_MINMTU_DISABLE)) {
811 * clear embedded scope identifiers if necessary.
812 * in6_clearscope will touch the addresses only when necessary.
814 in6_clearscope(&ip6->ip6_src);
815 in6_clearscope(&ip6->ip6_dst);
818 * If the outgoing packet contains a hop-by-hop options header,
819 * it must be examined and processed even by the source node.
820 * (RFC 2460, section 4.)
822 if (exthdrs.ip6e_hbh) {
823 struct ip6_hbh *hbh = mtod(exthdrs.ip6e_hbh, struct ip6_hbh *);
824 u_int32_t dummy; /* XXX unused */
825 u_int32_t plen = 0; /* XXX: ip6_process will check the value */
828 if ((hbh->ip6h_len + 1) << 3 > exthdrs.ip6e_hbh->m_len)
829 panic("ip6e_hbh is not continuous");
832 * XXX: if we have to send an ICMPv6 error to the sender,
833 * we need the M_LOOP flag since icmp6_error() expects
834 * the IPv6 and the hop-by-hop options header are
835 * continuous unless the flag is set.
837 m->m_flags |= M_LOOP;
838 m->m_pkthdr.rcvif = ifp;
839 if (ip6_process_hopopts(m, (u_int8_t *)(hbh + 1),
840 ((hbh->ip6h_len + 1) << 3) - sizeof(struct ip6_hbh),
841 &dummy, &plen) < 0) {
842 /* m was already freed at this point */
843 error = EINVAL;/* better error? */
846 m->m_flags &= ~M_LOOP; /* XXX */
847 m->m_pkthdr.rcvif = NULL;
850 /* Jump over all PFIL processing if hooks are not active. */
851 if (!PFIL_HOOKED(&inet6_pfil_hook))
855 /* Run through list of hooks for output packets. */
856 error = pfil_run_hooks(&inet6_pfil_hook, &m, ifp, PFIL_OUT, inp);
857 if (error != 0 || m == NULL)
859 ip6 = mtod(m, struct ip6_hdr *);
861 /* See if destination IP address was changed by packet filter. */
862 if (!IN6_ARE_ADDR_EQUAL(&odst, &ip6->ip6_dst)) {
863 m->m_flags |= M_SKIP_FIREWALL;
864 /* If destination is now ourself drop to ip6_input(). */
865 if (in6_localaddr(&ip6->ip6_dst)) {
866 if (m->m_pkthdr.rcvif == NULL)
867 m->m_pkthdr.rcvif = V_loif;
868 if (m->m_pkthdr.csum_flags & CSUM_DELAY_DATA) {
869 m->m_pkthdr.csum_flags |=
870 CSUM_DATA_VALID | CSUM_PSEUDO_HDR;
871 m->m_pkthdr.csum_data = 0xffff;
873 m->m_pkthdr.csum_flags |=
874 CSUM_IP_CHECKED | CSUM_IP_VALID;
875 error = netisr_queue(NETISR_IPV6, m);
878 goto again; /* Redo the routing table lookup. */
881 /* XXX: IPFIREWALL_FORWARD */
885 * Send the packet to the outgoing interface.
886 * If necessary, do IPv6 fragmentation before sending.
888 * the logic here is rather complex:
889 * 1: normal case (dontfrag == 0, alwaysfrag == 0)
890 * 1-a: send as is if tlen <= path mtu
891 * 1-b: fragment if tlen > path mtu
893 * 2: if user asks us not to fragment (dontfrag == 1)
894 * 2-a: send as is if tlen <= interface mtu
895 * 2-b: error if tlen > interface mtu
897 * 3: if we always need to attach fragment header (alwaysfrag == 1)
900 * 4: if dontfrag == 1 && alwaysfrag == 1
901 * error, as we cannot handle this conflicting request
903 tlen = m->m_pkthdr.len;
905 if (opt && (opt->ip6po_flags & IP6PO_DONTFRAG))
909 if (dontfrag && alwaysfrag) { /* case 4 */
910 /* conflicting request - can't transmit */
914 if (dontfrag && tlen > IN6_LINKMTU(ifp)) { /* case 2-b */
916 * Even if the DONTFRAG option is specified, we cannot send the
917 * packet when the data length is larger than the MTU of the
918 * outgoing interface.
919 * Notify the error by sending IPV6_PATHMTU ancillary data as
920 * well as returning an error code (the latter is not described
924 struct ip6ctlparam ip6cp;
926 mtu32 = (u_int32_t)mtu;
927 bzero(&ip6cp, sizeof(ip6cp));
928 ip6cp.ip6c_cmdarg = (void *)&mtu32;
929 pfctlinput2(PRC_MSGSIZE, (struct sockaddr *)&ro_pmtu->ro_dst,
937 * transmit packet without fragmentation
939 if (dontfrag || (!alwaysfrag && tlen <= mtu)) { /* case 1-a and 2-a */
940 struct in6_ifaddr *ia6;
942 ip6 = mtod(m, struct ip6_hdr *);
943 ia6 = in6_ifawithifp(ifp, &ip6->ip6_src);
945 /* Record statistics for this interface address. */
946 ia6->ia_ifa.if_opackets++;
947 ia6->ia_ifa.if_obytes += m->m_pkthdr.len;
949 error = nd6_output(ifp, origifp, m, dst, ro->ro_rt);
954 * try to fragment the packet. case 1-b and 3
956 if (mtu < IPV6_MMTU) {
957 /* path MTU cannot be less than IPV6_MMTU */
959 in6_ifstat_inc(ifp, ifs6_out_fragfail);
961 } else if (ip6->ip6_plen == 0) {
962 /* jumbo payload cannot be fragmented */
964 in6_ifstat_inc(ifp, ifs6_out_fragfail);
967 struct mbuf **mnext, *m_frgpart;
968 struct ip6_frag *ip6f;
969 u_int32_t id = htonl(ip6_randomid());
972 int qslots = ifp->if_snd.ifq_maxlen - ifp->if_snd.ifq_len;
975 * Too large for the destination or interface;
976 * fragment if possible.
977 * Must be able to put at least 8 bytes per fragment.
979 hlen = unfragpartlen;
980 if (mtu > IPV6_MAXPACKET)
981 mtu = IPV6_MAXPACKET;
983 len = (mtu - hlen - sizeof(struct ip6_frag)) & ~7;
986 in6_ifstat_inc(ifp, ifs6_out_fragfail);
991 * Verify that we have any chance at all of being able to queue
992 * the packet or packet fragments
994 if (qslots <= 0 || ((u_int)qslots * (mtu - hlen)
995 < tlen /* - hlen */)) {
997 V_ip6stat.ip6s_odropped++;
1001 mnext = &m->m_nextpkt;
1004 * Change the next header field of the last header in the
1005 * unfragmentable part.
1007 if (exthdrs.ip6e_rthdr) {
1008 nextproto = *mtod(exthdrs.ip6e_rthdr, u_char *);
1009 *mtod(exthdrs.ip6e_rthdr, u_char *) = IPPROTO_FRAGMENT;
1010 } else if (exthdrs.ip6e_dest1) {
1011 nextproto = *mtod(exthdrs.ip6e_dest1, u_char *);
1012 *mtod(exthdrs.ip6e_dest1, u_char *) = IPPROTO_FRAGMENT;
1013 } else if (exthdrs.ip6e_hbh) {
1014 nextproto = *mtod(exthdrs.ip6e_hbh, u_char *);
1015 *mtod(exthdrs.ip6e_hbh, u_char *) = IPPROTO_FRAGMENT;
1017 nextproto = ip6->ip6_nxt;
1018 ip6->ip6_nxt = IPPROTO_FRAGMENT;
1022 * Loop through length of segment after first fragment,
1023 * make new header and copy data of each part and link onto
1027 for (off = hlen; off < tlen; off += len) {
1028 MGETHDR(m, M_DONTWAIT, MT_HEADER);
1031 V_ip6stat.ip6s_odropped++;
1034 m->m_pkthdr.rcvif = NULL;
1035 m->m_flags = m0->m_flags & M_COPYFLAGS;
1037 mnext = &m->m_nextpkt;
1038 m->m_data += max_linkhdr;
1039 mhip6 = mtod(m, struct ip6_hdr *);
1041 m->m_len = sizeof(*mhip6);
1042 error = ip6_insertfraghdr(m0, m, hlen, &ip6f);
1044 V_ip6stat.ip6s_odropped++;
1047 ip6f->ip6f_offlg = htons((u_short)((off - hlen) & ~7));
1048 if (off + len >= tlen)
1051 ip6f->ip6f_offlg |= IP6F_MORE_FRAG;
1052 mhip6->ip6_plen = htons((u_short)(len + hlen +
1053 sizeof(*ip6f) - sizeof(struct ip6_hdr)));
1054 if ((m_frgpart = m_copy(m0, off, len)) == 0) {
1056 V_ip6stat.ip6s_odropped++;
1059 m_cat(m, m_frgpart);
1060 m->m_pkthdr.len = len + hlen + sizeof(*ip6f);
1061 m->m_pkthdr.rcvif = NULL;
1062 ip6f->ip6f_reserved = 0;
1063 ip6f->ip6f_ident = id;
1064 ip6f->ip6f_nxt = nextproto;
1065 V_ip6stat.ip6s_ofragments++;
1066 in6_ifstat_inc(ifp, ifs6_out_fragcreat);
1069 in6_ifstat_inc(ifp, ifs6_out_fragok);
1073 * Remove leading garbages.
1079 for (m0 = m; m; m = m0) {
1083 /* Record statistics for this interface address. */
1085 ia->ia_ifa.if_opackets++;
1086 ia->ia_ifa.if_obytes += m->m_pkthdr.len;
1088 error = nd6_output(ifp, origifp, m, dst, ro->ro_rt);
1094 V_ip6stat.ip6s_fragmented++;
1097 if (ro == &ip6route && ro->ro_rt) { /* brace necessary for RTFREE */
1099 } else if (ro_pmtu == &ip6route && ro_pmtu->ro_rt) {
1100 RTFREE(ro_pmtu->ro_rt);
1110 m_freem(exthdrs.ip6e_hbh); /* m_freem will check if mbuf is 0 */
1111 m_freem(exthdrs.ip6e_dest1);
1112 m_freem(exthdrs.ip6e_rthdr);
1113 m_freem(exthdrs.ip6e_dest2);
1122 ip6_copyexthdr(struct mbuf **mp, caddr_t hdr, int hlen)
1126 if (hlen > MCLBYTES)
1127 return (ENOBUFS); /* XXX */
1129 MGET(m, M_DONTWAIT, MT_DATA);
1134 MCLGET(m, M_DONTWAIT);
1135 if ((m->m_flags & M_EXT) == 0) {
1142 bcopy(hdr, mtod(m, caddr_t), hlen);
1149 * Insert jumbo payload option.
1152 ip6_insert_jumboopt(struct ip6_exthdrs *exthdrs, u_int32_t plen)
1158 #define JUMBOOPTLEN 8 /* length of jumbo payload option and padding */
1161 * If there is no hop-by-hop options header, allocate new one.
1162 * If there is one but it doesn't have enough space to store the
1163 * jumbo payload option, allocate a cluster to store the whole options.
1164 * Otherwise, use it to store the options.
1166 if (exthdrs->ip6e_hbh == 0) {
1167 MGET(mopt, M_DONTWAIT, MT_DATA);
1170 mopt->m_len = JUMBOOPTLEN;
1171 optbuf = mtod(mopt, u_char *);
1172 optbuf[1] = 0; /* = ((JUMBOOPTLEN) >> 3) - 1 */
1173 exthdrs->ip6e_hbh = mopt;
1175 struct ip6_hbh *hbh;
1177 mopt = exthdrs->ip6e_hbh;
1178 if (M_TRAILINGSPACE(mopt) < JUMBOOPTLEN) {
1181 * - exthdrs->ip6e_hbh is not referenced from places
1182 * other than exthdrs.
1183 * - exthdrs->ip6e_hbh is not an mbuf chain.
1185 int oldoptlen = mopt->m_len;
1189 * XXX: give up if the whole (new) hbh header does
1190 * not fit even in an mbuf cluster.
1192 if (oldoptlen + JUMBOOPTLEN > MCLBYTES)
1196 * As a consequence, we must always prepare a cluster
1199 MGET(n, M_DONTWAIT, MT_DATA);
1201 MCLGET(n, M_DONTWAIT);
1202 if ((n->m_flags & M_EXT) == 0) {
1209 n->m_len = oldoptlen + JUMBOOPTLEN;
1210 bcopy(mtod(mopt, caddr_t), mtod(n, caddr_t),
1212 optbuf = mtod(n, caddr_t) + oldoptlen;
1214 mopt = exthdrs->ip6e_hbh = n;
1216 optbuf = mtod(mopt, u_char *) + mopt->m_len;
1217 mopt->m_len += JUMBOOPTLEN;
1219 optbuf[0] = IP6OPT_PADN;
1223 * Adjust the header length according to the pad and
1224 * the jumbo payload option.
1226 hbh = mtod(mopt, struct ip6_hbh *);
1227 hbh->ip6h_len += (JUMBOOPTLEN >> 3);
1230 /* fill in the option. */
1231 optbuf[2] = IP6OPT_JUMBO;
1233 v = (u_int32_t)htonl(plen + JUMBOOPTLEN);
1234 bcopy(&v, &optbuf[4], sizeof(u_int32_t));
1236 /* finally, adjust the packet header length */
1237 exthdrs->ip6e_ip6->m_pkthdr.len += JUMBOOPTLEN;
1244 * Insert fragment header and copy unfragmentable header portions.
1247 ip6_insertfraghdr(struct mbuf *m0, struct mbuf *m, int hlen,
1248 struct ip6_frag **frghdrp)
1250 struct mbuf *n, *mlast;
1252 if (hlen > sizeof(struct ip6_hdr)) {
1253 n = m_copym(m0, sizeof(struct ip6_hdr),
1254 hlen - sizeof(struct ip6_hdr), M_DONTWAIT);
1261 /* Search for the last mbuf of unfragmentable part. */
1262 for (mlast = n; mlast->m_next; mlast = mlast->m_next)
1265 if ((mlast->m_flags & M_EXT) == 0 &&
1266 M_TRAILINGSPACE(mlast) >= sizeof(struct ip6_frag)) {
1267 /* use the trailing space of the last mbuf for the fragment hdr */
1268 *frghdrp = (struct ip6_frag *)(mtod(mlast, caddr_t) +
1270 mlast->m_len += sizeof(struct ip6_frag);
1271 m->m_pkthdr.len += sizeof(struct ip6_frag);
1273 /* allocate a new mbuf for the fragment header */
1276 MGET(mfrg, M_DONTWAIT, MT_DATA);
1279 mfrg->m_len = sizeof(struct ip6_frag);
1280 *frghdrp = mtod(mfrg, struct ip6_frag *);
1281 mlast->m_next = mfrg;
1288 ip6_getpmtu(struct route_in6 *ro_pmtu, struct route_in6 *ro,
1289 struct ifnet *ifp, struct in6_addr *dst, u_long *mtup,
1296 if (ro_pmtu != ro) {
1297 /* The first hop and the final destination may differ. */
1298 struct sockaddr_in6 *sa6_dst =
1299 (struct sockaddr_in6 *)&ro_pmtu->ro_dst;
1300 if (ro_pmtu->ro_rt &&
1301 ((ro_pmtu->ro_rt->rt_flags & RTF_UP) == 0 ||
1302 !IN6_ARE_ADDR_EQUAL(&sa6_dst->sin6_addr, dst))) {
1303 RTFREE(ro_pmtu->ro_rt);
1304 ro_pmtu->ro_rt = (struct rtentry *)NULL;
1306 if (ro_pmtu->ro_rt == NULL) {
1307 bzero(sa6_dst, sizeof(*sa6_dst));
1308 sa6_dst->sin6_family = AF_INET6;
1309 sa6_dst->sin6_len = sizeof(struct sockaddr_in6);
1310 sa6_dst->sin6_addr = *dst;
1312 rtalloc((struct route *)ro_pmtu);
1315 if (ro_pmtu->ro_rt) {
1317 struct in_conninfo inc;
1319 bzero(&inc, sizeof(inc));
1320 inc.inc_flags = 1; /* IPv6 */
1321 inc.inc6_faddr = *dst;
1324 ifp = ro_pmtu->ro_rt->rt_ifp;
1325 ifmtu = IN6_LINKMTU(ifp);
1326 mtu = tcp_hc_getmtu(&inc);
1328 mtu = min(mtu, ro_pmtu->ro_rt->rt_rmx.rmx_mtu);
1330 mtu = ro_pmtu->ro_rt->rt_rmx.rmx_mtu;
1333 else if (mtu < IPV6_MMTU) {
1335 * RFC2460 section 5, last paragraph:
1336 * if we record ICMPv6 too big message with
1337 * mtu < IPV6_MMTU, transmit packets sized IPV6_MMTU
1338 * or smaller, with framgent header attached.
1339 * (fragment header is needed regardless from the
1340 * packet size, for translators to identify packets)
1344 } else if (mtu > ifmtu) {
1346 * The MTU on the route is larger than the MTU on
1347 * the interface! This shouldn't happen, unless the
1348 * MTU of the interface has been changed after the
1349 * interface was brought up. Change the MTU in the
1350 * route to match the interface MTU (as long as the
1351 * field isn't locked).
1354 ro_pmtu->ro_rt->rt_rmx.rmx_mtu = mtu;
1357 mtu = IN6_LINKMTU(ifp);
1359 error = EHOSTUNREACH; /* XXX */
1363 *alwaysfragp = alwaysfrag;
1368 * IP6 socket option processing.
1371 ip6_ctloutput(struct socket *so, struct sockopt *sopt)
1373 int optdatalen, uproto;
1375 struct inpcb *in6p = sotoinpcb(so);
1377 int level, op, optname;
1381 level = sopt->sopt_level;
1382 op = sopt->sopt_dir;
1383 optname = sopt->sopt_name;
1384 optlen = sopt->sopt_valsize;
1388 uproto = (int)so->so_proto->pr_protocol;
1390 if (level == IPPROTO_IPV6) {
1395 case IPV6_2292PKTOPTIONS:
1396 #ifdef IPV6_PKTOPTIONS
1397 case IPV6_PKTOPTIONS:
1402 error = soopt_getm(sopt, &m); /* XXX */
1405 error = soopt_mcopyin(sopt, m); /* XXX */
1408 error = ip6_pcbopts(&in6p->in6p_outputopts,
1410 m_freem(m); /* XXX */
1415 * Use of some Hop-by-Hop options or some
1416 * Destination options, might require special
1417 * privilege. That is, normal applications
1418 * (without special privilege) might be forbidden
1419 * from setting certain options in outgoing packets,
1420 * and might never see certain options in received
1421 * packets. [RFC 2292 Section 6]
1422 * KAME specific note:
1423 * KAME prevents non-privileged users from sending or
1424 * receiving ANY hbh/dst options in order to avoid
1425 * overhead of parsing options in the kernel.
1427 case IPV6_RECVHOPOPTS:
1428 case IPV6_RECVDSTOPTS:
1429 case IPV6_RECVRTHDRDSTOPTS:
1431 error = priv_check(td,
1432 PRIV_NETINET_SETHDROPTS);
1437 case IPV6_UNICAST_HOPS:
1441 case IPV6_RECVPKTINFO:
1442 case IPV6_RECVHOPLIMIT:
1443 case IPV6_RECVRTHDR:
1444 case IPV6_RECVPATHMTU:
1445 case IPV6_RECVTCLASS:
1447 case IPV6_AUTOFLOWLABEL:
1448 if (optlen != sizeof(int)) {
1452 error = sooptcopyin(sopt, &optval,
1453 sizeof optval, sizeof optval);
1458 case IPV6_UNICAST_HOPS:
1459 if (optval < -1 || optval >= 256)
1462 /* -1 = kernel default */
1463 in6p->in6p_hops = optval;
1464 if ((in6p->in6p_vflag &
1466 in6p->inp_ip_ttl = optval;
1469 #define OPTSET(bit) \
1472 in6p->in6p_flags |= (bit); \
1474 in6p->in6p_flags &= ~(bit); \
1475 } while (/*CONSTCOND*/ 0)
1476 #define OPTSET2292(bit) \
1478 in6p->in6p_flags |= IN6P_RFC2292; \
1480 in6p->in6p_flags |= (bit); \
1482 in6p->in6p_flags &= ~(bit); \
1483 } while (/*CONSTCOND*/ 0)
1484 #define OPTBIT(bit) (in6p->in6p_flags & (bit) ? 1 : 0)
1486 case IPV6_RECVPKTINFO:
1487 /* cannot mix with RFC2292 */
1488 if (OPTBIT(IN6P_RFC2292)) {
1492 OPTSET(IN6P_PKTINFO);
1497 struct ip6_pktopts **optp;
1499 /* cannot mix with RFC2292 */
1500 if (OPTBIT(IN6P_RFC2292)) {
1504 optp = &in6p->in6p_outputopts;
1505 error = ip6_pcbopt(IPV6_HOPLIMIT,
1506 (u_char *)&optval, sizeof(optval),
1507 optp, (td != NULL) ? td->td_ucred :
1512 case IPV6_RECVHOPLIMIT:
1513 /* cannot mix with RFC2292 */
1514 if (OPTBIT(IN6P_RFC2292)) {
1518 OPTSET(IN6P_HOPLIMIT);
1521 case IPV6_RECVHOPOPTS:
1522 /* cannot mix with RFC2292 */
1523 if (OPTBIT(IN6P_RFC2292)) {
1527 OPTSET(IN6P_HOPOPTS);
1530 case IPV6_RECVDSTOPTS:
1531 /* cannot mix with RFC2292 */
1532 if (OPTBIT(IN6P_RFC2292)) {
1536 OPTSET(IN6P_DSTOPTS);
1539 case IPV6_RECVRTHDRDSTOPTS:
1540 /* cannot mix with RFC2292 */
1541 if (OPTBIT(IN6P_RFC2292)) {
1545 OPTSET(IN6P_RTHDRDSTOPTS);
1548 case IPV6_RECVRTHDR:
1549 /* cannot mix with RFC2292 */
1550 if (OPTBIT(IN6P_RFC2292)) {
1561 case IPV6_RECVPATHMTU:
1563 * We ignore this option for TCP
1565 * (RFC3542 leaves this case
1568 if (uproto != IPPROTO_TCP)
1574 * make setsockopt(IPV6_V6ONLY)
1575 * available only prior to bind(2).
1576 * see ipng mailing list, Jun 22 2001.
1578 if (in6p->in6p_lport ||
1579 !IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr)) {
1583 OPTSET(IN6P_IPV6_V6ONLY);
1585 in6p->in6p_vflag &= ~INP_IPV4;
1587 in6p->in6p_vflag |= INP_IPV4;
1589 case IPV6_RECVTCLASS:
1590 /* cannot mix with RFC2292 XXX */
1591 if (OPTBIT(IN6P_RFC2292)) {
1595 OPTSET(IN6P_TCLASS);
1597 case IPV6_AUTOFLOWLABEL:
1598 OPTSET(IN6P_AUTOFLOWLABEL);
1606 case IPV6_USE_MIN_MTU:
1607 case IPV6_PREFER_TEMPADDR:
1608 if (optlen != sizeof(optval)) {
1612 error = sooptcopyin(sopt, &optval,
1613 sizeof optval, sizeof optval);
1617 struct ip6_pktopts **optp;
1618 optp = &in6p->in6p_outputopts;
1619 error = ip6_pcbopt(optname,
1620 (u_char *)&optval, sizeof(optval),
1621 optp, (td != NULL) ? td->td_ucred :
1626 case IPV6_2292PKTINFO:
1627 case IPV6_2292HOPLIMIT:
1628 case IPV6_2292HOPOPTS:
1629 case IPV6_2292DSTOPTS:
1630 case IPV6_2292RTHDR:
1632 if (optlen != sizeof(int)) {
1636 error = sooptcopyin(sopt, &optval,
1637 sizeof optval, sizeof optval);
1641 case IPV6_2292PKTINFO:
1642 OPTSET2292(IN6P_PKTINFO);
1644 case IPV6_2292HOPLIMIT:
1645 OPTSET2292(IN6P_HOPLIMIT);
1647 case IPV6_2292HOPOPTS:
1649 * Check super-user privilege.
1650 * See comments for IPV6_RECVHOPOPTS.
1653 error = priv_check(td,
1654 PRIV_NETINET_SETHDROPTS);
1658 OPTSET2292(IN6P_HOPOPTS);
1660 case IPV6_2292DSTOPTS:
1662 error = priv_check(td,
1663 PRIV_NETINET_SETHDROPTS);
1667 OPTSET2292(IN6P_DSTOPTS|IN6P_RTHDRDSTOPTS); /* XXX */
1669 case IPV6_2292RTHDR:
1670 OPTSET2292(IN6P_RTHDR);
1678 case IPV6_RTHDRDSTOPTS:
1681 /* new advanced API (RFC3542) */
1683 u_char optbuf_storage[MCLBYTES];
1685 struct ip6_pktopts **optp;
1687 /* cannot mix with RFC2292 */
1688 if (OPTBIT(IN6P_RFC2292)) {
1694 * We only ensure valsize is not too large
1695 * here. Further validation will be done
1698 error = sooptcopyin(sopt, optbuf_storage,
1699 sizeof(optbuf_storage), 0);
1702 optlen = sopt->sopt_valsize;
1703 optbuf = optbuf_storage;
1704 optp = &in6p->in6p_outputopts;
1705 error = ip6_pcbopt(optname, optbuf, optlen,
1706 optp, (td != NULL) ? td->td_ucred : NULL,
1712 case IPV6_MULTICAST_IF:
1713 case IPV6_MULTICAST_HOPS:
1714 case IPV6_MULTICAST_LOOP:
1715 case IPV6_JOIN_GROUP:
1716 case IPV6_LEAVE_GROUP:
1718 if (sopt->sopt_valsize > MLEN) {
1728 if (sopt->sopt_valsize > MCLBYTES) {
1733 MGET(m, sopt->sopt_td ? M_WAIT : M_DONTWAIT, MT_DATA);
1738 if (sopt->sopt_valsize > MLEN) {
1739 MCLGET(m, sopt->sopt_td ? M_WAIT : M_DONTWAIT);
1740 if ((m->m_flags & M_EXT) == 0) {
1746 m->m_len = sopt->sopt_valsize;
1747 error = sooptcopyin(sopt, mtod(m, char *),
1748 m->m_len, m->m_len);
1753 error = ip6_setmoptions(sopt->sopt_name,
1754 &in6p->in6p_moptions,
1760 case IPV6_PORTRANGE:
1761 error = sooptcopyin(sopt, &optval,
1762 sizeof optval, sizeof optval);
1767 case IPV6_PORTRANGE_DEFAULT:
1768 in6p->in6p_flags &= ~(IN6P_LOWPORT);
1769 in6p->in6p_flags &= ~(IN6P_HIGHPORT);
1772 case IPV6_PORTRANGE_HIGH:
1773 in6p->in6p_flags &= ~(IN6P_LOWPORT);
1774 in6p->in6p_flags |= IN6P_HIGHPORT;
1777 case IPV6_PORTRANGE_LOW:
1778 in6p->in6p_flags &= ~(IN6P_HIGHPORT);
1779 in6p->in6p_flags |= IN6P_LOWPORT;
1789 case IPV6_IPSEC_POLICY:
1794 if ((error = soopt_getm(sopt, &m)) != 0) /* XXX */
1796 if ((error = soopt_mcopyin(sopt, m)) != 0) /* XXX */
1798 req = mtod(m, caddr_t);
1799 error = ipsec6_set_policy(in6p, optname, req,
1800 m->m_len, (sopt->sopt_td != NULL) ?
1801 sopt->sopt_td->td_ucred : NULL);
1808 error = ENOPROTOOPT;
1816 case IPV6_2292PKTOPTIONS:
1817 #ifdef IPV6_PKTOPTIONS
1818 case IPV6_PKTOPTIONS:
1821 * RFC3542 (effectively) deprecated the
1822 * semantics of the 2292-style pktoptions.
1823 * Since it was not reliable in nature (i.e.,
1824 * applications had to expect the lack of some
1825 * information after all), it would make sense
1826 * to simplify this part by always returning
1829 sopt->sopt_valsize = 0;
1832 case IPV6_RECVHOPOPTS:
1833 case IPV6_RECVDSTOPTS:
1834 case IPV6_RECVRTHDRDSTOPTS:
1835 case IPV6_UNICAST_HOPS:
1836 case IPV6_RECVPKTINFO:
1837 case IPV6_RECVHOPLIMIT:
1838 case IPV6_RECVRTHDR:
1839 case IPV6_RECVPATHMTU:
1843 case IPV6_PORTRANGE:
1844 case IPV6_RECVTCLASS:
1845 case IPV6_AUTOFLOWLABEL:
1848 case IPV6_RECVHOPOPTS:
1849 optval = OPTBIT(IN6P_HOPOPTS);
1852 case IPV6_RECVDSTOPTS:
1853 optval = OPTBIT(IN6P_DSTOPTS);
1856 case IPV6_RECVRTHDRDSTOPTS:
1857 optval = OPTBIT(IN6P_RTHDRDSTOPTS);
1860 case IPV6_UNICAST_HOPS:
1861 optval = in6p->in6p_hops;
1864 case IPV6_RECVPKTINFO:
1865 optval = OPTBIT(IN6P_PKTINFO);
1868 case IPV6_RECVHOPLIMIT:
1869 optval = OPTBIT(IN6P_HOPLIMIT);
1872 case IPV6_RECVRTHDR:
1873 optval = OPTBIT(IN6P_RTHDR);
1876 case IPV6_RECVPATHMTU:
1877 optval = OPTBIT(IN6P_MTU);
1881 optval = OPTBIT(IN6P_FAITH);
1885 optval = OPTBIT(IN6P_IPV6_V6ONLY);
1888 case IPV6_PORTRANGE:
1891 flags = in6p->in6p_flags;
1892 if (flags & IN6P_HIGHPORT)
1893 optval = IPV6_PORTRANGE_HIGH;
1894 else if (flags & IN6P_LOWPORT)
1895 optval = IPV6_PORTRANGE_LOW;
1900 case IPV6_RECVTCLASS:
1901 optval = OPTBIT(IN6P_TCLASS);
1904 case IPV6_AUTOFLOWLABEL:
1905 optval = OPTBIT(IN6P_AUTOFLOWLABEL);
1910 error = sooptcopyout(sopt, &optval,
1917 struct ip6_mtuinfo mtuinfo;
1918 struct route_in6 sro;
1920 bzero(&sro, sizeof(sro));
1922 if (!(so->so_state & SS_ISCONNECTED))
1925 * XXX: we dot not consider the case of source
1926 * routing, or optional information to specify
1927 * the outgoing interface.
1929 error = ip6_getpmtu(&sro, NULL, NULL,
1930 &in6p->in6p_faddr, &pmtu, NULL);
1935 if (pmtu > IPV6_MAXPACKET)
1936 pmtu = IPV6_MAXPACKET;
1938 bzero(&mtuinfo, sizeof(mtuinfo));
1939 mtuinfo.ip6m_mtu = (u_int32_t)pmtu;
1940 optdata = (void *)&mtuinfo;
1941 optdatalen = sizeof(mtuinfo);
1942 error = sooptcopyout(sopt, optdata,
1947 case IPV6_2292PKTINFO:
1948 case IPV6_2292HOPLIMIT:
1949 case IPV6_2292HOPOPTS:
1950 case IPV6_2292RTHDR:
1951 case IPV6_2292DSTOPTS:
1953 case IPV6_2292PKTINFO:
1954 optval = OPTBIT(IN6P_PKTINFO);
1956 case IPV6_2292HOPLIMIT:
1957 optval = OPTBIT(IN6P_HOPLIMIT);
1959 case IPV6_2292HOPOPTS:
1960 optval = OPTBIT(IN6P_HOPOPTS);
1962 case IPV6_2292RTHDR:
1963 optval = OPTBIT(IN6P_RTHDR);
1965 case IPV6_2292DSTOPTS:
1966 optval = OPTBIT(IN6P_DSTOPTS|IN6P_RTHDRDSTOPTS);
1969 error = sooptcopyout(sopt, &optval,
1976 case IPV6_RTHDRDSTOPTS:
1980 case IPV6_USE_MIN_MTU:
1981 case IPV6_PREFER_TEMPADDR:
1982 error = ip6_getpcbopt(in6p->in6p_outputopts,
1986 case IPV6_MULTICAST_IF:
1987 case IPV6_MULTICAST_HOPS:
1988 case IPV6_MULTICAST_LOOP:
1989 case IPV6_JOIN_GROUP:
1990 case IPV6_LEAVE_GROUP:
1993 error = ip6_getmoptions(sopt->sopt_name,
1994 in6p->in6p_moptions, &m);
1996 error = sooptcopyout(sopt,
1997 mtod(m, char *), m->m_len);
2003 case IPV6_IPSEC_POLICY:
2007 struct mbuf *m = NULL;
2008 struct mbuf **mp = &m;
2009 size_t ovalsize = sopt->sopt_valsize;
2010 caddr_t oval = (caddr_t)sopt->sopt_val;
2012 error = soopt_getm(sopt, &m); /* XXX */
2015 error = soopt_mcopyin(sopt, m); /* XXX */
2018 sopt->sopt_valsize = ovalsize;
2019 sopt->sopt_val = oval;
2021 req = mtod(m, caddr_t);
2024 error = ipsec6_get_policy(in6p, req, len, mp);
2026 error = soopt_mcopyout(sopt, m); /* XXX */
2027 if (error == 0 && m)
2034 error = ENOPROTOOPT;
2039 } else { /* level != IPPROTO_IPV6 */
2046 ip6_raw_ctloutput(struct socket *so, struct sockopt *sopt)
2048 int error = 0, optval, optlen;
2049 const int icmp6off = offsetof(struct icmp6_hdr, icmp6_cksum);
2050 struct in6pcb *in6p = sotoin6pcb(so);
2051 int level, op, optname;
2053 level = sopt->sopt_level;
2054 op = sopt->sopt_dir;
2055 optname = sopt->sopt_name;
2056 optlen = sopt->sopt_valsize;
2058 if (level != IPPROTO_IPV6) {
2065 * For ICMPv6 sockets, no modification allowed for checksum
2066 * offset, permit "no change" values to help existing apps.
2068 * RFC3542 says: "An attempt to set IPV6_CHECKSUM
2069 * for an ICMPv6 socket will fail."
2070 * The current behavior does not meet RFC3542.
2074 if (optlen != sizeof(int)) {
2078 error = sooptcopyin(sopt, &optval, sizeof(optval),
2082 if ((optval % 2) != 0) {
2083 /* the API assumes even offset values */
2085 } else if (so->so_proto->pr_protocol ==
2087 if (optval != icmp6off)
2090 in6p->in6p_cksum = optval;
2094 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6)
2097 optval = in6p->in6p_cksum;
2099 error = sooptcopyout(sopt, &optval, sizeof(optval));
2109 error = ENOPROTOOPT;
2117 * Set up IP6 options in pcb for insertion in output packets or
2118 * specifying behavior of outgoing packets.
2121 ip6_pcbopts(struct ip6_pktopts **pktopt, struct mbuf *m,
2122 struct socket *so, struct sockopt *sopt)
2124 struct ip6_pktopts *opt = *pktopt;
2126 struct thread *td = sopt->sopt_td;
2128 /* turn off any old options. */
2131 if (opt->ip6po_pktinfo || opt->ip6po_nexthop ||
2132 opt->ip6po_hbh || opt->ip6po_dest1 || opt->ip6po_dest2 ||
2133 opt->ip6po_rhinfo.ip6po_rhi_rthdr)
2134 printf("ip6_pcbopts: all specified options are cleared.\n");
2136 ip6_clearpktopts(opt, -1);
2138 opt = malloc(sizeof(*opt), M_IP6OPT, M_WAITOK);
2141 if (!m || m->m_len == 0) {
2143 * Only turning off any previous options, regardless of
2144 * whether the opt is just created or given.
2146 free(opt, M_IP6OPT);
2150 /* set options specified by user. */
2151 if ((error = ip6_setpktopts(m, opt, NULL, (td != NULL) ?
2152 td->td_ucred : NULL, so->so_proto->pr_protocol)) != 0) {
2153 ip6_clearpktopts(opt, -1); /* XXX: discard all options */
2154 free(opt, M_IP6OPT);
2162 * initialize ip6_pktopts. beware that there are non-zero default values in
2166 ip6_initpktopts(struct ip6_pktopts *opt)
2169 bzero(opt, sizeof(*opt));
2170 opt->ip6po_hlim = -1; /* -1 means default hop limit */
2171 opt->ip6po_tclass = -1; /* -1 means default traffic class */
2172 opt->ip6po_minmtu = IP6PO_MINMTU_MCASTONLY;
2173 opt->ip6po_prefer_tempaddr = IP6PO_TEMPADDR_SYSTEM;
2177 ip6_pcbopt(int optname, u_char *buf, int len, struct ip6_pktopts **pktopt,
2178 struct ucred *cred, int uproto)
2180 struct ip6_pktopts *opt;
2182 if (*pktopt == NULL) {
2183 *pktopt = malloc(sizeof(struct ip6_pktopts), M_IP6OPT,
2185 ip6_initpktopts(*pktopt);
2189 return (ip6_setpktopt(optname, buf, len, opt, cred, 1, 0, uproto));
2193 ip6_getpcbopt(struct ip6_pktopts *pktopt, int optname, struct sockopt *sopt)
2195 void *optdata = NULL;
2197 struct ip6_ext *ip6e;
2199 struct in6_pktinfo null_pktinfo;
2200 int deftclass = 0, on;
2201 int defminmtu = IP6PO_MINMTU_MCASTONLY;
2202 int defpreftemp = IP6PO_TEMPADDR_SYSTEM;
2206 if (pktopt && pktopt->ip6po_pktinfo)
2207 optdata = (void *)pktopt->ip6po_pktinfo;
2209 /* XXX: we don't have to do this every time... */
2210 bzero(&null_pktinfo, sizeof(null_pktinfo));
2211 optdata = (void *)&null_pktinfo;
2213 optdatalen = sizeof(struct in6_pktinfo);
2216 if (pktopt && pktopt->ip6po_tclass >= 0)
2217 optdata = (void *)&pktopt->ip6po_tclass;
2219 optdata = (void *)&deftclass;
2220 optdatalen = sizeof(int);
2223 if (pktopt && pktopt->ip6po_hbh) {
2224 optdata = (void *)pktopt->ip6po_hbh;
2225 ip6e = (struct ip6_ext *)pktopt->ip6po_hbh;
2226 optdatalen = (ip6e->ip6e_len + 1) << 3;
2230 if (pktopt && pktopt->ip6po_rthdr) {
2231 optdata = (void *)pktopt->ip6po_rthdr;
2232 ip6e = (struct ip6_ext *)pktopt->ip6po_rthdr;
2233 optdatalen = (ip6e->ip6e_len + 1) << 3;
2236 case IPV6_RTHDRDSTOPTS:
2237 if (pktopt && pktopt->ip6po_dest1) {
2238 optdata = (void *)pktopt->ip6po_dest1;
2239 ip6e = (struct ip6_ext *)pktopt->ip6po_dest1;
2240 optdatalen = (ip6e->ip6e_len + 1) << 3;
2244 if (pktopt && pktopt->ip6po_dest2) {
2245 optdata = (void *)pktopt->ip6po_dest2;
2246 ip6e = (struct ip6_ext *)pktopt->ip6po_dest2;
2247 optdatalen = (ip6e->ip6e_len + 1) << 3;
2251 if (pktopt && pktopt->ip6po_nexthop) {
2252 optdata = (void *)pktopt->ip6po_nexthop;
2253 optdatalen = pktopt->ip6po_nexthop->sa_len;
2256 case IPV6_USE_MIN_MTU:
2258 optdata = (void *)&pktopt->ip6po_minmtu;
2260 optdata = (void *)&defminmtu;
2261 optdatalen = sizeof(int);
2264 if (pktopt && ((pktopt->ip6po_flags) & IP6PO_DONTFRAG))
2268 optdata = (void *)&on;
2269 optdatalen = sizeof(on);
2271 case IPV6_PREFER_TEMPADDR:
2273 optdata = (void *)&pktopt->ip6po_prefer_tempaddr;
2275 optdata = (void *)&defpreftemp;
2276 optdatalen = sizeof(int);
2278 default: /* should not happen */
2280 panic("ip6_getpcbopt: unexpected option\n");
2282 return (ENOPROTOOPT);
2285 error = sooptcopyout(sopt, optdata, optdatalen);
2291 ip6_clearpktopts(struct ip6_pktopts *pktopt, int optname)
2296 if (optname == -1 || optname == IPV6_PKTINFO) {
2297 if (pktopt->ip6po_pktinfo)
2298 free(pktopt->ip6po_pktinfo, M_IP6OPT);
2299 pktopt->ip6po_pktinfo = NULL;
2301 if (optname == -1 || optname == IPV6_HOPLIMIT)
2302 pktopt->ip6po_hlim = -1;
2303 if (optname == -1 || optname == IPV6_TCLASS)
2304 pktopt->ip6po_tclass = -1;
2305 if (optname == -1 || optname == IPV6_NEXTHOP) {
2306 if (pktopt->ip6po_nextroute.ro_rt) {
2307 RTFREE(pktopt->ip6po_nextroute.ro_rt);
2308 pktopt->ip6po_nextroute.ro_rt = NULL;
2310 if (pktopt->ip6po_nexthop)
2311 free(pktopt->ip6po_nexthop, M_IP6OPT);
2312 pktopt->ip6po_nexthop = NULL;
2314 if (optname == -1 || optname == IPV6_HOPOPTS) {
2315 if (pktopt->ip6po_hbh)
2316 free(pktopt->ip6po_hbh, M_IP6OPT);
2317 pktopt->ip6po_hbh = NULL;
2319 if (optname == -1 || optname == IPV6_RTHDRDSTOPTS) {
2320 if (pktopt->ip6po_dest1)
2321 free(pktopt->ip6po_dest1, M_IP6OPT);
2322 pktopt->ip6po_dest1 = NULL;
2324 if (optname == -1 || optname == IPV6_RTHDR) {
2325 if (pktopt->ip6po_rhinfo.ip6po_rhi_rthdr)
2326 free(pktopt->ip6po_rhinfo.ip6po_rhi_rthdr, M_IP6OPT);
2327 pktopt->ip6po_rhinfo.ip6po_rhi_rthdr = NULL;
2328 if (pktopt->ip6po_route.ro_rt) {
2329 RTFREE(pktopt->ip6po_route.ro_rt);
2330 pktopt->ip6po_route.ro_rt = NULL;
2333 if (optname == -1 || optname == IPV6_DSTOPTS) {
2334 if (pktopt->ip6po_dest2)
2335 free(pktopt->ip6po_dest2, M_IP6OPT);
2336 pktopt->ip6po_dest2 = NULL;
2340 #define PKTOPT_EXTHDRCPY(type) \
2343 int hlen = (((struct ip6_ext *)src->type)->ip6e_len + 1) << 3;\
2344 dst->type = malloc(hlen, M_IP6OPT, canwait);\
2345 if (dst->type == NULL && canwait == M_NOWAIT)\
2347 bcopy(src->type, dst->type, hlen);\
2349 } while (/*CONSTCOND*/ 0)
2352 copypktopts(struct ip6_pktopts *dst, struct ip6_pktopts *src, int canwait)
2354 if (dst == NULL || src == NULL) {
2355 printf("ip6_clearpktopts: invalid argument\n");
2359 dst->ip6po_hlim = src->ip6po_hlim;
2360 dst->ip6po_tclass = src->ip6po_tclass;
2361 dst->ip6po_flags = src->ip6po_flags;
2362 if (src->ip6po_pktinfo) {
2363 dst->ip6po_pktinfo = malloc(sizeof(*dst->ip6po_pktinfo),
2365 if (dst->ip6po_pktinfo == NULL)
2367 *dst->ip6po_pktinfo = *src->ip6po_pktinfo;
2369 if (src->ip6po_nexthop) {
2370 dst->ip6po_nexthop = malloc(src->ip6po_nexthop->sa_len,
2372 if (dst->ip6po_nexthop == NULL)
2374 bcopy(src->ip6po_nexthop, dst->ip6po_nexthop,
2375 src->ip6po_nexthop->sa_len);
2377 PKTOPT_EXTHDRCPY(ip6po_hbh);
2378 PKTOPT_EXTHDRCPY(ip6po_dest1);
2379 PKTOPT_EXTHDRCPY(ip6po_dest2);
2380 PKTOPT_EXTHDRCPY(ip6po_rthdr); /* not copy the cached route */
2384 ip6_clearpktopts(dst, -1);
2387 #undef PKTOPT_EXTHDRCPY
2389 struct ip6_pktopts *
2390 ip6_copypktopts(struct ip6_pktopts *src, int canwait)
2393 struct ip6_pktopts *dst;
2395 dst = malloc(sizeof(*dst), M_IP6OPT, canwait);
2398 ip6_initpktopts(dst);
2400 if ((error = copypktopts(dst, src, canwait)) != 0) {
2401 free(dst, M_IP6OPT);
2409 ip6_freepcbopts(struct ip6_pktopts *pktopt)
2414 ip6_clearpktopts(pktopt, -1);
2416 free(pktopt, M_IP6OPT);
2420 * Set the IP6 multicast options in response to user setsockopt().
2423 ip6_setmoptions(int optname, struct ip6_moptions **im6op, struct mbuf *m)
2425 INIT_VNET_NET(curvnet);
2426 INIT_VNET_INET6(curvnet);
2428 u_int loop, ifindex;
2429 struct ipv6_mreq *mreq;
2431 struct ip6_moptions *im6o = *im6op;
2432 struct route_in6 ro;
2433 struct in6_multi_mship *imm;
2437 * No multicast option buffer attached to the pcb;
2438 * allocate one and initialize to default values.
2440 im6o = (struct ip6_moptions *)
2441 malloc(sizeof(*im6o), M_IP6MOPTS, M_WAITOK);
2446 im6o->im6o_multicast_ifp = NULL;
2447 im6o->im6o_multicast_hlim = V_ip6_defmcasthlim;
2448 im6o->im6o_multicast_loop = IPV6_DEFAULT_MULTICAST_LOOP;
2449 LIST_INIT(&im6o->im6o_memberships);
2454 case IPV6_MULTICAST_IF:
2456 * Select the interface for outgoing multicast packets.
2458 if (m == NULL || m->m_len != sizeof(u_int)) {
2462 bcopy(mtod(m, u_int *), &ifindex, sizeof(ifindex));
2463 if (ifindex < 0 || V_if_index < ifindex) {
2464 error = ENXIO; /* XXX EINVAL? */
2467 ifp = ifnet_byindex(ifindex);
2468 if (ifp == NULL || (ifp->if_flags & IFF_MULTICAST) == 0) {
2469 error = EADDRNOTAVAIL;
2472 im6o->im6o_multicast_ifp = ifp;
2475 case IPV6_MULTICAST_HOPS:
2478 * Set the IP6 hoplimit for outgoing multicast packets.
2481 if (m == NULL || m->m_len != sizeof(int)) {
2485 bcopy(mtod(m, u_int *), &optval, sizeof(optval));
2486 if (optval < -1 || optval >= 256)
2488 else if (optval == -1)
2489 im6o->im6o_multicast_hlim = V_ip6_defmcasthlim;
2491 im6o->im6o_multicast_hlim = optval;
2495 case IPV6_MULTICAST_LOOP:
2497 * Set the loopback flag for outgoing multicast packets.
2498 * Must be zero or one.
2500 if (m == NULL || m->m_len != sizeof(u_int)) {
2504 bcopy(mtod(m, u_int *), &loop, sizeof(loop));
2509 im6o->im6o_multicast_loop = loop;
2512 case IPV6_JOIN_GROUP:
2514 * Add a multicast group membership.
2515 * Group must be a valid IP6 multicast address.
2517 if (m == NULL || m->m_len != sizeof(struct ipv6_mreq)) {
2521 mreq = mtod(m, struct ipv6_mreq *);
2523 if (IN6_IS_ADDR_UNSPECIFIED(&mreq->ipv6mr_multiaddr)) {
2525 * We use the unspecified address to specify to accept
2526 * all multicast addresses. Only super user is allowed
2529 /* XXX-BZ might need a better PRIV_NETINET_x for this */
2530 error = priv_check(curthread, PRIV_NETINET_MROUTE);
2533 } else if (!IN6_IS_ADDR_MULTICAST(&mreq->ipv6mr_multiaddr)) {
2539 * If no interface was explicitly specified, choose an
2540 * appropriate one according to the given multicast address.
2542 if (mreq->ipv6mr_interface == 0) {
2543 struct sockaddr_in6 *dst;
2546 * Look up the routing table for the
2547 * address, and choose the outgoing interface.
2548 * XXX: is it a good approach?
2551 dst = (struct sockaddr_in6 *)&ro.ro_dst;
2552 bzero(dst, sizeof(*dst));
2553 dst->sin6_family = AF_INET6;
2554 dst->sin6_len = sizeof(*dst);
2555 dst->sin6_addr = mreq->ipv6mr_multiaddr;
2556 rtalloc((struct route *)&ro);
2557 if (ro.ro_rt == NULL) {
2558 error = EADDRNOTAVAIL;
2561 ifp = ro.ro_rt->rt_ifp;
2565 * If the interface is specified, validate it.
2567 if (mreq->ipv6mr_interface < 0 ||
2568 V_if_index < mreq->ipv6mr_interface) {
2569 error = ENXIO; /* XXX EINVAL? */
2572 ifp = ifnet_byindex(mreq->ipv6mr_interface);
2574 error = ENXIO; /* XXX EINVAL? */
2580 * See if we found an interface, and confirm that it
2581 * supports multicast
2583 if (ifp == NULL || (ifp->if_flags & IFF_MULTICAST) == 0) {
2584 error = EADDRNOTAVAIL;
2588 if (in6_setscope(&mreq->ipv6mr_multiaddr, ifp, NULL)) {
2589 error = EADDRNOTAVAIL; /* XXX: should not happen */
2594 * See if the membership already exists.
2596 for (imm = im6o->im6o_memberships.lh_first;
2597 imm != NULL; imm = imm->i6mm_chain.le_next)
2598 if (imm->i6mm_maddr->in6m_ifp == ifp &&
2599 IN6_ARE_ADDR_EQUAL(&imm->i6mm_maddr->in6m_addr,
2600 &mreq->ipv6mr_multiaddr))
2607 * Everything looks good; add a new record to the multicast
2608 * address list for the given interface.
2610 imm = in6_joingroup(ifp, &mreq->ipv6mr_multiaddr, &error, 0);
2613 LIST_INSERT_HEAD(&im6o->im6o_memberships, imm, i6mm_chain);
2616 case IPV6_LEAVE_GROUP:
2618 * Drop a multicast group membership.
2619 * Group must be a valid IP6 multicast address.
2621 if (m == NULL || m->m_len != sizeof(struct ipv6_mreq)) {
2625 mreq = mtod(m, struct ipv6_mreq *);
2628 * If an interface address was specified, get a pointer
2629 * to its ifnet structure.
2631 if (mreq->ipv6mr_interface < 0 ||
2632 V_if_index < mreq->ipv6mr_interface) {
2633 error = ENXIO; /* XXX EINVAL? */
2636 if (mreq->ipv6mr_interface == 0)
2639 ifp = ifnet_byindex(mreq->ipv6mr_interface);
2641 /* Fill in the scope zone ID */
2643 if (in6_setscope(&mreq->ipv6mr_multiaddr, ifp, NULL)) {
2644 /* XXX: should not happen */
2645 error = EADDRNOTAVAIL;
2648 } else if (mreq->ipv6mr_interface != 0) {
2650 * This case happens when the (positive) index is in
2651 * the valid range, but the corresponding interface has
2652 * been detached dynamically (XXX).
2654 error = EADDRNOTAVAIL;
2656 } else { /* ipv6mr_interface == 0 */
2657 struct sockaddr_in6 sa6_mc;
2660 * The API spec says as follows:
2661 * If the interface index is specified as 0, the
2662 * system may choose a multicast group membership to
2663 * drop by matching the multicast address only.
2664 * On the other hand, we cannot disambiguate the scope
2665 * zone unless an interface is provided. Thus, we
2666 * check if there's ambiguity with the default scope
2667 * zone as the last resort.
2669 bzero(&sa6_mc, sizeof(sa6_mc));
2670 sa6_mc.sin6_family = AF_INET6;
2671 sa6_mc.sin6_len = sizeof(sa6_mc);
2672 sa6_mc.sin6_addr = mreq->ipv6mr_multiaddr;
2673 error = sa6_embedscope(&sa6_mc, V_ip6_use_defzone);
2676 mreq->ipv6mr_multiaddr = sa6_mc.sin6_addr;
2680 * Find the membership in the membership list.
2682 for (imm = im6o->im6o_memberships.lh_first;
2683 imm != NULL; imm = imm->i6mm_chain.le_next) {
2684 if ((ifp == NULL || imm->i6mm_maddr->in6m_ifp == ifp) &&
2685 IN6_ARE_ADDR_EQUAL(&imm->i6mm_maddr->in6m_addr,
2686 &mreq->ipv6mr_multiaddr))
2690 /* Unable to resolve interface */
2691 error = EADDRNOTAVAIL;
2695 * Give up the multicast address record to which the
2696 * membership points.
2698 LIST_REMOVE(imm, i6mm_chain);
2699 in6_delmulti(imm->i6mm_maddr);
2700 free(imm, M_IP6MADDR);
2709 * If all options have default values, no need to keep the mbuf.
2711 if (im6o->im6o_multicast_ifp == NULL &&
2712 im6o->im6o_multicast_hlim == V_ip6_defmcasthlim &&
2713 im6o->im6o_multicast_loop == IPV6_DEFAULT_MULTICAST_LOOP &&
2714 im6o->im6o_memberships.lh_first == NULL) {
2715 free(*im6op, M_IP6MOPTS);
2723 * Return the IP6 multicast options in response to user getsockopt().
2726 ip6_getmoptions(int optname, struct ip6_moptions *im6o, struct mbuf **mp)
2728 INIT_VNET_INET6(curvnet);
2729 u_int *hlim, *loop, *ifindex;
2731 *mp = m_get(M_WAIT, MT_HEADER); /* XXX */
2735 case IPV6_MULTICAST_IF:
2736 ifindex = mtod(*mp, u_int *);
2737 (*mp)->m_len = sizeof(u_int);
2738 if (im6o == NULL || im6o->im6o_multicast_ifp == NULL)
2741 *ifindex = im6o->im6o_multicast_ifp->if_index;
2744 case IPV6_MULTICAST_HOPS:
2745 hlim = mtod(*mp, u_int *);
2746 (*mp)->m_len = sizeof(u_int);
2748 *hlim = V_ip6_defmcasthlim;
2750 *hlim = im6o->im6o_multicast_hlim;
2753 case IPV6_MULTICAST_LOOP:
2754 loop = mtod(*mp, u_int *);
2755 (*mp)->m_len = sizeof(u_int);
2757 *loop = V_ip6_defmcasthlim;
2759 *loop = im6o->im6o_multicast_loop;
2763 return (EOPNOTSUPP);
2768 * Discard the IP6 multicast options.
2771 ip6_freemoptions(struct ip6_moptions *im6o)
2773 struct in6_multi_mship *imm;
2778 while ((imm = im6o->im6o_memberships.lh_first) != NULL) {
2779 LIST_REMOVE(imm, i6mm_chain);
2780 if (imm->i6mm_maddr)
2781 in6_delmulti(imm->i6mm_maddr);
2782 free(imm, M_IP6MADDR);
2784 free(im6o, M_IP6MOPTS);
2788 * Set IPv6 outgoing packet options based on advanced API.
2791 ip6_setpktopts(struct mbuf *control, struct ip6_pktopts *opt,
2792 struct ip6_pktopts *stickyopt, struct ucred *cred, int uproto)
2794 struct cmsghdr *cm = 0;
2796 if (control == NULL || opt == NULL)
2799 ip6_initpktopts(opt);
2804 * If stickyopt is provided, make a local copy of the options
2805 * for this particular packet, then override them by ancillary
2807 * XXX: copypktopts() does not copy the cached route to a next
2808 * hop (if any). This is not very good in terms of efficiency,
2809 * but we can allow this since this option should be rarely
2812 if ((error = copypktopts(opt, stickyopt, M_NOWAIT)) != 0)
2817 * XXX: Currently, we assume all the optional information is stored
2820 if (control->m_next)
2823 for (; control->m_len > 0; control->m_data += CMSG_ALIGN(cm->cmsg_len),
2824 control->m_len -= CMSG_ALIGN(cm->cmsg_len)) {
2827 if (control->m_len < CMSG_LEN(0))
2830 cm = mtod(control, struct cmsghdr *);
2831 if (cm->cmsg_len == 0 || cm->cmsg_len > control->m_len)
2833 if (cm->cmsg_level != IPPROTO_IPV6)
2836 error = ip6_setpktopt(cm->cmsg_type, CMSG_DATA(cm),
2837 cm->cmsg_len - CMSG_LEN(0), opt, cred, 0, 1, uproto);
2846 * Set a particular packet option, as a sticky option or an ancillary data
2847 * item. "len" can be 0 only when it's a sticky option.
2848 * We have 4 cases of combination of "sticky" and "cmsg":
2849 * "sticky=0, cmsg=0": impossible
2850 * "sticky=0, cmsg=1": RFC2292 or RFC3542 ancillary data
2851 * "sticky=1, cmsg=0": RFC3542 socket option
2852 * "sticky=1, cmsg=1": RFC2292 socket option
2855 ip6_setpktopt(int optname, u_char *buf, int len, struct ip6_pktopts *opt,
2856 struct ucred *cred, int sticky, int cmsg, int uproto)
2858 INIT_VNET_NET(curvnet);
2859 INIT_VNET_INET6(curvnet);
2860 int minmtupolicy, preftemp;
2863 if (!sticky && !cmsg) {
2865 printf("ip6_setpktopt: impossible case\n");
2871 * IPV6_2292xxx is for backward compatibility to RFC2292, and should
2872 * not be specified in the context of RFC3542. Conversely,
2873 * RFC3542 types should not be specified in the context of RFC2292.
2877 case IPV6_2292PKTINFO:
2878 case IPV6_2292HOPLIMIT:
2879 case IPV6_2292NEXTHOP:
2880 case IPV6_2292HOPOPTS:
2881 case IPV6_2292DSTOPTS:
2882 case IPV6_2292RTHDR:
2883 case IPV6_2292PKTOPTIONS:
2884 return (ENOPROTOOPT);
2887 if (sticky && cmsg) {
2894 case IPV6_RTHDRDSTOPTS:
2896 case IPV6_USE_MIN_MTU:
2899 case IPV6_PREFER_TEMPADDR: /* XXX: not an RFC3542 option */
2900 return (ENOPROTOOPT);
2905 case IPV6_2292PKTINFO:
2908 struct ifnet *ifp = NULL;
2909 struct in6_pktinfo *pktinfo;
2911 if (len != sizeof(struct in6_pktinfo))
2914 pktinfo = (struct in6_pktinfo *)buf;
2917 * An application can clear any sticky IPV6_PKTINFO option by
2918 * doing a "regular" setsockopt with ipi6_addr being
2919 * in6addr_any and ipi6_ifindex being zero.
2920 * [RFC 3542, Section 6]
2922 if (optname == IPV6_PKTINFO && opt->ip6po_pktinfo &&
2923 pktinfo->ipi6_ifindex == 0 &&
2924 IN6_IS_ADDR_UNSPECIFIED(&pktinfo->ipi6_addr)) {
2925 ip6_clearpktopts(opt, optname);
2929 if (uproto == IPPROTO_TCP && optname == IPV6_PKTINFO &&
2930 sticky && !IN6_IS_ADDR_UNSPECIFIED(&pktinfo->ipi6_addr)) {
2934 /* validate the interface index if specified. */
2935 if (pktinfo->ipi6_ifindex > V_if_index ||
2936 pktinfo->ipi6_ifindex < 0) {
2939 if (pktinfo->ipi6_ifindex) {
2940 ifp = ifnet_byindex(pktinfo->ipi6_ifindex);
2946 * We store the address anyway, and let in6_selectsrc()
2947 * validate the specified address. This is because ipi6_addr
2948 * may not have enough information about its scope zone, and
2949 * we may need additional information (such as outgoing
2950 * interface or the scope zone of a destination address) to
2951 * disambiguate the scope.
2952 * XXX: the delay of the validation may confuse the
2953 * application when it is used as a sticky option.
2955 if (opt->ip6po_pktinfo == NULL) {
2956 opt->ip6po_pktinfo = malloc(sizeof(*pktinfo),
2957 M_IP6OPT, M_NOWAIT);
2958 if (opt->ip6po_pktinfo == NULL)
2961 bcopy(pktinfo, opt->ip6po_pktinfo, sizeof(*pktinfo));
2965 case IPV6_2292HOPLIMIT:
2971 * RFC 3542 deprecated the usage of sticky IPV6_HOPLIMIT
2972 * to simplify the ordering among hoplimit options.
2974 if (optname == IPV6_HOPLIMIT && sticky)
2975 return (ENOPROTOOPT);
2977 if (len != sizeof(int))
2980 if (*hlimp < -1 || *hlimp > 255)
2983 opt->ip6po_hlim = *hlimp;
2991 if (len != sizeof(int))
2993 tclass = *(int *)buf;
2994 if (tclass < -1 || tclass > 255)
2997 opt->ip6po_tclass = tclass;
3001 case IPV6_2292NEXTHOP:
3004 error = priv_check_cred(cred,
3005 PRIV_NETINET_SETHDROPTS, 0);
3010 if (len == 0) { /* just remove the option */
3011 ip6_clearpktopts(opt, IPV6_NEXTHOP);
3015 /* check if cmsg_len is large enough for sa_len */
3016 if (len < sizeof(struct sockaddr) || len < *buf)
3019 switch (((struct sockaddr *)buf)->sa_family) {
3022 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)buf;
3025 if (sa6->sin6_len != sizeof(struct sockaddr_in6))
3028 if (IN6_IS_ADDR_UNSPECIFIED(&sa6->sin6_addr) ||
3029 IN6_IS_ADDR_MULTICAST(&sa6->sin6_addr)) {
3032 if ((error = sa6_embedscope(sa6, V_ip6_use_defzone))
3038 case AF_LINK: /* should eventually be supported */
3040 return (EAFNOSUPPORT);
3043 /* turn off the previous option, then set the new option. */
3044 ip6_clearpktopts(opt, IPV6_NEXTHOP);
3045 opt->ip6po_nexthop = malloc(*buf, M_IP6OPT, M_NOWAIT);
3046 if (opt->ip6po_nexthop == NULL)
3048 bcopy(buf, opt->ip6po_nexthop, *buf);
3051 case IPV6_2292HOPOPTS:
3054 struct ip6_hbh *hbh;
3058 * XXX: We don't allow a non-privileged user to set ANY HbH
3059 * options, since per-option restriction has too much
3063 error = priv_check_cred(cred,
3064 PRIV_NETINET_SETHDROPTS, 0);
3070 ip6_clearpktopts(opt, IPV6_HOPOPTS);
3071 break; /* just remove the option */
3074 /* message length validation */
3075 if (len < sizeof(struct ip6_hbh))
3077 hbh = (struct ip6_hbh *)buf;
3078 hbhlen = (hbh->ip6h_len + 1) << 3;
3082 /* turn off the previous option, then set the new option. */
3083 ip6_clearpktopts(opt, IPV6_HOPOPTS);
3084 opt->ip6po_hbh = malloc(hbhlen, M_IP6OPT, M_NOWAIT);
3085 if (opt->ip6po_hbh == NULL)
3087 bcopy(hbh, opt->ip6po_hbh, hbhlen);
3092 case IPV6_2292DSTOPTS:
3094 case IPV6_RTHDRDSTOPTS:
3096 struct ip6_dest *dest, **newdest = NULL;
3099 if (cred != NULL) { /* XXX: see the comment for IPV6_HOPOPTS */
3100 error = priv_check_cred(cred,
3101 PRIV_NETINET_SETHDROPTS, 0);
3107 ip6_clearpktopts(opt, optname);
3108 break; /* just remove the option */
3111 /* message length validation */
3112 if (len < sizeof(struct ip6_dest))
3114 dest = (struct ip6_dest *)buf;
3115 destlen = (dest->ip6d_len + 1) << 3;
3120 * Determine the position that the destination options header
3121 * should be inserted; before or after the routing header.
3124 case IPV6_2292DSTOPTS:
3126 * The old advacned API is ambiguous on this point.
3127 * Our approach is to determine the position based
3128 * according to the existence of a routing header.
3129 * Note, however, that this depends on the order of the
3130 * extension headers in the ancillary data; the 1st
3131 * part of the destination options header must appear
3132 * before the routing header in the ancillary data,
3134 * RFC3542 solved the ambiguity by introducing
3135 * separate ancillary data or option types.
3137 if (opt->ip6po_rthdr == NULL)
3138 newdest = &opt->ip6po_dest1;
3140 newdest = &opt->ip6po_dest2;
3142 case IPV6_RTHDRDSTOPTS:
3143 newdest = &opt->ip6po_dest1;
3146 newdest = &opt->ip6po_dest2;
3150 /* turn off the previous option, then set the new option. */
3151 ip6_clearpktopts(opt, optname);
3152 *newdest = malloc(destlen, M_IP6OPT, M_NOWAIT);
3153 if (*newdest == NULL)
3155 bcopy(dest, *newdest, destlen);
3160 case IPV6_2292RTHDR:
3163 struct ip6_rthdr *rth;
3167 ip6_clearpktopts(opt, IPV6_RTHDR);
3168 break; /* just remove the option */
3171 /* message length validation */
3172 if (len < sizeof(struct ip6_rthdr))
3174 rth = (struct ip6_rthdr *)buf;
3175 rthlen = (rth->ip6r_len + 1) << 3;
3179 switch (rth->ip6r_type) {
3180 case IPV6_RTHDR_TYPE_0:
3181 if (rth->ip6r_len == 0) /* must contain one addr */
3183 if (rth->ip6r_len % 2) /* length must be even */
3185 if (rth->ip6r_len / 2 != rth->ip6r_segleft)
3189 return (EINVAL); /* not supported */
3192 /* turn off the previous option */
3193 ip6_clearpktopts(opt, IPV6_RTHDR);
3194 opt->ip6po_rthdr = malloc(rthlen, M_IP6OPT, M_NOWAIT);
3195 if (opt->ip6po_rthdr == NULL)
3197 bcopy(rth, opt->ip6po_rthdr, rthlen);
3202 case IPV6_USE_MIN_MTU:
3203 if (len != sizeof(int))
3205 minmtupolicy = *(int *)buf;
3206 if (minmtupolicy != IP6PO_MINMTU_MCASTONLY &&
3207 minmtupolicy != IP6PO_MINMTU_DISABLE &&
3208 minmtupolicy != IP6PO_MINMTU_ALL) {
3211 opt->ip6po_minmtu = minmtupolicy;
3215 if (len != sizeof(int))
3218 if (uproto == IPPROTO_TCP || *(int *)buf == 0) {
3220 * we ignore this option for TCP sockets.
3221 * (RFC3542 leaves this case unspecified.)
3223 opt->ip6po_flags &= ~IP6PO_DONTFRAG;
3225 opt->ip6po_flags |= IP6PO_DONTFRAG;
3228 case IPV6_PREFER_TEMPADDR:
3229 if (len != sizeof(int))
3231 preftemp = *(int *)buf;
3232 if (preftemp != IP6PO_TEMPADDR_SYSTEM &&
3233 preftemp != IP6PO_TEMPADDR_NOTPREFER &&
3234 preftemp != IP6PO_TEMPADDR_PREFER) {
3237 opt->ip6po_prefer_tempaddr = preftemp;
3241 return (ENOPROTOOPT);
3242 } /* end of switch */
3248 * Routine called from ip6_output() to loop back a copy of an IP6 multicast
3249 * packet to the input queue of a specified interface. Note that this
3250 * calls the output routine of the loopback "driver", but with an interface
3251 * pointer that might NOT be &loif -- easier than replicating that code here.
3254 ip6_mloopback(struct ifnet *ifp, struct mbuf *m, struct sockaddr_in6 *dst)
3257 struct ip6_hdr *ip6;
3259 copym = m_copy(m, 0, M_COPYALL);
3264 * Make sure to deep-copy IPv6 header portion in case the data
3265 * is in an mbuf cluster, so that we can safely override the IPv6
3266 * header portion later.
3268 if ((copym->m_flags & M_EXT) != 0 ||
3269 copym->m_len < sizeof(struct ip6_hdr)) {
3270 copym = m_pullup(copym, sizeof(struct ip6_hdr));
3276 if (copym->m_len < sizeof(*ip6)) {
3282 ip6 = mtod(copym, struct ip6_hdr *);
3284 * clear embedded scope identifiers if necessary.
3285 * in6_clearscope will touch the addresses only when necessary.
3287 in6_clearscope(&ip6->ip6_src);
3288 in6_clearscope(&ip6->ip6_dst);
3290 (void)if_simloop(ifp, copym, dst->sin6_family, 0);
3294 * Chop IPv6 header off from the payload.
3297 ip6_splithdr(struct mbuf *m, struct ip6_exthdrs *exthdrs)
3300 struct ip6_hdr *ip6;
3302 ip6 = mtod(m, struct ip6_hdr *);
3303 if (m->m_len > sizeof(*ip6)) {
3304 MGETHDR(mh, M_DONTWAIT, MT_HEADER);
3309 M_MOVE_PKTHDR(mh, m);
3310 MH_ALIGN(mh, sizeof(*ip6));
3311 m->m_len -= sizeof(*ip6);
3312 m->m_data += sizeof(*ip6);
3315 m->m_len = sizeof(*ip6);
3316 bcopy((caddr_t)ip6, mtod(m, caddr_t), sizeof(*ip6));
3318 exthdrs->ip6e_ip6 = m;
3323 * Compute IPv6 extension header length.
3326 ip6_optlen(struct in6pcb *in6p)
3330 if (!in6p->in6p_outputopts)
3335 (((struct ip6_ext *)(x)) ? (((struct ip6_ext *)(x))->ip6e_len + 1) << 3 : 0)
3337 len += elen(in6p->in6p_outputopts->ip6po_hbh);
3338 if (in6p->in6p_outputopts->ip6po_rthdr)
3339 /* dest1 is valid with rthdr only */
3340 len += elen(in6p->in6p_outputopts->ip6po_dest1);
3341 len += elen(in6p->in6p_outputopts->ip6po_rthdr);
3342 len += elen(in6p->in6p_outputopts->ip6po_dest2);