1 | /* |
2 | * Copyright (c) 2003-2022 Apple Inc. All rights reserved. |
3 | * |
4 | * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ |
5 | * |
6 | * This file contains Original Code and/or Modifications of Original Code |
7 | * as defined in and that are subject to the Apple Public Source License |
8 | * Version 2.0 (the 'License'). You may not use this file except in |
9 | * compliance with the License. The rights granted to you under the License |
10 | * may not be used to create, or enable the creation or redistribution of, |
11 | * unlawful or unlicensed copies of an Apple operating system, or to |
12 | * circumvent, violate, or enable the circumvention or violation of, any |
13 | * terms of an Apple operating system software license agreement. |
14 | * |
15 | * Please obtain a copy of the License at |
16 | * http://www.opensource.apple.com/apsl/ and read it before using this file. |
17 | * |
18 | * The Original Code and all software distributed under the License are |
19 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER |
20 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, |
21 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, |
22 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. |
23 | * Please see the License for the specific language governing rights and |
24 | * limitations under the License. |
25 | * |
26 | * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ |
27 | */ |
28 | |
29 | /* |
30 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. |
31 | * All rights reserved. |
32 | * |
33 | * Redistribution and use in source and binary forms, with or without |
34 | * modification, are permitted provided that the following conditions |
35 | * are met: |
36 | * 1. Redistributions of source code must retain the above copyright |
37 | * notice, this list of conditions and the following disclaimer. |
38 | * 2. Redistributions in binary form must reproduce the above copyright |
39 | * notice, this list of conditions and the following disclaimer in the |
40 | * documentation and/or other materials provided with the distribution. |
41 | * 3. Neither the name of the project nor the names of its contributors |
42 | * may be used to endorse or promote products derived from this software |
43 | * without specific prior written permission. |
44 | * |
45 | * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND |
46 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
47 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
48 | * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE |
49 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
50 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
51 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
52 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
53 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
54 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
55 | * SUCH DAMAGE. |
56 | */ |
57 | #include <sys/param.h> |
58 | #include <sys/systm.h> |
59 | #include <sys/malloc.h> |
60 | #include <sys/mbuf.h> |
61 | #include <sys/socket.h> |
62 | #include <sys/sockio.h> |
63 | #include <sys/time.h> |
64 | #include <sys/kernel.h> |
65 | #include <sys/errno.h> |
66 | #include <sys/syslog.h> |
67 | #include <sys/queue.h> |
68 | #include <sys/mcache.h> |
69 | #include <sys/protosw.h> |
70 | |
71 | #include <dev/random/randomdev.h> |
72 | |
73 | #include <kern/locks.h> |
74 | #include <kern/zalloc.h> |
75 | #include <machine/machine_routines.h> |
76 | |
77 | #include <net/if.h> |
78 | #include <net/if_var.h> |
79 | #include <net/if_types.h> |
80 | #include <net/if_dl.h> |
81 | #include <net/route.h> |
82 | #include <net/radix.h> |
83 | |
84 | #include <netinet/in.h> |
85 | #include <netinet6/in6_var.h> |
86 | #include <netinet6/in6_ifattach.h> |
87 | #include <netinet/ip6.h> |
88 | #include <netinet6/ip6_var.h> |
89 | #include <netinet6/nd6.h> |
90 | #include <netinet/icmp6.h> |
91 | #include <netinet6/scope6_var.h> |
92 | |
93 | #include <net/net_osdep.h> |
94 | |
95 | #include <net/sockaddr_utils.h> |
96 | |
97 | static void defrouter_addreq(struct nd_defrouter *, struct nd_route_info *, boolean_t); |
98 | static void defrouter_delreq(struct nd_defrouter *, struct nd_route_info *); |
99 | static struct nd_defrouter *defrtrlist_update_common(struct nd_defrouter *, |
100 | struct nd_drhead *, boolean_t); |
101 | static void pfxrtr_add(struct nd_prefix *, struct nd_defrouter *); |
102 | static void pfxrtr_del(struct nd_pfxrouter *, struct nd_prefix *); |
103 | static struct nd_pfxrouter *find_pfxlist_reachable_router(struct nd_prefix *); |
104 | static void nd6_rtmsg(u_char, struct rtentry *); |
105 | |
106 | static int nd6_prefix_onlink_common(struct nd_prefix *, boolean_t, |
107 | unsigned int); |
108 | static struct nd_prefix *nd6_prefix_equal_lookup(struct nd_prefix *, boolean_t); |
109 | static void nd6_prefix_sync(struct ifnet *); |
110 | |
111 | static void in6_init_address_ltimes(struct in6_addrlifetime *); |
112 | static int rt6_deleteroute(struct radix_node *, void *); |
113 | |
114 | static struct nd_defrouter *nddr_alloc(zalloc_flags_t); |
115 | static void nddr_free(struct nd_defrouter *); |
116 | static void nddr_trace(struct nd_defrouter *, int); |
117 | |
118 | static struct nd_prefix *ndpr_alloc(int); |
119 | static void ndpr_free(struct nd_prefix *); |
120 | static void ndpr_trace(struct nd_prefix *, int); |
121 | |
122 | extern int nd6_recalc_reachtm_interval; |
123 | |
124 | static struct ifnet *nd6_defifp = NULL; |
125 | int nd6_defifindex = 0; |
126 | static unsigned int nd6_defrouter_genid; |
127 | |
128 | int ip6_use_tempaddr = IP6_USE_TMPADDR_DEFAULT; /* use temp addr by default for testing now */ |
129 | int ip6_ula_use_tempaddr = IP6_ULA_USE_TMPADDR_DEFAULT; |
130 | |
131 | int nd6_accept_6to4 = 1; |
132 | |
133 | int ip6_desync_factor; |
134 | u_int32_t ip6_temp_preferred_lifetime = DEF_TEMP_PREFERRED_LIFETIME; |
135 | u_int32_t ip6_temp_valid_lifetime = DEF_TEMP_VALID_LIFETIME; |
136 | /* |
137 | * shorter lifetimes for debugging purposes. |
138 | * u_int32_t ip6_temp_preferred_lifetime = 800; |
139 | * static u_int32_t ip6_temp_valid_lifetime = 1800; |
140 | */ |
141 | int ip6_temp_regen_advance = TEMPADDR_REGEN_ADVANCE; |
142 | |
143 | /* Serialization variables for single thread access to nd_prefix */ |
144 | static boolean_t nd_prefix_busy; |
145 | static void *nd_prefix_waitchan = &nd_prefix_busy; |
146 | static int nd_prefix_waiters = 0; |
147 | |
148 | /* Serialization variables for single thread access to nd_defrouter */ |
149 | static boolean_t nd_defrouter_busy; |
150 | static void *nd_defrouter_waitchan = &nd_defrouter_busy; |
151 | static int nd_defrouter_waiters = 0; |
152 | |
153 | #define equal(a1, a2) (bcmp((caddr_t)(a1), (caddr_t)(a2), (a1)->sa_len) == 0) |
154 | /* RTPREF_MEDIUM has to be 0! */ |
155 | #define RTPREF_HIGH 1 |
156 | #define RTPREF_MEDIUM 0 |
157 | #define RTPREF_LOW (-1) |
158 | #define RTPREF_RESERVED (-2) |
159 | #define RTPREF_INVALID (-3) /* internal */ |
160 | |
161 | #define NDPR_TRACE_HIST_SIZE 32 /* size of trace history */ |
162 | |
163 | /* For gdb */ |
164 | __private_extern__ unsigned int ndpr_trace_hist_size = NDPR_TRACE_HIST_SIZE; |
165 | |
166 | struct nd_prefix_dbg { |
167 | struct nd_prefix ndpr_pr; /* nd_prefix */ |
168 | u_int16_t ndpr_refhold_cnt; /* # of ref */ |
169 | u_int16_t ndpr_refrele_cnt; /* # of rele */ |
170 | /* |
171 | * Circular lists of ndpr_addref and ndpr_remref callers. |
172 | */ |
173 | ctrace_t ndpr_refhold[NDPR_TRACE_HIST_SIZE]; |
174 | ctrace_t ndpr_refrele[NDPR_TRACE_HIST_SIZE]; |
175 | }; |
176 | |
177 | static unsigned int ndpr_debug; /* debug flags */ |
178 | static struct zone *ndpr_zone; /* zone for nd_prefix */ |
179 | #define NDPR_ZONE_NAME "nd6_prefix" /* zone name */ |
180 | |
181 | #define NDDR_TRACE_HIST_SIZE 32 /* size of trace history */ |
182 | |
183 | /* For gdb */ |
184 | __private_extern__ unsigned int nddr_trace_hist_size = NDDR_TRACE_HIST_SIZE; |
185 | |
186 | struct nd_defrouter_dbg { |
187 | struct nd_defrouter nddr_dr; /* nd_defrouter */ |
188 | uint16_t nddr_refhold_cnt; /* # of ref */ |
189 | uint16_t nddr_refrele_cnt; /* # of rele */ |
190 | /* |
191 | * Circular lists of nddr_addref and nddr_remref callers. |
192 | */ |
193 | ctrace_t nddr_refhold[NDDR_TRACE_HIST_SIZE]; |
194 | ctrace_t nddr_refrele[NDDR_TRACE_HIST_SIZE]; |
195 | }; |
196 | |
197 | static unsigned int nddr_debug; /* debug flags */ |
198 | static struct zone *nddr_zone; /* zone for nd_defrouter */ |
199 | #define NDDR_ZONE_NAME "nd6_defrouter" /* zone name */ |
200 | |
201 | static KALLOC_TYPE_DEFINE(ndprtr_zone, struct nd_pfxrouter, NET_KT_DEFAULT); |
202 | |
203 | #define TWOHOUR (120*60) |
204 | extern int nd6_process_rti; /* Default to 0 for now */ |
205 | |
206 | |
207 | static void |
208 | nd6_prefix_glb_init(void) |
209 | { |
210 | PE_parse_boot_argn(arg_string: "ifa_debug" , arg_ptr: &ndpr_debug, max_arg: sizeof(ndpr_debug)); |
211 | vm_size_t ndpr_size = (ndpr_debug == 0) ? sizeof(struct nd_prefix) : |
212 | sizeof(struct nd_prefix_dbg); |
213 | ndpr_zone = zone_create(NDPR_ZONE_NAME, size: ndpr_size, flags: ZC_ZFREE_CLEARMEM); |
214 | } |
215 | |
216 | static void |
217 | nd6_defrouter_glb_init(void) |
218 | { |
219 | PE_parse_boot_argn(arg_string: "ifa_debug" , arg_ptr: &nddr_debug, max_arg: sizeof(nddr_debug)); |
220 | vm_size_t nddr_size = (nddr_debug == 0) ? sizeof(struct nd_defrouter) : |
221 | sizeof(struct nd_defrouter_dbg); |
222 | nddr_zone = zone_create(NDDR_ZONE_NAME, size: nddr_size, flags: ZC_ZFREE_CLEARMEM); |
223 | } |
224 | |
225 | void |
226 | nd6_rtr_init(void) |
227 | { |
228 | nd6_prefix_glb_init(); |
229 | nd6_defrouter_glb_init(); |
230 | } |
231 | |
232 | /* |
233 | * Receive Router Solicitation Message - just for routers. |
234 | * Router solicitation/advertisement is mostly managed by userland program |
235 | * (rtadvd) so here we have no function like nd6_ra_output(). |
236 | * |
237 | * Based on RFC 2461 |
238 | */ |
239 | void |
240 | nd6_rs_input( |
241 | struct mbuf *m, |
242 | int off, |
243 | int icmp6len) |
244 | { |
245 | struct ifnet *ifp = m->m_pkthdr.rcvif; |
246 | struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); |
247 | struct nd_router_solicit *nd_rs = NULL; |
248 | struct in6_addr saddr6 = ip6->ip6_src; |
249 | char *lladdr = NULL; |
250 | int lladdrlen = 0; |
251 | union nd_opts ndopts = {}; |
252 | |
253 | /* Expect 32-bit aligned data pointer on strict-align platforms */ |
254 | MBUF_STRICT_DATA_ALIGNMENT_CHECK_32(m); |
255 | |
256 | /* If I'm not a router, ignore it. */ |
257 | if (!ip6_forwarding || ifp->if_ipv6_router_mode == IPV6_ROUTER_MODE_DISABLED) { |
258 | goto freeit; |
259 | } |
260 | |
261 | /* Sanity checks */ |
262 | if (ip6->ip6_hlim != IPV6_MAXHLIM) { |
263 | nd6log(error, |
264 | "nd6_rs_input: invalid hlim (%d) from %s to %s on %s\n" , |
265 | ip6->ip6_hlim, ip6_sprintf(&ip6->ip6_src), |
266 | ip6_sprintf(&ip6->ip6_dst), if_name(ifp)); |
267 | goto bad; |
268 | } |
269 | |
270 | /* |
271 | * Don't update the neighbor cache, if src = :: or a non-neighbor. |
272 | * The former case indicates that the src has no IP address assigned |
273 | * yet. See nd6_ns_input() for the latter case. |
274 | */ |
275 | if (IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_src)) { |
276 | goto freeit; |
277 | } else { |
278 | struct sockaddr_in6 src_sa6; |
279 | |
280 | SOCKADDR_ZERO(&src_sa6, sizeof(src_sa6)); |
281 | src_sa6.sin6_family = AF_INET6; |
282 | src_sa6.sin6_len = sizeof(src_sa6); |
283 | src_sa6.sin6_addr = ip6->ip6_src; |
284 | src_sa6.sin6_scope_id = (!in6_embedded_scope && IN6_IS_SCOPE_EMBED(&src_sa6.sin6_addr)) ? ip6_input_getsrcifscope(m) : IFSCOPE_NONE; |
285 | if (!nd6_is_addr_neighbor(&src_sa6, ifp, 0)) { |
286 | nd6log(info, "nd6_rs_input: " |
287 | "RS packet from non-neighbor\n" ); |
288 | goto freeit; |
289 | } |
290 | } |
291 | |
292 | IP6_EXTHDR_CHECK(m, off, icmp6len, return ); |
293 | ip6 = mtod(m, struct ip6_hdr *); |
294 | nd_rs = (struct nd_router_solicit *)((caddr_t)ip6 + off); |
295 | icmp6len -= sizeof(*nd_rs); |
296 | nd6_option_init(nd_rs + 1, icmp6len, &ndopts); |
297 | if (nd6_options(&ndopts) < 0) { |
298 | nd6log(info, |
299 | "nd6_rs_input: invalid ND option, ignored\n" ); |
300 | /* nd6_options have incremented stats */ |
301 | goto freeit; |
302 | } |
303 | |
304 | if (ndopts.nd_opts_src_lladdr) { |
305 | lladdr = (char *)(ndopts.nd_opts_src_lladdr + 1); |
306 | lladdrlen = ndopts.nd_opts_src_lladdr->nd_opt_len << 3; |
307 | } |
308 | |
309 | if (lladdr && ((ifp->if_addrlen + 2 + 7) & ~7) != lladdrlen) { |
310 | nd6log(info, |
311 | "nd6_rs_input: lladdrlen mismatch for %s " |
312 | "(if %d, RS packet %d)\n" , |
313 | ip6_sprintf(&saddr6), ifp->if_addrlen, lladdrlen - 2); |
314 | goto bad; |
315 | } |
316 | |
317 | nd6_cache_lladdr(ifp, &saddr6, lladdr, lladdrlen, ND_ROUTER_SOLICIT, 0, NULL); |
318 | |
319 | freeit: |
320 | m_freem(m); |
321 | return; |
322 | |
323 | bad: |
324 | icmp6stat.icp6s_badrs++; |
325 | m_freem(m); |
326 | } |
327 | |
328 | #define ND_OPT_LEN_TO_BYTE_SCALE 3 /* ND opt len is in units of 8 octets */ |
329 | |
330 | #define ND_OPT_LEN_RTI_MIN 1 |
331 | #define ND_OPT_LEN_RTI_MAX 3 |
332 | #define ND_OPT_RTI_PFXLEN_MAX 128 |
333 | /* |
334 | * Receive Router Advertisement Message. |
335 | * |
336 | * Based on RFC 2461 |
337 | * TODO: on-link bit on prefix information |
338 | * TODO: ND_RA_FLAG_{OTHER,MANAGED} processing |
339 | */ |
340 | void |
341 | nd6_ra_input( |
342 | struct mbuf *m, |
343 | int off, |
344 | int icmp6len) |
345 | { |
346 | struct ifnet *ifp = m->m_pkthdr.rcvif; |
347 | struct nd_ifinfo *ndi = NULL; |
348 | struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); |
349 | struct nd_router_advert *nd_ra; |
350 | struct in6_addr saddr6 = ip6->ip6_src; |
351 | int mcast = 0; |
352 | union nd_opts ndopts; |
353 | struct nd_defrouter *dr = NULL; |
354 | u_int32_t mtu = 0; |
355 | char *lladdr = NULL; |
356 | u_int32_t lladdrlen = 0; |
357 | struct nd_prefix_list *nd_prefix_list_head = NULL; |
358 | u_int32_t nd_prefix_list_length = 0; |
359 | struct in6_ifaddr *ia6 = NULL; |
360 | struct nd_prefix_list *prfl; |
361 | struct nd_defrouter dr0; |
362 | u_int32_t advreachable; |
363 | boolean_t rti_defrtr_processed = FALSE; |
364 | |
365 | #if (DEVELOPMENT || DEBUG) |
366 | if (ip6_accept_rtadv == 0) { |
367 | goto freeit; |
368 | } |
369 | #endif /* (DEVELOPMENT || DEBUG) */ |
370 | /* Expect 32-bit aligned data pointer on strict-align platforms */ |
371 | MBUF_STRICT_DATA_ALIGNMENT_CHECK_32(m); |
372 | |
373 | /* |
374 | * Accept the RA if IFEF_ACCEPT_RTADV is set, or when |
375 | * we're acting as a router and the RA is locally generated. |
376 | * For convenience, we allow locally generated (rtadvd) |
377 | * RAs to be processed on the advertising interface, as a router. |
378 | * |
379 | * Note that we don't test against ip6_forwarding as we could be |
380 | * both a host and a router on different interfaces, hence the |
381 | * check against the per-interface flags. |
382 | */ |
383 | if ((ifp->if_eflags & IFEF_ACCEPT_RTADV) == 0) { |
384 | if (ifp->if_ipv6_router_mode == IPV6_ROUTER_MODE_EXCLUSIVE && |
385 | (ia6 = ifa_foraddr6(&saddr6)) != NULL) { |
386 | /* accept locally generated RA */ |
387 | } else { |
388 | goto freeit; |
389 | } |
390 | } |
391 | |
392 | if (ia6 != NULL) { |
393 | ifa_remref(ifa: &ia6->ia_ifa); |
394 | ia6 = NULL; |
395 | } |
396 | |
397 | if (ip6->ip6_hlim != IPV6_MAXHLIM) { |
398 | nd6log(error, |
399 | "nd6_ra_input: invalid hlim (%d) from %s to %s on %s\n" , |
400 | ip6->ip6_hlim, ip6_sprintf(&ip6->ip6_src), |
401 | ip6_sprintf(&ip6->ip6_dst), if_name(ifp)); |
402 | goto bad; |
403 | } |
404 | |
405 | if (!IN6_IS_ADDR_LINKLOCAL(&saddr6)) { |
406 | nd6log(error, |
407 | "nd6_ra_input: src %s is not link-local\n" , |
408 | ip6_sprintf(&saddr6)); |
409 | goto bad; |
410 | } |
411 | |
412 | IP6_EXTHDR_CHECK(m, off, icmp6len, return ); |
413 | ip6 = mtod(m, struct ip6_hdr *); |
414 | nd_ra = (struct nd_router_advert *)((caddr_t)ip6 + off); |
415 | |
416 | icmp6len -= sizeof(*nd_ra); |
417 | nd6_option_init(nd_ra + 1, icmp6len, &ndopts); |
418 | if (nd6_options(&ndopts) < 0) { |
419 | nd6log(info, |
420 | "nd6_ra_input: invalid ND option, ignored\n" ); |
421 | /* nd6_options have incremented stats */ |
422 | goto freeit; |
423 | } |
424 | |
425 | advreachable = nd_ra->nd_ra_reachable; |
426 | |
427 | /* remember if this is a multicasted advertisement */ |
428 | if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) { |
429 | mcast = 1; |
430 | } |
431 | |
432 | ndi = ND_IFINFO(ifp); |
433 | VERIFY(NULL != ndi && TRUE == ndi->initialized); |
434 | lck_mtx_lock(lck: &ndi->lock); |
435 | /* unspecified or not? (RFC 2461 6.3.4) */ |
436 | if (advreachable) { |
437 | advreachable = ntohl(advreachable); |
438 | if (advreachable <= MAX_REACHABLE_TIME && |
439 | ndi->basereachable != advreachable) { |
440 | ndi->basereachable = advreachable; |
441 | ndi->reachable = ND_COMPUTE_RTIME(ndi->basereachable); |
442 | ndi->recalctm = nd6_recalc_reachtm_interval; /* reset */ |
443 | } |
444 | } |
445 | if (nd_ra->nd_ra_retransmit) { |
446 | ndi->retrans = ntohl(nd_ra->nd_ra_retransmit); |
447 | } |
448 | if (nd_ra->nd_ra_curhoplimit) { |
449 | if (ndi->chlim < nd_ra->nd_ra_curhoplimit) { |
450 | ndi->chlim = nd_ra->nd_ra_curhoplimit; |
451 | } else if (ndi->chlim != nd_ra->nd_ra_curhoplimit) { |
452 | nd6log(error, |
453 | "RA with a lower CurHopLimit sent from " |
454 | "%s on %s (current = %d, received = %d). " |
455 | "Ignored.\n" , ip6_sprintf(&ip6->ip6_src), |
456 | if_name(ifp), ndi->chlim, |
457 | nd_ra->nd_ra_curhoplimit); |
458 | } |
459 | } |
460 | lck_mtx_unlock(lck: &ndi->lock); |
461 | |
462 | /* Initialize nd_defrouter invariants for RA processing */ |
463 | bzero(s: &dr0, n: sizeof(dr0)); |
464 | dr0.rtaddr = saddr6; |
465 | dr0.ifp = ifp; |
466 | |
467 | /* |
468 | * Route Information Option |
469 | */ |
470 | if (ndopts.nd_opts_rti && IFNET_IS_ETHERNET(ifp)) { |
471 | struct nd_opt_hdr *rt = NULL; |
472 | struct sockaddr_in6 rti_gateway = {0}; |
473 | |
474 | rti_gateway.sin6_family = AF_INET6; |
475 | rti_gateway.sin6_len = sizeof(rti_gateway); |
476 | memcpy(dst: &rti_gateway.sin6_addr, src: &saddr6, n: sizeof(rti_gateway.sin6_addr)); |
477 | |
478 | for (rt = (struct nd_opt_hdr *)ndopts.nd_opts_rti; |
479 | rt <= (struct nd_opt_hdr *)ndopts.nd_opts_rti_end; |
480 | rt = (struct nd_opt_hdr *)((caddr_t)rt + |
481 | (rt->nd_opt_len << ND_OPT_LEN_TO_BYTE_SCALE))) { |
482 | struct sockaddr_in6 rti_prefix = {}; |
483 | struct nd_route_info rti = {}; |
484 | struct nd_opt_route_info *rti_opt = NULL; |
485 | u_int32_t rounded_prefix_bytes = 0; |
486 | |
487 | if (rt->nd_opt_type != ND_OPT_ROUTE_INFO) { |
488 | continue; |
489 | } |
490 | |
491 | rti_opt = (struct nd_opt_route_info *)rt; |
492 | if ((rti_opt->nd_opt_rti_len < ND_OPT_LEN_RTI_MIN) || |
493 | (rti_opt->nd_opt_rti_len > ND_OPT_LEN_RTI_MAX)) { |
494 | nd6log(info, |
495 | "%s: invalid option " |
496 | "len %d for route information option, " |
497 | "ignored\n" , __func__, |
498 | rti_opt->nd_opt_rti_len); |
499 | continue; |
500 | } |
501 | |
502 | if (rti_opt->nd_opt_rti_prefixlen > ND_OPT_RTI_PFXLEN_MAX) { |
503 | nd6log(info, |
504 | "%s: invalid prefix length %d " |
505 | "in the route information option, " |
506 | "ignored\n" , __func__, rti_opt->nd_opt_rti_prefixlen); |
507 | continue; |
508 | } |
509 | |
510 | if (rti_opt->nd_opt_rti_prefixlen != 0 && |
511 | rti_opt->nd_opt_rti_prefixlen <= 64 && |
512 | rti_opt->nd_opt_rti_len == ND_OPT_LEN_RTI_MIN) { |
513 | nd6log(info, |
514 | "%s: invalid prefix " |
515 | "len %d is OOB for route information option, " |
516 | "with total option length of %d. Ignored.\n" , |
517 | __func__, rti_opt->nd_opt_rti_prefixlen, |
518 | rti_opt->nd_opt_rti_len); |
519 | continue; |
520 | } |
521 | |
522 | if (rti_opt->nd_opt_rti_prefixlen > 64 && |
523 | rti_opt->nd_opt_rti_len != ND_OPT_LEN_RTI_MAX) { |
524 | nd6log(info, |
525 | "%s: invalid prefix " |
526 | "len %d is OOB for route information option, " |
527 | "with total option length of %d. Ignored.\n" , |
528 | __func__, rti_opt->nd_opt_rti_prefixlen, |
529 | rti_opt->nd_opt_rti_len); |
530 | continue; |
531 | } |
532 | |
533 | if ((rti_opt->nd_opt_rti_flags & ND_RA_FLAG_RTPREF_MASK) == |
534 | ND_RA_FLAG_RTPREF_RSV) { |
535 | nd6log(info, |
536 | "%s: using reserved preference mask, " |
537 | "ignored\n" , __func__); |
538 | continue; |
539 | } |
540 | |
541 | rti_prefix.sin6_family = AF_INET6; |
542 | rti_prefix.sin6_len = sizeof(rti_prefix); |
543 | |
544 | rounded_prefix_bytes = rti_opt->nd_opt_rti_prefixlen >> 3; |
545 | if (rti_opt->nd_opt_rti_prefixlen & 0x7) { |
546 | rounded_prefix_bytes++; |
547 | } |
548 | memcpy(dst: &rti_prefix.sin6_addr, src: rti_opt + 1, n: rounded_prefix_bytes); |
549 | |
550 | nd6log(info, "%s: received RA with route opt, " |
551 | "prefix %s/%u pref %u lifetime %u\n" , __func__, |
552 | ip6_sprintf(&rti_prefix.sin6_addr), |
553 | rti_opt->nd_opt_rti_prefixlen, |
554 | rti_opt->nd_opt_rti_flags, |
555 | ntohl(rti_opt->nd_opt_rti_lifetime)); |
556 | |
557 | dr0.flags = rti_opt->nd_opt_rti_flags; |
558 | dr0.stateflags = 0; |
559 | |
560 | /* |
561 | * https://tools.ietf.org/html/rfc4191#section-3.1 |
562 | * Type C Host requirements: |
563 | * The Router Preference and Lifetime values in a |
564 | * ::/0 Route Information Option override the |
565 | * preference and lifetime values in the Router |
566 | * Advertisement header. |
567 | */ |
568 | if (IN6_IS_ADDR_UNSPECIFIED(&rti_prefix.sin6_addr) |
569 | && rti_opt->nd_opt_rti_prefixlen == 0) { |
570 | rti_defrtr_processed = TRUE; |
571 | /* |
572 | * If the router lifetime is 0, set the state flag |
573 | * to dummy, so that it is skipped and not used as a |
574 | * default router. |
575 | * Set the lifetime to 2 hrs to make sure we get rid |
576 | * of the router eventually if this was indeed for a router |
577 | * going away. |
578 | * |
579 | * We partly have to do this to ensure advertised prefixes |
580 | * stay onlink. |
581 | * A periodic RA would also keep refreshing the cached |
582 | * neighbor cache entry if it contains source link layer |
583 | * information. |
584 | */ |
585 | if (rti_opt->nd_opt_rti_lifetime == 0) { |
586 | dr0.rtlifetime = TWOHOUR; |
587 | dr0.stateflags |= NDDRF_INELIGIBLE; |
588 | } else { |
589 | dr0.rtlifetime = ntohl(rti_opt->nd_opt_rti_lifetime); |
590 | } |
591 | dr0.expire = net_uptime() + dr0.rtlifetime; |
592 | |
593 | lck_mtx_lock(nd6_mutex); |
594 | dr = defrtrlist_update(&dr0, NULL); |
595 | if (dr != NULL) { |
596 | dr->is_reachable = TRUE; |
597 | } |
598 | lck_mtx_unlock(nd6_mutex); |
599 | continue; |
600 | } |
601 | |
602 | dr0.rtlifetime = ntohl(rti_opt->nd_opt_rti_lifetime); |
603 | dr0.expire = net_uptime() + dr0.rtlifetime; |
604 | bzero(s: &rti, n: sizeof(rti)); |
605 | rti.nd_rti_prefixlen = rti_opt->nd_opt_rti_prefixlen; |
606 | rti.nd_rti_prefix = rti_prefix.sin6_addr; |
607 | nd6_rtilist_update(&rti, &dr0); |
608 | } |
609 | } |
610 | |
611 | if (!rti_defrtr_processed) { |
612 | dr0.flags = nd_ra->nd_ra_flags_reserved; |
613 | dr0.stateflags = 0; |
614 | /* |
615 | * If the router lifetime is 0, set the state flag |
616 | * to dummy, so that it is skipped and not used as a |
617 | * default router. |
618 | * Set the lifetime to 2 hrs to make sure we get rid |
619 | * of the router eventually if this was indeed for a router |
620 | * going away. |
621 | * |
622 | * We partly have to do this to ensure advertised prefixes |
623 | * stay onlink. |
624 | * A periodic RA would also keep refreshing the cached |
625 | * neighbor cache entry if it contains source link layer |
626 | * information. |
627 | */ |
628 | if (nd_ra->nd_ra_router_lifetime == 0) { |
629 | dr0.rtlifetime = TWOHOUR; |
630 | dr0.stateflags |= NDDRF_INELIGIBLE; |
631 | } else { |
632 | dr0.rtlifetime = ntohs(nd_ra->nd_ra_router_lifetime); |
633 | } |
634 | dr0.expire = net_uptime() + dr0.rtlifetime; |
635 | lck_mtx_lock(nd6_mutex); |
636 | dr = defrtrlist_update(&dr0, NULL); |
637 | if (dr != NULL) { |
638 | dr->is_reachable = TRUE; |
639 | } |
640 | lck_mtx_unlock(nd6_mutex); |
641 | } |
642 | |
643 | /* |
644 | * prefix |
645 | */ |
646 | if (ndopts.nd_opts_pi) { |
647 | struct nd_opt_hdr *pt; |
648 | struct nd_opt_prefix_info *pi = NULL; |
649 | struct nd_prefix pr; |
650 | |
651 | for (pt = (struct nd_opt_hdr *)ndopts.nd_opts_pi; |
652 | pt <= (struct nd_opt_hdr *)ndopts.nd_opts_pi_end; |
653 | pt = (struct nd_opt_hdr *)((caddr_t)pt + |
654 | (pt->nd_opt_len << ND_OPT_LEN_TO_BYTE_SCALE))) { |
655 | struct in6_addr pi_mask; |
656 | bzero(s: &pi_mask, n: sizeof(pi_mask)); |
657 | |
658 | if (pt->nd_opt_type != ND_OPT_PREFIX_INFORMATION) { |
659 | continue; |
660 | } |
661 | pi = (struct nd_opt_prefix_info *)pt; |
662 | |
663 | if (pi->nd_opt_pi_len != 4) { |
664 | nd6log(info, |
665 | "nd6_ra_input: invalid option " |
666 | "len %d for prefix information option, " |
667 | "ignored\n" , pi->nd_opt_pi_len); |
668 | continue; |
669 | } |
670 | |
671 | if (128 < pi->nd_opt_pi_prefix_len) { |
672 | nd6log(info, |
673 | "nd6_ra_input: invalid prefix " |
674 | "len %d for prefix information option, " |
675 | "ignored\n" , pi->nd_opt_pi_prefix_len); |
676 | continue; |
677 | } |
678 | |
679 | /* |
680 | * To ignore ::/64 make sure bits beyond prefixlen |
681 | * are set to zero |
682 | */ |
683 | in6_prefixlen2mask(maskp: &pi_mask, len: pi->nd_opt_pi_prefix_len); |
684 | pi->nd_opt_pi_prefix.s6_addr32[0] &= pi_mask.s6_addr32[0]; |
685 | pi->nd_opt_pi_prefix.s6_addr32[1] &= pi_mask.s6_addr32[1]; |
686 | pi->nd_opt_pi_prefix.s6_addr32[2] &= pi_mask.s6_addr32[2]; |
687 | pi->nd_opt_pi_prefix.s6_addr32[3] &= pi_mask.s6_addr32[3]; |
688 | |
689 | if (IN6_IS_ADDR_UNSPECIFIED(&pi->nd_opt_pi_prefix) || |
690 | IN6_IS_ADDR_MULTICAST(&pi->nd_opt_pi_prefix) || |
691 | IN6_IS_ADDR_LINKLOCAL(&pi->nd_opt_pi_prefix)) { |
692 | nd6log(info, |
693 | "%s: invalid prefix %s, ignored\n" , |
694 | __func__, |
695 | ip6_sprintf(&pi->nd_opt_pi_prefix)); |
696 | continue; |
697 | } |
698 | |
699 | bzero(s: &pr, n: sizeof(pr)); |
700 | lck_mtx_init(lck: &pr.ndpr_lock, grp: &ifa_mtx_grp, attr: &ifa_mtx_attr); |
701 | NDPR_LOCK(&pr); |
702 | pr.ndpr_prefix.sin6_family = AF_INET6; |
703 | pr.ndpr_prefix.sin6_len = sizeof(pr.ndpr_prefix); |
704 | pr.ndpr_prefix.sin6_addr = pi->nd_opt_pi_prefix; |
705 | pr.ndpr_ifp = m->m_pkthdr.rcvif; |
706 | |
707 | pr.ndpr_raf_onlink = (pi->nd_opt_pi_flags_reserved & |
708 | ND_OPT_PI_FLAG_ONLINK) ? 1 : 0; |
709 | pr.ndpr_raf_auto = (pi->nd_opt_pi_flags_reserved & |
710 | ND_OPT_PI_FLAG_AUTO) ? 1 : 0; |
711 | pr.ndpr_plen = pi->nd_opt_pi_prefix_len; |
712 | pr.ndpr_vltime = ntohl(pi->nd_opt_pi_valid_time); |
713 | pr.ndpr_pltime = |
714 | ntohl(pi->nd_opt_pi_preferred_time); |
715 | |
716 | /* |
717 | * Exceptions to stateless autoconfiguration processing: |
718 | * + nd6_accept_6to4 == 0 && address has 6to4 prefix |
719 | * + ip6_only_allow_rfc4193_prefix != 0 && |
720 | * address not RFC 4193 |
721 | */ |
722 | if (ip6_only_allow_rfc4193_prefix && |
723 | !IN6_IS_ADDR_UNIQUE_LOCAL(&pi->nd_opt_pi_prefix)) { |
724 | nd6log(info, |
725 | "nd6_ra_input: no SLAAC on prefix %s " |
726 | "[not RFC 4193]\n" , |
727 | ip6_sprintf(&pi->nd_opt_pi_prefix)); |
728 | pr.ndpr_raf_auto = 0; |
729 | } else if (!nd6_accept_6to4 && |
730 | IN6_IS_ADDR_6TO4(&pi->nd_opt_pi_prefix)) { |
731 | nd6log(info, |
732 | "%s: no SLAAC on prefix %s " |
733 | "[6to4]\n" , __func__, |
734 | ip6_sprintf(&pi->nd_opt_pi_prefix)); |
735 | pr.ndpr_raf_auto = 0; |
736 | } |
737 | |
738 | if (in6_init_prefix_ltimes(ndpr: &pr)) { |
739 | NDPR_UNLOCK(&pr); |
740 | lck_mtx_destroy(lck: &pr.ndpr_lock, grp: &ifa_mtx_grp); |
741 | continue; /* prefix lifetime init failed */ |
742 | } else { |
743 | NDPR_UNLOCK(&pr); |
744 | } |
745 | (void) prelist_update(&pr, dr, m, mcast); |
746 | lck_mtx_destroy(lck: &pr.ndpr_lock, grp: &ifa_mtx_grp); |
747 | |
748 | /* |
749 | * We have to copy the values out after the |
750 | * prelist_update call since some of these values won't |
751 | * be properly set until after the router advertisement |
752 | * updating can vet the values. |
753 | */ |
754 | prfl = kalloc_type(struct nd_prefix_list, |
755 | Z_WAITOK | Z_ZERO | Z_NOFAIL); |
756 | |
757 | /* this is only for nd6_post_msg(), otherwise unused */ |
758 | SOCKADDR_COPY(&pr.ndpr_prefix, &prfl->pr.ndpr_prefix, |
759 | sizeof(prfl->pr.ndpr_prefix)); |
760 | prfl->pr.ndpr_raf = pr.ndpr_raf; |
761 | prfl->pr.ndpr_plen = pr.ndpr_plen; |
762 | prfl->pr.ndpr_vltime = pr.ndpr_vltime; |
763 | prfl->pr.ndpr_pltime = pr.ndpr_pltime; |
764 | prfl->pr.ndpr_expire = pr.ndpr_expire; |
765 | prfl->pr.ndpr_base_calendartime = |
766 | pr.ndpr_base_calendartime; |
767 | prfl->pr.ndpr_base_uptime = pr.ndpr_base_uptime; |
768 | prfl->pr.ndpr_stateflags = pr.ndpr_stateflags; |
769 | prfl->pr.ndpr_addrcnt = pr.ndpr_addrcnt; |
770 | prfl->pr.ndpr_ifp = pr.ndpr_ifp; |
771 | |
772 | prfl->next = nd_prefix_list_head; |
773 | nd_prefix_list_head = prfl; |
774 | nd_prefix_list_length++; |
775 | } |
776 | } |
777 | |
778 | |
779 | /* |
780 | * MTU |
781 | */ |
782 | if (ndopts.nd_opts_mtu && ndopts.nd_opts_mtu->nd_opt_mtu_len == 1) { |
783 | mtu = ntohl(ndopts.nd_opts_mtu->nd_opt_mtu_mtu); |
784 | /* lower bound */ |
785 | if (mtu < IPV6_MMTU) { |
786 | nd6log(info, "nd6_ra_input: bogus mtu option " |
787 | "mtu=%d sent from %s, ignoring\n" , |
788 | mtu, ip6_sprintf(&ip6->ip6_src)); |
789 | goto skip; |
790 | } |
791 | |
792 | lck_mtx_lock(lck: &ndi->lock); |
793 | /* upper bound */ |
794 | if (ndi->maxmtu) { |
795 | if (mtu <= ndi->maxmtu) { |
796 | int change = (ndi->linkmtu != mtu); |
797 | |
798 | ndi->linkmtu = mtu; |
799 | lck_mtx_unlock(lck: &ndi->lock); |
800 | if (change) { /* in6_maxmtu may change */ |
801 | in6_setmaxmtu(); |
802 | } |
803 | } else { |
804 | nd6log(info, "nd6_ra_input: bogus mtu " |
805 | "mtu=%d sent from %s; " |
806 | "exceeds maxmtu %d, ignoring\n" , |
807 | mtu, ip6_sprintf(&ip6->ip6_src), |
808 | ndi->maxmtu); |
809 | lck_mtx_unlock(lck: &ndi->lock); |
810 | } |
811 | } else { |
812 | lck_mtx_unlock(lck: &ndi->lock); |
813 | nd6log(info, "nd6_ra_input: mtu option " |
814 | "mtu=%d sent from %s; maxmtu unknown, " |
815 | "ignoring\n" , |
816 | mtu, ip6_sprintf(&ip6->ip6_src)); |
817 | } |
818 | } |
819 | |
820 | skip: |
821 | |
822 | /* |
823 | * Source link layer address |
824 | */ |
825 | if (ndopts.nd_opts_src_lladdr) { |
826 | lladdr = (char *)(ndopts.nd_opts_src_lladdr + 1); |
827 | lladdrlen = ndopts.nd_opts_src_lladdr->nd_opt_len << 3; |
828 | } |
829 | |
830 | if (lladdr && ((ifp->if_addrlen + 2 + 7) & ~7) != lladdrlen) { |
831 | nd6log(info, |
832 | "nd6_ra_input: lladdrlen mismatch for %s " |
833 | "(if %d, RA packet %d)\n" , |
834 | ip6_sprintf(&saddr6), ifp->if_addrlen, lladdrlen - 2); |
835 | goto bad; |
836 | } |
837 | |
838 | if (dr && dr->stateflags & NDDRF_MAPPED) { |
839 | saddr6 = dr->rtaddr_mapped; |
840 | } |
841 | |
842 | nd6_cache_lladdr(ifp, &saddr6, lladdr, (int)lladdrlen, |
843 | ND_ROUTER_ADVERT, 0, NULL); |
844 | |
845 | /* Post message */ |
846 | nd6_post_msg(KEV_ND6_RA, nd_prefix_list_head, nd_prefix_list_length, |
847 | mtu); |
848 | |
849 | /* |
850 | * Installing a link-layer address might change the state of the |
851 | * router's neighbor cache, which might also affect our on-link |
852 | * detection of adveritsed prefixes. |
853 | */ |
854 | lck_mtx_lock(nd6_mutex); |
855 | pfxlist_onlink_check(); |
856 | lck_mtx_unlock(nd6_mutex); |
857 | |
858 | freeit: |
859 | m_freem(m); |
860 | if (dr) { |
861 | NDDR_REMREF(dr); |
862 | } |
863 | |
864 | prfl = NULL; |
865 | while ((prfl = nd_prefix_list_head) != NULL) { |
866 | nd_prefix_list_head = prfl->next; |
867 | kfree_type(struct nd_prefix_list, prfl); |
868 | } |
869 | |
870 | return; |
871 | |
872 | bad: |
873 | icmp6stat.icp6s_badra++; |
874 | goto freeit; |
875 | } |
876 | |
877 | /* |
878 | * default router list proccessing sub routines |
879 | */ |
880 | |
881 | /* tell the change to user processes watching the routing socket. */ |
882 | static void |
883 | nd6_rtmsg(u_char cmd, struct rtentry *rt) |
884 | { |
885 | struct rt_addrinfo info; |
886 | struct ifnet *ifp = rt->rt_ifp; |
887 | |
888 | RT_LOCK_ASSERT_HELD(rt); |
889 | |
890 | bzero(s: (caddr_t)&info, n: sizeof(info)); |
891 | /* It's not necessary to lock ifp for if_lladdr */ |
892 | info.rti_info[RTAX_DST] = rt_key(rt); |
893 | info.rti_info[RTAX_GATEWAY] = rt->rt_gateway; |
894 | info.rti_info[RTAX_NETMASK] = rt_mask(rt); |
895 | /* |
896 | * ifa_addr pointers for both should always be valid |
897 | * in this context; no need to hold locks. |
898 | */ |
899 | info.rti_info[RTAX_IFP] = ifp->if_lladdr->ifa_addr; |
900 | info.rti_info[RTAX_IFA] = rt->rt_ifa->ifa_addr; |
901 | |
902 | rt_missmsg(cmd, &info, rt->rt_flags, 0); |
903 | } |
904 | |
905 | static void |
906 | defrouter_addreq(struct nd_defrouter *new, struct nd_route_info *rti, boolean_t scoped) |
907 | { |
908 | struct sockaddr_in6 key, mask, gate; |
909 | struct rtentry *newrt __single = NULL; |
910 | unsigned int ifscope; |
911 | int err; |
912 | struct nd_ifinfo *ndi = ND_IFINFO(new->ifp); |
913 | int rtflags = RTF_GATEWAY; |
914 | |
915 | LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED); |
916 | NDDR_LOCK_ASSERT_NOTHELD(new); |
917 | /* |
918 | * We're free to lock and unlock NDDR because our callers |
919 | * are holding an extra reference for us. |
920 | */ |
921 | |
922 | NDDR_LOCK(new); |
923 | if (new->stateflags & NDDRF_INSTALLED) { |
924 | goto out; |
925 | } |
926 | if (new->ifp->if_ipv6_router_mode == IPV6_ROUTER_MODE_EXCLUSIVE) { |
927 | nd6log2(info, "%s: ignoring router %s, scoped=%d, " |
928 | "static=%d on advertising interface\n" , if_name(new->ifp), |
929 | ip6_sprintf(&new->rtaddr), scoped, |
930 | (new->stateflags & NDDRF_STATIC) ? 1 : 0); |
931 | goto out; |
932 | } |
933 | |
934 | nd6log2(info, "%s: adding default router %s, scoped=%d, " |
935 | "static=%d\n" , if_name(new->ifp), ip6_sprintf(&new->rtaddr), |
936 | scoped, (new->stateflags & NDDRF_STATIC) ? 1 : 0); |
937 | |
938 | Bzero(&key, sizeof(key)); |
939 | Bzero(&mask, sizeof(mask)); |
940 | Bzero(&gate, sizeof(gate)); |
941 | |
942 | key.sin6_len = mask.sin6_len = gate.sin6_len |
943 | = sizeof(struct sockaddr_in6); |
944 | key.sin6_family = mask.sin6_family = gate.sin6_family = AF_INET6; |
945 | |
946 | if (rti != NULL) { |
947 | key.sin6_addr = rti->nd_rti_prefix; |
948 | in6_len2mask(&mask.sin6_addr, rti->nd_rti_prefixlen); |
949 | if (rti->nd_rti_prefixlen == ND_OPT_RTI_PFXLEN_MAX) { |
950 | rtflags |= RTF_HOST; |
951 | } else { |
952 | rtflags |= RTF_PRCLONING; |
953 | } |
954 | |
955 | if (IN6_IS_SCOPE_EMBED(&key.sin6_addr) || |
956 | IN6_IS_ADDR_LOOPBACK(&key.sin6_addr)) { |
957 | nd6log2(info, "%s: ignoring router %s, rti prefix %s, scoped=%d, " |
958 | "static=%d on advertising interface\n" , if_name(new->ifp), |
959 | ip6_sprintf(&new->rtaddr), ip6_sprintf(&rti->nd_rti_prefix), scoped, |
960 | (new->stateflags & NDDRF_STATIC) ? 1 : 0); |
961 | goto out; |
962 | } |
963 | } |
964 | |
965 | if (new->stateflags & NDDRF_MAPPED) { |
966 | gate.sin6_addr = new->rtaddr_mapped; |
967 | } else { |
968 | gate.sin6_addr = new->rtaddr; |
969 | } |
970 | if (!in6_embedded_scope && IN6_IS_SCOPE_EMBED(&gate.sin6_addr)) { |
971 | gate.sin6_scope_id = new->ifp->if_index; |
972 | } |
973 | |
974 | ifscope = scoped ? new->ifp->if_index : IFSCOPE_NONE; |
975 | NDDR_UNLOCK(new); |
976 | |
977 | /* |
978 | * Cellular networks may have buggy deployments |
979 | * with gateway IPv6 link local address with same |
980 | * interface identifier as the one that has been |
981 | * assigned for the cellular context. |
982 | * If gateway is same as locally configured link local |
983 | * interface on cellular interface, generated a different one |
984 | * and store it in the nd_defrouter entry and use it to work |
985 | * on routing table |
986 | */ |
987 | if (new->ifp->if_type == IFT_CELLULAR && |
988 | !(new->stateflags & NDDRF_STATIC) && |
989 | !(new->stateflags & NDDRF_MAPPED) && |
990 | IN6_IS_ADDR_LINKLOCAL(&gate.sin6_addr) && |
991 | ndi && !(ndi->flags & ND6_IFF_PERFORMNUD)) { |
992 | struct in6_ifaddr *tmp_ia6 = in6ifa_ifpforlinklocal(new->ifp, 0); |
993 | |
994 | if (tmp_ia6 != NULL && |
995 | !(tmp_ia6->ia6_flags & IN6_IFF_NOTMANUAL) && |
996 | IN6_ARE_ADDR_EQUAL(&tmp_ia6->ia_addr.sin6_addr, |
997 | &gate.sin6_addr)) { |
998 | gate.sin6_addr.s6_addr8[15] += 1; |
999 | new->rtaddr_mapped = gate.sin6_addr; |
1000 | new->stateflags |= NDDRF_MAPPED; |
1001 | |
1002 | nd6log(info, "%s: Default router %s mapped " |
1003 | "to " , if_name(new->ifp), ip6_sprintf(&new->rtaddr)); |
1004 | nd6log(info, "%s\n" , ip6_sprintf(&new->rtaddr_mapped)); |
1005 | } |
1006 | } |
1007 | |
1008 | err = rtrequest_scoped(RTM_ADD, SA(&key), SA(&gate), SA(&mask), |
1009 | rtflags, &newrt, ifscope); |
1010 | |
1011 | if (newrt) { |
1012 | RT_LOCK(newrt); |
1013 | nd6_rtmsg(RTM_ADD, rt: newrt); /* tell user process */ |
1014 | RT_REMREF_LOCKED(newrt); |
1015 | RT_UNLOCK(newrt); |
1016 | NDDR_LOCK(new); |
1017 | new->stateflags |= NDDRF_INSTALLED; |
1018 | if (ifscope != IFSCOPE_NONE) { |
1019 | new->stateflags |= NDDRF_IFSCOPE; |
1020 | } |
1021 | } else { |
1022 | nd6log(error, "%s: failed to add default router " |
1023 | "%s on %s scoped %d (errno = %d)\n" , __func__, |
1024 | ip6_sprintf(&gate.sin6_addr), if_name(new->ifp), |
1025 | (ifscope != IFSCOPE_NONE), err); |
1026 | NDDR_LOCK(new); |
1027 | } |
1028 | new->err = err; |
1029 | |
1030 | out: |
1031 | NDDR_UNLOCK(new); |
1032 | } |
1033 | |
1034 | void |
1035 | defrouter_set_reachability( |
1036 | struct in6_addr *addr, |
1037 | struct ifnet *ifp, |
1038 | boolean_t is_reachable) |
1039 | { |
1040 | struct nd_defrouter *dr = NULL; |
1041 | |
1042 | LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED); |
1043 | |
1044 | lck_mtx_lock(nd6_mutex); |
1045 | dr = defrouter_lookup(NULL, addr, ifp); |
1046 | if (dr != NULL) { |
1047 | dr->is_reachable = is_reachable; |
1048 | NDDR_REMREF(dr); |
1049 | } |
1050 | lck_mtx_unlock(nd6_mutex); |
1051 | } |
1052 | |
1053 | struct nd_defrouter * |
1054 | defrouter_lookup( |
1055 | struct nd_drhead *nd_router_listp, |
1056 | struct in6_addr *addr, |
1057 | struct ifnet *ifp) |
1058 | { |
1059 | struct nd_defrouter *dr; |
1060 | |
1061 | LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_OWNED); |
1062 | |
1063 | if (nd_router_listp == NULL) { |
1064 | nd_router_listp = &nd_defrouter_list; |
1065 | } |
1066 | |
1067 | for (dr = TAILQ_FIRST(nd_router_listp); dr; |
1068 | dr = TAILQ_NEXT(dr, dr_entry)) { |
1069 | NDDR_LOCK(dr); |
1070 | if (dr->ifp == ifp && IN6_ARE_ADDR_EQUAL(addr, &dr->rtaddr)) { |
1071 | NDDR_ADDREF(dr); |
1072 | NDDR_UNLOCK(dr); |
1073 | return dr; |
1074 | } |
1075 | NDDR_UNLOCK(dr); |
1076 | } |
1077 | |
1078 | return NULL; /* search failed */ |
1079 | } |
1080 | |
1081 | /* |
1082 | * Remove the default route for a given router. |
1083 | * This is just a subroutine function for defrouter_select(), and should |
1084 | * not be called from anywhere else. |
1085 | */ |
1086 | static void |
1087 | defrouter_delreq(struct nd_defrouter *dr, struct nd_route_info *rti) |
1088 | { |
1089 | struct sockaddr_in6 key, mask, gate; |
1090 | struct rtentry *oldrt __single = NULL; |
1091 | unsigned int ifscope; |
1092 | int err; |
1093 | |
1094 | LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED); |
1095 | NDDR_LOCK_ASSERT_NOTHELD(dr); |
1096 | /* |
1097 | * We're free to lock and unlock NDDR because our callers |
1098 | * are holding an extra reference for us. |
1099 | */ |
1100 | NDDR_LOCK(dr); |
1101 | /* ifp would be NULL for the "drany" case */ |
1102 | if (dr->ifp != NULL && !(dr->stateflags & NDDRF_INSTALLED)) { |
1103 | goto out; |
1104 | } |
1105 | |
1106 | nd6log2(info, "%s: removing default router %s, scoped=%d, " |
1107 | "static=%d\n" , dr->ifp != NULL ? if_name(dr->ifp) : "ANY" , |
1108 | ip6_sprintf(&dr->rtaddr), (dr->stateflags & NDDRF_IFSCOPE) ? 1 : 0, |
1109 | (dr->stateflags & NDDRF_STATIC) ? 1 : 0); |
1110 | |
1111 | Bzero(&key, sizeof(key)); |
1112 | Bzero(&mask, sizeof(mask)); |
1113 | Bzero(&gate, sizeof(gate)); |
1114 | |
1115 | key.sin6_len = mask.sin6_len = gate.sin6_len |
1116 | = sizeof(struct sockaddr_in6); |
1117 | key.sin6_family = mask.sin6_family = gate.sin6_family = AF_INET6; |
1118 | |
1119 | |
1120 | if (rti != NULL) { |
1121 | key.sin6_addr = rti->nd_rti_prefix; |
1122 | in6_len2mask(&mask.sin6_addr, rti->nd_rti_prefixlen); |
1123 | } |
1124 | /* |
1125 | * The router entry may be mapped to a different address. |
1126 | * If that is the case, use the mapped address as gateway |
1127 | * to do operation on the routing table. |
1128 | * To get more context, read the related comment in |
1129 | * defrouter_addreq |
1130 | */ |
1131 | if (dr->stateflags & NDDRF_MAPPED) { |
1132 | gate.sin6_addr = dr->rtaddr_mapped; |
1133 | } else { |
1134 | gate.sin6_addr = dr->rtaddr; |
1135 | } |
1136 | |
1137 | if (dr->ifp != NULL) { |
1138 | ifscope = (dr->stateflags & NDDRF_IFSCOPE) ? |
1139 | dr->ifp->if_index : IFSCOPE_NONE; |
1140 | } else { |
1141 | ifscope = IFSCOPE_NONE; |
1142 | } |
1143 | NDDR_UNLOCK(dr); |
1144 | |
1145 | err = rtrequest_scoped(RTM_DELETE, SA(&key), SA(&gate), SA(&mask), |
1146 | RTF_GATEWAY, &oldrt, ifscope); |
1147 | |
1148 | if (oldrt) { |
1149 | RT_LOCK(oldrt); |
1150 | nd6_rtmsg(RTM_DELETE, rt: oldrt); |
1151 | RT_UNLOCK(oldrt); |
1152 | rtfree(oldrt); |
1153 | } else if (err != ESRCH) { |
1154 | nd6log(error, "%s: failed to delete default router " |
1155 | "%s on %s scoped %d (errno = %d)\n" , __func__, |
1156 | ip6_sprintf(&gate.sin6_addr), dr->ifp != NULL ? |
1157 | if_name(dr->ifp) : "ANY" , (ifscope != IFSCOPE_NONE), err); |
1158 | } |
1159 | NDDR_LOCK(dr); |
1160 | /* ESRCH means it's no longer in the routing table; ignore it */ |
1161 | if (oldrt != NULL || err == ESRCH) { |
1162 | dr->stateflags &= ~NDDRF_INSTALLED; |
1163 | if (ifscope != IFSCOPE_NONE) { |
1164 | dr->stateflags &= ~NDDRF_IFSCOPE; |
1165 | } |
1166 | } |
1167 | dr->err = 0; |
1168 | out: |
1169 | NDDR_UNLOCK(dr); |
1170 | } |
1171 | |
1172 | |
1173 | /* |
1174 | * remove all default routes from default router list |
1175 | */ |
1176 | void |
1177 | defrouter_reset(void) |
1178 | { |
1179 | struct nd_defrouter *dr, drany; |
1180 | |
1181 | LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_OWNED); |
1182 | |
1183 | dr = TAILQ_FIRST(&nd_defrouter_list); |
1184 | while (dr) { |
1185 | NDDR_LOCK(dr); |
1186 | if (dr->stateflags & NDDRF_INSTALLED) { |
1187 | NDDR_ADDREF(dr); |
1188 | NDDR_UNLOCK(dr); |
1189 | lck_mtx_unlock(nd6_mutex); |
1190 | defrouter_delreq(dr, NULL); |
1191 | lck_mtx_lock(nd6_mutex); |
1192 | NDDR_REMREF(dr); |
1193 | dr = TAILQ_FIRST(&nd_defrouter_list); |
1194 | } else { |
1195 | NDDR_UNLOCK(dr); |
1196 | dr = TAILQ_NEXT(dr, dr_entry); |
1197 | } |
1198 | } |
1199 | |
1200 | /* Nuke primary (non-scoped) default router */ |
1201 | bzero(s: &drany, n: sizeof(drany)); |
1202 | lck_mtx_init(lck: &drany.nddr_lock, grp: &ifa_mtx_grp, attr: &ifa_mtx_attr); |
1203 | lck_mtx_unlock(nd6_mutex); |
1204 | defrouter_delreq(dr: &drany, NULL); |
1205 | lck_mtx_destroy(lck: &drany.nddr_lock, grp: &ifa_mtx_grp); |
1206 | lck_mtx_lock(nd6_mutex); |
1207 | } |
1208 | |
1209 | int |
1210 | defrtrlist_ioctl(u_long cmd, caddr_t data) |
1211 | { |
1212 | struct nd_defrouter dr0; |
1213 | unsigned int ifindex; |
1214 | struct ifnet *dr_ifp; |
1215 | int error = 0, add = 0; |
1216 | |
1217 | /* XXX Handle mapped default router entries */ |
1218 | switch (cmd) { |
1219 | case SIOCDRADD_IN6_32: /* struct in6_defrouter_32 */ |
1220 | case SIOCDRADD_IN6_64: /* struct in6_defrouter_64 */ |
1221 | ++add; |
1222 | OS_FALLTHROUGH; |
1223 | case SIOCDRDEL_IN6_32: /* struct in6_defrouter_32 */ |
1224 | case SIOCDRDEL_IN6_64: /* struct in6_defrouter_64 */ |
1225 | bzero(s: &dr0, n: sizeof(dr0)); |
1226 | if (cmd == SIOCDRADD_IN6_64 || cmd == SIOCDRDEL_IN6_64) { |
1227 | struct in6_defrouter_64 *r_64 = |
1228 | (struct in6_defrouter_64 *)(void *)data; |
1229 | u_int16_t i; |
1230 | |
1231 | bcopy(src: &r_64->rtaddr.sin6_addr, dst: &dr0.rtaddr, |
1232 | n: sizeof(dr0.rtaddr)); |
1233 | dr0.flags = r_64->flags; |
1234 | bcopy(src: &r_64->if_index, dst: &i, n: sizeof(i)); |
1235 | ifindex = i; |
1236 | } else { |
1237 | struct in6_defrouter_32 *r_32 = |
1238 | (struct in6_defrouter_32 *)(void *)data; |
1239 | u_int16_t i; |
1240 | |
1241 | bcopy(src: &r_32->rtaddr.sin6_addr, dst: &dr0.rtaddr, |
1242 | n: sizeof(dr0.rtaddr)); |
1243 | dr0.flags = r_32->flags; |
1244 | bcopy(src: &r_32->if_index, dst: &i, n: sizeof(i)); |
1245 | ifindex = i; |
1246 | } |
1247 | ifnet_head_lock_shared(); |
1248 | /* Don't need to check is ifindex is < 0 since it's unsigned */ |
1249 | if (!IF_INDEX_IN_RANGE(ifindex) || |
1250 | (dr_ifp = ifindex2ifnet[ifindex]) == NULL) { |
1251 | ifnet_head_done(); |
1252 | error = EINVAL; |
1253 | break; |
1254 | } |
1255 | dr0.ifp = dr_ifp; |
1256 | ifnet_head_done(); |
1257 | |
1258 | if (ND_IFINFO(dr_ifp) == NULL || |
1259 | !ND_IFINFO(dr_ifp)->initialized) { |
1260 | error = ENXIO; |
1261 | break; |
1262 | } |
1263 | |
1264 | if (IN6_IS_SCOPE_EMBED(&dr0.rtaddr) && in6_embedded_scope) { |
1265 | uint16_t *scope = &dr0.rtaddr.s6_addr16[1]; |
1266 | |
1267 | if (*scope == 0) { |
1268 | *scope = htons(dr_ifp->if_index); |
1269 | } else if (*scope != htons(dr_ifp->if_index)) { |
1270 | error = EINVAL; |
1271 | break; |
1272 | } |
1273 | } |
1274 | if (add) { |
1275 | error = defrtrlist_add_static(&dr0); |
1276 | } |
1277 | if (!add || error != 0) { |
1278 | int err = defrtrlist_del_static(&dr0); |
1279 | if (!add) { |
1280 | error = err; |
1281 | } |
1282 | } |
1283 | break; |
1284 | |
1285 | default: |
1286 | error = EOPNOTSUPP; /* check for safety */ |
1287 | break; |
1288 | } |
1289 | |
1290 | return error; |
1291 | } |
1292 | |
1293 | /* |
1294 | * XXX Please make sure to remove dr from the |
1295 | * global default router tailq list before this |
1296 | * function call. |
1297 | * Also ensure that you release the list reference |
1298 | * only after calling this routine. |
1299 | */ |
1300 | void |
1301 | defrtrlist_del(struct nd_defrouter *dr, struct nd_drhead *nd_router_listp) |
1302 | { |
1303 | #if (DEVELOPMENT || DEBUG) |
1304 | struct nd_defrouter *dr_itr = NULL; |
1305 | #endif |
1306 | struct nd_prefix *pr; |
1307 | struct ifnet *ifp = dr->ifp; |
1308 | struct nd_ifinfo *ndi = NULL; |
1309 | boolean_t resetmtu = FALSE; |
1310 | struct nd_route_info *rti = NULL; |
1311 | |
1312 | LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_OWNED); |
1313 | |
1314 | if (nd_router_listp == NULL) { |
1315 | nd_router_listp = &nd_defrouter_list; |
1316 | } |
1317 | |
1318 | if (nd_router_listp != &nd_defrouter_list) { |
1319 | rti = (struct nd_route_info *)nd_router_listp; |
1320 | } |
1321 | |
1322 | #if (DEVELOPMENT || DEBUG) |
1323 | /* |
1324 | * Verify that the router is not in the global default |
1325 | * router list. |
1326 | * Can't use defrouter_lookup here because that just works |
1327 | * with address and ifp pointer. |
1328 | * We have to compare the memory here. |
1329 | * Also we can't use ASSERT here as that is not defined |
1330 | * for development builds. |
1331 | */ |
1332 | TAILQ_FOREACH(dr_itr, nd_router_listp, dr_entry) |
1333 | VERIFY(dr != dr_itr); |
1334 | #endif |
1335 | ++nd6_defrouter_genid; |
1336 | /* |
1337 | * Flush all the routing table entries that use the router |
1338 | * as a next hop. |
1339 | * |
1340 | * XXX Note that for a router advertising itself as default router |
1341 | * and also advertising route information option, the following |
1342 | * code will have the default router entry and router entry of |
1343 | * RTI step over each other. |
1344 | * The following therefore may not be efficient but won't be |
1345 | * causing blocking issues. |
1346 | */ |
1347 | NDDR_ADDREF(dr); |
1348 | lck_mtx_unlock(nd6_mutex); |
1349 | if (dr->stateflags & NDDRF_MAPPED) { |
1350 | rt6_flush(&dr->rtaddr_mapped, ifp); |
1351 | } else { |
1352 | rt6_flush(&dr->rtaddr, ifp); |
1353 | } |
1354 | lck_mtx_lock(nd6_mutex); |
1355 | NDDR_REMREF(dr); |
1356 | nd6log2(info, "%s: freeing route to %s with gateway %s\n" , if_name(dr->ifp), |
1357 | (rti == NULL)? "::" : ip6_sprintf(&rti->nd_rti_prefix), |
1358 | ip6_sprintf(&dr->rtaddr)); |
1359 | /* |
1360 | * Delete it from the routing table. |
1361 | */ |
1362 | NDDR_ADDREF(dr); |
1363 | lck_mtx_unlock(nd6_mutex); |
1364 | defrouter_delreq(dr, rti); |
1365 | lck_mtx_lock(nd6_mutex); |
1366 | NDDR_REMREF(dr); |
1367 | |
1368 | /* |
1369 | * The following should mostly be limited to when we are working |
1370 | * with a default router entry and not a router entry from |
1371 | * rti router list. |
1372 | */ |
1373 | if (rti == NULL) { |
1374 | /* |
1375 | * Also delete all the pointers to the router in each prefix lists. |
1376 | */ |
1377 | for (pr = nd_prefix.lh_first; pr; pr = pr->ndpr_next) { |
1378 | struct nd_pfxrouter *pfxrtr; |
1379 | |
1380 | NDPR_LOCK(pr); |
1381 | if ((pfxrtr = pfxrtr_lookup(pr, dr)) != NULL) { |
1382 | pfxrtr_del(pfxrtr, pr); |
1383 | } |
1384 | NDPR_UNLOCK(pr); |
1385 | } |
1386 | pfxlist_onlink_check(); |
1387 | } |
1388 | ndi = ND_IFINFO(ifp); |
1389 | VERIFY(NULL != ndi && TRUE == ndi->initialized); |
1390 | lck_mtx_lock(lck: &ndi->lock); |
1391 | VERIFY(ndi->ndefrouters >= 0); |
1392 | if (ndi->ndefrouters > 0 && --ndi->ndefrouters == 0) { |
1393 | nd6_ifreset(ifp); |
1394 | resetmtu = TRUE; |
1395 | } |
1396 | lck_mtx_unlock(lck: &ndi->lock); |
1397 | /* |
1398 | * If the router is the primary one, choose a new one. |
1399 | * We always try to pick another eligible router |
1400 | * on this interface as we do scoped routing |
1401 | */ |
1402 | defrouter_select(ifp, nd_router_listp); |
1403 | |
1404 | if (resetmtu) { |
1405 | nd6_setmtu(ifp); |
1406 | } |
1407 | } |
1408 | |
1409 | int |
1410 | defrtrlist_add_static(struct nd_defrouter *new) |
1411 | { |
1412 | struct nd_defrouter *dr; |
1413 | int err = 0; |
1414 | |
1415 | new->rtlifetime = -1; |
1416 | new->stateflags |= NDDRF_STATIC; |
1417 | |
1418 | /* we only want the preference level */ |
1419 | new->flags &= ND_RA_FLAG_RTPREF_MASK; |
1420 | |
1421 | lck_mtx_lock(nd6_mutex); |
1422 | dr = defrouter_lookup(NULL, addr: &new->rtaddr, ifp: new->ifp); |
1423 | if (dr != NULL && !(dr->stateflags & NDDRF_STATIC)) { |
1424 | err = EINVAL; |
1425 | } else { |
1426 | if (dr != NULL) { |
1427 | NDDR_REMREF(dr); |
1428 | } |
1429 | dr = defrtrlist_update(new, NULL); |
1430 | if (dr != NULL) { |
1431 | err = dr->err; |
1432 | } else { |
1433 | err = ENOMEM; |
1434 | } |
1435 | } |
1436 | if (dr != NULL) { |
1437 | NDDR_REMREF(dr); |
1438 | } |
1439 | lck_mtx_unlock(nd6_mutex); |
1440 | |
1441 | return err; |
1442 | } |
1443 | |
1444 | int |
1445 | defrtrlist_del_static(struct nd_defrouter *new) |
1446 | { |
1447 | struct nd_defrouter *dr; |
1448 | |
1449 | lck_mtx_lock(nd6_mutex); |
1450 | dr = defrouter_lookup(NULL, addr: &new->rtaddr, ifp: new->ifp); |
1451 | if (dr == NULL || !(dr->stateflags & NDDRF_STATIC)) { |
1452 | if (dr != NULL) { |
1453 | NDDR_REMREF(dr); |
1454 | } |
1455 | dr = NULL; |
1456 | } else { |
1457 | TAILQ_REMOVE(&nd_defrouter_list, dr, dr_entry); |
1458 | defrtrlist_del(dr, NULL); |
1459 | NDDR_REMREF(dr); /* remove list reference */ |
1460 | NDDR_REMREF(dr); |
1461 | } |
1462 | lck_mtx_unlock(nd6_mutex); |
1463 | |
1464 | return dr != NULL ? 0 : EINVAL; |
1465 | } |
1466 | |
1467 | /* |
1468 | * for default router selection |
1469 | * regards router-preference field as a 2-bit signed integer |
1470 | */ |
1471 | static int |
1472 | rtpref(struct nd_defrouter *dr) |
1473 | { |
1474 | switch (dr->flags & ND_RA_FLAG_RTPREF_MASK) { |
1475 | case ND_RA_FLAG_RTPREF_HIGH: |
1476 | return RTPREF_HIGH; |
1477 | case ND_RA_FLAG_RTPREF_MEDIUM: |
1478 | case ND_RA_FLAG_RTPREF_RSV: |
1479 | return RTPREF_MEDIUM; |
1480 | case ND_RA_FLAG_RTPREF_LOW: |
1481 | return RTPREF_LOW; |
1482 | default: |
1483 | /* |
1484 | * This case should never happen. If it did, it would mean a |
1485 | * serious bug of kernel internal. We thus always bark here. |
1486 | * Or, can we even panic? |
1487 | */ |
1488 | log(LOG_ERR, "rtpref: impossible RA flag %x\n" , dr->flags); |
1489 | return RTPREF_INVALID; |
1490 | } |
1491 | /* NOTREACHED */ |
1492 | } |
1493 | |
1494 | /* |
1495 | * Default Router Selection according to Section 6.3.6 of RFC 2461 and RFC 4191: |
1496 | * |
1497 | * 1) Routers that are reachable or probably reachable should be preferred. |
1498 | * If we have more than one (probably) reachable router, prefer ones |
1499 | * with the highest router preference. |
1500 | * 2) When no routers on the list are known to be reachable or |
1501 | * probably reachable, routers SHOULD be selected in a round-robin |
1502 | * fashion, regardless of router preference values. |
1503 | * 3) If the Default Router List is empty, assume that all |
1504 | * destinations are on-link. |
1505 | * |
1506 | * When Scoped Routing is enabled, the selection logic is amended as follows: |
1507 | * |
1508 | * a) When a default interface is specified, the primary/non-scoped default |
1509 | * router will be set to the reachable router on that link (if any) with |
1510 | * the highest router preference. |
1511 | * b) When there are more than one routers on the same link, the one with |
1512 | * the highest router preference will be installed, either as scoped or |
1513 | * non-scoped route entry. If they all share the same preference value, |
1514 | * the one installed will be the static or the first encountered reachable |
1515 | * router, i.e. static one wins over dynamic. |
1516 | * c) When no routers on the list are known to be reachable, or probably |
1517 | * reachable, no round-robin selection will take place when the default |
1518 | * interface is set. |
1519 | * |
1520 | * We assume nd_defrouter is sorted by router preference value. |
1521 | * Since the code below covers both with and without router preference cases, |
1522 | * we do not need to classify the cases by ifdef. |
1523 | */ |
1524 | void |
1525 | defrouter_select(struct ifnet *ifp, struct nd_drhead *nd_router_listp) |
1526 | { |
1527 | struct nd_defrouter *dr = NULL; |
1528 | struct nd_defrouter *selected_dr = NULL; |
1529 | struct nd_defrouter *installed_dr = NULL; |
1530 | struct llinfo_nd6 *ln = NULL; |
1531 | struct rtentry *rt = NULL; |
1532 | struct nd_ifinfo *ndi = NULL; |
1533 | unsigned int genid = 0; |
1534 | boolean_t is_installed_reachable = FALSE; |
1535 | struct nd_route_info *rti = NULL; |
1536 | boolean_t scoped = TRUE; |
1537 | boolean_t is_rti_rtrlist = FALSE; |
1538 | |
1539 | LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_OWNED); |
1540 | |
1541 | if (nd_router_listp == NULL) { |
1542 | nd_router_listp = &nd_defrouter_list; |
1543 | } |
1544 | |
1545 | if (nd_router_listp != &nd_defrouter_list) { |
1546 | rti = (struct nd_route_info *)nd_router_listp; |
1547 | /* XXX For now we treat RTI routes as un-scoped */ |
1548 | scoped = FALSE; |
1549 | is_rti_rtrlist = TRUE; |
1550 | } |
1551 | |
1552 | |
1553 | if (ifp == NULL) { |
1554 | ifp = nd6_defifp; |
1555 | if (ifp == NULL) { |
1556 | nd6log2(info, |
1557 | "%s:%d: Return early. NULL interface" , |
1558 | __func__, __LINE__); |
1559 | return; |
1560 | } |
1561 | nd6log2(info, |
1562 | "%s:%d: NULL interface passed. Setting to default interface %s.\n" , |
1563 | __func__, __LINE__, if_name(ifp)); |
1564 | } |
1565 | |
1566 | /* |
1567 | * When we are working with RTI router list, the nd6_defifp may be |
1568 | * NULL. That is the scenario when the network may not have WAN |
1569 | * v6 connectivity and the only RAs we may be getting are with lifetime |
1570 | * 0. |
1571 | */ |
1572 | if (ifp == lo_ifp && !is_rti_rtrlist) { |
1573 | nd6log2(info, |
1574 | "%s:%d: Return early. " |
1575 | "Default router select called for loopback.\n" , |
1576 | __func__, __LINE__); |
1577 | return; |
1578 | } |
1579 | |
1580 | if (ifp->if_ipv6_router_mode == IPV6_ROUTER_MODE_EXCLUSIVE) { |
1581 | nd6log2(info, |
1582 | "%s:%d: Return early. " |
1583 | "Default router select called for interface" |
1584 | " %s in IPV6_ROUTER_MODE_EXCLUSIVE\n" , |
1585 | __func__, __LINE__, if_name(ifp)); |
1586 | return; |
1587 | } |
1588 | |
1589 | /* |
1590 | * Let's handle easy case (3) first: |
1591 | * If default router list is empty, there's nothing to be done. |
1592 | */ |
1593 | if (!TAILQ_FIRST(nd_router_listp)) { |
1594 | nd6log2(info, |
1595 | "%s:%d: Return early. " |
1596 | "Default router is empty.\n" , __func__, __LINE__); |
1597 | return; |
1598 | } |
1599 | |
1600 | /* |
1601 | * Take an early exit if number of routers in nd_ifinfo is |
1602 | * 0 for the interface. |
1603 | */ |
1604 | ndi = ND_IFINFO(ifp); |
1605 | if (!ndi || !ndi->initialized) { |
1606 | nd6log2(info, |
1607 | "%s:%d: Return early. " |
1608 | "Interface %s's nd_ifinfo not initialized.\n" , |
1609 | __func__, __LINE__, if_name(ifp)); |
1610 | return; |
1611 | } |
1612 | |
1613 | /* |
1614 | * RTI router list routes are installed as unscoped. |
1615 | * Since there can be only one unscoped route, we need to |
1616 | * go through the entire list and consider all interfaces. |
1617 | * Further, for now, RTI option is only processed on Ethernet |
1618 | * type interfaces only. |
1619 | */ |
1620 | if (ndi->ndefrouters == 0 && !is_rti_rtrlist) { |
1621 | nd6log2(info, |
1622 | "%s:%d: Return early. " |
1623 | "%s does not have any default routers.\n" , |
1624 | __func__, __LINE__, if_name(ifp)); |
1625 | return; |
1626 | } |
1627 | |
1628 | /* |
1629 | * Due to the number of times we drop nd6_mutex, we need to |
1630 | * serialize this function. |
1631 | */ |
1632 | while (nd_defrouter_busy) { |
1633 | nd_defrouter_waiters++; |
1634 | msleep(chan: nd_defrouter_waitchan, nd6_mutex, pri: (PZERO - 1), |
1635 | wmesg: __func__, NULL); |
1636 | LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_OWNED); |
1637 | } |
1638 | nd_defrouter_busy = TRUE; |
1639 | |
1640 | /* |
1641 | * Search for a (probably) reachable router from the list. |
1642 | * We just pick up the first reachable one (if any), assuming that |
1643 | * the ordering rule of the list described in defrtrlist_update(). |
1644 | * |
1645 | * For all intents and purposes of Scoped Routing: |
1646 | * selected_dr = candidate for primary router |
1647 | * installed_dr = currently installed primary router |
1648 | */ |
1649 | genid = nd6_defrouter_genid; |
1650 | dr = TAILQ_FIRST(nd_router_listp); |
1651 | |
1652 | while (dr != NULL) { |
1653 | struct in6_addr rtaddr; |
1654 | struct ifnet *drifp = NULL; |
1655 | struct nd_defrouter *drrele = NULL; |
1656 | boolean_t nd6_mutex_unlocked = FALSE; |
1657 | |
1658 | NDDR_LOCK(dr); |
1659 | drifp = dr->ifp; |
1660 | if (drifp != ifp && !is_rti_rtrlist) { |
1661 | NDDR_UNLOCK(dr); |
1662 | dr = TAILQ_NEXT(dr, dr_entry); |
1663 | continue; |
1664 | } |
1665 | |
1666 | if (dr->stateflags & NDDRF_INELIGIBLE) { |
1667 | NDDR_UNLOCK(dr); |
1668 | dr = TAILQ_NEXT(dr, dr_entry); |
1669 | nd6log(info, "Ignoring dummy entry for default router." ); |
1670 | continue; |
1671 | } |
1672 | |
1673 | /* |
1674 | * Optimize for the common case. |
1675 | * When the interface has only one default router |
1676 | * there's no point checking for reachability as |
1677 | * there's nothing else to choose from. |
1678 | */ |
1679 | if (ndi->ndefrouters == 1 && !is_rti_rtrlist) { |
1680 | nd6log2(info, |
1681 | "%s:%d: Fast forward default router selection " |
1682 | "as interface %s has learned only one default " |
1683 | "router and there's nothing else to choose from.\n" , |
1684 | __func__, __LINE__, if_name(ifp)); |
1685 | VERIFY(selected_dr == NULL && installed_dr == NULL); |
1686 | selected_dr = dr; |
1687 | if (dr->stateflags & NDDRF_INSTALLED) { |
1688 | installed_dr = dr; |
1689 | } |
1690 | NDDR_ADDREF(selected_dr); |
1691 | NDDR_UNLOCK(dr); |
1692 | goto install_route; |
1693 | } |
1694 | |
1695 | if (dr->stateflags & NDDRF_MAPPED) { |
1696 | rtaddr = dr->rtaddr_mapped; |
1697 | } else { |
1698 | rtaddr = dr->rtaddr; |
1699 | } |
1700 | |
1701 | NDDR_ADDREF(dr); /* for this for loop */ |
1702 | NDDR_UNLOCK(dr); |
1703 | |
1704 | /* Callee returns a locked route upon success */ |
1705 | if (selected_dr == NULL) { |
1706 | nd6_mutex_unlocked = TRUE; |
1707 | lck_mtx_unlock(nd6_mutex); |
1708 | if ((rt = nd6_lookup(&rtaddr, 0, drifp, 0)) != NULL && |
1709 | (ln = rt->rt_llinfo) != NULL && |
1710 | ND6_IS_LLINFO_PROBREACH(ln)) { |
1711 | RT_LOCK_ASSERT_HELD(rt); |
1712 | selected_dr = dr; |
1713 | NDDR_ADDREF(selected_dr); |
1714 | } |
1715 | } |
1716 | |
1717 | if (rt) { |
1718 | RT_REMREF_LOCKED(rt); |
1719 | RT_UNLOCK(rt); |
1720 | rt = NULL; |
1721 | } |
1722 | |
1723 | if (nd6_mutex_unlocked) { |
1724 | lck_mtx_lock(nd6_mutex); |
1725 | } |
1726 | |
1727 | /* |
1728 | * Handle case (b) |
1729 | * When there are more than one routers on the same link, the one with |
1730 | * the highest router preference will be installed. |
1731 | * Since the list is in decreasing order of preference: |
1732 | * 1) If selected_dr is not NULL, only use dr if it is static and has |
1733 | * equal preference and selected_dr is not static. |
1734 | * 2) Else if selected_dr is NULL, and dr is static make selected_dr = dr |
1735 | */ |
1736 | NDDR_LOCK(dr); |
1737 | if (((selected_dr && (rtpref(dr) >= rtpref(dr: selected_dr)) && |
1738 | !(selected_dr->stateflags & NDDRF_STATIC)) || |
1739 | (selected_dr == NULL)) && |
1740 | (dr->stateflags & NDDRF_STATIC)) { |
1741 | if (selected_dr) { |
1742 | /* Release it later on */ |
1743 | VERIFY(drrele == NULL); |
1744 | drrele = selected_dr; |
1745 | } |
1746 | selected_dr = dr; |
1747 | NDDR_ADDREF(selected_dr); |
1748 | } |
1749 | |
1750 | /* Record the currently installed router */ |
1751 | if (dr->stateflags & NDDRF_INSTALLED) { |
1752 | if (installed_dr == NULL) { |
1753 | installed_dr = dr; |
1754 | NDDR_ADDREF(installed_dr); |
1755 | if (dr->stateflags & NDDRF_MAPPED) { |
1756 | rtaddr = installed_dr->rtaddr_mapped; |
1757 | } else { |
1758 | rtaddr = installed_dr->rtaddr; |
1759 | } |
1760 | NDDR_UNLOCK(dr); |
1761 | lck_mtx_unlock(nd6_mutex); |
1762 | /* Callee returns a locked route upon success */ |
1763 | if ((rt = nd6_lookup(&rtaddr, 0, installed_dr->ifp, 0)) != NULL) { |
1764 | RT_LOCK_ASSERT_HELD(rt); |
1765 | if ((ln = rt->rt_llinfo) != NULL && |
1766 | ND6_IS_LLINFO_PROBREACH(ln)) { |
1767 | is_installed_reachable = TRUE; |
1768 | } |
1769 | |
1770 | RT_REMREF_LOCKED(rt); |
1771 | RT_UNLOCK(rt); |
1772 | rt = NULL; |
1773 | } |
1774 | lck_mtx_lock(nd6_mutex); |
1775 | } else { |
1776 | /* this should not happen; warn for diagnosis */ |
1777 | nd6log(error, "defrouter_select: more than one " |
1778 | "default router is installed for interface :%s.\n" , |
1779 | if_name(installed_dr->ifp)); |
1780 | NDDR_UNLOCK(dr); |
1781 | } |
1782 | } else { |
1783 | NDDR_UNLOCK(dr); |
1784 | } |
1785 | |
1786 | NDDR_REMREF(dr); /* for this for loop */ |
1787 | if (drrele != NULL) { |
1788 | NDDR_REMREF(drrele); |
1789 | } |
1790 | |
1791 | /* |
1792 | * Check if the list changed when we gave up |
1793 | * the nd6_mutex lock |
1794 | */ |
1795 | if (genid != nd6_defrouter_genid) { |
1796 | if (selected_dr) { |
1797 | NDDR_REMREF(selected_dr); |
1798 | selected_dr = NULL; |
1799 | } |
1800 | |
1801 | if (installed_dr) { |
1802 | NDDR_REMREF(installed_dr); |
1803 | installed_dr = NULL; |
1804 | } |
1805 | |
1806 | if (ndi->ndefrouters == 0 && !is_rti_rtrlist) { |
1807 | nd6log2(info, |
1808 | "%s:%d: Interface %s no longer " |
1809 | "has any default routers. Abort.\n" , |
1810 | __func__, __LINE__, if_name(ifp)); |
1811 | goto out; |
1812 | } |
1813 | nd6log2(info, |
1814 | "%s:%d: Iterate default router list again " |
1815 | "for interface %s, as the list seems to have " |
1816 | "changed during release-reaquire of global " |
1817 | "nd6_mutex lock.\n" , |
1818 | __func__, __LINE__, if_name(ifp)); |
1819 | |
1820 | is_installed_reachable = FALSE; |
1821 | genid = nd6_defrouter_genid; |
1822 | dr = TAILQ_FIRST(nd_router_listp); |
1823 | } else { |
1824 | dr = TAILQ_NEXT(dr, dr_entry); |
1825 | } |
1826 | } |
1827 | |
1828 | /* |
1829 | * If none of the default routers was found to be reachable, |
1830 | * round-robin the list regardless of preference. |
1831 | * Please note selected_dr equal to NULL implies that even |
1832 | * installed default router is not reachable |
1833 | */ |
1834 | if (selected_dr == NULL) { |
1835 | if (installed_dr) { |
1836 | for (dr = TAILQ_NEXT(installed_dr, dr_entry); dr; |
1837 | dr = TAILQ_NEXT(dr, dr_entry)) { |
1838 | if (installed_dr->ifp != dr->ifp && !is_rti_rtrlist) { |
1839 | continue; |
1840 | } |
1841 | if (dr->stateflags & NDDRF_INELIGIBLE) { |
1842 | continue; |
1843 | } |
1844 | selected_dr = dr; |
1845 | break; |
1846 | } |
1847 | } |
1848 | |
1849 | /* |
1850 | * If none was installed or the installed one if the last |
1851 | * one on the list, select the first one from the list |
1852 | */ |
1853 | if ((installed_dr == NULL) || (selected_dr == NULL)) { |
1854 | for (dr = TAILQ_FIRST(nd_router_listp); dr; |
1855 | dr = TAILQ_NEXT(dr, dr_entry)) { |
1856 | if (dr->stateflags & NDDRF_INELIGIBLE) { |
1857 | continue; |
1858 | } |
1859 | if (dr->ifp == ifp || is_rti_rtrlist) { |
1860 | selected_dr = dr; |
1861 | break; |
1862 | } |
1863 | } |
1864 | } |
1865 | |
1866 | if ((selected_dr == NULL) && (installed_dr == NULL)) { |
1867 | nd6log2(info, |
1868 | "%s:%d: Between release and reaquire of global " |
1869 | "nd6_mutex lock, the list seems to have changed " |
1870 | "and it does not have any default routers for " |
1871 | "interface %s.\n" , |
1872 | __func__, __LINE__, if_name(ifp)); |
1873 | goto out; |
1874 | } |
1875 | |
1876 | if (selected_dr != installed_dr) { |
1877 | NDDR_ADDREF(selected_dr); |
1878 | } |
1879 | } else if (installed_dr != NULL) { |
1880 | if (installed_dr != selected_dr) { |
1881 | /* |
1882 | * This means that selected default router is reachable |
1883 | * while installed one may or may not be. |
1884 | * Static router should always be considered as reachable |
1885 | * for router selection process. |
1886 | */ |
1887 | if ((installed_dr->stateflags & NDDRF_STATIC) && |
1888 | rtpref(dr: installed_dr) >= rtpref(dr: selected_dr)) { |
1889 | NDDR_REMREF(selected_dr); |
1890 | selected_dr = installed_dr; |
1891 | } else if (is_installed_reachable) { |
1892 | if (rtpref(dr: selected_dr) <= rtpref(dr: installed_dr)) { |
1893 | NDDR_REMREF(selected_dr); |
1894 | selected_dr = installed_dr; |
1895 | } |
1896 | } |
1897 | } else { |
1898 | NDDR_REMREF(selected_dr); |
1899 | } |
1900 | } |
1901 | |
1902 | install_route: |
1903 | /* |
1904 | * If the selected router is different than the installed one, |
1905 | * remove the installed router and install the selected one. |
1906 | * Note that the selected router is never NULL here. |
1907 | * Else check if the route entry scope has to be changed. |
1908 | */ |
1909 | lck_mtx_unlock(nd6_mutex); |
1910 | if (installed_dr != selected_dr) { |
1911 | nd6log(info, |
1912 | "%s:%d: Found a better router for interface " |
1913 | "%s. Installing new default route.\n" , |
1914 | __func__, __LINE__, if_name(ifp)); |
1915 | if (installed_dr != NULL) { |
1916 | defrouter_delreq(dr: installed_dr, rti); |
1917 | } |
1918 | /* |
1919 | * Install scoped route if the interface is not |
1920 | * the default nd6 interface. |
1921 | */ |
1922 | defrouter_addreq(new: selected_dr, rti, |
1923 | scoped: scoped && (selected_dr->ifp != nd6_defifp)); |
1924 | } else if (((installed_dr->stateflags & NDDRF_IFSCOPE) && |
1925 | (installed_dr->ifp == nd6_defifp)) || |
1926 | (scoped && !(installed_dr->stateflags & NDDRF_IFSCOPE) && |
1927 | (installed_dr->ifp != nd6_defifp))) { |
1928 | nd6log(info, |
1929 | "%s:%d: Need to reinstall default route for interface " |
1930 | "%s as its scope has changed.\n" , |
1931 | __func__, __LINE__, if_name(ifp)); |
1932 | defrouter_delreq(dr: installed_dr, rti); |
1933 | defrouter_addreq(new: installed_dr, rti, |
1934 | scoped: scoped && (installed_dr->ifp != nd6_defifp)); |
1935 | } else { |
1936 | nd6log2(info, |
1937 | "%s:%d: No need to change the default " |
1938 | "route for interface %s.\n" , |
1939 | __func__, __LINE__, if_name(ifp)); |
1940 | } |
1941 | lck_mtx_lock(nd6_mutex); |
1942 | out: |
1943 | if (selected_dr && (selected_dr != installed_dr)) { |
1944 | NDDR_REMREF(selected_dr); |
1945 | } |
1946 | if (installed_dr) { |
1947 | NDDR_REMREF(installed_dr); |
1948 | } |
1949 | LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_OWNED); |
1950 | VERIFY(nd_defrouter_busy); |
1951 | nd_defrouter_busy = FALSE; |
1952 | if (nd_defrouter_waiters > 0) { |
1953 | nd_defrouter_waiters = 0; |
1954 | wakeup(chan: nd_defrouter_waitchan); |
1955 | } |
1956 | } |
1957 | |
1958 | static struct nd_defrouter * |
1959 | defrtrlist_update_common(struct nd_defrouter *new, struct nd_drhead *nd_router_listp, boolean_t scoped) |
1960 | { |
1961 | struct nd_defrouter *dr, *n; |
1962 | struct ifnet *ifp = new->ifp; |
1963 | struct nd_ifinfo *ndi = NULL; |
1964 | struct timeval caltime; |
1965 | |
1966 | LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_OWNED); |
1967 | |
1968 | if (nd_router_listp == NULL) { |
1969 | nd_router_listp = &nd_defrouter_list; |
1970 | } |
1971 | |
1972 | /* |
1973 | * If we are not operating on default router list, |
1974 | * it implies we are operating on RTI's router list. |
1975 | * XXX For now we manage RTI routes un-scoped. |
1976 | */ |
1977 | if (nd_router_listp != &nd_defrouter_list) { |
1978 | scoped = FALSE; |
1979 | } |
1980 | |
1981 | if ((dr = defrouter_lookup(nd_router_listp, addr: &new->rtaddr, ifp)) != NULL) { |
1982 | /* entry exists */ |
1983 | /* |
1984 | * 1. If previous entry was not dummy and new is, |
1985 | * delete it and return NULL. |
1986 | * 2. If previous entry was dummy and the new one |
1987 | * is also dummy, simply return dr. |
1988 | * 3. If previous was dummy but new one is not, |
1989 | * make sure we perform default router selection again. |
1990 | */ |
1991 | /* If the router was not added as a dummy and there's |
1992 | * been a change (lifetime advertised was 0, communicated |
1993 | * as NDDRF_INELIGIBLE flag), remove the entry. |
1994 | */ |
1995 | if ((new->stateflags & NDDRF_INELIGIBLE) != 0 && |
1996 | (dr->stateflags & NDDRF_INELIGIBLE) == 0) { |
1997 | TAILQ_REMOVE(nd_router_listp, dr, dr_entry); |
1998 | defrtrlist_del(dr, nd_router_listp); |
1999 | NDDR_REMREF(dr); /* remove list reference */ |
2000 | NDDR_REMREF(dr); |
2001 | dr = NULL; |
2002 | return NULL; |
2003 | } else { |
2004 | int oldpref = rtpref(dr); |
2005 | struct nd_defrouter *p = NULL; |
2006 | boolean_t dummy_change = FALSE; |
2007 | /* |
2008 | * If new one is not dummy but the old one was, |
2009 | * reset the stateflag. |
2010 | */ |
2011 | if ((new->stateflags & NDDRF_INELIGIBLE) == 0 && |
2012 | (dr->stateflags & NDDRF_INELIGIBLE) != 0) { |
2013 | dummy_change = TRUE; |
2014 | dr->stateflags &= ~NDDRF_INELIGIBLE; |
2015 | } |
2016 | |
2017 | /* override */ |
2018 | dr->flags = new->flags; /* xxx flag check */ |
2019 | dr->rtlifetime = new->rtlifetime; |
2020 | dr->expire = new->expire; |
2021 | |
2022 | /* |
2023 | * If the preference does not change, there's no need |
2024 | * to sort the entries. If Scoped Routing is enabled, |
2025 | * put the primary/non-scoped router at the top of the |
2026 | * list of routers in the same preference band, unless |
2027 | * it's already at that position. |
2028 | */ |
2029 | /* same preference and scoped; just return */ |
2030 | if (rtpref(dr: new) == oldpref && scoped && dummy_change == FALSE) { |
2031 | return dr; |
2032 | } |
2033 | |
2034 | n = TAILQ_FIRST(nd_router_listp); |
2035 | while (n != NULL) { |
2036 | /* preference changed; sort it */ |
2037 | if (rtpref(dr: new) != oldpref) { |
2038 | break; |
2039 | } |
2040 | |
2041 | /* not at the top of band; sort it */ |
2042 | if (n != dr && rtpref(dr: n) == oldpref && |
2043 | (!p || rtpref(dr: p) > rtpref(dr: n))) { |
2044 | break; |
2045 | } |
2046 | |
2047 | p = n; |
2048 | n = TAILQ_NEXT(n, dr_entry); |
2049 | } |
2050 | |
2051 | /* nothing has changed, just return */ |
2052 | if (n == NULL && (scoped || |
2053 | !(dr->stateflags & NDDRF_IFSCOPE)) && dummy_change == FALSE) { |
2054 | return dr; |
2055 | } |
2056 | |
2057 | /* |
2058 | * preferred router may be changed, so relocate |
2059 | * this router. |
2060 | * XXX: calling TAILQ_REMOVE directly is a bad manner. |
2061 | * However, since defrtrlist_del() has many side |
2062 | * effects, we intentionally do so here. |
2063 | * defrouter_select() below will handle routing |
2064 | * changes later. |
2065 | */ |
2066 | TAILQ_REMOVE(nd_router_listp, dr, dr_entry); |
2067 | new->stateflags = dr->stateflags; |
2068 | |
2069 | n = dr; |
2070 | goto insert; |
2071 | } |
2072 | } |
2073 | |
2074 | VERIFY(dr == NULL); |
2075 | n = nddr_alloc(Z_WAITOK); |
2076 | |
2077 | ndi = ND_IFINFO(ifp); |
2078 | VERIFY((NULL != ndi) && (TRUE == ndi->initialized)); |
2079 | lck_mtx_lock(lck: &ndi->lock); |
2080 | |
2081 | if (ip6_maxifdefrouters >= 0 && |
2082 | ndi->ndefrouters >= ip6_maxifdefrouters) { |
2083 | lck_mtx_unlock(lck: &ndi->lock); |
2084 | nddr_free(n); |
2085 | nd6log(error, "%s: ignoring router addition as we have hit the " |
2086 | "max limit of %d for max default routers.\n" , __func__, |
2087 | ip6_maxifdefrouters); |
2088 | return NULL; |
2089 | } |
2090 | |
2091 | NDDR_ADDREF(n); /* for the nd_defrouter list */ |
2092 | NDDR_ADDREF(n); /* for the caller */ |
2093 | |
2094 | ++nd6_defrouter_genid; |
2095 | ndi->ndefrouters++; |
2096 | VERIFY(ndi->ndefrouters != 0); |
2097 | lck_mtx_unlock(lck: &ndi->lock); |
2098 | |
2099 | nd6log2(info, "%s: allocating defrouter %s\n" , if_name(ifp), |
2100 | ip6_sprintf(&new->rtaddr)); |
2101 | |
2102 | getmicrotime(&caltime); |
2103 | NDDR_LOCK(n); |
2104 | memcpy(dst: &n->rtaddr, src: &new->rtaddr, n: sizeof(n->rtaddr)); |
2105 | n->flags = new->flags; |
2106 | n->stateflags = new->stateflags; |
2107 | n->rtlifetime = new->rtlifetime; |
2108 | n->expire = new->expire; |
2109 | n->base_calendartime = caltime.tv_sec; |
2110 | n->base_uptime = net_uptime(); |
2111 | n->ifp = new->ifp; |
2112 | n->err = new->err; |
2113 | n->is_reachable = TRUE; |
2114 | NDDR_UNLOCK(n); |
2115 | insert: |
2116 | /* get nd6_service() to be scheduled as soon as it's convenient */ |
2117 | ++nd6_sched_timeout_want; |
2118 | |
2119 | /* |
2120 | * Insert the new router in the Default Router List; |
2121 | * The Default Router List should be in the descending order |
2122 | * of router-preferece. When Scoped Routing is disabled, routers |
2123 | * with the same preference are sorted in the arriving time order; |
2124 | * otherwise, the first entry in the list of routers having the same |
2125 | * preference is the primary default router, when the interface used |
2126 | * by the entry is the default interface. |
2127 | */ |
2128 | |
2129 | /* insert at the end of the group */ |
2130 | for (dr = TAILQ_FIRST(nd_router_listp); dr; |
2131 | dr = TAILQ_NEXT(dr, dr_entry)) { |
2132 | if (rtpref(dr: n) > rtpref(dr) || |
2133 | (!scoped && rtpref(dr: n) == rtpref(dr))) { |
2134 | break; |
2135 | } |
2136 | } |
2137 | if (dr) { |
2138 | TAILQ_INSERT_BEFORE(dr, n, dr_entry); |
2139 | } else { |
2140 | TAILQ_INSERT_TAIL(nd_router_listp, n, dr_entry); |
2141 | } |
2142 | |
2143 | defrouter_select(ifp, nd_router_listp); |
2144 | |
2145 | return n; |
2146 | } |
2147 | |
2148 | struct nd_defrouter * |
2149 | defrtrlist_update(struct nd_defrouter *new, struct nd_drhead *nd_router_list) |
2150 | { |
2151 | struct nd_defrouter *dr; |
2152 | |
2153 | LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_OWNED); |
2154 | dr = defrtrlist_update_common(new, nd_router_listp: nd_router_list, |
2155 | scoped: (nd6_defifp != NULL && new->ifp != nd6_defifp)); |
2156 | |
2157 | return dr; |
2158 | } |
2159 | |
2160 | struct nd_pfxrouter * |
2161 | pfxrtr_lookup(struct nd_prefix *pr, struct nd_defrouter *dr) |
2162 | { |
2163 | struct nd_pfxrouter *search; |
2164 | |
2165 | LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_OWNED); |
2166 | NDPR_LOCK_ASSERT_HELD(pr); |
2167 | |
2168 | for (search = pr->ndpr_advrtrs.lh_first; search; |
2169 | search = search->pfr_next) { |
2170 | if (search->router == dr) { |
2171 | break; |
2172 | } |
2173 | } |
2174 | |
2175 | return search; |
2176 | } |
2177 | |
2178 | static void |
2179 | pfxrtr_add(struct nd_prefix *pr, struct nd_defrouter *dr) |
2180 | { |
2181 | struct nd_pfxrouter *new; |
2182 | |
2183 | LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_OWNED); |
2184 | NDPR_LOCK_ASSERT_NOTHELD(pr); |
2185 | |
2186 | new = zalloc_flags(ndprtr_zone, Z_WAITOK | Z_ZERO | Z_NOFAIL); |
2187 | new->router = dr; |
2188 | |
2189 | NDPR_LOCK(pr); |
2190 | LIST_INSERT_HEAD(&pr->ndpr_advrtrs, new, pfr_entry); |
2191 | pr->ndpr_genid++; |
2192 | NDPR_UNLOCK(pr); |
2193 | |
2194 | pfxlist_onlink_check(); |
2195 | } |
2196 | |
2197 | static void |
2198 | pfxrtr_del(struct nd_pfxrouter *pfr, struct nd_prefix *pr) |
2199 | { |
2200 | LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_OWNED); |
2201 | NDPR_LOCK_ASSERT_HELD(pr); |
2202 | pr->ndpr_genid++; |
2203 | LIST_REMOVE(pfr, pfr_entry); |
2204 | zfree(ndprtr_zone, pfr); |
2205 | } |
2206 | |
2207 | /* |
2208 | * The routine has been modified to atomically refresh expiry |
2209 | * time for nd6 prefix as the part of lookup. |
2210 | * There's a corner case where a system going |
2211 | * in sleep gets rid of manual addresses configured in the system |
2212 | * and then schedules the prefix for deletion. |
2213 | * However before the prefix gets deleted, if system comes out |
2214 | * from sleep and configures same address before prefix deletion |
2215 | * , the later prefix deletion will remove the prefix route and |
2216 | * the system will not be able to communicate with other IPv6 |
2217 | * neighbor nodes in the same subnet. |
2218 | */ |
2219 | struct nd_prefix * |
2220 | nd6_prefix_lookup(struct nd_prefix *pr, int nd6_prefix_expiry) |
2221 | { |
2222 | struct nd_prefix *search; |
2223 | |
2224 | lck_mtx_lock(nd6_mutex); |
2225 | for (search = nd_prefix.lh_first; search; search = search->ndpr_next) { |
2226 | NDPR_LOCK(search); |
2227 | if (pr->ndpr_ifp == search->ndpr_ifp && |
2228 | pr->ndpr_plen == search->ndpr_plen && |
2229 | in6_are_prefix_equal(p1: &pr->ndpr_prefix.sin6_addr, ifscope1: pr->ndpr_prefix.sin6_scope_id, |
2230 | p2: &search->ndpr_prefix.sin6_addr, ifscope2: search->ndpr_prefix.sin6_scope_id, len: pr->ndpr_plen)) { |
2231 | if (nd6_prefix_expiry != ND6_PREFIX_EXPIRY_UNSPEC) { |
2232 | search->ndpr_expire = nd6_prefix_expiry; |
2233 | } |
2234 | NDPR_ADDREF(search); |
2235 | NDPR_UNLOCK(search); |
2236 | break; |
2237 | } |
2238 | NDPR_UNLOCK(search); |
2239 | } |
2240 | lck_mtx_unlock(nd6_mutex); |
2241 | |
2242 | return search; |
2243 | } |
2244 | |
2245 | int |
2246 | nd6_prelist_add(struct nd_prefix *pr, struct nd_defrouter *dr, |
2247 | struct nd_prefix **newp, boolean_t force_scoped) |
2248 | { |
2249 | struct nd_prefix *new = NULL; |
2250 | struct ifnet *ifp = pr->ndpr_ifp; |
2251 | struct nd_ifinfo *ndi = NULL; |
2252 | int i, error; |
2253 | |
2254 | if (ip6_maxifprefixes >= 0) { |
2255 | ndi = ND_IFINFO(ifp); |
2256 | VERIFY((NULL != ndi) && (TRUE == ndi->initialized)); |
2257 | lck_mtx_lock(lck: &ndi->lock); |
2258 | if (ndi->nprefixes >= ip6_maxifprefixes) { |
2259 | lck_mtx_unlock(lck: &ndi->lock); |
2260 | return ENOMEM; |
2261 | } |
2262 | lck_mtx_unlock(lck: &ndi->lock); |
2263 | } |
2264 | |
2265 | new = ndpr_alloc(M_WAITOK); |
2266 | if (new == NULL) { |
2267 | return ENOMEM; |
2268 | } |
2269 | |
2270 | NDPR_LOCK(new); |
2271 | NDPR_LOCK(pr); |
2272 | new->ndpr_ifp = pr->ndpr_ifp; |
2273 | new->ndpr_prefix = pr->ndpr_prefix; |
2274 | new->ndpr_plen = pr->ndpr_plen; |
2275 | new->ndpr_vltime = pr->ndpr_vltime; |
2276 | new->ndpr_pltime = pr->ndpr_pltime; |
2277 | new->ndpr_flags = pr->ndpr_flags; |
2278 | if (pr->ndpr_stateflags & NDPRF_STATIC) { |
2279 | new->ndpr_stateflags |= NDPRF_STATIC; |
2280 | } |
2281 | NDPR_UNLOCK(pr); |
2282 | if ((error = in6_init_prefix_ltimes(ndpr: new)) != 0) { |
2283 | NDPR_UNLOCK(new); |
2284 | ndpr_free(new); |
2285 | return error; |
2286 | } |
2287 | new->ndpr_lastupdate = net_uptime(); |
2288 | if (newp != NULL) { |
2289 | *newp = new; |
2290 | NDPR_ADDREF(new); /* for caller */ |
2291 | } |
2292 | /* initialization */ |
2293 | LIST_INIT(&new->ndpr_advrtrs); |
2294 | in6_prefixlen2mask(maskp: &new->ndpr_mask, len: new->ndpr_plen); |
2295 | /* make prefix in the canonical form */ |
2296 | for (i = 0; i < 4; i++) { |
2297 | new->ndpr_prefix.sin6_addr.s6_addr32[i] &= |
2298 | new->ndpr_mask.s6_addr32[i]; |
2299 | } |
2300 | |
2301 | NDPR_UNLOCK(new); |
2302 | |
2303 | /* get nd6_service() to be scheduled as soon as it's convenient */ |
2304 | ++nd6_sched_timeout_want; |
2305 | |
2306 | lck_mtx_lock(nd6_mutex); |
2307 | /* link ndpr_entry to nd_prefix list */ |
2308 | LIST_INSERT_HEAD(&nd_prefix, new, ndpr_entry); |
2309 | new->ndpr_debug |= IFD_ATTACHED; |
2310 | NDPR_ADDREF(new); /* for nd_prefix list */ |
2311 | |
2312 | lck_mtx_lock(lck: &ndi->lock); |
2313 | ndi->nprefixes++; |
2314 | VERIFY(ndi->nprefixes != 0); |
2315 | lck_mtx_unlock(lck: &ndi->lock); |
2316 | |
2317 | /* ND_OPT_PI_FLAG_ONLINK processing */ |
2318 | if (new->ndpr_raf_onlink) { |
2319 | int e; |
2320 | |
2321 | if ((e = nd6_prefix_onlink_common(new, force_scoped, |
2322 | new->ndpr_ifp->if_index)) != 0) { |
2323 | nd6log(error, "nd6_prelist_add: failed to make " |
2324 | "the prefix %s/%d on-link %s on %s (errno=%d)\n" , |
2325 | ip6_sprintf(&new->ndpr_prefix.sin6_addr), |
2326 | new->ndpr_plen, force_scoped ? "scoped" : |
2327 | "non-scoped" , if_name(ifp), e); |
2328 | /* proceed anyway. XXX: is it correct? */ |
2329 | } |
2330 | } |
2331 | |
2332 | if (dr) { |
2333 | pfxrtr_add(pr: new, dr); |
2334 | } |
2335 | |
2336 | lck_mtx_unlock(nd6_mutex); |
2337 | |
2338 | return 0; |
2339 | } |
2340 | |
2341 | /* |
2342 | * Caller must have held an extra reference on nd_prefix. |
2343 | */ |
2344 | void |
2345 | prelist_remove(struct nd_prefix *pr) |
2346 | { |
2347 | struct nd_pfxrouter *pfr = NULL, *next = NULL; |
2348 | struct ifnet *ifp = pr->ndpr_ifp; |
2349 | struct nd_ifinfo *ndi = NULL; |
2350 | struct nd_prefix *tmp_pr = NULL; |
2351 | boolean_t pr_scoped; |
2352 | int err; |
2353 | |
2354 | LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_OWNED); |
2355 | NDPR_LOCK_ASSERT_HELD(pr); |
2356 | |
2357 | if (pr->ndpr_stateflags & NDPRF_DEFUNCT) { |
2358 | return; |
2359 | } |
2360 | |
2361 | pr_scoped = (pr->ndpr_stateflags & NDPRF_IFSCOPE) != 0; |
2362 | /* |
2363 | * If there are no more addresses, defunct the prefix. This is needed |
2364 | * because we don't want multiple threads calling prelist_remove() for |
2365 | * the same prefix and this might happen because we unlock nd6_mutex |
2366 | * down below. |
2367 | */ |
2368 | if (pr->ndpr_addrcnt == 0) { |
2369 | pr->ndpr_stateflags |= NDPRF_DEFUNCT; |
2370 | } |
2371 | |
2372 | /* make sure to invalidate the prefix until it is really freed. */ |
2373 | pr->ndpr_vltime = 0; |
2374 | pr->ndpr_pltime = 0; |
2375 | |
2376 | /* |
2377 | * Though these flags are now meaningless, we'd rather keep the value |
2378 | * of pr->ndpr_raf_onlink and pr->ndpr_raf_auto not to confuse users |
2379 | * when executing "ndp -p". |
2380 | */ |
2381 | if (pr->ndpr_stateflags & NDPRF_ONLINK) { |
2382 | int error = 0; |
2383 | NDPR_ADDREF(pr); |
2384 | NDPR_UNLOCK(pr); |
2385 | lck_mtx_unlock(nd6_mutex); |
2386 | if ((error = nd6_prefix_offlink(pr)) != 0) { |
2387 | nd6log(error, "prelist_remove: failed to make " |
2388 | "%s/%d offlink on %s, errno=%d\n" , |
2389 | ip6_sprintf(&pr->ndpr_prefix.sin6_addr), |
2390 | pr->ndpr_plen, if_name(ifp), error); |
2391 | /* what should we do? */ |
2392 | } |
2393 | lck_mtx_lock(nd6_mutex); |
2394 | NDPR_LOCK(pr); |
2395 | if (NDPR_REMREF(pr) == NULL) { |
2396 | return; |
2397 | } |
2398 | } |
2399 | |
2400 | /* |
2401 | * Check if there is a scoped version of this PR, if so |
2402 | * make it unscoped. |
2403 | */ |
2404 | if (!pr_scoped && IN6_IS_ADDR_UNIQUE_LOCAL(&pr->ndpr_prefix.sin6_addr)) { |
2405 | tmp_pr = nd6_prefix_equal_lookup(pr, FALSE); |
2406 | if (tmp_pr != NULL) { |
2407 | NDPR_ADDREF(pr); |
2408 | NDPR_UNLOCK(pr); |
2409 | |
2410 | lck_mtx_unlock(nd6_mutex); |
2411 | err = nd6_prefix_offlink(tmp_pr); |
2412 | lck_mtx_lock(nd6_mutex); |
2413 | if (err != 0) { |
2414 | nd6log(error, |
2415 | "%s: failed to make %s/%d offlink on %s, " |
2416 | "errno=%d\n" , __func__, |
2417 | ip6_sprintf(&tmp_pr->ndpr_prefix.sin6_addr), |
2418 | tmp_pr->ndpr_plen, if_name(tmp_pr->ndpr_ifp), err); |
2419 | } |
2420 | |
2421 | err = nd6_prefix_onlink_scoped(tmp_pr, IFSCOPE_NONE); |
2422 | if (err != 0) { |
2423 | nd6log(error, |
2424 | "%s: failed to make %s/%d onlink on %s, errno=%d\n" , |
2425 | __func__, ip6_sprintf(&tmp_pr->ndpr_prefix.sin6_addr), |
2426 | tmp_pr->ndpr_plen, if_name(tmp_pr->ndpr_ifp), err); |
2427 | } |
2428 | |
2429 | if (err != 0) { |
2430 | nd6log(error, |
2431 | "%s: error unscoping %s/%d from %s\n" , |
2432 | __func__, ip6_sprintf(&tmp_pr->ndpr_prefix.sin6_addr), |
2433 | tmp_pr->ndpr_plen, if_name(tmp_pr->ndpr_ifp)); |
2434 | } else { |
2435 | nd6log2(info, |
2436 | "%s: %s/%d unscoped, previously on %s\n" , |
2437 | __func__, ip6_sprintf(&tmp_pr->ndpr_prefix.sin6_addr), |
2438 | tmp_pr->ndpr_plen, if_name(tmp_pr->ndpr_ifp)); |
2439 | } |
2440 | |
2441 | NDPR_REMREF(tmp_pr); |
2442 | |
2443 | NDPR_LOCK(pr); |
2444 | if (NDPR_REMREF(pr) == NULL) { |
2445 | return; |
2446 | } |
2447 | } |
2448 | } |
2449 | |
2450 | if (pr->ndpr_addrcnt > 0) { |
2451 | /* |
2452 | * The state might have changed if we called |
2453 | * nd6_prefix_offlink(). |
2454 | */ |
2455 | pr->ndpr_stateflags &= ~NDPRF_DEFUNCT; |
2456 | return; /* notice here? */ |
2457 | } |
2458 | |
2459 | /* unlink ndpr_entry from nd_prefix list */ |
2460 | LIST_REMOVE(pr, ndpr_entry); |
2461 | pr->ndpr_debug &= ~IFD_ATTACHED; |
2462 | |
2463 | /* free list of routers that adversed the prefix */ |
2464 | for (pfr = pr->ndpr_advrtrs.lh_first; pfr; pfr = next) { |
2465 | next = pfr->pfr_next; |
2466 | pfxrtr_del(pfr, pr); |
2467 | } |
2468 | |
2469 | ndi = ND_IFINFO(ifp); |
2470 | VERIFY((NULL != ndi) && (TRUE == ndi->initialized)); |
2471 | lck_mtx_lock(lck: &ndi->lock); |
2472 | VERIFY(ndi->nprefixes > 0); |
2473 | ndi->nprefixes--; |
2474 | lck_mtx_unlock(lck: &ndi->lock); |
2475 | |
2476 | /* This must not be the last reference to the nd_prefix */ |
2477 | if (NDPR_REMREF(pr) == NULL) { |
2478 | panic("%s: unexpected (missing) refcnt ndpr=%p" , __func__, pr); |
2479 | /* NOTREACHED */ |
2480 | } |
2481 | |
2482 | /* |
2483 | * Don't call pfxlist_onlink_check() here because we are |
2484 | * holding the NDPR lock and this could cause a deadlock when |
2485 | * there are multiple threads executing pfxlist_onlink_check(). |
2486 | */ |
2487 | } |
2488 | |
2489 | int |
2490 | prelist_update( |
2491 | struct nd_prefix *new, |
2492 | struct nd_defrouter *dr, /* may be NULL */ |
2493 | struct mbuf *m, |
2494 | int mcast) |
2495 | { |
2496 | struct in6_ifaddr *ia6 = NULL, *ia6_match = NULL; |
2497 | struct ifaddr *ifa; |
2498 | struct ifnet *ifp = new->ndpr_ifp; |
2499 | struct nd_prefix *pr; |
2500 | int error = 0; |
2501 | int newprefix = 0; |
2502 | int auth; |
2503 | uint64_t timenow = net_uptime(); |
2504 | |
2505 | /* no need to lock "new" here, as it is local to the caller */ |
2506 | NDPR_LOCK_ASSERT_NOTHELD(new); |
2507 | |
2508 | auth = 0; |
2509 | if (m) { |
2510 | /* |
2511 | * Authenticity for NA consists authentication for |
2512 | * both IP header and IP datagrams, doesn't it ? |
2513 | */ |
2514 | #if defined(M_AUTHIPHDR) && defined(M_AUTHIPDGM) |
2515 | auth = (m->m_flags & M_AUTHIPHDR) && (m->m_flags & M_AUTHIPDGM); |
2516 | #endif |
2517 | } |
2518 | |
2519 | if ((pr = nd6_prefix_lookup(pr: new, ND6_PREFIX_EXPIRY_UNSPEC)) != NULL) { |
2520 | /* |
2521 | * nd6_prefix_lookup() ensures that pr and new have the same |
2522 | * prefix on a same interface. |
2523 | */ |
2524 | |
2525 | /* |
2526 | * Update prefix information. Note that the on-link (L) bit |
2527 | * and the autonomous (A) bit should NOT be changed from 1 |
2528 | * to 0. |
2529 | */ |
2530 | lck_mtx_lock(nd6_mutex); |
2531 | NDPR_LOCK(pr); |
2532 | if (new->ndpr_raf_onlink == 1) { |
2533 | pr->ndpr_raf_onlink = 1; |
2534 | } |
2535 | if (new->ndpr_raf_auto == 1) { |
2536 | pr->ndpr_raf_auto = 1; |
2537 | } |
2538 | if (new->ndpr_raf_onlink) { |
2539 | pr->ndpr_vltime = new->ndpr_vltime; |
2540 | pr->ndpr_pltime = new->ndpr_pltime; |
2541 | (void) in6_init_prefix_ltimes(ndpr: pr); /* XXX error case? */ |
2542 | pr->ndpr_lastupdate = net_uptime(); |
2543 | } |
2544 | |
2545 | NDPR_ADDREF(pr); |
2546 | if (new->ndpr_raf_onlink && |
2547 | (pr->ndpr_stateflags & NDPRF_ONLINK) == 0) { |
2548 | int e; |
2549 | |
2550 | NDPR_UNLOCK(pr); |
2551 | if ((e = nd6_prefix_onlink(pr)) != 0) { |
2552 | nd6log(error, |
2553 | "prelist_update: failed to make " |
2554 | "the prefix %s/%d on-link on %s " |
2555 | "(errno=%d)\n" , |
2556 | ip6_sprintf(&pr->ndpr_prefix.sin6_addr), |
2557 | pr->ndpr_plen, if_name(pr->ndpr_ifp), e); |
2558 | /* proceed anyway. XXX: is it correct? */ |
2559 | } |
2560 | NDPR_LOCK(pr); |
2561 | } |
2562 | |
2563 | if (dr && pfxrtr_lookup(pr, dr) == NULL) { |
2564 | NDPR_UNLOCK(pr); |
2565 | pfxrtr_add(pr, dr); |
2566 | } else { |
2567 | NDPR_UNLOCK(pr); |
2568 | } |
2569 | NDPR_REMREF(pr); |
2570 | lck_mtx_unlock(nd6_mutex); |
2571 | } else { |
2572 | newprefix = 1; |
2573 | |
2574 | if (new->ndpr_vltime == 0) { |
2575 | goto end; |
2576 | } |
2577 | if (new->ndpr_raf_onlink == 0 && new->ndpr_raf_auto == 0) { |
2578 | goto end; |
2579 | } |
2580 | |
2581 | bzero(s: &new->ndpr_addr, n: sizeof(struct in6_addr)); |
2582 | |
2583 | error = nd6_prelist_add(pr: new, dr, newp: &pr, FALSE); |
2584 | if (error != 0 || pr == NULL) { |
2585 | nd6log(info, "prelist_update: " |
2586 | "nd6_prelist_add failed for %s/%d on %s " |
2587 | "errno=%d, returnpr=0x%llx\n" , |
2588 | ip6_sprintf(&new->ndpr_prefix.sin6_addr), |
2589 | new->ndpr_plen, if_name(new->ndpr_ifp), |
2590 | error, (uint64_t)VM_KERNEL_ADDRPERM(pr)); |
2591 | goto end; /* we should just give up in this case. */ |
2592 | } |
2593 | } |
2594 | |
2595 | /* |
2596 | * Address autoconfiguration based on Section 5.5.3 of RFC 4862. |
2597 | * Note that pr must be non NULL at this point. |
2598 | */ |
2599 | |
2600 | /* 5.5.3 (a). Ignore the prefix without the A bit set. */ |
2601 | if (!new->ndpr_raf_auto) { |
2602 | goto end; |
2603 | } |
2604 | |
2605 | /* |
2606 | * 5.5.3 (b). the link-local prefix should have been ignored in |
2607 | * nd6_ra_input. |
2608 | */ |
2609 | |
2610 | /* 5.5.3 (c). Consistency check on lifetimes: pltime <= vltime. */ |
2611 | if (new->ndpr_pltime > new->ndpr_vltime) { |
2612 | error = EINVAL; /* XXX: won't be used */ |
2613 | goto end; |
2614 | } |
2615 | |
2616 | /* |
2617 | * 5.5.3 (d). If the prefix advertised is not equal to the prefix of |
2618 | * an address configured by stateless autoconfiguration already in the |
2619 | * list of addresses associated with the interface, and the Valid |
2620 | * Lifetime is not 0, form an address. We first check if we have |
2621 | * a matching prefix. |
2622 | */ |
2623 | ifnet_lock_shared(ifp); |
2624 | TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { |
2625 | struct in6_ifaddr *ifa6 = NULL; |
2626 | u_int32_t remaininglifetime = 0; |
2627 | struct in6_addrlifetime lt6_tmp = {}; |
2628 | |
2629 | IFA_LOCK(ifa); |
2630 | if (ifa->ifa_addr->sa_family != AF_INET6) { |
2631 | IFA_UNLOCK(ifa); |
2632 | continue; |
2633 | } |
2634 | ifa6 = (struct in6_ifaddr *)ifa; |
2635 | |
2636 | /* |
2637 | * We only consider autoconfigured addresses as per RFC 4862. |
2638 | */ |
2639 | if (!(ifa6->ia6_flags & IN6_IFF_AUTOCONF)) { |
2640 | IFA_UNLOCK(ifa); |
2641 | continue; |
2642 | } |
2643 | /* |
2644 | * Spec is not clear here, but I believe we should concentrate |
2645 | * on unicast (i.e. not anycast) addresses. |
2646 | * XXX: other ia6_flags? detached or duplicated? |
2647 | */ |
2648 | if ((ifa6->ia6_flags & IN6_IFF_ANYCAST) != 0) { |
2649 | IFA_UNLOCK(ifa); |
2650 | continue; |
2651 | } |
2652 | /* |
2653 | * Ignore the address if it is not associated with a prefix |
2654 | * or is associated with a prefix that is different from this |
2655 | * one. (pr is never NULL here) |
2656 | */ |
2657 | if (ifa6->ia6_ndpr != pr) { |
2658 | IFA_UNLOCK(ifa); |
2659 | continue; |
2660 | } |
2661 | |
2662 | if (ia6_match == NULL) { /* remember the first one */ |
2663 | ia6_match = ifa6; |
2664 | ifa_addref(ifa); /* for ia6_match */ |
2665 | } |
2666 | |
2667 | /* |
2668 | * An already autoconfigured address matched. Now that we |
2669 | * are sure there is at least one matched address, we can |
2670 | * proceed to 5.5.3. (e): update the lifetimes according to the |
2671 | * "two hours" rule and the privacy extension. |
2672 | */ |
2673 | /* retrieve time as uptime (last arg is 0) */ |
2674 | in6ifa_getlifetime(ifa6, <6_tmp, 0); |
2675 | |
2676 | if (lt6_tmp.ia6t_vltime == ND6_INFINITE_LIFETIME) { |
2677 | remaininglifetime = ND6_INFINITE_LIFETIME; |
2678 | } else if (timenow - ifa6->ia6_updatetime > lt6_tmp.ia6t_vltime) { |
2679 | /* |
2680 | * The case of "invalid" address. We should usually |
2681 | * not see this case. |
2682 | */ |
2683 | remaininglifetime = 0; |
2684 | } else { |
2685 | remaininglifetime = lt6_tmp.ia6t_vltime - |
2686 | (uint32_t)(timenow - ifa6->ia6_updatetime); |
2687 | } |
2688 | /* when not updating, keep the current stored lifetime. */ |
2689 | lt6_tmp.ia6t_vltime = remaininglifetime; |
2690 | |
2691 | if (TWOHOUR < new->ndpr_vltime || |
2692 | remaininglifetime < new->ndpr_vltime) { |
2693 | lt6_tmp.ia6t_vltime = new->ndpr_vltime; |
2694 | } else if (remaininglifetime <= TWOHOUR) { |
2695 | if (auth) { |
2696 | lt6_tmp.ia6t_vltime = new->ndpr_vltime; |
2697 | } |
2698 | } else { |
2699 | /* |
2700 | * new->ndpr_vltime <= TWOHOUR && |
2701 | * TWOHOUR < remaininglifetime |
2702 | */ |
2703 | lt6_tmp.ia6t_vltime = TWOHOUR; |
2704 | } |
2705 | |
2706 | /* The 2 hour rule is not imposed for preferred lifetime. */ |
2707 | lt6_tmp.ia6t_pltime = new->ndpr_pltime; |
2708 | |
2709 | /* Special handling for lifetimes of temporary addresses. */ |
2710 | if ((ifa6->ia6_flags & IN6_IFF_TEMPORARY) != 0) { |
2711 | u_int32_t maxvltime, maxpltime; |
2712 | |
2713 | /* Constrain lifetimes to system limits. */ |
2714 | if (lt6_tmp.ia6t_vltime > ip6_temp_valid_lifetime) { |
2715 | lt6_tmp.ia6t_vltime = ip6_temp_valid_lifetime; |
2716 | } |
2717 | if (lt6_tmp.ia6t_pltime > ip6_temp_preferred_lifetime) { |
2718 | lt6_tmp.ia6t_pltime = |
2719 | ip6_temp_preferred_lifetime - |
2720 | ip6_desync_factor; |
2721 | } |
2722 | |
2723 | /* |
2724 | * According to RFC 4941, section 3.3 (1), we only |
2725 | * update the lifetimes when they are in the maximum |
2726 | * intervals. |
2727 | */ |
2728 | if (ip6_temp_valid_lifetime > |
2729 | (u_int32_t)((timenow - ifa6->ia6_createtime) + |
2730 | ip6_desync_factor)) { |
2731 | maxvltime = ip6_temp_valid_lifetime - |
2732 | (uint32_t)((timenow - ifa6->ia6_createtime) + |
2733 | ip6_desync_factor); |
2734 | } else { |
2735 | maxvltime = 0; |
2736 | } |
2737 | if (ip6_temp_preferred_lifetime > |
2738 | (u_int32_t)((timenow - ifa6->ia6_createtime) + |
2739 | ip6_desync_factor)) { |
2740 | maxpltime = ip6_temp_preferred_lifetime - |
2741 | (uint32_t)((timenow - ifa6->ia6_createtime) + |
2742 | ip6_desync_factor); |
2743 | } else { |
2744 | maxpltime = 0; |
2745 | } |
2746 | |
2747 | if (lt6_tmp.ia6t_vltime == ND6_INFINITE_LIFETIME || |
2748 | lt6_tmp.ia6t_vltime > maxvltime) { |
2749 | lt6_tmp.ia6t_vltime = maxvltime; |
2750 | } |
2751 | |
2752 | if (lt6_tmp.ia6t_pltime == ND6_INFINITE_LIFETIME || |
2753 | lt6_tmp.ia6t_pltime > maxpltime) { |
2754 | lt6_tmp.ia6t_pltime = maxpltime; |
2755 | } |
2756 | } |
2757 | |
2758 | in6_init_address_ltimes(<6_tmp); |
2759 | in6ifa_setlifetime(ifa6, <6_tmp); |
2760 | ifa6->ia6_updatetime = timenow; |
2761 | IFA_UNLOCK(ifa); |
2762 | } |
2763 | ifnet_lock_done(ifp); |
2764 | if (ia6_match == NULL && new->ndpr_vltime) { |
2765 | /* |
2766 | * 5.5.3 (d) (continued) |
2767 | * No address matched and the valid lifetime is non-zero. |
2768 | * Create a new address. |
2769 | */ |
2770 | if ((ia6 = in6_pfx_newpersistaddr(new, mcast, &error, FALSE, 0)) |
2771 | != NULL) { |
2772 | /* |
2773 | * note that we should use pr (not new) for reference. |
2774 | */ |
2775 | IFA_LOCK(&ia6->ia_ifa); |
2776 | NDPR_LOCK(pr); |
2777 | ia6->ia6_ndpr = pr; |
2778 | NDPR_ADDREF(pr); /* for addr reference */ |
2779 | pr->ndpr_addrcnt++; |
2780 | VERIFY(pr->ndpr_addrcnt != 0); |
2781 | NDPR_UNLOCK(pr); |
2782 | IFA_UNLOCK(&ia6->ia_ifa); |
2783 | |
2784 | /* |
2785 | * RFC 4941 3.3 (2). |
2786 | * When a new public address is created as described |
2787 | * in RFC 4862, also create a new temporary address. |
2788 | * |
2789 | * RFC 4941 3.5. |
2790 | * When an interface connects to a new link, a new |
2791 | * randomized interface identifier should be generated |
2792 | * immediately together with a new set of temporary |
2793 | * addresses. Thus, we specifiy 1 as the 2nd arg of |
2794 | * in6_tmpifadd(). |
2795 | */ |
2796 | if (ip6_use_tempaddr && |
2797 | (!IN6_IS_ADDR_UNIQUE_LOCAL(&new->ndpr_prefix.sin6_addr) |
2798 | || ip6_ula_use_tempaddr)) { |
2799 | int e; |
2800 | if ((e = in6_tmpifadd(ia6, 1)) != 0) { |
2801 | nd6log(info, "prelist_update: " |
2802 | "failed to create a temporary " |
2803 | "address, errno=%d\n" , |
2804 | e); |
2805 | } |
2806 | } |
2807 | ifa_remref(ifa: &ia6->ia_ifa); |
2808 | ia6 = NULL; |
2809 | |
2810 | /* |
2811 | * If the interface is marked for CLAT46 configuration |
2812 | * try and configure the reserved IPv6 address for |
2813 | * stateless translation. |
2814 | */ |
2815 | if (IS_INTF_CLAT46(ifp)) { |
2816 | if ((ia6 = in6_pfx_newpersistaddr(new, mcast, |
2817 | &error, TRUE, CLAT46_COLLISION_COUNT_OFFSET)) |
2818 | != NULL) { |
2819 | IFA_LOCK(&ia6->ia_ifa); |
2820 | NDPR_LOCK(pr); |
2821 | ia6->ia6_ndpr = pr; |
2822 | NDPR_ADDREF(pr); /* for addr reference */ |
2823 | pr->ndpr_addrcnt++; |
2824 | VERIFY(pr->ndpr_addrcnt != 0); |
2825 | pr->ndpr_stateflags |= NDPRF_CLAT46; |
2826 | NDPR_UNLOCK(pr); |
2827 | IFA_UNLOCK(&ia6->ia_ifa); |
2828 | ifa_remref(ifa: &ia6->ia_ifa); |
2829 | ia6 = NULL; |
2830 | } else if (error != EEXIST) { |
2831 | uuid_t tmp_uuid = {}; |
2832 | /* |
2833 | * Only report the error if it is not |
2834 | * EEXIST. |
2835 | */ |
2836 | ip6stat.ip6s_clat464_v6addr_conffail++; |
2837 | in6_clat46_event_enqueue_nwk_wq_entry( |
2838 | IN6_CLAT46_EVENT_V6_ADDR_CONFFAIL, |
2839 | 0, |
2840 | tmp_uuid); |
2841 | nd6log0(error, "Could not configure CLAT46 address on interface %s.\n" , ifp->if_xname); |
2842 | } |
2843 | /* |
2844 | * Reset the error as we do not want to |
2845 | * treat failure of CLAT46 address configuration |
2846 | * as complete failure in prelist update path. |
2847 | */ |
2848 | error = 0; |
2849 | } |
2850 | |
2851 | /* |
2852 | * A newly added address might affect the status |
2853 | * of other addresses, so we check and update it. |
2854 | * XXX: what if address duplication happens? |
2855 | */ |
2856 | lck_mtx_lock(nd6_mutex); |
2857 | pfxlist_onlink_check(); |
2858 | lck_mtx_unlock(nd6_mutex); |
2859 | } |
2860 | } |
2861 | end: |
2862 | if (pr != NULL) { |
2863 | NDPR_REMREF(pr); |
2864 | } |
2865 | if (ia6_match != NULL) { |
2866 | ifa_remref(ifa: &ia6_match->ia_ifa); |
2867 | } |
2868 | return error; |
2869 | } |
2870 | |
2871 | /* |
2872 | * Neighbor Discover Default Router structure reference counting routines. |
2873 | */ |
2874 | static struct nd_defrouter * |
2875 | nddr_alloc(zalloc_flags_t how) |
2876 | { |
2877 | struct nd_defrouter *dr; |
2878 | |
2879 | dr = zalloc_flags(nddr_zone, how | Z_ZERO); |
2880 | if (dr) { |
2881 | lck_mtx_init(lck: &dr->nddr_lock, grp: &ifa_mtx_grp, attr: &ifa_mtx_attr); |
2882 | lck_mtx_init(lck: &dr->nddr_ref_lock, grp: &ifa_mtx_grp, attr: &ifa_mtx_attr); |
2883 | dr->nddr_debug |= IFD_ALLOC; |
2884 | if (nddr_debug != 0) { |
2885 | dr->nddr_debug |= IFD_DEBUG; |
2886 | dr->nddr_trace = nddr_trace; |
2887 | } |
2888 | } |
2889 | return dr; |
2890 | } |
2891 | |
2892 | static void |
2893 | nddr_free(struct nd_defrouter *dr) |
2894 | { |
2895 | if (dr->nddr_debug & IFD_ATTACHED) { |
2896 | panic("%s: attached nddr %p is being freed" , __func__, dr); |
2897 | /* NOTREACHED */ |
2898 | } else if (!(dr->nddr_debug & IFD_ALLOC)) { |
2899 | panic("%s: nddr %p cannot be freed" , __func__, dr); |
2900 | /* NOTREACHED */ |
2901 | } |
2902 | dr->nddr_debug &= ~IFD_ALLOC; |
2903 | lck_mtx_destroy(lck: &dr->nddr_lock, grp: &ifa_mtx_grp); |
2904 | lck_mtx_destroy(lck: &dr->nddr_ref_lock, grp: &ifa_mtx_grp); |
2905 | zfree(nddr_zone, dr); |
2906 | } |
2907 | |
2908 | static void |
2909 | nddr_trace(struct nd_defrouter *dr, int refhold) |
2910 | { |
2911 | struct nd_defrouter_dbg *dr_dbg = (struct nd_defrouter_dbg *)dr; |
2912 | ctrace_t *tr; |
2913 | uint32_t idx; |
2914 | uint16_t *cnt; |
2915 | |
2916 | if (!(dr->nddr_debug & IFD_DEBUG)) { |
2917 | panic("%s: nddr %p has no debug structure" , __func__, dr); |
2918 | /* NOTREACHED */ |
2919 | } |
2920 | if (refhold) { |
2921 | cnt = &dr_dbg->nddr_refhold_cnt; |
2922 | tr = dr_dbg->nddr_refhold; |
2923 | } else { |
2924 | cnt = &dr_dbg->nddr_refrele_cnt; |
2925 | tr = dr_dbg->nddr_refrele; |
2926 | } |
2927 | |
2928 | idx = os_atomic_inc_orig(cnt, relaxed) % NDDR_TRACE_HIST_SIZE; |
2929 | ctrace_record(&tr[idx]); |
2930 | } |
2931 | |
2932 | void |
2933 | nddr_addref(struct nd_defrouter *nddr) |
2934 | { |
2935 | NDDR_REF_LOCK_SPIN(nddr); |
2936 | if (++nddr->nddr_refcount == 0) { |
2937 | panic("%s: nddr %p wraparound refcnt" , __func__, nddr); |
2938 | /* NOTREACHED */ |
2939 | } else if (nddr->nddr_trace != NULL) { |
2940 | (*nddr->nddr_trace)(nddr, TRUE); |
2941 | } |
2942 | NDDR_REF_UNLOCK(nddr); |
2943 | } |
2944 | |
2945 | struct nd_defrouter * |
2946 | nddr_remref(struct nd_defrouter *nddr) |
2947 | { |
2948 | NDDR_REF_LOCK_SPIN(nddr); |
2949 | if (nddr->nddr_refcount == 0) { |
2950 | panic("%s: nddr %p negative refcnt" , __func__, nddr); |
2951 | /* NOTREACHED */ |
2952 | } else if (nddr->nddr_trace != NULL) { |
2953 | (*nddr->nddr_trace)(nddr, FALSE); |
2954 | } |
2955 | |
2956 | if (--nddr->nddr_refcount == 0) { |
2957 | NDDR_REF_UNLOCK(nddr); |
2958 | nddr_free(dr: nddr); |
2959 | nddr = NULL; |
2960 | } else { |
2961 | NDDR_REF_UNLOCK(nddr); |
2962 | } |
2963 | return nddr; |
2964 | } |
2965 | |
2966 | uint64_t |
2967 | nddr_getexpire(struct nd_defrouter *dr) |
2968 | { |
2969 | struct timeval caltime; |
2970 | uint64_t expiry; |
2971 | |
2972 | if (dr->expire != 0) { |
2973 | /* account for system time change */ |
2974 | getmicrotime(&caltime); |
2975 | |
2976 | dr->base_calendartime += |
2977 | NET_CALCULATE_CLOCKSKEW(caltime, |
2978 | dr->base_calendartime, net_uptime(), dr->base_uptime); |
2979 | |
2980 | expiry = dr->base_calendartime + |
2981 | dr->expire - dr->base_uptime; |
2982 | } else { |
2983 | expiry = 0; |
2984 | } |
2985 | return expiry; |
2986 | } |
2987 | |
2988 | /* |
2989 | * Neighbor Discover Prefix structure reference counting routines. |
2990 | */ |
2991 | static struct nd_prefix * |
2992 | ndpr_alloc(int how) |
2993 | { |
2994 | struct nd_prefix *pr; |
2995 | |
2996 | pr = zalloc_flags(ndpr_zone, how | Z_ZERO); |
2997 | if (pr != NULL) { |
2998 | lck_mtx_init(lck: &pr->ndpr_lock, grp: &ifa_mtx_grp, attr: &ifa_mtx_attr); |
2999 | lck_mtx_init(lck: &pr->ndpr_ref_lock, grp: &ifa_mtx_grp, attr: &ifa_mtx_attr); |
3000 | RB_INIT(&pr->ndpr_prproxy_sols); |
3001 | pr->ndpr_debug |= IFD_ALLOC; |
3002 | if (ndpr_debug != 0) { |
3003 | pr->ndpr_debug |= IFD_DEBUG; |
3004 | pr->ndpr_trace = ndpr_trace; |
3005 | } |
3006 | } |
3007 | return pr; |
3008 | } |
3009 | |
3010 | static void |
3011 | ndpr_free(struct nd_prefix *pr) |
3012 | { |
3013 | if (pr->ndpr_debug & IFD_ATTACHED) { |
3014 | panic("%s: attached ndpr %p is being freed" , __func__, pr); |
3015 | /* NOTREACHED */ |
3016 | } else if (!(pr->ndpr_debug & IFD_ALLOC)) { |
3017 | panic("%s: ndpr %p cannot be freed" , __func__, pr); |
3018 | /* NOTREACHED */ |
3019 | } else if (pr->ndpr_rt != NULL) { |
3020 | panic("%s: ndpr %p route %p not freed" , __func__, pr, |
3021 | pr->ndpr_rt); |
3022 | /* NOTREACHED */ |
3023 | } else if (pr->ndpr_prproxy_sols_cnt != 0) { |
3024 | panic("%s: ndpr %p non-zero solicitors count (%d)" , |
3025 | __func__, pr, pr->ndpr_prproxy_sols_cnt); |
3026 | /* NOTREACHED */ |
3027 | } else if (!RB_EMPTY(&pr->ndpr_prproxy_sols)) { |
3028 | panic("%s: ndpr %p non-empty solicitors tree" , __func__, pr); |
3029 | /* NOTREACHED */ |
3030 | } |
3031 | pr->ndpr_debug &= ~IFD_ALLOC; |
3032 | lck_mtx_destroy(lck: &pr->ndpr_lock, grp: &ifa_mtx_grp); |
3033 | lck_mtx_destroy(lck: &pr->ndpr_ref_lock, grp: &ifa_mtx_grp); |
3034 | zfree(ndpr_zone, pr); |
3035 | } |
3036 | |
3037 | static void |
3038 | ndpr_trace(struct nd_prefix *pr, int refhold) |
3039 | { |
3040 | struct nd_prefix_dbg *pr_dbg = (struct nd_prefix_dbg *)pr; |
3041 | ctrace_t *tr; |
3042 | u_int32_t idx; |
3043 | u_int16_t *cnt; |
3044 | |
3045 | if (!(pr->ndpr_debug & IFD_DEBUG)) { |
3046 | panic("%s: ndpr %p has no debug structure" , __func__, pr); |
3047 | /* NOTREACHED */ |
3048 | } |
3049 | if (refhold) { |
3050 | cnt = &pr_dbg->ndpr_refhold_cnt; |
3051 | tr = pr_dbg->ndpr_refhold; |
3052 | } else { |
3053 | cnt = &pr_dbg->ndpr_refrele_cnt; |
3054 | tr = pr_dbg->ndpr_refrele; |
3055 | } |
3056 | |
3057 | idx = os_atomic_inc_orig(cnt, relaxed) % NDPR_TRACE_HIST_SIZE; |
3058 | ctrace_record(&tr[idx]); |
3059 | } |
3060 | |
3061 | void |
3062 | ndpr_addref(struct nd_prefix *ndpr) |
3063 | { |
3064 | NDPR_REF_LOCK_SPIN(ndpr); |
3065 | if (++ndpr->ndpr_refcount == 0) { |
3066 | panic("%s: ndpr %p wraparound refcnt" , __func__, ndpr); |
3067 | /* NOTREACHED */ |
3068 | } else if (ndpr->ndpr_trace != NULL) { |
3069 | (*ndpr->ndpr_trace)(ndpr, TRUE); |
3070 | } |
3071 | NDPR_REF_UNLOCK(ndpr); |
3072 | } |
3073 | |
3074 | struct nd_prefix * |
3075 | ndpr_remref(struct nd_prefix *ndpr) |
3076 | { |
3077 | NDPR_REF_LOCK_SPIN(ndpr); |
3078 | if (ndpr->ndpr_refcount == 0) { |
3079 | panic("%s: ndpr %p negative refcnt" , __func__, ndpr); |
3080 | /* NOTREACHED */ |
3081 | } else if (ndpr->ndpr_trace != NULL) { |
3082 | (*ndpr->ndpr_trace)(ndpr, FALSE); |
3083 | } |
3084 | |
3085 | if (--ndpr->ndpr_refcount == 0) { |
3086 | if (ndpr->ndpr_addrcnt != 0) { |
3087 | panic("%s: freeing ndpr %p with outstanding address " |
3088 | "reference (%d)" , __func__, ndpr, |
3089 | ndpr->ndpr_addrcnt); |
3090 | /* NOTREACHED */ |
3091 | } |
3092 | NDPR_REF_UNLOCK(ndpr); |
3093 | ndpr_free(pr: ndpr); |
3094 | ndpr = NULL; |
3095 | } else { |
3096 | NDPR_REF_UNLOCK(ndpr); |
3097 | } |
3098 | return ndpr; |
3099 | } |
3100 | |
3101 | uint64_t |
3102 | ndpr_getexpire(struct nd_prefix *pr) |
3103 | { |
3104 | struct timeval caltime; |
3105 | uint64_t expiry; |
3106 | |
3107 | if (pr->ndpr_expire != 0 && pr->ndpr_vltime != ND6_INFINITE_LIFETIME) { |
3108 | /* account for system time change */ |
3109 | getmicrotime(&caltime); |
3110 | |
3111 | pr->ndpr_base_calendartime += |
3112 | NET_CALCULATE_CLOCKSKEW(caltime, |
3113 | pr->ndpr_base_calendartime, net_uptime(), |
3114 | pr->ndpr_base_uptime); |
3115 | |
3116 | expiry = pr->ndpr_base_calendartime + |
3117 | pr->ndpr_expire - pr->ndpr_base_uptime; |
3118 | } else { |
3119 | expiry = 0; |
3120 | } |
3121 | return expiry; |
3122 | } |
3123 | |
3124 | /* |
3125 | * A supplement function used in the on-link detection below; |
3126 | * detect if a given prefix has a (probably) reachable advertising router. |
3127 | * XXX: lengthy function name... |
3128 | */ |
3129 | static struct nd_pfxrouter * |
3130 | find_pfxlist_reachable_router(struct nd_prefix *pr) |
3131 | { |
3132 | struct nd_pfxrouter *pfxrtr = NULL; |
3133 | struct ifnet *ifp = NULL; |
3134 | |
3135 | LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_OWNED); |
3136 | NDPR_LOCK_ASSERT_HELD(pr); |
3137 | |
3138 | pfxrtr = LIST_FIRST(&pr->ndpr_advrtrs); |
3139 | while (pfxrtr) { |
3140 | /* XXX This should be same as prefixes interface. */ |
3141 | ifp = pfxrtr->router->ifp; |
3142 | |
3143 | /* |
3144 | * As long as there's a router advertisting this prefix |
3145 | * on cellular (for that matter any interface that is point |
3146 | * to point really), we treat the router as reachable. |
3147 | */ |
3148 | if (ifp != NULL && ifp->if_type == IFT_CELLULAR) { |
3149 | break; |
3150 | } |
3151 | |
3152 | if (pfxrtr->router->is_reachable) { |
3153 | break; |
3154 | } |
3155 | pfxrtr = LIST_NEXT(pfxrtr, pfr_entry); |
3156 | } |
3157 | return pfxrtr; |
3158 | } |
3159 | |
3160 | /* |
3161 | * Check if each prefix in the prefix list has at least one available router |
3162 | * that advertised the prefix (a router is "available" if its neighbor cache |
3163 | * entry is reachable or probably reachable). |
3164 | * If the check fails, the prefix may be off-link, because, for example, |
3165 | * we have moved from the network but the lifetime of the prefix has not |
3166 | * expired yet. So we should not use the prefix if there is another prefix |
3167 | * that has an available router. |
3168 | * But, if there is no prefix that has an available router, we still regards |
3169 | * all the prefixes as on-link. This is because we can't tell if all the |
3170 | * routers are simply dead or if we really moved from the network and there |
3171 | * is no router around us. |
3172 | */ |
3173 | void |
3174 | pfxlist_onlink_check(void) |
3175 | { |
3176 | struct nd_prefix *pr, *prclear; |
3177 | struct in6_ifaddr *ifa; |
3178 | struct nd_defrouter *dr; |
3179 | struct nd_pfxrouter *pfxrtr = NULL; |
3180 | int err, i, found = 0; |
3181 | struct ifaddr **ifap = NULL; |
3182 | struct nd_prefix *ndpr; |
3183 | u_int64_t timenow = net_uptime(); |
3184 | |
3185 | LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_OWNED); |
3186 | |
3187 | while (nd_prefix_busy) { |
3188 | nd_prefix_waiters++; |
3189 | msleep(chan: nd_prefix_waitchan, nd6_mutex, pri: (PZERO - 1), |
3190 | wmesg: __func__, NULL); |
3191 | LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_OWNED); |
3192 | } |
3193 | nd_prefix_busy = TRUE; |
3194 | |
3195 | /* |
3196 | * Check if there is a prefix that has a reachable advertising |
3197 | * router. |
3198 | */ |
3199 | pr = nd_prefix.lh_first; |
3200 | while (pr) { |
3201 | NDPR_LOCK(pr); |
3202 | if (pr->ndpr_raf_onlink && find_pfxlist_reachable_router(pr) && |
3203 | (pr->ndpr_debug & IFD_ATTACHED)) { |
3204 | NDPR_UNLOCK(pr); |
3205 | break; |
3206 | } |
3207 | NDPR_UNLOCK(pr); |
3208 | pr = pr->ndpr_next; |
3209 | } |
3210 | /* |
3211 | * If we have no such prefix, check whether we still have a router |
3212 | * that does not advertise any prefixes. |
3213 | */ |
3214 | if (pr == NULL) { |
3215 | for (dr = TAILQ_FIRST(&nd_defrouter_list); dr; |
3216 | dr = TAILQ_NEXT(dr, dr_entry)) { |
3217 | struct nd_prefix *pr0; |
3218 | |
3219 | for (pr0 = nd_prefix.lh_first; pr0; |
3220 | pr0 = pr0->ndpr_next) { |
3221 | NDPR_LOCK(pr0); |
3222 | if ((pfxrtr = pfxrtr_lookup(pr: pr0, dr)) != NULL) { |
3223 | NDPR_UNLOCK(pr0); |
3224 | break; |
3225 | } |
3226 | NDPR_UNLOCK(pr0); |
3227 | } |
3228 | if (pfxrtr != NULL) { |
3229 | break; |
3230 | } |
3231 | } |
3232 | } |
3233 | if (pr != NULL || (TAILQ_FIRST(&nd_defrouter_list) && pfxrtr == NULL)) { |
3234 | /* |
3235 | * There is at least one prefix that has a reachable router, |
3236 | * or at least a router which probably does not advertise |
3237 | * any prefixes. The latter would be the case when we move |
3238 | * to a new link where we have a router that does not provide |
3239 | * prefixes and we configure an address by hand. |
3240 | * Detach prefixes which have no reachable advertising |
3241 | * router, and attach other prefixes. |
3242 | */ |
3243 | pr = nd_prefix.lh_first; |
3244 | while (pr) { |
3245 | NDPR_LOCK(pr); |
3246 | /* |
3247 | * We aren't interested prefixes already processed, |
3248 | * nor in prefixes without the L bit |
3249 | * set nor in static prefixes |
3250 | */ |
3251 | if (pr->ndpr_raf_onlink == 0 || |
3252 | pr->ndpr_stateflags & NDPRF_STATIC) { |
3253 | NDPR_UNLOCK(pr); |
3254 | pr = pr->ndpr_next; |
3255 | continue; |
3256 | } |
3257 | if ((pr->ndpr_stateflags & NDPRF_DETACHED) == 0 && |
3258 | find_pfxlist_reachable_router(pr) == NULL && |
3259 | (pr->ndpr_debug & IFD_ATTACHED)) { |
3260 | pr->ndpr_stateflags |= NDPRF_DETACHED; |
3261 | } |
3262 | if ((pr->ndpr_stateflags & NDPRF_DETACHED) != 0 && |
3263 | find_pfxlist_reachable_router(pr) != NULL && |
3264 | (pr->ndpr_debug & IFD_ATTACHED)) { |
3265 | pr->ndpr_stateflags &= ~NDPRF_DETACHED; |
3266 | } |
3267 | NDPR_UNLOCK(pr); |
3268 | pr = pr->ndpr_next; |
3269 | } |
3270 | } else { |
3271 | /* there is no prefix that has a reachable router */ |
3272 | for (pr = nd_prefix.lh_first; pr; pr = pr->ndpr_next) { |
3273 | NDPR_LOCK(pr); |
3274 | if (pr->ndpr_raf_onlink == 0 || |
3275 | pr->ndpr_stateflags & NDPRF_STATIC) { |
3276 | NDPR_UNLOCK(pr); |
3277 | continue; |
3278 | } |
3279 | if ((pr->ndpr_stateflags & NDPRF_DETACHED) != 0) { |
3280 | pr->ndpr_stateflags &= ~NDPRF_DETACHED; |
3281 | } |
3282 | NDPR_UNLOCK(pr); |
3283 | } |
3284 | } |
3285 | /* |
3286 | * Instead of removing interface route for detached prefix, |
3287 | * keep the route and treat unreachability similar to the processing |
3288 | * of an RA that has just deprecated the prefix. |
3289 | * Keep around the detached flag just to be able to be able |
3290 | * to differentiate the scenario from explicit RA deprecation |
3291 | * of prefix. |
3292 | * Keep the logic to install the interface route for a (just) attached |
3293 | * prefix. Note that all attempt of reinstallation does not |
3294 | * necessarily success, when a same prefix is shared among multiple |
3295 | * interfaces. Such cases will be handled in nd6_prefix_onlink, |
3296 | * so we don't have to care about them. |
3297 | */ |
3298 | pr = nd_prefix.lh_first; |
3299 | while (pr) { |
3300 | int error; |
3301 | |
3302 | NDPR_LOCK(pr); |
3303 | if (pr->ndpr_raf_onlink == 0 || |
3304 | pr->ndpr_stateflags & NDPRF_STATIC || |
3305 | pr->ndpr_stateflags & NDPRF_PROCESSED_ONLINK || |
3306 | pr->ndpr_stateflags & NDPRF_DEFUNCT) { |
3307 | NDPR_UNLOCK(pr); |
3308 | pr = pr->ndpr_next; |
3309 | continue; |
3310 | } |
3311 | pr->ndpr_stateflags |= NDPRF_PROCESSED_ONLINK; |
3312 | NDPR_ADDREF(pr); |
3313 | if (pr->ndpr_stateflags & NDPRF_DETACHED) { |
3314 | /* |
3315 | * When a prefix is detached, make it deprecated by setting pltime |
3316 | * to 0, and let it expire according to its advertised vltime. |
3317 | * If its original vltime is infinite or longer than 2hr, |
3318 | * set it to 2hr. |
3319 | */ |
3320 | pr->ndpr_pltime = 0; |
3321 | uint32_t pr_remaining_lifetime; |
3322 | uint32_t original_lifetime = (uint32_t)(timenow - pr->ndpr_base_uptime); |
3323 | if (pr->ndpr_vltime > original_lifetime) { |
3324 | pr_remaining_lifetime = pr->ndpr_vltime - original_lifetime; |
3325 | } else { |
3326 | pr_remaining_lifetime = 0; |
3327 | } |
3328 | if (pr->ndpr_vltime == ND6_INFINITE_LIFETIME || |
3329 | pr_remaining_lifetime >= TWOHOUR) { |
3330 | pr->ndpr_vltime = TWOHOUR; |
3331 | } else { |
3332 | pr->ndpr_vltime = pr_remaining_lifetime; |
3333 | } |
3334 | in6_init_prefix_ltimes(ndpr: pr); |
3335 | NDPR_UNLOCK(pr); |
3336 | } else if ((pr->ndpr_stateflags & NDPRF_DETACHED) == 0 && |
3337 | (pr->ndpr_stateflags & NDPRF_ONLINK) == 0 && |
3338 | pr->ndpr_raf_onlink) { |
3339 | NDPR_UNLOCK(pr); |
3340 | if ((error = nd6_prefix_onlink(pr)) != 0) { |
3341 | nd6log(error, |
3342 | "pfxlist_onlink_check: failed to " |
3343 | "make %s/%d offlink, errno=%d\n" , |
3344 | ip6_sprintf(&pr->ndpr_prefix.sin6_addr), |
3345 | pr->ndpr_plen, error); |
3346 | } |
3347 | NDPR_REMREF(pr); |
3348 | pr = nd_prefix.lh_first; |
3349 | continue; |
3350 | } else { |
3351 | NDPR_UNLOCK(pr); |
3352 | } |
3353 | NDPR_REMREF(pr); |
3354 | pr = pr->ndpr_next; |
3355 | } |
3356 | LIST_FOREACH(prclear, &nd_prefix, ndpr_entry) { |
3357 | NDPR_LOCK(prclear); |
3358 | prclear->ndpr_stateflags &= ~NDPRF_PROCESSED_ONLINK; |
3359 | NDPR_UNLOCK(prclear); |
3360 | } |
3361 | VERIFY(nd_prefix_busy); |
3362 | nd_prefix_busy = FALSE; |
3363 | if (nd_prefix_waiters > 0) { |
3364 | nd_prefix_waiters = 0; |
3365 | wakeup(chan: nd_prefix_waitchan); |
3366 | } |
3367 | |
3368 | /* |
3369 | * Changes on the prefix status might affect address status as well. |
3370 | * Make sure that all addresses derived from an attached prefix are |
3371 | * attached, and that all addresses derived from a detached prefix are |
3372 | * detached. Note, however, that a manually configured address should |
3373 | * always be attached. |
3374 | * The precise detection logic is same as the one for prefixes. |
3375 | * |
3376 | * ifnet_get_address_list_family_internal() may fail due to memory |
3377 | * pressure, but we will eventually be called again when we receive |
3378 | * another NA, RA, or when the link status changes. |
3379 | */ |
3380 | err = ifnet_get_address_list_family_internal(NULL, &ifap, AF_INET6, 0, |
3381 | M_NOWAIT, 0); |
3382 | if (err != 0 || ifap == NULL) { |
3383 | nd6log(error, "%s: ifnet_get_address_list_family_internal " |
3384 | "failed" , __func__); |
3385 | return; |
3386 | } |
3387 | for (i = 0; ifap[i]; i++) { |
3388 | ifa = ifatoia6(ifap[i]); |
3389 | IFA_LOCK(&ifa->ia_ifa); |
3390 | if ((ifa->ia6_flags & IN6_IFF_AUTOCONF) == 0 || |
3391 | (ifap[i]->ifa_debug & IFD_ATTACHED) == 0) { |
3392 | IFA_UNLOCK(&ifa->ia_ifa); |
3393 | continue; |
3394 | } |
3395 | if ((ndpr = ifa->ia6_ndpr) == NULL) { |
3396 | /* |
3397 | * This can happen when we first configure the address |
3398 | * (i.e. the address exists, but the prefix does not). |
3399 | * XXX: complicated relationships... |
3400 | */ |
3401 | IFA_UNLOCK(&ifa->ia_ifa); |
3402 | continue; |
3403 | } |
3404 | IFA_UNLOCK(&ifa->ia_ifa); |
3405 | |
3406 | NDPR_LOCK(ndpr); |
3407 | if (find_pfxlist_reachable_router(pr: ndpr)) { |
3408 | NDPR_UNLOCK(ndpr); |
3409 | found = 1; |
3410 | break; |
3411 | } |
3412 | NDPR_UNLOCK(ndpr); |
3413 | } |
3414 | if (found) { |
3415 | for (i = 0; ifap[i]; i++) { |
3416 | struct in6_addrlifetime lt6_tmp = {}; |
3417 | |
3418 | ifa = ifatoia6(ifap[i]); |
3419 | IFA_LOCK(&ifa->ia_ifa); |
3420 | if ((ifa->ia6_flags & IN6_IFF_AUTOCONF) == 0 || |
3421 | (ifap[i]->ifa_debug & IFD_ATTACHED) == 0) { |
3422 | IFA_UNLOCK(&ifa->ia_ifa); |
3423 | continue; |
3424 | } |
3425 | if ((ndpr = ifa->ia6_ndpr) == NULL) { |
3426 | /* XXX: see above. */ |
3427 | IFA_UNLOCK(&ifa->ia_ifa); |
3428 | continue; |
3429 | } |
3430 | IFA_UNLOCK(&ifa->ia_ifa); |
3431 | NDPR_LOCK(ndpr); |
3432 | if (find_pfxlist_reachable_router(pr: ndpr) == NULL) { |
3433 | /* |
3434 | * When the prefix of an addr is detached, make the address |
3435 | * deprecated by setting pltime to 0, and let it expire according |
3436 | * to its advertised vltime. If its original vltime is infinite |
3437 | * or longer than 2hr, set it to 2hr. |
3438 | */ |
3439 | NDPR_UNLOCK(ndpr); |
3440 | IFA_LOCK(&ifa->ia_ifa); |
3441 | in6ifa_getlifetime(ifa, <6_tmp, 0); |
3442 | /* We want to immediately deprecate the address */ |
3443 | lt6_tmp.ia6t_pltime = 0; |
3444 | /* Do not extend its valid lifetime */ |
3445 | uint32_t remaining_lifetime; |
3446 | uint32_t original_lifetime = (uint32_t)(timenow - ifa->ia6_updatetime); |
3447 | if (lt6_tmp.ia6t_vltime > original_lifetime) { |
3448 | remaining_lifetime = lt6_tmp.ia6t_vltime - original_lifetime; |
3449 | } else { |
3450 | remaining_lifetime = 0; |
3451 | } |
3452 | if (lt6_tmp.ia6t_vltime == ND6_INFINITE_LIFETIME || remaining_lifetime >= TWOHOUR) { |
3453 | lt6_tmp.ia6t_vltime = TWOHOUR; |
3454 | } else { |
3455 | lt6_tmp.ia6t_vltime = remaining_lifetime; |
3456 | } |
3457 | |
3458 | in6_init_address_ltimes(<6_tmp); |
3459 | in6ifa_setlifetime(ifa, <6_tmp); |
3460 | ifa->ia6_updatetime = timenow; |
3461 | |
3462 | /* |
3463 | * The next nd6 service timer expiry will take |
3464 | * care of marking the addresses as deprecated |
3465 | * and issuing the notifications as well. |
3466 | */ |
3467 | IFA_UNLOCK(&ifa->ia_ifa); |
3468 | } else { |
3469 | NDPR_UNLOCK(ndpr); |
3470 | } |
3471 | } |
3472 | } |
3473 | ifnet_free_address_list(addresses: ifap); |
3474 | } |
3475 | |
3476 | static struct nd_prefix * |
3477 | nd6_prefix_equal_lookup(struct nd_prefix *pr, boolean_t primary_only) |
3478 | { |
3479 | struct nd_prefix *opr; |
3480 | |
3481 | LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_OWNED); |
3482 | |
3483 | for (opr = nd_prefix.lh_first; opr; opr = opr->ndpr_next) { |
3484 | if (opr == pr) { |
3485 | continue; |
3486 | } |
3487 | |
3488 | NDPR_LOCK(opr); |
3489 | if ((opr->ndpr_stateflags & NDPRF_ONLINK) == 0) { |
3490 | NDPR_UNLOCK(opr); |
3491 | continue; |
3492 | } |
3493 | if (opr->ndpr_plen == pr->ndpr_plen && |
3494 | in6_are_prefix_equal(p1: &pr->ndpr_prefix.sin6_addr, ifscope1: pr->ndpr_prefix.sin6_scope_id, |
3495 | p2: &opr->ndpr_prefix.sin6_addr, ifscope2: opr->ndpr_prefix.sin6_scope_id, len: pr->ndpr_plen) && |
3496 | (!primary_only || |
3497 | !(opr->ndpr_stateflags & NDPRF_IFSCOPE))) { |
3498 | NDPR_ADDREF(opr); |
3499 | NDPR_UNLOCK(opr); |
3500 | return opr; |
3501 | } |
3502 | NDPR_UNLOCK(opr); |
3503 | } |
3504 | return NULL; |
3505 | } |
3506 | |
3507 | /* |
3508 | * Synchronize the interface routes of similar prefixes on different |
3509 | * interfaces; the one using the default interface would be (re)installed |
3510 | * as a primary/non-scoped entry, and the rest as scoped entri(es). |
3511 | */ |
3512 | static void |
3513 | nd6_prefix_sync(struct ifnet *ifp) |
3514 | { |
3515 | struct nd_prefix *pr, *opr; |
3516 | int err = 0; |
3517 | |
3518 | LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_OWNED); |
3519 | |
3520 | if (ifp == NULL) { |
3521 | return; |
3522 | } |
3523 | |
3524 | for (pr = nd_prefix.lh_first; pr; pr = pr->ndpr_next) { |
3525 | NDPR_LOCK(pr); |
3526 | if (!(pr->ndpr_stateflags & NDPRF_ONLINK)) { |
3527 | NDPR_UNLOCK(pr); |
3528 | continue; |
3529 | } |
3530 | if (pr->ndpr_ifp == ifp && |
3531 | (pr->ndpr_stateflags & NDPRF_IFSCOPE) && |
3532 | !IN6_IS_ADDR_LINKLOCAL(&pr->ndpr_prefix.sin6_addr)) { |
3533 | NDPR_UNLOCK(pr); |
3534 | break; |
3535 | } |
3536 | NDPR_UNLOCK(pr); |
3537 | } |
3538 | |
3539 | if (pr == NULL) { |
3540 | return; |
3541 | } |
3542 | |
3543 | /* Remove conflicting entries */ |
3544 | opr = nd6_prefix_equal_lookup(pr, TRUE); |
3545 | if (opr != NULL) { |
3546 | lck_mtx_unlock(nd6_mutex); |
3547 | err = nd6_prefix_offlink(opr); |
3548 | lck_mtx_lock(nd6_mutex); |
3549 | if (err != 0) { |
3550 | nd6log(error, |
3551 | "%s: failed to make %s/%d offlink on %s, " |
3552 | "errno=%d\n" , __func__, |
3553 | ip6_sprintf(&opr->ndpr_prefix.sin6_addr), |
3554 | opr->ndpr_plen, if_name(opr->ndpr_ifp), err); |
3555 | } |
3556 | } else { |
3557 | nd6log(error, |
3558 | "%s: scoped %s/%d on %s has no matching unscoped prefix\n" , |
3559 | __func__, ip6_sprintf(&pr->ndpr_prefix.sin6_addr), |
3560 | pr->ndpr_plen, if_name(pr->ndpr_ifp)); |
3561 | } |
3562 | |
3563 | lck_mtx_unlock(nd6_mutex); |
3564 | err = nd6_prefix_offlink(pr); |
3565 | lck_mtx_lock(nd6_mutex); |
3566 | if (err != 0) { |
3567 | nd6log(error, |
3568 | "%s: failed to make %s/%d offlink on %s, errno=%d\n" , |
3569 | __func__, ip6_sprintf(&pr->ndpr_prefix.sin6_addr), |
3570 | pr->ndpr_plen, if_name(pr->ndpr_ifp), err); |
3571 | } |
3572 | |
3573 | /* Add the entries back */ |
3574 | if (opr != NULL) { |
3575 | err = nd6_prefix_onlink_scoped(opr, opr->ndpr_ifp->if_index); |
3576 | if (err != 0) { |
3577 | nd6log(error, |
3578 | "%s: failed to make %s/%d scoped onlink on %s, " |
3579 | "errno=%d\n" , __func__, |
3580 | ip6_sprintf(&opr->ndpr_prefix.sin6_addr), |
3581 | opr->ndpr_plen, if_name(opr->ndpr_ifp), err); |
3582 | } |
3583 | } |
3584 | |
3585 | err = nd6_prefix_onlink_scoped(pr, IFSCOPE_NONE); |
3586 | if (err != 0) { |
3587 | nd6log(error, |
3588 | "%s: failed to make %s/%d onlink on %s, errno=%d\n" , |
3589 | __func__, ip6_sprintf(&pr->ndpr_prefix.sin6_addr), |
3590 | pr->ndpr_plen, if_name(pr->ndpr_ifp), err); |
3591 | } |
3592 | |
3593 | if (err != 0) { |
3594 | nd6log(error, |
3595 | "%s: error promoting %s/%d to %s from %s\n" , |
3596 | __func__, ip6_sprintf(&pr->ndpr_prefix.sin6_addr), |
3597 | pr->ndpr_plen, if_name(pr->ndpr_ifp), |
3598 | (opr != NULL) ? if_name(opr->ndpr_ifp) : "NONE" ); |
3599 | } else { |
3600 | nd6log2(info, |
3601 | "%s: %s/%d promoted, previously on %s\n" , |
3602 | if_name(pr->ndpr_ifp), |
3603 | ip6_sprintf(&pr->ndpr_prefix.sin6_addr), pr->ndpr_plen, |
3604 | (opr != NULL) ? if_name(opr->ndpr_ifp) : "NONE" ); |
3605 | } |
3606 | |
3607 | if (opr != NULL) { |
3608 | NDPR_REMREF(opr); |
3609 | } |
3610 | } |
3611 | |
3612 | static int |
3613 | nd6_prefix_onlink_common(struct nd_prefix *pr, boolean_t force_scoped, |
3614 | unsigned int ifscope) |
3615 | { |
3616 | struct ifaddr *ifa; |
3617 | struct ifnet *ifp = pr->ndpr_ifp; |
3618 | struct sockaddr_in6 mask6, prefix; |
3619 | struct nd_prefix *opr; |
3620 | u_int32_t rtflags; |
3621 | int error = 0, prproxy = 0; |
3622 | struct rtentry *rt __single = NULL; |
3623 | u_char prefix_len = 0; |
3624 | |
3625 | LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_OWNED); |
3626 | |
3627 | /* sanity check */ |
3628 | NDPR_LOCK(pr); |
3629 | if ((pr->ndpr_stateflags & NDPRF_ONLINK) != 0) { |
3630 | nd6log(error, |
3631 | "%s: %s/%d on %s scoped=%d is already on-link\n" , |
3632 | __func__, ip6_sprintf(&pr->ndpr_prefix.sin6_addr), |
3633 | pr->ndpr_plen, if_name(pr->ndpr_ifp), |
3634 | (pr->ndpr_stateflags & NDPRF_IFSCOPE) ? 1 : 0); |
3635 | NDPR_UNLOCK(pr); |
3636 | return EEXIST; |
3637 | } |
3638 | NDPR_UNLOCK(pr); |
3639 | |
3640 | /* |
3641 | * Add the interface route associated with the prefix. Before |
3642 | * installing the route, check if there's the same prefix on another |
3643 | * interface, and the prefix has already installed the interface route. |
3644 | */ |
3645 | opr = nd6_prefix_equal_lookup(pr, FALSE); |
3646 | if (opr != NULL) { |
3647 | NDPR_REMREF(opr); |
3648 | } |
3649 | |
3650 | if (!force_scoped) { |
3651 | /* |
3652 | * If a primary/non-scoped interface route already exists, |
3653 | * install the new one as a scoped entry. If the existing |
3654 | * interface route is scoped, install new as non-scoped. |
3655 | */ |
3656 | ifscope = (opr != NULL) ? ifp->if_index : IFSCOPE_NONE; |
3657 | opr = nd6_prefix_equal_lookup(pr, TRUE); |
3658 | if (opr != NULL) { |
3659 | NDPR_REMREF(opr); |
3660 | } else if (ifscope != IFSCOPE_NONE) { |
3661 | ifscope = IFSCOPE_NONE; |
3662 | } |
3663 | } |
3664 | |
3665 | /* |
3666 | * We prefer link-local addresses as the associated interface address. |
3667 | */ |
3668 | /* search for a link-local addr */ |
3669 | ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, |
3670 | IN6_IFF_NOTREADY | IN6_IFF_ANYCAST); |
3671 | if (ifa == NULL) { |
3672 | struct in6_ifaddr *ia6; |
3673 | ifnet_lock_shared(ifp); |
3674 | IFP_TO_IA6(ifp, ia6); |
3675 | ifnet_lock_done(ifp); |
3676 | if (ia6 != NULL) { |
3677 | ifa = &ia6->ia_ifa; |
3678 | } |
3679 | /* should we care about ia6_flags? */ |
3680 | } |
3681 | NDPR_LOCK(pr); |
3682 | if (ifa == NULL) { |
3683 | /* |
3684 | * This can still happen, when, for example, we receive an RA |
3685 | * containing a prefix with the L bit set and the A bit clear, |
3686 | * after removing all IPv6 addresses on the receiving |
3687 | * interface. This should, of course, be rare though. |
3688 | */ |
3689 | nd6log(info, |
3690 | "nd6_prefix_onlink: failed to find any ifaddr" |
3691 | " to add route for a prefix(%s/%d) on %s\n" , |
3692 | ip6_sprintf(&pr->ndpr_prefix.sin6_addr), |
3693 | pr->ndpr_plen, if_name(ifp)); |
3694 | NDPR_UNLOCK(pr); |
3695 | return 0; |
3696 | } |
3697 | |
3698 | /* |
3699 | * in6_ifinit() sets nd6_rtrequest to ifa_rtrequest for all ifaddrs. |
3700 | * ifa->ifa_rtrequest = nd6_rtrequest; |
3701 | */ |
3702 | SOCKADDR_ZERO(&mask6, sizeof(mask6)); |
3703 | mask6.sin6_len = sizeof(mask6); |
3704 | mask6.sin6_addr = pr->ndpr_mask; |
3705 | prefix = pr->ndpr_prefix; |
3706 | prefix_len = pr->ndpr_plen; |
3707 | if ((rt = pr->ndpr_rt) != NULL) { |
3708 | pr->ndpr_rt = NULL; |
3709 | } |
3710 | NDPR_ADDREF(pr); /* keep reference for this routine */ |
3711 | NDPR_UNLOCK(pr); |
3712 | |
3713 | IFA_LOCK_SPIN(ifa); |
3714 | rtflags = ifa->ifa_flags | RTF_CLONING | RTF_UP; |
3715 | IFA_UNLOCK(ifa); |
3716 | if (nd6_need_cache(ifp)) { |
3717 | /* explicitly set in case ifa_flags does not set the flag. */ |
3718 | rtflags |= RTF_CLONING; |
3719 | } else { |
3720 | /* |
3721 | * explicitly clear the cloning bit in case ifa_flags sets it. |
3722 | */ |
3723 | rtflags &= ~RTF_CLONING; |
3724 | } |
3725 | |
3726 | lck_mtx_unlock(nd6_mutex); |
3727 | |
3728 | /* |
3729 | * check if it conflicts with a indirect prefix route added by RIO |
3730 | * if so, remove the rti entry. |
3731 | */ |
3732 | if (ifscope == IFSCOPE_NONE) { |
3733 | struct rtentry *temp_route = NULL; |
3734 | LCK_MTX_ASSERT(rnh_lock, LCK_MTX_ASSERT_NOTOWNED); |
3735 | lck_mtx_lock(rnh_lock); |
3736 | temp_route = rt_lookup(TRUE, SA(&prefix), SA(&mask6), rt_tables[AF_INET6], IFSCOPE_NONE); |
3737 | lck_mtx_unlock(rnh_lock); |
3738 | |
3739 | if (temp_route != NULL && temp_route->rt_flags & RTF_GATEWAY && temp_route->rt_ifp != NULL) { |
3740 | struct nd_route_info rti = {}; |
3741 | bzero(s: &rti, n: sizeof(rti)); |
3742 | rti.nd_rti_prefixlen = prefix_len; |
3743 | rti.nd_rti_prefix = prefix.sin6_addr; |
3744 | lck_mtx_lock(nd6_mutex); |
3745 | nd6_rti_purge(&rti); |
3746 | lck_mtx_unlock(nd6_mutex); |
3747 | } |
3748 | if (temp_route != NULL) { |
3749 | rtfree(temp_route); |
3750 | } |
3751 | } |
3752 | |
3753 | if (rt != NULL) { |
3754 | rtfree(rt); |
3755 | rt = NULL; |
3756 | } |
3757 | |
3758 | error = rtrequest_scoped(RTM_ADD, SA(&prefix), ifa->ifa_addr, SA(&mask6), |
3759 | rtflags, &rt, ifscope); |
3760 | |
3761 | /* |
3762 | * Serialize the setting of NDPRF_PRPROXY. |
3763 | */ |
3764 | lck_mtx_lock(lck: &proxy6_lock); |
3765 | |
3766 | if (rt != NULL) { |
3767 | RT_LOCK(rt); |
3768 | nd6_rtmsg(RTM_ADD, rt); |
3769 | RT_UNLOCK(rt); |
3770 | NDPR_LOCK(pr); |
3771 | } else { |
3772 | NDPR_LOCK(pr); |
3773 | nd6log(error, "nd6_prefix_onlink: failed to add route for a" |
3774 | " prefix (%s/%d) on %s, gw=%s, mask=%s, flags=%x," |
3775 | " scoped=%d, errno = %d\n" , |
3776 | ip6_sprintf(&pr->ndpr_prefix.sin6_addr), |
3777 | pr->ndpr_plen, if_name(ifp), |
3778 | ip6_sprintf(&SIN6(ifa->ifa_addr)->sin6_addr), |
3779 | ip6_sprintf(&mask6.sin6_addr), rtflags, |
3780 | (ifscope != IFSCOPE_NONE), error); |
3781 | } |
3782 | NDPR_LOCK_ASSERT_HELD(pr); |
3783 | |
3784 | pr->ndpr_stateflags &= ~(NDPRF_IFSCOPE | NDPRF_PRPROXY); |
3785 | |
3786 | /* |
3787 | * TODO: If the prefix route exists, we should really find it and |
3788 | * refer the prefix to it; otherwise ndpr_rt is NULL. |
3789 | */ |
3790 | if (!(pr->ndpr_stateflags & NDPRF_DEFUNCT) && |
3791 | (rt != NULL || error == EEXIST)) { |
3792 | struct nd_ifinfo *ndi = NULL; |
3793 | |
3794 | VERIFY(pr->ndpr_prproxy_sols_cnt == 0); |
3795 | VERIFY(RB_EMPTY(&pr->ndpr_prproxy_sols)); |
3796 | |
3797 | ndi = ND_IFINFO(ifp); |
3798 | VERIFY((NULL != ndi) && (TRUE == ndi->initialized)); |
3799 | lck_mtx_lock(lck: &ndi->lock); |
3800 | |
3801 | pr->ndpr_rt = rt; /* keep reference from rtrequest */ |
3802 | pr->ndpr_stateflags |= NDPRF_ONLINK; |
3803 | if (ifscope != IFSCOPE_NONE) { |
3804 | pr->ndpr_stateflags |= NDPRF_IFSCOPE; |
3805 | } else if ((rtflags & RTF_CLONING) && |
3806 | (ndi->flags & ND6_IFF_PROXY_PREFIXES) && |
3807 | !IN6_IS_ADDR_LINKLOCAL(&pr->ndpr_prefix.sin6_addr)) { |
3808 | /* |
3809 | * At present, in order for the prefix to be eligible |
3810 | * as a proxying/proxied prefix, we require that the |
3811 | * prefix route entry be marked as a cloning route with |
3812 | * RTF_PROXY; i.e. nd6_need_cache() needs to return |
3813 | * true for the interface type, hence the test for |
3814 | * RTF_CLONING above. |
3815 | */ |
3816 | pr->ndpr_stateflags |= NDPRF_PRPROXY; |
3817 | } |
3818 | |
3819 | lck_mtx_unlock(lck: &ndi->lock); |
3820 | } else if (rt != NULL && pr->ndpr_stateflags & NDPRF_DEFUNCT) { |
3821 | rtfree(rt); |
3822 | } |
3823 | |
3824 | prproxy = (pr->ndpr_stateflags & NDPRF_PRPROXY); |
3825 | VERIFY(!prproxy || !(pr->ndpr_stateflags & NDPRF_IFSCOPE)); |
3826 | NDPR_UNLOCK(pr); |
3827 | |
3828 | ifa_remref(ifa); |
3829 | |
3830 | /* |
3831 | * If this is an upstream prefix, find the downstream ones (if any) |
3832 | * and re-configure their prefix routes accordingly. Otherwise, |
3833 | * this could be potentially be a downstream prefix, and so find the |
3834 | * upstream prefix, if any. |
3835 | */ |
3836 | nd6_prproxy_prelist_update(pr, prproxy ? pr : NULL); |
3837 | |
3838 | NDPR_REMREF(pr); /* release reference for this routine */ |
3839 | lck_mtx_unlock(lck: &proxy6_lock); |
3840 | |
3841 | lck_mtx_lock(nd6_mutex); |
3842 | |
3843 | return error; |
3844 | } |
3845 | |
3846 | int |
3847 | nd6_prefix_onlink(struct nd_prefix *pr) |
3848 | { |
3849 | return nd6_prefix_onlink_common(pr, FALSE, IFSCOPE_NONE); |
3850 | } |
3851 | |
3852 | int |
3853 | nd6_prefix_onlink_scoped(struct nd_prefix *pr, unsigned int ifscope) |
3854 | { |
3855 | return nd6_prefix_onlink_common(pr, TRUE, ifscope); |
3856 | } |
3857 | |
3858 | int |
3859 | nd6_prefix_offlink(struct nd_prefix *pr) |
3860 | { |
3861 | int plen, error = 0, prproxy; |
3862 | struct ifnet *ifp = pr->ndpr_ifp; |
3863 | struct sockaddr_in6 sa6, mask6, prefix; |
3864 | struct rtentry *rt __single = NULL, *ndpr_rt = NULL; |
3865 | unsigned int ifscope; |
3866 | |
3867 | LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED); |
3868 | |
3869 | /* sanity check */ |
3870 | NDPR_LOCK(pr); |
3871 | if ((pr->ndpr_stateflags & NDPRF_ONLINK) == 0) { |
3872 | nd6log(error, |
3873 | "nd6_prefix_offlink: %s/%d on %s scoped=%d is already " |
3874 | "off-link\n" , ip6_sprintf(&pr->ndpr_prefix.sin6_addr), |
3875 | pr->ndpr_plen, if_name(pr->ndpr_ifp), |
3876 | (pr->ndpr_stateflags & NDPRF_IFSCOPE) ? 1 : 0); |
3877 | NDPR_UNLOCK(pr); |
3878 | return EEXIST; |
3879 | } |
3880 | |
3881 | SOCKADDR_ZERO(&sa6, sizeof(sa6)); |
3882 | sa6.sin6_family = AF_INET6; |
3883 | sa6.sin6_len = sizeof(sa6); |
3884 | bcopy(src: &pr->ndpr_prefix.sin6_addr, dst: &sa6.sin6_addr, |
3885 | n: sizeof(struct in6_addr)); |
3886 | SOCKADDR_ZERO(&mask6, sizeof(mask6)); |
3887 | mask6.sin6_family = AF_INET6; |
3888 | mask6.sin6_len = sizeof(sa6); |
3889 | bcopy(src: &pr->ndpr_mask, dst: &mask6.sin6_addr, n: sizeof(struct in6_addr)); |
3890 | prefix = pr->ndpr_prefix; |
3891 | plen = pr->ndpr_plen; |
3892 | if ((ndpr_rt = pr->ndpr_rt) != NULL) { |
3893 | pr->ndpr_rt = NULL; |
3894 | } |
3895 | NDPR_ADDREF(pr); /* keep reference for this routine */ |
3896 | NDPR_UNLOCK(pr); |
3897 | |
3898 | ifscope = (pr->ndpr_stateflags & NDPRF_IFSCOPE) ? |
3899 | ifp->if_index : IFSCOPE_NONE; |
3900 | |
3901 | error = rtrequest_scoped(RTM_DELETE, SA(&sa6), NULL, SA(&mask6), |
3902 | 0, &rt, ifscope); |
3903 | |
3904 | if (rt != NULL) { |
3905 | /* report the route deletion to the routing socket. */ |
3906 | RT_LOCK(rt); |
3907 | nd6_rtmsg(RTM_DELETE, rt); |
3908 | RT_UNLOCK(rt); |
3909 | rtfree(rt); |
3910 | } else { |
3911 | nd6log(error, |
3912 | "nd6_prefix_offlink: failed to delete route: " |
3913 | "%s/%d on %s, scoped %d, (errno = %d)\n" , |
3914 | ip6_sprintf(&sa6.sin6_addr), plen, if_name(ifp), |
3915 | (ifscope != IFSCOPE_NONE), error); |
3916 | } |
3917 | |
3918 | if (ndpr_rt != NULL) { |
3919 | rtfree(ndpr_rt); |
3920 | } |
3921 | |
3922 | lck_mtx_lock(lck: &proxy6_lock); |
3923 | |
3924 | NDPR_LOCK(pr); |
3925 | prproxy = (pr->ndpr_stateflags & NDPRF_PRPROXY); |
3926 | VERIFY(!prproxy || !(pr->ndpr_stateflags & NDPRF_IFSCOPE)); |
3927 | pr->ndpr_stateflags &= ~(NDPRF_ONLINK | NDPRF_IFSCOPE | NDPRF_PRPROXY); |
3928 | if (pr->ndpr_prproxy_sols_cnt > 0) { |
3929 | VERIFY(prproxy); |
3930 | nd6_prproxy_sols_reap(pr); |
3931 | VERIFY(pr->ndpr_prproxy_sols_cnt == 0); |
3932 | VERIFY(RB_EMPTY(&pr->ndpr_prproxy_sols)); |
3933 | } |
3934 | NDPR_UNLOCK(pr); |
3935 | |
3936 | /* |
3937 | * If this was an upstream prefix, find the downstream ones and do |
3938 | * some cleanups. If this was a downstream prefix, the prefix route |
3939 | * has been removed from the routing table above, but there may be |
3940 | * other tasks to perform. |
3941 | */ |
3942 | nd6_prproxy_prelist_update(pr, prproxy ? pr : NULL); |
3943 | |
3944 | NDPR_REMREF(pr); /* release reference for this routine */ |
3945 | lck_mtx_unlock(lck: &proxy6_lock); |
3946 | |
3947 | return error; |
3948 | } |
3949 | |
3950 | struct in6_ifaddr * |
3951 | in6_pfx_newpersistaddr(struct nd_prefix *pr, int mcast, int *errorp, |
3952 | boolean_t is_clat46, uint8_t collision_count) |
3953 | { |
3954 | struct in6_ifaddr *ia6 = NULL; |
3955 | struct ifnet *ifp = NULL; |
3956 | struct nd_ifinfo *ndi = NULL; |
3957 | struct in6_addr mask; |
3958 | struct in6_aliasreq ifra; |
3959 | int error, ifaupdate, iidlen, notcga; |
3960 | |
3961 | VERIFY(pr != NULL); |
3962 | VERIFY(errorp != NULL); |
3963 | |
3964 | NDPR_LOCK(pr); |
3965 | ifp = pr->ndpr_ifp; |
3966 | ia6 = NULL; |
3967 | error = 0; |
3968 | |
3969 | /* |
3970 | * Prefix Length check: |
3971 | * If the sum of the prefix length and interface identifier |
3972 | * length does not equal 128 bits, the Prefix Information |
3973 | * option MUST be ignored. The length of the interface |
3974 | * identifier is defined in a separate link-type specific |
3975 | * document. |
3976 | */ |
3977 | iidlen = in6_if2idlen(ifp); |
3978 | if (iidlen < 0) { |
3979 | error = EADDRNOTAVAIL; |
3980 | /* this should not happen, so we always log it. */ |
3981 | log(LOG_ERR, "%s: IID length undefined (%s)\n" , |
3982 | __func__, if_name(ifp)); |
3983 | goto unlock1; |
3984 | } else if (iidlen != 64) { |
3985 | error = EADDRNOTAVAIL; |
3986 | /* |
3987 | * stateless autoconfiguration not yet well-defined for IID |
3988 | * lengths other than 64 octets. Just give up for now. |
3989 | */ |
3990 | nd6log(info, "%s: IID length not 64 octets (%s)\n" , |
3991 | __func__, if_name(ifp)); |
3992 | goto unlock1; |
3993 | } |
3994 | |
3995 | if (iidlen + pr->ndpr_plen != 128) { |
3996 | error = EADDRNOTAVAIL; |
3997 | nd6log(info, |
3998 | "%s: invalid prefix length %d for %s, ignored\n" , |
3999 | __func__, pr->ndpr_plen, if_name(ifp)); |
4000 | goto unlock1; |
4001 | } |
4002 | |
4003 | bzero(s: &ifra, n: sizeof(ifra)); |
4004 | strlcpy(dst: ifra.ifra_name, if_name(ifp), n: sizeof(ifra.ifra_name)); |
4005 | ifra.ifra_addr.sin6_family = AF_INET6; |
4006 | ifra.ifra_addr.sin6_len = sizeof(struct sockaddr_in6); |
4007 | |
4008 | /* prefix */ |
4009 | bcopy(src: &pr->ndpr_prefix.sin6_addr, dst: &ifra.ifra_addr.sin6_addr, |
4010 | n: sizeof(ifra.ifra_addr.sin6_addr)); |
4011 | in6_len2mask(&mask, pr->ndpr_plen); |
4012 | ifra.ifra_addr.sin6_addr.s6_addr32[0] &= mask.s6_addr32[0]; |
4013 | ifra.ifra_addr.sin6_addr.s6_addr32[1] &= mask.s6_addr32[1]; |
4014 | ifra.ifra_addr.sin6_addr.s6_addr32[2] &= mask.s6_addr32[2]; |
4015 | ifra.ifra_addr.sin6_addr.s6_addr32[3] &= mask.s6_addr32[3]; |
4016 | |
4017 | ndi = ND_IFINFO(ifp); |
4018 | VERIFY(ndi->initialized); |
4019 | lck_mtx_lock(lck: &ndi->lock); |
4020 | |
4021 | notcga = nd6_send_opstate == ND6_SEND_OPMODE_DISABLED || |
4022 | (ndi->flags & ND6_IFF_INSECURE) != 0; |
4023 | |
4024 | lck_mtx_unlock(lck: &ndi->lock); |
4025 | NDPR_UNLOCK(pr); |
4026 | |
4027 | if (notcga && !is_clat46) { |
4028 | ia6 = in6ifa_ifpforlinklocal(ifp, 0); |
4029 | if (ia6 == NULL) { |
4030 | error = EADDRNOTAVAIL; |
4031 | nd6log(info, "%s: no link-local address (%s)\n" , |
4032 | __func__, if_name(ifp)); |
4033 | goto done; |
4034 | } |
4035 | |
4036 | IFA_LOCK(&ia6->ia_ifa); |
4037 | ifra.ifra_addr.sin6_addr.s6_addr32[0] |= |
4038 | (ia6->ia_addr.sin6_addr.s6_addr32[0] & ~mask.s6_addr32[0]); |
4039 | ifra.ifra_addr.sin6_addr.s6_addr32[1] |= |
4040 | (ia6->ia_addr.sin6_addr.s6_addr32[1] & ~mask.s6_addr32[1]); |
4041 | ifra.ifra_addr.sin6_addr.s6_addr32[2] |= |
4042 | (ia6->ia_addr.sin6_addr.s6_addr32[2] & ~mask.s6_addr32[2]); |
4043 | ifra.ifra_addr.sin6_addr.s6_addr32[3] |= |
4044 | (ia6->ia_addr.sin6_addr.s6_addr32[3] & ~mask.s6_addr32[3]); |
4045 | IFA_UNLOCK(&ia6->ia_ifa); |
4046 | ifa_remref(ifa: &ia6->ia_ifa); |
4047 | ia6 = NULL; |
4048 | } else { |
4049 | struct in6_cga_prepare local_cga_prepare; |
4050 | struct in6_cga_prepare *prepare_p; |
4051 | |
4052 | |
4053 | in6_cga_node_lock(); |
4054 | |
4055 | if (ndi->cga_initialized) { |
4056 | bcopy(src: &(ndi->local_cga_modifier), |
4057 | dst: &(local_cga_prepare.cga_modifier), |
4058 | n: sizeof(local_cga_prepare.cga_modifier)); |
4059 | prepare_p = &local_cga_prepare; |
4060 | } else { |
4061 | prepare_p = NULL; |
4062 | } |
4063 | error = in6_cga_generate(prepare_p, collision_count, |
4064 | &ifra.ifra_addr.sin6_addr, ifp); |
4065 | in6_cga_node_unlock(); |
4066 | if (error == 0) { |
4067 | ifra.ifra_flags |= IN6_IFF_SECURED; |
4068 | if (is_clat46) { |
4069 | ifra.ifra_flags |= IN6_IFF_CLAT46; |
4070 | } |
4071 | } else { |
4072 | if (!is_clat46) { |
4073 | nd6log(error, "%s: no CGA available (%s)\n" , |
4074 | __func__, if_name(ifp)); |
4075 | } else { |
4076 | nd6log(error, "%s: no CLAT46 available (%s)\n" , |
4077 | __func__, if_name(ifp)); |
4078 | } |
4079 | goto done; |
4080 | } |
4081 | } |
4082 | |
4083 | VERIFY(ia6 == NULL); |
4084 | |
4085 | /* new prefix mask. */ |
4086 | ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6); |
4087 | ifra.ifra_prefixmask.sin6_family = AF_INET6; |
4088 | bcopy(src: &mask, dst: &ifra.ifra_prefixmask.sin6_addr, |
4089 | n: sizeof(ifra.ifra_prefixmask.sin6_addr)); |
4090 | |
4091 | /* lifetimes. */ |
4092 | ifra.ifra_lifetime.ia6t_vltime = pr->ndpr_vltime; |
4093 | ifra.ifra_lifetime.ia6t_pltime = pr->ndpr_pltime; |
4094 | |
4095 | /* address flags */ |
4096 | ifra.ifra_flags |= IN6_IFF_AUTOCONF; /* obey autoconf */ |
4097 | |
4098 | /* |
4099 | * Make sure that we do not have this address already. This should |
4100 | * usually not happen, but we can still see this case, e.g., if we |
4101 | * have manually configured the exact address to be configured. |
4102 | */ |
4103 | if ((ia6 = in6ifa_ifpwithaddr(ifp, &ifra.ifra_addr.sin6_addr)) |
4104 | != NULL) { |
4105 | error = EEXIST; |
4106 | ifa_remref(ifa: &ia6->ia_ifa); |
4107 | ia6 = NULL; |
4108 | |
4109 | /* this should be rare enough to make an explicit log */ |
4110 | log(LOG_INFO, "%s: %s is already configured!\n" , |
4111 | __func__, ip6_sprintf(&ifra.ifra_addr.sin6_addr)); |
4112 | goto done; |
4113 | } |
4114 | |
4115 | /* |
4116 | * Allocate ifaddr structure, link into chain, etc. |
4117 | * If we are going to create a new address upon receiving a multicasted |
4118 | * RA, we need to impose a random delay before starting DAD. |
4119 | * [RFC 4862, Section 5.4.2] |
4120 | */ |
4121 | ifaupdate = IN6_IFAUPDATE_NOWAIT; |
4122 | if (mcast) { |
4123 | ifaupdate |= IN6_IFAUPDATE_DADDELAY; |
4124 | } |
4125 | error = in6_update_ifa(ifp, &ifra, ifaupdate, &ia6); |
4126 | if (error != 0) { |
4127 | nd6log(error, |
4128 | "%s: failed to make ifaddr %s on %s (errno=%d)\n" , |
4129 | __func__, ip6_sprintf(&ifra.ifra_addr.sin6_addr), |
4130 | if_name(ifp), error); |
4131 | error = EADDRNOTAVAIL; |
4132 | goto done; |
4133 | } else { |
4134 | /* remember the collision count */ |
4135 | ia6->ia6_cga_collision_count = collision_count; |
4136 | } |
4137 | |
4138 | VERIFY(ia6 != NULL); |
4139 | in6_post_msg(ifp, KEV_INET6_NEW_RTADV_ADDR, ia6, NULL); |
4140 | goto done; |
4141 | |
4142 | unlock1: |
4143 | NDPR_UNLOCK(pr); |
4144 | |
4145 | done: |
4146 | *errorp = error; |
4147 | return ia6; |
4148 | } |
4149 | |
4150 | #define IA6_NONCONST(i) ((struct in6_ifaddr *)(uintptr_t)(i)) |
4151 | |
4152 | int |
4153 | in6_tmpifadd(const struct in6_ifaddr *ia0, int forcegen) |
4154 | { |
4155 | struct ifnet *ifp = ia0->ia_ifa.ifa_ifp; |
4156 | struct in6_ifaddr *ia, *newia; |
4157 | struct in6_aliasreq ifra; |
4158 | int i, error, ifaupdate; |
4159 | int trylimit = 3; /* XXX: adhoc value */ |
4160 | u_int32_t randid[2]; |
4161 | uint32_t vltime0, pltime0; |
4162 | uint64_t timenow = net_uptime(); |
4163 | struct in6_addr addr; |
4164 | struct nd_prefix *ndpr; |
4165 | |
4166 | bzero(s: &ifra, n: sizeof(ifra)); |
4167 | strlcpy(dst: ifra.ifra_name, if_name(ifp), n: sizeof(ifra.ifra_name)); |
4168 | IFA_LOCK(&IA6_NONCONST(ia0)->ia_ifa); |
4169 | ifra.ifra_addr = ia0->ia_addr; |
4170 | /* copy prefix mask */ |
4171 | ifra.ifra_prefixmask = ia0->ia_prefixmask; |
4172 | /* clear the old IFID */ |
4173 | for (i = 0; i < 4; i++) { |
4174 | ifra.ifra_addr.sin6_addr.s6_addr32[i] |
4175 | &= ifra.ifra_prefixmask.sin6_addr.s6_addr32[i]; |
4176 | } |
4177 | addr = ia0->ia_addr.sin6_addr; |
4178 | IFA_UNLOCK(&IA6_NONCONST(ia0)->ia_ifa); |
4179 | |
4180 | again: |
4181 | in6_iid_mktmp(ifp, (u_int8_t *)randid, |
4182 | (const u_int8_t *)&addr.s6_addr[8], forcegen); |
4183 | |
4184 | ifra.ifra_addr.sin6_addr.s6_addr32[2] |= |
4185 | (randid[0] & ~(ifra.ifra_prefixmask.sin6_addr.s6_addr32[2])); |
4186 | ifra.ifra_addr.sin6_addr.s6_addr32[3] |= |
4187 | (randid[1] & ~(ifra.ifra_prefixmask.sin6_addr.s6_addr32[3])); |
4188 | |
4189 | /* |
4190 | * in6_iid_mktmp() quite likely provided a unique interface ID. |
4191 | * However, we may still have a chance to see collision, because |
4192 | * there may be a time lag between generation of the ID and generation |
4193 | * of the address. So, we'll do one more sanity check. |
4194 | */ |
4195 | if ((ia = in6ifa_ifpwithaddr(ifp, &ifra.ifra_addr.sin6_addr)) != NULL) { |
4196 | ifa_remref(ifa: &ia->ia_ifa); |
4197 | if (trylimit-- == 0) { |
4198 | nd6log(info, "in6_tmpifadd: failed to find " |
4199 | "a unique random IFID\n" ); |
4200 | return EEXIST; |
4201 | } |
4202 | forcegen = 1; |
4203 | goto again; |
4204 | } |
4205 | |
4206 | /* |
4207 | * The Valid Lifetime is the lower of the Valid Lifetime of the |
4208 | * public address or TEMP_VALID_LIFETIME. |
4209 | * The Preferred Lifetime is the lower of the Preferred Lifetime |
4210 | * of the public address or TEMP_PREFERRED_LIFETIME - |
4211 | * DESYNC_FACTOR. |
4212 | */ |
4213 | IFA_LOCK(&IA6_NONCONST(ia0)->ia_ifa); |
4214 | if (ia0->ia6_lifetime.ia6ti_vltime != ND6_INFINITE_LIFETIME) { |
4215 | vltime0 = IFA6_IS_INVALID(ia0, timenow) ? 0 : |
4216 | (ia0->ia6_lifetime.ia6ti_vltime - |
4217 | (uint32_t)(timenow - ia0->ia6_updatetime)); |
4218 | if (vltime0 > ip6_temp_valid_lifetime) { |
4219 | vltime0 = ip6_temp_valid_lifetime; |
4220 | } |
4221 | } else { |
4222 | vltime0 = ip6_temp_valid_lifetime; |
4223 | } |
4224 | if (ia0->ia6_lifetime.ia6ti_pltime != ND6_INFINITE_LIFETIME) { |
4225 | pltime0 = IFA6_IS_DEPRECATED(ia0, timenow) ? 0 : |
4226 | (ia0->ia6_lifetime.ia6ti_pltime - |
4227 | (uint32_t)(timenow - ia0->ia6_updatetime)); |
4228 | if (pltime0 > ip6_temp_preferred_lifetime - ip6_desync_factor) { |
4229 | pltime0 = ip6_temp_preferred_lifetime - |
4230 | ip6_desync_factor; |
4231 | } |
4232 | } else { |
4233 | pltime0 = ip6_temp_preferred_lifetime - ip6_desync_factor; |
4234 | } |
4235 | ifra.ifra_lifetime.ia6t_vltime = vltime0; |
4236 | ifra.ifra_lifetime.ia6t_pltime = pltime0; |
4237 | IFA_UNLOCK(&IA6_NONCONST(ia0)->ia_ifa); |
4238 | /* |
4239 | * A temporary address is created only if this calculated Preferred |
4240 | * Lifetime is greater than REGEN_ADVANCE time units. |
4241 | */ |
4242 | if (ifra.ifra_lifetime.ia6t_pltime <= ip6_temp_regen_advance) { |
4243 | return 0; |
4244 | } |
4245 | |
4246 | /* XXX: scope zone ID? */ |
4247 | |
4248 | ifra.ifra_flags |= (IN6_IFF_AUTOCONF | IN6_IFF_TEMPORARY); |
4249 | |
4250 | /* allocate ifaddr structure, link into chain, etc. */ |
4251 | ifaupdate = IN6_IFAUPDATE_NOWAIT | IN6_IFAUPDATE_DADDELAY; |
4252 | error = in6_update_ifa(ifp, &ifra, ifaupdate, &newia); |
4253 | if (error != 0) { |
4254 | nd6log(error, "in6_tmpifadd: failed to add address.\n" ); |
4255 | return error; |
4256 | } |
4257 | VERIFY(newia != NULL); |
4258 | |
4259 | IFA_LOCK(&IA6_NONCONST(ia0)->ia_ifa); |
4260 | ndpr = ia0->ia6_ndpr; |
4261 | if (ndpr == NULL) { |
4262 | /* |
4263 | * We lost the race with another thread that has purged |
4264 | * ia0 address; in this case, purge the tmp addr as well. |
4265 | */ |
4266 | nd6log(error, "in6_tmpifadd: no public address\n" ); |
4267 | VERIFY(!(ia0->ia6_flags & IN6_IFF_AUTOCONF)); |
4268 | IFA_UNLOCK(&IA6_NONCONST(ia0)->ia_ifa); |
4269 | in6_purgeaddr(&newia->ia_ifa); |
4270 | ifa_remref(ifa: &newia->ia_ifa); |
4271 | return EADDRNOTAVAIL; |
4272 | } |
4273 | NDPR_ADDREF(ndpr); /* for us */ |
4274 | IFA_UNLOCK(&IA6_NONCONST(ia0)->ia_ifa); |
4275 | IFA_LOCK(&newia->ia_ifa); |
4276 | if (newia->ia6_ndpr != NULL) { |
4277 | NDPR_LOCK(newia->ia6_ndpr); |
4278 | VERIFY(newia->ia6_ndpr->ndpr_addrcnt != 0); |
4279 | newia->ia6_ndpr->ndpr_addrcnt--; |
4280 | NDPR_UNLOCK(newia->ia6_ndpr); |
4281 | NDPR_REMREF(newia->ia6_ndpr); /* release addr reference */ |
4282 | } |
4283 | newia->ia6_ndpr = ndpr; |
4284 | NDPR_LOCK(newia->ia6_ndpr); |
4285 | newia->ia6_ndpr->ndpr_addrcnt++; |
4286 | VERIFY(newia->ia6_ndpr->ndpr_addrcnt != 0); |
4287 | NDPR_ADDREF(newia->ia6_ndpr); /* for addr reference */ |
4288 | NDPR_UNLOCK(newia->ia6_ndpr); |
4289 | IFA_UNLOCK(&newia->ia_ifa); |
4290 | /* |
4291 | * A newly added address might affect the status of other addresses. |
4292 | * XXX: when the temporary address is generated with a new public |
4293 | * address, the onlink check is redundant. However, it would be safe |
4294 | * to do the check explicitly everywhere a new address is generated, |
4295 | * and, in fact, we surely need the check when we create a new |
4296 | * temporary address due to deprecation of an old temporary address. |
4297 | */ |
4298 | lck_mtx_lock(nd6_mutex); |
4299 | pfxlist_onlink_check(); |
4300 | lck_mtx_unlock(nd6_mutex); |
4301 | ifa_remref(ifa: &newia->ia_ifa); |
4302 | |
4303 | /* remove our reference */ |
4304 | NDPR_REMREF(ndpr); |
4305 | |
4306 | return 0; |
4307 | } |
4308 | #undef IA6_NONCONST |
4309 | |
4310 | int |
4311 | in6_init_prefix_ltimes(struct nd_prefix *ndpr) |
4312 | { |
4313 | struct timeval caltime; |
4314 | u_int64_t timenow = net_uptime(); |
4315 | |
4316 | NDPR_LOCK_ASSERT_HELD(ndpr); |
4317 | |
4318 | getmicrotime(&caltime); |
4319 | ndpr->ndpr_base_calendartime = caltime.tv_sec; |
4320 | ndpr->ndpr_base_uptime = timenow; |
4321 | |
4322 | /* check if preferred lifetime > valid lifetime. RFC 4862 5.5.3 (c) */ |
4323 | if (ndpr->ndpr_pltime > ndpr->ndpr_vltime) { |
4324 | nd6log(info, "in6_init_prefix_ltimes: preferred lifetime" |
4325 | "(%d) is greater than valid lifetime(%d)\n" , |
4326 | (u_int)ndpr->ndpr_pltime, (u_int)ndpr->ndpr_vltime); |
4327 | return EINVAL; |
4328 | } |
4329 | if (ndpr->ndpr_pltime == ND6_INFINITE_LIFETIME) { |
4330 | ndpr->ndpr_preferred = 0; |
4331 | } else { |
4332 | ndpr->ndpr_preferred = timenow + ndpr->ndpr_pltime; |
4333 | } |
4334 | if (ndpr->ndpr_vltime == ND6_INFINITE_LIFETIME) { |
4335 | ndpr->ndpr_expire = 0; |
4336 | } else { |
4337 | ndpr->ndpr_expire = timenow + ndpr->ndpr_vltime; |
4338 | } |
4339 | |
4340 | return 0; |
4341 | } |
4342 | |
4343 | static void |
4344 | in6_init_address_ltimes(struct in6_addrlifetime *lt6) |
4345 | { |
4346 | uint64_t timenow = net_uptime(); |
4347 | |
4348 | /* Valid lifetime must not be updated unless explicitly specified. */ |
4349 | /* init ia6t_expire */ |
4350 | if (lt6->ia6t_vltime == ND6_INFINITE_LIFETIME) { |
4351 | lt6->ia6t_expire = 0; |
4352 | } else { |
4353 | lt6->ia6t_expire = timenow; |
4354 | lt6->ia6t_expire += lt6->ia6t_vltime; |
4355 | } |
4356 | |
4357 | /* init ia6t_preferred */ |
4358 | if (lt6->ia6t_pltime == ND6_INFINITE_LIFETIME) { |
4359 | lt6->ia6t_preferred = 0; |
4360 | } else { |
4361 | lt6->ia6t_preferred = timenow; |
4362 | lt6->ia6t_preferred += lt6->ia6t_pltime; |
4363 | } |
4364 | } |
4365 | |
4366 | /* |
4367 | * Delete all the routing table entries that use the specified gateway. |
4368 | * XXX: this function causes search through all entries of routing table, so |
4369 | * it shouldn't be called when acting as a router. |
4370 | * |
4371 | * This should really be working on entries that have a specific |
4372 | * parent route. |
4373 | */ |
4374 | void |
4375 | rt6_flush( |
4376 | struct in6_addr *gateway, |
4377 | struct ifnet *ifp) |
4378 | { |
4379 | struct radix_node_head *rnh = rt_tables[AF_INET6]; |
4380 | |
4381 | /* We'll care only link-local addresses */ |
4382 | if (!IN6_IS_ADDR_LINKLOCAL(gateway)) { |
4383 | return; |
4384 | } |
4385 | lck_mtx_lock(rnh_lock); |
4386 | /* XXX: hack for KAME's link-local address kludge */ |
4387 | if (in6_embedded_scope) { |
4388 | gateway->s6_addr16[1] = htons(ifp->if_index); |
4389 | } |
4390 | |
4391 | rnh->rnh_walktree(rnh, rt6_deleteroute, (void *)gateway); |
4392 | lck_mtx_unlock(rnh_lock); |
4393 | } |
4394 | |
4395 | static int |
4396 | rt6_deleteroute( |
4397 | struct radix_node *rn, |
4398 | void *arg) |
4399 | { |
4400 | struct rtentry *rt = (struct rtentry *)rn; |
4401 | struct in6_addr *gate = (struct in6_addr *)arg; |
4402 | |
4403 | LCK_MTX_ASSERT(rnh_lock, LCK_MTX_ASSERT_OWNED); |
4404 | |
4405 | RT_LOCK(rt); |
4406 | if (rt->rt_gateway == NULL || rt->rt_gateway->sa_family != AF_INET6) { |
4407 | RT_UNLOCK(rt); |
4408 | return 0; |
4409 | } |
4410 | |
4411 | if (!IN6_ARE_ADDR_EQUAL(gate, &SIN6(rt->rt_gateway)->sin6_addr)) { |
4412 | RT_UNLOCK(rt); |
4413 | return 0; |
4414 | } |
4415 | /* |
4416 | * Do not delete a static route. |
4417 | * XXX: this seems to be a bit ad-hoc. Should we consider the |
4418 | * 'cloned' bit instead? |
4419 | */ |
4420 | if ((rt->rt_flags & RTF_STATIC) != 0) { |
4421 | RT_UNLOCK(rt); |
4422 | return 0; |
4423 | } |
4424 | /* |
4425 | * We delete only host route. This means, in particular, we don't |
4426 | * delete default route. |
4427 | */ |
4428 | if ((rt->rt_flags & RTF_HOST) == 0) { |
4429 | RT_UNLOCK(rt); |
4430 | return 0; |
4431 | } |
4432 | |
4433 | /* |
4434 | * Safe to drop rt_lock and use rt_key, rt_gateway, since holding |
4435 | * rnh_lock here prevents another thread from calling rt_setgate() |
4436 | * on this route. |
4437 | */ |
4438 | RT_UNLOCK(rt); |
4439 | return rtrequest_locked(RTM_DELETE, rt_key(rt), rt->rt_gateway, |
4440 | rt_mask(rt), rt->rt_flags, 0); |
4441 | } |
4442 | |
4443 | int |
4444 | nd6_setdefaultiface( |
4445 | int ifindex) |
4446 | { |
4447 | int error = 0; |
4448 | ifnet_t def_ifp = NULL; |
4449 | |
4450 | LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED); |
4451 | |
4452 | ifnet_head_lock_shared(); |
4453 | if (!IF_INDEX_IN_RANGE(ifindex)) { |
4454 | ifnet_head_done(); |
4455 | return EINVAL; |
4456 | } |
4457 | def_ifp = ifindex2ifnet[ifindex]; |
4458 | ifnet_head_done(); |
4459 | |
4460 | lck_mtx_lock(nd6_mutex); |
4461 | if (nd6_defifindex != ifindex) { |
4462 | struct ifnet *odef_ifp = nd6_defifp; |
4463 | |
4464 | nd6_defifindex = ifindex; |
4465 | if (nd6_defifindex > 0) { |
4466 | nd6_defifp = def_ifp; |
4467 | } else { |
4468 | nd6_defifp = NULL; |
4469 | } |
4470 | |
4471 | if (nd6_defifp != NULL) { |
4472 | nd6log(info, "%s: is now the default " |
4473 | "interface (was %s)\n" , if_name(nd6_defifp), |
4474 | odef_ifp != NULL ? if_name(odef_ifp) : "NONE" ); |
4475 | } else { |
4476 | nd6log(info, "No default interface set\n" ); |
4477 | } |
4478 | |
4479 | /* |
4480 | * If the Default Router List is empty, install a route |
4481 | * to the specified interface as default or remove the default |
4482 | * route when the default interface becomes canceled. |
4483 | * The check for the queue is actually redundant, but |
4484 | * we do this here to avoid re-install the default route |
4485 | * if the list is NOT empty. |
4486 | */ |
4487 | if (odef_ifp != NULL) { |
4488 | defrouter_select(ifp: odef_ifp, NULL); |
4489 | } |
4490 | |
4491 | if (nd6_defifp != NULL) { |
4492 | defrouter_select(ifp: nd6_defifp, NULL); |
4493 | nd6_prefix_sync(ifp: nd6_defifp); |
4494 | } |
4495 | |
4496 | /* |
4497 | * XXX For now we managed RTI routes as un-scoped. |
4498 | * Therefore we ignore the change in nd6_defifindex |
4499 | * for RTI routes for now. |
4500 | */ |
4501 | /* |
4502 | * Our current implementation assumes one-to-one mapping between |
4503 | * interfaces and links, so it would be natural to use the |
4504 | * default interface as the default link. |
4505 | */ |
4506 | scope6_setdefault(nd6_defifp); |
4507 | } |
4508 | lck_mtx_unlock(nd6_mutex); |
4509 | return error; |
4510 | } |
4511 | |