1139826Simp/*- 253541Sshin * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 3222488Srwatson * Copyright (c) 2010-2011 Juniper Networks, Inc. 453541Sshin * All rights reserved. 553541Sshin * 6222488Srwatson * Portions of this software were developed by Robert N. M. Watson under 7222488Srwatson * contract to Juniper Networks, Inc. 8222488Srwatson * 953541Sshin * Redistribution and use in source and binary forms, with or without 1053541Sshin * modification, are permitted provided that the following conditions 1153541Sshin * are met: 1253541Sshin * 1. Redistributions of source code must retain the above copyright 1353541Sshin * notice, this list of conditions and the following disclaimer. 1453541Sshin * 2. Redistributions in binary form must reproduce the above copyright 1553541Sshin * notice, this list of conditions and the following disclaimer in the 1653541Sshin * documentation and/or other materials provided with the distribution. 1753541Sshin * 3. Neither the name of the project nor the names of its contributors 1853541Sshin * may be used to endorse or promote products derived from this software 1953541Sshin * without specific prior written permission. 2053541Sshin * 2153541Sshin * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 2253541Sshin * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 2353541Sshin * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 2453541Sshin * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 2553541Sshin * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 2653541Sshin * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2753541Sshin * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2853541Sshin * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 2953541Sshin * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 3053541Sshin * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 3153541Sshin * SUCH DAMAGE. 3253541Sshin * 33174510Sobrien * $KAME: in6_pcb.c,v 1.31 2001/05/21 05:45:10 jinmei Exp $ 3453541Sshin */ 3553541Sshin 36139826Simp/*- 3753541Sshin * Copyright (c) 1982, 1986, 1991, 1993 3853541Sshin * The Regents of the University of California. All rights reserved. 3953541Sshin * 4053541Sshin * Redistribution and use in source and binary forms, with or without 4153541Sshin * modification, are permitted provided that the following conditions 4253541Sshin * are met: 4353541Sshin * 1. Redistributions of source code must retain the above copyright 4453541Sshin * notice, this list of conditions and the following disclaimer. 4553541Sshin * 2. Redistributions in binary form must reproduce the above copyright 4653541Sshin * notice, this list of conditions and the following disclaimer in the 4753541Sshin * documentation and/or other materials provided with the distribution. 4853541Sshin * 4. Neither the name of the University nor the names of its contributors 4953541Sshin * may be used to endorse or promote products derived from this software 5053541Sshin * without specific prior written permission. 5153541Sshin * 5253541Sshin * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 5353541Sshin * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 5453541Sshin * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 5553541Sshin * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 5653541Sshin * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 5753541Sshin * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 5853541Sshin * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 5953541Sshin * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 6053541Sshin * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 6153541Sshin * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 6253541Sshin * SUCH DAMAGE. 6353541Sshin * 6453541Sshin * @(#)in_pcb.c 8.2 (Berkeley) 1/4/94 6553541Sshin */ 6653541Sshin 67174510Sobrien#include <sys/cdefs.h> 68174510Sobrien__FBSDID("$FreeBSD: stable/10/sys/netinet6/in6_pcb.c 309108 2016-11-24 14:48:46Z jch $"); 69174510Sobrien 7078064Sume#include "opt_inet.h" 7178064Sume#include "opt_inet6.h" 7255009Sshin#include "opt_ipsec.h" 73222748Srwatson#include "opt_pcbgroup.h" 7453541Sshin 7553541Sshin#include <sys/param.h> 7653541Sshin#include <sys/systm.h> 7753541Sshin#include <sys/malloc.h> 7853541Sshin#include <sys/mbuf.h> 7955679Sshin#include <sys/domain.h> 8053541Sshin#include <sys/protosw.h> 8153541Sshin#include <sys/socket.h> 8253541Sshin#include <sys/socketvar.h> 8353541Sshin#include <sys/sockio.h> 8453541Sshin#include <sys/errno.h> 8553541Sshin#include <sys/time.h> 86164033Srwatson#include <sys/priv.h> 8753541Sshin#include <sys/proc.h> 8853541Sshin#include <sys/jail.h> 8953541Sshin 9092767Sjeff#include <vm/uma.h> 9153541Sshin 9253541Sshin#include <net/if.h> 9353541Sshin#include <net/if_types.h> 9453541Sshin#include <net/route.h> 9553541Sshin 9653541Sshin#include <netinet/in.h> 9753541Sshin#include <netinet/in_var.h> 9853541Sshin#include <netinet/in_systm.h> 9998102Shsu#include <netinet/tcp_var.h> 10062587Sitojun#include <netinet/ip6.h> 10155679Sshin#include <netinet/ip_var.h> 102181887Sjulian 10353541Sshin#include <netinet6/ip6_var.h> 10453541Sshin#include <netinet6/nd6.h> 10553541Sshin#include <netinet/in_pcb.h> 10653541Sshin#include <netinet6/in6_pcb.h> 107148385Sume#include <netinet6/scope6_var.h> 10853541Sshin 10953541Sshinint 110171259Sdelphijin6_pcbbind(register struct inpcb *inp, struct sockaddr *nam, 111171259Sdelphij struct ucred *cred) 11253541Sshin{ 11353541Sshin struct socket *so = inp->inp_socket; 11453541Sshin struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)NULL; 11553541Sshin struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 11653541Sshin u_short lport = 0; 117222215Srwatson int error, lookupflags = 0; 118222215Srwatson int reuseport = (so->so_options & SO_REUSEPORT); 11953541Sshin 120178285Srwatson INP_WLOCK_ASSERT(inp); 121222488Srwatson INP_HASH_WLOCK_ASSERT(pcbinfo); 122132714Srwatson 123194907Srwatson if (TAILQ_EMPTY(&V_in6_ifaddrhead)) /* XXX broken! */ 12453541Sshin return (EADDRNOTAVAIL); 12553541Sshin if (inp->inp_lport || !IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) 126120856Sume return (EINVAL); 12753541Sshin if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0) 128222215Srwatson lookupflags = INPLOOKUP_WILDCARD; 129188148Sjamie if (nam == NULL) { 130188148Sjamie if ((error = prison_local_ip6(cred, &inp->in6p_laddr, 131188148Sjamie ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0))) != 0) 132188148Sjamie return (error); 133188148Sjamie } else { 13453541Sshin sin6 = (struct sockaddr_in6 *)nam; 13553541Sshin if (nam->sa_len != sizeof(*sin6)) 136120856Sume return (EINVAL); 13753541Sshin /* 13853541Sshin * family check. 13953541Sshin */ 14053541Sshin if (nam->sa_family != AF_INET6) 141120856Sume return (EAFNOSUPPORT); 14253541Sshin 143181803Sbz if ((error = sa6_embedscope(sin6, V_ip6_use_defzone)) != 0) 144148385Sume return(error); 14553541Sshin 146188144Sjamie if ((error = prison_local_ip6(cred, &sin6->sin6_addr, 147188144Sjamie ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0))) != 0) 148188144Sjamie return (error); 149185435Sbz 15053541Sshin lport = sin6->sin6_port; 15153541Sshin if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) { 15253541Sshin /* 15353541Sshin * Treat SO_REUSEADDR as SO_REUSEPORT for multicast; 15453541Sshin * allow compepte duplication of binding if 15553541Sshin * SO_REUSEPORT is set, or if SO_REUSEADDR is set 15653541Sshin * and a multicast address is bound on both 15753541Sshin * new and duplicated sockets. 15853541Sshin */ 159253282Strociny if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) != 0) 16053541Sshin reuseport = SO_REUSEADDR|SO_REUSEPORT; 16153541Sshin } else if (!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 162194760Srwatson struct ifaddr *ifa; 16353541Sshin 16453541Sshin sin6->sin6_port = 0; /* yech... */ 165194760Srwatson if ((ifa = ifa_ifwithaddr((struct sockaddr *)sin6)) == 166194760Srwatson NULL && 167193217Spjd (inp->inp_flags & INP_BINDANY) == 0) { 168120856Sume return (EADDRNOTAVAIL); 169193217Spjd } 17053541Sshin 17153541Sshin /* 17253541Sshin * XXX: bind to an anycast address might accidentally 17353541Sshin * cause sending a packet with anycast source address. 17478064Sume * We should allow to bind to a deprecated address, since 175120913Sume * the application dares to use it. 17653541Sshin */ 177194760Srwatson if (ifa != NULL && 178194760Srwatson ((struct in6_ifaddr *)ifa)->ia6_flags & 17978064Sume (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY|IN6_IFF_DETACHED)) { 180194760Srwatson ifa_free(ifa); 181120856Sume return (EADDRNOTAVAIL); 18253541Sshin } 183194760Srwatson if (ifa != NULL) 184194760Srwatson ifa_free(ifa); 18553541Sshin } 18653541Sshin if (lport) { 18753541Sshin struct inpcb *t; 188227206Strociny struct tcptw *tw; 18953541Sshin 19053541Sshin /* GROSS */ 191181803Sbz if (ntohs(lport) <= V_ipport_reservedhigh && 192181803Sbz ntohs(lport) >= V_ipport_reservedlow && 193164033Srwatson priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT, 194170587Srwatson 0)) 195120856Sume return (EACCES); 196159976Spjd if (!IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr) && 197183606Sbz priv_check_cred(inp->inp_cred, 198170587Srwatson PRIV_NETINET_REUSEPORT, 0) != 0) { 19955679Sshin t = in6_pcblookup_local(pcbinfo, 20053541Sshin &sin6->sin6_addr, lport, 201180427Sbz INPLOOKUP_WILDCARD, cred); 202132699Syar if (t && 203189848Srwatson ((t->inp_flags & INP_TIMEWAIT) == 0) && 204132699Syar (so->so_type != SOCK_STREAM || 205132699Syar IN6_IS_ADDR_UNSPECIFIED(&t->in6p_faddr)) && 20697658Stanimura (!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr) || 207171260Sdelphij !IN6_IS_ADDR_UNSPECIFIED(&t->in6p_laddr) || 208227207Strociny (t->inp_flags2 & INP_REUSEPORT) == 0) && 209227207Strociny (inp->inp_cred->cr_uid != 210183606Sbz t->inp_cred->cr_uid)) 21197658Stanimura return (EADDRINUSE); 212221247Sbz#ifdef INET 21378064Sume if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0 && 21455679Sshin IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 21555679Sshin struct sockaddr_in sin; 21655679Sshin 21755679Sshin in6_sin6_2_sin(&sin, sin6); 21855679Sshin t = in_pcblookup_local(pcbinfo, 219180427Sbz sin.sin_addr, lport, 220180427Sbz INPLOOKUP_WILDCARD, cred); 221132699Syar if (t && 222189848Srwatson ((t->inp_flags & 223132699Syar INP_TIMEWAIT) == 0) && 224132699Syar (so->so_type != SOCK_STREAM || 225132699Syar ntohl(t->inp_faddr.s_addr) == 226132699Syar INADDR_ANY) && 227183606Sbz (inp->inp_cred->cr_uid != 228183606Sbz t->inp_cred->cr_uid)) 22955679Sshin return (EADDRINUSE); 23055679Sshin } 231221247Sbz#endif 23253541Sshin } 23353541Sshin t = in6_pcblookup_local(pcbinfo, &sin6->sin6_addr, 234222215Srwatson lport, lookupflags, cred); 235227206Strociny if (t && (t->inp_flags & INP_TIMEWAIT)) { 236227206Strociny /* 237227206Strociny * XXXRW: If an incpb has had its timewait 238227206Strociny * state recycled, we treat the address as 239227206Strociny * being in use (for now). This is better 240227206Strociny * than a panic, but not desirable. 241227206Strociny */ 242227206Strociny tw = intotw(t); 243227206Strociny if (tw == NULL || 244227206Strociny (reuseport & tw->tw_so_options) == 0) 245227206Strociny return (EADDRINUSE); 246252710Strociny } else if (t && (reuseport & inp_so_options(t)) == 0) { 247120856Sume return (EADDRINUSE); 248227206Strociny } 249221247Sbz#ifdef INET 25078064Sume if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0 && 25155679Sshin IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 25255679Sshin struct sockaddr_in sin; 25355679Sshin 25455679Sshin in6_sin6_2_sin(&sin, sin6); 25555679Sshin t = in_pcblookup_local(pcbinfo, sin.sin_addr, 256222215Srwatson lport, lookupflags, cred); 257189848Srwatson if (t && t->inp_flags & INP_TIMEWAIT) { 258227206Strociny tw = intotw(t); 259227206Strociny if (tw == NULL) 260227206Strociny return (EADDRINUSE); 261227206Strociny if ((reuseport & tw->tw_so_options) == 0 262227206Strociny && (ntohl(t->inp_laddr.s_addr) != 263171260Sdelphij INADDR_ANY || ((inp->inp_vflag & 264171260Sdelphij INP_IPV6PROTO) == 265116453Scognet (t->inp_vflag & INP_IPV6PROTO)))) 266116453Scognet return (EADDRINUSE); 267252710Strociny } else if (t && 268252710Strociny (reuseport & inp_so_options(t)) == 0 && 269227207Strociny (ntohl(t->inp_laddr.s_addr) != INADDR_ANY || 270227449Strociny (t->inp_vflag & INP_IPV6PROTO) != 0)) 27197658Stanimura return (EADDRINUSE); 27255679Sshin } 273221247Sbz#endif 27453541Sshin } 27553541Sshin inp->in6p_laddr = sin6->sin6_addr; 27653541Sshin } 27753541Sshin if (lport == 0) { 278219570Sbz if ((error = in6_pcbsetport(&inp->in6p_laddr, inp, cred)) != 0) { 279219570Sbz /* Undo an address bind that may have occurred. */ 280219570Sbz inp->in6p_laddr = in6addr_any; 281188144Sjamie return (error); 282219570Sbz } 283183611Sbz } else { 28462587Sitojun inp->inp_lport = lport; 28562587Sitojun if (in_pcbinshash(inp) != 0) { 28662587Sitojun inp->in6p_laddr = in6addr_any; 28762587Sitojun inp->inp_lport = 0; 28862587Sitojun return (EAGAIN); 28953541Sshin } 29053541Sshin } 291120856Sume return (0); 29253541Sshin} 29353541Sshin 29453541Sshin/* 29553541Sshin * Transform old in6_pcbconnect() into an inner subroutine for new 29653541Sshin * in6_pcbconnect(): Do some validity-checking on the remote 29753541Sshin * address (in mbuf 'nam') and then determine local host address 29853541Sshin * (i.e., which interface) to use to access that remote host. 29953541Sshin * 30053541Sshin * This preserves definition of in6_pcbconnect(), while supporting a 30153541Sshin * slightly different version for T/TCP. (This is more than 30253541Sshin * a bit of a kludge, but cleaning up the internal interfaces would 30353541Sshin * have forced minor changes in every protocol). 30453541Sshin */ 30553541Sshinint 306171259Sdelphijin6_pcbladdr(register struct inpcb *inp, struct sockaddr *nam, 307194777Sbz struct in6_addr *plocal_addr6) 30853541Sshin{ 30953541Sshin register struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam; 310148385Sume int error = 0; 31153541Sshin struct ifnet *ifp = NULL; 312148385Sume int scope_ambiguous = 0; 313194777Sbz struct in6_addr in6a; 31453541Sshin 315178285Srwatson INP_WLOCK_ASSERT(inp); 316222488Srwatson INP_HASH_WLOCK_ASSERT(inp->inp_pcbinfo); /* XXXRW: why? */ 317158011Srwatson 31853541Sshin if (nam->sa_len != sizeof (*sin6)) 31953541Sshin return (EINVAL); 32053541Sshin if (sin6->sin6_family != AF_INET6) 32153541Sshin return (EAFNOSUPPORT); 32253541Sshin if (sin6->sin6_port == 0) 32353541Sshin return (EADDRNOTAVAIL); 32453541Sshin 325181803Sbz if (sin6->sin6_scope_id == 0 && !V_ip6_use_defzone) 326148385Sume scope_ambiguous = 1; 327181803Sbz if ((error = sa6_embedscope(sin6, V_ip6_use_defzone)) != 0) 328148385Sume return(error); 329148385Sume 330194907Srwatson if (!TAILQ_EMPTY(&V_in6_ifaddrhead)) { 33153541Sshin /* 33253541Sshin * If the destination address is UNSPECIFIED addr, 33353541Sshin * use the loopback addr, e.g ::1. 33453541Sshin */ 33553541Sshin if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) 33653541Sshin sin6->sin6_addr = in6addr_loopback; 33753541Sshin } 338188144Sjamie if ((error = prison_remote_ip6(inp->inp_cred, &sin6->sin6_addr)) != 0) 339188144Sjamie return (error); 340148385Sume 341194777Sbz error = in6_selectsrc(sin6, inp->in6p_outputopts, 342194777Sbz inp, NULL, inp->inp_cred, &ifp, &in6a); 343194777Sbz if (error) 344194777Sbz return (error); 345194777Sbz 346148385Sume if (ifp && scope_ambiguous && 347148385Sume (error = in6_setscope(&sin6->sin6_addr, ifp, NULL)) != 0) { 348148385Sume return(error); 34953541Sshin } 350148385Sume 351148385Sume /* 352194777Sbz * Do not update this earlier, in case we return with an error. 353194777Sbz * 354194777Sbz * XXX: this in6_selectsrc result might replace the bound local 355202915Sbz * address with the address specified by setsockopt(IPV6_PKTINFO). 356194777Sbz * Is it the intended behavior? 357194777Sbz */ 358194777Sbz *plocal_addr6 = in6a; 359194777Sbz 360194777Sbz /* 361148385Sume * Don't do pcblookup call here; return interface in 362148385Sume * plocal_addr6 363148385Sume * and exit to caller, that will do the lookup. 364148385Sume */ 365148385Sume 366120856Sume return (0); 36753541Sshin} 36853541Sshin 36953541Sshin/* 37053541Sshin * Outer subroutine: 37153541Sshin * Connect from a socket to a specified address. 37253541Sshin * Both address and port must be specified in argument sin. 37353541Sshin * If don't have a local address for this socket yet, 37453541Sshin * then pick one. 37553541Sshin */ 37653541Sshinint 377222691Srwatsonin6_pcbconnect_mbuf(register struct inpcb *inp, struct sockaddr *nam, 378222691Srwatson struct ucred *cred, struct mbuf *m) 37953541Sshin{ 380222488Srwatson struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 38153541Sshin register struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam; 382194777Sbz struct in6_addr addr6; 38353541Sshin int error; 38453541Sshin 385178285Srwatson INP_WLOCK_ASSERT(inp); 386222488Srwatson INP_HASH_WLOCK_ASSERT(pcbinfo); 387132714Srwatson 38853541Sshin /* 38995023Ssuz * Call inner routine, to assign local interface address. 39095023Ssuz * in6_pcbladdr() may automatically fill in sin6_scope_id. 39153541Sshin */ 39253541Sshin if ((error = in6_pcbladdr(inp, nam, &addr6)) != 0) 393120856Sume return (error); 39453541Sshin 395222488Srwatson if (in6_pcblookup_hash_locked(pcbinfo, &sin6->sin6_addr, 39653541Sshin sin6->sin6_port, 39753541Sshin IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr) 398194777Sbz ? &addr6 : &inp->in6p_laddr, 39953541Sshin inp->inp_lport, 0, NULL) != NULL) { 40053541Sshin return (EADDRINUSE); 40153541Sshin } 40253541Sshin if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { 40353541Sshin if (inp->inp_lport == 0) { 404127505Spjd error = in6_pcbbind(inp, (struct sockaddr *)0, cred); 40553541Sshin if (error) 40653541Sshin return (error); 40753541Sshin } 408194777Sbz inp->in6p_laddr = addr6; 40953541Sshin } 41053541Sshin inp->in6p_faddr = sin6->sin6_addr; 41153541Sshin inp->inp_fport = sin6->sin6_port; 41278064Sume /* update flowinfo - draft-itojun-ipv6-flowlabel-api-00 */ 413186141Sbz inp->inp_flow &= ~IPV6_FLOWLABEL_MASK; 414186141Sbz if (inp->inp_flags & IN6P_AUTOFLOWLABEL) 415186141Sbz inp->inp_flow |= 416120649Sume (htonl(ip6_randomflowlabel()) & IPV6_FLOWLABEL_MASK); 41753541Sshin 418222691Srwatson in_pcbrehash_mbuf(inp, m); 419171133Sgnn 42053541Sshin return (0); 42153541Sshin} 42253541Sshin 423222691Srwatsonint 424222691Srwatsonin6_pcbconnect(struct inpcb *inp, struct sockaddr *nam, struct ucred *cred) 425222691Srwatson{ 426222691Srwatson 427222691Srwatson return (in6_pcbconnect_mbuf(inp, nam, cred, NULL)); 428222691Srwatson} 429222691Srwatson 43053541Sshinvoid 431171259Sdelphijin6_pcbdisconnect(struct inpcb *inp) 43253541Sshin{ 433132714Srwatson 434178285Srwatson INP_WLOCK_ASSERT(inp); 435222488Srwatson INP_HASH_WLOCK_ASSERT(inp->inp_pcbinfo); 436132714Srwatson 43753541Sshin bzero((caddr_t)&inp->in6p_faddr, sizeof(inp->in6p_faddr)); 43853541Sshin inp->inp_fport = 0; 43978064Sume /* clear flowinfo - draft-itojun-ipv6-flowlabel-api-00 */ 440186141Sbz inp->inp_flow &= ~IPV6_FLOWLABEL_MASK; 44153541Sshin in_pcbrehash(inp); 44253541Sshin} 44353541Sshin 444102218Struckmanstruct sockaddr * 445171259Sdelphijin6_sockaddr(in_port_t port, struct in6_addr *addr_p) 446102218Struckman{ 447102218Struckman struct sockaddr_in6 *sin6; 448102218Struckman 449184205Sdes sin6 = malloc(sizeof *sin6, M_SONAME, M_WAITOK); 450102218Struckman bzero(sin6, sizeof *sin6); 451102218Struckman sin6->sin6_family = AF_INET6; 452102218Struckman sin6->sin6_len = sizeof(*sin6); 453102218Struckman sin6->sin6_port = port; 454102218Struckman sin6->sin6_addr = *addr_p; 455148385Sume (void)sa6_recoverscope(sin6); /* XXX: should catch errors */ 456102218Struckman 457102218Struckman return (struct sockaddr *)sin6; 458102218Struckman} 459102218Struckman 460102218Struckmanstruct sockaddr * 461171259Sdelphijin6_v4mapsin6_sockaddr(in_port_t port, struct in_addr *addr_p) 462102218Struckman{ 463102218Struckman struct sockaddr_in sin; 464102218Struckman struct sockaddr_in6 *sin6_p; 465102218Struckman 466102218Struckman bzero(&sin, sizeof sin); 467102218Struckman sin.sin_family = AF_INET; 468102218Struckman sin.sin_len = sizeof(sin); 469102218Struckman sin.sin_port = port; 470102218Struckman sin.sin_addr = *addr_p; 471102218Struckman 472184205Sdes sin6_p = malloc(sizeof *sin6_p, M_SONAME, 473111119Simp M_WAITOK); 474102218Struckman in6_sin_2_v4mapsin6(&sin, sin6_p); 475102218Struckman 476102218Struckman return (struct sockaddr *)sin6_p; 477102218Struckman} 478102218Struckman 47953541Sshinint 480171259Sdelphijin6_getsockaddr(struct socket *so, struct sockaddr **nam) 48153541Sshin{ 48253541Sshin register struct inpcb *inp; 483102218Struckman struct in6_addr addr; 484102218Struckman in_port_t port; 48553541Sshin 48653541Sshin inp = sotoinpcb(so); 487169462Srwatson KASSERT(inp != NULL, ("in6_getsockaddr: inp == NULL")); 488157673Srwatson 489178320Srwatson INP_RLOCK(inp); 490102218Struckman port = inp->inp_lport; 491102218Struckman addr = inp->in6p_laddr; 492178320Srwatson INP_RUNLOCK(inp); 49353541Sshin 494102218Struckman *nam = in6_sockaddr(port, &addr); 49553541Sshin return 0; 49653541Sshin} 49753541Sshin 49853541Sshinint 499171259Sdelphijin6_getpeeraddr(struct socket *so, struct sockaddr **nam) 50053541Sshin{ 50153541Sshin struct inpcb *inp; 502102218Struckman struct in6_addr addr; 503102218Struckman in_port_t port; 50453541Sshin 50553541Sshin inp = sotoinpcb(so); 506169462Srwatson KASSERT(inp != NULL, ("in6_getpeeraddr: inp == NULL")); 507157673Srwatson 508178320Srwatson INP_RLOCK(inp); 509102218Struckman port = inp->inp_fport; 510102218Struckman addr = inp->in6p_faddr; 511178320Srwatson INP_RUNLOCK(inp); 51253541Sshin 513102218Struckman *nam = in6_sockaddr(port, &addr); 51453541Sshin return 0; 51553541Sshin} 51653541Sshin 51753541Sshinint 51853541Sshinin6_mapped_sockaddr(struct socket *so, struct sockaddr **nam) 51953541Sshin{ 520157673Srwatson struct inpcb *inp; 52153541Sshin int error; 52253541Sshin 523157673Srwatson inp = sotoinpcb(so); 524157673Srwatson KASSERT(inp != NULL, ("in6_mapped_sockaddr: inp == NULL")); 525157673Srwatson 526221247Sbz#ifdef INET 527124332Sume if ((inp->inp_vflag & (INP_IPV4 | INP_IPV6)) == INP_IPV4) { 528169462Srwatson error = in_getsockaddr(so, nam); 52954952Seivind if (error == 0) 53053541Sshin in6_sin_2_v4mapsin6_in_sock(nam); 531221247Sbz } else 532221247Sbz#endif 533221247Sbz { 534169462Srwatson /* scope issues will be handled in in6_getsockaddr(). */ 535169462Srwatson error = in6_getsockaddr(so, nam); 536120913Sume } 53753541Sshin 53853541Sshin return error; 53953541Sshin} 54053541Sshin 54153541Sshinint 54253541Sshinin6_mapped_peeraddr(struct socket *so, struct sockaddr **nam) 54353541Sshin{ 544157673Srwatson struct inpcb *inp; 54553541Sshin int error; 54653541Sshin 547157673Srwatson inp = sotoinpcb(so); 548157673Srwatson KASSERT(inp != NULL, ("in6_mapped_peeraddr: inp == NULL")); 549157673Srwatson 550221247Sbz#ifdef INET 551124332Sume if ((inp->inp_vflag & (INP_IPV4 | INP_IPV6)) == INP_IPV4) { 552169462Srwatson error = in_getpeeraddr(so, nam); 55354952Seivind if (error == 0) 55453541Sshin in6_sin_2_v4mapsin6_in_sock(nam); 55553541Sshin } else 556221247Sbz#endif 557169462Srwatson /* scope issues will be handled in in6_getpeeraddr(). */ 558169462Srwatson error = in6_getpeeraddr(so, nam); 55953541Sshin 56053541Sshin return error; 56153541Sshin} 56253541Sshin 56353541Sshin/* 56453541Sshin * Pass some notification to all connections of a protocol 56553541Sshin * associated with address dst. The local address and/or port numbers 56653541Sshin * may be specified to limit the search. The "usual action" will be 56753541Sshin * taken, depending on the ctlinput cmd. The caller must filter any 56853541Sshin * cmds that are uninteresting (e.g., no error in the map). 56953541Sshin * Call the protocol specific routine (if any) to report 57053541Sshin * any errors for each matching socket. 57153541Sshin */ 57253541Sshinvoid 573171259Sdelphijin6_pcbnotify(struct inpcbinfo *pcbinfo, struct sockaddr *dst, 574171259Sdelphij u_int fport_arg, const struct sockaddr *src, u_int lport_arg, 575171259Sdelphij int cmd, void *cmdarg, 576175162Sobrien struct inpcb *(*notify)(struct inpcb *, int)) 57753541Sshin{ 578177961Srwatson struct inpcb *inp, *inp_temp; 57978064Sume struct sockaddr_in6 sa6_src, *sa6_dst; 58053541Sshin u_short fport = fport_arg, lport = lport_arg; 58178064Sume u_int32_t flowinfo; 582157673Srwatson int errno; 58353541Sshin 584119995Sru if ((unsigned)cmd >= PRC_NCMDS || dst->sa_family != AF_INET6) 58553541Sshin return; 58678064Sume 58778064Sume sa6_dst = (struct sockaddr_in6 *)dst; 58878064Sume if (IN6_IS_ADDR_UNSPECIFIED(&sa6_dst->sin6_addr)) 58953541Sshin return; 59053541Sshin 59153541Sshin /* 59278064Sume * note that src can be NULL when we get notify by local fragmentation. 59378064Sume */ 59491346Salfred sa6_src = (src == NULL) ? sa6_any : *(const struct sockaddr_in6 *)src; 59578064Sume flowinfo = sa6_src.sin6_flowinfo; 59678064Sume 59778064Sume /* 59853541Sshin * Redirects go to all references to the destination, 59962587Sitojun * and use in6_rtchange to invalidate the route cache. 60062587Sitojun * Dead host indications: also use in6_rtchange to invalidate 60162587Sitojun * the cache, and deliver the error to all the sockets. 60253541Sshin * Otherwise, if we have knowledge of the local port and address, 60353541Sshin * deliver only to that socket. 60453541Sshin */ 60553541Sshin if (PRC_IS_REDIRECT(cmd) || cmd == PRC_HOSTDEAD) { 60653541Sshin fport = 0; 60753541Sshin lport = 0; 60878064Sume bzero((caddr_t)&sa6_src.sin6_addr, sizeof(sa6_src.sin6_addr)); 60962587Sitojun 61078064Sume if (cmd != PRC_HOSTDEAD) 61178064Sume notify = in6_rtchange; 61253541Sshin } 61353541Sshin errno = inet6ctlerrmap[cmd]; 614133192Srwatson INP_INFO_WLOCK(pcbinfo); 615177961Srwatson LIST_FOREACH_SAFE(inp, pcbinfo->ipi_listhead, inp_list, inp_temp) { 616178285Srwatson INP_WLOCK(inp); 617171260Sdelphij if ((inp->inp_vflag & INP_IPV6) == 0) { 618178285Srwatson INP_WUNLOCK(inp); 61953541Sshin continue; 620133192Srwatson } 62162587Sitojun 62278064Sume /* 623125776Sume * If the error designates a new path MTU for a destination 624125776Sume * and the application (associated with this socket) wanted to 625279911Sae * know the value, notify. 626125776Sume * XXX: should we avoid to notify the value to TCP sockets? 627125776Sume */ 628279911Sae if (cmd == PRC_MSGSIZE && cmdarg != NULL) 629125776Sume ip6_notify_pmtu(inp, (struct sockaddr_in6 *)dst, 630279911Sae *(u_int32_t *)cmdarg); 631125776Sume 632125776Sume /* 63378064Sume * Detect if we should notify the error. If no source and 63478064Sume * destination ports are specifed, but non-zero flowinfo and 63578064Sume * local address match, notify the error. This is the case 63678064Sume * when the error is delivered with an encrypted buffer 63778064Sume * by ESP. Otherwise, just compare addresses and ports 63878064Sume * as usual. 63978064Sume */ 64078064Sume if (lport == 0 && fport == 0 && flowinfo && 64178064Sume inp->inp_socket != NULL && 642186141Sbz flowinfo == (inp->inp_flow & IPV6_FLOWLABEL_MASK) && 64378064Sume IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, &sa6_src.sin6_addr)) 64478064Sume goto do_notify; 64578064Sume else if (!IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, 64678064Sume &sa6_dst->sin6_addr) || 64778064Sume inp->inp_socket == 0 || 64878064Sume (lport && inp->inp_lport != lport) || 64978064Sume (!IN6_IS_ADDR_UNSPECIFIED(&sa6_src.sin6_addr) && 65078064Sume !IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, 65178064Sume &sa6_src.sin6_addr)) || 652133192Srwatson (fport && inp->inp_fport != fport)) { 653178285Srwatson INP_WUNLOCK(inp); 65453541Sshin continue; 655133192Srwatson } 65662587Sitojun 65778064Sume do_notify: 658134121Srwatson if (notify) { 659134121Srwatson if ((*notify)(inp, errno)) 660178285Srwatson INP_WUNLOCK(inp); 661134121Srwatson } else 662178285Srwatson INP_WUNLOCK(inp); 66353541Sshin } 664133192Srwatson INP_INFO_WUNLOCK(pcbinfo); 66553541Sshin} 66653541Sshin 66753541Sshin/* 668222488Srwatson * Lookup a PCB based on the local address and port. Caller must hold the 669222488Srwatson * hash lock. No inpcb locks or references are acquired. 67053541Sshin */ 67153541Sshinstruct inpcb * 672171259Sdelphijin6_pcblookup_local(struct inpcbinfo *pcbinfo, struct in6_addr *laddr, 673222215Srwatson u_short lport, int lookupflags, struct ucred *cred) 67453541Sshin{ 67553541Sshin register struct inpcb *inp; 67653541Sshin int matchwild = 3, wildcard; 67753541Sshin 678222215Srwatson KASSERT((lookupflags & ~(INPLOOKUP_WILDCARD)) == 0, 679222215Srwatson ("%s: invalid lookup flags %d", __func__, lookupflags)); 680222215Srwatson 681222488Srwatson INP_HASH_WLOCK_ASSERT(pcbinfo); 682158011Srwatson 683222215Srwatson if ((lookupflags & INPLOOKUP_WILDCARD) == 0) { 68453541Sshin struct inpcbhead *head; 68553541Sshin /* 68653541Sshin * Look for an unconnected (wildcard foreign addr) PCB that 68753541Sshin * matches the local address and port we're looking for. 68853541Sshin */ 689169154Srwatson head = &pcbinfo->ipi_hashbase[INP_PCBHASH(INADDR_ANY, lport, 690169154Srwatson 0, pcbinfo->ipi_hashmask)]; 69153541Sshin LIST_FOREACH(inp, head, inp_hash) { 692185435Sbz /* XXX inp locking */ 69354952Seivind if ((inp->inp_vflag & INP_IPV6) == 0) 69453541Sshin continue; 69553541Sshin if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) && 69653541Sshin IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr) && 69753541Sshin inp->inp_lport == lport) { 698185435Sbz /* Found. */ 699185435Sbz if (cred == NULL || 700192895Sjamie prison_equal_ip6(cred->cr_prison, 701192895Sjamie inp->inp_cred->cr_prison)) 702185435Sbz return (inp); 70353541Sshin } 70453541Sshin } 70553541Sshin /* 70653541Sshin * Not found. 70753541Sshin */ 70853541Sshin return (NULL); 70953541Sshin } else { 71053541Sshin struct inpcbporthead *porthash; 71153541Sshin struct inpcbport *phd; 71253541Sshin struct inpcb *match = NULL; 71353541Sshin /* 71453541Sshin * Best fit PCB lookup. 71553541Sshin * 71653541Sshin * First see if this local port is in use by looking on the 71753541Sshin * port hash list. 71853541Sshin */ 719169154Srwatson porthash = &pcbinfo->ipi_porthashbase[INP_PCBPORTHASH(lport, 720169154Srwatson pcbinfo->ipi_porthashmask)]; 72153541Sshin LIST_FOREACH(phd, porthash, phd_hash) { 72253541Sshin if (phd->phd_port == lport) 72353541Sshin break; 72453541Sshin } 72553541Sshin if (phd != NULL) { 72653541Sshin /* 72753541Sshin * Port is in use by one or more PCBs. Look for best 72853541Sshin * fit. 72953541Sshin */ 73053541Sshin LIST_FOREACH(inp, &phd->phd_pcblist, inp_portlist) { 73153541Sshin wildcard = 0; 732185435Sbz if (cred != NULL && 733192895Sjamie !prison_equal_ip6(cred->cr_prison, 734192895Sjamie inp->inp_cred->cr_prison)) 735185435Sbz continue; 736185435Sbz /* XXX inp locking */ 73754952Seivind if ((inp->inp_vflag & INP_IPV6) == 0) 73853541Sshin continue; 73953541Sshin if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr)) 74053541Sshin wildcard++; 74153541Sshin if (!IN6_IS_ADDR_UNSPECIFIED( 74253541Sshin &inp->in6p_laddr)) { 74353541Sshin if (IN6_IS_ADDR_UNSPECIFIED(laddr)) 74453541Sshin wildcard++; 74553541Sshin else if (!IN6_ARE_ADDR_EQUAL( 746185435Sbz &inp->in6p_laddr, laddr)) 74753541Sshin continue; 74853541Sshin } else { 74953541Sshin if (!IN6_IS_ADDR_UNSPECIFIED(laddr)) 75053541Sshin wildcard++; 75153541Sshin } 75253541Sshin if (wildcard < matchwild) { 75353541Sshin match = inp; 75453541Sshin matchwild = wildcard; 755185435Sbz if (matchwild == 0) 75653541Sshin break; 75753541Sshin } 75853541Sshin } 75953541Sshin } 76053541Sshin return (match); 76153541Sshin } 76253541Sshin} 76353541Sshin 76481127Sumevoid 765171259Sdelphijin6_pcbpurgeif0(struct inpcbinfo *pcbinfo, struct ifnet *ifp) 76681127Sume{ 767186141Sbz struct inpcb *in6p; 76881127Sume struct ip6_moptions *im6o; 769191672Sbms int i, gap; 77081127Sume 771309108Sjch INP_INFO_WLOCK(pcbinfo); 772169154Srwatson LIST_FOREACH(in6p, pcbinfo->ipi_listhead, inp_list) { 773178285Srwatson INP_WLOCK(in6p); 77481127Sume im6o = in6p->in6p_moptions; 775191672Sbms if ((in6p->inp_vflag & INP_IPV6) && im6o != NULL) { 77681127Sume /* 777191672Sbms * Unselect the outgoing ifp for multicast if it 778191672Sbms * is being detached. 77981127Sume */ 78081127Sume if (im6o->im6o_multicast_ifp == ifp) 78181127Sume im6o->im6o_multicast_ifp = NULL; 78281127Sume /* 78381127Sume * Drop multicast group membership if we joined 78481127Sume * through the interface being detached. 78581127Sume */ 786191672Sbms gap = 0; 787191672Sbms for (i = 0; i < im6o->im6o_num_memberships; i++) { 788191672Sbms if (im6o->im6o_membership[i]->in6m_ifp == 789191672Sbms ifp) { 790191672Sbms in6_mc_leave(im6o->im6o_membership[i], 791191672Sbms NULL); 792191672Sbms gap++; 793191672Sbms } else if (gap != 0) { 794191672Sbms im6o->im6o_membership[i - gap] = 795191672Sbms im6o->im6o_membership[i]; 79681127Sume } 79781127Sume } 798191672Sbms im6o->im6o_num_memberships -= gap; 79981127Sume } 800178285Srwatson INP_WUNLOCK(in6p); 80181127Sume } 802309108Sjch INP_INFO_WUNLOCK(pcbinfo); 80381127Sume} 80481127Sume 80553541Sshin/* 80653541Sshin * Check for alternatives when higher level complains 80753541Sshin * about service problems. For now, invalidate cached 80853541Sshin * routing information. If the route was created dynamically 80953541Sshin * (by a redirect), time to try a default gateway again. 81053541Sshin */ 81153541Sshinvoid 812171259Sdelphijin6_losing(struct inpcb *in6p) 81353541Sshin{ 814171259Sdelphij 815122922Sandre /* 816122922Sandre * We don't store route pointers in the routing table anymore 817122922Sandre */ 818122922Sandre return; 81953541Sshin} 82053541Sshin 82153541Sshin/* 82253541Sshin * After a routing change, flush old routing 82353541Sshin * and allocate a (hopefully) better one. 82453541Sshin */ 82598211Shsustruct inpcb * 826171259Sdelphijin6_rtchange(struct inpcb *inp, int errno) 82753541Sshin{ 828122922Sandre /* 829122922Sandre * We don't store route pointers in the routing table anymore 830122922Sandre */ 83198211Shsu return inp; 83253541Sshin} 83353541Sshin 834222748Srwatson#ifdef PCBGROUP 83553541Sshin/* 836222748Srwatson * Lookup PCB in hash list, using pcbgroup tables. 837222748Srwatson */ 838222748Srwatsonstatic struct inpcb * 839222748Srwatsonin6_pcblookup_group(struct inpcbinfo *pcbinfo, struct inpcbgroup *pcbgroup, 840222748Srwatson struct in6_addr *faddr, u_int fport_arg, struct in6_addr *laddr, 841222748Srwatson u_int lport_arg, int lookupflags, struct ifnet *ifp) 842222748Srwatson{ 843222748Srwatson struct inpcbhead *head; 844222748Srwatson struct inpcb *inp, *tmpinp; 845222748Srwatson u_short fport = fport_arg, lport = lport_arg; 846222748Srwatson int faith; 847222748Srwatson 848222748Srwatson if (faithprefix_p != NULL) 849222748Srwatson faith = (*faithprefix_p)(laddr); 850222748Srwatson else 851222748Srwatson faith = 0; 852222748Srwatson 853222748Srwatson /* 854222748Srwatson * First look for an exact match. 855222748Srwatson */ 856222748Srwatson tmpinp = NULL; 857222748Srwatson INP_GROUP_LOCK(pcbgroup); 858222748Srwatson head = &pcbgroup->ipg_hashbase[ 859222748Srwatson INP_PCBHASH(faddr->s6_addr32[3] /* XXX */, lport, fport, 860222748Srwatson pcbgroup->ipg_hashmask)]; 861222748Srwatson LIST_FOREACH(inp, head, inp_pcbgrouphash) { 862222748Srwatson /* XXX inp locking */ 863222748Srwatson if ((inp->inp_vflag & INP_IPV6) == 0) 864222748Srwatson continue; 865222748Srwatson if (IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, faddr) && 866222748Srwatson IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr) && 867222748Srwatson inp->inp_fport == fport && 868222748Srwatson inp->inp_lport == lport) { 869222748Srwatson /* 870222748Srwatson * XXX We should be able to directly return 871222748Srwatson * the inp here, without any checks. 872222748Srwatson * Well unless both bound with SO_REUSEPORT? 873222748Srwatson */ 874222748Srwatson if (prison_flag(inp->inp_cred, PR_IP6)) 875222748Srwatson goto found; 876222748Srwatson if (tmpinp == NULL) 877222748Srwatson tmpinp = inp; 878222748Srwatson } 879222748Srwatson } 880222748Srwatson if (tmpinp != NULL) { 881222748Srwatson inp = tmpinp; 882222748Srwatson goto found; 883222748Srwatson } 884222748Srwatson 885222748Srwatson /* 886222748Srwatson * Then look for a wildcard match, if requested. 887222748Srwatson */ 888222748Srwatson if ((lookupflags & INPLOOKUP_WILDCARD) != 0) { 889222748Srwatson struct inpcb *local_wild = NULL, *local_exact = NULL; 890222748Srwatson struct inpcb *jail_wild = NULL; 891222748Srwatson int injail; 892222748Srwatson 893222748Srwatson /* 894222748Srwatson * Order of socket selection - we always prefer jails. 895222748Srwatson * 1. jailed, non-wild. 896222748Srwatson * 2. jailed, wild. 897222748Srwatson * 3. non-jailed, non-wild. 898222748Srwatson * 4. non-jailed, wild. 899222748Srwatson */ 900222748Srwatson head = &pcbinfo->ipi_wildbase[INP_PCBHASH(INADDR_ANY, lport, 901222748Srwatson 0, pcbinfo->ipi_wildmask)]; 902222748Srwatson LIST_FOREACH(inp, head, inp_pcbgroup_wild) { 903222748Srwatson /* XXX inp locking */ 904222748Srwatson if ((inp->inp_vflag & INP_IPV6) == 0) 905222748Srwatson continue; 906222748Srwatson 907222748Srwatson if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) || 908222748Srwatson inp->inp_lport != lport) { 909222748Srwatson continue; 910222748Srwatson } 911222748Srwatson 912222748Srwatson /* XXX inp locking */ 913222748Srwatson if (faith && (inp->inp_flags & INP_FAITH) == 0) 914222748Srwatson continue; 915222748Srwatson 916222748Srwatson injail = prison_flag(inp->inp_cred, PR_IP6); 917222748Srwatson if (injail) { 918222748Srwatson if (prison_check_ip6(inp->inp_cred, 919222748Srwatson laddr) != 0) 920222748Srwatson continue; 921222748Srwatson } else { 922222748Srwatson if (local_exact != NULL) 923222748Srwatson continue; 924222748Srwatson } 925222748Srwatson 926222748Srwatson if (IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr)) { 927222748Srwatson if (injail) 928222748Srwatson goto found; 929222748Srwatson else 930222748Srwatson local_exact = inp; 931222748Srwatson } else if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { 932222748Srwatson if (injail) 933222748Srwatson jail_wild = inp; 934222748Srwatson else 935222748Srwatson local_wild = inp; 936222748Srwatson } 937222748Srwatson } /* LIST_FOREACH */ 938222748Srwatson 939222748Srwatson inp = jail_wild; 940222748Srwatson if (inp == NULL) 941222748Srwatson inp = jail_wild; 942222748Srwatson if (inp == NULL) 943222748Srwatson inp = local_exact; 944222748Srwatson if (inp == NULL) 945222748Srwatson inp = local_wild; 946222748Srwatson if (inp != NULL) 947222748Srwatson goto found; 948222748Srwatson } /* if ((lookupflags & INPLOOKUP_WILDCARD) != 0) */ 949222748Srwatson INP_GROUP_UNLOCK(pcbgroup); 950222748Srwatson return (NULL); 951222748Srwatson 952222748Srwatsonfound: 953222748Srwatson in_pcbref(inp); 954222748Srwatson INP_GROUP_UNLOCK(pcbgroup); 955222748Srwatson if (lookupflags & INPLOOKUP_WLOCKPCB) { 956222748Srwatson INP_WLOCK(inp); 957222748Srwatson if (in_pcbrele_wlocked(inp)) 958222748Srwatson return (NULL); 959222748Srwatson } else if (lookupflags & INPLOOKUP_RLOCKPCB) { 960222748Srwatson INP_RLOCK(inp); 961222748Srwatson if (in_pcbrele_rlocked(inp)) 962222748Srwatson return (NULL); 963222748Srwatson } else 964222748Srwatson panic("%s: locking buf", __func__); 965222748Srwatson return (inp); 966222748Srwatson} 967222748Srwatson#endif /* PCBGROUP */ 968222748Srwatson 969222748Srwatson/* 97053541Sshin * Lookup PCB in hash list. 97153541Sshin */ 97253541Sshinstruct inpcb * 973222488Srwatsonin6_pcblookup_hash_locked(struct inpcbinfo *pcbinfo, struct in6_addr *faddr, 974222488Srwatson u_int fport_arg, struct in6_addr *laddr, u_int lport_arg, 975222488Srwatson int lookupflags, struct ifnet *ifp) 97653541Sshin{ 97753541Sshin struct inpcbhead *head; 978185435Sbz struct inpcb *inp, *tmpinp; 97953541Sshin u_short fport = fport_arg, lport = lport_arg; 98078064Sume int faith; 98153541Sshin 982222215Srwatson KASSERT((lookupflags & ~(INPLOOKUP_WILDCARD)) == 0, 983222215Srwatson ("%s: invalid lookup flags %d", __func__, lookupflags)); 984222215Srwatson 985222488Srwatson INP_HASH_LOCK_ASSERT(pcbinfo); 986158011Srwatson 98783934Sbrooks if (faithprefix_p != NULL) 98883934Sbrooks faith = (*faithprefix_p)(laddr); 98983934Sbrooks else 99083934Sbrooks faith = 0; 99178064Sume 99253541Sshin /* 99353541Sshin * First look for an exact match. 99453541Sshin */ 995185435Sbz tmpinp = NULL; 996169154Srwatson head = &pcbinfo->ipi_hashbase[ 997169154Srwatson INP_PCBHASH(faddr->s6_addr32[3] /* XXX */, lport, fport, 998169154Srwatson pcbinfo->ipi_hashmask)]; 99954263Sshin LIST_FOREACH(inp, head, inp_hash) { 1000185435Sbz /* XXX inp locking */ 100154952Seivind if ((inp->inp_vflag & INP_IPV6) == 0) 100253541Sshin continue; 100353541Sshin if (IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, faddr) && 100453541Sshin IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr) && 100553541Sshin inp->inp_fport == fport && 100653541Sshin inp->inp_lport == lport) { 100753541Sshin /* 1008185435Sbz * XXX We should be able to directly return 1009185435Sbz * the inp here, without any checks. 1010185435Sbz * Well unless both bound with SO_REUSEPORT? 101153541Sshin */ 1012192895Sjamie if (prison_flag(inp->inp_cred, PR_IP6)) 1013185435Sbz return (inp); 1014185435Sbz if (tmpinp == NULL) 1015185435Sbz tmpinp = inp; 101653541Sshin } 101753541Sshin } 1018185435Sbz if (tmpinp != NULL) 1019185435Sbz return (tmpinp); 102053541Sshin 1021185435Sbz /* 1022185435Sbz * Then look for a wildcard match, if requested. 1023185435Sbz */ 1024222215Srwatson if ((lookupflags & INPLOOKUP_WILDCARD) != 0) { 1025185435Sbz struct inpcb *local_wild = NULL, *local_exact = NULL; 1026185435Sbz struct inpcb *jail_wild = NULL; 1027185435Sbz int injail; 1028185435Sbz 1029185435Sbz /* 1030185435Sbz * Order of socket selection - we always prefer jails. 1031185435Sbz * 1. jailed, non-wild. 1032185435Sbz * 2. jailed, wild. 1033185435Sbz * 3. non-jailed, non-wild. 1034185435Sbz * 4. non-jailed, wild. 1035185435Sbz */ 1036169154Srwatson head = &pcbinfo->ipi_hashbase[INP_PCBHASH(INADDR_ANY, lport, 1037169154Srwatson 0, pcbinfo->ipi_hashmask)]; 103854263Sshin LIST_FOREACH(inp, head, inp_hash) { 1039185435Sbz /* XXX inp locking */ 104054952Seivind if ((inp->inp_vflag & INP_IPV6) == 0) 104153541Sshin continue; 1042185435Sbz 1043185435Sbz if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) || 1044185435Sbz inp->inp_lport != lport) { 1045185435Sbz continue; 1046185435Sbz } 1047185435Sbz 1048185435Sbz /* XXX inp locking */ 1049185435Sbz if (faith && (inp->inp_flags & INP_FAITH) == 0) 1050185435Sbz continue; 1051185435Sbz 1052192895Sjamie injail = prison_flag(inp->inp_cred, PR_IP6); 1053185435Sbz if (injail) { 1054188144Sjamie if (prison_check_ip6(inp->inp_cred, 1055188144Sjamie laddr) != 0) 105653541Sshin continue; 1057185435Sbz } else { 1058185435Sbz if (local_exact != NULL) 1059185435Sbz continue; 1060185435Sbz } 1061185435Sbz 1062185435Sbz if (IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr)) { 1063185435Sbz if (injail) 106453541Sshin return (inp); 1065185435Sbz else 1066185435Sbz local_exact = inp; 1067185435Sbz } else if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { 1068185435Sbz if (injail) 1069185435Sbz jail_wild = inp; 1070185435Sbz else 107153541Sshin local_wild = inp; 107253541Sshin } 1073185435Sbz } /* LIST_FOREACH */ 107453541Sshin 1075185435Sbz if (jail_wild != NULL) 1076185435Sbz return (jail_wild); 1077185435Sbz if (local_exact != NULL) 1078185435Sbz return (local_exact); 1079185435Sbz if (local_wild != NULL) 1080185435Sbz return (local_wild); 1081222215Srwatson } /* if ((lookupflags & INPLOOKUP_WILDCARD) != 0) */ 1082185435Sbz 108353541Sshin /* 108453541Sshin * Not found. 108553541Sshin */ 108653541Sshin return (NULL); 108753541Sshin} 108853541Sshin 1089222488Srwatson/* 1090222488Srwatson * Lookup PCB in hash list, using pcbinfo tables. This variation locks the 1091222488Srwatson * hash list lock, and will return the inpcb locked (i.e., requires 1092222488Srwatson * INPLOOKUP_LOCKPCB). 1093222488Srwatson */ 1094222488Srwatsonstatic struct inpcb * 1095222488Srwatsonin6_pcblookup_hash(struct inpcbinfo *pcbinfo, struct in6_addr *faddr, 1096222488Srwatson u_int fport, struct in6_addr *laddr, u_int lport, int lookupflags, 1097222488Srwatson struct ifnet *ifp) 1098222488Srwatson{ 1099222488Srwatson struct inpcb *inp; 1100222488Srwatson 1101222488Srwatson INP_HASH_RLOCK(pcbinfo); 1102222488Srwatson inp = in6_pcblookup_hash_locked(pcbinfo, faddr, fport, laddr, lport, 1103222488Srwatson (lookupflags & ~(INPLOOKUP_RLOCKPCB | INPLOOKUP_WLOCKPCB)), ifp); 1104222488Srwatson if (inp != NULL) { 1105222488Srwatson in_pcbref(inp); 1106222488Srwatson INP_HASH_RUNLOCK(pcbinfo); 1107222488Srwatson if (lookupflags & INPLOOKUP_WLOCKPCB) { 1108222488Srwatson INP_WLOCK(inp); 1109222488Srwatson if (in_pcbrele_wlocked(inp)) 1110222488Srwatson return (NULL); 1111222488Srwatson } else if (lookupflags & INPLOOKUP_RLOCKPCB) { 1112222488Srwatson INP_RLOCK(inp); 1113222488Srwatson if (in_pcbrele_rlocked(inp)) 1114222488Srwatson return (NULL); 1115222488Srwatson } else 1116222488Srwatson panic("%s: locking bug", __func__); 1117222488Srwatson } else 1118222488Srwatson INP_HASH_RUNLOCK(pcbinfo); 1119222488Srwatson return (inp); 1120222488Srwatson} 1121222488Srwatson 1122222488Srwatson/* 1123222691Srwatson * Public inpcb lookup routines, accepting a 4-tuple, and optionally, an mbuf 1124222691Srwatson * from which a pre-calculated hash value may be extracted. 1125222748Srwatson * 1126222748Srwatson * Possibly more of this logic should be in in6_pcbgroup.c. 1127222488Srwatson */ 1128222488Srwatsonstruct inpcb * 1129222488Srwatsonin6_pcblookup(struct inpcbinfo *pcbinfo, struct in6_addr *faddr, u_int fport, 1130222488Srwatson struct in6_addr *laddr, u_int lport, int lookupflags, struct ifnet *ifp) 1131222488Srwatson{ 1132222748Srwatson#if defined(PCBGROUP) 1133222748Srwatson struct inpcbgroup *pcbgroup; 1134222748Srwatson#endif 1135222748Srwatson 1136222691Srwatson KASSERT((lookupflags & ~INPLOOKUP_MASK) == 0, 1137222691Srwatson ("%s: invalid lookup flags %d", __func__, lookupflags)); 1138222691Srwatson KASSERT((lookupflags & (INPLOOKUP_RLOCKPCB | INPLOOKUP_WLOCKPCB)) != 0, 1139222691Srwatson ("%s: LOCKPCB not set", __func__)); 1140222488Srwatson 1141222748Srwatson#if defined(PCBGROUP) 1142222748Srwatson if (in_pcbgroup_enabled(pcbinfo)) { 1143222748Srwatson pcbgroup = in6_pcbgroup_bytuple(pcbinfo, laddr, lport, faddr, 1144222748Srwatson fport); 1145222748Srwatson return (in6_pcblookup_group(pcbinfo, pcbgroup, faddr, fport, 1146222748Srwatson laddr, lport, lookupflags, ifp)); 1147222748Srwatson } 1148222748Srwatson#endif 1149222691Srwatson return (in6_pcblookup_hash(pcbinfo, faddr, fport, laddr, lport, 1150222691Srwatson lookupflags, ifp)); 1151222691Srwatson} 1152222691Srwatson 1153222691Srwatsonstruct inpcb * 1154222691Srwatsonin6_pcblookup_mbuf(struct inpcbinfo *pcbinfo, struct in6_addr *faddr, 1155222691Srwatson u_int fport, struct in6_addr *laddr, u_int lport, int lookupflags, 1156222691Srwatson struct ifnet *ifp, struct mbuf *m) 1157222691Srwatson{ 1158222748Srwatson#ifdef PCBGROUP 1159222748Srwatson struct inpcbgroup *pcbgroup; 1160222748Srwatson#endif 1161222748Srwatson 1162222488Srwatson KASSERT((lookupflags & ~INPLOOKUP_MASK) == 0, 1163222488Srwatson ("%s: invalid lookup flags %d", __func__, lookupflags)); 1164222488Srwatson KASSERT((lookupflags & (INPLOOKUP_RLOCKPCB | INPLOOKUP_WLOCKPCB)) != 0, 1165222488Srwatson ("%s: LOCKPCB not set", __func__)); 1166222488Srwatson 1167222748Srwatson#ifdef PCBGROUP 1168222748Srwatson if (in_pcbgroup_enabled(pcbinfo)) { 1169222748Srwatson pcbgroup = in6_pcbgroup_byhash(pcbinfo, M_HASHTYPE_GET(m), 1170222748Srwatson m->m_pkthdr.flowid); 1171222748Srwatson if (pcbgroup != NULL) 1172222748Srwatson return (in6_pcblookup_group(pcbinfo, pcbgroup, faddr, 1173222748Srwatson fport, laddr, lport, lookupflags, ifp)); 1174222748Srwatson pcbgroup = in6_pcbgroup_bytuple(pcbinfo, laddr, lport, faddr, 1175222748Srwatson fport); 1176222748Srwatson return (in6_pcblookup_group(pcbinfo, pcbgroup, faddr, fport, 1177222748Srwatson laddr, lport, lookupflags, ifp)); 1178222748Srwatson } 1179222748Srwatson#endif 1180222488Srwatson return (in6_pcblookup_hash(pcbinfo, faddr, fport, laddr, lport, 1181222488Srwatson lookupflags, ifp)); 1182222488Srwatson} 1183222488Srwatson 118453541Sshinvoid 118553541Sshininit_sin6(struct sockaddr_in6 *sin6, struct mbuf *m) 118653541Sshin{ 118753541Sshin struct ip6_hdr *ip; 118853541Sshin 118953541Sshin ip = mtod(m, struct ip6_hdr *); 119053541Sshin bzero(sin6, sizeof(*sin6)); 119153541Sshin sin6->sin6_len = sizeof(*sin6); 119253541Sshin sin6->sin6_family = AF_INET6; 119353541Sshin sin6->sin6_addr = ip->ip6_src; 119453541Sshin 1195148385Sume (void)sa6_recoverscope(sin6); /* XXX: should catch errors... */ 1196148385Sume 119753541Sshin return; 119853541Sshin} 1199