| blob | 17cb6b58b6f352e479a52ce1680f9fa104416cdd |
1 /* LWIP service - ifaddr.c - network interface address management */
2 /*
3 * This module is an exception to the regular source organization of this
4 * service, in that it manages part of another module's data structures, namely
5 * ifdev. As such, it should be seen as logically part of ifdev. It is
6 * separated only to keep the source code more manageable. Still, this module
7 * may use direct access only on the address-related fields of the ifdev
8 * structure, so that those one day may be move into an ifaddr-specific
9 * substructure within ifdev.
10 */
11 /*
12 * We manage three types of addresses here: IPv4 addresses (ifaddr_v4),
13 * IPv6 addresses (ifaddr_v6), and link-layer a.k.a. MAC addresses (ifaddr_dl).
14 *
15 * Managing IPv4 addresses is easy. lwIP supports only one IPv4 address per
16 * netif. While it would be possible to construct a model where one ifdev
17 * consists of multiple netifs (with one IPv4 address each), we not support
18 * this--mostly because it is a pain to keep state synchronized between the
19 * netifs in that case. Such support can still be added later; the IPv4 API
20 * exposed from here does support multiple IPv4 addresses already just in case,
21 * as does much of the code using the API.
22 *
23 * For IPv4 addresses we maintain only one extra piece of information here,
24 * which is whether an IPv4 address has been set at all. This is because for
25 * our userland (DHCP clients in particular), we must allow assigning 0.0.0.0
26 * as address to an interface. We do not use the lwIP per-netif IPv4 gateway
27 * field, nor the concept of a "default netif", in both cases because we
28 * override all (routing) decisions that would use those settings. lwIP does
29 * not allow a broadcast address to be set, so support for broadcast addresses
30 * is botched here: we disregard custom broadcast addresses given to us, and
31 * instead expose the broadcast address that is used within lwIP.
32 *
33 * Managing IPv6 addresses is much more complicated. First of all, even though
34 * lwIP supports stateless address autoconfiguration (SLAAC) as per RFC 4862,
35 * we disable that and instead make dhcpcd(8) responsible for all IPv6 address
36 * configuration. dhcpcd(8) will set addresses and routes as necessary, the
37 * latter of which are used in lwIP through our routing hooks (in the route
38 * module). This approach, which is in line with where NetBSD is headed,
39 * allows us to work around a number of lwIP limitations. As a result we do
40 * differ in this respect from NetBSD, which may switch between kernel-only,
41 * dhcpcd-only, and hybrid autoconfiguration, mainly throught the accept_rtadv
42 * sysctl(7) node. Writing to this node has no real effect on MINIX 3.
43 *
44 * All IPv6 addresses have a prefix length, which is almost but not quite the
45 * same as IPv4's subnet masks (see RFC 5942). We must maintain the per-
46 * address prefix length ourselves, as lwIP supports IPv6 prefix lengths of 64
47 * bits only. Our dhcpcd(8)-based approach allows us to work around that.
48 *
49 * All IPv6 addresses also have a state and a lifetime, both of which are
50 * managed by lwIP. Unlike for IPv4, address-derived routes and routing socket
51 * messages are only created for addresses that are "valid", which means that
52 * they are in either PREFERRED or DEPRECATED state. This means that we have
53 * to be aware of all address state transitions between "valid" and "not
54 * valid", some of which (namely address duplication detection and lifetime
55 * expirations) are initiated by lwIP. As such, we need to keep shadow state
56 * for each address, and use a callback to detect whether state has changed.
57 *
58 * For understanding of this module as well as lwIP, it is important to note
59 * that "valid" is not the opposite of "invalid" in this context: "not valid"
60 * includes the address states INVALID, DUPLICATED, and TENTATIVE, while
61 * "invalid"/INVALID simply means that the address slot is free.
62 *
63 * Each IPv6 address also has associated flags. We support an AUTOCONF flag
64 * which indicates that no subnet route should be added for the address; on
65 * MINIX 3, dhcpcd(8) is modified to pass in that flag when appropriate, thus
66 * solving a problem that NetBSD suffers from, namely that it does not know
67 * whether a userland-given route is static (implying a subnet) or auto-
68 * configured (implying no subnet, again as per RFC 5942), leading to it doing
69 * the wrong thing in dhcpcd-only autoconfiguration mode. The TEMPORARY flag,
70 * for privacy addresses (RFC 4941) should be the same as on NetBSD; it is
71 * currently used only in source address selection (RFC 6724). We override
72 * lwIP's IPv6 source address selection algorithm to include support for not
73 * just this flag, but also label and proper longest-common-prefix comparisons.
74 * Finally, there is an HWBASED flag to make sure that when the link-layer
75 * address is changed, the IPv6 link-local address is changed accordingly only
76 * if the previous link-local address was also autogenerated from a link-layer
77 * address and not set manually by userland.
78 *
79 * Finally, we support multiple link-layer addresses per interface, but only
80 * because NetBSD's ifconfig(8) uses an API that expects such multi-address
81 * support. At any time, only one of the addresses is marked as "active",
82 * which means it is used as MAC address in outgoing packets. We support only
83 * one MAC address per device driver, so the support for additional, inactive
84 * link-layer addresses is there exclusively for ifconfig(8) interoperability.
85 *
86 * All interfaces, including those that do not have MAC addresses at all (e.g.,
87 * loopback interfaces), do have one link-layer address. This is expected in
88 * particular by getifaddrs(3), which only recognizes interfaces that have a
89 * link-layer address.
90 *
91 * Many features are still missing here, especially for IP addresses. For
92 * example, we do not yet support destination addresses at all yet, simply
93 * because there is no interface type that uses them. For IPv6, more work is
94 * to be done to support proper netif status transitions versus address states,
95 * fallout from address duplication, and various ND6_IFF_ flags.
96 */
104 #include <netinet6/in6_var.h>
105 #include <netinet6/nd6.h>
107 /*
108 * Routing flags for local address and local network routing entries. This
109 * may later have to be refined, for example in order not to set RTF_CLONING
110 * for routes on interfaces that do not have link-layer addressing.
111 *
112 * IMPORTANT: as of NetBSD 8, RTF_CLONING has been renamed to RTF_CONNECTED.
113 */
114 #define IFADDR_HOST_RTFLAGS (RTF_UP | RTF_HOST | RTF_LOCAL)
115 #define IFADDR_NET_RTFLAGS (RTF_UP | RTF_CLONING)
117 /* Address-related sysctl(7) settings. */
121 /*
122 * Initialize the local address administration for an interface that is in the
123 * process of being created.
124 */
125 void
127 {
137 }
139 /*
140 * Find an IPv4 address locally assigned to a interface. The IPv4 address is
141 * given as 'addr'. The interface is given as 'ifdev'. On success, return OK,
142 * with the IPv4 address number stored in 'num'. On failure, return a negative
143 * error code.
144 */
145 int
148 {
149 ip_addr_t ipaddr;
162 }
164 /*
165 * Enumerate IPv4 addresses locally assigned to the given interface 'ifdev'.
166 * The caller should set 'nump' to 0 initially, and increase it by one between
167 * a successful call and the next enumeration call. Return TRUE on success,
168 * meaning that starting from the given value of 'nump' there is at least one
169 * IPv4 address, of which the number is stored in 'nump' on return. Return
170 * FALSE if there are no more IPv4 addresses locally assigned to the interface.
171 */
172 int
174 {
176 /*
177 * For now, we support only up to one IPv4 address per interface.
178 * set if we are to return it.
179 */
181 }
183 /*
184 * Obtain information about the IPv4 address 'num' assigned to the interface
185 * 'ifdev'. On success, return OK, with the IPv4 address stored in 'addr', the
186 * network mask stored in 'mask', the broadcast stored in 'bcast', and the
187 * destination address stored in 'dest'. Each of these pointers may be NULL.
188 * The interface may not have a broadcast and/or destination address; in that
189 * case, their corresponding structures are not filled in at all, and thus must
190 * be preinitialized by the caller to a default state. The reason for not
191 * zeroing them is that some callers use the same buffer for both. On failure,
192 * return a negative error code.
193 */
194 int
198 {
201 ip_addr_t broad;
202 socklen_t addr_len;
214 }
219 /*
220 * Do not bother using addr_put_netmask() here, as we would
221 * then first have to compute the prefix length..
222 */
225 }
229 /* Fake a broadcast address. */
244 }
245 }
248 /* TODO: dest */
251 }
254 }
256 /*
257 * Obtain NetBSD-style state flags (IN_IFF_) for the given local IPv4 address.
258 * The given number must identify an existing address. Return the flags.
259 */
260 int
262 {
264 /* IPv4 per-address flags are not supported yet. */
266 }
268 /*
269 * Determine whether there should be a local subnet route for the given
270 * assigned IPv4 address, and if so, compute the subnet mask to add. Return
271 * TRUE if a local subnet route should be added, and return the network base
272 * address in 'netbase' and the number of prefix bits in 'prefixp'. Return
273 * FALSE if no subnet route should be added for the assigned address.
274 */
275 static unsigned int
278 {
283 /* Do not add subnet masks for loopback interfaces. */
293 /*
294 * If the subnet is a /32, skip adding a local host route: not only
295 * would it not be useful, it would fail anyway because we currently do
296 * not support adding a host-type route and a full-width net-type route
297 * for the same IP address.
298 */
302 /* Compute the network base address. */
306 /* Find the number of prefix bits of the netmask. TODO: improve.. */
315 }
317 /*
318 * A local IPv4 address has been added to an interface. The interface is given
319 * as 'ifdev', and the number of the just-added IPv4 address is given as 'num'.
320 * Generate a routing socket message and add local routes as appropriate.
321 */
322 static void
324 {
326 ip_addr_t netbase;
332 /* Report the addition of the interface address. */
335 /*
336 * Add the local host route. This will always succeed: for addition,
337 * we just checked with route_can_add(); when updating, we first remove
338 * the exact same route. For now, we forbid users from messing with
339 * RTF_LOCAL routes directly, since nothing good (and a whole lot of
340 * bad) can come out of that, so the routes will not change under us.
341 *
342 * Why are we not using lo0 for this route, like the BSDs do? Because
343 * that approach is not compatible with link-local addresses. Instead,
344 * we intercept outgoing traffic to the local address, and redirect it
345 * over lo0, bypassing routing. If we did not do this, we would never
346 * know the originally intended zone of the outgoing packet. As an
347 * intended side effect, the traffic does show up on lo0 with BPF, just
348 * like on BSDs. Similarly, we do not need to set a gateway here.
349 *
350 * We currently do not use the routing tables for lookups on local
351 * addresses - see ifaddr_v6_map() as to why. If we ever do, that adds
352 * another reason that the interface associated with the route must be
353 * the interface that owns the address (and not, say, lo0).
354 */
360 /*
361 * Add the local network route, if the rules say that we should. Even
362 * then, adding the route may fail for various reasons, but this route
363 * is not essential and so we ignore failures here.
364 */
368 }
370 /*
371 * A particular local IPv4 address is being deleted. See if there is another
372 * local IPv4 address assigned to another interface that should have the same
373 * local subnet route (but didn't, as such duplicate routes can obviously not
374 * be added), and if so, readd the route for that other address.
375 */
376 static void
379 {
381 ip_addr_t netbase;
395 }
396 }
397 }
399 /*
400 * A local IPv4 address is about to be deleted from an interface, or the
401 * interface itself is about to be destroyed. Generate a routing socket
402 * message about this and delete local routes as appropriate. The interface is
403 * given as 'ifdev', and the number of the IPv4 address that is about to be
404 * deleted is given as 'num'.
405 */
406 static void
408 {
410 ip_addr_t netbase;
416 /* Delete the local network route, if we tried adding it at all. */
423 /*
424 * Readd the local network route for another interface, if that
425 * interface has a local address on the very same network.
426 */
428 }
430 /* Delete the local host route. */
435 /* Report the deletion of the interface address. */
437 }
439 /*
440 * Add or update an IPv4 address on an interface. The interface is given as
441 * 'ifdev'. The address to add or update is pointed to by 'addr', which must
442 * always be a pointer to a valid address. For DHCP clients it must be
443 * possible to add the 'any' address (0.0.0.0). The network mask, broadcast
444 * address, and destination address parameters 'mask', 'bcast', and 'dest'
445 * (respectively) may be NULL pointers or pointers to AF_UNSPEC addresses, and
446 * will be disregarded if they are. If 'mask' and/or 'bcast' are NULL when
447 * adding an address, default values will be computed for them. The 'flags'
448 * field may contain NetBSD-style address flags (IN_IFF_). Return OK if the
449 * address was successfully added or updated, or a negative error code if not.
450 */
451 int
455 {
457 ip4_addr_t ip4zero;
469 /* Forbid multicast (class D) and experimental (class E) addresses. */
480 /*
481 * Generate a netmask based on IP class. Old, obsolete stuff,
482 * but we can't have no netmask.
483 */
492 }
500 /*
501 * lwIP does not allow setting the broadcast address, so we
502 * must ensure that the given address is what lwIP uses anyway.
503 * No need to perform byte order swaps here.
504 */
509 }
511 /* TODO: dest (note: may be NULL) */
513 /*
514 * We currently do not support any IPv4 address flags. Even though
515 * supporting them would make maintaining dhcpcd(8) easier, lwIP does
516 * not offers the means to implement them properly.
517 */
523 /* Should we add a new address, or update an existing one? */
526 /*
527 * Add a new address. lwIP supports only one IPv4 address per
528 * netif.
529 */
533 /*
534 * It must be possible to add the address to the routing table,
535 * so make sure that we can add such a route later on. The
536 * error code should be accurate for most real-world cases.
537 */
548 /*
549 * Update an existing address. First report the address as
550 * deleted. Do not actually delete the address in netif,
551 * because that would cause problems with its changing IP
552 * addresses on existing sockets.
553 */
556 /* Update the one part that may have actually changed. */
558 }
560 /* In both cases, we now need to report the address as added. */
564 }
566 /*
567 * Delete an IPv4 address from an interface. The given address number 'num'
568 * must have been obtained from ifaddr_v4_find() or ifaddr_v4_enum() on the
569 * same interface just before. This function always succeeds.
570 */
571 void
573 {
574 ip4_addr_t ip4zero;
579 /*
580 * Report the address as deleted. Always do this first, because the
581 * reporting requires that the address is still there.
582 */
585 /* Then actually delete the address. */
591 }
593 /*
594 * Announce all IPv4 addresses associated with the given interface as deleted,
595 * Used (only) right before the interface is destroyed.
596 */
597 void
599 {
603 }
605 /*
606 * Return the first interface device that owns the given IPv4 address, or NULL
607 * if it is not a valid local IPv4 address.
608 */
611 {
614 /*
615 * It would be nice to be able to do a route lookup on an RTF_LOCAL
616 * entry here, but we do not do this for IPv6 either - see the comment
617 * in ifaddr_v6_map() - and it is much less needed here, because each
618 * interface has at most one IPv4 address.
619 */
623 ip4addr))
625 }
628 }
630 /*
631 * Return the first interface device for which the given IPv4 address is on a
632 * configured local subnet, or NULL if no match was found.
633 */
636 {
643 /*
644 * Here, we must never do a route lookup, because this routine is used
645 * for SO_DONTROUTE/MSG_DONTROUTE.
646 */
658 }
661 }
663 /*
664 * Return TRUE if the given local IPv6 interface address is valid (= preferred
665 * or deprecated), or FALSE if it is not (= tentative or duplicated). The
666 * address slot must be in use, that is, it must not be free (= invalid).
667 */
668 static int
670 {
675 /* Note that 'valid' and 'invalid' are not each other's inverse! */
679 }
681 /*
682 * Find an IPv6 address assigned to the given interface that matches the given
683 * IPv6 address. Return TRUE if a match was found, with its number stored in
684 * 'nump'. Return FALSE if the address is not assigned to the interface.
685 */
686 static int
689 {
700 }
702 /*
703 * Find an IPv6 address locally assigned to a interface. The IPv6 address is
704 * given as 'addr6', and must use KAME-style embedding for zones. The
705 * interface is given as 'ifdev'. On success, return OK, with the IPv6 address
706 * number stored in 'num'. On failure, return a negative error code. This
707 * function also returns tentative and duplicated addresses.
708 */
709 int
712 {
713 ip_addr_t ipaddr;
728 }
730 /*
731 * Enumerate IPv6 addresses locally assigned to the given interface 'ifdev'.
732 * The caller should set 'nump' to 0 initially, and increase it by one between
733 * a successful call and the next enumeration call. Return TRUE on success,
734 * meaning that starting from the given value of 'nump' there is at least one
735 * IPv6 address, of which the number is stored in 'nump' on return. Return
736 * FALSE if there are no more IPv6 addresses locally assigned to the interface.
737 * This function also returns tentative and duplicated address entries.
738 */
739 int
741 {
742 ifaddr_v6_num_t num;
748 }
749 }
752 }
754 /*
755 * Obtain information about the IPv6 address 'num' assigned to the interface
756 * 'ifdev'. Store the IPv6 address in 'addr6', the network mask in 'mask6',
757 * and the destination address in 'dest6'. Each of these pointers may be NULL.
758 * The returned addresses use KAME-style embedding for zones. This function
759 * also returns tentative and duplicated addresses. It always succeeds.
760 */
761 void
765 {
767 socklen_t addr_len;
769 /*
770 * Due to route message generation upon address addition and deletion,
771 * either the ifdev_v6state or the netif state may not yet have been
772 * updated here.
773 */
786 }
793 }
796 /* TODO: dest6 */
799 }
800 }
802 /*
803 * Obtain NetBSD-style state flags (IN6_IFF_) for the given local IPv6 address.
804 * The given number must identify an existing address. Return the flags.
805 */
806 int
808 {
828 }
830 /*
831 * Obtain lifetime information about the given local IPv6 address. The given
832 * 'lifetime' structure is filled as a result. This function always succeeds.
833 */
834 void
837 {
849 /*
850 * Represent 'static' as 'infinite' to userland. This applies only to
851 * link-local addresses, which do not have lifetimes at all.
852 */
856 }
860 /*
861 * TODO: the _vltime and _pltime values filled in here are not correct.
862 * They should be set to the originally assigned values rather than the
863 * current ones. Getting this right would mean we'd have to save the
864 * original values. So far it does not look like userland needs that..
865 */
873 }
875 /*
876 * Determine whether there should be a local subnet route for the given
877 * assigned IPv6 address, and if so, compute the subnet mask to add. Return
878 * TRUE if a local subnet route should be added, and return the network base
879 * address in 'netbase' and the number of prefix bits in 'prefixp'. Return
880 * FALSE if no subnet route should be added for the assigned address.
881 */
882 static unsigned int
885 {
890 /*
891 * A local network route should be added only if all of the following
892 * conditions are met:
893 *
894 * 1) The address is not auto-configured. Autoconfigured addresses do
895 * not have an implied subnet, as explained in RFC 5942.
896 * Consistency with respect to subnet routes is why we do not allow
897 * changing the AUTOCONF flag after an address has been added.
898 * 2) The subnet assignment is not a /128 prefix. Not only would such
899 * a route not be useful, adding it would fail anyway because we
900 * currently do not support adding a host-type route and a
901 * full-width net-type route for the same IP address.
902 * 3) If the interface is a loopback device, the address is not a link-
903 * local address. This appears to be what NetBSD does, but
904 * additional loopback-related exceptions may be needed here.
905 */
916 }
918 /*
919 * A local IPv6 has become valid (preferred or deprecated) after previously
920 * being invalid (tentative, duplicated, or free). Report the addition of the
921 * now-usable address, and add appropriate routes to the IPv6 routing table.
922 *
923 * This function is *not* called immediately when an address is added, but
924 * rather when the address becomes valid (meaning it is no longer tentative,
925 * and thus supposedly collision-free). For that reason, unlike for IPv4, this
926 * function is only ever called indirectly, through the netif status callback.
927 */
928 static void
930 {
932 ip_addr_t base;
936 /* Check the netif as ifdev_v6state is not yet updated here. */
940 /* Report the addition of the interface address. */
943 /*
944 * Add the local host route. This will always succeed. See the IPv4
945 * version of this code for more information.
946 */
952 /*
953 * Add the local network route, if the rules say that we should. Even
954 * then, adding the route may fail for various reasons, but this route
955 * is not essential and so we ignore failures here.
956 */
961 /*
962 * Add the node-local and link-local scope multicast routes. These are
963 * interface-specific rather than address-specific. They are (re)added
964 * for every address, and never deleted until interface destruction.
965 */
978 }
980 /*
981 * A particular local IPv6 address is being deleted. See if there is another
982 * local IPv6 address assigned that should have the same local subnet route
983 * (but didn't, as such duplicate routes can obviously not be added), and if
984 * so, readd the route for that other address, possibly for the same interface.
985 */
986 static void
989 {
991 ip_addr_t netbase;
993 ifaddr_v6_num_t num;
1015 }
1016 }
1017 }
1019 /*
1020 * A local IPv6 has become invalid (tentative, duplicated, or free) after
1021 * previously being valid (preferred or deprecated). Report the deletion of
1022 * the previously-usable address, and remove previously added routes from the
1023 * IPv6 routing table.
1024 *
1025 * This function is not always called for every deleted address: instead, it is
1026 * called only when the address was previously valid, meaning that
1027 * ifaddr_v6_added() was invoked on it before as well. Unlike for IPv4, this
1028 * function is typically called indirectly, through the netif status callback.
1029 */
1030 static void
1032 {
1035 ip_addr_t netbase;
1042 /* Delete the local network route, if we tried adding it at all. */
1049 /*
1050 * Readd the local network route for another interface, if that
1051 * interface has a local address on the very same network.
1052 * Skip scoped (e.g., link-local) addresses, for which the
1053 * routes are unique anyway.
1054 */
1057 }
1059 /* Delete the local host route. */
1063 /* Report the deletion of the interface address. */
1065 }
1067 /*
1068 * Add or update an IPv6 address on an interface. The interface is given as
1069 * 'ifdev'. The IPv6 address to add or update is pointed to by 'addr6', which
1070 * must always be a pointer to a valid address. The network mask is given as
1071 * 'mask6', but may be NULL when updating an address. The same applies to the
1072 * destination address 'dest6'. The given IPv6 address and destination address
1073 * must use KAME-style embedding for zones. The flags field 'flags' contains
1074 * a set of NetBSD-style address flags (IN6_IFF_). The 'lifetime' parameter
1075 * always points to lifetime information to be set or updated. Return OK if
1076 * the address was successfully added or updated, or a negative error code
1077 * otherwise.
1078 */
1079 int
1083 {
1084 ip_addr_t ipaddr;
1088 ifaddr_v6_num_t num;
1094 /*
1095 * Somewhat curiously, NetBSD ignores the zone ID for these requests,
1096 * rather than rejecting requests with a zone ID that does not match
1097 * the associated interface's. We have no reason to be stricter, and
1098 * so we overwrite whatever zone was given..
1099 */
1104 /*
1105 * Forbid locally-assigned multicast addresses. Not only are those
1106 * absolutely disallowed in theory, we also assume all locally assigned
1107 * addresses are unicast in various places in practice.
1108 */
1114 /*
1115 * The netmask needs to be there only when adding a new address, but if
1116 * a netmask is given, it must be valid. Note that lwIP itself
1117 * supports only /64 subnets; however, due to our custom routing hooks,
1118 * combined with giving lifetimes to all addresses (except the primary
1119 * link-local address, which is a /64), we control all routing
1120 * decisions that would otherwise be affected by that lwIP limitation.
1121 */
1130 /* TODO: dest6 (note: may be NULL) */
1132 /* TODO: support for IN6_IFF_ANYCAST and IN6_IFF_DETACHED. */
1137 /* Should we add a new address, or update an existing one? */
1141 /* Add a new address. */
1145 /*
1146 * It must be possible to add the address to the routing table,
1147 * so make sure that we can add such a route later on. The
1148 * error code should be accurate for most real-world cases.
1149 */
1153 /*
1154 * As an exception, if the given address is a link-local
1155 * address and there is no link-local address in slot 0, use
1156 * slot 0 to store this address. This requires a /64 prefix
1157 * length, because lwIP will use an implied /64 subnet for it.
1158 */
1163 /*
1164 * Such link-local addresses are not considered to be
1165 * autoconfigured, because they always have an implied
1166 * subnet. Therefore, clear that flag.
1167 */
1170 /*
1171 * Find a free slot. We bypass netif_ip6_addr_add() as
1172 * it makes things more, rather than less, complicated
1173 * for us here.
1174 */
1180 }
1184 }
1188 /*
1189 * We bypass the standard netif IPv6 address assignment
1190 * functions here, because we may want to change the state of
1191 * the address to something particular (rather than always
1192 * tentative) and set the state only when we're otherwise done.
1193 */
1198 /*
1199 * New addresses are always DAD-tested for collisions first,
1200 * except on loopback interfaces, which will simply get back
1201 * its own DAD request and conclude there is a collision..
1202 */
1209 else
1218 /* Precompute the address scope as well. */
1222 /* Update an existing address. */
1223 /*
1224 * Since no fundamental aspects about the address may change
1225 * we also do not need to delete and readd the address here.
1226 */
1230 /* TODO: figure out exactly what userland wants here.. */
1235 else
1238 /*
1239 * Leave the AUTOCONF flag as is, because otherwise we might
1240 * also have to add or delete a subnet route here.
1241 */
1244 else
1246 }
1248 /*
1249 * In our implementation, all addresses except the first link-local
1250 * address (which is always stored in slot 0) have a lifetime and are
1251 * thus not static as far as lwIP is concerned. The result is that all
1252 * those addresses are considered to be /128 assignments, leaving the
1253 * routing decisions entirely to us, which is exactly what we want. As
1254 * such we have to be careful not to assign a valid lifetime of 0
1255 * ("static"). For preferred lifetimes, 0 is not a special value,
1256 * though. Either value may be 0xffffffff, which denotes "infinite".
1257 *
1258 * As for those routing decisions: we use the AUTOCONF flag as the
1259 * indication whether or not to add a subnet (= on-link prefix) route
1260 * for the address. See also ifaddr_v6_added().
1261 */
1265 valid_life++;
1269 }
1271 /*
1272 * The lifetime of address slot 0 is initialized to, and remains at all
1273 * times, zero ("static"). All other slots have an actual lifetime.
1274 */
1277 /*
1278 * Change the address state last, as this may immediately trigger
1279 * reports and route addition etc, although usually it will not:
1280 * addresses are typically added as tentative, and ifaddr_v6_added()
1281 * will be called only once the address is valid.
1282 */
1286 }
1288 /*
1289 * Delete an IPv6 address from an interface. The given address number must
1290 * have been obtained through ifaddr_v6_find() or ifaddr_v6_enum().
1291 * This function always succeeds.
1292 */
1293 void
1295 {
1300 /* The state change will also trigger ifaddr_v6_deleted() if needed. */
1302 IP6_ADDR_INVALID);
1303 }
1305 /*
1306 * Announce all IPv6 addresses associated with the given interface as deleted.
1307 * Used (only) right before the interface is destroyed.
1308 */
1309 void
1311 {
1312 ifaddr_v6_num_t num;
1317 }
1318 }
1320 /*
1321 * Check state changes on local IPv6 addresses and update shadow state
1322 * accordingly.
1323 */
1324 void
1326 {
1328 ifaddr_v6_num_t num;
1334 /*
1335 * Since we compile lwIP without support for stateless
1336 * autoconfiguration, there will be no cases where new
1337 * addresses appear out of nowhere. As such, we can rely on
1338 * all necessary fields already being initialized here.
1339 */
1352 else
1354 }
1358 /*
1359 * TODO: implement the requirements for dealing with duplicated
1360 * addresses, in particular the link-local address, as
1361 * specified by RFC 4862 Sec. 5.4.5. NetBSD uses the
1362 * ND6_IFF_IFDISABLED flag for this, essentially disabling
1363 * the interface completely when that flag is set.
1364 */
1365 }
1366 }
1368 /*
1369 * A change in the interface and/or link status has resulted in both now being
1370 * up. Set the link-local address, if any, to tentative state. Exempt
1371 * loopback interfaces, which would just see their own requests as collisions.
1372 *
1373 * TODO: the current implementation is the absolute minimum required for
1374 * dhcpcd(8) to function somewhat properly, but there is much more to be
1375 * decided and done when it comes to dealing with status changes..
1376 */
1377 void
1379 {
1384 IP6_ADDR_TENTATIVE);
1385 }
1387 /*
1388 * Check whether all conditions are met for (re)assigning a link-local IPv6
1389 * address, and if so, do just that.
1390 */
1391 void
1393 {
1395 /*
1396 * A few conditions must be met for link-local address assignment.
1397 * First of all, link-local address assignment must be enabled both
1398 * globally and on the interface. The BSDs use the global setting as
1399 * an initial value for the link-local setting, but if we do this, it
1400 * would basically be impossible to change the global setting and have
1401 * any effect. Thus, we use the global setting as an additional
1402 * requirement, with as reasoning that people will typically disable
1403 * the global setting in order to assign no IPv6 addresses at all.
1404 */
1409 /*
1410 * Second, the interface must be up. This is an artificial requirement
1411 * that allows for the above settings to be changed at all: if we
1412 * assigned a link-local address as soon as we could (see below), this
1413 * would leave virtually no opportunity to change the settings. Once
1414 * assigned, a link-local address is never removed automatically.
1415 */
1419 /*
1420 * A proper (48-bit) hardware address must be set. Interfaces without
1421 * hardware addresses (e.g., loopback devices) do not have this kind of
1422 * auto-assignment. It may take a while for the driver to get back to
1423 * us with its initial hardware address, so wait for at least that.
1424 * Also update the link-local address upon subsequent (user-initiated)
1425 * changes to the hardware address, as long as if the IPv6 address has
1426 * not been overridden by userland by then.
1427 */
1436 /*
1437 * All conditions are met. Set or replace the interface's IPv6
1438 * link-local address. This uses the first IPv6 address slot, which
1439 * will be skipped when adding non-link-local addresses. We first
1440 * delete the old address if any, in order to force invalidation of
1441 * bound sockets, because setting the new address does not (currently)
1442 * consider sockets.
1443 */
1447 #ifdef INET6
1458 }
1460 /*
1461 * Return the first interface device that owns the given (non-any) IPv6
1462 * address, or NULL if it is not a valid local IPv6 address. Addresses that
1463 * exist but are not usable ("usually assigned" in the RFC4862 sense) are
1464 * considered not valid in this context.
1465 */
1468 {
1471 ifaddr_v6_num_t num;
1473 /*
1474 * It would be nice to be able to do a route lookup on an RTF_LOCAL
1475 * entry here, but this approach would currently have two problems.
1476 *
1477 * 1) link-local addresses would require a lookup with a different
1478 * embedded zone for each possible interface, requiring a loop over
1479 * all interfaces after all; we could do a route lookup for global
1480 * addresses only, but then there's also the issue that..
1481 * 2) once we get the interface from the route, we still have to check
1482 * check the state of the address, as done below, and that requires
1483 * us to go through all the interface addresses after all; we could
1484 * embed the local address number in the RTF_LOCAL routing entry but
1485 * that would get rather messy API-wise.
1486 *
1487 * Still, if it turns out that this function is a bottleneck, the above
1488 * workarounds should offer a way forward for the common case.
1489 */
1497 /*
1498 * An address may be used as a local address only if it
1499 * is preferred or deprecated, not if it is tentative
1500 * or duplicated.
1501 */
1505 /*
1506 * Ignore the zone if the given address does not have
1507 * one set. Otherwise, the zone must match.
1508 */
1513 }
1514 }
1517 }
1519 /*
1520 * Return the first interface device for which the given IPv6 address is on a
1521 * configured local subnet, or NULL if no match was found.
1522 */
1525 {
1529 ifaddr_v6_num_t num;
1550 /*
1551 * For addresses with no implied subnet, check against
1552 * the full address, so as to match only that address.
1553 */
1556 else
1560 prefix)
1562 }
1563 }
1566 }
1568 /*
1569 * Select an IPv6 source address for communication to the given destination
1570 * address on the given interface. Return the selected source address, or NULL
1571 * if no appropriate source address could be found. This function implements
1572 * RFC 6724 Sec. 5, and is very close to a drop-in replacement for lwIP's own
1573 * ip6_select_source_address() function. We can do a slightly better job
1574 * because we have more information (for Rules 6 and 7) and can offer a more
1575 * complete, less lightweight implementation (for Rule 8).
1576 *
1577 * In summary, this is the implementation status of the rules:
1578 *
1579 * - Rules 1, 2, 3: fully implemented
1580 * - Rules 4, 5, 5.5: not applicable
1581 * - Rules 6, 7, 8: fully implemented
1582 *
1583 * Note that for rule 2, scope decisions are left to the addrpol module, which
1584 * makes a deliberate exception from the RFC for Unique-Local Addresses.
1585 *
1586 * The given destination address may not be properly zoned.
1587 */
1590 {
1609 /* Consider only valid (preferred and deprecated) addresses. */
1615 /* Rule 1 */
1626 /*
1627 * The following monster of an if-condition relies on order of
1628 * evaluation to obtain the more expensive-to-compute values
1629 * only when strictly necessary. We use a shortcut for Rule 6:
1630 * labels are computed based on longest matching prefix, so if
1631 * Rule 6 prefers the candidate address, Rule 8 would have
1632 * preferred the candidate address as well. Therefore, skip
1633 * even computing labels when Rule 7 would not prefer either
1634 * address, i.e. the "temporary" state of the candidate and the
1635 * best address are equal. For complete ties (which exist,
1636 * because Rule 8 - longest common prefix - checks up to the
1637 * subnet size), as "policy" we always pick the first address.
1638 */
1639 #define ADDRPOL_GET_LABEL(addr, label) \
1640 (label != -1 || (label = addrpol_get_label(addr), 1))
1641 #define ADDR_GET_COMMON_BITS(addr1, addr2, num, bits) \
1642 (bits != -1 || (bits = (int) \
1643 addr_get_common_bits(addr1, addr2, ifdev->ifdev_v6prefix[num]), 1))
1646 /* Rule 2 */
1650 /* Rule 3 */
1652 /* Rule 6 */
1661 /* Rule 7 */
1663 /* Rule 8 */
1665 cand_bits) &&
1667 best_bits) &&
1669 /* We found a new "winning" candidate. */
1677 }
1678 }
1680 /* Return the best candidate, if any. */
1682 }
1684 /*
1685 * Pick an IPv6 source address locally assigned to the given interface, for use
1686 * with the given IPv6 destination address. See ifaddr_v6_select() on why we
1687 * override lwIP's version of this function.
1688 *
1689 * This is a full replacement of the corresponding lwIP function, which should
1690 * be overridden with weak symbols, using patches against the lwIP source code.
1691 * As such, the lwIP headers should already provide the correct prototype for
1692 * this function. If not, something will have changed in the lwIP
1693 * implementation, and this code must be revised accordingly.
1694 *
1695 * Important: there are currently no tests that will detect that overriding is
1696 * broken, since our test code (necessarily) uses the code path that calls
1697 * ifaddr_v6_select() directly, even though there are other places in the lwIP
1698 * source code that explicitly call this functions.
1699 */
1702 {
1703 ip_addr_t ipaddr;
1708 }
1710 /*
1711 * Find and return the interface to which the given address is assigned as a
1712 * local (source) address, or NULL if the given address is not a local address
1713 * for any interface. The 'any' address as well as IPv4-mapped IPv6 addresses
1714 * are not supported and will yield NULL.
1715 */
1718 {
1735 }
1736 }
1738 /*
1739 * Find and return an interface that has a local network configured that
1740 * contains the given address, or NULL if there is no match. If there are
1741 * multiple matches, an arbitrary one is returned. The 'any' address as well
1742 * as IPv4-mapped IPv6 addresses are not supported and will yield NULL.
1743 */
1746 {
1763 }
1764 }
1766 /*
1767 * Select a local address to use as source address for the given destination
1768 * address. If 'ifdev' is not NULL, it points to the interface from which to
1769 * select a source address. If 'ifdev' is NULL, this function will attempt to
1770 * select an interface as well. On success, return the selected source
1771 * address, and if 'ifdevp' is not NULL, store the selected interface in it.
1772 * On failure, return NULL.
1773 */
1777 {
1781 /*
1782 * If no interface is provided yet, start by determining the interface.
1783 * If the destination address has a zone, this step is easy. Otherwise
1784 * we have to do a routing query on the destination address.
1785 */
1799 }
1800 }
1805 /*
1806 * We have found an interface. Now select an IP address assigned to
1807 * that interface. For IPv4, this is easy: each interface has only one
1808 * local address (if that). For IPv6, we may have to select one of the
1809 * locally assigned addresses: global, link-local, etc.
1810 */
1813 /* Use the IPv4 source address if one is set at all. */
1824 }
1825 }
1827 /*
1828 * Check the given IPv6 address for a zone violation against the given
1829 * interface--that is, a scoped address leaving its original zone if used in
1830 * the context of the interface. Return TRUE if the address is zone-
1831 * incompatible with the interface, and thus must not be used in packets sent
1832 * to that interface. Return FALSE if there is no such zone incompatibility.
1833 */
1834 int
1836 {
1838 /*
1839 * The IPv6 loopback address (::1) has an implicit link-local scope,
1840 * with a zone corresponding to the interface it is assigned to. We
1841 * take a shortcut by assuming that the loopback address is assigned to
1842 * the primary loopback interface.
1843 */
1847 /* Zoned addresses must not leave their zone. */
1852 }
1854 /*
1855 * Find a data link (hardware) address locally assigned to a interface. The
1856 * address is given as 'addr', and the length of the memory area that contains
1857 * 'addr' is given as 'addr_len'. The interface is given as 'ifdev'. On
1858 * success, return OK, with the data link address number stored in 'num'. For
1859 * interfaces that do not support hardware addresses, if the given address
1860 * provides a zero-length hardware address, always return successfully with 0
1861 * stored in 'nump'. On failure, return a negative error code.
1862 */
1863 int
1866 {
1868 ifaddr_dl_num_t num;
1876 /*
1877 * For interfaces without hardware addresses, after passing the above
1878 * sanity checks (which guarantee that the searched-for address is of
1879 * zero length), return the pseudo-entry zero, which yields an entry
1880 * with a zero-sized hardware address once obtained. This is required
1881 * for at least ifconfig(8).
1882 */
1886 }
1894 }
1895 }
1898 }
1900 /*
1901 * Enumerate data link (hardware) addresses locally assigned to the given
1902 * interface 'ifdev'. The caller should set 'nump' to 0 initially, and
1903 * increase it by one between a successful call and the next enumeration call.
1904 * Return TRUE on success, meaning that starting from the given value of 'nump'
1905 * there is at least one data link address, of which the number is stored in
1906 * 'nump' on return. Return FALSE if there are no more data link addresses
1907 * locally assigned to the interface.
1908 */
1909 int
1911 {
1913 /*
1914 * If hardware addresses are not supported, or if no hardware address
1915 * has been added to this interface yet (this shouldn't happen but
1916 * still), there is always one entry with a (zero-sized) address.
1917 * That is required for the IFP (name) entry as used by getifaddrs(3).
1918 */
1926 }
1929 }
1931 /*
1932 * Retrieve a data link (hardware) address for an interface. For interfaces
1933 * that support hardware addresses, 'num' must be a number returned by
1934 * ifaddr_dl_find() or ifaddr_dl_enum(). For others, 'num' must be zero, and a
1935 * pseudo-address of zero size will be returned. The address will be stored in
1936 * 'addr'. This function always succeeds.
1937 */
1938 void
1941 {
1944 socklen_t addr_len;
1947 /*
1948 * Note that if we have no hardware addresses yet (which should
1949 * not happen but still), the first entry may not be marked as
1950 * valid yet. Ignore it, and return an all-zeroes address.
1951 */
1961 }
1963 /*
1964 * Obtain NetBSD-style state flags (IFLR_) for the given local data link
1965 * address. The given number may be 0, in which case that slot's state may not
1966 * be valid. Otherwise, the given number must identify an existing address.
1967 * Return the flags, 0 if the slot was not valid.
1968 */
1969 int
1971 {
1985 }
1987 /*
1988 * Scan the list of hardware addresses of the given interface for a particular
1989 * hardware address, as well as for an available entry. Return the entry found
1990 * or -1 if the given hardware address was not found. Independently, return an
1991 * available entry in 'availp' or -1 if no entries are available.
1992 */
1993 static ifaddr_dl_num_t
1996 {
2008 }
2012 }
2014 /*
2015 * Set a hardware address entry in the hardware address list of the given
2016 * interface.
2017 */
2018 static void
2021 {
2031 }
2033 /*
2034 * Mark a new hardware address as active, after it has already been activated
2035 * on the hardware and in local administration. The active slot is always slot
2036 * zero, so swap slots if needed.
2037 */
2038 static void
2040 {
2047 /* The given slot may be zero if this is the initial address. */
2053 }
2057 /* Tell lwIP and routing sockets. */
2063 /* See if we can and should generate a link-local IPv6 address now. */
2065 }
2067 /*
2068 * Add a data link (hardware) address to an interface, or if it already exists,
2069 * update its associated flags (IFLR_).
2070 */
2071 int
2074 {
2079 /*
2080 * If this interface type does not support setting hardware addresses,
2081 * refuse the call. If the interface type supports it but the
2082 * underlying hardware does not, we cannot report failure here, though.
2083 * In that case, attempts to activate an address will fail instead.
2084 */
2093 /*
2094 * Find the slot for the given hardware address. Also find the slot of
2095 * the active address, and a free slot. All of these may not exist.
2096 */
2103 }
2105 /*
2106 * If we are asked to activate this address, try that first: this may
2107 * fail if the network device does not support setting addresses, in
2108 * which case we want to fail without causing routing socket noise.
2109 */
2114 /*
2115 * If this is a new address, add and announce it. Otherwise, just
2116 * update its flags.
2117 */
2125 }
2127 /*
2128 * Activate the address if requested, swapping slots as needed. It is
2129 * not possible to deactivate the active address by changing its flags.
2130 */
2135 }
2137 /*
2138 * Delete a data link (hardware) address from an interface.
2139 */
2140 int
2142 {
2150 /* It is not possible to delete the active address. */
2159 }
2161 /*
2162 * Announce all data link (hardware) addresses associated with the given
2163 * interface as deleted, including the active address. Used (only) right
2164 * before the interface is destroyed.
2165 */
2166 void
2168 {
2169 ifaddr_dl_num_t num;
2171 /*
2172 * Do the active address last, because all announcements carry the
2173 * active address's hardware address as well.
2174 */
2180 }
2182 /*
2183 * Update the interface's active hardware address. If the 'is_factory' flag is
2184 * set, the address is the factory (driver-given) address. This function may
2185 * only be called from ifdev_update_hwaddr().
2186 */
2187 void
2189 {
2192 /*
2193 * Find the slot for the given hardware address. Also find the slot of
2194 * the active address, and a free slot. All of these may not exist.
2195 */
2198 /* If the given address is already the active one, do nothing. */
2200 /* Factory addresses are always added first! */
2204 }
2207 /*
2208 * If the given address is not in the list, add it. If the
2209 * list is full, first remove any non-active address. The user
2210 * won't like this, but it preserves correctness without too
2211 * many complications, because this case is unlikely to happen.
2212 */
2221 }
2224 }