search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Expand PMF_FN_* macros.
[netbsd-mini2440.git] / sys / netinet6 / ip6_input.c
blob504cce50ed551c4aa03877107780587b32f5f832
1 /* $NetBSD: ip6_input.c,v 1.127 2009/05/01 03:23:39 martin Exp $ */
2 /* $KAME: ip6_input.c,v 1.188 2001/03/29 05:34:31 itojun Exp $ */
3
4 /*
5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of the project nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * SUCH DAMAGE.
31 */
32
33 /*
34 * Copyright (c) 1982, 1986, 1988, 1993
35 * The Regents of the University of California. All rights reserved.
36 *
37 * Redistribution and use in source and binary forms, with or without
38 * modification, are permitted provided that the following conditions
39 * are met:
40 * 1. Redistributions of source code must retain the above copyright
41 * notice, this list of conditions and the following disclaimer.
42 * 2. Redistributions in binary form must reproduce the above copyright
43 * notice, this list of conditions and the following disclaimer in the
44 * documentation and/or other materials provided with the distribution.
45 * 3. Neither the name of the University nor the names of its contributors
46 * may be used to endorse or promote products derived from this software
47 * without specific prior written permission.
48 *
49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
59 * SUCH DAMAGE.
60 *
61 * @(#)ip_input.c 8.2 (Berkeley) 1/4/94
62 */
63
64 #include <sys/cdefs.h>
65 __KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.127 2009/05/01 03:23:39 martin Exp $");
66
67 #include "opt_inet.h"
68 #include "opt_inet6.h"
69 #include "opt_ipsec.h"
70 #include "opt_pfil_hooks.h"
71 #include "opt_compat_netbsd.h"
72
73 #include <sys/param.h>
74 #include <sys/systm.h>
75 #include <sys/malloc.h>
76 #include <sys/mbuf.h>
77 #include <sys/domain.h>
78 #include <sys/protosw.h>
79 #include <sys/socket.h>
80 #include <sys/socketvar.h>
81 #include <sys/errno.h>
82 #include <sys/time.h>
83 #include <sys/kernel.h>
84 #include <sys/syslog.h>
85 #include <sys/proc.h>
86 #include <sys/sysctl.h>
87
88 #include <net/if.h>
89 #include <net/if_types.h>
90 #include <net/if_dl.h>
91 #include <net/route.h>
92 #include <net/netisr.h>
93 #ifdef PFIL_HOOKS
94 #include <net/pfil.h>
95 #endif
96
97 #include <netinet/in.h>
98 #include <netinet/in_systm.h>
99 #ifdef INET
100 #include <netinet/ip.h>
101 #include <netinet/ip_icmp.h>
102 #endif /* INET */
103 #include <netinet/ip6.h>
104 #include <netinet6/in6_var.h>
105 #include <netinet6/ip6_var.h>
106 #include <netinet6/ip6_private.h>
107 #include <netinet6/in6_pcb.h>
108 #include <netinet/icmp6.h>
109 #include <netinet6/scope6_var.h>
110 #include <netinet6/in6_ifattach.h>
111 #include <netinet6/nd6.h>
112
113 #ifdef IPSEC
114 #include <netinet6/ipsec.h>
115 #include <netinet6/ipsec_private.h>
116 #endif
117
118 #ifdef FAST_IPSEC
119 #include <netipsec/ipsec.h>
120 #include <netipsec/ipsec6.h>
121 #include <netipsec/key.h>
122 #endif /* FAST_IPSEC */
123
124 #ifdef COMPAT_50
125 #include <compat/sys/time.h>
126 #include <compat/sys/socket.h>
127 #endif
128
129 #include <netinet6/ip6protosw.h>
130
131 #include "faith.h"
132 #include "gif.h"
133
134 #if NGIF > 0
135 #include <netinet6/in6_gif.h>
136 #endif
137
138 #include <net/net_osdep.h>
139
140 extern struct domain inet6domain;
141
142 u_char ip6_protox[IPPROTO_MAX];
143 static int ip6qmaxlen = IFQ_MAXLEN;
144 struct in6_ifaddr *in6_ifaddr;
145 struct ifqueue ip6intrq;
146
147 extern callout_t in6_tmpaddrtimer_ch;
148
149 int ip6_forward_srcrt; /* XXX */
150 int ip6_sourcecheck; /* XXX */
151 int ip6_sourcecheck_interval; /* XXX */
152
153 #ifdef PFIL_HOOKS
154 struct pfil_head inet6_pfil_hook;
155 #endif
156
157 percpu_t *ip6stat_percpu;
158
159 static void ip6_init2(void *);
160 static struct m_tag *ip6_setdstifaddr(struct mbuf *, const struct in6_ifaddr *);
161
162 static int ip6_hopopts_input(u_int32_t *, u_int32_t *, struct mbuf **, int *);
163 static struct mbuf *ip6_pullexthdr(struct mbuf *, size_t, int);
164 static void sysctl_net_inet6_ip6_setup(struct sysctllog **);
165
166 /*
167 * IP6 initialization: fill in IP6 protocol switch table.
168 * All protocols not implemented in kernel go to raw IP6 protocol handler.
169 */
170 void
171 ip6_init(void)
172 {
173 const struct ip6protosw *pr;
174 int i;
175
176 sysctl_net_inet6_ip6_setup(NULL);
177 pr = (const struct ip6protosw *)pffindproto(PF_INET6, IPPROTO_RAW, SOCK_RAW);
178 if (pr == 0)
179 panic("ip6_init");
180 for (i = 0; i < IPPROTO_MAX; i++)
181 ip6_protox[i] = pr - inet6sw;
182 for (pr = (const struct ip6protosw *)inet6domain.dom_protosw;
183 pr < (const struct ip6protosw *)inet6domain.dom_protoswNPROTOSW; pr++)
184 if (pr->pr_domain->dom_family == PF_INET6 &&
185 pr->pr_protocol && pr->pr_protocol != IPPROTO_RAW)
186 ip6_protox[pr->pr_protocol] = pr - inet6sw;
187 ip6intrq.ifq_maxlen = ip6qmaxlen;
188 scope6_init();
189 addrsel_policy_init();
190 nd6_init();
191 frag6_init();
192 ip6_desync_factor = arc4random() % MAX_TEMP_DESYNC_FACTOR;
193
194 ip6_init2((void *)0);
195 #ifdef GATEWAY
196 ip6flow_init(ip6_hashsize);
197 #endif
198
199 #ifdef PFIL_HOOKS
200 /* Register our Packet Filter hook. */
201 inet6_pfil_hook.ph_type = PFIL_TYPE_AF;
202 inet6_pfil_hook.ph_af = AF_INET6;
203 i = pfil_head_register(&inet6_pfil_hook);
204 if (i != 0)
205 printf("ip6_init: WARNING: unable to register pfil hook, "
206 "error %d\n", i);
207 #endif /* PFIL_HOOKS */
208
209 ip6stat_percpu = percpu_alloc(sizeof(uint64_t) * IP6_NSTATS);
210 }
211
212 static void
213 ip6_init2(void *dummy)
214 {
215
216 /* nd6_timer_init */
217 callout_init(&nd6_timer_ch, CALLOUT_MPSAFE);
218 callout_reset(&nd6_timer_ch, hz, nd6_timer, NULL);
219
220 /* timer for regeneranation of temporary addresses randomize ID */
221 callout_init(&in6_tmpaddrtimer_ch, CALLOUT_MPSAFE);
222 callout_reset(&in6_tmpaddrtimer_ch,
223 (ip6_temp_preferred_lifetime - ip6_desync_factor -
224 ip6_temp_regen_advance) * hz,
225 in6_tmpaddrtimer, NULL);
226 }
227
228 /*
229 * IP6 input interrupt handling. Just pass the packet to ip6_input.
230 */
231 void
232 ip6intr(void)
233 {
234 int s;
235 struct mbuf *m;
236
237 mutex_enter(softnet_lock);
238 KERNEL_LOCK(1, NULL);
239 for (;;) {
240 s = splnet();
241 IF_DEQUEUE(&ip6intrq, m);
242 splx(s);
243 if (m == 0)
244 break;
245 /* drop the packet if IPv6 operation is disabled on the IF */
246 if ((ND_IFINFO(m->m_pkthdr.rcvif)->flags & ND6_IFF_IFDISABLED)) {
247 m_freem(m);
248 break;
249 }
250 ip6_input(m);
251 }
252 KERNEL_UNLOCK_ONE(NULL);
253 mutex_exit(softnet_lock);
254 }
255
256 extern struct route ip6_forward_rt;
257
258 void
259 ip6_input(struct mbuf *m)
260 {
261 struct ip6_hdr *ip6;
262 int hit, off = sizeof(struct ip6_hdr), nest;
263 u_int32_t plen;
264 u_int32_t rtalert = ~0;
265 int nxt, ours = 0, rh_present = 0;
266 struct ifnet *deliverifp = NULL;
267 int srcrt = 0;
268 const struct rtentry *rt;
269 union {
270 struct sockaddr dst;
271 struct sockaddr_in6 dst6;
272 } u;
273 #ifdef FAST_IPSEC
274 struct m_tag *mtag;
275 struct tdb_ident *tdbi;
276 struct secpolicy *sp;
277 int s, error;
278 #endif
279
280 #ifdef IPSEC
281 /*
282 * should the inner packet be considered authentic?
283 * see comment in ah4_input().
284 */
285 m->m_flags &= ~M_AUTHIPHDR;
286 m->m_flags &= ~M_AUTHIPDGM;
287 #endif
288
289 /*
290 * make sure we don't have onion peering information into m_tag.
291 */
292 ip6_delaux(m);
293
294 /*
295 * mbuf statistics
296 */
297 if (m->m_flags & M_EXT) {
298 if (m->m_next)
299 IP6_STATINC(IP6_STAT_MEXT2M);
300 else
301 IP6_STATINC(IP6_STAT_MEXT1);
302 } else {
303 #define M2MMAX 32
304 if (m->m_next) {
305 if (m->m_flags & M_LOOP) {
306 /*XXX*/ IP6_STATINC(IP6_STAT_M2M + lo0ifp->if_index);
307 } else if (m->m_pkthdr.rcvif->if_index < M2MMAX) {
308 IP6_STATINC(IP6_STAT_M2M +
309 m->m_pkthdr.rcvif->if_index);
310 } else
311 IP6_STATINC(IP6_STAT_M2M);
312 } else
313 IP6_STATINC(IP6_STAT_M1);
314 #undef M2MMAX
315 }
316
317 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_receive);
318 IP6_STATINC(IP6_STAT_TOTAL);
319
320 /*
321 * If the IPv6 header is not aligned, slurp it up into a new
322 * mbuf with space for link headers, in the event we forward
323 * it. Otherwise, if it is aligned, make sure the entire base
324 * IPv6 header is in the first mbuf of the chain.
325 */
326 if (IP6_HDR_ALIGNED_P(mtod(m, void *)) == 0) {
327 struct ifnet *inifp = m->m_pkthdr.rcvif;
328 if ((m = m_copyup(m, sizeof(struct ip6_hdr),
329 (max_linkhdr + 3) & ~3)) == NULL) {
330 /* XXXJRT new stat, please */
331 IP6_STATINC(IP6_STAT_TOOSMALL);
332 in6_ifstat_inc(inifp, ifs6_in_hdrerr);
333 return;
334 }
335 } else if (__predict_false(m->m_len < sizeof(struct ip6_hdr))) {
336 struct ifnet *inifp = m->m_pkthdr.rcvif;
337 if ((m = m_pullup(m, sizeof(struct ip6_hdr))) == NULL) {
338 IP6_STATINC(IP6_STAT_TOOSMALL);
339 in6_ifstat_inc(inifp, ifs6_in_hdrerr);
340 return;
341 }
342 }
343
344 ip6 = mtod(m, struct ip6_hdr *);
345
346 if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) {
347 IP6_STATINC(IP6_STAT_BADVERS);
348 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr);
349 goto bad;
350 }
351
352 #if defined(IPSEC)
353 /* IPv6 fast forwarding is not compatible with IPsec. */
354 m->m_flags &= ~M_CANFASTFWD;
355 #else
356 /*
357 * Assume that we can create a fast-forward IP flow entry
358 * based on this packet.
359 */
360 m->m_flags |= M_CANFASTFWD;
361 #endif
362
363 #ifdef PFIL_HOOKS
364 /*
365 * Run through list of hooks for input packets. If there are any
366 * filters which require that additional packets in the flow are
367 * not fast-forwarded, they must clear the M_CANFASTFWD flag.
368 * Note that filters must _never_ set this flag, as another filter
369 * in the list may have previously cleared it.
370 */
371 /*
372 * let ipfilter look at packet on the wire,
373 * not the decapsulated packet.
374 */
375 #ifdef IPSEC
376 if (!ipsec_getnhist(m))
377 #elif defined(FAST_IPSEC)
378 if (!ipsec_indone(m))
379 #else
380 if (1)
381 #endif
382 {
383 struct in6_addr odst;
384
385 odst = ip6->ip6_dst;
386 if (pfil_run_hooks(&inet6_pfil_hook, &m, m->m_pkthdr.rcvif,
387 PFIL_IN) != 0)
388 return;
389 if (m == NULL)
390 return;
391 ip6 = mtod(m, struct ip6_hdr *);
392 srcrt = !IN6_ARE_ADDR_EQUAL(&odst, &ip6->ip6_dst);
393 }
394 #endif /* PFIL_HOOKS */
395
396 IP6_STATINC(IP6_STAT_NXTHIST + ip6->ip6_nxt);
397
398 #ifdef ALTQ
399 if (altq_input != NULL && (*altq_input)(m, AF_INET6) == 0) {
400 /* packet is dropped by traffic conditioner */
401 return;
402 }
403 #endif
404
405 /*
406 * Check against address spoofing/corruption.
407 */
408 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_src) ||
409 IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_dst)) {
410 /*
411 * XXX: "badscope" is not very suitable for a multicast source.
412 */
413 IP6_STATINC(IP6_STAT_BADSCOPE);
414 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr);
415 goto bad;
416 }
417 /*
418 * The following check is not documented in specs. A malicious
419 * party may be able to use IPv4 mapped addr to confuse tcp/udp stack
420 * and bypass security checks (act as if it was from 127.0.0.1 by using
421 * IPv6 src ::ffff:127.0.0.1). Be cautious.
422 *
423 * This check chokes if we are in an SIIT cloud. As none of BSDs
424 * support IPv4-less kernel compilation, we cannot support SIIT
425 * environment at all. So, it makes more sense for us to reject any
426 * malicious packets for non-SIIT environment, than try to do a
427 * partial support for SIIT environment.
428 */
429 if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) ||
430 IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) {
431 IP6_STATINC(IP6_STAT_BADSCOPE);
432 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr);
433 goto bad;
434 }
435 #if 0
436 /*
437 * Reject packets with IPv4 compatible addresses (auto tunnel).
438 *
439 * The code forbids auto tunnel relay case in RFC1933 (the check is
440 * stronger than RFC1933). We may want to re-enable it if mech-xx
441 * is revised to forbid relaying case.
442 */
443 if (IN6_IS_ADDR_V4COMPAT(&ip6->ip6_src) ||
444 IN6_IS_ADDR_V4COMPAT(&ip6->ip6_dst)) {
445 IP6_STATINC(IP6_STAT_BADSCOPE);
446 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr);
447 goto bad;
448 }
449 #endif
450
451 /*
452 * Disambiguate address scope zones (if there is ambiguity).
453 * We first make sure that the original source or destination address
454 * is not in our internal form for scoped addresses. Such addresses
455 * are not necessarily invalid spec-wise, but we cannot accept them due
456 * to the usage conflict.
457 * in6_setscope() then also checks and rejects the cases where src or
458 * dst are the loopback address and the receiving interface
459 * is not loopback.
460 */
461 if (__predict_false(
462 m_makewritable(&m, 0, sizeof(struct ip6_hdr), M_DONTWAIT)))
463 goto bad;
464 ip6 = mtod(m, struct ip6_hdr *);
465 if (in6_clearscope(&ip6->ip6_src) || in6_clearscope(&ip6->ip6_dst)) {
466 IP6_STATINC(IP6_STAT_BADSCOPE); /* XXX */
467 goto bad;
468 }
469 if (in6_setscope(&ip6->ip6_src, m->m_pkthdr.rcvif, NULL) ||
470 in6_setscope(&ip6->ip6_dst, m->m_pkthdr.rcvif, NULL)) {
471 IP6_STATINC(IP6_STAT_BADSCOPE);
472 goto bad;
473 }
474
475 /*
476 * Multicast check
477 */
478 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
479 struct in6_multi *in6m = 0;
480
481 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_mcast);
482 /*
483 * See if we belong to the destination multicast group on the
484 * arrival interface.
485 */
486 IN6_LOOKUP_MULTI(ip6->ip6_dst, m->m_pkthdr.rcvif, in6m);
487 if (in6m)
488 ours = 1;
489 else if (!ip6_mrouter) {
490 uint64_t *ip6s = IP6_STAT_GETREF();
491 ip6s[IP6_STAT_NOTMEMBER]++;
492 ip6s[IP6_STAT_CANTFORWARD]++;
493 IP6_STAT_PUTREF();
494 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_discard);
495 goto bad;
496 }
497 deliverifp = m->m_pkthdr.rcvif;
498 goto hbhcheck;
499 }
500
501 sockaddr_in6_init(&u.dst6, &ip6->ip6_dst, 0, 0, 0);
502
503 /*
504 * Unicast check
505 */
506 rt = rtcache_lookup2(&ip6_forward_rt, &u.dst, 1, &hit);
507 if (hit)
508 IP6_STATINC(IP6_STAT_FORWARD_CACHEHIT);
509 else
510 IP6_STATINC(IP6_STAT_FORWARD_CACHEMISS);
511
512 #define rt6_getkey(__rt) satocsin6(rt_getkey(__rt))
513
514 /*
515 * Accept the packet if the forwarding interface to the destination
516 * according to the routing table is the loopback interface,
517 * unless the associated route has a gateway.
518 * Note that this approach causes to accept a packet if there is a
519 * route to the loopback interface for the destination of the packet.
520 * But we think it's even useful in some situations, e.g. when using
521 * a special daemon which wants to intercept the packet.
522 */
523 if (rt != NULL &&
524 (rt->rt_flags & (RTF_HOST|RTF_GATEWAY)) == RTF_HOST &&
525 !(rt->rt_flags & RTF_CLONED) &&
526 #if 0
527 /*
528 * The check below is redundant since the comparison of
529 * the destination and the key of the rtentry has
530 * already done through looking up the routing table.
531 */
532 IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst, &rt6_getkey(rt)->sin6_addr) &&
533 #endif
534 rt->rt_ifp->if_type == IFT_LOOP) {
535 struct in6_ifaddr *ia6 = (struct in6_ifaddr *)rt->rt_ifa;
536 if (ia6->ia6_flags & IN6_IFF_ANYCAST)
537 m->m_flags |= M_ANYCAST6;
538 /*
539 * packets to a tentative, duplicated, or somehow invalid
540 * address must not be accepted.
541 */
542 if (!(ia6->ia6_flags & IN6_IFF_NOTREADY)) {
543 /* this address is ready */
544 ours = 1;
545 deliverifp = ia6->ia_ifp; /* correct? */
546 goto hbhcheck;
547 } else {
548 /* address is not ready, so discard the packet. */
549 nd6log((LOG_INFO,
550 "ip6_input: packet to an unready address %s->%s\n",
551 ip6_sprintf(&ip6->ip6_src),
552 ip6_sprintf(&ip6->ip6_dst)));
553
554 goto bad;
555 }
556 }
557
558 /*
559 * FAITH (Firewall Aided Internet Translator)
560 */
561 #if defined(NFAITH) && 0 < NFAITH
562 if (ip6_keepfaith) {
563 if (rt != NULL && rt->rt_ifp != NULL &&
564 rt->rt_ifp->if_type == IFT_FAITH) {
565 /* XXX do we need more sanity checks? */
566 ours = 1;
567 deliverifp = rt->rt_ifp; /* faith */
568 goto hbhcheck;
569 }
570 }
571 #endif
572
573 #if 0
574 {
575 /*
576 * Last resort: check in6_ifaddr for incoming interface.
577 * The code is here until I update the "goto ours hack" code above
578 * working right.
579 */
580 struct ifaddr *ifa;
581 IFADDR_FOREACH(ifa, m->m_pkthdr.rcvif) {
582 if (ifa->ifa_addr == NULL)
583 continue; /* just for safety */
584 if (ifa->ifa_addr->sa_family != AF_INET6)
585 continue;
586 if (IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &ip6->ip6_dst)) {
587 ours = 1;
588 deliverifp = ifa->ifa_ifp;
589 goto hbhcheck;
590 }
591 }
592 }
593 #endif
594
595 /*
596 * Now there is no reason to process the packet if it's not our own
597 * and we're not a router.
598 */
599 if (!ip6_forwarding) {
600 IP6_STATINC(IP6_STAT_CANTFORWARD);
601 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_discard);
602 goto bad;
603 }
604
605 hbhcheck:
606 /*
607 * record address information into m_tag, if we don't have one yet.
608 * note that we are unable to record it, if the address is not listed
609 * as our interface address (e.g. multicast addresses, addresses
610 * within FAITH prefixes and such).
611 */
612 if (deliverifp && ip6_getdstifaddr(m) == NULL) {
613 struct in6_ifaddr *ia6;
614
615 ia6 = in6_ifawithifp(deliverifp, &ip6->ip6_dst);
616 if (ia6 != NULL && ip6_setdstifaddr(m, ia6) == NULL) {
617 /*
618 * XXX maybe we should drop the packet here,
619 * as we could not provide enough information
620 * to the upper layers.
621 */
622 }
623 }
624
625 /*
626 * Process Hop-by-Hop options header if it's contained.
627 * m may be modified in ip6_hopopts_input().
628 * If a JumboPayload option is included, plen will also be modified.
629 */
630 plen = (u_int32_t)ntohs(ip6->ip6_plen);
631 if (ip6->ip6_nxt == IPPROTO_HOPOPTS) {
632 struct ip6_hbh *hbh;
633
634 if (ip6_hopopts_input(&plen, &rtalert, &m, &off)) {
635 #if 0 /*touches NULL pointer*/
636 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_discard);
637 #endif
638 return; /* m have already been freed */
639 }
640
641 /* adjust pointer */
642 ip6 = mtod(m, struct ip6_hdr *);
643
644 /*
645 * if the payload length field is 0 and the next header field
646 * indicates Hop-by-Hop Options header, then a Jumbo Payload
647 * option MUST be included.
648 */
649 if (ip6->ip6_plen == 0 && plen == 0) {
650 /*
651 * Note that if a valid jumbo payload option is
652 * contained, ip6_hopopts_input() must set a valid
653 * (non-zero) payload length to the variable plen.
654 */
655 IP6_STATINC(IP6_STAT_BADOPTIONS);
656 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_discard);
657 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr);
658 icmp6_error(m, ICMP6_PARAM_PROB,
659 ICMP6_PARAMPROB_HEADER,
660 (char *)&ip6->ip6_plen - (char *)ip6);
661 return;
662 }
663 IP6_EXTHDR_GET(hbh, struct ip6_hbh *, m, sizeof(struct ip6_hdr),
664 sizeof(struct ip6_hbh));
665 if (hbh == NULL) {
666 IP6_STATINC(IP6_STAT_TOOSHORT);
667 return;
668 }
669 KASSERT(IP6_HDR_ALIGNED_P(hbh));
670 nxt = hbh->ip6h_nxt;
671
672 /*
673 * accept the packet if a router alert option is included
674 * and we act as an IPv6 router.
675 */
676 if (rtalert != ~0 && ip6_forwarding)
677 ours = 1;
678 } else
679 nxt = ip6->ip6_nxt;
680
681 /*
682 * Check that the amount of data in the buffers
683 * is as at least much as the IPv6 header would have us expect.
684 * Trim mbufs if longer than we expect.
685 * Drop packet if shorter than we expect.
686 */
687 if (m->m_pkthdr.len - sizeof(struct ip6_hdr) < plen) {
688 IP6_STATINC(IP6_STAT_TOOSHORT);
689 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_truncated);
690 goto bad;
691 }
692 if (m->m_pkthdr.len > sizeof(struct ip6_hdr) + plen) {
693 if (m->m_len == m->m_pkthdr.len) {
694 m->m_len = sizeof(struct ip6_hdr) + plen;
695 m->m_pkthdr.len = sizeof(struct ip6_hdr) + plen;
696 } else
697 m_adj(m, sizeof(struct ip6_hdr) + plen - m->m_pkthdr.len);
698 }
699
700 /*
701 * Forward if desirable.
702 */
703 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
704 /*
705 * If we are acting as a multicast router, all
706 * incoming multicast packets are passed to the
707 * kernel-level multicast forwarding function.
708 * The packet is returned (relatively) intact; if
709 * ip6_mforward() returns a non-zero value, the packet
710 * must be discarded, else it may be accepted below.
711 */
712 if (ip6_mrouter && ip6_mforward(ip6, m->m_pkthdr.rcvif, m)) {
713 IP6_STATINC(IP6_STAT_CANTFORWARD);
714 m_freem(m);
715 return;
716 }
717 if (!ours) {
718 m_freem(m);
719 return;
720 }
721 } else if (!ours) {
722 ip6_forward(m, srcrt);
723 return;
724 }
725
726 ip6 = mtod(m, struct ip6_hdr *);
727
728 /*
729 * Malicious party may be able to use IPv4 mapped addr to confuse
730 * tcp/udp stack and bypass security checks (act as if it was from
731 * 127.0.0.1 by using IPv6 src ::ffff:127.0.0.1). Be cautious.
732 *
733 * For SIIT end node behavior, you may want to disable the check.
734 * However, you will become vulnerable to attacks using IPv4 mapped
735 * source.
736 */
737 if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) ||
738 IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) {
739 IP6_STATINC(IP6_STAT_BADSCOPE);
740 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr);
741 goto bad;
742 }
743
744 /*
745 * Tell launch routine the next header
746 */
747 #ifdef IFA_STATS
748 if (deliverifp != NULL) {
749 struct in6_ifaddr *ia6;
750 ia6 = in6_ifawithifp(deliverifp, &ip6->ip6_dst);
751 if (ia6)
752 ia6->ia_ifa.ifa_data.ifad_inbytes += m->m_pkthdr.len;
753 }
754 #endif
755 IP6_STATINC(IP6_STAT_DELIVERED);
756 in6_ifstat_inc(deliverifp, ifs6_in_deliver);
757 nest = 0;
758
759 rh_present = 0;
760 while (nxt != IPPROTO_DONE) {
761 if (ip6_hdrnestlimit && (++nest > ip6_hdrnestlimit)) {
762 IP6_STATINC(IP6_STAT_TOOMANYHDR);
763 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr);
764 goto bad;
765 }
766
767 /*
768 * protection against faulty packet - there should be
769 * more sanity checks in header chain processing.
770 */
771 if (m->m_pkthdr.len < off) {
772 IP6_STATINC(IP6_STAT_TOOSHORT);
773 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_truncated);
774 goto bad;
775 }
776
777 if (nxt == IPPROTO_ROUTING) {
778 if (rh_present++) {
779 in6_ifstat_inc(m->m_pkthdr.rcvif,
780 ifs6_in_hdrerr);
781 IP6_STATINC(IP6_STAT_BADOPTIONS);
782 goto bad;
783 }
784 }
785
786 #ifdef IPSEC
787 /*
788 * enforce IPsec policy checking if we are seeing last header.
789 * note that we do not visit this with protocols with pcb layer
790 * code - like udp/tcp/raw ip.
791 */
792 if ((inet6sw[ip6_protox[nxt]].pr_flags & PR_LASTHDR) != 0 &&
793 ipsec6_in_reject(m, NULL)) {
794 IPSEC6_STATINC(IPSEC_STAT_IN_POLVIO);
795 goto bad;
796 }
797 #endif
798 #ifdef FAST_IPSEC
799 /*
800 * enforce IPsec policy checking if we are seeing last header.
801 * note that we do not visit this with protocols with pcb layer
802 * code - like udp/tcp/raw ip.
803 */
804 if ((inet6sw[ip_protox[nxt]].pr_flags & PR_LASTHDR) != 0) {
805 /*
806 * Check if the packet has already had IPsec processing
807 * done. If so, then just pass it along. This tag gets
808 * set during AH, ESP, etc. input handling, before the
809 * packet is returned to the ip input queue for delivery.
810 */
811 mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL);
812 s = splsoftnet();
813 if (mtag != NULL) {
814 tdbi = (struct tdb_ident *)(mtag + 1);
815 sp = ipsec_getpolicy(tdbi, IPSEC_DIR_INBOUND);
816 } else {
817 sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND,
818 IP_FORWARDING, &error);
819 }
820 if (sp != NULL) {
821 /*
822 * Check security policy against packet attributes.
823 */
824 error = ipsec_in_reject(sp, m);
825 KEY_FREESP(&sp);
826 } else {
827 /* XXX error stat??? */
828 error = EINVAL;
829 DPRINTF(("ip6_input: no SP, packet discarded\n"));/*XXX*/
830 }
831 splx(s);
832 if (error)
833 goto bad;
834 }
835 #endif /* FAST_IPSEC */
836
837
838 nxt = (*inet6sw[ip6_protox[nxt]].pr_input)(&m, &off, nxt);
839 }
840 return;
841 bad:
842 m_freem(m);
843 }
844
845 /*
846 * set/grab in6_ifaddr correspond to IPv6 destination address.
847 */
848 static struct m_tag *
849 ip6_setdstifaddr(struct mbuf *m, const struct in6_ifaddr *ia)
850 {
851 struct m_tag *mtag;
852
853 mtag = ip6_addaux(m);
854 if (mtag != NULL) {
855 struct ip6aux *ip6a;
856
857 ip6a = (struct ip6aux *)(mtag + 1);
858 in6_setscope(&ip6a->ip6a_src, ia->ia_ifp, &ip6a->ip6a_scope_id);
859 ip6a->ip6a_src = ia->ia_addr.sin6_addr;
860 ip6a->ip6a_flags = ia->ia6_flags;
861 }
862 return mtag; /* NULL if failed to set */
863 }
864
865 const struct ip6aux *
866 ip6_getdstifaddr(struct mbuf *m)
867 {
868 struct m_tag *mtag;
869
870 mtag = ip6_findaux(m);
871 if (mtag != NULL)
872 return (struct ip6aux *)(mtag + 1);
873 else
874 return NULL;
875 }
876
877 /*
878 * Hop-by-Hop options header processing. If a valid jumbo payload option is
879 * included, the real payload length will be stored in plenp.
880 *
881 * rtalertp - XXX: should be stored more smart way
882 */
883 static int
884 ip6_hopopts_input(u_int32_t *plenp, u_int32_t *rtalertp,
885 struct mbuf **mp, int *offp)
886 {
887 struct mbuf *m = *mp;
888 int off = *offp, hbhlen;
889 struct ip6_hbh *hbh;
890
891 /* validation of the length of the header */
892 IP6_EXTHDR_GET(hbh, struct ip6_hbh *, m,
893 sizeof(struct ip6_hdr), sizeof(struct ip6_hbh));
894 if (hbh == NULL) {
895 IP6_STATINC(IP6_STAT_TOOSHORT);
896 return -1;
897 }
898 hbhlen = (hbh->ip6h_len + 1) << 3;
899 IP6_EXTHDR_GET(hbh, struct ip6_hbh *, m, sizeof(struct ip6_hdr),
900 hbhlen);
901 if (hbh == NULL) {
902 IP6_STATINC(IP6_STAT_TOOSHORT);
903 return -1;
904 }
905 KASSERT(IP6_HDR_ALIGNED_P(hbh));
906 off += hbhlen;
907 hbhlen -= sizeof(struct ip6_hbh);
908
909 if (ip6_process_hopopts(m, (u_int8_t *)hbh + sizeof(struct ip6_hbh),
910 hbhlen, rtalertp, plenp) < 0)
911 return (-1);
912
913 *offp = off;
914 *mp = m;
915 return (0);
916 }
917
918 /*
919 * Search header for all Hop-by-hop options and process each option.
920 * This function is separate from ip6_hopopts_input() in order to
921 * handle a case where the sending node itself process its hop-by-hop
922 * options header. In such a case, the function is called from ip6_output().
923 *
924 * The function assumes that hbh header is located right after the IPv6 header
925 * (RFC2460 p7), opthead is pointer into data content in m, and opthead to
926 * opthead + hbhlen is located in continuous memory region.
927 */
928 int
929 ip6_process_hopopts(struct mbuf *m, u_int8_t *opthead, int hbhlen,
930 u_int32_t *rtalertp, u_int32_t *plenp)
931 {
932 struct ip6_hdr *ip6;
933 int optlen = 0;
934 u_int8_t *opt = opthead;
935 u_int16_t rtalert_val;
936 u_int32_t jumboplen;
937 const int erroff = sizeof(struct ip6_hdr) + sizeof(struct ip6_hbh);
938
939 for (; hbhlen > 0; hbhlen -= optlen, opt += optlen) {
940 switch (*opt) {
941 case IP6OPT_PAD1:
942 optlen = 1;
943 break;
944 case IP6OPT_PADN:
945 if (hbhlen < IP6OPT_MINLEN) {
946 IP6_STATINC(IP6_STAT_TOOSMALL);
947 goto bad;
948 }
949 optlen = *(opt + 1) + 2;
950 break;
951 case IP6OPT_RTALERT:
952 /* XXX may need check for alignment */
953 if (hbhlen < IP6OPT_RTALERT_LEN) {
954 IP6_STATINC(IP6_STAT_TOOSMALL);
955 goto bad;
956 }
957 if (*(opt + 1) != IP6OPT_RTALERT_LEN - 2) {
958 /* XXX stat */
959 icmp6_error(m, ICMP6_PARAM_PROB,
960 ICMP6_PARAMPROB_HEADER,
961 erroff + opt + 1 - opthead);
962 return (-1);
963 }
964 optlen = IP6OPT_RTALERT_LEN;
965 memcpy((void *)&rtalert_val, (void *)(opt + 2), 2);
966 *rtalertp = ntohs(rtalert_val);
967 break;
968 case IP6OPT_JUMBO:
969 /* XXX may need check for alignment */
970 if (hbhlen < IP6OPT_JUMBO_LEN) {
971 IP6_STATINC(IP6_STAT_TOOSMALL);
972 goto bad;
973 }
974 if (*(opt + 1) != IP6OPT_JUMBO_LEN - 2) {
975 /* XXX stat */
976 icmp6_error(m, ICMP6_PARAM_PROB,
977 ICMP6_PARAMPROB_HEADER,
978 erroff + opt + 1 - opthead);
979 return (-1);
980 }
981 optlen = IP6OPT_JUMBO_LEN;
982
983 /*
984 * IPv6 packets that have non 0 payload length
985 * must not contain a jumbo payload option.
986 */
987 ip6 = mtod(m, struct ip6_hdr *);
988 if (ip6->ip6_plen) {
989 IP6_STATINC(IP6_STAT_BADOPTIONS);
990 icmp6_error(m, ICMP6_PARAM_PROB,
991 ICMP6_PARAMPROB_HEADER,
992 erroff + opt - opthead);
993 return (-1);
994 }
995
996 /*
997 * We may see jumbolen in unaligned location, so
998 * we'd need to perform bcopy().
999 */
1000 memcpy(&jumboplen, opt + 2, sizeof(jumboplen));
1001 jumboplen = (u_int32_t)htonl(jumboplen);
1002
1003 #if 1
1004 /*
1005 * if there are multiple jumbo payload options,
1006 * *plenp will be non-zero and the packet will be
1007 * rejected.
1008 * the behavior may need some debate in ipngwg -
1009 * multiple options does not make sense, however,
1010 * there's no explicit mention in specification.
1011 */
1012 if (*plenp != 0) {
1013 IP6_STATINC(IP6_STAT_BADOPTIONS);
1014 icmp6_error(m, ICMP6_PARAM_PROB,
1015 ICMP6_PARAMPROB_HEADER,
1016 erroff + opt + 2 - opthead);
1017 return (-1);
1018 }
1019 #endif
1020
1021 /*
1022 * jumbo payload length must be larger than 65535.
1023 */
1024 if (jumboplen <= IPV6_MAXPACKET) {
1025 IP6_STATINC(IP6_STAT_BADOPTIONS);
1026 icmp6_error(m, ICMP6_PARAM_PROB,
1027 ICMP6_PARAMPROB_HEADER,
1028 erroff + opt + 2 - opthead);
1029 return (-1);
1030 }
1031 *plenp = jumboplen;
1032
1033 break;
1034 default: /* unknown option */
1035 if (hbhlen < IP6OPT_MINLEN) {
1036 IP6_STATINC(IP6_STAT_TOOSMALL);
1037 goto bad;
1038 }
1039 optlen = ip6_unknown_opt(opt, m,
1040 erroff + opt - opthead);
1041 if (optlen == -1)
1042 return (-1);
1043 optlen += 2;
1044 break;
1045 }
1046 }
1047
1048 return (0);
1049
1050 bad:
1051 m_freem(m);
1052 return (-1);
1053 }
1054
1055 /*
1056 * Unknown option processing.
1057 * The third argument `off' is the offset from the IPv6 header to the option,
1058 * which is necessary if the IPv6 header the and option header and IPv6 header
1059 * is not continuous in order to return an ICMPv6 error.
1060 */
1061 int
1062 ip6_unknown_opt(u_int8_t *optp, struct mbuf *m, int off)
1063 {
1064 struct ip6_hdr *ip6;
1065
1066 switch (IP6OPT_TYPE(*optp)) {
1067 case IP6OPT_TYPE_SKIP: /* ignore the option */
1068 return ((int)*(optp + 1));
1069 case IP6OPT_TYPE_DISCARD: /* silently discard */
1070 m_freem(m);
1071 return (-1);
1072 case IP6OPT_TYPE_FORCEICMP: /* send ICMP even if multicasted */
1073 IP6_STATINC(IP6_STAT_BADOPTIONS);
1074 icmp6_error(m, ICMP6_PARAM_PROB, ICMP6_PARAMPROB_OPTION, off);
1075 return (-1);
1076 case IP6OPT_TYPE_ICMP: /* send ICMP if not multicasted */
1077 IP6_STATINC(IP6_STAT_BADOPTIONS);
1078 ip6 = mtod(m, struct ip6_hdr *);
1079 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) ||
1080 (m->m_flags & (M_BCAST|M_MCAST)))
1081 m_freem(m);
1082 else
1083 icmp6_error(m, ICMP6_PARAM_PROB,
1084 ICMP6_PARAMPROB_OPTION, off);
1085 return (-1);
1086 }
1087
1088 m_freem(m); /* XXX: NOTREACHED */
1089 return (-1);
1090 }
1091
1092 /*
1093 * Create the "control" list for this pcb.
1094 *
1095 * The routine will be called from upper layer handlers like tcp6_input().
1096 * Thus the routine assumes that the caller (tcp6_input) have already
1097 * called IP6_EXTHDR_CHECK() and all the extension headers are located in the
1098 * very first mbuf on the mbuf chain.
1099 * We may want to add some infinite loop prevention or sanity checks for safety.
1100 * (This applies only when you are using KAME mbuf chain restriction, i.e.
1101 * you are using IP6_EXTHDR_CHECK() not m_pulldown())
1102 */
1103 void
1104 ip6_savecontrol(struct in6pcb *in6p, struct mbuf **mp,
1105 struct ip6_hdr *ip6, struct mbuf *m)
1106 {
1107 #ifdef RFC2292
1108 #define IS2292(x, y) ((in6p->in6p_flags & IN6P_RFC2292) ? (x) : (y))
1109 #else
1110 #define IS2292(x, y) (y)
1111 #endif
1112
1113 if (in6p->in6p_socket->so_options & SO_TIMESTAMP
1114 #ifdef SO_OTIMESTAMP
1115 || in6p->in6p_socket->so_options & SO_OTIMESTAMP
1116 #endif
1117 ) {
1118 struct timeval tv;
1119
1120 microtime(&tv);
1121 #ifdef SO_OTIMESTAMP
1122 if (in6p->in6p_socket->so_options & SO_OTIMESTAMP) {
1123 struct timeval50 tv50;
1124 timeval_to_timeval50(&tv, &tv50);
1125 *mp = sbcreatecontrol((void *) &tv50, sizeof(tv50),
1126 SCM_OTIMESTAMP, SOL_SOCKET);
1127 } else
1128 #endif
1129 *mp = sbcreatecontrol((void *) &tv, sizeof(tv),
1130 SCM_TIMESTAMP, SOL_SOCKET);
1131 if (*mp)
1132 mp = &(*mp)->m_next;
1133 }
1134
1135 /* some OSes call this logic with IPv4 packet, for SO_TIMESTAMP */
1136 if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION)
1137 return;
1138
1139 /* RFC 2292 sec. 5 */
1140 if ((in6p->in6p_flags & IN6P_PKTINFO) != 0) {
1141 struct in6_pktinfo pi6;
1142
1143 memcpy(&pi6.ipi6_addr, &ip6->ip6_dst, sizeof(struct in6_addr));
1144 in6_clearscope(&pi6.ipi6_addr); /* XXX */
1145 pi6.ipi6_ifindex = m->m_pkthdr.rcvif ?
1146 m->m_pkthdr.rcvif->if_index : 0;
1147 *mp = sbcreatecontrol((void *) &pi6,
1148 sizeof(struct in6_pktinfo),
1149 IS2292(IPV6_2292PKTINFO, IPV6_PKTINFO), IPPROTO_IPV6);
1150 if (*mp)
1151 mp = &(*mp)->m_next;
1152 }
1153
1154 if (in6p->in6p_flags & IN6P_HOPLIMIT) {
1155 int hlim = ip6->ip6_hlim & 0xff;
1156
1157 *mp = sbcreatecontrol((void *) &hlim, sizeof(int),
1158 IS2292(IPV6_2292HOPLIMIT, IPV6_HOPLIMIT), IPPROTO_IPV6);
1159 if (*mp)
1160 mp = &(*mp)->m_next;
1161 }
1162
1163 if ((in6p->in6p_flags & IN6P_TCLASS) != 0) {
1164 u_int32_t flowinfo;
1165 int tclass;
1166
1167 flowinfo = (u_int32_t)ntohl(ip6->ip6_flow & IPV6_FLOWINFO_MASK);
1168 flowinfo >>= 20;
1169
1170 tclass = flowinfo & 0xff;
1171 *mp = sbcreatecontrol((void *)&tclass, sizeof(tclass),
1172 IPV6_TCLASS, IPPROTO_IPV6);
1173
1174 if (*mp)
1175 mp = &(*mp)->m_next;
1176 }
1177
1178 /*
1179 * IPV6_HOPOPTS socket option. Recall that we required super-user
1180 * privilege for the option (see ip6_ctloutput), but it might be too
1181 * strict, since there might be some hop-by-hop options which can be
1182 * returned to normal user.
1183 * See also RFC3542 section 8 (or RFC2292 section 6).
1184 */
1185 if ((in6p->in6p_flags & IN6P_HOPOPTS) != 0) {
1186 /*
1187 * Check if a hop-by-hop options header is contatined in the
1188 * received packet, and if so, store the options as ancillary
1189 * data. Note that a hop-by-hop options header must be
1190 * just after the IPv6 header, which fact is assured through
1191 * the IPv6 input processing.
1192 */
1193 struct ip6_hdr *xip6 = mtod(m, struct ip6_hdr *);
1194 if (xip6->ip6_nxt == IPPROTO_HOPOPTS) {
1195 struct ip6_hbh *hbh;
1196 int hbhlen;
1197 struct mbuf *ext;
1198
1199 ext = ip6_pullexthdr(m, sizeof(struct ip6_hdr),
1200 xip6->ip6_nxt);
1201 if (ext == NULL) {
1202 IP6_STATINC(IP6_STAT_TOOSHORT);
1203 return;
1204 }
1205 hbh = mtod(ext, struct ip6_hbh *);
1206 hbhlen = (hbh->ip6h_len + 1) << 3;
1207 if (hbhlen != ext->m_len) {
1208 m_freem(ext);
1209 IP6_STATINC(IP6_STAT_TOOSHORT);
1210 return;
1211 }
1212
1213 /*
1214 * XXX: We copy whole the header even if a jumbo
1215 * payload option is included, which option is to
1216 * be removed before returning in the RFC 2292.
1217 * Note: this constraint is removed in RFC3542.
1218 */
1219 *mp = sbcreatecontrol((void *)hbh, hbhlen,
1220 IS2292(IPV6_2292HOPOPTS, IPV6_HOPOPTS),
1221 IPPROTO_IPV6);
1222 if (*mp)
1223 mp = &(*mp)->m_next;
1224 m_freem(ext);
1225 }
1226 }
1227
1228 /* IPV6_DSTOPTS and IPV6_RTHDR socket options */
1229 if (in6p->in6p_flags & (IN6P_DSTOPTS | IN6P_RTHDR)) {
1230 struct ip6_hdr *xip6 = mtod(m, struct ip6_hdr *);
1231 int nxt = xip6->ip6_nxt, off = sizeof(struct ip6_hdr);
1232
1233 /*
1234 * Search for destination options headers or routing
1235 * header(s) through the header chain, and stores each
1236 * header as ancillary data.
1237 * Note that the order of the headers remains in
1238 * the chain of ancillary data.
1239 */
1240 for (;;) { /* is explicit loop prevention necessary? */
1241 struct ip6_ext *ip6e = NULL;
1242 int elen;
1243 struct mbuf *ext = NULL;
1244
1245 /*
1246 * if it is not an extension header, don't try to
1247 * pull it from the chain.
1248 */
1249 switch (nxt) {
1250 case IPPROTO_DSTOPTS:
1251 case IPPROTO_ROUTING:
1252 case IPPROTO_HOPOPTS:
1253 case IPPROTO_AH: /* is it possible? */
1254 break;
1255 default:
1256 goto loopend;
1257 }
1258
1259 ext = ip6_pullexthdr(m, off, nxt);
1260 if (ext == NULL) {
1261 IP6_STATINC(IP6_STAT_TOOSHORT);
1262 return;
1263 }
1264 ip6e = mtod(ext, struct ip6_ext *);
1265 if (nxt == IPPROTO_AH)
1266 elen = (ip6e->ip6e_len + 2) << 2;
1267 else
1268 elen = (ip6e->ip6e_len + 1) << 3;
1269 if (elen != ext->m_len) {
1270 m_freem(ext);
1271 IP6_STATINC(IP6_STAT_TOOSHORT);
1272 return;
1273 }
1274 KASSERT(IP6_HDR_ALIGNED_P(ip6e));
1275
1276 switch (nxt) {
1277 case IPPROTO_DSTOPTS:
1278 if (!(in6p->in6p_flags & IN6P_DSTOPTS))
1279 break;
1280
1281 *mp = sbcreatecontrol((void *)ip6e, elen,
1282 IS2292(IPV6_2292DSTOPTS, IPV6_DSTOPTS),
1283 IPPROTO_IPV6);
1284 if (*mp)
1285 mp = &(*mp)->m_next;
1286 break;
1287
1288 case IPPROTO_ROUTING:
1289 if (!(in6p->in6p_flags & IN6P_RTHDR))
1290 break;
1291
1292 *mp = sbcreatecontrol((void *)ip6e, elen,
1293 IS2292(IPV6_2292RTHDR, IPV6_RTHDR),
1294 IPPROTO_IPV6);
1295 if (*mp)
1296 mp = &(*mp)->m_next;
1297 break;
1298
1299 case IPPROTO_HOPOPTS:
1300 case IPPROTO_AH: /* is it possible? */
1301 break;
1302
1303 default:
1304 /*
1305 * other cases have been filtered in the above.
1306 * none will visit this case. here we supply
1307 * the code just in case (nxt overwritten or
1308 * other cases).
1309 */
1310 m_freem(ext);
1311 goto loopend;
1312
1313 }
1314
1315 /* proceed with the next header. */
1316 off += elen;
1317 nxt = ip6e->ip6e_nxt;
1318 ip6e = NULL;
1319 m_freem(ext);
1320 ext = NULL;
1321 }
1322 loopend:
1323 ;
1324 }
1325 }
1326 #undef IS2292
1327
1328
1329 void
1330 ip6_notify_pmtu(struct in6pcb *in6p, const struct sockaddr_in6 *dst,
1331 uint32_t *mtu)
1332 {
1333 struct socket *so;
1334 struct mbuf *m_mtu;
1335 struct ip6_mtuinfo mtuctl;
1336
1337 so = in6p->in6p_socket;
1338
1339 if (mtu == NULL)
1340 return;
1341
1342 #ifdef DIAGNOSTIC
1343 if (so == NULL) /* I believe this is impossible */
1344 panic("ip6_notify_pmtu: socket is NULL");
1345 #endif
1346
1347 memset(&mtuctl, 0, sizeof(mtuctl)); /* zero-clear for safety */
1348 mtuctl.ip6m_mtu = *mtu;
1349 mtuctl.ip6m_addr = *dst;
1350 if (sa6_recoverscope(&mtuctl.ip6m_addr))
1351 return;
1352
1353 if ((m_mtu = sbcreatecontrol((void *)&mtuctl, sizeof(mtuctl),
1354 IPV6_PATHMTU, IPPROTO_IPV6)) == NULL)
1355 return;
1356
1357 if (sbappendaddr(&so->so_rcv, (const struct sockaddr *)dst, NULL, m_mtu)
1358 == 0) {
1359 m_freem(m_mtu);
1360 /* XXX: should count statistics */
1361 } else
1362 sorwakeup(so);
1363
1364 return;
1365 }
1366
1367 /*
1368 * pull single extension header from mbuf chain. returns single mbuf that
1369 * contains the result, or NULL on error.
1370 */
1371 static struct mbuf *
1372 ip6_pullexthdr(struct mbuf *m, size_t off, int nxt)
1373 {
1374 struct ip6_ext ip6e;
1375 size_t elen;
1376 struct mbuf *n;
1377
1378 #ifdef DIAGNOSTIC
1379 switch (nxt) {
1380 case IPPROTO_DSTOPTS:
1381 case IPPROTO_ROUTING:
1382 case IPPROTO_HOPOPTS:
1383 case IPPROTO_AH: /* is it possible? */
1384 break;
1385 default:
1386 printf("ip6_pullexthdr: invalid nxt=%d\n", nxt);
1387 }
1388 #endif
1389
1390 m_copydata(m, off, sizeof(ip6e), (void *)&ip6e);
1391 if (nxt == IPPROTO_AH)
1392 elen = (ip6e.ip6e_len + 2) << 2;
1393 else
1394 elen = (ip6e.ip6e_len + 1) << 3;
1395
1396 MGET(n, M_DONTWAIT, MT_DATA);
1397 if (n && elen >= MLEN) {
1398 MCLGET(n, M_DONTWAIT);
1399 if ((n->m_flags & M_EXT) == 0) {
1400 m_free(n);
1401 n = NULL;
1402 }
1403 }
1404 if (!n)
1405 return NULL;
1406
1407 n->m_len = 0;
1408 if (elen >= M_TRAILINGSPACE(n)) {
1409 m_free(n);
1410 return NULL;
1411 }
1412
1413 m_copydata(m, off, elen, mtod(n, void *));
1414 n->m_len = elen;
1415 return n;
1416 }
1417
1418 /*
1419 * Get pointer to the previous header followed by the header
1420 * currently processed.
1421 * XXX: This function supposes that
1422 * M includes all headers,
1423 * the next header field and the header length field of each header
1424 * are valid, and
1425 * the sum of each header length equals to OFF.
1426 * Because of these assumptions, this function must be called very
1427 * carefully. Moreover, it will not be used in the near future when
1428 * we develop `neater' mechanism to process extension headers.
1429 */
1430 u_int8_t *
1431 ip6_get_prevhdr(struct mbuf *m, int off)
1432 {
1433 struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
1434
1435 if (off == sizeof(struct ip6_hdr))
1436 return (&ip6->ip6_nxt);
1437 else {
1438 int len, nxt;
1439 struct ip6_ext *ip6e = NULL;
1440
1441 nxt = ip6->ip6_nxt;
1442 len = sizeof(struct ip6_hdr);
1443 while (len < off) {
1444 ip6e = (struct ip6_ext *)(mtod(m, char *) + len);
1445
1446 switch (nxt) {
1447 case IPPROTO_FRAGMENT:
1448 len += sizeof(struct ip6_frag);
1449 break;
1450 case IPPROTO_AH:
1451 len += (ip6e->ip6e_len + 2) << 2;
1452 break;
1453 default:
1454 len += (ip6e->ip6e_len + 1) << 3;
1455 break;
1456 }
1457 nxt = ip6e->ip6e_nxt;
1458 }
1459 if (ip6e)
1460 return (&ip6e->ip6e_nxt);
1461 else
1462 return NULL;
1463 }
1464 }
1465
1466 /*
1467 * get next header offset. m will be retained.
1468 */
1469 int
1470 ip6_nexthdr(struct mbuf *m, int off, int proto, int *nxtp)
1471 {
1472 struct ip6_hdr ip6;
1473 struct ip6_ext ip6e;
1474 struct ip6_frag fh;
1475
1476 /* just in case */
1477 if (m == NULL)
1478 panic("ip6_nexthdr: m == NULL");
1479 if ((m->m_flags & M_PKTHDR) == 0 || m->m_pkthdr.len < off)
1480 return -1;
1481
1482 switch (proto) {
1483 case IPPROTO_IPV6:
1484 /* do not chase beyond intermediate IPv6 headers */
1485 if (off != 0)
1486 return -1;
1487 if (m->m_pkthdr.len < off + sizeof(ip6))
1488 return -1;
1489 m_copydata(m, off, sizeof(ip6), (void *)&ip6);
1490 if (nxtp)
1491 *nxtp = ip6.ip6_nxt;
1492 off += sizeof(ip6);
1493 return off;
1494
1495 case IPPROTO_FRAGMENT:
1496 /*
1497 * terminate parsing if it is not the first fragment,
1498 * it does not make sense to parse through it.
1499 */
1500 if (m->m_pkthdr.len < off + sizeof(fh))
1501 return -1;
1502 m_copydata(m, off, sizeof(fh), (void *)&fh);
1503 if ((fh.ip6f_offlg & IP6F_OFF_MASK) != 0)
1504 return -1;
1505 if (nxtp)
1506 *nxtp = fh.ip6f_nxt;
1507 off += sizeof(struct ip6_frag);
1508 return off;
1509
1510 case IPPROTO_AH:
1511 if (m->m_pkthdr.len < off + sizeof(ip6e))
1512 return -1;
1513 m_copydata(m, off, sizeof(ip6e), (void *)&ip6e);
1514 if (nxtp)
1515 *nxtp = ip6e.ip6e_nxt;
1516 off += (ip6e.ip6e_len + 2) << 2;
1517 if (m->m_pkthdr.len < off)
1518 return -1;
1519 return off;
1520
1521 case IPPROTO_HOPOPTS:
1522 case IPPROTO_ROUTING:
1523 case IPPROTO_DSTOPTS:
1524 if (m->m_pkthdr.len < off + sizeof(ip6e))
1525 return -1;
1526 m_copydata(m, off, sizeof(ip6e), (void *)&ip6e);
1527 if (nxtp)
1528 *nxtp = ip6e.ip6e_nxt;
1529 off += (ip6e.ip6e_len + 1) << 3;
1530 if (m->m_pkthdr.len < off)
1531 return -1;
1532 return off;
1533
1534 case IPPROTO_NONE:
1535 case IPPROTO_ESP:
1536 case IPPROTO_IPCOMP:
1537 /* give up */
1538 return -1;
1539
1540 default:
1541 return -1;
1542 }
1543 }
1544
1545 /*
1546 * get offset for the last header in the chain. m will be kept untainted.
1547 */
1548 int
1549 ip6_lasthdr(struct mbuf *m, int off, int proto, int *nxtp)
1550 {
1551 int newoff;
1552 int nxt;
1553
1554 if (!nxtp) {
1555 nxt = -1;
1556 nxtp = &nxt;
1557 }
1558 for (;;) {
1559 newoff = ip6_nexthdr(m, off, proto, nxtp);
1560 if (newoff < 0)
1561 return off;
1562 else if (newoff < off)
1563 return -1; /* invalid */
1564 else if (newoff == off)
1565 return newoff;
1566
1567 off = newoff;
1568 proto = *nxtp;
1569 }
1570 }
1571
1572 struct m_tag *
1573 ip6_addaux(struct mbuf *m)
1574 {
1575 struct m_tag *mtag;
1576
1577 mtag = m_tag_find(m, PACKET_TAG_INET6, NULL);
1578 if (!mtag) {
1579 mtag = m_tag_get(PACKET_TAG_INET6, sizeof(struct ip6aux),
1580 M_NOWAIT);
1581 if (mtag) {
1582 m_tag_prepend(m, mtag);
1583 memset(mtag + 1, 0, sizeof(struct ip6aux));
1584 }
1585 }
1586 return mtag;
1587 }
1588
1589 struct m_tag *
1590 ip6_findaux(struct mbuf *m)
1591 {
1592 struct m_tag *mtag;
1593
1594 mtag = m_tag_find(m, PACKET_TAG_INET6, NULL);
1595 return mtag;
1596 }
1597
1598 void
1599 ip6_delaux(struct mbuf *m)
1600 {
1601 struct m_tag *mtag;
1602
1603 mtag = m_tag_find(m, PACKET_TAG_INET6, NULL);
1604 if (mtag)
1605 m_tag_delete(m, mtag);
1606 }
1607
1608 #ifdef GATEWAY
1609 /*
1610 * sysctl helper routine for net.inet.ip6.maxflows. Since
1611 * we could reduce this value, call ip6flow_reap();
1612 */
1613 static int
1614 sysctl_net_inet6_ip6_maxflows(SYSCTLFN_ARGS)
1615 {
1616 int error;
1617
1618 error = sysctl_lookup(SYSCTLFN_CALL(rnode));
1619 if (error || newp == NULL)
1620 return (error);
1621
1622 mutex_enter(softnet_lock);
1623 KERNEL_LOCK(1, NULL);
1624
1625 ip6flow_reap(0);
1626
1627 KERNEL_UNLOCK_ONE(NULL);
1628 mutex_exit(softnet_lock);
1629
1630 return (0);
1631 }
1632
1633 static int
1634 sysctl_net_inet6_ip6_hashsize(SYSCTLFN_ARGS)
1635 {
1636 int error, tmp;
1637 struct sysctlnode node;
1638
1639 node = *rnode;
1640 tmp = ip6_hashsize;
1641 node.sysctl_data = &tmp;
1642 error = sysctl_lookup(SYSCTLFN_CALL(&node));
1643 if (error || newp == NULL)
1644 return (error);
1645
1646 if ((tmp & (tmp - 1)) == 0 && tmp != 0) {
1647 /*
1648 * Can only fail due to malloc()
1649 */
1650 mutex_enter(softnet_lock);
1651 KERNEL_LOCK(1, NULL);
1652
1653 error = ip6flow_invalidate_all(tmp);
1654
1655 KERNEL_UNLOCK_ONE(NULL);
1656 mutex_exit(softnet_lock);
1657 } else {
1658 /*
1659 * EINVAL if not a power of 2
1660 */
1661 error = EINVAL;
1662 }
1663
1664 return error;
1665 }
1666 #endif /* GATEWAY */
1667
1668 /*
1669 * System control for IP6
1670 */
1671
1672 const u_char inet6ctlerrmap[PRC_NCMDS] = {
1673 0, 0, 0, 0,
1674 0, EMSGSIZE, EHOSTDOWN, EHOSTUNREACH,
1675 EHOSTUNREACH, EHOSTUNREACH, ECONNREFUSED, ECONNREFUSED,
1676 EMSGSIZE, EHOSTUNREACH, 0, 0,
1677 0, 0, 0, 0,
1678 ENOPROTOOPT
1679 };
1680
1681 static int
1682 sysctl_net_inet6_ip6_stats(SYSCTLFN_ARGS)
1683 {
1684
1685 return (NETSTAT_SYSCTL(ip6stat_percpu, IP6_NSTATS));
1686 }
1687
1688 static void
1689 sysctl_net_inet6_ip6_setup(struct sysctllog **clog)
1690 {
1691 #ifdef RFC2292
1692 #define IS2292(x, y) ((in6p->in6p_flags & IN6P_RFC2292) ? (x) : (y))
1693 #else
1694 #define IS2292(x, y) (y)
1695 #endif
1696
1697 sysctl_createv(clog, 0, NULL, NULL,
1698 CTLFLAG_PERMANENT,
1699 CTLTYPE_NODE, "net", NULL,
1700 NULL, 0, NULL, 0,
1701 CTL_NET, CTL_EOL);
1702 sysctl_createv(clog, 0, NULL, NULL,
1703 CTLFLAG_PERMANENT,
1704 CTLTYPE_NODE, "inet6",
1705 SYSCTL_DESCR("PF_INET6 related settings"),
1706 NULL, 0, NULL, 0,
1707 CTL_NET, PF_INET6, CTL_EOL);
1708 sysctl_createv(clog, 0, NULL, NULL,
1709 CTLFLAG_PERMANENT,
1710 CTLTYPE_NODE, "ip6",
1711 SYSCTL_DESCR("IPv6 related settings"),
1712 NULL, 0, NULL, 0,
1713 CTL_NET, PF_INET6, IPPROTO_IPV6, CTL_EOL);
1714
1715 sysctl_createv(clog, 0, NULL, NULL,
1716 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1717 CTLTYPE_INT, "forwarding",
1718 SYSCTL_DESCR("Enable forwarding of INET6 datagrams"),
1719 NULL, 0, &ip6_forwarding, 0,
1720 CTL_NET, PF_INET6, IPPROTO_IPV6,
1721 IPV6CTL_FORWARDING, CTL_EOL);
1722 sysctl_createv(clog, 0, NULL, NULL,
1723 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1724 CTLTYPE_INT, "redirect",
1725 SYSCTL_DESCR("Enable sending of ICMPv6 redirect messages"),
1726 NULL, 0, &ip6_sendredirects, 0,
1727 CTL_NET, PF_INET6, IPPROTO_IPV6,
1728 IPV6CTL_SENDREDIRECTS, CTL_EOL);
1729 sysctl_createv(clog, 0, NULL, NULL,
1730 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1731 CTLTYPE_INT, "hlim",
1732 SYSCTL_DESCR("Hop limit for an INET6 datagram"),
1733 NULL, 0, &ip6_defhlim, 0,
1734 CTL_NET, PF_INET6, IPPROTO_IPV6,
1735 IPV6CTL_DEFHLIM, CTL_EOL);
1736 #ifdef notyet
1737 sysctl_createv(clog, 0, NULL, NULL,
1738 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1739 CTLTYPE_INT, "mtu", NULL,
1740 NULL, 0, &, 0,
1741 CTL_NET, PF_INET6, IPPROTO_IPV6,
1742 IPV6CTL_DEFMTU, CTL_EOL);
1743 #endif
1744 #ifdef __no_idea__
1745 sysctl_createv(clog, 0, NULL, NULL,
1746 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1747 CTLTYPE_INT, "forwsrcrt", NULL,
1748 NULL, 0, &?, 0,
1749 CTL_NET, PF_INET6, IPPROTO_IPV6,
1750 IPV6CTL_FORWSRCRT, CTL_EOL);
1751 sysctl_createv(clog, 0, NULL, NULL,
1752 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1753 CTLTYPE_STRUCT, "mrtstats", NULL,
1754 NULL, 0, &?, sizeof(?),
1755 CTL_NET, PF_INET6, IPPROTO_IPV6,
1756 IPV6CTL_MRTSTATS, CTL_EOL);
1757 sysctl_createv(clog, 0, NULL, NULL,
1758 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1759 CTLTYPE_?, "mrtproto", NULL,
1760 NULL, 0, &?, sizeof(?),
1761 CTL_NET, PF_INET6, IPPROTO_IPV6,
1762 IPV6CTL_MRTPROTO, CTL_EOL);
1763 #endif
1764 sysctl_createv(clog, 0, NULL, NULL,
1765 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1766 CTLTYPE_INT, "maxfragpackets",
1767 SYSCTL_DESCR("Maximum number of fragments to buffer "
1768 "for reassembly"),
1769 NULL, 0, &ip6_maxfragpackets, 0,
1770 CTL_NET, PF_INET6, IPPROTO_IPV6,
1771 IPV6CTL_MAXFRAGPACKETS, CTL_EOL);
1772 #ifdef __no_idea__
1773 sysctl_createv(clog, 0, NULL, NULL,
1774 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1775 CTLTYPE_INT, "sourcecheck", NULL,
1776 NULL, 0, &?, 0,
1777 CTL_NET, PF_INET6, IPPROTO_IPV6,
1778 IPV6CTL_SOURCECHECK, CTL_EOL);
1779 sysctl_createv(clog, 0, NULL, NULL,
1780 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1781 CTLTYPE_INT, "sourcecheck_logint", NULL,
1782 NULL, 0, &?, 0,
1783 CTL_NET, PF_INET6, IPPROTO_IPV6,
1784 IPV6CTL_SOURCECHECK_LOGINT, CTL_EOL);
1785 #endif
1786 sysctl_createv(clog, 0, NULL, NULL,
1787 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1788 CTLTYPE_INT, "accept_rtadv",
1789 SYSCTL_DESCR("Accept router advertisements"),
1790 NULL, 0, &ip6_accept_rtadv, 0,
1791 CTL_NET, PF_INET6, IPPROTO_IPV6,
1792 IPV6CTL_ACCEPT_RTADV, CTL_EOL);
1793 sysctl_createv(clog, 0, NULL, NULL,
1794 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1795 CTLTYPE_INT, "keepfaith",
1796 SYSCTL_DESCR("Activate faith interface"),
1797 NULL, 0, &ip6_keepfaith, 0,
1798 CTL_NET, PF_INET6, IPPROTO_IPV6,
1799 IPV6CTL_KEEPFAITH, CTL_EOL);
1800 sysctl_createv(clog, 0, NULL, NULL,
1801 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1802 CTLTYPE_INT, "log_interval",
1803 SYSCTL_DESCR("Minumum interval between logging "
1804 "unroutable packets"),
1805 NULL, 0, &ip6_log_interval, 0,
1806 CTL_NET, PF_INET6, IPPROTO_IPV6,
1807 IPV6CTL_LOG_INTERVAL, CTL_EOL);
1808 sysctl_createv(clog, 0, NULL, NULL,
1809 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1810 CTLTYPE_INT, "hdrnestlimit",
1811 SYSCTL_DESCR("Maximum number of nested IPv6 headers"),
1812 NULL, 0, &ip6_hdrnestlimit, 0,
1813 CTL_NET, PF_INET6, IPPROTO_IPV6,
1814 IPV6CTL_HDRNESTLIMIT, CTL_EOL);
1815 sysctl_createv(clog, 0, NULL, NULL,
1816 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1817 CTLTYPE_INT, "dad_count",
1818 SYSCTL_DESCR("Number of Duplicate Address Detection "
1819 "probes to send"),
1820 NULL, 0, &ip6_dad_count, 0,
1821 CTL_NET, PF_INET6, IPPROTO_IPV6,
1822 IPV6CTL_DAD_COUNT, CTL_EOL);
1823 sysctl_createv(clog, 0, NULL, NULL,
1824 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1825 CTLTYPE_INT, "auto_flowlabel",
1826 SYSCTL_DESCR("Assign random IPv6 flow labels"),
1827 NULL, 0, &ip6_auto_flowlabel, 0,
1828 CTL_NET, PF_INET6, IPPROTO_IPV6,
1829 IPV6CTL_AUTO_FLOWLABEL, CTL_EOL);
1830 sysctl_createv(clog, 0, NULL, NULL,
1831 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1832 CTLTYPE_INT, "defmcasthlim",
1833 SYSCTL_DESCR("Default multicast hop limit"),
1834 NULL, 0, &ip6_defmcasthlim, 0,
1835 CTL_NET, PF_INET6, IPPROTO_IPV6,
1836 IPV6CTL_DEFMCASTHLIM, CTL_EOL);
1837 #if NGIF > 0
1838 sysctl_createv(clog, 0, NULL, NULL,
1839 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1840 CTLTYPE_INT, "gifhlim",
1841 SYSCTL_DESCR("Default hop limit for a gif tunnel datagram"),
1842 NULL, 0, &ip6_gif_hlim, 0,
1843 CTL_NET, PF_INET6, IPPROTO_IPV6,
1844 IPV6CTL_GIF_HLIM, CTL_EOL);
1845 #endif /* NGIF */
1846 sysctl_createv(clog, 0, NULL, NULL,
1847 CTLFLAG_PERMANENT,
1848 CTLTYPE_STRING, "kame_version",
1849 SYSCTL_DESCR("KAME Version"),
1850 NULL, 0, __UNCONST(__KAME_VERSION), 0,
1851 CTL_NET, PF_INET6, IPPROTO_IPV6,
1852 IPV6CTL_KAME_VERSION, CTL_EOL);
1853 sysctl_createv(clog, 0, NULL, NULL,
1854 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1855 CTLTYPE_INT, "use_deprecated",
1856 SYSCTL_DESCR("Allow use of deprecated addresses as "
1857 "source addresses"),
1858 NULL, 0, &ip6_use_deprecated, 0,
1859 CTL_NET, PF_INET6, IPPROTO_IPV6,
1860 IPV6CTL_USE_DEPRECATED, CTL_EOL);
1861 sysctl_createv(clog, 0, NULL, NULL,
1862 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1863 CTLTYPE_INT, "rr_prune", NULL,
1864 NULL, 0, &ip6_rr_prune, 0,
1865 CTL_NET, PF_INET6, IPPROTO_IPV6,
1866 IPV6CTL_RR_PRUNE, CTL_EOL);
1867 sysctl_createv(clog, 0, NULL, NULL,
1868 CTLFLAG_PERMANENT
1869 #ifndef INET6_BINDV6ONLY
1870 |CTLFLAG_READWRITE,
1871 #endif
1872 CTLTYPE_INT, "v6only",
1873 SYSCTL_DESCR("Disallow PF_INET6 sockets from connecting "
1874 "to PF_INET sockets"),
1875 NULL, 0, &ip6_v6only, 0,
1876 CTL_NET, PF_INET6, IPPROTO_IPV6,
1877 IPV6CTL_V6ONLY, CTL_EOL);
1878 sysctl_createv(clog, 0, NULL, NULL,
1879 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1880 CTLTYPE_INT, "anonportmin",
1881 SYSCTL_DESCR("Lowest ephemeral port number to assign"),
1882 sysctl_net_inet_ip_ports, 0, &ip6_anonportmin, 0,
1883 CTL_NET, PF_INET6, IPPROTO_IPV6,
1884 IPV6CTL_ANONPORTMIN, CTL_EOL);
1885 sysctl_createv(clog, 0, NULL, NULL,
1886 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1887 CTLTYPE_INT, "anonportmax",
1888 SYSCTL_DESCR("Highest ephemeral port number to assign"),
1889 sysctl_net_inet_ip_ports, 0, &ip6_anonportmax, 0,
1890 CTL_NET, PF_INET6, IPPROTO_IPV6,
1891 IPV6CTL_ANONPORTMAX, CTL_EOL);
1892 #ifndef IPNOPRIVPORTS
1893 sysctl_createv(clog, 0, NULL, NULL,
1894 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1895 CTLTYPE_INT, "lowportmin",
1896 SYSCTL_DESCR("Lowest privileged ephemeral port number "
1897 "to assign"),
1898 sysctl_net_inet_ip_ports, 0, &ip6_lowportmin, 0,
1899 CTL_NET, PF_INET6, IPPROTO_IPV6,
1900 IPV6CTL_LOWPORTMIN, CTL_EOL);
1901 sysctl_createv(clog, 0, NULL, NULL,
1902 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1903 CTLTYPE_INT, "lowportmax",
1904 SYSCTL_DESCR("Highest privileged ephemeral port number "
1905 "to assign"),
1906 sysctl_net_inet_ip_ports, 0, &ip6_lowportmax, 0,
1907 CTL_NET, PF_INET6, IPPROTO_IPV6,
1908 IPV6CTL_LOWPORTMAX, CTL_EOL);
1909 #endif /* IPNOPRIVPORTS */
1910 sysctl_createv(clog, 0, NULL, NULL,
1911 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1912 CTLTYPE_INT, "use_tempaddr",
1913 SYSCTL_DESCR("Use temporary address"),
1914 NULL, 0, &ip6_use_tempaddr, 0,
1915 CTL_NET, PF_INET6, IPPROTO_IPV6,
1916 CTL_CREATE, CTL_EOL);
1917 sysctl_createv(clog, 0, NULL, NULL,
1918 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1919 CTLTYPE_INT, "temppltime",
1920 SYSCTL_DESCR("preferred lifetime of a temporary address"),
1921 NULL, 0, &ip6_temp_preferred_lifetime, 0,
1922 CTL_NET, PF_INET6, IPPROTO_IPV6,
1923 CTL_CREATE, CTL_EOL);
1924 sysctl_createv(clog, 0, NULL, NULL,
1925 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1926 CTLTYPE_INT, "tempvltime",
1927 SYSCTL_DESCR("valid lifetime of a temporary address"),
1928 NULL, 0, &ip6_temp_valid_lifetime, 0,
1929 CTL_NET, PF_INET6, IPPROTO_IPV6,
1930 CTL_CREATE, CTL_EOL);
1931 sysctl_createv(clog, 0, NULL, NULL,
1932 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1933 CTLTYPE_INT, "maxfrags",
1934 SYSCTL_DESCR("Maximum fragments in reassembly queue"),
1935 NULL, 0, &ip6_maxfrags, 0,
1936 CTL_NET, PF_INET6, IPPROTO_IPV6,
1937 IPV6CTL_MAXFRAGS, CTL_EOL);
1938 sysctl_createv(clog, 0, NULL, NULL,
1939 CTLFLAG_PERMANENT,
1940 CTLTYPE_STRUCT, "stats",
1941 SYSCTL_DESCR("IPv6 statistics"),
1942 sysctl_net_inet6_ip6_stats, 0, NULL, 0,
1943 CTL_NET, PF_INET6, IPPROTO_IPV6,
1944 IPV6CTL_STATS, CTL_EOL);
1945 sysctl_createv(clog, 0, NULL, NULL,
1946 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1947 CTLTYPE_INT, "use_defaultzone",
1948 SYSCTL_DESCR("Whether to use the default scope zones"),
1949 NULL, 0, &ip6_use_defzone, 0,
1950 CTL_NET, PF_INET6, IPPROTO_IPV6,
1951 IPV6CTL_USE_DEFAULTZONE, CTL_EOL);
1952 sysctl_createv(clog, 0, NULL, NULL,
1953 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1954 CTLTYPE_INT, "mcast_pmtu",
1955 SYSCTL_DESCR("Enable pMTU discovery for multicast packet"),
1956 NULL, 0, &ip6_mcast_pmtu, 0,
1957 CTL_NET, PF_INET6, IPPROTO_IPV6,
1958 CTL_CREATE, CTL_EOL);
1959 #ifdef GATEWAY
1960 sysctl_createv(clog, 0, NULL, NULL,
1961 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1962 CTLTYPE_INT, "maxflows",
1963 SYSCTL_DESCR("Number of flows for fast forwarding (IPv6)"),
1964 sysctl_net_inet6_ip6_maxflows, 0, &ip6_maxflows, 0,
1965 CTL_NET, PF_INET6, IPPROTO_IPV6,
1966 CTL_CREATE, CTL_EOL);
1967 sysctl_createv(clog, 0, NULL, NULL,
1968 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1969 CTLTYPE_INT, "hashsize",
1970 SYSCTL_DESCR("Size of hash table for fast forwarding (IPv6)"),
1971 sysctl_net_inet6_ip6_hashsize, 0, &ip6_hashsize, 0,
1972 CTL_NET, PF_INET6, IPPROTO_IPV6,
1973 CTL_CREATE, CTL_EOL);
1974 #endif
1975 }
1976
1977 void
1978 ip6_statinc(u_int stat)
1979 {
1980
1981 KASSERT(stat < IP6_NSTATS);
1982 IP6_STATINC(stat);
1983 }
NetBSD on the FriendlyARM MINI2440