| 1 | /* $NetBSD: scope6.c,v 1.15 2016/08/12 11:44:24 christos Exp $ */ |
| 2 | /* $KAME$ */ |
| 3 | |
| 4 | /*- |
| 5 | * Copyright (C) 2000 WIDE Project. |
| 6 | * All rights reserved. |
| 7 | * |
| 8 | * Redistribution and use in source and binary forms, with or without |
| 9 | * modification, are permitted provided that the following conditions |
| 10 | * are met: |
| 11 | * 1. Redistributions of source code must retain the above copyright |
| 12 | * notice, this list of conditions and the following disclaimer. |
| 13 | * 2. Redistributions in binary form must reproduce the above copyright |
| 14 | * notice, this list of conditions and the following disclaimer in the |
| 15 | * documentation and/or other materials provided with the distribution. |
| 16 | * 3. Neither the name of the project nor the names of its contributors |
| 17 | * may be used to endorse or promote products derived from this software |
| 18 | * without specific prior written permission. |
| 19 | * |
| 20 | * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND |
| 21 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| 22 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| 23 | * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE |
| 24 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
| 25 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
| 26 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
| 27 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
| 28 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
| 29 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
| 30 | * SUCH DAMAGE. |
| 31 | */ |
| 32 | |
| 33 | #include <sys/cdefs.h> |
| 34 | __KERNEL_RCSID(0, "$NetBSD: scope6.c,v 1.15 2016/08/12 11:44:24 christos Exp $" ); |
| 35 | |
| 36 | #include <sys/param.h> |
| 37 | #include <sys/malloc.h> |
| 38 | #include <sys/mbuf.h> |
| 39 | #include <sys/socket.h> |
| 40 | #include <sys/systm.h> |
| 41 | #include <sys/queue.h> |
| 42 | #include <sys/syslog.h> |
| 43 | |
| 44 | #include <net/if.h> |
| 45 | |
| 46 | #include <netinet/in.h> |
| 47 | |
| 48 | #include <netinet6/in6_var.h> |
| 49 | #include <netinet6/scope6_var.h> |
| 50 | |
| 51 | #ifdef ENABLE_DEFAULT_SCOPE |
| 52 | int ip6_use_defzone = 1; |
| 53 | #else |
| 54 | int ip6_use_defzone = 0; |
| 55 | #endif |
| 56 | |
| 57 | static struct scope6_id sid_default; |
| 58 | #define SID(ifp) \ |
| 59 | ((ifp)->if_afdata[AF_INET6] == NULL ? NULL : \ |
| 60 | ((struct in6_ifextra *)(ifp)->if_afdata[AF_INET6])->scope6_id) |
| 61 | |
| 62 | void |
| 63 | scope6_init(void) |
| 64 | { |
| 65 | |
| 66 | memset(&sid_default, 0, sizeof(sid_default)); |
| 67 | } |
| 68 | |
| 69 | struct scope6_id * |
| 70 | scope6_ifattach(struct ifnet *ifp) |
| 71 | { |
| 72 | struct scope6_id *sid; |
| 73 | |
| 74 | sid = (struct scope6_id *)malloc(sizeof(*sid), M_IFADDR, M_WAITOK); |
| 75 | memset(sid, 0, sizeof(*sid)); |
| 76 | |
| 77 | /* |
| 78 | * XXX: IPV6_ADDR_SCOPE_xxx macros are not standard. |
| 79 | * Should we rather hardcode here? |
| 80 | */ |
| 81 | sid->s6id_list[IPV6_ADDR_SCOPE_INTFACELOCAL] = ifp->if_index; |
| 82 | sid->s6id_list[IPV6_ADDR_SCOPE_LINKLOCAL] = ifp->if_index; |
| 83 | #ifdef MULTI_SCOPE |
| 84 | /* by default, we don't care about scope boundary for these scopes. */ |
| 85 | sid->s6id_list[IPV6_ADDR_SCOPE_SITELOCAL] = 1; |
| 86 | sid->s6id_list[IPV6_ADDR_SCOPE_ORGLOCAL] = 1; |
| 87 | #endif |
| 88 | |
| 89 | return sid; |
| 90 | } |
| 91 | |
| 92 | void |
| 93 | scope6_ifdetach(struct scope6_id *sid) |
| 94 | { |
| 95 | |
| 96 | free(sid, M_IFADDR); |
| 97 | } |
| 98 | |
| 99 | int |
| 100 | scope6_set(struct ifnet *ifp, const struct scope6_id *idlist) |
| 101 | { |
| 102 | int i; |
| 103 | int error = 0; |
| 104 | struct scope6_id *sid = SID(ifp); |
| 105 | |
| 106 | if (!sid) /* paranoid? */ |
| 107 | return (EINVAL); |
| 108 | |
| 109 | /* |
| 110 | * XXX: We need more consistency checks of the relationship among |
| 111 | * scopes (e.g. an organization should be larger than a site). |
| 112 | */ |
| 113 | |
| 114 | /* |
| 115 | * TODO(XXX): after setting, we should reflect the changes to |
| 116 | * interface addresses, routing table entries, PCB entries... |
| 117 | */ |
| 118 | |
| 119 | for (i = 0; i < 16; i++) { |
| 120 | if (idlist->s6id_list[i] && |
| 121 | idlist->s6id_list[i] != sid->s6id_list[i]) { |
| 122 | int s; |
| 123 | /* |
| 124 | * An interface zone ID must be the corresponding |
| 125 | * interface index by definition. |
| 126 | */ |
| 127 | if (i == IPV6_ADDR_SCOPE_INTFACELOCAL && |
| 128 | idlist->s6id_list[i] != ifp->if_index) |
| 129 | return (EINVAL); |
| 130 | |
| 131 | s = pserialize_read_enter(); |
| 132 | if (i == IPV6_ADDR_SCOPE_LINKLOCAL && |
| 133 | !if_byindex(idlist->s6id_list[i])) { |
| 134 | /* |
| 135 | * XXX: theoretically, there should be no |
| 136 | * relationship between link IDs and interface |
| 137 | * IDs, but we check the consistency for |
| 138 | * safety in later use. |
| 139 | */ |
| 140 | pserialize_read_exit(s); |
| 141 | return (EINVAL); |
| 142 | } |
| 143 | pserialize_read_exit(s); |
| 144 | |
| 145 | /* |
| 146 | * XXX: we must need lots of work in this case, |
| 147 | * but we simply set the new value in this initial |
| 148 | * implementation. |
| 149 | */ |
| 150 | sid->s6id_list[i] = idlist->s6id_list[i]; |
| 151 | } |
| 152 | } |
| 153 | |
| 154 | return (error); |
| 155 | } |
| 156 | |
| 157 | int |
| 158 | scope6_get(const struct ifnet *ifp, struct scope6_id *idlist) |
| 159 | { |
| 160 | /* We only need to lock the interface's afdata for SID() to work. */ |
| 161 | const struct scope6_id *sid = SID(ifp); |
| 162 | |
| 163 | if (sid == NULL) /* paranoid? */ |
| 164 | return EINVAL; |
| 165 | |
| 166 | *idlist = *sid; |
| 167 | |
| 168 | return 0; |
| 169 | } |
| 170 | |
| 171 | /* |
| 172 | * Get a scope of the address. Interface-local, link-local, site-local |
| 173 | * or global. |
| 174 | */ |
| 175 | int |
| 176 | in6_addrscope(const struct in6_addr *addr) |
| 177 | { |
| 178 | int scope; |
| 179 | |
| 180 | if (addr->s6_addr[0] == 0xfe) { |
| 181 | scope = addr->s6_addr[1] & 0xc0; |
| 182 | |
| 183 | switch (scope) { |
| 184 | case 0x80: |
| 185 | return IPV6_ADDR_SCOPE_LINKLOCAL; |
| 186 | case 0xc0: |
| 187 | return IPV6_ADDR_SCOPE_SITELOCAL; |
| 188 | default: |
| 189 | return IPV6_ADDR_SCOPE_GLOBAL; /* just in case */ |
| 190 | } |
| 191 | } |
| 192 | |
| 193 | |
| 194 | if (addr->s6_addr[0] == 0xff) { |
| 195 | scope = addr->s6_addr[1] & 0x0f; |
| 196 | |
| 197 | /* |
| 198 | * due to other scope such as reserved, |
| 199 | * return scope doesn't work. |
| 200 | */ |
| 201 | switch (scope) { |
| 202 | case IPV6_ADDR_SCOPE_INTFACELOCAL: |
| 203 | return IPV6_ADDR_SCOPE_INTFACELOCAL; |
| 204 | case IPV6_ADDR_SCOPE_LINKLOCAL: |
| 205 | return IPV6_ADDR_SCOPE_LINKLOCAL; |
| 206 | case IPV6_ADDR_SCOPE_SITELOCAL: |
| 207 | return IPV6_ADDR_SCOPE_SITELOCAL; |
| 208 | default: |
| 209 | return IPV6_ADDR_SCOPE_GLOBAL; |
| 210 | } |
| 211 | } |
| 212 | |
| 213 | if (memcmp(&in6addr_loopback, addr, sizeof(*addr) - 1) == 0) { |
| 214 | if (addr->s6_addr[15] == 1) /* loopback */ |
| 215 | return IPV6_ADDR_SCOPE_LINKLOCAL; |
| 216 | if (addr->s6_addr[15] == 0) { |
| 217 | /* |
| 218 | * Regard the unspecified addresses as global, |
| 219 | * since it has no ambiguity. |
| 220 | * XXX: not sure if it's correct... |
| 221 | */ |
| 222 | return IPV6_ADDR_SCOPE_GLOBAL; |
| 223 | } |
| 224 | } |
| 225 | |
| 226 | return IPV6_ADDR_SCOPE_GLOBAL; |
| 227 | } |
| 228 | |
| 229 | /* note that ifp argument might be NULL */ |
| 230 | void |
| 231 | scope6_setdefault(struct ifnet *ifp) |
| 232 | { |
| 233 | |
| 234 | /* |
| 235 | * Currently, this function just sets the default "interfaces" |
| 236 | * and "links" according to the given interface. |
| 237 | * We might eventually have to separate the notion of "link" from |
| 238 | * "interface" and provide a user interface to set the default. |
| 239 | */ |
| 240 | if (ifp) { |
| 241 | sid_default.s6id_list[IPV6_ADDR_SCOPE_INTFACELOCAL] = |
| 242 | ifp->if_index; |
| 243 | sid_default.s6id_list[IPV6_ADDR_SCOPE_LINKLOCAL] = |
| 244 | ifp->if_index; |
| 245 | } else { |
| 246 | sid_default.s6id_list[IPV6_ADDR_SCOPE_INTFACELOCAL] = 0; |
| 247 | sid_default.s6id_list[IPV6_ADDR_SCOPE_LINKLOCAL] = 0; |
| 248 | } |
| 249 | } |
| 250 | |
| 251 | int |
| 252 | scope6_get_default(struct scope6_id *idlist) |
| 253 | { |
| 254 | |
| 255 | *idlist = sid_default; |
| 256 | |
| 257 | return (0); |
| 258 | } |
| 259 | |
| 260 | uint32_t |
| 261 | scope6_addr2default(const struct in6_addr *addr) |
| 262 | { |
| 263 | uint32_t id; |
| 264 | |
| 265 | /* |
| 266 | * special case: The loopback address should be considered as |
| 267 | * link-local, but there's no ambiguity in the syntax. |
| 268 | */ |
| 269 | if (IN6_IS_ADDR_LOOPBACK(addr)) |
| 270 | return (0); |
| 271 | |
| 272 | /* |
| 273 | * XXX: 32-bit read is atomic on all our platforms, is it OK |
| 274 | * not to lock here? |
| 275 | */ |
| 276 | id = sid_default.s6id_list[in6_addrscope(addr)]; |
| 277 | |
| 278 | return (id); |
| 279 | } |
| 280 | |
| 281 | /* |
| 282 | * Validate the specified scope zone ID in the sin6_scope_id field. If the ID |
| 283 | * is unspecified (=0), needs to be specified, and the default zone ID can be |
| 284 | * used, the default value will be used. |
| 285 | * This routine then generates the kernel-internal form: if the address scope |
| 286 | * of is interface-local or link-local, embed the interface index in the |
| 287 | * address. |
| 288 | */ |
| 289 | int |
| 290 | sa6_embedscope(struct sockaddr_in6 *sin6, int defaultok) |
| 291 | { |
| 292 | struct ifnet *ifp; |
| 293 | uint32_t zoneid; |
| 294 | |
| 295 | if ((zoneid = sin6->sin6_scope_id) == 0 && defaultok) |
| 296 | zoneid = scope6_addr2default(&sin6->sin6_addr); |
| 297 | |
| 298 | if (zoneid != 0 && |
| 299 | (IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr) || |
| 300 | IN6_IS_ADDR_MC_INTFACELOCAL(&sin6->sin6_addr))) { |
| 301 | int s; |
| 302 | /* |
| 303 | * At this moment, we only check interface-local and |
| 304 | * link-local scope IDs, and use interface indices as the |
| 305 | * zone IDs assuming a one-to-one mapping between interfaces |
| 306 | * and links. |
| 307 | */ |
| 308 | s = pserialize_read_enter(); |
| 309 | ifp = if_byindex(zoneid); |
| 310 | if (ifp == NULL) { |
| 311 | pserialize_read_exit(s); |
| 312 | return (ENXIO); |
| 313 | } |
| 314 | pserialize_read_exit(s); |
| 315 | |
| 316 | /* XXX assignment to 16bit from 32bit variable */ |
| 317 | sin6->sin6_addr.s6_addr16[1] = htons(zoneid & 0xffff); |
| 318 | |
| 319 | sin6->sin6_scope_id = 0; |
| 320 | } |
| 321 | |
| 322 | return 0; |
| 323 | } |
| 324 | |
| 325 | struct sockaddr * |
| 326 | sockaddr_in6_externalize(struct sockaddr *dst, socklen_t socklen, |
| 327 | const struct sockaddr *src) |
| 328 | { |
| 329 | struct sockaddr_in6 *sin6; |
| 330 | |
| 331 | sin6 = satosin6(sockaddr_copy(dst, socklen, src)); |
| 332 | |
| 333 | if (sin6 == NULL || sa6_recoverscope(sin6) != 0) |
| 334 | return NULL; |
| 335 | |
| 336 | return dst; |
| 337 | } |
| 338 | |
| 339 | /* |
| 340 | * generate standard sockaddr_in6 from embedded form. |
| 341 | */ |
| 342 | int |
| 343 | sa6_recoverscope(struct sockaddr_in6 *sin6) |
| 344 | { |
| 345 | uint32_t zoneid; |
| 346 | |
| 347 | if (sin6->sin6_scope_id != 0) { |
| 348 | log(LOG_NOTICE, |
| 349 | "sa6_recoverscope: assumption failure (non 0 ID): %s%%%d\n" , |
| 350 | ip6_sprintf(&sin6->sin6_addr), sin6->sin6_scope_id); |
| 351 | /* XXX: proceed anyway... */ |
| 352 | } |
| 353 | if (IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr) || |
| 354 | IN6_IS_ADDR_MC_INTFACELOCAL(&sin6->sin6_addr)) { |
| 355 | /* |
| 356 | * KAME assumption: link id == interface id |
| 357 | */ |
| 358 | zoneid = ntohs(sin6->sin6_addr.s6_addr16[1]); |
| 359 | if (zoneid) { |
| 360 | int s = pserialize_read_enter(); |
| 361 | if (!if_byindex(zoneid)) { |
| 362 | pserialize_read_exit(s); |
| 363 | return (ENXIO); |
| 364 | } |
| 365 | pserialize_read_exit(s); |
| 366 | sin6->sin6_addr.s6_addr16[1] = 0; |
| 367 | sin6->sin6_scope_id = zoneid; |
| 368 | } |
| 369 | } |
| 370 | |
| 371 | return 0; |
| 372 | } |
| 373 | |
| 374 | int |
| 375 | in6_setzoneid(struct in6_addr *in6, uint32_t zoneid) |
| 376 | { |
| 377 | if (IN6_IS_SCOPE_EMBEDDABLE(in6)) |
| 378 | in6->s6_addr16[1] = htons(zoneid & 0xffff); /* XXX */ |
| 379 | |
| 380 | return 0; |
| 381 | } |
| 382 | |
| 383 | /* |
| 384 | * Determine the appropriate scope zone ID for in6 and ifp. If ret_id is |
| 385 | * non NULL, it is set to the zone ID. If the zone ID needs to be embedded |
| 386 | * in the in6_addr structure, in6 will be modified. |
| 387 | */ |
| 388 | int |
| 389 | in6_setscope(struct in6_addr *in6, const struct ifnet *ifp, uint32_t *ret_id) |
| 390 | { |
| 391 | int scope; |
| 392 | uint32_t zoneid = 0; |
| 393 | const struct scope6_id *sid = SID(ifp); |
| 394 | |
| 395 | if (sid == NULL) |
| 396 | return EINVAL; |
| 397 | |
| 398 | /* |
| 399 | * special case: the loopback address can only belong to a loopback |
| 400 | * interface. |
| 401 | */ |
| 402 | if (IN6_IS_ADDR_LOOPBACK(in6)) { |
| 403 | if (!(ifp->if_flags & IFF_LOOPBACK)) |
| 404 | return (EINVAL); |
| 405 | else { |
| 406 | if (ret_id != NULL) |
| 407 | *ret_id = 0; /* there's no ambiguity */ |
| 408 | return (0); |
| 409 | } |
| 410 | } |
| 411 | |
| 412 | scope = in6_addrscope(in6); |
| 413 | |
| 414 | switch (scope) { |
| 415 | case IPV6_ADDR_SCOPE_INTFACELOCAL: /* should be interface index */ |
| 416 | zoneid = sid->s6id_list[IPV6_ADDR_SCOPE_INTFACELOCAL]; |
| 417 | break; |
| 418 | |
| 419 | case IPV6_ADDR_SCOPE_LINKLOCAL: |
| 420 | zoneid = sid->s6id_list[IPV6_ADDR_SCOPE_LINKLOCAL]; |
| 421 | break; |
| 422 | |
| 423 | case IPV6_ADDR_SCOPE_SITELOCAL: |
| 424 | zoneid = sid->s6id_list[IPV6_ADDR_SCOPE_SITELOCAL]; |
| 425 | break; |
| 426 | |
| 427 | case IPV6_ADDR_SCOPE_ORGLOCAL: |
| 428 | zoneid = sid->s6id_list[IPV6_ADDR_SCOPE_ORGLOCAL]; |
| 429 | break; |
| 430 | |
| 431 | default: |
| 432 | zoneid = 0; /* XXX: treat as global. */ |
| 433 | break; |
| 434 | } |
| 435 | |
| 436 | if (ret_id != NULL) |
| 437 | *ret_id = zoneid; |
| 438 | |
| 439 | return in6_setzoneid(in6, zoneid); |
| 440 | } |
| 441 | |
| 442 | const char * |
| 443 | in6_getscopename(const struct in6_addr *addr) |
| 444 | { |
| 445 | switch (in6_addrscope(addr)) { |
| 446 | case IPV6_ADDR_SCOPE_INTFACELOCAL: return "interface" ; |
| 447 | #if IPV6_ADDR_SCOPE_INTFACELOCAL != IPV6_ADDR_SCOPE_NODELOCAL |
| 448 | case IPV6_ADDR_SCOPE_NODELOCAL: return "node" ; |
| 449 | #endif |
| 450 | case IPV6_ADDR_SCOPE_LINKLOCAL: return "link" ; |
| 451 | case IPV6_ADDR_SCOPE_SITELOCAL: return "site" ; |
| 452 | case IPV6_ADDR_SCOPE_ORGLOCAL: return "organization" ; |
| 453 | case IPV6_ADDR_SCOPE_GLOBAL: return "global" ; |
| 454 | default: return "unknown" ; |
| 455 | } |
| 456 | } |
| 457 | |
| 458 | /* |
| 459 | * Just clear the embedded scope identifier. Return 0 if the original address |
| 460 | * is intact; return non 0 if the address is modified. |
| 461 | */ |
| 462 | int |
| 463 | in6_clearscope(struct in6_addr *in6) |
| 464 | { |
| 465 | int modified = 0; |
| 466 | |
| 467 | if (IN6_IS_SCOPE_LINKLOCAL(in6) || IN6_IS_ADDR_MC_INTFACELOCAL(in6)) { |
| 468 | if (in6->s6_addr16[1] != 0) |
| 469 | modified = 1; |
| 470 | in6->s6_addr16[1] = 0; |
| 471 | } |
| 472 | |
| 473 | return (modified); |
| 474 | } |
| 475 | |