1 | /* $NetBSD: scope6.c,v 1.15 2016/08/12 11:44:24 christos Exp $ */ |
2 | /* $KAME$ */ |
3 | |
4 | /*- |
5 | * Copyright (C) 2000 WIDE Project. |
6 | * All rights reserved. |
7 | * |
8 | * Redistribution and use in source and binary forms, with or without |
9 | * modification, are permitted provided that the following conditions |
10 | * are met: |
11 | * 1. Redistributions of source code must retain the above copyright |
12 | * notice, this list of conditions and the following disclaimer. |
13 | * 2. Redistributions in binary form must reproduce the above copyright |
14 | * notice, this list of conditions and the following disclaimer in the |
15 | * documentation and/or other materials provided with the distribution. |
16 | * 3. Neither the name of the project nor the names of its contributors |
17 | * may be used to endorse or promote products derived from this software |
18 | * without specific prior written permission. |
19 | * |
20 | * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND |
21 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
22 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
23 | * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE |
24 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
25 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
26 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
27 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
28 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
29 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
30 | * SUCH DAMAGE. |
31 | */ |
32 | |
33 | #include <sys/cdefs.h> |
34 | __KERNEL_RCSID(0, "$NetBSD: scope6.c,v 1.15 2016/08/12 11:44:24 christos Exp $" ); |
35 | |
36 | #include <sys/param.h> |
37 | #include <sys/malloc.h> |
38 | #include <sys/mbuf.h> |
39 | #include <sys/socket.h> |
40 | #include <sys/systm.h> |
41 | #include <sys/queue.h> |
42 | #include <sys/syslog.h> |
43 | |
44 | #include <net/if.h> |
45 | |
46 | #include <netinet/in.h> |
47 | |
48 | #include <netinet6/in6_var.h> |
49 | #include <netinet6/scope6_var.h> |
50 | |
51 | #ifdef ENABLE_DEFAULT_SCOPE |
52 | int ip6_use_defzone = 1; |
53 | #else |
54 | int ip6_use_defzone = 0; |
55 | #endif |
56 | |
57 | static struct scope6_id sid_default; |
58 | #define SID(ifp) \ |
59 | ((ifp)->if_afdata[AF_INET6] == NULL ? NULL : \ |
60 | ((struct in6_ifextra *)(ifp)->if_afdata[AF_INET6])->scope6_id) |
61 | |
62 | void |
63 | scope6_init(void) |
64 | { |
65 | |
66 | memset(&sid_default, 0, sizeof(sid_default)); |
67 | } |
68 | |
69 | struct scope6_id * |
70 | scope6_ifattach(struct ifnet *ifp) |
71 | { |
72 | struct scope6_id *sid; |
73 | |
74 | sid = (struct scope6_id *)malloc(sizeof(*sid), M_IFADDR, M_WAITOK); |
75 | memset(sid, 0, sizeof(*sid)); |
76 | |
77 | /* |
78 | * XXX: IPV6_ADDR_SCOPE_xxx macros are not standard. |
79 | * Should we rather hardcode here? |
80 | */ |
81 | sid->s6id_list[IPV6_ADDR_SCOPE_INTFACELOCAL] = ifp->if_index; |
82 | sid->s6id_list[IPV6_ADDR_SCOPE_LINKLOCAL] = ifp->if_index; |
83 | #ifdef MULTI_SCOPE |
84 | /* by default, we don't care about scope boundary for these scopes. */ |
85 | sid->s6id_list[IPV6_ADDR_SCOPE_SITELOCAL] = 1; |
86 | sid->s6id_list[IPV6_ADDR_SCOPE_ORGLOCAL] = 1; |
87 | #endif |
88 | |
89 | return sid; |
90 | } |
91 | |
92 | void |
93 | scope6_ifdetach(struct scope6_id *sid) |
94 | { |
95 | |
96 | free(sid, M_IFADDR); |
97 | } |
98 | |
99 | int |
100 | scope6_set(struct ifnet *ifp, const struct scope6_id *idlist) |
101 | { |
102 | int i; |
103 | int error = 0; |
104 | struct scope6_id *sid = SID(ifp); |
105 | |
106 | if (!sid) /* paranoid? */ |
107 | return (EINVAL); |
108 | |
109 | /* |
110 | * XXX: We need more consistency checks of the relationship among |
111 | * scopes (e.g. an organization should be larger than a site). |
112 | */ |
113 | |
114 | /* |
115 | * TODO(XXX): after setting, we should reflect the changes to |
116 | * interface addresses, routing table entries, PCB entries... |
117 | */ |
118 | |
119 | for (i = 0; i < 16; i++) { |
120 | if (idlist->s6id_list[i] && |
121 | idlist->s6id_list[i] != sid->s6id_list[i]) { |
122 | int s; |
123 | /* |
124 | * An interface zone ID must be the corresponding |
125 | * interface index by definition. |
126 | */ |
127 | if (i == IPV6_ADDR_SCOPE_INTFACELOCAL && |
128 | idlist->s6id_list[i] != ifp->if_index) |
129 | return (EINVAL); |
130 | |
131 | s = pserialize_read_enter(); |
132 | if (i == IPV6_ADDR_SCOPE_LINKLOCAL && |
133 | !if_byindex(idlist->s6id_list[i])) { |
134 | /* |
135 | * XXX: theoretically, there should be no |
136 | * relationship between link IDs and interface |
137 | * IDs, but we check the consistency for |
138 | * safety in later use. |
139 | */ |
140 | pserialize_read_exit(s); |
141 | return (EINVAL); |
142 | } |
143 | pserialize_read_exit(s); |
144 | |
145 | /* |
146 | * XXX: we must need lots of work in this case, |
147 | * but we simply set the new value in this initial |
148 | * implementation. |
149 | */ |
150 | sid->s6id_list[i] = idlist->s6id_list[i]; |
151 | } |
152 | } |
153 | |
154 | return (error); |
155 | } |
156 | |
157 | int |
158 | scope6_get(const struct ifnet *ifp, struct scope6_id *idlist) |
159 | { |
160 | /* We only need to lock the interface's afdata for SID() to work. */ |
161 | const struct scope6_id *sid = SID(ifp); |
162 | |
163 | if (sid == NULL) /* paranoid? */ |
164 | return EINVAL; |
165 | |
166 | *idlist = *sid; |
167 | |
168 | return 0; |
169 | } |
170 | |
171 | /* |
172 | * Get a scope of the address. Interface-local, link-local, site-local |
173 | * or global. |
174 | */ |
175 | int |
176 | in6_addrscope(const struct in6_addr *addr) |
177 | { |
178 | int scope; |
179 | |
180 | if (addr->s6_addr[0] == 0xfe) { |
181 | scope = addr->s6_addr[1] & 0xc0; |
182 | |
183 | switch (scope) { |
184 | case 0x80: |
185 | return IPV6_ADDR_SCOPE_LINKLOCAL; |
186 | case 0xc0: |
187 | return IPV6_ADDR_SCOPE_SITELOCAL; |
188 | default: |
189 | return IPV6_ADDR_SCOPE_GLOBAL; /* just in case */ |
190 | } |
191 | } |
192 | |
193 | |
194 | if (addr->s6_addr[0] == 0xff) { |
195 | scope = addr->s6_addr[1] & 0x0f; |
196 | |
197 | /* |
198 | * due to other scope such as reserved, |
199 | * return scope doesn't work. |
200 | */ |
201 | switch (scope) { |
202 | case IPV6_ADDR_SCOPE_INTFACELOCAL: |
203 | return IPV6_ADDR_SCOPE_INTFACELOCAL; |
204 | case IPV6_ADDR_SCOPE_LINKLOCAL: |
205 | return IPV6_ADDR_SCOPE_LINKLOCAL; |
206 | case IPV6_ADDR_SCOPE_SITELOCAL: |
207 | return IPV6_ADDR_SCOPE_SITELOCAL; |
208 | default: |
209 | return IPV6_ADDR_SCOPE_GLOBAL; |
210 | } |
211 | } |
212 | |
213 | if (memcmp(&in6addr_loopback, addr, sizeof(*addr) - 1) == 0) { |
214 | if (addr->s6_addr[15] == 1) /* loopback */ |
215 | return IPV6_ADDR_SCOPE_LINKLOCAL; |
216 | if (addr->s6_addr[15] == 0) { |
217 | /* |
218 | * Regard the unspecified addresses as global, |
219 | * since it has no ambiguity. |
220 | * XXX: not sure if it's correct... |
221 | */ |
222 | return IPV6_ADDR_SCOPE_GLOBAL; |
223 | } |
224 | } |
225 | |
226 | return IPV6_ADDR_SCOPE_GLOBAL; |
227 | } |
228 | |
229 | /* note that ifp argument might be NULL */ |
230 | void |
231 | scope6_setdefault(struct ifnet *ifp) |
232 | { |
233 | |
234 | /* |
235 | * Currently, this function just sets the default "interfaces" |
236 | * and "links" according to the given interface. |
237 | * We might eventually have to separate the notion of "link" from |
238 | * "interface" and provide a user interface to set the default. |
239 | */ |
240 | if (ifp) { |
241 | sid_default.s6id_list[IPV6_ADDR_SCOPE_INTFACELOCAL] = |
242 | ifp->if_index; |
243 | sid_default.s6id_list[IPV6_ADDR_SCOPE_LINKLOCAL] = |
244 | ifp->if_index; |
245 | } else { |
246 | sid_default.s6id_list[IPV6_ADDR_SCOPE_INTFACELOCAL] = 0; |
247 | sid_default.s6id_list[IPV6_ADDR_SCOPE_LINKLOCAL] = 0; |
248 | } |
249 | } |
250 | |
251 | int |
252 | scope6_get_default(struct scope6_id *idlist) |
253 | { |
254 | |
255 | *idlist = sid_default; |
256 | |
257 | return (0); |
258 | } |
259 | |
260 | uint32_t |
261 | scope6_addr2default(const struct in6_addr *addr) |
262 | { |
263 | uint32_t id; |
264 | |
265 | /* |
266 | * special case: The loopback address should be considered as |
267 | * link-local, but there's no ambiguity in the syntax. |
268 | */ |
269 | if (IN6_IS_ADDR_LOOPBACK(addr)) |
270 | return (0); |
271 | |
272 | /* |
273 | * XXX: 32-bit read is atomic on all our platforms, is it OK |
274 | * not to lock here? |
275 | */ |
276 | id = sid_default.s6id_list[in6_addrscope(addr)]; |
277 | |
278 | return (id); |
279 | } |
280 | |
281 | /* |
282 | * Validate the specified scope zone ID in the sin6_scope_id field. If the ID |
283 | * is unspecified (=0), needs to be specified, and the default zone ID can be |
284 | * used, the default value will be used. |
285 | * This routine then generates the kernel-internal form: if the address scope |
286 | * of is interface-local or link-local, embed the interface index in the |
287 | * address. |
288 | */ |
289 | int |
290 | sa6_embedscope(struct sockaddr_in6 *sin6, int defaultok) |
291 | { |
292 | struct ifnet *ifp; |
293 | uint32_t zoneid; |
294 | |
295 | if ((zoneid = sin6->sin6_scope_id) == 0 && defaultok) |
296 | zoneid = scope6_addr2default(&sin6->sin6_addr); |
297 | |
298 | if (zoneid != 0 && |
299 | (IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr) || |
300 | IN6_IS_ADDR_MC_INTFACELOCAL(&sin6->sin6_addr))) { |
301 | int s; |
302 | /* |
303 | * At this moment, we only check interface-local and |
304 | * link-local scope IDs, and use interface indices as the |
305 | * zone IDs assuming a one-to-one mapping between interfaces |
306 | * and links. |
307 | */ |
308 | s = pserialize_read_enter(); |
309 | ifp = if_byindex(zoneid); |
310 | if (ifp == NULL) { |
311 | pserialize_read_exit(s); |
312 | return (ENXIO); |
313 | } |
314 | pserialize_read_exit(s); |
315 | |
316 | /* XXX assignment to 16bit from 32bit variable */ |
317 | sin6->sin6_addr.s6_addr16[1] = htons(zoneid & 0xffff); |
318 | |
319 | sin6->sin6_scope_id = 0; |
320 | } |
321 | |
322 | return 0; |
323 | } |
324 | |
325 | struct sockaddr * |
326 | sockaddr_in6_externalize(struct sockaddr *dst, socklen_t socklen, |
327 | const struct sockaddr *src) |
328 | { |
329 | struct sockaddr_in6 *sin6; |
330 | |
331 | sin6 = satosin6(sockaddr_copy(dst, socklen, src)); |
332 | |
333 | if (sin6 == NULL || sa6_recoverscope(sin6) != 0) |
334 | return NULL; |
335 | |
336 | return dst; |
337 | } |
338 | |
339 | /* |
340 | * generate standard sockaddr_in6 from embedded form. |
341 | */ |
342 | int |
343 | sa6_recoverscope(struct sockaddr_in6 *sin6) |
344 | { |
345 | uint32_t zoneid; |
346 | |
347 | if (sin6->sin6_scope_id != 0) { |
348 | log(LOG_NOTICE, |
349 | "sa6_recoverscope: assumption failure (non 0 ID): %s%%%d\n" , |
350 | ip6_sprintf(&sin6->sin6_addr), sin6->sin6_scope_id); |
351 | /* XXX: proceed anyway... */ |
352 | } |
353 | if (IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr) || |
354 | IN6_IS_ADDR_MC_INTFACELOCAL(&sin6->sin6_addr)) { |
355 | /* |
356 | * KAME assumption: link id == interface id |
357 | */ |
358 | zoneid = ntohs(sin6->sin6_addr.s6_addr16[1]); |
359 | if (zoneid) { |
360 | int s = pserialize_read_enter(); |
361 | if (!if_byindex(zoneid)) { |
362 | pserialize_read_exit(s); |
363 | return (ENXIO); |
364 | } |
365 | pserialize_read_exit(s); |
366 | sin6->sin6_addr.s6_addr16[1] = 0; |
367 | sin6->sin6_scope_id = zoneid; |
368 | } |
369 | } |
370 | |
371 | return 0; |
372 | } |
373 | |
374 | int |
375 | in6_setzoneid(struct in6_addr *in6, uint32_t zoneid) |
376 | { |
377 | if (IN6_IS_SCOPE_EMBEDDABLE(in6)) |
378 | in6->s6_addr16[1] = htons(zoneid & 0xffff); /* XXX */ |
379 | |
380 | return 0; |
381 | } |
382 | |
383 | /* |
384 | * Determine the appropriate scope zone ID for in6 and ifp. If ret_id is |
385 | * non NULL, it is set to the zone ID. If the zone ID needs to be embedded |
386 | * in the in6_addr structure, in6 will be modified. |
387 | */ |
388 | int |
389 | in6_setscope(struct in6_addr *in6, const struct ifnet *ifp, uint32_t *ret_id) |
390 | { |
391 | int scope; |
392 | uint32_t zoneid = 0; |
393 | const struct scope6_id *sid = SID(ifp); |
394 | |
395 | if (sid == NULL) |
396 | return EINVAL; |
397 | |
398 | /* |
399 | * special case: the loopback address can only belong to a loopback |
400 | * interface. |
401 | */ |
402 | if (IN6_IS_ADDR_LOOPBACK(in6)) { |
403 | if (!(ifp->if_flags & IFF_LOOPBACK)) |
404 | return (EINVAL); |
405 | else { |
406 | if (ret_id != NULL) |
407 | *ret_id = 0; /* there's no ambiguity */ |
408 | return (0); |
409 | } |
410 | } |
411 | |
412 | scope = in6_addrscope(in6); |
413 | |
414 | switch (scope) { |
415 | case IPV6_ADDR_SCOPE_INTFACELOCAL: /* should be interface index */ |
416 | zoneid = sid->s6id_list[IPV6_ADDR_SCOPE_INTFACELOCAL]; |
417 | break; |
418 | |
419 | case IPV6_ADDR_SCOPE_LINKLOCAL: |
420 | zoneid = sid->s6id_list[IPV6_ADDR_SCOPE_LINKLOCAL]; |
421 | break; |
422 | |
423 | case IPV6_ADDR_SCOPE_SITELOCAL: |
424 | zoneid = sid->s6id_list[IPV6_ADDR_SCOPE_SITELOCAL]; |
425 | break; |
426 | |
427 | case IPV6_ADDR_SCOPE_ORGLOCAL: |
428 | zoneid = sid->s6id_list[IPV6_ADDR_SCOPE_ORGLOCAL]; |
429 | break; |
430 | |
431 | default: |
432 | zoneid = 0; /* XXX: treat as global. */ |
433 | break; |
434 | } |
435 | |
436 | if (ret_id != NULL) |
437 | *ret_id = zoneid; |
438 | |
439 | return in6_setzoneid(in6, zoneid); |
440 | } |
441 | |
442 | const char * |
443 | in6_getscopename(const struct in6_addr *addr) |
444 | { |
445 | switch (in6_addrscope(addr)) { |
446 | case IPV6_ADDR_SCOPE_INTFACELOCAL: return "interface" ; |
447 | #if IPV6_ADDR_SCOPE_INTFACELOCAL != IPV6_ADDR_SCOPE_NODELOCAL |
448 | case IPV6_ADDR_SCOPE_NODELOCAL: return "node" ; |
449 | #endif |
450 | case IPV6_ADDR_SCOPE_LINKLOCAL: return "link" ; |
451 | case IPV6_ADDR_SCOPE_SITELOCAL: return "site" ; |
452 | case IPV6_ADDR_SCOPE_ORGLOCAL: return "organization" ; |
453 | case IPV6_ADDR_SCOPE_GLOBAL: return "global" ; |
454 | default: return "unknown" ; |
455 | } |
456 | } |
457 | |
458 | /* |
459 | * Just clear the embedded scope identifier. Return 0 if the original address |
460 | * is intact; return non 0 if the address is modified. |
461 | */ |
462 | int |
463 | in6_clearscope(struct in6_addr *in6) |
464 | { |
465 | int modified = 0; |
466 | |
467 | if (IN6_IS_SCOPE_LINKLOCAL(in6) || IN6_IS_ADDR_MC_INTFACELOCAL(in6)) { |
468 | if (in6->s6_addr16[1] != 0) |
469 | modified = 1; |
470 | in6->s6_addr16[1] = 0; |
471 | } |
472 | |
473 | return (modified); |
474 | } |
475 | |