Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. =================================================================== RCS file: /ftp/cvs/cvsroot/src/sys/netinet6/mld6.c,v rcsdiff: /ftp/cvs/cvsroot/src/sys/netinet6/mld6.c,v: warning: Unknown phrases like `commitid ...;' are present. retrieving revision 1.22.2.1 retrieving revision 1.44.2.2 diff -u -p -r1.22.2.1 -r1.44.2.2 --- src/sys/netinet6/mld6.c 2004/08/03 10:55:14 1.22.2.1 +++ src/sys/netinet6/mld6.c 2008/06/04 02:05:48 1.44.2.2 @@ -1,4 +1,4 @@ -/* $NetBSD: mld6.c,v 1.22.2.1 2004/08/03 10:55:14 skrll Exp $ */ +/* $NetBSD: mld6.c,v 1.44.2.2 2008/06/04 02:05:48 yamt Exp $ */ /* $KAME: mld6.c,v 1.25 2001/01/16 14:14:18 itojun Exp $ */ /* @@ -102,7 +102,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: mld6.c,v 1.22.2.1 2004/08/03 10:55:14 skrll Exp $"); +__KERNEL_RCSID(0, "$NetBSD: mld6.c,v 1.44.2.2 2008/06/04 02:05:48 yamt Exp $"); #include "opt_inet.h" @@ -110,26 +110,45 @@ __KERNEL_RCSID(0, "$NetBSD: mld6.c,v 1.2 #include #include #include +#include #include #include +#include +#include +#include #include #include #include +#include #include #include +#include #include +#include #include #include + +/* + * This structure is used to keep track of in6_multi chains which belong to + * deleted interface addresses. + */ +static LIST_HEAD(, multi6_kludge) in6_mk; /* XXX BSS initialization */ + +struct multi6_kludge { + LIST_ENTRY(multi6_kludge) mk_entry; + struct ifnet *mk_ifp; + struct in6_multihead mk_head; +}; + + /* * Protocol constants */ -/* denotes that the MLD max response delay field specifies time in milliseconds */ -#define MLD_TIMER_SCALE 1000 /* * time between repetitions of a node's initial report of interest in a * multicast address(in seconds) @@ -137,22 +156,24 @@ __KERNEL_RCSID(0, "$NetBSD: mld6.c,v 1.2 #define MLD_UNSOLICITED_REPORT_INTERVAL 10 static struct ip6_pktopts ip6_opts; -static int mld_timers_are_running; -/* XXX: These are necessary for KAME's link-local hack */ -static struct in6_addr mld_all_nodes_linklocal = IN6ADDR_LINKLOCAL_ALLNODES_INIT; -static struct in6_addr mld_all_routers_linklocal = IN6ADDR_LINKLOCAL_ALLROUTERS_INIT; -static void mld6_sendpkt __P((struct in6_multi *, int, const struct in6_addr *)); +static void mld_start_listening(struct in6_multi *); +static void mld_stop_listening(struct in6_multi *); + +static struct mld_hdr * mld_allocbuf(struct mbuf **, int, struct in6_multi *, + int); +static void mld_sendpkt(struct in6_multi *, int, const struct in6_addr *); +static void mld_starttimer(struct in6_multi *); +static void mld_stoptimer(struct in6_multi *); +static u_long mld_timerresid(struct in6_multi *); void -mld6_init() +mld_init(void) { static u_int8_t hbh_buf[8]; struct ip6_hbh *hbh = (struct ip6_hbh *)hbh_buf; u_int16_t rtalert_code = htons((u_int16_t)IP6OPT_RTALERT_MLD); - mld_timers_are_running = 0; - /* ip6h_nxt will be fill in later */ hbh->ip6h_len = 0; /* (8 >> 3) - 1 */ @@ -161,17 +182,94 @@ mld6_init() hbh_buf[3] = 0; hbh_buf[4] = IP6OPT_RTALERT; hbh_buf[5] = IP6OPT_RTALERT_LEN - 2; - bcopy((caddr_t)&rtalert_code, &hbh_buf[6], sizeof(u_int16_t)); + bcopy((void *)&rtalert_code, &hbh_buf[6], sizeof(u_int16_t)); ip6_opts.ip6po_hbh = hbh; /* We will specify the hoplimit by a multicast option. */ ip6_opts.ip6po_hlim = -1; } -void -mld6_start_listening(in6m) - struct in6_multi *in6m; +static void +mld_starttimer(struct in6_multi *in6m) { + struct timeval now; + + microtime(&now); + in6m->in6m_timer_expire.tv_sec = now.tv_sec + in6m->in6m_timer / hz; + in6m->in6m_timer_expire.tv_usec = now.tv_usec + + (in6m->in6m_timer % hz) * (1000000 / hz); + if (in6m->in6m_timer_expire.tv_usec > 1000000) { + in6m->in6m_timer_expire.tv_sec++; + in6m->in6m_timer_expire.tv_usec -= 1000000; + } + + /* start or restart the timer */ + callout_schedule(&in6m->in6m_timer_ch, in6m->in6m_timer); +} + +static void +mld_stoptimer(struct in6_multi *in6m) +{ + if (in6m->in6m_timer == IN6M_TIMER_UNDEF) + return; + + callout_stop(&in6m->in6m_timer_ch); + + in6m->in6m_timer = IN6M_TIMER_UNDEF; +} + +static void +mld_timeo(void *arg) +{ + struct in6_multi *in6m = arg; + + mutex_enter(softnet_lock); + KERNEL_LOCK(1, NULL); + + in6m->in6m_timer = IN6M_TIMER_UNDEF; + + switch (in6m->in6m_state) { + case MLD_REPORTPENDING: + mld_start_listening(in6m); + break; + default: + mld_sendpkt(in6m, MLD_LISTENER_REPORT, NULL); + break; + } + + KERNEL_UNLOCK_ONE(NULL); + mutex_exit(softnet_lock); +} + +static u_long +mld_timerresid(struct in6_multi *in6m) +{ + struct timeval now, diff; + + microtime(&now); + + if (now.tv_sec > in6m->in6m_timer_expire.tv_sec || + (now.tv_sec == in6m->in6m_timer_expire.tv_sec && + now.tv_usec > in6m->in6m_timer_expire.tv_usec)) { + return (0); + } + diff = in6m->in6m_timer_expire; + diff.tv_sec -= now.tv_sec; + diff.tv_usec -= now.tv_usec; + if (diff.tv_usec < 0) { + diff.tv_sec--; + diff.tv_usec += 1000000; + } + + /* return the remaining time in milliseconds */ + return (((u_long)(diff.tv_sec * 1000000 + diff.tv_usec)) / 1000); +} + +static void +mld_start_listening(struct in6_multi *in6m) +{ + struct in6_addr all_in6; + /* * RFC2710 page 10: * The node never sends a Report or Done for the link-scope all-nodes @@ -179,81 +277,115 @@ mld6_start_listening(in6m) * MLD messages are never sent for multicast addresses whose scope is 0 * (reserved) or 1 (node-local). */ - mld_all_nodes_linklocal.s6_addr16[1] = - htons(in6m->in6m_ifp->if_index); /* XXX */ - if (IN6_ARE_ADDR_EQUAL(&in6m->in6m_addr, &mld_all_nodes_linklocal) || - IPV6_ADDR_MC_SCOPE(&in6m->in6m_addr) < IPV6_ADDR_SCOPE_LINKLOCAL) { + all_in6 = in6addr_linklocal_allnodes; + if (in6_setscope(&all_in6, in6m->in6m_ifp, NULL)) { + /* XXX: this should not happen! */ in6m->in6m_timer = 0; in6m->in6m_state = MLD_OTHERLISTENER; + } + if (IN6_ARE_ADDR_EQUAL(&in6m->in6m_addr, &all_in6) || + IPV6_ADDR_MC_SCOPE(&in6m->in6m_addr) < IPV6_ADDR_SCOPE_LINKLOCAL) { + in6m->in6m_timer = IN6M_TIMER_UNDEF; + in6m->in6m_state = MLD_OTHERLISTENER; } else { - mld6_sendpkt(in6m, MLD_LISTENER_REPORT, NULL); - in6m->in6m_timer = - MLD_RANDOM_DELAY(MLD_UNSOLICITED_REPORT_INTERVAL * - PR_FASTHZ); + mld_sendpkt(in6m, MLD_LISTENER_REPORT, NULL); + in6m->in6m_timer = arc4random() % + (MLD_UNSOLICITED_REPORT_INTERVAL * hz); in6m->in6m_state = MLD_IREPORTEDLAST; - mld_timers_are_running = 1; + + mld_starttimer(in6m); } } -void -mld6_stop_listening(in6m) - struct in6_multi *in6m; +static void +mld_stop_listening(struct in6_multi *in6m) { - mld_all_nodes_linklocal.s6_addr16[1] = - htons(in6m->in6m_ifp->if_index); /* XXX */ - mld_all_routers_linklocal.s6_addr16[1] = - htons(in6m->in6m_ifp->if_index); /* XXX: necessary when mrouting */ + struct in6_addr allnode, allrouter; + + allnode = in6addr_linklocal_allnodes; + if (in6_setscope(&allnode, in6m->in6m_ifp, NULL)) { + /* XXX: this should not happen! */ + return; + } + allrouter = in6addr_linklocal_allrouters; + if (in6_setscope(&allrouter, in6m->in6m_ifp, NULL)) { + /* XXX impossible */ + return; + } if (in6m->in6m_state == MLD_IREPORTEDLAST && - (!IN6_ARE_ADDR_EQUAL(&in6m->in6m_addr, &mld_all_nodes_linklocal)) && - IPV6_ADDR_MC_SCOPE(&in6m->in6m_addr) > IPV6_ADDR_SCOPE_NODELOCAL) - mld6_sendpkt(in6m, MLD_LISTENER_DONE, - &mld_all_routers_linklocal); + (!IN6_ARE_ADDR_EQUAL(&in6m->in6m_addr, &allnode)) && + IPV6_ADDR_MC_SCOPE(&in6m->in6m_addr) > + IPV6_ADDR_SCOPE_INTFACELOCAL) { + mld_sendpkt(in6m, MLD_LISTENER_DONE, &allrouter); + } } void -mld6_input(m, off) - struct mbuf *m; - int off; +mld_input(struct mbuf *m, int off) { struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); struct mld_hdr *mldh; struct ifnet *ifp = m->m_pkthdr.rcvif; - struct in6_multi *in6m; + struct in6_multi *in6m = NULL; + struct in6_addr mld_addr, all_in6; struct in6_ifaddr *ia; - int timer; /* timer value in the MLD query header */ + int timer = 0; /* timer value in the MLD query header */ IP6_EXTHDR_GET(mldh, struct mld_hdr *, m, off, sizeof(*mldh)); if (mldh == NULL) { - icmp6stat.icp6s_tooshort++; + ICMP6_STATINC(ICMP6_STAT_TOOSHORT); return; } /* source address validation */ ip6 = mtod(m, struct ip6_hdr *);/* in case mpullup */ if (!IN6_IS_ADDR_LINKLOCAL(&ip6->ip6_src)) { + /* + * RFC3590 allows the IPv6 unspecified address as the source + * address of MLD report and done messages. However, as this + * same document says, this special rule is for snooping + * switches and the RFC requires routers to discard MLD packets + * with the unspecified source address. The RFC only talks + * about hosts receiving an MLD query or report in Security + * Considerations, but this is probably the correct intention. + * RFC3590 does not talk about other cases than link-local and + * the unspecified source addresses, but we believe the same + * rule should be applied. + * As a result, we only allow link-local addresses as the + * source address; otherwise, simply discard the packet. + */ #if 0 - log(LOG_ERR, - "mld_input: src %s is not link-local (grp=%s)\n", - ip6_sprintf(&ip6->ip6_src), - ip6_sprintf(&mldh->mld_addr)); -#endif /* - * spec (RFC2710) does not explicitly - * specify to discard the packet from a non link-local - * source address. But we believe it's expected to do so. - * XXX: do we have to allow :: as source? + * XXX: do not log in an input path to avoid log flooding, + * though RFC3590 says "SHOULD log" if the source of a query + * is the unspecified address. */ + log(LOG_INFO, + "mld_input: src %s is not link-local (grp=%s)\n", + ip6_sprintf(&ip6->ip6_src), ip6_sprintf(&mldh->mld_addr)); +#endif m_freem(m); return; } /* - * In the MLD6 specification, there are 3 states and a flag. + * make a copy for local work (in6_setscope() may modify the 1st arg) + */ + mld_addr = mldh->mld_addr; + if (in6_setscope(&mld_addr, ifp, NULL)) { + /* XXX: this should not happen! */ + m_free(m); + return; + } + + /* + * In the MLD specification, there are 3 states and a flag. * * In Non-Listener state, we simply don't have a membership record. * In Delaying Listener state, our timer is running (in6m->in6m_timer) - * In Idle Listener state, our timer is not running (in6m->in6m_timer==0) + * In Idle Listener state, our timer is not running + * (in6m->in6m_timer==IN6M_TIMER_UNDEF) * * The flag is in6m->in6m_state, it is set to MLD_OTHERLISTENER if * we have heard a report from another member, or MLD_IREPORTEDLAST @@ -264,12 +396,15 @@ mld6_input(m, off) if (ifp->if_flags & IFF_LOOPBACK) break; - if (!IN6_IS_ADDR_UNSPECIFIED(&mldh->mld_addr) && - !IN6_IS_ADDR_MULTICAST(&mldh->mld_addr)) + if (!IN6_IS_ADDR_UNSPECIFIED(&mld_addr) && + !IN6_IS_ADDR_MULTICAST(&mld_addr)) break; /* print error or log stat? */ - if (IN6_IS_ADDR_MC_LINKLOCAL(&mldh->mld_addr)) - mldh->mld_addr.s6_addr16[1] = - htons(ifp->if_index); /* XXX */ + + all_in6 = in6addr_linklocal_allnodes; + if (in6_setscope(&all_in6, ifp, NULL)) { + /* XXX: this should not happen! */ + break; + } /* * - Start the timers in all of our membership records @@ -277,59 +412,43 @@ mld6_input(m, off) * which the query arrived excl. those that belong * to the "all-nodes" group (ff02::1). * - Restart any timer that is already running but has - * A value longer than the requested timeout. + * a value longer than the requested timeout. * - Use the value specified in the query message as * the maximum timeout. */ + timer = ntohs(mldh->mld_maxdelay); + IFP_TO_IA6(ifp, ia); if (ia == NULL) break; - /* - * XXX: System timer resolution is too low to handle Max - * Response Delay, so set 1 to the internal timer even if - * the calculated value equals to zero when Max Response - * Delay is positive. - */ - timer = ntohs(mldh->mld_maxdelay)*PR_FASTHZ/MLD_TIMER_SCALE; - if (timer == 0 && mldh->mld_maxdelay) - timer = 1; - mld_all_nodes_linklocal.s6_addr16[1] = - htons(ifp->if_index); /* XXX */ - - for (in6m = ia->ia6_multiaddrs.lh_first; - in6m; - in6m = in6m->in6m_entry.le_next) - { - if (IN6_ARE_ADDR_EQUAL(&in6m->in6m_addr, - &mld_all_nodes_linklocal) || + LIST_FOREACH(in6m, &ia->ia6_multiaddrs, in6m_entry) { + if (IN6_ARE_ADDR_EQUAL(&in6m->in6m_addr, &all_in6) || IPV6_ADDR_MC_SCOPE(&in6m->in6m_addr) < IPV6_ADDR_SCOPE_LINKLOCAL) continue; - if (IN6_IS_ADDR_UNSPECIFIED(&mldh->mld_addr) || - IN6_ARE_ADDR_EQUAL(&mldh->mld_addr, - &in6m->in6m_addr)) - { - if (timer == 0) { - /* send a report immediately */ - mld6_sendpkt(in6m, MLD_LISTENER_REPORT, - NULL); - in6m->in6m_timer = 0; /* reset timer */ - in6m->in6m_state = MLD_IREPORTEDLAST; - } - else if (in6m->in6m_timer == 0 || /*idle state*/ - in6m->in6m_timer > timer) { - in6m->in6m_timer = - MLD_RANDOM_DELAY(timer); - mld_timers_are_running = 1; - } + if (in6m->in6m_state == MLD_REPORTPENDING) + continue; /* we are not yet ready */ + + if (!IN6_IS_ADDR_UNSPECIFIED(&mld_addr) && + !IN6_ARE_ADDR_EQUAL(&mld_addr, &in6m->in6m_addr)) + continue; + + if (timer == 0) { + /* send a report immediately */ + mld_stoptimer(in6m); + mld_sendpkt(in6m, MLD_LISTENER_REPORT, NULL); + in6m->in6m_state = MLD_IREPORTEDLAST; + } else if (in6m->in6m_timer == IN6M_TIMER_UNDEF || + mld_timerresid(in6m) > (u_long)timer) { + in6m->in6m_timer = arc4random() % + (int)(((long)timer * hz) / 1000); + mld_starttimer(in6m); } } - - if (IN6_IS_ADDR_MC_LINKLOCAL(&mldh->mld_addr)) - mldh->mld_addr.s6_addr16[1] = 0; /* XXX */ break; + case MLD_LISTENER_REPORT: /* * For fast leave to work, we have to know that we are the @@ -346,21 +465,15 @@ mld6_input(m, off) if (!IN6_IS_ADDR_MULTICAST(&mldh->mld_addr)) break; - if (IN6_IS_ADDR_MC_LINKLOCAL(&mldh->mld_addr)) - mldh->mld_addr.s6_addr16[1] = - htons(ifp->if_index); /* XXX */ /* * If we belong to the group being reported, stop * our timer for that group. */ - IN6_LOOKUP_MULTI(mldh->mld_addr, ifp, in6m); + IN6_LOOKUP_MULTI(mld_addr, ifp, in6m); if (in6m) { - in6m->in6m_timer = 0; /* transit to idle state */ + mld_stoptimer(in6m); /* transit to idle state */ in6m->in6m_state = MLD_OTHERLISTENER; /* clear flag */ } - - if (IN6_IS_ADDR_MC_LINKLOCAL(&mldh->mld_addr)) - mldh->mld_addr.s6_addr16[1] = 0; /* XXX */ break; default: /* this is impossible */ #if 0 @@ -369,7 +482,7 @@ mld6_input(m, off) * icmp6_input(). But we explicitly disabled this part * just in case. */ - log(LOG_ERR, "mld_input: illegal type(%d)", mldh->mld6_type); + log(LOG_ERR, "mld_input: illegal type(%d)", mldh->mld_type); #endif break; } @@ -377,47 +490,15 @@ mld6_input(m, off) m_freem(m); } -void -mld6_fasttimeo() -{ - struct in6_multi *in6m; - struct in6_multistep step; - int s; - /* - * Quick check to see if any work needs to be done, in order - * to minimize the overhead of fasttimo processing. - */ - if (!mld_timers_are_running) - return; - - s = splsoftnet(); - mld_timers_are_running = 0; - IN6_FIRST_MULTI(step, in6m); - while (in6m != NULL) { - if (in6m->in6m_timer == 0) { - /* do nothing */ - } else if (--in6m->in6m_timer == 0) { - mld6_sendpkt(in6m, MLD_LISTENER_REPORT, NULL); - in6m->in6m_state = MLD_IREPORTEDLAST; - } else { - mld_timers_are_running = 1; - } - IN6_NEXT_MULTI(step, in6m); - } - splx(s); -} - static void -mld6_sendpkt(in6m, type, dst) - struct in6_multi *in6m; - int type; - const struct in6_addr *dst; +mld_sendpkt(struct in6_multi *in6m, int type, + const struct in6_addr *dst) { - struct mbuf *mh, *md; + struct mbuf *mh; struct mld_hdr *mldh; - struct ip6_hdr *ip6; + struct ip6_hdr *ip6 = NULL; struct ip6_moptions im6o; - struct in6_ifaddr *ia; + struct in6_ifaddr *ia = NULL; struct ifnet *ifp = in6m->in6m_ifp; int ignflags; @@ -433,54 +514,23 @@ mld6_sendpkt(in6m, type, dst) if ((ia->ia6_flags & IN6_IFF_TENTATIVE)) ia = NULL; - /* - * Allocate mbufs to store ip6 header and MLD header. - * We allocate 2 mbufs and make chain in advance because - * it is more convenient when inserting the hop-by-hop option later. - */ - MGETHDR(mh, M_DONTWAIT, MT_HEADER); - if (mh == NULL) - return; - MGET(md, M_DONTWAIT, MT_DATA); - if (md == NULL) { - m_free(mh); + /* Allocate two mbufs to store IPv6 header and MLD header */ + mldh = mld_allocbuf(&mh, sizeof(struct mld_hdr), in6m, type); + if (mldh == NULL) return; - } - mh->m_next = md; - - mh->m_pkthdr.rcvif = NULL; - mh->m_pkthdr.len = sizeof(struct ip6_hdr) + sizeof(struct mld_hdr); - mh->m_len = sizeof(struct ip6_hdr); - MH_ALIGN(mh, sizeof(struct ip6_hdr)); - /* fill in the ip6 header */ - ip6 = mtod(mh, struct ip6_hdr *); - ip6->ip6_flow = 0; - ip6->ip6_vfc &= ~IPV6_VERSION_MASK; - ip6->ip6_vfc |= IPV6_VERSION; - /* ip6_plen will be set later */ - ip6->ip6_nxt = IPPROTO_ICMPV6; - /* ip6_hlim will be set by im6o.im6o_multicast_hlim */ - ip6->ip6_src = ia ? ia->ia_addr.sin6_addr : in6addr_any; - ip6->ip6_dst = dst ? *dst : in6m->in6m_addr; + /* fill src/dst here */ + ip6 = mtod(mh, struct ip6_hdr *); + ip6->ip6_src = ia ? ia->ia_addr.sin6_addr : in6addr_any; + ip6->ip6_dst = dst ? *dst : in6m->in6m_addr; - /* fill in the MLD header */ - md->m_len = sizeof(struct mld_hdr); - mldh = mtod(md, struct mld_hdr *); - mldh->mld_type = type; - mldh->mld_code = 0; - mldh->mld_cksum = 0; - /* XXX: we assume the function will not be called for query messages */ - mldh->mld_maxdelay = 0; - mldh->mld_reserved = 0; mldh->mld_addr = in6m->in6m_addr; - if (IN6_IS_ADDR_MC_LINKLOCAL(&mldh->mld_addr)) - mldh->mld_addr.s6_addr16[1] = 0; /* XXX */ + in6_clearscope(&mldh->mld_addr); /* XXX */ mldh->mld_cksum = in6_cksum(mh, IPPROTO_ICMPV6, sizeof(struct ip6_hdr), sizeof(struct mld_hdr)); /* construct multicast option */ - bzero(&im6o, sizeof(im6o)); + memset(&im6o, 0, sizeof(im6o)); im6o.im6o_multicast_ifp = ifp; im6o.im6o_multicast_hlim = 1; @@ -491,7 +541,7 @@ mld6_sendpkt(in6m, type, dst) im6o.im6o_multicast_loop = (ip6_mrouter != NULL); /* increment output statictics */ - icmp6stat.icp6s_outhist[type]++; + ICMP6_STATINC(ICMP6_STAT_OUTHIST + type); icmp6_ifstat_inc(ifp, ifs6_out_msg); switch (type) { case MLD_LISTENER_QUERY: @@ -505,6 +555,350 @@ mld6_sendpkt(in6m, type, dst) break; } - ip6_output(mh, &ip6_opts, NULL, ia ? 0 : IPV6_UNSPECSRC, + ip6_output(mh, &ip6_opts, NULL, ia ? 0 : IPV6_UNSPECSRC, &im6o, (struct socket *)NULL, NULL); } + +static struct mld_hdr * +mld_allocbuf(struct mbuf **mh, int len, struct in6_multi *in6m, + int type) +{ + struct mbuf *md; + struct mld_hdr *mldh; + struct ip6_hdr *ip6; + + /* + * Allocate mbufs to store ip6 header and MLD header. + * We allocate 2 mbufs and make chain in advance because + * it is more convenient when inserting the hop-by-hop option later. + */ + MGETHDR(*mh, M_DONTWAIT, MT_HEADER); + if (*mh == NULL) + return NULL; + MGET(md, M_DONTWAIT, MT_DATA); + if (md == NULL) { + m_free(*mh); + *mh = NULL; + return NULL; + } + (*mh)->m_next = md; + md->m_next = NULL; + + (*mh)->m_pkthdr.rcvif = NULL; + (*mh)->m_pkthdr.len = sizeof(struct ip6_hdr) + len; + (*mh)->m_len = sizeof(struct ip6_hdr); + MH_ALIGN(*mh, sizeof(struct ip6_hdr)); + + /* fill in the ip6 header */ + ip6 = mtod(*mh, struct ip6_hdr *); + memset(ip6, 0, sizeof(*ip6)); + ip6->ip6_flow = 0; + ip6->ip6_vfc &= ~IPV6_VERSION_MASK; + ip6->ip6_vfc |= IPV6_VERSION; + /* ip6_plen will be set later */ + ip6->ip6_nxt = IPPROTO_ICMPV6; + /* ip6_hlim will be set by im6o.im6o_multicast_hlim */ + /* ip6_src/dst will be set by mld_sendpkt() or mld_sendbuf() */ + + /* fill in the MLD header as much as possible */ + md->m_len = len; + mldh = mtod(md, struct mld_hdr *); + memset(mldh, 0, len); + mldh->mld_type = type; + return mldh; +} + +/* + * Add an address to the list of IP6 multicast addresses for a given interface. + */ +struct in6_multi * +in6_addmulti(struct in6_addr *maddr6, struct ifnet *ifp, + int *errorp, int timer) +{ + struct in6_ifaddr *ia; + struct in6_ifreq ifr; + struct in6_multi *in6m; + int s = splsoftnet(); + + *errorp = 0; + + /* + * See if address already in list. + */ + IN6_LOOKUP_MULTI(*maddr6, ifp, in6m); + if (in6m != NULL) { + /* + * Found it; just increment the refrence count. + */ + in6m->in6m_refcount++; + } else { + /* + * New address; allocate a new multicast record + * and link it into the interface's multicast list. + */ + in6m = (struct in6_multi *) + malloc(sizeof(*in6m), M_IPMADDR, M_NOWAIT); + if (in6m == NULL) { + splx(s); + *errorp = ENOBUFS; + return (NULL); + } + + memset(in6m, 0, sizeof(*in6m)); + in6m->in6m_addr = *maddr6; + in6m->in6m_ifp = ifp; + in6m->in6m_refcount = 1; + in6m->in6m_timer = IN6M_TIMER_UNDEF; + IFP_TO_IA6(ifp, ia); + if (ia == NULL) { + free(in6m, M_IPMADDR); + splx(s); + *errorp = EADDRNOTAVAIL; /* appropriate? */ + return (NULL); + } + in6m->in6m_ia = ia; + IFAREF(&ia->ia_ifa); /* gain a reference */ + LIST_INSERT_HEAD(&ia->ia6_multiaddrs, in6m, in6m_entry); + + /* + * Ask the network driver to update its multicast reception + * filter appropriately for the new address. + */ + sockaddr_in6_init(&ifr.ifr_addr, maddr6, 0, 0, 0); + if (ifp->if_ioctl == NULL) + *errorp = ENXIO; /* XXX: appropriate? */ + else + *errorp = (*ifp->if_ioctl)(ifp, SIOCADDMULTI, &ifr); + if (*errorp) { + LIST_REMOVE(in6m, in6m_entry); + free(in6m, M_IPMADDR); + IFAFREE(&ia->ia_ifa); + splx(s); + return (NULL); + } + + callout_init(&in6m->in6m_timer_ch, CALLOUT_MPSAFE); + callout_setfunc(&in6m->in6m_timer_ch, mld_timeo, in6m); + in6m->in6m_timer = timer; + if (in6m->in6m_timer > 0) { + in6m->in6m_state = MLD_REPORTPENDING; + mld_starttimer(in6m); + + splx(s); + return (in6m); + } + + /* + * Let MLD6 know that we have joined a new IP6 multicast + * group. + */ + mld_start_listening(in6m); + } + splx(s); + return (in6m); +} + +/* + * Delete a multicast address record. + */ +void +in6_delmulti(struct in6_multi *in6m) +{ + struct in6_ifreq ifr; + struct in6_ifaddr *ia; + int s = splsoftnet(); + + mld_stoptimer(in6m); + + if (--in6m->in6m_refcount == 0) { + /* + * No remaining claims to this record; let MLD6 know + * that we are leaving the multicast group. + */ + mld_stop_listening(in6m); + + /* + * Unlink from list. + */ + LIST_REMOVE(in6m, in6m_entry); + if (in6m->in6m_ia != NULL) { + IFAFREE(&in6m->in6m_ia->ia_ifa); /* release reference */ + in6m->in6m_ia = NULL; + } + + /* + * Delete all references of this multicasting group from + * the membership arrays + */ + for (ia = in6_ifaddr; ia; ia = ia->ia_next) { + struct in6_multi_mship *imm; + LIST_FOREACH(imm, &ia->ia6_memberships, i6mm_chain) { + if (imm->i6mm_maddr == in6m) + imm->i6mm_maddr = NULL; + } + } + + /* + * Notify the network driver to update its multicast + * reception filter. + */ + sockaddr_in6_init(&ifr.ifr_addr, &in6m->in6m_addr, 0, 0, 0); + (*in6m->in6m_ifp->if_ioctl)(in6m->in6m_ifp, SIOCDELMULTI, &ifr); + callout_destroy(&in6m->in6m_timer_ch); + free(in6m, M_IPMADDR); + } + splx(s); +} + + +struct in6_multi_mship * +in6_joingroup(struct ifnet *ifp, struct in6_addr *addr, + int *errorp, int timer) +{ + struct in6_multi_mship *imm; + + imm = malloc(sizeof(*imm), M_IPMADDR, M_NOWAIT); + if (!imm) { + *errorp = ENOBUFS; + return NULL; + } + + memset(imm, 0, sizeof(*imm)); + imm->i6mm_maddr = in6_addmulti(addr, ifp, errorp, timer); + if (!imm->i6mm_maddr) { + /* *errorp is already set */ + free(imm, M_IPMADDR); + return NULL; + } + return imm; +} + +int +in6_leavegroup(struct in6_multi_mship *imm) +{ + + if (imm->i6mm_maddr) { + in6_delmulti(imm->i6mm_maddr); + } + free(imm, M_IPMADDR); + return 0; +} + + +/* + * Multicast address kludge: + * If there were any multicast addresses attached to this interface address, + * either move them to another address on this interface, or save them until + * such time as this interface is reconfigured for IPv6. + */ +void +in6_savemkludge(struct in6_ifaddr *oia) +{ + struct in6_ifaddr *ia; + struct in6_multi *in6m; + + IFP_TO_IA6(oia->ia_ifp, ia); + if (ia) { /* there is another address */ + KASSERT(ia != oia); + while ((in6m = LIST_FIRST(&oia->ia6_multiaddrs)) != NULL) { + LIST_REMOVE(in6m, in6m_entry); + IFAREF(&ia->ia_ifa); + IFAFREE(&in6m->in6m_ia->ia_ifa); + in6m->in6m_ia = ia; + LIST_INSERT_HEAD(&ia->ia6_multiaddrs, in6m, in6m_entry); + } + } else { /* last address on this if deleted, save */ + struct multi6_kludge *mk; + + LIST_FOREACH(mk, &in6_mk, mk_entry) { + if (mk->mk_ifp == oia->ia_ifp) + break; + } + if (mk == NULL) /* this should not happen! */ + panic("in6_savemkludge: no kludge space"); + + while ((in6m = LIST_FIRST(&oia->ia6_multiaddrs)) != NULL) { + LIST_REMOVE(in6m, in6m_entry); + IFAFREE(&in6m->in6m_ia->ia_ifa); /* release reference */ + in6m->in6m_ia = NULL; + LIST_INSERT_HEAD(&mk->mk_head, in6m, in6m_entry); + } + } +} + +/* + * Continuation of multicast address hack: + * If there was a multicast group list previously saved for this interface, + * then we re-attach it to the first address configured on the i/f. + */ +void +in6_restoremkludge(struct in6_ifaddr *ia, struct ifnet *ifp) +{ + struct multi6_kludge *mk; + struct in6_multi *in6m; + + LIST_FOREACH(mk, &in6_mk, mk_entry) { + if (mk->mk_ifp == ifp) + break; + } + if (mk == NULL) + return; + while ((in6m = LIST_FIRST(&mk->mk_head)) != NULL) { + LIST_REMOVE(in6m, in6m_entry); + in6m->in6m_ia = ia; + IFAREF(&ia->ia_ifa); + LIST_INSERT_HEAD(&ia->ia6_multiaddrs, in6m, in6m_entry); + } +} + +/* + * Allocate space for the kludge at interface initialization time. + * Formerly, we dynamically allocated the space in in6_savemkludge() with + * malloc(M_WAITOK). However, it was wrong since the function could be called + * under an interrupt context (software timer on address lifetime expiration). + * Also, we cannot just give up allocating the strucutre, since the group + * membership structure is very complex and we need to keep it anyway. + * Of course, this function MUST NOT be called under an interrupt context. + * Specifically, it is expected to be called only from in6_ifattach(), though + * it is a global function. + */ +void +in6_createmkludge(struct ifnet *ifp) +{ + struct multi6_kludge *mk; + + LIST_FOREACH(mk, &in6_mk, mk_entry) { + /* If we've already had one, do not allocate. */ + if (mk->mk_ifp == ifp) + return; + } + + mk = malloc(sizeof(*mk), M_IPMADDR, M_WAITOK); + + memset(mk, 0, sizeof(*mk)); + LIST_INIT(&mk->mk_head); + mk->mk_ifp = ifp; + LIST_INSERT_HEAD(&in6_mk, mk, mk_entry); +} + +void +in6_purgemkludge(struct ifnet *ifp) +{ + struct multi6_kludge *mk; + struct in6_multi *in6m, *next; + + LIST_FOREACH(mk, &in6_mk, mk_entry) { + if (mk->mk_ifp == ifp) + break; + } + if (mk == NULL) + return; + + /* leave from all multicast groups joined */ + for (in6m = LIST_FIRST(&mk->mk_head); in6m != NULL; in6m = next) { + next = LIST_NEXT(in6m, in6m_entry); + in6_delmulti(in6m); + } + LIST_REMOVE(mk, mk_entry); + free(mk, M_IPMADDR); +}