diff --git a/sys/netinet6/icmp6.c b/sys/netinet6/icmp6.c index 0d040e4..54f0e92 100644 --- a/sys/netinet6/icmp6.c +++ b/sys/netinet6/icmp6.c @@ -734,36 +734,19 @@ icmp6_input(struct mbuf **mp, int *offp, int proto) goto badcode; if (icmp6len < sizeof(struct nd_router_solicit)) goto badlen; - if ((n = m_copym(m, 0, M_COPYALL, M_NOWAIT)) == NULL) { - /* give up local */ - - /* Send incoming SeND packet to user space. */ - if (send_sendso_input_hook != NULL) { - IP6_EXTHDR_CHECK(m, off, - icmp6len, IPPROTO_DONE); - error = send_sendso_input_hook(m, ifp, - SND_IN, ip6len); - /* -1 == no app on SEND socket */ - if (error == 0) - return (IPPROTO_DONE); - nd6_rs_input(m, off, icmp6len); - } else - nd6_rs_input(m, off, icmp6len); - m = NULL; - goto freeit; - } if (send_sendso_input_hook != NULL) { - IP6_EXTHDR_CHECK(n, off, - icmp6len, IPPROTO_DONE); - error = send_sendso_input_hook(n, ifp, - SND_IN, ip6len); - if (error == 0) + IP6_EXTHDR_CHECK(m, off, icmp6len, IPPROTO_DONE); + error = send_sendso_input_hook(m, ifp, SND_IN, ip6len); + if (error == 0) { + m = NULL; goto freeit; - /* -1 == no app on SEND socket */ - nd6_rs_input(n, off, icmp6len); - } else - nd6_rs_input(n, off, icmp6len); - /* m stays. */ + } + } + n = m_copym(m, 0, M_COPYALL, M_NOWAIT); + nd6_rs_input(m, off, icmp6len); + m = n; + if (m == NULL) + goto freeit; break; case ND_ROUTER_ADVERT: @@ -772,29 +755,18 @@ icmp6_input(struct mbuf **mp, int *offp, int proto) goto badcode; if (icmp6len < sizeof(struct nd_router_advert)) goto badlen; - if ((n = m_copym(m, 0, M_COPYALL, M_NOWAIT)) == NULL) { - - /* Send incoming SeND-protected/ND packet to user space. */ - if (send_sendso_input_hook != NULL) { - error = send_sendso_input_hook(m, ifp, - SND_IN, ip6len); - if (error == 0) - return (IPPROTO_DONE); - nd6_ra_input(m, off, icmp6len); - } else - nd6_ra_input(m, off, icmp6len); - m = NULL; - goto freeit; - } if (send_sendso_input_hook != NULL) { - error = send_sendso_input_hook(n, ifp, - SND_IN, ip6len); - if (error == 0) + error = send_sendso_input_hook(m, ifp, SND_IN, ip6len); + if (error == 0) { + m = NULL; goto freeit; - nd6_ra_input(n, off, icmp6len); - } else - nd6_ra_input(n, off, icmp6len); - /* m stays. */ + } + } + n = m_copym(m, 0, M_COPYALL, M_NOWAIT); + nd6_ra_input(m, off, icmp6len); + m = n; + if (m == NULL) + goto freeit; break; case ND_NEIGHBOR_SOLICIT: @@ -803,27 +775,18 @@ icmp6_input(struct mbuf **mp, int *offp, int proto) goto badcode; if (icmp6len < sizeof(struct nd_neighbor_solicit)) goto badlen; - if ((n = m_copym(m, 0, M_COPYALL, M_NOWAIT)) == NULL) { - if (send_sendso_input_hook != NULL) { - error = send_sendso_input_hook(m, ifp, - SND_IN, ip6len); - if (error == 0) - return (IPPROTO_DONE); - nd6_ns_input(m, off, icmp6len); - } else - nd6_ns_input(m, off, icmp6len); - m = NULL; - goto freeit; - } if (send_sendso_input_hook != NULL) { - error = send_sendso_input_hook(n, ifp, - SND_IN, ip6len); - if (error == 0) + error = send_sendso_input_hook(m, ifp, SND_IN, ip6len); + if (error == 0) { + m = NULL; goto freeit; - nd6_ns_input(n, off, icmp6len); - } else - nd6_ns_input(n, off, icmp6len); - /* m stays. */ + } + } + n = m_copym(m, 0, M_COPYALL, M_NOWAIT); + nd6_ns_input(m, off, icmp6len); + m = n; + if (m == NULL) + goto freeit; break; case ND_NEIGHBOR_ADVERT: @@ -832,29 +795,18 @@ icmp6_input(struct mbuf **mp, int *offp, int proto) goto badcode; if (icmp6len < sizeof(struct nd_neighbor_advert)) goto badlen; - if ((n = m_copym(m, 0, M_COPYALL, M_NOWAIT)) == NULL) { - - /* Send incoming SeND-protected/ND packet to user space. */ - if (send_sendso_input_hook != NULL) { - error = send_sendso_input_hook(m, ifp, - SND_IN, ip6len); - if (error == 0) - return (IPPROTO_DONE); - nd6_na_input(m, off, icmp6len); - } else - nd6_na_input(m, off, icmp6len); - m = NULL; - goto freeit; - } if (send_sendso_input_hook != NULL) { - error = send_sendso_input_hook(n, ifp, - SND_IN, ip6len); - if (error == 0) + error = send_sendso_input_hook(m, ifp, SND_IN, ip6len); + if (error == 0) { + m = NULL; goto freeit; - nd6_na_input(n, off, icmp6len); - } else - nd6_na_input(n, off, icmp6len); - /* m stays. */ + } + } + n = m_copym(m, 0, M_COPYALL, M_NOWAIT); + nd6_na_input(m, off, icmp6len); + m = n; + if (m == NULL) + goto freeit; break; case ND_REDIRECT: @@ -863,27 +815,18 @@ icmp6_input(struct mbuf **mp, int *offp, int proto) goto badcode; if (icmp6len < sizeof(struct nd_redirect)) goto badlen; - if ((n = m_copym(m, 0, M_COPYALL, M_NOWAIT)) == NULL) { - if (send_sendso_input_hook != NULL) { - error = send_sendso_input_hook(m, ifp, - SND_IN, ip6len); - if (error == 0) - return (IPPROTO_DONE); - icmp6_redirect_input(m, off); - } else - icmp6_redirect_input(m, off); - m = NULL; - goto freeit; - } if (send_sendso_input_hook != NULL) { - error = send_sendso_input_hook(n, ifp, - SND_IN, ip6len); - if (error == 0) + error = send_sendso_input_hook(m, ifp, SND_IN, ip6len); + if (error == 0) { + m = NULL; goto freeit; - icmp6_redirect_input(n, off); - } else - icmp6_redirect_input(n, off); - /* m stays. */ + } + } + n = m_copym(m, 0, M_COPYALL, M_NOWAIT); + icmp6_redirect_input(m, off); + m = n; + if (m == NULL) + goto freeit; break; case ICMP6_ROUTER_RENUMBERING: diff --git a/sys/netinet6/in6.c b/sys/netinet6/in6.c index 4191782..812823b 100644 --- a/sys/netinet6/in6.c +++ b/sys/netinet6/in6.c @@ -617,10 +617,10 @@ in6_control(struct socket *so, u_long cmd, caddr_t data, /* add the prefix if not yet. */ if ((pr = nd6_prefix_lookup(&pr0)) == NULL) { /* - * nd6_prelist_add will install the corresponding + * nd6_prefix_add will install the corresponding * interface route. */ - if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) { + if ((error = nd6_prefix_add(&pr0, NULL, &pr)) != 0) { if (carp_attached) (*carp_detach_p)(&ia->ia_ifa); goto out; @@ -630,7 +630,7 @@ in6_control(struct socket *so, u_long cmd, caddr_t data, /* relate the address to the prefix */ if (ia->ia6_ndpr == NULL) { ia->ia6_ndpr = pr; - pr->ndpr_refcnt++; + pr->ndpr_addrcnt++; /* * If this is the first autoconf address from the @@ -638,7 +638,7 @@ in6_control(struct socket *so, u_long cmd, caddr_t data, * (when required). */ if ((ia->ia6_flags & IN6_IFF_AUTOCONF) && - V_ip6_use_tempaddr && pr->ndpr_refcnt == 1) { + V_ip6_use_tempaddr && pr->ndpr_addrcnt == 1) { int e; if ((e = in6_tmpifadd(ia, 1, 0)) != 0) { log(LOG_NOTICE, "in6_control: failed " @@ -647,6 +647,7 @@ in6_control(struct socket *so, u_long cmd, caddr_t data, } } } + nd6_prefix_rele(pr); /* * this might affect the status of autoconfigured addresses, @@ -690,12 +691,16 @@ aifaddr_out: * and the prefix management. We do this, however, to provide * as much backward compatibility as possible in terms of * the ioctl operation. - * Note that in6_purgeaddr() will decrement ndpr_refcnt. + * Note that in6_purgeaddr() will decrement ndpr_addrcnt. */ pr = ia->ia6_ndpr; in6_purgeaddr(&ia->ia_ifa); - if (pr && pr->ndpr_refcnt == 0) - prelist_remove(pr); + if (pr != NULL && pr->ndpr_addrcnt == 0) { + ND6_WLOCK(); + nd6_prefix_unlink(pr, NULL); + ND6_WUNLOCK(); + nd6_prefix_del(pr); + } EVENTHANDLER_INVOKE(ifaddr_event, ifp); break; } @@ -1305,9 +1310,9 @@ in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp) "in6_unlink_ifa: autoconf'ed address " "%s has no prefix\n", ip6_sprintf(ip6buf, IA6_IN6(ia)))); } else { - ia->ia6_ndpr->ndpr_refcnt--; + ia->ia6_ndpr->ndpr_addrcnt--; /* Do not delete lles within prefix if refcont != 0 */ - if (ia->ia6_ndpr->ndpr_refcnt == 0) + if (ia->ia6_ndpr->ndpr_addrcnt == 0) remove_lle = 1; ia->ia6_ndpr = NULL; } diff --git a/sys/netinet6/in6_ifattach.c b/sys/netinet6/in6_ifattach.c index 6c69399..4bee8cb 100644 --- a/sys/netinet6/in6_ifattach.c +++ b/sys/netinet6/in6_ifattach.c @@ -453,6 +453,7 @@ in6_ifattach_linklocal(struct ifnet *ifp, struct ifnet *altifp) struct in6_ifaddr *ia; struct in6_aliasreq ifra; struct nd_prefixctl pr0; + struct nd_prefix *pr; int error; /* @@ -518,7 +519,7 @@ in6_ifattach_linklocal(struct ifnet *ifp, struct ifnet *altifp) /* this should be 64 at this moment. */ pr0.ndpr_plen = in6_mask2len(&ifra.ifra_prefixmask.sin6_addr, NULL); pr0.ndpr_prefix = ifra.ifra_addr; - /* apply the mask for safety. (nd6_prelist_add will apply it again) */ + /* apply the mask for safety. (nd6_prefix_add will apply it again) */ IN6_MASK_ADDR(&pr0.ndpr_prefix.sin6_addr, &in6mask64); /* * Initialize parameters. The link-local prefix must always be @@ -535,10 +536,11 @@ in6_ifattach_linklocal(struct ifnet *ifp, struct ifnet *altifp) * address, and then reconfigure another one, the prefix is still * valid with referring to the old link-local address. */ - if (nd6_prefix_lookup(&pr0) == NULL) { - if ((error = nd6_prelist_add(&pr0, NULL, NULL)) != 0) + if ((pr = nd6_prefix_lookup(&pr0)) == NULL) { + if ((error = nd6_prefix_add(&pr0, NULL, NULL)) != 0) return (error); - } + } else + nd6_prefix_rele(pr); return 0; } @@ -778,15 +780,6 @@ _in6_ifdetach(struct ifnet *ifp, int purgeulp) return; /* - * Remove neighbor management table. - * Enabling the nd6_purge will panic on vmove for interfaces on VNET - * teardown as the IPv6 layer is cleaned up already and the locks - * are destroyed. - */ - if (purgeulp) - nd6_purge(ifp); - - /* * nuke any of IPv6 addresses we have * XXX: all addresses should be already removed */ @@ -804,12 +797,10 @@ _in6_ifdetach(struct ifnet *ifp, int purgeulp) in6_purgemaddrs(ifp); /* - * remove neighbor management table. we call it twice just to make - * sure we nuke everything. maybe we need just one call. - * XXX: since the first call did not release addresses, some prefixes - * might remain. We should call nd6_purge() again to release the - * prefixes after removing all addresses above. - * (Or can we just delay calling nd6_purge until at this point?) + * Remove neighbor management table. + * Enabling the nd6_purge will panic on vmove for interfaces on VNET + * teardown as the IPv6 layer is cleaned up already and the locks + * are destroyed. */ if (purgeulp) nd6_purge(ifp); diff --git a/sys/netinet6/nd6.c b/sys/netinet6/nd6.c index 3decb70..5a5a024 100644 --- a/sys/netinet6/nd6.c +++ b/sys/netinet6/nd6.c @@ -38,8 +38,10 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include +#include #include #include #include @@ -47,7 +49,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include #include @@ -118,6 +119,8 @@ static eventhandler_tag lle_event_eh, iflladdr_event_eh; VNET_DEFINE(struct nd_drhead, nd_defrouter); VNET_DEFINE(struct nd_prhead, nd_prefix); VNET_DEFINE(struct rwlock, nd6_lock); +VNET_DEFINE(uint64_t, nd6_list_genid); +VNET_DEFINE(struct mtx, nd6_onlink_mtx); VNET_DEFINE(int, nd6_recalc_reachtm_interval) = ND6_RECALC_REACHTM_INTERVAL; #define V_nd6_recalc_reachtm_interval VNET(nd6_recalc_reachtm_interval) @@ -209,11 +212,10 @@ void nd6_init(void) { - rw_init(&V_nd6_lock, "nd6"); + mtx_init(&V_nd6_onlink_mtx, "nd6 onlink", NULL, MTX_DEF); + rw_init(&V_nd6_lock, "nd6 list"); LIST_INIT(&V_nd_prefix); - - /* initialization of the default router list */ TAILQ_INIT(&V_nd_defrouter); /* Start timers. */ @@ -903,13 +905,14 @@ nd6_timer(void *arg) { CURVNET_SET((struct vnet *) arg); struct nd_drhead drq; + struct nd_prhead prl; struct nd_defrouter *dr, *ndr; struct nd_prefix *pr, *npr; struct in6_ifaddr *ia6, *nia6; TAILQ_INIT(&drq); + LIST_INIT(&prl); - /* expire default router list */ ND6_WLOCK(); TAILQ_FOREACH_SAFE(dr, &V_nd_defrouter, dr_entry, ndr) if (dr->expire && dr->expire < time_uptime) @@ -1016,22 +1019,27 @@ nd6_timer(void *arg) } } - /* expire prefix list */ + ND6_WLOCK(); LIST_FOREACH_SAFE(pr, &V_nd_prefix, ndpr_entry, npr) { /* - * check prefix lifetime. - * since pltime is just for autoconf, pltime processing for - * prefix is not necessary. + * Expire prefixes. Since the pltime is only used for + * autoconfigured addresses, pltime processing for prefixes is + * not necessary. + * + * Only unlink after all derived addresses have expired. This + * may not occur until two hours after the prefix has expired + * per RFC 4862. */ if (pr->ndpr_vltime != ND6_INFINITE_LIFETIME && - time_uptime - pr->ndpr_lastupdate > pr->ndpr_vltime) { + time_uptime - pr->ndpr_lastupdate > pr->ndpr_vltime && + pr->ndpr_addrcnt == 0) + nd6_prefix_unlink(pr, &prl); + } + ND6_WUNLOCK(); - /* - * address expiration and prefix expiration are - * separate. NEVER perform in6_purgeaddr here. - */ - prelist_remove(pr); - } + while ((pr = LIST_FIRST(&prl)) != NULL) { + LIST_REMOVE(pr, ndpr_entry); + nd6_prefix_del(pr); } callout_reset(&V_nd6_timer_ch, V_nd6_prune * hz, @@ -1118,51 +1126,51 @@ void nd6_purge(struct ifnet *ifp) { struct nd_drhead drq; + struct nd_prhead prl; struct nd_defrouter *dr, *ndr; struct nd_prefix *pr, *npr; TAILQ_INIT(&drq); + LIST_INIT(&prl); + ND6_WLOCK(); /* * Nuke default router list entries toward ifp. * We defer removal of default router list entries that is installed * in the routing table, in order to keep additional side effects as * small as possible. */ - ND6_WLOCK(); TAILQ_FOREACH_SAFE(dr, &V_nd_defrouter, dr_entry, ndr) { if (dr->installed) continue; if (dr->ifp == ifp) defrouter_unlink(dr, &drq); } - TAILQ_FOREACH_SAFE(dr, &V_nd_defrouter, dr_entry, ndr) { if (!dr->installed) continue; if (dr->ifp == ifp) defrouter_unlink(dr, &drq); } + + /* + * Remove prefixes on ifp. We should have already removed addresses on + * this interface, so no addresses should be referencing these prefixes. + */ + LIST_FOREACH_SAFE(pr, &V_nd_prefix, ndpr_entry, npr) { + if (pr->ndpr_ifp == ifp) + nd6_prefix_unlink(pr, &prl); + } ND6_WUNLOCK(); + /* Delete the unlinked router and prefix objects. */ while ((dr = TAILQ_FIRST(&drq)) != NULL) { TAILQ_REMOVE(&drq, dr, dr_entry); defrouter_del(dr); } - - /* Nuke prefix list entries toward ifp */ - LIST_FOREACH_SAFE(pr, &V_nd_prefix, ndpr_entry, npr) { - if (pr->ndpr_ifp == ifp) { - /* - * Because if_detach() does *not* release prefixes - * while purging addresses the reference count will - * still be above zero. We therefore reset it to - * make sure that the prefix really gets purged. - */ - pr->ndpr_refcnt = 0; - - prelist_remove(pr); - } + while ((pr = LIST_FIRST(&prl)) != NULL) { + LIST_REMOVE(pr, ndpr_entry); + nd6_prefix_del(pr); } /* cancel default outgoing interface setting */ @@ -1227,8 +1235,9 @@ nd6_is_new_addr_neighbor(const struct sockaddr_in6 *addr, struct ifnet *ifp) struct ifaddr *dstaddr; struct rt_addrinfo info; struct sockaddr_in6 rt_key; - struct sockaddr *dst6; - int fibnum; + const struct sockaddr *dst6; + uint64_t genid; + int error, fibnum; /* * A link-local address is always a neighbor. @@ -1266,19 +1275,29 @@ nd6_is_new_addr_neighbor(const struct sockaddr_in6 *addr, struct ifnet *ifp) * If the address matches one of our on-link prefixes, it should be a * neighbor. */ + ND6_RLOCK(); +restart: LIST_FOREACH(pr, &V_nd_prefix, ndpr_entry) { if (pr->ndpr_ifp != ifp) continue; - if (!(pr->ndpr_stateflags & NDPRF_ONLINK)) { - + if ((pr->ndpr_stateflags & NDPRF_ONLINK) == 0) { /* Always use the default FIB here. */ - dst6 = (struct sockaddr *)&pr->ndpr_prefix; + dst6 = (const struct sockaddr *)&pr->ndpr_prefix; + + genid = V_nd6_list_genid; + ND6_RUNLOCK(); /* Restore length field before retrying lookup */ rt_key.sin6_len = sizeof(rt_key); - if (rib_lookup_info(fibnum, dst6, 0, 0, &info) != 0) + error = rib_lookup_info(fibnum, dst6, 0, 0, &info); + + ND6_RLOCK(); + if (genid != V_nd6_list_genid) + goto restart; + if (error != 0) continue; + /* * This is the case where multiple interfaces * have the same prefix, but only one is installed @@ -1290,14 +1309,17 @@ nd6_is_new_addr_neighbor(const struct sockaddr_in6 *addr, struct ifnet *ifp) * differ. */ if (!IN6_ARE_ADDR_EQUAL(&pr->ndpr_prefix.sin6_addr, - &rt_key.sin6_addr)) + &rt_key.sin6_addr)) continue; } if (IN6_ARE_MASKED_ADDR_EQUAL(&pr->ndpr_prefix.sin6_addr, - &addr->sin6_addr, &pr->ndpr_mask)) + &addr->sin6_addr, &pr->ndpr_mask)) { + ND6_RUNLOCK(); return (1); + } } + ND6_RUNLOCK(); /* * If the address is assigned on the node of the other side of @@ -1728,15 +1750,22 @@ nd6_ioctl(u_long cmd, caddr_t data, struct ifnet *ifp) case SIOCSPFXFLUSH_IN6: { /* flush all the prefix advertised by routers */ + struct in6_ifaddr *ia, *ia_next; struct nd_prefix *pr, *next; + struct nd_prhead prl; - LIST_FOREACH_SAFE(pr, &V_nd_prefix, ndpr_entry, next) { - struct in6_ifaddr *ia, *ia_next; + LIST_INIT(&prl); + ND6_WLOCK(); + LIST_FOREACH_SAFE(pr, &V_nd_prefix, ndpr_entry, next) { if (IN6_IS_ADDR_LINKLOCAL(&pr->ndpr_prefix.sin6_addr)) continue; /* XXX */ + nd6_prefix_unlink(pr, &prl); + } + ND6_WUNLOCK(); - /* do we really have to remove addresses as well? */ + while ((pr = LIST_FIRST(&prl)) != NULL) { + LIST_REMOVE(pr, ndpr_entry); /* XXXRW: in6_ifaddrhead locking. */ TAILQ_FOREACH_SAFE(ia, &V_in6_ifaddrhead, ia_link, ia_next) { @@ -1746,7 +1775,7 @@ nd6_ioctl(u_long cmd, caddr_t data, struct ifnet *ifp) if (ia->ia6_ndpr == pr) in6_purgeaddr(&ia->ia_ifa); } - prelist_remove(pr); + nd6_prefix_del(pr); } break; } @@ -2674,7 +2703,7 @@ nd6_sysctl_prlist(SYSCTL_HANDLER_ARGS) else p.expire = maxexpire; } - p.refcnt = pr->ndpr_refcnt; + p.refcnt = pr->ndpr_addrcnt; p.flags = pr->ndpr_stateflags; p.advrtrs = 0; LIST_FOREACH(pfr, &pr->ndpr_advrtrs, pfr_entry) diff --git a/sys/netinet6/nd6.h b/sys/netinet6/nd6.h index 33ac438..5b58bc4 100644 --- a/sys/netinet6/nd6.h +++ b/sys/netinet6/nd6.h @@ -256,7 +256,7 @@ struct nd_prefixctl { struct prf_ra ndpr_flags; }; - +LIST_HEAD(nd_prhead, nd_prefix); struct nd_prefix { struct ifnet *ndpr_ifp; LIST_ENTRY(nd_prefix) ndpr_entry; @@ -275,7 +275,8 @@ struct nd_prefix { /* list of routers that advertise the prefix: */ LIST_HEAD(pr_rtrhead, nd_pfxrouter) ndpr_advrtrs; u_char ndpr_plen; - int ndpr_refcnt; /* reference couter from addresses */ + int ndpr_addrcnt; /* count of derived addresses */ + volatile u_int ndpr_refcnt; }; #define ndpr_raf ndpr_flags @@ -314,8 +315,6 @@ struct nd_pfxrouter { struct nd_defrouter *router; }; -LIST_HEAD(nd_prhead, nd_prefix); - #ifdef MALLOC_DECLARE MALLOC_DECLARE(M_IP6NDP); #endif @@ -346,17 +345,29 @@ VNET_DECLARE(int, nd6_onlink_ns_rfc4861); /* Lock for the prefix and default router lists. */ VNET_DECLARE(struct rwlock, nd6_lock); +VNET_DECLARE(uint64_t, nd6_list_genid); #define V_nd6_lock VNET(nd6_lock) +#define V_nd6_list_genid VNET(nd6_list_genid) #define ND6_RLOCK() rw_rlock(&V_nd6_lock) #define ND6_RUNLOCK() rw_runlock(&V_nd6_lock) #define ND6_WLOCK() rw_wlock(&V_nd6_lock) #define ND6_WUNLOCK() rw_wunlock(&V_nd6_lock) +#define ND6_TRY_UPGRADE() rw_try_upgrade(&V_nd6_lock) #define ND6_WLOCK_ASSERT() rw_assert(&V_nd6_lock, RA_WLOCKED) #define ND6_RLOCK_ASSERT() rw_assert(&V_nd6_lock, RA_RLOCKED) #define ND6_LOCK_ASSERT() rw_assert(&V_nd6_lock, RA_LOCKED) #define ND6_UNLOCK_ASSERT() rw_assert(&V_nd6_lock, RA_UNLOCKED) +/* Mutex for prefix onlink/offlink transitions. */ +VNET_DECLARE(struct mtx, nd6_onlink_mtx); +#define V_nd6_onlink_mtx VNET(nd6_onlink_mtx) + +#define ND6_ONLINK_LOCK() mtx_lock(&V_nd6_onlink_mtx) +#define ND6_ONLINK_UNLOCK() mtx_unlock(&V_nd6_onlink_mtx) +#define ND6_ONLINK_LOCK_ASSERT() mtx_assert(&V_nd6_onlink_mtx, MA_OWNED) +#define ND6_ONLINK_UNLOCK_ASSERT() mtx_assert(&V_nd6_onlink_mtx, MA_NOTOWNED) + #define nd6log(x) do { if (V_nd6_debug) log x; } while (/*CONSTCOND*/ 0) /* nd6_rtr.c */ @@ -463,9 +474,12 @@ void defrouter_rele(struct nd_defrouter *); bool defrouter_remove(struct in6_addr *, struct ifnet *); void defrouter_unlink(struct nd_defrouter *, struct nd_drhead *); void defrouter_del(struct nd_defrouter *); -void prelist_remove(struct nd_prefix *); -int nd6_prelist_add(struct nd_prefixctl *, struct nd_defrouter *, - struct nd_prefix **); +int nd6_prefix_add(struct nd_prefixctl *, struct nd_defrouter *, + struct nd_prefix **); +void nd6_prefix_unlink(struct nd_prefix *, struct nd_prhead *); +void nd6_prefix_del(struct nd_prefix *); +void nd6_prefix_ref(struct nd_prefix *); +void nd6_prefix_rele(struct nd_prefix *); void pfxlist_onlink_check(void); struct nd_defrouter *defrouter_lookup(struct in6_addr *, struct ifnet *); struct nd_defrouter *defrouter_lookup_locked(struct in6_addr *, struct ifnet *); diff --git a/sys/netinet6/nd6_nbr.c b/sys/netinet6/nd6_nbr.c index 2ac1d7a..19149c2 100644 --- a/sys/netinet6/nd6_nbr.c +++ b/sys/netinet6/nd6_nbr.c @@ -1217,40 +1217,26 @@ nd6_dad_start(struct ifaddr *ifa, int delay) struct dadq *dp; char ip6buf[INET6_ADDRSTRLEN]; + KASSERT((ia->ia6_flags & IN6_IFF_TENTATIVE) != 0, + ("starting DAD on non-tentative address %p", ifa)); + /* * If we don't need DAD, don't do it. * There are several cases: - * - DAD is disabled (ip6_dad_count == 0) + * - DAD is disabled globally or on the interface * - the interface address is anycast */ - if (!(ia->ia6_flags & IN6_IFF_TENTATIVE)) { - log(LOG_DEBUG, - "nd6_dad_start: called with non-tentative address " - "%s(%s)\n", - ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr), - ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???"); - return; - } - if (ia->ia6_flags & IN6_IFF_ANYCAST) { - ia->ia6_flags &= ~IN6_IFF_TENTATIVE; - return; - } - if (!V_ip6_dad_count) { - ia->ia6_flags &= ~IN6_IFF_TENTATIVE; - return; - } - if (ifa->ifa_ifp == NULL) - panic("nd6_dad_start: ifa->ifa_ifp == NULL"); - if (ND_IFINFO(ifa->ifa_ifp)->flags & ND6_IFF_NO_DAD) { + if ((ia->ia6_flags & IN6_IFF_ANYCAST) != 0 || + V_ip6_dad_count == 0 || + (ND_IFINFO(ifa->ifa_ifp)->flags & ND6_IFF_NO_DAD) != 0) { ia->ia6_flags &= ~IN6_IFF_TENTATIVE; return; } - if (!(ifa->ifa_ifp->if_flags & IFF_UP) || - !(ifa->ifa_ifp->if_drv_flags & IFF_DRV_RUNNING) || - (ND_IFINFO(ifa->ifa_ifp)->flags & ND6_IFF_IFDISABLED)) { - ia->ia6_flags |= IN6_IFF_TENTATIVE; + if ((ifa->ifa_ifp->if_flags & IFF_UP) == 0 || + (ifa->ifa_ifp->if_drv_flags & IFF_DRV_RUNNING) == 0 || + (ND_IFINFO(ifa->ifa_ifp)->flags & ND6_IFF_IFDISABLED) != 0) return; - } + if ((dp = nd6_dad_find(ifa, NULL)) != NULL) { /* * DAD is already in progress. Let the existing entry @@ -1329,11 +1315,10 @@ nd6_dad_timer(struct dadq *dp) struct in6_ifaddr *ia = (struct in6_ifaddr *)ifa; char ip6buf[INET6_ADDRSTRLEN]; - /* Sanity check */ - if (ia == NULL) { - log(LOG_ERR, "nd6_dad_timer: called with null parameter\n"); - goto err; - } + KASSERT(ia != NULL, ("DAD entry %p with no address", dp)); + KASSERT((ia->ia6_flags & IN6_IFF_TENTATIVE) == 0, + ("DAD entry %p for non-tentative address", dp)); + if (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED) { /* Do not need DAD for ifdisabled interface. */ log(LOG_ERR, "nd6_dad_timer: cancel DAD on %s because of " @@ -1347,13 +1332,6 @@ nd6_dad_timer(struct dadq *dp) ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???"); goto err; } - if ((ia->ia6_flags & IN6_IFF_TENTATIVE) == 0) { - log(LOG_ERR, "nd6_dad_timer: called with non-tentative address " - "%s(%s)\n", - ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr), - ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???"); - goto err; - } /* Stop DAD if the interface is down even after dad_maxtry attempts. */ if ((dp->dad_ns_tcount > V_dad_maxtry) && diff --git a/sys/netinet6/nd6_rtr.c b/sys/netinet6/nd6_rtr.c index 8f19406..b36df9d 100644 --- a/sys/netinet6/nd6_rtr.c +++ b/sys/netinet6/nd6_rtr.c @@ -76,17 +76,16 @@ static int prelist_update(struct nd_prefixctl *, struct nd_defrouter *, struct mbuf *, int); static struct in6_ifaddr *in6_ifadd(struct nd_prefixctl *, int); static struct nd_pfxrouter *pfxrtr_lookup(struct nd_prefix *, - struct nd_defrouter *); + struct nd_defrouter *); static void pfxrtr_add(struct nd_prefix *, struct nd_defrouter *); -static void pfxrtr_del(struct nd_pfxrouter *); -static struct nd_pfxrouter *find_pfxlist_reachable_router -(struct nd_prefix *); +static void pfxrtr_del(struct nd_prefix *, struct nd_pfxrouter *); +static struct nd_pfxrouter *find_pfxlist_reachable_router(struct nd_prefix *); static void defrouter_delreq(struct nd_defrouter *); static void nd6_rtmsg(int, struct rtentry *); static int in6_init_prefix_ltimes(struct nd_prefix *); static void in6_init_address_ltimes(struct nd_prefix *, - struct in6_addrlifetime *); + struct in6_addrlifetime *); static int nd6_prefix_onlink(struct nd_prefix *); static int nd6_prefix_offlink(struct nd_prefix *); @@ -662,6 +661,7 @@ defrouter_unlink(struct nd_defrouter *dr, struct nd_drhead *drq) ND6_WLOCK_ASSERT(); TAILQ_REMOVE(&V_nd_defrouter, dr, dr_entry); + V_nd6_list_genid++; if (drq != NULL) TAILQ_INSERT_TAIL(drq, dr, dr_entry); } @@ -671,6 +671,7 @@ defrouter_del(struct nd_defrouter *dr) { struct nd_defrouter *deldr = NULL; struct nd_prefix *pr; + struct nd_pfxrouter *pfxrtr; ND6_UNLOCK_ASSERT(); @@ -689,11 +690,13 @@ defrouter_del(struct nd_defrouter *dr) /* * Also delete all the pointers to the router in each prefix lists. */ + ND6_WLOCK(); LIST_FOREACH(pr, &V_nd_prefix, ndpr_entry) { - struct nd_pfxrouter *pfxrtr; if ((pfxrtr = pfxrtr_lookup(pr, dr)) != NULL) - pfxrtr_del(pfxrtr); + pfxrtr_del(pr, pfxrtr); } + ND6_WUNLOCK(); + pfxlist_onlink_check(); /* @@ -853,14 +856,18 @@ static struct nd_defrouter * defrtrlist_update(struct nd_defrouter *new) { struct nd_defrouter *dr, *n; + uint64_t genid; int oldpref; + bool writelocked; if (new->rtlifetime == 0) { defrouter_remove(&new->rtaddr, new->ifp); return (NULL); } - ND6_WLOCK(); + ND6_RLOCK(); + writelocked = false; +restart: dr = defrouter_lookup_locked(&new->rtaddr, new->ifp); if (dr != NULL) { oldpref = rtpref(dr); @@ -876,10 +883,30 @@ defrtrlist_update(struct nd_defrouter *new) * router is still installed in the kernel. */ if (dr->installed && rtpref(new) == oldpref) { - ND6_WUNLOCK(); + if (writelocked) + ND6_WUNLOCK(); + else + ND6_RUNLOCK(); return (dr); } + } + /* + * The router needs to be reinserted into the default router + * list, so upgrade to a write lock. If that fails and the list + * has potentially changed while the lock was dropped, we'll + * redo the lookup with the write lock held. + */ + if (!writelocked && !ND6_TRY_UPGRADE()) { + genid = V_nd6_list_genid; + ND6_RUNLOCK(); + ND6_WLOCK(); + if (genid != V_nd6_list_genid) + goto restart; + } + writelocked = true; + + if (dr != NULL) { /* * The preferred router may have changed, so relocate this * router. @@ -913,6 +940,7 @@ defrtrlist_update(struct nd_defrouter *new) TAILQ_INSERT_BEFORE(dr, n, dr_entry); else TAILQ_INSERT_TAIL(&V_nd_defrouter, n, dr_entry); + V_nd6_list_genid++; ND6_WUNLOCK(); defrouter_select(); @@ -925,11 +953,12 @@ pfxrtr_lookup(struct nd_prefix *pr, struct nd_defrouter *dr) { struct nd_pfxrouter *search; + ND6_LOCK_ASSERT(); + LIST_FOREACH(search, &pr->ndpr_advrtrs, pfr_entry) { if (search->router == dr) break; } - return (search); } @@ -937,6 +966,16 @@ static void pfxrtr_add(struct nd_prefix *pr, struct nd_defrouter *dr) { struct nd_pfxrouter *new; + bool update; + + ND6_UNLOCK_ASSERT(); + + ND6_RLOCK(); + if (pfxrtr_lookup(pr, dr) != NULL) { + ND6_RUNLOCK(); + return; + } + ND6_RUNLOCK(); new = malloc(sizeof(*new), M_IP6NDP, M_NOWAIT | M_ZERO); if (new == NULL) @@ -944,48 +983,92 @@ pfxrtr_add(struct nd_prefix *pr, struct nd_defrouter *dr) new->router = dr; defrouter_ref(dr); - LIST_INSERT_HEAD(&pr->ndpr_advrtrs, new, pfr_entry); + update = false; + ND6_WLOCK(); + if (pfxrtr_lookup(pr, dr) == NULL) { + LIST_INSERT_HEAD(&pr->ndpr_advrtrs, new, pfr_entry); + update = true; + } else { + defrouter_rele(dr); + free(new, M_IP6NDP); + } + ND6_WUNLOCK(); - pfxlist_onlink_check(); + if (update) + pfxlist_onlink_check(); } static void -pfxrtr_del(struct nd_pfxrouter *pfr) +pfxrtr_del(struct nd_prefix *pr, struct nd_pfxrouter *pfr) { + ND6_WLOCK_ASSERT(); + LIST_REMOVE(pfr, pfr_entry); defrouter_rele(pfr->router); free(pfr, M_IP6NDP); } -struct nd_prefix * -nd6_prefix_lookup(struct nd_prefixctl *key) +static struct nd_prefix * +nd6_prefix_lookup_locked(struct nd_prefixctl *key) { struct nd_prefix *search; + ND6_LOCK_ASSERT(); + LIST_FOREACH(search, &V_nd_prefix, ndpr_entry) { if (key->ndpr_ifp == search->ndpr_ifp && key->ndpr_plen == search->ndpr_plen && in6_are_prefix_equal(&key->ndpr_prefix.sin6_addr, &search->ndpr_prefix.sin6_addr, key->ndpr_plen)) { + nd6_prefix_ref(search); break; } } + return (search); +} +struct nd_prefix * +nd6_prefix_lookup(struct nd_prefixctl *key) +{ + struct nd_prefix *search; + + ND6_RLOCK(); + search = nd6_prefix_lookup_locked(key); + ND6_RUNLOCK(); return (search); } +void +nd6_prefix_ref(struct nd_prefix *pr) +{ + + refcount_acquire(&pr->ndpr_refcnt); +} + +void +nd6_prefix_rele(struct nd_prefix *pr) +{ + + if (refcount_release(&pr->ndpr_refcnt)) { + KASSERT(LIST_EMPTY(&pr->ndpr_advrtrs), + ("prefix %p has advertising routers", pr)); + free(pr, M_IP6NDP); + } +} + int -nd6_prelist_add(struct nd_prefixctl *pr, struct nd_defrouter *dr, +nd6_prefix_add(struct nd_prefixctl *pr, struct nd_defrouter *dr, struct nd_prefix **newp) { - struct nd_prefix *new = NULL; - int error = 0; + struct nd_prefix *new; char ip6buf[INET6_ADDRSTRLEN]; + int error; new = malloc(sizeof(*new), M_IP6NDP, M_NOWAIT | M_ZERO); if (new == NULL) return (ENOMEM); + refcount_init(&new->ndpr_refcnt, newp != NULL ? 2 : 1); new->ndpr_ifp = pr->ndpr_ifp; new->ndpr_prefix = pr->ndpr_prefix; new->ndpr_plen = pr->ndpr_plen; @@ -1004,20 +1087,22 @@ nd6_prelist_add(struct nd_prefixctl *pr, struct nd_defrouter *dr, /* make prefix in the canonical form */ IN6_MASK_ADDR(&new->ndpr_prefix.sin6_addr, &new->ndpr_mask); - /* link ndpr_entry to nd_prefix list */ + ND6_WLOCK(); LIST_INSERT_HEAD(&V_nd_prefix, new, ndpr_entry); + V_nd6_list_genid++; + ND6_WUNLOCK(); /* ND_OPT_PI_FLAG_ONLINK processing */ if (new->ndpr_raf_onlink) { - int e; - - if ((e = nd6_prefix_onlink(new)) != 0) { - nd6log((LOG_ERR, "nd6_prelist_add: failed to make " + ND6_ONLINK_LOCK(); + if ((error = nd6_prefix_onlink(new)) != 0) { + nd6log((LOG_ERR, "nd6_prefix_add: failed to make " "the prefix %s/%d on-link on %s (errno=%d)\n", ip6_sprintf(ip6buf, &pr->ndpr_prefix.sin6_addr), - pr->ndpr_plen, if_name(pr->ndpr_ifp), e)); + pr->ndpr_plen, if_name(pr->ndpr_ifp), error)); /* proceed anyway. XXX: is it correct? */ } + ND6_ONLINK_UNLOCK(); } if (dr != NULL) @@ -1027,43 +1112,60 @@ nd6_prelist_add(struct nd_prefixctl *pr, struct nd_defrouter *dr, return (0); } +/* + * Remove a prefix from the prefix list and optionally stash it in a + * caller-provided list. + * + * The ND6 lock must be held. + */ void -prelist_remove(struct nd_prefix *pr) +nd6_prefix_unlink(struct nd_prefix *pr, struct nd_prhead *list) +{ + + ND6_WLOCK_ASSERT(); + + LIST_REMOVE(pr, ndpr_entry); + V_nd6_list_genid++; + if (list != NULL) + LIST_INSERT_HEAD(list, pr, ndpr_entry); +} + +void +nd6_prefix_del(struct nd_prefix *pr) { struct nd_pfxrouter *pfr, *next; int e; char ip6buf[INET6_ADDRSTRLEN]; - /* make sure to invalidate the prefix until it is really freed. */ - pr->ndpr_vltime = 0; - pr->ndpr_pltime = 0; + KASSERT(pr->ndpr_addrcnt == 0, + ("prefix %p has referencing addresses", pr)); + ND6_UNLOCK_ASSERT(); /* * Though these flags are now meaningless, we'd rather keep the value * of pr->ndpr_raf_onlink and pr->ndpr_raf_auto not to confuse users * when executing "ndp -p". */ - - if ((pr->ndpr_stateflags & NDPRF_ONLINK) != 0 && - (e = nd6_prefix_offlink(pr)) != 0) { - nd6log((LOG_ERR, "prelist_remove: failed to make %s/%d offlink " - "on %s, errno=%d\n", - ip6_sprintf(ip6buf, &pr->ndpr_prefix.sin6_addr), - pr->ndpr_plen, if_name(pr->ndpr_ifp), e)); - /* what should we do? */ + if ((pr->ndpr_stateflags & NDPRF_ONLINK) != 0) { + ND6_ONLINK_LOCK(); + if ((e = nd6_prefix_offlink(pr)) != 0) { + nd6log((LOG_ERR, + "nd6_prelist_remove: failed to make %s/%d offlink " + "on %s, errno=%d\n", + ip6_sprintf(ip6buf, &pr->ndpr_prefix.sin6_addr), + pr->ndpr_plen, if_name(pr->ndpr_ifp), e)); + /* what should we do? */ + } + ND6_ONLINK_UNLOCK(); } - if (pr->ndpr_refcnt > 0) - return; /* notice here? */ - - /* unlink ndpr_entry from nd_prefix list */ - LIST_REMOVE(pr, ndpr_entry); + ND6_WLOCK(); + /* Release references to routers that have advertised this prefix. */ + LIST_FOREACH_SAFE(pfr, &pr->ndpr_advrtrs, pfr_entry, next) + pfxrtr_del(pr, pfr); + ND6_WUNLOCK(); - /* free list of routers that advertised the prefix */ - LIST_FOREACH_SAFE(pfr, &pr->ndpr_advrtrs, pfr_entry, next) { - pfxrtr_del(pfr); - } - free(pr, M_IP6NDP); + nd6_prefix_rele(pr); pfxlist_onlink_check(); } @@ -1097,7 +1199,10 @@ prelist_update(struct nd_prefixctl *new, struct nd_defrouter *dr, #endif } - if ((pr = nd6_prefix_lookup(new)) != NULL) { + ND6_RLOCK(); + pr = nd6_prefix_lookup(new); + ND6_RUNLOCK(); + if (pr != NULL) { /* * nd6_prefix_lookup() ensures that pr and new have the same * prefix on a same interface. @@ -1123,6 +1228,7 @@ prelist_update(struct nd_prefixctl *new, struct nd_defrouter *dr, (pr->ndpr_stateflags & NDPRF_ONLINK) == 0) { int e; + ND6_ONLINK_LOCK(); if ((e = nd6_prefix_onlink(pr)) != 0) { nd6log((LOG_ERR, "prelist_update: failed to make " @@ -1133,9 +1239,10 @@ prelist_update(struct nd_prefixctl *new, struct nd_defrouter *dr, pr->ndpr_plen, if_name(pr->ndpr_ifp), e)); /* proceed anyway. XXX: is it correct? */ } + ND6_ONLINK_UNLOCK(); } - if (dr && pfxrtr_lookup(pr, dr) == NULL) + if (dr != NULL) pfxrtr_add(pr, dr); } else { if (new->ndpr_vltime == 0) @@ -1143,10 +1250,10 @@ prelist_update(struct nd_prefixctl *new, struct nd_defrouter *dr, if (new->ndpr_raf_onlink == 0 && new->ndpr_raf_auto == 0) goto end; - error = nd6_prelist_add(new, dr, &pr); + error = nd6_prefix_add(new, dr, &pr); if (error != 0) { nd6log((LOG_NOTICE, "prelist_update: " - "nd6_prelist_add failed for %s/%d on %s errno=%d\n", + "nd6_prefix_add failed for %s/%d on %s errno=%d\n", ip6_sprintf(ip6buf, &new->ndpr_prefix.sin6_addr), new->ndpr_plen, if_name(new->ndpr_ifp), error)); goto end; /* we should just give up in this case. */ @@ -1356,7 +1463,7 @@ prelist_update(struct nd_prefixctl *new, struct nd_defrouter *dr, /* * note that we should use pr (not new) for reference. */ - pr->ndpr_refcnt++; + pr->ndpr_addrcnt++; ia6->ia6_ndpr = pr; /* @@ -1394,8 +1501,10 @@ prelist_update(struct nd_prefixctl *new, struct nd_defrouter *dr, } } - end: - return error; +end: + if (pr != NULL) + nd6_prefix_rele(pr); + return (error); } /* @@ -1410,6 +1519,8 @@ find_pfxlist_reachable_router(struct nd_prefix *pr) struct llentry *ln; int canreach; + ND6_LOCK_ASSERT(); + LIST_FOREACH(pfxrtr, &pr->ndpr_advrtrs, pfr_entry) { IF_AFDATA_RLOCK(pfxrtr->router->ifp); ln = nd6_lookup(&pfxrtr->router->rtaddr, 0, pfxrtr->router->ifp); @@ -1445,6 +1556,11 @@ pfxlist_onlink_check(void) struct nd_defrouter *dr; struct nd_pfxrouter *pfxrtr = NULL; struct rm_priotracker in6_ifa_tracker; + uint64_t genid; + uint32_t flags; + + ND6_ONLINK_LOCK(); + ND6_RLOCK(); /* * Check if there is a prefix that has a reachable advertising @@ -1460,7 +1576,6 @@ pfxlist_onlink_check(void) * that does not advertise any prefixes. */ if (pr == NULL) { - ND6_RLOCK(); TAILQ_FOREACH(dr, &V_nd_defrouter, dr_entry) { struct nd_prefix *pr0; @@ -1471,7 +1586,6 @@ pfxlist_onlink_check(void) if (pfxrtr != NULL) break; } - ND6_RUNLOCK(); } if (pr != NULL || (!TAILQ_EMPTY(&V_nd_defrouter) && pfxrtr == NULL)) { /* @@ -1485,40 +1599,26 @@ pfxlist_onlink_check(void) */ LIST_FOREACH(pr, &V_nd_prefix, ndpr_entry) { /* XXX: a link-local prefix should never be detached */ - if (IN6_IS_ADDR_LINKLOCAL(&pr->ndpr_prefix.sin6_addr)) - continue; - - /* - * we aren't interested in prefixes without the L bit - * set. - */ - if (pr->ndpr_raf_onlink == 0) - continue; - - if (pr->ndpr_raf_auto == 0) + if (IN6_IS_ADDR_LINKLOCAL(&pr->ndpr_prefix.sin6_addr) || + pr->ndpr_raf_onlink == 0 || + pr->ndpr_raf_auto == 0) continue; if ((pr->ndpr_stateflags & NDPRF_DETACHED) == 0 && find_pfxlist_reachable_router(pr) == NULL) pr->ndpr_stateflags |= NDPRF_DETACHED; - if ((pr->ndpr_stateflags & NDPRF_DETACHED) != 0 && + else if ((pr->ndpr_stateflags & NDPRF_DETACHED) != 0 && find_pfxlist_reachable_router(pr) != NULL) pr->ndpr_stateflags &= ~NDPRF_DETACHED; } } else { /* there is no prefix that has a reachable router */ LIST_FOREACH(pr, &V_nd_prefix, ndpr_entry) { - if (IN6_IS_ADDR_LINKLOCAL(&pr->ndpr_prefix.sin6_addr)) - continue; - - if (pr->ndpr_raf_onlink == 0) - continue; - - if (pr->ndpr_raf_auto == 0) + if (IN6_IS_ADDR_LINKLOCAL(&pr->ndpr_prefix.sin6_addr) || + pr->ndpr_raf_onlink == 0 || + pr->ndpr_raf_auto == 0) continue; - - if ((pr->ndpr_stateflags & NDPRF_DETACHED) != 0) - pr->ndpr_stateflags &= ~NDPRF_DETACHED; + pr->ndpr_stateflags &= ~NDPRF_DETACHED; } } @@ -1530,34 +1630,30 @@ pfxlist_onlink_check(void) * interfaces. Such cases will be handled in nd6_prefix_onlink, * so we don't have to care about them. */ +restart_scan: LIST_FOREACH(pr, &V_nd_prefix, ndpr_entry) { - int e; char ip6buf[INET6_ADDRSTRLEN]; + int e; - if (IN6_IS_ADDR_LINKLOCAL(&pr->ndpr_prefix.sin6_addr)) - continue; - - if (pr->ndpr_raf_onlink == 0) - continue; - - if (pr->ndpr_raf_auto == 0) + if (IN6_IS_ADDR_LINKLOCAL(&pr->ndpr_prefix.sin6_addr) || + pr->ndpr_raf_onlink == 0 || + pr->ndpr_raf_auto == 0) continue; - if ((pr->ndpr_stateflags & NDPRF_DETACHED) != 0 && - (pr->ndpr_stateflags & NDPRF_ONLINK) != 0) { - if ((e = nd6_prefix_offlink(pr)) != 0) { + flags = pr->ndpr_stateflags & (NDPRF_DETACHED | NDPRF_ONLINK); + if (flags == 0 || flags == (NDPRF_DETACHED | NDPRF_ONLINK)) { + genid = V_nd6_list_genid; + ND6_RUNLOCK(); + if ((flags & NDPRF_ONLINK) != 0 && + (e = nd6_prefix_offlink(pr)) != 0) { nd6log((LOG_ERR, "pfxlist_onlink_check: failed to " "make %s/%d offlink, errno=%d\n", ip6_sprintf(ip6buf, &pr->ndpr_prefix.sin6_addr), pr->ndpr_plen, e)); - } - } - if ((pr->ndpr_stateflags & NDPRF_DETACHED) == 0 && - (pr->ndpr_stateflags & NDPRF_ONLINK) == 0 && - pr->ndpr_raf_onlink) { - if ((e = nd6_prefix_onlink(pr)) != 0) { + } else if ((flags & NDPRF_ONLINK) == 0 && + (e = nd6_prefix_onlink(pr)) != 0) { nd6log((LOG_ERR, "pfxlist_onlink_check: failed to " "make %s/%d onlink, errno=%d\n", @@ -1565,6 +1661,9 @@ pfxlist_onlink_check(void) &pr->ndpr_prefix.sin6_addr), pr->ndpr_plen, e)); } + ND6_RLOCK(); + if (genid != V_nd6_list_genid) + goto restart_scan; } } @@ -1625,6 +1724,8 @@ pfxlist_onlink_check(void) } } IN6_IFADDR_RUNLOCK(&in6_ifa_tracker); + ND6_RUNLOCK(); + ND6_ONLINK_UNLOCK(); } static int @@ -1673,7 +1774,6 @@ nd6_prefix_onlink_rtrequest(struct nd_prefix *pr, struct ifaddr *ifa) RIB_WUNLOCK(rnh); nd6_rtmsg(RTM_ADD, rt); RT_UNLOCK(rt); - pr->ndpr_stateflags |= NDPRF_ONLINK; } else { char ip6buf[INET6_ADDRSTRLEN]; char ip6bufg[INET6_ADDRSTRLEN]; @@ -1714,6 +1814,8 @@ nd6_prefix_onlink(struct nd_prefix *pr) int error = 0; char ip6buf[INET6_ADDRSTRLEN]; + ND6_UNLOCK_ASSERT(); + /* sanity check */ if ((pr->ndpr_stateflags & NDPRF_ONLINK) != 0) { nd6log((LOG_ERR, @@ -1730,6 +1832,7 @@ nd6_prefix_onlink(struct nd_prefix *pr) * Although such a configuration is expected to be rare, we explicitly * allow it. */ + ND6_RLOCK(); LIST_FOREACH(opr, &V_nd_prefix, ndpr_entry) { if (opr == pr) continue; @@ -1739,9 +1842,12 @@ nd6_prefix_onlink(struct nd_prefix *pr) if (opr->ndpr_plen == pr->ndpr_plen && in6_are_prefix_equal(&pr->ndpr_prefix.sin6_addr, - &opr->ndpr_prefix.sin6_addr, pr->ndpr_plen)) + &opr->ndpr_prefix.sin6_addr, pr->ndpr_plen)) { + ND6_RUNLOCK(); return (0); + } } + ND6_RUNLOCK(); /* * We prefer link-local addresses as the associated interface address. @@ -1777,6 +1883,8 @@ nd6_prefix_onlink(struct nd_prefix *pr) } error = nd6_prefix_onlink_rtrequest(pr, ifa); + if (error == 0) + pr->ndpr_stateflags |= NDPRF_ONLINK; if (ifa != NULL) ifa_free(ifa); @@ -1793,8 +1901,12 @@ nd6_prefix_offlink(struct nd_prefix *pr) struct sockaddr_in6 sa6, mask6; struct rtentry *rt; char ip6buf[INET6_ADDRSTRLEN]; + uint64_t genid; int fibnum, a_failure; + ND6_ONLINK_LOCK_ASSERT(); + ND6_UNLOCK_ASSERT(); + /* sanity check */ if ((pr->ndpr_stateflags & NDPRF_ONLINK) == 0) { nd6log((LOG_ERR, @@ -1843,18 +1955,18 @@ nd6_prefix_offlink(struct nd_prefix *pr) * If there's one, try to make the prefix on-link on the * interface. */ + ND6_RLOCK(); +restart: LIST_FOREACH(opr, &V_nd_prefix, ndpr_entry) { if (opr == pr) continue; - if ((opr->ndpr_stateflags & NDPRF_ONLINK) != 0) - continue; - /* * KAME specific: detached prefixes should not be * on-link. */ - if ((opr->ndpr_stateflags & NDPRF_DETACHED) != 0) + if ((opr->ndpr_stateflags & + (NDPRF_ONLINK | NDPRF_DETACHED)) != 0) continue; if (opr->ndpr_plen == pr->ndpr_plen && @@ -1862,6 +1974,8 @@ nd6_prefix_offlink(struct nd_prefix *pr) &opr->ndpr_prefix.sin6_addr, pr->ndpr_plen)) { int e; + genid = V_nd6_list_genid; + ND6_RUNLOCK(); if ((e = nd6_prefix_onlink(opr)) != 0) { nd6log((LOG_ERR, "nd6_prefix_offlink: failed to " @@ -1873,8 +1987,12 @@ nd6_prefix_offlink(struct nd_prefix *pr) if_name(opr->ndpr_ifp), e)); } else a_failure = 0; + ND6_RLOCK(); + if (genid != V_nd6_list_genid) + goto restart; } } + ND6_RUNLOCK(); } else { /* XXX: can we still set the NDPRF_ONLINK flag? */ nd6log((LOG_ERR, @@ -2114,7 +2232,7 @@ in6_tmpifadd(const struct in6_ifaddr *ia0, int forcegen, int delay) return (EINVAL); /* XXX */ } newia->ia6_ndpr = ia0->ia6_ndpr; - newia->ia6_ndpr->ndpr_refcnt++; + newia->ia6_ndpr->ndpr_addrcnt++; ifa_free(&newia->ia_ifa); /*