mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5047 lines
143 KiB
5047 lines
143 KiB
// -*- mode: C++; tab-width: 4; indent-tabs-mode: nil -*- (for GNU Emacs)
|
|
//
|
|
// Copyright (c) 1985-2000 Microsoft Corporation
|
|
//
|
|
// This file is part of the Microsoft Research IPv6 Network Protocol Stack.
|
|
// You should have received a copy of the Microsoft End-User License Agreement
|
|
// for this software along with this release; see the file "license.txt".
|
|
// If not, please see http://www.research.microsoft.com/msripv6/license.htm,
|
|
// or write to Microsoft Research, One Microsoft Way, Redmond, WA 98052-6399.
|
|
//
|
|
// Abstract:
|
|
//
|
|
// General IPv6 initialization code lives here.
|
|
// Actually, this file is mostly interface/address management code.
|
|
//
|
|
|
|
|
|
#include "oscfg.h"
|
|
#include "ndis.h"
|
|
#include "ip6imp.h"
|
|
#include "ip6def.h"
|
|
#include "llip6if.h"
|
|
#include "route.h"
|
|
#include "select.h"
|
|
#include "icmp.h"
|
|
#include "neighbor.h"
|
|
#include <tdiinfo.h>
|
|
#include <tdi.h>
|
|
#include <tdikrnl.h>
|
|
#include "alloca.h"
|
|
#include "security.h"
|
|
#include "mld.h"
|
|
#include "md5.h"
|
|
#include "info.h"
|
|
#include <ntddip6.h>
|
|
|
|
extern void TCPRemoveIF(Interface *IF);
|
|
static void InterfaceStopForwarding(Interface *IF);
|
|
|
|
//
|
|
// Useful IPv6 Address Constants.
|
|
//
|
|
IPv6Addr UnspecifiedAddr = { 0 };
|
|
IPv6Addr LoopbackAddr = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01};
|
|
IPv6Addr AllNodesOnNodeAddr = {0xff, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01};
|
|
IPv6Addr AllNodesOnLinkAddr = {0xff, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01};
|
|
IPv6Addr AllRoutersOnLinkAddr = {0xff, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02};
|
|
IPv6Addr LinkLocalPrefix = {0xfe, 0x80, };
|
|
IPv6Addr SiteLocalPrefix = {0xfe, 0xc0, };
|
|
IPv6Addr SixToFourPrefix = {0x20, 0x02, };
|
|
IPv6Addr V4MappedPrefix = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0xff, 0xff, };
|
|
IPv6Addr MulticastPrefix = {0xff, };
|
|
|
|
|
|
static uint MulticastScopes[] = {
|
|
ADE_INTERFACE_LOCAL,
|
|
ADE_LINK_LOCAL,
|
|
ADE_SITE_LOCAL,
|
|
ADE_ORG_LOCAL,
|
|
ADE_GLOBAL
|
|
};
|
|
|
|
//
|
|
// These variables are initialized from the registry.
|
|
// See ConfigureGlobalParameters.
|
|
//
|
|
uint DefaultCurHopLimit;
|
|
uint MaxAnonDADAttempts;
|
|
uint MaxAnonPreferredLifetime;
|
|
uint MaxAnonValidLifetime;
|
|
uint AnonRegenerateTime;
|
|
uint UseAnonymousAddresses;
|
|
uint MaxAnonRandomTime;
|
|
uint AnonRandomTime;
|
|
|
|
#define AnonPreferredLifetime (MaxAnonPreferredLifetime - AnonRandomTime)
|
|
|
|
//
|
|
// Timer variables.
|
|
//
|
|
KTIMER IPv6Timer;
|
|
KDPC IPv6TimeoutDpc;
|
|
int IPv6TimerStarted = FALSE;
|
|
|
|
uint PacketPoolSize;
|
|
|
|
NDIS_HANDLE IPv6PacketPool, IPv6BufferPool;
|
|
|
|
//
|
|
// Statistics
|
|
//
|
|
IPInternalPerCpuStats IPPerCpuStats[IPS_MAX_PROCESSOR_BUCKETS];
|
|
CACHE_ALIGN IPSNMPInfo IPSInfo;
|
|
uint NumForwardingInterfaces;
|
|
|
|
//
|
|
// The NetTableListLock may be acquired while holding an interface lock.
|
|
//
|
|
NetTableEntry *NetTableList; // Global list of NTEs.
|
|
KSPIN_LOCK NetTableListLock; // Lock protecting this list.
|
|
|
|
//
|
|
// The IFListLock may be acquired while holding an interface lock
|
|
// or route lock.
|
|
//
|
|
KSPIN_LOCK IFListLock; // Lock protecting this list.
|
|
Interface *IFList = NULL; // List of interfaces active.
|
|
|
|
//
|
|
// The ZoneUpdateLock prevents concurrent updates
|
|
// of interface ZoneIndices.
|
|
//
|
|
KSPIN_LOCK ZoneUpdateLock;
|
|
|
|
//
|
|
// Used to assign indices to interfaces.
|
|
// See InterfaceIndex.
|
|
//
|
|
uint NextIFIndex = 0;
|
|
|
|
|
|
//* AddNTEToNetTableList
|
|
//
|
|
// Called with the list already locked.
|
|
//
|
|
void
|
|
AddNTEToNetTableList(NetTableEntry *NTE)
|
|
{
|
|
if (NetTableList != NULL)
|
|
NetTableList->PrevOnNTL = &NTE->NextOnNTL;
|
|
|
|
NTE->PrevOnNTL = &NetTableList;
|
|
NTE->NextOnNTL = NetTableList;
|
|
NetTableList = NTE;
|
|
IPSInfo.ipsi_numaddr++;
|
|
}
|
|
|
|
|
|
//* RemoveNTEFromNetTableList
|
|
//
|
|
// Called with the list already locked.
|
|
//
|
|
void
|
|
RemoveNTEFromNetTableList(NetTableEntry *NTE)
|
|
{
|
|
NetTableEntry *NextNTE;
|
|
|
|
NextNTE = NTE->NextOnNTL;
|
|
*NTE->PrevOnNTL = NextNTE;
|
|
if (NextNTE != NULL)
|
|
NextNTE->PrevOnNTL = NTE->PrevOnNTL;
|
|
IPSInfo.ipsi_numaddr--;
|
|
}
|
|
|
|
|
|
//* AddNTEToInterface
|
|
//
|
|
// Adds an NTE to an Interface's list of ADEs.
|
|
//
|
|
// Called with the interface already locked.
|
|
//
|
|
void
|
|
AddNTEToInterface(Interface *IF, NetTableEntry *NTE)
|
|
{
|
|
//
|
|
// The NTE holds a reference for the interface,
|
|
// so anyone with a reference for the NTE
|
|
// can safely dereference NTE->IF.
|
|
//
|
|
AddRefIF(IF);
|
|
|
|
NTE->IF = IF;
|
|
NTE->Next = IF->ADE;
|
|
IF->ADE = (AddressEntry *)NTE;
|
|
}
|
|
|
|
|
|
//* RemoveNTEFromInterface
|
|
//
|
|
// Removes a new NTE from the Interface's list of ADEs.
|
|
//
|
|
// Called with the interface already locked.
|
|
// The NTE must be first on the list.
|
|
//
|
|
void
|
|
RemoveNTEFromInterface(Interface *IF, NetTableEntry *NTE)
|
|
{
|
|
ASSERT(IF->ADE == (AddressEntry *)NTE);
|
|
IF->ADE = NTE->Next;
|
|
ReleaseIF(IF);
|
|
}
|
|
|
|
|
|
typedef struct SynchronizeMulticastContext {
|
|
WORK_QUEUE_ITEM WQItem;
|
|
Interface *IF;
|
|
} SynchronizeMulticastContext;
|
|
|
|
//* SynchronizeMulticastAddresses
|
|
//
|
|
// Synchronize the interface's list of link-layer multicast addresses
|
|
// with the link's knowledge of those addresses.
|
|
//
|
|
// Callable from thread context, not from DPC context.
|
|
// Called with no locks held.
|
|
//
|
|
void
|
|
SynchronizeMulticastAddresses(void *Context)
|
|
{
|
|
SynchronizeMulticastContext *smc = (SynchronizeMulticastContext *) Context;
|
|
Interface *IF = smc->IF;
|
|
void *LinkAddresses;
|
|
LinkLayerMulticastAddress *MCastAddr;
|
|
uint SizeofLLMA = SizeofLinkLayerMulticastAddress(IF);
|
|
uint NumKeep, NumDeleted, NumAdded, Position;
|
|
uint i;
|
|
NDIS_STATUS Status;
|
|
KIRQL OldIrql;
|
|
|
|
ExFreePool(smc);
|
|
|
|
//
|
|
// First acquire the heavy-weight lock used to serialize
|
|
// SetMCastAddrList operations.
|
|
//
|
|
KeWaitForSingleObject(&IF->WorkerLock, Executive, KernelMode,
|
|
FALSE, NULL);
|
|
|
|
//
|
|
// Second acquire the lock that protects the interface,
|
|
// so we can examine IF->MCastAddresses et al.
|
|
//
|
|
KeAcquireSpinLock(&IF->Lock, &OldIrql);
|
|
|
|
//
|
|
// If this interface is going away, do nothing.
|
|
//
|
|
if (IsDisabledIF(IF)) {
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_INFO_RARE,
|
|
"SynchronizeMulticastContext(IF %p)"
|
|
" - disabled (%u refs)\n", IF, IF->RefCnt));
|
|
goto ErrorExit;
|
|
}
|
|
|
|
//
|
|
// Allocate sufficient space for the link addresses
|
|
// that we will pass to SetMCastAddrList.
|
|
// This is actually an over-estimate.
|
|
//
|
|
LinkAddresses = ExAllocatePool(NonPagedPool,
|
|
IF->MCastAddrNum * IF->LinkAddressLength);
|
|
if (LinkAddresses == NULL) {
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_NTOS_ERROR,
|
|
"SynchronizeMulticastContext(IF %p) - no pool\n", IF));
|
|
goto ErrorExit;
|
|
}
|
|
|
|
//
|
|
// Make three passes through the address array,
|
|
// constructing LinkAddresses.
|
|
//
|
|
|
|
NumKeep = 0;
|
|
MCastAddr = IF->MCastAddresses;
|
|
for (i = 0; i < IF->MCastAddrNum; i++) {
|
|
|
|
if ((MCastAddr->RefCntAndFlags & LLMA_FLAG_REGISTERED) &&
|
|
IsLLMAReferenced(MCastAddr)) {
|
|
//
|
|
// This address has already been registered,
|
|
// and we are keeping it.
|
|
//
|
|
Position = NumKeep++;
|
|
RtlCopyMemory(((uchar *)LinkAddresses +
|
|
Position * IF->LinkAddressLength),
|
|
MCastAddr->LinkAddress,
|
|
IF->LinkAddressLength);
|
|
}
|
|
|
|
MCastAddr = (LinkLayerMulticastAddress *)
|
|
((uchar *)MCastAddr + SizeofLLMA);
|
|
}
|
|
|
|
if (NumKeep == IF->MCastAddrNum) {
|
|
//
|
|
// Can happen if there are races between worker threads,
|
|
// but should be rare.
|
|
//
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_INFO_RARE,
|
|
"SynchronizeMulticastAddresses - noop?\n"));
|
|
ExFreePool(LinkAddresses);
|
|
goto ErrorExit;
|
|
}
|
|
|
|
NumAdded = 0;
|
|
MCastAddr = IF->MCastAddresses;
|
|
for (i = 0; i < IF->MCastAddrNum; i++) {
|
|
|
|
if (!(MCastAddr->RefCntAndFlags & LLMA_FLAG_REGISTERED) &&
|
|
IsLLMAReferenced(MCastAddr)) {
|
|
//
|
|
// This address has not been registered,
|
|
// and we are adding it.
|
|
// We set LLMA_FLAG_REGISTERED below,
|
|
// after we are past all error cases.
|
|
//
|
|
Position = NumKeep + NumAdded++;
|
|
RtlCopyMemory(((uchar *)LinkAddresses +
|
|
Position * IF->LinkAddressLength),
|
|
MCastAddr->LinkAddress,
|
|
IF->LinkAddressLength);
|
|
}
|
|
|
|
MCastAddr = (LinkLayerMulticastAddress *)
|
|
((uchar *)MCastAddr + SizeofLLMA);
|
|
}
|
|
|
|
NumDeleted = 0;
|
|
MCastAddr = IF->MCastAddresses;
|
|
for (i = 0; i < IF->MCastAddrNum; i++) {
|
|
|
|
if ((MCastAddr->RefCntAndFlags & LLMA_FLAG_REGISTERED) &&
|
|
!IsLLMAReferenced(MCastAddr)) {
|
|
//
|
|
// This address has already been registered,
|
|
// and we are deleting it.
|
|
//
|
|
Position = NumKeep + NumAdded + NumDeleted++;
|
|
RtlCopyMemory(((uchar *)LinkAddresses +
|
|
Position * IF->LinkAddressLength),
|
|
MCastAddr->LinkAddress,
|
|
IF->LinkAddressLength);
|
|
}
|
|
|
|
MCastAddr = (LinkLayerMulticastAddress *)
|
|
((uchar *)MCastAddr + SizeofLLMA);
|
|
}
|
|
|
|
//
|
|
// Some addresses might have been added & removed
|
|
// before being registered, so they have a zero RefCnt.
|
|
// We do not want to notify the link-layer about them.
|
|
//
|
|
ASSERT(NumKeep + NumAdded + NumDeleted <= IF->MCastAddrNum);
|
|
|
|
//
|
|
// Remove any unreferenced addresses.
|
|
//
|
|
if (NumKeep + NumAdded != IF->MCastAddrNum) {
|
|
LinkLayerMulticastAddress *NewMCastAddresses;
|
|
LinkLayerMulticastAddress *NewMCastAddr;
|
|
LinkLayerMulticastAddress *MCastAddrMark;
|
|
LinkLayerMulticastAddress *NextMCastAddr;
|
|
UINT_PTR Length;
|
|
|
|
if (NumKeep + NumAdded == 0) {
|
|
//
|
|
// None left.
|
|
//
|
|
NewMCastAddresses = NULL;
|
|
}
|
|
else {
|
|
NewMCastAddresses = ExAllocatePool(NonPagedPool,
|
|
((NumKeep + NumAdded) * SizeofLLMA));
|
|
if (NewMCastAddresses == NULL) {
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_NTOS_ERROR,
|
|
"SynchronizeMulticastContext(IF %p)"
|
|
" - no pool\n", IF));
|
|
ExFreePool(LinkAddresses);
|
|
goto ErrorExit;
|
|
}
|
|
|
|
//
|
|
// Copy the addresses that are still referenced
|
|
// to the new array. Normally there will only be
|
|
// one unreferenced address, so it's faster to search
|
|
// for it and then copy the elements before and after.
|
|
// Of course there might be multiple unreferenced addresses.
|
|
//
|
|
NewMCastAddr = NewMCastAddresses;
|
|
MCastAddrMark = IF->MCastAddresses;
|
|
for (i = 0, MCastAddr = IF->MCastAddresses;
|
|
i < IF->MCastAddrNum;
|
|
i++, MCastAddr = NextMCastAddr) {
|
|
|
|
NextMCastAddr = (LinkLayerMulticastAddress *)
|
|
((uchar *)MCastAddr + SizeofLLMA);
|
|
|
|
if (!IsLLMAReferenced(MCastAddr)) {
|
|
//
|
|
// Remove this address because it has no references.
|
|
//
|
|
if (MCastAddrMark < MCastAddr) {
|
|
Length = (uchar *)MCastAddr - (uchar *)MCastAddrMark;
|
|
RtlCopyMemory(NewMCastAddr, MCastAddrMark, Length);
|
|
NewMCastAddr = (LinkLayerMulticastAddress *)
|
|
((uchar *)NewMCastAddr + Length);
|
|
}
|
|
MCastAddrMark = NextMCastAddr;
|
|
}
|
|
else {
|
|
//
|
|
// Remember that we are registering this address.
|
|
//
|
|
MCastAddr->RefCntAndFlags |= LLMA_FLAG_REGISTERED;
|
|
}
|
|
}
|
|
|
|
if (MCastAddrMark < MCastAddr) {
|
|
Length = (uchar *)MCastAddr - (uchar *)MCastAddrMark;
|
|
RtlCopyMemory(NewMCastAddr, MCastAddrMark, Length);
|
|
}
|
|
}
|
|
|
|
ExFreePool(IF->MCastAddresses);
|
|
IF->MCastAddresses = NewMCastAddresses;
|
|
IF->MCastAddrNum = NumKeep + NumAdded;
|
|
}
|
|
else {
|
|
//
|
|
// We need to set LLMA_FLAG_REGISTERED.
|
|
//
|
|
MCastAddr = IF->MCastAddresses;
|
|
for (i = 0; i < IF->MCastAddrNum; i++) {
|
|
|
|
MCastAddr->RefCntAndFlags |= LLMA_FLAG_REGISTERED;
|
|
|
|
MCastAddr = (LinkLayerMulticastAddress *)
|
|
((uchar *)MCastAddr + SizeofLLMA);
|
|
}
|
|
}
|
|
|
|
//
|
|
// We have constructed the LinkAddresses array from the interface.
|
|
// Before we can call SetMCastAddrList, we must drop the interface lock.
|
|
// We still hold the heavy-weight WorkerLock, so multiple SetMCastAddrList
|
|
// calls are properly serialized.
|
|
//
|
|
KeReleaseSpinLock(&IF->Lock, OldIrql);
|
|
|
|
//
|
|
// Pass the multicast link addresses down to the link layer,
|
|
// if there's actually anything changed.
|
|
//
|
|
if (NumAdded + NumDeleted == 0) {
|
|
//
|
|
// Can happen if there are races between worker threads,
|
|
// but should be very rare.
|
|
//
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_INFO_RARE,
|
|
"SynchronizeMulticastAddresses - noop?\n"));
|
|
}
|
|
else {
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_INFO_STATE,
|
|
"SynchronizeMulticastAddresses(IF %p) %u + %u + %u\n",
|
|
IF, NumKeep, NumAdded, NumDeleted));
|
|
Status = (*IF->SetMCastAddrList)(IF->LinkContext, LinkAddresses,
|
|
NumKeep, NumAdded, NumDeleted);
|
|
if (Status != NDIS_STATUS_SUCCESS) {
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_INTERNAL_ERROR,
|
|
"SynchronizeMulticastAddresses(%p) -> %x\n", IF, Status));
|
|
}
|
|
}
|
|
|
|
KeReleaseMutex(&IF->WorkerLock, FALSE);
|
|
ExFreePool(LinkAddresses);
|
|
ReleaseIF(IF);
|
|
return;
|
|
|
|
ErrorExit:
|
|
KeReleaseSpinLock(&IF->Lock, OldIrql);
|
|
KeReleaseMutex(&IF->WorkerLock, FALSE);
|
|
ReleaseIF(IF);
|
|
}
|
|
|
|
//* DeferSynchronizeMulticastAddresses
|
|
//
|
|
// Because SynchronizeMulticastAddresses can only be called
|
|
// from a thread context with no locks held, this function
|
|
// provides a way to defer a call to SynchronizeMulticastAddresses
|
|
// when running at DPC level.
|
|
//
|
|
// In error cases (memory allocation failure),
|
|
// we return with IF_FLAG_MCAST_SYNC still set,
|
|
// so we will be called again later.
|
|
//
|
|
// Called with the interface lock held.
|
|
//
|
|
void
|
|
DeferSynchronizeMulticastAddresses(Interface *IF)
|
|
{
|
|
SynchronizeMulticastContext *smc;
|
|
|
|
smc = ExAllocatePool(NonPagedPool, sizeof *smc);
|
|
if (smc == NULL) {
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_NTOS_ERROR,
|
|
"DeferSynchronizeMulticastAddresses - no pool\n"));
|
|
return;
|
|
}
|
|
|
|
ExInitializeWorkItem(&smc->WQItem, SynchronizeMulticastAddresses, smc);
|
|
smc->IF = IF;
|
|
AddRefIF(IF);
|
|
IF->Flags &= ~IF_FLAG_MCAST_SYNC;
|
|
|
|
ExQueueWorkItem(&smc->WQItem, CriticalWorkQueue);
|
|
}
|
|
|
|
//* CheckLinkLayerMulticastAddress
|
|
//
|
|
// Is the interface receiving this link-layer multicast address?
|
|
//
|
|
// Callable from thread or DPC context.
|
|
// Called with no locks held.
|
|
//
|
|
int
|
|
CheckLinkLayerMulticastAddress(Interface *IF, const void *LinkAddress)
|
|
{
|
|
if (IF->SetMCastAddrList == NULL) {
|
|
//
|
|
// The interface does not track multicast link-layer addresses.
|
|
// For example, point-to-point or loopback interfaces.
|
|
// We must assume that the interface wants to receive all
|
|
// link-layer multicasts.
|
|
//
|
|
return TRUE;
|
|
}
|
|
else {
|
|
KIRQL OldIrql;
|
|
LinkLayerMulticastAddress *MCastAddr;
|
|
uint SizeofLLMA = SizeofLinkLayerMulticastAddress(IF);
|
|
uint i;
|
|
int Found = FALSE;
|
|
|
|
KeAcquireSpinLock(&IF->Lock, &OldIrql);
|
|
MCastAddr = IF->MCastAddresses;
|
|
for (i = 0; i < IF->MCastAddrNum; i++) {
|
|
//
|
|
// Have we found the link-layer address?
|
|
//
|
|
if (RtlCompareMemory(MCastAddr->LinkAddress, LinkAddress,
|
|
IF->LinkAddressLength) ==
|
|
IF->LinkAddressLength) {
|
|
if (IsLLMAReferenced(MCastAddr))
|
|
Found = TRUE;
|
|
break;
|
|
}
|
|
|
|
MCastAddr = (LinkLayerMulticastAddress *)
|
|
((uchar *)MCastAddr + SizeofLLMA);
|
|
}
|
|
KeReleaseSpinLock(&IF->Lock, OldIrql);
|
|
|
|
return Found;
|
|
}
|
|
}
|
|
|
|
//* AddLinkLayerMulticastAddress
|
|
//
|
|
// Called to indicate interest in the link-layer multicast address
|
|
// corresponding to the supplied IPv6 multicast address.
|
|
//
|
|
// Called with the interface locked.
|
|
//
|
|
void
|
|
AddLinkLayerMulticastAddress(Interface *IF, const IPv6Addr *Address)
|
|
{
|
|
//
|
|
// If the interface doesn't keep track of link-layer multicast
|
|
// addresses (e.g., if it's P2P), we don't need to do anything.
|
|
//
|
|
if (IF->SetMCastAddrList != NULL) {
|
|
void *LinkAddress = alloca(IF->LinkAddressLength);
|
|
LinkLayerMulticastAddress *MCastAddr;
|
|
uint SizeofLLMA = SizeofLinkLayerMulticastAddress(IF);
|
|
uint i;
|
|
|
|
//
|
|
// Create the link-layer multicast address
|
|
// that corresponds to the IPv6 multicast address.
|
|
//
|
|
(*IF->ConvertAddr)(IF->LinkContext, Address, LinkAddress);
|
|
|
|
//
|
|
// Check if the link-layer multicast address is already present.
|
|
//
|
|
|
|
MCastAddr = IF->MCastAddresses;
|
|
for (i = 0; i < IF->MCastAddrNum; i++) {
|
|
//
|
|
// Have we found the link-layer address?
|
|
//
|
|
if (RtlCompareMemory(MCastAddr->LinkAddress, LinkAddress,
|
|
IF->LinkAddressLength) ==
|
|
IF->LinkAddressLength)
|
|
goto FoundMCastAddr;
|
|
|
|
MCastAddr = (LinkLayerMulticastAddress *)
|
|
((uchar *)MCastAddr + SizeofLLMA);
|
|
}
|
|
|
|
//
|
|
// We must add this link-layer multicast address.
|
|
//
|
|
|
|
MCastAddr = ExAllocatePool(NonPagedPool,
|
|
(IF->MCastAddrNum + 1) * SizeofLLMA);
|
|
if (MCastAddr == NULL) {
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_NTOS_ERROR,
|
|
"AddLinkLayerMulticastAddress - no pool\n"));
|
|
return;
|
|
}
|
|
|
|
if (IF->MCastAddresses != NULL) {
|
|
RtlCopyMemory(MCastAddr, IF->MCastAddresses,
|
|
IF->MCastAddrNum * SizeofLLMA);
|
|
ExFreePool(IF->MCastAddresses);
|
|
}
|
|
|
|
IF->MCastAddresses = MCastAddr;
|
|
|
|
MCastAddr = (LinkLayerMulticastAddress *)
|
|
((uchar *)MCastAddr + IF->MCastAddrNum * SizeofLLMA);
|
|
MCastAddr->RefCntAndFlags = 0;
|
|
RtlCopyMemory(MCastAddr->LinkAddress, LinkAddress, IF->LinkAddressLength);
|
|
|
|
IF->MCastAddrNum++;
|
|
IF->Flags |= IF_FLAG_MCAST_SYNC;
|
|
|
|
FoundMCastAddr:
|
|
AddRefLLMA(MCastAddr);
|
|
}
|
|
}
|
|
|
|
//* DelLinkLayerMulticastAddress
|
|
//
|
|
// Called to retract interest in the link-layer multicast address
|
|
// corresponding to the supplied IPv6 multicast address.
|
|
//
|
|
// Called with the interface locked.
|
|
//
|
|
void
|
|
DelLinkLayerMulticastAddress(Interface *IF, IPv6Addr *Address)
|
|
{
|
|
//
|
|
// If the interface doesn't keep track of link-layer multicast
|
|
// addresses (e.g., if it's P2P), we don't need to do anything.
|
|
//
|
|
if (IF->SetMCastAddrList != NULL) {
|
|
void *LinkAddress = alloca(IF->LinkAddressLength);
|
|
LinkLayerMulticastAddress *MCastAddr;
|
|
uint SizeofLLMA = SizeofLinkLayerMulticastAddress(IF);
|
|
uint i;
|
|
|
|
//
|
|
// Create the link-layer multicast address
|
|
// that corresponds to the IPv6 multicast address.
|
|
//
|
|
(*IF->ConvertAddr)(IF->LinkContext, Address, LinkAddress);
|
|
|
|
//
|
|
// Find the link-layer multicast address.
|
|
// It must be present, but if it isn't, we avoid crashing.
|
|
//
|
|
|
|
MCastAddr = IF->MCastAddresses;
|
|
for (i = 0; i < IF->MCastAddrNum; i++) {
|
|
|
|
//
|
|
// Have we found the link-layer address?
|
|
//
|
|
if (RtlCompareMemory(MCastAddr->LinkAddress, LinkAddress,
|
|
IF->LinkAddressLength) ==
|
|
IF->LinkAddressLength) {
|
|
//
|
|
// Decrement the address's refcount.
|
|
// If it hits zero, indicate a need to synchronize.
|
|
//
|
|
ASSERT(IsLLMAReferenced(MCastAddr));
|
|
ReleaseLLMA(MCastAddr);
|
|
if (!IsLLMAReferenced(MCastAddr))
|
|
IF->Flags |= IF_FLAG_MCAST_SYNC;
|
|
break;
|
|
}
|
|
|
|
MCastAddr = (LinkLayerMulticastAddress *)
|
|
((uchar *)MCastAddr + SizeofLLMA);
|
|
}
|
|
ASSERT(i != IF->MCastAddrNum);
|
|
}
|
|
}
|
|
|
|
//* RestartLinkLayerMulticast
|
|
//
|
|
// Resets the status of link-layer multicast addresses,
|
|
// so that they are registered again with the link layer.
|
|
// The ResetDone function is called under a lock that serializes
|
|
// it with SetMCastAddrList calls.
|
|
//
|
|
// Callable from thread context, not DPC context.
|
|
//
|
|
void
|
|
RestartLinkLayerMulticast(
|
|
void *Context,
|
|
void (*ResetDone)(void *Context))
|
|
{
|
|
Interface *IF = (Interface *) Context;
|
|
KIRQL OldIrql;
|
|
|
|
ASSERT(IF->SetMCastAddrList != NULL);
|
|
|
|
//
|
|
// Serialize with SetMCastAddrList operations.
|
|
//
|
|
KeWaitForSingleObject(&IF->WorkerLock, Executive, KernelMode,
|
|
FALSE, NULL);
|
|
|
|
//
|
|
// So we can play with IF->MCastAddresses et al.
|
|
//
|
|
KeAcquireSpinLock(&IF->Lock, &OldIrql);
|
|
|
|
//
|
|
// If this interface is going away, do nothing.
|
|
//
|
|
if (IsDisabledIF(IF)) {
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_INFO_RARE,
|
|
"RestartLinkLayerMulticast(IF %p)"
|
|
" - disabled (%u refs)\n", IF, IF->RefCnt));
|
|
KeReleaseSpinLock(&IF->Lock, OldIrql);
|
|
}
|
|
else {
|
|
LinkLayerMulticastAddress *MCastAddr;
|
|
uint SizeofLLMA = SizeofLinkLayerMulticastAddress(IF);
|
|
uint i;
|
|
|
|
//
|
|
// Reset the registered flag for all multicast addresses.
|
|
//
|
|
|
|
MCastAddr = IF->MCastAddresses;
|
|
for (i = 0; i < IF->MCastAddrNum; i++) {
|
|
if (IsLLMAReferenced(MCastAddr)) {
|
|
MCastAddr->RefCntAndFlags &= ~LLMA_FLAG_REGISTERED;
|
|
IF->Flags |= IF_FLAG_MCAST_SYNC;
|
|
}
|
|
|
|
MCastAddr = (LinkLayerMulticastAddress *)
|
|
((uchar *)MCastAddr + SizeofLLMA);
|
|
}
|
|
|
|
if (IsMCastSyncNeeded(IF))
|
|
DeferSynchronizeMulticastAddresses(IF);
|
|
KeReleaseSpinLock(&IF->Lock, OldIrql);
|
|
|
|
//
|
|
// Let the link-layer know that the reset is done.
|
|
//
|
|
(*ResetDone)(IF->LinkContext);
|
|
}
|
|
|
|
KeReleaseMutex(&IF->WorkerLock, FALSE);
|
|
}
|
|
|
|
|
|
typedef enum {
|
|
CONTROL_LOOPBACK_DISABLED,
|
|
CONTROL_LOOPBACK_ENABLED,
|
|
CONTROL_LOOPBACK_DESTROY
|
|
} ControlLoopbackOp;
|
|
|
|
//* ControlLoopback
|
|
//
|
|
// Controls loopback functionality for a unicast or anycast address.
|
|
//
|
|
// This function is used in three ways, depending on Op:
|
|
// create a disabled loopback route (or disable an existing route),
|
|
// create an enabled loopback route (or enable an existing route),
|
|
// destroy any existing loopback route.
|
|
//
|
|
// It returns FALSE if there is a resource shortage.
|
|
// In actual usage, it will only fail when an NTE/AAE
|
|
// is first created, because subsequently the RTE and NCE
|
|
// will already exist.
|
|
//
|
|
// Called with the interface lock held.
|
|
//
|
|
int
|
|
ControlLoopback(Interface *IF, const IPv6Addr *Address,
|
|
ControlLoopbackOp Op)
|
|
{
|
|
NeighborCacheEntry *NCE;
|
|
int Loopback;
|
|
uint Lifetime;
|
|
uint Type;
|
|
int rc;
|
|
NTSTATUS Status;
|
|
|
|
switch (Op) {
|
|
case CONTROL_LOOPBACK_DISABLED:
|
|
Loopback = FALSE;
|
|
Lifetime = 0;
|
|
Type = RTE_TYPE_SYSTEM;
|
|
break;
|
|
|
|
case CONTROL_LOOPBACK_ENABLED:
|
|
Loopback = TRUE;
|
|
Lifetime = INFINITE_LIFETIME;
|
|
Type = RTE_TYPE_SYSTEM;
|
|
break;
|
|
|
|
case CONTROL_LOOPBACK_DESTROY:
|
|
Loopback = FALSE;
|
|
Lifetime = 0;
|
|
Type = 0; // Special value for destroying system routes.
|
|
break;
|
|
|
|
default:
|
|
ASSERT(!"ControlLoopback bad op");
|
|
}
|
|
|
|
//
|
|
// Get the NCE for this address.
|
|
//
|
|
NCE = FindOrCreateNeighbor(IF, Address);
|
|
if (NCE == NULL)
|
|
return FALSE;
|
|
|
|
//
|
|
// Update the loopback route for this address.
|
|
//
|
|
Status = RouteTableUpdate(NULL, // System update.
|
|
IF, NCE, Address, IPV6_ADDRESS_LENGTH, 0,
|
|
Lifetime, Lifetime,
|
|
ROUTE_PREF_LOOPBACK,
|
|
Type,
|
|
FALSE, FALSE);
|
|
if (NT_SUCCESS(Status)) {
|
|
//
|
|
// Update the address's loopback status in the neighbor cache.
|
|
//
|
|
ControlNeighborLoopback(NCE, Loopback);
|
|
rc = TRUE;
|
|
}
|
|
else {
|
|
//
|
|
// If RouteTableUpdate failed because the interface is
|
|
// being destroyed, then we succeed without doing anything.
|
|
//
|
|
rc = (Status == STATUS_INVALID_PARAMETER_1);
|
|
}
|
|
|
|
ReleaseNCE(NCE);
|
|
return rc;
|
|
}
|
|
|
|
|
|
//* DeleteMAE
|
|
//
|
|
// Cleanup and delete an MAE because the multicast address
|
|
// is no longer assigned to the interface.
|
|
// It is already removed from the interface's list.
|
|
//
|
|
// Called with the interface already locked.
|
|
//
|
|
void
|
|
DeleteMAE(Interface *IF, MulticastAddressEntry *MAE)
|
|
{
|
|
int SendDoneMsg;
|
|
|
|
KeAcquireSpinLockAtDpcLevel(&QueryListLock);
|
|
if (!IsDisabledIF(IF) && (MAE->MCastFlags & MAE_LAST_REPORTER)) {
|
|
//
|
|
// We need to send a Done message.
|
|
// Put the MAE on the QueryList with a zero timer.
|
|
//
|
|
if (MAE->MCastTimer == 0)
|
|
AddToQueryList(MAE);
|
|
else
|
|
MAE->MCastTimer = 0;
|
|
AddRefIF(IF);
|
|
MAE->IF = IF;
|
|
|
|
SendDoneMsg = TRUE;
|
|
}
|
|
else {
|
|
//
|
|
// If the MLD timer is running, remove from the query list.
|
|
//
|
|
if (MAE->MCastTimer != 0)
|
|
RemoveFromQueryList(MAE);
|
|
|
|
SendDoneMsg = FALSE;
|
|
}
|
|
KeReleaseSpinLockFromDpcLevel(&QueryListLock);
|
|
|
|
//
|
|
// Retract our interest in the corresponding
|
|
// link-layer multicast address.
|
|
//
|
|
DelLinkLayerMulticastAddress(IF, &MAE->Address);
|
|
|
|
//
|
|
// Delete the MAE, unless we left it on the QueryList
|
|
// pending a Done message.
|
|
//
|
|
if (!SendDoneMsg)
|
|
ExFreePool(MAE);
|
|
}
|
|
|
|
|
|
//* FindAndReleaseMAE
|
|
//
|
|
// Finds the MAE for a multicast address and releases one reference
|
|
// for the MAE. May result in the MAE disappearing.
|
|
//
|
|
// If successful, returns the MAE.
|
|
// Note that it may be an invalid pointer!
|
|
// Returns NULL on failure.
|
|
//
|
|
// Called with the interface already locked.
|
|
//
|
|
MulticastAddressEntry *
|
|
FindAndReleaseMAE(Interface *IF, const IPv6Addr *Addr)
|
|
{
|
|
AddressEntry **pADE;
|
|
MulticastAddressEntry *MAE;
|
|
|
|
pADE = FindADE(IF, Addr);
|
|
MAE = (MulticastAddressEntry *) *pADE;
|
|
if (MAE != NULL) {
|
|
if (MAE->Type == ADE_MULTICAST) {
|
|
ASSERT(MAE->MCastRefCount != 0);
|
|
|
|
if (--MAE->MCastRefCount == 0) {
|
|
//
|
|
// The MAE has no more references.
|
|
// Remove it from the Interface and delete it.
|
|
//
|
|
*pADE = MAE->Next;
|
|
DeleteMAE(IF, MAE);
|
|
}
|
|
}
|
|
else {
|
|
//
|
|
// Return NULL for error.
|
|
//
|
|
MAE = NULL;
|
|
}
|
|
}
|
|
|
|
return MAE;
|
|
}
|
|
|
|
|
|
//* FindAndReleaseSolicitedNodeMAE
|
|
//
|
|
// Finds the MAE for the corresponding solicited-node multicast address
|
|
// and releases one reference for the MAE.
|
|
// May result in the MAE disappearing.
|
|
//
|
|
// Called with the interface already locked.
|
|
//
|
|
void
|
|
FindAndReleaseSolicitedNodeMAE(Interface *IF, const IPv6Addr *Addr)
|
|
{
|
|
if (IF->Flags & IF_FLAG_NEIGHBOR_DISCOVERS) {
|
|
IPv6Addr MCastAddr;
|
|
MulticastAddressEntry *MAE;
|
|
|
|
//
|
|
// Create the corresponding solicited-node multicast address.
|
|
//
|
|
CreateSolicitedNodeMulticastAddress(Addr, &MCastAddr);
|
|
|
|
//
|
|
// Release the MAE for the solicited-node address.
|
|
// NB: This may fail during interface shutdown
|
|
// if we remove the solicited-node MAE before the NTE or AAE.
|
|
//
|
|
MAE = FindAndReleaseMAE(IF, &MCastAddr);
|
|
ASSERT((MAE != NULL) || IsDisabledIF(IF));
|
|
}
|
|
}
|
|
|
|
|
|
//* FindOrCreateMAE
|
|
//
|
|
// If an MAE for the multicast address already exists,
|
|
// just bump the reference count. Otherwise create a new MAE.
|
|
// Returns NULL for failure.
|
|
//
|
|
// If an NTE is supplied and an MAE is created,
|
|
// then the MAE is associated with the NTE.
|
|
//
|
|
// Called with the interface already locked.
|
|
//
|
|
MulticastAddressEntry *
|
|
FindOrCreateMAE(
|
|
Interface *IF,
|
|
const IPv6Addr *Addr,
|
|
NetTableEntry *NTE)
|
|
{
|
|
AddressEntry **pADE;
|
|
MulticastAddressEntry *MAE;
|
|
|
|
//
|
|
// Can not create a new MAE if the interface is shutting down.
|
|
//
|
|
if (IsDisabledIF(IF))
|
|
return NULL;
|
|
|
|
pADE = FindADE(IF, Addr);
|
|
MAE = (MulticastAddressEntry *) *pADE;
|
|
|
|
if (MAE == NULL) {
|
|
//
|
|
// Create a new MAE.
|
|
//
|
|
MAE = ExAllocatePool(NonPagedPool, sizeof(MulticastAddressEntry));
|
|
if (MAE == NULL)
|
|
return NULL;
|
|
|
|
//
|
|
// Initialize the new MAE.
|
|
//
|
|
if (NTE != NULL)
|
|
MAE->NTE = NTE;
|
|
else
|
|
MAE->IF = IF;
|
|
MAE->Address = *Addr;
|
|
MAE->Type = ADE_MULTICAST;
|
|
MAE->Scope = MulticastAddressScope(Addr);
|
|
MAE->MCastRefCount = 0; // Incremented below.
|
|
MAE->MCastTimer = 0;
|
|
MAE->NextQL = NULL;
|
|
|
|
//
|
|
// With any luck the compiler will optimize these
|
|
// field assignments...
|
|
//
|
|
if (IsMLDReportable(MAE)) {
|
|
//
|
|
// We should send MLD reports for this address.
|
|
// Start by sending initial reports immediately.
|
|
//
|
|
MAE->MCastFlags = MAE_REPORTABLE;
|
|
MAE->MCastCount = MLD_NUM_INITIAL_REPORTS;
|
|
MAE->MCastTimer = 1; // Immediately.
|
|
KeAcquireSpinLockAtDpcLevel(&QueryListLock);
|
|
AddToQueryList(MAE);
|
|
KeReleaseSpinLockFromDpcLevel(&QueryListLock);
|
|
}
|
|
else {
|
|
MAE->MCastFlags = 0;
|
|
MAE->MCastCount = 0;
|
|
MAE->MCastTimer = 0;
|
|
}
|
|
|
|
//
|
|
// Add the MAE to the interface's ADE list.
|
|
//
|
|
MAE->Next = NULL;
|
|
*pADE = (AddressEntry *)MAE;
|
|
|
|
//
|
|
// Indicate our interest in the corresponding
|
|
// link-layer multicast address.
|
|
//
|
|
AddLinkLayerMulticastAddress(IF, Addr);
|
|
}
|
|
else {
|
|
ASSERT(MAE->Type == ADE_MULTICAST);
|
|
}
|
|
|
|
MAE->MCastRefCount++;
|
|
return MAE;
|
|
}
|
|
|
|
|
|
//* FindOrCreateSolicitedNodeMAE
|
|
//
|
|
// Called with a unicast or anycast address.
|
|
//
|
|
// If an MAE for the solicited-node multicast address already exists,
|
|
// just bump the reference count. Otherwise create a new MAE.
|
|
// Returns TRUE for success.
|
|
//
|
|
// Called with the interface already locked.
|
|
//
|
|
int
|
|
FindOrCreateSolicitedNodeMAE(Interface *IF, const IPv6Addr *Addr)
|
|
{
|
|
if (IF->Flags & IF_FLAG_NEIGHBOR_DISCOVERS) {
|
|
IPv6Addr MCastAddr;
|
|
|
|
//
|
|
// Create the corresponding solicited-node multicast address.
|
|
//
|
|
CreateSolicitedNodeMulticastAddress(Addr, &MCastAddr);
|
|
|
|
//
|
|
// Find or create an MAE for the solicited-node multicast address.
|
|
//
|
|
return FindOrCreateMAE(IF, &MCastAddr, NULL) != NULL;
|
|
}
|
|
else {
|
|
//
|
|
// Only interfaces that support Neighbor Discovery
|
|
// use solicited-node multicast addresses.
|
|
//
|
|
return TRUE;
|
|
}
|
|
}
|
|
|
|
|
|
//* FindOrCreateAAE
|
|
//
|
|
// Adds an anycast address to the interface,
|
|
// associated with the NTE.
|
|
//
|
|
// If the interface already has the anycast address assigned,
|
|
// then this does nothing.
|
|
//
|
|
// Returns TRUE for success.
|
|
//
|
|
// Called with NO locks held.
|
|
// Callable from thread or DPC context.
|
|
//
|
|
int
|
|
FindOrCreateAAE(Interface *IF, const IPv6Addr *Addr,
|
|
NetTableEntryOrInterface *NTEorIF)
|
|
{
|
|
AddressEntry **pADE;
|
|
AnycastAddressEntry *AAE;
|
|
KIRQL OldIrql;
|
|
int rc;
|
|
|
|
if (NTEorIF == NULL)
|
|
NTEorIF = CastFromIF(IF);
|
|
|
|
KeAcquireSpinLock(&IF->Lock, &OldIrql);
|
|
if (IsDisabledIF(IF)) {
|
|
//
|
|
// Can't create a new AAE if the interface is shutting down.
|
|
//
|
|
rc = FALSE;
|
|
}
|
|
else {
|
|
pADE = FindADE(IF, Addr);
|
|
AAE = (AnycastAddressEntry *) *pADE;
|
|
if (AAE == NULL) {
|
|
//
|
|
// Create an AAE for the anycast address.
|
|
//
|
|
AAE = ExAllocatePool(NonPagedPool, sizeof(AnycastAddressEntry));
|
|
if (AAE == NULL) {
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_NTOS_ERROR,
|
|
"FindOrCreateAAE: no pool\n"));
|
|
rc = FALSE;
|
|
goto ErrorReturn;
|
|
}
|
|
|
|
//
|
|
// Initialize the new AAE.
|
|
//
|
|
AAE->NTEorIF = NTEorIF;
|
|
AAE->Address = *Addr;
|
|
AAE->Type = ADE_ANYCAST;
|
|
AAE->Scope = UnicastAddressScope(Addr);
|
|
|
|
//
|
|
// Add the AAE to the interface's ADE list.
|
|
// NB: FindOrCreateSolicitedNodeMAE may add an MAE at the end,
|
|
// so we do this first.
|
|
//
|
|
AAE->Next = NULL;
|
|
*pADE = (AddressEntry *)AAE;
|
|
|
|
//
|
|
// Create the corresponding solicited-node
|
|
// multicast address MAE.
|
|
//
|
|
rc = FindOrCreateSolicitedNodeMAE(IF, Addr);
|
|
if (! rc) {
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_NTOS_ERROR,
|
|
"FindOrCreateAAE: "
|
|
"FindOrCreateSolicitedNodeMAE failed\n"));
|
|
goto ErrorReturnFreeAAE;
|
|
}
|
|
|
|
//
|
|
// Create a loopback route for this address.
|
|
//
|
|
rc = ControlLoopback(IF, Addr, CONTROL_LOOPBACK_ENABLED);
|
|
if (! rc) {
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_INFO_RARE,
|
|
"FindOrCreateAAE: "
|
|
"ControlLoopback failed\n"));
|
|
FindAndReleaseSolicitedNodeMAE(IF, Addr);
|
|
|
|
ErrorReturnFreeAAE:
|
|
//
|
|
// An MAE may have been added & removed above,
|
|
// but at this point the AAE should be last.
|
|
//
|
|
ASSERT((*pADE == (AddressEntry *)AAE) && (AAE->Next == NULL));
|
|
*pADE = NULL;
|
|
ExFreePool(AAE);
|
|
|
|
ErrorReturn:
|
|
;
|
|
}
|
|
}
|
|
else {
|
|
//
|
|
// The ADE already exists -
|
|
// just verify that it is anycast.
|
|
//
|
|
rc = (AAE->Type == ADE_ANYCAST);
|
|
}
|
|
|
|
if (IsMCastSyncNeeded(IF))
|
|
DeferSynchronizeMulticastAddresses(IF);
|
|
}
|
|
KeReleaseSpinLock(&IF->Lock, OldIrql);
|
|
|
|
return rc;
|
|
}
|
|
|
|
|
|
//* DeleteAAE
|
|
//
|
|
// Cleanup and delete an AAE.
|
|
// It is already removed from the interface's list.
|
|
//
|
|
// Called with the interface lock held.
|
|
//
|
|
void
|
|
DeleteAAE(Interface *IF, AnycastAddressEntry *AAE)
|
|
{
|
|
int rc;
|
|
|
|
//
|
|
// The corresponding solicited-node address is not needed.
|
|
//
|
|
FindAndReleaseSolicitedNodeMAE(IF, &AAE->Address);
|
|
|
|
//
|
|
// The loopback route is not needed.
|
|
//
|
|
rc = ControlLoopback(IF, &AAE->Address, CONTROL_LOOPBACK_DESTROY);
|
|
ASSERT(rc);
|
|
|
|
ExFreePool(AAE);
|
|
}
|
|
|
|
|
|
//* FindAndDeleteAAE
|
|
//
|
|
// Deletes an anycast address from the interface.
|
|
// Returns TRUE for success.
|
|
//
|
|
// Called with NO locks held.
|
|
// Callable from thread or DPC context.
|
|
//
|
|
int
|
|
FindAndDeleteAAE(Interface *IF, const IPv6Addr *Addr)
|
|
{
|
|
AddressEntry **pADE;
|
|
AnycastAddressEntry *AAE;
|
|
KIRQL OldIrql;
|
|
int rc;
|
|
|
|
KeAcquireSpinLock(&IF->Lock, &OldIrql);
|
|
|
|
pADE = FindADE(IF, Addr);
|
|
AAE = (AnycastAddressEntry *) *pADE;
|
|
if (AAE != NULL) {
|
|
if (AAE->Type == ADE_ANYCAST) {
|
|
//
|
|
// Delete the AAE.
|
|
//
|
|
*pADE = AAE->Next;
|
|
DeleteAAE(IF, AAE);
|
|
rc = TRUE;
|
|
}
|
|
else {
|
|
//
|
|
// This is an error - it should be anycast.
|
|
//
|
|
rc = FALSE;
|
|
}
|
|
}
|
|
else {
|
|
//
|
|
// If the address already doesn't exist, then OK.
|
|
//
|
|
rc = TRUE;
|
|
}
|
|
|
|
if (IsMCastSyncNeeded(IF))
|
|
DeferSynchronizeMulticastAddresses(IF);
|
|
|
|
KeReleaseSpinLock(&IF->Lock, OldIrql);
|
|
|
|
return rc;
|
|
}
|
|
|
|
|
|
//* LeaveGroupAtAllScopes
|
|
//
|
|
// Leave a multicast group at all scopes.
|
|
// Called with the interface already locked.
|
|
//
|
|
void
|
|
LeaveGroupAtAllScopes(Interface *IF, IPv6Addr *GroupAddr, uint MaxScope)
|
|
{
|
|
IPv6Addr Address = *GroupAddr;
|
|
MulticastAddressEntry *MAE;
|
|
uint i;
|
|
|
|
for (i = 0;
|
|
((i < sizeof MulticastScopes / sizeof MulticastScopes[0]) &&
|
|
(MulticastScopes[i] <= MaxScope));
|
|
i++) {
|
|
|
|
Address.s6_bytes[1] = ((Address.s6_bytes[1] & 0xf0) |
|
|
MulticastScopes[i]);
|
|
MAE = FindAndReleaseMAE(IF, &Address);
|
|
ASSERT(MAE != NULL);
|
|
}
|
|
}
|
|
|
|
|
|
//* JoinGroupAtAllScopes
|
|
//
|
|
// Join a multicast group at all scopes up to the specified scope.
|
|
// Returns TRUE for success.
|
|
// Called with the interface already locked.
|
|
//
|
|
int
|
|
JoinGroupAtAllScopes(Interface *IF, IPv6Addr *GroupAddr, uint MaxScope)
|
|
{
|
|
IPv6Addr Address = *GroupAddr;
|
|
MulticastAddressEntry *MAE;
|
|
uint i, j;
|
|
|
|
for (i = 0;
|
|
((i < sizeof MulticastScopes / sizeof MulticastScopes[0]) &&
|
|
(MulticastScopes[i] <= MaxScope));
|
|
i++) {
|
|
|
|
Address.s6_bytes[1] = (Address.s6_bytes[1] & 0xf0) | MulticastScopes[i];
|
|
MAE = FindOrCreateMAE(IF, &Address, NULL);
|
|
if (MAE == NULL) {
|
|
//
|
|
// Failure. Leave the groups that we did manage to join.
|
|
//
|
|
if (i != 0)
|
|
LeaveGroupAtAllScopes(IF, GroupAddr, MulticastScopes[i-1]);
|
|
return FALSE;
|
|
}
|
|
}
|
|
|
|
return TRUE;
|
|
}
|
|
|
|
|
|
//* DestroyADEs
|
|
//
|
|
// Destroy all AddressEntries that reference an NTE.
|
|
//
|
|
// Called with the interface already locked.
|
|
//
|
|
// (Actually, we are at DPC level because we hold the interface lock.)
|
|
//
|
|
void
|
|
DestroyADEs(Interface *IF, NetTableEntry *NTE)
|
|
{
|
|
AddressEntry *AnycastList = NULL;
|
|
AddressEntry *ADE, **PrevADE;
|
|
|
|
PrevADE = &IF->ADE;
|
|
while ((ADE = *PrevADE) != NULL) {
|
|
if (ADE == (AddressEntry *)NTE) {
|
|
//
|
|
// Remove the NTE from the list but do not
|
|
// free the memory - that happens later.
|
|
//
|
|
*PrevADE = ADE->Next;
|
|
}
|
|
else if (ADE->NTE == NTE) {
|
|
//
|
|
// Remove this ADE because it references the NTE.
|
|
//
|
|
*PrevADE = ADE->Next;
|
|
|
|
switch (ADE->Type) {
|
|
case ADE_UNICAST:
|
|
ASSERTMSG("DestroyADEs: unicast ADE?\n", FALSE);
|
|
break;
|
|
|
|
case ADE_ANYCAST: {
|
|
//
|
|
// We can't call FindAndReleaseSolicitedNodeMAE here
|
|
// because it could mess up our list traversal.
|
|
// So put the ADE on our temporary list and do it later.
|
|
//
|
|
ADE->Next = AnycastList;
|
|
AnycastList = ADE;
|
|
break;
|
|
}
|
|
|
|
case ADE_MULTICAST: {
|
|
MulticastAddressEntry *MAE = (MulticastAddressEntry *) ADE;
|
|
|
|
DeleteMAE(IF, MAE);
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
else {
|
|
if (ADE->Type == ADE_UNICAST) {
|
|
AnonNetTableEntry *AnonNTE = (AnonNetTableEntry *) ADE;
|
|
|
|
if ((AnonNTE->AddrConf == ADDR_CONF_ANONYMOUS) &&
|
|
(AnonNTE->Public == NTE)) {
|
|
//
|
|
// Break the public/anonymous association
|
|
// and invalidate the anonymous address.
|
|
// We can't use DestroyNTE directly here
|
|
// because it would mess up our traversal.
|
|
//
|
|
AnonNTE->Public = NULL;
|
|
AnonNTE->ValidLifetime = 0;
|
|
AnonNTE->PreferredLifetime = 0;
|
|
}
|
|
}
|
|
|
|
PrevADE = &ADE->Next;
|
|
}
|
|
}
|
|
|
|
//
|
|
// Now we can safely process the anycast ADEs.
|
|
//
|
|
while ((ADE = AnycastList) != NULL) {
|
|
AnycastList = ADE->Next;
|
|
DeleteAAE(IF, (AnycastAddressEntry *)ADE);
|
|
}
|
|
}
|
|
|
|
|
|
//* FindADE - find an ADE entry for the given interface.
|
|
//
|
|
// If the address is assigned to the interface,
|
|
// returns the address of the link pointing to the ADE.
|
|
// Otherwise returns a pointer to the link (currently NULL)
|
|
// where a new ADE should be added to extend the list.
|
|
//
|
|
// The caller must lock the IF before calling this function.
|
|
//
|
|
AddressEntry **
|
|
FindADE(
|
|
Interface *IF,
|
|
const IPv6Addr *Addr)
|
|
{
|
|
AddressEntry **pADE, *ADE;
|
|
|
|
//
|
|
// Check if address is assigned to the interface using the
|
|
// interface's ADE list.
|
|
//
|
|
// REVIEW: Change the ADE list to a more efficient data structure?
|
|
//
|
|
for (pADE = &IF->ADE; (ADE = *pADE) != NULL; pADE = &ADE->Next) {
|
|
if (IP6_ADDR_EQUAL(Addr, &ADE->Address))
|
|
break;
|
|
}
|
|
|
|
return pADE;
|
|
}
|
|
|
|
|
|
//* FindAddressOnInterface
|
|
//
|
|
// Looks for an ADE on the interface.
|
|
// If a unicast ADE is found, returns the ADE (an NTE) and ADE_UNICAST.
|
|
// If a multicast/anycast ADE is found, returns ADE->NTEorIF and ADE->Type.
|
|
// If an ADE is not found, returns the interface and ADE_NONE.
|
|
// Whether the interface or an NTE is returned,
|
|
// the return value (if non-NULL) holds a reference.
|
|
//
|
|
// Returns NULL only if the interface is disabled.
|
|
//
|
|
// In normal usage, callers should hold a reference
|
|
// for the interface. (So if the interface is returned,
|
|
// it is returned with a second reference.) But in some
|
|
// paths (for example IPv6Receive/IPv6HeaderReceive),
|
|
// the caller knows the interface exists but does not
|
|
// hold a reference for it.
|
|
//
|
|
// Callable from DPC context, not from thread context.
|
|
//
|
|
NetTableEntryOrInterface *
|
|
FindAddressOnInterface(
|
|
Interface *IF,
|
|
const IPv6Addr *Addr,
|
|
ushort *AddrType)
|
|
{
|
|
AddressEntry *ADE;
|
|
NetTableEntryOrInterface *NTEorIF;
|
|
|
|
KeAcquireSpinLockAtDpcLevel(&IF->Lock);
|
|
|
|
if (IsDisabledIF(IF)) {
|
|
|
|
NTEorIF = NULL;
|
|
}
|
|
else if ((ADE = *FindADE(IF, Addr)) != NULL) {
|
|
|
|
if ((*AddrType = ADE->Type) == ADE_UNICAST) {
|
|
NTEorIF = CastFromNTE((NetTableEntry *)ADE);
|
|
goto ReturnNTE;
|
|
}
|
|
else {
|
|
NTEorIF = ADE->NTEorIF;
|
|
if (IsNTE(NTEorIF))
|
|
ReturnNTE:
|
|
AddRefNTE(CastToNTE(NTEorIF));
|
|
else
|
|
goto ReturnIF;
|
|
}
|
|
}
|
|
else {
|
|
|
|
*AddrType = ADE_NONE;
|
|
NTEorIF = CastFromIF(IF);
|
|
|
|
ReturnIF:
|
|
AddRefIF(CastToIF(NTEorIF));
|
|
}
|
|
|
|
KeReleaseSpinLockFromDpcLevel(&IF->Lock);
|
|
return NTEorIF;
|
|
}
|
|
|
|
|
|
//
|
|
// We keep track of the number of outstanding
|
|
// register-net-address work items.
|
|
// (Using InterlockedIncrement/InterlockedDecrement.)
|
|
// This way we can wait in the IPUnload
|
|
// until they are all done.
|
|
//
|
|
ULONG OutstandingRegisterNetAddressCount = 0;
|
|
|
|
//
|
|
// Note that this structure wouldn't be needed if IoQueueWorkItem
|
|
// had been designed to call the user's routine with the WorkItem
|
|
// as an additional argument along with the DeviceObject and Context.
|
|
// Sigh.
|
|
//
|
|
typedef struct RegisterNetAddressContext {
|
|
PIO_WORKITEM WorkItem;
|
|
NetTableEntry *NTE;
|
|
} RegisterNetAddressContext;
|
|
|
|
//* RegisterNetAddressWorker - De/Registers an address with TDI.
|
|
//
|
|
// Worker function for calling TdiRegisterNetAddress.
|
|
//
|
|
// Called to register or deregister an address with TDI when any one of
|
|
// the following two events occur...
|
|
//
|
|
// 1. The corresponding NTE's DADState changes between valid/invalid
|
|
// states while its interface's media state is connected.
|
|
//
|
|
// 2. The corresponding NTE's interface media state changes between
|
|
// connected/disconnected while its DADState is DAD_STATE_PREFERRED.
|
|
// For this case, DisconnectADEs queues a worker on the connect to
|
|
// disconnect transition whereas on the reverse transition the worker
|
|
// is queued at the completion the duplicate address detection.
|
|
//
|
|
// Since TdiRegisterNetAddress must be called when running at
|
|
// IRQL < DISPATCH_LEVEL, we use this function via a worker thread.
|
|
//
|
|
// Called with a reference held on the NTE, which we release on exit.
|
|
//
|
|
void
|
|
RegisterNetAddressWorker(
|
|
PDEVICE_OBJECT DevObj, // Unused. Wish they passed the WorkItem instead.
|
|
PVOID Context) // A RegisterNetAddressContext struct.
|
|
{
|
|
RegisterNetAddressContext *MyContext = Context;
|
|
NetTableEntry *NTE = MyContext->NTE;
|
|
Interface *IF = NTE->IF;
|
|
int ShouldBeRegistered;
|
|
KIRQL OldIrql;
|
|
NTSTATUS Status;
|
|
|
|
IoFreeWorkItem(MyContext->WorkItem);
|
|
ExFreePool(MyContext);
|
|
|
|
//
|
|
// The heavy-weight WorkerLock protects this code against
|
|
// multiple instantiations of itself without raising IRQL.
|
|
//
|
|
KeWaitForSingleObject(&IF->WorkerLock, Executive, KernelMode,
|
|
FALSE, NULL);
|
|
|
|
//
|
|
// Figure out what state we should be in.
|
|
// Note that IF->Lock protects DADState and IF->Flags,
|
|
// while IF->WorkerLock protects TdiRegistrationHandle.
|
|
//
|
|
KeAcquireSpinLock(&IF->Lock, &OldIrql);
|
|
//
|
|
// An address should be registered with TDI iff it is in the
|
|
// preferred DAD state and its corresponding interface is
|
|
// connected.
|
|
//
|
|
ShouldBeRegistered = ((NTE->DADState == DAD_STATE_PREFERRED) &&
|
|
!(IF->Flags & IF_FLAG_MEDIA_DISCONNECTED));
|
|
KeReleaseSpinLock(&IF->Lock, OldIrql);
|
|
|
|
if (ShouldBeRegistered) {
|
|
if (NTE->TdiRegistrationHandle == NULL) {
|
|
char Buffer[sizeof(TA_ADDRESS) + TDI_ADDRESS_LENGTH_IP6 - 1];
|
|
PTA_ADDRESS TAAddress = (PTA_ADDRESS) Buffer;
|
|
PTDI_ADDRESS_IP6 TDIAddress =
|
|
(PTDI_ADDRESS_IP6) &TAAddress->Address;
|
|
|
|
//
|
|
// Create TAAddress from NTE->Address;
|
|
//
|
|
TAAddress->AddressLength = TDI_ADDRESS_LENGTH_IP6;
|
|
TAAddress->AddressType = TDI_ADDRESS_TYPE_IP6;
|
|
TDIAddress->sin6_port = 0;
|
|
TDIAddress->sin6_flowinfo = 0;
|
|
*(IPv6Addr *)&TDIAddress->sin6_addr = NTE->Address;
|
|
TDIAddress->sin6_scope_id = DetermineScopeId(&NTE->Address, IF);
|
|
|
|
Status = TdiRegisterNetAddress(TAAddress, &IF->DeviceName, NULL,
|
|
&NTE->TdiRegistrationHandle);
|
|
if (Status != STATUS_SUCCESS) {
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_NTOS_ERROR,
|
|
"RegisterNetAddressWorker: "
|
|
"TdiRegisterNetAddress(%d/%s): %x\n",
|
|
IF->Index, FormatV6Address(&NTE->Address), Status));
|
|
|
|
//
|
|
// Due to a bug in TdiRegisterNetAddress, we can't be
|
|
// guaranteed the handle will be NULL on error.
|
|
//
|
|
NTE->TdiRegistrationHandle = NULL;
|
|
|
|
//
|
|
// REVIEW: Should we requeue ourselves for another attempt?
|
|
//
|
|
}
|
|
}
|
|
}
|
|
else { // if (! ShouldBeRegistered)
|
|
if (NTE->TdiRegistrationHandle != NULL) {
|
|
|
|
Status = TdiDeregisterNetAddress(NTE->TdiRegistrationHandle);
|
|
if (Status == STATUS_SUCCESS) {
|
|
|
|
NTE->TdiRegistrationHandle = NULL;
|
|
}
|
|
else {
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_NTOS_ERROR,
|
|
"RegisterNetAddressWorker: "
|
|
"TdiDeregisterNetAddress(%d/%s): %x\n",
|
|
IF->Index, FormatV6Address(&NTE->Address), Status));
|
|
|
|
//
|
|
// REVIEW: Should we requeue ourselves for another attempt?
|
|
//
|
|
}
|
|
}
|
|
}
|
|
|
|
KeReleaseMutex(&IF->WorkerLock, FALSE);
|
|
ReleaseNTE(NTE);
|
|
|
|
InterlockedDecrement(&OutstandingRegisterNetAddressCount);
|
|
}
|
|
|
|
//* DeferRegisterNetAddress
|
|
//
|
|
// Queue a work item that will execute RegisterNetAddressWorker.
|
|
//
|
|
// Callable from thread or DPC context.
|
|
//
|
|
void
|
|
DeferRegisterNetAddress(
|
|
NetTableEntry *NTE) // NTE that needs work.
|
|
{
|
|
RegisterNetAddressContext *Context;
|
|
PIO_WORKITEM WorkItem;
|
|
|
|
Context = ExAllocatePool(NonPagedPool, sizeof *Context);
|
|
if (Context == NULL) {
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_NTOS_ERROR,
|
|
"DeferRegisterNetAddress: ExAllocatePool failed\n"));
|
|
return;
|
|
}
|
|
|
|
WorkItem = IoAllocateWorkItem(IPDeviceObject);
|
|
if (WorkItem == NULL) {
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_NTOS_ERROR,
|
|
"DeferRegisterNetAddress: IoAllocateWorkItem failed\n"));
|
|
ExFreePool(Context);
|
|
return;
|
|
}
|
|
|
|
Context->WorkItem = WorkItem;
|
|
AddRefNTE(NTE);
|
|
Context->NTE = NTE;
|
|
|
|
InterlockedIncrement(&OutstandingRegisterNetAddressCount);
|
|
|
|
IoQueueWorkItem(WorkItem, RegisterNetAddressWorker,
|
|
CriticalWorkQueue, Context);
|
|
}
|
|
|
|
|
|
//* AddrConfStartDAD
|
|
//
|
|
// Starts duplicate address detection for the address,
|
|
// unless DAD is disabled.
|
|
//
|
|
// Called with the interface locked.
|
|
//
|
|
void
|
|
AddrConfStartDAD(Interface *IF, NetTableEntry *NTE)
|
|
{
|
|
int rc;
|
|
|
|
if ((IF->DupAddrDetectTransmits == 0) ||
|
|
!(IF->Flags & IF_FLAG_NEIGHBOR_DISCOVERS) ||
|
|
((NTE->AddrConf == ADDR_CONF_ANONYMOUS) &&
|
|
(MaxAnonDADAttempts == 0))) {
|
|
|
|
//
|
|
// Duplicate Address Detection is disabled,
|
|
// so go straight to a valid state
|
|
// if we aren't already valid.
|
|
//
|
|
AddrConfNotDuplicate(IF, NTE);
|
|
}
|
|
else {
|
|
//
|
|
// Initialize for DAD.
|
|
// Send first solicit at next IPv6Timeout.
|
|
//
|
|
NTE->DADCount = (ushort)IF->DupAddrDetectTransmits;
|
|
NTE->DADTimer = 1;
|
|
}
|
|
}
|
|
|
|
|
|
//* CreateNTE - Creates an NTE on an interface.
|
|
//
|
|
// Returns one reference for the caller.
|
|
//
|
|
// Callable from thread or DPC context.
|
|
// Called with the interface locked.
|
|
//
|
|
// (Actually, we are at DPC level because we hold the interface lock.)
|
|
//
|
|
NetTableEntry *
|
|
CreateNTE(Interface *IF, const IPv6Addr *Address, uint AddrConf,
|
|
uint ValidLifetime, uint PreferredLifetime)
|
|
{
|
|
uint Size;
|
|
NetTableEntry *NTE;
|
|
int rc;
|
|
|
|
//
|
|
// The address must not already be assigned.
|
|
//
|
|
ASSERT(*FindADE(IF, Address) == NULL);
|
|
|
|
//
|
|
// Can't create a new NTE if the interface is shutting down.
|
|
//
|
|
if (IsDisabledIF(IF))
|
|
goto ErrorExit;
|
|
|
|
//
|
|
// Anonymous addresses need extra fields,
|
|
// which are initialized by our caller.
|
|
//
|
|
if (AddrConf == ADDR_CONF_ANONYMOUS)
|
|
Size = sizeof(AnonNetTableEntry);
|
|
else
|
|
Size = sizeof(NetTableEntry);
|
|
|
|
NTE = ExAllocatePool(NonPagedPool, Size);
|
|
if (NTE == NULL)
|
|
goto ErrorExit;
|
|
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_INFO_STATE,
|
|
"CreateNTE(IF %u/%p, Addr %s) -> NTE %p\n",
|
|
IF->Index, IF, FormatV6Address(Address), NTE));
|
|
|
|
//
|
|
// Initialize the NTE with one reference for our caller.
|
|
// (EnlivenNTE may add a second reference for the interface.)
|
|
//
|
|
RtlZeroMemory(NTE, Size);
|
|
NTE->Address = *Address;
|
|
NTE->Type = ADE_UNICAST;
|
|
NTE->Scope = UnicastAddressScope(Address);
|
|
AddNTEToInterface(IF, NTE);
|
|
NTE->RefCnt = 1;
|
|
NTE->AddrConf = (uchar)AddrConf;
|
|
NTE->ValidLifetime = ValidLifetime;
|
|
NTE->PreferredLifetime = PreferredLifetime;
|
|
NTE->DADState = DAD_STATE_INVALID;
|
|
|
|
//
|
|
// Create a disabled loopback route.
|
|
// We pre-allocate the loopback RTE and NCE now,
|
|
// and then enable them later when the address is valid.
|
|
//
|
|
if (!ControlLoopback(IF, Address, CONTROL_LOOPBACK_DISABLED))
|
|
goto ErrorExitCleanup;
|
|
|
|
//
|
|
// Add this NTE to the front of the NetTableList.
|
|
//
|
|
KeAcquireSpinLockAtDpcLevel(&NetTableListLock);
|
|
AddNTEToNetTableList(NTE);
|
|
KeReleaseSpinLockFromDpcLevel(&NetTableListLock);
|
|
|
|
//
|
|
// If the NTE should be alive, make it so.
|
|
//
|
|
if (NTE->ValidLifetime != 0)
|
|
EnlivenNTE(IF, NTE);
|
|
return NTE;
|
|
|
|
ErrorExitCleanup:
|
|
RemoveNTEFromInterface(IF, NTE);
|
|
ASSERT(NTE->RefCnt == 1);
|
|
ExFreePool(NTE);
|
|
|
|
ErrorExit:
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_INTERNAL_ERROR,
|
|
"CreateNTE(IF %u/%p, Addr %s) -> NTE %p failed\n",
|
|
IF->Index, IF, FormatV6Address(Address), NTE));
|
|
return NULL;
|
|
}
|
|
|
|
//* InterfaceIndex
|
|
//
|
|
// Allocates the next interface index.
|
|
//
|
|
uint
|
|
InterfaceIndex(void)
|
|
{
|
|
return (uint) InterlockedIncrement((PULONG) &NextIFIndex);
|
|
}
|
|
|
|
//* AddInterface
|
|
//
|
|
// Add a new interface to the global list.
|
|
//
|
|
void
|
|
AddInterface(Interface *IF)
|
|
{
|
|
KIRQL OldIrql;
|
|
|
|
KeAcquireSpinLock(&IFListLock, &OldIrql);
|
|
IF->Next = IFList;
|
|
IFList = IF;
|
|
IPSInfo.ipsi_numif++;
|
|
KeReleaseSpinLock(&IFListLock, OldIrql);
|
|
}
|
|
|
|
|
|
//* CreateGUIDFromName
|
|
//
|
|
// Given the string name of an interface, creates a corresponding guid.
|
|
// The guid is a hash of the string name.
|
|
//
|
|
void
|
|
CreateGUIDFromName(const char *Name, GUID *Guid)
|
|
{
|
|
MD5_CTX Context;
|
|
|
|
MD5Init(&Context);
|
|
MD5Update(&Context, (uchar *)Name, strlen(Name));
|
|
MD5Final(&Context);
|
|
memcpy(Guid, Context.digest, MD5DIGESTLEN);
|
|
}
|
|
|
|
|
|
//* CreateInterface
|
|
//
|
|
// Creates an IPv6 interface given some link-layer information.
|
|
//
|
|
// If successful, returns a reference for the interface.
|
|
//
|
|
// Callable from thread context, not DPC context.
|
|
//
|
|
// Return codes:
|
|
// STATUS_UNSUCCESSFUL
|
|
// STATUS_SUCCESS
|
|
//
|
|
NTSTATUS
|
|
CreateInterface(const GUID *Guid, const LLIPBindInfo *BindInfo,
|
|
void **Context)
|
|
{
|
|
UNICODE_STRING GuidName;
|
|
Interface *IF; // Interface being added.
|
|
KIRQL OldIrql;
|
|
uint IFSize;
|
|
uint IFExportNamePrefixLen;
|
|
NTSTATUS Status;
|
|
|
|
ASSERT(KeGetCurrentIrql() == 0);
|
|
ASSERT(BindInfo->lip_addrlen <= MAX_LINK_LAYER_ADDRESS_LENGTH);
|
|
|
|
//
|
|
// Prevent new interfaces from being created
|
|
// while the stack is unloading.
|
|
//
|
|
if (Unloading)
|
|
goto ErrorExit;
|
|
|
|
//
|
|
// Before doing the real work, take advantage of the link-layer
|
|
// address passed up here to re-seed our random number generator.
|
|
//
|
|
SeedRandom(BindInfo->lip_addr, BindInfo->lip_addrlen);
|
|
|
|
//
|
|
// Convert the guid to string form.
|
|
// It will be null-terminated.
|
|
//
|
|
Status = RtlStringFromGUID(Guid, &GuidName);
|
|
if (! NT_SUCCESS(Status))
|
|
goto ErrorExit;
|
|
|
|
ASSERT(GuidName.MaximumLength == GuidName.Length + sizeof(WCHAR));
|
|
ASSERT(((WCHAR *)GuidName.Buffer)[GuidName.Length/sizeof(WCHAR)] == UNICODE_NULL);
|
|
|
|
//
|
|
// Allocate memory to hold an interface.
|
|
// We also allocate extra space to hold the device name string.
|
|
//
|
|
IFExportNamePrefixLen = sizeof IPV6_EXPORT_STRING_PREFIX - sizeof(WCHAR);
|
|
IFSize = sizeof *IF + IFExportNamePrefixLen + GuidName.MaximumLength;
|
|
IF = ExAllocatePool(NonPagedPool, IFSize);
|
|
if (IF == NULL)
|
|
goto ErrorExitCleanupGuidName;
|
|
|
|
RtlZeroMemory(IF, sizeof *IF);
|
|
IF->IF = IF;
|
|
IF->Index = InterfaceIndex();
|
|
IF->Guid = *Guid;
|
|
|
|
//
|
|
// Start with one reference because this is an active interface.
|
|
// And one reference for our caller.
|
|
//
|
|
IF->RefCnt = 2;
|
|
|
|
//
|
|
// Create the null-terminated exported device name from the guid.
|
|
//
|
|
IF->DeviceName.Buffer = (PVOID) (IF + 1);
|
|
IF->DeviceName.MaximumLength = (USHORT) (IFSize - sizeof *IF);
|
|
IF->DeviceName.Length = IF->DeviceName.MaximumLength - sizeof(WCHAR);
|
|
RtlCopyMemory(IF->DeviceName.Buffer,
|
|
IPV6_EXPORT_STRING_PREFIX,
|
|
IFExportNamePrefixLen);
|
|
RtlCopyMemory((uchar *) IF->DeviceName.Buffer + IFExportNamePrefixLen,
|
|
GuidName.Buffer,
|
|
GuidName.MaximumLength);
|
|
|
|
KeInitializeSpinLock(&IF->Lock);
|
|
|
|
IF->Type = BindInfo->lip_type;
|
|
IF->Flags = (BindInfo->lip_flags & IF_FLAGS_BINDINFO);
|
|
|
|
if (BindInfo->lip_context == NULL)
|
|
IF->LinkContext = IF;
|
|
else
|
|
IF->LinkContext = BindInfo->lip_context;
|
|
IF->Transmit = BindInfo->lip_transmit;
|
|
IF->CreateToken = BindInfo->lip_token;
|
|
IF->ReadLLOpt = BindInfo->lip_rdllopt;
|
|
IF->WriteLLOpt = BindInfo->lip_wrllopt;
|
|
IF->ConvertAddr = BindInfo->lip_cvaddr;
|
|
IF->SetRouterLLAddress = BindInfo->lip_setrtrlladdr;
|
|
IF->SetMCastAddrList = BindInfo->lip_mclist;
|
|
IF->Close = BindInfo->lip_close;
|
|
IF->Cleanup = BindInfo->lip_cleanup;
|
|
IF->LinkAddressLength = BindInfo->lip_addrlen;
|
|
IF->LinkAddress = BindInfo->lip_addr;
|
|
//
|
|
// We round-up the link-layer header size to a multiple of 2.
|
|
// This aligns the IPv6 header appropriately for IPv6Addr.
|
|
// When NDIS is fixed so we don't need AdjustPacketBuffer,
|
|
// we should align the IPv6 header to a multiple of 8.
|
|
//
|
|
IF->LinkHeaderSize = ALIGN_UP(BindInfo->lip_hdrsize, ushort);
|
|
|
|
IF->TrueLinkMTU = BindInfo->lip_maxmtu;
|
|
IF->DefaultLinkMTU = BindInfo->lip_defmtu;
|
|
IF->LinkMTU = BindInfo->lip_defmtu;
|
|
|
|
IF->DefaultPreference = BindInfo->lip_pref;
|
|
IF->Preference = BindInfo->lip_pref;
|
|
IF->BaseReachableTime = REACHABLE_TIME;
|
|
IF->ReachableTime = CalcReachableTime(IF->BaseReachableTime);
|
|
IF->RetransTimer = RETRANS_TIMER;
|
|
IF->DefaultDupAddrDetectTransmits = BindInfo->lip_dadxmit;
|
|
IF->DupAddrDetectTransmits = BindInfo->lip_dadxmit;
|
|
IF->CurHopLimit = DefaultCurHopLimit;
|
|
|
|
//
|
|
// Neighbor discovery requires multicast capability
|
|
//
|
|
ASSERT((IF->Flags & IF_FLAG_MULTICAST) ||
|
|
!(IF->Flags & IF_FLAG_NEIGHBOR_DISCOVERS));
|
|
|
|
//
|
|
// Router discovery requires either multicast capability,
|
|
// or a SetRouterLLAddress handler.
|
|
//
|
|
ASSERT((IF->Flags & IF_FLAG_MULTICAST) ||
|
|
(IF->SetRouterLLAddress != NULL) ||
|
|
!(IF->Flags & IF_FLAG_ROUTER_DISCOVERS));
|
|
|
|
//
|
|
// All interfaces are considered to be on different links
|
|
// but in the same site, until configured otherwise.
|
|
//
|
|
InitZoneIndices(IF);
|
|
|
|
NeighborCacheInit(IF);
|
|
|
|
//
|
|
// The worker lock serializes some heavy-weight
|
|
// calls to upper & lower layers.
|
|
//
|
|
KeInitializeMutex(&IF->WorkerLock, 0);
|
|
//
|
|
// We need to get APCs while holding WorkerLock,
|
|
// so that we can get IO completions
|
|
// for our TDI calls on 6over4 interfaces.
|
|
// This is not a security problem because
|
|
// only kernel worker threads use WorkerLock
|
|
// so they can't be suspended by the user.
|
|
//
|
|
IF->WorkerLock.ApcDisable = 0;
|
|
|
|
//
|
|
// Initialize some random state for anonymous addresses.
|
|
//
|
|
*(uint UNALIGNED *)&IF->AnonState = Random();
|
|
|
|
//
|
|
// Register this interface's device name with TDI.
|
|
// We need to do this before assigning any unicast addresses to this IF,
|
|
// and also before grabbing the lock (thus setting IRQL to DISPATCH_LEVEL).
|
|
//
|
|
Status = TdiRegisterDeviceObject(&IF->DeviceName,
|
|
&IF->TdiRegistrationHandle);
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_INFO_STATE,
|
|
"CreateInterface(IF %u/%p): %ls -> %x\n",
|
|
IF->Index, IF,
|
|
IF->DeviceName.Buffer,
|
|
Status));
|
|
if (Status != STATUS_SUCCESS)
|
|
goto ErrorExitCleanupIF;
|
|
|
|
//
|
|
// After this point, we either return successfully
|
|
// or cleanup via ErrorExitDestroyIF.
|
|
//
|
|
RtlFreeUnicodeString(&GuidName);
|
|
|
|
//
|
|
// Return the new Interface to our caller now.
|
|
// This makes it available to the link-layer when
|
|
// we call CreateToken etc, before CreateInterface returns.
|
|
//
|
|
*Context = IF;
|
|
|
|
KeAcquireSpinLock(&IF->Lock, &OldIrql);
|
|
|
|
if (IF->Flags & IF_FLAG_ROUTER_DISCOVERS) {
|
|
//
|
|
// Join the all-nodes multicast groups.
|
|
//
|
|
if (! JoinGroupAtAllScopes(IF, &AllNodesOnLinkAddr,
|
|
ADE_LINK_LOCAL))
|
|
goto ErrorExitDestroyIF;
|
|
|
|
if (IF->Flags & IF_FLAG_ADVERTISES) {
|
|
//
|
|
// Join the all-routers multicast groups.
|
|
//
|
|
if (! JoinGroupAtAllScopes(IF, &AllRoutersOnLinkAddr,
|
|
ADE_SITE_LOCAL))
|
|
goto ErrorExitDestroyIF;
|
|
|
|
//
|
|
// Start sending Router Advertisements.
|
|
//
|
|
IF->RATimer = 1;
|
|
IF->RACount = MAX_INITIAL_RTR_ADVERTISEMENTS;
|
|
}
|
|
else {
|
|
//
|
|
// Start sending Router Solicitations.
|
|
// The first RS will have the required random delay,
|
|
// because we randomize when IPv6Timeout first fires.
|
|
//
|
|
IF->RSTimer = 1;
|
|
}
|
|
}
|
|
|
|
//
|
|
// Initialize RALast to a value safely in the past,
|
|
// so that when/if this interface first sends an RA
|
|
// it is not inhibited due to rate-limiting.
|
|
//
|
|
IF->RALast = IPv6TickCount - MIN_DELAY_BETWEEN_RAS;
|
|
|
|
if (IF->Flags & IF_FLAG_FORWARDS)
|
|
InterlockedIncrement(&NumForwardingInterfaces);
|
|
|
|
if (IF->CreateToken != NULL) {
|
|
IPv6Addr Address;
|
|
NetTableEntry *NTE;
|
|
|
|
//
|
|
// Create a link-local address for this interface.
|
|
// Other addresses will be created later via stateless
|
|
// auto-configuration.
|
|
//
|
|
Address = LinkLocalPrefix;
|
|
(*IF->CreateToken)(IF->LinkContext, &Address);
|
|
|
|
NTE = CreateNTE(IF, &Address, ADDR_CONF_LINK,
|
|
INFINITE_LIFETIME, INFINITE_LIFETIME);
|
|
if (NTE == NULL)
|
|
goto ErrorExitDestroyIF;
|
|
|
|
//
|
|
// The LinkLocalNTE field does not hold a reference.
|
|
//
|
|
IF->LinkLocalNTE = NTE;
|
|
ReleaseNTE(NTE);
|
|
}
|
|
|
|
KeReleaseSpinLock(&IF->Lock, OldIrql);
|
|
|
|
//
|
|
// Configure the interface from the registry.
|
|
//
|
|
ConfigureInterface(IF);
|
|
|
|
//
|
|
// Add ourselves to the front of the global interface list.
|
|
// This is done last so the interface is fully initialized
|
|
// when it shows up on the list.
|
|
//
|
|
AddInterface(IF);
|
|
|
|
//
|
|
// If the interface is multicast enabled, create a multicast route.
|
|
//
|
|
if (IF->Flags & IF_FLAG_MULTICAST) {
|
|
RouteTableUpdate(NULL, // System update.
|
|
IF, NULL,
|
|
&MulticastPrefix, 8, 0,
|
|
INFINITE_LIFETIME, INFINITE_LIFETIME,
|
|
ROUTE_PREF_ON_LINK,
|
|
RTE_TYPE_SYSTEM,
|
|
FALSE, FALSE);
|
|
}
|
|
|
|
//
|
|
// Has the IPv6 timer been started yet?
|
|
// Don't start it until the new interface
|
|
// is ready for IPv6Timeout processing.
|
|
// Wait until we've gotten a real seed
|
|
// for the random number generator.
|
|
//
|
|
if ((IF->LinkAddressLength != 0) &&
|
|
!(IF->Flags & IF_FLAG_PSEUDO) &&
|
|
(InterlockedExchange((LONG *)&IPv6TimerStarted, TRUE) == FALSE)) {
|
|
LARGE_INTEGER Time;
|
|
uint InitialWakeUp;
|
|
|
|
//
|
|
// Start the timer with an initial relative expiration time and
|
|
// also a recurring period. The initial expiration time is
|
|
// negative (to indicate a relative time), and in 100ns units, so
|
|
// we first have to do some conversions. The initial expiration
|
|
// time is randomized to help prevent synchronization between
|
|
// different machines.
|
|
//
|
|
// This randomization uses IPv6_TIMEOUT instead of
|
|
// MAX_RTR_SOLICITATION_DELAY because the RS for a subsequent
|
|
// interface will be sent with a maximum delay of IPv6_TIMEOUT,
|
|
// depending on when the interface is created relative to IPv6Timeout.
|
|
//
|
|
InitialWakeUp = RandomNumber(0, IPv6_TIMEOUT * 10000);
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_INFO_STATE,
|
|
"IPv6: InitialWakeUp = %u\n", InitialWakeUp));
|
|
Time.QuadPart = - (LONGLONG) InitialWakeUp;
|
|
KeSetTimerEx(&IPv6Timer, Time, IPv6_TIMEOUT, &IPv6TimeoutDpc);
|
|
}
|
|
|
|
if (IsMCastSyncNeeded(IF))
|
|
DeferSynchronizeMulticastAddresses(IF);
|
|
|
|
return STATUS_SUCCESS;
|
|
|
|
ErrorExitDestroyIF:
|
|
//
|
|
// Prevent calls down to the link layer,
|
|
// since our return code notifies the link layer
|
|
// synchronously that it should clean up.
|
|
//
|
|
IF->Close = NULL;
|
|
IF->Cleanup = NULL;
|
|
IF->SetMCastAddrList = NULL;
|
|
KeReleaseSpinLock(&IF->Lock, OldIrql);
|
|
|
|
//
|
|
// Destroy the interface.
|
|
// This will cleanup address and routes.
|
|
// Then add the disabled interface to the list
|
|
// so InterfaceCleanup can find it after
|
|
// we release the last reference.
|
|
//
|
|
DestroyIF(IF);
|
|
AddInterface(IF);
|
|
ReleaseIF(IF);
|
|
goto ErrorExit;
|
|
|
|
ErrorExitCleanupIF:
|
|
//
|
|
// The interface has not been registered with TDI
|
|
// and there are no addresses, routes, etc.
|
|
// So we can just free it.
|
|
//
|
|
ASSERT(IF->RefCnt == 2);
|
|
ExFreePool(IF);
|
|
|
|
ErrorExitCleanupGuidName:
|
|
RtlFreeUnicodeString(&GuidName);
|
|
|
|
ErrorExit:
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_INTERNAL_ERROR,
|
|
"CreateInterface(IF %p) failed\n", IF));
|
|
return STATUS_UNSUCCESSFUL;
|
|
}
|
|
|
|
//
|
|
// We keep track of the number of outstanding
|
|
// deregister-interface work items.
|
|
// (Using InterlockedIncrement/InterlockedDecrement.)
|
|
// This way we can wait in the IPUnload
|
|
// until they are all done.
|
|
//
|
|
ULONG OutstandingDeregisterInterfaceCount = 0;
|
|
|
|
//
|
|
// Note that this structure wouldn't be needed if IoQueueWorkItem
|
|
// had been designed to call the user's routine with the WorkItem
|
|
// as an additional argument along with the DeviceObject and Context.
|
|
// Sigh.
|
|
//
|
|
typedef struct DeregisterInterfaceContext {
|
|
PIO_WORKITEM WorkItem;
|
|
Interface *IF;
|
|
} DeregisterInterfaceContext;
|
|
|
|
//* DeregisterInterfaceWorker - De/Registers an address with TDI.
|
|
//
|
|
// Worker function for calling TdiDeregisterDeviceObject.
|
|
// This is the last thing we do with the interface structure,
|
|
// so this routine also frees the interface.
|
|
// It has no references at this point.
|
|
//
|
|
void
|
|
DeregisterInterfaceWorker(
|
|
PDEVICE_OBJECT DevObj, // Unused. Wish they passed the WorkItem instead.
|
|
PVOID Context) // A DeregisterInterfaceContext struct.
|
|
{
|
|
DeregisterInterfaceContext *MyContext = Context;
|
|
Interface *IF = MyContext->IF;
|
|
NTSTATUS Status;
|
|
|
|
IoFreeWorkItem(MyContext->WorkItem);
|
|
ExFreePool(MyContext);
|
|
|
|
//
|
|
// Deregister the interface with TDI, if it was registered.
|
|
// The loopback interface is not registered.
|
|
//
|
|
if (IF->TdiRegistrationHandle != NULL) {
|
|
Status = TdiDeregisterDeviceObject(IF->TdiRegistrationHandle);
|
|
if (Status != STATUS_SUCCESS)
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_NTOS_ERROR,
|
|
"DeregisterInterfaceContext: "
|
|
"TdiDeregisterDeviceObject: %x\n", Status));
|
|
}
|
|
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_INFO_STATE,
|
|
"DeregisterInterfaceWorker(IF %u/%p) -> freed\n", IF->Index, IF));
|
|
|
|
//
|
|
// Perform final cleanup of the link-layer data structures.
|
|
//
|
|
if (IF->Cleanup != NULL)
|
|
(*IF->Cleanup)(IF->LinkContext);
|
|
|
|
ExFreePool(IF);
|
|
|
|
//
|
|
// Note that we've finished our cleanup.
|
|
//
|
|
InterlockedDecrement(&OutstandingDeregisterInterfaceCount);
|
|
}
|
|
|
|
//* DeferDeregisterInterface
|
|
//
|
|
// Queue a work item that will execute DeregisterInterfaceWorker.
|
|
//
|
|
// Callable from thread or DPC context.
|
|
//
|
|
void
|
|
DeferDeregisterInterface(
|
|
Interface *IF)
|
|
{
|
|
DeregisterInterfaceContext *Context;
|
|
PIO_WORKITEM WorkItem;
|
|
|
|
Context = ExAllocatePool(NonPagedPool, sizeof *Context);
|
|
if (Context == NULL) {
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_NTOS_ERROR,
|
|
"DeferDeregisterInterface: ExAllocatePool failed\n"));
|
|
return;
|
|
}
|
|
|
|
WorkItem = IoAllocateWorkItem(IPDeviceObject);
|
|
if (WorkItem == NULL) {
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_NTOS_ERROR,
|
|
"DeferDeregisterInterface: IoAllocateWorkItem failed\n"));
|
|
ExFreePool(Context);
|
|
return;
|
|
}
|
|
|
|
Context->WorkItem = WorkItem;
|
|
Context->IF = IF;
|
|
|
|
InterlockedIncrement(&OutstandingDeregisterInterfaceCount);
|
|
|
|
IoQueueWorkItem(WorkItem, DeregisterInterfaceWorker,
|
|
CriticalWorkQueue, Context);
|
|
}
|
|
|
|
|
|
//* DestroyIF
|
|
//
|
|
// Shuts down an interface, making the interface effectively disappear.
|
|
// The interface will actually be freed when its last ref is gone.
|
|
//
|
|
// Callable from thread context, not DPC context.
|
|
// Called with NO locks held.
|
|
//
|
|
void
|
|
DestroyIF(Interface *IF)
|
|
{
|
|
AddressEntry *ADE;
|
|
int WasDisabled;
|
|
KIRQL OldIrql;
|
|
|
|
//
|
|
// First things first: disable the interface.
|
|
// If it's already disabled, we're done.
|
|
//
|
|
KeAcquireSpinLock(&IF->Lock, &OldIrql);
|
|
ASSERT(OldIrql == 0);
|
|
KeAcquireSpinLockAtDpcLevel(&IFListLock);
|
|
WasDisabled = IF->Flags & IF_FLAG_DISABLED;
|
|
IF->Flags |= IF_FLAG_DISABLED;
|
|
KeReleaseSpinLockFromDpcLevel(&IFListLock);
|
|
|
|
if (WasDisabled) {
|
|
KeReleaseSpinLock(&IF->Lock, OldIrql);
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_INFO_RARE,
|
|
"DestroyIF(IF %u/%p) - already disabled?\n",
|
|
IF->Index, IF));
|
|
return;
|
|
}
|
|
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_INFO_STATE,
|
|
"DestroyIF(IF %u/%p) -> disabled\n",
|
|
IF->Index, IF));
|
|
|
|
//
|
|
// Stop generating Router Solicitations and Advertisements.
|
|
//
|
|
IF->RSTimer = IF->RATimer = 0;
|
|
|
|
//
|
|
// If the interface is currently forwarding,
|
|
// disable forwarding.
|
|
//
|
|
InterfaceStopForwarding(IF);
|
|
|
|
//
|
|
// Destroy all the ADEs. Because the interface is disabled,
|
|
// new ADEs will not subsequently be created.
|
|
//
|
|
while ((ADE = IF->ADE) != NULL) {
|
|
//
|
|
// First, remove this ADE from the interface.
|
|
//
|
|
IF->ADE = ADE->Next;
|
|
|
|
switch (ADE->Type) {
|
|
case ADE_UNICAST: {
|
|
NetTableEntry *NTE = (NetTableEntry *) ADE;
|
|
DestroyNTE(IF, NTE);
|
|
break;
|
|
}
|
|
|
|
case ADE_ANYCAST: {
|
|
AnycastAddressEntry *AAE = (AnycastAddressEntry *) ADE;
|
|
DeleteAAE(IF, AAE);
|
|
break;
|
|
}
|
|
|
|
case ADE_MULTICAST: {
|
|
MulticastAddressEntry *MAE = (MulticastAddressEntry *) ADE;
|
|
DeleteMAE(IF, MAE);
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
KeReleaseSpinLock(&IF->Lock, OldIrql);
|
|
|
|
//
|
|
// Shutdown the link-layer.
|
|
//
|
|
if (IF->Close != NULL)
|
|
(*IF->Close)(IF->LinkContext);
|
|
|
|
//
|
|
// Clean up routing associated with the interface.
|
|
//
|
|
RouteTableRemove(IF);
|
|
|
|
//
|
|
// Clean up reassembly buffers associated with the interface.
|
|
//
|
|
ReassemblyRemove(IF);
|
|
|
|
//
|
|
// Clean up upper-layer state associated with the interface.
|
|
//
|
|
TCPRemoveIF(IF);
|
|
|
|
//
|
|
// Release the reference that the interface
|
|
// held for itself by virtue of being active.
|
|
//
|
|
ReleaseIF(IF);
|
|
|
|
//
|
|
// At this point, any NTEs still exist
|
|
// and hold references for the interface.
|
|
// The next calls to NetTableCleanup
|
|
// and InterfaceCleanup will finish the cleanup.
|
|
//
|
|
}
|
|
|
|
|
|
//* DestroyInterface
|
|
//
|
|
// Called from a link layer to destroy an interface.
|
|
//
|
|
// May be called when the interface has zero references
|
|
// and is already being destroyed.
|
|
//
|
|
void
|
|
DestroyInterface(void *Context)
|
|
{
|
|
Interface *IF = (Interface *) Context;
|
|
|
|
DestroyIF(IF);
|
|
}
|
|
|
|
|
|
//* ReleaseInterface
|
|
//
|
|
// Called from the link-layer to release its reference
|
|
// for the interface.
|
|
//
|
|
void
|
|
ReleaseInterface(void *Context)
|
|
{
|
|
Interface *IF = (Interface *) Context;
|
|
|
|
ReleaseIF(IF);
|
|
}
|
|
|
|
|
|
//* UpdateLinkMTU
|
|
//
|
|
// Update the link's MTU, either because of administrative configuration
|
|
// or autoconfiguration from a Router Advertisement.
|
|
//
|
|
// Callable from thread or DPC context.
|
|
// Called with NO locks held.
|
|
//
|
|
void
|
|
UpdateLinkMTU(Interface *IF, uint MTU)
|
|
{
|
|
KIRQL OldIrql;
|
|
|
|
ASSERT((IPv6_MINIMUM_MTU <= MTU) && (MTU <= IF->TrueLinkMTU));
|
|
|
|
//
|
|
// If the interface is advertising, then it should
|
|
// send a new RA promptly because the RAs contain the MTU option.
|
|
// This is what really needs the lock and the IsDisabledIF check.
|
|
//
|
|
KeAcquireSpinLock(&IF->Lock, &OldIrql);
|
|
if ((IF->LinkMTU != MTU) && !IsDisabledIF(IF)) {
|
|
IF->LinkMTU = MTU;
|
|
if (IF->Flags & IF_FLAG_ADVERTISES) {
|
|
//
|
|
// Send a Router Advertisement very soon.
|
|
//
|
|
IF->RATimer = 1;
|
|
}
|
|
}
|
|
KeReleaseSpinLock(&IF->Lock, OldIrql);
|
|
}
|
|
|
|
|
|
//* FindInterfaceFromIndex
|
|
//
|
|
// Given the index of an interface, finds the interface.
|
|
// Returns a reference for the interface, or
|
|
// returns NULL if no valid interface is found.
|
|
//
|
|
// Callable from thread or DPC context.
|
|
//
|
|
Interface *
|
|
FindInterfaceFromIndex(uint Index)
|
|
{
|
|
Interface *IF;
|
|
KIRQL OldIrql;
|
|
|
|
KeAcquireSpinLock(&IFListLock, &OldIrql);
|
|
for (IF = IFList; IF != NULL; IF = IF->Next) {
|
|
|
|
if (IF->Index == Index) {
|
|
//
|
|
// Fail to find disabled interfaces.
|
|
//
|
|
if (IsDisabledIF(IF))
|
|
IF = NULL;
|
|
else
|
|
AddRefIF(IF);
|
|
break;
|
|
}
|
|
}
|
|
KeReleaseSpinLock(&IFListLock, OldIrql);
|
|
|
|
return IF;
|
|
}
|
|
|
|
//* FindInterfaceFromGuid
|
|
//
|
|
// Given the guid of an interface, finds the interface.
|
|
// Returns a reference for the interface, or
|
|
// returns NULL if no valid interface is found.
|
|
//
|
|
// Callable from thread or DPC context.
|
|
//
|
|
Interface *
|
|
FindInterfaceFromGuid(const GUID *Guid)
|
|
{
|
|
Interface *IF;
|
|
KIRQL OldIrql;
|
|
|
|
KeAcquireSpinLock(&IFListLock, &OldIrql);
|
|
for (IF = IFList; IF != NULL; IF = IF->Next) {
|
|
|
|
if (RtlCompareMemory(&IF->Guid, Guid, sizeof(GUID)) == sizeof(GUID)) {
|
|
//
|
|
// Fail to find disabled interfaces.
|
|
//
|
|
if (IsDisabledIF(IF))
|
|
IF = NULL;
|
|
else
|
|
AddRefIF(IF);
|
|
break;
|
|
}
|
|
}
|
|
KeReleaseSpinLock(&IFListLock, OldIrql);
|
|
|
|
return IF;
|
|
}
|
|
|
|
//* FindNextInterface
|
|
//
|
|
// Returns the next valid (not disabled) interface.
|
|
// If the argument is NULL, returns the first valid interface.
|
|
// Returns NULL if there is no next valid interface.
|
|
//
|
|
// Callable from thread or DPC context.
|
|
//
|
|
Interface *
|
|
FindNextInterface(Interface *IF)
|
|
{
|
|
KIRQL OldIrql;
|
|
|
|
KeAcquireSpinLock(&IFListLock, &OldIrql);
|
|
|
|
if (IF == NULL)
|
|
IF = IFList;
|
|
else
|
|
IF = IF->Next;
|
|
|
|
for (; IF != NULL; IF = IF->Next) {
|
|
if (! IsDisabledIF(IF)) {
|
|
AddRefIF(IF);
|
|
break;
|
|
}
|
|
}
|
|
|
|
KeReleaseSpinLock(&IFListLock, OldIrql);
|
|
|
|
return IF;
|
|
}
|
|
|
|
//* FindInterfaceFromZone
|
|
//
|
|
// Given a scope level and a zone index, finds an interface
|
|
// belonging to the specified zone. The interface
|
|
// must be different than the specified OrigIf.
|
|
//
|
|
// Called with the global ZoneUpdateLock lock held.
|
|
// (So we are at DPC level.)
|
|
//
|
|
Interface *
|
|
FindInterfaceFromZone(Interface *OrigIF, uint Scope, uint Index)
|
|
{
|
|
Interface *IF;
|
|
|
|
KeAcquireSpinLockAtDpcLevel(&IFListLock);
|
|
for (IF = IFList; IF != NULL; IF = IF->Next) {
|
|
|
|
if ((IF != OrigIF) &&
|
|
!IsDisabledIF(IF) &&
|
|
(IF->ZoneIndices[Scope] == Index)) {
|
|
|
|
AddRefIF(IF);
|
|
break;
|
|
}
|
|
}
|
|
KeReleaseSpinLockFromDpcLevel(&IFListLock);
|
|
|
|
return IF;
|
|
}
|
|
|
|
//* FindNewZoneIndex
|
|
//
|
|
// This is a helper function for CheckZoneIndices.
|
|
//
|
|
// Given a scope level, finds an unused zone index
|
|
// for use at that scope level.
|
|
// We return the value one more than the largest
|
|
// value currently in use.
|
|
//
|
|
// Called with the global ZoneUpdateLock lock held.
|
|
// Called from DPC context.
|
|
//
|
|
uint
|
|
FindNewZoneIndex(uint Scope)
|
|
{
|
|
Interface *IF;
|
|
uint ZoneIndex = 1;
|
|
|
|
KeAcquireSpinLockAtDpcLevel(&IFListLock);
|
|
for (IF = IFList; IF != NULL; IF = IF->Next) {
|
|
|
|
if (!IsDisabledIF(IF)) {
|
|
if (ZoneIndex <= IF->ZoneIndices[Scope])
|
|
ZoneIndex = IF->ZoneIndices[Scope] + 1;
|
|
}
|
|
}
|
|
KeReleaseSpinLockFromDpcLevel(&IFListLock);
|
|
|
|
return ZoneIndex;
|
|
}
|
|
|
|
//* InitZoneIndices
|
|
//
|
|
// Initializes the interface's zone indices to default values.
|
|
//
|
|
void
|
|
InitZoneIndices(Interface *IF)
|
|
{
|
|
ushort Scope;
|
|
|
|
IF->ZoneIndices[ADE_SMALLEST_SCOPE] = IF->Index;
|
|
IF->ZoneIndices[ADE_INTERFACE_LOCAL] = IF->Index;
|
|
IF->ZoneIndices[ADE_LINK_LOCAL] = IF->Index;
|
|
for (Scope = ADE_LINK_LOCAL + 1; Scope <= ADE_LARGEST_SCOPE; Scope++)
|
|
IF->ZoneIndices[Scope] = 1;
|
|
}
|
|
|
|
//* FindDefaultInterfaceForZone
|
|
//
|
|
// Given a scope level and a zone index, finds the default interface
|
|
// belonging to the specified zone. The default interface
|
|
// is the one that we assume destinations in the zone
|
|
// are on-link to, if there are no routes matching the destination.
|
|
//
|
|
// It is an error for the zone index to be zero, unless
|
|
// all our interfaces are in the same zone at that scope level.
|
|
// In which case zero (meaning unspecified) is actually not ambiguous.
|
|
//
|
|
// Return codes:
|
|
// IP_DEST_NO_ROUTE Unused at the moment, but can be used
|
|
// to mean that ScopeId is valid but we can not choose
|
|
// a default interface.
|
|
// IP_PARAMETER_PROBLEM ScopeId is invalid.
|
|
//
|
|
// ScopeIF is returned as NULL upon failure,
|
|
// and with a reference upon success.
|
|
//
|
|
// Upon success, ReturnConstrained indicates whether a zero ScopeId
|
|
// argument would have resulted in the same value for ScopeIF.
|
|
// RCE_FLAG_CONSTRAINED_SCOPEID Non-zero ScopeId was necessary.
|
|
// 0 Zero ScopeId would be the same.
|
|
//
|
|
// Called with the route cache lock held.
|
|
// (So we are at DPC level.)
|
|
//
|
|
IP_STATUS
|
|
FindDefaultInterfaceForZone(
|
|
uint Scope,
|
|
uint ScopeId,
|
|
Interface **ScopeIF,
|
|
ushort *ReturnConstrained)
|
|
{
|
|
Interface *FirstIF;
|
|
Interface *FoundIF;
|
|
Interface *IF;
|
|
IP_STATUS Status;
|
|
ushort Constrained;
|
|
|
|
//
|
|
// Start by assuming the ScopeId is invalid.
|
|
// We will return this status value
|
|
// if we find no interface with the specified ScopeId,
|
|
// or if ScopeId is zero and that is ambiguous.
|
|
//
|
|
Status = IP_PARAMETER_PROBLEM;
|
|
Constrained = 0;
|
|
FoundIF = NULL;
|
|
FirstIF = NULL;
|
|
|
|
KeAcquireSpinLockAtDpcLevel(&IFListLock);
|
|
for (IF = IFList; IF != NULL; IF = IF->Next) {
|
|
|
|
if (!IsDisabledIF(IF)) {
|
|
//
|
|
// Do we have interfaces in two zones at this scope level?
|
|
//
|
|
if (FirstIF == NULL) {
|
|
|
|
FirstIF = IF;
|
|
}
|
|
else if (IF->ZoneIndices[Scope] != FirstIF->ZoneIndices[Scope]) {
|
|
|
|
if (ScopeId == 0) {
|
|
//
|
|
// Stop now with an error.
|
|
//
|
|
ASSERT(FoundIF != NULL);
|
|
ReleaseIF(FoundIF);
|
|
FoundIF = NULL;
|
|
Status = IP_PARAMETER_PROBLEM;
|
|
break;
|
|
}
|
|
else {
|
|
//
|
|
// If ScopeId were zero, we would be returning an error
|
|
// instead of finding an interface. So the ScopeId value
|
|
// is constraining the result.
|
|
//
|
|
Constrained = RCE_FLAG_CONSTRAINED_SCOPEID;
|
|
}
|
|
}
|
|
|
|
//
|
|
// Can we potentially use this interface?
|
|
//
|
|
if ((ScopeId == 0) ||
|
|
(IF->ZoneIndices[Scope] == ScopeId)) {
|
|
|
|
if (FoundIF == NULL) {
|
|
Status = IP_SUCCESS;
|
|
FoundInterface:
|
|
AddRefIF(IF);
|
|
FoundIF = IF;
|
|
}
|
|
else {
|
|
//
|
|
// Is this new interface better than the previous one?
|
|
//
|
|
if (IF->Preference < FoundIF->Preference) {
|
|
ReleaseIF(FoundIF);
|
|
goto FoundInterface;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
KeReleaseSpinLockFromDpcLevel(&IFListLock);
|
|
|
|
*ScopeIF = FoundIF;
|
|
*ReturnConstrained = Constrained;
|
|
return Status;
|
|
}
|
|
|
|
#pragma BEGIN_INIT
|
|
|
|
//* IPInit - Initialize ourselves.
|
|
//
|
|
// This routine is called during initialization from the OS-specific
|
|
// init code.
|
|
//
|
|
int // Returns: 0 if initialization failed, non-zero if it succeeds.
|
|
IPInit(void)
|
|
{
|
|
NDIS_STATUS Status;
|
|
LARGE_INTEGER Now;
|
|
|
|
ASSERT(ConvertSecondsToTicks(0) == 0);
|
|
ASSERT(ConvertSecondsToTicks(INFINITE_LIFETIME) == INFINITE_LIFETIME);
|
|
ASSERT(ConvertSecondsToTicks(1) == IPv6_TICKS_SECOND);
|
|
|
|
ASSERT(ConvertTicksToSeconds(0) == 0);
|
|
ASSERT(ConvertTicksToSeconds(IPv6_TICKS_SECOND) == 1);
|
|
ASSERT(ConvertTicksToSeconds(INFINITE_LIFETIME) == INFINITE_LIFETIME);
|
|
|
|
ASSERT(ConvertMillisToTicks(1000) == IPv6_TICKS_SECOND);
|
|
ASSERT(ConvertMillisToTicks(1) > 0);
|
|
|
|
KeInitializeSpinLock(&NetTableListLock);
|
|
KeInitializeSpinLock(&IFListLock);
|
|
KeInitializeSpinLock(&ZoneUpdateLock);
|
|
|
|
//
|
|
// Prepare our periodic timer and its associated DPC object.
|
|
//
|
|
// When the timer expires, the IPv6Timeout deferred procedure
|
|
// call (DPC) is queued. Everything we need to do at some
|
|
// specific frequency is driven off of this routine.
|
|
//
|
|
// We don't actually start the timer until an interface
|
|
// is created. We need random seed info from the interface.
|
|
// Plus there's no point in the overhead unless there are interfaces.
|
|
//
|
|
KeInitializeDpc(&IPv6TimeoutDpc, IPv6Timeout, NULL); // No parameter.
|
|
KeInitializeTimer(&IPv6Timer);
|
|
|
|
//
|
|
// Perform initial seed of our random number generator using
|
|
// low bits of a high-precision time-since-boot. Since this isn't
|
|
// the greatest seed (having just booted it won't vary much), we later
|
|
// use bits from our link-layer addresses as we discover them.
|
|
//
|
|
Now = KeQueryPerformanceCounter(NULL);
|
|
SeedRandom((uchar *)&Now, sizeof Now);
|
|
|
|
// Initialize the ProtocolSwitchTable.
|
|
ProtoTabInit();
|
|
|
|
//
|
|
// Create Packet and Buffer pools for IPv6.
|
|
//
|
|
|
|
switch (MmQuerySystemSize()) {
|
|
case MmSmallSystem:
|
|
PacketPoolSize = SMALL_POOL;
|
|
break;
|
|
case MmMediumSystem:
|
|
PacketPoolSize = MEDIUM_POOL;
|
|
break;
|
|
case MmLargeSystem:
|
|
default:
|
|
PacketPoolSize = LARGE_POOL;
|
|
break;
|
|
}
|
|
NdisAllocatePacketPool(&Status, &IPv6PacketPool,
|
|
PacketPoolSize, sizeof(Packet6Context));
|
|
if (Status != NDIS_STATUS_SUCCESS)
|
|
return FALSE;
|
|
|
|
//
|
|
// Currently, the size we pass to NdisAllocateBufferPool is ignored.
|
|
//
|
|
NdisAllocateBufferPool(&Status, &IPv6BufferPool, PacketPoolSize);
|
|
if (Status != NDIS_STATUS_SUCCESS)
|
|
return FALSE;
|
|
|
|
ReassemblyInit();
|
|
|
|
ICMPv6Init();
|
|
|
|
if (!IPSecInit())
|
|
return FALSE;
|
|
|
|
//
|
|
// Start the routing module
|
|
//
|
|
InitRouting();
|
|
InitSelect();
|
|
|
|
//
|
|
// The IPv6 timer is initialized in CreateInterface,
|
|
// when the first real interface is created.
|
|
// The calls below will start creating interfaces;
|
|
// our data structures should all be initialized now.
|
|
//
|
|
|
|
//
|
|
// First create the loopback interface,
|
|
// so it will be interface 1.
|
|
//
|
|
if (!LoopbackInit())
|
|
return FALSE; // Couldn't initialize loopback.
|
|
|
|
//
|
|
// Second create the tunnel interface,
|
|
// so it will be interface 2.
|
|
// This can also result in 6over4 interfaces.
|
|
//
|
|
if (!TunnelInit())
|
|
return FALSE; // Couldn't initialize tunneling.
|
|
|
|
//
|
|
// Finally initialize with ndis,
|
|
// so ethernet interfaces can be created.
|
|
//
|
|
if (!LanInit())
|
|
return FALSE; // Couldn't initialize with ndis.
|
|
|
|
return TRUE;
|
|
}
|
|
|
|
#pragma END_INIT
|
|
|
|
|
|
//* IPUnload
|
|
//
|
|
// Called to shutdown the IP module in preparation
|
|
// for unloading the protocol stack.
|
|
//
|
|
void
|
|
IPUnload(void)
|
|
{
|
|
Interface *IF;
|
|
KIRQL OldIrql;
|
|
|
|
TdiDeregisterProvider(IPv6ProviderHandle);
|
|
|
|
//
|
|
// Stop the periodic timer.
|
|
//
|
|
KeCancelTimer(&IPv6Timer);
|
|
|
|
//
|
|
// Call each interface's close function.
|
|
// Note that interfaces might disappear while
|
|
// the interface list is unlocked,
|
|
// but new interfaces will not be created
|
|
// and the list does not get reordered.
|
|
//
|
|
KeAcquireSpinLock(&IFListLock, &OldIrql);
|
|
for (IF = IFList; IF != NULL; IF = IF->Next) {
|
|
AddRefIF(IF);
|
|
KeReleaseSpinLock(&IFListLock, OldIrql);
|
|
|
|
DestroyIF(IF);
|
|
|
|
KeAcquireSpinLock(&IFListLock, &OldIrql);
|
|
ReleaseIF(IF);
|
|
}
|
|
KeReleaseSpinLock(&IFListLock, OldIrql);
|
|
|
|
//
|
|
// DestroyIF/DestroyNTE spawned RegisterNetAddressWorker threads.
|
|
// Wait for them all to finish executing.
|
|
// This needs to be done before NetTableCleanup.
|
|
//
|
|
while (OutstandingRegisterNetAddressCount != 0) {
|
|
LARGE_INTEGER Interval;
|
|
Interval.QuadPart = -1; // Shortest possible relative wait.
|
|
KeDelayExecutionThread(KernelMode, FALSE, &Interval);
|
|
}
|
|
|
|
//
|
|
// TunnelUnload needs to be after calling DestroyIF
|
|
// on all the interfaces and before InterfaceCleanup.
|
|
//
|
|
TunnelUnload();
|
|
|
|
NetTableCleanup();
|
|
InterfaceCleanup();
|
|
UnloadSelect();
|
|
UnloadRouting();
|
|
IPSecUnload();
|
|
ReassemblyUnload();
|
|
|
|
ASSERT(NumForwardingInterfaces == 0);
|
|
ASSERT(IPSInfo.ipsi_numif == 0);
|
|
|
|
//
|
|
// InterfaceCleanup spawned DeregisterInterfaceWorker threads.
|
|
// Wait for them all to finish executing.
|
|
// Unfortunately, there is no good builtin synchronization primitive
|
|
// for this task. However, in practice because of the relative
|
|
// priorities of the threads involved, we almost never actually
|
|
// wait here. So this solution is quite efficient.
|
|
//
|
|
while (OutstandingDeregisterInterfaceCount != 0) {
|
|
LARGE_INTEGER Interval;
|
|
Interval.QuadPart = -1; // Shortest possible relative wait.
|
|
KeDelayExecutionThread(KernelMode, FALSE, &Interval);
|
|
}
|
|
|
|
#if DBG
|
|
{
|
|
NetTableEntry *NTE;
|
|
|
|
for (NTE = NetTableList; NTE != NULL; NTE = NTE->NextOnNTL) {
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_INFO_STATE,
|
|
"Leaked NTE %p (IF %u/%p) Addr %s Refs %u\n",
|
|
NTE, NTE->IF->Index, NTE->IF,
|
|
FormatV6Address(&NTE->Address),
|
|
NTE->RefCnt));
|
|
}
|
|
|
|
for (IF = IFList; IF != NULL; IF = IF->Next) {
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_INFO_STATE,
|
|
"Leaked IF %u/%p Refs %u\n",
|
|
IF->Index, IF, IF->RefCnt));
|
|
}
|
|
}
|
|
#endif // DBG
|
|
|
|
//
|
|
// We must wait until all the interfaces are completely cleaned up
|
|
// by DeregisterInterfaceWorker before freeing the packet pools.
|
|
// This is because Lan interfaces hold onto a packet (ai_tdpacket)
|
|
// that is freed in LanCleanupAdapter. NdisFreePacketPool
|
|
// blows away any packets that are still allocated so we can't call
|
|
// IPv6FreePacket after NdisFreePacketPool/NdisFreeBufferPool.
|
|
//
|
|
NdisFreePacketPool(IPv6PacketPool);
|
|
NdisFreeBufferPool(IPv6BufferPool);
|
|
}
|
|
|
|
|
|
//* GetLinkLocalNTE
|
|
//
|
|
// Returns the interface's link-local NTE (without a reference), or
|
|
// returns NULL if the interface does not have a valid link-local address.
|
|
//
|
|
// Called with the interface locked.
|
|
//
|
|
NetTableEntry *
|
|
GetLinkLocalNTE(Interface *IF)
|
|
{
|
|
NetTableEntry *NTE;
|
|
|
|
NTE = IF->LinkLocalNTE;
|
|
if ((NTE == NULL) || !IsValidNTE(NTE)) {
|
|
//
|
|
// If we didn't find a valid NTE in the LinkLocalNTE field,
|
|
// search the ADE list and cache the first valid link-local NTE
|
|
// we find (if any).
|
|
//
|
|
for (NTE = (NetTableEntry *) IF->ADE;
|
|
NTE != NULL;
|
|
NTE = (NetTableEntry *) NTE->Next) {
|
|
|
|
if ((NTE->Type == ADE_UNICAST) &&
|
|
IsValidNTE(NTE) &&
|
|
IsLinkLocal(&NTE->Address)) {
|
|
//
|
|
// Cache this NTE for future reference.
|
|
//
|
|
IF->LinkLocalNTE = NTE;
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
return NTE;
|
|
}
|
|
|
|
|
|
//* GetLinkLocalAddress
|
|
//
|
|
// Returns the interface's link-local address,
|
|
// if it is valid. Otherwise, returns
|
|
// the unspecified address.
|
|
//
|
|
// Callable from thread or DPC context.
|
|
//
|
|
// Returns FALSE if the link-local address is not valid.
|
|
//
|
|
int
|
|
GetLinkLocalAddress(
|
|
Interface *IF, // Interface for which to find an address.
|
|
IPv6Addr *Addr) // Where to return address found (or unspecified).
|
|
{
|
|
KIRQL OldIrql;
|
|
NetTableEntry *NTE;
|
|
int Status;
|
|
|
|
KeAcquireSpinLock(&IF->Lock, &OldIrql);
|
|
|
|
NTE = GetLinkLocalNTE(IF);
|
|
if (Status = (NTE != NULL))
|
|
*Addr = NTE->Address;
|
|
else
|
|
*Addr = UnspecifiedAddr;
|
|
|
|
KeReleaseSpinLock(&IF->Lock, OldIrql);
|
|
return Status;
|
|
}
|
|
|
|
|
|
//* FindOrCreateNTE
|
|
//
|
|
// Find the specified unicast address.
|
|
// If it already exists, update it.
|
|
// If it doesn't exist, create it if the lifetime is non-zero.
|
|
//
|
|
// Returns TRUE for success.
|
|
//
|
|
// Called with NO locks held.
|
|
// Callable from thread or DPC context.
|
|
//
|
|
int
|
|
FindOrCreateNTE(
|
|
Interface *IF,
|
|
const IPv6Addr *Addr,
|
|
uint AddrConf,
|
|
uint ValidLifetime,
|
|
uint PreferredLifetime)
|
|
{
|
|
NetTableEntry *NTE;
|
|
KIRQL OldIrql;
|
|
int rc;
|
|
|
|
ASSERT(!IsMulticast(Addr) && !IsUnspecified(Addr) &&
|
|
(!IsLoopback(Addr) || (IF == LoopInterface)));
|
|
ASSERT(PreferredLifetime <= ValidLifetime);
|
|
ASSERT(AddrConf != ADDR_CONF_ANONYMOUS);
|
|
|
|
KeAcquireSpinLock(&IF->Lock, &OldIrql);
|
|
NTE = (NetTableEntry *) *FindADE(IF, Addr);
|
|
if (NTE == NULL) {
|
|
//
|
|
// There is no such address, so create it.
|
|
//
|
|
NTE = CreateNTE(IF, Addr, AddrConf, ValidLifetime, PreferredLifetime);
|
|
if (NTE == NULL) {
|
|
rc = FALSE;
|
|
}
|
|
else {
|
|
ReleaseNTE(NTE);
|
|
rc = TRUE;
|
|
}
|
|
}
|
|
else if ((NTE->Type == ADE_UNICAST) &&
|
|
(NTE->AddrConf == AddrConf)) {
|
|
//
|
|
// Update the address lifetimes.
|
|
// If we set the lifetime to zero, AddrConfTimeout will remove it.
|
|
// NB: We do not allow NTE->AddrConf to change.
|
|
//
|
|
NTE->ValidLifetime = ValidLifetime;
|
|
NTE->PreferredLifetime = PreferredLifetime;
|
|
rc = TRUE;
|
|
}
|
|
else {
|
|
//
|
|
// We found the address, but we can't update it.
|
|
//
|
|
rc = FALSE;
|
|
}
|
|
|
|
if (IsMCastSyncNeeded(IF))
|
|
DeferSynchronizeMulticastAddresses(IF);
|
|
|
|
KeReleaseSpinLock(&IF->Lock, OldIrql);
|
|
|
|
return rc;
|
|
}
|
|
|
|
|
|
//* CreateAnonymousAddress
|
|
//
|
|
// Creates an anonymous address for the interface.
|
|
//
|
|
// Called with the interface locked.
|
|
//
|
|
void
|
|
CreateAnonymousAddress(Interface *IF, const IPv6Addr *Prefix, IPv6Addr *Addr)
|
|
{
|
|
uint Now = IPv6TickCount;
|
|
|
|
if (AnonRandomTime == 0) {
|
|
//
|
|
// We delay initializing AnonRandomTime until it is needed.
|
|
// This way the random number generator has been initialized.
|
|
//
|
|
AnonRandomTime = RandomNumber(0, MaxAnonRandomTime);
|
|
}
|
|
|
|
//
|
|
// First, update the state that we use if it is too old.
|
|
//
|
|
if ((IF->AnonStateAge == 0) ||
|
|
(UseAnonymousAddresses == USE_ANON_ALWAYS) ||
|
|
((uint)(Now - IF->AnonStateAge) >=
|
|
(AnonPreferredLifetime - AnonRegenerateTime))) {
|
|
|
|
TryAgain:
|
|
IF->AnonStateAge = Now;
|
|
|
|
if (UseAnonymousAddresses == USE_ANON_COUNTER) {
|
|
//
|
|
// When testing, it's convenient to use interface identifiers
|
|
// that aren't actually random.
|
|
//
|
|
*(UINT UNALIGNED *)&IF->AnonState.s6_bytes[12] =
|
|
net_long(net_long(*(UINT UNALIGNED *)&IF->AnonState.s6_bytes[12]) + 1);
|
|
}
|
|
else {
|
|
MD5_CTX Context;
|
|
//
|
|
// The high half of IF->AnonState is our history value.
|
|
// The low half is the anonymous interface identifier.
|
|
//
|
|
// Append the history value to the usual interface identifier,
|
|
// and calculate the MD5 digest of the resulting quantity.
|
|
// Note MD5 digests and IPv6 addresses are the both 16 bytes,
|
|
// while our history value and the interface identifer are 8 bytes.
|
|
//
|
|
(*IF->CreateToken)(IF->LinkContext, &IF->AnonState);
|
|
MD5Init(&Context);
|
|
MD5Update(&Context, (uchar *)&IF->AnonState, sizeof IF->AnonState);
|
|
MD5Final(&Context);
|
|
memcpy((uchar *)&IF->AnonState, Context.digest, MD5DIGESTLEN);
|
|
}
|
|
|
|
//
|
|
// Clear the universal/local bit to indicate local significance.
|
|
//
|
|
IF->AnonState.s6_bytes[8] &= ~0x2;
|
|
}
|
|
|
|
RtlCopyMemory(&Addr->s6_bytes[0], Prefix, 8);
|
|
RtlCopyMemory(&Addr->s6_bytes[8], &IF->AnonState.s6_bytes[8], 8);
|
|
|
|
//
|
|
// Check that we haven't accidently generated
|
|
// a known anycast address format,
|
|
// or an existing address on the interface.
|
|
//
|
|
if (IsKnownAnycast(Addr) ||
|
|
(*FindADE(IF, Addr) != NULL))
|
|
goto TryAgain;
|
|
}
|
|
|
|
|
|
//* AddrConfUpdate - Perform address auto-configuration.
|
|
//
|
|
// Called when we receive a valid Router Advertisement
|
|
// with a Prefix Information option that has the A (autonomous) bit set.
|
|
//
|
|
// Our caller is responsible for any sanity-checking of the prefix.
|
|
//
|
|
// Our caller is responsible for checking that the preferred lifetime
|
|
// is not greater than the valid lifetime.
|
|
//
|
|
// Will also optionally return an NTE, with a reference for the caller.
|
|
// This is done when a public address is created.
|
|
//
|
|
// Called with NO locks held.
|
|
// Callable from DPC context, not from thread context.
|
|
//
|
|
void
|
|
AddrConfUpdate(
|
|
Interface *IF,
|
|
const IPv6Addr *Prefix,
|
|
uint ValidLifetime,
|
|
uint PreferredLifetime,
|
|
int Authenticated,
|
|
NetTableEntry **pNTE)
|
|
{
|
|
NetTableEntry *NTE;
|
|
int Create = TRUE;
|
|
|
|
ASSERT(PreferredLifetime <= ValidLifetime);
|
|
|
|
KeAcquireSpinLockAtDpcLevel(&IF->Lock);
|
|
//
|
|
// Scan the existing Net Table Entries.
|
|
// Note that some of the list elements
|
|
// are actually ADEs of other flavors.
|
|
//
|
|
for (NTE = (NetTableEntry *)IF->ADE;
|
|
;
|
|
NTE = (NetTableEntry *)NTE->Next) {
|
|
|
|
if (NTE == NULL) {
|
|
//
|
|
// No existing entry for this prefix.
|
|
// Create an entry if the lifetime is non-zero.
|
|
//
|
|
if (Create && (ValidLifetime != 0)) {
|
|
IPv6Addr Addr;
|
|
|
|
//
|
|
// Auto-configure a new public address.
|
|
//
|
|
Addr = *Prefix;
|
|
(*IF->CreateToken)(IF->LinkContext, &Addr);
|
|
|
|
NTE = (NetTableEntry *) *FindADE(IF, &Addr);
|
|
if (NTE != NULL) {
|
|
if (NTE->Type == ADE_UNICAST) {
|
|
//
|
|
// Resurrect the address for our use.
|
|
//
|
|
ASSERT(NTE->DADState == DAD_STATE_INVALID);
|
|
NTE->ValidLifetime = ValidLifetime;
|
|
NTE->PreferredLifetime = PreferredLifetime;
|
|
|
|
//
|
|
// And return this NTE.
|
|
//
|
|
AddRefNTE(NTE);
|
|
}
|
|
else {
|
|
//
|
|
// We can not create the public address.
|
|
//
|
|
NTE = NULL;
|
|
break;
|
|
}
|
|
}
|
|
else {
|
|
//
|
|
// Create the public address, returning the new NTE.
|
|
//
|
|
NTE = CreateNTE(IF, &Addr, ADDR_CONF_PUBLIC,
|
|
ValidLifetime, PreferredLifetime);
|
|
}
|
|
|
|
//
|
|
// Auto-configure a new anonymous address,
|
|
// if appropriate. Note that anonymous addresses cannot
|
|
// be used on interfaces that do not support ND, since
|
|
// we have no way to resolve them to link-layer addresses.
|
|
//
|
|
if ((UseAnonymousAddresses != USE_ANON_NO) &&
|
|
!IsSiteLocal(Prefix) &&
|
|
(IF->Flags & IF_FLAG_NEIGHBOR_DISCOVERS) &&
|
|
(PreferredLifetime > AnonRegenerateTime) &&
|
|
(NTE != NULL)) {
|
|
|
|
IPv6Addr AnonAddr;
|
|
uint AnonValidLife;
|
|
uint AnonPreferredLife;
|
|
AnonNetTableEntry *AnonNTE;
|
|
|
|
CreateAnonymousAddress(IF, Prefix, &AnonAddr);
|
|
|
|
AnonValidLife = MIN(ValidLifetime,
|
|
MaxAnonValidLifetime);
|
|
AnonPreferredLife = MIN(PreferredLifetime,
|
|
AnonPreferredLifetime);
|
|
|
|
AnonNTE = (AnonNetTableEntry *)
|
|
CreateNTE(IF, &AnonAddr, ADDR_CONF_ANONYMOUS,
|
|
AnonValidLife, AnonPreferredLife);
|
|
if (AnonNTE != NULL) {
|
|
//
|
|
// Create the association between
|
|
// the anonymous & public address.
|
|
//
|
|
AnonNTE->Public = NTE;
|
|
|
|
//
|
|
// Initialize the special anonymous creation time.
|
|
// This limits the anonymous address's lifetimes.
|
|
//
|
|
AnonNTE->CreationTime = IPv6TickCount;
|
|
|
|
ReleaseNTE((NetTableEntry *)AnonNTE);
|
|
}
|
|
else {
|
|
//
|
|
// Failure - destroy the public address.
|
|
//
|
|
DestroyNTE(IF, NTE);
|
|
ReleaseNTE(NTE);
|
|
NTE = NULL;
|
|
}
|
|
}
|
|
}
|
|
break;
|
|
}
|
|
|
|
//
|
|
// Is this a unicast address matching the prefix?
|
|
//
|
|
if ((NTE->Type == ADE_UNICAST) &&
|
|
(NTE->DADState != DAD_STATE_INVALID) &&
|
|
HasPrefix(&NTE->Address, Prefix,
|
|
IPV6_ADDRESS_LENGTH - IPV6_ID_LENGTH)) {
|
|
//
|
|
// Reset the lifetimes of auto-configured addresses.
|
|
// NB: RFC 2462 says to reset DHCP addresses too,
|
|
// but I think that's wrong.
|
|
//
|
|
// Note that to prevent denial of service,
|
|
// we don't accept updates that lower the lifetime
|
|
// to small values.
|
|
//
|
|
// AddrConfTimeout (called from IPv6Timeout) handles
|
|
// the invalid & deprecated state transitions.
|
|
//
|
|
if (IsStatelessAutoConfNTE(NTE)) {
|
|
|
|
if ((ValidLifetime > PREFIX_LIFETIME_SAFETY) ||
|
|
(ValidLifetime > NTE->ValidLifetime) ||
|
|
Authenticated)
|
|
NTE->ValidLifetime = ValidLifetime;
|
|
else if (NTE->ValidLifetime <= PREFIX_LIFETIME_SAFETY)
|
|
; // ignore
|
|
else
|
|
NTE->ValidLifetime = PREFIX_LIFETIME_SAFETY;
|
|
|
|
NTE->PreferredLifetime = PreferredLifetime;
|
|
|
|
//
|
|
// For anonymous addresses, ensure that the lifetimes
|
|
// are not extended indefinitely.
|
|
//
|
|
if (NTE->AddrConf == ADDR_CONF_ANONYMOUS) {
|
|
AnonNetTableEntry *AnonNTE = (AnonNetTableEntry *)NTE;
|
|
uint Now = IPv6TickCount;
|
|
|
|
//
|
|
// Must be careful of overflows in these comparisons.
|
|
// (Eg, AnonNTE->ValidLifetime might be INFINITE_LIFETIME.)
|
|
// N Now
|
|
// V AnonNTE->ValidLifetime
|
|
// MV MaxAnonValidLifetime
|
|
// C AnonNTE->CreationTime
|
|
// We want to check
|
|
// N + V > C + MV
|
|
// Transform this to
|
|
// N - C > MV - V
|
|
// Then underflow of MV - V must be checked but
|
|
// N - C is not a problem because the tick count wraps.
|
|
//
|
|
|
|
if ((AnonNTE->ValidLifetime > MaxAnonValidLifetime) ||
|
|
(Now - AnonNTE->CreationTime >
|
|
MaxAnonValidLifetime - AnonNTE->ValidLifetime)) {
|
|
//
|
|
// This anonymous address is showing its age.
|
|
// Must curtail its valid lifetime.
|
|
//
|
|
if (MaxAnonValidLifetime > Now - AnonNTE->CreationTime)
|
|
AnonNTE->ValidLifetime =
|
|
AnonNTE->CreationTime +
|
|
MaxAnonValidLifetime - Now;
|
|
else
|
|
AnonNTE->ValidLifetime = 0;
|
|
}
|
|
|
|
if ((AnonNTE->PreferredLifetime > AnonPreferredLifetime) ||
|
|
(Now - AnonNTE->CreationTime >
|
|
AnonPreferredLifetime - AnonNTE->PreferredLifetime)) {
|
|
//
|
|
// This anonymous address is showing its age.
|
|
// Must curtail its preferred lifetime.
|
|
//
|
|
if (AnonPreferredLifetime > Now - AnonNTE->CreationTime)
|
|
AnonNTE->PreferredLifetime =
|
|
AnonNTE->CreationTime +
|
|
AnonPreferredLifetime - Now;
|
|
else
|
|
AnonNTE->PreferredLifetime = 0;
|
|
}
|
|
}
|
|
|
|
//
|
|
// Maintain our invariant that the preferred lifetime
|
|
// is not larger than the valid lifetime.
|
|
//
|
|
if (NTE->ValidLifetime < NTE->PreferredLifetime)
|
|
NTE->PreferredLifetime = NTE->ValidLifetime;
|
|
}
|
|
|
|
if (NTE->ValidLifetime != 0) {
|
|
//
|
|
// We found an existing address that matches the prefix,
|
|
// so inhibit auto-configuration of a new address.
|
|
//
|
|
Create = FALSE;
|
|
}
|
|
}
|
|
}
|
|
|
|
if (IsMCastSyncNeeded(IF))
|
|
DeferSynchronizeMulticastAddresses(IF);
|
|
|
|
KeReleaseSpinLockFromDpcLevel(&IF->Lock);
|
|
|
|
if (pNTE != NULL)
|
|
*pNTE = NTE;
|
|
else if (NTE != NULL)
|
|
ReleaseNTE(NTE);
|
|
}
|
|
|
|
//* AddrConfDuplicate
|
|
//
|
|
// Duplicate Address Detection has found
|
|
// that the NTE conflicts with some other node.
|
|
//
|
|
// Called with the interface locked.
|
|
// Callable from thread or DPC context.
|
|
//
|
|
void
|
|
AddrConfDuplicate(Interface *IF, NetTableEntry *NTE)
|
|
{
|
|
int rc;
|
|
|
|
ASSERT(NTE->IF == IF);
|
|
|
|
if ((NTE->DADState != DAD_STATE_INVALID) &&
|
|
(NTE->DADState != DAD_STATE_DUPLICATE)) {
|
|
IF->DupAddrDetects++;
|
|
|
|
if (IsValidNTE(NTE)) {
|
|
if (NTE->DADState == DAD_STATE_PREFERRED) {
|
|
//
|
|
// Queue worker to tell TDI that this address is going away.
|
|
//
|
|
if (!(IF->Flags & IF_FLAG_MEDIA_DISCONNECTED)) {
|
|
DeferRegisterNetAddress(NTE);
|
|
}
|
|
}
|
|
|
|
//
|
|
// This NTE is no longer available as a source address.
|
|
//
|
|
InvalidateRouteCache();
|
|
|
|
//
|
|
// Disable the loopback route for this address.
|
|
//
|
|
rc = ControlLoopback(IF, &NTE->Address, CONTROL_LOOPBACK_DISABLED);
|
|
ASSERT(rc);
|
|
}
|
|
|
|
NTE->DADState = DAD_STATE_DUPLICATE;
|
|
NTE->DADTimer = 0;
|
|
|
|
if (NTE->AddrConf == ADDR_CONF_ANONYMOUS) {
|
|
NetTableEntry *Public;
|
|
|
|
//
|
|
// Make this address invalid so it will go away.
|
|
// NB: We still have a ref for the NTE via our caller.
|
|
//
|
|
DestroyNTE(IF, NTE);
|
|
|
|
//
|
|
// Should we create a new anonymous address?
|
|
//
|
|
if ((UseAnonymousAddresses != USE_ANON_NO) &&
|
|
((Public = ((AnonNetTableEntry *)NTE)->Public) != NULL) &&
|
|
(Public->PreferredLifetime > AnonRegenerateTime) &&
|
|
(IF->DupAddrDetects < MaxAnonDADAttempts)) {
|
|
|
|
IPv6Addr AnonAddr;
|
|
AnonNetTableEntry *NewNTE;
|
|
uint AnonValidLife;
|
|
uint AnonPreferredLife;
|
|
|
|
//
|
|
// Generate a new anonymous address,
|
|
// forcing the use of a new interface identifier.
|
|
//
|
|
IF->AnonStateAge = 0;
|
|
CreateAnonymousAddress(IF, &NTE->Address, &AnonAddr);
|
|
|
|
AnonValidLife = MIN(Public->ValidLifetime,
|
|
MaxAnonValidLifetime);
|
|
AnonPreferredLife = MIN(Public->PreferredLifetime,
|
|
AnonPreferredLifetime);
|
|
|
|
//
|
|
// Configure the new address.
|
|
//
|
|
NewNTE = (AnonNetTableEntry *)
|
|
CreateNTE(IF, &AnonAddr, ADDR_CONF_ANONYMOUS,
|
|
AnonValidLife, AnonPreferredLife);
|
|
if (NewNTE == NULL) {
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_INTERNAL_ERROR,
|
|
"AddrConfDuplicate: CreateNTE failed\n"));
|
|
}
|
|
else {
|
|
NewNTE->Public = Public;
|
|
NewNTE->CreationTime = IPv6TickCount;
|
|
ReleaseNTE((NetTableEntry *)NewNTE);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
//* AddrConfNotDuplicate
|
|
//
|
|
// Duplicate Address Detection has NOT found
|
|
// a conflict with another node.
|
|
//
|
|
// Called with the interface locked.
|
|
// Callable from thread or DPC context.
|
|
//
|
|
void
|
|
AddrConfNotDuplicate(Interface *IF, NetTableEntry *NTE)
|
|
{
|
|
int rc;
|
|
|
|
//
|
|
// The address has passed Duplicate Address Detection.
|
|
// Transition to a valid state.
|
|
//
|
|
if (! IsValidNTE(NTE)) {
|
|
if (NTE->PreferredLifetime == 0)
|
|
NTE->DADState = DAD_STATE_DEPRECATED;
|
|
else
|
|
NTE->DADState = DAD_STATE_PREFERRED;
|
|
|
|
//
|
|
// This NTE is now available as a source address.
|
|
//
|
|
InvalidateRouteCache();
|
|
|
|
//
|
|
// Enable the loopback route for this address.
|
|
//
|
|
rc = ControlLoopback(IF, &NTE->Address, CONTROL_LOOPBACK_ENABLED);
|
|
ASSERT(rc);
|
|
}
|
|
|
|
//
|
|
// DAD is also triggered through an interface disconnect to connect
|
|
// transition in which case the address is not registered with TDI
|
|
// even if it is in the preferred state. Hence we queue a worker to
|
|
// tell TDI about this address outside the "if (!IsValidNTE)" clause.
|
|
//
|
|
if ((NTE->DADState == DAD_STATE_PREFERRED) &&
|
|
!(IF->Flags & IF_FLAG_MEDIA_DISCONNECTED)) {
|
|
DeferRegisterNetAddress(NTE);
|
|
}
|
|
}
|
|
|
|
//* AddrConfResetAutoConfig
|
|
//
|
|
// Resets the interface's auto-configured address lifetimes.
|
|
//
|
|
// Called with the interface locked.
|
|
// Callable from thread or DPC context.
|
|
//
|
|
void
|
|
AddrConfResetAutoConfig(Interface *IF, uint MaxLifetime)
|
|
{
|
|
NetTableEntry *NTE;
|
|
|
|
for (NTE = (NetTableEntry *) IF->ADE;
|
|
NTE != NULL;
|
|
NTE = (NetTableEntry *) NTE->Next) {
|
|
|
|
//
|
|
// Is this an auto-configured unicast address?
|
|
//
|
|
if ((NTE->Type == ADE_UNICAST) &&
|
|
IsStatelessAutoConfNTE(NTE)) {
|
|
|
|
//
|
|
// Set the valid lifetime to a small value.
|
|
// If we don't get an RA soon, the address will expire.
|
|
//
|
|
if (NTE->ValidLifetime > MaxLifetime)
|
|
NTE->ValidLifetime = MaxLifetime;
|
|
if (NTE->PreferredLifetime > NTE->ValidLifetime)
|
|
NTE->PreferredLifetime = NTE->ValidLifetime;
|
|
}
|
|
}
|
|
}
|
|
|
|
//* ReconnectADEs
|
|
//
|
|
// Callable from thread or DPC context.
|
|
// Called with the interface locked.
|
|
//
|
|
// (Actually, we are at DPC level because we hold the interface lock.)
|
|
//
|
|
void
|
|
ReconnectADEs(Interface *IF)
|
|
{
|
|
AddressEntry *ADE;
|
|
|
|
for (ADE = IF->ADE; ADE != NULL; ADE = ADE->Next) {
|
|
switch (ADE->Type) {
|
|
case ADE_UNICAST: {
|
|
NetTableEntry *NTE = (NetTableEntry *) ADE;
|
|
|
|
if (NTE->DADState != DAD_STATE_INVALID) {
|
|
//
|
|
// Restart Duplicate Address Detection,
|
|
// if it is enabled for this interface.
|
|
//
|
|
AddrConfStartDAD(IF, NTE);
|
|
}
|
|
break;
|
|
}
|
|
|
|
case ADE_ANYCAST:
|
|
//
|
|
// Nothing to do for anycast addresses.
|
|
//
|
|
break;
|
|
|
|
case ADE_MULTICAST: {
|
|
MulticastAddressEntry *MAE = (MulticastAddressEntry *) ADE;
|
|
|
|
//
|
|
// Rejoin this multicast group,
|
|
// if it is reportable.
|
|
//
|
|
KeAcquireSpinLockAtDpcLevel(&QueryListLock);
|
|
if (MAE->MCastFlags & MAE_REPORTABLE) {
|
|
MAE->MCastCount = MLD_NUM_INITIAL_REPORTS;
|
|
if (MAE->MCastTimer == 0)
|
|
AddToQueryList(MAE);
|
|
MAE->MCastTimer = 1;
|
|
}
|
|
KeReleaseSpinLockFromDpcLevel(&QueryListLock);
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
//* DisconnectADEs
|
|
//
|
|
// Callable from thread or DPC context.
|
|
// Called with the interface locked.
|
|
//
|
|
// (Actually, we are at DPC level because we hold the interface lock.)
|
|
//
|
|
void
|
|
DisconnectADEs(Interface *IF)
|
|
{
|
|
AddressEntry *ADE;
|
|
|
|
ASSERT(IF->Flags & IF_FLAG_MEDIA_DISCONNECTED);
|
|
|
|
for (ADE = IF->ADE; ADE != NULL; ADE = ADE->Next) {
|
|
if (ADE->Type == ADE_UNICAST) {
|
|
NetTableEntry *NTE = (NetTableEntry *) ADE;
|
|
|
|
if (NTE->DADState == DAD_STATE_PREFERRED) {
|
|
//
|
|
// Queue worker to tell TDI that this address is going away.
|
|
//
|
|
DeferRegisterNetAddress(NTE);
|
|
}
|
|
}
|
|
|
|
//
|
|
// Nothing to do for anycast or multicast addresses.
|
|
//
|
|
}
|
|
}
|
|
|
|
//* DestroyNTE
|
|
//
|
|
// Make an NTE be invalid, resulting in its eventual destruction.
|
|
//
|
|
// In the DestroyIF case, the NTE has already been removed
|
|
// from the interface. In other situations, that doesn't happen
|
|
// until later, when NetTableCleanup runs.
|
|
//
|
|
// Callable from thread or DPC context.
|
|
// Called with the interface locked.
|
|
//
|
|
// (Actually, we are at DPC level because we hold the interface lock.)
|
|
//
|
|
void
|
|
DestroyNTE(Interface *IF, NetTableEntry *NTE)
|
|
{
|
|
int rc;
|
|
|
|
ASSERT(NTE->IF == IF);
|
|
|
|
if (NTE->DADState != DAD_STATE_INVALID) {
|
|
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_INFO_STATE,
|
|
"DestroyNTE(NTE %p, Addr %s) -> invalid\n",
|
|
NTE, FormatV6Address(&NTE->Address)));
|
|
|
|
if (IsValidNTE(NTE)) {
|
|
if (NTE->DADState == DAD_STATE_PREFERRED) {
|
|
//
|
|
// Queue worker to tell TDI that this address is going away.
|
|
//
|
|
if (!(IF->Flags & IF_FLAG_MEDIA_DISCONNECTED)) {
|
|
DeferRegisterNetAddress(NTE);
|
|
}
|
|
}
|
|
|
|
//
|
|
// This NTE is no longer available as a source address.
|
|
//
|
|
InvalidateRouteCache();
|
|
|
|
//
|
|
// Disable the loopback route for this address.
|
|
//
|
|
rc = ControlLoopback(IF, &NTE->Address, CONTROL_LOOPBACK_DISABLED);
|
|
ASSERT(rc);
|
|
}
|
|
|
|
//
|
|
// Invalidate this address.
|
|
//
|
|
NTE->DADState = DAD_STATE_INVALID;
|
|
NTE->DADTimer = 0;
|
|
|
|
//
|
|
// We have to set its lifetime to zero,
|
|
// or else AddrConfTimeout will attempt
|
|
// to resurrect this address.
|
|
//
|
|
NTE->ValidLifetime = 0;
|
|
NTE->PreferredLifetime = 0;
|
|
|
|
//
|
|
// The corresponding solicited-node address is not needed.
|
|
//
|
|
FindAndReleaseSolicitedNodeMAE(IF, &NTE->Address);
|
|
|
|
if (NTE == IF->LinkLocalNTE) {
|
|
//
|
|
// Unmark it as the primary link-local NTE.
|
|
// GetLinkLocalAddress will update LinkLocalNTE lazily.
|
|
//
|
|
IF->LinkLocalNTE = NULL;
|
|
}
|
|
|
|
//
|
|
// Release the interface's reference for the NTE.
|
|
//
|
|
ReleaseNTE(NTE);
|
|
}
|
|
}
|
|
|
|
|
|
//* EnlivenNTE
|
|
//
|
|
// Make an NTE come alive, transitioning out of DAD_STATE_INVALID.
|
|
//
|
|
// Callable from thread or DPC context.
|
|
// Called with the interface locked.
|
|
//
|
|
void
|
|
EnlivenNTE(Interface *IF, NetTableEntry *NTE)
|
|
{
|
|
ASSERT(NTE->DADState == DAD_STATE_INVALID);
|
|
ASSERT(NTE->ValidLifetime != 0);
|
|
|
|
//
|
|
// The NTE needs a corresponding solicited-node MAE.
|
|
// If this fails, leave the address invalid and
|
|
// try again later.
|
|
//
|
|
if (FindOrCreateSolicitedNodeMAE(IF, &NTE->Address)) {
|
|
//
|
|
// The interface needs a reference for the NTE,
|
|
// because we are enlivening it.
|
|
//
|
|
AddRefNTE(NTE);
|
|
|
|
//
|
|
// Start the address in the tentative state.
|
|
//
|
|
NTE->DADState = DAD_STATE_TENTATIVE;
|
|
|
|
//
|
|
// Start duplicate address detection.
|
|
//
|
|
AddrConfStartDAD(IF, NTE);
|
|
}
|
|
}
|
|
|
|
|
|
//* AddrConfTimeout - Perform valid/preferred lifetime expiration.
|
|
//
|
|
// Called periodically from NetTableTimeout on every NTE.
|
|
// As usual, caller must hold a reference for the NTE.
|
|
//
|
|
// Called with NO locks held.
|
|
// Callable from DPC context, not from thread context.
|
|
//
|
|
void
|
|
AddrConfTimeout(NetTableEntry *NTE)
|
|
{
|
|
Interface *IF = NTE->IF;
|
|
NetTableEntry **PrevNTE;
|
|
int QueueWorker = FALSE;
|
|
NetTableEntry *Public;
|
|
|
|
ASSERT(NTE->Type == ADE_UNICAST);
|
|
|
|
KeAcquireSpinLockAtDpcLevel(&IF->Lock);
|
|
|
|
if (NTE->ValidLifetime == 0) {
|
|
//
|
|
// If the valid lifetime is zero, then the NTE should be invalid.
|
|
//
|
|
DestroyNTE(IF, NTE);
|
|
}
|
|
else {
|
|
//
|
|
// If the valid lifetime is non-zero, then the NTE should be alive.
|
|
//
|
|
if (NTE->DADState == DAD_STATE_INVALID)
|
|
EnlivenNTE(IF, NTE);
|
|
|
|
if (NTE->ValidLifetime != INFINITE_LIFETIME)
|
|
NTE->ValidLifetime--;
|
|
}
|
|
|
|
//
|
|
// Note that AnonRegenerateTime might be zero.
|
|
// In which case it's important to only do this
|
|
// when transitioning from preferred to deprecated,
|
|
// NOT every time the preferred lifetime is zero.
|
|
//
|
|
if ((NTE->AddrConf == ADDR_CONF_ANONYMOUS) &&
|
|
(NTE->DADState == DAD_STATE_PREFERRED) &&
|
|
(NTE->PreferredLifetime == AnonRegenerateTime) &&
|
|
(IF->Flags & IF_FLAG_NEIGHBOR_DISCOVERS) &&
|
|
(UseAnonymousAddresses != USE_ANON_NO) &&
|
|
((Public = ((AnonNetTableEntry *)NTE)->Public) != NULL) &&
|
|
(Public->PreferredLifetime > AnonRegenerateTime)) {
|
|
|
|
IPv6Addr AnonAddr;
|
|
AnonNetTableEntry *NewNTE;
|
|
uint AnonValidLife;
|
|
uint AnonPreferredLife;
|
|
|
|
//
|
|
// We will soon deprecate this anonymous address,
|
|
// so create a new anonymous address.
|
|
//
|
|
|
|
CreateAnonymousAddress(IF, &NTE->Address, &AnonAddr);
|
|
|
|
AnonValidLife = MIN(Public->ValidLifetime,
|
|
MaxAnonValidLifetime);
|
|
AnonPreferredLife = MIN(Public->PreferredLifetime,
|
|
AnonPreferredLifetime);
|
|
|
|
//
|
|
// Configure the new address.
|
|
//
|
|
NewNTE = (AnonNetTableEntry *)
|
|
CreateNTE(IF, &AnonAddr, ADDR_CONF_ANONYMOUS,
|
|
AnonValidLife, AnonPreferredLife);
|
|
if (NewNTE == NULL) {
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_INTERNAL_ERROR,
|
|
"AddrConfTimeout: CreateNTE failed\n"));
|
|
}
|
|
else {
|
|
NewNTE->Public = Public;
|
|
NewNTE->CreationTime = IPv6TickCount;
|
|
ReleaseNTE((NetTableEntry *)NewNTE);
|
|
}
|
|
}
|
|
|
|
//
|
|
// If the preferred lifetime is zero, then the NTE should be deprecated.
|
|
//
|
|
if (NTE->PreferredLifetime == 0) {
|
|
if (NTE->DADState == DAD_STATE_PREFERRED) {
|
|
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_INFO_STATE,
|
|
"AddrConfTimeout(NTE %p, Addr %s) -> deprecated\n",
|
|
NTE, FormatV6Address(&NTE->Address)));
|
|
|
|
//
|
|
// Make this address be deprecated.
|
|
//
|
|
NTE->DADState = DAD_STATE_DEPRECATED;
|
|
if (!(IF->Flags & IF_FLAG_MEDIA_DISCONNECTED)) {
|
|
QueueWorker = TRUE;
|
|
}
|
|
InvalidateRouteCache();
|
|
}
|
|
} else {
|
|
//
|
|
// If the address was deprecated, then it should be preferred.
|
|
// (AddrConfUpdate must have just increased the preferred lifetime.)
|
|
//
|
|
if (NTE->DADState == DAD_STATE_DEPRECATED) {
|
|
NTE->DADState = DAD_STATE_PREFERRED;
|
|
if (!(IF->Flags & IF_FLAG_MEDIA_DISCONNECTED)) {
|
|
QueueWorker = TRUE;
|
|
}
|
|
InvalidateRouteCache();
|
|
}
|
|
|
|
if (NTE->PreferredLifetime != INFINITE_LIFETIME)
|
|
NTE->PreferredLifetime--;
|
|
}
|
|
|
|
if (IsMCastSyncNeeded(IF))
|
|
DeferSynchronizeMulticastAddresses(IF);
|
|
|
|
KeReleaseSpinLockFromDpcLevel(&IF->Lock);
|
|
|
|
if (QueueWorker)
|
|
DeferRegisterNetAddress(NTE);
|
|
}
|
|
|
|
|
|
//* NetTableCleanup
|
|
//
|
|
// Cleans up any NetTableEntries with zero references.
|
|
//
|
|
// Called with NO locks held.
|
|
// Callable from thread or DPC context.
|
|
//
|
|
void
|
|
NetTableCleanup(void)
|
|
{
|
|
NetTableEntry *DestroyList = NULL;
|
|
NetTableEntry *NTE, *NextNTE;
|
|
Interface *IF;
|
|
KIRQL OldIrql;
|
|
int rc;
|
|
|
|
KeAcquireSpinLock(&NetTableListLock, &OldIrql);
|
|
|
|
for (NTE = NetTableList; NTE != NULL; NTE = NextNTE) {
|
|
NextNTE = NTE->NextOnNTL;
|
|
|
|
if (NTE->RefCnt == 0) {
|
|
ASSERT(NTE->DADState == DAD_STATE_INVALID);
|
|
|
|
//
|
|
// We want to destroy this NTE.
|
|
// We have to release the list lock
|
|
// before we can acquire the interface lock,
|
|
// but we need references to hold the NTEs.
|
|
//
|
|
AddRefNTE(NTE);
|
|
if (NextNTE != NULL)
|
|
AddRefNTE(NextNTE);
|
|
KeReleaseSpinLock(&NetTableListLock, OldIrql);
|
|
|
|
IF = NTE->IF;
|
|
KeAcquireSpinLock(&IF->Lock, &OldIrql);
|
|
KeAcquireSpinLockAtDpcLevel(&NetTableListLock);
|
|
|
|
//
|
|
// Now that we have the appropriate locks.
|
|
// Is no one else using this NTE?
|
|
//
|
|
ReleaseNTE(NTE);
|
|
if (NTE->RefCnt == 0) {
|
|
//
|
|
// OK, we will destroy this NTE.
|
|
// First remove from the list.
|
|
//
|
|
RemoveNTEFromNetTableList(NTE);
|
|
|
|
//
|
|
// It is now safe to release the list lock,
|
|
// because the NTE is removed from the list.
|
|
// We continue to hold the interface lock,
|
|
// so nobody can find this NTE via the interface.
|
|
//
|
|
KeReleaseSpinLockFromDpcLevel(&NetTableListLock);
|
|
|
|
//
|
|
// Remove ADEs that reference this address.
|
|
// Note that this also removes from the interface's list,
|
|
// but does not free, the NTE itself.
|
|
// NB: In the case of DestroyIF, the ADEs are already
|
|
// removed from the interface and DestroyADEs does nothing.
|
|
//
|
|
DestroyADEs(IF, NTE);
|
|
|
|
//
|
|
// Release the loopback route.
|
|
//
|
|
rc = ControlLoopback(IF, &NTE->Address,
|
|
CONTROL_LOOPBACK_DESTROY);
|
|
ASSERT(rc);
|
|
|
|
KeReleaseSpinLock(&IF->Lock, OldIrql);
|
|
|
|
//
|
|
// Put this NTE on the destroy list.
|
|
//
|
|
NTE->NextOnNTL = DestroyList;
|
|
DestroyList = NTE;
|
|
|
|
KeAcquireSpinLock(&NetTableListLock, &OldIrql);
|
|
}
|
|
else { // if (NTE->RefCnt != 0)
|
|
//
|
|
// We will not be destroying this NTE after all.
|
|
// Release the interface lock but keep the list lock.
|
|
//
|
|
KeReleaseSpinLockFromDpcLevel(&IF->Lock);
|
|
}
|
|
|
|
//
|
|
// At this point, we have the list lock again
|
|
// so we can release our reference for NextNTE.
|
|
//
|
|
if (NextNTE != NULL)
|
|
ReleaseNTE(NextNTE);
|
|
}
|
|
}
|
|
|
|
KeReleaseSpinLock(&NetTableListLock, OldIrql);
|
|
|
|
while (DestroyList != NULL) {
|
|
NTE = DestroyList;
|
|
DestroyList = NTE->NextOnNTL;
|
|
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_INFO_STATE,
|
|
"NetTableCleanup(NTE %p, Addr %s) -> destroyed\n",
|
|
NTE, FormatV6Address(&NTE->Address)));
|
|
|
|
ReleaseIF(NTE->IF);
|
|
ExFreePool(NTE);
|
|
}
|
|
}
|
|
|
|
|
|
//* NetTableTimeout
|
|
//
|
|
// Called periodically from IPv6Timeout.
|
|
//
|
|
// Called with NO locks held.
|
|
// Callable from DPC context, not from thread context.
|
|
//
|
|
void
|
|
NetTableTimeout(void)
|
|
{
|
|
NetTableEntry *NTE;
|
|
int SawZeroReferences = FALSE;
|
|
|
|
//
|
|
// Because new NTEs are only added at the head of the list,
|
|
// we can unlock the list during our traversal
|
|
// and know that the traversal will terminate properly.
|
|
//
|
|
|
|
KeAcquireSpinLockAtDpcLevel(&NetTableListLock);
|
|
for (NTE = NetTableList; NTE != NULL; NTE = NTE->NextOnNTL) {
|
|
AddRefNTE(NTE);
|
|
KeReleaseSpinLockFromDpcLevel(&NetTableListLock);
|
|
|
|
//
|
|
// Check for Duplicate Address Detection timeout.
|
|
// The timer check here is only an optimization,
|
|
// because it is made without holding the appropriate lock.
|
|
//
|
|
if (NTE->DADTimer != 0)
|
|
DADTimeout(NTE);
|
|
|
|
//
|
|
// Perform lifetime expiration.
|
|
//
|
|
AddrConfTimeout(NTE);
|
|
|
|
KeAcquireSpinLockAtDpcLevel(&NetTableListLock);
|
|
ReleaseNTE(NTE);
|
|
|
|
//
|
|
// We assume that loads of RefCnt are atomic.
|
|
//
|
|
if (NTE->RefCnt == 0)
|
|
SawZeroReferences = TRUE;
|
|
}
|
|
KeReleaseSpinLockFromDpcLevel(&NetTableListLock);
|
|
|
|
if (SawZeroReferences)
|
|
NetTableCleanup();
|
|
}
|
|
|
|
|
|
//* InterfaceCleanup
|
|
//
|
|
// Cleans up any Interfaces with zero references.
|
|
//
|
|
// Called with NO locks held.
|
|
// Callable from thread or DPC context.
|
|
//
|
|
void
|
|
InterfaceCleanup(void)
|
|
{
|
|
Interface *DestroyList = NULL;
|
|
Interface *IF, **PrevIF;
|
|
KIRQL OldIrql;
|
|
|
|
KeAcquireSpinLock(&IFListLock, &OldIrql);
|
|
|
|
PrevIF = &IFList;
|
|
while ((IF = *PrevIF) != NULL) {
|
|
|
|
if (IF->RefCnt == 0) {
|
|
|
|
ASSERT(IsDisabledIF(IF));
|
|
*PrevIF = IF->Next;
|
|
IF->Next = DestroyList;
|
|
DestroyList = IF;
|
|
IPSInfo.ipsi_numif--;
|
|
|
|
} else {
|
|
PrevIF = &IF->Next;
|
|
}
|
|
}
|
|
|
|
KeReleaseSpinLock(&IFListLock, OldIrql);
|
|
|
|
while (DestroyList != NULL) {
|
|
IF = DestroyList;
|
|
DestroyList = IF->Next;
|
|
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_INFO_STATE,
|
|
"InterfaceCleanup(IF %u/%p) -> destroyed\n",
|
|
IF->Index, IF));
|
|
|
|
//
|
|
// ADEs should already be destroyed.
|
|
// We just need to cleanup NCEs and free the interface.
|
|
//
|
|
ASSERT(IF->ADE == NULL);
|
|
NeighborCacheDestroy(IF);
|
|
if (IF->MCastAddresses != NULL)
|
|
ExFreePool(IF->MCastAddresses);
|
|
DeferDeregisterInterface(IF);
|
|
}
|
|
}
|
|
|
|
|
|
//* InterfaceTimeout
|
|
//
|
|
// Called periodically from IPv6Timeout.
|
|
//
|
|
// Called with NO locks held.
|
|
// Callable from DPC context, not from thread context.
|
|
//
|
|
void
|
|
InterfaceTimeout(void)
|
|
{
|
|
static uint RecalcReachableTimer = 0;
|
|
int RecalcReachable;
|
|
int ForceRAs;
|
|
Interface *IF;
|
|
int SawZeroReferences = FALSE;
|
|
|
|
//
|
|
// Recalculate ReachableTime every few hours,
|
|
// even if no Router Advertisements are received.
|
|
//
|
|
if (RecalcReachableTimer == 0) {
|
|
RecalcReachable = TRUE;
|
|
RecalcReachableTimer = RECALC_REACHABLE_INTERVAL;
|
|
} else {
|
|
RecalcReachable = FALSE;
|
|
RecalcReachableTimer--;
|
|
}
|
|
|
|
//
|
|
// Grab the value of ForceRouterAdvertisements.
|
|
//
|
|
ForceRAs = InterlockedExchange(&ForceRouterAdvertisements, FALSE);
|
|
|
|
//
|
|
// Because new interfaces are only added at the head of the list,
|
|
// we can unlock the list during our traversal
|
|
// and know that the traversal will terminate properly.
|
|
//
|
|
|
|
KeAcquireSpinLockAtDpcLevel(&IFListLock);
|
|
for (IF = IFList; IF != NULL; IF = IF->Next) {
|
|
//
|
|
// We should not do any processing on an interface
|
|
// that has zero references. As an even stronger condition,
|
|
// we avoid doing any timeout processing if the interface
|
|
// is being destroyed. Of course, the interface might be
|
|
// destroyed after we drop the interface list lock.
|
|
//
|
|
if (! IsDisabledIF(IF)) {
|
|
AddRefIF(IF);
|
|
KeReleaseSpinLockFromDpcLevel(&IFListLock);
|
|
|
|
//
|
|
// Handle per-neighbor timeouts.
|
|
//
|
|
NeighborCacheTimeout(IF);
|
|
|
|
//
|
|
// Handle router solicitations.
|
|
// The timer check here is only an optimization,
|
|
// because it is made without holding the appropriate lock.
|
|
//
|
|
if (IF->RSTimer != 0)
|
|
RouterSolicitTimeout(IF);
|
|
|
|
//
|
|
// Handle router advertisements.
|
|
// The timer check here is only an optimization,
|
|
// because it is made without holding the appropriate lock.
|
|
//
|
|
if (IF->RATimer != 0)
|
|
RouterAdvertTimeout(IF, ForceRAs);
|
|
|
|
//
|
|
// Recalculate the reachable time.
|
|
//
|
|
if (RecalcReachable) {
|
|
|
|
KeAcquireSpinLockAtDpcLevel(&IF->Lock);
|
|
IF->ReachableTime = CalcReachableTime(IF->BaseReachableTime);
|
|
KeReleaseSpinLockFromDpcLevel(&IF->Lock);
|
|
}
|
|
|
|
KeAcquireSpinLockAtDpcLevel(&IFListLock);
|
|
ReleaseIF(IF);
|
|
}
|
|
|
|
//
|
|
// We assume that loads of RefCnt are atomic.
|
|
//
|
|
if (IF->RefCnt == 0)
|
|
SawZeroReferences = TRUE;
|
|
}
|
|
KeReleaseSpinLockFromDpcLevel(&IFListLock);
|
|
|
|
if (SawZeroReferences)
|
|
InterfaceCleanup();
|
|
}
|
|
|
|
|
|
//* InterfaceStartAdvertising
|
|
//
|
|
// If the interface is not currently advertising,
|
|
// makes it start advertising.
|
|
//
|
|
// Called with the interface locked.
|
|
// Caller must check whether the interface is disabled.
|
|
//
|
|
NTSTATUS
|
|
InterfaceStartAdvertising(Interface *IF)
|
|
{
|
|
ASSERT(! IsDisabledIF(IF));
|
|
ASSERT(IF->Flags & IF_FLAG_ROUTER_DISCOVERS);
|
|
|
|
if (!(IF->Flags & IF_FLAG_ADVERTISES)) {
|
|
//
|
|
// Join the all-routers multicast groups.
|
|
//
|
|
if (! JoinGroupAtAllScopes(IF, &AllRoutersOnLinkAddr,
|
|
ADE_SITE_LOCAL))
|
|
return STATUS_INSUFFICIENT_RESOURCES;
|
|
|
|
//
|
|
// A non-advertising interface is now advertising.
|
|
//
|
|
IF->Flags |= IF_FLAG_ADVERTISES;
|
|
|
|
//
|
|
// The reconnecting state is not useful
|
|
// for advertising interfaces because
|
|
// the interface will not receive RAs.
|
|
//
|
|
IF->Flags &= ~IF_FLAG_MEDIA_RECONNECTED;
|
|
|
|
//
|
|
// Remove addresses & routes that were auto-configured
|
|
// from Router Advertisements. Advertising interfaces
|
|
// must be manually configured. Better to remove it
|
|
// now than let it time-out at some random time.
|
|
//
|
|
AddrConfResetAutoConfig(IF, 0);
|
|
RouteTableResetAutoConfig(IF, 0);
|
|
InterfaceResetAutoConfig(IF);
|
|
|
|
//
|
|
// Start sending Router Advertisements.
|
|
//
|
|
IF->RATimer = 1; // Send first RA very quickly.
|
|
IF->RACount = MAX_INITIAL_RTR_ADVERTISEMENTS;
|
|
|
|
//
|
|
// Stop sending Router Solicitations.
|
|
//
|
|
IF->RSTimer = 0;
|
|
}
|
|
|
|
return STATUS_SUCCESS;
|
|
}
|
|
|
|
|
|
//* InterfaceStopAdvertising
|
|
//
|
|
// If the interface is currently advertising,
|
|
// stops the advertising behavior.
|
|
//
|
|
// Called with the interface locked.
|
|
// Caller must check whether the interface is disabled.
|
|
//
|
|
void
|
|
InterfaceStopAdvertising(Interface *IF)
|
|
{
|
|
ASSERT(! IsDisabledIF(IF));
|
|
|
|
if (IF->Flags & IF_FLAG_ADVERTISES) {
|
|
//
|
|
// Leave the all-routers multicast group.
|
|
//
|
|
LeaveGroupAtAllScopes(IF, &AllRoutersOnLinkAddr,
|
|
ADE_SITE_LOCAL);
|
|
|
|
//
|
|
// Stop sending Router Advertisements.
|
|
//
|
|
IF->Flags &= ~IF_FLAG_ADVERTISES;
|
|
IF->RATimer = 0;
|
|
|
|
//
|
|
// Remove addresses that were auto-configured
|
|
// from our own Router Advertisements.
|
|
// We will pick up new address lifetimes
|
|
// from other router's Advertisements.
|
|
// If some other router is not advertising
|
|
// the prefixes that this router was advertising,
|
|
// better to remove the addresses now than
|
|
// let them time-out at some random time.
|
|
//
|
|
AddrConfResetAutoConfig(IF, 0);
|
|
|
|
//
|
|
// There shouldn't be any auto-configured routes,
|
|
// but RouteTableResetAutoConfig also handles site prefixes.
|
|
//
|
|
RouteTableResetAutoConfig(IF, 0);
|
|
|
|
//
|
|
// Restore interface parameters.
|
|
//
|
|
InterfaceResetAutoConfig(IF);
|
|
|
|
//
|
|
// Send Router Solicitations again.
|
|
//
|
|
IF->RSCount = 0;
|
|
IF->RSTimer = 1;
|
|
}
|
|
}
|
|
|
|
|
|
//* InterfaceStartForwarding
|
|
//
|
|
// If the interface is not currently forwarding,
|
|
// makes it start forwarding.
|
|
//
|
|
// Called with the interface locked.
|
|
//
|
|
void
|
|
InterfaceStartForwarding(Interface *IF)
|
|
{
|
|
if (!(IF->Flags & IF_FLAG_FORWARDS)) {
|
|
//
|
|
// Any change in forwarding behavior requires InvalidRouteCache
|
|
// because FindNextHop uses IF_FLAG_FORWARDS. Also force the next RA
|
|
// for all advertising interfaces to be sent quickly,
|
|
// because their content might depend on forwarding behavior.
|
|
//
|
|
IF->Flags |= IF_FLAG_FORWARDS;
|
|
InterlockedIncrement(&NumForwardingInterfaces);
|
|
InvalidateRouteCache();
|
|
ForceRouterAdvertisements = TRUE;
|
|
}
|
|
}
|
|
|
|
|
|
//* InterfaceStopForwarding
|
|
//
|
|
// If the interface is currently forwarding,
|
|
// stops the forwarding behavior.
|
|
//
|
|
// Called with the interface locked.
|
|
//
|
|
void
|
|
InterfaceStopForwarding(Interface *IF)
|
|
{
|
|
if (IF->Flags & IF_FLAG_FORWARDS) {
|
|
//
|
|
// Any change in forwarding behavior requires InvalidRouteCache
|
|
// because FindNextHop uses IF_FLAG_FORWARDS. Also force the next RA
|
|
// for all advertising interfaces to be sent quickly,
|
|
// because their content might depend on forwarding behavior.
|
|
//
|
|
IF->Flags &= ~IF_FLAG_FORWARDS;
|
|
InterlockedDecrement(&NumForwardingInterfaces);
|
|
InvalidateRouteCache();
|
|
ForceRouterAdvertisements = TRUE;
|
|
}
|
|
}
|
|
|
|
|
|
//* AddrConfResetManualConfig
|
|
//
|
|
// Removes manually-configured addresses from the interface.
|
|
//
|
|
// Called with the interface already locked.
|
|
//
|
|
void
|
|
AddrConfResetManualConfig(Interface *IF)
|
|
{
|
|
AddressEntry *AnycastList = NULL;
|
|
AddressEntry *ADE, **PrevADE;
|
|
|
|
//
|
|
// We have to be careful about how we destroy addresses,
|
|
// because FindAndReleaseSolicitedNodeMAE will mess up our traversal.
|
|
//
|
|
PrevADE = &IF->ADE;
|
|
while ((ADE = *PrevADE) != NULL) {
|
|
//
|
|
// Is this a manually configured address?
|
|
//
|
|
switch (ADE->Type) {
|
|
case ADE_UNICAST: {
|
|
NetTableEntry *NTE = (NetTableEntry *) ADE;
|
|
|
|
if (NTE->AddrConf == ADDR_CONF_MANUAL) {
|
|
//
|
|
// Let NetTableTimeout destroy the address.
|
|
//
|
|
NTE->ValidLifetime = 0;
|
|
NTE->PreferredLifetime = 0;
|
|
}
|
|
break;
|
|
}
|
|
|
|
case ADE_ANYCAST:
|
|
//
|
|
// Most anycast addresses are manually configured.
|
|
// Subnet anycast addresses are the only exception.
|
|
// They are also the only anycast addresses
|
|
// which point to an NTE instead of the interface.
|
|
//
|
|
if (ADE->IF == IF) {
|
|
//
|
|
// Remove the ADE from the interface list.
|
|
//
|
|
*PrevADE = ADE->Next;
|
|
|
|
//
|
|
// Put the ADE on our temporary list.
|
|
//
|
|
ADE->Next = AnycastList;
|
|
AnycastList = ADE;
|
|
continue;
|
|
}
|
|
break;
|
|
}
|
|
|
|
PrevADE = &ADE->Next;
|
|
}
|
|
|
|
//
|
|
// Now we can safely process the anycast ADEs.
|
|
//
|
|
while ((ADE = AnycastList) != NULL) {
|
|
AnycastList = ADE->Next;
|
|
DeleteAAE(IF, (AnycastAddressEntry *)ADE);
|
|
}
|
|
}
|
|
|
|
|
|
//* InterfaceResetAutoConfig
|
|
//
|
|
// Resets interface parameters that are auto-configured
|
|
// from Router Advertisements.
|
|
//
|
|
// Called with the interface already locked.
|
|
//
|
|
void
|
|
InterfaceResetAutoConfig(Interface *IF)
|
|
{
|
|
IF->LinkMTU = IF->DefaultLinkMTU;
|
|
if (IF->BaseReachableTime != REACHABLE_TIME) {
|
|
IF->BaseReachableTime = REACHABLE_TIME;
|
|
IF->ReachableTime = CalcReachableTime(IF->BaseReachableTime);
|
|
}
|
|
IF->RetransTimer = RETRANS_TIMER;
|
|
IF->CurHopLimit = DefaultCurHopLimit;
|
|
}
|
|
|
|
|
|
//* InterfaceResetManualConfig
|
|
//
|
|
// Resets the manual configuration of the interface.
|
|
// Does not remove manual routes on the interface.
|
|
//
|
|
// Called with ZoneUpdateLock held.
|
|
//
|
|
void
|
|
InterfaceResetManualConfig(Interface *IF)
|
|
{
|
|
KeAcquireSpinLockAtDpcLevel(&IF->Lock);
|
|
if (! IsDisabledIF(IF)) {
|
|
//
|
|
// Reset manually-configured interface parameters.
|
|
//
|
|
IF->LinkMTU = IF->DefaultLinkMTU;
|
|
IF->Preference = IF->DefaultPreference;
|
|
if (IF->BaseReachableTime != REACHABLE_TIME) {
|
|
IF->BaseReachableTime = REACHABLE_TIME;
|
|
IF->ReachableTime = CalcReachableTime(IF->BaseReachableTime);
|
|
}
|
|
IF->RetransTimer = RETRANS_TIMER;
|
|
IF->DupAddrDetectTransmits = IF->DefaultDupAddrDetectTransmits;
|
|
IF->CurHopLimit = DefaultCurHopLimit;
|
|
|
|
//
|
|
// ZoneUpdateLock is held by our caller.
|
|
//
|
|
InitZoneIndices(IF);
|
|
|
|
//
|
|
// Remove manually-configured addresses.
|
|
//
|
|
AddrConfResetManualConfig(IF);
|
|
|
|
//
|
|
// Stop advertising and forwarding,
|
|
// if either of those behaviors are enabled.
|
|
//
|
|
InterfaceStopAdvertising(IF);
|
|
InterfaceStopForwarding(IF);
|
|
}
|
|
KeReleaseSpinLockFromDpcLevel(&IF->Lock);
|
|
}
|
|
|
|
|
|
//* InterfaceReset
|
|
//
|
|
// Resets manual configuration for all interfaces.
|
|
// Tunnel interfaces are destroyed.
|
|
// Other interfaces have their attributes reset to default values.
|
|
// Manually-configured addresses are removed.
|
|
//
|
|
// The end result should be the same as if the machine
|
|
// had just booted without any persistent configuration.
|
|
//
|
|
// Called with no locks held.
|
|
//
|
|
void
|
|
InterfaceReset(void)
|
|
{
|
|
Interface *IF;
|
|
KIRQL OldIrql;
|
|
|
|
//
|
|
// Because new interfaces are only added at the head of the list,
|
|
// we can unlock the list during our traversals
|
|
// and know that the traversal will terminate properly.
|
|
//
|
|
|
|
//
|
|
// First destroy any manually configured tunnel interfaces.
|
|
//
|
|
KeAcquireSpinLock(&IFListLock, &OldIrql);
|
|
for (IF = IFList; IF != NULL; IF = IF->Next) {
|
|
//
|
|
// We should not do any processing (even just AddRefIF) on an interface
|
|
// that has zero references. As an even stronger condition,
|
|
// we avoid doing any processing if the interface
|
|
// is being destroyed. Of course, the interface might be
|
|
// destroyed after we drop the interface list lock.
|
|
//
|
|
if (! IsDisabledIF(IF)) {
|
|
AddRefIF(IF);
|
|
KeReleaseSpinLock(&IFListLock, OldIrql);
|
|
|
|
if ((IF->Type == IF_TYPE_TUNNEL_6OVER4) ||
|
|
(IF->Type == IF_TYPE_TUNNEL_V6V4)) {
|
|
//
|
|
// Destroy the tunnel interface.
|
|
//
|
|
DestroyIF(IF);
|
|
}
|
|
|
|
KeAcquireSpinLock(&IFListLock, &OldIrql);
|
|
ReleaseIF(IF);
|
|
}
|
|
}
|
|
KeReleaseSpinLock(&IFListLock, OldIrql);
|
|
|
|
//
|
|
// Now reset the remaining interfaces,
|
|
// while holding ZoneUpdateLock so
|
|
// InterfaceResetManualConfig can reset
|
|
// the zone indices consistently across the interfaces.
|
|
//
|
|
KeAcquireSpinLock(&ZoneUpdateLock, &OldIrql);
|
|
KeAcquireSpinLockAtDpcLevel(&IFListLock);
|
|
for (IF = IFList; IF != NULL; IF = IF->Next) {
|
|
if (! IsDisabledIF(IF)) {
|
|
AddRefIF(IF);
|
|
KeReleaseSpinLockFromDpcLevel(&IFListLock);
|
|
|
|
//
|
|
// Reset the interface.
|
|
//
|
|
InterfaceResetManualConfig(IF);
|
|
|
|
KeAcquireSpinLockAtDpcLevel(&IFListLock);
|
|
ReleaseIF(IF);
|
|
}
|
|
}
|
|
KeReleaseSpinLockFromDpcLevel(&IFListLock);
|
|
KeReleaseSpinLock(&ZoneUpdateLock, OldIrql);
|
|
}
|
|
|
|
|
|
//* UpdateInterface
|
|
//
|
|
// Allows the forwarding & advertising attributes
|
|
// of an interface to be changed.
|
|
//
|
|
// Called with no locks held.
|
|
//
|
|
// Return codes:
|
|
// STATUS_INVALID_PARAMETER_1 Bad Interface.
|
|
// STATUS_INSUFFICIENT_RESOURCES
|
|
// STATUS_SUCCESS
|
|
//
|
|
NTSTATUS
|
|
UpdateInterface(
|
|
Interface *IF,
|
|
int Advertises,
|
|
int Forwards)
|
|
{
|
|
KIRQL OldIrql;
|
|
NTSTATUS Status = STATUS_SUCCESS;
|
|
|
|
KeAcquireSpinLock(&IF->Lock, &OldIrql);
|
|
if (IsDisabledIF(IF)) {
|
|
//
|
|
// Do not update an interface that is being destroyed.
|
|
//
|
|
Status = STATUS_INVALID_PARAMETER_1;
|
|
}
|
|
else if (Advertises == -1) {
|
|
//
|
|
// Do not change the Advertises attribute.
|
|
//
|
|
}
|
|
else if (!(IF->Flags & IF_FLAG_ROUTER_DISCOVERS)) {
|
|
//
|
|
// The Advertises attribute can only be controlled
|
|
// on interfaces that support Neighbor Discovery.
|
|
//
|
|
Status = STATUS_INVALID_PARAMETER_1;
|
|
}
|
|
else {
|
|
//
|
|
// Control the advertising behavior of the interface.
|
|
//
|
|
if (Advertises) {
|
|
//
|
|
// Become an advertising interfacing,
|
|
// if it is not already.
|
|
//
|
|
Status = InterfaceStartAdvertising(IF);
|
|
}
|
|
else {
|
|
//
|
|
// Stop being an advertising interface,
|
|
// if it is currently advertising.
|
|
//
|
|
InterfaceStopAdvertising(IF);
|
|
}
|
|
}
|
|
|
|
//
|
|
// Control the forwarding behavior, if we haven't had an error.
|
|
//
|
|
if ((Status == STATUS_SUCCESS) && (Forwards != -1)) {
|
|
if (Forwards) {
|
|
//
|
|
// If the interface is not currently forwarding,
|
|
// enable forwarding.
|
|
//
|
|
InterfaceStartForwarding(IF);
|
|
}
|
|
else {
|
|
//
|
|
// If the interface is currently forwarding,
|
|
// disable forwarding.
|
|
//
|
|
InterfaceStopForwarding(IF);
|
|
}
|
|
}
|
|
|
|
if (IsMCastSyncNeeded(IF))
|
|
DeferSynchronizeMulticastAddresses(IF);
|
|
|
|
KeReleaseSpinLock(&IF->Lock, OldIrql);
|
|
|
|
return Status;
|
|
}
|
|
|
|
//* ReconnectInterface
|
|
//
|
|
// Reconnect the interface. Called when a media connect notification
|
|
// is received (SetInterfaceLinkStatus) or when processing a renew
|
|
// request by IOCTL_IPV6_UPDATE_INTERFACE (IoctlUpdateInterface).
|
|
//
|
|
// Called with the interface already locked.
|
|
//
|
|
void
|
|
ReconnectInterface(
|
|
Interface *IF)
|
|
{
|
|
ASSERT(!IsDisabledIF(IF) && !(IF->Flags & IF_FLAG_MEDIA_DISCONNECTED));
|
|
|
|
//
|
|
// Purge potentially obsolete link-layer information.
|
|
// Things might have changed while we were unplugged.
|
|
//
|
|
NeighborCacheFlush(IF, NULL);
|
|
|
|
//
|
|
// Rejoin multicast groups and restart Duplicate Address Detection.
|
|
//
|
|
// Preferred unicast addresses are registered with TDI when
|
|
// duplicate address detection completes (or is disabled).
|
|
//
|
|
ReconnectADEs(IF);
|
|
|
|
if (IF->Flags & IF_FLAG_ROUTER_DISCOVERS) {
|
|
if (IF->Flags & IF_FLAG_ADVERTISES) {
|
|
//
|
|
// Send a Router Advertisement very soon.
|
|
//
|
|
IF->RATimer = 1;
|
|
}
|
|
else {
|
|
//
|
|
// Start sending Router Solicitations.
|
|
//
|
|
IF->RSCount = 0;
|
|
IF->RSTimer = 1;
|
|
|
|
//
|
|
// Remember that this interface was just reconnected,
|
|
// so when we receive a Router Advertisement
|
|
// we can take special action.
|
|
//
|
|
IF->Flags |= IF_FLAG_MEDIA_RECONNECTED;
|
|
}
|
|
}
|
|
|
|
//
|
|
// We might have moved to a new link.
|
|
// Force the generation of a new anonymous interface identifier.
|
|
// This only really makes a difference if we generate
|
|
// new addresses on this link - if it's the same link then
|
|
// we continue to use our old addresses, both public & anonymous.
|
|
//
|
|
IF->AnonStateAge = 0;
|
|
}
|
|
|
|
|
|
//* DisconnectInterface
|
|
//
|
|
// Disconnect the interface. Called when a media disconnect
|
|
// notification is received (SetInterfaceLinkStatus) for a connected
|
|
// interface.
|
|
//
|
|
// Called with the interface already locked.
|
|
//
|
|
void
|
|
DisconnectInterface(
|
|
Interface *IF)
|
|
{
|
|
ASSERT(!IsDisabledIF(IF) && (IF->Flags & IF_FLAG_MEDIA_DISCONNECTED));
|
|
|
|
//
|
|
// Deregister any preferred unicast addresses from TDI.
|
|
//
|
|
DisconnectADEs(IF);
|
|
}
|
|
|
|
|
|
//* SetInterfaceLinkStatus
|
|
//
|
|
// Change the interface's link status. In particular,
|
|
// set whether the media is connected or disconnected.
|
|
//
|
|
// May be called when the interface has zero references
|
|
// and is already being destroyed.
|
|
//
|
|
void
|
|
SetInterfaceLinkStatus(
|
|
void *Context,
|
|
int MediaConnected) // TRUE or FALSE.
|
|
{
|
|
Interface *IF = (Interface *) Context;
|
|
KIRQL OldIrql;
|
|
|
|
//
|
|
// Note that media-connect/disconnect events
|
|
// can be "lost". We are not informed if the
|
|
// cable is unplugged/replugged while we are
|
|
// shutdown, hibernating, or on standby.
|
|
//
|
|
|
|
KdPrintEx((DPFLTR_TCPIP6_ID, DPFLTR_INFO_STATE,
|
|
"SetInterfaceLinkStatus(IF %p) -> %s\n",
|
|
IF, MediaConnected ? "connected" : "disconnected"));
|
|
|
|
KeAcquireSpinLock(&IF->Lock, &OldIrql);
|
|
|
|
if (! IsDisabledIF(IF)) {
|
|
if (MediaConnected) {
|
|
if (IF->Flags & IF_FLAG_MEDIA_DISCONNECTED) {
|
|
//
|
|
// The cable was plugged back in.
|
|
//
|
|
IF->Flags &= ~IF_FLAG_MEDIA_DISCONNECTED;
|
|
|
|
//
|
|
// Changes in IF_FLAG_MEDIA_DISCONNECTED must
|
|
// invalidate the route cache.
|
|
//
|
|
InvalidateRouteCache();
|
|
}
|
|
|
|
//
|
|
// A connect event implies a change in the interface state
|
|
// regardless of whether the interface is already connected.
|
|
// Hence we process it outside the 'if' clause.
|
|
//
|
|
ReconnectInterface(IF);
|
|
}
|
|
else {
|
|
if (!(IF->Flags & IF_FLAG_MEDIA_DISCONNECTED)) {
|
|
//
|
|
// The cable was unplugged.
|
|
//
|
|
IF->Flags = (IF->Flags | IF_FLAG_MEDIA_DISCONNECTED) &~
|
|
IF_FLAG_MEDIA_RECONNECTED;
|
|
|
|
//
|
|
// Changes in IF_FLAG_MEDIA_DISCONNECTED must
|
|
// invalidate the route cache.
|
|
//
|
|
InvalidateRouteCache();
|
|
|
|
//
|
|
// A disconnect event implies a change in the interface
|
|
// state only if the interface is already connected.
|
|
// Hence we process it inside the 'if' clause.
|
|
//
|
|
DisconnectInterface(IF);
|
|
}
|
|
}
|
|
}
|
|
|
|
KeReleaseSpinLock(&IF->Lock, OldIrql);
|
|
}
|
|
|
|
|