1/*
2 * Copyright (c) 2000-2016 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28/*
29 * Copyright (c) 1982, 1986, 1991, 1993
30 * The Regents of the University of California. All rights reserved.
31 *
32 * Redistribution and use in source and binary forms, with or without
33 * modification, are permitted provided that the following conditions
34 * are met:
35 * 1. Redistributions of source code must retain the above copyright
36 * notice, this list of conditions and the following disclaimer.
37 * 2. Redistributions in binary form must reproduce the above copyright
38 * notice, this list of conditions and the following disclaimer in the
39 * documentation and/or other materials provided with the distribution.
40 * 3. All advertising materials mentioning features or use of this software
41 * must display the following acknowledgement:
42 * This product includes software developed by the University of
43 * California, Berkeley and its contributors.
44 * 4. Neither the name of the University nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
47 *
48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
58 * SUCH DAMAGE.
59 *
60 * @(#)in.c 8.4 (Berkeley) 1/9/95
61 */
62
63#include <sys/param.h>
64#include <sys/systm.h>
65#include <sys/sockio.h>
66#include <sys/socketvar.h>
67#include <sys/malloc.h>
68#include <sys/proc.h>
69#include <sys/socket.h>
70#include <sys/kernel.h>
71#include <sys/sysctl.h>
72#include <sys/kern_event.h>
73#include <sys/syslog.h>
74#include <sys/mcache.h>
75#include <sys/protosw.h>
76#include <sys/file.h>
77
78#include <kern/zalloc.h>
79#include <pexpert/pexpert.h>
80
81#include <net/if.h>
82#include <net/if_types.h>
83#include <net/route.h>
84#include <net/kpi_protocol.h>
85#include <net/dlil.h>
86#include <net/if_llatbl.h>
87#include <net/if_arp.h>
88#if PF
89#include <net/pfvar.h>
90#endif /* PF */
91
92#include <netinet/in.h>
93#include <netinet/in_var.h>
94#include <netinet/in_pcb.h>
95#include <netinet/igmp_var.h>
96#include <netinet/ip_var.h>
97#include <netinet/tcp.h>
98#include <netinet/tcp_timer.h>
99#include <netinet/tcp_var.h>
100#include <netinet/if_ether.h>
101
102static int inctl_associd(struct socket *, u_long, caddr_t);
103static int inctl_connid(struct socket *, u_long, caddr_t);
104static int inctl_conninfo(struct socket *, u_long, caddr_t);
105static int inctl_autoaddr(struct ifnet *, struct ifreq *);
106static int inctl_arpipll(struct ifnet *, struct ifreq *);
107static int inctl_setrouter(struct ifnet *, struct ifreq *);
108static int inctl_ifaddr(struct ifnet *, struct in_ifaddr *, u_long,
109 struct ifreq *);
110static int inctl_ifdstaddr(struct ifnet *, struct in_ifaddr *, u_long,
111 struct ifreq *);
112static int inctl_ifbrdaddr(struct ifnet *, struct in_ifaddr *, u_long,
113 struct ifreq *);
114static int inctl_ifnetmask(struct ifnet *, struct in_ifaddr *, u_long,
115 struct ifreq *);
116
117static void in_socktrim(struct sockaddr_in *);
118static int in_ifinit(struct ifnet *, struct in_ifaddr *,
119 struct sockaddr_in *, int);
120
121#define IA_HASH_INIT(ia) { \
122 (ia)->ia_hash.tqe_next = (void *)(uintptr_t)-1; \
123 (ia)->ia_hash.tqe_prev = (void *)(uintptr_t)-1; \
124}
125
126#define IA_IS_HASHED(ia) \
127 (!((ia)->ia_hash.tqe_next == (void *)(uintptr_t)-1 || \
128 (ia)->ia_hash.tqe_prev == (void *)(uintptr_t)-1))
129
130static void in_iahash_remove(struct in_ifaddr *);
131static void in_iahash_insert(struct in_ifaddr *);
132static void in_iahash_insert_ptp(struct in_ifaddr *);
133static struct in_ifaddr *in_ifaddr_alloc(int);
134static void in_ifaddr_attached(struct ifaddr *);
135static void in_ifaddr_detached(struct ifaddr *);
136static void in_ifaddr_free(struct ifaddr *);
137static void in_ifaddr_trace(struct ifaddr *, int);
138
139static int in_getassocids(struct socket *, uint32_t *, user_addr_t);
140static int in_getconnids(struct socket *, sae_associd_t, uint32_t *, user_addr_t);
141
142/* IPv4 Layer 2 neighbor cache management routines */
143static void in_lltable_destroy_lle_unlocked(struct llentry *lle);
144static void in_lltable_destroy_lle(struct llentry *lle);
145static struct llentry *in_lltable_new(struct in_addr addr4, u_int flags);
146static int in_lltable_match_prefix(const struct sockaddr *saddr,
147 const struct sockaddr *smask, u_int flags, struct llentry *lle);
148static void in_lltable_free_entry(struct lltable *llt, struct llentry *lle);
149static int in_lltable_rtcheck(struct ifnet *ifp, u_int flags, const struct sockaddr *l3addr);
150static inline uint32_t in_lltable_hash_dst(const struct in_addr dst, uint32_t hsize);
151static uint32_t in_lltable_hash(const struct llentry *lle, uint32_t hsize);
152static void in_lltable_fill_sa_entry(const struct llentry *lle, struct sockaddr *sa);
153static inline struct llentry * in_lltable_find_dst(struct lltable *llt, struct in_addr dst);
154static void in_lltable_delete_entry(struct lltable *llt, struct llentry *lle);
155static struct llentry * in_lltable_alloc(struct lltable *llt, u_int flags, const struct sockaddr *l3addr);
156static struct llentry * in_lltable_lookup(struct lltable *llt, u_int flags, const struct sockaddr *l3addr);
157static int in_lltable_dump_entry(struct lltable *llt, struct llentry *lle, struct sysctl_req *wr);
158static struct lltable * in_lltattach(struct ifnet *ifp);
159
160static int subnetsarelocal = 0;
161SYSCTL_INT(_net_inet_ip, OID_AUTO, subnets_are_local,
162 CTLFLAG_RW | CTLFLAG_LOCKED, &subnetsarelocal, 0, "");
163
164/* Track whether or not the SIOCARPIPLL ioctl has been called */
165u_int32_t ipv4_ll_arp_aware = 0;
166
167#define INIFA_TRACE_HIST_SIZE 32 /* size of trace history */
168
169/* For gdb */
170__private_extern__ unsigned int inifa_trace_hist_size = INIFA_TRACE_HIST_SIZE;
171
172struct in_ifaddr_dbg {
173 struct in_ifaddr inifa; /* in_ifaddr */
174 struct in_ifaddr inifa_old; /* saved in_ifaddr */
175 u_int16_t inifa_refhold_cnt; /* # of IFA_ADDREF */
176 u_int16_t inifa_refrele_cnt; /* # of IFA_REMREF */
177 /*
178 * Alloc and free callers.
179 */
180 ctrace_t inifa_alloc;
181 ctrace_t inifa_free;
182 /*
183 * Circular lists of IFA_ADDREF and IFA_REMREF callers.
184 */
185 ctrace_t inifa_refhold[INIFA_TRACE_HIST_SIZE];
186 ctrace_t inifa_refrele[INIFA_TRACE_HIST_SIZE];
187 /*
188 * Trash list linkage
189 */
190 TAILQ_ENTRY(in_ifaddr_dbg) inifa_trash_link;
191};
192
193/* List of trash in_ifaddr entries protected by inifa_trash_lock */
194static TAILQ_HEAD(, in_ifaddr_dbg) inifa_trash_head;
195static decl_lck_mtx_data(, inifa_trash_lock);
196
197#if DEBUG
198static unsigned int inifa_debug = 1; /* debugging (enabled) */
199#else
200static unsigned int inifa_debug; /* debugging (disabled) */
201#endif /* !DEBUG */
202static unsigned int inifa_size; /* size of zone element */
203static struct zone *inifa_zone; /* zone for in_ifaddr */
204
205#define INIFA_ZONE_MAX 64 /* maximum elements in zone */
206#define INIFA_ZONE_NAME "in_ifaddr" /* zone name */
207
208static const unsigned int in_extra_size = sizeof (struct in_ifextra);
209static const unsigned int in_extra_bufsize = in_extra_size +
210 sizeof (void *) + sizeof (uint64_t);
211
212/*
213 * Return 1 if the address is
214 * - loopback
215 * - unicast or multicast link local
216 * - routed via a link level gateway
217 * - belongs to a directly connected (sub)net
218 */
219int
220inaddr_local(struct in_addr in)
221{
222 struct rtentry *rt;
223 struct sockaddr_in sin;
224 int local = 0;
225
226 if (ntohl(in.s_addr) == INADDR_LOOPBACK ||
227 IN_LINKLOCAL(ntohl(in.s_addr))) {
228 local = 1;
229 } else if (ntohl(in.s_addr) >= INADDR_UNSPEC_GROUP &&
230 ntohl(in.s_addr) <= INADDR_MAX_LOCAL_GROUP) {
231 local = 1;
232 } else {
233 sin.sin_family = AF_INET;
234 sin.sin_len = sizeof (sin);
235 sin.sin_addr = in;
236 rt = rtalloc1((struct sockaddr *)&sin, 0, 0);
237
238 if (rt != NULL) {
239 RT_LOCK_SPIN(rt);
240 if (rt->rt_gateway->sa_family == AF_LINK ||
241 (rt->rt_ifp->if_flags & IFF_LOOPBACK))
242 local = 1;
243 RT_UNLOCK(rt);
244 rtfree(rt);
245 } else {
246 local = in_localaddr(in);
247 }
248 }
249 return (local);
250}
251
252/*
253 * Return 1 if an internet address is for a ``local'' host
254 * (one to which we have a connection). If subnetsarelocal
255 * is true, this includes other subnets of the local net,
256 * otherwise, it includes the directly-connected (sub)nets.
257 * The IPv4 link local prefix 169.254/16 is also included.
258 */
259int
260in_localaddr(struct in_addr in)
261{
262 u_int32_t i = ntohl(in.s_addr);
263 struct in_ifaddr *ia;
264
265 if (IN_LINKLOCAL(i))
266 return (1);
267
268 if (subnetsarelocal) {
269 lck_rw_lock_shared(in_ifaddr_rwlock);
270 for (ia = in_ifaddrhead.tqh_first; ia != NULL;
271 ia = ia->ia_link.tqe_next) {
272 IFA_LOCK(&ia->ia_ifa);
273 if ((i & ia->ia_netmask) == ia->ia_net) {
274 IFA_UNLOCK(&ia->ia_ifa);
275 lck_rw_done(in_ifaddr_rwlock);
276 return (1);
277 }
278 IFA_UNLOCK(&ia->ia_ifa);
279 }
280 lck_rw_done(in_ifaddr_rwlock);
281 } else {
282 lck_rw_lock_shared(in_ifaddr_rwlock);
283 for (ia = in_ifaddrhead.tqh_first; ia != NULL;
284 ia = ia->ia_link.tqe_next) {
285 IFA_LOCK(&ia->ia_ifa);
286 if ((i & ia->ia_subnetmask) == ia->ia_subnet) {
287 IFA_UNLOCK(&ia->ia_ifa);
288 lck_rw_done(in_ifaddr_rwlock);
289 return (1);
290 }
291 IFA_UNLOCK(&ia->ia_ifa);
292 }
293 lck_rw_done(in_ifaddr_rwlock);
294 }
295 return (0);
296}
297
298/*
299 * Determine whether an IP address is in a reserved set of addresses
300 * that may not be forwarded, or whether datagrams to that destination
301 * may be forwarded.
302 */
303boolean_t
304in_canforward(struct in_addr in)
305{
306 u_int32_t i = ntohl(in.s_addr);
307 u_int32_t net;
308
309 if (IN_EXPERIMENTAL(i) || IN_MULTICAST(i))
310 return (FALSE);
311 if (IN_CLASSA(i)) {
312 net = i & IN_CLASSA_NET;
313 if (net == 0 || net == (IN_LOOPBACKNET << IN_CLASSA_NSHIFT))
314 return (FALSE);
315 }
316 return (TRUE);
317}
318
319/*
320 * Trim a mask in a sockaddr
321 */
322static void
323in_socktrim(struct sockaddr_in *ap)
324{
325 char *cplim = (char *)&ap->sin_addr;
326 char *cp = (char *)(&ap->sin_addr + 1);
327
328 ap->sin_len = 0;
329 while (--cp >= cplim)
330 if (*cp) {
331 (ap)->sin_len = cp - (char *)(ap) + 1;
332 break;
333 }
334}
335
336static int in_interfaces; /* number of external internet interfaces */
337
338static int
339in_domifattach(struct ifnet *ifp)
340{
341 int error;
342
343 VERIFY(ifp != NULL);
344
345 if ((error = proto_plumb(PF_INET, ifp)) && error != EEXIST) {
346 log(LOG_ERR, "%s: proto_plumb returned %d if=%s\n",
347 __func__, error, if_name(ifp));
348 } else if (error == 0 && ifp->if_inetdata == NULL) {
349 void **pbuf, *base;
350 struct in_ifextra *ext;
351 int errorx;
352
353 if ((ext = (struct in_ifextra *)_MALLOC(in_extra_bufsize,
354 M_IFADDR, M_WAITOK|M_ZERO)) == NULL) {
355 error = ENOMEM;
356 errorx = proto_unplumb(PF_INET, ifp);
357 if (errorx != 0) {
358 log(LOG_ERR,
359 "%s: proto_unplumb returned %d if=%s%d\n",
360 __func__, errorx, ifp->if_name,
361 ifp->if_unit);
362 }
363 goto done;
364 }
365
366 /* Align on 64-bit boundary */
367 base = (void *)P2ROUNDUP((intptr_t)ext + sizeof (uint64_t),
368 sizeof (uint64_t));
369 VERIFY(((intptr_t)base + in_extra_size) <=
370 ((intptr_t)ext + in_extra_bufsize));
371 pbuf = (void **)((intptr_t)base - sizeof (void *));
372 *pbuf = ext;
373 ifp->if_inetdata = base;
374 IN_IFEXTRA(ifp)->ii_llt = in_lltattach(ifp);
375 VERIFY(IS_P2ALIGNED(ifp->if_inetdata, sizeof (uint64_t)));
376 }
377done:
378 if (error == 0 && ifp->if_inetdata != NULL) {
379 /*
380 * Since the structure is never freed, we need to
381 * zero out its contents to avoid reusing stale data.
382 * A little redundant with allocation above, but it
383 * keeps the code simpler for all cases.
384 */
385 bzero(ifp->if_inetdata, in_extra_size);
386 }
387 return (error);
388}
389
390static __attribute__((noinline)) int
391inctl_associd(struct socket *so, u_long cmd, caddr_t data)
392{
393 int error = 0;
394 union {
395 struct so_aidreq32 a32;
396 struct so_aidreq64 a64;
397 } u;
398
399 VERIFY(so != NULL);
400
401 switch (cmd) {
402 case SIOCGASSOCIDS32: /* struct so_aidreq32 */
403 bcopy(data, &u.a32, sizeof (u.a32));
404 error = in_getassocids(so, &u.a32.sar_cnt, u.a32.sar_aidp);
405 if (error == 0)
406 bcopy(&u.a32, data, sizeof (u.a32));
407 break;
408
409 case SIOCGASSOCIDS64: /* struct so_aidreq64 */
410 bcopy(data, &u.a64, sizeof (u.a64));
411 error = in_getassocids(so, &u.a64.sar_cnt, u.a64.sar_aidp);
412 if (error == 0)
413 bcopy(&u.a64, data, sizeof (u.a64));
414 break;
415
416 default:
417 VERIFY(0);
418 /* NOTREACHED */
419 }
420
421 return (error);
422}
423
424static __attribute__((noinline)) int
425inctl_connid(struct socket *so, u_long cmd, caddr_t data)
426{
427 int error = 0;
428 union {
429 struct so_cidreq32 c32;
430 struct so_cidreq64 c64;
431 } u;
432
433 VERIFY(so != NULL);
434
435 switch (cmd) {
436 case SIOCGCONNIDS32: /* struct so_cidreq32 */
437 bcopy(data, &u.c32, sizeof (u.c32));
438 error = in_getconnids(so, u.c32.scr_aid, &u.c32.scr_cnt,
439 u.c32.scr_cidp);
440 if (error == 0)
441 bcopy(&u.c32, data, sizeof (u.c32));
442 break;
443
444 case SIOCGCONNIDS64: /* struct so_cidreq64 */
445 bcopy(data, &u.c64, sizeof (u.c64));
446 error = in_getconnids(so, u.c64.scr_aid, &u.c64.scr_cnt,
447 u.c64.scr_cidp);
448 if (error == 0)
449 bcopy(&u.c64, data, sizeof (u.c64));
450 break;
451
452 default:
453 VERIFY(0);
454 /* NOTREACHED */
455 }
456
457 return (error);
458}
459
460static __attribute__((noinline)) int
461inctl_conninfo(struct socket *so, u_long cmd, caddr_t data)
462{
463 int error = 0;
464 union {
465 struct so_cinforeq32 ci32;
466 struct so_cinforeq64 ci64;
467 } u;
468
469 VERIFY(so != NULL);
470
471 switch (cmd) {
472 case SIOCGCONNINFO32: /* struct so_cinforeq32 */
473 bcopy(data, &u.ci32, sizeof (u.ci32));
474 error = in_getconninfo(so, u.ci32.scir_cid, &u.ci32.scir_flags,
475 &u.ci32.scir_ifindex, &u.ci32.scir_error, u.ci32.scir_src,
476 &u.ci32.scir_src_len, u.ci32.scir_dst, &u.ci32.scir_dst_len,
477 &u.ci32.scir_aux_type, u.ci32.scir_aux_data,
478 &u.ci32.scir_aux_len);
479 if (error == 0)
480 bcopy(&u.ci32, data, sizeof (u.ci32));
481 break;
482
483 case SIOCGCONNINFO64: /* struct so_cinforeq64 */
484 bcopy(data, &u.ci64, sizeof (u.ci64));
485 error = in_getconninfo(so, u.ci64.scir_cid, &u.ci64.scir_flags,
486 &u.ci64.scir_ifindex, &u.ci64.scir_error, u.ci64.scir_src,
487 &u.ci64.scir_src_len, u.ci64.scir_dst, &u.ci64.scir_dst_len,
488 &u.ci64.scir_aux_type, u.ci64.scir_aux_data,
489 &u.ci64.scir_aux_len);
490 if (error == 0)
491 bcopy(&u.ci64, data, sizeof (u.ci64));
492 break;
493
494 default:
495 VERIFY(0);
496 /* NOTREACHED */
497 }
498
499 return (error);
500}
501
502/*
503 * Caller passes in the ioctl data pointer directly via "ifr", with the
504 * expectation that this routine always uses bcopy() or other byte-aligned
505 * memory accesses.
506 */
507static __attribute__((noinline)) int
508inctl_autoaddr(struct ifnet *ifp, struct ifreq *ifr)
509{
510 int error = 0, intval;
511
512 VERIFY(ifp != NULL);
513
514 bcopy(&ifr->ifr_intval, &intval, sizeof (intval));
515
516 ifnet_lock_exclusive(ifp);
517 if (intval) {
518 /*
519 * An interface in IPv4 router mode implies that it
520 * is configured with a static IP address and should
521 * not act as a DHCP client; prevent SIOCAUTOADDR from
522 * being set in that mode.
523 */
524 if (ifp->if_eflags & IFEF_IPV4_ROUTER) {
525 intval = 0; /* be safe; clear flag if set */
526 error = EBUSY;
527 } else {
528 ifp->if_eflags |= IFEF_AUTOCONFIGURING;
529 }
530 }
531 if (!intval)
532 ifp->if_eflags &= ~IFEF_AUTOCONFIGURING;
533 ifnet_lock_done(ifp);
534
535 return (error);
536}
537
538/*
539 * Caller passes in the ioctl data pointer directly via "ifr", with the
540 * expectation that this routine always uses bcopy() or other byte-aligned
541 * memory accesses.
542 */
543static __attribute__((noinline)) int
544inctl_arpipll(struct ifnet *ifp, struct ifreq *ifr)
545{
546 int error = 0, intval;
547
548 VERIFY(ifp != NULL);
549
550 bcopy(&ifr->ifr_intval, &intval, sizeof (intval));
551 ipv4_ll_arp_aware = 1;
552
553 ifnet_lock_exclusive(ifp);
554 if (intval) {
555 /*
556 * An interface in IPv4 router mode implies that it
557 * is configured with a static IP address and should
558 * not have to deal with IPv4 Link-Local Address;
559 * prevent SIOCARPIPLL from being set in that mode.
560 */
561 if (ifp->if_eflags & IFEF_IPV4_ROUTER) {
562 intval = 0; /* be safe; clear flag if set */
563 error = EBUSY;
564 } else {
565 ifp->if_eflags |= IFEF_ARPLL;
566 }
567 }
568 if (!intval)
569 ifp->if_eflags &= ~IFEF_ARPLL;
570 ifnet_lock_done(ifp);
571
572 return (error);
573}
574
575/*
576 * Handle SIOCSETROUTERMODE to set or clear the IPv4 router mode flag on
577 * the interface. When in this mode, IPv4 Link-Local Address support is
578 * disabled in ARP, and DHCP client support is disabled in IP input; turning
579 * any of them on would cause an error to be returned. Entering or exiting
580 * this mode will result in the removal of IPv4 addresses currently configured
581 * on the interface.
582 *
583 * Caller passes in the ioctl data pointer directly via "ifr", with the
584 * expectation that this routine always uses bcopy() or other byte-aligned
585 * memory accesses.
586 */
587static __attribute__((noinline)) int
588inctl_setrouter(struct ifnet *ifp, struct ifreq *ifr)
589{
590 int error = 0, intval;
591
592 VERIFY(ifp != NULL);
593
594 /* Router mode isn't valid for loopback */
595 if (ifp->if_flags & IFF_LOOPBACK)
596 return (ENODEV);
597
598 bcopy(&ifr->ifr_intval, &intval, sizeof (intval));
599
600 ifnet_lock_exclusive(ifp);
601 if (intval) {
602 ifp->if_eflags |= IFEF_IPV4_ROUTER;
603 ifp->if_eflags &= ~(IFEF_ARPLL | IFEF_AUTOCONFIGURING);
604 } else {
605 ifp->if_eflags &= ~IFEF_IPV4_ROUTER;
606 }
607 ifnet_lock_done(ifp);
608
609 /* purge all IPv4 addresses configured on this interface */
610 in_purgeaddrs(ifp);
611
612 return (error);
613}
614
615/*
616 * Caller passes in the ioctl data pointer directly via "ifr", with the
617 * expectation that this routine always uses bcopy() or other byte-aligned
618 * memory accesses.
619 */
620static __attribute__((noinline)) int
621inctl_ifaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
622 struct ifreq *ifr)
623{
624 struct kev_in_data in_event_data;
625 struct kev_msg ev_msg;
626 struct sockaddr_in addr;
627 struct ifaddr *ifa;
628 int error = 0;
629
630 VERIFY(ifp != NULL);
631
632 bzero(&in_event_data, sizeof (struct kev_in_data));
633 bzero(&ev_msg, sizeof (struct kev_msg));
634
635 switch (cmd) {
636 case SIOCGIFADDR: /* struct ifreq */
637 if (ia == NULL) {
638 error = EADDRNOTAVAIL;
639 break;
640 }
641 IFA_LOCK(&ia->ia_ifa);
642 bcopy(&ia->ia_addr, &ifr->ifr_addr, sizeof (addr));
643 IFA_UNLOCK(&ia->ia_ifa);
644 break;
645
646 case SIOCSIFADDR: /* struct ifreq */
647 VERIFY(ia != NULL);
648 bcopy(&ifr->ifr_addr, &addr, sizeof (addr));
649 /*
650 * If this is a new address, the reference count for the
651 * hash table has been taken at creation time above.
652 */
653 error = in_ifinit(ifp, ia, &addr, 1);
654 if (error == 0) {
655 (void) ifnet_notify_address(ifp, AF_INET);
656 }
657 break;
658
659 case SIOCAIFADDR: { /* struct {if,in_}aliasreq */
660 struct in_aliasreq *ifra = (struct in_aliasreq *)ifr;
661 struct sockaddr_in broadaddr, mask;
662 int hostIsNew, maskIsNew;
663
664 VERIFY(ia != NULL);
665 bcopy(&ifra->ifra_addr, &addr, sizeof (addr));
666 bcopy(&ifra->ifra_broadaddr, &broadaddr, sizeof (broadaddr));
667 bcopy(&ifra->ifra_mask, &mask, sizeof (mask));
668
669 maskIsNew = 0;
670 hostIsNew = 1;
671 error = 0;
672
673 IFA_LOCK(&ia->ia_ifa);
674 if (ia->ia_addr.sin_family == AF_INET) {
675 if (addr.sin_len == 0) {
676 addr = ia->ia_addr;
677 hostIsNew = 0;
678 } else if (addr.sin_addr.s_addr ==
679 ia->ia_addr.sin_addr.s_addr) {
680 hostIsNew = 0;
681 }
682 }
683 if (mask.sin_len) {
684 IFA_UNLOCK(&ia->ia_ifa);
685 in_ifscrub(ifp, ia, 0);
686 IFA_LOCK(&ia->ia_ifa);
687 ia->ia_sockmask = mask;
688 ia->ia_subnetmask =
689 ntohl(ia->ia_sockmask.sin_addr.s_addr);
690 maskIsNew = 1;
691 }
692 if ((ifp->if_flags & IFF_POINTOPOINT) &&
693 (broadaddr.sin_family == AF_INET)) {
694 IFA_UNLOCK(&ia->ia_ifa);
695 in_ifscrub(ifp, ia, 0);
696 IFA_LOCK(&ia->ia_ifa);
697 ia->ia_dstaddr = broadaddr;
698 ia->ia_dstaddr.sin_len = sizeof (struct sockaddr_in);
699 maskIsNew = 1; /* We lie; but the effect's the same */
700 }
701 if (addr.sin_family == AF_INET && (hostIsNew || maskIsNew)) {
702 IFA_UNLOCK(&ia->ia_ifa);
703 error = in_ifinit(ifp, ia, &addr, 0);
704 } else {
705 IFA_UNLOCK(&ia->ia_ifa);
706 }
707 if (error == 0) {
708 (void) ifnet_notify_address(ifp, AF_INET);
709 }
710 IFA_LOCK(&ia->ia_ifa);
711 if ((ifp->if_flags & IFF_BROADCAST) &&
712 (broadaddr.sin_family == AF_INET))
713 ia->ia_broadaddr = broadaddr;
714
715 /*
716 * Report event.
717 */
718 if ((error == 0) || (error == EEXIST)) {
719 ev_msg.vendor_code = KEV_VENDOR_APPLE;
720 ev_msg.kev_class = KEV_NETWORK_CLASS;
721 ev_msg.kev_subclass = KEV_INET_SUBCLASS;
722
723 if (hostIsNew)
724 ev_msg.event_code = KEV_INET_NEW_ADDR;
725 else
726 ev_msg.event_code = KEV_INET_CHANGED_ADDR;
727
728 if (ia->ia_ifa.ifa_dstaddr) {
729 in_event_data.ia_dstaddr =
730 ((struct sockaddr_in *)(void *)ia->
731 ia_ifa.ifa_dstaddr)->sin_addr;
732 } else {
733 in_event_data.ia_dstaddr.s_addr = INADDR_ANY;
734 }
735 in_event_data.ia_addr = ia->ia_addr.sin_addr;
736 in_event_data.ia_net = ia->ia_net;
737 in_event_data.ia_netmask = ia->ia_netmask;
738 in_event_data.ia_subnet = ia->ia_subnet;
739 in_event_data.ia_subnetmask = ia->ia_subnetmask;
740 in_event_data.ia_netbroadcast = ia->ia_netbroadcast;
741 IFA_UNLOCK(&ia->ia_ifa);
742 (void) strlcpy(&in_event_data.link_data.if_name[0],
743 ifp->if_name, IFNAMSIZ);
744 in_event_data.link_data.if_family = ifp->if_family;
745 in_event_data.link_data.if_unit = ifp->if_unit;
746
747 ev_msg.dv[0].data_ptr = &in_event_data;
748 ev_msg.dv[0].data_length = sizeof (struct kev_in_data);
749 ev_msg.dv[1].data_length = 0;
750
751 dlil_post_complete_msg(ifp, &ev_msg);
752 } else {
753 IFA_UNLOCK(&ia->ia_ifa);
754 }
755 break;
756 }
757
758 case SIOCDIFADDR: /* struct ifreq */
759 VERIFY(ia != NULL);
760 error = ifnet_ioctl(ifp, PF_INET, SIOCDIFADDR, ia);
761 if (error == EOPNOTSUPP)
762 error = 0;
763 if (error != 0) {
764 /* Reset the detaching flag */
765 IFA_LOCK(&ia->ia_ifa);
766 ia->ia_ifa.ifa_debug &= ~IFD_DETACHING;
767 IFA_UNLOCK(&ia->ia_ifa);
768 break;
769 }
770
771 /* Fill out the kernel event information */
772 ev_msg.vendor_code = KEV_VENDOR_APPLE;
773 ev_msg.kev_class = KEV_NETWORK_CLASS;
774 ev_msg.kev_subclass = KEV_INET_SUBCLASS;
775
776 ev_msg.event_code = KEV_INET_ADDR_DELETED;
777
778 IFA_LOCK(&ia->ia_ifa);
779 if (ia->ia_ifa.ifa_dstaddr) {
780 in_event_data.ia_dstaddr = ((struct sockaddr_in *)
781 (void *)ia->ia_ifa.ifa_dstaddr)->sin_addr;
782 } else {
783 in_event_data.ia_dstaddr.s_addr = INADDR_ANY;
784 }
785 in_event_data.ia_addr = ia->ia_addr.sin_addr;
786 in_event_data.ia_net = ia->ia_net;
787 in_event_data.ia_netmask = ia->ia_netmask;
788 in_event_data.ia_subnet = ia->ia_subnet;
789 in_event_data.ia_subnetmask = ia->ia_subnetmask;
790 in_event_data.ia_netbroadcast = ia->ia_netbroadcast;
791 IFA_UNLOCK(&ia->ia_ifa);
792 (void) strlcpy(&in_event_data.link_data.if_name[0],
793 ifp->if_name, IFNAMSIZ);
794 in_event_data.link_data.if_family = ifp->if_family;
795 in_event_data.link_data.if_unit = (u_int32_t)ifp->if_unit;
796
797 ev_msg.dv[0].data_ptr = &in_event_data;
798 ev_msg.dv[0].data_length = sizeof(struct kev_in_data);
799 ev_msg.dv[1].data_length = 0;
800
801 ifa = &ia->ia_ifa;
802 lck_rw_lock_exclusive(in_ifaddr_rwlock);
803 /* Release ia_link reference */
804 IFA_REMREF(ifa);
805 TAILQ_REMOVE(&in_ifaddrhead, ia, ia_link);
806 IFA_LOCK(ifa);
807 if (IA_IS_HASHED(ia))
808 in_iahash_remove(ia);
809 IFA_UNLOCK(ifa);
810 lck_rw_done(in_ifaddr_rwlock);
811
812 /*
813 * in_ifscrub kills the interface route.
814 */
815 in_ifscrub(ifp, ia, 0);
816 ifnet_lock_exclusive(ifp);
817 IFA_LOCK(ifa);
818 /* if_detach_ifa() releases ifa_link reference */
819 if_detach_ifa(ifp, ifa);
820 /* Our reference to this address is dropped at the bottom */
821 IFA_UNLOCK(ifa);
822
823 /* invalidate route caches */
824 routegenid_inet_update();
825
826 /*
827 * If the interface supports multicast, and no address is left,
828 * remove the "all hosts" multicast group from that interface.
829 */
830 if ((ifp->if_flags & IFF_MULTICAST) ||
831 ifp->if_allhostsinm != NULL) {
832
833 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
834 IFA_LOCK(ifa);
835 if (ifa->ifa_addr->sa_family == AF_INET) {
836 IFA_UNLOCK(ifa);
837 break;
838 }
839 IFA_UNLOCK(ifa);
840 }
841 ifnet_lock_done(ifp);
842
843 lck_mtx_lock(&ifp->if_addrconfig_lock);
844 if (ifa == NULL && ifp->if_allhostsinm != NULL) {
845 struct in_multi *inm = ifp->if_allhostsinm;
846 ifp->if_allhostsinm = NULL;
847
848 in_delmulti(inm);
849 /* release the reference for allhostsinm */
850 INM_REMREF(inm);
851 }
852 lck_mtx_unlock(&ifp->if_addrconfig_lock);
853 } else {
854 ifnet_lock_done(ifp);
855 }
856
857 /* Post the kernel event */
858 dlil_post_complete_msg(ifp, &ev_msg);
859
860 /*
861 * See if there is any IPV4 address left and if so,
862 * reconfigure KDP to use current primary address.
863 */
864 ifa = ifa_ifpgetprimary(ifp, AF_INET);
865 if (ifa != NULL) {
866 /*
867 * NOTE: SIOCSIFADDR is defined with struct ifreq
868 * as parameter, but here we are sending it down
869 * to the interface with a pointer to struct ifaddr,
870 * for legacy reasons.
871 */
872 error = ifnet_ioctl(ifp, PF_INET, SIOCSIFADDR, ifa);
873 if (error == EOPNOTSUPP)
874 error = 0;
875
876 /* Release reference from ifa_ifpgetprimary() */
877 IFA_REMREF(ifa);
878 }
879 (void) ifnet_notify_address(ifp, AF_INET);
880 break;
881
882 default:
883 VERIFY(0);
884 /* NOTREACHED */
885 }
886
887 return (error);
888}
889
890/*
891 * Caller passes in the ioctl data pointer directly via "ifr", with the
892 * expectation that this routine always uses bcopy() or other byte-aligned
893 * memory accesses.
894 */
895static __attribute__((noinline)) int
896inctl_ifdstaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
897 struct ifreq *ifr)
898{
899 struct kev_in_data in_event_data;
900 struct kev_msg ev_msg;
901 struct sockaddr_in dstaddr;
902 int error = 0;
903
904 VERIFY(ifp != NULL);
905
906 if (!(ifp->if_flags & IFF_POINTOPOINT))
907 return (EINVAL);
908
909 bzero(&in_event_data, sizeof (struct kev_in_data));
910 bzero(&ev_msg, sizeof (struct kev_msg));
911
912 switch (cmd) {
913 case SIOCGIFDSTADDR: /* struct ifreq */
914 if (ia == NULL) {
915 error = EADDRNOTAVAIL;
916 break;
917 }
918 IFA_LOCK(&ia->ia_ifa);
919 bcopy(&ia->ia_dstaddr, &ifr->ifr_dstaddr, sizeof (dstaddr));
920 IFA_UNLOCK(&ia->ia_ifa);
921 break;
922
923 case SIOCSIFDSTADDR: /* struct ifreq */
924 VERIFY(ia != NULL);
925 IFA_LOCK(&ia->ia_ifa);
926 dstaddr = ia->ia_dstaddr;
927 bcopy(&ifr->ifr_dstaddr, &ia->ia_dstaddr, sizeof (dstaddr));
928 if (ia->ia_dstaddr.sin_family == AF_INET)
929 ia->ia_dstaddr.sin_len = sizeof (struct sockaddr_in);
930 IFA_UNLOCK(&ia->ia_ifa);
931 /*
932 * NOTE: SIOCSIFDSTADDR is defined with struct ifreq
933 * as parameter, but here we are sending it down
934 * to the interface with a pointer to struct ifaddr,
935 * for legacy reasons.
936 */
937 error = ifnet_ioctl(ifp, PF_INET, SIOCSIFDSTADDR, ia);
938 IFA_LOCK(&ia->ia_ifa);
939 if (error == EOPNOTSUPP)
940 error = 0;
941 if (error != 0) {
942 ia->ia_dstaddr = dstaddr;
943 IFA_UNLOCK(&ia->ia_ifa);
944 break;
945 }
946 IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
947
948 ev_msg.vendor_code = KEV_VENDOR_APPLE;
949 ev_msg.kev_class = KEV_NETWORK_CLASS;
950 ev_msg.kev_subclass = KEV_INET_SUBCLASS;
951
952 ev_msg.event_code = KEV_INET_SIFDSTADDR;
953
954 if (ia->ia_ifa.ifa_dstaddr) {
955 in_event_data.ia_dstaddr = ((struct sockaddr_in *)
956 (void *)ia->ia_ifa.ifa_dstaddr)->sin_addr;
957 } else {
958 in_event_data.ia_dstaddr.s_addr = INADDR_ANY;
959 }
960
961 in_event_data.ia_addr = ia->ia_addr.sin_addr;
962 in_event_data.ia_net = ia->ia_net;
963 in_event_data.ia_netmask = ia->ia_netmask;
964 in_event_data.ia_subnet = ia->ia_subnet;
965 in_event_data.ia_subnetmask = ia->ia_subnetmask;
966 in_event_data.ia_netbroadcast = ia->ia_netbroadcast;
967 IFA_UNLOCK(&ia->ia_ifa);
968 (void) strlcpy(&in_event_data.link_data.if_name[0],
969 ifp->if_name, IFNAMSIZ);
970 in_event_data.link_data.if_family = ifp->if_family;
971 in_event_data.link_data.if_unit = (u_int32_t)ifp->if_unit;
972
973 ev_msg.dv[0].data_ptr = &in_event_data;
974 ev_msg.dv[0].data_length = sizeof (struct kev_in_data);
975 ev_msg.dv[1].data_length = 0;
976
977 dlil_post_complete_msg(ifp, &ev_msg);
978
979 lck_mtx_lock(rnh_lock);
980 IFA_LOCK(&ia->ia_ifa);
981 if (ia->ia_flags & IFA_ROUTE) {
982 ia->ia_ifa.ifa_dstaddr = (struct sockaddr *)&dstaddr;
983 IFA_UNLOCK(&ia->ia_ifa);
984 rtinit_locked(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST);
985 IFA_LOCK(&ia->ia_ifa);
986 ia->ia_ifa.ifa_dstaddr =
987 (struct sockaddr *)&ia->ia_dstaddr;
988 IFA_UNLOCK(&ia->ia_ifa);
989 rtinit_locked(&(ia->ia_ifa), (int)RTM_ADD,
990 RTF_HOST|RTF_UP);
991 } else {
992 IFA_UNLOCK(&ia->ia_ifa);
993 }
994 lck_mtx_unlock(rnh_lock);
995 break;
996
997
998
999 default:
1000 VERIFY(0);
1001 /* NOTREACHED */
1002 }
1003
1004 return (error);
1005}
1006
1007/*
1008 * Caller passes in the ioctl data pointer directly via "ifr", with the
1009 * expectation that this routine always uses bcopy() or other byte-aligned
1010 * memory accesses.
1011 */
1012static __attribute__((noinline)) int
1013inctl_ifbrdaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
1014 struct ifreq *ifr)
1015{
1016 struct kev_in_data in_event_data;
1017 struct kev_msg ev_msg;
1018 int error = 0;
1019
1020 VERIFY(ifp != NULL);
1021
1022 if (ia == NULL)
1023 return (EADDRNOTAVAIL);
1024
1025 if (!(ifp->if_flags & IFF_BROADCAST))
1026 return (EINVAL);
1027
1028 bzero(&in_event_data, sizeof (struct kev_in_data));
1029 bzero(&ev_msg, sizeof (struct kev_msg));
1030
1031 switch (cmd) {
1032 case SIOCGIFBRDADDR: /* struct ifreq */
1033 IFA_LOCK(&ia->ia_ifa);
1034 bcopy(&ia->ia_broadaddr, &ifr->ifr_broadaddr,
1035 sizeof (struct sockaddr_in));
1036 IFA_UNLOCK(&ia->ia_ifa);
1037 break;
1038
1039 case SIOCSIFBRDADDR: /* struct ifreq */
1040 IFA_LOCK(&ia->ia_ifa);
1041 bcopy(&ifr->ifr_broadaddr, &ia->ia_broadaddr,
1042 sizeof (struct sockaddr_in));
1043
1044 ev_msg.vendor_code = KEV_VENDOR_APPLE;
1045 ev_msg.kev_class = KEV_NETWORK_CLASS;
1046 ev_msg.kev_subclass = KEV_INET_SUBCLASS;
1047
1048 ev_msg.event_code = KEV_INET_SIFBRDADDR;
1049
1050 if (ia->ia_ifa.ifa_dstaddr) {
1051 in_event_data.ia_dstaddr = ((struct sockaddr_in *)
1052 (void *)ia->ia_ifa.ifa_dstaddr)->sin_addr;
1053 } else {
1054 in_event_data.ia_dstaddr.s_addr = INADDR_ANY;
1055 }
1056 in_event_data.ia_addr = ia->ia_addr.sin_addr;
1057 in_event_data.ia_net = ia->ia_net;
1058 in_event_data.ia_netmask = ia->ia_netmask;
1059 in_event_data.ia_subnet = ia->ia_subnet;
1060 in_event_data.ia_subnetmask = ia->ia_subnetmask;
1061 in_event_data.ia_netbroadcast = ia->ia_netbroadcast;
1062 IFA_UNLOCK(&ia->ia_ifa);
1063 (void) strlcpy(&in_event_data.link_data.if_name[0],
1064 ifp->if_name, IFNAMSIZ);
1065 in_event_data.link_data.if_family = ifp->if_family;
1066 in_event_data.link_data.if_unit = (u_int32_t)ifp->if_unit;
1067
1068 ev_msg.dv[0].data_ptr = &in_event_data;
1069 ev_msg.dv[0].data_length = sizeof (struct kev_in_data);
1070 ev_msg.dv[1].data_length = 0;
1071
1072 dlil_post_complete_msg(ifp, &ev_msg);
1073 break;
1074
1075 default:
1076 VERIFY(0);
1077 /* NOTREACHED */
1078 }
1079
1080 return (error);
1081}
1082
1083/*
1084 * Caller passes in the ioctl data pointer directly via "ifr", with the
1085 * expectation that this routine always uses bcopy() or other byte-aligned
1086 * memory accesses.
1087 */
1088static __attribute__((noinline)) int
1089inctl_ifnetmask(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
1090 struct ifreq *ifr)
1091{
1092 struct kev_in_data in_event_data;
1093 struct kev_msg ev_msg;
1094 struct sockaddr_in mask;
1095 int error = 0;
1096
1097 VERIFY(ifp != NULL);
1098
1099 bzero(&in_event_data, sizeof (struct kev_in_data));
1100 bzero(&ev_msg, sizeof (struct kev_msg));
1101
1102 switch (cmd) {
1103 case SIOCGIFNETMASK: /* struct ifreq */
1104 if (ia == NULL) {
1105 error = EADDRNOTAVAIL;
1106 break;
1107 }
1108 IFA_LOCK(&ia->ia_ifa);
1109 bcopy(&ia->ia_sockmask, &ifr->ifr_addr, sizeof (mask));
1110 IFA_UNLOCK(&ia->ia_ifa);
1111 break;
1112
1113 case SIOCSIFNETMASK: { /* struct ifreq */
1114 in_addr_t i;
1115
1116 bcopy(&ifr->ifr_addr, &mask, sizeof (mask));
1117 i = mask.sin_addr.s_addr;
1118
1119 VERIFY(ia != NULL);
1120 IFA_LOCK(&ia->ia_ifa);
1121 ia->ia_subnetmask = ntohl(ia->ia_sockmask.sin_addr.s_addr = i);
1122 ev_msg.vendor_code = KEV_VENDOR_APPLE;
1123 ev_msg.kev_class = KEV_NETWORK_CLASS;
1124 ev_msg.kev_subclass = KEV_INET_SUBCLASS;
1125
1126 ev_msg.event_code = KEV_INET_SIFNETMASK;
1127
1128 if (ia->ia_ifa.ifa_dstaddr) {
1129 in_event_data.ia_dstaddr = ((struct sockaddr_in *)
1130 (void *)ia->ia_ifa.ifa_dstaddr)->sin_addr;
1131 } else {
1132 in_event_data.ia_dstaddr.s_addr = INADDR_ANY;
1133 }
1134 in_event_data.ia_addr = ia->ia_addr.sin_addr;
1135 in_event_data.ia_net = ia->ia_net;
1136 in_event_data.ia_netmask = ia->ia_netmask;
1137 in_event_data.ia_subnet = ia->ia_subnet;
1138 in_event_data.ia_subnetmask = ia->ia_subnetmask;
1139 in_event_data.ia_netbroadcast = ia->ia_netbroadcast;
1140 IFA_UNLOCK(&ia->ia_ifa);
1141 (void) strlcpy(&in_event_data.link_data.if_name[0],
1142 ifp->if_name, IFNAMSIZ);
1143 in_event_data.link_data.if_family = ifp->if_family;
1144 in_event_data.link_data.if_unit = (u_int32_t)ifp->if_unit;
1145
1146 ev_msg.dv[0].data_ptr = &in_event_data;
1147 ev_msg.dv[0].data_length = sizeof (struct kev_in_data);
1148 ev_msg.dv[1].data_length = 0;
1149
1150 dlil_post_complete_msg(ifp, &ev_msg);
1151 break;
1152 }
1153
1154 default:
1155 VERIFY(0);
1156 /* NOTREACHED */
1157 }
1158
1159 return (error);
1160}
1161
1162/*
1163 * Generic INET control operations (ioctl's).
1164 *
1165 * ifp is NULL if not an interface-specific ioctl.
1166 *
1167 * Most of the routines called to handle the ioctls would end up being
1168 * tail-call optimized, which unfortunately causes this routine to
1169 * consume too much stack space; this is the reason for the "noinline"
1170 * attribute used on those routines.
1171 *
1172 * If called directly from within the networking stack (as opposed to via
1173 * pru_control), the socket parameter may be NULL.
1174 */
1175int
1176in_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp,
1177 struct proc *p)
1178{
1179 struct ifreq *ifr = (struct ifreq *)(void *)data;
1180 struct sockaddr_in addr, dstaddr;
1181 struct sockaddr_in sin, *sa = NULL;
1182 boolean_t privileged = (proc_suser(p) == 0);
1183 boolean_t so_unlocked = FALSE;
1184 struct in_ifaddr *ia = NULL;
1185 struct ifaddr *ifa;
1186 int error = 0;
1187
1188 /* In case it's NULL, make sure it came from the kernel */
1189 VERIFY(so != NULL || p == kernproc);
1190
1191 /*
1192 * ioctls which don't require ifp, but require socket.
1193 */
1194 switch (cmd) {
1195 case SIOCGASSOCIDS32: /* struct so_aidreq32 */
1196 case SIOCGASSOCIDS64: /* struct so_aidreq64 */
1197 return (inctl_associd(so, cmd, data));
1198 /* NOTREACHED */
1199
1200 case SIOCGCONNIDS32: /* struct so_cidreq32 */
1201 case SIOCGCONNIDS64: /* struct so_cidreq64 */
1202 return (inctl_connid(so, cmd, data));
1203 /* NOTREACHED */
1204
1205 case SIOCGCONNINFO32: /* struct so_cinforeq32 */
1206 case SIOCGCONNINFO64: /* struct so_cinforeq64 */
1207 return (inctl_conninfo(so, cmd, data));
1208 /* NOTREACHED */
1209 }
1210
1211 /*
1212 * The rest of ioctls require ifp; reject if we don't have one;
1213 * return ENXIO to be consistent with ifioctl().
1214 */
1215 if (ifp == NULL)
1216 return (ENXIO);
1217
1218 /*
1219 * ioctls which require ifp but not interface address.
1220 */
1221 switch (cmd) {
1222 case SIOCAUTOADDR: /* struct ifreq */
1223 if (!privileged)
1224 return (EPERM);
1225 return (inctl_autoaddr(ifp, ifr));
1226 /* NOTREACHED */
1227
1228 case SIOCARPIPLL: /* struct ifreq */
1229 if (!privileged)
1230 return (EPERM);
1231 return (inctl_arpipll(ifp, ifr));
1232 /* NOTREACHED */
1233
1234 case SIOCSETROUTERMODE: /* struct ifreq */
1235 if (!privileged)
1236 return (EPERM);
1237 return (inctl_setrouter(ifp, ifr));
1238 /* NOTREACHED */
1239
1240 case SIOCPROTOATTACH: /* struct ifreq */
1241 if (!privileged)
1242 return (EPERM);
1243 return (in_domifattach(ifp));
1244 /* NOTREACHED */
1245
1246 case SIOCPROTODETACH: /* struct ifreq */
1247 if (!privileged)
1248 return (EPERM);
1249
1250 /*
1251 * If an IPv4 address is still present, refuse to detach.
1252 */
1253 ifnet_lock_shared(ifp);
1254 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1255 IFA_LOCK(ifa);
1256 if (ifa->ifa_addr->sa_family == AF_INET) {
1257 IFA_UNLOCK(ifa);
1258 break;
1259 }
1260 IFA_UNLOCK(ifa);
1261 }
1262 ifnet_lock_done(ifp);
1263 return ((ifa == NULL) ? proto_unplumb(PF_INET, ifp) : EBUSY);
1264 /* NOTREACHED */
1265 }
1266
1267 /*
1268 * ioctls which require interface address; obtain sockaddr_in.
1269 */
1270 switch (cmd) {
1271 case SIOCAIFADDR: /* struct {if,in_}aliasreq */
1272 if (!privileged)
1273 return (EPERM);
1274 bcopy(&((struct in_aliasreq *)(void *)data)->ifra_addr,
1275 &sin, sizeof (sin));
1276 sa = &sin;
1277 break;
1278
1279 case SIOCDIFADDR: /* struct ifreq */
1280 case SIOCSIFADDR: /* struct ifreq */
1281 case SIOCSIFDSTADDR: /* struct ifreq */
1282 case SIOCSIFNETMASK: /* struct ifreq */
1283 case SIOCSIFBRDADDR: /* struct ifreq */
1284 if (!privileged)
1285 return (EPERM);
1286 /* FALLTHRU */
1287 case SIOCGIFADDR: /* struct ifreq */
1288 case SIOCGIFDSTADDR: /* struct ifreq */
1289 case SIOCGIFNETMASK: /* struct ifreq */
1290 case SIOCGIFBRDADDR: /* struct ifreq */
1291 bcopy(&ifr->ifr_addr, &sin, sizeof (sin));
1292 sa = &sin;
1293 break;
1294 }
1295
1296 /*
1297 * Find address for this interface, if it exists.
1298 *
1299 * If an alias address was specified, find that one instead of
1300 * the first one on the interface, if possible.
1301 */
1302 VERIFY(ia == NULL);
1303 if (sa != NULL) {
1304 struct in_ifaddr *iap;
1305
1306 /*
1307 * Any failures from this point on must take into account
1308 * a non-NULL "ia" with an outstanding reference count, and
1309 * therefore requires IFA_REMREF. Jump to "done" label
1310 * instead of calling return if "ia" is valid.
1311 */
1312 lck_rw_lock_shared(in_ifaddr_rwlock);
1313 TAILQ_FOREACH(iap, INADDR_HASH(sa->sin_addr.s_addr), ia_hash) {
1314 IFA_LOCK(&iap->ia_ifa);
1315 if (iap->ia_ifp == ifp &&
1316 iap->ia_addr.sin_addr.s_addr ==
1317 sa->sin_addr.s_addr) {
1318 /*
1319 * Avoid the race condition seen when two
1320 * threads process SIOCDIFADDR command
1321 * at the same time (radar 28942007)
1322 */
1323 if (cmd == SIOCDIFADDR) {
1324 if (iap->ia_ifa.ifa_debug &
1325 IFD_DETACHING) {
1326 IFA_UNLOCK(&iap->ia_ifa);
1327 continue;
1328 } else {
1329 iap->ia_ifa.ifa_debug |=
1330 IFD_DETACHING;
1331 }
1332 }
1333 ia = iap;
1334 IFA_ADDREF_LOCKED(&iap->ia_ifa);
1335 IFA_UNLOCK(&iap->ia_ifa);
1336 break;
1337 }
1338 IFA_UNLOCK(&iap->ia_ifa);
1339 }
1340 lck_rw_done(in_ifaddr_rwlock);
1341
1342 if (ia == NULL) {
1343 ifnet_lock_shared(ifp);
1344 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1345 iap = ifatoia(ifa);
1346 IFA_LOCK(&iap->ia_ifa);
1347 if (iap->ia_addr.sin_family == AF_INET) {
1348 ia = iap;
1349 IFA_UNLOCK(&iap->ia_ifa);
1350 break;
1351 }
1352 IFA_UNLOCK(&iap->ia_ifa);
1353 }
1354 /* take a reference on ia before releasing lock */
1355 if (ia != NULL)
1356 IFA_ADDREF(&ia->ia_ifa);
1357 ifnet_lock_done(ifp);
1358 }
1359 }
1360
1361 /*
1362 * Unlock the socket since ifnet_ioctl() may be invoked by
1363 * one of the ioctl handlers below. Socket will be re-locked
1364 * prior to returning.
1365 */
1366 if (so != NULL) {
1367 socket_unlock(so, 0);
1368 so_unlocked = TRUE;
1369 }
1370
1371 switch (cmd) {
1372 case SIOCAIFADDR: /* struct {if,in_}aliasreq */
1373 case SIOCDIFADDR: /* struct ifreq */
1374 if (cmd == SIOCAIFADDR) {
1375 bcopy(&((struct in_aliasreq *)(void *)data)->
1376 ifra_addr, &addr, sizeof (addr));
1377 bcopy(&((struct in_aliasreq *)(void *)data)->
1378 ifra_dstaddr, &dstaddr, sizeof (dstaddr));
1379 } else {
1380 VERIFY(cmd == SIOCDIFADDR);
1381 bcopy(&((struct ifreq *)(void *)data)->ifr_addr,
1382 &addr, sizeof (addr));
1383 bzero(&dstaddr, sizeof (dstaddr));
1384 }
1385
1386 if (addr.sin_family == AF_INET) {
1387 struct in_ifaddr *oia;
1388
1389 lck_rw_lock_shared(in_ifaddr_rwlock);
1390 for (oia = ia; ia; ia = ia->ia_link.tqe_next) {
1391 IFA_LOCK(&ia->ia_ifa);
1392 if (ia->ia_ifp == ifp &&
1393 ia->ia_addr.sin_addr.s_addr ==
1394 addr.sin_addr.s_addr) {
1395 IFA_ADDREF_LOCKED(&ia->ia_ifa);
1396 IFA_UNLOCK(&ia->ia_ifa);
1397 break;
1398 }
1399 IFA_UNLOCK(&ia->ia_ifa);
1400 }
1401 lck_rw_done(in_ifaddr_rwlock);
1402 if (oia != NULL)
1403 IFA_REMREF(&oia->ia_ifa);
1404 if ((ifp->if_flags & IFF_POINTOPOINT) &&
1405 (cmd == SIOCAIFADDR) &&
1406 (dstaddr.sin_addr.s_addr == INADDR_ANY)) {
1407 error = EDESTADDRREQ;
1408 goto done;
1409 }
1410 } else if (cmd == SIOCAIFADDR) {
1411 error = EINVAL;
1412 goto done;
1413 }
1414 if (cmd == SIOCDIFADDR && ia == NULL) {
1415 error = EADDRNOTAVAIL;
1416 goto done;
1417 }
1418 /* FALLTHROUGH */
1419 case SIOCSIFADDR: /* struct ifreq */
1420 case SIOCSIFDSTADDR: /* struct ifreq */
1421 case SIOCSIFNETMASK: /* struct ifreq */
1422 if (cmd == SIOCAIFADDR) {
1423 /* fell thru from above; just repeat it */
1424 bcopy(&((struct in_aliasreq *)(void *)data)->
1425 ifra_addr, &addr, sizeof (addr));
1426 } else {
1427 VERIFY(cmd == SIOCDIFADDR || cmd == SIOCSIFADDR ||
1428 cmd == SIOCSIFNETMASK || cmd == SIOCSIFDSTADDR);
1429 bcopy(&((struct ifreq *)(void *)data)->ifr_addr,
1430 &addr, sizeof (addr));
1431 }
1432
1433 if (addr.sin_family != AF_INET && cmd == SIOCSIFADDR) {
1434 error = EINVAL;
1435 goto done;
1436 }
1437 if (ia == NULL) {
1438 ia = in_ifaddr_alloc(M_WAITOK);
1439 if (ia == NULL) {
1440 error = ENOBUFS;
1441 goto done;
1442 }
1443 ifnet_lock_exclusive(ifp);
1444 ifa = &ia->ia_ifa;
1445 IFA_LOCK(ifa);
1446 /* Hold a reference for this routine */
1447 IFA_ADDREF_LOCKED(ifa);
1448 IA_HASH_INIT(ia);
1449 ifa->ifa_addr = (struct sockaddr *)&ia->ia_addr;
1450 ifa->ifa_dstaddr = (struct sockaddr *)&ia->ia_dstaddr;
1451 ifa->ifa_netmask = (struct sockaddr *)&ia->ia_sockmask;
1452 ia->ia_sockmask.sin_len = 8;
1453 if (ifp->if_flags & IFF_BROADCAST) {
1454 ia->ia_broadaddr.sin_len = sizeof (ia->ia_addr);
1455 ia->ia_broadaddr.sin_family = AF_INET;
1456 }
1457 ia->ia_ifp = ifp;
1458 if (!(ifp->if_flags & IFF_LOOPBACK))
1459 in_interfaces++;
1460 /* if_attach_ifa() holds a reference for ifa_link */
1461 if_attach_ifa(ifp, ifa);
1462 /*
1463 * If we have to go through in_ifinit(), make sure
1464 * to avoid installing route(s) based on this address
1465 * via PFC_IFUP event, before the link resolver (ARP)
1466 * initializes it.
1467 */
1468 if (cmd == SIOCAIFADDR || cmd == SIOCSIFADDR)
1469 ifa->ifa_debug |= IFD_NOTREADY;
1470 IFA_UNLOCK(ifa);
1471 ifnet_lock_done(ifp);
1472 lck_rw_lock_exclusive(in_ifaddr_rwlock);
1473 /* Hold a reference for ia_link */
1474 IFA_ADDREF(ifa);
1475 TAILQ_INSERT_TAIL(&in_ifaddrhead, ia, ia_link);
1476 lck_rw_done(in_ifaddr_rwlock);
1477 /* discard error */
1478 (void) in_domifattach(ifp);
1479 error = 0;
1480 }
1481 break;
1482 }
1483
1484 switch (cmd) {
1485 case SIOCGIFDSTADDR: /* struct ifreq */
1486 case SIOCSIFDSTADDR: /* struct ifreq */
1487 error = inctl_ifdstaddr(ifp, ia, cmd, ifr);
1488 break;
1489
1490 case SIOCGIFBRDADDR: /* struct ifreq */
1491 case SIOCSIFBRDADDR: /* struct ifreq */
1492 error = inctl_ifbrdaddr(ifp, ia, cmd, ifr);
1493 break;
1494
1495 case SIOCGIFNETMASK: /* struct ifreq */
1496 case SIOCSIFNETMASK: /* struct ifreq */
1497 error = inctl_ifnetmask(ifp, ia, cmd, ifr);
1498 break;
1499
1500 case SIOCGIFADDR: /* struct ifreq */
1501 case SIOCSIFADDR: /* struct ifreq */
1502 case SIOCAIFADDR: /* struct {if,in_}aliasreq */
1503 case SIOCDIFADDR: /* struct ifreq */
1504 error = inctl_ifaddr(ifp, ia, cmd, ifr);
1505 break;
1506
1507 default:
1508 error = EOPNOTSUPP;
1509 break;
1510 }
1511done:
1512 if (ia != NULL)
1513 IFA_REMREF(&ia->ia_ifa);
1514 if (so_unlocked)
1515 socket_lock(so, 0);
1516
1517 return (error);
1518}
1519
1520/*
1521 * Delete any existing route for an interface.
1522 */
1523void
1524in_ifscrub(struct ifnet *ifp, struct in_ifaddr *ia, int locked)
1525{
1526 IFA_LOCK(&ia->ia_ifa);
1527 if ((ia->ia_flags & IFA_ROUTE) == 0) {
1528 IFA_UNLOCK(&ia->ia_ifa);
1529 return;
1530 }
1531 IFA_UNLOCK(&ia->ia_ifa);
1532 if (!locked)
1533 lck_mtx_lock(rnh_lock);
1534 if (ifp->if_flags & (IFF_LOOPBACK|IFF_POINTOPOINT))
1535 rtinit_locked(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST);
1536 else
1537 rtinit_locked(&(ia->ia_ifa), (int)RTM_DELETE, 0);
1538 IFA_LOCK(&ia->ia_ifa);
1539 ia->ia_flags &= ~IFA_ROUTE;
1540 IFA_UNLOCK(&ia->ia_ifa);
1541 if (!locked)
1542 lck_mtx_unlock(rnh_lock);
1543}
1544
1545/*
1546 * Caller must hold in_ifaddr_rwlock as writer.
1547 */
1548static void
1549in_iahash_remove(struct in_ifaddr *ia)
1550{
1551 LCK_RW_ASSERT(in_ifaddr_rwlock, LCK_RW_ASSERT_EXCLUSIVE);
1552 IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
1553
1554 if (!IA_IS_HASHED(ia)) {
1555 panic("attempt to remove wrong ia %p from hash table\n", ia);
1556 /* NOTREACHED */
1557 }
1558 TAILQ_REMOVE(INADDR_HASH(ia->ia_addr.sin_addr.s_addr), ia, ia_hash);
1559 IA_HASH_INIT(ia);
1560 if (IFA_REMREF_LOCKED(&ia->ia_ifa) == NULL) {
1561 panic("%s: unexpected (missing) refcnt ifa=%p", __func__,
1562 &ia->ia_ifa);
1563 /* NOTREACHED */
1564 }
1565}
1566
1567/*
1568 * Caller must hold in_ifaddr_rwlock as writer.
1569 */
1570static void
1571in_iahash_insert(struct in_ifaddr *ia)
1572{
1573 LCK_RW_ASSERT(in_ifaddr_rwlock, LCK_RW_ASSERT_EXCLUSIVE);
1574 IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
1575
1576 if (ia->ia_addr.sin_family != AF_INET) {
1577 panic("attempt to insert wrong ia %p into hash table\n", ia);
1578 /* NOTREACHED */
1579 } else if (IA_IS_HASHED(ia)) {
1580 panic("attempt to double-insert ia %p into hash table\n", ia);
1581 /* NOTREACHED */
1582 }
1583 TAILQ_INSERT_HEAD(INADDR_HASH(ia->ia_addr.sin_addr.s_addr),
1584 ia, ia_hash);
1585 IFA_ADDREF_LOCKED(&ia->ia_ifa);
1586}
1587
1588/*
1589 * Some point to point interfaces that are tunnels borrow the address from
1590 * an underlying interface (e.g. VPN server). In order for source address
1591 * selection logic to find the underlying interface first, we add the address
1592 * of borrowing point to point interfaces at the end of the list.
1593 * (see rdar://6733789)
1594 *
1595 * Caller must hold in_ifaddr_rwlock as writer.
1596 */
1597static void
1598in_iahash_insert_ptp(struct in_ifaddr *ia)
1599{
1600 struct in_ifaddr *tmp_ifa;
1601 struct ifnet *tmp_ifp;
1602
1603 LCK_RW_ASSERT(in_ifaddr_rwlock, LCK_RW_ASSERT_EXCLUSIVE);
1604 IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
1605
1606 if (ia->ia_addr.sin_family != AF_INET) {
1607 panic("attempt to insert wrong ia %p into hash table\n", ia);
1608 /* NOTREACHED */
1609 } else if (IA_IS_HASHED(ia)) {
1610 panic("attempt to double-insert ia %p into hash table\n", ia);
1611 /* NOTREACHED */
1612 }
1613 IFA_UNLOCK(&ia->ia_ifa);
1614 TAILQ_FOREACH(tmp_ifa, INADDR_HASH(ia->ia_addr.sin_addr.s_addr),
1615 ia_hash) {
1616 IFA_LOCK(&tmp_ifa->ia_ifa);
1617 /* ia->ia_addr won't change, so check without lock */
1618 if (IA_SIN(tmp_ifa)->sin_addr.s_addr ==
1619 ia->ia_addr.sin_addr.s_addr) {
1620 IFA_UNLOCK(&tmp_ifa->ia_ifa);
1621 break;
1622 }
1623 IFA_UNLOCK(&tmp_ifa->ia_ifa);
1624 }
1625 tmp_ifp = (tmp_ifa == NULL) ? NULL : tmp_ifa->ia_ifp;
1626
1627 IFA_LOCK(&ia->ia_ifa);
1628 if (tmp_ifp == NULL) {
1629 TAILQ_INSERT_HEAD(INADDR_HASH(ia->ia_addr.sin_addr.s_addr),
1630 ia, ia_hash);
1631 } else {
1632 TAILQ_INSERT_TAIL(INADDR_HASH(ia->ia_addr.sin_addr.s_addr),
1633 ia, ia_hash);
1634 }
1635 IFA_ADDREF_LOCKED(&ia->ia_ifa);
1636}
1637
1638/*
1639 * Initialize an interface's internet address
1640 * and routing table entry.
1641 */
1642static int
1643in_ifinit(struct ifnet *ifp, struct in_ifaddr *ia, struct sockaddr_in *sin,
1644 int scrub)
1645{
1646 u_int32_t i = ntohl(sin->sin_addr.s_addr);
1647 struct sockaddr_in oldaddr;
1648 int flags = RTF_UP, error;
1649 struct ifaddr *ifa0;
1650 unsigned int cmd;
1651 int oldremoved = 0;
1652
1653 /* Take an extra reference for this routine */
1654 IFA_ADDREF(&ia->ia_ifa);
1655
1656 lck_rw_lock_exclusive(in_ifaddr_rwlock);
1657 IFA_LOCK(&ia->ia_ifa);
1658 oldaddr = ia->ia_addr;
1659 if (IA_IS_HASHED(ia)) {
1660 oldremoved = 1;
1661 in_iahash_remove(ia);
1662 }
1663 ia->ia_addr = *sin;
1664 /*
1665 * Interface addresses should not contain port or sin_zero information.
1666 */
1667 SIN(&ia->ia_addr)->sin_family = AF_INET;
1668 SIN(&ia->ia_addr)->sin_len = sizeof (struct sockaddr_in);
1669 SIN(&ia->ia_addr)->sin_port = 0;
1670 bzero(&SIN(&ia->ia_addr)->sin_zero, sizeof (sin->sin_zero));
1671 if ((ifp->if_flags & IFF_POINTOPOINT))
1672 in_iahash_insert_ptp(ia);
1673 else
1674 in_iahash_insert(ia);
1675 IFA_UNLOCK(&ia->ia_ifa);
1676 lck_rw_done(in_ifaddr_rwlock);
1677
1678 /*
1679 * Give the interface a chance to initialize if this is its first
1680 * address, and to validate the address if necessary. Send down
1681 * SIOCSIFADDR for first address, and SIOCAIFADDR for alias(es).
1682 * We find the first IPV4 address assigned to it and check if this
1683 * is the same as the one passed into this routine.
1684 */
1685 ifa0 = ifa_ifpgetprimary(ifp, AF_INET);
1686 cmd = (&ia->ia_ifa == ifa0) ? SIOCSIFADDR : SIOCAIFADDR;
1687 error = ifnet_ioctl(ifp, PF_INET, cmd, ia);
1688 if (error == EOPNOTSUPP)
1689 error = 0;
1690 /*
1691 * If we've just sent down SIOCAIFADDR, send another ioctl down
1692 * for SIOCSIFADDR for the first IPV4 address of the interface,
1693 * because an address change on one of the addresses will result
1694 * in the removal of the previous first IPV4 address. KDP needs
1695 * be reconfigured with the current primary IPV4 address.
1696 */
1697 if (error == 0 && cmd == SIOCAIFADDR) {
1698 /*
1699 * NOTE: SIOCSIFADDR is defined with struct ifreq
1700 * as parameter, but here we are sending it down
1701 * to the interface with a pointer to struct ifaddr,
1702 * for legacy reasons.
1703 */
1704 error = ifnet_ioctl(ifp, PF_INET, SIOCSIFADDR, ifa0);
1705 if (error == EOPNOTSUPP)
1706 error = 0;
1707 }
1708
1709 /* Release reference from ifa_ifpgetprimary() */
1710 IFA_REMREF(ifa0);
1711
1712 if (error) {
1713 lck_rw_lock_exclusive(in_ifaddr_rwlock);
1714 IFA_LOCK(&ia->ia_ifa);
1715 if (IA_IS_HASHED(ia))
1716 in_iahash_remove(ia);
1717 ia->ia_addr = oldaddr;
1718 if (oldremoved) {
1719 if ((ifp->if_flags & IFF_POINTOPOINT))
1720 in_iahash_insert_ptp(ia);
1721 else
1722 in_iahash_insert(ia);
1723 }
1724 IFA_UNLOCK(&ia->ia_ifa);
1725 lck_rw_done(in_ifaddr_rwlock);
1726 /* Release extra reference taken above */
1727 IFA_REMREF(&ia->ia_ifa);
1728 return (error);
1729 }
1730 lck_mtx_lock(rnh_lock);
1731 IFA_LOCK(&ia->ia_ifa);
1732 /*
1733 * Address has been initialized by the link resolver (ARP)
1734 * via ifnet_ioctl() above; it may now generate route(s).
1735 */
1736 ia->ia_ifa.ifa_debug &= ~IFD_NOTREADY;
1737 if (scrub) {
1738 ia->ia_ifa.ifa_addr = (struct sockaddr *)&oldaddr;
1739 IFA_UNLOCK(&ia->ia_ifa);
1740 in_ifscrub(ifp, ia, 1);
1741 IFA_LOCK(&ia->ia_ifa);
1742 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr;
1743 }
1744 IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
1745 if (IN_CLASSA(i))
1746 ia->ia_netmask = IN_CLASSA_NET;
1747 else if (IN_CLASSB(i))
1748 ia->ia_netmask = IN_CLASSB_NET;
1749 else
1750 ia->ia_netmask = IN_CLASSC_NET;
1751 /*
1752 * The subnet mask usually includes at least the standard network part,
1753 * but may may be smaller in the case of supernetting.
1754 * If it is set, we believe it.
1755 */
1756 if (ia->ia_subnetmask == 0) {
1757 ia->ia_subnetmask = ia->ia_netmask;
1758 ia->ia_sockmask.sin_addr.s_addr = htonl(ia->ia_subnetmask);
1759 } else
1760 ia->ia_netmask &= ia->ia_subnetmask;
1761 ia->ia_net = i & ia->ia_netmask;
1762 ia->ia_subnet = i & ia->ia_subnetmask;
1763 in_socktrim(&ia->ia_sockmask);
1764 /*
1765 * Add route for the network.
1766 */
1767 ia->ia_ifa.ifa_metric = ifp->if_metric;
1768 if (ifp->if_flags & IFF_BROADCAST) {
1769 ia->ia_broadaddr.sin_addr.s_addr =
1770 htonl(ia->ia_subnet | ~ia->ia_subnetmask);
1771 ia->ia_netbroadcast.s_addr =
1772 htonl(ia->ia_net | ~ ia->ia_netmask);
1773 } else if (ifp->if_flags & IFF_LOOPBACK) {
1774 ia->ia_ifa.ifa_dstaddr = ia->ia_ifa.ifa_addr;
1775 flags |= RTF_HOST;
1776 } else if (ifp->if_flags & IFF_POINTOPOINT) {
1777 if (ia->ia_dstaddr.sin_family != AF_INET) {
1778 IFA_UNLOCK(&ia->ia_ifa);
1779 lck_mtx_unlock(rnh_lock);
1780 /* Release extra reference taken above */
1781 IFA_REMREF(&ia->ia_ifa);
1782 return (0);
1783 }
1784 ia->ia_dstaddr.sin_len = sizeof (struct sockaddr_in);
1785 flags |= RTF_HOST;
1786 }
1787 IFA_UNLOCK(&ia->ia_ifa);
1788
1789 if ((error = rtinit_locked(&(ia->ia_ifa), (int)RTM_ADD, flags)) == 0) {
1790 IFA_LOCK(&ia->ia_ifa);
1791 ia->ia_flags |= IFA_ROUTE;
1792 IFA_UNLOCK(&ia->ia_ifa);
1793 }
1794 lck_mtx_unlock(rnh_lock);
1795
1796 /* XXX check if the subnet route points to the same interface */
1797 if (error == EEXIST)
1798 error = 0;
1799
1800 /*
1801 * If the interface supports multicast, join the "all hosts"
1802 * multicast group on that interface.
1803 */
1804 if (ifp->if_flags & IFF_MULTICAST) {
1805 struct in_addr addr;
1806
1807 lck_mtx_lock(&ifp->if_addrconfig_lock);
1808 addr.s_addr = htonl(INADDR_ALLHOSTS_GROUP);
1809 if (ifp->if_allhostsinm == NULL) {
1810 struct in_multi *inm;
1811 inm = in_addmulti(&addr, ifp);
1812
1813 if (inm != NULL) {
1814 /*
1815 * Keep the reference on inm added by
1816 * in_addmulti above for storing the
1817 * pointer in allhostsinm.
1818 */
1819 ifp->if_allhostsinm = inm;
1820 } else {
1821 printf("%s: failed to add membership to "
1822 "all-hosts multicast address on %s\n",
1823 __func__, if_name(ifp));
1824 }
1825 }
1826 lck_mtx_unlock(&ifp->if_addrconfig_lock);
1827 }
1828
1829 /* Release extra reference taken above */
1830 IFA_REMREF(&ia->ia_ifa);
1831
1832 if (error == 0) {
1833 /* invalidate route caches */
1834 routegenid_inet_update();
1835 }
1836
1837 return (error);
1838}
1839
1840/*
1841 * Return TRUE if the address might be a local broadcast address.
1842 */
1843boolean_t
1844in_broadcast(struct in_addr in, struct ifnet *ifp)
1845{
1846 struct ifaddr *ifa;
1847 u_int32_t t;
1848
1849 if (in.s_addr == INADDR_BROADCAST || in.s_addr == INADDR_ANY)
1850 return (TRUE);
1851 if (!(ifp->if_flags & IFF_BROADCAST))
1852 return (FALSE);
1853 t = ntohl(in.s_addr);
1854
1855 /*
1856 * Look through the list of addresses for a match
1857 * with a broadcast address.
1858 */
1859#define ia ((struct in_ifaddr *)ifa)
1860 ifnet_lock_shared(ifp);
1861 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1862 IFA_LOCK(ifa);
1863 if (ifa->ifa_addr->sa_family == AF_INET &&
1864 (in.s_addr == ia->ia_broadaddr.sin_addr.s_addr ||
1865 in.s_addr == ia->ia_netbroadcast.s_addr ||
1866 /*
1867 * Check for old-style (host 0) broadcast.
1868 */
1869 t == ia->ia_subnet || t == ia->ia_net) &&
1870 /*
1871 * Check for an all one subnetmask. These
1872 * only exist when an interface gets a secondary
1873 * address.
1874 */
1875 ia->ia_subnetmask != (u_int32_t)0xffffffff) {
1876 IFA_UNLOCK(ifa);
1877 ifnet_lock_done(ifp);
1878 return (TRUE);
1879 }
1880 IFA_UNLOCK(ifa);
1881 }
1882 ifnet_lock_done(ifp);
1883 return (FALSE);
1884#undef ia
1885}
1886
1887void
1888in_purgeaddrs(struct ifnet *ifp)
1889{
1890 struct ifaddr **ifap;
1891 int err, i;
1892
1893 VERIFY(ifp != NULL);
1894
1895 /*
1896 * Be nice, and try the civilized way first. If we can't get
1897 * rid of them this way, then do it the rough way. We must
1898 * only get here during detach time, after the ifnet has been
1899 * removed from the global list and arrays.
1900 */
1901 err = ifnet_get_address_list_family_internal(ifp, &ifap, AF_INET, 1,
1902 M_WAITOK, 0);
1903 if (err == 0 && ifap != NULL) {
1904 struct ifreq ifr;
1905
1906 bzero(&ifr, sizeof (ifr));
1907 (void) snprintf(ifr.ifr_name, sizeof (ifr.ifr_name),
1908 "%s", if_name(ifp));
1909
1910 for (i = 0; ifap[i] != NULL; i++) {
1911 struct ifaddr *ifa;
1912
1913 ifa = ifap[i];
1914 IFA_LOCK(ifa);
1915 bcopy(ifa->ifa_addr, &ifr.ifr_addr,
1916 sizeof (struct sockaddr_in));
1917 IFA_UNLOCK(ifa);
1918 err = in_control(NULL, SIOCDIFADDR, (caddr_t)&ifr, ifp,
1919 kernproc);
1920 /* if we lost the race, ignore it */
1921 if (err == EADDRNOTAVAIL)
1922 err = 0;
1923 if (err != 0) {
1924 char s_addr[MAX_IPv4_STR_LEN];
1925 char s_dstaddr[MAX_IPv4_STR_LEN];
1926 struct in_addr *s, *d;
1927
1928 IFA_LOCK(ifa);
1929 s = &((struct sockaddr_in *)
1930 (void *)ifa->ifa_addr)->sin_addr;
1931 d = &((struct sockaddr_in *)
1932 (void *)ifa->ifa_dstaddr)->sin_addr;
1933 (void) inet_ntop(AF_INET, &s->s_addr, s_addr,
1934 sizeof (s_addr));
1935 (void) inet_ntop(AF_INET, &d->s_addr, s_dstaddr,
1936 sizeof (s_dstaddr));
1937 IFA_UNLOCK(ifa);
1938
1939 printf("%s: SIOCDIFADDR ifp=%s ifa_addr=%s "
1940 "ifa_dstaddr=%s (err=%d)\n", __func__,
1941 ifp->if_xname, s_addr, s_dstaddr, err);
1942 }
1943 }
1944 ifnet_free_address_list(ifap);
1945 } else if (err != 0 && err != ENXIO) {
1946 printf("%s: error retrieving list of AF_INET addresses for "
1947 "ifp=%s (err=%d)\n", __func__, ifp->if_xname, err);
1948 }
1949}
1950
1951/*
1952 * Called as part of ip_init
1953 */
1954void
1955in_ifaddr_init(void)
1956{
1957 in_multi_init();
1958
1959 PE_parse_boot_argn("ifa_debug", &inifa_debug, sizeof (inifa_debug));
1960
1961 inifa_size = (inifa_debug == 0) ? sizeof (struct in_ifaddr) :
1962 sizeof (struct in_ifaddr_dbg);
1963
1964 inifa_zone = zinit(inifa_size, INIFA_ZONE_MAX * inifa_size,
1965 0, INIFA_ZONE_NAME);
1966 if (inifa_zone == NULL) {
1967 panic("%s: failed allocating %s", __func__, INIFA_ZONE_NAME);
1968 /* NOTREACHED */
1969 }
1970 zone_change(inifa_zone, Z_EXPAND, TRUE);
1971 zone_change(inifa_zone, Z_CALLERACCT, FALSE);
1972
1973 lck_mtx_init(&inifa_trash_lock, ifa_mtx_grp, ifa_mtx_attr);
1974 TAILQ_INIT(&inifa_trash_head);
1975}
1976
1977static struct in_ifaddr *
1978in_ifaddr_alloc(int how)
1979{
1980 struct in_ifaddr *inifa;
1981
1982 inifa = (how == M_WAITOK) ? zalloc(inifa_zone) :
1983 zalloc_noblock(inifa_zone);
1984 if (inifa != NULL) {
1985 bzero(inifa, inifa_size);
1986 inifa->ia_ifa.ifa_free = in_ifaddr_free;
1987 inifa->ia_ifa.ifa_debug |= IFD_ALLOC;
1988 ifa_lock_init(&inifa->ia_ifa);
1989 if (inifa_debug != 0) {
1990 struct in_ifaddr_dbg *inifa_dbg =
1991 (struct in_ifaddr_dbg *)inifa;
1992 inifa->ia_ifa.ifa_debug |= IFD_DEBUG;
1993 inifa->ia_ifa.ifa_trace = in_ifaddr_trace;
1994 inifa->ia_ifa.ifa_attached = in_ifaddr_attached;
1995 inifa->ia_ifa.ifa_detached = in_ifaddr_detached;
1996 ctrace_record(&inifa_dbg->inifa_alloc);
1997 }
1998 }
1999 return (inifa);
2000}
2001
2002static void
2003in_ifaddr_free(struct ifaddr *ifa)
2004{
2005 IFA_LOCK_ASSERT_HELD(ifa);
2006
2007 if (ifa->ifa_refcnt != 0) {
2008 panic("%s: ifa %p bad ref cnt", __func__, ifa);
2009 /* NOTREACHED */
2010 } if (!(ifa->ifa_debug & IFD_ALLOC)) {
2011 panic("%s: ifa %p cannot be freed", __func__, ifa);
2012 /* NOTREACHED */
2013 }
2014 if (ifa->ifa_debug & IFD_DEBUG) {
2015 struct in_ifaddr_dbg *inifa_dbg = (struct in_ifaddr_dbg *)ifa;
2016 ctrace_record(&inifa_dbg->inifa_free);
2017 bcopy(&inifa_dbg->inifa, &inifa_dbg->inifa_old,
2018 sizeof (struct in_ifaddr));
2019 if (ifa->ifa_debug & IFD_TRASHED) {
2020 /* Become a regular mutex, just in case */
2021 IFA_CONVERT_LOCK(ifa);
2022 lck_mtx_lock(&inifa_trash_lock);
2023 TAILQ_REMOVE(&inifa_trash_head, inifa_dbg,
2024 inifa_trash_link);
2025 lck_mtx_unlock(&inifa_trash_lock);
2026 ifa->ifa_debug &= ~IFD_TRASHED;
2027 }
2028 }
2029 IFA_UNLOCK(ifa);
2030 ifa_lock_destroy(ifa);
2031 bzero(ifa, sizeof (struct in_ifaddr));
2032 zfree(inifa_zone, ifa);
2033}
2034
2035static void
2036in_ifaddr_attached(struct ifaddr *ifa)
2037{
2038 struct in_ifaddr_dbg *inifa_dbg = (struct in_ifaddr_dbg *)ifa;
2039
2040 IFA_LOCK_ASSERT_HELD(ifa);
2041
2042 if (!(ifa->ifa_debug & IFD_DEBUG)) {
2043 panic("%s: ifa %p has no debug structure", __func__, ifa);
2044 /* NOTREACHED */
2045 }
2046 if (ifa->ifa_debug & IFD_TRASHED) {
2047 /* Become a regular mutex, just in case */
2048 IFA_CONVERT_LOCK(ifa);
2049 lck_mtx_lock(&inifa_trash_lock);
2050 TAILQ_REMOVE(&inifa_trash_head, inifa_dbg, inifa_trash_link);
2051 lck_mtx_unlock(&inifa_trash_lock);
2052 ifa->ifa_debug &= ~IFD_TRASHED;
2053 }
2054}
2055
2056static void
2057in_ifaddr_detached(struct ifaddr *ifa)
2058{
2059 struct in_ifaddr_dbg *inifa_dbg = (struct in_ifaddr_dbg *)ifa;
2060
2061 IFA_LOCK_ASSERT_HELD(ifa);
2062
2063 if (!(ifa->ifa_debug & IFD_DEBUG)) {
2064 panic("%s: ifa %p has no debug structure", __func__, ifa);
2065 /* NOTREACHED */
2066 } else if (ifa->ifa_debug & IFD_TRASHED) {
2067 panic("%s: ifa %p is already in trash list", __func__, ifa);
2068 /* NOTREACHED */
2069 }
2070 ifa->ifa_debug |= IFD_TRASHED;
2071 /* Become a regular mutex, just in case */
2072 IFA_CONVERT_LOCK(ifa);
2073 lck_mtx_lock(&inifa_trash_lock);
2074 TAILQ_INSERT_TAIL(&inifa_trash_head, inifa_dbg, inifa_trash_link);
2075 lck_mtx_unlock(&inifa_trash_lock);
2076}
2077
2078static void
2079in_ifaddr_trace(struct ifaddr *ifa, int refhold)
2080{
2081 struct in_ifaddr_dbg *inifa_dbg = (struct in_ifaddr_dbg *)ifa;
2082 ctrace_t *tr;
2083 u_int32_t idx;
2084 u_int16_t *cnt;
2085
2086 if (!(ifa->ifa_debug & IFD_DEBUG)) {
2087 panic("%s: ifa %p has no debug structure", __func__, ifa);
2088 /* NOTREACHED */
2089 }
2090 if (refhold) {
2091 cnt = &inifa_dbg->inifa_refhold_cnt;
2092 tr = inifa_dbg->inifa_refhold;
2093 } else {
2094 cnt = &inifa_dbg->inifa_refrele_cnt;
2095 tr = inifa_dbg->inifa_refrele;
2096 }
2097
2098 idx = atomic_add_16_ov(cnt, 1) % INIFA_TRACE_HIST_SIZE;
2099 ctrace_record(&tr[idx]);
2100}
2101
2102/*
2103 * Handle SIOCGASSOCIDS ioctl for PF_INET domain.
2104 */
2105static int
2106in_getassocids(struct socket *so, uint32_t *cnt, user_addr_t aidp)
2107{
2108 struct inpcb *inp = sotoinpcb(so);
2109 sae_associd_t aid;
2110
2111 if (inp == NULL || inp->inp_state == INPCB_STATE_DEAD)
2112 return (EINVAL);
2113
2114 /* INPCB has no concept of association */
2115 aid = SAE_ASSOCID_ANY;
2116 *cnt = 0;
2117
2118 /* just asking how many there are? */
2119 if (aidp == USER_ADDR_NULL)
2120 return (0);
2121
2122 return (copyout(&aid, aidp, sizeof (aid)));
2123}
2124
2125/*
2126 * Handle SIOCGCONNIDS ioctl for PF_INET domain.
2127 */
2128static int
2129in_getconnids(struct socket *so, sae_associd_t aid, uint32_t *cnt,
2130 user_addr_t cidp)
2131{
2132 struct inpcb *inp = sotoinpcb(so);
2133 sae_connid_t cid;
2134
2135 if (inp == NULL || inp->inp_state == INPCB_STATE_DEAD)
2136 return (EINVAL);
2137
2138 if (aid != SAE_ASSOCID_ANY && aid != SAE_ASSOCID_ALL)
2139 return (EINVAL);
2140
2141 /* if connected, return 1 connection count */
2142 *cnt = ((so->so_state & SS_ISCONNECTED) ? 1 : 0);
2143
2144 /* just asking how many there are? */
2145 if (cidp == USER_ADDR_NULL)
2146 return (0);
2147
2148 /* if INPCB is connected, assign it connid 1 */
2149 cid = ((*cnt != 0) ? 1 : SAE_CONNID_ANY);
2150
2151 return (copyout(&cid, cidp, sizeof (cid)));
2152}
2153
2154/*
2155 * Handle SIOCGCONNINFO ioctl for PF_INET domain.
2156 */
2157int
2158in_getconninfo(struct socket *so, sae_connid_t cid, uint32_t *flags,
2159 uint32_t *ifindex, int32_t *soerror, user_addr_t src, socklen_t *src_len,
2160 user_addr_t dst, socklen_t *dst_len, uint32_t *aux_type,
2161 user_addr_t aux_data, uint32_t *aux_len)
2162{
2163 struct inpcb *inp = sotoinpcb(so);
2164 struct sockaddr_in sin;
2165 struct ifnet *ifp = NULL;
2166 int error = 0;
2167 u_int32_t copy_len = 0;
2168
2169 /*
2170 * Don't test for INPCB_STATE_DEAD since this may be called
2171 * after SOF_PCBCLEARING is set, e.g. after tcp_close().
2172 */
2173 if (inp == NULL) {
2174 error = EINVAL;
2175 goto out;
2176 }
2177
2178 if (cid != SAE_CONNID_ANY && cid != SAE_CONNID_ALL && cid != 1) {
2179 error = EINVAL;
2180 goto out;
2181 }
2182
2183 ifp = inp->inp_last_outifp;
2184 *ifindex = ((ifp != NULL) ? ifp->if_index : 0);
2185 *soerror = so->so_error;
2186 *flags = 0;
2187 if (so->so_state & SS_ISCONNECTED)
2188 *flags |= (CIF_CONNECTED | CIF_PREFERRED);
2189 if (inp->inp_flags & INP_BOUND_IF)
2190 *flags |= CIF_BOUND_IF;
2191 if (!(inp->inp_flags & INP_INADDR_ANY))
2192 *flags |= CIF_BOUND_IP;
2193 if (!(inp->inp_flags & INP_ANONPORT))
2194 *flags |= CIF_BOUND_PORT;
2195
2196 bzero(&sin, sizeof (sin));
2197 sin.sin_len = sizeof (sin);
2198 sin.sin_family = AF_INET;
2199
2200 /* source address and port */
2201 sin.sin_port = inp->inp_lport;
2202 sin.sin_addr.s_addr = inp->inp_laddr.s_addr;
2203 if (*src_len == 0) {
2204 *src_len = sin.sin_len;
2205 } else {
2206 if (src != USER_ADDR_NULL) {
2207 copy_len = min(*src_len, sizeof (sin));
2208 error = copyout(&sin, src, copy_len);
2209 if (error != 0)
2210 goto out;
2211 *src_len = copy_len;
2212 }
2213 }
2214
2215 /* destination address and port */
2216 sin.sin_port = inp->inp_fport;
2217 sin.sin_addr.s_addr = inp->inp_faddr.s_addr;
2218 if (*dst_len == 0) {
2219 *dst_len = sin.sin_len;
2220 } else {
2221 if (dst != USER_ADDR_NULL) {
2222 copy_len = min(*dst_len, sizeof (sin));
2223 error = copyout(&sin, dst, copy_len);
2224 if (error != 0)
2225 goto out;
2226 *dst_len = copy_len;
2227 }
2228 }
2229
2230 if (SOCK_PROTO(so) == IPPROTO_TCP) {
2231 struct conninfo_tcp tcp_ci;
2232
2233 *aux_type = CIAUX_TCP;
2234 if (*aux_len == 0) {
2235 *aux_len = sizeof (tcp_ci);
2236 } else {
2237 if (aux_data != USER_ADDR_NULL) {
2238 copy_len = min(*aux_len, sizeof (tcp_ci));
2239 bzero(&tcp_ci, sizeof (tcp_ci));
2240 tcp_getconninfo(so, &tcp_ci);
2241 error = copyout(&tcp_ci, aux_data, copy_len);
2242 if (error != 0)
2243 goto out;
2244 *aux_len = copy_len;
2245 }
2246 }
2247 } else {
2248 *aux_type = 0;
2249 *aux_len = 0;
2250 }
2251
2252out:
2253 return (error);
2254}
2255
2256struct in_llentry {
2257 struct llentry base;
2258};
2259
2260#define IN_LLTBL_DEFAULT_HSIZE 32
2261#define IN_LLTBL_HASH(k, h) \
2262 ((((((((k) >> 8) ^ (k)) >> 8) ^ (k)) >> 8) ^ (k)) & ((h) - 1))
2263
2264/*
2265 * Do actual deallocation of @lle.
2266 */
2267static void
2268in_lltable_destroy_lle_unlocked(struct llentry *lle)
2269{
2270 LLE_LOCK_DESTROY(lle);
2271 LLE_REQ_DESTROY(lle);
2272 FREE(lle, M_LLTABLE);
2273}
2274
2275/*
2276 * Called by LLE_FREE_LOCKED when number of references
2277 * drops to zero.
2278 */
2279static void
2280in_lltable_destroy_lle(struct llentry *lle)
2281{
2282 LLE_WUNLOCK(lle);
2283 in_lltable_destroy_lle_unlocked(lle);
2284}
2285
2286static struct llentry *
2287in_lltable_new(struct in_addr addr4, u_int flags)
2288{
2289#pragma unused(flags)
2290 struct in_llentry *lle;
2291
2292 MALLOC(lle, struct in_llentry *, sizeof(struct in_llentry), M_LLTABLE, M_NOWAIT | M_ZERO);
2293 if (lle == NULL) /* NB: caller generates msg */
2294 return NULL;
2295
2296 /*
2297 * For IPv4 this will trigger "arpresolve" to generate
2298 * an ARP request.
2299 */
2300 lle->base.la_expire = net_uptime(); /* mark expired */
2301 lle->base.r_l3addr.addr4 = addr4;
2302 lle->base.lle_refcnt = 1;
2303 lle->base.lle_free = in_lltable_destroy_lle;
2304
2305 LLE_LOCK_INIT(&lle->base);
2306 LLE_REQ_INIT(&lle->base);
2307 //callout_init(&lle->base.lle_timer, 1);
2308
2309 return (&lle->base);
2310}
2311
2312#define IN_ARE_MASKED_ADDR_EQUAL(d, a, m) ( \
2313 ((((d).s_addr ^ (a).s_addr) & (m).s_addr)) == 0 )
2314
2315static int
2316in_lltable_match_prefix(const struct sockaddr *saddr,
2317 const struct sockaddr *smask, u_int flags, struct llentry *lle)
2318{
2319 struct in_addr addr, mask, lle_addr;
2320
2321 addr = ((const struct sockaddr_in *)(const void *)saddr)->sin_addr;
2322 mask = ((const struct sockaddr_in *)(const void *)smask)->sin_addr;
2323 lle_addr.s_addr = ntohl(lle->r_l3addr.addr4.s_addr);
2324
2325 if (IN_ARE_MASKED_ADDR_EQUAL(lle_addr, addr, mask) == 0)
2326 return (0);
2327
2328 if (lle->la_flags & LLE_IFADDR) {
2329 /*
2330 * Delete LLE_IFADDR records IFF address & flag matches.
2331 * Note that addr is the interface address within prefix
2332 * being matched.
2333 * Note also we should handle 'ifdown' cases without removing
2334 * ifaddr macs.
2335 */
2336 if (addr.s_addr == lle_addr.s_addr && (flags & LLE_STATIC) != 0)
2337 return (1);
2338 return (0);
2339 }
2340
2341 /* flags & LLE_STATIC means deleting both dynamic and static entries */
2342 if ((flags & LLE_STATIC) || !(lle->la_flags & LLE_STATIC))
2343 return (1);
2344
2345 return (0);
2346}
2347
2348static void
2349in_lltable_free_entry(struct lltable *llt, struct llentry *lle)
2350{
2351 struct ifnet *ifp;
2352 size_t pkts_dropped;
2353
2354 LLE_WLOCK_ASSERT(lle);
2355 KASSERT(llt != NULL, ("lltable is NULL"));
2356
2357 /* Unlink entry from table if not already */
2358 if ((lle->la_flags & LLE_LINKED) != 0) {
2359 ifp = llt->llt_ifp;
2360 IF_AFDATA_WLOCK_ASSERT(ifp, llt->llt_af);
2361 lltable_unlink_entry(llt, lle);
2362 }
2363
2364#if 0
2365 /* cancel timer */
2366 if (callout_stop(&lle->lle_timer) > 0)
2367 LLE_REMREF(lle);
2368#endif
2369 /* Drop hold queue */
2370 pkts_dropped = llentry_free(lle);
2371 arpstat.dropped += pkts_dropped;
2372}
2373
2374
2375static int
2376in_lltable_rtcheck(struct ifnet *ifp, u_int flags, const struct sockaddr *l3addr)
2377{
2378#pragma unused(flags)
2379 struct rtentry *rt;
2380
2381 KASSERT(l3addr->sa_family == AF_INET,
2382 ("sin_family %d", l3addr->sa_family));
2383
2384 /* XXX rtalloc1 should take a const param */
2385 rt = rtalloc1(__DECONST(struct sockaddr *, l3addr), 0, 0);
2386 if (rt == NULL || (rt->rt_flags & RTF_GATEWAY) || rt->rt_ifp != ifp) {
2387 log(LOG_INFO, "IPv4 address: \"%s\" is not on the network\n",
2388 inet_ntoa(((const struct sockaddr_in *)(const void *)l3addr)->sin_addr));
2389 if (rt != NULL)
2390 rtfree_locked(rt);
2391 return (EINVAL);
2392 }
2393 rtfree_locked(rt);
2394 return 0;
2395}
2396
2397static inline uint32_t
2398in_lltable_hash_dst(const struct in_addr dst, uint32_t hsize)
2399{
2400 return (IN_LLTBL_HASH(dst.s_addr, hsize));
2401}
2402
2403static uint32_t
2404in_lltable_hash(const struct llentry *lle, uint32_t hsize)
2405{
2406 return (in_lltable_hash_dst(lle->r_l3addr.addr4, hsize));
2407}
2408
2409
2410static void
2411in_lltable_fill_sa_entry(const struct llentry *lle, struct sockaddr *sa)
2412{
2413 struct sockaddr_in *sin;
2414
2415 sin = (struct sockaddr_in *)(void *)sa;
2416 bzero(sin, sizeof(*sin));
2417 sin->sin_family = AF_INET;
2418 sin->sin_len = sizeof(*sin);
2419 sin->sin_addr = lle->r_l3addr.addr4;
2420}
2421
2422static inline struct llentry *
2423in_lltable_find_dst(struct lltable *llt, struct in_addr dst)
2424{
2425 struct llentry *lle;
2426 struct llentries *lleh;
2427 u_int hashidx;
2428
2429 hashidx = in_lltable_hash_dst(dst, llt->llt_hsize);
2430 lleh = &llt->lle_head[hashidx];
2431 LIST_FOREACH(lle, lleh, lle_next) {
2432 if (lle->la_flags & LLE_DELETED)
2433 continue;
2434 if (lle->r_l3addr.addr4.s_addr == dst.s_addr)
2435 break;
2436 }
2437
2438 return (lle);
2439}
2440
2441static void
2442in_lltable_delete_entry(struct lltable *llt, struct llentry *lle)
2443{
2444#pragma unused(llt)
2445 lle->la_flags |= LLE_DELETED;
2446 //EVENTHANDLER_INVOKE(lle_event, lle, LLENTRY_DELETED);
2447#ifdef DIAGNOSTIC
2448 log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle);
2449#endif
2450 llentry_free(lle);
2451}
2452
2453static struct llentry *
2454in_lltable_alloc(struct lltable *llt, u_int flags, const struct sockaddr *l3addr)
2455{
2456 const struct sockaddr_in *sin = (const struct sockaddr_in *) (const void *)l3addr;
2457 struct ifnet *ifp = llt->llt_ifp;
2458 struct llentry *lle;
2459
2460 KASSERT(l3addr->sa_family == AF_INET,
2461 ("sin_family %d", l3addr->sa_family));
2462
2463 /*
2464 * A route that covers the given address must have
2465 * been installed 1st because we are doing a resolution,
2466 * verify this.
2467 */
2468 if (!(flags & LLE_IFADDR) &&
2469 in_lltable_rtcheck(ifp, flags, l3addr) != 0)
2470 return (NULL);
2471
2472 lle = in_lltable_new(sin->sin_addr, flags);
2473 if (lle == NULL) {
2474 log(LOG_INFO, "lla_lookup: new lle malloc failed\n");
2475 return (NULL);
2476 }
2477 lle->la_flags = flags & ~LLE_CREATE;
2478 if (flags & LLE_STATIC)
2479 lle->r_flags |= RLLE_VALID;
2480 if ((flags & LLE_IFADDR) == LLE_IFADDR) {
2481 lltable_set_entry_addr(ifp, lle, LLADDR(SDL(ifp->if_lladdr->ifa_addr)));
2482 lle->la_flags |= LLE_STATIC;
2483 lle->r_flags |= (RLLE_VALID | RLLE_IFADDR);
2484 }
2485 return (lle);
2486}
2487
2488/*
2489 * Return NULL if not found or marked for deletion.
2490 * If found return lle read locked.
2491 */
2492static struct llentry *
2493in_lltable_lookup(struct lltable *llt, u_int flags, const struct sockaddr *l3addr)
2494{
2495 const struct sockaddr_in *sin = (const struct sockaddr_in *)(const void *)l3addr;
2496 struct llentry *lle;
2497
2498 IF_AFDATA_WLOCK_ASSERT(llt->llt_ifp, llt->llt_af);
2499
2500 KASSERT(l3addr->sa_family == AF_INET,
2501 ("sin_family %d", l3addr->sa_family));
2502 lle = in_lltable_find_dst(llt, sin->sin_addr);
2503
2504 if (lle == NULL)
2505 return (NULL);
2506
2507 KASSERT((flags & (LLE_UNLOCKED|LLE_EXCLUSIVE)) !=
2508 (LLE_UNLOCKED|LLE_EXCLUSIVE),("wrong lle request flags: 0x%X",
2509 flags));
2510
2511 if (flags & LLE_UNLOCKED)
2512 return (lle);
2513
2514 if (flags & LLE_EXCLUSIVE)
2515 LLE_WLOCK(lle);
2516 else
2517 LLE_RLOCK(lle);
2518
2519 return (lle);
2520}
2521
2522static int
2523in_lltable_dump_entry(struct lltable *llt, struct llentry *lle,
2524 struct sysctl_req *wr)
2525{
2526 struct ifnet *ifp = llt->llt_ifp;
2527 /* XXX stack use */
2528 struct {
2529 struct rt_msghdr rtm;
2530 struct sockaddr_in sin;
2531 struct sockaddr_dl sdl;
2532 } arpc;
2533 struct sockaddr_dl *sdl;
2534 int error;
2535
2536 bzero(&arpc, sizeof(arpc));
2537 /* skip deleted entries */
2538 if ((lle->la_flags & LLE_DELETED) == LLE_DELETED)
2539 return (0);
2540 /* Skip if jailed and not a valid IP of the prison. */
2541 lltable_fill_sa_entry(lle,(struct sockaddr *)&arpc.sin);
2542 /*
2543 * produce a msg made of:
2544 * struct rt_msghdr;
2545 * struct sockaddr_in; (IPv4)
2546 * struct sockaddr_dl;
2547 */
2548 arpc.rtm.rtm_msglen = sizeof(arpc);
2549 arpc.rtm.rtm_version = RTM_VERSION;
2550 arpc.rtm.rtm_type = RTM_GET;
2551 arpc.rtm.rtm_flags = RTF_UP;
2552 arpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY;
2553
2554 /* publish */
2555 if (lle->la_flags & LLE_PUB)
2556 arpc.rtm.rtm_flags |= RTF_ANNOUNCE;
2557
2558 sdl = &arpc.sdl;
2559 sdl->sdl_family = AF_LINK;
2560 sdl->sdl_len = sizeof(*sdl);
2561 sdl->sdl_index = ifp->if_index;
2562 sdl->sdl_type = ifp->if_type;
2563 if ((lle->la_flags & LLE_VALID) == LLE_VALID) {
2564 sdl->sdl_alen = ifp->if_addrlen;
2565 bcopy(&lle->ll_addr, LLADDR(sdl), ifp->if_addrlen);
2566 } else {
2567 sdl->sdl_alen = 0;
2568 bzero(LLADDR(sdl), ifp->if_addrlen);
2569 }
2570
2571 arpc.rtm.rtm_rmx.rmx_expire =
2572 lle->la_flags & LLE_STATIC ? 0 : lle->la_expire;
2573 arpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA);
2574 if (lle->la_flags & LLE_STATIC)
2575 arpc.rtm.rtm_flags |= RTF_STATIC;
2576 if (lle->la_flags & LLE_IFADDR)
2577 arpc.rtm.rtm_flags |= RTF_PINNED;
2578 arpc.rtm.rtm_flags |= RTF_PINNED;
2579 arpc.rtm.rtm_index = ifp->if_index;
2580 error = SYSCTL_OUT(wr, &arpc, sizeof(arpc));
2581
2582 return (error);
2583}
2584
2585static struct lltable *
2586in_lltattach(struct ifnet *ifp)
2587{
2588 struct lltable *llt;
2589
2590 llt = lltable_allocate_htbl(IN_LLTBL_DEFAULT_HSIZE);
2591 llt->llt_af = AF_INET;
2592 llt->llt_ifp = ifp;
2593
2594 llt->llt_lookup = in_lltable_lookup;
2595 llt->llt_alloc_entry = in_lltable_alloc;
2596 llt->llt_delete_entry = in_lltable_delete_entry;
2597 llt->llt_dump_entry = in_lltable_dump_entry;
2598 llt->llt_hash = in_lltable_hash;
2599 llt->llt_fill_sa_entry = in_lltable_fill_sa_entry;
2600 llt->llt_free_entry = in_lltable_free_entry;
2601 llt->llt_match_prefix = in_lltable_match_prefix;
2602 lltable_link(llt);
2603
2604 return (llt);
2605}
2606
2607struct in_ifaddr*
2608inifa_ifpwithflag(struct ifnet * ifp, uint32_t flag)
2609{
2610 struct ifaddr *ifa;
2611
2612 ifnet_lock_shared(ifp);
2613 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_link)
2614 {
2615 IFA_LOCK_SPIN(ifa);
2616 if (ifa->ifa_addr->sa_family != AF_INET) {
2617 IFA_UNLOCK(ifa);
2618 continue;
2619 }
2620 if ((((struct in_ifaddr *)ifa)->ia_flags & flag) == flag) {
2621 IFA_ADDREF_LOCKED(ifa);
2622 IFA_UNLOCK(ifa);
2623 break;
2624 }
2625 IFA_UNLOCK(ifa);
2626 }
2627 ifnet_lock_done(ifp);
2628
2629 return ((struct in_ifaddr *)ifa);
2630}
2631
2632struct in_ifaddr *
2633inifa_ifpclatv4(struct ifnet * ifp)
2634{
2635 struct ifaddr *ifa;
2636
2637 ifnet_lock_shared(ifp);
2638 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_link)
2639 {
2640 uint32_t addr = 0;
2641 IFA_LOCK_SPIN(ifa);
2642 if (ifa->ifa_addr->sa_family != AF_INET) {
2643 IFA_UNLOCK(ifa);
2644 continue;
2645 }
2646
2647 addr = ntohl(SIN(ifa->ifa_addr)->sin_addr.s_addr);
2648 if (!IN_LINKLOCAL(addr) &&
2649 !IN_LOOPBACK(addr)) {
2650 IFA_ADDREF_LOCKED(ifa);
2651 IFA_UNLOCK(ifa);
2652 break;
2653 }
2654 IFA_UNLOCK(ifa);
2655 }
2656 ifnet_lock_done(ifp);
2657
2658 return ((struct in_ifaddr *)ifa);
2659}
2660