1/*
2 * Copyright (c) 2000-2022 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28/*
29 * Copyright (c) 1982, 1989, 1993
30 * The Regents of the University of California. All rights reserved.
31 *
32 * Redistribution and use in source and binary forms, with or without
33 * modification, are permitted provided that the following conditions
34 * are met:
35 * 1. Redistributions of source code must retain the above copyright
36 * notice, this list of conditions and the following disclaimer.
37 * 2. Redistributions in binary form must reproduce the above copyright
38 * notice, this list of conditions and the following disclaimer in the
39 * documentation and/or other materials provided with the distribution.
40 * 3. All advertising materials mentioning features or use of this software
41 * must display the following acknowledgement:
42 * This product includes software developed by the University of
43 * California, Berkeley and its contributors.
44 * 4. Neither the name of the University nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
47 *
48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
58 * SUCH DAMAGE.
59 *
60 */
61/*
62 * NOTICE: This file was modified by SPARTA, Inc. in 2006 to introduce
63 * support for mandatory and extensible security protections. This notice
64 * is included in support of clause 2.2 (b) of the Apple Public License,
65 * Version 2.0.
66 */
67
68
69#include <sys/param.h>
70#include <sys/systm.h>
71#include <sys/kernel.h>
72#include <sys/malloc.h>
73#include <sys/mbuf.h>
74#include <sys/socket.h>
75#include <sys/sockio.h>
76#include <sys/sysctl.h>
77
78#include <net/dlil.h>
79#include <net/if.h>
80#include <net/route.h>
81#include <net/if_llc.h>
82#include <net/if_dl.h>
83#include <net/if_types.h>
84#include <net/kpi_protocol.h>
85#include <netinet/in.h>
86#include <netinet/in_var.h>
87#include <netinet/if_ether.h>
88#include <netinet/in_systm.h>
89#include <netinet/ip.h>
90#include <netinet/in_arp.h>
91
92#include <sys/socketvar.h>
93
94#include <net/dlil.h>
95
96/* #include "vlan.h" */
97#if NVLAN > 0
98#include <net/if_vlan_var.h>
99#endif /* NVLAN > 0 */
100#include <net/ether_if_module.h>
101#if CONFIG_MACF
102#include <security/mac_framework.h>
103#endif
104
105#include <net/sockaddr_utils.h>
106
107/* Local function declarations */
108extern void *kdp_get_interface(void);
109extern void kdp_set_ip_and_mac_addresses(struct in_addr *ipaddr,
110 struct ether_addr *macaddr);
111
112#define _ip_copy(dst, src) \
113 bcopy(src, dst, sizeof (struct in_addr))
114
115static void
116ether_inet_arp_input(struct ifnet *ifp, struct mbuf *m)
117{
118 struct ether_arp *ea;
119 struct sockaddr_dl sender_hw;
120 struct sockaddr_in sender_ip;
121 struct sockaddr_in target_ip;
122
123 if (mbuf_len(mbuf: m) < sizeof(*ea) && mbuf_pullup(mbuf: &m, len: sizeof(*ea)) != 0) {
124 return;
125 }
126
127 ea = mbuf_data(mbuf: m);
128
129 /* Verify this is an ethernet/ip arp and address lengths are correct */
130 if (ntohs(ea->arp_hrd) != ARPHRD_ETHER ||
131 ntohs(ea->arp_pro) != ETHERTYPE_IP ||
132 ea->arp_pln != sizeof(struct in_addr) ||
133 ea->arp_hln != ETHER_ADDR_LEN) {
134 mbuf_freem(mbuf: m);
135 return;
136 }
137
138 /* Verify the sender is not broadcast */
139 if (bcmp(s1: ea->arp_sha, s2: etherbroadcastaddr, ETHER_ADDR_LEN) == 0) {
140 mbuf_freem(mbuf: m);
141 return;
142 }
143
144 SOCKADDR_ZERO(&sender_ip, sizeof(sender_ip));
145 sender_ip.sin_len = sizeof(sender_ip);
146 sender_ip.sin_family = AF_INET;
147 _ip_copy(&sender_ip.sin_addr, ea->arp_spa);
148 target_ip = sender_ip;
149 _ip_copy(&target_ip.sin_addr, ea->arp_tpa);
150
151 SOCKADDR_ZERO(&sender_hw, sizeof(sender_hw));
152 sender_hw.sdl_len = sizeof(sender_hw);
153 sender_hw.sdl_family = AF_LINK;
154 sender_hw.sdl_type = IFT_ETHER;
155 sender_hw.sdl_alen = ETHER_ADDR_LEN;
156 bcopy(src: ea->arp_sha, LLADDR(&sender_hw), ETHER_ADDR_LEN);
157
158 /* update L2 reachability record, if present */
159 arp_llreach_set_reachable(ifp, LLADDR(&sender_hw), ETHER_ADDR_LEN);
160
161 arp_ip_handle_input(ifp, ntohs(ea->arp_op), sender_hw: &sender_hw, sender_ip: &sender_ip,
162 target_ip: &target_ip);
163 mbuf_freem(mbuf: m);
164}
165
166/*
167 * Process a received Ethernet packet;
168 * the packet is in the mbuf chain m without
169 * the ether header, which is provided separately.
170 */
171static errno_t
172ether_inet_input(ifnet_t ifp, protocol_family_t protocol_family,
173 mbuf_t m_list)
174{
175#pragma unused(ifp, protocol_family)
176 mbuf_t m;
177 mbuf_t *tailptr = &m_list;
178 mbuf_t nextpkt;
179 bool is_cache_valid = false;
180 u_char cached_shost[ETHER_ADDR_LEN] = {};
181
182 /* Strip ARP and non-IP packets out of the list */
183 for (m = m_list; m; m = nextpkt) {
184 struct ether_header *eh = mbuf_pkthdr_header(mbuf: m);
185 struct ifnet *mifp;
186
187 /*
188 * Trust the ifp in the mbuf, rather than ifproto's
189 * since the packet could have been injected via
190 * a dlil_input_packet_list() using an ifp that is
191 * different than the one where the packet really
192 * came from.
193 */
194 mifp = mbuf_pkthdr_rcvif(mbuf: m);
195
196 nextpkt = m->m_nextpkt;
197
198 if (__probable(eh->ether_type == htons(ETHERTYPE_IP))) {
199 /*
200 * Update L2 reachability record, if present
201 * (and if not a broadcast sender).
202 * Note that M_BCAST will be already set by ether_demux()
203 */
204 if (__improbable((m->m_flags & M_BCAST) == 0 && (is_cache_valid == false ||
205 memcmp(eh->ether_shost, cached_shost, ETHER_ADDR_LEN) != 0))) {
206 memcpy(dst: eh->ether_shost, src: cached_shost, ETHER_ADDR_LEN);
207 is_cache_valid = true;
208
209 arp_llreach_set_reachable(mifp, eh->ether_shost,
210 ETHER_ADDR_LEN);
211 }
212 /* put this packet in the list */
213 *tailptr = m;
214 tailptr = &m->m_nextpkt;
215 } else {
216 /* Pass ARP packets to arp input */
217 m->m_nextpkt = NULL;
218 if (eh->ether_type == htons(ETHERTYPE_ARP)) {
219 ether_inet_arp_input(ifp: mifp, m);
220 } else {
221 mbuf_freem(mbuf: m);
222 }
223 }
224 }
225
226 *tailptr = NULL;
227
228 /* Pass IP list to ip input */
229 if (m_list != NULL && proto_input(PF_INET, packet: m_list) != 0) {
230 mbuf_freem_list(mbuf: m_list);
231 }
232
233 return EJUSTRETURN;
234}
235
236static errno_t
237ether_inet_pre_output(ifnet_t ifp, protocol_family_t protocol_family,
238 mbuf_t *m0, const struct sockaddr *dst_netaddr,
239 void *route, char *type, char *edst)
240{
241#pragma unused(protocol_family)
242 struct mbuf *m = *m0;
243 const struct ether_header *eh;
244 errno_t result = 0;
245
246 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) != (IFF_UP | IFF_RUNNING)) {
247 return ENETDOWN;
248 }
249
250 /*
251 * Tell ether_frameout it's ok to loop packet unless negated below.
252 */
253 m->m_flags |= M_LOOP;
254
255 switch (dst_netaddr->sa_family) {
256 case AF_INET: {
257 struct sockaddr_dl ll_dest = {};
258
259 result = arp_lookup_ip(interface: ifp,
260 SIN(dst_netaddr),
261 ll_dest: &ll_dest, ll_dest_len: sizeof(ll_dest), hint: (route_t)route, packet: *m0);
262 if (result == 0) {
263 u_int16_t ethertype_ip = htons(ETHERTYPE_IP);
264
265 bcopy(LLADDR(&ll_dest), dst: edst, ETHER_ADDR_LEN);
266 bcopy(src: &ethertype_ip, dst: type, n: sizeof(ethertype_ip));
267 }
268 break;
269 }
270
271 case pseudo_AF_HDRCMPLT:
272 case AF_UNSPEC:
273 m->m_flags &= ~M_LOOP;
274 eh = (const struct ether_header *)(uintptr_t)(size_t)
275 dst_netaddr->sa_data;
276 (void) memcpy(dst: edst, src: eh->ether_dhost, n: 6);
277 bcopy(src: &eh->ether_type, dst: type, n: sizeof(u_short));
278 break;
279
280 default:
281 printf("%s: can't handle af%d\n", if_name(ifp),
282 dst_netaddr->sa_family);
283
284 result = EAFNOSUPPORT;
285 break;
286 }
287
288 return result;
289}
290
291static errno_t
292ether_inet_resolve_multi(ifnet_t ifp, const struct sockaddr *proto_addr,
293 struct sockaddr_dl *out_ll, size_t ll_len)
294{
295 static const size_t minsize =
296 offsetof(struct sockaddr_dl, sdl_data[0]) + ETHER_ADDR_LEN;
297 const struct sockaddr_in *sin = SIN(proto_addr);
298
299 if (proto_addr->sa_family != AF_INET) {
300 return EAFNOSUPPORT;
301 }
302
303 if (proto_addr->sa_len < sizeof(struct sockaddr_in)) {
304 return EINVAL;
305 }
306
307 if (ll_len < minsize) {
308 return EMSGSIZE;
309 }
310
311 SOCKADDR_ZERO(out_ll, minsize);
312 out_ll->sdl_len = minsize;
313 out_ll->sdl_family = AF_LINK;
314 out_ll->sdl_index = ifp->if_index;
315 out_ll->sdl_type = IFT_ETHER;
316 out_ll->sdl_nlen = 0;
317 out_ll->sdl_alen = ETHER_ADDR_LEN;
318 out_ll->sdl_slen = 0;
319 ETHER_MAP_IP_MULTICAST(&sin->sin_addr, LLADDR(out_ll));
320
321 return 0;
322}
323
324static errno_t
325ether_inet_prmod_ioctl(ifnet_t ifp, protocol_family_t protocol_family,
326 u_long command, void *data)
327{
328#pragma unused(protocol_family)
329 int error = 0;
330
331 switch (command) {
332 case SIOCSIFADDR: /* struct ifaddr pointer */
333 case SIOCAIFADDR: { /* struct ifaddr pointer */
334 /*
335 * Note: caller of ifnet_ioctl() passes in pointer to
336 * struct ifaddr as parameter to SIOC{A,S}IFADDR, for
337 * legacy reasons.
338 */
339 struct ifaddr *ifa = data;
340
341 if (!(ifnet_flags(interface: ifp) & IFF_RUNNING)) {
342 ifnet_set_flags(interface: ifp, IFF_UP, IFF_UP);
343 ifnet_ioctl(interface: ifp, protocol: 0, SIOCSIFFLAGS, NULL);
344 }
345
346 if (ifaddr_address_family(ifaddr: ifa) != AF_INET) {
347 break;
348 }
349
350 inet_arp_init_ifaddr(ifp, ifa);
351
352 if (command != SIOCSIFADDR) {
353 break;
354 }
355
356 /*
357 * Register new IP and MAC addresses with the kernel
358 * debugger if the interface is the same as was registered
359 * by IOKernelDebugger. If no interface was registered,
360 * fall back and just match against en0 interface.
361 * Do this only for the first address of the interface
362 * and not for aliases.
363 */
364 if ((kdp_get_interface() != 0 &&
365 kdp_get_interface() == ifp->if_softc) ||
366 (kdp_get_interface() == 0 && ifp->if_unit == 0)) {
367 kdp_set_ip_and_mac_addresses(ipaddr: &(IA_SIN(ifa)->sin_addr),
368 macaddr: (struct ether_addr *)IF_LLADDR(ifp));
369 }
370 break;
371 }
372
373 case SIOCGIFADDR: { /* struct ifreq */
374 struct ifreq *ifr = data;
375 ifnet_guarded_lladdr_copy_bytes(interface: ifp, lladdr: ifr->ifr_addr.sa_data,
376 ETHER_ADDR_LEN);
377 break;
378 }
379
380 default:
381 error = EOPNOTSUPP;
382 break;
383 }
384
385 return error;
386}
387
388static void
389ether_inet_event(ifnet_t ifp, protocol_family_t protocol,
390 const struct kev_msg *event)
391{
392#pragma unused(protocol)
393 ifaddr_t *addresses;
394
395 if (event->vendor_code != KEV_VENDOR_APPLE ||
396 event->kev_class != KEV_NETWORK_CLASS ||
397 event->kev_subclass != KEV_DL_SUBCLASS ||
398 event->event_code != KEV_DL_LINK_ADDRESS_CHANGED) {
399 return;
400 }
401
402 if (ifnet_get_address_list_family(interface: ifp, addresses: &addresses, AF_INET) == 0) {
403 int i;
404
405 for (i = 0; addresses[i] != NULL; i++) {
406 inet_arp_init_ifaddr(ifp, addresses[i]);
407 }
408
409 ifnet_free_address_list(addresses);
410 }
411}
412
413static errno_t
414ether_inet_arp(ifnet_t ifp, u_short arpop, const struct sockaddr_dl *sender_hw,
415 const struct sockaddr *sender_proto, const struct sockaddr_dl *target_hw,
416 const struct sockaddr *target_proto)
417{
418 mbuf_t m;
419 errno_t result;
420 struct ether_header *eh;
421 struct ether_arp *ea;
422 const struct sockaddr_in *sender_ip =
423 SIN(sender_proto);
424 const struct sockaddr_inarp *target_ip =
425 __SA_UTILS_CONV_TO_SOCKADDR_INARP(target_proto);
426 char *datap;
427
428 if (target_ip == NULL) {
429 return EINVAL;
430 }
431
432 if ((sender_ip && sender_ip->sin_family != AF_INET) ||
433 target_ip->sin_family != AF_INET) {
434 return EAFNOSUPPORT;
435 }
436
437 result = mbuf_gethdr(how: MBUF_DONTWAIT, type: MBUF_TYPE_DATA, mbuf: &m);
438 if (result != 0) {
439 return result;
440 }
441
442 mbuf_setlen(mbuf: m, len: sizeof(*ea));
443 mbuf_pkthdr_setlen(mbuf: m, len: sizeof(*ea));
444
445 /* Move the data pointer in the mbuf to the end, aligned to 4 bytes */
446 datap = mbuf_datastart(mbuf: m);
447 datap += mbuf_trailingspace(mbuf: m);
448 datap -= (((uintptr_t)datap) & 0x3);
449 mbuf_setdata(mbuf: m, data: datap, len: sizeof(*ea));
450 ea = mbuf_data(mbuf: m);
451
452 /*
453 * Prepend the ethernet header, we will send the raw frame;
454 * callee frees the original mbuf when allocation fails.
455 */
456 result = mbuf_prepend(mbuf: &m, len: sizeof(*eh), how: MBUF_DONTWAIT);
457 if (result != 0) {
458 return result;
459 }
460
461 eh = mbuf_data(mbuf: m);
462 eh->ether_type = htons(ETHERTYPE_ARP);
463
464 /* Fill out the arp header */
465 ea->arp_pro = htons(ETHERTYPE_IP);
466 ea->arp_hln = sizeof(ea->arp_sha);
467 ea->arp_pln = sizeof(ea->arp_spa);
468 ea->arp_hrd = htons(ARPHRD_ETHER);
469 ea->arp_op = htons(arpop);
470
471 /* Sender Hardware */
472 if (sender_hw != NULL) {
473 bcopy(CONST_LLADDR(sender_hw), dst: ea->arp_sha,
474 n: sizeof(ea->arp_sha));
475 } else {
476 ifnet_lladdr_copy_bytes(interface: ifp, lladdr: ea->arp_sha, ETHER_ADDR_LEN);
477 }
478 ifnet_lladdr_copy_bytes(interface: ifp, lladdr: eh->ether_shost, length: sizeof(eh->ether_shost));
479
480 /* Sender IP */
481 if (sender_ip != NULL) {
482 bcopy(src: &sender_ip->sin_addr, dst: ea->arp_spa, n: sizeof(ea->arp_spa));
483 } else {
484 struct ifaddr *ifa;
485
486 /* Look for an IP address to use as our source */
487 ifnet_lock_shared(ifp);
488 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
489 IFA_LOCK(ifa);
490 if (ifa->ifa_addr != NULL &&
491 ifa->ifa_addr->sa_family == AF_INET) {
492 bcopy(src: &(SIN(ifa->ifa_addr))->sin_addr, dst: ea->arp_spa,
493 n: sizeof(ea->arp_spa));
494 IFA_UNLOCK(ifa);
495 break;
496 }
497 IFA_UNLOCK(ifa);
498 }
499 ifnet_lock_done(ifp);
500
501 if (ifa == NULL) {
502 mbuf_freem(mbuf: m);
503 return ENXIO;
504 }
505 }
506
507 /* Target Hardware */
508 if (target_hw == NULL) {
509 bzero(s: ea->arp_tha, n: sizeof(ea->arp_tha));
510 bcopy(src: etherbroadcastaddr, dst: eh->ether_dhost,
511 n: sizeof(eh->ether_dhost));
512 m->m_flags |= M_BCAST;
513 } else {
514 bcopy(CONST_LLADDR(target_hw), dst: ea->arp_tha,
515 n: sizeof(ea->arp_tha));
516 bcopy(CONST_LLADDR(target_hw), dst: eh->ether_dhost,
517 n: sizeof(eh->ether_dhost));
518
519 if (bcmp(s1: eh->ether_dhost, s2: etherbroadcastaddr,
520 ETHER_ADDR_LEN) == 0) {
521 m->m_flags |= M_BCAST;
522 }
523 }
524
525 /* Target IP */
526 bcopy(src: &target_ip->sin_addr, dst: ea->arp_tpa, n: sizeof(ea->arp_tpa));
527
528 /*
529 * PKTF_{INET,INET6}_RESOLVE_RTR are mutually exclusive, so make
530 * sure only one of them is set (just in case.)
531 */
532 m->m_pkthdr.pkt_flags &= ~(PKTF_INET6_RESOLVE | PKTF_RESOLVE_RTR);
533 m->m_pkthdr.pkt_flags |= PKTF_INET_RESOLVE;
534 /*
535 * If this is an ARP request for a (default) router, mark
536 * the packet accordingly so that the driver can find out,
537 * in case it needs to perform driver-specific action(s).
538 */
539 if (arpop == ARPOP_REQUEST && (target_ip->sin_other & SIN_ROUTER)) {
540 m->m_pkthdr.pkt_flags |= PKTF_RESOLVE_RTR;
541 }
542
543 if (ifp->if_eflags & IFEF_TXSTART) {
544 /*
545 * Use control service class if the interface
546 * supports transmit-start model
547 */
548 (void) m_set_service_class(m, MBUF_SC_CTL);
549 }
550
551 ifnet_output_raw(interface: ifp, IS_INTF_CLAT46(ifp) ? 0 : AF_INET, packet: m);
552
553 return 0;
554}
555
556errno_t
557ether_attach_inet(struct ifnet *ifp, protocol_family_t proto_family)
558{
559#pragma unused(proto_family)
560 struct ifnet_attach_proto_param_v2 proto;
561 struct ifnet_demux_desc demux[2];
562 u_short en_native = htons(ETHERTYPE_IP);
563 u_short arp_native = htons(ETHERTYPE_ARP);
564 errno_t error;
565
566 bzero(s: &demux[0], n: sizeof(demux));
567 demux[0].type = DLIL_DESC_ETYPE2;
568 demux[0].data = &en_native;
569 demux[0].datalen = sizeof(en_native);
570 demux[1].type = DLIL_DESC_ETYPE2;
571 demux[1].data = &arp_native;
572 demux[1].datalen = sizeof(arp_native);
573
574 bzero(s: &proto, n: sizeof(proto));
575 proto.demux_list = demux;
576 proto.demux_count = sizeof(demux) / sizeof(demux[0]);
577 proto.input = ether_inet_input;
578 proto.pre_output = ether_inet_pre_output;
579 proto.ioctl = ether_inet_prmod_ioctl;
580 proto.event = ether_inet_event;
581 proto.resolve = ether_inet_resolve_multi;
582 proto.send_arp = ether_inet_arp;
583
584 error = ifnet_attach_protocol_v2(interface: ifp, protocol_family: proto_family, proto_details: &proto);
585 if (error && error != EEXIST) {
586 printf("WARNING: %s can't attach ip to %s\n", __func__,
587 if_name(ifp));
588 }
589 return error;
590}
591
592void
593ether_detach_inet(struct ifnet *ifp, protocol_family_t proto_family)
594{
595 (void) ifnet_detach_protocol(interface: ifp, protocol_family: proto_family);
596}
597