in6.c source code [xnu/bsd/netinet6/in6.c]

1	/*
2	* Copyright (c) 2003-2022 Apple Inc. All rights reserved.
3	*
4	* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5	*
6	* This file contains Original Code and/or Modifications of Original Code
7	* as defined in and that are subject to the Apple Public Source License
8	* Version 2.0 (the 'License'). You may not use this file except in
9	* compliance with the License. The rights granted to you under the License
10	* may not be used to create, or enable the creation or redistribution of,
11	* unlawful or unlicensed copies of an Apple operating system, or to
12	* circumvent, violate, or enable the circumvention or violation of, any
13	* terms of an Apple operating system software license agreement.
14	*
15	* Please obtain a copy of the License at
16	* http://www.opensource.apple.com/apsl/ and read it before using this file.
17	*
18	* The Original Code and all software distributed under the License are
19	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23	* Please see the License for the specific language governing rights and
24	* limitations under the License.
25	*
26	* @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27	*/
28
29	/*
30	* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
31	* All rights reserved.
32	*
33	* Redistribution and use in source and binary forms, with or without
34	* modification, are permitted provided that the following conditions
35	* are met:
36	* 1. Redistributions of source code must retain the above copyright
37	* notice, this list of conditions and the following disclaimer.
38	* 2. Redistributions in binary form must reproduce the above copyright
39	* notice, this list of conditions and the following disclaimer in the
40	* documentation and/or other materials provided with the distribution.
41	* 3. Neither the name of the project nor the names of its contributors
42	* may be used to endorse or promote products derived from this software
43	* without specific prior written permission.
44	*
45	* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
46	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
47	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
48	* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
49	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
50	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
51	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
52	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
53	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
54	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
55	* SUCH DAMAGE.
56	*/
57
58	/*
59	* Copyright (c) 1982, 1986, 1991, 1993
60	* The Regents of the University of California. All rights reserved.
61	*
62	* Redistribution and use in source and binary forms, with or without
63	* modification, are permitted provided that the following conditions
64	* are met:
65	* 1. Redistributions of source code must retain the above copyright
66	* notice, this list of conditions and the following disclaimer.
67	* 2. Redistributions in binary form must reproduce the above copyright
68	* notice, this list of conditions and the following disclaimer in the
69	* documentation and/or other materials provided with the distribution.
70	* 3. All advertising materials mentioning features or use of this software
71	* must display the following acknowledgement:
72	* This product includes software developed by the University of
73	* California, Berkeley and its contributors.
74	* 4. Neither the name of the University nor the names of its contributors
75	* may be used to endorse or promote products derived from this software
76	* without specific prior written permission.
77	*
78	* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
79	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
80	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
81	* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
82	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
83	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
84	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
85	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
86	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
87	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
88	* SUCH DAMAGE.
89	*
90	* @(#)in.c 8.2 (Berkeley) 11/15/93
91	*/
92
93
94	#include <sys/param.h>
95	#include <sys/ioctl.h>
96	#include <sys/errno.h>
97	#include <sys/malloc.h>
98	#include <sys/socket.h>
99	#include <sys/socketvar.h>
100	#include <sys/sockio.h>
101	#include <sys/systm.h>
102	#include <sys/time.h>
103	#include <sys/kernel.h>
104	#include <sys/syslog.h>
105	#include <sys/kern_event.h>
106	#include <sys/mcache.h>
107	#include <sys/protosw.h>
108
109	#include <kern/locks.h>
110	#include <kern/zalloc.h>
111	#include <libkern/OSAtomic.h>
112	#include <machine/machine_routines.h>
113	#include <mach/boolean.h>
114
115	#include <net/if.h>
116	#include <net/if_types.h>
117	#include <net/if_var.h>
118	#include <net/route.h>
119	#include <net/if_dl.h>
120	#include <net/kpi_protocol.h>
121	#include <net/nwk_wq.h>
122
123	#include <netinet/in.h>
124	#include <netinet/in_var.h>
125	#include <netinet/if_ether.h>
126	#include <netinet/in_systm.h>
127	#include <netinet/ip.h>
128	#include <netinet/in_pcb.h>
129	#include <netinet/icmp6.h>
130	#include <netinet/tcp.h>
131	#include <netinet/tcp_seq.h>
132	#include <netinet/tcp_var.h>
133
134	#include <netinet6/nd6.h>
135	#include <netinet/ip6.h>
136	#include <netinet6/ip6_var.h>
137	#include <netinet6/mld6_var.h>
138	#include <netinet6/in6_ifattach.h>
139	#include <netinet6/scope6_var.h>
140	#include <netinet6/in6_var.h>
141	#include <netinet6/in6_pcb.h>
142
143	#include <net/net_osdep.h>
144
145	#include <net/dlil.h>
146
147	#if PF
148	#include <net/pfvar.h>
149	#endif /* PF */
150
151	#include <net/sockaddr_utils.h>
152
153	/*
154	* Definitions of some costant IP6 addresses.
155	*/
156	const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT;
157	const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT;
158	const struct in6_addr in6addr_nodelocal_allnodes =
159	IN6ADDR_NODELOCAL_ALLNODES_INIT;
160	const struct in6_addr in6addr_linklocal_allnodes =
161	IN6ADDR_LINKLOCAL_ALLNODES_INIT;
162	const struct in6_addr in6addr_linklocal_allrouters =
163	IN6ADDR_LINKLOCAL_ALLROUTERS_INIT;
164	const struct in6_addr in6addr_linklocal_allv2routers =
165	IN6ADDR_LINKLOCAL_ALLV2ROUTERS_INIT;
166	const struct in6_addr in6addr_multicast_prefix =
167	IN6ADDR_MULTICAST_PREFIX;
168
169	const struct in6_addr in6mask0 = IN6MASK0;
170	const struct in6_addr in6mask7 = IN6MASK7;
171	const struct in6_addr in6mask8 = IN6MASK8;
172	const struct in6_addr in6mask16 = IN6MASK16;
173	const struct in6_addr in6mask32 = IN6MASK32;
174	const struct in6_addr in6mask64 = IN6MASK64;
175	const struct in6_addr in6mask96 = IN6MASK96;
176	const struct in6_addr in6mask128 = IN6MASK128;
177
178	const struct sockaddr_in6 sa6_any = {
179	.sin6_len = sizeof(sa6_any),
180	.sin6_family = AF_INET6,
181	.sin6_port = `0`,
182	.sin6_flowinfo = `0`,
183	.sin6_addr = IN6ADDR_ANY_INIT,
184	.sin6_scope_id = `0`
185	};
186
187	static int in6ctl_associd(struct socket *, u_long, caddr_t);
188	static int in6ctl_connid(struct socket *, u_long, caddr_t);
189	static int in6ctl_conninfo(struct socket *, u_long, caddr_t);
190	static int in6ctl_llstart(struct ifnet *, u_long, caddr_t);
191	static int in6ctl_llstop(struct ifnet *);
192	static int in6ctl_cgastart(struct ifnet *, u_long, caddr_t);
193	static int in6ctl_gifaddr(struct ifnet , struct* in6_ifaddr *, u_long,
194	struct in6_ifreq *);
195	static int in6ctl_gifstat(struct ifnet , u_long, struct* in6_ifreq *);
196	static int in6ctl_alifetime(struct in6_ifaddr , u_long, struct* in6_ifreq *,
197	boolean_t);
198	static int in6ctl_aifaddr(struct ifnet , struct* in6_aliasreq *);
199	static void in6ctl_difaddr(struct ifnet , struct* in6_ifaddr *);
200	static int in6_autoconf(struct ifnet , int*);
201	static int in6_setrouter(struct ifnet *, ipv6_router_mode_t);
202	static int in6_ifinit(struct ifnet , struct* in6_ifaddr , int*);
203	static int in6_ifaupdate_aux(struct in6_ifaddr , struct* ifnet , int*);
204	static void in6_unlink_ifa(struct in6_ifaddr , struct* ifnet *);
205	static struct in6_ifaddr *in6_ifaddr_alloc(zalloc_flags_t);
206	static void in6_ifaddr_free(struct ifaddr *);
207	#if defined(__LP64__)
208	static void in6_cgareq_32_to_64(const struct in6_cgareq_32 *,
209	struct in6_cgareq_64 *);
210	#else
211	static void in6_cgareq_64_to_32(const struct in6_cgareq_64 *,
212	struct in6_cgareq_32 *);
213	#endif
214	static struct in6_aliasreq in6_aliasreq_to_native(void* , int*,
215	struct in6_aliasreq *);
216	static int in6_to_kamescope(struct sockaddr_in6 , struct* ifnet *);
217	static int in6_getassocids(struct socket , uint32_t , user_addr_t);
218	static int in6_getconnids(struct socket , sae_associd_t, uint32_t ,
219	user_addr_t);
220
221	static void in6_if_up_dad_start(struct ifnet *);
222
223	#define IA6_HASH_INIT(ia) { \
224	(ia)->ia6_hash.tqe_next = (void *)(uintptr_t)-1; \
225	(ia)->ia6_hash.tqe_prev = (void *)(uintptr_t)-1; \
226	}
227
228	#define IA6_IS_HASHED(ia) \
229	(!((ia)->ia6_hash.tqe_next == (void *)(uintptr_t)-1 \|\| \
230	(ia)->ia6_hash.tqe_prev == (void *)(uintptr_t)-1))
231
232	static void in6_iahash_remove(struct in6_ifaddr *);
233	static void in6_iahash_insert(struct in6_ifaddr *);
234	static void in6_iahash_insert_ptp(struct in6_ifaddr *);
235
236	struct eventhandler_lists_ctxt in6_evhdlr_ctxt;
237	struct eventhandler_lists_ctxt in6_clat46_evhdlr_ctxt;
238	/*
239	* Subroutine for in6_ifaddloop() and in6_ifremloop().
240	* This routine does actual work.
241	*/
242	static void
243	in6_ifloop_request(int cmd, struct ifaddr *ifa)
244	{
245	struct sockaddr_in6 all1_sa;
246	struct rtentry *nrt __single = NULL;
247	int e;
248
249	SOCKADDR_ZERO(&all1_sa, sizeof(all1_sa));
250	all1_sa.sin6_family = AF_INET6;
251	all1_sa.sin6_len = sizeof(struct sockaddr_in6);
252	all1_sa.sin6_addr = in6mask128;
253
254	/*
255	* We specify the address itself as the gateway, and set the
256	* RTF_LLINFO flag, so that the corresponding host route would have
257	* the flag, and thus applications that assume traditional behavior
258	* would be happy. Note that we assume the caller of the function
259	* (probably implicitly) set nd6_rtrequest() to ifa->ifa_rtrequest,
260	* which changes the outgoing interface to the loopback interface.
261	* ifa_addr for INET6 is set once during init; no need to hold lock.
262	*/
263	lck_mtx_lock(rnh_lock);
264	e = rtrequest_locked(cmd, ifa->ifa_addr, ifa->ifa_addr,
265	SA(&all1_sa), RTF_UP \| RTF_HOST \| RTF_LLINFO, &nrt);
266	if (e != `0`) {
267	log(LOG_ERR, "in6_ifloop_request: "
268	"%s operation failed for %s (errno=%d)\n",
269	cmd == RTM_ADD ? "ADD" : "DELETE",
270	ip6_sprintf(&((struct in6_ifaddr *)ifa)->ia_addr.sin6_addr),
271	e);
272	}
273
274	if (nrt != NULL) {
275	RT_LOCK(nrt);
276	}
277	/*
278	* Make sure rt_ifa be equal to IFA, the second argument of the
279	* function.
280	* We need this because when we refer to rt_ifa->ia6_flags in
281	* ip6_input, we assume that the rt_ifa points to the address instead
282	* of the loopback address.
283	*/
284	if (cmd == RTM_ADD && nrt && ifa != nrt->rt_ifa) {
285	rtsetifa(nrt, ifa);
286	}
287
288	/*
289	* Report the addition/removal of the address to the routing socket.
290	* XXX: since we called rtinit for a p2p interface with a destination,
291	* we end up reporting twice in such a case. Should we rather
292	* omit the second report?
293	*/
294	if (nrt != NULL) {
295	rt_newaddrmsg((u_char)cmd, ifa, e, nrt);
296	if (cmd == RTM_DELETE) {
297	RT_UNLOCK(nrt);
298	rtfree_locked(nrt);
299	} else {
300	/ the cmd must be RTM_ADD here /
301	RT_REMREF_LOCKED(nrt);
302	RT_UNLOCK(nrt);
303	}
304	}
305	lck_mtx_unlock(rnh_lock);
306	}
307
308	/*
309	* Add ownaddr as loopback rtentry. We previously add the route only if
310	* necessary (ex. on a p2p link). However, since we now manage addresses
311	* separately from prefixes, we should always add the route. We can't
312	* rely on the cloning mechanism from the corresponding interface route
313	* any more.
314	*/
315	static void
316	in6_ifaddloop(struct ifaddr *ifa)
317	{
318	struct rtentry *rt;
319
320	/*
321	* If there is no loopback entry, allocate one. ifa_addr for
322	* INET6 is set once during init; no need to hold lock.
323	*/
324	rt = rtalloc1(ifa->ifa_addr, `0`, `0`);
325	if (rt != NULL) {
326	RT_LOCK(rt);
327	}
328	if (rt == NULL \|\| (rt->rt_flags & RTF_HOST) == `0` \|\|
329	(rt->rt_ifp->if_flags & IFF_LOOPBACK) == `0`) {
330	if (rt != NULL) {
331	RT_REMREF_LOCKED(rt);
332	RT_UNLOCK(rt);
333	}
334	in6_ifloop_request(RTM_ADD, ifa);
335	} else if (rt != NULL) {
336	RT_REMREF_LOCKED(rt);
337	RT_UNLOCK(rt);
338	}
339	}
340
341	/*
342	* Remove loopback rtentry of ownaddr generated by in6_ifaddloop(),
343	* if it exists.
344	*/
345	static void
346	in6_ifremloop(struct ifaddr *ifa)
347	{
348	struct in6_ifaddr *ia;
349	struct rtentry *rt;
350	int ia_count = `0`;
351
352	/*
353	* Some of BSD variants do not remove cloned routes
354	* from an interface direct route, when removing the direct route
355	* (see comments in net/net_osdep.h). Even for variants that do remove
356	* cloned routes, they could fail to remove the cloned routes when
357	* we handle multple addresses that share a common prefix.
358	* So, we should remove the route corresponding to the deleted address
359	* regardless of the result of in6_is_ifloop_auto().
360	*/
361
362	/*
363	* Delete the entry only if exact one ifa exists. More than one ifa
364	* can exist if we assign a same single address to multiple
365	* (probably p2p) interfaces.
366	* XXX: we should avoid such a configuration in IPv6...
367	*/
368	lck_rw_lock_exclusive(lck: &in6_ifaddr_rwlock);
369	TAILQ_FOREACH(ia, IN6ADDR_HASH(IFA_IN6(ifa)), ia6_hash) {
370	IFA_LOCK(&ia->ia_ifa);
371	if (in6_are_addr_equal_scoped(IFA_IN6(ifa), &ia->ia_addr.sin6_addr, IFA_SIN6(ifa)->sin6_scope_id, ia->ia_addr.sin6_scope_id)) {
372	ia_count++;
373	if (ia_count > `1`) {
374	IFA_UNLOCK(&ia->ia_ifa);
375	break;
376	}
377	}
378	IFA_UNLOCK(&ia->ia_ifa);
379	}
380	lck_rw_done(lck: &in6_ifaddr_rwlock);
381
382	if (ia_count == `1`) {
383	/*
384	* Before deleting, check if a corresponding loopbacked host
385	* route surely exists. With this check, we can avoid to
386	* delete an interface direct route whose destination is same
387	* as the address being removed. This can happen when removing
388	* a subnet-router anycast address on an interface attahced
389	* to a shared medium. ifa_addr for INET6 is set once during
390	* init; no need to hold lock.
391	*/
392	rt = rtalloc1(ifa->ifa_addr, `0`, `0`);
393	if (rt != NULL) {
394	RT_LOCK(rt);
395	if ((rt->rt_flags & RTF_HOST) != `0` &&
396	(rt->rt_ifp->if_flags & IFF_LOOPBACK) != `0`) {
397	RT_REMREF_LOCKED(rt);
398	RT_UNLOCK(rt);
399	in6_ifloop_request(RTM_DELETE, ifa);
400	} else {
401	RT_UNLOCK(rt);
402	}
403	}
404	}
405	}
406
407
408	int
409	in6_mask2len(struct in6_addr mask, u_char lim0)
410	{
411	int x = `0`, y;
412	u_char lim = lim0, p;
413
414	/ ignore the scope_id part /
415	if (lim0 == NULL \|\| lim0 - (u_char )mask > sizeof(mask)) {
416	lim = (u_char )mask + sizeof(mask);
417	}
418	for (p = (u_char *)mask; p < lim; x++, p++) {
419	if (*p != `0xff`) {
420	break;
421	}
422	}
423	y = `0`;
424	if (p < lim) {
425	for (y = `0`; y < `8`; y++) {
426	if ((*p & (`0x80` >> y)) == `0`) {
427	break;
428	}
429	}
430	}
431
432	/*
433	* when the limit pointer is given, do a stricter check on the
434	* remaining bits.
435	*/
436	if (p < lim) {
437	if (y != `0` && (*p & (`0x00ff` >> y)) != `0`) {
438	return -`1`;
439	}
440	for (p = p + `1`; p < lim; p++) {
441	if (*p != `0`) {
442	return -`1`;
443	}
444	}
445	}
446
447	return x * `8` + y;
448	}
449
450	void
451	in6_len2mask(struct in6_addr mask, int* len)
452	{
453	int i;
454
455	bzero(s: mask, n: sizeof(*mask));
456	for (i = `0`; i < len / `8`; i++) {
457	mask->s6_addr8[i] = `0xff`;
458	}
459	if (len % `8`) {
460	mask->s6_addr8[i] = (`0xff00` >> (len % `8`)) & `0xff`;
461	}
462	}
463
464	void
465	in6_aliasreq_64_to_32(struct in6_aliasreq_64 src, struct* in6_aliasreq_32 *dst)
466	{
467	bzero(s: dst, n: sizeof(*dst));
468	bcopy(src: src->ifra_name, dst: dst->ifra_name, n: sizeof(dst->ifra_name));
469	dst->ifra_addr = src->ifra_addr;
470	dst->ifra_dstaddr = src->ifra_dstaddr;
471	dst->ifra_prefixmask = src->ifra_prefixmask;
472	dst->ifra_flags = src->ifra_flags;
473	dst->ifra_lifetime.ia6t_expire = (u_int32_t)src->ifra_lifetime.ia6t_expire;
474	dst->ifra_lifetime.ia6t_preferred = (u_int32_t)src->ifra_lifetime.ia6t_preferred;
475	dst->ifra_lifetime.ia6t_vltime = src->ifra_lifetime.ia6t_vltime;
476	dst->ifra_lifetime.ia6t_pltime = src->ifra_lifetime.ia6t_pltime;
477	}
478
479	void
480	in6_aliasreq_32_to_64(struct in6_aliasreq_32 src, struct* in6_aliasreq_64 *dst)
481	{
482	bzero(s: dst, n: sizeof(*dst));
483	bcopy(src: src->ifra_name, dst: dst->ifra_name, n: sizeof(dst->ifra_name));
484	dst->ifra_addr = src->ifra_addr;
485	dst->ifra_dstaddr = src->ifra_dstaddr;
486	dst->ifra_prefixmask = src->ifra_prefixmask;
487	dst->ifra_flags = src->ifra_flags;
488	dst->ifra_lifetime.ia6t_expire = src->ifra_lifetime.ia6t_expire;
489	dst->ifra_lifetime.ia6t_preferred = src->ifra_lifetime.ia6t_preferred;
490	dst->ifra_lifetime.ia6t_vltime = src->ifra_lifetime.ia6t_vltime;
491	dst->ifra_lifetime.ia6t_pltime = src->ifra_lifetime.ia6t_pltime;
492	}
493
494	#if defined(__LP64__)
495	static void
496	in6_cgareq_32_to_64(const struct in6_cgareq_32 *src,
497	struct in6_cgareq_64 *dst)
498	{
499	bzero(s: dst, n: sizeof(*dst));
500	bcopy(src: src->cgar_name, dst: dst->cgar_name, n: sizeof(dst->cgar_name));
501	dst->cgar_flags = src->cgar_flags;
502	bcopy(src: src->cgar_cgaprep.cga_modifier.octets,
503	dst: dst->cgar_cgaprep.cga_modifier.octets,
504	n: sizeof(dst->cgar_cgaprep.cga_modifier.octets));
505	dst->cgar_cgaprep.cga_security_level =
506	src->cgar_cgaprep.cga_security_level;
507	dst->cgar_lifetime.ia6t_expire = src->cgar_lifetime.ia6t_expire;
508	dst->cgar_lifetime.ia6t_preferred = src->cgar_lifetime.ia6t_preferred;
509	dst->cgar_lifetime.ia6t_vltime = src->cgar_lifetime.ia6t_vltime;
510	dst->cgar_lifetime.ia6t_pltime = src->cgar_lifetime.ia6t_pltime;
511	dst->cgar_collision_count = src->cgar_collision_count;
512	}
513	#endif
514
515	#if !defined(__LP64__)
516	static void
517	in6_cgareq_64_to_32(const struct in6_cgareq_64 *src,
518	struct in6_cgareq_32 *dst)
519	{
520	bzero(dst, sizeof(*dst));
521	bcopy(src->cgar_name, dst->cgar_name, sizeof(dst->cgar_name));
522	dst->cgar_flags = src->cgar_flags;
523	bcopy(src->cgar_cgaprep.cga_modifier.octets,
524	dst->cgar_cgaprep.cga_modifier.octets,
525	sizeof(dst->cgar_cgaprep.cga_modifier.octets));
526	dst->cgar_cgaprep.cga_security_level =
527	src->cgar_cgaprep.cga_security_level;
528	dst->cgar_lifetime.ia6t_expire = (u_int32_t)src->cgar_lifetime.ia6t_expire;
529	dst->cgar_lifetime.ia6t_preferred = (u_int32_t)src->cgar_lifetime.ia6t_preferred;
530	dst->cgar_lifetime.ia6t_vltime = src->cgar_lifetime.ia6t_vltime;
531	dst->cgar_lifetime.ia6t_pltime = src->cgar_lifetime.ia6t_pltime;
532	dst->cgar_collision_count = src->cgar_collision_count;
533	}
534	#endif
535
536	static struct in6_aliasreq *
537	in6_aliasreq_to_native(void data, int* data_is_64, struct in6_aliasreq *dst)
538	{
539	#if defined(__LP64__)
540	if (data_is_64) {
541	bcopy(src: data, dst, n: sizeof(*dst));
542	} else {
543	in6_aliasreq_32_to_64(src: (struct in6_aliasreq_32 *)data,
544	dst: (struct in6_aliasreq_64 *)dst);
545	}
546	#else
547	if (data_is_64) {
548	in6_aliasreq_64_to_32((struct in6_aliasreq_64 *)data,
549	(struct in6_aliasreq_32 *)dst);
550	} else {
551	bcopy(data, dst, sizeof(*dst));
552	}
553	#endif /* __LP64__ */
554	return dst;
555	}
556
557	void
558	in6_cgareq_copy_from_user(const void user_data, int* user_is_64,
559	struct in6_cgareq *cgareq)
560	{
561	#if defined(__LP64__)
562	if (user_is_64) {
563	bcopy(src: user_data, dst: cgareq, n: sizeof(*cgareq));
564	} else {
565	in6_cgareq_32_to_64(src: (const struct in6_cgareq_32 *)user_data,
566	dst: (struct in6_cgareq_64 *)cgareq);
567	}
568	#else
569	if (user_is_64) {
570	in6_cgareq_64_to_32((const struct in6_cgareq_64 *)user_data,
571	(struct in6_cgareq_32 *)cgareq);
572	} else {
573	bcopy(user_data, cgareq, sizeof(*cgareq));
574	}
575	#endif /* __LP64__ */
576	}
577
578	static __attribute__((noinline)) int
579	in6ctl_associd(struct socket *so, u_long cmd, caddr_t data)
580	{
581	int error = `0`;
582	union {
583	struct so_aidreq32 a32;
584	struct so_aidreq64 a64;
585	} u;
586
587	VERIFY(so != NULL);
588
589	switch (cmd) {
590	case SIOCGASSOCIDS32: { / struct so_aidreq32 /
591	bcopy(src: data, dst: &u.a32, n: sizeof(u.a32));
592	error = in6_getassocids(so, &u.a32.sar_cnt, u.a32.sar_aidp);
593	if (error == `0`) {
594	bcopy(src: &u.a32, dst: data, n: sizeof(u.a32));
595	}
596	break;
597	}
598
599	case SIOCGASSOCIDS64: { / struct so_aidreq64 /
600	bcopy(src: data, dst: &u.a64, n: sizeof(u.a64));
601	error = in6_getassocids(so, &u.a64.sar_cnt, (user_addr_t)u.a64.sar_aidp);
602	if (error == `0`) {
603	bcopy(src: &u.a64, dst: data, n: sizeof(u.a64));
604	}
605	break;
606	}
607
608	default:
609	VERIFY(`0`);
610	/ NOTREACHED /
611	}
612
613	return error;
614	}
615
616	static __attribute__((noinline)) int
617	in6ctl_connid(struct socket *so, u_long cmd, caddr_t data)
618	{
619	int error = `0`;
620	union {
621	struct so_cidreq32 c32;
622	struct so_cidreq64 c64;
623	} u;
624
625	VERIFY(so != NULL);
626
627	switch (cmd) {
628	case SIOCGCONNIDS32: { / struct so_cidreq32 /
629	bcopy(src: data, dst: &u.c32, n: sizeof(u.c32));
630	error = in6_getconnids(so, u.c32.scr_aid, &u.c32.scr_cnt,
631	u.c32.scr_cidp);
632	if (error == `0`) {
633	bcopy(src: &u.c32, dst: data, n: sizeof(u.c32));
634	}
635	break;
636	}
637
638	case SIOCGCONNIDS64: { / struct so_cidreq64 /
639	bcopy(src: data, dst: &u.c64, n: sizeof(u.c64));
640	error = in6_getconnids(so, u.c64.scr_aid, &u.c64.scr_cnt,
641	(user_addr_t)u.c64.scr_cidp);
642	if (error == `0`) {
643	bcopy(src: &u.c64, dst: data, n: sizeof(u.c64));
644	}
645	break;
646	}
647
648	default:
649	VERIFY(`0`);
650	/ NOTREACHED /
651	}
652
653	return error;
654	}
655
656	static __attribute__((noinline)) int
657	in6ctl_conninfo(struct socket *so, u_long cmd, caddr_t data)
658	{
659	int error = `0`;
660	union {
661	struct so_cinforeq32 ci32;
662	struct so_cinforeq64 ci64;
663	} u;
664
665	VERIFY(so != NULL);
666
667	switch (cmd) {
668	case SIOCGCONNINFO32: { / struct so_cinforeq32 /
669	bcopy(src: data, dst: &u.ci32, n: sizeof(u.ci32));
670	error = in6_getconninfo(so, u.ci32.scir_cid, &u.ci32.scir_flags,
671	&u.ci32.scir_ifindex, &u.ci32.scir_error, u.ci32.scir_src,
672	&u.ci32.scir_src_len, u.ci32.scir_dst, &u.ci32.scir_dst_len,
673	&u.ci32.scir_aux_type, u.ci32.scir_aux_data,
674	&u.ci32.scir_aux_len);
675	if (error == `0`) {
676	bcopy(src: &u.ci32, dst: data, n: sizeof(u.ci32));
677	}
678	break;
679	}
680
681	case SIOCGCONNINFO64: { / struct so_cinforeq64 /
682	bcopy(src: data, dst: &u.ci64, n: sizeof(u.ci64));
683	error = in6_getconninfo(so, u.ci64.scir_cid, &u.ci64.scir_flags,
684	&u.ci64.scir_ifindex, &u.ci64.scir_error, (user_addr_t)u.ci64.scir_src,
685	&u.ci64.scir_src_len, (user_addr_t)u.ci64.scir_dst, &u.ci64.scir_dst_len,
686	&u.ci64.scir_aux_type, (user_addr_t)u.ci64.scir_aux_data,
687	&u.ci64.scir_aux_len);
688	if (error == `0`) {
689	bcopy(src: &u.ci64, dst: data, n: sizeof(u.ci64));
690	}
691	break;
692	}
693
694	default:
695	VERIFY(`0`);
696	/ NOTREACHED /
697	}
698
699	return error;
700	}
701
702	static __attribute__((noinline)) int
703	in6ctl_llstart(struct ifnet *ifp, u_long cmd, caddr_t data)
704	{
705	struct in6_aliasreq sifra, *ifra = NULL;
706	boolean_t is64;
707	int error = `0`;
708
709	VERIFY(ifp != NULL);
710
711	switch (cmd) {
712	case SIOCLL_START_32: / struct in6_aliasreq_32 /
713	case SIOCLL_START_64: / struct in6_aliasreq_64 /
714	is64 = (cmd == SIOCLL_START_64);
715	/*
716	* Convert user ifra to the kernel form, when appropriate.
717	* This allows the conversion between different data models
718	* to be centralized, so that it can be passed around to other
719	* routines that are expecting the kernel form.
720	*/
721	ifra = in6_aliasreq_to_native(data, data_is_64: is64, dst: &sifra);
722
723	/*
724	* NOTE: All the interface specific DLIL attachements should
725	* be done here. They are currently done in in6_ifattach_aux()
726	* for the interfaces that need it.
727	*/
728	if (ifra->ifra_addr.sin6_family == AF_INET6 &&
729	/ Only check ifra_dstaddr if valid /
730	(ifra->ifra_dstaddr.sin6_len == `0` \|\|
731	ifra->ifra_dstaddr.sin6_family == AF_INET6)) {
732	/ some interfaces may provide LinkLocal addresses /
733	error = in6_ifattach_aliasreq(ifp, NULL, ifra);
734	} else {
735	error = in6_ifattach_aliasreq(ifp, NULL, NULL);
736	}
737	if (error == `0`) {
738	in6_if_up_dad_start(ifp);
739	}
740	break;
741
742	default:
743	VERIFY(`0`);
744	/ NOTREACHED /
745	}
746
747	return error;
748	}
749
750	static __attribute__((noinline)) int
751	in6ctl_llstop(struct ifnet *ifp)
752	{
753	struct in6_ifaddr *ia;
754	struct nd_prefix pr0, *pr;
755
756	VERIFY(ifp != NULL);
757
758	/ Remove link local addresses from interface /
759	lck_rw_lock_exclusive(lck: &in6_ifaddr_rwlock);
760	boolean_t from_begining = TRUE;
761	while (from_begining) {
762	from_begining = FALSE;
763	TAILQ_FOREACH(ia, &in6_ifaddrhead, ia6_link) {
764	if (ia->ia_ifa.ifa_ifp != ifp) {
765	continue;
766	}
767	IFA_LOCK(&ia->ia_ifa);
768	if (IN6_IS_ADDR_LINKLOCAL(&ia->ia_addr.sin6_addr)) {
769	ifa_addref(ifa: &ia->ia_ifa); / for us /
770	IFA_UNLOCK(&ia->ia_ifa);
771	lck_rw_done(lck: &in6_ifaddr_rwlock);
772	in6_purgeaddr(&ia->ia_ifa);
773	ifa_remref(ifa: &ia->ia_ifa); / for us /
774	lck_rw_lock_exclusive(lck: &in6_ifaddr_rwlock);
775	/*
776	* Purging the address caused in6_ifaddr_rwlock
777	* to be dropped and reacquired;
778	* therefore search again from the beginning
779	* of in6_ifaddrs list.
780	*/
781	from_begining = TRUE;
782	break;
783	}
784	IFA_UNLOCK(&ia->ia_ifa);
785	}
786	}
787	lck_rw_done(lck: &in6_ifaddr_rwlock);
788
789	/ Delete the link local prefix /
790	bzero(s: &pr0, n: sizeof(pr0));
791	pr0.ndpr_plen = `64`;
792	pr0.ndpr_ifp = ifp;
793	pr0.ndpr_prefix.sin6_addr.s6_addr16[`0`] = IPV6_ADDR_INT16_ULL;
794	(void)in6_setscope(&pr0.ndpr_prefix.sin6_addr, ifp, IN6_NULL_IF_EMBEDDED_SCOPE(&pr0.ndpr_prefix.sin6_scope_id));
795	pr = nd6_prefix_lookup(&pr0, ND6_PREFIX_EXPIRY_UNSPEC);
796	if (pr) {
797	lck_mtx_lock(nd6_mutex);
798	NDPR_LOCK(pr);
799	prelist_remove(pr);
800	NDPR_UNLOCK(pr);
801	NDPR_REMREF(pr); / Drop the reference from lookup /
802	lck_mtx_unlock(nd6_mutex);
803	}
804
805	return `0`;
806	}
807
808	/*
809	* This routine configures secure link local address
810	*/
811	static __attribute__((noinline)) int
812	in6ctl_cgastart(struct ifnet *ifp, u_long cmd, caddr_t data)
813	{
814	struct in6_cgareq llcgasr;
815	int is64, error = `0`;
816
817	VERIFY(ifp != NULL);
818
819	switch (cmd) {
820	case SIOCLL_CGASTART_32: / struct in6_cgareq_32 /
821	case SIOCLL_CGASTART_64: / struct in6_cgareq_64 /
822	is64 = (cmd == SIOCLL_CGASTART_64);
823	/*
824	* Convert user cgareq to the kernel form, when appropriate.
825	* This allows the conversion between different data models
826	* to be centralized, so that it can be passed around to other
827	* routines that are expecting the kernel form.
828	*/
829	in6_cgareq_copy_from_user(user_data: data, user_is_64: is64, cgareq: &llcgasr);
830
831	/*
832	* NOTE: All the interface specific DLIL attachements
833	* should be done here. They are currently done in
834	* in6_ifattach_cgareq() for the interfaces that
835	* need it.
836	*/
837	error = in6_ifattach_llcgareq(ifp, &llcgasr);
838	if (error == `0`) {
839	in6_if_up_dad_start(ifp);
840	}
841	break;
842
843	default:
844	VERIFY(`0`);
845	/ NOTREACHED /
846	}
847
848	return error;
849	}
850
851	/*
852	* Caller passes in the ioctl data pointer directly via "ifr", with the
853	* expectation that this routine always uses bcopy() or other byte-aligned
854	* memory accesses.
855	*/
856	static __attribute__((noinline)) int
857	in6ctl_gifaddr(struct ifnet ifp, struct* in6_ifaddr *ia, u_long cmd,
858	struct in6_ifreq *ifr)
859	{
860	struct sockaddr_in6 addr;
861	int error = `0`;
862
863	VERIFY(ifp != NULL);
864
865	if (ia == NULL) {
866	return EADDRNOTAVAIL;
867	}
868
869	switch (cmd) {
870	case SIOCGIFADDR_IN6: / struct in6_ifreq /
871	IFA_LOCK(&ia->ia_ifa);
872	SOCKADDR_COPY(&ia->ia_addr, &addr, sizeof(addr));
873	IFA_UNLOCK(&ia->ia_ifa);
874	if ((error = sa6_recoverscope(&addr, TRUE)) != `0`) {
875	break;
876	}
877	SOCKADDR_COPY(&addr, &ifr->ifr_addr, sizeof(addr));
878	break;
879
880	case SIOCGIFDSTADDR_IN6: / struct in6_ifreq /
881	if (!(ifp->if_flags & IFF_POINTOPOINT)) {
882	error = EINVAL;
883	break;
884	}
885	/*
886	* XXX: should we check if ifa_dstaddr is NULL and return
887	* an error?
888	*/
889	IFA_LOCK(&ia->ia_ifa);
890	SOCKADDR_COPY(&ia->ia_dstaddr, &addr, sizeof(addr));
891	IFA_UNLOCK(&ia->ia_ifa);
892	if ((error = sa6_recoverscope(&addr, TRUE)) != `0`) {
893	break;
894	}
895	SOCKADDR_COPY(&addr, &ifr->ifr_dstaddr, sizeof(addr));
896	break;
897
898	default:
899	VERIFY(`0`);
900	/ NOTREACHED /
901	}
902
903	return error;
904	}
905
906	/*
907	* Caller passes in the ioctl data pointer directly via "ifr", with the
908	* expectation that this routine always uses bcopy() or other byte-aligned
909	* memory accesses.
910	*/
911	static __attribute__((noinline)) int
912	in6ctl_gifstat(struct ifnet ifp, u_long cmd, struct* in6_ifreq *ifr)
913	{
914	int error = `0`, index;
915
916	VERIFY(ifp != NULL);
917	index = ifp->if_index;
918
919	switch (cmd) {
920	case SIOCGIFSTAT_IN6: / struct in6_ifreq /
921	/ N.B.: if_inet6data is never freed once set. /
922	if (IN6_IFEXTRA(ifp) == NULL) {
923	/ return (EAFNOSUPPORT)? /
924	bzero(s: &ifr->ifr_ifru.ifru_stat,
925	n: sizeof(ifr->ifr_ifru.ifru_stat));
926	} else {
927	bcopy(src: &IN6_IFEXTRA(ifp)->in6_ifstat,
928	dst: &ifr->ifr_ifru.ifru_stat,
929	n: sizeof(ifr->ifr_ifru.ifru_stat));
930	}
931	break;
932
933	case SIOCGIFSTAT_ICMP6: / struct in6_ifreq /
934	/ N.B.: if_inet6data is never freed once set. /
935	if (IN6_IFEXTRA(ifp) == NULL) {
936	/ return (EAFNOSUPPORT)? /
937	bzero(s: &ifr->ifr_ifru.ifru_icmp6stat,
938	n: sizeof(ifr->ifr_ifru.ifru_icmp6stat));
939	} else {
940	bcopy(src: &IN6_IFEXTRA(ifp)->icmp6_ifstat,
941	dst: &ifr->ifr_ifru.ifru_icmp6stat,
942	n: sizeof(ifr->ifr_ifru.ifru_icmp6stat));
943	}
944	break;
945
946	default:
947	VERIFY(`0`);
948	/ NOTREACHED /
949	}
950
951	return error;
952	}
953
954	/*
955	* Caller passes in the ioctl data pointer directly via "ifr", with the
956	* expectation that this routine always uses bcopy() or other byte-aligned
957	* memory accesses.
958	*/
959	static __attribute__((noinline)) int
960	in6ctl_alifetime(struct in6_ifaddr ia, u_long cmd, struct* in6_ifreq *ifr,
961	boolean_t p64)
962	{
963	uint64_t timenow = net_uptime();
964	struct in6_addrlifetime ia6_lt;
965	struct timeval caltime;
966	int error = `0`;
967
968	if (ia == NULL) {
969	return EADDRNOTAVAIL;
970	}
971
972	switch (cmd) {
973	case SIOCGIFALIFETIME_IN6: / struct in6_ifreq /
974	IFA_LOCK(&ia->ia_ifa);
975	/ retrieve time as calendar time (last arg is 1) /
976	in6ifa_getlifetime(ia, &ia6_lt, `1`);
977	if (p64) {
978	struct in6_addrlifetime_64 lt;
979
980	bzero(s: &lt, n: sizeof(lt));
981	lt.ia6t_expire = ia6_lt.ia6t_expire;
982	lt.ia6t_preferred = ia6_lt.ia6t_preferred;
983	lt.ia6t_vltime = ia6_lt.ia6t_vltime;
984	lt.ia6t_pltime = ia6_lt.ia6t_pltime;
985	bcopy(src: &lt, dst: &ifr->ifr_ifru.ifru_lifetime, n: sizeof(ifr->ifr_ifru.ifru_lifetime));
986	} else {
987	struct in6_addrlifetime_32 lt;
988
989	bzero(s: &lt, n: sizeof(lt));
990	lt.ia6t_expire = (uint32_t)ia6_lt.ia6t_expire;
991	lt.ia6t_preferred = (uint32_t)ia6_lt.ia6t_preferred;
992	lt.ia6t_vltime = (uint32_t)ia6_lt.ia6t_vltime;
993	lt.ia6t_pltime = (uint32_t)ia6_lt.ia6t_pltime;
994	/*
995	* 32-bit userland expects a 32-bit in6_addrlifetime to
996	* come back:
997	*/
998	bcopy(src: &lt, dst: &ifr->ifr_ifru.ifru_lifetime, n: sizeof(lt));
999	}
1000	IFA_UNLOCK(&ia->ia_ifa);
1001	break;
1002
1003	case SIOCSIFALIFETIME_IN6: / struct in6_ifreq /
1004	getmicrotime(&caltime);
1005
1006	/ sanity for overflow - beware unsigned /
1007	if (p64) {
1008	struct in6_addrlifetime_64 lt;
1009
1010	bcopy(src: &ifr->ifr_ifru.ifru_lifetime, dst: &lt, n: sizeof(lt));
1011	if (lt.ia6t_vltime != ND6_INFINITE_LIFETIME &&
1012	lt.ia6t_vltime + caltime.tv_sec < caltime.tv_sec) {
1013	error = EINVAL;
1014	break;
1015	}
1016	if (lt.ia6t_pltime != ND6_INFINITE_LIFETIME &&
1017	lt.ia6t_pltime + caltime.tv_sec < caltime.tv_sec) {
1018	error = EINVAL;
1019	break;
1020	}
1021	} else {
1022	struct in6_addrlifetime_32 lt;
1023
1024	bcopy(src: &ifr->ifr_ifru.ifru_lifetime, dst: &lt, n: sizeof(lt));
1025	if (lt.ia6t_vltime != ND6_INFINITE_LIFETIME &&
1026	lt.ia6t_vltime + caltime.tv_sec < caltime.tv_sec) {
1027	error = EINVAL;
1028	break;
1029	}
1030	if (lt.ia6t_pltime != ND6_INFINITE_LIFETIME &&
1031	lt.ia6t_pltime + caltime.tv_sec < caltime.tv_sec) {
1032	error = EINVAL;
1033	break;
1034	}
1035	}
1036
1037	IFA_LOCK(&ia->ia_ifa);
1038	if (p64) {
1039	struct in6_addrlifetime_64 lt;
1040
1041	bcopy(src: &ifr->ifr_ifru.ifru_lifetime, dst: &lt, n: sizeof(lt));
1042	ia6_lt.ia6t_expire = (time_t)lt.ia6t_expire;
1043	ia6_lt.ia6t_preferred = (time_t)lt.ia6t_preferred;
1044	ia6_lt.ia6t_vltime = lt.ia6t_vltime;
1045	ia6_lt.ia6t_pltime = lt.ia6t_pltime;
1046	} else {
1047	struct in6_addrlifetime_32 lt;
1048
1049	bcopy(src: &ifr->ifr_ifru.ifru_lifetime, dst: &lt, n: sizeof(lt));
1050	ia6_lt.ia6t_expire = (uint32_t)lt.ia6t_expire;
1051	ia6_lt.ia6t_preferred = (uint32_t)lt.ia6t_preferred;
1052	ia6_lt.ia6t_vltime = lt.ia6t_vltime;
1053	ia6_lt.ia6t_pltime = lt.ia6t_pltime;
1054	}
1055	/ for sanity /
1056	if (ia6_lt.ia6t_vltime != ND6_INFINITE_LIFETIME) {
1057	ia6_lt.ia6t_expire = (time_t)(timenow + ia6_lt.ia6t_vltime);
1058	} else {
1059	ia6_lt.ia6t_expire = `0`;
1060	}
1061
1062	if (ia6_lt.ia6t_pltime != ND6_INFINITE_LIFETIME) {
1063	ia6_lt.ia6t_preferred = (time_t)(timenow + ia6_lt.ia6t_pltime);
1064	} else {
1065	ia6_lt.ia6t_preferred = `0`;
1066	}
1067
1068	in6ifa_setlifetime(ia, &ia6_lt);
1069	IFA_UNLOCK(&ia->ia_ifa);
1070	break;
1071
1072	default:
1073	VERIFY(`0`);
1074	/ NOTREACHED /
1075	}
1076
1077	return error;
1078	}
1079
1080	static int
1081	in6ctl_clat46start(struct ifnet *ifp)
1082	{
1083	struct nd_prefix *pr = NULL;
1084	struct nd_prefix *next = NULL;
1085	struct in6_ifaddr *ia6 = NULL;
1086	int error = `0`;
1087
1088	if (ifp == lo_ifp) {
1089	return EINVAL;
1090	}
1091	/*
1092	* Traverse the list of prefixes and find the first non-linklocal
1093	* prefix on the interface.
1094	* For that found eligible prefix, configure a CLAT46 reserved address.
1095	*/
1096	lck_mtx_lock(nd6_mutex);
1097	for (pr = nd_prefix.lh_first; pr; pr = next) {
1098	next = pr->ndpr_next;
1099
1100	NDPR_LOCK(pr);
1101	if (pr->ndpr_ifp != ifp) {
1102	NDPR_UNLOCK(pr);
1103	continue;
1104	}
1105
1106	if (IN6_IS_ADDR_LINKLOCAL(&pr->ndpr_prefix.sin6_addr)) {
1107	NDPR_UNLOCK(pr);
1108	continue; / XXX /
1109	}
1110
1111	if (pr->ndpr_raf_auto == `0`) {
1112	NDPR_UNLOCK(pr);
1113	continue;
1114	}
1115
1116	if (pr->ndpr_stateflags & NDPRF_DEFUNCT) {
1117	NDPR_UNLOCK(pr);
1118	continue;
1119	}
1120
1121	if ((pr->ndpr_stateflags & NDPRF_CLAT46) == `0`
1122	&& pr->ndpr_vltime != `0`) {
1123	NDPR_ADDREF(pr); / Take reference for rest of the processing /
1124	NDPR_UNLOCK(pr);
1125	break;
1126	} else {
1127	NDPR_UNLOCK(pr);
1128	continue;
1129	}
1130	}
1131	lck_mtx_unlock(nd6_mutex);
1132
1133	if (pr != NULL) {
1134	if ((ia6 = in6_pfx_newpersistaddr(pr, FALSE, &error,
1135	TRUE, CLAT46_COLLISION_COUNT_OFFSET)) == NULL) {
1136	nd6log0(error,
1137	"Could not configure CLAT46 address on"
1138	" interface %s.\n", ifp->if_xname);
1139	} else {
1140	IFA_LOCK(&ia6->ia_ifa);
1141	NDPR_LOCK(pr);
1142	ia6->ia6_ndpr = pr;
1143	NDPR_ADDREF(pr); / for addr reference /
1144	pr->ndpr_stateflags \|= NDPRF_CLAT46;
1145	pr->ndpr_addrcnt++;
1146	VERIFY(pr->ndpr_addrcnt != `0`);
1147	NDPR_UNLOCK(pr);
1148	IFA_UNLOCK(&ia6->ia_ifa);
1149	ifa_remref(ifa: &ia6->ia_ifa);
1150	ia6 = NULL;
1151	/*
1152	* A newly added address might affect the status
1153	* of other addresses, so we check and update it.
1154	* XXX: what if address duplication happens?
1155	*/
1156	lck_mtx_lock(nd6_mutex);
1157	pfxlist_onlink_check();
1158	lck_mtx_unlock(nd6_mutex);
1159	}
1160	NDPR_REMREF(pr);
1161	}
1162	return error;
1163	}
1164
1165	static int
1166	in6ctl_clat46stop(struct ifnet *ifp)
1167	{
1168	int error = `0`;
1169	struct in6_ifaddr *ia = NULL;
1170
1171	if (ifp == lo_ifp) {
1172	return EINVAL;
1173	}
1174	if ((ifp->if_eflags & IFEF_CLAT46) == `0`) {
1175	/ CLAT46 isn't enabled /
1176	goto done;
1177	}
1178	if_clear_eflags(ifp, IFEF_CLAT46);
1179
1180	/ find CLAT46 address and remove it /
1181	lck_rw_lock_exclusive(lck: &in6_ifaddr_rwlock);
1182	TAILQ_FOREACH(ia, &in6_ifaddrhead, ia6_link) {
1183	if (ia->ia_ifa.ifa_ifp != ifp) {
1184	continue;
1185	}
1186	IFA_LOCK(&ia->ia_ifa);
1187	if ((ia->ia6_flags & IN6_IFF_CLAT46) != `0`) {
1188	ifa_addref(ifa: &ia->ia_ifa); / for us /
1189	IFA_UNLOCK(&ia->ia_ifa);
1190	lck_rw_done(lck: &in6_ifaddr_rwlock);
1191	in6_purgeaddr(&ia->ia_ifa);
1192	ifa_remref(ifa: &ia->ia_ifa); / for us /
1193	goto done;
1194	}
1195	IFA_UNLOCK(&ia->ia_ifa);
1196	}
1197	lck_rw_done(lck: &in6_ifaddr_rwlock);
1198
1199	done:
1200	return error;
1201	}
1202
1203	#define ifa2ia6(ifa) ((struct in6_ifaddr )(void )(ifa))
1204
1205	/*
1206	* Generic INET6 control operations (ioctl's).
1207	*
1208	* ifp is NULL if not an interface-specific ioctl.
1209	*
1210	* Most of the routines called to handle the ioctls would end up being
1211	* tail-call optimized, which unfortunately causes this routine to
1212	* consume too much stack space; this is the reason for the "noinline"
1213	* attribute used on those routines.
1214	*
1215	* If called directly from within the networking stack (as opposed to via
1216	* pru_control), the socket parameter may be NULL.
1217	*/
1218	int
1219	in6_control(struct socket so, u_long cmd, caddr_t data, struct* ifnet *ifp,
1220	struct proc *p)
1221	{
1222	struct in6_ifreq ifr = (struct* in6_ifreq )(void* *)data;
1223	struct in6_aliasreq sifra, *ifra = NULL;
1224	struct in6_ifaddr *ia = NULL;
1225	struct sockaddr_in6 sin6, *sa6 = NULL;
1226	boolean_t privileged = (proc_suser(p) == `0`);
1227	boolean_t p64 = proc_is64bit(p);
1228	boolean_t so_unlocked = FALSE;
1229	int intval, error = `0`;
1230
1231	/ In case it's NULL, make sure it came from the kernel /
1232	VERIFY(so != NULL \|\| p == kernproc);
1233
1234	/*
1235	* ioctls which don't require ifp, may require socket.
1236	*/
1237	switch (cmd) {
1238	case SIOCAADDRCTL_POLICY: / struct in6_addrpolicy /
1239	case SIOCDADDRCTL_POLICY: / struct in6_addrpolicy /
1240	if (!privileged) {
1241	return EPERM;
1242	}
1243	return in6_src_ioctl(cmd, data);
1244	/ NOTREACHED /
1245
1246	case SIOCDRADD_IN6_32: / struct in6_defrouter_32 /
1247	case SIOCDRADD_IN6_64: / struct in6_defrouter_64 /
1248	case SIOCDRDEL_IN6_32: / struct in6_defrouter_32 /
1249	case SIOCDRDEL_IN6_64: / struct in6_defrouter_64 /
1250	if (!privileged) {
1251	return EPERM;
1252	}
1253	return defrtrlist_ioctl(cmd, data);
1254	/ NOTREACHED /
1255
1256	case SIOCGASSOCIDS32: / struct so_aidreq32 /
1257	case SIOCGASSOCIDS64: / struct so_aidreq64 /
1258	return in6ctl_associd(so, cmd, data);
1259	/ NOTREACHED /
1260
1261	case SIOCGCONNIDS32: / struct so_cidreq32 /
1262	case SIOCGCONNIDS64: / struct so_cidreq64 /
1263	return in6ctl_connid(so, cmd, data);
1264	/ NOTREACHED /
1265
1266	case SIOCGCONNINFO32: / struct so_cinforeq32 /
1267	case SIOCGCONNINFO64: / struct so_cinforeq64 /
1268	return in6ctl_conninfo(so, cmd, data);
1269	/ NOTREACHED /
1270	}
1271
1272	/*
1273	* The rest of ioctls require ifp; reject if we don't have one;
1274	* return ENXIO to be consistent with ifioctl().
1275	*/
1276	if (ifp == NULL) {
1277	return ENXIO;
1278	}
1279
1280	/*
1281	* Unlock the socket since ifnet_ioctl() may be invoked by
1282	* one of the ioctl handlers below. Socket will be re-locked
1283	* prior to returning.
1284	*/
1285	if (so != NULL) {
1286	socket_unlock(so, refcount: `0`);
1287	so_unlocked = TRUE;
1288	}
1289
1290	lck_mtx_lock(lck: &ifp->if_inet6_ioctl_lock);
1291	while (ifp->if_inet6_ioctl_busy) {
1292	(void) msleep(chan: &ifp->if_inet6_ioctl_busy, mtx: &ifp->if_inet6_ioctl_lock, pri: (PZERO - `1`),
1293	wmesg: __func__, NULL);
1294	LCK_MTX_ASSERT(&ifp->if_inet6_ioctl_lock, LCK_MTX_ASSERT_OWNED);
1295	}
1296	ifp->if_inet6_ioctl_busy = TRUE;
1297	lck_mtx_unlock(lck: &ifp->if_inet6_ioctl_lock);
1298
1299	/*
1300	* ioctls which require ifp but not interface address.
1301	*/
1302	switch (cmd) {
1303	case SIOCAUTOCONF_START: / struct in6_ifreq /
1304	if (!privileged) {
1305	error = EPERM;
1306	goto done;
1307	}
1308	error = in6_autoconf(ifp, TRUE);
1309	goto done;
1310
1311	case SIOCAUTOCONF_STOP: / struct in6_ifreq /
1312	if (!privileged) {
1313	error = EPERM;
1314	goto done;
1315	}
1316	error = in6_autoconf(ifp, FALSE);
1317	goto done;
1318
1319	case SIOCLL_START_32: / struct in6_aliasreq_32 /
1320	case SIOCLL_START_64: / struct in6_aliasreq_64 /
1321	if (!privileged) {
1322	error = EPERM;
1323	goto done;
1324	}
1325	error = in6ctl_llstart(ifp, cmd, data);
1326	goto done;
1327
1328	case SIOCLL_STOP: / struct in6_ifreq /
1329	if (!privileged) {
1330	error = EPERM;
1331	goto done;
1332	}
1333	error = in6ctl_llstop(ifp);
1334	goto done;
1335
1336	case SIOCCLAT46_START: / struct in6_ifreq /
1337	if (!privileged) {
1338	error = EPERM;
1339	goto done;
1340	}
1341	error = in6ctl_clat46start(ifp);
1342	if (error == `0`) {
1343	if_set_eflags(ifp, IFEF_CLAT46);
1344	}
1345	goto done;
1346
1347	case SIOCCLAT46_STOP: / struct in6_ifreq /
1348	if (!privileged) {
1349	error = EPERM;
1350	goto done;
1351	}
1352	error = in6ctl_clat46stop(ifp);
1353	goto done;
1354	case SIOCGETROUTERMODE_IN6: / struct in6_ifreq /
1355	intval = ifp->if_ipv6_router_mode;
1356	bcopy(src: &intval, dst: &((struct in6_ifreq )(void* *)data)->ifr_intval,
1357	n: sizeof(intval));
1358	goto done;
1359	case SIOCSETROUTERMODE_IN6: / struct in6_ifreq /
1360	if (!privileged) {
1361	error = EPERM;
1362	goto done;
1363	}
1364	bcopy(src: &((struct in6_ifreq )(void* *)data)->ifr_intval,
1365	dst: &intval, n: sizeof(intval));
1366	switch (intval) {
1367	case IPV6_ROUTER_MODE_DISABLED:
1368	case IPV6_ROUTER_MODE_EXCLUSIVE:
1369	case IPV6_ROUTER_MODE_HYBRID:
1370	break;
1371	default:
1372	error = EINVAL;
1373	goto done;
1374	}
1375	error = in6_setrouter(ifp, (ipv6_router_mode_t)intval);
1376	goto done;
1377
1378	case SIOCPROTOATTACH_IN6_32: / struct in6_aliasreq_32 /
1379	case SIOCPROTOATTACH_IN6_64: / struct in6_aliasreq_64 /
1380	if (!privileged) {
1381	error = EPERM;
1382	goto done;
1383	}
1384	error = in6_domifattach(ifp);
1385	goto done;
1386
1387	case SIOCPROTODETACH_IN6: / struct in6_ifreq /
1388	if (!privileged) {
1389	error = EPERM;
1390	goto done;
1391	}
1392	/ Cleanup interface routes and addresses /
1393	in6_purgeif(ifp);
1394
1395	if ((error = proto_unplumb(PF_INET6, ifp))) {
1396	log(LOG_ERR, "SIOCPROTODETACH_IN6: %s error=%d\n",
1397	if_name(ifp), error);
1398	}
1399	goto done;
1400
1401	case SIOCSNDFLUSH_IN6: / struct in6_ifreq /
1402	case SIOCSPFXFLUSH_IN6: / struct in6_ifreq /
1403	case SIOCSRTRFLUSH_IN6: / struct in6_ifreq /
1404	case SIOCSDEFIFACE_IN6_32: / struct in6_ndifreq_32 /
1405	case SIOCSDEFIFACE_IN6_64: / struct in6_ndifreq_64 /
1406	case SIOCSIFINFO_FLAGS: / struct in6_ndireq /
1407	case SIOCGIFCGAPREP_IN6_32: / struct in6_cgareq_32 /
1408	case SIOCGIFCGAPREP_IN6_64: / struct in6_cgareq_64 /
1409	case SIOCSIFCGAPREP_IN6_32: / struct in6_cgareq_32 /
1410	case SIOCSIFCGAPREP_IN6_64: / struct in6_cgareq_32 /
1411	if (!privileged) {
1412	error = EPERM;
1413	goto done;
1414	}
1415	OS_FALLTHROUGH;
1416	case OSIOCGIFINFO_IN6: / struct in6_ondireq /
1417	case SIOCGIFINFO_IN6: / struct in6_ondireq /
1418	case SIOCGDRLST_IN6_32: / struct in6_drlist_32 /
1419	case SIOCGDRLST_IN6_64: / struct in6_drlist_64 /
1420	case SIOCGPRLST_IN6_32: / struct in6_prlist_32 /
1421	case SIOCGPRLST_IN6_64: / struct in6_prlist_64 /
1422	case SIOCGNBRINFO_IN6_32: / struct in6_nbrinfo_32 /
1423	case SIOCGNBRINFO_IN6_64: / struct in6_nbrinfo_64 /
1424	case SIOCGDEFIFACE_IN6_32: / struct in6_ndifreq_32 /
1425	case SIOCGDEFIFACE_IN6_64: / struct in6_ndifreq_64 /
1426	error = nd6_ioctl(cmd, data, ifp);
1427	goto done;
1428
1429	case SIOCSIFPREFIX_IN6: / struct in6_prefixreq (deprecated) /
1430	case SIOCDIFPREFIX_IN6: / struct in6_prefixreq (deprecated) /
1431	case SIOCAIFPREFIX_IN6: / struct in6_rrenumreq (deprecated) /
1432	case SIOCCIFPREFIX_IN6: / struct in6_rrenumreq (deprecated) /
1433	case SIOCSGIFPREFIX_IN6: / struct in6_rrenumreq (deprecated) /
1434	case SIOCGIFPREFIX_IN6: / struct in6_prefixreq (deprecated) /
1435	log(LOG_NOTICE,
1436	"prefix ioctls are now invalidated. "
1437	"please use ifconfig.\n");
1438	error = EOPNOTSUPP;
1439	goto done;
1440
1441	case SIOCSSCOPE6: / struct in6_ifreq (deprecated) /
1442	case SIOCGSCOPE6: / struct in6_ifreq (deprecated) /
1443	case SIOCGSCOPE6DEF: / struct in6_ifreq (deprecated) /
1444	error = EOPNOTSUPP;
1445	goto done;
1446
1447	case SIOCLL_CGASTART_32: / struct in6_cgareq_32 /
1448	case SIOCLL_CGASTART_64: / struct in6_cgareq_64 /
1449	if (!privileged) {
1450	error = EPERM;
1451	} else {
1452	error = in6ctl_cgastart(ifp, cmd, data);
1453	}
1454	goto done;
1455
1456	case SIOCGIFSTAT_IN6: / struct in6_ifreq /
1457	case SIOCGIFSTAT_ICMP6: / struct in6_ifreq /
1458	error = in6ctl_gifstat(ifp, cmd, ifr);
1459	goto done;
1460	}
1461
1462	/*
1463	* ioctls which require interface address; obtain sockaddr_in6.
1464	*/
1465	switch (cmd) {
1466	case SIOCSIFADDR_IN6: / struct in6_ifreq (deprecated) /
1467	case SIOCSIFDSTADDR_IN6: / struct in6_ifreq (deprecated) /
1468	case SIOCSIFNETMASK_IN6: / struct in6_ifreq (deprecated) /
1469	/*
1470	* Since IPv6 allows a node to assign multiple addresses
1471	* on a single interface, SIOCSIFxxx ioctls are deprecated.
1472	*/
1473	/ we decided to obsolete this command (20000704) /
1474	error = EOPNOTSUPP;
1475	goto done;
1476
1477	case SIOCAIFADDR_IN6_32: / struct in6_aliasreq_32 /
1478	case SIOCAIFADDR_IN6_64: / struct in6_aliasreq_64 /
1479	if (!privileged) {
1480	error = EPERM;
1481	goto done;
1482	}
1483	/*
1484	* Convert user ifra to the kernel form, when appropriate.
1485	* This allows the conversion between different data models
1486	* to be centralized, so that it can be passed around to other
1487	* routines that are expecting the kernel form.
1488	*/
1489	ifra = in6_aliasreq_to_native(data,
1490	data_is_64: (cmd == SIOCAIFADDR_IN6_64), dst: &sifra);
1491	SOCKADDR_COPY(&ifra->ifra_addr, &sin6, sizeof(sin6));
1492	sa6 = &sin6;
1493	break;
1494
1495	case SIOCDIFADDR_IN6: / struct in6_ifreq /
1496	case SIOCSIFALIFETIME_IN6: / struct in6_ifreq /
1497	if (!privileged) {
1498	error = EPERM;
1499	goto done;
1500	}
1501	OS_FALLTHROUGH;
1502	case SIOCGIFADDR_IN6: / struct in6_ifreq /
1503	case SIOCGIFDSTADDR_IN6: / struct in6_ifreq /
1504	case SIOCGIFNETMASK_IN6: / struct in6_ifreq /
1505	case SIOCGIFAFLAG_IN6: / struct in6_ifreq /
1506	case SIOCGIFALIFETIME_IN6: / struct in6_ifreq /
1507	SOCKADDR_COPY(&ifr->ifr_addr, &sin6, sizeof(sin6));
1508	sa6 = &sin6;
1509	break;
1510	case SIOCGIFDSTADDR:
1511	case SIOCSIFDSTADDR:
1512	case SIOCGIFBRDADDR:
1513	case SIOCSIFBRDADDR:
1514	case SIOCGIFNETMASK:
1515	case SIOCSIFNETMASK:
1516	case SIOCGIFADDR:
1517	case SIOCSIFADDR:
1518	case SIOCAIFADDR:
1519	case SIOCDIFADDR:
1520	/ Do not handle these AF_INET commands in AF_INET6 path /
1521	error = EINVAL;
1522	goto done;
1523	}
1524
1525	/*
1526	* Find address for this interface, if it exists.
1527	*
1528	* In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation
1529	* only, and used the first interface address as the target of other
1530	* operations (without checking ifra_addr). This was because netinet
1531	* code/API assumed at most 1 interface address per interface.
1532	* Since IPv6 allows a node to assign multiple addresses
1533	* on a single interface, we almost always look and check the
1534	* presence of ifra_addr, and reject invalid ones here.
1535	* It also decreases duplicated code among SIOC*_IN6 operations.
1536	*/
1537	VERIFY(ia == NULL);
1538	if (sa6 != NULL && sa6->sin6_family == AF_INET6) {
1539	if (IN6_IS_ADDR_LINKLOCAL(&sa6->sin6_addr)) {
1540	if (in6_embedded_scope) {
1541	if (sa6->sin6_addr.s6_addr16[`1`] == `0`) {
1542	/ link ID is not embedded by the user /
1543	sa6->sin6_addr.s6_addr16[`1`] =
1544	htons(ifp->if_index);
1545	} else if (sa6->sin6_addr.s6_addr16[`1`] !=
1546	htons(ifp->if_index)) {
1547	error = EINVAL; / link ID contradicts /
1548	goto done;
1549	}
1550	if (sa6->sin6_scope_id) {
1551	if (sa6->sin6_scope_id !=
1552	(u_int32_t)ifp->if_index) {
1553	error = EINVAL;
1554	goto done;
1555	}
1556	sa6->sin6_scope_id = `0`; / XXX: good way? /
1557	}
1558	} else {
1559	if (sa6->sin6_scope_id == IFSCOPE_NONE) {
1560	sa6->sin6_scope_id = ifp->if_index;
1561	} else if (sa6->sin6_scope_id != ifp->if_index) {
1562	error = EINVAL; / link ID contradicts /
1563	goto done;
1564	}
1565	}
1566	}
1567	/*
1568	* Any failures from this point on must take into account
1569	* a non-NULL "ia" with an outstanding reference count, and
1570	* therefore requires ifa_remref. Jump to "done" label
1571	* instead of calling return if "ia" is valid.
1572	*/
1573	ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr);
1574	}
1575
1576	/*
1577	* SIOCDIFADDR_IN6/SIOCAIFADDR_IN6 specific tests.
1578	*/
1579	switch (cmd) {
1580	case SIOCDIFADDR_IN6: / struct in6_ifreq /
1581	if (ia == NULL) {
1582	error = EADDRNOTAVAIL;
1583	goto done;
1584	}
1585	OS_FALLTHROUGH;
1586	case SIOCAIFADDR_IN6_32: / struct in6_aliasreq_32 /
1587	case SIOCAIFADDR_IN6_64: / struct in6_aliasreq_64 /
1588	VERIFY(sa6 != NULL);
1589	/*
1590	* We always require users to specify a valid IPv6 address for
1591	* the corresponding operation. Use "sa6" instead of "ifra"
1592	* since SIOCDIFADDR_IN6 falls thru above.
1593	*/
1594	if (sa6->sin6_family != AF_INET6 \|\|
1595	sa6->sin6_len != sizeof(struct sockaddr_in6)) {
1596	error = EAFNOSUPPORT;
1597	goto done;
1598	}
1599
1600	if ((cmd == SIOCAIFADDR_IN6_32 \|\| cmd == SIOCAIFADDR_IN6_64) &&
1601	(IN6_IS_ADDR_UNSPECIFIED(&sa6->sin6_addr) \|\|
1602	IN6_IS_ADDR_MULTICAST(&sa6->sin6_addr) \|\|
1603	IN6_IS_ADDR_V4MAPPED(&sa6->sin6_addr) \|\|
1604	IN6_IS_ADDR_V4COMPAT(&sa6->sin6_addr))) {
1605	error = EINVAL;
1606	goto done;
1607	}
1608	break;
1609	}
1610
1611	/*
1612	* And finally process address-related ioctls.
1613	*/
1614	switch (cmd) {
1615	case SIOCGIFADDR_IN6: / struct in6_ifreq /
1616	/ This interface is basically deprecated. use SIOCGIFCONF. /
1617	/ FALLTHRU /
1618	case SIOCGIFDSTADDR_IN6: / struct in6_ifreq /
1619	error = in6ctl_gifaddr(ifp, ia, cmd, ifr);
1620	break;
1621
1622	case SIOCGIFNETMASK_IN6: / struct in6_ifreq /
1623	if (ia != NULL) {
1624	IFA_LOCK(&ia->ia_ifa);
1625	SOCKADDR_COPY(&ia->ia_prefixmask, &ifr->ifr_addr,
1626	sizeof(struct sockaddr_in6));
1627	IFA_UNLOCK(&ia->ia_ifa);
1628	} else {
1629	error = EADDRNOTAVAIL;
1630	}
1631	break;
1632
1633	case SIOCGIFAFLAG_IN6: / struct in6_ifreq /
1634	if (ia != NULL) {
1635	IFA_LOCK(&ia->ia_ifa);
1636	bcopy(src: &ia->ia6_flags, dst: &ifr->ifr_ifru.ifru_flags6,
1637	n: sizeof(ifr->ifr_ifru.ifru_flags6));
1638	IFA_UNLOCK(&ia->ia_ifa);
1639	} else {
1640	error = EADDRNOTAVAIL;
1641	}
1642	break;
1643
1644	case SIOCGIFALIFETIME_IN6: / struct in6_ifreq /
1645	case SIOCSIFALIFETIME_IN6: / struct in6_ifreq /
1646	error = in6ctl_alifetime(ia, cmd, ifr, p64);
1647	break;
1648
1649	case SIOCAIFADDR_IN6_32: / struct in6_aliasreq_32 /
1650	case SIOCAIFADDR_IN6_64: / struct in6_aliasreq_64 /
1651	error = in6ctl_aifaddr(ifp, ifra);
1652	break;
1653
1654	case SIOCDIFADDR_IN6:
1655	in6ctl_difaddr(ifp, ia);
1656	break;
1657
1658	default:
1659	error = ifnet_ioctl(interface: ifp, PF_INET6, ioctl_code: cmd, ioctl_arg: data);
1660	break;
1661	}
1662
1663	done:
1664	if (ifp != NULL) {
1665	lck_mtx_lock(lck: &ifp->if_inet6_ioctl_lock);
1666	ifp->if_inet6_ioctl_busy = FALSE;
1667	lck_mtx_unlock(lck: &ifp->if_inet6_ioctl_lock);
1668	wakeup(chan: &ifp->if_inet6_ioctl_busy);
1669	}
1670
1671	if (ia != NULL) {
1672	ifa_remref(ifa: &ia->ia_ifa);
1673	}
1674	if (so_unlocked) {
1675	socket_lock(so, refcount: `0`);
1676	}
1677
1678	return error;
1679	}
1680
1681	static __attribute__((noinline)) int
1682	in6ctl_aifaddr(struct ifnet ifp, struct* in6_aliasreq *ifra)
1683	{
1684	int i, error, addtmp;
1685	uint8_t plen;
1686	struct nd_prefix pr0, *pr;
1687	struct in6_ifaddr *ia;
1688
1689	VERIFY(ifp != NULL && ifra != NULL);
1690	ia = NULL;
1691
1692	/*
1693	* XXX This interface is not meant to be used for static LLA
1694	* configuration.
1695	* Instead one can use SIOCLL_START can be used to configure LLA
1696	* statically.
1697	* For bin-compat reasons though, allow it for now and only make
1698	* sure that scope gets communicated correctly.
1699	*/
1700	if (IN6_IS_ADDR_LINKLOCAL(&ifra->ifra_addr.sin6_addr)) {
1701	if (in6_embedded_scope) {
1702	ifra->ifra_addr.sin6_addr.s6_addr16[`1`] = htons(ifp->if_index);
1703	} else {
1704	/*
1705	* XXX May be we should rather also check if sin6_scope_id
1706	* is already set or enforce if set that it is same
1707	* as interface index?
1708	* For now to avoid any unintended consequence, just use
1709	* interface index and set sin6_scope_id.
1710	* Also should we just prohibit this interface to configure
1711	* additional link local and limti LLA configuration through
1712	* other *_start ioctls?
1713	*/
1714	ifra->ifra_addr.sin6_addr.s6_addr16[`1`] = `0`;
1715	ifra->ifra_addr.sin6_scope_id = ifp->if_index;
1716	}
1717	}
1718
1719	/ Attempt to attach the protocol, in case it isn't attached /
1720	error = in6_domifattach(ifp);
1721	if (error == `0`) {
1722	/ PF_INET6 wasn't previously attached /
1723	error = in6_ifattach_aliasreq(ifp, NULL, NULL);
1724	if (error != `0`) {
1725	goto done;
1726	}
1727
1728	in6_if_up_dad_start(ifp);
1729	} else if (error != EEXIST) {
1730	goto done;
1731	}
1732
1733	/*
1734	* First, make or update the interface address structure, and link it
1735	* to the list.
1736	*/
1737	error = in6_update_ifa(ifp, ifra, `0`, &ia);
1738	if (error != `0`) {
1739	goto done;
1740	}
1741	VERIFY(ia != NULL);
1742
1743	/ Now, make the prefix on-link on the interface. /
1744	plen = (uint8_t)in6_mask2len(mask: &ifra->ifra_prefixmask.sin6_addr, NULL);
1745	if (plen == `128`) {
1746	goto done;
1747	}
1748
1749	/*
1750	* NOTE: We'd rather create the prefix before the address, but we need
1751	* at least one address to install the corresponding interface route,
1752	* so we configure the address first.
1753	*/
1754
1755	/*
1756	* Convert mask to prefix length (prefixmask has already been validated
1757	* in in6_update_ifa().
1758	*/
1759	bzero(s: &pr0, n: sizeof(pr0));
1760	pr0.ndpr_plen = plen;
1761	pr0.ndpr_ifp = ifp;
1762	pr0.ndpr_prefix = ifra->ifra_addr;
1763	pr0.ndpr_mask = ifra->ifra_prefixmask.sin6_addr;
1764
1765	/ apply the mask for safety. /
1766	for (i = `0`; i < `4`; i++) {
1767	pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &=
1768	ifra->ifra_prefixmask.sin6_addr.s6_addr32[i];
1769	}
1770
1771	/*
1772	* Since we don't have an API to set prefix (not address) lifetimes, we
1773	* just use the same lifetimes as addresses. The (temporarily)
1774	* installed lifetimes can be overridden by later advertised RAs (when
1775	* accept_rtadv is non 0), which is an intended behavior.
1776	*/
1777	pr0.ndpr_raf_onlink = `1`; / should be configurable? /
1778	pr0.ndpr_raf_auto = !!(ifra->ifra_flags & IN6_IFF_AUTOCONF);
1779	if (ifra->ifra_flags & (IN6_IFF_AUTOCONF \| IN6_IFF_DYNAMIC)) {
1780	pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime;
1781	pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime;
1782	} else {
1783	pr0.ndpr_vltime = ND6_INFINITE_LIFETIME;
1784	pr0.ndpr_pltime = ND6_INFINITE_LIFETIME;
1785	}
1786	pr0.ndpr_stateflags \|= NDPRF_STATIC;
1787	lck_mtx_init(lck: &pr0.ndpr_lock, grp: &ifa_mtx_grp, attr: &ifa_mtx_attr);
1788
1789	/ add the prefix if there's none. /
1790	if ((pr = nd6_prefix_lookup(&pr0, ND6_PREFIX_EXPIRY_NEVER)) == NULL) {
1791	/*
1792	* nd6_prelist_add will install the corresponding interface
1793	* route.
1794	*/
1795	error = nd6_prelist_add(&pr0, NULL, &pr, FALSE);
1796	if (error != `0`) {
1797	goto done;
1798	}
1799
1800	if (pr == NULL) {
1801	log(LOG_ERR, "%s: nd6_prelist_add okay, but"
1802	" no prefix.\n", __func__);
1803	error = EINVAL;
1804	goto done;
1805	}
1806	}
1807
1808	IFA_LOCK(&ia->ia_ifa);
1809
1810	/ if this is a new autoconfed addr /
1811	addtmp = FALSE;
1812	if (ia->ia6_ndpr == NULL) {
1813	NDPR_LOCK(pr);
1814	++pr->ndpr_addrcnt;
1815	if (!(ia->ia6_flags & IN6_IFF_NOTMANUAL)) {
1816	++pr->ndpr_manual_addrcnt;
1817	VERIFY(pr->ndpr_manual_addrcnt != `0`);
1818	}
1819	VERIFY(pr->ndpr_addrcnt != `0`);
1820	ia->ia6_ndpr = pr;
1821	NDPR_ADDREF(pr); / for addr reference /
1822
1823	/*
1824	* If this is the first autoconf address from the prefix,
1825	* create a temporary address as well (when specified).
1826	*/
1827	if ((ia->ia6_flags & IN6_IFF_AUTOCONF) != `0` &&
1828	ip6_use_tempaddr &&
1829	pr->ndpr_addrcnt == `1` &&
1830	(!IN6_IS_ADDR_UNIQUE_LOCAL(&ia->ia_addr.sin6_addr)
1831	\|\| ip6_ula_use_tempaddr)) {
1832	addtmp = true;
1833	}
1834	NDPR_UNLOCK(pr);
1835	}
1836
1837	IFA_UNLOCK(&ia->ia_ifa);
1838
1839	if (addtmp) {
1840	int e;
1841	e = in6_tmpifadd(ia, `1`);
1842	if (e != `0`) {
1843	log(LOG_NOTICE, "%s: failed to create a"
1844	" temporary address, error=%d\n",
1845	__func__, e);
1846	}
1847	}
1848
1849	/*
1850	* This might affect the status of autoconfigured addresses, that is,
1851	* this address might make other addresses detached.
1852	*/
1853	lck_mtx_lock(nd6_mutex);
1854	pfxlist_onlink_check();
1855	lck_mtx_unlock(nd6_mutex);
1856
1857	/ Drop use count held above during lookup/add /
1858	NDPR_REMREF(pr);
1859
1860	done:
1861	if (ia != NULL) {
1862	ifa_remref(ifa: &ia->ia_ifa);
1863	}
1864	return error;
1865	}
1866
1867	static __attribute__((noinline)) void
1868	in6ctl_difaddr(struct ifnet ifp, struct* in6_ifaddr *ia)
1869	{
1870	int i = `0`;
1871	struct nd_prefix pr0, *pr;
1872
1873	VERIFY(ifp != NULL && ia != NULL);
1874
1875	/*
1876	* If the address being deleted is the only one that owns
1877	* the corresponding prefix, expire the prefix as well.
1878	* XXX: theoretically, we don't have to worry about such
1879	* relationship, since we separate the address management
1880	* and the prefix management. We do this, however, to provide
1881	* as much backward compatibility as possible in terms of
1882	* the ioctl operation.
1883	* Note that in6_purgeaddr() will decrement ndpr_addrcnt.
1884	*/
1885	IFA_LOCK(&ia->ia_ifa);
1886	bzero(s: &pr0, n: sizeof(pr0));
1887	pr0.ndpr_ifp = ifp;
1888	pr0.ndpr_plen = (uint8_t)in6_mask2len(mask: &ia->ia_prefixmask.sin6_addr, NULL);
1889	if (pr0.ndpr_plen == `128`) {
1890	IFA_UNLOCK(&ia->ia_ifa);
1891	goto purgeaddr;
1892	}
1893	pr0.ndpr_prefix = ia->ia_addr;
1894	pr0.ndpr_mask = ia->ia_prefixmask.sin6_addr;
1895	for (i = `0`; i < `4`; i++) {
1896	pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &=
1897	ia->ia_prefixmask.sin6_addr.s6_addr32[i];
1898	}
1899	IFA_UNLOCK(&ia->ia_ifa);
1900
1901	if ((pr = nd6_prefix_lookup(&pr0, ND6_PREFIX_EXPIRY_UNSPEC)) != NULL) {
1902	IFA_LOCK(&ia->ia_ifa);
1903	NDPR_LOCK(pr);
1904	if (pr->ndpr_addrcnt == `1`) {
1905	/ XXX: just for expiration /
1906	pr->ndpr_expire = `1`;
1907	}
1908	NDPR_UNLOCK(pr);
1909	IFA_UNLOCK(&ia->ia_ifa);
1910
1911	/ Drop use count held above during lookup /
1912	NDPR_REMREF(pr);
1913	}
1914
1915	purgeaddr:
1916	in6_purgeaddr(&ia->ia_ifa);
1917	}
1918
1919	static __attribute__((noinline)) int
1920	in6_autoconf(struct ifnet ifp, int* enable)
1921	{
1922	int error = `0`;
1923
1924	VERIFY(ifp != NULL);
1925
1926	if (ifp->if_flags & IFF_LOOPBACK) {
1927	return EINVAL;
1928	}
1929
1930	if (enable) {
1931	/*
1932	* An interface in IPv6 router mode implies that it
1933	* is either configured with a static IP address or
1934	* autoconfigured via a locally-generated RA. Prevent
1935	* SIOCAUTOCONF_START from being set in that mode.
1936	*/
1937	ifnet_lock_exclusive(ifp);
1938	if (ifp->if_ipv6_router_mode == IPV6_ROUTER_MODE_EXCLUSIVE) {
1939	if_clear_eflags(ifp, IFEF_ACCEPT_RTADV);
1940	error = EBUSY;
1941	} else {
1942	if_set_eflags(ifp, IFEF_ACCEPT_RTADV);
1943	}
1944	ifnet_lock_done(ifp);
1945	} else {
1946	struct in6_ifaddr *ia = NULL;
1947
1948	if_clear_eflags(ifp, IFEF_ACCEPT_RTADV);
1949
1950	/ Remove autoconfigured address from interface /
1951	lck_rw_lock_exclusive(lck: &in6_ifaddr_rwlock);
1952	boolean_t from_begining = TRUE;
1953	while (from_begining) {
1954	from_begining = FALSE;
1955	TAILQ_FOREACH(ia, &in6_ifaddrhead, ia6_link) {
1956	if (ia->ia_ifa.ifa_ifp != ifp) {
1957	continue;
1958	}
1959	IFA_LOCK(&ia->ia_ifa);
1960	if (ia->ia6_flags & IN6_IFF_AUTOCONF) {
1961	ifa_addref(ifa: &ia->ia_ifa); / for us /
1962	IFA_UNLOCK(&ia->ia_ifa);
1963	lck_rw_done(lck: &in6_ifaddr_rwlock);
1964	in6_purgeaddr(&ia->ia_ifa);
1965	ifa_remref(ifa: &ia->ia_ifa); / for us /
1966	lck_rw_lock_exclusive(lck: &in6_ifaddr_rwlock);
1967	/*
1968	* Purging the address caused in6_ifaddr_rwlock
1969	* to be dropped and reacquired;
1970	* therefore search again from the beginning
1971	* of in6_ifaddrs list.
1972	*/
1973	from_begining = TRUE;
1974	break;
1975	}
1976	IFA_UNLOCK(&ia->ia_ifa);
1977	}
1978	}
1979	lck_rw_done(lck: &in6_ifaddr_rwlock);
1980	}
1981	return error;
1982	}
1983
1984	/*
1985	* Handle SIOCSETROUTERMODE_IN6 to set the IPv6 router mode on the interface
1986	* Entering or exiting IPV6_ROUTER_MODE_EXCLUSIVE will result in the removal of
1987	* autoconfigured IPv6 addresses on the interface.
1988	*/
1989	static __attribute__((noinline)) int
1990	in6_setrouter(struct ifnet *ifp, ipv6_router_mode_t mode)
1991	{
1992	int error = `0`;
1993	ipv6_router_mode_t prev_mode;
1994
1995	VERIFY(ifp != NULL);
1996
1997	if (ifp->if_flags & IFF_LOOPBACK) {
1998	return ENODEV;
1999	}
2000
2001	prev_mode = ifp->if_ipv6_router_mode;
2002	if (prev_mode == mode) {
2003	/ no mode change, there's nothing to do /
2004	return `0`;
2005	}
2006	if (mode == IPV6_ROUTER_MODE_EXCLUSIVE) {
2007	struct nd_ifinfo *ndi = NULL;
2008
2009	ndi = ND_IFINFO(ifp);
2010	if (ndi != NULL && ndi->initialized) {
2011	lck_mtx_lock(lck: &ndi->lock);
2012	if (ndi->flags & ND6_IFF_PROXY_PREFIXES) {
2013	/ No proxy if we are an advertising router /
2014	ndi->flags &= ~ND6_IFF_PROXY_PREFIXES;
2015	lck_mtx_unlock(lck: &ndi->lock);
2016	(void) nd6_if_prproxy(ifp, FALSE);
2017	} else {
2018	lck_mtx_unlock(lck: &ndi->lock);
2019	}
2020	}
2021	}
2022
2023	ifp->if_ipv6_router_mode = mode;
2024	lck_mtx_lock(nd6_mutex);
2025	defrouter_select(ifp, NULL);
2026	lck_mtx_unlock(nd6_mutex);
2027	if_allmulti(ifp, (mode == IPV6_ROUTER_MODE_EXCLUSIVE));
2028	if (mode == IPV6_ROUTER_MODE_EXCLUSIVE \|\|
2029	(prev_mode == IPV6_ROUTER_MODE_EXCLUSIVE
2030	&& mode == IPV6_ROUTER_MODE_DISABLED)) {
2031	error = in6_autoconf(ifp, FALSE);
2032	}
2033	return error;
2034	}
2035
2036	static int
2037	in6_to_kamescope(struct sockaddr_in6 sin6, struct* ifnet *ifp)
2038	{
2039	struct sockaddr_in6 tmp;
2040	int error, id;
2041
2042	VERIFY(sin6 != NULL);
2043	tmp = *sin6;
2044
2045	error = in6_recoverscope(&tmp, &sin6->sin6_addr, ifp);
2046	if (error != `0`) {
2047	return error;
2048	}
2049
2050	id = in6_addr2scopeid(ifp, &tmp.sin6_addr);
2051	if (tmp.sin6_scope_id == `0`) {
2052	tmp.sin6_scope_id = id;
2053	} else if (tmp.sin6_scope_id != id) {
2054	return EINVAL; / scope ID mismatch. /
2055	}
2056	error = in6_embedscope(&tmp.sin6_addr, &tmp, NULL, NULL, NULL, IN6_NULL_IF_EMBEDDED_SCOPE(&tmp.sin6_scope_id));
2057	if (error != `0`) {
2058	return error;
2059	}
2060
2061	if (in6_embedded_scope \|\| !IN6_IS_SCOPE_EMBED(&tmp.sin6_addr)) {
2062	tmp.sin6_scope_id = `0`;
2063	}
2064	*sin6 = tmp;
2065	return `0`;
2066	}
2067
2068	/*
2069	* When the address is being configured we should clear out certain flags
2070	* coming in from the caller.
2071	*/
2072	#define IN6_IFF_CLR_ADDR_FLAG_MASK (~(IN6_IFF_DEPRECATED \| IN6_IFF_DETACHED \| IN6_IFF_DUPLICATED))
2073
2074	static int
2075	in6_ifaupdate_aux(struct in6_ifaddr ia, struct* ifnet ifp, int* ifaupflags)
2076	{
2077	struct sockaddr_in6 mltaddr, mltmask;
2078	struct in6_addr llsol;
2079	struct ifaddr *ifa;
2080	struct in6_multi *in6m_sol;
2081	struct in6_multi_mship *imm;
2082	struct rtentry *rt;
2083	int delay, error = `0`;
2084
2085	VERIFY(ifp != NULL && ia != NULL);
2086	ifa = &ia->ia_ifa;
2087	in6m_sol = NULL;
2088
2089	nd6log2(debug, "%s - %s ifp %s ia6_flags 0x%x ifaupflags 0x%x\n",
2090	__func__,
2091	ip6_sprintf(&ia->ia_addr.sin6_addr),
2092	if_name(ia->ia_ifp),
2093	ia->ia6_flags,
2094	ifaupflags);
2095
2096	/*
2097	* Just to be safe, always clear certain flags when address
2098	* is being configured
2099	*/
2100	ia->ia6_flags &= IN6_IFF_CLR_ADDR_FLAG_MASK;
2101
2102	/*
2103	* Mark the address as tentative before joining multicast addresses,
2104	* so that corresponding MLD responses would not have a tentative
2105	* source address.
2106	*/
2107	if (in6if_do_dad(ifp)) {
2108	in6_ifaddr_set_dadprogress(ia);
2109	/*
2110	* Do not delay sending neighbor solicitations when using optimistic
2111	* duplicate address detection, c.f. RFC 4429.
2112	*/
2113	if (ia->ia6_flags & IN6_IFF_OPTIMISTIC) {
2114	ifaupflags &= ~IN6_IFAUPDATE_DADDELAY;
2115	} else {
2116	ifaupflags \|= IN6_IFAUPDATE_DADDELAY;
2117	}
2118	} else {
2119	/*
2120	* If the interface has been marked to not perform
2121	* DAD, make sure to reset DAD in progress flags
2122	* that may come in from the caller.
2123	*/
2124	ia->ia6_flags &= ~IN6_IFF_DADPROGRESS;
2125	}
2126
2127	/ Join necessary multicast groups /
2128	if ((ifp->if_flags & IFF_MULTICAST) != `0`) {
2129	/ join solicited multicast addr for new host id /
2130	bzero(s: &llsol, n: sizeof(struct in6_addr));
2131	llsol.s6_addr32[`0`] = IPV6_ADDR_INT32_MLL;
2132	llsol.s6_addr32[`1`] = `0`;
2133	llsol.s6_addr32[`2`] = htonl(`1`);
2134	llsol.s6_addr32[`3`] = ia->ia_addr.sin6_addr.s6_addr32[`3`];
2135	llsol.s6_addr8[`12`] = `0xff`;
2136	if ((error = in6_setscope(&llsol, ifp, NULL)) != `0`) {
2137	/ XXX: should not happen /
2138	log(LOG_ERR, "%s: in6_setscope failed\n", __func__);
2139	goto unwind;
2140	}
2141	delay = `0`;
2142	if ((ifaupflags & IN6_IFAUPDATE_DADDELAY)) {
2143	/*
2144	* We need a random delay for DAD on the address
2145	* being configured. It also means delaying
2146	* transmission of the corresponding MLD report to
2147	* avoid report collision. [RFC 4862]
2148	*/
2149	delay = random() % MAX_RTR_SOLICITATION_DELAY;
2150	}
2151	imm = in6_joingroup(ifp, &llsol, &error, delay);
2152	if (imm == NULL) {
2153	nd6log(info,
2154	"%s: addmulti failed for %s on %s (errno=%d)\n",
2155	__func__, ip6_sprintf(&llsol), if_name(ifp),
2156	error);
2157	VERIFY(error != `0`);
2158	goto unwind;
2159	}
2160	in6m_sol = imm->i6mm_maddr;
2161	/ take a refcount for this routine /
2162	IN6M_ADDREF(in6m_sol);
2163
2164	IFA_LOCK_SPIN(ifa);
2165	LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
2166	IFA_UNLOCK(ifa);
2167
2168	SOCKADDR_ZERO(&mltmask, sizeof(mltmask));
2169	mltmask.sin6_len = sizeof(struct sockaddr_in6);
2170	mltmask.sin6_family = AF_INET6;
2171	mltmask.sin6_addr = in6mask32;
2172	#define MLTMASK_LEN 4 /* mltmask's masklen (=32bit=4octet) */
2173
2174	/*
2175	* join link-local all-nodes address
2176	*/
2177	SOCKADDR_ZERO(&mltaddr, sizeof(mltaddr));
2178	mltaddr.sin6_len = sizeof(struct sockaddr_in6);
2179	mltaddr.sin6_family = AF_INET6;
2180	mltaddr.sin6_addr = in6addr_linklocal_allnodes;
2181	if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, IN6_NULL_IF_EMBEDDED_SCOPE(&mltaddr.sin6_scope_id))) != `0`) {
2182	goto unwind; / XXX: should not fail /
2183	}
2184	/*
2185	* XXX: do we really need this automatic routes?
2186	* We should probably reconsider this stuff. Most applications
2187	* actually do not need the routes, since they usually specify
2188	* the outgoing interface.
2189	*/
2190	rt = rtalloc1_scoped(SA(&mltaddr), `0`, `0UL`,
2191	ia->ia_ifp->if_index);
2192	if (rt) {
2193	if (memcmp(s1: &mltaddr.sin6_addr, s2: &SIN6(rt_key(rt))->sin6_addr, MLTMASK_LEN)) {
2194	rtfree(rt);
2195	rt = NULL;
2196	}
2197	}
2198	if (!rt) {
2199	error = rtrequest_scoped(RTM_ADD,
2200	SA(&mltaddr),
2201	SA(&ia->ia_addr),
2202	SA(&mltmask), RTF_UP \| RTF_CLONING,
2203	NULL, ia->ia_ifp->if_index);
2204	if (error) {
2205	goto unwind;
2206	}
2207	} else {
2208	rtfree(rt);
2209	}
2210
2211	imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, `0`);
2212	if (!imm) {
2213	nd6log(info,
2214	"%s: addmulti failed for %s on %s (errno=%d)\n",
2215	__func__, ip6_sprintf(&mltaddr.sin6_addr),
2216	if_name(ifp), error);
2217	VERIFY(error != `0`);
2218	goto unwind;
2219	}
2220	IFA_LOCK_SPIN(ifa);
2221	LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
2222	IFA_UNLOCK(ifa);
2223
2224	/*
2225	* join node information group address
2226	*/
2227	#define hostnamelen strlen(hostname)
2228	delay = `0`;
2229	if ((ifaupflags & IN6_IFAUPDATE_DADDELAY)) {
2230	/*
2231	* The spec doesn't say anything about delay for this
2232	* group, but the same logic should apply.
2233	*/
2234	delay = random() % MAX_RTR_SOLICITATION_DELAY;
2235	}
2236	lck_mtx_lock(lck: &hostname_lock);
2237	int n = in6_nigroup(ifp, hostname, hostnamelen, &mltaddr.sin6_addr, IN6_NULL_IF_EMBEDDED_SCOPE(&mltaddr.sin6_scope_id));
2238	lck_mtx_unlock(lck: &hostname_lock);
2239	if (n == `0`) {
2240	imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error,
2241	delay); / XXX jinmei /
2242	if (!imm) {
2243	nd6log(info,
2244	"%s: addmulti failed for %s on %s "
2245	"(errno=%d)\n",
2246	__func__, ip6_sprintf(&mltaddr.sin6_addr),
2247	if_name(ifp), error);
2248	/ XXX not very fatal, go on... /
2249	error = `0`;
2250	} else {
2251	IFA_LOCK_SPIN(ifa);
2252	LIST_INSERT_HEAD(&ia->ia6_memberships,
2253	imm, i6mm_chain);
2254	IFA_UNLOCK(ifa);
2255	}
2256	}
2257	#undef hostnamelen
2258
2259	/*
2260	* join interface-local all-nodes address.
2261	* (ff01::1%ifN, and ff01::%ifN/32)
2262	*/
2263	mltaddr.sin6_addr = in6addr_nodelocal_allnodes;
2264	if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, IN6_NULL_IF_EMBEDDED_SCOPE(&mltaddr.sin6_scope_id))) != `0`) {
2265	goto unwind; / XXX: should not fail /
2266	}
2267	/ XXX: again, do we really need the route? /
2268	rt = rtalloc1_scoped(SA(&mltaddr), `0`, `0UL`,
2269	ia->ia_ifp->if_index);
2270	if (rt) {
2271	if (memcmp(s1: &mltaddr.sin6_addr, s2: &(SIN6(rt_key(rt)))->sin6_addr, MLTMASK_LEN)) {
2272	rtfree(rt);
2273	rt = NULL;
2274	}
2275	}
2276	if (!rt) {
2277	error = rtrequest_scoped(RTM_ADD,
2278	SA(&mltaddr),
2279	SA(&ia->ia_addr),
2280	SA(&mltmask), RTF_UP \| RTF_CLONING,
2281	NULL, ia->ia_ifp->if_index);
2282	if (error) {
2283	goto unwind;
2284	}
2285	} else {
2286	rtfree(rt);
2287	}
2288
2289	imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, `0`);
2290	if (!imm) {
2291	nd6log(info,
2292	"%s: addmulti failed for %s on %s (errno=%d)\n",
2293	__func__, ip6_sprintf(&mltaddr.sin6_addr),
2294	if_name(ifp), error);
2295	VERIFY(error != `0`);
2296	goto unwind;
2297	}
2298	IFA_LOCK(ifa);
2299	LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
2300	IFA_UNLOCK(ifa);
2301	#undef MLTMASK_LEN
2302
2303	/*
2304	* create a ff00::/8 route
2305	*/
2306	SOCKADDR_ZERO(&mltmask, sizeof(mltmask));
2307	mltmask.sin6_len = sizeof(struct sockaddr_in6);
2308	mltmask.sin6_family = AF_INET6;
2309	mltmask.sin6_addr = in6mask8;
2310	#define MLTMASK_LEN_8_BITS 1 /* ff00::/8 mltmask's masklen (=8bit=1octet) */
2311
2312	SOCKADDR_ZERO(&mltaddr, sizeof(mltaddr));
2313	mltaddr.sin6_len = sizeof(struct sockaddr_in6);
2314	mltaddr.sin6_family = AF_INET6;
2315	mltaddr.sin6_addr = in6addr_multicast_prefix;
2316
2317	rt = rtalloc1_scoped(SA(&mltaddr), `0`, `0UL`,
2318	ia->ia_ifp->if_index);
2319	if (rt) {
2320	if (memcmp(s1: &mltaddr.sin6_addr, s2: &(SIN6(rt_key(rt)))->sin6_addr, MLTMASK_LEN_8_BITS)) {
2321	rtfree(rt);
2322	rt = NULL;
2323	}
2324	}
2325	if (!rt) {
2326	error = rtrequest_scoped(RTM_ADD,
2327	SA(&mltaddr),
2328	SA(&ia->ia_addr),
2329	SA(&mltmask), RTF_UP \| RTF_CLONING,
2330	NULL, ia->ia_ifp->if_index);
2331	if (error) {
2332	goto unwind;
2333	}
2334	} else {
2335	rtfree(rt);
2336	}
2337	}
2338	#undef MLTMASK_LEN_8_BITS
2339
2340	/ Ensure nd6_service() is scheduled as soon as it's convenient /
2341	++nd6_sched_timeout_want;
2342
2343	/*
2344	* Perform DAD, if:
2345	* * Interface is marked to perform DAD, AND
2346	* * Address is not marked to skip DAD, AND
2347	* * Address is in a pre-DAD state (Tentative or Optimistic)
2348	*/
2349	IFA_LOCK_SPIN(ifa);
2350	if (in6if_do_dad(ifp) && (ia->ia6_flags & IN6_IFF_NODAD) == `0` &&
2351	(ia->ia6_flags & IN6_IFF_DADPROGRESS) != `0`) {
2352	int mindelay, maxdelay;
2353	int *delayptr, delayval;
2354
2355	IFA_UNLOCK(ifa);
2356	delayptr = NULL;
2357	/*
2358	* Avoid the DAD delay if the caller wants us to skip it.
2359	* This is not compliant with RFC 2461, but it's only being
2360	* used for signalling and not for actual DAD.
2361	*/
2362	if ((ifaupflags & IN6_IFAUPDATE_DADDELAY) &&
2363	!(ia->ia6_flags & IN6_IFF_SWIFTDAD)) {
2364	/*
2365	* We need to impose a delay before sending an NS
2366	* for DAD. Check if we also needed a delay for the
2367	* corresponding MLD message. If we did, the delay
2368	* should be larger than the MLD delay (this could be
2369	* relaxed a bit, but this simple logic is at least
2370	* safe).
2371	*/
2372	mindelay = `0`;
2373	if (in6m_sol != NULL) {
2374	IN6M_LOCK(in6m_sol);
2375	if (in6m_sol->in6m_state ==
2376	MLD_REPORTING_MEMBER) {
2377	mindelay = in6m_sol->in6m_timer;
2378	}
2379	IN6M_UNLOCK(in6m_sol);
2380	}
2381	maxdelay = MAX_RTR_SOLICITATION_DELAY * hz;
2382	if (maxdelay - mindelay == `0`) {
2383	delayval = `0`;
2384	} else {
2385	delayval =
2386	(random() % (maxdelay - mindelay)) +
2387	mindelay;
2388	}
2389	delayptr = &delayval;
2390	}
2391
2392	nd6_dad_start((struct ifaddr *)ia, delayptr);
2393	} else {
2394	IFA_UNLOCK(ifa);
2395	}
2396
2397	goto done;
2398
2399	unwind:
2400	VERIFY(error != `0`);
2401	in6_purgeaddr(&ia->ia_ifa);
2402
2403	done:
2404	/ release reference held for this routine /
2405	if (in6m_sol != NULL) {
2406	IN6M_REMREF(in6m_sol);
2407	}
2408	return error;
2409	}
2410
2411	/*
2412	* Request an IPv6 interface address. If the address is new, then it will be
2413	* constructed and appended to the interface address chains. The interface
2414	* address structure is optionally returned with a reference for the caller.
2415	*/
2416	int
2417	in6_update_ifa(struct ifnet ifp, struct* in6_aliasreq ifra, int* ifaupflags,
2418	struct in6_ifaddr **iar)
2419	{
2420	struct in6_addrlifetime ia6_lt;
2421	struct in6_ifaddr *ia;
2422	struct ifaddr *ifa;
2423	struct ifaddr *xifa;
2424	struct in6_addrlifetime *lt;
2425	uint64_t timenow;
2426	int plen, error;
2427
2428	/ Sanity check parameters and initialize locals /
2429	VERIFY(ifp != NULL && ifra != NULL && iar != NULL);
2430	ia = NULL;
2431	ifa = NULL;
2432	error = `0`;
2433
2434	/*
2435	* We always require users to specify a valid IPv6 address for
2436	* the corresponding operation.
2437	*/
2438	if (ifra->ifra_addr.sin6_family != AF_INET6 \|\|
2439	ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) {
2440	error = EAFNOSUPPORT;
2441	goto unwind;
2442	}
2443
2444	/ Validate ifra_prefixmask.sin6_len is properly bounded. /
2445	if (ifra->ifra_prefixmask.sin6_len == `0` \|\|
2446	ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6)) {
2447	error = EINVAL;
2448	goto unwind;
2449	}
2450
2451	/ Validate prefix length extracted from ifra_prefixmask structure. /
2452	plen = (uint8_t)in6_mask2len(mask: &ifra->ifra_prefixmask.sin6_addr,
2453	lim0: (u_char *)&ifra->ifra_prefixmask + ifra->ifra_prefixmask.sin6_len);
2454	if (plen <= `0`) {
2455	error = EINVAL;
2456	goto unwind;
2457	}
2458
2459	/ Validate lifetimes /
2460	lt = &ifra->ifra_lifetime;
2461	if (lt->ia6t_pltime > lt->ia6t_vltime) {
2462	log(LOG_INFO,
2463	"%s: pltime 0x%x > vltime 0x%x for %s\n", __func__,
2464	lt->ia6t_pltime, lt->ia6t_vltime,
2465	ip6_sprintf(&ifra->ifra_addr.sin6_addr));
2466	error = EINVAL;
2467	goto unwind;
2468	}
2469	if (lt->ia6t_vltime == `0`) {
2470	/*
2471	* the following log might be noisy, but this is a typical
2472	* configuration mistake or a tool's bug.
2473	*/
2474	log(LOG_INFO, "%s: valid lifetime is 0 for %s\n", __func__,
2475	ip6_sprintf(&ifra->ifra_addr.sin6_addr));
2476	}
2477
2478	/*
2479	* Before we lock the ifnet structure, we first check to see if the
2480	* address already exists. If so, then we don't allocate and link a
2481	* new one here.
2482	*/
2483	struct sockaddr_in6 lookup_address = ifra->ifra_addr;
2484	if (IN6_IS_ADDR_LINKLOCAL(&lookup_address.sin6_addr)) {
2485	if (in6_embedded_scope) {
2486	if (lookup_address.sin6_addr.s6_addr16[`1`] == `0`) {
2487	/ link ID is not embedded by the user /
2488	lookup_address.sin6_addr.s6_addr16[`1`] =
2489	htons(ifp->if_index);
2490	} else if (lookup_address.sin6_addr.s6_addr16[`1`] !=
2491	htons(ifp->if_index)) {
2492	error = EINVAL; / link ID contradicts /
2493	goto done;
2494	}
2495	} else {
2496	if (lookup_address.sin6_scope_id == IFSCOPE_NONE) {
2497	lookup_address.sin6_scope_id = ifp->if_index;
2498	}
2499	}
2500	if (lookup_address.sin6_scope_id != `0` &&
2501	lookup_address.sin6_scope_id !=
2502	(u_int32_t)ifp->if_index) {
2503	error = EINVAL;
2504	goto done;
2505	}
2506	}
2507
2508	ia = in6ifa_ifpwithaddr(ifp, &lookup_address.sin6_addr);
2509	if (ia != NULL) {
2510	ifa = &ia->ia_ifa;
2511	}
2512
2513	/*
2514	* Validate destination address on interface types that require it.
2515	*/
2516	if ((ifp->if_flags & (IFF_LOOPBACK \| IFF_POINTOPOINT)) != `0`) {
2517	switch (ifra->ifra_dstaddr.sin6_family) {
2518	case AF_INET6:
2519	if (plen != `128`) {
2520	/ noisy message for diagnostic purposes /
2521	log(LOG_INFO,
2522	"%s: prefix length < 128 with"
2523	" explicit dstaddr.\n", __func__);
2524	error = EINVAL;
2525	goto unwind;
2526	}
2527	break;
2528
2529	case AF_UNSPEC:
2530	break;
2531
2532	default:
2533	error = EAFNOSUPPORT;
2534	goto unwind;
2535	}
2536	} else if (ifra->ifra_dstaddr.sin6_family != AF_UNSPEC) {
2537	log(LOG_INFO,
2538	"%s: dstaddr valid only on p2p and loopback interfaces.\n",
2539	__func__);
2540	error = EINVAL;
2541	goto unwind;
2542	}
2543
2544	timenow = net_uptime();
2545
2546	if (ia == NULL) {
2547	zalloc_flags_t how;
2548
2549	/ Is this the first new IPv6 address for the interface? /
2550	ifaupflags \|= IN6_IFAUPDATE_NEWADDR;
2551
2552	/ Allocate memory for IPv6 interface address structure. /
2553	how = (ifaupflags & IN6_IFAUPDATE_NOWAIT) ? Z_NOWAIT : Z_WAITOK;
2554	ia = in6_ifaddr_alloc(how);
2555	if (ia == NULL) {
2556	error = ENOBUFS;
2557	goto unwind;
2558	}
2559
2560	ifa = &ia->ia_ifa;
2561
2562	/*
2563	* Initialize interface address structure.
2564	*
2565	* Note well: none of these sockaddr_in6 structures contain a
2566	* valid sin6_port, sin6_flowinfo or even a sin6_scope_id field.
2567	* We still embed link-local scope identifiers at the end of an
2568	* arbitrary fe80::/32 prefix, for historical reasons. Also, the
2569	* ifa_dstaddr field is always non-NULL on point-to-point and
2570	* loopback interfaces, and conventionally points to a socket
2571	* address of AF_UNSPEC family when there is no destination.
2572	*
2573	* Please enjoy the dancing sea turtle.
2574	*/
2575	IA6_HASH_INIT(ia);
2576	ifa->ifa_addr = SA(&ia->ia_addr);
2577	if (ifra->ifra_dstaddr.sin6_family == AF_INET6 \|\|
2578	(ifp->if_flags & (IFF_POINTOPOINT \| IFF_LOOPBACK)) != `0`) {
2579	ifa->ifa_dstaddr = SA(&ia->ia_dstaddr);
2580	}
2581	ifa->ifa_netmask = SA(&ia->ia_prefixmask);
2582	ifa->ifa_ifp = ifp;
2583	ifa->ifa_metric = ifp->if_metric;
2584	ifa->ifa_rtrequest = nd6_rtrequest;
2585
2586	LIST_INIT(&ia->ia6_memberships);
2587	ia->ia_addr.sin6_family = AF_INET6;
2588	ia->ia_addr.sin6_len = sizeof(ia->ia_addr);
2589	ia->ia_addr.sin6_addr = ifra->ifra_addr.sin6_addr;
2590	ia->ia_prefixmask.sin6_family = AF_INET6;
2591	ia->ia_prefixmask.sin6_len = sizeof(ia->ia_prefixmask);
2592	ia->ia_prefixmask.sin6_addr = ifra->ifra_prefixmask.sin6_addr;
2593	error = in6_to_kamescope(sin6: &ia->ia_addr, ifp);
2594	if (error != `0`) {
2595	goto unwind;
2596	}
2597	if (ifa->ifa_dstaddr != NULL) {
2598	ia->ia_dstaddr = ifra->ifra_dstaddr;
2599	error = in6_to_kamescope(sin6: &ia->ia_dstaddr, ifp);
2600	if (error != `0`) {
2601	goto unwind;
2602	}
2603	}
2604
2605	/ Append to address chains /
2606	ifnet_lock_exclusive(ifp);
2607	ifaupflags \|= IN6_IFAUPDATE_1STADDR;
2608	TAILQ_FOREACH(xifa, &ifp->if_addrlist, ifa_list) {
2609	IFA_LOCK_SPIN(xifa);
2610	if (xifa->ifa_addr->sa_family != AF_INET6) {
2611	IFA_UNLOCK(xifa);
2612	ifaupflags &= ~IN6_IFAUPDATE_1STADDR;
2613	break;
2614	}
2615	IFA_UNLOCK(xifa);
2616	}
2617
2618	IFA_LOCK_SPIN(ifa);
2619	if_attach_ifa(ifp, ifa); / holds reference for ifnet link /
2620	IFA_UNLOCK(ifa);
2621	ifnet_lock_done(ifp);
2622
2623	lck_rw_lock_exclusive(lck: &in6_ifaddr_rwlock);
2624	TAILQ_INSERT_TAIL(&in6_ifaddrhead, ia, ia6_link);
2625	ifa_addref(ifa); / hold for in6_ifaddrs link /
2626	os_atomic_inc(&in6_ifaddrlist_genid, relaxed);
2627	lck_rw_done(lck: &in6_ifaddr_rwlock);
2628	} else {
2629	ifa = &ia->ia_ifa;
2630	ifaupflags &= ~(IN6_IFAUPDATE_NEWADDR \| IN6_IFAUPDATE_1STADDR);
2631	}
2632
2633	VERIFY(ia != NULL && ifa == &ia->ia_ifa);
2634
2635	if (!(ifaupflags & IN6_IFAUPDATE_NEWADDR) && ia->ia6_ndpr != NULL) {
2636	/ If we're flopping between address configuration methods, adjust the counts. /
2637	struct nd_prefix *pr = ia->ia6_ndpr;
2638	NDPR_LOCK(pr);
2639	if ((ia->ia6_flags & IN6_IFF_NOTMANUAL) && !(ifra->ifra_flags & IN6_IFF_NOTMANUAL)) {
2640	log(LOG_DEBUG, "address %s already exists in automatic form", ip6_sprintf(&ia->ia_addr.sin6_addr));
2641	pr->ndpr_manual_addrcnt--;
2642	} else if (!(ia->ia6_flags & IN6_IFF_NOTMANUAL) && (ifra->ifra_flags & IN6_IFF_NOTMANUAL)) {
2643	log(LOG_DEBUG, "address %s already exists in manual form", ip6_sprintf(&ia->ia_addr.sin6_addr));
2644	/ no need to adjust counts here as npdr_addrcnt is always adjusted no matter the interface type /
2645	}
2646	NDPR_UNLOCK(pr);
2647	}
2648
2649	IFA_LOCK(ifa);
2650
2651	/*
2652	* Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred
2653	* to see if the address is deprecated or invalidated, but initialize
2654	* these members for applications.
2655	*/
2656	ia->ia6_updatetime = ia->ia6_createtime = timenow;
2657	ia6_lt = *lt;
2658	if (ia6_lt.ia6t_vltime != ND6_INFINITE_LIFETIME) {
2659	ia6_lt.ia6t_expire = (time_t)(timenow + ia6_lt.ia6t_vltime);
2660	} else {
2661	ia6_lt.ia6t_expire = `0`;
2662	}
2663	if (ia6_lt.ia6t_pltime != ND6_INFINITE_LIFETIME) {
2664	ia6_lt.ia6t_preferred = (time_t)(timenow + ia6_lt.ia6t_pltime);
2665	} else {
2666	ia6_lt.ia6t_preferred = `0`;
2667	}
2668	in6ifa_setlifetime(ia, &ia6_lt);
2669
2670	/*
2671	* Backward compatibility - if IN6_IFF_DEPRECATED is set from the
2672	* userland, make it deprecated.
2673	*/
2674	if ((ia->ia6_flags & IN6_IFF_DEPRECATED) != `0`) {
2675	ia->ia6_lifetime.ia6ti_pltime = `0`;
2676	ia->ia6_lifetime.ia6ti_preferred = timenow;
2677	}
2678
2679	/*
2680	* Update flag or prefix length
2681	*/
2682	ia->ia_plen = plen;
2683	ia->ia6_flags = ifra->ifra_flags;
2684
2685	/ Release locks (new address available to concurrent tasks) /
2686	IFA_UNLOCK(ifa);
2687
2688	/ Further initialization of the interface address /
2689	error = in6_ifinit(ifp, ia, ifaupflags);
2690	if (error != `0`) {
2691	goto unwind;
2692	}
2693
2694	/ Finish updating the address while other tasks are working with it /
2695	error = in6_ifaupdate_aux(ia, ifp, ifaupflags);
2696	if (error != `0`) {
2697	goto unwind;
2698	}
2699
2700	/ Return success (optionally w/ address for caller). /
2701	VERIFY(error == `0`);
2702	(void) ifnet_notify_address(ifp, AF_INET6);
2703
2704	goto done;
2705
2706	unwind:
2707	VERIFY(error != `0`);
2708	if (ia != NULL) {
2709	VERIFY(ifa == &ia->ia_ifa);
2710	ifa_remref(ifa);
2711	ia = NULL;
2712	}
2713
2714	done:
2715	*iar = ia;
2716	return error;
2717	}
2718
2719	void
2720	in6_purgeaddr(struct ifaddr *ifa)
2721	{
2722	struct ifnet *ifp = ifa->ifa_ifp;
2723	struct in6_ifaddr ia = (struct* in6_ifaddr *)ifa;
2724	struct in6_multi_mship *imm;
2725
2726	LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED);
2727
2728	/ stop DAD processing /
2729	nd6_dad_stop(ifa);
2730
2731	/*
2732	* delete route to the destination of the address being purged.
2733	* The interface must be p2p or loopback in this case.
2734	*/
2735	IFA_LOCK(ifa);
2736	if ((ia->ia_flags & IFA_ROUTE) && ia->ia_plen == `128`) {
2737	int error, rtf;
2738
2739	IFA_UNLOCK(ifa);
2740	rtf = (ia->ia_dstaddr.sin6_family == AF_INET6) ? RTF_HOST : `0`;
2741	error = rtinit(&(ia->ia_ifa), RTM_DELETE, rtf);
2742	if (error != `0`) {
2743	log(LOG_ERR, "in6_purgeaddr: failed to remove "
2744	"a route to the p2p destination: %s on %s, "
2745	"errno=%d\n",
2746	ip6_sprintf(&ia->ia_addr.sin6_addr), if_name(ifp),
2747	error);
2748	/ proceed anyway... /
2749	}
2750	IFA_LOCK_SPIN(ifa);
2751	ia->ia_flags &= ~IFA_ROUTE;
2752	}
2753	IFA_UNLOCK(ifa);
2754
2755	/ Remove ownaddr's loopback rtentry, if it exists. /
2756	in6_ifremloop(ifa: &(ia->ia_ifa));
2757
2758	/*
2759	* leave from multicast groups we have joined for the interface
2760	*/
2761	IFA_LOCK(ifa);
2762	while ((imm = ia->ia6_memberships.lh_first) != NULL) {
2763	LIST_REMOVE(imm, i6mm_chain);
2764	IFA_UNLOCK(ifa);
2765	in6_leavegroup(imm);
2766	IFA_LOCK(ifa);
2767	}
2768	IFA_UNLOCK(ifa);
2769
2770	/ in6_unlink_ifa() will need exclusive access /
2771	in6_unlink_ifa(ia, ifp);
2772	in6_post_msg(ifp, KEV_INET6_ADDR_DELETED, ia, NULL);
2773
2774	(void) ifnet_notify_address(ifp, AF_INET6);
2775	}
2776
2777	static void
2778	in6_unlink_ifa(struct in6_ifaddr ia, struct* ifnet *ifp)
2779	{
2780	struct in6_ifaddr *nia;
2781	struct ifaddr *ifa;
2782	int unlinked;
2783
2784	LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED);
2785
2786	ifa = &ia->ia_ifa;
2787	ifa_addref(ifa);
2788
2789	ifnet_lock_exclusive(ifp);
2790	IFA_LOCK(ifa);
2791	if (ifa->ifa_debug & IFD_ATTACHED) {
2792	if_detach_ifa(ifp, ifa);
2793	}
2794	IFA_UNLOCK(ifa);
2795	ifnet_lock_done(ifp);
2796
2797	unlinked = `0`;
2798	lck_rw_lock_exclusive(lck: &in6_ifaddr_rwlock);
2799	TAILQ_FOREACH(nia, &in6_ifaddrhead, ia6_link) {
2800	if (ia == nia) {
2801	TAILQ_REMOVE(&in6_ifaddrhead, ia, ia6_link);
2802	os_atomic_inc(&in6_ifaddrlist_genid, relaxed);
2803	IFA_LOCK(ifa);
2804	if (IA6_IS_HASHED(ia)) {
2805	in6_iahash_remove(ia);
2806	}
2807	IFA_UNLOCK(ifa);
2808	unlinked = `1`;
2809	break;
2810	}
2811	}
2812
2813	/*
2814	* When IPv6 address is being removed, release the
2815	* reference to the base prefix.
2816	* Also, since the release might, affect the status
2817	* of other (detached) addresses, call
2818	* pfxlist_onlink_check().
2819	*/
2820	IFA_LOCK(ifa);
2821	/*
2822	* Only log the below message for addresses other than
2823	* link local.
2824	* Only one LLA (auto-configured or statically) is allowed
2825	* on an interface.
2826	* LLA prefix, while added to the prefix list, is not
2827	* reference countedi (as it is the only one).
2828	* The prefix also never expires on its own as LLAs
2829	* have infinite lifetime.
2830	*
2831	* For now quiece down the log message for LLAs.
2832	*/
2833	if (!IN6_IS_ADDR_LINKLOCAL(&ia->ia_addr.sin6_addr)) {
2834	if (ia->ia6_ndpr == NULL) {
2835	log(LOG_NOTICE, "in6_unlink_ifa: IPv6 address "
2836	"0x%llx has no prefix\n",
2837	(uint64_t)VM_KERNEL_ADDRPERM(ia));
2838	} else {
2839	struct nd_prefix *pr = ia->ia6_ndpr;
2840
2841	NDPR_LOCK(pr);
2842	if (!(ia->ia6_flags & IN6_IFF_NOTMANUAL)) {
2843	VERIFY(pr->ndpr_manual_addrcnt != `0`);
2844	pr->ndpr_manual_addrcnt--;
2845	}
2846	ia->ia6_flags &= ~IN6_IFF_AUTOCONF;
2847	ia->ia6_ndpr = NULL;
2848	VERIFY(pr->ndpr_addrcnt != `0`);
2849	pr->ndpr_addrcnt--;
2850	if (ia->ia6_flags & IN6_IFF_CLAT46) {
2851	pr->ndpr_stateflags &= ~NDPRF_CLAT46;
2852	}
2853	NDPR_UNLOCK(pr);
2854	NDPR_REMREF(pr); / release addr reference /
2855	}
2856	}
2857	IFA_UNLOCK(ifa);
2858	lck_rw_done(lck: &in6_ifaddr_rwlock);
2859
2860	if ((ia->ia6_flags & IN6_IFF_AUTOCONF) != `0`) {
2861	lck_mtx_lock(nd6_mutex);
2862	pfxlist_onlink_check();
2863	lck_mtx_unlock(nd6_mutex);
2864	}
2865	/*
2866	* release another refcnt for the link from in6_ifaddrs.
2867	* Do this only if it's not already unlinked in the event that we lost
2868	* the race, since in6_ifaddr_rwlock was momentarily dropped above.
2869	*/
2870	if (unlinked) {
2871	ifa_remref(ifa);
2872	}
2873
2874	/ release reference held for this routine /
2875	ifa_remref(ifa);
2876
2877	/ invalidate route caches /
2878	routegenid_inet6_update();
2879	}
2880
2881	void
2882	in6_purgeif(struct ifnet *ifp)
2883	{
2884	struct in6_ifaddr *ia;
2885
2886	if (ifp == NULL) {
2887	return;
2888	}
2889
2890	LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED);
2891
2892	lck_rw_lock_exclusive(lck: &in6_ifaddr_rwlock);
2893	boolean_t from_begining = TRUE;
2894	while (from_begining) {
2895	from_begining = FALSE;
2896	TAILQ_FOREACH(ia, &in6_ifaddrhead, ia6_link) {
2897	if (ia->ia_ifa.ifa_ifp != ifp) {
2898	continue;
2899	}
2900	ifa_addref(ifa: &ia->ia_ifa); / for us /
2901	lck_rw_done(lck: &in6_ifaddr_rwlock);
2902	in6_purgeaddr(ifa: &ia->ia_ifa);
2903	ifa_remref(ifa: &ia->ia_ifa); / for us /
2904	lck_rw_lock_exclusive(lck: &in6_ifaddr_rwlock);
2905	/*
2906	* Purging the address would have caused
2907	* in6_ifaddr_rwlock to be dropped and reacquired;
2908	* therefore search again from the beginning
2909	* of in6_ifaddrs list.
2910	*/
2911	from_begining = TRUE;
2912	break;
2913	}
2914	}
2915	lck_rw_done(lck: &in6_ifaddr_rwlock);
2916
2917	in6_ifdetach(ifp);
2918	}
2919
2920	/*
2921	* Initialize an interface's internet6 address and routing table entry.
2922	*/
2923	static int
2924	in6_ifinit(struct ifnet ifp, struct* in6_ifaddr ia, int* ifaupflags)
2925	{
2926	int error;
2927	struct ifaddr *ifa;
2928
2929	error = `0`;
2930	ifa = &ia->ia_ifa;
2931
2932	lck_rw_lock_exclusive(lck: &in6_ifaddr_rwlock);
2933	IFA_LOCK(&ia->ia_ifa);
2934	if (IA6_IS_HASHED(ia)) {
2935	in6_iahash_remove(ia);
2936	}
2937	if ((ifp->if_flags & IFF_POINTOPOINT)) {
2938	in6_iahash_insert_ptp(ia);
2939	} else {
2940	in6_iahash_insert(ia);
2941	}
2942	IFA_UNLOCK(&ia->ia_ifa);
2943	lck_rw_done(lck: &in6_ifaddr_rwlock);
2944
2945	/*
2946	* NOTE: SIOCSIFADDR is defined with struct ifreq as parameter,
2947	* but here we are sending it down to the interface with a pointer
2948	* to struct ifaddr, for legacy reasons.
2949	*/
2950	if ((ifaupflags & IN6_IFAUPDATE_1STADDR) != `0`) {
2951	error = ifnet_ioctl(interface: ifp, PF_INET6, SIOCSIFADDR, ioctl_arg: ia);
2952	if (error != `0`) {
2953	if (error != EOPNOTSUPP) {
2954	goto failed;
2955	}
2956	error = `0`;
2957	}
2958	}
2959
2960	IFA_LOCK(ifa);
2961
2962	/*
2963	* Special case:
2964	* If the destination address is specified for a point-to-point
2965	* interface, install a route to the destination as an interface
2966	* direct route.
2967	*/
2968	if (!(ia->ia_flags & IFA_ROUTE) && ia->ia_plen == `128` &&
2969	ia->ia_dstaddr.sin6_family == AF_INET6) {
2970	IFA_UNLOCK(ifa);
2971	error = rtinit(ifa, RTM_ADD, RTF_UP \| RTF_HOST);
2972	if (error != `0`) {
2973	goto failed;
2974	}
2975	IFA_LOCK(ifa);
2976	ia->ia_flags \|= IFA_ROUTE;
2977	}
2978	IFA_LOCK_ASSERT_HELD(ifa);
2979	if (ia->ia_plen < `128`) {
2980	/*
2981	* The RTF_CLONING flag is necessary for in6_is_ifloop_auto().
2982	*/
2983	ia->ia_flags \|= RTF_CLONING;
2984	}
2985
2986	IFA_UNLOCK(ifa);
2987
2988	/ Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). /
2989	if ((ifaupflags & IN6_IFAUPDATE_NEWADDR) != `0`) {
2990	in6_ifaddloop(ifa);
2991	}
2992
2993	/ invalidate route caches /
2994	routegenid_inet6_update();
2995
2996	VERIFY(error == `0`);
2997	return `0`;
2998	failed:
2999	VERIFY(error != `0`);
3000	lck_rw_lock_exclusive(lck: &in6_ifaddr_rwlock);
3001	IFA_LOCK(&ia->ia_ifa);
3002	if (IA6_IS_HASHED(ia)) {
3003	in6_iahash_remove(ia);
3004	}
3005	IFA_UNLOCK(&ia->ia_ifa);
3006	lck_rw_done(lck: &in6_ifaddr_rwlock);
3007
3008	return error;
3009	}
3010
3011	void
3012	in6_purgeaddrs(struct ifnet *ifp)
3013	{
3014	in6_purgeif(ifp);
3015	}
3016
3017	/*
3018	* Find an IPv6 interface link-local address specific to an interface.
3019	*/
3020	struct in6_ifaddr *
3021	in6ifa_ifpforlinklocal(struct ifnet ifp, int* ignoreflags)
3022	{
3023	struct ifaddr *ifa;
3024
3025	ifnet_lock_shared(ifp);
3026	TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list)
3027	{
3028	IFA_LOCK_SPIN(ifa);
3029	if (ifa->ifa_addr->sa_family != AF_INET6) {
3030	IFA_UNLOCK(ifa);
3031	continue;
3032	}
3033	if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) {
3034	if ((((struct in6_ifaddr *)ifa)->ia6_flags &
3035	ignoreflags) != `0`) {
3036	IFA_UNLOCK(ifa);
3037	continue;
3038	}
3039	ifa_addref(ifa); / for caller /
3040	IFA_UNLOCK(ifa);
3041	break;
3042	}
3043	IFA_UNLOCK(ifa);
3044	}
3045	ifnet_lock_done(ifp);
3046
3047	return (struct in6_ifaddr *)ifa;
3048	}
3049
3050	struct in6_ifaddr *
3051	in6ifa_ifpwithflag(struct ifnet * ifp, int flag)
3052	{
3053	struct ifaddr *ifa;
3054
3055	ifnet_lock_shared(ifp);
3056	TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list)
3057	{
3058	IFA_LOCK_SPIN(ifa);
3059	if (ifa->ifa_addr->sa_family != AF_INET6) {
3060	IFA_UNLOCK(ifa);
3061	continue;
3062	}
3063	if ((((struct in6_ifaddr *)ifa)->ia6_flags & flag) == flag) {
3064	ifa_addref(ifa);
3065	IFA_UNLOCK(ifa);
3066	break;
3067	}
3068	IFA_UNLOCK(ifa);
3069	}
3070	ifnet_lock_done(ifp);
3071
3072	return (struct in6_ifaddr *)ifa;
3073	}
3074
3075	/*
3076	* find the internet address corresponding to a given interface and address.
3077	*/
3078	struct in6_ifaddr *
3079	in6ifa_ifpwithaddr(struct ifnet ifp, struct* in6_addr *addr)
3080	{
3081	struct ifaddr *ifa;
3082
3083	ifnet_lock_shared(ifp);
3084	TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list)
3085	{
3086	IFA_LOCK_SPIN(ifa);
3087	if (ifa->ifa_addr->sa_family != AF_INET6) {
3088	IFA_UNLOCK(ifa);
3089	continue;
3090	}
3091	if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) {
3092	ifa_addref(ifa); / for caller /
3093	IFA_UNLOCK(ifa);
3094	break;
3095	}
3096	IFA_UNLOCK(ifa);
3097	}
3098	ifnet_lock_done(ifp);
3099
3100	return (struct in6_ifaddr *)ifa;
3101	}
3102
3103	struct in6_ifaddr *
3104	in6ifa_prproxyaddr(struct in6_addr *addr, uint32_t ifscope)
3105	{
3106	struct in6_ifaddr *ia;
3107
3108	lck_rw_lock_shared(lck: &in6_ifaddr_rwlock);
3109	TAILQ_FOREACH(ia, IN6ADDR_HASH(addr), ia6_hash) {
3110	IFA_LOCK(&ia->ia_ifa);
3111	if (in6_are_addr_equal_scoped(addr, IFA_IN6(&ia->ia_ifa), ifscope, ia->ia_ifp->if_index)) {
3112	ifa_addref(ifa: &ia->ia_ifa); / for caller /
3113	IFA_UNLOCK(&ia->ia_ifa);
3114	break;
3115	}
3116	IFA_UNLOCK(&ia->ia_ifa);
3117	}
3118	lck_rw_done(lck: &in6_ifaddr_rwlock);
3119
3120	if (ia != NULL && !nd6_prproxy_ifaddr(ia)) {
3121	ifa_remref(ifa: &ia->ia_ifa);
3122	ia = NULL;
3123	}
3124
3125	return ia;
3126	}
3127
3128	void
3129	in6ifa_getlifetime(struct in6_ifaddr ia6, struct* in6_addrlifetime *t_dst,
3130	int iscalendar)
3131	{
3132	struct in6_addrlifetime_i *t_src = &ia6->ia6_lifetime;
3133	struct timeval caltime;
3134
3135	t_dst->ia6t_vltime = t_src->ia6ti_vltime;
3136	t_dst->ia6t_pltime = t_src->ia6ti_pltime;
3137	t_dst->ia6t_expire = `0`;
3138	t_dst->ia6t_preferred = `0`;
3139
3140	/ account for system time change /
3141	getmicrotime(&caltime);
3142	t_src->ia6ti_base_calendartime +=
3143	NET_CALCULATE_CLOCKSKEW(caltime,
3144	t_src->ia6ti_base_calendartime, net_uptime(),
3145	t_src->ia6ti_base_uptime);
3146
3147	if (iscalendar) {
3148	if (t_src->ia6ti_expire != `0` &&
3149	t_src->ia6ti_vltime != ND6_INFINITE_LIFETIME) {
3150	t_dst->ia6t_expire = (time_t)(t_src->ia6ti_base_calendartime +
3151	t_src->ia6ti_expire - t_src->ia6ti_base_uptime);
3152	}
3153
3154	if (t_src->ia6ti_preferred != `0` &&
3155	t_src->ia6ti_pltime != ND6_INFINITE_LIFETIME) {
3156	t_dst->ia6t_preferred = (time_t)(t_src->ia6ti_base_calendartime +
3157	t_src->ia6ti_preferred - t_src->ia6ti_base_uptime);
3158	}
3159	} else {
3160	if (t_src->ia6ti_expire != `0` &&
3161	t_src->ia6ti_vltime != ND6_INFINITE_LIFETIME) {
3162	t_dst->ia6t_expire = (time_t)t_src->ia6ti_expire;
3163	}
3164
3165	if (t_src->ia6ti_preferred != `0` &&
3166	t_src->ia6ti_pltime != ND6_INFINITE_LIFETIME) {
3167	t_dst->ia6t_preferred = (time_t)t_src->ia6ti_preferred;
3168	}
3169	}
3170	}
3171
3172	void
3173	in6ifa_setlifetime(struct in6_ifaddr ia6, struct* in6_addrlifetime *t_src)
3174	{
3175	struct in6_addrlifetime_i *t_dst = &ia6->ia6_lifetime;
3176	struct timeval caltime;
3177
3178	/ account for system time change /
3179	getmicrotime(&caltime);
3180	t_dst->ia6ti_base_calendartime +=
3181	NET_CALCULATE_CLOCKSKEW(caltime,
3182	t_dst->ia6ti_base_calendartime, net_uptime(),
3183	t_dst->ia6ti_base_uptime);
3184
3185	/ trust the caller for the values /
3186	t_dst->ia6ti_expire = t_src->ia6t_expire;
3187	t_dst->ia6ti_preferred = t_src->ia6t_preferred;
3188	t_dst->ia6ti_vltime = t_src->ia6t_vltime;
3189	t_dst->ia6ti_pltime = t_src->ia6t_pltime;
3190	}
3191
3192	/*
3193	* Convert IP6 address to printable (loggable) representation.
3194	*/
3195	char *
3196	ip6_sprintf(const struct in6_addr *addr)
3197	{
3198	static const char digits[] = "0123456789abcdef";
3199	static int ip6round = `0`;
3200	static char ip6buf[`8`][`48`];
3201
3202	int i;
3203	char *cp;
3204	const u_short a = (const* u_short *)addr;
3205	const u_char *d;
3206	u_char n;
3207	int dcolon = `0`;
3208	int zpad = `0`;
3209
3210	ip6round = (ip6round + `1`) & `7`;
3211	cp = ip6buf[ip6round];
3212
3213	for (i = `0`; i < `8`; i++) {
3214	if (dcolon == `1`) {
3215	if (*a == `0`) {
3216	if (i == `7`) {
3217	*cp++ = `':'`;
3218	}
3219	a++;
3220	continue;
3221	} else {
3222	dcolon = `2`;
3223	}
3224	}
3225	if (*a == `0`) {
3226	if (dcolon == `0` && *(a + `1`) == `0`) {
3227	if (i == `0`) {
3228	*cp++ = `':'`;
3229	}
3230	*cp++ = `':'`;
3231	dcolon = `1`;
3232	} else {
3233	*cp++ = `'0'`;
3234	*cp++ = `':'`;
3235	}
3236	a++;
3237	continue;
3238	}
3239	d = (const u_char *)a;
3240	zpad = `0`;
3241	if ((n = *d >> `4`) != `0`) {
3242	*cp++ = digits[n];
3243	zpad = `1`;
3244	}
3245	if ((n = *d++ & `0xf`) != `0` \|\| zpad) {
3246	*cp++ = digits[n];
3247	zpad = `1`;
3248	}
3249	if ((n = *d >> `4`) != `0` \|\| zpad) {
3250	*cp++ = digits[n];
3251	zpad = `1`;
3252	}
3253	if ((n = *d & `0xf`) != `0` \|\| zpad) {
3254	*cp++ = digits[n];
3255	}
3256	*cp++ = `':'`;
3257	a++;
3258	}
3259	*--cp = `0`;
3260	return ip6buf[ip6round];
3261	}
3262
3263	int
3264	in6addr_local(struct in6_addr *in6)
3265	{
3266	struct rtentry *rt;
3267	struct sockaddr_in6 sin6;
3268	int local = `0`;
3269
3270	if (IN6_IS_ADDR_LOOPBACK(in6) \|\| IN6_IS_SCOPE_LINKLOCAL(in6)) {
3271	return `1`;
3272	}
3273
3274	sin6.sin6_family = AF_INET6;
3275	sin6.sin6_len = sizeof(sin6);
3276	bcopy(src: in6, dst: &sin6.sin6_addr, n: sizeof(*in6));
3277	rt = rtalloc1(SA(&sin6), `0`, `0`);
3278
3279	if (rt != NULL) {
3280	RT_LOCK_SPIN(rt);
3281	if (rt->rt_gateway->sa_family == AF_LINK) {
3282	local = `1`;
3283	}
3284	RT_UNLOCK(rt);
3285	rtfree(rt);
3286	} else {
3287	local = in6_localaddr(in6);
3288	}
3289	return local;
3290	}
3291
3292	int
3293	in6_localaddr(struct in6_addr *in6)
3294	{
3295	struct in6_ifaddr *ia;
3296
3297	if (IN6_IS_ADDR_LOOPBACK(in6) \|\| IN6_IS_ADDR_LINKLOCAL(in6) \|\| IN6_IS_ADDR_MC_UNICAST_BASED_LINKLOCAL(in6)) {
3298	return `1`;
3299	}
3300
3301	lck_rw_lock_shared(lck: &in6_ifaddr_rwlock);
3302	TAILQ_FOREACH(ia, &in6_ifaddrhead, ia6_link) {
3303	IFA_LOCK_SPIN(&ia->ia_ifa);
3304	if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr,
3305	&ia->ia_prefixmask.sin6_addr)) {
3306	IFA_UNLOCK(&ia->ia_ifa);
3307	lck_rw_done(lck: &in6_ifaddr_rwlock);
3308	return `1`;
3309	}
3310	IFA_UNLOCK(&ia->ia_ifa);
3311	}
3312	lck_rw_done(lck: &in6_ifaddr_rwlock);
3313	return `0`;
3314	}
3315
3316	/*
3317	* return length of part which dst and src are equal
3318	* hard coding...
3319	*/
3320	int
3321	in6_matchlen(struct in6_addr src, struct* in6_addr *dst)
3322	{
3323	int match = `0`;
3324	u_char s = (u_char )src, d = (u_char )dst;
3325	u_char *lim = s + `16`, r;
3326
3327	while (s < lim) {
3328	if ((r = (d++ ^ s++)) != `0`) {
3329	while (r < `128`) {
3330	match++;
3331	r = (u_char)(r << `1`);
3332	}
3333	break;
3334	} else {
3335	match += `8`;
3336	}
3337	}
3338	return match;
3339	}
3340
3341	/ XXX: to be scope conscious /
3342	int
3343	in6_are_prefix_equal(struct in6_addr p1, uint32_t ifscope1, struct* in6_addr p2, uint32_t ifscope2, int* len)
3344	{
3345	int bytelen, bitlen;
3346
3347	/ sanity check /
3348	if (`0` > len \|\| len > `128`) {
3349	log(LOG_ERR, "%s: invalid prefix length(%d)\n", __func__, len);
3350	return `0`;
3351	}
3352
3353	bytelen = len / `8`;
3354	bitlen = len % `8`;
3355
3356	if (bcmp(s1: &p1->s6_addr, s2: &p2->s6_addr, n: bytelen)) {
3357	return `0`;
3358	}
3359	if (bitlen != `0` &&
3360	p1->s6_addr[bytelen] >> (`8` - bitlen) !=
3361	p2->s6_addr[bytelen] >> (`8` - bitlen)) {
3362	return `0`;
3363	}
3364
3365	if (IN6_IS_SCOPE_EMBED(p1) && !in6_embedded_scope) {
3366	return ifscope1 == ifscope2;
3367	}
3368
3369	return `1`;
3370	}
3371
3372	void
3373	in6_prefixlen2mask(struct in6_addr maskp, int* len)
3374	{
3375	u_char maskarray[`8`] = {`0x80`, `0xc0`, `0xe0`, `0xf0`, `0xf8`, `0xfc`, `0xfe`, `0xff`};
3376	int bytelen, bitlen, i;
3377
3378	/ sanity check /
3379	if (`0` > len \|\| len > `128`) {
3380	log(LOG_ERR, "%s: invalid prefix length(%d)\n", __func__, len);
3381	return;
3382	}
3383
3384	bzero(s: maskp, n: sizeof(*maskp));
3385	bytelen = len / `8`;
3386	bitlen = len % `8`;
3387	for (i = `0`; i < bytelen; i++) {
3388	maskp->s6_addr[i] = `0xff`;
3389	}
3390	if (bitlen) {
3391	maskp->s6_addr[bytelen] = maskarray[bitlen - `1`];
3392	}
3393	}
3394
3395	/*
3396	* return the best address out of the same scope
3397	*/
3398	struct in6_ifaddr *
3399	in6_ifawithscope(struct ifnet oifp, struct* in6_addr *dst)
3400	{
3401	int dst_scope = in6_addrscope(dst), src_scope, best_scope = `0`;
3402	int blen = -`1`;
3403	struct ifaddr *ifa;
3404	struct ifnet *ifp;
3405	struct in6_ifaddr *ifa_best = NULL;
3406
3407	if (oifp == NULL) {
3408	return NULL;
3409	}
3410
3411	/*
3412	* We search for all addresses on all interfaces from the beginning.
3413	* Comparing an interface with the outgoing interface will be done
3414	* only at the final stage of tiebreaking.
3415	*/
3416	ifnet_head_lock_shared();
3417	TAILQ_FOREACH(ifp, &ifnet_head, if_list) {
3418	/*
3419	* We can never take an address that breaks the scope zone
3420	* of the destination.
3421	*/
3422	if (in6_addr2scopeid(ifp, dst) != in6_addr2scopeid(oifp, dst)) {
3423	continue;
3424	}
3425
3426	ifnet_lock_shared(ifp);
3427	TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) {
3428	int tlen = -`1`, dscopecmp, bscopecmp, matchcmp;
3429
3430	IFA_LOCK(ifa);
3431	if (ifa->ifa_addr->sa_family != AF_INET6) {
3432	IFA_UNLOCK(ifa);
3433	continue;
3434	}
3435	src_scope = in6_addrscope(IFA_IN6(ifa));
3436
3437	/*
3438	* Don't use an address before completing DAD
3439	* nor a duplicated address.
3440	*/
3441	if (((struct in6_ifaddr *)ifa)->ia6_flags &
3442	(IN6_IFF_NOTREADY \| IN6_IFF_CLAT46)) {
3443	IFA_UNLOCK(ifa);
3444	continue;
3445	}
3446	/ XXX: is there any case to allow anycasts? /
3447	if (((struct in6_ifaddr *)ifa)->ia6_flags &
3448	IN6_IFF_ANYCAST) {
3449	IFA_UNLOCK(ifa);
3450	continue;
3451	}
3452	if (((struct in6_ifaddr *)ifa)->ia6_flags &
3453	IN6_IFF_DETACHED) {
3454	IFA_UNLOCK(ifa);
3455	continue;
3456	}
3457	/*
3458	* If this is the first address we find,
3459	* keep it anyway.
3460	*/
3461	if (ifa_best == NULL) {
3462	goto replace;
3463	}
3464
3465	/*
3466	* ifa_best is never NULL beyond this line except
3467	* within the block labeled "replace".
3468	*/
3469
3470	/*
3471	* If ifa_best has a smaller scope than dst and
3472	* the current address has a larger one than
3473	* (or equal to) dst, always replace ifa_best.
3474	* Also, if the current address has a smaller scope
3475	* than dst, ignore it unless ifa_best also has a
3476	* smaller scope.
3477	* Consequently, after the two if-clause below,
3478	* the followings must be satisfied:
3479	* (scope(src) < scope(dst) &&
3480	* scope(best) < scope(dst))
3481	* OR
3482	* (scope(best) >= scope(dst) &&
3483	* scope(src) >= scope(dst))
3484	*/
3485	if (IN6_ARE_SCOPE_CMP(best_scope, dst_scope) < `0` &&
3486	IN6_ARE_SCOPE_CMP(src_scope, dst_scope) >= `0`) {
3487	goto replace; / (A) /
3488	}
3489	if (IN6_ARE_SCOPE_CMP(src_scope, dst_scope) < `0` &&
3490	IN6_ARE_SCOPE_CMP(best_scope, dst_scope) >= `0`) {
3491	IFA_UNLOCK(ifa);
3492	continue; / (B) /
3493	}
3494	/*
3495	* A deprecated address SHOULD NOT be used in new
3496	* communications if an alternate (non-deprecated)
3497	* address is available and has sufficient scope.
3498	* RFC 4862, Section 5.5.4.
3499	*/
3500	if (((struct in6_ifaddr *)ifa)->ia6_flags &
3501	IN6_IFF_DEPRECATED) {
3502	/*
3503	* Ignore any deprecated addresses if
3504	* specified by configuration.
3505	*/
3506	if (!ip6_use_deprecated) {
3507	IFA_UNLOCK(ifa);
3508	continue;
3509	}
3510	/*
3511	* If we have already found a non-deprecated
3512	* candidate, just ignore deprecated addresses.
3513	*/
3514	if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED)
3515	== `0`) {
3516	IFA_UNLOCK(ifa);
3517	continue;
3518	}
3519	}
3520
3521	/*
3522	* A non-deprecated address is always preferred
3523	* to a deprecated one regardless of scopes and
3524	* address matching (Note invariants ensured by the
3525	* conditions (A) and (B) above.)
3526	*/
3527	if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) &&
3528	(((struct in6_ifaddr *)ifa)->ia6_flags &
3529	IN6_IFF_DEPRECATED) == `0`) {
3530	goto replace;
3531	}
3532
3533	/*
3534	* When we use temporary addresses described in
3535	* RFC 4941, we prefer temporary addresses to
3536	* public autoconf addresses. Again, note the
3537	* invariants from (A) and (B). Also note that we
3538	* don't have any preference between static addresses
3539	* and autoconf addresses (despite of whether or not
3540	* the latter is temporary or public.)
3541	*/
3542	if (ip6_use_tempaddr) {
3543	struct in6_ifaddr *ifat;
3544
3545	ifat = (struct in6_ifaddr *)ifa;
3546	if ((ifa_best->ia6_flags &
3547	(IN6_IFF_AUTOCONF \| IN6_IFF_TEMPORARY))
3548	== IN6_IFF_AUTOCONF &&
3549	(ifat->ia6_flags &
3550	(IN6_IFF_AUTOCONF \| IN6_IFF_TEMPORARY))
3551	== (IN6_IFF_AUTOCONF \| IN6_IFF_TEMPORARY)) {
3552	goto replace;
3553	}
3554	if ((ifa_best->ia6_flags &
3555	(IN6_IFF_AUTOCONF \| IN6_IFF_TEMPORARY))
3556	== (IN6_IFF_AUTOCONF \| IN6_IFF_TEMPORARY) &&
3557	(ifat->ia6_flags &
3558	(IN6_IFF_AUTOCONF \| IN6_IFF_TEMPORARY))
3559	== IN6_IFF_AUTOCONF) {
3560	IFA_UNLOCK(ifa);
3561	continue;
3562	}
3563	}
3564
3565	/*
3566	* At this point, we have two cases:
3567	* 1. we are looking at a non-deprecated address,
3568	* and ifa_best is also non-deprecated.
3569	* 2. we are looking at a deprecated address,
3570	* and ifa_best is also deprecated.
3571	* Also, we do not have to consider a case where
3572	* the scope of if_best is larger(smaller) than dst and
3573	* the scope of the current address is smaller(larger)
3574	* than dst. Such a case has already been covered.
3575	* Tiebreaking is done according to the following
3576	* items:
3577	* - the scope comparison between the address and
3578	* dst (dscopecmp)
3579	* - the scope comparison between the address and
3580	* ifa_best (bscopecmp)
3581	* - if the address match dst longer than ifa_best
3582	* (matchcmp)
3583	* - if the address is on the outgoing I/F (outI/F)
3584	*
3585	* Roughly speaking, the selection policy is
3586	* - the most important item is scope. The same scope
3587	* is best. Then search for a larger scope.
3588	* Smaller scopes are the last resort.
3589	* - A deprecated address is chosen only when we have
3590	* no address that has an enough scope, but is
3591	* prefered to any addresses of smaller scopes
3592	* (this must be already done above.)
3593	* - addresses on the outgoing I/F are preferred to
3594	* ones on other interfaces if none of above
3595	* tiebreaks. In the table below, the column "bI"
3596	* means if the best_ifa is on the outgoing
3597	* interface, and the column "sI" means if the ifa
3598	* is on the outgoing interface.
3599	* - If there is no other reasons to choose one,
3600	* longest address match against dst is considered.
3601	*
3602	* The precise decision table is as follows:
3603	* dscopecmp bscopecmp match bI oI \| replace?
3604	* N/A equal N/A Y N \| No (1)
3605	* N/A equal N/A N Y \| Yes (2)
3606	* N/A equal larger N/A \| Yes (3)
3607	* N/A equal !larger N/A \| No (4)
3608	* larger larger N/A N/A \| No (5)
3609	* larger smaller N/A N/A \| Yes (6)
3610	* smaller larger N/A N/A \| Yes (7)
3611	* smaller smaller N/A N/A \| No (8)
3612	* equal smaller N/A N/A \| Yes (9)
3613	* equal larger (already done at A above)
3614	*/
3615	dscopecmp = IN6_ARE_SCOPE_CMP(src_scope, dst_scope);
3616	bscopecmp = IN6_ARE_SCOPE_CMP(src_scope, best_scope);
3617
3618	if (bscopecmp == `0`) {
3619	struct ifnet *bifp = ifa_best->ia_ifp;
3620
3621	if (bifp == oifp && ifp != oifp) { / (1) /
3622	IFA_UNLOCK(ifa);
3623	continue;
3624	}
3625	if (bifp != oifp && ifp == oifp) { / (2) /
3626	goto replace;
3627	}
3628
3629	/*
3630	* Both bifp and ifp are on the outgoing
3631	* interface, or both two are on a different
3632	* interface from the outgoing I/F.
3633	* now we need address matching against dst
3634	* for tiebreaking.
3635	*/
3636	tlen = in6_matchlen(IFA_IN6(ifa), dst);
3637	matchcmp = tlen - blen;
3638	if (matchcmp > `0`) { / (3) /
3639	goto replace;
3640	}
3641	IFA_UNLOCK(ifa);
3642	continue; / (4) /
3643	}
3644	if (dscopecmp > `0`) {
3645	if (bscopecmp > `0`) { / (5) /
3646	IFA_UNLOCK(ifa);
3647	continue;
3648	}
3649	goto replace; / (6) /
3650	}
3651	if (dscopecmp < `0`) {
3652	if (bscopecmp > `0`) { / (7) /
3653	goto replace;
3654	}
3655	IFA_UNLOCK(ifa);
3656	continue; / (8) /
3657	}
3658
3659	/ now dscopecmp must be 0 /
3660	if (bscopecmp < `0`) {
3661	goto replace; / (9) /
3662	}
3663	replace:
3664	ifa_addref(ifa); / for ifa_best /
3665	blen = tlen >= `0` ? tlen :
3666	in6_matchlen(IFA_IN6(ifa), dst);
3667	best_scope =
3668	in6_addrscope(&ifa2ia6(ifa)->ia_addr.sin6_addr);
3669	IFA_UNLOCK(ifa);
3670	if (ifa_best) {
3671	ifa_remref(ifa: &ifa_best->ia_ifa);
3672	}
3673	ifa_best = (struct in6_ifaddr *)ifa;
3674	}
3675	ifnet_lock_done(ifp);
3676	}
3677	ifnet_head_done();
3678
3679	/ count statistics for future improvements /
3680	if (ifa_best == NULL) {
3681	ip6stat.ip6s_sources_none++;
3682	} else {
3683	IFA_LOCK_SPIN(&ifa_best->ia_ifa);
3684	if (oifp == ifa_best->ia_ifp) {
3685	ip6stat.ip6s_sources_sameif[best_scope]++;
3686	} else {
3687	ip6stat.ip6s_sources_otherif[best_scope]++;
3688	}
3689
3690	if (best_scope == dst_scope) {
3691	ip6stat.ip6s_sources_samescope[best_scope]++;
3692	} else {
3693	ip6stat.ip6s_sources_otherscope[best_scope]++;
3694	}
3695
3696	if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) != `0`) {
3697	ip6stat.ip6s_sources_deprecated[best_scope]++;
3698	}
3699	IFA_UNLOCK(&ifa_best->ia_ifa);
3700	}
3701
3702	return ifa_best;
3703	}
3704
3705	/*
3706	* return the best address out of the same scope. if no address was
3707	* found, return the first valid address from designated IF.
3708	*/
3709	struct in6_ifaddr *
3710	in6_ifawithifp(struct ifnet ifp, struct* in6_addr *dst)
3711	{
3712	int dst_scope = in6_addrscope(dst), blen = -`1`, tlen;
3713	struct ifaddr *ifa;
3714	struct in6_ifaddr *besta = NULL;
3715	struct in6_ifaddr dep[`2`]; /* last-resort: deprecated /
3716
3717	dep[`0`] = dep[`1`] = NULL;
3718
3719	/*
3720	* We first look for addresses in the same scope.
3721	* If there is one, return it.
3722	* If two or more, return one which matches the dst longest.
3723	* If none, return one of global addresses assigned other ifs.
3724	*/
3725	ifnet_lock_shared(ifp);
3726	TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) {
3727	IFA_LOCK(ifa);
3728	if (ifa->ifa_addr->sa_family != AF_INET6) {
3729	IFA_UNLOCK(ifa);
3730	continue;
3731	}
3732	if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_ANYCAST) {
3733	IFA_UNLOCK(ifa);
3734	continue; / XXX: is there any case to allow anycast? /
3735	}
3736	if (ifa2ia6(ifa)->ia6_flags & (IN6_IFF_NOTREADY \| IN6_IFF_CLAT46)) {
3737	IFA_UNLOCK(ifa);
3738	continue; / don't use this interface /
3739	}
3740	if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_DETACHED) {
3741	IFA_UNLOCK(ifa);
3742	continue;
3743	}
3744	if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
3745	if (ip6_use_deprecated) {
3746	ifa_addref(ifa); / for dep[0] /
3747	IFA_UNLOCK(ifa);
3748	if (dep[`0`] != NULL) {
3749	ifa_remref(ifa: &dep[`0`]->ia_ifa);
3750	}
3751	dep[`0`] = (struct in6_ifaddr *)ifa;
3752	} else {
3753	IFA_UNLOCK(ifa);
3754	}
3755	continue;
3756	}
3757
3758	if (dst_scope == in6_addrscope(IFA_IN6(ifa))) {
3759	/*
3760	* call in6_matchlen() as few as possible
3761	*/
3762	if (besta) {
3763	if (blen == -`1`) {
3764	IFA_UNLOCK(ifa);
3765	IFA_LOCK(&besta->ia_ifa);
3766	blen = in6_matchlen(
3767	src: &besta->ia_addr.sin6_addr, dst);
3768	IFA_UNLOCK(&besta->ia_ifa);
3769	IFA_LOCK(ifa);
3770	}
3771	tlen = in6_matchlen(IFA_IN6(ifa), dst);
3772	if (tlen > blen) {
3773	blen = tlen;
3774	ifa_addref(ifa); / for besta /
3775	IFA_UNLOCK(ifa);
3776	ifa_remref(ifa: &besta->ia_ifa);
3777	besta = (struct in6_ifaddr *)ifa;
3778	} else {
3779	IFA_UNLOCK(ifa);
3780	}
3781	} else {
3782	besta = (struct in6_ifaddr *)ifa;
3783	ifa_addref(ifa); / for besta /
3784	IFA_UNLOCK(ifa);
3785	}
3786	} else {
3787	IFA_UNLOCK(ifa);
3788	}
3789	}
3790	if (besta) {
3791	ifnet_lock_done(ifp);
3792	if (dep[`0`] != NULL) {
3793	ifa_remref(ifa: &dep[`0`]->ia_ifa);
3794	}
3795	return besta;
3796	}
3797
3798	TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) {
3799	IFA_LOCK(ifa);
3800	if (ifa->ifa_addr->sa_family != AF_INET6) {
3801	IFA_UNLOCK(ifa);
3802	continue;
3803	}
3804	if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_ANYCAST) {
3805	IFA_UNLOCK(ifa);
3806	continue; / XXX: is there any case to allow anycast? /
3807	}
3808	if (ifa2ia6(ifa)->ia6_flags & (IN6_IFF_NOTREADY \| IN6_IFF_CLAT46)) {
3809	IFA_UNLOCK(ifa);
3810	continue; / don't use this interface /
3811	}
3812	if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_DETACHED) {
3813	IFA_UNLOCK(ifa);
3814	continue;
3815	}
3816	if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
3817	if (ip6_use_deprecated) {
3818	ifa_addref(ifa); / for dep[1] /
3819	IFA_UNLOCK(ifa);
3820	if (dep[`1`] != NULL) {
3821	ifa_remref(ifa: &dep[`1`]->ia_ifa);
3822	}
3823	dep[`1`] = (struct in6_ifaddr *)ifa;
3824	} else {
3825	IFA_UNLOCK(ifa);
3826	}
3827	continue;
3828	}
3829	ifa_addref(ifa); / for caller /
3830	IFA_UNLOCK(ifa);
3831	ifnet_lock_done(ifp);
3832	if (dep[`0`] != NULL) {
3833	ifa_remref(ifa: &dep[`0`]->ia_ifa);
3834	}
3835	if (dep[`1`] != NULL) {
3836	ifa_remref(ifa: &dep[`1`]->ia_ifa);
3837	}
3838	return (struct in6_ifaddr *)ifa;
3839	}
3840	ifnet_lock_done(ifp);
3841
3842	/ use the last-resort values, that are, deprecated addresses /
3843	if (dep[`0`]) {
3844	if (dep[`1`] != NULL) {
3845	ifa_remref(ifa: &dep[`1`]->ia_ifa);
3846	}
3847	return dep[`0`];
3848	}
3849	if (dep[`1`]) {
3850	return dep[`1`];
3851	}
3852
3853	return NULL;
3854	}
3855
3856	/*
3857	* perform DAD when interface becomes IFF_UP.
3858	*/
3859	static void
3860	in6_if_up_dad_start(struct ifnet *ifp)
3861	{
3862	struct ifaddr *ifa;
3863	struct nd_ifinfo *ndi = NULL;
3864
3865	ndi = ND_IFINFO(ifp);
3866	VERIFY((NULL != ndi) && (TRUE == ndi->initialized));
3867	if (!(ndi->flags & ND6_IFF_DAD)) {
3868	return;
3869	}
3870
3871	/ start DAD on all the interface addresses /
3872	ifnet_lock_exclusive(ifp);
3873	TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) {
3874	struct in6_ifaddr *ia6;
3875
3876	IFA_LOCK_SPIN(ifa);
3877	if (ifa->ifa_addr->sa_family != AF_INET6) {
3878	IFA_UNLOCK(ifa);
3879	continue;
3880	}
3881	ia6 = (struct in6_ifaddr *)ifa;
3882	if (ia6->ia6_flags & IN6_IFF_DADPROGRESS) {
3883	int delay = `0`; / delay ticks before DAD output /
3884	IFA_UNLOCK(ifa);
3885	nd6_dad_start(ifa, &delay);
3886	} else {
3887	IFA_UNLOCK(ifa);
3888	}
3889	}
3890	ifnet_lock_done(ifp);
3891	}
3892
3893	int
3894	in6if_do_dad(
3895	struct ifnet *ifp)
3896	{
3897	struct nd_ifinfo *ndi = NULL;
3898
3899	if ((ifp->if_flags & IFF_LOOPBACK) != `0`) {
3900	return `0`;
3901	}
3902
3903	ndi = ND_IFINFO(ifp);
3904	VERIFY((NULL != ndi) && (TRUE == ndi->initialized));
3905	if (!(ndi->flags & ND6_IFF_DAD)) {
3906	return `0`;
3907	}
3908
3909	/*
3910	* If we are using the alternative neighbor discovery
3911	* interface on this interface, then skip DAD.
3912	*
3913	* Also, skip it for interfaces marked "local private"
3914	* for now, even when not marked as using the alternative
3915	* interface. This is for historical reasons.
3916	*/
3917	if (ifp->if_eflags &
3918	(IFEF_IPV6_ND6ALT \| IFEF_LOCALNET_PRIVATE \| IFEF_DIRECTLINK)) {
3919	return `0`;
3920	}
3921
3922	if (ifp->if_family == IFNET_FAMILY_IPSEC \|\|
3923	ifp->if_family == IFNET_FAMILY_UTUN) {
3924	/*
3925	* Ignore DAD for tunneling virtual interfaces, which get
3926	* their IPv6 address explicitly assigned.
3927	*/
3928	return `0`;
3929	}
3930
3931	switch (ifp->if_type) {
3932	#if IFT_DUMMY
3933	case IFT_DUMMY:
3934	#endif
3935	case IFT_FAITH:
3936	/*
3937	* These interfaces do not have the IFF_LOOPBACK flag,
3938	* but loop packets back. We do not have to do DAD on such
3939	* interfaces. We should even omit it, because loop-backed
3940	* NS would confuse the DAD procedure.
3941	*/
3942	return `0`;
3943	default:
3944	/*
3945	* Our DAD routine requires the interface up and running.
3946	* However, some interfaces can be up before the RUNNING
3947	* status. Additionaly, users may try to assign addresses
3948	* before the interface becomes up (or running).
3949	* We simply skip DAD in such a case as a work around.
3950	* XXX: we should rather mark "tentative" on such addresses,
3951	* and do DAD after the interface becomes ready.
3952	*/
3953	if ((ifp->if_flags & (IFF_UP \| IFF_RUNNING)) !=
3954	(IFF_UP \| IFF_RUNNING)) {
3955	return `0`;
3956	}
3957
3958	return `1`;
3959	}
3960	}
3961
3962	/*
3963	* Calculate max IPv6 MTU through all the interfaces and store it
3964	* to in6_maxmtu.
3965	*/
3966	void
3967	in6_setmaxmtu(void)
3968	{
3969	u_int32_t maxmtu = `0`;
3970	struct ifnet *ifp;
3971
3972	ifnet_head_lock_shared();
3973	TAILQ_FOREACH(ifp, &ifnet_head, if_list) {
3974	struct nd_ifinfo *ndi = NULL;
3975
3976	if ((ndi = ND_IFINFO(ifp)) != NULL && !ndi->initialized) {
3977	ndi = NULL;
3978	}
3979	if (ndi != NULL) {
3980	lck_mtx_lock(lck: &ndi->lock);
3981	}
3982	if ((ifp->if_flags & IFF_LOOPBACK) == `0` &&
3983	IN6_LINKMTU(ifp) > maxmtu) {
3984	maxmtu = IN6_LINKMTU(ifp);
3985	}
3986	if (ndi != NULL) {
3987	lck_mtx_unlock(lck: &ndi->lock);
3988	}
3989	}
3990	ifnet_head_done();
3991	if (maxmtu) { / update only when maxmtu is positive /
3992	in6_maxmtu = maxmtu;
3993	}
3994	}
3995	/*
3996	* Provide the length of interface identifiers to be used for the link attached
3997	* to the given interface. The length should be defined in "IPv6 over
3998	* xxx-link" document. Note that address architecture might also define
3999	* the length for a particular set of address prefixes, regardless of the
4000	* link type. Also see RFC 4862 for additional background.
4001	*/
4002	int
4003	in6_if2idlen(struct ifnet *ifp)
4004	{
4005	switch (ifp->if_type) {
4006	case IFT_ETHER: / RFC2464 /
4007	case IFT_IEEE8023ADLAG: / IEEE802.3ad Link Aggregate /
4008	#ifdef IFT_PROPVIRTUAL
4009	case IFT_PROPVIRTUAL: / XXX: no RFC. treat it as ether /
4010	#endif
4011	#ifdef IFT_L2VLAN
4012	case IFT_L2VLAN: / ditto /
4013	#endif
4014	#ifdef IFT_IEEE80211
4015	case IFT_IEEE80211: / ditto /
4016	#endif
4017	#ifdef IFT_MIP
4018	case IFT_MIP: / ditto /
4019	#endif
4020	return `64`;
4021	case IFT_FDDI: / RFC2467 /
4022	return `64`;
4023	case IFT_ISO88025: / RFC2470 (IPv6 over Token Ring) /
4024	return `64`;
4025	case IFT_PPP: / RFC2472 /
4026	return `64`;
4027	case IFT_ARCNET: / RFC2497 /
4028	return `64`;
4029	case IFT_FRELAY: / RFC2590 /
4030	return `64`;
4031	case IFT_IEEE1394: / RFC3146 /
4032	return `64`;
4033	case IFT_GIF:
4034	return `64`; / draft-ietf-v6ops-mech-v2-07 /
4035	case IFT_LOOP:
4036	return `64`; / XXX: is this really correct? /
4037	case IFT_OTHER:
4038	return `64`; / for utun interfaces /
4039	case IFT_CELLULAR:
4040	return `64`; / Packet Data over Cellular /
4041	case IFT_BRIDGE:
4042	return `64`; / Transparent bridge interface /
4043	default:
4044	/*
4045	* Unknown link type:
4046	* It might be controversial to use the today's common constant
4047	* of 64 for these cases unconditionally. For full compliance,
4048	* we should return an error in this case. On the other hand,
4049	* if we simply miss the standard for the link type or a new
4050	* standard is defined for a new link type, the IFID length
4051	* is very likely to be the common constant. As a compromise,
4052	* we always use the constant, but make an explicit notice
4053	* indicating the "unknown" case.
4054	*/
4055	log(LOG_NOTICE, "%s: unknown link type (%d)\n", __func__,
4056	ifp->if_type);
4057	return `64`;
4058	}
4059	}
4060	/*
4061	* Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be
4062	* v4 mapped addr or v4 compat addr
4063	*/
4064	void
4065	in6_sin6_2_sin(struct sockaddr_in sin, struct* sockaddr_in6 *sin6)
4066	{
4067	SOCKADDR_ZERO(sin, sizeof(*sin));
4068	sin->sin_len = sizeof(struct sockaddr_in);
4069	sin->sin_family = AF_INET;
4070	sin->sin_port = sin6->sin6_port;
4071	sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[`3`];
4072	}
4073
4074	/ Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. /
4075	void
4076	in6_sin_2_v4mapsin6(struct sockaddr_in sin, struct* sockaddr_in6 *sin6)
4077	{
4078	SOCKADDR_ZERO(sin6, sizeof(*sin6));
4079	sin6->sin6_len = sizeof(struct sockaddr_in6);
4080	sin6->sin6_family = AF_INET6;
4081	sin6->sin6_port = sin->sin_port;
4082	sin6->sin6_addr.s6_addr32[`0`] = `0`;
4083	sin6->sin6_addr.s6_addr32[`1`] = `0`;
4084	if (sin->sin_addr.s_addr) {
4085	sin6->sin6_addr.s6_addr32[`2`] = IPV6_ADDR_INT32_SMP;
4086	sin6->sin6_addr.s6_addr32[`3`] = sin->sin_addr.s_addr;
4087	} else {
4088	sin6->sin6_addr.s6_addr32[`2`] = `0`;
4089	sin6->sin6_addr.s6_addr32[`3`] = `0`;
4090	}
4091	}
4092
4093	/ Convert sockaddr_in6 into sockaddr_in. /
4094	void
4095	in6_sin6_2_sin_in_sock(struct sockaddr *nam)
4096	{
4097	struct sockaddr_in *sin_p;
4098	struct sockaddr_in6 sin6;
4099
4100	/*
4101	* Save original sockaddr_in6 addr and convert it
4102	* to sockaddr_in.
4103	*/
4104	sin6 = *SIN6(nam);
4105	sin_p = SIN(nam);
4106	in6_sin6_2_sin(sin: sin_p, sin6: &sin6);
4107	}
4108
4109	/ Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. /
4110	int
4111	in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam)
4112	{
4113	struct sockaddr_in *sin_p;
4114	struct sockaddr_in6 *sin6_p;
4115
4116	sin6_p = SIN6(alloc_sockaddr(sizeof(*sin6_p),
4117	Z_WAITOK \| Z_NOFAIL));
4118
4119	sin_p = SIN(*nam);
4120	in6_sin_2_v4mapsin6(sin: sin_p, sin6: sin6_p);
4121	free_sockaddr(*nam);
4122	*nam = SA(sin6_p);
4123
4124	return `0`;
4125	}
4126
4127	/*
4128	* Posts in6_event_data message kernel events.
4129	*
4130	* To get the same size of kev_in6_data between ILP32 and LP64 data models
4131	* we are using a special version of the in6_addrlifetime structure that
4132	* uses only 32 bits fields to be compatible with Leopard, and that
4133	* are large enough to span 68 years.
4134	*/
4135	void
4136	in6_post_msg(struct ifnet ifp, u_int32_t event_code, struct* in6_ifaddr *ifa,
4137	uint8_t *mac)
4138	{
4139	struct kev_msg ev_msg;
4140	struct kev_in6_data in6_event_data;
4141	struct in6_addrlifetime ia6_lt;
4142
4143	bzero(s: &in6_event_data, n: sizeof(struct kev_in6_data));
4144	bzero(s: &ev_msg, n: sizeof(struct kev_msg));
4145	ev_msg.vendor_code = KEV_VENDOR_APPLE;
4146	ev_msg.kev_class = KEV_NETWORK_CLASS;
4147	ev_msg.kev_subclass = KEV_INET6_SUBCLASS;
4148	ev_msg.event_code = event_code;
4149
4150	if (ifa) {
4151	IFA_LOCK(&ifa->ia_ifa);
4152	in6_event_data.ia_addr = ifa->ia_addr;
4153	in6_event_data.ia_net = ifa->ia_net;
4154	in6_event_data.ia_dstaddr = ifa->ia_dstaddr;
4155	in6_event_data.ia_prefixmask = ifa->ia_prefixmask;
4156	in6_event_data.ia_plen = ifa->ia_plen;
4157	in6_event_data.ia6_flags = (u_int32_t)ifa->ia6_flags;
4158
4159	/ retrieve time as calendar time (last arg is 1) /
4160	in6ifa_getlifetime(ia6: ifa, t_dst: &ia6_lt, iscalendar: `1`);
4161	in6_event_data.ia_lifetime.ia6t_expire = (u_int32_t)ia6_lt.ia6t_expire;
4162	in6_event_data.ia_lifetime.ia6t_preferred = (u_int32_t)ia6_lt.ia6t_preferred;
4163	in6_event_data.ia_lifetime.ia6t_vltime = ia6_lt.ia6t_vltime;
4164	in6_event_data.ia_lifetime.ia6t_pltime = ia6_lt.ia6t_pltime;
4165	IFA_UNLOCK(&ifa->ia_ifa);
4166	}
4167
4168	if (ifp != NULL) {
4169	(void) strlcpy(dst: &in6_event_data.link_data.if_name[`0`],
4170	src: ifp->if_name, IFNAMSIZ);
4171	in6_event_data.link_data.if_family = ifp->if_family;
4172	in6_event_data.link_data.if_unit = (u_int32_t)ifp->if_unit;
4173	}
4174
4175	if (mac != NULL) {
4176	memcpy(dst: &in6_event_data.ia_mac, src: mac,
4177	n: sizeof(in6_event_data.ia_mac));
4178	}
4179
4180	ev_msg.dv[`0`].data_ptr = &in6_event_data;
4181	ev_msg.dv[`0`].data_length = sizeof(in6_event_data);
4182	ev_msg.dv[`1`].data_length = `0`;
4183
4184	dlil_post_complete_msg(NULL, &ev_msg);
4185	}
4186
4187	/*
4188	* Called as part of ip6_init
4189	*/
4190	void
4191	in6_ifaddr_init(void)
4192	{
4193	in6_cga_init();
4194	}
4195
4196	static struct in6_ifaddr *
4197	in6_ifaddr_alloc(zalloc_flags_t how)
4198	{
4199	struct in6_ifaddr *in6ifa;
4200
4201	in6ifa = kalloc_type(struct in6_ifaddr, Z_ZERO \| how);
4202	if (in6ifa == NULL) {
4203	return NULL;
4204	}
4205
4206	in6ifa->ia_ifa.ifa_free = in6_ifaddr_free;
4207	in6ifa->ia_ifa.ifa_debug \|= IFD_ALLOC;
4208	in6ifa->ia_ifa.ifa_del_wc = &in6ifa->ia_ifa.ifa_debug;
4209	in6ifa->ia_ifa.ifa_del_waiters = `0`;
4210	ifa_lock_init(&in6ifa->ia_ifa);
4211	ifa_initref(&in6ifa->ia_ifa);
4212
4213	return in6ifa;
4214	}
4215
4216	static void
4217	in6_ifaddr_free(struct ifaddr *ifa)
4218	{
4219	struct in6_ifaddr in6ifa = (struct* in6_ifaddr *)ifa;
4220
4221	IFA_LOCK_ASSERT_HELD(ifa);
4222
4223	if (!(ifa->ifa_debug & IFD_ALLOC)) {
4224	panic("%s: ifa %p cannot be freed", __func__, ifa);
4225	/ NOTREACHED /
4226	}
4227	IFA_UNLOCK(ifa);
4228	ifa_lock_destroy(ifa);
4229
4230	kfree_type(struct in6_ifaddr, in6ifa);
4231	}
4232
4233	/*
4234	* Handle SIOCGASSOCIDS ioctl for PF_INET6 domain.
4235	*/
4236	static int
4237	in6_getassocids(struct socket so, uint32_t cnt, user_addr_t aidp)
4238	{
4239	struct in6pcb *in6p = sotoin6pcb(so);
4240	sae_associd_t aid;
4241
4242	if (in6p == NULL \|\| in6p->inp_state == INPCB_STATE_DEAD) {
4243	return EINVAL;
4244	}
4245
4246	/ IN6PCB has no concept of association /
4247	aid = SAE_ASSOCID_ANY;
4248	*cnt = `0`;
4249
4250	/ just asking how many there are? /
4251	if (aidp == USER_ADDR_NULL) {
4252	return `0`;
4253	}
4254
4255	return copyout(&aid, aidp, sizeof(aid));
4256	}
4257
4258	/*
4259	* Handle SIOCGCONNIDS ioctl for PF_INET6 domain.
4260	*/
4261	static int
4262	in6_getconnids(struct socket so, sae_associd_t aid, uint32_t cnt,
4263	user_addr_t cidp)
4264	{
4265	struct in6pcb *in6p = sotoin6pcb(so);
4266	sae_connid_t cid;
4267
4268	if (in6p == NULL \|\| in6p->inp_state == INPCB_STATE_DEAD) {
4269	return EINVAL;
4270	}
4271
4272	if (aid != SAE_ASSOCID_ANY && aid != SAE_ASSOCID_ALL) {
4273	return EINVAL;
4274	}
4275
4276	/ if connected, return 1 connection count /
4277	*cnt = ((so->so_state & SS_ISCONNECTED) ? `1` : `0`);
4278
4279	/ just asking how many there are? /
4280	if (cidp == USER_ADDR_NULL) {
4281	return `0`;
4282	}
4283
4284	/ if IN6PCB is connected, assign it connid 1 /
4285	cid = ((*cnt != `0`) ? `1` : SAE_CONNID_ANY);
4286
4287	return copyout(&cid, cidp, sizeof(cid));
4288	}
4289
4290	/*
4291	* Handle SIOCGCONNINFO ioctl for PF_INET6 domain.
4292	*/
4293	int
4294	in6_getconninfo(struct socket so, sae_connid_t cid, uint32_t flags,
4295	uint32_t ifindex, int32_t soerror, user_addr_t src, socklen_t *src_len,
4296	user_addr_t dst, socklen_t dst_len, uint32_t aux_type,
4297	user_addr_t aux_data, uint32_t *aux_len)
4298	{
4299	struct in6pcb *in6p = sotoin6pcb(so);
4300	struct sockaddr_in6 sin6;
4301	struct ifnet *ifp = NULL;
4302	int error = `0`;
4303	u_int32_t copy_len = `0`;
4304
4305	/*
4306	* Don't test for INPCB_STATE_DEAD since this may be called
4307	* after SOF_PCBCLEARING is set, e.g. after tcp_close().
4308	*/
4309	if (in6p == NULL) {
4310	error = EINVAL;
4311	goto out;
4312	}
4313
4314	if (cid != SAE_CONNID_ANY && cid != SAE_CONNID_ALL && cid != `1`) {
4315	error = EINVAL;
4316	goto out;
4317	}
4318
4319	ifp = in6p->in6p_last_outifp;
4320	*ifindex = ((ifp != NULL) ? ifp->if_index : `0`);
4321	*soerror = so->so_error;
4322	*flags = `0`;
4323	if (so->so_state & SS_ISCONNECTED) {
4324	*flags \|= (CIF_CONNECTED \| CIF_PREFERRED);
4325	}
4326	if (in6p->in6p_flags & INP_BOUND_IF) {
4327	*flags \|= CIF_BOUND_IF;
4328	}
4329	if (!(in6p->in6p_flags & INP_IN6ADDR_ANY)) {
4330	*flags \|= CIF_BOUND_IP;
4331	}
4332	if (!(in6p->in6p_flags & INP_ANONPORT)) {
4333	*flags \|= CIF_BOUND_PORT;
4334	}
4335
4336	SOCKADDR_ZERO(&sin6, sizeof(sin6));
4337	sin6.sin6_len = sizeof(sin6);
4338	sin6.sin6_family = AF_INET6;
4339
4340	/ source address and port /
4341	sin6.sin6_port = in6p->in6p_lport;
4342	if (!in6_embedded_scope) {
4343	sin6.sin6_scope_id = in6p->inp_lifscope;
4344	}
4345	in6_recoverscope(&sin6, &in6p->in6p_laddr, NULL);
4346	if (*src_len == `0`) {
4347	*src_len = sin6.sin6_len;
4348	} else {
4349	if (src != USER_ADDR_NULL) {
4350	copy_len = min(a: src_len, b: sizeof*(sin6));
4351	error = copyout(&sin6, src, copy_len);
4352	if (error != `0`) {
4353	goto out;
4354	}
4355	*src_len = copy_len;
4356	}
4357	}
4358
4359	/ destination address and port /
4360	sin6.sin6_port = in6p->in6p_fport;
4361	if (!in6_embedded_scope) {
4362	sin6.sin6_scope_id = in6p->inp_fifscope;
4363	}
4364	in6_recoverscope(&sin6, &in6p->in6p_faddr, NULL);
4365	if (*dst_len == `0`) {
4366	*dst_len = sin6.sin6_len;
4367	} else {
4368	if (dst != USER_ADDR_NULL) {
4369	copy_len = min(a: dst_len, b: sizeof*(sin6));
4370	error = copyout(&sin6, dst, copy_len);
4371	if (error != `0`) {
4372	goto out;
4373	}
4374	*dst_len = copy_len;
4375	}
4376	}
4377
4378	if (SOCK_PROTO(so) == IPPROTO_TCP) {
4379	struct conninfo_tcp tcp_ci;
4380
4381	*aux_type = CIAUX_TCP;
4382	if (*aux_len == `0`) {
4383	aux_len = sizeof*(tcp_ci);
4384	} else {
4385	if (aux_data != USER_ADDR_NULL) {
4386	copy_len = min(a: aux_len, b: sizeof*(tcp_ci));
4387	bzero(s: &tcp_ci, n: sizeof(tcp_ci));
4388	tcp_getconninfo(so, &tcp_ci);
4389	error = copyout(&tcp_ci, aux_data, copy_len);
4390	if (error != `0`) {
4391	goto out;
4392	}
4393	*aux_len = copy_len;
4394	}
4395	}
4396	} else {
4397	*aux_type = `0`;
4398	*aux_len = `0`;
4399	}
4400
4401	out:
4402	return error;
4403	}
4404
4405	/*
4406	* 'u' group ioctls.
4407	*
4408	* The switch statement below does nothing at runtime, as it serves as a
4409	* compile time check to ensure that all of the socket 'u' ioctls (those
4410	* in the 'u' group going thru soo_ioctl) that are made available by the
4411	* networking stack is unique. This works as long as this routine gets
4412	* updated each time a new interface ioctl gets added.
4413	*
4414	* Any failures at compile time indicates duplicated ioctl values.
4415	*/
4416	static __attribute__((unused)) void
4417	in6ioctl_cassert(void)
4418	{
4419	/*
4420	* This is equivalent to _CASSERT() and the compiler wouldn't
4421	* generate any instructions, thus for compile time only.
4422	*/
4423	switch ((u_long)`0`) {
4424	case `0`:
4425
4426	/ bsd/netinet6/in6_var.h /
4427	case SIOCAADDRCTL_POLICY:
4428	case SIOCDADDRCTL_POLICY:
4429	case SIOCDRADD_IN6_32:
4430	case SIOCDRADD_IN6_64:
4431	case SIOCDRDEL_IN6_32:
4432	case SIOCDRDEL_IN6_64:
4433	;
4434	}
4435	}
4436
4437	void
4438	in6_ip6_to_sockaddr(const struct in6_addr *ip6, u_int16_t port, uint32_t ifscope,
4439	struct sockaddr_in6 *sin6, u_int32_t maxlen)
4440	{
4441	if (maxlen < sizeof(struct sockaddr_in6)) {
4442	return;
4443	}
4444
4445	sin6 = (struct* sockaddr_in6) {
4446	.sin6_family = AF_INET6,
4447	.sin6_len = sizeof(*sin6),
4448	.sin6_port = port,
4449	.sin6_addr = *ip6,
4450	.sin6_scope_id = IN6_IS_SCOPE_EMBED(ip6) ? ifscope : IFSCOPE_NONE,
4451	};
4452
4453	if (IN6_IS_SCOPE_EMBED(&sin6->sin6_addr)) {
4454	in6_verify_ifscope(&sin6->sin6_addr, ifscope);
4455	if (in6_embedded_scope) {
4456	sin6->sin6_scope_id = ntohs(sin6->sin6_addr.s6_addr16[`1`]);
4457	sin6->sin6_addr.s6_addr16[`1`] = `0`;
4458	}
4459	}
4460	}
4461
4462	/ IPv6 events /
4463	struct in6_event {
4464	in6_evhdlr_code_t in6_event_code;
4465	struct ifnet *in6_ifp;
4466	struct in6_addr in6_address;
4467	uint32_t val;
4468	};
4469
4470	struct in6_event2kev in6_event2kev_array[IN6_EVENT_MAX] = {
4471	{
4472	.in6_event_code = IN6_ADDR_MARKED_DUPLICATED,
4473	.in6_event_kev_subclass = KEV_ND6_SUBCLASS,
4474	.in6_event_kev_code = KEV_ND6_DAD_FAILURE,
4475	.in6_event_str = "IN6_ADDR_MARKED_DUPLICATED",
4476	},
4477	{
4478	.in6_event_code = IN6_ADDR_MARKED_DETACHED,
4479	.in6_event_kev_subclass = KEV_ND6_SUBCLASS,
4480	.in6_event_kev_code = KEV_ND6_ADDR_DETACHED,
4481	.in6_event_str = "IN6_ADDR_MARKED_DETACHED",
4482	},
4483	{
4484	.in6_event_code = IN6_ADDR_MARKED_DEPRECATED,
4485	.in6_event_kev_subclass = KEV_ND6_SUBCLASS,
4486	.in6_event_kev_code = KEV_ND6_ADDR_DEPRECATED,
4487	.in6_event_str = "IN6_ADDR_MARKED_DEPRECATED",
4488	},
4489	{
4490	.in6_event_code = IN6_NDP_RTR_EXPIRY,
4491	.in6_event_kev_subclass = KEV_ND6_SUBCLASS,
4492	.in6_event_kev_code = KEV_ND6_RTR_EXPIRED,
4493	.in6_event_str = "IN6_NDP_RTR_EXPIRY",
4494	},
4495	{
4496	.in6_event_code = IN6_NDP_PFX_EXPIRY,
4497	.in6_event_kev_subclass = KEV_ND6_SUBCLASS,
4498	.in6_event_kev_code = KEV_ND6_PFX_EXPIRED,
4499	.in6_event_str = "IN6_NDP_PFX_EXPIRY",
4500	},
4501	{
4502	.in6_event_code = IN6_NDP_ADDR_EXPIRY,
4503	.in6_event_kev_subclass = KEV_ND6_SUBCLASS,
4504	.in6_event_kev_code = KEV_ND6_ADDR_EXPIRED,
4505	.in6_event_str = "IN6_NDP_ADDR_EXPIRY",
4506	},
4507	};
4508
4509	void
4510	in6_eventhdlr_callback(struct eventhandler_entry_arg arg0 __unused,
4511	in6_evhdlr_code_t in6_ev_code, struct ifnet *ifp,
4512	struct in6_addr *p_addr6, uint32_t val)
4513	{
4514	struct kev_msg ev_msg;
4515	struct kev_nd6_event nd6_event;
4516
4517	bzero(s: &ev_msg, n: sizeof(ev_msg));
4518	bzero(s: &nd6_event, n: sizeof(nd6_event));
4519
4520	nd6log0(info, "%s Event %s received for %s\n",
4521	__func__, in6_event2kev_array[in6_ev_code].in6_event_str,
4522	ip6_sprintf(p_addr6));
4523
4524	ev_msg.vendor_code = KEV_VENDOR_APPLE;
4525	ev_msg.kev_class = KEV_NETWORK_CLASS;
4526	ev_msg.kev_subclass =
4527	in6_event2kev_array[in6_ev_code].in6_event_kev_subclass;
4528	ev_msg.event_code =
4529	in6_event2kev_array[in6_ev_code].in6_event_kev_code;
4530
4531	nd6_event.link_data.if_family = ifp->if_family;
4532	nd6_event.link_data.if_unit = ifp->if_unit;
4533	strlcpy(dst: nd6_event.link_data.if_name, src: ifp->if_name,
4534	n: sizeof(nd6_event.link_data.if_name));
4535
4536	VERIFY(p_addr6 != NULL);
4537	bcopy(src: p_addr6, dst: &nd6_event.in6_address,
4538	n: sizeof(nd6_event.in6_address));
4539	nd6_event.val = val;
4540
4541	ev_msg.dv[`0`].data_ptr = &nd6_event;
4542	ev_msg.dv[`0`].data_length = sizeof(nd6_event);
4543
4544	kev_post_msg(event: &ev_msg);
4545	}
4546
4547	struct in6_event_nwk_wq_entry {
4548	struct nwk_wq_entry nwk_wqe;
4549	struct in6_event in6_ev_arg;
4550	};
4551
4552	static void
4553	in6_event_callback(struct nwk_wq_entry *nwk_item)
4554	{
4555	struct in6_event_nwk_wq_entry *p_ev;
4556
4557	p_ev = __container_of(nwk_item, struct in6_event_nwk_wq_entry, nwk_wqe);
4558
4559	EVENTHANDLER_INVOKE(&in6_evhdlr_ctxt, in6_event,
4560	p_ev->in6_ev_arg.in6_event_code, p_ev->in6_ev_arg.in6_ifp,
4561	&p_ev->in6_ev_arg.in6_address, p_ev->in6_ev_arg.val);
4562
4563	kfree_type(struct in6_event_nwk_wq_entry, p_ev);
4564	}
4565
4566	void
4567	in6_event_enqueue_nwk_wq_entry(in6_evhdlr_code_t in6_event_code,
4568	struct ifnet ifp, struct* in6_addr *p_addr6,
4569	uint32_t val)
4570	{
4571	struct in6_event_nwk_wq_entry *p_in6_ev = NULL;
4572
4573	p_in6_ev = kalloc_type(struct in6_event_nwk_wq_entry,
4574	Z_WAITOK \| Z_ZERO \| Z_NOFAIL);
4575
4576	p_in6_ev->nwk_wqe.func = in6_event_callback;
4577	p_in6_ev->in6_ev_arg.in6_event_code = in6_event_code;
4578	p_in6_ev->in6_ev_arg.in6_ifp = ifp;
4579	if (p_addr6 != NULL) {
4580	bcopy(src: p_addr6, dst: &p_in6_ev->in6_ev_arg.in6_address,
4581	n: sizeof(p_in6_ev->in6_ev_arg.in6_address));
4582	}
4583	p_in6_ev->in6_ev_arg.val = val;
4584
4585	nwk_wq_enqueue(nwk_item: &p_in6_ev->nwk_wqe);
4586	}
4587
4588	/*
4589	* Caller must hold in6_ifaddr_rwlock as writer.
4590	*/
4591	static void
4592	in6_iahash_remove(struct in6_ifaddr *ia)
4593	{
4594	LCK_RW_ASSERT(&in6_ifaddr_rwlock, LCK_RW_ASSERT_EXCLUSIVE);
4595	IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
4596
4597	if (!IA6_IS_HASHED(ia)) {
4598	panic("%s: attempt to remove wrong ia %p from ipv6 hash table", __func__, ia);
4599	/ NOTREACHED /
4600	}
4601	TAILQ_REMOVE(IN6ADDR_HASH(&ia->ia_addr.sin6_addr), ia, ia6_hash);
4602	IA6_HASH_INIT(ia);
4603	ifa_remref(ifa: &ia->ia_ifa);
4604	}
4605
4606	/*
4607	* Caller must hold in6_ifaddr_rwlock as writer.
4608	*/
4609	static void
4610	in6_iahash_insert(struct in6_ifaddr *ia)
4611	{
4612	LCK_RW_ASSERT(&in6_ifaddr_rwlock, LCK_RW_ASSERT_EXCLUSIVE);
4613	IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
4614
4615	if (ia->ia_addr.sin6_family != AF_INET6) {
4616	panic("%s: attempt to insert wrong ia %p into hash table", __func__, ia);
4617	/ NOTREACHED /
4618	} else if (IA6_IS_HASHED(ia)) {
4619	panic("%s: attempt to double-insert ia %p into hash table", __func__, ia);
4620	/ NOTREACHED /
4621	}
4622	TAILQ_INSERT_HEAD(IN6ADDR_HASH(&ia->ia_addr.sin6_addr),
4623	ia, ia6_hash);
4624	ifa_addref(ifa: &ia->ia_ifa);
4625	}
4626
4627	/*
4628	* Some point to point interfaces that are tunnels borrow the address from
4629	* an underlying interface (e.g. VPN server). In order for source address
4630	* selection logic to find the underlying interface first, we add the address
4631	* of borrowing point to point interfaces at the end of the list.
4632	* (see rdar://6733789)
4633	*
4634	* Caller must hold in6_ifaddr_rwlock as writer.
4635	*/
4636	static void
4637	in6_iahash_insert_ptp(struct in6_ifaddr *ia)
4638	{
4639	struct in6_ifaddr *tmp_ifa;
4640	struct ifnet *tmp_ifp;
4641
4642	LCK_RW_ASSERT(&in6_ifaddr_rwlock, LCK_RW_ASSERT_EXCLUSIVE);
4643	IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
4644
4645	if (ia->ia_addr.sin6_family != AF_INET6) {
4646	panic("%s: attempt to insert wrong ia %p into hash table", __func__, ia);
4647	/ NOTREACHED /
4648	} else if (IA6_IS_HASHED(ia)) {
4649	panic("%s: attempt to double-insert ia %p into hash table", __func__, ia);
4650	/ NOTREACHED /
4651	}
4652	IFA_UNLOCK(&ia->ia_ifa);
4653	TAILQ_FOREACH(tmp_ifa, IN6ADDR_HASH(&ia->ia_addr.sin6_addr), ia6_hash) {
4654	IFA_LOCK(&tmp_ifa->ia_ifa);
4655	/ ia->ia_addr won't change, so check without lock /
4656	if (in6_are_addr_equal_scoped(&tmp_ifa->ia_addr.sin6_addr, &ia->ia_addr.sin6_addr, tmp_ifa->ia_addr.sin6_scope_id, ia->ia_addr.sin6_scope_id)) {
4657	IFA_UNLOCK(&tmp_ifa->ia_ifa);
4658	break;
4659	}
4660	IFA_UNLOCK(&tmp_ifa->ia_ifa);
4661	}
4662	tmp_ifp = (tmp_ifa == NULL) ? NULL : tmp_ifa->ia_ifp;
4663
4664	IFA_LOCK(&ia->ia_ifa);
4665	if (tmp_ifp == NULL) {
4666	TAILQ_INSERT_HEAD(IN6ADDR_HASH(&ia->ia_addr.sin6_addr),
4667	ia, ia6_hash);
4668	} else {
4669	TAILQ_INSERT_TAIL(IN6ADDR_HASH(&ia->ia_addr.sin6_addr),
4670	ia, ia6_hash);
4671	}
4672	ifa_addref(ifa: &ia->ia_ifa);
4673	}
4674
4675	/*
4676	* ipv6 socket options.
4677	*
4678	* The switch statement below does nothing at runtime, as it serves as a
4679	* compile time check to ensure that all of the ipv6 socket options are
4680	* unique. This works as long as this routine gets updated each time a
4681	* new ipv6 socket option gets added.
4682	*
4683	* Any failures at compile time indicates duplicated ipv6 socket option
4684	* values.
4685	*/
4686	static __attribute__((unused)) void
4687	tcpsockopt_cassert(void)
4688	{
4689	/*
4690	* This is equivalent to _CASSERT() and the compiler wouldn't
4691	* generate any instructions, thus for compile time only.
4692	*/
4693	switch ((int)`0`) {
4694	case `0`:
4695
4696	/ bsd/netinet6/in6.h /
4697	case IPV6_SOCKOPT_RESERVED1:
4698	case IPV6_UNICAST_HOPS:
4699	case IPV6_MULTICAST_IF:
4700	case IPV6_MULTICAST_HOPS:
4701	case IPV6_MULTICAST_LOOP:
4702	case IPV6_JOIN_GROUP:
4703	case IPV6_LEAVE_GROUP:
4704	case IPV6_PORTRANGE:
4705	case ICMP6_FILTER:
4706	case IPV6_2292PKTINFO:
4707	case IPV6_2292HOPLIMIT:
4708	case IPV6_2292NEXTHOP:
4709	case IPV6_2292HOPOPTS:
4710	case IPV6_2292DSTOPTS:
4711	case IPV6_2292RTHDR:
4712	case IPV6_2292PKTOPTIONS:
4713	#ifdef __APPLE_USE_RFC_2292
4714	// #define IPV6_PKTINFO IPV6_3542PKTINFO
4715	// #define IPV6_HOPLIMIT IPV6_3542HOPLIMIT
4716	// #define IPV6_NEXTHOP IPV6_3542NEXTHOP
4717	// #define IPV6_HOPOPTS IPV6_3542HOPOPTS
4718	// #define IPV6_DSTOPTS IPV6_3542DSTOPTS
4719	// #define IPV6_RTHDR IPV6_3542RTHDR
4720	case IPV6_PKTOPTIONS:
4721	#endif /* __APPLE_USE_RFC_2292 */
4722	case IPV6_CHECKSUM:
4723	case IPV6_V6ONLY:
4724	#ifndef KERNEL
4725	// #define IPV6_BINDV6ONLY IPV6_V6ONLY
4726	#endif /* KERNEL */
4727	case IPV6_IPSEC_POLICY:
4728	case IPV6_FAITH:
4729	case IPV6_FW_ADD:
4730	case IPV6_FW_DEL:
4731	case IPV6_FW_FLUSH:
4732	case IPV6_FW_ZERO:
4733	case IPV6_FW_GET:
4734	case IPV6_RECVTCLASS:
4735	case IPV6_TCLASS:
4736	#ifdef __APPLE_USE_RFC_3542
4737	case IPV6_RTHDRDSTOPTS:
4738	case IPV6_RECVPKTINFO:
4739	case IPV6_RECVHOPLIMIT:
4740	case IPV6_RECVRTHDR:
4741	case IPV6_RECVHOPOPTS:
4742	case IPV6_RECVDSTOPTS:
4743	#ifdef KERNEL
4744	case IPV6_RECVRTHDRDSTOPTS:
4745	#endif
4746	case IPV6_USE_MIN_MTU:
4747	case IPV6_RECVPATHMTU:
4748	case IPV6_PATHMTU:
4749	case IPV6_3542PKTINFO:
4750	case IPV6_3542HOPLIMIT:
4751	case IPV6_3542NEXTHOP:
4752	case IPV6_3542HOPOPTS:
4753	case IPV6_3542DSTOPTS:
4754	case IPV6_3542RTHDR:
4755	// #define IPV6_PKTINFO IPV6_3542PKTINFO
4756	// #define IPV6_HOPLIMIT IPV6_3542HOPLIMIT
4757	// #define IPV6_NEXTHOP IPV6_3542NEXTHOP
4758	// #define IPV6_HOPOPTS IPV6_3542HOPOPTS
4759	// #define IPV6_DSTOPTS IPV6_3542DSTOPTS
4760	// #define IPV6_RTHDR IPV6_3542RTHDR
4761	case IPV6_AUTOFLOWLABEL:
4762	case IPV6_DONTFRAG:
4763	case IPV6_PREFER_TEMPADDR:
4764	case IPV6_MSFILTER:
4765	#endif /* __APPLE_USE_RFC_3542 */
4766	case IPV6_BOUND_IF:
4767
4768	/ bsd/netinet6/in6_private.h /
4769	case IPV6_NO_IFT_CELLULAR:
4770	case IPV6_OUT_IF:
4771	;
4772	}
4773	}
4774

Browse the source code of xnu/bsd/netinet6/in6.c