]> git.saurik.com Git - apple/xnu.git/blame - bsd/netinet6/in6.c
projects / apple / xnu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
xnu-4903.270.47.tar.gz
[apple/xnu.git] / bsd / netinet6 / in6.c
CommitLineData
2d21ac55 1/*
d9a64523 2 * Copyright (c) 2003-2018 Apple Inc. All rights reserved.
2d21ac55
A		 3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28
1c79356b
A		 29/*
30 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
31 * All rights reserved.
32 *
33 * Redistribution and use in source and binary forms, with or without
34 * modification, are permitted provided that the following conditions
35 * are met:
36 * 1. Redistributions of source code must retain the above copyright
37 * notice, this list of conditions and the following disclaimer.
38 * 2. Redistributions in binary form must reproduce the above copyright
39 * notice, this list of conditions and the following disclaimer in the
40 * documentation and/or other materials provided with the distribution.
41 * 3. Neither the name of the project nor the names of its contributors
42 * may be used to endorse or promote products derived from this software
43 * without specific prior written permission.
44 *
45 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
46 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
47 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
48 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
49 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
50 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
51 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
52 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
53 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
54 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
55 * SUCH DAMAGE.
56 */
57
58/*
59 * Copyright (c) 1982, 1986, 1991, 1993
60 * The Regents of the University of California. All rights reserved.
61 *
62 * Redistribution and use in source and binary forms, with or without
63 * modification, are permitted provided that the following conditions
64 * are met:
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 * 2. Redistributions in binary form must reproduce the above copyright
68 * notice, this list of conditions and the following disclaimer in the
69 * documentation and/or other materials provided with the distribution.
70 * 3. All advertising materials mentioning features or use of this software
71 * must display the following acknowledgement:
72 * This product includes software developed by the University of
73 * California, Berkeley and its contributors.
74 * 4. Neither the name of the University nor the names of its contributors
75 * may be used to endorse or promote products derived from this software
76 * without specific prior written permission.
77 *
78 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
79 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
80 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
81 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
82 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
83 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
84 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
85 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
86 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
87 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
88 * SUCH DAMAGE.
89 *
90 * @(#)in.c 8.2 (Berkeley) 11/15/93
91 */
92
1c79356b
A		 93
94#include <sys/param.h>
1c79356b 95#include <sys/ioctl.h>
1c79356b
A		 96#include <sys/errno.h>
97#include <sys/malloc.h>
98#include <sys/socket.h>
99#include <sys/socketvar.h>
100#include <sys/sockio.h>
101#include <sys/systm.h>
102#include <sys/time.h>
103#include <sys/kernel.h>
104#include <sys/syslog.h>
9bccf70c 105#include <sys/kern_event.h>
6d2010ae
A		 106#include <sys/mcache.h>
107#include <sys/protosw.h>
5ba3f43e 108#include <sys/sysctl.h>
b0d623f7 109
2d21ac55 110#include <kern/locks.h>
b0d623f7 111#include <kern/zalloc.h>
5ba3f43e 112#include <kern/clock.h>
b0d623f7
A		 113#include <libkern/OSAtomic.h>
114#include <machine/machine_routines.h>
39236c6e 115#include <mach/boolean.h>
1c79356b
A		 116
117#include <net/if.h>
118#include <net/if_types.h>
2d21ac55 119#include <net/if_var.h>
1c79356b 120#include <net/route.h>
1c79356b 121#include <net/if_dl.h>
2d21ac55 122#include <net/kpi_protocol.h>
5ba3f43e 123#include <net/nwk_wq.h>
1c79356b
A		 124
125#include <netinet/in.h>
126#include <netinet/in_var.h>
1c79356b 127#include <netinet/if_ether.h>
9bccf70c
A		 128#include <netinet/in_systm.h>
129#include <netinet/ip.h>
130#include <netinet/in_pcb.h>
6d2010ae 131#include <netinet/icmp6.h>
39236c6e
A		 132#include <netinet/tcp.h>
133#include <netinet/tcp_seq.h>
134#include <netinet/tcp_var.h>
1c79356b
A		 135
136#include <netinet6/nd6.h>
137#include <netinet/ip6.h>
138#include <netinet6/ip6_var.h>
139#include <netinet6/mld6_var.h>
1c79356b 140#include <netinet6/in6_ifattach.h>
9bccf70c 141#include <netinet6/scope6_var.h>
6d2010ae 142#include <netinet6/in6_var.h>
9bccf70c 143#include <netinet6/in6_pcb.h>
1c79356b
A		 144
145#include <net/net_osdep.h>
146
39037602 147#include <net/dlil.h>
5ba3f43e 148#include <net/if_llatbl.h>
39037602 149
b0d623f7
A		 150#if PF
151#include <net/pfvar.h>
152#endif /* PF */
153
39236c6e 154/*
1c79356b
A		 155 * Definitions of some costant IP6 addresses.
156 */
157const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT;
158const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT;
159const struct in6_addr in6addr_nodelocal_allnodes =
0a7de745 160 IN6ADDR_NODELOCAL_ALLNODES_INIT;
1c79356b 161const struct in6_addr in6addr_linklocal_allnodes =
0a7de745 162 IN6ADDR_LINKLOCAL_ALLNODES_INIT;
1c79356b 163const struct in6_addr in6addr_linklocal_allrouters =
0a7de745 164 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT;
6d2010ae 165const struct in6_addr in6addr_linklocal_allv2routers =
0a7de745 166 IN6ADDR_LINKLOCAL_ALLV2ROUTERS_INIT;
1c79356b
A		 167
168const struct in6_addr in6mask0 = IN6MASK0;
6d2010ae
A		 169const struct in6_addr in6mask7 = IN6MASK7;
170const struct in6_addr in6mask16 = IN6MASK16;
1c79356b
A		 171const struct in6_addr in6mask32 = IN6MASK32;
172const struct in6_addr in6mask64 = IN6MASK64;
173const struct in6_addr in6mask96 = IN6MASK96;
174const struct in6_addr in6mask128 = IN6MASK128;
175
39236c6e 176const struct sockaddr_in6 sa6_any = {
0a7de745 177 sizeof(sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0
39236c6e 178};
9bccf70c 179
39236c6e
A		 180static int in6ctl_associd(struct socket *, u_long, caddr_t);
181static int in6ctl_connid(struct socket *, u_long, caddr_t);
182static int in6ctl_conninfo(struct socket *, u_long, caddr_t);
183static int in6ctl_llstart(struct ifnet *, u_long, caddr_t);
184static int in6ctl_llstop(struct ifnet *);
185static int in6ctl_cgastart(struct ifnet *, u_long, caddr_t);
186static int in6ctl_gifaddr(struct ifnet *, struct in6_ifaddr *, u_long,
187 struct in6_ifreq *);
188static int in6ctl_gifstat(struct ifnet *, u_long, struct in6_ifreq *);
189static int in6ctl_alifetime(struct in6_ifaddr *, u_long, struct in6_ifreq *,
190 boolean_t);
191static int in6ctl_aifaddr(struct ifnet *, struct in6_aliasreq *);
192static void in6ctl_difaddr(struct ifnet *, struct in6_ifaddr *);
316670eb
A		 193static int in6_autoconf(struct ifnet *, int);
194static int in6_setrouter(struct ifnet *, int);
39236c6e
A		 195static int in6_ifinit(struct ifnet *, struct in6_ifaddr *, int);
196static int in6_ifaupdate_aux(struct in6_ifaddr *, struct ifnet *, int);
6d2010ae 197static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *);
b0d623f7 198static struct in6_ifaddr *in6_ifaddr_alloc(int);
6d2010ae
A		 199static void in6_ifaddr_attached(struct ifaddr *);
200static void in6_ifaddr_detached(struct ifaddr *);
b0d623f7
A		 201static void in6_ifaddr_free(struct ifaddr *);
202static void in6_ifaddr_trace(struct ifaddr *, int);
39236c6e 203#if defined(__LP64__)
39037602
A		 204static void in6_cgareq_32_to_64(struct in6_cgareq_32 *,
205 struct in6_cgareq_64 *);
39236c6e 206#else
39037602
A		 207static void in6_cgareq_64_to_32(struct in6_cgareq_64 *,
208 struct in6_cgareq_32 *);
39236c6e 209#endif
b0d623f7
A		 210static struct in6_aliasreq *in6_aliasreq_to_native(void *, int,
211 struct in6_aliasreq *);
39037602
A		 212static struct in6_cgareq *in6_cgareq_to_native(void *, int,
213 struct in6_cgareq *);
39236c6e 214static int in6_to_kamescope(struct sockaddr_in6 *, struct ifnet *);
39236c6e 215static int in6_getassocids(struct socket *, uint32_t *, user_addr_t);
3e170ce0
A		 216static int in6_getconnids(struct socket *, sae_associd_t, uint32_t *,
217 user_addr_t);
39236c6e
A		 218
219static void in6_if_up_dad_start(struct ifnet *);
220
2d21ac55 221extern lck_mtx_t *nd6_mutex;
1c79356b 222
0a7de745 223#define IN6IFA_TRACE_HIST_SIZE 32 /* size of trace history */
6d2010ae
A		 224
225/* For gdb */
226__private_extern__ unsigned int in6ifa_trace_hist_size = IN6IFA_TRACE_HIST_SIZE;
227
b0d623f7 228struct in6_ifaddr_dbg {
0a7de745
A		 229 struct in6_ifaddr in6ifa; /* in6_ifaddr */
230 struct in6_ifaddr in6ifa_old; /* saved in6_ifaddr */
231 u_int16_t in6ifa_refhold_cnt; /* # of IFA_ADDREF */
232 u_int16_t in6ifa_refrele_cnt; /* # of IFA_REMREF */
b0d623f7
A		 233 /*
234 * Alloc and free callers.
235 */
0a7de745
A		 236 ctrace_t in6ifa_alloc;
237 ctrace_t in6ifa_free;
b0d623f7 238 /*
6d2010ae
A		 239 * Circular lists of IFA_ADDREF and IFA_REMREF callers.
240 */
0a7de745
A		 241 ctrace_t in6ifa_refhold[IN6IFA_TRACE_HIST_SIZE];
242 ctrace_t in6ifa_refrele[IN6IFA_TRACE_HIST_SIZE];
6d2010ae
A		 243 /*
244 * Trash list linkage
b0d623f7 245 */
6d2010ae 246 TAILQ_ENTRY(in6_ifaddr_dbg) in6ifa_trash_link;
b0d623f7
A		 247};
248
6d2010ae
A		 249/* List of trash in6_ifaddr entries protected by in6ifa_trash_lock */
250static TAILQ_HEAD(, in6_ifaddr_dbg) in6ifa_trash_head;
251static decl_lck_mtx_data(, in6ifa_trash_lock);
252
253#if DEBUG
0a7de745 254static unsigned int in6ifa_debug = 1; /* debugging (enabled) */
6d2010ae 255#else
0a7de745 256static unsigned int in6ifa_debug; /* debugging (disabled) */
6d2010ae 257#endif /* !DEBUG */
0a7de745
A		 258static unsigned int in6ifa_size; /* size of zone element */
259static struct zone *in6ifa_zone; /* zone for in6_ifaddr */
b0d623f7 260
0a7de745
A		 261#define IN6IFA_ZONE_MAX 64 /* maximum elements in zone */
262#define IN6IFA_ZONE_NAME "in6_ifaddr" /* zone name */
b0d623f7 263
5ba3f43e 264struct eventhandler_lists_ctxt in6_evhdlr_ctxt;
d9a64523 265struct eventhandler_lists_ctxt in6_clat46_evhdlr_ctxt;
1c79356b
A		 266/*
267 * Subroutine for in6_ifaddloop() and in6_ifremloop().
268 * This routine does actual work.
269 */
270static void
271in6_ifloop_request(int cmd, struct ifaddr *ifa)
272{
1c79356b
A		 273 struct sockaddr_in6 all1_sa;
274 struct rtentry *nrt = NULL;
9bccf70c 275 int e;
b0d623f7 276
0a7de745 277 bzero(&all1_sa, sizeof(all1_sa));
9bccf70c 278 all1_sa.sin6_family = AF_INET6;
0a7de745 279 all1_sa.sin6_len = sizeof(struct sockaddr_in6);
1c79356b 280 all1_sa.sin6_addr = in6mask128;
9bccf70c
A		 281
282 /*
283 * We specify the address itself as the gateway, and set the
284 * RTF_LLINFO flag, so that the corresponding host route would have
285 * the flag, and thus applications that assume traditional behavior
286 * would be happy. Note that we assume the caller of the function
287 * (probably implicitly) set nd6_rtrequest() to ifa->ifa_rtrequest,
288 * which changes the outgoing interface to the loopback interface.
6d2010ae 289 * ifa_addr for INET6 is set once during init; no need to hold lock.
9bccf70c 290 */
b0d623f7 291 lck_mtx_lock(rnh_lock);
91447636 292 e = rtrequest_locked(cmd, ifa->ifa_addr, ifa->ifa_addr,
0a7de745 293 (struct sockaddr *)&all1_sa, RTF_UP | RTF_HOST | RTF_LLINFO, &nrt);
9bccf70c
A		 294 if (e != 0) {
295 log(LOG_ERR, "in6_ifloop_request: "
296 "%s operation failed for %s (errno=%d)\n",
297 cmd == RTM_ADD ? "ADD" : "DELETE",
298 ip6_sprintf(&((struct in6_ifaddr *)ifa)->ia_addr.sin6_addr),
299 e);
300 }
1c79356b 301
0a7de745 302 if (nrt != NULL) {
b0d623f7 303 RT_LOCK(nrt);
0a7de745 304 }
1c79356b
A		 305 /*
306 * Make sure rt_ifa be equal to IFA, the second argument of the
307 * function.
9bccf70c
A		 308 * We need this because when we refer to rt_ifa->ia6_flags in
309 * ip6_input, we assume that the rt_ifa points to the address instead
310 * of the loopback address.
1c79356b
A		 311 */
312 if (cmd == RTM_ADD && nrt && ifa != nrt->rt_ifa) {
9bccf70c 313 rtsetifa(nrt, ifa);
1c79356b 314 }
9bccf70c
A		 315
316 /*
317 * Report the addition/removal of the address to the routing socket.
318 * XXX: since we called rtinit for a p2p interface with a destination,
39236c6e
A		 319 * we end up reporting twice in such a case. Should we rather
320 * omit the second report?
9bccf70c 321 */
b0d623f7 322 if (nrt != NULL) {
9bccf70c
A		 323 rt_newaddrmsg(cmd, ifa, e, nrt);
324 if (cmd == RTM_DELETE) {
b0d623f7 325 RT_UNLOCK(nrt);
2d21ac55 326 rtfree_locked(nrt);
9bccf70c
A		 327 } else {
328 /* the cmd must be RTM_ADD here */
b0d623f7
A		 329 RT_REMREF_LOCKED(nrt);
330 RT_UNLOCK(nrt);
9bccf70c
A		 331 }
332 }
b0d623f7 333 lck_mtx_unlock(rnh_lock);
1c79356b
A		 334}
335
336/*
9bccf70c
A		 337 * Add ownaddr as loopback rtentry. We previously add the route only if
338 * necessary (ex. on a p2p link). However, since we now manage addresses
339 * separately from prefixes, we should always add the route. We can't
340 * rely on the cloning mechanism from the corresponding interface route
341 * any more.
1c79356b
A		 342 */
343static void
344in6_ifaddloop(struct ifaddr *ifa)
345{
9bccf70c
A		 346 struct rtentry *rt;
347
6d2010ae
A		 348 /*
349 * If there is no loopback entry, allocate one. ifa_addr for
350 * INET6 is set once during init; no need to hold lock.
351 */
b0d623f7 352 rt = rtalloc1(ifa->ifa_addr, 0, 0);
0a7de745 353 if (rt != NULL) {
b0d623f7 354 RT_LOCK(rt);
0a7de745 355 }
9bccf70c 356 if (rt == NULL || (rt->rt_flags & RTF_HOST) == 0 ||
b0d623f7
A		 357 (rt->rt_ifp->if_flags & IFF_LOOPBACK) == 0) {
358 if (rt != NULL) {
359 RT_REMREF_LOCKED(rt);
360 RT_UNLOCK(rt);
361 }
9bccf70c 362 in6_ifloop_request(RTM_ADD, ifa);
b0d623f7
A		 363 } else if (rt != NULL) {
364 RT_REMREF_LOCKED(rt);
365 RT_UNLOCK(rt);
366 }
1c79356b
A		 367}
368
369/*
370 * Remove loopback rtentry of ownaddr generated by in6_ifaddloop(),
371 * if it exists.
372 */
373static void
6d2010ae 374in6_ifremloop(struct ifaddr *ifa)
1c79356b 375{
9bccf70c
A		 376 struct in6_ifaddr *ia;
377 struct rtentry *rt;
378 int ia_count = 0;
379
380 /*
381 * Some of BSD variants do not remove cloned routes
382 * from an interface direct route, when removing the direct route
383 * (see comments in net/net_osdep.h). Even for variants that do remove
384 * cloned routes, they could fail to remove the cloned routes when
385 * we handle multple addresses that share a common prefix.
386 * So, we should remove the route corresponding to the deleted address
387 * regardless of the result of in6_is_ifloop_auto().
388 */
389
390 /*
55e303ae 391 * Delete the entry only if exact one ifa exists. More than one ifa
9bccf70c
A		 392 * can exist if we assign a same single address to multiple
393 * (probably p2p) interfaces.
394 * XXX: we should avoid such a configuration in IPv6...
395 */
6d2010ae 396 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
91447636 397 for (ia = in6_ifaddrs; ia; ia = ia->ia_next) {
6d2010ae 398 IFA_LOCK(&ia->ia_ifa);
9bccf70c
A		 399 if (IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &ia->ia_addr.sin6_addr)) {
400 ia_count++;
6d2010ae
A		 401 if (ia_count > 1) {
402 IFA_UNLOCK(&ia->ia_ifa);
9bccf70c 403 break;
6d2010ae 404 }
1c79356b 405 }
6d2010ae 406 IFA_UNLOCK(&ia->ia_ifa);
9bccf70c 407 }
6d2010ae 408 lck_rw_done(&in6_ifaddr_rwlock);
9bccf70c
A		 409
410 if (ia_count == 1) {
411 /*
412 * Before deleting, check if a corresponding loopbacked host
55e303ae 413 * route surely exists. With this check, we can avoid to
9bccf70c 414 * delete an interface direct route whose destination is same
6d2010ae 415 * as the address being removed. This can happen when removing
9bccf70c 416 * a subnet-router anycast address on an interface attahced
6d2010ae
A		 417 * to a shared medium. ifa_addr for INET6 is set once during
418 * init; no need to hold lock.
9bccf70c 419 */
b0d623f7
A		 420 rt = rtalloc1(ifa->ifa_addr, 0, 0);
421 if (rt != NULL) {
422 RT_LOCK(rt);
423 if ((rt->rt_flags & RTF_HOST) != 0 &&
424 (rt->rt_ifp->if_flags & IFF_LOOPBACK) != 0) {
425 RT_REMREF_LOCKED(rt);
426 RT_UNLOCK(rt);
427 in6_ifloop_request(RTM_DELETE, ifa);
428 } else {
429 RT_UNLOCK(rt);
430 }
9bccf70c 431 }
1c79356b
A		 432 }
433}
434
1c79356b
A		 435
436int
39037602 437in6_mask2len(struct in6_addr *mask, u_char *lim0)
1c79356b 438{
9bccf70c
A		 439 int x = 0, y;
440 u_char *lim = lim0, *p;
441
6d2010ae 442 /* ignore the scope_id part */
0a7de745
A		 443 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask)) {
444 lim = (u_char *)mask + sizeof(*mask);
445 }
9bccf70c 446 for (p = (u_char *)mask; p < lim; x++, p++) {
0a7de745 447 if (*p != 0xff) {
1c79356b 448 break;
0a7de745 449 }
1c79356b
A		 450 }
451 y = 0;
9bccf70c 452 if (p < lim) {
1c79356b 453 for (y = 0; y < 8; y++) {
0a7de745 454 if ((*p & (0x80 >> y)) == 0) {
1c79356b 455 break;
0a7de745 456 }
1c79356b
A		 457 }
458 }
9bccf70c
A		 459
460 /*
461 * when the limit pointer is given, do a stricter check on the
462 * remaining bits.
463 */
464 if (p < lim) {
0a7de745
A		 465 if (y != 0 && (*p & (0x00ff >> y)) != 0) {
466 return -1;
467 }
468 for (p = p + 1; p < lim; p++) {
469 if (*p != 0) {
470 return -1;
471 }
472 }
9bccf70c 473 }
6d2010ae 474
0a7de745 475 return x * 8 + y;
1c79356b
A		 476}
477
478void
39037602 479in6_len2mask(struct in6_addr *mask, int len)
1c79356b
A		 480{
481 int i;
482
0a7de745
A		 483 bzero(mask, sizeof(*mask));
484 for (i = 0; i < len / 8; i++) {
1c79356b 485 mask->s6_addr8[i] = 0xff;
0a7de745
A		 486 }
487 if (len % 8) {
1c79356b 488 mask->s6_addr8[i] = (0xff00 >> (len % 8)) & 0xff;
0a7de745 489 }
1c79356b
A		 490}
491
b0d623f7
A		 492void
493in6_aliasreq_64_to_32(struct in6_aliasreq_64 *src, struct in6_aliasreq_32 *dst)
494{
0a7de745
A		 495 bzero(dst, sizeof(*dst));
496 bcopy(src->ifra_name, dst->ifra_name, sizeof(dst->ifra_name));
b0d623f7
A		 497 dst->ifra_addr = src->ifra_addr;
498 dst->ifra_dstaddr = src->ifra_dstaddr;
499 dst->ifra_prefixmask = src->ifra_prefixmask;
500 dst->ifra_flags = src->ifra_flags;
501 dst->ifra_lifetime.ia6t_expire = src->ifra_lifetime.ia6t_expire;
502 dst->ifra_lifetime.ia6t_preferred = src->ifra_lifetime.ia6t_preferred;
503 dst->ifra_lifetime.ia6t_vltime = src->ifra_lifetime.ia6t_vltime;
504 dst->ifra_lifetime.ia6t_pltime = src->ifra_lifetime.ia6t_pltime;
505}
506
507void
508in6_aliasreq_32_to_64(struct in6_aliasreq_32 *src, struct in6_aliasreq_64 *dst)
509{
0a7de745
A		 510 bzero(dst, sizeof(*dst));
511 bcopy(src->ifra_name, dst->ifra_name, sizeof(dst->ifra_name));
b0d623f7
A		 512 dst->ifra_addr = src->ifra_addr;
513 dst->ifra_dstaddr = src->ifra_dstaddr;
514 dst->ifra_prefixmask = src->ifra_prefixmask;
515 dst->ifra_flags = src->ifra_flags;
516 dst->ifra_lifetime.ia6t_expire = src->ifra_lifetime.ia6t_expire;
517 dst->ifra_lifetime.ia6t_preferred = src->ifra_lifetime.ia6t_preferred;
518 dst->ifra_lifetime.ia6t_vltime = src->ifra_lifetime.ia6t_vltime;
519 dst->ifra_lifetime.ia6t_pltime = src->ifra_lifetime.ia6t_pltime;
520}
521
39236c6e
A		 522#if defined(__LP64__)
523void
39037602
A		 524in6_cgareq_32_to_64(struct in6_cgareq_32 *src,
525 struct in6_cgareq_64 *dst)
39236c6e 526{
0a7de745
A		 527 bzero(dst, sizeof(*dst));
528 bcopy(src->cgar_name, dst->cgar_name, sizeof(dst->cgar_name));
39037602
A		 529 dst->cgar_flags = src->cgar_flags;
530 bcopy(src->cgar_cgaprep.cga_modifier.octets,
531 dst->cgar_cgaprep.cga_modifier.octets,
0a7de745 532 sizeof(dst->cgar_cgaprep.cga_modifier.octets));
39037602
A		 533 dst->cgar_cgaprep.cga_security_level =
534 src->cgar_cgaprep.cga_security_level;
535 dst->cgar_lifetime.ia6t_expire = src->cgar_lifetime.ia6t_expire;
536 dst->cgar_lifetime.ia6t_preferred = src->cgar_lifetime.ia6t_preferred;
537 dst->cgar_lifetime.ia6t_vltime = src->cgar_lifetime.ia6t_vltime;
538 dst->cgar_lifetime.ia6t_pltime = src->cgar_lifetime.ia6t_pltime;
39236c6e
A		 539}
540#endif
541
542#if !defined(__LP64__)
543void
39037602
A		 544in6_cgareq_64_to_32(struct in6_cgareq_64 *src,
545 struct in6_cgareq_32 *dst)
39236c6e 546{
0a7de745
A		 547 bzero(dst, sizeof(*dst));
548 bcopy(src->cgar_name, dst->cgar_name, sizeof(dst->cgar_name));
39037602
A		 549 dst->cgar_flags = src->cgar_flags;
550 bcopy(src->cgar_cgaprep.cga_modifier.octets,
551 dst->cgar_cgaprep.cga_modifier.octets,
0a7de745 552 sizeof(dst->cgar_cgaprep.cga_modifier.octets));
39037602
A		 553 dst->cgar_cgaprep.cga_security_level =
554 src->cgar_cgaprep.cga_security_level;
555 dst->cgar_lifetime.ia6t_expire = src->cgar_lifetime.ia6t_expire;
556 dst->cgar_lifetime.ia6t_preferred = src->cgar_lifetime.ia6t_preferred;
557 dst->cgar_lifetime.ia6t_vltime = src->cgar_lifetime.ia6t_vltime;
558 dst->cgar_lifetime.ia6t_pltime = src->cgar_lifetime.ia6t_pltime;
39236c6e
A		 559}
560#endif
561
b0d623f7
A		 562static struct in6_aliasreq *
563in6_aliasreq_to_native(void *data, int data_is_64, struct in6_aliasreq *dst)
564{
565#if defined(__LP64__)
0a7de745
A		 566 if (data_is_64) {
567 bcopy(data, dst, sizeof(*dst));
568 } else {
b0d623f7
A		 569 in6_aliasreq_32_to_64((struct in6_aliasreq_32 *)data,
570 (struct in6_aliasreq_64 *)dst);
0a7de745 571 }
b0d623f7 572#else
0a7de745 573 if (data_is_64) {
b0d623f7
A		 574 in6_aliasreq_64_to_32((struct in6_aliasreq_64 *)data,
575 (struct in6_aliasreq_32 *)dst);
0a7de745
A		 576 } else {
577 bcopy(data, dst, sizeof(*dst));
578 }
b0d623f7 579#endif /* __LP64__ */
0a7de745 580 return dst;
b0d623f7
A		 581}
582
39037602
A		 583static struct in6_cgareq *
584in6_cgareq_to_native(void *data, int is64, struct in6_cgareq *dst)
39236c6e
A		 585{
586#if defined(__LP64__)
0a7de745
A		 587 if (is64) {
588 bcopy(data, dst, sizeof(*dst));
589 } else {
39037602
A		 590 in6_cgareq_32_to_64((struct in6_cgareq_32 *)data,
591 (struct in6_cgareq_64 *)dst);
0a7de745 592 }
39236c6e 593#else
0a7de745 594 if (is64) {
39037602
A		 595 in6_cgareq_64_to_32((struct in6_cgareq_64 *)data,
596 (struct in6_cgareq_32 *)dst);
0a7de745
A		 597 } else {
598 bcopy(data, dst, sizeof(*dst));
599 }
39236c6e 600#endif /* __LP64__ */
0a7de745 601 return dst;
39236c6e 602}
1c79356b 603
39236c6e
A		 604static __attribute__((noinline)) int
605in6ctl_associd(struct socket *so, u_long cmd, caddr_t data)
1c79356b 606{
39236c6e
A		 607 int error = 0;
608 union {
609 struct so_aidreq32 a32;
610 struct so_aidreq64 a64;
611 } u;
91447636 612
39236c6e 613 VERIFY(so != NULL);
1c79356b 614
1c79356b 615 switch (cmd) {
0a7de745
A		 616 case SIOCGASSOCIDS32: { /* struct so_aidreq32 */
617 bcopy(data, &u.a32, sizeof(u.a32));
39236c6e 618 error = in6_getassocids(so, &u.a32.sar_cnt, u.a32.sar_aidp);
0a7de745
A		 619 if (error == 0) {
620 bcopy(&u.a32, data, sizeof(u.a32));
621 }
39236c6e
A		 622 break;
623 }
6d2010ae 624
0a7de745
A		 625 case SIOCGASSOCIDS64: { /* struct so_aidreq64 */
626 bcopy(data, &u.a64, sizeof(u.a64));
39236c6e 627 error = in6_getassocids(so, &u.a64.sar_cnt, u.a64.sar_aidp);
0a7de745
A		 628 if (error == 0) {
629 bcopy(&u.a64, data, sizeof(u.a64));
630 }
39236c6e
A		 631 break;
632 }
6d2010ae 633
39236c6e
A		 634 default:
635 VERIFY(0);
316670eb 636 /* NOTREACHED */
6d2010ae
A		 637 }
638
0a7de745 639 return error;
39236c6e
A		 640}
641
642static __attribute__((noinline)) int
643in6ctl_connid(struct socket *so, u_long cmd, caddr_t data)
644{
645 int error = 0;
646 union {
647 struct so_cidreq32 c32;
648 struct so_cidreq64 c64;
649 } u;
650
651 VERIFY(so != NULL);
1c79356b
A		 652
653 switch (cmd) {
0a7de745
A		 654 case SIOCGCONNIDS32: { /* struct so_cidreq32 */
655 bcopy(data, &u.c32, sizeof(u.c32));
39236c6e
A		 656 error = in6_getconnids(so, u.c32.scr_aid, &u.c32.scr_cnt,
657 u.c32.scr_cidp);
0a7de745
A		 658 if (error == 0) {
659 bcopy(&u.c32, data, sizeof(u.c32));
660 }
91447636 661 break;
39236c6e 662 }
316670eb 663
0a7de745
A		 664 case SIOCGCONNIDS64: { /* struct so_cidreq64 */
665 bcopy(data, &u.c64, sizeof(u.c64));
39236c6e
A		 666 error = in6_getconnids(so, u.c64.scr_aid, &u.c64.scr_cnt,
667 u.c64.scr_cidp);
0a7de745
A		 668 if (error == 0) {
669 bcopy(&u.c64, data, sizeof(u.c64));
670 }
39236c6e
A		 671 break;
672 }
1c79356b 673
39236c6e
A		 674 default:
675 VERIFY(0);
316670eb 676 /* NOTREACHED */
39236c6e 677 }
316670eb 678
0a7de745 679 return error;
39236c6e 680}
9bccf70c 681
39236c6e
A		 682static __attribute__((noinline)) int
683in6ctl_conninfo(struct socket *so, u_long cmd, caddr_t data)
684{
685 int error = 0;
686 union {
687 struct so_cinforeq32 ci32;
688 struct so_cinforeq64 ci64;
689 } u;
316670eb 690
39236c6e 691 VERIFY(so != NULL);
316670eb 692
39236c6e 693 switch (cmd) {
0a7de745
A		 694 case SIOCGCONNINFO32: { /* struct so_cinforeq32 */
695 bcopy(data, &u.ci32, sizeof(u.ci32));
39236c6e
A		 696 error = in6_getconninfo(so, u.ci32.scir_cid, &u.ci32.scir_flags,
697 &u.ci32.scir_ifindex, &u.ci32.scir_error, u.ci32.scir_src,
698 &u.ci32.scir_src_len, u.ci32.scir_dst, &u.ci32.scir_dst_len,
699 &u.ci32.scir_aux_type, u.ci32.scir_aux_data,
700 &u.ci32.scir_aux_len);
0a7de745
A		 701 if (error == 0) {
702 bcopy(&u.ci32, data, sizeof(u.ci32));
703 }
39236c6e 704 break;
316670eb
A		 705 }
706
0a7de745
A		 707 case SIOCGCONNINFO64: { /* struct so_cinforeq64 */
708 bcopy(data, &u.ci64, sizeof(u.ci64));
39236c6e
A		 709 error = in6_getconninfo(so, u.ci64.scir_cid, &u.ci64.scir_flags,
710 &u.ci64.scir_ifindex, &u.ci64.scir_error, u.ci64.scir_src,
711 &u.ci64.scir_src_len, u.ci64.scir_dst, &u.ci64.scir_dst_len,
712 &u.ci64.scir_aux_type, u.ci64.scir_aux_data,
713 &u.ci64.scir_aux_len);
0a7de745
A		 714 if (error == 0) {
715 bcopy(&u.ci64, data, sizeof(u.ci64));
716 }
39236c6e 717 break;
316670eb 718 }
b0d623f7 719
39236c6e
A		 720 default:
721 VERIFY(0);
316670eb 722 /* NOTREACHED */
1c79356b
A		 723 }
724
0a7de745 725 return error;
39236c6e 726}
316670eb 727
39236c6e
A		 728static __attribute__((noinline)) int
729in6ctl_llstart(struct ifnet *ifp, u_long cmd, caddr_t data)
730{
731 struct in6_aliasreq sifra, *ifra = NULL;
732 boolean_t is64;
733 int error = 0;
734
735 VERIFY(ifp != NULL);
b0d623f7 736
b0d623f7 737 switch (cmd) {
0a7de745
A		 738 case SIOCLL_START_32: /* struct in6_aliasreq_32 */
739 case SIOCLL_START_64: /* struct in6_aliasreq_64 */
39236c6e 740 is64 = (cmd == SIOCLL_START_64);
b0d623f7
A		 741 /*
742 * Convert user ifra to the kernel form, when appropriate.
743 * This allows the conversion between different data models
744 * to be centralized, so that it can be passed around to other
745 * routines that are expecting the kernel form.
746 */
39236c6e
A		 747 ifra = in6_aliasreq_to_native(data, is64, &sifra);
748
749 /*
750 * NOTE: All the interface specific DLIL attachements should
751 * be done here. They are currently done in in6_ifattach_aux()
752 * for the interfaces that need it.
753 */
39037602 754 if (ifra->ifra_addr.sin6_family == AF_INET6 &&
39236c6e
A		 755 /* Only check ifra_dstaddr if valid */
756 (ifra->ifra_dstaddr.sin6_len == 0 ||
757 ifra->ifra_dstaddr.sin6_family == AF_INET6)) {
0a7de745 758 /* some interfaces may provide LinkLocal addresses */
39236c6e
A		 759 error = in6_ifattach_aliasreq(ifp, NULL, ifra);
760 } else {
761 error = in6_ifattach_aliasreq(ifp, NULL, NULL);
762 }
0a7de745 763 if (error == 0) {
39236c6e 764 in6_if_up_dad_start(ifp);
0a7de745 765 }
b0d623f7 766 break;
39236c6e
A		 767
768 default:
769 VERIFY(0);
770 /* NOTREACHED */
316670eb 771 }
b0d623f7 772
0a7de745 773 return error;
39236c6e
A		 774}
775
776static __attribute__((noinline)) int
777in6ctl_llstop(struct ifnet *ifp)
778{
779 struct in6_ifaddr *ia;
fe8ab488 780 struct nd_prefix pr0, *pr;
39236c6e
A		 781
782 VERIFY(ifp != NULL);
783
784 /* Remove link local addresses from interface */
785 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
786 ia = in6_ifaddrs;
787 while (ia != NULL) {
788 if (ia->ia_ifa.ifa_ifp != ifp) {
789 ia = ia->ia_next;
790 continue;
791 }
792 IFA_LOCK(&ia->ia_ifa);
793 if (IN6_IS_ADDR_LINKLOCAL(&ia->ia_addr.sin6_addr)) {
0a7de745 794 IFA_ADDREF_LOCKED(&ia->ia_ifa); /* for us */
39236c6e
A		 795 IFA_UNLOCK(&ia->ia_ifa);
796 lck_rw_done(&in6_ifaddr_rwlock);
797 in6_purgeaddr(&ia->ia_ifa);
0a7de745 798 IFA_REMREF(&ia->ia_ifa); /* for us */
39236c6e
A		 799 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
800 /*
801 * Purging the address caused in6_ifaddr_rwlock
802 * to be dropped and reacquired;
803 * therefore search again from the beginning
804 * of in6_ifaddrs list.
805 */
806 ia = in6_ifaddrs;
807 continue;
808 }
809 IFA_UNLOCK(&ia->ia_ifa);
810 ia = ia->ia_next;
811 }
812 lck_rw_done(&in6_ifaddr_rwlock);
fe8ab488
A		 813
814 /* Delete the link local prefix */
815 bzero(&pr0, sizeof(pr0));
816 pr0.ndpr_plen = 64;
817 pr0.ndpr_ifp = ifp;
818 pr0.ndpr_prefix.sin6_addr.s6_addr16[0] = IPV6_ADDR_INT16_ULL;
819 in6_setscope(&pr0.ndpr_prefix.sin6_addr, ifp, NULL);
3e170ce0 820 pr = nd6_prefix_lookup(&pr0, ND6_PREFIX_EXPIRY_UNSPEC);
fe8ab488
A		 821 if (pr) {
822 lck_mtx_lock(nd6_mutex);
823 NDPR_LOCK(pr);
824 prelist_remove(pr);
825 NDPR_UNLOCK(pr);
826 NDPR_REMREF(pr); /* Drop the reference from lookup */
827 lck_mtx_unlock(nd6_mutex);
828 }
829
0a7de745 830 return 0;
39236c6e
A		 831}
832
39037602
A		 833/*
834 * This routine configures secure link local address
835 */
39236c6e
A		 836static __attribute__((noinline)) int
837in6ctl_cgastart(struct ifnet *ifp, u_long cmd, caddr_t data)
838{
39037602 839 struct in6_cgareq llcgasr;
39236c6e
A		 840 int is64, error = 0;
841
842 VERIFY(ifp != NULL);
843
844 switch (cmd) {
0a7de745
A		 845 case SIOCLL_CGASTART_32: /* struct in6_cgareq_32 */
846 case SIOCLL_CGASTART_64: /* struct in6_cgareq_64 */
39236c6e 847 is64 = (cmd == SIOCLL_CGASTART_64);
316670eb 848 /*
39037602 849 * Convert user cgareq to the kernel form, when appropriate.
316670eb
A		 850 * This allows the conversion between different data models
851 * to be centralized, so that it can be passed around to other
852 * routines that are expecting the kernel form.
853 */
39037602 854 in6_cgareq_to_native(data, is64, &llcgasr);
39236c6e
A		 855
856 /*
857 * NOTE: All the interface specific DLIL attachements
858 * should be done here. They are currently done in
39037602 859 * in6_ifattach_cgareq() for the interfaces that
39236c6e
A		 860 * need it.
861 */
39037602 862 error = in6_ifattach_llcgareq(ifp, &llcgasr);
0a7de745 863 if (error == 0) {
39236c6e 864 in6_if_up_dad_start(ifp);
0a7de745 865 }
b0d623f7 866 break;
39236c6e
A		 867
868 default:
869 VERIFY(0);
870 /* NOTREACHED */
316670eb 871 }
b0d623f7 872
0a7de745 873 return error;
39236c6e
A		 874}
875
876/*
877 * Caller passes in the ioctl data pointer directly via "ifr", with the
878 * expectation that this routine always uses bcopy() or other byte-aligned
879 * memory accesses.
880 */
881static __attribute__((noinline)) int
882in6ctl_gifaddr(struct ifnet *ifp, struct in6_ifaddr *ia, u_long cmd,
883 struct in6_ifreq *ifr)
884{
885 struct sockaddr_in6 addr;
886 int error = 0;
887
888 VERIFY(ifp != NULL);
889
0a7de745
A		 890 if (ia == NULL) {
891 return EADDRNOTAVAIL;
892 }
39236c6e
A		 893
894 switch (cmd) {
0a7de745 895 case SIOCGIFADDR_IN6: /* struct in6_ifreq */
39236c6e 896 IFA_LOCK(&ia->ia_ifa);
0a7de745 897 bcopy(&ia->ia_addr, &addr, sizeof(addr));
39236c6e 898 IFA_UNLOCK(&ia->ia_ifa);
0a7de745 899 if ((error = sa6_recoverscope(&addr, TRUE)) != 0) {
39236c6e 900 break;
0a7de745
A		 901 }
902 bcopy(&addr, &ifr->ifr_addr, sizeof(addr));
39236c6e 903 break;
316670eb 904
0a7de745 905 case SIOCGIFDSTADDR_IN6: /* struct in6_ifreq */
39236c6e
A		 906 if (!(ifp->if_flags & IFF_POINTOPOINT)) {
907 error = EINVAL;
908 break;
909 }
910 /*
911 * XXX: should we check if ifa_dstaddr is NULL and return
912 * an error?
913 */
914 IFA_LOCK(&ia->ia_ifa);
0a7de745 915 bcopy(&ia->ia_dstaddr, &addr, sizeof(addr));
39236c6e 916 IFA_UNLOCK(&ia->ia_ifa);
0a7de745 917 if ((error = sa6_recoverscope(&addr, TRUE)) != 0) {
39236c6e 918 break;
0a7de745
A		 919 }
920 bcopy(&addr, &ifr->ifr_dstaddr, sizeof(addr));
b0d623f7
A		 921 break;
922
923 default:
39236c6e
A		 924 VERIFY(0);
925 /* NOTREACHED */
1c79356b 926 }
9bccf70c 927
0a7de745 928 return error;
39236c6e 929}
55e303ae 930
39236c6e
A		 931/*
932 * Caller passes in the ioctl data pointer directly via "ifr", with the
933 * expectation that this routine always uses bcopy() or other byte-aligned
934 * memory accesses.
935 */
936static __attribute__((noinline)) int
937in6ctl_gifstat(struct ifnet *ifp, u_long cmd, struct in6_ifreq *ifr)
938{
939 int error = 0, index;
55e303ae 940
39236c6e
A		 941 VERIFY(ifp != NULL);
942 index = ifp->if_index;
943
944 switch (cmd) {
0a7de745 945 case SIOCGIFSTAT_IN6: /* struct in6_ifreq */
39236c6e
A		 946 /* N.B.: if_inet6data is never freed once set. */
947 if (IN6_IFEXTRA(ifp) == NULL) {
948 /* return (EAFNOSUPPORT)? */
949 bzero(&ifr->ifr_ifru.ifru_stat,
0a7de745 950 sizeof(ifr->ifr_ifru.ifru_stat));
b0d623f7 951 } else {
39236c6e
A		 952 bcopy(&IN6_IFEXTRA(ifp)->in6_ifstat,
953 &ifr->ifr_ifru.ifru_stat,
0a7de745 954 sizeof(ifr->ifr_ifru.ifru_stat));
b0d623f7 955 }
39236c6e
A		 956 break;
957
0a7de745 958 case SIOCGIFSTAT_ICMP6: /* struct in6_ifreq */
39236c6e
A		 959 /* N.B.: if_inet6data is never freed once set. */
960 if (IN6_IFEXTRA(ifp) == NULL) {
961 /* return (EAFNOSUPPORT)? */
d9a64523 962 bzero(&ifr->ifr_ifru.ifru_icmp6stat,
0a7de745 963 sizeof(ifr->ifr_ifru.ifru_icmp6stat));
39236c6e
A		 964 } else {
965 bcopy(&IN6_IFEXTRA(ifp)->icmp6_ifstat,
966 &ifr->ifr_ifru.ifru_icmp6stat,
0a7de745 967 sizeof(ifr->ifr_ifru.ifru_icmp6stat));
39236c6e
A		 968 }
969 break;
970
971 default:
972 VERIFY(0);
b0d623f7 973 /* NOTREACHED */
39236c6e 974 }
55e303ae 975
0a7de745 976 return error;
39236c6e
A		 977}
978
979/*
980 * Caller passes in the ioctl data pointer directly via "ifr", with the
981 * expectation that this routine always uses bcopy() or other byte-aligned
982 * memory accesses.
983 */
984static __attribute__((noinline)) int
985in6ctl_alifetime(struct in6_ifaddr *ia, u_long cmd, struct in6_ifreq *ifr,
986 boolean_t p64)
987{
988 uint64_t timenow = net_uptime();
989 struct in6_addrlifetime ia6_lt;
990 struct timeval caltime;
991 int error = 0;
992
0a7de745
A		 993 if (ia == NULL) {
994 return EADDRNOTAVAIL;
995 }
39236c6e
A		 996
997 switch (cmd) {
0a7de745 998 case SIOCGIFALIFETIME_IN6: /* struct in6_ifreq */
39236c6e
A		 999 IFA_LOCK(&ia->ia_ifa);
1000 /* retrieve time as calendar time (last arg is 1) */
1001 in6ifa_getlifetime(ia, &ia6_lt, 1);
1002 if (p64) {
1003 struct in6_addrlifetime_64 lt;
1004
0a7de745 1005 bzero(&lt, sizeof(lt));
39236c6e
A		 1006 lt.ia6t_expire = ia6_lt.ia6t_expire;
1007 lt.ia6t_preferred = ia6_lt.ia6t_preferred;
1008 lt.ia6t_vltime = ia6_lt.ia6t_vltime;
1009 lt.ia6t_pltime = ia6_lt.ia6t_pltime;
0a7de745 1010 bcopy(&lt, &ifr->ifr_ifru.ifru_lifetime, sizeof(lt));
39236c6e
A		 1011 } else {
1012 struct in6_addrlifetime_32 lt;
1013
0a7de745 1014 bzero(&lt, sizeof(lt));
39236c6e
A		 1015 lt.ia6t_expire = (uint32_t)ia6_lt.ia6t_expire;
1016 lt.ia6t_preferred = (uint32_t)ia6_lt.ia6t_preferred;
1017 lt.ia6t_vltime = (uint32_t)ia6_lt.ia6t_vltime;
1018 lt.ia6t_pltime = (uint32_t)ia6_lt.ia6t_pltime;
0a7de745 1019 bcopy(&lt, &ifr->ifr_ifru.ifru_lifetime, sizeof(lt));
39236c6e
A		 1020 }
1021 IFA_UNLOCK(&ia->ia_ifa);
1022 break;
1023
0a7de745 1024 case SIOCSIFALIFETIME_IN6: /* struct in6_ifreq */
39236c6e
A		 1025 getmicrotime(&caltime);
1026
1027 /* sanity for overflow - beware unsigned */
1028 if (p64) {
1029 struct in6_addrlifetime_64 lt;
1030
0a7de745 1031 bcopy(&ifr->ifr_ifru.ifru_lifetime, &lt, sizeof(lt));
39236c6e
A		 1032 if (lt.ia6t_vltime != ND6_INFINITE_LIFETIME &&
1033 lt.ia6t_vltime + caltime.tv_sec < caltime.tv_sec) {
1034 error = EINVAL;
1035 break;
6d2010ae 1036 }
39236c6e
A		 1037 if (lt.ia6t_pltime != ND6_INFINITE_LIFETIME &&
1038 lt.ia6t_pltime + caltime.tv_sec < caltime.tv_sec) {
1039 error = EINVAL;
1040 break;
1041 }
1042 } else {
1043 struct in6_addrlifetime_32 lt;
1044
0a7de745 1045 bcopy(&ifr->ifr_ifru.ifru_lifetime, &lt, sizeof(lt));
39236c6e
A		 1046 if (lt.ia6t_vltime != ND6_INFINITE_LIFETIME &&
1047 lt.ia6t_vltime + caltime.tv_sec < caltime.tv_sec) {
1048 error = EINVAL;
1049 break;
1050 }
1051 if (lt.ia6t_pltime != ND6_INFINITE_LIFETIME &&
1052 lt.ia6t_pltime + caltime.tv_sec < caltime.tv_sec) {
1053 error = EINVAL;
1054 break;
6d2010ae 1055 }
55e303ae 1056 }
39236c6e
A		 1057
1058 IFA_LOCK(&ia->ia_ifa);
1059 if (p64) {
1060 struct in6_addrlifetime_64 lt;
1061
0a7de745 1062 bcopy(&ifr->ifr_ifru.ifru_lifetime, &lt, sizeof(lt));
39236c6e
A		 1063 ia6_lt.ia6t_expire = lt.ia6t_expire;
1064 ia6_lt.ia6t_preferred = lt.ia6t_preferred;
1065 ia6_lt.ia6t_vltime = lt.ia6t_vltime;
1066 ia6_lt.ia6t_pltime = lt.ia6t_pltime;
1067 } else {
1068 struct in6_addrlifetime_32 lt;
1069
0a7de745 1070 bcopy(&ifr->ifr_ifru.ifru_lifetime, &lt, sizeof(lt));
39236c6e
A		 1071 ia6_lt.ia6t_expire = (uint32_t)lt.ia6t_expire;
1072 ia6_lt.ia6t_preferred = (uint32_t)lt.ia6t_preferred;
1073 ia6_lt.ia6t_vltime = lt.ia6t_vltime;
1074 ia6_lt.ia6t_pltime = lt.ia6t_pltime;
1075 }
1076 /* for sanity */
0a7de745 1077 if (ia6_lt.ia6t_vltime != ND6_INFINITE_LIFETIME) {
39236c6e 1078 ia6_lt.ia6t_expire = timenow + ia6_lt.ia6t_vltime;
0a7de745 1079 } else {
39236c6e 1080 ia6_lt.ia6t_expire = 0;
0a7de745 1081 }
39236c6e 1082
0a7de745 1083 if (ia6_lt.ia6t_pltime != ND6_INFINITE_LIFETIME) {
39236c6e 1084 ia6_lt.ia6t_preferred = timenow + ia6_lt.ia6t_pltime;
0a7de745 1085 } else {
39236c6e 1086 ia6_lt.ia6t_preferred = 0;
0a7de745 1087 }
39236c6e
A		 1088
1089 in6ifa_setlifetime(ia, &ia6_lt);
1090 IFA_UNLOCK(&ia->ia_ifa);
1091 break;
1092
1093 default:
1094 VERIFY(0);
316670eb 1095 /* NOTREACHED */
39236c6e
A		 1096 }
1097
0a7de745 1098 return error;
39236c6e 1099}
316670eb 1100
d9a64523
A		 1101static int
1102in6ctl_clat46start(struct ifnet *ifp)
1103{
1104 struct nd_prefix *pr = NULL;
1105 struct nd_prefix *next = NULL;
1106 struct in6_ifaddr *ia6 = NULL;
1107 int error = 0;
1108
0a7de745
A		 1109 if (ifp == lo_ifp) {
1110 return EINVAL;
1111 }
d9a64523
A		 1112 /*
1113 * Traverse the list of prefixes and find the first non-linklocal
1114 * prefix on the interface.
1115 * For that found eligible prefix, configure a CLAT46 reserved address.
1116 */
1117 lck_mtx_lock(nd6_mutex);
1118 for (pr = nd_prefix.lh_first; pr; pr = next) {
1119 next = pr->ndpr_next;
1120
1121 NDPR_LOCK(pr);
1122 if (pr->ndpr_ifp != ifp) {
1123 NDPR_UNLOCK(pr);
1124 continue;
1125 }
1126
1127 if (IN6_IS_ADDR_LINKLOCAL(&pr->ndpr_prefix.sin6_addr)) {
1128 NDPR_UNLOCK(pr);
1129 continue; /* XXX */
1130 }
1131
1132 if (pr->ndpr_raf_auto == 0) {
1133 NDPR_UNLOCK(pr);
1134 continue;
1135 }
1136
1137 if (pr->ndpr_stateflags & NDPRF_DEFUNCT) {
1138 NDPR_UNLOCK(pr);
1139 continue;
1140 }
1141
1142 if ((pr->ndpr_stateflags & NDPRF_CLAT46) == 0
1143 && pr->ndpr_vltime != 0) {
1144 NDPR_ADDREF_LOCKED(pr); /* Take reference for rest of the processing */
1145 NDPR_UNLOCK(pr);
1146 break;
1147 } else {
1148 NDPR_UNLOCK(pr);
1149 continue;
1150 }
1151 }
1152 lck_mtx_unlock(nd6_mutex);
1153
1154 if (pr != NULL) {
1155 if ((ia6 = in6_pfx_newpersistaddr(pr, FALSE, &error, TRUE)) == NULL) {
1156 nd6log0((LOG_ERR, "Could not configure CLAT46 address on interface "
1157 "%s.\n", ifp->if_xname));
1158 } else {
1159 IFA_LOCK(&ia6->ia_ifa);
1160 NDPR_LOCK(pr);
1161 ia6->ia6_ndpr = pr;
1162 NDPR_ADDREF_LOCKED(pr); /* for addr reference */
1163 pr->ndpr_stateflags |= NDPRF_CLAT46;
1164 pr->ndpr_addrcnt++;
1165 VERIFY(pr->ndpr_addrcnt != 0);
1166 NDPR_UNLOCK(pr);
1167 IFA_UNLOCK(&ia6->ia_ifa);
1168 IFA_REMREF(&ia6->ia_ifa);
1169 ia6 = NULL;
1170 /*
1171 * A newly added address might affect the status
1172 * of other addresses, so we check and update it.
1173 * XXX: what if address duplication happens?
1174 */
1175 lck_mtx_lock(nd6_mutex);
1176 pfxlist_onlink_check();
1177 lck_mtx_unlock(nd6_mutex);
1178 }
1179 NDPR_REMREF(pr);
1180 }
0a7de745 1181 return error;
d9a64523
A		 1182}
1183
0a7de745 1184#define ifa2ia6(ifa) ((struct in6_ifaddr *)(void *)(ifa))
39236c6e
A		 1185
1186/*
1187 * Generic INET6 control operations (ioctl's).
1188 *
1189 * ifp is NULL if not an interface-specific ioctl.
1190 *
1191 * Most of the routines called to handle the ioctls would end up being
1192 * tail-call optimized, which unfortunately causes this routine to
1193 * consume too much stack space; this is the reason for the "noinline"
1194 * attribute used on those routines.
1195 *
1196 * If called directly from within the networking stack (as opposed to via
1197 * pru_control), the socket parameter may be NULL.
1198 */
1199int
1200in6_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp,
1201 struct proc *p)
1202{
1203 struct in6_ifreq *ifr = (struct in6_ifreq *)(void *)data;
1204 struct in6_aliasreq sifra, *ifra = NULL;
1205 struct in6_ifaddr *ia = NULL;
1206 struct sockaddr_in6 sin6, *sa6 = NULL;
1207 boolean_t privileged = (proc_suser(p) == 0);
1208 boolean_t p64 = proc_is64bit(p);
1209 boolean_t so_unlocked = FALSE;
1210 int intval, error = 0;
1211
1212 /* In case it's NULL, make sure it came from the kernel */
1213 VERIFY(so != NULL || p == kernproc);
1214
1215 /*
1216 * ioctls which don't require ifp, may require socket.
1217 */
1218 switch (cmd) {
0a7de745
A		 1219 case SIOCAADDRCTL_POLICY: /* struct in6_addrpolicy */
1220 case SIOCDADDRCTL_POLICY: /* struct in6_addrpolicy */
1221 if (!privileged) {
1222 return EPERM;
1223 }
1224 return in6_src_ioctl(cmd, data);
1225 /* NOTREACHED */
39236c6e 1226
0a7de745
A		 1227 case SIOCDRADD_IN6_32: /* struct in6_defrouter_32 */
1228 case SIOCDRADD_IN6_64: /* struct in6_defrouter_64 */
1229 case SIOCDRDEL_IN6_32: /* struct in6_defrouter_32 */
1230 case SIOCDRDEL_IN6_64: /* struct in6_defrouter_64 */
1231 if (!privileged) {
1232 return EPERM;
1233 }
1234 return defrtrlist_ioctl(cmd, data);
1235 /* NOTREACHED */
1236
1237 case SIOCGASSOCIDS32: /* struct so_aidreq32 */
1238 case SIOCGASSOCIDS64: /* struct so_aidreq64 */
1239 return in6ctl_associd(so, cmd, data);
1240 /* NOTREACHED */
1241
1242 case SIOCGCONNIDS32: /* struct so_cidreq32 */
1243 case SIOCGCONNIDS64: /* struct so_cidreq64 */
1244 return in6ctl_connid(so, cmd, data);
1245 /* NOTREACHED */
1246
1247 case SIOCGCONNINFO32: /* struct so_cinforeq32 */
1248 case SIOCGCONNINFO64: /* struct so_cinforeq64 */
1249 return in6ctl_conninfo(so, cmd, data);
39236c6e
A		 1250 /* NOTREACHED */
1251 }
1252
1253 /*
1254 * The rest of ioctls require ifp; reject if we don't have one;
1255 * return ENXIO to be consistent with ifioctl().
1256 */
0a7de745
A		 1257 if (ifp == NULL) {
1258 return ENXIO;
1259 }
39236c6e 1260
3e170ce0
A		 1261 /*
1262 * Unlock the socket since ifnet_ioctl() may be invoked by
1263 * one of the ioctl handlers below. Socket will be re-locked
1264 * prior to returning.
1265 */
1266 if (so != NULL) {
1267 socket_unlock(so, 0);
1268 so_unlocked = TRUE;
1269 }
1270
39236c6e
A		 1271 /*
1272 * ioctls which require ifp but not interface address.
1273 */
1274 switch (cmd) {
0a7de745 1275 case SIOCAUTOCONF_START: /* struct in6_ifreq */
3e170ce0
A		 1276 if (!privileged) {
1277 error = EPERM;
1278 goto done;
1279 }
1280 error = in6_autoconf(ifp, TRUE);
1281 goto done;
39236c6e 1282
0a7de745 1283 case SIOCAUTOCONF_STOP: /* struct in6_ifreq */
3e170ce0
A		 1284 if (!privileged) {
1285 error = EPERM;
1286 goto done;
1287 }
1288 error = in6_autoconf(ifp, FALSE);
1289 goto done;
39236c6e 1290
0a7de745
A		 1291 case SIOCLL_START_32: /* struct in6_aliasreq_32 */
1292 case SIOCLL_START_64: /* struct in6_aliasreq_64 */
3e170ce0
A		 1293 if (!privileged) {
1294 error = EPERM;
1295 goto done;
1296 }
1297 error = in6ctl_llstart(ifp, cmd, data);
1298 goto done;
39236c6e 1299
0a7de745 1300 case SIOCLL_STOP: /* struct in6_ifreq */
3e170ce0
A		 1301 if (!privileged) {
1302 error = EPERM;
1303 goto done;
1304 }
1305 error = in6ctl_llstop(ifp);
1306 goto done;
39236c6e 1307
0a7de745 1308 case SIOCCLAT46_START: /* struct in6_ifreq */
d9a64523
A		 1309 if (!privileged) {
1310 error = EPERM;
1311 goto done;
1312 }
1313 error = in6ctl_clat46start(ifp);
0a7de745 1314 if (error == 0) {
d9a64523 1315 ifp->if_eflags |= IFEF_CLAT46;
0a7de745 1316 }
d9a64523
A		 1317 goto done;
1318
0a7de745 1319 case SIOCCLAT46_STOP: /* struct in6_ifreq */
d9a64523
A		 1320 if (!privileged) {
1321 error = EPERM;
1322 goto done;
1323 }
1324
1325 /*
1326 * Not much to be done here and it might not be needed
1327 * It would usually be done when IPv6 configuration is being
1328 * flushed.
1329 * XXX Probably STOP equivalent is not needed here.
1330 */
1331 ifp->if_eflags &= ~IFEF_CLAT46;
1332 goto done;
0a7de745 1333 case SIOCSETROUTERMODE_IN6: /* struct in6_ifreq */
3e170ce0
A		 1334 if (!privileged) {
1335 error = EPERM;
1336 goto done;
1337 }
316670eb 1338 bcopy(&((struct in6_ifreq *)(void *)data)->ifr_intval,
0a7de745 1339 &intval, sizeof(intval));
316670eb 1340
3e170ce0
A		 1341 error = in6_setrouter(ifp, intval);
1342 goto done;
55e303ae 1343
0a7de745
A		 1344 case SIOCPROTOATTACH_IN6_32: /* struct in6_aliasreq_32 */
1345 case SIOCPROTOATTACH_IN6_64: /* struct in6_aliasreq_64 */
3e170ce0
A		 1346 if (!privileged) {
1347 error = EPERM;
1348 goto done;
1349 }
1350 error = in6_domifattach(ifp);
1351 goto done;
55e303ae 1352
0a7de745 1353 case SIOCPROTODETACH_IN6: /* struct in6_ifreq */
3e170ce0
A		 1354 if (!privileged) {
1355 error = EPERM;
1356 goto done;
1357 }
b0d623f7
A		 1358 /* Cleanup interface routes and addresses */
1359 in6_purgeif(ifp);
55e303ae 1360
0a7de745 1361 if ((error = proto_unplumb(PF_INET6, ifp))) {
39236c6e 1362 log(LOG_ERR, "SIOCPROTODETACH_IN6: %s error=%d\n",
b0d623f7 1363 if_name(ifp), error);
0a7de745 1364 }
3e170ce0 1365 goto done;
39236c6e 1366
0a7de745
A		 1367 case SIOCSNDFLUSH_IN6: /* struct in6_ifreq */
1368 case SIOCSPFXFLUSH_IN6: /* struct in6_ifreq */
1369 case SIOCSRTRFLUSH_IN6: /* struct in6_ifreq */
1370 case SIOCSDEFIFACE_IN6_32: /* struct in6_ndifreq_32 */
1371 case SIOCSDEFIFACE_IN6_64: /* struct in6_ndifreq_64 */
1372 case SIOCSIFINFO_FLAGS: /* struct in6_ndireq */
1373 case SIOCGIFCGAPREP_IN6: /* struct in6_ifreq */
1374 case SIOCSIFCGAPREP_IN6: /* struct in6_ifreq */
3e170ce0
A		 1375 if (!privileged) {
1376 error = EPERM;
1377 goto done;
1378 }
0a7de745
A		 1379 /* FALLTHRU */
1380 case OSIOCGIFINFO_IN6: /* struct in6_ondireq */
1381 case SIOCGIFINFO_IN6: /* struct in6_ondireq */
1382 case SIOCGDRLST_IN6_32: /* struct in6_drlist_32 */
1383 case SIOCGDRLST_IN6_64: /* struct in6_drlist_64 */
1384 case SIOCGPRLST_IN6_32: /* struct in6_prlist_32 */
1385 case SIOCGPRLST_IN6_64: /* struct in6_prlist_64 */
1386 case SIOCGNBRINFO_IN6_32: /* struct in6_nbrinfo_32 */
1387 case SIOCGNBRINFO_IN6_64: /* struct in6_nbrinfo_64 */
1388 case SIOCGDEFIFACE_IN6_32: /* struct in6_ndifreq_32 */
1389 case SIOCGDEFIFACE_IN6_64: /* struct in6_ndifreq_64 */
3e170ce0
A		 1390 error = nd6_ioctl(cmd, data, ifp);
1391 goto done;
39236c6e 1392
0a7de745
A		 1393 case SIOCSIFPREFIX_IN6: /* struct in6_prefixreq (deprecated) */
1394 case SIOCDIFPREFIX_IN6: /* struct in6_prefixreq (deprecated) */
1395 case SIOCAIFPREFIX_IN6: /* struct in6_rrenumreq (deprecated) */
1396 case SIOCCIFPREFIX_IN6: /* struct in6_rrenumreq (deprecated) */
1397 case SIOCSGIFPREFIX_IN6: /* struct in6_rrenumreq (deprecated) */
1398 case SIOCGIFPREFIX_IN6: /* struct in6_prefixreq (deprecated) */
39236c6e
A		 1399 log(LOG_NOTICE,
1400 "prefix ioctls are now invalidated. "
1401 "please use ifconfig.\n");
3e170ce0
A		 1402 error = EOPNOTSUPP;
1403 goto done;
39236c6e 1404
0a7de745
A		 1405 case SIOCSSCOPE6: /* struct in6_ifreq (deprecated) */
1406 case SIOCGSCOPE6: /* struct in6_ifreq (deprecated) */
1407 case SIOCGSCOPE6DEF: /* struct in6_ifreq (deprecated) */
3e170ce0
A		 1408 error = EOPNOTSUPP;
1409 goto done;
0a7de745
A		 1410
1411 case SIOCLL_CGASTART_32: /* struct in6_cgareq_32 */
1412 case SIOCLL_CGASTART_64: /* struct in6_cgareq_64 */
1413 if (!privileged) {
3e170ce0 1414 error = EPERM;
0a7de745 1415 } else {
3e170ce0 1416 error = in6ctl_cgastart(ifp, cmd, data);
0a7de745 1417 }
3e170ce0 1418 goto done;
39236c6e 1419
0a7de745
A		 1420 case SIOCGIFSTAT_IN6: /* struct in6_ifreq */
1421 case SIOCGIFSTAT_ICMP6: /* struct in6_ifreq */
3e170ce0
A		 1422 error = in6ctl_gifstat(ifp, cmd, ifr);
1423 goto done;
39236c6e
A		 1424 }
1425
1426 /*
1427 * ioctls which require interface address; obtain sockaddr_in6.
1428 */
1429 switch (cmd) {
0a7de745
A		 1430 case SIOCSIFADDR_IN6: /* struct in6_ifreq (deprecated) */
1431 case SIOCSIFDSTADDR_IN6: /* struct in6_ifreq (deprecated) */
1432 case SIOCSIFNETMASK_IN6: /* struct in6_ifreq (deprecated) */
39236c6e
A		 1433 /*
1434 * Since IPv6 allows a node to assign multiple addresses
1435 * on a single interface, SIOCSIFxxx ioctls are deprecated.
1436 */
1437 /* we decided to obsolete this command (20000704) */
3e170ce0
A		 1438 error = EOPNOTSUPP;
1439 goto done;
39236c6e 1440
0a7de745
A		 1441 case SIOCAIFADDR_IN6_32: /* struct in6_aliasreq_32 */
1442 case SIOCAIFADDR_IN6_64: /* struct in6_aliasreq_64 */
3e170ce0
A		 1443 if (!privileged) {
1444 error = EPERM;
1445 goto done;
0a7de745 1446 }
39236c6e
A		 1447 /*
1448 * Convert user ifra to the kernel form, when appropriate.
1449 * This allows the conversion between different data models
1450 * to be centralized, so that it can be passed around to other
1451 * routines that are expecting the kernel form.
1452 */
1453 ifra = in6_aliasreq_to_native(data,
1454 (cmd == SIOCAIFADDR_IN6_64), &sifra);
0a7de745 1455 bcopy(&ifra->ifra_addr, &sin6, sizeof(sin6));
39236c6e
A		 1456 sa6 = &sin6;
1457 break;
1458
0a7de745
A		 1459 case SIOCDIFADDR_IN6: /* struct in6_ifreq */
1460 case SIOCSIFALIFETIME_IN6: /* struct in6_ifreq */
3e170ce0
A		 1461 if (!privileged) {
1462 error = EPERM;
1463 goto done;
1464 }
0a7de745
A		 1465 /* FALLTHRU */
1466 case SIOCGIFADDR_IN6: /* struct in6_ifreq */
1467 case SIOCGIFDSTADDR_IN6: /* struct in6_ifreq */
1468 case SIOCGIFNETMASK_IN6: /* struct in6_ifreq */
1469 case SIOCGIFAFLAG_IN6: /* struct in6_ifreq */
1470 case SIOCGIFALIFETIME_IN6: /* struct in6_ifreq */
1471 bcopy(&ifr->ifr_addr, &sin6, sizeof(sin6));
39236c6e
A		 1472 sa6 = &sin6;
1473 break;
4d15aeb1
A		 1474 case SIOCGIFDSTADDR:
1475 case SIOCSIFDSTADDR:
1476 case SIOCGIFBRDADDR:
1477 case SIOCSIFBRDADDR:
1478 case SIOCGIFNETMASK:
1479 case SIOCSIFNETMASK:
1480 case SIOCGIFADDR:
1481 case SIOCSIFADDR:
1482 case SIOCAIFADDR:
1483 case SIOCDIFADDR:
1484 /* Do not handle these AF_INET commands in AF_INET6 path */
1485 error = EINVAL;
1486 goto done;
9bccf70c 1487 }
b0d623f7 1488
1c79356b 1489 /*
316670eb
A		 1490 * Find address for this interface, if it exists.
1491 *
1492 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation
1493 * only, and used the first interface address as the target of other
1494 * operations (without checking ifra_addr). This was because netinet
1495 * code/API assumed at most 1 interface address per interface.
1496 * Since IPv6 allows a node to assign multiple addresses
1497 * on a single interface, we almost always look and check the
1498 * presence of ifra_addr, and reject invalid ones here.
1499 * It also decreases duplicated code among SIOC*_IN6 operations.
1c79356b 1500 */
39236c6e 1501 VERIFY(ia == NULL);
b0d623f7 1502 if (sa6 != NULL && sa6->sin6_family == AF_INET6) {
1c79356b
A		 1503 if (IN6_IS_ADDR_LINKLOCAL(&sa6->sin6_addr)) {
1504 if (sa6->sin6_addr.s6_addr16[1] == 0) {
9bccf70c 1505 /* link ID is not embedded by the user */
1c79356b 1506 sa6->sin6_addr.s6_addr16[1] =
b0d623f7 1507 htons(ifp->if_index);
1c79356b 1508 } else if (sa6->sin6_addr.s6_addr16[1] !=
b0d623f7 1509 htons(ifp->if_index)) {
3e170ce0
A		 1510 error = EINVAL; /* link ID contradicts */
1511 goto done;
1c79356b
A		 1512 }
1513 if (sa6->sin6_scope_id) {
1514 if (sa6->sin6_scope_id !=
3e170ce0
A		 1515 (u_int32_t)ifp->if_index) {
1516 error = EINVAL;
1517 goto done;
1518 }
1c79356b
A		 1519 sa6->sin6_scope_id = 0; /* XXX: good way? */
1520 }
1521 }
39236c6e
A		 1522 /*
1523 * Any failures from this point on must take into account
1524 * a non-NULL "ia" with an outstanding reference count, and
1525 * therefore requires IFA_REMREF. Jump to "done" label
1526 * instead of calling return if "ia" is valid.
1527 */
b0d623f7 1528 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr);
1c79356b
A		 1529 }
1530
39236c6e
A		 1531 /*
1532 * SIOCDIFADDR_IN6/SIOCAIFADDR_IN6 specific tests.
1533 */
1c79356b 1534 switch (cmd) {
0a7de745 1535 case SIOCDIFADDR_IN6: /* struct in6_ifreq */
3e170ce0
A		 1536 if (ia == NULL) {
1537 error = EADDRNOTAVAIL;
1538 goto done;
1539 }
0a7de745
A		 1540 /* FALLTHROUGH */
1541 case SIOCAIFADDR_IN6_32: /* struct in6_aliasreq_32 */
1542 case SIOCAIFADDR_IN6_64: /* struct in6_aliasreq_64 */
316670eb 1543 VERIFY(sa6 != NULL);
1c79356b 1544 /*
9bccf70c 1545 * We always require users to specify a valid IPv6 address for
b0d623f7
A		 1546 * the corresponding operation. Use "sa6" instead of "ifra"
1547 * since SIOCDIFADDR_IN6 falls thru above.
1c79356b 1548 */
b0d623f7 1549 if (sa6->sin6_family != AF_INET6 ||
0a7de745 1550 sa6->sin6_len != sizeof(struct sockaddr_in6)) {
91447636 1551 error = EAFNOSUPPORT;
39236c6e 1552 goto done;
91447636 1553 }
1c79356b 1554 break;
39236c6e
A		 1555 }
1556
39236c6e
A		 1557 /*
1558 * And finally process address-related ioctls.
1559 */
1560 switch (cmd) {
0a7de745
A		 1561 case SIOCGIFADDR_IN6: /* struct in6_ifreq */
1562 /* This interface is basically deprecated. use SIOCGIFCONF. */
1563 /* FALLTHRU */
1564 case SIOCGIFDSTADDR_IN6: /* struct in6_ifreq */
39236c6e 1565 error = in6ctl_gifaddr(ifp, ia, cmd, ifr);
1c79356b 1566 break;
1c79356b 1567
0a7de745 1568 case SIOCGIFNETMASK_IN6: /* struct in6_ifreq */
39236c6e
A		 1569 if (ia != NULL) {
1570 IFA_LOCK(&ia->ia_ifa);
1571 bcopy(&ia->ia_prefixmask, &ifr->ifr_addr,
0a7de745 1572 sizeof(struct sockaddr_in6));
39236c6e
A		 1573 IFA_UNLOCK(&ia->ia_ifa);
1574 } else {
91447636 1575 error = EADDRNOTAVAIL;
91447636 1576 }
39236c6e 1577 break;
b0d623f7 1578
0a7de745 1579 case SIOCGIFAFLAG_IN6: /* struct in6_ifreq */
39236c6e
A		 1580 if (ia != NULL) {
1581 IFA_LOCK(&ia->ia_ifa);
1582 bcopy(&ia->ia6_flags, &ifr->ifr_ifru.ifru_flags6,
0a7de745 1583 sizeof(ifr->ifr_ifru.ifru_flags6));
39236c6e 1584 IFA_UNLOCK(&ia->ia_ifa);
b0d623f7 1585 } else {
39236c6e 1586 error = EADDRNOTAVAIL;
1c79356b
A		 1587 }
1588 break;
6d2010ae 1589
0a7de745
A		 1590 case SIOCGIFALIFETIME_IN6: /* struct in6_ifreq */
1591 case SIOCSIFALIFETIME_IN6: /* struct in6_ifreq */
39236c6e 1592 error = in6ctl_alifetime(ia, cmd, ifr, p64);
1c79356b
A		 1593 break;
1594
0a7de745
A		 1595 case SIOCAIFADDR_IN6_32: /* struct in6_aliasreq_32 */
1596 case SIOCAIFADDR_IN6_64: /* struct in6_aliasreq_64 */
39236c6e 1597 error = in6ctl_aifaddr(ifp, ifra);
1c79356b 1598 break;
316670eb 1599
39236c6e
A		 1600 case SIOCDIFADDR_IN6:
1601 in6ctl_difaddr(ifp, ia);
1602 break;
1c79356b 1603
39236c6e
A		 1604 default:
1605 error = ifnet_ioctl(ifp, PF_INET6, cmd, data);
1c79356b 1606 break;
316670eb
A		 1607 }
1608
39236c6e 1609done:
0a7de745 1610 if (ia != NULL) {
39236c6e 1611 IFA_REMREF(&ia->ia_ifa);
0a7de745
A		 1612 }
1613 if (so_unlocked) {
39236c6e 1614 socket_lock(so, 0);
0a7de745 1615 }
1c79356b 1616
0a7de745 1617 return error;
39236c6e 1618}
316670eb 1619
39236c6e
A		 1620static __attribute__((noinline)) int
1621in6ctl_aifaddr(struct ifnet *ifp, struct in6_aliasreq *ifra)
1622{
1623 int i, error, addtmp, plen;
1624 struct nd_prefix pr0, *pr;
1625 struct in6_ifaddr *ia;
1c79356b 1626
39236c6e
A		 1627 VERIFY(ifp != NULL && ifra != NULL);
1628 ia = NULL;
316670eb 1629
39236c6e
A		 1630 /* Attempt to attach the protocol, in case it isn't attached */
1631 error = in6_domifattach(ifp);
1632 if (error == 0) {
1633 /* PF_INET6 wasn't previously attached */
1634 error = in6_ifattach_aliasreq(ifp, NULL, NULL);
0a7de745 1635 if (error != 0) {
39236c6e 1636 goto done;
0a7de745 1637 }
1c79356b 1638
39236c6e
A		 1639 in6_if_up_dad_start(ifp);
1640 } else if (error != EEXIST) {
1641 goto done;
316670eb
A		 1642 }
1643
39236c6e
A		 1644 /*
1645 * First, make or update the interface address structure, and link it
1646 * to the list.
1647 */
1648 error = in6_update_ifa(ifp, ifra, 0, &ia);
0a7de745 1649 if (error != 0) {
39236c6e 1650 goto done;
0a7de745 1651 }
39236c6e 1652 VERIFY(ia != NULL);
1c79356b 1653
39236c6e
A		 1654 /* Now, make the prefix on-link on the interface. */
1655 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, NULL);
0a7de745 1656 if (plen == 128) {
39236c6e 1657 goto done;
0a7de745 1658 }
316670eb 1659
39236c6e
A		 1660 /*
1661 * NOTE: We'd rather create the prefix before the address, but we need
1662 * at least one address to install the corresponding interface route,
1663 * so we configure the address first.
1664 */
b0d623f7 1665
39236c6e
A		 1666 /*
1667 * Convert mask to prefix length (prefixmask has already been validated
1668 * in in6_update_ifa().
1669 */
0a7de745 1670 bzero(&pr0, sizeof(pr0));
39236c6e
A		 1671 pr0.ndpr_plen = plen;
1672 pr0.ndpr_ifp = ifp;
1673 pr0.ndpr_prefix = ifra->ifra_addr;
1674 pr0.ndpr_mask = ifra->ifra_prefixmask.sin6_addr;
1675
1676 /* apply the mask for safety. */
1677 for (i = 0; i < 4; i++) {
1678 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &=
1679 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i];
316670eb
A		 1680 }
1681
39236c6e
A		 1682 /*
1683 * Since we don't have an API to set prefix (not address) lifetimes, we
1684 * just use the same lifetimes as addresses. The (temporarily)
1685 * installed lifetimes can be overridden by later advertised RAs (when
1686 * accept_rtadv is non 0), which is an intended behavior.
1687 */
1688 pr0.ndpr_raf_onlink = 1; /* should be configurable? */
1689 pr0.ndpr_raf_auto = !!(ifra->ifra_flags & IN6_IFF_AUTOCONF);
1690 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime;
1691 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime;
1692 pr0.ndpr_stateflags |= NDPRF_STATIC;
1693 lck_mtx_init(&pr0.ndpr_lock, ifa_mtx_grp, ifa_mtx_attr);
1694
3e170ce0
A		 1695 /* add the prefix if there's none. */
1696 if ((pr = nd6_prefix_lookup(&pr0, ND6_PREFIX_EXPIRY_NEVER)) == NULL) {
39236c6e
A		 1697 /*
1698 * nd6_prelist_add will install the corresponding interface
1699 * route.
1700 */
1701 error = nd6_prelist_add(&pr0, NULL, &pr, FALSE);
0a7de745 1702 if (error != 0) {
39236c6e 1703 goto done;
0a7de745 1704 }
b0d623f7 1705
39236c6e
A		 1706 if (pr == NULL) {
1707 log(LOG_ERR, "%s: nd6_prelist_add okay, but"
1708 " no prefix.\n", __func__);
1709 error = EINVAL;
1710 goto done;
b0d623f7 1711 }
316670eb 1712 }
1c79356b 1713
39236c6e 1714 IFA_LOCK(&ia->ia_ifa);
316670eb 1715
39236c6e
A		 1716 /* if this is a new autoconfed addr */
1717 addtmp = FALSE;
3e170ce0 1718 if (ia->ia6_ndpr == NULL) {
39236c6e
A		 1719 NDPR_LOCK(pr);
1720 ++pr->ndpr_addrcnt;
1721 VERIFY(pr->ndpr_addrcnt != 0);
1722 ia->ia6_ndpr = pr;
0a7de745 1723 NDPR_ADDREF_LOCKED(pr); /* for addr reference */
1c79356b 1724
1c79356b 1725 /*
39236c6e
A		 1726 * If this is the first autoconf address from the prefix,
1727 * create a temporary address as well (when specified).
1c79356b 1728 */
3e170ce0
A		 1729 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) != 0 &&
1730 ip6_use_tempaddr &&
1731 pr->ndpr_addrcnt == 1) {
1732 addtmp = true;
1733 }
39236c6e
A		 1734 NDPR_UNLOCK(pr);
1735 }
9bccf70c 1736
39236c6e 1737 IFA_UNLOCK(&ia->ia_ifa);
1c79356b 1738
39236c6e
A		 1739 if (addtmp) {
1740 int e;
1741 e = in6_tmpifadd(ia, 1);
0a7de745 1742 if (e != 0) {
39236c6e
A		 1743 log(LOG_NOTICE, "%s: failed to create a"
1744 " temporary address, error=%d\n",
1745 __func__, e);
0a7de745 1746 }
39236c6e 1747 }
9bccf70c 1748
39236c6e
A		 1749 /*
1750 * This might affect the status of autoconfigured addresses, that is,
1751 * this address might make other addresses detached.
1752 */
1753 lck_mtx_lock(nd6_mutex);
1754 pfxlist_onlink_check();
1755 lck_mtx_unlock(nd6_mutex);
1c79356b 1756
39236c6e
A		 1757 /* Drop use count held above during lookup/add */
1758 NDPR_REMREF(pr);
9bccf70c 1759
39236c6e 1760done:
0a7de745 1761 if (ia != NULL) {
39236c6e 1762 IFA_REMREF(&ia->ia_ifa);
0a7de745
A		 1763 }
1764 return error;
39236c6e 1765}
1c79356b 1766
39236c6e
A		 1767static __attribute__((noinline)) void
1768in6ctl_difaddr(struct ifnet *ifp, struct in6_ifaddr *ia)
1769{
1770 int i = 0;
1771 struct nd_prefix pr0, *pr;
1c79356b 1772
39236c6e 1773 VERIFY(ifp != NULL && ia != NULL);
2d21ac55 1774
39236c6e
A		 1775 /*
1776 * If the address being deleted is the only one that owns
1777 * the corresponding prefix, expire the prefix as well.
1778 * XXX: theoretically, we don't have to worry about such
1779 * relationship, since we separate the address management
1780 * and the prefix management. We do this, however, to provide
1781 * as much backward compatibility as possible in terms of
1782 * the ioctl operation.
1783 * Note that in6_purgeaddr() will decrement ndpr_addrcnt.
1784 */
1785 IFA_LOCK(&ia->ia_ifa);
0a7de745 1786 bzero(&pr0, sizeof(pr0));
39236c6e
A		 1787 pr0.ndpr_ifp = ifp;
1788 pr0.ndpr_plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL);
1789 if (pr0.ndpr_plen == 128) {
1790 IFA_UNLOCK(&ia->ia_ifa);
1791 goto purgeaddr;
1792 }
1793 pr0.ndpr_prefix = ia->ia_addr;
1794 pr0.ndpr_mask = ia->ia_prefixmask.sin6_addr;
1795 for (i = 0; i < 4; i++) {
1796 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &=
1797 ia->ia_prefixmask.sin6_addr.s6_addr32[i];
9bccf70c 1798 }
39236c6e 1799 IFA_UNLOCK(&ia->ia_ifa);
3e170ce0
A		 1800
1801 if ((pr = nd6_prefix_lookup(&pr0, ND6_PREFIX_EXPIRY_UNSPEC)) != NULL) {
39236c6e
A		 1802 IFA_LOCK(&ia->ia_ifa);
1803 NDPR_LOCK(pr);
3e170ce0 1804 if (pr->ndpr_addrcnt == 1) {
39236c6e
A		 1805 /* XXX: just for expiration */
1806 pr->ndpr_expire = 1;
1807 }
1808 NDPR_UNLOCK(pr);
1809 IFA_UNLOCK(&ia->ia_ifa);
1c79356b 1810
39236c6e
A		 1811 /* Drop use count held above during lookup */
1812 NDPR_REMREF(pr);
1c79356b 1813 }
316670eb 1814
39236c6e
A		 1815purgeaddr:
1816 in6_purgeaddr(&ia->ia_ifa);
1c79356b
A		 1817}
1818
39236c6e 1819static __attribute__((noinline)) int
316670eb
A		 1820in6_autoconf(struct ifnet *ifp, int enable)
1821{
1822 int error = 0;
1823
39236c6e
A		 1824 VERIFY(ifp != NULL);
1825
0a7de745
A		 1826 if (ifp->if_flags & IFF_LOOPBACK) {
1827 return EINVAL;
1828 }
316670eb
A		 1829
1830 if (enable) {
1831 /*
1832 * An interface in IPv6 router mode implies that it
1833 * is either configured with a static IP address or
1834 * autoconfigured via a locally-generated RA. Prevent
1835 * SIOCAUTOCONF_START from being set in that mode.
1836 */
1837 ifnet_lock_exclusive(ifp);
1838 if (ifp->if_eflags & IFEF_IPV6_ROUTER) {
1839 ifp->if_eflags &= ~IFEF_ACCEPT_RTADV;
1840 error = EBUSY;
1841 } else {
1842 ifp->if_eflags |= IFEF_ACCEPT_RTADV;
1843 }
1844 ifnet_lock_done(ifp);
1845 } else {
1846 struct in6_ifaddr *ia = NULL;
1847
1848 ifnet_lock_exclusive(ifp);
1849 ifp->if_eflags &= ~IFEF_ACCEPT_RTADV;
1850 ifnet_lock_done(ifp);
1851
1852 /* Remove autoconfigured address from interface */
1853 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
1854 ia = in6_ifaddrs;
1855 while (ia != NULL) {
1856 if (ia->ia_ifa.ifa_ifp != ifp) {
1857 ia = ia->ia_next;
1858 continue;
1859 }
1860 IFA_LOCK(&ia->ia_ifa);
1861 if (ia->ia6_flags & IN6_IFF_AUTOCONF) {
0a7de745 1862 IFA_ADDREF_LOCKED(&ia->ia_ifa); /* for us */
316670eb
A		 1863 IFA_UNLOCK(&ia->ia_ifa);
1864 lck_rw_done(&in6_ifaddr_rwlock);
1865 in6_purgeaddr(&ia->ia_ifa);
0a7de745 1866 IFA_REMREF(&ia->ia_ifa); /* for us */
316670eb
A		 1867 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
1868 /*
1869 * Purging the address caused in6_ifaddr_rwlock
1870 * to be dropped and reacquired;
1871 * therefore search again from the beginning
1872 * of in6_ifaddrs list.
1873 */
1874 ia = in6_ifaddrs;
1875 continue;
1876 }
1877 IFA_UNLOCK(&ia->ia_ifa);
1878 ia = ia->ia_next;
1879 }
1880 lck_rw_done(&in6_ifaddr_rwlock);
1881 }
0a7de745 1882 return error;
316670eb
A		 1883}
1884
1885/*
1886 * Handle SIOCSETROUTERMODE_IN6 to set or clear the IPv6 router mode flag on
1887 * the interface. Entering or exiting this mode will result in the removal of
1888 * autoconfigured IPv6 addresses on the interface.
1889 */
39236c6e 1890static __attribute__((noinline)) int
316670eb
A		 1891in6_setrouter(struct ifnet *ifp, int enable)
1892{
39236c6e
A		 1893 VERIFY(ifp != NULL);
1894
0a7de745
A		 1895 if (ifp->if_flags & IFF_LOOPBACK) {
1896 return ENODEV;
1897 }
316670eb
A		 1898
1899 if (enable) {
3e170ce0 1900 struct nd_ifinfo *ndi = NULL;
316670eb 1901
316670eb
A		 1902 ndi = ND_IFINFO(ifp);
1903 if (ndi != NULL && ndi->initialized) {
1904 lck_mtx_lock(&ndi->lock);
1905 if (ndi->flags & ND6_IFF_PROXY_PREFIXES) {
1906 /* No proxy if we are an advertising router */
1907 ndi->flags &= ~ND6_IFF_PROXY_PREFIXES;
1908 lck_mtx_unlock(&ndi->lock);
316670eb
A		 1909 (void) nd6_if_prproxy(ifp, FALSE);
1910 } else {
1911 lck_mtx_unlock(&ndi->lock);
316670eb 1912 }
316670eb
A		 1913 }
1914 }
1915
1916 ifnet_lock_exclusive(ifp);
1917 if (enable) {
1918 ifp->if_eflags |= IFEF_IPV6_ROUTER;
1919 } else {
1920 ifp->if_eflags &= ~IFEF_IPV6_ROUTER;
1921 }
1922 ifnet_lock_done(ifp);
1923
1924 lck_mtx_lock(nd6_mutex);
1925 defrouter_select(ifp);
1926 lck_mtx_unlock(nd6_mutex);
1927
1928 if_allmulti(ifp, enable);
1929
0a7de745 1930 return in6_autoconf(ifp, FALSE);
316670eb
A		 1931}
1932
39236c6e
A		 1933static int
1934in6_to_kamescope(struct sockaddr_in6 *sin6, struct ifnet *ifp)
1c79356b 1935{
39236c6e
A		 1936 struct sockaddr_in6 tmp;
1937 int error, id;
1c79356b 1938
39236c6e
A		 1939 VERIFY(sin6 != NULL);
1940 tmp = *sin6;
91447636 1941
39236c6e 1942 error = in6_recoverscope(&tmp, &sin6->sin6_addr, ifp);
0a7de745
A		 1943 if (error != 0) {
1944 return error;
1945 }
9bccf70c 1946
39236c6e 1947 id = in6_addr2scopeid(ifp, &tmp.sin6_addr);
0a7de745 1948 if (tmp.sin6_scope_id == 0) {
39236c6e 1949 tmp.sin6_scope_id = id;
0a7de745
A		 1950 } else if (tmp.sin6_scope_id != id) {
1951 return EINVAL; /* scope ID mismatch. */
1952 }
39236c6e 1953 error = in6_embedscope(&tmp.sin6_addr, &tmp, NULL, NULL, NULL);
0a7de745
A		 1954 if (error != 0) {
1955 return error;
1956 }
9bccf70c 1957
39236c6e
A		 1958 tmp.sin6_scope_id = 0;
1959 *sin6 = tmp;
0a7de745 1960 return 0;
39236c6e 1961}
9bccf70c 1962
00867663
A		 1963/*
1964 * When the address is being configured we should clear out certain flags
1965 * coming in from the caller.
1966 */
0a7de745 1967#define IN6_IFF_CLR_ADDR_FLAG_MASK (~(IN6_IFF_DEPRECATED | IN6_IFF_DETACHED | IN6_IFF_DUPLICATED))
00867663 1968
39236c6e
A		 1969static int
1970in6_ifaupdate_aux(struct in6_ifaddr *ia, struct ifnet *ifp, int ifaupflags)
1971{
1972 struct sockaddr_in6 mltaddr, mltmask;
1973 struct in6_addr llsol;
1974 struct ifaddr *ifa;
1975 struct in6_multi *in6m_sol;
1976 struct in6_multi_mship *imm;
1977 struct rtentry *rt;
3e170ce0 1978 int delay, error = 0;
9bccf70c 1979
39236c6e 1980 VERIFY(ifp != NULL && ia != NULL);
6d2010ae 1981 ifa = &ia->ia_ifa;
39236c6e 1982 in6m_sol = NULL;
9bccf70c 1983
fe8ab488
A		 1984 nd6log2((LOG_DEBUG, "%s - %s ifp %s ia6_flags 0x%x ifaupflags 0x%x\n",
1985 __func__,
1986 ip6_sprintf(&ia->ia_addr.sin6_addr),
1987 if_name(ia->ia_ifp),
1988 ia->ia6_flags,
1989 ifaupflags));
1990
00867663
A		 1991 /*
1992 * Just to be safe, always clear certain flags when address
1993 * is being configured
1994 */
1995 ia->ia6_flags &= IN6_IFF_CLR_ADDR_FLAG_MASK;
1996
6d2010ae 1997 /*
316670eb 1998 * Mark the address as tentative before joining multicast addresses,
6d2010ae
A		 1999 * so that corresponding MLD responses would not have a tentative
2000 * source address.
2001 */
00867663 2002 if (in6if_do_dad(ifp)) {
316670eb 2003 in6_ifaddr_set_dadprogress(ia);
00867663
A		 2004 /*
2005 * Do not delay sending neighbor solicitations when using optimistic
2006 * duplicate address detection, c.f. RFC 4429.
2007 */
0a7de745 2008 if (ia->ia6_flags & IN6_IFF_OPTIMISTIC) {
00867663 2009 ifaupflags &= ~IN6_IFAUPDATE_DADDELAY;
0a7de745 2010 } else {
00867663 2011 ifaupflags |= IN6_IFAUPDATE_DADDELAY;
0a7de745 2012 }
00867663
A		 2013 } else {
2014 /*
2015 * If the interface has been marked to not perform
2016 * DAD, make sure to reset DAD in progress flags
2017 * that may come in from the caller.
2018 */
2019 ia->ia6_flags &= ~IN6_IFF_DADPROGRESS;
2020 }
39037602 2021
6d2010ae 2022 /* Join necessary multicast groups */
9bccf70c 2023 if ((ifp->if_flags & IFF_MULTICAST) != 0) {
6d2010ae 2024 /* join solicited multicast addr for new host id */
0a7de745 2025 bzero(&llsol, sizeof(struct in6_addr));
6d2010ae
A		 2026 llsol.s6_addr32[0] = IPV6_ADDR_INT32_MLL;
2027 llsol.s6_addr32[1] = 0;
2028 llsol.s6_addr32[2] = htonl(1);
39236c6e 2029 llsol.s6_addr32[3] = ia->ia_addr.sin6_addr.s6_addr32[3];
6d2010ae
A		 2030 llsol.s6_addr8[12] = 0xff;
2031 if ((error = in6_setscope(&llsol, ifp, NULL)) != 0) {
2032 /* XXX: should not happen */
39236c6e
A		 2033 log(LOG_ERR, "%s: in6_setscope failed\n", __func__);
2034 goto unwind;
6d2010ae
A		 2035 }
2036 delay = 0;
39236c6e 2037 if ((ifaupflags & IN6_IFAUPDATE_DADDELAY)) {
9bccf70c 2038 /*
6d2010ae
A		 2039 * We need a random delay for DAD on the address
2040 * being configured. It also means delaying
2041 * transmission of the corresponding MLD report to
39236c6e 2042 * avoid report collision. [RFC 4862]
9bccf70c 2043 */
39236c6e 2044 delay = random() % MAX_RTR_SOLICITATION_DELAY;
6d2010ae
A		 2045 }
2046 imm = in6_joingroup(ifp, &llsol, &error, delay);
2047 if (imm == NULL) {
2048 nd6log((LOG_WARNING,
39236c6e
A		 2049 "%s: addmulti failed for %s on %s (errno=%d)\n",
2050 __func__, ip6_sprintf(&llsol), if_name(ifp),
6d2010ae 2051 error));
39236c6e
A		 2052 VERIFY(error != 0);
2053 goto unwind;
9bccf70c 2054 }
6d2010ae
A		 2055 in6m_sol = imm->i6mm_maddr;
2056 /* take a refcount for this routine */
2057 IN6M_ADDREF(in6m_sol);
2058
2059 IFA_LOCK_SPIN(ifa);
2060 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
2061 IFA_UNLOCK(ifa);
9bccf70c 2062
0a7de745
A		 2063 bzero(&mltmask, sizeof(mltmask));
2064 mltmask.sin6_len = sizeof(struct sockaddr_in6);
9bccf70c
A		 2065 mltmask.sin6_family = AF_INET6;
2066 mltmask.sin6_addr = in6mask32;
0a7de745 2067#define MLTMASK_LEN 4 /* mltmask's masklen (=32bit=4octet) */
9bccf70c
A		 2068
2069 /*
2070 * join link-local all-nodes address
2071 */
0a7de745
A		 2072 bzero(&mltaddr, sizeof(mltaddr));
2073 mltaddr.sin6_len = sizeof(struct sockaddr_in6);
9bccf70c
A		 2074 mltaddr.sin6_family = AF_INET6;
2075 mltaddr.sin6_addr = in6addr_linklocal_allnodes;
0a7de745 2076 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0) {
39236c6e 2077 goto unwind; /* XXX: should not fail */
0a7de745 2078 }
6d2010ae
A		 2079 /*
2080 * XXX: do we really need this automatic routes?
2081 * We should probably reconsider this stuff. Most applications
2082 * actually do not need the routes, since they usually specify
2083 * the outgoing interface.
2084 */
2085 rt = rtalloc1_scoped((struct sockaddr *)&mltaddr, 0, 0UL,
2086 ia->ia_ifp->if_index);
2087 if (rt) {
316670eb
A		 2088 if (memcmp(&mltaddr.sin6_addr, &((struct sockaddr_in6 *)
2089 (void *)rt_key(rt))->sin6_addr, MLTMASK_LEN)) {
6d2010ae
A		 2090 rtfree(rt);
2091 rt = NULL;
9bccf70c
A		 2092 }
2093 }
6d2010ae
A		 2094 if (!rt) {
2095 error = rtrequest_scoped(RTM_ADD,
2096 (struct sockaddr *)&mltaddr,
2097 (struct sockaddr *)&ia->ia_addr,
2098 (struct sockaddr *)&mltmask, RTF_UP | RTF_CLONING,
2099 NULL, ia->ia_ifp->if_index);
0a7de745 2100 if (error) {
39236c6e 2101 goto unwind;
0a7de745 2102 }
6d2010ae
A		 2103 } else {
2104 rtfree(rt);
2105 }
2106
2107 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0);
2108 if (!imm) {
2109 nd6log((LOG_WARNING,
39236c6e
A		 2110 "%s: addmulti failed for %s on %s (errno=%d)\n",
2111 __func__, ip6_sprintf(&mltaddr.sin6_addr),
6d2010ae 2112 if_name(ifp), error));
39236c6e
A		 2113 VERIFY(error != 0);
2114 goto unwind;
6d2010ae
A		 2115 }
2116 IFA_LOCK_SPIN(ifa);
2117 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
2118 IFA_UNLOCK(ifa);
9bccf70c
A		 2119
2120 /*
2121 * join node information group address
2122 */
0a7de745 2123#define hostnamelen strlen(hostname)
6d2010ae 2124 delay = 0;
39236c6e 2125 if ((ifaupflags & IN6_IFAUPDATE_DADDELAY)) {
6d2010ae
A		 2126 /*
2127 * The spec doesn't say anything about delay for this
2128 * group, but the same logic should apply.
2129 */
39236c6e 2130 delay = random() % MAX_RTR_SOLICITATION_DELAY;
6d2010ae 2131 }
9bccf70c
A		 2132 if (in6_nigroup(ifp, hostname, hostnamelen, &mltaddr.sin6_addr)
2133 == 0) {
6d2010ae
A		 2134 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error,
2135 delay); /* XXX jinmei */
2136 if (!imm) {
39236c6e
A		 2137 nd6log((LOG_WARNING,
2138 "%s: addmulti failed for %s on %s "
6d2010ae 2139 "(errno=%d)\n",
39236c6e 2140 __func__, ip6_sprintf(&mltaddr.sin6_addr),
6d2010ae
A		 2141 if_name(ifp), error));
2142 /* XXX not very fatal, go on... */
39236c6e 2143 error = 0;
6d2010ae
A		 2144 } else {
2145 IFA_LOCK_SPIN(ifa);
2146 LIST_INSERT_HEAD(&ia->ia6_memberships,
2147 imm, i6mm_chain);
2148 IFA_UNLOCK(ifa);
9bccf70c
A		 2149 }
2150 }
2151#undef hostnamelen
2152
2153 /*
6d2010ae
A		 2154 * join interface-local all-nodes address.
2155 * (ff01::1%ifN, and ff01::%ifN/32)
9bccf70c 2156 */
6d2010ae 2157 mltaddr.sin6_addr = in6addr_nodelocal_allnodes;
0a7de745 2158 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0) {
39236c6e 2159 goto unwind; /* XXX: should not fail */
0a7de745 2160 }
6d2010ae
A		 2161 /* XXX: again, do we really need the route? */
2162 rt = rtalloc1_scoped((struct sockaddr *)&mltaddr, 0, 0UL,
2163 ia->ia_ifp->if_index);
2164 if (rt) {
316670eb
A		 2165 if (memcmp(&mltaddr.sin6_addr, &((struct sockaddr_in6 *)
2166 (void *)rt_key(rt))->sin6_addr, MLTMASK_LEN)) {
6d2010ae
A		 2167 rtfree(rt);
2168 rt = NULL;
9bccf70c
A		 2169 }
2170 }
6d2010ae
A		 2171 if (!rt) {
2172 error = rtrequest_scoped(RTM_ADD,
2173 (struct sockaddr *)&mltaddr,
2174 (struct sockaddr *)&ia->ia_addr,
2175 (struct sockaddr *)&mltmask, RTF_UP | RTF_CLONING,
2176 NULL, ia->ia_ifp->if_index);
0a7de745 2177 if (error) {
39236c6e 2178 goto unwind;
0a7de745
A		 2179 }
2180 } else {
6d2010ae 2181 rtfree(rt);
0a7de745 2182 }
6d2010ae
A		 2183
2184 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0);
2185 if (!imm) {
39236c6e
A		 2186 nd6log((LOG_WARNING,
2187 "%s: addmulti failed for %s on %s (errno=%d)\n",
2188 __func__, ip6_sprintf(&mltaddr.sin6_addr),
6d2010ae 2189 if_name(ifp), error));
39236c6e
A		 2190 VERIFY(error != 0);
2191 goto unwind;
6d2010ae
A		 2192 }
2193 IFA_LOCK(ifa);
2194 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
39236c6e 2195 IFA_UNLOCK(ifa);
9bccf70c 2196 }
0a7de745 2197#undef MLTMASK_LEN
39236c6e 2198
39236c6e
A		 2199 /* Ensure nd6_service() is scheduled as soon as it's convenient */
2200 ++nd6_sched_timeout_want;
9bccf70c
A		 2201
2202 /*
2203 * Perform DAD, if needed.
2204 * XXX It may be of use, if we can administratively
2205 * disable DAD.
2206 */
39236c6e
A		 2207 IFA_LOCK_SPIN(ifa);
2208 if (in6if_do_dad(ifp) && ((ifa->ifa_flags & IN6_IFF_NODAD) == 0) &&
2209 (ia->ia6_flags & IN6_IFF_DADPROGRESS)) {
6d2010ae 2210 int mindelay, maxdelay;
316670eb 2211 int *delayptr, delayval;
9bccf70c 2212
6d2010ae 2213 IFA_UNLOCK(ifa);
39236c6e 2214 delayptr = NULL;
fe8ab488
A		 2215 /*
2216 * Avoid the DAD delay if the caller wants us to skip it.
2217 * This is not compliant with RFC 2461, but it's only being
2218 * used for signalling and not for actual DAD.
2219 */
2220 if ((ifaupflags & IN6_IFAUPDATE_DADDELAY) &&
2221 !(ia->ia6_flags & IN6_IFF_SWIFTDAD)) {
39236c6e
A		 2222 /*
2223 * We need to impose a delay before sending an NS
2224 * for DAD. Check if we also needed a delay for the
2225 * corresponding MLD message. If we did, the delay
2226 * should be larger than the MLD delay (this could be
2227 * relaxed a bit, but this simple logic is at least
2228 * safe).
2229 */
2230 mindelay = 0;
2231 if (in6m_sol != NULL) {
2232 IN6M_LOCK(in6m_sol);
2233 if (in6m_sol->in6m_state ==
0a7de745 2234 MLD_REPORTING_MEMBER) {
39236c6e 2235 mindelay = in6m_sol->in6m_timer;
0a7de745 2236 }
39236c6e
A		 2237 IN6M_UNLOCK(in6m_sol);
2238 }
2239 maxdelay = MAX_RTR_SOLICITATION_DELAY * hz;
0a7de745 2240 if (maxdelay - mindelay == 0) {
39236c6e 2241 delayval = 0;
0a7de745 2242 } else {
39236c6e
A		 2243 delayval =
2244 (random() % (maxdelay - mindelay)) +
2245 mindelay;
2246 }
2247 delayptr = &delayval;
2248 }
2249
2250 nd6_dad_start((struct ifaddr *)ia, delayptr);
2251 } else {
2252 IFA_UNLOCK(ifa);
2253 }
2254
2255 goto done;
2256
2257unwind:
2258 VERIFY(error != 0);
2259 in6_purgeaddr(&ia->ia_ifa);
2260
2261done:
2262 /* release reference held for this routine */
0a7de745 2263 if (in6m_sol != NULL) {
39236c6e 2264 IN6M_REMREF(in6m_sol);
0a7de745
A		 2265 }
2266 return error;
39236c6e
A		 2267}
2268
2269/*
2270 * Request an IPv6 interface address. If the address is new, then it will be
2271 * constructed and appended to the interface address chains. The interface
2272 * address structure is optionally returned with a reference for the caller.
2273 */
2274int
2275in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, int ifaupflags,
2276 struct in6_ifaddr **iar)
2277{
2278 struct in6_addrlifetime ia6_lt;
2279 struct in6_ifaddr *ia;
2280 struct ifaddr *ifa;
2281 struct ifaddr *xifa;
2282 struct in6_addrlifetime *lt;
2283 uint64_t timenow;
2284 int plen, error;
2285
2286 /* Sanity check parameters and initialize locals */
2287 VERIFY(ifp != NULL && ifra != NULL && iar != NULL);
2288 ia = NULL;
2289 ifa = NULL;
2290 error = 0;
2291
2292 /*
2293 * We always require users to specify a valid IPv6 address for
2294 * the corresponding operation.
2295 */
2296 if (ifra->ifra_addr.sin6_family != AF_INET6 ||
0a7de745 2297 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) {
39236c6e
A		 2298 error = EAFNOSUPPORT;
2299 goto unwind;
2300 }
2301
2302 /* Validate ifra_prefixmask.sin6_len is properly bounded. */
2303 if (ifra->ifra_prefixmask.sin6_len == 0 ||
0a7de745 2304 ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6)) {
39236c6e
A		 2305 error = EINVAL;
2306 goto unwind;
2307 }
2308
2309 /* Validate prefix length extracted from ifra_prefixmask structure. */
2310 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
2311 (u_char *)&ifra->ifra_prefixmask + ifra->ifra_prefixmask.sin6_len);
2312 if (plen <= 0) {
2313 error = EINVAL;
2314 goto unwind;
2315 }
2316
2317 /* Validate lifetimes */
2318 lt = &ifra->ifra_lifetime;
2319 if (lt->ia6t_pltime > lt->ia6t_vltime) {
2320 log(LOG_INFO,
2321 "%s: pltime 0x%x > vltime 0x%x for %s\n", __func__,
2322 lt->ia6t_pltime, lt->ia6t_vltime,
2323 ip6_sprintf(&ifra->ifra_addr.sin6_addr));
2324 error = EINVAL;
2325 goto unwind;
2326 }
2327 if (lt->ia6t_vltime == 0) {
2328 /*
2329 * the following log might be noisy, but this is a typical
2330 * configuration mistake or a tool's bug.
2331 */
2332 log(LOG_INFO, "%s: valid lifetime is 0 for %s\n", __func__,
2333 ip6_sprintf(&ifra->ifra_addr.sin6_addr));
2334 }
2335
2336 /*
2337 * Before we lock the ifnet structure, we first check to see if the
2338 * address already exists. If so, then we don't allocate and link a
2339 * new one here.
2340 */
2341 ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr);
0a7de745 2342 if (ia != NULL) {
39236c6e 2343 ifa = &ia->ia_ifa;
0a7de745 2344 }
39236c6e
A		 2345
2346 /*
2347 * Validate destination address on interface types that require it.
2348 */
0a7de745 2349 if ((ifp->if_flags & (IFF_LOOPBACK | IFF_POINTOPOINT)) != 0) {
39236c6e
A		 2350 switch (ifra->ifra_dstaddr.sin6_family) {
2351 case AF_INET6:
2352 if (plen != 128) {
2353 /* noisy message for diagnostic purposes */
2354 log(LOG_INFO,
2355 "%s: prefix length < 128 with"
2356 " explicit dstaddr.\n", __func__);
2357 error = EINVAL;
2358 goto unwind;
2359 }
2360 break;
2361
2362 case AF_UNSPEC:
2363 break;
2364
2365 default:
2366 error = EAFNOSUPPORT;
2367 goto unwind;
2368 }
2369 } else if (ifra->ifra_dstaddr.sin6_family != AF_UNSPEC) {
2370 log(LOG_INFO,
2371 "%s: dstaddr valid only on p2p and loopback interfaces.\n",
2372 __func__);
2373 error = EINVAL;
2374 goto unwind;
2375 }
2376
2377 timenow = net_uptime();
2378
2379 if (ia == NULL) {
2380 int how;
2381
2382 /* Is this the first new IPv6 address for the interface? */
2383 ifaupflags |= IN6_IFAUPDATE_NEWADDR;
2384
2385 /* Allocate memory for IPv6 interface address structure. */
2386 how = !(ifaupflags & IN6_IFAUPDATE_NOWAIT) ? M_WAITOK : 0;
2387 ia = in6_ifaddr_alloc(how);
2388 if (ia == NULL) {
2389 error = ENOBUFS;
2390 goto unwind;
2391 }
2392
2393 ifa = &ia->ia_ifa;
2394
2395 /*
2396 * Initialize interface address structure.
2397 *
2398 * Note well: none of these sockaddr_in6 structures contain a
2399 * valid sin6_port, sin6_flowinfo or even a sin6_scope_id field.
2400 * We still embed link-local scope identifiers at the end of an
2401 * arbitrary fe80::/32 prefix, for historical reasons. Also, the
2402 * ifa_dstaddr field is always non-NULL on point-to-point and
2403 * loopback interfaces, and conventionally points to a socket
2404 * address of AF_UNSPEC family when there is no destination.
2405 *
2406 * Please enjoy the dancing sea turtle.
2407 */
2408 IFA_ADDREF(ifa); /* for this and optionally for caller */
2409 ifa->ifa_addr = (struct sockaddr *)&ia->ia_addr;
2410 if (ifra->ifra_dstaddr.sin6_family == AF_INET6 ||
0a7de745 2411 (ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) {
39236c6e 2412 ifa->ifa_dstaddr = (struct sockaddr *)&ia->ia_dstaddr;
0a7de745 2413 }
39236c6e
A		 2414 ifa->ifa_netmask = (struct sockaddr *)&ia->ia_prefixmask;
2415 ifa->ifa_ifp = ifp;
2416 ifa->ifa_metric = ifp->if_metric;
2417 ifa->ifa_rtrequest = nd6_rtrequest;
2418
2419 LIST_INIT(&ia->ia6_memberships);
2420 ia->ia_addr.sin6_family = AF_INET6;
0a7de745 2421 ia->ia_addr.sin6_len = sizeof(ia->ia_addr);
39236c6e
A		 2422 ia->ia_addr.sin6_addr = ifra->ifra_addr.sin6_addr;
2423 ia->ia_prefixmask.sin6_family = AF_INET6;
0a7de745 2424 ia->ia_prefixmask.sin6_len = sizeof(ia->ia_prefixmask);
39236c6e
A		 2425 ia->ia_prefixmask.sin6_addr = ifra->ifra_prefixmask.sin6_addr;
2426 error = in6_to_kamescope(&ia->ia_addr, ifp);
0a7de745 2427 if (error != 0) {
39236c6e 2428 goto unwind;
0a7de745 2429 }
39236c6e
A		 2430 if (ifa->ifa_dstaddr != NULL) {
2431 ia->ia_dstaddr = ifra->ifra_dstaddr;
2432 error = in6_to_kamescope(&ia->ia_dstaddr, ifp);
0a7de745 2433 if (error != 0) {
39236c6e 2434 goto unwind;
0a7de745 2435 }
39236c6e
A		 2436 }
2437
2438 /* Append to address chains */
2439 ifnet_lock_exclusive(ifp);
2440 ifaupflags |= IN6_IFAUPDATE_1STADDR;
2441 TAILQ_FOREACH(xifa, &ifp->if_addrlist, ifa_list) {
2442 IFA_LOCK_SPIN(xifa);
2443 if (xifa->ifa_addr->sa_family != AF_INET6) {
2444 IFA_UNLOCK(xifa);
2445 ifaupflags &= ~IN6_IFAUPDATE_1STADDR;
2446 break;
2447 }
2448 IFA_UNLOCK(xifa);
2449 }
2450
2451 IFA_LOCK_SPIN(ifa);
2452 if_attach_ifa(ifp, ifa); /* holds reference for ifnet link */
2453 IFA_UNLOCK(ifa);
2454 ifnet_lock_done(ifp);
2455
2456 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
2457 if (in6_ifaddrs != NULL) {
2458 struct in6_ifaddr *iac;
2459 for (iac = in6_ifaddrs; iac->ia_next != NULL;
0a7de745 2460 iac = iac->ia_next) {
39236c6e 2461 continue;
0a7de745 2462 }
39236c6e
A		 2463 iac->ia_next = ia;
2464 } else {
2465 in6_ifaddrs = ia;
6d2010ae 2466 }
39236c6e
A		 2467 IFA_ADDREF(ifa); /* hold for in6_ifaddrs link */
2468 lck_rw_done(&in6_ifaddr_rwlock);
6d2010ae 2469 } else {
39236c6e 2470 ifa = &ia->ia_ifa;
0a7de745 2471 ifaupflags &= ~(IN6_IFAUPDATE_NEWADDR | IN6_IFAUPDATE_1STADDR);
6d2010ae 2472 }
9bccf70c 2473
39236c6e
A		 2474 VERIFY(ia != NULL && ifa == &ia->ia_ifa);
2475 IFA_LOCK(ifa);
2476
2477 /*
2478 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred
2479 * to see if the address is deprecated or invalidated, but initialize
2480 * these members for applications.
2481 */
2482 ia->ia6_updatetime = ia->ia6_createtime = timenow;
2483 ia6_lt = *lt;
0a7de745 2484 if (ia6_lt.ia6t_vltime != ND6_INFINITE_LIFETIME) {
39236c6e 2485 ia6_lt.ia6t_expire = timenow + ia6_lt.ia6t_vltime;
0a7de745 2486 } else {
39236c6e 2487 ia6_lt.ia6t_expire = 0;
0a7de745
A		 2488 }
2489 if (ia6_lt.ia6t_pltime != ND6_INFINITE_LIFETIME) {
39236c6e 2490 ia6_lt.ia6t_preferred = timenow + ia6_lt.ia6t_pltime;
0a7de745 2491 } else {
39236c6e 2492 ia6_lt.ia6t_preferred = 0;
0a7de745 2493 }
39236c6e
A		 2494 in6ifa_setlifetime(ia, &ia6_lt);
2495
9bccf70c 2496 /*
39236c6e
A		 2497 * Backward compatibility - if IN6_IFF_DEPRECATED is set from the
2498 * userland, make it deprecated.
9bccf70c 2499 */
39236c6e
A		 2500 if ((ia->ia6_flags & IN6_IFF_DEPRECATED) != 0) {
2501 ia->ia6_lifetime.ia6ti_pltime = 0;
2502 ia->ia6_lifetime.ia6ti_preferred = timenow;
6d2010ae 2503 }
6d2010ae 2504
39236c6e
A		 2505 /*
2506 * Update flag or prefix length
2507 */
2508 ia->ia_plen = plen;
2509 ia->ia6_flags = ifra->ifra_flags;
2510
2511 /* Release locks (new address available to concurrent tasks) */
2512 IFA_UNLOCK(ifa);
2513
2514 /* Further initialization of the interface address */
2515 error = in6_ifinit(ifp, ia, ifaupflags);
0a7de745 2516 if (error != 0) {
39236c6e 2517 goto unwind;
0a7de745 2518 }
39236c6e
A		 2519
2520 /* Finish updating the address while other tasks are working with it */
2521 error = in6_ifaupdate_aux(ia, ifp, ifaupflags);
0a7de745 2522 if (error != 0) {
39236c6e 2523 goto unwind;
0a7de745 2524 }
39236c6e
A		 2525
2526 /* Return success (optionally w/ address for caller). */
2527 VERIFY(error == 0);
2528 (void) ifnet_notify_address(ifp, AF_INET6);
6d2010ae 2529 goto done;
39236c6e
A		 2530
2531unwind:
2532 VERIFY(error != 0);
2533 if (ia != NULL) {
2534 VERIFY(ifa == &ia->ia_ifa);
2535 IFA_REMREF(ifa);
2536 ia = NULL;
2537 }
2538
2539done:
2540 *iar = ia;
0a7de745 2541 return error;
9bccf70c
A		 2542}
2543
2544void
6d2010ae 2545in6_purgeaddr(struct ifaddr *ifa)
9bccf70c
A		 2546{
2547 struct ifnet *ifp = ifa->ifa_ifp;
39236c6e 2548 struct in6_ifaddr *ia = (struct in6_ifaddr *)ifa;
6d2010ae
A		 2549 struct in6_multi_mship *imm;
2550
5ba3f43e 2551 LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED);
9bccf70c
A		 2552
2553 /* stop DAD processing */
55e303ae 2554 nd6_dad_stop(ifa);
9bccf70c
A		 2555
2556 /*
2557 * delete route to the destination of the address being purged.
2558 * The interface must be p2p or loopback in this case.
2559 */
6d2010ae 2560 IFA_LOCK(ifa);
39236c6e
A		 2561 if ((ia->ia_flags & IFA_ROUTE) && ia->ia_plen == 128) {
2562 int error, rtf;
9bccf70c 2563
6d2010ae 2564 IFA_UNLOCK(ifa);
39236c6e
A		 2565 rtf = (ia->ia_dstaddr.sin6_family == AF_INET6) ? RTF_HOST : 0;
2566 error = rtinit(&(ia->ia_ifa), RTM_DELETE, rtf);
2567 if (error != 0) {
9bccf70c
A		 2568 log(LOG_ERR, "in6_purgeaddr: failed to remove "
2569 "a route to the p2p destination: %s on %s, "
2570 "errno=%d\n",
2571 ip6_sprintf(&ia->ia_addr.sin6_addr), if_name(ifp),
39236c6e 2572 error);
9bccf70c 2573 /* proceed anyway... */
6d2010ae 2574 }
39236c6e
A		 2575 IFA_LOCK_SPIN(ifa);
2576 ia->ia_flags &= ~IFA_ROUTE;
9bccf70c 2577 }
39236c6e 2578 IFA_UNLOCK(ifa);
9bccf70c
A		 2579
2580 /* Remove ownaddr's loopback rtentry, if it exists. */
6d2010ae 2581 in6_ifremloop(&(ia->ia_ifa));
1c79356b 2582
6d2010ae
A		 2583 /*
2584 * leave from multicast groups we have joined for the interface
2585 */
2586 IFA_LOCK(ifa);
2587 while ((imm = ia->ia6_memberships.lh_first) != NULL) {
2588 LIST_REMOVE(imm, i6mm_chain);
2589 IFA_UNLOCK(ifa);
2590 in6_leavegroup(imm);
2591 IFA_LOCK(ifa);
1c79356b 2592 }
6d2010ae 2593 IFA_UNLOCK(ifa);
1c79356b 2594
6d2010ae
A		 2595 /* in6_unlink_ifa() will need exclusive access */
2596 in6_unlink_ifa(ia, ifp);
fe8ab488 2597 in6_post_msg(ifp, KEV_INET6_ADDR_DELETED, ia, NULL);
39236c6e
A		 2598
2599 (void) ifnet_notify_address(ifp, AF_INET6);
9bccf70c
A		 2600}
2601
2602static void
6d2010ae 2603in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp)
9bccf70c 2604{
9bccf70c 2605 struct in6_ifaddr *oia;
6d2010ae
A		 2606 struct ifaddr *ifa;
2607 int unlinked;
2608
5ba3f43e 2609 LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED);
6d2010ae
A		 2610
2611 ifa = &ia->ia_ifa;
2612 IFA_ADDREF(ifa);
9bccf70c 2613
91447636 2614 ifnet_lock_exclusive(ifp);
6d2010ae 2615 IFA_LOCK(ifa);
0a7de745 2616 if (ifa->ifa_debug & IFD_ATTACHED) {
6d2010ae 2617 if_detach_ifa(ifp, ifa);
0a7de745 2618 }
6d2010ae 2619 IFA_UNLOCK(ifa);
91447636 2620 ifnet_lock_done(ifp);
1c79356b 2621
6d2010ae
A		 2622 unlinked = 1;
2623 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
1c79356b 2624 oia = ia;
6d2010ae 2625 if (oia == (ia = in6_ifaddrs)) {
91447636 2626 in6_ifaddrs = ia->ia_next;
6d2010ae 2627 } else {
0a7de745 2628 while (ia->ia_next && (ia->ia_next != oia)) {
1c79356b 2629 ia = ia->ia_next;
0a7de745 2630 }
6d2010ae 2631 if (ia->ia_next) {
1c79356b 2632 ia->ia_next = oia->ia_next;
6d2010ae 2633 } else {
9bccf70c 2634 /* search failed */
39236c6e 2635 log(LOG_NOTICE, "%s: search failed.\n", __func__);
6d2010ae 2636 unlinked = 0;
9bccf70c 2637 }
1c79356b 2638 }
1c79356b 2639
9bccf70c 2640 /*
3e170ce0
A		 2641 * When IPv6 address is being removed, release the
2642 * reference to the base prefix.
2643 * Also, since the release might, affect the status
2644 * of other (detached) addresses, call
9bccf70c
A		 2645 * pfxlist_onlink_check().
2646 */
6d2010ae
A		 2647 ifa = &oia->ia_ifa;
2648 IFA_LOCK(ifa);
39037602
A		 2649 /*
2650 * Only log the below message for addresses other than
2651 * link local.
2652 * Only one LLA (auto-configured or statically) is allowed
2653 * on an interface.
2654 * LLA prefix, while added to the prefix list, is not
2655 * reference countedi (as it is the only one).
2656 * The prefix also never expires on its own as LLAs
2657 * have infinite lifetime.
2658 *
2659 * For now quiece down the log message for LLAs.
2660 */
2661 if (!IN6_IS_ADDR_LINKLOCAL(&oia->ia_addr.sin6_addr)) {
0a7de745 2662 if (oia->ia6_ndpr == NULL) {
39037602
A		 2663 log(LOG_NOTICE, "in6_unlink_ifa: IPv6 address "
2664 "0x%llx has no prefix\n",
2665 (uint64_t)VM_KERNEL_ADDRPERM(oia));
0a7de745 2666 } else {
39037602
A		 2667 struct nd_prefix *pr = oia->ia6_ndpr;
2668 oia->ia6_flags &= ~IN6_IFF_AUTOCONF;
2669 oia->ia6_ndpr = NULL;
2670 NDPR_LOCK(pr);
2671 VERIFY(pr->ndpr_addrcnt != 0);
2672 pr->ndpr_addrcnt--;
0a7de745 2673 if (oia->ia6_flags & IN6_IFF_CLAT46) {
d9a64523 2674 pr->ndpr_stateflags &= ~NDPRF_CLAT46;
0a7de745 2675 }
39037602 2676 NDPR_UNLOCK(pr);
0a7de745 2677 NDPR_REMREF(pr); /* release addr reference */
39037602 2678 }
3e170ce0
A		 2679 }
2680 IFA_UNLOCK(ifa);
2681 lck_rw_done(&in6_ifaddr_rwlock);
6d2010ae 2682
3e170ce0 2683 if ((oia->ia6_flags & IN6_IFF_AUTOCONF) != 0) {
6d2010ae
A		 2684 lck_mtx_lock(nd6_mutex);
2685 pfxlist_onlink_check();
91447636 2686 lck_mtx_unlock(nd6_mutex);
6d2010ae 2687 }
9bccf70c 2688 /*
91447636 2689 * release another refcnt for the link from in6_ifaddrs.
6d2010ae
A		 2690 * Do this only if it's not already unlinked in the event that we lost
2691 * the race, since in6_ifaddr_rwlock was momentarily dropped above.
9bccf70c 2692 */
0a7de745 2693 if (unlinked) {
6d2010ae 2694 IFA_REMREF(ifa);
0a7de745 2695 }
9bccf70c 2696
6d2010ae
A		 2697 /* release reference held for this routine */
2698 IFA_REMREF(ifa);
39236c6e
A		 2699
2700 /* invalidate route caches */
2701 routegenid_inet6_update();
9bccf70c
A		 2702}
2703
2704void
6d2010ae 2705in6_purgeif(struct ifnet *ifp)
9bccf70c 2706{
6d2010ae 2707 struct in6_ifaddr *ia;
9bccf70c 2708
0a7de745 2709 if (ifp == NULL) {
9bccf70c 2710 return;
0a7de745 2711 }
6d2010ae 2712
5ba3f43e 2713 LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED);
6d2010ae
A		 2714
2715 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
2716 ia = in6_ifaddrs;
2717 while (ia != NULL) {
2718 if (ia->ia_ifa.ifa_ifp != ifp) {
2719 ia = ia->ia_next;
9bccf70c 2720 continue;
6d2010ae 2721 }
0a7de745 2722 IFA_ADDREF(&ia->ia_ifa); /* for us */
6d2010ae
A		 2723 lck_rw_done(&in6_ifaddr_rwlock);
2724 in6_purgeaddr(&ia->ia_ifa);
0a7de745 2725 IFA_REMREF(&ia->ia_ifa); /* for us */
316670eb 2726 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
6d2010ae
A		 2727 /*
2728 * Purging the address would have caused
2729 * in6_ifaddr_rwlock to be dropped and reacquired;
2730 * therefore search again from the beginning
2731 * of in6_ifaddrs list.
2732 */
2733 ia = in6_ifaddrs;
9bccf70c 2734 }
6d2010ae 2735 lck_rw_done(&in6_ifaddr_rwlock);
9bccf70c
A		 2736
2737 in6_ifdetach(ifp);
1c79356b
A		 2738}
2739
1c79356b 2740/*
39236c6e 2741 * Initialize an interface's internet6 address and routing table entry.
1c79356b 2742 */
9bccf70c 2743static int
39236c6e 2744in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia, int ifaupflags)
1c79356b 2745{
39236c6e 2746 int error;
9bccf70c 2747 struct ifaddr *ifa;
1c79356b 2748
39236c6e 2749 error = 0;
6d2010ae 2750 ifa = &ia->ia_ifa;
1c79356b 2751
316670eb
A		 2752 /*
2753 * NOTE: SIOCSIFADDR is defined with struct ifreq as parameter,
2754 * but here we are sending it down to the interface with a pointer
2755 * to struct ifaddr, for legacy reasons.
2756 */
39236c6e
A		 2757 if ((ifaupflags & IN6_IFAUPDATE_1STADDR) != 0) {
2758 error = ifnet_ioctl(ifp, PF_INET6, SIOCSIFADDR, ia);
2759 if (error != 0) {
0a7de745
A		 2760 if (error != EOPNOTSUPP) {
2761 return error;
2762 }
39236c6e
A		 2763 error = 0;
2764 }
1c79356b 2765 }
1c79356b 2766
6d2010ae 2767 IFA_LOCK(ifa);
1c79356b 2768
9bccf70c
A		 2769 /*
2770 * Special case:
2771 * If the destination address is specified for a point-to-point
2772 * interface, install a route to the destination as an interface
2773 * direct route.
2774 */
39236c6e
A		 2775 if (!(ia->ia_flags & IFA_ROUTE) && ia->ia_plen == 128 &&
2776 ia->ia_dstaddr.sin6_family == AF_INET6) {
6d2010ae 2777 IFA_UNLOCK(ifa);
39236c6e 2778 error = rtinit(ifa, RTM_ADD, RTF_UP | RTF_HOST);
0a7de745
A		 2779 if (error != 0) {
2780 return error;
2781 }
6d2010ae 2782 IFA_LOCK(ifa);
9bccf70c
A		 2783 ia->ia_flags |= IFA_ROUTE;
2784 }
6d2010ae 2785 IFA_LOCK_ASSERT_HELD(ifa);
39236c6e 2786 if (ia->ia_plen < 128) {
1c79356b 2787 /*
9bccf70c 2788 * The RTF_CLONING flag is necessary for in6_is_ifloop_auto().
1c79356b 2789 */
39236c6e 2790 ia->ia_flags |= RTF_CLONING;
1c79356b 2791 }
9bccf70c 2792
39236c6e
A		 2793 IFA_UNLOCK(ifa);
2794
55e303ae 2795 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */
0a7de745 2796 if ((ifaupflags & IN6_IFAUPDATE_NEWADDR) != 0) {
39236c6e 2797 in6_ifaddloop(ifa);
0a7de745 2798 }
9bccf70c 2799
39236c6e
A		 2800 /* invalidate route caches */
2801 routegenid_inet6_update();
2802
2803 VERIFY(error == 0);
0a7de745 2804 return 0;
1c79356b 2805}
9bccf70c 2806
1c79356b 2807void
6d2010ae 2808in6_purgeaddrs(struct ifnet *ifp)
1c79356b 2809{
6d2010ae 2810 in6_purgeif(ifp);
1c79356b 2811}
1c79356b
A		 2812
2813/*
2814 * Find an IPv6 interface link-local address specific to an interface.
2815 */
2816struct in6_ifaddr *
39037602 2817in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags)
1c79356b 2818{
9bccf70c 2819 struct ifaddr *ifa;
1c79356b 2820
91447636 2821 ifnet_lock_shared(ifp);
9bccf70c 2822 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list)
1c79356b 2823 {
6d2010ae
A		 2824 IFA_LOCK_SPIN(ifa);
2825 if (ifa->ifa_addr->sa_family != AF_INET6) {
2826 IFA_UNLOCK(ifa);
1c79356b 2827 continue;
6d2010ae 2828 }
1c79356b
A		 2829 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) {
2830 if ((((struct in6_ifaddr *)ifa)->ia6_flags &
39236c6e 2831 ignoreflags) != 0) {
6d2010ae 2832 IFA_UNLOCK(ifa);
1c79356b 2833 continue;
6d2010ae 2834 }
0a7de745 2835 IFA_ADDREF_LOCKED(ifa); /* for caller */
6d2010ae 2836 IFA_UNLOCK(ifa);
1c79356b
A		 2837 break;
2838 }
6d2010ae 2839 IFA_UNLOCK(ifa);
1c79356b 2840 }
91447636 2841 ifnet_lock_done(ifp);
1c79356b 2842
0a7de745 2843 return (struct in6_ifaddr *)ifa;
1c79356b
A		 2844}
2845
d9a64523
A		 2846struct in6_ifaddr *
2847in6ifa_ifpwithflag(struct ifnet * ifp, int flag)
2848{
2849 struct ifaddr *ifa;
2850
2851 ifnet_lock_shared(ifp);
2852 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list)
2853 {
2854 IFA_LOCK_SPIN(ifa);
0a7de745 2855 if (ifa->ifa_addr->sa_family != AF_INET6) {
d9a64523
A		 2856 IFA_UNLOCK(ifa);
2857 continue;
2858 }
2859 if ((((struct in6_ifaddr *)ifa)->ia6_flags & flag) == flag) {
2860 IFA_ADDREF_LOCKED(ifa);
2861 IFA_UNLOCK(ifa);
2862 break;
2863 }
2864 IFA_UNLOCK(ifa);
2865 }
2866 ifnet_lock_done(ifp);
2867
0a7de745 2868 return (struct in6_ifaddr *)ifa;
d9a64523
A		 2869}
2870
1c79356b
A		 2871/*
2872 * find the internet address corresponding to a given interface and address.
2873 */
2874struct in6_ifaddr *
39037602 2875in6ifa_ifpwithaddr(struct ifnet *ifp, struct in6_addr *addr)
1c79356b 2876{
9bccf70c 2877 struct ifaddr *ifa;
1c79356b 2878
91447636 2879 ifnet_lock_shared(ifp);
9bccf70c 2880 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list)
1c79356b 2881 {
6d2010ae
A		 2882 IFA_LOCK_SPIN(ifa);
2883 if (ifa->ifa_addr->sa_family != AF_INET6) {
2884 IFA_UNLOCK(ifa);
1c79356b 2885 continue;
6d2010ae
A		 2886 }
2887 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) {
0a7de745 2888 IFA_ADDREF_LOCKED(ifa); /* for caller */
6d2010ae 2889 IFA_UNLOCK(ifa);
1c79356b 2890 break;
6d2010ae
A		 2891 }
2892 IFA_UNLOCK(ifa);
1c79356b 2893 }
91447636 2894 ifnet_lock_done(ifp);
1c79356b 2895
0a7de745 2896 return (struct in6_ifaddr *)ifa;
1c79356b
A		 2897}
2898
316670eb
A		 2899struct in6_ifaddr *
2900in6ifa_prproxyaddr(struct in6_addr *addr)
2901{
2902 struct in6_ifaddr *ia;
2903
2904 lck_rw_lock_shared(&in6_ifaddr_rwlock);
2905 for (ia = in6_ifaddrs; ia; ia = ia->ia_next) {
2906 IFA_LOCK(&ia->ia_ifa);
2907 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(&ia->ia_ifa))) {
0a7de745 2908 IFA_ADDREF_LOCKED(&ia->ia_ifa); /* for caller */
316670eb
A		 2909 IFA_UNLOCK(&ia->ia_ifa);
2910 break;
2911 }
2912 IFA_UNLOCK(&ia->ia_ifa);
2913 }
2914 lck_rw_done(&in6_ifaddr_rwlock);
2915
2916 if (ia != NULL && !nd6_prproxy_ifaddr(ia)) {
2917 IFA_REMREF(&ia->ia_ifa);
2918 ia = NULL;
2919 }
2920
0a7de745 2921 return ia;
316670eb
A		 2922}
2923
39236c6e
A		 2924void
2925in6ifa_getlifetime(struct in6_ifaddr *ia6, struct in6_addrlifetime *t_dst,
2926 int iscalendar)
2927{
2928 struct in6_addrlifetime_i *t_src = &ia6->ia6_lifetime;
2929 struct timeval caltime;
2930
2931 t_dst->ia6t_vltime = t_src->ia6ti_vltime;
2932 t_dst->ia6t_pltime = t_src->ia6ti_pltime;
2933 t_dst->ia6t_expire = 0;
2934 t_dst->ia6t_preferred = 0;
2935
2936 /* account for system time change */
2937 getmicrotime(&caltime);
2938 t_src->ia6ti_base_calendartime +=
2939 NET_CALCULATE_CLOCKSKEW(caltime,
2940 t_src->ia6ti_base_calendartime, net_uptime(),
2941 t_src->ia6ti_base_uptime);
2942
2943 if (iscalendar) {
2944 if (t_src->ia6ti_expire != 0 &&
0a7de745 2945 t_src->ia6ti_vltime != ND6_INFINITE_LIFETIME) {
39236c6e
A		 2946 t_dst->ia6t_expire = t_src->ia6ti_base_calendartime +
2947 t_src->ia6ti_expire - t_src->ia6ti_base_uptime;
0a7de745 2948 }
39236c6e
A		 2949
2950 if (t_src->ia6ti_preferred != 0 &&
0a7de745 2951 t_src->ia6ti_pltime != ND6_INFINITE_LIFETIME) {
39236c6e
A		 2952 t_dst->ia6t_preferred = t_src->ia6ti_base_calendartime +
2953 t_src->ia6ti_preferred - t_src->ia6ti_base_uptime;
0a7de745 2954 }
39236c6e
A		 2955 } else {
2956 if (t_src->ia6ti_expire != 0 &&
0a7de745 2957 t_src->ia6ti_vltime != ND6_INFINITE_LIFETIME) {
39236c6e 2958 t_dst->ia6t_expire = t_src->ia6ti_expire;
0a7de745 2959 }
39236c6e
A		 2960
2961 if (t_src->ia6ti_preferred != 0 &&
0a7de745 2962 t_src->ia6ti_pltime != ND6_INFINITE_LIFETIME) {
39236c6e 2963 t_dst->ia6t_preferred = t_src->ia6ti_preferred;
0a7de745 2964 }
39236c6e
A		 2965 }
2966}
2967
2968void
2969in6ifa_setlifetime(struct in6_ifaddr *ia6, struct in6_addrlifetime *t_src)
2970{
2971 struct in6_addrlifetime_i *t_dst = &ia6->ia6_lifetime;
2972 struct timeval caltime;
2973
2974 /* account for system time change */
2975 getmicrotime(&caltime);
2976 t_dst->ia6ti_base_calendartime +=
2977 NET_CALCULATE_CLOCKSKEW(caltime,
2978 t_dst->ia6ti_base_calendartime, net_uptime(),
2979 t_dst->ia6ti_base_uptime);
2980
2981 /* trust the caller for the values */
2982 t_dst->ia6ti_expire = t_src->ia6t_expire;
2983 t_dst->ia6ti_preferred = t_src->ia6t_preferred;
2984 t_dst->ia6ti_vltime = t_src->ia6t_vltime;
2985 t_dst->ia6ti_pltime = t_src->ia6t_pltime;
2986}
2987
1c79356b
A		 2988/*
2989 * Convert IP6 address to printable (loggable) representation.
2990 */
1c79356b 2991char *
39236c6e 2992ip6_sprintf(const struct in6_addr *addr)
1c79356b 2993{
39236c6e
A		 2994 static const char digits[] = "0123456789abcdef";
2995 static int ip6round = 0;
1c79356b 2996 static char ip6buf[8][48];
39236c6e 2997
9bccf70c
A		 2998 int i;
2999 char *cp;
55e303ae
A		 3000 const u_short *a = (const u_short *)addr;
3001 const u_char *d;
39236c6e 3002 u_char n;
1c79356b 3003 int dcolon = 0;
39236c6e 3004 int zpad = 0;
1c79356b
A		 3005
3006 ip6round = (ip6round + 1) & 7;
3007 cp = ip6buf[ip6round];
3008
3009 for (i = 0; i < 8; i++) {
3010 if (dcolon == 1) {
3011 if (*a == 0) {
0a7de745 3012 if (i == 7) {
1c79356b 3013 *cp++ = ':';
0a7de745 3014 }
1c79356b
A		 3015 a++;
3016 continue;
0a7de745 3017 } else {
1c79356b 3018 dcolon = 2;
0a7de745 3019 }
1c79356b
A		 3020 }
3021 if (*a == 0) {
3022 if (dcolon == 0 && *(a + 1) == 0) {
0a7de745 3023 if (i == 0) {
1c79356b 3024 *cp++ = ':';
0a7de745 3025 }
1c79356b
A		 3026 *cp++ = ':';
3027 dcolon = 1;
3028 } else {
3029 *cp++ = '0';
3030 *cp++ = ':';
3031 }
3032 a++;
3033 continue;
3034 }
55e303ae 3035 d = (const u_char *)a;
39236c6e
A		 3036 zpad = 0;
3037 if ((n = *d >> 4) != 0) {
3038 *cp++ = digits[n];
3039 zpad = 1;
3040 }
3041 if ((n = *d++ & 0xf) != 0 || zpad) {
3042 *cp++ = digits[n];
3043 zpad = 1;
3044 }
3045 if ((n = *d >> 4) != 0 || zpad) {
3046 *cp++ = digits[n];
3047 zpad = 1;
3048 }
0a7de745 3049 if ((n = *d & 0xf) != 0 || zpad) {
39236c6e 3050 *cp++ = digits[n];
0a7de745 3051 }
1c79356b
A		 3052 *cp++ = ':';
3053 a++;
3054 }
3055 *--cp = 0;
0a7de745 3056 return ip6buf[ip6round];
1c79356b
A		 3057}
3058
2d21ac55
A		 3059int
3060in6addr_local(struct in6_addr *in6)
3061{
3062 struct rtentry *rt;
3063 struct sockaddr_in6 sin6;
3064 int local = 0;
3065
0a7de745
A		 3066 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_SCOPE_LINKLOCAL(in6)) {
3067 return 1;
3068 }
2d21ac55
A		 3069
3070 sin6.sin6_family = AF_INET6;
0a7de745
A		 3071 sin6.sin6_len = sizeof(sin6);
3072 bcopy(in6, &sin6.sin6_addr, sizeof(*in6));
b0d623f7 3073 rt = rtalloc1((struct sockaddr *)&sin6, 0, 0);
2d21ac55
A		 3074
3075 if (rt != NULL) {
b0d623f7 3076 RT_LOCK_SPIN(rt);
0a7de745 3077 if (rt->rt_gateway->sa_family == AF_LINK) {
2d21ac55 3078 local = 1;
0a7de745 3079 }
b0d623f7 3080 RT_UNLOCK(rt);
2d21ac55
A		 3081 rtfree(rt);
3082 } else {
3083 local = in6_localaddr(in6);
3084 }
0a7de745 3085 return local;
2d21ac55
A		 3086}
3087
1c79356b 3088int
6d2010ae 3089in6_localaddr(struct in6_addr *in6)
1c79356b
A		 3090{
3091 struct in6_ifaddr *ia;
3092
0a7de745
A		 3093 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6)) {
3094 return 1;
3095 }
1c79356b 3096
6d2010ae
A		 3097 lck_rw_lock_shared(&in6_ifaddr_rwlock);
3098 for (ia = in6_ifaddrs; ia; ia = ia->ia_next) {
3099 IFA_LOCK_SPIN(&ia->ia_ifa);
1c79356b 3100 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr,
6d2010ae
A		 3101 &ia->ia_prefixmask.sin6_addr)) {
3102 IFA_UNLOCK(&ia->ia_ifa);
3103 lck_rw_done(&in6_ifaddr_rwlock);
0a7de745 3104 return 1;
91447636 3105 }
6d2010ae
A		 3106 IFA_UNLOCK(&ia->ia_ifa);
3107 }
3108 lck_rw_done(&in6_ifaddr_rwlock);
0a7de745 3109 return 0;
1c79356b
A		 3110}
3111
1c79356b
A		 3112/*
3113 * return length of part which dst and src are equal
3114 * hard coding...
3115 */
1c79356b 3116int
39037602 3117in6_matchlen(struct in6_addr *src, struct in6_addr *dst)
1c79356b
A		 3118{
3119 int match = 0;
3120 u_char *s = (u_char *)src, *d = (u_char *)dst;
3121 u_char *lim = s + 16, r;
3122
0a7de745 3123 while (s < lim) {
1c79356b
A		 3124 if ((r = (*d++ ^ *s++)) != 0) {
3125 while (r < 128) {
3126 match++;
3127 r <<= 1;
3128 }
3129 break;
0a7de745 3130 } else {
1c79356b 3131 match += 8;
0a7de745
A		 3132 }
3133 }
3134 return match;
1c79356b
A		 3135}
3136
9bccf70c 3137/* XXX: to be scope conscious */
1c79356b 3138int
39037602 3139in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len)
1c79356b
A		 3140{
3141 int bytelen, bitlen;
3142
3143 /* sanity check */
3144 if (0 > len || len > 128) {
39236c6e 3145 log(LOG_ERR, "%s: invalid prefix length(%d)\n", __func__, len);
0a7de745 3146 return 0;
1c79356b
A		 3147 }
3148
3149 bytelen = len / 8;
3150 bitlen = len % 8;
3151
0a7de745
A		 3152 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen)) {
3153 return 0;
3154 }
39236c6e 3155 if (bitlen != 0 &&
91447636 3156 p1->s6_addr[bytelen] >> (8 - bitlen) !=
0a7de745
A		 3157 p2->s6_addr[bytelen] >> (8 - bitlen)) {
3158 return 0;
3159 }
1c79356b 3160
0a7de745 3161 return 1;
1c79356b
A		 3162}
3163
3164void
39037602 3165in6_prefixlen2mask(struct in6_addr *maskp, int len)
1c79356b
A		 3166{
3167 u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff};
3168 int bytelen, bitlen, i;
3169
3170 /* sanity check */
3171 if (0 > len || len > 128) {
39236c6e 3172 log(LOG_ERR, "%s: invalid prefix length(%d)\n", __func__, len);
1c79356b
A		 3173 return;
3174 }
3175
0a7de745 3176 bzero(maskp, sizeof(*maskp));
1c79356b
A		 3177 bytelen = len / 8;
3178 bitlen = len % 8;
0a7de745 3179 for (i = 0; i < bytelen; i++) {
1c79356b 3180 maskp->s6_addr[i] = 0xff;
0a7de745
A		 3181 }
3182 if (bitlen) {
1c79356b 3183 maskp->s6_addr[bytelen] = maskarray[bitlen - 1];
0a7de745 3184 }
1c79356b
A		 3185}
3186
3187/*
3188 * return the best address out of the same scope
3189 */
3190struct in6_ifaddr *
39236c6e 3191in6_ifawithscope(struct ifnet *oifp, struct in6_addr *dst)
1c79356b 3192{
0a7de745 3193 int dst_scope = in6_addrscope(dst), src_scope, best_scope = 0;
1c79356b
A		 3194 int blen = -1;
3195 struct ifaddr *ifa;
3196 struct ifnet *ifp;
3197 struct in6_ifaddr *ifa_best = NULL;
39236c6e 3198
1c79356b 3199 if (oifp == NULL) {
0a7de745 3200 return NULL;
1c79356b
A		 3201 }
3202
3203 /*
3204 * We search for all addresses on all interfaces from the beginning.
3205 * Comparing an interface with the outgoing interface will be done
3206 * only at the final stage of tiebreaking.
3207 */
91447636
A		 3208 ifnet_head_lock_shared();
3209 TAILQ_FOREACH(ifp, &ifnet_head, if_list) {
1c79356b
A		 3210 /*
3211 * We can never take an address that breaks the scope zone
3212 * of the destination.
3213 */
0a7de745 3214 if (in6_addr2scopeid(ifp, dst) != in6_addr2scopeid(oifp, dst)) {
1c79356b 3215 continue;
0a7de745 3216 }
1c79356b 3217
91447636 3218 ifnet_lock_shared(ifp);
39236c6e 3219 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) {
1c79356b
A		 3220 int tlen = -1, dscopecmp, bscopecmp, matchcmp;
3221
6d2010ae
A		 3222 IFA_LOCK(ifa);
3223 if (ifa->ifa_addr->sa_family != AF_INET6) {
3224 IFA_UNLOCK(ifa);
1c79356b 3225 continue;
6d2010ae 3226 }
1c79356b
A		 3227 src_scope = in6_addrscope(IFA_IN6(ifa));
3228
1c79356b
A		 3229 /*
3230 * Don't use an address before completing DAD
3231 * nor a duplicated address.
3232 */
3233 if (((struct in6_ifaddr *)ifa)->ia6_flags &
d9a64523 3234 (IN6_IFF_NOTREADY | IN6_IFF_CLAT46)) {
6d2010ae 3235 IFA_UNLOCK(ifa);
1c79356b 3236 continue;
6d2010ae 3237 }
1c79356b
A		 3238 /* XXX: is there any case to allow anycasts? */
3239 if (((struct in6_ifaddr *)ifa)->ia6_flags &
6d2010ae
A		 3240 IN6_IFF_ANYCAST) {
3241 IFA_UNLOCK(ifa);
1c79356b 3242 continue;
6d2010ae 3243 }
1c79356b 3244 if (((struct in6_ifaddr *)ifa)->ia6_flags &
6d2010ae
A		 3245 IN6_IFF_DETACHED) {
3246 IFA_UNLOCK(ifa);
1c79356b 3247 continue;
6d2010ae 3248 }
1c79356b
A		 3249 /*
3250 * If this is the first address we find,
3251 * keep it anyway.
3252 */
0a7de745 3253 if (ifa_best == NULL) {
1c79356b 3254 goto replace;
0a7de745 3255 }
1c79356b
A		 3256
3257 /*
3258 * ifa_best is never NULL beyond this line except
3259 * within the block labeled "replace".
3260 */
3261
3262 /*
3263 * If ifa_best has a smaller scope than dst and
3264 * the current address has a larger one than
3265 * (or equal to) dst, always replace ifa_best.
3266 * Also, if the current address has a smaller scope
3267 * than dst, ignore it unless ifa_best also has a
3268 * smaller scope.
9bccf70c
A		 3269 * Consequently, after the two if-clause below,
3270 * the followings must be satisfied:
3271 * (scope(src) < scope(dst) &&
3272 * scope(best) < scope(dst))
3273 * OR
3274 * (scope(best) >= scope(dst) &&
3275 * scope(src) >= scope(dst))
1c79356b
A		 3276 */
3277 if (IN6_ARE_SCOPE_CMP(best_scope, dst_scope) < 0 &&
0a7de745 3278 IN6_ARE_SCOPE_CMP(src_scope, dst_scope) >= 0) {
9bccf70c 3279 goto replace; /* (A) */
0a7de745 3280 }
1c79356b 3281 if (IN6_ARE_SCOPE_CMP(src_scope, dst_scope) < 0 &&
6d2010ae
A		 3282 IN6_ARE_SCOPE_CMP(best_scope, dst_scope) >= 0) {
3283 IFA_UNLOCK(ifa);
9bccf70c 3284 continue; /* (B) */
6d2010ae 3285 }
1c79356b
A		 3286 /*
3287 * A deprecated address SHOULD NOT be used in new
3288 * communications if an alternate (non-deprecated)
3289 * address is available and has sufficient scope.
39236c6e 3290 * RFC 4862, Section 5.5.4.
1c79356b
A		 3291 */
3292 if (((struct in6_ifaddr *)ifa)->ia6_flags &
3293 IN6_IFF_DEPRECATED) {
3294 /*
3295 * Ignore any deprecated addresses if
3296 * specified by configuration.
3297 */
6d2010ae
A		 3298 if (!ip6_use_deprecated) {
3299 IFA_UNLOCK(ifa);
1c79356b 3300 continue;
6d2010ae 3301 }
1c79356b
A		 3302 /*
3303 * If we have already found a non-deprecated
3304 * candidate, just ignore deprecated addresses.
3305 */
3306 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED)
6d2010ae
A		 3307 == 0) {
3308 IFA_UNLOCK(ifa);
1c79356b 3309 continue;
6d2010ae 3310 }
1c79356b
A		 3311 }
3312
3313 /*
3314 * A non-deprecated address is always preferred
3315 * to a deprecated one regardless of scopes and
9bccf70c
A		 3316 * address matching (Note invariants ensured by the
3317 * conditions (A) and (B) above.)
1c79356b
A		 3318 */
3319 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) &&
3320 (((struct in6_ifaddr *)ifa)->ia6_flags &
0a7de745 3321 IN6_IFF_DEPRECATED) == 0) {
1c79356b 3322 goto replace;
0a7de745 3323 }
1c79356b 3324
9bccf70c
A		 3325 /*
3326 * When we use temporary addresses described in
6d2010ae 3327 * RFC 4941, we prefer temporary addresses to
9bccf70c
A		 3328 * public autoconf addresses. Again, note the
3329 * invariants from (A) and (B). Also note that we
3330 * don't have any preference between static addresses
3331 * and autoconf addresses (despite of whether or not
3332 * the latter is temporary or public.)
3333 */
3334 if (ip6_use_tempaddr) {
3335 struct in6_ifaddr *ifat;
3336
3337 ifat = (struct in6_ifaddr *)ifa;
3338 if ((ifa_best->ia6_flags &
0a7de745 3339 (IN6_IFF_AUTOCONF | IN6_IFF_TEMPORARY))
39236c6e 3340 == IN6_IFF_AUTOCONF &&
9bccf70c 3341 (ifat->ia6_flags &
0a7de745
A		 3342 (IN6_IFF_AUTOCONF | IN6_IFF_TEMPORARY))
3343 == (IN6_IFF_AUTOCONF | IN6_IFF_TEMPORARY)) {
9bccf70c
A		 3344 goto replace;
3345 }
3346 if ((ifa_best->ia6_flags &
0a7de745
A		 3347 (IN6_IFF_AUTOCONF | IN6_IFF_TEMPORARY))
3348 == (IN6_IFF_AUTOCONF | IN6_IFF_TEMPORARY) &&
9bccf70c 3349 (ifat->ia6_flags &
0a7de745 3350 (IN6_IFF_AUTOCONF | IN6_IFF_TEMPORARY))
39236c6e 3351 == IN6_IFF_AUTOCONF) {
6d2010ae 3352 IFA_UNLOCK(ifa);
9bccf70c
A		 3353 continue;
3354 }
3355 }
3356
1c79356b
A		 3357 /*
3358 * At this point, we have two cases:
3359 * 1. we are looking at a non-deprecated address,
3360 * and ifa_best is also non-deprecated.
3361 * 2. we are looking at a deprecated address,
3362 * and ifa_best is also deprecated.
3363 * Also, we do not have to consider a case where
3364 * the scope of if_best is larger(smaller) than dst and
3365 * the scope of the current address is smaller(larger)
3366 * than dst. Such a case has already been covered.
3367 * Tiebreaking is done according to the following
3368 * items:
3369 * - the scope comparison between the address and
3370 * dst (dscopecmp)
3371 * - the scope comparison between the address and
3372 * ifa_best (bscopecmp)
3373 * - if the address match dst longer than ifa_best
3374 * (matchcmp)
3375 * - if the address is on the outgoing I/F (outI/F)
3376 *
3377 * Roughly speaking, the selection policy is
3378 * - the most important item is scope. The same scope
3379 * is best. Then search for a larger scope.
3380 * Smaller scopes are the last resort.
3381 * - A deprecated address is chosen only when we have
3382 * no address that has an enough scope, but is
9bccf70c
A		 3383 * prefered to any addresses of smaller scopes
3384 * (this must be already done above.)
3385 * - addresses on the outgoing I/F are preferred to
3386 * ones on other interfaces if none of above
3387 * tiebreaks. In the table below, the column "bI"
3388 * means if the best_ifa is on the outgoing
3389 * interface, and the column "sI" means if the ifa
3390 * is on the outgoing interface.
1c79356b 3391 * - If there is no other reasons to choose one,
9bccf70c 3392 * longest address match against dst is considered.
1c79356b
A		 3393 *
3394 * The precise decision table is as follows:
39236c6e
A		 3395 * dscopecmp bscopecmp match bI oI | replace?
3396 * N/A equal N/A Y N | No (1)
3397 * N/A equal N/A N Y | Yes (2)
3398 * N/A equal larger N/A | Yes (3)
3399 * N/A equal !larger N/A | No (4)
3400 * larger larger N/A N/A | No (5)
3401 * larger smaller N/A N/A | Yes (6)
3402 * smaller larger N/A N/A | Yes (7)
3403 * smaller smaller N/A N/A | No (8)
3404 * equal smaller N/A N/A | Yes (9)
3405 * equal larger (already done at A above)
1c79356b
A		 3406 */
3407 dscopecmp = IN6_ARE_SCOPE_CMP(src_scope, dst_scope);
3408 bscopecmp = IN6_ARE_SCOPE_CMP(src_scope, best_scope);
3409
9bccf70c
A		 3410 if (bscopecmp == 0) {
3411 struct ifnet *bifp = ifa_best->ia_ifp;
3412
6d2010ae
A		 3413 if (bifp == oifp && ifp != oifp) { /* (1) */
3414 IFA_UNLOCK(ifa);
9bccf70c 3415 continue;
6d2010ae 3416 }
0a7de745 3417 if (bifp != oifp && ifp == oifp) { /* (2) */
9bccf70c 3418 goto replace;
0a7de745 3419 }
9bccf70c
A		 3420
3421 /*
3422 * Both bifp and ifp are on the outgoing
3423 * interface, or both two are on a different
3424 * interface from the outgoing I/F.
3425 * now we need address matching against dst
3426 * for tiebreaking.
3427 */
3428 tlen = in6_matchlen(IFA_IN6(ifa), dst);
3429 matchcmp = tlen - blen;
0a7de745 3430 if (matchcmp > 0) { /* (3) */
1c79356b 3431 goto replace;
0a7de745 3432 }
6d2010ae 3433 IFA_UNLOCK(ifa);
9bccf70c 3434 continue; /* (4) */
1c79356b
A		 3435 }
3436 if (dscopecmp > 0) {
6d2010ae
A		 3437 if (bscopecmp > 0) { /* (5) */
3438 IFA_UNLOCK(ifa);
1c79356b 3439 continue;
6d2010ae 3440 }
9bccf70c 3441 goto replace; /* (6) */
1c79356b
A		 3442 }
3443 if (dscopecmp < 0) {
0a7de745 3444 if (bscopecmp > 0) { /* (7) */
1c79356b 3445 goto replace;
0a7de745 3446 }
6d2010ae 3447 IFA_UNLOCK(ifa);
9bccf70c 3448 continue; /* (8) */
1c79356b
A		 3449 }
3450
3451 /* now dscopecmp must be 0 */
0a7de745 3452 if (bscopecmp < 0) {
9bccf70c 3453 goto replace; /* (9) */
0a7de745 3454 }
6d2010ae 3455replace:
0a7de745 3456 IFA_ADDREF_LOCKED(ifa); /* for ifa_best */
1c79356b 3457 blen = tlen >= 0 ? tlen :
39236c6e
A		 3458 in6_matchlen(IFA_IN6(ifa), dst);
3459 best_scope =
3460 in6_addrscope(&ifa2ia6(ifa)->ia_addr.sin6_addr);
6d2010ae 3461 IFA_UNLOCK(ifa);
0a7de745 3462 if (ifa_best) {
6d2010ae 3463 IFA_REMREF(&ifa_best->ia_ifa);
0a7de745 3464 }
6d2010ae 3465 ifa_best = (struct in6_ifaddr *)ifa;
1c79356b 3466 }
91447636 3467 ifnet_lock_done(ifp);
1c79356b 3468 }
91447636 3469 ifnet_head_done();
1c79356b
A		 3470
3471 /* count statistics for future improvements */
0a7de745 3472 if (ifa_best == NULL) {
1c79356b 3473 ip6stat.ip6s_sources_none++;
0a7de745 3474 } else {
6d2010ae 3475 IFA_LOCK_SPIN(&ifa_best->ia_ifa);
0a7de745 3476 if (oifp == ifa_best->ia_ifp) {
1c79356b 3477 ip6stat.ip6s_sources_sameif[best_scope]++;
0a7de745 3478 } else {
1c79356b 3479 ip6stat.ip6s_sources_otherif[best_scope]++;
0a7de745 3480 }
1c79356b 3481
0a7de745 3482 if (best_scope == dst_scope) {
1c79356b 3483 ip6stat.ip6s_sources_samescope[best_scope]++;
0a7de745 3484 } else {
1c79356b 3485 ip6stat.ip6s_sources_otherscope[best_scope]++;
0a7de745 3486 }
1c79356b 3487
0a7de745 3488 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) != 0) {
1c79356b 3489 ip6stat.ip6s_sources_deprecated[best_scope]++;
0a7de745 3490 }
6d2010ae 3491 IFA_UNLOCK(&ifa_best->ia_ifa);
1c79356b
A		 3492 }
3493
0a7de745 3494 return ifa_best;
1c79356b
A		 3495}
3496
3497/*
3498 * return the best address out of the same scope. if no address was
3499 * found, return the first valid address from designated IF.
3500 */
1c79356b 3501struct in6_ifaddr *
39236c6e 3502in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst)
1c79356b 3503{
0a7de745 3504 int dst_scope = in6_addrscope(dst), blen = -1, tlen;
1c79356b 3505 struct ifaddr *ifa;
6d2010ae 3506 struct in6_ifaddr *besta = NULL;
0a7de745 3507 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */
1c79356b
A		 3508
3509 dep[0] = dep[1] = NULL;
3510
1c79356b
A		 3511 /*
3512 * We first look for addresses in the same scope.
3513 * If there is one, return it.
3514 * If two or more, return one which matches the dst longest.
3515 * If none, return one of global addresses assigned other ifs.
3516 */
91447636 3517 ifnet_lock_shared(ifp);
39236c6e 3518 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) {
6d2010ae
A		 3519 IFA_LOCK(ifa);
3520 if (ifa->ifa_addr->sa_family != AF_INET6) {
3521 IFA_UNLOCK(ifa);
1c79356b 3522 continue;
6d2010ae
A		 3523 }
3524 if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_ANYCAST) {
3525 IFA_UNLOCK(ifa);
1c79356b 3526 continue; /* XXX: is there any case to allow anycast? */
6d2010ae 3527 }
d9a64523 3528 if (ifa2ia6(ifa)->ia6_flags & (IN6_IFF_NOTREADY | IN6_IFF_CLAT46)) {
6d2010ae 3529 IFA_UNLOCK(ifa);
1c79356b 3530 continue; /* don't use this interface */
6d2010ae
A		 3531 }
3532 if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_DETACHED) {
3533 IFA_UNLOCK(ifa);
1c79356b 3534 continue;
6d2010ae
A		 3535 }
3536 if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
b0d623f7 3537 if (ip6_use_deprecated) {
0a7de745 3538 IFA_ADDREF_LOCKED(ifa); /* for dep[0] */
6d2010ae 3539 IFA_UNLOCK(ifa);
0a7de745 3540 if (dep[0] != NULL) {
6d2010ae 3541 IFA_REMREF(&dep[0]->ia_ifa);
0a7de745 3542 }
1c79356b 3543 dep[0] = (struct in6_ifaddr *)ifa;
6d2010ae
A		 3544 } else {
3545 IFA_UNLOCK(ifa);
b0d623f7 3546 }
1c79356b
A		 3547 continue;
3548 }
3549
3550 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) {
3551 /*
3552 * call in6_matchlen() as few as possible
3553 */
3554 if (besta) {
6d2010ae
A		 3555 if (blen == -1) {
3556 IFA_UNLOCK(ifa);
3557 IFA_LOCK(&besta->ia_ifa);
39236c6e 3558 blen = in6_matchlen(
0a7de745 3559 &besta->ia_addr.sin6_addr, dst);
6d2010ae
A		 3560 IFA_UNLOCK(&besta->ia_ifa);
3561 IFA_LOCK(ifa);
3562 }
1c79356b
A		 3563 tlen = in6_matchlen(IFA_IN6(ifa), dst);
3564 if (tlen > blen) {
3565 blen = tlen;
0a7de745 3566 IFA_ADDREF_LOCKED(ifa); /* for besta */
6d2010ae
A		 3567 IFA_UNLOCK(ifa);
3568 IFA_REMREF(&besta->ia_ifa);
1c79356b 3569 besta = (struct in6_ifaddr *)ifa;
6d2010ae
A		 3570 } else {
3571 IFA_UNLOCK(ifa);
1c79356b 3572 }
6d2010ae 3573 } else {
1c79356b 3574 besta = (struct in6_ifaddr *)ifa;
0a7de745 3575 IFA_ADDREF_LOCKED(ifa); /* for besta */
6d2010ae
A		 3576 IFA_UNLOCK(ifa);
3577 }
3578 } else {
3579 IFA_UNLOCK(ifa);
1c79356b
A		 3580 }
3581 }
91447636
A		 3582 if (besta) {
3583 ifnet_lock_done(ifp);
0a7de745 3584 if (dep[0] != NULL) {
6d2010ae 3585 IFA_REMREF(&dep[0]->ia_ifa);
0a7de745
A		 3586 }
3587 return besta;
91447636 3588 }
1c79356b 3589
39236c6e 3590 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) {
6d2010ae
A		 3591 IFA_LOCK(ifa);
3592 if (ifa->ifa_addr->sa_family != AF_INET6) {
3593 IFA_UNLOCK(ifa);
1c79356b 3594 continue;
6d2010ae
A		 3595 }
3596 if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_ANYCAST) {
3597 IFA_UNLOCK(ifa);
1c79356b 3598 continue; /* XXX: is there any case to allow anycast? */
6d2010ae 3599 }
d9a64523 3600 if (ifa2ia6(ifa)->ia6_flags & (IN6_IFF_NOTREADY | IN6_IFF_CLAT46)) {
6d2010ae 3601 IFA_UNLOCK(ifa);
1c79356b 3602 continue; /* don't use this interface */
6d2010ae
A		 3603 }
3604 if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_DETACHED) {
3605 IFA_UNLOCK(ifa);
1c79356b 3606 continue;
6d2010ae
A		 3607 }
3608 if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
b0d623f7 3609 if (ip6_use_deprecated) {
0a7de745 3610 IFA_ADDREF_LOCKED(ifa); /* for dep[1] */
6d2010ae 3611 IFA_UNLOCK(ifa);
0a7de745 3612 if (dep[1] != NULL) {
6d2010ae 3613 IFA_REMREF(&dep[1]->ia_ifa);
0a7de745 3614 }
1c79356b 3615 dep[1] = (struct in6_ifaddr *)ifa;
6d2010ae
A		 3616 } else {
3617 IFA_UNLOCK(ifa);
b0d623f7 3618 }
1c79356b
A		 3619 continue;
3620 }
0a7de745 3621 IFA_ADDREF_LOCKED(ifa); /* for caller */
6d2010ae 3622 IFA_UNLOCK(ifa);
91447636 3623 ifnet_lock_done(ifp);
0a7de745 3624 if (dep[0] != NULL) {
6d2010ae 3625 IFA_REMREF(&dep[0]->ia_ifa);
0a7de745
A		 3626 }
3627 if (dep[1] != NULL) {
6d2010ae 3628 IFA_REMREF(&dep[1]->ia_ifa);
0a7de745
A		 3629 }
3630 return (struct in6_ifaddr *)ifa;
1c79356b 3631 }
91447636 3632 ifnet_lock_done(ifp);
1c79356b
A		 3633
3634 /* use the last-resort values, that are, deprecated addresses */
b0d623f7 3635 if (dep[0]) {
0a7de745 3636 if (dep[1] != NULL) {
6d2010ae 3637 IFA_REMREF(&dep[1]->ia_ifa);
0a7de745
A		 3638 }
3639 return dep[0];
3640 }
3641 if (dep[1]) {
3642 return dep[1];
b0d623f7 3643 }
1c79356b 3644
0a7de745 3645 return NULL;
1c79356b
A		 3646}
3647
3648/*
3649 * perform DAD when interface becomes IFF_UP.
3650 */
39236c6e
A		 3651static void
3652in6_if_up_dad_start(struct ifnet *ifp)
1c79356b
A		 3653{
3654 struct ifaddr *ifa;
39037602
A		 3655 struct nd_ifinfo *ndi = NULL;
3656
3657 ndi = ND_IFINFO(ifp);
0a7de745
A		 3658 VERIFY((NULL != ndi) && (TRUE == ndi->initialized));
3659 if (!(ndi->flags & ND6_IFF_DAD)) {
39037602 3660 return;
0a7de745 3661 }
6d2010ae 3662
39236c6e 3663 /* start DAD on all the interface addresses */
91447636 3664 ifnet_lock_exclusive(ifp);
39236c6e
A		 3665 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) {
3666 struct in6_ifaddr *ia6;
3667
6d2010ae
A		 3668 IFA_LOCK_SPIN(ifa);
3669 if (ifa->ifa_addr->sa_family != AF_INET6) {
3670 IFA_UNLOCK(ifa);
1c79356b 3671 continue;
6d2010ae 3672 }
39236c6e
A		 3673 ia6 = (struct in6_ifaddr *)ifa;
3674 if (ia6->ia6_flags & IN6_IFF_DADPROGRESS) {
0a7de745 3675 int delay = 0; /* delay ticks before DAD output */
6d2010ae 3676 IFA_UNLOCK(ifa);
39236c6e 3677 nd6_dad_start(ifa, &delay);
6d2010ae
A		 3678 } else {
3679 IFA_UNLOCK(ifa);
3680 }
1c79356b 3681 }
91447636 3682 ifnet_lock_done(ifp);
9bccf70c
A		 3683}
3684
3685int
91447636
A		 3686in6if_do_dad(
3687 struct ifnet *ifp)
9bccf70c 3688{
39037602
A		 3689 struct nd_ifinfo *ndi = NULL;
3690
0a7de745
A		 3691 if ((ifp->if_flags & IFF_LOOPBACK) != 0) {
3692 return 0;
3693 }
1c79356b 3694
39037602 3695 ndi = ND_IFINFO(ifp);
0a7de745
A		 3696 VERIFY((NULL != ndi) && (TRUE == ndi->initialized));
3697 if (!(ndi->flags & ND6_IFF_DAD)) {
3698 return 0;
3699 }
39037602 3700
6d2010ae 3701 /*
316670eb
A		 3702 * If we are using the alternative neighbor discovery
3703 * interface on this interface, then skip DAD.
3704 *
3705 * Also, skip it for interfaces marked "local private"
3706 * for now, even when not marked as using the alternative
3707 * interface. This is for historical reasons.
6d2010ae 3708 */
0a7de745
A		 3709 if (ifp->if_eflags &
3710 (IFEF_IPV6_ND6ALT | IFEF_LOCALNET_PRIVATE | IFEF_DIRECTLINK)) {
3711 return 0;
3712 }
6d2010ae 3713
5ba3f43e 3714 if (ifp->if_subfamily == IFNET_SUBFAMILY_IPSEC ||
0a7de745 3715 ifp->if_subfamily == IFNET_SUBFAMILY_UTUN) {
5ba3f43e
A		 3716 /*
3717 * Ignore DAD for tunneling virtual interfaces, which get
3718 * their IPv6 address explicitly assigned.
3719 */
0a7de745 3720 return 0;
5ba3f43e
A		 3721 }
3722
1c79356b 3723 switch (ifp->if_type) {
9bccf70c 3724#if IFT_DUMMY
1c79356b 3725 case IFT_DUMMY:
9bccf70c 3726#endif
1c79356b 3727 case IFT_FAITH:
1c79356b 3728 /*
9bccf70c
A		 3729 * These interfaces do not have the IFF_LOOPBACK flag,
3730 * but loop packets back. We do not have to do DAD on such
3731 * interfaces. We should even omit it, because loop-backed
3732 * NS would confuse the DAD procedure.
1c79356b 3733 */
0a7de745 3734 return 0;
1c79356b 3735 default:
9bccf70c
A		 3736 /*
3737 * Our DAD routine requires the interface up and running.
3738 * However, some interfaces can be up before the RUNNING
3739 * status. Additionaly, users may try to assign addresses
3740 * before the interface becomes up (or running).
3741 * We simply skip DAD in such a case as a work around.
3742 * XXX: we should rather mark "tentative" on such addresses,
3743 * and do DAD after the interface becomes ready.
3744 */
0a7de745
A		 3745 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) !=
3746 (IFF_UP | IFF_RUNNING)) {
3747 return 0;
3748 }
1c79356b 3749
0a7de745 3750 return 1;
1c79356b
A		 3751 }
3752}
3753
3754/*
3755 * Calculate max IPv6 MTU through all the interfaces and store it
3756 * to in6_maxmtu.
3757 */
3758void
316670eb 3759in6_setmaxmtu(void)
1c79356b 3760{
b0d623f7 3761 u_int32_t maxmtu = 0;
1c79356b
A		 3762 struct ifnet *ifp;
3763
91447636
A		 3764 ifnet_head_lock_shared();
3765 TAILQ_FOREACH(ifp, &ifnet_head, if_list) {
3e170ce0 3766 struct nd_ifinfo *ndi = NULL;
316670eb 3767
0a7de745 3768 if ((ndi = ND_IFINFO(ifp)) != NULL && !ndi->initialized) {
316670eb 3769 ndi = NULL;
0a7de745
A		 3770 }
3771 if (ndi != NULL) {
316670eb 3772 lck_mtx_lock(&ndi->lock);
0a7de745 3773 }
1c79356b 3774 if ((ifp->if_flags & IFF_LOOPBACK) == 0 &&
0a7de745 3775 IN6_LINKMTU(ifp) > maxmtu) {
2d21ac55 3776 maxmtu = IN6_LINKMTU(ifp);
0a7de745
A		 3777 }
3778 if (ndi != NULL) {
316670eb 3779 lck_mtx_unlock(&ndi->lock);
0a7de745 3780 }
1c79356b 3781 }
91447636 3782 ifnet_head_done();
0a7de745 3783 if (maxmtu) { /* update only when maxmtu is positive */
1c79356b 3784 in6_maxmtu = maxmtu;
0a7de745 3785 }
1c79356b 3786}
6d2010ae
A		 3787/*
3788 * Provide the length of interface identifiers to be used for the link attached
3789 * to the given interface. The length should be defined in "IPv6 over
3790 * xxx-link" document. Note that address architecture might also define
3791 * the length for a particular set of address prefixes, regardless of the
39236c6e 3792 * link type. Also see RFC 4862 for additional background.
6d2010ae
A		 3793 */
3794int
3795in6_if2idlen(struct ifnet *ifp)
3796{
3797 switch (ifp->if_type) {
0a7de745
A		 3798 case IFT_ETHER: /* RFC2464 */
3799 case IFT_IEEE8023ADLAG: /* IEEE802.3ad Link Aggregate */
6d2010ae 3800#ifdef IFT_PROPVIRTUAL
0a7de745 3801 case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */
6d2010ae
A		 3802#endif
3803#ifdef IFT_L2VLAN
0a7de745 3804 case IFT_L2VLAN: /* ditto */
6d2010ae
A		 3805#endif
3806#ifdef IFT_IEEE80211
0a7de745 3807 case IFT_IEEE80211: /* ditto */
6d2010ae
A		 3808#endif
3809#ifdef IFT_MIP
0a7de745 3810 case IFT_MIP: /* ditto */
6d2010ae 3811#endif
0a7de745
A		 3812 return 64;
3813 case IFT_FDDI: /* RFC2467 */
3814 return 64;
3815 case IFT_ISO88025: /* RFC2470 (IPv6 over Token Ring) */
3816 return 64;
3817 case IFT_PPP: /* RFC2472 */
3818 return 64;
3819 case IFT_ARCNET: /* RFC2497 */
3820 return 64;
3821 case IFT_FRELAY: /* RFC2590 */
3822 return 64;
3823 case IFT_IEEE1394: /* RFC3146 */
3824 return 64;
6d2010ae 3825 case IFT_GIF:
0a7de745 3826 return 64; /* draft-ietf-v6ops-mech-v2-07 */
6d2010ae 3827 case IFT_LOOP:
0a7de745 3828 return 64; /* XXX: is this really correct? */
6d2010ae 3829 case IFT_OTHER:
0a7de745 3830 return 64; /* for utun interfaces */
6d2010ae 3831 case IFT_CELLULAR:
0a7de745 3832 return 64; /* Packet Data over Cellular */
316670eb 3833 case IFT_BRIDGE:
0a7de745 3834 return 64; /* Transparent bridge interface */
6d2010ae
A		 3835 default:
3836 /*
3837 * Unknown link type:
3838 * It might be controversial to use the today's common constant
3839 * of 64 for these cases unconditionally. For full compliance,
3840 * we should return an error in this case. On the other hand,
3841 * if we simply miss the standard for the link type or a new
3842 * standard is defined for a new link type, the IFID length
3843 * is very likely to be the common constant. As a compromise,
3844 * we always use the constant, but make an explicit notice
3845 * indicating the "unknown" case.
3846 */
39236c6e
A		 3847 log(LOG_NOTICE, "%s: unknown link type (%d)\n", __func__,
3848 ifp->if_type);
0a7de745 3849 return 64;
6d2010ae
A		 3850 }
3851}
9bccf70c 3852/*
55e303ae 3853 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be
1c79356b
A		 3854 * v4 mapped addr or v4 compat addr
3855 */
3856void
3857in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
3858{
0a7de745
A		 3859 bzero(sin, sizeof(*sin));
3860 sin->sin_len = sizeof(struct sockaddr_in);
1c79356b
A		 3861 sin->sin_family = AF_INET;
3862 sin->sin_port = sin6->sin6_port;
6d2010ae 3863 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3];
1c79356b
A		 3864}
3865
3866/* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */
3867void
3868in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
3869{
0a7de745
A		 3870 bzero(sin6, sizeof(*sin6));
3871 sin6->sin6_len = sizeof(struct sockaddr_in6);
1c79356b
A		 3872 sin6->sin6_family = AF_INET6;
3873 sin6->sin6_port = sin->sin_port;
3874 sin6->sin6_addr.s6_addr32[0] = 0;
3875 sin6->sin6_addr.s6_addr32[1] = 0;
316670eb
A		 3876 if (sin->sin_addr.s_addr) {
3877 sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP;
3878 sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr;
39236c6e 3879 } else {
316670eb
A		 3880 sin6->sin6_addr.s6_addr32[2] = 0;
3881 sin6->sin6_addr.s6_addr32[3] = 0;
3882 }
1c79356b
A		 3883}
3884
3885/* Convert sockaddr_in6 into sockaddr_in. */
3886void
3887in6_sin6_2_sin_in_sock(struct sockaddr *nam)
3888{
3889 struct sockaddr_in *sin_p;
3890 struct sockaddr_in6 sin6;
3891
3892 /*
3893 * Save original sockaddr_in6 addr and convert it
3894 * to sockaddr_in.
3895 */
316670eb
A		 3896 sin6 = *(struct sockaddr_in6 *)(void *)nam;
3897 sin_p = (struct sockaddr_in *)(void *)nam;
1c79356b
A		 3898 in6_sin6_2_sin(sin_p, &sin6);
3899}
3900
3901/* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */
b0d623f7 3902int
1c79356b
A		 3903in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam)
3904{
3905 struct sockaddr_in *sin_p;
3906 struct sockaddr_in6 *sin6_p;
3907
0a7de745 3908 MALLOC(sin6_p, struct sockaddr_in6 *, sizeof(*sin6_p), M_SONAME,
39236c6e 3909 M_WAITOK);
0a7de745
A		 3910 if (sin6_p == NULL) {
3911 return ENOBUFS;
3912 }
316670eb 3913 sin_p = (struct sockaddr_in *)(void *)*nam;
1c79356b
A		 3914 in6_sin_2_v4mapsin6(sin_p, sin6_p);
3915 FREE(*nam, M_SONAME);
3916 *nam = (struct sockaddr *)sin6_p;
b0d623f7 3917
0a7de745 3918 return 0;
1c79356b 3919}
1c79356b 3920
b0d623f7
A		 3921/*
3922 * Posts in6_event_data message kernel events.
3923 *
3924 * To get the same size of kev_in6_data between ILP32 and LP64 data models
39236c6e
A		 3925 * we are using a special version of the in6_addrlifetime structure that
3926 * uses only 32 bits fields to be compatible with Leopard, and that
b0d623f7
A		 3927 * are large enough to span 68 years.
3928 */
9bccf70c 3929void
fe8ab488
A		 3930in6_post_msg(struct ifnet *ifp, u_int32_t event_code, struct in6_ifaddr *ifa,
3931 uint8_t *mac)
9bccf70c 3932{
39236c6e
A		 3933 struct kev_msg ev_msg;
3934 struct kev_in6_data in6_event_data;
3935 struct in6_addrlifetime ia6_lt;
9bccf70c 3936
0a7de745
A		 3937 bzero(&in6_event_data, sizeof(struct kev_in6_data));
3938 bzero(&ev_msg, sizeof(struct kev_msg));
3939 ev_msg.vendor_code = KEV_VENDOR_APPLE;
3940 ev_msg.kev_class = KEV_NETWORK_CLASS;
3941 ev_msg.kev_subclass = KEV_INET6_SUBCLASS;
3942 ev_msg.event_code = event_code;
9bccf70c 3943
5ba3f43e
A		 3944 if (ifa) {
3945 IFA_LOCK(&ifa->ia_ifa);
0a7de745
A		 3946 in6_event_data.ia_addr = ifa->ia_addr;
3947 in6_event_data.ia_net = ifa->ia_net;
3948 in6_event_data.ia_dstaddr = ifa->ia_dstaddr;
3949 in6_event_data.ia_prefixmask = ifa->ia_prefixmask;
3950 in6_event_data.ia_plen = ifa->ia_plen;
3951 in6_event_data.ia6_flags = (u_int32_t)ifa->ia6_flags;
5ba3f43e
A		 3952
3953 /* retrieve time as calendar time (last arg is 1) */
3954 in6ifa_getlifetime(ifa, &ia6_lt, 1);
3955 in6_event_data.ia_lifetime.ia6t_expire = ia6_lt.ia6t_expire;
3956 in6_event_data.ia_lifetime.ia6t_preferred = ia6_lt.ia6t_preferred;
3957 in6_event_data.ia_lifetime.ia6t_vltime = ia6_lt.ia6t_vltime;
3958 in6_event_data.ia_lifetime.ia6t_pltime = ia6_lt.ia6t_pltime;
3959 IFA_UNLOCK(&ifa->ia_ifa);
3960 }
9bccf70c
A		 3961
3962 if (ifp != NULL) {
fe8ab488 3963 (void) strlcpy(&in6_event_data.link_data.if_name[0],
b0d623f7 3964 ifp->if_name, IFNAMSIZ);
9bccf70c 3965 in6_event_data.link_data.if_family = ifp->if_family;
39236c6e 3966 in6_event_data.link_data.if_unit = (u_int32_t)ifp->if_unit;
9bccf70c
A		 3967 }
3968
0a7de745
A		 3969 if (mac != NULL) {
3970 memcpy(&in6_event_data.ia_mac, mac,
fe8ab488 3971 sizeof(in6_event_data.ia_mac));
0a7de745 3972 }
fe8ab488 3973
9bccf70c 3974 ev_msg.dv[0].data_ptr = &in6_event_data;
0a7de745 3975 ev_msg.dv[0].data_length = sizeof(in6_event_data);
9bccf70c
A		 3976 ev_msg.dv[1].data_length = 0;
3977
39037602 3978 dlil_post_complete_msg(NULL, &ev_msg);
9bccf70c 3979}
b0d623f7
A		 3980
3981/*
3982 * Called as part of ip6_init
3983 */
3984void
3985in6_ifaddr_init(void)
3986{
39236c6e 3987 in6_cga_init();
6d2010ae
A		 3988 in6_multi_init();
3989
0a7de745 3990 PE_parse_boot_argn("ifa_debug", &in6ifa_debug, sizeof(in6ifa_debug));
b0d623f7 3991
0a7de745
A		 3992 in6ifa_size = (in6ifa_debug == 0) ? sizeof(struct in6_ifaddr) :
3993 sizeof(struct in6_ifaddr_dbg);
b0d623f7
A		 3994
3995 in6ifa_zone = zinit(in6ifa_size, IN6IFA_ZONE_MAX * in6ifa_size,
3996 0, IN6IFA_ZONE_NAME);
6d2010ae 3997 if (in6ifa_zone == NULL) {
b0d623f7 3998 panic("%s: failed allocating %s", __func__, IN6IFA_ZONE_NAME);
6d2010ae
A		 3999 /* NOTREACHED */
4000 }
b0d623f7 4001 zone_change(in6ifa_zone, Z_EXPAND, TRUE);
6d2010ae
A		 4002 zone_change(in6ifa_zone, Z_CALLERACCT, FALSE);
4003
4004 lck_mtx_init(&in6ifa_trash_lock, ifa_mtx_grp, ifa_mtx_attr);
4005 TAILQ_INIT(&in6ifa_trash_head);
b0d623f7
A		 4006}
4007
4008static struct in6_ifaddr *
4009in6_ifaddr_alloc(int how)
4010{
4011 struct in6_ifaddr *in6ifa;
4012
4013 in6ifa = (how == M_WAITOK) ? zalloc(in6ifa_zone) :
4014 zalloc_noblock(in6ifa_zone);
4015 if (in6ifa != NULL) {
4016 bzero(in6ifa, in6ifa_size);
4017 in6ifa->ia_ifa.ifa_free = in6_ifaddr_free;
4018 in6ifa->ia_ifa.ifa_debug |= IFD_ALLOC;
6d2010ae 4019 ifa_lock_init(&in6ifa->ia_ifa);
b0d623f7
A		 4020 if (in6ifa_debug != 0) {
4021 struct in6_ifaddr_dbg *in6ifa_dbg =
4022 (struct in6_ifaddr_dbg *)in6ifa;
4023 in6ifa->ia_ifa.ifa_debug |= IFD_DEBUG;
4024 in6ifa->ia_ifa.ifa_trace = in6_ifaddr_trace;
6d2010ae
A		 4025 in6ifa->ia_ifa.ifa_attached = in6_ifaddr_attached;
4026 in6ifa->ia_ifa.ifa_detached = in6_ifaddr_detached;
b0d623f7
A		 4027 ctrace_record(&in6ifa_dbg->in6ifa_alloc);
4028 }
4029 }
39236c6e 4030
0a7de745 4031 return in6ifa;
b0d623f7
A		 4032}
4033
4034static void
4035in6_ifaddr_free(struct ifaddr *ifa)
4036{
6d2010ae
A		 4037 IFA_LOCK_ASSERT_HELD(ifa);
4038
4039 if (ifa->ifa_refcnt != 0) {
b0d623f7 4040 panic("%s: ifa %p bad ref cnt", __func__, ifa);
6d2010ae
A		 4041 /* NOTREACHED */
4042 } else if (!(ifa->ifa_debug & IFD_ALLOC)) {
b0d623f7 4043 panic("%s: ifa %p cannot be freed", __func__, ifa);
6d2010ae
A		 4044 /* NOTREACHED */
4045 }
b0d623f7
A		 4046 if (ifa->ifa_debug & IFD_DEBUG) {
4047 struct in6_ifaddr_dbg *in6ifa_dbg =
4048 (struct in6_ifaddr_dbg *)ifa;
4049 ctrace_record(&in6ifa_dbg->in6ifa_free);
4050 bcopy(&in6ifa_dbg->in6ifa, &in6ifa_dbg->in6ifa_old,
0a7de745 4051 sizeof(struct in6_ifaddr));
6d2010ae
A		 4052 if (ifa->ifa_debug & IFD_TRASHED) {
4053 /* Become a regular mutex, just in case */
4054 IFA_CONVERT_LOCK(ifa);
4055 lck_mtx_lock(&in6ifa_trash_lock);
4056 TAILQ_REMOVE(&in6ifa_trash_head, in6ifa_dbg,
4057 in6ifa_trash_link);
4058 lck_mtx_unlock(&in6ifa_trash_lock);
4059 ifa->ifa_debug &= ~IFD_TRASHED;
4060 }
b0d623f7 4061 }
6d2010ae
A		 4062 IFA_UNLOCK(ifa);
4063 ifa_lock_destroy(ifa);
0a7de745 4064 bzero(ifa, sizeof(struct in6_ifaddr));
b0d623f7
A		 4065 zfree(in6ifa_zone, ifa);
4066}
4067
6d2010ae
A		 4068static void
4069in6_ifaddr_attached(struct ifaddr *ifa)
4070{
4071 struct in6_ifaddr_dbg *in6ifa_dbg = (struct in6_ifaddr_dbg *)ifa;
4072
4073 IFA_LOCK_ASSERT_HELD(ifa);
4074
4075 if (!(ifa->ifa_debug & IFD_DEBUG)) {
4076 panic("%s: ifa %p has no debug structure", __func__, ifa);
4077 /* NOTREACHED */
4078 }
4079 if (ifa->ifa_debug & IFD_TRASHED) {
4080 /* Become a regular mutex, just in case */
4081 IFA_CONVERT_LOCK(ifa);
4082 lck_mtx_lock(&in6ifa_trash_lock);
4083 TAILQ_REMOVE(&in6ifa_trash_head, in6ifa_dbg, in6ifa_trash_link);
4084 lck_mtx_unlock(&in6ifa_trash_lock);
4085 ifa->ifa_debug &= ~IFD_TRASHED;
4086 }
4087}
4088
4089static void
4090in6_ifaddr_detached(struct ifaddr *ifa)
4091{
4092 struct in6_ifaddr_dbg *in6ifa_dbg = (struct in6_ifaddr_dbg *)ifa;
4093
4094 IFA_LOCK_ASSERT_HELD(ifa);
4095
4096 if (!(ifa->ifa_debug & IFD_DEBUG)) {
4097 panic("%s: ifa %p has no debug structure", __func__, ifa);
4098 /* NOTREACHED */
4099 } else if (ifa->ifa_debug & IFD_TRASHED) {
4100 panic("%s: ifa %p is already in trash list", __func__, ifa);
4101 /* NOTREACHED */
4102 }
4103 ifa->ifa_debug |= IFD_TRASHED;
4104 /* Become a regular mutex, just in case */
4105 IFA_CONVERT_LOCK(ifa);
4106 lck_mtx_lock(&in6ifa_trash_lock);
4107 TAILQ_INSERT_TAIL(&in6ifa_trash_head, in6ifa_dbg, in6ifa_trash_link);
4108 lck_mtx_unlock(&in6ifa_trash_lock);
4109}
4110
b0d623f7
A		 4111static void
4112in6_ifaddr_trace(struct ifaddr *ifa, int refhold)
4113{
4114 struct in6_ifaddr_dbg *in6ifa_dbg = (struct in6_ifaddr_dbg *)ifa;
4115 ctrace_t *tr;
4116 u_int32_t idx;
4117 u_int16_t *cnt;
4118
6d2010ae 4119 if (!(ifa->ifa_debug & IFD_DEBUG)) {
b0d623f7 4120 panic("%s: ifa %p has no debug structure", __func__, ifa);
6d2010ae
A		 4121 /* NOTREACHED */
4122 }
b0d623f7
A		 4123 if (refhold) {
4124 cnt = &in6ifa_dbg->in6ifa_refhold_cnt;
4125 tr = in6ifa_dbg->in6ifa_refhold;
4126 } else {
4127 cnt = &in6ifa_dbg->in6ifa_refrele_cnt;
4128 tr = in6ifa_dbg->in6ifa_refrele;
4129 }
4130
6d2010ae 4131 idx = atomic_add_16_ov(cnt, 1) % IN6IFA_TRACE_HIST_SIZE;
b0d623f7
A		 4132 ctrace_record(&tr[idx]);
4133}
316670eb 4134
39236c6e
A		 4135/*
4136 * Handle SIOCGASSOCIDS ioctl for PF_INET6 domain.
4137 */
4138static int
4139in6_getassocids(struct socket *so, uint32_t *cnt, user_addr_t aidp)
4140{
4141 struct in6pcb *in6p = sotoin6pcb(so);
3e170ce0 4142 sae_associd_t aid;
39236c6e 4143
0a7de745
A		 4144 if (in6p == NULL || in6p->inp_state == INPCB_STATE_DEAD) {
4145 return EINVAL;
4146 }
39236c6e
A		 4147
4148 /* IN6PCB has no concept of association */
3e170ce0 4149 aid = SAE_ASSOCID_ANY;
39236c6e
A		 4150 *cnt = 0;
4151
4152 /* just asking how many there are? */
0a7de745
A		 4153 if (aidp == USER_ADDR_NULL) {
4154 return 0;
4155 }
39236c6e 4156
0a7de745 4157 return copyout(&aid, aidp, sizeof(aid));
39236c6e
A		 4158}
4159
4160/*
4161 * Handle SIOCGCONNIDS ioctl for PF_INET6 domain.
4162 */
4163static int
3e170ce0 4164in6_getconnids(struct socket *so, sae_associd_t aid, uint32_t *cnt,
39236c6e
A		 4165 user_addr_t cidp)
4166{
4167 struct in6pcb *in6p = sotoin6pcb(so);
3e170ce0 4168 sae_connid_t cid;
39236c6e 4169
0a7de745
A		 4170 if (in6p == NULL || in6p->inp_state == INPCB_STATE_DEAD) {
4171 return EINVAL;
4172 }
39236c6e 4173
0a7de745
A		 4174 if (aid != SAE_ASSOCID_ANY && aid != SAE_ASSOCID_ALL) {
4175 return EINVAL;
4176 }
39236c6e
A		 4177
4178 /* if connected, return 1 connection count */
4179 *cnt = ((so->so_state & SS_ISCONNECTED) ? 1 : 0);
4180
4181 /* just asking how many there are? */
0a7de745
A		 4182 if (cidp == USER_ADDR_NULL) {
4183 return 0;
4184 }
39236c6e
A		 4185
4186 /* if IN6PCB is connected, assign it connid 1 */
3e170ce0 4187 cid = ((*cnt != 0) ? 1 : SAE_CONNID_ANY);
39236c6e 4188
0a7de745 4189 return copyout(&cid, cidp, sizeof(cid));
39236c6e
A		 4190}
4191
4192/*
4193 * Handle SIOCGCONNINFO ioctl for PF_INET6 domain.
4194 */
5ba3f43e 4195int
3e170ce0 4196in6_getconninfo(struct socket *so, sae_connid_t cid, uint32_t *flags,
39236c6e
A		 4197 uint32_t *ifindex, int32_t *soerror, user_addr_t src, socklen_t *src_len,
4198 user_addr_t dst, socklen_t *dst_len, uint32_t *aux_type,
4199 user_addr_t aux_data, uint32_t *aux_len)
4200{
39236c6e
A		 4201 struct in6pcb *in6p = sotoin6pcb(so);
4202 struct sockaddr_in6 sin6;
4203 struct ifnet *ifp = NULL;
4204 int error = 0;
4205 u_int32_t copy_len = 0;
4206
4207 /*
4208 * Don't test for INPCB_STATE_DEAD since this may be called
4209 * after SOF_PCBCLEARING is set, e.g. after tcp_close().
4210 */
4211 if (in6p == NULL) {
4212 error = EINVAL;
4213 goto out;
4214 }
4215
3e170ce0 4216 if (cid != SAE_CONNID_ANY && cid != SAE_CONNID_ALL && cid != 1) {
39236c6e
A		 4217 error = EINVAL;
4218 goto out;
4219 }
4220
4221 ifp = in6p->in6p_last_outifp;
4222 *ifindex = ((ifp != NULL) ? ifp->if_index : 0);
4223 *soerror = so->so_error;
4224 *flags = 0;
0a7de745 4225 if (so->so_state & SS_ISCONNECTED) {
39236c6e 4226 *flags |= (CIF_CONNECTED | CIF_PREFERRED);
0a7de745
A		 4227 }
4228 if (in6p->in6p_flags & INP_BOUND_IF) {
39236c6e 4229 *flags |= CIF_BOUND_IF;
0a7de745
A		 4230 }
4231 if (!(in6p->in6p_flags & INP_IN6ADDR_ANY)) {
39236c6e 4232 *flags |= CIF_BOUND_IP;
0a7de745
A		 4233 }
4234 if (!(in6p->in6p_flags & INP_ANONPORT)) {
39236c6e 4235 *flags |= CIF_BOUND_PORT;
0a7de745 4236 }
39236c6e 4237
0a7de745
A		 4238 bzero(&sin6, sizeof(sin6));
4239 sin6.sin6_len = sizeof(sin6);
39236c6e
A		 4240 sin6.sin6_family = AF_INET6;
4241
4242 /* source address and port */
4243 sin6.sin6_port = in6p->in6p_lport;
fe8ab488 4244 in6_recoverscope(&sin6, &in6p->in6p_laddr, NULL);
39236c6e
A		 4245 if (*src_len == 0) {
4246 *src_len = sin6.sin6_len;
4247 } else {
4248 if (src != USER_ADDR_NULL) {
0a7de745 4249 copy_len = min(*src_len, sizeof(sin6));
39236c6e 4250 error = copyout(&sin6, src, copy_len);
0a7de745 4251 if (error != 0) {
39236c6e 4252 goto out;
0a7de745 4253 }
39236c6e
A		 4254 *src_len = copy_len;
4255 }
4256 }
4257
4258 /* destination address and port */
4259 sin6.sin6_port = in6p->in6p_fport;
fe8ab488 4260 in6_recoverscope(&sin6, &in6p->in6p_faddr, NULL);
39236c6e
A		 4261 if (*dst_len == 0) {
4262 *dst_len = sin6.sin6_len;
4263 } else {
4264 if (dst != USER_ADDR_NULL) {
0a7de745 4265 copy_len = min(*dst_len, sizeof(sin6));
39236c6e 4266 error = copyout(&sin6, dst, copy_len);
0a7de745 4267 if (error != 0) {
39236c6e 4268 goto out;
0a7de745 4269 }
39236c6e
A		 4270 *dst_len = copy_len;
4271 }
4272 }
4273
39236c6e
A		 4274 if (SOCK_PROTO(so) == IPPROTO_TCP) {
4275 struct conninfo_tcp tcp_ci;
4276
4277 *aux_type = CIAUX_TCP;
4278 if (*aux_len == 0) {
0a7de745 4279 *aux_len = sizeof(tcp_ci);
39236c6e
A		 4280 } else {
4281 if (aux_data != USER_ADDR_NULL) {
0a7de745
A		 4282 copy_len = min(*aux_len, sizeof(tcp_ci));
4283 bzero(&tcp_ci, sizeof(tcp_ci));
39236c6e
A		 4284 tcp_getconninfo(so, &tcp_ci);
4285 error = copyout(&tcp_ci, aux_data, copy_len);
0a7de745 4286 if (error != 0) {
39236c6e 4287 goto out;
0a7de745 4288 }
39236c6e
A		 4289 *aux_len = copy_len;
4290 }
4291 }
5ba3f43e
A		 4292 } else {
4293 *aux_type = 0;
4294 *aux_len = 0;
39236c6e
A		 4295 }
4296
4297out:
0a7de745 4298 return error;
39236c6e
A		 4299}
4300
4301/*
4302 * 'u' group ioctls.
4303 *
4304 * The switch statement below does nothing at runtime, as it serves as a
4305 * compile time check to ensure that all of the socket 'u' ioctls (those
4306 * in the 'u' group going thru soo_ioctl) that are made available by the
4307 * networking stack is unique. This works as long as this routine gets
4308 * updated each time a new interface ioctl gets added.
4309 *
4310 * Any failures at compile time indicates duplicated ioctl values.
4311 */
4312static __attribute__((unused)) void
4313in6ioctl_cassert(void)
4314{
4315 /*
4316 * This is equivalent to _CASSERT() and the compiler wouldn't
4317 * generate any instructions, thus for compile time only.
4318 */
4319 switch ((u_long)0) {
4320 case 0:
4321
4322 /* bsd/netinet6/in6_var.h */
39236c6e
A		 4323 case SIOCAADDRCTL_POLICY:
4324 case SIOCDADDRCTL_POLICY:
4325 case SIOCDRADD_IN6_32:
4326 case SIOCDRADD_IN6_64:
4327 case SIOCDRDEL_IN6_32:
4328 case SIOCDRDEL_IN6_64:
4329 ;
4330 }
4331}
5ba3f43e
A		 4332
4333struct in6_llentry {
4334 struct llentry base;
4335};
4336
4337#define IN6_LLTBL_DEFAULT_HSIZE 32
4338#define IN6_LLTBL_HASH(k, h) \
4339 ((((((((k) >> 8) ^ (k)) >> 8) ^ (k)) >> 8) ^ (k)) & ((h) - 1))
4340
4341/*
4342 * Do actual deallocation of @lle.
4343 */
4344static void
4345in6_lltable_destroy_lle_unlocked(struct llentry *lle)
4346{
4347 LLE_LOCK_DESTROY(lle);
4348 LLE_REQ_DESTROY(lle);
4349 FREE(lle, M_LLTABLE);
4350}
4351
4352/*
4353 * Called by LLE_FREE_LOCKED when number of references
4354 * drops to zero.
4355 */
4356static void
4357in6_lltable_destroy_lle(struct llentry *lle)
4358{
4359 LLE_WUNLOCK(lle);
4360 /* XXX TBD */
4361 //thread_call_free(lle->lle_timer);
4362 in6_lltable_destroy_lle_unlocked(lle);
4363}
4364
4365
4366static struct llentry *
4367in6_lltable_new(const struct in6_addr *addr6, u_int flags)
4368{
4369#pragma unused(flags)
4370 struct in6_llentry *lle;
4371
4372 MALLOC(lle, struct in6_llentry *, sizeof(struct in6_llentry), M_LLTABLE, M_NOWAIT | M_ZERO);
0a7de745 4373 if (lle == NULL) { /* NB: caller generates msg */
5ba3f43e 4374 return NULL;
0a7de745 4375 }
5ba3f43e
A		 4376
4377 lle->base.r_l3addr.addr6 = *addr6;
4378 lle->base.lle_refcnt = 1;
4379 lle->base.lle_free = in6_lltable_destroy_lle;
4380 LLE_LOCK_INIT(&lle->base);
4381 LLE_REQ_INIT(&lle->base);
4382#if 0
4383 /* XXX TBD */
4384 lle->base.lle_timer = thread_call_allocate(nd6_llinfo_timer, lle);
4385
4386 if (lle->base.lle_timer == NULL) {
4387 printf("lle_timer thread call could not be allocated.\n");
4388 LLE_LOCK_DESTROY(&lle->base);
4389 LLE_REQ_DESTROY(&lle->base);
4390 FREE(lle, M_LLTABLE);
4391 return NULL;
4392 }
4393#endif
0a7de745 4394 return &lle->base;
5ba3f43e
A		 4395}
4396
4397static int
4398in6_lltable_match_prefix(const struct sockaddr *saddr,
0a7de745 4399 const struct sockaddr *smask, u_int flags, struct llentry *lle)
5ba3f43e
A		 4400{
4401 const struct in6_addr *addr, *mask, *lle_addr;
4402
4403 addr = &((const struct sockaddr_in6 *)(const void *)saddr)->sin6_addr;
4404 mask = &((const struct sockaddr_in6 *)(const void *)smask)->sin6_addr;
4405 lle_addr = &lle->r_l3addr.addr6;
4406
0a7de745
A		 4407 if (IN6_ARE_MASKED_ADDR_EQUAL(lle_addr, addr, mask) == 0) {
4408 return 0;
4409 }
5ba3f43e
A		 4410
4411 if (lle->la_flags & LLE_IFADDR) {
4412 /*
4413 * Delete LLE_IFADDR records IFF address & flag matches.
4414 * Note that addr is the interface address within prefix
4415 * being matched.
4416 */
4417 if (IN6_ARE_ADDR_EQUAL(addr, lle_addr) &&
0a7de745
A		 4418 (flags & LLE_STATIC) != 0) {
4419 return 1;
4420 }
4421 return 0;
5ba3f43e
A		 4422 }
4423
4424 /* flags & LLE_STATIC means deleting both dynamic and static entries */
0a7de745
A		 4425 if ((flags & LLE_STATIC) || !(lle->la_flags & LLE_STATIC)) {
4426 return 1;
4427 }
5ba3f43e 4428
0a7de745 4429 return 0;
5ba3f43e
A		 4430}
4431
4432static void
4433in6_lltable_free_entry(struct lltable *llt, struct llentry *lle)
4434{
4435 struct ifnet *ifp;
4436
4437 LLE_WLOCK_ASSERT(lle);
4438 KASSERT(llt != NULL, ("lltable is NULL"));
4439
4440 /* Unlink entry from table */
4441 if ((lle->la_flags & LLE_LINKED) != 0) {
4442 ifp = llt->llt_ifp;
4443 if_afdata_wlock_assert(ifp, llt->llt_af);
4444 lltable_unlink_entry(llt, lle);
4445 }
4446
4447#if 0
4448 /* XXX TBD */
0a7de745 4449 if (thread_call_cancel(lle->lle_timer) == TRUE) {
5ba3f43e 4450 LLE_REMREF(lle);
0a7de745 4451 }
5ba3f43e
A		 4452#endif
4453 llentry_free(lle);
4454}
4455
4456static int
4457in6_lltable_rtcheck(struct ifnet *ifp,
0a7de745 4458 u_int flags, const struct sockaddr *l3addr)
5ba3f43e
A		 4459{
4460#pragma unused(flags)
4461 struct rtentry *rt;
4462
4463 KASSERT(l3addr->sa_family == AF_INET6,
0a7de745 4464 ("sin_family %d", l3addr->sa_family));
5ba3f43e
A		 4465 /* XXX rtalloc1 should take a const param */
4466 rt = rtalloc1(__DECONST(struct sockaddr *, l3addr), 0, 0);
4467 if (rt == NULL || (rt->rt_flags & RTF_GATEWAY) || rt->rt_ifp != ifp) {
4468 struct ifaddr *ifa;
4469 /*
4470 * Create an ND6 cache for an IPv6 neighbor
4471 * that is not covered by our own prefix.
4472 */
4473 /* XXX ifaof_ifpforaddr should take a const param */
4474 ifa = ifaof_ifpforaddr(__DECONST(struct sockaddr *, l3addr), ifp);
4475 if (ifa != NULL) {
4476 IFA_REMREF(ifa);
0a7de745 4477 if (rt != NULL) {
5ba3f43e 4478 rtfree(rt);
0a7de745 4479 }
5ba3f43e
A		 4480 return 0;
4481 }
4482 log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n",
4483 ip6_sprintf(&((const struct sockaddr_in6 *)(const void *)l3addr)->sin6_addr));
0a7de745 4484 if (rt != NULL) {
5ba3f43e 4485 rtfree(rt);
0a7de745 4486 }
5ba3f43e
A		 4487 return EINVAL;
4488 }
4489 rtfree(rt);
4490 return 0;
4491}
4492
4493static inline uint32_t
4494in6_lltable_hash_dst(const struct in6_addr *dst, uint32_t hsize)
4495{
0a7de745 4496 return IN6_LLTBL_HASH(dst->s6_addr32[3], hsize);
5ba3f43e
A		 4497}
4498
4499static uint32_t
4500in6_lltable_hash(const struct llentry *lle, uint32_t hsize)
4501{
0a7de745 4502 return in6_lltable_hash_dst(&lle->r_l3addr.addr6, hsize);
5ba3f43e
A		 4503}
4504
4505static void
4506in6_lltable_fill_sa_entry(const struct llentry *lle, struct sockaddr *sa)
4507{
4508 struct sockaddr_in6 *sin6;
4509
4510 sin6 = (struct sockaddr_in6 *)(void *)sa;
4511 bzero(sin6, sizeof(*sin6));
4512 sin6->sin6_family = AF_INET6;
4513 sin6->sin6_len = sizeof(*sin6);
4514 sin6->sin6_addr = lle->r_l3addr.addr6;
4515}
4516
4517static inline struct llentry *
4518in6_lltable_find_dst(struct lltable *llt, const struct in6_addr *dst)
4519{
4520 struct llentry *lle;
4521 struct llentries *lleh;
4522 u_int hashidx;
4523
4524 hashidx = in6_lltable_hash_dst(dst, llt->llt_hsize);
4525 lleh = &llt->lle_head[hashidx];
4526 LIST_FOREACH(lle, lleh, lle_next) {
0a7de745 4527 if (lle->la_flags & LLE_DELETED) {
5ba3f43e 4528 continue;
0a7de745
A		 4529 }
4530 if (IN6_ARE_ADDR_EQUAL(&lle->r_l3addr.addr6, dst)) {
5ba3f43e 4531 break;
0a7de745 4532 }
5ba3f43e
A		 4533 }
4534
0a7de745 4535 return lle;
5ba3f43e
A		 4536}
4537
4538static void
4539in6_lltable_delete_entry(struct lltable *llt, struct llentry *lle)
4540{
4541#pragma unused(llt)
4542 lle->la_flags |= LLE_DELETED;
4543 EVENTHANDLER_INVOKE(NULL, lle_event, lle, LLENTRY_DELETED);
4544#ifdef DIAGNOSTIC
4545 log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle);
4546#endif
4547 llentry_free(lle);
4548}
4549
4550static struct llentry *
4551in6_lltable_alloc(struct lltable *llt, u_int flags,
0a7de745 4552 const struct sockaddr *l3addr)
5ba3f43e
A		 4553{
4554 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)(const void *)l3addr;
4555 struct ifnet *ifp = llt->llt_ifp;
4556 struct llentry *lle;
4557
4558 KASSERT(l3addr->sa_family == AF_INET6,
0a7de745 4559 ("sin_family %d", l3addr->sa_family));
5ba3f43e
A		 4560
4561 /*
4562 * A route that covers the given address must have
4563 * been installed 1st because we are doing a resolution,
4564 * verify this.
4565 */
4566 if (!(flags & LLE_IFADDR) &&
0a7de745
A		 4567 in6_lltable_rtcheck(ifp, flags, l3addr) != 0) {
4568 return NULL;
4569 }
5ba3f43e
A		 4570
4571 lle = in6_lltable_new(&sin6->sin6_addr, flags);
4572 if (lle == NULL) {
4573 log(LOG_INFO, "lla_lookup: new lle malloc failed\n");
0a7de745 4574 return NULL;
5ba3f43e
A		 4575 }
4576 lle->la_flags = flags;
4577 if ((flags & LLE_IFADDR) == LLE_IFADDR) {
4578 lltable_set_entry_addr(ifp, lle, LLADDR(SDL(ifp->if_lladdr->ifa_addr)));
4579 lle->la_flags |= LLE_STATIC;
4580 }
4581
0a7de745 4582 if ((lle->la_flags & LLE_STATIC) != 0) {
5ba3f43e 4583 lle->ln_state = ND6_LLINFO_REACHABLE;
0a7de745 4584 }
5ba3f43e 4585
0a7de745 4586 return lle;
5ba3f43e
A		 4587}
4588
4589static struct llentry *
4590in6_lltable_lookup(struct lltable *llt, u_int flags,
0a7de745 4591 const struct sockaddr *l3addr)
5ba3f43e
A		 4592{
4593 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)(const void *)l3addr;
4594 struct llentry *lle;
4595
4596 IF_AFDATA_LOCK_ASSERT(llt->llt_ifp, llt->llt_af);
4597 KASSERT(l3addr->sa_family == AF_INET6,
0a7de745 4598 ("sin_family %d", l3addr->sa_family));
5ba3f43e
A		 4599
4600 lle = in6_lltable_find_dst(llt, &sin6->sin6_addr);
4601
0a7de745
A		 4602 if (lle == NULL) {
4603 return NULL;
4604 }
5ba3f43e 4605
0a7de745
A		 4606 KASSERT((flags & (LLE_UNLOCKED | LLE_EXCLUSIVE)) !=
4607 (LLE_UNLOCKED | LLE_EXCLUSIVE), ("wrong lle request flags: 0x%X",
4608 flags));
5ba3f43e 4609
0a7de745
A		 4610 if (flags & LLE_UNLOCKED) {
4611 return lle;
4612 }
5ba3f43e 4613
0a7de745 4614 if (flags & LLE_EXCLUSIVE) {
5ba3f43e 4615 LLE_WLOCK(lle);
0a7de745 4616 } else {
5ba3f43e 4617 LLE_RLOCK(lle);
0a7de745
A		 4618 }
4619 return lle;
5ba3f43e
A		 4620}
4621
4622static int
4623in6_lltable_dump_entry(struct lltable *llt, struct llentry *lle,
0a7de745 4624 struct sysctl_req *wr)
5ba3f43e
A		 4625{
4626 struct ifnet *ifp = llt->llt_ifp;
4627 /* XXX stack use */
4628 struct {
4629 struct rt_msghdr rtm;
4630 struct sockaddr_in6 sin6;
4631 /*
4632 * ndp.c assumes that sdl is word aligned
4633 */
4634#ifdef __LP64__
4635 uint32_t pad;
4636#endif
4637 struct sockaddr_dl sdl;
4638 } ndpc;
4639 struct sockaddr_dl *sdl;
4640 int error;
4641
4642 bzero(&ndpc, sizeof(ndpc));
4643 /* skip deleted entries */
0a7de745
A		 4644 if ((lle->la_flags & LLE_DELETED) == LLE_DELETED) {
4645 return 0;
4646 }
5ba3f43e
A		 4647 /* Skip if jailed and not a valid IP of the prison. */
4648 lltable_fill_sa_entry(lle,
0a7de745 4649 (struct sockaddr *)&ndpc.sin6);
5ba3f43e
A		 4650 /*
4651 * produce a msg made of:
4652 * struct rt_msghdr;
4653 * struct sockaddr_in6 (IPv6)
4654 * struct sockaddr_dl;
4655 */
4656 ndpc.rtm.rtm_msglen = sizeof(ndpc);
4657 ndpc.rtm.rtm_version = RTM_VERSION;
4658 ndpc.rtm.rtm_type = RTM_GET;
4659 ndpc.rtm.rtm_flags = RTF_UP;
4660 ndpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY;
4661
4662 /* publish */
0a7de745 4663 if (lle->la_flags & LLE_PUB) {
5ba3f43e 4664 ndpc.rtm.rtm_flags |= RTF_ANNOUNCE;
0a7de745 4665 }
5ba3f43e
A		 4666 sdl = &ndpc.sdl;
4667 sdl->sdl_family = AF_LINK;
4668 sdl->sdl_len = sizeof(*sdl);
4669 sdl->sdl_index = ifp->if_index;
4670 sdl->sdl_type = ifp->if_type;
4671 if ((lle->la_flags & LLE_VALID) == LLE_VALID) {
4672 sdl->sdl_alen = ifp->if_addrlen;
4673 bcopy(&lle->ll_addr, LLADDR(sdl), ifp->if_addrlen);
4674 } else {
4675 sdl->sdl_alen = 0;
4676 bzero(LLADDR(sdl), ifp->if_addrlen);
4677 }
4678 if (lle->la_expire != 0) {
4679 clock_sec_t secs;
4680 clock_usec_t usecs;
4681
4682 clock_get_calendar_microtime(&secs, &usecs);
4683 ndpc.rtm.rtm_rmx.rmx_expire = lle->la_expire +
0a7de745
A		 4684 lle->lle_remtime / hz +
4685 secs - net_uptime();
5ba3f43e
A		 4686 }
4687 ndpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA);
0a7de745 4688 if (lle->la_flags & LLE_STATIC) {
5ba3f43e 4689 ndpc.rtm.rtm_flags |= RTF_STATIC;
0a7de745
A		 4690 }
4691 if (lle->la_flags & LLE_IFADDR) {
5ba3f43e 4692 ndpc.rtm.rtm_flags |= RTF_PINNED;
0a7de745
A		 4693 }
4694 if (lle->ln_router != 0) {
5ba3f43e 4695 ndpc.rtm.rtm_flags |= RTF_GATEWAY;
0a7de745 4696 }
5ba3f43e
A		 4697 ndpc.rtm.rtm_rmx.rmx_pksent = lle->la_asked;
4698 /* Store state in rmx_weight value */
4699 ndpc.rtm.rtm_rmx.rmx_state = lle->ln_state;
4700 ndpc.rtm.rtm_index = ifp->if_index;
4701 error = SYSCTL_OUT(wr, &ndpc, sizeof(ndpc));
4702
0a7de745 4703 return error;
5ba3f43e
A		 4704}
4705
4706struct lltable *
4707in6_lltattach(struct ifnet *ifp)
4708{
4709 struct lltable *llt;
4710
4711 llt = lltable_allocate_htbl(IN6_LLTBL_DEFAULT_HSIZE);
4712 llt->llt_af = AF_INET6;
4713 llt->llt_ifp = ifp;
4714
4715 llt->llt_lookup = in6_lltable_lookup;
4716 llt->llt_alloc_entry = in6_lltable_alloc;
4717 llt->llt_delete_entry = in6_lltable_delete_entry;
4718 llt->llt_dump_entry = in6_lltable_dump_entry;
4719 llt->llt_hash = in6_lltable_hash;
4720 llt->llt_fill_sa_entry = in6_lltable_fill_sa_entry;
4721 llt->llt_free_entry = in6_lltable_free_entry;
4722 llt->llt_match_prefix = in6_lltable_match_prefix;
4723 lltable_link(llt);
4724
0a7de745 4725 return llt;
5ba3f43e
A		 4726}
4727
4728void
4729in6_ip6_to_sockaddr(const struct in6_addr *ip6, u_int16_t port,
0a7de745 4730 struct sockaddr_in6 *sin6, u_int32_t maxlen)
5ba3f43e
A		 4731{
4732 if (maxlen < sizeof(struct sockaddr_in6)) {
4733 return;
4734 }
4735
4736 *sin6 = (struct sockaddr_in6) {
4737 .sin6_family = AF_INET6,
4738 .sin6_len = sizeof(*sin6),
4739 .sin6_port = port,
4740 .sin6_addr = *ip6,
4741 };
4742
0a7de745 4743 if (IN6_IS_SCOPE_EMBED(&sin6->sin6_addr)) {
5ba3f43e
A		 4744 sin6->sin6_scope_id = ntohs(sin6->sin6_addr.s6_addr16[1]);
4745 sin6->sin6_addr.s6_addr16[1] = 0;
4746 }
4747}
4748
4749/* IPv6 events */
4750struct in6_event {
4751 in6_evhdlr_code_t in6_event_code;
4752 struct ifnet *in6_ifp;
4753 struct in6_addr in6_address;
4754 uint32_t val;
4755};
4756
4757struct in6_event2kev in6_event2kev_array[IN6_EVENT_MAX] = {
0a7de745
A		 4758 {
4759 .in6_event_code = IN6_ADDR_MARKED_DUPLICATED,
4760 .in6_event_kev_subclass = KEV_ND6_SUBCLASS,
4761 .in6_event_kev_code = KEV_ND6_DAD_FAILURE,
4762 .in6_event_str = "IN6_ADDR_MARKED_DUPLICATED",
4763 },
4764 {
4765 .in6_event_code = IN6_ADDR_MARKED_DETACHED,
4766 .in6_event_kev_subclass = KEV_ND6_SUBCLASS,
4767 .in6_event_kev_code = KEV_ND6_ADDR_DETACHED,
4768 .in6_event_str = "IN6_ADDR_MARKED_DETACHED",
4769 },
4770 {
4771 .in6_event_code = IN6_ADDR_MARKED_DEPRECATED,
4772 .in6_event_kev_subclass = KEV_ND6_SUBCLASS,
4773 .in6_event_kev_code = KEV_ND6_ADDR_DEPRECATED,
4774 .in6_event_str = "IN6_ADDR_MARKED_DEPRECATED",
4775 },
4776 {
4777 .in6_event_code = IN6_NDP_RTR_EXPIRY,
4778 .in6_event_kev_subclass = KEV_ND6_SUBCLASS,
4779 .in6_event_kev_code = KEV_ND6_RTR_EXPIRED,
4780 .in6_event_str = "IN6_NDP_RTR_EXPIRY",
4781 },
4782 {
4783 .in6_event_code = IN6_NDP_PFX_EXPIRY,
4784 .in6_event_kev_subclass = KEV_ND6_SUBCLASS,
4785 .in6_event_kev_code = KEV_ND6_PFX_EXPIRED,
4786 .in6_event_str = "IN6_NDP_PFX_EXPIRY",
4787 },
4788 {
4789 .in6_event_code = IN6_NDP_ADDR_EXPIRY,
4790 .in6_event_kev_subclass = KEV_ND6_SUBCLASS,
4791 .in6_event_kev_code = KEV_ND6_ADDR_EXPIRED,
4792 .in6_event_str = "IN6_NDP_ADDR_EXPIRY",
4793 },
5ba3f43e
A		 4794};
4795
4796void
4797in6_eventhdlr_callback(struct eventhandler_entry_arg arg0 __unused,
4798 in6_evhdlr_code_t in6_ev_code, struct ifnet *ifp,
4799 struct in6_addr *p_addr6, uint32_t val)
4800{
4801 struct kev_msg ev_msg;
4802 struct kev_nd6_event nd6_event;
4803
4804 bzero(&ev_msg, sizeof(ev_msg));
4805 bzero(&nd6_event, sizeof(nd6_event));
4806
4807 nd6log0((LOG_INFO, "%s Event %s received for %s\n",
4808 __func__, in6_event2kev_array[in6_ev_code].in6_event_str,
4809 ip6_sprintf(p_addr6)));
4810
4811 ev_msg.vendor_code = KEV_VENDOR_APPLE;
4812 ev_msg.kev_class = KEV_NETWORK_CLASS;
4813 ev_msg.kev_subclass =
4814 in6_event2kev_array[in6_ev_code].in6_event_kev_subclass;
4815 ev_msg.event_code =
4816 in6_event2kev_array[in6_ev_code].in6_event_kev_code;
4817
4818 nd6_event.link_data.if_family = ifp->if_family;
4819 nd6_event.link_data.if_unit = ifp->if_unit;
4820 strlcpy(nd6_event.link_data.if_name, ifp->if_name,
4821 sizeof(nd6_event.link_data.if_name));
4822
4823 VERIFY(p_addr6 != NULL);
4824 bcopy(p_addr6, &nd6_event.in6_address,
4825 sizeof(nd6_event.in6_address));
4826 nd6_event.val = val;
4827
4828 ev_msg.dv[0].data_ptr = &nd6_event;
4829 ev_msg.dv[0].data_length = sizeof(nd6_event);
4830
4831 kev_post_msg(&ev_msg);
4832}
4833
4834static void
4835in6_event_callback(void *arg)
4836{
4837 struct in6_event *p_in6_ev = (struct in6_event *)arg;
4838
4839 EVENTHANDLER_INVOKE(&in6_evhdlr_ctxt, in6_event,
4840 p_in6_ev->in6_event_code, p_in6_ev->in6_ifp,
4841 &p_in6_ev->in6_address, p_in6_ev->val);
4842}
4843
0a7de745 4844struct in6_event_nwk_wq_entry {
5ba3f43e
A		 4845 struct nwk_wq_entry nwk_wqe;
4846 struct in6_event in6_ev_arg;
4847};
4848
4849void
4850in6_event_enqueue_nwk_wq_entry(in6_evhdlr_code_t in6_event_code,
4851 struct ifnet *ifp, struct in6_addr *p_addr6,
4852 uint32_t val)
4853{
4854 struct in6_event_nwk_wq_entry *p_in6_ev = NULL;
4855
4856 MALLOC(p_in6_ev, struct in6_event_nwk_wq_entry *,
4857 sizeof(struct in6_event_nwk_wq_entry),
4858 M_NWKWQ, M_WAITOK | M_ZERO);
4859
4860 p_in6_ev->nwk_wqe.func = in6_event_callback;
4861 p_in6_ev->nwk_wqe.is_arg_managed = TRUE;
4862 p_in6_ev->nwk_wqe.arg = &p_in6_ev->in6_ev_arg;
4863
4864 p_in6_ev->in6_ev_arg.in6_event_code = in6_event_code;
4865 p_in6_ev->in6_ev_arg.in6_ifp = ifp;
4866 if (p_addr6 != NULL) {
4867 bcopy(p_addr6, &p_in6_ev->in6_ev_arg.in6_address,
4868 sizeof(p_in6_ev->in6_ev_arg.in6_address));
4869 }
4870 p_in6_ev->in6_ev_arg.val = val;
4871
4872 nwk_wq_enqueue((struct nwk_wq_entry*)p_in6_ev);
4873}
mirror of XNU