]> git.saurik.com Git - apple/xnu.git/blame - bsd/netinet6/in6.c
projects / apple / xnu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
xnu-4570.41.2.tar.gz
[apple/xnu.git] / bsd / netinet6 / in6.c
CommitLineData
2d21ac55 1/*
5ba3f43e 2 * Copyright (c) 2003-2017 Apple Inc. All rights reserved.
2d21ac55
A		 3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28
1c79356b
A		 29/*
30 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
31 * All rights reserved.
32 *
33 * Redistribution and use in source and binary forms, with or without
34 * modification, are permitted provided that the following conditions
35 * are met:
36 * 1. Redistributions of source code must retain the above copyright
37 * notice, this list of conditions and the following disclaimer.
38 * 2. Redistributions in binary form must reproduce the above copyright
39 * notice, this list of conditions and the following disclaimer in the
40 * documentation and/or other materials provided with the distribution.
41 * 3. Neither the name of the project nor the names of its contributors
42 * may be used to endorse or promote products derived from this software
43 * without specific prior written permission.
44 *
45 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
46 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
47 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
48 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
49 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
50 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
51 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
52 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
53 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
54 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
55 * SUCH DAMAGE.
56 */
57
58/*
59 * Copyright (c) 1982, 1986, 1991, 1993
60 * The Regents of the University of California. All rights reserved.
61 *
62 * Redistribution and use in source and binary forms, with or without
63 * modification, are permitted provided that the following conditions
64 * are met:
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 * 2. Redistributions in binary form must reproduce the above copyright
68 * notice, this list of conditions and the following disclaimer in the
69 * documentation and/or other materials provided with the distribution.
70 * 3. All advertising materials mentioning features or use of this software
71 * must display the following acknowledgement:
72 * This product includes software developed by the University of
73 * California, Berkeley and its contributors.
74 * 4. Neither the name of the University nor the names of its contributors
75 * may be used to endorse or promote products derived from this software
76 * without specific prior written permission.
77 *
78 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
79 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
80 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
81 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
82 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
83 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
84 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
85 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
86 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
87 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
88 * SUCH DAMAGE.
89 *
90 * @(#)in.c 8.2 (Berkeley) 11/15/93
91 */
92
1c79356b
A		 93
94#include <sys/param.h>
1c79356b 95#include <sys/ioctl.h>
1c79356b
A		 96#include <sys/errno.h>
97#include <sys/malloc.h>
98#include <sys/socket.h>
99#include <sys/socketvar.h>
100#include <sys/sockio.h>
101#include <sys/systm.h>
102#include <sys/time.h>
103#include <sys/kernel.h>
104#include <sys/syslog.h>
9bccf70c 105#include <sys/kern_event.h>
6d2010ae
A		 106#include <sys/mcache.h>
107#include <sys/protosw.h>
5ba3f43e 108#include <sys/sysctl.h>
b0d623f7 109
2d21ac55 110#include <kern/locks.h>
b0d623f7 111#include <kern/zalloc.h>
5ba3f43e 112#include <kern/clock.h>
b0d623f7
A		 113#include <libkern/OSAtomic.h>
114#include <machine/machine_routines.h>
39236c6e 115#include <mach/boolean.h>
1c79356b
A		 116
117#include <net/if.h>
118#include <net/if_types.h>
2d21ac55 119#include <net/if_var.h>
1c79356b 120#include <net/route.h>
1c79356b 121#include <net/if_dl.h>
2d21ac55 122#include <net/kpi_protocol.h>
5ba3f43e 123#include <net/nwk_wq.h>
1c79356b
A		 124
125#include <netinet/in.h>
126#include <netinet/in_var.h>
1c79356b 127#include <netinet/if_ether.h>
9bccf70c
A		 128#include <netinet/in_systm.h>
129#include <netinet/ip.h>
130#include <netinet/in_pcb.h>
6d2010ae 131#include <netinet/icmp6.h>
39236c6e
A		 132#include <netinet/tcp.h>
133#include <netinet/tcp_seq.h>
134#include <netinet/tcp_var.h>
1c79356b
A		 135
136#include <netinet6/nd6.h>
137#include <netinet/ip6.h>
138#include <netinet6/ip6_var.h>
139#include <netinet6/mld6_var.h>
1c79356b 140#include <netinet6/in6_ifattach.h>
9bccf70c 141#include <netinet6/scope6_var.h>
6d2010ae 142#include <netinet6/in6_var.h>
9bccf70c 143#include <netinet6/in6_pcb.h>
1c79356b
A		 144
145#include <net/net_osdep.h>
146
39037602 147#include <net/dlil.h>
5ba3f43e 148#include <net/if_llatbl.h>
39037602 149
b0d623f7
A		 150#if PF
151#include <net/pfvar.h>
152#endif /* PF */
153
39236c6e 154/*
1c79356b
A		 155 * Definitions of some costant IP6 addresses.
156 */
157const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT;
158const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT;
159const struct in6_addr in6addr_nodelocal_allnodes =
160 IN6ADDR_NODELOCAL_ALLNODES_INIT;
161const struct in6_addr in6addr_linklocal_allnodes =
162 IN6ADDR_LINKLOCAL_ALLNODES_INIT;
163const struct in6_addr in6addr_linklocal_allrouters =
164 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT;
6d2010ae
A		 165const struct in6_addr in6addr_linklocal_allv2routers =
166 IN6ADDR_LINKLOCAL_ALLV2ROUTERS_INIT;
1c79356b
A		 167
168const struct in6_addr in6mask0 = IN6MASK0;
6d2010ae
A		 169const struct in6_addr in6mask7 = IN6MASK7;
170const struct in6_addr in6mask16 = IN6MASK16;
1c79356b
A		 171const struct in6_addr in6mask32 = IN6MASK32;
172const struct in6_addr in6mask64 = IN6MASK64;
173const struct in6_addr in6mask96 = IN6MASK96;
174const struct in6_addr in6mask128 = IN6MASK128;
175
39236c6e
A		 176const struct sockaddr_in6 sa6_any = {
177 sizeof (sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0
178};
9bccf70c 179
39236c6e
A		 180static int in6ctl_associd(struct socket *, u_long, caddr_t);
181static int in6ctl_connid(struct socket *, u_long, caddr_t);
182static int in6ctl_conninfo(struct socket *, u_long, caddr_t);
183static int in6ctl_llstart(struct ifnet *, u_long, caddr_t);
184static int in6ctl_llstop(struct ifnet *);
185static int in6ctl_cgastart(struct ifnet *, u_long, caddr_t);
186static int in6ctl_gifaddr(struct ifnet *, struct in6_ifaddr *, u_long,
187 struct in6_ifreq *);
188static int in6ctl_gifstat(struct ifnet *, u_long, struct in6_ifreq *);
189static int in6ctl_alifetime(struct in6_ifaddr *, u_long, struct in6_ifreq *,
190 boolean_t);
191static int in6ctl_aifaddr(struct ifnet *, struct in6_aliasreq *);
192static void in6ctl_difaddr(struct ifnet *, struct in6_ifaddr *);
316670eb
A		 193static int in6_autoconf(struct ifnet *, int);
194static int in6_setrouter(struct ifnet *, int);
39236c6e
A		 195static int in6_ifinit(struct ifnet *, struct in6_ifaddr *, int);
196static int in6_ifaupdate_aux(struct in6_ifaddr *, struct ifnet *, int);
6d2010ae 197static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *);
b0d623f7 198static struct in6_ifaddr *in6_ifaddr_alloc(int);
6d2010ae
A		 199static void in6_ifaddr_attached(struct ifaddr *);
200static void in6_ifaddr_detached(struct ifaddr *);
b0d623f7
A		 201static void in6_ifaddr_free(struct ifaddr *);
202static void in6_ifaddr_trace(struct ifaddr *, int);
39236c6e 203#if defined(__LP64__)
39037602
A		 204static void in6_cgareq_32_to_64(struct in6_cgareq_32 *,
205 struct in6_cgareq_64 *);
39236c6e 206#else
39037602
A		 207static void in6_cgareq_64_to_32(struct in6_cgareq_64 *,
208 struct in6_cgareq_32 *);
39236c6e 209#endif
b0d623f7
A		 210static struct in6_aliasreq *in6_aliasreq_to_native(void *, int,
211 struct in6_aliasreq *);
39037602
A		 212static struct in6_cgareq *in6_cgareq_to_native(void *, int,
213 struct in6_cgareq *);
39236c6e 214static int in6_to_kamescope(struct sockaddr_in6 *, struct ifnet *);
39236c6e 215static int in6_getassocids(struct socket *, uint32_t *, user_addr_t);
3e170ce0
A		 216static int in6_getconnids(struct socket *, sae_associd_t, uint32_t *,
217 user_addr_t);
39236c6e
A		 218
219static void in6_if_up_dad_start(struct ifnet *);
220
2d21ac55 221extern lck_mtx_t *nd6_mutex;
1c79356b 222
6d2010ae
A		 223#define IN6IFA_TRACE_HIST_SIZE 32 /* size of trace history */
224
225/* For gdb */
226__private_extern__ unsigned int in6ifa_trace_hist_size = IN6IFA_TRACE_HIST_SIZE;
227
b0d623f7
A		 228struct in6_ifaddr_dbg {
229 struct in6_ifaddr in6ifa; /* in6_ifaddr */
230 struct in6_ifaddr in6ifa_old; /* saved in6_ifaddr */
6d2010ae
A		 231 u_int16_t in6ifa_refhold_cnt; /* # of IFA_ADDREF */
232 u_int16_t in6ifa_refrele_cnt; /* # of IFA_REMREF */
b0d623f7
A		 233 /*
234 * Alloc and free callers.
235 */
236 ctrace_t in6ifa_alloc;
237 ctrace_t in6ifa_free;
238 /*
6d2010ae
A		 239 * Circular lists of IFA_ADDREF and IFA_REMREF callers.
240 */
241 ctrace_t in6ifa_refhold[IN6IFA_TRACE_HIST_SIZE];
242 ctrace_t in6ifa_refrele[IN6IFA_TRACE_HIST_SIZE];
243 /*
244 * Trash list linkage
b0d623f7 245 */
6d2010ae 246 TAILQ_ENTRY(in6_ifaddr_dbg) in6ifa_trash_link;
b0d623f7
A		 247};
248
6d2010ae
A		 249/* List of trash in6_ifaddr entries protected by in6ifa_trash_lock */
250static TAILQ_HEAD(, in6_ifaddr_dbg) in6ifa_trash_head;
251static decl_lck_mtx_data(, in6ifa_trash_lock);
252
253#if DEBUG
254static unsigned int in6ifa_debug = 1; /* debugging (enabled) */
255#else
256static unsigned int in6ifa_debug; /* debugging (disabled) */
257#endif /* !DEBUG */
b0d623f7
A		 258static unsigned int in6ifa_size; /* size of zone element */
259static struct zone *in6ifa_zone; /* zone for in6_ifaddr */
260
261#define IN6IFA_ZONE_MAX 64 /* maximum elements in zone */
262#define IN6IFA_ZONE_NAME "in6_ifaddr" /* zone name */
263
5ba3f43e
A		 264struct eventhandler_lists_ctxt in6_evhdlr_ctxt;
265
1c79356b
A		 266/*
267 * Subroutine for in6_ifaddloop() and in6_ifremloop().
268 * This routine does actual work.
269 */
270static void
271in6_ifloop_request(int cmd, struct ifaddr *ifa)
272{
1c79356b
A		 273 struct sockaddr_in6 all1_sa;
274 struct rtentry *nrt = NULL;
9bccf70c 275 int e;
b0d623f7 276
39236c6e 277 bzero(&all1_sa, sizeof (all1_sa));
9bccf70c 278 all1_sa.sin6_family = AF_INET6;
39236c6e 279 all1_sa.sin6_len = sizeof (struct sockaddr_in6);
1c79356b 280 all1_sa.sin6_addr = in6mask128;
9bccf70c
A		 281
282 /*
283 * We specify the address itself as the gateway, and set the
284 * RTF_LLINFO flag, so that the corresponding host route would have
285 * the flag, and thus applications that assume traditional behavior
286 * would be happy. Note that we assume the caller of the function
287 * (probably implicitly) set nd6_rtrequest() to ifa->ifa_rtrequest,
288 * which changes the outgoing interface to the loopback interface.
6d2010ae 289 * ifa_addr for INET6 is set once during init; no need to hold lock.
9bccf70c 290 */
b0d623f7 291 lck_mtx_lock(rnh_lock);
91447636 292 e = rtrequest_locked(cmd, ifa->ifa_addr, ifa->ifa_addr,
39236c6e 293 (struct sockaddr *)&all1_sa, RTF_UP|RTF_HOST|RTF_LLINFO, &nrt);
9bccf70c
A		 294 if (e != 0) {
295 log(LOG_ERR, "in6_ifloop_request: "
296 "%s operation failed for %s (errno=%d)\n",
297 cmd == RTM_ADD ? "ADD" : "DELETE",
298 ip6_sprintf(&((struct in6_ifaddr *)ifa)->ia_addr.sin6_addr),
299 e);
300 }
1c79356b 301
b0d623f7
A		 302 if (nrt != NULL)
303 RT_LOCK(nrt);
1c79356b
A		 304 /*
305 * Make sure rt_ifa be equal to IFA, the second argument of the
306 * function.
9bccf70c
A		 307 * We need this because when we refer to rt_ifa->ia6_flags in
308 * ip6_input, we assume that the rt_ifa points to the address instead
309 * of the loopback address.
1c79356b
A		 310 */
311 if (cmd == RTM_ADD && nrt && ifa != nrt->rt_ifa) {
9bccf70c 312 rtsetifa(nrt, ifa);
1c79356b 313 }
9bccf70c
A		 314
315 /*
316 * Report the addition/removal of the address to the routing socket.
317 * XXX: since we called rtinit for a p2p interface with a destination,
39236c6e
A		 318 * we end up reporting twice in such a case. Should we rather
319 * omit the second report?
9bccf70c 320 */
b0d623f7 321 if (nrt != NULL) {
9bccf70c
A		 322 rt_newaddrmsg(cmd, ifa, e, nrt);
323 if (cmd == RTM_DELETE) {
b0d623f7 324 RT_UNLOCK(nrt);
2d21ac55 325 rtfree_locked(nrt);
9bccf70c
A		 326 } else {
327 /* the cmd must be RTM_ADD here */
b0d623f7
A		 328 RT_REMREF_LOCKED(nrt);
329 RT_UNLOCK(nrt);
9bccf70c
A		 330 }
331 }
b0d623f7 332 lck_mtx_unlock(rnh_lock);
1c79356b
A		 333}
334
335/*
9bccf70c
A		 336 * Add ownaddr as loopback rtentry. We previously add the route only if
337 * necessary (ex. on a p2p link). However, since we now manage addresses
338 * separately from prefixes, we should always add the route. We can't
339 * rely on the cloning mechanism from the corresponding interface route
340 * any more.
1c79356b
A		 341 */
342static void
343in6_ifaddloop(struct ifaddr *ifa)
344{
9bccf70c
A		 345 struct rtentry *rt;
346
6d2010ae
A		 347 /*
348 * If there is no loopback entry, allocate one. ifa_addr for
349 * INET6 is set once during init; no need to hold lock.
350 */
b0d623f7
A		 351 rt = rtalloc1(ifa->ifa_addr, 0, 0);
352 if (rt != NULL)
353 RT_LOCK(rt);
9bccf70c 354 if (rt == NULL || (rt->rt_flags & RTF_HOST) == 0 ||
b0d623f7
A		 355 (rt->rt_ifp->if_flags & IFF_LOOPBACK) == 0) {
356 if (rt != NULL) {
357 RT_REMREF_LOCKED(rt);
358 RT_UNLOCK(rt);
359 }
9bccf70c 360 in6_ifloop_request(RTM_ADD, ifa);
b0d623f7
A		 361 } else if (rt != NULL) {
362 RT_REMREF_LOCKED(rt);
363 RT_UNLOCK(rt);
364 }
1c79356b
A		 365}
366
367/*
368 * Remove loopback rtentry of ownaddr generated by in6_ifaddloop(),
369 * if it exists.
370 */
371static void
6d2010ae 372in6_ifremloop(struct ifaddr *ifa)
1c79356b 373{
9bccf70c
A		 374 struct in6_ifaddr *ia;
375 struct rtentry *rt;
376 int ia_count = 0;
377
378 /*
379 * Some of BSD variants do not remove cloned routes
380 * from an interface direct route, when removing the direct route
381 * (see comments in net/net_osdep.h). Even for variants that do remove
382 * cloned routes, they could fail to remove the cloned routes when
383 * we handle multple addresses that share a common prefix.
384 * So, we should remove the route corresponding to the deleted address
385 * regardless of the result of in6_is_ifloop_auto().
386 */
387
388 /*
55e303ae 389 * Delete the entry only if exact one ifa exists. More than one ifa
9bccf70c
A		 390 * can exist if we assign a same single address to multiple
391 * (probably p2p) interfaces.
392 * XXX: we should avoid such a configuration in IPv6...
393 */
6d2010ae 394 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
91447636 395 for (ia = in6_ifaddrs; ia; ia = ia->ia_next) {
6d2010ae 396 IFA_LOCK(&ia->ia_ifa);
9bccf70c
A		 397 if (IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &ia->ia_addr.sin6_addr)) {
398 ia_count++;
6d2010ae
A		 399 if (ia_count > 1) {
400 IFA_UNLOCK(&ia->ia_ifa);
9bccf70c 401 break;
6d2010ae 402 }
1c79356b 403 }
6d2010ae 404 IFA_UNLOCK(&ia->ia_ifa);
9bccf70c 405 }
6d2010ae 406 lck_rw_done(&in6_ifaddr_rwlock);
9bccf70c
A		 407
408 if (ia_count == 1) {
409 /*
410 * Before deleting, check if a corresponding loopbacked host
55e303ae 411 * route surely exists. With this check, we can avoid to
9bccf70c 412 * delete an interface direct route whose destination is same
6d2010ae 413 * as the address being removed. This can happen when removing
9bccf70c 414 * a subnet-router anycast address on an interface attahced
6d2010ae
A		 415 * to a shared medium. ifa_addr for INET6 is set once during
416 * init; no need to hold lock.
9bccf70c 417 */
b0d623f7
A		 418 rt = rtalloc1(ifa->ifa_addr, 0, 0);
419 if (rt != NULL) {
420 RT_LOCK(rt);
421 if ((rt->rt_flags & RTF_HOST) != 0 &&
422 (rt->rt_ifp->if_flags & IFF_LOOPBACK) != 0) {
423 RT_REMREF_LOCKED(rt);
424 RT_UNLOCK(rt);
425 in6_ifloop_request(RTM_DELETE, ifa);
426 } else {
427 RT_UNLOCK(rt);
428 }
9bccf70c 429 }
1c79356b
A		 430 }
431}
432
1c79356b
A		 433
434int
39037602 435in6_mask2len(struct in6_addr *mask, u_char *lim0)
1c79356b 436{
9bccf70c
A		 437 int x = 0, y;
438 u_char *lim = lim0, *p;
439
6d2010ae 440 /* ignore the scope_id part */
39236c6e
A		 441 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof (*mask))
442 lim = (u_char *)mask + sizeof (*mask);
9bccf70c
A		 443 for (p = (u_char *)mask; p < lim; x++, p++) {
444 if (*p != 0xff)
1c79356b
A		 445 break;
446 }
447 y = 0;
9bccf70c 448 if (p < lim) {
1c79356b 449 for (y = 0; y < 8; y++) {
9bccf70c 450 if ((*p & (0x80 >> y)) == 0)
1c79356b
A		 451 break;
452 }
453 }
9bccf70c
A		 454
455 /*
456 * when the limit pointer is given, do a stricter check on the
457 * remaining bits.
458 */
459 if (p < lim) {
460 if (y != 0 && (*p & (0x00ff >> y)) != 0)
6d2010ae 461 return (-1);
9bccf70c
A		 462 for (p = p + 1; p < lim; p++)
463 if (*p != 0)
6d2010ae 464 return (-1);
9bccf70c 465 }
6d2010ae 466
39236c6e 467 return (x * 8 + y);
1c79356b
A		 468}
469
470void
39037602 471in6_len2mask(struct in6_addr *mask, int len)
1c79356b
A		 472{
473 int i;
474
39236c6e 475 bzero(mask, sizeof (*mask));
1c79356b
A		 476 for (i = 0; i < len / 8; i++)
477 mask->s6_addr8[i] = 0xff;
478 if (len % 8)
479 mask->s6_addr8[i] = (0xff00 >> (len % 8)) & 0xff;
480}
481
b0d623f7
A		 482void
483in6_aliasreq_64_to_32(struct in6_aliasreq_64 *src, struct in6_aliasreq_32 *dst)
484{
485 bzero(dst, sizeof (*dst));
486 bcopy(src->ifra_name, dst->ifra_name, sizeof (dst->ifra_name));
487 dst->ifra_addr = src->ifra_addr;
488 dst->ifra_dstaddr = src->ifra_dstaddr;
489 dst->ifra_prefixmask = src->ifra_prefixmask;
490 dst->ifra_flags = src->ifra_flags;
491 dst->ifra_lifetime.ia6t_expire = src->ifra_lifetime.ia6t_expire;
492 dst->ifra_lifetime.ia6t_preferred = src->ifra_lifetime.ia6t_preferred;
493 dst->ifra_lifetime.ia6t_vltime = src->ifra_lifetime.ia6t_vltime;
494 dst->ifra_lifetime.ia6t_pltime = src->ifra_lifetime.ia6t_pltime;
495}
496
497void
498in6_aliasreq_32_to_64(struct in6_aliasreq_32 *src, struct in6_aliasreq_64 *dst)
499{
500 bzero(dst, sizeof (*dst));
501 bcopy(src->ifra_name, dst->ifra_name, sizeof (dst->ifra_name));
502 dst->ifra_addr = src->ifra_addr;
503 dst->ifra_dstaddr = src->ifra_dstaddr;
504 dst->ifra_prefixmask = src->ifra_prefixmask;
505 dst->ifra_flags = src->ifra_flags;
506 dst->ifra_lifetime.ia6t_expire = src->ifra_lifetime.ia6t_expire;
507 dst->ifra_lifetime.ia6t_preferred = src->ifra_lifetime.ia6t_preferred;
508 dst->ifra_lifetime.ia6t_vltime = src->ifra_lifetime.ia6t_vltime;
509 dst->ifra_lifetime.ia6t_pltime = src->ifra_lifetime.ia6t_pltime;
510}
511
39236c6e
A		 512#if defined(__LP64__)
513void
39037602
A		 514in6_cgareq_32_to_64(struct in6_cgareq_32 *src,
515 struct in6_cgareq_64 *dst)
39236c6e
A		 516{
517 bzero(dst, sizeof (*dst));
39037602
A		 518 bcopy(src->cgar_name, dst->cgar_name, sizeof (dst->cgar_name));
519 dst->cgar_flags = src->cgar_flags;
520 bcopy(src->cgar_cgaprep.cga_modifier.octets,
521 dst->cgar_cgaprep.cga_modifier.octets,
522 sizeof (dst->cgar_cgaprep.cga_modifier.octets));
523 dst->cgar_cgaprep.cga_security_level =
524 src->cgar_cgaprep.cga_security_level;
525 dst->cgar_lifetime.ia6t_expire = src->cgar_lifetime.ia6t_expire;
526 dst->cgar_lifetime.ia6t_preferred = src->cgar_lifetime.ia6t_preferred;
527 dst->cgar_lifetime.ia6t_vltime = src->cgar_lifetime.ia6t_vltime;
528 dst->cgar_lifetime.ia6t_pltime = src->cgar_lifetime.ia6t_pltime;
39236c6e
A		 529}
530#endif
531
532#if !defined(__LP64__)
533void
39037602
A		 534in6_cgareq_64_to_32(struct in6_cgareq_64 *src,
535 struct in6_cgareq_32 *dst)
39236c6e
A		 536{
537 bzero(dst, sizeof (*dst));
39037602
A		 538 bcopy(src->cgar_name, dst->cgar_name, sizeof (dst->cgar_name));
539 dst->cgar_flags = src->cgar_flags;
540 bcopy(src->cgar_cgaprep.cga_modifier.octets,
541 dst->cgar_cgaprep.cga_modifier.octets,
542 sizeof (dst->cgar_cgaprep.cga_modifier.octets));
543 dst->cgar_cgaprep.cga_security_level =
544 src->cgar_cgaprep.cga_security_level;
545 dst->cgar_lifetime.ia6t_expire = src->cgar_lifetime.ia6t_expire;
546 dst->cgar_lifetime.ia6t_preferred = src->cgar_lifetime.ia6t_preferred;
547 dst->cgar_lifetime.ia6t_vltime = src->cgar_lifetime.ia6t_vltime;
548 dst->cgar_lifetime.ia6t_pltime = src->cgar_lifetime.ia6t_pltime;
39236c6e
A		 549}
550#endif
551
b0d623f7
A		 552static struct in6_aliasreq *
553in6_aliasreq_to_native(void *data, int data_is_64, struct in6_aliasreq *dst)
554{
555#if defined(__LP64__)
556 if (data_is_64)
316670eb 557 bcopy(data, dst, sizeof (*dst));
b0d623f7
A		 558 else
559 in6_aliasreq_32_to_64((struct in6_aliasreq_32 *)data,
560 (struct in6_aliasreq_64 *)dst);
561#else
562 if (data_is_64)
563 in6_aliasreq_64_to_32((struct in6_aliasreq_64 *)data,
564 (struct in6_aliasreq_32 *)dst);
565 else
316670eb 566 bcopy(data, dst, sizeof (*dst));
b0d623f7
A		 567#endif /* __LP64__ */
568 return (dst);
569}
570
39037602
A		 571static struct in6_cgareq *
572in6_cgareq_to_native(void *data, int is64, struct in6_cgareq *dst)
39236c6e
A		 573{
574#if defined(__LP64__)
575 if (is64)
576 bcopy(data, dst, sizeof (*dst));
577 else
39037602
A		 578 in6_cgareq_32_to_64((struct in6_cgareq_32 *)data,
579 (struct in6_cgareq_64 *)dst);
39236c6e
A		 580#else
581 if (is64)
39037602
A		 582 in6_cgareq_64_to_32((struct in6_cgareq_64 *)data,
583 (struct in6_cgareq_32 *)dst);
39236c6e
A		 584 else
585 bcopy(data, dst, sizeof (*dst));
586#endif /* __LP64__ */
587 return (dst);
588}
1c79356b 589
39236c6e
A		 590static __attribute__((noinline)) int
591in6ctl_associd(struct socket *so, u_long cmd, caddr_t data)
1c79356b 592{
39236c6e
A		 593 int error = 0;
594 union {
595 struct so_aidreq32 a32;
596 struct so_aidreq64 a64;
597 } u;
91447636 598
39236c6e 599 VERIFY(so != NULL);
1c79356b 600
1c79356b 601 switch (cmd) {
39236c6e
A		 602 case SIOCGASSOCIDS32: { /* struct so_aidreq32 */
603 bcopy(data, &u.a32, sizeof (u.a32));
604 error = in6_getassocids(so, &u.a32.sar_cnt, u.a32.sar_aidp);
605 if (error == 0)
606 bcopy(&u.a32, data, sizeof (u.a32));
607 break;
608 }
6d2010ae 609
39236c6e
A		 610 case SIOCGASSOCIDS64: { /* struct so_aidreq64 */
611 bcopy(data, &u.a64, sizeof (u.a64));
612 error = in6_getassocids(so, &u.a64.sar_cnt, u.a64.sar_aidp);
613 if (error == 0)
614 bcopy(&u.a64, data, sizeof (u.a64));
615 break;
616 }
6d2010ae 617
39236c6e
A		 618 default:
619 VERIFY(0);
316670eb 620 /* NOTREACHED */
6d2010ae
A		 621 }
622
39236c6e
A		 623 return (error);
624}
625
626static __attribute__((noinline)) int
627in6ctl_connid(struct socket *so, u_long cmd, caddr_t data)
628{
629 int error = 0;
630 union {
631 struct so_cidreq32 c32;
632 struct so_cidreq64 c64;
633 } u;
634
635 VERIFY(so != NULL);
1c79356b
A		 636
637 switch (cmd) {
39236c6e
A		 638 case SIOCGCONNIDS32: { /* struct so_cidreq32 */
639 bcopy(data, &u.c32, sizeof (u.c32));
640 error = in6_getconnids(so, u.c32.scr_aid, &u.c32.scr_cnt,
641 u.c32.scr_cidp);
642 if (error == 0)
643 bcopy(&u.c32, data, sizeof (u.c32));
91447636 644 break;
39236c6e 645 }
316670eb 646
39236c6e
A		 647 case SIOCGCONNIDS64: { /* struct so_cidreq64 */
648 bcopy(data, &u.c64, sizeof (u.c64));
649 error = in6_getconnids(so, u.c64.scr_aid, &u.c64.scr_cnt,
650 u.c64.scr_cidp);
651 if (error == 0)
652 bcopy(&u.c64, data, sizeof (u.c64));
653 break;
654 }
1c79356b 655
39236c6e
A		 656 default:
657 VERIFY(0);
316670eb 658 /* NOTREACHED */
39236c6e 659 }
316670eb 660
39236c6e
A		 661 return (error);
662}
9bccf70c 663
39236c6e
A		 664static __attribute__((noinline)) int
665in6ctl_conninfo(struct socket *so, u_long cmd, caddr_t data)
666{
667 int error = 0;
668 union {
669 struct so_cinforeq32 ci32;
670 struct so_cinforeq64 ci64;
671 } u;
316670eb 672
39236c6e 673 VERIFY(so != NULL);
316670eb 674
39236c6e
A		 675 switch (cmd) {
676 case SIOCGCONNINFO32: { /* struct so_cinforeq32 */
677 bcopy(data, &u.ci32, sizeof (u.ci32));
678 error = in6_getconninfo(so, u.ci32.scir_cid, &u.ci32.scir_flags,
679 &u.ci32.scir_ifindex, &u.ci32.scir_error, u.ci32.scir_src,
680 &u.ci32.scir_src_len, u.ci32.scir_dst, &u.ci32.scir_dst_len,
681 &u.ci32.scir_aux_type, u.ci32.scir_aux_data,
682 &u.ci32.scir_aux_len);
683 if (error == 0)
684 bcopy(&u.ci32, data, sizeof (u.ci32));
685 break;
316670eb
A		 686 }
687
39236c6e
A		 688 case SIOCGCONNINFO64: { /* struct so_cinforeq64 */
689 bcopy(data, &u.ci64, sizeof (u.ci64));
690 error = in6_getconninfo(so, u.ci64.scir_cid, &u.ci64.scir_flags,
691 &u.ci64.scir_ifindex, &u.ci64.scir_error, u.ci64.scir_src,
692 &u.ci64.scir_src_len, u.ci64.scir_dst, &u.ci64.scir_dst_len,
693 &u.ci64.scir_aux_type, u.ci64.scir_aux_data,
694 &u.ci64.scir_aux_len);
695 if (error == 0)
696 bcopy(&u.ci64, data, sizeof (u.ci64));
697 break;
316670eb 698 }
b0d623f7 699
39236c6e
A		 700 default:
701 VERIFY(0);
316670eb 702 /* NOTREACHED */
1c79356b
A		 703 }
704
39236c6e
A		 705 return (error);
706}
316670eb 707
39236c6e
A		 708static __attribute__((noinline)) int
709in6ctl_llstart(struct ifnet *ifp, u_long cmd, caddr_t data)
710{
711 struct in6_aliasreq sifra, *ifra = NULL;
712 boolean_t is64;
713 int error = 0;
714
715 VERIFY(ifp != NULL);
b0d623f7 716
b0d623f7 717 switch (cmd) {
316670eb 718 case SIOCLL_START_32: /* struct in6_aliasreq_32 */
39236c6e
A		 719 case SIOCLL_START_64: /* struct in6_aliasreq_64 */
720 is64 = (cmd == SIOCLL_START_64);
b0d623f7
A		 721 /*
722 * Convert user ifra to the kernel form, when appropriate.
723 * This allows the conversion between different data models
724 * to be centralized, so that it can be passed around to other
725 * routines that are expecting the kernel form.
726 */
39236c6e
A		 727 ifra = in6_aliasreq_to_native(data, is64, &sifra);
728
729 /*
730 * NOTE: All the interface specific DLIL attachements should
731 * be done here. They are currently done in in6_ifattach_aux()
732 * for the interfaces that need it.
733 */
39037602 734 if (ifra->ifra_addr.sin6_family == AF_INET6 &&
39236c6e
A		 735 /* Only check ifra_dstaddr if valid */
736 (ifra->ifra_dstaddr.sin6_len == 0 ||
737 ifra->ifra_dstaddr.sin6_family == AF_INET6)) {
738 /* some interfaces may provide LinkLocal addresses */
739 error = in6_ifattach_aliasreq(ifp, NULL, ifra);
740 } else {
741 error = in6_ifattach_aliasreq(ifp, NULL, NULL);
742 }
743 if (error == 0)
744 in6_if_up_dad_start(ifp);
b0d623f7 745 break;
39236c6e
A		 746
747 default:
748 VERIFY(0);
749 /* NOTREACHED */
316670eb 750 }
b0d623f7 751
39236c6e
A		 752 return (error);
753}
754
755static __attribute__((noinline)) int
756in6ctl_llstop(struct ifnet *ifp)
757{
758 struct in6_ifaddr *ia;
fe8ab488 759 struct nd_prefix pr0, *pr;
39236c6e
A		 760
761 VERIFY(ifp != NULL);
762
763 /* Remove link local addresses from interface */
764 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
765 ia = in6_ifaddrs;
766 while (ia != NULL) {
767 if (ia->ia_ifa.ifa_ifp != ifp) {
768 ia = ia->ia_next;
769 continue;
770 }
771 IFA_LOCK(&ia->ia_ifa);
772 if (IN6_IS_ADDR_LINKLOCAL(&ia->ia_addr.sin6_addr)) {
773 IFA_ADDREF_LOCKED(&ia->ia_ifa); /* for us */
774 IFA_UNLOCK(&ia->ia_ifa);
775 lck_rw_done(&in6_ifaddr_rwlock);
776 in6_purgeaddr(&ia->ia_ifa);
777 IFA_REMREF(&ia->ia_ifa); /* for us */
778 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
779 /*
780 * Purging the address caused in6_ifaddr_rwlock
781 * to be dropped and reacquired;
782 * therefore search again from the beginning
783 * of in6_ifaddrs list.
784 */
785 ia = in6_ifaddrs;
786 continue;
787 }
788 IFA_UNLOCK(&ia->ia_ifa);
789 ia = ia->ia_next;
790 }
791 lck_rw_done(&in6_ifaddr_rwlock);
fe8ab488
A		 792
793 /* Delete the link local prefix */
794 bzero(&pr0, sizeof(pr0));
795 pr0.ndpr_plen = 64;
796 pr0.ndpr_ifp = ifp;
797 pr0.ndpr_prefix.sin6_addr.s6_addr16[0] = IPV6_ADDR_INT16_ULL;
798 in6_setscope(&pr0.ndpr_prefix.sin6_addr, ifp, NULL);
3e170ce0 799 pr = nd6_prefix_lookup(&pr0, ND6_PREFIX_EXPIRY_UNSPEC);
fe8ab488
A		 800 if (pr) {
801 lck_mtx_lock(nd6_mutex);
802 NDPR_LOCK(pr);
803 prelist_remove(pr);
804 NDPR_UNLOCK(pr);
805 NDPR_REMREF(pr); /* Drop the reference from lookup */
806 lck_mtx_unlock(nd6_mutex);
807 }
808
39236c6e
A		 809 return (0);
810}
811
39037602
A		 812/*
813 * This routine configures secure link local address
814 */
39236c6e
A		 815static __attribute__((noinline)) int
816in6ctl_cgastart(struct ifnet *ifp, u_long cmd, caddr_t data)
817{
39037602 818 struct in6_cgareq llcgasr;
39236c6e
A		 819 int is64, error = 0;
820
821 VERIFY(ifp != NULL);
822
823 switch (cmd) {
39037602
A		 824 case SIOCLL_CGASTART_32: /* struct in6_cgareq_32 */
825 case SIOCLL_CGASTART_64: /* struct in6_cgareq_64 */
39236c6e 826 is64 = (cmd == SIOCLL_CGASTART_64);
316670eb 827 /*
39037602 828 * Convert user cgareq to the kernel form, when appropriate.
316670eb
A		 829 * This allows the conversion between different data models
830 * to be centralized, so that it can be passed around to other
831 * routines that are expecting the kernel form.
832 */
39037602 833 in6_cgareq_to_native(data, is64, &llcgasr);
39236c6e
A		 834
835 /*
836 * NOTE: All the interface specific DLIL attachements
837 * should be done here. They are currently done in
39037602 838 * in6_ifattach_cgareq() for the interfaces that
39236c6e
A		 839 * need it.
840 */
39037602 841 error = in6_ifattach_llcgareq(ifp, &llcgasr);
39236c6e
A		 842 if (error == 0)
843 in6_if_up_dad_start(ifp);
b0d623f7 844 break;
39236c6e
A		 845
846 default:
847 VERIFY(0);
848 /* NOTREACHED */
316670eb 849 }
b0d623f7 850
39236c6e
A		 851 return (error);
852}
853
854/*
855 * Caller passes in the ioctl data pointer directly via "ifr", with the
856 * expectation that this routine always uses bcopy() or other byte-aligned
857 * memory accesses.
858 */
859static __attribute__((noinline)) int
860in6ctl_gifaddr(struct ifnet *ifp, struct in6_ifaddr *ia, u_long cmd,
861 struct in6_ifreq *ifr)
862{
863 struct sockaddr_in6 addr;
864 int error = 0;
865
866 VERIFY(ifp != NULL);
867
868 if (ia == NULL)
869 return (EADDRNOTAVAIL);
870
871 switch (cmd) {
316670eb 872 case SIOCGIFADDR_IN6: /* struct in6_ifreq */
39236c6e
A		 873 IFA_LOCK(&ia->ia_ifa);
874 bcopy(&ia->ia_addr, &addr, sizeof (addr));
875 IFA_UNLOCK(&ia->ia_ifa);
876 if ((error = sa6_recoverscope(&addr, TRUE)) != 0)
877 break;
878 bcopy(&addr, &ifr->ifr_addr, sizeof (addr));
879 break;
316670eb 880
39236c6e
A		 881 case SIOCGIFDSTADDR_IN6: /* struct in6_ifreq */
882 if (!(ifp->if_flags & IFF_POINTOPOINT)) {
883 error = EINVAL;
884 break;
885 }
886 /*
887 * XXX: should we check if ifa_dstaddr is NULL and return
888 * an error?
889 */
890 IFA_LOCK(&ia->ia_ifa);
891 bcopy(&ia->ia_dstaddr, &addr, sizeof (addr));
892 IFA_UNLOCK(&ia->ia_ifa);
893 if ((error = sa6_recoverscope(&addr, TRUE)) != 0)
894 break;
895 bcopy(&addr, &ifr->ifr_dstaddr, sizeof (addr));
b0d623f7
A		 896 break;
897
898 default:
39236c6e
A		 899 VERIFY(0);
900 /* NOTREACHED */
1c79356b 901 }
9bccf70c 902
39236c6e
A		 903 return (error);
904}
55e303ae 905
39236c6e
A		 906/*
907 * Caller passes in the ioctl data pointer directly via "ifr", with the
908 * expectation that this routine always uses bcopy() or other byte-aligned
909 * memory accesses.
910 */
911static __attribute__((noinline)) int
912in6ctl_gifstat(struct ifnet *ifp, u_long cmd, struct in6_ifreq *ifr)
913{
914 int error = 0, index;
55e303ae 915
39236c6e
A		 916 VERIFY(ifp != NULL);
917 index = ifp->if_index;
918
919 switch (cmd) {
920 case SIOCGIFSTAT_IN6: /* struct in6_ifreq */
921 /* N.B.: if_inet6data is never freed once set. */
922 if (IN6_IFEXTRA(ifp) == NULL) {
923 /* return (EAFNOSUPPORT)? */
924 bzero(&ifr->ifr_ifru.ifru_stat,
925 sizeof (ifr->ifr_ifru.ifru_stat));
b0d623f7 926 } else {
39236c6e
A		 927 bcopy(&IN6_IFEXTRA(ifp)->in6_ifstat,
928 &ifr->ifr_ifru.ifru_stat,
929 sizeof (ifr->ifr_ifru.ifru_stat));
b0d623f7 930 }
39236c6e
A		 931 break;
932
933 case SIOCGIFSTAT_ICMP6: /* struct in6_ifreq */
934 /* N.B.: if_inet6data is never freed once set. */
935 if (IN6_IFEXTRA(ifp) == NULL) {
936 /* return (EAFNOSUPPORT)? */
937 bzero(&ifr->ifr_ifru.ifru_stat,
938 sizeof (ifr->ifr_ifru.ifru_icmp6stat));
939 } else {
940 bcopy(&IN6_IFEXTRA(ifp)->icmp6_ifstat,
941 &ifr->ifr_ifru.ifru_icmp6stat,
942 sizeof (ifr->ifr_ifru.ifru_icmp6stat));
943 }
944 break;
945
946 default:
947 VERIFY(0);
b0d623f7 948 /* NOTREACHED */
39236c6e 949 }
55e303ae 950
39236c6e
A		 951 return (error);
952}
953
954/*
955 * Caller passes in the ioctl data pointer directly via "ifr", with the
956 * expectation that this routine always uses bcopy() or other byte-aligned
957 * memory accesses.
958 */
959static __attribute__((noinline)) int
960in6ctl_alifetime(struct in6_ifaddr *ia, u_long cmd, struct in6_ifreq *ifr,
961 boolean_t p64)
962{
963 uint64_t timenow = net_uptime();
964 struct in6_addrlifetime ia6_lt;
965 struct timeval caltime;
966 int error = 0;
967
968 if (ia == NULL)
969 return (EADDRNOTAVAIL);
970
971 switch (cmd) {
972 case SIOCGIFALIFETIME_IN6: /* struct in6_ifreq */
973 IFA_LOCK(&ia->ia_ifa);
974 /* retrieve time as calendar time (last arg is 1) */
975 in6ifa_getlifetime(ia, &ia6_lt, 1);
976 if (p64) {
977 struct in6_addrlifetime_64 lt;
978
979 bzero(&lt, sizeof (lt));
980 lt.ia6t_expire = ia6_lt.ia6t_expire;
981 lt.ia6t_preferred = ia6_lt.ia6t_preferred;
982 lt.ia6t_vltime = ia6_lt.ia6t_vltime;
983 lt.ia6t_pltime = ia6_lt.ia6t_pltime;
984 bcopy(&lt, &ifr->ifr_ifru.ifru_lifetime, sizeof (lt));
985 } else {
986 struct in6_addrlifetime_32 lt;
987
988 bzero(&lt, sizeof (lt));
989 lt.ia6t_expire = (uint32_t)ia6_lt.ia6t_expire;
990 lt.ia6t_preferred = (uint32_t)ia6_lt.ia6t_preferred;
991 lt.ia6t_vltime = (uint32_t)ia6_lt.ia6t_vltime;
992 lt.ia6t_pltime = (uint32_t)ia6_lt.ia6t_pltime;
993 bcopy(&lt, &ifr->ifr_ifru.ifru_lifetime, sizeof (lt));
994 }
995 IFA_UNLOCK(&ia->ia_ifa);
996 break;
997
998 case SIOCSIFALIFETIME_IN6: /* struct in6_ifreq */
999 getmicrotime(&caltime);
1000
1001 /* sanity for overflow - beware unsigned */
1002 if (p64) {
1003 struct in6_addrlifetime_64 lt;
1004
1005 bcopy(&ifr->ifr_ifru.ifru_lifetime, &lt, sizeof (lt));
1006 if (lt.ia6t_vltime != ND6_INFINITE_LIFETIME &&
1007 lt.ia6t_vltime + caltime.tv_sec < caltime.tv_sec) {
1008 error = EINVAL;
1009 break;
6d2010ae 1010 }
39236c6e
A		 1011 if (lt.ia6t_pltime != ND6_INFINITE_LIFETIME &&
1012 lt.ia6t_pltime + caltime.tv_sec < caltime.tv_sec) {
1013 error = EINVAL;
1014 break;
1015 }
1016 } else {
1017 struct in6_addrlifetime_32 lt;
1018
1019 bcopy(&ifr->ifr_ifru.ifru_lifetime, &lt, sizeof (lt));
1020 if (lt.ia6t_vltime != ND6_INFINITE_LIFETIME &&
1021 lt.ia6t_vltime + caltime.tv_sec < caltime.tv_sec) {
1022 error = EINVAL;
1023 break;
1024 }
1025 if (lt.ia6t_pltime != ND6_INFINITE_LIFETIME &&
1026 lt.ia6t_pltime + caltime.tv_sec < caltime.tv_sec) {
1027 error = EINVAL;
1028 break;
6d2010ae 1029 }
55e303ae 1030 }
39236c6e
A		 1031
1032 IFA_LOCK(&ia->ia_ifa);
1033 if (p64) {
1034 struct in6_addrlifetime_64 lt;
1035
1036 bcopy(&ifr->ifr_ifru.ifru_lifetime, &lt, sizeof (lt));
1037 ia6_lt.ia6t_expire = lt.ia6t_expire;
1038 ia6_lt.ia6t_preferred = lt.ia6t_preferred;
1039 ia6_lt.ia6t_vltime = lt.ia6t_vltime;
1040 ia6_lt.ia6t_pltime = lt.ia6t_pltime;
1041 } else {
1042 struct in6_addrlifetime_32 lt;
1043
1044 bcopy(&ifr->ifr_ifru.ifru_lifetime, &lt, sizeof (lt));
1045 ia6_lt.ia6t_expire = (uint32_t)lt.ia6t_expire;
1046 ia6_lt.ia6t_preferred = (uint32_t)lt.ia6t_preferred;
1047 ia6_lt.ia6t_vltime = lt.ia6t_vltime;
1048 ia6_lt.ia6t_pltime = lt.ia6t_pltime;
1049 }
1050 /* for sanity */
1051 if (ia6_lt.ia6t_vltime != ND6_INFINITE_LIFETIME)
1052 ia6_lt.ia6t_expire = timenow + ia6_lt.ia6t_vltime;
1053 else
1054 ia6_lt.ia6t_expire = 0;
1055
1056 if (ia6_lt.ia6t_pltime != ND6_INFINITE_LIFETIME)
1057 ia6_lt.ia6t_preferred = timenow + ia6_lt.ia6t_pltime;
1058 else
1059 ia6_lt.ia6t_preferred = 0;
1060
1061 in6ifa_setlifetime(ia, &ia6_lt);
1062 IFA_UNLOCK(&ia->ia_ifa);
1063 break;
1064
1065 default:
1066 VERIFY(0);
316670eb 1067 /* NOTREACHED */
39236c6e
A		 1068 }
1069
1070 return (error);
1071}
316670eb 1072
39236c6e
A		 1073#define ifa2ia6(ifa) ((struct in6_ifaddr *)(void *)(ifa))
1074
1075/*
1076 * Generic INET6 control operations (ioctl's).
1077 *
1078 * ifp is NULL if not an interface-specific ioctl.
1079 *
1080 * Most of the routines called to handle the ioctls would end up being
1081 * tail-call optimized, which unfortunately causes this routine to
1082 * consume too much stack space; this is the reason for the "noinline"
1083 * attribute used on those routines.
1084 *
1085 * If called directly from within the networking stack (as opposed to via
1086 * pru_control), the socket parameter may be NULL.
1087 */
1088int
1089in6_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp,
1090 struct proc *p)
1091{
1092 struct in6_ifreq *ifr = (struct in6_ifreq *)(void *)data;
1093 struct in6_aliasreq sifra, *ifra = NULL;
1094 struct in6_ifaddr *ia = NULL;
1095 struct sockaddr_in6 sin6, *sa6 = NULL;
1096 boolean_t privileged = (proc_suser(p) == 0);
1097 boolean_t p64 = proc_is64bit(p);
1098 boolean_t so_unlocked = FALSE;
1099 int intval, error = 0;
1100
1101 /* In case it's NULL, make sure it came from the kernel */
1102 VERIFY(so != NULL || p == kernproc);
1103
1104 /*
1105 * ioctls which don't require ifp, may require socket.
1106 */
1107 switch (cmd) {
39236c6e
A		 1108 case SIOCAADDRCTL_POLICY: /* struct in6_addrpolicy */
1109 case SIOCDADDRCTL_POLICY: /* struct in6_addrpolicy */
1110 if (!privileged)
1111 return (EPERM);
1112 return (in6_src_ioctl(cmd, data));
1113 /* NOTREACHED */
1114
1115 case SIOCDRADD_IN6_32: /* struct in6_defrouter_32 */
1116 case SIOCDRADD_IN6_64: /* struct in6_defrouter_64 */
1117 case SIOCDRDEL_IN6_32: /* struct in6_defrouter_32 */
1118 case SIOCDRDEL_IN6_64: /* struct in6_defrouter_64 */
1119 if (!privileged)
1120 return (EPERM);
1121 return (defrtrlist_ioctl(cmd, data));
1122 /* NOTREACHED */
1123
1124 case SIOCGASSOCIDS32: /* struct so_aidreq32 */
1125 case SIOCGASSOCIDS64: /* struct so_aidreq64 */
1126 return (in6ctl_associd(so, cmd, data));
1127 /* NOTREACHED */
1128
1129 case SIOCGCONNIDS32: /* struct so_cidreq32 */
1130 case SIOCGCONNIDS64: /* struct so_cidreq64 */
1131 return (in6ctl_connid(so, cmd, data));
1132 /* NOTREACHED */
1133
1134 case SIOCGCONNINFO32: /* struct so_cinforeq32 */
1135 case SIOCGCONNINFO64: /* struct so_cinforeq64 */
1136 return (in6ctl_conninfo(so, cmd, data));
1137 /* NOTREACHED */
1138 }
1139
1140 /*
1141 * The rest of ioctls require ifp; reject if we don't have one;
1142 * return ENXIO to be consistent with ifioctl().
1143 */
1144 if (ifp == NULL)
1145 return (ENXIO);
1146
3e170ce0
A		 1147 /*
1148 * Unlock the socket since ifnet_ioctl() may be invoked by
1149 * one of the ioctl handlers below. Socket will be re-locked
1150 * prior to returning.
1151 */
1152 if (so != NULL) {
1153 socket_unlock(so, 0);
1154 so_unlocked = TRUE;
1155 }
1156
39236c6e
A		 1157 /*
1158 * ioctls which require ifp but not interface address.
1159 */
1160 switch (cmd) {
1161 case SIOCAUTOCONF_START: /* struct in6_ifreq */
3e170ce0
A		 1162 if (!privileged) {
1163 error = EPERM;
1164 goto done;
1165 }
1166 error = in6_autoconf(ifp, TRUE);
1167 goto done;
39236c6e
A		 1168
1169 case SIOCAUTOCONF_STOP: /* struct in6_ifreq */
3e170ce0
A		 1170 if (!privileged) {
1171 error = EPERM;
1172 goto done;
1173 }
1174 error = in6_autoconf(ifp, FALSE);
1175 goto done;
39236c6e
A		 1176
1177 case SIOCLL_START_32: /* struct in6_aliasreq_32 */
1178 case SIOCLL_START_64: /* struct in6_aliasreq_64 */
3e170ce0
A		 1179 if (!privileged) {
1180 error = EPERM;
1181 goto done;
1182 }
1183 error = in6ctl_llstart(ifp, cmd, data);
1184 goto done;
39236c6e
A		 1185
1186 case SIOCLL_STOP: /* struct in6_ifreq */
3e170ce0
A		 1187 if (!privileged) {
1188 error = EPERM;
1189 goto done;
1190 }
1191 error = in6ctl_llstop(ifp);
1192 goto done;
39236c6e
A		 1193
1194 case SIOCSETROUTERMODE_IN6: /* struct in6_ifreq */
3e170ce0
A		 1195 if (!privileged) {
1196 error = EPERM;
1197 goto done;
1198 }
316670eb
A		 1199 bcopy(&((struct in6_ifreq *)(void *)data)->ifr_intval,
1200 &intval, sizeof (intval));
1201
3e170ce0
A		 1202 error = in6_setrouter(ifp, intval);
1203 goto done;
55e303ae 1204
316670eb
A		 1205 case SIOCPROTOATTACH_IN6_32: /* struct in6_aliasreq_32 */
1206 case SIOCPROTOATTACH_IN6_64: /* struct in6_aliasreq_64 */
3e170ce0
A		 1207 if (!privileged) {
1208 error = EPERM;
1209 goto done;
1210 }
1211 error = in6_domifattach(ifp);
1212 goto done;
55e303ae 1213
316670eb 1214 case SIOCPROTODETACH_IN6: /* struct in6_ifreq */
3e170ce0
A		 1215 if (!privileged) {
1216 error = EPERM;
1217 goto done;
1218 }
b0d623f7
A		 1219 /* Cleanup interface routes and addresses */
1220 in6_purgeif(ifp);
55e303ae 1221
2d21ac55 1222 if ((error = proto_unplumb(PF_INET6, ifp)))
39236c6e 1223 log(LOG_ERR, "SIOCPROTODETACH_IN6: %s error=%d\n",
b0d623f7 1224 if_name(ifp), error);
3e170ce0 1225 goto done;
39236c6e
A		 1226
1227 case SIOCSNDFLUSH_IN6: /* struct in6_ifreq */
1228 case SIOCSPFXFLUSH_IN6: /* struct in6_ifreq */
1229 case SIOCSRTRFLUSH_IN6: /* struct in6_ifreq */
1230 case SIOCSDEFIFACE_IN6_32: /* struct in6_ndifreq_32 */
1231 case SIOCSDEFIFACE_IN6_64: /* struct in6_ndifreq_64 */
1232 case SIOCSIFINFO_FLAGS: /* struct in6_ndireq */
39037602
A		 1233 case SIOCGIFCGAPREP_IN6: /* struct in6_ifreq */
1234 case SIOCSIFCGAPREP_IN6: /* struct in6_ifreq */
3e170ce0
A		 1235 if (!privileged) {
1236 error = EPERM;
1237 goto done;
1238 }
39236c6e
A		 1239 /* FALLTHRU */
1240 case OSIOCGIFINFO_IN6: /* struct in6_ondireq */
1241 case SIOCGIFINFO_IN6: /* struct in6_ondireq */
1242 case SIOCGDRLST_IN6_32: /* struct in6_drlist_32 */
1243 case SIOCGDRLST_IN6_64: /* struct in6_drlist_64 */
1244 case SIOCGPRLST_IN6_32: /* struct in6_prlist_32 */
1245 case SIOCGPRLST_IN6_64: /* struct in6_prlist_64 */
1246 case SIOCGNBRINFO_IN6_32: /* struct in6_nbrinfo_32 */
1247 case SIOCGNBRINFO_IN6_64: /* struct in6_nbrinfo_64 */
1248 case SIOCGDEFIFACE_IN6_32: /* struct in6_ndifreq_32 */
1249 case SIOCGDEFIFACE_IN6_64: /* struct in6_ndifreq_64 */
3e170ce0
A		 1250 error = nd6_ioctl(cmd, data, ifp);
1251 goto done;
39236c6e
A		 1252
1253 case SIOCSIFPREFIX_IN6: /* struct in6_prefixreq (deprecated) */
1254 case SIOCDIFPREFIX_IN6: /* struct in6_prefixreq (deprecated) */
1255 case SIOCAIFPREFIX_IN6: /* struct in6_rrenumreq (deprecated) */
1256 case SIOCCIFPREFIX_IN6: /* struct in6_rrenumreq (deprecated) */
1257 case SIOCSGIFPREFIX_IN6: /* struct in6_rrenumreq (deprecated) */
1258 case SIOCGIFPREFIX_IN6: /* struct in6_prefixreq (deprecated) */
1259 log(LOG_NOTICE,
1260 "prefix ioctls are now invalidated. "
1261 "please use ifconfig.\n");
3e170ce0
A		 1262 error = EOPNOTSUPP;
1263 goto done;
39236c6e
A		 1264
1265 case SIOCSSCOPE6: /* struct in6_ifreq (deprecated) */
1266 case SIOCGSCOPE6: /* struct in6_ifreq (deprecated) */
1267 case SIOCGSCOPE6DEF: /* struct in6_ifreq (deprecated) */
3e170ce0
A		 1268 error = EOPNOTSUPP;
1269 goto done;
fe8ab488 1270
39037602
A		 1271 case SIOCLL_CGASTART_32: /* struct in6_cgareq_32 */
1272 case SIOCLL_CGASTART_64: /* struct in6_cgareq_64 */
39236c6e 1273 if (!privileged)
3e170ce0
A		 1274 error = EPERM;
1275 else
1276 error = in6ctl_cgastart(ifp, cmd, data);
1277 goto done;
39236c6e
A		 1278
1279 case SIOCGIFSTAT_IN6: /* struct in6_ifreq */
1280 case SIOCGIFSTAT_ICMP6: /* struct in6_ifreq */
3e170ce0
A		 1281 error = in6ctl_gifstat(ifp, cmd, ifr);
1282 goto done;
39236c6e
A		 1283 }
1284
1285 /*
1286 * ioctls which require interface address; obtain sockaddr_in6.
1287 */
1288 switch (cmd) {
1289 case SIOCSIFADDR_IN6: /* struct in6_ifreq (deprecated) */
1290 case SIOCSIFDSTADDR_IN6: /* struct in6_ifreq (deprecated) */
1291 case SIOCSIFNETMASK_IN6: /* struct in6_ifreq (deprecated) */
1292 /*
1293 * Since IPv6 allows a node to assign multiple addresses
1294 * on a single interface, SIOCSIFxxx ioctls are deprecated.
1295 */
1296 /* we decided to obsolete this command (20000704) */
3e170ce0
A		 1297 error = EOPNOTSUPP;
1298 goto done;
39236c6e
A		 1299
1300 case SIOCAIFADDR_IN6_32: /* struct in6_aliasreq_32 */
1301 case SIOCAIFADDR_IN6_64: /* struct in6_aliasreq_64 */
3e170ce0
A		 1302 if (!privileged) {
1303 error = EPERM;
1304 goto done;
1305 }
39236c6e
A		 1306 /*
1307 * Convert user ifra to the kernel form, when appropriate.
1308 * This allows the conversion between different data models
1309 * to be centralized, so that it can be passed around to other
1310 * routines that are expecting the kernel form.
1311 */
1312 ifra = in6_aliasreq_to_native(data,
1313 (cmd == SIOCAIFADDR_IN6_64), &sifra);
1314 bcopy(&ifra->ifra_addr, &sin6, sizeof (sin6));
1315 sa6 = &sin6;
1316 break;
1317
1318 case SIOCDIFADDR_IN6: /* struct in6_ifreq */
1319 case SIOCSIFALIFETIME_IN6: /* struct in6_ifreq */
3e170ce0
A		 1320 if (!privileged) {
1321 error = EPERM;
1322 goto done;
1323 }
39236c6e
A		 1324 /* FALLTHRU */
1325 case SIOCGIFADDR_IN6: /* struct in6_ifreq */
1326 case SIOCGIFDSTADDR_IN6: /* struct in6_ifreq */
1327 case SIOCGIFNETMASK_IN6: /* struct in6_ifreq */
1328 case SIOCGIFAFLAG_IN6: /* struct in6_ifreq */
1329 case SIOCGIFALIFETIME_IN6: /* struct in6_ifreq */
1330 bcopy(&ifr->ifr_addr, &sin6, sizeof (sin6));
1331 sa6 = &sin6;
1332 break;
4d15aeb1
A		 1333 case SIOCGIFDSTADDR:
1334 case SIOCSIFDSTADDR:
1335 case SIOCGIFBRDADDR:
1336 case SIOCSIFBRDADDR:
1337 case SIOCGIFNETMASK:
1338 case SIOCSIFNETMASK:
1339 case SIOCGIFADDR:
1340 case SIOCSIFADDR:
1341 case SIOCAIFADDR:
1342 case SIOCDIFADDR:
1343 /* Do not handle these AF_INET commands in AF_INET6 path */
1344 error = EINVAL;
1345 goto done;
9bccf70c 1346 }
b0d623f7 1347
1c79356b 1348 /*
316670eb
A		 1349 * Find address for this interface, if it exists.
1350 *
1351 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation
1352 * only, and used the first interface address as the target of other
1353 * operations (without checking ifra_addr). This was because netinet
1354 * code/API assumed at most 1 interface address per interface.
1355 * Since IPv6 allows a node to assign multiple addresses
1356 * on a single interface, we almost always look and check the
1357 * presence of ifra_addr, and reject invalid ones here.
1358 * It also decreases duplicated code among SIOC*_IN6 operations.
1c79356b 1359 */
39236c6e 1360 VERIFY(ia == NULL);
b0d623f7 1361 if (sa6 != NULL && sa6->sin6_family == AF_INET6) {
1c79356b
A		 1362 if (IN6_IS_ADDR_LINKLOCAL(&sa6->sin6_addr)) {
1363 if (sa6->sin6_addr.s6_addr16[1] == 0) {
9bccf70c 1364 /* link ID is not embedded by the user */
1c79356b 1365 sa6->sin6_addr.s6_addr16[1] =
b0d623f7 1366 htons(ifp->if_index);
1c79356b 1367 } else if (sa6->sin6_addr.s6_addr16[1] !=
b0d623f7 1368 htons(ifp->if_index)) {
3e170ce0
A		 1369 error = EINVAL; /* link ID contradicts */
1370 goto done;
1c79356b
A		 1371 }
1372 if (sa6->sin6_scope_id) {
1373 if (sa6->sin6_scope_id !=
3e170ce0
A		 1374 (u_int32_t)ifp->if_index) {
1375 error = EINVAL;
1376 goto done;
1377 }
1c79356b
A		 1378 sa6->sin6_scope_id = 0; /* XXX: good way? */
1379 }
1380 }
39236c6e
A		 1381 /*
1382 * Any failures from this point on must take into account
1383 * a non-NULL "ia" with an outstanding reference count, and
1384 * therefore requires IFA_REMREF. Jump to "done" label
1385 * instead of calling return if "ia" is valid.
1386 */
b0d623f7 1387 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr);
1c79356b
A		 1388 }
1389
39236c6e
A		 1390 /*
1391 * SIOCDIFADDR_IN6/SIOCAIFADDR_IN6 specific tests.
1392 */
1c79356b 1393 switch (cmd) {
316670eb 1394 case SIOCDIFADDR_IN6: /* struct in6_ifreq */
3e170ce0
A		 1395 if (ia == NULL) {
1396 error = EADDRNOTAVAIL;
1397 goto done;
1398 }
1c79356b 1399 /* FALLTHROUGH */
316670eb
A		 1400 case SIOCAIFADDR_IN6_32: /* struct in6_aliasreq_32 */
1401 case SIOCAIFADDR_IN6_64: /* struct in6_aliasreq_64 */
1402 VERIFY(sa6 != NULL);
1c79356b 1403 /*
9bccf70c 1404 * We always require users to specify a valid IPv6 address for
b0d623f7
A		 1405 * the corresponding operation. Use "sa6" instead of "ifra"
1406 * since SIOCDIFADDR_IN6 falls thru above.
1c79356b 1407 */
b0d623f7 1408 if (sa6->sin6_family != AF_INET6 ||
39236c6e 1409 sa6->sin6_len != sizeof (struct sockaddr_in6)) {
91447636 1410 error = EAFNOSUPPORT;
39236c6e 1411 goto done;
91447636 1412 }
1c79356b 1413 break;
39236c6e
A		 1414 }
1415
39236c6e
A		 1416 /*
1417 * And finally process address-related ioctls.
1418 */
1419 switch (cmd) {
316670eb 1420 case SIOCGIFADDR_IN6: /* struct in6_ifreq */
1c79356b 1421 /* This interface is basically deprecated. use SIOCGIFCONF. */
316670eb 1422 /* FALLTHRU */
316670eb 1423 case SIOCGIFDSTADDR_IN6: /* struct in6_ifreq */
39236c6e 1424 error = in6ctl_gifaddr(ifp, ia, cmd, ifr);
1c79356b 1425 break;
1c79356b 1426
39236c6e
A		 1427 case SIOCGIFNETMASK_IN6: /* struct in6_ifreq */
1428 if (ia != NULL) {
1429 IFA_LOCK(&ia->ia_ifa);
1430 bcopy(&ia->ia_prefixmask, &ifr->ifr_addr,
1431 sizeof (struct sockaddr_in6));
1432 IFA_UNLOCK(&ia->ia_ifa);
1433 } else {
91447636 1434 error = EADDRNOTAVAIL;
91447636 1435 }
39236c6e 1436 break;
b0d623f7 1437
39236c6e
A		 1438 case SIOCGIFAFLAG_IN6: /* struct in6_ifreq */
1439 if (ia != NULL) {
1440 IFA_LOCK(&ia->ia_ifa);
1441 bcopy(&ia->ia6_flags, &ifr->ifr_ifru.ifru_flags6,
1442 sizeof (ifr->ifr_ifru.ifru_flags6));
1443 IFA_UNLOCK(&ia->ia_ifa);
b0d623f7 1444 } else {
39236c6e 1445 error = EADDRNOTAVAIL;
1c79356b
A		 1446 }
1447 break;
6d2010ae 1448
39236c6e
A		 1449 case SIOCGIFALIFETIME_IN6: /* struct in6_ifreq */
1450 case SIOCSIFALIFETIME_IN6: /* struct in6_ifreq */
1451 error = in6ctl_alifetime(ia, cmd, ifr, p64);
1c79356b
A		 1452 break;
1453
39236c6e
A		 1454 case SIOCAIFADDR_IN6_32: /* struct in6_aliasreq_32 */
1455 case SIOCAIFADDR_IN6_64: /* struct in6_aliasreq_64 */
1456 error = in6ctl_aifaddr(ifp, ifra);
1c79356b 1457 break;
316670eb 1458
39236c6e
A		 1459 case SIOCDIFADDR_IN6:
1460 in6ctl_difaddr(ifp, ia);
1461 break;
1c79356b 1462
39236c6e
A		 1463 default:
1464 error = ifnet_ioctl(ifp, PF_INET6, cmd, data);
1c79356b 1465 break;
316670eb
A		 1466 }
1467
39236c6e
A		 1468done:
1469 if (ia != NULL)
1470 IFA_REMREF(&ia->ia_ifa);
1471 if (so_unlocked)
1472 socket_lock(so, 0);
1c79356b 1473
39236c6e
A		 1474 return (error);
1475}
316670eb 1476
39236c6e
A		 1477static __attribute__((noinline)) int
1478in6ctl_aifaddr(struct ifnet *ifp, struct in6_aliasreq *ifra)
1479{
1480 int i, error, addtmp, plen;
1481 struct nd_prefix pr0, *pr;
1482 struct in6_ifaddr *ia;
1c79356b 1483
39236c6e
A		 1484 VERIFY(ifp != NULL && ifra != NULL);
1485 ia = NULL;
316670eb 1486
39236c6e
A		 1487 /* Attempt to attach the protocol, in case it isn't attached */
1488 error = in6_domifattach(ifp);
1489 if (error == 0) {
1490 /* PF_INET6 wasn't previously attached */
1491 error = in6_ifattach_aliasreq(ifp, NULL, NULL);
1492 if (error != 0)
1493 goto done;
1c79356b 1494
39236c6e
A		 1495 in6_if_up_dad_start(ifp);
1496 } else if (error != EEXIST) {
1497 goto done;
316670eb
A		 1498 }
1499
39236c6e
A		 1500 /*
1501 * First, make or update the interface address structure, and link it
1502 * to the list.
1503 */
1504 error = in6_update_ifa(ifp, ifra, 0, &ia);
1505 if (error != 0)
1506 goto done;
1507 VERIFY(ia != NULL);
1c79356b 1508
39236c6e
A		 1509 /* Now, make the prefix on-link on the interface. */
1510 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, NULL);
1511 if (plen == 128)
1512 goto done;
316670eb 1513
39236c6e
A		 1514 /*
1515 * NOTE: We'd rather create the prefix before the address, but we need
1516 * at least one address to install the corresponding interface route,
1517 * so we configure the address first.
1518 */
b0d623f7 1519
39236c6e
A		 1520 /*
1521 * Convert mask to prefix length (prefixmask has already been validated
1522 * in in6_update_ifa().
1523 */
1524 bzero(&pr0, sizeof (pr0));
1525 pr0.ndpr_plen = plen;
1526 pr0.ndpr_ifp = ifp;
1527 pr0.ndpr_prefix = ifra->ifra_addr;
1528 pr0.ndpr_mask = ifra->ifra_prefixmask.sin6_addr;
1529
1530 /* apply the mask for safety. */
1531 for (i = 0; i < 4; i++) {
1532 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &=
1533 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i];
316670eb
A		 1534 }
1535
39236c6e
A		 1536 /*
1537 * Since we don't have an API to set prefix (not address) lifetimes, we
1538 * just use the same lifetimes as addresses. The (temporarily)
1539 * installed lifetimes can be overridden by later advertised RAs (when
1540 * accept_rtadv is non 0), which is an intended behavior.
1541 */
1542 pr0.ndpr_raf_onlink = 1; /* should be configurable? */
1543 pr0.ndpr_raf_auto = !!(ifra->ifra_flags & IN6_IFF_AUTOCONF);
1544 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime;
1545 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime;
1546 pr0.ndpr_stateflags |= NDPRF_STATIC;
1547 lck_mtx_init(&pr0.ndpr_lock, ifa_mtx_grp, ifa_mtx_attr);
1548
3e170ce0
A		 1549 /* add the prefix if there's none. */
1550 if ((pr = nd6_prefix_lookup(&pr0, ND6_PREFIX_EXPIRY_NEVER)) == NULL) {
39236c6e
A		 1551 /*
1552 * nd6_prelist_add will install the corresponding interface
1553 * route.
1554 */
1555 error = nd6_prelist_add(&pr0, NULL, &pr, FALSE);
1556 if (error != 0)
1557 goto done;
b0d623f7 1558
39236c6e
A		 1559 if (pr == NULL) {
1560 log(LOG_ERR, "%s: nd6_prelist_add okay, but"
1561 " no prefix.\n", __func__);
1562 error = EINVAL;
1563 goto done;
b0d623f7 1564 }
316670eb 1565 }
1c79356b 1566
39236c6e 1567 IFA_LOCK(&ia->ia_ifa);
316670eb 1568
39236c6e
A		 1569 /* if this is a new autoconfed addr */
1570 addtmp = FALSE;
3e170ce0 1571 if (ia->ia6_ndpr == NULL) {
39236c6e
A		 1572 NDPR_LOCK(pr);
1573 ++pr->ndpr_addrcnt;
1574 VERIFY(pr->ndpr_addrcnt != 0);
1575 ia->ia6_ndpr = pr;
1576 NDPR_ADDREF_LOCKED(pr); /* for addr reference */
1c79356b 1577
1c79356b 1578 /*
39236c6e
A		 1579 * If this is the first autoconf address from the prefix,
1580 * create a temporary address as well (when specified).
1c79356b 1581 */
3e170ce0
A		 1582 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) != 0 &&
1583 ip6_use_tempaddr &&
1584 pr->ndpr_addrcnt == 1) {
1585 addtmp = true;
1586 }
39236c6e
A		 1587 NDPR_UNLOCK(pr);
1588 }
9bccf70c 1589
39236c6e 1590 IFA_UNLOCK(&ia->ia_ifa);
1c79356b 1591
39236c6e
A		 1592 if (addtmp) {
1593 int e;
1594 e = in6_tmpifadd(ia, 1);
1595 if (e != 0)
1596 log(LOG_NOTICE, "%s: failed to create a"
1597 " temporary address, error=%d\n",
1598 __func__, e);
1599 }
9bccf70c 1600
39236c6e
A		 1601 /*
1602 * This might affect the status of autoconfigured addresses, that is,
1603 * this address might make other addresses detached.
1604 */
1605 lck_mtx_lock(nd6_mutex);
1606 pfxlist_onlink_check();
1607 lck_mtx_unlock(nd6_mutex);
1c79356b 1608
39236c6e
A		 1609 /* Drop use count held above during lookup/add */
1610 NDPR_REMREF(pr);
9bccf70c 1611
39236c6e
A		 1612done:
1613 if (ia != NULL)
1614 IFA_REMREF(&ia->ia_ifa);
1615 return (error);
1616}
1c79356b 1617
39236c6e
A		 1618static __attribute__((noinline)) void
1619in6ctl_difaddr(struct ifnet *ifp, struct in6_ifaddr *ia)
1620{
1621 int i = 0;
1622 struct nd_prefix pr0, *pr;
1c79356b 1623
39236c6e 1624 VERIFY(ifp != NULL && ia != NULL);
2d21ac55 1625
39236c6e
A		 1626 /*
1627 * If the address being deleted is the only one that owns
1628 * the corresponding prefix, expire the prefix as well.
1629 * XXX: theoretically, we don't have to worry about such
1630 * relationship, since we separate the address management
1631 * and the prefix management. We do this, however, to provide
1632 * as much backward compatibility as possible in terms of
1633 * the ioctl operation.
1634 * Note that in6_purgeaddr() will decrement ndpr_addrcnt.
1635 */
1636 IFA_LOCK(&ia->ia_ifa);
1637 bzero(&pr0, sizeof (pr0));
1638 pr0.ndpr_ifp = ifp;
1639 pr0.ndpr_plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL);
1640 if (pr0.ndpr_plen == 128) {
1641 IFA_UNLOCK(&ia->ia_ifa);
1642 goto purgeaddr;
1643 }
1644 pr0.ndpr_prefix = ia->ia_addr;
1645 pr0.ndpr_mask = ia->ia_prefixmask.sin6_addr;
1646 for (i = 0; i < 4; i++) {
1647 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &=
1648 ia->ia_prefixmask.sin6_addr.s6_addr32[i];
9bccf70c 1649 }
39236c6e 1650 IFA_UNLOCK(&ia->ia_ifa);
3e170ce0
A		 1651
1652 if ((pr = nd6_prefix_lookup(&pr0, ND6_PREFIX_EXPIRY_UNSPEC)) != NULL) {
39236c6e
A		 1653 IFA_LOCK(&ia->ia_ifa);
1654 NDPR_LOCK(pr);
3e170ce0 1655 if (pr->ndpr_addrcnt == 1) {
39236c6e
A		 1656 /* XXX: just for expiration */
1657 pr->ndpr_expire = 1;
1658 }
1659 NDPR_UNLOCK(pr);
1660 IFA_UNLOCK(&ia->ia_ifa);
1c79356b 1661
39236c6e
A		 1662 /* Drop use count held above during lookup */
1663 NDPR_REMREF(pr);
1c79356b 1664 }
316670eb 1665
39236c6e
A		 1666purgeaddr:
1667 in6_purgeaddr(&ia->ia_ifa);
1c79356b
A		 1668}
1669
39236c6e 1670static __attribute__((noinline)) int
316670eb
A		 1671in6_autoconf(struct ifnet *ifp, int enable)
1672{
1673 int error = 0;
1674
39236c6e
A		 1675 VERIFY(ifp != NULL);
1676
316670eb
A		 1677 if (ifp->if_flags & IFF_LOOPBACK)
1678 return (EINVAL);
1679
1680 if (enable) {
1681 /*
1682 * An interface in IPv6 router mode implies that it
1683 * is either configured with a static IP address or
1684 * autoconfigured via a locally-generated RA. Prevent
1685 * SIOCAUTOCONF_START from being set in that mode.
1686 */
1687 ifnet_lock_exclusive(ifp);
1688 if (ifp->if_eflags & IFEF_IPV6_ROUTER) {
1689 ifp->if_eflags &= ~IFEF_ACCEPT_RTADV;
1690 error = EBUSY;
1691 } else {
1692 ifp->if_eflags |= IFEF_ACCEPT_RTADV;
1693 }
1694 ifnet_lock_done(ifp);
1695 } else {
1696 struct in6_ifaddr *ia = NULL;
1697
1698 ifnet_lock_exclusive(ifp);
1699 ifp->if_eflags &= ~IFEF_ACCEPT_RTADV;
1700 ifnet_lock_done(ifp);
1701
1702 /* Remove autoconfigured address from interface */
1703 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
1704 ia = in6_ifaddrs;
1705 while (ia != NULL) {
1706 if (ia->ia_ifa.ifa_ifp != ifp) {
1707 ia = ia->ia_next;
1708 continue;
1709 }
1710 IFA_LOCK(&ia->ia_ifa);
1711 if (ia->ia6_flags & IN6_IFF_AUTOCONF) {
1712 IFA_ADDREF_LOCKED(&ia->ia_ifa); /* for us */
1713 IFA_UNLOCK(&ia->ia_ifa);
1714 lck_rw_done(&in6_ifaddr_rwlock);
1715 in6_purgeaddr(&ia->ia_ifa);
1716 IFA_REMREF(&ia->ia_ifa); /* for us */
1717 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
1718 /*
1719 * Purging the address caused in6_ifaddr_rwlock
1720 * to be dropped and reacquired;
1721 * therefore search again from the beginning
1722 * of in6_ifaddrs list.
1723 */
1724 ia = in6_ifaddrs;
1725 continue;
1726 }
1727 IFA_UNLOCK(&ia->ia_ifa);
1728 ia = ia->ia_next;
1729 }
1730 lck_rw_done(&in6_ifaddr_rwlock);
1731 }
1732 return (error);
1733}
1734
1735/*
1736 * Handle SIOCSETROUTERMODE_IN6 to set or clear the IPv6 router mode flag on
1737 * the interface. Entering or exiting this mode will result in the removal of
1738 * autoconfigured IPv6 addresses on the interface.
1739 */
39236c6e 1740static __attribute__((noinline)) int
316670eb
A		 1741in6_setrouter(struct ifnet *ifp, int enable)
1742{
39236c6e
A		 1743 VERIFY(ifp != NULL);
1744
316670eb
A		 1745 if (ifp->if_flags & IFF_LOOPBACK)
1746 return (ENODEV);
1747
1748 if (enable) {
3e170ce0 1749 struct nd_ifinfo *ndi = NULL;
316670eb 1750
316670eb
A		 1751 ndi = ND_IFINFO(ifp);
1752 if (ndi != NULL && ndi->initialized) {
1753 lck_mtx_lock(&ndi->lock);
1754 if (ndi->flags & ND6_IFF_PROXY_PREFIXES) {
1755 /* No proxy if we are an advertising router */
1756 ndi->flags &= ~ND6_IFF_PROXY_PREFIXES;
1757 lck_mtx_unlock(&ndi->lock);
316670eb
A		 1758 (void) nd6_if_prproxy(ifp, FALSE);
1759 } else {
1760 lck_mtx_unlock(&ndi->lock);
316670eb 1761 }
316670eb
A		 1762 }
1763 }
1764
1765 ifnet_lock_exclusive(ifp);
1766 if (enable) {
1767 ifp->if_eflags |= IFEF_IPV6_ROUTER;
1768 } else {
1769 ifp->if_eflags &= ~IFEF_IPV6_ROUTER;
1770 }
1771 ifnet_lock_done(ifp);
1772
1773 lck_mtx_lock(nd6_mutex);
1774 defrouter_select(ifp);
1775 lck_mtx_unlock(nd6_mutex);
1776
1777 if_allmulti(ifp, enable);
1778
1779 return (in6_autoconf(ifp, FALSE));
1780}
1781
39236c6e
A		 1782static int
1783in6_to_kamescope(struct sockaddr_in6 *sin6, struct ifnet *ifp)
1c79356b 1784{
39236c6e
A		 1785 struct sockaddr_in6 tmp;
1786 int error, id;
1c79356b 1787
39236c6e
A		 1788 VERIFY(sin6 != NULL);
1789 tmp = *sin6;
91447636 1790
39236c6e
A		 1791 error = in6_recoverscope(&tmp, &sin6->sin6_addr, ifp);
1792 if (error != 0)
1793 return (error);
9bccf70c 1794
39236c6e
A		 1795 id = in6_addr2scopeid(ifp, &tmp.sin6_addr);
1796 if (tmp.sin6_scope_id == 0)
1797 tmp.sin6_scope_id = id;
1798 else if (tmp.sin6_scope_id != id)
1799 return (EINVAL); /* scope ID mismatch. */
91447636 1800
39236c6e
A		 1801 error = in6_embedscope(&tmp.sin6_addr, &tmp, NULL, NULL, NULL);
1802 if (error != 0)
1803 return (error);
9bccf70c 1804
39236c6e
A		 1805 tmp.sin6_scope_id = 0;
1806 *sin6 = tmp;
1807 return (0);
1808}
9bccf70c 1809
00867663
A		 1810/*
1811 * When the address is being configured we should clear out certain flags
1812 * coming in from the caller.
1813 */
1814#define IN6_IFF_CLR_ADDR_FLAG_MASK (~(IN6_IFF_DEPRECATED | IN6_IFF_DETACHED | IN6_IFF_DUPLICATED))
1815
39236c6e
A		 1816static int
1817in6_ifaupdate_aux(struct in6_ifaddr *ia, struct ifnet *ifp, int ifaupflags)
1818{
1819 struct sockaddr_in6 mltaddr, mltmask;
1820 struct in6_addr llsol;
1821 struct ifaddr *ifa;
1822 struct in6_multi *in6m_sol;
1823 struct in6_multi_mship *imm;
1824 struct rtentry *rt;
3e170ce0 1825 int delay, error = 0;
9bccf70c 1826
39236c6e 1827 VERIFY(ifp != NULL && ia != NULL);
6d2010ae 1828 ifa = &ia->ia_ifa;
39236c6e 1829 in6m_sol = NULL;
9bccf70c 1830
fe8ab488
A		 1831 nd6log2((LOG_DEBUG, "%s - %s ifp %s ia6_flags 0x%x ifaupflags 0x%x\n",
1832 __func__,
1833 ip6_sprintf(&ia->ia_addr.sin6_addr),
1834 if_name(ia->ia_ifp),
1835 ia->ia6_flags,
1836 ifaupflags));
1837
00867663
A		 1838 /*
1839 * Just to be safe, always clear certain flags when address
1840 * is being configured
1841 */
1842 ia->ia6_flags &= IN6_IFF_CLR_ADDR_FLAG_MASK;
1843
6d2010ae 1844 /*
316670eb 1845 * Mark the address as tentative before joining multicast addresses,
6d2010ae
A		 1846 * so that corresponding MLD responses would not have a tentative
1847 * source address.
1848 */
00867663 1849 if (in6if_do_dad(ifp)) {
316670eb 1850 in6_ifaddr_set_dadprogress(ia);
00867663
A		 1851 /*
1852 * Do not delay sending neighbor solicitations when using optimistic
1853 * duplicate address detection, c.f. RFC 4429.
1854 */
1855 if (ia->ia6_flags & IN6_IFF_OPTIMISTIC)
1856 ifaupflags &= ~IN6_IFAUPDATE_DADDELAY;
1857 else
1858 ifaupflags |= IN6_IFAUPDATE_DADDELAY;
1859 } else {
1860 /*
1861 * If the interface has been marked to not perform
1862 * DAD, make sure to reset DAD in progress flags
1863 * that may come in from the caller.
1864 */
1865 ia->ia6_flags &= ~IN6_IFF_DADPROGRESS;
1866 }
39037602 1867
6d2010ae 1868 /* Join necessary multicast groups */
9bccf70c 1869 if ((ifp->if_flags & IFF_MULTICAST) != 0) {
9bccf70c 1870
6d2010ae 1871 /* join solicited multicast addr for new host id */
39236c6e 1872 bzero(&llsol, sizeof (struct in6_addr));
6d2010ae
A		 1873 llsol.s6_addr32[0] = IPV6_ADDR_INT32_MLL;
1874 llsol.s6_addr32[1] = 0;
1875 llsol.s6_addr32[2] = htonl(1);
39236c6e 1876 llsol.s6_addr32[3] = ia->ia_addr.sin6_addr.s6_addr32[3];
6d2010ae
A		 1877 llsol.s6_addr8[12] = 0xff;
1878 if ((error = in6_setscope(&llsol, ifp, NULL)) != 0) {
1879 /* XXX: should not happen */
39236c6e
A		 1880 log(LOG_ERR, "%s: in6_setscope failed\n", __func__);
1881 goto unwind;
6d2010ae
A		 1882 }
1883 delay = 0;
39236c6e 1884 if ((ifaupflags & IN6_IFAUPDATE_DADDELAY)) {
9bccf70c 1885 /*
6d2010ae
A		 1886 * We need a random delay for DAD on the address
1887 * being configured. It also means delaying
1888 * transmission of the corresponding MLD report to
39236c6e 1889 * avoid report collision. [RFC 4862]
9bccf70c 1890 */
39236c6e 1891 delay = random() % MAX_RTR_SOLICITATION_DELAY;
6d2010ae
A		 1892 }
1893 imm = in6_joingroup(ifp, &llsol, &error, delay);
1894 if (imm == NULL) {
1895 nd6log((LOG_WARNING,
39236c6e
A		 1896 "%s: addmulti failed for %s on %s (errno=%d)\n",
1897 __func__, ip6_sprintf(&llsol), if_name(ifp),
6d2010ae 1898 error));
39236c6e
A		 1899 VERIFY(error != 0);
1900 goto unwind;
9bccf70c 1901 }
6d2010ae
A		 1902 in6m_sol = imm->i6mm_maddr;
1903 /* take a refcount for this routine */
1904 IN6M_ADDREF(in6m_sol);
1905
1906 IFA_LOCK_SPIN(ifa);
1907 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
1908 IFA_UNLOCK(ifa);
9bccf70c 1909
39236c6e
A		 1910 bzero(&mltmask, sizeof (mltmask));
1911 mltmask.sin6_len = sizeof (struct sockaddr_in6);
9bccf70c
A		 1912 mltmask.sin6_family = AF_INET6;
1913 mltmask.sin6_addr = in6mask32;
6d2010ae 1914#define MLTMASK_LEN 4 /* mltmask's masklen (=32bit=4octet) */
9bccf70c
A		 1915
1916 /*
1917 * join link-local all-nodes address
1918 */
39236c6e
A		 1919 bzero(&mltaddr, sizeof (mltaddr));
1920 mltaddr.sin6_len = sizeof (struct sockaddr_in6);
9bccf70c
A		 1921 mltaddr.sin6_family = AF_INET6;
1922 mltaddr.sin6_addr = in6addr_linklocal_allnodes;
39236c6e
A		 1923 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0)
1924 goto unwind; /* XXX: should not fail */
9bccf70c 1925
6d2010ae
A		 1926 /*
1927 * XXX: do we really need this automatic routes?
1928 * We should probably reconsider this stuff. Most applications
1929 * actually do not need the routes, since they usually specify
1930 * the outgoing interface.
1931 */
1932 rt = rtalloc1_scoped((struct sockaddr *)&mltaddr, 0, 0UL,
1933 ia->ia_ifp->if_index);
1934 if (rt) {
316670eb
A		 1935 if (memcmp(&mltaddr.sin6_addr, &((struct sockaddr_in6 *)
1936 (void *)rt_key(rt))->sin6_addr, MLTMASK_LEN)) {
6d2010ae
A		 1937 rtfree(rt);
1938 rt = NULL;
9bccf70c
A		 1939 }
1940 }
6d2010ae
A		 1941 if (!rt) {
1942 error = rtrequest_scoped(RTM_ADD,
1943 (struct sockaddr *)&mltaddr,
1944 (struct sockaddr *)&ia->ia_addr,
1945 (struct sockaddr *)&mltmask, RTF_UP | RTF_CLONING,
1946 NULL, ia->ia_ifp->if_index);
1947 if (error)
39236c6e 1948 goto unwind;
6d2010ae
A		 1949 } else {
1950 rtfree(rt);
1951 }
1952
1953 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0);
1954 if (!imm) {
1955 nd6log((LOG_WARNING,
39236c6e
A		 1956 "%s: addmulti failed for %s on %s (errno=%d)\n",
1957 __func__, ip6_sprintf(&mltaddr.sin6_addr),
6d2010ae 1958 if_name(ifp), error));
39236c6e
A		 1959 VERIFY(error != 0);
1960 goto unwind;
6d2010ae
A		 1961 }
1962 IFA_LOCK_SPIN(ifa);
1963 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
1964 IFA_UNLOCK(ifa);
9bccf70c
A		 1965
1966 /*
1967 * join node information group address
1968 */
39236c6e 1969#define hostnamelen strlen(hostname)
6d2010ae 1970 delay = 0;
39236c6e 1971 if ((ifaupflags & IN6_IFAUPDATE_DADDELAY)) {
6d2010ae
A		 1972 /*
1973 * The spec doesn't say anything about delay for this
1974 * group, but the same logic should apply.
1975 */
39236c6e 1976 delay = random() % MAX_RTR_SOLICITATION_DELAY;
6d2010ae 1977 }
9bccf70c
A		 1978 if (in6_nigroup(ifp, hostname, hostnamelen, &mltaddr.sin6_addr)
1979 == 0) {
6d2010ae
A		 1980 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error,
1981 delay); /* XXX jinmei */
1982 if (!imm) {
39236c6e
A		 1983 nd6log((LOG_WARNING,
1984 "%s: addmulti failed for %s on %s "
6d2010ae 1985 "(errno=%d)\n",
39236c6e 1986 __func__, ip6_sprintf(&mltaddr.sin6_addr),
6d2010ae
A		 1987 if_name(ifp), error));
1988 /* XXX not very fatal, go on... */
39236c6e 1989 error = 0;
6d2010ae
A		 1990 } else {
1991 IFA_LOCK_SPIN(ifa);
1992 LIST_INSERT_HEAD(&ia->ia6_memberships,
1993 imm, i6mm_chain);
1994 IFA_UNLOCK(ifa);
9bccf70c
A		 1995 }
1996 }
1997#undef hostnamelen
1998
1999 /*
6d2010ae
A		 2000 * join interface-local all-nodes address.
2001 * (ff01::1%ifN, and ff01::%ifN/32)
9bccf70c 2002 */
6d2010ae 2003 mltaddr.sin6_addr = in6addr_nodelocal_allnodes;
39236c6e
A		 2004 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0)
2005 goto unwind; /* XXX: should not fail */
6d2010ae
A		 2006 /* XXX: again, do we really need the route? */
2007 rt = rtalloc1_scoped((struct sockaddr *)&mltaddr, 0, 0UL,
2008 ia->ia_ifp->if_index);
2009 if (rt) {
316670eb
A		 2010 if (memcmp(&mltaddr.sin6_addr, &((struct sockaddr_in6 *)
2011 (void *)rt_key(rt))->sin6_addr, MLTMASK_LEN)) {
6d2010ae
A		 2012 rtfree(rt);
2013 rt = NULL;
9bccf70c
A		 2014 }
2015 }
6d2010ae
A		 2016 if (!rt) {
2017 error = rtrequest_scoped(RTM_ADD,
2018 (struct sockaddr *)&mltaddr,
2019 (struct sockaddr *)&ia->ia_addr,
2020 (struct sockaddr *)&mltmask, RTF_UP | RTF_CLONING,
2021 NULL, ia->ia_ifp->if_index);
2022 if (error)
39236c6e 2023 goto unwind;
6d2010ae
A		 2024 } else
2025 rtfree(rt);
2026
2027 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0);
2028 if (!imm) {
39236c6e
A		 2029 nd6log((LOG_WARNING,
2030 "%s: addmulti failed for %s on %s (errno=%d)\n",
2031 __func__, ip6_sprintf(&mltaddr.sin6_addr),
6d2010ae 2032 if_name(ifp), error));
39236c6e
A		 2033 VERIFY(error != 0);
2034 goto unwind;
6d2010ae
A		 2035 }
2036 IFA_LOCK(ifa);
2037 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
39236c6e 2038 IFA_UNLOCK(ifa);
9bccf70c 2039 }
39236c6e
A		 2040#undef MLTMASK_LEN
2041
39236c6e
A		 2042 /* Ensure nd6_service() is scheduled as soon as it's convenient */
2043 ++nd6_sched_timeout_want;
9bccf70c
A		 2044
2045 /*
2046 * Perform DAD, if needed.
2047 * XXX It may be of use, if we can administratively
2048 * disable DAD.
2049 */
39236c6e
A		 2050 IFA_LOCK_SPIN(ifa);
2051 if (in6if_do_dad(ifp) && ((ifa->ifa_flags & IN6_IFF_NODAD) == 0) &&
2052 (ia->ia6_flags & IN6_IFF_DADPROGRESS)) {
6d2010ae 2053 int mindelay, maxdelay;
316670eb 2054 int *delayptr, delayval;
9bccf70c 2055
6d2010ae 2056 IFA_UNLOCK(ifa);
39236c6e 2057 delayptr = NULL;
fe8ab488
A		 2058 /*
2059 * Avoid the DAD delay if the caller wants us to skip it.
2060 * This is not compliant with RFC 2461, but it's only being
2061 * used for signalling and not for actual DAD.
2062 */
2063 if ((ifaupflags & IN6_IFAUPDATE_DADDELAY) &&
2064 !(ia->ia6_flags & IN6_IFF_SWIFTDAD)) {
39236c6e
A		 2065 /*
2066 * We need to impose a delay before sending an NS
2067 * for DAD. Check if we also needed a delay for the
2068 * corresponding MLD message. If we did, the delay
2069 * should be larger than the MLD delay (this could be
2070 * relaxed a bit, but this simple logic is at least
2071 * safe).
2072 */
2073 mindelay = 0;
2074 if (in6m_sol != NULL) {
2075 IN6M_LOCK(in6m_sol);
2076 if (in6m_sol->in6m_state ==
2077 MLD_REPORTING_MEMBER)
2078 mindelay = in6m_sol->in6m_timer;
2079 IN6M_UNLOCK(in6m_sol);
2080 }
2081 maxdelay = MAX_RTR_SOLICITATION_DELAY * hz;
2082 if (maxdelay - mindelay == 0)
2083 delayval = 0;
2084 else {
2085 delayval =
2086 (random() % (maxdelay - mindelay)) +
2087 mindelay;
2088 }
2089 delayptr = &delayval;
2090 }
2091
2092 nd6_dad_start((struct ifaddr *)ia, delayptr);
2093 } else {
2094 IFA_UNLOCK(ifa);
2095 }
2096
2097 goto done;
2098
2099unwind:
2100 VERIFY(error != 0);
2101 in6_purgeaddr(&ia->ia_ifa);
2102
2103done:
2104 /* release reference held for this routine */
2105 if (in6m_sol != NULL)
2106 IN6M_REMREF(in6m_sol);
2107 return (error);
2108}
2109
2110/*
2111 * Request an IPv6 interface address. If the address is new, then it will be
2112 * constructed and appended to the interface address chains. The interface
2113 * address structure is optionally returned with a reference for the caller.
2114 */
2115int
2116in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, int ifaupflags,
2117 struct in6_ifaddr **iar)
2118{
2119 struct in6_addrlifetime ia6_lt;
2120 struct in6_ifaddr *ia;
2121 struct ifaddr *ifa;
2122 struct ifaddr *xifa;
2123 struct in6_addrlifetime *lt;
2124 uint64_t timenow;
2125 int plen, error;
2126
2127 /* Sanity check parameters and initialize locals */
2128 VERIFY(ifp != NULL && ifra != NULL && iar != NULL);
2129 ia = NULL;
2130 ifa = NULL;
2131 error = 0;
2132
2133 /*
2134 * We always require users to specify a valid IPv6 address for
2135 * the corresponding operation.
2136 */
2137 if (ifra->ifra_addr.sin6_family != AF_INET6 ||
2138 ifra->ifra_addr.sin6_len != sizeof (struct sockaddr_in6)) {
2139 error = EAFNOSUPPORT;
2140 goto unwind;
2141 }
2142
2143 /* Validate ifra_prefixmask.sin6_len is properly bounded. */
2144 if (ifra->ifra_prefixmask.sin6_len == 0 ||
2145 ifra->ifra_prefixmask.sin6_len > sizeof (struct sockaddr_in6)) {
2146 error = EINVAL;
2147 goto unwind;
2148 }
2149
2150 /* Validate prefix length extracted from ifra_prefixmask structure. */
2151 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
2152 (u_char *)&ifra->ifra_prefixmask + ifra->ifra_prefixmask.sin6_len);
2153 if (plen <= 0) {
2154 error = EINVAL;
2155 goto unwind;
2156 }
2157
2158 /* Validate lifetimes */
2159 lt = &ifra->ifra_lifetime;
2160 if (lt->ia6t_pltime > lt->ia6t_vltime) {
2161 log(LOG_INFO,
2162 "%s: pltime 0x%x > vltime 0x%x for %s\n", __func__,
2163 lt->ia6t_pltime, lt->ia6t_vltime,
2164 ip6_sprintf(&ifra->ifra_addr.sin6_addr));
2165 error = EINVAL;
2166 goto unwind;
2167 }
2168 if (lt->ia6t_vltime == 0) {
2169 /*
2170 * the following log might be noisy, but this is a typical
2171 * configuration mistake or a tool's bug.
2172 */
2173 log(LOG_INFO, "%s: valid lifetime is 0 for %s\n", __func__,
2174 ip6_sprintf(&ifra->ifra_addr.sin6_addr));
2175 }
2176
2177 /*
2178 * Before we lock the ifnet structure, we first check to see if the
2179 * address already exists. If so, then we don't allocate and link a
2180 * new one here.
2181 */
2182 ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr);
2183 if (ia != NULL)
2184 ifa = &ia->ia_ifa;
2185
2186 /*
2187 * Validate destination address on interface types that require it.
2188 */
2189 if ((ifp->if_flags & (IFF_LOOPBACK|IFF_POINTOPOINT)) != 0) {
2190 switch (ifra->ifra_dstaddr.sin6_family) {
2191 case AF_INET6:
2192 if (plen != 128) {
2193 /* noisy message for diagnostic purposes */
2194 log(LOG_INFO,
2195 "%s: prefix length < 128 with"
2196 " explicit dstaddr.\n", __func__);
2197 error = EINVAL;
2198 goto unwind;
2199 }
2200 break;
2201
2202 case AF_UNSPEC:
2203 break;
2204
2205 default:
2206 error = EAFNOSUPPORT;
2207 goto unwind;
2208 }
2209 } else if (ifra->ifra_dstaddr.sin6_family != AF_UNSPEC) {
2210 log(LOG_INFO,
2211 "%s: dstaddr valid only on p2p and loopback interfaces.\n",
2212 __func__);
2213 error = EINVAL;
2214 goto unwind;
2215 }
2216
2217 timenow = net_uptime();
2218
2219 if (ia == NULL) {
2220 int how;
2221
2222 /* Is this the first new IPv6 address for the interface? */
2223 ifaupflags |= IN6_IFAUPDATE_NEWADDR;
2224
2225 /* Allocate memory for IPv6 interface address structure. */
2226 how = !(ifaupflags & IN6_IFAUPDATE_NOWAIT) ? M_WAITOK : 0;
2227 ia = in6_ifaddr_alloc(how);
2228 if (ia == NULL) {
2229 error = ENOBUFS;
2230 goto unwind;
2231 }
2232
2233 ifa = &ia->ia_ifa;
2234
2235 /*
2236 * Initialize interface address structure.
2237 *
2238 * Note well: none of these sockaddr_in6 structures contain a
2239 * valid sin6_port, sin6_flowinfo or even a sin6_scope_id field.
2240 * We still embed link-local scope identifiers at the end of an
2241 * arbitrary fe80::/32 prefix, for historical reasons. Also, the
2242 * ifa_dstaddr field is always non-NULL on point-to-point and
2243 * loopback interfaces, and conventionally points to a socket
2244 * address of AF_UNSPEC family when there is no destination.
2245 *
2246 * Please enjoy the dancing sea turtle.
2247 */
2248 IFA_ADDREF(ifa); /* for this and optionally for caller */
2249 ifa->ifa_addr = (struct sockaddr *)&ia->ia_addr;
2250 if (ifra->ifra_dstaddr.sin6_family == AF_INET6 ||
2251 (ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0)
2252 ifa->ifa_dstaddr = (struct sockaddr *)&ia->ia_dstaddr;
2253 ifa->ifa_netmask = (struct sockaddr *)&ia->ia_prefixmask;
2254 ifa->ifa_ifp = ifp;
2255 ifa->ifa_metric = ifp->if_metric;
2256 ifa->ifa_rtrequest = nd6_rtrequest;
2257
2258 LIST_INIT(&ia->ia6_memberships);
2259 ia->ia_addr.sin6_family = AF_INET6;
2260 ia->ia_addr.sin6_len = sizeof (ia->ia_addr);
2261 ia->ia_addr.sin6_addr = ifra->ifra_addr.sin6_addr;
2262 ia->ia_prefixmask.sin6_family = AF_INET6;
2263 ia->ia_prefixmask.sin6_len = sizeof (ia->ia_prefixmask);
2264 ia->ia_prefixmask.sin6_addr = ifra->ifra_prefixmask.sin6_addr;
2265 error = in6_to_kamescope(&ia->ia_addr, ifp);
2266 if (error != 0)
2267 goto unwind;
2268 if (ifa->ifa_dstaddr != NULL) {
2269 ia->ia_dstaddr = ifra->ifra_dstaddr;
2270 error = in6_to_kamescope(&ia->ia_dstaddr, ifp);
2271 if (error != 0)
2272 goto unwind;
2273 }
2274
2275 /* Append to address chains */
2276 ifnet_lock_exclusive(ifp);
2277 ifaupflags |= IN6_IFAUPDATE_1STADDR;
2278 TAILQ_FOREACH(xifa, &ifp->if_addrlist, ifa_list) {
2279 IFA_LOCK_SPIN(xifa);
2280 if (xifa->ifa_addr->sa_family != AF_INET6) {
2281 IFA_UNLOCK(xifa);
2282 ifaupflags &= ~IN6_IFAUPDATE_1STADDR;
2283 break;
2284 }
2285 IFA_UNLOCK(xifa);
2286 }
2287
2288 IFA_LOCK_SPIN(ifa);
2289 if_attach_ifa(ifp, ifa); /* holds reference for ifnet link */
2290 IFA_UNLOCK(ifa);
2291 ifnet_lock_done(ifp);
2292
2293 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
2294 if (in6_ifaddrs != NULL) {
2295 struct in6_ifaddr *iac;
2296 for (iac = in6_ifaddrs; iac->ia_next != NULL;
2297 iac = iac->ia_next)
2298 continue;
2299 iac->ia_next = ia;
2300 } else {
2301 in6_ifaddrs = ia;
6d2010ae 2302 }
39236c6e
A		 2303 IFA_ADDREF(ifa); /* hold for in6_ifaddrs link */
2304 lck_rw_done(&in6_ifaddr_rwlock);
6d2010ae 2305 } else {
39236c6e
A		 2306 ifa = &ia->ia_ifa;
2307 ifaupflags &= ~(IN6_IFAUPDATE_NEWADDR|IN6_IFAUPDATE_1STADDR);
6d2010ae 2308 }
9bccf70c 2309
39236c6e
A		 2310 VERIFY(ia != NULL && ifa == &ia->ia_ifa);
2311 IFA_LOCK(ifa);
2312
2313 /*
2314 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred
2315 * to see if the address is deprecated or invalidated, but initialize
2316 * these members for applications.
2317 */
2318 ia->ia6_updatetime = ia->ia6_createtime = timenow;
2319 ia6_lt = *lt;
2320 if (ia6_lt.ia6t_vltime != ND6_INFINITE_LIFETIME)
2321 ia6_lt.ia6t_expire = timenow + ia6_lt.ia6t_vltime;
2322 else
2323 ia6_lt.ia6t_expire = 0;
2324 if (ia6_lt.ia6t_pltime != ND6_INFINITE_LIFETIME)
2325 ia6_lt.ia6t_preferred = timenow + ia6_lt.ia6t_pltime;
2326 else
2327 ia6_lt.ia6t_preferred = 0;
2328 in6ifa_setlifetime(ia, &ia6_lt);
2329
9bccf70c 2330 /*
39236c6e
A		 2331 * Backward compatibility - if IN6_IFF_DEPRECATED is set from the
2332 * userland, make it deprecated.
9bccf70c 2333 */
39236c6e
A		 2334 if ((ia->ia6_flags & IN6_IFF_DEPRECATED) != 0) {
2335 ia->ia6_lifetime.ia6ti_pltime = 0;
2336 ia->ia6_lifetime.ia6ti_preferred = timenow;
6d2010ae 2337 }
6d2010ae 2338
39236c6e
A		 2339 /*
2340 * Update flag or prefix length
2341 */
2342 ia->ia_plen = plen;
2343 ia->ia6_flags = ifra->ifra_flags;
2344
2345 /* Release locks (new address available to concurrent tasks) */
2346 IFA_UNLOCK(ifa);
2347
2348 /* Further initialization of the interface address */
2349 error = in6_ifinit(ifp, ia, ifaupflags);
2350 if (error != 0)
2351 goto unwind;
2352
2353 /* Finish updating the address while other tasks are working with it */
2354 error = in6_ifaupdate_aux(ia, ifp, ifaupflags);
2355 if (error != 0)
2356 goto unwind;
2357
2358 /* Return success (optionally w/ address for caller). */
2359 VERIFY(error == 0);
2360 (void) ifnet_notify_address(ifp, AF_INET6);
6d2010ae 2361 goto done;
39236c6e
A		 2362
2363unwind:
2364 VERIFY(error != 0);
2365 if (ia != NULL) {
2366 VERIFY(ifa == &ia->ia_ifa);
2367 IFA_REMREF(ifa);
2368 ia = NULL;
2369 }
2370
2371done:
2372 *iar = ia;
2373 return (error);
9bccf70c
A		 2374}
2375
2376void
6d2010ae 2377in6_purgeaddr(struct ifaddr *ifa)
9bccf70c
A		 2378{
2379 struct ifnet *ifp = ifa->ifa_ifp;
39236c6e 2380 struct in6_ifaddr *ia = (struct in6_ifaddr *)ifa;
6d2010ae
A		 2381 struct in6_multi_mship *imm;
2382
5ba3f43e 2383 LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED);
9bccf70c
A		 2384
2385 /* stop DAD processing */
55e303ae 2386 nd6_dad_stop(ifa);
9bccf70c
A		 2387
2388 /*
2389 * delete route to the destination of the address being purged.
2390 * The interface must be p2p or loopback in this case.
2391 */
6d2010ae 2392 IFA_LOCK(ifa);
39236c6e
A		 2393 if ((ia->ia_flags & IFA_ROUTE) && ia->ia_plen == 128) {
2394 int error, rtf;
9bccf70c 2395
6d2010ae 2396 IFA_UNLOCK(ifa);
39236c6e
A		 2397 rtf = (ia->ia_dstaddr.sin6_family == AF_INET6) ? RTF_HOST : 0;
2398 error = rtinit(&(ia->ia_ifa), RTM_DELETE, rtf);
2399 if (error != 0) {
9bccf70c
A		 2400 log(LOG_ERR, "in6_purgeaddr: failed to remove "
2401 "a route to the p2p destination: %s on %s, "
2402 "errno=%d\n",
2403 ip6_sprintf(&ia->ia_addr.sin6_addr), if_name(ifp),
39236c6e 2404 error);
9bccf70c 2405 /* proceed anyway... */
6d2010ae 2406 }
39236c6e
A		 2407 IFA_LOCK_SPIN(ifa);
2408 ia->ia_flags &= ~IFA_ROUTE;
9bccf70c 2409 }
39236c6e 2410 IFA_UNLOCK(ifa);
9bccf70c
A		 2411
2412 /* Remove ownaddr's loopback rtentry, if it exists. */
6d2010ae 2413 in6_ifremloop(&(ia->ia_ifa));
1c79356b 2414
6d2010ae
A		 2415 /*
2416 * leave from multicast groups we have joined for the interface
2417 */
2418 IFA_LOCK(ifa);
2419 while ((imm = ia->ia6_memberships.lh_first) != NULL) {
2420 LIST_REMOVE(imm, i6mm_chain);
2421 IFA_UNLOCK(ifa);
2422 in6_leavegroup(imm);
2423 IFA_LOCK(ifa);
1c79356b 2424 }
6d2010ae 2425 IFA_UNLOCK(ifa);
1c79356b 2426
6d2010ae
A		 2427 /* in6_unlink_ifa() will need exclusive access */
2428 in6_unlink_ifa(ia, ifp);
fe8ab488 2429 in6_post_msg(ifp, KEV_INET6_ADDR_DELETED, ia, NULL);
39236c6e
A		 2430
2431 (void) ifnet_notify_address(ifp, AF_INET6);
9bccf70c
A		 2432}
2433
2434static void
6d2010ae 2435in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp)
9bccf70c 2436{
9bccf70c 2437 struct in6_ifaddr *oia;
6d2010ae
A		 2438 struct ifaddr *ifa;
2439 int unlinked;
2440
5ba3f43e 2441 LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED);
6d2010ae
A		 2442
2443 ifa = &ia->ia_ifa;
2444 IFA_ADDREF(ifa);
9bccf70c 2445
91447636 2446 ifnet_lock_exclusive(ifp);
6d2010ae
A		 2447 IFA_LOCK(ifa);
2448 if (ifa->ifa_debug & IFD_ATTACHED)
2449 if_detach_ifa(ifp, ifa);
2450 IFA_UNLOCK(ifa);
91447636 2451 ifnet_lock_done(ifp);
1c79356b 2452
6d2010ae
A		 2453 unlinked = 1;
2454 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
1c79356b 2455 oia = ia;
6d2010ae 2456 if (oia == (ia = in6_ifaddrs)) {
91447636 2457 in6_ifaddrs = ia->ia_next;
6d2010ae 2458 } else {
1c79356b
A		 2459 while (ia->ia_next && (ia->ia_next != oia))
2460 ia = ia->ia_next;
6d2010ae 2461 if (ia->ia_next) {
1c79356b 2462 ia->ia_next = oia->ia_next;
6d2010ae 2463 } else {
9bccf70c 2464 /* search failed */
39236c6e 2465 log(LOG_NOTICE, "%s: search failed.\n", __func__);
6d2010ae 2466 unlinked = 0;
9bccf70c 2467 }
1c79356b 2468 }
1c79356b 2469
9bccf70c 2470 /*
3e170ce0
A		 2471 * When IPv6 address is being removed, release the
2472 * reference to the base prefix.
2473 * Also, since the release might, affect the status
2474 * of other (detached) addresses, call
9bccf70c
A		 2475 * pfxlist_onlink_check().
2476 */
6d2010ae
A		 2477 ifa = &oia->ia_ifa;
2478 IFA_LOCK(ifa);
39037602
A		 2479 /*
2480 * Only log the below message for addresses other than
2481 * link local.
2482 * Only one LLA (auto-configured or statically) is allowed
2483 * on an interface.
2484 * LLA prefix, while added to the prefix list, is not
2485 * reference countedi (as it is the only one).
2486 * The prefix also never expires on its own as LLAs
2487 * have infinite lifetime.
2488 *
2489 * For now quiece down the log message for LLAs.
2490 */
2491 if (!IN6_IS_ADDR_LINKLOCAL(&oia->ia_addr.sin6_addr)) {
2492 if (oia->ia6_ndpr == NULL)
2493 log(LOG_NOTICE, "in6_unlink_ifa: IPv6 address "
2494 "0x%llx has no prefix\n",
2495 (uint64_t)VM_KERNEL_ADDRPERM(oia));
2496 else {
2497 struct nd_prefix *pr = oia->ia6_ndpr;
2498 oia->ia6_flags &= ~IN6_IFF_AUTOCONF;
2499 oia->ia6_ndpr = NULL;
2500 NDPR_LOCK(pr);
2501 VERIFY(pr->ndpr_addrcnt != 0);
2502 pr->ndpr_addrcnt--;
2503 NDPR_UNLOCK(pr);
2504 NDPR_REMREF(pr); /* release addr reference */
2505 }
3e170ce0
A		 2506 }
2507 IFA_UNLOCK(ifa);
2508 lck_rw_done(&in6_ifaddr_rwlock);
6d2010ae 2509
3e170ce0 2510 if ((oia->ia6_flags & IN6_IFF_AUTOCONF) != 0) {
6d2010ae
A		 2511 lck_mtx_lock(nd6_mutex);
2512 pfxlist_onlink_check();
91447636 2513 lck_mtx_unlock(nd6_mutex);
6d2010ae 2514 }
9bccf70c 2515 /*
91447636 2516 * release another refcnt for the link from in6_ifaddrs.
6d2010ae
A		 2517 * Do this only if it's not already unlinked in the event that we lost
2518 * the race, since in6_ifaddr_rwlock was momentarily dropped above.
9bccf70c 2519 */
6d2010ae
A		 2520 if (unlinked)
2521 IFA_REMREF(ifa);
9bccf70c 2522
6d2010ae
A		 2523 /* release reference held for this routine */
2524 IFA_REMREF(ifa);
39236c6e
A		 2525
2526 /* invalidate route caches */
2527 routegenid_inet6_update();
9bccf70c
A		 2528}
2529
2530void
6d2010ae 2531in6_purgeif(struct ifnet *ifp)
9bccf70c 2532{
6d2010ae 2533 struct in6_ifaddr *ia;
9bccf70c 2534
6d2010ae 2535 if (ifp == NULL)
9bccf70c 2536 return;
6d2010ae 2537
5ba3f43e 2538 LCK_MTX_ASSERT(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED);
6d2010ae
A		 2539
2540 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
2541 ia = in6_ifaddrs;
2542 while (ia != NULL) {
2543 if (ia->ia_ifa.ifa_ifp != ifp) {
2544 ia = ia->ia_next;
9bccf70c 2545 continue;
6d2010ae
A		 2546 }
2547 IFA_ADDREF(&ia->ia_ifa); /* for us */
2548 lck_rw_done(&in6_ifaddr_rwlock);
2549 in6_purgeaddr(&ia->ia_ifa);
6d2010ae 2550 IFA_REMREF(&ia->ia_ifa); /* for us */
316670eb 2551 lck_rw_lock_exclusive(&in6_ifaddr_rwlock);
6d2010ae
A		 2552 /*
2553 * Purging the address would have caused
2554 * in6_ifaddr_rwlock to be dropped and reacquired;
2555 * therefore search again from the beginning
2556 * of in6_ifaddrs list.
2557 */
2558 ia = in6_ifaddrs;
9bccf70c 2559 }
6d2010ae 2560 lck_rw_done(&in6_ifaddr_rwlock);
9bccf70c
A		 2561
2562 in6_ifdetach(ifp);
1c79356b
A		 2563}
2564
1c79356b 2565/*
39236c6e 2566 * Initialize an interface's internet6 address and routing table entry.
1c79356b 2567 */
9bccf70c 2568static int
39236c6e 2569in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia, int ifaupflags)
1c79356b 2570{
39236c6e 2571 int error;
9bccf70c 2572 struct ifaddr *ifa;
1c79356b 2573
39236c6e 2574 error = 0;
6d2010ae 2575 ifa = &ia->ia_ifa;
1c79356b 2576
316670eb
A		 2577 /*
2578 * NOTE: SIOCSIFADDR is defined with struct ifreq as parameter,
2579 * but here we are sending it down to the interface with a pointer
2580 * to struct ifaddr, for legacy reasons.
2581 */
39236c6e
A		 2582 if ((ifaupflags & IN6_IFAUPDATE_1STADDR) != 0) {
2583 error = ifnet_ioctl(ifp, PF_INET6, SIOCSIFADDR, ia);
2584 if (error != 0) {
2585 if (error != EOPNOTSUPP)
2586 return (error);
2587 error = 0;
2588 }
1c79356b 2589 }
1c79356b 2590
6d2010ae 2591 IFA_LOCK(ifa);
1c79356b 2592
9bccf70c
A		 2593 /*
2594 * Special case:
2595 * If the destination address is specified for a point-to-point
2596 * interface, install a route to the destination as an interface
2597 * direct route.
2598 */
39236c6e
A		 2599 if (!(ia->ia_flags & IFA_ROUTE) && ia->ia_plen == 128 &&
2600 ia->ia_dstaddr.sin6_family == AF_INET6) {
6d2010ae 2601 IFA_UNLOCK(ifa);
39236c6e
A		 2602 error = rtinit(ifa, RTM_ADD, RTF_UP | RTF_HOST);
2603 if (error != 0)
2604 return (error);
6d2010ae 2605 IFA_LOCK(ifa);
9bccf70c
A		 2606 ia->ia_flags |= IFA_ROUTE;
2607 }
6d2010ae 2608 IFA_LOCK_ASSERT_HELD(ifa);
39236c6e 2609 if (ia->ia_plen < 128) {
1c79356b 2610 /*
9bccf70c 2611 * The RTF_CLONING flag is necessary for in6_is_ifloop_auto().
1c79356b 2612 */
39236c6e 2613 ia->ia_flags |= RTF_CLONING;
1c79356b 2614 }
9bccf70c 2615
39236c6e
A		 2616 IFA_UNLOCK(ifa);
2617
55e303ae 2618 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */
39236c6e
A		 2619 if ((ifaupflags & IN6_IFAUPDATE_NEWADDR) != 0)
2620 in6_ifaddloop(ifa);
9bccf70c 2621
39236c6e
A		 2622 /* invalidate route caches */
2623 routegenid_inet6_update();
2624
2625 VERIFY(error == 0);
2626 return (0);
1c79356b 2627}
9bccf70c 2628
1c79356b 2629void
6d2010ae 2630in6_purgeaddrs(struct ifnet *ifp)
1c79356b 2631{
6d2010ae 2632 in6_purgeif(ifp);
1c79356b 2633}
1c79356b
A		 2634
2635/*
2636 * Find an IPv6 interface link-local address specific to an interface.
2637 */
2638struct in6_ifaddr *
39037602 2639in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags)
1c79356b 2640{
9bccf70c 2641 struct ifaddr *ifa;
1c79356b 2642
91447636 2643 ifnet_lock_shared(ifp);
9bccf70c 2644 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list)
1c79356b 2645 {
6d2010ae
A		 2646 IFA_LOCK_SPIN(ifa);
2647 if (ifa->ifa_addr->sa_family != AF_INET6) {
2648 IFA_UNLOCK(ifa);
1c79356b 2649 continue;
6d2010ae 2650 }
1c79356b
A		 2651 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) {
2652 if ((((struct in6_ifaddr *)ifa)->ia6_flags &
39236c6e 2653 ignoreflags) != 0) {
6d2010ae 2654 IFA_UNLOCK(ifa);
1c79356b 2655 continue;
6d2010ae
A		 2656 }
2657 IFA_ADDREF_LOCKED(ifa); /* for caller */
2658 IFA_UNLOCK(ifa);
1c79356b
A		 2659 break;
2660 }
6d2010ae 2661 IFA_UNLOCK(ifa);
1c79356b 2662 }
91447636 2663 ifnet_lock_done(ifp);
1c79356b 2664
39236c6e 2665 return ((struct in6_ifaddr *)ifa);
1c79356b
A		 2666}
2667
1c79356b
A		 2668/*
2669 * find the internet address corresponding to a given interface and address.
2670 */
2671struct in6_ifaddr *
39037602 2672in6ifa_ifpwithaddr(struct ifnet *ifp, struct in6_addr *addr)
1c79356b 2673{
9bccf70c 2674 struct ifaddr *ifa;
1c79356b 2675
91447636 2676 ifnet_lock_shared(ifp);
9bccf70c 2677 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list)
1c79356b 2678 {
6d2010ae
A		 2679 IFA_LOCK_SPIN(ifa);
2680 if (ifa->ifa_addr->sa_family != AF_INET6) {
2681 IFA_UNLOCK(ifa);
1c79356b 2682 continue;
6d2010ae
A		 2683 }
2684 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) {
2685 IFA_ADDREF_LOCKED(ifa); /* for caller */
2686 IFA_UNLOCK(ifa);
1c79356b 2687 break;
6d2010ae
A		 2688 }
2689 IFA_UNLOCK(ifa);
1c79356b 2690 }
91447636 2691 ifnet_lock_done(ifp);
1c79356b 2692
39236c6e 2693 return ((struct in6_ifaddr *)ifa);
1c79356b
A		 2694}
2695
316670eb
A		 2696struct in6_ifaddr *
2697in6ifa_prproxyaddr(struct in6_addr *addr)
2698{
2699 struct in6_ifaddr *ia;
2700
2701 lck_rw_lock_shared(&in6_ifaddr_rwlock);
2702 for (ia = in6_ifaddrs; ia; ia = ia->ia_next) {
2703 IFA_LOCK(&ia->ia_ifa);
2704 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(&ia->ia_ifa))) {
2705 IFA_ADDREF_LOCKED(&ia->ia_ifa); /* for caller */
2706 IFA_UNLOCK(&ia->ia_ifa);
2707 break;
2708 }
2709 IFA_UNLOCK(&ia->ia_ifa);
2710 }
2711 lck_rw_done(&in6_ifaddr_rwlock);
2712
2713 if (ia != NULL && !nd6_prproxy_ifaddr(ia)) {
2714 IFA_REMREF(&ia->ia_ifa);
2715 ia = NULL;
2716 }
2717
2718 return (ia);
2719}
2720
39236c6e
A		 2721void
2722in6ifa_getlifetime(struct in6_ifaddr *ia6, struct in6_addrlifetime *t_dst,
2723 int iscalendar)
2724{
2725 struct in6_addrlifetime_i *t_src = &ia6->ia6_lifetime;
2726 struct timeval caltime;
2727
2728 t_dst->ia6t_vltime = t_src->ia6ti_vltime;
2729 t_dst->ia6t_pltime = t_src->ia6ti_pltime;
2730 t_dst->ia6t_expire = 0;
2731 t_dst->ia6t_preferred = 0;
2732
2733 /* account for system time change */
2734 getmicrotime(&caltime);
2735 t_src->ia6ti_base_calendartime +=
2736 NET_CALCULATE_CLOCKSKEW(caltime,
2737 t_src->ia6ti_base_calendartime, net_uptime(),
2738 t_src->ia6ti_base_uptime);
2739
2740 if (iscalendar) {
2741 if (t_src->ia6ti_expire != 0 &&
2742 t_src->ia6ti_vltime != ND6_INFINITE_LIFETIME)
2743 t_dst->ia6t_expire = t_src->ia6ti_base_calendartime +
2744 t_src->ia6ti_expire - t_src->ia6ti_base_uptime;
2745
2746 if (t_src->ia6ti_preferred != 0 &&
2747 t_src->ia6ti_pltime != ND6_INFINITE_LIFETIME)
2748 t_dst->ia6t_preferred = t_src->ia6ti_base_calendartime +
2749 t_src->ia6ti_preferred - t_src->ia6ti_base_uptime;
2750 } else {
2751 if (t_src->ia6ti_expire != 0 &&
2752 t_src->ia6ti_vltime != ND6_INFINITE_LIFETIME)
2753 t_dst->ia6t_expire = t_src->ia6ti_expire;
2754
2755 if (t_src->ia6ti_preferred != 0 &&
2756 t_src->ia6ti_pltime != ND6_INFINITE_LIFETIME)
2757 t_dst->ia6t_preferred = t_src->ia6ti_preferred;
2758 }
2759}
2760
2761void
2762in6ifa_setlifetime(struct in6_ifaddr *ia6, struct in6_addrlifetime *t_src)
2763{
2764 struct in6_addrlifetime_i *t_dst = &ia6->ia6_lifetime;
2765 struct timeval caltime;
2766
2767 /* account for system time change */
2768 getmicrotime(&caltime);
2769 t_dst->ia6ti_base_calendartime +=
2770 NET_CALCULATE_CLOCKSKEW(caltime,
2771 t_dst->ia6ti_base_calendartime, net_uptime(),
2772 t_dst->ia6ti_base_uptime);
2773
2774 /* trust the caller for the values */
2775 t_dst->ia6ti_expire = t_src->ia6t_expire;
2776 t_dst->ia6ti_preferred = t_src->ia6t_preferred;
2777 t_dst->ia6ti_vltime = t_src->ia6t_vltime;
2778 t_dst->ia6ti_pltime = t_src->ia6t_pltime;
2779}
2780
1c79356b
A		 2781/*
2782 * Convert IP6 address to printable (loggable) representation.
2783 */
1c79356b 2784char *
39236c6e 2785ip6_sprintf(const struct in6_addr *addr)
1c79356b 2786{
39236c6e
A		 2787 static const char digits[] = "0123456789abcdef";
2788 static int ip6round = 0;
1c79356b 2789 static char ip6buf[8][48];
39236c6e 2790
9bccf70c
A		 2791 int i;
2792 char *cp;
55e303ae
A		 2793 const u_short *a = (const u_short *)addr;
2794 const u_char *d;
39236c6e 2795 u_char n;
1c79356b 2796 int dcolon = 0;
39236c6e 2797 int zpad = 0;
1c79356b
A		 2798
2799 ip6round = (ip6round + 1) & 7;
2800 cp = ip6buf[ip6round];
2801
2802 for (i = 0; i < 8; i++) {
2803 if (dcolon == 1) {
2804 if (*a == 0) {
2805 if (i == 7)
2806 *cp++ = ':';
2807 a++;
2808 continue;
2809 } else
2810 dcolon = 2;
2811 }
2812 if (*a == 0) {
2813 if (dcolon == 0 && *(a + 1) == 0) {
2814 if (i == 0)
2815 *cp++ = ':';
2816 *cp++ = ':';
2817 dcolon = 1;
2818 } else {
2819 *cp++ = '0';
2820 *cp++ = ':';
2821 }
2822 a++;
2823 continue;
2824 }
55e303ae 2825 d = (const u_char *)a;
39236c6e
A		 2826 zpad = 0;
2827 if ((n = *d >> 4) != 0) {
2828 *cp++ = digits[n];
2829 zpad = 1;
2830 }
2831 if ((n = *d++ & 0xf) != 0 || zpad) {
2832 *cp++ = digits[n];
2833 zpad = 1;
2834 }
2835 if ((n = *d >> 4) != 0 || zpad) {
2836 *cp++ = digits[n];
2837 zpad = 1;
2838 }
2839 if ((n = *d & 0xf) != 0 || zpad)
2840 *cp++ = digits[n];
1c79356b
A		 2841 *cp++ = ':';
2842 a++;
2843 }
2844 *--cp = 0;
39236c6e 2845 return (ip6buf[ip6round]);
1c79356b
A		 2846}
2847
2d21ac55
A		 2848int
2849in6addr_local(struct in6_addr *in6)
2850{
2851 struct rtentry *rt;
2852 struct sockaddr_in6 sin6;
2853 int local = 0;
2854
6d2010ae 2855 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_SCOPE_LINKLOCAL(in6))
2d21ac55
A		 2856 return (1);
2857
2858 sin6.sin6_family = AF_INET6;
2859 sin6.sin6_len = sizeof (sin6);
2860 bcopy(in6, &sin6.sin6_addr, sizeof (*in6));
b0d623f7 2861 rt = rtalloc1((struct sockaddr *)&sin6, 0, 0);
2d21ac55
A		 2862
2863 if (rt != NULL) {
b0d623f7 2864 RT_LOCK_SPIN(rt);
2d21ac55
A		 2865 if (rt->rt_gateway->sa_family == AF_LINK)
2866 local = 1;
b0d623f7 2867 RT_UNLOCK(rt);
2d21ac55
A		 2868 rtfree(rt);
2869 } else {
2870 local = in6_localaddr(in6);
2871 }
2872 return (local);
2873}
2874
1c79356b 2875int
6d2010ae 2876in6_localaddr(struct in6_addr *in6)
1c79356b
A		 2877{
2878 struct in6_ifaddr *ia;
2879
2880 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6))
6d2010ae 2881 return (1);
1c79356b 2882
6d2010ae
A		 2883 lck_rw_lock_shared(&in6_ifaddr_rwlock);
2884 for (ia = in6_ifaddrs; ia; ia = ia->ia_next) {
2885 IFA_LOCK_SPIN(&ia->ia_ifa);
1c79356b 2886 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr,
6d2010ae
A		 2887 &ia->ia_prefixmask.sin6_addr)) {
2888 IFA_UNLOCK(&ia->ia_ifa);
2889 lck_rw_done(&in6_ifaddr_rwlock);
2890 return (1);
91447636 2891 }
6d2010ae
A		 2892 IFA_UNLOCK(&ia->ia_ifa);
2893 }
2894 lck_rw_done(&in6_ifaddr_rwlock);
1c79356b
A		 2895 return (0);
2896}
2897
1c79356b
A		 2898/*
2899 * return length of part which dst and src are equal
2900 * hard coding...
2901 */
1c79356b 2902int
39037602 2903in6_matchlen(struct in6_addr *src, struct in6_addr *dst)
1c79356b
A		 2904{
2905 int match = 0;
2906 u_char *s = (u_char *)src, *d = (u_char *)dst;
2907 u_char *lim = s + 16, r;
2908
2909 while (s < lim)
2910 if ((r = (*d++ ^ *s++)) != 0) {
2911 while (r < 128) {
2912 match++;
2913 r <<= 1;
2914 }
2915 break;
2916 } else
2917 match += 8;
39236c6e 2918 return (match);
1c79356b
A		 2919}
2920
9bccf70c 2921/* XXX: to be scope conscious */
1c79356b 2922int
39037602 2923in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len)
1c79356b
A		 2924{
2925 int bytelen, bitlen;
2926
2927 /* sanity check */
2928 if (0 > len || len > 128) {
39236c6e
A		 2929 log(LOG_ERR, "%s: invalid prefix length(%d)\n", __func__, len);
2930 return (0);
1c79356b
A		 2931 }
2932
2933 bytelen = len / 8;
2934 bitlen = len % 8;
2935
2936 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen))
39236c6e
A		 2937 return (0);
2938 if (bitlen != 0 &&
91447636 2939 p1->s6_addr[bytelen] >> (8 - bitlen) !=
1c79356b 2940 p2->s6_addr[bytelen] >> (8 - bitlen))
39236c6e 2941 return (0);
1c79356b 2942
39236c6e 2943 return (1);
1c79356b
A		 2944}
2945
2946void
39037602 2947in6_prefixlen2mask(struct in6_addr *maskp, int len)
1c79356b
A		 2948{
2949 u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff};
2950 int bytelen, bitlen, i;
2951
2952 /* sanity check */
2953 if (0 > len || len > 128) {
39236c6e 2954 log(LOG_ERR, "%s: invalid prefix length(%d)\n", __func__, len);
1c79356b
A		 2955 return;
2956 }
2957
39236c6e 2958 bzero(maskp, sizeof (*maskp));
1c79356b
A		 2959 bytelen = len / 8;
2960 bitlen = len % 8;
2961 for (i = 0; i < bytelen; i++)
2962 maskp->s6_addr[i] = 0xff;
2963 if (bitlen)
2964 maskp->s6_addr[bytelen] = maskarray[bitlen - 1];
2965}
2966
2967/*
2968 * return the best address out of the same scope
2969 */
2970struct in6_ifaddr *
39236c6e 2971in6_ifawithscope(struct ifnet *oifp, struct in6_addr *dst)
1c79356b
A		 2972{
2973 int dst_scope = in6_addrscope(dst), src_scope, best_scope = 0;
2974 int blen = -1;
2975 struct ifaddr *ifa;
2976 struct ifnet *ifp;
2977 struct in6_ifaddr *ifa_best = NULL;
39236c6e 2978
1c79356b 2979 if (oifp == NULL) {
39236c6e 2980 return (NULL);
1c79356b
A		 2981 }
2982
2983 /*
2984 * We search for all addresses on all interfaces from the beginning.
2985 * Comparing an interface with the outgoing interface will be done
2986 * only at the final stage of tiebreaking.
2987 */
91447636
A		 2988 ifnet_head_lock_shared();
2989 TAILQ_FOREACH(ifp, &ifnet_head, if_list) {
1c79356b
A		 2990 /*
2991 * We can never take an address that breaks the scope zone
2992 * of the destination.
2993 */
2994 if (in6_addr2scopeid(ifp, dst) != in6_addr2scopeid(oifp, dst))
2995 continue;
2996
91447636 2997 ifnet_lock_shared(ifp);
39236c6e 2998 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) {
1c79356b
A		 2999 int tlen = -1, dscopecmp, bscopecmp, matchcmp;
3000
6d2010ae
A		 3001 IFA_LOCK(ifa);
3002 if (ifa->ifa_addr->sa_family != AF_INET6) {
3003 IFA_UNLOCK(ifa);
1c79356b 3004 continue;
6d2010ae 3005 }
1c79356b
A		 3006 src_scope = in6_addrscope(IFA_IN6(ifa));
3007
1c79356b
A		 3008 /*
3009 * Don't use an address before completing DAD
3010 * nor a duplicated address.
3011 */
3012 if (((struct in6_ifaddr *)ifa)->ia6_flags &
6d2010ae
A		 3013 IN6_IFF_NOTREADY) {
3014 IFA_UNLOCK(ifa);
1c79356b 3015 continue;
6d2010ae 3016 }
1c79356b
A		 3017 /* XXX: is there any case to allow anycasts? */
3018 if (((struct in6_ifaddr *)ifa)->ia6_flags &
6d2010ae
A		 3019 IN6_IFF_ANYCAST) {
3020 IFA_UNLOCK(ifa);
1c79356b 3021 continue;
6d2010ae 3022 }
1c79356b 3023 if (((struct in6_ifaddr *)ifa)->ia6_flags &
6d2010ae
A		 3024 IN6_IFF_DETACHED) {
3025 IFA_UNLOCK(ifa);
1c79356b 3026 continue;
6d2010ae 3027 }
1c79356b
A		 3028 /*
3029 * If this is the first address we find,
3030 * keep it anyway.
3031 */
3032 if (ifa_best == NULL)
3033 goto replace;
3034
3035 /*
3036 * ifa_best is never NULL beyond this line except
3037 * within the block labeled "replace".
3038 */
3039
3040 /*
3041 * If ifa_best has a smaller scope than dst and
3042 * the current address has a larger one than
3043 * (or equal to) dst, always replace ifa_best.
3044 * Also, if the current address has a smaller scope
3045 * than dst, ignore it unless ifa_best also has a
3046 * smaller scope.
9bccf70c
A		 3047 * Consequently, after the two if-clause below,
3048 * the followings must be satisfied:
3049 * (scope(src) < scope(dst) &&
3050 * scope(best) < scope(dst))
3051 * OR
3052 * (scope(best) >= scope(dst) &&
3053 * scope(src) >= scope(dst))
1c79356b
A		 3054 */
3055 if (IN6_ARE_SCOPE_CMP(best_scope, dst_scope) < 0 &&
3056 IN6_ARE_SCOPE_CMP(src_scope, dst_scope) >= 0)
9bccf70c 3057 goto replace; /* (A) */
1c79356b 3058 if (IN6_ARE_SCOPE_CMP(src_scope, dst_scope) < 0 &&
6d2010ae
A		 3059 IN6_ARE_SCOPE_CMP(best_scope, dst_scope) >= 0) {
3060 IFA_UNLOCK(ifa);
9bccf70c 3061 continue; /* (B) */
6d2010ae 3062 }
1c79356b
A		 3063 /*
3064 * A deprecated address SHOULD NOT be used in new
3065 * communications if an alternate (non-deprecated)
3066 * address is available and has sufficient scope.
39236c6e 3067 * RFC 4862, Section 5.5.4.
1c79356b
A		 3068 */
3069 if (((struct in6_ifaddr *)ifa)->ia6_flags &
3070 IN6_IFF_DEPRECATED) {
3071 /*
3072 * Ignore any deprecated addresses if
3073 * specified by configuration.
3074 */
6d2010ae
A		 3075 if (!ip6_use_deprecated) {
3076 IFA_UNLOCK(ifa);
1c79356b 3077 continue;
6d2010ae 3078 }
1c79356b
A		 3079 /*
3080 * If we have already found a non-deprecated
3081 * candidate, just ignore deprecated addresses.
3082 */
3083 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED)
6d2010ae
A		 3084 == 0) {
3085 IFA_UNLOCK(ifa);
1c79356b 3086 continue;
6d2010ae 3087 }
1c79356b
A		 3088 }
3089
3090 /*
3091 * A non-deprecated address is always preferred
3092 * to a deprecated one regardless of scopes and
9bccf70c
A		 3093 * address matching (Note invariants ensured by the
3094 * conditions (A) and (B) above.)
1c79356b
A		 3095 */
3096 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) &&
3097 (((struct in6_ifaddr *)ifa)->ia6_flags &
39236c6e 3098 IN6_IFF_DEPRECATED) == 0)
1c79356b
A		 3099 goto replace;
3100
9bccf70c
A		 3101 /*
3102 * When we use temporary addresses described in
6d2010ae 3103 * RFC 4941, we prefer temporary addresses to
9bccf70c
A		 3104 * public autoconf addresses. Again, note the
3105 * invariants from (A) and (B). Also note that we
3106 * don't have any preference between static addresses
3107 * and autoconf addresses (despite of whether or not
3108 * the latter is temporary or public.)
3109 */
3110 if (ip6_use_tempaddr) {
3111 struct in6_ifaddr *ifat;
3112
3113 ifat = (struct in6_ifaddr *)ifa;
3114 if ((ifa_best->ia6_flags &
39236c6e
A		 3115 (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY))
3116 == IN6_IFF_AUTOCONF &&
9bccf70c 3117 (ifat->ia6_flags &
39236c6e
A		 3118 (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY))
3119 == (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY)) {
9bccf70c
A		 3120 goto replace;
3121 }
3122 if ((ifa_best->ia6_flags &
39236c6e 3123 (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY))
9bccf70c
A		 3124 == (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY) &&
3125 (ifat->ia6_flags &
39236c6e
A		 3126 (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY))
3127 == IN6_IFF_AUTOCONF) {
6d2010ae 3128 IFA_UNLOCK(ifa);
9bccf70c
A		 3129 continue;
3130 }
3131 }
3132
1c79356b
A		 3133 /*
3134 * At this point, we have two cases:
3135 * 1. we are looking at a non-deprecated address,
3136 * and ifa_best is also non-deprecated.
3137 * 2. we are looking at a deprecated address,
3138 * and ifa_best is also deprecated.
3139 * Also, we do not have to consider a case where
3140 * the scope of if_best is larger(smaller) than dst and
3141 * the scope of the current address is smaller(larger)
3142 * than dst. Such a case has already been covered.
3143 * Tiebreaking is done according to the following
3144 * items:
3145 * - the scope comparison between the address and
3146 * dst (dscopecmp)
3147 * - the scope comparison between the address and
3148 * ifa_best (bscopecmp)
3149 * - if the address match dst longer than ifa_best
3150 * (matchcmp)
3151 * - if the address is on the outgoing I/F (outI/F)
3152 *
3153 * Roughly speaking, the selection policy is
3154 * - the most important item is scope. The same scope
3155 * is best. Then search for a larger scope.
3156 * Smaller scopes are the last resort.
3157 * - A deprecated address is chosen only when we have
3158 * no address that has an enough scope, but is
9bccf70c
A		 3159 * prefered to any addresses of smaller scopes
3160 * (this must be already done above.)
3161 * - addresses on the outgoing I/F are preferred to
3162 * ones on other interfaces if none of above
3163 * tiebreaks. In the table below, the column "bI"
3164 * means if the best_ifa is on the outgoing
3165 * interface, and the column "sI" means if the ifa
3166 * is on the outgoing interface.
1c79356b 3167 * - If there is no other reasons to choose one,
9bccf70c 3168 * longest address match against dst is considered.
1c79356b
A		 3169 *
3170 * The precise decision table is as follows:
39236c6e
A		 3171 * dscopecmp bscopecmp match bI oI | replace?
3172 * N/A equal N/A Y N | No (1)
3173 * N/A equal N/A N Y | Yes (2)
3174 * N/A equal larger N/A | Yes (3)
3175 * N/A equal !larger N/A | No (4)
3176 * larger larger N/A N/A | No (5)
3177 * larger smaller N/A N/A | Yes (6)
3178 * smaller larger N/A N/A | Yes (7)
3179 * smaller smaller N/A N/A | No (8)
3180 * equal smaller N/A N/A | Yes (9)
3181 * equal larger (already done at A above)
1c79356b
A		 3182 */
3183 dscopecmp = IN6_ARE_SCOPE_CMP(src_scope, dst_scope);
3184 bscopecmp = IN6_ARE_SCOPE_CMP(src_scope, best_scope);
3185
9bccf70c
A		 3186 if (bscopecmp == 0) {
3187 struct ifnet *bifp = ifa_best->ia_ifp;
3188
6d2010ae
A		 3189 if (bifp == oifp && ifp != oifp) { /* (1) */
3190 IFA_UNLOCK(ifa);
9bccf70c 3191 continue;
6d2010ae 3192 }
9bccf70c
A		 3193 if (bifp != oifp && ifp == oifp) /* (2) */
3194 goto replace;
3195
3196 /*
3197 * Both bifp and ifp are on the outgoing
3198 * interface, or both two are on a different
3199 * interface from the outgoing I/F.
3200 * now we need address matching against dst
3201 * for tiebreaking.
3202 */
3203 tlen = in6_matchlen(IFA_IN6(ifa), dst);
3204 matchcmp = tlen - blen;
3205 if (matchcmp > 0) /* (3) */
1c79356b 3206 goto replace;
6d2010ae 3207 IFA_UNLOCK(ifa);
9bccf70c 3208 continue; /* (4) */
1c79356b
A		 3209 }
3210 if (dscopecmp > 0) {
6d2010ae
A		 3211 if (bscopecmp > 0) { /* (5) */
3212 IFA_UNLOCK(ifa);
1c79356b 3213 continue;
6d2010ae 3214 }
9bccf70c 3215 goto replace; /* (6) */
1c79356b
A		 3216 }
3217 if (dscopecmp < 0) {
9bccf70c 3218 if (bscopecmp > 0) /* (7) */
1c79356b 3219 goto replace;
6d2010ae 3220 IFA_UNLOCK(ifa);
9bccf70c 3221 continue; /* (8) */
1c79356b
A		 3222 }
3223
3224 /* now dscopecmp must be 0 */
3225 if (bscopecmp < 0)
9bccf70c 3226 goto replace; /* (9) */
1c79356b 3227
6d2010ae
A		 3228replace:
3229 IFA_ADDREF_LOCKED(ifa); /* for ifa_best */
1c79356b 3230 blen = tlen >= 0 ? tlen :
39236c6e
A		 3231 in6_matchlen(IFA_IN6(ifa), dst);
3232 best_scope =
3233 in6_addrscope(&ifa2ia6(ifa)->ia_addr.sin6_addr);
6d2010ae
A		 3234 IFA_UNLOCK(ifa);
3235 if (ifa_best)
3236 IFA_REMREF(&ifa_best->ia_ifa);
3237 ifa_best = (struct in6_ifaddr *)ifa;
1c79356b 3238 }
91447636 3239 ifnet_lock_done(ifp);
1c79356b 3240 }
91447636 3241 ifnet_head_done();
1c79356b
A		 3242
3243 /* count statistics for future improvements */
3244 if (ifa_best == NULL)
3245 ip6stat.ip6s_sources_none++;
3246 else {
6d2010ae 3247 IFA_LOCK_SPIN(&ifa_best->ia_ifa);
1c79356b
A		 3248 if (oifp == ifa_best->ia_ifp)
3249 ip6stat.ip6s_sources_sameif[best_scope]++;
3250 else
3251 ip6stat.ip6s_sources_otherif[best_scope]++;
3252
3253 if (best_scope == dst_scope)
3254 ip6stat.ip6s_sources_samescope[best_scope]++;
3255 else
3256 ip6stat.ip6s_sources_otherscope[best_scope]++;
3257
3258 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) != 0)
3259 ip6stat.ip6s_sources_deprecated[best_scope]++;
6d2010ae 3260 IFA_UNLOCK(&ifa_best->ia_ifa);
1c79356b
A		 3261 }
3262
39236c6e 3263 return (ifa_best);
1c79356b
A		 3264}
3265
3266/*
3267 * return the best address out of the same scope. if no address was
3268 * found, return the first valid address from designated IF.
3269 */
1c79356b 3270struct in6_ifaddr *
39236c6e 3271in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst)
1c79356b
A		 3272{
3273 int dst_scope = in6_addrscope(dst), blen = -1, tlen;
3274 struct ifaddr *ifa;
6d2010ae 3275 struct in6_ifaddr *besta = NULL;
55e303ae 3276 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */
1c79356b
A		 3277
3278 dep[0] = dep[1] = NULL;
3279
1c79356b
A		 3280 /*
3281 * We first look for addresses in the same scope.
3282 * If there is one, return it.
3283 * If two or more, return one which matches the dst longest.
3284 * If none, return one of global addresses assigned other ifs.
3285 */
91447636 3286 ifnet_lock_shared(ifp);
39236c6e 3287 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) {
6d2010ae
A		 3288 IFA_LOCK(ifa);
3289 if (ifa->ifa_addr->sa_family != AF_INET6) {
3290 IFA_UNLOCK(ifa);
1c79356b 3291 continue;
6d2010ae
A		 3292 }
3293 if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_ANYCAST) {
3294 IFA_UNLOCK(ifa);
1c79356b 3295 continue; /* XXX: is there any case to allow anycast? */
6d2010ae
A		 3296 }
3297 if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_NOTREADY) {
3298 IFA_UNLOCK(ifa);
1c79356b 3299 continue; /* don't use this interface */
6d2010ae
A		 3300 }
3301 if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_DETACHED) {
3302 IFA_UNLOCK(ifa);
1c79356b 3303 continue;
6d2010ae
A		 3304 }
3305 if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
b0d623f7 3306 if (ip6_use_deprecated) {
6d2010ae
A		 3307 IFA_ADDREF_LOCKED(ifa); /* for dep[0] */
3308 IFA_UNLOCK(ifa);
b0d623f7 3309 if (dep[0] != NULL)
6d2010ae 3310 IFA_REMREF(&dep[0]->ia_ifa);
1c79356b 3311 dep[0] = (struct in6_ifaddr *)ifa;
6d2010ae
A		 3312 } else {
3313 IFA_UNLOCK(ifa);
b0d623f7 3314 }
1c79356b
A		 3315 continue;
3316 }
3317
3318 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) {
3319 /*
3320 * call in6_matchlen() as few as possible
3321 */
3322 if (besta) {
6d2010ae
A		 3323 if (blen == -1) {
3324 IFA_UNLOCK(ifa);
3325 IFA_LOCK(&besta->ia_ifa);
39236c6e
A		 3326 blen = in6_matchlen(
3327 &besta->ia_addr.sin6_addr, dst);
6d2010ae
A		 3328 IFA_UNLOCK(&besta->ia_ifa);
3329 IFA_LOCK(ifa);
3330 }
1c79356b
A		 3331 tlen = in6_matchlen(IFA_IN6(ifa), dst);
3332 if (tlen > blen) {
3333 blen = tlen;
6d2010ae
A		 3334 IFA_ADDREF_LOCKED(ifa); /* for besta */
3335 IFA_UNLOCK(ifa);
3336 IFA_REMREF(&besta->ia_ifa);
1c79356b 3337 besta = (struct in6_ifaddr *)ifa;
6d2010ae
A		 3338 } else {
3339 IFA_UNLOCK(ifa);
1c79356b 3340 }
6d2010ae 3341 } else {
1c79356b 3342 besta = (struct in6_ifaddr *)ifa;
6d2010ae
A		 3343 IFA_ADDREF_LOCKED(ifa); /* for besta */
3344 IFA_UNLOCK(ifa);
3345 }
3346 } else {
3347 IFA_UNLOCK(ifa);
1c79356b
A		 3348 }
3349 }
91447636
A		 3350 if (besta) {
3351 ifnet_lock_done(ifp);
b0d623f7 3352 if (dep[0] != NULL)
6d2010ae 3353 IFA_REMREF(&dep[0]->ia_ifa);
39236c6e 3354 return (besta);
91447636 3355 }
1c79356b 3356
39236c6e 3357 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) {
6d2010ae
A		 3358 IFA_LOCK(ifa);
3359 if (ifa->ifa_addr->sa_family != AF_INET6) {
3360 IFA_UNLOCK(ifa);
1c79356b 3361 continue;
6d2010ae
A		 3362 }
3363 if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_ANYCAST) {
3364 IFA_UNLOCK(ifa);
1c79356b 3365 continue; /* XXX: is there any case to allow anycast? */
6d2010ae
A		 3366 }
3367 if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_NOTREADY) {
3368 IFA_UNLOCK(ifa);
1c79356b 3369 continue; /* don't use this interface */
6d2010ae
A		 3370 }
3371 if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_DETACHED) {
3372 IFA_UNLOCK(ifa);
1c79356b 3373 continue;
6d2010ae
A		 3374 }
3375 if (ifa2ia6(ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
b0d623f7 3376 if (ip6_use_deprecated) {
6d2010ae
A		 3377 IFA_ADDREF_LOCKED(ifa); /* for dep[1] */
3378 IFA_UNLOCK(ifa);
b0d623f7 3379 if (dep[1] != NULL)
6d2010ae 3380 IFA_REMREF(&dep[1]->ia_ifa);
1c79356b 3381 dep[1] = (struct in6_ifaddr *)ifa;
6d2010ae
A		 3382 } else {
3383 IFA_UNLOCK(ifa);
b0d623f7 3384 }
1c79356b
A		 3385 continue;
3386 }
6d2010ae
A		 3387 IFA_ADDREF_LOCKED(ifa); /* for caller */
3388 IFA_UNLOCK(ifa);
91447636 3389 ifnet_lock_done(ifp);
b0d623f7 3390 if (dep[0] != NULL)
6d2010ae 3391 IFA_REMREF(&dep[0]->ia_ifa);
b0d623f7 3392 if (dep[1] != NULL)
6d2010ae 3393 IFA_REMREF(&dep[1]->ia_ifa);
39236c6e 3394 return ((struct in6_ifaddr *)ifa);
1c79356b 3395 }
91447636 3396 ifnet_lock_done(ifp);
1c79356b
A		 3397
3398 /* use the last-resort values, that are, deprecated addresses */
b0d623f7
A		 3399 if (dep[0]) {
3400 if (dep[1] != NULL)
6d2010ae 3401 IFA_REMREF(&dep[1]->ia_ifa);
39236c6e 3402 return (dep[0]);
b0d623f7 3403 }
1c79356b 3404 if (dep[1])
39236c6e 3405 return (dep[1]);
1c79356b 3406
39236c6e 3407 return (NULL);
1c79356b
A		 3408}
3409
3410/*
3411 * perform DAD when interface becomes IFF_UP.
3412 */
39236c6e
A		 3413static void
3414in6_if_up_dad_start(struct ifnet *ifp)
1c79356b
A		 3415{
3416 struct ifaddr *ifa;
39037602
A		 3417 struct nd_ifinfo *ndi = NULL;
3418
3419 ndi = ND_IFINFO(ifp);
3420 VERIFY((NULL != ndi) && (TRUE == ndi->initialized));
3421 if (!(ndi->flags & ND6_IFF_DAD))
3422 return;
6d2010ae 3423
39236c6e 3424 /* start DAD on all the interface addresses */
91447636 3425 ifnet_lock_exclusive(ifp);
39236c6e
A		 3426 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) {
3427 struct in6_ifaddr *ia6;
3428
6d2010ae
A		 3429 IFA_LOCK_SPIN(ifa);
3430 if (ifa->ifa_addr->sa_family != AF_INET6) {
3431 IFA_UNLOCK(ifa);
1c79356b 3432 continue;
6d2010ae 3433 }
39236c6e
A		 3434 ia6 = (struct in6_ifaddr *)ifa;
3435 if (ia6->ia6_flags & IN6_IFF_DADPROGRESS) {
3436 int delay = 0; /* delay ticks before DAD output */
6d2010ae 3437 IFA_UNLOCK(ifa);
39236c6e 3438 nd6_dad_start(ifa, &delay);
6d2010ae
A		 3439 } else {
3440 IFA_UNLOCK(ifa);
3441 }
1c79356b 3442 }
91447636 3443 ifnet_lock_done(ifp);
9bccf70c
A		 3444}
3445
3446int
91447636
A		 3447in6if_do_dad(
3448 struct ifnet *ifp)
9bccf70c 3449{
39037602
A		 3450 struct nd_ifinfo *ndi = NULL;
3451
9bccf70c 3452 if ((ifp->if_flags & IFF_LOOPBACK) != 0)
39236c6e 3453 return (0);
1c79356b 3454
39037602
A		 3455 ndi = ND_IFINFO(ifp);
3456 VERIFY((NULL != ndi) && (TRUE == ndi->initialized));
3457 if (!(ndi->flags & ND6_IFF_DAD))
3458 return (0);
3459
6d2010ae 3460 /*
316670eb
A		 3461 * If we are using the alternative neighbor discovery
3462 * interface on this interface, then skip DAD.
3463 *
3464 * Also, skip it for interfaces marked "local private"
3465 * for now, even when not marked as using the alternative
3466 * interface. This is for historical reasons.
6d2010ae 3467 */
fe8ab488
A		 3468 if (ifp->if_eflags &
3469 (IFEF_IPV6_ND6ALT|IFEF_LOCALNET_PRIVATE|IFEF_DIRECTLINK))
6d2010ae
A		 3470 return (0);
3471
5ba3f43e
A		 3472 if (ifp->if_subfamily == IFNET_SUBFAMILY_IPSEC ||
3473 ifp->if_subfamily == IFNET_SUBFAMILY_UTUN) {
3474 /*
3475 * Ignore DAD for tunneling virtual interfaces, which get
3476 * their IPv6 address explicitly assigned.
3477 */
3478 return (0);
3479 }
3480
1c79356b 3481 switch (ifp->if_type) {
9bccf70c 3482#if IFT_DUMMY
1c79356b 3483 case IFT_DUMMY:
9bccf70c 3484#endif
1c79356b 3485 case IFT_FAITH:
1c79356b 3486 /*
9bccf70c
A		 3487 * These interfaces do not have the IFF_LOOPBACK flag,
3488 * but loop packets back. We do not have to do DAD on such
3489 * interfaces. We should even omit it, because loop-backed
3490 * NS would confuse the DAD procedure.
1c79356b 3491 */
39236c6e 3492 return (0);
1c79356b 3493 default:
9bccf70c
A		 3494 /*
3495 * Our DAD routine requires the interface up and running.
3496 * However, some interfaces can be up before the RUNNING
3497 * status. Additionaly, users may try to assign addresses
3498 * before the interface becomes up (or running).
3499 * We simply skip DAD in such a case as a work around.
3500 * XXX: we should rather mark "tentative" on such addresses,
3501 * and do DAD after the interface becomes ready.
3502 */
3503 if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) !=
3504 (IFF_UP|IFF_RUNNING))
39236c6e 3505 return (0);
1c79356b 3506
39236c6e 3507 return (1);
1c79356b
A		 3508 }
3509}
3510
3511/*
3512 * Calculate max IPv6 MTU through all the interfaces and store it
3513 * to in6_maxmtu.
3514 */
3515void
316670eb 3516in6_setmaxmtu(void)
1c79356b 3517{
b0d623f7 3518 u_int32_t maxmtu = 0;
1c79356b
A		 3519 struct ifnet *ifp;
3520
91447636
A		 3521 ifnet_head_lock_shared();
3522 TAILQ_FOREACH(ifp, &ifnet_head, if_list) {
3e170ce0 3523 struct nd_ifinfo *ndi = NULL;
316670eb 3524
316670eb
A		 3525 if ((ndi = ND_IFINFO(ifp)) != NULL && !ndi->initialized)
3526 ndi = NULL;
3527 if (ndi != NULL)
3528 lck_mtx_lock(&ndi->lock);
1c79356b 3529 if ((ifp->if_flags & IFF_LOOPBACK) == 0 &&
2d21ac55
A		 3530 IN6_LINKMTU(ifp) > maxmtu)
3531 maxmtu = IN6_LINKMTU(ifp);
316670eb
A		 3532 if (ndi != NULL)
3533 lck_mtx_unlock(&ndi->lock);
1c79356b 3534 }
91447636 3535 ifnet_head_done();
1c79356b
A		 3536 if (maxmtu) /* update only when maxmtu is positive */
3537 in6_maxmtu = maxmtu;
3538}
6d2010ae
A		 3539/*
3540 * Provide the length of interface identifiers to be used for the link attached
3541 * to the given interface. The length should be defined in "IPv6 over
3542 * xxx-link" document. Note that address architecture might also define
3543 * the length for a particular set of address prefixes, regardless of the
39236c6e 3544 * link type. Also see RFC 4862 for additional background.
6d2010ae
A		 3545 */
3546int
3547in6_if2idlen(struct ifnet *ifp)
3548{
3549 switch (ifp->if_type) {
3550 case IFT_ETHER: /* RFC2464 */
3551 case IFT_IEEE8023ADLAG: /* IEEE802.3ad Link Aggregate */
3552#ifdef IFT_PROPVIRTUAL
3553 case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */
3554#endif
3555#ifdef IFT_L2VLAN
3556 case IFT_L2VLAN: /* ditto */
3557#endif
3558#ifdef IFT_IEEE80211
3559 case IFT_IEEE80211: /* ditto */
3560#endif
3561#ifdef IFT_MIP
3562 case IFT_MIP: /* ditto */
3563#endif
3564 return (64);
3565 case IFT_FDDI: /* RFC2467 */
3566 return (64);
3567 case IFT_ISO88025: /* RFC2470 (IPv6 over Token Ring) */
3568 return (64);
3569 case IFT_PPP: /* RFC2472 */
3570 return (64);
3571 case IFT_ARCNET: /* RFC2497 */
3572 return (64);
3573 case IFT_FRELAY: /* RFC2590 */
3574 return (64);
3575 case IFT_IEEE1394: /* RFC3146 */
3576 return (64);
3577 case IFT_GIF:
3578 return (64); /* draft-ietf-v6ops-mech-v2-07 */
3579 case IFT_LOOP:
3580 return (64); /* XXX: is this really correct? */
3581 case IFT_OTHER:
3582 return (64); /* for utun interfaces */
3583 case IFT_CELLULAR:
3584 return (64); /* Packet Data over Cellular */
316670eb
A		 3585 case IFT_BRIDGE:
3586 return (64); /* Transparent bridge interface */
6d2010ae
A		 3587 default:
3588 /*
3589 * Unknown link type:
3590 * It might be controversial to use the today's common constant
3591 * of 64 for these cases unconditionally. For full compliance,
3592 * we should return an error in this case. On the other hand,
3593 * if we simply miss the standard for the link type or a new
3594 * standard is defined for a new link type, the IFID length
3595 * is very likely to be the common constant. As a compromise,
3596 * we always use the constant, but make an explicit notice
3597 * indicating the "unknown" case.
3598 */
39236c6e
A		 3599 log(LOG_NOTICE, "%s: unknown link type (%d)\n", __func__,
3600 ifp->if_type);
6d2010ae
A		 3601 return (64);
3602 }
3603}
9bccf70c 3604/*
55e303ae 3605 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be
1c79356b
A		 3606 * v4 mapped addr or v4 compat addr
3607 */
3608void
3609in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
3610{
39236c6e
A		 3611 bzero(sin, sizeof (*sin));
3612 sin->sin_len = sizeof (struct sockaddr_in);
1c79356b
A		 3613 sin->sin_family = AF_INET;
3614 sin->sin_port = sin6->sin6_port;
6d2010ae 3615 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3];
1c79356b
A		 3616}
3617
3618/* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */
3619void
3620in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
3621{
39236c6e
A		 3622 bzero(sin6, sizeof (*sin6));
3623 sin6->sin6_len = sizeof (struct sockaddr_in6);
1c79356b
A		 3624 sin6->sin6_family = AF_INET6;
3625 sin6->sin6_port = sin->sin_port;
3626 sin6->sin6_addr.s6_addr32[0] = 0;
3627 sin6->sin6_addr.s6_addr32[1] = 0;
316670eb
A		 3628 if (sin->sin_addr.s_addr) {
3629 sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP;
3630 sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr;
39236c6e 3631 } else {
316670eb
A		 3632 sin6->sin6_addr.s6_addr32[2] = 0;
3633 sin6->sin6_addr.s6_addr32[3] = 0;
3634 }
1c79356b
A		 3635}
3636
3637/* Convert sockaddr_in6 into sockaddr_in. */
3638void
3639in6_sin6_2_sin_in_sock(struct sockaddr *nam)
3640{
3641 struct sockaddr_in *sin_p;
3642 struct sockaddr_in6 sin6;
3643
3644 /*
3645 * Save original sockaddr_in6 addr and convert it
3646 * to sockaddr_in.
3647 */
316670eb
A		 3648 sin6 = *(struct sockaddr_in6 *)(void *)nam;
3649 sin_p = (struct sockaddr_in *)(void *)nam;
1c79356b
A		 3650 in6_sin6_2_sin(sin_p, &sin6);
3651}
3652
3653/* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */
b0d623f7 3654int
1c79356b
A		 3655in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam)
3656{
3657 struct sockaddr_in *sin_p;
3658 struct sockaddr_in6 *sin6_p;
3659
39236c6e
A		 3660 MALLOC(sin6_p, struct sockaddr_in6 *, sizeof (*sin6_p), M_SONAME,
3661 M_WAITOK);
b0d623f7 3662 if (sin6_p == NULL)
39236c6e 3663 return (ENOBUFS);
316670eb 3664 sin_p = (struct sockaddr_in *)(void *)*nam;
1c79356b
A		 3665 in6_sin_2_v4mapsin6(sin_p, sin6_p);
3666 FREE(*nam, M_SONAME);
3667 *nam = (struct sockaddr *)sin6_p;
b0d623f7 3668
39236c6e 3669 return (0);
1c79356b 3670}
1c79356b 3671
b0d623f7
A		 3672/*
3673 * Posts in6_event_data message kernel events.
3674 *
3675 * To get the same size of kev_in6_data between ILP32 and LP64 data models
39236c6e
A		 3676 * we are using a special version of the in6_addrlifetime structure that
3677 * uses only 32 bits fields to be compatible with Leopard, and that
b0d623f7
A		 3678 * are large enough to span 68 years.
3679 */
9bccf70c 3680void
fe8ab488
A		 3681in6_post_msg(struct ifnet *ifp, u_int32_t event_code, struct in6_ifaddr *ifa,
3682 uint8_t *mac)
9bccf70c 3683{
39236c6e
A		 3684 struct kev_msg ev_msg;
3685 struct kev_in6_data in6_event_data;
3686 struct in6_addrlifetime ia6_lt;
9bccf70c 3687
39236c6e
A		 3688 bzero(&in6_event_data, sizeof (struct kev_in6_data));
3689 bzero(&ev_msg, sizeof (struct kev_msg));
3690 ev_msg.vendor_code = KEV_VENDOR_APPLE;
3691 ev_msg.kev_class = KEV_NETWORK_CLASS;
3692 ev_msg.kev_subclass = KEV_INET6_SUBCLASS;
3693 ev_msg.event_code = event_code;
9bccf70c 3694
5ba3f43e
A		 3695 if (ifa) {
3696 IFA_LOCK(&ifa->ia_ifa);
3697 in6_event_data.ia_addr = ifa->ia_addr;
3698 in6_event_data.ia_net = ifa->ia_net;
3699 in6_event_data.ia_dstaddr = ifa->ia_dstaddr;
3700 in6_event_data.ia_prefixmask = ifa->ia_prefixmask;
3701 in6_event_data.ia_plen = ifa->ia_plen;
3702 in6_event_data.ia6_flags = (u_int32_t)ifa->ia6_flags;
3703
3704 /* retrieve time as calendar time (last arg is 1) */
3705 in6ifa_getlifetime(ifa, &ia6_lt, 1);
3706 in6_event_data.ia_lifetime.ia6t_expire = ia6_lt.ia6t_expire;
3707 in6_event_data.ia_lifetime.ia6t_preferred = ia6_lt.ia6t_preferred;
3708 in6_event_data.ia_lifetime.ia6t_vltime = ia6_lt.ia6t_vltime;
3709 in6_event_data.ia_lifetime.ia6t_pltime = ia6_lt.ia6t_pltime;
3710 IFA_UNLOCK(&ifa->ia_ifa);
3711 }
9bccf70c
A		 3712
3713 if (ifp != NULL) {
fe8ab488 3714 (void) strlcpy(&in6_event_data.link_data.if_name[0],
b0d623f7 3715 ifp->if_name, IFNAMSIZ);
9bccf70c 3716 in6_event_data.link_data.if_family = ifp->if_family;
39236c6e 3717 in6_event_data.link_data.if_unit = (u_int32_t)ifp->if_unit;
9bccf70c
A		 3718 }
3719
fe8ab488
A		 3720 if (mac != NULL)
3721 memcpy(&in6_event_data.ia_mac, mac,
3722 sizeof(in6_event_data.ia_mac));
3723
9bccf70c 3724 ev_msg.dv[0].data_ptr = &in6_event_data;
b0d623f7 3725 ev_msg.dv[0].data_length = sizeof (in6_event_data);
9bccf70c
A		 3726 ev_msg.dv[1].data_length = 0;
3727
39037602 3728 dlil_post_complete_msg(NULL, &ev_msg);
9bccf70c 3729}
b0d623f7
A		 3730
3731/*
3732 * Called as part of ip6_init
3733 */
3734void
3735in6_ifaddr_init(void)
3736{
39236c6e 3737 in6_cga_init();
6d2010ae
A		 3738 in6_multi_init();
3739
b0d623f7
A		 3740 PE_parse_boot_argn("ifa_debug", &in6ifa_debug, sizeof (in6ifa_debug));
3741
3742 in6ifa_size = (in6ifa_debug == 0) ? sizeof (struct in6_ifaddr) :
3743 sizeof (struct in6_ifaddr_dbg);
3744
3745 in6ifa_zone = zinit(in6ifa_size, IN6IFA_ZONE_MAX * in6ifa_size,
3746 0, IN6IFA_ZONE_NAME);
6d2010ae 3747 if (in6ifa_zone == NULL) {
b0d623f7 3748 panic("%s: failed allocating %s", __func__, IN6IFA_ZONE_NAME);
6d2010ae
A		 3749 /* NOTREACHED */
3750 }
b0d623f7 3751 zone_change(in6ifa_zone, Z_EXPAND, TRUE);
6d2010ae
A		 3752 zone_change(in6ifa_zone, Z_CALLERACCT, FALSE);
3753
3754 lck_mtx_init(&in6ifa_trash_lock, ifa_mtx_grp, ifa_mtx_attr);
3755 TAILQ_INIT(&in6ifa_trash_head);
b0d623f7
A		 3756}
3757
3758static struct in6_ifaddr *
3759in6_ifaddr_alloc(int how)
3760{
3761 struct in6_ifaddr *in6ifa;
3762
3763 in6ifa = (how == M_WAITOK) ? zalloc(in6ifa_zone) :
3764 zalloc_noblock(in6ifa_zone);
3765 if (in6ifa != NULL) {
3766 bzero(in6ifa, in6ifa_size);
3767 in6ifa->ia_ifa.ifa_free = in6_ifaddr_free;
3768 in6ifa->ia_ifa.ifa_debug |= IFD_ALLOC;
6d2010ae 3769 ifa_lock_init(&in6ifa->ia_ifa);
b0d623f7
A		 3770 if (in6ifa_debug != 0) {
3771 struct in6_ifaddr_dbg *in6ifa_dbg =
3772 (struct in6_ifaddr_dbg *)in6ifa;
3773 in6ifa->ia_ifa.ifa_debug |= IFD_DEBUG;
3774 in6ifa->ia_ifa.ifa_trace = in6_ifaddr_trace;
6d2010ae
A		 3775 in6ifa->ia_ifa.ifa_attached = in6_ifaddr_attached;
3776 in6ifa->ia_ifa.ifa_detached = in6_ifaddr_detached;
b0d623f7
A		 3777 ctrace_record(&in6ifa_dbg->in6ifa_alloc);
3778 }
3779 }
39236c6e 3780
b0d623f7
A		 3781 return (in6ifa);
3782}
3783
3784static void
3785in6_ifaddr_free(struct ifaddr *ifa)
3786{
6d2010ae
A		 3787 IFA_LOCK_ASSERT_HELD(ifa);
3788
3789 if (ifa->ifa_refcnt != 0) {
b0d623f7 3790 panic("%s: ifa %p bad ref cnt", __func__, ifa);
6d2010ae
A		 3791 /* NOTREACHED */
3792 } else if (!(ifa->ifa_debug & IFD_ALLOC)) {
b0d623f7 3793 panic("%s: ifa %p cannot be freed", __func__, ifa);
6d2010ae
A		 3794 /* NOTREACHED */
3795 }
b0d623f7
A		 3796 if (ifa->ifa_debug & IFD_DEBUG) {
3797 struct in6_ifaddr_dbg *in6ifa_dbg =
3798 (struct in6_ifaddr_dbg *)ifa;
3799 ctrace_record(&in6ifa_dbg->in6ifa_free);
3800 bcopy(&in6ifa_dbg->in6ifa, &in6ifa_dbg->in6ifa_old,
3801 sizeof (struct in6_ifaddr));
6d2010ae
A		 3802 if (ifa->ifa_debug & IFD_TRASHED) {
3803 /* Become a regular mutex, just in case */
3804 IFA_CONVERT_LOCK(ifa);
3805 lck_mtx_lock(&in6ifa_trash_lock);
3806 TAILQ_REMOVE(&in6ifa_trash_head, in6ifa_dbg,
3807 in6ifa_trash_link);
3808 lck_mtx_unlock(&in6ifa_trash_lock);
3809 ifa->ifa_debug &= ~IFD_TRASHED;
3810 }
b0d623f7 3811 }
6d2010ae
A		 3812 IFA_UNLOCK(ifa);
3813 ifa_lock_destroy(ifa);
b0d623f7
A		 3814 bzero(ifa, sizeof (struct in6_ifaddr));
3815 zfree(in6ifa_zone, ifa);
3816}
3817
6d2010ae
A		 3818static void
3819in6_ifaddr_attached(struct ifaddr *ifa)
3820{
3821 struct in6_ifaddr_dbg *in6ifa_dbg = (struct in6_ifaddr_dbg *)ifa;
3822
3823 IFA_LOCK_ASSERT_HELD(ifa);
3824
3825 if (!(ifa->ifa_debug & IFD_DEBUG)) {
3826 panic("%s: ifa %p has no debug structure", __func__, ifa);
3827 /* NOTREACHED */
3828 }
3829 if (ifa->ifa_debug & IFD_TRASHED) {
3830 /* Become a regular mutex, just in case */
3831 IFA_CONVERT_LOCK(ifa);
3832 lck_mtx_lock(&in6ifa_trash_lock);
3833 TAILQ_REMOVE(&in6ifa_trash_head, in6ifa_dbg, in6ifa_trash_link);
3834 lck_mtx_unlock(&in6ifa_trash_lock);
3835 ifa->ifa_debug &= ~IFD_TRASHED;
3836 }
3837}
3838
3839static void
3840in6_ifaddr_detached(struct ifaddr *ifa)
3841{
3842 struct in6_ifaddr_dbg *in6ifa_dbg = (struct in6_ifaddr_dbg *)ifa;
3843
3844 IFA_LOCK_ASSERT_HELD(ifa);
3845
3846 if (!(ifa->ifa_debug & IFD_DEBUG)) {
3847 panic("%s: ifa %p has no debug structure", __func__, ifa);
3848 /* NOTREACHED */
3849 } else if (ifa->ifa_debug & IFD_TRASHED) {
3850 panic("%s: ifa %p is already in trash list", __func__, ifa);
3851 /* NOTREACHED */
3852 }
3853 ifa->ifa_debug |= IFD_TRASHED;
3854 /* Become a regular mutex, just in case */
3855 IFA_CONVERT_LOCK(ifa);
3856 lck_mtx_lock(&in6ifa_trash_lock);
3857 TAILQ_INSERT_TAIL(&in6ifa_trash_head, in6ifa_dbg, in6ifa_trash_link);
3858 lck_mtx_unlock(&in6ifa_trash_lock);
3859}
3860
b0d623f7
A		 3861static void
3862in6_ifaddr_trace(struct ifaddr *ifa, int refhold)
3863{
3864 struct in6_ifaddr_dbg *in6ifa_dbg = (struct in6_ifaddr_dbg *)ifa;
3865 ctrace_t *tr;
3866 u_int32_t idx;
3867 u_int16_t *cnt;
3868
6d2010ae 3869 if (!(ifa->ifa_debug & IFD_DEBUG)) {
b0d623f7 3870 panic("%s: ifa %p has no debug structure", __func__, ifa);
6d2010ae
A		 3871 /* NOTREACHED */
3872 }
b0d623f7
A		 3873 if (refhold) {
3874 cnt = &in6ifa_dbg->in6ifa_refhold_cnt;
3875 tr = in6ifa_dbg->in6ifa_refhold;
3876 } else {
3877 cnt = &in6ifa_dbg->in6ifa_refrele_cnt;
3878 tr = in6ifa_dbg->in6ifa_refrele;
3879 }
3880
6d2010ae 3881 idx = atomic_add_16_ov(cnt, 1) % IN6IFA_TRACE_HIST_SIZE;
b0d623f7
A		 3882 ctrace_record(&tr[idx]);
3883}
316670eb 3884
39236c6e
A		 3885/*
3886 * Handle SIOCGASSOCIDS ioctl for PF_INET6 domain.
3887 */
3888static int
3889in6_getassocids(struct socket *so, uint32_t *cnt, user_addr_t aidp)
3890{
3891 struct in6pcb *in6p = sotoin6pcb(so);
3e170ce0 3892 sae_associd_t aid;
39236c6e
A		 3893
3894 if (in6p == NULL || in6p->inp_state == INPCB_STATE_DEAD)
3895 return (EINVAL);
3896
3897 /* IN6PCB has no concept of association */
3e170ce0 3898 aid = SAE_ASSOCID_ANY;
39236c6e
A		 3899 *cnt = 0;
3900
3901 /* just asking how many there are? */
3902 if (aidp == USER_ADDR_NULL)
3903 return (0);
3904
3905 return (copyout(&aid, aidp, sizeof (aid)));
3906}
3907
3908/*
3909 * Handle SIOCGCONNIDS ioctl for PF_INET6 domain.
3910 */
3911static int
3e170ce0 3912in6_getconnids(struct socket *so, sae_associd_t aid, uint32_t *cnt,
39236c6e
A		 3913 user_addr_t cidp)
3914{
3915 struct in6pcb *in6p = sotoin6pcb(so);
3e170ce0 3916 sae_connid_t cid;
39236c6e
A		 3917
3918 if (in6p == NULL || in6p->inp_state == INPCB_STATE_DEAD)
3919 return (EINVAL);
3920
3e170ce0 3921 if (aid != SAE_ASSOCID_ANY && aid != SAE_ASSOCID_ALL)
39236c6e
A		 3922 return (EINVAL);
3923
3924 /* if connected, return 1 connection count */
3925 *cnt = ((so->so_state & SS_ISCONNECTED) ? 1 : 0);
3926
3927 /* just asking how many there are? */
3928 if (cidp == USER_ADDR_NULL)
3929 return (0);
3930
3931 /* if IN6PCB is connected, assign it connid 1 */
3e170ce0 3932 cid = ((*cnt != 0) ? 1 : SAE_CONNID_ANY);
39236c6e
A		 3933
3934 return (copyout(&cid, cidp, sizeof (cid)));
3935}
3936
3937/*
3938 * Handle SIOCGCONNINFO ioctl for PF_INET6 domain.
3939 */
5ba3f43e 3940int
3e170ce0 3941in6_getconninfo(struct socket *so, sae_connid_t cid, uint32_t *flags,
39236c6e
A		 3942 uint32_t *ifindex, int32_t *soerror, user_addr_t src, socklen_t *src_len,
3943 user_addr_t dst, socklen_t *dst_len, uint32_t *aux_type,
3944 user_addr_t aux_data, uint32_t *aux_len)
3945{
39236c6e
A		 3946 struct in6pcb *in6p = sotoin6pcb(so);
3947 struct sockaddr_in6 sin6;
3948 struct ifnet *ifp = NULL;
3949 int error = 0;
3950 u_int32_t copy_len = 0;
3951
3952 /*
3953 * Don't test for INPCB_STATE_DEAD since this may be called
3954 * after SOF_PCBCLEARING is set, e.g. after tcp_close().
3955 */
3956 if (in6p == NULL) {
3957 error = EINVAL;
3958 goto out;
3959 }
3960
3e170ce0 3961 if (cid != SAE_CONNID_ANY && cid != SAE_CONNID_ALL && cid != 1) {
39236c6e
A		 3962 error = EINVAL;
3963 goto out;
3964 }
3965
3966 ifp = in6p->in6p_last_outifp;
3967 *ifindex = ((ifp != NULL) ? ifp->if_index : 0);
3968 *soerror = so->so_error;
3969 *flags = 0;
3970 if (so->so_state & SS_ISCONNECTED)
3971 *flags |= (CIF_CONNECTED | CIF_PREFERRED);
3972 if (in6p->in6p_flags & INP_BOUND_IF)
3973 *flags |= CIF_BOUND_IF;
3974 if (!(in6p->in6p_flags & INP_IN6ADDR_ANY))
3975 *flags |= CIF_BOUND_IP;
3976 if (!(in6p->in6p_flags & INP_ANONPORT))
3977 *flags |= CIF_BOUND_PORT;
3978
3979 bzero(&sin6, sizeof (sin6));
3980 sin6.sin6_len = sizeof (sin6);
3981 sin6.sin6_family = AF_INET6;
3982
3983 /* source address and port */
3984 sin6.sin6_port = in6p->in6p_lport;
fe8ab488 3985 in6_recoverscope(&sin6, &in6p->in6p_laddr, NULL);
39236c6e
A		 3986 if (*src_len == 0) {
3987 *src_len = sin6.sin6_len;
3988 } else {
3989 if (src != USER_ADDR_NULL) {
3990 copy_len = min(*src_len, sizeof (sin6));
3991 error = copyout(&sin6, src, copy_len);
3992 if (error != 0)
3993 goto out;
3994 *src_len = copy_len;
3995 }
3996 }
3997
3998 /* destination address and port */
3999 sin6.sin6_port = in6p->in6p_fport;
fe8ab488 4000 in6_recoverscope(&sin6, &in6p->in6p_faddr, NULL);
39236c6e
A		 4001 if (*dst_len == 0) {
4002 *dst_len = sin6.sin6_len;
4003 } else {
4004 if (dst != USER_ADDR_NULL) {
4005 copy_len = min(*dst_len, sizeof (sin6));
4006 error = copyout(&sin6, dst, copy_len);
4007 if (error != 0)
4008 goto out;
4009 *dst_len = copy_len;
4010 }
4011 }
4012
39236c6e
A		 4013 if (SOCK_PROTO(so) == IPPROTO_TCP) {
4014 struct conninfo_tcp tcp_ci;
4015
4016 *aux_type = CIAUX_TCP;
4017 if (*aux_len == 0) {
4018 *aux_len = sizeof (tcp_ci);
4019 } else {
4020 if (aux_data != USER_ADDR_NULL) {
4021 copy_len = min(*aux_len, sizeof (tcp_ci));
4022 bzero(&tcp_ci, sizeof (tcp_ci));
4023 tcp_getconninfo(so, &tcp_ci);
4024 error = copyout(&tcp_ci, aux_data, copy_len);
4025 if (error != 0)
4026 goto out;
4027 *aux_len = copy_len;
4028 }
4029 }
5ba3f43e
A		 4030 } else {
4031 *aux_type = 0;
4032 *aux_len = 0;
39236c6e
A		 4033 }
4034
4035out:
4036 return (error);
4037}
4038
4039/*
4040 * 'u' group ioctls.
4041 *
4042 * The switch statement below does nothing at runtime, as it serves as a
4043 * compile time check to ensure that all of the socket 'u' ioctls (those
4044 * in the 'u' group going thru soo_ioctl) that are made available by the
4045 * networking stack is unique. This works as long as this routine gets
4046 * updated each time a new interface ioctl gets added.
4047 *
4048 * Any failures at compile time indicates duplicated ioctl values.
4049 */
4050static __attribute__((unused)) void
4051in6ioctl_cassert(void)
4052{
4053 /*
4054 * This is equivalent to _CASSERT() and the compiler wouldn't
4055 * generate any instructions, thus for compile time only.
4056 */
4057 switch ((u_long)0) {
4058 case 0:
4059
4060 /* bsd/netinet6/in6_var.h */
39236c6e
A		 4061 case SIOCAADDRCTL_POLICY:
4062 case SIOCDADDRCTL_POLICY:
4063 case SIOCDRADD_IN6_32:
4064 case SIOCDRADD_IN6_64:
4065 case SIOCDRDEL_IN6_32:
4066 case SIOCDRDEL_IN6_64:
4067 ;
4068 }
4069}
5ba3f43e
A		 4070
4071struct in6_llentry {
4072 struct llentry base;
4073};
4074
4075#define IN6_LLTBL_DEFAULT_HSIZE 32
4076#define IN6_LLTBL_HASH(k, h) \
4077 ((((((((k) >> 8) ^ (k)) >> 8) ^ (k)) >> 8) ^ (k)) & ((h) - 1))
4078
4079/*
4080 * Do actual deallocation of @lle.
4081 */
4082static void
4083in6_lltable_destroy_lle_unlocked(struct llentry *lle)
4084{
4085 LLE_LOCK_DESTROY(lle);
4086 LLE_REQ_DESTROY(lle);
4087 FREE(lle, M_LLTABLE);
4088}
4089
4090/*
4091 * Called by LLE_FREE_LOCKED when number of references
4092 * drops to zero.
4093 */
4094static void
4095in6_lltable_destroy_lle(struct llentry *lle)
4096{
4097 LLE_WUNLOCK(lle);
4098 /* XXX TBD */
4099 //thread_call_free(lle->lle_timer);
4100 in6_lltable_destroy_lle_unlocked(lle);
4101}
4102
4103
4104static struct llentry *
4105in6_lltable_new(const struct in6_addr *addr6, u_int flags)
4106{
4107#pragma unused(flags)
4108 struct in6_llentry *lle;
4109
4110 MALLOC(lle, struct in6_llentry *, sizeof(struct in6_llentry), M_LLTABLE, M_NOWAIT | M_ZERO);
4111 if (lle == NULL) /* NB: caller generates msg */
4112 return NULL;
4113
4114 lle->base.r_l3addr.addr6 = *addr6;
4115 lle->base.lle_refcnt = 1;
4116 lle->base.lle_free = in6_lltable_destroy_lle;
4117 LLE_LOCK_INIT(&lle->base);
4118 LLE_REQ_INIT(&lle->base);
4119#if 0
4120 /* XXX TBD */
4121 lle->base.lle_timer = thread_call_allocate(nd6_llinfo_timer, lle);
4122
4123 if (lle->base.lle_timer == NULL) {
4124 printf("lle_timer thread call could not be allocated.\n");
4125 LLE_LOCK_DESTROY(&lle->base);
4126 LLE_REQ_DESTROY(&lle->base);
4127 FREE(lle, M_LLTABLE);
4128 return NULL;
4129 }
4130#endif
4131 return (&lle->base);
4132}
4133
4134static int
4135in6_lltable_match_prefix(const struct sockaddr *saddr,
4136 const struct sockaddr *smask, u_int flags, struct llentry *lle)
4137{
4138 const struct in6_addr *addr, *mask, *lle_addr;
4139
4140 addr = &((const struct sockaddr_in6 *)(const void *)saddr)->sin6_addr;
4141 mask = &((const struct sockaddr_in6 *)(const void *)smask)->sin6_addr;
4142 lle_addr = &lle->r_l3addr.addr6;
4143
4144 if (IN6_ARE_MASKED_ADDR_EQUAL(lle_addr, addr, mask) == 0)
4145 return (0);
4146
4147 if (lle->la_flags & LLE_IFADDR) {
4148 /*
4149 * Delete LLE_IFADDR records IFF address & flag matches.
4150 * Note that addr is the interface address within prefix
4151 * being matched.
4152 */
4153 if (IN6_ARE_ADDR_EQUAL(addr, lle_addr) &&
4154 (flags & LLE_STATIC) != 0)
4155 return (1);
4156 return (0);
4157 }
4158
4159 /* flags & LLE_STATIC means deleting both dynamic and static entries */
4160 if ((flags & LLE_STATIC) || !(lle->la_flags & LLE_STATIC))
4161 return (1);
4162
4163 return (0);
4164}
4165
4166static void
4167in6_lltable_free_entry(struct lltable *llt, struct llentry *lle)
4168{
4169 struct ifnet *ifp;
4170
4171 LLE_WLOCK_ASSERT(lle);
4172 KASSERT(llt != NULL, ("lltable is NULL"));
4173
4174 /* Unlink entry from table */
4175 if ((lle->la_flags & LLE_LINKED) != 0) {
4176 ifp = llt->llt_ifp;
4177 if_afdata_wlock_assert(ifp, llt->llt_af);
4178 lltable_unlink_entry(llt, lle);
4179 }
4180
4181#if 0
4182 /* XXX TBD */
4183 if (thread_call_cancel(lle->lle_timer) == TRUE)
4184 LLE_REMREF(lle);
4185#endif
4186 llentry_free(lle);
4187}
4188
4189static int
4190in6_lltable_rtcheck(struct ifnet *ifp,
4191 u_int flags, const struct sockaddr *l3addr)
4192{
4193#pragma unused(flags)
4194 struct rtentry *rt;
4195
4196 KASSERT(l3addr->sa_family == AF_INET6,
4197 ("sin_family %d", l3addr->sa_family));
4198 /* XXX rtalloc1 should take a const param */
4199 rt = rtalloc1(__DECONST(struct sockaddr *, l3addr), 0, 0);
4200 if (rt == NULL || (rt->rt_flags & RTF_GATEWAY) || rt->rt_ifp != ifp) {
4201 struct ifaddr *ifa;
4202 /*
4203 * Create an ND6 cache for an IPv6 neighbor
4204 * that is not covered by our own prefix.
4205 */
4206 /* XXX ifaof_ifpforaddr should take a const param */
4207 ifa = ifaof_ifpforaddr(__DECONST(struct sockaddr *, l3addr), ifp);
4208 if (ifa != NULL) {
4209 IFA_REMREF(ifa);
4210 if (rt != NULL)
4211 rtfree(rt);
4212 return 0;
4213 }
4214 log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n",
4215 ip6_sprintf(&((const struct sockaddr_in6 *)(const void *)l3addr)->sin6_addr));
4216 if (rt != NULL)
4217 rtfree(rt);
4218 return EINVAL;
4219 }
4220 rtfree(rt);
4221 return 0;
4222}
4223
4224static inline uint32_t
4225in6_lltable_hash_dst(const struct in6_addr *dst, uint32_t hsize)
4226{
4227 return (IN6_LLTBL_HASH(dst->s6_addr32[3], hsize));
4228}
4229
4230static uint32_t
4231in6_lltable_hash(const struct llentry *lle, uint32_t hsize)
4232{
4233 return (in6_lltable_hash_dst(&lle->r_l3addr.addr6, hsize));
4234}
4235
4236static void
4237in6_lltable_fill_sa_entry(const struct llentry *lle, struct sockaddr *sa)
4238{
4239 struct sockaddr_in6 *sin6;
4240
4241 sin6 = (struct sockaddr_in6 *)(void *)sa;
4242 bzero(sin6, sizeof(*sin6));
4243 sin6->sin6_family = AF_INET6;
4244 sin6->sin6_len = sizeof(*sin6);
4245 sin6->sin6_addr = lle->r_l3addr.addr6;
4246}
4247
4248static inline struct llentry *
4249in6_lltable_find_dst(struct lltable *llt, const struct in6_addr *dst)
4250{
4251 struct llentry *lle;
4252 struct llentries *lleh;
4253 u_int hashidx;
4254
4255 hashidx = in6_lltable_hash_dst(dst, llt->llt_hsize);
4256 lleh = &llt->lle_head[hashidx];
4257 LIST_FOREACH(lle, lleh, lle_next) {
4258 if (lle->la_flags & LLE_DELETED)
4259 continue;
4260 if (IN6_ARE_ADDR_EQUAL(&lle->r_l3addr.addr6, dst))
4261 break;
4262 }
4263
4264 return (lle);
4265}
4266
4267static void
4268in6_lltable_delete_entry(struct lltable *llt, struct llentry *lle)
4269{
4270#pragma unused(llt)
4271 lle->la_flags |= LLE_DELETED;
4272 EVENTHANDLER_INVOKE(NULL, lle_event, lle, LLENTRY_DELETED);
4273#ifdef DIAGNOSTIC
4274 log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle);
4275#endif
4276 llentry_free(lle);
4277}
4278
4279static struct llentry *
4280in6_lltable_alloc(struct lltable *llt, u_int flags,
4281 const struct sockaddr *l3addr)
4282{
4283 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)(const void *)l3addr;
4284 struct ifnet *ifp = llt->llt_ifp;
4285 struct llentry *lle;
4286
4287 KASSERT(l3addr->sa_family == AF_INET6,
4288 ("sin_family %d", l3addr->sa_family));
4289
4290 /*
4291 * A route that covers the given address must have
4292 * been installed 1st because we are doing a resolution,
4293 * verify this.
4294 */
4295 if (!(flags & LLE_IFADDR) &&
4296 in6_lltable_rtcheck(ifp, flags, l3addr) != 0)
4297 return (NULL);
4298
4299 lle = in6_lltable_new(&sin6->sin6_addr, flags);
4300 if (lle == NULL) {
4301 log(LOG_INFO, "lla_lookup: new lle malloc failed\n");
4302 return (NULL);
4303 }
4304 lle->la_flags = flags;
4305 if ((flags & LLE_IFADDR) == LLE_IFADDR) {
4306 lltable_set_entry_addr(ifp, lle, LLADDR(SDL(ifp->if_lladdr->ifa_addr)));
4307 lle->la_flags |= LLE_STATIC;
4308 }
4309
4310 if ((lle->la_flags & LLE_STATIC) != 0)
4311 lle->ln_state = ND6_LLINFO_REACHABLE;
4312
4313 return (lle);
4314}
4315
4316static struct llentry *
4317in6_lltable_lookup(struct lltable *llt, u_int flags,
4318 const struct sockaddr *l3addr)
4319{
4320 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)(const void *)l3addr;
4321 struct llentry *lle;
4322
4323 IF_AFDATA_LOCK_ASSERT(llt->llt_ifp, llt->llt_af);
4324 KASSERT(l3addr->sa_family == AF_INET6,
4325 ("sin_family %d", l3addr->sa_family));
4326
4327 lle = in6_lltable_find_dst(llt, &sin6->sin6_addr);
4328
4329 if (lle == NULL)
4330 return (NULL);
4331
4332 KASSERT((flags & (LLE_UNLOCKED|LLE_EXCLUSIVE)) !=
4333 (LLE_UNLOCKED|LLE_EXCLUSIVE),("wrong lle request flags: 0x%X",
4334 flags));
4335
4336 if (flags & LLE_UNLOCKED)
4337 return (lle);
4338
4339 if (flags & LLE_EXCLUSIVE)
4340 LLE_WLOCK(lle);
4341 else
4342 LLE_RLOCK(lle);
4343 return (lle);
4344}
4345
4346static int
4347in6_lltable_dump_entry(struct lltable *llt, struct llentry *lle,
4348 struct sysctl_req *wr)
4349{
4350 struct ifnet *ifp = llt->llt_ifp;
4351 /* XXX stack use */
4352 struct {
4353 struct rt_msghdr rtm;
4354 struct sockaddr_in6 sin6;
4355 /*
4356 * ndp.c assumes that sdl is word aligned
4357 */
4358#ifdef __LP64__
4359 uint32_t pad;
4360#endif
4361 struct sockaddr_dl sdl;
4362 } ndpc;
4363 struct sockaddr_dl *sdl;
4364 int error;
4365
4366 bzero(&ndpc, sizeof(ndpc));
4367 /* skip deleted entries */
4368 if ((lle->la_flags & LLE_DELETED) == LLE_DELETED)
4369 return (0);
4370 /* Skip if jailed and not a valid IP of the prison. */
4371 lltable_fill_sa_entry(lle,
4372 (struct sockaddr *)&ndpc.sin6);
4373 /*
4374 * produce a msg made of:
4375 * struct rt_msghdr;
4376 * struct sockaddr_in6 (IPv6)
4377 * struct sockaddr_dl;
4378 */
4379 ndpc.rtm.rtm_msglen = sizeof(ndpc);
4380 ndpc.rtm.rtm_version = RTM_VERSION;
4381 ndpc.rtm.rtm_type = RTM_GET;
4382 ndpc.rtm.rtm_flags = RTF_UP;
4383 ndpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY;
4384
4385 /* publish */
4386 if (lle->la_flags & LLE_PUB)
4387 ndpc.rtm.rtm_flags |= RTF_ANNOUNCE;
4388 sdl = &ndpc.sdl;
4389 sdl->sdl_family = AF_LINK;
4390 sdl->sdl_len = sizeof(*sdl);
4391 sdl->sdl_index = ifp->if_index;
4392 sdl->sdl_type = ifp->if_type;
4393 if ((lle->la_flags & LLE_VALID) == LLE_VALID) {
4394 sdl->sdl_alen = ifp->if_addrlen;
4395 bcopy(&lle->ll_addr, LLADDR(sdl), ifp->if_addrlen);
4396 } else {
4397 sdl->sdl_alen = 0;
4398 bzero(LLADDR(sdl), ifp->if_addrlen);
4399 }
4400 if (lle->la_expire != 0) {
4401 clock_sec_t secs;
4402 clock_usec_t usecs;
4403
4404 clock_get_calendar_microtime(&secs, &usecs);
4405 ndpc.rtm.rtm_rmx.rmx_expire = lle->la_expire +
4406 lle->lle_remtime / hz +
4407 secs - net_uptime();
4408 }
4409 ndpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA);
4410 if (lle->la_flags & LLE_STATIC)
4411 ndpc.rtm.rtm_flags |= RTF_STATIC;
4412 if (lle->la_flags & LLE_IFADDR)
4413 ndpc.rtm.rtm_flags |= RTF_PINNED;
4414 if (lle->ln_router != 0)
4415 ndpc.rtm.rtm_flags |= RTF_GATEWAY;
4416 ndpc.rtm.rtm_rmx.rmx_pksent = lle->la_asked;
4417 /* Store state in rmx_weight value */
4418 ndpc.rtm.rtm_rmx.rmx_state = lle->ln_state;
4419 ndpc.rtm.rtm_index = ifp->if_index;
4420 error = SYSCTL_OUT(wr, &ndpc, sizeof(ndpc));
4421
4422 return (error);
4423}
4424
4425struct lltable *
4426in6_lltattach(struct ifnet *ifp)
4427{
4428 struct lltable *llt;
4429
4430 llt = lltable_allocate_htbl(IN6_LLTBL_DEFAULT_HSIZE);
4431 llt->llt_af = AF_INET6;
4432 llt->llt_ifp = ifp;
4433
4434 llt->llt_lookup = in6_lltable_lookup;
4435 llt->llt_alloc_entry = in6_lltable_alloc;
4436 llt->llt_delete_entry = in6_lltable_delete_entry;
4437 llt->llt_dump_entry = in6_lltable_dump_entry;
4438 llt->llt_hash = in6_lltable_hash;
4439 llt->llt_fill_sa_entry = in6_lltable_fill_sa_entry;
4440 llt->llt_free_entry = in6_lltable_free_entry;
4441 llt->llt_match_prefix = in6_lltable_match_prefix;
4442 lltable_link(llt);
4443
4444 return (llt);
4445}
4446
4447void
4448in6_ip6_to_sockaddr(const struct in6_addr *ip6, u_int16_t port,
4449 struct sockaddr_in6 *sin6, u_int32_t maxlen)
4450{
4451 if (maxlen < sizeof(struct sockaddr_in6)) {
4452 return;
4453 }
4454
4455 *sin6 = (struct sockaddr_in6) {
4456 .sin6_family = AF_INET6,
4457 .sin6_len = sizeof(*sin6),
4458 .sin6_port = port,
4459 .sin6_addr = *ip6,
4460 };
4461
4462 if (IN6_IS_SCOPE_EMBED(&sin6->sin6_addr))
4463 {
4464 sin6->sin6_scope_id = ntohs(sin6->sin6_addr.s6_addr16[1]);
4465 sin6->sin6_addr.s6_addr16[1] = 0;
4466 }
4467}
4468
4469/* IPv6 events */
4470struct in6_event {
4471 in6_evhdlr_code_t in6_event_code;
4472 struct ifnet *in6_ifp;
4473 struct in6_addr in6_address;
4474 uint32_t val;
4475};
4476
4477struct in6_event2kev in6_event2kev_array[IN6_EVENT_MAX] = {
4478{
4479 .in6_event_code = IN6_ADDR_MARKED_DUPLICATED,
4480 .in6_event_kev_subclass = KEV_ND6_SUBCLASS,
4481 .in6_event_kev_code = KEV_ND6_DAD_FAILURE,
4482 .in6_event_str = "IN6_ADDR_MARKED_DUPLICATED",
4483},
4484{
4485 .in6_event_code = IN6_ADDR_MARKED_DETACHED,
4486 .in6_event_kev_subclass = KEV_ND6_SUBCLASS,
4487 .in6_event_kev_code = KEV_ND6_ADDR_DETACHED,
4488 .in6_event_str = "IN6_ADDR_MARKED_DETACHED",
4489},
4490{
4491 .in6_event_code = IN6_ADDR_MARKED_DEPRECATED,
4492 .in6_event_kev_subclass = KEV_ND6_SUBCLASS,
4493 .in6_event_kev_code = KEV_ND6_ADDR_DEPRECATED,
4494 .in6_event_str = "IN6_ADDR_MARKED_DEPRECATED",
4495},
4496{
4497 .in6_event_code = IN6_NDP_RTR_EXPIRY,
4498 .in6_event_kev_subclass = KEV_ND6_SUBCLASS,
4499 .in6_event_kev_code = KEV_ND6_RTR_EXPIRED,
4500 .in6_event_str = "IN6_NDP_RTR_EXPIRY",
4501},
4502{
4503 .in6_event_code = IN6_NDP_PFX_EXPIRY,
4504 .in6_event_kev_subclass = KEV_ND6_SUBCLASS,
4505 .in6_event_kev_code = KEV_ND6_PFX_EXPIRED,
4506 .in6_event_str = "IN6_NDP_PFX_EXPIRY",
4507},
4508{
4509 .in6_event_code = IN6_NDP_ADDR_EXPIRY,
4510 .in6_event_kev_subclass = KEV_ND6_SUBCLASS,
4511 .in6_event_kev_code = KEV_ND6_ADDR_EXPIRED,
4512 .in6_event_str = "IN6_NDP_ADDR_EXPIRY",
4513},
4514};
4515
4516void
4517in6_eventhdlr_callback(struct eventhandler_entry_arg arg0 __unused,
4518 in6_evhdlr_code_t in6_ev_code, struct ifnet *ifp,
4519 struct in6_addr *p_addr6, uint32_t val)
4520{
4521 struct kev_msg ev_msg;
4522 struct kev_nd6_event nd6_event;
4523
4524 bzero(&ev_msg, sizeof(ev_msg));
4525 bzero(&nd6_event, sizeof(nd6_event));
4526
4527 nd6log0((LOG_INFO, "%s Event %s received for %s\n",
4528 __func__, in6_event2kev_array[in6_ev_code].in6_event_str,
4529 ip6_sprintf(p_addr6)));
4530
4531 ev_msg.vendor_code = KEV_VENDOR_APPLE;
4532 ev_msg.kev_class = KEV_NETWORK_CLASS;
4533 ev_msg.kev_subclass =
4534 in6_event2kev_array[in6_ev_code].in6_event_kev_subclass;
4535 ev_msg.event_code =
4536 in6_event2kev_array[in6_ev_code].in6_event_kev_code;
4537
4538 nd6_event.link_data.if_family = ifp->if_family;
4539 nd6_event.link_data.if_unit = ifp->if_unit;
4540 strlcpy(nd6_event.link_data.if_name, ifp->if_name,
4541 sizeof(nd6_event.link_data.if_name));
4542
4543 VERIFY(p_addr6 != NULL);
4544 bcopy(p_addr6, &nd6_event.in6_address,
4545 sizeof(nd6_event.in6_address));
4546 nd6_event.val = val;
4547
4548 ev_msg.dv[0].data_ptr = &nd6_event;
4549 ev_msg.dv[0].data_length = sizeof(nd6_event);
4550
4551 kev_post_msg(&ev_msg);
4552}
4553
4554static void
4555in6_event_callback(void *arg)
4556{
4557 struct in6_event *p_in6_ev = (struct in6_event *)arg;
4558
4559 EVENTHANDLER_INVOKE(&in6_evhdlr_ctxt, in6_event,
4560 p_in6_ev->in6_event_code, p_in6_ev->in6_ifp,
4561 &p_in6_ev->in6_address, p_in6_ev->val);
4562}
4563
4564struct in6_event_nwk_wq_entry
4565{
4566 struct nwk_wq_entry nwk_wqe;
4567 struct in6_event in6_ev_arg;
4568};
4569
4570void
4571in6_event_enqueue_nwk_wq_entry(in6_evhdlr_code_t in6_event_code,
4572 struct ifnet *ifp, struct in6_addr *p_addr6,
4573 uint32_t val)
4574{
4575 struct in6_event_nwk_wq_entry *p_in6_ev = NULL;
4576
4577 MALLOC(p_in6_ev, struct in6_event_nwk_wq_entry *,
4578 sizeof(struct in6_event_nwk_wq_entry),
4579 M_NWKWQ, M_WAITOK | M_ZERO);
4580
4581 p_in6_ev->nwk_wqe.func = in6_event_callback;
4582 p_in6_ev->nwk_wqe.is_arg_managed = TRUE;
4583 p_in6_ev->nwk_wqe.arg = &p_in6_ev->in6_ev_arg;
4584
4585 p_in6_ev->in6_ev_arg.in6_event_code = in6_event_code;
4586 p_in6_ev->in6_ev_arg.in6_ifp = ifp;
4587 if (p_addr6 != NULL) {
4588 bcopy(p_addr6, &p_in6_ev->in6_ev_arg.in6_address,
4589 sizeof(p_in6_ev->in6_ev_arg.in6_address));
4590 }
4591 p_in6_ev->in6_ev_arg.val = val;
4592
4593 nwk_wq_enqueue((struct nwk_wq_entry*)p_in6_ev);
4594}
mirror of XNU