2 * Copyright (c) 2000-2013 Apple Inc. All rights reserved.
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
29 * Copyright (c) 1982, 1989, 1993
30 * The Regents of the University of California. All rights reserved.
32 * Redistribution and use in source and binary forms, with or without
33 * modification, are permitted provided that the following conditions
35 * 1. Redistributions of source code must retain the above copyright
36 * notice, this list of conditions and the following disclaimer.
37 * 2. Redistributions in binary form must reproduce the above copyright
38 * notice, this list of conditions and the following disclaimer in the
39 * documentation and/or other materials provided with the distribution.
40 * 3. All advertising materials mentioning features or use of this software
41 * must display the following acknowledgement:
42 * This product includes software developed by the University of
43 * California, Berkeley and its contributors.
44 * 4. Neither the name of the University nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
62 * NOTICE: This file was modified by SPARTA, Inc. in 2006 to introduce
63 * support for mandatory and extensible security protections. This notice
64 * is included in support of clause 2.2 (b) of the Apple Public License,
69 #include <sys/param.h>
70 #include <sys/systm.h>
71 #include <sys/kernel.h>
72 #include <sys/malloc.h>
74 #include <sys/socket.h>
75 #include <sys/sockio.h>
76 #include <sys/sysctl.h>
80 #include <net/route.h>
81 #include <net/if_llc.h>
82 #include <net/if_dl.h>
83 #include <net/if_types.h>
84 #include <net/kpi_protocol.h>
85 #include <netinet/in.h>
86 #include <netinet/in_var.h>
87 #include <netinet/if_ether.h>
88 #include <netinet/in_systm.h>
89 #include <netinet/ip.h>
90 #include <netinet/in_arp.h>
92 #include <sys/socketvar.h>
96 /* #include "vlan.h" */
98 #include <net/if_vlan_var.h>
99 #endif /* NVLAN > 0 */
100 #include <net/ether_if_module.h>
102 #include <security/mac_framework.h>
105 /* Local function declarations */
106 extern void *kdp_get_interface(void);
107 extern void kdp_set_ip_and_mac_addresses(struct in_addr
*ipaddr
,
108 struct ether_addr
*macaddr
);
110 #define _ip_copy(dst, src) \
111 bcopy(src, dst, sizeof (struct in_addr))
114 ether_inet_arp_input(struct ifnet
*ifp
, struct mbuf
*m
)
116 struct ether_arp
*ea
;
117 struct sockaddr_dl sender_hw
;
118 struct sockaddr_in sender_ip
;
119 struct sockaddr_in target_ip
;
121 if (mbuf_len(m
) < sizeof(*ea
) && mbuf_pullup(&m
, sizeof(*ea
)) != 0) {
127 /* Verify this is an ethernet/ip arp and address lengths are correct */
128 if (ntohs(ea
->arp_hrd
) != ARPHRD_ETHER
||
129 ntohs(ea
->arp_pro
) != ETHERTYPE_IP
||
130 ea
->arp_pln
!= sizeof(struct in_addr
) ||
131 ea
->arp_hln
!= ETHER_ADDR_LEN
) {
136 /* Verify the sender is not broadcast */
137 if (bcmp(ea
->arp_sha
, etherbroadcastaddr
, ETHER_ADDR_LEN
) == 0) {
142 bzero(&sender_ip
, sizeof(sender_ip
));
143 sender_ip
.sin_len
= sizeof(sender_ip
);
144 sender_ip
.sin_family
= AF_INET
;
145 _ip_copy(&sender_ip
.sin_addr
, ea
->arp_spa
);
146 target_ip
= sender_ip
;
147 _ip_copy(&target_ip
.sin_addr
, ea
->arp_tpa
);
149 bzero(&sender_hw
, sizeof(sender_hw
));
150 sender_hw
.sdl_len
= sizeof(sender_hw
);
151 sender_hw
.sdl_family
= AF_LINK
;
152 sender_hw
.sdl_type
= IFT_ETHER
;
153 sender_hw
.sdl_alen
= ETHER_ADDR_LEN
;
154 bcopy(ea
->arp_sha
, LLADDR(&sender_hw
), ETHER_ADDR_LEN
);
156 /* update L2 reachability record, if present */
157 arp_llreach_set_reachable(ifp
, LLADDR(&sender_hw
), ETHER_ADDR_LEN
);
159 arp_ip_handle_input(ifp
, ntohs(ea
->arp_op
), &sender_hw
, &sender_ip
,
165 * Process a received Ethernet packet;
166 * the packet is in the mbuf chain m without
167 * the ether header, which is provided separately.
170 ether_inet_input(ifnet_t ifp
, protocol_family_t protocol_family
,
173 #pragma unused(ifp, protocol_family)
175 mbuf_t
*tailptr
= &m_list
;
178 /* Strip ARP and non-IP packets out of the list */
179 for (m
= m_list
; m
; m
= nextpkt
) {
180 struct ether_header
*eh
= mbuf_pkthdr_header(m
);
184 * Trust the ifp in the mbuf, rather than ifproto's
185 * since the packet could have been injected via
186 * a dlil_input_packet_list() using an ifp that is
187 * different than the one where the packet really
190 mifp
= mbuf_pkthdr_rcvif(m
);
192 nextpkt
= m
->m_nextpkt
;
194 if (eh
->ether_type
== htons(ETHERTYPE_IP
)) {
196 * Update L2 reachability record, if present
197 * (and if not a broadcast sender).
199 if (bcmp(eh
->ether_shost
, etherbroadcastaddr
,
200 ETHER_ADDR_LEN
) != 0) {
201 arp_llreach_set_reachable(mifp
, eh
->ether_shost
,
204 /* put this packet in the list */
206 tailptr
= &m
->m_nextpkt
;
208 /* Pass ARP packets to arp input */
210 if (eh
->ether_type
== htons(ETHERTYPE_ARP
)) {
211 ether_inet_arp_input(mifp
, m
);
220 /* Pass IP list to ip input */
221 if (m_list
!= NULL
&& proto_input(PF_INET
, m_list
) != 0) {
222 mbuf_freem_list(m_list
);
229 ether_inet_pre_output(ifnet_t ifp
, protocol_family_t protocol_family
,
230 mbuf_t
*m0
, const struct sockaddr
*dst_netaddr
,
231 void *route
, char *type
, char *edst
)
233 #pragma unused(protocol_family)
234 struct mbuf
*m
= *m0
;
235 const struct ether_header
*eh
;
238 if ((ifp
->if_flags
& (IFF_UP
| IFF_RUNNING
)) != (IFF_UP
| IFF_RUNNING
)) {
243 * Tell ether_frameout it's ok to loop packet unless negated below.
245 m
->m_flags
|= M_LOOP
;
247 switch (dst_netaddr
->sa_family
) {
249 struct sockaddr_dl ll_dest
;
251 result
= arp_lookup_ip(ifp
,
252 (const struct sockaddr_in
*)(uintptr_t)(size_t)dst_netaddr
,
253 &ll_dest
, sizeof(ll_dest
), (route_t
)route
, *m0
);
255 u_int16_t ethertype_ip
= htons(ETHERTYPE_IP
);
257 bcopy(LLADDR(&ll_dest
), edst
, ETHER_ADDR_LEN
);
258 bcopy(ðertype_ip
, type
, sizeof(ethertype_ip
));
263 case pseudo_AF_HDRCMPLT
:
265 m
->m_flags
&= ~M_LOOP
;
266 eh
= (const struct ether_header
*)(uintptr_t)(size_t)
267 dst_netaddr
->sa_data
;
268 (void) memcpy(edst
, eh
->ether_dhost
, 6);
269 bcopy(&eh
->ether_type
, type
, sizeof(u_short
));
273 printf("%s: can't handle af%d\n", if_name(ifp
),
274 dst_netaddr
->sa_family
);
276 result
= EAFNOSUPPORT
;
284 ether_inet_resolve_multi(ifnet_t ifp
, const struct sockaddr
*proto_addr
,
285 struct sockaddr_dl
*out_ll
, size_t ll_len
)
287 static const size_t minsize
=
288 offsetof(struct sockaddr_dl
, sdl_data
[0]) + ETHER_ADDR_LEN
;
289 const struct sockaddr_in
*sin
=
290 (const struct sockaddr_in
*)(uintptr_t)(size_t)proto_addr
;
292 if (proto_addr
->sa_family
!= AF_INET
) {
296 if (proto_addr
->sa_len
< sizeof(struct sockaddr_in
)) {
300 if (ll_len
< minsize
) {
304 bzero(out_ll
, minsize
);
305 out_ll
->sdl_len
= minsize
;
306 out_ll
->sdl_family
= AF_LINK
;
307 out_ll
->sdl_index
= ifp
->if_index
;
308 out_ll
->sdl_type
= IFT_ETHER
;
309 out_ll
->sdl_nlen
= 0;
310 out_ll
->sdl_alen
= ETHER_ADDR_LEN
;
311 out_ll
->sdl_slen
= 0;
312 ETHER_MAP_IP_MULTICAST(&sin
->sin_addr
, LLADDR(out_ll
));
318 ether_inet_prmod_ioctl(ifnet_t ifp
, protocol_family_t protocol_family
,
319 u_long command
, void *data
)
321 #pragma unused(protocol_family)
325 case SIOCSIFADDR
: /* struct ifaddr pointer */
326 case SIOCAIFADDR
: { /* struct ifaddr pointer */
328 * Note: caller of ifnet_ioctl() passes in pointer to
329 * struct ifaddr as parameter to SIOC{A,S}IFADDR, for
332 struct ifaddr
*ifa
= data
;
334 if (!(ifnet_flags(ifp
) & IFF_RUNNING
)) {
335 ifnet_set_flags(ifp
, IFF_UP
, IFF_UP
);
336 ifnet_ioctl(ifp
, 0, SIOCSIFFLAGS
, NULL
);
339 if (ifaddr_address_family(ifa
) != AF_INET
) {
343 inet_arp_init_ifaddr(ifp
, ifa
);
345 if (command
!= SIOCSIFADDR
) {
350 * Register new IP and MAC addresses with the kernel
351 * debugger if the interface is the same as was registered
352 * by IOKernelDebugger. If no interface was registered,
353 * fall back and just match against en0 interface.
354 * Do this only for the first address of the interface
355 * and not for aliases.
357 if ((kdp_get_interface() != 0 &&
358 kdp_get_interface() == ifp
->if_softc
) ||
359 (kdp_get_interface() == 0 && ifp
->if_unit
== 0)) {
360 kdp_set_ip_and_mac_addresses(&(IA_SIN(ifa
)->sin_addr
),
361 (struct ether_addr
*)IF_LLADDR(ifp
));
366 case SIOCGIFADDR
: { /* struct ifreq */
367 struct ifreq
*ifr
= data
;
368 ifnet_guarded_lladdr_copy_bytes(ifp
, ifr
->ifr_addr
.sa_data
,
382 ether_inet_event(ifnet_t ifp
, protocol_family_t protocol
,
383 const struct kev_msg
*event
)
385 #pragma unused(protocol)
388 if (event
->vendor_code
!= KEV_VENDOR_APPLE
||
389 event
->kev_class
!= KEV_NETWORK_CLASS
||
390 event
->kev_subclass
!= KEV_DL_SUBCLASS
||
391 event
->event_code
!= KEV_DL_LINK_ADDRESS_CHANGED
) {
395 if (ifnet_get_address_list_family(ifp
, &addresses
, AF_INET
) == 0) {
398 for (i
= 0; addresses
[i
] != NULL
; i
++) {
399 inet_arp_init_ifaddr(ifp
, addresses
[i
]);
402 ifnet_free_address_list(addresses
);
407 ether_inet_arp(ifnet_t ifp
, u_short arpop
, const struct sockaddr_dl
*sender_hw
,
408 const struct sockaddr
*sender_proto
, const struct sockaddr_dl
*target_hw
,
409 const struct sockaddr
*target_proto
)
413 struct ether_header
*eh
;
414 struct ether_arp
*ea
;
415 const struct sockaddr_in
*sender_ip
=
416 (const struct sockaddr_in
*)(uintptr_t)(size_t)sender_proto
;
417 const struct sockaddr_inarp
*target_ip
=
418 (const struct sockaddr_inarp
*)(uintptr_t)(size_t)target_proto
;
421 if (target_ip
== NULL
) {
425 if ((sender_ip
&& sender_ip
->sin_family
!= AF_INET
) ||
426 target_ip
->sin_family
!= AF_INET
) {
430 result
= mbuf_gethdr(MBUF_DONTWAIT
, MBUF_TYPE_DATA
, &m
);
435 mbuf_setlen(m
, sizeof(*ea
));
436 mbuf_pkthdr_setlen(m
, sizeof(*ea
));
438 /* Move the data pointer in the mbuf to the end, aligned to 4 bytes */
439 datap
= mbuf_datastart(m
);
440 datap
+= mbuf_trailingspace(m
);
441 datap
-= (((uintptr_t)datap
) & 0x3);
442 mbuf_setdata(m
, datap
, sizeof(*ea
));
446 * Prepend the ethernet header, we will send the raw frame;
447 * callee frees the original mbuf when allocation fails.
449 result
= mbuf_prepend(&m
, sizeof(*eh
), MBUF_DONTWAIT
);
455 eh
->ether_type
= htons(ETHERTYPE_ARP
);
457 /* Fill out the arp header */
458 ea
->arp_pro
= htons(ETHERTYPE_IP
);
459 ea
->arp_hln
= sizeof(ea
->arp_sha
);
460 ea
->arp_pln
= sizeof(ea
->arp_spa
);
461 ea
->arp_hrd
= htons(ARPHRD_ETHER
);
462 ea
->arp_op
= htons(arpop
);
464 /* Sender Hardware */
465 if (sender_hw
!= NULL
) {
466 bcopy(CONST_LLADDR(sender_hw
), ea
->arp_sha
,
467 sizeof(ea
->arp_sha
));
469 ifnet_lladdr_copy_bytes(ifp
, ea
->arp_sha
, ETHER_ADDR_LEN
);
471 ifnet_lladdr_copy_bytes(ifp
, eh
->ether_shost
, sizeof(eh
->ether_shost
));
474 if (sender_ip
!= NULL
) {
475 bcopy(&sender_ip
->sin_addr
, ea
->arp_spa
, sizeof(ea
->arp_spa
));
479 /* Look for an IP address to use as our source */
480 ifnet_lock_shared(ifp
);
481 TAILQ_FOREACH(ifa
, &ifp
->if_addrhead
, ifa_link
) {
483 if (ifa
->ifa_addr
!= NULL
&&
484 ifa
->ifa_addr
->sa_family
== AF_INET
) {
485 bcopy(&((struct sockaddr_in
*)(void *)
486 ifa
->ifa_addr
)->sin_addr
, ea
->arp_spa
,
487 sizeof(ea
->arp_spa
));
493 ifnet_lock_done(ifp
);
501 /* Target Hardware */
502 if (target_hw
== NULL
) {
503 bzero(ea
->arp_tha
, sizeof(ea
->arp_tha
));
504 bcopy(etherbroadcastaddr
, eh
->ether_dhost
,
505 sizeof(eh
->ether_dhost
));
506 m
->m_flags
|= M_BCAST
;
508 bcopy(CONST_LLADDR(target_hw
), ea
->arp_tha
,
509 sizeof(ea
->arp_tha
));
510 bcopy(CONST_LLADDR(target_hw
), eh
->ether_dhost
,
511 sizeof(eh
->ether_dhost
));
513 if (bcmp(eh
->ether_dhost
, etherbroadcastaddr
,
514 ETHER_ADDR_LEN
) == 0) {
515 m
->m_flags
|= M_BCAST
;
520 bcopy(&target_ip
->sin_addr
, ea
->arp_tpa
, sizeof(ea
->arp_tpa
));
523 * PKTF_{INET,INET6}_RESOLVE_RTR are mutually exclusive, so make
524 * sure only one of them is set (just in case.)
526 m
->m_pkthdr
.pkt_flags
&= ~(PKTF_INET6_RESOLVE
| PKTF_RESOLVE_RTR
);
527 m
->m_pkthdr
.pkt_flags
|= PKTF_INET_RESOLVE
;
529 * If this is an ARP request for a (default) router, mark
530 * the packet accordingly so that the driver can find out,
531 * in case it needs to perform driver-specific action(s).
533 if (arpop
== ARPOP_REQUEST
&& (target_ip
->sin_other
& SIN_ROUTER
)) {
534 m
->m_pkthdr
.pkt_flags
|= PKTF_RESOLVE_RTR
;
537 if (ifp
->if_eflags
& IFEF_TXSTART
) {
539 * Use control service class if the interface
540 * supports transmit-start model
542 (void) m_set_service_class(m
, MBUF_SC_CTL
);
545 ifnet_output_raw(ifp
, PF_INET
, m
);
551 ether_attach_inet(struct ifnet
*ifp
, protocol_family_t proto_family
)
553 #pragma unused(proto_family)
554 struct ifnet_attach_proto_param_v2 proto
;
555 struct ifnet_demux_desc demux
[2];
556 u_short en_native
= htons(ETHERTYPE_IP
);
557 u_short arp_native
= htons(ETHERTYPE_ARP
);
560 bzero(&demux
[0], sizeof(demux
));
561 demux
[0].type
= DLIL_DESC_ETYPE2
;
562 demux
[0].data
= &en_native
;
563 demux
[0].datalen
= sizeof(en_native
);
564 demux
[1].type
= DLIL_DESC_ETYPE2
;
565 demux
[1].data
= &arp_native
;
566 demux
[1].datalen
= sizeof(arp_native
);
568 bzero(&proto
, sizeof(proto
));
569 proto
.demux_list
= demux
;
570 proto
.demux_count
= sizeof(demux
) / sizeof(demux
[0]);
571 proto
.input
= ether_inet_input
;
572 proto
.pre_output
= ether_inet_pre_output
;
573 proto
.ioctl
= ether_inet_prmod_ioctl
;
574 proto
.event
= ether_inet_event
;
575 proto
.resolve
= ether_inet_resolve_multi
;
576 proto
.send_arp
= ether_inet_arp
;
578 error
= ifnet_attach_protocol_v2(ifp
, proto_family
, &proto
);
579 if (error
&& error
!= EEXIST
) {
580 printf("WARNING: %s can't attach ip to %s\n", __func__
,
587 ether_detach_inet(struct ifnet
*ifp
, protocol_family_t proto_family
)
589 (void) ifnet_detach_protocol(ifp
, proto_family
);