]> git.saurik.com Git - apple/xnu.git/blobdiff - bsd/net/if.c
projects / apple / xnu.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
xnu-7195.101.1.tar.gz
[apple/xnu.git] / bsd / net / if.c
diff --git a/bsd/net/if.c b/bsd/net/if.c
index 57d48d21c671d98c62d5eeed21edb39ef65aeff1..6cc232bc665efb53f75bb90edef38978ab3a14af 100644 (file)
--- a/bsd/net/if.c
+++ b/bsd/net/if.c
@@ -1,5 +1,5 @@
 /*
 /*
- * Copyright (c) 2000-2015 Apple Inc. All rights reserved.
+ * Copyright (c) 2000-2020 Apple Inc. All rights reserved.
  *
  * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
  *
  *
  * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
  *
@@ -85,6 +85,7 @@
 #include <sys/kauth.h>
 #include <sys/priv.h>
 #include <kern/zalloc.h>
 #include <sys/kauth.h>
 #include <sys/priv.h>
 #include <kern/zalloc.h>
+#include <mach/boolean.h>
 
 #include <machine/endian.h>
 
 
 #include <machine/endian.h>
 
@@ -95,42 +96,39 @@
 #include <net/if_dl.h>
 #include <net/if_types.h>
 #include <net/if_var.h>
 #include <net/if_dl.h>
 #include <net/if_types.h>
 #include <net/if_var.h>
+#include <net/if_media.h>
 #include <net/if_ppp.h>
 #include <net/ethernet.h>
 #include <net/network_agent.h>
 #include <net/if_ppp.h>
 #include <net/ethernet.h>
 #include <net/network_agent.h>
-
+#include <net/pktsched/pktsched_netem.h>
 #include <net/radix.h>
 #include <net/route.h>
 #include <net/dlil.h>
 #include <net/radix.h>
 #include <net/route.h>
 #include <net/dlil.h>
+#include <net/nwk_wq.h>
+
 #include <sys/domain.h>
 #include <libkern/OSAtomic.h>
 
 #include <sys/domain.h>
 #include <libkern/OSAtomic.h>
 
-#if INET || INET6
-/*XXX*/
+#if INET
 #include <netinet/in.h>
 #include <netinet/in_var.h>
 #include <netinet/in.h>
 #include <netinet/in_var.h>
+#include <netinet/in_tclass.h>
 #include <netinet/ip_var.h>
 #include <netinet/ip_var.h>
+#include <netinet/ip.h>
 #include <netinet/ip6.h>
 #include <netinet/ip_var.h>
 #include <netinet/tcp.h>
 #include <netinet/tcp_var.h>
 #include <netinet/udp.h>
 #include <netinet/udp_var.h>
 #include <netinet/ip6.h>
 #include <netinet/ip_var.h>
 #include <netinet/tcp.h>
 #include <netinet/tcp_var.h>
 #include <netinet/udp.h>
 #include <netinet/udp_var.h>
-#if INET6
 #include <netinet6/in6_var.h>
 #include <netinet6/in6_ifattach.h>
 #include <netinet6/ip6_var.h>
 #include <netinet6/nd6.h>
 #include <netinet6/in6_var.h>
 #include <netinet6/in6_ifattach.h>
 #include <netinet6/ip6_var.h>
 #include <netinet6/nd6.h>
-#endif /* INET6 */
-#endif /* INET || INET6 */
+#endif /* INET */
 
 
-#if CONFIG_MACF_NET
-#include <security/mac_framework.h>
-#endif
 
 
-#if PF_ALTQ
-#include <net/altq/if_altq.h>
-#endif /* !PF_ALTQ */
+#include <os/log.h>
 
 /*
  * System initialization
 
 /*
  * System initialization
@@ -139,14 +137,15 @@
 extern char *proc_name_address(void *);
 
 /* Lock group and attribute for ifaddr lock */
 extern char *proc_name_address(void *);
 
 /* Lock group and attribute for ifaddr lock */
-lck_attr_t     *ifa_mtx_attr;
-lck_grp_t      *ifa_mtx_grp;
-static lck_grp_attr_t  *ifa_mtx_grp_attr;
+lck_attr_t      *ifa_mtx_attr;
+lck_grp_t       *ifa_mtx_grp;
+static lck_grp_attr_t   *ifa_mtx_grp_attr;
 
 static int ifioctl_ifreq(struct socket *, u_long, struct ifreq *,
     struct proc *);
 static int ifioctl_ifconf(u_long, caddr_t);
 static int ifioctl_ifclone(u_long, caddr_t);
 
 static int ifioctl_ifreq(struct socket *, u_long, struct ifreq *,
     struct proc *);
 static int ifioctl_ifconf(u_long, caddr_t);
 static int ifioctl_ifclone(u_long, caddr_t);
+static int ifioctl_iforder(u_long, caddr_t);
 static int ifioctl_ifdesc(struct ifnet *, u_long, caddr_t, struct proc *);
 static int ifioctl_linkparams(struct ifnet *, u_long, caddr_t, struct proc *);
 static int ifioctl_qstats(struct ifnet *, u_long, caddr_t);
 static int ifioctl_ifdesc(struct ifnet *, u_long, caddr_t, struct proc *);
 static int ifioctl_linkparams(struct ifnet *, u_long, caddr_t, struct proc *);
 static int ifioctl_qstats(struct ifnet *, u_long, caddr_t);
@@ -160,6 +159,7 @@ static int if_addmulti_common(struct ifnet *, const struct sockaddr *,
     struct ifmultiaddr **, int);
 static int if_delmulti_common(struct ifmultiaddr *, struct ifnet *,
     const struct sockaddr *, int);
     struct ifmultiaddr **, int);
 static int if_delmulti_common(struct ifmultiaddr *, struct ifnet *,
     const struct sockaddr *, int);
+static struct ifnet *ifunit_common(const char *, boolean_t);
 
 static int if_rtmtu(struct radix_node *, void *);
 static void if_rtmtu_update(struct ifnet *);
 
 static int if_rtmtu(struct radix_node *, void *);
 static void if_rtmtu_update(struct ifnet *);
@@ -168,9 +168,13 @@ static int if_clone_list(int, int *, user_addr_t);
 
 MALLOC_DEFINE(M_IFADDR, "ifaddr", "interface address");
 
 
 MALLOC_DEFINE(M_IFADDR, "ifaddr", "interface address");
 
-struct ifnethead ifnet_head = TAILQ_HEAD_INITIALIZER(ifnet_head);
+struct  ifnethead ifnet_head = TAILQ_HEAD_INITIALIZER(ifnet_head);
+
+/* ifnet_ordered_head and if_ordered_count are protected by the ifnet_head lock */
+struct  ifnethead ifnet_ordered_head = TAILQ_HEAD_INITIALIZER(ifnet_ordered_head);
+static  u_int32_t if_ordered_count = 0;
 
 
-static int     if_cloners_count;
+static int      if_cloners_count;
 LIST_HEAD(, if_clone) if_cloners = LIST_HEAD_INITIALIZER(if_cloners);
 
 static struct ifaddr *ifa_ifwithnet_common(const struct sockaddr *,
 LIST_HEAD(, if_clone) if_cloners = LIST_HEAD_INITIALIZER(if_cloners);
 
 static struct ifaddr *ifa_ifwithnet_common(const struct sockaddr *,
@@ -186,27 +190,27 @@ static void ifma_free(struct ifmultiaddr *);
 static void ifma_trace(struct ifmultiaddr *, int);
 
 #if DEBUG
 static void ifma_trace(struct ifmultiaddr *, int);
 
 #if DEBUG
-static unsigned int ifma_debug = 1;    /* debugging (enabled) */
+static unsigned int ifma_debug = 1;     /* debugging (enabled) */
 #else
 #else
-static unsigned int ifma_debug;                /* debugging (disabled) */
+static unsigned int ifma_debug;         /* debugging (disabled) */
 #endif /* !DEBUG */
 #endif /* !DEBUG */
-static unsigned int ifma_size;         /* size of zone element */
-static struct zone *ifma_zone;         /* zone for ifmultiaddr */
+static unsigned int ifma_size;          /* size of zone element */
+static struct zone *ifma_zone;          /* zone for ifmultiaddr */
 
 
-#define        IFMA_TRACE_HIST_SIZE    32      /* size of trace history */
+#define IFMA_TRACE_HIST_SIZE    32      /* size of trace history */
 
 /* For gdb */
 __private_extern__ unsigned int ifma_trace_hist_size = IFMA_TRACE_HIST_SIZE;
 
 struct ifmultiaddr_dbg {
 
 /* For gdb */
 __private_extern__ unsigned int ifma_trace_hist_size = IFMA_TRACE_HIST_SIZE;
 
 struct ifmultiaddr_dbg {
-       struct ifmultiaddr      ifma;                   /* ifmultiaddr */
-       u_int16_t               ifma_refhold_cnt;       /* # of ref */
-       u_int16_t               ifma_refrele_cnt;       /* # of rele */
+       struct ifmultiaddr      ifma;                   /* ifmultiaddr */
+       u_int16_t               ifma_refhold_cnt;       /* # of ref */
+       u_int16_t               ifma_refrele_cnt;       /* # of rele */
        /*
         * Circular lists of IFA_ADDREF and IFA_REMREF callers.
         */
        /*
         * Circular lists of IFA_ADDREF and IFA_REMREF callers.
         */
-       ctrace_t                ifma_refhold[IFMA_TRACE_HIST_SIZE];
-       ctrace_t                ifma_refrele[IFMA_TRACE_HIST_SIZE];
+       ctrace_t                ifma_refhold[IFMA_TRACE_HIST_SIZE];
+       ctrace_t                ifma_refrele[IFMA_TRACE_HIST_SIZE];
        /*
         * Trash list linkage
         */
        /*
         * Trash list linkage
         */
@@ -217,21 +221,19 @@ struct ifmultiaddr_dbg {
 static TAILQ_HEAD(, ifmultiaddr_dbg) ifma_trash_head;
 static decl_lck_mtx_data(, ifma_trash_lock);
 
 static TAILQ_HEAD(, ifmultiaddr_dbg) ifma_trash_head;
 static decl_lck_mtx_data(, ifma_trash_lock);
 
-#define        IFMA_ZONE_MAX           64              /* maximum elements in zone */
-#define        IFMA_ZONE_NAME          "ifmultiaddr"   /* zone name */
+#define IFMA_ZONE_MAX           64              /* maximum elements in zone */
+#define IFMA_ZONE_NAME          "ifmultiaddr"   /* zone name */
 
 
-#if INET6
 /*
  * XXX: declare here to avoid to include many inet6 related files..
  * should be more generalized?
  */
 /*
  * XXX: declare here to avoid to include many inet6 related files..
  * should be more generalized?
  */
-extern void    nd6_setmtu(struct ifnet *);
+extern void     nd6_setmtu(struct ifnet *);
 extern lck_mtx_t *nd6_mutex;
 extern lck_mtx_t *nd6_mutex;
-#endif
 
 
-SYSCTL_NODE(_net, PF_LINK, link, CTLFLAG_RW|CTLFLAG_LOCKED, 0, "Link layers");
-SYSCTL_NODE(_net_link, 0, generic, CTLFLAG_RW|CTLFLAG_LOCKED, 0,
-       "Generic link-management");
+SYSCTL_NODE(_net, PF_LINK, link, CTLFLAG_RW | CTLFLAG_LOCKED, 0, "Link layers");
+SYSCTL_NODE(_net_link, 0, generic, CTLFLAG_RW | CTLFLAG_LOCKED, 0,
+    "Generic link-management");
 
 SYSCTL_DECL(_net_link_generic_system);
 
 
 SYSCTL_DECL(_net_link_generic_system);
 
@@ -239,6 +241,57 @@ static uint32_t if_verbose = 0;
 SYSCTL_INT(_net_link_generic_system, OID_AUTO, if_verbose,
     CTLFLAG_RW | CTLFLAG_LOCKED, &if_verbose, 0, "");
 
 SYSCTL_INT(_net_link_generic_system, OID_AUTO, if_verbose,
     CTLFLAG_RW | CTLFLAG_LOCKED, &if_verbose, 0, "");
 
+#if (DEBUG || DEVELOPMENT)
+static uint32_t default_tcp_kao_max = 0;
+SYSCTL_INT(_net_link_generic_system, OID_AUTO, default_tcp_kao_max,
+    CTLFLAG_RW | CTLFLAG_LOCKED, &default_tcp_kao_max, 0, "");
+#else
+static const uint32_t default_tcp_kao_max = 0;
+#endif /* (DEBUG || DEVELOPMENT) */
+
+u_int32_t companion_link_sock_buffer_limit = 0;
+
+static int
+sysctl_set_companion_link_sock_buf_limit SYSCTL_HANDLER_ARGS
+{
+#pragma unused(arg1, arg2)
+       int error, tmp = companion_link_sock_buffer_limit;
+       error = sysctl_handle_int(oidp, &tmp, 0, req);
+       if (tmp < 0) {
+               return EINVAL;
+       }
+       if ((error = priv_check_cred(kauth_cred_get(),
+           PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+               return error;
+       }
+
+       u_int32_t new_limit = tmp;
+       if (new_limit == companion_link_sock_buffer_limit) {
+               return 0;
+       }
+
+       bool recover = new_limit == 0 ? true : false;
+       if (recover) {
+               error = inp_recover_companion_link(&tcbinfo);
+       } else {
+               error = inp_limit_companion_link(&tcbinfo, new_limit);
+       }
+       if (!error) {
+               companion_link_sock_buffer_limit = new_limit;
+       }
+       return error;
+}
+
+SYSCTL_PROC(_net_link_generic_system, OID_AUTO, companion_sndbuf_limit,
+    CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_LOCKED | CTLFLAG_ANYBODY,
+    &companion_link_sock_buffer_limit, 0, sysctl_set_companion_link_sock_buf_limit,
+    "I", "set sock send buffer limit of connections using companion links");
+
+boolean_t intcoproc_unrestricted;
+
+/* Eventhandler context for interface events */
+struct eventhandler_lists_ctxt ifnet_evhdlr_ctxt;
+
 void
 ifa_init(void)
 {
 void
 ifa_init(void)
 {
@@ -247,22 +300,17 @@ ifa_init(void)
        ifa_mtx_grp = lck_grp_alloc_init("ifaddr", ifa_mtx_grp_attr);
        ifa_mtx_attr = lck_attr_alloc_init();
 
        ifa_mtx_grp = lck_grp_alloc_init("ifaddr", ifa_mtx_grp_attr);
        ifa_mtx_attr = lck_attr_alloc_init();
 
-       PE_parse_boot_argn("ifa_debug", &ifma_debug, sizeof (ifma_debug));
+       PE_parse_boot_argn("ifa_debug", &ifma_debug, sizeof(ifma_debug));
 
 
-       ifma_size = (ifma_debug == 0) ? sizeof (struct ifmultiaddr) :
-           sizeof (struct ifmultiaddr_dbg);
-
-       ifma_zone = zinit(ifma_size, IFMA_ZONE_MAX * ifma_size, 0,
-           IFMA_ZONE_NAME);
-       if (ifma_zone == NULL) {
-               panic("%s: failed allocating %s", __func__, IFMA_ZONE_NAME);
-               /* NOTREACHED */
-       }
-       zone_change(ifma_zone, Z_EXPAND, TRUE);
-       zone_change(ifma_zone, Z_CALLERACCT, FALSE);
+       ifma_size = (ifma_debug == 0) ? sizeof(struct ifmultiaddr) :
+           sizeof(struct ifmultiaddr_dbg);
 
 
+       ifma_zone = zone_create(IFMA_ZONE_NAME, ifma_size, ZC_NONE);
        lck_mtx_init(&ifma_trash_lock, ifa_mtx_grp, ifa_mtx_attr);
        TAILQ_INIT(&ifma_trash_head);
        lck_mtx_init(&ifma_trash_lock, ifa_mtx_grp, ifa_mtx_attr);
        TAILQ_INIT(&ifma_trash_head);
+
+       PE_parse_boot_argn("intcoproc_unrestricted", &intcoproc_unrestricted,
+           sizeof(intcoproc_unrestricted));
 }
 
 /*
 }
 
 /*
@@ -311,13 +359,16 @@ if_attach_ifa_common(struct ifnet *ifp, struct ifaddr *ifa, int link)
        }
        IFA_ADDREF_LOCKED(ifa);
        ifa->ifa_debug |= IFD_ATTACHED;
        }
        IFA_ADDREF_LOCKED(ifa);
        ifa->ifa_debug |= IFD_ATTACHED;
-       if (link)
+       if (link) {
                TAILQ_INSERT_HEAD(&ifp->if_addrhead, ifa, ifa_link);
                TAILQ_INSERT_HEAD(&ifp->if_addrhead, ifa, ifa_link);
-       else
+       } else {
                TAILQ_INSERT_TAIL(&ifp->if_addrhead, ifa, ifa_link);
                TAILQ_INSERT_TAIL(&ifp->if_addrhead, ifa, ifa_link);
+       }
 
 
-       if (ifa->ifa_attached != NULL)
+       if (ifa->ifa_attached != NULL) {
                (*ifa->ifa_attached)(ifa);
                (*ifa->ifa_attached)(ifa);
+       }
+
 }
 
 __private_extern__ void
 }
 
 __private_extern__ void
@@ -358,8 +409,9 @@ if_detach_ifa_common(struct ifnet *ifp, struct ifaddr *ifa, int link)
        } else if (ifa->ifa_debug & IFD_DEBUG) {
                struct ifaddr *ifa2;
                TAILQ_FOREACH(ifa2, &ifp->if_addrhead, ifa_link) {
        } else if (ifa->ifa_debug & IFD_DEBUG) {
                struct ifaddr *ifa2;
                TAILQ_FOREACH(ifa2, &ifp->if_addrhead, ifa_link) {
-                       if (ifa2 == ifa)
+                       if (ifa2 == ifa) {
                                break;
                                break;
+                       }
                }
                if (ifa2 != ifa) {
                        panic("%s: Attempt to detach a stray address ifa=%p",
                }
                if (ifa2 != ifa) {
                        panic("%s: Attempt to detach a stray address ifa=%p",
@@ -375,17 +427,19 @@ if_detach_ifa_common(struct ifnet *ifp, struct ifaddr *ifa, int link)
        }
        ifa->ifa_debug &= ~IFD_ATTACHED;
 
        }
        ifa->ifa_debug &= ~IFD_ATTACHED;
 
-       if (ifa->ifa_detached != NULL)
+       if (ifa->ifa_detached != NULL) {
                (*ifa->ifa_detached)(ifa);
                (*ifa->ifa_detached)(ifa);
+       }
+
 }
 
 }
 
-#define INITIAL_IF_INDEXLIM    8
+#define INITIAL_IF_INDEXLIM     8
 
 /*
  * Function: if_next_index
  * Purpose:
 
 /*
  * Function: if_next_index
  * Purpose:
- *   Return the next available interface index.  
- *   Grow the ifnet_addrs[] and ifindex2ifnet[] arrays to accomodate the 
+ *   Return the next available interface index.
+ *   Grow the ifnet_addrs[] and ifindex2ifnet[] arrays to accomodate the
  *   added entry when necessary.
  *
  * Note:
  *   added entry when necessary.
  *
  * Note:
@@ -399,16 +453,16 @@ int if_next_index(void);
 __private_extern__ int
 if_next_index(void)
 {
 __private_extern__ int
 if_next_index(void)
 {
-       static int      if_indexlim = 0;
-       int             new_index;
+       static int      if_indexlim = 0;
+       int             new_index;
 
        new_index = ++if_index;
        if (if_index > if_indexlim) {
 
        new_index = ++if_index;
        if (if_index > if_indexlim) {
-               unsigned        n;
-               int             new_if_indexlim;
-               caddr_t         new_ifnet_addrs;
-               caddr_t         new_ifindex2ifnet;
-               caddr_t         old_ifnet_addrs;
+               unsigned        n;
+               int             new_if_indexlim;
+               caddr_t         new_ifnet_addrs;
+               caddr_t         new_ifindex2ifnet;
+               caddr_t         old_ifnet_addrs;
 
                old_ifnet_addrs = (caddr_t)ifnet_addrs;
                if (ifnet_addrs == NULL) {
 
                old_ifnet_addrs = (caddr_t)ifnet_addrs;
                if (ifnet_addrs == NULL) {
@@ -425,15 +479,15 @@ if_next_index(void)
                        return -1;
                }
 
                        return -1;
                }
 
-               new_ifindex2ifnet = new_ifnet_addrs 
-                       + new_if_indexlim * sizeof(caddr_t);
+               new_ifindex2ifnet = new_ifnet_addrs
+                   + new_if_indexlim * sizeof(caddr_t);
                if (ifnet_addrs != NULL) {
                        /* copy the existing data */
                        bcopy((caddr_t)ifnet_addrs, new_ifnet_addrs,
                if (ifnet_addrs != NULL) {
                        /* copy the existing data */
                        bcopy((caddr_t)ifnet_addrs, new_ifnet_addrs,
-                             if_indexlim * sizeof(caddr_t));
+                           if_indexlim * sizeof(caddr_t));
                        bcopy((caddr_t)ifindex2ifnet,
                        bcopy((caddr_t)ifindex2ifnet,
-                             new_ifindex2ifnet,
-                             (if_indexlim + 1) * sizeof(caddr_t));
+                           new_ifindex2ifnet,
+                           (if_indexlim + 1) * sizeof(caddr_t));
                }
 
                /* switch to the new tables and size */
                }
 
                /* switch to the new tables and size */
@@ -446,7 +500,7 @@ if_next_index(void)
                        _FREE((caddr_t)old_ifnet_addrs, M_IFADDR);
                }
        }
                        _FREE((caddr_t)old_ifnet_addrs, M_IFADDR);
                }
        }
-       return (new_index);
+       return new_index;
 }
 
 /*
 }
 
 /*
@@ -463,11 +517,13 @@ if_clone_create(char *name, int len, void *params)
        int err;
 
        ifc = if_clone_lookup(name, &unit);
        int err;
 
        ifc = if_clone_lookup(name, &unit);
-       if (ifc == NULL)
-               return (EINVAL);
+       if (ifc == NULL) {
+               return EINVAL;
+       }
 
 
-       if (ifunit(name) != NULL)
-               return (EEXIST);
+       if (ifunit(name) != NULL) {
+               return EEXIST;
+       }
 
        bytoff = bitoff = 0;
        wildcard = (unit == UINT32_MAX);
 
        bytoff = bitoff = 0;
        wildcard = (unit == UINT32_MAX);
@@ -475,22 +531,29 @@ if_clone_create(char *name, int len, void *params)
         * Find a free unit if none was given.
         */
        if (wildcard) {
         * Find a free unit if none was given.
         */
        if (wildcard) {
-               while ((bytoff < ifc->ifc_bmlen)
-                   && (ifc->ifc_units[bytoff] == 0xff))
+               while ((bytoff < ifc->ifc_bmlen) &&
+                   (ifc->ifc_units[bytoff] == 0xff)) {
                        bytoff++;
                        bytoff++;
-               if (bytoff >= ifc->ifc_bmlen)
-                       return (ENOSPC);
-               while ((ifc->ifc_units[bytoff] & (1 << bitoff)) != 0)
+               }
+               if (bytoff >= ifc->ifc_bmlen) {
+                       return ENOSPC;
+               }
+               while ((ifc->ifc_units[bytoff] & (1 << bitoff)) != 0) {
                        bitoff++;
                        bitoff++;
+               }
                unit = (bytoff << 3) + bitoff;
        }
 
                unit = (bytoff << 3) + bitoff;
        }
 
-       if (unit > ifc->ifc_maxunit)
-               return (ENXIO);
+       if (unit > ifc->ifc_maxunit) {
+               return ENXIO;
+       }
 
 
+       lck_mtx_lock(&ifc->ifc_mutex);
        err = (*ifc->ifc_create)(ifc, unit, params);
        err = (*ifc->ifc_create)(ifc, unit, params);
-       if (err != 0)
-               return (err);
+       if (err != 0) {
+               lck_mtx_unlock(&ifc->ifc_mutex);
+               return err;
+       }
 
        if (!wildcard) {
                bytoff = unit >> 3;
 
        if (!wildcard) {
                bytoff = unit >> 3;
@@ -506,9 +569,11 @@ if_clone_create(char *name, int len, void *params)
 
        /* In the wildcard case, we need to update the name. */
        if (wildcard) {
 
        /* In the wildcard case, we need to update the name. */
        if (wildcard) {
-               for (dp = name; *dp != '\0'; dp++);
-               if (snprintf(dp, len - (dp-name), "%d", unit) >
-                   len - (dp-name) - 1) {
+               for (dp = name; *dp != '\0'; dp++) {
+                       ;
+               }
+               if (snprintf(dp, len - (dp - name), "%d", unit) >
+                   len - (dp - name) - 1) {
                        /*
                         * This can only be a programmer error and
                         * there's no straightforward way to recover if
                        /*
                         * This can only be a programmer error and
                         * there's no straightforward way to recover if
@@ -517,10 +582,10 @@ if_clone_create(char *name, int len, void *params)
                        panic("%s: interface name too long", __func__);
                        /* NOTREACHED */
                }
                        panic("%s: interface name too long", __func__);
                        /* NOTREACHED */
                }
-
        }
        }
+       lck_mtx_unlock(&ifc->ifc_mutex);
 
 
-       return (0);
+       return 0;
 }
 
 /*
 }
 
 /*
@@ -529,36 +594,56 @@ if_clone_create(char *name, int len, void *params)
 static int
 if_clone_destroy(const char *name)
 {
 static int
 if_clone_destroy(const char *name)
 {
-       struct if_clone *ifc;
-       struct ifnet *ifp;
+       struct if_clone *ifc = NULL;
+       struct ifnet *ifp = NULL;
        int bytoff, bitoff;
        u_int32_t unit;
        int bytoff, bitoff;
        u_int32_t unit;
+       int error = 0;
 
        ifc = if_clone_lookup(name, &unit);
 
        ifc = if_clone_lookup(name, &unit);
-       if (ifc == NULL)
-               return (EINVAL);
 
 
-       if (unit < ifc->ifc_minifs)
-               return (EINVAL);
+       if (ifc == NULL) {
+               error = EINVAL;
+               goto done;
+       }
+
+       if (unit < ifc->ifc_minifs) {
+               error = EINVAL;
+               goto done;
+       }
 
 
-       ifp = ifunit(name);
-       if (ifp == NULL)
-               return (ENXIO);
+       ifp = ifunit_ref(name);
+       if (ifp == NULL) {
+               error = ENXIO;
+               goto done;
+       }
 
 
-       if (ifc->ifc_destroy == NULL)
-               return (EOPNOTSUPP);
+       if (ifc->ifc_destroy == NULL) {
+               error = EOPNOTSUPP;
+               goto done;
+       }
 
 
-       (*ifc->ifc_destroy)(ifp);
+       lck_mtx_lock(&ifc->ifc_mutex);
+       error = (*ifc->ifc_destroy)(ifp);
 
 
-       /*
-        * Compute offset in the bitmap and deallocate the unit.
-        */
+       if (error) {
+               lck_mtx_unlock(&ifc->ifc_mutex);
+               goto done;
+       }
+
+       /* Compute offset in the bitmap and deallocate the unit. */
        bytoff = unit >> 3;
        bitoff = unit - (bytoff << 3);
        KASSERT((ifc->ifc_units[bytoff] & (1 << bitoff)) != 0,
            ("%s: bit is already cleared", __func__));
        ifc->ifc_units[bytoff] &= ~(1 << bitoff);
        bytoff = unit >> 3;
        bitoff = unit - (bytoff << 3);
        KASSERT((ifc->ifc_units[bytoff] & (1 << bitoff)) != 0,
            ("%s: bit is already cleared", __func__));
        ifc->ifc_units[bytoff] &= ~(1 << bitoff);
-       return (0);
+       lck_mtx_unlock(&ifc->ifc_mutex);
+
+done:
+       if (ifp != NULL) {
+               ifnet_decr_iorefcnt(ifp);
+       }
+       return error;
 }
 
 /*
 }
 
 /*
@@ -574,33 +659,58 @@ if_clone_lookup(const char *name, u_int32_t *unitp)
 
        for (ifc = LIST_FIRST(&if_cloners); ifc != NULL;) {
                for (cp = name, i = 0; i < ifc->ifc_namelen; i++, cp++) {
 
        for (ifc = LIST_FIRST(&if_cloners); ifc != NULL;) {
                for (cp = name, i = 0; i < ifc->ifc_namelen; i++, cp++) {
-                       if (ifc->ifc_name[i] != *cp)
+                       if (ifc->ifc_name[i] != *cp) {
                                goto next_ifc;
                                goto next_ifc;
+                       }
                }
                goto found_name;
                }
                goto found_name;
- next_ifc:
+next_ifc:
                ifc = LIST_NEXT(ifc, ifc_list);
        }
 
        /* No match. */
                ifc = LIST_NEXT(ifc, ifc_list);
        }
 
        /* No match. */
-       return ((struct if_clone *)NULL);
+       return (struct if_clone *)NULL;
 
 
- found_name:
+found_name:
        if (*cp == '\0') {
                i = UINT32_MAX;
        } else {
                for (i = 0; *cp != '\0'; cp++) {
                        if (*cp < '0' || *cp > '9') {
                                /* Bogus unit number. */
        if (*cp == '\0') {
                i = UINT32_MAX;
        } else {
                for (i = 0; *cp != '\0'; cp++) {
                        if (*cp < '0' || *cp > '9') {
                                /* Bogus unit number. */
-                               return (NULL);
+                               return NULL;
                        }
                        i = (i * 10) + (*cp - '0');
                }
        }
 
                        }
                        i = (i * 10) + (*cp - '0');
                }
        }
 
-       if (unitp != NULL)
+       if (unitp != NULL) {
                *unitp = i;
                *unitp = i;
-       return (ifc);
+       }
+       return ifc;
+}
+
+void *
+if_clone_softc_allocate(const struct if_clone *ifc)
+{
+       void *p_clone = NULL;
+
+       VERIFY(ifc != NULL);
+
+       p_clone = zalloc(ifc->ifc_zone);
+       if (p_clone != NULL) {
+               bzero(p_clone, ifc->ifc_softc_size);
+       }
+
+       return p_clone;
+}
+
+void
+if_clone_softc_deallocate(const struct if_clone *ifc, void *p_softc)
+{
+       VERIFY(ifc != NULL && p_softc != NULL);
+       bzero(p_softc, ifc->ifc_softc_size);
+       zfree(ifc->ifc_zone, p_softc);
 }
 
 /*
 }
 
 /*
@@ -623,12 +733,20 @@ if_clone_attach(struct if_clone *ifc)
         */
        maxclone = ifc->ifc_maxunit + 1;
        len = maxclone >> 3;
         */
        maxclone = ifc->ifc_maxunit + 1;
        len = maxclone >> 3;
-       if ((len << 3) < maxclone)
+       if ((len << 3) < maxclone) {
                len++;
                len++;
+       }
        ifc->ifc_units = _MALLOC(len, M_CLONE, M_WAITOK | M_ZERO);
        ifc->ifc_units = _MALLOC(len, M_CLONE, M_WAITOK | M_ZERO);
-       if (ifc->ifc_units == NULL)
+       if (ifc->ifc_units == NULL) {
                return ENOBUFS;
                return ENOBUFS;
+       }
        ifc->ifc_bmlen = len;
        ifc->ifc_bmlen = len;
+       lck_mtx_init(&ifc->ifc_mutex, ifnet_lock_group, ifnet_lock_attr);
+
+       if (ifc->ifc_softc_size != 0) {
+               ifc->ifc_zone = zone_create(ifc->ifc_name, ifc->ifc_softc_size,
+                   ZC_DESTRUCTIBLE);
+       }
 
        LIST_INSERT_HEAD(&if_cloners, ifc, ifc_list);
        if_cloners_count++;
 
        LIST_INSERT_HEAD(&if_cloners, ifc, ifc_list);
        if_cloners_count++;
@@ -656,6 +774,11 @@ if_clone_detach(struct if_clone *ifc)
 {
        LIST_REMOVE(ifc, ifc_list);
        FREE(ifc->ifc_units, M_CLONE);
 {
        LIST_REMOVE(ifc, ifc_list);
        FREE(ifc->ifc_units, M_CLONE);
+       if (ifc->ifc_softc_size != 0) {
+               zdestroy(ifc->ifc_zone);
+       }
+
+       lck_mtx_destroy(&ifc->ifc_mutex, ifnet_lock_group);
        if_cloners_count--;
 }
 
        if_cloners_count--;
 }
 
@@ -672,40 +795,59 @@ if_clone_list(int count, int *ret_total, user_addr_t dst)
        *ret_total = if_cloners_count;
        if (dst == USER_ADDR_NULL) {
                /* Just asking how many there are. */
        *ret_total = if_cloners_count;
        if (dst == USER_ADDR_NULL) {
                /* Just asking how many there are. */
-               return (0);
+               return 0;
        }
 
        }
 
-       if (count < 0)
-               return (EINVAL);
+       if (count < 0) {
+               return EINVAL;
+       }
 
        count = (if_cloners_count < count) ? if_cloners_count : count;
 
        for (ifc = LIST_FIRST(&if_cloners); ifc != NULL && count != 0;
 
        count = (if_cloners_count < count) ? if_cloners_count : count;
 
        for (ifc = LIST_FIRST(&if_cloners); ifc != NULL && count != 0;
-            ifc = LIST_NEXT(ifc, ifc_list), count--, dst += IFNAMSIZ) {
+           ifc = LIST_NEXT(ifc, ifc_list), count--, dst += IFNAMSIZ) {
+               bzero(outbuf, sizeof(outbuf));
                strlcpy(outbuf, ifc->ifc_name, IFNAMSIZ);
                error = copyout(outbuf, dst, IFNAMSIZ);
                strlcpy(outbuf, ifc->ifc_name, IFNAMSIZ);
                error = copyout(outbuf, dst, IFNAMSIZ);
-               if (error)
+               if (error) {
                        break;
                        break;
+               }
        }
 
        }
 
-       return (error);
+       return error;
 }
 
 u_int32_t
 }
 
 u_int32_t
-if_functional_type(struct ifnet *ifp)
+if_functional_type(struct ifnet *ifp, bool exclude_delegate)
 {
        u_int32_t ret = IFRTYPE_FUNCTIONAL_UNKNOWN;
 {
        u_int32_t ret = IFRTYPE_FUNCTIONAL_UNKNOWN;
+
        if (ifp != NULL) {
                if (ifp->if_flags & IFF_LOOPBACK) {
                        ret = IFRTYPE_FUNCTIONAL_LOOPBACK;
        if (ifp != NULL) {
                if (ifp->if_flags & IFF_LOOPBACK) {
                        ret = IFRTYPE_FUNCTIONAL_LOOPBACK;
-               } else if (IFNET_IS_WIFI(ifp)) {
-                       if (ifp->if_eflags & IFEF_AWDL)
+               } else if (IFNET_IS_COMPANION_LINK(ifp)) {
+                       ret = IFRTYPE_FUNCTIONAL_COMPANIONLINK;
+               } else if ((exclude_delegate &&
+                   (ifp->if_family == IFNET_FAMILY_ETHERNET &&
+                   ifp->if_subfamily == IFNET_SUBFAMILY_WIFI)) ||
+                   (!exclude_delegate && IFNET_IS_WIFI(ifp))) {
+                       if (ifp->if_eflags & IFEF_AWDL) {
                                ret = IFRTYPE_FUNCTIONAL_WIFI_AWDL;
                                ret = IFRTYPE_FUNCTIONAL_WIFI_AWDL;
-                       else
+                       } else {
                                ret = IFRTYPE_FUNCTIONAL_WIFI_INFRA;
                                ret = IFRTYPE_FUNCTIONAL_WIFI_INFRA;
-               } else if (IFNET_IS_CELLULAR(ifp)) {
+                       }
+               } else if ((exclude_delegate &&
+                   (ifp->if_type == IFT_CELLULAR)) ||
+                   (!exclude_delegate && IFNET_IS_CELLULAR(ifp))) {
                        ret = IFRTYPE_FUNCTIONAL_CELLULAR;
                        ret = IFRTYPE_FUNCTIONAL_CELLULAR;
-               } else if (IFNET_IS_WIRED(ifp)) {
+               } else if (IFNET_IS_INTCOPROC(ifp)) {
+                       ret = IFRTYPE_FUNCTIONAL_INTCOPROC;
+               } else if ((exclude_delegate &&
+                   (ifp->if_family == IFNET_FAMILY_ETHERNET ||
+                   ifp->if_family == IFNET_FAMILY_BOND ||
+                   ifp->if_family == IFNET_FAMILY_VLAN ||
+                   ifp->if_family == IFNET_FAMILY_FIREWIRE)) ||
+                   (!exclude_delegate && IFNET_IS_WIRED(ifp))) {
                        ret = IFRTYPE_FUNCTIONAL_WIRED;
                }
        }
                        ret = IFRTYPE_FUNCTIONAL_WIRED;
                }
        }
@@ -720,7 +862,7 @@ if_functional_type(struct ifnet *ifp)
 __private_extern__ struct in_ifaddr *
 ifa_foraddr(unsigned int addr)
 {
 __private_extern__ struct in_ifaddr *
 ifa_foraddr(unsigned int addr)
 {
-       return (ifa_foraddr_scoped(addr, IFSCOPE_NONE));
+       return ifa_foraddr_scoped(addr, IFSCOPE_NONE);
 }
 
 /*
 }
 
 /*
@@ -738,24 +880,23 @@ ifa_foraddr_scoped(unsigned int addr, unsigned int scope)
                IFA_LOCK_SPIN(&ia->ia_ifa);
                if (ia->ia_addr.sin_addr.s_addr == addr &&
                    (scope == IFSCOPE_NONE || ia->ia_ifp->if_index == scope)) {
                IFA_LOCK_SPIN(&ia->ia_ifa);
                if (ia->ia_addr.sin_addr.s_addr == addr &&
                    (scope == IFSCOPE_NONE || ia->ia_ifp->if_index == scope)) {
-                       IFA_ADDREF_LOCKED(&ia->ia_ifa); /* for caller */
+                       IFA_ADDREF_LOCKED(&ia->ia_ifa); /* for caller */
                        IFA_UNLOCK(&ia->ia_ifa);
                        break;
                }
                IFA_UNLOCK(&ia->ia_ifa);
        }
        lck_rw_done(in_ifaddr_rwlock);
                        IFA_UNLOCK(&ia->ia_ifa);
                        break;
                }
                IFA_UNLOCK(&ia->ia_ifa);
        }
        lck_rw_done(in_ifaddr_rwlock);
-       return (ia);
+       return ia;
 }
 
 }
 
-#if INET6
 /*
  * Similar to ifa_foraddr, except that this for IPv6.
  */
 __private_extern__ struct in6_ifaddr *
 ifa_foraddr6(struct in6_addr *addr6)
 {
 /*
  * Similar to ifa_foraddr, except that this for IPv6.
  */
 __private_extern__ struct in6_ifaddr *
 ifa_foraddr6(struct in6_addr *addr6)
 {
-       return (ifa_foraddr6_scoped(addr6, IFSCOPE_NONE));
+       return ifa_foraddr6_scoped(addr6, IFSCOPE_NONE);
 }
 
 __private_extern__ struct in6_ifaddr *
 }
 
 __private_extern__ struct in6_ifaddr *
@@ -764,7 +905,7 @@ ifa_foraddr6_scoped(struct in6_addr *addr6, unsigned int scope)
        struct in6_ifaddr *ia = NULL;
 
        lck_rw_lock_shared(&in6_ifaddr_rwlock);
        struct in6_ifaddr *ia = NULL;
 
        lck_rw_lock_shared(&in6_ifaddr_rwlock);
-       for (ia = in6_ifaddrs; ia; ia = ia->ia_next) {
+       TAILQ_FOREACH(ia, IN6ADDR_HASH(addr6), ia6_hash) {
                IFA_LOCK(&ia->ia_ifa);
                if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, addr6) &&
                    (scope == IFSCOPE_NONE || ia->ia_ifp->if_index == scope)) {
                IFA_LOCK(&ia->ia_ifa);
                if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, addr6) &&
                    (scope == IFSCOPE_NONE || ia->ia_ifp->if_index == scope)) {
@@ -776,9 +917,8 @@ ifa_foraddr6_scoped(struct in6_addr *addr6, unsigned int scope)
        }
        lck_rw_done(&in6_ifaddr_rwlock);
 
        }
        lck_rw_done(&in6_ifaddr_rwlock);
 
-       return (ia);
+       return ia;
 }
 }
-#endif /* INET6 */
 
 /*
  * Return the first (primary) address of a given family on an interface.
 
 /*
  * Return the first (primary) address of a given family on an interface.
@@ -792,7 +932,7 @@ ifa_ifpgetprimary(struct ifnet *ifp, int family)
        TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
                IFA_LOCK_SPIN(ifa);
                if (ifa->ifa_addr->sa_family == family) {
        TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
                IFA_LOCK_SPIN(ifa);
                if (ifa->ifa_addr->sa_family == family) {
-                       IFA_ADDREF_LOCKED(ifa); /* for caller */
+                       IFA_ADDREF_LOCKED(ifa); /* for caller */
                        IFA_UNLOCK(ifa);
                        break;
                }
                        IFA_UNLOCK(ifa);
                        break;
                }
@@ -800,25 +940,32 @@ ifa_ifpgetprimary(struct ifnet *ifp, int family)
        }
        ifnet_lock_done(ifp);
 
        }
        ifnet_lock_done(ifp);
 
-       return (ifa);
+       return ifa;
+}
+
+static inline int
+ifa_equal(const struct sockaddr *sa1, const struct sockaddr *sa2)
+{
+       if (!sa1 || !sa2) {
+               return 0;
+       }
+       if (sa1->sa_len != sa2->sa_len) {
+               return 0;
+       }
+
+       return bcmp(sa1, sa2, sa1->sa_len) == 0;
 }
 
 /*
  * Locate an interface based on a complete address.
  */
 }
 
 /*
  * Locate an interface based on a complete address.
  */
-/*ARGSUSED*/
 struct ifaddr *
 struct ifaddr *
-ifa_ifwithaddr(const struct sockaddr *addr)
+ifa_ifwithaddr_locked(const struct sockaddr *addr)
 {
        struct ifnet *ifp;
        struct ifaddr *ifa;
        struct ifaddr *result = NULL;
 
 {
        struct ifnet *ifp;
        struct ifaddr *ifa;
        struct ifaddr *result = NULL;
 
-#define        equal(a1, a2)                                                   \
-       (bcmp((const void*)(a1), (const void*)(a2),                     \
-           ((const struct sockaddr *)(a1))->sa_len) == 0)
-
-       ifnet_head_lock_shared();
        for (ifp = ifnet_head.tqh_first; ifp && !result;
            ifp = ifp->if_link.tqe_next) {
                ifnet_lock_shared(ifp);
        for (ifp = ifnet_head.tqh_first; ifp && !result;
            ifp = ifp->if_link.tqe_next) {
                ifnet_lock_shared(ifp);
@@ -829,9 +976,9 @@ ifa_ifwithaddr(const struct sockaddr *addr)
                                IFA_UNLOCK(ifa);
                                continue;
                        }
                                IFA_UNLOCK(ifa);
                                continue;
                        }
-                       if (equal(addr, ifa->ifa_addr)) {
+                       if (ifa_equal(addr, ifa->ifa_addr)) {
                                result = ifa;
                                result = ifa;
-                               IFA_ADDREF_LOCKED(ifa); /* for caller */
+                               IFA_ADDREF_LOCKED(ifa); /* for caller */
                                IFA_UNLOCK(ifa);
                                break;
                        }
                                IFA_UNLOCK(ifa);
                                break;
                        }
@@ -839,9 +986,9 @@ ifa_ifwithaddr(const struct sockaddr *addr)
                            ifa->ifa_broadaddr != NULL &&
                            /* IP6 doesn't have broadcast */
                            ifa->ifa_broadaddr->sa_len != 0 &&
                            ifa->ifa_broadaddr != NULL &&
                            /* IP6 doesn't have broadcast */
                            ifa->ifa_broadaddr->sa_len != 0 &&
-                           equal(ifa->ifa_broadaddr, addr)) {
+                           ifa_equal(ifa->ifa_broadaddr, addr)) {
                                result = ifa;
                                result = ifa;
-                               IFA_ADDREF_LOCKED(ifa); /* for caller */
+                               IFA_ADDREF_LOCKED(ifa); /* for caller */
                                IFA_UNLOCK(ifa);
                                break;
                        }
                                IFA_UNLOCK(ifa);
                                break;
                        }
@@ -849,9 +996,22 @@ ifa_ifwithaddr(const struct sockaddr *addr)
                }
                ifnet_lock_done(ifp);
        }
                }
                ifnet_lock_done(ifp);
        }
+
+       return result;
+}
+
+struct ifaddr *
+ifa_ifwithaddr(const struct sockaddr *addr)
+{
+       struct ifaddr *result = NULL;
+
+       ifnet_head_lock_shared();
+
+       result = ifa_ifwithaddr_locked(addr);
+
        ifnet_head_done();
 
        ifnet_head_done();
 
-       return (result);
+       return result;
 }
 /*
  * Locate the point to point interface with a given destination address.
 }
 /*
  * Locate the point to point interface with a given destination address.
@@ -867,7 +1027,7 @@ ifa_ifwithdstaddr(const struct sockaddr *addr)
        ifnet_head_lock_shared();
        for (ifp = ifnet_head.tqh_first; ifp && !result;
            ifp = ifp->if_link.tqe_next) {
        ifnet_head_lock_shared();
        for (ifp = ifnet_head.tqh_first; ifp && !result;
            ifp = ifp->if_link.tqe_next) {
-           if ((ifp->if_flags & IFF_POINTOPOINT)) {
+               if ((ifp->if_flags & IFF_POINTOPOINT)) {
                        ifnet_lock_shared(ifp);
                        for (ifa = ifp->if_addrhead.tqh_first; ifa;
                            ifa = ifa->ifa_link.tqe_next) {
                        ifnet_lock_shared(ifp);
                        for (ifa = ifp->if_addrhead.tqh_first; ifa;
                            ifa = ifa->ifa_link.tqe_next) {
@@ -877,10 +1037,9 @@ ifa_ifwithdstaddr(const struct sockaddr *addr)
                                        IFA_UNLOCK(ifa);
                                        continue;
                                }
                                        IFA_UNLOCK(ifa);
                                        continue;
                                }
-                               if (ifa->ifa_dstaddr &&
-                                   equal(addr, ifa->ifa_dstaddr)) {
+                               if (ifa_equal(addr, ifa->ifa_dstaddr)) {
                                        result = ifa;
                                        result = ifa;
-                                       IFA_ADDREF_LOCKED(ifa); /* for caller */
+                                       IFA_ADDREF_LOCKED(ifa); /* for caller */
                                        IFA_UNLOCK(ifa);
                                        break;
                                }
                                        IFA_UNLOCK(ifa);
                                        break;
                                }
@@ -890,25 +1049,24 @@ ifa_ifwithdstaddr(const struct sockaddr *addr)
                }
        }
        ifnet_head_done();
                }
        }
        ifnet_head_done();
-       return (result);
+       return result;
 }
 
 /*
  * Locate the source address of an interface based on a complete address.
  */
 struct ifaddr *
 }
 
 /*
  * Locate the source address of an interface based on a complete address.
  */
 struct ifaddr *
-ifa_ifwithaddr_scoped(const struct sockaddr *addr, unsigned int ifscope)
+ifa_ifwithaddr_scoped_locked(const struct sockaddr *addr, unsigned int ifscope)
 {
        struct ifaddr *result = NULL;
        struct ifnet *ifp;
 
 {
        struct ifaddr *result = NULL;
        struct ifnet *ifp;
 
-       if (ifscope == IFSCOPE_NONE)
-               return (ifa_ifwithaddr(addr));
+       if (ifscope == IFSCOPE_NONE) {
+               return ifa_ifwithaddr_locked(addr);
+       }
 
 
-       ifnet_head_lock_shared();
        if (ifscope > (unsigned int)if_index) {
        if (ifscope > (unsigned int)if_index) {
-               ifnet_head_done();
-               return (NULL);
+               return NULL;
        }
 
        ifp = ifindex2ifnet[ifscope];
        }
 
        ifp = ifindex2ifnet[ifscope];
@@ -928,9 +1086,9 @@ ifa_ifwithaddr_scoped(const struct sockaddr *addr, unsigned int ifscope)
                                IFA_UNLOCK(ifa);
                                continue;
                        }
                                IFA_UNLOCK(ifa);
                                continue;
                        }
-                       if (equal(addr, ifa->ifa_addr)) {
+                       if (ifa_equal(addr, ifa->ifa_addr)) {
                                result = ifa;
                                result = ifa;
-                               IFA_ADDREF_LOCKED(ifa); /* for caller */
+                               IFA_ADDREF_LOCKED(ifa); /* for caller */
                                IFA_UNLOCK(ifa);
                                break;
                        }
                                IFA_UNLOCK(ifa);
                                break;
                        }
@@ -938,9 +1096,9 @@ ifa_ifwithaddr_scoped(const struct sockaddr *addr, unsigned int ifscope)
                            ifa->ifa_broadaddr != NULL &&
                            /* IP6 doesn't have broadcast */
                            ifa->ifa_broadaddr->sa_len != 0 &&
                            ifa->ifa_broadaddr != NULL &&
                            /* IP6 doesn't have broadcast */
                            ifa->ifa_broadaddr->sa_len != 0 &&
-                           equal(ifa->ifa_broadaddr, addr)) {
+                           ifa_equal(ifa->ifa_broadaddr, addr)) {
                                result = ifa;
                                result = ifa;
-                               IFA_ADDREF_LOCKED(ifa); /* for caller */
+                               IFA_ADDREF_LOCKED(ifa); /* for caller */
                                IFA_UNLOCK(ifa);
                                break;
                        }
                                IFA_UNLOCK(ifa);
                                break;
                        }
@@ -948,21 +1106,34 @@ ifa_ifwithaddr_scoped(const struct sockaddr *addr, unsigned int ifscope)
                }
                ifnet_lock_done(ifp);
        }
                }
                ifnet_lock_done(ifp);
        }
+
+       return result;
+}
+
+struct ifaddr *
+ifa_ifwithaddr_scoped(const struct sockaddr *addr, unsigned int ifscope)
+{
+       struct ifaddr *result = NULL;
+
+       ifnet_head_lock_shared();
+
+       result = ifa_ifwithaddr_scoped_locked(addr, ifscope);
+
        ifnet_head_done();
 
        ifnet_head_done();
 
-       return (result);
+       return result;
 }
 
 struct ifaddr *
 ifa_ifwithnet(const struct sockaddr *addr)
 {
 }
 
 struct ifaddr *
 ifa_ifwithnet(const struct sockaddr *addr)
 {
-       return (ifa_ifwithnet_common(addr, IFSCOPE_NONE));
+       return ifa_ifwithnet_common(addr, IFSCOPE_NONE);
 }
 
 struct ifaddr *
 ifa_ifwithnet_scoped(const struct sockaddr *addr, unsigned int ifscope)
 {
 }
 
 struct ifaddr *
 ifa_ifwithnet_scoped(const struct sockaddr *addr, unsigned int ifscope)
 {
-       return (ifa_ifwithnet_common(addr, ifscope));
+       return ifa_ifwithnet_common(addr, ifscope);
 }
 
 /*
 }
 
 /*
@@ -978,14 +1149,9 @@ ifa_ifwithnet_common(const struct sockaddr *addr, unsigned int ifscope)
        u_int af = addr->sa_family;
        const char *addr_data = addr->sa_data, *cplim;
 
        u_int af = addr->sa_family;
        const char *addr_data = addr->sa_data, *cplim;
 
-#if INET6
-       if ((af != AF_INET && af != AF_INET6) ||
-           (af == AF_INET && !ip_doscopedroute) ||
-           (af == AF_INET6 && !ip6_doscopedroute))
-#else
-       if (af != AF_INET || !ip_doscopedroute)
-#endif /* !INET6 */
+       if (af != AF_INET && af != AF_INET6) {
                ifscope = IFSCOPE_NONE;
                ifscope = IFSCOPE_NONE;
+       }
 
        ifnet_head_lock_shared();
        /*
 
        ifnet_head_lock_shared();
        /*
@@ -997,11 +1163,12 @@ ifa_ifwithnet_common(const struct sockaddr *addr, unsigned int ifscope)
                    (const struct sockaddr_dl *)(uintptr_t)(size_t)addr;
                if (sdl->sdl_index && sdl->sdl_index <= if_index) {
                        ifa = ifnet_addrs[sdl->sdl_index - 1];
                    (const struct sockaddr_dl *)(uintptr_t)(size_t)addr;
                if (sdl->sdl_index && sdl->sdl_index <= if_index) {
                        ifa = ifnet_addrs[sdl->sdl_index - 1];
-                       if (ifa != NULL)
+                       if (ifa != NULL) {
                                IFA_ADDREF(ifa);
                                IFA_ADDREF(ifa);
+                       }
 
                        ifnet_head_done();
 
                        ifnet_head_done();
-                       return (ifa);
+                       return ifa;
                }
        }
 
                }
        }
 
@@ -1012,7 +1179,7 @@ ifa_ifwithnet_common(const struct sockaddr *addr, unsigned int ifscope)
        for (ifp = ifnet_head.tqh_first; ifp; ifp = ifp->if_link.tqe_next) {
                ifnet_lock_shared(ifp);
                for (ifa = ifp->if_addrhead.tqh_first; ifa;
        for (ifp = ifnet_head.tqh_first; ifp; ifp = ifp->if_link.tqe_next) {
                ifnet_lock_shared(ifp);
                for (ifa = ifp->if_addrhead.tqh_first; ifa;
-                    ifa = ifa->ifa_link.tqe_next) {
+                   ifa = ifa->ifa_link.tqe_next) {
                        const char *cp, *cp2, *cp3;
 
                        IFA_LOCK(ifa);
                        const char *cp, *cp2, *cp3;
 
                        IFA_LOCK(ifa);
@@ -1048,9 +1215,11 @@ next:
                        cp3 = ifa->ifa_netmask->sa_data;
                        cplim = ifa->ifa_netmask->sa_len +
                            (char *)ifa->ifa_netmask;
                        cp3 = ifa->ifa_netmask->sa_data;
                        cplim = ifa->ifa_netmask->sa_len +
                            (char *)ifa->ifa_netmask;
-                       while (cp3 < cplim)
-                               if ((*cp++ ^ *cp2++) & *cp3++)
+                       while (cp3 < cplim) {
+                               if ((*cp++ ^ *cp2++) & *cp3++) {
                                        goto next; /* next address! */
                                        goto next; /* next address! */
+                               }
+                       }
                        /*
                         * If the netmask of what we just found
                         * is more specific than what we had before
                        /*
                         * If the netmask of what we just found
                         * is more specific than what we had before
@@ -1061,10 +1230,11 @@ next:
                        if (ifa_maybe == NULL ||
                            rn_refines((caddr_t)ifa->ifa_netmask,
                            (caddr_t)ifa_maybe->ifa_netmask)) {
                        if (ifa_maybe == NULL ||
                            rn_refines((caddr_t)ifa->ifa_netmask,
                            (caddr_t)ifa_maybe->ifa_netmask)) {
-                               IFA_ADDREF_LOCKED(ifa); /* ifa_maybe */
+                               IFA_ADDREF_LOCKED(ifa); /* ifa_maybe */
                                IFA_UNLOCK(ifa);
                                IFA_UNLOCK(ifa);
-                               if (ifa_maybe != NULL)
+                               if (ifa_maybe != NULL) {
                                        IFA_REMREF(ifa_maybe);
                                        IFA_REMREF(ifa_maybe);
+                               }
                                ifa_maybe = ifa;
                        } else {
                                IFA_UNLOCK(ifa);
                                ifa_maybe = ifa;
                        } else {
                                IFA_UNLOCK(ifa);
@@ -1073,22 +1243,44 @@ next:
                }
                ifnet_lock_done(ifp);
 
                }
                ifnet_lock_done(ifp);
 
-               if (ifa != NULL)
+               if (ifa != NULL) {
                        break;
                        break;
+               }
        }
        ifnet_head_done();
 
        }
        ifnet_head_done();
 
-       if (ifa == NULL)
+       if (ifa == NULL) {
                ifa = ifa_maybe;
                ifa = ifa_maybe;
-       else if (ifa_maybe != NULL)
+       } else if (ifa_maybe != NULL) {
                IFA_REMREF(ifa_maybe);
                IFA_REMREF(ifa_maybe);
+       }
+
+       return ifa;
+}
 
 
-       return (ifa);
+/*
+ * Find an interface address specific to an interface best matching
+ * a given address applying same source address selection rules
+ * as done in the kernel for implicit source address binding
+ */
+struct ifaddr *
+ifaof_ifpforaddr_select(const struct sockaddr *addr, struct ifnet *ifp)
+{
+       u_int af = addr->sa_family;
+
+       if (af == AF_INET6) {
+               return in6_selectsrc_core_ifa(__DECONST(struct sockaddr_in6 *, addr), ifp, 0);
+       }
+
+       return ifaof_ifpforaddr(addr, ifp);
 }
 
 /*
  * Find an interface address specific to an interface best matching
 }
 
 /*
  * Find an interface address specific to an interface best matching
- * a given address.
+ * a given address without regards to source address selection.
+ *
+ * This is appropriate for use-cases where we just want to update/init
+ * some data structure like routing table entries.
  */
 struct ifaddr *
 ifaof_ifpforaddr(const struct sockaddr *addr, struct ifnet *ifp)
  */
 struct ifaddr *
 ifaof_ifpforaddr(const struct sockaddr *addr, struct ifnet *ifp)
@@ -1100,25 +1292,26 @@ ifaof_ifpforaddr(const struct sockaddr *addr, struct ifnet *ifp)
        struct ifaddr *better_ifa_maybe = NULL;
        u_int af = addr->sa_family;
 
        struct ifaddr *better_ifa_maybe = NULL;
        u_int af = addr->sa_family;
 
-       if (af >= AF_MAX)
-               return (NULL);
+       if (af >= AF_MAX) {
+               return NULL;
+       }
 
        ifnet_lock_shared(ifp);
        for (ifa = ifp->if_addrhead.tqh_first; ifa;
 
        ifnet_lock_shared(ifp);
        for (ifa = ifp->if_addrhead.tqh_first; ifa;
-            ifa = ifa->ifa_link.tqe_next) {
+           ifa = ifa->ifa_link.tqe_next) {
                IFA_LOCK(ifa);
                if (ifa->ifa_addr->sa_family != af) {
                        IFA_UNLOCK(ifa);
                        continue;
                }
                if (ifa_maybe == NULL) {
                IFA_LOCK(ifa);
                if (ifa->ifa_addr->sa_family != af) {
                        IFA_UNLOCK(ifa);
                        continue;
                }
                if (ifa_maybe == NULL) {
-                       IFA_ADDREF_LOCKED(ifa); /* for ifa_maybe */
+                       IFA_ADDREF_LOCKED(ifa); /* for ifa_maybe */
                        ifa_maybe = ifa;
                }
                if (ifa->ifa_netmask == 0) {
                        ifa_maybe = ifa;
                }
                if (ifa->ifa_netmask == 0) {
-                       if (equal(addr, ifa->ifa_addr) || (ifa->ifa_dstaddr &&
-                           equal(addr, ifa->ifa_dstaddr))) {
-                               IFA_ADDREF_LOCKED(ifa); /* for caller */
+                       if (ifa_equal(addr, ifa->ifa_addr) ||
+                           ifa_equal(addr, ifa->ifa_dstaddr)) {
+                               IFA_ADDREF_LOCKED(ifa); /* for caller */
                                IFA_UNLOCK(ifa);
                                break;
                        }
                                IFA_UNLOCK(ifa);
                                break;
                        }
@@ -1126,15 +1319,15 @@ ifaof_ifpforaddr(const struct sockaddr *addr, struct ifnet *ifp)
                        continue;
                }
                if (ifp->if_flags & IFF_POINTOPOINT) {
                        continue;
                }
                if (ifp->if_flags & IFF_POINTOPOINT) {
-                       if (ifa->ifa_dstaddr && equal(addr, ifa->ifa_dstaddr)) {
-                               IFA_ADDREF_LOCKED(ifa); /* for caller */
+                       if (ifa_equal(addr, ifa->ifa_dstaddr)) {
+                               IFA_ADDREF_LOCKED(ifa); /* for caller */
                                IFA_UNLOCK(ifa);
                                break;
                        }
                } else {
                                IFA_UNLOCK(ifa);
                                break;
                        }
                } else {
-                       if (equal(addr, ifa->ifa_addr)) {
+                       if (ifa_equal(addr, ifa->ifa_addr)) {
                                /* exact match */
                                /* exact match */
-                               IFA_ADDREF_LOCKED(ifa); /* for caller */
+                               IFA_ADDREF_LOCKED(ifa); /* for caller */
                                IFA_UNLOCK(ifa);
                                break;
                        }
                                IFA_UNLOCK(ifa);
                                break;
                        }
@@ -1143,9 +1336,11 @@ ifaof_ifpforaddr(const struct sockaddr *addr, struct ifnet *ifp)
                        cp3 = ifa->ifa_netmask->sa_data;
                        cplim = ifa->ifa_netmask->sa_len +
                            (char *)ifa->ifa_netmask;
                        cp3 = ifa->ifa_netmask->sa_data;
                        cplim = ifa->ifa_netmask->sa_len +
                            (char *)ifa->ifa_netmask;
-                       for (; cp3 < cplim; cp3++)
-                               if ((*cp++ ^ *cp2++) & *cp3)
+                       for (; cp3 < cplim; cp3++) {
+                               if ((*cp++ ^ *cp2++) & *cp3) {
                                        break;
                                        break;
+                               }
+                       }
                        if (cp3 == cplim) {
                                /* subnet match */
                                if (better_ifa_maybe == NULL) {
                        if (cp3 == cplim) {
                                /* subnet match */
                                if (better_ifa_maybe == NULL) {
@@ -1170,12 +1365,14 @@ ifaof_ifpforaddr(const struct sockaddr *addr, struct ifnet *ifp)
 
        ifnet_lock_done(ifp);
 
 
        ifnet_lock_done(ifp);
 
-       if (better_ifa_maybe != NULL)
+       if (better_ifa_maybe != NULL) {
                IFA_REMREF(better_ifa_maybe);
                IFA_REMREF(better_ifa_maybe);
-       if (ifa_maybe != NULL)
+       }
+       if (ifa_maybe != NULL) {
                IFA_REMREF(ifa_maybe);
                IFA_REMREF(ifa_maybe);
+       }
 
 
-       return (ifa);
+       return ifa;
 }
 
 #include <net/route.h>
 }
 
 #include <net/route.h>
@@ -1193,12 +1390,13 @@ link_rtrequest(int cmd, struct rtentry *rt, struct sockaddr *sa)
        struct ifnet *ifp;
        void (*ifa_rtrequest)(int, struct rtentry *, struct sockaddr *);
 
        struct ifnet *ifp;
        void (*ifa_rtrequest)(int, struct rtentry *, struct sockaddr *);
 
-       lck_mtx_assert(rnh_lock, LCK_MTX_ASSERT_OWNED);
+       LCK_MTX_ASSERT(rnh_lock, LCK_MTX_ASSERT_OWNED);
        RT_LOCK_ASSERT_HELD(rt);
 
        if (cmd != RTM_ADD || ((ifa = rt->rt_ifa) == 0) ||
        RT_LOCK_ASSERT_HELD(rt);
 
        if (cmd != RTM_ADD || ((ifa = rt->rt_ifa) == 0) ||
-           ((ifp = ifa->ifa_ifp) == 0) || ((dst = rt_key(rt)) == 0))
+           ((ifp = ifa->ifa_ifp) == 0) || ((dst = rt_key(rt)) == 0)) {
                return;
                return;
+       }
 
        /* Become a regular mutex, just in case */
        RT_CONVERT_LOCK(rt);
 
        /* Become a regular mutex, just in case */
        RT_CONVERT_LOCK(rt);
@@ -1209,8 +1407,9 @@ link_rtrequest(int cmd, struct rtentry *rt, struct sockaddr *sa)
                IFA_LOCK_SPIN(ifa);
                ifa_rtrequest = ifa->ifa_rtrequest;
                IFA_UNLOCK(ifa);
                IFA_LOCK_SPIN(ifa);
                ifa_rtrequest = ifa->ifa_rtrequest;
                IFA_UNLOCK(ifa);
-               if (ifa_rtrequest != NULL && ifa_rtrequest != link_rtrequest)
+               if (ifa_rtrequest != NULL && ifa_rtrequest != link_rtrequest) {
                        ifa_rtrequest(cmd, rt, sa);
                        ifa_rtrequest(cmd, rt, sa);
+               }
                IFA_REMREF(ifa);
        }
 }
                IFA_REMREF(ifa);
        }
 }
@@ -1227,13 +1426,12 @@ link_rtrequest(int cmd, struct rtentry *rt, struct sockaddr *sa)
  * up/down state and updating the rest of the flags.
  */
 __private_extern__ void
  * up/down state and updating the rest of the flags.
  */
 __private_extern__ void
-if_updown(
-       struct ifnet    *ifp,
-       int                             up)
+if_updown( struct ifnet *ifp, int up)
 {
 {
+       u_int32_t eflags;
        int i;
        struct ifaddr **ifa;
        int i;
        struct ifaddr **ifa;
-       struct timespec tv;
+       struct timespec tv;
        struct ifclassq *ifq = &ifp->if_snd;
 
        /* Wait until no one else is changing the up/down state */
        struct ifclassq *ifq = &ifp->if_snd;
 
        /* Wait until no one else is changing the up/down state */
@@ -1247,25 +1445,34 @@ if_updown(
 
        /* Verify that the interface isn't already in the right state */
        if ((!up && (ifp->if_flags & IFF_UP) == 0) ||
 
        /* Verify that the interface isn't already in the right state */
        if ((!up && (ifp->if_flags & IFF_UP) == 0) ||
-               (up && (ifp->if_flags & IFF_UP) == IFF_UP)) {
+           (up && (ifp->if_flags & IFF_UP) == IFF_UP)) {
                return;
        }
 
        /* Indicate that the up/down state is changing */
                return;
        }
 
        /* Indicate that the up/down state is changing */
-       ifp->if_eflags |= IFEF_UPDOWNCHANGE;
+       eflags = if_set_eflags(ifp, IFEF_UPDOWNCHANGE);
+       ASSERT((eflags & IFEF_UPDOWNCHANGE) == 0);
 
        /* Mark interface up or down */
        if (up) {
                ifp->if_flags |= IFF_UP;
 
        /* Mark interface up or down */
        if (up) {
                ifp->if_flags |= IFF_UP;
-       }
-       else {
+       } else {
                ifp->if_flags &= ~IFF_UP;
        }
 
        ifnet_touch_lastchange(ifp);
                ifp->if_flags &= ~IFF_UP;
        }
 
        ifnet_touch_lastchange(ifp);
+       ifnet_touch_lastupdown(ifp);
 
        /* Drop the lock to notify addresses and route */
        ifnet_lock_done(ifp);
 
        /* Drop the lock to notify addresses and route */
        ifnet_lock_done(ifp);
+
+       IFCQ_LOCK(ifq);
+       if_qflush(ifp, 1);
+
+       /* Inform all transmit queues about the new link state */
+       ifnet_update_sndq(ifq, up ? CLASSQ_EV_LINK_UP : CLASSQ_EV_LINK_DOWN);
+       IFCQ_UNLOCK(ifq);
+
        if (ifnet_get_address_list(ifp, &ifa) == 0) {
                for (i = 0; ifa[i] != 0; i++) {
                        pfctlinput(up ? PRC_IFUP : PRC_IFDOWN, ifa[i]->ifa_addr);
        if (ifnet_get_address_list(ifp, &ifa) == 0) {
                for (i = 0; ifa[i] != 0; i++) {
                        pfctlinput(up ? PRC_IFUP : PRC_IFDOWN, ifa[i]->ifa_addr);
@@ -1274,17 +1481,9 @@ if_updown(
        }
        rt_ifmsg(ifp);
 
        }
        rt_ifmsg(ifp);
 
-       if (!up)
-               if_qflush(ifp, 0);
-
-       /* Inform all transmit queues about the new link state */
-       IFCQ_LOCK(ifq);
-       ifnet_update_sndq(ifq, up ? CLASSQ_EV_LINK_UP : CLASSQ_EV_LINK_DOWN);
-       IFCQ_UNLOCK(ifq);
-
        /* Aquire the lock to clear the changing flag */
        ifnet_lock_exclusive(ifp);
        /* Aquire the lock to clear the changing flag */
        ifnet_lock_exclusive(ifp);
-       ifp->if_eflags &= ~IFEF_UPDOWNCHANGE;
+       if_clear_eflags(ifp, IFEF_UPDOWNCHANGE);
        wakeup(&ifp->if_eflags);
 }
 
        wakeup(&ifp->if_eflags);
 }
 
@@ -1322,22 +1521,19 @@ if_qflush(struct ifnet *ifp, int ifq_locked)
 {
        struct ifclassq *ifq = &ifp->if_snd;
 
 {
        struct ifclassq *ifq = &ifp->if_snd;
 
-       if (!ifq_locked)
+       if (!ifq_locked) {
                IFCQ_LOCK(ifq);
                IFCQ_LOCK(ifq);
+       }
 
 
-       if (IFCQ_IS_ENABLED(ifq))
-               IFCQ_PURGE(ifq);
-#if PF_ALTQ
-       if (IFCQ_IS_DRAINING(ifq))
-               ifq->ifcq_drain = 0;
-       if (ALTQ_IS_ENABLED(IFCQ_ALTQ(ifq)))
-               ALTQ_PURGE(IFCQ_ALTQ(ifq));
-#endif /* PF_ALTQ */
+       if (IFCQ_IS_ENABLED(ifq)) {
+               fq_if_request_classq(ifq, CLASSQRQ_PURGE, NULL);
+       }
 
        VERIFY(IFCQ_IS_EMPTY(ifq));
 
 
        VERIFY(IFCQ_IS_EMPTY(ifq));
 
-       if (!ifq_locked)
+       if (!ifq_locked) {
                IFCQ_UNLOCK(ifq);
                IFCQ_UNLOCK(ifq);
+       }
 }
 
 void
 }
 
 void
@@ -1346,83 +1542,140 @@ if_qflush_sc(struct ifnet *ifp, mbuf_svc_class_t sc, u_int32_t flow,
 {
        struct ifclassq *ifq = &ifp->if_snd;
        u_int32_t cnt = 0, len = 0;
 {
        struct ifclassq *ifq = &ifp->if_snd;
        u_int32_t cnt = 0, len = 0;
-       u_int32_t a_cnt = 0, a_len = 0;
 
        VERIFY(sc == MBUF_SC_UNSPEC || MBUF_VALID_SC(sc));
        VERIFY(flow != 0);
 
 
        VERIFY(sc == MBUF_SC_UNSPEC || MBUF_VALID_SC(sc));
        VERIFY(flow != 0);
 
-       if (!ifq_locked)
+       if (!ifq_locked) {
                IFCQ_LOCK(ifq);
                IFCQ_LOCK(ifq);
+       }
 
 
-       if (IFCQ_IS_ENABLED(ifq))
-               IFCQ_PURGE_SC(ifq, sc, flow, cnt, len);
-#if PF_ALTQ
-       if (IFCQ_IS_DRAINING(ifq)) {
-               VERIFY((signed)(ifq->ifcq_drain - cnt) >= 0);
-               ifq->ifcq_drain -= cnt;
+       if (IFCQ_IS_ENABLED(ifq)) {
+               cqrq_purge_sc_t req = { sc, flow, 0, 0 };
+
+               fq_if_request_classq(ifq, CLASSQRQ_PURGE_SC, &req);
+               cnt = req.packets;
+               len = req.bytes;
        }
        }
-       if (ALTQ_IS_ENABLED(IFCQ_ALTQ(ifq)))
-               ALTQ_PURGE_SC(IFCQ_ALTQ(ifq), sc, flow, a_cnt, a_len);
-#endif /* PF_ALTQ */
 
 
-       if (!ifq_locked)
+       if (!ifq_locked) {
                IFCQ_UNLOCK(ifq);
                IFCQ_UNLOCK(ifq);
+       }
 
 
-       if (packets != NULL)
-               *packets = cnt + a_cnt;
-       if (bytes != NULL)
-               *bytes = len + a_len;
+       if (packets != NULL) {
+               *packets = cnt;
+       }
+       if (bytes != NULL) {
+               *bytes = len;
+       }
 }
 
 /*
 }
 
 /*
- * Map interface name to
- * interface structure pointer.
+ * Extracts interface unit number and name from string, returns -1 upon failure.
+ * Upon success, returns extracted unit number, and interface name in dst.
  */
  */
-struct ifnet *
-ifunit(const char *name)
+int
+ifunit_extract(const char *src, char *dst, size_t dstlen, int *unit)
 {
 {
-       char namebuf[IFNAMSIZ + 1];
        const char *cp;
        const char *cp;
-       struct ifnet *ifp;
-       int unit;
-       unsigned len, m;
+       size_t len, m;
        char c;
        char c;
+       int u;
 
 
-       len = strlen(name);
-       if (len < 2 || len > IFNAMSIZ)
-               return (NULL);
-       cp = name + len - 1;
+       if (src == NULL || dst == NULL || dstlen == 0 || unit == NULL) {
+               return -1;
+       }
+
+       len = strlen(src);
+       if (len < 2 || len > dstlen) {
+               return -1;
+       }
+       cp = src + len - 1;
        c = *cp;
        c = *cp;
-       if (c < '0' || c > '9')
-               return (NULL);          /* trailing garbage */
-       unit = 0;
+       if (c < '0' || c > '9') {
+               return -1;            /* trailing garbage */
+       }
+       u = 0;
        m = 1;
        do {
        m = 1;
        do {
-               if (cp == name)
-                       return (NULL);  /* no interface name */
-               unit += (c - '0') * m;
-               if (unit > 1000000)
-                       return (NULL);  /* number is unreasonable */
+               if (cp == src) {
+                       return -1;    /* no interface name */
+               }
+               u += (c - '0') * m;
+               if (u > 1000000) {
+                       return -1;    /* number is unreasonable */
+               }
                m *= 10;
                c = *--cp;
        } while (c >= '0' && c <= '9');
                m *= 10;
                c = *--cp;
        } while (c >= '0' && c <= '9');
-       len = cp - name + 1;
-       bcopy(name, namebuf, len);
-       namebuf[len] = '\0';
+       len = cp - src + 1;
+       bcopy(src, dst, len);
+       dst[len] = '\0';
+       *unit = u;
+
+       return 0;
+}
+
+/*
+ * Map interface name to
+ * interface structure pointer.
+ */
+static struct ifnet *
+ifunit_common(const char *name, boolean_t hold)
+{
+       char namebuf[IFNAMSIZ + 1];
+       struct ifnet *ifp;
+       int unit;
+
+       if (ifunit_extract(name, namebuf, sizeof(namebuf), &unit) < 0) {
+               return NULL;
+       }
+
+       /* for safety, since we use strcmp() below */
+       namebuf[sizeof(namebuf) - 1] = '\0';
+
        /*
         * Now search all the interfaces for this name/number
         */
        ifnet_head_lock_shared();
        TAILQ_FOREACH(ifp, &ifnet_head, if_link) {
        /*
         * Now search all the interfaces for this name/number
         */
        ifnet_head_lock_shared();
        TAILQ_FOREACH(ifp, &ifnet_head, if_link) {
-               if (strncmp(ifp->if_name, namebuf, len))
+               /*
+                * Use strcmp() rather than strncmp() here,
+                * since we want to match the entire string.
+                */
+               if (strcmp(ifp->if_name, namebuf)) {
                        continue;
                        continue;
-               if (unit == ifp->if_unit)
+               }
+               if (unit == ifp->if_unit) {
                        break;
                        break;
+               }
+       }
+
+       /* if called from ifunit_ref() and ifnet is not attached, bail */
+       if (hold && ifp != NULL && !ifnet_is_attached(ifp, 1)) {
+               ifp = NULL;
        }
        }
+
        ifnet_head_done();
        ifnet_head_done();
-       return (ifp);
+       return ifp;
+}
+
+struct ifnet *
+ifunit(const char *name)
+{
+       return ifunit_common(name, FALSE);
 }
 
 }
 
+/*
+ * Similar to ifunit(), except that we hold an I/O reference count on an
+ * attached interface, which must later be released via ifnet_decr_iorefcnt().
+ * Will return NULL unless interface exists and is fully attached.
+ */
+struct ifnet *
+ifunit_ref(const char *name)
+{
+       return ifunit_common(name, TRUE);
+}
 
 /*
  * Map interface name in a sockaddr_dl to
 
 /*
  * Map interface name in a sockaddr_dl to
@@ -1431,12 +1684,13 @@ ifunit(const char *name)
 struct ifnet *
 if_withname(struct sockaddr *sa)
 {
 struct ifnet *
 if_withname(struct sockaddr *sa)
 {
-       char ifname[IFNAMSIZ+1];
+       char ifname[IFNAMSIZ + 1];
        struct sockaddr_dl *sdl = (struct sockaddr_dl *)(void *)sa;
 
        struct sockaddr_dl *sdl = (struct sockaddr_dl *)(void *)sa;
 
-       if ( (sa->sa_family != AF_LINK) || (sdl->sdl_nlen == 0) ||
-            (sdl->sdl_nlen > IFNAMSIZ) )
-               return (NULL);
+       if ((sa->sa_family != AF_LINK) || (sdl->sdl_nlen == 0) ||
+           (sdl->sdl_nlen > IFNAMSIZ)) {
+               return NULL;
+       }
 
        /*
         * ifunit wants a null-terminated name.  It may not be null-terminated
 
        /*
         * ifunit wants a null-terminated name.  It may not be null-terminated
@@ -1447,7 +1701,7 @@ if_withname(struct sockaddr *sa)
 
        bcopy(sdl->sdl_data, ifname, sdl->sdl_nlen);
        ifname[sdl->sdl_nlen] = '\0';
 
        bcopy(sdl->sdl_data, ifname, sdl->sdl_nlen);
        ifname[sdl->sdl_nlen] = '\0';
-       return (ifunit(ifname));
+       return ifunit(ifname);
 }
 
 static __attribute__((noinline)) int
 }
 
 static __attribute__((noinline)) int
@@ -1456,22 +1710,22 @@ ifioctl_ifconf(u_long cmd, caddr_t data)
        int error = 0;
 
        switch (cmd) {
        int error = 0;
 
        switch (cmd) {
-       case OSIOCGIFCONF32:                    /* struct ifconf32 */
-       case SIOCGIFCONF32: {                   /* struct ifconf32 */
+       case OSIOCGIFCONF32:                    /* struct ifconf32 */
+       case SIOCGIFCONF32: {                   /* struct ifconf32 */
                struct ifconf32 ifc;
                struct ifconf32 ifc;
-               bcopy(data, &ifc, sizeof (ifc));
+               bcopy(data, &ifc, sizeof(ifc));
                error = ifconf(cmd, CAST_USER_ADDR_T(ifc.ifc_req),
                    &ifc.ifc_len);
                error = ifconf(cmd, CAST_USER_ADDR_T(ifc.ifc_req),
                    &ifc.ifc_len);
-               bcopy(&ifc, data, sizeof (ifc));
+               bcopy(&ifc, data, sizeof(ifc));
                break;
        }
 
                break;
        }
 
-       case SIOCGIFCONF64:                     /* struct ifconf64 */
-       case OSIOCGIFCONF64: {                  /* struct ifconf64 */
+       case SIOCGIFCONF64:                     /* struct ifconf64 */
+       case OSIOCGIFCONF64: {                  /* struct ifconf64 */
                struct ifconf64 ifc;
                struct ifconf64 ifc;
-               bcopy(data, &ifc, sizeof (ifc));
+               bcopy(data, &ifc, sizeof(ifc));
                error = ifconf(cmd, ifc.ifc_req, &ifc.ifc_len);
                error = ifconf(cmd, ifc.ifc_req, &ifc.ifc_len);
-               bcopy(&ifc, data, sizeof (ifc));
+               bcopy(&ifc, data, sizeof(ifc));
                break;
        }
 
                break;
        }
 
@@ -1480,7 +1734,7 @@ ifioctl_ifconf(u_long cmd, caddr_t data)
                /* NOTREACHED */
        }
 
                /* NOTREACHED */
        }
 
-       return (error);
+       return error;
 }
 
 static __attribute__((noinline)) int
 }
 
 static __attribute__((noinline)) int
@@ -1489,21 +1743,21 @@ ifioctl_ifclone(u_long cmd, caddr_t data)
        int error = 0;
 
        switch (cmd) {
        int error = 0;
 
        switch (cmd) {
-       case SIOCIFGCLONERS32: {                /* struct if_clonereq32 */
+       case SIOCIFGCLONERS32: {                /* struct if_clonereq32 */
                struct if_clonereq32 ifcr;
                struct if_clonereq32 ifcr;
-               bcopy(data, &ifcr, sizeof (ifcr));
+               bcopy(data, &ifcr, sizeof(ifcr));
                error = if_clone_list(ifcr.ifcr_count, &ifcr.ifcr_total,
                    CAST_USER_ADDR_T(ifcr.ifcru_buffer));
                error = if_clone_list(ifcr.ifcr_count, &ifcr.ifcr_total,
                    CAST_USER_ADDR_T(ifcr.ifcru_buffer));
-               bcopy(&ifcr, data, sizeof (ifcr));
+               bcopy(&ifcr, data, sizeof(ifcr));
                break;
        }
 
                break;
        }
 
-       case SIOCIFGCLONERS64: {                /* struct if_clonereq64 */
+       case SIOCIFGCLONERS64: {                /* struct if_clonereq64 */
                struct if_clonereq64 ifcr;
                struct if_clonereq64 ifcr;
-               bcopy(data, &ifcr, sizeof (ifcr));
+               bcopy(data, &ifcr, sizeof(ifcr));
                error = if_clone_list(ifcr.ifcr_count, &ifcr.ifcr_total,
                    ifcr.ifcru_buffer);
                error = if_clone_list(ifcr.ifcr_count, &ifcr.ifcr_total,
                    ifcr.ifcru_buffer);
-               bcopy(&ifcr, data, sizeof (ifcr));
+               bcopy(&ifcr, data, sizeof(ifcr));
                break;
        }
 
                break;
        }
 
@@ -1512,7 +1766,7 @@ ifioctl_ifclone(u_long cmd, caddr_t data)
                /* NOTREACHED */
        }
 
                /* NOTREACHED */
        }
 
-       return (error);
+       return error;
 }
 
 static __attribute__((noinline)) int
 }
 
 static __attribute__((noinline)) int
@@ -1525,13 +1779,14 @@ ifioctl_ifdesc(struct ifnet *ifp, u_long cmd, caddr_t data, struct proc *p)
        VERIFY(ifp != NULL);
 
        switch (cmd) {
        VERIFY(ifp != NULL);
 
        switch (cmd) {
-       case SIOCSIFDESC: {                     /* struct if_descreq */
-               if ((error = proc_suser(p)) != 0)
-                        break;
+       case SIOCSIFDESC: {                     /* struct if_descreq */
+               if ((error = proc_suser(p)) != 0) {
+                       break;
+               }
 
                ifnet_lock_exclusive(ifp);
 
                ifnet_lock_exclusive(ifp);
-               bcopy(&ifdr->ifdr_len, &ifdr_len, sizeof (ifdr_len));
-               if (ifdr_len > sizeof (ifdr->ifdr_desc) ||
+               bcopy(&ifdr->ifdr_len, &ifdr_len, sizeof(ifdr_len));
+               if (ifdr_len > sizeof(ifdr->ifdr_desc) ||
                    ifdr_len > ifp->if_desc.ifd_maxlen) {
                        error = EINVAL;
                        ifnet_lock_done(ifp);
                    ifdr_len > ifp->if_desc.ifd_maxlen) {
                        error = EINVAL;
                        ifnet_lock_done(ifp);
@@ -1547,11 +1802,11 @@ ifioctl_ifdesc(struct ifnet *ifp, u_long cmd, caddr_t data, struct proc *p)
                break;
        }
 
                break;
        }
 
-       case SIOCGIFDESC: {                     /* struct if_descreq */
+       case SIOCGIFDESC: {                     /* struct if_descreq */
                ifnet_lock_shared(ifp);
                ifnet_lock_shared(ifp);
-               ifdr_len = MIN(ifp->if_desc.ifd_len, sizeof (ifdr->ifdr_desc));
-               bcopy(&ifdr_len, &ifdr->ifdr_len, sizeof (ifdr_len));
-               bzero(&ifdr->ifdr_desc, sizeof (ifdr->ifdr_desc));
+               ifdr_len = MIN(ifp->if_desc.ifd_len, sizeof(ifdr->ifdr_desc));
+               bcopy(&ifdr_len, &ifdr->ifdr_len, sizeof(ifdr_len));
+               bzero(&ifdr->ifdr_desc, sizeof(ifdr->ifdr_desc));
                if (ifdr_len > 0) {
                        bcopy(ifp->if_desc.ifd_desc, ifdr->ifdr_desc, ifdr_len);
                }
                if (ifdr_len > 0) {
                        bcopy(ifp->if_desc.ifd_desc, ifdr->ifdr_desc, ifdr_len);
                }
@@ -1564,7 +1819,7 @@ ifioctl_ifdesc(struct ifnet *ifp, u_long cmd, caddr_t data, struct proc *p)
                /* NOTREACHED */
        }
 
                /* NOTREACHED */
        }
 
-       return (error);
+       return error;
 }
 
 static __attribute__((noinline)) int
 }
 
 static __attribute__((noinline)) int
@@ -1579,11 +1834,23 @@ ifioctl_linkparams(struct ifnet *ifp, u_long cmd, caddr_t data, struct proc *p)
        ifq = &ifp->if_snd;
 
        switch (cmd) {
        ifq = &ifp->if_snd;
 
        switch (cmd) {
-       case SIOCSIFLINKPARAMS: {               /* struct if_linkparamsreq */
-               struct tb_profile tb = { 0, 0, 0 };
+       case SIOCSIFLINKPARAMS: {               /* struct if_linkparamsreq */
+               struct tb_profile tb = { .rate = 0, .percent = 0, .depth = 0 };
+
+               if ((error = proc_suser(p)) != 0) {
+                       break;
+               }
+
 
 
-               if ((error = proc_suser(p)) != 0)
-                        break;
+               char netem_name[32];
+               (void) snprintf(netem_name, sizeof(netem_name),
+                   "if_output_netem_%s", if_name(ifp));
+               error = netem_config(&ifp->if_output_netem, netem_name,
+                   &iflpr->iflpr_output_netem, (void *)ifp,
+                   ifnet_enqueue_netem, NETEM_MAX_BATCH_SIZE);
+               if (error != 0) {
+                       break;
+               }
 
                IFCQ_LOCK(ifq);
                if (!IFCQ_IS_READY(ifq)) {
 
                IFCQ_LOCK(ifq);
                if (!IFCQ_IS_READY(ifq)) {
@@ -1592,54 +1859,56 @@ ifioctl_linkparams(struct ifnet *ifp, u_long cmd, caddr_t data, struct proc *p)
                        break;
                }
                bcopy(&iflpr->iflpr_output_tbr_rate, &tb.rate,
                        break;
                }
                bcopy(&iflpr->iflpr_output_tbr_rate, &tb.rate,
-                   sizeof (tb.rate));
+                   sizeof(tb.rate));
                bcopy(&iflpr->iflpr_output_tbr_percent, &tb.percent,
                bcopy(&iflpr->iflpr_output_tbr_percent, &tb.percent,
-                   sizeof (tb.percent));
+                   sizeof(tb.percent));
                error = ifclassq_tbr_set(ifq, &tb, TRUE);
                IFCQ_UNLOCK(ifq);
                break;
        }
 
                error = ifclassq_tbr_set(ifq, &tb, TRUE);
                IFCQ_UNLOCK(ifq);
                break;
        }
 
-       case SIOCGIFLINKPARAMS: {               /* struct if_linkparamsreq */
+       case SIOCGIFLINKPARAMS: {               /* struct if_linkparamsreq */
                u_int32_t sched_type = PKTSCHEDT_NONE, flags = 0;
                u_int64_t tbr_bw = 0, tbr_pct = 0;
 
                IFCQ_LOCK(ifq);
                u_int32_t sched_type = PKTSCHEDT_NONE, flags = 0;
                u_int64_t tbr_bw = 0, tbr_pct = 0;
 
                IFCQ_LOCK(ifq);
-#if PF_ALTQ
-               if (ALTQ_IS_ENABLED(IFCQ_ALTQ(ifq))) {
-                       sched_type = IFCQ_ALTQ(ifq)->altq_type;
-                       flags |= IFLPRF_ALTQ;
-               } else
-#endif /* PF_ALTQ */
-               {
-                       if (IFCQ_IS_ENABLED(ifq))
-                               sched_type = ifq->ifcq_type;
+
+               if (IFCQ_IS_ENABLED(ifq)) {
+                       sched_type = ifq->ifcq_type;
                }
                }
+
                bcopy(&sched_type, &iflpr->iflpr_output_sched,
                bcopy(&sched_type, &iflpr->iflpr_output_sched,
-                   sizeof (iflpr->iflpr_output_sched));
+                   sizeof(iflpr->iflpr_output_sched));
 
                if (IFCQ_TBR_IS_ENABLED(ifq)) {
                        tbr_bw = ifq->ifcq_tbr.tbr_rate_raw;
                        tbr_pct = ifq->ifcq_tbr.tbr_percent;
                }
                bcopy(&tbr_bw, &iflpr->iflpr_output_tbr_rate,
 
                if (IFCQ_TBR_IS_ENABLED(ifq)) {
                        tbr_bw = ifq->ifcq_tbr.tbr_rate_raw;
                        tbr_pct = ifq->ifcq_tbr.tbr_percent;
                }
                bcopy(&tbr_bw, &iflpr->iflpr_output_tbr_rate,
-                   sizeof (iflpr->iflpr_output_tbr_rate));
+                   sizeof(iflpr->iflpr_output_tbr_rate));
                bcopy(&tbr_pct, &iflpr->iflpr_output_tbr_percent,
                bcopy(&tbr_pct, &iflpr->iflpr_output_tbr_percent,
-                   sizeof (iflpr->iflpr_output_tbr_percent));
+                   sizeof(iflpr->iflpr_output_tbr_percent));
                IFCQ_UNLOCK(ifq);
 
                if (ifp->if_output_sched_model ==
                IFCQ_UNLOCK(ifq);
 
                if (ifp->if_output_sched_model ==
-                   IFNET_SCHED_MODEL_DRIVER_MANAGED)
+                   IFNET_SCHED_MODEL_DRIVER_MANAGED) {
                        flags |= IFLPRF_DRVMANAGED;
                        flags |= IFLPRF_DRVMANAGED;
-               bcopy(&flags, &iflpr->iflpr_flags, sizeof (iflpr->iflpr_flags));
+               }
+               bcopy(&flags, &iflpr->iflpr_flags, sizeof(iflpr->iflpr_flags));
                bcopy(&ifp->if_output_bw, &iflpr->iflpr_output_bw,
                bcopy(&ifp->if_output_bw, &iflpr->iflpr_output_bw,
-                   sizeof (iflpr->iflpr_output_bw));
+                   sizeof(iflpr->iflpr_output_bw));
                bcopy(&ifp->if_input_bw, &iflpr->iflpr_input_bw,
                bcopy(&ifp->if_input_bw, &iflpr->iflpr_input_bw,
-                   sizeof (iflpr->iflpr_input_bw));
+                   sizeof(iflpr->iflpr_input_bw));
                bcopy(&ifp->if_output_lt, &iflpr->iflpr_output_lt,
                bcopy(&ifp->if_output_lt, &iflpr->iflpr_output_lt,
-                   sizeof (iflpr->iflpr_output_lt));
+                   sizeof(iflpr->iflpr_output_lt));
                bcopy(&ifp->if_input_lt, &iflpr->iflpr_input_lt,
                bcopy(&ifp->if_input_lt, &iflpr->iflpr_input_lt,
-                   sizeof (iflpr->iflpr_input_lt));
+                   sizeof(iflpr->iflpr_input_lt));
+
+               if (ifp->if_output_netem != NULL) {
+                       netem_get_params(ifp->if_output_netem,
+                           &iflpr->iflpr_output_netem);
+               }
+
                break;
        }
 
                break;
        }
 
@@ -1648,7 +1917,7 @@ ifioctl_linkparams(struct ifnet *ifp, u_long cmd, caddr_t data, struct proc *p)
                /* NOTREACHED */
        }
 
                /* NOTREACHED */
        }
 
-       return (error);
+       return error;
 }
 
 static __attribute__((noinline)) int
 }
 
 static __attribute__((noinline)) int
@@ -1661,14 +1930,15 @@ ifioctl_qstats(struct ifnet *ifp, u_long cmd, caddr_t data)
        VERIFY(ifp != NULL);
 
        switch (cmd) {
        VERIFY(ifp != NULL);
 
        switch (cmd) {
-       case SIOCGIFQUEUESTATS: {               /* struct if_qstatsreq */
-               bcopy(&ifqr->ifqr_slot, &ifqr_slot, sizeof (ifqr_slot));
-               bcopy(&ifqr->ifqr_len, &ifqr_len, sizeof (ifqr_len));
+       case SIOCGIFQUEUESTATS: {               /* struct if_qstatsreq */
+               bcopy(&ifqr->ifqr_slot, &ifqr_slot, sizeof(ifqr_slot));
+               bcopy(&ifqr->ifqr_len, &ifqr_len, sizeof(ifqr_len));
                error = ifclassq_getqstats(&ifp->if_snd, ifqr_slot,
                    ifqr->ifqr_buf, &ifqr_len);
                error = ifclassq_getqstats(&ifp->if_snd, ifqr_slot,
                    ifqr->ifqr_buf, &ifqr_len);
-               if (error != 0)
+               if (error != 0) {
                        ifqr_len = 0;
                        ifqr_len = 0;
-               bcopy(&ifqr_len, &ifqr->ifqr_len, sizeof (ifqr_len));
+               }
+               bcopy(&ifqr_len, &ifqr->ifqr_len, sizeof(ifqr_len));
                break;
        }
 
                break;
        }
 
@@ -1677,7 +1947,7 @@ ifioctl_qstats(struct ifnet *ifp, u_long cmd, caddr_t data)
                /* NOTREACHED */
        }
 
                /* NOTREACHED */
        }
 
-       return (error);
+       return error;
 }
 
 static __attribute__((noinline)) int
 }
 
 static __attribute__((noinline)) int
@@ -1690,203 +1960,888 @@ ifioctl_throttle(struct ifnet *ifp, u_long cmd, caddr_t data, struct proc *p)
        VERIFY(ifp != NULL);
 
        switch (cmd) {
        VERIFY(ifp != NULL);
 
        switch (cmd) {
-       case SIOCSIFTHROTTLE: {                 /* struct if_throttlereq */
+       case SIOCSIFTHROTTLE: {                 /* struct if_throttlereq */
                /*
                 * XXX: Use priv_check_cred() instead of root check?
                 */
                /*
                 * XXX: Use priv_check_cred() instead of root check?
                 */
-               if ((error = proc_suser(p)) != 0)
-                        break;
-
-               bcopy(&ifthr->ifthr_level, &ifthr_level, sizeof (ifthr_level));
+               if ((error = proc_suser(p)) != 0) {
+                       break;
+               }
+
+               bcopy(&ifthr->ifthr_level, &ifthr_level, sizeof(ifthr_level));
                error = ifnet_set_throttle(ifp, ifthr_level);
                error = ifnet_set_throttle(ifp, ifthr_level);
-               if (error == EALREADY)
+               if (error == EALREADY) {
                        error = 0;
                        error = 0;
+               }
                break;
        }
 
                break;
        }
 
-       case SIOCGIFTHROTTLE: {                 /* struct if_throttlereq */
+       case SIOCGIFTHROTTLE: {                 /* struct if_throttlereq */
                if ((error = ifnet_get_throttle(ifp, &ifthr_level)) == 0) {
                        bcopy(&ifthr_level, &ifthr->ifthr_level,
                if ((error = ifnet_get_throttle(ifp, &ifthr_level)) == 0) {
                        bcopy(&ifthr_level, &ifthr->ifthr_level,
-                           sizeof (ifthr_level));
+                           sizeof(ifthr_level));
+               }
+               break;
+       }
+
+       default:
+               VERIFY(0);
+               /* NOTREACHED */
+       }
+
+       return error;
+}
+
+static int
+ifioctl_getnetagents(struct ifnet *ifp, u_int32_t *count, user_addr_t uuid_p)
+{
+       int error = 0;
+       u_int32_t index = 0;
+       u_int32_t valid_netagent_count = 0;
+       *count = 0;
+
+       ifnet_lock_assert(ifp, IFNET_LCK_ASSERT_SHARED);
+
+       if (ifp->if_agentids != NULL) {
+               for (index = 0; index < ifp->if_agentcount; index++) {
+                       uuid_t *netagent_uuid = &(ifp->if_agentids[index]);
+                       if (!uuid_is_null(*netagent_uuid)) {
+                               if (uuid_p != USER_ADDR_NULL) {
+                                       error = copyout(netagent_uuid,
+                                           uuid_p + sizeof(uuid_t) * valid_netagent_count,
+                                           sizeof(uuid_t));
+                                       if (error != 0) {
+                                               return error;
+                                       }
+                               }
+                               valid_netagent_count++;
+                       }
+               }
+       }
+       *count = valid_netagent_count;
+
+       return 0;
+}
+
+#define IF_MAXAGENTS            64
+#define IF_AGENT_INCREMENT      8
+int
+if_add_netagent_locked(struct ifnet *ifp, uuid_t new_agent_uuid)
+{
+       VERIFY(ifp != NULL);
+
+       uuid_t *first_empty_slot = NULL;
+       u_int32_t index = 0;
+       bool already_added = FALSE;
+
+       if (ifp->if_agentids != NULL) {
+               for (index = 0; index < ifp->if_agentcount; index++) {
+                       uuid_t *netagent_uuid = &(ifp->if_agentids[index]);
+                       if (uuid_compare(*netagent_uuid, new_agent_uuid) == 0) {
+                               /* Already present, ignore */
+                               already_added = TRUE;
+                               break;
+                       }
+                       if (first_empty_slot == NULL &&
+                           uuid_is_null(*netagent_uuid)) {
+                               first_empty_slot = netagent_uuid;
+                       }
+               }
+       }
+       if (already_added) {
+               /* Already added agent, don't return an error */
+               return 0;
+       }
+       if (first_empty_slot == NULL) {
+               if (ifp->if_agentcount >= IF_MAXAGENTS) {
+                       /* No room for another netagent UUID, bail */
+                       return ENOMEM;
+               } else {
+                       /* Calculate new array size */
+                       u_int32_t new_agent_count =
+                           MIN(ifp->if_agentcount + IF_AGENT_INCREMENT,
+                           IF_MAXAGENTS);
+
+                       /* Reallocate array */
+                       uuid_t *new_agent_array = _REALLOC(ifp->if_agentids,
+                           sizeof(uuid_t) * new_agent_count, M_NETAGENT,
+                           M_WAITOK | M_ZERO);
+                       if (new_agent_array == NULL) {
+                               return ENOMEM;
+                       }
+
+                       /* Save new array */
+                       ifp->if_agentids = new_agent_array;
+
+                       /* Set first empty slot */
+                       first_empty_slot =
+                           &(ifp->if_agentids[ifp->if_agentcount]);
+
+                       /* Save new array length */
+                       ifp->if_agentcount = new_agent_count;
+               }
+       }
+       uuid_copy(*first_empty_slot, new_agent_uuid);
+       netagent_post_updated_interfaces(new_agent_uuid);
+       return 0;
+}
+
+int
+if_add_netagent(struct ifnet *ifp, uuid_t new_agent_uuid)
+{
+       VERIFY(ifp != NULL);
+
+       ifnet_lock_exclusive(ifp);
+
+       int error = if_add_netagent_locked(ifp, new_agent_uuid);
+
+       ifnet_lock_done(ifp);
+
+       return error;
+}
+
+static int
+if_delete_netagent_locked(struct ifnet *ifp, uuid_t remove_agent_uuid)
+{
+       u_int32_t index = 0;
+       bool removed_agent_id = FALSE;
+
+       if (ifp->if_agentids != NULL) {
+               for (index = 0; index < ifp->if_agentcount; index++) {
+                       uuid_t *netagent_uuid = &(ifp->if_agentids[index]);
+                       if (uuid_compare(*netagent_uuid,
+                           remove_agent_uuid) == 0) {
+                               uuid_clear(*netagent_uuid);
+                               removed_agent_id = TRUE;
+                               break;
+                       }
+               }
+       }
+       if (removed_agent_id) {
+               netagent_post_updated_interfaces(remove_agent_uuid);
+       }
+
+       return 0;
+}
+
+int
+if_delete_netagent(struct ifnet *ifp, uuid_t remove_agent_uuid)
+{
+       VERIFY(ifp != NULL);
+
+       ifnet_lock_exclusive(ifp);
+
+       int error = if_delete_netagent_locked(ifp, remove_agent_uuid);
+
+       ifnet_lock_done(ifp);
+
+       return error;
+}
+
+boolean_t
+if_check_netagent(struct ifnet *ifp, uuid_t find_agent_uuid)
+{
+       boolean_t found = FALSE;
+
+       if (!ifp || uuid_is_null(find_agent_uuid)) {
+               return FALSE;
+       }
+
+       ifnet_lock_shared(ifp);
+
+       if (ifp->if_agentids != NULL) {
+               for (uint32_t index = 0; index < ifp->if_agentcount; index++) {
+                       if (uuid_compare(ifp->if_agentids[index], find_agent_uuid) == 0) {
+                               found = TRUE;
+                               break;
+                       }
+               }
+       }
+
+       ifnet_lock_done(ifp);
+
+       return found;
+}
+
+static __attribute__((noinline)) int
+ifioctl_netagent(struct ifnet *ifp, u_long cmd, caddr_t data, struct proc *p)
+{
+       struct if_agentidreq *ifar = (struct if_agentidreq *)(void *)data;
+       union {
+               struct if_agentidsreq32 s32;
+               struct if_agentidsreq64 s64;
+       } u;
+       int error = 0;
+
+       VERIFY(ifp != NULL);
+
+       /* Get an io ref count if the interface is attached */
+       if (!ifnet_is_attached(ifp, 1)) {
+               return EOPNOTSUPP;
+       }
+
+       if (cmd == SIOCAIFAGENTID ||
+           cmd == SIOCDIFAGENTID) {
+               ifnet_lock_exclusive(ifp);
+       } else {
+               ifnet_lock_shared(ifp);
+       }
+
+       switch (cmd) {
+       case SIOCAIFAGENTID: {                  /* struct if_agentidreq */
+               // TODO: Use priv_check_cred() instead of root check
+               if ((error = proc_suser(p)) != 0) {
+                       break;
+               }
+               error = if_add_netagent_locked(ifp, ifar->ifar_uuid);
+               break;
+       }
+       case SIOCDIFAGENTID: {                          /* struct if_agentidreq */
+               // TODO: Use priv_check_cred() instead of root check
+               if ((error = proc_suser(p)) != 0) {
+                       break;
+               }
+               error = if_delete_netagent_locked(ifp, ifar->ifar_uuid);
+               break;
+       }
+       case SIOCGIFAGENTIDS32: {               /* struct if_agentidsreq32 */
+               bcopy(data, &u.s32, sizeof(u.s32));
+               error = ifioctl_getnetagents(ifp, &u.s32.ifar_count,
+                   u.s32.ifar_uuids);
+               if (error == 0) {
+                       bcopy(&u.s32, data, sizeof(u.s32));
+               }
+               break;
+       }
+       case SIOCGIFAGENTIDS64: {               /* struct if_agentidsreq64 */
+               bcopy(data, &u.s64, sizeof(u.s64));
+               error = ifioctl_getnetagents(ifp, &u.s64.ifar_count,
+                   u.s64.ifar_uuids);
+               if (error == 0) {
+                       bcopy(&u.s64, data, sizeof(u.s64));
+               }
+               break;
+       }
+       default:
+               VERIFY(0);
+               /* NOTREACHED */
+       }
+
+       ifnet_lock_done(ifp);
+       ifnet_decr_iorefcnt(ifp);
+
+       return error;
+}
+
+void
+ifnet_clear_netagent(uuid_t netagent_uuid)
+{
+       struct ifnet *ifp = NULL;
+       u_int32_t index = 0;
+
+       ifnet_head_lock_shared();
+
+       TAILQ_FOREACH(ifp, &ifnet_head, if_link) {
+               ifnet_lock_shared(ifp);
+               if (ifp->if_agentids != NULL) {
+                       for (index = 0; index < ifp->if_agentcount; index++) {
+                               uuid_t *ifp_netagent_uuid = &(ifp->if_agentids[index]);
+                               if (uuid_compare(*ifp_netagent_uuid, netagent_uuid) == 0) {
+                                       uuid_clear(*ifp_netagent_uuid);
+                               }
+                       }
+               }
+               ifnet_lock_done(ifp);
+       }
+
+       ifnet_head_done();
+}
+
+void
+ifnet_increment_generation(ifnet_t interface)
+{
+       OSIncrementAtomic(&interface->if_generation);
+}
+
+u_int32_t
+ifnet_get_generation(ifnet_t interface)
+{
+       return interface->if_generation;
+}
+
+void
+ifnet_remove_from_ordered_list(struct ifnet *ifp)
+{
+       ifnet_head_assert_exclusive();
+
+       // Remove from list
+       TAILQ_REMOVE(&ifnet_ordered_head, ifp, if_ordered_link);
+       ifp->if_ordered_link.tqe_next = NULL;
+       ifp->if_ordered_link.tqe_prev = NULL;
+
+       // Update ordered count
+       VERIFY(if_ordered_count > 0);
+       if_ordered_count--;
+}
+
+static int
+ifnet_reset_order(u_int32_t *ordered_indices, u_int32_t count)
+{
+       struct ifnet *ifp = NULL;
+       int error = 0;
+
+       ifnet_head_lock_exclusive();
+       for (u_int32_t order_index = 0; order_index < count; order_index++) {
+               if (ordered_indices[order_index] == IFSCOPE_NONE ||
+                   ordered_indices[order_index] > (uint32_t)if_index) {
+                       error = EINVAL;
+                       ifnet_head_done();
+                       return error;
+               }
+       }
+       // Flush current ordered list
+       for (ifp = TAILQ_FIRST(&ifnet_ordered_head); ifp != NULL;
+           ifp = TAILQ_FIRST(&ifnet_ordered_head)) {
+               ifnet_lock_exclusive(ifp);
+               ifnet_remove_from_ordered_list(ifp);
+               ifnet_lock_done(ifp);
+       }
+
+       VERIFY(if_ordered_count == 0);
+
+       for (u_int32_t order_index = 0; order_index < count; order_index++) {
+               u_int32_t interface_index = ordered_indices[order_index];
+               ifp = ifindex2ifnet[interface_index];
+               if (ifp == NULL) {
+                       continue;
+               }
+               ifnet_lock_exclusive(ifp);
+               TAILQ_INSERT_TAIL(&ifnet_ordered_head, ifp, if_ordered_link);
+               ifnet_lock_done(ifp);
+               if_ordered_count++;
+       }
+
+       ifnet_head_done();
+
+       necp_update_all_clients();
+
+       return error;
+}
+
+int
+if_set_qosmarking_mode(struct ifnet *ifp, u_int32_t mode)
+{
+       int error = 0;
+       u_int32_t old_mode = ifp->if_qosmarking_mode;
+
+       switch (mode) {
+       case IFRTYPE_QOSMARKING_MODE_NONE:
+               ifp->if_qosmarking_mode = IFRTYPE_QOSMARKING_MODE_NONE;
+               break;
+       case IFRTYPE_QOSMARKING_FASTLANE:
+       case IFRTYPE_QOSMARKING_RFC4594:
+               ifp->if_qosmarking_mode = mode;
+               break;
+       default:
+               error = EINVAL;
+               break;
+       }
+       if (error == 0 && old_mode != ifp->if_qosmarking_mode) {
+               dlil_post_msg(ifp, KEV_DL_SUBCLASS, KEV_DL_QOS_MODE_CHANGED,
+                   NULL, 0);
+       }
+       return error;
+}
+
+static __attribute__((noinline)) int
+ifioctl_iforder(u_long cmd, caddr_t data)
+{
+       int error = 0;
+       u_int32_t *ordered_indices = NULL;
+       if (data == NULL) {
+               return EINVAL;
+       }
+
+       switch (cmd) {
+       case SIOCSIFORDER: {            /* struct if_order */
+               struct if_order *ifo = (struct if_order *)(void *)data;
+
+               if (ifo->ifo_count > (u_int32_t)if_index) {
+                       error = EINVAL;
+                       break;
+               }
+
+               size_t length = (ifo->ifo_count * sizeof(u_int32_t));
+               if (length > 0) {
+                       if (ifo->ifo_ordered_indices == USER_ADDR_NULL) {
+                               error = EINVAL;
+                               break;
+                       }
+                       ordered_indices = _MALLOC(length, M_NECP, M_WAITOK);
+                       if (ordered_indices == NULL) {
+                               error = ENOMEM;
+                               break;
+                       }
+
+                       error = copyin(ifo->ifo_ordered_indices,
+                           ordered_indices, length);
+                       if (error != 0) {
+                               break;
+                       }
+
+                       /* ordered_indices should not contain duplicates */
+                       bool found_duplicate = FALSE;
+                       for (uint32_t i = 0; i < (ifo->ifo_count - 1) && !found_duplicate; i++) {
+                               for (uint32_t j = i + 1; j < ifo->ifo_count && !found_duplicate; j++) {
+                                       if (ordered_indices[j] == ordered_indices[i]) {
+                                               error = EINVAL;
+                                               found_duplicate = TRUE;
+                                               break;
+                                       }
+                               }
+                       }
+                       if (found_duplicate) {
+                               break;
+                       }
+
+                       error = ifnet_reset_order(ordered_indices, ifo->ifo_count);
+               } else {
+                       // Clear the list
+                       error = ifnet_reset_order(NULL, 0);
+               }
+               break;
+       }
+
+       default: {
+               VERIFY(0);
+               /* NOTREACHED */
+       }
+       }
+
+       if (ordered_indices != NULL) {
+               _FREE(ordered_indices, M_NECP);
+       }
+
+       return error;
+}
+
+static __attribute__((noinline)) int
+ifioctl_networkid(struct ifnet *ifp, caddr_t data)
+{
+       struct if_netidreq *ifnetidr = (struct if_netidreq *)(void *)data;
+       int error = 0;
+       int len = ifnetidr->ifnetid_len;
+
+       VERIFY(ifp != NULL);
+
+       if (len > sizeof(ifnetidr->ifnetid)) {
+               error = EINVAL;
+               goto end;
+       }
+
+       if (len == 0) {
+               bzero(&ifp->network_id, sizeof(ifp->network_id));
+       } else if (len > sizeof(ifp->network_id)) {
+               error = EINVAL;
+               goto end;
+       }
+
+       ifp->network_id_len = len;
+       bcopy(data, ifp->network_id, len);
+end:
+       return error;
+}
+
+static __attribute__((noinline)) int
+ifioctl_netsignature(struct ifnet *ifp, u_long cmd, caddr_t data)
+{
+       struct if_nsreq *ifnsr = (struct if_nsreq *)(void *)data;
+       u_int16_t flags;
+       int error = 0;
+
+       VERIFY(ifp != NULL);
+
+       switch (cmd) {
+       case SIOCSIFNETSIGNATURE:               /* struct if_nsreq */
+               if (ifnsr->ifnsr_len > sizeof(ifnsr->ifnsr_data)) {
+                       error = EINVAL;
+                       break;
+               }
+               bcopy(&ifnsr->ifnsr_flags, &flags, sizeof(flags));
+               error = ifnet_set_netsignature(ifp, ifnsr->ifnsr_family,
+                   ifnsr->ifnsr_len, flags, ifnsr->ifnsr_data);
+               break;
+
+       case SIOCGIFNETSIGNATURE:               /* struct if_nsreq */
+               ifnsr->ifnsr_len = sizeof(ifnsr->ifnsr_data);
+               error = ifnet_get_netsignature(ifp, ifnsr->ifnsr_family,
+                   &ifnsr->ifnsr_len, &flags, ifnsr->ifnsr_data);
+               if (error == 0) {
+                       bcopy(&flags, &ifnsr->ifnsr_flags, sizeof(flags));
+               } else {
+                       ifnsr->ifnsr_len = 0;
                }
                break;
                }
                break;
+
+       default:
+               VERIFY(0);
+               /* NOTREACHED */
        }
 
        }
 
+       return error;
+}
+
+static __attribute__((noinline)) int
+ifioctl_nat64prefix(struct ifnet *ifp, u_long cmd, caddr_t data)
+{
+       struct if_nat64req *ifnat64 = (struct if_nat64req *)(void *)data;
+       int error = 0;
+
+       VERIFY(ifp != NULL);
+
+       switch (cmd) {
+       case SIOCSIFNAT64PREFIX:                /* struct if_nat64req */
+               error = ifnet_set_nat64prefix(ifp, ifnat64->ifnat64_prefixes);
+               if (error != 0) {
+                       ip6stat.ip6s_clat464_plat64_pfx_setfail++;
+               }
+               break;
+
+       case SIOCGIFNAT64PREFIX:                /* struct if_nat64req */
+               error = ifnet_get_nat64prefix(ifp, ifnat64->ifnat64_prefixes);
+               if (error != 0) {
+                       ip6stat.ip6s_clat464_plat64_pfx_getfail++;
+               }
+               break;
+
+       default:
+               VERIFY(0);
+               /* NOTREACHED */
+       }
+
+       return error;
+}
+
+static __attribute__((noinline)) int
+ifioctl_clat46addr(struct ifnet *ifp, u_long cmd, caddr_t data)
+{
+       struct if_clat46req *ifclat46 = (struct if_clat46req *)(void *)data;
+       struct in6_ifaddr *ia6_clat = NULL;
+       int error = 0;
+
+       VERIFY(ifp != NULL);
+
+       switch (cmd) {
+       case SIOCGIFCLAT46ADDR:
+               ia6_clat = in6ifa_ifpwithflag(ifp, IN6_IFF_CLAT46);
+               if (ia6_clat == NULL) {
+                       error = ENOENT;
+                       break;
+               }
+
+               bcopy(&ia6_clat->ia_addr.sin6_addr, &ifclat46->ifclat46_addr.v6_address,
+                   sizeof(ifclat46->ifclat46_addr.v6_address));
+               ifclat46->ifclat46_addr.v6_prefixlen = ia6_clat->ia_plen;
+               IFA_REMREF(&ia6_clat->ia_ifa);
+               break;
+       default:
+               VERIFY(0);
+               /* NOTREACHED */
+       }
+
+       return error;
+}
+
+
+static int
+ifioctl_get_protolist(struct ifnet *ifp, u_int32_t * ret_count,
+    user_addr_t ifpl)
+{
+       u_int32_t       actual_count;
+       u_int32_t       count;
+       int             error = 0;
+       u_int32_t       *list = NULL;
+
+       /* find out how many */
+       count = if_get_protolist(ifp, NULL, 0);
+       if (ifpl == USER_ADDR_NULL) {
+               goto done;
+       }
+
+       /* copy out how many there's space for */
+       if (*ret_count < count) {
+               count = *ret_count;
+       }
+       if (count == 0) {
+               goto done;
+       }
+       list = _MALLOC(count * sizeof(*list), M_TEMP, M_WAITOK | M_ZERO);
+       if (list == NULL) {
+               error = ENOMEM;
+               goto done;
+       }
+       actual_count = if_get_protolist(ifp, list, count);
+       if (actual_count < count) {
+               count = actual_count;
+       }
+       if (count != 0) {
+               error = copyout((caddr_t)list, ifpl, count * sizeof(*list));
+       }
+
+done:
+       if (list != NULL) {
+               if_free_protolist(list);
+       }
+       *ret_count = count;
+       return error;
+}
+
+static __attribute__((noinline)) int
+ifioctl_protolist(struct ifnet *ifp, u_long cmd, caddr_t data)
+{
+       int error = 0;
+
+       switch (cmd) {
+       case SIOCGIFPROTOLIST32: {              /* struct if_protolistreq32 */
+               struct if_protolistreq32        ifpl;
+
+               bcopy(data, &ifpl, sizeof(ifpl));
+               if (ifpl.ifpl_reserved != 0) {
+                       error = EINVAL;
+                       break;
+               }
+               error = ifioctl_get_protolist(ifp, &ifpl.ifpl_count,
+                   CAST_USER_ADDR_T(ifpl.ifpl_list));
+               bcopy(&ifpl, data, sizeof(ifpl));
+               break;
+       }
+       case SIOCGIFPROTOLIST64: {              /* struct if_protolistreq64 */
+               struct if_protolistreq64        ifpl;
+
+               bcopy(data, &ifpl, sizeof(ifpl));
+               if (ifpl.ifpl_reserved != 0) {
+                       error = EINVAL;
+                       break;
+               }
+               error = ifioctl_get_protolist(ifp, &ifpl.ifpl_count,
+                   ifpl.ifpl_list);
+               bcopy(&ifpl, data, sizeof(ifpl));
+               break;
+       }
+       default:
+               VERIFY(0);
+               /* NOTREACHED */
+       }
+
+       return error;
+}
+
+/*
+ * List the ioctl()s we can perform on restricted INTCOPROC interfaces.
+ */
+static bool
+ifioctl_restrict_intcoproc(unsigned long cmd, const char *ifname,
+    struct ifnet *ifp, struct proc *p)
+{
+       if (intcoproc_unrestricted == TRUE) {
+               return false;
+       }
+       if (proc_pid(p) == 0) {
+               return false;
+       }
+       if (ifname) {
+               ifp = ifunit(ifname);
+       }
+       if (ifp == NULL) {
+               return false;
+       }
+       if (!IFNET_IS_INTCOPROC(ifp)) {
+               return false;
+       }
+       switch (cmd) {
+       case SIOCGIFBRDADDR:
+       case SIOCGIFCONF32:
+       case SIOCGIFCONF64:
+       case SIOCGIFFLAGS:
+       case SIOCGIFEFLAGS:
+       case SIOCGIFCAP:
+       case SIOCGIFMETRIC:
+       case SIOCGIFMTU:
+       case SIOCGIFPHYS:
+       case SIOCGIFTYPE:
+       case SIOCGIFFUNCTIONALTYPE:
+       case SIOCGIFPSRCADDR:
+       case SIOCGIFPDSTADDR:
+       case SIOCGIFGENERIC:
+       case SIOCGIFDEVMTU:
+       case SIOCGIFVLAN:
+       case SIOCGIFBOND:
+       case SIOCGIFWAKEFLAGS:
+       case SIOCGIFGETRTREFCNT:
+       case SIOCGIFOPPORTUNISTIC:
+       case SIOCGIFLINKQUALITYMETRIC:
+       case SIOCGIFLOG:
+       case SIOCGIFDELEGATE:
+       case SIOCGIFEXPENSIVE:
+       case SIOCGIFINTERFACESTATE:
+       case SIOCGIFPROBECONNECTIVITY:
+       case SIOCGIFTIMESTAMPENABLED:
+       case SIOCGECNMODE:
+       case SIOCGQOSMARKINGMODE:
+       case SIOCGQOSMARKINGENABLED:
+       case SIOCGIFLOWINTERNET:
+       case SIOCGIFSTATUS:
+       case SIOCGIFMEDIA32:
+       case SIOCGIFMEDIA64:
+       case SIOCGIFXMEDIA32:
+       case SIOCGIFXMEDIA64:
+       case SIOCGIFDESC:
+       case SIOCGIFLINKPARAMS:
+       case SIOCGIFQUEUESTATS:
+       case SIOCGIFTHROTTLE:
+       case SIOCGIFAGENTIDS32:
+       case SIOCGIFAGENTIDS64:
+       case SIOCGIFNETSIGNATURE:
+       case SIOCGIFINFO_IN6:
+       case SIOCGIFAFLAG_IN6:
+       case SIOCGNBRINFO_IN6:
+       case SIOCGIFALIFETIME_IN6:
+       case SIOCGIFNETMASK_IN6:
+       case SIOCGIFPROTOLIST32:
+       case SIOCGIFPROTOLIST64:
+       case SIOCGIFXFLAGS:
+               return false;
        default:
        default:
-               VERIFY(0);
-               /* NOTREACHED */
+#if (DEBUG || DEVELOPMENT)
+               printf("%s: cmd 0x%lx not allowed (pid %u)\n",
+                   __func__, cmd, proc_pid(p));
+#endif
+               return true;
        }
        }
-
-       return (error);
+       return false;
 }
 
 }
 
+/*
+ * Given a media word, return one suitable for an application
+ * using the original encoding.
+ */
 static int
 static int
-ifioctl_getnetagents(struct ifnet *ifp, u_int32_t *count, user_addr_t uuid_p)
+compat_media(int media)
 {
 {
-       int error = 0;
-       int index = 0;
-       u_int32_t valid_netagent_count = 0;
-       *count = 0;
-       for (index = 0; index < IF_MAXAGENTS; index++) {
-               uuid_t *netagent_uuid = &(ifp->if_agentids[index]);
-               if (!uuid_is_null(*netagent_uuid)) {
-                       if (uuid_p != USER_ADDR_NULL) {
-                               if ((error = copyout(netagent_uuid,
-                                                    uuid_p + sizeof(uuid_t) * valid_netagent_count,
-                                                    sizeof(uuid_t))) != 0) {
-                                       return (error);
-                               }
-                       }
-                       valid_netagent_count++;
-               }
+       if (IFM_TYPE(media) == IFM_ETHER && IFM_SUBTYPE(media) > IFM_OTHER) {
+               media &= ~IFM_TMASK;
+               media |= IFM_OTHER;
        }
        }
-       *count = valid_netagent_count;
-
-       return (0);
+       return media;
 }
 
 }
 
-static __attribute__((noinline)) int
-ifioctl_netagent(struct ifnet *ifp, u_long cmd, caddr_t data, struct proc *p)
+static int
+compat_ifmu_ulist(struct ifnet *ifp, u_long cmd, void *data)
 {
 {
-       struct if_agentidreq *ifar = (struct if_agentidreq *)(void *)data;
-       union {
-               struct if_agentidsreq32 s32;
-               struct if_agentidsreq64 s64;
-       } u;
+       struct ifmediareq *ifmr = (struct ifmediareq *)data;
+       user_addr_t user_addr;
+       int i;
+       int *media_list = NULL;
        int error = 0;
        int error = 0;
-       int index = 0;
+       bool list_modified = false;
 
 
-       VERIFY(ifp != NULL);
+       user_addr = (cmd == SIOCGIFMEDIA64) ?
+           ((struct ifmediareq64 *)ifmr)->ifmu_ulist :
+           CAST_USER_ADDR_T(((struct ifmediareq32 *)ifmr)->ifmu_ulist);
+       if (user_addr == USER_ADDR_NULL || ifmr->ifm_count == 0) {
+               return 0;
+       }
+       MALLOC(media_list, int *, ifmr->ifm_count * sizeof(int),
+           M_TEMP, M_WAITOK | M_ZERO);
+       if (media_list == NULL) {
+               os_log_error(OS_LOG_DEFAULT,
+                   "%s: %s MALLOC() failed",
+                   __func__, ifp->if_xname);
+               error = ENOMEM;
+               goto done;
+       }
+       error = copyin(user_addr, media_list, ifmr->ifm_count * sizeof(int));
+       if (error != 0) {
+               os_log_error(OS_LOG_DEFAULT,
+                   "%s: %s copyin() error %d",
+                   __func__, ifp->if_xname, error);
+               goto done;
+       }
+       for (i = 0; i < ifmr->ifm_count; i++) {
+               int old_media, new_media;
 
 
-       switch (cmd) {
-               case SIOCAIFAGENTID: {          /* struct if_agentidreq */
-                       uuid_t *first_empty_slot = NULL;
-                       // TODO: Use priv_check_cred() instead of root check
-                       if ((error = proc_suser(p)) != 0) {
-                               break;
-                       }
-                       for (index = 0; index < IF_MAXAGENTS; index++) {
-                               uuid_t *netagent_uuid = &(ifp->if_agentids[index]);
-                               if (uuid_compare(*netagent_uuid, ifar->ifar_uuid) == 0) {
-                                       /* Already present, ignore */
-                                       break;
-                               }
-                               if (first_empty_slot == NULL &&
-                                       uuid_is_null(*netagent_uuid)) {
-                                       first_empty_slot = netagent_uuid;
-                               }
-                       }
-                       if (first_empty_slot == NULL) {
-                               error = ENOMEM; /* No empty slot for a netagent UUID, bail */
-                               break;
-                       }
-                       uuid_copy(*first_empty_slot, ifar->ifar_uuid);
-                       netagent_post_updated_interfaces(ifar->ifar_uuid);
-                       break;
-               }
-               case SIOCDIFAGENTID: {                  /* struct if_agentidreq */
-                       bool removed_agent_id = FALSE;
-                       // TODO: Use priv_check_cred() instead of root check
-                       if ((error = proc_suser(p)) != 0) {
-                               break;
-                       }
-                       for (index = 0; index < IF_MAXAGENTS; index++) {
-                               uuid_t *netagent_uuid = &(ifp->if_agentids[index]);
-                               if (uuid_compare(*netagent_uuid, ifar->ifar_uuid) == 0) {
-                                       uuid_clear(*netagent_uuid);
-                                       removed_agent_id = TRUE;
-                                       break;
-                               }
-                       }
-                       if (removed_agent_id) {
-                               netagent_post_updated_interfaces(ifar->ifar_uuid);
-                       }
-                       break;
+               old_media = media_list[i];
+
+               new_media = compat_media(old_media);
+               if (new_media == old_media) {
+                       continue;
                }
                }
-               case SIOCGIFAGENTIDS32: {                       /* struct if_agentidsreq32 */
-                       bcopy(data, &u.s32, sizeof(u.s32));
-                       error = ifioctl_getnetagents(ifp, &u.s32.ifar_count, u.s32.ifar_uuids);
-                       if (error == 0) {
-                               bcopy(&u.s32, data, sizeof(u.s32));
-                       }
-                       break;
+               if (if_verbose != 0) {
+                       os_log_info(OS_LOG_DEFAULT,
+                           "%s: %s converted extended media %08x to compat media %08x",
+                           __func__, ifp->if_xname, old_media, new_media);
                }
                }
-               case SIOCGIFAGENTIDS64: {                       /* struct if_agentidsreq64 */
-                       bcopy(data, &u.s64, sizeof(u.s64));
-                       error = ifioctl_getnetagents(ifp, &u.s64.ifar_count, u.s64.ifar_uuids);
-                       if (error == 0) {
-                               bcopy(&u.s64, data, sizeof(u.s64));
-                       }
-                       break;
+               media_list[i] = new_media;
+               list_modified = true;
+       }
+       if (list_modified) {
+               error = copyout(media_list, user_addr, ifmr->ifm_count * sizeof(int));
+               if (error != 0) {
+                       os_log_error(OS_LOG_DEFAULT,
+                           "%s: %s copyout() error %d",
+                           __func__, ifp->if_xname, error);
+                       goto done;
                }
                }
-               default:
-                       VERIFY(0);
-                       /* NOTREACHED */
        }
        }
-
-       return (error);
+done:
+       if (media_list != NULL) {
+               FREE(media_list, M_TEMP);
+       }
+       return error;
 }
 
 }
 
-void
-ifnet_clear_netagent(uuid_t netagent_uuid)
+static int
+compat_ifmediareq(struct ifnet *ifp, u_long cmd, void *data)
 {
 {
-       struct ifnet *ifp = NULL;
-       int index = 0;
-       bool removed_agent_id = FALSE;
+       struct ifmediareq *ifmr = (struct ifmediareq *)data;
+       int error;
 
 
-       ifnet_head_lock_shared();
+       ifmr->ifm_active = compat_media(ifmr->ifm_active);
+       ifmr->ifm_current = compat_media(ifmr->ifm_current);
 
 
-       TAILQ_FOREACH(ifp, &ifnet_head, if_link) {
-               for (index = 0; index < IF_MAXAGENTS; index++) {
-                       uuid_t *ifp_netagent_uuid = &(ifp->if_agentids[index]);
-                       if (uuid_compare(*ifp_netagent_uuid, netagent_uuid) == 0) {
-                               uuid_clear(*ifp_netagent_uuid);
-                               removed_agent_id = TRUE;
-                       }
-               }
-       }
+       error = compat_ifmu_ulist(ifp, cmd, data);
 
 
-       ifnet_head_done();
+       return error;
 }
 
 }
 
-static __attribute__((noinline)) int
-ifioctl_netsignature(struct ifnet *ifp, u_long cmd, caddr_t data)
+static int
+ifioctl_get_media(struct ifnet *ifp, struct socket *so, u_long cmd, caddr_t data)
 {
 {
-       struct if_nsreq *ifnsr = (struct if_nsreq *)(void *)data;
-       u_int16_t flags;
        int error = 0;
 
        int error = 0;
 
-       VERIFY(ifp != NULL);
-
+       /*
+        * An ifnet must not implement SIOCGIFXMEDIA as it gets the extended
+        *  media subtypes macros from <net/if_media.h>
+        */
        switch (cmd) {
        switch (cmd) {
-       case SIOCSIFNETSIGNATURE:               /* struct if_nsreq */
-               if (ifnsr->ifnsr_len > sizeof (ifnsr->ifnsr_data)) {
-                       error = EINVAL;
-                       break;
-               }
-               bcopy(&ifnsr->ifnsr_flags, &flags, sizeof (flags));
-               error = ifnet_set_netsignature(ifp, ifnsr->ifnsr_family,
-                   ifnsr->ifnsr_len, flags, ifnsr->ifnsr_data);
+       case SIOCGIFMEDIA32:
+       case SIOCGIFXMEDIA32:
+               error = ifnet_ioctl(ifp, SOCK_DOM(so), SIOCGIFMEDIA32, data);
                break;
                break;
-
-       case SIOCGIFNETSIGNATURE:               /* struct if_nsreq */
-               ifnsr->ifnsr_len = sizeof (ifnsr->ifnsr_data);
-               error = ifnet_get_netsignature(ifp, ifnsr->ifnsr_family,
-                   &ifnsr->ifnsr_len, &flags, ifnsr->ifnsr_data);
-               if (error == 0)
-                       bcopy(&flags, &ifnsr->ifnsr_flags, sizeof (flags));
-               else
-                       ifnsr->ifnsr_len = 0;
+       case SIOCGIFMEDIA64:
+       case SIOCGIFXMEDIA64:
+               error = ifnet_ioctl(ifp, SOCK_DOM(so), SIOCGIFMEDIA64, data);
                break;
                break;
-
-       default:
-               VERIFY(0);
-               /* NOTREACHED */
        }
        }
-
-       return (error);
+       if (if_verbose != 0 && error != 0) {
+               os_log(OS_LOG_DEFAULT, "%s: first ifnet_ioctl(%s, %08lx) error %d",
+                   __func__, ifp->if_xname, cmd, error);
+       }
+       if (error == 0 && (cmd == SIOCGIFMEDIA32 || cmd == SIOCGIFMEDIA64)) {
+               error = compat_ifmediareq(ifp, cmd, data);
+       }
+       return error;
 }
 }
-
 /*
  * Interface ioctls.
  *
 /*
  * Interface ioctls.
  *
@@ -1903,104 +2858,134 @@ ifioctl(struct socket *so, u_long cmd, caddr_t data, struct proc *p)
        struct ifstat *ifs = NULL;
        int error = 0;
 
        struct ifstat *ifs = NULL;
        int error = 0;
 
-       bzero(ifname, sizeof (ifname));
+       bzero(ifname, sizeof(ifname));
 
        /*
         * ioctls which don't require ifp, or ifreq ioctls
         */
        switch (cmd) {
 
        /*
         * ioctls which don't require ifp, or ifreq ioctls
         */
        switch (cmd) {
-       case OSIOCGIFCONF32:                    /* struct ifconf32 */
-       case SIOCGIFCONF32:                     /* struct ifconf32 */
-       case SIOCGIFCONF64:                     /* struct ifconf64 */
-       case OSIOCGIFCONF64:                    /* struct ifconf64 */
+       case OSIOCGIFCONF32:                    /* struct ifconf32 */
+       case SIOCGIFCONF32:                     /* struct ifconf32 */
+       case SIOCGIFCONF64:                     /* struct ifconf64 */
+       case OSIOCGIFCONF64:                    /* struct ifconf64 */
                error = ifioctl_ifconf(cmd, data);
                goto done;
 
                error = ifioctl_ifconf(cmd, data);
                goto done;
 
-       case SIOCIFGCLONERS32:                  /* struct if_clonereq32 */
-       case SIOCIFGCLONERS64:                  /* struct if_clonereq64 */
+       case SIOCIFGCLONERS32:                  /* struct if_clonereq32 */
+       case SIOCIFGCLONERS64:                  /* struct if_clonereq64 */
                error = ifioctl_ifclone(cmd, data);
                goto done;
 
                error = ifioctl_ifclone(cmd, data);
                goto done;
 
-       case SIOCGIFAGENTDATA32:                /* struct netagent_req32 */
-       case SIOCGIFAGENTDATA64:                /* struct netagent_req64 */
+       case SIOCGIFAGENTDATA32:                /* struct netagent_req32 */
+       case SIOCGIFAGENTDATA64:                /* struct netagent_req64 */
+       case SIOCGIFAGENTLIST32:                /* struct netagentlist_req32 */
+       case SIOCGIFAGENTLIST64:                /* struct netagentlist_req64 */
                error = netagent_ioctl(cmd, data);
                goto done;
 
                error = netagent_ioctl(cmd, data);
                goto done;
 
-       case SIOCSIFDSTADDR:                    /* struct ifreq */
-       case SIOCSIFADDR:                       /* struct ifreq */
-       case SIOCSIFBRDADDR:                    /* struct ifreq */
-       case SIOCSIFNETMASK:                    /* struct ifreq */
-       case OSIOCGIFADDR:                      /* struct ifreq */
-       case OSIOCGIFDSTADDR:                   /* struct ifreq */
-       case OSIOCGIFBRDADDR:                   /* struct ifreq */
-       case OSIOCGIFNETMASK:                   /* struct ifreq */
-       case SIOCSIFKPI:                        /* struct ifreq */
+       case SIOCSIFORDER:                      /* struct if_order */
+               error = ifioctl_iforder(cmd, data);
+               goto done;
+
+       case SIOCSIFDSTADDR:                    /* struct ifreq */
+       case SIOCSIFADDR:                       /* struct ifreq */
+       case SIOCSIFBRDADDR:                    /* struct ifreq */
+       case SIOCSIFNETMASK:                    /* struct ifreq */
+       case OSIOCGIFADDR:                      /* struct ifreq */
+       case OSIOCGIFDSTADDR:                   /* struct ifreq */
+       case OSIOCGIFBRDADDR:                   /* struct ifreq */
+       case OSIOCGIFNETMASK:                   /* struct ifreq */
+       case SIOCSIFKPI:                        /* struct ifreq */
                if (so->so_proto == NULL) {
                        error = EOPNOTSUPP;
                        goto done;
                }
                if (so->so_proto == NULL) {
                        error = EOPNOTSUPP;
                        goto done;
                }
-               /* FALLTHRU */
-       case SIOCIFCREATE:                      /* struct ifreq */
-       case SIOCIFCREATE2:                     /* struct ifreq */
-       case SIOCIFDESTROY:                     /* struct ifreq */
-       case SIOCGIFFLAGS:                      /* struct ifreq */
-       case SIOCGIFEFLAGS:                     /* struct ifreq */
-       case SIOCGIFCAP:                        /* struct ifreq */
-#if CONFIG_MACF_NET
-       case SIOCGIFMAC:                        /* struct ifreq */
-       case SIOCSIFMAC:                        /* struct ifreq */
-#endif /* CONFIG_MACF_NET */
-       case SIOCGIFMETRIC:                     /* struct ifreq */
-       case SIOCGIFMTU:                        /* struct ifreq */
-       case SIOCGIFPHYS:                       /* struct ifreq */
-       case SIOCSIFFLAGS:                      /* struct ifreq */
-       case SIOCSIFCAP:                        /* struct ifreq */
-       case SIOCSIFMETRIC:                     /* struct ifreq */
-       case SIOCSIFPHYS:                       /* struct ifreq */
-       case SIOCSIFMTU:                        /* struct ifreq */
-       case SIOCADDMULTI:                      /* struct ifreq */
-       case SIOCDELMULTI:                      /* struct ifreq */
-       case SIOCDIFPHYADDR:                    /* struct ifreq */
-       case SIOCSIFMEDIA:                      /* struct ifreq */
-       case SIOCSIFGENERIC:                    /* struct ifreq */
-       case SIOCSIFLLADDR:                     /* struct ifreq */
-       case SIOCSIFALTMTU:                     /* struct ifreq */
-       case SIOCSIFVLAN:                       /* struct ifreq */
-       case SIOCSIFBOND:                       /* struct ifreq */
-       case SIOCGIFLLADDR:                     /* struct ifreq */
-       case SIOCGIFTYPE:                       /* struct ifreq */
-       case SIOCGIFFUNCTIONALTYPE:             /* struct ifreq */
-       case SIOCGIFPSRCADDR:                   /* struct ifreq */
-       case SIOCGIFPDSTADDR:                   /* struct ifreq */
-       case SIOCGIFGENERIC:                    /* struct ifreq */
-       case SIOCGIFDEVMTU:                     /* struct ifreq */
-       case SIOCGIFVLAN:                       /* struct ifreq */
-       case SIOCGIFBOND:                       /* struct ifreq */
-       case SIOCGIFWAKEFLAGS:                  /* struct ifreq */
-       case SIOCGIFGETRTREFCNT:                /* struct ifreq */
-       case SIOCSIFOPPORTUNISTIC:              /* struct ifreq */
-       case SIOCGIFOPPORTUNISTIC:              /* struct ifreq */
-       case SIOCGIFLINKQUALITYMETRIC:          /* struct ifreq */
-       case SIOCSIFLOG:                        /* struct ifreq */
-       case SIOCGIFLOG:                        /* struct ifreq */
-       case SIOCGIFDELEGATE:                   /* struct ifreq */
-       case SIOCGIFEXPENSIVE:                  /* struct ifreq */
-       case SIOCSIFEXPENSIVE:                  /* struct ifreq */
-       case SIOCSIF2KCL:                       /* struct ifreq */
-       case SIOCGIF2KCL:                       /* struct ifreq */
-       case SIOCSIFINTERFACESTATE:             /* struct ifreq */
-       case SIOCGIFINTERFACESTATE:             /* struct ifreq */
-       case SIOCSIFPROBECONNECTIVITY:          /* struct ifreq */
-       case SIOCGIFPROBECONNECTIVITY:          /* struct ifreq */
-       case SIOCGSTARTDELAY:                   /* struct ifreq */
-       case SIOCGECNMODE:                      /* struct ifreq */
-       case SIOCSECNMODE: {                    /* struct ifreq */
+               OS_FALLTHROUGH;
+       case SIOCIFCREATE:                      /* struct ifreq */
+       case SIOCIFCREATE2:                     /* struct ifreq */
+       case SIOCIFDESTROY:                     /* struct ifreq */
+       case SIOCGIFFLAGS:                      /* struct ifreq */
+       case SIOCGIFEFLAGS:                     /* struct ifreq */
+       case SIOCGIFCAP:                        /* struct ifreq */
+       case SIOCGIFMETRIC:                     /* struct ifreq */
+       case SIOCGIFMTU:                        /* struct ifreq */
+       case SIOCGIFPHYS:                       /* struct ifreq */
+       case SIOCSIFFLAGS:                      /* struct ifreq */
+       case SIOCSIFCAP:                        /* struct ifreq */
+       case SIOCSIFMETRIC:                     /* struct ifreq */
+       case SIOCSIFPHYS:                       /* struct ifreq */
+       case SIOCSIFMTU:                        /* struct ifreq */
+       case SIOCADDMULTI:                      /* struct ifreq */
+       case SIOCDELMULTI:                      /* struct ifreq */
+       case SIOCDIFPHYADDR:                    /* struct ifreq */
+       case SIOCSIFMEDIA:                      /* struct ifreq */
+       case SIOCSIFGENERIC:                    /* struct ifreq */
+       case SIOCSIFLLADDR:                     /* struct ifreq */
+       case SIOCSIFALTMTU:                     /* struct ifreq */
+       case SIOCSIFVLAN:                       /* struct ifreq */
+       case SIOCSIFBOND:                       /* struct ifreq */
+       case SIOCGIFLLADDR:                     /* struct ifreq */
+       case SIOCGIFTYPE:                       /* struct ifreq */
+       case SIOCGIFFUNCTIONALTYPE:             /* struct ifreq */
+       case SIOCGIFPSRCADDR:                   /* struct ifreq */
+       case SIOCGIFPDSTADDR:                   /* struct ifreq */
+       case SIOCGIFGENERIC:                    /* struct ifreq */
+       case SIOCGIFDEVMTU:                     /* struct ifreq */
+       case SIOCGIFVLAN:                       /* struct ifreq */
+       case SIOCGIFBOND:                       /* struct ifreq */
+       case SIOCGIFWAKEFLAGS:                  /* struct ifreq */
+       case SIOCGIFGETRTREFCNT:                /* struct ifreq */
+       case SIOCSIFOPPORTUNISTIC:              /* struct ifreq */
+       case SIOCGIFOPPORTUNISTIC:              /* struct ifreq */
+       case SIOCGIFLINKQUALITYMETRIC:          /* struct ifreq */
+       case SIOCSIFLOG:                        /* struct ifreq */
+       case SIOCGIFLOG:                        /* struct ifreq */
+       case SIOCGIFDELEGATE:                   /* struct ifreq */
+       case SIOCGIFEXPENSIVE:                  /* struct ifreq */
+       case SIOCSIFEXPENSIVE:                  /* struct ifreq */
+       case SIOCSIF2KCL:                       /* struct ifreq */
+       case SIOCGIF2KCL:                       /* struct ifreq */
+       case SIOCSIFINTERFACESTATE:             /* struct ifreq */
+       case SIOCGIFINTERFACESTATE:             /* struct ifreq */
+       case SIOCSIFPROBECONNECTIVITY:          /* struct ifreq */
+       case SIOCGIFPROBECONNECTIVITY:          /* struct ifreq */
+       case SIOCGSTARTDELAY:                   /* struct ifreq */
+       case SIOCSIFTIMESTAMPENABLE:            /* struct ifreq */
+       case SIOCSIFTIMESTAMPDISABLE:           /* struct ifreq */
+       case SIOCGIFTIMESTAMPENABLED:           /* struct ifreq */
+#if (DEBUG || DEVELOPMENT)
+       case SIOCSIFDISABLEOUTPUT:              /* struct ifreq */
+#endif /* (DEBUG || DEVELOPMENT) */
+       case SIOCGECNMODE:                      /* struct ifreq */
+       case SIOCSECNMODE:
+       case SIOCSQOSMARKINGMODE:               /* struct ifreq */
+       case SIOCSQOSMARKINGENABLED:            /* struct ifreq */
+       case SIOCGQOSMARKINGMODE:               /* struct ifreq */
+       case SIOCGQOSMARKINGENABLED:            /* struct ifreq */
+       case SIOCSIFLOWINTERNET:                /* struct ifreq */
+       case SIOCGIFLOWINTERNET:                /* struct ifreq */
+       case SIOCGIFLOWPOWER:                   /* struct ifreq */
+       case SIOCSIFLOWPOWER:                   /* struct ifreq */
+       case SIOCSIF6LOWPAN:                    /* struct ifreq */
+       case SIOCGIF6LOWPAN:                    /* struct ifreq */
+       case SIOCGIFMPKLOG:                     /* struct ifreq */
+       case SIOCSIFMPKLOG:                     /* struct ifreq */
+       case SIOCGIFCONSTRAINED:                /* struct ifreq */
+       case SIOCSIFCONSTRAINED:                /* struct ifreq */
+       case SIOCGIFXFLAGS:                     /* struct ifreq */
+       case SIOCGIFNOACKPRIO:                  /* struct ifreq */
+       case SIOCSIFNOACKPRIO:                  /* struct ifreq */
+       {                       /* struct ifreq */
                struct ifreq ifr;
                struct ifreq ifr;
-               bcopy(data, &ifr, sizeof (ifr));
+               bcopy(data, &ifr, sizeof(ifr));
                ifr.ifr_name[IFNAMSIZ - 1] = '\0';
                bcopy(&ifr.ifr_name, ifname, IFNAMSIZ);
                ifr.ifr_name[IFNAMSIZ - 1] = '\0';
                bcopy(&ifr.ifr_name, ifname, IFNAMSIZ);
+               if (ifioctl_restrict_intcoproc(cmd, ifname, NULL, p) == true) {
+                       error = EPERM;
+                       goto done;
+               }
                error = ifioctl_ifreq(so, cmd, &ifr, p);
                error = ifioctl_ifreq(so, cmd, &ifr, p);
-               bcopy(&ifr, data, sizeof (ifr));
+               bcopy(&ifr, data, sizeof(ifr));
                goto done;
        }
        }
                goto done;
        }
        }
@@ -2011,94 +2996,105 @@ ifioctl(struct socket *so, u_long cmd, caddr_t data, struct proc *p)
         */
        dlil_if_lock();
        switch (cmd) {
         */
        dlil_if_lock();
        switch (cmd) {
-       case SIOCSIFPHYADDR:                    /* struct {if,in_}aliasreq */
+       case SIOCSIFPHYADDR:                    /* struct {if,in_}aliasreq */
                bcopy(((struct in_aliasreq *)(void *)data)->ifra_name,
                    ifname, IFNAMSIZ);
                bcopy(((struct in_aliasreq *)(void *)data)->ifra_name,
                    ifname, IFNAMSIZ);
-               ifp = ifunit(ifname);
+               ifp = ifunit_ref(ifname);
                break;
 
                break;
 
-#if INET6
-       case SIOCSIFPHYADDR_IN6_32:             /* struct in6_aliasreq_32 */
+       case SIOCSIFPHYADDR_IN6_32:             /* struct in6_aliasreq_32 */
                bcopy(((struct in6_aliasreq_32 *)(void *)data)->ifra_name,
                    ifname, IFNAMSIZ);
                bcopy(((struct in6_aliasreq_32 *)(void *)data)->ifra_name,
                    ifname, IFNAMSIZ);
-               ifp = ifunit(ifname);
+               ifp = ifunit_ref(ifname);
                break;
 
                break;
 
-       case SIOCSIFPHYADDR_IN6_64:             /* struct in6_aliasreq_64 */
+       case SIOCSIFPHYADDR_IN6_64:             /* struct in6_aliasreq_64 */
                bcopy(((struct in6_aliasreq_64 *)(void *)data)->ifra_name,
                    ifname, IFNAMSIZ);
                bcopy(((struct in6_aliasreq_64 *)(void *)data)->ifra_name,
                    ifname, IFNAMSIZ);
-               ifp = ifunit(ifname);
+               ifp = ifunit_ref(ifname);
                break;
                break;
-#endif /* INET6 */
 
 
-       case SIOCGIFSTATUS:                     /* struct ifstat */
-               ifs = _MALLOC(sizeof (*ifs), M_DEVBUF, M_WAITOK);
+       case SIOCGIFSTATUS:                     /* struct ifstat */
+               ifs = _MALLOC(sizeof(*ifs), M_DEVBUF, M_WAITOK);
                if (ifs == NULL) {
                        error = ENOMEM;
                        dlil_if_unlock();
                        goto done;
                }
                if (ifs == NULL) {
                        error = ENOMEM;
                        dlil_if_unlock();
                        goto done;
                }
-               bcopy(data, ifs, sizeof (*ifs));
+               bcopy(data, ifs, sizeof(*ifs));
                ifs->ifs_name[IFNAMSIZ - 1] = '\0';
                bcopy(ifs->ifs_name, ifname, IFNAMSIZ);
                ifs->ifs_name[IFNAMSIZ - 1] = '\0';
                bcopy(ifs->ifs_name, ifname, IFNAMSIZ);
-               ifp = ifunit(ifname);
+               ifp = ifunit_ref(ifname);
                break;
 
                break;
 
-       case SIOCGIFMEDIA32:                    /* struct ifmediareq32 */
+       case SIOCGIFMEDIA32:                    /* struct ifmediareq32 */
+       case SIOCGIFXMEDIA32:                    /* struct ifmediareq32 */
                bcopy(((struct ifmediareq32 *)(void *)data)->ifm_name,
                    ifname, IFNAMSIZ);
                bcopy(((struct ifmediareq32 *)(void *)data)->ifm_name,
                    ifname, IFNAMSIZ);
-               ifp = ifunit(ifname);
+               ifp = ifunit_ref(ifname);
                break;
 
                break;
 
-       case SIOCGIFMEDIA64:                    /* struct ifmediareq64 */
+       case SIOCGIFMEDIA64:                    /* struct ifmediareq64 */
+       case SIOCGIFXMEDIA64:                    /* struct ifmediareq64 */
                bcopy(((struct ifmediareq64 *)(void *)data)->ifm_name,
                    ifname, IFNAMSIZ);
                bcopy(((struct ifmediareq64 *)(void *)data)->ifm_name,
                    ifname, IFNAMSIZ);
-               ifp = ifunit(ifname);
+               ifp = ifunit_ref(ifname);
                break;
 
                break;
 
-       case SIOCSIFDESC:                       /* struct if_descreq */
-       case SIOCGIFDESC:                       /* struct if_descreq */
+       case SIOCSIFDESC:                       /* struct if_descreq */
+       case SIOCGIFDESC:                       /* struct if_descreq */
                bcopy(((struct if_descreq *)(void *)data)->ifdr_name,
                    ifname, IFNAMSIZ);
                bcopy(((struct if_descreq *)(void *)data)->ifdr_name,
                    ifname, IFNAMSIZ);
-               ifp = ifunit(ifname);
+               ifp = ifunit_ref(ifname);
                break;
 
                break;
 
-       case SIOCSIFLINKPARAMS:                 /* struct if_linkparamsreq */
-       case SIOCGIFLINKPARAMS:                 /* struct if_linkparamsreq */
+       case SIOCSIFLINKPARAMS:                 /* struct if_linkparamsreq */
+       case SIOCGIFLINKPARAMS:                 /* struct if_linkparamsreq */
                bcopy(((struct if_linkparamsreq *)(void *)data)->iflpr_name,
                    ifname, IFNAMSIZ);
                bcopy(((struct if_linkparamsreq *)(void *)data)->iflpr_name,
                    ifname, IFNAMSIZ);
-               ifp = ifunit(ifname);
+               ifp = ifunit_ref(ifname);
                break;
 
                break;
 
-       case SIOCGIFQUEUESTATS:                 /* struct if_qstatsreq */
+       case SIOCGIFQUEUESTATS:                 /* struct if_qstatsreq */
                bcopy(((struct if_qstatsreq *)(void *)data)->ifqr_name,
                    ifname, IFNAMSIZ);
                bcopy(((struct if_qstatsreq *)(void *)data)->ifqr_name,
                    ifname, IFNAMSIZ);
-               ifp = ifunit(ifname);
+               ifp = ifunit_ref(ifname);
                break;
 
                break;
 
-       case SIOCSIFTHROTTLE:                   /* struct if_throttlereq */
-       case SIOCGIFTHROTTLE:                   /* struct if_throttlereq */
+       case SIOCSIFTHROTTLE:                   /* struct if_throttlereq */
+       case SIOCGIFTHROTTLE:                   /* struct if_throttlereq */
                bcopy(((struct if_throttlereq *)(void *)data)->ifthr_name,
                    ifname, IFNAMSIZ);
                bcopy(((struct if_throttlereq *)(void *)data)->ifthr_name,
                    ifname, IFNAMSIZ);
-               ifp = ifunit(ifname);
+               ifp = ifunit_ref(ifname);
                break;
 
                break;
 
-       case SIOCAIFAGENTID:                    /* struct if_agentidreq */
-       case SIOCDIFAGENTID:                    /* struct if_agentidreq */
-       case SIOCGIFAGENTIDS32:         /* struct if_agentidsreq32 */
-       case SIOCGIFAGENTIDS64:         /* struct if_agentidsreq64 */
+       case SIOCAIFAGENTID:                    /* struct if_agentidreq */
+       case SIOCDIFAGENTID:                    /* struct if_agentidreq */
+       case SIOCGIFAGENTIDS32:         /* struct if_agentidsreq32 */
+       case SIOCGIFAGENTIDS64:         /* struct if_agentidsreq64 */
                bcopy(((struct if_agentidreq *)(void *)data)->ifar_name,
                bcopy(((struct if_agentidreq *)(void *)data)->ifar_name,
-                         ifname, IFNAMSIZ);
-               ifp = ifunit(ifname);
+                   ifname, IFNAMSIZ);
+               ifp = ifunit_ref(ifname);
                break;
 
                break;
 
-       case SIOCSIFNETSIGNATURE:               /* struct if_nsreq */
-       case SIOCGIFNETSIGNATURE:               /* struct if_nsreq */
+       case SIOCSIFNETSIGNATURE:               /* struct if_nsreq */
+       case SIOCGIFNETSIGNATURE:               /* struct if_nsreq */
                bcopy(((struct if_nsreq *)(void *)data)->ifnsr_name,
                bcopy(((struct if_nsreq *)(void *)data)->ifnsr_name,
-                         ifname, IFNAMSIZ);
-               ifp = ifunit(ifname);
+                   ifname, IFNAMSIZ);
+               ifp = ifunit_ref(ifname);
                break;
 
                break;
 
+       case SIOCSIFNETWORKID:                  /* struct if_netidreq */
+               bcopy(((struct if_netidreq *)(void *)data)->ifnetid_name,
+                   ifname, IFNAMSIZ);
+               ifp = ifunit_ref(ifname);
+               break;
+       case SIOCGIFPROTOLIST32:                /* struct if_protolistreq32 */
+       case SIOCGIFPROTOLIST64:                /* struct if_protolistreq64 */
+               bcopy(((struct if_protolistreq *)(void *)data)->ifpl_name,
+                   ifname, IFNAMSIZ);
+               ifp = ifunit_ref(ifname);
+               break;
        default:
                /*
                 * This is a bad assumption, but the code seems to
        default:
                /*
                 * This is a bad assumption, but the code seems to
@@ -2106,7 +3102,7 @@ ifioctl(struct socket *so, u_long cmd, caddr_t data, struct proc *p)
                 */
                bcopy(((struct ifreq *)(void *)data)->ifr_name,
                    ifname, IFNAMSIZ);
                 */
                bcopy(((struct ifreq *)(void *)data)->ifr_name,
                    ifname, IFNAMSIZ);
-               ifp = ifunit(ifname);
+               ifp = ifunit_ref(ifname);
                break;
        }
        dlil_if_unlock();
                break;
        }
        dlil_if_unlock();
@@ -2116,68 +3112,91 @@ ifioctl(struct socket *so, u_long cmd, caddr_t data, struct proc *p)
                goto done;
        }
 
                goto done;
        }
 
+       if (ifioctl_restrict_intcoproc(cmd, NULL, ifp, p) == true) {
+               error = EPERM;
+               goto done;
+       }
        switch (cmd) {
        switch (cmd) {
-       case SIOCSIFPHYADDR:                    /* struct {if,in_}aliasreq */
-#if INET6
-       case SIOCSIFPHYADDR_IN6_32:             /* struct in6_aliasreq_32 */
-       case SIOCSIFPHYADDR_IN6_64:             /* struct in6_aliasreq_64 */
-#endif /* INET6 */
+       case SIOCSIFPHYADDR:                    /* struct {if,in_}aliasreq */
+       case SIOCSIFPHYADDR_IN6_32:             /* struct in6_aliasreq_32 */
+       case SIOCSIFPHYADDR_IN6_64:             /* struct in6_aliasreq_64 */
                error = proc_suser(p);
                error = proc_suser(p);
-               if (error != 0)
+               if (error != 0) {
                        break;
                        break;
+               }
 
                error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, data);
 
                error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, data);
-               if (error != 0)
+               if (error != 0) {
                        break;
                        break;
+               }
 
                ifnet_touch_lastchange(ifp);
                break;
 
 
                ifnet_touch_lastchange(ifp);
                break;
 
-       case SIOCGIFSTATUS:                     /* struct ifstat */
+       case SIOCGIFSTATUS:                     /* struct ifstat */
                VERIFY(ifs != NULL);
                ifs->ascii[0] = '\0';
 
                error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, (caddr_t)ifs);
 
                VERIFY(ifs != NULL);
                ifs->ascii[0] = '\0';
 
                error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, (caddr_t)ifs);
 
-               bcopy(ifs, data, sizeof (*ifs));
+               bcopy(ifs, data, sizeof(*ifs));
                break;
 
                break;
 
-       case SIOCGIFMEDIA32:                    /* struct ifmediareq32 */
-       case SIOCGIFMEDIA64:                    /* struct ifmediareq64 */
-               error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, data);
+       case SIOCGIFMEDIA32:                    /* struct ifmediareq32 */
+       case SIOCGIFMEDIA64:                    /* struct ifmediareq64 */
+       case SIOCGIFXMEDIA32:                    /* struct ifmediareq32 */
+       case SIOCGIFXMEDIA64:                    /* struct ifmediareq64 */
+               error = ifioctl_get_media(ifp, so, cmd, data);
                break;
 
                break;
 
-       case SIOCSIFDESC:                       /* struct if_descreq */
-       case SIOCGIFDESC:                       /* struct if_descreq */
+       case SIOCSIFDESC:                       /* struct if_descreq */
+       case SIOCGIFDESC:                       /* struct if_descreq */
                error = ifioctl_ifdesc(ifp, cmd, data, p);
                break;
 
                error = ifioctl_ifdesc(ifp, cmd, data, p);
                break;
 
-       case SIOCSIFLINKPARAMS:                 /* struct if_linkparamsreq */
-       case SIOCGIFLINKPARAMS:                 /* struct if_linkparamsreq */
+       case SIOCSIFLINKPARAMS:                 /* struct if_linkparamsreq */
+       case SIOCGIFLINKPARAMS:                 /* struct if_linkparamsreq */
                error = ifioctl_linkparams(ifp, cmd, data, p);
                break;
 
                error = ifioctl_linkparams(ifp, cmd, data, p);
                break;
 
-       case SIOCGIFQUEUESTATS:                 /* struct if_qstatsreq */
+       case SIOCGIFQUEUESTATS:                 /* struct if_qstatsreq */
                error = ifioctl_qstats(ifp, cmd, data);
                break;
 
                error = ifioctl_qstats(ifp, cmd, data);
                break;
 
-       case SIOCSIFTHROTTLE:                   /* struct if_throttlereq */
-       case SIOCGIFTHROTTLE:                   /* struct if_throttlereq */
+       case SIOCSIFTHROTTLE:                   /* struct if_throttlereq */
+       case SIOCGIFTHROTTLE:                   /* struct if_throttlereq */
                error = ifioctl_throttle(ifp, cmd, data, p);
                break;
 
                error = ifioctl_throttle(ifp, cmd, data, p);
                break;
 
-       case SIOCAIFAGENTID:                    /* struct if_agentidreq */
-       case SIOCDIFAGENTID:                    /* struct if_agentidreq */
-       case SIOCGIFAGENTIDS32:         /* struct if_agentidsreq32 */
-       case SIOCGIFAGENTIDS64:         /* struct if_agentidsreq64 */
+       case SIOCAIFAGENTID:                    /* struct if_agentidreq */
+       case SIOCDIFAGENTID:                    /* struct if_agentidreq */
+       case SIOCGIFAGENTIDS32:         /* struct if_agentidsreq32 */
+       case SIOCGIFAGENTIDS64:         /* struct if_agentidsreq64 */
                error = ifioctl_netagent(ifp, cmd, data, p);
                break;
 
                error = ifioctl_netagent(ifp, cmd, data, p);
                break;
 
-       case SIOCSIFNETSIGNATURE:               /* struct if_nsreq */
-       case SIOCGIFNETSIGNATURE:               /* struct if_nsreq */
+       case SIOCSIFNETSIGNATURE:               /* struct if_nsreq */
+       case SIOCGIFNETSIGNATURE:               /* struct if_nsreq */
                error = ifioctl_netsignature(ifp, cmd, data);
                break;
 
                error = ifioctl_netsignature(ifp, cmd, data);
                break;
 
+       case SIOCSIFNETWORKID:                  /* struct if_netidreq */
+               error = ifioctl_networkid(ifp, data);
+               break;
+       case SIOCSIFNAT64PREFIX:                /* struct if_nat64req */
+       case SIOCGIFNAT64PREFIX:                /* struct if_nat64req */
+               error = ifioctl_nat64prefix(ifp, cmd, data);
+               break;
+
+       case SIOCGIFCLAT46ADDR:                 /* struct if_clat46req */
+               error = ifioctl_clat46addr(ifp, cmd, data);
+               break;
+
+       case SIOCGIFPROTOLIST32:                /* struct if_protolistreq32 */
+       case SIOCGIFPROTOLIST64:                /* struct if_protolistreq64 */
+               error = ifioctl_protolist(ifp, cmd, data);
+               break;
+
        default:
                if (so->so_proto == NULL) {
                        error = EOPNOTSUPP;
        default:
                if (so->so_proto == NULL) {
                        error = EOPNOTSUPP;
@@ -2189,23 +3208,28 @@ ifioctl(struct socket *so, u_long cmd, caddr_t data, struct proc *p)
                    data, ifp, p));
                socket_unlock(so, 1);
 
                    data, ifp, p));
                socket_unlock(so, 1);
 
-               if (error == EOPNOTSUPP || error == ENOTSUP) {
+               // Don't allow to call SIOCAIFADDR and SIOCDIFADDR with
+               // ifreq as the code expects ifaddr
+               if ((error == EOPNOTSUPP || error == ENOTSUP) &&
+                   !(cmd == SIOCAIFADDR || cmd == SIOCDIFADDR)) {
                        error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, data);
                }
                break;
        }
 
 done:
                        error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, data);
                }
                break;
        }
 
 done:
-       if (ifs != NULL)
+       if (ifs != NULL) {
                _FREE(ifs, M_DEVBUF);
                _FREE(ifs, M_DEVBUF);
+       }
 
        if (if_verbose) {
 
        if (if_verbose) {
-               if (ifname[0] == '\0')
-                       (void) snprintf(ifname, sizeof (ifname), "%s",
+               if (ifname[0] == '\0') {
+                       (void) snprintf(ifname, sizeof(ifname), "%s",
                            "NULL");
                            "NULL");
-               else if (ifp != NULL)
-                       (void) snprintf(ifname, sizeof (ifname), "%s",
+               } else if (ifp != NULL) {
+                       (void) snprintf(ifname, sizeof(ifname), "%s",
                            if_name(ifp));
                            if_name(ifp));
+               }
 
                if (error != 0) {
                        printf("%s[%s,%d]: ifp %s cmd 0x%08lx (%c%c [%lu] "
 
                if (error != 0) {
                        printf("%s[%s,%d]: ifp %s cmd 0x%08lx (%c%c [%lu] "
@@ -2224,7 +3248,10 @@ done:
                }
        }
 
                }
        }
 
-       return (error);
+       if (ifp != NULL) {
+               ifnet_decr_iorefcnt(ifp);
+       }
+       return error;
 }
 
 static __attribute__((noinline)) int
 }
 
 static __attribute__((noinline)) int
@@ -2236,22 +3263,24 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
        struct kev_msg ev_msg;
        struct net_event_data ev_data;
 
        struct kev_msg ev_msg;
        struct net_event_data ev_data;
 
-       bzero(&ev_data, sizeof (struct net_event_data));
-       bzero(&ev_msg, sizeof (struct kev_msg));
+       bzero(&ev_data, sizeof(struct net_event_data));
+       bzero(&ev_msg, sizeof(struct kev_msg));
 
        switch (cmd) {
        case SIOCIFCREATE:
        case SIOCIFCREATE2:
 
        switch (cmd) {
        case SIOCIFCREATE:
        case SIOCIFCREATE2:
-                error = proc_suser(p);
-                if (error)
-                        return (error);
-                return (if_clone_create(ifr->ifr_name, sizeof(ifr->ifr_name),
-                   cmd == SIOCIFCREATE2 ? ifr->ifr_data : NULL));
+               error = proc_suser(p);
+               if (error) {
+                       return error;
+               }
+               return if_clone_create(ifr->ifr_name, sizeof(ifr->ifr_name),
+                          cmd == SIOCIFCREATE2 ? ifr->ifr_data : NULL);
        case SIOCIFDESTROY:
                error = proc_suser(p);
        case SIOCIFDESTROY:
                error = proc_suser(p);
-               if (error)
-                       return (error);
-               return (if_clone_destroy(ifr->ifr_name));
+               if (error) {
+                       return error;
+               }
+               return if_clone_destroy(ifr->ifr_name);
        }
 
        /*
        }
 
        /*
@@ -2262,8 +3291,9 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
        ifp = ifunit(ifr->ifr_name);
        dlil_if_unlock();
 
        ifp = ifunit(ifr->ifr_name);
        dlil_if_unlock();
 
-       if (ifp == NULL)
-               return (ENXIO);
+       if (ifp == NULL) {
+               return ENXIO;
+       }
 
        switch (cmd) {
        case SIOCGIFFLAGS:
 
        switch (cmd) {
        case SIOCGIFFLAGS:
@@ -2278,6 +3308,12 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
                ifnet_lock_done(ifp);
                break;
 
                ifnet_lock_done(ifp);
                break;
 
+       case SIOCGIFXFLAGS:
+               ifnet_lock_shared(ifp);
+               ifr->ifr_xflags = ifp->if_xflags;
+               ifnet_lock_done(ifp);
+               break;
+
        case SIOCGIFCAP:
                ifnet_lock_shared(ifp);
                ifr->ifr_reqcap = ifp->if_capabilities;
        case SIOCGIFCAP:
                ifnet_lock_shared(ifp);
                ifr->ifr_reqcap = ifp->if_capabilities;
@@ -2285,16 +3321,6 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
                ifnet_lock_done(ifp);
                break;
 
                ifnet_lock_done(ifp);
                break;
 
-#if CONFIG_MACF_NET
-       case SIOCGIFMAC:
-               error = mac_ifnet_label_get(kauth_cred_get(), ifr, ifp);
-               break;
-
-       case SIOCSIFMAC:
-               error = mac_ifnet_label_set(kauth_cred_get(), ifr, ifp);
-               break;
-#endif /* CONFIG_MACF_NET */
-
        case SIOCGIFMETRIC:
                ifnet_lock_shared(ifp);
                ifr->ifr_metric = ifp->if_metric;
        case SIOCGIFMETRIC:
                ifnet_lock_shared(ifp);
                ifr->ifr_metric = ifp->if_metric;
@@ -2315,8 +3341,9 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
 
        case SIOCSIFFLAGS:
                error = proc_suser(p);
 
        case SIOCSIFFLAGS:
                error = proc_suser(p);
-               if (error != 0)
+               if (error != 0) {
                        break;
                        break;
+               }
 
                (void) ifnet_set_flags(ifp, ifr->ifr_flags,
                    (u_int16_t)~IFF_CANTCHANGE);
 
                (void) ifnet_set_flags(ifp, ifr->ifr_flags,
                    (u_int16_t)~IFF_CANTCHANGE);
@@ -2331,26 +3358,16 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
                 * Send the event even upon error from the driver because
                 * we changed the flags.
                 */
                 * Send the event even upon error from the driver because
                 * we changed the flags.
                 */
-               ev_msg.vendor_code    = KEV_VENDOR_APPLE;
-               ev_msg.kev_class      = KEV_NETWORK_CLASS;
-               ev_msg.kev_subclass   = KEV_DL_SUBCLASS;
-
-               ev_msg.event_code = KEV_DL_SIFFLAGS;
-               strlcpy(&ev_data.if_name[0], ifp->if_name, IFNAMSIZ);
-               ev_data.if_family = ifp->if_family;
-               ev_data.if_unit   = (u_int32_t) ifp->if_unit;
-               ev_msg.dv[0].data_length = sizeof(struct net_event_data);
-               ev_msg.dv[0].data_ptr    = &ev_data;
-               ev_msg.dv[1].data_length = 0;
-               kev_post_msg(&ev_msg);
+               dlil_post_sifflags_msg(ifp);
 
                ifnet_touch_lastchange(ifp);
                break;
 
        case SIOCSIFCAP:
                error = proc_suser(p);
 
                ifnet_touch_lastchange(ifp);
                break;
 
        case SIOCSIFCAP:
                error = proc_suser(p);
-               if (error != 0)
+               if (error != 0) {
                        break;
                        break;
+               }
 
                if ((ifr->ifr_reqcap & ~ifp->if_capabilities)) {
                        error = EINVAL;
 
                if ((ifr->ifr_reqcap & ~ifp->if_capabilities)) {
                        error = EINVAL;
@@ -2363,8 +3380,9 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
 
        case SIOCSIFMETRIC:
                error = proc_suser(p);
 
        case SIOCSIFMETRIC:
                error = proc_suser(p);
-               if (error != 0)
+               if (error != 0) {
                        break;
                        break;
+               }
 
                ifp->if_metric = ifr->ifr_metric;
 
 
                ifp->if_metric = ifr->ifr_metric;
 
@@ -2380,19 +3398,21 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
                ev_msg.dv[0].data_ptr    = &ev_data;
 
                ev_msg.dv[1].data_length = 0;
                ev_msg.dv[0].data_ptr    = &ev_data;
 
                ev_msg.dv[1].data_length = 0;
-               kev_post_msg(&ev_msg);
+               dlil_post_complete_msg(ifp, &ev_msg);
 
                ifnet_touch_lastchange(ifp);
                break;
 
        case SIOCSIFPHYS:
                error = proc_suser(p);
 
                ifnet_touch_lastchange(ifp);
                break;
 
        case SIOCSIFPHYS:
                error = proc_suser(p);
-               if (error != 0)
+               if (error != 0) {
                        break;
                        break;
+               }
 
                error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, (caddr_t)ifr);
 
                error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, (caddr_t)ifr);
-               if (error != 0)
+               if (error != 0) {
                        break;
                        break;
+               }
 
                ev_msg.vendor_code    = KEV_VENDOR_APPLE;
                ev_msg.kev_class      = KEV_NETWORK_CLASS;
 
                ev_msg.vendor_code    = KEV_VENDOR_APPLE;
                ev_msg.kev_class      = KEV_NETWORK_CLASS;
@@ -2405,7 +3425,7 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
                ev_msg.dv[0].data_length = sizeof(struct net_event_data);
                ev_msg.dv[0].data_ptr    = &ev_data;
                ev_msg.dv[1].data_length = 0;
                ev_msg.dv[0].data_length = sizeof(struct net_event_data);
                ev_msg.dv[0].data_ptr    = &ev_data;
                ev_msg.dv[1].data_length = 0;
-               kev_post_msg(&ev_msg);
+               dlil_post_complete_msg(ifp, &ev_msg);
 
                ifnet_touch_lastchange(ifp);
                break;
 
                ifnet_touch_lastchange(ifp);
                break;
@@ -2415,8 +3435,9 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
                struct ifclassq *ifq = &ifp->if_snd;
 
                error = proc_suser(p);
                struct ifclassq *ifq = &ifp->if_snd;
 
                error = proc_suser(p);
-               if (error != 0)
+               if (error != 0) {
                        break;
                        break;
+               }
 
                if (ifp->if_ioctl == NULL) {
                        error = EOPNOTSUPP;
 
                if (ifp->if_ioctl == NULL) {
                        error = EOPNOTSUPP;
@@ -2427,8 +3448,9 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
                        break;
                }
                error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, (caddr_t)ifr);
                        break;
                }
                error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, (caddr_t)ifr);
-               if (error != 0)
+               if (error != 0) {
                        break;
                        break;
+               }
 
                ev_msg.vendor_code    = KEV_VENDOR_APPLE;
                ev_msg.kev_class      = KEV_NETWORK_CLASS;
 
                ev_msg.vendor_code    = KEV_VENDOR_APPLE;
                ev_msg.kev_class      = KEV_NETWORK_CLASS;
@@ -2441,7 +3463,7 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
                ev_msg.dv[0].data_length = sizeof(struct net_event_data);
                ev_msg.dv[0].data_ptr    = &ev_data;
                ev_msg.dv[1].data_length = 0;
                ev_msg.dv[0].data_length = sizeof(struct net_event_data);
                ev_msg.dv[0].data_ptr    = &ev_data;
                ev_msg.dv[1].data_length = 0;
-               kev_post_msg(&ev_msg);
+               dlil_post_complete_msg(ifp, &ev_msg);
 
                ifnet_touch_lastchange(ifp);
                rt_ifmsg(ifp);
 
                ifnet_touch_lastchange(ifp);
                rt_ifmsg(ifp);
@@ -2453,9 +3475,7 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
                 */
                if (ifp->if_mtu != oldmtu) {
                        if_rtmtu_update(ifp);
                 */
                if (ifp->if_mtu != oldmtu) {
                        if_rtmtu_update(ifp);
-#if INET6
                        nd6_setmtu(ifp);
                        nd6_setmtu(ifp);
-#endif /* INET6 */
                        /* Inform all transmit queues about the new MTU */
                        IFCQ_LOCK(ifq);
                        ifnet_update_sndq(ifq, CLASSQ_EV_LINK_MTU);
                        /* Inform all transmit queues about the new MTU */
                        IFCQ_LOCK(ifq);
                        ifnet_update_sndq(ifq, CLASSQ_EV_LINK_MTU);
@@ -2467,8 +3487,9 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
        case SIOCADDMULTI:
        case SIOCDELMULTI:
                error = proc_suser(p);
        case SIOCADDMULTI:
        case SIOCDELMULTI:
                error = proc_suser(p);
-               if (error != 0)
+               if (error != 0) {
                        break;
                        break;
+               }
 
                /* Don't allow group membership on non-multicast interfaces. */
                if ((ifp->if_flags & IFF_MULTICAST) == 0) {
 
                /* Don't allow group membership on non-multicast interfaces. */
                if ((ifp->if_flags & IFF_MULTICAST) == 0) {
@@ -2482,6 +3503,9 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
                        error = EINVAL;
                        break;
                }
                        error = EINVAL;
                        break;
                }
+               if (ifr->ifr_addr.sa_len > sizeof(struct sockaddr)) {
+                       ifr->ifr_addr.sa_len = sizeof(struct sockaddr);
+               }
 
                /*
                 * User is permitted to anonymously join a particular link
 
                /*
                 * User is permitted to anonymously join a particular link
@@ -2501,8 +3525,9 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
                        error = if_delmulti_anon(ifp, &ifr->ifr_addr);
                        ev_msg.event_code = KEV_DL_DELMULTI;
                }
                        error = if_delmulti_anon(ifp, &ifr->ifr_addr);
                        ev_msg.event_code = KEV_DL_DELMULTI;
                }
-               if (error != 0)
+               if (error != 0) {
                        break;
                        break;
+               }
 
                ev_msg.vendor_code    = KEV_VENDOR_APPLE;
                ev_msg.kev_class      = KEV_NETWORK_CLASS;
 
                ev_msg.vendor_code    = KEV_VENDOR_APPLE;
                ev_msg.kev_class      = KEV_NETWORK_CLASS;
@@ -2514,25 +3539,49 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
                ev_msg.dv[0].data_length = sizeof(struct net_event_data);
                ev_msg.dv[0].data_ptr    = &ev_data;
                ev_msg.dv[1].data_length = 0;
                ev_msg.dv[0].data_length = sizeof(struct net_event_data);
                ev_msg.dv[0].data_ptr    = &ev_data;
                ev_msg.dv[1].data_length = 0;
-               kev_post_msg(&ev_msg);
+               dlil_post_complete_msg(ifp, &ev_msg);
 
                ifnet_touch_lastchange(ifp);
                break;
 
 
                ifnet_touch_lastchange(ifp);
                break;
 
-       case SIOCDIFPHYADDR:
        case SIOCSIFMEDIA:
        case SIOCSIFMEDIA:
+               error = proc_suser(p);
+               if (error != 0) {
+                       break;
+               }
+               /*
+                * Silently ignore setting IFM_OTHER
+                */
+               if (ifr->ifr_media == IFM_OTHER) {
+                       os_log_info(OS_LOG_DEFAULT,
+                           "%s: %s SIOCSIFMEDIA ignore IFM_OTHER",
+                           __func__, ifp->if_xname);
+                       error = 0;
+                       break;
+               }
+               error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, (caddr_t)ifr);
+               if (error != 0) {
+                       break;
+               }
+               ifnet_touch_lastchange(ifp);
+               break;
+
+       case SIOCDIFPHYADDR:
        case SIOCSIFGENERIC:
        case SIOCSIFLLADDR:
        case SIOCSIFALTMTU:
        case SIOCSIFVLAN:
        case SIOCSIFBOND:
        case SIOCSIFGENERIC:
        case SIOCSIFLLADDR:
        case SIOCSIFALTMTU:
        case SIOCSIFVLAN:
        case SIOCSIFBOND:
+       case SIOCSIF6LOWPAN:
                error = proc_suser(p);
                error = proc_suser(p);
-               if (error != 0)
+               if (error != 0) {
                        break;
                        break;
+               }
 
                error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, (caddr_t)ifr);
 
                error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, (caddr_t)ifr);
-               if (error != 0)
+               if (error != 0) {
                        break;
                        break;
+               }
 
                ifnet_touch_lastchange(ifp);
                break;
 
                ifnet_touch_lastchange(ifp);
                break;
@@ -2545,12 +3594,12 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
                        break;
                }
                /* If larger than 14-bytes we'll need another mechanism */
                        break;
                }
                /* If larger than 14-bytes we'll need another mechanism */
-               if (sdl->sdl_alen > sizeof (ifr->ifr_addr.sa_data)) {
+               if (sdl->sdl_alen > sizeof(ifr->ifr_addr.sa_data)) {
                        error = EMSGSIZE;
                        break;
                }
                /* Follow the same convention used by SIOCSIFLLADDR */
                        error = EMSGSIZE;
                        break;
                }
                /* Follow the same convention used by SIOCSIFLLADDR */
-               bzero(&ifr->ifr_addr, sizeof (ifr->ifr_addr));
+               bzero(&ifr->ifr_addr, sizeof(ifr->ifr_addr));
                ifr->ifr_addr.sa_family = AF_LINK;
                ifr->ifr_addr.sa_len = sdl->sdl_alen;
                error = ifnet_guarded_lladdr_copy_bytes(ifp,
                ifr->ifr_addr.sa_family = AF_LINK;
                ifr->ifr_addr.sa_len = sdl->sdl_alen;
                error = ifnet_guarded_lladdr_copy_bytes(ifp,
@@ -2565,7 +3614,7 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
                break;
 
        case SIOCGIFFUNCTIONALTYPE:
                break;
 
        case SIOCGIFFUNCTIONALTYPE:
-               ifr->ifr_functional_type = if_functional_type(ifp);
+               ifr->ifr_functional_type = if_functional_type(ifp, FALSE);
                break;
 
        case SIOCGIFPSRCADDR:
                break;
 
        case SIOCGIFPSRCADDR:
@@ -2574,6 +3623,7 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
        case SIOCGIFDEVMTU:
        case SIOCGIFVLAN:
        case SIOCGIFBOND:
        case SIOCGIFDEVMTU:
        case SIOCGIFVLAN:
        case SIOCGIFBOND:
+       case SIOCGIF6LOWPAN:
                error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, (caddr_t)ifr);
                break;
 
                error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, (caddr_t)ifr);
                break;
 
@@ -2596,11 +3646,11 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
 
        case SIOCGIFLINKQUALITYMETRIC:
                ifnet_lock_shared(ifp);
 
        case SIOCGIFLINKQUALITYMETRIC:
                ifnet_lock_shared(ifp);
-               if ((ifp->if_interface_state.valid_bitmask & 
-                   IF_INTERFACE_STATE_LQM_STATE_VALID))
+               if ((ifp->if_interface_state.valid_bitmask &
+                   IF_INTERFACE_STATE_LQM_STATE_VALID)) {
                        ifr->ifr_link_quality_metric =
                        ifr->ifr_link_quality_metric =
-                          ifp->if_interface_state.lqm_state;
-               else if ((ifp->if_refflags & IFRF_ATTACHED)) {
+                           ifp->if_interface_state.lqm_state;
+               } else if (IF_FULLY_ATTACHED(ifp)) {
                        ifr->ifr_link_quality_metric =
                            IFNET_LQM_THRESH_UNKNOWN;
                } else {
                        ifr->ifr_link_quality_metric =
                            IFNET_LQM_THRESH_UNKNOWN;
                } else {
@@ -2624,10 +3674,11 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
 
        case SIOCGIFEXPENSIVE:
                ifnet_lock_shared(ifp);
 
        case SIOCGIFEXPENSIVE:
                ifnet_lock_shared(ifp);
-               if (ifp->if_eflags & IFEF_EXPENSIVE)
+               if (ifp->if_eflags & IFEF_EXPENSIVE) {
                        ifr->ifr_expensive = 1;
                        ifr->ifr_expensive = 1;
-               else 
+               } else {
                        ifr->ifr_expensive = 0;
                        ifr->ifr_expensive = 0;
+               }
                ifnet_lock_done(ifp);
                break;
 
                ifnet_lock_done(ifp);
                break;
 
@@ -2636,14 +3687,16 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
                struct ifnet *difp;
 
                if ((error = priv_check_cred(kauth_cred_get(),
                struct ifnet *difp;
 
                if ((error = priv_check_cred(kauth_cred_get(),
-                   PRIV_NET_INTERFACE_CONTROL, 0)) != 0)
-                       return (error);
-               ifnet_lock_exclusive(ifp);
-               if (ifr->ifr_expensive)
-                       ifp->if_eflags |= IFEF_EXPENSIVE;
-               else 
-                       ifp->if_eflags &= ~IFEF_EXPENSIVE;
-               ifnet_lock_done(ifp);
+                   PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+                       return error;
+               }
+               if (ifr->ifr_expensive) {
+                       if_set_eflags(ifp, IFEF_EXPENSIVE);
+               } else {
+                       if_clear_eflags(ifp, IFEF_EXPENSIVE);
+               }
+               ifnet_increment_generation(ifp);
+
                /*
                 * Update the expensive bit in the delegated interface
                 * structure.
                /*
                 * Update the expensive bit in the delegated interface
                 * structure.
@@ -2652,35 +3705,78 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
                TAILQ_FOREACH(difp, &ifnet_head, if_link) {
                        ifnet_lock_exclusive(difp);
                        if (difp->if_delegated.ifp == ifp) {
                TAILQ_FOREACH(difp, &ifnet_head, if_link) {
                        ifnet_lock_exclusive(difp);
                        if (difp->if_delegated.ifp == ifp) {
-                               difp->if_delegated.expensive = 
+                               difp->if_delegated.expensive =
                                    ifp->if_eflags & IFEF_EXPENSIVE ? 1 : 0;
                                    ifp->if_eflags & IFEF_EXPENSIVE ? 1 : 0;
+                               ifnet_increment_generation(difp);
+                       }
+                       ifnet_lock_done(difp);
+               }
+               ifnet_head_done();
+               necp_update_all_clients();
+               break;
+       }
 
 
+       case SIOCGIFCONSTRAINED:
+               if ((ifp->if_xflags & IFXF_CONSTRAINED) != 0) {
+                       ifr->ifr_constrained = 1;
+               } else {
+                       ifr->ifr_constrained = 0;
+               }
+               break;
+
+       case SIOCSIFCONSTRAINED:
+       {
+               struct ifnet *difp;
+
+               if ((error = priv_check_cred(kauth_cred_get(),
+                   PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+                       return error;
+               }
+               if (ifr->ifr_constrained) {
+                       if_set_xflags(ifp, IFXF_CONSTRAINED);
+               } else {
+                       if_clear_xflags(ifp, IFXF_CONSTRAINED);
+               }
+               ifnet_increment_generation(ifp);
+               /*
+                * Update the constrained bit in the delegated interface
+                * structure.
+                */
+               ifnet_head_lock_shared();
+               TAILQ_FOREACH(difp, &ifnet_head, if_link) {
+                       ifnet_lock_exclusive(difp);
+                       if (difp->if_delegated.ifp == ifp) {
+                               difp->if_delegated.constrained =
+                                   ((ifp->if_xflags & IFXF_CONSTRAINED) != 0) ? 1 : 0;
+                               ifnet_increment_generation(difp);
                        }
                        ifnet_lock_done(difp);
                }
                ifnet_head_done();
                        }
                        ifnet_lock_done(difp);
                }
                ifnet_head_done();
+               necp_update_all_clients();
                break;
        }
 
        case SIOCGIF2KCL:
                ifnet_lock_shared(ifp);
                break;
        }
 
        case SIOCGIF2KCL:
                ifnet_lock_shared(ifp);
-               if (ifp->if_eflags & IFEF_2KCL)
+               if (ifp->if_eflags & IFEF_2KCL) {
                        ifr->ifr_2kcl = 1;
                        ifr->ifr_2kcl = 1;
-               else
+               } else {
                        ifr->ifr_2kcl = 0;
                        ifr->ifr_2kcl = 0;
+               }
                ifnet_lock_done(ifp);
                break;
 
        case SIOCSIF2KCL:
                if ((error = priv_check_cred(kauth_cred_get(),
                ifnet_lock_done(ifp);
                break;
 
        case SIOCSIF2KCL:
                if ((error = priv_check_cred(kauth_cred_get(),
-                   PRIV_NET_INTERFACE_CONTROL, 0)) != 0)
-                       return (error);
-               ifnet_lock_exclusive(ifp);
-               if (ifr->ifr_2kcl)
-                       ifp->if_eflags |= IFEF_2KCL;
-               else
-                       ifp->if_eflags &= ~IFEF_2KCL;
-               ifnet_lock_done(ifp);
+                   PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+                       return error;
+               }
+               if (ifr->ifr_2kcl) {
+                       if_set_eflags(ifp, IFEF_2KCL);
+               } else {
+                       if_clear_eflags(ifp, IFEF_2KCL);
+               }
                break;
        case SIOCGSTARTDELAY:
                ifnet_lock_shared(ifp);
                break;
        case SIOCGSTARTDELAY:
                ifnet_lock_shared(ifp);
@@ -2715,17 +3811,18 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
                                ifr->ifr_addr.sa_len = 16;
                        }
 #else
                                ifr->ifr_addr.sa_len = 16;
                        }
 #else
-                       if (ifr->ifr_addr.sa_len == 0)
+                       if (ifr->ifr_addr.sa_len == 0) {
                                ifr->ifr_addr.sa_len = 16;
                                ifr->ifr_addr.sa_len = 16;
+                       }
 #endif
                } else if (cmd == OSIOCGIFADDR) {
 #endif
                } else if (cmd == OSIOCGIFADDR) {
-                       cmd = SIOCGIFADDR;      /* struct ifreq */
+                       cmd = SIOCGIFADDR;      /* struct ifreq */
                } else if (cmd == OSIOCGIFDSTADDR) {
                } else if (cmd == OSIOCGIFDSTADDR) {
-                       cmd = SIOCGIFDSTADDR;   /* struct ifreq */
+                       cmd = SIOCGIFDSTADDR;   /* struct ifreq */
                } else if (cmd == OSIOCGIFBRDADDR) {
                } else if (cmd == OSIOCGIFBRDADDR) {
-                       cmd = SIOCGIFBRDADDR;   /* struct ifreq */
+                       cmd = SIOCGIFBRDADDR;   /* struct ifreq */
                } else if (cmd == OSIOCGIFNETMASK) {
                } else if (cmd == OSIOCGIFNETMASK) {
-                       cmd = SIOCGIFNETMASK;   /* struct ifreq */
+                       cmd = SIOCGIFNETMASK;   /* struct ifreq */
                }
 
                socket_lock(so, 1);
                }
 
                socket_lock(so, 1);
@@ -2739,16 +3836,19 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
                case OSIOCGIFBRDADDR:
                case OSIOCGIFNETMASK:
                        bcopy(&ifr->ifr_addr.sa_family, &ifr->ifr_addr,
                case OSIOCGIFBRDADDR:
                case OSIOCGIFNETMASK:
                        bcopy(&ifr->ifr_addr.sa_family, &ifr->ifr_addr,
-                           sizeof (u_short));
+                           sizeof(u_short));
                }
 
                if (cmd == SIOCSIFKPI) {
                        int temperr = proc_suser(p);
                }
 
                if (cmd == SIOCSIFKPI) {
                        int temperr = proc_suser(p);
-                       if (temperr != 0)
+                       if (temperr != 0) {
                                error = temperr;
                                error = temperr;
+                       }
                }
                }
-
-               if (error == EOPNOTSUPP || error == ENOTSUP) {
+               // Don't allow to call SIOCSIFADDR and SIOCSIFDSTADDR
+               // with ifreq as the code expects ifaddr
+               if ((error == EOPNOTSUPP || error == ENOTSUP) &&
+                   !(cmd == SIOCSIFADDR || cmd == SIOCSIFDSTADDR)) {
                        error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd,
                            (caddr_t)ifr);
                }
                        error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd,
                            (caddr_t)ifr);
                }
@@ -2756,60 +3856,230 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
 
        case SIOCGIFINTERFACESTATE:
                if_get_state(ifp, &ifr->ifr_interface_state);
 
        case SIOCGIFINTERFACESTATE:
                if_get_state(ifp, &ifr->ifr_interface_state);
-               
                break;
                break;
+
        case SIOCSIFINTERFACESTATE:
                if ((error = priv_check_cred(kauth_cred_get(),
        case SIOCSIFINTERFACESTATE:
                if ((error = priv_check_cred(kauth_cred_get(),
-                   PRIV_NET_INTERFACE_CONTROL, 0)) != 0)
-                       return (error);
+                   PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+                       return error;
+               }
 
                error = if_state_update(ifp, &ifr->ifr_interface_state);
 
                break;
        case SIOCSIFPROBECONNECTIVITY:
                if ((error = priv_check_cred(kauth_cred_get(),
 
                error = if_state_update(ifp, &ifr->ifr_interface_state);
 
                break;
        case SIOCSIFPROBECONNECTIVITY:
                if ((error = priv_check_cred(kauth_cred_get(),
-                   PRIV_NET_INTERFACE_CONTROL, 0)) != 0)
-                       return (error);
+                   PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+                       return error;
+               }
                error = if_probe_connectivity(ifp,
                    ifr->ifr_probe_connectivity);
                break;
        case SIOCGIFPROBECONNECTIVITY:
                if ((error = priv_check_cred(kauth_cred_get(),
                error = if_probe_connectivity(ifp,
                    ifr->ifr_probe_connectivity);
                break;
        case SIOCGIFPROBECONNECTIVITY:
                if ((error = priv_check_cred(kauth_cred_get(),
-                   PRIV_NET_INTERFACE_CONTROL, 0)) != 0)
-                       return (error);
-               if (ifp->if_eflags & IFEF_PROBE_CONNECTIVITY)
+                   PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+                       return error;
+               }
+               if (ifp->if_eflags & IFEF_PROBE_CONNECTIVITY) {
                        ifr->ifr_probe_connectivity = 1;
                        ifr->ifr_probe_connectivity = 1;
-               else
+               } else {
                        ifr->ifr_probe_connectivity = 0;
                        ifr->ifr_probe_connectivity = 0;
+               }
                break;
        case SIOCGECNMODE:
                break;
        case SIOCGECNMODE:
-               if ((ifp->if_eflags & (IFEF_ECN_ENABLE|IFEF_ECN_DISABLE)) ==
-                   IFEF_ECN_ENABLE)
+               if ((ifp->if_eflags & (IFEF_ECN_ENABLE | IFEF_ECN_DISABLE)) ==
+                   IFEF_ECN_ENABLE) {
                        ifr->ifr_ecn_mode = IFRTYPE_ECN_ENABLE;
                        ifr->ifr_ecn_mode = IFRTYPE_ECN_ENABLE;
-               else if ((ifp->if_eflags & (IFEF_ECN_ENABLE|IFEF_ECN_DISABLE)) ==
-                   IFEF_ECN_DISABLE)
+               } else if ((ifp->if_eflags & (IFEF_ECN_ENABLE | IFEF_ECN_DISABLE)) ==
+                   IFEF_ECN_DISABLE) {
                        ifr->ifr_ecn_mode = IFRTYPE_ECN_DISABLE;
                        ifr->ifr_ecn_mode = IFRTYPE_ECN_DISABLE;
-               else
+               } else {
                        ifr->ifr_ecn_mode = IFRTYPE_ECN_DEFAULT;
                        ifr->ifr_ecn_mode = IFRTYPE_ECN_DEFAULT;
+               }
                break;
        case SIOCSECNMODE:
                break;
        case SIOCSECNMODE:
+               if ((error = priv_check_cred(kauth_cred_get(),
+                   PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+                       return error;
+               }
                if (ifr->ifr_ecn_mode == IFRTYPE_ECN_DEFAULT) {
                if (ifr->ifr_ecn_mode == IFRTYPE_ECN_DEFAULT) {
-                       ifp->if_eflags &= ~(IFEF_ECN_ENABLE|IFEF_ECN_DISABLE);
+                       if_clear_eflags(ifp, IFEF_ECN_ENABLE | IFEF_ECN_DISABLE);
                } else if (ifr->ifr_ecn_mode == IFRTYPE_ECN_ENABLE) {
                } else if (ifr->ifr_ecn_mode == IFRTYPE_ECN_ENABLE) {
-                       ifp->if_eflags |= IFEF_ECN_ENABLE;
-                       ifp->if_eflags &= ~IFEF_ECN_DISABLE;
+                       if_set_eflags(ifp, IFEF_ECN_ENABLE);
+                       if_clear_eflags(ifp, IFEF_ECN_DISABLE);
                } else if (ifr->ifr_ecn_mode == IFRTYPE_ECN_DISABLE) {
                } else if (ifr->ifr_ecn_mode == IFRTYPE_ECN_DISABLE) {
-                       ifp->if_eflags |= IFEF_ECN_DISABLE;
-                       ifp->if_eflags &= ~IFEF_ECN_ENABLE;
-               } else
+                       if_set_eflags(ifp, IFEF_ECN_DISABLE);
+                       if_clear_eflags(ifp, IFEF_ECN_ENABLE);
+               } else {
+                       error = EINVAL;
+               }
+               break;
+
+       case SIOCSIFTIMESTAMPENABLE:
+       case SIOCSIFTIMESTAMPDISABLE:
+               error = proc_suser(p);
+               if (error != 0) {
+                       break;
+               }
+
+               if ((cmd == SIOCSIFTIMESTAMPENABLE &&
+                   (ifp->if_xflags & IFXF_TIMESTAMP_ENABLED) != 0) ||
+                   (cmd == SIOCSIFTIMESTAMPDISABLE &&
+                   (ifp->if_xflags & IFXF_TIMESTAMP_ENABLED) == 0)) {
+                       break;
+               }
+               if (cmd == SIOCSIFTIMESTAMPENABLE) {
+                       if_set_xflags(ifp, IFXF_TIMESTAMP_ENABLED);
+               } else {
+                       if_clear_xflags(ifp, IFXF_TIMESTAMP_ENABLED);
+               }
+               /*
+                * Pass the setting to the interface if it supports either
+                * software or hardware time stamping
+                */
+               if (ifp->if_capabilities & (IFCAP_HW_TIMESTAMP |
+                   IFCAP_SW_TIMESTAMP)) {
+                       error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd,
+                           (caddr_t)ifr);
+               }
+               break;
+       case SIOCGIFTIMESTAMPENABLED: {
+               if ((ifp->if_xflags & IFXF_TIMESTAMP_ENABLED) != 0) {
+                       ifr->ifr_intval = 1;
+               } else {
+                       ifr->ifr_intval = 0;
+               }
+               break;
+       }
+       case SIOCSQOSMARKINGMODE:
+               if ((error = priv_check_cred(kauth_cred_get(),
+                   PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+                       return error;
+               }
+               error = if_set_qosmarking_mode(ifp, ifr->ifr_qosmarking_mode);
+               break;
+
+       case SIOCGQOSMARKINGMODE:
+               ifr->ifr_qosmarking_mode = ifp->if_qosmarking_mode;
+               break;
+
+       case SIOCSQOSMARKINGENABLED:
+               if ((error = priv_check_cred(kauth_cred_get(),
+                   PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+                       return error;
+               }
+               if (ifr->ifr_qosmarking_enabled != 0) {
+                       if_set_eflags(ifp, IFEF_QOSMARKING_ENABLED);
+               } else {
+                       if_clear_eflags(ifp, IFEF_QOSMARKING_ENABLED);
+               }
+               break;
+
+       case SIOCGQOSMARKINGENABLED:
+               ifr->ifr_qosmarking_enabled =
+                   ((ifp->if_eflags & IFEF_QOSMARKING_ENABLED) != 0) ? 1 : 0;
+               break;
+
+       case SIOCSIFDISABLEOUTPUT:
+#if (DEBUG || DEVELOPMENT)
+               if (ifr->ifr_disable_output == 1) {
+                       error = ifnet_disable_output(ifp);
+               } else if (ifr->ifr_disable_output == 0) {
+                       error = ifnet_enable_output(ifp);
+               } else {
                        error = EINVAL;
                        error = EINVAL;
+               }
+#else
+               error = EINVAL;
+#endif /* (DEBUG || DEVELOPMENT) */
+               break;
+
+       case SIOCSIFSUBFAMILY:
+               if ((error = priv_check_cred(kauth_cred_get(),
+                   PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+                       return error;
+               }
+               error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, (caddr_t)ifr);
+               break;
+
+       case SIOCSIFLOWINTERNET:
+               if ((error = priv_check_cred(kauth_cred_get(),
+                   PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+                       return error;
+               }
+
+               if (ifr->ifr_low_internet & IFRTYPE_LOW_INTERNET_ENABLE_UL) {
+                       if_set_xflags(ifp, IFXF_LOW_INTERNET_UL);
+               } else {
+                       if_clear_xflags(ifp, IFXF_LOW_INTERNET_UL);
+               }
+               if (ifr->ifr_low_internet & IFRTYPE_LOW_INTERNET_ENABLE_DL) {
+                       if_set_xflags(ifp, IFXF_LOW_INTERNET_DL);
+               } else {
+                       if_clear_xflags(ifp, IFXF_LOW_INTERNET_DL);
+               }
+               break;
+       case SIOCGIFLOWINTERNET:
+               ifnet_lock_shared(ifp);
+               ifr->ifr_low_internet = 0;
+               if ((ifp->if_xflags & IFXF_LOW_INTERNET_UL) != 0) {
+                       ifr->ifr_low_internet |=
+                           IFRTYPE_LOW_INTERNET_ENABLE_UL;
+               }
+               if ((ifp->if_xflags & IFXF_LOW_INTERNET_DL) != 0) {
+                       ifr->ifr_low_internet |=
+                           IFRTYPE_LOW_INTERNET_ENABLE_DL;
+               }
+               ifnet_lock_done(ifp);
+               break;
+       case SIOCGIFLOWPOWER:
+               ifr->ifr_low_power_mode =
+                   ((ifp->if_xflags & IFXF_LOW_POWER) != 0);
+               break;
+       case SIOCSIFLOWPOWER:
+#if (DEVELOPMENT || DEBUG)
+               error = if_set_low_power(ifp, (ifr->ifr_low_power_mode != 0));
+#else /* DEVELOPMENT || DEBUG */
+               error = EOPNOTSUPP;
+#endif /* DEVELOPMENT || DEBUG */
+               break;
+
+       case SIOCGIFMPKLOG:
+               ifr->ifr_mpk_log = ((ifp->if_xflags & IFXF_MPK_LOG) != 0);
+               break;
+       case SIOCSIFMPKLOG:
+               if (ifr->ifr_mpk_log) {
+                       if_set_xflags(ifp, IFXF_MPK_LOG);
+               } else {
+                       if_clear_xflags(ifp, IFXF_MPK_LOG);
+               }
+               break;
+       case SIOCGIFNOACKPRIO:
+               if ((ifp->if_eflags & IFEF_NOACKPRI) != 0) {
+                       ifr->ifr_noack_prio = 1;
+               } else {
+                       ifr->ifr_noack_prio = 0;
+               }
+               break;
+
+       case SIOCSIFNOACKPRIO:
+               if ((error = priv_check_cred(kauth_cred_get(),
+                   PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+                       return error;
+               }
+               if (ifr->ifr_noack_prio) {
+                       if_set_eflags(ifp, IFEF_NOACKPRI);
+               } else {
+                       if_clear_eflags(ifp, IFEF_NOACKPRI);
+               }
                break;
                break;
+
        default:
                VERIFY(0);
                /* NOTREACHED */
        }
 
        default:
                VERIFY(0);
                /* NOTREACHED */
        }
 
-       return (error);
+       return error;
 }
 
 int
 }
 
 int
@@ -2820,9 +4090,9 @@ ifioctllocked(struct socket *so, u_long cmd, caddr_t data, struct proc *p)
        socket_unlock(so, 0);
        error = ifioctl(so, cmd, data, p);
        socket_lock(so, 0);
        socket_unlock(so, 0);
        error = ifioctl(so, cmd, data, p);
        socket_lock(so, 0);
-       return(error);
+       return error;
 }
 }
-       
+
 /*
  * Set/clear promiscuous mode on interface ifp based on the truth value
  * of pswitch.  The calls are reference counted so that only the first
 /*
  * Set/clear promiscuous mode on interface ifp based on the truth value
  * of pswitch.  The calls are reference counted so that only the first
@@ -2831,7 +4101,7 @@ ifioctllocked(struct socket *so, u_long cmd, caddr_t data, struct proc *p)
  */
 errno_t
 ifnet_set_promiscuous(
  */
 errno_t
 ifnet_set_promiscuous(
-       ifnet_t ifp,
+       ifnet_t ifp,
        int pswitch)
 {
        int error = 0;
        int pswitch)
 {
        int error = 0;
@@ -2841,15 +4111,16 @@ ifnet_set_promiscuous(
        ifnet_lock_exclusive(ifp);
        oldflags = ifp->if_flags;
        ifp->if_pcount += pswitch ? 1 : -1;
        ifnet_lock_exclusive(ifp);
        oldflags = ifp->if_flags;
        ifp->if_pcount += pswitch ? 1 : -1;
-       
-       if (ifp->if_pcount > 0)
+
+       if (ifp->if_pcount > 0) {
                ifp->if_flags |= IFF_PROMISC;
                ifp->if_flags |= IFF_PROMISC;
-       else
+       } else {
                ifp->if_flags &= ~IFF_PROMISC;
                ifp->if_flags &= ~IFF_PROMISC;
-       
+       }
+
        newflags = ifp->if_flags;
        ifnet_lock_done(ifp);
        newflags = ifp->if_flags;
        ifnet_lock_done(ifp);
-       
+
        if (newflags != oldflags && (newflags & IFF_UP) != 0) {
                error = ifnet_ioctl(ifp, 0, SIOCSIFFLAGS, NULL);
                if (error == 0) {
        if (newflags != oldflags && (newflags & IFF_UP) != 0) {
                error = ifnet_ioctl(ifp, 0, SIOCSIFFLAGS, NULL);
                if (error == 0) {
@@ -2858,14 +4129,15 @@ ifnet_set_promiscuous(
                        ifnet_lock_exclusive(ifp);
                        // revert the flags
                        ifp->if_pcount -= pswitch ? 1 : -1;
                        ifnet_lock_exclusive(ifp);
                        // revert the flags
                        ifp->if_pcount -= pswitch ? 1 : -1;
-                       if (ifp->if_pcount > 0)
-                           ifp->if_flags |= IFF_PROMISC;
-                       else
-                           ifp->if_flags &= ~IFF_PROMISC;
+                       if (ifp->if_pcount > 0) {
+                               ifp->if_flags |= IFF_PROMISC;
+                       } else {
+                               ifp->if_flags &= ~IFF_PROMISC;
+                       }
                        ifnet_lock_done(ifp);
                }
        }
                        ifnet_lock_done(ifp);
                }
        }
-       
+
        if (newflags != oldflags) {
                log(LOG_INFO, "%s: promiscuous mode %s%s\n",
                    if_name(ifp),
        if (newflags != oldflags) {
                log(LOG_INFO, "%s: promiscuous mode %s%s\n",
                    if_name(ifp),
@@ -2898,18 +4170,18 @@ ifconf(u_long cmd, user_addr_t ifrp, int *ret_space)
         * Zero the ifr buffer to make sure we don't
         * disclose the contents of the stack.
         */
         * Zero the ifr buffer to make sure we don't
         * disclose the contents of the stack.
         */
-       bzero(&ifr, sizeof (struct ifreq));
+       bzero(&ifr, sizeof(struct ifreq));
 
        space = *ret_space;
        ifnet_head_lock_shared();
 
        space = *ret_space;
        ifnet_head_lock_shared();
-       for (ifp = ifnet_head.tqh_first; space > sizeof (ifr) &&
+       for (ifp = ifnet_head.tqh_first; space > sizeof(ifr) &&
            ifp; ifp = ifp->if_link.tqe_next) {
                char workbuf[64];
                size_t ifnlen, addrs;
 
            ifp; ifp = ifp->if_link.tqe_next) {
                char workbuf[64];
                size_t ifnlen, addrs;
 
-               ifnlen = snprintf(workbuf, sizeof (workbuf),
+               ifnlen = snprintf(workbuf, sizeof(workbuf),
                    "%s", if_name(ifp));
                    "%s", if_name(ifp));
-               if (ifnlen + 1 > sizeof (ifr.ifr_name)) {
+               if (ifnlen + 1 > sizeof(ifr.ifr_name)) {
                        error = ENAMETOOLONG;
                        break;
                } else {
                        error = ENAMETOOLONG;
                        break;
                } else {
@@ -2920,7 +4192,7 @@ ifconf(u_long cmd, user_addr_t ifrp, int *ret_space)
 
                addrs = 0;
                ifa = ifp->if_addrhead.tqh_first;
 
                addrs = 0;
                ifa = ifp->if_addrhead.tqh_first;
-               for (; space > sizeof (ifr) && ifa;
+               for (; space > sizeof(ifr) && ifa;
                    ifa = ifa->ifa_link.tqe_next) {
                        struct sockaddr *sa;
                        union {
                    ifa = ifa->ifa_link.tqe_next) {
                        struct sockaddr *sa;
                        union {
@@ -2933,7 +4205,7 @@ ifconf(u_long cmd, user_addr_t ifrp, int *ret_space)
                         * Make sure to accomodate the largest possible
                         * size of SA(if_lladdr)->sa_len.
                         */
                         * Make sure to accomodate the largest possible
                         * size of SA(if_lladdr)->sa_len.
                         */
-                       _CASSERT(sizeof (u) == (SOCK_MAXADDRLEN + 1));
+                       _CASSERT(sizeof(u) == (SOCK_MAXADDRLEN + 1));
 
                        IFA_LOCK(ifa);
                        sa = ifa->ifa_addr;
 
                        IFA_LOCK(ifa);
                        sa = ifa->ifa_addr;
@@ -2955,22 +4227,22 @@ ifconf(u_long cmd, user_addr_t ifrp, int *ret_space)
                                ifr.ifr_addr = *sa;
                                osa->sa_family = sa->sa_family;
                                error = copyout((caddr_t)&ifr, ifrp,
                                ifr.ifr_addr = *sa;
                                osa->sa_family = sa->sa_family;
                                error = copyout((caddr_t)&ifr, ifrp,
-                                   sizeof (ifr));
-                               ifrp += sizeof (struct ifreq);
-                       } else if (sa->sa_len <= sizeof (*sa)) {
+                                   sizeof(ifr));
+                               ifrp += sizeof(struct ifreq);
+                       } else if (sa->sa_len <= sizeof(*sa)) {
                                ifr.ifr_addr = *sa;
                                error = copyout((caddr_t)&ifr, ifrp,
                                ifr.ifr_addr = *sa;
                                error = copyout((caddr_t)&ifr, ifrp,
-                                   sizeof (ifr));
-                               ifrp += sizeof (struct ifreq);
+                                   sizeof(ifr));
+                               ifrp += sizeof(struct ifreq);
                        } else {
                                if (space <
                        } else {
                                if (space <
-                                   sizeof (ifr) + sa->sa_len - sizeof (*sa)) {
+                                   sizeof(ifr) + sa->sa_len - sizeof(*sa)) {
                                        IFA_UNLOCK(ifa);
                                        break;
                                }
                                        IFA_UNLOCK(ifa);
                                        break;
                                }
-                               space -= sa->sa_len - sizeof (*sa);
+                               space -= sa->sa_len - sizeof(*sa);
                                error = copyout((caddr_t)&ifr, ifrp,
                                error = copyout((caddr_t)&ifr, ifrp,
-                                   sizeof (ifr.ifr_name));
+                                   sizeof(ifr.ifr_name));
                                if (error == 0) {
                                        error = copyout((caddr_t)sa, (ifrp +
                                            offsetof(struct ifreq, ifr_addr)),
                                if (error == 0) {
                                        error = copyout((caddr_t)sa, (ifrp +
                                            offsetof(struct ifreq, ifr_addr)),
@@ -2980,27 +4252,30 @@ ifconf(u_long cmd, user_addr_t ifrp, int *ret_space)
                                    ifr_addr));
                        }
                        IFA_UNLOCK(ifa);
                                    ifr_addr));
                        }
                        IFA_UNLOCK(ifa);
-                       if (error)
+                       if (error) {
                                break;
                                break;
-                       space -= sizeof (ifr);
+                       }
+                       space -= sizeof(ifr);
                }
                ifnet_lock_done(ifp);
 
                }
                ifnet_lock_done(ifp);
 
-               if (error)
+               if (error) {
                        break;
                        break;
+               }
                if (!addrs) {
                if (!addrs) {
-                       bzero((caddr_t)&ifr.ifr_addr, sizeof (ifr.ifr_addr));
-                       error = copyout((caddr_t)&ifr, ifrp, sizeof (ifr));
-                       if (error)
+                       bzero((caddr_t)&ifr.ifr_addr, sizeof(ifr.ifr_addr));
+                       error = copyout((caddr_t)&ifr, ifrp, sizeof(ifr));
+                       if (error) {
                                break;
                                break;
-                       space -= sizeof (ifr);
-                       ifrp += sizeof (struct ifreq);
+                       }
+                       space -= sizeof(ifr);
+                       ifrp += sizeof(struct ifreq);
                }
        }
        ifnet_head_done();
        *ret_space -= space;
        net_thread_marks_pop(marks);
                }
        }
        ifnet_head_done();
        *ret_space -= space;
        net_thread_marks_pop(marks);
-       return (error);
+       return error;
 }
 
 /*
 }
 
 /*
@@ -3010,7 +4285,7 @@ int
 if_allmulti(struct ifnet *ifp, int onswitch)
 {
        int error = 0;
 if_allmulti(struct ifnet *ifp, int onswitch)
 {
        int error = 0;
-       int     modified = 0;
+       int     modified = 0;
 
        ifnet_lock_exclusive(ifp);
 
 
        ifnet_lock_exclusive(ifp);
 
@@ -3030,11 +4305,13 @@ if_allmulti(struct ifnet *ifp, int onswitch)
        }
        ifnet_lock_done(ifp);
 
        }
        ifnet_lock_done(ifp);
 
-       if (modified)
+       if (modified) {
                error = ifnet_ioctl(ifp, 0, SIOCSIFFLAGS, NULL);
                error = ifnet_ioctl(ifp, 0, SIOCSIFFLAGS, NULL);
+       }
 
 
-       if (error == 0)
+       if (error == 0) {
                rt_ifmsg(ifp);
                rt_ifmsg(ifp);
+       }
        return error;
 }
 
        return error;
 }
 
@@ -3055,7 +4332,7 @@ ifma_alloc(int how)
                        ifma->ifma_trace = ifma_trace;
                }
        }
                        ifma->ifma_trace = ifma_trace;
                }
        }
-       return (ifma);
+       return ifma;
 }
 
 static void
 }
 
 static void
@@ -3139,10 +4416,11 @@ ifma_trace(struct ifmultiaddr *ifma, int refhold)
 void
 ifma_addref(struct ifmultiaddr *ifma, int locked)
 {
 void
 ifma_addref(struct ifmultiaddr *ifma, int locked)
 {
-       if (!locked)
+       if (!locked) {
                IFMA_LOCK(ifma);
                IFMA_LOCK(ifma);
-       else
+       } else {
                IFMA_LOCK_ASSERT_HELD(ifma);
                IFMA_LOCK_ASSERT_HELD(ifma);
+       }
 
        if (++ifma->ifma_refcount == 0) {
                panic("%s: ifma=%p wraparound refcnt", __func__, ifma);
 
        if (++ifma->ifma_refcount == 0) {
                panic("%s: ifma=%p wraparound refcnt", __func__, ifma);
@@ -3150,8 +4428,9 @@ ifma_addref(struct ifmultiaddr *ifma, int locked)
        } else if (ifma->ifma_trace != NULL) {
                (*ifma->ifma_trace)(ifma, TRUE);
        }
        } else if (ifma->ifma_trace != NULL) {
                (*ifma->ifma_trace)(ifma, TRUE);
        }
-       if (!locked)
+       if (!locked) {
                IFMA_UNLOCK(ifma);
                IFMA_UNLOCK(ifma);
+       }
 }
 
 void
 }
 
 void
@@ -3178,10 +4457,11 @@ ifma_remref(struct ifmultiaddr *ifma)
        ifma->ifma_ifp = NULL;
        ifma->ifma_ll = NULL;
        IFMA_UNLOCK(ifma);
        ifma->ifma_ifp = NULL;
        ifma->ifma_ll = NULL;
        IFMA_UNLOCK(ifma);
-       ifma_free(ifma);        /* deallocate it */
+       ifma_free(ifma);        /* deallocate it */
 
 
-       if (ll != NULL)
+       if (ll != NULL) {
                IFMA_REMREF(ll);
                IFMA_REMREF(ll);
+       }
 }
 
 static void
 }
 
 static void
@@ -3243,14 +4523,16 @@ if_detach_ifma(struct ifnet *ifp, struct ifmultiaddr *ifma, int anon)
 
        if (anon) {
                --ifma->ifma_anoncnt;
 
        if (anon) {
                --ifma->ifma_anoncnt;
-               if (ifma->ifma_anoncnt > 0)
-                       return (0);
+               if (ifma->ifma_anoncnt > 0) {
+                       return 0;
+               }
                ifma->ifma_flags &= ~IFMAF_ANONYMOUS;
        }
 
        --ifma->ifma_reqcnt;
                ifma->ifma_flags &= ~IFMAF_ANONYMOUS;
        }
 
        --ifma->ifma_reqcnt;
-       if (ifma->ifma_reqcnt > 0)
-               return (0);
+       if (ifma->ifma_reqcnt > 0) {
+               return 0;
+       }
 
        if (ifma->ifma_protospec != NULL) {
                panic("%s: Protospec not NULL for ifma=%p", __func__, ifma);
 
        if (ifma->ifma_protospec != NULL) {
                panic("%s: Protospec not NULL for ifma=%p", __func__, ifma);
@@ -3274,8 +4556,9 @@ if_detach_ifma(struct ifnet *ifp, struct ifmultiaddr *ifma, int anon)
         */
        ifma->ifma_debug &= ~IFD_ATTACHED;
        LIST_REMOVE(ifma, ifma_link);
         */
        ifma->ifma_debug &= ~IFD_ATTACHED;
        LIST_REMOVE(ifma, ifma_link);
-       if (LIST_EMPTY(&ifp->if_multiaddrs))
+       if (LIST_EMPTY(&ifp->if_multiaddrs)) {
                ifp->if_updatemcasts = 0;
                ifp->if_updatemcasts = 0;
+       }
 
        if (ifma->ifma_debug & IFD_DEBUG) {
                /* Become a regular mutex, just in case */
 
        if (ifma->ifma_debug & IFD_DEBUG) {
                /* Become a regular mutex, just in case */
@@ -3287,11 +4570,11 @@ if_detach_ifma(struct ifnet *ifp, struct ifmultiaddr *ifma, int anon)
                ifma->ifma_debug |= IFD_TRASHED;
        }
 
                ifma->ifma_debug |= IFD_TRASHED;
        }
 
-       return (1);
+       return 1;
 }
 
 /*
 }
 
 /*
- * Find an ifmultiaddr that matches a socket address on an interface. 
+ * Find an ifmultiaddr that matches a socket address on an interface.
  *
  * Caller is responsible for holding the ifnet_lock while calling
  * this function.
  *
  * Caller is responsible for holding the ifnet_lock while calling
  * this function.
@@ -3303,9 +4586,9 @@ if_addmulti_doesexist(struct ifnet *ifp, const struct sockaddr *sa,
        struct ifmultiaddr *ifma;
 
        for (ifma = LIST_FIRST(&ifp->if_multiaddrs); ifma != NULL;
        struct ifmultiaddr *ifma;
 
        for (ifma = LIST_FIRST(&ifp->if_multiaddrs); ifma != NULL;
-            ifma = LIST_NEXT(ifma, ifma_link)) {
+           ifma = LIST_NEXT(ifma, ifma_link)) {
                IFMA_LOCK_SPIN(ifma);
                IFMA_LOCK_SPIN(ifma);
-               if (!equal(sa, ifma->ifma_addr)) {
+               if (!ifa_equal(sa, ifma->ifma_addr)) {
                        IFMA_UNLOCK(ifma);
                        continue;
                }
                        IFMA_UNLOCK(ifma);
                        continue;
                }
@@ -3329,66 +4612,69 @@ if_addmulti_doesexist(struct ifnet *ifp, const struct sockaddr *sa,
                        IFMA_ADDREF_LOCKED(ifma);
                }
                IFMA_UNLOCK(ifma);
                        IFMA_ADDREF_LOCKED(ifma);
                }
                IFMA_UNLOCK(ifma);
-               return (0);
+               return 0;
        }
        }
-       return (ENOENT);
+       return ENOENT;
 }
 
 /*
  * Radar 3642395, make sure all multicasts are in a standard format.
  */
 }
 
 /*
  * Radar 3642395, make sure all multicasts are in a standard format.
  */
-static struct sockaddr*
+static struct sockaddr *
 copy_and_normalize(const struct sockaddr *original)
 {
 copy_and_normalize(const struct sockaddr *original)
 {
-       int                     alen = 0;
-       const u_char            *aptr = NULL;
-       struct sockaddr         *copy = NULL;
-       struct sockaddr_dl      *sdl_new = NULL;
-       int                     len = 0;
+       int                     alen = 0;
+       const u_char            *aptr = NULL;
+       struct sockaddr         *copy = NULL;
+       struct sockaddr_dl      *sdl_new = NULL;
+       int                     len = 0;
 
        if (original->sa_family != AF_LINK &&
            original->sa_family != AF_UNSPEC) {
                /* Just make a copy */
 
        if (original->sa_family != AF_LINK &&
            original->sa_family != AF_UNSPEC) {
                /* Just make a copy */
-               MALLOC(copy, struct sockaddr*, original->sa_len,
+               MALLOC(copy, struct sockaddr *, original->sa_len,
                    M_IFADDR, M_WAITOK);
                    M_IFADDR, M_WAITOK);
-               if (copy != NULL)
+               if (copy != NULL) {
                        bcopy(original, copy, original->sa_len);
                        bcopy(original, copy, original->sa_len);
-               return (copy);
+               }
+               return copy;
        }
 
        switch (original->sa_family) {
        }
 
        switch (original->sa_family) {
-               case AF_LINK: {
-                       const struct sockaddr_dl *sdl_original =
-                           (struct sockaddr_dl*)(uintptr_t)(size_t)original;
-
-                       if (sdl_original->sdl_nlen + sdl_original->sdl_alen +
-                           sdl_original->sdl_slen +
-                           offsetof(struct sockaddr_dl, sdl_data) >
-                           sdl_original->sdl_len)
-                               return (NULL);
-
-                       alen = sdl_original->sdl_alen;
-                       aptr = CONST_LLADDR(sdl_original);
+       case AF_LINK: {
+               const struct sockaddr_dl *sdl_original =
+                   (struct sockaddr_dl *)(uintptr_t)(size_t)original;
+
+               if (sdl_original->sdl_nlen + sdl_original->sdl_alen +
+                   sdl_original->sdl_slen +
+                   offsetof(struct sockaddr_dl, sdl_data) >
+                   sdl_original->sdl_len) {
+                       return NULL;
                }
                }
-               break;
 
 
-               case AF_UNSPEC: {
-                       if (original->sa_len < ETHER_ADDR_LEN +
-                           offsetof(struct sockaddr, sa_data)) {
-                               return (NULL);
-                       }
+               alen = sdl_original->sdl_alen;
+               aptr = CONST_LLADDR(sdl_original);
+       }
+       break;
 
 
-                       alen = ETHER_ADDR_LEN;
-                       aptr = (const u_char*)original->sa_data;
+       case AF_UNSPEC: {
+               if (original->sa_len < ETHER_ADDR_LEN +
+                   offsetof(struct sockaddr, sa_data)) {
+                       return NULL;
                }
                }
-               break;
+
+               alen = ETHER_ADDR_LEN;
+               aptr = (const u_char *)original->sa_data;
+       }
+       break;
        }
 
        }
 
-       if (alen == 0 || aptr == NULL)
-               return (NULL);
+       if (alen == 0 || aptr == NULL) {
+               return NULL;
+       }
 
        len = alen + offsetof(struct sockaddr_dl, sdl_data);
 
        len = alen + offsetof(struct sockaddr_dl, sdl_data);
-       MALLOC(sdl_new, struct sockaddr_dl*, len, M_IFADDR, M_WAITOK);
+       MALLOC(sdl_new, struct sockaddr_dl *, len, M_IFADDR, M_WAITOK);
 
        if (sdl_new != NULL) {
                bzero(sdl_new, len);
 
        if (sdl_new != NULL) {
                bzero(sdl_new, len);
@@ -3398,7 +4684,7 @@ copy_and_normalize(const struct sockaddr *original)
                bcopy(aptr, LLADDR(sdl_new), alen);
        }
 
                bcopy(aptr, LLADDR(sdl_new), alen);
        }
 
-       return ((struct sockaddr*)sdl_new);
+       return (struct sockaddr *)sdl_new;
 }
 
 /*
 }
 
 /*
@@ -3409,7 +4695,7 @@ int
 if_addmulti(struct ifnet *ifp, const struct sockaddr *sa,
     struct ifmultiaddr **retifma)
 {
 if_addmulti(struct ifnet *ifp, const struct sockaddr *sa,
     struct ifmultiaddr **retifma)
 {
-       return (if_addmulti_common(ifp, sa, retifma, 0));
+       return if_addmulti_common(ifp, sa, retifma, 0);
 }
 
 /*
 }
 
 /*
@@ -3421,7 +4707,7 @@ int
 if_addmulti_anon(struct ifnet *ifp, const struct sockaddr *sa,
     struct ifmultiaddr **retifma)
 {
 if_addmulti_anon(struct ifnet *ifp, const struct sockaddr *sa,
     struct ifmultiaddr **retifma)
 {
-       return (if_addmulti_common(ifp, sa, retifma, 1));
+       return if_addmulti_common(ifp, sa, retifma, 1);
 }
 
 /*
 }
 
 /*
@@ -3481,8 +4767,9 @@ if_addmulti_common(struct ifnet *ifp, const struct sockaddr *sa,
        /* If the address is already present, return a new reference to it */
        error = if_addmulti_doesexist(ifp, sa, retifma, anon);
        ifnet_lock_done(ifp);
        /* If the address is already present, return a new reference to it */
        error = if_addmulti_doesexist(ifp, sa, retifma, anon);
        ifnet_lock_done(ifp);
-       if (error == 0)
+       if (error == 0) {
                goto cleanup;
                goto cleanup;
+       }
 
        /*
         * The address isn't already present; give the link layer a chance
 
        /*
         * The address isn't already present; give the link layer a chance
@@ -3490,7 +4777,7 @@ if_addmulti_common(struct ifnet *ifp, const struct sockaddr *sa,
         * maps to, if it isn't one already.
         */
        error = dlil_resolve_multi(ifp, sa, (struct sockaddr *)&storage,
         * maps to, if it isn't one already.
         */
        error = dlil_resolve_multi(ifp, sa, (struct sockaddr *)&storage,
-           sizeof (storage));
+           sizeof(storage));
        if (error == 0 && storage.ss_len != 0) {
                llsa = copy_and_normalize((struct sockaddr *)&storage);
                if (llsa == NULL) {
        if (error == 0 && storage.ss_len != 0) {
                llsa = copy_and_normalize((struct sockaddr *)&storage);
                if (llsa == NULL) {
@@ -3506,10 +4793,11 @@ if_addmulti_common(struct ifnet *ifp, const struct sockaddr *sa,
        }
 
        /* to be similar to FreeBSD */
        }
 
        /* to be similar to FreeBSD */
-       if (error == EOPNOTSUPP)
+       if (error == EOPNOTSUPP) {
                error = 0;
                error = 0;
-       else if (error != 0)
+       } else if (error != 0) {
                goto cleanup;
                goto cleanup;
+       }
 
        /* Allocate while we aren't holding any locks */
        if (dupsa == NULL) {
 
        /* Allocate while we aren't holding any locks */
        if (dupsa == NULL) {
@@ -3536,7 +4824,7 @@ if_addmulti_common(struct ifnet *ifp, const struct sockaddr *sa,
        }
 
        if (llifma != NULL) {
        }
 
        if (llifma != NULL) {
-               VERIFY(!anon);  /* must not get here if "anonymous" */
+               VERIFY(!anon);  /* must not get here if "anonymous" */
                if (if_addmulti_doesexist(ifp, llsa, &ifma->ifma_ll, 0) == 0) {
                        FREE(llsa, M_IFADDR);
                        llsa = NULL;
                if (if_addmulti_doesexist(ifp, llsa, &ifma->ifma_ll, 0) == 0) {
                        FREE(llsa, M_IFADDR);
                        llsa = NULL;
@@ -3563,10 +4851,10 @@ if_addmulti_common(struct ifnet *ifp, const struct sockaddr *sa,
        ifma->ifma_ifp = ifp;
        IFMA_LOCK(ifma);
        if_attach_ifma(ifp, ifma, anon);
        ifma->ifma_ifp = ifp;
        IFMA_LOCK(ifma);
        if_attach_ifma(ifp, ifma, anon);
-       IFMA_ADDREF_LOCKED(ifma);               /* for this routine */
+       IFMA_ADDREF_LOCKED(ifma);               /* for this routine */
        if (retifma != NULL) {
                *retifma = ifma;
        if (retifma != NULL) {
                *retifma = ifma;
-               IFMA_ADDREF_LOCKED(*retifma);   /* for caller */
+               IFMA_ADDREF_LOCKED(*retifma);   /* for caller */
        }
        lladdr = (ifma->ifma_addr->sa_family == AF_UNSPEC ||
            ifma->ifma_addr->sa_family == AF_LINK);
        }
        lladdr = (ifma->ifma_addr->sa_family == AF_UNSPEC ||
            ifma->ifma_addr->sa_family == AF_LINK);
@@ -3574,32 +4862,38 @@ if_addmulti_common(struct ifnet *ifp, const struct sockaddr *sa,
        ifnet_lock_done(ifp);
 
        rt_newmaddrmsg(RTM_NEWMADDR, ifma);
        ifnet_lock_done(ifp);
 
        rt_newmaddrmsg(RTM_NEWMADDR, ifma);
-       IFMA_REMREF(ifma);                      /* for this routine */
+       IFMA_REMREF(ifma);                      /* for this routine */
 
        /*
         * We are certain we have added something, so call down to the
         * interface to let them know about it.  Do this only for newly-
         * added AF_LINK/AF_UNSPEC address in the if_multiaddrs set.
         */
 
        /*
         * We are certain we have added something, so call down to the
         * interface to let them know about it.  Do this only for newly-
         * added AF_LINK/AF_UNSPEC address in the if_multiaddrs set.
         */
-       if (lladdr || ll_firstref)
+       if (lladdr || ll_firstref) {
                (void) ifnet_ioctl(ifp, 0, SIOCADDMULTI, NULL);
                (void) ifnet_ioctl(ifp, 0, SIOCADDMULTI, NULL);
+       }
 
 
-       if (ifp->if_updatemcasts > 0)
+       if (ifp->if_updatemcasts > 0) {
                ifp->if_updatemcasts = 0;
                ifp->if_updatemcasts = 0;
+       }
 
 
-       return (0);
+       return 0;
 
 cleanup:
 
 cleanup:
-       if (ifma != NULL)
+       if (ifma != NULL) {
                ifma_free(ifma);
                ifma_free(ifma);
-       if (dupsa != NULL)
+       }
+       if (dupsa != NULL) {
                FREE(dupsa, M_IFADDR);
                FREE(dupsa, M_IFADDR);
-       if (llifma != NULL)
+       }
+       if (llifma != NULL) {
                ifma_free(llifma);
                ifma_free(llifma);
-       if (llsa != NULL)
+       }
+       if (llsa != NULL) {
                FREE(llsa, M_IFADDR);
                FREE(llsa, M_IFADDR);
+       }
 
 
-       return (error);
+       return error;
 }
 
 /*
 }
 
 /*
@@ -3609,7 +4903,7 @@ cleanup:
 int
 if_delmulti(struct ifnet *ifp, const struct sockaddr *sa)
 {
 int
 if_delmulti(struct ifnet *ifp, const struct sockaddr *sa)
 {
-       return (if_delmulti_common(NULL, ifp, sa, 0));
+       return if_delmulti_common(NULL, ifp, sa, 0);
 }
 
 /*
 }
 
 /*
@@ -3619,7 +4913,7 @@ if_delmulti(struct ifnet *ifp, const struct sockaddr *sa)
 int
 if_delmulti_ifma(struct ifmultiaddr *ifma)
 {
 int
 if_delmulti_ifma(struct ifmultiaddr *ifma)
 {
-       return (if_delmulti_common(ifma, NULL, NULL, 0));
+       return if_delmulti_common(ifma, NULL, NULL, 0);
 }
 
 /*
 }
 
 /*
@@ -3630,7 +4924,7 @@ if_delmulti_ifma(struct ifmultiaddr *ifma)
 int
 if_delmulti_anon(struct ifnet *ifp, const struct sockaddr *sa)
 {
 int
 if_delmulti_anon(struct ifnet *ifp, const struct sockaddr *sa)
 {
-       return (if_delmulti_common(NULL, ifp, sa, 1));
+       return if_delmulti_common(NULL, ifp, sa, 1);
 }
 
 /*
 }
 
 /*
@@ -3642,30 +4936,32 @@ static int
 if_delmulti_common(struct ifmultiaddr *ifma, struct ifnet *ifp,
     const struct sockaddr *sa, int anon)
 {
 if_delmulti_common(struct ifmultiaddr *ifma, struct ifnet *ifp,
     const struct sockaddr *sa, int anon)
 {
-       struct sockaddr         *dupsa = NULL;
-       int                     lastref, ll_lastref = 0, lladdr;
-       struct ifmultiaddr      *ll = NULL;
+       struct sockaddr         *dupsa = NULL;
+       int                     lastref, ll_lastref = 0, lladdr;
+       struct ifmultiaddr      *ll = NULL;
 
        /* sanity check for callers */
        VERIFY(ifma != NULL || (ifp != NULL && sa != NULL));
 
 
        /* sanity check for callers */
        VERIFY(ifma != NULL || (ifp != NULL && sa != NULL));
 
-       if (ifma != NULL)
+       if (ifma != NULL) {
                ifp = ifma->ifma_ifp;
                ifp = ifma->ifma_ifp;
+       }
 
        if (sa != NULL &&
            (sa->sa_family == AF_LINK || sa->sa_family == AF_UNSPEC)) {
                dupsa = copy_and_normalize(sa);
 
        if (sa != NULL &&
            (sa->sa_family == AF_LINK || sa->sa_family == AF_UNSPEC)) {
                dupsa = copy_and_normalize(sa);
-               if (dupsa == NULL)
-                       return (ENOMEM);
+               if (dupsa == NULL) {
+                       return ENOMEM;
+               }
                sa = dupsa;
        }
 
        ifnet_lock_exclusive(ifp);
        if (ifma == NULL) {
                for (ifma = LIST_FIRST(&ifp->if_multiaddrs); ifma != NULL;
                sa = dupsa;
        }
 
        ifnet_lock_exclusive(ifp);
        if (ifma == NULL) {
                for (ifma = LIST_FIRST(&ifp->if_multiaddrs); ifma != NULL;
-                    ifma = LIST_NEXT(ifma, ifma_link)) {
+                   ifma = LIST_NEXT(ifma, ifma_link)) {
                        IFMA_LOCK(ifma);
                        IFMA_LOCK(ifma);
-                       if (!equal(sa, ifma->ifma_addr) ||
+                       if (!ifa_equal(sa, ifma->ifma_addr) ||
                            (anon && !(ifma->ifma_flags & IFMAF_ANONYMOUS))) {
                                VERIFY(!(ifma->ifma_flags & IFMAF_ANONYMOUS) ||
                                    ifma->ifma_anoncnt != 0);
                            (anon && !(ifma->ifma_flags & IFMAF_ANONYMOUS))) {
                                VERIFY(!(ifma->ifma_flags & IFMAF_ANONYMOUS) ||
                                    ifma->ifma_anoncnt != 0);
@@ -3676,16 +4972,17 @@ if_delmulti_common(struct ifmultiaddr *ifma, struct ifnet *ifp,
                        break;
                }
                if (ifma == NULL) {
                        break;
                }
                if (ifma == NULL) {
-                       if (dupsa != NULL)
+                       if (dupsa != NULL) {
                                FREE(dupsa, M_IFADDR);
                                FREE(dupsa, M_IFADDR);
+                       }
                        ifnet_lock_done(ifp);
                        ifnet_lock_done(ifp);
-                       return (ENOENT);
+                       return ENOENT;
                }
        } else {
                IFMA_LOCK(ifma);
        }
        IFMA_LOCK_ASSERT_HELD(ifma);
                }
        } else {
                IFMA_LOCK(ifma);
        }
        IFMA_LOCK_ASSERT_HELD(ifma);
-       IFMA_ADDREF_LOCKED(ifma);       /* for this routine */
+       IFMA_ADDREF_LOCKED(ifma);       /* for this routine */
        lastref = if_detach_ifma(ifp, ifma, anon);
        VERIFY(!lastref || (!(ifma->ifma_debug & IFD_ATTACHED) &&
            ifma->ifma_reqcnt == 0));
        lastref = if_detach_ifma(ifp, ifma, anon);
        VERIFY(!lastref || (!(ifma->ifma_debug & IFD_ATTACHED) &&
            ifma->ifma_reqcnt == 0));
@@ -3701,8 +4998,9 @@ if_delmulti_common(struct ifmultiaddr *ifma, struct ifnet *ifp,
        }
        ifnet_lock_done(ifp);
 
        }
        ifnet_lock_done(ifp);
 
-       if (lastref)
+       if (lastref) {
                rt_newmaddrmsg(RTM_DELMADDR, ifma);
                rt_newmaddrmsg(RTM_DELMADDR, ifma);
+       }
 
        if ((ll == NULL && lastref && lladdr) || ll_lastref) {
                /*
 
        if ((ll == NULL && lastref && lladdr) || ll_lastref) {
                /*
@@ -3714,16 +5012,18 @@ if_delmulti_common(struct ifmultiaddr *ifma, struct ifnet *ifp,
                ifnet_ioctl(ifp, 0, SIOCDELMULTI, NULL);
        }
 
                ifnet_ioctl(ifp, 0, SIOCDELMULTI, NULL);
        }
 
-       if (lastref)
-               IFMA_REMREF(ifma);      /* for if_multiaddrs list */
-       if (ll_lastref)
-               IFMA_REMREF(ll);        /* for if_multiaddrs list */
-
-       IFMA_REMREF(ifma);              /* for this routine */
-       if (dupsa != NULL)
+       if (lastref) {
+               IFMA_REMREF(ifma);      /* for if_multiaddrs list */
+       }
+       if (ll_lastref) {
+               IFMA_REMREF(ll);        /* for if_multiaddrs list */
+       }
+       IFMA_REMREF(ifma);              /* for this routine */
+       if (dupsa != NULL) {
                FREE(dupsa, M_IFADDR);
                FREE(dupsa, M_IFADDR);
+       }
 
 
-       return (0);
+       return 0;
 }
 
 /*
 }
 
 /*
@@ -3734,8 +5034,8 @@ int
 if_down_all(void)
 {
        struct ifnet **ifp;
 if_down_all(void)
 {
        struct ifnet **ifp;
-       u_int32_t       count;
-       u_int32_t       i;
+       u_int32_t       count;
+       u_int32_t       i;
 
        if (ifnet_list_get_all(IFNET_FAMILY_ANY, &ifp, &count) == 0) {
                for (i = 0; i < count; i++) {
 
        if (ifnet_list_get_all(IFNET_FAMILY_ANY, &ifp, &count) == 0) {
                for (i = 0; i < count; i++) {
@@ -3750,7 +5050,7 @@ if_down_all(void)
 
 /*
  * Delete Routes for a Network Interface
 
 /*
  * Delete Routes for a Network Interface
- * 
+ *
  * Called for each routing entry via the rnh->rnh_walktree() call above
  * to delete all route entries referencing a detaching network interface.
  *
  * Called for each routing entry via the rnh->rnh_walktree() call above
  * to delete all route entries referencing a detaching network interface.
  *
@@ -3766,12 +5066,13 @@ if_down_all(void)
 static int
 if_rtdel(struct radix_node *rn, void *arg)
 {
 static int
 if_rtdel(struct radix_node *rn, void *arg)
 {
-       struct rtentry  *rt = (struct rtentry *)rn;
-       struct ifnet    *ifp = arg;
-       int             err;
+       struct rtentry  *rt = (struct rtentry *)rn;
+       struct ifnet    *ifp = arg;
+       int             err;
 
 
-       if (rt == NULL)
-               return (0);
+       if (rt == NULL) {
+               return 0;
+       }
        /*
         * Checking against RTF_UP protects against walktree
         * recursion problems with cloned routes.
        /*
         * Checking against RTF_UP protects against walktree
         * recursion problems with cloned routes.
@@ -3792,7 +5093,7 @@ if_rtdel(struct radix_node *rn, void *arg)
        } else {
                RT_UNLOCK(rt);
        }
        } else {
                RT_UNLOCK(rt);
        }
-       return (0);
+       return 0;
 }
 
 /*
 }
 
 /*
@@ -3805,7 +5106,7 @@ if_rtproto_del(struct ifnet *ifp, int protocol)
        struct radix_node_head  *rnh;
 
        if ((protocol <= AF_MAX) && (protocol >= 0) &&
        struct radix_node_head  *rnh;
 
        if ((protocol <= AF_MAX) && (protocol >= 0) &&
-               ((rnh = rt_tables[protocol]) != NULL) && (ifp != NULL)) {
+           ((rnh = rt_tables[protocol]) != NULL) && (ifp != NULL)) {
                lck_mtx_lock(rnh_lock);
                (void) rnh->rnh_walktree(rnh, if_rtdel, ifp);
                lck_mtx_unlock(rnh_lock);
                lck_mtx_lock(rnh_lock);
                (void) rnh->rnh_walktree(rnh, if_rtdel, ifp);
                lck_mtx_unlock(rnh_lock);
@@ -3825,12 +5126,19 @@ if_rtmtu(struct radix_node *rn, void *arg)
                 * has not been locked (RTV_MTU is not set) and
                 * if it was non-zero to begin with.
                 */
                 * has not been locked (RTV_MTU is not set) and
                 * if it was non-zero to begin with.
                 */
-               if (!(rt->rt_rmx.rmx_locks & RTV_MTU) && rt->rt_rmx.rmx_mtu)
+               if (!(rt->rt_rmx.rmx_locks & RTV_MTU) && rt->rt_rmx.rmx_mtu) {
                        rt->rt_rmx.rmx_mtu = ifp->if_mtu;
                        rt->rt_rmx.rmx_mtu = ifp->if_mtu;
+                       if (rt_key(rt)->sa_family == AF_INET &&
+                           INTF_ADJUST_MTU_FOR_CLAT46(ifp)) {
+                               rt->rt_rmx.rmx_mtu = IN6_LINKMTU(ifp);
+                               /* Further adjust the size for CLAT46 expansion */
+                               rt->rt_rmx.rmx_mtu -= CLAT46_HDR_EXPANSION_OVERHD;
+                       }
+               }
        }
        RT_UNLOCK(rt);
 
        }
        RT_UNLOCK(rt);
 
-       return (0);
+       return 0;
 }
 
 /*
 }
 
 /*
@@ -3838,15 +5146,16 @@ if_rtmtu(struct radix_node *rn, void *arg)
  * associated with a particular interface; this is called when the
  * MTU of that interface has changed.
  */
  * associated with a particular interface; this is called when the
  * MTU of that interface has changed.
  */
-static
-void if_rtmtu_update(struct ifnet *ifp)
+static void
+if_rtmtu_update(struct ifnet *ifp)
 {
        struct radix_node_head *rnh;
        int p;
 
        for (p = 0; p < AF_MAX + 1; p++) {
 {
        struct radix_node_head *rnh;
        int p;
 
        for (p = 0; p < AF_MAX + 1; p++) {
-               if ((rnh = rt_tables[p]) == NULL)
+               if ((rnh = rt_tables[p]) == NULL) {
                        continue;
                        continue;
+               }
 
                lck_mtx_lock(rnh_lock);
                (void) rnh->rnh_walktree(rnh, if_rtmtu, ifp);
 
                lck_mtx_lock(rnh_lock);
                (void) rnh->rnh_walktree(rnh, if_rtmtu, ifp);
@@ -3860,12 +5169,12 @@ if_data_internal_to_if_data(struct ifnet *ifp,
     const struct if_data_internal *if_data_int, struct if_data *if_data)
 {
 #pragma unused(ifp)
     const struct if_data_internal *if_data_int, struct if_data *if_data)
 {
 #pragma unused(ifp)
-#define COPYFIELD(fld)         if_data->fld = if_data_int->fld
-#define COPYFIELD32(fld)       if_data->fld = (u_int32_t)(if_data_int->fld)
+#define COPYFIELD(fld)          if_data->fld = if_data_int->fld
+#define COPYFIELD32(fld)        if_data->fld = (u_int32_t)(if_data_int->fld)
 /* compiler will cast down to 32-bit */
 /* compiler will cast down to 32-bit */
-#define        COPYFIELD32_ATOMIC(fld) do {                                    \
-       atomic_get_64(if_data->fld,                                     \
-           (u_int64_t *)(void *)(uintptr_t)&if_data_int->fld);         \
+#define COPYFIELD32_ATOMIC(fld) do {                                    \
+       atomic_get_64(if_data->fld,                                     \
+           (u_int64_t *)(void *)(uintptr_t)&if_data_int->fld);         \
 } while (0)
 
        COPYFIELD(ifi_type);
 } while (0)
 
        COPYFIELD(ifi_type);
@@ -3919,10 +5228,10 @@ if_data_internal_to_if_data64(struct ifnet *ifp,
     struct if_data64 *if_data64)
 {
 #pragma unused(ifp)
     struct if_data64 *if_data64)
 {
 #pragma unused(ifp)
-#define COPYFIELD64(fld)       if_data64->fld = if_data_int->fld
-#define COPYFIELD64_ATOMIC(fld) do {                                   \
-       atomic_get_64(if_data64->fld,                                   \
-           (u_int64_t *)(void *)(uintptr_t)&if_data_int->fld);         \
+#define COPYFIELD64(fld)        if_data64->fld = if_data_int->fld
+#define COPYFIELD64_ATOMIC(fld) do {                                    \
+       atomic_get_64(if_data64->fld,                                   \
+           (u_int64_t *)(void *)(uintptr_t)&if_data_int->fld);         \
 } while (0)
 
        COPYFIELD64(ifi_type);
 } while (0)
 
        COPYFIELD64(ifi_type);
@@ -3949,8 +5258,9 @@ if_data_internal_to_if_data64(struct ifnet *ifp,
        COPYFIELD64_ATOMIC(ifi_iqdrops);
        COPYFIELD64_ATOMIC(ifi_noproto);
 
        COPYFIELD64_ATOMIC(ifi_iqdrops);
        COPYFIELD64_ATOMIC(ifi_noproto);
 
-       /* Note these two fields are actually 32 bit, so doing COPYFIELD64_ATOMIC will
-        * cause them to be misaligned
+       /*
+        * Note these two fields are actually 32 bit, so doing
+        * COPYFIELD64_ATOMIC will cause them to be misaligned
         */
        COPYFIELD64(ifi_recvtiming);
        COPYFIELD64(ifi_xmittiming);
         */
        COPYFIELD64(ifi_recvtiming);
        COPYFIELD64(ifi_xmittiming);
@@ -3967,12 +5277,12 @@ __private_extern__ void
 if_copy_traffic_class(struct ifnet *ifp,
     struct if_traffic_class *if_tc)
 {
 if_copy_traffic_class(struct ifnet *ifp,
     struct if_traffic_class *if_tc)
 {
-#define COPY_IF_TC_FIELD64_ATOMIC(fld) do {                    \
-       atomic_get_64(if_tc->fld,                               \
-           (u_int64_t *)(void *)(uintptr_t)&ifp->if_tc.fld);   \
+#define COPY_IF_TC_FIELD64_ATOMIC(fld) do {                     \
+       atomic_get_64(if_tc->fld,                               \
+           (u_int64_t *)(void *)(uintptr_t)&ifp->if_tc.fld);   \
 } while (0)
 
 } while (0)
 
-       bzero(if_tc, sizeof (*if_tc));
+       bzero(if_tc, sizeof(*if_tc));
        COPY_IF_TC_FIELD64_ATOMIC(ifi_ibepackets);
        COPY_IF_TC_FIELD64_ATOMIC(ifi_ibebytes);
        COPY_IF_TC_FIELD64_ATOMIC(ifi_obepackets);
        COPY_IF_TC_FIELD64_ATOMIC(ifi_ibepackets);
        COPY_IF_TC_FIELD64_ATOMIC(ifi_ibebytes);
        COPY_IF_TC_FIELD64_ATOMIC(ifi_obepackets);
@@ -4000,12 +5310,12 @@ if_copy_traffic_class(struct ifnet *ifp,
 void
 if_copy_data_extended(struct ifnet *ifp, struct if_data_extended *if_de)
 {
 void
 if_copy_data_extended(struct ifnet *ifp, struct if_data_extended *if_de)
 {
-#define COPY_IF_DE_FIELD64_ATOMIC(fld) do {                    \
-       atomic_get_64(if_de->fld,                               \
-           (u_int64_t *)(void *)(uintptr_t)&ifp->if_data.fld); \
+#define COPY_IF_DE_FIELD64_ATOMIC(fld) do {                     \
+       atomic_get_64(if_de->fld,                               \
+           (u_int64_t *)(void *)(uintptr_t)&ifp->if_data.fld); \
 } while (0)
 
 } while (0)
 
-       bzero(if_de, sizeof (*if_de));
+       bzero(if_de, sizeof(*if_de));
        COPY_IF_DE_FIELD64_ATOMIC(ifi_alignerrs);
        COPY_IF_DE_FIELD64_ATOMIC(ifi_dt_bytes);
        COPY_IF_DE_FIELD64_ATOMIC(ifi_fpackets);
        COPY_IF_DE_FIELD64_ATOMIC(ifi_alignerrs);
        COPY_IF_DE_FIELD64_ATOMIC(ifi_dt_bytes);
        COPY_IF_DE_FIELD64_ATOMIC(ifi_fpackets);
@@ -4017,14 +5327,14 @@ if_copy_data_extended(struct ifnet *ifp, struct if_data_extended *if_de)
 void
 if_copy_packet_stats(struct ifnet *ifp, struct if_packet_stats *if_ps)
 {
 void
 if_copy_packet_stats(struct ifnet *ifp, struct if_packet_stats *if_ps)
 {
-#define COPY_IF_PS_TCP_FIELD64_ATOMIC(fld) do {                                \
-       atomic_get_64(if_ps->ifi_tcp_##fld,                             \
-           (u_int64_t *)(void *)(uintptr_t)&ifp->if_tcp_stat->fld);    \
+#define COPY_IF_PS_TCP_FIELD64_ATOMIC(fld) do {                         \
+       atomic_get_64(if_ps->ifi_tcp_##fld,                             \
+           (u_int64_t *)(void *)(uintptr_t)&ifp->if_tcp_stat->fld);    \
 } while (0)
 
 } while (0)
 
-#define COPY_IF_PS_UDP_FIELD64_ATOMIC(fld) do {                                \
-       atomic_get_64(if_ps->ifi_udp_##fld,                             \
-           (u_int64_t *)(void *)(uintptr_t)&ifp->if_udp_stat->fld);    \
+#define COPY_IF_PS_UDP_FIELD64_ATOMIC(fld) do {                         \
+       atomic_get_64(if_ps->ifi_udp_##fld,                             \
+           (u_int64_t *)(void *)(uintptr_t)&ifp->if_udp_stat->fld);    \
 } while (0)
 
        COPY_IF_PS_TCP_FIELD64_ATOMIC(badformat);
 } while (0)
 
        COPY_IF_PS_TCP_FIELD64_ATOMIC(badformat);
@@ -4058,33 +5368,40 @@ if_copy_packet_stats(struct ifnet *ifp, struct if_packet_stats *if_ps)
 void
 if_copy_rxpoll_stats(struct ifnet *ifp, struct if_rxpoll_stats *if_rs)
 {
 void
 if_copy_rxpoll_stats(struct ifnet *ifp, struct if_rxpoll_stats *if_rs)
 {
-       bzero(if_rs, sizeof (*if_rs));
-       if (!(ifp->if_eflags & IFEF_RXPOLL) || !ifnet_is_attached(ifp, 1))
+       bzero(if_rs, sizeof(*if_rs));
+       if (!(ifp->if_eflags & IFEF_RXPOLL) || !ifnet_is_attached(ifp, 1)) {
                return;
                return;
-
-       /* by now, ifnet will stay attached so if_inp must be valid */
-       VERIFY(ifp->if_inp != NULL);
-       bcopy(&ifp->if_inp->pstats, if_rs, sizeof (*if_rs));
-
+       }
+       bcopy(&ifp->if_poll_pstats, if_rs, sizeof(*if_rs));
        /* Release the IO refcnt */
        ifnet_decr_iorefcnt(ifp);
 }
 
        /* Release the IO refcnt */
        ifnet_decr_iorefcnt(ifp);
 }
 
+void
+if_copy_netif_stats(struct ifnet *ifp, struct if_netif_stats *if_ns)
+{
+       bzero(if_ns, sizeof(*if_ns));
+#pragma unused(ifp)
+}
+
 struct ifaddr *
 ifa_remref(struct ifaddr *ifa, int locked)
 {
 struct ifaddr *
 ifa_remref(struct ifaddr *ifa, int locked)
 {
-       if (!locked)
+       if (!locked) {
                IFA_LOCK_SPIN(ifa);
                IFA_LOCK_SPIN(ifa);
-       else
+       } else {
                IFA_LOCK_ASSERT_HELD(ifa);
                IFA_LOCK_ASSERT_HELD(ifa);
+       }
 
 
-       if (ifa->ifa_refcnt == 0)
+       if (ifa->ifa_refcnt == 0) {
                panic("%s: ifa %p negative refcnt\n", __func__, ifa);
                panic("%s: ifa %p negative refcnt\n", __func__, ifa);
-       else if (ifa->ifa_trace != NULL)
+       } else if (ifa->ifa_trace != NULL) {
                (*ifa->ifa_trace)(ifa, FALSE);
                (*ifa->ifa_trace)(ifa, FALSE);
+       }
        if (--ifa->ifa_refcnt == 0) {
        if (--ifa->ifa_refcnt == 0) {
-               if (ifa->ifa_debug & IFD_ATTACHED)
+               if (ifa->ifa_debug & IFD_ATTACHED) {
                        panic("ifa %p attached to ifp is being freed\n", ifa);
                        panic("ifa %p attached to ifp is being freed\n", ifa);
+               }
                /*
                 * Some interface addresses are allocated either statically
                 * or carved out of a larger block.  Only free it if it was
                /*
                 * Some interface addresses are allocated either statically
                 * or carved out of a larger block.  Only free it if it was
@@ -4107,19 +5424,21 @@ ifa_remref(struct ifaddr *ifa, int locked)
                ifa = NULL;
        }
 
                ifa = NULL;
        }
 
-       if (!locked && ifa != NULL)
+       if (!locked && ifa != NULL) {
                IFA_UNLOCK(ifa);
                IFA_UNLOCK(ifa);
+       }
 
 
-       return (ifa);
+       return ifa;
 }
 
 void
 ifa_addref(struct ifaddr *ifa, int locked)
 {
 }
 
 void
 ifa_addref(struct ifaddr *ifa, int locked)
 {
-       if (!locked)
+       if (!locked) {
                IFA_LOCK_SPIN(ifa);
                IFA_LOCK_SPIN(ifa);
-       else
+       } else {
                IFA_LOCK_ASSERT_HELD(ifa);
                IFA_LOCK_ASSERT_HELD(ifa);
+       }
 
        if (++ifa->ifa_refcnt == 0) {
                panic("%s: ifa %p wraparound refcnt\n", __func__, ifa);
 
        if (++ifa->ifa_refcnt == 0) {
                panic("%s: ifa %p wraparound refcnt\n", __func__, ifa);
@@ -4127,8 +5446,9 @@ ifa_addref(struct ifaddr *ifa, int locked)
        } else if (ifa->ifa_trace != NULL) {
                (*ifa->ifa_trace)(ifa, TRUE);
        }
        } else if (ifa->ifa_trace != NULL) {
                (*ifa->ifa_trace)(ifa, TRUE);
        }
-       if (!locked)
+       if (!locked) {
                IFA_UNLOCK(ifa);
                IFA_UNLOCK(ifa);
+       }
 }
 
 void
 }
 
 void
@@ -4169,7 +5489,6 @@ ifioctl_cassert(void)
        case SIOCGPPPSTATS:
        case SIOCGPPPCSTATS:
 
        case SIOCGPPPSTATS:
        case SIOCGPPPCSTATS:
 
-#if INET6
        /* bsd/netinet6/in6_var.h */
        case SIOCSIFADDR_IN6:
        case SIOCGIFADDR_IN6:
        /* bsd/netinet6/in6_var.h */
        case SIOCSIFADDR_IN6:
        case SIOCGIFADDR_IN6:
@@ -4223,9 +5542,11 @@ ifioctl_cassert(void)
        case SIOCAUTOCONF_START:
        case SIOCAUTOCONF_STOP:
        case SIOCSETROUTERMODE_IN6:
        case SIOCAUTOCONF_START:
        case SIOCAUTOCONF_STOP:
        case SIOCSETROUTERMODE_IN6:
+       case SIOCGETROUTERMODE_IN6:
        case SIOCLL_CGASTART_32:
        case SIOCLL_CGASTART_64:
        case SIOCLL_CGASTART_32:
        case SIOCLL_CGASTART_64:
-#endif /* INET6 */
+       case SIOCGIFCGAPREP_IN6:
+       case SIOCSIFCGAPREP_IN6:
 
        /* bsd/sys/sockio.h */
        case SIOCSIFADDR:
 
        /* bsd/sys/sockio.h */
        case SIOCSIFADDR:
@@ -4244,6 +5565,7 @@ ifioctl_cassert(void)
        case SIOCSIFMETRIC:
        case SIOCDIFADDR:
        case SIOCAIFADDR:
        case SIOCSIFMETRIC:
        case SIOCDIFADDR:
        case SIOCAIFADDR:
+
        case SIOCGIFADDR:
        case SIOCGIFDSTADDR:
        case SIOCGIFBRDADDR:
        case SIOCGIFADDR:
        case SIOCGIFDSTADDR:
        case SIOCGIFBRDADDR:
@@ -4253,6 +5575,7 @@ ifioctl_cassert(void)
        case SIOCAUTOADDR:
        case SIOCAUTONETMASK:
        case SIOCARPIPLL:
        case SIOCAUTOADDR:
        case SIOCAUTONETMASK:
        case SIOCARPIPLL:
+
        case SIOCADDMULTI:
        case SIOCDELMULTI:
        case SIOCGIFMTU:
        case SIOCADDMULTI:
        case SIOCDELMULTI:
        case SIOCGIFMTU:
@@ -4262,48 +5585,58 @@ ifioctl_cassert(void)
        case SIOCSIFMEDIA:
        case SIOCGIFMEDIA32:
        case SIOCGIFMEDIA64:
        case SIOCSIFMEDIA:
        case SIOCGIFMEDIA32:
        case SIOCGIFMEDIA64:
+       case SIOCGIFXMEDIA32:
+       case SIOCGIFXMEDIA64:
        case SIOCSIFGENERIC:
        case SIOCGIFGENERIC:
        case SIOCRSLVMULTI:
        case SIOCSIFGENERIC:
        case SIOCGIFGENERIC:
        case SIOCRSLVMULTI:
+
        case SIOCSIFLLADDR:
        case SIOCGIFSTATUS:
        case SIOCSIFPHYADDR:
        case SIOCGIFPSRCADDR:
        case SIOCGIFPDSTADDR:
        case SIOCDIFPHYADDR:
        case SIOCSIFLLADDR:
        case SIOCGIFSTATUS:
        case SIOCSIFPHYADDR:
        case SIOCGIFPSRCADDR:
        case SIOCGIFPDSTADDR:
        case SIOCDIFPHYADDR:
+
        case SIOCGIFDEVMTU:
        case SIOCSIFALTMTU:
        case SIOCGIFALTMTU:
        case SIOCSIFBOND:
        case SIOCGIFBOND:
        case SIOCGIFDEVMTU:
        case SIOCSIFALTMTU:
        case SIOCGIFALTMTU:
        case SIOCSIFBOND:
        case SIOCGIFBOND:
+
        case SIOCPROTOATTACH:
        case SIOCPROTODETACH:
        case SIOCPROTOATTACH:
        case SIOCPROTODETACH:
+
        case SIOCSIFCAP:
        case SIOCGIFCAP:
        case SIOCSIFCAP:
        case SIOCGIFCAP:
+
        case SIOCIFCREATE:
        case SIOCIFDESTROY:
        case SIOCIFCREATE2:
        case SIOCIFCREATE:
        case SIOCIFDESTROY:
        case SIOCIFCREATE2:
+
        case SIOCSDRVSPEC32:
        case SIOCGDRVSPEC32:
        case SIOCSDRVSPEC64:
        case SIOCGDRVSPEC64:
        case SIOCSDRVSPEC32:
        case SIOCGDRVSPEC32:
        case SIOCSDRVSPEC64:
        case SIOCGDRVSPEC64:
+
        case SIOCSIFVLAN:
        case SIOCGIFVLAN:
        case SIOCSIFVLAN:
        case SIOCGIFVLAN:
+
        case SIOCIFGCLONERS32:
        case SIOCIFGCLONERS64:
        case SIOCIFGCLONERS32:
        case SIOCIFGCLONERS64:
+
        case SIOCGIFASYNCMAP:
        case SIOCSIFASYNCMAP:
        case SIOCGIFASYNCMAP:
        case SIOCSIFASYNCMAP:
-#if CONFIG_MACF_NET
-       case SIOCGIFMAC:
-       case SIOCSIFMAC:
-#endif /* CONFIG_MACF_NET */
        case SIOCSIFKPI:
        case SIOCGIFKPI:
        case SIOCSIFKPI:
        case SIOCGIFKPI:
+
        case SIOCGIFWAKEFLAGS:
        case SIOCGIFWAKEFLAGS:
+
        case SIOCGIFGETRTREFCNT:
        case SIOCGIFLINKQUALITYMETRIC:
        case SIOCSIFOPPORTUNISTIC:
        case SIOCGIFOPPORTUNISTIC:
        case SIOCGIFGETRTREFCNT:
        case SIOCGIFLINKQUALITYMETRIC:
        case SIOCSIFOPPORTUNISTIC:
        case SIOCGIFOPPORTUNISTIC:
+       case SIOCGETROUTERMODE:
        case SIOCSETROUTERMODE:
        case SIOCGIFEFLAGS:
        case SIOCSIFDESC:
        case SIOCSETROUTERMODE:
        case SIOCGIFEFLAGS:
        case SIOCSIFDESC:
@@ -4313,24 +5646,166 @@ ifioctl_cassert(void)
        case SIOCGIFQUEUESTATS:
        case SIOCSIFTHROTTLE:
        case SIOCGIFTHROTTLE:
        case SIOCGIFQUEUESTATS:
        case SIOCSIFTHROTTLE:
        case SIOCGIFTHROTTLE:
+
+       case SIOCGASSOCIDS32:
+       case SIOCGASSOCIDS64:
+       case SIOCGCONNIDS32:
+       case SIOCGCONNIDS64:
+       case SIOCGCONNINFO32:
+       case SIOCGCONNINFO64:
+       case SIOCSCONNORDER:
+       case SIOCGCONNORDER:
+
        case SIOCSIFLOG:
        case SIOCGIFLOG:
        case SIOCGIFDELEGATE:
        case SIOCGIFLLADDR:
        case SIOCGIFTYPE:
        case SIOCSIFLOG:
        case SIOCGIFLOG:
        case SIOCGIFDELEGATE:
        case SIOCGIFLLADDR:
        case SIOCGIFTYPE:
-       case SIOCGIFFUNCTIONALTYPE:
+       case SIOCGIFEXPENSIVE:
+       case SIOCSIFEXPENSIVE:
+       case SIOCGIF2KCL:
+       case SIOCSIF2KCL:
+       case SIOCGSTARTDELAY:
+
        case SIOCAIFAGENTID:
        case SIOCDIFAGENTID:
        case SIOCGIFAGENTIDS32:
        case SIOCGIFAGENTIDS64:
        case SIOCGIFAGENTDATA32:
        case SIOCGIFAGENTDATA64:
        case SIOCAIFAGENTID:
        case SIOCDIFAGENTID:
        case SIOCGIFAGENTIDS32:
        case SIOCGIFAGENTIDS64:
        case SIOCGIFAGENTDATA32:
        case SIOCGIFAGENTDATA64:
+
        case SIOCSIFINTERFACESTATE:
        case SIOCGIFINTERFACESTATE:
        case SIOCSIFPROBECONNECTIVITY:
        case SIOCGIFPROBECONNECTIVITY:
        case SIOCSIFINTERFACESTATE:
        case SIOCGIFINTERFACESTATE:
        case SIOCSIFPROBECONNECTIVITY:
        case SIOCGIFPROBECONNECTIVITY:
+
+       case SIOCGIFFUNCTIONALTYPE:
+       case SIOCSIFNETSIGNATURE:
+       case SIOCGIFNETSIGNATURE:
+
+       case SIOCSIFNETWORKID:
        case SIOCGECNMODE:
        case SIOCSECNMODE:
        case SIOCGECNMODE:
        case SIOCSECNMODE:
+
+       case SIOCSIFORDER:
+
+       case SIOCSQOSMARKINGMODE:
+       case SIOCSQOSMARKINGENABLED:
+       case SIOCGQOSMARKINGMODE:
+       case SIOCGQOSMARKINGENABLED:
+
+       case SIOCSIFTIMESTAMPENABLE:
+       case SIOCSIFTIMESTAMPDISABLE:
+       case SIOCGIFTIMESTAMPENABLED:
+
+       case SIOCSIFDISABLEOUTPUT:
+
+       case SIOCSIFSUBFAMILY:
+
+       case SIOCGIFAGENTLIST32:
+       case SIOCGIFAGENTLIST64:
+
+       case SIOCSIFLOWINTERNET:
+       case SIOCGIFLOWINTERNET:
+
+       case SIOCGIFNAT64PREFIX:
+       case SIOCSIFNAT64PREFIX:
+
+       case SIOCGIFCLAT46ADDR:
+
+       case SIOCGIFPROTOLIST32:
+       case SIOCGIFPROTOLIST64:
+
+       case SIOCSIF6LOWPAN:
+       case SIOCGIF6LOWPAN:
+
+       case SIOCGIFLOWPOWER:
+       case SIOCSIFLOWPOWER:
+
+       case SIOCGIFMPKLOG:
+       case SIOCSIFMPKLOG:
+
+       case SIOCGIFCONSTRAINED:
+       case SIOCSIFCONSTRAINED:
+
+       case SIOCGIFXFLAGS:
+
+       case SIOCGIFNOACKPRIO:
+       case SIOCSIFNOACKPRIO:
                ;
        }
 }
                ;
        }
 }
+
+uint32_t
+ifnet_mbuf_packetpreamblelen(struct ifnet *ifp)
+{
+#pragma unused(ifp)
+       return 0;
+}
+
+/* The following is used to enqueue work items for interface events */
+struct intf_event {
+       struct ifnet *ifp;
+       union sockaddr_in_4_6 addr;
+       uint32_t intf_event_code;
+};
+
+static void
+intf_event_callback(void *arg)
+{
+       struct intf_event *p_intf_ev = (struct intf_event *)arg;
+
+       /* Call this before we walk the tree */
+       EVENTHANDLER_INVOKE(&ifnet_evhdlr_ctxt, ifnet_event, p_intf_ev->ifp,
+           (struct sockaddr *)&(p_intf_ev->addr), p_intf_ev->intf_event_code);
+}
+
+struct intf_event_nwk_wq_entry {
+       struct nwk_wq_entry nwk_wqe;
+       struct intf_event intf_ev_arg;
+};
+
+void
+intf_event_enqueue_nwk_wq_entry(struct ifnet *ifp, struct sockaddr *addrp,
+    uint32_t intf_event_code)
+{
+#pragma unused(addrp)
+       struct intf_event_nwk_wq_entry *p_intf_ev = NULL;
+
+       MALLOC(p_intf_ev, struct intf_event_nwk_wq_entry *,
+           sizeof(struct intf_event_nwk_wq_entry),
+           M_NWKWQ, M_WAITOK | M_ZERO);
+
+       p_intf_ev->intf_ev_arg.ifp = ifp;
+       /*
+        * XXX Not using addr in the arg. This will be used
+        * once we need IP address add/delete events
+        */
+       p_intf_ev->intf_ev_arg.intf_event_code = intf_event_code;
+       p_intf_ev->nwk_wqe.func = intf_event_callback;
+       p_intf_ev->nwk_wqe.is_arg_managed = TRUE;
+       p_intf_ev->nwk_wqe.arg = &p_intf_ev->intf_ev_arg;
+       nwk_wq_enqueue((struct nwk_wq_entry*)p_intf_ev);
+}
+
+int
+if_get_tcp_kao_max(struct ifnet *ifp)
+{
+       int error = 0;
+
+       if (ifp->if_tcp_kao_max == 0) {
+               struct ifreq ifr;
+
+               memset(&ifr, 0, sizeof(struct ifreq));
+               error = ifnet_ioctl(ifp, 0, SIOCGIFTCPKAOMAX, &ifr);
+
+               ifnet_lock_exclusive(ifp);
+               if (error == 0) {
+                       ifp->if_tcp_kao_max = ifr.ifr_tcp_kao_max;
+               } else if (error == EOPNOTSUPP) {
+                       ifp->if_tcp_kao_max = default_tcp_kao_max;
+               }
+               ifnet_lock_done(ifp);
+       }
+       return error;
+}
mirror of XNU