+ VERIFY(ifp != NULL);
+
+ ifnet_lock_exclusive(ifp);
+
+ int error = if_add_netagent_locked(ifp, new_agent_uuid);
+
+ ifnet_lock_done(ifp);
+
+ return error;
+}
+
+static int
+if_delete_netagent_locked(struct ifnet *ifp, uuid_t remove_agent_uuid)
+{
+ u_int32_t index = 0;
+ bool removed_agent_id = FALSE;
+
+ if (ifp->if_agentids != NULL) {
+ for (index = 0; index < ifp->if_agentcount; index++) {
+ uuid_t *netagent_uuid = &(ifp->if_agentids[index]);
+ if (uuid_compare(*netagent_uuid,
+ remove_agent_uuid) == 0) {
+ uuid_clear(*netagent_uuid);
+ removed_agent_id = TRUE;
+ break;
+ }
+ }
+ }
+ if (removed_agent_id) {
+ netagent_post_updated_interfaces(remove_agent_uuid);
+ }
+
+ return 0;
+}
+
+int
+if_delete_netagent(struct ifnet *ifp, uuid_t remove_agent_uuid)
+{
+ VERIFY(ifp != NULL);
+
+ ifnet_lock_exclusive(ifp);
+
+ int error = if_delete_netagent_locked(ifp, remove_agent_uuid);
+
+ ifnet_lock_done(ifp);
+
+ return error;
+}
+
+boolean_t
+if_check_netagent(struct ifnet *ifp, uuid_t find_agent_uuid)
+{
+ boolean_t found = FALSE;
+
+ if (!ifp || uuid_is_null(find_agent_uuid)) {
+ return FALSE;
+ }
+
+ ifnet_lock_shared(ifp);
+
+ if (ifp->if_agentids != NULL) {
+ for (uint32_t index = 0; index < ifp->if_agentcount; index++) {
+ if (uuid_compare(ifp->if_agentids[index], find_agent_uuid) == 0) {
+ found = TRUE;
+ break;
+ }
+ }
+ }
+
+ ifnet_lock_done(ifp);
+
+ return found;
+}
+
+static __attribute__((noinline)) int
+ifioctl_netagent(struct ifnet *ifp, u_long cmd, caddr_t data, struct proc *p)
+{
+ struct if_agentidreq *ifar = (struct if_agentidreq *)(void *)data;
+ union {
+ struct if_agentidsreq32 s32;
+ struct if_agentidsreq64 s64;
+ } u;
+ int error = 0;
+
+ VERIFY(ifp != NULL);
+
+ /* Get an io ref count if the interface is attached */
+ if (!ifnet_is_attached(ifp, 1)) {
+ return EOPNOTSUPP;
+ }
+
+ if (cmd == SIOCAIFAGENTID ||
+ cmd == SIOCDIFAGENTID) {
+ ifnet_lock_exclusive(ifp);
+ } else {
+ ifnet_lock_shared(ifp);
+ }
+
+ switch (cmd) {
+ case SIOCAIFAGENTID: { /* struct if_agentidreq */
+ // TODO: Use priv_check_cred() instead of root check
+ if ((error = proc_suser(p)) != 0) {
+ break;
+ }
+ error = if_add_netagent_locked(ifp, ifar->ifar_uuid);
+ break;
+ }
+ case SIOCDIFAGENTID: { /* struct if_agentidreq */
+ // TODO: Use priv_check_cred() instead of root check
+ if ((error = proc_suser(p)) != 0) {
+ break;
+ }
+ error = if_delete_netagent_locked(ifp, ifar->ifar_uuid);
+ break;
+ }
+ case SIOCGIFAGENTIDS32: { /* struct if_agentidsreq32 */
+ bcopy(data, &u.s32, sizeof(u.s32));
+ error = ifioctl_getnetagents(ifp, &u.s32.ifar_count,
+ u.s32.ifar_uuids);
+ if (error == 0) {
+ bcopy(&u.s32, data, sizeof(u.s32));
+ }
+ break;
+ }
+ case SIOCGIFAGENTIDS64: { /* struct if_agentidsreq64 */
+ bcopy(data, &u.s64, sizeof(u.s64));
+ error = ifioctl_getnetagents(ifp, &u.s64.ifar_count,
+ u.s64.ifar_uuids);
+ if (error == 0) {
+ bcopy(&u.s64, data, sizeof(u.s64));
+ }
+ break;
+ }
+ default:
+ VERIFY(0);
+ /* NOTREACHED */
+ }
+
+ ifnet_lock_done(ifp);
+ ifnet_decr_iorefcnt(ifp);
+
+ return error;
+}
+
+void
+ifnet_clear_netagent(uuid_t netagent_uuid)
+{
+ struct ifnet *ifp = NULL;
+ u_int32_t index = 0;
+
+ ifnet_head_lock_shared();
+
+ TAILQ_FOREACH(ifp, &ifnet_head, if_link) {
+ ifnet_lock_shared(ifp);
+ if (ifp->if_agentids != NULL) {
+ for (index = 0; index < ifp->if_agentcount; index++) {
+ uuid_t *ifp_netagent_uuid = &(ifp->if_agentids[index]);
+ if (uuid_compare(*ifp_netagent_uuid, netagent_uuid) == 0) {
+ uuid_clear(*ifp_netagent_uuid);
+ }
+ }
+ }
+ ifnet_lock_done(ifp);
+ }
+
+ ifnet_head_done();
+}
+
+void
+ifnet_increment_generation(ifnet_t interface)
+{
+ OSIncrementAtomic(&interface->if_generation);
+}
+
+u_int32_t
+ifnet_get_generation(ifnet_t interface)
+{
+ return interface->if_generation;
+}
+
+void
+ifnet_remove_from_ordered_list(struct ifnet *ifp)
+{
+ ifnet_head_assert_exclusive();
+
+ // Remove from list
+ TAILQ_REMOVE(&ifnet_ordered_head, ifp, if_ordered_link);
+ ifp->if_ordered_link.tqe_next = NULL;
+ ifp->if_ordered_link.tqe_prev = NULL;
+
+ // Update ordered count
+ VERIFY(if_ordered_count > 0);
+ if_ordered_count--;
+}
+
+static int
+ifnet_reset_order(u_int32_t *ordered_indices, u_int32_t count)
+{
+ struct ifnet *ifp = NULL;
+ int error = 0;
+
+ ifnet_head_lock_exclusive();
+ for (u_int32_t order_index = 0; order_index < count; order_index++) {
+ if (ordered_indices[order_index] == IFSCOPE_NONE ||
+ ordered_indices[order_index] > (uint32_t)if_index) {
+ error = EINVAL;
+ ifnet_head_done();
+ return error;
+ }
+ }
+ // Flush current ordered list
+ for (ifp = TAILQ_FIRST(&ifnet_ordered_head); ifp != NULL;
+ ifp = TAILQ_FIRST(&ifnet_ordered_head)) {
+ ifnet_lock_exclusive(ifp);
+ ifnet_remove_from_ordered_list(ifp);
+ ifnet_lock_done(ifp);
+ }
+
+ VERIFY(if_ordered_count == 0);
+
+ for (u_int32_t order_index = 0; order_index < count; order_index++) {
+ u_int32_t interface_index = ordered_indices[order_index];
+ ifp = ifindex2ifnet[interface_index];
+ if (ifp == NULL) {
+ continue;
+ }
+ ifnet_lock_exclusive(ifp);
+ TAILQ_INSERT_TAIL(&ifnet_ordered_head, ifp, if_ordered_link);
+ ifnet_lock_done(ifp);
+ if_ordered_count++;
+ }
+
+ ifnet_head_done();
+
+ necp_update_all_clients();
+
+ return error;
+}
+
+int
+if_set_qosmarking_mode(struct ifnet *ifp, u_int32_t mode)
+{
+ int error = 0;
+ u_int32_t old_mode = ifp->if_qosmarking_mode;
+
+ switch (mode) {
+ case IFRTYPE_QOSMARKING_MODE_NONE:
+ ifp->if_qosmarking_mode = IFRTYPE_QOSMARKING_MODE_NONE;
+ break;
+ case IFRTYPE_QOSMARKING_FASTLANE:
+ case IFRTYPE_QOSMARKING_RFC4594:
+ ifp->if_qosmarking_mode = mode;
+ break;
+ default:
+ error = EINVAL;
+ break;
+ }
+ if (error == 0 && old_mode != ifp->if_qosmarking_mode) {
+ dlil_post_msg(ifp, KEV_DL_SUBCLASS, KEV_DL_QOS_MODE_CHANGED,
+ NULL, 0);
+ }
+ return error;
+}
+
+static __attribute__((noinline)) int
+ifioctl_iforder(u_long cmd, caddr_t data)
+{
+ int error = 0;
+ u_int32_t *ordered_indices = NULL;
+ if (data == NULL) {
+ return EINVAL;
+ }
+
+ switch (cmd) {
+ case SIOCSIFORDER: { /* struct if_order */
+ struct if_order *ifo = (struct if_order *)(void *)data;
+
+ if (ifo->ifo_count > (u_int32_t)if_index) {
+ error = EINVAL;
+ break;
+ }
+
+ size_t length = (ifo->ifo_count * sizeof(u_int32_t));
+ if (length > 0) {
+ if (ifo->ifo_ordered_indices == USER_ADDR_NULL) {
+ error = EINVAL;
+ break;
+ }
+ ordered_indices = _MALLOC(length, M_NECP, M_WAITOK);
+ if (ordered_indices == NULL) {
+ error = ENOMEM;
+ break;
+ }
+
+ error = copyin(ifo->ifo_ordered_indices,
+ ordered_indices, length);
+ if (error != 0) {
+ break;
+ }
+
+ /* ordered_indices should not contain duplicates */
+ bool found_duplicate = FALSE;
+ for (uint32_t i = 0; i < (ifo->ifo_count - 1) && !found_duplicate; i++) {
+ for (uint32_t j = i + 1; j < ifo->ifo_count && !found_duplicate; j++) {
+ if (ordered_indices[j] == ordered_indices[i]) {
+ error = EINVAL;
+ found_duplicate = TRUE;
+ break;
+ }
+ }
+ }
+ if (found_duplicate) {
+ break;
+ }
+
+ error = ifnet_reset_order(ordered_indices, ifo->ifo_count);
+ } else {
+ // Clear the list
+ error = ifnet_reset_order(NULL, 0);
+ }
+ break;
+ }
+
+ default: {
+ VERIFY(0);
+ /* NOTREACHED */
+ }
+ }
+
+ if (ordered_indices != NULL) {
+ _FREE(ordered_indices, M_NECP);
+ }
+
+ return error;
+}
+
+static __attribute__((noinline)) int
+ifioctl_networkid(struct ifnet *ifp, caddr_t data)
+{
+ struct if_netidreq *ifnetidr = (struct if_netidreq *)(void *)data;
+ int error = 0;
+ int len = ifnetidr->ifnetid_len;
+
+ VERIFY(ifp != NULL);
+
+ if (len > sizeof(ifnetidr->ifnetid)) {
+ error = EINVAL;
+ goto end;
+ }
+
+ if (len == 0) {
+ bzero(&ifp->network_id, sizeof(ifp->network_id));
+ } else if (len > sizeof(ifp->network_id)) {
+ error = EINVAL;
+ goto end;
+ }
+
+ ifp->network_id_len = len;
+ bcopy(data, ifp->network_id, len);
+end:
+ return error;
+}
+
+static __attribute__((noinline)) int
+ifioctl_netsignature(struct ifnet *ifp, u_long cmd, caddr_t data)
+{
+ struct if_nsreq *ifnsr = (struct if_nsreq *)(void *)data;
+ u_int16_t flags;
+ int error = 0;
+
+ VERIFY(ifp != NULL);
+
+ switch (cmd) {
+ case SIOCSIFNETSIGNATURE: /* struct if_nsreq */
+ if (ifnsr->ifnsr_len > sizeof(ifnsr->ifnsr_data)) {
+ error = EINVAL;
+ break;
+ }
+ bcopy(&ifnsr->ifnsr_flags, &flags, sizeof(flags));
+ error = ifnet_set_netsignature(ifp, ifnsr->ifnsr_family,
+ ifnsr->ifnsr_len, flags, ifnsr->ifnsr_data);
+ break;
+
+ case SIOCGIFNETSIGNATURE: /* struct if_nsreq */
+ ifnsr->ifnsr_len = sizeof(ifnsr->ifnsr_data);
+ error = ifnet_get_netsignature(ifp, ifnsr->ifnsr_family,
+ &ifnsr->ifnsr_len, &flags, ifnsr->ifnsr_data);
+ if (error == 0) {
+ bcopy(&flags, &ifnsr->ifnsr_flags, sizeof(flags));
+ } else {
+ ifnsr->ifnsr_len = 0;
+ }
+ break;
+
+ default:
+ VERIFY(0);
+ /* NOTREACHED */
+ }
+
+ return error;
+}
+
+static __attribute__((noinline)) int
+ifioctl_nat64prefix(struct ifnet *ifp, u_long cmd, caddr_t data)
+{
+ struct if_nat64req *ifnat64 = (struct if_nat64req *)(void *)data;
+ int error = 0;
+
+ VERIFY(ifp != NULL);
+
+ switch (cmd) {
+ case SIOCSIFNAT64PREFIX: /* struct if_nat64req */
+ error = ifnet_set_nat64prefix(ifp, ifnat64->ifnat64_prefixes);
+ if (error != 0) {
+ ip6stat.ip6s_clat464_plat64_pfx_setfail++;
+ }
+ break;
+
+ case SIOCGIFNAT64PREFIX: /* struct if_nat64req */
+ error = ifnet_get_nat64prefix(ifp, ifnat64->ifnat64_prefixes);
+ if (error != 0) {
+ ip6stat.ip6s_clat464_plat64_pfx_getfail++;
+ }
+ break;
+
+ default:
+ VERIFY(0);
+ /* NOTREACHED */
+ }
+
+ return error;
+}
+
+static __attribute__((noinline)) int
+ifioctl_clat46addr(struct ifnet *ifp, u_long cmd, caddr_t data)
+{
+ struct if_clat46req *ifclat46 = (struct if_clat46req *)(void *)data;
+ struct in6_ifaddr *ia6_clat = NULL;
+ int error = 0;
+
+ VERIFY(ifp != NULL);
+
+ switch (cmd) {
+ case SIOCGIFCLAT46ADDR:
+ ia6_clat = in6ifa_ifpwithflag(ifp, IN6_IFF_CLAT46);
+ if (ia6_clat == NULL) {
+ error = ENOENT;
+ break;
+ }
+
+ bcopy(&ia6_clat->ia_addr.sin6_addr, &ifclat46->ifclat46_addr.v6_address,
+ sizeof(ifclat46->ifclat46_addr.v6_address));
+ ifclat46->ifclat46_addr.v6_prefixlen = ia6_clat->ia_plen;
+ IFA_REMREF(&ia6_clat->ia_ifa);
+ break;
+ default:
+ VERIFY(0);
+ /* NOTREACHED */
+ }
+
+ return error;
+}
+
+
+static int
+ifioctl_get_protolist(struct ifnet *ifp, u_int32_t * ret_count,
+ user_addr_t ifpl)
+{
+ u_int32_t actual_count;
+ u_int32_t count;
+ int error = 0;
+ u_int32_t *list = NULL;
+
+ /* find out how many */
+ count = if_get_protolist(ifp, NULL, 0);
+ if (ifpl == USER_ADDR_NULL) {
+ goto done;
+ }
+
+ /* copy out how many there's space for */
+ if (*ret_count < count) {
+ count = *ret_count;
+ }
+ if (count == 0) {
+ goto done;
+ }
+ list = _MALLOC(count * sizeof(*list), M_TEMP, M_WAITOK | M_ZERO);
+ if (list == NULL) {
+ error = ENOMEM;
+ goto done;
+ }
+ actual_count = if_get_protolist(ifp, list, count);
+ if (actual_count < count) {
+ count = actual_count;
+ }
+ if (count != 0) {
+ error = copyout((caddr_t)list, ifpl, count * sizeof(*list));
+ }
+
+done:
+ if (list != NULL) {
+ if_free_protolist(list);
+ }
+ *ret_count = count;
+ return error;
+}
+
+static __attribute__((noinline)) int
+ifioctl_protolist(struct ifnet *ifp, u_long cmd, caddr_t data)
+{
+ int error = 0;
+
+ switch (cmd) {
+ case SIOCGIFPROTOLIST32: { /* struct if_protolistreq32 */
+ struct if_protolistreq32 ifpl;
+
+ bcopy(data, &ifpl, sizeof(ifpl));
+ if (ifpl.ifpl_reserved != 0) {
+ error = EINVAL;
+ break;
+ }
+ error = ifioctl_get_protolist(ifp, &ifpl.ifpl_count,
+ CAST_USER_ADDR_T(ifpl.ifpl_list));
+ bcopy(&ifpl, data, sizeof(ifpl));
+ break;
+ }
+ case SIOCGIFPROTOLIST64: { /* struct if_protolistreq64 */
+ struct if_protolistreq64 ifpl;
+
+ bcopy(data, &ifpl, sizeof(ifpl));
+ if (ifpl.ifpl_reserved != 0) {
+ error = EINVAL;
+ break;
+ }
+ error = ifioctl_get_protolist(ifp, &ifpl.ifpl_count,
+ ifpl.ifpl_list);
+ bcopy(&ifpl, data, sizeof(ifpl));
+ break;
+ }
+ default:
+ VERIFY(0);
+ /* NOTREACHED */
+ }
+
+ return error;
+}
+
+/*
+ * List the ioctl()s we can perform on restricted INTCOPROC interfaces.
+ */
+static bool
+ifioctl_restrict_intcoproc(unsigned long cmd, const char *ifname,
+ struct ifnet *ifp, struct proc *p)
+{
+ if (intcoproc_unrestricted == TRUE) {
+ return false;
+ }
+ if (proc_pid(p) == 0) {
+ return false;
+ }
+ if (ifname) {
+ ifp = ifunit(ifname);
+ }
+ if (ifp == NULL) {
+ return false;
+ }
+ if (!IFNET_IS_INTCOPROC(ifp)) {
+ return false;
+ }
+ switch (cmd) {
+ case SIOCGIFBRDADDR:
+ case SIOCGIFCONF32:
+ case SIOCGIFCONF64:
+ case SIOCGIFFLAGS:
+ case SIOCGIFEFLAGS:
+ case SIOCGIFCAP:
+ case SIOCGIFMETRIC:
+ case SIOCGIFMTU:
+ case SIOCGIFPHYS:
+ case SIOCGIFTYPE:
+ case SIOCGIFFUNCTIONALTYPE:
+ case SIOCGIFPSRCADDR:
+ case SIOCGIFPDSTADDR:
+ case SIOCGIFGENERIC:
+ case SIOCGIFDEVMTU:
+ case SIOCGIFVLAN:
+ case SIOCGIFBOND:
+ case SIOCGIFWAKEFLAGS:
+ case SIOCGIFGETRTREFCNT:
+ case SIOCGIFOPPORTUNISTIC:
+ case SIOCGIFLINKQUALITYMETRIC:
+ case SIOCGIFLOG:
+ case SIOCGIFDELEGATE:
+ case SIOCGIFEXPENSIVE:
+ case SIOCGIFINTERFACESTATE:
+ case SIOCGIFPROBECONNECTIVITY:
+ case SIOCGIFTIMESTAMPENABLED:
+ case SIOCGECNMODE:
+ case SIOCGQOSMARKINGMODE:
+ case SIOCGQOSMARKINGENABLED:
+ case SIOCGIFLOWINTERNET:
+ case SIOCGIFSTATUS:
+ case SIOCGIFMEDIA32:
+ case SIOCGIFMEDIA64:
+ case SIOCGIFXMEDIA32:
+ case SIOCGIFXMEDIA64:
+ case SIOCGIFDESC:
+ case SIOCGIFLINKPARAMS:
+ case SIOCGIFQUEUESTATS:
+ case SIOCGIFTHROTTLE:
+ case SIOCGIFAGENTIDS32:
+ case SIOCGIFAGENTIDS64:
+ case SIOCGIFNETSIGNATURE:
+ case SIOCGIFINFO_IN6:
+ case SIOCGIFAFLAG_IN6:
+ case SIOCGNBRINFO_IN6:
+ case SIOCGIFALIFETIME_IN6:
+ case SIOCGIFNETMASK_IN6:
+ case SIOCGIFPROTOLIST32:
+ case SIOCGIFPROTOLIST64:
+ case SIOCGIFXFLAGS:
+ return false;
+ default:
+#if (DEBUG || DEVELOPMENT)
+ printf("%s: cmd 0x%lx not allowed (pid %u)\n",
+ __func__, cmd, proc_pid(p));
+#endif
+ return true;
+ }
+ return false;
+}
+
+/*
+ * Given a media word, return one suitable for an application
+ * using the original encoding.
+ */
+static int
+compat_media(int media)
+{
+ if (IFM_TYPE(media) == IFM_ETHER && IFM_SUBTYPE(media) > IFM_OTHER) {
+ media &= ~IFM_TMASK;
+ media |= IFM_OTHER;
+ }
+ return media;
+}
+
+static int
+compat_ifmu_ulist(struct ifnet *ifp, u_long cmd, void *data)
+{
+ struct ifmediareq *ifmr = (struct ifmediareq *)data;
+ user_addr_t user_addr;
+ int i;
+ int *media_list = NULL;
+ int error = 0;
+ bool list_modified = false;
+
+ user_addr = (cmd == SIOCGIFMEDIA64) ?
+ ((struct ifmediareq64 *)ifmr)->ifmu_ulist :
+ CAST_USER_ADDR_T(((struct ifmediareq32 *)ifmr)->ifmu_ulist);
+ if (user_addr == USER_ADDR_NULL || ifmr->ifm_count == 0) {
+ return 0;
+ }
+ MALLOC(media_list, int *, ifmr->ifm_count * sizeof(int),
+ M_TEMP, M_WAITOK | M_ZERO);
+ if (media_list == NULL) {
+ os_log_error(OS_LOG_DEFAULT,
+ "%s: %s MALLOC() failed",
+ __func__, ifp->if_xname);
+ error = ENOMEM;
+ goto done;
+ }
+ error = copyin(user_addr, media_list, ifmr->ifm_count * sizeof(int));
+ if (error != 0) {
+ os_log_error(OS_LOG_DEFAULT,
+ "%s: %s copyin() error %d",
+ __func__, ifp->if_xname, error);
+ goto done;
+ }
+ for (i = 0; i < ifmr->ifm_count; i++) {
+ int old_media, new_media;
+
+ old_media = media_list[i];
+
+ new_media = compat_media(old_media);
+ if (new_media == old_media) {
+ continue;
+ }
+ if (if_verbose != 0) {
+ os_log_info(OS_LOG_DEFAULT,
+ "%s: %s converted extended media %08x to compat media %08x",
+ __func__, ifp->if_xname, old_media, new_media);
+ }
+ media_list[i] = new_media;
+ list_modified = true;
+ }
+ if (list_modified) {
+ error = copyout(media_list, user_addr, ifmr->ifm_count * sizeof(int));
+ if (error != 0) {
+ os_log_error(OS_LOG_DEFAULT,
+ "%s: %s copyout() error %d",
+ __func__, ifp->if_xname, error);
+ goto done;
+ }
+ }
+done:
+ if (media_list != NULL) {
+ FREE(media_list, M_TEMP);
+ }
+ return error;
+}
+
+static int
+compat_ifmediareq(struct ifnet *ifp, u_long cmd, void *data)
+{
+ struct ifmediareq *ifmr = (struct ifmediareq *)data;
+ int error;
+
+ ifmr->ifm_active = compat_media(ifmr->ifm_active);
+ ifmr->ifm_current = compat_media(ifmr->ifm_current);
+
+ error = compat_ifmu_ulist(ifp, cmd, data);
+
+ return error;
+}
+
+static int
+ifioctl_get_media(struct ifnet *ifp, struct socket *so, u_long cmd, caddr_t data)
+{
+ int error = 0;
+
+ /*
+ * An ifnet must not implement SIOCGIFXMEDIA as it gets the extended
+ * media subtypes macros from <net/if_media.h>
+ */
+ switch (cmd) {
+ case SIOCGIFMEDIA32:
+ case SIOCGIFXMEDIA32:
+ error = ifnet_ioctl(ifp, SOCK_DOM(so), SIOCGIFMEDIA32, data);
+ break;
+ case SIOCGIFMEDIA64:
+ case SIOCGIFXMEDIA64:
+ error = ifnet_ioctl(ifp, SOCK_DOM(so), SIOCGIFMEDIA64, data);
+ break;
+ }
+ if (if_verbose != 0 && error != 0) {
+ os_log(OS_LOG_DEFAULT, "%s: first ifnet_ioctl(%s, %08lx) error %d",
+ __func__, ifp->if_xname, cmd, error);
+ }
+ if (error == 0 && (cmd == SIOCGIFMEDIA32 || cmd == SIOCGIFMEDIA64)) {
+ error = compat_ifmediareq(ifp, cmd, data);
+ }
+ return error;
+}
+/*
+ * Interface ioctls.
+ *
+ * Most of the routines called to handle the ioctls would end up being
+ * tail-call optimized, which unfortunately causes this routine to
+ * consume too much stack space; this is the reason for the "noinline"
+ * attribute used on those routines.
+ */
+int
+ifioctl(struct socket *so, u_long cmd, caddr_t data, struct proc *p)
+{
+ char ifname[IFNAMSIZ + 1];
+ struct ifnet *ifp = NULL;
+ struct ifstat *ifs = NULL;
+ int error = 0;
+
+ bzero(ifname, sizeof(ifname));
+
+ /*
+ * ioctls which don't require ifp, or ifreq ioctls
+ */
+ switch (cmd) {
+ case OSIOCGIFCONF32: /* struct ifconf32 */
+ case SIOCGIFCONF32: /* struct ifconf32 */
+ case SIOCGIFCONF64: /* struct ifconf64 */
+ case OSIOCGIFCONF64: /* struct ifconf64 */
+ error = ifioctl_ifconf(cmd, data);
+ goto done;
+
+ case SIOCIFGCLONERS32: /* struct if_clonereq32 */
+ case SIOCIFGCLONERS64: /* struct if_clonereq64 */
+ error = ifioctl_ifclone(cmd, data);
+ goto done;
+
+ case SIOCGIFAGENTDATA32: /* struct netagent_req32 */
+ case SIOCGIFAGENTDATA64: /* struct netagent_req64 */
+ case SIOCGIFAGENTLIST32: /* struct netagentlist_req32 */
+ case SIOCGIFAGENTLIST64: /* struct netagentlist_req64 */
+ error = netagent_ioctl(cmd, data);
+ goto done;
+
+ case SIOCSIFORDER: /* struct if_order */
+ error = ifioctl_iforder(cmd, data);
+ goto done;
+
+ case SIOCSIFDSTADDR: /* struct ifreq */
+ case SIOCSIFADDR: /* struct ifreq */
+ case SIOCSIFBRDADDR: /* struct ifreq */
+ case SIOCSIFNETMASK: /* struct ifreq */
+ case OSIOCGIFADDR: /* struct ifreq */
+ case OSIOCGIFDSTADDR: /* struct ifreq */
+ case OSIOCGIFBRDADDR: /* struct ifreq */
+ case OSIOCGIFNETMASK: /* struct ifreq */
+ case SIOCSIFKPI: /* struct ifreq */
+ if (so->so_proto == NULL) {
+ error = EOPNOTSUPP;
+ goto done;
+ }
+ OS_FALLTHROUGH;
+ case SIOCIFCREATE: /* struct ifreq */
+ case SIOCIFCREATE2: /* struct ifreq */
+ case SIOCIFDESTROY: /* struct ifreq */
+ case SIOCGIFFLAGS: /* struct ifreq */
+ case SIOCGIFEFLAGS: /* struct ifreq */
+ case SIOCGIFCAP: /* struct ifreq */
+ case SIOCGIFMETRIC: /* struct ifreq */
+ case SIOCGIFMTU: /* struct ifreq */
+ case SIOCGIFPHYS: /* struct ifreq */
+ case SIOCSIFFLAGS: /* struct ifreq */
+ case SIOCSIFCAP: /* struct ifreq */
+ case SIOCSIFMETRIC: /* struct ifreq */
+ case SIOCSIFPHYS: /* struct ifreq */
+ case SIOCSIFMTU: /* struct ifreq */
+ case SIOCADDMULTI: /* struct ifreq */
+ case SIOCDELMULTI: /* struct ifreq */
+ case SIOCDIFPHYADDR: /* struct ifreq */
+ case SIOCSIFMEDIA: /* struct ifreq */
+ case SIOCSIFGENERIC: /* struct ifreq */
+ case SIOCSIFLLADDR: /* struct ifreq */
+ case SIOCSIFALTMTU: /* struct ifreq */
+ case SIOCSIFVLAN: /* struct ifreq */
+ case SIOCSIFBOND: /* struct ifreq */
+ case SIOCGIFLLADDR: /* struct ifreq */
+ case SIOCGIFTYPE: /* struct ifreq */
+ case SIOCGIFFUNCTIONALTYPE: /* struct ifreq */
+ case SIOCGIFPSRCADDR: /* struct ifreq */
+ case SIOCGIFPDSTADDR: /* struct ifreq */
+ case SIOCGIFGENERIC: /* struct ifreq */
+ case SIOCGIFDEVMTU: /* struct ifreq */
+ case SIOCGIFVLAN: /* struct ifreq */
+ case SIOCGIFBOND: /* struct ifreq */
+ case SIOCGIFWAKEFLAGS: /* struct ifreq */
+ case SIOCGIFGETRTREFCNT: /* struct ifreq */
+ case SIOCSIFOPPORTUNISTIC: /* struct ifreq */
+ case SIOCGIFOPPORTUNISTIC: /* struct ifreq */
+ case SIOCGIFLINKQUALITYMETRIC: /* struct ifreq */
+ case SIOCSIFLOG: /* struct ifreq */
+ case SIOCGIFLOG: /* struct ifreq */
+ case SIOCGIFDELEGATE: /* struct ifreq */
+ case SIOCGIFEXPENSIVE: /* struct ifreq */
+ case SIOCSIFEXPENSIVE: /* struct ifreq */
+ case SIOCSIF2KCL: /* struct ifreq */
+ case SIOCGIF2KCL: /* struct ifreq */
+ case SIOCSIFINTERFACESTATE: /* struct ifreq */
+ case SIOCGIFINTERFACESTATE: /* struct ifreq */
+ case SIOCSIFPROBECONNECTIVITY: /* struct ifreq */
+ case SIOCGIFPROBECONNECTIVITY: /* struct ifreq */
+ case SIOCGSTARTDELAY: /* struct ifreq */
+ case SIOCSIFTIMESTAMPENABLE: /* struct ifreq */
+ case SIOCSIFTIMESTAMPDISABLE: /* struct ifreq */
+ case SIOCGIFTIMESTAMPENABLED: /* struct ifreq */
+#if (DEBUG || DEVELOPMENT)
+ case SIOCSIFDISABLEOUTPUT: /* struct ifreq */
+#endif /* (DEBUG || DEVELOPMENT) */
+ case SIOCGECNMODE: /* struct ifreq */
+ case SIOCSECNMODE:
+ case SIOCSQOSMARKINGMODE: /* struct ifreq */
+ case SIOCSQOSMARKINGENABLED: /* struct ifreq */
+ case SIOCGQOSMARKINGMODE: /* struct ifreq */
+ case SIOCGQOSMARKINGENABLED: /* struct ifreq */
+ case SIOCSIFLOWINTERNET: /* struct ifreq */
+ case SIOCGIFLOWINTERNET: /* struct ifreq */
+ case SIOCGIFLOWPOWER: /* struct ifreq */
+ case SIOCSIFLOWPOWER: /* struct ifreq */
+ case SIOCSIF6LOWPAN: /* struct ifreq */
+ case SIOCGIF6LOWPAN: /* struct ifreq */
+ case SIOCGIFMPKLOG: /* struct ifreq */
+ case SIOCSIFMPKLOG: /* struct ifreq */
+ case SIOCGIFCONSTRAINED: /* struct ifreq */
+ case SIOCSIFCONSTRAINED: /* struct ifreq */
+ case SIOCGIFXFLAGS: /* struct ifreq */
+ case SIOCGIFNOACKPRIO: /* struct ifreq */
+ case SIOCSIFNOACKPRIO: /* struct ifreq */
+ { /* struct ifreq */
+ struct ifreq ifr;
+ bcopy(data, &ifr, sizeof(ifr));
+ ifr.ifr_name[IFNAMSIZ - 1] = '\0';
+ bcopy(&ifr.ifr_name, ifname, IFNAMSIZ);
+ if (ifioctl_restrict_intcoproc(cmd, ifname, NULL, p) == true) {
+ error = EPERM;
+ goto done;
+ }
+ error = ifioctl_ifreq(so, cmd, &ifr, p);
+ bcopy(&ifr, data, sizeof(ifr));
+ goto done;
+ }
+ }
+
+ /*
+ * ioctls which require ifp. Note that we acquire dlil_ifnet_lock
+ * here to ensure that the ifnet, if found, has been fully attached.
+ */
+ dlil_if_lock();
+ switch (cmd) {
+ case SIOCSIFPHYADDR: /* struct {if,in_}aliasreq */
+ bcopy(((struct in_aliasreq *)(void *)data)->ifra_name,
+ ifname, IFNAMSIZ);
+ ifp = ifunit_ref(ifname);
+ break;
+
+ case SIOCSIFPHYADDR_IN6_32: /* struct in6_aliasreq_32 */
+ bcopy(((struct in6_aliasreq_32 *)(void *)data)->ifra_name,
+ ifname, IFNAMSIZ);
+ ifp = ifunit_ref(ifname);
+ break;
+
+ case SIOCSIFPHYADDR_IN6_64: /* struct in6_aliasreq_64 */
+ bcopy(((struct in6_aliasreq_64 *)(void *)data)->ifra_name,
+ ifname, IFNAMSIZ);
+ ifp = ifunit_ref(ifname);
+ break;
+
+ case SIOCGIFSTATUS: /* struct ifstat */
+ ifs = _MALLOC(sizeof(*ifs), M_DEVBUF, M_WAITOK);
+ if (ifs == NULL) {
+ error = ENOMEM;
+ dlil_if_unlock();
+ goto done;
+ }
+ bcopy(data, ifs, sizeof(*ifs));
+ ifs->ifs_name[IFNAMSIZ - 1] = '\0';
+ bcopy(ifs->ifs_name, ifname, IFNAMSIZ);
+ ifp = ifunit_ref(ifname);
+ break;
+
+ case SIOCGIFMEDIA32: /* struct ifmediareq32 */
+ case SIOCGIFXMEDIA32: /* struct ifmediareq32 */
+ bcopy(((struct ifmediareq32 *)(void *)data)->ifm_name,
+ ifname, IFNAMSIZ);
+ ifp = ifunit_ref(ifname);
+ break;
+
+ case SIOCGIFMEDIA64: /* struct ifmediareq64 */
+ case SIOCGIFXMEDIA64: /* struct ifmediareq64 */
+ bcopy(((struct ifmediareq64 *)(void *)data)->ifm_name,
+ ifname, IFNAMSIZ);
+ ifp = ifunit_ref(ifname);
+ break;
+
+ case SIOCSIFDESC: /* struct if_descreq */
+ case SIOCGIFDESC: /* struct if_descreq */
+ bcopy(((struct if_descreq *)(void *)data)->ifdr_name,
+ ifname, IFNAMSIZ);
+ ifp = ifunit_ref(ifname);
+ break;
+
+ case SIOCSIFLINKPARAMS: /* struct if_linkparamsreq */
+ case SIOCGIFLINKPARAMS: /* struct if_linkparamsreq */
+ bcopy(((struct if_linkparamsreq *)(void *)data)->iflpr_name,
+ ifname, IFNAMSIZ);
+ ifp = ifunit_ref(ifname);
+ break;
+
+ case SIOCGIFQUEUESTATS: /* struct if_qstatsreq */
+ bcopy(((struct if_qstatsreq *)(void *)data)->ifqr_name,
+ ifname, IFNAMSIZ);
+ ifp = ifunit_ref(ifname);
+ break;
+
+ case SIOCSIFTHROTTLE: /* struct if_throttlereq */
+ case SIOCGIFTHROTTLE: /* struct if_throttlereq */
+ bcopy(((struct if_throttlereq *)(void *)data)->ifthr_name,
+ ifname, IFNAMSIZ);
+ ifp = ifunit_ref(ifname);
+ break;
+
+ case SIOCAIFAGENTID: /* struct if_agentidreq */
+ case SIOCDIFAGENTID: /* struct if_agentidreq */
+ case SIOCGIFAGENTIDS32: /* struct if_agentidsreq32 */
+ case SIOCGIFAGENTIDS64: /* struct if_agentidsreq64 */
+ bcopy(((struct if_agentidreq *)(void *)data)->ifar_name,
+ ifname, IFNAMSIZ);
+ ifp = ifunit_ref(ifname);
+ break;
+
+ case SIOCSIFNETSIGNATURE: /* struct if_nsreq */
+ case SIOCGIFNETSIGNATURE: /* struct if_nsreq */
+ bcopy(((struct if_nsreq *)(void *)data)->ifnsr_name,
+ ifname, IFNAMSIZ);
+ ifp = ifunit_ref(ifname);
+ break;
+
+ case SIOCSIFNETWORKID: /* struct if_netidreq */
+ bcopy(((struct if_netidreq *)(void *)data)->ifnetid_name,
+ ifname, IFNAMSIZ);
+ ifp = ifunit_ref(ifname);
+ break;
+ case SIOCGIFPROTOLIST32: /* struct if_protolistreq32 */
+ case SIOCGIFPROTOLIST64: /* struct if_protolistreq64 */
+ bcopy(((struct if_protolistreq *)(void *)data)->ifpl_name,
+ ifname, IFNAMSIZ);
+ ifp = ifunit_ref(ifname);
+ break;
+ default:
+ /*
+ * This is a bad assumption, but the code seems to
+ * have been doing this in the past; caveat emptor.
+ */
+ bcopy(((struct ifreq *)(void *)data)->ifr_name,
+ ifname, IFNAMSIZ);
+ ifp = ifunit_ref(ifname);
+ break;
+ }
+ dlil_if_unlock();
+
+ if (ifp == NULL) {
+ error = ENXIO;
+ goto done;
+ }
+
+ if (ifioctl_restrict_intcoproc(cmd, NULL, ifp, p) == true) {
+ error = EPERM;
+ goto done;
+ }
+ switch (cmd) {
+ case SIOCSIFPHYADDR: /* struct {if,in_}aliasreq */
+ case SIOCSIFPHYADDR_IN6_32: /* struct in6_aliasreq_32 */
+ case SIOCSIFPHYADDR_IN6_64: /* struct in6_aliasreq_64 */
+ error = proc_suser(p);
+ if (error != 0) {
+ break;
+ }
+
+ error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, data);
+ if (error != 0) {
+ break;
+ }
+
+ ifnet_touch_lastchange(ifp);
+ break;
+
+ case SIOCGIFSTATUS: /* struct ifstat */
+ VERIFY(ifs != NULL);
+ ifs->ascii[0] = '\0';
+
+ error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, (caddr_t)ifs);
+
+ bcopy(ifs, data, sizeof(*ifs));
+ break;
+
+ case SIOCGIFMEDIA32: /* struct ifmediareq32 */
+ case SIOCGIFMEDIA64: /* struct ifmediareq64 */
+ case SIOCGIFXMEDIA32: /* struct ifmediareq32 */
+ case SIOCGIFXMEDIA64: /* struct ifmediareq64 */
+ error = ifioctl_get_media(ifp, so, cmd, data);
+ break;
+
+ case SIOCSIFDESC: /* struct if_descreq */
+ case SIOCGIFDESC: /* struct if_descreq */
+ error = ifioctl_ifdesc(ifp, cmd, data, p);
+ break;
+
+ case SIOCSIFLINKPARAMS: /* struct if_linkparamsreq */
+ case SIOCGIFLINKPARAMS: /* struct if_linkparamsreq */
+ error = ifioctl_linkparams(ifp, cmd, data, p);
+ break;
+
+ case SIOCGIFQUEUESTATS: /* struct if_qstatsreq */
+ error = ifioctl_qstats(ifp, cmd, data);
+ break;
+
+ case SIOCSIFTHROTTLE: /* struct if_throttlereq */
+ case SIOCGIFTHROTTLE: /* struct if_throttlereq */
+ error = ifioctl_throttle(ifp, cmd, data, p);
+ break;
+
+ case SIOCAIFAGENTID: /* struct if_agentidreq */
+ case SIOCDIFAGENTID: /* struct if_agentidreq */
+ case SIOCGIFAGENTIDS32: /* struct if_agentidsreq32 */
+ case SIOCGIFAGENTIDS64: /* struct if_agentidsreq64 */
+ error = ifioctl_netagent(ifp, cmd, data, p);
+ break;
+
+ case SIOCSIFNETSIGNATURE: /* struct if_nsreq */
+ case SIOCGIFNETSIGNATURE: /* struct if_nsreq */
+ error = ifioctl_netsignature(ifp, cmd, data);
+ break;
+
+ case SIOCSIFNETWORKID: /* struct if_netidreq */
+ error = ifioctl_networkid(ifp, data);
+ break;
+ case SIOCSIFNAT64PREFIX: /* struct if_nat64req */
+ case SIOCGIFNAT64PREFIX: /* struct if_nat64req */
+ error = ifioctl_nat64prefix(ifp, cmd, data);
+ break;
+
+ case SIOCGIFCLAT46ADDR: /* struct if_clat46req */
+ error = ifioctl_clat46addr(ifp, cmd, data);
+ break;
+
+ case SIOCGIFPROTOLIST32: /* struct if_protolistreq32 */
+ case SIOCGIFPROTOLIST64: /* struct if_protolistreq64 */
+ error = ifioctl_protolist(ifp, cmd, data);
+ break;
+
+ default:
+ if (so->so_proto == NULL) {
+ error = EOPNOTSUPP;
+ break;
+ }
+
+ socket_lock(so, 1);
+ error = ((*so->so_proto->pr_usrreqs->pru_control)(so, cmd,
+ data, ifp, p));
+ socket_unlock(so, 1);
+
+ // Don't allow to call SIOCAIFADDR and SIOCDIFADDR with
+ // ifreq as the code expects ifaddr
+ if ((error == EOPNOTSUPP || error == ENOTSUP) &&
+ !(cmd == SIOCAIFADDR || cmd == SIOCDIFADDR)) {
+ error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, data);
+ }
+ break;
+ }
+
+done:
+ if (ifs != NULL) {
+ _FREE(ifs, M_DEVBUF);
+ }
+
+ if (if_verbose) {
+ if (ifname[0] == '\0') {
+ (void) snprintf(ifname, sizeof(ifname), "%s",
+ "NULL");
+ } else if (ifp != NULL) {
+ (void) snprintf(ifname, sizeof(ifname), "%s",
+ if_name(ifp));
+ }
+
+ if (error != 0) {
+ printf("%s[%s,%d]: ifp %s cmd 0x%08lx (%c%c [%lu] "
+ "%c %lu) error %d\n", __func__,
+ proc_name_address(p), proc_pid(p),
+ ifname, cmd, (cmd & IOC_IN) ? 'I' : ' ',
+ (cmd & IOC_OUT) ? 'O' : ' ', IOCPARM_LEN(cmd),
+ (char)IOCGROUP(cmd), cmd & 0xff, error);
+ } else if (if_verbose > 1) {
+ printf("%s[%s,%d]: ifp %s cmd 0x%08lx (%c%c [%lu] "
+ "%c %lu) OK\n", __func__,
+ proc_name_address(p), proc_pid(p),
+ ifname, cmd, (cmd & IOC_IN) ? 'I' : ' ',
+ (cmd & IOC_OUT) ? 'O' : ' ', IOCPARM_LEN(cmd),
+ (char)IOCGROUP(cmd), cmd & 0xff);
+ }
+ }
+
+ if (ifp != NULL) {
+ ifnet_decr_iorefcnt(ifp);
+ }
+ return error;
+}
+
+static __attribute__((noinline)) int
+ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p)
+{
+ struct ifnet *ifp;
+ u_long ocmd = cmd;
+ int error = 0;
+ struct kev_msg ev_msg;
+ struct net_event_data ev_data;
+
+ bzero(&ev_data, sizeof(struct net_event_data));
+ bzero(&ev_msg, sizeof(struct kev_msg));
+
+ switch (cmd) {
+ case SIOCIFCREATE:
+ case SIOCIFCREATE2:
+ error = proc_suser(p);
+ if (error) {
+ return error;
+ }
+ return if_clone_create(ifr->ifr_name, sizeof(ifr->ifr_name),
+ cmd == SIOCIFCREATE2 ? ifr->ifr_data : NULL);
+ case SIOCIFDESTROY:
+ error = proc_suser(p);
+ if (error) {
+ return error;
+ }
+ return if_clone_destroy(ifr->ifr_name);
+ }
+
+ /*
+ * ioctls which require ifp. Note that we acquire dlil_ifnet_lock
+ * here to ensure that the ifnet, if found, has been fully attached.
+ */
+ dlil_if_lock();
+ ifp = ifunit(ifr->ifr_name);
+ dlil_if_unlock();
+
+ if (ifp == NULL) {
+ return ENXIO;
+ }
+
+ switch (cmd) {
+ case SIOCGIFFLAGS:
+ ifnet_lock_shared(ifp);
+ ifr->ifr_flags = ifp->if_flags;
+ ifnet_lock_done(ifp);
+ break;
+
+ case SIOCGIFEFLAGS:
+ ifnet_lock_shared(ifp);
+ ifr->ifr_eflags = ifp->if_eflags;
+ ifnet_lock_done(ifp);
+ break;
+
+ case SIOCGIFXFLAGS:
+ ifnet_lock_shared(ifp);
+ ifr->ifr_xflags = ifp->if_xflags;
+ ifnet_lock_done(ifp);
+ break;
+
+ case SIOCGIFCAP:
+ ifnet_lock_shared(ifp);
+ ifr->ifr_reqcap = ifp->if_capabilities;
+ ifr->ifr_curcap = ifp->if_capenable;
+ ifnet_lock_done(ifp);
+ break;
+
+ case SIOCGIFMETRIC:
+ ifnet_lock_shared(ifp);
+ ifr->ifr_metric = ifp->if_metric;
+ ifnet_lock_done(ifp);
+ break;
+
+ case SIOCGIFMTU:
+ ifnet_lock_shared(ifp);
+ ifr->ifr_mtu = ifp->if_mtu;
+ ifnet_lock_done(ifp);
+ break;
+
+ case SIOCGIFPHYS:
+ ifnet_lock_shared(ifp);
+ ifr->ifr_phys = ifp->if_physical;
+ ifnet_lock_done(ifp);
+ break;
+
+ case SIOCSIFFLAGS:
+ error = proc_suser(p);
+ if (error != 0) {
+ break;
+ }
+
+ (void) ifnet_set_flags(ifp, ifr->ifr_flags,
+ (u_int16_t)~IFF_CANTCHANGE);
+
+ /*
+ * Note that we intentionally ignore any error from below
+ * for the SIOCSIFFLAGS case.
+ */
+ (void) ifnet_ioctl(ifp, SOCK_DOM(so), cmd, (caddr_t)ifr);
+
+ /*
+ * Send the event even upon error from the driver because
+ * we changed the flags.
+ */
+ dlil_post_sifflags_msg(ifp);
+
+ ifnet_touch_lastchange(ifp);
+ break;
+
+ case SIOCSIFCAP:
+ error = proc_suser(p);
+ if (error != 0) {
+ break;
+ }
+
+ if ((ifr->ifr_reqcap & ~ifp->if_capabilities)) {
+ error = EINVAL;
+ break;
+ }
+ error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, (caddr_t)ifr);
+
+ ifnet_touch_lastchange(ifp);
+ break;
+
+ case SIOCSIFMETRIC:
+ error = proc_suser(p);
+ if (error != 0) {
+ break;
+ }
+
+ ifp->if_metric = ifr->ifr_metric;
+
+ ev_msg.vendor_code = KEV_VENDOR_APPLE;
+ ev_msg.kev_class = KEV_NETWORK_CLASS;
+ ev_msg.kev_subclass = KEV_DL_SUBCLASS;
+
+ ev_msg.event_code = KEV_DL_SIFMETRICS;
+ strlcpy(&ev_data.if_name[0], ifp->if_name, IFNAMSIZ);
+ ev_data.if_family = ifp->if_family;
+ ev_data.if_unit = (u_int32_t) ifp->if_unit;
+ ev_msg.dv[0].data_length = sizeof(struct net_event_data);
+ ev_msg.dv[0].data_ptr = &ev_data;
+
+ ev_msg.dv[1].data_length = 0;
+ dlil_post_complete_msg(ifp, &ev_msg);
+
+ ifnet_touch_lastchange(ifp);
+ break;
+
+ case SIOCSIFPHYS:
+ error = proc_suser(p);
+ if (error != 0) {
+ break;
+ }
+
+ error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, (caddr_t)ifr);
+ if (error != 0) {
+ break;
+ }
+
+ ev_msg.vendor_code = KEV_VENDOR_APPLE;
+ ev_msg.kev_class = KEV_NETWORK_CLASS;
+ ev_msg.kev_subclass = KEV_DL_SUBCLASS;
+
+ ev_msg.event_code = KEV_DL_SIFPHYS;
+ strlcpy(&ev_data.if_name[0], ifp->if_name, IFNAMSIZ);
+ ev_data.if_family = ifp->if_family;
+ ev_data.if_unit = (u_int32_t) ifp->if_unit;
+ ev_msg.dv[0].data_length = sizeof(struct net_event_data);
+ ev_msg.dv[0].data_ptr = &ev_data;
+ ev_msg.dv[1].data_length = 0;
+ dlil_post_complete_msg(ifp, &ev_msg);
+
+ ifnet_touch_lastchange(ifp);
+ break;
+
+ case SIOCSIFMTU: {
+ u_int32_t oldmtu = ifp->if_mtu;
+ struct ifclassq *ifq = &ifp->if_snd;
+
+ error = proc_suser(p);
+ if (error != 0) {
+ break;
+ }
+
+ if (ifp->if_ioctl == NULL) {
+ error = EOPNOTSUPP;
+ break;
+ }
+ if (ifr->ifr_mtu < IF_MINMTU || ifr->ifr_mtu > IF_MAXMTU) {
+ error = EINVAL;
+ break;
+ }
+ error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, (caddr_t)ifr);
+ if (error != 0) {
+ break;
+ }
+
+ ev_msg.vendor_code = KEV_VENDOR_APPLE;
+ ev_msg.kev_class = KEV_NETWORK_CLASS;
+ ev_msg.kev_subclass = KEV_DL_SUBCLASS;
+
+ ev_msg.event_code = KEV_DL_SIFMTU;
+ strlcpy(&ev_data.if_name[0], ifp->if_name, IFNAMSIZ);
+ ev_data.if_family = ifp->if_family;
+ ev_data.if_unit = (u_int32_t) ifp->if_unit;
+ ev_msg.dv[0].data_length = sizeof(struct net_event_data);
+ ev_msg.dv[0].data_ptr = &ev_data;
+ ev_msg.dv[1].data_length = 0;
+ dlil_post_complete_msg(ifp, &ev_msg);
+
+ ifnet_touch_lastchange(ifp);
+ rt_ifmsg(ifp);
+
+ /*
+ * If the link MTU changed, do network layer specific procedure
+ * and update all route entries associated with the interface,
+ * so that their MTU metric gets updated.
+ */
+ if (ifp->if_mtu != oldmtu) {
+ if_rtmtu_update(ifp);
+ nd6_setmtu(ifp);
+ /* Inform all transmit queues about the new MTU */
+ IFCQ_LOCK(ifq);
+ ifnet_update_sndq(ifq, CLASSQ_EV_LINK_MTU);
+ IFCQ_UNLOCK(ifq);
+ }
+ break;
+ }
+
+ case SIOCADDMULTI:
+ case SIOCDELMULTI:
+ error = proc_suser(p);
+ if (error != 0) {
+ break;
+ }
+
+ /* Don't allow group membership on non-multicast interfaces. */
+ if ((ifp->if_flags & IFF_MULTICAST) == 0) {
+ error = EOPNOTSUPP;
+ break;
+ }
+
+ /* Don't let users screw up protocols' entries. */
+ if (ifr->ifr_addr.sa_family != AF_UNSPEC &&
+ ifr->ifr_addr.sa_family != AF_LINK) {
+ error = EINVAL;
+ break;
+ }
+ if (ifr->ifr_addr.sa_len > sizeof(struct sockaddr)) {
+ ifr->ifr_addr.sa_len = sizeof(struct sockaddr);
+ }
+
+ /*
+ * User is permitted to anonymously join a particular link
+ * multicast group via SIOCADDMULTI. Subsequent join requested
+ * for the same record which has an outstanding refcnt from a
+ * past if_addmulti_anon() will not result in EADDRINUSE error
+ * (unlike other BSDs.) Anonymously leaving a group is also
+ * allowed only as long as there is an outstanding refcnt held
+ * by a previous anonymous request, or else ENOENT (even if the
+ * link-layer multicast membership exists for a network-layer
+ * membership.)
+ */
+ if (cmd == SIOCADDMULTI) {
+ error = if_addmulti_anon(ifp, &ifr->ifr_addr, NULL);
+ ev_msg.event_code = KEV_DL_ADDMULTI;
+ } else {
+ error = if_delmulti_anon(ifp, &ifr->ifr_addr);
+ ev_msg.event_code = KEV_DL_DELMULTI;
+ }
+ if (error != 0) {
+ break;
+ }
+
+ ev_msg.vendor_code = KEV_VENDOR_APPLE;
+ ev_msg.kev_class = KEV_NETWORK_CLASS;
+ ev_msg.kev_subclass = KEV_DL_SUBCLASS;
+ strlcpy(&ev_data.if_name[0], ifp->if_name, IFNAMSIZ);
+
+ ev_data.if_family = ifp->if_family;
+ ev_data.if_unit = (u_int32_t) ifp->if_unit;
+ ev_msg.dv[0].data_length = sizeof(struct net_event_data);
+ ev_msg.dv[0].data_ptr = &ev_data;
+ ev_msg.dv[1].data_length = 0;
+ dlil_post_complete_msg(ifp, &ev_msg);
+
+ ifnet_touch_lastchange(ifp);
+ break;
+
+ case SIOCSIFMEDIA:
+ error = proc_suser(p);
+ if (error != 0) {
+ break;
+ }
+ /*
+ * Silently ignore setting IFM_OTHER
+ */
+ if (ifr->ifr_media == IFM_OTHER) {
+ os_log_info(OS_LOG_DEFAULT,
+ "%s: %s SIOCSIFMEDIA ignore IFM_OTHER",
+ __func__, ifp->if_xname);
+ error = 0;
+ break;
+ }
+ error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, (caddr_t)ifr);
+ if (error != 0) {
+ break;
+ }
+ ifnet_touch_lastchange(ifp);
+ break;
+
+ case SIOCDIFPHYADDR:
+ case SIOCSIFGENERIC:
+ case SIOCSIFLLADDR:
+ case SIOCSIFALTMTU:
+ case SIOCSIFVLAN:
+ case SIOCSIFBOND:
+ case SIOCSIF6LOWPAN:
+ error = proc_suser(p);
+ if (error != 0) {
+ break;
+ }
+
+ error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, (caddr_t)ifr);
+ if (error != 0) {
+ break;
+ }
+
+ ifnet_touch_lastchange(ifp);
+ break;
+
+ case SIOCGIFLLADDR: {
+ struct sockaddr_dl *sdl = SDL(ifp->if_lladdr->ifa_addr);
+
+ if (sdl->sdl_alen == 0) {
+ error = EADDRNOTAVAIL;
+ break;
+ }
+ /* If larger than 14-bytes we'll need another mechanism */
+ if (sdl->sdl_alen > sizeof(ifr->ifr_addr.sa_data)) {
+ error = EMSGSIZE;
+ break;
+ }
+ /* Follow the same convention used by SIOCSIFLLADDR */
+ bzero(&ifr->ifr_addr, sizeof(ifr->ifr_addr));
+ ifr->ifr_addr.sa_family = AF_LINK;
+ ifr->ifr_addr.sa_len = sdl->sdl_alen;
+ error = ifnet_guarded_lladdr_copy_bytes(ifp,
+ &ifr->ifr_addr.sa_data, sdl->sdl_alen);
+ break;
+ }
+
+ case SIOCGIFTYPE:
+ ifr->ifr_type.ift_type = ifp->if_type;
+ ifr->ifr_type.ift_family = ifp->if_family;
+ ifr->ifr_type.ift_subfamily = ifp->if_subfamily;
+ break;
+
+ case SIOCGIFFUNCTIONALTYPE:
+ ifr->ifr_functional_type = if_functional_type(ifp, FALSE);
+ break;
+
+ case SIOCGIFPSRCADDR:
+ case SIOCGIFPDSTADDR:
+ case SIOCGIFGENERIC:
+ case SIOCGIFDEVMTU:
+ case SIOCGIFVLAN:
+ case SIOCGIFBOND:
+ case SIOCGIF6LOWPAN:
+ error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, (caddr_t)ifr);
+ break;
+
+ case SIOCGIFWAKEFLAGS:
+ ifnet_lock_shared(ifp);
+ ifr->ifr_wake_flags = ifnet_get_wake_flags(ifp);
+ ifnet_lock_done(ifp);
+ break;
+
+ case SIOCGIFGETRTREFCNT:
+ ifnet_lock_shared(ifp);
+ ifr->ifr_route_refcnt = ifp->if_route_refcnt;
+ ifnet_lock_done(ifp);
+ break;
+
+ case SIOCSIFOPPORTUNISTIC:
+ case SIOCGIFOPPORTUNISTIC:
+ error = ifnet_getset_opportunistic(ifp, cmd, ifr, p);
+ break;
+
+ case SIOCGIFLINKQUALITYMETRIC:
+ ifnet_lock_shared(ifp);
+ if ((ifp->if_interface_state.valid_bitmask &
+ IF_INTERFACE_STATE_LQM_STATE_VALID)) {
+ ifr->ifr_link_quality_metric =
+ ifp->if_interface_state.lqm_state;
+ } else if (IF_FULLY_ATTACHED(ifp)) {
+ ifr->ifr_link_quality_metric =
+ IFNET_LQM_THRESH_UNKNOWN;
+ } else {
+ ifr->ifr_link_quality_metric =
+ IFNET_LQM_THRESH_OFF;
+ }
+ ifnet_lock_done(ifp);
+ break;
+
+ case SIOCSIFLOG:
+ case SIOCGIFLOG:
+ error = ifnet_getset_log(ifp, cmd, ifr, p);
+ break;
+
+ case SIOCGIFDELEGATE:
+ ifnet_lock_shared(ifp);
+ ifr->ifr_delegated = ((ifp->if_delegated.ifp != NULL) ?
+ ifp->if_delegated.ifp->if_index : 0);
+ ifnet_lock_done(ifp);
+ break;
+
+ case SIOCGIFEXPENSIVE:
+ ifnet_lock_shared(ifp);
+ if (ifp->if_eflags & IFEF_EXPENSIVE) {
+ ifr->ifr_expensive = 1;
+ } else {
+ ifr->ifr_expensive = 0;
+ }
+ ifnet_lock_done(ifp);
+ break;
+
+ case SIOCSIFEXPENSIVE:
+ {
+ struct ifnet *difp;
+
+ if ((error = priv_check_cred(kauth_cred_get(),
+ PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+ return error;
+ }
+ if (ifr->ifr_expensive) {
+ if_set_eflags(ifp, IFEF_EXPENSIVE);
+ } else {
+ if_clear_eflags(ifp, IFEF_EXPENSIVE);
+ }
+ ifnet_increment_generation(ifp);
+
+ /*
+ * Update the expensive bit in the delegated interface
+ * structure.
+ */
+ ifnet_head_lock_shared();
+ TAILQ_FOREACH(difp, &ifnet_head, if_link) {
+ ifnet_lock_exclusive(difp);
+ if (difp->if_delegated.ifp == ifp) {
+ difp->if_delegated.expensive =
+ ifp->if_eflags & IFEF_EXPENSIVE ? 1 : 0;
+ ifnet_increment_generation(difp);
+ }
+ ifnet_lock_done(difp);
+ }
+ ifnet_head_done();
+ necp_update_all_clients();
+ break;
+ }
+
+ case SIOCGIFCONSTRAINED:
+ if ((ifp->if_xflags & IFXF_CONSTRAINED) != 0) {
+ ifr->ifr_constrained = 1;
+ } else {
+ ifr->ifr_constrained = 0;
+ }
+ break;
+
+ case SIOCSIFCONSTRAINED:
+ {
+ struct ifnet *difp;
+
+ if ((error = priv_check_cred(kauth_cred_get(),
+ PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+ return error;
+ }
+ if (ifr->ifr_constrained) {
+ if_set_xflags(ifp, IFXF_CONSTRAINED);
+ } else {
+ if_clear_xflags(ifp, IFXF_CONSTRAINED);
+ }
+ ifnet_increment_generation(ifp);
+ /*
+ * Update the constrained bit in the delegated interface
+ * structure.
+ */
+ ifnet_head_lock_shared();
+ TAILQ_FOREACH(difp, &ifnet_head, if_link) {
+ ifnet_lock_exclusive(difp);
+ if (difp->if_delegated.ifp == ifp) {
+ difp->if_delegated.constrained =
+ ((ifp->if_xflags & IFXF_CONSTRAINED) != 0) ? 1 : 0;
+ ifnet_increment_generation(difp);
+ }
+ ifnet_lock_done(difp);
+ }
+ ifnet_head_done();
+ necp_update_all_clients();
+ break;
+ }
+
+ case SIOCGIF2KCL:
+ ifnet_lock_shared(ifp);
+ if (ifp->if_eflags & IFEF_2KCL) {
+ ifr->ifr_2kcl = 1;
+ } else {
+ ifr->ifr_2kcl = 0;
+ }
+ ifnet_lock_done(ifp);
+ break;
+
+ case SIOCSIF2KCL:
+ if ((error = priv_check_cred(kauth_cred_get(),
+ PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+ return error;
+ }
+ if (ifr->ifr_2kcl) {
+ if_set_eflags(ifp, IFEF_2KCL);
+ } else {
+ if_clear_eflags(ifp, IFEF_2KCL);
+ }
+ break;
+ case SIOCGSTARTDELAY:
+ ifnet_lock_shared(ifp);
+ if (ifp->if_eflags & IFEF_ENQUEUE_MULTI) {
+ ifr->ifr_start_delay_qlen =
+ ifp->if_start_delay_qlen;
+ ifr->ifr_start_delay_timeout =
+ ifp->if_start_delay_timeout;
+ } else {
+ ifr->ifr_start_delay_qlen = 0;
+ ifr->ifr_start_delay_timeout = 0;
+ }
+ ifnet_lock_done(ifp);
+ break;
+ case SIOCSIFDSTADDR:
+ case SIOCSIFADDR:
+ case SIOCSIFBRDADDR:
+ case SIOCSIFNETMASK:
+ case OSIOCGIFADDR:
+ case OSIOCGIFDSTADDR:
+ case OSIOCGIFBRDADDR:
+ case OSIOCGIFNETMASK:
+ case SIOCSIFKPI:
+ VERIFY(so->so_proto != NULL);
+
+ if (cmd == SIOCSIFDSTADDR || cmd == SIOCSIFADDR ||
+ cmd == SIOCSIFBRDADDR || cmd == SIOCSIFNETMASK) {
+#if BYTE_ORDER != BIG_ENDIAN
+ if (ifr->ifr_addr.sa_family == 0 &&
+ ifr->ifr_addr.sa_len < 16) {
+ ifr->ifr_addr.sa_family = ifr->ifr_addr.sa_len;
+ ifr->ifr_addr.sa_len = 16;
+ }
+#else
+ if (ifr->ifr_addr.sa_len == 0) {
+ ifr->ifr_addr.sa_len = 16;
+ }
+#endif
+ } else if (cmd == OSIOCGIFADDR) {
+ cmd = SIOCGIFADDR; /* struct ifreq */
+ } else if (cmd == OSIOCGIFDSTADDR) {
+ cmd = SIOCGIFDSTADDR; /* struct ifreq */
+ } else if (cmd == OSIOCGIFBRDADDR) {
+ cmd = SIOCGIFBRDADDR; /* struct ifreq */
+ } else if (cmd == OSIOCGIFNETMASK) {
+ cmd = SIOCGIFNETMASK; /* struct ifreq */
+ }
+
+ socket_lock(so, 1);
+ error = ((*so->so_proto->pr_usrreqs->pru_control)(so, cmd,
+ (caddr_t)ifr, ifp, p));
+ socket_unlock(so, 1);
+
+ switch (ocmd) {
+ case OSIOCGIFADDR:
+ case OSIOCGIFDSTADDR:
+ case OSIOCGIFBRDADDR:
+ case OSIOCGIFNETMASK:
+ bcopy(&ifr->ifr_addr.sa_family, &ifr->ifr_addr,
+ sizeof(u_short));
+ }
+
+ if (cmd == SIOCSIFKPI) {
+ int temperr = proc_suser(p);
+ if (temperr != 0) {
+ error = temperr;
+ }
+ }
+ // Don't allow to call SIOCSIFADDR and SIOCSIFDSTADDR
+ // with ifreq as the code expects ifaddr
+ if ((error == EOPNOTSUPP || error == ENOTSUP) &&
+ !(cmd == SIOCSIFADDR || cmd == SIOCSIFDSTADDR)) {
+ error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd,
+ (caddr_t)ifr);
+ }
+ break;
+
+ case SIOCGIFINTERFACESTATE:
+ if_get_state(ifp, &ifr->ifr_interface_state);
+ break;
+
+ case SIOCSIFINTERFACESTATE:
+ if ((error = priv_check_cred(kauth_cred_get(),
+ PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+ return error;
+ }
+
+ error = if_state_update(ifp, &ifr->ifr_interface_state);
+
+ break;
+ case SIOCSIFPROBECONNECTIVITY:
+ if ((error = priv_check_cred(kauth_cred_get(),
+ PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+ return error;
+ }
+ error = if_probe_connectivity(ifp,
+ ifr->ifr_probe_connectivity);
+ break;
+ case SIOCGIFPROBECONNECTIVITY:
+ if ((error = priv_check_cred(kauth_cred_get(),
+ PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+ return error;
+ }
+ if (ifp->if_eflags & IFEF_PROBE_CONNECTIVITY) {
+ ifr->ifr_probe_connectivity = 1;
+ } else {
+ ifr->ifr_probe_connectivity = 0;
+ }
+ break;
+ case SIOCGECNMODE:
+ if ((ifp->if_eflags & (IFEF_ECN_ENABLE | IFEF_ECN_DISABLE)) ==
+ IFEF_ECN_ENABLE) {
+ ifr->ifr_ecn_mode = IFRTYPE_ECN_ENABLE;
+ } else if ((ifp->if_eflags & (IFEF_ECN_ENABLE | IFEF_ECN_DISABLE)) ==
+ IFEF_ECN_DISABLE) {
+ ifr->ifr_ecn_mode = IFRTYPE_ECN_DISABLE;
+ } else {
+ ifr->ifr_ecn_mode = IFRTYPE_ECN_DEFAULT;
+ }
+ break;
+ case SIOCSECNMODE:
+ if ((error = priv_check_cred(kauth_cred_get(),
+ PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+ return error;
+ }
+ if (ifr->ifr_ecn_mode == IFRTYPE_ECN_DEFAULT) {
+ if_clear_eflags(ifp, IFEF_ECN_ENABLE | IFEF_ECN_DISABLE);
+ } else if (ifr->ifr_ecn_mode == IFRTYPE_ECN_ENABLE) {
+ if_set_eflags(ifp, IFEF_ECN_ENABLE);
+ if_clear_eflags(ifp, IFEF_ECN_DISABLE);
+ } else if (ifr->ifr_ecn_mode == IFRTYPE_ECN_DISABLE) {
+ if_set_eflags(ifp, IFEF_ECN_DISABLE);
+ if_clear_eflags(ifp, IFEF_ECN_ENABLE);
+ } else {
+ error = EINVAL;
+ }
+ break;
+
+ case SIOCSIFTIMESTAMPENABLE:
+ case SIOCSIFTIMESTAMPDISABLE:
+ error = proc_suser(p);
+ if (error != 0) {
+ break;
+ }
+
+ if ((cmd == SIOCSIFTIMESTAMPENABLE &&
+ (ifp->if_xflags & IFXF_TIMESTAMP_ENABLED) != 0) ||
+ (cmd == SIOCSIFTIMESTAMPDISABLE &&
+ (ifp->if_xflags & IFXF_TIMESTAMP_ENABLED) == 0)) {
+ break;
+ }
+ if (cmd == SIOCSIFTIMESTAMPENABLE) {
+ if_set_xflags(ifp, IFXF_TIMESTAMP_ENABLED);
+ } else {
+ if_clear_xflags(ifp, IFXF_TIMESTAMP_ENABLED);
+ }
+ /*
+ * Pass the setting to the interface if it supports either
+ * software or hardware time stamping
+ */
+ if (ifp->if_capabilities & (IFCAP_HW_TIMESTAMP |
+ IFCAP_SW_TIMESTAMP)) {
+ error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd,
+ (caddr_t)ifr);
+ }
+ break;
+ case SIOCGIFTIMESTAMPENABLED: {
+ if ((ifp->if_xflags & IFXF_TIMESTAMP_ENABLED) != 0) {
+ ifr->ifr_intval = 1;
+ } else {
+ ifr->ifr_intval = 0;
+ }
+ break;
+ }
+ case SIOCSQOSMARKINGMODE:
+ if ((error = priv_check_cred(kauth_cred_get(),
+ PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+ return error;
+ }
+ error = if_set_qosmarking_mode(ifp, ifr->ifr_qosmarking_mode);
+ break;
+
+ case SIOCGQOSMARKINGMODE:
+ ifr->ifr_qosmarking_mode = ifp->if_qosmarking_mode;
+ break;
+
+ case SIOCSQOSMARKINGENABLED:
+ if ((error = priv_check_cred(kauth_cred_get(),
+ PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+ return error;
+ }
+ if (ifr->ifr_qosmarking_enabled != 0) {
+ if_set_eflags(ifp, IFEF_QOSMARKING_ENABLED);
+ } else {
+ if_clear_eflags(ifp, IFEF_QOSMARKING_ENABLED);
+ }
+ break;
+
+ case SIOCGQOSMARKINGENABLED:
+ ifr->ifr_qosmarking_enabled =
+ ((ifp->if_eflags & IFEF_QOSMARKING_ENABLED) != 0) ? 1 : 0;
+ break;
+
+ case SIOCSIFDISABLEOUTPUT:
+#if (DEBUG || DEVELOPMENT)
+ if (ifr->ifr_disable_output == 1) {
+ error = ifnet_disable_output(ifp);
+ } else if (ifr->ifr_disable_output == 0) {
+ error = ifnet_enable_output(ifp);
+ } else {
+ error = EINVAL;
+ }
+#else
+ error = EINVAL;
+#endif /* (DEBUG || DEVELOPMENT) */
+ break;
+
+ case SIOCSIFSUBFAMILY:
+ if ((error = priv_check_cred(kauth_cred_get(),
+ PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+ return error;
+ }
+ error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, (caddr_t)ifr);
+ break;
+
+ case SIOCSIFLOWINTERNET:
+ if ((error = priv_check_cred(kauth_cred_get(),
+ PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+ return error;
+ }
+
+ if (ifr->ifr_low_internet & IFRTYPE_LOW_INTERNET_ENABLE_UL) {
+ if_set_xflags(ifp, IFXF_LOW_INTERNET_UL);
+ } else {
+ if_clear_xflags(ifp, IFXF_LOW_INTERNET_UL);
+ }
+ if (ifr->ifr_low_internet & IFRTYPE_LOW_INTERNET_ENABLE_DL) {
+ if_set_xflags(ifp, IFXF_LOW_INTERNET_DL);
+ } else {
+ if_clear_xflags(ifp, IFXF_LOW_INTERNET_DL);
+ }
+ break;
+ case SIOCGIFLOWINTERNET:
+ ifnet_lock_shared(ifp);
+ ifr->ifr_low_internet = 0;
+ if ((ifp->if_xflags & IFXF_LOW_INTERNET_UL) != 0) {
+ ifr->ifr_low_internet |=
+ IFRTYPE_LOW_INTERNET_ENABLE_UL;
+ }
+ if ((ifp->if_xflags & IFXF_LOW_INTERNET_DL) != 0) {
+ ifr->ifr_low_internet |=
+ IFRTYPE_LOW_INTERNET_ENABLE_DL;
+ }
+ ifnet_lock_done(ifp);
+ break;
+ case SIOCGIFLOWPOWER:
+ ifr->ifr_low_power_mode =
+ ((ifp->if_xflags & IFXF_LOW_POWER) != 0);
+ break;
+ case SIOCSIFLOWPOWER:
+#if (DEVELOPMENT || DEBUG)
+ error = if_set_low_power(ifp, (ifr->ifr_low_power_mode != 0));
+#else /* DEVELOPMENT || DEBUG */
+ error = EOPNOTSUPP;
+#endif /* DEVELOPMENT || DEBUG */
+ break;
+
+ case SIOCGIFMPKLOG:
+ ifr->ifr_mpk_log = ((ifp->if_xflags & IFXF_MPK_LOG) != 0);
+ break;
+ case SIOCSIFMPKLOG:
+ if (ifr->ifr_mpk_log) {
+ if_set_xflags(ifp, IFXF_MPK_LOG);
+ } else {
+ if_clear_xflags(ifp, IFXF_MPK_LOG);
+ }
+ break;
+ case SIOCGIFNOACKPRIO:
+ if ((ifp->if_eflags & IFEF_NOACKPRI) != 0) {
+ ifr->ifr_noack_prio = 1;
+ } else {
+ ifr->ifr_noack_prio = 0;
+ }
+ break;
+
+ case SIOCSIFNOACKPRIO:
+ if ((error = priv_check_cred(kauth_cred_get(),
+ PRIV_NET_INTERFACE_CONTROL, 0)) != 0) {
+ return error;
+ }
+ if (ifr->ifr_noack_prio) {
+ if_set_eflags(ifp, IFEF_NOACKPRI);
+ } else {
+ if_clear_eflags(ifp, IFEF_NOACKPRI);
+ }
+ break;
+
+ default:
+ VERIFY(0);
+ /* NOTREACHED */
+ }
+
+ return error;
+}
+
+int
+ifioctllocked(struct socket *so, u_long cmd, caddr_t data, struct proc *p)
+{
+ int error;
+
+ socket_unlock(so, 0);
+ error = ifioctl(so, cmd, data, p);
+ socket_lock(so, 0);
+ return error;
+}
+
+/*
+ * Set/clear promiscuous mode on interface ifp based on the truth value
+ * of pswitch. The calls are reference counted so that only the first
+ * "on" request actually has an effect, as does the final "off" request.
+ * Results are undefined if the "off" and "on" requests are not matched.
+ */
+errno_t
+ifnet_set_promiscuous(
+ ifnet_t ifp,
+ int pswitch)
+{
+ int error = 0;
+ int oldflags = 0;
+ int newflags = 0;
+
+ ifnet_lock_exclusive(ifp);
+ oldflags = ifp->if_flags;
+ ifp->if_pcount += pswitch ? 1 : -1;
+
+ if (ifp->if_pcount > 0) {
+ ifp->if_flags |= IFF_PROMISC;
+ } else {
+ ifp->if_flags &= ~IFF_PROMISC;
+ }
+
+ newflags = ifp->if_flags;
+ ifnet_lock_done(ifp);
+
+ if (newflags != oldflags && (newflags & IFF_UP) != 0) {
+ error = ifnet_ioctl(ifp, 0, SIOCSIFFLAGS, NULL);
+ if (error == 0) {
+ rt_ifmsg(ifp);
+ } else {
+ ifnet_lock_exclusive(ifp);
+ // revert the flags
+ ifp->if_pcount -= pswitch ? 1 : -1;
+ if (ifp->if_pcount > 0) {
+ ifp->if_flags |= IFF_PROMISC;
+ } else {
+ ifp->if_flags &= ~IFF_PROMISC;
+ }
+ ifnet_lock_done(ifp);
+ }
+ }
+
+ if (newflags != oldflags) {
+ log(LOG_INFO, "%s: promiscuous mode %s%s\n",
+ if_name(ifp),
+ (newflags & IFF_PROMISC) != 0 ? "enable" : "disable",
+ error != 0 ? " failed" : " succeeded");
+ }
+ return error;
+}
+
+/*
+ * Return interface configuration
+ * of system. List may be used
+ * in later ioctl's (above) to get
+ * other information.
+ */
+/*ARGSUSED*/
+static int
+ifconf(u_long cmd, user_addr_t ifrp, int *ret_space)
+{
+ struct ifnet *ifp = NULL;
+ struct ifaddr *ifa;
+ struct ifreq ifr;
+ int error = 0;
+ size_t space;
+ net_thread_marks_t marks;
+
+ marks = net_thread_marks_push(NET_THREAD_CKREQ_LLADDR);
+
+ /*
+ * Zero the ifr buffer to make sure we don't
+ * disclose the contents of the stack.
+ */
+ bzero(&ifr, sizeof(struct ifreq));
+
+ space = *ret_space;
+ ifnet_head_lock_shared();
+ for (ifp = ifnet_head.tqh_first; space > sizeof(ifr) &&
+ ifp; ifp = ifp->if_link.tqe_next) {
+ char workbuf[64];
+ size_t ifnlen, addrs;
+
+ ifnlen = snprintf(workbuf, sizeof(workbuf),
+ "%s", if_name(ifp));
+ if (ifnlen + 1 > sizeof(ifr.ifr_name)) {
+ error = ENAMETOOLONG;
+ break;
+ } else {
+ strlcpy(ifr.ifr_name, workbuf, IFNAMSIZ);
+ }
+
+ ifnet_lock_shared(ifp);
+
+ addrs = 0;
+ ifa = ifp->if_addrhead.tqh_first;
+ for (; space > sizeof(ifr) && ifa;
+ ifa = ifa->ifa_link.tqe_next) {
+ struct sockaddr *sa;
+ union {
+ struct sockaddr sa;
+ struct sockaddr_dl sdl;
+ uint8_t buf[SOCK_MAXADDRLEN + 1];
+ } u;
+
+ /*
+ * Make sure to accomodate the largest possible
+ * size of SA(if_lladdr)->sa_len.
+ */
+ _CASSERT(sizeof(u) == (SOCK_MAXADDRLEN + 1));
+
+ IFA_LOCK(ifa);
+ sa = ifa->ifa_addr;
+ addrs++;
+
+ if (ifa == ifp->if_lladdr) {
+ VERIFY(sa->sa_family == AF_LINK);
+ bcopy(sa, &u, sa->sa_len);
+ IFA_UNLOCK(ifa);
+ ifnet_guarded_lladdr_copy_bytes(ifp,
+ LLADDR(&u.sdl), u.sdl.sdl_alen);
+ IFA_LOCK(ifa);
+ sa = &u.sa;
+ }
+
+ if (cmd == OSIOCGIFCONF32 || cmd == OSIOCGIFCONF64) {
+ struct osockaddr *osa =
+ (struct osockaddr *)(void *)&ifr.ifr_addr;
+ ifr.ifr_addr = *sa;
+ osa->sa_family = sa->sa_family;
+ error = copyout((caddr_t)&ifr, ifrp,
+ sizeof(ifr));
+ ifrp += sizeof(struct ifreq);
+ } else if (sa->sa_len <= sizeof(*sa)) {
+ ifr.ifr_addr = *sa;
+ error = copyout((caddr_t)&ifr, ifrp,
+ sizeof(ifr));
+ ifrp += sizeof(struct ifreq);
+ } else {
+ if (space <
+ sizeof(ifr) + sa->sa_len - sizeof(*sa)) {
+ IFA_UNLOCK(ifa);
+ break;
+ }
+ space -= sa->sa_len - sizeof(*sa);
+ error = copyout((caddr_t)&ifr, ifrp,
+ sizeof(ifr.ifr_name));
+ if (error == 0) {
+ error = copyout((caddr_t)sa, (ifrp +
+ offsetof(struct ifreq, ifr_addr)),
+ sa->sa_len);
+ }
+ ifrp += (sa->sa_len + offsetof(struct ifreq,
+ ifr_addr));
+ }
+ IFA_UNLOCK(ifa);
+ if (error) {
+ break;
+ }
+ space -= sizeof(ifr);
+ }
+ ifnet_lock_done(ifp);
+
+ if (error) {
+ break;
+ }
+ if (!addrs) {
+ bzero((caddr_t)&ifr.ifr_addr, sizeof(ifr.ifr_addr));
+ error = copyout((caddr_t)&ifr, ifrp, sizeof(ifr));
+ if (error) {
+ break;
+ }
+ space -= sizeof(ifr);
+ ifrp += sizeof(struct ifreq);
+ }
+ }
+ ifnet_head_done();
+ *ret_space -= space;
+ net_thread_marks_pop(marks);
+ return error;
+}
+
+/*
+ * Just like if_promisc(), but for all-multicast-reception mode.
+ */
+int
+if_allmulti(struct ifnet *ifp, int onswitch)
+{
+ int error = 0;
+ int modified = 0;
+
+ ifnet_lock_exclusive(ifp);
+
+ if (onswitch) {
+ if (ifp->if_amcount++ == 0) {
+ ifp->if_flags |= IFF_ALLMULTI;
+ modified = 1;
+ }
+ } else {
+ if (ifp->if_amcount > 1) {
+ ifp->if_amcount--;
+ } else {
+ ifp->if_amcount = 0;
+ ifp->if_flags &= ~IFF_ALLMULTI;
+ modified = 1;
+ }
+ }
+ ifnet_lock_done(ifp);
+
+ if (modified) {
+ error = ifnet_ioctl(ifp, 0, SIOCSIFFLAGS, NULL);
+ }
+
+ if (error == 0) {
+ rt_ifmsg(ifp);
+ }
+ return error;
+}
+
+static struct ifmultiaddr *
+ifma_alloc(int how)
+{
+ struct ifmultiaddr *ifma;
+
+ ifma = (how == M_WAITOK) ? zalloc(ifma_zone) :
+ zalloc_noblock(ifma_zone);
+
+ if (ifma != NULL) {
+ bzero(ifma, ifma_size);
+ lck_mtx_init(&ifma->ifma_lock, ifa_mtx_grp, ifa_mtx_attr);
+ ifma->ifma_debug |= IFD_ALLOC;
+ if (ifma_debug != 0) {
+ ifma->ifma_debug |= IFD_DEBUG;
+ ifma->ifma_trace = ifma_trace;
+ }
+ }
+ return ifma;
+}
+
+static void
+ifma_free(struct ifmultiaddr *ifma)
+{
+ IFMA_LOCK(ifma);
+
+ if (ifma->ifma_protospec != NULL) {
+ panic("%s: Protospec not NULL for ifma=%p", __func__, ifma);
+ /* NOTREACHED */
+ } else if ((ifma->ifma_flags & IFMAF_ANONYMOUS) ||
+ ifma->ifma_anoncnt != 0) {
+ panic("%s: Freeing ifma=%p with outstanding anon req",
+ __func__, ifma);
+ /* NOTREACHED */
+ } else if (ifma->ifma_debug & IFD_ATTACHED) {
+ panic("%s: ifma=%p attached to ifma_ifp=%p is being freed",
+ __func__, ifma, ifma->ifma_ifp);
+ /* NOTREACHED */
+ } else if (!(ifma->ifma_debug & IFD_ALLOC)) {
+ panic("%s: ifma %p cannot be freed", __func__, ifma);
+ /* NOTREACHED */
+ } else if (ifma->ifma_refcount != 0) {
+ panic("%s: non-zero refcount ifma=%p", __func__, ifma);
+ /* NOTREACHED */
+ } else if (ifma->ifma_reqcnt != 0) {
+ panic("%s: non-zero reqcnt ifma=%p", __func__, ifma);
+ /* NOTREACHED */
+ } else if (ifma->ifma_ifp != NULL) {
+ panic("%s: non-NULL ifma_ifp=%p for ifma=%p", __func__,
+ ifma->ifma_ifp, ifma);
+ /* NOTREACHED */
+ } else if (ifma->ifma_ll != NULL) {
+ panic("%s: non-NULL ifma_ll=%p for ifma=%p", __func__,
+ ifma->ifma_ll, ifma);
+ /* NOTREACHED */
+ }
+ ifma->ifma_debug &= ~IFD_ALLOC;
+ if ((ifma->ifma_debug & (IFD_DEBUG | IFD_TRASHED)) ==
+ (IFD_DEBUG | IFD_TRASHED)) {
+ lck_mtx_lock(&ifma_trash_lock);
+ TAILQ_REMOVE(&ifma_trash_head, (struct ifmultiaddr_dbg *)ifma,
+ ifma_trash_link);
+ lck_mtx_unlock(&ifma_trash_lock);
+ ifma->ifma_debug &= ~IFD_TRASHED;
+ }
+ IFMA_UNLOCK(ifma);
+
+ if (ifma->ifma_addr != NULL) {
+ FREE(ifma->ifma_addr, M_IFADDR);
+ ifma->ifma_addr = NULL;
+ }
+ lck_mtx_destroy(&ifma->ifma_lock, ifa_mtx_grp);
+ zfree(ifma_zone, ifma);
+}
+
+static void
+ifma_trace(struct ifmultiaddr *ifma, int refhold)
+{
+ struct ifmultiaddr_dbg *ifma_dbg = (struct ifmultiaddr_dbg *)ifma;
+ ctrace_t *tr;
+ u_int32_t idx;
+ u_int16_t *cnt;
+
+ if (!(ifma->ifma_debug & IFD_DEBUG)) {
+ panic("%s: ifma %p has no debug structure", __func__, ifma);
+ /* NOTREACHED */
+ }
+ if (refhold) {
+ cnt = &ifma_dbg->ifma_refhold_cnt;
+ tr = ifma_dbg->ifma_refhold;
+ } else {
+ cnt = &ifma_dbg->ifma_refrele_cnt;
+ tr = ifma_dbg->ifma_refrele;
+ }
+
+ idx = atomic_add_16_ov(cnt, 1) % IFMA_TRACE_HIST_SIZE;
+ ctrace_record(&tr[idx]);
+}
+
+void
+ifma_addref(struct ifmultiaddr *ifma, int locked)
+{
+ if (!locked) {
+ IFMA_LOCK(ifma);
+ } else {
+ IFMA_LOCK_ASSERT_HELD(ifma);
+ }
+
+ if (++ifma->ifma_refcount == 0) {
+ panic("%s: ifma=%p wraparound refcnt", __func__, ifma);
+ /* NOTREACHED */
+ } else if (ifma->ifma_trace != NULL) {
+ (*ifma->ifma_trace)(ifma, TRUE);
+ }
+ if (!locked) {
+ IFMA_UNLOCK(ifma);
+ }
+}
+
+void
+ifma_remref(struct ifmultiaddr *ifma)
+{
+ struct ifmultiaddr *ll;
+
+ IFMA_LOCK(ifma);
+
+ if (ifma->ifma_refcount == 0) {
+ panic("%s: ifma=%p negative refcnt", __func__, ifma);
+ /* NOTREACHED */
+ } else if (ifma->ifma_trace != NULL) {
+ (*ifma->ifma_trace)(ifma, FALSE);
+ }
+
+ --ifma->ifma_refcount;
+ if (ifma->ifma_refcount > 0) {
+ IFMA_UNLOCK(ifma);
+ return;
+ }
+
+ ll = ifma->ifma_ll;
+ ifma->ifma_ifp = NULL;
+ ifma->ifma_ll = NULL;
+ IFMA_UNLOCK(ifma);
+ ifma_free(ifma); /* deallocate it */
+
+ if (ll != NULL) {
+ IFMA_REMREF(ll);
+ }
+}
+
+static void
+if_attach_ifma(struct ifnet *ifp, struct ifmultiaddr *ifma, int anon)
+{
+ ifnet_lock_assert(ifp, IFNET_LCK_ASSERT_EXCLUSIVE);
+ IFMA_LOCK_ASSERT_HELD(ifma);
+
+ if (ifma->ifma_ifp != ifp) {
+ panic("%s: Mismatch ifma_ifp=%p != ifp=%p", __func__,
+ ifma->ifma_ifp, ifp);
+ /* NOTREACHED */
+ } else if (ifma->ifma_debug & IFD_ATTACHED) {
+ panic("%s: Attempt to attach an already attached ifma=%p",
+ __func__, ifma);
+ /* NOTREACHED */
+ } else if (anon && (ifma->ifma_flags & IFMAF_ANONYMOUS)) {
+ panic("%s: ifma=%p unexpected IFMAF_ANONYMOUS", __func__, ifma);
+ /* NOTREACHED */
+ } else if (ifma->ifma_debug & IFD_TRASHED) {
+ panic("%s: Attempt to reattach a detached ifma=%p",
+ __func__, ifma);
+ /* NOTREACHED */
+ }
+
+ ifma->ifma_reqcnt++;
+ VERIFY(ifma->ifma_reqcnt == 1);
+ IFMA_ADDREF_LOCKED(ifma);
+ ifma->ifma_debug |= IFD_ATTACHED;
+ if (anon) {
+ ifma->ifma_anoncnt++;
+ VERIFY(ifma->ifma_anoncnt == 1);
+ ifma->ifma_flags |= IFMAF_ANONYMOUS;
+ }
+
+ LIST_INSERT_HEAD(&ifp->if_multiaddrs, ifma, ifma_link);
+}
+
+static int
+if_detach_ifma(struct ifnet *ifp, struct ifmultiaddr *ifma, int anon)
+{
+ ifnet_lock_assert(ifp, IFNET_LCK_ASSERT_EXCLUSIVE);
+ IFMA_LOCK_ASSERT_HELD(ifma);
+
+ if (ifma->ifma_reqcnt == 0) {
+ panic("%s: ifma=%p negative reqcnt", __func__, ifma);
+ /* NOTREACHED */
+ } else if (anon && !(ifma->ifma_flags & IFMAF_ANONYMOUS)) {
+ panic("%s: ifma=%p missing IFMAF_ANONYMOUS", __func__, ifma);
+ /* NOTREACHED */
+ } else if (anon && ifma->ifma_anoncnt == 0) {
+ panic("%s: ifma=%p negative anonreqcnt", __func__, ifma);
+ /* NOTREACHED */
+ } else if (ifma->ifma_ifp != ifp) {
+ panic("%s: Mismatch ifma_ifp=%p, ifp=%p", __func__,
+ ifma->ifma_ifp, ifp);
+ /* NOTREACHED */
+ }
+
+ if (anon) {
+ --ifma->ifma_anoncnt;
+ if (ifma->ifma_anoncnt > 0) {
+ return 0;
+ }
+ ifma->ifma_flags &= ~IFMAF_ANONYMOUS;
+ }
+
+ --ifma->ifma_reqcnt;
+ if (ifma->ifma_reqcnt > 0) {
+ return 0;
+ }
+
+ if (ifma->ifma_protospec != NULL) {
+ panic("%s: Protospec not NULL for ifma=%p", __func__, ifma);
+ /* NOTREACHED */
+ } else if ((ifma->ifma_flags & IFMAF_ANONYMOUS) ||
+ ifma->ifma_anoncnt != 0) {
+ panic("%s: Detaching ifma=%p with outstanding anon req",
+ __func__, ifma);
+ /* NOTREACHED */
+ } else if (!(ifma->ifma_debug & IFD_ATTACHED)) {
+ panic("%s: Attempt to detach an unattached address ifma=%p",
+ __func__, ifma);
+ /* NOTREACHED */
+ } else if (ifma->ifma_debug & IFD_TRASHED) {
+ panic("%s: ifma %p is already in trash list", __func__, ifma);
+ /* NOTREACHED */
+ }
+
+ /*
+ * NOTE: Caller calls IFMA_REMREF
+ */
+ ifma->ifma_debug &= ~IFD_ATTACHED;
+ LIST_REMOVE(ifma, ifma_link);
+ if (LIST_EMPTY(&ifp->if_multiaddrs)) {
+ ifp->if_updatemcasts = 0;
+ }
+
+ if (ifma->ifma_debug & IFD_DEBUG) {
+ /* Become a regular mutex, just in case */
+ IFMA_CONVERT_LOCK(ifma);
+ lck_mtx_lock(&ifma_trash_lock);
+ TAILQ_INSERT_TAIL(&ifma_trash_head,
+ (struct ifmultiaddr_dbg *)ifma, ifma_trash_link);
+ lck_mtx_unlock(&ifma_trash_lock);
+ ifma->ifma_debug |= IFD_TRASHED;
+ }
+
+ return 1;
+}
+
+/*
+ * Find an ifmultiaddr that matches a socket address on an interface.
+ *
+ * Caller is responsible for holding the ifnet_lock while calling
+ * this function.
+ */
+static int
+if_addmulti_doesexist(struct ifnet *ifp, const struct sockaddr *sa,
+ struct ifmultiaddr **retifma, int anon)
+{
+ struct ifmultiaddr *ifma;
+
+ for (ifma = LIST_FIRST(&ifp->if_multiaddrs); ifma != NULL;
+ ifma = LIST_NEXT(ifma, ifma_link)) {
+ IFMA_LOCK_SPIN(ifma);
+ if (!ifa_equal(sa, ifma->ifma_addr)) {
+ IFMA_UNLOCK(ifma);
+ continue;
+ }
+ if (anon) {
+ VERIFY(!(ifma->ifma_flags & IFMAF_ANONYMOUS) ||
+ ifma->ifma_anoncnt != 0);
+ VERIFY((ifma->ifma_flags & IFMAF_ANONYMOUS) ||
+ ifma->ifma_anoncnt == 0);
+ ifma->ifma_anoncnt++;
+ if (!(ifma->ifma_flags & IFMAF_ANONYMOUS)) {
+ VERIFY(ifma->ifma_anoncnt == 1);
+ ifma->ifma_flags |= IFMAF_ANONYMOUS;
+ }
+ }
+ if (!anon || ifma->ifma_anoncnt == 1) {
+ ifma->ifma_reqcnt++;
+ VERIFY(ifma->ifma_reqcnt > 1);
+ }
+ if (retifma != NULL) {
+ *retifma = ifma;
+ IFMA_ADDREF_LOCKED(ifma);
+ }
+ IFMA_UNLOCK(ifma);
+ return 0;
+ }
+ return ENOENT;
+}
+
+/*
+ * Radar 3642395, make sure all multicasts are in a standard format.
+ */
+static struct sockaddr *
+copy_and_normalize(const struct sockaddr *original)
+{
+ int alen = 0;
+ const u_char *aptr = NULL;
+ struct sockaddr *copy = NULL;
+ struct sockaddr_dl *sdl_new = NULL;
+ int len = 0;
+
+ if (original->sa_family != AF_LINK &&
+ original->sa_family != AF_UNSPEC) {
+ /* Just make a copy */
+ MALLOC(copy, struct sockaddr *, original->sa_len,
+ M_IFADDR, M_WAITOK);
+ if (copy != NULL) {
+ bcopy(original, copy, original->sa_len);
+ }
+ return copy;
+ }
+
+ switch (original->sa_family) {
+ case AF_LINK: {
+ const struct sockaddr_dl *sdl_original =
+ (struct sockaddr_dl *)(uintptr_t)(size_t)original;
+
+ if (sdl_original->sdl_nlen + sdl_original->sdl_alen +
+ sdl_original->sdl_slen +
+ offsetof(struct sockaddr_dl, sdl_data) >
+ sdl_original->sdl_len) {
+ return NULL;
+ }
+
+ alen = sdl_original->sdl_alen;
+ aptr = CONST_LLADDR(sdl_original);
+ }
+ break;
+
+ case AF_UNSPEC: {
+ if (original->sa_len < ETHER_ADDR_LEN +
+ offsetof(struct sockaddr, sa_data)) {
+ return NULL;
+ }
+
+ alen = ETHER_ADDR_LEN;
+ aptr = (const u_char *)original->sa_data;
+ }
+ break;
+ }
+
+ if (alen == 0 || aptr == NULL) {
+ return NULL;
+ }
+
+ len = alen + offsetof(struct sockaddr_dl, sdl_data);
+ MALLOC(sdl_new, struct sockaddr_dl *, len, M_IFADDR, M_WAITOK);
+
+ if (sdl_new != NULL) {
+ bzero(sdl_new, len);
+ sdl_new->sdl_len = len;
+ sdl_new->sdl_family = AF_LINK;
+ sdl_new->sdl_alen = alen;
+ bcopy(aptr, LLADDR(sdl_new), alen);
+ }
+
+ return (struct sockaddr *)sdl_new;
+}
+
+/*
+ * Network-layer protocol domains which hold references to the underlying
+ * link-layer record must use this routine.
+ */
+int
+if_addmulti(struct ifnet *ifp, const struct sockaddr *sa,
+ struct ifmultiaddr **retifma)
+{
+ return if_addmulti_common(ifp, sa, retifma, 0);
+}
+
+/*
+ * Anything other than network-layer protocol domains which hold references
+ * to the underlying link-layer record must use this routine: SIOCADDMULTI
+ * ioctl, ifnet_add_multicast(), if_bond.
+ */
+int
+if_addmulti_anon(struct ifnet *ifp, const struct sockaddr *sa,
+ struct ifmultiaddr **retifma)
+{
+ return if_addmulti_common(ifp, sa, retifma, 1);
+}
+
+/*
+ * Register an additional multicast address with a network interface.
+ *
+ * - If the address is already present, bump the reference count on the
+ * address and return.
+ * - If the address is not link-layer, look up a link layer address.
+ * - Allocate address structures for one or both addresses, and attach to the
+ * multicast address list on the interface. If automatically adding a link
+ * layer address, the protocol address will own a reference to the link
+ * layer address, to be freed when it is freed.
+ * - Notify the network device driver of an addition to the multicast address
+ * list.
+ *
+ * 'sa' points to caller-owned memory with the desired multicast address.
+ *
+ * 'retifma' will be used to return a pointer to the resulting multicast
+ * address reference, if desired.
+ *
+ * 'anon' indicates a link-layer address with no protocol address reference
+ * made to it. Anything other than network-layer protocol domain requests
+ * are considered as anonymous.
+ */
+static int
+if_addmulti_common(struct ifnet *ifp, const struct sockaddr *sa,
+ struct ifmultiaddr **retifma, int anon)
+{
+ struct sockaddr_storage storage;
+ struct sockaddr *llsa = NULL;
+ struct sockaddr *dupsa = NULL;
+ int error = 0, ll_firstref = 0, lladdr;
+ struct ifmultiaddr *ifma = NULL;
+ struct ifmultiaddr *llifma = NULL;
+
+ /* Only AF_UNSPEC/AF_LINK is allowed for an "anonymous" address */
+ VERIFY(!anon || sa->sa_family == AF_UNSPEC ||
+ sa->sa_family == AF_LINK);
+
+ /* If sa is a AF_LINK or AF_UNSPEC, duplicate and normalize it */
+ if (sa->sa_family == AF_LINK || sa->sa_family == AF_UNSPEC) {
+ dupsa = copy_and_normalize(sa);
+ if (dupsa == NULL) {
+ error = ENOMEM;
+ goto cleanup;
+ }
+ sa = dupsa;
+ }
+
+ ifnet_lock_exclusive(ifp);
+ if (!(ifp->if_flags & IFF_MULTICAST)) {
+ error = EADDRNOTAVAIL;
+ ifnet_lock_done(ifp);
+ goto cleanup;
+ }
+
+ /* If the address is already present, return a new reference to it */
+ error = if_addmulti_doesexist(ifp, sa, retifma, anon);
+ ifnet_lock_done(ifp);
+ if (error == 0) {
+ goto cleanup;
+ }
+
+ /*
+ * The address isn't already present; give the link layer a chance
+ * to accept/reject it, and also find out which AF_LINK address this
+ * maps to, if it isn't one already.
+ */
+ error = dlil_resolve_multi(ifp, sa, (struct sockaddr *)&storage,
+ sizeof(storage));
+ if (error == 0 && storage.ss_len != 0) {
+ llsa = copy_and_normalize((struct sockaddr *)&storage);
+ if (llsa == NULL) {
+ error = ENOMEM;
+ goto cleanup;
+ }
+
+ llifma = ifma_alloc(M_WAITOK);
+ if (llifma == NULL) {
+ error = ENOMEM;
+ goto cleanup;
+ }
+ }
+
+ /* to be similar to FreeBSD */
+ if (error == EOPNOTSUPP) {
+ error = 0;
+ } else if (error != 0) {
+ goto cleanup;
+ }
+
+ /* Allocate while we aren't holding any locks */
+ if (dupsa == NULL) {
+ dupsa = copy_and_normalize(sa);
+ if (dupsa == NULL) {
+ error = ENOMEM;
+ goto cleanup;
+ }
+ }
+ ifma = ifma_alloc(M_WAITOK);
+ if (ifma == NULL) {
+ error = ENOMEM;
+ goto cleanup;
+ }
+
+ ifnet_lock_exclusive(ifp);
+ /*
+ * Check again for the matching multicast.
+ */
+ error = if_addmulti_doesexist(ifp, sa, retifma, anon);
+ if (error == 0) {
+ ifnet_lock_done(ifp);
+ goto cleanup;
+ }
+
+ if (llifma != NULL) {
+ VERIFY(!anon); /* must not get here if "anonymous" */
+ if (if_addmulti_doesexist(ifp, llsa, &ifma->ifma_ll, 0) == 0) {
+ FREE(llsa, M_IFADDR);
+ llsa = NULL;
+ ifma_free(llifma);
+ llifma = NULL;
+ VERIFY(ifma->ifma_ll->ifma_ifp == ifp);
+ } else {
+ ll_firstref = 1;
+ llifma->ifma_addr = llsa;
+ llifma->ifma_ifp = ifp;
+ IFMA_LOCK(llifma);
+ if_attach_ifma(ifp, llifma, 0);
+ /* add extra refcnt for ifma */
+ IFMA_ADDREF_LOCKED(llifma);
+ IFMA_UNLOCK(llifma);
+ ifma->ifma_ll = llifma;
+ }
+ }
+
+ /* "anonymous" request should not result in network address */
+ VERIFY(!anon || ifma->ifma_ll == NULL);
+
+ ifma->ifma_addr = dupsa;
+ ifma->ifma_ifp = ifp;
+ IFMA_LOCK(ifma);
+ if_attach_ifma(ifp, ifma, anon);
+ IFMA_ADDREF_LOCKED(ifma); /* for this routine */
+ if (retifma != NULL) {
+ *retifma = ifma;
+ IFMA_ADDREF_LOCKED(*retifma); /* for caller */
+ }
+ lladdr = (ifma->ifma_addr->sa_family == AF_UNSPEC ||
+ ifma->ifma_addr->sa_family == AF_LINK);
+ IFMA_UNLOCK(ifma);
+ ifnet_lock_done(ifp);
+
+ rt_newmaddrmsg(RTM_NEWMADDR, ifma);
+ IFMA_REMREF(ifma); /* for this routine */
+
+ /*
+ * We are certain we have added something, so call down to the
+ * interface to let them know about it. Do this only for newly-
+ * added AF_LINK/AF_UNSPEC address in the if_multiaddrs set.
+ */
+ if (lladdr || ll_firstref) {
+ (void) ifnet_ioctl(ifp, 0, SIOCADDMULTI, NULL);
+ }
+
+ if (ifp->if_updatemcasts > 0) {
+ ifp->if_updatemcasts = 0;
+ }
+
+ return 0;
+
+cleanup:
+ if (ifma != NULL) {
+ ifma_free(ifma);
+ }
+ if (dupsa != NULL) {
+ FREE(dupsa, M_IFADDR);
+ }
+ if (llifma != NULL) {
+ ifma_free(llifma);
+ }
+ if (llsa != NULL) {
+ FREE(llsa, M_IFADDR);
+ }
+
+ return error;
+}
+
+/*
+ * Delete a multicast group membership by network-layer group address.
+ * This routine is deprecated.
+ */
+int
+if_delmulti(struct ifnet *ifp, const struct sockaddr *sa)
+{
+ return if_delmulti_common(NULL, ifp, sa, 0);
+}
+
+/*
+ * Delete a multicast group membership by group membership pointer.
+ * Network-layer protocol domains must use this routine.
+ */
+int
+if_delmulti_ifma(struct ifmultiaddr *ifma)
+{
+ return if_delmulti_common(ifma, NULL, NULL, 0);
+}
+
+/*
+ * Anything other than network-layer protocol domains which hold references
+ * to the underlying link-layer record must use this routine: SIOCDELMULTI
+ * ioctl, ifnet_remove_multicast(), if_bond.
+ */
+int
+if_delmulti_anon(struct ifnet *ifp, const struct sockaddr *sa)
+{
+ return if_delmulti_common(NULL, ifp, sa, 1);
+}
+
+/*
+ * Delete a multicast group membership by network-layer group address.
+ *
+ * Returns ENOENT if the entry could not be found.
+ */
+static int
+if_delmulti_common(struct ifmultiaddr *ifma, struct ifnet *ifp,
+ const struct sockaddr *sa, int anon)
+{
+ struct sockaddr *dupsa = NULL;
+ int lastref, ll_lastref = 0, lladdr;
+ struct ifmultiaddr *ll = NULL;
+
+ /* sanity check for callers */
+ VERIFY(ifma != NULL || (ifp != NULL && sa != NULL));
+
+ if (ifma != NULL) {
+ ifp = ifma->ifma_ifp;
+ }
+
+ if (sa != NULL &&
+ (sa->sa_family == AF_LINK || sa->sa_family == AF_UNSPEC)) {
+ dupsa = copy_and_normalize(sa);
+ if (dupsa == NULL) {
+ return ENOMEM;
+ }
+ sa = dupsa;
+ }
+
+ ifnet_lock_exclusive(ifp);
+ if (ifma == NULL) {
+ for (ifma = LIST_FIRST(&ifp->if_multiaddrs); ifma != NULL;
+ ifma = LIST_NEXT(ifma, ifma_link)) {
+ IFMA_LOCK(ifma);
+ if (!ifa_equal(sa, ifma->ifma_addr) ||
+ (anon && !(ifma->ifma_flags & IFMAF_ANONYMOUS))) {
+ VERIFY(!(ifma->ifma_flags & IFMAF_ANONYMOUS) ||
+ ifma->ifma_anoncnt != 0);
+ IFMA_UNLOCK(ifma);
+ continue;
+ }
+ /* found; keep it locked */
+ break;
+ }
+ if (ifma == NULL) {
+ if (dupsa != NULL) {
+ FREE(dupsa, M_IFADDR);
+ }
+ ifnet_lock_done(ifp);
+ return ENOENT;
+ }
+ } else {
+ IFMA_LOCK(ifma);
+ }
+ IFMA_LOCK_ASSERT_HELD(ifma);
+ IFMA_ADDREF_LOCKED(ifma); /* for this routine */
+ lastref = if_detach_ifma(ifp, ifma, anon);
+ VERIFY(!lastref || (!(ifma->ifma_debug & IFD_ATTACHED) &&
+ ifma->ifma_reqcnt == 0));
+ VERIFY(!anon || ifma->ifma_ll == NULL);
+ ll = ifma->ifma_ll;
+ lladdr = (ifma->ifma_addr->sa_family == AF_UNSPEC ||
+ ifma->ifma_addr->sa_family == AF_LINK);
+ IFMA_UNLOCK(ifma);
+ if (lastref && ll != NULL) {
+ IFMA_LOCK(ll);
+ ll_lastref = if_detach_ifma(ifp, ll, 0);
+ IFMA_UNLOCK(ll);
+ }
+ ifnet_lock_done(ifp);
+
+ if (lastref) {
+ rt_newmaddrmsg(RTM_DELMADDR, ifma);
+ }
+
+ if ((ll == NULL && lastref && lladdr) || ll_lastref) {
+ /*
+ * Make sure the interface driver is notified in the
+ * case of a link layer mcast group being left. Do
+ * this only for a AF_LINK/AF_UNSPEC address that has
+ * been removed from the if_multiaddrs set.
+ */
+ ifnet_ioctl(ifp, 0, SIOCDELMULTI, NULL);
+ }
+
+ if (lastref) {
+ IFMA_REMREF(ifma); /* for if_multiaddrs list */
+ }
+ if (ll_lastref) {
+ IFMA_REMREF(ll); /* for if_multiaddrs list */
+ }
+ IFMA_REMREF(ifma); /* for this routine */
+ if (dupsa != NULL) {
+ FREE(dupsa, M_IFADDR);
+ }
+
+ return 0;
+}
+
+/*
+ * Shutdown all network activity. Used boot() when halting
+ * system.
+ */
+int
+if_down_all(void)
+{
+ struct ifnet **ifp;
+ u_int32_t count;
+ u_int32_t i;
+
+ if (ifnet_list_get_all(IFNET_FAMILY_ANY, &ifp, &count) == 0) {
+ for (i = 0; i < count; i++) {
+ if_down(ifp[i]);
+ dlil_proto_unplumb_all(ifp[i]);
+ }
+ ifnet_list_free(ifp);
+ }
+
+ return 0;
+}
+
+/*
+ * Delete Routes for a Network Interface
+ *
+ * Called for each routing entry via the rnh->rnh_walktree() call above
+ * to delete all route entries referencing a detaching network interface.
+ *
+ * Arguments:
+ * rn pointer to node in the routing table
+ * arg argument passed to rnh->rnh_walktree() - detaching interface
+ *
+ * Returns:
+ * 0 successful
+ * errno failed - reason indicated
+ *
+ */
+static int
+if_rtdel(struct radix_node *rn, void *arg)
+{
+ struct rtentry *rt = (struct rtentry *)rn;
+ struct ifnet *ifp = arg;
+ int err;
projects / apple / xnu.git / blobdiff