X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/39236c6e673c41db228275375ab7fdb0f837b292..cb3231590a3c94ab4375e2228bd5e86b0cf1ad7e:/bsd/netinet/in.c

diff --git a/bsd/netinet/in.c b/bsd/netinet/in.c
index 6229060c5..f51b22b4e 100644
--- a/bsd/netinet/in.c
+++ b/bsd/netinet/in.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000-2013 Apple Inc. All rights reserved.
+ * Copyright (c) 2000-2019 Apple Inc. All rights reserved.
  *
  * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
  *
@@ -77,12 +77,15 @@
 
 #include <kern/zalloc.h>
 #include <pexpert/pexpert.h>
+#include <os/log.h>
 
 #include <net/if.h>
 #include <net/if_types.h>
 #include <net/route.h>
 #include <net/kpi_protocol.h>
 #include <net/dlil.h>
+#include <net/if_llatbl.h>
+#include <net/if_arp.h>
 #if PF
 #include <net/pfvar.h>
 #endif /* PF */
@@ -95,6 +98,7 @@
 #include <netinet/tcp.h>
 #include <netinet/tcp_timer.h>
 #include <netinet/tcp_var.h>
+#include <netinet/if_ether.h>
 
 static int inctl_associd(struct socket *, u_long, caddr_t);
 static int inctl_connid(struct socket *, u_long, caddr_t);
@@ -104,7 +108,6 @@ static int inctl_arpipll(struct ifnet *, struct ifreq *);
 static int inctl_setrouter(struct ifnet *, struct ifreq *);
 static int inctl_ifaddr(struct ifnet *, struct in_ifaddr *, u_long,
     struct ifreq *);
-static int inctl_lifaddr(struct ifnet *, u_long, struct if_laddrreq *);
 static int inctl_ifdstaddr(struct ifnet *, struct in_ifaddr *, u_long,
     struct ifreq *);
 static int inctl_ifbrdaddr(struct ifnet *, struct in_ifaddr *, u_long,
@@ -112,19 +115,17 @@ static int inctl_ifbrdaddr(struct ifnet *, struct in_ifaddr *, u_long,
 static int inctl_ifnetmask(struct ifnet *, struct in_ifaddr *, u_long,
     struct ifreq *);
 
-static int in_mask2len(struct in_addr *);
-static void in_len2mask(struct in_addr *, int);
 static void in_socktrim(struct sockaddr_in *);
 static int in_ifinit(struct ifnet *, struct in_ifaddr *,
     struct sockaddr_in *, int);
 
-#define	IA_HASH_INIT(ia) {					\
-	(ia)->ia_hash.tqe_next = (void *)(uintptr_t)-1;		\
-	(ia)->ia_hash.tqe_prev = (void *)(uintptr_t)-1;		\
+#define IA_HASH_INIT(ia) {                                      \
+	(ia)->ia_hash.tqe_next = (void *)(uintptr_t)-1;         \
+	(ia)->ia_hash.tqe_prev = (void *)(uintptr_t)-1;         \
 }
 
-#define	IA_IS_HASHED(ia)					\
-	(!((ia)->ia_hash.tqe_next == (void *)(uintptr_t)-1 ||	\
+#define IA_IS_HASHED(ia)                                        \
+	(!((ia)->ia_hash.tqe_next == (void *)(uintptr_t)-1 ||   \
 	(ia)->ia_hash.tqe_prev == (void *)(uintptr_t)-1))
 
 static void in_iahash_remove(struct in_ifaddr *);
@@ -137,38 +138,53 @@ static void in_ifaddr_free(struct ifaddr *);
 static void in_ifaddr_trace(struct ifaddr *, int);
 
 static int in_getassocids(struct socket *, uint32_t *, user_addr_t);
-static int in_getconnids(struct socket *, associd_t, uint32_t *, user_addr_t);
-static int in_getconninfo(struct socket *, connid_t, uint32_t *,
-    uint32_t *, int32_t *, user_addr_t, socklen_t *, user_addr_t, socklen_t *,
-    uint32_t *, user_addr_t, uint32_t *);
+static int in_getconnids(struct socket *, sae_associd_t, uint32_t *, user_addr_t);
+
+/* IPv4 Layer 2 neighbor cache management routines */
+static void in_lltable_destroy_lle_unlocked(struct llentry *lle);
+static void in_lltable_destroy_lle(struct llentry *lle);
+static struct llentry *in_lltable_new(struct in_addr addr4, u_int flags);
+static int in_lltable_match_prefix(const struct sockaddr *saddr,
+    const struct sockaddr *smask, u_int flags, struct llentry *lle);
+static void in_lltable_free_entry(struct lltable *llt, struct llentry *lle);
+static int in_lltable_rtcheck(struct ifnet *ifp, u_int flags, const struct sockaddr *l3addr);
+static inline uint32_t in_lltable_hash_dst(const struct in_addr dst, uint32_t hsize);
+static uint32_t in_lltable_hash(const struct llentry *lle, uint32_t hsize);
+static void in_lltable_fill_sa_entry(const struct llentry *lle, struct sockaddr *sa);
+static inline struct llentry * in_lltable_find_dst(struct lltable *llt, struct in_addr dst);
+static void in_lltable_delete_entry(struct lltable *llt, struct llentry *lle);
+static struct llentry * in_lltable_alloc(struct lltable *llt, u_int flags, const struct sockaddr *l3addr);
+static struct llentry * in_lltable_lookup(struct lltable *llt, u_int flags, const struct sockaddr *l3addr);
+static int in_lltable_dump_entry(struct lltable *llt, struct llentry *lle, struct sysctl_req *wr);
+static struct lltable * in_lltattach(struct ifnet *ifp);
 
 static int subnetsarelocal = 0;
 SYSCTL_INT(_net_inet_ip, OID_AUTO, subnets_are_local,
-	CTLFLAG_RW | CTLFLAG_LOCKED, &subnetsarelocal, 0, "");
+    CTLFLAG_RW | CTLFLAG_LOCKED, &subnetsarelocal, 0, "");
 
 /* Track whether or not the SIOCARPIPLL ioctl has been called */
 u_int32_t ipv4_ll_arp_aware = 0;
 
-#define	INIFA_TRACE_HIST_SIZE	32	/* size of trace history */
+#define INIFA_TRACE_HIST_SIZE   32      /* size of trace history */
 
 /* For gdb */
 __private_extern__ unsigned int inifa_trace_hist_size = INIFA_TRACE_HIST_SIZE;
 
 struct in_ifaddr_dbg {
-	struct in_ifaddr	inifa;			/* in_ifaddr */
-	struct in_ifaddr	inifa_old;		/* saved in_ifaddr */
-	u_int16_t		inifa_refhold_cnt;	/* # of IFA_ADDREF */
-	u_int16_t		inifa_refrele_cnt;	/* # of IFA_REMREF */
+	struct in_ifaddr        inifa;                  /* in_ifaddr */
+	struct in_ifaddr        inifa_old;              /* saved in_ifaddr */
+	u_int16_t               inifa_refhold_cnt;      /* # of IFA_ADDREF */
+	u_int16_t               inifa_refrele_cnt;      /* # of IFA_REMREF */
 	/*
 	 * Alloc and free callers.
 	 */
-	ctrace_t		inifa_alloc;
-	ctrace_t		inifa_free;
+	ctrace_t                inifa_alloc;
+	ctrace_t                inifa_free;
 	/*
 	 * Circular lists of IFA_ADDREF and IFA_REMREF callers.
 	 */
-	ctrace_t		inifa_refhold[INIFA_TRACE_HIST_SIZE];
-	ctrace_t		inifa_refrele[INIFA_TRACE_HIST_SIZE];
+	ctrace_t                inifa_refhold[INIFA_TRACE_HIST_SIZE];
+	ctrace_t                inifa_refrele[INIFA_TRACE_HIST_SIZE];
 	/*
 	 * Trash list linkage
 	 */
@@ -180,15 +196,19 @@ static TAILQ_HEAD(, in_ifaddr_dbg) inifa_trash_head;
 static decl_lck_mtx_data(, inifa_trash_lock);
 
 #if DEBUG
-static unsigned int inifa_debug = 1;		/* debugging (enabled) */
+static unsigned int inifa_debug = 1;            /* debugging (enabled) */
 #else
-static unsigned int inifa_debug;		/* debugging (disabled) */
+static unsigned int inifa_debug;                /* debugging (disabled) */
 #endif /* !DEBUG */
-static unsigned int inifa_size;			/* size of zone element */
-static struct zone *inifa_zone;			/* zone for in_ifaddr */
+static unsigned int inifa_size;                 /* size of zone element */
+static struct zone *inifa_zone;                 /* zone for in_ifaddr */
 
-#define	INIFA_ZONE_MAX		64		/* maximum elements in zone */
-#define	INIFA_ZONE_NAME		"in_ifaddr"	/* zone name */
+#define INIFA_ZONE_MAX          64              /* maximum elements in zone */
+#define INIFA_ZONE_NAME         "in_ifaddr"     /* zone name */
+
+static const unsigned int in_extra_size = sizeof(struct in_ifextra);
+static const unsigned int in_extra_bufsize = in_extra_size +
+    sizeof(void *) + sizeof(uint64_t);
 
 /*
  * Return 1 if the address is
@@ -209,32 +229,34 @@ inaddr_local(struct in_addr in)
 		local = 1;
 	} else if (ntohl(in.s_addr) >= INADDR_UNSPEC_GROUP &&
 	    ntohl(in.s_addr) <= INADDR_MAX_LOCAL_GROUP) {
-			local = 1;
+		local = 1;
 	} else {
 		sin.sin_family = AF_INET;
-		sin.sin_len = sizeof (sin);
+		sin.sin_len = sizeof(sin);
 		sin.sin_addr = in;
 		rt = rtalloc1((struct sockaddr *)&sin, 0, 0);
 
 		if (rt != NULL) {
 			RT_LOCK_SPIN(rt);
 			if (rt->rt_gateway->sa_family == AF_LINK ||
-			    (rt->rt_ifp->if_flags & IFF_LOOPBACK))
+			    (rt->rt_ifp->if_flags & IFF_LOOPBACK)) {
 				local = 1;
+			}
 			RT_UNLOCK(rt);
 			rtfree(rt);
 		} else {
 			local = in_localaddr(in);
 		}
 	}
-	return (local);
+	return local;
 }
 
 /*
  * Return 1 if an internet address is for a ``local'' host
  * (one to which we have a connection).  If subnetsarelocal
- * is true, this includes other subnets of the local net.
- * Otherwise, it includes only the directly-connected (sub)nets.
+ * is true, this includes other subnets of the local net,
+ * otherwise, it includes the directly-connected (sub)nets.
+ * The IPv4 link local prefix 169.254/16 is also included.
  */
 int
 in_localaddr(struct in_addr in)
@@ -242,6 +264,10 @@ in_localaddr(struct in_addr in)
 	u_int32_t i = ntohl(in.s_addr);
 	struct in_ifaddr *ia;
 
+	if (IN_LINKLOCAL(i)) {
+		return 1;
+	}
+
 	if (subnetsarelocal) {
 		lck_rw_lock_shared(in_ifaddr_rwlock);
 		for (ia = in_ifaddrhead.tqh_first; ia != NULL;
@@ -250,7 +276,7 @@ in_localaddr(struct in_addr in)
 			if ((i & ia->ia_netmask) == ia->ia_net) {
 				IFA_UNLOCK(&ia->ia_ifa);
 				lck_rw_done(in_ifaddr_rwlock);
-				return (1);
+				return 1;
 			}
 			IFA_UNLOCK(&ia->ia_ifa);
 		}
@@ -263,13 +289,13 @@ in_localaddr(struct in_addr in)
 			if ((i & ia->ia_subnetmask) == ia->ia_subnet) {
 				IFA_UNLOCK(&ia->ia_ifa);
 				lck_rw_done(in_ifaddr_rwlock);
-				return (1);
+				return 1;
 			}
 			IFA_UNLOCK(&ia->ia_ifa);
 		}
 		lck_rw_done(in_ifaddr_rwlock);
 	}
-	return (0);
+	return 0;
 }
 
 /*
@@ -283,14 +309,16 @@ in_canforward(struct in_addr in)
 	u_int32_t i = ntohl(in.s_addr);
 	u_int32_t net;
 
-	if (IN_EXPERIMENTAL(i) || IN_MULTICAST(i))
-		return (FALSE);
+	if (IN_EXPERIMENTAL(i) || IN_MULTICAST(i)) {
+		return FALSE;
+	}
 	if (IN_CLASSA(i)) {
 		net = i & IN_CLASSA_NET;
-		if (net == 0 || net == (IN_LOOPBACKNET << IN_CLASSA_NSHIFT))
-			return (FALSE);
+		if (net == 0 || net == (IN_LOOPBACKNET << IN_CLASSA_NSHIFT)) {
+			return FALSE;
+		}
 	}
-	return (TRUE);
+	return TRUE;
 }
 
 /*
@@ -303,49 +331,15 @@ in_socktrim(struct sockaddr_in *ap)
 	char *cp = (char *)(&ap->sin_addr + 1);
 
 	ap->sin_len = 0;
-	while (--cp >= cplim)
+	while (--cp >= cplim) {
 		if (*cp) {
 			(ap)->sin_len = cp - (char *)(ap) + 1;
 			break;
 		}
-}
-
-static int
-in_mask2len(struct in_addr *mask)
-{
-	size_t x, y;
-	u_char *p;
-
-	p = (u_char *)mask;
-	for (x = 0; x < sizeof (*mask); x++) {
-		if (p[x] != 0xff)
-			break;
 	}
-	y = 0;
-	if (x < sizeof (*mask)) {
-		for (y = 0; y < 8; y++) {
-			if ((p[x] & (0x80 >> y)) == 0)
-				break;
-		}
-	}
-	return (x * 8 + y);
-}
-
-static void
-in_len2mask(struct in_addr *mask, int len)
-{
-	int i;
-	u_char *p;
-
-	p = (u_char *)mask;
-	bzero(mask, sizeof(*mask));
-	for (i = 0; i < len / 8; i++)
-		p[i] = 0xff;
-	if (len % 8)
-		p[i] = (0xff00 >> (len % 8)) & 0xff;
 }
 
-static int in_interfaces;	/* number of external internet interfaces */
+static int in_interfaces;       /* number of external internet interfaces */
 
 static int
 in_domifattach(struct ifnet *ifp)
@@ -354,11 +348,49 @@ in_domifattach(struct ifnet *ifp)
 
 	VERIFY(ifp != NULL);
 
-	if ((error = proto_plumb(PF_INET, ifp)) && error != EEXIST)
+	if ((error = proto_plumb(PF_INET, ifp)) && error != EEXIST) {
 		log(LOG_ERR, "%s: proto_plumb returned %d if=%s\n",
 		    __func__, error, if_name(ifp));
+	} else if (error == 0 && ifp->if_inetdata == NULL) {
+		void **pbuf, *base;
+		struct in_ifextra *ext;
+		int errorx;
+
+		if ((ext = (struct in_ifextra *)_MALLOC(in_extra_bufsize,
+		    M_IFADDR, M_WAITOK | M_ZERO)) == NULL) {
+			error = ENOMEM;
+			errorx = proto_unplumb(PF_INET, ifp);
+			if (errorx != 0) {
+				log(LOG_ERR,
+				    "%s: proto_unplumb returned %d if=%s%d\n",
+				    __func__, errorx, ifp->if_name,
+				    ifp->if_unit);
+			}
+			goto done;
+		}
 
-	return (error);
+		/* Align on 64-bit boundary */
+		base = (void *)P2ROUNDUP((intptr_t)ext + sizeof(uint64_t),
+		    sizeof(uint64_t));
+		VERIFY(((intptr_t)base + in_extra_size) <=
+		    ((intptr_t)ext + in_extra_bufsize));
+		pbuf = (void **)((intptr_t)base - sizeof(void *));
+		*pbuf = ext;
+		ifp->if_inetdata = base;
+		IN_IFEXTRA(ifp)->ii_llt = in_lltattach(ifp);
+		VERIFY(IS_P2ALIGNED(ifp->if_inetdata, sizeof(uint64_t)));
+	}
+done:
+	if (error == 0 && ifp->if_inetdata != NULL) {
+		/*
+		 * Since the structure is never freed, we need to
+		 * zero out its contents to avoid reusing stale data.
+		 * A little redundant with allocation above, but it
+		 * keeps the code simpler for all cases.
+		 */
+		bzero(ifp->if_inetdata, in_extra_size);
+	}
+	return error;
 }
 
 static __attribute__((noinline)) int
@@ -373,18 +405,20 @@ inctl_associd(struct socket *so, u_long cmd, caddr_t data)
 	VERIFY(so != NULL);
 
 	switch (cmd) {
-	case SIOCGASSOCIDS32:		/* struct so_aidreq32 */
-		bcopy(data, &u.a32, sizeof (u.a32));
+	case SIOCGASSOCIDS32:           /* struct so_aidreq32 */
+		bcopy(data, &u.a32, sizeof(u.a32));
 		error = in_getassocids(so, &u.a32.sar_cnt, u.a32.sar_aidp);
-		if (error == 0)
-			bcopy(&u.a32, data, sizeof (u.a32));
+		if (error == 0) {
+			bcopy(&u.a32, data, sizeof(u.a32));
+		}
 		break;
 
-	case SIOCGASSOCIDS64:		/* struct so_aidreq64 */
-		bcopy(data, &u.a64, sizeof (u.a64));
+	case SIOCGASSOCIDS64:           /* struct so_aidreq64 */
+		bcopy(data, &u.a64, sizeof(u.a64));
 		error = in_getassocids(so, &u.a64.sar_cnt, u.a64.sar_aidp);
-		if (error == 0)
-			bcopy(&u.a64, data, sizeof (u.a64));
+		if (error == 0) {
+			bcopy(&u.a64, data, sizeof(u.a64));
+		}
 		break;
 
 	default:
@@ -392,7 +426,7 @@ inctl_associd(struct socket *so, u_long cmd, caddr_t data)
 		/* NOTREACHED */
 	}
 
-	return (error);
+	return error;
 }
 
 static __attribute__((noinline)) int
@@ -407,20 +441,22 @@ inctl_connid(struct socket *so, u_long cmd, caddr_t data)
 	VERIFY(so != NULL);
 
 	switch (cmd) {
-	case SIOCGCONNIDS32:		/* struct so_cidreq32 */
-		bcopy(data, &u.c32, sizeof (u.c32));
+	case SIOCGCONNIDS32:            /* struct so_cidreq32 */
+		bcopy(data, &u.c32, sizeof(u.c32));
 		error = in_getconnids(so, u.c32.scr_aid, &u.c32.scr_cnt,
 		    u.c32.scr_cidp);
-		if (error == 0)
-			bcopy(&u.c32, data, sizeof (u.c32));
+		if (error == 0) {
+			bcopy(&u.c32, data, sizeof(u.c32));
+		}
 		break;
 
-	case SIOCGCONNIDS64:		/* struct so_cidreq64 */
-		bcopy(data, &u.c64, sizeof (u.c64));
+	case SIOCGCONNIDS64:            /* struct so_cidreq64 */
+		bcopy(data, &u.c64, sizeof(u.c64));
 		error = in_getconnids(so, u.c64.scr_aid, &u.c64.scr_cnt,
 		    u.c64.scr_cidp);
-		if (error == 0)
-			bcopy(&u.c64, data, sizeof (u.c64));
+		if (error == 0) {
+			bcopy(&u.c64, data, sizeof(u.c64));
+		}
 		break;
 
 	default:
@@ -428,7 +464,7 @@ inctl_connid(struct socket *so, u_long cmd, caddr_t data)
 		/* NOTREACHED */
 	}
 
-	return (error);
+	return error;
 }
 
 static __attribute__((noinline)) int
@@ -443,26 +479,28 @@ inctl_conninfo(struct socket *so, u_long cmd, caddr_t data)
 	VERIFY(so != NULL);
 
 	switch (cmd) {
-	case SIOCGCONNINFO32:		/* struct so_cinforeq32 */
-		bcopy(data, &u.ci32, sizeof (u.ci32));
+	case SIOCGCONNINFO32:           /* struct so_cinforeq32 */
+		bcopy(data, &u.ci32, sizeof(u.ci32));
 		error = in_getconninfo(so, u.ci32.scir_cid, &u.ci32.scir_flags,
 		    &u.ci32.scir_ifindex, &u.ci32.scir_error, u.ci32.scir_src,
 		    &u.ci32.scir_src_len, u.ci32.scir_dst, &u.ci32.scir_dst_len,
 		    &u.ci32.scir_aux_type, u.ci32.scir_aux_data,
 		    &u.ci32.scir_aux_len);
-		if (error == 0)
-			bcopy(&u.ci32, data, sizeof (u.ci32));
+		if (error == 0) {
+			bcopy(&u.ci32, data, sizeof(u.ci32));
+		}
 		break;
 
-	case SIOCGCONNINFO64:		/* struct so_cinforeq64 */
-		bcopy(data, &u.ci64, sizeof (u.ci64));
+	case SIOCGCONNINFO64:           /* struct so_cinforeq64 */
+		bcopy(data, &u.ci64, sizeof(u.ci64));
 		error = in_getconninfo(so, u.ci64.scir_cid, &u.ci64.scir_flags,
 		    &u.ci64.scir_ifindex, &u.ci64.scir_error, u.ci64.scir_src,
 		    &u.ci64.scir_src_len, u.ci64.scir_dst, &u.ci64.scir_dst_len,
 		    &u.ci64.scir_aux_type, u.ci64.scir_aux_data,
 		    &u.ci64.scir_aux_len);
-		if (error == 0)
-			bcopy(&u.ci64, data, sizeof (u.ci64));
+		if (error == 0) {
+			bcopy(&u.ci64, data, sizeof(u.ci64));
+		}
 		break;
 
 	default:
@@ -470,7 +508,7 @@ inctl_conninfo(struct socket *so, u_long cmd, caddr_t data)
 		/* NOTREACHED */
 	}
 
-	return (error);
+	return error;
 }
 
 /*
@@ -485,7 +523,7 @@ inctl_autoaddr(struct ifnet *ifp, struct ifreq *ifr)
 
 	VERIFY(ifp != NULL);
 
-	bcopy(&ifr->ifr_intval, &intval, sizeof (intval));
+	bcopy(&ifr->ifr_intval, &intval, sizeof(intval));
 
 	ifnet_lock_exclusive(ifp);
 	if (intval) {
@@ -496,17 +534,18 @@ inctl_autoaddr(struct ifnet *ifp, struct ifreq *ifr)
 		 * being set in that mode.
 		 */
 		if (ifp->if_eflags & IFEF_IPV4_ROUTER) {
-			intval = 0;	/* be safe; clear flag if set */
+			intval = 0;     /* be safe; clear flag if set */
 			error = EBUSY;
 		} else {
 			ifp->if_eflags |= IFEF_AUTOCONFIGURING;
 		}
 	}
-	if (!intval)
+	if (!intval) {
 		ifp->if_eflags &= ~IFEF_AUTOCONFIGURING;
+	}
 	ifnet_lock_done(ifp);
 
-	return (error);
+	return error;
 }
 
 /*
@@ -521,7 +560,7 @@ inctl_arpipll(struct ifnet *ifp, struct ifreq *ifr)
 
 	VERIFY(ifp != NULL);
 
-	bcopy(&ifr->ifr_intval, &intval, sizeof (intval));
+	bcopy(&ifr->ifr_intval, &intval, sizeof(intval));
 	ipv4_ll_arp_aware = 1;
 
 	ifnet_lock_exclusive(ifp);
@@ -533,17 +572,18 @@ inctl_arpipll(struct ifnet *ifp, struct ifreq *ifr)
 		 * prevent SIOCARPIPLL from being set in that mode.
 		 */
 		if (ifp->if_eflags & IFEF_IPV4_ROUTER) {
-			intval = 0;	/* be safe; clear flag if set */
+			intval = 0;     /* be safe; clear flag if set */
 			error = EBUSY;
 		} else {
 			ifp->if_eflags |= IFEF_ARPLL;
 		}
 	}
-	if (!intval)
+	if (!intval) {
 		ifp->if_eflags &= ~IFEF_ARPLL;
+	}
 	ifnet_lock_done(ifp);
 
-	return (error);
+	return error;
 }
 
 /*
@@ -566,10 +606,11 @@ inctl_setrouter(struct ifnet *ifp, struct ifreq *ifr)
 	VERIFY(ifp != NULL);
 
 	/* Router mode isn't valid for loopback */
-	if (ifp->if_flags & IFF_LOOPBACK)
-		return (ENODEV);
+	if (ifp->if_flags & IFF_LOOPBACK) {
+		return ENODEV;
+	}
 
-	bcopy(&ifr->ifr_intval, &intval, sizeof (intval));
+	bcopy(&ifr->ifr_intval, &intval, sizeof(intval));
 
 	ifnet_lock_exclusive(ifp);
 	if (intval) {
@@ -583,7 +624,7 @@ inctl_setrouter(struct ifnet *ifp, struct ifreq *ifr)
 	/* purge all IPv4 addresses configured on this interface */
 	in_purgeaddrs(ifp);
 
-	return (error);
+	return error;
 }
 
 /*
@@ -603,23 +644,23 @@ inctl_ifaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
 
 	VERIFY(ifp != NULL);
 
-	bzero(&in_event_data, sizeof (struct kev_in_data));
-	bzero(&ev_msg, sizeof (struct kev_msg));
+	bzero(&in_event_data, sizeof(struct kev_in_data));
+	bzero(&ev_msg, sizeof(struct kev_msg));
 
 	switch (cmd) {
-	case SIOCGIFADDR:		/* struct ifreq */
+	case SIOCGIFADDR:               /* struct ifreq */
 		if (ia == NULL) {
 			error = EADDRNOTAVAIL;
 			break;
 		}
 		IFA_LOCK(&ia->ia_ifa);
-		bcopy(&ia->ia_addr, &ifr->ifr_addr, sizeof (addr));
+		bcopy(&ia->ia_addr, &ifr->ifr_addr, sizeof(addr));
 		IFA_UNLOCK(&ia->ia_ifa);
 		break;
 
-	case SIOCSIFADDR:		/* struct ifreq */
+	case SIOCSIFADDR:               /* struct ifreq */
 		VERIFY(ia != NULL);
-		bcopy(&ifr->ifr_addr, &addr, sizeof (addr));
+		bcopy(&ifr->ifr_addr, &addr, sizeof(addr));
 		/*
 		 * If this is a new address, the reference count for the
 		 * hash table has been taken at creation time above.
@@ -630,15 +671,15 @@ inctl_ifaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
 		}
 		break;
 
-	case SIOCAIFADDR: {		/* struct {if,in_}aliasreq */
+	case SIOCAIFADDR: {             /* struct {if,in_}aliasreq */
 		struct in_aliasreq *ifra = (struct in_aliasreq *)ifr;
 		struct sockaddr_in broadaddr, mask;
 		int hostIsNew, maskIsNew;
 
 		VERIFY(ia != NULL);
-		bcopy(&ifra->ifra_addr, &addr, sizeof (addr));
-		bcopy(&ifra->ifra_broadaddr, &broadaddr, sizeof (broadaddr));
-		bcopy(&ifra->ifra_mask, &mask, sizeof (mask));
+		bcopy(&ifra->ifra_addr, &addr, sizeof(addr));
+		bcopy(&ifra->ifra_broadaddr, &broadaddr, sizeof(broadaddr));
+		bcopy(&ifra->ifra_mask, &mask, sizeof(mask));
 
 		maskIsNew = 0;
 		hostIsNew = 1;
@@ -669,7 +710,7 @@ inctl_ifaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
 			in_ifscrub(ifp, ia, 0);
 			IFA_LOCK(&ia->ia_ifa);
 			ia->ia_dstaddr = broadaddr;
-			ia->ia_dstaddr.sin_len = sizeof (struct sockaddr_in);
+			ia->ia_dstaddr.sin_len = sizeof(struct sockaddr_in);
 			maskIsNew  = 1; /* We lie; but the effect's the same */
 		}
 		if (addr.sin_family == AF_INET && (hostIsNew || maskIsNew)) {
@@ -683,21 +724,23 @@ inctl_ifaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
 		}
 		IFA_LOCK(&ia->ia_ifa);
 		if ((ifp->if_flags & IFF_BROADCAST) &&
-		    (broadaddr.sin_family == AF_INET))
+		    (broadaddr.sin_family == AF_INET)) {
 			ia->ia_broadaddr = broadaddr;
+		}
 
 		/*
 		 * Report event.
 		 */
 		if ((error == 0) || (error == EEXIST)) {
-			ev_msg.vendor_code	= KEV_VENDOR_APPLE;
-			ev_msg.kev_class	= KEV_NETWORK_CLASS;
-			ev_msg.kev_subclass	= KEV_INET_SUBCLASS;
+			ev_msg.vendor_code      = KEV_VENDOR_APPLE;
+			ev_msg.kev_class        = KEV_NETWORK_CLASS;
+			ev_msg.kev_subclass     = KEV_INET_SUBCLASS;
 
-			if (hostIsNew)
+			if (hostIsNew) {
 				ev_msg.event_code = KEV_INET_NEW_ADDR;
-			else
+			} else {
 				ev_msg.event_code = KEV_INET_CHANGED_ADDR;
+			}
 
 			if (ia->ia_ifa.ifa_dstaddr) {
 				in_event_data.ia_dstaddr =
@@ -706,43 +749,45 @@ inctl_ifaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
 			} else {
 				in_event_data.ia_dstaddr.s_addr = INADDR_ANY;
 			}
-			in_event_data.ia_addr		= ia->ia_addr.sin_addr;
-			in_event_data.ia_net		= ia->ia_net;
-			in_event_data.ia_netmask	= ia->ia_netmask;
-			in_event_data.ia_subnet		= ia->ia_subnet;
-			in_event_data.ia_subnetmask	= ia->ia_subnetmask;
-			in_event_data.ia_netbroadcast	= ia->ia_netbroadcast;
+			in_event_data.ia_addr           = ia->ia_addr.sin_addr;
+			in_event_data.ia_net            = ia->ia_net;
+			in_event_data.ia_netmask        = ia->ia_netmask;
+			in_event_data.ia_subnet         = ia->ia_subnet;
+			in_event_data.ia_subnetmask     = ia->ia_subnetmask;
+			in_event_data.ia_netbroadcast   = ia->ia_netbroadcast;
 			IFA_UNLOCK(&ia->ia_ifa);
-			(void) strncpy(&in_event_data.link_data.if_name[0],
+			(void) strlcpy(&in_event_data.link_data.if_name[0],
 			    ifp->if_name, IFNAMSIZ);
 			in_event_data.link_data.if_family = ifp->if_family;
 			in_event_data.link_data.if_unit = ifp->if_unit;
 
-			ev_msg.dv[0].data_ptr	 = &in_event_data;
-			ev_msg.dv[0].data_length = sizeof (struct kev_in_data);
+			ev_msg.dv[0].data_ptr    = &in_event_data;
+			ev_msg.dv[0].data_length = sizeof(struct kev_in_data);
 			ev_msg.dv[1].data_length = 0;
 
-			kev_post_msg(&ev_msg);
+			dlil_post_complete_msg(ifp, &ev_msg);
 		} else {
 			IFA_UNLOCK(&ia->ia_ifa);
 		}
 		break;
 	}
 
-	case SIOCDIFADDR:		/* struct ifreq */
+	case SIOCDIFADDR:               /* struct ifreq */
 		VERIFY(ia != NULL);
 		error = ifnet_ioctl(ifp, PF_INET, SIOCDIFADDR, ia);
-		if (error == EOPNOTSUPP)
+		if (error == EOPNOTSUPP) {
 			error = 0;
-		if (error != 0)
+		}
+		if (error != 0) {
 			break;
+		}
 
 		/* Fill out the kernel event information */
-		ev_msg.vendor_code	= KEV_VENDOR_APPLE;
-		ev_msg.kev_class	= KEV_NETWORK_CLASS;
-		ev_msg.kev_subclass	= KEV_INET_SUBCLASS;
+		ev_msg.vendor_code      = KEV_VENDOR_APPLE;
+		ev_msg.kev_class        = KEV_NETWORK_CLASS;
+		ev_msg.kev_subclass     = KEV_INET_SUBCLASS;
 
-		ev_msg.event_code	= KEV_INET_ADDR_DELETED;
+		ev_msg.event_code       = KEV_INET_ADDR_DELETED;
 
 		IFA_LOCK(&ia->ia_ifa);
 		if (ia->ia_ifa.ifa_dstaddr) {
@@ -751,14 +796,14 @@ inctl_ifaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
 		} else {
 			in_event_data.ia_dstaddr.s_addr = INADDR_ANY;
 		}
-		in_event_data.ia_addr		= ia->ia_addr.sin_addr;
-		in_event_data.ia_net		= ia->ia_net;
-		in_event_data.ia_netmask	= ia->ia_netmask;
-		in_event_data.ia_subnet		= ia->ia_subnet;
-		in_event_data.ia_subnetmask	= ia->ia_subnetmask;
-		in_event_data.ia_netbroadcast	= ia->ia_netbroadcast;
+		in_event_data.ia_addr           = ia->ia_addr.sin_addr;
+		in_event_data.ia_net            = ia->ia_net;
+		in_event_data.ia_netmask        = ia->ia_netmask;
+		in_event_data.ia_subnet         = ia->ia_subnet;
+		in_event_data.ia_subnetmask     = ia->ia_subnetmask;
+		in_event_data.ia_netbroadcast   = ia->ia_netbroadcast;
 		IFA_UNLOCK(&ia->ia_ifa);
-		(void) strncpy(&in_event_data.link_data.if_name[0],
+		(void) strlcpy(&in_event_data.link_data.if_name[0],
 		    ifp->if_name, IFNAMSIZ);
 		in_event_data.link_data.if_family = ifp->if_family;
 		in_event_data.link_data.if_unit  = (u_int32_t)ifp->if_unit;
@@ -773,8 +818,9 @@ inctl_ifaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
 		IFA_REMREF(ifa);
 		TAILQ_REMOVE(&in_ifaddrhead, ia, ia_link);
 		IFA_LOCK(ifa);
-		if (IA_IS_HASHED(ia))
+		if (IA_IS_HASHED(ia)) {
 			in_iahash_remove(ia);
+		}
 		IFA_UNLOCK(ifa);
 		lck_rw_done(in_ifaddr_rwlock);
 
@@ -798,7 +844,6 @@ inctl_ifaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
 		 */
 		if ((ifp->if_flags & IFF_MULTICAST) ||
 		    ifp->if_allhostsinm != NULL) {
-
 			TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
 				IFA_LOCK(ifa);
 				if (ifa->ifa_addr->sa_family == AF_INET) {
@@ -824,7 +869,7 @@ inctl_ifaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
 		}
 
 		/* Post the kernel event */
-		kev_post_msg(&ev_msg);
+		dlil_post_complete_msg(ifp, &ev_msg);
 
 		/*
 		 * See if there is any IPV4 address left and if so,
@@ -839,8 +884,9 @@ inctl_ifaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
 			 * for legacy reasons.
 			 */
 			error = ifnet_ioctl(ifp, PF_INET, SIOCSIFADDR, ifa);
-			if (error == EOPNOTSUPP)
+			if (error == EOPNOTSUPP) {
 				error = 0;
+			}
 
 			/* Release reference from ifa_ifpgetprimary() */
 			IFA_REMREF(ifa);
@@ -853,7 +899,7 @@ inctl_ifaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
 		/* NOTREACHED */
 	}
 
-	return (error);
+	return error;
 }
 
 /*
@@ -872,30 +918,32 @@ inctl_ifdstaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
 
 	VERIFY(ifp != NULL);
 
-	if (!(ifp->if_flags & IFF_POINTOPOINT))
-		return (EINVAL);
+	if (!(ifp->if_flags & IFF_POINTOPOINT)) {
+		return EINVAL;
+	}
 
-	bzero(&in_event_data, sizeof (struct kev_in_data));
-	bzero(&ev_msg, sizeof (struct kev_msg));
+	bzero(&in_event_data, sizeof(struct kev_in_data));
+	bzero(&ev_msg, sizeof(struct kev_msg));
 
 	switch (cmd) {
-	case SIOCGIFDSTADDR:		/* struct ifreq */
+	case SIOCGIFDSTADDR:            /* struct ifreq */
 		if (ia == NULL) {
 			error = EADDRNOTAVAIL;
 			break;
 		}
 		IFA_LOCK(&ia->ia_ifa);
-		bcopy(&ia->ia_dstaddr, &ifr->ifr_dstaddr, sizeof (dstaddr));
+		bcopy(&ia->ia_dstaddr, &ifr->ifr_dstaddr, sizeof(dstaddr));
 		IFA_UNLOCK(&ia->ia_ifa);
 		break;
 
-	case SIOCSIFDSTADDR:		/* struct ifreq */
+	case SIOCSIFDSTADDR:            /* struct ifreq */
 		VERIFY(ia != NULL);
 		IFA_LOCK(&ia->ia_ifa);
 		dstaddr = ia->ia_dstaddr;
-		bcopy(&ifr->ifr_dstaddr, &ia->ia_dstaddr, sizeof (dstaddr));
-		if (ia->ia_dstaddr.sin_family == AF_INET)
-			ia->ia_dstaddr.sin_len = sizeof (struct sockaddr_in);
+		bcopy(&ifr->ifr_dstaddr, &ia->ia_dstaddr, sizeof(dstaddr));
+		if (ia->ia_dstaddr.sin_family == AF_INET) {
+			ia->ia_dstaddr.sin_len = sizeof(struct sockaddr_in);
+		}
 		IFA_UNLOCK(&ia->ia_ifa);
 		/*
 		 * NOTE: SIOCSIFDSTADDR is defined with struct ifreq
@@ -905,8 +953,9 @@ inctl_ifdstaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
 		 */
 		error = ifnet_ioctl(ifp, PF_INET, SIOCSIFDSTADDR, ia);
 		IFA_LOCK(&ia->ia_ifa);
-		if (error == EOPNOTSUPP)
+		if (error == EOPNOTSUPP) {
 			error = 0;
+		}
 		if (error != 0) {
 			ia->ia_dstaddr = dstaddr;
 			IFA_UNLOCK(&ia->ia_ifa);
@@ -914,11 +963,11 @@ inctl_ifdstaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
 		}
 		IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
 
-		ev_msg.vendor_code	= KEV_VENDOR_APPLE;
-		ev_msg.kev_class	= KEV_NETWORK_CLASS;
-		ev_msg.kev_subclass	= KEV_INET_SUBCLASS;
+		ev_msg.vendor_code      = KEV_VENDOR_APPLE;
+		ev_msg.kev_class        = KEV_NETWORK_CLASS;
+		ev_msg.kev_subclass     = KEV_INET_SUBCLASS;
 
-		ev_msg.event_code	= KEV_INET_SIFDSTADDR;
+		ev_msg.event_code       = KEV_INET_SIFDSTADDR;
 
 		if (ia->ia_ifa.ifa_dstaddr) {
 			in_event_data.ia_dstaddr = ((struct sockaddr_in *)
@@ -927,23 +976,23 @@ inctl_ifdstaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
 			in_event_data.ia_dstaddr.s_addr = INADDR_ANY;
 		}
 
-		in_event_data.ia_addr		= ia->ia_addr.sin_addr;
-		in_event_data.ia_net		= ia->ia_net;
-		in_event_data.ia_netmask	= ia->ia_netmask;
-		in_event_data.ia_subnet		= ia->ia_subnet;
-		in_event_data.ia_subnetmask	= ia->ia_subnetmask;
-		in_event_data.ia_netbroadcast	= ia->ia_netbroadcast;
+		in_event_data.ia_addr           = ia->ia_addr.sin_addr;
+		in_event_data.ia_net            = ia->ia_net;
+		in_event_data.ia_netmask        = ia->ia_netmask;
+		in_event_data.ia_subnet         = ia->ia_subnet;
+		in_event_data.ia_subnetmask     = ia->ia_subnetmask;
+		in_event_data.ia_netbroadcast   = ia->ia_netbroadcast;
 		IFA_UNLOCK(&ia->ia_ifa);
-		(void) strncpy(&in_event_data.link_data.if_name[0],
+		(void) strlcpy(&in_event_data.link_data.if_name[0],
 		    ifp->if_name, IFNAMSIZ);
 		in_event_data.link_data.if_family = ifp->if_family;
 		in_event_data.link_data.if_unit  = (u_int32_t)ifp->if_unit;
 
 		ev_msg.dv[0].data_ptr    = &in_event_data;
-		ev_msg.dv[0].data_length = sizeof (struct kev_in_data);
+		ev_msg.dv[0].data_length = sizeof(struct kev_in_data);
 		ev_msg.dv[1].data_length = 0;
 
-		kev_post_msg(&ev_msg);
+		dlil_post_complete_msg(ifp, &ev_msg);
 
 		lck_mtx_lock(rnh_lock);
 		IFA_LOCK(&ia->ia_ifa);
@@ -956,7 +1005,7 @@ inctl_ifdstaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
 			    (struct sockaddr *)&ia->ia_dstaddr;
 			IFA_UNLOCK(&ia->ia_ifa);
 			rtinit_locked(&(ia->ia_ifa), (int)RTM_ADD,
-			    RTF_HOST|RTF_UP);
+			    RTF_HOST | RTF_UP);
 		} else {
 			IFA_UNLOCK(&ia->ia_ifa);
 		}
@@ -970,7 +1019,7 @@ inctl_ifdstaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
 		/* NOTREACHED */
 	}
 
-	return (error);
+	return error;
 }
 
 /*
@@ -988,31 +1037,33 @@ inctl_ifbrdaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
 
 	VERIFY(ifp != NULL);
 
-	if (ia == NULL)
-		return (EADDRNOTAVAIL);
+	if (ia == NULL) {
+		return EADDRNOTAVAIL;
+	}
 
-	if (!(ifp->if_flags & IFF_BROADCAST))
-		return (EINVAL);
+	if (!(ifp->if_flags & IFF_BROADCAST)) {
+		return EINVAL;
+	}
 
-	bzero(&in_event_data, sizeof (struct kev_in_data));
-	bzero(&ev_msg, sizeof (struct kev_msg));
+	bzero(&in_event_data, sizeof(struct kev_in_data));
+	bzero(&ev_msg, sizeof(struct kev_msg));
 
 	switch (cmd) {
-	case SIOCGIFBRDADDR:		/* struct ifreq */
+	case SIOCGIFBRDADDR:            /* struct ifreq */
 		IFA_LOCK(&ia->ia_ifa);
 		bcopy(&ia->ia_broadaddr, &ifr->ifr_broadaddr,
-		    sizeof (struct sockaddr_in));
+		    sizeof(struct sockaddr_in));
 		IFA_UNLOCK(&ia->ia_ifa);
 		break;
 
-	case SIOCSIFBRDADDR:		/* struct ifreq */
+	case SIOCSIFBRDADDR:            /* struct ifreq */
 		IFA_LOCK(&ia->ia_ifa);
 		bcopy(&ifr->ifr_broadaddr, &ia->ia_broadaddr,
-		    sizeof (struct sockaddr_in));
+		    sizeof(struct sockaddr_in));
 
-		ev_msg.vendor_code	= KEV_VENDOR_APPLE;
-		ev_msg.kev_class	= KEV_NETWORK_CLASS;
-		ev_msg.kev_subclass	= KEV_INET_SUBCLASS;
+		ev_msg.vendor_code      = KEV_VENDOR_APPLE;
+		ev_msg.kev_class        = KEV_NETWORK_CLASS;
+		ev_msg.kev_subclass     = KEV_INET_SUBCLASS;
 
 		ev_msg.event_code = KEV_INET_SIFBRDADDR;
 
@@ -1022,23 +1073,23 @@ inctl_ifbrdaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
 		} else {
 			in_event_data.ia_dstaddr.s_addr = INADDR_ANY;
 		}
-		in_event_data.ia_addr		= ia->ia_addr.sin_addr;
-		in_event_data.ia_net		= ia->ia_net;
-		in_event_data.ia_netmask	= ia->ia_netmask;
-		in_event_data.ia_subnet		= ia->ia_subnet;
-		in_event_data.ia_subnetmask	= ia->ia_subnetmask;
-		in_event_data.ia_netbroadcast	= ia->ia_netbroadcast;
+		in_event_data.ia_addr           = ia->ia_addr.sin_addr;
+		in_event_data.ia_net            = ia->ia_net;
+		in_event_data.ia_netmask        = ia->ia_netmask;
+		in_event_data.ia_subnet         = ia->ia_subnet;
+		in_event_data.ia_subnetmask     = ia->ia_subnetmask;
+		in_event_data.ia_netbroadcast   = ia->ia_netbroadcast;
 		IFA_UNLOCK(&ia->ia_ifa);
-		(void) strncpy(&in_event_data.link_data.if_name[0],
+		(void) strlcpy(&in_event_data.link_data.if_name[0],
 		    ifp->if_name, IFNAMSIZ);
 		in_event_data.link_data.if_family = ifp->if_family;
 		in_event_data.link_data.if_unit  = (u_int32_t)ifp->if_unit;
 
 		ev_msg.dv[0].data_ptr    = &in_event_data;
-		ev_msg.dv[0].data_length = sizeof (struct kev_in_data);
+		ev_msg.dv[0].data_length = sizeof(struct kev_in_data);
 		ev_msg.dv[1].data_length = 0;
 
-		kev_post_msg(&ev_msg);
+		dlil_post_complete_msg(ifp, &ev_msg);
 		break;
 
 	default:
@@ -1046,7 +1097,7 @@ inctl_ifbrdaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
 		/* NOTREACHED */
 	}
 
-	return (error);
+	return error;
 }
 
 /*
@@ -1065,32 +1116,32 @@ inctl_ifnetmask(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
 
 	VERIFY(ifp != NULL);
 
-	bzero(&in_event_data, sizeof (struct kev_in_data));
-	bzero(&ev_msg, sizeof (struct kev_msg));
+	bzero(&in_event_data, sizeof(struct kev_in_data));
+	bzero(&ev_msg, sizeof(struct kev_msg));
 
 	switch (cmd) {
-	case SIOCGIFNETMASK:		/* struct ifreq */
+	case SIOCGIFNETMASK:            /* struct ifreq */
 		if (ia == NULL) {
 			error = EADDRNOTAVAIL;
 			break;
 		}
 		IFA_LOCK(&ia->ia_ifa);
-		bcopy(&ia->ia_sockmask, &ifr->ifr_addr, sizeof (mask));
+		bcopy(&ia->ia_sockmask, &ifr->ifr_addr, sizeof(mask));
 		IFA_UNLOCK(&ia->ia_ifa);
 		break;
 
-	case SIOCSIFNETMASK: {		/* struct ifreq */
+	case SIOCSIFNETMASK: {          /* struct ifreq */
 		in_addr_t i;
 
-		bcopy(&ifr->ifr_addr, &mask, sizeof (mask));
+		bcopy(&ifr->ifr_addr, &mask, sizeof(mask));
 		i = mask.sin_addr.s_addr;
 
 		VERIFY(ia != NULL);
 		IFA_LOCK(&ia->ia_ifa);
 		ia->ia_subnetmask = ntohl(ia->ia_sockmask.sin_addr.s_addr = i);
-		ev_msg.vendor_code	= KEV_VENDOR_APPLE;
-		ev_msg.kev_class	= KEV_NETWORK_CLASS;
-		ev_msg.kev_subclass	= KEV_INET_SUBCLASS;
+		ev_msg.vendor_code      = KEV_VENDOR_APPLE;
+		ev_msg.kev_class        = KEV_NETWORK_CLASS;
+		ev_msg.kev_subclass     = KEV_INET_SUBCLASS;
 
 		ev_msg.event_code = KEV_INET_SIFNETMASK;
 
@@ -1100,23 +1151,23 @@ inctl_ifnetmask(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
 		} else {
 			in_event_data.ia_dstaddr.s_addr = INADDR_ANY;
 		}
-		in_event_data.ia_addr		= ia->ia_addr.sin_addr;
-		in_event_data.ia_net		= ia->ia_net;
-		in_event_data.ia_netmask	= ia->ia_netmask;
-		in_event_data.ia_subnet		= ia->ia_subnet;
-		in_event_data.ia_subnetmask	= ia->ia_subnetmask;
-		in_event_data.ia_netbroadcast	= ia->ia_netbroadcast;
+		in_event_data.ia_addr           = ia->ia_addr.sin_addr;
+		in_event_data.ia_net            = ia->ia_net;
+		in_event_data.ia_netmask        = ia->ia_netmask;
+		in_event_data.ia_subnet         = ia->ia_subnet;
+		in_event_data.ia_subnetmask     = ia->ia_subnetmask;
+		in_event_data.ia_netbroadcast   = ia->ia_netbroadcast;
 		IFA_UNLOCK(&ia->ia_ifa);
-		(void) strncpy(&in_event_data.link_data.if_name[0],
+		(void) strlcpy(&in_event_data.link_data.if_name[0],
 		    ifp->if_name, IFNAMSIZ);
 		in_event_data.link_data.if_family = ifp->if_family;
 		in_event_data.link_data.if_unit  = (u_int32_t)ifp->if_unit;
 
 		ev_msg.dv[0].data_ptr    = &in_event_data;
-		ev_msg.dv[0].data_length = sizeof (struct kev_in_data);
+		ev_msg.dv[0].data_length = sizeof(struct kev_in_data);
 		ev_msg.dv[1].data_length = 0;
 
-		kev_post_msg(&ev_msg);
+		dlil_post_complete_msg(ifp, &ev_msg);
 		break;
 	}
 
@@ -1125,7 +1176,7 @@ inctl_ifnetmask(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
 		/* NOTREACHED */
 	}
 
-	return (error);
+	return error;
 }
 
 /*
@@ -1161,19 +1212,19 @@ in_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp,
 	 * ioctls which don't require ifp, but require socket.
 	 */
 	switch (cmd) {
-	case SIOCGASSOCIDS32:		/* struct so_aidreq32 */
-	case SIOCGASSOCIDS64:		/* struct so_aidreq64 */
-		return (inctl_associd(so, cmd, data));
-		/* NOTREACHED */
-
-	case SIOCGCONNIDS32:		/* struct so_cidreq32 */
-	case SIOCGCONNIDS64:		/* struct so_cidreq64 */
-		return (inctl_connid(so, cmd, data));
-		/* NOTREACHED */
-
-	case SIOCGCONNINFO32:		/* struct so_cinforeq32 */
-	case SIOCGCONNINFO64:		/* struct so_cinforeq64 */
-		return (inctl_conninfo(so, cmd, data));
+	case SIOCGASSOCIDS32:           /* struct so_aidreq32 */
+	case SIOCGASSOCIDS64:           /* struct so_aidreq64 */
+		return inctl_associd(so, cmd, data);
+	/* NOTREACHED */
+
+	case SIOCGCONNIDS32:            /* struct so_cidreq32 */
+	case SIOCGCONNIDS64:            /* struct so_cidreq64 */
+		return inctl_connid(so, cmd, data);
+	/* NOTREACHED */
+
+	case SIOCGCONNINFO32:           /* struct so_cinforeq32 */
+	case SIOCGCONNINFO64:           /* struct so_cinforeq64 */
+		return inctl_conninfo(so, cmd, data);
 		/* NOTREACHED */
 	}
 
@@ -1181,40 +1232,46 @@ in_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp,
 	 * The rest of ioctls require ifp; reject if we don't have one;
 	 * return ENXIO to be consistent with ifioctl().
 	 */
-	if (ifp == NULL)
-		return (ENXIO);
+	if (ifp == NULL) {
+		return ENXIO;
+	}
 
 	/*
 	 * ioctls which require ifp but not interface address.
 	 */
 	switch (cmd) {
-	case SIOCAUTOADDR:		/* struct ifreq */
-		if (!privileged)
-			return (EPERM);
-		return (inctl_autoaddr(ifp, ifr));
-		/* NOTREACHED */
+	case SIOCAUTOADDR:              /* struct ifreq */
+		if (!privileged) {
+			return EPERM;
+		}
+		return inctl_autoaddr(ifp, ifr);
+	/* NOTREACHED */
 
-	case SIOCARPIPLL:		/* struct ifreq */
-		if (!privileged)
-			return (EPERM);
-		return (inctl_arpipll(ifp, ifr));
-		/* NOTREACHED */
+	case SIOCARPIPLL:               /* struct ifreq */
+		if (!privileged) {
+			return EPERM;
+		}
+		return inctl_arpipll(ifp, ifr);
+	/* NOTREACHED */
 
-	case SIOCSETROUTERMODE:		/* struct ifreq */
-		if (!privileged)
-			return (EPERM);
-		return (inctl_setrouter(ifp, ifr));
-		/* NOTREACHED */
+	case SIOCSETROUTERMODE:         /* struct ifreq */
+		if (!privileged) {
+			return EPERM;
+		}
+		return inctl_setrouter(ifp, ifr);
+	/* NOTREACHED */
 
-	case SIOCPROTOATTACH:		/* struct ifreq */
-		if (!privileged)
-			return (EPERM);
-		return (in_domifattach(ifp));
-		/* NOTREACHED */
+	case SIOCPROTOATTACH:           /* struct ifreq */
+		if (!privileged) {
+			return EPERM;
+		}
+		return in_domifattach(ifp);
+	/* NOTREACHED */
 
-	case SIOCPROTODETACH:		/* struct ifreq */
-		if (!privileged)
-			return (EPERM);
+	case SIOCPROTODETACH:           /* struct ifreq */
+		if (!privileged) {
+			return EPERM;
+		}
 
 		/*
 		 * If an IPv4 address is still present, refuse to detach.
@@ -1229,50 +1286,37 @@ in_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp,
 			IFA_UNLOCK(ifa);
 		}
 		ifnet_lock_done(ifp);
-		return ((ifa == NULL) ? proto_unplumb(PF_INET, ifp) : EBUSY);
-		/* NOTREACHED */
-
-	case SIOCALIFADDR:		/* struct if_laddrreq */
-	case SIOCDLIFADDR:		/* struct if_laddrreq */
-		if (!privileged)
-			return (EPERM);
-		/* FALLTHRU */
-	case SIOCGLIFADDR: {		/* struct if_laddrreq */
-		struct if_laddrreq iflr;
-
-		bcopy(data, &iflr, sizeof (iflr));
-		error = inctl_lifaddr(ifp, cmd, &iflr);
-		bcopy(&iflr, data, sizeof (iflr));
-		return (error);
+		return (ifa == NULL) ? proto_unplumb(PF_INET, ifp) : EBUSY;
 		/* NOTREACHED */
 	}
-	}
 
 	/*
 	 * ioctls which require interface address; obtain sockaddr_in.
 	 */
 	switch (cmd) {
-	case SIOCAIFADDR:		/* struct {if,in_}aliasreq */
-		if (!privileged)
-			return (EPERM);
+	case SIOCAIFADDR:               /* struct {if,in_}aliasreq */
+		if (!privileged) {
+			return EPERM;
+		}
 		bcopy(&((struct in_aliasreq *)(void *)data)->ifra_addr,
-		    &sin, sizeof (sin));
+		    &sin, sizeof(sin));
 		sa = &sin;
 		break;
 
-	case SIOCDIFADDR:		/* struct ifreq */
-	case SIOCSIFADDR:		/* struct ifreq */
-	case SIOCSIFDSTADDR:		/* struct ifreq */
-	case SIOCSIFNETMASK:		/* struct ifreq */
-	case SIOCSIFBRDADDR:		/* struct ifreq */
-		if (!privileged)
-			return (EPERM);
-		/* FALLTHRU */
-	case SIOCGIFADDR:		/* struct ifreq */
-	case SIOCGIFDSTADDR:		/* struct ifreq */
-	case SIOCGIFNETMASK:		/* struct ifreq */
-	case SIOCGIFBRDADDR:		/* struct ifreq */
-		bcopy(&ifr->ifr_addr, &sin, sizeof (sin));
+	case SIOCDIFADDR:               /* struct ifreq */
+	case SIOCSIFADDR:               /* struct ifreq */
+	case SIOCSIFDSTADDR:            /* struct ifreq */
+	case SIOCSIFNETMASK:            /* struct ifreq */
+	case SIOCSIFBRDADDR:            /* struct ifreq */
+		if (!privileged) {
+			return EPERM;
+		}
+	/* FALLTHRU */
+	case SIOCGIFADDR:               /* struct ifreq */
+	case SIOCGIFDSTADDR:            /* struct ifreq */
+	case SIOCGIFNETMASK:            /* struct ifreq */
+	case SIOCGIFBRDADDR:            /* struct ifreq */
+		bcopy(&ifr->ifr_addr, &sin, sizeof(sin));
 		sa = &sin;
 		break;
 	}
@@ -1300,14 +1344,12 @@ in_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp,
 			    iap->ia_addr.sin_addr.s_addr ==
 			    sa->sin_addr.s_addr) {
 				ia = iap;
+				IFA_ADDREF_LOCKED(&iap->ia_ifa);
 				IFA_UNLOCK(&iap->ia_ifa);
 				break;
 			}
 			IFA_UNLOCK(&iap->ia_ifa);
 		}
-		/* take a reference on ia before releasing lock */
-		if (ia != NULL)
-			IFA_ADDREF(&ia->ia_ifa);
 		lck_rw_done(in_ifaddr_rwlock);
 
 		if (ia == NULL) {
@@ -1317,14 +1359,12 @@ in_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp,
 				IFA_LOCK(&iap->ia_ifa);
 				if (iap->ia_addr.sin_family == AF_INET) {
 					ia = iap;
+					IFA_ADDREF_LOCKED(&iap->ia_ifa);
 					IFA_UNLOCK(&iap->ia_ifa);
 					break;
 				}
 				IFA_UNLOCK(&iap->ia_ifa);
 			}
-			/* take a reference on ia before releasing lock */
-			if (ia != NULL)
-				IFA_ADDREF(&ia->ia_ifa);
 			ifnet_lock_done(ifp);
 		}
 	}
@@ -1340,18 +1380,18 @@ in_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp,
 	}
 
 	switch (cmd) {
-	case SIOCAIFADDR:		/* struct {if,in_}aliasreq */
-	case SIOCDIFADDR:		/* struct ifreq */
+	case SIOCAIFADDR:               /* struct {if,in_}aliasreq */
+	case SIOCDIFADDR:               /* struct ifreq */
 		if (cmd == SIOCAIFADDR) {
 			bcopy(&((struct in_aliasreq *)(void *)data)->
-			    ifra_addr, &addr, sizeof (addr));
+			    ifra_addr, &addr, sizeof(addr));
 			bcopy(&((struct in_aliasreq *)(void *)data)->
-			    ifra_dstaddr, &dstaddr, sizeof (dstaddr));
+			    ifra_dstaddr, &dstaddr, sizeof(dstaddr));
 		} else {
 			VERIFY(cmd == SIOCDIFADDR);
 			bcopy(&((struct ifreq *)(void *)data)->ifr_addr,
-			    &addr, sizeof (addr));
-			bzero(&dstaddr, sizeof (dstaddr));
+			    &addr, sizeof(addr));
+			bzero(&dstaddr, sizeof(dstaddr));
 		}
 
 		if (addr.sin_family == AF_INET) {
@@ -1370,8 +1410,9 @@ in_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp,
 				IFA_UNLOCK(&ia->ia_ifa);
 			}
 			lck_rw_done(in_ifaddr_rwlock);
-			if (oia != NULL)
+			if (oia != NULL) {
 				IFA_REMREF(&oia->ia_ifa);
+			}
 			if ((ifp->if_flags & IFF_POINTOPOINT) &&
 			    (cmd == SIOCAIFADDR) &&
 			    (dstaddr.sin_addr.s_addr == INADDR_ANY)) {
@@ -1382,23 +1423,53 @@ in_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp,
 			error = EINVAL;
 			goto done;
 		}
-		if (cmd == SIOCDIFADDR && ia == NULL) {
-			error = EADDRNOTAVAIL;
-			goto done;
+		if (cmd == SIOCDIFADDR) {
+			if (ia == NULL) {
+				error = EADDRNOTAVAIL;
+				goto done;
+			}
+
+			IFA_LOCK(&ia->ia_ifa);
+			/*
+			 * Avoid the race condition seen when two
+			 * threads process SIOCDIFADDR command
+			 * at the same time.
+			 */
+			while (ia->ia_ifa.ifa_debug & IFD_DETACHING) {
+				os_log(OS_LOG_DEFAULT,
+				    "Another thread is already attempting to "
+				    "delete IPv4 address: %s on interface %s. "
+				    "Go to sleep and check again after the operation is done",
+				    inet_ntoa(sa->sin_addr), ia->ia_ifp->if_xname);
+				ia->ia_ifa.ifa_del_waiters++;
+				(void) msleep(ia->ia_ifa.ifa_del_wc, &ia->ia_ifa.ifa_lock, (PZERO - 1),
+				    __func__, NULL);
+				IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
+			}
+
+			if ((ia->ia_ifa.ifa_debug & IFD_ATTACHED) == 0) {
+				error = EADDRNOTAVAIL;
+				IFA_UNLOCK(&ia->ia_ifa);
+				goto done;
+			}
+
+			ia->ia_ifa.ifa_debug |= IFD_DETACHING;
+			IFA_UNLOCK(&ia->ia_ifa);
 		}
-		/* FALLTHROUGH */
-	case SIOCSIFADDR:		/* struct ifreq */
-	case SIOCSIFDSTADDR:		/* struct ifreq */
-	case SIOCSIFNETMASK:		/* struct ifreq */
+
+	/* FALLTHROUGH */
+	case SIOCSIFADDR:               /* struct ifreq */
+	case SIOCSIFDSTADDR:            /* struct ifreq */
+	case SIOCSIFNETMASK:            /* struct ifreq */
 		if (cmd == SIOCAIFADDR) {
 			/* fell thru from above; just repeat it */
 			bcopy(&((struct in_aliasreq *)(void *)data)->
-			    ifra_addr, &addr, sizeof (addr));
+			    ifra_addr, &addr, sizeof(addr));
 		} else {
 			VERIFY(cmd == SIOCDIFADDR || cmd == SIOCSIFADDR ||
 			    cmd == SIOCSIFNETMASK || cmd == SIOCSIFDSTADDR);
 			bcopy(&((struct ifreq *)(void *)data)->ifr_addr,
-			    &addr, sizeof (addr));
+			    &addr, sizeof(addr));
 		}
 
 		if (addr.sin_family != AF_INET && cmd == SIOCSIFADDR) {
@@ -1422,12 +1493,13 @@ in_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp,
 			ifa->ifa_netmask = (struct sockaddr *)&ia->ia_sockmask;
 			ia->ia_sockmask.sin_len = 8;
 			if (ifp->if_flags & IFF_BROADCAST) {
-				ia->ia_broadaddr.sin_len = sizeof (ia->ia_addr);
+				ia->ia_broadaddr.sin_len = sizeof(ia->ia_addr);
 				ia->ia_broadaddr.sin_family = AF_INET;
 			}
 			ia->ia_ifp = ifp;
-			if (!(ifp->if_flags & IFF_LOOPBACK))
+			if (!(ifp->if_flags & IFF_LOOPBACK)) {
 				in_interfaces++;
+			}
 			/* if_attach_ifa() holds a reference for ifa_link */
 			if_attach_ifa(ifp, ifa);
 			/*
@@ -1436,8 +1508,9 @@ in_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp,
 			 * via PFC_IFUP event, before the link resolver (ARP)
 			 * initializes it.
 			 */
-			if (cmd == SIOCAIFADDR || cmd == SIOCSIFADDR)
+			if (cmd == SIOCAIFADDR || cmd == SIOCSIFADDR) {
 				ifa->ifa_debug |= IFD_NOTREADY;
+			}
 			IFA_UNLOCK(ifa);
 			ifnet_lock_done(ifp);
 			lck_rw_lock_exclusive(in_ifaddr_rwlock);
@@ -1453,25 +1526,25 @@ in_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp,
 	}
 
 	switch (cmd) {
-	case SIOCGIFDSTADDR:		/* struct ifreq */
-	case SIOCSIFDSTADDR:		/* struct ifreq */
+	case SIOCGIFDSTADDR:            /* struct ifreq */
+	case SIOCSIFDSTADDR:            /* struct ifreq */
 		error = inctl_ifdstaddr(ifp, ia, cmd, ifr);
 		break;
 
-	case SIOCGIFBRDADDR:		/* struct ifreq */
-	case SIOCSIFBRDADDR:		/* struct ifreq */
+	case SIOCGIFBRDADDR:            /* struct ifreq */
+	case SIOCSIFBRDADDR:            /* struct ifreq */
 		error = inctl_ifbrdaddr(ifp, ia, cmd, ifr);
 		break;
 
-	case SIOCGIFNETMASK:		/* struct ifreq */
-	case SIOCSIFNETMASK:		/* struct ifreq */
+	case SIOCGIFNETMASK:            /* struct ifreq */
+	case SIOCSIFNETMASK:            /* struct ifreq */
 		error = inctl_ifnetmask(ifp, ia, cmd, ifr);
 		break;
 
-	case SIOCGIFADDR:		/* struct ifreq */
-	case SIOCSIFADDR:		/* struct ifreq */
-	case SIOCAIFADDR:		/* struct {if,in_}aliasreq */
-	case SIOCDIFADDR:		/* struct ifreq */
+	case SIOCGIFADDR:               /* struct ifreq */
+	case SIOCSIFADDR:               /* struct ifreq */
+	case SIOCAIFADDR:               /* struct {if,in_}aliasreq */
+	case SIOCDIFADDR:               /* struct ifreq */
 		error = inctl_ifaddr(ifp, ia, cmd, ifr);
 		break;
 
@@ -1479,187 +1552,25 @@ in_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp,
 		error = EOPNOTSUPP;
 		break;
 	}
-done:
-	if (ia != NULL)
-		IFA_REMREF(&ia->ia_ifa);
-	if (so_unlocked)
-		socket_lock(so, 0);
-
-	return (error);
-}
-
-/*
- * SIOC[GAD]LIFADDR.
- *	SIOCGLIFADDR: get first address. (?!?)
- *	SIOCGLIFADDR with IFLR_PREFIX:
- *		get first address that matches the specified prefix.
- *	SIOCALIFADDR: add the specified address.
- *	SIOCALIFADDR with IFLR_PREFIX:
- *		EINVAL since we can't deduce hostid part of the address.
- *	SIOCDLIFADDR: delete the specified address.
- *	SIOCDLIFADDR with IFLR_PREFIX:
- *		delete the first address that matches the specified prefix.
- * return values:
- *	EINVAL on invalid parameters
- *	EADDRNOTAVAIL on prefix match failed/specified address not found
- *	other values may be returned from in_ioctl()
- */
-static __attribute__((noinline)) int
-inctl_lifaddr(struct ifnet *ifp, u_long cmd, struct if_laddrreq *iflr)
-{
-	struct ifaddr *ifa;
-
-	VERIFY(ifp != NULL);
-
-	switch (cmd) {
-	case SIOCGLIFADDR:
-		/* address must be specified on GET with IFLR_PREFIX */
-		if (!(iflr->flags & IFLR_PREFIX))
-			break;
-		/* FALLTHROUGH */
-	case SIOCALIFADDR:
-	case SIOCDLIFADDR:
-		/* address must be specified on ADD and DELETE */
-		if (iflr->addr.ss_family != AF_INET)
-			return (EINVAL);
-		if (iflr->addr.ss_len != sizeof (struct sockaddr_in))
-			return (EINVAL);
-		/* XXX need improvement */
-		if (iflr->dstaddr.ss_family &&
-		    iflr->dstaddr.ss_family != AF_INET)
-			return (EINVAL);
-		if (iflr->dstaddr.ss_family &&
-		    iflr->dstaddr.ss_len != sizeof (struct sockaddr_in))
-			return (EINVAL);
-		break;
-	default:
-		/* shouldn't happen */
-		VERIFY(0);
-		/* NOTREACHED */
-	}
-	if (sizeof (struct in_addr) * 8 < iflr->prefixlen)
-		return (EINVAL);
-
-	switch (cmd) {
-	case SIOCALIFADDR: {
-		struct in_aliasreq ifra;
-
-		if (iflr->flags & IFLR_PREFIX)
-			return (EINVAL);
-
-		/* copy args to in_aliasreq, perform ioctl(SIOCAIFADDR). */
-		bzero(&ifra, sizeof (ifra));
-		bcopy(iflr->iflr_name, ifra.ifra_name, sizeof (ifra.ifra_name));
-		bcopy(&iflr->addr, &ifra.ifra_addr, iflr->addr.ss_len);
-		if (iflr->dstaddr.ss_family) {	/* XXX */
-			bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr,
-			    sizeof (struct sockaddr_in));
-		}
-		ifra.ifra_mask.sin_family = AF_INET;
-		ifra.ifra_mask.sin_len = sizeof (struct sockaddr_in);
-		in_len2mask(&ifra.ifra_mask.sin_addr, iflr->prefixlen);
-
-		return (in_control(NULL, SIOCAIFADDR, (caddr_t)&ifra,
-		    ifp, kernproc));
-	}
-
-	case SIOCGLIFADDR:
-	case SIOCDLIFADDR: {
-		struct in_ifaddr *ia;
-		struct in_addr mask, candidate;
-		struct in_addr match = { 0 };
-		struct sockaddr_in *sin;
-		int cmp;
-
-		bzero(&mask, sizeof(mask));
-		if (iflr->flags & IFLR_PREFIX) {
-			/* lookup a prefix rather than address. */
-			in_len2mask(&mask, iflr->prefixlen);
-
-			sin = (struct sockaddr_in *)&iflr->addr;
-			match.s_addr = sin->sin_addr.s_addr;
-			match.s_addr &= mask.s_addr;
-
-			/* if you set extra bits, that's wrong */
-			if (match.s_addr != sin->sin_addr.s_addr)
-				return (EINVAL);
-
-			cmp = 1;
-		} else {
-			if (cmd == SIOCGLIFADDR) {
-				/* on getting an address, take the 1st match */
-				cmp = 0;	/* XXX */
-			} else {
-				/* on deleting an address, do exact match */
-				in_len2mask(&mask, 32);
-				sin = (struct sockaddr_in *)&iflr->addr;
-				match.s_addr = sin->sin_addr.s_addr;
 
-				cmp = 1;
-			}
-		}
-
-		ifnet_lock_shared(ifp);
-		TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link)	{
-			IFA_LOCK(ifa);
-			if (ifa->ifa_addr->sa_family != AF_INET6) {
-				IFA_UNLOCK(ifa);
-				continue;
-			}
-			if (!cmp) {
-				IFA_UNLOCK(ifa);
-				break;
-			}
-			candidate.s_addr = SIN(&ifa->ifa_addr)->sin_addr.s_addr;
-			candidate.s_addr &= mask.s_addr;
-			IFA_UNLOCK(ifa);
-			if (candidate.s_addr == match.s_addr)
-				break;
-		}
-		if (ifa != NULL)
-			IFA_ADDREF(ifa);
-		ifnet_lock_done(ifp);
-		if (!ifa)
-			return (EADDRNOTAVAIL);
-		ia = (struct in_ifaddr *)ifa;
-
-		if (cmd == SIOCGLIFADDR) {
-			IFA_LOCK(ifa);
-			/* fill in the if_laddrreq structure */
-			bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin_len);
-
-			if ((ifp->if_flags & IFF_POINTOPOINT) != 0) {
-				bcopy(&ia->ia_dstaddr, &iflr->dstaddr,
-				    ia->ia_dstaddr.sin_len);
-			} else {
-				bzero(&iflr->dstaddr, sizeof(iflr->dstaddr));
+done:
+	if (ia != NULL) {
+		if (cmd == SIOCDIFADDR) {
+			IFA_LOCK(&ia->ia_ifa);
+			ia->ia_ifa.ifa_debug &= ~IFD_DETACHING;
+			if (ia->ia_ifa.ifa_del_waiters > 0) {
+				ia->ia_ifa.ifa_del_waiters = 0;
+				wakeup(ia->ia_ifa.ifa_del_wc);
 			}
-			iflr->prefixlen =
-			    in_mask2len(&ia->ia_sockmask.sin_addr);
-			iflr->flags = 0;	/* XXX */
-
-			IFA_UNLOCK(ifa);
-			IFA_REMREF(ifa);
-			return (0);
-		} else {
-			struct ifreq ifr;
-
-			/* fill ifreq and do ioctl(SIOCDIFADDR) */
-			bzero(&ifr, sizeof (ifr));
-			bcopy(iflr->iflr_name, ifr.ifr_name,
-			    sizeof (ifr.ifr_name));
-			IFA_LOCK(ifa);
-			bcopy(&ia->ia_addr, &ifr.ifr_addr,
-			    sizeof (struct sockaddr_in));
-			IFA_UNLOCK(ifa);
-			IFA_REMREF(ifa);
-			return (in_control(NULL, SIOCDIFADDR, (caddr_t)&ifr,
-			    ifp, kernproc));
+			IFA_UNLOCK(&ia->ia_ifa);
 		}
+		IFA_REMREF(&ia->ia_ifa);
 	}
+	if (so_unlocked) {
+		socket_lock(so, 0);
 	}
 
-	return (EOPNOTSUPP);	/* just for safety */
+	return error;
 }
 
 /*
@@ -1674,17 +1585,20 @@ in_ifscrub(struct ifnet *ifp, struct in_ifaddr *ia, int locked)
 		return;
 	}
 	IFA_UNLOCK(&ia->ia_ifa);
-	if (!locked)
+	if (!locked) {
 		lck_mtx_lock(rnh_lock);
-	if (ifp->if_flags & (IFF_LOOPBACK|IFF_POINTOPOINT))
+	}
+	if (ifp->if_flags & (IFF_LOOPBACK | IFF_POINTOPOINT)) {
 		rtinit_locked(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST);
-	else
+	} else {
 		rtinit_locked(&(ia->ia_ifa), (int)RTM_DELETE, 0);
+	}
 	IFA_LOCK(&ia->ia_ifa);
 	ia->ia_flags &= ~IFA_ROUTE;
 	IFA_UNLOCK(&ia->ia_ifa);
-	if (!locked)
+	if (!locked) {
 		lck_mtx_unlock(rnh_lock);
+	}
 }
 
 /*
@@ -1693,7 +1607,7 @@ in_ifscrub(struct ifnet *ifp, struct in_ifaddr *ia, int locked)
 static void
 in_iahash_remove(struct in_ifaddr *ia)
 {
-	lck_rw_assert(in_ifaddr_rwlock, LCK_RW_ASSERT_EXCLUSIVE);
+	LCK_RW_ASSERT(in_ifaddr_rwlock, LCK_RW_ASSERT_EXCLUSIVE);
 	IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
 
 	if (!IA_IS_HASHED(ia)) {
@@ -1715,7 +1629,7 @@ in_iahash_remove(struct in_ifaddr *ia)
 static void
 in_iahash_insert(struct in_ifaddr *ia)
 {
-	lck_rw_assert(in_ifaddr_rwlock, LCK_RW_ASSERT_EXCLUSIVE);
+	LCK_RW_ASSERT(in_ifaddr_rwlock, LCK_RW_ASSERT_EXCLUSIVE);
 	IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
 
 	if (ia->ia_addr.sin_family != AF_INET) {
@@ -1745,7 +1659,7 @@ in_iahash_insert_ptp(struct in_ifaddr *ia)
 	struct in_ifaddr *tmp_ifa;
 	struct ifnet *tmp_ifp;
 
-	lck_rw_assert(in_ifaddr_rwlock, LCK_RW_ASSERT_EXCLUSIVE);
+	LCK_RW_ASSERT(in_ifaddr_rwlock, LCK_RW_ASSERT_EXCLUSIVE);
 	IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
 
 	if (ia->ia_addr.sin_family != AF_INET) {
@@ -1810,13 +1724,14 @@ in_ifinit(struct ifnet *ifp, struct in_ifaddr *ia, struct sockaddr_in *sin,
 	 * Interface addresses should not contain port or sin_zero information.
 	 */
 	SIN(&ia->ia_addr)->sin_family = AF_INET;
-	SIN(&ia->ia_addr)->sin_len = sizeof (struct sockaddr_in);
+	SIN(&ia->ia_addr)->sin_len = sizeof(struct sockaddr_in);
 	SIN(&ia->ia_addr)->sin_port = 0;
-	bzero(&SIN(&ia->ia_addr)->sin_zero, sizeof (sin->sin_zero));
-	if ((ifp->if_flags & IFF_POINTOPOINT))
+	bzero(&SIN(&ia->ia_addr)->sin_zero, sizeof(sin->sin_zero));
+	if ((ifp->if_flags & IFF_POINTOPOINT)) {
 		in_iahash_insert_ptp(ia);
-	else
+	} else {
 		in_iahash_insert(ia);
+	}
 	IFA_UNLOCK(&ia->ia_ifa);
 	lck_rw_done(in_ifaddr_rwlock);
 
@@ -1830,8 +1745,9 @@ in_ifinit(struct ifnet *ifp, struct in_ifaddr *ia, struct sockaddr_in *sin,
 	ifa0 = ifa_ifpgetprimary(ifp, AF_INET);
 	cmd = (&ia->ia_ifa == ifa0) ? SIOCSIFADDR : SIOCAIFADDR;
 	error = ifnet_ioctl(ifp, PF_INET, cmd, ia);
-	if (error == EOPNOTSUPP)
+	if (error == EOPNOTSUPP) {
 		error = 0;
+	}
 	/*
 	 * If we've just sent down SIOCAIFADDR, send another ioctl down
 	 * for SIOCSIFADDR for the first IPV4 address of the interface,
@@ -1847,8 +1763,9 @@ in_ifinit(struct ifnet *ifp, struct in_ifaddr *ia, struct sockaddr_in *sin,
 		 * for legacy reasons.
 		 */
 		error = ifnet_ioctl(ifp, PF_INET, SIOCSIFADDR, ifa0);
-		if (error == EOPNOTSUPP)
+		if (error == EOPNOTSUPP) {
 			error = 0;
+		}
 	}
 
 	/* Release reference from ifa_ifpgetprimary() */
@@ -1857,20 +1774,22 @@ in_ifinit(struct ifnet *ifp, struct in_ifaddr *ia, struct sockaddr_in *sin,
 	if (error) {
 		lck_rw_lock_exclusive(in_ifaddr_rwlock);
 		IFA_LOCK(&ia->ia_ifa);
-		if (IA_IS_HASHED(ia))
+		if (IA_IS_HASHED(ia)) {
 			in_iahash_remove(ia);
+		}
 		ia->ia_addr = oldaddr;
 		if (oldremoved) {
-			if ((ifp->if_flags & IFF_POINTOPOINT))
+			if ((ifp->if_flags & IFF_POINTOPOINT)) {
 				in_iahash_insert_ptp(ia);
-			else
+			} else {
 				in_iahash_insert(ia);
+			}
 		}
 		IFA_UNLOCK(&ia->ia_ifa);
 		lck_rw_done(in_ifaddr_rwlock);
 		/* Release extra reference taken above */
 		IFA_REMREF(&ia->ia_ifa);
-		return (error);
+		return error;
 	}
 	lck_mtx_lock(rnh_lock);
 	IFA_LOCK(&ia->ia_ifa);
@@ -1887,12 +1806,13 @@ in_ifinit(struct ifnet *ifp, struct in_ifaddr *ia, struct sockaddr_in *sin,
 		ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr;
 	}
 	IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
-	if (IN_CLASSA(i))
+	if (IN_CLASSA(i)) {
 		ia->ia_netmask = IN_CLASSA_NET;
-	else if (IN_CLASSB(i))
+	} else if (IN_CLASSB(i)) {
 		ia->ia_netmask = IN_CLASSB_NET;
-	else
+	} else {
 		ia->ia_netmask = IN_CLASSC_NET;
+	}
 	/*
 	 * The subnet mask usually includes at least the standard network part,
 	 * but may may be smaller in the case of supernetting.
@@ -1901,8 +1821,9 @@ in_ifinit(struct ifnet *ifp, struct in_ifaddr *ia, struct sockaddr_in *sin,
 	if (ia->ia_subnetmask == 0) {
 		ia->ia_subnetmask = ia->ia_netmask;
 		ia->ia_sockmask.sin_addr.s_addr = htonl(ia->ia_subnetmask);
-	} else
+	} else {
 		ia->ia_netmask &= ia->ia_subnetmask;
+	}
 	ia->ia_net = i & ia->ia_netmask;
 	ia->ia_subnet = i & ia->ia_subnetmask;
 	in_socktrim(&ia->ia_sockmask);
@@ -1914,7 +1835,7 @@ in_ifinit(struct ifnet *ifp, struct in_ifaddr *ia, struct sockaddr_in *sin,
 		ia->ia_broadaddr.sin_addr.s_addr =
 		    htonl(ia->ia_subnet | ~ia->ia_subnetmask);
 		ia->ia_netbroadcast.s_addr =
-		    htonl(ia->ia_net | ~ ia->ia_netmask);
+		    htonl(ia->ia_net | ~ia->ia_netmask);
 	} else if (ifp->if_flags & IFF_LOOPBACK) {
 		ia->ia_ifa.ifa_dstaddr = ia->ia_ifa.ifa_addr;
 		flags |= RTF_HOST;
@@ -1924,9 +1845,9 @@ in_ifinit(struct ifnet *ifp, struct in_ifaddr *ia, struct sockaddr_in *sin,
 			lck_mtx_unlock(rnh_lock);
 			/* Release extra reference taken above */
 			IFA_REMREF(&ia->ia_ifa);
-			return (0);
+			return 0;
 		}
-		ia->ia_dstaddr.sin_len = sizeof (struct sockaddr_in);
+		ia->ia_dstaddr.sin_len = sizeof(struct sockaddr_in);
 		flags |= RTF_HOST;
 	}
 	IFA_UNLOCK(&ia->ia_ifa);
@@ -1939,8 +1860,9 @@ in_ifinit(struct ifnet *ifp, struct in_ifaddr *ia, struct sockaddr_in *sin,
 	lck_mtx_unlock(rnh_lock);
 
 	/* XXX check if the subnet route points to the same interface */
-	if (error == EEXIST)
+	if (error == EEXIST) {
 		error = 0;
+	}
 
 	/*
 	 * If the interface supports multicast, join the "all hosts"
@@ -1979,7 +1901,7 @@ in_ifinit(struct ifnet *ifp, struct in_ifaddr *ia, struct sockaddr_in *sin,
 		routegenid_inet_update();
 	}
 
-	return (error);
+	return error;
 }
 
 /*
@@ -1991,41 +1913,43 @@ in_broadcast(struct in_addr in, struct ifnet *ifp)
 	struct ifaddr *ifa;
 	u_int32_t t;
 
-	if (in.s_addr == INADDR_BROADCAST || in.s_addr == INADDR_ANY)
-		return (TRUE);
-	if (!(ifp->if_flags & IFF_BROADCAST))
-		return (FALSE);
+	if (in.s_addr == INADDR_BROADCAST || in.s_addr == INADDR_ANY) {
+		return TRUE;
+	}
+	if (!(ifp->if_flags & IFF_BROADCAST)) {
+		return FALSE;
+	}
 	t = ntohl(in.s_addr);
 
 	/*
 	 * Look through the list of addresses for a match
 	 * with a broadcast address.
 	 */
-#define	ia ((struct in_ifaddr *)ifa)
+#define ia ((struct in_ifaddr *)ifa)
 	ifnet_lock_shared(ifp);
 	TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
 		IFA_LOCK(ifa);
 		if (ifa->ifa_addr->sa_family == AF_INET &&
 		    (in.s_addr == ia->ia_broadaddr.sin_addr.s_addr ||
-		     in.s_addr == ia->ia_netbroadcast.s_addr ||
-		     /*
-		      * Check for old-style (host 0) broadcast.
-		      */
-		     t == ia->ia_subnet || t == ia->ia_net) &&
-		     /*
-		      * Check for an all one subnetmask. These
-		      * only exist when an interface gets a secondary
-		      * address.
-		      */
-		     ia->ia_subnetmask != (u_int32_t)0xffffffff) {
+		    in.s_addr == ia->ia_netbroadcast.s_addr ||
+		    /*
+		     * Check for old-style (host 0) broadcast.
+		     */
+		    t == ia->ia_subnet || t == ia->ia_net) &&
+		    /*
+		     * Check for an all one subnetmask. These
+		     * only exist when an interface gets a secondary
+		     * address.
+		     */
+		    ia->ia_subnetmask != (u_int32_t)0xffffffff) {
 			IFA_UNLOCK(ifa);
 			ifnet_lock_done(ifp);
-			return (TRUE);
+			return TRUE;
 		}
 		IFA_UNLOCK(ifa);
 	}
 	ifnet_lock_done(ifp);
-	return (FALSE);
+	return FALSE;
 #undef ia
 }
 
@@ -2048,8 +1972,8 @@ in_purgeaddrs(struct ifnet *ifp)
 	if (err == 0 && ifap != NULL) {
 		struct ifreq ifr;
 
-		bzero(&ifr, sizeof (ifr));
-		(void) snprintf(ifr.ifr_name, sizeof (ifr.ifr_name),
+		bzero(&ifr, sizeof(ifr));
+		(void) snprintf(ifr.ifr_name, sizeof(ifr.ifr_name),
 		    "%s", if_name(ifp));
 
 		for (i = 0; ifap[i] != NULL; i++) {
@@ -2058,13 +1982,14 @@ in_purgeaddrs(struct ifnet *ifp)
 			ifa = ifap[i];
 			IFA_LOCK(ifa);
 			bcopy(ifa->ifa_addr, &ifr.ifr_addr,
-			    sizeof (struct sockaddr_in));
+			    sizeof(struct sockaddr_in));
 			IFA_UNLOCK(ifa);
 			err = in_control(NULL, SIOCDIFADDR, (caddr_t)&ifr, ifp,
 			    kernproc);
 			/* if we lost the race, ignore it */
-			if (err == EADDRNOTAVAIL)
+			if (err == EADDRNOTAVAIL) {
 				err = 0;
+			}
 			if (err != 0) {
 				char s_addr[MAX_IPv4_STR_LEN];
 				char s_dstaddr[MAX_IPv4_STR_LEN];
@@ -2076,9 +2001,9 @@ in_purgeaddrs(struct ifnet *ifp)
 				d = &((struct sockaddr_in *)
 				    (void *)ifa->ifa_dstaddr)->sin_addr;
 				(void) inet_ntop(AF_INET, &s->s_addr, s_addr,
-				    sizeof (s_addr));
+				    sizeof(s_addr));
 				(void) inet_ntop(AF_INET, &d->s_addr, s_dstaddr,
-				    sizeof (s_dstaddr));
+				    sizeof(s_dstaddr));
 				IFA_UNLOCK(ifa);
 
 				printf("%s: SIOCDIFADDR ifp=%s ifa_addr=%s "
@@ -2093,119 +2018,6 @@ in_purgeaddrs(struct ifnet *ifp)
 	}
 }
 
-/*
- * Select endpoint address(es).  For now just take the first matching
- * address and discard the rest, if present.
- */
-int
-in_selectaddrs(int af, struct sockaddr_list **src_sl,
-    struct sockaddr_entry **src_se, struct sockaddr_list **dst_sl,
-    struct sockaddr_entry **dst_se)
-{
-	struct sockaddr_entry *se;
-	int error = 0;
-
-	VERIFY(src_sl != NULL && dst_sl != NULL && *dst_sl != NULL);
-	VERIFY(src_se != NULL && dst_se != NULL);
-
-	*src_se = *dst_se = NULL;
-
-	/* pick a source address, if available */
-	if (*src_sl != NULL) {
-		TAILQ_FOREACH(se, &(*src_sl)->sl_head, se_link) {
-			VERIFY(se->se_addr != NULL);
-			/*
-			 * Take the first source address, or the first
-			 * one with matching address family.
-			 */
-			if (af == AF_UNSPEC || se->se_addr->sa_family == af) {
-				sockaddrlist_remove(*src_sl, se);
-				*src_se = se;
-				break;
-			}
-		}
-		/* get rid of the rest */
-		TAILQ_FOREACH(se, &(*src_sl)->sl_head, se_link) {
-			sockaddrlist_remove(*src_sl, se);
-			sockaddrentry_free(se);
-		}
-		if (*src_se != NULL) {
-			/* insert the first src address back in */
-			sockaddrlist_insert(*src_sl, *src_se);
-			VERIFY((*src_sl)->sl_cnt == 1);
-			/* destination address must be of this family */
-			af = (*src_se)->se_addr->sa_family;
-		} else {
-			/* no usable source address with matching family */
-			VERIFY(af != AF_UNSPEC);
-			error = EAFNOSUPPORT;
-			goto out;
-		}
-	}
-	/* pick a (matching) destination address */
-	TAILQ_FOREACH(se, &(*dst_sl)->sl_head, se_link) {
-		VERIFY(se->se_addr != NULL);
-		/*
-		 * Take the first destination address; if source is specified,
-		 * find one which uses the same address family.
-		 */
-		if (af == AF_UNSPEC || se->se_addr->sa_family == af) {
-			sockaddrlist_remove(*dst_sl, se);
-			*dst_se = se;
-			break;
-		}
-	}
-	/* get rid of the rest */
-	TAILQ_FOREACH(se, &(*dst_sl)->sl_head, se_link) {
-		sockaddrlist_remove(*dst_sl, se);
-		sockaddrentry_free(se);
-	}
-	if (*dst_se != NULL) {
-		/* insert the first dst address back in */
-		sockaddrlist_insert(*dst_sl, *dst_se);
-		VERIFY((*dst_sl)->sl_cnt == 1);
-	} else {
-		/* source and destination address families don't match */
-		error = EAFNOSUPPORT;
-		goto out;
-	}
-
-	af = (*dst_se)->se_addr->sa_family;
-	VERIFY(*src_se == NULL || (*src_se)->se_addr->sa_family == af);
-
-	/* verify address length */
-	switch (af) {
-	case AF_INET:
-		if ((*dst_se)->se_addr->sa_len !=
-		    sizeof (struct sockaddr_in)) {
-			error = EAFNOSUPPORT;
-			goto out;
-		}
-		break;
-#if INET6
-	case AF_INET6:
-		if ((*dst_se)->se_addr->sa_len !=
-		    sizeof (struct sockaddr_in6)) {
-			error = EAFNOSUPPORT;
-			goto out;
-		}
-		break;
-#endif /* INET6 */
-	default:
-		error = EAFNOSUPPORT;
-		goto out;
-	}
-
-	/* if source address is specified, length must match destination */
-	if (*src_se != NULL && (*src_se)->se_addr->sa_len !=
-	    (*dst_se)->se_addr->sa_len) {
-		error = EAFNOSUPPORT;
-		goto out;
-	}
-out:
-	return (error);
-}
-
 /*
  * Called as part of ip_init
  */
@@ -2214,10 +2026,10 @@ in_ifaddr_init(void)
 {
 	in_multi_init();
 
-	PE_parse_boot_argn("ifa_debug", &inifa_debug, sizeof (inifa_debug));
+	PE_parse_boot_argn("ifa_debug", &inifa_debug, sizeof(inifa_debug));
 
-	inifa_size = (inifa_debug == 0) ? sizeof (struct in_ifaddr) :
-	    sizeof (struct in_ifaddr_dbg);
+	inifa_size = (inifa_debug == 0) ? sizeof(struct in_ifaddr) :
+	    sizeof(struct in_ifaddr_dbg);
 
 	inifa_zone = zinit(inifa_size, INIFA_ZONE_MAX * inifa_size,
 	    0, INIFA_ZONE_NAME);
@@ -2243,6 +2055,8 @@ in_ifaddr_alloc(int how)
 		bzero(inifa, inifa_size);
 		inifa->ia_ifa.ifa_free = in_ifaddr_free;
 		inifa->ia_ifa.ifa_debug |= IFD_ALLOC;
+		inifa->ia_ifa.ifa_del_wc = &inifa->ia_ifa.ifa_debug;
+		inifa->ia_ifa.ifa_del_waiters = 0;
 		ifa_lock_init(&inifa->ia_ifa);
 		if (inifa_debug != 0) {
 			struct in_ifaddr_dbg *inifa_dbg =
@@ -2254,7 +2068,7 @@ in_ifaddr_alloc(int how)
 			ctrace_record(&inifa_dbg->inifa_alloc);
 		}
 	}
-	return (inifa);
+	return inifa;
 }
 
 static void
@@ -2265,7 +2079,8 @@ in_ifaddr_free(struct ifaddr *ifa)
 	if (ifa->ifa_refcnt != 0) {
 		panic("%s: ifa %p bad ref cnt", __func__, ifa);
 		/* NOTREACHED */
-	} if (!(ifa->ifa_debug & IFD_ALLOC)) {
+	}
+	if (!(ifa->ifa_debug & IFD_ALLOC)) {
 		panic("%s: ifa %p cannot be freed", __func__, ifa);
 		/* NOTREACHED */
 	}
@@ -2273,7 +2088,7 @@ in_ifaddr_free(struct ifaddr *ifa)
 		struct in_ifaddr_dbg *inifa_dbg = (struct in_ifaddr_dbg *)ifa;
 		ctrace_record(&inifa_dbg->inifa_free);
 		bcopy(&inifa_dbg->inifa, &inifa_dbg->inifa_old,
-		    sizeof (struct in_ifaddr));
+		    sizeof(struct in_ifaddr));
 		if (ifa->ifa_debug & IFD_TRASHED) {
 			/* Become a regular mutex, just in case */
 			IFA_CONVERT_LOCK(ifa);
@@ -2286,7 +2101,7 @@ in_ifaddr_free(struct ifaddr *ifa)
 	}
 	IFA_UNLOCK(ifa);
 	ifa_lock_destroy(ifa);
-	bzero(ifa, sizeof (struct in_ifaddr));
+	bzero(ifa, sizeof(struct in_ifaddr));
 	zfree(inifa_zone, ifa);
 }
 
@@ -2364,61 +2179,65 @@ static int
 in_getassocids(struct socket *so, uint32_t *cnt, user_addr_t aidp)
 {
 	struct inpcb *inp = sotoinpcb(so);
-	associd_t aid;
+	sae_associd_t aid;
 
-	if (inp == NULL || inp->inp_state == INPCB_STATE_DEAD)
-		return (EINVAL);
+	if (inp == NULL || inp->inp_state == INPCB_STATE_DEAD) {
+		return EINVAL;
+	}
 
 	/* INPCB has no concept of association */
-	aid = ASSOCID_ANY;
+	aid = SAE_ASSOCID_ANY;
 	*cnt = 0;
 
 	/* just asking how many there are? */
-	if (aidp == USER_ADDR_NULL)
-		return (0);
+	if (aidp == USER_ADDR_NULL) {
+		return 0;
+	}
 
-	return (copyout(&aid, aidp, sizeof (aid)));
+	return copyout(&aid, aidp, sizeof(aid));
 }
 
 /*
  * Handle SIOCGCONNIDS ioctl for PF_INET domain.
  */
 static int
-in_getconnids(struct socket *so, associd_t aid, uint32_t *cnt,
+in_getconnids(struct socket *so, sae_associd_t aid, uint32_t *cnt,
     user_addr_t cidp)
 {
 	struct inpcb *inp = sotoinpcb(so);
-	connid_t cid;
+	sae_connid_t cid;
 
-	if (inp == NULL || inp->inp_state == INPCB_STATE_DEAD)
-		return (EINVAL);
+	if (inp == NULL || inp->inp_state == INPCB_STATE_DEAD) {
+		return EINVAL;
+	}
 
-	if (aid != ASSOCID_ANY && aid != ASSOCID_ALL)
-		return (EINVAL);
+	if (aid != SAE_ASSOCID_ANY && aid != SAE_ASSOCID_ALL) {
+		return EINVAL;
+	}
 
 	/* if connected, return 1 connection count */
 	*cnt = ((so->so_state & SS_ISCONNECTED) ? 1 : 0);
 
 	/* just asking how many there are? */
-	if (cidp == USER_ADDR_NULL)
-		return (0);
+	if (cidp == USER_ADDR_NULL) {
+		return 0;
+	}
 
 	/* if INPCB is connected, assign it connid 1 */
-	cid = ((*cnt != 0) ? 1 : CONNID_ANY);
+	cid = ((*cnt != 0) ? 1 : SAE_CONNID_ANY);
 
-	return (copyout(&cid, cidp, sizeof (cid)));
+	return copyout(&cid, cidp, sizeof(cid));
 }
 
 /*
  * Handle SIOCGCONNINFO ioctl for PF_INET domain.
  */
-static int
-in_getconninfo(struct socket *so, connid_t cid, uint32_t *flags,
+int
+in_getconninfo(struct socket *so, sae_connid_t cid, uint32_t *flags,
     uint32_t *ifindex, int32_t *soerror, user_addr_t src, socklen_t *src_len,
     user_addr_t dst, socklen_t *dst_len, uint32_t *aux_type,
     user_addr_t aux_data, uint32_t *aux_len)
 {
-#pragma unused(aux_data)
 	struct inpcb *inp = sotoinpcb(so);
 	struct sockaddr_in sin;
 	struct ifnet *ifp = NULL;
@@ -2434,7 +2253,7 @@ in_getconninfo(struct socket *so, connid_t cid, uint32_t *flags,
 		goto out;
 	}
 
-	if (cid != CONNID_ANY && cid != CONNID_ALL && cid != 1) {
+	if (cid != SAE_CONNID_ANY && cid != SAE_CONNID_ALL && cid != 1) {
 		error = EINVAL;
 		goto out;
 	}
@@ -2443,17 +2262,21 @@ in_getconninfo(struct socket *so, connid_t cid, uint32_t *flags,
 	*ifindex = ((ifp != NULL) ? ifp->if_index : 0);
 	*soerror = so->so_error;
 	*flags = 0;
-	if (so->so_state & SS_ISCONNECTED)
+	if (so->so_state & SS_ISCONNECTED) {
 		*flags |= (CIF_CONNECTED | CIF_PREFERRED);
-	if (inp->inp_flags & INP_BOUND_IF)
+	}
+	if (inp->inp_flags & INP_BOUND_IF) {
 		*flags |= CIF_BOUND_IF;
-	if (!(inp->inp_flags & INP_INADDR_ANY))
+	}
+	if (!(inp->inp_flags & INP_INADDR_ANY)) {
 		*flags |= CIF_BOUND_IP;
-	if (!(inp->inp_flags & INP_ANONPORT))
+	}
+	if (!(inp->inp_flags & INP_ANONPORT)) {
 		*flags |= CIF_BOUND_PORT;
+	}
 
-	bzero(&sin, sizeof (sin));
-	sin.sin_len = sizeof (sin);
+	bzero(&sin, sizeof(sin));
+	sin.sin_len = sizeof(sin);
 	sin.sin_family = AF_INET;
 
 	/* source address and port */
@@ -2463,10 +2286,11 @@ in_getconninfo(struct socket *so, connid_t cid, uint32_t *flags,
 		*src_len = sin.sin_len;
 	} else {
 		if (src != USER_ADDR_NULL) {
-			copy_len = min(*src_len, sizeof (sin));
+			copy_len = min(*src_len, sizeof(sin));
 			error = copyout(&sin, src, copy_len);
-			if (error != 0)
+			if (error != 0) {
 				goto out;
+			}
 			*src_len = copy_len;
 		}
 	}
@@ -2478,35 +2302,460 @@ in_getconninfo(struct socket *so, connid_t cid, uint32_t *flags,
 		*dst_len = sin.sin_len;
 	} else {
 		if (dst != USER_ADDR_NULL) {
-			copy_len = min(*dst_len, sizeof (sin));
+			copy_len = min(*dst_len, sizeof(sin));
 			error = copyout(&sin, dst, copy_len);
-			if (error != 0)
+			if (error != 0) {
 				goto out;
+			}
 			*dst_len = copy_len;
 		}
 	}
 
-	*aux_type = 0;
-	*aux_len = 0;
 	if (SOCK_PROTO(so) == IPPROTO_TCP) {
 		struct conninfo_tcp tcp_ci;
 
 		*aux_type = CIAUX_TCP;
 		if (*aux_len == 0) {
-			*aux_len = sizeof (tcp_ci);
+			*aux_len = sizeof(tcp_ci);
 		} else {
 			if (aux_data != USER_ADDR_NULL) {
-				copy_len = min(*aux_len, sizeof (tcp_ci));
-				bzero(&tcp_ci, sizeof (tcp_ci));
+				copy_len = min(*aux_len, sizeof(tcp_ci));
+				bzero(&tcp_ci, sizeof(tcp_ci));
 				tcp_getconninfo(so, &tcp_ci);
 				error = copyout(&tcp_ci, aux_data, copy_len);
-				if (error != 0)
+				if (error != 0) {
 					goto out;
+				}
 				*aux_len = copy_len;
 			}
 		}
+	} else {
+		*aux_type = 0;
+		*aux_len = 0;
 	}
 
 out:
-	return (error);
+	return error;
+}
+
+struct in_llentry {
+	struct llentry          base;
+};
+
+#define        IN_LLTBL_DEFAULT_HSIZE  32
+#define        IN_LLTBL_HASH(k, h) \
+    ((((((((k) >> 8) ^ (k)) >> 8) ^ (k)) >> 8) ^ (k)) & ((h) - 1))
+
+/*
+ * Do actual deallocation of @lle.
+ */
+static void
+in_lltable_destroy_lle_unlocked(struct llentry *lle)
+{
+	LLE_LOCK_DESTROY(lle);
+	LLE_REQ_DESTROY(lle);
+	FREE(lle, M_LLTABLE);
+}
+
+/*
+ * Called by LLE_FREE_LOCKED when number of references
+ * drops to zero.
+ */
+static void
+in_lltable_destroy_lle(struct llentry *lle)
+{
+	LLE_WUNLOCK(lle);
+	in_lltable_destroy_lle_unlocked(lle);
+}
+
+static struct llentry *
+in_lltable_new(struct in_addr addr4, u_int flags)
+{
+#pragma unused(flags)
+	struct in_llentry *lle;
+
+	MALLOC(lle, struct in_llentry *, sizeof(struct in_llentry), M_LLTABLE, M_NOWAIT | M_ZERO);
+	if (lle == NULL) {              /* NB: caller generates msg */
+		return NULL;
+	}
+
+	/*
+	 * For IPv4 this will trigger "arpresolve" to generate
+	 * an ARP request.
+	 */
+	lle->base.la_expire = net_uptime(); /* mark expired */
+	lle->base.r_l3addr.addr4 = addr4;
+	lle->base.lle_refcnt = 1;
+	lle->base.lle_free = in_lltable_destroy_lle;
+
+	LLE_LOCK_INIT(&lle->base);
+	LLE_REQ_INIT(&lle->base);
+	//callout_init(&lle->base.lle_timer, 1);
+
+	return &lle->base;
+}
+
+#define IN_ARE_MASKED_ADDR_EQUAL(d, a, m)      (               \
+    ((((d).s_addr ^ (a).s_addr) & (m).s_addr)) == 0 )
+
+static int
+in_lltable_match_prefix(const struct sockaddr *saddr,
+    const struct sockaddr *smask, u_int flags, struct llentry *lle)
+{
+	struct in_addr addr, mask, lle_addr;
+
+	addr = ((const struct sockaddr_in *)(const void *)saddr)->sin_addr;
+	mask = ((const struct sockaddr_in *)(const void *)smask)->sin_addr;
+	lle_addr.s_addr = ntohl(lle->r_l3addr.addr4.s_addr);
+
+	if (IN_ARE_MASKED_ADDR_EQUAL(lle_addr, addr, mask) == 0) {
+		return 0;
+	}
+
+	if (lle->la_flags & LLE_IFADDR) {
+		/*
+		 * Delete LLE_IFADDR records IFF address & flag matches.
+		 * Note that addr is the interface address within prefix
+		 * being matched.
+		 * Note also we should handle 'ifdown' cases without removing
+		 * ifaddr macs.
+		 */
+		if (addr.s_addr == lle_addr.s_addr && (flags & LLE_STATIC) != 0) {
+			return 1;
+		}
+		return 0;
+	}
+
+	/* flags & LLE_STATIC means deleting both dynamic and static entries */
+	if ((flags & LLE_STATIC) || !(lle->la_flags & LLE_STATIC)) {
+		return 1;
+	}
+
+	return 0;
+}
+
+static void
+in_lltable_free_entry(struct lltable *llt, struct llentry *lle)
+{
+	struct ifnet *ifp;
+	size_t pkts_dropped;
+
+	LLE_WLOCK_ASSERT(lle);
+	KASSERT(llt != NULL, ("lltable is NULL"));
+
+	/* Unlink entry from table if not already */
+	if ((lle->la_flags & LLE_LINKED) != 0) {
+		ifp = llt->llt_ifp;
+		IF_AFDATA_WLOCK_ASSERT(ifp, llt->llt_af);
+		lltable_unlink_entry(llt, lle);
+	}
+
+#if 0
+	/* cancel timer */
+	if (callout_stop(&lle->lle_timer) > 0) {
+		LLE_REMREF(lle);
+	}
+#endif
+	/* Drop hold queue */
+	pkts_dropped = llentry_free(lle);
+	arpstat.dropped += pkts_dropped;
+}
+
+
+static int
+in_lltable_rtcheck(struct ifnet *ifp, u_int flags, const struct sockaddr *l3addr)
+{
+#pragma unused(flags)
+	struct rtentry *rt;
+
+	KASSERT(l3addr->sa_family == AF_INET,
+	    ("sin_family %d", l3addr->sa_family));
+
+	/* XXX rtalloc1 should take a const param */
+	rt = rtalloc1(__DECONST(struct sockaddr *, l3addr), 0, 0);
+	if (rt == NULL || (rt->rt_flags & RTF_GATEWAY) || rt->rt_ifp != ifp) {
+		log(LOG_INFO, "IPv4 address: \"%s\" is not on the network\n",
+		    inet_ntoa(((const struct sockaddr_in *)(const void *)l3addr)->sin_addr));
+		if (rt != NULL) {
+			rtfree_locked(rt);
+		}
+		return EINVAL;
+	}
+	rtfree_locked(rt);
+	return 0;
+}
+
+static inline uint32_t
+in_lltable_hash_dst(const struct in_addr dst, uint32_t hsize)
+{
+	return IN_LLTBL_HASH(dst.s_addr, hsize);
+}
+
+static uint32_t
+in_lltable_hash(const struct llentry *lle, uint32_t hsize)
+{
+	return in_lltable_hash_dst(lle->r_l3addr.addr4, hsize);
+}
+
+
+static void
+in_lltable_fill_sa_entry(const struct llentry *lle, struct sockaddr *sa)
+{
+	struct sockaddr_in *sin;
+
+	sin = (struct sockaddr_in *)(void *)sa;
+	bzero(sin, sizeof(*sin));
+	sin->sin_family = AF_INET;
+	sin->sin_len = sizeof(*sin);
+	sin->sin_addr = lle->r_l3addr.addr4;
+}
+
+static inline struct llentry *
+in_lltable_find_dst(struct lltable *llt, struct in_addr dst)
+{
+	struct llentry *lle;
+	struct llentries *lleh;
+	u_int hashidx;
+
+	hashidx = in_lltable_hash_dst(dst, llt->llt_hsize);
+	lleh = &llt->lle_head[hashidx];
+	LIST_FOREACH(lle, lleh, lle_next) {
+		if (lle->la_flags & LLE_DELETED) {
+			continue;
+		}
+		if (lle->r_l3addr.addr4.s_addr == dst.s_addr) {
+			break;
+		}
+	}
+
+	return lle;
+}
+
+static void
+in_lltable_delete_entry(struct lltable *llt, struct llentry *lle)
+{
+#pragma unused(llt)
+	lle->la_flags |= LLE_DELETED;
+	//EVENTHANDLER_INVOKE(lle_event, lle, LLENTRY_DELETED);
+#ifdef DIAGNOSTIC
+	log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle);
+#endif
+	llentry_free(lle);
+}
+
+static struct llentry *
+in_lltable_alloc(struct lltable *llt, u_int flags, const struct sockaddr *l3addr)
+{
+	const struct sockaddr_in *sin = (const struct sockaddr_in *) (const void *)l3addr;
+	struct ifnet *ifp = llt->llt_ifp;
+	struct llentry *lle;
+
+	KASSERT(l3addr->sa_family == AF_INET,
+	    ("sin_family %d", l3addr->sa_family));
+
+	/*
+	 * A route that covers the given address must have
+	 * been installed 1st because we are doing a resolution,
+	 * verify this.
+	 */
+	if (!(flags & LLE_IFADDR) &&
+	    in_lltable_rtcheck(ifp, flags, l3addr) != 0) {
+		return NULL;
+	}
+
+	lle = in_lltable_new(sin->sin_addr, flags);
+	if (lle == NULL) {
+		log(LOG_INFO, "lla_lookup: new lle malloc failed\n");
+		return NULL;
+	}
+	lle->la_flags = flags & ~LLE_CREATE;
+	if (flags & LLE_STATIC) {
+		lle->r_flags |= RLLE_VALID;
+	}
+	if ((flags & LLE_IFADDR) == LLE_IFADDR) {
+		lltable_set_entry_addr(ifp, lle, LLADDR(SDL(ifp->if_lladdr->ifa_addr)));
+		lle->la_flags |= LLE_STATIC;
+		lle->r_flags |= (RLLE_VALID | RLLE_IFADDR);
+	}
+	return lle;
+}
+
+/*
+ * Return NULL if not found or marked for deletion.
+ * If found return lle read locked.
+ */
+static struct llentry *
+in_lltable_lookup(struct lltable *llt, u_int flags, const struct sockaddr *l3addr)
+{
+	const struct sockaddr_in *sin = (const struct sockaddr_in *)(const void *)l3addr;
+	struct llentry *lle;
+
+	IF_AFDATA_WLOCK_ASSERT(llt->llt_ifp, llt->llt_af);
+
+	KASSERT(l3addr->sa_family == AF_INET,
+	    ("sin_family %d", l3addr->sa_family));
+	lle = in_lltable_find_dst(llt, sin->sin_addr);
+
+	if (lle == NULL) {
+		return NULL;
+	}
+
+	KASSERT((flags & (LLE_UNLOCKED | LLE_EXCLUSIVE)) !=
+	    (LLE_UNLOCKED | LLE_EXCLUSIVE), ("wrong lle request flags: 0x%X",
+	    flags));
+
+	if (flags & LLE_UNLOCKED) {
+		return lle;
+	}
+
+	if (flags & LLE_EXCLUSIVE) {
+		LLE_WLOCK(lle);
+	} else {
+		LLE_RLOCK(lle);
+	}
+
+	return lle;
+}
+
+static int
+in_lltable_dump_entry(struct lltable *llt, struct llentry *lle,
+    struct sysctl_req *wr)
+{
+	struct ifnet *ifp = llt->llt_ifp;
+	/* XXX stack use */
+	struct {
+		struct rt_msghdr        rtm;
+		struct sockaddr_in      sin;
+		struct sockaddr_dl      sdl;
+	} arpc;
+	struct sockaddr_dl *sdl;
+	int error;
+
+	bzero(&arpc, sizeof(arpc));
+	/* skip deleted entries */
+	if ((lle->la_flags & LLE_DELETED) == LLE_DELETED) {
+		return 0;
+	}
+	/* Skip if jailed and not a valid IP of the prison. */
+	lltable_fill_sa_entry(lle, (struct sockaddr *)&arpc.sin);
+	/*
+	 * produce a msg made of:
+	 *  struct rt_msghdr;
+	 *  struct sockaddr_in; (IPv4)
+	 *  struct sockaddr_dl;
+	 */
+	arpc.rtm.rtm_msglen = sizeof(arpc);
+	arpc.rtm.rtm_version = RTM_VERSION;
+	arpc.rtm.rtm_type = RTM_GET;
+	arpc.rtm.rtm_flags = RTF_UP;
+	arpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY;
+
+	/* publish */
+	if (lle->la_flags & LLE_PUB) {
+		arpc.rtm.rtm_flags |= RTF_ANNOUNCE;
+	}
+
+	sdl = &arpc.sdl;
+	sdl->sdl_family = AF_LINK;
+	sdl->sdl_len = sizeof(*sdl);
+	sdl->sdl_index = ifp->if_index;
+	sdl->sdl_type = ifp->if_type;
+	if ((lle->la_flags & LLE_VALID) == LLE_VALID) {
+		sdl->sdl_alen = ifp->if_addrlen;
+		bcopy(&lle->ll_addr, LLADDR(sdl), ifp->if_addrlen);
+	} else {
+		sdl->sdl_alen = 0;
+		bzero(LLADDR(sdl), ifp->if_addrlen);
+	}
+
+	arpc.rtm.rtm_rmx.rmx_expire =
+	    lle->la_flags & LLE_STATIC ? 0 : lle->la_expire;
+	arpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA);
+	if (lle->la_flags & LLE_STATIC) {
+		arpc.rtm.rtm_flags |= RTF_STATIC;
+	}
+	if (lle->la_flags & LLE_IFADDR) {
+		arpc.rtm.rtm_flags |= RTF_PINNED;
+	}
+	arpc.rtm.rtm_flags |= RTF_PINNED;
+	arpc.rtm.rtm_index = ifp->if_index;
+	error = SYSCTL_OUT(wr, &arpc, sizeof(arpc));
+
+	return error;
+}
+
+static struct lltable *
+in_lltattach(struct ifnet *ifp)
+{
+	struct lltable *llt;
+
+	llt = lltable_allocate_htbl(IN_LLTBL_DEFAULT_HSIZE);
+	llt->llt_af = AF_INET;
+	llt->llt_ifp = ifp;
+
+	llt->llt_lookup = in_lltable_lookup;
+	llt->llt_alloc_entry = in_lltable_alloc;
+	llt->llt_delete_entry = in_lltable_delete_entry;
+	llt->llt_dump_entry = in_lltable_dump_entry;
+	llt->llt_hash = in_lltable_hash;
+	llt->llt_fill_sa_entry = in_lltable_fill_sa_entry;
+	llt->llt_free_entry = in_lltable_free_entry;
+	llt->llt_match_prefix = in_lltable_match_prefix;
+	lltable_link(llt);
+
+	return llt;
+}
+
+struct in_ifaddr*
+inifa_ifpwithflag(struct ifnet * ifp, uint32_t flag)
+{
+	struct ifaddr *ifa;
+
+	ifnet_lock_shared(ifp);
+	TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_link)
+	{
+		IFA_LOCK_SPIN(ifa);
+		if (ifa->ifa_addr->sa_family != AF_INET) {
+			IFA_UNLOCK(ifa);
+			continue;
+		}
+		if ((((struct in_ifaddr *)ifa)->ia_flags & flag) == flag) {
+			IFA_ADDREF_LOCKED(ifa);
+			IFA_UNLOCK(ifa);
+			break;
+		}
+		IFA_UNLOCK(ifa);
+	}
+	ifnet_lock_done(ifp);
+
+	return (struct in_ifaddr *)ifa;
+}
+
+struct in_ifaddr *
+inifa_ifpclatv4(struct ifnet * ifp)
+{
+	struct ifaddr *ifa;
+
+	ifnet_lock_shared(ifp);
+	TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_link)
+	{
+		uint32_t addr = 0;
+		IFA_LOCK_SPIN(ifa);
+		if (ifa->ifa_addr->sa_family != AF_INET) {
+			IFA_UNLOCK(ifa);
+			continue;
+		}
+
+		addr = ntohl(SIN(ifa->ifa_addr)->sin_addr.s_addr);
+		if (!IN_LINKLOCAL(addr) &&
+		    !IN_LOOPBACK(addr)) {
+			IFA_ADDREF_LOCKED(ifa);
+			IFA_UNLOCK(ifa);
+			break;
+		}
+		IFA_UNLOCK(ifa);
+	}
+	ifnet_lock_done(ifp);
+
+	return (struct in_ifaddr *)ifa;
 }