X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/490019cf9519204c5fb36b2fba54ceb983bb6b72..d9a64523371fa019c4575bb400cbbc3a50ac9903:/bsd/net/if.c diff --git a/bsd/net/if.c b/bsd/net/if.c index a58ce458c..7bf8dc604 100644 --- a/bsd/net/if.c +++ b/bsd/net/if.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2015 Apple Inc. All rights reserved. + * Copyright (c) 2000-2018 Apple Inc. All rights reserved. * * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ * @@ -85,6 +85,7 @@ #include #include #include +#include #include @@ -98,18 +99,20 @@ #include #include #include - #include #include #include +#include + #include #include #if INET || INET6 -/*XXX*/ #include #include +#include #include +#include #include #include #include @@ -128,10 +131,6 @@ #include #endif -#if PF_ALTQ -#include -#endif /* !PF_ALTQ */ - /* * System initialization */ @@ -147,6 +146,7 @@ static int ifioctl_ifreq(struct socket *, u_long, struct ifreq *, struct proc *); static int ifioctl_ifconf(u_long, caddr_t); static int ifioctl_ifclone(u_long, caddr_t); +static int ifioctl_iforder(u_long, caddr_t); static int ifioctl_ifdesc(struct ifnet *, u_long, caddr_t, struct proc *); static int ifioctl_linkparams(struct ifnet *, u_long, caddr_t, struct proc *); static int ifioctl_qstats(struct ifnet *, u_long, caddr_t); @@ -160,6 +160,7 @@ static int if_addmulti_common(struct ifnet *, const struct sockaddr *, struct ifmultiaddr **, int); static int if_delmulti_common(struct ifmultiaddr *, struct ifnet *, const struct sockaddr *, int); +static struct ifnet *ifunit_common(const char *, boolean_t); static int if_rtmtu(struct radix_node *, void *); static void if_rtmtu_update(struct ifnet *); @@ -170,6 +171,10 @@ MALLOC_DEFINE(M_IFADDR, "ifaddr", "interface address"); struct ifnethead ifnet_head = TAILQ_HEAD_INITIALIZER(ifnet_head); +/* ifnet_ordered_head and if_ordered_count are protected by the ifnet_head lock */ +struct ifnethead ifnet_ordered_head = TAILQ_HEAD_INITIALIZER(ifnet_ordered_head); +static u_int32_t if_ordered_count = 0; + static int if_cloners_count; LIST_HEAD(, if_clone) if_cloners = LIST_HEAD_INITIALIZER(if_cloners); @@ -239,6 +244,11 @@ static uint32_t if_verbose = 0; SYSCTL_INT(_net_link_generic_system, OID_AUTO, if_verbose, CTLFLAG_RW | CTLFLAG_LOCKED, &if_verbose, 0, ""); +boolean_t intcoproc_unrestricted; + +/* Eventhandler context for interface events */ +struct eventhandler_lists_ctxt ifnet_evhdlr_ctxt; + void ifa_init(void) { @@ -263,6 +273,9 @@ ifa_init(void) lck_mtx_init(&ifma_trash_lock, ifa_mtx_grp, ifa_mtx_attr); TAILQ_INIT(&ifma_trash_head); + + PE_parse_boot_argn("intcoproc_unrestricted", &intcoproc_unrestricted, + sizeof (intcoproc_unrestricted)); } /* @@ -318,6 +331,7 @@ if_attach_ifa_common(struct ifnet *ifp, struct ifaddr *ifa, int link) if (ifa->ifa_attached != NULL) (*ifa->ifa_attached)(ifa); + } __private_extern__ void @@ -373,19 +387,20 @@ if_detach_ifa_common(struct ifnet *ifp, struct ifaddr *ifa, int link) panic("%s: unexpected (missing) refcnt ifa=%p", __func__, ifa); /* NOTREACHED */ } - ifa->ifa_debug &= ~IFD_ATTACHED; + ifa->ifa_debug &= ~(IFD_ATTACHED | IFD_DETACHING); if (ifa->ifa_detached != NULL) (*ifa->ifa_detached)(ifa); + } -#define INITIAL_IF_INDEXLIM 8 +#define INITIAL_IF_INDEXLIM 8 /* * Function: if_next_index * Purpose: - * Return the next available interface index. - * Grow the ifnet_addrs[] and ifindex2ifnet[] arrays to accomodate the + * Return the next available interface index. + * Grow the ifnet_addrs[] and ifindex2ifnet[] arrays to accomodate the * added entry when necessary. * * Note: @@ -422,18 +437,18 @@ if_next_index(void) new_ifnet_addrs = _MALLOC(n, M_IFADDR, M_WAITOK | M_ZERO); if (new_ifnet_addrs == NULL) { --if_index; - return -1; + return (-1); } - new_ifindex2ifnet = new_ifnet_addrs + new_ifindex2ifnet = new_ifnet_addrs + new_if_indexlim * sizeof(caddr_t); if (ifnet_addrs != NULL) { /* copy the existing data */ bcopy((caddr_t)ifnet_addrs, new_ifnet_addrs, - if_indexlim * sizeof(caddr_t)); + if_indexlim * sizeof(caddr_t)); bcopy((caddr_t)ifindex2ifnet, - new_ifindex2ifnet, - (if_indexlim + 1) * sizeof(caddr_t)); + new_ifindex2ifnet, + (if_indexlim + 1) * sizeof(caddr_t)); } /* switch to the new tables and size */ @@ -475,8 +490,8 @@ if_clone_create(char *name, int len, void *params) * Find a free unit if none was given. */ if (wildcard) { - while ((bytoff < ifc->ifc_bmlen) - && (ifc->ifc_units[bytoff] == 0xff)) + while ((bytoff < ifc->ifc_bmlen) && + (ifc->ifc_units[bytoff] == 0xff)) bytoff++; if (bytoff >= ifc->ifc_bmlen) return (ENOSPC); @@ -488,9 +503,12 @@ if_clone_create(char *name, int len, void *params) if (unit > ifc->ifc_maxunit) return (ENXIO); + lck_mtx_lock(&ifc->ifc_mutex); err = (*ifc->ifc_create)(ifc, unit, params); - if (err != 0) + if (err != 0) { + lck_mtx_unlock(&ifc->ifc_mutex); return (err); + } if (!wildcard) { bytoff = unit >> 3; @@ -519,6 +537,7 @@ if_clone_create(char *name, int len, void *params) } } + lck_mtx_unlock(&ifc->ifc_mutex); return (0); } @@ -529,36 +548,55 @@ if_clone_create(char *name, int len, void *params) static int if_clone_destroy(const char *name) { - struct if_clone *ifc; - struct ifnet *ifp; + struct if_clone *ifc = NULL; + struct ifnet *ifp = NULL; int bytoff, bitoff; u_int32_t unit; + int error = 0; ifc = if_clone_lookup(name, &unit); - if (ifc == NULL) - return (EINVAL); - if (unit < ifc->ifc_minifs) - return (EINVAL); + if (ifc == NULL) { + error = EINVAL; + goto done; + } - ifp = ifunit(name); - if (ifp == NULL) - return (ENXIO); + if (unit < ifc->ifc_minifs) { + error = EINVAL; + goto done; + } - if (ifc->ifc_destroy == NULL) - return (EOPNOTSUPP); + ifp = ifunit_ref(name); + if (ifp == NULL) { + error = ENXIO; + goto done; + } - (*ifc->ifc_destroy)(ifp); + if (ifc->ifc_destroy == NULL) { + error = EOPNOTSUPP; + goto done; + } - /* - * Compute offset in the bitmap and deallocate the unit. - */ + lck_mtx_lock(&ifc->ifc_mutex); + error = (*ifc->ifc_destroy)(ifp); + + if (error) { + lck_mtx_unlock(&ifc->ifc_mutex); + goto done; + } + + /* Compute offset in the bitmap and deallocate the unit. */ bytoff = unit >> 3; bitoff = unit - (bytoff << 3); KASSERT((ifc->ifc_units[bytoff] & (1 << bitoff)) != 0, ("%s: bit is already cleared", __func__)); ifc->ifc_units[bytoff] &= ~(1 << bitoff); - return (0); + lck_mtx_unlock(&ifc->ifc_mutex); + +done: + if (ifp != NULL) + ifnet_decr_iorefcnt(ifp); + return (error); } /* @@ -572,20 +610,20 @@ if_clone_lookup(const char *name, u_int32_t *unitp) const char *cp; u_int32_t i; - for (ifc = LIST_FIRST(&if_cloners); ifc != NULL;) { + for (ifc = LIST_FIRST(&if_cloners); ifc != NULL; ) { for (cp = name, i = 0; i < ifc->ifc_namelen; i++, cp++) { if (ifc->ifc_name[i] != *cp) goto next_ifc; } goto found_name; - next_ifc: +next_ifc: ifc = LIST_NEXT(ifc, ifc_list); } /* No match. */ return ((struct if_clone *)NULL); - found_name: +found_name: if (*cp == '\0') { i = UINT32_MAX; } else { @@ -603,6 +641,28 @@ if_clone_lookup(const char *name, u_int32_t *unitp) return (ifc); } +void * +if_clone_softc_allocate(const struct if_clone *ifc) +{ + void *p_clone = NULL; + + VERIFY(ifc != NULL); + + p_clone = zalloc(ifc->ifc_zone); + if (p_clone != NULL) + bzero(p_clone, ifc->ifc_softc_size); + + return (p_clone); +} + +void +if_clone_softc_deallocate(const struct if_clone *ifc, void *p_softc) +{ + VERIFY(ifc != NULL && p_softc != NULL); + bzero(p_softc, ifc->ifc_softc_size); + zfree(ifc->ifc_zone, p_softc); +} + /* * Register a network interface cloner. */ @@ -627,8 +687,20 @@ if_clone_attach(struct if_clone *ifc) len++; ifc->ifc_units = _MALLOC(len, M_CLONE, M_WAITOK | M_ZERO); if (ifc->ifc_units == NULL) - return ENOBUFS; + return (ENOBUFS); ifc->ifc_bmlen = len; + lck_mtx_init(&ifc->ifc_mutex, ifnet_lock_group, ifnet_lock_attr); + + if (ifc->ifc_softc_size != 0) { + ifc->ifc_zone = zinit(ifc->ifc_softc_size, + ifc->ifc_zone_max_elem * ifc->ifc_softc_size, 0, ifc->ifc_name); + if (ifc->ifc_zone == NULL) { + FREE(ifc->ifc_units, M_CLONE); + return (ENOBUFS); + } + zone_change(ifc->ifc_zone, Z_EXPAND, TRUE); + zone_change(ifc->ifc_zone, Z_CALLERACCT, FALSE); + } LIST_INSERT_HEAD(&if_cloners, ifc, ifc_list); if_cloners_count++; @@ -645,7 +717,7 @@ if_clone_attach(struct if_clone *ifc) ifc->ifc_units[bytoff] |= (1 << bitoff); } - return 0; + return (0); } /* @@ -656,6 +728,10 @@ if_clone_detach(struct if_clone *ifc) { LIST_REMOVE(ifc, ifc_list); FREE(ifc->ifc_units, M_CLONE); + if (ifc->ifc_softc_size != 0) + zdestroy(ifc->ifc_zone); + + lck_mtx_destroy(&ifc->ifc_mutex, ifnet_lock_group); if_cloners_count--; } @@ -681,10 +757,9 @@ if_clone_list(int count, int *ret_total, user_addr_t dst) count = (if_cloners_count < count) ? if_cloners_count : count; for (ifc = LIST_FIRST(&if_cloners); ifc != NULL && count != 0; - ifc = LIST_NEXT(ifc, ifc_list), count--, dst += IFNAMSIZ) { + ifc = LIST_NEXT(ifc, ifc_list), count--, dst += IFNAMSIZ) { bzero(outbuf, sizeof(outbuf)); - strlcpy(outbuf, ifc->ifc_name, - min(strlen(ifc->ifc_name), IFNAMSIZ)); + strlcpy(outbuf, ifc->ifc_name, IFNAMSIZ); error = copyout(outbuf, dst, IFNAMSIZ); if (error) break; @@ -694,25 +769,36 @@ if_clone_list(int count, int *ret_total, user_addr_t dst) } u_int32_t -if_functional_type(struct ifnet *ifp) +if_functional_type(struct ifnet *ifp, bool exclude_delegate) { u_int32_t ret = IFRTYPE_FUNCTIONAL_UNKNOWN; if (ifp != NULL) { if (ifp->if_flags & IFF_LOOPBACK) { ret = IFRTYPE_FUNCTIONAL_LOOPBACK; - } else if (IFNET_IS_WIFI(ifp)) { + } else if ((exclude_delegate && + (ifp->if_subfamily == IFNET_SUBFAMILY_WIFI)) || + (!exclude_delegate && IFNET_IS_WIFI(ifp))) { if (ifp->if_eflags & IFEF_AWDL) ret = IFRTYPE_FUNCTIONAL_WIFI_AWDL; else ret = IFRTYPE_FUNCTIONAL_WIFI_INFRA; - } else if (IFNET_IS_CELLULAR(ifp)) { + } else if ((exclude_delegate && + (ifp->if_type == IFT_CELLULAR)) || + (!exclude_delegate && IFNET_IS_CELLULAR(ifp))) { ret = IFRTYPE_FUNCTIONAL_CELLULAR; - } else if (IFNET_IS_WIRED(ifp)) { + } else if (IFNET_IS_INTCOPROC(ifp)) { + ret = IFRTYPE_FUNCTIONAL_INTCOPROC; + } else if ((exclude_delegate && + (ifp->if_family == IFNET_FAMILY_ETHERNET || + ifp->if_family == IFNET_FAMILY_BOND || + ifp->if_family == IFNET_FAMILY_VLAN || + ifp->if_family == IFNET_FAMILY_FIREWIRE)) || + (!exclude_delegate && IFNET_IS_WIRED(ifp))) { ret = IFRTYPE_FUNCTIONAL_WIRED; } } - return ret; + return (ret); } /* @@ -805,22 +891,28 @@ ifa_ifpgetprimary(struct ifnet *ifp, int family) return (ifa); } +static inline int +ifa_equal(const struct sockaddr *sa1, const struct sockaddr *sa2) +{ + + if (!sa1 || !sa2) + return 0; + if (sa1->sa_len != sa2->sa_len) + return 0; + + return (bcmp(sa1, sa2, sa1->sa_len) == 0); +} + /* * Locate an interface based on a complete address. */ -/*ARGSUSED*/ struct ifaddr * -ifa_ifwithaddr(const struct sockaddr *addr) +ifa_ifwithaddr_locked(const struct sockaddr *addr) { struct ifnet *ifp; struct ifaddr *ifa; struct ifaddr *result = NULL; -#define equal(a1, a2) \ - (bcmp((const void*)(a1), (const void*)(a2), \ - ((const struct sockaddr *)(a1))->sa_len) == 0) - - ifnet_head_lock_shared(); for (ifp = ifnet_head.tqh_first; ifp && !result; ifp = ifp->if_link.tqe_next) { ifnet_lock_shared(ifp); @@ -831,7 +923,7 @@ ifa_ifwithaddr(const struct sockaddr *addr) IFA_UNLOCK(ifa); continue; } - if (equal(addr, ifa->ifa_addr)) { + if (ifa_equal(addr, ifa->ifa_addr)) { result = ifa; IFA_ADDREF_LOCKED(ifa); /* for caller */ IFA_UNLOCK(ifa); @@ -841,7 +933,7 @@ ifa_ifwithaddr(const struct sockaddr *addr) ifa->ifa_broadaddr != NULL && /* IP6 doesn't have broadcast */ ifa->ifa_broadaddr->sa_len != 0 && - equal(ifa->ifa_broadaddr, addr)) { + ifa_equal(ifa->ifa_broadaddr, addr)) { result = ifa; IFA_ADDREF_LOCKED(ifa); /* for caller */ IFA_UNLOCK(ifa); @@ -851,6 +943,19 @@ ifa_ifwithaddr(const struct sockaddr *addr) } ifnet_lock_done(ifp); } + + return (result); +} + +struct ifaddr * +ifa_ifwithaddr(const struct sockaddr *addr) +{ + struct ifaddr *result = NULL; + + ifnet_head_lock_shared(); + + result = ifa_ifwithaddr_locked(addr); + ifnet_head_done(); return (result); @@ -879,8 +984,7 @@ ifa_ifwithdstaddr(const struct sockaddr *addr) IFA_UNLOCK(ifa); continue; } - if (ifa->ifa_dstaddr && - equal(addr, ifa->ifa_dstaddr)) { + if (ifa_equal(addr, ifa->ifa_dstaddr)) { result = ifa; IFA_ADDREF_LOCKED(ifa); /* for caller */ IFA_UNLOCK(ifa); @@ -899,17 +1003,15 @@ ifa_ifwithdstaddr(const struct sockaddr *addr) * Locate the source address of an interface based on a complete address. */ struct ifaddr * -ifa_ifwithaddr_scoped(const struct sockaddr *addr, unsigned int ifscope) +ifa_ifwithaddr_scoped_locked(const struct sockaddr *addr, unsigned int ifscope) { struct ifaddr *result = NULL; struct ifnet *ifp; if (ifscope == IFSCOPE_NONE) - return (ifa_ifwithaddr(addr)); + return (ifa_ifwithaddr_locked(addr)); - ifnet_head_lock_shared(); if (ifscope > (unsigned int)if_index) { - ifnet_head_done(); return (NULL); } @@ -930,7 +1032,7 @@ ifa_ifwithaddr_scoped(const struct sockaddr *addr, unsigned int ifscope) IFA_UNLOCK(ifa); continue; } - if (equal(addr, ifa->ifa_addr)) { + if (ifa_equal(addr, ifa->ifa_addr)) { result = ifa; IFA_ADDREF_LOCKED(ifa); /* for caller */ IFA_UNLOCK(ifa); @@ -940,7 +1042,7 @@ ifa_ifwithaddr_scoped(const struct sockaddr *addr, unsigned int ifscope) ifa->ifa_broadaddr != NULL && /* IP6 doesn't have broadcast */ ifa->ifa_broadaddr->sa_len != 0 && - equal(ifa->ifa_broadaddr, addr)) { + ifa_equal(ifa->ifa_broadaddr, addr)) { result = ifa; IFA_ADDREF_LOCKED(ifa); /* for caller */ IFA_UNLOCK(ifa); @@ -950,6 +1052,19 @@ ifa_ifwithaddr_scoped(const struct sockaddr *addr, unsigned int ifscope) } ifnet_lock_done(ifp); } + + return (result); +} + +struct ifaddr * +ifa_ifwithaddr_scoped(const struct sockaddr *addr, unsigned int ifscope) +{ + struct ifaddr *result = NULL; + + ifnet_head_lock_shared(); + + result = ifa_ifwithaddr_scoped_locked(addr, ifscope); + ifnet_head_done(); return (result); @@ -981,11 +1096,9 @@ ifa_ifwithnet_common(const struct sockaddr *addr, unsigned int ifscope) const char *addr_data = addr->sa_data, *cplim; #if INET6 - if ((af != AF_INET && af != AF_INET6) || - (af == AF_INET && !ip_doscopedroute) || - (af == AF_INET6 && !ip6_doscopedroute)) + if (af != AF_INET && af != AF_INET6) #else - if (af != AF_INET || !ip_doscopedroute) + if (af != AF_INET) #endif /* !INET6 */ ifscope = IFSCOPE_NONE; @@ -1090,7 +1203,26 @@ next: /* * Find an interface address specific to an interface best matching - * a given address. + * a given address applying same source address selection rules + * as done in the kernel for implicit source address binding + */ +struct ifaddr * +ifaof_ifpforaddr_select(const struct sockaddr *addr, struct ifnet *ifp) +{ + u_int af = addr->sa_family; + + if (af == AF_INET6) + return (in6_selectsrc_core_ifa(__DECONST(struct sockaddr_in6 *, addr), ifp, 0)); + + return (ifaof_ifpforaddr(addr, ifp)); +} + +/* + * Find an interface address specific to an interface best matching + * a given address without regards to source address selection. + * + * This is appropriate for use-cases where we just want to update/init + * some data structure like routing table entries. */ struct ifaddr * ifaof_ifpforaddr(const struct sockaddr *addr, struct ifnet *ifp) @@ -1118,8 +1250,8 @@ ifaof_ifpforaddr(const struct sockaddr *addr, struct ifnet *ifp) ifa_maybe = ifa; } if (ifa->ifa_netmask == 0) { - if (equal(addr, ifa->ifa_addr) || (ifa->ifa_dstaddr && - equal(addr, ifa->ifa_dstaddr))) { + if (ifa_equal(addr, ifa->ifa_addr) || + ifa_equal(addr, ifa->ifa_dstaddr)) { IFA_ADDREF_LOCKED(ifa); /* for caller */ IFA_UNLOCK(ifa); break; @@ -1128,13 +1260,13 @@ ifaof_ifpforaddr(const struct sockaddr *addr, struct ifnet *ifp) continue; } if (ifp->if_flags & IFF_POINTOPOINT) { - if (ifa->ifa_dstaddr && equal(addr, ifa->ifa_dstaddr)) { + if (ifa_equal(addr, ifa->ifa_dstaddr)) { IFA_ADDREF_LOCKED(ifa); /* for caller */ IFA_UNLOCK(ifa); break; } } else { - if (equal(addr, ifa->ifa_addr)) { + if (ifa_equal(addr, ifa->ifa_addr)) { /* exact match */ IFA_ADDREF_LOCKED(ifa); /* for caller */ IFA_UNLOCK(ifa); @@ -1195,7 +1327,7 @@ link_rtrequest(int cmd, struct rtentry *rt, struct sockaddr *sa) struct ifnet *ifp; void (*ifa_rtrequest)(int, struct rtentry *, struct sockaddr *); - lck_mtx_assert(rnh_lock, LCK_MTX_ASSERT_OWNED); + LCK_MTX_ASSERT(rnh_lock, LCK_MTX_ASSERT_OWNED); RT_LOCK_ASSERT_HELD(rt); if (cmd != RTM_ADD || ((ifa = rt->rt_ifa) == 0) || @@ -1229,9 +1361,7 @@ link_rtrequest(int cmd, struct rtentry *rt, struct sockaddr *sa) * up/down state and updating the rest of the flags. */ __private_extern__ void -if_updown( - struct ifnet *ifp, - int up) +if_updown( struct ifnet *ifp, int up) { int i; struct ifaddr **ifa; @@ -1259,15 +1389,23 @@ if_updown( /* Mark interface up or down */ if (up) { ifp->if_flags |= IFF_UP; - } - else { + } else { ifp->if_flags &= ~IFF_UP; } ifnet_touch_lastchange(ifp); + ifnet_touch_lastupdown(ifp); /* Drop the lock to notify addresses and route */ ifnet_lock_done(ifp); + + IFCQ_LOCK(ifq); + if_qflush(ifp, 1); + + /* Inform all transmit queues about the new link state */ + ifnet_update_sndq(ifq, up ? CLASSQ_EV_LINK_UP : CLASSQ_EV_LINK_DOWN); + IFCQ_UNLOCK(ifq); + if (ifnet_get_address_list(ifp, &ifa) == 0) { for (i = 0; ifa[i] != 0; i++) { pfctlinput(up ? PRC_IFUP : PRC_IFDOWN, ifa[i]->ifa_addr); @@ -1276,14 +1414,6 @@ if_updown( } rt_ifmsg(ifp); - if (!up) - if_qflush(ifp, 0); - - /* Inform all transmit queues about the new link state */ - IFCQ_LOCK(ifq); - ifnet_update_sndq(ifq, up ? CLASSQ_EV_LINK_UP : CLASSQ_EV_LINK_DOWN); - IFCQ_UNLOCK(ifq); - /* Aquire the lock to clear the changing flag */ ifnet_lock_exclusive(ifp); ifp->if_eflags &= ~IFEF_UPDOWNCHANGE; @@ -1329,12 +1459,6 @@ if_qflush(struct ifnet *ifp, int ifq_locked) if (IFCQ_IS_ENABLED(ifq)) IFCQ_PURGE(ifq); -#if PF_ALTQ - if (IFCQ_IS_DRAINING(ifq)) - ifq->ifcq_drain = 0; - if (ALTQ_IS_ENABLED(IFCQ_ALTQ(ifq))) - ALTQ_PURGE(IFCQ_ALTQ(ifq)); -#endif /* PF_ALTQ */ VERIFY(IFCQ_IS_EMPTY(ifq)); @@ -1358,14 +1482,6 @@ if_qflush_sc(struct ifnet *ifp, mbuf_svc_class_t sc, u_int32_t flow, if (IFCQ_IS_ENABLED(ifq)) IFCQ_PURGE_SC(ifq, sc, flow, cnt, len); -#if PF_ALTQ - if (IFCQ_IS_DRAINING(ifq)) { - VERIFY((signed)(ifq->ifcq_drain - cnt) >= 0); - ifq->ifcq_drain -= cnt; - } - if (ALTQ_IS_ENABLED(IFCQ_ALTQ(ifq))) - ALTQ_PURGE_SC(IFCQ_ALTQ(ifq), sc, flow, a_cnt, a_len); -#endif /* PF_ALTQ */ if (!ifq_locked) IFCQ_UNLOCK(ifq); @@ -1377,54 +1493,102 @@ if_qflush_sc(struct ifnet *ifp, mbuf_svc_class_t sc, u_int32_t flow, } /* - * Map interface name to - * interface structure pointer. + * Extracts interface unit number and name from string, returns -1 upon failure. + * Upon success, returns extracted unit number, and interface name in dst. */ -struct ifnet * -ifunit(const char *name) +int +ifunit_extract(const char *src, char *dst, size_t dstlen, int *unit) { - char namebuf[IFNAMSIZ + 1]; const char *cp; - struct ifnet *ifp; - int unit; - unsigned len, m; + size_t len, m; char c; + int u; - len = strlen(name); - if (len < 2 || len > IFNAMSIZ) - return (NULL); - cp = name + len - 1; + if (src == NULL || dst == NULL || dstlen == 0 || unit == NULL) + return (-1); + + len = strlen(src); + if (len < 2 || len > dstlen) + return (-1); + cp = src + len - 1; c = *cp; if (c < '0' || c > '9') - return (NULL); /* trailing garbage */ - unit = 0; + return (-1); /* trailing garbage */ + u = 0; m = 1; do { - if (cp == name) - return (NULL); /* no interface name */ - unit += (c - '0') * m; - if (unit > 1000000) - return (NULL); /* number is unreasonable */ + if (cp == src) + return (-1); /* no interface name */ + u += (c - '0') * m; + if (u > 1000000) + return (-1); /* number is unreasonable */ m *= 10; c = *--cp; } while (c >= '0' && c <= '9'); - len = cp - name + 1; - bcopy(name, namebuf, len); - namebuf[len] = '\0'; + len = cp - src + 1; + bcopy(src, dst, len); + dst[len] = '\0'; + *unit = u; + + return (0); +} + +/* + * Map interface name to + * interface structure pointer. + */ +static struct ifnet * +ifunit_common(const char *name, boolean_t hold) +{ + char namebuf[IFNAMSIZ + 1]; + struct ifnet *ifp; + int unit; + + if (ifunit_extract(name, namebuf, sizeof (namebuf), &unit) < 0) + return (NULL); + + /* for safety, since we use strcmp() below */ + namebuf[sizeof (namebuf) - 1] = '\0'; + /* * Now search all the interfaces for this name/number */ ifnet_head_lock_shared(); TAILQ_FOREACH(ifp, &ifnet_head, if_link) { - if (strncmp(ifp->if_name, namebuf, len)) + /* + * Use strcmp() rather than strncmp() here, + * since we want to match the entire string. + */ + if (strcmp(ifp->if_name, namebuf)) continue; if (unit == ifp->if_unit) break; } + + /* if called from ifunit_ref() and ifnet is not attached, bail */ + if (hold && ifp != NULL && !ifnet_is_attached(ifp, 1)) + ifp = NULL; + ifnet_head_done(); return (ifp); } +struct ifnet * +ifunit(const char *name) +{ + return (ifunit_common(name, FALSE)); +} + +/* + * Similar to ifunit(), except that we hold an I/O reference count on an + * attached interface, which must later be released via ifnet_decr_iorefcnt(). + * Will return NULL unless interface exists and is fully attached. + */ +struct ifnet * +ifunit_ref(const char *name) +{ + return (ifunit_common(name, TRUE)); +} /* * Map interface name in a sockaddr_dl to @@ -1436,8 +1600,8 @@ if_withname(struct sockaddr *sa) char ifname[IFNAMSIZ+1]; struct sockaddr_dl *sdl = (struct sockaddr_dl *)(void *)sa; - if ( (sa->sa_family != AF_LINK) || (sdl->sdl_nlen == 0) || - (sdl->sdl_nlen > IFNAMSIZ) ) + if ((sa->sa_family != AF_LINK) || (sdl->sdl_nlen == 0) || + (sdl->sdl_nlen > IFNAMSIZ)) return (NULL); /* @@ -1529,7 +1693,7 @@ ifioctl_ifdesc(struct ifnet *ifp, u_long cmd, caddr_t data, struct proc *p) switch (cmd) { case SIOCSIFDESC: { /* struct if_descreq */ if ((error = proc_suser(p)) != 0) - break; + break; ifnet_lock_exclusive(ifp); bcopy(&ifdr->ifdr_len, &ifdr_len, sizeof (ifdr_len)); @@ -1585,7 +1749,8 @@ ifioctl_linkparams(struct ifnet *ifp, u_long cmd, caddr_t data, struct proc *p) struct tb_profile tb = { 0, 0, 0 }; if ((error = proc_suser(p)) != 0) - break; + break; + IFCQ_LOCK(ifq); if (!IFCQ_IS_READY(ifq)) { @@ -1607,16 +1772,10 @@ ifioctl_linkparams(struct ifnet *ifp, u_long cmd, caddr_t data, struct proc *p) u_int64_t tbr_bw = 0, tbr_pct = 0; IFCQ_LOCK(ifq); -#if PF_ALTQ - if (ALTQ_IS_ENABLED(IFCQ_ALTQ(ifq))) { - sched_type = IFCQ_ALTQ(ifq)->altq_type; - flags |= IFLPRF_ALTQ; - } else -#endif /* PF_ALTQ */ - { - if (IFCQ_IS_ENABLED(ifq)) - sched_type = ifq->ifcq_type; - } + + if (IFCQ_IS_ENABLED(ifq)) + sched_type = ifq->ifcq_type; + bcopy(&sched_type, &iflpr->iflpr_output_sched, sizeof (iflpr->iflpr_output_sched)); @@ -1697,7 +1856,7 @@ ifioctl_throttle(struct ifnet *ifp, u_long cmd, caddr_t data, struct proc *p) * XXX: Use priv_check_cred() instead of root check? */ if ((error = proc_suser(p)) != 0) - break; + break; bcopy(&ifthr->ifthr_level, &ifthr_level, sizeof (ifthr_level)); error = ifnet_set_throttle(ifp, ifthr_level); @@ -1726,20 +1885,26 @@ static int ifioctl_getnetagents(struct ifnet *ifp, u_int32_t *count, user_addr_t uuid_p) { int error = 0; - int index = 0; + u_int32_t index = 0; u_int32_t valid_netagent_count = 0; *count = 0; - for (index = 0; index < IF_MAXAGENTS; index++) { - uuid_t *netagent_uuid = &(ifp->if_agentids[index]); - if (!uuid_is_null(*netagent_uuid)) { - if (uuid_p != USER_ADDR_NULL) { - if ((error = copyout(netagent_uuid, - uuid_p + sizeof(uuid_t) * valid_netagent_count, - sizeof(uuid_t))) != 0) { - return (error); + + ifnet_lock_assert(ifp, IFNET_LCK_ASSERT_SHARED); + + if (ifp->if_agentids != NULL) { + for (index = 0; index < ifp->if_agentcount; index++) { + uuid_t *netagent_uuid = &(ifp->if_agentids[index]); + if (!uuid_is_null(*netagent_uuid)) { + if (uuid_p != USER_ADDR_NULL) { + error = copyout(netagent_uuid, + uuid_p + sizeof(uuid_t) * valid_netagent_count, + sizeof(uuid_t)); + if (error != 0) { + return (error); + } } + valid_netagent_count++; } - valid_netagent_count++; } } *count = valid_netagent_count; @@ -1747,6 +1912,142 @@ ifioctl_getnetagents(struct ifnet *ifp, u_int32_t *count, user_addr_t uuid_p) return (0); } +#define IF_MAXAGENTS 64 +#define IF_AGENT_INCREMENT 8 +static int +if_add_netagent_locked(struct ifnet *ifp, uuid_t new_agent_uuid) +{ + uuid_t *first_empty_slot = NULL; + u_int32_t index = 0; + bool already_added = FALSE; + + if (ifp->if_agentids != NULL) { + for (index = 0; index < ifp->if_agentcount; index++) { + uuid_t *netagent_uuid = &(ifp->if_agentids[index]); + if (uuid_compare(*netagent_uuid, new_agent_uuid) == 0) { + /* Already present, ignore */ + already_added = TRUE; + break; + } + if (first_empty_slot == NULL && + uuid_is_null(*netagent_uuid)) { + first_empty_slot = netagent_uuid; + } + } + } + if (already_added) { + /* Already added agent, don't return an error */ + return (0); + } + if (first_empty_slot == NULL) { + if (ifp->if_agentcount >= IF_MAXAGENTS) { + /* No room for another netagent UUID, bail */ + return (ENOMEM); + } else { + /* Calculate new array size */ + u_int32_t new_agent_count = + MIN(ifp->if_agentcount + IF_AGENT_INCREMENT, + IF_MAXAGENTS); + + /* Reallocate array */ + uuid_t *new_agent_array = _REALLOC(ifp->if_agentids, + sizeof(uuid_t) * new_agent_count, M_NETAGENT, + M_WAITOK | M_ZERO); + if (new_agent_array == NULL) { + return (ENOMEM); + } + + /* Save new array */ + ifp->if_agentids = new_agent_array; + + /* Set first empty slot */ + first_empty_slot = + &(ifp->if_agentids[ifp->if_agentcount]); + + /* Save new array length */ + ifp->if_agentcount = new_agent_count; + } + } + uuid_copy(*first_empty_slot, new_agent_uuid); + netagent_post_updated_interfaces(new_agent_uuid); + return (0); +} + +int +if_add_netagent(struct ifnet *ifp, uuid_t new_agent_uuid) +{ + VERIFY(ifp != NULL); + + ifnet_lock_exclusive(ifp); + + int error = if_add_netagent_locked(ifp, new_agent_uuid); + + ifnet_lock_done(ifp); + + return (error); +} + +static int +if_delete_netagent_locked(struct ifnet *ifp, uuid_t remove_agent_uuid) +{ + u_int32_t index = 0; + bool removed_agent_id = FALSE; + + if (ifp->if_agentids != NULL) { + for (index = 0; index < ifp->if_agentcount; index++) { + uuid_t *netagent_uuid = &(ifp->if_agentids[index]); + if (uuid_compare(*netagent_uuid, + remove_agent_uuid) == 0) { + uuid_clear(*netagent_uuid); + removed_agent_id = TRUE; + break; + } + } + } + if (removed_agent_id) + netagent_post_updated_interfaces(remove_agent_uuid); + + return (0); +} + +int +if_delete_netagent(struct ifnet *ifp, uuid_t remove_agent_uuid) +{ + VERIFY(ifp != NULL); + + ifnet_lock_exclusive(ifp); + + int error = if_delete_netagent_locked(ifp, remove_agent_uuid); + + ifnet_lock_done(ifp); + + return (error); +} + +boolean_t +if_check_netagent(struct ifnet *ifp, uuid_t find_agent_uuid) +{ + boolean_t found = FALSE; + + if (!ifp || uuid_is_null(find_agent_uuid)) + return FALSE; + + ifnet_lock_shared(ifp); + + if (ifp->if_agentids != NULL) { + for (uint32_t index = 0; index < ifp->if_agentcount; index++) { + if (uuid_compare(ifp->if_agentids[index], find_agent_uuid) == 0) { + found = TRUE; + break; + } + } + } + + ifnet_lock_done(ifp); + + return found; +} + static __attribute__((noinline)) int ifioctl_netagent(struct ifnet *ifp, u_long cmd, caddr_t data, struct proc *p) { @@ -1756,66 +2057,51 @@ ifioctl_netagent(struct ifnet *ifp, u_long cmd, caddr_t data, struct proc *p) struct if_agentidsreq64 s64; } u; int error = 0; - int index = 0; VERIFY(ifp != NULL); + /* Get an io ref count if the interface is attached */ + if (!ifnet_is_attached(ifp, 1)) { + return (EOPNOTSUPP); + } + + if (cmd == SIOCAIFAGENTID || + cmd == SIOCDIFAGENTID) { + ifnet_lock_exclusive(ifp); + } else { + ifnet_lock_shared(ifp); + } + switch (cmd) { case SIOCAIFAGENTID: { /* struct if_agentidreq */ - uuid_t *first_empty_slot = NULL; // TODO: Use priv_check_cred() instead of root check if ((error = proc_suser(p)) != 0) { break; } - for (index = 0; index < IF_MAXAGENTS; index++) { - uuid_t *netagent_uuid = &(ifp->if_agentids[index]); - if (uuid_compare(*netagent_uuid, ifar->ifar_uuid) == 0) { - /* Already present, ignore */ - break; - } - if (first_empty_slot == NULL && - uuid_is_null(*netagent_uuid)) { - first_empty_slot = netagent_uuid; - } - } - if (first_empty_slot == NULL) { - error = ENOMEM; /* No empty slot for a netagent UUID, bail */ - break; - } - uuid_copy(*first_empty_slot, ifar->ifar_uuid); - netagent_post_updated_interfaces(ifar->ifar_uuid); + error = if_add_netagent_locked(ifp, ifar->ifar_uuid); break; } case SIOCDIFAGENTID: { /* struct if_agentidreq */ - bool removed_agent_id = FALSE; // TODO: Use priv_check_cred() instead of root check if ((error = proc_suser(p)) != 0) { break; } - for (index = 0; index < IF_MAXAGENTS; index++) { - uuid_t *netagent_uuid = &(ifp->if_agentids[index]); - if (uuid_compare(*netagent_uuid, ifar->ifar_uuid) == 0) { - uuid_clear(*netagent_uuid); - removed_agent_id = TRUE; - break; - } - } - if (removed_agent_id) { - netagent_post_updated_interfaces(ifar->ifar_uuid); - } + error = if_delete_netagent_locked(ifp, ifar->ifar_uuid); break; } - case SIOCGIFAGENTIDS32: { /* struct if_agentidsreq32 */ + case SIOCGIFAGENTIDS32: { /* struct if_agentidsreq32 */ bcopy(data, &u.s32, sizeof(u.s32)); - error = ifioctl_getnetagents(ifp, &u.s32.ifar_count, u.s32.ifar_uuids); + error = ifioctl_getnetagents(ifp, &u.s32.ifar_count, + u.s32.ifar_uuids); if (error == 0) { bcopy(&u.s32, data, sizeof(u.s32)); } break; } - case SIOCGIFAGENTIDS64: { /* struct if_agentidsreq64 */ + case SIOCGIFAGENTIDS64: { /* struct if_agentidsreq64 */ bcopy(data, &u.s64, sizeof(u.s64)); - error = ifioctl_getnetagents(ifp, &u.s64.ifar_count, u.s64.ifar_uuids); + error = ifioctl_getnetagents(ifp, &u.s64.ifar_count, + u.s64.ifar_uuids); if (error == 0) { bcopy(&u.s64, data, sizeof(u.s64)); } @@ -1826,6 +2112,9 @@ ifioctl_netagent(struct ifnet *ifp, u_long cmd, caddr_t data, struct proc *p) /* NOTREACHED */ } + ifnet_lock_done(ifp); + ifnet_decr_iorefcnt(ifp); + return (error); } @@ -1833,54 +2122,371 @@ void ifnet_clear_netagent(uuid_t netagent_uuid) { struct ifnet *ifp = NULL; - int index = 0; - bool removed_agent_id = FALSE; + u_int32_t index = 0; ifnet_head_lock_shared(); TAILQ_FOREACH(ifp, &ifnet_head, if_link) { - for (index = 0; index < IF_MAXAGENTS; index++) { - uuid_t *ifp_netagent_uuid = &(ifp->if_agentids[index]); - if (uuid_compare(*ifp_netagent_uuid, netagent_uuid) == 0) { - uuid_clear(*ifp_netagent_uuid); - removed_agent_id = TRUE; + ifnet_lock_shared(ifp); + if (ifp->if_agentids != NULL) { + for (index = 0; index < ifp->if_agentcount; index++) { + uuid_t *ifp_netagent_uuid = &(ifp->if_agentids[index]); + if (uuid_compare(*ifp_netagent_uuid, netagent_uuid) == 0) { + uuid_clear(*ifp_netagent_uuid); + } + } + } + ifnet_lock_done(ifp); + } + + ifnet_head_done(); +} + +void +ifnet_increment_generation(ifnet_t interface) +{ + OSIncrementAtomic(&interface->if_generation); +} + +u_int32_t +ifnet_get_generation(ifnet_t interface) +{ + return (interface->if_generation); +} + +void +ifnet_remove_from_ordered_list(struct ifnet *ifp) +{ + ifnet_head_assert_exclusive(); + + // Remove from list + TAILQ_REMOVE(&ifnet_ordered_head, ifp, if_ordered_link); + ifp->if_ordered_link.tqe_next = NULL; + ifp->if_ordered_link.tqe_prev = NULL; + + // Update ordered count + VERIFY(if_ordered_count > 0); + if_ordered_count--; +} + +static int +ifnet_reset_order(u_int32_t *ordered_indices, u_int32_t count) +{ + struct ifnet *ifp = NULL; + int error = 0; + + ifnet_head_lock_exclusive(); + for (u_int32_t order_index = 0; order_index < count; order_index++) { + if (ordered_indices[order_index] == IFSCOPE_NONE || + ordered_indices[order_index] > (uint32_t)if_index) { + error = EINVAL; + ifnet_head_done(); + return (error); + } + } + // Flush current ordered list + for (ifp = TAILQ_FIRST(&ifnet_ordered_head); ifp != NULL; + ifp = TAILQ_FIRST(&ifnet_ordered_head)) { + ifnet_lock_exclusive(ifp); + ifnet_remove_from_ordered_list(ifp); + ifnet_lock_done(ifp); + } + + VERIFY(if_ordered_count == 0); + + for (u_int32_t order_index = 0; order_index < count; order_index++) { + u_int32_t interface_index = ordered_indices[order_index]; + ifp = ifindex2ifnet[interface_index]; + if (ifp == NULL) { + continue; + } + ifnet_lock_exclusive(ifp); + TAILQ_INSERT_TAIL(&ifnet_ordered_head, ifp, if_ordered_link); + ifnet_lock_done(ifp); + if_ordered_count++; + } + + ifnet_head_done(); + + necp_update_all_clients(); + + return (error); +} + +int +if_set_qosmarking_mode(struct ifnet *ifp, u_int32_t mode) +{ + int error = 0; + u_int32_t old_mode = ifp->if_qosmarking_mode; + + switch (mode) { + case IFRTYPE_QOSMARKING_MODE_NONE: + ifp->if_qosmarking_mode = IFRTYPE_QOSMARKING_MODE_NONE; + ifp->if_eflags &= ~IFEF_QOSMARKING_CAPABLE; + break; + case IFRTYPE_QOSMARKING_FASTLANE: + ifp->if_qosmarking_mode = IFRTYPE_QOSMARKING_FASTLANE; + ifp->if_eflags |= IFEF_QOSMARKING_CAPABLE; + if (net_qos_policy_capable_enabled != 0) + ifp->if_eflags |= IFEF_QOSMARKING_ENABLED; + break; + default: + error = EINVAL; + break; + } + if (error == 0 && old_mode != ifp->if_qosmarking_mode) { + dlil_post_msg(ifp, KEV_DL_SUBCLASS, KEV_DL_QOS_MODE_CHANGED, + NULL, sizeof(struct kev_dl_rrc_state)); + + } + return (error); +} + +static __attribute__((noinline)) int +ifioctl_iforder(u_long cmd, caddr_t data) +{ + int error = 0; + u_int32_t *ordered_indices = NULL; + if (data == NULL) { + return (EINVAL); + } + + switch (cmd) { + case SIOCSIFORDER: { /* struct if_order */ + struct if_order *ifo = (struct if_order *)(void *)data; + + if (ifo->ifo_count > (u_int32_t)if_index) { + error = EINVAL; + break; + } + + size_t length = (ifo->ifo_count * sizeof(u_int32_t)); + if (length > 0) { + if (ifo->ifo_ordered_indices == USER_ADDR_NULL) { + error = EINVAL; + break; + } + ordered_indices = _MALLOC(length, M_NECP, M_WAITOK); + if (ordered_indices == NULL) { + error = ENOMEM; + break; + } + + error = copyin(ifo->ifo_ordered_indices, + ordered_indices, length); + if (error != 0) { + break; + } + + /* ordered_indices should not contain duplicates */ + bool found_duplicate = FALSE; + for (uint32_t i = 0; i < (ifo->ifo_count - 1) && !found_duplicate ; i++){ + for (uint32_t j = i + 1; j < ifo->ifo_count && !found_duplicate ; j++){ + if (ordered_indices[j] == ordered_indices[i]){ + error = EINVAL; + found_duplicate = TRUE; + break; + } + } + } + if (found_duplicate) { + break; } } + + error = ifnet_reset_order(ordered_indices, ifo->ifo_count); + + break; + } + + default: { + VERIFY(0); + /* NOTREACHED */ + } + } + + if (ordered_indices != NULL) { + _FREE(ordered_indices, M_NECP); + } + + return (error); +} + +static __attribute__((noinline)) int +ifioctl_netsignature(struct ifnet *ifp, u_long cmd, caddr_t data) +{ + struct if_nsreq *ifnsr = (struct if_nsreq *)(void *)data; + u_int16_t flags; + int error = 0; + + VERIFY(ifp != NULL); + + switch (cmd) { + case SIOCSIFNETSIGNATURE: /* struct if_nsreq */ + if (ifnsr->ifnsr_len > sizeof (ifnsr->ifnsr_data)) { + error = EINVAL; + break; + } + bcopy(&ifnsr->ifnsr_flags, &flags, sizeof (flags)); + error = ifnet_set_netsignature(ifp, ifnsr->ifnsr_family, + ifnsr->ifnsr_len, flags, ifnsr->ifnsr_data); + break; + + case SIOCGIFNETSIGNATURE: /* struct if_nsreq */ + ifnsr->ifnsr_len = sizeof (ifnsr->ifnsr_data); + error = ifnet_get_netsignature(ifp, ifnsr->ifnsr_family, + &ifnsr->ifnsr_len, &flags, ifnsr->ifnsr_data); + if (error == 0) + bcopy(&flags, &ifnsr->ifnsr_flags, sizeof (flags)); + else + ifnsr->ifnsr_len = 0; + break; + + default: + VERIFY(0); + /* NOTREACHED */ + } + + return (error); +} + +#if INET6 +static __attribute__((noinline)) int +ifioctl_nat64prefix(struct ifnet *ifp, u_long cmd, caddr_t data) +{ + struct if_nat64req *ifnat64 = (struct if_nat64req *)(void *)data; + int error = 0; + + VERIFY(ifp != NULL); + + switch (cmd) { + case SIOCSIFNAT64PREFIX: /* struct if_nat64req */ + error = ifnet_set_nat64prefix(ifp, ifnat64->ifnat64_prefixes); + if (error != 0) + ip6stat.ip6s_clat464_plat64_pfx_setfail++; + break; + + case SIOCGIFNAT64PREFIX: /* struct if_nat64req */ + error = ifnet_get_nat64prefix(ifp, ifnat64->ifnat64_prefixes); + if (error != 0) + ip6stat.ip6s_clat464_plat64_pfx_getfail++; + break; + + default: + VERIFY(0); + /* NOTREACHED */ + } + + return (error); +} + +static __attribute__((noinline)) int +ifioctl_clat46addr(struct ifnet *ifp, u_long cmd, caddr_t data) +{ + struct if_clat46req *ifclat46 = (struct if_clat46req *)(void *)data; + struct in6_ifaddr *ia6_clat = NULL; + int error = 0; + + VERIFY(ifp != NULL); + + switch (cmd) { + case SIOCGIFCLAT46ADDR: + ia6_clat = in6ifa_ifpwithflag(ifp, IN6_IFF_CLAT46); + if (ia6_clat == NULL) { + error = ENOENT; + break; + } + + bcopy(&ia6_clat->ia_addr.sin6_addr, &ifclat46->ifclat46_addr.v6_address, + sizeof(ifclat46->ifclat46_addr.v6_address)); + ifclat46->ifclat46_addr.v6_prefixlen = ia6_clat->ia_plen; + IFA_REMREF(&ia6_clat->ia_ifa); + break; + default: + VERIFY(0); + /* NOTREACHED */ + } + + return (error); +} +#endif + + +static int +ifioctl_get_protolist(struct ifnet *ifp, u_int32_t * ret_count, + user_addr_t ifpl) +{ + u_int32_t actual_count; + u_int32_t count; + int error = 0; + u_int32_t *list = NULL; + + /* find out how many */ + count = if_get_protolist(ifp, NULL, 0); + if (ifpl == USER_ADDR_NULL) { + goto done; + } + + /* copy out how many there's space for */ + if (*ret_count < count) { + count = *ret_count; + } + if (count == 0) { + goto done; + } + list = _MALLOC(count * sizeof(*list), M_TEMP, M_WAITOK | M_ZERO); + if (list == NULL) { + error = ENOMEM; + goto done; + } + actual_count = if_get_protolist(ifp, list, count); + if (actual_count < count) { + count = actual_count; + } + if (count != 0) { + error = copyout((caddr_t)list, ifpl, count * sizeof(*list)); } - ifnet_head_done(); + done: + if (list != NULL) { + if_free_protolist(list); + } + *ret_count = count; + return (error); } static __attribute__((noinline)) int -ifioctl_netsignature(struct ifnet *ifp, u_long cmd, caddr_t data) +ifioctl_protolist(struct ifnet *ifp, u_long cmd, caddr_t data) { - struct if_nsreq *ifnsr = (struct if_nsreq *)(void *)data; - u_int16_t flags; int error = 0; - VERIFY(ifp != NULL); - switch (cmd) { - case SIOCSIFNETSIGNATURE: /* struct if_nsreq */ - if (ifnsr->ifnsr_len > sizeof (ifnsr->ifnsr_data)) { + case SIOCGIFPROTOLIST32: { /* struct if_protolistreq32 */ + struct if_protolistreq32 ifpl; + + bcopy(data, &ifpl, sizeof(ifpl)); + if (ifpl.ifpl_reserved != 0) { error = EINVAL; break; } - bcopy(&ifnsr->ifnsr_flags, &flags, sizeof (flags)); - error = ifnet_set_netsignature(ifp, ifnsr->ifnsr_family, - ifnsr->ifnsr_len, flags, ifnsr->ifnsr_data); + error = ifioctl_get_protolist(ifp, &ifpl.ifpl_count, + CAST_USER_ADDR_T(ifpl.ifpl_list)); + bcopy(&ifpl, data, sizeof(ifpl)); break; + } + case SIOCGIFPROTOLIST64: { /* struct if_protolistreq64 */ + struct if_protolistreq64 ifpl; - case SIOCGIFNETSIGNATURE: /* struct if_nsreq */ - ifnsr->ifnsr_len = sizeof (ifnsr->ifnsr_data); - error = ifnet_get_netsignature(ifp, ifnsr->ifnsr_family, - &ifnsr->ifnsr_len, &flags, ifnsr->ifnsr_data); - if (error == 0) - bcopy(&flags, &ifnsr->ifnsr_flags, sizeof (flags)); - else - ifnsr->ifnsr_len = 0; + bcopy(data, &ifpl, sizeof(ifpl)); + if (ifpl.ifpl_reserved != 0) { + error = EINVAL; + break; + } + error = ifioctl_get_protolist(ifp, &ifpl.ifpl_count, + ifpl.ifpl_list); + bcopy(&ifpl, data, sizeof(ifpl)); break; - + } default: VERIFY(0); /* NOTREACHED */ @@ -1889,6 +2495,90 @@ ifioctl_netsignature(struct ifnet *ifp, u_long cmd, caddr_t data) return (error); } +/* + * List the ioctl()s we can perform on restricted INTCOPROC interfaces. + */ +static bool +ifioctl_restrict_intcoproc(unsigned long cmd, const char *ifname, + struct ifnet *ifp, struct proc *p) +{ + + if (intcoproc_unrestricted == TRUE) { + return (false); + } + if (proc_pid(p) == 0) { + return (false); + } + if (ifname) { + ifp = ifunit(ifname); + } + if (ifp == NULL) { + return (false); + } + if (!IFNET_IS_INTCOPROC(ifp)) { + return (false); + } + switch (cmd) { + case SIOCGIFBRDADDR: + case SIOCGIFCONF32: + case SIOCGIFCONF64: + case SIOCGIFFLAGS: + case SIOCGIFEFLAGS: + case SIOCGIFCAP: + case SIOCGIFMAC: + case SIOCGIFMETRIC: + case SIOCGIFMTU: + case SIOCGIFPHYS: + case SIOCGIFTYPE: + case SIOCGIFFUNCTIONALTYPE: + case SIOCGIFPSRCADDR: + case SIOCGIFPDSTADDR: + case SIOCGIFGENERIC: + case SIOCGIFDEVMTU: + case SIOCGIFVLAN: + case SIOCGIFBOND: + case SIOCGIFWAKEFLAGS: + case SIOCGIFGETRTREFCNT: + case SIOCGIFOPPORTUNISTIC: + case SIOCGIFLINKQUALITYMETRIC: + case SIOCGIFLOG: + case SIOCGIFDELEGATE: + case SIOCGIFEXPENSIVE: + case SIOCGIFINTERFACESTATE: + case SIOCGIFPROBECONNECTIVITY: + case SIOCGIFTIMESTAMPENABLED: + case SIOCGECNMODE: + case SIOCGQOSMARKINGMODE: + case SIOCGQOSMARKINGENABLED: + case SIOCGIFLOWINTERNET: + case SIOCGIFSTATUS: + case SIOCGIFMEDIA32: + case SIOCGIFMEDIA64: + case SIOCGIFDESC: + case SIOCGIFLINKPARAMS: + case SIOCGIFQUEUESTATS: + case SIOCGIFTHROTTLE: + case SIOCGIFAGENTIDS32: + case SIOCGIFAGENTIDS64: + case SIOCGIFNETSIGNATURE: + case SIOCGIFINFO_IN6: + case SIOCGIFAFLAG_IN6: + case SIOCGNBRINFO_IN6: + case SIOCGIFALIFETIME_IN6: + case SIOCGIFNETMASK_IN6: + case SIOCGIFPROTOLIST32: + case SIOCGIFPROTOLIST64: + return (false); + default: +#if (DEBUG || DEVELOPMENT) + printf("%s: cmd 0x%lx not allowed (pid %u)\n", + __func__, cmd, proc_pid(p)); +#endif + return (true); + } + return (false); +} + /* * Interface ioctls. * @@ -1925,9 +2615,15 @@ ifioctl(struct socket *so, u_long cmd, caddr_t data, struct proc *p) case SIOCGIFAGENTDATA32: /* struct netagent_req32 */ case SIOCGIFAGENTDATA64: /* struct netagent_req64 */ + case SIOCGIFAGENTLIST32: /* struct netagentlist_req32 */ + case SIOCGIFAGENTLIST64: /* struct netagentlist_req64 */ error = netagent_ioctl(cmd, data); goto done; + case SIOCSIFORDER: /* struct if_order */ + error = ifioctl_iforder(cmd, data); + goto done; + case SIOCSIFDSTADDR: /* struct ifreq */ case SIOCSIFADDR: /* struct ifreq */ case SIOCSIFBRDADDR: /* struct ifreq */ @@ -1995,12 +2691,31 @@ ifioctl(struct socket *so, u_long cmd, caddr_t data, struct proc *p) case SIOCSIFPROBECONNECTIVITY: /* struct ifreq */ case SIOCGIFPROBECONNECTIVITY: /* struct ifreq */ case SIOCGSTARTDELAY: /* struct ifreq */ + case SIOCSIFTIMESTAMPENABLE: /* struct ifreq */ + case SIOCSIFTIMESTAMPDISABLE: /* struct ifreq */ + case SIOCGIFTIMESTAMPENABLED: /* struct ifreq */ +#if (DEBUG || DEVELOPMENT) + case SIOCSIFDISABLEOUTPUT: /* struct ifreq */ +#endif /* (DEBUG || DEVELOPMENT) */ case SIOCGECNMODE: /* struct ifreq */ - case SIOCSECNMODE: { /* struct ifreq */ + case SIOCSECNMODE: + case SIOCSQOSMARKINGMODE: /* struct ifreq */ + case SIOCSQOSMARKINGENABLED: /* struct ifreq */ + case SIOCGQOSMARKINGMODE: /* struct ifreq */ + case SIOCGQOSMARKINGENABLED: /* struct ifreq */ + case SIOCSIFLOWINTERNET: /* struct ifreq */ + case SIOCGIFLOWINTERNET: /* struct ifreq */ + case SIOCGIFLOWPOWER: /* struct ifreq */ + case SIOCSIFLOWPOWER: /* struct ifreq */ + { /* struct ifreq */ struct ifreq ifr; bcopy(data, &ifr, sizeof (ifr)); ifr.ifr_name[IFNAMSIZ - 1] = '\0'; bcopy(&ifr.ifr_name, ifname, IFNAMSIZ); + if (ifioctl_restrict_intcoproc(cmd, ifname, NULL, p) == true) { + error = EPERM; + goto done; + } error = ifioctl_ifreq(so, cmd, &ifr, p); bcopy(&ifr, data, sizeof (ifr)); goto done; @@ -2090,17 +2805,23 @@ ifioctl(struct socket *so, u_long cmd, caddr_t data, struct proc *p) case SIOCGIFAGENTIDS32: /* struct if_agentidsreq32 */ case SIOCGIFAGENTIDS64: /* struct if_agentidsreq64 */ bcopy(((struct if_agentidreq *)(void *)data)->ifar_name, - ifname, IFNAMSIZ); + ifname, IFNAMSIZ); ifp = ifunit(ifname); break; case SIOCSIFNETSIGNATURE: /* struct if_nsreq */ case SIOCGIFNETSIGNATURE: /* struct if_nsreq */ bcopy(((struct if_nsreq *)(void *)data)->ifnsr_name, - ifname, IFNAMSIZ); + ifname, IFNAMSIZ); ifp = ifunit(ifname); break; + case SIOCGIFPROTOLIST32: /* struct if_protolistreq32 */ + case SIOCGIFPROTOLIST64: /* struct if_protolistreq64 */ + bcopy(((struct if_protolistreq *)(void *)data)->ifpl_name, + ifname, IFNAMSIZ); + ifp = ifunit(ifname); + break; default: /* * This is a bad assumption, but the code seems to @@ -2118,6 +2839,10 @@ ifioctl(struct socket *so, u_long cmd, caddr_t data, struct proc *p) goto done; } + if (ifioctl_restrict_intcoproc(cmd, NULL, ifp, p) == true) { + error = EPERM; + goto done; + } switch (cmd) { case SIOCSIFPHYADDR: /* struct {if,in_}aliasreq */ #if INET6 @@ -2180,6 +2905,22 @@ ifioctl(struct socket *so, u_long cmd, caddr_t data, struct proc *p) error = ifioctl_netsignature(ifp, cmd, data); break; +#if INET6 + case SIOCSIFNAT64PREFIX: /* struct if_nat64req */ + case SIOCGIFNAT64PREFIX: /* struct if_nat64req */ + error = ifioctl_nat64prefix(ifp, cmd, data); + break; + + case SIOCGIFCLAT46ADDR: /* struct if_clat46req */ + error = ifioctl_clat46addr(ifp, cmd, data); + break; +#endif + + case SIOCGIFPROTOLIST32: /* struct if_protolistreq32 */ + case SIOCGIFPROTOLIST64: /* struct if_protolistreq64 */ + error = ifioctl_protolist(ifp, cmd, data); + break; + default: if (so->so_proto == NULL) { error = EOPNOTSUPP; @@ -2244,10 +2985,10 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p) switch (cmd) { case SIOCIFCREATE: case SIOCIFCREATE2: - error = proc_suser(p); - if (error) - return (error); - return (if_clone_create(ifr->ifr_name, sizeof(ifr->ifr_name), + error = proc_suser(p); + if (error) + return (error); + return (if_clone_create(ifr->ifr_name, sizeof(ifr->ifr_name), cmd == SIOCIFCREATE2 ? ifr->ifr_data : NULL)); case SIOCIFDESTROY: error = proc_suser(p); @@ -2333,18 +3074,7 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p) * Send the event even upon error from the driver because * we changed the flags. */ - ev_msg.vendor_code = KEV_VENDOR_APPLE; - ev_msg.kev_class = KEV_NETWORK_CLASS; - ev_msg.kev_subclass = KEV_DL_SUBCLASS; - - ev_msg.event_code = KEV_DL_SIFFLAGS; - strlcpy(&ev_data.if_name[0], ifp->if_name, IFNAMSIZ); - ev_data.if_family = ifp->if_family; - ev_data.if_unit = (u_int32_t) ifp->if_unit; - ev_msg.dv[0].data_length = sizeof(struct net_event_data); - ev_msg.dv[0].data_ptr = &ev_data; - ev_msg.dv[1].data_length = 0; - kev_post_msg(&ev_msg); + dlil_post_sifflags_msg(ifp); ifnet_touch_lastchange(ifp); break; @@ -2382,7 +3112,7 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p) ev_msg.dv[0].data_ptr = &ev_data; ev_msg.dv[1].data_length = 0; - kev_post_msg(&ev_msg); + dlil_post_complete_msg(ifp, &ev_msg); ifnet_touch_lastchange(ifp); break; @@ -2407,7 +3137,7 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p) ev_msg.dv[0].data_length = sizeof(struct net_event_data); ev_msg.dv[0].data_ptr = &ev_data; ev_msg.dv[1].data_length = 0; - kev_post_msg(&ev_msg); + dlil_post_complete_msg(ifp, &ev_msg); ifnet_touch_lastchange(ifp); break; @@ -2443,7 +3173,7 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p) ev_msg.dv[0].data_length = sizeof(struct net_event_data); ev_msg.dv[0].data_ptr = &ev_data; ev_msg.dv[1].data_length = 0; - kev_post_msg(&ev_msg); + dlil_post_complete_msg(ifp, &ev_msg); ifnet_touch_lastchange(ifp); rt_ifmsg(ifp); @@ -2516,7 +3246,7 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p) ev_msg.dv[0].data_length = sizeof(struct net_event_data); ev_msg.dv[0].data_ptr = &ev_data; ev_msg.dv[1].data_length = 0; - kev_post_msg(&ev_msg); + dlil_post_complete_msg(ifp, &ev_msg); ifnet_touch_lastchange(ifp); break; @@ -2567,7 +3297,7 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p) break; case SIOCGIFFUNCTIONALTYPE: - ifr->ifr_functional_type = if_functional_type(ifp); + ifr->ifr_functional_type = if_functional_type(ifp, FALSE); break; case SIOCGIFPSRCADDR: @@ -2598,11 +3328,11 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p) case SIOCGIFLINKQUALITYMETRIC: ifnet_lock_shared(ifp); - if ((ifp->if_interface_state.valid_bitmask & - IF_INTERFACE_STATE_LQM_STATE_VALID)) + if ((ifp->if_interface_state.valid_bitmask & + IF_INTERFACE_STATE_LQM_STATE_VALID)) { ifr->ifr_link_quality_metric = - ifp->if_interface_state.lqm_state; - else if ((ifp->if_refflags & IFRF_ATTACHED)) { + ifp->if_interface_state.lqm_state; + } else if (IF_FULLY_ATTACHED(ifp)) { ifr->ifr_link_quality_metric = IFNET_LQM_THRESH_UNKNOWN; } else { @@ -2628,7 +3358,7 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p) ifnet_lock_shared(ifp); if (ifp->if_eflags & IFEF_EXPENSIVE) ifr->ifr_expensive = 1; - else + else ifr->ifr_expensive = 0; ifnet_lock_done(ifp); break; @@ -2643,7 +3373,7 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p) ifnet_lock_exclusive(ifp); if (ifr->ifr_expensive) ifp->if_eflags |= IFEF_EXPENSIVE; - else + else ifp->if_eflags &= ~IFEF_EXPENSIVE; ifnet_lock_done(ifp); /* @@ -2654,7 +3384,7 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p) TAILQ_FOREACH(difp, &ifnet_head, if_link) { ifnet_lock_exclusive(difp); if (difp->if_delegated.ifp == ifp) { - difp->if_delegated.expensive = + difp->if_delegated.expensive = ifp->if_eflags & IFEF_EXPENSIVE ? 1 : 0; } @@ -2758,7 +3488,7 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p) case SIOCGIFINTERFACESTATE: if_get_state(ifp, &ifr->ifr_interface_state); - + break; case SIOCSIFINTERFACESTATE: if ((error = priv_check_cred(kauth_cred_get(), @@ -2795,6 +3525,9 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p) ifr->ifr_ecn_mode = IFRTYPE_ECN_DEFAULT; break; case SIOCSECNMODE: + if ((error = priv_check_cred(kauth_cred_get(), + PRIV_NET_INTERFACE_CONTROL, 0)) != 0) + return (error); if (ifr->ifr_ecn_mode == IFRTYPE_ECN_DEFAULT) { ifp->if_eflags &= ~(IFEF_ECN_ENABLE|IFEF_ECN_DISABLE); } else if (ifr->ifr_ecn_mode == IFRTYPE_ECN_ENABLE) { @@ -2806,6 +3539,119 @@ ifioctl_ifreq(struct socket *so, u_long cmd, struct ifreq *ifr, struct proc *p) } else error = EINVAL; break; + case SIOCSIFTIMESTAMPENABLE: + case SIOCSIFTIMESTAMPDISABLE: + error = proc_suser(p); + if (error != 0) + break; + + ifnet_lock_exclusive(ifp); + if ((cmd == SIOCSIFTIMESTAMPENABLE && + (ifp->if_xflags & IFXF_TIMESTAMP_ENABLED) != 0) || + (cmd == SIOCSIFTIMESTAMPDISABLE && + (ifp->if_xflags & IFXF_TIMESTAMP_ENABLED) == 0)) { + ifnet_lock_done(ifp); + break; + } + if (cmd == SIOCSIFTIMESTAMPENABLE) + ifp->if_xflags |= IFXF_TIMESTAMP_ENABLED; + else + ifp->if_xflags &= ~IFXF_TIMESTAMP_ENABLED; + ifnet_lock_done(ifp); + /* + * Pass the setting to the interface if it supports either + * software or hardware time stamping + */ + if (ifp->if_capabilities & (IFCAP_HW_TIMESTAMP | + IFCAP_SW_TIMESTAMP)) { + error = ifnet_ioctl(ifp, SOCK_DOM(so), cmd, + (caddr_t)ifr); + } + break; + case SIOCGIFTIMESTAMPENABLED: { + if ((ifp->if_xflags & IFXF_TIMESTAMP_ENABLED) != 0) + ifr->ifr_intval = 1; + else + ifr->ifr_intval = 0; + break; + } + case SIOCSQOSMARKINGMODE: + if ((error = priv_check_cred(kauth_cred_get(), + PRIV_NET_INTERFACE_CONTROL, 0)) != 0) + return (error); + error = if_set_qosmarking_mode(ifp, ifr->ifr_qosmarking_mode); + break; + + case SIOCGQOSMARKINGMODE: + ifr->ifr_qosmarking_mode = ifp->if_qosmarking_mode; + break; + + case SIOCSQOSMARKINGENABLED: + if ((error = priv_check_cred(kauth_cred_get(), + PRIV_NET_INTERFACE_CONTROL, 0)) != 0) + return (error); + if (ifr->ifr_qosmarking_enabled != 0) + ifp->if_eflags |= IFEF_QOSMARKING_ENABLED; + else + ifp->if_eflags &= ~IFEF_QOSMARKING_ENABLED; + break; + + case SIOCGQOSMARKINGENABLED: + ifr->ifr_qosmarking_enabled = + (ifp->if_eflags & IFEF_QOSMARKING_ENABLED) ? 1 : 0; + break; + + case SIOCSIFDISABLEOUTPUT: +#if (DEBUG || DEVELOPMENT) + if (ifr->ifr_disable_output == 1) { + error = ifnet_disable_output(ifp); + } else if (ifr->ifr_disable_output == 0) { + error = ifnet_enable_output(ifp); + } else { + error = EINVAL; + } +#else + error = EINVAL; +#endif /* (DEBUG || DEVELOPMENT) */ + break; + case SIOCSIFLOWINTERNET: + if ((error = priv_check_cred(kauth_cred_get(), + PRIV_NET_INTERFACE_CONTROL, 0)) != 0) + return (error); + + ifnet_lock_exclusive(ifp); + if (ifr->ifr_low_internet & IFRTYPE_LOW_INTERNET_ENABLE_UL) + ifp->if_xflags |= IFXF_LOW_INTERNET_UL; + else + ifp->if_xflags &= ~(IFXF_LOW_INTERNET_UL); + if (ifr->ifr_low_internet & IFRTYPE_LOW_INTERNET_ENABLE_DL) + ifp->if_xflags |= IFXF_LOW_INTERNET_DL; + else + ifp->if_xflags &= ~(IFXF_LOW_INTERNET_DL); + ifnet_lock_done(ifp); + break; + case SIOCGIFLOWINTERNET: + ifnet_lock_shared(ifp); + ifr->ifr_low_internet = 0; + if (ifp->if_xflags & IFXF_LOW_INTERNET_UL) + ifr->ifr_low_internet |= + IFRTYPE_LOW_INTERNET_ENABLE_UL; + if (ifp->if_xflags & IFXF_LOW_INTERNET_DL) + ifr->ifr_low_internet |= + IFRTYPE_LOW_INTERNET_ENABLE_DL; + ifnet_lock_done(ifp); + break; + case SIOCGIFLOWPOWER: + ifr->ifr_low_power_mode = + !!(ifp->if_xflags & IFXF_LOW_POWER); + break; + case SIOCSIFLOWPOWER: +#if (DEVELOPMENT || DEBUG) + error = if_set_low_power(ifp, !!(ifr->ifr_low_power_mode)); +#else /* DEVELOPMENT || DEBUG */ + error = EOPNOTSUPP; +#endif /* DEVELOPMENT || DEBUG */ + break; default: VERIFY(0); /* NOTREACHED */ @@ -2822,9 +3668,9 @@ ifioctllocked(struct socket *so, u_long cmd, caddr_t data, struct proc *p) socket_unlock(so, 0); error = ifioctl(so, cmd, data, p); socket_lock(so, 0); - return(error); + return (error); } - + /* * Set/clear promiscuous mode on interface ifp based on the truth value * of pswitch. The calls are reference counted so that only the first @@ -2843,15 +3689,15 @@ ifnet_set_promiscuous( ifnet_lock_exclusive(ifp); oldflags = ifp->if_flags; ifp->if_pcount += pswitch ? 1 : -1; - + if (ifp->if_pcount > 0) ifp->if_flags |= IFF_PROMISC; else ifp->if_flags &= ~IFF_PROMISC; - + newflags = ifp->if_flags; ifnet_lock_done(ifp); - + if (newflags != oldflags && (newflags & IFF_UP) != 0) { error = ifnet_ioctl(ifp, 0, SIOCSIFFLAGS, NULL); if (error == 0) { @@ -2867,14 +3713,14 @@ ifnet_set_promiscuous( ifnet_lock_done(ifp); } } - + if (newflags != oldflags) { log(LOG_INFO, "%s: promiscuous mode %s%s\n", if_name(ifp), (newflags & IFF_PROMISC) != 0 ? "enable" : "disable", error != 0 ? " failed" : " succeeded"); } - return error; + return (error); } /* @@ -3037,7 +3883,7 @@ if_allmulti(struct ifnet *ifp, int onswitch) if (error == 0) rt_ifmsg(ifp); - return error; + return (error); } static struct ifmultiaddr * @@ -3293,7 +4139,7 @@ if_detach_ifma(struct ifnet *ifp, struct ifmultiaddr *ifma, int anon) } /* - * Find an ifmultiaddr that matches a socket address on an interface. + * Find an ifmultiaddr that matches a socket address on an interface. * * Caller is responsible for holding the ifnet_lock while calling * this function. @@ -3305,9 +4151,9 @@ if_addmulti_doesexist(struct ifnet *ifp, const struct sockaddr *sa, struct ifmultiaddr *ifma; for (ifma = LIST_FIRST(&ifp->if_multiaddrs); ifma != NULL; - ifma = LIST_NEXT(ifma, ifma_link)) { + ifma = LIST_NEXT(ifma, ifma_link)) { IFMA_LOCK_SPIN(ifma); - if (!equal(sa, ifma->ifma_addr)) { + if (!ifa_equal(sa, ifma->ifma_addr)) { IFMA_UNLOCK(ifma); continue; } @@ -3339,7 +4185,7 @@ if_addmulti_doesexist(struct ifnet *ifp, const struct sockaddr *sa, /* * Radar 3642395, make sure all multicasts are in a standard format. */ -static struct sockaddr* +static struct sockaddr * copy_and_normalize(const struct sockaddr *original) { int alen = 0; @@ -3351,7 +4197,7 @@ copy_and_normalize(const struct sockaddr *original) if (original->sa_family != AF_LINK && original->sa_family != AF_UNSPEC) { /* Just make a copy */ - MALLOC(copy, struct sockaddr*, original->sa_len, + MALLOC(copy, struct sockaddr *, original->sa_len, M_IFADDR, M_WAITOK); if (copy != NULL) bcopy(original, copy, original->sa_len); @@ -3361,7 +4207,7 @@ copy_and_normalize(const struct sockaddr *original) switch (original->sa_family) { case AF_LINK: { const struct sockaddr_dl *sdl_original = - (struct sockaddr_dl*)(uintptr_t)(size_t)original; + (struct sockaddr_dl *)(uintptr_t)(size_t)original; if (sdl_original->sdl_nlen + sdl_original->sdl_alen + sdl_original->sdl_slen + @@ -3381,7 +4227,7 @@ copy_and_normalize(const struct sockaddr *original) } alen = ETHER_ADDR_LEN; - aptr = (const u_char*)original->sa_data; + aptr = (const u_char *)original->sa_data; } break; } @@ -3390,7 +4236,7 @@ copy_and_normalize(const struct sockaddr *original) return (NULL); len = alen + offsetof(struct sockaddr_dl, sdl_data); - MALLOC(sdl_new, struct sockaddr_dl*, len, M_IFADDR, M_WAITOK); + MALLOC(sdl_new, struct sockaddr_dl *, len, M_IFADDR, M_WAITOK); if (sdl_new != NULL) { bzero(sdl_new, len); @@ -3400,7 +4246,7 @@ copy_and_normalize(const struct sockaddr *original) bcopy(aptr, LLADDR(sdl_new), alen); } - return ((struct sockaddr*)sdl_new); + return ((struct sockaddr *)sdl_new); } /* @@ -3665,9 +4511,9 @@ if_delmulti_common(struct ifmultiaddr *ifma, struct ifnet *ifp, ifnet_lock_exclusive(ifp); if (ifma == NULL) { for (ifma = LIST_FIRST(&ifp->if_multiaddrs); ifma != NULL; - ifma = LIST_NEXT(ifma, ifma_link)) { + ifma = LIST_NEXT(ifma, ifma_link)) { IFMA_LOCK(ifma); - if (!equal(sa, ifma->ifma_addr) || + if (!ifa_equal(sa, ifma->ifma_addr) || (anon && !(ifma->ifma_flags & IFMAF_ANONYMOUS))) { VERIFY(!(ifma->ifma_flags & IFMAF_ANONYMOUS) || ifma->ifma_anoncnt != 0); @@ -3747,12 +4593,12 @@ if_down_all(void) ifnet_list_free(ifp); } - return 0; + return (0); } /* * Delete Routes for a Network Interface - * + * * Called for each routing entry via the rnh->rnh_walktree() call above * to delete all route entries referencing a detaching network interface. * @@ -3827,8 +4673,15 @@ if_rtmtu(struct radix_node *rn, void *arg) * has not been locked (RTV_MTU is not set) and * if it was non-zero to begin with. */ - if (!(rt->rt_rmx.rmx_locks & RTV_MTU) && rt->rt_rmx.rmx_mtu) + if (!(rt->rt_rmx.rmx_locks & RTV_MTU) && rt->rt_rmx.rmx_mtu) { rt->rt_rmx.rmx_mtu = ifp->if_mtu; + if (rt_key(rt)->sa_family == AF_INET && + INTF_ADJUST_MTU_FOR_CLAT46(ifp)) { + rt->rt_rmx.rmx_mtu = IN6_LINKMTU(ifp); + /* Further adjust the size for CLAT46 expansion */ + rt->rt_rmx.rmx_mtu -= CLAT46_HDR_EXPANSION_OVERHD; + } + } } RT_UNLOCK(rt); @@ -3840,8 +4693,8 @@ if_rtmtu(struct radix_node *rn, void *arg) * associated with a particular interface; this is called when the * MTU of that interface has changed. */ -static -void if_rtmtu_update(struct ifnet *ifp) +static void +if_rtmtu_update(struct ifnet *ifp) { struct radix_node_head *rnh; int p; @@ -3862,8 +4715,8 @@ if_data_internal_to_if_data(struct ifnet *ifp, const struct if_data_internal *if_data_int, struct if_data *if_data) { #pragma unused(ifp) -#define COPYFIELD(fld) if_data->fld = if_data_int->fld -#define COPYFIELD32(fld) if_data->fld = (u_int32_t)(if_data_int->fld) +#define COPYFIELD(fld) if_data->fld = if_data_int->fld +#define COPYFIELD32(fld) if_data->fld = (u_int32_t)(if_data_int->fld) /* compiler will cast down to 32-bit */ #define COPYFIELD32_ATOMIC(fld) do { \ atomic_get_64(if_data->fld, \ @@ -3921,8 +4774,8 @@ if_data_internal_to_if_data64(struct ifnet *ifp, struct if_data64 *if_data64) { #pragma unused(ifp) -#define COPYFIELD64(fld) if_data64->fld = if_data_int->fld -#define COPYFIELD64_ATOMIC(fld) do { \ +#define COPYFIELD64(fld) if_data64->fld = if_data_int->fld +#define COPYFIELD64_ATOMIC(fld) do { \ atomic_get_64(if_data64->fld, \ (u_int64_t *)(void *)(uintptr_t)&if_data_int->fld); \ } while (0) @@ -3951,8 +4804,9 @@ if_data_internal_to_if_data64(struct ifnet *ifp, COPYFIELD64_ATOMIC(ifi_iqdrops); COPYFIELD64_ATOMIC(ifi_noproto); - /* Note these two fields are actually 32 bit, so doing COPYFIELD64_ATOMIC will - * cause them to be misaligned + /* + * Note these two fields are actually 32 bit, so doing + * COPYFIELD64_ATOMIC will cause them to be misaligned */ COPYFIELD64(ifi_recvtiming); COPYFIELD64(ifi_xmittiming); @@ -3969,7 +4823,7 @@ __private_extern__ void if_copy_traffic_class(struct ifnet *ifp, struct if_traffic_class *if_tc) { -#define COPY_IF_TC_FIELD64_ATOMIC(fld) do { \ +#define COPY_IF_TC_FIELD64_ATOMIC(fld) do { \ atomic_get_64(if_tc->fld, \ (u_int64_t *)(void *)(uintptr_t)&ifp->if_tc.fld); \ } while (0) @@ -4002,7 +4856,7 @@ if_copy_traffic_class(struct ifnet *ifp, void if_copy_data_extended(struct ifnet *ifp, struct if_data_extended *if_de) { -#define COPY_IF_DE_FIELD64_ATOMIC(fld) do { \ +#define COPY_IF_DE_FIELD64_ATOMIC(fld) do { \ atomic_get_64(if_de->fld, \ (u_int64_t *)(void *)(uintptr_t)&ifp->if_data.fld); \ } while (0) @@ -4019,12 +4873,12 @@ if_copy_data_extended(struct ifnet *ifp, struct if_data_extended *if_de) void if_copy_packet_stats(struct ifnet *ifp, struct if_packet_stats *if_ps) { -#define COPY_IF_PS_TCP_FIELD64_ATOMIC(fld) do { \ +#define COPY_IF_PS_TCP_FIELD64_ATOMIC(fld) do { \ atomic_get_64(if_ps->ifi_tcp_##fld, \ (u_int64_t *)(void *)(uintptr_t)&ifp->if_tcp_stat->fld); \ } while (0) -#define COPY_IF_PS_UDP_FIELD64_ATOMIC(fld) do { \ +#define COPY_IF_PS_UDP_FIELD64_ATOMIC(fld) do { \ atomic_get_64(if_ps->ifi_udp_##fld, \ (u_int64_t *)(void *)(uintptr_t)&ifp->if_udp_stat->fld); \ } while (0) @@ -4227,6 +5081,8 @@ ifioctl_cassert(void) case SIOCSETROUTERMODE_IN6: case SIOCLL_CGASTART_32: case SIOCLL_CGASTART_64: + case SIOCGIFCGAPREP_IN6: + case SIOCSIFCGAPREP_IN6: #endif /* INET6 */ /* bsd/sys/sockio.h */ @@ -4246,6 +5102,7 @@ ifioctl_cassert(void) case SIOCSIFMETRIC: case SIOCDIFADDR: case SIOCAIFADDR: + case SIOCGIFADDR: case SIOCGIFDSTADDR: case SIOCGIFBRDADDR: @@ -4255,6 +5112,7 @@ ifioctl_cassert(void) case SIOCAUTOADDR: case SIOCAUTONETMASK: case SIOCARPIPLL: + case SIOCADDMULTI: case SIOCDELMULTI: case SIOCGIFMTU: @@ -4267,32 +5125,41 @@ ifioctl_cassert(void) case SIOCSIFGENERIC: case SIOCGIFGENERIC: case SIOCRSLVMULTI: + case SIOCSIFLLADDR: case SIOCGIFSTATUS: case SIOCSIFPHYADDR: case SIOCGIFPSRCADDR: case SIOCGIFPDSTADDR: case SIOCDIFPHYADDR: + case SIOCGIFDEVMTU: case SIOCSIFALTMTU: case SIOCGIFALTMTU: case SIOCSIFBOND: case SIOCGIFBOND: + case SIOCPROTOATTACH: case SIOCPROTODETACH: + case SIOCSIFCAP: case SIOCGIFCAP: + case SIOCIFCREATE: case SIOCIFDESTROY: case SIOCIFCREATE2: + case SIOCSDRVSPEC32: case SIOCGDRVSPEC32: case SIOCSDRVSPEC64: case SIOCGDRVSPEC64: + case SIOCSIFVLAN: case SIOCGIFVLAN: + case SIOCIFGCLONERS32: case SIOCIFGCLONERS64: + case SIOCGIFASYNCMAP: case SIOCSIFASYNCMAP: #if CONFIG_MACF_NET @@ -4301,7 +5168,9 @@ ifioctl_cassert(void) #endif /* CONFIG_MACF_NET */ case SIOCSIFKPI: case SIOCGIFKPI: + case SIOCGIFWAKEFLAGS: + case SIOCGIFGETRTREFCNT: case SIOCGIFLINKQUALITYMETRIC: case SIOCSIFOPPORTUNISTIC: @@ -4315,24 +5184,129 @@ ifioctl_cassert(void) case SIOCGIFQUEUESTATS: case SIOCSIFTHROTTLE: case SIOCGIFTHROTTLE: + + case SIOCGASSOCIDS32: + case SIOCGASSOCIDS64: + case SIOCGCONNIDS32: + case SIOCGCONNIDS64: + case SIOCGCONNINFO32: + case SIOCGCONNINFO64: + case SIOCSCONNORDER: + case SIOCGCONNORDER: + case SIOCSIFLOG: case SIOCGIFLOG: case SIOCGIFDELEGATE: case SIOCGIFLLADDR: case SIOCGIFTYPE: - case SIOCGIFFUNCTIONALTYPE: + case SIOCGIFEXPENSIVE: + case SIOCSIFEXPENSIVE: + case SIOCGIF2KCL: + case SIOCSIF2KCL: + case SIOCGSTARTDELAY: + case SIOCAIFAGENTID: case SIOCDIFAGENTID: case SIOCGIFAGENTIDS32: case SIOCGIFAGENTIDS64: case SIOCGIFAGENTDATA32: case SIOCGIFAGENTDATA64: + case SIOCSIFINTERFACESTATE: case SIOCGIFINTERFACESTATE: case SIOCSIFPROBECONNECTIVITY: case SIOCGIFPROBECONNECTIVITY: + + case SIOCGIFFUNCTIONALTYPE: + case SIOCSIFNETSIGNATURE: + case SIOCGIFNETSIGNATURE: + case SIOCGECNMODE: case SIOCSECNMODE: + + case SIOCSIFORDER: + + case SIOCSQOSMARKINGMODE: + case SIOCSQOSMARKINGENABLED: + case SIOCGQOSMARKINGMODE: + case SIOCGQOSMARKINGENABLED: + + case SIOCSIFTIMESTAMPENABLE: + case SIOCSIFTIMESTAMPDISABLE: + case SIOCGIFTIMESTAMPENABLED: + + case SIOCSIFDISABLEOUTPUT: + + case SIOCGIFAGENTLIST32: + case SIOCGIFAGENTLIST64: + + case SIOCSIFLOWINTERNET: + case SIOCGIFLOWINTERNET: + +#if INET6 + case SIOCGIFNAT64PREFIX: + case SIOCSIFNAT64PREFIX: + + case SIOCGIFCLAT46ADDR: +#endif /* INET6 */ + + case SIOCGIFPROTOLIST32: + case SIOCGIFPROTOLIST64: + + case SIOCGIFLOWPOWER: + case SIOCSIFLOWPOWER: ; } } + +uint32_t +ifnet_mbuf_packetpreamblelen(struct ifnet *ifp) +{ +#pragma unused(ifp) + return (0); +} + +/* The following is used to enqueue work items for interface events */ +struct intf_event { + struct ifnet *ifp; + union sockaddr_in_4_6 addr; + uint32_t intf_event_code; +}; + +static void +intf_event_callback(void *arg) +{ + struct intf_event *p_intf_ev = (struct intf_event *)arg; + + /* Call this before we walk the tree */ + EVENTHANDLER_INVOKE(&ifnet_evhdlr_ctxt, ifnet_event, p_intf_ev->ifp, + (struct sockaddr *)&(p_intf_ev->addr), p_intf_ev->intf_event_code); +} + +struct intf_event_nwk_wq_entry { + struct nwk_wq_entry nwk_wqe; + struct intf_event intf_ev_arg; +}; + +void +intf_event_enqueue_nwk_wq_entry(struct ifnet *ifp, struct sockaddr *addrp, + uint32_t intf_event_code) +{ +#pragma unused(addrp) + struct intf_event_nwk_wq_entry *p_intf_ev = NULL; + + MALLOC(p_intf_ev, struct intf_event_nwk_wq_entry *, + sizeof(struct intf_event_nwk_wq_entry), + M_NWKWQ, M_WAITOK | M_ZERO); + + p_intf_ev->intf_ev_arg.ifp = ifp; + /* + * XXX Not using addr in the arg. This will be used + * once we need IP address add/delete events + */ + p_intf_ev->intf_ev_arg.intf_event_code = intf_event_code; + p_intf_ev->nwk_wqe.func = intf_event_callback; + p_intf_ev->nwk_wqe.is_arg_managed = TRUE; + p_intf_ev->nwk_wqe.arg = &p_intf_ev->intf_ev_arg; + nwk_wq_enqueue((struct nwk_wq_entry*)p_intf_ev); +}