1 /*
2 * Copyright (c) 2000-2025 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 /*
29 * Copyright (c) 1982, 1986, 1991, 1993
30 * The Regents of the University of California. All rights reserved.
31 *
32 * Redistribution and use in source and binary forms, with or without
33 * modification, are permitted provided that the following conditions
34 * are met:
35 * 1. Redistributions of source code must retain the above copyright
36 * notice, this list of conditions and the following disclaimer.
37 * 2. Redistributions in binary form must reproduce the above copyright
38 * notice, this list of conditions and the following disclaimer in the
39 * documentation and/or other materials provided with the distribution.
40 * 3. All advertising materials mentioning features or use of this software
41 * must display the following acknowledgement:
42 * This product includes software developed by the University of
43 * California, Berkeley and its contributors.
44 * 4. Neither the name of the University nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
47 *
48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
58 * SUCH DAMAGE.
59 *
60 * @(#)in.c 8.4 (Berkeley) 1/9/95
61 */
62
63 #include <sys/param.h>
64 #include <sys/systm.h>
65 #include <sys/sockio.h>
66 #include <sys/socketvar.h>
67 #include <sys/malloc.h>
68 #include <sys/proc.h>
69 #include <sys/socket.h>
70 #include <sys/kernel.h>
71 #include <sys/sysctl.h>
72 #include <sys/kern_event.h>
73 #include <sys/syslog.h>
74 #include <sys/mcache.h>
75 #include <sys/protosw.h>
76 #include <sys/file.h>
77
78 #include <kern/zalloc.h>
79 #include <pexpert/pexpert.h>
80 #include <os/log.h>
81
82 #include <net/if.h>
83 #include <net/if_types.h>
84 #include <net/route.h>
85 #include <net/kpi_protocol.h>
86 #include <net/dlil.h>
87 #if PF
88 #include <net/pfvar.h>
89 #endif /* PF */
90
91 #include <netinet/in.h>
92 #include <netinet/in_var.h>
93 #include <netinet/in_pcb.h>
94 #include <netinet/igmp_var.h>
95 #include <netinet/ip_var.h>
96 #include <netinet/tcp.h>
97 #include <netinet/tcp_timer.h>
98 #include <netinet/tcp_var.h>
99
100 #include <net/sockaddr_utils.h>
101
102 static int inctl_associd(struct socket *, u_long, caddr_t __indexable);
103 static int inctl_connid(struct socket *, u_long, caddr_t __indexable);
104 static int inctl_conninfo(struct socket *, u_long, caddr_t __indexable);
105
106 static int inctl_autoaddr(struct ifnet *, struct ifreq *);
107 static int inctl_arpipll(struct ifnet *, struct ifreq *);
108 static int inctl_setrouter(struct ifnet *, struct ifreq *);
109 static int inctl_ifaddr(struct ifnet *, struct in_ifaddr *, u_long,
110 struct ifreq *);
111 static int inctl_ifdstaddr(struct ifnet *, struct in_ifaddr *, u_long,
112 struct ifreq *);
113 static int inctl_ifbrdaddr(struct ifnet *, struct in_ifaddr *, u_long,
114 struct ifreq *);
115 static int inctl_ifnetmask(struct ifnet *, struct in_ifaddr *, u_long,
116 struct ifreq *);
117
118 static void in_socktrim(struct sockaddr_in *);
119 static int in_ifinit(struct ifnet *, struct in_ifaddr *,
120 struct sockaddr_in *, int);
121
122 #define IA_HASH_INIT(ia) { \
123 (ia)->ia_hash.tqe_next = __unsafe_forge_single(void *, ~(uintptr_t)0); \
124 (ia)->ia_hash.tqe_prev = __unsafe_forge_single(void *, ~(uintptr_t)0); \
125 }
126
127 #define IA_IS_HASHED(ia) \
128 (!((ia)->ia_hash.tqe_next == __unsafe_forge_single(void *, ~(uintptr_t)0) || \
129 (ia)->ia_hash.tqe_prev == __unsafe_forge_single(void *, ~(uintptr_t)0)))
130
131 static void in_iahash_remove(struct in_ifaddr *);
132 static void in_iahash_insert(struct in_ifaddr *);
133 static void in_iahash_insert_ptp(struct in_ifaddr *);
134 static struct in_ifaddr *in_ifaddr_alloc(void);
135 static void in_ifaddr_free(struct ifaddr *);
136
137 static int in_getassocids(struct socket *, uint32_t *, user_addr_t);
138 static int in_getconnids(struct socket *, sae_associd_t, uint32_t *, user_addr_t);
139
140 static int subnetsarelocal = 0;
141 SYSCTL_INT(_net_inet_ip, OID_AUTO, subnets_are_local,
142 CTLFLAG_RW | CTLFLAG_LOCKED, &subnetsarelocal, 0, "");
143
144 /* Track whether or not the SIOCARPIPLL ioctl has been called */
145 u_int32_t ipv4_ll_arp_aware = 0;
146
147 /*
148 * Return 1 if the address is
149 * - loopback
150 * - unicast or multicast link local
151 * - routed via a link level gateway
152 * - belongs to a directly connected (sub)net
153 */
154 int
inaddr_local(struct in_addr in)155 inaddr_local(struct in_addr in)
156 {
157 struct rtentry *__single rt;
158 struct sockaddr_in sin;
159 int local = 0;
160
161 if (ntohl(in.s_addr) == INADDR_LOOPBACK ||
162 IN_LINKLOCAL(ntohl(in.s_addr))) {
163 local = 1;
164 } else if (ntohl(in.s_addr) >= INADDR_UNSPEC_GROUP &&
165 ntohl(in.s_addr) <= INADDR_MAX_LOCAL_GROUP) {
166 local = 1;
167 } else {
168 sin.sin_family = AF_INET;
169 sin.sin_len = sizeof(sin);
170 sin.sin_addr = in;
171 rt = rtalloc1(SA(&sin), 0, 0);
172
173 if (rt != NULL) {
174 RT_LOCK_SPIN(rt);
175 if (rt->rt_gateway->sa_family == AF_LINK ||
176 (rt->rt_ifp->if_flags & IFF_LOOPBACK)) {
177 local = 1;
178 }
179 RT_UNLOCK(rt);
180 rtfree(rt);
181 } else {
182 local = in_localaddr(in);
183 }
184 }
185 return local;
186 }
187
188 /*
189 * Return 1 if an internet address is for a ``local'' host
190 * (one to which we have a connection). If subnetsarelocal
191 * is true, this includes other subnets of the local net,
192 * otherwise, it includes the directly-connected (sub)nets.
193 * The IPv4 link local prefix 169.254/16 is also included.
194 */
195 int
in_localaddr(struct in_addr in)196 in_localaddr(struct in_addr in)
197 {
198 u_int32_t i = ntohl(in.s_addr);
199 struct in_ifaddr *__single ia;
200
201 if (IN_LINKLOCAL(i)) {
202 return 1;
203 }
204
205 if (subnetsarelocal) {
206 lck_rw_lock_shared(&in_ifaddr_rwlock);
207 for (ia = in_ifaddrhead.tqh_first; ia != NULL;
208 ia = ia->ia_link.tqe_next) {
209 IFA_LOCK(&ia->ia_ifa);
210 if ((i & ia->ia_netmask) == ia->ia_net) {
211 IFA_UNLOCK(&ia->ia_ifa);
212 lck_rw_done(&in_ifaddr_rwlock);
213 return 1;
214 }
215 IFA_UNLOCK(&ia->ia_ifa);
216 }
217 lck_rw_done(&in_ifaddr_rwlock);
218 } else {
219 lck_rw_lock_shared(&in_ifaddr_rwlock);
220 for (ia = in_ifaddrhead.tqh_first; ia != NULL;
221 ia = ia->ia_link.tqe_next) {
222 IFA_LOCK(&ia->ia_ifa);
223 if ((i & ia->ia_subnetmask) == ia->ia_subnet) {
224 IFA_UNLOCK(&ia->ia_ifa);
225 lck_rw_done(&in_ifaddr_rwlock);
226 return 1;
227 }
228 IFA_UNLOCK(&ia->ia_ifa);
229 }
230 lck_rw_done(&in_ifaddr_rwlock);
231 }
232 return 0;
233 }
234
235 /*
236 * Determine whether an IP address is in a reserved set of addresses
237 * that may not be forwarded, or whether datagrams to that destination
238 * may be forwarded.
239 */
240 boolean_t
in_canforward(struct in_addr in)241 in_canforward(struct in_addr in)
242 {
243 u_int32_t i = ntohl(in.s_addr);
244 u_int32_t net;
245
246 if (IN_EXPERIMENTAL(i) || IN_MULTICAST(i)) {
247 return FALSE;
248 }
249 if (IN_CLASSA(i)) {
250 net = i & IN_CLASSA_NET;
251 if (net == 0 || net == (IN_LOOPBACKNET << IN_CLASSA_NSHIFT)) {
252 return FALSE;
253 }
254 }
255 return TRUE;
256 }
257
258 /*
259 * Trim a mask in a sockaddr
260 */
261 static void
in_socktrim(struct sockaddr_in * ap)262 in_socktrim(struct sockaddr_in *ap)
263 {
264 char *cplim = (char *)&ap->sin_addr;
265 char *cp = (char *)(&ap->sin_addr + 1);
266
267 ap->sin_len = 0;
268 while (--cp >= cplim) {
269 if (*cp) {
270 (ap)->sin_len = (uint8_t)(cp - (char *)(ap) + 1);
271 break;
272 }
273 }
274 }
275
276 static int in_interfaces; /* number of external internet interfaces */
277
278 static int
in_domifattach(struct ifnet * ifp)279 in_domifattach(struct ifnet *ifp)
280 {
281 int error = 0;
282
283 VERIFY(ifp != NULL);
284
285 if ((error = proto_plumb(PF_INET, ifp)) && error != EEXIST) {
286 log(LOG_ERR, "%s: proto_plumb returned %d if=%s\n",
287 __func__, error, if_name(ifp));
288 return error;
289 }
290
291 if (ifp->if_inetdata == NULL) {
292 ifp->if_inetdata = zalloc_permanent_type(struct in_ifextra);
293 error = 0;
294 } else if (error != EEXIST) {
295 /*
296 * Since the structure is never freed, we need to
297 * zero out its contents to avoid reusing stale data.
298 * A little redundant with allocation above, but it
299 * keeps the code simpler for all cases.
300 */
301 IN_IFEXTRA(ifp)->netsig_len = 0;
302 bzero(IN_IFEXTRA(ifp)->netsig, sizeof(IN_IFEXTRA(ifp)->netsig));
303 }
304 return error;
305 }
306
307 static __attribute__((noinline)) int
inctl_associd(struct socket * so,u_long cmd,caddr_t __indexable data)308 inctl_associd(struct socket *so, u_long cmd, caddr_t __indexable data)
309 {
310 int error = 0;
311 union {
312 struct so_aidreq32 a32;
313 struct so_aidreq64 a64;
314 } u;
315
316 VERIFY(so != NULL);
317
318 switch (cmd) {
319 case SIOCGASSOCIDS32: /* struct so_aidreq32 */
320 bcopy(data, &u.a32, sizeof(u.a32));
321 error = in_getassocids(so, &u.a32.sar_cnt, u.a32.sar_aidp);
322 if (error == 0) {
323 bcopy(&u.a32, data, sizeof(u.a32));
324 }
325 break;
326
327 case SIOCGASSOCIDS64: /* struct so_aidreq64 */
328 bcopy(data, &u.a64, sizeof(u.a64));
329 error = in_getassocids(so, &u.a64.sar_cnt, (user_addr_t)u.a64.sar_aidp);
330 if (error == 0) {
331 bcopy(&u.a64, data, sizeof(u.a64));
332 }
333 break;
334
335 default:
336 VERIFY(0);
337 /* NOTREACHED */
338 }
339
340 return error;
341 }
342
343 static __attribute__((noinline)) int
inctl_connid(struct socket * so,u_long cmd,caddr_t __indexable data)344 inctl_connid(struct socket *so, u_long cmd, caddr_t __indexable data)
345 {
346 int error = 0;
347 union {
348 struct so_cidreq32 c32;
349 struct so_cidreq64 c64;
350 } u;
351
352 VERIFY(so != NULL);
353
354 switch (cmd) {
355 case SIOCGCONNIDS32: /* struct so_cidreq32 */
356 bcopy(data, &u.c32, sizeof(u.c32));
357 error = in_getconnids(so, u.c32.scr_aid, &u.c32.scr_cnt,
358 u.c32.scr_cidp);
359 if (error == 0) {
360 bcopy(&u.c32, data, sizeof(u.c32));
361 }
362 break;
363
364 case SIOCGCONNIDS64: /* struct so_cidreq64 */
365 bcopy(data, &u.c64, sizeof(u.c64));
366 error = in_getconnids(so, u.c64.scr_aid, &u.c64.scr_cnt,
367 (user_addr_t)u.c64.scr_cidp);
368 if (error == 0) {
369 bcopy(&u.c64, data, sizeof(u.c64));
370 }
371 break;
372
373 default:
374 VERIFY(0);
375 /* NOTREACHED */
376 }
377
378 return error;
379 }
380
381 static __attribute__((noinline)) int
inctl_conninfo(struct socket * so,u_long cmd,caddr_t __indexable data)382 inctl_conninfo(struct socket *so, u_long cmd, caddr_t __indexable data)
383 {
384 int error = 0;
385 union {
386 struct so_cinforeq32 ci32;
387 struct so_cinforeq64 ci64;
388 } u;
389
390 VERIFY(so != NULL);
391
392 switch (cmd) {
393 case SIOCGCONNINFO32: /* struct so_cinforeq32 */
394 bcopy(data, &u.ci32, sizeof(u.ci32));
395 error = in_getconninfo(so, u.ci32.scir_cid, &u.ci32.scir_flags,
396 &u.ci32.scir_ifindex, &u.ci32.scir_error, u.ci32.scir_src,
397 &u.ci32.scir_src_len, u.ci32.scir_dst, &u.ci32.scir_dst_len,
398 &u.ci32.scir_aux_type, u.ci32.scir_aux_data,
399 &u.ci32.scir_aux_len);
400 if (error == 0) {
401 bcopy(&u.ci32, data, sizeof(u.ci32));
402 }
403 break;
404
405 case SIOCGCONNINFO64: /* struct so_cinforeq64 */
406 bcopy(data, &u.ci64, sizeof(u.ci64));
407 error = in_getconninfo(so, u.ci64.scir_cid, &u.ci64.scir_flags,
408 &u.ci64.scir_ifindex, &u.ci64.scir_error, (user_addr_t)u.ci64.scir_src,
409 &u.ci64.scir_src_len, (user_addr_t)u.ci64.scir_dst, &u.ci64.scir_dst_len,
410 &u.ci64.scir_aux_type, (user_addr_t)u.ci64.scir_aux_data,
411 &u.ci64.scir_aux_len);
412 if (error == 0) {
413 bcopy(&u.ci64, data, sizeof(u.ci64));
414 }
415 break;
416
417 default:
418 VERIFY(0);
419 /* NOTREACHED */
420 }
421
422 return error;
423 }
424
425 /*
426 * Caller passes in the ioctl data pointer directly via "ifr", with the
427 * expectation that this routine always uses bcopy() or other byte-aligned
428 * memory accesses.
429 */
430 static __attribute__((noinline)) int
inctl_autoaddr(struct ifnet * ifp,struct ifreq * ifr)431 inctl_autoaddr(struct ifnet *ifp, struct ifreq *ifr)
432 {
433 int error = 0, intval;
434
435 VERIFY(ifp != NULL);
436
437 bcopy(&ifr->ifr_intval, &intval, sizeof(intval));
438
439 ifnet_lock_exclusive(ifp);
440 if (intval) {
441 /*
442 * An interface in IPv4 router mode implies that it
443 * is configured with a static IP address and should
444 * not act as a DHCP client; prevent SIOCAUTOADDR from
445 * being set in that mode.
446 */
447 if (ifp->if_eflags & IFEF_IPV4_ROUTER) {
448 intval = 0; /* be safe; clear flag if set */
449 error = EBUSY;
450 } else {
451 if_set_eflags(ifp, IFEF_AUTOCONFIGURING);
452 }
453 }
454 if (!intval) {
455 if_clear_eflags(ifp, IFEF_AUTOCONFIGURING);
456 }
457 ifnet_lock_done(ifp);
458
459 return error;
460 }
461
462 /*
463 * Caller passes in the ioctl data pointer directly via "ifr", with the
464 * expectation that this routine always uses bcopy() or other byte-aligned
465 * memory accesses.
466 */
467 static __attribute__((noinline)) int
inctl_arpipll(struct ifnet * ifp,struct ifreq * ifr)468 inctl_arpipll(struct ifnet *ifp, struct ifreq *ifr)
469 {
470 int error = 0, intval;
471
472 VERIFY(ifp != NULL);
473
474 bcopy(&ifr->ifr_intval, &intval, sizeof(intval));
475 ipv4_ll_arp_aware = 1;
476
477 ifnet_lock_exclusive(ifp);
478 if (intval) {
479 /*
480 * An interface in IPv4 router mode implies that it
481 * is configured with a static IP address and should
482 * not have to deal with IPv4 Link-Local Address;
483 * prevent SIOCARPIPLL from being set in that mode.
484 */
485 if (ifp->if_eflags & IFEF_IPV4_ROUTER) {
486 intval = 0; /* be safe; clear flag if set */
487 error = EBUSY;
488 } else {
489 if_set_eflags(ifp, IFEF_ARPLL);
490 }
491 }
492 if (!intval) {
493 if_clear_eflags(ifp, IFEF_ARPLL);
494 }
495 ifnet_lock_done(ifp);
496
497 return error;
498 }
499
500 /*
501 * Handle SIOCSETROUTERMODE to set or clear the IPv4 router mode flag on
502 * the interface. When in this mode, IPv4 Link-Local Address support is
503 * disabled in ARP, and DHCP client support is disabled in IP input; turning
504 * any of them on would cause an error to be returned. Entering or exiting
505 * this mode will result in the removal of IPv4 addresses currently configured
506 * on the interface.
507 *
508 * Caller passes in the ioctl data pointer directly via "ifr", with the
509 * expectation that this routine always uses bcopy() or other byte-aligned
510 * memory accesses.
511 */
512 static __attribute__((noinline)) int
inctl_setrouter(struct ifnet * ifp,struct ifreq * ifr)513 inctl_setrouter(struct ifnet *ifp, struct ifreq *ifr)
514 {
515 int error = 0, intval;
516
517 VERIFY(ifp != NULL);
518
519 /* Router mode isn't valid for loopback */
520 if (ifp->if_flags & IFF_LOOPBACK) {
521 return ENODEV;
522 }
523
524 bcopy(&ifr->ifr_intval, &intval, sizeof(intval));
525 switch (intval) {
526 case 0:
527 case 1:
528 break;
529 default:
530 return EINVAL;
531 }
532 ifnet_lock_exclusive(ifp);
533 if (intval != 0) {
534 if_set_eflags(ifp, IFEF_IPV4_ROUTER);
535 if_clear_eflags(ifp, (IFEF_ARPLL | IFEF_AUTOCONFIGURING));
536 } else {
537 if_clear_eflags(ifp, IFEF_IPV4_ROUTER);
538 }
539 ifnet_lock_done(ifp);
540
541 /* purge all IPv4 addresses configured on this interface */
542 in_purgeaddrs(ifp);
543
544 return error;
545 }
546
547 /*
548 * Caller passes in the ioctl data pointer directly via "ifr", with the
549 * expectation that this routine always uses bcopy() or other byte-aligned
550 * memory accesses.
551 */
552 static __attribute__((noinline)) int
inctl_ifaddr(struct ifnet * ifp,struct in_ifaddr * ia,u_long cmd,struct ifreq * ifr)553 inctl_ifaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
554 struct ifreq *ifr)
555 {
556 struct kev_in_data in_event_data;
557 struct kev_msg ev_msg;
558 struct sockaddr_in addr;
559 struct ifaddr *__single ifa;
560 int error = 0;
561
562 VERIFY(ifp != NULL);
563
564 bzero(&in_event_data, sizeof(struct kev_in_data));
565 bzero(&ev_msg, sizeof(struct kev_msg));
566
567 switch (cmd) {
568 case SIOCGIFADDR: /* struct ifreq */
569 if (ia == NULL) {
570 error = EADDRNOTAVAIL;
571 break;
572 }
573 IFA_LOCK(&ia->ia_ifa);
574 SOCKADDR_COPY(&ia->ia_addr, &ifr->ifr_addr, sizeof(addr));
575 IFA_UNLOCK(&ia->ia_ifa);
576 break;
577
578 case SIOCSIFADDR: /* struct ifreq */
579 VERIFY(ia != NULL);
580 SOCKADDR_COPY(&ifr->ifr_addr, &addr, sizeof(addr));
581 /*
582 * If this is a new address, the reference count for the
583 * hash table has been taken at creation time above.
584 */
585 error = in_ifinit(ifp, ia, &addr, 1);
586 if (error == 0) {
587 (void) ifnet_notify_address(ifp, AF_INET);
588 }
589 break;
590
591 case SIOCAIFADDR: { /* struct {if,in_}aliasreq */
592 struct in_aliasreq *__single ifra = (struct in_aliasreq *)ifr;
593 struct sockaddr_in broadaddr, mask;
594 int hostIsNew, maskIsNew;
595
596 VERIFY(ia != NULL);
597 SOCKADDR_COPY(&ifra->ifra_addr, &addr, sizeof(addr));
598 SOCKADDR_COPY(&ifra->ifra_broadaddr, &broadaddr, sizeof(broadaddr));
599 SOCKADDR_COPY(&ifra->ifra_mask, &mask, sizeof(mask));
600
601 maskIsNew = 0;
602 hostIsNew = 1;
603 error = 0;
604
605 IFA_LOCK(&ia->ia_ifa);
606 if (ia->ia_addr.sin_family == AF_INET) {
607 if (addr.sin_len == 0) {
608 addr = ia->ia_addr;
609 hostIsNew = 0;
610 } else if (addr.sin_addr.s_addr ==
611 ia->ia_addr.sin_addr.s_addr) {
612 hostIsNew = 0;
613 }
614 }
615 if (mask.sin_len != 0) {
616 IFA_UNLOCK(&ia->ia_ifa);
617 in_ifscrub(ifp, ia, 0);
618 IFA_LOCK(&ia->ia_ifa);
619 ia->ia_sockmask.sin_len = sizeof(struct sockaddr_in);
620 ia->ia_sockmask.sin_family = AF_INET;
621 ia->ia_sockmask.sin_port = 0;
622 ia->ia_sockmask.sin_addr = mask.sin_addr;
623 bzero(&ia->ia_sockmask.sin_zero, sizeof(ia->ia_dstaddr.sin_zero));
624 ia->ia_subnetmask =
625 ntohl(ia->ia_sockmask.sin_addr.s_addr);
626 maskIsNew = 1;
627 }
628 if ((ifp->if_flags & IFF_POINTOPOINT) &&
629 (broadaddr.sin_family == AF_INET)) {
630 IFA_UNLOCK(&ia->ia_ifa);
631 in_ifscrub(ifp, ia, 0);
632 IFA_LOCK(&ia->ia_ifa);
633 ia->ia_dstaddr.sin_family = AF_INET;
634 ia->ia_dstaddr.sin_len = sizeof(struct sockaddr_in);
635 ia->ia_dstaddr.sin_port = 0;
636 ia->ia_dstaddr.sin_addr = broadaddr.sin_addr;
637 bzero(&ia->ia_dstaddr.sin_zero, sizeof(ia->ia_dstaddr.sin_zero));
638 maskIsNew = 1; /* We lie; but the effect's the same */
639 }
640 if (addr.sin_family == AF_INET && (hostIsNew || maskIsNew)) {
641 IFA_UNLOCK(&ia->ia_ifa);
642 error = in_ifinit(ifp, ia, &addr, 0);
643 } else {
644 IFA_UNLOCK(&ia->ia_ifa);
645 }
646 if (error == 0) {
647 (void) ifnet_notify_address(ifp, AF_INET);
648 }
649 IFA_LOCK(&ia->ia_ifa);
650 if ((ifp->if_flags & IFF_BROADCAST) &&
651 (broadaddr.sin_family == AF_INET)) {
652 ia->ia_broadaddr.sin_family = AF_INET;
653 ia->ia_broadaddr.sin_len = sizeof(struct sockaddr_in);
654 ia->ia_broadaddr.sin_port = 0;
655 ia->ia_broadaddr.sin_addr = broadaddr.sin_addr;
656 bzero(&ia->ia_broadaddr.sin_zero, sizeof(ia->ia_broadaddr.sin_zero));
657 }
658
659 /*
660 * Report event.
661 */
662 if ((error == 0) || (error == EEXIST)) {
663 ev_msg.vendor_code = KEV_VENDOR_APPLE;
664 ev_msg.kev_class = KEV_NETWORK_CLASS;
665 ev_msg.kev_subclass = KEV_INET_SUBCLASS;
666
667 if (hostIsNew) {
668 ev_msg.event_code = KEV_INET_NEW_ADDR;
669 } else {
670 ev_msg.event_code = KEV_INET_CHANGED_ADDR;
671 }
672
673 if (ia->ia_ifa.ifa_dstaddr) {
674 in_event_data.ia_dstaddr = SIN(ia->ia_ifa.ifa_dstaddr)->sin_addr;
675 } else {
676 in_event_data.ia_dstaddr.s_addr = INADDR_ANY;
677 }
678 in_event_data.ia_addr = ia->ia_addr.sin_addr;
679 in_event_data.ia_net = ia->ia_net;
680 in_event_data.ia_netmask = ia->ia_netmask;
681 in_event_data.ia_subnet = ia->ia_subnet;
682 in_event_data.ia_subnetmask = ia->ia_subnetmask;
683 in_event_data.ia_netbroadcast = ia->ia_netbroadcast;
684 IFA_UNLOCK(&ia->ia_ifa);
685 (void) strlcpy(&in_event_data.link_data.if_name[0],
686 ifp->if_name, IFNAMSIZ);
687 in_event_data.link_data.if_family = ifp->if_family;
688 in_event_data.link_data.if_unit = ifp->if_unit;
689
690 ev_msg.dv[0].data_ptr = &in_event_data;
691 ev_msg.dv[0].data_length = sizeof(struct kev_in_data);
692 ev_msg.dv[1].data_length = 0;
693
694 dlil_post_complete_msg(ifp, &ev_msg);
695 } else {
696 IFA_UNLOCK(&ia->ia_ifa);
697 }
698 break;
699 }
700
701 case SIOCDIFADDR: /* struct ifreq */
702 VERIFY(ia != NULL);
703
704 (void)ifnet_ioctl(ifp, PF_INET, SIOCDIFADDR, ia);
705
706 /* Fill out the kernel event information */
707 ev_msg.vendor_code = KEV_VENDOR_APPLE;
708 ev_msg.kev_class = KEV_NETWORK_CLASS;
709 ev_msg.kev_subclass = KEV_INET_SUBCLASS;
710
711 ev_msg.event_code = KEV_INET_ADDR_DELETED;
712
713 IFA_LOCK(&ia->ia_ifa);
714 if (ia->ia_ifa.ifa_dstaddr) {
715 in_event_data.ia_dstaddr = SIN(ia->ia_ifa.ifa_dstaddr)->sin_addr;
716 } else {
717 in_event_data.ia_dstaddr.s_addr = INADDR_ANY;
718 }
719 in_event_data.ia_addr = ia->ia_addr.sin_addr;
720 in_event_data.ia_net = ia->ia_net;
721 in_event_data.ia_netmask = ia->ia_netmask;
722 in_event_data.ia_subnet = ia->ia_subnet;
723 in_event_data.ia_subnetmask = ia->ia_subnetmask;
724 in_event_data.ia_netbroadcast = ia->ia_netbroadcast;
725 IFA_UNLOCK(&ia->ia_ifa);
726 (void) strlcpy(&in_event_data.link_data.if_name[0],
727 ifp->if_name, IFNAMSIZ);
728 in_event_data.link_data.if_family = ifp->if_family;
729 in_event_data.link_data.if_unit = (u_int32_t)ifp->if_unit;
730
731 ev_msg.dv[0].data_ptr = &in_event_data;
732 ev_msg.dv[0].data_length = sizeof(struct kev_in_data);
733 ev_msg.dv[1].data_length = 0;
734
735 ifa = &ia->ia_ifa;
736 lck_rw_lock_exclusive(&in_ifaddr_rwlock);
737 /* Release ia_link reference */
738 ifa_remref(ifa);
739 TAILQ_REMOVE(&in_ifaddrhead, ia, ia_link);
740 IFA_LOCK(ifa);
741 if (IA_IS_HASHED(ia)) {
742 in_iahash_remove(ia);
743 }
744 IFA_UNLOCK(ifa);
745 lck_rw_done(&in_ifaddr_rwlock);
746
747 /*
748 * in_ifscrub kills the interface route.
749 */
750 in_ifscrub(ifp, ia, 0);
751 ifnet_lock_exclusive(ifp);
752 IFA_LOCK(ifa);
753 /* if_detach_ifa() releases ifa_link reference */
754 if_detach_ifa(ifp, ifa);
755 /* Our reference to this address is dropped at the bottom */
756 IFA_UNLOCK(ifa);
757
758 /* invalidate route caches */
759 routegenid_inet_update();
760
761 /*
762 * If the interface supports multicast, and no address is left,
763 * remove the "all hosts" multicast group from that interface.
764 */
765 if ((ifp->if_flags & IFF_MULTICAST) ||
766 ifp->if_allhostsinm != NULL) {
767 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
768 IFA_LOCK(ifa);
769 if (ifa->ifa_addr->sa_family == AF_INET) {
770 IFA_UNLOCK(ifa);
771 break;
772 }
773 IFA_UNLOCK(ifa);
774 }
775 ifnet_lock_done(ifp);
776
777 lck_mtx_lock(&ifp->if_addrconfig_lock);
778 if (ifa == NULL && ifp->if_allhostsinm != NULL) {
779 struct in_multi *__single inm = ifp->if_allhostsinm;
780 ifp->if_allhostsinm = NULL;
781
782 in_delmulti(inm);
783 /* release the reference for allhostsinm */
784 INM_REMREF(inm);
785 }
786 lck_mtx_unlock(&ifp->if_addrconfig_lock);
787 } else {
788 ifnet_lock_done(ifp);
789 }
790
791 /* Post the kernel event */
792 dlil_post_complete_msg(ifp, &ev_msg);
793
794 /*
795 * See if there is any IPV4 address left and if so,
796 * reconfigure KDP to use current primary address.
797 */
798 ifa = ifa_ifpgetprimary(ifp, AF_INET);
799 if (ifa != NULL) {
800 /*
801 * NOTE: SIOCSIFADDR is defined with struct ifreq
802 * as parameter, but here we are sending it down
803 * to the interface with a pointer to struct ifaddr,
804 * for legacy reasons.
805 */
806 error = ifnet_ioctl(ifp, PF_INET, SIOCSIFADDR, ifa);
807 if (error == EOPNOTSUPP) {
808 error = 0;
809 }
810
811 /* Release reference from ifa_ifpgetprimary() */
812 ifa_remref(ifa);
813 }
814 (void) ifnet_notify_address(ifp, AF_INET);
815 break;
816
817 default:
818 VERIFY(0);
819 /* NOTREACHED */
820 }
821
822 return error;
823 }
824
825 /*
826 * Caller passes in the ioctl data pointer directly via "ifr", with the
827 * expectation that this routine always uses bcopy() or other byte-aligned
828 * memory accesses.
829 */
830 static __attribute__((noinline)) int
inctl_ifdstaddr(struct ifnet * ifp,struct in_ifaddr * ia,u_long cmd,struct ifreq * ifr)831 inctl_ifdstaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
832 struct ifreq *ifr)
833 {
834 struct kev_in_data in_event_data;
835 struct kev_msg ev_msg;
836 struct sockaddr_in dstaddr;
837 int error = 0;
838
839 VERIFY(ifp != NULL);
840
841 if (!(ifp->if_flags & IFF_POINTOPOINT)) {
842 return EINVAL;
843 }
844
845 bzero(&in_event_data, sizeof(struct kev_in_data));
846 bzero(&ev_msg, sizeof(struct kev_msg));
847
848 switch (cmd) {
849 case SIOCGIFDSTADDR: /* struct ifreq */
850 if (ia == NULL) {
851 error = EADDRNOTAVAIL;
852 break;
853 }
854 IFA_LOCK(&ia->ia_ifa);
855 SOCKADDR_COPY(&ia->ia_dstaddr, &ifr->ifr_dstaddr, sizeof(dstaddr));
856 IFA_UNLOCK(&ia->ia_ifa);
857 break;
858
859 case SIOCSIFDSTADDR: /* struct ifreq */
860 VERIFY(ia != NULL);
861 IFA_LOCK(&ia->ia_ifa);
862 dstaddr = ia->ia_dstaddr;
863
864 ia->ia_dstaddr.sin_family = AF_INET;
865 ia->ia_dstaddr.sin_len = sizeof(struct sockaddr_in);
866 ia->ia_dstaddr.sin_port = 0;
867 bcopy(&SIN(&ifr->ifr_dstaddr)->sin_addr,
868 &ia->ia_dstaddr.sin_addr, sizeof(ia->ia_dstaddr.sin_addr));
869 bzero(&ia->ia_dstaddr.sin_zero, sizeof(ia->ia_dstaddr.sin_zero));
870
871 IFA_UNLOCK(&ia->ia_ifa);
872 /*
873 * NOTE: SIOCSIFDSTADDR is defined with struct ifreq
874 * as parameter, but here we are sending it down
875 * to the interface with a pointer to struct ifaddr,
876 * for legacy reasons.
877 */
878 error = ifnet_ioctl(ifp, PF_INET, SIOCSIFDSTADDR, ia);
879 IFA_LOCK(&ia->ia_ifa);
880 if (error == EOPNOTSUPP) {
881 error = 0;
882 }
883 if (error != 0) {
884 ia->ia_dstaddr = dstaddr;
885 IFA_UNLOCK(&ia->ia_ifa);
886 break;
887 }
888 IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
889
890 ev_msg.vendor_code = KEV_VENDOR_APPLE;
891 ev_msg.kev_class = KEV_NETWORK_CLASS;
892 ev_msg.kev_subclass = KEV_INET_SUBCLASS;
893
894 ev_msg.event_code = KEV_INET_SIFDSTADDR;
895
896 if (ia->ia_ifa.ifa_dstaddr) {
897 in_event_data.ia_dstaddr = SIN(ia->ia_ifa.ifa_dstaddr)->sin_addr;
898 } else {
899 in_event_data.ia_dstaddr.s_addr = INADDR_ANY;
900 }
901
902 in_event_data.ia_addr = ia->ia_addr.sin_addr;
903 in_event_data.ia_net = ia->ia_net;
904 in_event_data.ia_netmask = ia->ia_netmask;
905 in_event_data.ia_subnet = ia->ia_subnet;
906 in_event_data.ia_subnetmask = ia->ia_subnetmask;
907 in_event_data.ia_netbroadcast = ia->ia_netbroadcast;
908 IFA_UNLOCK(&ia->ia_ifa);
909 (void) strlcpy(&in_event_data.link_data.if_name[0],
910 ifp->if_name, IFNAMSIZ);
911 in_event_data.link_data.if_family = ifp->if_family;
912 in_event_data.link_data.if_unit = (u_int32_t)ifp->if_unit;
913
914 ev_msg.dv[0].data_ptr = &in_event_data;
915 ev_msg.dv[0].data_length = sizeof(struct kev_in_data);
916 ev_msg.dv[1].data_length = 0;
917
918 dlil_post_complete_msg(ifp, &ev_msg);
919
920 lck_mtx_lock(rnh_lock);
921 IFA_LOCK(&ia->ia_ifa);
922 if (ia->ia_flags & IFA_ROUTE) {
923 ia->ia_ifa.ifa_dstaddr = SA(&dstaddr);
924 IFA_UNLOCK(&ia->ia_ifa);
925 rtinit_locked(&(ia->ia_ifa), RTM_DELETE, RTF_HOST);
926 IFA_LOCK(&ia->ia_ifa);
927 ia->ia_ifa.ifa_dstaddr =
928 SA(&ia->ia_dstaddr);
929 IFA_UNLOCK(&ia->ia_ifa);
930 rtinit_locked(&(ia->ia_ifa), RTM_ADD,
931 RTF_HOST | RTF_UP);
932 } else {
933 IFA_UNLOCK(&ia->ia_ifa);
934 }
935 lck_mtx_unlock(rnh_lock);
936 break;
937
938
939
940 default:
941 VERIFY(0);
942 /* NOTREACHED */
943 }
944
945 return error;
946 }
947
948 /*
949 * Caller passes in the ioctl data pointer directly via "ifr", with the
950 * expectation that this routine always uses bcopy() or other byte-aligned
951 * memory accesses.
952 */
953 static __attribute__((noinline)) int
inctl_ifbrdaddr(struct ifnet * ifp,struct in_ifaddr * ia,u_long cmd,struct ifreq * ifr)954 inctl_ifbrdaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
955 struct ifreq *ifr)
956 {
957 struct kev_in_data in_event_data;
958 struct kev_msg ev_msg;
959 int error = 0;
960
961 VERIFY(ifp != NULL);
962
963 if (ia == NULL) {
964 return EADDRNOTAVAIL;
965 }
966
967 if (!(ifp->if_flags & IFF_BROADCAST)) {
968 return EINVAL;
969 }
970
971 bzero(&in_event_data, sizeof(struct kev_in_data));
972 bzero(&ev_msg, sizeof(struct kev_msg));
973
974 switch (cmd) {
975 case SIOCGIFBRDADDR: /* struct ifreq */
976 IFA_LOCK(&ia->ia_ifa);
977 SOCKADDR_COPY(&ia->ia_broadaddr, &ifr->ifr_broadaddr,
978 sizeof(struct sockaddr_in));
979 IFA_UNLOCK(&ia->ia_ifa);
980 break;
981
982 case SIOCSIFBRDADDR: /* struct ifreq */
983 IFA_LOCK(&ia->ia_ifa);
984
985 ia->ia_broadaddr.sin_family = AF_INET;
986 ia->ia_broadaddr.sin_len = sizeof(struct sockaddr_in);
987 ia->ia_broadaddr.sin_port = 0;
988 bcopy(&SIN(&ifr->ifr_broadaddr)->sin_addr,
989 &ia->ia_broadaddr.sin_addr, sizeof(ia->ia_broadaddr.sin_addr));
990 bzero(&ia->ia_broadaddr.sin_zero, sizeof(ia->ia_broadaddr.sin_zero));
991
992 ev_msg.vendor_code = KEV_VENDOR_APPLE;
993 ev_msg.kev_class = KEV_NETWORK_CLASS;
994 ev_msg.kev_subclass = KEV_INET_SUBCLASS;
995
996 ev_msg.event_code = KEV_INET_SIFBRDADDR;
997
998 if (ia->ia_ifa.ifa_dstaddr) {
999 in_event_data.ia_dstaddr = SIN(ia->ia_ifa.ifa_dstaddr)->sin_addr;
1000 } else {
1001 in_event_data.ia_dstaddr.s_addr = INADDR_ANY;
1002 }
1003 in_event_data.ia_addr = ia->ia_addr.sin_addr;
1004 in_event_data.ia_net = ia->ia_net;
1005 in_event_data.ia_netmask = ia->ia_netmask;
1006 in_event_data.ia_subnet = ia->ia_subnet;
1007 in_event_data.ia_subnetmask = ia->ia_subnetmask;
1008 in_event_data.ia_netbroadcast = ia->ia_netbroadcast;
1009 IFA_UNLOCK(&ia->ia_ifa);
1010 (void) strlcpy(&in_event_data.link_data.if_name[0],
1011 ifp->if_name, IFNAMSIZ);
1012 in_event_data.link_data.if_family = ifp->if_family;
1013 in_event_data.link_data.if_unit = (u_int32_t)ifp->if_unit;
1014
1015 ev_msg.dv[0].data_ptr = &in_event_data;
1016 ev_msg.dv[0].data_length = sizeof(struct kev_in_data);
1017 ev_msg.dv[1].data_length = 0;
1018
1019 dlil_post_complete_msg(ifp, &ev_msg);
1020 break;
1021
1022 default:
1023 VERIFY(0);
1024 /* NOTREACHED */
1025 }
1026
1027 return error;
1028 }
1029
1030 /*
1031 * Caller passes in the ioctl data pointer directly via "ifr", with the
1032 * expectation that this routine always uses bcopy() or other byte-aligned
1033 * memory accesses.
1034 */
1035 static __attribute__((noinline)) int
inctl_ifnetmask(struct ifnet * ifp,struct in_ifaddr * ia,u_long cmd,struct ifreq * ifr)1036 inctl_ifnetmask(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
1037 struct ifreq *ifr)
1038 {
1039 struct kev_in_data in_event_data;
1040 struct kev_msg ev_msg;
1041 struct sockaddr_in mask;
1042 int error = 0;
1043
1044 VERIFY(ifp != NULL);
1045
1046 bzero(&in_event_data, sizeof(struct kev_in_data));
1047 bzero(&ev_msg, sizeof(struct kev_msg));
1048
1049 switch (cmd) {
1050 case SIOCGIFNETMASK: /* struct ifreq */
1051 if (ia == NULL) {
1052 error = EADDRNOTAVAIL;
1053 break;
1054 }
1055 IFA_LOCK(&ia->ia_ifa);
1056 SOCKADDR_COPY(&ia->ia_sockmask, &ifr->ifr_addr, sizeof(mask));
1057 IFA_UNLOCK(&ia->ia_ifa);
1058 break;
1059
1060 case SIOCSIFNETMASK: { /* struct ifreq */
1061 in_addr_t i;
1062
1063 SOCKADDR_COPY(&ifr->ifr_addr, &mask, sizeof(mask));
1064 i = mask.sin_addr.s_addr;
1065
1066 VERIFY(ia != NULL);
1067 IFA_LOCK(&ia->ia_ifa);
1068 ia->ia_subnetmask = ntohl(ia->ia_sockmask.sin_addr.s_addr = i);
1069 ev_msg.vendor_code = KEV_VENDOR_APPLE;
1070 ev_msg.kev_class = KEV_NETWORK_CLASS;
1071 ev_msg.kev_subclass = KEV_INET_SUBCLASS;
1072
1073 ev_msg.event_code = KEV_INET_SIFNETMASK;
1074
1075 if (ia->ia_ifa.ifa_dstaddr) {
1076 in_event_data.ia_dstaddr = SIN(ia->ia_ifa.ifa_dstaddr)->sin_addr;
1077 } else {
1078 in_event_data.ia_dstaddr.s_addr = INADDR_ANY;
1079 }
1080 in_event_data.ia_addr = ia->ia_addr.sin_addr;
1081 in_event_data.ia_net = ia->ia_net;
1082 in_event_data.ia_netmask = ia->ia_netmask;
1083 in_event_data.ia_subnet = ia->ia_subnet;
1084 in_event_data.ia_subnetmask = ia->ia_subnetmask;
1085 in_event_data.ia_netbroadcast = ia->ia_netbroadcast;
1086 IFA_UNLOCK(&ia->ia_ifa);
1087 (void) strlcpy(&in_event_data.link_data.if_name[0],
1088 ifp->if_name, IFNAMSIZ);
1089 in_event_data.link_data.if_family = ifp->if_family;
1090 in_event_data.link_data.if_unit = (u_int32_t)ifp->if_unit;
1091
1092 ev_msg.dv[0].data_ptr = &in_event_data;
1093 ev_msg.dv[0].data_length = sizeof(struct kev_in_data);
1094 ev_msg.dv[1].data_length = 0;
1095
1096 dlil_post_complete_msg(ifp, &ev_msg);
1097 break;
1098 }
1099
1100 default:
1101 VERIFY(0);
1102 /* NOTREACHED */
1103 }
1104
1105 return error;
1106 }
1107
1108 /*
1109 * Generic INET control operations (ioctl's).
1110 *
1111 * ifp is NULL if not an interface-specific ioctl.
1112 *
1113 * Most of the routines called to handle the ioctls would end up being
1114 * tail-call optimized, which unfortunately causes this routine to
1115 * consume too much stack space; this is the reason for the "noinline"
1116 * attribute used on those routines.
1117 *
1118 * If called directly from within the networking stack (as opposed to via
1119 * pru_control), the socket parameter may be NULL.
1120 */
1121 int
in_control(struct socket * so,u_long cmd,caddr_t __sized_by (IOCPARM_LEN (cmd))data,struct ifnet * ifp,struct proc * p)1122 in_control(struct socket *so, u_long cmd, caddr_t __sized_by(IOCPARM_LEN(cmd)) data,
1123 struct ifnet *ifp, struct proc *p)
1124 {
1125 struct ifreq *__single ifr = NULL;
1126 struct sockaddr_in addr, dstaddr;
1127 struct sockaddr_in sin;
1128 struct sockaddr_in *__single sa = NULL;
1129 boolean_t privileged = (proc_suser(p) == 0);
1130 boolean_t so_unlocked = FALSE;
1131 struct in_ifaddr *__single ia = NULL;
1132 struct ifaddr *__single ifa;
1133 int error = 0;
1134 int intval;
1135
1136 /* In case it's NULL, make sure it came from the kernel */
1137 VERIFY(so != NULL || p == kernproc);
1138
1139 /*
1140 * ioctls which don't require ifp, but require socket.
1141 */
1142 switch (cmd) {
1143 case SIOCGASSOCIDS32: /* struct so_aidreq32 */
1144 case SIOCGASSOCIDS64: /* struct so_aidreq64 */
1145 return inctl_associd(so, cmd, data);
1146 /* NOTREACHED */
1147
1148 case SIOCGCONNIDS32: /* struct so_cidreq32 */
1149 case SIOCGCONNIDS64: /* struct so_cidreq64 */
1150 return inctl_connid(so, cmd, data);
1151 /* NOTREACHED */
1152
1153 case SIOCGCONNINFO32: /* struct so_cinforeq32 */
1154 case SIOCGCONNINFO64: /* struct so_cinforeq64 */
1155 return inctl_conninfo(so, cmd, data);
1156 /* NOTREACHED */
1157 }
1158
1159 /*
1160 * The rest of ioctls require ifp; reject if we don't have one;
1161 * return ENXIO to be consistent with ifioctl().
1162 */
1163 if (ifp == NULL) {
1164 return ENXIO;
1165 }
1166
1167 /*
1168 * ioctls which require ifp but not interface address.
1169 */
1170 switch (cmd) {
1171 case SIOCAUTOADDR: /* struct ifreq */
1172 if (!privileged) {
1173 return EPERM;
1174 }
1175 ifr = (struct ifreq *)(void *)data;
1176 return inctl_autoaddr(ifp, ifr);
1177 /* NOTREACHED */
1178
1179 case SIOCARPIPLL: /* struct ifreq */
1180 if (!privileged) {
1181 return EPERM;
1182 }
1183 ifr = (struct ifreq *)(void *)data;
1184 return inctl_arpipll(ifp, ifr);
1185 /* NOTREACHED */
1186
1187 case SIOCGETROUTERMODE: /* struct ifreq */
1188 ifr = (struct ifreq *)(void *)data;
1189 intval = (ifp->if_eflags & IFEF_IPV4_ROUTER) != 0 ? 1 : 0;
1190 bcopy(&intval, &ifr->ifr_intval, sizeof(intval));
1191 return 0;
1192 /* NOTREACHED */
1193
1194 case SIOCSETROUTERMODE: /* struct ifreq */
1195 if (!privileged) {
1196 return EPERM;
1197 }
1198 ifr = (struct ifreq *)(void *)data;
1199 return inctl_setrouter(ifp, ifr);
1200 /* NOTREACHED */
1201
1202 case SIOCPROTOATTACH: /* struct ifreq */
1203 if (!privileged) {
1204 return EPERM;
1205 }
1206 return in_domifattach(ifp);
1207 /* NOTREACHED */
1208
1209 case SIOCPROTODETACH: /* struct ifreq */
1210 if (!privileged) {
1211 return EPERM;
1212 }
1213
1214 /*
1215 * If an IPv4 address is still present, refuse to detach.
1216 */
1217 ifnet_lock_shared(ifp);
1218 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1219 IFA_LOCK(ifa);
1220 if (ifa->ifa_addr->sa_family == AF_INET) {
1221 IFA_UNLOCK(ifa);
1222 break;
1223 }
1224 IFA_UNLOCK(ifa);
1225 }
1226 ifnet_lock_done(ifp);
1227 return (ifa == NULL) ? proto_unplumb(PF_INET, ifp) : EBUSY;
1228 /* NOTREACHED */
1229 }
1230
1231 /*
1232 * ioctls which require interface address; obtain sockaddr_in.
1233 */
1234 switch (cmd) {
1235 case SIOCAIFADDR: /* struct {if,in_}aliasreq */
1236 if (!privileged) {
1237 return EPERM;
1238 }
1239 SOCKADDR_COPY(&((struct in_aliasreq *)(void *)data)->ifra_addr,
1240 &sin, sizeof(sin));
1241 sa = &sin;
1242 break;
1243
1244 case SIOCDIFADDR: /* struct ifreq */
1245 case SIOCSIFADDR: /* struct ifreq */
1246 case SIOCSIFDSTADDR: /* struct ifreq */
1247 case SIOCSIFNETMASK: /* struct ifreq */
1248 case SIOCSIFBRDADDR: /* struct ifreq */
1249 if (!privileged) {
1250 return EPERM;
1251 }
1252 OS_FALLTHROUGH;
1253 case SIOCGIFADDR: /* struct ifreq */
1254 case SIOCGIFDSTADDR: /* struct ifreq */
1255 case SIOCGIFNETMASK: /* struct ifreq */
1256 case SIOCGIFBRDADDR: /* struct ifreq */
1257 ifr = (struct ifreq *)(void *)data;
1258 SOCKADDR_COPY(&ifr->ifr_addr, &sin, sizeof(sin));
1259 sa = &sin;
1260 break;
1261 }
1262
1263 /*
1264 * Find address for this interface, if it exists.
1265 *
1266 * If an alias address was specified, find that one instead of
1267 * the first one on the interface, if possible.
1268 */
1269 VERIFY(ia == NULL);
1270 if (sa != NULL) {
1271 struct in_ifaddr *iap;
1272
1273 /*
1274 * Any failures from this point on must take into account
1275 * a non-NULL "ia" with an outstanding reference count, and
1276 * therefore requires ifa_remref. Jump to "done" label
1277 * instead of calling return if "ia" is valid.
1278 */
1279 lck_rw_lock_shared(&in_ifaddr_rwlock);
1280 TAILQ_FOREACH(iap, INADDR_HASH(sa->sin_addr.s_addr), ia_hash) {
1281 IFA_LOCK(&iap->ia_ifa);
1282 if (iap->ia_ifp == ifp &&
1283 iap->ia_addr.sin_addr.s_addr ==
1284 sa->sin_addr.s_addr) {
1285 ia = iap;
1286 ifa_addref(&iap->ia_ifa);
1287 IFA_UNLOCK(&iap->ia_ifa);
1288 break;
1289 }
1290 IFA_UNLOCK(&iap->ia_ifa);
1291 }
1292 lck_rw_done(&in_ifaddr_rwlock);
1293
1294 if (ia == NULL) {
1295 ifnet_lock_shared(ifp);
1296 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1297 iap = ifatoia(ifa);
1298 IFA_LOCK(&iap->ia_ifa);
1299 if (iap->ia_addr.sin_family == AF_INET) {
1300 ia = iap;
1301 ifa_addref(&iap->ia_ifa);
1302 IFA_UNLOCK(&iap->ia_ifa);
1303 break;
1304 }
1305 IFA_UNLOCK(&iap->ia_ifa);
1306 }
1307 ifnet_lock_done(ifp);
1308 }
1309 }
1310
1311 /*
1312 * Unlock the socket since ifnet_ioctl() may be invoked by
1313 * one of the ioctl handlers below. Socket will be re-locked
1314 * prior to returning.
1315 */
1316 if (so != NULL) {
1317 socket_unlock(so, 0);
1318 so_unlocked = TRUE;
1319 }
1320
1321 switch (cmd) {
1322 case SIOCAIFADDR: /* struct {if,in_}aliasreq */
1323 case SIOCDIFADDR: /* struct ifreq */
1324 if (cmd == SIOCAIFADDR) {
1325 SOCKADDR_COPY(&((struct in_aliasreq *)(void *)data)->
1326 ifra_addr, &addr, sizeof(addr));
1327 SOCKADDR_COPY(&((struct in_aliasreq *)(void *)data)->
1328 ifra_dstaddr, &dstaddr, sizeof(dstaddr));
1329 } else {
1330 VERIFY(cmd == SIOCDIFADDR);
1331 SOCKADDR_COPY(&((struct ifreq *)(void *)data)->ifr_addr,
1332 &addr, sizeof(addr));
1333 SOCKADDR_ZERO(&dstaddr, sizeof(dstaddr));
1334 }
1335
1336 if (addr.sin_family == AF_INET) {
1337 struct in_ifaddr *__single oia;
1338
1339 lck_rw_lock_shared(&in_ifaddr_rwlock);
1340 for (oia = ia; ia; ia = ia->ia_link.tqe_next) {
1341 IFA_LOCK(&ia->ia_ifa);
1342 if (ia->ia_ifp == ifp &&
1343 ia->ia_addr.sin_addr.s_addr ==
1344 addr.sin_addr.s_addr) {
1345 ifa_addref(&ia->ia_ifa);
1346 IFA_UNLOCK(&ia->ia_ifa);
1347 break;
1348 }
1349 IFA_UNLOCK(&ia->ia_ifa);
1350 }
1351 lck_rw_done(&in_ifaddr_rwlock);
1352 if (oia != NULL) {
1353 ifa_remref(&oia->ia_ifa);
1354 }
1355 if ((ifp->if_flags & IFF_POINTOPOINT) &&
1356 (cmd == SIOCAIFADDR) &&
1357 (dstaddr.sin_addr.s_addr == INADDR_ANY)) {
1358 error = EDESTADDRREQ;
1359 goto done;
1360 }
1361 } else if (cmd == SIOCAIFADDR) {
1362 error = EINVAL;
1363 goto done;
1364 }
1365 if (cmd == SIOCDIFADDR) {
1366 if (ia == NULL) {
1367 error = EADDRNOTAVAIL;
1368 goto done;
1369 }
1370
1371 IFA_LOCK(&ia->ia_ifa);
1372 /*
1373 * Avoid the race condition seen when two
1374 * threads process SIOCDIFADDR command
1375 * at the same time.
1376 */
1377 while (ia->ia_ifa.ifa_debug & IFD_DETACHING) {
1378 os_log(OS_LOG_DEFAULT,
1379 "Another thread is already attempting to "
1380 "delete IPv4 address: %s on interface %s. "
1381 "Go to sleep and check again after the operation is done",
1382 inet_ntoa(sa->sin_addr), ia->ia_ifp->if_xname);
1383 ia->ia_ifa.ifa_del_waiters++;
1384 (void) msleep(ia->ia_ifa.ifa_del_wc, &ia->ia_ifa.ifa_lock, (PZERO - 1),
1385 __func__, NULL);
1386 IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
1387 }
1388
1389 if ((ia->ia_ifa.ifa_debug & IFD_ATTACHED) == 0) {
1390 error = EADDRNOTAVAIL;
1391 IFA_UNLOCK(&ia->ia_ifa);
1392 goto done;
1393 }
1394
1395 ia->ia_ifa.ifa_debug |= IFD_DETACHING;
1396 IFA_UNLOCK(&ia->ia_ifa);
1397 }
1398
1399 OS_FALLTHROUGH;
1400 case SIOCSIFADDR: /* struct ifreq */
1401 case SIOCSIFDSTADDR: /* struct ifreq */
1402 case SIOCSIFNETMASK: /* struct ifreq */
1403 if (cmd == SIOCAIFADDR) {
1404 /* fell thru from above; just repeat it */
1405 SOCKADDR_COPY(&((struct in_aliasreq *)(void *)data)->
1406 ifra_addr, &addr, sizeof(addr));
1407 } else {
1408 VERIFY(cmd == SIOCDIFADDR || cmd == SIOCSIFADDR ||
1409 cmd == SIOCSIFNETMASK || cmd == SIOCSIFDSTADDR);
1410 SOCKADDR_COPY(&((struct ifreq *)(void *)data)->ifr_addr,
1411 &addr, sizeof(addr));
1412 }
1413
1414 if (addr.sin_family != AF_INET && cmd == SIOCSIFADDR) {
1415 error = EINVAL;
1416 goto done;
1417 }
1418
1419 if ((cmd == SIOCAIFADDR || cmd == SIOCSIFADDR) &&
1420 (IN_MULTICAST(ntohl(addr.sin_addr.s_addr)) ||
1421 addr.sin_addr.s_addr == INADDR_BROADCAST ||
1422 addr.sin_addr.s_addr == INADDR_ANY)) {
1423 error = EINVAL;
1424 goto done;
1425 }
1426
1427 if (ia == NULL) {
1428 ia = in_ifaddr_alloc();
1429 if (ia == NULL) {
1430 error = ENOBUFS;
1431 goto done;
1432 }
1433 ifnet_lock_exclusive(ifp);
1434 ifa = &ia->ia_ifa;
1435 IFA_LOCK(ifa);
1436 IA_HASH_INIT(ia);
1437 ifa->ifa_addr = SA(&ia->ia_addr);
1438 ifa->ifa_dstaddr = SA(&ia->ia_dstaddr);
1439 ifa->ifa_netmask = SA(&ia->ia_sockmask);
1440 ia->ia_sockmask.sin_len = offsetof(struct sockaddr_in, sin_zero);
1441 if (ifp->if_flags & IFF_BROADCAST) {
1442 ia->ia_broadaddr.sin_len = sizeof(ia->ia_addr);
1443 ia->ia_broadaddr.sin_family = AF_INET;
1444 }
1445 ia->ia_ifp = ifp;
1446 if (!(ifp->if_flags & IFF_LOOPBACK)) {
1447 in_interfaces++;
1448 }
1449 /* if_attach_ifa() holds a reference for ifa_link */
1450 if_attach_ifa(ifp, ifa);
1451 /*
1452 * If we have to go through in_ifinit(), make sure
1453 * to avoid installing route(s) based on this address
1454 * via PFC_IFUP event, before the link resolver (ARP)
1455 * initializes it.
1456 */
1457 if (cmd == SIOCAIFADDR || cmd == SIOCSIFADDR) {
1458 ifa->ifa_debug |= IFD_NOTREADY;
1459 }
1460 IFA_UNLOCK(ifa);
1461 ifnet_lock_done(ifp);
1462 lck_rw_lock_exclusive(&in_ifaddr_rwlock);
1463 /* Hold a reference for ia_link */
1464 ifa_addref(ifa);
1465 TAILQ_INSERT_TAIL(&in_ifaddrhead, ia, ia_link);
1466 lck_rw_done(&in_ifaddr_rwlock);
1467 /* discard error */
1468 (void) in_domifattach(ifp);
1469 error = 0;
1470 }
1471 break;
1472 }
1473
1474 switch (cmd) {
1475 case SIOCGIFDSTADDR: /* struct ifreq */
1476 case SIOCSIFDSTADDR: /* struct ifreq */
1477 ifr = (struct ifreq *)(void *)data;
1478 error = inctl_ifdstaddr(ifp, ia, cmd, ifr);
1479 break;
1480
1481 case SIOCGIFBRDADDR: /* struct ifreq */
1482 case SIOCSIFBRDADDR: /* struct ifreq */
1483 ifr = (struct ifreq *)(void *)data;
1484 error = inctl_ifbrdaddr(ifp, ia, cmd, ifr);
1485 break;
1486
1487 case SIOCGIFNETMASK: /* struct ifreq */
1488 case SIOCSIFNETMASK: /* struct ifreq */
1489 ifr = (struct ifreq *)(void *)data;
1490 error = inctl_ifnetmask(ifp, ia, cmd, ifr);
1491 break;
1492
1493 case SIOCGIFADDR: /* struct ifreq */
1494 case SIOCSIFADDR: /* struct ifreq */
1495 case SIOCAIFADDR: /* struct {if,in_}aliasreq */
1496 case SIOCDIFADDR: /* struct ifreq */
1497 ifr = (struct ifreq *)(void *)data;
1498 error = inctl_ifaddr(ifp, ia, cmd, ifr);
1499 break;
1500
1501 default:
1502 error = EOPNOTSUPP;
1503 break;
1504 }
1505
1506 done:
1507 if (ia != NULL) {
1508 if (cmd == SIOCDIFADDR) {
1509 IFA_LOCK(&ia->ia_ifa);
1510 ia->ia_ifa.ifa_debug &= ~IFD_DETACHING;
1511 if (ia->ia_ifa.ifa_del_waiters > 0) {
1512 ia->ia_ifa.ifa_del_waiters = 0;
1513 wakeup(ia->ia_ifa.ifa_del_wc);
1514 }
1515 IFA_UNLOCK(&ia->ia_ifa);
1516 }
1517 ifa_remref(&ia->ia_ifa);
1518 }
1519 if (so_unlocked) {
1520 socket_lock(so, 0);
1521 }
1522
1523 return error;
1524 }
1525
1526 /*
1527 * Delete any existing route for an interface.
1528 */
1529 void
in_ifscrub(struct ifnet * ifp,struct in_ifaddr * ia,int locked)1530 in_ifscrub(struct ifnet *ifp, struct in_ifaddr *ia, int locked)
1531 {
1532 IFA_LOCK(&ia->ia_ifa);
1533 if ((ia->ia_flags & IFA_ROUTE) == 0) {
1534 IFA_UNLOCK(&ia->ia_ifa);
1535 return;
1536 }
1537 IFA_UNLOCK(&ia->ia_ifa);
1538 if (!locked) {
1539 lck_mtx_lock(rnh_lock);
1540 }
1541 if (ifp->if_flags & (IFF_LOOPBACK | IFF_POINTOPOINT)) {
1542 rtinit_locked(&(ia->ia_ifa), RTM_DELETE, RTF_HOST);
1543 } else {
1544 rtinit_locked(&(ia->ia_ifa), RTM_DELETE, 0);
1545 }
1546 IFA_LOCK(&ia->ia_ifa);
1547 ia->ia_flags &= ~IFA_ROUTE;
1548 IFA_UNLOCK(&ia->ia_ifa);
1549 if (!locked) {
1550 lck_mtx_unlock(rnh_lock);
1551 }
1552 }
1553
1554 /*
1555 * Caller must hold in_ifaddr_rwlock as writer.
1556 */
1557 static void
in_iahash_remove(struct in_ifaddr * ia)1558 in_iahash_remove(struct in_ifaddr *ia)
1559 {
1560 LCK_RW_ASSERT(&in_ifaddr_rwlock, LCK_RW_ASSERT_EXCLUSIVE);
1561 IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
1562
1563 if (!IA_IS_HASHED(ia)) {
1564 panic("attempt to remove wrong ia %p from hash table", ia);
1565 /* NOTREACHED */
1566 }
1567 TAILQ_REMOVE(INADDR_HASH(ia->ia_addr.sin_addr.s_addr), ia, ia_hash);
1568 IA_HASH_INIT(ia);
1569 ifa_remref(&ia->ia_ifa);
1570 }
1571
1572 /*
1573 * Caller must hold in_ifaddr_rwlock as writer.
1574 */
1575 static void
in_iahash_insert(struct in_ifaddr * ia)1576 in_iahash_insert(struct in_ifaddr *ia)
1577 {
1578 LCK_RW_ASSERT(&in_ifaddr_rwlock, LCK_RW_ASSERT_EXCLUSIVE);
1579 IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
1580
1581 if (ia->ia_addr.sin_family != AF_INET) {
1582 panic("attempt to insert wrong ia %p into hash table", ia);
1583 /* NOTREACHED */
1584 } else if (IA_IS_HASHED(ia)) {
1585 panic("attempt to double-insert ia %p into hash table", ia);
1586 /* NOTREACHED */
1587 }
1588 TAILQ_INSERT_HEAD(INADDR_HASH(ia->ia_addr.sin_addr.s_addr),
1589 ia, ia_hash);
1590 ifa_addref(&ia->ia_ifa);
1591 }
1592
1593 /*
1594 * Some point to point interfaces that are tunnels borrow the address from
1595 * an underlying interface (e.g. VPN server). In order for source address
1596 * selection logic to find the underlying interface first, we add the address
1597 * of borrowing point to point interfaces at the end of the list.
1598 * (see rdar://6733789)
1599 *
1600 * Caller must hold in_ifaddr_rwlock as writer.
1601 */
1602 static void
in_iahash_insert_ptp(struct in_ifaddr * ia)1603 in_iahash_insert_ptp(struct in_ifaddr *ia)
1604 {
1605 struct in_ifaddr *__single tmp_ifa;
1606 struct ifnet *__single tmp_ifp;
1607
1608 LCK_RW_ASSERT(&in_ifaddr_rwlock, LCK_RW_ASSERT_EXCLUSIVE);
1609 IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
1610
1611 if (ia->ia_addr.sin_family != AF_INET) {
1612 panic("attempt to insert wrong ia %p into hash table", ia);
1613 /* NOTREACHED */
1614 } else if (IA_IS_HASHED(ia)) {
1615 panic("attempt to double-insert ia %p into hash table", ia);
1616 /* NOTREACHED */
1617 }
1618 IFA_UNLOCK(&ia->ia_ifa);
1619 TAILQ_FOREACH(tmp_ifa, INADDR_HASH(ia->ia_addr.sin_addr.s_addr),
1620 ia_hash) {
1621 IFA_LOCK(&tmp_ifa->ia_ifa);
1622 /* ia->ia_addr won't change, so check without lock */
1623 if (IA_SIN(tmp_ifa)->sin_addr.s_addr ==
1624 ia->ia_addr.sin_addr.s_addr) {
1625 IFA_UNLOCK(&tmp_ifa->ia_ifa);
1626 break;
1627 }
1628 IFA_UNLOCK(&tmp_ifa->ia_ifa);
1629 }
1630 tmp_ifp = (tmp_ifa == NULL) ? NULL : tmp_ifa->ia_ifp;
1631
1632 IFA_LOCK(&ia->ia_ifa);
1633 if (tmp_ifp == NULL) {
1634 TAILQ_INSERT_HEAD(INADDR_HASH(ia->ia_addr.sin_addr.s_addr),
1635 ia, ia_hash);
1636 } else {
1637 TAILQ_INSERT_TAIL(INADDR_HASH(ia->ia_addr.sin_addr.s_addr),
1638 ia, ia_hash);
1639 }
1640 ifa_addref(&ia->ia_ifa);
1641 }
1642
1643 /*
1644 * Initialize an interface's internet address
1645 * and routing table entry.
1646 */
1647 static int
in_ifinit(struct ifnet * ifp,struct in_ifaddr * ia,struct sockaddr_in * sin,int scrub)1648 in_ifinit(struct ifnet *ifp, struct in_ifaddr *ia, struct sockaddr_in *sin,
1649 int scrub)
1650 {
1651 u_int32_t i = ntohl(sin->sin_addr.s_addr);
1652 struct sockaddr_in oldaddr;
1653 int flags = RTF_UP, error;
1654 struct ifaddr *__single ifa0;
1655 unsigned int cmd;
1656 int oldremoved = 0;
1657
1658 /* Take an extra reference for this routine */
1659 ifa_addref(&ia->ia_ifa);
1660
1661 lck_rw_lock_exclusive(&in_ifaddr_rwlock);
1662 IFA_LOCK(&ia->ia_ifa);
1663 oldaddr = ia->ia_addr;
1664 if (IA_IS_HASHED(ia)) {
1665 oldremoved = 1;
1666 in_iahash_remove(ia);
1667 }
1668 ia->ia_addr = *sin;
1669 /*
1670 * Interface addresses should not contain port or sin_zero information.
1671 */
1672 SIN(&ia->ia_addr)->sin_family = AF_INET;
1673 SIN(&ia->ia_addr)->sin_len = sizeof(struct sockaddr_in);
1674 SIN(&ia->ia_addr)->sin_port = 0;
1675 bzero(&SIN(&ia->ia_addr)->sin_zero, sizeof(sin->sin_zero));
1676 if ((ifp->if_flags & IFF_POINTOPOINT)) {
1677 in_iahash_insert_ptp(ia);
1678 } else {
1679 in_iahash_insert(ia);
1680 }
1681 IFA_UNLOCK(&ia->ia_ifa);
1682 lck_rw_done(&in_ifaddr_rwlock);
1683
1684 /*
1685 * Give the interface a chance to initialize if this is its first
1686 * address, and to validate the address if necessary. Send down
1687 * SIOCSIFADDR for first address, and SIOCAIFADDR for alias(es).
1688 * We find the first IPV4 address assigned to it and check if this
1689 * is the same as the one passed into this routine.
1690 */
1691 ifa0 = ifa_ifpgetprimary(ifp, AF_INET);
1692 cmd = (&ia->ia_ifa == ifa0) ? SIOCSIFADDR : SIOCAIFADDR;
1693 error = ifnet_ioctl(ifp, PF_INET, cmd, ia);
1694 if (error == EOPNOTSUPP) {
1695 error = 0;
1696 }
1697 /*
1698 * If we've just sent down SIOCAIFADDR, send another ioctl down
1699 * for SIOCSIFADDR for the first IPV4 address of the interface,
1700 * because an address change on one of the addresses will result
1701 * in the removal of the previous first IPV4 address. KDP needs
1702 * be reconfigured with the current primary IPV4 address.
1703 */
1704 if (error == 0 && cmd == SIOCAIFADDR) {
1705 /*
1706 * NOTE: SIOCSIFADDR is defined with struct ifreq
1707 * as parameter, but here we are sending it down
1708 * to the interface with a pointer to struct ifaddr,
1709 * for legacy reasons.
1710 */
1711 error = ifnet_ioctl(ifp, PF_INET, SIOCSIFADDR, ifa0);
1712 if (error == EOPNOTSUPP) {
1713 error = 0;
1714 }
1715 }
1716
1717 /* Release reference from ifa_ifpgetprimary() */
1718 if (ifa0 != NULL) {
1719 ifa_remref(ifa0);
1720 }
1721
1722 if (error) {
1723 lck_rw_lock_exclusive(&in_ifaddr_rwlock);
1724 IFA_LOCK(&ia->ia_ifa);
1725 if (IA_IS_HASHED(ia)) {
1726 in_iahash_remove(ia);
1727 }
1728 ia->ia_addr = oldaddr;
1729 if (oldremoved) {
1730 if ((ifp->if_flags & IFF_POINTOPOINT)) {
1731 in_iahash_insert_ptp(ia);
1732 } else {
1733 in_iahash_insert(ia);
1734 }
1735 }
1736 IFA_UNLOCK(&ia->ia_ifa);
1737 lck_rw_done(&in_ifaddr_rwlock);
1738 /* Release extra reference taken above */
1739 ifa_remref(&ia->ia_ifa);
1740 return error;
1741 }
1742 lck_mtx_lock(rnh_lock);
1743 IFA_LOCK(&ia->ia_ifa);
1744 /*
1745 * Address has been initialized by the link resolver (ARP)
1746 * via ifnet_ioctl() above; it may now generate route(s).
1747 */
1748 ia->ia_ifa.ifa_debug &= ~IFD_NOTREADY;
1749 if (scrub) {
1750 ia->ia_ifa.ifa_addr = SA(&oldaddr);
1751 IFA_UNLOCK(&ia->ia_ifa);
1752 in_ifscrub(ifp, ia, 1);
1753 IFA_LOCK(&ia->ia_ifa);
1754 ia->ia_ifa.ifa_addr = SA(&ia->ia_addr);
1755 }
1756 IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
1757 if (IN_CLASSA(i)) {
1758 ia->ia_netmask = IN_CLASSA_NET;
1759 } else if (IN_CLASSB(i)) {
1760 ia->ia_netmask = IN_CLASSB_NET;
1761 } else {
1762 ia->ia_netmask = IN_CLASSC_NET;
1763 }
1764 /*
1765 * The subnet mask usually includes at least the standard network part,
1766 * but may may be smaller in the case of supernetting.
1767 * If it is set, we believe it.
1768 */
1769 if (ia->ia_subnetmask == 0) {
1770 ia->ia_subnetmask = ia->ia_netmask;
1771 ia->ia_sockmask.sin_addr.s_addr = htonl(ia->ia_subnetmask);
1772 } else {
1773 ia->ia_netmask &= ia->ia_subnetmask;
1774 }
1775 ia->ia_net = i & ia->ia_netmask;
1776 ia->ia_subnet = i & ia->ia_subnetmask;
1777 in_socktrim(&ia->ia_sockmask);
1778 /*
1779 * Add route for the network.
1780 */
1781 ia->ia_ifa.ifa_metric = ifp->if_metric;
1782 if (ifp->if_flags & IFF_BROADCAST) {
1783 ia->ia_broadaddr.sin_addr.s_addr =
1784 htonl(ia->ia_subnet | ~ia->ia_subnetmask);
1785 ia->ia_netbroadcast.s_addr =
1786 htonl(ia->ia_net | ~ia->ia_netmask);
1787 } else if (ifp->if_flags & IFF_LOOPBACK) {
1788 ia->ia_ifa.ifa_dstaddr = ia->ia_ifa.ifa_addr;
1789 flags |= RTF_HOST;
1790 } else if (ifp->if_flags & IFF_POINTOPOINT) {
1791 if (ia->ia_dstaddr.sin_family != AF_INET) {
1792 IFA_UNLOCK(&ia->ia_ifa);
1793 lck_mtx_unlock(rnh_lock);
1794 /* Release extra reference taken above */
1795 ifa_remref(&ia->ia_ifa);
1796 return 0;
1797 }
1798 ia->ia_dstaddr.sin_len = sizeof(struct sockaddr_in);
1799 flags |= RTF_HOST;
1800 }
1801 IFA_UNLOCK(&ia->ia_ifa);
1802
1803 if ((error = rtinit_locked(&(ia->ia_ifa), RTM_ADD, flags)) == 0) {
1804 IFA_LOCK(&ia->ia_ifa);
1805 ia->ia_flags |= IFA_ROUTE;
1806 IFA_UNLOCK(&ia->ia_ifa);
1807 }
1808 lck_mtx_unlock(rnh_lock);
1809
1810 /* XXX check if the subnet route points to the same interface */
1811 if (error == EEXIST) {
1812 error = 0;
1813 }
1814
1815 /*
1816 * If the interface supports multicast, join the "all hosts"
1817 * multicast group on that interface.
1818 */
1819 if (ifp->if_flags & IFF_MULTICAST) {
1820 struct in_addr addr;
1821
1822 lck_mtx_lock(&ifp->if_addrconfig_lock);
1823 addr.s_addr = htonl(INADDR_ALLHOSTS_GROUP);
1824 if (ifp->if_allhostsinm == NULL) {
1825 struct in_multi *__single inm;
1826 inm = in_addmulti(&addr, ifp);
1827
1828 if (inm != NULL) {
1829 /*
1830 * Keep the reference on inm added by
1831 * in_addmulti above for storing the
1832 * pointer in allhostsinm.
1833 */
1834 ifp->if_allhostsinm = inm;
1835 } else {
1836 printf("%s: failed to add membership to "
1837 "all-hosts multicast address on %s\n",
1838 __func__, if_name(ifp));
1839 }
1840 }
1841 lck_mtx_unlock(&ifp->if_addrconfig_lock);
1842 }
1843
1844 /* Release extra reference taken above */
1845 ifa_remref(&ia->ia_ifa);
1846
1847 if (error == 0) {
1848 /* invalidate route caches */
1849 routegenid_inet_update();
1850 }
1851
1852 return error;
1853 }
1854
1855 /*
1856 * Return TRUE if the address might be a local broadcast address.
1857 */
1858 boolean_t
in_broadcast(struct in_addr in,struct ifnet * ifp)1859 in_broadcast(struct in_addr in, struct ifnet *ifp)
1860 {
1861 struct ifaddr *__single ifa;
1862 u_int32_t t;
1863
1864 if (in.s_addr == INADDR_BROADCAST || in.s_addr == INADDR_ANY) {
1865 return TRUE;
1866 }
1867 if (!(ifp->if_flags & IFF_BROADCAST)) {
1868 return FALSE;
1869 }
1870 t = ntohl(in.s_addr);
1871
1872 /*
1873 * Look through the list of addresses for a match
1874 * with a broadcast address.
1875 */
1876 ifnet_lock_shared(ifp);
1877 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1878 struct in_ifaddr *ia = ifatoia(ifa);
1879 IFA_LOCK(ifa);
1880 if (ifa->ifa_addr->sa_family == AF_INET &&
1881 (in.s_addr == ia->ia_broadaddr.sin_addr.s_addr ||
1882 in.s_addr == ia->ia_netbroadcast.s_addr ||
1883 /*
1884 * Check for old-style (host 0) broadcast.
1885 */
1886 t == ia->ia_subnet || t == ia->ia_net) &&
1887 /*
1888 * Check for an all one subnetmask. These
1889 * only exist when an interface gets a secondary
1890 * address.
1891 */
1892 ia->ia_subnetmask != (u_int32_t)0xffffffff) {
1893 IFA_UNLOCK(ifa);
1894 ifnet_lock_done(ifp);
1895 return TRUE;
1896 }
1897 IFA_UNLOCK(ifa);
1898 }
1899 ifnet_lock_done(ifp);
1900 return FALSE;
1901 #undef ia
1902 }
1903
1904 void
in_purgeaddrs(struct ifnet * ifp)1905 in_purgeaddrs(struct ifnet *ifp)
1906 {
1907 uint16_t addresses_count = 0;
1908 struct ifaddr **__counted_by(addresses_count) ifap = NULL;
1909 int err, i;
1910
1911 VERIFY(ifp != NULL);
1912
1913 /*
1914 * Be nice, and try the civilized way first. If we can't get
1915 * rid of them this way, then do it the rough way. We must
1916 * only get here during detach time, after the ifnet has been
1917 * removed from the global list and arrays.
1918 */
1919 err = ifnet_get_address_list_family_internal(ifp, &ifap, &addresses_count,
1920 AF_INET, 1, M_WAITOK, 0);
1921 if (err == 0 && ifap != NULL) {
1922 struct ifreq ifr;
1923
1924 bzero(&ifr, sizeof(ifr));
1925 (void) snprintf(ifr.ifr_name, sizeof(ifr.ifr_name),
1926 "%s", if_name(ifp));
1927
1928 for (i = 0; ifap[i] != NULL; i++) {
1929 struct ifaddr *__single ifa;
1930
1931 ifa = ifap[i];
1932 IFA_LOCK(ifa);
1933 SOCKADDR_COPY(ifa->ifa_addr, &ifr.ifr_addr,
1934 sizeof(struct sockaddr_in));
1935 IFA_UNLOCK(ifa);
1936 err = in_control(NULL, SIOCDIFADDR, (caddr_t)&ifr, ifp,
1937 kernproc);
1938 /* if we lost the race, ignore it */
1939 if (err == EADDRNOTAVAIL) {
1940 err = 0;
1941 }
1942 if (err != 0) {
1943 char s_addr[MAX_IPv4_STR_LEN];
1944 char s_dstaddr[MAX_IPv4_STR_LEN];
1945 struct in_addr *__single s, *d;
1946
1947 IFA_LOCK(ifa);
1948 s = &SIN(ifa->ifa_addr)->sin_addr;
1949 d = &SIN(ifa->ifa_dstaddr)->sin_addr;
1950 (void) inet_ntop(AF_INET, &s->s_addr, s_addr,
1951 sizeof(s_addr));
1952 (void) inet_ntop(AF_INET, &d->s_addr, s_dstaddr,
1953 sizeof(s_dstaddr));
1954 IFA_UNLOCK(ifa);
1955
1956 printf("%s: SIOCDIFADDR ifp=%s ifa_addr=%s "
1957 "ifa_dstaddr=%s (err=%d)\n", __func__,
1958 ifp->if_xname, s_addr, s_dstaddr, err);
1959 }
1960 }
1961 ifnet_address_list_free_counted_by(ifap, addresses_count);
1962 } else if (err != 0 && err != ENXIO) {
1963 printf("%s: error retrieving list of AF_INET addresses for "
1964 "ifp=%s (err=%d)\n", __func__, ifp->if_xname, err);
1965 }
1966 }
1967
1968 static struct in_ifaddr *
in_ifaddr_alloc(void)1969 in_ifaddr_alloc(void)
1970 {
1971 struct in_ifaddr *__single inifa;
1972
1973 inifa = kalloc_type(struct in_ifaddr, Z_ZERO | Z_WAITOK);
1974 if (inifa == NULL) {
1975 return NULL;
1976 }
1977
1978 inifa->ia_ifa.ifa_free = in_ifaddr_free;
1979 inifa->ia_ifa.ifa_debug |= IFD_ALLOC;
1980 inifa->ia_ifa.ifa_del_wc = &inifa->ia_ifa.ifa_debug;
1981 inifa->ia_ifa.ifa_del_waiters = 0;
1982 ifa_lock_init(&inifa->ia_ifa);
1983 ifa_initref(&inifa->ia_ifa);
1984
1985 return inifa;
1986 }
1987
1988 static void
in_ifaddr_free(struct ifaddr * ifa)1989 in_ifaddr_free(struct ifaddr *ifa)
1990 {
1991 struct in_ifaddr *__single inifa = ifatoia(ifa);
1992
1993 IFA_LOCK_ASSERT_HELD(ifa);
1994
1995 if (__improbable(!(ifa->ifa_debug & IFD_ALLOC))) {
1996 panic("%s: ifa %p cannot be freed", __func__, ifa);
1997 /* NOTREACHED */
1998 }
1999 IFA_UNLOCK(ifa);
2000 ifa_lock_destroy(ifa);
2001
2002 kfree_type(struct in_ifaddr, inifa);
2003 }
2004
2005 /*
2006 * Handle SIOCGASSOCIDS ioctl for PF_INET domain.
2007 */
2008 static int
in_getassocids(struct socket * so,uint32_t * cnt,user_addr_t aidp)2009 in_getassocids(struct socket *so, uint32_t *cnt, user_addr_t aidp)
2010 {
2011 struct inpcb *__single inp = sotoinpcb(so);
2012 sae_associd_t aid;
2013
2014 if (inp == NULL || inp->inp_state == INPCB_STATE_DEAD) {
2015 return EINVAL;
2016 }
2017
2018 /* INPCB has no concept of association */
2019 aid = SAE_ASSOCID_ANY;
2020 *cnt = 0;
2021
2022 /* just asking how many there are? */
2023 if (aidp == USER_ADDR_NULL) {
2024 return 0;
2025 }
2026
2027 return copyout(&aid, aidp, sizeof(aid));
2028 }
2029
2030 /*
2031 * Handle SIOCGCONNIDS ioctl for PF_INET domain.
2032 */
2033 static int
in_getconnids(struct socket * so,sae_associd_t aid,uint32_t * cnt,user_addr_t cidp)2034 in_getconnids(struct socket *so, sae_associd_t aid, uint32_t *cnt,
2035 user_addr_t cidp)
2036 {
2037 struct inpcb *__single inp = sotoinpcb(so);
2038 sae_connid_t cid;
2039
2040 if (inp == NULL || inp->inp_state == INPCB_STATE_DEAD) {
2041 return EINVAL;
2042 }
2043
2044 if (aid != SAE_ASSOCID_ANY && aid != SAE_ASSOCID_ALL) {
2045 return EINVAL;
2046 }
2047
2048 /* if connected, return 1 connection count */
2049 *cnt = ((so->so_state & SS_ISCONNECTED) ? 1 : 0);
2050
2051 /* just asking how many there are? */
2052 if (cidp == USER_ADDR_NULL) {
2053 return 0;
2054 }
2055
2056 /* if INPCB is connected, assign it connid 1 */
2057 cid = ((*cnt != 0) ? 1 : SAE_CONNID_ANY);
2058
2059 return copyout(&cid, cidp, sizeof(cid));
2060 }
2061
2062 /*
2063 * Handle SIOCGCONNINFO ioctl for PF_INET domain.
2064 */
2065 int
in_getconninfo(struct socket * so,sae_connid_t cid,uint32_t * flags,uint32_t * ifindex,int32_t * soerror,user_addr_t src,socklen_t * src_len,user_addr_t dst,socklen_t * dst_len,uint32_t * aux_type,user_addr_t aux_data,uint32_t * aux_len)2066 in_getconninfo(struct socket *so, sae_connid_t cid, uint32_t *flags,
2067 uint32_t *ifindex, int32_t *soerror, user_addr_t src, socklen_t *src_len,
2068 user_addr_t dst, socklen_t *dst_len, uint32_t *aux_type,
2069 user_addr_t aux_data, uint32_t *aux_len)
2070 {
2071 struct inpcb *__single inp = sotoinpcb(so);
2072 struct sockaddr_in sin;
2073 struct ifnet *__single ifp = NULL;
2074 int error = 0;
2075 u_int32_t copy_len = 0;
2076
2077 /*
2078 * Don't test for INPCB_STATE_DEAD since this may be called
2079 * after SOF_PCBCLEARING is set, e.g. after tcp_close().
2080 */
2081 if (inp == NULL) {
2082 error = EINVAL;
2083 goto out;
2084 }
2085
2086 if (cid != SAE_CONNID_ANY && cid != SAE_CONNID_ALL && cid != 1) {
2087 error = EINVAL;
2088 goto out;
2089 }
2090
2091 ifp = inp->inp_last_outifp;
2092 *ifindex = ((ifp != NULL) ? ifp->if_index : 0);
2093 *soerror = so->so_error;
2094 *flags = 0;
2095 if (so->so_state & SS_ISCONNECTED) {
2096 *flags |= (CIF_CONNECTED | CIF_PREFERRED);
2097 }
2098 if (inp->inp_flags & INP_BOUND_IF) {
2099 *flags |= CIF_BOUND_IF;
2100 }
2101 if (!(inp->inp_flags & INP_INADDR_ANY)) {
2102 *flags |= CIF_BOUND_IP;
2103 }
2104 if (!(inp->inp_flags & INP_ANONPORT)) {
2105 *flags |= CIF_BOUND_PORT;
2106 }
2107
2108 SOCKADDR_ZERO(&sin, sizeof(sin));
2109 sin.sin_len = sizeof(sin);
2110 sin.sin_family = AF_INET;
2111
2112 /* source address and port */
2113 sin.sin_port = inp->inp_lport;
2114 sin.sin_addr.s_addr = inp->inp_laddr.s_addr;
2115 if (*src_len == 0) {
2116 *src_len = sin.sin_len;
2117 } else {
2118 if (src != USER_ADDR_NULL) {
2119 copy_len = min(*src_len, sizeof(sin));
2120 error = copyout(&sin, src, copy_len);
2121 if (error != 0) {
2122 goto out;
2123 }
2124 *src_len = copy_len;
2125 }
2126 }
2127
2128 /* destination address and port */
2129 sin.sin_port = inp->inp_fport;
2130 sin.sin_addr.s_addr = inp->inp_faddr.s_addr;
2131 if (*dst_len == 0) {
2132 *dst_len = sin.sin_len;
2133 } else {
2134 if (dst != USER_ADDR_NULL) {
2135 copy_len = min(*dst_len, sizeof(sin));
2136 error = copyout(&sin, dst, copy_len);
2137 if (error != 0) {
2138 goto out;
2139 }
2140 *dst_len = copy_len;
2141 }
2142 }
2143
2144 if (SOCK_PROTO(so) == IPPROTO_TCP) {
2145 struct conninfo_tcp tcp_ci;
2146
2147 *aux_type = CIAUX_TCP;
2148 if (*aux_len == 0) {
2149 *aux_len = sizeof(tcp_ci);
2150 } else {
2151 if (aux_data != USER_ADDR_NULL) {
2152 copy_len = min(*aux_len, sizeof(tcp_ci));
2153 bzero(&tcp_ci, sizeof(tcp_ci));
2154 tcp_getconninfo(so, &tcp_ci);
2155 error = copyout(&tcp_ci, aux_data, copy_len);
2156 if (error != 0) {
2157 goto out;
2158 }
2159 *aux_len = copy_len;
2160 }
2161 }
2162 } else {
2163 *aux_type = 0;
2164 *aux_len = 0;
2165 }
2166
2167 out:
2168 return error;
2169 }
2170
2171 struct in_ifaddr*
inifa_ifpwithflag(struct ifnet * ifp,uint32_t flag)2172 inifa_ifpwithflag(struct ifnet * ifp, uint32_t flag)
2173 {
2174 struct ifaddr *__single ifa;
2175
2176 ifnet_lock_shared(ifp);
2177 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_link)
2178 {
2179 IFA_LOCK_SPIN(ifa);
2180 if (ifa->ifa_addr->sa_family != AF_INET) {
2181 IFA_UNLOCK(ifa);
2182 continue;
2183 }
2184 if (((ifatoia(ifa))->ia_flags & flag) == flag) {
2185 ifa_addref(ifa);
2186 IFA_UNLOCK(ifa);
2187 break;
2188 }
2189 IFA_UNLOCK(ifa);
2190 }
2191 ifnet_lock_done(ifp);
2192
2193 return ifatoia(ifa);
2194 }
2195
2196 struct in_ifaddr *
inifa_ifpclatv4(struct ifnet * ifp)2197 inifa_ifpclatv4(struct ifnet * ifp)
2198 {
2199 struct ifaddr *__single ifa;
2200
2201 ifnet_lock_shared(ifp);
2202 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_link)
2203 {
2204 uint32_t addr = 0;
2205 IFA_LOCK_SPIN(ifa);
2206 if (ifa->ifa_addr->sa_family != AF_INET) {
2207 IFA_UNLOCK(ifa);
2208 continue;
2209 }
2210
2211 addr = ntohl(SIN(ifa->ifa_addr)->sin_addr.s_addr);
2212 if (!IN_LINKLOCAL(addr) &&
2213 !IN_LOOPBACK(addr)) {
2214 ifa_addref(ifa);
2215 IFA_UNLOCK(ifa);
2216 break;
2217 }
2218 IFA_UNLOCK(ifa);
2219 }
2220 ifnet_lock_done(ifp);
2221
2222 return ifatoia(ifa);
2223 }
2224
2225 /*
2226 * IPPROTO_xxx.
2227 *
2228 * The switch statement below does nothing at runtime, as it serves as a
2229 * compile time check to ensure that all of the IPPROTO_xxx constants are
2230 * unique. This works as long as this routine gets updated each time a
2231 * new IPPROTO_xxx constant gets added.
2232 *
2233 * Any failures at compile time indicates duplicated IPPROTO_xxx values.
2234 */
2235 static __attribute__((unused)) void
ipproto_cassert(void)2236 ipproto_cassert(void)
2237 {
2238 /*
2239 * This is equivalent to static_assert() and the compiler wouldn't
2240 * generate any instructions, thus for compile time only.
2241 */
2242 switch ((u_int16_t)0) {
2243 /* bsd/netinet/in.h */
2244 case IPPROTO_IP:
2245 // case IPPROTO_HOPOPTS: // same value as IPPROTO_IP
2246 case IPPROTO_ICMP:
2247 case IPPROTO_IGMP:
2248 case IPPROTO_GGP:
2249 case IPPROTO_IPV4:
2250 // #define IPPROTO_IPIP IPPROTO_IPV4
2251 case IPPROTO_TCP:
2252 case IPPROTO_ST:
2253 case IPPROTO_EGP:
2254 case IPPROTO_PIGP:
2255 case IPPROTO_RCCMON:
2256 case IPPROTO_NVPII:
2257 case IPPROTO_PUP:
2258 case IPPROTO_ARGUS:
2259 case IPPROTO_EMCON:
2260 case IPPROTO_XNET:
2261 case IPPROTO_CHAOS:
2262 case IPPROTO_UDP:
2263 case IPPROTO_MUX:
2264 case IPPROTO_MEAS:
2265 case IPPROTO_HMP:
2266 case IPPROTO_PRM:
2267 case IPPROTO_IDP:
2268 case IPPROTO_TRUNK1:
2269 case IPPROTO_TRUNK2:
2270 case IPPROTO_LEAF1:
2271 case IPPROTO_LEAF2:
2272 case IPPROTO_RDP:
2273 case IPPROTO_IRTP:
2274 case IPPROTO_TP:
2275 case IPPROTO_BLT:
2276 case IPPROTO_NSP:
2277 case IPPROTO_INP:
2278 case IPPROTO_SEP:
2279 case IPPROTO_3PC:
2280 case IPPROTO_IDPR:
2281 case IPPROTO_XTP:
2282 case IPPROTO_DDP:
2283 case IPPROTO_CMTP:
2284 case IPPROTO_TPXX:
2285 case IPPROTO_IL:
2286 case IPPROTO_IPV6:
2287 case IPPROTO_SDRP:
2288 case IPPROTO_ROUTING:
2289 case IPPROTO_FRAGMENT:
2290 case IPPROTO_IDRP:
2291 case IPPROTO_RSVP:
2292 case IPPROTO_GRE:
2293 case IPPROTO_MHRP:
2294 case IPPROTO_BHA:
2295 case IPPROTO_ESP:
2296 case IPPROTO_AH:
2297 case IPPROTO_INLSP:
2298 case IPPROTO_SWIPE:
2299 case IPPROTO_NHRP:
2300 case IPPROTO_ICMPV6:
2301 case IPPROTO_NONE:
2302 case IPPROTO_DSTOPTS:
2303 case IPPROTO_AHIP:
2304 case IPPROTO_CFTP:
2305 case IPPROTO_HELLO:
2306 case IPPROTO_SATEXPAK:
2307 case IPPROTO_KRYPTOLAN:
2308 case IPPROTO_RVD:
2309 case IPPROTO_IPPC:
2310 case IPPROTO_ADFS:
2311 case IPPROTO_SATMON:
2312 case IPPROTO_VISA:
2313 case IPPROTO_IPCV:
2314 case IPPROTO_CPNX:
2315 case IPPROTO_CPHB:
2316 case IPPROTO_WSN:
2317 case IPPROTO_PVP:
2318 case IPPROTO_BRSATMON:
2319 case IPPROTO_ND:
2320 case IPPROTO_WBMON:
2321 case IPPROTO_WBEXPAK:
2322 case IPPROTO_EON:
2323 case IPPROTO_VMTP:
2324 case IPPROTO_SVMTP:
2325 case IPPROTO_VINES:
2326 case IPPROTO_TTP:
2327 case IPPROTO_IGP:
2328 case IPPROTO_DGP:
2329 case IPPROTO_TCF:
2330 case IPPROTO_IGRP:
2331 case IPPROTO_OSPFIGP:
2332 case IPPROTO_SRPC:
2333 case IPPROTO_LARP:
2334 case IPPROTO_MTP:
2335 case IPPROTO_AX25:
2336 case IPPROTO_IPEIP:
2337 case IPPROTO_MICP:
2338 case IPPROTO_SCCSP:
2339 case IPPROTO_ETHERIP:
2340 case IPPROTO_ENCAP:
2341 case IPPROTO_APES:
2342 case IPPROTO_GMTP:
2343 case IPPROTO_PIM:
2344 case IPPROTO_IPCOMP:
2345 case IPPROTO_PGM:
2346 case IPPROTO_SCTP:
2347 case IPPROTO_DIVERT:
2348 case IPPROTO_RAW:
2349 case IPPROTO_MAX:
2350 case IPPROTO_DONE:
2351
2352 /* bsd/netinet/in_private.h */
2353 case IPPROTO_QUIC:
2354 ;
2355 }
2356 }
2357
2358 static __attribute__((unused)) void
ipsockopt_cassert(void)2359 ipsockopt_cassert(void)
2360 {
2361 switch ((int)0) {
2362 case 0:
2363
2364 /* bsd/netinet/in.h */
2365 case IP_OPTIONS:
2366 case IP_HDRINCL:
2367 case IP_TOS:
2368 case IP_TTL:
2369 case IP_RECVOPTS:
2370 case IP_RECVRETOPTS:
2371 case IP_RECVDSTADDR:
2372 case IP_RETOPTS:
2373 case IP_MULTICAST_IF:
2374 case IP_MULTICAST_TTL:
2375 case IP_MULTICAST_LOOP:
2376 case IP_ADD_MEMBERSHIP:
2377 case IP_DROP_MEMBERSHIP:
2378 case IP_MULTICAST_VIF:
2379 case IP_RSVP_ON:
2380 case IP_RSVP_OFF:
2381 case IP_RSVP_VIF_ON:
2382 case IP_RSVP_VIF_OFF:
2383 case IP_PORTRANGE:
2384 case IP_RECVIF:
2385 case IP_IPSEC_POLICY:
2386 case IP_FAITH:
2387 #ifdef __APPLE__
2388 case IP_STRIPHDR:
2389 #endif
2390 case IP_RECVTTL:
2391 case IP_BOUND_IF:
2392 case IP_PKTINFO:
2393 // #define IP_RECVPKTINFO IP_PKTINFO
2394 case IP_RECVTOS:
2395 case IP_DONTFRAG:
2396 case IP_FW_ADD:
2397 case IP_FW_DEL:
2398 case IP_FW_FLUSH:
2399 case IP_FW_ZERO:
2400 case IP_FW_GET:
2401 case IP_FW_RESETLOG:
2402 case IP_OLD_FW_ADD:
2403 case IP_OLD_FW_DEL:
2404 case IP_OLD_FW_FLUSH:
2405 case IP_OLD_FW_ZERO:
2406 case IP_OLD_FW_GET:
2407 case IP_NAT__XXX:
2408 case IP_OLD_FW_RESETLOG:
2409 case IP_DUMMYNET_CONFIGURE:
2410 case IP_DUMMYNET_DEL:
2411 case IP_DUMMYNET_FLUSH:
2412 case IP_DUMMYNET_GET:
2413 case IP_TRAFFIC_MGT_BACKGROUND:
2414 case IP_MULTICAST_IFINDEX:
2415 case IP_ADD_SOURCE_MEMBERSHIP:
2416 case IP_DROP_SOURCE_MEMBERSHIP:
2417 case IP_BLOCK_SOURCE:
2418 case IP_UNBLOCK_SOURCE:
2419 case IP_MSFILTER:
2420 case MCAST_JOIN_GROUP:
2421 case MCAST_LEAVE_GROUP:
2422 case MCAST_JOIN_SOURCE_GROUP:
2423 case MCAST_LEAVE_SOURCE_GROUP:
2424 case MCAST_BLOCK_SOURCE:
2425 case MCAST_UNBLOCK_SOURCE:
2426
2427 /* bsd/netinet/in_private.h */
2428 case IP_NO_IFT_CELLULAR:
2429 // #define IP_NO_IFT_PDP IP_NO_IFT_CELLULAR /* deprecated */
2430 case IP_OUT_IF:
2431 case IP_RECV_LINK_ADDR_TYPE:
2432 ;
2433 }
2434 }
2435