1 /*
2 * Copyright (c) 2000-2021 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 /*
29 * Copyright (c) 1982, 1986, 1991, 1993
30 * The Regents of the University of California. All rights reserved.
31 *
32 * Redistribution and use in source and binary forms, with or without
33 * modification, are permitted provided that the following conditions
34 * are met:
35 * 1. Redistributions of source code must retain the above copyright
36 * notice, this list of conditions and the following disclaimer.
37 * 2. Redistributions in binary form must reproduce the above copyright
38 * notice, this list of conditions and the following disclaimer in the
39 * documentation and/or other materials provided with the distribution.
40 * 3. All advertising materials mentioning features or use of this software
41 * must display the following acknowledgement:
42 * This product includes software developed by the University of
43 * California, Berkeley and its contributors.
44 * 4. Neither the name of the University nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
47 *
48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
58 * SUCH DAMAGE.
59 *
60 * @(#)in.c 8.4 (Berkeley) 1/9/95
61 */
62
63 #include <sys/param.h>
64 #include <sys/systm.h>
65 #include <sys/sockio.h>
66 #include <sys/socketvar.h>
67 #include <sys/malloc.h>
68 #include <sys/proc.h>
69 #include <sys/socket.h>
70 #include <sys/kernel.h>
71 #include <sys/sysctl.h>
72 #include <sys/kern_event.h>
73 #include <sys/syslog.h>
74 #include <sys/mcache.h>
75 #include <sys/protosw.h>
76 #include <sys/file.h>
77
78 #include <kern/zalloc.h>
79 #include <pexpert/pexpert.h>
80 #include <os/log.h>
81
82 #include <net/if.h>
83 #include <net/if_types.h>
84 #include <net/route.h>
85 #include <net/kpi_protocol.h>
86 #include <net/dlil.h>
87 #if PF
88 #include <net/pfvar.h>
89 #endif /* PF */
90
91 #include <netinet/in.h>
92 #include <netinet/in_var.h>
93 #include <netinet/in_pcb.h>
94 #include <netinet/igmp_var.h>
95 #include <netinet/ip_var.h>
96 #include <netinet/tcp.h>
97 #include <netinet/tcp_timer.h>
98 #include <netinet/tcp_var.h>
99
100 #include <net/sockaddr_utils.h>
101
102 static int inctl_associd(struct socket *, u_long, caddr_t __indexable);
103 static int inctl_connid(struct socket *, u_long, caddr_t __indexable);
104 static int inctl_conninfo(struct socket *, u_long, caddr_t __indexable);
105
106 static int inctl_autoaddr(struct ifnet *, struct ifreq *);
107 static int inctl_arpipll(struct ifnet *, struct ifreq *);
108 static int inctl_setrouter(struct ifnet *, struct ifreq *);
109 static int inctl_ifaddr(struct ifnet *, struct in_ifaddr *, u_long,
110 struct ifreq *);
111 static int inctl_ifdstaddr(struct ifnet *, struct in_ifaddr *, u_long,
112 struct ifreq *);
113 static int inctl_ifbrdaddr(struct ifnet *, struct in_ifaddr *, u_long,
114 struct ifreq *);
115 static int inctl_ifnetmask(struct ifnet *, struct in_ifaddr *, u_long,
116 struct ifreq *);
117
118 static void in_socktrim(struct sockaddr_in *);
119 static int in_ifinit(struct ifnet *, struct in_ifaddr *,
120 struct sockaddr_in *, int);
121
122 #define IA_HASH_INIT(ia) { \
123 (ia)->ia_hash.tqe_next = __unsafe_forge_single(void *, ~(uintptr_t)0); \
124 (ia)->ia_hash.tqe_prev = __unsafe_forge_single(void *, ~(uintptr_t)0); \
125 }
126
127 #define IA_IS_HASHED(ia) \
128 (!((ia)->ia_hash.tqe_next == __unsafe_forge_single(void *, ~(uintptr_t)0) || \
129 (ia)->ia_hash.tqe_prev == __unsafe_forge_single(void *, ~(uintptr_t)0)))
130
131 static void in_iahash_remove(struct in_ifaddr *);
132 static void in_iahash_insert(struct in_ifaddr *);
133 static void in_iahash_insert_ptp(struct in_ifaddr *);
134 static struct in_ifaddr *in_ifaddr_alloc(void);
135 static void in_ifaddr_free(struct ifaddr *);
136
137 static int in_getassocids(struct socket *, uint32_t *, user_addr_t);
138 static int in_getconnids(struct socket *, sae_associd_t, uint32_t *, user_addr_t);
139
140 static int subnetsarelocal = 0;
141 SYSCTL_INT(_net_inet_ip, OID_AUTO, subnets_are_local,
142 CTLFLAG_RW | CTLFLAG_LOCKED, &subnetsarelocal, 0, "");
143
144 /* Track whether or not the SIOCARPIPLL ioctl has been called */
145 u_int32_t ipv4_ll_arp_aware = 0;
146
147 /*
148 * Return 1 if the address is
149 * - loopback
150 * - unicast or multicast link local
151 * - routed via a link level gateway
152 * - belongs to a directly connected (sub)net
153 */
154 int
inaddr_local(struct in_addr in)155 inaddr_local(struct in_addr in)
156 {
157 struct rtentry *__single rt;
158 struct sockaddr_in sin;
159 int local = 0;
160
161 if (ntohl(in.s_addr) == INADDR_LOOPBACK ||
162 IN_LINKLOCAL(ntohl(in.s_addr))) {
163 local = 1;
164 } else if (ntohl(in.s_addr) >= INADDR_UNSPEC_GROUP &&
165 ntohl(in.s_addr) <= INADDR_MAX_LOCAL_GROUP) {
166 local = 1;
167 } else {
168 sin.sin_family = AF_INET;
169 sin.sin_len = sizeof(sin);
170 sin.sin_addr = in;
171 rt = rtalloc1(SA(&sin), 0, 0);
172
173 if (rt != NULL) {
174 RT_LOCK_SPIN(rt);
175 if (rt->rt_gateway->sa_family == AF_LINK ||
176 (rt->rt_ifp->if_flags & IFF_LOOPBACK)) {
177 local = 1;
178 }
179 RT_UNLOCK(rt);
180 rtfree(rt);
181 } else {
182 local = in_localaddr(in);
183 }
184 }
185 return local;
186 }
187
188 /*
189 * Return 1 if an internet address is for a ``local'' host
190 * (one to which we have a connection). If subnetsarelocal
191 * is true, this includes other subnets of the local net,
192 * otherwise, it includes the directly-connected (sub)nets.
193 * The IPv4 link local prefix 169.254/16 is also included.
194 */
195 int
in_localaddr(struct in_addr in)196 in_localaddr(struct in_addr in)
197 {
198 u_int32_t i = ntohl(in.s_addr);
199 struct in_ifaddr *__single ia;
200
201 if (IN_LINKLOCAL(i)) {
202 return 1;
203 }
204
205 if (subnetsarelocal) {
206 lck_rw_lock_shared(&in_ifaddr_rwlock);
207 for (ia = in_ifaddrhead.tqh_first; ia != NULL;
208 ia = ia->ia_link.tqe_next) {
209 IFA_LOCK(&ia->ia_ifa);
210 if ((i & ia->ia_netmask) == ia->ia_net) {
211 IFA_UNLOCK(&ia->ia_ifa);
212 lck_rw_done(&in_ifaddr_rwlock);
213 return 1;
214 }
215 IFA_UNLOCK(&ia->ia_ifa);
216 }
217 lck_rw_done(&in_ifaddr_rwlock);
218 } else {
219 lck_rw_lock_shared(&in_ifaddr_rwlock);
220 for (ia = in_ifaddrhead.tqh_first; ia != NULL;
221 ia = ia->ia_link.tqe_next) {
222 IFA_LOCK(&ia->ia_ifa);
223 if ((i & ia->ia_subnetmask) == ia->ia_subnet) {
224 IFA_UNLOCK(&ia->ia_ifa);
225 lck_rw_done(&in_ifaddr_rwlock);
226 return 1;
227 }
228 IFA_UNLOCK(&ia->ia_ifa);
229 }
230 lck_rw_done(&in_ifaddr_rwlock);
231 }
232 return 0;
233 }
234
235 /*
236 * Determine whether an IP address is in a reserved set of addresses
237 * that may not be forwarded, or whether datagrams to that destination
238 * may be forwarded.
239 */
240 boolean_t
in_canforward(struct in_addr in)241 in_canforward(struct in_addr in)
242 {
243 u_int32_t i = ntohl(in.s_addr);
244 u_int32_t net;
245
246 if (IN_EXPERIMENTAL(i) || IN_MULTICAST(i)) {
247 return FALSE;
248 }
249 if (IN_CLASSA(i)) {
250 net = i & IN_CLASSA_NET;
251 if (net == 0 || net == (IN_LOOPBACKNET << IN_CLASSA_NSHIFT)) {
252 return FALSE;
253 }
254 }
255 return TRUE;
256 }
257
258 /*
259 * Trim a mask in a sockaddr
260 */
261 static void
in_socktrim(struct sockaddr_in * ap)262 in_socktrim(struct sockaddr_in *ap)
263 {
264 char *cplim = (char *)&ap->sin_addr;
265 char *cp = (char *)(&ap->sin_addr + 1);
266
267 ap->sin_len = 0;
268 while (--cp >= cplim) {
269 if (*cp) {
270 (ap)->sin_len = (uint8_t)(cp - (char *)(ap) + 1);
271 break;
272 }
273 }
274 }
275
276 static int in_interfaces; /* number of external internet interfaces */
277
278 static int
in_domifattach(struct ifnet * ifp)279 in_domifattach(struct ifnet *ifp)
280 {
281 int error = 0;
282
283 VERIFY(ifp != NULL);
284
285 if ((error = proto_plumb(PF_INET, ifp)) && error != EEXIST) {
286 log(LOG_ERR, "%s: proto_plumb returned %d if=%s\n",
287 __func__, error, if_name(ifp));
288 return error;
289 }
290
291 if (ifp->if_inetdata == NULL) {
292 ifp->if_inetdata = zalloc_permanent_type(struct in_ifextra);
293 error = 0;
294 } else if (error != EEXIST) {
295 /*
296 * Since the structure is never freed, we need to
297 * zero out its contents to avoid reusing stale data.
298 * A little redundant with allocation above, but it
299 * keeps the code simpler for all cases.
300 */
301 IN_IFEXTRA(ifp)->netsig_len = 0;
302 bzero(IN_IFEXTRA(ifp)->netsig, sizeof(IN_IFEXTRA(ifp)->netsig));
303 }
304 return error;
305 }
306
307 static __attribute__((noinline)) int
inctl_associd(struct socket * so,u_long cmd,caddr_t __indexable data)308 inctl_associd(struct socket *so, u_long cmd, caddr_t __indexable data)
309 {
310 int error = 0;
311 union {
312 struct so_aidreq32 a32;
313 struct so_aidreq64 a64;
314 } u;
315
316 VERIFY(so != NULL);
317
318 switch (cmd) {
319 case SIOCGASSOCIDS32: /* struct so_aidreq32 */
320 bcopy(data, &u.a32, sizeof(u.a32));
321 error = in_getassocids(so, &u.a32.sar_cnt, u.a32.sar_aidp);
322 if (error == 0) {
323 bcopy(&u.a32, data, sizeof(u.a32));
324 }
325 break;
326
327 case SIOCGASSOCIDS64: /* struct so_aidreq64 */
328 bcopy(data, &u.a64, sizeof(u.a64));
329 error = in_getassocids(so, &u.a64.sar_cnt, (user_addr_t)u.a64.sar_aidp);
330 if (error == 0) {
331 bcopy(&u.a64, data, sizeof(u.a64));
332 }
333 break;
334
335 default:
336 VERIFY(0);
337 /* NOTREACHED */
338 }
339
340 return error;
341 }
342
343 static __attribute__((noinline)) int
inctl_connid(struct socket * so,u_long cmd,caddr_t __indexable data)344 inctl_connid(struct socket *so, u_long cmd, caddr_t __indexable data)
345 {
346 int error = 0;
347 union {
348 struct so_cidreq32 c32;
349 struct so_cidreq64 c64;
350 } u;
351
352 VERIFY(so != NULL);
353
354 switch (cmd) {
355 case SIOCGCONNIDS32: /* struct so_cidreq32 */
356 bcopy(data, &u.c32, sizeof(u.c32));
357 error = in_getconnids(so, u.c32.scr_aid, &u.c32.scr_cnt,
358 u.c32.scr_cidp);
359 if (error == 0) {
360 bcopy(&u.c32, data, sizeof(u.c32));
361 }
362 break;
363
364 case SIOCGCONNIDS64: /* struct so_cidreq64 */
365 bcopy(data, &u.c64, sizeof(u.c64));
366 error = in_getconnids(so, u.c64.scr_aid, &u.c64.scr_cnt,
367 (user_addr_t)u.c64.scr_cidp);
368 if (error == 0) {
369 bcopy(&u.c64, data, sizeof(u.c64));
370 }
371 break;
372
373 default:
374 VERIFY(0);
375 /* NOTREACHED */
376 }
377
378 return error;
379 }
380
381 static __attribute__((noinline)) int
inctl_conninfo(struct socket * so,u_long cmd,caddr_t __indexable data)382 inctl_conninfo(struct socket *so, u_long cmd, caddr_t __indexable data)
383 {
384 int error = 0;
385 union {
386 struct so_cinforeq32 ci32;
387 struct so_cinforeq64 ci64;
388 } u;
389
390 VERIFY(so != NULL);
391
392 switch (cmd) {
393 case SIOCGCONNINFO32: /* struct so_cinforeq32 */
394 bcopy(data, &u.ci32, sizeof(u.ci32));
395 error = in_getconninfo(so, u.ci32.scir_cid, &u.ci32.scir_flags,
396 &u.ci32.scir_ifindex, &u.ci32.scir_error, u.ci32.scir_src,
397 &u.ci32.scir_src_len, u.ci32.scir_dst, &u.ci32.scir_dst_len,
398 &u.ci32.scir_aux_type, u.ci32.scir_aux_data,
399 &u.ci32.scir_aux_len);
400 if (error == 0) {
401 bcopy(&u.ci32, data, sizeof(u.ci32));
402 }
403 break;
404
405 case SIOCGCONNINFO64: /* struct so_cinforeq64 */
406 bcopy(data, &u.ci64, sizeof(u.ci64));
407 error = in_getconninfo(so, u.ci64.scir_cid, &u.ci64.scir_flags,
408 &u.ci64.scir_ifindex, &u.ci64.scir_error, (user_addr_t)u.ci64.scir_src,
409 &u.ci64.scir_src_len, (user_addr_t)u.ci64.scir_dst, &u.ci64.scir_dst_len,
410 &u.ci64.scir_aux_type, (user_addr_t)u.ci64.scir_aux_data,
411 &u.ci64.scir_aux_len);
412 if (error == 0) {
413 bcopy(&u.ci64, data, sizeof(u.ci64));
414 }
415 break;
416
417 default:
418 VERIFY(0);
419 /* NOTREACHED */
420 }
421
422 return error;
423 }
424
425 /*
426 * Caller passes in the ioctl data pointer directly via "ifr", with the
427 * expectation that this routine always uses bcopy() or other byte-aligned
428 * memory accesses.
429 */
430 static __attribute__((noinline)) int
inctl_autoaddr(struct ifnet * ifp,struct ifreq * ifr)431 inctl_autoaddr(struct ifnet *ifp, struct ifreq *ifr)
432 {
433 int error = 0, intval;
434
435 VERIFY(ifp != NULL);
436
437 bcopy(&ifr->ifr_intval, &intval, sizeof(intval));
438
439 ifnet_lock_exclusive(ifp);
440 if (intval) {
441 /*
442 * An interface in IPv4 router mode implies that it
443 * is configured with a static IP address and should
444 * not act as a DHCP client; prevent SIOCAUTOADDR from
445 * being set in that mode.
446 */
447 if (ifp->if_eflags & IFEF_IPV4_ROUTER) {
448 intval = 0; /* be safe; clear flag if set */
449 error = EBUSY;
450 } else {
451 if_set_eflags(ifp, IFEF_AUTOCONFIGURING);
452 }
453 }
454 if (!intval) {
455 if_clear_eflags(ifp, IFEF_AUTOCONFIGURING);
456 }
457 ifnet_lock_done(ifp);
458
459 return error;
460 }
461
462 /*
463 * Caller passes in the ioctl data pointer directly via "ifr", with the
464 * expectation that this routine always uses bcopy() or other byte-aligned
465 * memory accesses.
466 */
467 static __attribute__((noinline)) int
inctl_arpipll(struct ifnet * ifp,struct ifreq * ifr)468 inctl_arpipll(struct ifnet *ifp, struct ifreq *ifr)
469 {
470 int error = 0, intval;
471
472 VERIFY(ifp != NULL);
473
474 bcopy(&ifr->ifr_intval, &intval, sizeof(intval));
475 ipv4_ll_arp_aware = 1;
476
477 ifnet_lock_exclusive(ifp);
478 if (intval) {
479 /*
480 * An interface in IPv4 router mode implies that it
481 * is configured with a static IP address and should
482 * not have to deal with IPv4 Link-Local Address;
483 * prevent SIOCARPIPLL from being set in that mode.
484 */
485 if (ifp->if_eflags & IFEF_IPV4_ROUTER) {
486 intval = 0; /* be safe; clear flag if set */
487 error = EBUSY;
488 } else {
489 if_set_eflags(ifp, IFEF_ARPLL);
490 }
491 }
492 if (!intval) {
493 if_clear_eflags(ifp, IFEF_ARPLL);
494 }
495 ifnet_lock_done(ifp);
496
497 return error;
498 }
499
500 /*
501 * Handle SIOCSETROUTERMODE to set or clear the IPv4 router mode flag on
502 * the interface. When in this mode, IPv4 Link-Local Address support is
503 * disabled in ARP, and DHCP client support is disabled in IP input; turning
504 * any of them on would cause an error to be returned. Entering or exiting
505 * this mode will result in the removal of IPv4 addresses currently configured
506 * on the interface.
507 *
508 * Caller passes in the ioctl data pointer directly via "ifr", with the
509 * expectation that this routine always uses bcopy() or other byte-aligned
510 * memory accesses.
511 */
512 static __attribute__((noinline)) int
inctl_setrouter(struct ifnet * ifp,struct ifreq * ifr)513 inctl_setrouter(struct ifnet *ifp, struct ifreq *ifr)
514 {
515 int error = 0, intval;
516
517 VERIFY(ifp != NULL);
518
519 /* Router mode isn't valid for loopback */
520 if (ifp->if_flags & IFF_LOOPBACK) {
521 return ENODEV;
522 }
523
524 bcopy(&ifr->ifr_intval, &intval, sizeof(intval));
525 switch (intval) {
526 case 0:
527 case 1:
528 break;
529 default:
530 return EINVAL;
531 }
532 ifnet_lock_exclusive(ifp);
533 if (intval != 0) {
534 if_set_eflags(ifp, IFEF_IPV4_ROUTER);
535 if_clear_eflags(ifp, (IFEF_ARPLL | IFEF_AUTOCONFIGURING));
536 } else {
537 if_clear_eflags(ifp, IFEF_IPV4_ROUTER);
538 }
539 ifnet_lock_done(ifp);
540
541 /* purge all IPv4 addresses configured on this interface */
542 in_purgeaddrs(ifp);
543
544 return error;
545 }
546
547 /*
548 * Caller passes in the ioctl data pointer directly via "ifr", with the
549 * expectation that this routine always uses bcopy() or other byte-aligned
550 * memory accesses.
551 */
552 static __attribute__((noinline)) int
inctl_ifaddr(struct ifnet * ifp,struct in_ifaddr * ia,u_long cmd,struct ifreq * ifr)553 inctl_ifaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
554 struct ifreq *ifr)
555 {
556 struct kev_in_data in_event_data;
557 struct kev_msg ev_msg;
558 struct sockaddr_in addr;
559 struct ifaddr *__single ifa;
560 int error = 0;
561
562 VERIFY(ifp != NULL);
563
564 bzero(&in_event_data, sizeof(struct kev_in_data));
565 bzero(&ev_msg, sizeof(struct kev_msg));
566
567 switch (cmd) {
568 case SIOCGIFADDR: /* struct ifreq */
569 if (ia == NULL) {
570 error = EADDRNOTAVAIL;
571 break;
572 }
573 IFA_LOCK(&ia->ia_ifa);
574 SOCKADDR_COPY(&ia->ia_addr, &ifr->ifr_addr, sizeof(addr));
575 IFA_UNLOCK(&ia->ia_ifa);
576 break;
577
578 case SIOCSIFADDR: /* struct ifreq */
579 VERIFY(ia != NULL);
580 SOCKADDR_COPY(&ifr->ifr_addr, &addr, sizeof(addr));
581 /*
582 * If this is a new address, the reference count for the
583 * hash table has been taken at creation time above.
584 */
585 error = in_ifinit(ifp, ia, &addr, 1);
586 if (error == 0) {
587 (void) ifnet_notify_address(ifp, AF_INET);
588 }
589 break;
590
591 case SIOCAIFADDR: { /* struct {if,in_}aliasreq */
592 struct in_aliasreq *__single ifra = (struct in_aliasreq *)ifr;
593 struct sockaddr_in broadaddr, mask;
594 int hostIsNew, maskIsNew;
595
596 VERIFY(ia != NULL);
597 SOCKADDR_COPY(&ifra->ifra_addr, &addr, sizeof(addr));
598 SOCKADDR_COPY(&ifra->ifra_broadaddr, &broadaddr, sizeof(broadaddr));
599 SOCKADDR_COPY(&ifra->ifra_mask, &mask, sizeof(mask));
600
601 maskIsNew = 0;
602 hostIsNew = 1;
603 error = 0;
604
605 IFA_LOCK(&ia->ia_ifa);
606 if (ia->ia_addr.sin_family == AF_INET) {
607 if (addr.sin_len == 0) {
608 addr = ia->ia_addr;
609 hostIsNew = 0;
610 } else if (addr.sin_addr.s_addr ==
611 ia->ia_addr.sin_addr.s_addr) {
612 hostIsNew = 0;
613 }
614 }
615 if (mask.sin_len != 0) {
616 IFA_UNLOCK(&ia->ia_ifa);
617 in_ifscrub(ifp, ia, 0);
618 IFA_LOCK(&ia->ia_ifa);
619 ia->ia_sockmask.sin_len = sizeof(struct sockaddr_in);
620 ia->ia_sockmask.sin_family = AF_INET;
621 ia->ia_sockmask.sin_port = 0;
622 ia->ia_sockmask.sin_addr = mask.sin_addr;
623 bzero(&ia->ia_sockmask.sin_zero, sizeof(ia->ia_dstaddr.sin_zero));
624 ia->ia_subnetmask =
625 ntohl(ia->ia_sockmask.sin_addr.s_addr);
626 maskIsNew = 1;
627 }
628 if ((ifp->if_flags & IFF_POINTOPOINT) &&
629 (broadaddr.sin_family == AF_INET)) {
630 IFA_UNLOCK(&ia->ia_ifa);
631 in_ifscrub(ifp, ia, 0);
632 IFA_LOCK(&ia->ia_ifa);
633 ia->ia_dstaddr.sin_family = AF_INET;
634 ia->ia_dstaddr.sin_len = sizeof(struct sockaddr_in);
635 ia->ia_dstaddr.sin_port = 0;
636 ia->ia_dstaddr.sin_addr = broadaddr.sin_addr;
637 bzero(&ia->ia_dstaddr.sin_zero, sizeof(ia->ia_dstaddr.sin_zero));
638 maskIsNew = 1; /* We lie; but the effect's the same */
639 }
640 if (addr.sin_family == AF_INET && (hostIsNew || maskIsNew)) {
641 IFA_UNLOCK(&ia->ia_ifa);
642 error = in_ifinit(ifp, ia, &addr, 0);
643 } else {
644 IFA_UNLOCK(&ia->ia_ifa);
645 }
646 if (error == 0) {
647 (void) ifnet_notify_address(ifp, AF_INET);
648 }
649 IFA_LOCK(&ia->ia_ifa);
650 if ((ifp->if_flags & IFF_BROADCAST) &&
651 (broadaddr.sin_family == AF_INET)) {
652 ia->ia_broadaddr.sin_family = AF_INET;
653 ia->ia_broadaddr.sin_len = sizeof(struct sockaddr_in);
654 ia->ia_broadaddr.sin_port = 0;
655 ia->ia_broadaddr.sin_addr = broadaddr.sin_addr;
656 bzero(&ia->ia_broadaddr.sin_zero, sizeof(ia->ia_broadaddr.sin_zero));
657 }
658
659 /*
660 * Report event.
661 */
662 if ((error == 0) || (error == EEXIST)) {
663 ev_msg.vendor_code = KEV_VENDOR_APPLE;
664 ev_msg.kev_class = KEV_NETWORK_CLASS;
665 ev_msg.kev_subclass = KEV_INET_SUBCLASS;
666
667 if (hostIsNew) {
668 ev_msg.event_code = KEV_INET_NEW_ADDR;
669 } else {
670 ev_msg.event_code = KEV_INET_CHANGED_ADDR;
671 }
672
673 if (ia->ia_ifa.ifa_dstaddr) {
674 in_event_data.ia_dstaddr = SIN(ia->ia_ifa.ifa_dstaddr)->sin_addr;
675 } else {
676 in_event_data.ia_dstaddr.s_addr = INADDR_ANY;
677 }
678 in_event_data.ia_addr = ia->ia_addr.sin_addr;
679 in_event_data.ia_net = ia->ia_net;
680 in_event_data.ia_netmask = ia->ia_netmask;
681 in_event_data.ia_subnet = ia->ia_subnet;
682 in_event_data.ia_subnetmask = ia->ia_subnetmask;
683 in_event_data.ia_netbroadcast = ia->ia_netbroadcast;
684 IFA_UNLOCK(&ia->ia_ifa);
685 (void) strlcpy(&in_event_data.link_data.if_name[0],
686 ifp->if_name, IFNAMSIZ);
687 in_event_data.link_data.if_family = ifp->if_family;
688 in_event_data.link_data.if_unit = ifp->if_unit;
689
690 ev_msg.dv[0].data_ptr = &in_event_data;
691 ev_msg.dv[0].data_length = sizeof(struct kev_in_data);
692 ev_msg.dv[1].data_length = 0;
693
694 dlil_post_complete_msg(ifp, &ev_msg);
695 } else {
696 IFA_UNLOCK(&ia->ia_ifa);
697 }
698 break;
699 }
700
701 case SIOCDIFADDR: /* struct ifreq */
702 VERIFY(ia != NULL);
703 error = ifnet_ioctl(ifp, PF_INET, SIOCDIFADDR, ia);
704 if (error == EOPNOTSUPP) {
705 error = 0;
706 }
707 if (error != 0) {
708 break;
709 }
710
711 /* Fill out the kernel event information */
712 ev_msg.vendor_code = KEV_VENDOR_APPLE;
713 ev_msg.kev_class = KEV_NETWORK_CLASS;
714 ev_msg.kev_subclass = KEV_INET_SUBCLASS;
715
716 ev_msg.event_code = KEV_INET_ADDR_DELETED;
717
718 IFA_LOCK(&ia->ia_ifa);
719 if (ia->ia_ifa.ifa_dstaddr) {
720 in_event_data.ia_dstaddr = SIN(ia->ia_ifa.ifa_dstaddr)->sin_addr;
721 } else {
722 in_event_data.ia_dstaddr.s_addr = INADDR_ANY;
723 }
724 in_event_data.ia_addr = ia->ia_addr.sin_addr;
725 in_event_data.ia_net = ia->ia_net;
726 in_event_data.ia_netmask = ia->ia_netmask;
727 in_event_data.ia_subnet = ia->ia_subnet;
728 in_event_data.ia_subnetmask = ia->ia_subnetmask;
729 in_event_data.ia_netbroadcast = ia->ia_netbroadcast;
730 IFA_UNLOCK(&ia->ia_ifa);
731 (void) strlcpy(&in_event_data.link_data.if_name[0],
732 ifp->if_name, IFNAMSIZ);
733 in_event_data.link_data.if_family = ifp->if_family;
734 in_event_data.link_data.if_unit = (u_int32_t)ifp->if_unit;
735
736 ev_msg.dv[0].data_ptr = &in_event_data;
737 ev_msg.dv[0].data_length = sizeof(struct kev_in_data);
738 ev_msg.dv[1].data_length = 0;
739
740 ifa = &ia->ia_ifa;
741 lck_rw_lock_exclusive(&in_ifaddr_rwlock);
742 /* Release ia_link reference */
743 ifa_remref(ifa);
744 TAILQ_REMOVE(&in_ifaddrhead, ia, ia_link);
745 IFA_LOCK(ifa);
746 if (IA_IS_HASHED(ia)) {
747 in_iahash_remove(ia);
748 }
749 IFA_UNLOCK(ifa);
750 lck_rw_done(&in_ifaddr_rwlock);
751
752 /*
753 * in_ifscrub kills the interface route.
754 */
755 in_ifscrub(ifp, ia, 0);
756 ifnet_lock_exclusive(ifp);
757 IFA_LOCK(ifa);
758 /* if_detach_ifa() releases ifa_link reference */
759 if_detach_ifa(ifp, ifa);
760 /* Our reference to this address is dropped at the bottom */
761 IFA_UNLOCK(ifa);
762
763 /* invalidate route caches */
764 routegenid_inet_update();
765
766 /*
767 * If the interface supports multicast, and no address is left,
768 * remove the "all hosts" multicast group from that interface.
769 */
770 if ((ifp->if_flags & IFF_MULTICAST) ||
771 ifp->if_allhostsinm != NULL) {
772 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
773 IFA_LOCK(ifa);
774 if (ifa->ifa_addr->sa_family == AF_INET) {
775 IFA_UNLOCK(ifa);
776 break;
777 }
778 IFA_UNLOCK(ifa);
779 }
780 ifnet_lock_done(ifp);
781
782 lck_mtx_lock(&ifp->if_addrconfig_lock);
783 if (ifa == NULL && ifp->if_allhostsinm != NULL) {
784 struct in_multi *__single inm = ifp->if_allhostsinm;
785 ifp->if_allhostsinm = NULL;
786
787 in_delmulti(inm);
788 /* release the reference for allhostsinm */
789 INM_REMREF(inm);
790 }
791 lck_mtx_unlock(&ifp->if_addrconfig_lock);
792 } else {
793 ifnet_lock_done(ifp);
794 }
795
796 /* Post the kernel event */
797 dlil_post_complete_msg(ifp, &ev_msg);
798
799 /*
800 * See if there is any IPV4 address left and if so,
801 * reconfigure KDP to use current primary address.
802 */
803 ifa = ifa_ifpgetprimary(ifp, AF_INET);
804 if (ifa != NULL) {
805 /*
806 * NOTE: SIOCSIFADDR is defined with struct ifreq
807 * as parameter, but here we are sending it down
808 * to the interface with a pointer to struct ifaddr,
809 * for legacy reasons.
810 */
811 error = ifnet_ioctl(ifp, PF_INET, SIOCSIFADDR, ifa);
812 if (error == EOPNOTSUPP) {
813 error = 0;
814 }
815
816 /* Release reference from ifa_ifpgetprimary() */
817 ifa_remref(ifa);
818 }
819 (void) ifnet_notify_address(ifp, AF_INET);
820 break;
821
822 default:
823 VERIFY(0);
824 /* NOTREACHED */
825 }
826
827 return error;
828 }
829
830 /*
831 * Caller passes in the ioctl data pointer directly via "ifr", with the
832 * expectation that this routine always uses bcopy() or other byte-aligned
833 * memory accesses.
834 */
835 static __attribute__((noinline)) int
inctl_ifdstaddr(struct ifnet * ifp,struct in_ifaddr * ia,u_long cmd,struct ifreq * ifr)836 inctl_ifdstaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
837 struct ifreq *ifr)
838 {
839 struct kev_in_data in_event_data;
840 struct kev_msg ev_msg;
841 struct sockaddr_in dstaddr;
842 int error = 0;
843
844 VERIFY(ifp != NULL);
845
846 if (!(ifp->if_flags & IFF_POINTOPOINT)) {
847 return EINVAL;
848 }
849
850 bzero(&in_event_data, sizeof(struct kev_in_data));
851 bzero(&ev_msg, sizeof(struct kev_msg));
852
853 switch (cmd) {
854 case SIOCGIFDSTADDR: /* struct ifreq */
855 if (ia == NULL) {
856 error = EADDRNOTAVAIL;
857 break;
858 }
859 IFA_LOCK(&ia->ia_ifa);
860 SOCKADDR_COPY(&ia->ia_dstaddr, &ifr->ifr_dstaddr, sizeof(dstaddr));
861 IFA_UNLOCK(&ia->ia_ifa);
862 break;
863
864 case SIOCSIFDSTADDR: /* struct ifreq */
865 VERIFY(ia != NULL);
866 IFA_LOCK(&ia->ia_ifa);
867 dstaddr = ia->ia_dstaddr;
868
869 ia->ia_dstaddr.sin_family = AF_INET;
870 ia->ia_dstaddr.sin_len = sizeof(struct sockaddr_in);
871 ia->ia_dstaddr.sin_port = 0;
872 bcopy(&SIN(&ifr->ifr_dstaddr)->sin_addr,
873 &ia->ia_dstaddr.sin_addr, sizeof(ia->ia_dstaddr.sin_addr));
874 bzero(&ia->ia_dstaddr.sin_zero, sizeof(ia->ia_dstaddr.sin_zero));
875
876 IFA_UNLOCK(&ia->ia_ifa);
877 /*
878 * NOTE: SIOCSIFDSTADDR is defined with struct ifreq
879 * as parameter, but here we are sending it down
880 * to the interface with a pointer to struct ifaddr,
881 * for legacy reasons.
882 */
883 error = ifnet_ioctl(ifp, PF_INET, SIOCSIFDSTADDR, ia);
884 IFA_LOCK(&ia->ia_ifa);
885 if (error == EOPNOTSUPP) {
886 error = 0;
887 }
888 if (error != 0) {
889 ia->ia_dstaddr = dstaddr;
890 IFA_UNLOCK(&ia->ia_ifa);
891 break;
892 }
893 IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
894
895 ev_msg.vendor_code = KEV_VENDOR_APPLE;
896 ev_msg.kev_class = KEV_NETWORK_CLASS;
897 ev_msg.kev_subclass = KEV_INET_SUBCLASS;
898
899 ev_msg.event_code = KEV_INET_SIFDSTADDR;
900
901 if (ia->ia_ifa.ifa_dstaddr) {
902 in_event_data.ia_dstaddr = SIN(ia->ia_ifa.ifa_dstaddr)->sin_addr;
903 } else {
904 in_event_data.ia_dstaddr.s_addr = INADDR_ANY;
905 }
906
907 in_event_data.ia_addr = ia->ia_addr.sin_addr;
908 in_event_data.ia_net = ia->ia_net;
909 in_event_data.ia_netmask = ia->ia_netmask;
910 in_event_data.ia_subnet = ia->ia_subnet;
911 in_event_data.ia_subnetmask = ia->ia_subnetmask;
912 in_event_data.ia_netbroadcast = ia->ia_netbroadcast;
913 IFA_UNLOCK(&ia->ia_ifa);
914 (void) strlcpy(&in_event_data.link_data.if_name[0],
915 ifp->if_name, IFNAMSIZ);
916 in_event_data.link_data.if_family = ifp->if_family;
917 in_event_data.link_data.if_unit = (u_int32_t)ifp->if_unit;
918
919 ev_msg.dv[0].data_ptr = &in_event_data;
920 ev_msg.dv[0].data_length = sizeof(struct kev_in_data);
921 ev_msg.dv[1].data_length = 0;
922
923 dlil_post_complete_msg(ifp, &ev_msg);
924
925 lck_mtx_lock(rnh_lock);
926 IFA_LOCK(&ia->ia_ifa);
927 if (ia->ia_flags & IFA_ROUTE) {
928 ia->ia_ifa.ifa_dstaddr = SA(&dstaddr);
929 IFA_UNLOCK(&ia->ia_ifa);
930 rtinit_locked(&(ia->ia_ifa), RTM_DELETE, RTF_HOST);
931 IFA_LOCK(&ia->ia_ifa);
932 ia->ia_ifa.ifa_dstaddr =
933 SA(&ia->ia_dstaddr);
934 IFA_UNLOCK(&ia->ia_ifa);
935 rtinit_locked(&(ia->ia_ifa), RTM_ADD,
936 RTF_HOST | RTF_UP);
937 } else {
938 IFA_UNLOCK(&ia->ia_ifa);
939 }
940 lck_mtx_unlock(rnh_lock);
941 break;
942
943
944
945 default:
946 VERIFY(0);
947 /* NOTREACHED */
948 }
949
950 return error;
951 }
952
953 /*
954 * Caller passes in the ioctl data pointer directly via "ifr", with the
955 * expectation that this routine always uses bcopy() or other byte-aligned
956 * memory accesses.
957 */
958 static __attribute__((noinline)) int
inctl_ifbrdaddr(struct ifnet * ifp,struct in_ifaddr * ia,u_long cmd,struct ifreq * ifr)959 inctl_ifbrdaddr(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
960 struct ifreq *ifr)
961 {
962 struct kev_in_data in_event_data;
963 struct kev_msg ev_msg;
964 int error = 0;
965
966 VERIFY(ifp != NULL);
967
968 if (ia == NULL) {
969 return EADDRNOTAVAIL;
970 }
971
972 if (!(ifp->if_flags & IFF_BROADCAST)) {
973 return EINVAL;
974 }
975
976 bzero(&in_event_data, sizeof(struct kev_in_data));
977 bzero(&ev_msg, sizeof(struct kev_msg));
978
979 switch (cmd) {
980 case SIOCGIFBRDADDR: /* struct ifreq */
981 IFA_LOCK(&ia->ia_ifa);
982 SOCKADDR_COPY(&ia->ia_broadaddr, &ifr->ifr_broadaddr,
983 sizeof(struct sockaddr_in));
984 IFA_UNLOCK(&ia->ia_ifa);
985 break;
986
987 case SIOCSIFBRDADDR: /* struct ifreq */
988 IFA_LOCK(&ia->ia_ifa);
989
990 ia->ia_broadaddr.sin_family = AF_INET;
991 ia->ia_broadaddr.sin_len = sizeof(struct sockaddr_in);
992 ia->ia_broadaddr.sin_port = 0;
993 bcopy(&SIN(&ifr->ifr_broadaddr)->sin_addr,
994 &ia->ia_broadaddr.sin_addr, sizeof(ia->ia_broadaddr.sin_addr));
995 bzero(&ia->ia_broadaddr.sin_zero, sizeof(ia->ia_broadaddr.sin_zero));
996
997 ev_msg.vendor_code = KEV_VENDOR_APPLE;
998 ev_msg.kev_class = KEV_NETWORK_CLASS;
999 ev_msg.kev_subclass = KEV_INET_SUBCLASS;
1000
1001 ev_msg.event_code = KEV_INET_SIFBRDADDR;
1002
1003 if (ia->ia_ifa.ifa_dstaddr) {
1004 in_event_data.ia_dstaddr = SIN(ia->ia_ifa.ifa_dstaddr)->sin_addr;
1005 } else {
1006 in_event_data.ia_dstaddr.s_addr = INADDR_ANY;
1007 }
1008 in_event_data.ia_addr = ia->ia_addr.sin_addr;
1009 in_event_data.ia_net = ia->ia_net;
1010 in_event_data.ia_netmask = ia->ia_netmask;
1011 in_event_data.ia_subnet = ia->ia_subnet;
1012 in_event_data.ia_subnetmask = ia->ia_subnetmask;
1013 in_event_data.ia_netbroadcast = ia->ia_netbroadcast;
1014 IFA_UNLOCK(&ia->ia_ifa);
1015 (void) strlcpy(&in_event_data.link_data.if_name[0],
1016 ifp->if_name, IFNAMSIZ);
1017 in_event_data.link_data.if_family = ifp->if_family;
1018 in_event_data.link_data.if_unit = (u_int32_t)ifp->if_unit;
1019
1020 ev_msg.dv[0].data_ptr = &in_event_data;
1021 ev_msg.dv[0].data_length = sizeof(struct kev_in_data);
1022 ev_msg.dv[1].data_length = 0;
1023
1024 dlil_post_complete_msg(ifp, &ev_msg);
1025 break;
1026
1027 default:
1028 VERIFY(0);
1029 /* NOTREACHED */
1030 }
1031
1032 return error;
1033 }
1034
1035 /*
1036 * Caller passes in the ioctl data pointer directly via "ifr", with the
1037 * expectation that this routine always uses bcopy() or other byte-aligned
1038 * memory accesses.
1039 */
1040 static __attribute__((noinline)) int
inctl_ifnetmask(struct ifnet * ifp,struct in_ifaddr * ia,u_long cmd,struct ifreq * ifr)1041 inctl_ifnetmask(struct ifnet *ifp, struct in_ifaddr *ia, u_long cmd,
1042 struct ifreq *ifr)
1043 {
1044 struct kev_in_data in_event_data;
1045 struct kev_msg ev_msg;
1046 struct sockaddr_in mask;
1047 int error = 0;
1048
1049 VERIFY(ifp != NULL);
1050
1051 bzero(&in_event_data, sizeof(struct kev_in_data));
1052 bzero(&ev_msg, sizeof(struct kev_msg));
1053
1054 switch (cmd) {
1055 case SIOCGIFNETMASK: /* struct ifreq */
1056 if (ia == NULL) {
1057 error = EADDRNOTAVAIL;
1058 break;
1059 }
1060 IFA_LOCK(&ia->ia_ifa);
1061 SOCKADDR_COPY(&ia->ia_sockmask, &ifr->ifr_addr, sizeof(mask));
1062 IFA_UNLOCK(&ia->ia_ifa);
1063 break;
1064
1065 case SIOCSIFNETMASK: { /* struct ifreq */
1066 in_addr_t i;
1067
1068 SOCKADDR_COPY(&ifr->ifr_addr, &mask, sizeof(mask));
1069 i = mask.sin_addr.s_addr;
1070
1071 VERIFY(ia != NULL);
1072 IFA_LOCK(&ia->ia_ifa);
1073 ia->ia_subnetmask = ntohl(ia->ia_sockmask.sin_addr.s_addr = i);
1074 ev_msg.vendor_code = KEV_VENDOR_APPLE;
1075 ev_msg.kev_class = KEV_NETWORK_CLASS;
1076 ev_msg.kev_subclass = KEV_INET_SUBCLASS;
1077
1078 ev_msg.event_code = KEV_INET_SIFNETMASK;
1079
1080 if (ia->ia_ifa.ifa_dstaddr) {
1081 in_event_data.ia_dstaddr = SIN(ia->ia_ifa.ifa_dstaddr)->sin_addr;
1082 } else {
1083 in_event_data.ia_dstaddr.s_addr = INADDR_ANY;
1084 }
1085 in_event_data.ia_addr = ia->ia_addr.sin_addr;
1086 in_event_data.ia_net = ia->ia_net;
1087 in_event_data.ia_netmask = ia->ia_netmask;
1088 in_event_data.ia_subnet = ia->ia_subnet;
1089 in_event_data.ia_subnetmask = ia->ia_subnetmask;
1090 in_event_data.ia_netbroadcast = ia->ia_netbroadcast;
1091 IFA_UNLOCK(&ia->ia_ifa);
1092 (void) strlcpy(&in_event_data.link_data.if_name[0],
1093 ifp->if_name, IFNAMSIZ);
1094 in_event_data.link_data.if_family = ifp->if_family;
1095 in_event_data.link_data.if_unit = (u_int32_t)ifp->if_unit;
1096
1097 ev_msg.dv[0].data_ptr = &in_event_data;
1098 ev_msg.dv[0].data_length = sizeof(struct kev_in_data);
1099 ev_msg.dv[1].data_length = 0;
1100
1101 dlil_post_complete_msg(ifp, &ev_msg);
1102 break;
1103 }
1104
1105 default:
1106 VERIFY(0);
1107 /* NOTREACHED */
1108 }
1109
1110 return error;
1111 }
1112
1113 /*
1114 * Generic INET control operations (ioctl's).
1115 *
1116 * ifp is NULL if not an interface-specific ioctl.
1117 *
1118 * Most of the routines called to handle the ioctls would end up being
1119 * tail-call optimized, which unfortunately causes this routine to
1120 * consume too much stack space; this is the reason for the "noinline"
1121 * attribute used on those routines.
1122 *
1123 * If called directly from within the networking stack (as opposed to via
1124 * pru_control), the socket parameter may be NULL.
1125 */
1126 int
in_control(struct socket * so,u_long cmd,caddr_t __sized_by (IOCPARM_LEN (cmd))data,struct ifnet * ifp,struct proc * p)1127 in_control(struct socket *so, u_long cmd, caddr_t __sized_by(IOCPARM_LEN(cmd)) data,
1128 struct ifnet *ifp, struct proc *p)
1129 {
1130 struct ifreq *__single ifr = NULL;
1131 struct sockaddr_in addr, dstaddr;
1132 struct sockaddr_in sin;
1133 struct sockaddr_in *__single sa = NULL;
1134 boolean_t privileged = (proc_suser(p) == 0);
1135 boolean_t so_unlocked = FALSE;
1136 struct in_ifaddr *__single ia = NULL;
1137 struct ifaddr *__single ifa;
1138 int error = 0;
1139 int intval;
1140
1141 /* In case it's NULL, make sure it came from the kernel */
1142 VERIFY(so != NULL || p == kernproc);
1143
1144 /*
1145 * ioctls which don't require ifp, but require socket.
1146 */
1147 switch (cmd) {
1148 case SIOCGASSOCIDS32: /* struct so_aidreq32 */
1149 case SIOCGASSOCIDS64: /* struct so_aidreq64 */
1150 return inctl_associd(so, cmd, data);
1151 /* NOTREACHED */
1152
1153 case SIOCGCONNIDS32: /* struct so_cidreq32 */
1154 case SIOCGCONNIDS64: /* struct so_cidreq64 */
1155 return inctl_connid(so, cmd, data);
1156 /* NOTREACHED */
1157
1158 case SIOCGCONNINFO32: /* struct so_cinforeq32 */
1159 case SIOCGCONNINFO64: /* struct so_cinforeq64 */
1160 return inctl_conninfo(so, cmd, data);
1161 /* NOTREACHED */
1162 }
1163
1164 /*
1165 * The rest of ioctls require ifp; reject if we don't have one;
1166 * return ENXIO to be consistent with ifioctl().
1167 */
1168 if (ifp == NULL) {
1169 return ENXIO;
1170 }
1171
1172 /*
1173 * ioctls which require ifp but not interface address.
1174 */
1175 switch (cmd) {
1176 case SIOCAUTOADDR: /* struct ifreq */
1177 if (!privileged) {
1178 return EPERM;
1179 }
1180 ifr = (struct ifreq *)(void *)data;
1181 return inctl_autoaddr(ifp, ifr);
1182 /* NOTREACHED */
1183
1184 case SIOCARPIPLL: /* struct ifreq */
1185 if (!privileged) {
1186 return EPERM;
1187 }
1188 ifr = (struct ifreq *)(void *)data;
1189 return inctl_arpipll(ifp, ifr);
1190 /* NOTREACHED */
1191
1192 case SIOCGETROUTERMODE: /* struct ifreq */
1193 ifr = (struct ifreq *)(void *)data;
1194 intval = (ifp->if_eflags & IFEF_IPV4_ROUTER) != 0 ? 1 : 0;
1195 bcopy(&intval, &ifr->ifr_intval, sizeof(intval));
1196 return 0;
1197 /* NOTREACHED */
1198
1199 case SIOCSETROUTERMODE: /* struct ifreq */
1200 if (!privileged) {
1201 return EPERM;
1202 }
1203 ifr = (struct ifreq *)(void *)data;
1204 return inctl_setrouter(ifp, ifr);
1205 /* NOTREACHED */
1206
1207 case SIOCPROTOATTACH: /* struct ifreq */
1208 if (!privileged) {
1209 return EPERM;
1210 }
1211 return in_domifattach(ifp);
1212 /* NOTREACHED */
1213
1214 case SIOCPROTODETACH: /* struct ifreq */
1215 if (!privileged) {
1216 return EPERM;
1217 }
1218
1219 /*
1220 * If an IPv4 address is still present, refuse to detach.
1221 */
1222 ifnet_lock_shared(ifp);
1223 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1224 IFA_LOCK(ifa);
1225 if (ifa->ifa_addr->sa_family == AF_INET) {
1226 IFA_UNLOCK(ifa);
1227 break;
1228 }
1229 IFA_UNLOCK(ifa);
1230 }
1231 ifnet_lock_done(ifp);
1232 return (ifa == NULL) ? proto_unplumb(PF_INET, ifp) : EBUSY;
1233 /* NOTREACHED */
1234 }
1235
1236 /*
1237 * ioctls which require interface address; obtain sockaddr_in.
1238 */
1239 switch (cmd) {
1240 case SIOCAIFADDR: /* struct {if,in_}aliasreq */
1241 if (!privileged) {
1242 return EPERM;
1243 }
1244 SOCKADDR_COPY(&((struct in_aliasreq *)(void *)data)->ifra_addr,
1245 &sin, sizeof(sin));
1246 sa = &sin;
1247 break;
1248
1249 case SIOCDIFADDR: /* struct ifreq */
1250 case SIOCSIFADDR: /* struct ifreq */
1251 case SIOCSIFDSTADDR: /* struct ifreq */
1252 case SIOCSIFNETMASK: /* struct ifreq */
1253 case SIOCSIFBRDADDR: /* struct ifreq */
1254 if (!privileged) {
1255 return EPERM;
1256 }
1257 OS_FALLTHROUGH;
1258 case SIOCGIFADDR: /* struct ifreq */
1259 case SIOCGIFDSTADDR: /* struct ifreq */
1260 case SIOCGIFNETMASK: /* struct ifreq */
1261 case SIOCGIFBRDADDR: /* struct ifreq */
1262 ifr = (struct ifreq *)(void *)data;
1263 SOCKADDR_COPY(&ifr->ifr_addr, &sin, sizeof(sin));
1264 sa = &sin;
1265 break;
1266 }
1267
1268 /*
1269 * Find address for this interface, if it exists.
1270 *
1271 * If an alias address was specified, find that one instead of
1272 * the first one on the interface, if possible.
1273 */
1274 VERIFY(ia == NULL);
1275 if (sa != NULL) {
1276 struct in_ifaddr *iap;
1277
1278 /*
1279 * Any failures from this point on must take into account
1280 * a non-NULL "ia" with an outstanding reference count, and
1281 * therefore requires ifa_remref. Jump to "done" label
1282 * instead of calling return if "ia" is valid.
1283 */
1284 lck_rw_lock_shared(&in_ifaddr_rwlock);
1285 TAILQ_FOREACH(iap, INADDR_HASH(sa->sin_addr.s_addr), ia_hash) {
1286 IFA_LOCK(&iap->ia_ifa);
1287 if (iap->ia_ifp == ifp &&
1288 iap->ia_addr.sin_addr.s_addr ==
1289 sa->sin_addr.s_addr) {
1290 ia = iap;
1291 ifa_addref(&iap->ia_ifa);
1292 IFA_UNLOCK(&iap->ia_ifa);
1293 break;
1294 }
1295 IFA_UNLOCK(&iap->ia_ifa);
1296 }
1297 lck_rw_done(&in_ifaddr_rwlock);
1298
1299 if (ia == NULL) {
1300 ifnet_lock_shared(ifp);
1301 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1302 iap = ifatoia(ifa);
1303 IFA_LOCK(&iap->ia_ifa);
1304 if (iap->ia_addr.sin_family == AF_INET) {
1305 ia = iap;
1306 ifa_addref(&iap->ia_ifa);
1307 IFA_UNLOCK(&iap->ia_ifa);
1308 break;
1309 }
1310 IFA_UNLOCK(&iap->ia_ifa);
1311 }
1312 ifnet_lock_done(ifp);
1313 }
1314 }
1315
1316 /*
1317 * Unlock the socket since ifnet_ioctl() may be invoked by
1318 * one of the ioctl handlers below. Socket will be re-locked
1319 * prior to returning.
1320 */
1321 if (so != NULL) {
1322 socket_unlock(so, 0);
1323 so_unlocked = TRUE;
1324 }
1325
1326 switch (cmd) {
1327 case SIOCAIFADDR: /* struct {if,in_}aliasreq */
1328 case SIOCDIFADDR: /* struct ifreq */
1329 if (cmd == SIOCAIFADDR) {
1330 SOCKADDR_COPY(&((struct in_aliasreq *)(void *)data)->
1331 ifra_addr, &addr, sizeof(addr));
1332 SOCKADDR_COPY(&((struct in_aliasreq *)(void *)data)->
1333 ifra_dstaddr, &dstaddr, sizeof(dstaddr));
1334 } else {
1335 VERIFY(cmd == SIOCDIFADDR);
1336 SOCKADDR_COPY(&((struct ifreq *)(void *)data)->ifr_addr,
1337 &addr, sizeof(addr));
1338 SOCKADDR_ZERO(&dstaddr, sizeof(dstaddr));
1339 }
1340
1341 if (addr.sin_family == AF_INET) {
1342 struct in_ifaddr *__single oia;
1343
1344 lck_rw_lock_shared(&in_ifaddr_rwlock);
1345 for (oia = ia; ia; ia = ia->ia_link.tqe_next) {
1346 IFA_LOCK(&ia->ia_ifa);
1347 if (ia->ia_ifp == ifp &&
1348 ia->ia_addr.sin_addr.s_addr ==
1349 addr.sin_addr.s_addr) {
1350 ifa_addref(&ia->ia_ifa);
1351 IFA_UNLOCK(&ia->ia_ifa);
1352 break;
1353 }
1354 IFA_UNLOCK(&ia->ia_ifa);
1355 }
1356 lck_rw_done(&in_ifaddr_rwlock);
1357 if (oia != NULL) {
1358 ifa_remref(&oia->ia_ifa);
1359 }
1360 if ((ifp->if_flags & IFF_POINTOPOINT) &&
1361 (cmd == SIOCAIFADDR) &&
1362 (dstaddr.sin_addr.s_addr == INADDR_ANY)) {
1363 error = EDESTADDRREQ;
1364 goto done;
1365 }
1366 } else if (cmd == SIOCAIFADDR) {
1367 error = EINVAL;
1368 goto done;
1369 }
1370 if (cmd == SIOCDIFADDR) {
1371 if (ia == NULL) {
1372 error = EADDRNOTAVAIL;
1373 goto done;
1374 }
1375
1376 IFA_LOCK(&ia->ia_ifa);
1377 /*
1378 * Avoid the race condition seen when two
1379 * threads process SIOCDIFADDR command
1380 * at the same time.
1381 */
1382 while (ia->ia_ifa.ifa_debug & IFD_DETACHING) {
1383 os_log(OS_LOG_DEFAULT,
1384 "Another thread is already attempting to "
1385 "delete IPv4 address: %s on interface %s. "
1386 "Go to sleep and check again after the operation is done",
1387 inet_ntoa(sa->sin_addr), ia->ia_ifp->if_xname);
1388 ia->ia_ifa.ifa_del_waiters++;
1389 (void) msleep(ia->ia_ifa.ifa_del_wc, &ia->ia_ifa.ifa_lock, (PZERO - 1),
1390 __func__, NULL);
1391 IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
1392 }
1393
1394 if ((ia->ia_ifa.ifa_debug & IFD_ATTACHED) == 0) {
1395 error = EADDRNOTAVAIL;
1396 IFA_UNLOCK(&ia->ia_ifa);
1397 goto done;
1398 }
1399
1400 ia->ia_ifa.ifa_debug |= IFD_DETACHING;
1401 IFA_UNLOCK(&ia->ia_ifa);
1402 }
1403
1404 OS_FALLTHROUGH;
1405 case SIOCSIFADDR: /* struct ifreq */
1406 case SIOCSIFDSTADDR: /* struct ifreq */
1407 case SIOCSIFNETMASK: /* struct ifreq */
1408 if (cmd == SIOCAIFADDR) {
1409 /* fell thru from above; just repeat it */
1410 SOCKADDR_COPY(&((struct in_aliasreq *)(void *)data)->
1411 ifra_addr, &addr, sizeof(addr));
1412 } else {
1413 VERIFY(cmd == SIOCDIFADDR || cmd == SIOCSIFADDR ||
1414 cmd == SIOCSIFNETMASK || cmd == SIOCSIFDSTADDR);
1415 SOCKADDR_COPY(&((struct ifreq *)(void *)data)->ifr_addr,
1416 &addr, sizeof(addr));
1417 }
1418
1419 if (addr.sin_family != AF_INET && cmd == SIOCSIFADDR) {
1420 error = EINVAL;
1421 goto done;
1422 }
1423
1424 if ((cmd == SIOCAIFADDR || cmd == SIOCSIFADDR) &&
1425 (IN_MULTICAST(ntohl(addr.sin_addr.s_addr)) ||
1426 addr.sin_addr.s_addr == INADDR_BROADCAST ||
1427 addr.sin_addr.s_addr == INADDR_ANY)) {
1428 error = EINVAL;
1429 goto done;
1430 }
1431
1432 if (ia == NULL) {
1433 ia = in_ifaddr_alloc();
1434 if (ia == NULL) {
1435 error = ENOBUFS;
1436 goto done;
1437 }
1438 ifnet_lock_exclusive(ifp);
1439 ifa = &ia->ia_ifa;
1440 IFA_LOCK(ifa);
1441 IA_HASH_INIT(ia);
1442 ifa->ifa_addr = SA(&ia->ia_addr);
1443 ifa->ifa_dstaddr = SA(&ia->ia_dstaddr);
1444 ifa->ifa_netmask = SA(&ia->ia_sockmask);
1445 ia->ia_sockmask.sin_len = offsetof(struct sockaddr_in, sin_zero);
1446 if (ifp->if_flags & IFF_BROADCAST) {
1447 ia->ia_broadaddr.sin_len = sizeof(ia->ia_addr);
1448 ia->ia_broadaddr.sin_family = AF_INET;
1449 }
1450 ia->ia_ifp = ifp;
1451 if (!(ifp->if_flags & IFF_LOOPBACK)) {
1452 in_interfaces++;
1453 }
1454 /* if_attach_ifa() holds a reference for ifa_link */
1455 if_attach_ifa(ifp, ifa);
1456 /*
1457 * If we have to go through in_ifinit(), make sure
1458 * to avoid installing route(s) based on this address
1459 * via PFC_IFUP event, before the link resolver (ARP)
1460 * initializes it.
1461 */
1462 if (cmd == SIOCAIFADDR || cmd == SIOCSIFADDR) {
1463 ifa->ifa_debug |= IFD_NOTREADY;
1464 }
1465 IFA_UNLOCK(ifa);
1466 ifnet_lock_done(ifp);
1467 lck_rw_lock_exclusive(&in_ifaddr_rwlock);
1468 /* Hold a reference for ia_link */
1469 ifa_addref(ifa);
1470 TAILQ_INSERT_TAIL(&in_ifaddrhead, ia, ia_link);
1471 lck_rw_done(&in_ifaddr_rwlock);
1472 /* discard error */
1473 (void) in_domifattach(ifp);
1474 error = 0;
1475 }
1476 break;
1477 }
1478
1479 switch (cmd) {
1480 case SIOCGIFDSTADDR: /* struct ifreq */
1481 case SIOCSIFDSTADDR: /* struct ifreq */
1482 ifr = (struct ifreq *)(void *)data;
1483 error = inctl_ifdstaddr(ifp, ia, cmd, ifr);
1484 break;
1485
1486 case SIOCGIFBRDADDR: /* struct ifreq */
1487 case SIOCSIFBRDADDR: /* struct ifreq */
1488 ifr = (struct ifreq *)(void *)data;
1489 error = inctl_ifbrdaddr(ifp, ia, cmd, ifr);
1490 break;
1491
1492 case SIOCGIFNETMASK: /* struct ifreq */
1493 case SIOCSIFNETMASK: /* struct ifreq */
1494 ifr = (struct ifreq *)(void *)data;
1495 error = inctl_ifnetmask(ifp, ia, cmd, ifr);
1496 break;
1497
1498 case SIOCGIFADDR: /* struct ifreq */
1499 case SIOCSIFADDR: /* struct ifreq */
1500 case SIOCAIFADDR: /* struct {if,in_}aliasreq */
1501 case SIOCDIFADDR: /* struct ifreq */
1502 ifr = (struct ifreq *)(void *)data;
1503 error = inctl_ifaddr(ifp, ia, cmd, ifr);
1504 break;
1505
1506 default:
1507 error = EOPNOTSUPP;
1508 break;
1509 }
1510
1511 done:
1512 if (ia != NULL) {
1513 if (cmd == SIOCDIFADDR) {
1514 IFA_LOCK(&ia->ia_ifa);
1515 ia->ia_ifa.ifa_debug &= ~IFD_DETACHING;
1516 if (ia->ia_ifa.ifa_del_waiters > 0) {
1517 ia->ia_ifa.ifa_del_waiters = 0;
1518 wakeup(ia->ia_ifa.ifa_del_wc);
1519 }
1520 IFA_UNLOCK(&ia->ia_ifa);
1521 }
1522 ifa_remref(&ia->ia_ifa);
1523 }
1524 if (so_unlocked) {
1525 socket_lock(so, 0);
1526 }
1527
1528 return error;
1529 }
1530
1531 /*
1532 * Delete any existing route for an interface.
1533 */
1534 void
in_ifscrub(struct ifnet * ifp,struct in_ifaddr * ia,int locked)1535 in_ifscrub(struct ifnet *ifp, struct in_ifaddr *ia, int locked)
1536 {
1537 IFA_LOCK(&ia->ia_ifa);
1538 if ((ia->ia_flags & IFA_ROUTE) == 0) {
1539 IFA_UNLOCK(&ia->ia_ifa);
1540 return;
1541 }
1542 IFA_UNLOCK(&ia->ia_ifa);
1543 if (!locked) {
1544 lck_mtx_lock(rnh_lock);
1545 }
1546 if (ifp->if_flags & (IFF_LOOPBACK | IFF_POINTOPOINT)) {
1547 rtinit_locked(&(ia->ia_ifa), RTM_DELETE, RTF_HOST);
1548 } else {
1549 rtinit_locked(&(ia->ia_ifa), RTM_DELETE, 0);
1550 }
1551 IFA_LOCK(&ia->ia_ifa);
1552 ia->ia_flags &= ~IFA_ROUTE;
1553 IFA_UNLOCK(&ia->ia_ifa);
1554 if (!locked) {
1555 lck_mtx_unlock(rnh_lock);
1556 }
1557 }
1558
1559 /*
1560 * Caller must hold in_ifaddr_rwlock as writer.
1561 */
1562 static void
in_iahash_remove(struct in_ifaddr * ia)1563 in_iahash_remove(struct in_ifaddr *ia)
1564 {
1565 LCK_RW_ASSERT(&in_ifaddr_rwlock, LCK_RW_ASSERT_EXCLUSIVE);
1566 IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
1567
1568 if (!IA_IS_HASHED(ia)) {
1569 panic("attempt to remove wrong ia %p from hash table", ia);
1570 /* NOTREACHED */
1571 }
1572 TAILQ_REMOVE(INADDR_HASH(ia->ia_addr.sin_addr.s_addr), ia, ia_hash);
1573 IA_HASH_INIT(ia);
1574 ifa_remref(&ia->ia_ifa);
1575 }
1576
1577 /*
1578 * Caller must hold in_ifaddr_rwlock as writer.
1579 */
1580 static void
in_iahash_insert(struct in_ifaddr * ia)1581 in_iahash_insert(struct in_ifaddr *ia)
1582 {
1583 LCK_RW_ASSERT(&in_ifaddr_rwlock, LCK_RW_ASSERT_EXCLUSIVE);
1584 IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
1585
1586 if (ia->ia_addr.sin_family != AF_INET) {
1587 panic("attempt to insert wrong ia %p into hash table", ia);
1588 /* NOTREACHED */
1589 } else if (IA_IS_HASHED(ia)) {
1590 panic("attempt to double-insert ia %p into hash table", ia);
1591 /* NOTREACHED */
1592 }
1593 TAILQ_INSERT_HEAD(INADDR_HASH(ia->ia_addr.sin_addr.s_addr),
1594 ia, ia_hash);
1595 ifa_addref(&ia->ia_ifa);
1596 }
1597
1598 /*
1599 * Some point to point interfaces that are tunnels borrow the address from
1600 * an underlying interface (e.g. VPN server). In order for source address
1601 * selection logic to find the underlying interface first, we add the address
1602 * of borrowing point to point interfaces at the end of the list.
1603 * (see rdar://6733789)
1604 *
1605 * Caller must hold in_ifaddr_rwlock as writer.
1606 */
1607 static void
in_iahash_insert_ptp(struct in_ifaddr * ia)1608 in_iahash_insert_ptp(struct in_ifaddr *ia)
1609 {
1610 struct in_ifaddr *__single tmp_ifa;
1611 struct ifnet *__single tmp_ifp;
1612
1613 LCK_RW_ASSERT(&in_ifaddr_rwlock, LCK_RW_ASSERT_EXCLUSIVE);
1614 IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
1615
1616 if (ia->ia_addr.sin_family != AF_INET) {
1617 panic("attempt to insert wrong ia %p into hash table", ia);
1618 /* NOTREACHED */
1619 } else if (IA_IS_HASHED(ia)) {
1620 panic("attempt to double-insert ia %p into hash table", ia);
1621 /* NOTREACHED */
1622 }
1623 IFA_UNLOCK(&ia->ia_ifa);
1624 TAILQ_FOREACH(tmp_ifa, INADDR_HASH(ia->ia_addr.sin_addr.s_addr),
1625 ia_hash) {
1626 IFA_LOCK(&tmp_ifa->ia_ifa);
1627 /* ia->ia_addr won't change, so check without lock */
1628 if (IA_SIN(tmp_ifa)->sin_addr.s_addr ==
1629 ia->ia_addr.sin_addr.s_addr) {
1630 IFA_UNLOCK(&tmp_ifa->ia_ifa);
1631 break;
1632 }
1633 IFA_UNLOCK(&tmp_ifa->ia_ifa);
1634 }
1635 tmp_ifp = (tmp_ifa == NULL) ? NULL : tmp_ifa->ia_ifp;
1636
1637 IFA_LOCK(&ia->ia_ifa);
1638 if (tmp_ifp == NULL) {
1639 TAILQ_INSERT_HEAD(INADDR_HASH(ia->ia_addr.sin_addr.s_addr),
1640 ia, ia_hash);
1641 } else {
1642 TAILQ_INSERT_TAIL(INADDR_HASH(ia->ia_addr.sin_addr.s_addr),
1643 ia, ia_hash);
1644 }
1645 ifa_addref(&ia->ia_ifa);
1646 }
1647
1648 /*
1649 * Initialize an interface's internet address
1650 * and routing table entry.
1651 */
1652 static int
in_ifinit(struct ifnet * ifp,struct in_ifaddr * ia,struct sockaddr_in * sin,int scrub)1653 in_ifinit(struct ifnet *ifp, struct in_ifaddr *ia, struct sockaddr_in *sin,
1654 int scrub)
1655 {
1656 u_int32_t i = ntohl(sin->sin_addr.s_addr);
1657 struct sockaddr_in oldaddr;
1658 int flags = RTF_UP, error;
1659 struct ifaddr *__single ifa0;
1660 unsigned int cmd;
1661 int oldremoved = 0;
1662
1663 /* Take an extra reference for this routine */
1664 ifa_addref(&ia->ia_ifa);
1665
1666 lck_rw_lock_exclusive(&in_ifaddr_rwlock);
1667 IFA_LOCK(&ia->ia_ifa);
1668 oldaddr = ia->ia_addr;
1669 if (IA_IS_HASHED(ia)) {
1670 oldremoved = 1;
1671 in_iahash_remove(ia);
1672 }
1673 ia->ia_addr = *sin;
1674 /*
1675 * Interface addresses should not contain port or sin_zero information.
1676 */
1677 SIN(&ia->ia_addr)->sin_family = AF_INET;
1678 SIN(&ia->ia_addr)->sin_len = sizeof(struct sockaddr_in);
1679 SIN(&ia->ia_addr)->sin_port = 0;
1680 bzero(&SIN(&ia->ia_addr)->sin_zero, sizeof(sin->sin_zero));
1681 if ((ifp->if_flags & IFF_POINTOPOINT)) {
1682 in_iahash_insert_ptp(ia);
1683 } else {
1684 in_iahash_insert(ia);
1685 }
1686 IFA_UNLOCK(&ia->ia_ifa);
1687 lck_rw_done(&in_ifaddr_rwlock);
1688
1689 /*
1690 * Give the interface a chance to initialize if this is its first
1691 * address, and to validate the address if necessary. Send down
1692 * SIOCSIFADDR for first address, and SIOCAIFADDR for alias(es).
1693 * We find the first IPV4 address assigned to it and check if this
1694 * is the same as the one passed into this routine.
1695 */
1696 ifa0 = ifa_ifpgetprimary(ifp, AF_INET);
1697 cmd = (&ia->ia_ifa == ifa0) ? SIOCSIFADDR : SIOCAIFADDR;
1698 error = ifnet_ioctl(ifp, PF_INET, cmd, ia);
1699 if (error == EOPNOTSUPP) {
1700 error = 0;
1701 }
1702 /*
1703 * If we've just sent down SIOCAIFADDR, send another ioctl down
1704 * for SIOCSIFADDR for the first IPV4 address of the interface,
1705 * because an address change on one of the addresses will result
1706 * in the removal of the previous first IPV4 address. KDP needs
1707 * be reconfigured with the current primary IPV4 address.
1708 */
1709 if (error == 0 && cmd == SIOCAIFADDR) {
1710 /*
1711 * NOTE: SIOCSIFADDR is defined with struct ifreq
1712 * as parameter, but here we are sending it down
1713 * to the interface with a pointer to struct ifaddr,
1714 * for legacy reasons.
1715 */
1716 error = ifnet_ioctl(ifp, PF_INET, SIOCSIFADDR, ifa0);
1717 if (error == EOPNOTSUPP) {
1718 error = 0;
1719 }
1720 }
1721
1722 /* Release reference from ifa_ifpgetprimary() */
1723 ifa_remref(ifa0);
1724
1725 if (error) {
1726 lck_rw_lock_exclusive(&in_ifaddr_rwlock);
1727 IFA_LOCK(&ia->ia_ifa);
1728 if (IA_IS_HASHED(ia)) {
1729 in_iahash_remove(ia);
1730 }
1731 ia->ia_addr = oldaddr;
1732 if (oldremoved) {
1733 if ((ifp->if_flags & IFF_POINTOPOINT)) {
1734 in_iahash_insert_ptp(ia);
1735 } else {
1736 in_iahash_insert(ia);
1737 }
1738 }
1739 IFA_UNLOCK(&ia->ia_ifa);
1740 lck_rw_done(&in_ifaddr_rwlock);
1741 /* Release extra reference taken above */
1742 ifa_remref(&ia->ia_ifa);
1743 return error;
1744 }
1745 lck_mtx_lock(rnh_lock);
1746 IFA_LOCK(&ia->ia_ifa);
1747 /*
1748 * Address has been initialized by the link resolver (ARP)
1749 * via ifnet_ioctl() above; it may now generate route(s).
1750 */
1751 ia->ia_ifa.ifa_debug &= ~IFD_NOTREADY;
1752 if (scrub) {
1753 ia->ia_ifa.ifa_addr = SA(&oldaddr);
1754 IFA_UNLOCK(&ia->ia_ifa);
1755 in_ifscrub(ifp, ia, 1);
1756 IFA_LOCK(&ia->ia_ifa);
1757 ia->ia_ifa.ifa_addr = SA(&ia->ia_addr);
1758 }
1759 IFA_LOCK_ASSERT_HELD(&ia->ia_ifa);
1760 if (IN_CLASSA(i)) {
1761 ia->ia_netmask = IN_CLASSA_NET;
1762 } else if (IN_CLASSB(i)) {
1763 ia->ia_netmask = IN_CLASSB_NET;
1764 } else {
1765 ia->ia_netmask = IN_CLASSC_NET;
1766 }
1767 /*
1768 * The subnet mask usually includes at least the standard network part,
1769 * but may may be smaller in the case of supernetting.
1770 * If it is set, we believe it.
1771 */
1772 if (ia->ia_subnetmask == 0) {
1773 ia->ia_subnetmask = ia->ia_netmask;
1774 ia->ia_sockmask.sin_addr.s_addr = htonl(ia->ia_subnetmask);
1775 } else {
1776 ia->ia_netmask &= ia->ia_subnetmask;
1777 }
1778 ia->ia_net = i & ia->ia_netmask;
1779 ia->ia_subnet = i & ia->ia_subnetmask;
1780 in_socktrim(&ia->ia_sockmask);
1781 /*
1782 * Add route for the network.
1783 */
1784 ia->ia_ifa.ifa_metric = ifp->if_metric;
1785 if (ifp->if_flags & IFF_BROADCAST) {
1786 ia->ia_broadaddr.sin_addr.s_addr =
1787 htonl(ia->ia_subnet | ~ia->ia_subnetmask);
1788 ia->ia_netbroadcast.s_addr =
1789 htonl(ia->ia_net | ~ia->ia_netmask);
1790 } else if (ifp->if_flags & IFF_LOOPBACK) {
1791 ia->ia_ifa.ifa_dstaddr = ia->ia_ifa.ifa_addr;
1792 flags |= RTF_HOST;
1793 } else if (ifp->if_flags & IFF_POINTOPOINT) {
1794 if (ia->ia_dstaddr.sin_family != AF_INET) {
1795 IFA_UNLOCK(&ia->ia_ifa);
1796 lck_mtx_unlock(rnh_lock);
1797 /* Release extra reference taken above */
1798 ifa_remref(&ia->ia_ifa);
1799 return 0;
1800 }
1801 ia->ia_dstaddr.sin_len = sizeof(struct sockaddr_in);
1802 flags |= RTF_HOST;
1803 }
1804 IFA_UNLOCK(&ia->ia_ifa);
1805
1806 if ((error = rtinit_locked(&(ia->ia_ifa), RTM_ADD, flags)) == 0) {
1807 IFA_LOCK(&ia->ia_ifa);
1808 ia->ia_flags |= IFA_ROUTE;
1809 IFA_UNLOCK(&ia->ia_ifa);
1810 }
1811 lck_mtx_unlock(rnh_lock);
1812
1813 /* XXX check if the subnet route points to the same interface */
1814 if (error == EEXIST) {
1815 error = 0;
1816 }
1817
1818 /*
1819 * If the interface supports multicast, join the "all hosts"
1820 * multicast group on that interface.
1821 */
1822 if (ifp->if_flags & IFF_MULTICAST) {
1823 struct in_addr addr;
1824
1825 lck_mtx_lock(&ifp->if_addrconfig_lock);
1826 addr.s_addr = htonl(INADDR_ALLHOSTS_GROUP);
1827 if (ifp->if_allhostsinm == NULL) {
1828 struct in_multi *__single inm;
1829 inm = in_addmulti(&addr, ifp);
1830
1831 if (inm != NULL) {
1832 /*
1833 * Keep the reference on inm added by
1834 * in_addmulti above for storing the
1835 * pointer in allhostsinm.
1836 */
1837 ifp->if_allhostsinm = inm;
1838 } else {
1839 printf("%s: failed to add membership to "
1840 "all-hosts multicast address on %s\n",
1841 __func__, if_name(ifp));
1842 }
1843 }
1844 lck_mtx_unlock(&ifp->if_addrconfig_lock);
1845 }
1846
1847 /* Release extra reference taken above */
1848 ifa_remref(&ia->ia_ifa);
1849
1850 if (error == 0) {
1851 /* invalidate route caches */
1852 routegenid_inet_update();
1853 }
1854
1855 return error;
1856 }
1857
1858 /*
1859 * Return TRUE if the address might be a local broadcast address.
1860 */
1861 boolean_t
in_broadcast(struct in_addr in,struct ifnet * ifp)1862 in_broadcast(struct in_addr in, struct ifnet *ifp)
1863 {
1864 struct ifaddr *__single ifa;
1865 u_int32_t t;
1866
1867 if (in.s_addr == INADDR_BROADCAST || in.s_addr == INADDR_ANY) {
1868 return TRUE;
1869 }
1870 if (!(ifp->if_flags & IFF_BROADCAST)) {
1871 return FALSE;
1872 }
1873 t = ntohl(in.s_addr);
1874
1875 /*
1876 * Look through the list of addresses for a match
1877 * with a broadcast address.
1878 */
1879 ifnet_lock_shared(ifp);
1880 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1881 struct in_ifaddr *ia = ifatoia(ifa);
1882 IFA_LOCK(ifa);
1883 if (ifa->ifa_addr->sa_family == AF_INET &&
1884 (in.s_addr == ia->ia_broadaddr.sin_addr.s_addr ||
1885 in.s_addr == ia->ia_netbroadcast.s_addr ||
1886 /*
1887 * Check for old-style (host 0) broadcast.
1888 */
1889 t == ia->ia_subnet || t == ia->ia_net) &&
1890 /*
1891 * Check for an all one subnetmask. These
1892 * only exist when an interface gets a secondary
1893 * address.
1894 */
1895 ia->ia_subnetmask != (u_int32_t)0xffffffff) {
1896 IFA_UNLOCK(ifa);
1897 ifnet_lock_done(ifp);
1898 return TRUE;
1899 }
1900 IFA_UNLOCK(ifa);
1901 }
1902 ifnet_lock_done(ifp);
1903 return FALSE;
1904 #undef ia
1905 }
1906
1907 void
in_purgeaddrs(struct ifnet * ifp)1908 in_purgeaddrs(struct ifnet *ifp)
1909 {
1910 uint16_t addresses_count = 0;
1911 struct ifaddr **__counted_by(addresses_count) ifap = NULL;
1912 int err, i;
1913
1914 VERIFY(ifp != NULL);
1915
1916 /*
1917 * Be nice, and try the civilized way first. If we can't get
1918 * rid of them this way, then do it the rough way. We must
1919 * only get here during detach time, after the ifnet has been
1920 * removed from the global list and arrays.
1921 */
1922 err = ifnet_get_address_list_family_internal(ifp, &ifap, &addresses_count,
1923 AF_INET, 1, M_WAITOK, 0);
1924 if (err == 0 && ifap != NULL) {
1925 struct ifreq ifr;
1926
1927 bzero(&ifr, sizeof(ifr));
1928 (void) snprintf(ifr.ifr_name, sizeof(ifr.ifr_name),
1929 "%s", if_name(ifp));
1930
1931 for (i = 0; ifap[i] != NULL; i++) {
1932 struct ifaddr *__single ifa;
1933
1934 ifa = ifap[i];
1935 IFA_LOCK(ifa);
1936 SOCKADDR_COPY(ifa->ifa_addr, &ifr.ifr_addr,
1937 sizeof(struct sockaddr_in));
1938 IFA_UNLOCK(ifa);
1939 err = in_control(NULL, SIOCDIFADDR, (caddr_t)&ifr, ifp,
1940 kernproc);
1941 /* if we lost the race, ignore it */
1942 if (err == EADDRNOTAVAIL) {
1943 err = 0;
1944 }
1945 if (err != 0) {
1946 char s_addr[MAX_IPv4_STR_LEN];
1947 char s_dstaddr[MAX_IPv4_STR_LEN];
1948 struct in_addr *__single s, *d;
1949
1950 IFA_LOCK(ifa);
1951 s = &SIN(ifa->ifa_addr)->sin_addr;
1952 d = &SIN(ifa->ifa_dstaddr)->sin_addr;
1953 (void) inet_ntop(AF_INET, &s->s_addr, s_addr,
1954 sizeof(s_addr));
1955 (void) inet_ntop(AF_INET, &d->s_addr, s_dstaddr,
1956 sizeof(s_dstaddr));
1957 IFA_UNLOCK(ifa);
1958
1959 printf("%s: SIOCDIFADDR ifp=%s ifa_addr=%s "
1960 "ifa_dstaddr=%s (err=%d)\n", __func__,
1961 ifp->if_xname, s_addr, s_dstaddr, err);
1962 }
1963 }
1964 ifnet_address_list_free_counted_by(ifap, addresses_count);
1965 } else if (err != 0 && err != ENXIO) {
1966 printf("%s: error retrieving list of AF_INET addresses for "
1967 "ifp=%s (err=%d)\n", __func__, ifp->if_xname, err);
1968 }
1969 }
1970
1971 static struct in_ifaddr *
in_ifaddr_alloc(void)1972 in_ifaddr_alloc(void)
1973 {
1974 struct in_ifaddr *__single inifa;
1975
1976 inifa = kalloc_type(struct in_ifaddr, Z_ZERO | Z_WAITOK);
1977 if (inifa == NULL) {
1978 return NULL;
1979 }
1980
1981 inifa->ia_ifa.ifa_free = in_ifaddr_free;
1982 inifa->ia_ifa.ifa_debug |= IFD_ALLOC;
1983 inifa->ia_ifa.ifa_del_wc = &inifa->ia_ifa.ifa_debug;
1984 inifa->ia_ifa.ifa_del_waiters = 0;
1985 ifa_lock_init(&inifa->ia_ifa);
1986 ifa_initref(&inifa->ia_ifa);
1987
1988 return inifa;
1989 }
1990
1991 static void
in_ifaddr_free(struct ifaddr * ifa)1992 in_ifaddr_free(struct ifaddr *ifa)
1993 {
1994 struct in_ifaddr *__single inifa = ifatoia(ifa);
1995
1996 IFA_LOCK_ASSERT_HELD(ifa);
1997
1998 if (__improbable(!(ifa->ifa_debug & IFD_ALLOC))) {
1999 panic("%s: ifa %p cannot be freed", __func__, ifa);
2000 /* NOTREACHED */
2001 }
2002 IFA_UNLOCK(ifa);
2003 ifa_lock_destroy(ifa);
2004
2005 kfree_type(struct in_ifaddr, inifa);
2006 }
2007
2008 /*
2009 * Handle SIOCGASSOCIDS ioctl for PF_INET domain.
2010 */
2011 static int
in_getassocids(struct socket * so,uint32_t * cnt,user_addr_t aidp)2012 in_getassocids(struct socket *so, uint32_t *cnt, user_addr_t aidp)
2013 {
2014 struct inpcb *__single inp = sotoinpcb(so);
2015 sae_associd_t aid;
2016
2017 if (inp == NULL || inp->inp_state == INPCB_STATE_DEAD) {
2018 return EINVAL;
2019 }
2020
2021 /* INPCB has no concept of association */
2022 aid = SAE_ASSOCID_ANY;
2023 *cnt = 0;
2024
2025 /* just asking how many there are? */
2026 if (aidp == USER_ADDR_NULL) {
2027 return 0;
2028 }
2029
2030 return copyout(&aid, aidp, sizeof(aid));
2031 }
2032
2033 /*
2034 * Handle SIOCGCONNIDS ioctl for PF_INET domain.
2035 */
2036 static int
in_getconnids(struct socket * so,sae_associd_t aid,uint32_t * cnt,user_addr_t cidp)2037 in_getconnids(struct socket *so, sae_associd_t aid, uint32_t *cnt,
2038 user_addr_t cidp)
2039 {
2040 struct inpcb *__single inp = sotoinpcb(so);
2041 sae_connid_t cid;
2042
2043 if (inp == NULL || inp->inp_state == INPCB_STATE_DEAD) {
2044 return EINVAL;
2045 }
2046
2047 if (aid != SAE_ASSOCID_ANY && aid != SAE_ASSOCID_ALL) {
2048 return EINVAL;
2049 }
2050
2051 /* if connected, return 1 connection count */
2052 *cnt = ((so->so_state & SS_ISCONNECTED) ? 1 : 0);
2053
2054 /* just asking how many there are? */
2055 if (cidp == USER_ADDR_NULL) {
2056 return 0;
2057 }
2058
2059 /* if INPCB is connected, assign it connid 1 */
2060 cid = ((*cnt != 0) ? 1 : SAE_CONNID_ANY);
2061
2062 return copyout(&cid, cidp, sizeof(cid));
2063 }
2064
2065 /*
2066 * Handle SIOCGCONNINFO ioctl for PF_INET domain.
2067 */
2068 int
in_getconninfo(struct socket * so,sae_connid_t cid,uint32_t * flags,uint32_t * ifindex,int32_t * soerror,user_addr_t src,socklen_t * src_len,user_addr_t dst,socklen_t * dst_len,uint32_t * aux_type,user_addr_t aux_data,uint32_t * aux_len)2069 in_getconninfo(struct socket *so, sae_connid_t cid, uint32_t *flags,
2070 uint32_t *ifindex, int32_t *soerror, user_addr_t src, socklen_t *src_len,
2071 user_addr_t dst, socklen_t *dst_len, uint32_t *aux_type,
2072 user_addr_t aux_data, uint32_t *aux_len)
2073 {
2074 struct inpcb *__single inp = sotoinpcb(so);
2075 struct sockaddr_in sin;
2076 struct ifnet *__single ifp = NULL;
2077 int error = 0;
2078 u_int32_t copy_len = 0;
2079
2080 /*
2081 * Don't test for INPCB_STATE_DEAD since this may be called
2082 * after SOF_PCBCLEARING is set, e.g. after tcp_close().
2083 */
2084 if (inp == NULL) {
2085 error = EINVAL;
2086 goto out;
2087 }
2088
2089 if (cid != SAE_CONNID_ANY && cid != SAE_CONNID_ALL && cid != 1) {
2090 error = EINVAL;
2091 goto out;
2092 }
2093
2094 ifp = inp->inp_last_outifp;
2095 *ifindex = ((ifp != NULL) ? ifp->if_index : 0);
2096 *soerror = so->so_error;
2097 *flags = 0;
2098 if (so->so_state & SS_ISCONNECTED) {
2099 *flags |= (CIF_CONNECTED | CIF_PREFERRED);
2100 }
2101 if (inp->inp_flags & INP_BOUND_IF) {
2102 *flags |= CIF_BOUND_IF;
2103 }
2104 if (!(inp->inp_flags & INP_INADDR_ANY)) {
2105 *flags |= CIF_BOUND_IP;
2106 }
2107 if (!(inp->inp_flags & INP_ANONPORT)) {
2108 *flags |= CIF_BOUND_PORT;
2109 }
2110
2111 SOCKADDR_ZERO(&sin, sizeof(sin));
2112 sin.sin_len = sizeof(sin);
2113 sin.sin_family = AF_INET;
2114
2115 /* source address and port */
2116 sin.sin_port = inp->inp_lport;
2117 sin.sin_addr.s_addr = inp->inp_laddr.s_addr;
2118 if (*src_len == 0) {
2119 *src_len = sin.sin_len;
2120 } else {
2121 if (src != USER_ADDR_NULL) {
2122 copy_len = min(*src_len, sizeof(sin));
2123 error = copyout(&sin, src, copy_len);
2124 if (error != 0) {
2125 goto out;
2126 }
2127 *src_len = copy_len;
2128 }
2129 }
2130
2131 /* destination address and port */
2132 sin.sin_port = inp->inp_fport;
2133 sin.sin_addr.s_addr = inp->inp_faddr.s_addr;
2134 if (*dst_len == 0) {
2135 *dst_len = sin.sin_len;
2136 } else {
2137 if (dst != USER_ADDR_NULL) {
2138 copy_len = min(*dst_len, sizeof(sin));
2139 error = copyout(&sin, dst, copy_len);
2140 if (error != 0) {
2141 goto out;
2142 }
2143 *dst_len = copy_len;
2144 }
2145 }
2146
2147 if (SOCK_PROTO(so) == IPPROTO_TCP) {
2148 struct conninfo_tcp tcp_ci;
2149
2150 *aux_type = CIAUX_TCP;
2151 if (*aux_len == 0) {
2152 *aux_len = sizeof(tcp_ci);
2153 } else {
2154 if (aux_data != USER_ADDR_NULL) {
2155 copy_len = min(*aux_len, sizeof(tcp_ci));
2156 bzero(&tcp_ci, sizeof(tcp_ci));
2157 tcp_getconninfo(so, &tcp_ci);
2158 error = copyout(&tcp_ci, aux_data, copy_len);
2159 if (error != 0) {
2160 goto out;
2161 }
2162 *aux_len = copy_len;
2163 }
2164 }
2165 } else {
2166 *aux_type = 0;
2167 *aux_len = 0;
2168 }
2169
2170 out:
2171 return error;
2172 }
2173
2174 struct in_ifaddr*
inifa_ifpwithflag(struct ifnet * ifp,uint32_t flag)2175 inifa_ifpwithflag(struct ifnet * ifp, uint32_t flag)
2176 {
2177 struct ifaddr *__single ifa;
2178
2179 ifnet_lock_shared(ifp);
2180 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_link)
2181 {
2182 IFA_LOCK_SPIN(ifa);
2183 if (ifa->ifa_addr->sa_family != AF_INET) {
2184 IFA_UNLOCK(ifa);
2185 continue;
2186 }
2187 if (((ifatoia(ifa))->ia_flags & flag) == flag) {
2188 ifa_addref(ifa);
2189 IFA_UNLOCK(ifa);
2190 break;
2191 }
2192 IFA_UNLOCK(ifa);
2193 }
2194 ifnet_lock_done(ifp);
2195
2196 return ifatoia(ifa);
2197 }
2198
2199 struct in_ifaddr *
inifa_ifpclatv4(struct ifnet * ifp)2200 inifa_ifpclatv4(struct ifnet * ifp)
2201 {
2202 struct ifaddr *__single ifa;
2203
2204 ifnet_lock_shared(ifp);
2205 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_link)
2206 {
2207 uint32_t addr = 0;
2208 IFA_LOCK_SPIN(ifa);
2209 if (ifa->ifa_addr->sa_family != AF_INET) {
2210 IFA_UNLOCK(ifa);
2211 continue;
2212 }
2213
2214 addr = ntohl(SIN(ifa->ifa_addr)->sin_addr.s_addr);
2215 if (!IN_LINKLOCAL(addr) &&
2216 !IN_LOOPBACK(addr)) {
2217 ifa_addref(ifa);
2218 IFA_UNLOCK(ifa);
2219 break;
2220 }
2221 IFA_UNLOCK(ifa);
2222 }
2223 ifnet_lock_done(ifp);
2224
2225 return ifatoia(ifa);
2226 }
2227
2228 /*
2229 * IPPROTO_xxx.
2230 *
2231 * The switch statement below does nothing at runtime, as it serves as a
2232 * compile time check to ensure that all of the IPPROTO_xxx constants are
2233 * unique. This works as long as this routine gets updated each time a
2234 * new IPPROTO_xxx constant gets added.
2235 *
2236 * Any failures at compile time indicates duplicated IPPROTO_xxx values.
2237 */
2238 static __attribute__((unused)) void
ipproto_cassert(void)2239 ipproto_cassert(void)
2240 {
2241 /*
2242 * This is equivalent to _CASSERT() and the compiler wouldn't
2243 * generate any instructions, thus for compile time only.
2244 */
2245 switch ((u_int16_t)0) {
2246 /* bsd/netinet/in.h */
2247 case IPPROTO_IP:
2248 // case IPPROTO_HOPOPTS: // same value as IPPROTO_IP
2249 case IPPROTO_ICMP:
2250 case IPPROTO_IGMP:
2251 case IPPROTO_GGP:
2252 case IPPROTO_IPV4:
2253 // #define IPPROTO_IPIP IPPROTO_IPV4
2254 case IPPROTO_TCP:
2255 case IPPROTO_ST:
2256 case IPPROTO_EGP:
2257 case IPPROTO_PIGP:
2258 case IPPROTO_RCCMON:
2259 case IPPROTO_NVPII:
2260 case IPPROTO_PUP:
2261 case IPPROTO_ARGUS:
2262 case IPPROTO_EMCON:
2263 case IPPROTO_XNET:
2264 case IPPROTO_CHAOS:
2265 case IPPROTO_UDP:
2266 case IPPROTO_MUX:
2267 case IPPROTO_MEAS:
2268 case IPPROTO_HMP:
2269 case IPPROTO_PRM:
2270 case IPPROTO_IDP:
2271 case IPPROTO_TRUNK1:
2272 case IPPROTO_TRUNK2:
2273 case IPPROTO_LEAF1:
2274 case IPPROTO_LEAF2:
2275 case IPPROTO_RDP:
2276 case IPPROTO_IRTP:
2277 case IPPROTO_TP:
2278 case IPPROTO_BLT:
2279 case IPPROTO_NSP:
2280 case IPPROTO_INP:
2281 case IPPROTO_SEP:
2282 case IPPROTO_3PC:
2283 case IPPROTO_IDPR:
2284 case IPPROTO_XTP:
2285 case IPPROTO_DDP:
2286 case IPPROTO_CMTP:
2287 case IPPROTO_TPXX:
2288 case IPPROTO_IL:
2289 case IPPROTO_IPV6:
2290 case IPPROTO_SDRP:
2291 case IPPROTO_ROUTING:
2292 case IPPROTO_FRAGMENT:
2293 case IPPROTO_IDRP:
2294 case IPPROTO_RSVP:
2295 case IPPROTO_GRE:
2296 case IPPROTO_MHRP:
2297 case IPPROTO_BHA:
2298 case IPPROTO_ESP:
2299 case IPPROTO_AH:
2300 case IPPROTO_INLSP:
2301 case IPPROTO_SWIPE:
2302 case IPPROTO_NHRP:
2303 case IPPROTO_ICMPV6:
2304 case IPPROTO_NONE:
2305 case IPPROTO_DSTOPTS:
2306 case IPPROTO_AHIP:
2307 case IPPROTO_CFTP:
2308 case IPPROTO_HELLO:
2309 case IPPROTO_SATEXPAK:
2310 case IPPROTO_KRYPTOLAN:
2311 case IPPROTO_RVD:
2312 case IPPROTO_IPPC:
2313 case IPPROTO_ADFS:
2314 case IPPROTO_SATMON:
2315 case IPPROTO_VISA:
2316 case IPPROTO_IPCV:
2317 case IPPROTO_CPNX:
2318 case IPPROTO_CPHB:
2319 case IPPROTO_WSN:
2320 case IPPROTO_PVP:
2321 case IPPROTO_BRSATMON:
2322 case IPPROTO_ND:
2323 case IPPROTO_WBMON:
2324 case IPPROTO_WBEXPAK:
2325 case IPPROTO_EON:
2326 case IPPROTO_VMTP:
2327 case IPPROTO_SVMTP:
2328 case IPPROTO_VINES:
2329 case IPPROTO_TTP:
2330 case IPPROTO_IGP:
2331 case IPPROTO_DGP:
2332 case IPPROTO_TCF:
2333 case IPPROTO_IGRP:
2334 case IPPROTO_OSPFIGP:
2335 case IPPROTO_SRPC:
2336 case IPPROTO_LARP:
2337 case IPPROTO_MTP:
2338 case IPPROTO_AX25:
2339 case IPPROTO_IPEIP:
2340 case IPPROTO_MICP:
2341 case IPPROTO_SCCSP:
2342 case IPPROTO_ETHERIP:
2343 case IPPROTO_ENCAP:
2344 case IPPROTO_APES:
2345 case IPPROTO_GMTP:
2346 case IPPROTO_PIM:
2347 case IPPROTO_IPCOMP:
2348 case IPPROTO_PGM:
2349 case IPPROTO_SCTP:
2350 case IPPROTO_DIVERT:
2351 case IPPROTO_RAW:
2352 case IPPROTO_MAX:
2353 case IPPROTO_DONE:
2354
2355 /* bsd/netinet/in_private.h */
2356 case IPPROTO_QUIC:
2357 ;
2358 }
2359 }
2360
2361 static __attribute__((unused)) void
ipsockopt_cassert(void)2362 ipsockopt_cassert(void)
2363 {
2364 switch ((int)0) {
2365 case 0:
2366
2367 /* bsd/netinet/in.h */
2368 case IP_OPTIONS:
2369 case IP_HDRINCL:
2370 case IP_TOS:
2371 case IP_TTL:
2372 case IP_RECVOPTS:
2373 case IP_RECVRETOPTS:
2374 case IP_RECVDSTADDR:
2375 case IP_RETOPTS:
2376 case IP_MULTICAST_IF:
2377 case IP_MULTICAST_TTL:
2378 case IP_MULTICAST_LOOP:
2379 case IP_ADD_MEMBERSHIP:
2380 case IP_DROP_MEMBERSHIP:
2381 case IP_MULTICAST_VIF:
2382 case IP_RSVP_ON:
2383 case IP_RSVP_OFF:
2384 case IP_RSVP_VIF_ON:
2385 case IP_RSVP_VIF_OFF:
2386 case IP_PORTRANGE:
2387 case IP_RECVIF:
2388 case IP_IPSEC_POLICY:
2389 case IP_FAITH:
2390 #ifdef __APPLE__
2391 case IP_STRIPHDR:
2392 #endif
2393 case IP_RECVTTL:
2394 case IP_BOUND_IF:
2395 case IP_PKTINFO:
2396 // #define IP_RECVPKTINFO IP_PKTINFO
2397 case IP_RECVTOS:
2398 case IP_DONTFRAG:
2399 case IP_FW_ADD:
2400 case IP_FW_DEL:
2401 case IP_FW_FLUSH:
2402 case IP_FW_ZERO:
2403 case IP_FW_GET:
2404 case IP_FW_RESETLOG:
2405 case IP_OLD_FW_ADD:
2406 case IP_OLD_FW_DEL:
2407 case IP_OLD_FW_FLUSH:
2408 case IP_OLD_FW_ZERO:
2409 case IP_OLD_FW_GET:
2410 case IP_NAT__XXX:
2411 case IP_OLD_FW_RESETLOG:
2412 case IP_DUMMYNET_CONFIGURE:
2413 case IP_DUMMYNET_DEL:
2414 case IP_DUMMYNET_FLUSH:
2415 case IP_DUMMYNET_GET:
2416 case IP_TRAFFIC_MGT_BACKGROUND:
2417 case IP_MULTICAST_IFINDEX:
2418 case IP_ADD_SOURCE_MEMBERSHIP:
2419 case IP_DROP_SOURCE_MEMBERSHIP:
2420 case IP_BLOCK_SOURCE:
2421 case IP_UNBLOCK_SOURCE:
2422 case IP_MSFILTER:
2423 case MCAST_JOIN_GROUP:
2424 case MCAST_LEAVE_GROUP:
2425 case MCAST_JOIN_SOURCE_GROUP:
2426 case MCAST_LEAVE_SOURCE_GROUP:
2427 case MCAST_BLOCK_SOURCE:
2428 case MCAST_UNBLOCK_SOURCE:
2429
2430 /* bsd/netinet/in_private.h */
2431 case IP_NO_IFT_CELLULAR:
2432 // #define IP_NO_IFT_PDP IP_NO_IFT_CELLULAR /* deprecated */
2433 case IP_OUT_IF:
2434 ;
2435 }
2436 }
2437