1
/*-
2
 * SPDX-License-Identifier: BSD-3-Clause
3
 *
4
 * Copyright (c) 1982, 1986, 1991, 1993
5
 *	The Regents of the University of California.  All rights reserved.
6
 * Copyright (C) 2001 WIDE Project.  All rights reserved.
7
 *
8
 * Redistribution and use in source and binary forms, with or without
9
 * modification, are permitted provided that the following conditions
10
 * are met:
11
 * 1. Redistributions of source code must retain the above copyright
12
 *    notice, this list of conditions and the following disclaimer.
13
 * 2. Redistributions in binary form must reproduce the above copyright
14
 *    notice, this list of conditions and the following disclaimer in the
15
 *    documentation and/or other materials provided with the distribution.
16
 * 3. Neither the name of the University nor the names of its contributors
17
 *    may be used to endorse or promote products derived from this software
18
 *    without specific prior written permission.
19
 *
20
 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30
 * SUCH DAMAGE.
31
 */
32

33
#include <sys/cdefs.h>
34
#include "opt_inet.h"
35

36
#define IN_HISTORICAL_NETS		/* include class masks */
37

38
#include <sys/param.h>
39
#include <sys/eventhandler.h>
40
#include <sys/systm.h>
41
#include <sys/sockio.h>
42
#include <sys/malloc.h>
43
#include <sys/priv.h>
44
#include <sys/socket.h>
45
#include <sys/jail.h>
46
#include <sys/kernel.h>
47
#include <sys/lock.h>
48
#include <sys/proc.h>
49
#include <sys/sysctl.h>
50
#include <sys/syslog.h>
51
#include <sys/sx.h>
52

53
#include <net/if.h>
54
#include <net/if_var.h>
55
#include <net/if_arp.h>
56
#include <net/if_dl.h>
57
#include <net/if_llatbl.h>
58
#include <net/if_private.h>
59
#include <net/if_types.h>
60
#include <net/if_bridgevar.h>
61
#include <net/route.h>
62
#include <net/route/nhop.h>
63
#include <net/route/route_ctl.h>
64
#include <net/vnet.h>
65

66
#include <netinet/if_ether.h>
67
#include <netinet/in.h>
68
#include <netinet/in_fib.h>
69
#include <netinet/in_var.h>
70
#include <netinet/in_pcb.h>
71
#include <netinet/ip_var.h>
72
#include <netinet/ip_carp.h>
73
#include <netinet/igmp_var.h>
74
#include <netinet/udp.h>
75
#include <netinet/udp_var.h>
76

77
#ifdef MAC
78
#include <security/mac/mac_framework.h>
79
#endif
80

81
static int in_aifaddr_ioctl(u_long, caddr_t, struct ifnet *, struct ucred *);
82
static int in_difaddr_ioctl(u_long, caddr_t, struct ifnet *, struct ucred *);
83
static int in_gifaddr_ioctl(u_long, caddr_t, struct ifnet *, struct ucred *);
84

85
static void	in_socktrim(struct sockaddr_in *);
86
static void	in_purgemaddrs(struct ifnet *);
87

88
static bool	ia_need_loopback_route(const struct in_ifaddr *);
89

90
VNET_DEFINE_STATIC(int, nosameprefix);
91
#define	V_nosameprefix			VNET(nosameprefix)
92
SYSCTL_INT(_net_inet_ip, OID_AUTO, no_same_prefix, CTLFLAG_VNET | CTLFLAG_RW,
93
	&VNET_NAME(nosameprefix), 0,
94
	"Refuse to create same prefixes on different interfaces");
95

96
VNET_DEFINE_STATIC(bool, broadcast_lowest);
97
#define	V_broadcast_lowest		VNET(broadcast_lowest)
98
SYSCTL_BOOL(_net_inet_ip, OID_AUTO, broadcast_lowest, CTLFLAG_VNET | CTLFLAG_RW,
99
	&VNET_NAME(broadcast_lowest), 0,
100
	"Treat lowest address on a subnet (host 0) as broadcast");
101

102
VNET_DEFINE(bool, ip_allow_net240) = false;
103
#define	V_ip_allow_net240		VNET(ip_allow_net240)
104
SYSCTL_BOOL(_net_inet_ip, OID_AUTO, allow_net240,
105
	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip_allow_net240), 0,
106
	"Allow forwarding of and ICMP response to Experimental addresses, aka Class E (240/4)");
107
/* see https://datatracker.ietf.org/doc/draft-schoen-intarea-unicast-240 */
108

109
VNET_DEFINE(bool, ip_allow_net0) = false;
110
SYSCTL_BOOL(_net_inet_ip, OID_AUTO, allow_net0,
111
	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip_allow_net0), 0,
112
	"Allow forwarding of and ICMP response to addresses in network 0/8");
113
/* see https://datatracker.ietf.org/doc/draft-schoen-intarea-unicast-0 */
114

115
VNET_DEFINE(uint32_t, in_loopback_mask) = IN_LOOPBACK_MASK_DFLT;
116
#define	V_in_loopback_mask	VNET(in_loopback_mask)
117
static int sysctl_loopback_prefixlen(SYSCTL_HANDLER_ARGS);
118
SYSCTL_PROC(_net_inet_ip, OID_AUTO, loopback_prefixlen,
119
	CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW,
120
	NULL, 0, sysctl_loopback_prefixlen, "I",
121
	"Prefix length of address space reserved for loopback");
122
/* see https://datatracker.ietf.org/doc/draft-schoen-intarea-unicast-127 */
123

124
VNET_DECLARE(struct inpcbinfo, ripcbinfo);
125
#define	V_ripcbinfo			VNET(ripcbinfo)
126

127
static struct sx in_control_sx;
128
SX_SYSINIT(in_control_sx, &in_control_sx, "in_control");
129

130
/*
131
 * Return true if an internet address is for a ``local'' host
132
 * (one to which we have a connection).
133
 */
134
bool
135
in_localaddr(struct in_addr in)
136
{
137
	u_long i = ntohl(in.s_addr);
138
	struct in_ifaddr *ia;
139

140
	NET_EPOCH_ASSERT();
141

142
	CK_STAILQ_FOREACH(ia, &V_in_ifaddrhead, ia_link) {
143
		if ((i & ia->ia_subnetmask) == ia->ia_subnet)
144
			return (true);
145
	}
146

147
	return (false);
148
}
149

150
/*
151
 * Return true if an internet address is for the local host and configured
152
 * on one of its interfaces.
153
 */
154
bool
155
in_localip(struct in_addr in)
156
{
157
	struct in_ifaddr *ia;
158

159
	NET_EPOCH_ASSERT();
160

161
	CK_LIST_FOREACH(ia, INADDR_HASH(in.s_addr), ia_hash)
162
		if (IA_SIN(ia)->sin_addr.s_addr == in.s_addr)
163
			return (true);
164

165
	return (false);
166
}
167

168
/*
169
 * Like in_localip(), but FIB-aware and carp(4)-aware.
170
 */
171
bool
172
in_localip_fib(struct in_addr in, uint16_t fib)
173
{
174
	struct in_ifaddr *ia;
175

176
	NET_EPOCH_ASSERT();
177

178
	CK_LIST_FOREACH(ia, INADDR_HASH(in.s_addr), ia_hash)
179
		if (IA_SIN(ia)->sin_addr.s_addr == in.s_addr &&
180
		    (ia->ia_ifa.ifa_carp == NULL ||
181
		    carp_master_p(&ia->ia_ifa)) &&
182
		    ia->ia_ifa.ifa_ifp->if_fib == fib)
183
			return (true);
184

185
	return (false);
186
}
187

188
/*
189
 * Return true if an internet address is configured on an interface.
190
 */
191
bool
192
in_ifhasaddr(struct ifnet *ifp, struct in_addr in)
193
{
194
	struct ifaddr *ifa;
195
	struct in_ifaddr *ia;
196

197
	NET_EPOCH_ASSERT();
198

199
	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
200
		if (ifa->ifa_addr->sa_family != AF_INET)
201
			continue;
202
		ia = (struct in_ifaddr *)ifa;
203
		if (ia->ia_addr.sin_addr.s_addr == in.s_addr)
204
			return (true);
205
	}
206

207
	return (false);
208
}
209

210
/*
211
 * Return a reference to the interface address which is different to
212
 * the supplied one but with same IP address value.
213
 */
214
static struct in_ifaddr *
215
in_localip_more(struct in_ifaddr *original_ia)
216
{
217
	struct epoch_tracker et;
218
	in_addr_t original_addr = IA_SIN(original_ia)->sin_addr.s_addr;
219
	uint32_t original_fib = original_ia->ia_ifa.ifa_ifp->if_fib;
220
	struct in_ifaddr *ia;
221

222
	NET_EPOCH_ENTER(et);
223
	CK_LIST_FOREACH(ia, INADDR_HASH(original_addr), ia_hash) {
224
		in_addr_t addr = IA_SIN(ia)->sin_addr.s_addr;
225
		uint32_t fib = ia->ia_ifa.ifa_ifp->if_fib;
226
		if (!V_rt_add_addr_allfibs && (original_fib != fib))
227
			continue;
228
		if ((original_ia != ia) && (original_addr == addr)) {
229
			ifa_ref(&ia->ia_ifa);
230
			NET_EPOCH_EXIT(et);
231
			return (ia);
232
		}
233
	}
234
	NET_EPOCH_EXIT(et);
235

236
	return (NULL);
237
}
238

239
/*
240
 * Tries to find first IPv4 address in the provided fib.
241
 * Prefers non-loopback addresses and return loopback IFF
242
 * @loopback_ok is set.
243
 *
244
 * Returns ifa or NULL.
245
 */
246
struct in_ifaddr *
247
in_findlocal(uint32_t fibnum, bool loopback_ok)
248
{
249
	struct in_ifaddr *ia = NULL, *ia_lo = NULL;
250

251
	NET_EPOCH_ASSERT();
252

253
	CK_STAILQ_FOREACH(ia, &V_in_ifaddrhead, ia_link) {
254
		uint32_t ia_fib = ia->ia_ifa.ifa_ifp->if_fib;
255
		if (!V_rt_add_addr_allfibs && (fibnum != ia_fib))
256
			continue;
257

258
		if (!IN_LOOPBACK(ntohl(IA_SIN(ia)->sin_addr.s_addr)))
259
			break;
260
		if (loopback_ok)
261
			ia_lo = ia;
262
	}
263

264
	if (ia == NULL)
265
		ia = ia_lo;
266

267
	return (ia);
268
}
269

270
/*
271
 * Determine whether an IP address is in a reserved set of addresses
272
 * that may not be forwarded, or whether datagrams to that destination
273
 * may be forwarded.
274
 */
275
bool
276
in_canforward(struct in_addr in)
277
{
278
	u_long i = ntohl(in.s_addr);
279

280
	if (IN_MULTICAST(i) || IN_LINKLOCAL(i) || IN_LOOPBACK(i) ||
281
	    in_nullhost(in))
282
		return (false);
283
	if (IN_EXPERIMENTAL(i) && !V_ip_allow_net240)
284
		return (false);
285
	if (IN_ZERONET(i) && !V_ip_allow_net0)
286
		return (false);
287
	return (true);
288
}
289

290
/*
291
 * Sysctl to manage prefix of reserved loopback network; translate
292
 * to/from mask.  The mask is always contiguous high-order 1 bits
293
 * followed by all 0 bits.
294
 */
295
static int
296
sysctl_loopback_prefixlen(SYSCTL_HANDLER_ARGS)
297
{
298
	int error, preflen;
299

300
	/* ffs is 1-based; compensate. */
301
	preflen = 33 - ffs(V_in_loopback_mask);
302
	error = sysctl_handle_int(oidp, &preflen, 0, req);
303
	if (error || !req->newptr)
304
		return (error);
305
	if (preflen < 8 || preflen > 31)
306
		return (EINVAL);
307
	V_in_loopback_mask = 0xffffffff << (32 - preflen);
308
	return (0);
309
}
310

311
/*
312
 * Trim a mask in a sockaddr
313
 */
314
static void
315
in_socktrim(struct sockaddr_in *ap)
316
{
317
    char *cplim = (char *) &ap->sin_addr;
318
    char *cp = (char *) (&ap->sin_addr + 1);
319

320
    ap->sin_len = 0;
321
    while (--cp >= cplim)
322
	if (*cp) {
323
	    (ap)->sin_len = cp - (char *) (ap) + 1;
324
	    break;
325
	}
326
}
327

328
/*
329
 * Generic internet control operations (ioctl's).
330
 */
331
int
332
in_control_ioctl(u_long cmd, void *data, struct ifnet *ifp,
333
    struct ucred *cred)
334
{
335
	struct ifreq *ifr = (struct ifreq *)data;
336
	struct sockaddr_in *addr = (struct sockaddr_in *)&ifr->ifr_addr;
337
	struct epoch_tracker et;
338
	struct ifaddr *ifa;
339
	struct in_ifaddr *ia;
340
	int error;
341

342
	if (ifp == NULL)
343
		return (EADDRNOTAVAIL);
344

345
	/*
346
	 * Filter out 4 ioctls we implement directly.  Forward the rest
347
	 * to specific functions and ifp->if_ioctl().
348
	 */
349
	switch (cmd) {
350
	case SIOCGIFADDR:
351
	case SIOCGIFBRDADDR:
352
	case SIOCGIFDSTADDR:
353
	case SIOCGIFNETMASK:
354
		break;
355
	case SIOCGIFALIAS:
356
		sx_xlock(&in_control_sx);
357
		error = in_gifaddr_ioctl(cmd, data, ifp, cred);
358
		sx_xunlock(&in_control_sx);
359
		return (error);
360
	case SIOCDIFADDR:
361
		sx_xlock(&in_control_sx);
362
		error = in_difaddr_ioctl(cmd, data, ifp, cred);
363
		sx_xunlock(&in_control_sx);
364
		return (error);
365
	case OSIOCAIFADDR:	/* 9.x compat */
366
	case SIOCAIFADDR:
367
		sx_xlock(&in_control_sx);
368
		error = in_aifaddr_ioctl(cmd, data, ifp, cred);
369
		sx_xunlock(&in_control_sx);
370
		return (error);
371
	case SIOCSIFADDR:
372
	case SIOCSIFBRDADDR:
373
	case SIOCSIFDSTADDR:
374
	case SIOCSIFNETMASK:
375
		/* We no longer support that old commands. */
376
		return (EINVAL);
377
	default:
378
		if (ifp->if_ioctl == NULL)
379
			return (EOPNOTSUPP);
380
		return ((*ifp->if_ioctl)(ifp, cmd, data));
381
	}
382

383
	if (addr->sin_addr.s_addr != INADDR_ANY &&
384
	    prison_check_ip4(cred, &addr->sin_addr) != 0)
385
		return (EADDRNOTAVAIL);
386

387
	/*
388
	 * Find address for this interface, if it exists.  If an
389
	 * address was specified, find that one instead of the
390
	 * first one on the interface, if possible.
391
	 */
392
	NET_EPOCH_ENTER(et);
393
	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
394
		if (ifa->ifa_addr->sa_family != AF_INET)
395
			continue;
396
		ia = (struct in_ifaddr *)ifa;
397
		if (ia->ia_addr.sin_addr.s_addr == addr->sin_addr.s_addr)
398
			break;
399
	}
400
	if (ifa == NULL)
401
		CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link)
402
			if (ifa->ifa_addr->sa_family == AF_INET) {
403
				ia = (struct in_ifaddr *)ifa;
404
				if (prison_check_ip4(cred,
405
				    &ia->ia_addr.sin_addr) == 0)
406
					break;
407
			}
408

409
	if (ifa == NULL) {
410
		NET_EPOCH_EXIT(et);
411
		return (EADDRNOTAVAIL);
412
	}
413

414
	error = 0;
415
	switch (cmd) {
416
	case SIOCGIFADDR:
417
		*addr = ia->ia_addr;
418
		break;
419

420
	case SIOCGIFBRDADDR:
421
		if ((ifp->if_flags & IFF_BROADCAST) == 0) {
422
			error = EINVAL;
423
			break;
424
		}
425
		*addr = ia->ia_broadaddr;
426
		break;
427

428
	case SIOCGIFDSTADDR:
429
		if ((ifp->if_flags & IFF_POINTOPOINT) == 0) {
430
			error = EINVAL;
431
			break;
432
		}
433
		*addr = ia->ia_dstaddr;
434
		break;
435

436
	case SIOCGIFNETMASK:
437
		*addr = ia->ia_sockmask;
438
		break;
439
	}
440

441
	NET_EPOCH_EXIT(et);
442

443
	return (error);
444
}
445

446
int
447
in_mask2len(struct in_addr *mask)
448
{
449
	int x, y;
450
	u_char *p;
451

452
	p = (u_char *)mask;
453
	for (x = 0; x < sizeof(*mask); x++) {
454
		if (p[x] != 0xff)
455
			break;
456
	}
457
	y = 0;
458
	if (x < sizeof(*mask)) {
459
		for (y = 0; y < 8; y++) {
460
			if ((p[x] & (0x80 >> y)) == 0)
461
				break;
462
		}
463
	}
464
	return (x * 8 + y);
465
}
466

467
int
468
in_control(struct socket *so, u_long cmd, void *data, struct ifnet *ifp,
469
    struct thread *td)
470
{
471
	return (in_control_ioctl(cmd, data, ifp, td ? td->td_ucred : NULL));
472
}
473

474
static int
475
in_aifaddr_ioctl(u_long cmd, caddr_t data, struct ifnet *ifp, struct ucred *cred)
476
{
477
	const struct in_aliasreq *ifra = (struct in_aliasreq *)data;
478
	const struct sockaddr_in *addr = &ifra->ifra_addr;
479
	const struct sockaddr_in *broadaddr = &ifra->ifra_broadaddr;
480
	const struct sockaddr_in *mask = &ifra->ifra_mask;
481
	const struct sockaddr_in *dstaddr = &ifra->ifra_dstaddr;
482
	const int vhid = (cmd == SIOCAIFADDR) ? ifra->ifra_vhid : 0;
483
	struct epoch_tracker et;
484
	struct ifaddr *ifa;
485
	struct in_ifaddr *ia;
486
	bool iaIsFirst;
487
	int error = 0;
488

489
	error = priv_check_cred(cred, PRIV_NET_ADDIFADDR);
490
	if (error)
491
		return (error);
492

493
	/*
494
	 * ifra_addr must be present and be of INET family.
495
	 * ifra_broadaddr/ifra_dstaddr and ifra_mask are optional.
496
	 */
497
	if (addr->sin_len != sizeof(struct sockaddr_in) ||
498
	    addr->sin_family != AF_INET)
499
		return (EINVAL);
500
	if (broadaddr->sin_len != 0 &&
501
	    (broadaddr->sin_len != sizeof(struct sockaddr_in) ||
502
	    broadaddr->sin_family != AF_INET))
503
		return (EINVAL);
504
	if (mask->sin_len != 0 &&
505
	    (mask->sin_len != sizeof(struct sockaddr_in) ||
506
	    mask->sin_family != AF_INET))
507
		return (EINVAL);
508
	if ((ifp->if_flags & IFF_POINTOPOINT) &&
509
	    (dstaddr->sin_len != sizeof(struct sockaddr_in) ||
510
	     dstaddr->sin_addr.s_addr == INADDR_ANY))
511
		return (EDESTADDRREQ);
512
	if (vhid != 0 && carp_attach_p == NULL)
513
		return (EPROTONOSUPPORT);
514

515
#ifdef MAC
516
	/* Check if a MAC policy disallows setting the IPv4 address. */
517
	error = mac_inet_check_add_addr(cred, &addr->sin_addr, ifp);
518
	if (error != 0)
519
		return (error);
520
#endif
521

522
	/*
523
	 * Check if bridge wants to allow adding addrs to member interfaces.
524
	 */
525
	if (ifp->if_bridge != NULL && ifp->if_type != IFT_GIF &&
526
	    bridge_member_ifaddrs_p != NULL) {
527
		if (bridge_member_ifaddrs_p())
528
			if_printf(ifp, "WARNING: Assigning an IP address to "
529
			    "an interface which is also a bridge member is "
530
			    "deprecated and will be unsupported in a future "
531
			    "release.\n");
532
		else
533
			return (EINVAL);
534
	}
535

536
	/*
537
	 * See whether address already exist.
538
	 */
539
	iaIsFirst = true;
540
	ia = NULL;
541
	NET_EPOCH_ENTER(et);
542
	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
543
		struct in_ifaddr *it;
544

545
		if (ifa->ifa_addr->sa_family != AF_INET)
546
			continue;
547

548
		it = (struct in_ifaddr *)ifa;
549
		if (it->ia_addr.sin_addr.s_addr == addr->sin_addr.s_addr &&
550
		    prison_check_ip4(cred, &addr->sin_addr) == 0)
551
			ia = it;
552
		else
553
			iaIsFirst = false;
554
	}
555
	NET_EPOCH_EXIT(et);
556

557
	if (ia != NULL)
558
		(void )in_difaddr_ioctl(cmd, data, ifp, cred);
559

560
	ifa = ifa_alloc(sizeof(struct in_ifaddr), M_WAITOK);
561
	ia = (struct in_ifaddr *)ifa;
562
	ifa->ifa_addr = (struct sockaddr *)&ia->ia_addr;
563
	ifa->ifa_dstaddr = (struct sockaddr *)&ia->ia_dstaddr;
564
	ifa->ifa_netmask = (struct sockaddr *)&ia->ia_sockmask;
565
	callout_init_rw(&ia->ia_garp_timer, &ifp->if_addr_lock,
566
	    CALLOUT_RETURNUNLOCKED);
567

568
	ia->ia_ifp = ifp;
569
	ia->ia_addr = *addr;
570
	if (mask->sin_len != 0) {
571
		ia->ia_sockmask = *mask;
572
		ia->ia_subnetmask = ntohl(ia->ia_sockmask.sin_addr.s_addr);
573
	} else {
574
		in_addr_t i = ntohl(addr->sin_addr.s_addr);
575

576
		/*
577
	 	 * If netmask isn't supplied, use historical default.
578
		 * This is deprecated for interfaces other than loopback
579
		 * or point-to-point; warn in other cases.  In the future
580
		 * we should return an error rather than warning.
581
	 	 */
582
		if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) == 0)
583
			printf("%s: set address: WARNING: network mask "
584
			     "should be specified; using historical default\n",
585
			     ifp->if_xname);
586
		if (IN_CLASSA(i))
587
			ia->ia_subnetmask = IN_CLASSA_NET;
588
		else if (IN_CLASSB(i))
589
			ia->ia_subnetmask = IN_CLASSB_NET;
590
		else
591
			ia->ia_subnetmask = IN_CLASSC_NET;
592
		ia->ia_sockmask.sin_addr.s_addr = htonl(ia->ia_subnetmask);
593
	}
594
	ia->ia_subnet = ntohl(addr->sin_addr.s_addr) & ia->ia_subnetmask;
595
	in_socktrim(&ia->ia_sockmask);
596

597
	if (ifp->if_flags & IFF_BROADCAST) {
598
		if (broadaddr->sin_len != 0) {
599
			ia->ia_broadaddr = *broadaddr;
600
		} else if (ia->ia_subnetmask == IN_RFC3021_MASK) {
601
			ia->ia_broadaddr.sin_addr.s_addr = INADDR_BROADCAST;
602
			ia->ia_broadaddr.sin_len = sizeof(struct sockaddr_in);
603
			ia->ia_broadaddr.sin_family = AF_INET;
604
		} else {
605
			ia->ia_broadaddr.sin_addr.s_addr =
606
			    htonl(ia->ia_subnet | ~ia->ia_subnetmask);
607
			ia->ia_broadaddr.sin_len = sizeof(struct sockaddr_in);
608
			ia->ia_broadaddr.sin_family = AF_INET;
609
		}
610
	}
611

612
	if (ifp->if_flags & IFF_POINTOPOINT)
613
		ia->ia_dstaddr = *dstaddr;
614

615
	if (vhid != 0) {
616
		error = (*carp_attach_p)(&ia->ia_ifa, vhid);
617
		if (error)
618
			return (error);
619
	}
620

621
	/* if_addrhead is already referenced by ifa_alloc() */
622
	IF_ADDR_WLOCK(ifp);
623
	CK_STAILQ_INSERT_TAIL(&ifp->if_addrhead, ifa, ifa_link);
624
	IF_ADDR_WUNLOCK(ifp);
625

626
	ifa_ref(ifa);			/* in_ifaddrhead */
627
	sx_assert(&in_control_sx, SA_XLOCKED);
628
	CK_STAILQ_INSERT_TAIL(&V_in_ifaddrhead, ia, ia_link);
629
	CK_LIST_INSERT_HEAD(INADDR_HASH(ia->ia_addr.sin_addr.s_addr), ia,
630
	    ia_hash);
631

632
	/*
633
	 * Give the interface a chance to initialize
634
	 * if this is its first address,
635
	 * and to validate the address if necessary.
636
	 */
637
	if (ifp->if_ioctl != NULL) {
638
		error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia);
639
		if (error)
640
			goto fail1;
641
	}
642

643
	/*
644
	 * Add route for the network.
645
	 */
646
	if (vhid == 0) {
647
		error = in_addprefix(ia);
648
		if (error)
649
			goto fail1;
650
	}
651

652
	/*
653
	 * Add a loopback route to self.
654
	 */
655
	if (vhid == 0 && ia_need_loopback_route(ia)) {
656
		struct in_ifaddr *eia;
657

658
		eia = in_localip_more(ia);
659

660
		if (eia == NULL) {
661
			error = ifa_add_loopback_route((struct ifaddr *)ia,
662
			    (struct sockaddr *)&ia->ia_addr);
663
			if (error)
664
				goto fail2;
665
		} else
666
			ifa_free(&eia->ia_ifa);
667
	}
668

669
	if (iaIsFirst && (ifp->if_flags & IFF_MULTICAST)) {
670
		struct in_addr allhosts_addr;
671
		struct in_ifinfo *ii;
672

673
		ii = ((struct in_ifinfo *)ifp->if_afdata[AF_INET]);
674
		allhosts_addr.s_addr = htonl(INADDR_ALLHOSTS_GROUP);
675

676
		error = in_joingroup(ifp, &allhosts_addr, NULL,
677
			&ii->ii_allhosts);
678
	}
679

680
	/*
681
	 * Note: we don't need extra reference for ifa, since we called
682
	 * with sx lock held, and ifaddr can not be deleted in concurrent
683
	 * thread.
684
	 */
685
	EVENTHANDLER_INVOKE(ifaddr_event_ext, ifp, ifa, IFADDR_EVENT_ADD);
686

687
	return (error);
688

689
fail2:
690
	if (vhid == 0)
691
		(void )in_scrubprefix(ia, LLE_STATIC);
692

693
fail1:
694
	if (ia->ia_ifa.ifa_carp)
695
		(*carp_detach_p)(&ia->ia_ifa, false);
696

697
	IF_ADDR_WLOCK(ifp);
698
	CK_STAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifaddr, ifa_link);
699
	IF_ADDR_WUNLOCK(ifp);
700
	ifa_free(&ia->ia_ifa);		/* if_addrhead */
701

702
	sx_assert(&in_control_sx, SA_XLOCKED);
703
	CK_STAILQ_REMOVE(&V_in_ifaddrhead, ia, in_ifaddr, ia_link);
704
	CK_LIST_REMOVE(ia, ia_hash);
705
	ifa_free(&ia->ia_ifa);		/* in_ifaddrhead */
706

707
	return (error);
708
}
709

710
static int
711
in_difaddr_ioctl(u_long cmd, caddr_t data, struct ifnet *ifp, struct ucred *cred)
712
{
713
	const struct ifreq *ifr = (struct ifreq *)data;
714
	const struct sockaddr_in *addr = (const struct sockaddr_in *)
715
	    &ifr->ifr_addr;
716
	struct ifaddr *ifa;
717
	struct in_ifaddr *ia;
718
	bool deleteAny, iaIsLast;
719
	int error;
720

721
	if (cred != NULL) {
722
		error = priv_check_cred(cred, PRIV_NET_DELIFADDR);
723
		if (error)
724
			return (error);
725
	}
726

727
	if (addr->sin_len != sizeof(struct sockaddr_in) ||
728
	    addr->sin_family != AF_INET)
729
		deleteAny = true;
730
	else
731
		deleteAny = false;
732

733
	iaIsLast = true;
734
	ia = NULL;
735
	IF_ADDR_WLOCK(ifp);
736
	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
737
		struct in_ifaddr *it;
738

739
		if (ifa->ifa_addr->sa_family != AF_INET)
740
			continue;
741

742
		it = (struct in_ifaddr *)ifa;
743
		if (deleteAny && ia == NULL && (cred == NULL ||
744
		    prison_check_ip4(cred, &it->ia_addr.sin_addr) == 0))
745
			ia = it;
746

747
		if (it->ia_addr.sin_addr.s_addr == addr->sin_addr.s_addr &&
748
		    (cred == NULL || prison_check_ip4(cred,
749
		    &addr->sin_addr) == 0))
750
			ia = it;
751

752
		if (it != ia)
753
			iaIsLast = false;
754
	}
755

756
	if (ia == NULL) {
757
		IF_ADDR_WUNLOCK(ifp);
758
		return (EADDRNOTAVAIL);
759
	}
760

761
	CK_STAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifaddr, ifa_link);
762
	IF_ADDR_WUNLOCK(ifp);
763
	ifa_free(&ia->ia_ifa);		/* if_addrhead */
764

765
	sx_assert(&in_control_sx, SA_XLOCKED);
766
	CK_STAILQ_REMOVE(&V_in_ifaddrhead, ia, in_ifaddr, ia_link);
767
	CK_LIST_REMOVE(ia, ia_hash);
768

769
	/*
770
	 * in_scrubprefix() kills the interface route.
771
	 */
772
	in_scrubprefix(ia, LLE_STATIC);
773

774
	/*
775
	 * in_ifadown gets rid of all the rest of
776
	 * the routes.  This is not quite the right
777
	 * thing to do, but at least if we are running
778
	 * a routing process they will come back.
779
	 */
780
	in_ifadown(&ia->ia_ifa, 1);
781

782
	if (ia->ia_ifa.ifa_carp)
783
		(*carp_detach_p)(&ia->ia_ifa, cmd == SIOCAIFADDR);
784

785
	/*
786
	 * If this is the last IPv4 address configured on this
787
	 * interface, leave the all-hosts group.
788
	 * No state-change report need be transmitted.
789
	 */
790
	if (iaIsLast && (ifp->if_flags & IFF_MULTICAST)) {
791
		struct in_ifinfo *ii;
792

793
		ii = ((struct in_ifinfo *)ifp->if_afdata[AF_INET]);
794
		if (ii->ii_allhosts) {
795
			(void)in_leavegroup(ii->ii_allhosts, NULL);
796
			ii->ii_allhosts = NULL;
797
		}
798
	}
799

800
	IF_ADDR_WLOCK(ifp);
801
	if (callout_stop(&ia->ia_garp_timer) == 1) {
802
		ifa_free(&ia->ia_ifa);
803
	}
804
	IF_ADDR_WUNLOCK(ifp);
805

806
	EVENTHANDLER_INVOKE(ifaddr_event_ext, ifp, &ia->ia_ifa,
807
	    IFADDR_EVENT_DEL);
808
	ifa_free(&ia->ia_ifa);		/* in_ifaddrhead */
809

810
	return (0);
811
}
812

813
static int
814
in_gifaddr_ioctl(u_long cmd, caddr_t data, struct ifnet *ifp, struct ucred *cred)
815
{
816
	struct in_aliasreq *ifra = (struct in_aliasreq *)data;
817
	const struct sockaddr_in *addr = &ifra->ifra_addr;
818
	struct epoch_tracker et;
819
	struct ifaddr *ifa;
820
	struct in_ifaddr *ia;
821

822
	/*
823
	 * ifra_addr must be present and be of INET family.
824
	 */
825
	if (addr->sin_len != sizeof(struct sockaddr_in) ||
826
	    addr->sin_family != AF_INET)
827
		return (EINVAL);
828

829
	/*
830
	 * See whether address exist.
831
	 */
832
	ia = NULL;
833
	NET_EPOCH_ENTER(et);
834
	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
835
		struct in_ifaddr *it;
836

837
		if (ifa->ifa_addr->sa_family != AF_INET)
838
			continue;
839

840
		it = (struct in_ifaddr *)ifa;
841
		if (it->ia_addr.sin_addr.s_addr == addr->sin_addr.s_addr &&
842
		    prison_check_ip4(cred, &addr->sin_addr) == 0) {
843
			ia = it;
844
			break;
845
		}
846
	}
847
	if (ia == NULL) {
848
		NET_EPOCH_EXIT(et);
849
		return (EADDRNOTAVAIL);
850
	}
851

852
	ifra->ifra_mask = ia->ia_sockmask;
853
	if ((ifp->if_flags & IFF_POINTOPOINT) &&
854
	    ia->ia_dstaddr.sin_family == AF_INET)
855
		ifra->ifra_dstaddr = ia->ia_dstaddr;
856
	else if ((ifp->if_flags & IFF_BROADCAST) &&
857
	    ia->ia_broadaddr.sin_family == AF_INET)
858
		ifra->ifra_broadaddr = ia->ia_broadaddr;
859
	else
860
		memset(&ifra->ifra_broadaddr, 0,
861
		    sizeof(ifra->ifra_broadaddr));
862

863
	NET_EPOCH_EXIT(et);
864
	return (0);
865
}
866

867
static int
868
in_match_ifaddr(const struct rtentry *rt, const struct nhop_object *nh, void *arg)
869
{
870

871
	if (nh->nh_ifa == (struct ifaddr *)arg)
872
		return (1);
873

874
	return (0);
875
}
876

877
static int
878
in_handle_prefix_route(uint32_t fibnum, int cmd,
879
    struct sockaddr_in *dst, struct sockaddr_in *netmask, struct ifaddr *ifa,
880
    struct ifnet *ifp)
881
{
882

883
	NET_EPOCH_ASSERT();
884

885
	/* Prepare gateway */
886
	struct sockaddr_dl_short sdl = {
887
		.sdl_family = AF_LINK,
888
		.sdl_len = sizeof(struct sockaddr_dl_short),
889
		.sdl_type = ifa->ifa_ifp->if_type,
890
		.sdl_index = ifa->ifa_ifp->if_index,
891
	};
892

893
	struct rt_addrinfo info = {
894
		.rti_ifa = ifa,
895
		.rti_ifp = ifp,
896
		.rti_flags = RTF_PINNED | ((netmask != NULL) ? 0 : RTF_HOST),
897
		.rti_info = {
898
			[RTAX_DST] = (struct sockaddr *)dst,
899
			[RTAX_NETMASK] = (struct sockaddr *)netmask,
900
			[RTAX_GATEWAY] = (struct sockaddr *)&sdl,
901
		},
902
		/* Ensure we delete the prefix IFF prefix ifa matches */
903
		.rti_filter = in_match_ifaddr,
904
		.rti_filterdata = ifa,
905
	};
906

907
	return (rib_handle_ifaddr_info(fibnum, cmd, &info));
908
}
909

910
/*
911
 * Routing table interaction with interface addresses.
912
 *
913
 * In general, two types of routes needs to be installed:
914
 * a) "interface" or "prefix" route, telling user that the addresses
915
 *   behind the ifa prefix are reached directly.
916
 * b) "loopback" route installed for the ifa address, telling user that
917
 *   the address belongs to local system.
918
 *
919
 * Handling for (a) and (b) differs in multi-fib aspects, hence they
920
 *  are implemented in different functions below.
921
 *
922
 * The cases above may intersect - /32 interface aliases results in
923
 *  the same prefix produced by (a) and (b). This blurs the definition
924
 *  of the "loopback" route and complicate interactions. The interaction
925
 *  table is defined below. The case numbers are used in the multiple
926
 *  functions below to refer to the particular test case.
927
 *
928
 * There can be multiple options:
929
 * 1) Adding address with prefix on non-p2p/non-loopback interface.
930
 *  Example: 192.0.2.1/24. Action:
931
 *  * add "prefix" route towards 192.0.2.0/24 via @ia interface,
932
 *    using @ia as an address source.
933
 *  * add "loopback" route towards 192.0.2.1 via V_loif, saving
934
 *   @ia ifp in the gateway and using @ia as an address source.
935
 *
936
 * 2) Adding address with /32 mask to non-p2p/non-loopback interface.
937
 *  Example: 192.0.2.2/32. Action:
938
 *  * add "prefix" host route via V_loif, using @ia as an address source.
939
 *
940
 * 3) Adding address with or without prefix to p2p interface.
941
 *  Example: 10.0.0.1/24->10.0.0.2. Action:
942
 *  * add "prefix" host route towards 10.0.0.2 via this interface, using @ia
943
 *    as an address source. Note: no sense in installing full /24 as the interface
944
 *    is point-to-point.
945
 *  * add "loopback" route towards 10.0.9.1 via V_loif, saving
946
 *   @ia ifp in the gateway and using @ia as an address source.
947
 *
948
 * 4) Adding address with or without prefix to loopback interface.
949
 *  Example: 192.0.2.1/24. Action:
950
 *  * add "prefix" host route via @ia interface, using @ia as an address source.
951
 *    Note: Skip installing /24 prefix as it would introduce TTL loop
952
 *    for the traffic destined to these addresses.
953
 */
954

955
/*
956
 * Checks if @ia needs to install loopback route to @ia address via
957
 *  ifa_maintain_loopback_route().
958
 *
959
 * Return true on success.
960
 */
961
static bool
962
ia_need_loopback_route(const struct in_ifaddr *ia)
963
{
964
	struct ifnet *ifp = ia->ia_ifp;
965

966
	/* Case 4: Skip loopback interfaces */
967
	if ((ifp->if_flags & IFF_LOOPBACK) ||
968
	    (ia->ia_addr.sin_addr.s_addr == INADDR_ANY))
969
		return (false);
970

971
	/* Clash avoidance: Skip p2p interfaces with both addresses are equal */
972
	if ((ifp->if_flags & IFF_POINTOPOINT) &&
973
	    ia->ia_dstaddr.sin_addr.s_addr == ia->ia_addr.sin_addr.s_addr)
974
		return (false);
975

976
	/* Case 2: skip /32 prefixes */
977
	if (!(ifp->if_flags & IFF_POINTOPOINT) &&
978
	    (ia->ia_sockmask.sin_addr.s_addr == INADDR_BROADCAST))
979
		return (false);
980

981
	return (true);
982
}
983

984
/*
985
 * Calculate "prefix" route corresponding to @ia.
986
 */
987
static void
988
ia_getrtprefix(const struct in_ifaddr *ia, struct in_addr *prefix, struct in_addr *mask)
989
{
990

991
	if (ia->ia_ifp->if_flags & IFF_POINTOPOINT) {
992
		/* Case 3: return host route for dstaddr */
993
		*prefix = ia->ia_dstaddr.sin_addr;
994
		mask->s_addr = INADDR_BROADCAST;
995
	} else if (ia->ia_ifp->if_flags & IFF_LOOPBACK) {
996
		/* Case 4: return host route for ifaddr */
997
		*prefix = ia->ia_addr.sin_addr;
998
		mask->s_addr = INADDR_BROADCAST;
999
	} else {
1000
		/* Cases 1,2: return actual ia prefix */
1001
		*prefix = ia->ia_addr.sin_addr;
1002
		*mask = ia->ia_sockmask.sin_addr;
1003
		prefix->s_addr &= mask->s_addr;
1004
	}
1005
}
1006

1007
/*
1008
 * Adds or delete interface "prefix" route corresponding to @ifa.
1009
 *  Returns 0 on success or errno.
1010
 */
1011
static int
1012
in_handle_ifaddr_route(int cmd, struct in_ifaddr *ia)
1013
{
1014
	struct ifaddr *ifa = &ia->ia_ifa;
1015
	struct in_addr daddr, maddr;
1016
	struct sockaddr_in *pmask;
1017
	struct epoch_tracker et;
1018
	int error;
1019

1020
	ia_getrtprefix(ia, &daddr, &maddr);
1021

1022
	struct sockaddr_in mask = {
1023
		.sin_family = AF_INET,
1024
		.sin_len = sizeof(struct sockaddr_in),
1025
		.sin_addr = maddr,
1026
	};
1027

1028
	pmask = (maddr.s_addr != INADDR_BROADCAST) ? &mask : NULL;
1029

1030
	struct sockaddr_in dst = {
1031
		.sin_family = AF_INET,
1032
		.sin_len = sizeof(struct sockaddr_in),
1033
		.sin_addr.s_addr = daddr.s_addr & maddr.s_addr,
1034
	};
1035

1036
	struct ifnet *ifp = ia->ia_ifp;
1037

1038
	if ((maddr.s_addr == INADDR_BROADCAST) &&
1039
	    (!(ia->ia_ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)))) {
1040
		/* Case 2: host route on broadcast interface */
1041
		ifp = V_loif;
1042
	}
1043

1044
	uint32_t fibnum = ifa->ifa_ifp->if_fib;
1045
	NET_EPOCH_ENTER(et);
1046
	error = in_handle_prefix_route(fibnum, cmd, &dst, pmask, ifa, ifp);
1047
	NET_EPOCH_EXIT(et);
1048

1049
	return (error);
1050
}
1051

1052
/*
1053
 * Check if we have a route for the given prefix already.
1054
 */
1055
static bool
1056
in_hasrtprefix(struct in_ifaddr *target)
1057
{
1058
	struct epoch_tracker et;
1059
	struct in_ifaddr *ia;
1060
	struct in_addr prefix, mask, p, m;
1061
	bool result = false;
1062

1063
	ia_getrtprefix(target, &prefix, &mask);
1064

1065
	/* Look for an existing address with the same prefix, mask, and fib */
1066
	NET_EPOCH_ENTER(et);
1067
	CK_STAILQ_FOREACH(ia, &V_in_ifaddrhead, ia_link) {
1068
		ia_getrtprefix(ia, &p, &m);
1069

1070
		if (prefix.s_addr != p.s_addr ||
1071
		    mask.s_addr != m.s_addr)
1072
			continue;
1073

1074
		if (target->ia_ifp->if_fib != ia->ia_ifp->if_fib)
1075
			continue;
1076

1077
		/*
1078
		 * If we got a matching prefix route inserted by other
1079
		 * interface address, we are done here.
1080
		 */
1081
		if (ia->ia_flags & IFA_ROUTE) {
1082
			result = true;
1083
			break;
1084
		}
1085
	}
1086
	NET_EPOCH_EXIT(et);
1087

1088
	return (result);
1089
}
1090

1091
int
1092
in_addprefix(struct in_ifaddr *target)
1093
{
1094
	int error;
1095

1096
	if (in_hasrtprefix(target)) {
1097
		if (V_nosameprefix)
1098
			return (EEXIST);
1099
		else {
1100
			rt_addrmsg(RTM_ADD, &target->ia_ifa,
1101
			    target->ia_ifp->if_fib);
1102
			return (0);
1103
		}
1104
	}
1105

1106
	/*
1107
	 * No-one seem to have this prefix route, so we try to insert it.
1108
	 */
1109
	rt_addrmsg(RTM_ADD, &target->ia_ifa, target->ia_ifp->if_fib);
1110
	error = in_handle_ifaddr_route(RTM_ADD, target);
1111
	if (!error)
1112
		target->ia_flags |= IFA_ROUTE;
1113
	return (error);
1114
}
1115

1116
/*
1117
 * Removes either all lle entries for given @ia, or lle
1118
 * corresponding to @ia address.
1119
 */
1120
static void
1121
in_scrubprefixlle(struct in_ifaddr *ia, int all, u_int flags)
1122
{
1123
	struct sockaddr_in addr, mask;
1124
	struct sockaddr *saddr, *smask;
1125
	struct ifnet *ifp;
1126

1127
	saddr = (struct sockaddr *)&addr;
1128
	bzero(&addr, sizeof(addr));
1129
	addr.sin_len = sizeof(addr);
1130
	addr.sin_family = AF_INET;
1131
	smask = (struct sockaddr *)&mask;
1132
	bzero(&mask, sizeof(mask));
1133
	mask.sin_len = sizeof(mask);
1134
	mask.sin_family = AF_INET;
1135
	mask.sin_addr.s_addr = ia->ia_subnetmask;
1136
	ifp = ia->ia_ifp;
1137

1138
	if (all) {
1139
		/*
1140
		 * Remove all L2 entries matching given prefix.
1141
		 * Convert address to host representation to avoid
1142
		 * doing this on every callback. ia_subnetmask is already
1143
		 * stored in host representation.
1144
		 */
1145
		addr.sin_addr.s_addr = ntohl(ia->ia_addr.sin_addr.s_addr);
1146
		lltable_prefix_free(AF_INET, saddr, smask, flags);
1147
	} else {
1148
		/* Remove interface address only */
1149
		addr.sin_addr.s_addr = ia->ia_addr.sin_addr.s_addr;
1150
		lltable_delete_addr(LLTABLE(ifp), LLE_IFADDR, saddr);
1151
	}
1152
}
1153

1154
/*
1155
 * If there is no other address in the system that can serve a route to the
1156
 * same prefix, remove the route.  Hand over the route to the new address
1157
 * otherwise.
1158
 */
1159
int
1160
in_scrubprefix(struct in_ifaddr *target, u_int flags)
1161
{
1162
	struct epoch_tracker et;
1163
	struct in_ifaddr *ia;
1164
	struct in_addr prefix, mask, p, m;
1165
	int error = 0;
1166

1167
	/*
1168
	 * Remove the loopback route to the interface address.
1169
	 */
1170
	if (ia_need_loopback_route(target) && (flags & LLE_STATIC)) {
1171
		struct in_ifaddr *eia;
1172

1173
		eia = in_localip_more(target);
1174

1175
		if (eia != NULL) {
1176
			error = ifa_switch_loopback_route((struct ifaddr *)eia,
1177
			    (struct sockaddr *)&target->ia_addr);
1178
			ifa_free(&eia->ia_ifa);
1179
		} else {
1180
			error = ifa_del_loopback_route((struct ifaddr *)target,
1181
			    (struct sockaddr *)&target->ia_addr);
1182
		}
1183
	}
1184

1185
	ia_getrtprefix(target, &prefix, &mask);
1186

1187
	if ((target->ia_flags & IFA_ROUTE) == 0) {
1188
		rt_addrmsg(RTM_DELETE, &target->ia_ifa, target->ia_ifp->if_fib);
1189

1190
		/*
1191
		 * Removing address from !IFF_UP interface or
1192
		 * prefix which exists on other interface (along with route).
1193
		 * No entries should exist here except target addr.
1194
		 * Given that, delete this entry only.
1195
		 */
1196
		in_scrubprefixlle(target, 0, flags);
1197
		return (0);
1198
	}
1199

1200
	NET_EPOCH_ENTER(et);
1201
	CK_STAILQ_FOREACH(ia, &V_in_ifaddrhead, ia_link) {
1202
		ia_getrtprefix(ia, &p, &m);
1203

1204
		if (prefix.s_addr != p.s_addr ||
1205
		    mask.s_addr != m.s_addr)
1206
			continue;
1207

1208
		if ((ia->ia_ifp->if_flags & IFF_UP) == 0)
1209
			continue;
1210

1211
		/*
1212
		 * If we got a matching prefix address, move IFA_ROUTE and
1213
		 * the route itself to it.  Make sure that routing daemons
1214
		 * get a heads-up.
1215
		 */
1216
		if ((ia->ia_flags & IFA_ROUTE) == 0) {
1217
			ifa_ref(&ia->ia_ifa);
1218
			NET_EPOCH_EXIT(et);
1219
			error = in_handle_ifaddr_route(RTM_DELETE, target);
1220
			if (error == 0)
1221
				target->ia_flags &= ~IFA_ROUTE;
1222
			else
1223
				log(LOG_INFO, "in_scrubprefix: err=%d, old prefix delete failed\n",
1224
					error);
1225
			/* Scrub all entries IFF interface is different */
1226
			in_scrubprefixlle(target, target->ia_ifp != ia->ia_ifp,
1227
			    flags);
1228
			error = in_handle_ifaddr_route(RTM_ADD, ia);
1229
			if (error == 0)
1230
				ia->ia_flags |= IFA_ROUTE;
1231
			else
1232
				log(LOG_INFO, "in_scrubprefix: err=%d, new prefix add failed\n",
1233
					error);
1234
			ifa_free(&ia->ia_ifa);
1235
			return (error);
1236
		}
1237
	}
1238
	NET_EPOCH_EXIT(et);
1239

1240
	/*
1241
	 * remove all L2 entries on the given prefix
1242
	 */
1243
	in_scrubprefixlle(target, 1, flags);
1244

1245
	/*
1246
	 * As no-one seem to have this prefix, we can remove the route.
1247
	 */
1248
	rt_addrmsg(RTM_DELETE, &target->ia_ifa, target->ia_ifp->if_fib);
1249
	error = in_handle_ifaddr_route(RTM_DELETE, target);
1250
	if (error == 0)
1251
		target->ia_flags &= ~IFA_ROUTE;
1252
	else
1253
		log(LOG_INFO, "in_scrubprefix: err=%d, prefix delete failed\n", error);
1254
	return (error);
1255
}
1256

1257
void
1258
in_ifscrub_all(void)
1259
{
1260
	struct ifnet *ifp;
1261
	struct ifaddr *ifa, *nifa;
1262
	struct ifreq ifr;
1263

1264
	IFNET_RLOCK();
1265
	CK_STAILQ_FOREACH(ifp, &V_ifnet, if_link) {
1266
		/* Cannot lock here - lock recursion. */
1267
		/* NET_EPOCH_ENTER(et); */
1268
		CK_STAILQ_FOREACH_SAFE(ifa, &ifp->if_addrhead, ifa_link, nifa) {
1269
			if (ifa->ifa_addr->sa_family != AF_INET)
1270
				continue;
1271

1272
			/*
1273
			 * This is ugly but the only way for legacy IP to
1274
			 * cleanly remove addresses and everything attached.
1275
			 */
1276
			bzero(&ifr, sizeof(ifr));
1277
			ifr.ifr_addr = *ifa->ifa_addr;
1278
			(void)in_control(NULL, SIOCDIFADDR, (caddr_t)&ifr,
1279
			    ifp, NULL);
1280
		}
1281
		/* NET_EPOCH_EXIT(et); */
1282
		in_purgemaddrs(ifp);
1283
		igmp_domifdetach(ifp);
1284
	}
1285
	IFNET_RUNLOCK();
1286
}
1287

1288
bool
1289
in_ifaddr_broadcast(struct in_addr in, struct in_ifaddr *ia)
1290
{
1291

1292
	return ((in.s_addr == ia->ia_broadaddr.sin_addr.s_addr ||
1293
	     /*
1294
	      * Optionally check for old-style (host 0) broadcast, but
1295
	      * taking into account that RFC 3021 obsoletes it.
1296
	      */
1297
	    __predict_false(V_broadcast_lowest &&
1298
	    ia->ia_subnetmask != IN_RFC3021_MASK &&
1299
	    ntohl(in.s_addr) == ia->ia_subnet)) &&
1300
	     /*
1301
	      * Check for an all one subnetmask. These
1302
	      * only exist when an interface gets a secondary
1303
	      * address.
1304
	      */
1305
	    ia->ia_subnetmask != (u_long)0xffffffff);
1306
}
1307

1308
/*
1309
 * Return true if the address might be a local broadcast address.
1310
 */
1311
bool
1312
in_ifnet_broadcast(struct in_addr in, struct ifnet *ifp)
1313
{
1314
	struct ifaddr *ifa;
1315

1316
	NET_EPOCH_ASSERT();
1317

1318
	if (in_broadcast(in))
1319
		return (true);
1320
	if ((ifp->if_flags & IFF_BROADCAST) == 0)
1321
		return (false);
1322
	/*
1323
	 * Look through the list of addresses for a match
1324
	 * with a broadcast address.
1325
	 */
1326
	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link)
1327
		if (ifa->ifa_addr->sa_family == AF_INET &&
1328
		    in_ifaddr_broadcast(in, (struct in_ifaddr *)ifa))
1329
			return (true);
1330
	return (false);
1331
}
1332

1333
/*
1334
 * On interface removal, clean up IPv4 data structures hung off of the ifnet.
1335
 */
1336
void
1337
in_ifdetach(struct ifnet *ifp)
1338
{
1339
	IN_MULTI_LOCK();
1340
	in_pcbpurgeif0(&V_ripcbinfo, ifp);
1341
	in_pcbpurgeif0(&V_udbinfo, ifp);
1342
	in_pcbpurgeif0(&V_ulitecbinfo, ifp);
1343
	in_purgemaddrs(ifp);
1344
	IN_MULTI_UNLOCK();
1345

1346
	/*
1347
	 * Make sure all multicast deletions invoking if_ioctl() are
1348
	 * completed before returning. Else we risk accessing a freed
1349
	 * ifnet structure pointer.
1350
	 */
1351
	inm_release_wait(NULL);
1352
}
1353

1354
static void
1355
in_ifnet_event(void *arg __unused, struct ifnet *ifp, int event)
1356
{
1357
	struct epoch_tracker et;
1358
	struct ifaddr *ifa;
1359
	struct in_ifaddr *ia;
1360
	int error;
1361

1362
	NET_EPOCH_ENTER(et);
1363
	switch (event) {
1364
	case IFNET_EVENT_DOWN:
1365
		CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1366
			if (ifa->ifa_addr->sa_family != AF_INET)
1367
				continue;
1368
			ia = (struct in_ifaddr *)ifa;
1369
			if ((ia->ia_flags & IFA_ROUTE) == 0)
1370
				continue;
1371
			ifa_ref(ifa);
1372
			/*
1373
			 * in_scrubprefix() kills the interface route.
1374
			 */
1375
			in_scrubprefix(ia, 0);
1376
			/*
1377
			 * in_ifadown gets rid of all the rest of the
1378
			 * routes.  This is not quite the right thing
1379
			 * to do, but at least if we are running a
1380
			 * routing process they will come back.
1381
			 */
1382
			in_ifadown(ifa, 0);
1383
			ifa_free(ifa);
1384
		}
1385
		break;
1386

1387
	case IFNET_EVENT_UP:
1388
		CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1389
			if (ifa->ifa_addr->sa_family != AF_INET)
1390
				continue;
1391
			ia = (struct in_ifaddr *)ifa;
1392
			if (ia->ia_flags & IFA_ROUTE)
1393
				continue;
1394
			ifa_ref(ifa);
1395
			error = ifa_del_loopback_route(ifa, ifa->ifa_addr);
1396
			rt_addrmsg(RTM_ADD, ifa, ifa->ifa_ifp->if_fib);
1397
			error = in_handle_ifaddr_route(RTM_ADD, ia);
1398
			if (error == 0)
1399
				ia->ia_flags |= IFA_ROUTE;
1400
			error = ifa_add_loopback_route(ifa, ifa->ifa_addr);
1401
			ifa_free(ifa);
1402
		}
1403
		break;
1404
	}
1405
	NET_EPOCH_EXIT(et);
1406
}
1407
EVENTHANDLER_DEFINE(ifnet_event, in_ifnet_event, NULL, EVENTHANDLER_PRI_ANY);
1408

1409
/*
1410
 * Delete all IPv4 multicast address records, and associated link-layer
1411
 * multicast address records, associated with ifp.
1412
 * XXX It looks like domifdetach runs AFTER the link layer cleanup.
1413
 * XXX This should not race with ifma_protospec being set during
1414
 * a new allocation, if it does, we have bigger problems.
1415
 */
1416
static void
1417
in_purgemaddrs(struct ifnet *ifp)
1418
{
1419
	struct epoch_tracker	 et;
1420
	struct in_multi_head purgeinms;
1421
	struct in_multi		*inm;
1422
	struct ifmultiaddr	*ifma;
1423

1424
	SLIST_INIT(&purgeinms);
1425
	IN_MULTI_LIST_LOCK();
1426

1427
	/*
1428
	 * Extract list of in_multi associated with the detaching ifp
1429
	 * which the PF_INET layer is about to release.
1430
	 * We need to do this as IF_ADDR_LOCK() may be re-acquired
1431
	 * by code further down.
1432
	 */
1433
	IF_ADDR_WLOCK(ifp);
1434
	NET_EPOCH_ENTER(et);
1435
	CK_STAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) {
1436
		inm = inm_ifmultiaddr_get_inm(ifma);
1437
		if (inm == NULL)
1438
			continue;
1439
		inm_rele_locked(&purgeinms, inm);
1440
	}
1441
	NET_EPOCH_EXIT(et);
1442
	IF_ADDR_WUNLOCK(ifp);
1443

1444
	inm_release_list_deferred(&purgeinms);
1445
	igmp_ifdetach(ifp);
1446
	IN_MULTI_LIST_UNLOCK();
1447
}
1448

1449
struct in_llentry {
1450
	struct llentry		base;
1451
};
1452

1453
#define	IN_LLTBL_DEFAULT_HSIZE	32
1454
#define	IN_LLTBL_HASH(k, h) \
1455
	(((((((k >> 8) ^ k) >> 8) ^ k) >> 8) ^ k) & ((h) - 1))
1456

1457
/*
1458
 * Do actual deallocation of @lle.
1459
 */
1460
static void
1461
in_lltable_destroy_lle_unlocked(epoch_context_t ctx)
1462
{
1463
	struct llentry *lle;
1464

1465
	lle = __containerof(ctx, struct llentry, lle_epoch_ctx);
1466
	LLE_LOCK_DESTROY(lle);
1467
	LLE_REQ_DESTROY(lle);
1468
	free(lle, M_LLTABLE);
1469
}
1470

1471
/*
1472
 * Called by LLE_FREE_LOCKED when number of references
1473
 * drops to zero.
1474
 */
1475
static void
1476
in_lltable_destroy_lle(struct llentry *lle)
1477
{
1478

1479
	LLE_WUNLOCK(lle);
1480
	NET_EPOCH_CALL(in_lltable_destroy_lle_unlocked, &lle->lle_epoch_ctx);
1481
}
1482

1483
static struct llentry *
1484
in_lltable_new(struct in_addr addr4, u_int flags)
1485
{
1486
	struct in_llentry *lle;
1487

1488
	lle = malloc(sizeof(struct in_llentry), M_LLTABLE, M_NOWAIT | M_ZERO);
1489
	if (lle == NULL)		/* NB: caller generates msg */
1490
		return NULL;
1491

1492
	/*
1493
	 * For IPv4 this will trigger "arpresolve" to generate
1494
	 * an ARP request.
1495
	 */
1496
	lle->base.la_expire = time_uptime; /* mark expired */
1497
	lle->base.r_l3addr.addr4 = addr4;
1498
	lle->base.lle_refcnt = 1;
1499
	lle->base.lle_free = in_lltable_destroy_lle;
1500
	LLE_LOCK_INIT(&lle->base);
1501
	LLE_REQ_INIT(&lle->base);
1502
	callout_init(&lle->base.lle_timer, 1);
1503

1504
	return (&lle->base);
1505
}
1506

1507
static int
1508
in_lltable_match_prefix(const struct sockaddr *saddr,
1509
    const struct sockaddr *smask, u_int flags, struct llentry *lle)
1510
{
1511
	struct in_addr addr, mask, lle_addr;
1512

1513
	addr = ((const struct sockaddr_in *)saddr)->sin_addr;
1514
	mask = ((const struct sockaddr_in *)smask)->sin_addr;
1515
	lle_addr.s_addr = ntohl(lle->r_l3addr.addr4.s_addr);
1516

1517
	if (IN_ARE_MASKED_ADDR_EQUAL(lle_addr, addr, mask) == 0)
1518
		return (0);
1519

1520
	if (lle->la_flags & LLE_IFADDR) {
1521
		/*
1522
		 * Delete LLE_IFADDR records IFF address & flag matches.
1523
		 * Note that addr is the interface address within prefix
1524
		 * being matched.
1525
		 * Note also we should handle 'ifdown' cases without removing
1526
		 * ifaddr macs.
1527
		 */
1528
		if (addr.s_addr == lle_addr.s_addr && (flags & LLE_STATIC) != 0)
1529
			return (1);
1530
		return (0);
1531
	}
1532

1533
	/* flags & LLE_STATIC means deleting both dynamic and static entries */
1534
	if ((flags & LLE_STATIC) || !(lle->la_flags & LLE_STATIC))
1535
		return (1);
1536

1537
	return (0);
1538
}
1539

1540
static void
1541
in_lltable_free_entry(struct lltable *llt, struct llentry *lle)
1542
{
1543
	size_t pkts_dropped;
1544

1545
	LLE_WLOCK_ASSERT(lle);
1546
	KASSERT(llt != NULL, ("lltable is NULL"));
1547

1548
	/* Unlink entry from table if not already */
1549
	if ((lle->la_flags & LLE_LINKED) != 0) {
1550
		IF_AFDATA_WLOCK_ASSERT(llt->llt_ifp);
1551
		lltable_unlink_entry(llt, lle);
1552
	}
1553

1554
	/* Drop hold queue */
1555
	pkts_dropped = llentry_free(lle);
1556
	ARPSTAT_ADD(dropped, pkts_dropped);
1557
}
1558

1559
static int
1560
in_lltable_rtcheck(struct ifnet *ifp, u_int flags, const struct sockaddr *l3addr)
1561
{
1562
	struct nhop_object *nh;
1563
	struct in_addr addr;
1564

1565
	KASSERT(l3addr->sa_family == AF_INET,
1566
	    ("sin_family %d", l3addr->sa_family));
1567

1568
	addr = ((const struct sockaddr_in *)l3addr)->sin_addr;
1569

1570
	nh = fib4_lookup(ifp->if_fib, addr, 0, NHR_NONE, 0);
1571
	if (nh == NULL)
1572
		return (EINVAL);
1573

1574
	/*
1575
	 * If the gateway for an existing host route matches the target L3
1576
	 * address, which is a special route inserted by some implementation
1577
	 * such as MANET, and the interface is of the correct type, then
1578
	 * allow for ARP to proceed.
1579
	 */
1580
	if (nh->nh_flags & NHF_GATEWAY) {
1581
		if (!(nh->nh_flags & NHF_HOST) || nh->nh_ifp->if_type != IFT_ETHER ||
1582
		    (nh->nh_ifp->if_flags & (IFF_NOARP | IFF_STATICARP)) != 0 ||
1583
		    memcmp(nh->gw_sa.sa_data, l3addr->sa_data,
1584
		    sizeof(in_addr_t)) != 0) {
1585
			return (EINVAL);
1586
		}
1587
	}
1588

1589
	/*
1590
	 * Make sure that at least the destination address is covered
1591
	 * by the route. This is for handling the case where 2 or more
1592
	 * interfaces have the same prefix. An incoming packet arrives
1593
	 * on one interface and the corresponding outgoing packet leaves
1594
	 * another interface.
1595
	 */
1596
	if ((nh->nh_ifp != ifp) && (nh->nh_flags & NHF_HOST) == 0) {
1597
		struct in_ifaddr *ia = (struct in_ifaddr *)ifaof_ifpforaddr(l3addr, ifp);
1598
		struct in_addr dst_addr, mask_addr;
1599

1600
		if (ia == NULL)
1601
			return (EINVAL);
1602

1603
		/*
1604
		 * ifaof_ifpforaddr() returns _best matching_ IFA.
1605
		 * It is possible that ifa prefix does not cover our address.
1606
		 * Explicitly verify and fail if that's the case.
1607
		 */
1608
		dst_addr = IA_SIN(ia)->sin_addr;
1609
		mask_addr.s_addr = htonl(ia->ia_subnetmask);
1610

1611
		if (!IN_ARE_MASKED_ADDR_EQUAL(dst_addr, addr, mask_addr))
1612
			return (EINVAL);
1613
	}
1614

1615
	return (0);
1616
}
1617

1618
static inline uint32_t
1619
in_lltable_hash_dst(const struct in_addr dst, uint32_t hsize)
1620
{
1621

1622
	return (IN_LLTBL_HASH(dst.s_addr, hsize));
1623
}
1624

1625
static uint32_t
1626
in_lltable_hash(const struct llentry *lle, uint32_t hsize)
1627
{
1628

1629
	return (in_lltable_hash_dst(lle->r_l3addr.addr4, hsize));
1630
}
1631

1632
static void
1633
in_lltable_fill_sa_entry(const struct llentry *lle, struct sockaddr *sa)
1634
{
1635
	struct sockaddr_in *sin;
1636

1637
	sin = (struct sockaddr_in *)sa;
1638
	bzero(sin, sizeof(*sin));
1639
	sin->sin_family = AF_INET;
1640
	sin->sin_len = sizeof(*sin);
1641
	sin->sin_addr = lle->r_l3addr.addr4;
1642
}
1643

1644
static inline struct llentry *
1645
in_lltable_find_dst(struct lltable *llt, struct in_addr dst)
1646
{
1647
	struct llentry *lle;
1648
	struct llentries *lleh;
1649
	u_int hashidx;
1650

1651
	hashidx = in_lltable_hash_dst(dst, llt->llt_hsize);
1652
	lleh = &llt->lle_head[hashidx];
1653
	CK_LIST_FOREACH(lle, lleh, lle_next) {
1654
		if (lle->la_flags & LLE_DELETED)
1655
			continue;
1656
		if (lle->r_l3addr.addr4.s_addr == dst.s_addr)
1657
			break;
1658
	}
1659

1660
	return (lle);
1661
}
1662

1663
static void
1664
in_lltable_delete_entry(struct lltable *llt, struct llentry *lle)
1665
{
1666

1667
	lle->la_flags |= LLE_DELETED;
1668
	EVENTHANDLER_INVOKE(lle_event, lle, LLENTRY_DELETED);
1669
#ifdef DIAGNOSTIC
1670
	log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle);
1671
#endif
1672
	llentry_free(lle);
1673
}
1674

1675
static struct llentry *
1676
in_lltable_alloc(struct lltable *llt, u_int flags, const struct sockaddr *l3addr)
1677
{
1678
	const struct sockaddr_in *sin = (const struct sockaddr_in *)l3addr;
1679
	struct ifnet *ifp = llt->llt_ifp;
1680
	struct llentry *lle;
1681
	char linkhdr[LLE_MAX_LINKHDR];
1682
	size_t linkhdrsize;
1683
	int lladdr_off;
1684

1685
	KASSERT(l3addr->sa_family == AF_INET,
1686
	    ("sin_family %d", l3addr->sa_family));
1687

1688
	/*
1689
	 * A route that covers the given address must have
1690
	 * been installed 1st because we are doing a resolution,
1691
	 * verify this.
1692
	 */
1693
	if (!(flags & LLE_IFADDR) &&
1694
	    in_lltable_rtcheck(ifp, flags, l3addr) != 0)
1695
		return (NULL);
1696

1697
	lle = in_lltable_new(sin->sin_addr, flags);
1698
	if (lle == NULL) {
1699
		log(LOG_INFO, "lla_lookup: new lle malloc failed\n");
1700
		return (NULL);
1701
	}
1702
	lle->la_flags = flags;
1703
	if (flags & LLE_STATIC)
1704
		lle->r_flags |= RLLE_VALID;
1705
	if ((flags & LLE_IFADDR) == LLE_IFADDR) {
1706
		linkhdrsize = LLE_MAX_LINKHDR;
1707
		if (lltable_calc_llheader(ifp, AF_INET, IF_LLADDR(ifp),
1708
		    linkhdr, &linkhdrsize, &lladdr_off) != 0) {
1709
			in_lltable_free_entry(llt, lle);
1710
			return (NULL);
1711
		}
1712
		lltable_set_entry_addr(ifp, lle, linkhdr, linkhdrsize,
1713
		    lladdr_off);
1714
		lle->la_flags |= LLE_STATIC;
1715
		lle->r_flags |= (RLLE_VALID | RLLE_IFADDR);
1716
		lle->la_expire = 0;
1717
	}
1718

1719
	return (lle);
1720
}
1721

1722
/*
1723
 * Return NULL if not found or marked for deletion.
1724
 * If found return lle read locked.
1725
 */
1726
static struct llentry *
1727
in_lltable_lookup(struct lltable *llt, u_int flags, const struct sockaddr *l3addr)
1728
{
1729
	const struct sockaddr_in *sin = (const struct sockaddr_in *)l3addr;
1730
	struct llentry *lle;
1731

1732
	IF_AFDATA_LOCK_ASSERT(llt->llt_ifp);
1733
	KASSERT(l3addr->sa_family == AF_INET,
1734
	    ("sin_family %d", l3addr->sa_family));
1735
	KASSERT((flags & (LLE_UNLOCKED | LLE_EXCLUSIVE)) !=
1736
	    (LLE_UNLOCKED | LLE_EXCLUSIVE),
1737
	    ("wrong lle request flags: %#x", flags));
1738

1739
	lle = in_lltable_find_dst(llt, sin->sin_addr);
1740
	if (lle == NULL)
1741
		return (NULL);
1742
	if (flags & LLE_UNLOCKED)
1743
		return (lle);
1744

1745
	if (flags & LLE_EXCLUSIVE)
1746
		LLE_WLOCK(lle);
1747
	else
1748
		LLE_RLOCK(lle);
1749

1750
	/*
1751
	 * If the afdata lock is not held, the LLE may have been unlinked while
1752
	 * we were blocked on the LLE lock.  Check for this case.
1753
	 */
1754
	if (__predict_false((lle->la_flags & LLE_LINKED) == 0)) {
1755
		if (flags & LLE_EXCLUSIVE)
1756
			LLE_WUNLOCK(lle);
1757
		else
1758
			LLE_RUNLOCK(lle);
1759
		return (NULL);
1760
	}
1761
	return (lle);
1762
}
1763

1764
static int
1765
in_lltable_dump_entry(struct lltable *llt, struct llentry *lle,
1766
    struct sysctl_req *wr)
1767
{
1768
	struct ifnet *ifp = llt->llt_ifp;
1769
	/* XXX stack use */
1770
	struct {
1771
		struct rt_msghdr	rtm;
1772
		struct sockaddr_in	sin;
1773
		struct sockaddr_dl	sdl;
1774
	} arpc;
1775
	struct sockaddr_dl *sdl;
1776
	int error;
1777

1778
	bzero(&arpc, sizeof(arpc));
1779
	/* skip deleted entries */
1780
	if ((lle->la_flags & LLE_DELETED) == LLE_DELETED)
1781
		return (0);
1782
	/* Skip if jailed and not a valid IP of the prison. */
1783
	lltable_fill_sa_entry(lle,(struct sockaddr *)&arpc.sin);
1784
	if (prison_if(wr->td->td_ucred, (struct sockaddr *)&arpc.sin) != 0)
1785
		return (0);
1786
	/*
1787
	 * produce a msg made of:
1788
	 *  struct rt_msghdr;
1789
	 *  struct sockaddr_in; (IPv4)
1790
	 *  struct sockaddr_dl;
1791
	 */
1792
	arpc.rtm.rtm_msglen = sizeof(arpc);
1793
	arpc.rtm.rtm_version = RTM_VERSION;
1794
	arpc.rtm.rtm_type = RTM_GET;
1795
	arpc.rtm.rtm_flags = RTF_UP;
1796
	arpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY;
1797

1798
	/* publish */
1799
	if (lle->la_flags & LLE_PUB)
1800
		arpc.rtm.rtm_flags |= RTF_ANNOUNCE;
1801

1802
	sdl = &arpc.sdl;
1803
	sdl->sdl_family = AF_LINK;
1804
	sdl->sdl_len = sizeof(*sdl);
1805
	sdl->sdl_index = ifp->if_index;
1806
	sdl->sdl_type = ifp->if_type;
1807
	if ((lle->la_flags & LLE_VALID) == LLE_VALID) {
1808
		sdl->sdl_alen = ifp->if_addrlen;
1809
		bcopy(lle->ll_addr, LLADDR(sdl), ifp->if_addrlen);
1810
	} else {
1811
		sdl->sdl_alen = 0;
1812
		bzero(LLADDR(sdl), ifp->if_addrlen);
1813
	}
1814

1815
	arpc.rtm.rtm_rmx.rmx_expire =
1816
	    lle->la_flags & LLE_STATIC ? 0 : lle->la_expire;
1817
	arpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA);
1818
	if (lle->la_flags & LLE_STATIC)
1819
		arpc.rtm.rtm_flags |= RTF_STATIC;
1820
	if (lle->la_flags & LLE_IFADDR)
1821
		arpc.rtm.rtm_flags |= RTF_PINNED;
1822
	arpc.rtm.rtm_index = ifp->if_index;
1823
	error = SYSCTL_OUT(wr, &arpc, sizeof(arpc));
1824

1825
	return (error);
1826
}
1827

1828
static void
1829
in_lltable_post_resolved(struct lltable *llt, struct llentry *lle)
1830
{
1831
	struct ifnet *ifp = llt->llt_ifp;
1832

1833
	/* gratuitous ARP */
1834
	if ((lle->la_flags & LLE_PUB) != 0)
1835
		arprequest(ifp, &lle->r_l3addr.addr4, &lle->r_l3addr.addr4,
1836
		    lle->ll_addr);
1837
}
1838

1839
static struct lltable *
1840
in_lltattach(struct ifnet *ifp)
1841
{
1842
	struct lltable *llt;
1843

1844
	llt = lltable_allocate_htbl(IN_LLTBL_DEFAULT_HSIZE);
1845
 	llt->llt_af = AF_INET;
1846
 	llt->llt_ifp = ifp;
1847

1848
	llt->llt_lookup = in_lltable_lookup;
1849
	llt->llt_alloc_entry = in_lltable_alloc;
1850
	llt->llt_delete_entry = in_lltable_delete_entry;
1851
	llt->llt_dump_entry = in_lltable_dump_entry;
1852
	llt->llt_hash = in_lltable_hash;
1853
	llt->llt_fill_sa_entry = in_lltable_fill_sa_entry;
1854
	llt->llt_free_entry = in_lltable_free_entry;
1855
	llt->llt_match_prefix = in_lltable_match_prefix;
1856
	llt->llt_mark_used = llentry_mark_used;
1857
	llt->llt_post_resolved = in_lltable_post_resolved;
1858
 	lltable_link(llt);
1859

1860
	return (llt);
1861
}
1862

1863
struct lltable *
1864
in_lltable_get(struct ifnet *ifp)
1865
{
1866
	struct lltable *llt = NULL;
1867

1868
	void *afdata_ptr = ifp->if_afdata[AF_INET];
1869
	if (afdata_ptr != NULL)
1870
		llt = ((struct in_ifinfo *)afdata_ptr)->ii_llt;
1871
	return (llt);
1872
}
1873

1874
void *
1875
in_domifattach(struct ifnet *ifp)
1876
{
1877
	struct in_ifinfo *ii;
1878

1879
	ii = malloc(sizeof(struct in_ifinfo), M_IFADDR, M_WAITOK|M_ZERO);
1880

1881
	ii->ii_llt = in_lltattach(ifp);
1882
	ii->ii_igmp = igmp_domifattach(ifp);
1883

1884
	return (ii);
1885
}
1886

1887
void
1888
in_domifdetach(struct ifnet *ifp, void *aux)
1889
{
1890
	struct in_ifinfo *ii = (struct in_ifinfo *)aux;
1891

1892
	MPASS(ifp->if_afdata[AF_INET] == NULL);
1893

1894
	igmp_domifdetach(ifp);
1895
	lltable_free(ii->ii_llt);
1896
	free(ii, M_IFADDR);
1897
}
1898

1899