xref: /freebsd/sys/net/if.c (revision 62ff619dcc3540659a319be71c9a489f1659e14a)
1 /*-
2  * SPDX-License-Identifier: BSD-3-Clause
3  *
4  * Copyright (c) 2010 Bjoern A. Zeeb <bz@FreeBSD.org>
5  * Copyright (c) 1980, 1986, 1993
6  *	The Regents of the University of California.  All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  * 3. Neither the name of the University nor the names of its contributors
17  *    may be used to endorse or promote products derived from this software
18  *    without specific prior written permission.
19  *
20  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30  * SUCH DAMAGE.
31  *
32  *	@(#)if.c	8.5 (Berkeley) 1/9/95
33  * $FreeBSD$
34  */
35 
36 #include "opt_bpf.h"
37 #include "opt_inet6.h"
38 #include "opt_inet.h"
39 #include "opt_ddb.h"
40 
41 #include <sys/param.h>
42 #include <sys/capsicum.h>
43 #include <sys/conf.h>
44 #include <sys/eventhandler.h>
45 #include <sys/malloc.h>
46 #include <sys/domainset.h>
47 #include <sys/sbuf.h>
48 #include <sys/bus.h>
49 #include <sys/epoch.h>
50 #include <sys/mbuf.h>
51 #include <sys/systm.h>
52 #include <sys/priv.h>
53 #include <sys/proc.h>
54 #include <sys/socket.h>
55 #include <sys/socketvar.h>
56 #include <sys/protosw.h>
57 #include <sys/kernel.h>
58 #include <sys/lock.h>
59 #include <sys/refcount.h>
60 #include <sys/module.h>
61 #include <sys/nv.h>
62 #include <sys/rwlock.h>
63 #include <sys/sockio.h>
64 #include <sys/syslog.h>
65 #include <sys/sysctl.h>
66 #include <sys/sysent.h>
67 #include <sys/taskqueue.h>
68 #include <sys/domain.h>
69 #include <sys/jail.h>
70 #include <sys/priv.h>
71 
72 #ifdef DDB
73 #include <ddb/ddb.h>
74 #endif
75 
76 #include <machine/stdarg.h>
77 #include <vm/uma.h>
78 
79 #include <net/bpf.h>
80 #include <net/ethernet.h>
81 #include <net/if.h>
82 #include <net/if_arp.h>
83 #include <net/if_clone.h>
84 #include <net/if_dl.h>
85 #include <net/if_types.h>
86 #include <net/if_var.h>
87 #include <net/if_media.h>
88 #include <net/if_mib.h>
89 #include <net/if_vlan_var.h>
90 #include <net/radix.h>
91 #include <net/route.h>
92 #include <net/route/route_ctl.h>
93 #include <net/vnet.h>
94 
95 #if defined(INET) || defined(INET6)
96 #include <net/ethernet.h>
97 #include <netinet/in.h>
98 #include <netinet/in_var.h>
99 #include <netinet/ip.h>
100 #include <netinet/ip_carp.h>
101 #ifdef INET
102 #include <net/debugnet.h>
103 #include <netinet/if_ether.h>
104 #endif /* INET */
105 #ifdef INET6
106 #include <netinet6/in6_var.h>
107 #include <netinet6/in6_ifattach.h>
108 #endif /* INET6 */
109 #endif /* INET || INET6 */
110 
111 #include <security/mac/mac_framework.h>
112 
113 /*
114  * Consumers of struct ifreq such as tcpdump assume no pad between ifr_name
115  * and ifr_ifru when it is used in SIOCGIFCONF.
116  */
117 _Static_assert(sizeof(((struct ifreq *)0)->ifr_name) ==
118     offsetof(struct ifreq, ifr_ifru), "gap between ifr_name and ifr_ifru");
119 
120 __read_mostly epoch_t net_epoch_preempt;
121 #ifdef COMPAT_FREEBSD32
122 #include <sys/mount.h>
123 #include <compat/freebsd32/freebsd32.h>
124 
125 struct ifreq_buffer32 {
126 	uint32_t	length;		/* (size_t) */
127 	uint32_t	buffer;		/* (void *) */
128 };
129 
130 /*
131  * Interface request structure used for socket
132  * ioctl's.  All interface ioctl's must have parameter
133  * definitions which begin with ifr_name.  The
134  * remainder may be interface specific.
135  */
136 struct ifreq32 {
137 	char	ifr_name[IFNAMSIZ];		/* if name, e.g. "en0" */
138 	union {
139 		struct sockaddr	ifru_addr;
140 		struct sockaddr	ifru_dstaddr;
141 		struct sockaddr	ifru_broadaddr;
142 		struct ifreq_buffer32 ifru_buffer;
143 		short		ifru_flags[2];
144 		short		ifru_index;
145 		int		ifru_jid;
146 		int		ifru_metric;
147 		int		ifru_mtu;
148 		int		ifru_phys;
149 		int		ifru_media;
150 		uint32_t	ifru_data;
151 		int		ifru_cap[2];
152 		u_int		ifru_fib;
153 		u_char		ifru_vlan_pcp;
154 	} ifr_ifru;
155 };
156 CTASSERT(sizeof(struct ifreq) == sizeof(struct ifreq32));
157 CTASSERT(__offsetof(struct ifreq, ifr_ifru) ==
158     __offsetof(struct ifreq32, ifr_ifru));
159 
160 struct ifconf32 {
161 	int32_t	ifc_len;
162 	union {
163 		uint32_t	ifcu_buf;
164 		uint32_t	ifcu_req;
165 	} ifc_ifcu;
166 };
167 #define	SIOCGIFCONF32	_IOWR('i', 36, struct ifconf32)
168 
169 struct ifdrv32 {
170 	char		ifd_name[IFNAMSIZ];
171 	uint32_t	ifd_cmd;
172 	uint32_t	ifd_len;
173 	uint32_t	ifd_data;
174 };
175 #define SIOCSDRVSPEC32	_IOC_NEWTYPE(SIOCSDRVSPEC, struct ifdrv32)
176 #define SIOCGDRVSPEC32	_IOC_NEWTYPE(SIOCGDRVSPEC, struct ifdrv32)
177 
178 struct ifgroupreq32 {
179 	char	ifgr_name[IFNAMSIZ];
180 	u_int	ifgr_len;
181 	union {
182 		char		ifgru_group[IFNAMSIZ];
183 		uint32_t	ifgru_groups;
184 	} ifgr_ifgru;
185 };
186 #define	SIOCAIFGROUP32	_IOC_NEWTYPE(SIOCAIFGROUP, struct ifgroupreq32)
187 #define	SIOCGIFGROUP32	_IOC_NEWTYPE(SIOCGIFGROUP, struct ifgroupreq32)
188 #define	SIOCDIFGROUP32	_IOC_NEWTYPE(SIOCDIFGROUP, struct ifgroupreq32)
189 #define	SIOCGIFGMEMB32	_IOC_NEWTYPE(SIOCGIFGMEMB, struct ifgroupreq32)
190 
191 struct ifmediareq32 {
192 	char		ifm_name[IFNAMSIZ];
193 	int		ifm_current;
194 	int		ifm_mask;
195 	int		ifm_status;
196 	int		ifm_active;
197 	int		ifm_count;
198 	uint32_t	ifm_ulist;	/* (int *) */
199 };
200 #define	SIOCGIFMEDIA32	_IOC_NEWTYPE(SIOCGIFMEDIA, struct ifmediareq32)
201 #define	SIOCGIFXMEDIA32	_IOC_NEWTYPE(SIOCGIFXMEDIA, struct ifmediareq32)
202 #endif /* COMPAT_FREEBSD32 */
203 
204 union ifreq_union {
205 	struct ifreq	ifr;
206 #ifdef COMPAT_FREEBSD32
207 	struct ifreq32	ifr32;
208 #endif
209 };
210 
211 SYSCTL_NODE(_net, PF_LINK, link, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
212     "Link layers");
213 SYSCTL_NODE(_net_link, 0, generic, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
214     "Generic link-management");
215 
216 SYSCTL_INT(_net_link, OID_AUTO, ifqmaxlen, CTLFLAG_RDTUN,
217     &ifqmaxlen, 0, "max send queue size");
218 
219 /* Log link state change events */
220 static int log_link_state_change = 1;
221 
222 SYSCTL_INT(_net_link, OID_AUTO, log_link_state_change, CTLFLAG_RW,
223 	&log_link_state_change, 0,
224 	"log interface link state change events");
225 
226 /* Log promiscuous mode change events */
227 static int log_promisc_mode_change = 1;
228 
229 SYSCTL_INT(_net_link, OID_AUTO, log_promisc_mode_change, CTLFLAG_RDTUN,
230 	&log_promisc_mode_change, 1,
231 	"log promiscuous mode change events");
232 
233 /* Interface description */
234 static unsigned int ifdescr_maxlen = 1024;
235 SYSCTL_UINT(_net, OID_AUTO, ifdescr_maxlen, CTLFLAG_RW,
236 	&ifdescr_maxlen, 0,
237 	"administrative maximum length for interface description");
238 
239 static MALLOC_DEFINE(M_IFDESCR, "ifdescr", "ifnet descriptions");
240 
241 /* global sx for non-critical path ifdescr */
242 static struct sx ifdescr_sx;
243 SX_SYSINIT(ifdescr_sx, &ifdescr_sx, "ifnet descr");
244 
245 void	(*ng_ether_link_state_p)(struct ifnet *ifp, int state);
246 void	(*lagg_linkstate_p)(struct ifnet *ifp, int state);
247 /* These are external hooks for CARP. */
248 void	(*carp_linkstate_p)(struct ifnet *ifp);
249 void	(*carp_demote_adj_p)(int, char *);
250 int	(*carp_master_p)(struct ifaddr *);
251 #if defined(INET) || defined(INET6)
252 int	(*carp_forus_p)(struct ifnet *ifp, u_char *dhost);
253 int	(*carp_output_p)(struct ifnet *ifp, struct mbuf *m,
254     const struct sockaddr *sa);
255 int	(*carp_ioctl_p)(struct ifreq *, u_long, struct thread *);
256 int	(*carp_attach_p)(struct ifaddr *, int);
257 void	(*carp_detach_p)(struct ifaddr *, bool);
258 #endif
259 #ifdef INET
260 int	(*carp_iamatch_p)(struct ifaddr *, uint8_t **);
261 #endif
262 #ifdef INET6
263 struct ifaddr *(*carp_iamatch6_p)(struct ifnet *ifp, struct in6_addr *taddr6);
264 caddr_t	(*carp_macmatch6_p)(struct ifnet *ifp, struct mbuf *m,
265     const struct in6_addr *taddr);
266 #endif
267 
268 struct mbuf *(*tbr_dequeue_ptr)(struct ifaltq *, int) = NULL;
269 
270 /*
271  * XXX: Style; these should be sorted alphabetically, and unprototyped
272  * static functions should be prototyped. Currently they are sorted by
273  * declaration order.
274  */
275 static void	if_attachdomain(void *);
276 static void	if_attachdomain1(struct ifnet *);
277 static int	ifconf(u_long, caddr_t);
278 static void	if_input_default(struct ifnet *, struct mbuf *);
279 static int	if_requestencap_default(struct ifnet *, struct if_encap_req *);
280 static void	if_route(struct ifnet *, int flag, int fam);
281 static int	if_setflag(struct ifnet *, int, int, int *, int);
282 static int	if_transmit(struct ifnet *ifp, struct mbuf *m);
283 static void	if_unroute(struct ifnet *, int flag, int fam);
284 static int	if_delmulti_locked(struct ifnet *, struct ifmultiaddr *, int);
285 static void	do_link_state_change(void *, int);
286 static int	if_getgroup(struct ifgroupreq *, struct ifnet *);
287 static int	if_getgroupmembers(struct ifgroupreq *);
288 static void	if_delgroups(struct ifnet *);
289 static void	if_attach_internal(struct ifnet *, bool);
290 static int	if_detach_internal(struct ifnet *, bool);
291 static void	if_siocaddmulti(void *, int);
292 static void	if_link_ifnet(struct ifnet *);
293 static bool	if_unlink_ifnet(struct ifnet *, bool);
294 #ifdef VIMAGE
295 static int	if_vmove(struct ifnet *, struct vnet *);
296 #endif
297 
298 #ifdef INET6
299 /*
300  * XXX: declare here to avoid to include many inet6 related files..
301  * should be more generalized?
302  */
303 extern void	nd6_setmtu(struct ifnet *);
304 #endif
305 
306 /* ipsec helper hooks */
307 VNET_DEFINE(struct hhook_head *, ipsec_hhh_in[HHOOK_IPSEC_COUNT]);
308 VNET_DEFINE(struct hhook_head *, ipsec_hhh_out[HHOOK_IPSEC_COUNT]);
309 
310 int	ifqmaxlen = IFQ_MAXLEN;
311 VNET_DEFINE(struct ifnethead, ifnet);	/* depend on static init XXX */
312 VNET_DEFINE(struct ifgrouphead, ifg_head);
313 
314 /* Table of ifnet by index. */
315 static int if_index;
316 static int if_indexlim = 8;
317 static struct ifindex_entry {
318 	struct ifnet	*ife_ifnet;
319 	uint16_t	ife_gencnt;
320 } *ifindex_table;
321 
322 SYSCTL_NODE(_net_link_generic, IFMIB_SYSTEM, system,
323     CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
324     "Variables global to all interfaces");
325 static int
326 sysctl_ifcount(SYSCTL_HANDLER_ARGS)
327 {
328 	int rv = 0;
329 
330 	IFNET_RLOCK();
331 	for (int i = 1; i <= if_index; i++)
332 		if (ifindex_table[i].ife_ifnet != NULL &&
333 		    ifindex_table[i].ife_ifnet->if_vnet == curvnet)
334 			rv = i;
335 	IFNET_RUNLOCK();
336 
337 	return (sysctl_handle_int(oidp, &rv, 0, req));
338 }
339 SYSCTL_PROC(_net_link_generic_system, IFMIB_IFCOUNT, ifcount,
340     CTLTYPE_INT | CTLFLAG_VNET | CTLFLAG_RD, NULL, 0, sysctl_ifcount, "I",
341     "Maximum known interface index");
342 
343 /*
344  * The global network interface list (V_ifnet) and related state (such as
345  * if_index, if_indexlim, and ifindex_table) are protected by an sxlock.
346  * This may be acquired to stabilise the list, or we may rely on NET_EPOCH.
347  */
348 struct sx ifnet_sxlock;
349 SX_SYSINIT_FLAGS(ifnet_sx, &ifnet_sxlock, "ifnet_sx", SX_RECURSE);
350 
351 struct sx ifnet_detach_sxlock;
352 SX_SYSINIT_FLAGS(ifnet_detach, &ifnet_detach_sxlock, "ifnet_detach_sx",
353     SX_RECURSE);
354 
355 #ifdef VIMAGE
356 #define	VNET_IS_SHUTTING_DOWN(_vnet)					\
357     ((_vnet)->vnet_shutdown && (_vnet)->vnet_state < SI_SUB_VNET_DONE)
358 #endif
359 
360 static	if_com_alloc_t *if_com_alloc[256];
361 static	if_com_free_t *if_com_free[256];
362 
363 static MALLOC_DEFINE(M_IFNET, "ifnet", "interface internals");
364 MALLOC_DEFINE(M_IFADDR, "ifaddr", "interface address");
365 MALLOC_DEFINE(M_IFMADDR, "ether_multi", "link-level multicast address");
366 
367 struct ifnet *
368 ifnet_byindex(u_int idx)
369 {
370 	struct ifnet *ifp;
371 
372 	NET_EPOCH_ASSERT();
373 
374 	if (__predict_false(idx > if_index))
375 		return (NULL);
376 
377 	ifp = ck_pr_load_ptr(&ifindex_table[idx].ife_ifnet);
378 
379 	if (curvnet != NULL && ifp != NULL && ifp->if_vnet != curvnet)
380 		ifp = NULL;
381 
382 	return (ifp);
383 }
384 
385 struct ifnet *
386 ifnet_byindex_ref(u_int idx)
387 {
388 	struct ifnet *ifp;
389 
390 	ifp = ifnet_byindex(idx);
391 	if (ifp == NULL || (ifp->if_flags & IFF_DYING))
392 		return (NULL);
393 	if (!if_try_ref(ifp))
394 		return (NULL);
395 	return (ifp);
396 }
397 
398 struct ifnet *
399 ifnet_byindexgen(uint16_t idx, uint16_t gen)
400 {
401 	struct ifnet *ifp;
402 
403 	NET_EPOCH_ASSERT();
404 
405 	if (__predict_false(idx > if_index))
406 		return (NULL);
407 
408 	ifp = ck_pr_load_ptr(&ifindex_table[idx].ife_ifnet);
409 
410 	if (ifindex_table[idx].ife_gencnt == gen)
411 		return (ifp);
412 	else
413 		return (NULL);
414 }
415 
416 /*
417  * Network interface utility routines.
418  *
419  * Routines with ifa_ifwith* names take sockaddr *'s as
420  * parameters.
421  */
422 
423 static void
424 if_init(void *arg __unused)
425 {
426 
427 	ifindex_table = malloc(if_indexlim * sizeof(*ifindex_table),
428 	    M_IFNET, M_WAITOK | M_ZERO);
429 }
430 SYSINIT(if_init, SI_SUB_INIT_IF, SI_ORDER_SECOND, if_init, NULL);
431 
432 static void
433 vnet_if_init(const void *unused __unused)
434 {
435 
436 	CK_STAILQ_INIT(&V_ifnet);
437 	CK_STAILQ_INIT(&V_ifg_head);
438 	vnet_if_clone_init();
439 }
440 VNET_SYSINIT(vnet_if_init, SI_SUB_INIT_IF, SI_ORDER_SECOND, vnet_if_init,
441     NULL);
442 
443 static void
444 if_link_ifnet(struct ifnet *ifp)
445 {
446 
447 	IFNET_WLOCK();
448 	CK_STAILQ_INSERT_TAIL(&V_ifnet, ifp, if_link);
449 #ifdef VIMAGE
450 	curvnet->vnet_ifcnt++;
451 #endif
452 	IFNET_WUNLOCK();
453 }
454 
455 static bool
456 if_unlink_ifnet(struct ifnet *ifp, bool vmove)
457 {
458 	struct ifnet *iter;
459 	int found = 0;
460 
461 	IFNET_WLOCK();
462 	CK_STAILQ_FOREACH(iter, &V_ifnet, if_link)
463 		if (iter == ifp) {
464 			CK_STAILQ_REMOVE(&V_ifnet, ifp, ifnet, if_link);
465 			if (!vmove)
466 				ifp->if_flags |= IFF_DYING;
467 			found = 1;
468 			break;
469 		}
470 #ifdef VIMAGE
471 	curvnet->vnet_ifcnt--;
472 #endif
473 	IFNET_WUNLOCK();
474 
475 	return (found);
476 }
477 
478 #ifdef VIMAGE
479 static void
480 vnet_if_return(const void *unused __unused)
481 {
482 	struct ifnet *ifp, *nifp;
483 	struct ifnet **pending;
484 	int found __diagused;
485 	int i;
486 
487 	i = 0;
488 
489 	/*
490 	 * We need to protect our access to the V_ifnet tailq. Ordinarily we'd
491 	 * enter NET_EPOCH, but that's not possible, because if_vmove() calls
492 	 * if_detach_internal(), which waits for NET_EPOCH callbacks to
493 	 * complete. We can't do that from within NET_EPOCH.
494 	 *
495 	 * However, we can also use the IFNET_xLOCK, which is the V_ifnet
496 	 * read/write lock. We cannot hold the lock as we call if_vmove()
497 	 * though, as that presents LOR w.r.t ifnet_sx, in_multi_sx and iflib
498 	 * ctx lock.
499 	 */
500 	IFNET_WLOCK();
501 
502 	pending = malloc(sizeof(struct ifnet *) * curvnet->vnet_ifcnt,
503 	    M_IFNET, M_WAITOK | M_ZERO);
504 
505 	/* Return all inherited interfaces to their parent vnets. */
506 	CK_STAILQ_FOREACH_SAFE(ifp, &V_ifnet, if_link, nifp) {
507 		if (ifp->if_home_vnet != ifp->if_vnet) {
508 			found = if_unlink_ifnet(ifp, true);
509 			MPASS(found);
510 
511 			pending[i++] = ifp;
512 		}
513 	}
514 	IFNET_WUNLOCK();
515 
516 	for (int j = 0; j < i; j++) {
517 		sx_xlock(&ifnet_detach_sxlock);
518 		if_vmove(pending[j], pending[j]->if_home_vnet);
519 		sx_xunlock(&ifnet_detach_sxlock);
520 	}
521 
522 	free(pending, M_IFNET);
523 }
524 VNET_SYSUNINIT(vnet_if_return, SI_SUB_VNET_DONE, SI_ORDER_ANY,
525     vnet_if_return, NULL);
526 #endif
527 
528 /*
529  * Allocate a struct ifnet and an index for an interface.  A layer 2
530  * common structure will also be allocated if an allocation routine is
531  * registered for the passed type.
532  */
533 static struct ifnet *
534 if_alloc_domain(u_char type, int numa_domain)
535 {
536 	struct ifnet *ifp;
537 	u_short idx;
538 
539 	KASSERT(numa_domain <= IF_NODOM, ("numa_domain too large"));
540 	if (numa_domain == IF_NODOM)
541 		ifp = malloc(sizeof(struct ifnet), M_IFNET,
542 		    M_WAITOK | M_ZERO);
543 	else
544 		ifp = malloc_domainset(sizeof(struct ifnet), M_IFNET,
545 		    DOMAINSET_PREF(numa_domain), M_WAITOK | M_ZERO);
546 	ifp->if_type = type;
547 	ifp->if_alloctype = type;
548 	ifp->if_numa_domain = numa_domain;
549 #ifdef VIMAGE
550 	ifp->if_vnet = curvnet;
551 #endif
552 	if (if_com_alloc[type] != NULL) {
553 		ifp->if_l2com = if_com_alloc[type](type, ifp);
554 		KASSERT(ifp->if_l2com, ("%s: if_com_alloc[%u] failed", __func__,
555 		    type));
556 	}
557 
558 	IF_ADDR_LOCK_INIT(ifp);
559 	TASK_INIT(&ifp->if_linktask, 0, do_link_state_change, ifp);
560 	TASK_INIT(&ifp->if_addmultitask, 0, if_siocaddmulti, ifp);
561 	ifp->if_afdata_initialized = 0;
562 	IF_AFDATA_LOCK_INIT(ifp);
563 	CK_STAILQ_INIT(&ifp->if_addrhead);
564 	CK_STAILQ_INIT(&ifp->if_multiaddrs);
565 	CK_STAILQ_INIT(&ifp->if_groups);
566 #ifdef MAC
567 	mac_ifnet_init(ifp);
568 #endif
569 	ifq_init(&ifp->if_snd, ifp);
570 
571 	refcount_init(&ifp->if_refcount, 1);	/* Index reference. */
572 	for (int i = 0; i < IFCOUNTERS; i++)
573 		ifp->if_counters[i] = counter_u64_alloc(M_WAITOK);
574 	ifp->if_get_counter = if_get_counter_default;
575 	ifp->if_pcp = IFNET_PCP_NONE;
576 
577 	/* Allocate an ifindex array entry. */
578 	IFNET_WLOCK();
579 	/*
580 	 * Try to find an empty slot below if_index.  If we fail, take the
581 	 * next slot.
582 	 */
583 	for (idx = 1; idx <= if_index; idx++) {
584 		if (ifindex_table[idx].ife_ifnet == NULL)
585 			break;
586 	}
587 
588 	/* Catch if_index overflow. */
589 	if (idx >= if_indexlim) {
590 		struct ifindex_entry *new, *old;
591 		int newlim;
592 
593 		newlim = if_indexlim * 2;
594 		new = malloc(newlim * sizeof(*new), M_IFNET, M_WAITOK | M_ZERO);
595 		memcpy(new, ifindex_table, if_indexlim * sizeof(*new));
596 		old = ifindex_table;
597 		ck_pr_store_ptr(&ifindex_table, new);
598 		if_indexlim = newlim;
599 		epoch_wait_preempt(net_epoch_preempt);
600 		free(old, M_IFNET);
601 	}
602 	if (idx > if_index)
603 		if_index = idx;
604 
605 	ifp->if_index = idx;
606 	ifp->if_idxgen = ifindex_table[idx].ife_gencnt;
607 	ck_pr_store_ptr(&ifindex_table[idx].ife_ifnet, ifp);
608 	IFNET_WUNLOCK();
609 
610 	return (ifp);
611 }
612 
613 struct ifnet *
614 if_alloc_dev(u_char type, device_t dev)
615 {
616 	int numa_domain;
617 
618 	if (dev == NULL || bus_get_domain(dev, &numa_domain) != 0)
619 		return (if_alloc_domain(type, IF_NODOM));
620 	return (if_alloc_domain(type, numa_domain));
621 }
622 
623 struct ifnet *
624 if_alloc(u_char type)
625 {
626 
627 	return (if_alloc_domain(type, IF_NODOM));
628 }
629 /*
630  * Do the actual work of freeing a struct ifnet, and layer 2 common
631  * structure.  This call is made when the network epoch guarantees
632  * us that nobody holds a pointer to the interface.
633  */
634 static void
635 if_free_deferred(epoch_context_t ctx)
636 {
637 	struct ifnet *ifp = __containerof(ctx, struct ifnet, if_epoch_ctx);
638 
639 	KASSERT((ifp->if_flags & IFF_DYING),
640 	    ("%s: interface not dying", __func__));
641 
642 	if (if_com_free[ifp->if_alloctype] != NULL)
643 		if_com_free[ifp->if_alloctype](ifp->if_l2com,
644 		    ifp->if_alloctype);
645 
646 #ifdef MAC
647 	mac_ifnet_destroy(ifp);
648 #endif /* MAC */
649 	IF_AFDATA_DESTROY(ifp);
650 	IF_ADDR_LOCK_DESTROY(ifp);
651 	ifq_delete(&ifp->if_snd);
652 
653 	for (int i = 0; i < IFCOUNTERS; i++)
654 		counter_u64_free(ifp->if_counters[i]);
655 
656 	free(ifp->if_description, M_IFDESCR);
657 	free(ifp->if_hw_addr, M_IFADDR);
658 	free(ifp, M_IFNET);
659 }
660 
661 /*
662  * Deregister an interface and free the associated storage.
663  */
664 void
665 if_free(struct ifnet *ifp)
666 {
667 
668 	ifp->if_flags |= IFF_DYING;			/* XXX: Locking */
669 
670 	/*
671 	 * XXXGL: An interface index is really an alias to ifp pointer.
672 	 * Why would we clear the alias now, and not in the deferred
673 	 * context?  Indeed there is nothing wrong with some network
674 	 * thread obtaining ifp via ifnet_byindex() inside the network
675 	 * epoch and then dereferencing ifp while we perform if_free(),
676 	 * and after if_free() finished, too.
677 	 *
678 	 * This early index freeing was important back when ifindex was
679 	 * virtualized and interface would outlive the vnet.
680 	 */
681 	IFNET_WLOCK();
682 	MPASS(ifindex_table[ifp->if_index].ife_ifnet == ifp);
683 	ck_pr_store_ptr(&ifindex_table[ifp->if_index].ife_ifnet, NULL);
684 	ifindex_table[ifp->if_index].ife_gencnt++;
685 	while (if_index > 0 && ifindex_table[if_index].ife_ifnet == NULL)
686 		if_index--;
687 	IFNET_WUNLOCK();
688 
689 	if (refcount_release(&ifp->if_refcount))
690 		NET_EPOCH_CALL(if_free_deferred, &ifp->if_epoch_ctx);
691 }
692 
693 /*
694  * Interfaces to keep an ifnet type-stable despite the possibility of the
695  * driver calling if_free().  If there are additional references, we defer
696  * freeing the underlying data structure.
697  */
698 void
699 if_ref(struct ifnet *ifp)
700 {
701 	u_int old __diagused;
702 
703 	/* We don't assert the ifnet list lock here, but arguably should. */
704 	old = refcount_acquire(&ifp->if_refcount);
705 	KASSERT(old > 0, ("%s: ifp %p has 0 refs", __func__, ifp));
706 }
707 
708 bool
709 if_try_ref(struct ifnet *ifp)
710 {
711 	NET_EPOCH_ASSERT();
712 	return (refcount_acquire_if_not_zero(&ifp->if_refcount));
713 }
714 
715 void
716 if_rele(struct ifnet *ifp)
717 {
718 
719 	if (!refcount_release(&ifp->if_refcount))
720 		return;
721 	NET_EPOCH_CALL(if_free_deferred, &ifp->if_epoch_ctx);
722 }
723 
724 void
725 ifq_init(struct ifaltq *ifq, struct ifnet *ifp)
726 {
727 
728 	mtx_init(&ifq->ifq_mtx, ifp->if_xname, "if send queue", MTX_DEF);
729 
730 	if (ifq->ifq_maxlen == 0)
731 		ifq->ifq_maxlen = ifqmaxlen;
732 
733 	ifq->altq_type = 0;
734 	ifq->altq_disc = NULL;
735 	ifq->altq_flags &= ALTQF_CANTCHANGE;
736 	ifq->altq_tbr  = NULL;
737 	ifq->altq_ifp  = ifp;
738 }
739 
740 void
741 ifq_delete(struct ifaltq *ifq)
742 {
743 	mtx_destroy(&ifq->ifq_mtx);
744 }
745 
746 /*
747  * Perform generic interface initialization tasks and attach the interface
748  * to the list of "active" interfaces.  If vmove flag is set on entry
749  * to if_attach_internal(), perform only a limited subset of initialization
750  * tasks, given that we are moving from one vnet to another an ifnet which
751  * has already been fully initialized.
752  *
753  * Note that if_detach_internal() removes group membership unconditionally
754  * even when vmove flag is set, and if_attach_internal() adds only IFG_ALL.
755  * Thus, when if_vmove() is applied to a cloned interface, group membership
756  * is lost while a cloned one always joins a group whose name is
757  * ifc->ifc_name.  To recover this after if_detach_internal() and
758  * if_attach_internal(), the cloner should be specified to
759  * if_attach_internal() via ifc.  If it is non-NULL, if_attach_internal()
760  * attempts to join a group whose name is ifc->ifc_name.
761  *
762  * XXX:
763  *  - The decision to return void and thus require this function to
764  *    succeed is questionable.
765  *  - We should probably do more sanity checking.  For instance we don't
766  *    do anything to insure if_xname is unique or non-empty.
767  */
768 void
769 if_attach(struct ifnet *ifp)
770 {
771 
772 	if_attach_internal(ifp, false);
773 }
774 
775 /*
776  * Compute the least common TSO limit.
777  */
778 void
779 if_hw_tsomax_common(if_t ifp, struct ifnet_hw_tsomax *pmax)
780 {
781 	/*
782 	 * 1) If there is no limit currently, take the limit from
783 	 * the network adapter.
784 	 *
785 	 * 2) If the network adapter has a limit below the current
786 	 * limit, apply it.
787 	 */
788 	if (pmax->tsomaxbytes == 0 || (ifp->if_hw_tsomax != 0 &&
789 	    ifp->if_hw_tsomax < pmax->tsomaxbytes)) {
790 		pmax->tsomaxbytes = ifp->if_hw_tsomax;
791 	}
792 	if (pmax->tsomaxsegcount == 0 || (ifp->if_hw_tsomaxsegcount != 0 &&
793 	    ifp->if_hw_tsomaxsegcount < pmax->tsomaxsegcount)) {
794 		pmax->tsomaxsegcount = ifp->if_hw_tsomaxsegcount;
795 	}
796 	if (pmax->tsomaxsegsize == 0 || (ifp->if_hw_tsomaxsegsize != 0 &&
797 	    ifp->if_hw_tsomaxsegsize < pmax->tsomaxsegsize)) {
798 		pmax->tsomaxsegsize = ifp->if_hw_tsomaxsegsize;
799 	}
800 }
801 
802 /*
803  * Update TSO limit of a network adapter.
804  *
805  * Returns zero if no change. Else non-zero.
806  */
807 int
808 if_hw_tsomax_update(if_t ifp, struct ifnet_hw_tsomax *pmax)
809 {
810 	int retval = 0;
811 	if (ifp->if_hw_tsomax != pmax->tsomaxbytes) {
812 		ifp->if_hw_tsomax = pmax->tsomaxbytes;
813 		retval++;
814 	}
815 	if (ifp->if_hw_tsomaxsegsize != pmax->tsomaxsegsize) {
816 		ifp->if_hw_tsomaxsegsize = pmax->tsomaxsegsize;
817 		retval++;
818 	}
819 	if (ifp->if_hw_tsomaxsegcount != pmax->tsomaxsegcount) {
820 		ifp->if_hw_tsomaxsegcount = pmax->tsomaxsegcount;
821 		retval++;
822 	}
823 	return (retval);
824 }
825 
826 static void
827 if_attach_internal(struct ifnet *ifp, bool vmove)
828 {
829 	unsigned socksize, ifasize;
830 	int namelen, masklen;
831 	struct sockaddr_dl *sdl;
832 	struct ifaddr *ifa;
833 
834 	MPASS(ifindex_table[ifp->if_index].ife_ifnet == ifp);
835 
836 #ifdef VIMAGE
837 	ifp->if_vnet = curvnet;
838 	if (ifp->if_home_vnet == NULL)
839 		ifp->if_home_vnet = curvnet;
840 #endif
841 
842 	if_addgroup(ifp, IFG_ALL);
843 
844 #ifdef VIMAGE
845 	/* Restore group membership for cloned interface. */
846 	if (vmove)
847 		if_clone_restoregroup(ifp);
848 #endif
849 
850 	getmicrotime(&ifp->if_lastchange);
851 	ifp->if_epoch = time_uptime;
852 
853 	KASSERT((ifp->if_transmit == NULL && ifp->if_qflush == NULL) ||
854 	    (ifp->if_transmit != NULL && ifp->if_qflush != NULL),
855 	    ("transmit and qflush must both either be set or both be NULL"));
856 	if (ifp->if_transmit == NULL) {
857 		ifp->if_transmit = if_transmit;
858 		ifp->if_qflush = if_qflush;
859 	}
860 	if (ifp->if_input == NULL)
861 		ifp->if_input = if_input_default;
862 
863 	if (ifp->if_requestencap == NULL)
864 		ifp->if_requestencap = if_requestencap_default;
865 
866 	if (!vmove) {
867 #ifdef MAC
868 		mac_ifnet_create(ifp);
869 #endif
870 
871 		/*
872 		 * Create a Link Level name for this device.
873 		 */
874 		namelen = strlen(ifp->if_xname);
875 		/*
876 		 * Always save enough space for any possiable name so we
877 		 * can do a rename in place later.
878 		 */
879 		masklen = offsetof(struct sockaddr_dl, sdl_data[0]) + IFNAMSIZ;
880 		socksize = masklen + ifp->if_addrlen;
881 		if (socksize < sizeof(*sdl))
882 			socksize = sizeof(*sdl);
883 		socksize = roundup2(socksize, sizeof(long));
884 		ifasize = sizeof(*ifa) + 2 * socksize;
885 		ifa = ifa_alloc(ifasize, M_WAITOK);
886 		sdl = (struct sockaddr_dl *)(ifa + 1);
887 		sdl->sdl_len = socksize;
888 		sdl->sdl_family = AF_LINK;
889 		bcopy(ifp->if_xname, sdl->sdl_data, namelen);
890 		sdl->sdl_nlen = namelen;
891 		sdl->sdl_index = ifp->if_index;
892 		sdl->sdl_type = ifp->if_type;
893 		ifp->if_addr = ifa;
894 		ifa->ifa_ifp = ifp;
895 		ifa->ifa_addr = (struct sockaddr *)sdl;
896 		sdl = (struct sockaddr_dl *)(socksize + (caddr_t)sdl);
897 		ifa->ifa_netmask = (struct sockaddr *)sdl;
898 		sdl->sdl_len = masklen;
899 		while (namelen != 0)
900 			sdl->sdl_data[--namelen] = 0xff;
901 		CK_STAILQ_INSERT_HEAD(&ifp->if_addrhead, ifa, ifa_link);
902 		/* Reliably crash if used uninitialized. */
903 		ifp->if_broadcastaddr = NULL;
904 
905 		if (ifp->if_type == IFT_ETHER) {
906 			ifp->if_hw_addr = malloc(ifp->if_addrlen, M_IFADDR,
907 			    M_WAITOK | M_ZERO);
908 		}
909 
910 #if defined(INET) || defined(INET6)
911 		/* Use defaults for TSO, if nothing is set */
912 		if (ifp->if_hw_tsomax == 0 &&
913 		    ifp->if_hw_tsomaxsegcount == 0 &&
914 		    ifp->if_hw_tsomaxsegsize == 0) {
915 			/*
916 			 * The TSO defaults needs to be such that an
917 			 * NFS mbuf list of 35 mbufs totalling just
918 			 * below 64K works and that a chain of mbufs
919 			 * can be defragged into at most 32 segments:
920 			 */
921 			ifp->if_hw_tsomax = min(IP_MAXPACKET, (32 * MCLBYTES) -
922 			    (ETHER_HDR_LEN + ETHER_VLAN_ENCAP_LEN));
923 			ifp->if_hw_tsomaxsegcount = 35;
924 			ifp->if_hw_tsomaxsegsize = 2048;	/* 2K */
925 
926 			/* XXX some drivers set IFCAP_TSO after ethernet attach */
927 			if (ifp->if_capabilities & IFCAP_TSO) {
928 				if_printf(ifp, "Using defaults for TSO: %u/%u/%u\n",
929 				    ifp->if_hw_tsomax,
930 				    ifp->if_hw_tsomaxsegcount,
931 				    ifp->if_hw_tsomaxsegsize);
932 			}
933 		}
934 #endif
935 	}
936 #ifdef VIMAGE
937 	else {
938 		/*
939 		 * Update the interface index in the link layer address
940 		 * of the interface.
941 		 */
942 		for (ifa = ifp->if_addr; ifa != NULL;
943 		    ifa = CK_STAILQ_NEXT(ifa, ifa_link)) {
944 			if (ifa->ifa_addr->sa_family == AF_LINK) {
945 				sdl = (struct sockaddr_dl *)ifa->ifa_addr;
946 				sdl->sdl_index = ifp->if_index;
947 			}
948 		}
949 	}
950 #endif
951 
952 	if_link_ifnet(ifp);
953 
954 	if (domain_init_status >= 2)
955 		if_attachdomain1(ifp);
956 
957 	EVENTHANDLER_INVOKE(ifnet_arrival_event, ifp);
958 	if (IS_DEFAULT_VNET(curvnet))
959 		devctl_notify("IFNET", ifp->if_xname, "ATTACH", NULL);
960 
961 	/* Announce the interface. */
962 	rt_ifannouncemsg(ifp, IFAN_ARRIVAL);
963 }
964 
965 static void
966 if_epochalloc(void *dummy __unused)
967 {
968 
969 	net_epoch_preempt = epoch_alloc("Net preemptible", EPOCH_PREEMPT);
970 }
971 SYSINIT(ifepochalloc, SI_SUB_EPOCH, SI_ORDER_ANY, if_epochalloc, NULL);
972 
973 static void
974 if_attachdomain(void *dummy)
975 {
976 	struct ifnet *ifp;
977 
978 	CK_STAILQ_FOREACH(ifp, &V_ifnet, if_link)
979 		if_attachdomain1(ifp);
980 }
981 SYSINIT(domainifattach, SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_SECOND,
982     if_attachdomain, NULL);
983 
984 static void
985 if_attachdomain1(struct ifnet *ifp)
986 {
987 	struct domain *dp;
988 
989 	/*
990 	 * Since dp->dom_ifattach calls malloc() with M_WAITOK, we
991 	 * cannot lock ifp->if_afdata initialization, entirely.
992 	 */
993 	IF_AFDATA_LOCK(ifp);
994 	if (ifp->if_afdata_initialized >= domain_init_status) {
995 		IF_AFDATA_UNLOCK(ifp);
996 		log(LOG_WARNING, "%s called more than once on %s\n",
997 		    __func__, ifp->if_xname);
998 		return;
999 	}
1000 	ifp->if_afdata_initialized = domain_init_status;
1001 	IF_AFDATA_UNLOCK(ifp);
1002 
1003 	/* address family dependent data region */
1004 	bzero(ifp->if_afdata, sizeof(ifp->if_afdata));
1005 	for (dp = domains; dp; dp = dp->dom_next) {
1006 		if (dp->dom_ifattach)
1007 			ifp->if_afdata[dp->dom_family] =
1008 			    (*dp->dom_ifattach)(ifp);
1009 	}
1010 }
1011 
1012 /*
1013  * Remove any unicast or broadcast network addresses from an interface.
1014  */
1015 void
1016 if_purgeaddrs(struct ifnet *ifp)
1017 {
1018 	struct ifaddr *ifa;
1019 
1020 #ifdef INET6
1021 	/*
1022 	 * Need to leave multicast addresses of proxy NDP llentries
1023 	 * before in6_purgeifaddr() because the llentries are keys
1024 	 * for in6_multi objects of proxy NDP entries.
1025 	 * in6_purgeifaddr()s clean up llentries including proxy NDPs
1026 	 * then we would lose the keys if they are called earlier.
1027 	 */
1028 	in6_purge_proxy_ndp(ifp);
1029 #endif
1030 	while (1) {
1031 		struct epoch_tracker et;
1032 
1033 		NET_EPOCH_ENTER(et);
1034 		CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1035 			if (ifa->ifa_addr->sa_family != AF_LINK)
1036 				break;
1037 		}
1038 		NET_EPOCH_EXIT(et);
1039 
1040 		if (ifa == NULL)
1041 			break;
1042 #ifdef INET
1043 		/* XXX: Ugly!! ad hoc just for INET */
1044 		if (ifa->ifa_addr->sa_family == AF_INET) {
1045 			struct ifaliasreq ifr;
1046 
1047 			bzero(&ifr, sizeof(ifr));
1048 			ifr.ifra_addr = *ifa->ifa_addr;
1049 			if (ifa->ifa_dstaddr)
1050 				ifr.ifra_broadaddr = *ifa->ifa_dstaddr;
1051 			if (in_control(NULL, SIOCDIFADDR, (caddr_t)&ifr, ifp,
1052 			    NULL) == 0)
1053 				continue;
1054 		}
1055 #endif /* INET */
1056 #ifdef INET6
1057 		if (ifa->ifa_addr->sa_family == AF_INET6) {
1058 			in6_purgeifaddr((struct in6_ifaddr *)ifa);
1059 			/* ifp_addrhead is already updated */
1060 			continue;
1061 		}
1062 #endif /* INET6 */
1063 		IF_ADDR_WLOCK(ifp);
1064 		CK_STAILQ_REMOVE(&ifp->if_addrhead, ifa, ifaddr, ifa_link);
1065 		IF_ADDR_WUNLOCK(ifp);
1066 		ifa_free(ifa);
1067 	}
1068 }
1069 
1070 /*
1071  * Remove any multicast network addresses from an interface when an ifnet
1072  * is going away.
1073  */
1074 static void
1075 if_purgemaddrs(struct ifnet *ifp)
1076 {
1077 	struct ifmultiaddr *ifma;
1078 
1079 	IF_ADDR_WLOCK(ifp);
1080 	while (!CK_STAILQ_EMPTY(&ifp->if_multiaddrs)) {
1081 		ifma = CK_STAILQ_FIRST(&ifp->if_multiaddrs);
1082 		CK_STAILQ_REMOVE(&ifp->if_multiaddrs, ifma, ifmultiaddr, ifma_link);
1083 		if_delmulti_locked(ifp, ifma, 1);
1084 	}
1085 	IF_ADDR_WUNLOCK(ifp);
1086 }
1087 
1088 /*
1089  * Detach an interface, removing it from the list of "active" interfaces.
1090  * If vmove flag is set on entry to if_detach_internal(), perform only a
1091  * limited subset of cleanup tasks, given that we are moving an ifnet from
1092  * one vnet to another, where it must be fully operational.
1093  *
1094  * XXXRW: There are some significant questions about event ordering, and
1095  * how to prevent things from starting to use the interface during detach.
1096  */
1097 void
1098 if_detach(struct ifnet *ifp)
1099 {
1100 	bool found;
1101 
1102 	CURVNET_SET_QUIET(ifp->if_vnet);
1103 	found = if_unlink_ifnet(ifp, false);
1104 	if (found) {
1105 		sx_xlock(&ifnet_detach_sxlock);
1106 		if_detach_internal(ifp, false);
1107 		sx_xunlock(&ifnet_detach_sxlock);
1108 	}
1109 	CURVNET_RESTORE();
1110 }
1111 
1112 /*
1113  * The vmove flag, if set, indicates that we are called from a callpath
1114  * that is moving an interface to a different vnet instance.
1115  *
1116  * The shutdown flag, if set, indicates that we are called in the
1117  * process of shutting down a vnet instance.  Currently only the
1118  * vnet_if_return SYSUNINIT function sets it.  Note: we can be called
1119  * on a vnet instance shutdown without this flag being set, e.g., when
1120  * the cloned interfaces are destoyed as first thing of teardown.
1121  */
1122 static int
1123 if_detach_internal(struct ifnet *ifp, bool vmove)
1124 {
1125 	struct ifaddr *ifa;
1126 	int i;
1127 	struct domain *dp;
1128 #ifdef VIMAGE
1129 	bool shutdown;
1130 
1131 	shutdown = VNET_IS_SHUTTING_DOWN(ifp->if_vnet);
1132 #endif
1133 
1134 	/*
1135 	 * At this point we know the interface still was on the ifnet list
1136 	 * and we removed it so we are in a stable state.
1137 	 */
1138 	epoch_wait_preempt(net_epoch_preempt);
1139 
1140 	/*
1141 	 * Ensure all pending EPOCH(9) callbacks have been executed. This
1142 	 * fixes issues about late destruction of multicast options
1143 	 * which lead to leave group calls, which in turn access the
1144 	 * belonging ifnet structure:
1145 	 */
1146 	epoch_drain_callbacks(net_epoch_preempt);
1147 
1148 	/*
1149 	 * In any case (destroy or vmove) detach us from the groups
1150 	 * and remove/wait for pending events on the taskq.
1151 	 * XXX-BZ in theory an interface could still enqueue a taskq change?
1152 	 */
1153 	if_delgroups(ifp);
1154 
1155 	taskqueue_drain(taskqueue_swi, &ifp->if_linktask);
1156 	taskqueue_drain(taskqueue_swi, &ifp->if_addmultitask);
1157 
1158 	if_down(ifp);
1159 
1160 #ifdef VIMAGE
1161 	/*
1162 	 * On VNET shutdown abort here as the stack teardown will do all
1163 	 * the work top-down for us.
1164 	 */
1165 	if (shutdown) {
1166 		/* Give interface users the chance to clean up. */
1167 		EVENTHANDLER_INVOKE(ifnet_departure_event, ifp);
1168 
1169 		/*
1170 		 * In case of a vmove we are done here without error.
1171 		 * If we would signal an error it would lead to the same
1172 		 * abort as if we did not find the ifnet anymore.
1173 		 * if_detach() calls us in void context and does not care
1174 		 * about an early abort notification, so life is splendid :)
1175 		 */
1176 		goto finish_vnet_shutdown;
1177 	}
1178 #endif
1179 
1180 	/*
1181 	 * At this point we are not tearing down a VNET and are either
1182 	 * going to destroy or vmove the interface and have to cleanup
1183 	 * accordingly.
1184 	 */
1185 
1186 	/*
1187 	 * Remove routes and flush queues.
1188 	 */
1189 #ifdef ALTQ
1190 	if (ALTQ_IS_ENABLED(&ifp->if_snd))
1191 		altq_disable(&ifp->if_snd);
1192 	if (ALTQ_IS_ATTACHED(&ifp->if_snd))
1193 		altq_detach(&ifp->if_snd);
1194 #endif
1195 
1196 	if_purgeaddrs(ifp);
1197 
1198 #ifdef INET
1199 	in_ifdetach(ifp);
1200 #endif
1201 
1202 #ifdef INET6
1203 	/*
1204 	 * Remove all IPv6 kernel structs related to ifp.  This should be done
1205 	 * before removing routing entries below, since IPv6 interface direct
1206 	 * routes are expected to be removed by the IPv6-specific kernel API.
1207 	 * Otherwise, the kernel will detect some inconsistency and bark it.
1208 	 */
1209 	in6_ifdetach(ifp);
1210 #endif
1211 	if_purgemaddrs(ifp);
1212 
1213 	/* Announce that the interface is gone. */
1214 	rt_ifannouncemsg(ifp, IFAN_DEPARTURE);
1215 	EVENTHANDLER_INVOKE(ifnet_departure_event, ifp);
1216 	if (IS_DEFAULT_VNET(curvnet))
1217 		devctl_notify("IFNET", ifp->if_xname, "DETACH", NULL);
1218 
1219 	if (!vmove) {
1220 		/*
1221 		 * Prevent further calls into the device driver via ifnet.
1222 		 */
1223 		if_dead(ifp);
1224 
1225 		/*
1226 		 * Clean up all addresses.
1227 		 */
1228 		IF_ADDR_WLOCK(ifp);
1229 		if (!CK_STAILQ_EMPTY(&ifp->if_addrhead)) {
1230 			ifa = CK_STAILQ_FIRST(&ifp->if_addrhead);
1231 			CK_STAILQ_REMOVE(&ifp->if_addrhead, ifa, ifaddr, ifa_link);
1232 			IF_ADDR_WUNLOCK(ifp);
1233 			ifa_free(ifa);
1234 		} else
1235 			IF_ADDR_WUNLOCK(ifp);
1236 	}
1237 
1238 	rt_flushifroutes(ifp);
1239 
1240 #ifdef VIMAGE
1241 finish_vnet_shutdown:
1242 #endif
1243 	/*
1244 	 * We cannot hold the lock over dom_ifdetach calls as they might
1245 	 * sleep, for example trying to drain a callout, thus open up the
1246 	 * theoretical race with re-attaching.
1247 	 */
1248 	IF_AFDATA_LOCK(ifp);
1249 	i = ifp->if_afdata_initialized;
1250 	ifp->if_afdata_initialized = 0;
1251 	IF_AFDATA_UNLOCK(ifp);
1252 	for (dp = domains; i > 0 && dp; dp = dp->dom_next) {
1253 		if (dp->dom_ifdetach && ifp->if_afdata[dp->dom_family]) {
1254 			(*dp->dom_ifdetach)(ifp,
1255 			    ifp->if_afdata[dp->dom_family]);
1256 			ifp->if_afdata[dp->dom_family] = NULL;
1257 		}
1258 	}
1259 
1260 	return (0);
1261 }
1262 
1263 #ifdef VIMAGE
1264 /*
1265  * if_vmove() performs a limited version of if_detach() in current
1266  * vnet and if_attach()es the ifnet to the vnet specified as 2nd arg.
1267  */
1268 static int
1269 if_vmove(struct ifnet *ifp, struct vnet *new_vnet)
1270 {
1271 #ifdef DEV_BPF
1272 	u_int bif_dlt, bif_hdrlen;
1273 #endif
1274 	int rc;
1275 
1276 #ifdef DEV_BPF
1277  	/*
1278 	 * if_detach_internal() will call the eventhandler to notify
1279 	 * interface departure.  That will detach if_bpf.  We need to
1280 	 * safe the dlt and hdrlen so we can re-attach it later.
1281 	 */
1282 	bpf_get_bp_params(ifp->if_bpf, &bif_dlt, &bif_hdrlen);
1283 #endif
1284 
1285 	/*
1286 	 * Detach from current vnet, but preserve LLADDR info, do not
1287 	 * mark as dead etc. so that the ifnet can be reattached later.
1288 	 * If we cannot find it, we lost the race to someone else.
1289 	 */
1290 	rc = if_detach_internal(ifp, true);
1291 	if (rc != 0)
1292 		return (rc);
1293 
1294 	/*
1295 	 * Perform interface-specific reassignment tasks, if provided by
1296 	 * the driver.
1297 	 */
1298 	if (ifp->if_reassign != NULL)
1299 		ifp->if_reassign(ifp, new_vnet, NULL);
1300 
1301 	/*
1302 	 * Switch to the context of the target vnet.
1303 	 */
1304 	CURVNET_SET_QUIET(new_vnet);
1305 	if_attach_internal(ifp, true);
1306 
1307 #ifdef DEV_BPF
1308 	if (ifp->if_bpf == NULL)
1309 		bpfattach(ifp, bif_dlt, bif_hdrlen);
1310 #endif
1311 
1312 	CURVNET_RESTORE();
1313 	return (0);
1314 }
1315 
1316 /*
1317  * Move an ifnet to or from another child prison/vnet, specified by the jail id.
1318  */
1319 static int
1320 if_vmove_loan(struct thread *td, struct ifnet *ifp, char *ifname, int jid)
1321 {
1322 	struct prison *pr;
1323 	struct ifnet *difp;
1324 	int error;
1325 	bool found __diagused;
1326 	bool shutdown;
1327 
1328 	MPASS(ifindex_table[ifp->if_index].ife_ifnet == ifp);
1329 
1330 	/* Try to find the prison within our visibility. */
1331 	sx_slock(&allprison_lock);
1332 	pr = prison_find_child(td->td_ucred->cr_prison, jid);
1333 	sx_sunlock(&allprison_lock);
1334 	if (pr == NULL)
1335 		return (ENXIO);
1336 	prison_hold_locked(pr);
1337 	mtx_unlock(&pr->pr_mtx);
1338 
1339 	/* Do not try to move the iface from and to the same prison. */
1340 	if (pr->pr_vnet == ifp->if_vnet) {
1341 		prison_free(pr);
1342 		return (EEXIST);
1343 	}
1344 
1345 	/* Make sure the named iface does not exists in the dst. prison/vnet. */
1346 	/* XXX Lock interfaces to avoid races. */
1347 	CURVNET_SET_QUIET(pr->pr_vnet);
1348 	difp = ifunit(ifname);
1349 	if (difp != NULL) {
1350 		CURVNET_RESTORE();
1351 		prison_free(pr);
1352 		return (EEXIST);
1353 	}
1354 	sx_xlock(&ifnet_detach_sxlock);
1355 
1356 	/* Make sure the VNET is stable. */
1357 	shutdown = VNET_IS_SHUTTING_DOWN(ifp->if_vnet);
1358 	if (shutdown) {
1359 		sx_xunlock(&ifnet_detach_sxlock);
1360 		CURVNET_RESTORE();
1361 		prison_free(pr);
1362 		return (EBUSY);
1363 	}
1364 	CURVNET_RESTORE();
1365 
1366 	found = if_unlink_ifnet(ifp, true);
1367 	if (! found) {
1368 		sx_xunlock(&ifnet_detach_sxlock);
1369 		CURVNET_RESTORE();
1370 		prison_free(pr);
1371 		return (ENODEV);
1372 	}
1373 
1374 	/* Move the interface into the child jail/vnet. */
1375 	error = if_vmove(ifp, pr->pr_vnet);
1376 
1377 	/* Report the new if_xname back to the userland on success. */
1378 	if (error == 0)
1379 		sprintf(ifname, "%s", ifp->if_xname);
1380 
1381 	sx_xunlock(&ifnet_detach_sxlock);
1382 
1383 	prison_free(pr);
1384 	return (error);
1385 }
1386 
1387 static int
1388 if_vmove_reclaim(struct thread *td, char *ifname, int jid)
1389 {
1390 	struct prison *pr;
1391 	struct vnet *vnet_dst;
1392 	struct ifnet *ifp;
1393 	int error, found __diagused;
1394  	bool shutdown;
1395 
1396 	/* Try to find the prison within our visibility. */
1397 	sx_slock(&allprison_lock);
1398 	pr = prison_find_child(td->td_ucred->cr_prison, jid);
1399 	sx_sunlock(&allprison_lock);
1400 	if (pr == NULL)
1401 		return (ENXIO);
1402 	prison_hold_locked(pr);
1403 	mtx_unlock(&pr->pr_mtx);
1404 
1405 	/* Make sure the named iface exists in the source prison/vnet. */
1406 	CURVNET_SET(pr->pr_vnet);
1407 	ifp = ifunit(ifname);		/* XXX Lock to avoid races. */
1408 	if (ifp == NULL) {
1409 		CURVNET_RESTORE();
1410 		prison_free(pr);
1411 		return (ENXIO);
1412 	}
1413 
1414 	/* Do not try to move the iface from and to the same prison. */
1415 	vnet_dst = TD_TO_VNET(td);
1416 	if (vnet_dst == ifp->if_vnet) {
1417 		CURVNET_RESTORE();
1418 		prison_free(pr);
1419 		return (EEXIST);
1420 	}
1421 
1422 	/* Make sure the VNET is stable. */
1423 	shutdown = VNET_IS_SHUTTING_DOWN(ifp->if_vnet);
1424 	if (shutdown) {
1425 		CURVNET_RESTORE();
1426 		prison_free(pr);
1427 		return (EBUSY);
1428 	}
1429 
1430 	/* Get interface back from child jail/vnet. */
1431 	found = if_unlink_ifnet(ifp, true);
1432 	MPASS(found);
1433 	sx_xlock(&ifnet_detach_sxlock);
1434 	error = if_vmove(ifp, vnet_dst);
1435 	sx_xunlock(&ifnet_detach_sxlock);
1436 	CURVNET_RESTORE();
1437 
1438 	/* Report the new if_xname back to the userland on success. */
1439 	if (error == 0)
1440 		sprintf(ifname, "%s", ifp->if_xname);
1441 
1442 	prison_free(pr);
1443 	return (error);
1444 }
1445 #endif /* VIMAGE */
1446 
1447 /*
1448  * Add a group to an interface
1449  */
1450 int
1451 if_addgroup(struct ifnet *ifp, const char *groupname)
1452 {
1453 	struct ifg_list		*ifgl;
1454 	struct ifg_group	*ifg = NULL;
1455 	struct ifg_member	*ifgm;
1456 	int 			 new = 0;
1457 
1458 	if (groupname[0] && groupname[strlen(groupname) - 1] >= '0' &&
1459 	    groupname[strlen(groupname) - 1] <= '9')
1460 		return (EINVAL);
1461 
1462 	IFNET_WLOCK();
1463 	CK_STAILQ_FOREACH(ifgl, &ifp->if_groups, ifgl_next)
1464 		if (!strcmp(ifgl->ifgl_group->ifg_group, groupname)) {
1465 			IFNET_WUNLOCK();
1466 			return (EEXIST);
1467 		}
1468 
1469 	if ((ifgl = malloc(sizeof(*ifgl), M_TEMP, M_NOWAIT)) == NULL) {
1470 	    	IFNET_WUNLOCK();
1471 		return (ENOMEM);
1472 	}
1473 
1474 	if ((ifgm = malloc(sizeof(*ifgm), M_TEMP, M_NOWAIT)) == NULL) {
1475 		free(ifgl, M_TEMP);
1476 		IFNET_WUNLOCK();
1477 		return (ENOMEM);
1478 	}
1479 
1480 	CK_STAILQ_FOREACH(ifg, &V_ifg_head, ifg_next)
1481 		if (!strcmp(ifg->ifg_group, groupname))
1482 			break;
1483 
1484 	if (ifg == NULL) {
1485 		if ((ifg = malloc(sizeof(*ifg), M_TEMP, M_NOWAIT)) == NULL) {
1486 			free(ifgl, M_TEMP);
1487 			free(ifgm, M_TEMP);
1488 			IFNET_WUNLOCK();
1489 			return (ENOMEM);
1490 		}
1491 		strlcpy(ifg->ifg_group, groupname, sizeof(ifg->ifg_group));
1492 		ifg->ifg_refcnt = 0;
1493 		CK_STAILQ_INIT(&ifg->ifg_members);
1494 		CK_STAILQ_INSERT_TAIL(&V_ifg_head, ifg, ifg_next);
1495 		new = 1;
1496 	}
1497 
1498 	ifg->ifg_refcnt++;
1499 	ifgl->ifgl_group = ifg;
1500 	ifgm->ifgm_ifp = ifp;
1501 
1502 	IF_ADDR_WLOCK(ifp);
1503 	CK_STAILQ_INSERT_TAIL(&ifg->ifg_members, ifgm, ifgm_next);
1504 	CK_STAILQ_INSERT_TAIL(&ifp->if_groups, ifgl, ifgl_next);
1505 	IF_ADDR_WUNLOCK(ifp);
1506 
1507 	IFNET_WUNLOCK();
1508 
1509 	if (new)
1510 		EVENTHANDLER_INVOKE(group_attach_event, ifg);
1511 	EVENTHANDLER_INVOKE(group_change_event, groupname);
1512 
1513 	return (0);
1514 }
1515 
1516 /*
1517  * Helper function to remove a group out of an interface.  Expects the global
1518  * ifnet lock to be write-locked, and drops it before returning.
1519  */
1520 static void
1521 _if_delgroup_locked(struct ifnet *ifp, struct ifg_list *ifgl,
1522     const char *groupname)
1523 {
1524 	struct ifg_member *ifgm;
1525 	bool freeifgl;
1526 
1527 	IFNET_WLOCK_ASSERT();
1528 
1529 	IF_ADDR_WLOCK(ifp);
1530 	CK_STAILQ_REMOVE(&ifp->if_groups, ifgl, ifg_list, ifgl_next);
1531 	IF_ADDR_WUNLOCK(ifp);
1532 
1533 	CK_STAILQ_FOREACH(ifgm, &ifgl->ifgl_group->ifg_members, ifgm_next) {
1534 		if (ifgm->ifgm_ifp == ifp) {
1535 			CK_STAILQ_REMOVE(&ifgl->ifgl_group->ifg_members, ifgm,
1536 			    ifg_member, ifgm_next);
1537 			break;
1538 		}
1539 	}
1540 
1541 	if (--ifgl->ifgl_group->ifg_refcnt == 0) {
1542 		CK_STAILQ_REMOVE(&V_ifg_head, ifgl->ifgl_group, ifg_group,
1543 		    ifg_next);
1544 		freeifgl = true;
1545 	} else {
1546 		freeifgl = false;
1547 	}
1548 	IFNET_WUNLOCK();
1549 
1550 	epoch_wait_preempt(net_epoch_preempt);
1551 	if (freeifgl) {
1552 		EVENTHANDLER_INVOKE(group_detach_event, ifgl->ifgl_group);
1553 		free(ifgl->ifgl_group, M_TEMP);
1554 	}
1555 	free(ifgm, M_TEMP);
1556 	free(ifgl, M_TEMP);
1557 
1558 	EVENTHANDLER_INVOKE(group_change_event, groupname);
1559 }
1560 
1561 /*
1562  * Remove a group from an interface
1563  */
1564 int
1565 if_delgroup(struct ifnet *ifp, const char *groupname)
1566 {
1567 	struct ifg_list *ifgl;
1568 
1569 	IFNET_WLOCK();
1570 	CK_STAILQ_FOREACH(ifgl, &ifp->if_groups, ifgl_next)
1571 		if (strcmp(ifgl->ifgl_group->ifg_group, groupname) == 0)
1572 			break;
1573 	if (ifgl == NULL) {
1574 		IFNET_WUNLOCK();
1575 		return (ENOENT);
1576 	}
1577 
1578 	_if_delgroup_locked(ifp, ifgl, groupname);
1579 
1580 	return (0);
1581 }
1582 
1583 /*
1584  * Remove an interface from all groups
1585  */
1586 static void
1587 if_delgroups(struct ifnet *ifp)
1588 {
1589 	struct ifg_list *ifgl;
1590 	char groupname[IFNAMSIZ];
1591 
1592 	IFNET_WLOCK();
1593 	while ((ifgl = CK_STAILQ_FIRST(&ifp->if_groups)) != NULL) {
1594 		strlcpy(groupname, ifgl->ifgl_group->ifg_group, IFNAMSIZ);
1595 		_if_delgroup_locked(ifp, ifgl, groupname);
1596 		IFNET_WLOCK();
1597 	}
1598 	IFNET_WUNLOCK();
1599 }
1600 
1601 /*
1602  * Stores all groups from an interface in memory pointed to by ifgr.
1603  */
1604 static int
1605 if_getgroup(struct ifgroupreq *ifgr, struct ifnet *ifp)
1606 {
1607 	int			 len, error;
1608 	struct ifg_list		*ifgl;
1609 	struct ifg_req		 ifgrq, *ifgp;
1610 
1611 	NET_EPOCH_ASSERT();
1612 
1613 	if (ifgr->ifgr_len == 0) {
1614 		CK_STAILQ_FOREACH(ifgl, &ifp->if_groups, ifgl_next)
1615 			ifgr->ifgr_len += sizeof(struct ifg_req);
1616 		return (0);
1617 	}
1618 
1619 	len = ifgr->ifgr_len;
1620 	ifgp = ifgr->ifgr_groups;
1621 	/* XXX: wire */
1622 	CK_STAILQ_FOREACH(ifgl, &ifp->if_groups, ifgl_next) {
1623 		if (len < sizeof(ifgrq))
1624 			return (EINVAL);
1625 		bzero(&ifgrq, sizeof ifgrq);
1626 		strlcpy(ifgrq.ifgrq_group, ifgl->ifgl_group->ifg_group,
1627 		    sizeof(ifgrq.ifgrq_group));
1628 		if ((error = copyout(&ifgrq, ifgp, sizeof(struct ifg_req))))
1629 			return (error);
1630 		len -= sizeof(ifgrq);
1631 		ifgp++;
1632 	}
1633 
1634 	return (0);
1635 }
1636 
1637 /*
1638  * Stores all members of a group in memory pointed to by igfr
1639  */
1640 static int
1641 if_getgroupmembers(struct ifgroupreq *ifgr)
1642 {
1643 	struct ifg_group	*ifg;
1644 	struct ifg_member	*ifgm;
1645 	struct ifg_req		 ifgrq, *ifgp;
1646 	int			 len, error;
1647 
1648 	IFNET_RLOCK();
1649 	CK_STAILQ_FOREACH(ifg, &V_ifg_head, ifg_next)
1650 		if (strcmp(ifg->ifg_group, ifgr->ifgr_name) == 0)
1651 			break;
1652 	if (ifg == NULL) {
1653 		IFNET_RUNLOCK();
1654 		return (ENOENT);
1655 	}
1656 
1657 	if (ifgr->ifgr_len == 0) {
1658 		CK_STAILQ_FOREACH(ifgm, &ifg->ifg_members, ifgm_next)
1659 			ifgr->ifgr_len += sizeof(ifgrq);
1660 		IFNET_RUNLOCK();
1661 		return (0);
1662 	}
1663 
1664 	len = ifgr->ifgr_len;
1665 	ifgp = ifgr->ifgr_groups;
1666 	CK_STAILQ_FOREACH(ifgm, &ifg->ifg_members, ifgm_next) {
1667 		if (len < sizeof(ifgrq)) {
1668 			IFNET_RUNLOCK();
1669 			return (EINVAL);
1670 		}
1671 		bzero(&ifgrq, sizeof ifgrq);
1672 		strlcpy(ifgrq.ifgrq_member, ifgm->ifgm_ifp->if_xname,
1673 		    sizeof(ifgrq.ifgrq_member));
1674 		if ((error = copyout(&ifgrq, ifgp, sizeof(struct ifg_req)))) {
1675 			IFNET_RUNLOCK();
1676 			return (error);
1677 		}
1678 		len -= sizeof(ifgrq);
1679 		ifgp++;
1680 	}
1681 	IFNET_RUNLOCK();
1682 
1683 	return (0);
1684 }
1685 
1686 /*
1687  * Return counter values from counter(9)s stored in ifnet.
1688  */
1689 uint64_t
1690 if_get_counter_default(struct ifnet *ifp, ift_counter cnt)
1691 {
1692 
1693 	KASSERT(cnt < IFCOUNTERS, ("%s: invalid cnt %d", __func__, cnt));
1694 
1695 	return (counter_u64_fetch(ifp->if_counters[cnt]));
1696 }
1697 
1698 /*
1699  * Increase an ifnet counter. Usually used for counters shared
1700  * between the stack and a driver, but function supports them all.
1701  */
1702 void
1703 if_inc_counter(struct ifnet *ifp, ift_counter cnt, int64_t inc)
1704 {
1705 
1706 	KASSERT(cnt < IFCOUNTERS, ("%s: invalid cnt %d", __func__, cnt));
1707 
1708 	counter_u64_add(ifp->if_counters[cnt], inc);
1709 }
1710 
1711 /*
1712  * Copy data from ifnet to userland API structure if_data.
1713  */
1714 void
1715 if_data_copy(struct ifnet *ifp, struct if_data *ifd)
1716 {
1717 
1718 	ifd->ifi_type = ifp->if_type;
1719 	ifd->ifi_physical = 0;
1720 	ifd->ifi_addrlen = ifp->if_addrlen;
1721 	ifd->ifi_hdrlen = ifp->if_hdrlen;
1722 	ifd->ifi_link_state = ifp->if_link_state;
1723 	ifd->ifi_vhid = 0;
1724 	ifd->ifi_datalen = sizeof(struct if_data);
1725 	ifd->ifi_mtu = ifp->if_mtu;
1726 	ifd->ifi_metric = ifp->if_metric;
1727 	ifd->ifi_baudrate = ifp->if_baudrate;
1728 	ifd->ifi_hwassist = ifp->if_hwassist;
1729 	ifd->ifi_epoch = ifp->if_epoch;
1730 	ifd->ifi_lastchange = ifp->if_lastchange;
1731 
1732 	ifd->ifi_ipackets = ifp->if_get_counter(ifp, IFCOUNTER_IPACKETS);
1733 	ifd->ifi_ierrors = ifp->if_get_counter(ifp, IFCOUNTER_IERRORS);
1734 	ifd->ifi_opackets = ifp->if_get_counter(ifp, IFCOUNTER_OPACKETS);
1735 	ifd->ifi_oerrors = ifp->if_get_counter(ifp, IFCOUNTER_OERRORS);
1736 	ifd->ifi_collisions = ifp->if_get_counter(ifp, IFCOUNTER_COLLISIONS);
1737 	ifd->ifi_ibytes = ifp->if_get_counter(ifp, IFCOUNTER_IBYTES);
1738 	ifd->ifi_obytes = ifp->if_get_counter(ifp, IFCOUNTER_OBYTES);
1739 	ifd->ifi_imcasts = ifp->if_get_counter(ifp, IFCOUNTER_IMCASTS);
1740 	ifd->ifi_omcasts = ifp->if_get_counter(ifp, IFCOUNTER_OMCASTS);
1741 	ifd->ifi_iqdrops = ifp->if_get_counter(ifp, IFCOUNTER_IQDROPS);
1742 	ifd->ifi_oqdrops = ifp->if_get_counter(ifp, IFCOUNTER_OQDROPS);
1743 	ifd->ifi_noproto = ifp->if_get_counter(ifp, IFCOUNTER_NOPROTO);
1744 }
1745 
1746 /*
1747  * Initialization, destruction and refcounting functions for ifaddrs.
1748  */
1749 struct ifaddr *
1750 ifa_alloc(size_t size, int flags)
1751 {
1752 	struct ifaddr *ifa;
1753 
1754 	KASSERT(size >= sizeof(struct ifaddr),
1755 	    ("%s: invalid size %zu", __func__, size));
1756 
1757 	ifa = malloc(size, M_IFADDR, M_ZERO | flags);
1758 	if (ifa == NULL)
1759 		return (NULL);
1760 
1761 	if ((ifa->ifa_opackets = counter_u64_alloc(flags)) == NULL)
1762 		goto fail;
1763 	if ((ifa->ifa_ipackets = counter_u64_alloc(flags)) == NULL)
1764 		goto fail;
1765 	if ((ifa->ifa_obytes = counter_u64_alloc(flags)) == NULL)
1766 		goto fail;
1767 	if ((ifa->ifa_ibytes = counter_u64_alloc(flags)) == NULL)
1768 		goto fail;
1769 
1770 	refcount_init(&ifa->ifa_refcnt, 1);
1771 
1772 	return (ifa);
1773 
1774 fail:
1775 	/* free(NULL) is okay */
1776 	counter_u64_free(ifa->ifa_opackets);
1777 	counter_u64_free(ifa->ifa_ipackets);
1778 	counter_u64_free(ifa->ifa_obytes);
1779 	counter_u64_free(ifa->ifa_ibytes);
1780 	free(ifa, M_IFADDR);
1781 
1782 	return (NULL);
1783 }
1784 
1785 void
1786 ifa_ref(struct ifaddr *ifa)
1787 {
1788 	u_int old __diagused;
1789 
1790 	old = refcount_acquire(&ifa->ifa_refcnt);
1791 	KASSERT(old > 0, ("%s: ifa %p has 0 refs", __func__, ifa));
1792 }
1793 
1794 int
1795 ifa_try_ref(struct ifaddr *ifa)
1796 {
1797 
1798 	NET_EPOCH_ASSERT();
1799 	return (refcount_acquire_if_not_zero(&ifa->ifa_refcnt));
1800 }
1801 
1802 static void
1803 ifa_destroy(epoch_context_t ctx)
1804 {
1805 	struct ifaddr *ifa;
1806 
1807 	ifa = __containerof(ctx, struct ifaddr, ifa_epoch_ctx);
1808 	counter_u64_free(ifa->ifa_opackets);
1809 	counter_u64_free(ifa->ifa_ipackets);
1810 	counter_u64_free(ifa->ifa_obytes);
1811 	counter_u64_free(ifa->ifa_ibytes);
1812 	free(ifa, M_IFADDR);
1813 }
1814 
1815 void
1816 ifa_free(struct ifaddr *ifa)
1817 {
1818 
1819 	if (refcount_release(&ifa->ifa_refcnt))
1820 		NET_EPOCH_CALL(ifa_destroy, &ifa->ifa_epoch_ctx);
1821 }
1822 
1823 /*
1824  * XXX: Because sockaddr_dl has deeper structure than the sockaddr
1825  * structs used to represent other address families, it is necessary
1826  * to perform a different comparison.
1827  */
1828 
1829 #define	sa_dl_equal(a1, a2)	\
1830 	((((const struct sockaddr_dl *)(a1))->sdl_len ==		\
1831 	 ((const struct sockaddr_dl *)(a2))->sdl_len) &&		\
1832 	 (bcmp(CLLADDR((const struct sockaddr_dl *)(a1)),		\
1833 	       CLLADDR((const struct sockaddr_dl *)(a2)),		\
1834 	       ((const struct sockaddr_dl *)(a1))->sdl_alen) == 0))
1835 
1836 /*
1837  * Locate an interface based on a complete address.
1838  */
1839 /*ARGSUSED*/
1840 struct ifaddr *
1841 ifa_ifwithaddr(const struct sockaddr *addr)
1842 {
1843 	struct ifnet *ifp;
1844 	struct ifaddr *ifa;
1845 
1846 	NET_EPOCH_ASSERT();
1847 
1848 	CK_STAILQ_FOREACH(ifp, &V_ifnet, if_link) {
1849 		CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1850 			if (ifa->ifa_addr->sa_family != addr->sa_family)
1851 				continue;
1852 			if (sa_equal(addr, ifa->ifa_addr)) {
1853 				goto done;
1854 			}
1855 			/* IP6 doesn't have broadcast */
1856 			if ((ifp->if_flags & IFF_BROADCAST) &&
1857 			    ifa->ifa_broadaddr &&
1858 			    ifa->ifa_broadaddr->sa_len != 0 &&
1859 			    sa_equal(ifa->ifa_broadaddr, addr)) {
1860 				goto done;
1861 			}
1862 		}
1863 	}
1864 	ifa = NULL;
1865 done:
1866 	return (ifa);
1867 }
1868 
1869 int
1870 ifa_ifwithaddr_check(const struct sockaddr *addr)
1871 {
1872 	struct epoch_tracker et;
1873 	int rc;
1874 
1875 	NET_EPOCH_ENTER(et);
1876 	rc = (ifa_ifwithaddr(addr) != NULL);
1877 	NET_EPOCH_EXIT(et);
1878 	return (rc);
1879 }
1880 
1881 /*
1882  * Locate an interface based on the broadcast address.
1883  */
1884 /* ARGSUSED */
1885 struct ifaddr *
1886 ifa_ifwithbroadaddr(const struct sockaddr *addr, int fibnum)
1887 {
1888 	struct ifnet *ifp;
1889 	struct ifaddr *ifa;
1890 
1891 	NET_EPOCH_ASSERT();
1892 	CK_STAILQ_FOREACH(ifp, &V_ifnet, if_link) {
1893 		if ((fibnum != RT_ALL_FIBS) && (ifp->if_fib != fibnum))
1894 			continue;
1895 		CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1896 			if (ifa->ifa_addr->sa_family != addr->sa_family)
1897 				continue;
1898 			if ((ifp->if_flags & IFF_BROADCAST) &&
1899 			    ifa->ifa_broadaddr &&
1900 			    ifa->ifa_broadaddr->sa_len != 0 &&
1901 			    sa_equal(ifa->ifa_broadaddr, addr)) {
1902 				goto done;
1903 			}
1904 		}
1905 	}
1906 	ifa = NULL;
1907 done:
1908 	return (ifa);
1909 }
1910 
1911 /*
1912  * Locate the point to point interface with a given destination address.
1913  */
1914 /*ARGSUSED*/
1915 struct ifaddr *
1916 ifa_ifwithdstaddr(const struct sockaddr *addr, int fibnum)
1917 {
1918 	struct ifnet *ifp;
1919 	struct ifaddr *ifa;
1920 
1921 	NET_EPOCH_ASSERT();
1922 	CK_STAILQ_FOREACH(ifp, &V_ifnet, if_link) {
1923 		if ((ifp->if_flags & IFF_POINTOPOINT) == 0)
1924 			continue;
1925 		if ((fibnum != RT_ALL_FIBS) && (ifp->if_fib != fibnum))
1926 			continue;
1927 		CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1928 			if (ifa->ifa_addr->sa_family != addr->sa_family)
1929 				continue;
1930 			if (ifa->ifa_dstaddr != NULL &&
1931 			    sa_equal(addr, ifa->ifa_dstaddr)) {
1932 				goto done;
1933 			}
1934 		}
1935 	}
1936 	ifa = NULL;
1937 done:
1938 	return (ifa);
1939 }
1940 
1941 /*
1942  * Find an interface on a specific network.  If many, choice
1943  * is most specific found.
1944  */
1945 struct ifaddr *
1946 ifa_ifwithnet(const struct sockaddr *addr, int ignore_ptp, int fibnum)
1947 {
1948 	struct ifnet *ifp;
1949 	struct ifaddr *ifa;
1950 	struct ifaddr *ifa_maybe = NULL;
1951 	u_int af = addr->sa_family;
1952 	const char *addr_data = addr->sa_data, *cplim;
1953 
1954 	NET_EPOCH_ASSERT();
1955 	/*
1956 	 * AF_LINK addresses can be looked up directly by their index number,
1957 	 * so do that if we can.
1958 	 */
1959 	if (af == AF_LINK) {
1960 		ifp = ifnet_byindex(
1961 		    ((const struct sockaddr_dl *)addr)->sdl_index);
1962 		return (ifp ? ifp->if_addr : NULL);
1963 	}
1964 
1965 	/*
1966 	 * Scan though each interface, looking for ones that have addresses
1967 	 * in this address family and the requested fib.
1968 	 */
1969 	CK_STAILQ_FOREACH(ifp, &V_ifnet, if_link) {
1970 		if ((fibnum != RT_ALL_FIBS) && (ifp->if_fib != fibnum))
1971 			continue;
1972 		CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1973 			const char *cp, *cp2, *cp3;
1974 
1975 			if (ifa->ifa_addr->sa_family != af)
1976 next:				continue;
1977 			if (af == AF_INET &&
1978 			    ifp->if_flags & IFF_POINTOPOINT && !ignore_ptp) {
1979 				/*
1980 				 * This is a bit broken as it doesn't
1981 				 * take into account that the remote end may
1982 				 * be a single node in the network we are
1983 				 * looking for.
1984 				 * The trouble is that we don't know the
1985 				 * netmask for the remote end.
1986 				 */
1987 				if (ifa->ifa_dstaddr != NULL &&
1988 				    sa_equal(addr, ifa->ifa_dstaddr)) {
1989 					goto done;
1990 				}
1991 			} else {
1992 				/*
1993 				 * Scan all the bits in the ifa's address.
1994 				 * If a bit dissagrees with what we are
1995 				 * looking for, mask it with the netmask
1996 				 * to see if it really matters.
1997 				 * (A byte at a time)
1998 				 */
1999 				if (ifa->ifa_netmask == 0)
2000 					continue;
2001 				cp = addr_data;
2002 				cp2 = ifa->ifa_addr->sa_data;
2003 				cp3 = ifa->ifa_netmask->sa_data;
2004 				cplim = ifa->ifa_netmask->sa_len
2005 					+ (char *)ifa->ifa_netmask;
2006 				while (cp3 < cplim)
2007 					if ((*cp++ ^ *cp2++) & *cp3++)
2008 						goto next; /* next address! */
2009 				/*
2010 				 * If the netmask of what we just found
2011 				 * is more specific than what we had before
2012 				 * (if we had one), or if the virtual status
2013 				 * of new prefix is better than of the old one,
2014 				 * then remember the new one before continuing
2015 				 * to search for an even better one.
2016 				 */
2017 				if (ifa_maybe == NULL ||
2018 				    ifa_preferred(ifa_maybe, ifa) ||
2019 				    rn_refines((caddr_t)ifa->ifa_netmask,
2020 				    (caddr_t)ifa_maybe->ifa_netmask)) {
2021 					ifa_maybe = ifa;
2022 				}
2023 			}
2024 		}
2025 	}
2026 	ifa = ifa_maybe;
2027 	ifa_maybe = NULL;
2028 done:
2029 	return (ifa);
2030 }
2031 
2032 /*
2033  * Find an interface address specific to an interface best matching
2034  * a given address.
2035  */
2036 struct ifaddr *
2037 ifaof_ifpforaddr(const struct sockaddr *addr, struct ifnet *ifp)
2038 {
2039 	struct ifaddr *ifa;
2040 	const char *cp, *cp2, *cp3;
2041 	char *cplim;
2042 	struct ifaddr *ifa_maybe = NULL;
2043 	u_int af = addr->sa_family;
2044 
2045 	if (af >= AF_MAX)
2046 		return (NULL);
2047 
2048 	NET_EPOCH_ASSERT();
2049 	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2050 		if (ifa->ifa_addr->sa_family != af)
2051 			continue;
2052 		if (ifa_maybe == NULL)
2053 			ifa_maybe = ifa;
2054 		if (ifa->ifa_netmask == 0) {
2055 			if (sa_equal(addr, ifa->ifa_addr) ||
2056 			    (ifa->ifa_dstaddr &&
2057 			    sa_equal(addr, ifa->ifa_dstaddr)))
2058 				goto done;
2059 			continue;
2060 		}
2061 		if (ifp->if_flags & IFF_POINTOPOINT) {
2062 			if (sa_equal(addr, ifa->ifa_dstaddr))
2063 				goto done;
2064 		} else {
2065 			cp = addr->sa_data;
2066 			cp2 = ifa->ifa_addr->sa_data;
2067 			cp3 = ifa->ifa_netmask->sa_data;
2068 			cplim = ifa->ifa_netmask->sa_len + (char *)ifa->ifa_netmask;
2069 			for (; cp3 < cplim; cp3++)
2070 				if ((*cp++ ^ *cp2++) & *cp3)
2071 					break;
2072 			if (cp3 == cplim)
2073 				goto done;
2074 		}
2075 	}
2076 	ifa = ifa_maybe;
2077 done:
2078 	return (ifa);
2079 }
2080 
2081 /*
2082  * See whether new ifa is better than current one:
2083  * 1) A non-virtual one is preferred over virtual.
2084  * 2) A virtual in master state preferred over any other state.
2085  *
2086  * Used in several address selecting functions.
2087  */
2088 int
2089 ifa_preferred(struct ifaddr *cur, struct ifaddr *next)
2090 {
2091 
2092 	return (cur->ifa_carp && (!next->ifa_carp ||
2093 	    ((*carp_master_p)(next) && !(*carp_master_p)(cur))));
2094 }
2095 
2096 struct sockaddr_dl *
2097 link_alloc_sdl(size_t size, int flags)
2098 {
2099 
2100 	return (malloc(size, M_TEMP, flags));
2101 }
2102 
2103 void
2104 link_free_sdl(struct sockaddr *sa)
2105 {
2106 	free(sa, M_TEMP);
2107 }
2108 
2109 /*
2110  * Fills in given sdl with interface basic info.
2111  * Returns pointer to filled sdl.
2112  */
2113 struct sockaddr_dl *
2114 link_init_sdl(struct ifnet *ifp, struct sockaddr *paddr, u_char iftype)
2115 {
2116 	struct sockaddr_dl *sdl;
2117 
2118 	sdl = (struct sockaddr_dl *)paddr;
2119 	memset(sdl, 0, sizeof(struct sockaddr_dl));
2120 	sdl->sdl_len = sizeof(struct sockaddr_dl);
2121 	sdl->sdl_family = AF_LINK;
2122 	sdl->sdl_index = ifp->if_index;
2123 	sdl->sdl_type = iftype;
2124 
2125 	return (sdl);
2126 }
2127 
2128 /*
2129  * Mark an interface down and notify protocols of
2130  * the transition.
2131  */
2132 static void
2133 if_unroute(struct ifnet *ifp, int flag, int fam)
2134 {
2135 	struct ifaddr *ifa;
2136 	struct epoch_tracker et;
2137 
2138 	KASSERT(flag == IFF_UP, ("if_unroute: flag != IFF_UP"));
2139 
2140 	ifp->if_flags &= ~flag;
2141 	getmicrotime(&ifp->if_lastchange);
2142 	NET_EPOCH_ENTER(et);
2143 	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link)
2144 		if (fam == PF_UNSPEC || (fam == ifa->ifa_addr->sa_family))
2145 			pfctlinput(PRC_IFDOWN, ifa->ifa_addr);
2146 	NET_EPOCH_EXIT(et);
2147 	ifp->if_qflush(ifp);
2148 
2149 	if (ifp->if_carp)
2150 		(*carp_linkstate_p)(ifp);
2151 	rt_ifmsg(ifp);
2152 }
2153 
2154 /*
2155  * Mark an interface up and notify protocols of
2156  * the transition.
2157  */
2158 static void
2159 if_route(struct ifnet *ifp, int flag, int fam)
2160 {
2161 	struct ifaddr *ifa;
2162 	struct epoch_tracker et;
2163 
2164 	KASSERT(flag == IFF_UP, ("if_route: flag != IFF_UP"));
2165 
2166 	ifp->if_flags |= flag;
2167 	getmicrotime(&ifp->if_lastchange);
2168 	NET_EPOCH_ENTER(et);
2169 	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link)
2170 		if (fam == PF_UNSPEC || (fam == ifa->ifa_addr->sa_family))
2171 			pfctlinput(PRC_IFUP, ifa->ifa_addr);
2172 	NET_EPOCH_EXIT(et);
2173 	if (ifp->if_carp)
2174 		(*carp_linkstate_p)(ifp);
2175 	rt_ifmsg(ifp);
2176 #ifdef INET6
2177 	in6_if_up(ifp);
2178 #endif
2179 }
2180 
2181 void	(*vlan_link_state_p)(struct ifnet *);	/* XXX: private from if_vlan */
2182 void	(*vlan_trunk_cap_p)(struct ifnet *);		/* XXX: private from if_vlan */
2183 struct ifnet *(*vlan_trunkdev_p)(struct ifnet *);
2184 struct	ifnet *(*vlan_devat_p)(struct ifnet *, uint16_t);
2185 int	(*vlan_tag_p)(struct ifnet *, uint16_t *);
2186 int	(*vlan_pcp_p)(struct ifnet *, uint16_t *);
2187 int	(*vlan_setcookie_p)(struct ifnet *, void *);
2188 void	*(*vlan_cookie_p)(struct ifnet *);
2189 
2190 /*
2191  * Handle a change in the interface link state. To avoid LORs
2192  * between driver lock and upper layer locks, as well as possible
2193  * recursions, we post event to taskqueue, and all job
2194  * is done in static do_link_state_change().
2195  */
2196 void
2197 if_link_state_change(struct ifnet *ifp, int link_state)
2198 {
2199 	/* Return if state hasn't changed. */
2200 	if (ifp->if_link_state == link_state)
2201 		return;
2202 
2203 	ifp->if_link_state = link_state;
2204 
2205 	/* XXXGL: reference ifp? */
2206 	taskqueue_enqueue(taskqueue_swi, &ifp->if_linktask);
2207 }
2208 
2209 static void
2210 do_link_state_change(void *arg, int pending)
2211 {
2212 	struct ifnet *ifp;
2213 	int link_state;
2214 
2215 	ifp = arg;
2216 	link_state = ifp->if_link_state;
2217 
2218 	CURVNET_SET(ifp->if_vnet);
2219 	rt_ifmsg(ifp);
2220 	if (ifp->if_vlantrunk != NULL)
2221 		(*vlan_link_state_p)(ifp);
2222 
2223 	if ((ifp->if_type == IFT_ETHER || ifp->if_type == IFT_L2VLAN) &&
2224 	    ifp->if_l2com != NULL)
2225 		(*ng_ether_link_state_p)(ifp, link_state);
2226 	if (ifp->if_carp)
2227 		(*carp_linkstate_p)(ifp);
2228 	if (ifp->if_bridge)
2229 		ifp->if_bridge_linkstate(ifp);
2230 	if (ifp->if_lagg)
2231 		(*lagg_linkstate_p)(ifp, link_state);
2232 
2233 	if (IS_DEFAULT_VNET(curvnet))
2234 		devctl_notify("IFNET", ifp->if_xname,
2235 		    (link_state == LINK_STATE_UP) ? "LINK_UP" : "LINK_DOWN",
2236 		    NULL);
2237 	if (pending > 1)
2238 		if_printf(ifp, "%d link states coalesced\n", pending);
2239 	if (log_link_state_change)
2240 		if_printf(ifp, "link state changed to %s\n",
2241 		    (link_state == LINK_STATE_UP) ? "UP" : "DOWN" );
2242 	EVENTHANDLER_INVOKE(ifnet_link_event, ifp, link_state);
2243 	CURVNET_RESTORE();
2244 }
2245 
2246 /*
2247  * Mark an interface down and notify protocols of
2248  * the transition.
2249  */
2250 void
2251 if_down(struct ifnet *ifp)
2252 {
2253 
2254 	EVENTHANDLER_INVOKE(ifnet_event, ifp, IFNET_EVENT_DOWN);
2255 	if_unroute(ifp, IFF_UP, AF_UNSPEC);
2256 }
2257 
2258 /*
2259  * Mark an interface up and notify protocols of
2260  * the transition.
2261  */
2262 void
2263 if_up(struct ifnet *ifp)
2264 {
2265 
2266 	if_route(ifp, IFF_UP, AF_UNSPEC);
2267 	EVENTHANDLER_INVOKE(ifnet_event, ifp, IFNET_EVENT_UP);
2268 }
2269 
2270 /*
2271  * Flush an interface queue.
2272  */
2273 void
2274 if_qflush(struct ifnet *ifp)
2275 {
2276 	struct mbuf *m, *n;
2277 	struct ifaltq *ifq;
2278 
2279 	ifq = &ifp->if_snd;
2280 	IFQ_LOCK(ifq);
2281 #ifdef ALTQ
2282 	if (ALTQ_IS_ENABLED(ifq))
2283 		ALTQ_PURGE(ifq);
2284 #endif
2285 	n = ifq->ifq_head;
2286 	while ((m = n) != NULL) {
2287 		n = m->m_nextpkt;
2288 		m_freem(m);
2289 	}
2290 	ifq->ifq_head = 0;
2291 	ifq->ifq_tail = 0;
2292 	ifq->ifq_len = 0;
2293 	IFQ_UNLOCK(ifq);
2294 }
2295 
2296 /*
2297  * Map interface name to interface structure pointer, with or without
2298  * returning a reference.
2299  */
2300 struct ifnet *
2301 ifunit_ref(const char *name)
2302 {
2303 	struct epoch_tracker et;
2304 	struct ifnet *ifp;
2305 
2306 	NET_EPOCH_ENTER(et);
2307 	CK_STAILQ_FOREACH(ifp, &V_ifnet, if_link) {
2308 		if (strncmp(name, ifp->if_xname, IFNAMSIZ) == 0 &&
2309 		    !(ifp->if_flags & IFF_DYING))
2310 			break;
2311 	}
2312 	if (ifp != NULL) {
2313 		if_ref(ifp);
2314 		MPASS(ifindex_table[ifp->if_index].ife_ifnet == ifp);
2315 	}
2316 
2317 	NET_EPOCH_EXIT(et);
2318 	return (ifp);
2319 }
2320 
2321 struct ifnet *
2322 ifunit(const char *name)
2323 {
2324 	struct epoch_tracker et;
2325 	struct ifnet *ifp;
2326 
2327 	NET_EPOCH_ENTER(et);
2328 	CK_STAILQ_FOREACH(ifp, &V_ifnet, if_link) {
2329 		if (strncmp(name, ifp->if_xname, IFNAMSIZ) == 0)
2330 			break;
2331 	}
2332 	NET_EPOCH_EXIT(et);
2333 	return (ifp);
2334 }
2335 
2336 void *
2337 ifr_buffer_get_buffer(void *data)
2338 {
2339 	union ifreq_union *ifrup;
2340 
2341 	ifrup = data;
2342 #ifdef COMPAT_FREEBSD32
2343 	if (SV_CURPROC_FLAG(SV_ILP32))
2344 		return ((void *)(uintptr_t)
2345 		    ifrup->ifr32.ifr_ifru.ifru_buffer.buffer);
2346 #endif
2347 	return (ifrup->ifr.ifr_ifru.ifru_buffer.buffer);
2348 }
2349 
2350 static void
2351 ifr_buffer_set_buffer_null(void *data)
2352 {
2353 	union ifreq_union *ifrup;
2354 
2355 	ifrup = data;
2356 #ifdef COMPAT_FREEBSD32
2357 	if (SV_CURPROC_FLAG(SV_ILP32))
2358 		ifrup->ifr32.ifr_ifru.ifru_buffer.buffer = 0;
2359 	else
2360 #endif
2361 		ifrup->ifr.ifr_ifru.ifru_buffer.buffer = NULL;
2362 }
2363 
2364 size_t
2365 ifr_buffer_get_length(void *data)
2366 {
2367 	union ifreq_union *ifrup;
2368 
2369 	ifrup = data;
2370 #ifdef COMPAT_FREEBSD32
2371 	if (SV_CURPROC_FLAG(SV_ILP32))
2372 		return (ifrup->ifr32.ifr_ifru.ifru_buffer.length);
2373 #endif
2374 	return (ifrup->ifr.ifr_ifru.ifru_buffer.length);
2375 }
2376 
2377 static void
2378 ifr_buffer_set_length(void *data, size_t len)
2379 {
2380 	union ifreq_union *ifrup;
2381 
2382 	ifrup = data;
2383 #ifdef COMPAT_FREEBSD32
2384 	if (SV_CURPROC_FLAG(SV_ILP32))
2385 		ifrup->ifr32.ifr_ifru.ifru_buffer.length = len;
2386 	else
2387 #endif
2388 		ifrup->ifr.ifr_ifru.ifru_buffer.length = len;
2389 }
2390 
2391 void *
2392 ifr_data_get_ptr(void *ifrp)
2393 {
2394 	union ifreq_union *ifrup;
2395 
2396 	ifrup = ifrp;
2397 #ifdef COMPAT_FREEBSD32
2398 	if (SV_CURPROC_FLAG(SV_ILP32))
2399 		return ((void *)(uintptr_t)
2400 		    ifrup->ifr32.ifr_ifru.ifru_data);
2401 #endif
2402 		return (ifrup->ifr.ifr_ifru.ifru_data);
2403 }
2404 
2405 struct ifcap_nv_bit_name {
2406 	int cap_bit;
2407 	const char *cap_name;
2408 };
2409 #define CAPNV(x) {.cap_bit = IFCAP_##x, \
2410     .cap_name = __CONCAT(IFCAP_, __CONCAT(x, _NAME)) }
2411 const struct ifcap_nv_bit_name ifcap_nv_bit_names[] = {
2412 	CAPNV(RXCSUM),
2413 	CAPNV(TXCSUM),
2414 	CAPNV(NETCONS),
2415 	CAPNV(VLAN_MTU),
2416 	CAPNV(VLAN_HWTAGGING),
2417 	CAPNV(JUMBO_MTU),
2418 	CAPNV(POLLING),
2419 	CAPNV(VLAN_HWCSUM),
2420 	CAPNV(TSO4),
2421 	CAPNV(TSO6),
2422 	CAPNV(LRO),
2423 	CAPNV(WOL_UCAST),
2424 	CAPNV(WOL_MCAST),
2425 	CAPNV(WOL_MAGIC),
2426 	CAPNV(TOE4),
2427 	CAPNV(TOE6),
2428 	CAPNV(VLAN_HWFILTER),
2429 	CAPNV(VLAN_HWTSO),
2430 	CAPNV(LINKSTATE),
2431 	CAPNV(NETMAP),
2432 	CAPNV(RXCSUM_IPV6),
2433 	CAPNV(TXCSUM_IPV6),
2434 	CAPNV(HWSTATS),
2435 	CAPNV(TXRTLMT),
2436 	CAPNV(HWRXTSTMP),
2437 	CAPNV(MEXTPG),
2438 	CAPNV(TXTLS4),
2439 	CAPNV(TXTLS6),
2440 	CAPNV(VXLAN_HWCSUM),
2441 	CAPNV(VXLAN_HWTSO),
2442 	CAPNV(TXTLS_RTLMT),
2443 	{0, NULL}
2444 };
2445 #define CAP2NV(x) {.cap_bit = IFCAP2_##x, \
2446     .cap_name = __CONCAT(IFCAP2_, __CONCAT(x, _NAME)) }
2447 const struct ifcap_nv_bit_name ifcap2_nv_bit_names[] = {
2448 	CAP2NV(RXTLS4),
2449 	CAP2NV(RXTLS6),
2450 	{0, NULL}
2451 };
2452 #undef CAPNV
2453 #undef CAP2NV
2454 
2455 int
2456 if_capnv_to_capint(const nvlist_t *nv, int *old_cap,
2457     const struct ifcap_nv_bit_name *nn, bool all)
2458 {
2459 	int i, res;
2460 
2461 	res = 0;
2462 	for (i = 0; nn[i].cap_name != NULL; i++) {
2463 		if (nvlist_exists_bool(nv, nn[i].cap_name)) {
2464 			if (all || nvlist_get_bool(nv, nn[i].cap_name))
2465 				res |= nn[i].cap_bit;
2466 		} else {
2467 			res |= *old_cap & nn[i].cap_bit;
2468 		}
2469 	}
2470 	return (res);
2471 }
2472 
2473 void
2474 if_capint_to_capnv(nvlist_t *nv, const struct ifcap_nv_bit_name *nn,
2475     int ifr_cap, int ifr_req)
2476 {
2477 	int i;
2478 
2479 	for (i = 0; nn[i].cap_name != NULL; i++) {
2480 		if ((nn[i].cap_bit & ifr_cap) != 0) {
2481 			nvlist_add_bool(nv, nn[i].cap_name,
2482 			    (nn[i].cap_bit & ifr_req) != 0);
2483 		}
2484 	}
2485 }
2486 
2487 /*
2488  * Hardware specific interface ioctls.
2489  */
2490 int
2491 ifhwioctl(u_long cmd, struct ifnet *ifp, caddr_t data, struct thread *td)
2492 {
2493 	struct ifreq *ifr;
2494 	int error = 0, do_ifup = 0;
2495 	int new_flags, temp_flags;
2496 	size_t namelen, onamelen;
2497 	size_t descrlen, nvbuflen;
2498 	char *descrbuf, *odescrbuf;
2499 	char new_name[IFNAMSIZ];
2500 	char old_name[IFNAMSIZ], strbuf[IFNAMSIZ + 8];
2501 	struct ifaddr *ifa;
2502 	struct sockaddr_dl *sdl;
2503 	void *buf;
2504 	nvlist_t *nvcap;
2505 	struct siocsifcapnv_driver_data drv_ioctl_data;
2506 
2507 	ifr = (struct ifreq *)data;
2508 	switch (cmd) {
2509 	case SIOCGIFINDEX:
2510 		ifr->ifr_index = ifp->if_index;
2511 		break;
2512 
2513 	case SIOCGIFFLAGS:
2514 		temp_flags = ifp->if_flags | ifp->if_drv_flags;
2515 		ifr->ifr_flags = temp_flags & 0xffff;
2516 		ifr->ifr_flagshigh = temp_flags >> 16;
2517 		break;
2518 
2519 	case SIOCGIFCAP:
2520 		ifr->ifr_reqcap = ifp->if_capabilities;
2521 		ifr->ifr_curcap = ifp->if_capenable;
2522 		break;
2523 
2524 	case SIOCGIFCAPNV:
2525 		if ((ifp->if_capabilities & IFCAP_NV) == 0) {
2526 			error = EINVAL;
2527 			break;
2528 		}
2529 		buf = NULL;
2530 		nvcap = nvlist_create(0);
2531 		for (;;) {
2532 			if_capint_to_capnv(nvcap, ifcap_nv_bit_names,
2533 			    ifp->if_capabilities, ifp->if_capenable);
2534 			if_capint_to_capnv(nvcap, ifcap2_nv_bit_names,
2535 			    ifp->if_capabilities2, ifp->if_capenable2);
2536 			error = (*ifp->if_ioctl)(ifp, SIOCGIFCAPNV,
2537 			    __DECONST(caddr_t, nvcap));
2538 			if (error != 0) {
2539 				if_printf(ifp,
2540 			    "SIOCGIFCAPNV driver mistake: nvlist error %d\n",
2541 				    error);
2542 				break;
2543 			}
2544 			buf = nvlist_pack(nvcap, &nvbuflen);
2545 			if (buf == NULL) {
2546 				error = nvlist_error(nvcap);
2547 				if (error == 0)
2548 					error = EDOOFUS;
2549 				break;
2550 			}
2551 			if (nvbuflen > ifr->ifr_cap_nv.buf_length) {
2552 				ifr->ifr_cap_nv.length = nvbuflen;
2553 				ifr->ifr_cap_nv.buffer = NULL;
2554 				error = EFBIG;
2555 				break;
2556 			}
2557 			ifr->ifr_cap_nv.length = nvbuflen;
2558 			error = copyout(buf, ifr->ifr_cap_nv.buffer, nvbuflen);
2559 			break;
2560 		}
2561 		free(buf, M_NVLIST);
2562 		nvlist_destroy(nvcap);
2563 		break;
2564 
2565 	case SIOCGIFDATA:
2566 	{
2567 		struct if_data ifd;
2568 
2569 		/* Ensure uninitialised padding is not leaked. */
2570 		memset(&ifd, 0, sizeof(ifd));
2571 
2572 		if_data_copy(ifp, &ifd);
2573 		error = copyout(&ifd, ifr_data_get_ptr(ifr), sizeof(ifd));
2574 		break;
2575 	}
2576 
2577 #ifdef MAC
2578 	case SIOCGIFMAC:
2579 		error = mac_ifnet_ioctl_get(td->td_ucred, ifr, ifp);
2580 		break;
2581 #endif
2582 
2583 	case SIOCGIFMETRIC:
2584 		ifr->ifr_metric = ifp->if_metric;
2585 		break;
2586 
2587 	case SIOCGIFMTU:
2588 		ifr->ifr_mtu = ifp->if_mtu;
2589 		break;
2590 
2591 	case SIOCGIFPHYS:
2592 		/* XXXGL: did this ever worked? */
2593 		ifr->ifr_phys = 0;
2594 		break;
2595 
2596 	case SIOCGIFDESCR:
2597 		error = 0;
2598 		sx_slock(&ifdescr_sx);
2599 		if (ifp->if_description == NULL)
2600 			error = ENOMSG;
2601 		else {
2602 			/* space for terminating nul */
2603 			descrlen = strlen(ifp->if_description) + 1;
2604 			if (ifr_buffer_get_length(ifr) < descrlen)
2605 				ifr_buffer_set_buffer_null(ifr);
2606 			else
2607 				error = copyout(ifp->if_description,
2608 				    ifr_buffer_get_buffer(ifr), descrlen);
2609 			ifr_buffer_set_length(ifr, descrlen);
2610 		}
2611 		sx_sunlock(&ifdescr_sx);
2612 		break;
2613 
2614 	case SIOCSIFDESCR:
2615 		error = priv_check(td, PRIV_NET_SETIFDESCR);
2616 		if (error)
2617 			return (error);
2618 
2619 		/*
2620 		 * Copy only (length-1) bytes to make sure that
2621 		 * if_description is always nul terminated.  The
2622 		 * length parameter is supposed to count the
2623 		 * terminating nul in.
2624 		 */
2625 		if (ifr_buffer_get_length(ifr) > ifdescr_maxlen)
2626 			return (ENAMETOOLONG);
2627 		else if (ifr_buffer_get_length(ifr) == 0)
2628 			descrbuf = NULL;
2629 		else {
2630 			descrbuf = malloc(ifr_buffer_get_length(ifr),
2631 			    M_IFDESCR, M_WAITOK | M_ZERO);
2632 			error = copyin(ifr_buffer_get_buffer(ifr), descrbuf,
2633 			    ifr_buffer_get_length(ifr) - 1);
2634 			if (error) {
2635 				free(descrbuf, M_IFDESCR);
2636 				break;
2637 			}
2638 		}
2639 
2640 		sx_xlock(&ifdescr_sx);
2641 		odescrbuf = ifp->if_description;
2642 		ifp->if_description = descrbuf;
2643 		sx_xunlock(&ifdescr_sx);
2644 
2645 		getmicrotime(&ifp->if_lastchange);
2646 		free(odescrbuf, M_IFDESCR);
2647 		break;
2648 
2649 	case SIOCGIFFIB:
2650 		ifr->ifr_fib = ifp->if_fib;
2651 		break;
2652 
2653 	case SIOCSIFFIB:
2654 		error = priv_check(td, PRIV_NET_SETIFFIB);
2655 		if (error)
2656 			return (error);
2657 		if (ifr->ifr_fib >= rt_numfibs)
2658 			return (EINVAL);
2659 
2660 		ifp->if_fib = ifr->ifr_fib;
2661 		break;
2662 
2663 	case SIOCSIFFLAGS:
2664 		error = priv_check(td, PRIV_NET_SETIFFLAGS);
2665 		if (error)
2666 			return (error);
2667 		/*
2668 		 * Currently, no driver owned flags pass the IFF_CANTCHANGE
2669 		 * check, so we don't need special handling here yet.
2670 		 */
2671 		new_flags = (ifr->ifr_flags & 0xffff) |
2672 		    (ifr->ifr_flagshigh << 16);
2673 		if (ifp->if_flags & IFF_UP &&
2674 		    (new_flags & IFF_UP) == 0) {
2675 			if_down(ifp);
2676 		} else if (new_flags & IFF_UP &&
2677 		    (ifp->if_flags & IFF_UP) == 0) {
2678 			do_ifup = 1;
2679 		}
2680 		/* See if permanently promiscuous mode bit is about to flip */
2681 		if ((ifp->if_flags ^ new_flags) & IFF_PPROMISC) {
2682 			if (new_flags & IFF_PPROMISC)
2683 				ifp->if_flags |= IFF_PROMISC;
2684 			else if (ifp->if_pcount == 0)
2685 				ifp->if_flags &= ~IFF_PROMISC;
2686 			if (log_promisc_mode_change)
2687                                 if_printf(ifp, "permanently promiscuous mode %s\n",
2688                                     ((new_flags & IFF_PPROMISC) ?
2689                                      "enabled" : "disabled"));
2690 		}
2691 		ifp->if_flags = (ifp->if_flags & IFF_CANTCHANGE) |
2692 			(new_flags &~ IFF_CANTCHANGE);
2693 		if (ifp->if_ioctl) {
2694 			(void) (*ifp->if_ioctl)(ifp, cmd, data);
2695 		}
2696 		if (do_ifup)
2697 			if_up(ifp);
2698 		getmicrotime(&ifp->if_lastchange);
2699 		break;
2700 
2701 	case SIOCSIFCAP:
2702 		error = priv_check(td, PRIV_NET_SETIFCAP);
2703 		if (error != 0)
2704 			return (error);
2705 		if (ifp->if_ioctl == NULL)
2706 			return (EOPNOTSUPP);
2707 		if (ifr->ifr_reqcap & ~ifp->if_capabilities)
2708 			return (EINVAL);
2709 		error = (*ifp->if_ioctl)(ifp, cmd, data);
2710 		if (error == 0)
2711 			getmicrotime(&ifp->if_lastchange);
2712 		break;
2713 
2714 	case SIOCSIFCAPNV:
2715 		error = priv_check(td, PRIV_NET_SETIFCAP);
2716 		if (error != 0)
2717 			return (error);
2718 		if (ifp->if_ioctl == NULL)
2719 			return (EOPNOTSUPP);
2720 		if ((ifp->if_capabilities & IFCAP_NV) == 0)
2721 			return (EINVAL);
2722 		if (ifr->ifr_cap_nv.length > IFR_CAP_NV_MAXBUFSIZE)
2723 			return (EINVAL);
2724 		nvcap = NULL;
2725 		buf = malloc(ifr->ifr_cap_nv.length, M_TEMP, M_WAITOK);
2726 		for (;;) {
2727 			error = copyin(ifr->ifr_cap_nv.buffer, buf,
2728 			    ifr->ifr_cap_nv.length);
2729 			if (error != 0)
2730 				break;
2731 			nvcap = nvlist_unpack(buf, ifr->ifr_cap_nv.length, 0);
2732 			if (nvcap == NULL) {
2733 				error = EINVAL;
2734 				break;
2735 			}
2736 			drv_ioctl_data.reqcap = if_capnv_to_capint(nvcap,
2737 			    &ifp->if_capenable, ifcap_nv_bit_names, false);
2738 			if ((drv_ioctl_data.reqcap &
2739 			    ~ifp->if_capabilities) != 0) {
2740 				error = EINVAL;
2741 				break;
2742 			}
2743 			drv_ioctl_data.reqcap2 = if_capnv_to_capint(nvcap,
2744 			    &ifp->if_capenable2, ifcap2_nv_bit_names, false);
2745 			if ((drv_ioctl_data.reqcap2 &
2746 			    ~ifp->if_capabilities2) != 0) {
2747 				error = EINVAL;
2748 				break;
2749 			}
2750 			drv_ioctl_data.nvcap = nvcap;
2751 			error = (*ifp->if_ioctl)(ifp, SIOCSIFCAPNV,
2752 			    (caddr_t)&drv_ioctl_data);
2753 			break;
2754 		}
2755 		nvlist_destroy(nvcap);
2756 		free(buf, M_TEMP);
2757 		if (error == 0)
2758 			getmicrotime(&ifp->if_lastchange);
2759 		break;
2760 
2761 #ifdef MAC
2762 	case SIOCSIFMAC:
2763 		error = mac_ifnet_ioctl_set(td->td_ucred, ifr, ifp);
2764 		break;
2765 #endif
2766 
2767 	case SIOCSIFNAME:
2768 		error = priv_check(td, PRIV_NET_SETIFNAME);
2769 		if (error)
2770 			return (error);
2771 		error = copyinstr(ifr_data_get_ptr(ifr), new_name, IFNAMSIZ,
2772 		    NULL);
2773 		if (error != 0)
2774 			return (error);
2775 		if (new_name[0] == '\0')
2776 			return (EINVAL);
2777 		if (strcmp(new_name, ifp->if_xname) == 0)
2778 			break;
2779 		if (ifunit(new_name) != NULL)
2780 			return (EEXIST);
2781 
2782 		/*
2783 		 * XXX: Locking.  Nothing else seems to lock if_flags,
2784 		 * and there are numerous other races with the
2785 		 * ifunit() checks not being atomic with namespace
2786 		 * changes (renames, vmoves, if_attach, etc).
2787 		 */
2788 		ifp->if_flags |= IFF_RENAMING;
2789 
2790 		/* Announce the departure of the interface. */
2791 		rt_ifannouncemsg(ifp, IFAN_DEPARTURE);
2792 		EVENTHANDLER_INVOKE(ifnet_departure_event, ifp);
2793 
2794 		if_printf(ifp, "changing name to '%s'\n", new_name);
2795 
2796 		IF_ADDR_WLOCK(ifp);
2797 		strlcpy(old_name, ifp->if_xname, sizeof(old_name));
2798 		strlcpy(ifp->if_xname, new_name, sizeof(ifp->if_xname));
2799 		ifa = ifp->if_addr;
2800 		sdl = (struct sockaddr_dl *)ifa->ifa_addr;
2801 		namelen = strlen(new_name);
2802 		onamelen = sdl->sdl_nlen;
2803 		/*
2804 		 * Move the address if needed.  This is safe because we
2805 		 * allocate space for a name of length IFNAMSIZ when we
2806 		 * create this in if_attach().
2807 		 */
2808 		if (namelen != onamelen) {
2809 			bcopy(sdl->sdl_data + onamelen,
2810 			    sdl->sdl_data + namelen, sdl->sdl_alen);
2811 		}
2812 		bcopy(new_name, sdl->sdl_data, namelen);
2813 		sdl->sdl_nlen = namelen;
2814 		sdl = (struct sockaddr_dl *)ifa->ifa_netmask;
2815 		bzero(sdl->sdl_data, onamelen);
2816 		while (namelen != 0)
2817 			sdl->sdl_data[--namelen] = 0xff;
2818 		IF_ADDR_WUNLOCK(ifp);
2819 
2820 		EVENTHANDLER_INVOKE(ifnet_arrival_event, ifp);
2821 		/* Announce the return of the interface. */
2822 		rt_ifannouncemsg(ifp, IFAN_ARRIVAL);
2823 
2824 		ifp->if_flags &= ~IFF_RENAMING;
2825 
2826 		snprintf(strbuf, sizeof(strbuf), "name=%s", new_name);
2827 		devctl_notify("IFNET", old_name, "RENAME", strbuf);
2828 		break;
2829 
2830 #ifdef VIMAGE
2831 	case SIOCSIFVNET:
2832 		error = priv_check(td, PRIV_NET_SETIFVNET);
2833 		if (error)
2834 			return (error);
2835 		error = if_vmove_loan(td, ifp, ifr->ifr_name, ifr->ifr_jid);
2836 		break;
2837 #endif
2838 
2839 	case SIOCSIFMETRIC:
2840 		error = priv_check(td, PRIV_NET_SETIFMETRIC);
2841 		if (error)
2842 			return (error);
2843 		ifp->if_metric = ifr->ifr_metric;
2844 		getmicrotime(&ifp->if_lastchange);
2845 		break;
2846 
2847 	case SIOCSIFPHYS:
2848 		error = priv_check(td, PRIV_NET_SETIFPHYS);
2849 		if (error)
2850 			return (error);
2851 		if (ifp->if_ioctl == NULL)
2852 			return (EOPNOTSUPP);
2853 		error = (*ifp->if_ioctl)(ifp, cmd, data);
2854 		if (error == 0)
2855 			getmicrotime(&ifp->if_lastchange);
2856 		break;
2857 
2858 	case SIOCSIFMTU:
2859 	{
2860 		u_long oldmtu = ifp->if_mtu;
2861 
2862 		error = priv_check(td, PRIV_NET_SETIFMTU);
2863 		if (error)
2864 			return (error);
2865 		if (ifr->ifr_mtu < IF_MINMTU || ifr->ifr_mtu > IF_MAXMTU)
2866 			return (EINVAL);
2867 		if (ifp->if_ioctl == NULL)
2868 			return (EOPNOTSUPP);
2869 		/* Disallow MTU changes on bridge member interfaces. */
2870 		if (ifp->if_bridge)
2871 			return (EOPNOTSUPP);
2872 		error = (*ifp->if_ioctl)(ifp, cmd, data);
2873 		if (error == 0) {
2874 			getmicrotime(&ifp->if_lastchange);
2875 			rt_ifmsg(ifp);
2876 #ifdef INET
2877 			DEBUGNET_NOTIFY_MTU(ifp);
2878 #endif
2879 		}
2880 		/*
2881 		 * If the link MTU changed, do network layer specific procedure.
2882 		 */
2883 		if (ifp->if_mtu != oldmtu) {
2884 #ifdef INET6
2885 			nd6_setmtu(ifp);
2886 #endif
2887 			rt_updatemtu(ifp);
2888 		}
2889 		break;
2890 	}
2891 
2892 	case SIOCADDMULTI:
2893 	case SIOCDELMULTI:
2894 		if (cmd == SIOCADDMULTI)
2895 			error = priv_check(td, PRIV_NET_ADDMULTI);
2896 		else
2897 			error = priv_check(td, PRIV_NET_DELMULTI);
2898 		if (error)
2899 			return (error);
2900 
2901 		/* Don't allow group membership on non-multicast interfaces. */
2902 		if ((ifp->if_flags & IFF_MULTICAST) == 0)
2903 			return (EOPNOTSUPP);
2904 
2905 		/* Don't let users screw up protocols' entries. */
2906 		if (ifr->ifr_addr.sa_family != AF_LINK)
2907 			return (EINVAL);
2908 
2909 		if (cmd == SIOCADDMULTI) {
2910 			struct epoch_tracker et;
2911 			struct ifmultiaddr *ifma;
2912 
2913 			/*
2914 			 * Userland is only permitted to join groups once
2915 			 * via the if_addmulti() KPI, because it cannot hold
2916 			 * struct ifmultiaddr * between calls. It may also
2917 			 * lose a race while we check if the membership
2918 			 * already exists.
2919 			 */
2920 			NET_EPOCH_ENTER(et);
2921 			ifma = if_findmulti(ifp, &ifr->ifr_addr);
2922 			NET_EPOCH_EXIT(et);
2923 			if (ifma != NULL)
2924 				error = EADDRINUSE;
2925 			else
2926 				error = if_addmulti(ifp, &ifr->ifr_addr, &ifma);
2927 		} else {
2928 			error = if_delmulti(ifp, &ifr->ifr_addr);
2929 		}
2930 		if (error == 0)
2931 			getmicrotime(&ifp->if_lastchange);
2932 		break;
2933 
2934 	case SIOCSIFPHYADDR:
2935 	case SIOCDIFPHYADDR:
2936 #ifdef INET6
2937 	case SIOCSIFPHYADDR_IN6:
2938 #endif
2939 	case SIOCSIFMEDIA:
2940 	case SIOCSIFGENERIC:
2941 		error = priv_check(td, PRIV_NET_HWIOCTL);
2942 		if (error)
2943 			return (error);
2944 		if (ifp->if_ioctl == NULL)
2945 			return (EOPNOTSUPP);
2946 		error = (*ifp->if_ioctl)(ifp, cmd, data);
2947 		if (error == 0)
2948 			getmicrotime(&ifp->if_lastchange);
2949 		break;
2950 
2951 	case SIOCGIFSTATUS:
2952 	case SIOCGIFPSRCADDR:
2953 	case SIOCGIFPDSTADDR:
2954 	case SIOCGIFMEDIA:
2955 	case SIOCGIFXMEDIA:
2956 	case SIOCGIFGENERIC:
2957 	case SIOCGIFRSSKEY:
2958 	case SIOCGIFRSSHASH:
2959 	case SIOCGIFDOWNREASON:
2960 		if (ifp->if_ioctl == NULL)
2961 			return (EOPNOTSUPP);
2962 		error = (*ifp->if_ioctl)(ifp, cmd, data);
2963 		break;
2964 
2965 	case SIOCSIFLLADDR:
2966 		error = priv_check(td, PRIV_NET_SETLLADDR);
2967 		if (error)
2968 			return (error);
2969 		error = if_setlladdr(ifp,
2970 		    ifr->ifr_addr.sa_data, ifr->ifr_addr.sa_len);
2971 		break;
2972 
2973 	case SIOCGHWADDR:
2974 		error = if_gethwaddr(ifp, ifr);
2975 		break;
2976 
2977 	case SIOCAIFGROUP:
2978 		error = priv_check(td, PRIV_NET_ADDIFGROUP);
2979 		if (error)
2980 			return (error);
2981 		error = if_addgroup(ifp,
2982 		    ((struct ifgroupreq *)data)->ifgr_group);
2983 		if (error != 0)
2984 			return (error);
2985 		break;
2986 
2987 	case SIOCGIFGROUP:
2988 	{
2989 		struct epoch_tracker et;
2990 
2991 		NET_EPOCH_ENTER(et);
2992 		error = if_getgroup((struct ifgroupreq *)data, ifp);
2993 		NET_EPOCH_EXIT(et);
2994 		break;
2995 	}
2996 
2997 	case SIOCDIFGROUP:
2998 		error = priv_check(td, PRIV_NET_DELIFGROUP);
2999 		if (error)
3000 			return (error);
3001 		error = if_delgroup(ifp,
3002 		    ((struct ifgroupreq *)data)->ifgr_group);
3003 		if (error != 0)
3004 			return (error);
3005 		break;
3006 
3007 	default:
3008 		error = ENOIOCTL;
3009 		break;
3010 	}
3011 	return (error);
3012 }
3013 
3014 /*
3015  * Interface ioctls.
3016  */
3017 int
3018 ifioctl(struct socket *so, u_long cmd, caddr_t data, struct thread *td)
3019 {
3020 #ifdef COMPAT_FREEBSD32
3021 	union {
3022 		struct ifconf ifc;
3023 		struct ifdrv ifd;
3024 		struct ifgroupreq ifgr;
3025 		struct ifmediareq ifmr;
3026 	} thunk;
3027 	u_long saved_cmd;
3028 	struct ifconf32 *ifc32;
3029 	struct ifdrv32 *ifd32;
3030 	struct ifgroupreq32 *ifgr32;
3031 	struct ifmediareq32 *ifmr32;
3032 #endif
3033 	struct ifnet *ifp;
3034 	struct ifreq *ifr;
3035 	int error;
3036 	int oif_flags;
3037 #ifdef VIMAGE
3038 	bool shutdown;
3039 #endif
3040 
3041 	CURVNET_SET(so->so_vnet);
3042 #ifdef VIMAGE
3043 	/* Make sure the VNET is stable. */
3044 	shutdown = VNET_IS_SHUTTING_DOWN(so->so_vnet);
3045 	if (shutdown) {
3046 		CURVNET_RESTORE();
3047 		return (EBUSY);
3048 	}
3049 #endif
3050 
3051 #ifdef COMPAT_FREEBSD32
3052 	saved_cmd = cmd;
3053 	switch (cmd) {
3054 	case SIOCGIFCONF32:
3055 		ifc32 = (struct ifconf32 *)data;
3056 		thunk.ifc.ifc_len = ifc32->ifc_len;
3057 		thunk.ifc.ifc_buf = PTRIN(ifc32->ifc_buf);
3058 		data = (caddr_t)&thunk.ifc;
3059 		cmd = SIOCGIFCONF;
3060 		break;
3061 	case SIOCGDRVSPEC32:
3062 	case SIOCSDRVSPEC32:
3063 		ifd32 = (struct ifdrv32 *)data;
3064 		memcpy(thunk.ifd.ifd_name, ifd32->ifd_name,
3065 		    sizeof(thunk.ifd.ifd_name));
3066 		thunk.ifd.ifd_cmd = ifd32->ifd_cmd;
3067 		thunk.ifd.ifd_len = ifd32->ifd_len;
3068 		thunk.ifd.ifd_data = PTRIN(ifd32->ifd_data);
3069 		data = (caddr_t)&thunk.ifd;
3070 		cmd = _IOC_NEWTYPE(cmd, struct ifdrv);
3071 		break;
3072 	case SIOCAIFGROUP32:
3073 	case SIOCGIFGROUP32:
3074 	case SIOCDIFGROUP32:
3075 	case SIOCGIFGMEMB32:
3076 		ifgr32 = (struct ifgroupreq32 *)data;
3077 		memcpy(thunk.ifgr.ifgr_name, ifgr32->ifgr_name,
3078 		    sizeof(thunk.ifgr.ifgr_name));
3079 		thunk.ifgr.ifgr_len = ifgr32->ifgr_len;
3080 		switch (cmd) {
3081 		case SIOCAIFGROUP32:
3082 		case SIOCDIFGROUP32:
3083 			memcpy(thunk.ifgr.ifgr_group, ifgr32->ifgr_group,
3084 			    sizeof(thunk.ifgr.ifgr_group));
3085 			break;
3086 		case SIOCGIFGROUP32:
3087 		case SIOCGIFGMEMB32:
3088 			thunk.ifgr.ifgr_groups = PTRIN(ifgr32->ifgr_groups);
3089 			break;
3090 		}
3091 		data = (caddr_t)&thunk.ifgr;
3092 		cmd = _IOC_NEWTYPE(cmd, struct ifgroupreq);
3093 		break;
3094 	case SIOCGIFMEDIA32:
3095 	case SIOCGIFXMEDIA32:
3096 		ifmr32 = (struct ifmediareq32 *)data;
3097 		memcpy(thunk.ifmr.ifm_name, ifmr32->ifm_name,
3098 		    sizeof(thunk.ifmr.ifm_name));
3099 		thunk.ifmr.ifm_current = ifmr32->ifm_current;
3100 		thunk.ifmr.ifm_mask = ifmr32->ifm_mask;
3101 		thunk.ifmr.ifm_status = ifmr32->ifm_status;
3102 		thunk.ifmr.ifm_active = ifmr32->ifm_active;
3103 		thunk.ifmr.ifm_count = ifmr32->ifm_count;
3104 		thunk.ifmr.ifm_ulist = PTRIN(ifmr32->ifm_ulist);
3105 		data = (caddr_t)&thunk.ifmr;
3106 		cmd = _IOC_NEWTYPE(cmd, struct ifmediareq);
3107 		break;
3108 	}
3109 #endif
3110 
3111 	switch (cmd) {
3112 	case SIOCGIFCONF:
3113 		error = ifconf(cmd, data);
3114 		goto out_noref;
3115 	}
3116 
3117 	ifr = (struct ifreq *)data;
3118 	switch (cmd) {
3119 #ifdef VIMAGE
3120 	case SIOCSIFRVNET:
3121 		error = priv_check(td, PRIV_NET_SETIFVNET);
3122 		if (error == 0)
3123 			error = if_vmove_reclaim(td, ifr->ifr_name,
3124 			    ifr->ifr_jid);
3125 		goto out_noref;
3126 #endif
3127 	case SIOCIFCREATE:
3128 	case SIOCIFCREATE2:
3129 		error = priv_check(td, PRIV_NET_IFCREATE);
3130 		if (error == 0)
3131 			error = if_clone_create(ifr->ifr_name,
3132 			    sizeof(ifr->ifr_name), cmd == SIOCIFCREATE2 ?
3133 			    ifr_data_get_ptr(ifr) : NULL);
3134 		goto out_noref;
3135 	case SIOCIFDESTROY:
3136 		error = priv_check(td, PRIV_NET_IFDESTROY);
3137 
3138 		if (error == 0) {
3139 			sx_xlock(&ifnet_detach_sxlock);
3140 			error = if_clone_destroy(ifr->ifr_name);
3141 			sx_xunlock(&ifnet_detach_sxlock);
3142 		}
3143 		goto out_noref;
3144 
3145 	case SIOCIFGCLONERS:
3146 		error = if_clone_list((struct if_clonereq *)data);
3147 		goto out_noref;
3148 
3149 	case SIOCGIFGMEMB:
3150 		error = if_getgroupmembers((struct ifgroupreq *)data);
3151 		goto out_noref;
3152 
3153 #if defined(INET) || defined(INET6)
3154 	case SIOCSVH:
3155 	case SIOCGVH:
3156 		if (carp_ioctl_p == NULL)
3157 			error = EPROTONOSUPPORT;
3158 		else
3159 			error = (*carp_ioctl_p)(ifr, cmd, td);
3160 		goto out_noref;
3161 #endif
3162 	}
3163 
3164 	ifp = ifunit_ref(ifr->ifr_name);
3165 	if (ifp == NULL) {
3166 		error = ENXIO;
3167 		goto out_noref;
3168 	}
3169 
3170 	error = ifhwioctl(cmd, ifp, data, td);
3171 	if (error != ENOIOCTL)
3172 		goto out_ref;
3173 
3174 	oif_flags = ifp->if_flags;
3175 	if (so->so_proto == NULL) {
3176 		error = EOPNOTSUPP;
3177 		goto out_ref;
3178 	}
3179 
3180 	/*
3181 	 * Pass the request on to the socket control method, and if the
3182 	 * latter returns EOPNOTSUPP, directly to the interface.
3183 	 *
3184 	 * Make an exception for the legacy SIOCSIF* requests.  Drivers
3185 	 * trust SIOCSIFADDR et al to come from an already privileged
3186 	 * layer, and do not perform any credentials checks or input
3187 	 * validation.
3188 	 */
3189 	error = ((*so->so_proto->pr_usrreqs->pru_control)(so, cmd, data,
3190 	    ifp, td));
3191 	if (error == EOPNOTSUPP && ifp != NULL && ifp->if_ioctl != NULL &&
3192 	    cmd != SIOCSIFADDR && cmd != SIOCSIFBRDADDR &&
3193 	    cmd != SIOCSIFDSTADDR && cmd != SIOCSIFNETMASK)
3194 		error = (*ifp->if_ioctl)(ifp, cmd, data);
3195 
3196 	if ((oif_flags ^ ifp->if_flags) & IFF_UP) {
3197 #ifdef INET6
3198 		if (ifp->if_flags & IFF_UP)
3199 			in6_if_up(ifp);
3200 #endif
3201 	}
3202 
3203 out_ref:
3204 	if_rele(ifp);
3205 out_noref:
3206 	CURVNET_RESTORE();
3207 #ifdef COMPAT_FREEBSD32
3208 	if (error != 0)
3209 		return (error);
3210 	switch (saved_cmd) {
3211 	case SIOCGIFCONF32:
3212 		ifc32->ifc_len = thunk.ifc.ifc_len;
3213 		break;
3214 	case SIOCGDRVSPEC32:
3215 		/*
3216 		 * SIOCGDRVSPEC is IOWR, but nothing actually touches
3217 		 * the struct so just assert that ifd_len (the only
3218 		 * field it might make sense to update) hasn't
3219 		 * changed.
3220 		 */
3221 		KASSERT(thunk.ifd.ifd_len == ifd32->ifd_len,
3222 		    ("ifd_len was updated %u -> %zu", ifd32->ifd_len,
3223 			thunk.ifd.ifd_len));
3224 		break;
3225 	case SIOCGIFGROUP32:
3226 	case SIOCGIFGMEMB32:
3227 		ifgr32->ifgr_len = thunk.ifgr.ifgr_len;
3228 		break;
3229 	case SIOCGIFMEDIA32:
3230 	case SIOCGIFXMEDIA32:
3231 		ifmr32->ifm_current = thunk.ifmr.ifm_current;
3232 		ifmr32->ifm_mask = thunk.ifmr.ifm_mask;
3233 		ifmr32->ifm_status = thunk.ifmr.ifm_status;
3234 		ifmr32->ifm_active = thunk.ifmr.ifm_active;
3235 		ifmr32->ifm_count = thunk.ifmr.ifm_count;
3236 		break;
3237 	}
3238 #endif
3239 	return (error);
3240 }
3241 
3242 /*
3243  * The code common to handling reference counted flags,
3244  * e.g., in ifpromisc() and if_allmulti().
3245  * The "pflag" argument can specify a permanent mode flag to check,
3246  * such as IFF_PPROMISC for promiscuous mode; should be 0 if none.
3247  *
3248  * Only to be used on stack-owned flags, not driver-owned flags.
3249  */
3250 static int
3251 if_setflag(struct ifnet *ifp, int flag, int pflag, int *refcount, int onswitch)
3252 {
3253 	struct ifreq ifr;
3254 	int error;
3255 	int oldflags, oldcount;
3256 
3257 	/* Sanity checks to catch programming errors */
3258 	KASSERT((flag & (IFF_DRV_OACTIVE|IFF_DRV_RUNNING)) == 0,
3259 	    ("%s: setting driver-owned flag %d", __func__, flag));
3260 
3261 	if (onswitch)
3262 		KASSERT(*refcount >= 0,
3263 		    ("%s: increment negative refcount %d for flag %d",
3264 		    __func__, *refcount, flag));
3265 	else
3266 		KASSERT(*refcount > 0,
3267 		    ("%s: decrement non-positive refcount %d for flag %d",
3268 		    __func__, *refcount, flag));
3269 
3270 	/* In case this mode is permanent, just touch refcount */
3271 	if (ifp->if_flags & pflag) {
3272 		*refcount += onswitch ? 1 : -1;
3273 		return (0);
3274 	}
3275 
3276 	/* Save ifnet parameters for if_ioctl() may fail */
3277 	oldcount = *refcount;
3278 	oldflags = ifp->if_flags;
3279 
3280 	/*
3281 	 * See if we aren't the only and touching refcount is enough.
3282 	 * Actually toggle interface flag if we are the first or last.
3283 	 */
3284 	if (onswitch) {
3285 		if ((*refcount)++)
3286 			return (0);
3287 		ifp->if_flags |= flag;
3288 	} else {
3289 		if (--(*refcount))
3290 			return (0);
3291 		ifp->if_flags &= ~flag;
3292 	}
3293 
3294 	/* Call down the driver since we've changed interface flags */
3295 	if (ifp->if_ioctl == NULL) {
3296 		error = EOPNOTSUPP;
3297 		goto recover;
3298 	}
3299 	ifr.ifr_flags = ifp->if_flags & 0xffff;
3300 	ifr.ifr_flagshigh = ifp->if_flags >> 16;
3301 	error = (*ifp->if_ioctl)(ifp, SIOCSIFFLAGS, (caddr_t)&ifr);
3302 	if (error)
3303 		goto recover;
3304 	/* Notify userland that interface flags have changed */
3305 	rt_ifmsg(ifp);
3306 	return (0);
3307 
3308 recover:
3309 	/* Recover after driver error */
3310 	*refcount = oldcount;
3311 	ifp->if_flags = oldflags;
3312 	return (error);
3313 }
3314 
3315 /*
3316  * Set/clear promiscuous mode on interface ifp based on the truth value
3317  * of pswitch.  The calls are reference counted so that only the first
3318  * "on" request actually has an effect, as does the final "off" request.
3319  * Results are undefined if the "off" and "on" requests are not matched.
3320  */
3321 int
3322 ifpromisc(struct ifnet *ifp, int pswitch)
3323 {
3324 	int error;
3325 	int oldflags = ifp->if_flags;
3326 
3327 	error = if_setflag(ifp, IFF_PROMISC, IFF_PPROMISC,
3328 			   &ifp->if_pcount, pswitch);
3329 	/* If promiscuous mode status has changed, log a message */
3330 	if (error == 0 && ((ifp->if_flags ^ oldflags) & IFF_PROMISC) &&
3331             log_promisc_mode_change)
3332 		if_printf(ifp, "promiscuous mode %s\n",
3333 		    (ifp->if_flags & IFF_PROMISC) ? "enabled" : "disabled");
3334 	return (error);
3335 }
3336 
3337 /*
3338  * Return interface configuration
3339  * of system.  List may be used
3340  * in later ioctl's (above) to get
3341  * other information.
3342  */
3343 /*ARGSUSED*/
3344 static int
3345 ifconf(u_long cmd, caddr_t data)
3346 {
3347 	struct ifconf *ifc = (struct ifconf *)data;
3348 	struct ifnet *ifp;
3349 	struct ifaddr *ifa;
3350 	struct ifreq ifr;
3351 	struct sbuf *sb;
3352 	int error, full = 0, valid_len, max_len;
3353 
3354 	/* Limit initial buffer size to maxphys to avoid DoS from userspace. */
3355 	max_len = maxphys - 1;
3356 
3357 	/* Prevent hostile input from being able to crash the system */
3358 	if (ifc->ifc_len <= 0)
3359 		return (EINVAL);
3360 
3361 again:
3362 	if (ifc->ifc_len <= max_len) {
3363 		max_len = ifc->ifc_len;
3364 		full = 1;
3365 	}
3366 	sb = sbuf_new(NULL, NULL, max_len + 1, SBUF_FIXEDLEN);
3367 	max_len = 0;
3368 	valid_len = 0;
3369 
3370 	IFNET_RLOCK();
3371 	CK_STAILQ_FOREACH(ifp, &V_ifnet, if_link) {
3372 		struct epoch_tracker et;
3373 		int addrs;
3374 
3375 		/*
3376 		 * Zero the ifr to make sure we don't disclose the contents
3377 		 * of the stack.
3378 		 */
3379 		memset(&ifr, 0, sizeof(ifr));
3380 
3381 		if (strlcpy(ifr.ifr_name, ifp->if_xname, sizeof(ifr.ifr_name))
3382 		    >= sizeof(ifr.ifr_name)) {
3383 			sbuf_delete(sb);
3384 			IFNET_RUNLOCK();
3385 			return (ENAMETOOLONG);
3386 		}
3387 
3388 		addrs = 0;
3389 		NET_EPOCH_ENTER(et);
3390 		CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
3391 			struct sockaddr *sa = ifa->ifa_addr;
3392 
3393 			if (prison_if(curthread->td_ucred, sa) != 0)
3394 				continue;
3395 			addrs++;
3396 			if (sa->sa_len <= sizeof(*sa)) {
3397 				if (sa->sa_len < sizeof(*sa)) {
3398 					memset(&ifr.ifr_ifru.ifru_addr, 0,
3399 					    sizeof(ifr.ifr_ifru.ifru_addr));
3400 					memcpy(&ifr.ifr_ifru.ifru_addr, sa,
3401 					    sa->sa_len);
3402 				} else
3403 					ifr.ifr_ifru.ifru_addr = *sa;
3404 				sbuf_bcat(sb, &ifr, sizeof(ifr));
3405 				max_len += sizeof(ifr);
3406 			} else {
3407 				sbuf_bcat(sb, &ifr,
3408 				    offsetof(struct ifreq, ifr_addr));
3409 				max_len += offsetof(struct ifreq, ifr_addr);
3410 				sbuf_bcat(sb, sa, sa->sa_len);
3411 				max_len += sa->sa_len;
3412 			}
3413 
3414 			if (sbuf_error(sb) == 0)
3415 				valid_len = sbuf_len(sb);
3416 		}
3417 		NET_EPOCH_EXIT(et);
3418 		if (addrs == 0) {
3419 			sbuf_bcat(sb, &ifr, sizeof(ifr));
3420 			max_len += sizeof(ifr);
3421 
3422 			if (sbuf_error(sb) == 0)
3423 				valid_len = sbuf_len(sb);
3424 		}
3425 	}
3426 	IFNET_RUNLOCK();
3427 
3428 	/*
3429 	 * If we didn't allocate enough space (uncommon), try again.  If
3430 	 * we have already allocated as much space as we are allowed,
3431 	 * return what we've got.
3432 	 */
3433 	if (valid_len != max_len && !full) {
3434 		sbuf_delete(sb);
3435 		goto again;
3436 	}
3437 
3438 	ifc->ifc_len = valid_len;
3439 	sbuf_finish(sb);
3440 	error = copyout(sbuf_data(sb), ifc->ifc_req, ifc->ifc_len);
3441 	sbuf_delete(sb);
3442 	return (error);
3443 }
3444 
3445 /*
3446  * Just like ifpromisc(), but for all-multicast-reception mode.
3447  */
3448 int
3449 if_allmulti(struct ifnet *ifp, int onswitch)
3450 {
3451 
3452 	return (if_setflag(ifp, IFF_ALLMULTI, 0, &ifp->if_amcount, onswitch));
3453 }
3454 
3455 struct ifmultiaddr *
3456 if_findmulti(struct ifnet *ifp, const struct sockaddr *sa)
3457 {
3458 	struct ifmultiaddr *ifma;
3459 
3460 	IF_ADDR_LOCK_ASSERT(ifp);
3461 
3462 	CK_STAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) {
3463 		if (sa->sa_family == AF_LINK) {
3464 			if (sa_dl_equal(ifma->ifma_addr, sa))
3465 				break;
3466 		} else {
3467 			if (sa_equal(ifma->ifma_addr, sa))
3468 				break;
3469 		}
3470 	}
3471 
3472 	return ifma;
3473 }
3474 
3475 /*
3476  * Allocate a new ifmultiaddr and initialize based on passed arguments.  We
3477  * make copies of passed sockaddrs.  The ifmultiaddr will not be added to
3478  * the ifnet multicast address list here, so the caller must do that and
3479  * other setup work (such as notifying the device driver).  The reference
3480  * count is initialized to 1.
3481  */
3482 static struct ifmultiaddr *
3483 if_allocmulti(struct ifnet *ifp, struct sockaddr *sa, struct sockaddr *llsa,
3484     int mflags)
3485 {
3486 	struct ifmultiaddr *ifma;
3487 	struct sockaddr *dupsa;
3488 
3489 	ifma = malloc(sizeof *ifma, M_IFMADDR, mflags |
3490 	    M_ZERO);
3491 	if (ifma == NULL)
3492 		return (NULL);
3493 
3494 	dupsa = malloc(sa->sa_len, M_IFMADDR, mflags);
3495 	if (dupsa == NULL) {
3496 		free(ifma, M_IFMADDR);
3497 		return (NULL);
3498 	}
3499 	bcopy(sa, dupsa, sa->sa_len);
3500 	ifma->ifma_addr = dupsa;
3501 
3502 	ifma->ifma_ifp = ifp;
3503 	ifma->ifma_refcount = 1;
3504 	ifma->ifma_protospec = NULL;
3505 
3506 	if (llsa == NULL) {
3507 		ifma->ifma_lladdr = NULL;
3508 		return (ifma);
3509 	}
3510 
3511 	dupsa = malloc(llsa->sa_len, M_IFMADDR, mflags);
3512 	if (dupsa == NULL) {
3513 		free(ifma->ifma_addr, M_IFMADDR);
3514 		free(ifma, M_IFMADDR);
3515 		return (NULL);
3516 	}
3517 	bcopy(llsa, dupsa, llsa->sa_len);
3518 	ifma->ifma_lladdr = dupsa;
3519 
3520 	return (ifma);
3521 }
3522 
3523 /*
3524  * if_freemulti: free ifmultiaddr structure and possibly attached related
3525  * addresses.  The caller is responsible for implementing reference
3526  * counting, notifying the driver, handling routing messages, and releasing
3527  * any dependent link layer state.
3528  */
3529 #ifdef MCAST_VERBOSE
3530 extern void kdb_backtrace(void);
3531 #endif
3532 static void
3533 if_freemulti_internal(struct ifmultiaddr *ifma)
3534 {
3535 
3536 	KASSERT(ifma->ifma_refcount == 0, ("if_freemulti: refcount %d",
3537 	    ifma->ifma_refcount));
3538 
3539 	if (ifma->ifma_lladdr != NULL)
3540 		free(ifma->ifma_lladdr, M_IFMADDR);
3541 #ifdef MCAST_VERBOSE
3542 	kdb_backtrace();
3543 	printf("%s freeing ifma: %p\n", __func__, ifma);
3544 #endif
3545 	free(ifma->ifma_addr, M_IFMADDR);
3546 	free(ifma, M_IFMADDR);
3547 }
3548 
3549 static void
3550 if_destroymulti(epoch_context_t ctx)
3551 {
3552 	struct ifmultiaddr *ifma;
3553 
3554 	ifma = __containerof(ctx, struct ifmultiaddr, ifma_epoch_ctx);
3555 	if_freemulti_internal(ifma);
3556 }
3557 
3558 void
3559 if_freemulti(struct ifmultiaddr *ifma)
3560 {
3561 	KASSERT(ifma->ifma_refcount == 0, ("if_freemulti_epoch: refcount %d",
3562 	    ifma->ifma_refcount));
3563 
3564 	NET_EPOCH_CALL(if_destroymulti, &ifma->ifma_epoch_ctx);
3565 }
3566 
3567 /*
3568  * Register an additional multicast address with a network interface.
3569  *
3570  * - If the address is already present, bump the reference count on the
3571  *   address and return.
3572  * - If the address is not link-layer, look up a link layer address.
3573  * - Allocate address structures for one or both addresses, and attach to the
3574  *   multicast address list on the interface.  If automatically adding a link
3575  *   layer address, the protocol address will own a reference to the link
3576  *   layer address, to be freed when it is freed.
3577  * - Notify the network device driver of an addition to the multicast address
3578  *   list.
3579  *
3580  * 'sa' points to caller-owned memory with the desired multicast address.
3581  *
3582  * 'retifma' will be used to return a pointer to the resulting multicast
3583  * address reference, if desired.
3584  */
3585 int
3586 if_addmulti(struct ifnet *ifp, struct sockaddr *sa,
3587     struct ifmultiaddr **retifma)
3588 {
3589 	struct ifmultiaddr *ifma, *ll_ifma;
3590 	struct sockaddr *llsa;
3591 	struct sockaddr_dl sdl;
3592 	int error;
3593 
3594 #ifdef INET
3595 	IN_MULTI_LIST_UNLOCK_ASSERT();
3596 #endif
3597 #ifdef INET6
3598 	IN6_MULTI_LIST_UNLOCK_ASSERT();
3599 #endif
3600 	/*
3601 	 * If the address is already present, return a new reference to it;
3602 	 * otherwise, allocate storage and set up a new address.
3603 	 */
3604 	IF_ADDR_WLOCK(ifp);
3605 	ifma = if_findmulti(ifp, sa);
3606 	if (ifma != NULL) {
3607 		ifma->ifma_refcount++;
3608 		if (retifma != NULL)
3609 			*retifma = ifma;
3610 		IF_ADDR_WUNLOCK(ifp);
3611 		return (0);
3612 	}
3613 
3614 	/*
3615 	 * The address isn't already present; resolve the protocol address
3616 	 * into a link layer address, and then look that up, bump its
3617 	 * refcount or allocate an ifma for that also.
3618 	 * Most link layer resolving functions returns address data which
3619 	 * fits inside default sockaddr_dl structure. However callback
3620 	 * can allocate another sockaddr structure, in that case we need to
3621 	 * free it later.
3622 	 */
3623 	llsa = NULL;
3624 	ll_ifma = NULL;
3625 	if (ifp->if_resolvemulti != NULL) {
3626 		/* Provide called function with buffer size information */
3627 		sdl.sdl_len = sizeof(sdl);
3628 		llsa = (struct sockaddr *)&sdl;
3629 		error = ifp->if_resolvemulti(ifp, &llsa, sa);
3630 		if (error)
3631 			goto unlock_out;
3632 	}
3633 
3634 	/*
3635 	 * Allocate the new address.  Don't hook it up yet, as we may also
3636 	 * need to allocate a link layer multicast address.
3637 	 */
3638 	ifma = if_allocmulti(ifp, sa, llsa, M_NOWAIT);
3639 	if (ifma == NULL) {
3640 		error = ENOMEM;
3641 		goto free_llsa_out;
3642 	}
3643 
3644 	/*
3645 	 * If a link layer address is found, we'll need to see if it's
3646 	 * already present in the address list, or allocate is as well.
3647 	 * When this block finishes, the link layer address will be on the
3648 	 * list.
3649 	 */
3650 	if (llsa != NULL) {
3651 		ll_ifma = if_findmulti(ifp, llsa);
3652 		if (ll_ifma == NULL) {
3653 			ll_ifma = if_allocmulti(ifp, llsa, NULL, M_NOWAIT);
3654 			if (ll_ifma == NULL) {
3655 				--ifma->ifma_refcount;
3656 				if_freemulti(ifma);
3657 				error = ENOMEM;
3658 				goto free_llsa_out;
3659 			}
3660 			ll_ifma->ifma_flags |= IFMA_F_ENQUEUED;
3661 			CK_STAILQ_INSERT_HEAD(&ifp->if_multiaddrs, ll_ifma,
3662 			    ifma_link);
3663 		} else
3664 			ll_ifma->ifma_refcount++;
3665 		ifma->ifma_llifma = ll_ifma;
3666 	}
3667 
3668 	/*
3669 	 * We now have a new multicast address, ifma, and possibly a new or
3670 	 * referenced link layer address.  Add the primary address to the
3671 	 * ifnet address list.
3672 	 */
3673 	ifma->ifma_flags |= IFMA_F_ENQUEUED;
3674 	CK_STAILQ_INSERT_HEAD(&ifp->if_multiaddrs, ifma, ifma_link);
3675 
3676 	if (retifma != NULL)
3677 		*retifma = ifma;
3678 
3679 	/*
3680 	 * Must generate the message while holding the lock so that 'ifma'
3681 	 * pointer is still valid.
3682 	 */
3683 	rt_newmaddrmsg(RTM_NEWMADDR, ifma);
3684 	IF_ADDR_WUNLOCK(ifp);
3685 
3686 	/*
3687 	 * We are certain we have added something, so call down to the
3688 	 * interface to let them know about it.
3689 	 */
3690 	if (ifp->if_ioctl != NULL) {
3691 		if (THREAD_CAN_SLEEP())
3692 			(void )(*ifp->if_ioctl)(ifp, SIOCADDMULTI, 0);
3693 		else
3694 			taskqueue_enqueue(taskqueue_swi, &ifp->if_addmultitask);
3695 	}
3696 
3697 	if ((llsa != NULL) && (llsa != (struct sockaddr *)&sdl))
3698 		link_free_sdl(llsa);
3699 
3700 	return (0);
3701 
3702 free_llsa_out:
3703 	if ((llsa != NULL) && (llsa != (struct sockaddr *)&sdl))
3704 		link_free_sdl(llsa);
3705 
3706 unlock_out:
3707 	IF_ADDR_WUNLOCK(ifp);
3708 	return (error);
3709 }
3710 
3711 static void
3712 if_siocaddmulti(void *arg, int pending)
3713 {
3714 	struct ifnet *ifp;
3715 
3716 	ifp = arg;
3717 #ifdef DIAGNOSTIC
3718 	if (pending > 1)
3719 		if_printf(ifp, "%d SIOCADDMULTI coalesced\n", pending);
3720 #endif
3721 	CURVNET_SET(ifp->if_vnet);
3722 	(void )(*ifp->if_ioctl)(ifp, SIOCADDMULTI, 0);
3723 	CURVNET_RESTORE();
3724 }
3725 
3726 /*
3727  * Delete a multicast group membership by network-layer group address.
3728  *
3729  * Returns ENOENT if the entry could not be found. If ifp no longer
3730  * exists, results are undefined. This entry point should only be used
3731  * from subsystems which do appropriate locking to hold ifp for the
3732  * duration of the call.
3733  * Network-layer protocol domains must use if_delmulti_ifma().
3734  */
3735 int
3736 if_delmulti(struct ifnet *ifp, struct sockaddr *sa)
3737 {
3738 	struct ifmultiaddr *ifma;
3739 	int lastref;
3740 
3741 	KASSERT(ifp, ("%s: NULL ifp", __func__));
3742 
3743 	IF_ADDR_WLOCK(ifp);
3744 	lastref = 0;
3745 	ifma = if_findmulti(ifp, sa);
3746 	if (ifma != NULL)
3747 		lastref = if_delmulti_locked(ifp, ifma, 0);
3748 	IF_ADDR_WUNLOCK(ifp);
3749 
3750 	if (ifma == NULL)
3751 		return (ENOENT);
3752 
3753 	if (lastref && ifp->if_ioctl != NULL) {
3754 		(void)(*ifp->if_ioctl)(ifp, SIOCDELMULTI, 0);
3755 	}
3756 
3757 	return (0);
3758 }
3759 
3760 /*
3761  * Delete all multicast group membership for an interface.
3762  * Should be used to quickly flush all multicast filters.
3763  */
3764 void
3765 if_delallmulti(struct ifnet *ifp)
3766 {
3767 	struct ifmultiaddr *ifma;
3768 	struct ifmultiaddr *next;
3769 
3770 	IF_ADDR_WLOCK(ifp);
3771 	CK_STAILQ_FOREACH_SAFE(ifma, &ifp->if_multiaddrs, ifma_link, next)
3772 		if_delmulti_locked(ifp, ifma, 0);
3773 	IF_ADDR_WUNLOCK(ifp);
3774 }
3775 
3776 void
3777 if_delmulti_ifma(struct ifmultiaddr *ifma)
3778 {
3779 	if_delmulti_ifma_flags(ifma, 0);
3780 }
3781 
3782 /*
3783  * Delete a multicast group membership by group membership pointer.
3784  * Network-layer protocol domains must use this routine.
3785  *
3786  * It is safe to call this routine if the ifp disappeared.
3787  */
3788 void
3789 if_delmulti_ifma_flags(struct ifmultiaddr *ifma, int flags)
3790 {
3791 	struct ifnet *ifp;
3792 	int lastref;
3793 	MCDPRINTF("%s freeing ifma: %p\n", __func__, ifma);
3794 #ifdef INET
3795 	IN_MULTI_LIST_UNLOCK_ASSERT();
3796 #endif
3797 	ifp = ifma->ifma_ifp;
3798 #ifdef DIAGNOSTIC
3799 	if (ifp == NULL) {
3800 		printf("%s: ifma_ifp seems to be detached\n", __func__);
3801 	} else {
3802 		struct epoch_tracker et;
3803 		struct ifnet *oifp;
3804 
3805 		NET_EPOCH_ENTER(et);
3806 		CK_STAILQ_FOREACH(oifp, &V_ifnet, if_link)
3807 			if (ifp == oifp)
3808 				break;
3809 		NET_EPOCH_EXIT(et);
3810 		if (ifp != oifp)
3811 			ifp = NULL;
3812 	}
3813 #endif
3814 	/*
3815 	 * If and only if the ifnet instance exists: Acquire the address lock.
3816 	 */
3817 	if (ifp != NULL)
3818 		IF_ADDR_WLOCK(ifp);
3819 
3820 	lastref = if_delmulti_locked(ifp, ifma, flags);
3821 
3822 	if (ifp != NULL) {
3823 		/*
3824 		 * If and only if the ifnet instance exists:
3825 		 *  Release the address lock.
3826 		 *  If the group was left: update the hardware hash filter.
3827 		 */
3828 		IF_ADDR_WUNLOCK(ifp);
3829 		if (lastref && ifp->if_ioctl != NULL) {
3830 			(void)(*ifp->if_ioctl)(ifp, SIOCDELMULTI, 0);
3831 		}
3832 	}
3833 }
3834 
3835 /*
3836  * Perform deletion of network-layer and/or link-layer multicast address.
3837  *
3838  * Return 0 if the reference count was decremented.
3839  * Return 1 if the final reference was released, indicating that the
3840  * hardware hash filter should be reprogrammed.
3841  */
3842 static int
3843 if_delmulti_locked(struct ifnet *ifp, struct ifmultiaddr *ifma, int detaching)
3844 {
3845 	struct ifmultiaddr *ll_ifma;
3846 
3847 	if (ifp != NULL && ifma->ifma_ifp != NULL) {
3848 		KASSERT(ifma->ifma_ifp == ifp,
3849 		    ("%s: inconsistent ifp %p", __func__, ifp));
3850 		IF_ADDR_WLOCK_ASSERT(ifp);
3851 	}
3852 
3853 	ifp = ifma->ifma_ifp;
3854 	MCDPRINTF("%s freeing %p from %s \n", __func__, ifma, ifp ? ifp->if_xname : "");
3855 
3856 	/*
3857 	 * If the ifnet is detaching, null out references to ifnet,
3858 	 * so that upper protocol layers will notice, and not attempt
3859 	 * to obtain locks for an ifnet which no longer exists. The
3860 	 * routing socket announcement must happen before the ifnet
3861 	 * instance is detached from the system.
3862 	 */
3863 	if (detaching) {
3864 #ifdef DIAGNOSTIC
3865 		printf("%s: detaching ifnet instance %p\n", __func__, ifp);
3866 #endif
3867 		/*
3868 		 * ifp may already be nulled out if we are being reentered
3869 		 * to delete the ll_ifma.
3870 		 */
3871 		if (ifp != NULL) {
3872 			rt_newmaddrmsg(RTM_DELMADDR, ifma);
3873 			ifma->ifma_ifp = NULL;
3874 		}
3875 	}
3876 
3877 	if (--ifma->ifma_refcount > 0)
3878 		return 0;
3879 
3880 	if (ifp != NULL && detaching == 0 && (ifma->ifma_flags & IFMA_F_ENQUEUED)) {
3881 		CK_STAILQ_REMOVE(&ifp->if_multiaddrs, ifma, ifmultiaddr, ifma_link);
3882 		ifma->ifma_flags &= ~IFMA_F_ENQUEUED;
3883 	}
3884 	/*
3885 	 * If this ifma is a network-layer ifma, a link-layer ifma may
3886 	 * have been associated with it. Release it first if so.
3887 	 */
3888 	ll_ifma = ifma->ifma_llifma;
3889 	if (ll_ifma != NULL) {
3890 		KASSERT(ifma->ifma_lladdr != NULL,
3891 		    ("%s: llifma w/o lladdr", __func__));
3892 		if (detaching)
3893 			ll_ifma->ifma_ifp = NULL;	/* XXX */
3894 		if (--ll_ifma->ifma_refcount == 0) {
3895 			if (ifp != NULL) {
3896 				if (ll_ifma->ifma_flags & IFMA_F_ENQUEUED) {
3897 					CK_STAILQ_REMOVE(&ifp->if_multiaddrs, ll_ifma, ifmultiaddr,
3898 						ifma_link);
3899 					ll_ifma->ifma_flags &= ~IFMA_F_ENQUEUED;
3900 				}
3901 			}
3902 			if_freemulti(ll_ifma);
3903 		}
3904 	}
3905 #ifdef INVARIANTS
3906 	if (ifp) {
3907 		struct ifmultiaddr *ifmatmp;
3908 
3909 		CK_STAILQ_FOREACH(ifmatmp, &ifp->if_multiaddrs, ifma_link)
3910 			MPASS(ifma != ifmatmp);
3911 	}
3912 #endif
3913 	if_freemulti(ifma);
3914 	/*
3915 	 * The last reference to this instance of struct ifmultiaddr
3916 	 * was released; the hardware should be notified of this change.
3917 	 */
3918 	return 1;
3919 }
3920 
3921 /*
3922  * Set the link layer address on an interface.
3923  *
3924  * At this time we only support certain types of interfaces,
3925  * and we don't allow the length of the address to change.
3926  *
3927  * Set noinline to be dtrace-friendly
3928  */
3929 __noinline int
3930 if_setlladdr(struct ifnet *ifp, const u_char *lladdr, int len)
3931 {
3932 	struct sockaddr_dl *sdl;
3933 	struct ifaddr *ifa;
3934 	struct ifreq ifr;
3935 
3936 	ifa = ifp->if_addr;
3937 	if (ifa == NULL)
3938 		return (EINVAL);
3939 
3940 	sdl = (struct sockaddr_dl *)ifa->ifa_addr;
3941 	if (sdl == NULL)
3942 		return (EINVAL);
3943 
3944 	if (len != sdl->sdl_alen)	/* don't allow length to change */
3945 		return (EINVAL);
3946 
3947 	switch (ifp->if_type) {
3948 	case IFT_ETHER:
3949 	case IFT_XETHER:
3950 	case IFT_L2VLAN:
3951 	case IFT_BRIDGE:
3952 	case IFT_IEEE8023ADLAG:
3953 		bcopy(lladdr, LLADDR(sdl), len);
3954 		break;
3955 	default:
3956 		return (ENODEV);
3957 	}
3958 
3959 	/*
3960 	 * If the interface is already up, we need
3961 	 * to re-init it in order to reprogram its
3962 	 * address filter.
3963 	 */
3964 	if ((ifp->if_flags & IFF_UP) != 0) {
3965 		if (ifp->if_ioctl) {
3966 			ifp->if_flags &= ~IFF_UP;
3967 			ifr.ifr_flags = ifp->if_flags & 0xffff;
3968 			ifr.ifr_flagshigh = ifp->if_flags >> 16;
3969 			(*ifp->if_ioctl)(ifp, SIOCSIFFLAGS, (caddr_t)&ifr);
3970 			ifp->if_flags |= IFF_UP;
3971 			ifr.ifr_flags = ifp->if_flags & 0xffff;
3972 			ifr.ifr_flagshigh = ifp->if_flags >> 16;
3973 			(*ifp->if_ioctl)(ifp, SIOCSIFFLAGS, (caddr_t)&ifr);
3974 		}
3975 	}
3976 	EVENTHANDLER_INVOKE(iflladdr_event, ifp);
3977 
3978 	return (0);
3979 }
3980 
3981 /*
3982  * Compat function for handling basic encapsulation requests.
3983  * Not converted stacks (FDDI, IB, ..) supports traditional
3984  * output model: ARP (and other similar L2 protocols) are handled
3985  * inside output routine, arpresolve/nd6_resolve() returns MAC
3986  * address instead of full prepend.
3987  *
3988  * This function creates calculated header==MAC for IPv4/IPv6 and
3989  * returns EAFNOSUPPORT (which is then handled in ARP code) for other
3990  * address families.
3991  */
3992 static int
3993 if_requestencap_default(struct ifnet *ifp, struct if_encap_req *req)
3994 {
3995 
3996 	if (req->rtype != IFENCAP_LL)
3997 		return (EOPNOTSUPP);
3998 
3999 	if (req->bufsize < req->lladdr_len)
4000 		return (ENOMEM);
4001 
4002 	switch (req->family) {
4003 	case AF_INET:
4004 	case AF_INET6:
4005 		break;
4006 	default:
4007 		return (EAFNOSUPPORT);
4008 	}
4009 
4010 	/* Copy lladdr to storage as is */
4011 	memmove(req->buf, req->lladdr, req->lladdr_len);
4012 	req->bufsize = req->lladdr_len;
4013 	req->lladdr_off = 0;
4014 
4015 	return (0);
4016 }
4017 
4018 /*
4019  * Tunnel interfaces can nest, also they may cause infinite recursion
4020  * calls when misconfigured. We'll prevent this by detecting loops.
4021  * High nesting level may cause stack exhaustion. We'll prevent this
4022  * by introducing upper limit.
4023  *
4024  * Return 0, if tunnel nesting count is equal or less than limit.
4025  */
4026 int
4027 if_tunnel_check_nesting(struct ifnet *ifp, struct mbuf *m, uint32_t cookie,
4028     int limit)
4029 {
4030 	struct m_tag *mtag;
4031 	int count;
4032 
4033 	count = 1;
4034 	mtag = NULL;
4035 	while ((mtag = m_tag_locate(m, cookie, 0, mtag)) != NULL) {
4036 		if (*(struct ifnet **)(mtag + 1) == ifp) {
4037 			log(LOG_NOTICE, "%s: loop detected\n", if_name(ifp));
4038 			return (EIO);
4039 		}
4040 		count++;
4041 	}
4042 	if (count > limit) {
4043 		log(LOG_NOTICE,
4044 		    "%s: if_output recursively called too many times(%d)\n",
4045 		    if_name(ifp), count);
4046 		return (EIO);
4047 	}
4048 	mtag = m_tag_alloc(cookie, 0, sizeof(struct ifnet *), M_NOWAIT);
4049 	if (mtag == NULL)
4050 		return (ENOMEM);
4051 	*(struct ifnet **)(mtag + 1) = ifp;
4052 	m_tag_prepend(m, mtag);
4053 	return (0);
4054 }
4055 
4056 /*
4057  * Get the link layer address that was read from the hardware at attach.
4058  *
4059  * This is only set by Ethernet NICs (IFT_ETHER), but laggX interfaces re-type
4060  * their component interfaces as IFT_IEEE8023ADLAG.
4061  */
4062 int
4063 if_gethwaddr(struct ifnet *ifp, struct ifreq *ifr)
4064 {
4065 
4066 	if (ifp->if_hw_addr == NULL)
4067 		return (ENODEV);
4068 
4069 	switch (ifp->if_type) {
4070 	case IFT_ETHER:
4071 	case IFT_IEEE8023ADLAG:
4072 		bcopy(ifp->if_hw_addr, ifr->ifr_addr.sa_data, ifp->if_addrlen);
4073 		return (0);
4074 	default:
4075 		return (ENODEV);
4076 	}
4077 }
4078 
4079 /*
4080  * The name argument must be a pointer to storage which will last as
4081  * long as the interface does.  For physical devices, the result of
4082  * device_get_name(dev) is a good choice and for pseudo-devices a
4083  * static string works well.
4084  */
4085 void
4086 if_initname(struct ifnet *ifp, const char *name, int unit)
4087 {
4088 	ifp->if_dname = name;
4089 	ifp->if_dunit = unit;
4090 	if (unit != IF_DUNIT_NONE)
4091 		snprintf(ifp->if_xname, IFNAMSIZ, "%s%d", name, unit);
4092 	else
4093 		strlcpy(ifp->if_xname, name, IFNAMSIZ);
4094 }
4095 
4096 static int
4097 if_vlog(struct ifnet *ifp, int pri, const char *fmt, va_list ap)
4098 {
4099 	char if_fmt[256];
4100 
4101 	snprintf(if_fmt, sizeof(if_fmt), "%s: %s", ifp->if_xname, fmt);
4102 	vlog(pri, if_fmt, ap);
4103 	return (0);
4104 }
4105 
4106 
4107 int
4108 if_printf(struct ifnet *ifp, const char *fmt, ...)
4109 {
4110 	va_list ap;
4111 
4112 	va_start(ap, fmt);
4113 	if_vlog(ifp, LOG_INFO, fmt, ap);
4114 	va_end(ap);
4115 	return (0);
4116 }
4117 
4118 int
4119 if_log(struct ifnet *ifp, int pri, const char *fmt, ...)
4120 {
4121 	va_list ap;
4122 
4123 	va_start(ap, fmt);
4124 	if_vlog(ifp, pri, fmt, ap);
4125 	va_end(ap);
4126 	return (0);
4127 }
4128 
4129 void
4130 if_start(struct ifnet *ifp)
4131 {
4132 
4133 	(*(ifp)->if_start)(ifp);
4134 }
4135 
4136 /*
4137  * Backwards compatibility interface for drivers
4138  * that have not implemented it
4139  */
4140 static int
4141 if_transmit(struct ifnet *ifp, struct mbuf *m)
4142 {
4143 	int error;
4144 
4145 	IFQ_HANDOFF(ifp, m, error);
4146 	return (error);
4147 }
4148 
4149 static void
4150 if_input_default(struct ifnet *ifp __unused, struct mbuf *m)
4151 {
4152 
4153 	m_freem(m);
4154 }
4155 
4156 int
4157 if_handoff(struct ifqueue *ifq, struct mbuf *m, struct ifnet *ifp, int adjust)
4158 {
4159 	int active = 0;
4160 
4161 	IF_LOCK(ifq);
4162 	if (_IF_QFULL(ifq)) {
4163 		IF_UNLOCK(ifq);
4164 		if_inc_counter(ifp, IFCOUNTER_OQDROPS, 1);
4165 		m_freem(m);
4166 		return (0);
4167 	}
4168 	if (ifp != NULL) {
4169 		if_inc_counter(ifp, IFCOUNTER_OBYTES, m->m_pkthdr.len + adjust);
4170 		if (m->m_flags & (M_BCAST|M_MCAST))
4171 			if_inc_counter(ifp, IFCOUNTER_OMCASTS, 1);
4172 		active = ifp->if_drv_flags & IFF_DRV_OACTIVE;
4173 	}
4174 	_IF_ENQUEUE(ifq, m);
4175 	IF_UNLOCK(ifq);
4176 	if (ifp != NULL && !active)
4177 		(*(ifp)->if_start)(ifp);
4178 	return (1);
4179 }
4180 
4181 void
4182 if_register_com_alloc(u_char type,
4183     if_com_alloc_t *a, if_com_free_t *f)
4184 {
4185 
4186 	KASSERT(if_com_alloc[type] == NULL,
4187 	    ("if_register_com_alloc: %d already registered", type));
4188 	KASSERT(if_com_free[type] == NULL,
4189 	    ("if_register_com_alloc: %d free already registered", type));
4190 
4191 	if_com_alloc[type] = a;
4192 	if_com_free[type] = f;
4193 }
4194 
4195 void
4196 if_deregister_com_alloc(u_char type)
4197 {
4198 
4199 	KASSERT(if_com_alloc[type] != NULL,
4200 	    ("if_deregister_com_alloc: %d not registered", type));
4201 	KASSERT(if_com_free[type] != NULL,
4202 	    ("if_deregister_com_alloc: %d free not registered", type));
4203 
4204 	/*
4205 	 * Ensure all pending EPOCH(9) callbacks have been executed. This
4206 	 * fixes issues about late invocation of if_destroy(), which leads
4207 	 * to memory leak from if_com_alloc[type] allocated if_l2com.
4208 	 */
4209 	epoch_drain_callbacks(net_epoch_preempt);
4210 
4211 	if_com_alloc[type] = NULL;
4212 	if_com_free[type] = NULL;
4213 }
4214 
4215 /* API for driver access to network stack owned ifnet.*/
4216 uint64_t
4217 if_setbaudrate(struct ifnet *ifp, uint64_t baudrate)
4218 {
4219 	uint64_t oldbrate;
4220 
4221 	oldbrate = ifp->if_baudrate;
4222 	ifp->if_baudrate = baudrate;
4223 	return (oldbrate);
4224 }
4225 
4226 uint64_t
4227 if_getbaudrate(if_t ifp)
4228 {
4229 
4230 	return (((struct ifnet *)ifp)->if_baudrate);
4231 }
4232 
4233 int
4234 if_setcapabilities(if_t ifp, int capabilities)
4235 {
4236 	((struct ifnet *)ifp)->if_capabilities = capabilities;
4237 	return (0);
4238 }
4239 
4240 int
4241 if_setcapabilitiesbit(if_t ifp, int setbit, int clearbit)
4242 {
4243 	((struct ifnet *)ifp)->if_capabilities |= setbit;
4244 	((struct ifnet *)ifp)->if_capabilities &= ~clearbit;
4245 
4246 	return (0);
4247 }
4248 
4249 int
4250 if_getcapabilities(if_t ifp)
4251 {
4252 	return ((struct ifnet *)ifp)->if_capabilities;
4253 }
4254 
4255 int
4256 if_setcapenable(if_t ifp, int capabilities)
4257 {
4258 	((struct ifnet *)ifp)->if_capenable = capabilities;
4259 	return (0);
4260 }
4261 
4262 int
4263 if_setcapenablebit(if_t ifp, int setcap, int clearcap)
4264 {
4265 	if(setcap)
4266 		((struct ifnet *)ifp)->if_capenable |= setcap;
4267 	if(clearcap)
4268 		((struct ifnet *)ifp)->if_capenable &= ~clearcap;
4269 
4270 	return (0);
4271 }
4272 
4273 const char *
4274 if_getdname(if_t ifp)
4275 {
4276 	return ((struct ifnet *)ifp)->if_dname;
4277 }
4278 
4279 int
4280 if_togglecapenable(if_t ifp, int togglecap)
4281 {
4282 	((struct ifnet *)ifp)->if_capenable ^= togglecap;
4283 	return (0);
4284 }
4285 
4286 int
4287 if_getcapenable(if_t ifp)
4288 {
4289 	return ((struct ifnet *)ifp)->if_capenable;
4290 }
4291 
4292 /*
4293  * This is largely undesirable because it ties ifnet to a device, but does
4294  * provide flexiblity for an embedded product vendor. Should be used with
4295  * the understanding that it violates the interface boundaries, and should be
4296  * a last resort only.
4297  */
4298 int
4299 if_setdev(if_t ifp, void *dev)
4300 {
4301 	return (0);
4302 }
4303 
4304 int
4305 if_setdrvflagbits(if_t ifp, int set_flags, int clear_flags)
4306 {
4307 	((struct ifnet *)ifp)->if_drv_flags |= set_flags;
4308 	((struct ifnet *)ifp)->if_drv_flags &= ~clear_flags;
4309 
4310 	return (0);
4311 }
4312 
4313 int
4314 if_getdrvflags(if_t ifp)
4315 {
4316 	return ((struct ifnet *)ifp)->if_drv_flags;
4317 }
4318 
4319 int
4320 if_setdrvflags(if_t ifp, int flags)
4321 {
4322 	((struct ifnet *)ifp)->if_drv_flags = flags;
4323 	return (0);
4324 }
4325 
4326 int
4327 if_setflags(if_t ifp, int flags)
4328 {
4329 
4330 	ifp->if_flags = flags;
4331 	return (0);
4332 }
4333 
4334 int
4335 if_setflagbits(if_t ifp, int set, int clear)
4336 {
4337 	((struct ifnet *)ifp)->if_flags |= set;
4338 	((struct ifnet *)ifp)->if_flags &= ~clear;
4339 
4340 	return (0);
4341 }
4342 
4343 int
4344 if_getflags(if_t ifp)
4345 {
4346 	return ((struct ifnet *)ifp)->if_flags;
4347 }
4348 
4349 int
4350 if_clearhwassist(if_t ifp)
4351 {
4352 	((struct ifnet *)ifp)->if_hwassist = 0;
4353 	return (0);
4354 }
4355 
4356 int
4357 if_sethwassistbits(if_t ifp, int toset, int toclear)
4358 {
4359 	((struct ifnet *)ifp)->if_hwassist |= toset;
4360 	((struct ifnet *)ifp)->if_hwassist &= ~toclear;
4361 
4362 	return (0);
4363 }
4364 
4365 int
4366 if_sethwassist(if_t ifp, int hwassist_bit)
4367 {
4368 	((struct ifnet *)ifp)->if_hwassist = hwassist_bit;
4369 	return (0);
4370 }
4371 
4372 int
4373 if_gethwassist(if_t ifp)
4374 {
4375 	return ((struct ifnet *)ifp)->if_hwassist;
4376 }
4377 
4378 int
4379 if_setmtu(if_t ifp, int mtu)
4380 {
4381 	((struct ifnet *)ifp)->if_mtu = mtu;
4382 	return (0);
4383 }
4384 
4385 int
4386 if_getmtu(if_t ifp)
4387 {
4388 	return ((struct ifnet *)ifp)->if_mtu;
4389 }
4390 
4391 int
4392 if_getmtu_family(if_t ifp, int family)
4393 {
4394 	struct domain *dp;
4395 
4396 	for (dp = domains; dp; dp = dp->dom_next) {
4397 		if (dp->dom_family == family && dp->dom_ifmtu != NULL)
4398 			return (dp->dom_ifmtu((struct ifnet *)ifp));
4399 	}
4400 
4401 	return (((struct ifnet *)ifp)->if_mtu);
4402 }
4403 
4404 /*
4405  * Methods for drivers to access interface unicast and multicast
4406  * link level addresses.  Driver shall not know 'struct ifaddr' neither
4407  * 'struct ifmultiaddr'.
4408  */
4409 u_int
4410 if_lladdr_count(if_t ifp)
4411 {
4412 	struct epoch_tracker et;
4413 	struct ifaddr *ifa;
4414 	u_int count;
4415 
4416 	count = 0;
4417 	NET_EPOCH_ENTER(et);
4418 	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link)
4419 		if (ifa->ifa_addr->sa_family == AF_LINK)
4420 			count++;
4421 	NET_EPOCH_EXIT(et);
4422 
4423 	return (count);
4424 }
4425 
4426 u_int
4427 if_foreach_lladdr(if_t ifp, iflladdr_cb_t cb, void *cb_arg)
4428 {
4429 	struct epoch_tracker et;
4430 	struct ifaddr *ifa;
4431 	u_int count;
4432 
4433 	MPASS(cb);
4434 
4435 	count = 0;
4436 	NET_EPOCH_ENTER(et);
4437 	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
4438 		if (ifa->ifa_addr->sa_family != AF_LINK)
4439 			continue;
4440 		count += (*cb)(cb_arg, (struct sockaddr_dl *)ifa->ifa_addr,
4441 		    count);
4442 	}
4443 	NET_EPOCH_EXIT(et);
4444 
4445 	return (count);
4446 }
4447 
4448 u_int
4449 if_llmaddr_count(if_t ifp)
4450 {
4451 	struct epoch_tracker et;
4452 	struct ifmultiaddr *ifma;
4453 	int count;
4454 
4455 	count = 0;
4456 	NET_EPOCH_ENTER(et);
4457 	CK_STAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link)
4458 		if (ifma->ifma_addr->sa_family == AF_LINK)
4459 			count++;
4460 	NET_EPOCH_EXIT(et);
4461 
4462 	return (count);
4463 }
4464 
4465 u_int
4466 if_foreach_llmaddr(if_t ifp, iflladdr_cb_t cb, void *cb_arg)
4467 {
4468 	struct epoch_tracker et;
4469 	struct ifmultiaddr *ifma;
4470 	u_int count;
4471 
4472 	MPASS(cb);
4473 
4474 	count = 0;
4475 	NET_EPOCH_ENTER(et);
4476 	CK_STAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) {
4477 		if (ifma->ifma_addr->sa_family != AF_LINK)
4478 			continue;
4479 		count += (*cb)(cb_arg, (struct sockaddr_dl *)ifma->ifma_addr,
4480 		    count);
4481 	}
4482 	NET_EPOCH_EXIT(et);
4483 
4484 	return (count);
4485 }
4486 
4487 int
4488 if_setsoftc(if_t ifp, void *softc)
4489 {
4490 	((struct ifnet *)ifp)->if_softc = softc;
4491 	return (0);
4492 }
4493 
4494 void *
4495 if_getsoftc(if_t ifp)
4496 {
4497 	return ((struct ifnet *)ifp)->if_softc;
4498 }
4499 
4500 void
4501 if_setrcvif(struct mbuf *m, if_t ifp)
4502 {
4503 
4504 	MPASS((m->m_pkthdr.csum_flags & CSUM_SND_TAG) == 0);
4505 	m->m_pkthdr.rcvif = (struct ifnet *)ifp;
4506 }
4507 
4508 void
4509 if_setvtag(struct mbuf *m, uint16_t tag)
4510 {
4511 	m->m_pkthdr.ether_vtag = tag;
4512 }
4513 
4514 uint16_t
4515 if_getvtag(struct mbuf *m)
4516 {
4517 
4518 	return (m->m_pkthdr.ether_vtag);
4519 }
4520 
4521 int
4522 if_sendq_empty(if_t ifp)
4523 {
4524 	return IFQ_DRV_IS_EMPTY(&((struct ifnet *)ifp)->if_snd);
4525 }
4526 
4527 struct ifaddr *
4528 if_getifaddr(if_t ifp)
4529 {
4530 	return ((struct ifnet *)ifp)->if_addr;
4531 }
4532 
4533 int
4534 if_getamcount(if_t ifp)
4535 {
4536 	return ((struct ifnet *)ifp)->if_amcount;
4537 }
4538 
4539 int
4540 if_setsendqready(if_t ifp)
4541 {
4542 	IFQ_SET_READY(&((struct ifnet *)ifp)->if_snd);
4543 	return (0);
4544 }
4545 
4546 int
4547 if_setsendqlen(if_t ifp, int tx_desc_count)
4548 {
4549 	IFQ_SET_MAXLEN(&((struct ifnet *)ifp)->if_snd, tx_desc_count);
4550 	((struct ifnet *)ifp)->if_snd.ifq_drv_maxlen = tx_desc_count;
4551 
4552 	return (0);
4553 }
4554 
4555 int
4556 if_vlantrunkinuse(if_t ifp)
4557 {
4558 	return ((struct ifnet *)ifp)->if_vlantrunk != NULL?1:0;
4559 }
4560 
4561 int
4562 if_input(if_t ifp, struct mbuf* sendmp)
4563 {
4564 	(*((struct ifnet *)ifp)->if_input)((struct ifnet *)ifp, sendmp);
4565 	return (0);
4566 
4567 }
4568 
4569 struct mbuf *
4570 if_dequeue(if_t ifp)
4571 {
4572 	struct mbuf *m;
4573 	IFQ_DRV_DEQUEUE(&((struct ifnet *)ifp)->if_snd, m);
4574 
4575 	return (m);
4576 }
4577 
4578 int
4579 if_sendq_prepend(if_t ifp, struct mbuf *m)
4580 {
4581 	IFQ_DRV_PREPEND(&((struct ifnet *)ifp)->if_snd, m);
4582 	return (0);
4583 }
4584 
4585 int
4586 if_setifheaderlen(if_t ifp, int len)
4587 {
4588 	((struct ifnet *)ifp)->if_hdrlen = len;
4589 	return (0);
4590 }
4591 
4592 caddr_t
4593 if_getlladdr(if_t ifp)
4594 {
4595 	return (IF_LLADDR((struct ifnet *)ifp));
4596 }
4597 
4598 void *
4599 if_gethandle(u_char type)
4600 {
4601 	return (if_alloc(type));
4602 }
4603 
4604 void
4605 if_bpfmtap(if_t ifh, struct mbuf *m)
4606 {
4607 	struct ifnet *ifp = (struct ifnet *)ifh;
4608 
4609 	BPF_MTAP(ifp, m);
4610 }
4611 
4612 void
4613 if_etherbpfmtap(if_t ifh, struct mbuf *m)
4614 {
4615 	struct ifnet *ifp = (struct ifnet *)ifh;
4616 
4617 	ETHER_BPF_MTAP(ifp, m);
4618 }
4619 
4620 void
4621 if_vlancap(if_t ifh)
4622 {
4623 	struct ifnet *ifp = (struct ifnet *)ifh;
4624 	VLAN_CAPABILITIES(ifp);
4625 }
4626 
4627 int
4628 if_sethwtsomax(if_t ifp, u_int if_hw_tsomax)
4629 {
4630 
4631 	((struct ifnet *)ifp)->if_hw_tsomax = if_hw_tsomax;
4632         return (0);
4633 }
4634 
4635 int
4636 if_sethwtsomaxsegcount(if_t ifp, u_int if_hw_tsomaxsegcount)
4637 {
4638 
4639 	((struct ifnet *)ifp)->if_hw_tsomaxsegcount = if_hw_tsomaxsegcount;
4640         return (0);
4641 }
4642 
4643 int
4644 if_sethwtsomaxsegsize(if_t ifp, u_int if_hw_tsomaxsegsize)
4645 {
4646 
4647 	((struct ifnet *)ifp)->if_hw_tsomaxsegsize = if_hw_tsomaxsegsize;
4648         return (0);
4649 }
4650 
4651 u_int
4652 if_gethwtsomax(if_t ifp)
4653 {
4654 
4655 	return (((struct ifnet *)ifp)->if_hw_tsomax);
4656 }
4657 
4658 u_int
4659 if_gethwtsomaxsegcount(if_t ifp)
4660 {
4661 
4662 	return (((struct ifnet *)ifp)->if_hw_tsomaxsegcount);
4663 }
4664 
4665 u_int
4666 if_gethwtsomaxsegsize(if_t ifp)
4667 {
4668 
4669 	return (((struct ifnet *)ifp)->if_hw_tsomaxsegsize);
4670 }
4671 
4672 void
4673 if_setinitfn(if_t ifp, void (*init_fn)(void *))
4674 {
4675 	((struct ifnet *)ifp)->if_init = init_fn;
4676 }
4677 
4678 void
4679 if_setioctlfn(if_t ifp, int (*ioctl_fn)(if_t, u_long, caddr_t))
4680 {
4681 	((struct ifnet *)ifp)->if_ioctl = (void *)ioctl_fn;
4682 }
4683 
4684 void
4685 if_setstartfn(if_t ifp, void (*start_fn)(if_t))
4686 {
4687 	((struct ifnet *)ifp)->if_start = (void *)start_fn;
4688 }
4689 
4690 void
4691 if_settransmitfn(if_t ifp, if_transmit_fn_t start_fn)
4692 {
4693 	((struct ifnet *)ifp)->if_transmit = start_fn;
4694 }
4695 
4696 void if_setqflushfn(if_t ifp, if_qflush_fn_t flush_fn)
4697 {
4698 	((struct ifnet *)ifp)->if_qflush = flush_fn;
4699 
4700 }
4701 
4702 void
4703 if_setgetcounterfn(if_t ifp, if_get_counter_t fn)
4704 {
4705 
4706 	ifp->if_get_counter = fn;
4707 }
4708 
4709 #ifdef DDB
4710 static void
4711 if_show_ifnet(struct ifnet *ifp)
4712 {
4713 
4714 	if (ifp == NULL)
4715 		return;
4716 	db_printf("%s:\n", ifp->if_xname);
4717 #define	IF_DB_PRINTF(f, e)	db_printf("   %s = " f "\n", #e, ifp->e);
4718 	IF_DB_PRINTF("%s", if_dname);
4719 	IF_DB_PRINTF("%d", if_dunit);
4720 	IF_DB_PRINTF("%s", if_description);
4721 	IF_DB_PRINTF("%u", if_index);
4722 	IF_DB_PRINTF("%d", if_idxgen);
4723 	IF_DB_PRINTF("%u", if_refcount);
4724 	IF_DB_PRINTF("%p", if_softc);
4725 	IF_DB_PRINTF("%p", if_l2com);
4726 	IF_DB_PRINTF("%p", if_llsoftc);
4727 	IF_DB_PRINTF("%d", if_amcount);
4728 	IF_DB_PRINTF("%p", if_addr);
4729 	IF_DB_PRINTF("%p", if_broadcastaddr);
4730 	IF_DB_PRINTF("%p", if_afdata);
4731 	IF_DB_PRINTF("%d", if_afdata_initialized);
4732 	IF_DB_PRINTF("%u", if_fib);
4733 	IF_DB_PRINTF("%p", if_vnet);
4734 	IF_DB_PRINTF("%p", if_home_vnet);
4735 	IF_DB_PRINTF("%p", if_vlantrunk);
4736 	IF_DB_PRINTF("%p", if_bpf);
4737 	IF_DB_PRINTF("%u", if_pcount);
4738 	IF_DB_PRINTF("%p", if_bridge);
4739 	IF_DB_PRINTF("%p", if_lagg);
4740 	IF_DB_PRINTF("%p", if_pf_kif);
4741 	IF_DB_PRINTF("%p", if_carp);
4742 	IF_DB_PRINTF("%p", if_label);
4743 	IF_DB_PRINTF("%p", if_netmap);
4744 	IF_DB_PRINTF("0x%08x", if_flags);
4745 	IF_DB_PRINTF("0x%08x", if_drv_flags);
4746 	IF_DB_PRINTF("0x%08x", if_capabilities);
4747 	IF_DB_PRINTF("0x%08x", if_capenable);
4748 	IF_DB_PRINTF("%p", if_snd.ifq_head);
4749 	IF_DB_PRINTF("%p", if_snd.ifq_tail);
4750 	IF_DB_PRINTF("%d", if_snd.ifq_len);
4751 	IF_DB_PRINTF("%d", if_snd.ifq_maxlen);
4752 	IF_DB_PRINTF("%p", if_snd.ifq_drv_head);
4753 	IF_DB_PRINTF("%p", if_snd.ifq_drv_tail);
4754 	IF_DB_PRINTF("%d", if_snd.ifq_drv_len);
4755 	IF_DB_PRINTF("%d", if_snd.ifq_drv_maxlen);
4756 	IF_DB_PRINTF("%d", if_snd.altq_type);
4757 	IF_DB_PRINTF("%x", if_snd.altq_flags);
4758 #undef IF_DB_PRINTF
4759 }
4760 
4761 DB_SHOW_COMMAND(ifnet, db_show_ifnet)
4762 {
4763 
4764 	if (!have_addr) {
4765 		db_printf("usage: show ifnet <struct ifnet *>\n");
4766 		return;
4767 	}
4768 
4769 	if_show_ifnet((struct ifnet *)addr);
4770 }
4771 
4772 DB_SHOW_ALL_COMMAND(ifnets, db_show_all_ifnets)
4773 {
4774 	struct ifnet *ifp;
4775 	u_short idx;
4776 
4777 	for (idx = 1; idx <= if_index; idx++) {
4778 		ifp = ifindex_table[idx].ife_ifnet;
4779 		if (ifp == NULL)
4780 			continue;
4781 		db_printf( "%20s ifp=%p\n", ifp->if_xname, ifp);
4782 		if (db_pager_quit)
4783 			break;
4784 	}
4785 }
4786 #endif	/* DDB */
4787