xref: /freebsd/sys/netinet/in.c (revision b78ee15e9f04ae15c3e1200df974473167524d17)
1 /*-
2  * Copyright (c) 1982, 1986, 1991, 1993
3  *	The Regents of the University of California.  All rights reserved.
4  * Copyright (C) 2001 WIDE Project.  All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  *    notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  *    notice, this list of conditions and the following disclaimer in the
13  *    documentation and/or other materials provided with the distribution.
14  * 4. Neither the name of the University nor the names of its contributors
15  *    may be used to endorse or promote products derived from this software
16  *    without specific prior written permission.
17  *
18  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
19  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
22  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28  * SUCH DAMAGE.
29  *
30  *	@(#)in.c	8.4 (Berkeley) 1/9/95
31  */
32 
33 #include <sys/cdefs.h>
34 __FBSDID("$FreeBSD$");
35 
36 #include "opt_mpath.h"
37 
38 #include <sys/param.h>
39 #include <sys/eventhandler.h>
40 #include <sys/systm.h>
41 #include <sys/sockio.h>
42 #include <sys/malloc.h>
43 #include <sys/priv.h>
44 #include <sys/socket.h>
45 #include <sys/jail.h>
46 #include <sys/kernel.h>
47 #include <sys/proc.h>
48 #include <sys/sysctl.h>
49 #include <sys/syslog.h>
50 #include <sys/sx.h>
51 
52 #include <net/if.h>
53 #include <net/if_var.h>
54 #include <net/if_arp.h>
55 #include <net/if_dl.h>
56 #include <net/if_llatbl.h>
57 #include <net/if_types.h>
58 #include <net/route.h>
59 #include <net/vnet.h>
60 
61 #include <netinet/if_ether.h>
62 #include <netinet/in.h>
63 #include <netinet/in_var.h>
64 #include <netinet/in_pcb.h>
65 #include <netinet/ip_var.h>
66 #include <netinet/ip_carp.h>
67 #include <netinet/igmp_var.h>
68 #include <netinet/udp.h>
69 #include <netinet/udp_var.h>
70 
71 static int in_aifaddr_ioctl(u_long, caddr_t, struct ifnet *, struct thread *);
72 static int in_difaddr_ioctl(caddr_t, struct ifnet *, struct thread *);
73 
74 static void	in_socktrim(struct sockaddr_in *);
75 static void	in_purgemaddrs(struct ifnet *);
76 
77 static VNET_DEFINE(int, nosameprefix);
78 #define	V_nosameprefix			VNET(nosameprefix)
79 SYSCTL_INT(_net_inet_ip, OID_AUTO, no_same_prefix, CTLFLAG_VNET | CTLFLAG_RW,
80 	&VNET_NAME(nosameprefix), 0,
81 	"Refuse to create same prefixes on different interfaces");
82 
83 VNET_DECLARE(struct inpcbinfo, ripcbinfo);
84 #define	V_ripcbinfo			VNET(ripcbinfo)
85 
86 static struct sx in_control_sx;
87 SX_SYSINIT(in_control_sx, &in_control_sx, "in_control");
88 
89 /*
90  * Return 1 if an internet address is for a ``local'' host
91  * (one to which we have a connection).
92  */
93 int
94 in_localaddr(struct in_addr in)
95 {
96 	register u_long i = ntohl(in.s_addr);
97 	register struct in_ifaddr *ia;
98 
99 	IN_IFADDR_RLOCK();
100 	TAILQ_FOREACH(ia, &V_in_ifaddrhead, ia_link) {
101 		if ((i & ia->ia_subnetmask) == ia->ia_subnet) {
102 			IN_IFADDR_RUNLOCK();
103 			return (1);
104 		}
105 	}
106 	IN_IFADDR_RUNLOCK();
107 	return (0);
108 }
109 
110 /*
111  * Return 1 if an internet address is for the local host and configured
112  * on one of its interfaces.
113  */
114 int
115 in_localip(struct in_addr in)
116 {
117 	struct in_ifaddr *ia;
118 
119 	IN_IFADDR_RLOCK();
120 	LIST_FOREACH(ia, INADDR_HASH(in.s_addr), ia_hash) {
121 		if (IA_SIN(ia)->sin_addr.s_addr == in.s_addr) {
122 			IN_IFADDR_RUNLOCK();
123 			return (1);
124 		}
125 	}
126 	IN_IFADDR_RUNLOCK();
127 	return (0);
128 }
129 
130 /*
131  * Return 1 if an internet address is configured on an interface.
132  */
133 int
134 in_ifhasaddr(struct ifnet *ifp, struct in_addr in)
135 {
136 	struct ifaddr *ifa;
137 	struct in_ifaddr *ia;
138 
139 	IF_ADDR_RLOCK(ifp);
140 	TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
141 		if (ifa->ifa_addr->sa_family != AF_INET)
142 			continue;
143 		ia = (struct in_ifaddr *)ifa;
144 		if (ia->ia_addr.sin_addr.s_addr == in.s_addr) {
145 			IF_ADDR_RUNLOCK(ifp);
146 			return (1);
147 		}
148 	}
149 	IF_ADDR_RUNLOCK(ifp);
150 
151 	return (0);
152 }
153 
154 /*
155  * Return a reference to the interface address which is different to
156  * the supplied one but with same IP address value.
157  */
158 static struct in_ifaddr *
159 in_localip_more(struct in_ifaddr *ia)
160 {
161 	in_addr_t in = IA_SIN(ia)->sin_addr.s_addr;
162 	struct in_ifaddr *it;
163 
164 	IN_IFADDR_RLOCK();
165 	LIST_FOREACH(it, INADDR_HASH(in), ia_hash) {
166 		if (it != ia && IA_SIN(it)->sin_addr.s_addr == in) {
167 			ifa_ref(&it->ia_ifa);
168 			IN_IFADDR_RUNLOCK();
169 			return (it);
170 		}
171 	}
172 	IN_IFADDR_RUNLOCK();
173 
174 	return (NULL);
175 }
176 
177 /*
178  * Determine whether an IP address is in a reserved set of addresses
179  * that may not be forwarded, or whether datagrams to that destination
180  * may be forwarded.
181  */
182 int
183 in_canforward(struct in_addr in)
184 {
185 	register u_long i = ntohl(in.s_addr);
186 	register u_long net;
187 
188 	if (IN_EXPERIMENTAL(i) || IN_MULTICAST(i) || IN_LINKLOCAL(i))
189 		return (0);
190 	if (IN_CLASSA(i)) {
191 		net = i & IN_CLASSA_NET;
192 		if (net == 0 || net == (IN_LOOPBACKNET << IN_CLASSA_NSHIFT))
193 			return (0);
194 	}
195 	return (1);
196 }
197 
198 /*
199  * Trim a mask in a sockaddr
200  */
201 static void
202 in_socktrim(struct sockaddr_in *ap)
203 {
204     register char *cplim = (char *) &ap->sin_addr;
205     register char *cp = (char *) (&ap->sin_addr + 1);
206 
207     ap->sin_len = 0;
208     while (--cp >= cplim)
209 	if (*cp) {
210 	    (ap)->sin_len = cp - (char *) (ap) + 1;
211 	    break;
212 	}
213 }
214 
215 /*
216  * Generic internet control operations (ioctl's).
217  */
218 int
219 in_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp,
220     struct thread *td)
221 {
222 	struct ifreq *ifr = (struct ifreq *)data;
223 	struct sockaddr_in *addr = (struct sockaddr_in *)&ifr->ifr_addr;
224 	struct ifaddr *ifa;
225 	struct in_ifaddr *ia;
226 	int error;
227 
228 	if (ifp == NULL)
229 		return (EADDRNOTAVAIL);
230 
231 	/*
232 	 * Filter out 4 ioctls we implement directly.  Forward the rest
233 	 * to specific functions and ifp->if_ioctl().
234 	 */
235 	switch (cmd) {
236 	case SIOCGIFADDR:
237 	case SIOCGIFBRDADDR:
238 	case SIOCGIFDSTADDR:
239 	case SIOCGIFNETMASK:
240 		break;
241 	case SIOCDIFADDR:
242 		sx_xlock(&in_control_sx);
243 		error = in_difaddr_ioctl(data, ifp, td);
244 		sx_xunlock(&in_control_sx);
245 		return (error);
246 	case OSIOCAIFADDR:	/* 9.x compat */
247 	case SIOCAIFADDR:
248 		sx_xlock(&in_control_sx);
249 		error = in_aifaddr_ioctl(cmd, data, ifp, td);
250 		sx_xunlock(&in_control_sx);
251 		return (error);
252 	case SIOCSIFADDR:
253 	case SIOCSIFBRDADDR:
254 	case SIOCSIFDSTADDR:
255 	case SIOCSIFNETMASK:
256 		/* We no longer support that old commands. */
257 		return (EINVAL);
258 	default:
259 		if (ifp->if_ioctl == NULL)
260 			return (EOPNOTSUPP);
261 		return ((*ifp->if_ioctl)(ifp, cmd, data));
262 	}
263 
264 	if (addr->sin_addr.s_addr != INADDR_ANY &&
265 	    prison_check_ip4(td->td_ucred, &addr->sin_addr) != 0)
266 		return (EADDRNOTAVAIL);
267 
268 	/*
269 	 * Find address for this interface, if it exists.  If an
270 	 * address was specified, find that one instead of the
271 	 * first one on the interface, if possible.
272 	 */
273 	IF_ADDR_RLOCK(ifp);
274 	TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
275 		if (ifa->ifa_addr->sa_family != AF_INET)
276 			continue;
277 		ia = (struct in_ifaddr *)ifa;
278 		if (ia->ia_addr.sin_addr.s_addr == addr->sin_addr.s_addr)
279 			break;
280 	}
281 	if (ifa == NULL)
282 		TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link)
283 			if (ifa->ifa_addr->sa_family == AF_INET) {
284 				ia = (struct in_ifaddr *)ifa;
285 				if (prison_check_ip4(td->td_ucred,
286 				    &ia->ia_addr.sin_addr) == 0)
287 					break;
288 			}
289 
290 	if (ifa == NULL) {
291 		IF_ADDR_RUNLOCK(ifp);
292 		return (EADDRNOTAVAIL);
293 	}
294 
295 	error = 0;
296 	switch (cmd) {
297 	case SIOCGIFADDR:
298 		*addr = ia->ia_addr;
299 		break;
300 
301 	case SIOCGIFBRDADDR:
302 		if ((ifp->if_flags & IFF_BROADCAST) == 0) {
303 			error = EINVAL;
304 			break;
305 		}
306 		*addr = ia->ia_broadaddr;
307 		break;
308 
309 	case SIOCGIFDSTADDR:
310 		if ((ifp->if_flags & IFF_POINTOPOINT) == 0) {
311 			error = EINVAL;
312 			break;
313 		}
314 		*addr = ia->ia_dstaddr;
315 		break;
316 
317 	case SIOCGIFNETMASK:
318 		*addr = ia->ia_sockmask;
319 		break;
320 	}
321 
322 	IF_ADDR_RUNLOCK(ifp);
323 
324 	return (error);
325 }
326 
327 static int
328 in_aifaddr_ioctl(u_long cmd, caddr_t data, struct ifnet *ifp, struct thread *td)
329 {
330 	const struct in_aliasreq *ifra = (struct in_aliasreq *)data;
331 	const struct sockaddr_in *addr = &ifra->ifra_addr;
332 	const struct sockaddr_in *broadaddr = &ifra->ifra_broadaddr;
333 	const struct sockaddr_in *mask = &ifra->ifra_mask;
334 	const struct sockaddr_in *dstaddr = &ifra->ifra_dstaddr;
335 	const int vhid = (cmd == SIOCAIFADDR) ? ifra->ifra_vhid : 0;
336 	struct ifaddr *ifa;
337 	struct in_ifaddr *ia;
338 	bool iaIsFirst;
339 	int error = 0;
340 
341 	error = priv_check(td, PRIV_NET_ADDIFADDR);
342 	if (error)
343 		return (error);
344 
345 	/*
346 	 * ifra_addr must be present and be of INET family.
347 	 * ifra_broadaddr/ifra_dstaddr and ifra_mask are optional.
348 	 */
349 	if (addr->sin_len != sizeof(struct sockaddr_in) ||
350 	    addr->sin_family != AF_INET)
351 		return (EINVAL);
352 	if (broadaddr->sin_len != 0 &&
353 	    (broadaddr->sin_len != sizeof(struct sockaddr_in) ||
354 	    broadaddr->sin_family != AF_INET))
355 		return (EINVAL);
356 	if (mask->sin_len != 0 &&
357 	    (mask->sin_len != sizeof(struct sockaddr_in) ||
358 	    mask->sin_family != AF_INET))
359 		return (EINVAL);
360 	if ((ifp->if_flags & IFF_POINTOPOINT) &&
361 	    (dstaddr->sin_len != sizeof(struct sockaddr_in) ||
362 	     dstaddr->sin_addr.s_addr == INADDR_ANY))
363 		return (EDESTADDRREQ);
364 	if (vhid > 0 && carp_attach_p == NULL)
365 		return (EPROTONOSUPPORT);
366 
367 	/*
368 	 * See whether address already exist.
369 	 */
370 	iaIsFirst = true;
371 	ia = NULL;
372 	IF_ADDR_RLOCK(ifp);
373 	TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
374 		struct in_ifaddr *it;
375 
376 		if (ifa->ifa_addr->sa_family != AF_INET)
377 			continue;
378 
379 		it = (struct in_ifaddr *)ifa;
380 		iaIsFirst = false;
381 		if (it->ia_addr.sin_addr.s_addr == addr->sin_addr.s_addr &&
382 		    prison_check_ip4(td->td_ucred, &addr->sin_addr) == 0)
383 			ia = it;
384 	}
385 	IF_ADDR_RUNLOCK(ifp);
386 
387 	if (ia != NULL)
388 		(void )in_difaddr_ioctl(data, ifp, td);
389 
390 	ifa = ifa_alloc(sizeof(struct in_ifaddr), M_WAITOK);
391 	ia = (struct in_ifaddr *)ifa;
392 	ifa->ifa_addr = (struct sockaddr *)&ia->ia_addr;
393 	ifa->ifa_dstaddr = (struct sockaddr *)&ia->ia_dstaddr;
394 	ifa->ifa_netmask = (struct sockaddr *)&ia->ia_sockmask;
395 
396 	ia->ia_ifp = ifp;
397 	ia->ia_addr = *addr;
398 	if (mask->sin_len != 0) {
399 		ia->ia_sockmask = *mask;
400 		ia->ia_subnetmask = ntohl(ia->ia_sockmask.sin_addr.s_addr);
401 	} else {
402 		in_addr_t i = ntohl(addr->sin_addr.s_addr);
403 
404 		/*
405 	 	 * Be compatible with network classes, if netmask isn't
406 		 * supplied, guess it based on classes.
407 	 	 */
408 		if (IN_CLASSA(i))
409 			ia->ia_subnetmask = IN_CLASSA_NET;
410 		else if (IN_CLASSB(i))
411 			ia->ia_subnetmask = IN_CLASSB_NET;
412 		else
413 			ia->ia_subnetmask = IN_CLASSC_NET;
414 		ia->ia_sockmask.sin_addr.s_addr = htonl(ia->ia_subnetmask);
415 	}
416 	ia->ia_subnet = ntohl(addr->sin_addr.s_addr) & ia->ia_subnetmask;
417 	in_socktrim(&ia->ia_sockmask);
418 
419 	if (ifp->if_flags & IFF_BROADCAST) {
420 		if (broadaddr->sin_len != 0) {
421 			ia->ia_broadaddr = *broadaddr;
422 		} else if (ia->ia_subnetmask == IN_RFC3021_MASK) {
423 			ia->ia_broadaddr.sin_addr.s_addr = INADDR_BROADCAST;
424 			ia->ia_broadaddr.sin_len = sizeof(struct sockaddr_in);
425 			ia->ia_broadaddr.sin_family = AF_INET;
426 		} else {
427 			ia->ia_broadaddr.sin_addr.s_addr =
428 			    htonl(ia->ia_subnet | ~ia->ia_subnetmask);
429 			ia->ia_broadaddr.sin_len = sizeof(struct sockaddr_in);
430 			ia->ia_broadaddr.sin_family = AF_INET;
431 		}
432 	}
433 
434 	if (ifp->if_flags & IFF_POINTOPOINT)
435 		ia->ia_dstaddr = *dstaddr;
436 
437 	/* XXXGL: rtinit() needs this strange assignment. */
438 	if (ifp->if_flags & IFF_LOOPBACK)
439                 ia->ia_dstaddr = ia->ia_addr;
440 
441 	if (vhid != 0) {
442 		error = (*carp_attach_p)(&ia->ia_ifa, vhid);
443 		if (error)
444 			return (error);
445 	}
446 
447 	/* if_addrhead is already referenced by ifa_alloc() */
448 	IF_ADDR_WLOCK(ifp);
449 	TAILQ_INSERT_TAIL(&ifp->if_addrhead, ifa, ifa_link);
450 	IF_ADDR_WUNLOCK(ifp);
451 
452 	ifa_ref(ifa);			/* in_ifaddrhead */
453 	IN_IFADDR_WLOCK();
454 	TAILQ_INSERT_TAIL(&V_in_ifaddrhead, ia, ia_link);
455 	LIST_INSERT_HEAD(INADDR_HASH(ia->ia_addr.sin_addr.s_addr), ia, ia_hash);
456 	IN_IFADDR_WUNLOCK();
457 
458 	/*
459 	 * Give the interface a chance to initialize
460 	 * if this is its first address,
461 	 * and to validate the address if necessary.
462 	 */
463 	if (ifp->if_ioctl != NULL) {
464 		error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia);
465 		if (error)
466 			goto fail1;
467 	}
468 
469 	/*
470 	 * Add route for the network.
471 	 */
472 	if (vhid == 0) {
473 		int flags = RTF_UP;
474 
475 		if (ifp->if_flags & (IFF_LOOPBACK|IFF_POINTOPOINT))
476 			flags |= RTF_HOST;
477 
478 		error = in_addprefix(ia, flags);
479 		if (error)
480 			goto fail1;
481 	}
482 
483 	/*
484 	 * Add a loopback route to self.
485 	 */
486 	if (vhid == 0 && (ifp->if_flags & IFF_LOOPBACK) == 0 &&
487 	    ia->ia_addr.sin_addr.s_addr != INADDR_ANY &&
488 	    !((ifp->if_flags & IFF_POINTOPOINT) &&
489 	     ia->ia_dstaddr.sin_addr.s_addr == ia->ia_addr.sin_addr.s_addr)) {
490 		struct in_ifaddr *eia;
491 
492 		eia = in_localip_more(ia);
493 
494 		if (eia == NULL) {
495 			error = ifa_add_loopback_route((struct ifaddr *)ia,
496 			    (struct sockaddr *)&ia->ia_addr);
497 			if (error)
498 				goto fail2;
499 		} else
500 			ifa_free(&eia->ia_ifa);
501 	}
502 
503 	if (iaIsFirst && (ifp->if_flags & IFF_MULTICAST)) {
504 		struct in_addr allhosts_addr;
505 		struct in_ifinfo *ii;
506 
507 		ii = ((struct in_ifinfo *)ifp->if_afdata[AF_INET]);
508 		allhosts_addr.s_addr = htonl(INADDR_ALLHOSTS_GROUP);
509 
510 		error = in_joingroup(ifp, &allhosts_addr, NULL,
511 			&ii->ii_allhosts);
512 	}
513 
514 	EVENTHANDLER_INVOKE(ifaddr_event, ifp);
515 
516 	return (error);
517 
518 fail2:
519 	if (vhid == 0)
520 		(void )in_scrubprefix(ia, LLE_STATIC);
521 
522 fail1:
523 	if (ia->ia_ifa.ifa_carp)
524 		(*carp_detach_p)(&ia->ia_ifa);
525 
526 	IF_ADDR_WLOCK(ifp);
527 	TAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifa_link);
528 	IF_ADDR_WUNLOCK(ifp);
529 	ifa_free(&ia->ia_ifa);		/* if_addrhead */
530 
531 	IN_IFADDR_WLOCK();
532 	TAILQ_REMOVE(&V_in_ifaddrhead, ia, ia_link);
533 	LIST_REMOVE(ia, ia_hash);
534 	IN_IFADDR_WUNLOCK();
535 	ifa_free(&ia->ia_ifa);		/* in_ifaddrhead */
536 
537 	return (error);
538 }
539 
540 static int
541 in_difaddr_ioctl(caddr_t data, struct ifnet *ifp, struct thread *td)
542 {
543 	const struct ifreq *ifr = (struct ifreq *)data;
544 	const struct sockaddr_in *addr = (const struct sockaddr_in *)
545 	    &ifr->ifr_addr;
546 	struct ifaddr *ifa;
547 	struct in_ifaddr *ia;
548 	bool deleteAny, iaIsLast;
549 	int error;
550 
551 	if (td != NULL) {
552 		error = priv_check(td, PRIV_NET_DELIFADDR);
553 		if (error)
554 			return (error);
555 	}
556 
557 	if (addr->sin_len != sizeof(struct sockaddr_in) ||
558 	    addr->sin_family != AF_INET)
559 		deleteAny = true;
560 	else
561 		deleteAny = false;
562 
563 	iaIsLast = true;
564 	ia = NULL;
565 	IF_ADDR_WLOCK(ifp);
566 	TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
567 		struct in_ifaddr *it;
568 
569 		if (ifa->ifa_addr->sa_family != AF_INET)
570 			continue;
571 
572 		it = (struct in_ifaddr *)ifa;
573 		if (deleteAny && ia == NULL && (td == NULL ||
574 		    prison_check_ip4(td->td_ucred, &it->ia_addr.sin_addr) == 0))
575 			ia = it;
576 
577 		if (it->ia_addr.sin_addr.s_addr == addr->sin_addr.s_addr &&
578 		    (td == NULL || prison_check_ip4(td->td_ucred,
579 		    &addr->sin_addr) == 0))
580 			ia = it;
581 
582 		if (it != ia)
583 			iaIsLast = false;
584 	}
585 
586 	if (ia == NULL) {
587 		IF_ADDR_WUNLOCK(ifp);
588 		return (EADDRNOTAVAIL);
589 	}
590 
591 	TAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifa_link);
592 	IF_ADDR_WUNLOCK(ifp);
593 	ifa_free(&ia->ia_ifa);		/* if_addrhead */
594 
595 	IN_IFADDR_WLOCK();
596 	TAILQ_REMOVE(&V_in_ifaddrhead, ia, ia_link);
597 	LIST_REMOVE(ia, ia_hash);
598 	IN_IFADDR_WUNLOCK();
599 
600 	/*
601 	 * in_scrubprefix() kills the interface route.
602 	 */
603 	in_scrubprefix(ia, LLE_STATIC);
604 
605 	/*
606 	 * in_ifadown gets rid of all the rest of
607 	 * the routes.  This is not quite the right
608 	 * thing to do, but at least if we are running
609 	 * a routing process they will come back.
610 	 */
611 	in_ifadown(&ia->ia_ifa, 1);
612 
613 	if (ia->ia_ifa.ifa_carp)
614 		(*carp_detach_p)(&ia->ia_ifa);
615 
616 	/*
617 	 * If this is the last IPv4 address configured on this
618 	 * interface, leave the all-hosts group.
619 	 * No state-change report need be transmitted.
620 	 */
621 	if (iaIsLast && (ifp->if_flags & IFF_MULTICAST)) {
622 		struct in_ifinfo *ii;
623 
624 		ii = ((struct in_ifinfo *)ifp->if_afdata[AF_INET]);
625 		IN_MULTI_LOCK();
626 		if (ii->ii_allhosts) {
627 			(void)in_leavegroup_locked(ii->ii_allhosts, NULL);
628 			ii->ii_allhosts = NULL;
629 		}
630 		IN_MULTI_UNLOCK();
631 	}
632 
633 	EVENTHANDLER_INVOKE(ifaddr_event, ifp);
634 	ifa_free(&ia->ia_ifa);		/* in_ifaddrhead */
635 
636 	return (0);
637 }
638 
639 #define rtinitflags(x) \
640 	((((x)->ia_ifp->if_flags & (IFF_LOOPBACK | IFF_POINTOPOINT)) != 0) \
641 	    ? RTF_HOST : 0)
642 
643 /*
644  * Check if we have a route for the given prefix already or add one accordingly.
645  */
646 int
647 in_addprefix(struct in_ifaddr *target, int flags)
648 {
649 	struct in_ifaddr *ia;
650 	struct in_addr prefix, mask, p, m;
651 	int error;
652 
653 	if ((flags & RTF_HOST) != 0) {
654 		prefix = target->ia_dstaddr.sin_addr;
655 		mask.s_addr = 0;
656 	} else {
657 		prefix = target->ia_addr.sin_addr;
658 		mask = target->ia_sockmask.sin_addr;
659 		prefix.s_addr &= mask.s_addr;
660 	}
661 
662 	IN_IFADDR_RLOCK();
663 	/* Look for an existing address with the same prefix, mask, and fib */
664 	TAILQ_FOREACH(ia, &V_in_ifaddrhead, ia_link) {
665 		if (rtinitflags(ia)) {
666 			p = ia->ia_dstaddr.sin_addr;
667 
668 			if (prefix.s_addr != p.s_addr)
669 				continue;
670 		} else {
671 			p = ia->ia_addr.sin_addr;
672 			m = ia->ia_sockmask.sin_addr;
673 			p.s_addr &= m.s_addr;
674 
675 			if (prefix.s_addr != p.s_addr ||
676 			    mask.s_addr != m.s_addr)
677 				continue;
678 		}
679 		if (target->ia_ifp->if_fib != ia->ia_ifp->if_fib)
680 			continue;
681 
682 		/*
683 		 * If we got a matching prefix route inserted by other
684 		 * interface address, we are done here.
685 		 */
686 		if (ia->ia_flags & IFA_ROUTE) {
687 #ifdef RADIX_MPATH
688 			if (ia->ia_addr.sin_addr.s_addr ==
689 			    target->ia_addr.sin_addr.s_addr) {
690 				IN_IFADDR_RUNLOCK();
691 				return (EEXIST);
692 			} else
693 				break;
694 #endif
695 			if (V_nosameprefix) {
696 				IN_IFADDR_RUNLOCK();
697 				return (EEXIST);
698 			} else {
699 				int fibnum;
700 
701 				fibnum = V_rt_add_addr_allfibs ? RT_ALL_FIBS :
702 					target->ia_ifp->if_fib;
703 				rt_addrmsg(RTM_ADD, &target->ia_ifa, fibnum);
704 				IN_IFADDR_RUNLOCK();
705 				return (0);
706 			}
707 		}
708 	}
709 	IN_IFADDR_RUNLOCK();
710 
711 	/*
712 	 * No-one seem to have this prefix route, so we try to insert it.
713 	 */
714 	error = rtinit(&target->ia_ifa, (int)RTM_ADD, flags);
715 	if (!error)
716 		target->ia_flags |= IFA_ROUTE;
717 	return (error);
718 }
719 
720 /*
721  * If there is no other address in the system that can serve a route to the
722  * same prefix, remove the route.  Hand over the route to the new address
723  * otherwise.
724  */
725 int
726 in_scrubprefix(struct in_ifaddr *target, u_int flags)
727 {
728 	struct in_ifaddr *ia;
729 	struct in_addr prefix, mask, p, m;
730 	int error = 0;
731 	struct sockaddr_in prefix0, mask0;
732 
733 	/*
734 	 * Remove the loopback route to the interface address.
735 	 */
736 	if ((target->ia_addr.sin_addr.s_addr != INADDR_ANY) &&
737 	    !(target->ia_ifp->if_flags & IFF_LOOPBACK) &&
738 	    (flags & LLE_STATIC)) {
739 		struct in_ifaddr *eia;
740 
741 		eia = in_localip_more(target);
742 
743 		if (eia != NULL) {
744 			int fibnum = target->ia_ifp->if_fib;
745 
746 			error = ifa_switch_loopback_route((struct ifaddr *)eia,
747 			    (struct sockaddr *)&target->ia_addr, fibnum);
748 			ifa_free(&eia->ia_ifa);
749 		} else {
750 			error = ifa_del_loopback_route((struct ifaddr *)target,
751 			    (struct sockaddr *)&target->ia_addr);
752 		}
753 
754 		if (!(target->ia_ifp->if_flags & IFF_NOARP))
755 			/* remove arp cache */
756 			arp_ifscrub(target->ia_ifp,
757 			    IA_SIN(target)->sin_addr.s_addr);
758 	}
759 
760 	if (rtinitflags(target)) {
761 		prefix = target->ia_dstaddr.sin_addr;
762 		mask.s_addr = 0;
763 	} else {
764 		prefix = target->ia_addr.sin_addr;
765 		mask = target->ia_sockmask.sin_addr;
766 		prefix.s_addr &= mask.s_addr;
767 	}
768 
769 	if ((target->ia_flags & IFA_ROUTE) == 0) {
770 		int fibnum;
771 
772 		fibnum = V_rt_add_addr_allfibs ? RT_ALL_FIBS :
773 			target->ia_ifp->if_fib;
774 		rt_addrmsg(RTM_DELETE, &target->ia_ifa, fibnum);
775 		return (0);
776 	}
777 
778 	IN_IFADDR_RLOCK();
779 	TAILQ_FOREACH(ia, &V_in_ifaddrhead, ia_link) {
780 		if (rtinitflags(ia)) {
781 			p = ia->ia_dstaddr.sin_addr;
782 
783 			if (prefix.s_addr != p.s_addr)
784 				continue;
785 		} else {
786 			p = ia->ia_addr.sin_addr;
787 			m = ia->ia_sockmask.sin_addr;
788 			p.s_addr &= m.s_addr;
789 
790 			if (prefix.s_addr != p.s_addr ||
791 			    mask.s_addr != m.s_addr)
792 				continue;
793 		}
794 
795 		if ((ia->ia_ifp->if_flags & IFF_UP) == 0)
796 			continue;
797 
798 		/*
799 		 * If we got a matching prefix address, move IFA_ROUTE and
800 		 * the route itself to it.  Make sure that routing daemons
801 		 * get a heads-up.
802 		 */
803 		if ((ia->ia_flags & IFA_ROUTE) == 0) {
804 			ifa_ref(&ia->ia_ifa);
805 			IN_IFADDR_RUNLOCK();
806 			error = rtinit(&(target->ia_ifa), (int)RTM_DELETE,
807 			    rtinitflags(target));
808 			if (error == 0)
809 				target->ia_flags &= ~IFA_ROUTE;
810 			else
811 				log(LOG_INFO, "in_scrubprefix: err=%d, old prefix delete failed\n",
812 					error);
813 			error = rtinit(&ia->ia_ifa, (int)RTM_ADD,
814 			    rtinitflags(ia) | RTF_UP);
815 			if (error == 0)
816 				ia->ia_flags |= IFA_ROUTE;
817 			else
818 				log(LOG_INFO, "in_scrubprefix: err=%d, new prefix add failed\n",
819 					error);
820 			ifa_free(&ia->ia_ifa);
821 			return (error);
822 		}
823 	}
824 	IN_IFADDR_RUNLOCK();
825 
826 	/*
827 	 * remove all L2 entries on the given prefix
828 	 */
829 	bzero(&prefix0, sizeof(prefix0));
830 	prefix0.sin_len = sizeof(prefix0);
831 	prefix0.sin_family = AF_INET;
832 	prefix0.sin_addr.s_addr = target->ia_subnet;
833 	bzero(&mask0, sizeof(mask0));
834 	mask0.sin_len = sizeof(mask0);
835 	mask0.sin_family = AF_INET;
836 	mask0.sin_addr.s_addr = target->ia_subnetmask;
837 	lltable_prefix_free(AF_INET, (struct sockaddr *)&prefix0,
838 	    (struct sockaddr *)&mask0, flags);
839 
840 	/*
841 	 * As no-one seem to have this prefix, we can remove the route.
842 	 */
843 	error = rtinit(&(target->ia_ifa), (int)RTM_DELETE, rtinitflags(target));
844 	if (error == 0)
845 		target->ia_flags &= ~IFA_ROUTE;
846 	else
847 		log(LOG_INFO, "in_scrubprefix: err=%d, prefix delete failed\n", error);
848 	return (error);
849 }
850 
851 #undef rtinitflags
852 
853 /*
854  * Return 1 if the address might be a local broadcast address.
855  */
856 int
857 in_broadcast(struct in_addr in, struct ifnet *ifp)
858 {
859 	register struct ifaddr *ifa;
860 	u_long t;
861 
862 	if (in.s_addr == INADDR_BROADCAST ||
863 	    in.s_addr == INADDR_ANY)
864 		return (1);
865 	if ((ifp->if_flags & IFF_BROADCAST) == 0)
866 		return (0);
867 	t = ntohl(in.s_addr);
868 	/*
869 	 * Look through the list of addresses for a match
870 	 * with a broadcast address.
871 	 */
872 #define ia ((struct in_ifaddr *)ifa)
873 	TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link)
874 		if (ifa->ifa_addr->sa_family == AF_INET &&
875 		    (in.s_addr == ia->ia_broadaddr.sin_addr.s_addr ||
876 		     /*
877 		      * Check for old-style (host 0) broadcast, but
878 		      * taking into account that RFC 3021 obsoletes it.
879 		      */
880 		    (ia->ia_subnetmask != IN_RFC3021_MASK &&
881 		    t == ia->ia_subnet)) &&
882 		     /*
883 		      * Check for an all one subnetmask. These
884 		      * only exist when an interface gets a secondary
885 		      * address.
886 		      */
887 		    ia->ia_subnetmask != (u_long)0xffffffff)
888 			    return (1);
889 	return (0);
890 #undef ia
891 }
892 
893 /*
894  * On interface removal, clean up IPv4 data structures hung off of the ifnet.
895  */
896 void
897 in_ifdetach(struct ifnet *ifp)
898 {
899 
900 	in_pcbpurgeif0(&V_ripcbinfo, ifp);
901 	in_pcbpurgeif0(&V_udbinfo, ifp);
902 	in_pcbpurgeif0(&V_ulitecbinfo, ifp);
903 	in_purgemaddrs(ifp);
904 }
905 
906 /*
907  * Delete all IPv4 multicast address records, and associated link-layer
908  * multicast address records, associated with ifp.
909  * XXX It looks like domifdetach runs AFTER the link layer cleanup.
910  * XXX This should not race with ifma_protospec being set during
911  * a new allocation, if it does, we have bigger problems.
912  */
913 static void
914 in_purgemaddrs(struct ifnet *ifp)
915 {
916 	LIST_HEAD(,in_multi) purgeinms;
917 	struct in_multi		*inm, *tinm;
918 	struct ifmultiaddr	*ifma;
919 
920 	LIST_INIT(&purgeinms);
921 	IN_MULTI_LOCK();
922 
923 	/*
924 	 * Extract list of in_multi associated with the detaching ifp
925 	 * which the PF_INET layer is about to release.
926 	 * We need to do this as IF_ADDR_LOCK() may be re-acquired
927 	 * by code further down.
928 	 */
929 	IF_ADDR_RLOCK(ifp);
930 	TAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) {
931 		if (ifma->ifma_addr->sa_family != AF_INET ||
932 		    ifma->ifma_protospec == NULL)
933 			continue;
934 #if 0
935 		KASSERT(ifma->ifma_protospec != NULL,
936 		    ("%s: ifma_protospec is NULL", __func__));
937 #endif
938 		inm = (struct in_multi *)ifma->ifma_protospec;
939 		LIST_INSERT_HEAD(&purgeinms, inm, inm_link);
940 	}
941 	IF_ADDR_RUNLOCK(ifp);
942 
943 	LIST_FOREACH_SAFE(inm, &purgeinms, inm_link, tinm) {
944 		LIST_REMOVE(inm, inm_link);
945 		inm_release_locked(inm);
946 	}
947 	igmp_ifdetach(ifp);
948 
949 	IN_MULTI_UNLOCK();
950 }
951 
952 struct in_llentry {
953 	struct llentry		base;
954 	struct sockaddr_in	l3_addr4;
955 };
956 
957 /*
958  * Deletes an address from the address table.
959  * This function is called by the timer functions
960  * such as arptimer() and nd6_llinfo_timer(), and
961  * the caller does the locking.
962  */
963 static void
964 in_lltable_free(struct lltable *llt, struct llentry *lle)
965 {
966 	LLE_WUNLOCK(lle);
967 	LLE_LOCK_DESTROY(lle);
968 	free(lle, M_LLTABLE);
969 }
970 
971 static struct llentry *
972 in_lltable_new(const struct sockaddr *l3addr, u_int flags)
973 {
974 	struct in_llentry *lle;
975 
976 	lle = malloc(sizeof(struct in_llentry), M_LLTABLE, M_NOWAIT | M_ZERO);
977 	if (lle == NULL)		/* NB: caller generates msg */
978 		return NULL;
979 
980 	/*
981 	 * For IPv4 this will trigger "arpresolve" to generate
982 	 * an ARP request.
983 	 */
984 	lle->base.la_expire = time_uptime; /* mark expired */
985 	lle->l3_addr4 = *(const struct sockaddr_in *)l3addr;
986 	lle->base.lle_refcnt = 1;
987 	lle->base.lle_free = in_lltable_free;
988 	LLE_LOCK_INIT(&lle->base);
989 	callout_init(&lle->base.la_timer, 1);
990 
991 	return (&lle->base);
992 }
993 
994 #define IN_ARE_MASKED_ADDR_EQUAL(d, a, m)	(			\
995 	    (((ntohl((d)->sin_addr.s_addr) ^ (a)->sin_addr.s_addr) & (m)->sin_addr.s_addr)) == 0 )
996 
997 static void
998 in_lltable_prefix_free(struct lltable *llt, const struct sockaddr *prefix,
999     const struct sockaddr *mask, u_int flags)
1000 {
1001 	const struct sockaddr_in *pfx = (const struct sockaddr_in *)prefix;
1002 	const struct sockaddr_in *msk = (const struct sockaddr_in *)mask;
1003 	struct llentry *lle, *next;
1004 	int i;
1005 	size_t pkts_dropped;
1006 
1007 	IF_AFDATA_WLOCK(llt->llt_ifp);
1008 	for (i = 0; i < LLTBL_HASHTBL_SIZE; i++) {
1009 		LIST_FOREACH_SAFE(lle, &llt->lle_head[i], lle_next, next) {
1010 			/*
1011 			 * (flags & LLE_STATIC) means deleting all entries
1012 			 * including static ARP entries.
1013 			 */
1014 			if (IN_ARE_MASKED_ADDR_EQUAL(satosin(L3_ADDR(lle)),
1015 			    pfx, msk) && ((flags & LLE_STATIC) ||
1016 			    !(lle->la_flags & LLE_STATIC))) {
1017 				LLE_WLOCK(lle);
1018 				if (callout_stop(&lle->la_timer))
1019 					LLE_REMREF(lle);
1020 				pkts_dropped = llentry_free(lle);
1021 				ARPSTAT_ADD(dropped, pkts_dropped);
1022 			}
1023 		}
1024 	}
1025 	IF_AFDATA_WUNLOCK(llt->llt_ifp);
1026 }
1027 
1028 
1029 static int
1030 in_lltable_rtcheck(struct ifnet *ifp, u_int flags, const struct sockaddr *l3addr)
1031 {
1032 	struct rtentry *rt;
1033 
1034 	KASSERT(l3addr->sa_family == AF_INET,
1035 	    ("sin_family %d", l3addr->sa_family));
1036 
1037 	/* XXX rtalloc1_fib should take a const param */
1038 	rt = rtalloc1_fib(__DECONST(struct sockaddr *, l3addr), 0, 0,
1039 	    ifp->if_fib);
1040 
1041 	if (rt == NULL)
1042 		return (EINVAL);
1043 
1044 	/*
1045 	 * If the gateway for an existing host route matches the target L3
1046 	 * address, which is a special route inserted by some implementation
1047 	 * such as MANET, and the interface is of the correct type, then
1048 	 * allow for ARP to proceed.
1049 	 */
1050 	if (rt->rt_flags & RTF_GATEWAY) {
1051 		if (!(rt->rt_flags & RTF_HOST) || !rt->rt_ifp ||
1052 		    rt->rt_ifp->if_type != IFT_ETHER ||
1053 		    (rt->rt_ifp->if_flags & (IFF_NOARP | IFF_STATICARP)) != 0 ||
1054 		    memcmp(rt->rt_gateway->sa_data, l3addr->sa_data,
1055 		    sizeof(in_addr_t)) != 0) {
1056 			RTFREE_LOCKED(rt);
1057 			return (EINVAL);
1058 		}
1059 	}
1060 
1061 	/*
1062 	 * Make sure that at least the destination address is covered
1063 	 * by the route. This is for handling the case where 2 or more
1064 	 * interfaces have the same prefix. An incoming packet arrives
1065 	 * on one interface and the corresponding outgoing packet leaves
1066 	 * another interface.
1067 	 */
1068 	if (!(rt->rt_flags & RTF_HOST) && rt->rt_ifp != ifp) {
1069 		const char *sa, *mask, *addr, *lim;
1070 		int len;
1071 
1072 		mask = (const char *)rt_mask(rt);
1073 		/*
1074 		 * Just being extra cautious to avoid some custom
1075 		 * code getting into trouble.
1076 		 */
1077 		if (mask == NULL) {
1078 			RTFREE_LOCKED(rt);
1079 			return (EINVAL);
1080 		}
1081 
1082 		sa = (const char *)rt_key(rt);
1083 		addr = (const char *)l3addr;
1084 		len = ((const struct sockaddr_in *)l3addr)->sin_len;
1085 		lim = addr + len;
1086 
1087 		for ( ; addr < lim; sa++, mask++, addr++) {
1088 			if ((*sa ^ *addr) & *mask) {
1089 #ifdef DIAGNOSTIC
1090 				log(LOG_INFO, "IPv4 address: \"%s\" is not on the network\n",
1091 				    inet_ntoa(((const struct sockaddr_in *)l3addr)->sin_addr));
1092 #endif
1093 				RTFREE_LOCKED(rt);
1094 				return (EINVAL);
1095 			}
1096 		}
1097 	}
1098 
1099 	RTFREE_LOCKED(rt);
1100 	return (0);
1101 }
1102 
1103 /*
1104  * Return NULL if not found or marked for deletion.
1105  * If found return lle read locked.
1106  */
1107 static struct llentry *
1108 in_lltable_lookup(struct lltable *llt, u_int flags, const struct sockaddr *l3addr)
1109 {
1110 	const struct sockaddr_in *sin = (const struct sockaddr_in *)l3addr;
1111 	struct ifnet *ifp = llt->llt_ifp;
1112 	struct llentry *lle;
1113 	struct llentries *lleh;
1114 	u_int hashkey;
1115 
1116 	IF_AFDATA_LOCK_ASSERT(ifp);
1117 	KASSERT(l3addr->sa_family == AF_INET,
1118 	    ("sin_family %d", l3addr->sa_family));
1119 
1120 	hashkey = sin->sin_addr.s_addr;
1121 	lleh = &llt->lle_head[LLATBL_HASH(hashkey, LLTBL_HASHMASK)];
1122 	LIST_FOREACH(lle, lleh, lle_next) {
1123 		struct sockaddr_in *sa2 = satosin(L3_ADDR(lle));
1124 		if (lle->la_flags & LLE_DELETED)
1125 			continue;
1126 		if (sa2->sin_addr.s_addr == sin->sin_addr.s_addr)
1127 			break;
1128 	}
1129 	if (lle == NULL) {
1130 #ifdef DIAGNOSTIC
1131 		if (flags & LLE_DELETE)
1132 			log(LOG_INFO, "interface address is missing from cache = %p  in delete\n", lle);
1133 #endif
1134 		if (!(flags & LLE_CREATE))
1135 			return (NULL);
1136 		IF_AFDATA_WLOCK_ASSERT(ifp);
1137 		/*
1138 		 * A route that covers the given address must have
1139 		 * been installed 1st because we are doing a resolution,
1140 		 * verify this.
1141 		 */
1142 		if (!(flags & LLE_IFADDR) &&
1143 		    in_lltable_rtcheck(ifp, flags, l3addr) != 0)
1144 			goto done;
1145 
1146 		lle = in_lltable_new(l3addr, flags);
1147 		if (lle == NULL) {
1148 			log(LOG_INFO, "lla_lookup: new lle malloc failed\n");
1149 			goto done;
1150 		}
1151 		lle->la_flags = flags & ~LLE_CREATE;
1152 		if ((flags & (LLE_CREATE | LLE_IFADDR)) == (LLE_CREATE | LLE_IFADDR)) {
1153 			bcopy(IF_LLADDR(ifp), &lle->ll_addr, ifp->if_addrlen);
1154 			lle->la_flags |= (LLE_VALID | LLE_STATIC);
1155 		}
1156 
1157 		lle->lle_tbl  = llt;
1158 		lle->lle_head = lleh;
1159 		lle->la_flags |= LLE_LINKED;
1160 		LIST_INSERT_HEAD(lleh, lle, lle_next);
1161 	} else if (flags & LLE_DELETE) {
1162 		if (!(lle->la_flags & LLE_IFADDR) || (flags & LLE_IFADDR)) {
1163 			LLE_WLOCK(lle);
1164 			lle->la_flags |= LLE_DELETED;
1165 			EVENTHANDLER_INVOKE(lle_event, lle, LLENTRY_DELETED);
1166 #ifdef DIAGNOSTIC
1167 			log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle);
1168 #endif
1169 			if ((lle->la_flags &
1170 			    (LLE_STATIC | LLE_IFADDR)) == LLE_STATIC)
1171 				llentry_free(lle);
1172 			else
1173 				LLE_WUNLOCK(lle);
1174 		}
1175 		lle = (void *)-1;
1176 
1177 	}
1178 	if (LLE_IS_VALID(lle)) {
1179 		if (flags & LLE_EXCLUSIVE)
1180 			LLE_WLOCK(lle);
1181 		else
1182 			LLE_RLOCK(lle);
1183 	}
1184 done:
1185 	return (lle);
1186 }
1187 
1188 static int
1189 in_lltable_dump(struct lltable *llt, struct sysctl_req *wr)
1190 {
1191 #define	SIN(lle)	((struct sockaddr_in *) L3_ADDR(lle))
1192 	struct ifnet *ifp = llt->llt_ifp;
1193 	struct llentry *lle;
1194 	/* XXX stack use */
1195 	struct {
1196 		struct rt_msghdr	rtm;
1197 		struct sockaddr_in	sin;
1198 		struct sockaddr_dl	sdl;
1199 	} arpc;
1200 	int error, i;
1201 
1202 	LLTABLE_LOCK_ASSERT();
1203 
1204 	error = 0;
1205 	for (i = 0; i < LLTBL_HASHTBL_SIZE; i++) {
1206 		LIST_FOREACH(lle, &llt->lle_head[i], lle_next) {
1207 			struct sockaddr_dl *sdl;
1208 
1209 			/* skip deleted entries */
1210 			if ((lle->la_flags & LLE_DELETED) == LLE_DELETED)
1211 				continue;
1212 			/* Skip if jailed and not a valid IP of the prison. */
1213 			if (prison_if(wr->td->td_ucred, L3_ADDR(lle)) != 0)
1214 				continue;
1215 			/*
1216 			 * produce a msg made of:
1217 			 *  struct rt_msghdr;
1218 			 *  struct sockaddr_in; (IPv4)
1219 			 *  struct sockaddr_dl;
1220 			 */
1221 			bzero(&arpc, sizeof(arpc));
1222 			arpc.rtm.rtm_msglen = sizeof(arpc);
1223 			arpc.rtm.rtm_version = RTM_VERSION;
1224 			arpc.rtm.rtm_type = RTM_GET;
1225 			arpc.rtm.rtm_flags = RTF_UP;
1226 			arpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY;
1227 			arpc.sin.sin_family = AF_INET;
1228 			arpc.sin.sin_len = sizeof(arpc.sin);
1229 			arpc.sin.sin_addr.s_addr = SIN(lle)->sin_addr.s_addr;
1230 
1231 			/* publish */
1232 			if (lle->la_flags & LLE_PUB)
1233 				arpc.rtm.rtm_flags |= RTF_ANNOUNCE;
1234 
1235 			sdl = &arpc.sdl;
1236 			sdl->sdl_family = AF_LINK;
1237 			sdl->sdl_len = sizeof(*sdl);
1238 			sdl->sdl_index = ifp->if_index;
1239 			sdl->sdl_type = ifp->if_type;
1240 			if ((lle->la_flags & LLE_VALID) == LLE_VALID) {
1241 				sdl->sdl_alen = ifp->if_addrlen;
1242 				bcopy(&lle->ll_addr, LLADDR(sdl), ifp->if_addrlen);
1243 			} else {
1244 				sdl->sdl_alen = 0;
1245 				bzero(LLADDR(sdl), ifp->if_addrlen);
1246 			}
1247 
1248 			arpc.rtm.rtm_rmx.rmx_expire =
1249 			    lle->la_flags & LLE_STATIC ? 0 : lle->la_expire;
1250 			arpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA);
1251 			if (lle->la_flags & LLE_STATIC)
1252 				arpc.rtm.rtm_flags |= RTF_STATIC;
1253 			arpc.rtm.rtm_index = ifp->if_index;
1254 			error = SYSCTL_OUT(wr, &arpc, sizeof(arpc));
1255 			if (error)
1256 				break;
1257 		}
1258 	}
1259 	return error;
1260 #undef SIN
1261 }
1262 
1263 void *
1264 in_domifattach(struct ifnet *ifp)
1265 {
1266 	struct in_ifinfo *ii;
1267 	struct lltable *llt;
1268 
1269 	ii = malloc(sizeof(struct in_ifinfo), M_IFADDR, M_WAITOK|M_ZERO);
1270 
1271 	llt = lltable_init(ifp, AF_INET);
1272 	if (llt != NULL) {
1273 		llt->llt_prefix_free = in_lltable_prefix_free;
1274 		llt->llt_lookup = in_lltable_lookup;
1275 		llt->llt_dump = in_lltable_dump;
1276 	}
1277 	ii->ii_llt = llt;
1278 
1279 	ii->ii_igmp = igmp_domifattach(ifp);
1280 
1281 	return ii;
1282 }
1283 
1284 void
1285 in_domifdetach(struct ifnet *ifp, void *aux)
1286 {
1287 	struct in_ifinfo *ii = (struct in_ifinfo *)aux;
1288 
1289 	igmp_domifdetach(ifp);
1290 	lltable_free(ii->ii_llt);
1291 	free(ii, M_IFADDR);
1292 }
1293