xref: /freebsd/sys/netinet6/in6.c (revision 4ba91fa0736bb0672d475b6b56d9e7b06e78ff69)
1 /*-
2  * SPDX-License-Identifier: BSD-3-Clause
3  *
4  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  * 3. Neither the name of the project nor the names of its contributors
16  *    may be used to endorse or promote products derived from this software
17  *    without specific prior written permission.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29  * SUCH DAMAGE.
30  *
31  *	$KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $
32  */
33 
34 /*-
35  * Copyright (c) 1982, 1986, 1991, 1993
36  *	The Regents of the University of California.  All rights reserved.
37  *
38  * Redistribution and use in source and binary forms, with or without
39  * modification, are permitted provided that the following conditions
40  * are met:
41  * 1. Redistributions of source code must retain the above copyright
42  *    notice, this list of conditions and the following disclaimer.
43  * 2. Redistributions in binary form must reproduce the above copyright
44  *    notice, this list of conditions and the following disclaimer in the
45  *    documentation and/or other materials provided with the distribution.
46  * 3. Neither the name of the University nor the names of its contributors
47  *    may be used to endorse or promote products derived from this software
48  *    without specific prior written permission.
49  *
50  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
51  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
52  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
53  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
54  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
55  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
56  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
57  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
58  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
59  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
60  * SUCH DAMAGE.
61  *
62  *	@(#)in.c	8.2 (Berkeley) 11/15/93
63  */
64 
65 #include <sys/cdefs.h>
66 __FBSDID("$FreeBSD$");
67 
68 #include "opt_inet.h"
69 #include "opt_inet6.h"
70 
71 #include <sys/param.h>
72 #include <sys/capsicum.h>
73 #include <sys/eventhandler.h>
74 #include <sys/errno.h>
75 #include <sys/jail.h>
76 #include <sys/malloc.h>
77 #include <sys/socket.h>
78 #include <sys/socketvar.h>
79 #include <sys/sockio.h>
80 #include <sys/systm.h>
81 #include <sys/priv.h>
82 #include <sys/proc.h>
83 #include <sys/protosw.h>
84 #include <sys/time.h>
85 #include <sys/kernel.h>
86 #include <sys/lock.h>
87 #include <sys/rmlock.h>
88 #include <sys/sysctl.h>
89 #include <sys/syslog.h>
90 
91 #include <net/if.h>
92 #include <net/if_var.h>
93 #include <net/if_types.h>
94 #include <net/route.h>
95 #include <net/route/route_ctl.h>
96 #include <net/route/nhop.h>
97 #include <net/if_dl.h>
98 #include <net/vnet.h>
99 
100 #include <netinet/in.h>
101 #include <netinet/in_var.h>
102 #include <net/if_llatbl.h>
103 #include <netinet/if_ether.h>
104 #include <netinet/in_systm.h>
105 #include <netinet/ip.h>
106 #include <netinet/in_pcb.h>
107 #include <netinet/ip_carp.h>
108 
109 #include <netinet/ip6.h>
110 #include <netinet6/ip6_var.h>
111 #include <netinet6/nd6.h>
112 #include <netinet6/mld6_var.h>
113 #include <netinet6/ip6_mroute.h>
114 #include <netinet6/in6_ifattach.h>
115 #include <netinet6/scope6_var.h>
116 #include <netinet6/in6_fib.h>
117 #include <netinet6/in6_pcb.h>
118 
119 /*
120  * struct in6_ifreq and struct ifreq must be type punnable for common members
121  * of ifr_ifru to allow accessors to be shared.
122  */
123 _Static_assert(offsetof(struct in6_ifreq, ifr_ifru) ==
124     offsetof(struct ifreq, ifr_ifru),
125     "struct in6_ifreq and struct ifreq are not type punnable");
126 
127 VNET_DECLARE(int, icmp6_nodeinfo_oldmcprefix);
128 #define V_icmp6_nodeinfo_oldmcprefix	VNET(icmp6_nodeinfo_oldmcprefix)
129 
130 /*
131  * Definitions of some costant IP6 addresses.
132  */
133 const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT;
134 const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT;
135 const struct in6_addr in6addr_nodelocal_allnodes =
136 	IN6ADDR_NODELOCAL_ALLNODES_INIT;
137 const struct in6_addr in6addr_linklocal_allnodes =
138 	IN6ADDR_LINKLOCAL_ALLNODES_INIT;
139 const struct in6_addr in6addr_linklocal_allrouters =
140 	IN6ADDR_LINKLOCAL_ALLROUTERS_INIT;
141 const struct in6_addr in6addr_linklocal_allv2routers =
142 	IN6ADDR_LINKLOCAL_ALLV2ROUTERS_INIT;
143 
144 const struct in6_addr in6mask0 = IN6MASK0;
145 const struct in6_addr in6mask32 = IN6MASK32;
146 const struct in6_addr in6mask64 = IN6MASK64;
147 const struct in6_addr in6mask96 = IN6MASK96;
148 const struct in6_addr in6mask128 = IN6MASK128;
149 
150 const struct sockaddr_in6 sa6_any =
151 	{ sizeof(sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0 };
152 
153 static int in6_notify_ifa(struct ifnet *, struct in6_ifaddr *,
154 	struct in6_aliasreq *, int);
155 static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *);
156 
157 static int in6_validate_ifra(struct ifnet *, struct in6_aliasreq *,
158     struct in6_ifaddr *, int);
159 static struct in6_ifaddr *in6_alloc_ifa(struct ifnet *,
160     struct in6_aliasreq *, int flags);
161 static int in6_update_ifa_internal(struct ifnet *, struct in6_aliasreq *,
162     struct in6_ifaddr *, int, int);
163 static int in6_broadcast_ifa(struct ifnet *, struct in6_aliasreq *,
164     struct in6_ifaddr *, int);
165 
166 #define ifa2ia6(ifa)	((struct in6_ifaddr *)(ifa))
167 #define ia62ifa(ia6)	(&((ia6)->ia_ifa))
168 
169 void
170 in6_newaddrmsg(struct in6_ifaddr *ia, int cmd)
171 {
172 	struct rt_addrinfo info;
173 	struct ifaddr *ifa;
174 	struct sockaddr_dl gateway;
175 	int fibnum;
176 
177 	ifa = &ia->ia_ifa;
178 
179 	/*
180 	 * Prepare info data for the host route.
181 	 * This code mimics one from ifa_maintain_loopback_route().
182 	 */
183 	bzero(&info, sizeof(struct rt_addrinfo));
184 	info.rti_flags = ifa->ifa_flags | RTF_HOST | RTF_STATIC | RTF_PINNED;
185 	info.rti_info[RTAX_DST] = ifa->ifa_addr;
186 	info.rti_info[RTAX_GATEWAY] = (struct sockaddr *)&gateway;
187 	link_init_sdl(ifa->ifa_ifp, (struct sockaddr *)&gateway, ifa->ifa_ifp->if_type);
188 	if (cmd != RTM_DELETE)
189 		info.rti_ifp = V_loif;
190 
191 	fibnum = ia62ifa(ia)->ifa_ifp->if_fib;
192 
193 	if (cmd == RTM_ADD) {
194 		rt_addrmsg(cmd, &ia->ia_ifa, fibnum);
195 		rt_routemsg_info(cmd, &info, fibnum);
196 	} else if (cmd == RTM_DELETE) {
197 		rt_routemsg_info(cmd, &info, fibnum);
198 		rt_addrmsg(cmd, &ia->ia_ifa, fibnum);
199 	}
200 }
201 
202 int
203 in6_mask2len(struct in6_addr *mask, u_char *lim0)
204 {
205 	int x = 0, y;
206 	u_char *lim = lim0, *p;
207 
208 	/* ignore the scope_id part */
209 	if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask))
210 		lim = (u_char *)mask + sizeof(*mask);
211 	for (p = (u_char *)mask; p < lim; x++, p++) {
212 		if (*p != 0xff)
213 			break;
214 	}
215 	y = 0;
216 	if (p < lim) {
217 		for (y = 0; y < 8; y++) {
218 			if ((*p & (0x80 >> y)) == 0)
219 				break;
220 		}
221 	}
222 
223 	/*
224 	 * when the limit pointer is given, do a stricter check on the
225 	 * remaining bits.
226 	 */
227 	if (p < lim) {
228 		if (y != 0 && (*p & (0x00ff >> y)) != 0)
229 			return (-1);
230 		for (p = p + 1; p < lim; p++)
231 			if (*p != 0)
232 				return (-1);
233 	}
234 
235 	return x * 8 + y;
236 }
237 
238 #ifdef COMPAT_FREEBSD32
239 struct in6_ndifreq32 {
240 	char ifname[IFNAMSIZ];
241 	uint32_t ifindex;
242 };
243 #define	SIOCGDEFIFACE32_IN6	_IOWR('i', 86, struct in6_ndifreq32)
244 #endif
245 
246 int
247 in6_control(struct socket *so, u_long cmd, caddr_t data,
248     struct ifnet *ifp, struct thread *td)
249 {
250 	struct	in6_ifreq *ifr = (struct in6_ifreq *)data;
251 	struct	in6_ifaddr *ia = NULL;
252 	struct	in6_aliasreq *ifra = (struct in6_aliasreq *)data;
253 	struct sockaddr_in6 *sa6;
254 	int carp_attached = 0;
255 	int error;
256 	u_long ocmd = cmd;
257 
258 	if (td != NULL && IN_CAPABILITY_MODE(td))
259 		return (ECAPMODE);
260 
261 	/*
262 	 * Compat to make pre-10.x ifconfig(8) operable.
263 	 */
264 	if (cmd == OSIOCAIFADDR_IN6)
265 		cmd = SIOCAIFADDR_IN6;
266 
267 	switch (cmd) {
268 	case SIOCGETSGCNT_IN6:
269 	case SIOCGETMIFCNT_IN6:
270 		/*
271 		 * XXX mrt_ioctl has a 3rd, unused, FIB argument in route.c.
272 		 * We cannot see how that would be needed, so do not adjust the
273 		 * KPI blindly; more likely should clean up the IPv4 variant.
274 		 */
275 		return (mrt6_ioctl ? mrt6_ioctl(cmd, data) : EOPNOTSUPP);
276 	}
277 
278 	switch (cmd) {
279 	case SIOCAADDRCTL_POLICY:
280 	case SIOCDADDRCTL_POLICY:
281 		if (td != NULL) {
282 			error = priv_check(td, PRIV_NETINET_ADDRCTRL6);
283 			if (error)
284 				return (error);
285 		}
286 		return (in6_src_ioctl(cmd, data));
287 	}
288 
289 	if (ifp == NULL)
290 		return (EOPNOTSUPP);
291 
292 	switch (cmd) {
293 	case SIOCSNDFLUSH_IN6:
294 	case SIOCSPFXFLUSH_IN6:
295 	case SIOCSRTRFLUSH_IN6:
296 	case SIOCSDEFIFACE_IN6:
297 	case SIOCSIFINFO_FLAGS:
298 	case SIOCSIFINFO_IN6:
299 		if (td != NULL) {
300 			error = priv_check(td, PRIV_NETINET_ND6);
301 			if (error)
302 				return (error);
303 		}
304 		/* FALLTHROUGH */
305 	case OSIOCGIFINFO_IN6:
306 	case SIOCGIFINFO_IN6:
307 	case SIOCGNBRINFO_IN6:
308 	case SIOCGDEFIFACE_IN6:
309 		return (nd6_ioctl(cmd, data, ifp));
310 
311 #ifdef COMPAT_FREEBSD32
312 	case SIOCGDEFIFACE32_IN6:
313 		{
314 			struct in6_ndifreq ndif;
315 			struct in6_ndifreq32 *ndif32;
316 
317 			error = nd6_ioctl(SIOCGDEFIFACE_IN6, (caddr_t)&ndif,
318 			    ifp);
319 			if (error)
320 				return (error);
321 			ndif32 = (struct in6_ndifreq32 *)data;
322 			ndif32->ifindex = ndif.ifindex;
323 			return (0);
324 		}
325 #endif
326 	}
327 
328 	switch (cmd) {
329 	case SIOCSIFPREFIX_IN6:
330 	case SIOCDIFPREFIX_IN6:
331 	case SIOCAIFPREFIX_IN6:
332 	case SIOCCIFPREFIX_IN6:
333 	case SIOCSGIFPREFIX_IN6:
334 	case SIOCGIFPREFIX_IN6:
335 		log(LOG_NOTICE,
336 		    "prefix ioctls are now invalidated. "
337 		    "please use ifconfig.\n");
338 		return (EOPNOTSUPP);
339 	}
340 
341 	switch (cmd) {
342 	case SIOCSSCOPE6:
343 		if (td != NULL) {
344 			error = priv_check(td, PRIV_NETINET_SCOPE6);
345 			if (error)
346 				return (error);
347 		}
348 		/* FALLTHROUGH */
349 	case SIOCGSCOPE6:
350 	case SIOCGSCOPE6DEF:
351 		return (scope6_ioctl(cmd, data, ifp));
352 	}
353 
354 	/*
355 	 * Find address for this interface, if it exists.
356 	 *
357 	 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation
358 	 * only, and used the first interface address as the target of other
359 	 * operations (without checking ifra_addr).  This was because netinet
360 	 * code/API assumed at most 1 interface address per interface.
361 	 * Since IPv6 allows a node to assign multiple addresses
362 	 * on a single interface, we almost always look and check the
363 	 * presence of ifra_addr, and reject invalid ones here.
364 	 * It also decreases duplicated code among SIOC*_IN6 operations.
365 	 */
366 	switch (cmd) {
367 	case SIOCAIFADDR_IN6:
368 	case SIOCSIFPHYADDR_IN6:
369 		sa6 = &ifra->ifra_addr;
370 		break;
371 	case SIOCSIFADDR_IN6:
372 	case SIOCGIFADDR_IN6:
373 	case SIOCSIFDSTADDR_IN6:
374 	case SIOCSIFNETMASK_IN6:
375 	case SIOCGIFDSTADDR_IN6:
376 	case SIOCGIFNETMASK_IN6:
377 	case SIOCDIFADDR_IN6:
378 	case SIOCGIFPSRCADDR_IN6:
379 	case SIOCGIFPDSTADDR_IN6:
380 	case SIOCGIFAFLAG_IN6:
381 	case SIOCSNDFLUSH_IN6:
382 	case SIOCSPFXFLUSH_IN6:
383 	case SIOCSRTRFLUSH_IN6:
384 	case SIOCGIFALIFETIME_IN6:
385 	case SIOCGIFSTAT_IN6:
386 	case SIOCGIFSTAT_ICMP6:
387 		sa6 = &ifr->ifr_addr;
388 		break;
389 	case SIOCSIFADDR:
390 	case SIOCSIFBRDADDR:
391 	case SIOCSIFDSTADDR:
392 	case SIOCSIFNETMASK:
393 		/*
394 		 * Although we should pass any non-INET6 ioctl requests
395 		 * down to driver, we filter some legacy INET requests.
396 		 * Drivers trust SIOCSIFADDR et al to come from an already
397 		 * privileged layer, and do not perform any credentials
398 		 * checks or input validation.
399 		 */
400 		return (EINVAL);
401 	default:
402 		sa6 = NULL;
403 		break;
404 	}
405 	if (sa6 && sa6->sin6_family == AF_INET6) {
406 		if (sa6->sin6_scope_id != 0)
407 			error = sa6_embedscope(sa6, 0);
408 		else
409 			error = in6_setscope(&sa6->sin6_addr, ifp, NULL);
410 		if (error != 0)
411 			return (error);
412 		if (td != NULL && (error = prison_check_ip6(td->td_ucred,
413 		    &sa6->sin6_addr)) != 0)
414 			return (error);
415 		ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr);
416 	} else
417 		ia = NULL;
418 
419 	switch (cmd) {
420 	case SIOCSIFADDR_IN6:
421 	case SIOCSIFDSTADDR_IN6:
422 	case SIOCSIFNETMASK_IN6:
423 		/*
424 		 * Since IPv6 allows a node to assign multiple addresses
425 		 * on a single interface, SIOCSIFxxx ioctls are deprecated.
426 		 */
427 		/* we decided to obsolete this command (20000704) */
428 		error = EINVAL;
429 		goto out;
430 
431 	case SIOCDIFADDR_IN6:
432 		/*
433 		 * for IPv4, we look for existing in_ifaddr here to allow
434 		 * "ifconfig if0 delete" to remove the first IPv4 address on
435 		 * the interface.  For IPv6, as the spec allows multiple
436 		 * interface address from the day one, we consider "remove the
437 		 * first one" semantics to be not preferable.
438 		 */
439 		if (ia == NULL) {
440 			error = EADDRNOTAVAIL;
441 			goto out;
442 		}
443 		/* FALLTHROUGH */
444 	case SIOCAIFADDR_IN6:
445 		/*
446 		 * We always require users to specify a valid IPv6 address for
447 		 * the corresponding operation.
448 		 */
449 		if (ifra->ifra_addr.sin6_family != AF_INET6 ||
450 		    ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) {
451 			error = EAFNOSUPPORT;
452 			goto out;
453 		}
454 
455 		if (td != NULL) {
456 			error = priv_check(td, (cmd == SIOCDIFADDR_IN6) ?
457 			    PRIV_NET_DELIFADDR : PRIV_NET_ADDIFADDR);
458 			if (error)
459 				goto out;
460 		}
461 		/* FALLTHROUGH */
462 	case SIOCGIFSTAT_IN6:
463 	case SIOCGIFSTAT_ICMP6:
464 		if (ifp->if_afdata[AF_INET6] == NULL) {
465 			error = EPFNOSUPPORT;
466 			goto out;
467 		}
468 		break;
469 
470 	case SIOCGIFADDR_IN6:
471 		/* This interface is basically deprecated. use SIOCGIFCONF. */
472 		/* FALLTHROUGH */
473 	case SIOCGIFAFLAG_IN6:
474 	case SIOCGIFNETMASK_IN6:
475 	case SIOCGIFDSTADDR_IN6:
476 	case SIOCGIFALIFETIME_IN6:
477 		/* must think again about its semantics */
478 		if (ia == NULL) {
479 			error = EADDRNOTAVAIL;
480 			goto out;
481 		}
482 		break;
483 	}
484 
485 	switch (cmd) {
486 	case SIOCGIFADDR_IN6:
487 		ifr->ifr_addr = ia->ia_addr;
488 		if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0)
489 			goto out;
490 		break;
491 
492 	case SIOCGIFDSTADDR_IN6:
493 		if ((ifp->if_flags & IFF_POINTOPOINT) == 0) {
494 			error = EINVAL;
495 			goto out;
496 		}
497 		ifr->ifr_dstaddr = ia->ia_dstaddr;
498 		if ((error = sa6_recoverscope(&ifr->ifr_dstaddr)) != 0)
499 			goto out;
500 		break;
501 
502 	case SIOCGIFNETMASK_IN6:
503 		ifr->ifr_addr = ia->ia_prefixmask;
504 		break;
505 
506 	case SIOCGIFAFLAG_IN6:
507 		ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags;
508 		break;
509 
510 	case SIOCGIFSTAT_IN6:
511 		COUNTER_ARRAY_COPY(((struct in6_ifextra *)
512 		    ifp->if_afdata[AF_INET6])->in6_ifstat,
513 		    &ifr->ifr_ifru.ifru_stat,
514 		    sizeof(struct in6_ifstat) / sizeof(uint64_t));
515 		break;
516 
517 	case SIOCGIFSTAT_ICMP6:
518 		COUNTER_ARRAY_COPY(((struct in6_ifextra *)
519 		    ifp->if_afdata[AF_INET6])->icmp6_ifstat,
520 		    &ifr->ifr_ifru.ifru_icmp6stat,
521 		    sizeof(struct icmp6_ifstat) / sizeof(uint64_t));
522 		break;
523 
524 	case SIOCGIFALIFETIME_IN6:
525 		ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime;
526 		if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
527 			time_t maxexpire;
528 			struct in6_addrlifetime *retlt =
529 			    &ifr->ifr_ifru.ifru_lifetime;
530 
531 			/*
532 			 * XXX: adjust expiration time assuming time_t is
533 			 * signed.
534 			 */
535 			maxexpire = (-1) &
536 			    ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
537 			if (ia->ia6_lifetime.ia6t_vltime <
538 			    maxexpire - ia->ia6_updatetime) {
539 				retlt->ia6t_expire = ia->ia6_updatetime +
540 				    ia->ia6_lifetime.ia6t_vltime;
541 			} else
542 				retlt->ia6t_expire = maxexpire;
543 		}
544 		if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
545 			time_t maxexpire;
546 			struct in6_addrlifetime *retlt =
547 			    &ifr->ifr_ifru.ifru_lifetime;
548 
549 			/*
550 			 * XXX: adjust expiration time assuming time_t is
551 			 * signed.
552 			 */
553 			maxexpire = (-1) &
554 			    ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
555 			if (ia->ia6_lifetime.ia6t_pltime <
556 			    maxexpire - ia->ia6_updatetime) {
557 				retlt->ia6t_preferred = ia->ia6_updatetime +
558 				    ia->ia6_lifetime.ia6t_pltime;
559 			} else
560 				retlt->ia6t_preferred = maxexpire;
561 		}
562 		break;
563 
564 	case SIOCAIFADDR_IN6:
565 	{
566 		struct nd_prefixctl pr0;
567 		struct nd_prefix *pr;
568 
569 		/*
570 		 * first, make or update the interface address structure,
571 		 * and link it to the list.
572 		 */
573 		if ((error = in6_update_ifa(ifp, ifra, ia, 0)) != 0)
574 			goto out;
575 		if (ia != NULL) {
576 			if (ia->ia_ifa.ifa_carp)
577 				(*carp_detach_p)(&ia->ia_ifa, true);
578 			ifa_free(&ia->ia_ifa);
579 		}
580 		if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr))
581 		    == NULL) {
582 			/*
583 			 * this can happen when the user specify the 0 valid
584 			 * lifetime.
585 			 */
586 			break;
587 		}
588 
589 		if (cmd == ocmd && ifra->ifra_vhid > 0) {
590 			if (carp_attach_p != NULL)
591 				error = (*carp_attach_p)(&ia->ia_ifa,
592 				    ifra->ifra_vhid);
593 			else
594 				error = EPROTONOSUPPORT;
595 			if (error)
596 				goto out;
597 			else
598 				carp_attached = 1;
599 		}
600 
601 		/*
602 		 * then, make the prefix on-link on the interface.
603 		 * XXX: we'd rather create the prefix before the address, but
604 		 * we need at least one address to install the corresponding
605 		 * interface route, so we configure the address first.
606 		 */
607 
608 		/*
609 		 * convert mask to prefix length (prefixmask has already
610 		 * been validated in in6_update_ifa().
611 		 */
612 		bzero(&pr0, sizeof(pr0));
613 		pr0.ndpr_ifp = ifp;
614 		pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
615 		    NULL);
616 		if (pr0.ndpr_plen == 128) {
617 			/* we don't need to install a host route. */
618 			goto aifaddr_out;
619 		}
620 		pr0.ndpr_prefix = ifra->ifra_addr;
621 		/* apply the mask for safety. */
622 		IN6_MASK_ADDR(&pr0.ndpr_prefix.sin6_addr,
623 		    &ifra->ifra_prefixmask.sin6_addr);
624 
625 		/*
626 		 * XXX: since we don't have an API to set prefix (not address)
627 		 * lifetimes, we just use the same lifetimes as addresses.
628 		 * The (temporarily) installed lifetimes can be overridden by
629 		 * later advertised RAs (when accept_rtadv is non 0), which is
630 		 * an intended behavior.
631 		 */
632 		pr0.ndpr_raf_onlink = 1; /* should be configurable? */
633 		pr0.ndpr_raf_auto =
634 		    ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0);
635 		pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime;
636 		pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime;
637 
638 		/* add the prefix if not yet. */
639 		if ((pr = nd6_prefix_lookup(&pr0)) == NULL) {
640 			/*
641 			 * nd6_prelist_add will install the corresponding
642 			 * interface route.
643 			 */
644 			if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) {
645 				if (carp_attached)
646 					(*carp_detach_p)(&ia->ia_ifa, false);
647 				goto out;
648 			}
649 		}
650 
651 		/* relate the address to the prefix */
652 		if (ia->ia6_ndpr == NULL) {
653 			ia->ia6_ndpr = pr;
654 			pr->ndpr_addrcnt++;
655 
656 			/*
657 			 * If this is the first autoconf address from the
658 			 * prefix, create a temporary address as well
659 			 * (when required).
660 			 */
661 			if ((ia->ia6_flags & IN6_IFF_AUTOCONF) &&
662 			    V_ip6_use_tempaddr && pr->ndpr_addrcnt == 1) {
663 				int e;
664 				if ((e = in6_tmpifadd(ia, 1, 0)) != 0) {
665 					log(LOG_NOTICE, "in6_control: failed "
666 					    "to create a temporary address, "
667 					    "errno=%d\n", e);
668 				}
669 			}
670 		}
671 		nd6_prefix_rele(pr);
672 
673 		/*
674 		 * this might affect the status of autoconfigured addresses,
675 		 * that is, this address might make other addresses detached.
676 		 */
677 		pfxlist_onlink_check();
678 
679 aifaddr_out:
680 		/*
681 		 * Try to clear the flag when a new IPv6 address is added
682 		 * onto an IFDISABLED interface and it succeeds.
683 		 */
684 		if (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED) {
685 			struct in6_ndireq nd;
686 
687 			memset(&nd, 0, sizeof(nd));
688 			nd.ndi.flags = ND_IFINFO(ifp)->flags;
689 			nd.ndi.flags &= ~ND6_IFF_IFDISABLED;
690 			if (nd6_ioctl(SIOCSIFINFO_FLAGS, (caddr_t)&nd, ifp) < 0)
691 				log(LOG_NOTICE, "SIOCAIFADDR_IN6: "
692 				    "SIOCSIFINFO_FLAGS for -ifdisabled "
693 				    "failed.");
694 			/*
695 			 * Ignore failure of clearing the flag intentionally.
696 			 * The failure means address duplication was detected.
697 			 */
698 		}
699 		break;
700 	}
701 
702 	case SIOCDIFADDR_IN6:
703 		in6_purgeifaddr(ia);
704 		EVENTHANDLER_INVOKE(ifaddr_event_ext, ifp, &ia->ia_ifa,
705 		    IFADDR_EVENT_DEL);
706 		break;
707 
708 	default:
709 		if (ifp->if_ioctl == NULL) {
710 			error = EOPNOTSUPP;
711 			goto out;
712 		}
713 		error = (*ifp->if_ioctl)(ifp, cmd, data);
714 		goto out;
715 	}
716 
717 	error = 0;
718 out:
719 	if (ia != NULL)
720 		ifa_free(&ia->ia_ifa);
721 	return (error);
722 }
723 
724 static struct in6_multi_mship *
725 in6_joingroup_legacy(struct ifnet *ifp, const struct in6_addr *mcaddr,
726     int *errorp, int delay)
727 {
728 	struct in6_multi_mship *imm;
729 	int error;
730 
731 	imm = malloc(sizeof(*imm), M_IP6MADDR, M_NOWAIT);
732 	if (imm == NULL) {
733 		*errorp = ENOBUFS;
734 		return (NULL);
735 	}
736 
737 	delay = (delay * PR_FASTHZ) / hz;
738 
739 	error = in6_joingroup(ifp, mcaddr, NULL, &imm->i6mm_maddr, delay);
740 	if (error) {
741 		*errorp = error;
742 		free(imm, M_IP6MADDR);
743 		return (NULL);
744 	}
745 
746 	return (imm);
747 }
748 /*
749  * Join necessary multicast groups.  Factored out from in6_update_ifa().
750  * This entire work should only be done once, for the default FIB.
751  */
752 static int
753 in6_update_ifa_join_mc(struct ifnet *ifp, struct in6_aliasreq *ifra,
754     struct in6_ifaddr *ia, int flags, struct in6_multi **in6m_sol)
755 {
756 	char ip6buf[INET6_ADDRSTRLEN];
757 	struct in6_addr mltaddr;
758 	struct in6_multi_mship *imm;
759 	int delay, error;
760 
761 	KASSERT(in6m_sol != NULL, ("%s: in6m_sol is NULL", __func__));
762 
763 	/* Join solicited multicast addr for new host id. */
764 	bzero(&mltaddr, sizeof(struct in6_addr));
765 	mltaddr.s6_addr32[0] = IPV6_ADDR_INT32_MLL;
766 	mltaddr.s6_addr32[2] = htonl(1);
767 	mltaddr.s6_addr32[3] = ifra->ifra_addr.sin6_addr.s6_addr32[3];
768 	mltaddr.s6_addr8[12] = 0xff;
769 	if ((error = in6_setscope(&mltaddr, ifp, NULL)) != 0) {
770 		/* XXX: should not happen */
771 		log(LOG_ERR, "%s: in6_setscope failed\n", __func__);
772 		goto cleanup;
773 	}
774 	delay = error = 0;
775 	if ((flags & IN6_IFAUPDATE_DADDELAY)) {
776 		/*
777 		 * We need a random delay for DAD on the address being
778 		 * configured.  It also means delaying transmission of the
779 		 * corresponding MLD report to avoid report collision.
780 		 * [RFC 4861, Section 6.3.7]
781 		 */
782 		delay = arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz);
783 	}
784 	imm = in6_joingroup_legacy(ifp, &mltaddr, &error, delay);
785 	if (imm == NULL) {
786 		nd6log((LOG_WARNING, "%s: in6_joingroup failed for %s on %s "
787 		    "(errno=%d)\n", __func__, ip6_sprintf(ip6buf, &mltaddr),
788 		    if_name(ifp), error));
789 		goto cleanup;
790 	}
791 	LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
792 	*in6m_sol = imm->i6mm_maddr;
793 
794 	/*
795 	 * Join link-local all-nodes address.
796 	 */
797 	mltaddr = in6addr_linklocal_allnodes;
798 	if ((error = in6_setscope(&mltaddr, ifp, NULL)) != 0)
799 		goto cleanup; /* XXX: should not fail */
800 
801 	imm = in6_joingroup_legacy(ifp, &mltaddr, &error, 0);
802 	if (imm == NULL) {
803 		nd6log((LOG_WARNING, "%s: in6_joingroup failed for %s on %s "
804 		    "(errno=%d)\n", __func__, ip6_sprintf(ip6buf, &mltaddr),
805 		    if_name(ifp), error));
806 		goto cleanup;
807 	}
808 	LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
809 
810 	/*
811 	 * Join node information group address.
812 	 */
813 	delay = 0;
814 	if ((flags & IN6_IFAUPDATE_DADDELAY)) {
815 		/*
816 		 * The spec does not say anything about delay for this group,
817 		 * but the same logic should apply.
818 		 */
819 		delay = arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz);
820 	}
821 	if (in6_nigroup(ifp, NULL, -1, &mltaddr) == 0) {
822 		/* XXX jinmei */
823 		imm = in6_joingroup_legacy(ifp, &mltaddr, &error, delay);
824 		if (imm == NULL)
825 			nd6log((LOG_WARNING,
826 			    "%s: in6_joingroup failed for %s on %s "
827 			    "(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
828 			    &mltaddr), if_name(ifp), error));
829 			/* XXX not very fatal, go on... */
830 		else
831 			LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
832 	}
833 	if (V_icmp6_nodeinfo_oldmcprefix &&
834 	    in6_nigroup_oldmcprefix(ifp, NULL, -1, &mltaddr) == 0) {
835 		imm = in6_joingroup_legacy(ifp, &mltaddr, &error, delay);
836 		if (imm == NULL)
837 			nd6log((LOG_WARNING,
838 			    "%s: in6_joingroup failed for %s on %s "
839 			    "(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
840 			    &mltaddr), if_name(ifp), error));
841 			/* XXX not very fatal, go on... */
842 		else
843 			LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
844 	}
845 
846 	/*
847 	 * Join interface-local all-nodes address.
848 	 * (ff01::1%ifN, and ff01::%ifN/32)
849 	 */
850 	mltaddr = in6addr_nodelocal_allnodes;
851 	if ((error = in6_setscope(&mltaddr, ifp, NULL)) != 0)
852 		goto cleanup; /* XXX: should not fail */
853 
854 	imm = in6_joingroup_legacy(ifp, &mltaddr, &error, 0);
855 	if (imm == NULL) {
856 		nd6log((LOG_WARNING, "%s: in6_joingroup failed for %s on %s "
857 		    "(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
858 		    &mltaddr), if_name(ifp), error));
859 		goto cleanup;
860 	}
861 	LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
862 
863 cleanup:
864 	return (error);
865 }
866 
867 /*
868  * Update parameters of an IPv6 interface address.
869  * If necessary, a new entry is created and linked into address chains.
870  * This function is separated from in6_control().
871  */
872 int
873 in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra,
874     struct in6_ifaddr *ia, int flags)
875 {
876 	int error, hostIsNew = 0;
877 
878 	if ((error = in6_validate_ifra(ifp, ifra, ia, flags)) != 0)
879 		return (error);
880 
881 	if (ia == NULL) {
882 		hostIsNew = 1;
883 		if ((ia = in6_alloc_ifa(ifp, ifra, flags)) == NULL)
884 			return (ENOBUFS);
885 	}
886 
887 	error = in6_update_ifa_internal(ifp, ifra, ia, hostIsNew, flags);
888 	if (error != 0) {
889 		if (hostIsNew != 0) {
890 			in6_unlink_ifa(ia, ifp);
891 			ifa_free(&ia->ia_ifa);
892 		}
893 		return (error);
894 	}
895 
896 	if (hostIsNew)
897 		error = in6_broadcast_ifa(ifp, ifra, ia, flags);
898 
899 	return (error);
900 }
901 
902 /*
903  * Fill in basic IPv6 address request info.
904  */
905 void
906 in6_prepare_ifra(struct in6_aliasreq *ifra, const struct in6_addr *addr,
907     const struct in6_addr *mask)
908 {
909 
910 	memset(ifra, 0, sizeof(struct in6_aliasreq));
911 
912 	ifra->ifra_addr.sin6_family = AF_INET6;
913 	ifra->ifra_addr.sin6_len = sizeof(struct sockaddr_in6);
914 	if (addr != NULL)
915 		ifra->ifra_addr.sin6_addr = *addr;
916 
917 	ifra->ifra_prefixmask.sin6_family = AF_INET6;
918 	ifra->ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6);
919 	if (mask != NULL)
920 		ifra->ifra_prefixmask.sin6_addr = *mask;
921 }
922 
923 static int
924 in6_validate_ifra(struct ifnet *ifp, struct in6_aliasreq *ifra,
925     struct in6_ifaddr *ia, int flags)
926 {
927 	int plen = -1;
928 	struct sockaddr_in6 dst6;
929 	struct in6_addrlifetime *lt;
930 	char ip6buf[INET6_ADDRSTRLEN];
931 
932 	/* Validate parameters */
933 	if (ifp == NULL || ifra == NULL) /* this maybe redundant */
934 		return (EINVAL);
935 
936 	/*
937 	 * The destination address for a p2p link must have a family
938 	 * of AF_UNSPEC or AF_INET6.
939 	 */
940 	if ((ifp->if_flags & IFF_POINTOPOINT) != 0 &&
941 	    ifra->ifra_dstaddr.sin6_family != AF_INET6 &&
942 	    ifra->ifra_dstaddr.sin6_family != AF_UNSPEC)
943 		return (EAFNOSUPPORT);
944 
945 	/*
946 	 * Validate address
947 	 */
948 	if (ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6) ||
949 	    ifra->ifra_addr.sin6_family != AF_INET6)
950 		return (EINVAL);
951 
952 	/*
953 	 * validate ifra_prefixmask.  don't check sin6_family, netmask
954 	 * does not carry fields other than sin6_len.
955 	 */
956 	if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6))
957 		return (EINVAL);
958 	/*
959 	 * Because the IPv6 address architecture is classless, we require
960 	 * users to specify a (non 0) prefix length (mask) for a new address.
961 	 * We also require the prefix (when specified) mask is valid, and thus
962 	 * reject a non-consecutive mask.
963 	 */
964 	if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0)
965 		return (EINVAL);
966 	if (ifra->ifra_prefixmask.sin6_len != 0) {
967 		plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
968 		    (u_char *)&ifra->ifra_prefixmask +
969 		    ifra->ifra_prefixmask.sin6_len);
970 		if (plen <= 0)
971 			return (EINVAL);
972 	} else {
973 		/*
974 		 * In this case, ia must not be NULL.  We just use its prefix
975 		 * length.
976 		 */
977 		plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL);
978 	}
979 	/*
980 	 * If the destination address on a p2p interface is specified,
981 	 * and the address is a scoped one, validate/set the scope
982 	 * zone identifier.
983 	 */
984 	dst6 = ifra->ifra_dstaddr;
985 	if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 &&
986 	    (dst6.sin6_family == AF_INET6)) {
987 		struct in6_addr in6_tmp;
988 		u_int32_t zoneid;
989 
990 		in6_tmp = dst6.sin6_addr;
991 		if (in6_setscope(&in6_tmp, ifp, &zoneid))
992 			return (EINVAL); /* XXX: should be impossible */
993 
994 		if (dst6.sin6_scope_id != 0) {
995 			if (dst6.sin6_scope_id != zoneid)
996 				return (EINVAL);
997 		} else		/* user omit to specify the ID. */
998 			dst6.sin6_scope_id = zoneid;
999 
1000 		/* convert into the internal form */
1001 		if (sa6_embedscope(&dst6, 0))
1002 			return (EINVAL); /* XXX: should be impossible */
1003 	}
1004 	/* Modify original ifra_dstaddr to reflect changes */
1005 	ifra->ifra_dstaddr = dst6;
1006 
1007 	/*
1008 	 * The destination address can be specified only for a p2p or a
1009 	 * loopback interface.  If specified, the corresponding prefix length
1010 	 * must be 128.
1011 	 */
1012 	if (ifra->ifra_dstaddr.sin6_family == AF_INET6) {
1013 		if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) {
1014 			/* XXX: noisy message */
1015 			nd6log((LOG_INFO, "in6_update_ifa: a destination can "
1016 			    "be specified for a p2p or a loopback IF only\n"));
1017 			return (EINVAL);
1018 		}
1019 		if (plen != 128) {
1020 			nd6log((LOG_INFO, "in6_update_ifa: prefixlen should "
1021 			    "be 128 when dstaddr is specified\n"));
1022 			return (EINVAL);
1023 		}
1024 	}
1025 	/* lifetime consistency check */
1026 	lt = &ifra->ifra_lifetime;
1027 	if (lt->ia6t_pltime > lt->ia6t_vltime)
1028 		return (EINVAL);
1029 	if (lt->ia6t_vltime == 0) {
1030 		/*
1031 		 * the following log might be noisy, but this is a typical
1032 		 * configuration mistake or a tool's bug.
1033 		 */
1034 		nd6log((LOG_INFO,
1035 		    "in6_update_ifa: valid lifetime is 0 for %s\n",
1036 		    ip6_sprintf(ip6buf, &ifra->ifra_addr.sin6_addr)));
1037 
1038 		if (ia == NULL)
1039 			return (0); /* there's nothing to do */
1040 	}
1041 
1042 	/* Check prefix mask */
1043 	if (ia != NULL && ifra->ifra_prefixmask.sin6_len != 0) {
1044 		/*
1045 		 * We prohibit changing the prefix length of an existing
1046 		 * address, because
1047 		 * + such an operation should be rare in IPv6, and
1048 		 * + the operation would confuse prefix management.
1049 		 */
1050 		if (ia->ia_prefixmask.sin6_len != 0 &&
1051 		    in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) {
1052 			nd6log((LOG_INFO, "in6_validate_ifa: the prefix length "
1053 			    "of an existing %s address should not be changed\n",
1054 			    ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
1055 
1056 			return (EINVAL);
1057 		}
1058 	}
1059 
1060 	return (0);
1061 }
1062 
1063 /*
1064  * Allocate a new ifaddr and link it into chains.
1065  */
1066 static struct in6_ifaddr *
1067 in6_alloc_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, int flags)
1068 {
1069 	struct in6_ifaddr *ia;
1070 
1071 	/*
1072 	 * When in6_alloc_ifa() is called in a process of a received
1073 	 * RA, it is called under an interrupt context.  So, we should
1074 	 * call malloc with M_NOWAIT.
1075 	 */
1076 	ia = (struct in6_ifaddr *)ifa_alloc(sizeof(*ia), M_NOWAIT);
1077 	if (ia == NULL)
1078 		return (NULL);
1079 	LIST_INIT(&ia->ia6_memberships);
1080 	/* Initialize the address and masks, and put time stamp */
1081 	ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr;
1082 	ia->ia_addr.sin6_family = AF_INET6;
1083 	ia->ia_addr.sin6_len = sizeof(ia->ia_addr);
1084 	/* XXX: Can we assign ,sin6_addr and skip the rest? */
1085 	ia->ia_addr = ifra->ifra_addr;
1086 	ia->ia6_createtime = time_uptime;
1087 	if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) {
1088 		/*
1089 		 * Some functions expect that ifa_dstaddr is not
1090 		 * NULL for p2p interfaces.
1091 		 */
1092 		ia->ia_ifa.ifa_dstaddr =
1093 		    (struct sockaddr *)&ia->ia_dstaddr;
1094 	} else {
1095 		ia->ia_ifa.ifa_dstaddr = NULL;
1096 	}
1097 
1098 	/* set prefix mask if any */
1099 	ia->ia_ifa.ifa_netmask = (struct sockaddr *)&ia->ia_prefixmask;
1100 	if (ifra->ifra_prefixmask.sin6_len != 0) {
1101 		ia->ia_prefixmask.sin6_family = AF_INET6;
1102 		ia->ia_prefixmask.sin6_len = ifra->ifra_prefixmask.sin6_len;
1103 		ia->ia_prefixmask.sin6_addr = ifra->ifra_prefixmask.sin6_addr;
1104 	}
1105 
1106 	ia->ia_ifp = ifp;
1107 	ifa_ref(&ia->ia_ifa);			/* if_addrhead */
1108 	IF_ADDR_WLOCK(ifp);
1109 	CK_STAILQ_INSERT_TAIL(&ifp->if_addrhead, &ia->ia_ifa, ifa_link);
1110 	IF_ADDR_WUNLOCK(ifp);
1111 
1112 	ifa_ref(&ia->ia_ifa);			/* in6_ifaddrhead */
1113 	IN6_IFADDR_WLOCK();
1114 	CK_STAILQ_INSERT_TAIL(&V_in6_ifaddrhead, ia, ia_link);
1115 	CK_LIST_INSERT_HEAD(IN6ADDR_HASH(&ia->ia_addr.sin6_addr), ia, ia6_hash);
1116 	IN6_IFADDR_WUNLOCK();
1117 
1118 	return (ia);
1119 }
1120 
1121 /*
1122  * Update/configure interface address parameters:
1123  *
1124  * 1) Update lifetime
1125  * 2) Update interface metric ad flags
1126  * 3) Notify other subsystems
1127  */
1128 static int
1129 in6_update_ifa_internal(struct ifnet *ifp, struct in6_aliasreq *ifra,
1130     struct in6_ifaddr *ia, int hostIsNew, int flags)
1131 {
1132 	int error;
1133 
1134 	/* update timestamp */
1135 	ia->ia6_updatetime = time_uptime;
1136 
1137 	/*
1138 	 * Set lifetimes.  We do not refer to ia6t_expire and ia6t_preferred
1139 	 * to see if the address is deprecated or invalidated, but initialize
1140 	 * these members for applications.
1141 	 */
1142 	ia->ia6_lifetime = ifra->ifra_lifetime;
1143 	if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
1144 		ia->ia6_lifetime.ia6t_expire =
1145 		    time_uptime + ia->ia6_lifetime.ia6t_vltime;
1146 	} else
1147 		ia->ia6_lifetime.ia6t_expire = 0;
1148 	if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
1149 		ia->ia6_lifetime.ia6t_preferred =
1150 		    time_uptime + ia->ia6_lifetime.ia6t_pltime;
1151 	} else
1152 		ia->ia6_lifetime.ia6t_preferred = 0;
1153 
1154 	/*
1155 	 * backward compatibility - if IN6_IFF_DEPRECATED is set from the
1156 	 * userland, make it deprecated.
1157 	 */
1158 	if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) {
1159 		ia->ia6_lifetime.ia6t_pltime = 0;
1160 		ia->ia6_lifetime.ia6t_preferred = time_uptime;
1161 	}
1162 
1163 	/*
1164 	 * configure address flags.
1165 	 */
1166 	ia->ia6_flags = ifra->ifra_flags;
1167 
1168 	/*
1169 	 * Make the address tentative before joining multicast addresses,
1170 	 * so that corresponding MLD responses would not have a tentative
1171 	 * source address.
1172 	 */
1173 	ia->ia6_flags &= ~IN6_IFF_DUPLICATED;	/* safety */
1174 
1175 	/*
1176 	 * DAD should be performed for an new address or addresses on
1177 	 * an interface with ND6_IFF_IFDISABLED.
1178 	 */
1179 	if (in6if_do_dad(ifp) &&
1180 	    (hostIsNew || (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED)))
1181 		ia->ia6_flags |= IN6_IFF_TENTATIVE;
1182 
1183 	/* notify other subsystems */
1184 	error = in6_notify_ifa(ifp, ia, ifra, hostIsNew);
1185 
1186 	return (error);
1187 }
1188 
1189 /*
1190  * Do link-level ifa job:
1191  * 1) Add lle entry for added address
1192  * 2) Notifies routing socket users about new address
1193  * 3) join appropriate multicast group
1194  * 4) start DAD if enabled
1195  */
1196 static int
1197 in6_broadcast_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra,
1198     struct in6_ifaddr *ia, int flags)
1199 {
1200 	struct in6_multi *in6m_sol;
1201 	int error = 0;
1202 
1203 	/* Add local address to lltable, if necessary (ex. on p2p link). */
1204 	if ((error = nd6_add_ifa_lle(ia)) != 0) {
1205 		in6_purgeaddr(&ia->ia_ifa);
1206 		ifa_free(&ia->ia_ifa);
1207 		return (error);
1208 	}
1209 
1210 	/* Join necessary multicast groups. */
1211 	in6m_sol = NULL;
1212 	if ((ifp->if_flags & IFF_MULTICAST) != 0) {
1213 		error = in6_update_ifa_join_mc(ifp, ifra, ia, flags, &in6m_sol);
1214 		if (error != 0) {
1215 			in6_purgeaddr(&ia->ia_ifa);
1216 			ifa_free(&ia->ia_ifa);
1217 			return (error);
1218 		}
1219 	}
1220 
1221 	/* Perform DAD, if the address is TENTATIVE. */
1222 	if ((ia->ia6_flags & IN6_IFF_TENTATIVE)) {
1223 		int delay, mindelay, maxdelay;
1224 
1225 		delay = 0;
1226 		if ((flags & IN6_IFAUPDATE_DADDELAY)) {
1227 			/*
1228 			 * We need to impose a delay before sending an NS
1229 			 * for DAD.  Check if we also needed a delay for the
1230 			 * corresponding MLD message.  If we did, the delay
1231 			 * should be larger than the MLD delay (this could be
1232 			 * relaxed a bit, but this simple logic is at least
1233 			 * safe).
1234 			 * XXX: Break data hiding guidelines and look at
1235 			 * state for the solicited multicast group.
1236 			 */
1237 			mindelay = 0;
1238 			if (in6m_sol != NULL &&
1239 			    in6m_sol->in6m_state == MLD_REPORTING_MEMBER) {
1240 				mindelay = in6m_sol->in6m_timer;
1241 			}
1242 			maxdelay = MAX_RTR_SOLICITATION_DELAY * hz;
1243 			if (maxdelay - mindelay == 0)
1244 				delay = 0;
1245 			else {
1246 				delay =
1247 				    (arc4random() % (maxdelay - mindelay)) +
1248 				    mindelay;
1249 			}
1250 		}
1251 		nd6_dad_start((struct ifaddr *)ia, delay);
1252 	}
1253 
1254 	in6_newaddrmsg(ia, RTM_ADD);
1255 	ifa_free(&ia->ia_ifa);
1256 	return (error);
1257 }
1258 
1259 /*
1260  * Adds or deletes interface route for p2p ifa.
1261  * Returns 0 on success or errno.
1262  */
1263 static int
1264 in6_handle_dstaddr_rtrequest(int cmd, struct in6_ifaddr *ia)
1265 {
1266 	struct epoch_tracker et;
1267 	struct ifaddr *ifa = &ia->ia_ifa;
1268 	int error;
1269 
1270 	/* Prepare gateway */
1271 	struct sockaddr_dl_short sdl = {
1272 		.sdl_family = AF_LINK,
1273 		.sdl_len = sizeof(struct sockaddr_dl_short),
1274 		.sdl_type = ifa->ifa_ifp->if_type,
1275 		.sdl_index = ifa->ifa_ifp->if_index,
1276 	};
1277 
1278 	struct sockaddr_in6 dst = {
1279 		.sin6_family = AF_INET6,
1280 		.sin6_len = sizeof(struct sockaddr_in6),
1281 		.sin6_addr = ia->ia_dstaddr.sin6_addr,
1282 	};
1283 
1284 	struct rt_addrinfo info = {
1285 		.rti_ifa = ifa,
1286 		.rti_flags = RTF_PINNED | RTF_HOST,
1287 		.rti_info = {
1288 			[RTAX_DST] = (struct sockaddr *)&dst,
1289 			[RTAX_GATEWAY] = (struct sockaddr *)&sdl,
1290 		},
1291 	};
1292 	/* Don't set additional per-gw filters on removal */
1293 
1294 	NET_EPOCH_ENTER(et);
1295 	error = rib_handle_ifaddr_info(ifa->ifa_ifp->if_fib, cmd, &info);
1296 	NET_EPOCH_EXIT(et);
1297 
1298 	return (error);
1299 }
1300 
1301 static bool
1302 ifa_is_p2p(struct in6_ifaddr *ia)
1303 {
1304 	int plen;
1305 
1306 	plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */
1307 
1308 	if ((plen == 128) && (ia->ia_dstaddr.sin6_family == AF_INET6) &&
1309 	    !IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, &ia->ia_dstaddr.sin6_addr))
1310 		return (true);
1311 
1312 	return (false);
1313 }
1314 
1315 void
1316 in6_purgeaddr(struct ifaddr *ifa)
1317 {
1318 	struct ifnet *ifp = ifa->ifa_ifp;
1319 	struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa;
1320 	struct in6_multi_mship *imm;
1321 	int error;
1322 
1323 	if (ifa->ifa_carp)
1324 		(*carp_detach_p)(ifa, false);
1325 
1326 	/*
1327 	 * Remove the loopback route to the interface address.
1328 	 * The check for the current setting of "nd6_useloopback"
1329 	 * is not needed.
1330 	 */
1331 	if (ia->ia_flags & IFA_RTSELF) {
1332 		error = ifa_del_loopback_route((struct ifaddr *)ia,
1333 		    (struct sockaddr *)&ia->ia_addr);
1334 		if (error == 0)
1335 			ia->ia_flags &= ~IFA_RTSELF;
1336 	}
1337 
1338 	/* stop DAD processing */
1339 	nd6_dad_stop(ifa);
1340 
1341 	/* Leave multicast groups. */
1342 	while ((imm = LIST_FIRST(&ia->ia6_memberships)) != NULL) {
1343 		LIST_REMOVE(imm, i6mm_chain);
1344 		if (imm->i6mm_maddr != NULL)
1345 			in6_leavegroup(imm->i6mm_maddr, NULL);
1346 		free(imm, M_IP6MADDR);
1347 	}
1348 	/* Check if we need to remove p2p route */
1349 	if ((ia->ia_flags & IFA_ROUTE) && ifa_is_p2p(ia)) {
1350 		error = in6_handle_dstaddr_rtrequest(RTM_DELETE, ia);
1351 		if (error != 0)
1352 			log(LOG_INFO, "%s: err=%d, destination address delete "
1353 			    "failed\n", __func__, error);
1354 		ia->ia_flags &= ~IFA_ROUTE;
1355 	}
1356 
1357 	in6_newaddrmsg(ia, RTM_DELETE);
1358 	in6_unlink_ifa(ia, ifp);
1359 }
1360 
1361 /*
1362  * Removes @ia from the corresponding interfaces and unlinks corresponding
1363  *  prefix if no addresses are using it anymore.
1364  */
1365 void
1366 in6_purgeifaddr(struct in6_ifaddr *ia)
1367 {
1368 	struct nd_prefix *pr;
1369 
1370 	/*
1371 	 * If the address being deleted is the only one that owns
1372 	 * the corresponding prefix, expire the prefix as well.
1373 	 * XXX: theoretically, we don't have to worry about such
1374 	 * relationship, since we separate the address management
1375 	 * and the prefix management.  We do this, however, to provide
1376 	 * as much backward compatibility as possible in terms of
1377 	 * the ioctl operation.
1378 	 * Note that in6_purgeaddr() will decrement ndpr_addrcnt.
1379 	 */
1380 	pr = ia->ia6_ndpr;
1381 	in6_purgeaddr(&ia->ia_ifa);
1382 	if (pr != NULL && pr->ndpr_addrcnt == 0) {
1383 		ND6_WLOCK();
1384 		nd6_prefix_unlink(pr, NULL);
1385 		ND6_WUNLOCK();
1386 		nd6_prefix_del(pr);
1387 	}
1388 }
1389 
1390 
1391 static void
1392 in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp)
1393 {
1394 	char ip6buf[INET6_ADDRSTRLEN];
1395 	int remove_lle;
1396 
1397 	IF_ADDR_WLOCK(ifp);
1398 	CK_STAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifaddr, ifa_link);
1399 	IF_ADDR_WUNLOCK(ifp);
1400 	ifa_free(&ia->ia_ifa);			/* if_addrhead */
1401 
1402 	/*
1403 	 * Defer the release of what might be the last reference to the
1404 	 * in6_ifaddr so that it can't be freed before the remainder of the
1405 	 * cleanup.
1406 	 */
1407 	IN6_IFADDR_WLOCK();
1408 	CK_STAILQ_REMOVE(&V_in6_ifaddrhead, ia, in6_ifaddr, ia_link);
1409 	CK_LIST_REMOVE(ia, ia6_hash);
1410 	IN6_IFADDR_WUNLOCK();
1411 
1412 	/*
1413 	 * Release the reference to the base prefix.  There should be a
1414 	 * positive reference.
1415 	 */
1416 	remove_lle = 0;
1417 	if (ia->ia6_ndpr == NULL) {
1418 		nd6log((LOG_NOTICE,
1419 		    "in6_unlink_ifa: autoconf'ed address "
1420 		    "%s has no prefix\n", ip6_sprintf(ip6buf, IA6_IN6(ia))));
1421 	} else {
1422 		ia->ia6_ndpr->ndpr_addrcnt--;
1423 		/* Do not delete lles within prefix if refcont != 0 */
1424 		if (ia->ia6_ndpr->ndpr_addrcnt == 0)
1425 			remove_lle = 1;
1426 		ia->ia6_ndpr = NULL;
1427 	}
1428 
1429 	nd6_rem_ifa_lle(ia, remove_lle);
1430 
1431 	/*
1432 	 * Also, if the address being removed is autoconf'ed, call
1433 	 * pfxlist_onlink_check() since the release might affect the status of
1434 	 * other (detached) addresses.
1435 	 */
1436 	if ((ia->ia6_flags & IN6_IFF_AUTOCONF)) {
1437 		pfxlist_onlink_check();
1438 	}
1439 	ifa_free(&ia->ia_ifa);			/* in6_ifaddrhead */
1440 }
1441 
1442 /*
1443  * Notifies other subsystems about address change/arrival:
1444  * 1) Notifies device handler on the first IPv6 address assignment
1445  * 2) Handle routing table changes for P2P links and route
1446  * 3) Handle routing table changes for address host route
1447  */
1448 static int
1449 in6_notify_ifa(struct ifnet *ifp, struct in6_ifaddr *ia,
1450     struct in6_aliasreq *ifra, int hostIsNew)
1451 {
1452 	int	error = 0, ifacount = 0;
1453 	struct ifaddr *ifa;
1454 	struct sockaddr_in6 *pdst;
1455 	char ip6buf[INET6_ADDRSTRLEN];
1456 
1457 	/*
1458 	 * Give the interface a chance to initialize
1459 	 * if this is its first address,
1460 	 */
1461 	if (hostIsNew != 0) {
1462 		struct epoch_tracker et;
1463 
1464 		NET_EPOCH_ENTER(et);
1465 		CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1466 			if (ifa->ifa_addr->sa_family != AF_INET6)
1467 				continue;
1468 			ifacount++;
1469 		}
1470 		NET_EPOCH_EXIT(et);
1471 	}
1472 
1473 	if (ifacount <= 1 && ifp->if_ioctl) {
1474 		error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia);
1475 		if (error)
1476 			goto done;
1477 	}
1478 
1479 	/*
1480 	 * If a new destination address is specified, scrub the old one and
1481 	 * install the new destination.  Note that the interface must be
1482 	 * p2p or loopback.
1483 	 */
1484 	pdst = &ifra->ifra_dstaddr;
1485 	if (pdst->sin6_family == AF_INET6 &&
1486 	    !IN6_ARE_ADDR_EQUAL(&pdst->sin6_addr, &ia->ia_dstaddr.sin6_addr)) {
1487 		if ((ia->ia_flags & IFA_ROUTE) != 0 &&
1488 		    (in6_handle_dstaddr_rtrequest(RTM_DELETE, ia) != 0)) {
1489 			nd6log((LOG_ERR, "in6_update_ifa_internal: failed to "
1490 			    "remove a route to the old destination: %s\n",
1491 			    ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
1492 			/* proceed anyway... */
1493 		} else
1494 			ia->ia_flags &= ~IFA_ROUTE;
1495 		ia->ia_dstaddr = *pdst;
1496 	}
1497 
1498 	/*
1499 	 * If a new destination address is specified for a point-to-point
1500 	 * interface, install a route to the destination as an interface
1501 	 * direct route.
1502 	 * XXX: the logic below rejects assigning multiple addresses on a p2p
1503 	 * interface that share the same destination.
1504 	 */
1505 	if (!(ia->ia_flags & IFA_ROUTE) && ifa_is_p2p(ia)) {
1506 		error = in6_handle_dstaddr_rtrequest(RTM_ADD, ia);
1507 		if (error)
1508 			goto done;
1509 		ia->ia_flags |= IFA_ROUTE;
1510 	}
1511 
1512 	/*
1513 	 * add a loopback route to self if not exists
1514 	 */
1515 	if (!(ia->ia_flags & IFA_RTSELF) && V_nd6_useloopback) {
1516 		error = ifa_add_loopback_route((struct ifaddr *)ia,
1517 		    (struct sockaddr *)&ia->ia_addr);
1518 		if (error == 0)
1519 			ia->ia_flags |= IFA_RTSELF;
1520 	}
1521 done:
1522 	WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
1523 	    "Invoking IPv6 network device address event may sleep");
1524 
1525 	ifa_ref(&ia->ia_ifa);
1526 	EVENTHANDLER_INVOKE(ifaddr_event_ext, ifp, &ia->ia_ifa,
1527 	    IFADDR_EVENT_ADD);
1528 	ifa_free(&ia->ia_ifa);
1529 
1530 	return (error);
1531 }
1532 
1533 /*
1534  * Find an IPv6 interface link-local address specific to an interface.
1535  * ifaddr is returned referenced.
1536  */
1537 struct in6_ifaddr *
1538 in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags)
1539 {
1540 	struct ifaddr *ifa;
1541 
1542 	NET_EPOCH_ASSERT();
1543 
1544 	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1545 		if (ifa->ifa_addr->sa_family != AF_INET6)
1546 			continue;
1547 		if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) {
1548 			if ((((struct in6_ifaddr *)ifa)->ia6_flags &
1549 			    ignoreflags) != 0)
1550 				continue;
1551 			ifa_ref(ifa);
1552 			break;
1553 		}
1554 	}
1555 
1556 	return ((struct in6_ifaddr *)ifa);
1557 }
1558 
1559 /*
1560  * find the interface address corresponding to a given IPv6 address.
1561  * ifaddr is returned referenced if @referenced flag is set.
1562  */
1563 struct in6_ifaddr *
1564 in6ifa_ifwithaddr(const struct in6_addr *addr, uint32_t zoneid, bool referenced)
1565 {
1566 	struct rm_priotracker in6_ifa_tracker;
1567 	struct in6_ifaddr *ia;
1568 
1569 	IN6_IFADDR_RLOCK(&in6_ifa_tracker);
1570 	CK_LIST_FOREACH(ia, IN6ADDR_HASH(addr), ia6_hash) {
1571 		if (IN6_ARE_ADDR_EQUAL(IA6_IN6(ia), addr)) {
1572 			if (zoneid != 0 &&
1573 			    zoneid != ia->ia_addr.sin6_scope_id)
1574 				continue;
1575 			if (referenced)
1576 				ifa_ref(&ia->ia_ifa);
1577 			break;
1578 		}
1579 	}
1580 	IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
1581 	return (ia);
1582 }
1583 
1584 /*
1585  * find the internet address corresponding to a given interface and address.
1586  * ifaddr is returned referenced.
1587  */
1588 struct in6_ifaddr *
1589 in6ifa_ifpwithaddr(struct ifnet *ifp, const struct in6_addr *addr)
1590 {
1591 	struct epoch_tracker et;
1592 	struct ifaddr *ifa;
1593 
1594 	NET_EPOCH_ENTER(et);
1595 	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1596 		if (ifa->ifa_addr->sa_family != AF_INET6)
1597 			continue;
1598 		if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) {
1599 			ifa_ref(ifa);
1600 			break;
1601 		}
1602 	}
1603 	NET_EPOCH_EXIT(et);
1604 
1605 	return ((struct in6_ifaddr *)ifa);
1606 }
1607 
1608 /*
1609  * Find a link-local scoped address on ifp and return it if any.
1610  */
1611 struct in6_ifaddr *
1612 in6ifa_llaonifp(struct ifnet *ifp)
1613 {
1614 	struct epoch_tracker et;
1615 	struct sockaddr_in6 *sin6;
1616 	struct ifaddr *ifa;
1617 
1618 	if (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED)
1619 		return (NULL);
1620 	NET_EPOCH_ENTER(et);
1621 	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1622 		if (ifa->ifa_addr->sa_family != AF_INET6)
1623 			continue;
1624 		sin6 = (struct sockaddr_in6 *)ifa->ifa_addr;
1625 		if (IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr) ||
1626 		    IN6_IS_ADDR_MC_INTFACELOCAL(&sin6->sin6_addr) ||
1627 		    IN6_IS_ADDR_MC_NODELOCAL(&sin6->sin6_addr))
1628 			break;
1629 	}
1630 	NET_EPOCH_EXIT(et);
1631 
1632 	return ((struct in6_ifaddr *)ifa);
1633 }
1634 
1635 /*
1636  * Convert IP6 address to printable (loggable) representation. Caller
1637  * has to make sure that ip6buf is at least INET6_ADDRSTRLEN long.
1638  */
1639 static char digits[] = "0123456789abcdef";
1640 char *
1641 ip6_sprintf(char *ip6buf, const struct in6_addr *addr)
1642 {
1643 	int i, cnt = 0, maxcnt = 0, idx = 0, index = 0;
1644 	char *cp;
1645 	const u_int16_t *a = (const u_int16_t *)addr;
1646 	const u_int8_t *d;
1647 	int dcolon = 0, zero = 0;
1648 
1649 	cp = ip6buf;
1650 
1651 	for (i = 0; i < 8; i++) {
1652 		if (*(a + i) == 0) {
1653 			cnt++;
1654 			if (cnt == 1)
1655 				idx = i;
1656 		}
1657 		else if (maxcnt < cnt) {
1658 			maxcnt = cnt;
1659 			index = idx;
1660 			cnt = 0;
1661 		}
1662 	}
1663 	if (maxcnt < cnt) {
1664 		maxcnt = cnt;
1665 		index = idx;
1666 	}
1667 
1668 	for (i = 0; i < 8; i++) {
1669 		if (dcolon == 1) {
1670 			if (*a == 0) {
1671 				if (i == 7)
1672 					*cp++ = ':';
1673 				a++;
1674 				continue;
1675 			} else
1676 				dcolon = 2;
1677 		}
1678 		if (*a == 0) {
1679 			if (dcolon == 0 && *(a + 1) == 0 && i == index) {
1680 				if (i == 0)
1681 					*cp++ = ':';
1682 				*cp++ = ':';
1683 				dcolon = 1;
1684 			} else {
1685 				*cp++ = '0';
1686 				*cp++ = ':';
1687 			}
1688 			a++;
1689 			continue;
1690 		}
1691 		d = (const u_char *)a;
1692 		/* Try to eliminate leading zeros in printout like in :0001. */
1693 		zero = 1;
1694 		*cp = digits[*d >> 4];
1695 		if (*cp != '0') {
1696 			zero = 0;
1697 			cp++;
1698 		}
1699 		*cp = digits[*d++ & 0xf];
1700 		if (zero == 0 || (*cp != '0')) {
1701 			zero = 0;
1702 			cp++;
1703 		}
1704 		*cp = digits[*d >> 4];
1705 		if (zero == 0 || (*cp != '0')) {
1706 			zero = 0;
1707 			cp++;
1708 		}
1709 		*cp++ = digits[*d & 0xf];
1710 		*cp++ = ':';
1711 		a++;
1712 	}
1713 	*--cp = '\0';
1714 	return (ip6buf);
1715 }
1716 
1717 int
1718 in6_localaddr(struct in6_addr *in6)
1719 {
1720 	struct rm_priotracker in6_ifa_tracker;
1721 	struct in6_ifaddr *ia;
1722 
1723 	if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6))
1724 		return 1;
1725 
1726 	IN6_IFADDR_RLOCK(&in6_ifa_tracker);
1727 	CK_STAILQ_FOREACH(ia, &V_in6_ifaddrhead, ia_link) {
1728 		if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr,
1729 		    &ia->ia_prefixmask.sin6_addr)) {
1730 			IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
1731 			return 1;
1732 		}
1733 	}
1734 	IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
1735 
1736 	return (0);
1737 }
1738 
1739 /*
1740  * Return 1 if an internet address is for the local host and configured
1741  * on one of its interfaces.
1742  */
1743 int
1744 in6_localip(struct in6_addr *in6)
1745 {
1746 	struct rm_priotracker in6_ifa_tracker;
1747 	struct in6_ifaddr *ia;
1748 
1749 	IN6_IFADDR_RLOCK(&in6_ifa_tracker);
1750 	CK_LIST_FOREACH(ia, IN6ADDR_HASH(in6), ia6_hash) {
1751 		if (IN6_ARE_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr)) {
1752 			IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
1753 			return (1);
1754 		}
1755 	}
1756 	IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
1757 	return (0);
1758 }
1759 
1760 /*
1761  * Return 1 if an internet address is configured on an interface.
1762  */
1763 int
1764 in6_ifhasaddr(struct ifnet *ifp, struct in6_addr *addr)
1765 {
1766 	struct in6_addr in6;
1767 	struct ifaddr *ifa;
1768 	struct in6_ifaddr *ia6;
1769 
1770 	NET_EPOCH_ASSERT();
1771 
1772 	in6 = *addr;
1773 	if (in6_clearscope(&in6))
1774 		return (0);
1775 	in6_setscope(&in6, ifp, NULL);
1776 
1777 	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1778 		if (ifa->ifa_addr->sa_family != AF_INET6)
1779 			continue;
1780 		ia6 = (struct in6_ifaddr *)ifa;
1781 		if (IN6_ARE_ADDR_EQUAL(&ia6->ia_addr.sin6_addr, &in6))
1782 			return (1);
1783 	}
1784 
1785 	return (0);
1786 }
1787 
1788 int
1789 in6_is_addr_deprecated(struct sockaddr_in6 *sa6)
1790 {
1791 	struct rm_priotracker in6_ifa_tracker;
1792 	struct in6_ifaddr *ia;
1793 
1794 	IN6_IFADDR_RLOCK(&in6_ifa_tracker);
1795 	CK_LIST_FOREACH(ia, IN6ADDR_HASH(&sa6->sin6_addr), ia6_hash) {
1796 		if (IN6_ARE_ADDR_EQUAL(IA6_IN6(ia), &sa6->sin6_addr)) {
1797 			if (ia->ia6_flags & IN6_IFF_DEPRECATED) {
1798 				IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
1799 				return (1); /* true */
1800 			}
1801 			break;
1802 		}
1803 	}
1804 	IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
1805 
1806 	return (0);		/* false */
1807 }
1808 
1809 /*
1810  * return length of part which dst and src are equal
1811  * hard coding...
1812  */
1813 int
1814 in6_matchlen(struct in6_addr *src, struct in6_addr *dst)
1815 {
1816 	int match = 0;
1817 	u_char *s = (u_char *)src, *d = (u_char *)dst;
1818 	u_char *lim = s + 16, r;
1819 
1820 	while (s < lim)
1821 		if ((r = (*d++ ^ *s++)) != 0) {
1822 			while (r < 128) {
1823 				match++;
1824 				r <<= 1;
1825 			}
1826 			break;
1827 		} else
1828 			match += 8;
1829 	return match;
1830 }
1831 
1832 /* XXX: to be scope conscious */
1833 int
1834 in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len)
1835 {
1836 	int bytelen, bitlen;
1837 
1838 	/* sanity check */
1839 	if (0 > len || len > 128) {
1840 		log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n",
1841 		    len);
1842 		return (0);
1843 	}
1844 
1845 	bytelen = len / 8;
1846 	bitlen = len % 8;
1847 
1848 	if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen))
1849 		return (0);
1850 	if (bitlen != 0 &&
1851 	    p1->s6_addr[bytelen] >> (8 - bitlen) !=
1852 	    p2->s6_addr[bytelen] >> (8 - bitlen))
1853 		return (0);
1854 
1855 	return (1);
1856 }
1857 
1858 void
1859 in6_prefixlen2mask(struct in6_addr *maskp, int len)
1860 {
1861 	u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff};
1862 	int bytelen, bitlen, i;
1863 
1864 	/* sanity check */
1865 	if (0 > len || len > 128) {
1866 		log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n",
1867 		    len);
1868 		return;
1869 	}
1870 
1871 	bzero(maskp, sizeof(*maskp));
1872 	bytelen = len / 8;
1873 	bitlen = len % 8;
1874 	for (i = 0; i < bytelen; i++)
1875 		maskp->s6_addr[i] = 0xff;
1876 	if (bitlen)
1877 		maskp->s6_addr[bytelen] = maskarray[bitlen - 1];
1878 }
1879 
1880 /*
1881  * return the best address out of the same scope. if no address was
1882  * found, return the first valid address from designated IF.
1883  */
1884 struct in6_ifaddr *
1885 in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst)
1886 {
1887 	int dst_scope =	in6_addrscope(dst), blen = -1, tlen;
1888 	struct ifaddr *ifa;
1889 	struct in6_ifaddr *besta = NULL;
1890 	struct in6_ifaddr *dep[2];	/* last-resort: deprecated */
1891 
1892 	NET_EPOCH_ASSERT();
1893 
1894 	dep[0] = dep[1] = NULL;
1895 
1896 	/*
1897 	 * We first look for addresses in the same scope.
1898 	 * If there is one, return it.
1899 	 * If two or more, return one which matches the dst longest.
1900 	 * If none, return one of global addresses assigned other ifs.
1901 	 */
1902 	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1903 		if (ifa->ifa_addr->sa_family != AF_INET6)
1904 			continue;
1905 		if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
1906 			continue; /* XXX: is there any case to allow anycast? */
1907 		if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
1908 			continue; /* don't use this interface */
1909 		if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
1910 			continue;
1911 		if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
1912 			if (V_ip6_use_deprecated)
1913 				dep[0] = (struct in6_ifaddr *)ifa;
1914 			continue;
1915 		}
1916 
1917 		if (dst_scope == in6_addrscope(IFA_IN6(ifa))) {
1918 			/*
1919 			 * call in6_matchlen() as few as possible
1920 			 */
1921 			if (besta) {
1922 				if (blen == -1)
1923 					blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst);
1924 				tlen = in6_matchlen(IFA_IN6(ifa), dst);
1925 				if (tlen > blen) {
1926 					blen = tlen;
1927 					besta = (struct in6_ifaddr *)ifa;
1928 				}
1929 			} else
1930 				besta = (struct in6_ifaddr *)ifa;
1931 		}
1932 	}
1933 	if (besta)
1934 		return (besta);
1935 
1936 	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1937 		if (ifa->ifa_addr->sa_family != AF_INET6)
1938 			continue;
1939 		if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
1940 			continue; /* XXX: is there any case to allow anycast? */
1941 		if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
1942 			continue; /* don't use this interface */
1943 		if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
1944 			continue;
1945 		if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
1946 			if (V_ip6_use_deprecated)
1947 				dep[1] = (struct in6_ifaddr *)ifa;
1948 			continue;
1949 		}
1950 
1951 		return (struct in6_ifaddr *)ifa;
1952 	}
1953 
1954 	/* use the last-resort values, that are, deprecated addresses */
1955 	if (dep[0])
1956 		return dep[0];
1957 	if (dep[1])
1958 		return dep[1];
1959 
1960 	return NULL;
1961 }
1962 
1963 /*
1964  * perform DAD when interface becomes IFF_UP.
1965  */
1966 void
1967 in6_if_up(struct ifnet *ifp)
1968 {
1969 	struct epoch_tracker et;
1970 	struct ifaddr *ifa;
1971 	struct in6_ifaddr *ia;
1972 
1973 	NET_EPOCH_ENTER(et);
1974 	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1975 		if (ifa->ifa_addr->sa_family != AF_INET6)
1976 			continue;
1977 		ia = (struct in6_ifaddr *)ifa;
1978 		if (ia->ia6_flags & IN6_IFF_TENTATIVE) {
1979 			/*
1980 			 * The TENTATIVE flag was likely set by hand
1981 			 * beforehand, implicitly indicating the need for DAD.
1982 			 * We may be able to skip the random delay in this
1983 			 * case, but we impose delays just in case.
1984 			 */
1985 			nd6_dad_start(ifa,
1986 			    arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz));
1987 		}
1988 	}
1989 	NET_EPOCH_EXIT(et);
1990 
1991 	/*
1992 	 * special cases, like 6to4, are handled in in6_ifattach
1993 	 */
1994 	in6_ifattach(ifp, NULL);
1995 }
1996 
1997 int
1998 in6if_do_dad(struct ifnet *ifp)
1999 {
2000 
2001 	if ((ifp->if_flags & IFF_LOOPBACK) != 0)
2002 		return (0);
2003 	if ((ifp->if_flags & IFF_MULTICAST) == 0)
2004 		return (0);
2005 	if ((ND_IFINFO(ifp)->flags &
2006 	    (ND6_IFF_IFDISABLED | ND6_IFF_NO_DAD)) != 0)
2007 		return (0);
2008 	return (1);
2009 }
2010 
2011 /*
2012  * Calculate max IPv6 MTU through all the interfaces and store it
2013  * to in6_maxmtu.
2014  */
2015 void
2016 in6_setmaxmtu(void)
2017 {
2018 	struct epoch_tracker et;
2019 	unsigned long maxmtu = 0;
2020 	struct ifnet *ifp;
2021 
2022 	NET_EPOCH_ENTER(et);
2023 	CK_STAILQ_FOREACH(ifp, &V_ifnet, if_link) {
2024 		/* this function can be called during ifnet initialization */
2025 		if (!ifp->if_afdata[AF_INET6])
2026 			continue;
2027 		if ((ifp->if_flags & IFF_LOOPBACK) == 0 &&
2028 		    IN6_LINKMTU(ifp) > maxmtu)
2029 			maxmtu = IN6_LINKMTU(ifp);
2030 	}
2031 	NET_EPOCH_EXIT(et);
2032 	if (maxmtu)	/* update only when maxmtu is positive */
2033 		V_in6_maxmtu = maxmtu;
2034 }
2035 
2036 /*
2037  * Provide the length of interface identifiers to be used for the link attached
2038  * to the given interface.  The length should be defined in "IPv6 over
2039  * xxx-link" document.  Note that address architecture might also define
2040  * the length for a particular set of address prefixes, regardless of the
2041  * link type.  As clarified in rfc2462bis, those two definitions should be
2042  * consistent, and those really are as of August 2004.
2043  */
2044 int
2045 in6_if2idlen(struct ifnet *ifp)
2046 {
2047 	switch (ifp->if_type) {
2048 	case IFT_ETHER:		/* RFC2464 */
2049 	case IFT_PROPVIRTUAL:	/* XXX: no RFC. treat it as ether */
2050 	case IFT_L2VLAN:	/* ditto */
2051 	case IFT_BRIDGE:	/* bridge(4) only does Ethernet-like links */
2052 	case IFT_INFINIBAND:
2053 		return (64);
2054 	case IFT_PPP:		/* RFC2472 */
2055 		return (64);
2056 	case IFT_FRELAY:	/* RFC2590 */
2057 		return (64);
2058 	case IFT_IEEE1394:	/* RFC3146 */
2059 		return (64);
2060 	case IFT_GIF:
2061 		return (64);	/* draft-ietf-v6ops-mech-v2-07 */
2062 	case IFT_LOOP:
2063 		return (64);	/* XXX: is this really correct? */
2064 	default:
2065 		/*
2066 		 * Unknown link type:
2067 		 * It might be controversial to use the today's common constant
2068 		 * of 64 for these cases unconditionally.  For full compliance,
2069 		 * we should return an error in this case.  On the other hand,
2070 		 * if we simply miss the standard for the link type or a new
2071 		 * standard is defined for a new link type, the IFID length
2072 		 * is very likely to be the common constant.  As a compromise,
2073 		 * we always use the constant, but make an explicit notice
2074 		 * indicating the "unknown" case.
2075 		 */
2076 		printf("in6_if2idlen: unknown link type (%d)\n", ifp->if_type);
2077 		return (64);
2078 	}
2079 }
2080 
2081 struct in6_llentry {
2082 	struct llentry		base;
2083 };
2084 
2085 #define	IN6_LLTBL_DEFAULT_HSIZE	32
2086 #define	IN6_LLTBL_HASH(k, h) \
2087 	(((((((k >> 8) ^ k) >> 8) ^ k) >> 8) ^ k) & ((h) - 1))
2088 
2089 /*
2090  * Do actual deallocation of @lle.
2091  */
2092 static void
2093 in6_lltable_destroy_lle_unlocked(epoch_context_t ctx)
2094 {
2095 	struct llentry *lle;
2096 
2097 	lle = __containerof(ctx, struct llentry, lle_epoch_ctx);
2098 	LLE_LOCK_DESTROY(lle);
2099 	LLE_REQ_DESTROY(lle);
2100 	free(lle, M_LLTABLE);
2101 }
2102 
2103 /*
2104  * Called by LLE_FREE_LOCKED when number of references
2105  * drops to zero.
2106  */
2107 static void
2108 in6_lltable_destroy_lle(struct llentry *lle)
2109 {
2110 
2111 	LLE_WUNLOCK(lle);
2112 	NET_EPOCH_CALL(in6_lltable_destroy_lle_unlocked, &lle->lle_epoch_ctx);
2113 }
2114 
2115 static struct llentry *
2116 in6_lltable_new(const struct in6_addr *addr6, u_int flags)
2117 {
2118 	struct in6_llentry *lle;
2119 
2120 	lle = malloc(sizeof(struct in6_llentry), M_LLTABLE, M_NOWAIT | M_ZERO);
2121 	if (lle == NULL)		/* NB: caller generates msg */
2122 		return NULL;
2123 
2124 	lle->base.r_l3addr.addr6 = *addr6;
2125 	lle->base.lle_refcnt = 1;
2126 	lle->base.lle_free = in6_lltable_destroy_lle;
2127 	LLE_LOCK_INIT(&lle->base);
2128 	LLE_REQ_INIT(&lle->base);
2129 	callout_init(&lle->base.lle_timer, 1);
2130 
2131 	return (&lle->base);
2132 }
2133 
2134 static int
2135 in6_lltable_match_prefix(const struct sockaddr *saddr,
2136     const struct sockaddr *smask, u_int flags, struct llentry *lle)
2137 {
2138 	const struct in6_addr *addr, *mask, *lle_addr;
2139 
2140 	addr = &((const struct sockaddr_in6 *)saddr)->sin6_addr;
2141 	mask = &((const struct sockaddr_in6 *)smask)->sin6_addr;
2142 	lle_addr = &lle->r_l3addr.addr6;
2143 
2144 	if (IN6_ARE_MASKED_ADDR_EQUAL(lle_addr, addr, mask) == 0)
2145 		return (0);
2146 
2147 	if (lle->la_flags & LLE_IFADDR) {
2148 		/*
2149 		 * Delete LLE_IFADDR records IFF address & flag matches.
2150 		 * Note that addr is the interface address within prefix
2151 		 * being matched.
2152 		 */
2153 		if (IN6_ARE_ADDR_EQUAL(addr, lle_addr) &&
2154 		    (flags & LLE_STATIC) != 0)
2155 			return (1);
2156 		return (0);
2157 	}
2158 
2159 	/* flags & LLE_STATIC means deleting both dynamic and static entries */
2160 	if ((flags & LLE_STATIC) || !(lle->la_flags & LLE_STATIC))
2161 		return (1);
2162 
2163 	return (0);
2164 }
2165 
2166 static void
2167 in6_lltable_free_entry(struct lltable *llt, struct llentry *lle)
2168 {
2169 	struct ifnet *ifp;
2170 
2171 	LLE_WLOCK_ASSERT(lle);
2172 	KASSERT(llt != NULL, ("lltable is NULL"));
2173 
2174 	/* Unlink entry from table */
2175 	if ((lle->la_flags & LLE_LINKED) != 0) {
2176 		ifp = llt->llt_ifp;
2177 		IF_AFDATA_WLOCK_ASSERT(ifp);
2178 		lltable_unlink_entry(llt, lle);
2179 	}
2180 
2181 	llentry_free(lle);
2182 }
2183 
2184 static int
2185 in6_lltable_rtcheck(struct ifnet *ifp,
2186 		    u_int flags,
2187 		    const struct sockaddr *l3addr)
2188 {
2189 	const struct sockaddr_in6 *sin6;
2190 	struct nhop_object *nh;
2191 	struct in6_addr dst;
2192 	uint32_t scopeid;
2193 	char ip6buf[INET6_ADDRSTRLEN];
2194 	int fibnum;
2195 
2196 	NET_EPOCH_ASSERT();
2197 	KASSERT(l3addr->sa_family == AF_INET6,
2198 	    ("sin_family %d", l3addr->sa_family));
2199 
2200 	sin6 = (const struct sockaddr_in6 *)l3addr;
2201 	in6_splitscope(&sin6->sin6_addr, &dst, &scopeid);
2202 	fibnum = V_rt_add_addr_allfibs ? RT_DEFAULT_FIB : ifp->if_fib;
2203 	nh = fib6_lookup(fibnum, &dst, scopeid, NHR_NONE, 0);
2204 	if (nh && ((nh->nh_flags & NHF_GATEWAY) || nh->nh_ifp != ifp)) {
2205 		struct ifaddr *ifa;
2206 		/*
2207 		 * Create an ND6 cache for an IPv6 neighbor
2208 		 * that is not covered by our own prefix.
2209 		 */
2210 		ifa = ifaof_ifpforaddr(l3addr, ifp);
2211 		if (ifa != NULL) {
2212 			return 0;
2213 		}
2214 		log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n",
2215 		    ip6_sprintf(ip6buf, &sin6->sin6_addr));
2216 		return EINVAL;
2217 	}
2218 	return 0;
2219 }
2220 
2221 /*
2222  * Called by the datapath to indicate that the entry was used.
2223  */
2224 static void
2225 in6_lltable_mark_used(struct llentry *lle)
2226 {
2227 
2228 	LLE_REQ_LOCK(lle);
2229 	lle->r_skip_req = 0;
2230 
2231 	/*
2232 	 * Set the hit time so the callback function
2233 	 * can determine the remaining time before
2234 	 * transiting to the DELAY state.
2235 	 */
2236 	lle->lle_hittime = time_uptime;
2237 	LLE_REQ_UNLOCK(lle);
2238 }
2239 
2240 static inline uint32_t
2241 in6_lltable_hash_dst(const struct in6_addr *dst, uint32_t hsize)
2242 {
2243 
2244 	return (IN6_LLTBL_HASH(dst->s6_addr32[3], hsize));
2245 }
2246 
2247 static uint32_t
2248 in6_lltable_hash(const struct llentry *lle, uint32_t hsize)
2249 {
2250 
2251 	return (in6_lltable_hash_dst(&lle->r_l3addr.addr6, hsize));
2252 }
2253 
2254 static void
2255 in6_lltable_fill_sa_entry(const struct llentry *lle, struct sockaddr *sa)
2256 {
2257 	struct sockaddr_in6 *sin6;
2258 
2259 	sin6 = (struct sockaddr_in6 *)sa;
2260 	bzero(sin6, sizeof(*sin6));
2261 	sin6->sin6_family = AF_INET6;
2262 	sin6->sin6_len = sizeof(*sin6);
2263 	sin6->sin6_addr = lle->r_l3addr.addr6;
2264 }
2265 
2266 static inline struct llentry *
2267 in6_lltable_find_dst(struct lltable *llt, const struct in6_addr *dst)
2268 {
2269 	struct llentry *lle;
2270 	struct llentries *lleh;
2271 	u_int hashidx;
2272 
2273 	hashidx = in6_lltable_hash_dst(dst, llt->llt_hsize);
2274 	lleh = &llt->lle_head[hashidx];
2275 	CK_LIST_FOREACH(lle, lleh, lle_next) {
2276 		if (lle->la_flags & LLE_DELETED)
2277 			continue;
2278 		if (IN6_ARE_ADDR_EQUAL(&lle->r_l3addr.addr6, dst))
2279 			break;
2280 	}
2281 
2282 	return (lle);
2283 }
2284 
2285 static void
2286 in6_lltable_delete_entry(struct lltable *llt, struct llentry *lle)
2287 {
2288 
2289 	lle->la_flags |= LLE_DELETED;
2290 	EVENTHANDLER_INVOKE(lle_event, lle, LLENTRY_DELETED);
2291 #ifdef DIAGNOSTIC
2292 	log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle);
2293 #endif
2294 	llentry_free(lle);
2295 }
2296 
2297 static struct llentry *
2298 in6_lltable_alloc(struct lltable *llt, u_int flags,
2299 	const struct sockaddr *l3addr)
2300 {
2301 	const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr;
2302 	struct ifnet *ifp = llt->llt_ifp;
2303 	struct llentry *lle;
2304 	char linkhdr[LLE_MAX_LINKHDR];
2305 	size_t linkhdrsize;
2306 	int lladdr_off;
2307 
2308 	KASSERT(l3addr->sa_family == AF_INET6,
2309 	    ("sin_family %d", l3addr->sa_family));
2310 
2311 	/*
2312 	 * A route that covers the given address must have
2313 	 * been installed 1st because we are doing a resolution,
2314 	 * verify this.
2315 	 */
2316 	if (!(flags & LLE_IFADDR) &&
2317 	    in6_lltable_rtcheck(ifp, flags, l3addr) != 0)
2318 		return (NULL);
2319 
2320 	lle = in6_lltable_new(&sin6->sin6_addr, flags);
2321 	if (lle == NULL) {
2322 		log(LOG_INFO, "lla_lookup: new lle malloc failed\n");
2323 		return (NULL);
2324 	}
2325 	lle->la_flags = flags;
2326 	if ((flags & LLE_IFADDR) == LLE_IFADDR) {
2327 		linkhdrsize = LLE_MAX_LINKHDR;
2328 		if (lltable_calc_llheader(ifp, AF_INET6, IF_LLADDR(ifp),
2329 		    linkhdr, &linkhdrsize, &lladdr_off) != 0) {
2330 			NET_EPOCH_CALL(in6_lltable_destroy_lle_unlocked, &lle->lle_epoch_ctx);
2331 			return (NULL);
2332 		}
2333 		lltable_set_entry_addr(ifp, lle, linkhdr, linkhdrsize,
2334 		    lladdr_off);
2335 		lle->la_flags |= LLE_STATIC;
2336 	}
2337 
2338 	if ((lle->la_flags & LLE_STATIC) != 0)
2339 		lle->ln_state = ND6_LLINFO_REACHABLE;
2340 
2341 	return (lle);
2342 }
2343 
2344 static struct llentry *
2345 in6_lltable_lookup(struct lltable *llt, u_int flags,
2346 	const struct sockaddr *l3addr)
2347 {
2348 	const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr;
2349 	struct llentry *lle;
2350 
2351 	IF_AFDATA_LOCK_ASSERT(llt->llt_ifp);
2352 	KASSERT(l3addr->sa_family == AF_INET6,
2353 	    ("sin_family %d", l3addr->sa_family));
2354 	KASSERT((flags & (LLE_UNLOCKED | LLE_EXCLUSIVE)) !=
2355 	    (LLE_UNLOCKED | LLE_EXCLUSIVE),
2356 	    ("wrong lle request flags: %#x", flags));
2357 
2358 	lle = in6_lltable_find_dst(llt, &sin6->sin6_addr);
2359 	if (lle == NULL)
2360 		return (NULL);
2361 	if (flags & LLE_UNLOCKED)
2362 		return (lle);
2363 
2364 	if (flags & LLE_EXCLUSIVE)
2365 		LLE_WLOCK(lle);
2366 	else
2367 		LLE_RLOCK(lle);
2368 
2369 	/*
2370 	 * If the afdata lock is not held, the LLE may have been unlinked while
2371 	 * we were blocked on the LLE lock.  Check for this case.
2372 	 */
2373 	if (__predict_false((lle->la_flags & LLE_LINKED) == 0)) {
2374 		if (flags & LLE_EXCLUSIVE)
2375 			LLE_WUNLOCK(lle);
2376 		else
2377 			LLE_RUNLOCK(lle);
2378 		return (NULL);
2379 	}
2380 	return (lle);
2381 }
2382 
2383 static int
2384 in6_lltable_dump_entry(struct lltable *llt, struct llentry *lle,
2385     struct sysctl_req *wr)
2386 {
2387 	struct ifnet *ifp = llt->llt_ifp;
2388 	/* XXX stack use */
2389 	struct {
2390 		struct rt_msghdr	rtm;
2391 		struct sockaddr_in6	sin6;
2392 		/*
2393 		 * ndp.c assumes that sdl is word aligned
2394 		 */
2395 #ifdef __LP64__
2396 		uint32_t		pad;
2397 #endif
2398 		struct sockaddr_dl	sdl;
2399 	} ndpc;
2400 	struct sockaddr_dl *sdl;
2401 	int error;
2402 
2403 	bzero(&ndpc, sizeof(ndpc));
2404 	/* skip deleted entries */
2405 	if ((lle->la_flags & LLE_DELETED) == LLE_DELETED)
2406 		return (0);
2407 	/* Skip if jailed and not a valid IP of the prison. */
2408 	lltable_fill_sa_entry(lle, (struct sockaddr *)&ndpc.sin6);
2409 	if (prison_if(wr->td->td_ucred, (struct sockaddr *)&ndpc.sin6) != 0)
2410 		return (0);
2411 	/*
2412 	 * produce a msg made of:
2413 	 *  struct rt_msghdr;
2414 	 *  struct sockaddr_in6 (IPv6)
2415 	 *  struct sockaddr_dl;
2416 	 */
2417 	ndpc.rtm.rtm_msglen = sizeof(ndpc);
2418 	ndpc.rtm.rtm_version = RTM_VERSION;
2419 	ndpc.rtm.rtm_type = RTM_GET;
2420 	ndpc.rtm.rtm_flags = RTF_UP;
2421 	ndpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY;
2422 	sa6_recoverscope(&ndpc.sin6);
2423 
2424 	/* publish */
2425 	if (lle->la_flags & LLE_PUB)
2426 		ndpc.rtm.rtm_flags |= RTF_ANNOUNCE;
2427 
2428 	sdl = &ndpc.sdl;
2429 	sdl->sdl_family = AF_LINK;
2430 	sdl->sdl_len = sizeof(*sdl);
2431 	sdl->sdl_index = ifp->if_index;
2432 	sdl->sdl_type = ifp->if_type;
2433 	if ((lle->la_flags & LLE_VALID) == LLE_VALID) {
2434 		sdl->sdl_alen = ifp->if_addrlen;
2435 		bcopy(lle->ll_addr, LLADDR(sdl), ifp->if_addrlen);
2436 	} else {
2437 		sdl->sdl_alen = 0;
2438 		bzero(LLADDR(sdl), ifp->if_addrlen);
2439 	}
2440 	if (lle->la_expire != 0)
2441 		ndpc.rtm.rtm_rmx.rmx_expire = lle->la_expire +
2442 		    lle->lle_remtime / hz + time_second - time_uptime;
2443 	ndpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA);
2444 	if (lle->la_flags & LLE_STATIC)
2445 		ndpc.rtm.rtm_flags |= RTF_STATIC;
2446 	if (lle->la_flags & LLE_IFADDR)
2447 		ndpc.rtm.rtm_flags |= RTF_PINNED;
2448 	if (lle->ln_router != 0)
2449 		ndpc.rtm.rtm_flags |= RTF_GATEWAY;
2450 	ndpc.rtm.rtm_rmx.rmx_pksent = lle->la_asked;
2451 	/* Store state in rmx_weight value */
2452 	ndpc.rtm.rtm_rmx.rmx_state = lle->ln_state;
2453 	ndpc.rtm.rtm_index = ifp->if_index;
2454 	error = SYSCTL_OUT(wr, &ndpc, sizeof(ndpc));
2455 
2456 	return (error);
2457 }
2458 
2459 static struct lltable *
2460 in6_lltattach(struct ifnet *ifp)
2461 {
2462 	struct lltable *llt;
2463 
2464 	llt = lltable_allocate_htbl(IN6_LLTBL_DEFAULT_HSIZE);
2465 	llt->llt_af = AF_INET6;
2466 	llt->llt_ifp = ifp;
2467 
2468 	llt->llt_lookup = in6_lltable_lookup;
2469 	llt->llt_alloc_entry = in6_lltable_alloc;
2470 	llt->llt_delete_entry = in6_lltable_delete_entry;
2471 	llt->llt_dump_entry = in6_lltable_dump_entry;
2472 	llt->llt_hash = in6_lltable_hash;
2473 	llt->llt_fill_sa_entry = in6_lltable_fill_sa_entry;
2474 	llt->llt_free_entry = in6_lltable_free_entry;
2475 	llt->llt_match_prefix = in6_lltable_match_prefix;
2476 	llt->llt_mark_used = in6_lltable_mark_used;
2477  	lltable_link(llt);
2478 
2479 	return (llt);
2480 }
2481 
2482 void *
2483 in6_domifattach(struct ifnet *ifp)
2484 {
2485 	struct in6_ifextra *ext;
2486 
2487 	/* There are not IPv6-capable interfaces. */
2488 	switch (ifp->if_type) {
2489 	case IFT_PFLOG:
2490 	case IFT_PFSYNC:
2491 	case IFT_USB:
2492 		return (NULL);
2493 	}
2494 	ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK);
2495 	bzero(ext, sizeof(*ext));
2496 
2497 	ext->in6_ifstat = malloc(sizeof(counter_u64_t) *
2498 	    sizeof(struct in6_ifstat) / sizeof(uint64_t), M_IFADDR, M_WAITOK);
2499 	COUNTER_ARRAY_ALLOC(ext->in6_ifstat,
2500 	    sizeof(struct in6_ifstat) / sizeof(uint64_t), M_WAITOK);
2501 
2502 	ext->icmp6_ifstat = malloc(sizeof(counter_u64_t) *
2503 	    sizeof(struct icmp6_ifstat) / sizeof(uint64_t), M_IFADDR,
2504 	    M_WAITOK);
2505 	COUNTER_ARRAY_ALLOC(ext->icmp6_ifstat,
2506 	    sizeof(struct icmp6_ifstat) / sizeof(uint64_t), M_WAITOK);
2507 
2508 	ext->nd_ifinfo = nd6_ifattach(ifp);
2509 	ext->scope6_id = scope6_ifattach(ifp);
2510 	ext->lltable = in6_lltattach(ifp);
2511 
2512 	ext->mld_ifinfo = mld_domifattach(ifp);
2513 
2514 	return ext;
2515 }
2516 
2517 int
2518 in6_domifmtu(struct ifnet *ifp)
2519 {
2520 	if (ifp->if_afdata[AF_INET6] == NULL)
2521 		return ifp->if_mtu;
2522 
2523 	return (IN6_LINKMTU(ifp));
2524 }
2525 
2526 void
2527 in6_domifdetach(struct ifnet *ifp, void *aux)
2528 {
2529 	struct in6_ifextra *ext = (struct in6_ifextra *)aux;
2530 
2531 	mld_domifdetach(ifp);
2532 	scope6_ifdetach(ext->scope6_id);
2533 	nd6_ifdetach(ifp, ext->nd_ifinfo);
2534 	lltable_free(ext->lltable);
2535 	COUNTER_ARRAY_FREE(ext->in6_ifstat,
2536 	    sizeof(struct in6_ifstat) / sizeof(uint64_t));
2537 	free(ext->in6_ifstat, M_IFADDR);
2538 	COUNTER_ARRAY_FREE(ext->icmp6_ifstat,
2539 	    sizeof(struct icmp6_ifstat) / sizeof(uint64_t));
2540 	free(ext->icmp6_ifstat, M_IFADDR);
2541 	free(ext, M_IFADDR);
2542 }
2543 
2544 /*
2545  * Convert sockaddr_in6 to sockaddr_in.  Original sockaddr_in6 must be
2546  * v4 mapped addr or v4 compat addr
2547  */
2548 void
2549 in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
2550 {
2551 
2552 	bzero(sin, sizeof(*sin));
2553 	sin->sin_len = sizeof(struct sockaddr_in);
2554 	sin->sin_family = AF_INET;
2555 	sin->sin_port = sin6->sin6_port;
2556 	sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3];
2557 }
2558 
2559 /* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */
2560 void
2561 in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
2562 {
2563 	bzero(sin6, sizeof(*sin6));
2564 	sin6->sin6_len = sizeof(struct sockaddr_in6);
2565 	sin6->sin6_family = AF_INET6;
2566 	sin6->sin6_port = sin->sin_port;
2567 	sin6->sin6_addr.s6_addr32[0] = 0;
2568 	sin6->sin6_addr.s6_addr32[1] = 0;
2569 	sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP;
2570 	sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr;
2571 }
2572 
2573 /* Convert sockaddr_in6 into sockaddr_in. */
2574 void
2575 in6_sin6_2_sin_in_sock(struct sockaddr *nam)
2576 {
2577 	struct sockaddr_in *sin_p;
2578 	struct sockaddr_in6 sin6;
2579 
2580 	/*
2581 	 * Save original sockaddr_in6 addr and convert it
2582 	 * to sockaddr_in.
2583 	 */
2584 	sin6 = *(struct sockaddr_in6 *)nam;
2585 	sin_p = (struct sockaddr_in *)nam;
2586 	in6_sin6_2_sin(sin_p, &sin6);
2587 }
2588 
2589 /* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */
2590 void
2591 in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam)
2592 {
2593 	struct sockaddr_in *sin_p;
2594 	struct sockaddr_in6 *sin6_p;
2595 
2596 	sin6_p = malloc(sizeof *sin6_p, M_SONAME, M_WAITOK);
2597 	sin_p = (struct sockaddr_in *)*nam;
2598 	in6_sin_2_v4mapsin6(sin_p, sin6_p);
2599 	free(*nam, M_SONAME);
2600 	*nam = (struct sockaddr *)sin6_p;
2601 }
2602